Most of the time, iptables is chosen to implement port forwarding in Linux systems. Although iptables is powerful, it is not convenient to configure and is prone to errors for beginners. Here, I would like to share another TCP/UDP port forwarding tool called rinetd. Rinetd is small in size and easy to configure.

Installing rinetd

In this article, CentOS 7 is used as an example. Copy and paste the following commands one by one:

# Install dependencies
yum -y install gcc gcc-c++ make automake
# Download rinetd
wget https://github.com/samhocevar/rinetd/releases/download/v0.70/rinetd-0.70.tar.gz
# Extract
tar -zxvf rinetd-0.70.tar.gz
# Enter the directory
cd rinetd-0.70
# Compile and install
./bootstrap
./configure
make && make install

After installation, you can enter rinetd -v to check the current version.

[root@kryptcn2 rinetd-0.70]# rinetd -v
rinetd 0.70

Over time, the download address above may not be the latest. You can go to GitHub: https://github.com/samhocevar/rinetd/releases to download the latest version.

Setting up TCP port forwarding

# Create rinetd configuration file
vi /etc/rinetd.conf
# Fill in the following content
0.0.0.0 2018 103.74.192.160 2019
# Start rinetd
rinetd -c /etc/rinetd.conf

The format of the rinetd configuration file is as follows:

• 0.0.0.0: Source IP
• 2018: Source port
• 103.74.192.160: Target IP
• 2019: Target port

The above configuration means that the local port 2018 is forwarded to port 2019 on 103.74.192.160. After starting, you can enter netstat -apn|grep 'rinetd' to check if it is running normally. Note that you also need to allow the corresponding source port in your server's firewall, otherwise it will not work properly.

Starting from version 0.70, rinetd supports UDP forwarding. The syntax is as follows:

127.0.0.1   8000/udp  192.168.1.2     8000/udp

Creating a systemd service

To facilitate management, we can write a systemd service for rinetd. Interested readers can refer to "Linux System Writing Systemd Service Practice" (in Chinese). Xiaoz has already written it, just copy the following content:

# Create rinetd service
vi /etc/systemd/system/rinetd.service

Copy the following content and save it:

[Unit]
Description=rinetd
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/sbin/rinetd -c /etc/rinetd.conf

[Install]
WantedBy=multi-user.target

Run the command systemctl daemon-reload to reload the daemon to make it take effect. Then you can use the following commands to manage rinetd:

# Start rinetd
systemctl start rinetd
# Set it to start on boot
systemctl enable rinetd
# Stop rinetd
systemctl stop rinetd
# Restart
systemctl restart rinetd

Some issues with rinetd

Rinetd supports forwarding to domain names. Rinetd will resolve the domain name in advance and cache the resolved IP in memory. If the IP of your domain name changes, you must restart rinetd to make it take effect. Therefore, rinetd is not suitable for forwarding to domain names with frequently changing IPs. In this case, socat does not have this problem.

Other forwarding tools

• TCP/UDP Port Forwarding with Nginx (in Chinese)

Summary

Rinetd is easy to install and configure, and starting from version 0.70, it supports UDP forwarding. However, Xiaoz has not further tested the specific performance of rinetd, so it is unknown whether it can handle high concurrency situations.

Project address: https://github.com/samhocevar/rinetd