Linux lower port forwarding is generally implemented using iptables, and using Iptables can easily forward TCP and UDP ports from the firewall to the internal host. However, if you need to forward traffic from a private address to a machine that is not on your current network, you can try another application-tier port redirector, rinetd. RINETD is short and efficient, and is much simpler to configure than iptables.
RINETD is a tool for redirecting Transmission Control Protocol (TCP) connections in a UNIX and Linux operating system. RINETD is a single-process server that handles any number of connections to the address/port pairs specified in the configuration file etc/rinetd. Although RINETD uses a non-latching I/O operation as a single process, it may redirect many connections without adding additional burden to the machine.
Installation
Centos
The official source does not have rinetd, so you need to install the three-party source first.
Configure a three-party source
32-bit system
$ vim/etc/yum.repos.d/nux-misc.repo[nux-misc]name=nux miscbaseurl=http://li.nux.ro/download/nux/misc/el6/i386/ enabled=0gpgcheck=1gpgkey=http://li.nux.ro/download/nux/rpm-gpg-key-nux.ro
64-bit system
$ vim/etc/yum.repos.d/nux-misc.repo:[nux-misc]name=nux miscbaseurl=http://li.nux.ro/download/nux/misc/el6/x86_64 /enabled=0gpgcheck=1gpgkey=http://li.nux.ro/download/nux/rpm-gpg-key-nux.ro
Installing RINETD
$ yum--enablerepo=nux-misc Install rinetd
Ubuntu
$ apt-get Install rinetd
$ wget http://www.boutell.com/rinetd/http/rinetd.tar.gz$ mkdir-p/usr/man/man8 #默认会把man文件放么/usr/man/man8 below, If there is no such directory will be reported currently does not exist, but does not affect the use. $ make && make install
Configuration
Configure the port forwarding configuration file in the/etc/rinetd.conf
Configuration file format
[bindaddress] [bindport] [connectaddress] [connectport] Bound address bound port address of the connection connected port [source address] [source port] [ Destination address] [destination port] Source Address Source port Destination address Destination Port
Specify each port that you want to forward in each individual row. Both the source address and destination address can be host names or IP addresses, and IP address 0.0.0.0 binds rinetd to any available local IP address. For example:0.0.0.0 8080 www.hi-linux.com 80
Configuration rules
$ vim/etc/rinetd.conf0.0.0.0 8080 172.19.94.3 80800.0.0.0 2222 192.168.0.103 33891.2.3.4 80allow 192.168.0.10 *.*.*.*l Ogfile/var/log/rinetd.log
Description
0.0.0.0 means the native binding of all available addresses
allow set allowed IP address information to be accessed, *.*.*.*
represents all IP addresses
logfil set the location of the printed log
Run
Script Start
$/etc/init.d/rinetd Start
Manual start
Compile-and-install does not bring your own script
$/usr/sbin/rinetd-c/etc/rinetd.conf
Script Close
$/etc/init.d/rinetd Stop
Manual shutdown
Compile-and-install does not bring your own script
$ pkill rinetd
The native port bound in the 1.rinetd.conf must not be occupied by another program
2. The system firewall running rinetd should open the bound native port
3. FTP-not-supported jumps
Reference documents
https://www.douban.com/note/527117358/
http://pvbutler.blog.51cto.com/7662323/1621753
http://blog.csdn.net/wang7dao/article/details/8498530
This article from the "Black Wind Village Two Masters" blog, please be sure to keep this source http://feirenraoyuan.blog.51cto.com/782718/1784600
Using RINETD for port forwarding under Linux