mac下安装配置stunnel - Lidong's site 李东的博客

mac下安装配置stunnel

在mac下使用代理翻墙,就必须要在mac下配置stunnel,现在就来简单说说要怎么配置

使用如下命令安装:

> brew install stunnel
==> Downloading ftp://ftp.stunnel.org/stunnel/archive/4.x/stunnel-4.56.tar.gz
Already downloaded: /Library/Caches/Homebrew/stunnel-4.56.tar.gz
==> Patching
patching file tools/stunnel.cnf
==> ./configure --disable-libwrap --prefix=/usr/local/Cellar/stunnel/4.56 --sysc
==> make install
==> Caveats
A bogus SSL server certificate has been installed to:
  /usr/local/etc/stunnel/stunnel.pem

This certificate will be used by default unless a config file says otherwise!

In your stunnel configuration, specify a SSL certificate with
the "cert =" option for each service.
Warning: Could not link stunnel. Unlinking...
Error: The `brew link` step did not complete successfully
The formula built, but is not symlinked into /usr/local
You can try again using `brew link stunnel'

Possible conflicting files are:
/usr/local/share/man/man8/stunnel.pl.8
/usr/local/share/man/man8/stunnel.fr.8
/usr/local/share/man/man8/stunnel.8
/usr/local/share/doc/stunnel/TODO
/usr/local/share/doc/stunnel/stunnel.pl.html
/usr/local/share/doc/stunnel/stunnel.html
/usr/local/share/doc/stunnel/stunnel.fr.html
/usr/local/share/doc/stunnel/README
/usr/local/share/doc/stunnel/PORTS
/usr/local/share/doc/stunnel/INSTALL.WCE
/usr/local/share/doc/stunnel/INSTALL.W32
/usr/local/share/doc/stunnel/INSTALL.FIPS
/usr/local/share/doc/stunnel/INSTALL
/usr/local/share/doc/stunnel/examples/stunnel.spec
/usr/local/share/doc/stunnel/examples/stunnel.service
/usr/local/share/doc/stunnel/examples/stunnel.init
/usr/local/share/doc/stunnel/examples/script.sh
/usr/local/share/doc/stunnel/examples/importCA.sh
/usr/local/share/doc/stunnel/examples/importCA.html
/usr/local/share/doc/stunnel/examples/ca.pl
/usr/local/share/doc/stunnel/examples/ca.html
/usr/local/share/doc/stunnel/CREDITS
/usr/local/share/doc/stunnel/COPYRIGHT.GPL
/usr/local/share/doc/stunnel/COPYING
/usr/local/share/doc/stunnel/ChangeLog
/usr/local/share/doc/stunnel/BUGS
/usr/local/share/doc/stunnel/AUTHORS
/usr/local/lib/stunnel/libstunnel.dylib
==> Summary
/usr/local/Cellar/stunnel/4.56: 37 files, 596K, built in 10 seconds 

根据提示执行下面的命令:

> brew link stunnel
Linking /usr/local/Cellar/stunnel/4.56... Warning: Could not link stunnel. Unlinking...

Error: Could not symlink file: /usr/local/Cellar/stunnel/4.56/share/man/man8/stunnel.pl.8
Target /usr/local/share/man/man8/stunnel.pl.8 already exists. You may need to delete it.
To force the link and overwrite all other conflicting files, do:
  brew link --overwrite formula_name

To list all files that would be deleted:
  brew link --overwrite --dry-run formula_name

继续执行下面的命令:

> brew link --overwrite stunnel
Linking /usr/local/Cellar/stunnel/4.56... Warning: Could not link stunnel. Unlinking...

Error: Permission denied - /usr/local/share/doc/stunnel/TODO

提示权限错误,我们手动删除需要删除的文件

brew link --overwrite --dry-run stunnel | xargs sudo rm

然后继续执行:

> brew link stunnel
Linking /usr/local/Cellar/stunnel/4.56... Warning: Could not link stunnel. Unlinking...

Error: Could not symlink file: /usr/local/Cellar/stunnel/4.56/share/doc/stunnel/TODO
/usr/local/share/doc/stunnel is not writable. You should change its permissions.

如果出现类似 is not writeable的错误, 执行:

sudo chown -R mac的用户户名 路径

再次执行:

> brew link stunnel
Linking /usr/local/Cellar/stunnel/4.56... 23 symlinks created

修改配置文件:

> vim /usr/local/etc/stunnel/stunnel.conf

内容如下:

pid = /usr/local/etc/stunnel/stunnel.pid
output = /usr/local/etc/stunnel/stunnel.log

compression = zlib
sslVersion = all

options = NO_SSLv2
options = DONT_INSERT_EMPTY_FRAGMENTS

client = yes

[openvpn]
accept = 127.0.0.1:本机要代理的端口
connect = vps的地址:squid配置的端口号

启动stunnel:

sudo stunnel

关闭stunnel:

> ps aux | grep stunnel | grep root | awk '{print $2}'| xargs sudo kill -9

或者:

> cat /usr/local/etc/stunnel/stunnel.pid | xargs sudo kill -9

--EOF--

COMMENTS(1)

  • ttttttitux

    Aug 13 2015

    也可以直接从OpenSSL和stunnel官网分别下载源码用终端configure,make,make install

LEAVE A COMMENT

Name:*

E-Mail:*

Website:

Message:*

Required fields are marked *

Post Comment