Using RINETD for port forwarding under Linux

Linux lower port forwarding is generally implemented using iptables, and using Iptables can easily forward TCP and UDP ports from the firewall to the internal host. However, if you need to forward traffic from a private address to a machine that is not on your current network, you can try another application-tier port redirector, rinetd. RINETD is short and efficient, and is much simpler to configure than iptables.

RINETD is a tool for redirecting Transmission Control Protocol (TCP) connections in a UNIX and Linux operating system. RINETD is a single-process server that handles any number of connections to the address/port pairs specified in the configuration file etc/rinetd. Although RINETD uses a non-latching I/O operation as a single process, it may redirect many connections without adding additional burden to the machine.

Installation

• Install via Package

Centos

The official source does not have rinetd, so you need to install the three-party source first.

Configure a three-party source

32-bit system

$ vim/etc/yum.repos.d/nux-misc.repo[nux-misc]name=nux miscbaseurl=http://li.nux.ro/download/nux/misc/el6/i386/ enabled=0gpgcheck=1gpgkey=http://li.nux.ro/download/nux/rpm-gpg-key-nux.ro

64-bit system

$ vim/etc/yum.repos.d/nux-misc.repo:[nux-misc]name=nux miscbaseurl=http://li.nux.ro/download/nux/misc/el6/x86_64 /enabled=0gpgcheck=1gpgkey=http://li.nux.ro/download/nux/rpm-gpg-key-nux.ro

Installing RINETD

$ yum--enablerepo=nux-misc Install rinetd

Ubuntu

$ apt-get Install rinetd

• Compiling the installation

$ wget http://www.boutell.com/rinetd/http/rinetd.tar.gz$ mkdir-p/usr/man/man8 #默认会把man文件放么/usr/man/man8 below, If there is no such directory will be reported currently does not exist, but does not affect the use. $ make && make install

Configuration

Configure the port forwarding configuration file in the/etc/rinetd.conf

Configuration file format

[bindaddress] [bindport] [connectaddress] [connectport] Bound address      bound port    address of the connection        connected port [source address] [source port] [ Destination address] [destination port] Source Address               Source port           Destination address                  Destination Port 

Specify each port that you want to forward in each individual row. Both the source address and destination address can be host names or IP addresses, and IP address 0.0.0.0 binds rinetd to any available local IP address. For example:0.0.0.0 8080 www.hi-linux.com 80

Configuration rules

$ vim/etc/rinetd.conf0.0.0.0 8080 172.19.94.3 80800.0.0.0 2222 192.168.0.103 33891.2.3.4 80allow 192.168.0.10 *.*.*.*l Ogfile/var/log/rinetd.log

Description

0.0.0.0 means the native binding of all available addresses
allow set allowed IP address information to be accessed, *.*.*.* represents all IP addresses
logfil set the location of the printed log

Run

• Start rinetd

Script Start

$/etc/init.d/rinetd Start

Manual start

Compile-and-install does not bring your own script

$/usr/sbin/rinetd-c/etc/rinetd.conf

• Close rinetd

Script Close

$/etc/init.d/rinetd Stop

Manual shutdown

Compile-and-install does not bring your own script

$ pkill rinetd

• Precautions

The native port bound in the 1.rinetd.conf must not be occupied by another program
2. The system firewall running rinetd should open the bound native port
3. FTP-not-supported jumps

Reference documents

https://www.douban.com/note/527117358/
http://pvbutler.blog.51cto.com/7662323/1621753
http://blog.csdn.net/wang7dao/article/details/8498530

This article from the "Black Wind Village Two Masters" blog, please be sure to keep this source http://feirenraoyuan.blog.51cto.com/782718/1784600

Using RINETD for port forwarding under Linux