Original Poster: alidoom2010
Hello every body,
this is my first tutorials post
In the past we've examined the use of firewall rules for forwarding incoming connections from one machine to another. But there is a simpler approach using the RINETD package. Read on to learn about this tool.
1. You may install this package via:
# apt-get update # apt-get install rinetd
Once installed you'll find a configuration file located at /etc/rinetd.conf . This file is used to tell the deamon which ports it should listen for connections upon, and what it should do when they arrive.
By default no ports are configured for forwarding, and so the file will consist entirely of comments. A default configuration file would look something like this, to give you an idea of the configuration:
# # forwarding rules come here # # you may specify allow and deny rules after a specific forwarding rule # to apply to only that forwarding rule # # bindadress bindport connectaddress connectport # logging information logfile /var/log/rinetd.log # uncomment the following line if you want web-server style logfile format # logcommon
To demonstrate how the forwarding is configured and used we'll make a simple example. Assume that you have a machine with the IP address 220.127.116.11 which has been running Apache, and that you'd like to move that to the IP address 18.104.22.168..
2. You've already updated DNS to point visitors to the new IP address, but you want to ensure that people connecting to the old IP still continue to receive service.
To handle this case you should update the /etc/rinetd.conf file to read:
# bindadress bindport connectaddress connectport 22.214.171.124 80 126.96.36.199 80 188.8.131.52 443 184.108.40.206 443
3. Once you restart RINETD all incoming connections on port 80 and 443 will be seamlessly redirected from the old IP to the new one - although you will need to restart rinetd after making the change to your configuration file:
# /etc/init.d/rinetd restart
- RINETD is a very small, stable, and simple program, and you might find it simpler to understand than the matching generic iptables TCP proxy solution.
- The only downside to using RINETD is that there is no support for UDP connections, and no support for redirecting FTP access - because of the complex nature of FTP.
*Note: There are more details about allowed options in the manpage which you may view by running "man rinetd".