When it comes to redirecting TCP traffic, rinetd is a pretty old-school, frequently overlooked, simple and very efficient way to go. rinetd is an application layer port forwarder which, unfortunately, only supports the TCP protocol and not UDP. It is somehow similar to the once popular super-server daemons such as inetd, xinetd and rlinetd but it is simpler and best suited for redirecting TCP connections.

The settings of the rinetd daemon are by default stored in the /etc/rinetd.conf file and they follow a pretty intuitive syntax:

# bindaddress bindport connectaddress connectport 192.168.32.1 22 10.0.0.1 2222

The above configuration line would obviously forward all TCP traffic destined for port 22 on the 192.168.32.1 local IP address to port 2222 on the remote 10.0.0.1 IP address. If you use 0.0.0.0 as the bindaddress, this would redirect connections headed to any local IP address.

rinetd is also capable of logging redirected connections. The log file is specified in the configuration file with the following option:

# logging information logfile /var/log/rinetd.log

For the sake of testing, I placed the following line in the /etc/rinetd.conf configuration file:

0.0.0.0 25 smtp.gmail.com 25

Then, I restarted the service and tried to establish a connection to my local port 25:

[email protected]:~$ sudo /etc/init.d/rinetd restart Stopping internet redirection server: rinetd. Starting internet redirection server: rinetd. [email protected]:~$ telnet localhost 25 Trying ::1... Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 mx.google.com ESMTP t7sm47101974eel.14 ^] telnet> quit Connection closed. [email protected]:~$ tail /var/log/rinetd.log 05/Nov/2012:12:23:40 127.0.0.1 0.0.0.0 25 smtp.gmail.com 25 0 44 done-remote-closed

As can be seen, my connection was redirected to Google’s SMTP server and the redirection was logged into the rinetd log file.