socat
socat - Multipurpose relay (SOcket CAT)
Socat is a command line based utility that establishes two bidirectional byte streams and transfers data between them. Because the streams can be constructed from a large set of different types of data sinks and sources (see address types), and because lots of address options may be applied to the streams, socat can be used for many different purposes.
Parameter
fork: After establishing a connection, handles its channel in a child process and keeps the parent process attempting to produce more connections, either by listening or by connecting in a loop.
包含 fork 和不包含的区别:
- -d: Without this option, only fatal and error messages are generated; applying this option also prints warning messages. See DIAGNOSTICS for more information.
- -d -d: Prints fatal, error, warning, and notice messages.
- -d -d -d: Prints fatal, error, warning, notice, and info messages.
- -d -d -d -d: Prints fatal, error, warning, notice, info, and debug messages.
Example
TCP Clients
Transfers data between STDIO (-) and a TCP4 connection to port 80 of host www.domain.org.
$ socat - TCP4:www.domain.org:80
TCP Communication
via socat
Create a simple client/server TCP connection
Server
# Listen to a port, wait for an incoming connection and transfer data to STDIO:
$ socat TCP-LISTEN:8800\
,reuseaddr\
,pf=ip4\
,fork -
Client
# Create a connection to a host and port, transfer data in STDIO to connected host:
$ socat TCP:localhost:8800 -
这样就可以在terminal 通过TCP进行通信了:
TCP Jump Server/ Forwarder
# Forward incoming data of a local port to another host and port:
$ socat TCP-LISTEN:80,fork TCP4:www.example.com:80
# A simple TCP port forwarder
$ socat TCP4-LISTEN:www TCP4:www.domain.org:www
# similarly
$ socat TCP4-LISTEN:8882,fork TCP4:localhost:8800
Unix Domain Socket
single (bi-directional) endpoint
Server
$ socat UNIX-LISTEN:/tmp/a.sock -
sdsd
Client
$ socat UNIX-LISTEN:/tmp/a.sock -
sdsd
mutliple (bi-directional) endpoints
Server
$ socat UNIX-LISTEN:/usr/local/var/run/test/test.sock\
,fork -
Client
$ socat UNIX-CONNECT:/usr/local/var/run/test/test.sock -
Practical uses for socat
Proxy for MySQL
Socat is a great tool for troubleshooting. It is also handy for easily making remote connections. Practically, I have used socat for remote MySQL connections. In the example below, I demonstrate how I use socat to connect my web application to a remote MySQL server by connecting over the local socket.
On my remote MySQL server, I enter:
$ socat TCP-LISTEN:3307,reuseaddr,fork UNIX-CONNECT:/var/lib/mysql/mysql.sock &
This command starts socat and configures it to listen by using port 3307.
. On my webserver, I enter:
# socat UNIX-LISTEN:/var/lib/mysql/mysql.sock,fork,reuseaddr,unlink-early,user=mysql,group=mysql,mode=777 TCP:192.168.100.5:3307 &
The above command connects to the remote server 192.168.100.5 by using port 3307.
However, all communication will be done on the Unix socket /var/lib/mysql/mysql.sock, and this makes it appear to be a local server.
Command execution
Execute shell commands on a remote server (i.e. basic ssh client).
Server
$ socat TCP-LISTEN:1234 EXEC:/bin/bash
Client
$ socat TCP:localhost:1234 -
pwd
/Users/shiwei
Tunneling
Create an encrypted tunnel between a local computer and a remote machine to relay services created through an SSH protocol connection.
Server
$ socat TCP-LISTEN:54321\
,reuseaddr\
,fork \
TCP:remote.server.com:22
Client
$ ssh root@localhost -p 54321
Create a virtual point-to-point IP link through a TUN network device.
Port Jump Server
socat (SOcket CAT) is a powerful utility for data transfer between two addresses, suitable for debugging, testing, and creating connections. It’s particularly useful for forwarding ports, enabling you to redirect traffic from one port to another on the same or a different machine. Here’s a basic example of how you can use socat to forward a port:
To forward traffic from one port on your local machine to another, you can use:
socat TCP-LISTEN:port1,fork TCP:localhost:port2
TCP-LISTEN:port1tellssocatto listen onport1for incoming TCP connections.forkallowssocatto handle multiple connections by forking a new process for each connection.TCP:localhost:port2directssocatto connect toport2on the localhost.
For example, if you want to forward all connections from port 8080 to port 80 on your local machine, you would use:
socat TCP-LISTEN:8080,fork TCP:localhost:80
To forward traffic from a local port to a remote server:
socat TCP-LISTEN:localport,fork TCP:remotehost:remoteport
For instance, forwarding from your machine’s port 8080 to port 8000 on a remote server 192.168.18.32 would be:
socat TCP-LISTEN:8080,fork TCP:192.168.18.32:8000
This command listens on your local port 8080 and forwards all incoming traffic to port 8000 on 192.168.18.32.
So the following command is equivalent:
$ curl http://localhost:8080/
# or
$ curl 192.168.18.32:8000
Reference
- https://linux.die.net/man/1/socat
- https://www.redhat.com/sysadmin/getting-started-socat
- https://blog.travismclarke.com/post/socat-tutorial/