【Linux】命令 - socat

Posted by 西维蜀黍 on 2021-07-17, Last Modified on 2024-05-07


socat - Multipurpose relay (SOcket CAT)

Socat is a command line based utility that establishes two bidirectional byte streams and transfers data between them. Because the streams can be constructed from a large set of different types of data sinks and sources (see address types), and because lots of address options may be applied to the streams, socat can be used for many different purposes.


  • fork: After establishing a connection, handles its channel in a child process and keeps the parent process attempting to produce more connections, either by listening or by connecting in a loop.

包含 fork 和不包含的区别:

  • -d: Without this option, only fatal and error messages are generated; applying this option also prints warning messages. See DIAGNOSTICS for more information.
  • -d -d: Prints fatal, error, warning, and notice messages.
  • -d -d -d: Prints fatal, error, warning, notice, and info messages.
  • -d -d -d -d: Prints fatal, error, warning, notice, info, and debug messages.


TCP Clients

Transfers data between STDIO (-) and a TCP4 connection to port 80 of host www.domain.org.

$ socat - TCP4:www.domain.org:80

TCP Communication via socat

Create a simple client/server TCP connection


# Listen to a port, wait for an incoming connection and transfer data to STDIO:
$ socat TCP-LISTEN:8800\
,fork -


# Create a connection to a host and port, transfer data in STDIO to connected host:
$ socat TCP:localhost:8800 -

这样就可以在terminal 通过TCP进行通信了:

TCP Jump Server/ Forwarder

# Forward incoming data of a local port to another host and port:
$ socat TCP-LISTEN:80,fork TCP4:www.example.com:80
# A simple TCP port forwarder
$ socat TCP4-LISTEN:www TCP4:www.domain.org:www

# similarly
$ socat TCP4-LISTEN:8882,fork TCP4:localhost:8800

Unix Domain Socket

single (bi-directional) endpoint


$ socat UNIX-LISTEN:/tmp/a.sock -


$ socat UNIX-LISTEN:/tmp/a.sock -

mutliple (bi-directional) endpoints


$ socat UNIX-LISTEN:/usr/local/var/run/test/test.sock\
,fork -


$ socat UNIX-CONNECT:/usr/local/var/run/test/test.sock -

Practical uses for socat

Proxy for MySQL

Socat is a great tool for troubleshooting. It is also handy for easily making remote connections. Practically, I have used socat for remote MySQL connections. In the example below, I demonstrate how I use socat to connect my web application to a remote MySQL server by connecting over the local socket.

On my remote MySQL server, I enter:

$ socat TCP-LISTEN:3307,reuseaddr,fork UNIX-CONNECT:/var/lib/mysql/mysql.sock &

This command starts socat and configures it to listen by using port 3307.

. On my webserver, I enter:

# socat UNIX-LISTEN:/var/lib/mysql/mysql.sock,fork,reuseaddr,unlink-early,user=mysql,group=mysql,mode=777 TCP: &

The above command connects to the remote server by using port 3307.

However, all communication will be done on the Unix socket /var/lib/mysql/mysql.sock, and this makes it appear to be a local server.

Command execution

Execute shell commands on a remote server (i.e. basic ssh client).


$ socat TCP-LISTEN:1234 EXEC:/bin/bash


$ socat TCP:localhost:1234 -


Create an encrypted tunnel between a local computer and a remote machine to relay services created through an SSH protocol connection.


$ socat TCP-LISTEN:54321\
,fork \


$ ssh root@localhost -p 54321

Create a virtual point-to-point IP link through a TUN network device.

Port Jump Server

socat (SOcket CAT) is a powerful utility for data transfer between two addresses, suitable for debugging, testing, and creating connections. It’s particularly useful for forwarding ports, enabling you to redirect traffic from one port to another on the same or a different machine. Here’s a basic example of how you can use socat to forward a port:

To forward traffic from one port on your local machine to another, you can use:

socat TCP-LISTEN:port1,fork TCP:localhost:port2
  • TCP-LISTEN:port1 tells socat to listen on port1 for incoming TCP connections.
  • fork allows socat to handle multiple connections by forking a new process for each connection.
  • TCP:localhost:port2 directs socat to connect to port2 on the localhost.

For example, if you want to forward all connections from port 8080 to port 80 on your local machine, you would use:

socat TCP-LISTEN:8080,fork TCP:localhost:80

To forward traffic from a local port to a remote server:

socat TCP-LISTEN:localport,fork TCP:remotehost:remoteport

For instance, forwarding from your machine’s port 8080 to port 8000 on a remote server would be:

socat TCP-LISTEN:8080,fork TCP:

This command listens on your local port 8080 and forwards all incoming traffic to port 8000 on

So the following command is equivalent:

$ curl http://localhost:8080/
# or 
$ curl