rejetto forum
Software => HFS ~ HTTP File Server => F.A.Q.s => Topic started by: SilentPliz on February 12, 2009, 12:45:53 AM
-
I managed to displayed the Stunnel log in hfs with:
A file hfs.events:
[connected]
{.add to log|{.load|stunnel.log.}|ClBlue.}
But stunnel.log, can't be destroyed when Stunnel runs, the file grows bigger ...
The macro Delete is impossible ... I am looking if someone has an idea.
This kind of thing also does not work:
Just an example:
{.set|hfslog|{.load|hfslog.txt.}.}
{.set|stunnellog|{.load|stunnel.log.}.}
{.save|hfslog.txt|{.cut|{.length|{.^hfslog.}.}|{sub|{.length|{.^stunnellog.}.}|{.length|hfslog.}.}|{.^stunnellog.}.}.}
-
your purpose is to show only new lines of the file?
-
Short answer.... yes ;D
-
what about this? (untested)
{.set|s|{.load|stunnel.log.}.}
{.set|past|{.load|stunnel.last.}.}
{.save|stunnel.last|{.length|{.^s.}.}.}
{.cut|-{.^past.}||{.^s.}.}
-
i will introduce a new way for {.length|{.^s.}.}
because it is common but absurdly slow for very long text.
from next build you'll be able to use {.var length|s.}
-
what about this? (untested)
Helas No, not better.
I enclose the result after 1 connection.
i will introduce a new way for {.length|{.^s.}.}
because it is common but absurdly slow for very long text.
from next build you'll be able to use {.var length|s.}
Good ! :)
-
ok, try this
{.cut|{.load|stunnel.last.}||{.load|stunnel.log.}.}
{.save|stunnel.last|{.filesize|stunnel.log.}.}
-
EUREKA !
This works perfectly !:
[connected]
{.add to log|{.cut|{.load|stunnel.last.}||{.load|stunnel.log.}.}
{.save|stunnel.last|{.filesize|stunnel.log.}.}|Clblue.}
GRAZIE MILLE ! :)
-
PS: ;)
For those who would get the same thing. (v2.3 since build #239):
1)
- Paste the following section in a file hfs.events that you will put in the folder of hfs.exe:
Script edited 01-18-2010
[connected]
{.set|#log|{.load|stunnel.log|from={.^#stunnel.last.}.}.}
{.set|#stunnel.last|{.filesize|stunnel.log.}.}
{.if|{.^#log.}|{:
{.add to log|.
Stunnel log :
{.^#log.}|Clblue.}
:}.}
[+start]
{.set|#stunnel.last|{.filesize|stunnel.log.}.}[/color]
2)
- In file stunnel.conf of the folder of stunnel.exe , specify the path of HFS where the file stunnel.log will be created.
(Debug = 6 gives a correct result)
; Some debugging stuff useful for troubleshooting
debug = 6
output = C:\path\of\hfs folder\stunnel.log
3)
- Enjoy HFS and Stunnel ! :)
----------------------------------------------------------------------------
Independently, you can add to the section [https] of stunnel.conf, the internal IP of your PC:
[https]
accept = 0.0.0.0:443
connect = 127.0.0.1:44300
local = 192.168.1.6 *
TIMEOUTclose = 0
* IP example
Then you add in HFS:
Menu > Limits > Bans
\127.0.0.1;192.168.1.6
Then in Adress2name:
Name IP Mask
Local 127.0.0.1
Stunnel 192.168.1.6
This will differentiate in the log, the local connections (http), and the distant connections from Stunnel (https).
-
Hi
Can you help and explane about the stunnel log how to get it to work in the hfs.
-
With these links, it will be possible. :)
http://www.rejetto.com/wiki/index.php/HFS:_Secure_your_server
http://www.rejetto.com/forum/index.php?topic=3083.0
http://www.rejetto.com/forum/index.php?topic=5718.0
And read my previous message.
-
Oki thx i take a look at it... Do you have stunnel log on your computer?
-
Yes ... since yesterday ... it's the subject of this topic. ;)
-
where should openssl be in the computer?
-
At the place where you have installed. :D
It only serves to generate an SSL certificate.
-
should the openssl map be in to stunnel map?
i can't find "openssl.exe" the only one i found is "install.com"
-
Everything is explained in the links I have provided earlier.
