Shulou(Shulou.com)05/31 Report--

This article mainly analyzes the relevant knowledge of linux port forwarding, the content is detailed and easy to understand, the operation details are reasonable, and has a certain reference value. If you are interested, you might as well follow the editor to have a look, and follow the editor to learn more about "how the port forwarding of linux is".

Methods: 1, use SSH port to forward; 2, use iptables port to forward; 3, use firewall port to forward; 4, use rinetd port to forward; 5, use ncat port to forward; 6, use socat port to forward; 7, use portmap port to forward; 8, use portfwd port to forward and so on.

The operating environment of this tutorial: linux7.3 system, Dell G3 computer.

How to forward the port of linux

1. SSH port forwarding

SSH provides a very interesting function, which is port forwarding, which can forward the network data of other TCP ports through SSH links, and automatically provides corresponding encryption and decryption services.

(1) Local port forwarding

Ssh-fgN-L 2222:localhost:22 localhost

(2) remote port forwarding

Ssh-fgN-R 2222:host1:22 localhost

(3) dynamic forwarding

Ssh-fgN-D 12345 root@host1

2. Iptables port forwarding.

Iptables is used below CentOS 7.0. packets can be forwarded through iptables.

(1) enable data forwarding function

Vi / etc/sysctl.conf # add a line net.ipv4.ip_forward=1 / / to make the data forwarding function effective sysctl-p

(2) forward the local port to the local port

Iptables-t nat-A PREROUTING-p tcp-- dport 2222-j REDIRECT-- to-port 22

(3) forward the port of this machine to other machines

Iptables-t nat-A PREROUTING-d 192.168.172.130-p tcp-- dport 8000-j DNAT-- to-destination 192.168.172.131 dport 80 iptables-t nat-A POSTROUTING-d 192.168.172.131-p tcp-- dport 80-j SNAT-- to 192.168.172.130 # clear all chains iptables-t nat-F PREROUTING in the nat table

3. Firewall port forwarding

CentOS 7.0 and above uses firewall, and port forwarding is implemented through command line configuration.

(1) enable camouflage IP

Firewall-cmd-permanent-add-masquerade

(2) configure port forwarding to forward access to port 12345 on this machine to port 22 on another server.

Firewall-cmd-permanent-add-forward-port=port=12345:proto=tcp:toaddr=192.168.172.131:toport=22

(3) reload to invalidate it

Firewall-cmd-reload

4. Rinetd port forwarding

Rinetd is a lightweight TCP forwarding tool that enables port mapping / forwarding / redirection with simple configuration.

(1) download source code

Wget https://li.nux.ro/download/nux/misc/el7/x86_64/rinetd-0.62-9.el7.nux.x86_64.rpm

(2) install rinetd

Rpm-ivh rinetd-0.62-9.el7.nux.x86_64.rpm

(3) Edit configuration file

Vi rinetd.conf 0.0.0.0 1234 127.0.0.1 22

(4) start forwarding

Rinetd-c / etc/rinetd.conf

5. Ncat port forwarding

Netcat (abbreviated as nc) is known as the "Swiss Army knife" in the field of network security, a simple and useful tool. This paper introduces a method of port forwarding using netcat.

(1) install ncat

Yum install nmap-ncat-y

(2) listen to local port 9876 and forward data to port 80 of 192.168.172.131

Ncat-sh-exec "ncat 192.168.172.13180"-l 9876-keep-open

6. Socat port forwarding

Socat is a multi-functional network tool that uses socat for port forwarding.

(1) socat installation

Yum install-y socat

(2) listen locally on port 12345 and forward the request to port 22 of 192.168.172.131.

Socat TCP4-LISTEN:12345,reuseaddr,fork TCP4:192.168.172.131:22

7. Portmap port forwarding

Linux version of lcx, private network port forwarding tool.

(1) download address: http://www.vuln.cn/wp-content/uploads/2016/06/lcx_vuln.cn_.zip

(2) listen on local port 1234 and forward it to port 22 of 192.168.172.131

/ portmap-M1-p1 1234-h3 192.168.172.131-p22

8. Portfwd port forwarding

Portfwd is a built-in feature in meterpreter and also provides a stand-alone version for TCP/UDP port forwarding service

Github project address: https://github.com/rssnsj/portfwd

(1) download and compile

Git clone https://github.com/rssnsj/portfwd.git

Cd portfwd/src

Make

(2) forward the local port 12345 to 192.168.172.131VR 22

. / tcpfwd 0.0.0.0:12345 192.168.172.131:22

9. NATBypass port forwarding

Implementation of a lcx (htran) under golang

Gihub project address: https://github.com/cw1997/NATBypass

The private network host actively connects the public network host to open the tunnel:

Execute on the target machine: nb-slave 127.0.0.1 IP:51 3389 public network

Machine execution on the public network: nb-listen 51 3340

You can connect port 3389 of the private network machine by connecting 127.0.0.1 virtual 3340 to the public network host.

About "how the port forwarding of linux" is introduced here, more related content can be searched for previous articles, hope to help you answer questions, please support the website!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.