Shulou(Shulou.com)06/03 Report--

Rinetd, a simple and easy to use tool under linux, to achieve port mapping / forwarding / redirection.

There are many ways to do address NAT under Linux. For example, haproxy, layer 4 proxy of nginx, iptables of linux and so on can be realized. Haproxy, nginx aside, the configuration is relatively simple; iptables configuration is complex, and there are many concepts such as DNAT, SNAT, PREROUTING, POSTROUTING, and so on. In fact, there is a tool called rinetd under Linux, which is easy to install and not complex to configure.

1. Download and install

[root@centos-01 ~] # wget-- no-check-certificate http://www.boutell.com/rinetd/http/rinetd.tar.gz / / you can successfully install [root@centos-01 ~] # tar zxvf rinetd.tar.gz [root @ centos-01 ~] # cd rinetd & & sed-I's sed 65536pact 65536pact g' rine td.c [root @ centos-01 ~] # mkdir / usr/man by using "do not check the certificate". [root@centos-01 ~] # make & & make installcc-DLINUX-g-c-o rinetd.o rinetd.crinetd.c:176:6: warning: conflict with built-in function 'log'' type [default enabled] void log (int I Int coSe, int result) ^ cc-DLINUX-g-c-o match.o match.cgcc rinetd.o match.o-o rinetd [root @ centos-01 ~] # install-m 700 rinetd / usr/ Sabin [root @ centos-01 ~] # install-m 644 rinetd.8 / usr/man/man8

two。 Edit configuration file

[root@centos-01 ~] # vim / etc/rinetd.conf0.0.0.0 8080 172.19.94.3 800.0.0.0 60022 192.168.0.103 600220.0.0.0 80 192.168.0.10 80logfile / var/log/rinetd.log description (0.0.0.0 indicates that all available addresses are bound locally) forward all requests destined for port 8080 to 172.19.94.3 Port 8080 forwards all requests to port 60022 of the machine to port 60022 of 192.168.0.103 and forwards all requests on port 80 to port 80 of port 192.168.0.10.

The format of the command is:

Bindaddress bindport connectaddress connectport

Bound address bound port bound address connected port

Or

[Source Address] [Source Port] [Destination Address] [Destination Port]

Source address source port destination address destination port

3. Start and close the program

[root@centos-01 ~] # rinetd-c / etc/ rinetd.confs [root @ centos-01 ~] # pkill rinetd

4. Check

[root@centos-01 ~] # netstat-tanulp | grep rinetdtcp 00 0.0.0.0 tanulp 8080 0.0.0.0 LISTEN 27683/rinetd tcp 00 0.0.0.0 tanulp 60022 0.0.0.0 LISTEN 27683/rinetd tcp 00 0.0. 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0.80 LISTEN 27683/rinetd

It should be noted that:

The native port bound in 1.rinetd.conf must not be occupied by other programs

two。 The system firewall running rinetd should open the bound native port

Because our jumping machines are all forwarded databases and other ports, after running for a period of time, we find that the rinetd service is dead. There is no way to write a script to check the pid number, and restart if we hang up.

[root@centos-01 ~] # vim / etc/rinetd.conf echo scripts Interrupt restart time: "then rinetd `else echo rinetd pid is running...:" `date`else echo rinetd pid is running... " Echo date is: `date`fi # join scheduled tasks (monitored every two hours) [root@centos-01 ~] # crontab-l0 * / 2 * sh / data/scripts/rinetd_check.sh > > / data/logs/rinetd.log 2 > & 1

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.