Jump to content



Photo

Forwarding Arbitrary TCP Connections with rinetd

tutorial rinetd forward arbitrary tcp connections

  • Please log in to reply
No replies to this topic

#1 Joseph

Joseph

    Advanced Member

  • Administrators
  • 46 posts
  • LocationPhilippines

Posted 05 August 2014 - 05:22 PM

Original Poster: alidoom2010

 

Hello every body,
this is my first tutorials post smile.png
In the past we've examined the use of firewall rules for forwarding incoming connections from one machine to another. But there is a simpler approach using the RINETD package. Read on to learn about this tool.

1. You may install this package via:

# apt-get update
# apt-get install rinetd

Once installed you'll find a configuration file located at /etc/rinetd.conf . This file is used to tell the deamon which ports it should listen for connections upon, and what it should do when they arrive.


By default no ports are configured for forwarding, and so the file will consist entirely of comments. A default configuration file would look something like this, to give you an idea of the configuration:


#
# forwarding rules come here
#
# you may specify allow and deny rules after a specific forwarding rule
# to apply to only that forwarding rule
#
# bindadress    bindport  connectaddress  connectport
 
 
 
 
# logging information
logfile /var/log/rinetd.log
 
 
# uncomment the following line if you want web-server style logfile format
# logcommon

*
To demonstrate how the forwarding is configured and used we'll make a simple example. Assume that you have a machine with the IP address 1.2.3.4 which has been running Apache, and that you'd like to move that to the IP address 4.3.2.1..

2. You've already updated DNS to point visitors to the new IP address, but you want to ensure that people connecting to the old IP still continue to receive service.


To handle this case you should update the /etc/rinetd.conf file to read:


# bindadress    bindport  connectaddress  connectport
1.2.3.4         80        4.3.2.1         80
1.2.3.4         443       4.3.2.1         443

3. Once you restart RINETD all incoming connections on port 80 and 443 will be seamlessly redirected from the old IP to the new one - although you will need to restart rinetd after making the change to your configuration file:


# /etc/init.d/rinetd restart

finish smile.png
 

  • RINETD is a very small, stable, and simple program, and you might find it simpler to understand than the matching generic iptables TCP proxy solution.
  • The only downside to using RINETD is that there is no support for UDP connections, and no support for redirecting FTP access - because of the complex nature of FTP.

thanks smile.png

*Note: There are more details about allowed options in the manpage which you may view by running "man rinetd".







Also tagged with one or more of these keywords: tutorial, rinetd, forward, arbitrary, tcp, connections

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users