Tonight I encountered this problem when starting stunnel:
2008.10.17 02:46:02 LOG7[43534:134656000]: Private key loaded 2008.10.17 02:46:02 LOG7[43534:134656000]: SSL context initialized for service 6000 2008.10.17 02:46:02 LOG5[43534:134656000]: stunnel 4.25 on i386-portbld-freebsd6.3 with OpenSSL 0.9.7e-p1 25 Oct 2004 2008.10.17 02:46:02 LOG5[43534:134656000]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP 2008.10.17 02:46:02 LOG6[43534:134656000]: file ulimit = 11095 (can be changed with 'ulimit -n') 2008.10.17 02:46:02 LOG6[43534:134656000]: poll() used - no FD_SETSIZE limit for file descriptors 2008.10.17 02:46:02 LOG5[43534:134656000]: 5417 clients allowed 2008.10.17 02:46:02 LOG7[43534:134656000]: FD 5 in non-blocking mode 2008.10.17 02:46:02 LOG7[43534:134656000]: FD 6 in non-blocking mode 2008.10.17 02:46:02 LOG3[43534:134656000]: local socket: Protocol not supported (43)
And stunnel would not run. I found one hint in the FreeBSD mailing list archives.
Oddly enough, this machine is running FreeBSD 6.3-STABLE and the post above involves 6.2. Perhaps something in common.
I added this entry to my kernel.
options INET6 # added to fix stunnel problem: "local socket: Protocol not supported"
It is compiling now.
WORKS FOR ME!
Actually, there are a couple less drastic solutions than enabling IPV6 in your kernel.
If you are referencing “localhost” in your stunnel.conf, change it to “127.0.0.1”. Alternatively (or in addition), remove or comment out the “::1” line in /etc/hosts.
Don’t get me wrong, IPV6 is a good thing. But if you’re not going to use it, I think it’s a good idea to build your kernel without support so you don’t have to worry about details like an ipfw config for IPV6.
Thanks Craig.
FWIW, I stopped using stunnel. I am now doing these things through a VPN (using OpenVPN).