I am a newbie to the implementation of TLS over TCP.
I am using winsock to send TCP packets to remote syslog server just like the example given here:
https://learn.microsoft.com/en-us/windows/win32/winsock/complete-client-code
Now I want to use TLS over TCP. I have configured rsyslog on my centOs machine(syslog server) according to these steps: https://www.golinuxcloud.com/secure-remote-logging-rsyslog-tls-certificate/
But above link states info about sending logs from one syslog server to another syslog server. I need to send logs from my application [cpp socket programming] to remote syslog server.
Can someone please help me, how should I achieve this? Do I need to store any certificate where my application is running or how should I make TLS over TCP from my application to remote syslog server.
Related
I have a web server running CentOS and a separate mail server running Microsoft Exchange. I have the web server connecting to the mail server via SMTP on port 587 to send emails.
Sometimes the connection to the mail server refuses, but it's rare. Could an intermittent failure be related to port settings? I would have thought it's all or nothing.
For the CentOS web server, what rules should I be looking to configure in the iptables if any? Do I need to add an entry for port 587 on this server? Or do I just need to allow incoming connections on the mail server for 587?
Thanks in advance.
You don't need to set up any iptables rules on your webserver, since outgoing connections are allowed by default. Your occasional drops won't have anything to do with the webserver's firewall, so you'll want to look at tuning your Exchange server, if the error is impactful enough to worry about it.
I am trying to route the call from opensips server to freeswitch server. My freeswitch server is actually a container which i have created using 'lxc/lxd' and it is running CentOS.
When I route the call from opensips server to freeswitch server container i got the INVITE requests sip log in 'ngrep' but getting nothing in Freeswitch log as in nothing in fs_cli and my call is failing with the disposition 'SIP 408 - Request Timeout'
I have tried with routing the call from opensips server to other freeswitch server which is actually having a physical ip and not the container server and when I tried that, i am able to get the logs in freeswitch as in fs_cli.
Sip profile parameters auth-calls, auth-all-packets, aggressive-nat-detection set to true, there is no firewall or iptable rule between opensips and freeswitch servers. i can access the osips server from freeswitch server and vice versa.
So, what am i missing here. please suggest me something.
In fs_cli, sofia status will show you on which IP address the SIP profile is bound. Probably it's not the address you're sending invites to.
Your freeswitch server is not listening on the port with interface on
which you are sending. Just check out freeswitch profile on which
port and interface they are listening.
I'm trying to implement an HTTP proxy for learning and debug purpose.
The support of plain HTTP transactions was pretty straightforward to implement and now I'm looking to implement support for SSL/TLS tunnels.
From RFC 7230:
A "tunnel" acts as a blind relay between two connections without
changing the messages. Once active, a tunnel is not considered a party
to the HTTP communication, though the tunnel might have been initiated
by an HTTP request.
It's not very clear whether I shall build the TLS socket from the socket on which the HTTP CONNECT transaction took place. I assume it is the case, since HTTP is stateless, but I just want to be sure.
When a client connects to an HTTP proxy, CONNECT is used to have the proxy establish a persistent TCP connection with the target TCP server. Then the proxy blindly passes data as-is back and forth between the two TCP connections until either the client or server disconnects, then the proxy disconnects the other party. This allows the client to send data to the server and vice versa, such as TLS packets. This is important so the TLS server can verify the client's identity during the TLS handshake.
So, to answer your question - yes, the client must establish a TLS session with the target server using the same TCP socket that it used to issue the CONNECT request on. Once the CONNECT request has succeeded, the client can treat the existing TCP connection as if it had connected to the server directly. The proxy is transparent at that point, neither party needs to care that it is present.
I have to make an app using C/PHP sockets on linux that sends data from one socket to other socket, like this.
I have server (server_hosted) hosted somewhere with an IP or domain name. It is running web application.
I have another server (unknown_server) running at my home (unknown IP).
Client send some information through web application hosted in server_hosted to another server running at my home (unknown IP).
I need a way to established a connection between server_hosted and unknown_server.
I was able to make connection between both using TCP socket. I made server_hosted as server listen to certain port says 8080 and unknown_server as client, which make open connection to server_hosted.
The problem comes when I have multiple unknown_server at my home. How can I made connection to same port? How many client can TCP/IP support?
Any ides how to make tunnel or connection between server_hosted and unknown_server.
Is possible to do with curl or socket any better ideas?
I have chosen QuteCom SIP client for windows to chat.I have installed and configured the account with my public server. My SIP server is kamailio.The connection to the server is not established. The application is connecting to the server for a long time.
Any help is appreciated.
If looks like keep connecting, then I guess the SIP messages don't get to the server.
You can install Wireshark to monitor traffic on windows host on port 5060 (the SIP port) in order to see if SIP messages are sent to the server.
On server, you can install ngrep for the purpose of seeing if traffic from the phone comes there. The command would be like:
ngrep -d any -qt -W byline port 5060
If you don't see traffic coming to the SIP server, then might be a firewall or an ALG between the client and the server, or, a firewall even on client host or server itself.
If it is something in between (not on client host or server), then you should try to use TCP or better TLS.
Note that if you have the firewall on the server, you will see the SIP packets coming on the network, but they will be dropped by the kernel before getting to application layer. Typically on Linux you can see the firewall rules with:
iptables -L
If the SIP packets come to the server, then set debug=3 in kamailio.cfg, restart kamailio and watch the syslog file (e.g., /var/log/syslog or /var/log/messgaes) for kamailio-specific debug messages -- you should get hints of what happens during processing.