From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- net-misc/stunnel/files/stunnel.conf | 61 +++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 net-misc/stunnel/files/stunnel.conf (limited to 'net-misc/stunnel/files/stunnel.conf') diff --git a/net-misc/stunnel/files/stunnel.conf b/net-misc/stunnel/files/stunnel.conf new file mode 100644 index 000000000000..547ee963e4d1 --- /dev/null +++ b/net-misc/stunnel/files/stunnel.conf @@ -0,0 +1,61 @@ +# Sample stunnel configuration file by Michal Trojnara 2002-2005 +# Some options used here may not be adequate for your particular configuration +# Please make sure you understand them (especially the effect of chroot jail) + +# Certificate/key is needed in server mode and optional in client mode +# cert = /etc/stunnel/stunnel.pem +# key = /etc/stunnel/stunnel.pem + +# Some security enhancements for UNIX systems - comment them out on Win32 +# chroot = /chroot/stunnel/ +setuid = stunnel +setgid = stunnel +# PID is created inside chroot jail +pid = /run/stunnel/stunnel.pid + +# Some performance tunings +socket = l:TCP_NODELAY=1 +socket = r:TCP_NODELAY=1 +#compression = rle + +# Workaround for Eudora bug +#options = DONT_INSERT_EMPTY_FRAGMENTS + +# Authentication stuff +#verify = 2 +# Don't forget to c_rehash CApath +# CApath is located inside chroot jail: +#CApath = /certs +# It's often easier to use CAfile: +#CAfile = /etc/stunnel/certs.pem +# Don't forget to c_rehash CRLpath +# CRLpath is located inside chroot jail: +#CRLpath = /crls +# Alternatively you can use CRLfile: +#CRLfile = /etc/stunnel/crls.pem + +# Some debugging stuff useful for troubleshooting +#debug = 7 +#output = stunnel.log + +# Use it for client mode +#client = yes + +# Service-level configuration + +#[pop3s] +#accept = 995 +#connect = 110 + +#[imaps] +#accept = 993 +#connect = 143 + +#[ssmtp] +#accept = 465 +#connect = 25 + +#[https] +#accept = 443 +#connect = 80 +#TIMEOUTclose = 0 -- cgit v1.2.3