Redirecting incoming tcp connections with redir

28 February 2012 — 5 Comments

Sometimes you need an easy way to redirect incoming connections to another system. For example when migrating an old box to a new one. Today I came across an old note from myself explaining this. I thought it might be worth sharing 🙂

You’ll need the ‘redir’ program for this to work:

apt-get install redir

Redir redirects tcp connections coming in to a local port to a specified address/port combination like this:

redir –laddr=10.10.0.1 –lport=80 –caddr=10.10.10.1 –cport=80

This redirects web requests coming in at 10.10.0.1 to 10.10.10.1.

redir –laddr=10.10.0.1 –lport=21 –caddr=10.10.10.1 –cport=21 –ftp=both

And here the same for ftp. Note the –ftp option, this makes sure both passive and active ftp work.

Many years ago, when I didn’t know about this option, I had to rollback an upgrade in the middle of the night, because ftp redirection just didn’t work.. all I had to do was add –ftp=both to redir. I found it out the next morning, and did the upgrade again the following night. I’ll never forget! Just had to smile when I found the note today 🙂

5 responses to Redirecting incoming tcp connections with redir

  1. 

    Very useful!
    Nobody talked about the –ftp=both
    He saved my life! rsss
    thank you

  2. 

    redir is exploitable. I do NOT recommend using it. Hackers can use it to punch a hole through your nat and get at the workstations. Use iptables to forward/redirect ports to be safe.

    May the Force be with you.

  3. 

    Fucking thank you, the ftp trick saved many lives.

What do you think?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s