How to Install and Configure rinetd for TCP/UDP Port Forwarding on Linux

rinetdtcp udp port forwardinglinux port forwardingsystemd serviceport mapping

Published·Apr 3, 2018Modified·Aug 18, 2021

In most Linux scenarios, iptables is chosen for port forwarding. Although powerful, iptables is inconvenient to configure and prone to errors for beginners. Here, we share another TCP/UDP port forwarding tool called rinetd, which is lightweight and easy to configure.

TCP Port Forwarding Diagram

Install rinetd

This guide uses CentOS 7 as an example. Copy and run the following commands line by line:

# Install dependencies
yum -y install gcc gcc-c++ make automake
# Download rinetd
wget https://github.com/samhocevar/rinetd/releases/download/v0.70/rinetd-0.70.tar.gz
# Extract
.tar -zxvf rinetd-0.70.tar.gz
# Enter directory
cd rinetd-0.70
# Compile and install
./bootstrap
./configure
make && make install

After installation, you can check the current version by running rinetd -v:

[root@kryptcn2 rinetd-0.70]# rinetd -v
rinetd 0.70

Note that the download link above may not be the latest version over time. Please visit the official GitHub releases page to download the latest version: https://github.com/samhocevar/rinetd/releases.

Configure TCP Port Forwarding

# Create rinetd configuration file
vi /etc/rinetd.conf
# Add the following content
0.0.0.0 2018 103.74.192.160 2019
# Start rinetd
rinetd -c /etc/rinetd.conf

The format of the rinetd configuration file is as follows:

0.0.0.0: Source IP
2018: Source Port
103.74.192.160: Destination IP
2019: Destination Port

The configuration above forwards local port 2018 to port 2019 on 103.74.192.160. After starting, you can verify if it is running normally by entering netstat -apn | grep 'rinetd'. Note that you must also allow the corresponding source port in your server's firewall, otherwise it will not work.

Starting from version 0.70, rinetd also supports UDP forwarding. The syntax is as follows:

127.0.0.1   8000/udp  192.168.1.2     8000/udp

Create a systemd Service

For easier management, you can create a systemd service for rinetd. For more details, refer to Linux System systemd Service Practice. The author has already prepared the configuration; simply copy the content below:

# Create rinetd service file
vi /etc/systemd/system/rinetd.service

Paste the following content and save:

[Unit]
Description=rinetd
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/sbin/rinetd -c /etc/rinetd.conf

[Install]
WantedBy=multi-user.target

Run the command systemctl daemon-reload to reload the daemon and make it effective. You can then manage rinetd using the following commands:

# Start rinetd
systemctl start rinetd
# Enable rinetd to start on boot
systemctl enable rinetd
# Stop rinetd
systemctl stop rinetd
# Restart rinetd
systemctl restart rinetd

Common Issues with rinetd

rinetd supports forwarding to domain names. It resolves the domain name in advance and caches the resolved IP in memory. If the domain name's IP changes, you must restart rinetd for the changes to take effect. Therefore, rinetd is not suitable for scenarios where the domain name's IP changes frequently. In such cases, tools like socat are preferred.

Other Forwarding Tools

Using Nginx for TCP/UDP Port Forwarding

Summary

rinetd is simple to install and configure. Starting from version 0.70, it supports UDP forwarding. However, the author has not further tested rinetd's performance to determine if it can handle high concurrency.

Project Address: https://github.com/samhocevar/rinetd