Friday, November 27, 2009

Rinetd, redirector

This program seems to be loosing some of its buzz but still noteworthy in my opinion. Its not complex program to use or learn. Its main role/function is to redirect TCP connections from one IP address and port to another. It is able to handle any number of connections to address/port pairs specified in its config file, located at /etc/rinetd.conf. Rinetd does not redirect ftp because FTP requires more than one socket.

Typical Forwarding rule in rinetd.conf:
[Syntax]
bindaddress bindport connectaddress connectport

For example:

201.21.21.21 80 10.0.0.2 80

Would redirect all connections to port 80 of the Public IP address 201.21.21.21 to port 80 of the address 10.0.0.2, which would typically be an mahine on the inside of a firewall which has no direct routing to the outside world. This method only responds on the indivual interface connected to the outside(ethernet card connected to the modem). If this server has multiple interfaces, sometimes its preferable to respond on all of them.

0.0.0.0 80 10.0.0.2 80

Would redirect all connections to port 80 for all ip addresses assigned to the server

You can also allow and deny specific clients or clients in a subnet from using the redirector. The '?' wildcard can be used to match any one character while '*' wildcard can match any number of characters, including zero.

allow 201.21.21.21 // allow one specifc addres
allow 201.21.21.11? // allow range of address matchin 201.21.21.110-119
allow 201.21.21.* // allow IP addresses for class C domain, 201.21.21.0 -255

After you have customized your config file, to run the server run:

# rinetd

If you have a few custom config files you can specify which one to use.

# rinetd -c /etc/my_custom_config.conf

It might be useful to have logs and by default rined doesn't produce any. To activate logging, add the following line to the configuration file:

logfile logfile_location

example:

logfile /var/log/rinetd.log

By default, rinetd logs in a simple tab-delimited format containing the following information:
Date and time
Client address
Listening host
Listening port
Forwarded-to host
Forwarded-to port
Bytes received from client
Bytes sent to client
Result message

No comments:

Post a Comment