Fast port forwarding tool in Linux-rinetd

These two days and colleagues to discuss the issue of the time to know a very useful NAT tool-RINETD, it is implemented by c a short, practical NTA forwarding tool, its official website is in: http://www.boutell.com/rinetd/

[Email protected] src]# wget http://www.boutell.com/rinetd/http/rinetd.tar.gz [[email protected] src]# TAR-ZXVF rinetd . tar.gz [[email protected] src]# CD rinetd [[email protected] rinetd]# vim makefile# modified Makefile cflags=-dlinux-grinetd:r  INETD.O match.o gcc rinetd.o match.o-o rinetdinstall:rinetd install-m-Rinetd/usr/sbin Install -M 644 RINETD.8/USR/LOCAL/SHARE/MAN/MAN8 [[email protected] rinetd]# make && make install

So rinetd installed, and it is very simple to specify a configuration file, typically placed in/etc/rinetd.conf using the-c parameter to specify the configuration file, rinetd is dependent on the configuration file work

[[email protected] rinetd]# rinetd --helpusage:  rinetd [option]  -c, --conf-file file   read configuration  from FILE  -h, --help              display this help  -v, --version           display version numberMost options are controlled  THROUGH THECONFIGURATION FILE. SEE THE RINETD (8) manpage for more  Information. 

More parameter options can be see man rinetd here do not do too much explanation, the use of rinetd can achieve fast and efficient port forwarding, to give a simple example, in the three layer switch 2 vlan:192.168.1.0/24, 192.168.2.0/ 24, 2 VLAN inter-network is interoperability but 192.168.1.0/24 did not do any of the policy route, only the intranet and 192.168.1.0/24 outside there is a public network IP to do the internal server NAT port mapping, that is, the DZM zone, The external need to access the internal 192.168.2.0/24 on a host of related resources, at this time need to do the appropriate port forwarding, The 192.168.2.22 and 192.168.1.240,2 hosts in the 2 VLANs are forwarded using RINETD to add a line of configuration to the/etc/rinetd.conf file on the 192.168.2.22 host:

0.0.0.0 192.168.1.240 80#source_address source_port destination_address destination_port

Of course, the same is true with iptables NAT table forwarding, the NAT table is as follows:

*nat:prerouting Accept [0:0]:P ostrouting Accept [3:226]:output Accept [3:226]-a prerouting-d 192.168.2.22/32-p tcp-m TC  P--dport 80-j DNAT--to-destination 192.168.1.240:80-a postrouting-d 192.168.1.240/32-p tcp-m tcp--dport 80-j SNAT --to-source 192.168.2.22 COMMIT

The two are equivalent, so visible rinetd tools in the actual production environment is very efficient, here to pay attention to two points: first, whether the use of rinetd or iptables NAT table all need to turn on the core IP address forwarding function, that is NET.IPV4.IP_ forward = 1; the other is to open the corresponding port in the filter table, if it is to use iptables NAT table to forward also open the forward chain for forwarding

This article from "Technical essay" blog, declined reprint!

Fast port forwarding tool in Linux-rinetd