Shulou(Shulou.com)06/01 Report--

Today, I would like to share with you the relevant knowledge points about the common port forwarding under Linux. The content is detailed and the logic is clear. I believe most people still know too much about this knowledge, so share this article for your reference. I hope you can get something after reading this article. Let's learn about it.

1. SSH port forwarding

SSH provides a very interesting function, which is port forwarding, which can forward the network data of other TCP ports through SSH links, and automatically provides corresponding encryption and decryption services.

(1) Local port forwarding

Ssh-fgN-L 2222:localhost:22 localhost

(2) remote port forwarding

Ssh-fgN-R 2222:host1:22 localhost

(3) dynamic forwarding

Ssh-fgN-D 12345 root@host12. Iptables Port Forwardin

Iptables is used below CentOS 7.0. packets can be forwarded through iptables.

(1) enable data forwarding function

Vi / etc/sysctl.conf # add a line of net.ipv4.ip_forward=1// to make the data forwarding function effective sysctl-p

(2) forward the local port to the local port

Iptables-t nat-A PREROUTING-p tcp-- dport 2222-j REDIRECT-- to-port 22

(3) forward the port of this machine to other machines

Iptables-t nat-A PREROUTING-d 192.168.172.130-p tcp-- dport 8000-j DNAT-- to-destination 192.168.172.131:80iptables-t nat-A POSTROUTING-d 192.168.172.131-p tcp-- dport 80-j SNAT-- to 192.168.172.13 empty all chains of nat table iptables-t nat-F PREROUTING3. Firewall Port Forwardin

CentOS 7.0 and above uses firewall, and port forwarding is implemented through command line configuration.

(1) enable camouflage IP

Firewall-cmd-permanent-add-masquerade

(2) configure port forwarding to forward access to port 12345 on this machine to port 22 on another server.

Firewall-cmd-permanent-add-forward-port=port=12345:proto=tcp:toaddr=192.168.172.131:toport=22

(3) reload to invalidate it

Firewall-cmd-- reload4. Rinetd Port Forwardin

Rinetd is a lightweight TCP forwarding tool that enables port mapping / forwarding / redirection with simple configuration.

(1) download source code

Wget https://li.nux.ro/download/nux/misc/el7/x86_64/rinetd-0.62-9.el7.nux.x86_64.rpm

(2) install rinetd

Rpm-ivh rinetd-0.62-9.el7.nux.x86_64.rpm

(3) Edit configuration file

Vi rinetd.conf 0.0.0.0 1234 127.0.0.1 22

(4) start forwarding

Rinetd-c / etc/rinetd.conf5. Ncat Port Forwardin

Netcat (abbreviated as nc) is known as the "Swiss Army knife" in the field of network security, a simple and useful tool. This paper introduces a method of port forwarding using netcat.

(1) install ncat

Yum install nmap-ncat-y

(2) listen to local port 9876 and forward data to port 80 of 192.168.172.131

Ncat-- sh-exec "ncat 192.168.172.1380"-- l 9876-- keep-open6. Socat Port Forwardin

Socat is a multi-functional network tool that uses socat for port forwarding.

(1) socat installation

Yum install-y socat

(2) listen locally on port 12345 and forward the request to port 22 of 192.168.172.131.

Socat TCP4-LISTEN:12345,reuseaddr,fork TCP4:192.168.172.131:227. Portmap Port Forwardin

Linux version of lcx, private network port forwarding tool.

Listen on local port 1234 and forward to port 22 of 192.168.172.131

/ portmap-M1-p1 1234-h3 192.168.172.131-p2228. Portfwd Port Forwardin

Portfwd is a built-in feature in meterpreter and also provides a stand-alone version for TCP/UDP port forwarding service

(1) download and compile

Git clone https://github.com/rssnsj/portfwd.gitcd portfwd/srcmake

(2) forward the local port 12345 to 192.168.172.131VR 22

. / tcpfwd 0.0.0.0:12345 192.168.172.131:229. NATBypass Port Forwardin

Implementation of a lcx (htran) under golang

Gihub project address: https://github.com/cw1997/NATBypass

The private network host actively connects the public network host to open the tunnel:

Execute on the target machine: nb-slave 127.0.0.1 IP:51 3389 public network

Machine execution on the public network: nb-listen 51 3340

You can connect port 3389 of the private network machine by connecting 127.0.0.1 virtual 3340 to the public network host.

These are all the contents of the article "what are the common port forwarding under Linux". Thank you for reading! I believe you will gain a lot after reading this article. The editor will update different knowledge for you every day. If you want to learn more knowledge, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.