Skip to content

verbose-connections config option is ignored by sslh-select and sslh-ev #514

New issue
New issue
Open
Open
verbose-connections config option is ignored by sslh-select and sslh-ev#514
@shadowlmd

Description

@shadowlmd
shadowlmd
opened on Dec 21, 2025

I have verbose-connections defined to 1 in config file, but the relevant messages are not printed to stdout when using sslh-select or sslh-ev binaries, it only works with sslh-fork.

In addition, both sslh-select and sslh-ev print a lot of debug stuff that should not be printed according to my configuration, for example:

Dec 21 18:31:19 vpscr sslh-ev[7089]: Proto tls -1: 0/0 cnx
Dec 21 18:31:19 vpscr sslh-ev[7089]: Endpoint 3 -1: 0/0 cnx
Dec 21 18:31:33 vpscr sslh-ev[7089]: tls: lost incoming connection
Dec 21 18:31:37 vpscr sslh-ev[7089]: tls: lost incoming connection
Dec 21 18:31:37 vpscr sslh-ev[7089]: Proto tls -1: 1/0 cnx
Dec 21 18:31:37 vpscr sslh-ev[7089]: Endpoint 3 -1: 1/0 cnx
Dec 21 18:31:48 vpscr sslh-ev[7089]: Proto tls -1: 0/0 cnx
Dec 21 18:31:48 vpscr sslh-ev[7089]: Endpoint 3 -1: 0/0 cnx

My config file:

verbose-config: 0; #  print configuration at startup
verbose-config-error: 1;  # print configuration errors
verbose-connections: 1; # trace established incoming address to forward address
verbose-connections-error: 1; # connection errors
verbose-connections-try: 0; # connection attempts towards targets
verbose-fd: 0; # file descriptor activity, open/close/whatnot
verbose-packets: 0; # hexdump packets on which probing is done
verbose-probe-info: 0; # what's happening during the probe process
verbose-probe-error: 0; # failures and problems during probing
verbose-system-error: 0; # system call problem, i.e.  malloc, fork, failing
verbose-int-error: 0; # internal errors, the kind that should never happen

Systemd unit:

[Unit]
Description=SSL/SSH multiplexer
After=network.target

[Service]
ExecStart=/opt/sslh/sbin/sslh-ev --foreground --config=/opt/sslh/etc/sslh.cfg
KillMode=process
PrivateTmp=true
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
SecureBits=noroot-locked
ProtectSystem=strict
ProtectHome=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectControlGroups=true
MountFlags=private
NoNewPrivileges=true
PrivateDevices=true
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
MemoryDenyWriteExecute=true
DynamicUser=true
Restart=always

[Install]
WantedBy=multi-user.target

I build sslh from master branch.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions