stunnel + tracd external network connection problems

I’m setting up tracd + stunnel on my suse 11.1 machine. Everything works perfectly if I connect from different machines with the same last 2 suffixes in the domain name as the server. But when I try to connect
from a machine with a completely different domain name (from home) it never loads the page. stunnel is using port 8993 which forwards locally to port 8992.

when I try on the server: netstat
tcp 0 0* LISTEN 3645/stunnel

and iptables:

ACCEPT tcp – anywhere anywhere tcp dpt:8993

and when I do netcat on another machine in the same network it sees the port: 8993 (?) open

but when I try netcat from home Connection always times out 8993 port, It works for port 22 from home.

I’ve tried disabling the firewall and removing
everything in hosts.deny so that anything can connect but still the same problem. I also added the port to the firewall and that does not work. The ports are not on the block list from the isp that I can tell. I’m stumped what to try next. I don’t use a router for the server and it’s not wireless.


Unfortunately my first suspicion from that evidence is that your ISP is blocking that port, maybe to discourage P2P.

Why not use a ssh tunnel?

ssh -L 8993:localhost:8993 theotherbox

Then you can connect to localhost:8993 and this is like connecting to 8993 on theotherbox.

I’m not sure what you mean, if I use port 22 then I would have to access it using https://<domain>:22/trac

and users would have to unblock that port in firefox since it is by default blocked. I tried other ports like 23 and it sees it as open but trac does not work very well, server reset errors when loading pages. Guess I will have to use apache and see if that works any better. Thanks.

No that’s not what ssh tunneling means. It means ssh is establishing an additional connection for you so that when you connect to localhost 8993, it forwards it to the target machine at localhost 8993 there. It’s a very useful feature of ssh.

But it may not be suitable for you as it requires that you maintain a ssh login while the tunnel is in use.

Here’s an explanation page:

SSH: Tunneling Explained

I finally got it to work, I had to change the stunnel port to 80, I also compiled trac from svn since the current rpm for suse 11.1 is not compatible with python 2.6 (11.3 released is compatible so hopefully a rpm is coming).

The only problem that I’m having now is, for example, when I edit a milestone and then submit the changes, the progress bar just gets stuck at about half way when loading (it will eventually time out with problem loading the page error), but if I click on the roadmap button (before it times out) it reloads the page with my changes just fine. It seems to get stuck refreshing the page. Similar thing happens when I log in, it just hangs on the current page, but if I click on any of the buttons it shows me logged in. So information gets sent but not received back automatically, strange.

Fixed the last problem, missed changing the port in trac’s config file. Everything works perfectly for stunnel+tracd+suse11.1