socat: Linux / UNIX TCP Port Forwarder

Author: Vivek Gite Last updated: March 15, 2010 9 comments

How do I configure UNIX or Linux system to act as TCP port forwarder without using firewall? How do I install socat ( SOcket CAT ) multipurpose relay for bidirectional data transfer under Linux?

You can use the utility called socat (SOcket CAT). This is just like the Netcat but with security in mind (e.g., it support chrooting) and works over various protocols and through a files, pipes, devices, TCP sockets, Unix sockets, a client for SOCKS4, proxy CONNECT, or SSL etc.

From the man page:

Socat is a command line based utility that establishes two bidirectional byte streams and transfers data between them. Because the streams can be constructed from a large set of different types of data sinks and sources (see address types), and because lots of address options may be applied to the streams, socat can be used for many different purposes.

socat Usage:

TCP port forwarder
External socksifier
Attacking weak firewalls (security testing)
A shell interface to UNIX sockets
IP6 relay
For redirecting TCP oriented programs to a serial line
Logically connect serial lines on different computers
Security testing and research
Establish a relatively secure environment (su and chroot) for running client or server shell scripts with network connections etc

Warning examples may open your computer to the Internet

WARNING! These examples may open your computer ports and sockets to other Internet users. You must have a good understanding of TCP/IP and UNIX networking to use this tool.

Install socat Under Debian / Ubuntu Linux

Type the following command:
$ sudo apt-get update && sudo apt-get install socat

Source Code Installation

Visit the official website and grab the latest version:
# cd /opt # wget http://www.dest-unreach.org/socat/download/socat-1.7.1.2.tar.gz
Untar and install the same:
# tar -zxvf socat-1.7.1.2.tar.gz # cd socat-1.7.1.2 # ./configure # make # make install

Examples

To redirect all port 80 conenctions to ip 202.54.1.5, enter:
# socat TCP-LISTEN:80,fork TCP:202.54.1.5:80
All TCP4 connections to port 80 will be redirected to 202.54.1.5. This is just like netcat. You can terminate connection by pressing [CTRL+C] i.e. ^C.

Connect To Remote SSH Server

You can connect to the remote ssh server called server1 and use pty for communication between socat and ssh, makes it ssh’s controlling tty (ctty), and makes this pty the owner of a new process group (setsid), so ssh accepts the password from socat.
$ (sleep 5; echo YOURSSHPASSWORDHERE; sleep 5; echo date; sleep 1) |socat - EXEC:'ssh -l userName server1.nixcraft.net.in',pty,setsid,ctty

Get Information About Haproxy

The following will give you information about the running HAProxy process such as pid, uptime and much more:
# echo "show info" | socat unix-connect:/var/tmp/haproxy stdio

TCP port forwarder, each side bound to another local IP address (bind)

This example handles an almost arbitrary number of parallel or consecutive connections by fork’ing a new process after each accept() . It provides a little security by su’ing to user nobody after forking; it only permits connections from the private 10 network (range); due to reuseaddr, it allows immediate restart after master process’s termination, even if some child sockets are not completely shut down. With -lmlocal2, socat logs to stderr until successfully reaching the accept loop. Further logging is directed to syslog with facility local2:
# socat -d -d -lmlocal2 \ TCP4-LISTEN:80,bind=myaddr1,su=nobody,fork,range=10.0.0.0/8,reuseaddr \ TCP4:www.nixcraft.net.in:80,bind=myaddr2

Further readings:

socat man page (see Examples section)
socat project.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 9 comments so far... add one ↓

Related Tutorials

Category	List of Unix and Linux commands
Disk space analyzers	ncdu • pydf
File Management	cat
Firewall	Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04
Network Utilities	NetHogs • dig • host • ip • nmap
OpenVPN	CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04
Package Manager	apk • apt
Processes Management	bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time
Searching	grep • whereis • which
User Information	groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w
WireGuard VPN	Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04

9 comments… add one

Steven Mar 16, 2010 @ 7:29

nice stuff

Reply Link
xose Mar 20, 2010 @ 22:42

also try ncat : http://nmap.org/ncat/ , included in nmap.

Reply Link
Rabie K Apr 15, 2010 @ 15:03

Hi,

I am trying to redirect connection to port 8980 to execute a telnet command to a local machine ( port 23 )
by issuing the following command :
In Machine 1 :
socat TCP-LISTEN:8980,fork EXEC:/myscript,reuseaddr

myscript contains
#!/bin/bash
telnet 192.168.20.12 //local Server 2

I am sending Binary data from the client to Server 2 via Server 1.
so it happens that I have some characters in Hex translated to special characters in ASCII like open brackets or Commas etc.. and that closed the socket between the two machines.

Does anybody had this issue before ? if yes it there a workaround done to fix it ?

Any help is appreciated

Reply Link
desert rose Feb 1, 2013 @ 8:07

Hi,

I am trying to redirect connection multiple port (range 2048 to 2200 ) to execute a single local server
by issuing the following command :
# socat TCP-LISTEN:2048,fork TCP:202.54.1.5:2048

can anybody tell me what can i do ? , and help me to socat command to execute multiple port( range 2048 to 2200) over single TCP IP…
thanks in advance..

Reply Link

Juanito Feb 13, 2013 @ 11:53

I´ve been trying to forward packets coming from port 4001 to a new multicast address with different port and finally I found the solution that perhaps someone can find useful: (My local IP is 214.25.250.200)

 socat udp4-recvfrom:4001,ip-add-membership=225.25.250.1:214.25.250.200,fork udp-datagram:225.25.250.1:5001

>udp4-recvfrom:4001 - Handle everything coming in from port 4001
>ip-add-membership=225.25.250.1:214.25.250.200 - Creates a subscription to the multicast 225.25.250.1 for the local interface 214.25.250.200
>udp-datagram:225.25.250.1:5001 - forwards the packets matching with incoming port 4001 to the multicast destination (can be unicast) 225.25.250.1 on port 5001

If you get the following error message “…Network is unreachable” you need to create an static route to the multicast destination. The comands may change on each Linux distribution, for CentOS:

[root@localhost bin]# ip route add [multicast destination] via [local interface IP] dev [local interface name]
[root@localhost bin]# ip route add 225.25.250.1 via 214.25.250.200 dev eth0

Local interface name can be checked by using:

#ifconfig -a

I hope it makes you save time. It worked on my computer but if you find some errors please report).

Reply Link

Daren Matthews Apr 8, 2014 @ 18:00

That is nice – very much appreciated

Reply Link

Manoz Karmacharya Feb 12, 2015 @ 18:10

I want to connect to internetworking device in vmware workstation (in linux) with serial port i.e use socket (named pipe). Need help

Reply Link
Wellington Torrejais da Silva Dec 25, 2016 @ 1:23

Nice!

Reply Link
Maikel Apr 2, 2017 @ 16:39

Hi there,
Thank you for the useful blogpost. I’ve got one question:
While socat TCP-LISTEN:22,fork TCP:10.4.13.91:22 is running and checking status with ss -lnt, I’m getting the following output:
State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 5 *:22 *:* LISTEN 0 128 :::443 :::* LISTEN 0 128 :::9000 :::* LISTEN 0 128 :::80 :::*
Do you know the reason for Send-Q being so low compare to the rest and how to change it?
Thank you.

Reply Link