Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to achieve port forwarding in Linux. The quality of the article is high, so Xiaobian shares it with you as a reference. I hope you have a certain understanding of relevant knowledge after reading this article.

1. SSH port forwarding

SSH provides a very interesting feature, port forwarding, which can forward network data from other TCP ports through SSH links and automatically provide corresponding encryption and decryption services.

(1)Local port forwarding

ssh -fgN -L 2222:localhost:22 localhost

(2)remote port forwarding

ssh -fgN -R 2222:host1:22 localhost

(3)dynamic forwarding

ssh -fgN -D 12345 root@host1

2. iptables port forwarding

CentOS 7.0 and below use iptables, which can be used to forward packets.

(1)Enable data forwarding

vi /etc/sysctl.conf #Add a line net.ipv4.ip_forward=1 //to enable data forwarding sysctl -p

(2)Forward local ports to native ports

iptables -t nat -A PREROUTING -p tcp --dport 2222 -j REDIRECT --to-port 22

(3)Forward ports on this machine to other machines

iptables -t nat -A PREROUTING -d 192.168.172.130-p tcp --dport 8000 -j DNAT --to-destination 192.168.172.131:80 iptables -t nat -A POSTROUTING -d 192.168.172.131 -p tcp --dport 80 -j SNAT --to 192.168.172.130 #Clear all chains of nat tables iptables -t nat -F PREROUTING

3. firewall port forwarding

CentOS 7.0 and above use firewall, which is configured by command line to implement port forwarding.

(1)Disguise IP enabled.

firewall-cmd --permanent --add-masquerade

(2)Configure port forwarding to forward traffic arriving on port 12345 to port 22 on another server.

firewall-cmd --permanent --add-forward-port=port=12345:proto=tcp:toaddr=192.168.172.131:toport=22

(3)Reload to invalidate it.

firewall-cmd --reload

4. rinetd port forwarding

rinetd is a lightweight TCP forwarding tool that enables port mapping/forwarding/redirection with simple configuration.

(1)source download

wget https://li.nux.ro/download/nux/misc/el7/x86_64/rinetd-0.62-9.el7.nux.x86_64.rpm

(2)Install rinetd

rpm -ivh rinetd-0.62-9.el7.nux.x86_64.rpm

(3)edit the configuration file

vi rinetd.conf 0.0.0.0 1234 127.0.0.1 22

(4)Start forwarding

rinetd -c /etc/rinetd.conf

5. ncat port forwarding

Netcat(nc for short) is known as the "swiss army knife" of network security circles, a simple and useful tool, here is a way to use netcat to achieve port forwarding.

(1)Install ncat

yum install nmap-ncat -y

(2)Listens on port 9876 and forwards data to port 80 of 192.168.172.131

ncat --sh-exec "ncat 192.168.172.131 80" -l 9876 --keep-open

6. socat port forwarding

Socat is a versatile networking tool that uses socat for port forwarding.

(1)socat installation

yum install -y socat

(2)Locally listen on port 12345 and forward the request to port 22 of 192.168.172.131.

socat TCP4-LISTEN:12345,reuseaddr,fork TCP4:192.168.172.131:22

7. portmap port forwarding

Linux version of lcx, intranet port forwarding tool.

(1)Download address: www.vuln.cn/wp-content/uploads/2016/06/lcx_vuln.cn_.zip

(2)Listen on local port 1234 and forward to port 22 of 192.168.172.131

/portmap -m 1 -p1 1234 -h3 192.168.172.131 -p2 22

8. portfwd port forwarding

portfwd is a built-in function in meterpreter, and also provides a stand-alone version for TCP/UDP port forwarding services.

Github Project Address: github.com/rssnsj/portfwd

(1)Download Compilation

git clone https://github.com/rssnsj/portfwd.git cd portfwd/src make

(2)Forward local port 12345 to 192.168.172.131: 22

./ tcpfwd 0.0.0.0:12345 192.168.172.131:22 About how to achieve port forwarding in Linux to share here, I hope the above content can have some help for everyone, you can learn more knowledge. If you think the article is good, you can share it so that more people can see it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.