Take the time to read. ;)
I could not tell you better than what has already been written.
http://www.rejetto.com/wiki/index.php/HFS:_Secure_your_server
If the approach of OpenSSL seems too difficult:
ALTERNATIVE SOLUTION FOR GENERATE AN SSL CERTIFICATE:
A simpler solution is to generate a certificate SSL with a program like Fillezilla server:
http://sourceforge.net/project/showfiles.php?group_id=21558&package_id=21737
Generate it in a file named:
stunnel.pem
-
thank you for this great event script :)
i have a request ;)
is it now possible to obtain ip address of user when using stunnel?
the log will display
11.05.2009 22:14:29 192.168.xxx.3:4196{Stunnel} 2009.05.11 22:14:27 LOG5[2748:3680]: https accepted connection from xxx.xxx.38.8:50205
2009.05.11 22:14:27 LOG5[2748:3680]: https accepted connection from xxx.xxx.38.8:50205
2009.05.11 22:14:27 LOG5[2748:3680]: https connected remote server from 192.168.xxx.3:4196
is it possible to search / cut in the log file for [2748:3680] (i think this is like an ID or time stamp) to get the local ip:port and wan ip:port and match them to assign the wan ip to the %user% ?
it is an idea... don't pinch me ;)
thanks for reply!
-
Today I received a mail from rejetto:
"hi boss.
about this http://www.rejetto.com/forum/index.php?topic=6651.0
now we have global variables, we can improve it.
this for the log line
{.cut|{.^#stunnel.last.}||{.load|stunnel.log.}.}{.set|#stunnel.last|{.filesize|stunnel.log.}.}
and this to start from the last point.
[+start]
{.set|#stunnel.last|{.filesize|stunnel.log.}.}
i will soon introduce a way to partially load a file, so to avoid reloading it as whole every time.
maybe in #239. when it's available you can use this version
{.load|stunnel.log|from={.^#stunnel.last.}.}{.set|#stunnel.last|{.filesize|stunnel.log.}.}"
****************************************************************************************************
This solution work perfectly, I shall therefore update the topic.
For those using an older beta, use the "old" code. [link] (http://www.rejetto.com/forum/index.php?topic=6651.msg1040731#msg1040731)
[UPDATE] STunnel log displayed in HFS (Tested with v2.3 build #242):
1)
- Paste the following sections in a file hfs.events that you will put in the folder of hfs.exe:
Script edited 01-18-2010
[connected]
{.set|#log|{.load|stunnel.log|from={.^#stunnel.last.}.}.}
{.set|#stunnel.last|{.filesize|stunnel.log.}.}
{.if|{.^#log.}|{:
{.add to log|.
Stunnel log :
{.^#log.}|Clblue.}
:}.}
[+start]
{.set|#stunnel.last|{.filesize|stunnel.log.}.}
2)
- In file stunnel.conf of the folder of stunnel.exe, specify the path of HFS where the file stunnel.log will be created.
(Debug = 6 gives a correct result)
; Some debugging stuff useful for troubleshooting
debug = 6
output = C:\path\of\hfs folder\stunnel.log
3)
- Enjoy HFS and Stunnel ! :)
----------------------------------------------------------------------------
Independently, you can add to the section [https] of stunnel.conf, the internal IP of your PC:
[https]
accept = 0.0.0.0:443
connect = 127.0.0.1:44300
local = 192.168.1.6 *
TIMEOUTclose = 0
* IP example
Then you add in HFS:
Menu > Limits > Bans
\127.0.0.1;192.168.1.6
Then in Adress2name:
Name IP Mask
Local 127.0.0.1
Stunnel 192.168.1.6
This will differentiate in the log of HFS, the local connections (http), and the distant connections from Stunnel (https).
-
Well done !
Now, that's perfect !
Also, perhaps you could explain the ban rule, or at least what is representing 192.168.1.3, and the fact that in this case, only localhost and 192.168.1.3 could access the HFS site directly (via http).
-
This is an english forum. Can somebody (silentplz, avva) translate the last 3 posts to english? Thanks.
-
Sorry dear Guest!
The Operator has censored himself, I deleted the posts in french language.
These were comments about my topic, which were easier to clarify in our common language.
The translation is therefore unnecessary.
-
This is an english forum. Can somebody (silentplz, avva) translate the last 3 posts to english? Thanks.
Me, I like it, that allows to familiarize us with the other languages.
In other, it is not a forum specially dedicated to the English language, I believe to remember that rejetto practise Italian marvelously (the Italian women also moreover :D).
Mark14? ??? Mmmmmmh! I indeed have the impression to recognize the voice of maverick behind this pseudo, I make a mistake or you are unmasked?
MAveRicK14
:D :D