From owner-freebsd-net@freebsd.org Fri May 18 22:08:27 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1EDB0EDDFD1 for ; Fri, 18 May 2018 22:08:27 +0000 (UTC) (envelope-from reshadpatuck1@gmail.com) Received: from mail-pg0-x232.google.com (mail-pg0-x232.google.com [IPv6:2607:f8b0:400e:c05::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8C7596C066 for ; Fri, 18 May 2018 22:08:26 +0000 (UTC) (envelope-from reshadpatuck1@gmail.com) Received: by mail-pg0-x232.google.com with SMTP id k2-v6so3876833pgc.1 for ; Fri, 18 May 2018 15:08:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:user-agent:in-reply-to:references:mime-version :content-transfer-encoding:subject:to:from:message-id; bh=533qZNekt1CeyuKT8IN1XJAd6hFmhUc0UBTkVl5BlDM=; b=vessv6WHx1oMA/sFHVhGkn7aIup4KWHuGGtZhFk/98XGNBc/PuUQR2yszB+4kFSvcm Iz0wSR3DrY72+bWLODkMuxnqKAiyybv+ZryiBL9cVn6gRh920jjtxiVSSILBpUaOfrIK 6JdZvV+m65gvYI5dBocyhw4m9gUrAS0TWUi7iA4F56Ao/zIbIS1UfUMCsq01SrrmYUrZ jiC/z9ityFdOxhmlQOO9Jc1OPTFYsMPc6oUK/CwgbNZWJnye7naY6IUa6RS3jWIJ2qkB wjd1wuDqQOawQpTm8mE3lfLlybz+0ffLIW+KPjJ+9QepsuZBcNt51Xyz/ciDhaFG1GTP SgGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:user-agent:in-reply-to:references :mime-version:content-transfer-encoding:subject:to:from:message-id; bh=533qZNekt1CeyuKT8IN1XJAd6hFmhUc0UBTkVl5BlDM=; b=eNp2oLTtsUGyGcm9O8sWt7cyvIGHPF456P4J7gmaW4es9XAgnqsq1/bEu1c9ky+DDk HOn6dmPvrLERTlxQK02sdnEYrvFTIHaTCFZhrkqVelABft8jgUs9RUinJhNkVruQw8ol H19EZRTlz4TR3ajv0tOvexQaeyFnM1YUKarDBe+IDmyq3FrS4kW3YC7Aknm2/NpVsngZ UTQb/RMkg+y/yiAnTc/hFvZZ/GrCxkuxCba8gtdAzAatF+e7BQ5RBcyEYp1JVqYsysRU gvds+sA9kJHkBxx/Bc5q41Fisyh+5ZiZBNV0JVwu3ryBo7FbTbu+76S0y5lDoErVc19R CdYw== X-Gm-Message-State: ALKqPwc6HMrlUqTeyjy+xa87RSU5juWSi6ZGgnLq1aTW1k4NxbE14l0d 6ha5y/9YV1hAwrydTUarmQiNmtY6tg4= X-Google-Smtp-Source: AB8JxZoRbOw9Km/Zg/9a1i+CaFy7Tn88va+JX3usEPi/zxqIx7eFTHOkRdiSkxOJfwZg+fhJmCZ0yA== X-Received: by 2002:a62:c81d:: with SMTP id z29-v6mr11030866pff.81.1526681305274; Fri, 18 May 2018 15:08:25 -0700 (PDT) Received: from [10.195.13.78] ([42.109.59.114]) by smtp.gmail.com with ESMTPSA id 203-v6sm14533623pfz.131.2018.05.18.15.08.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 May 2018 15:08:24 -0700 (PDT) Date: Fri, 18 May 2018 18:08:08 -0400 User-Agent: K-9 Mail for Android In-Reply-To: <2346bc5f-1ca3-3b6a-ac1a-c496e94eb969@netfence.it> References: <2346bc5f-1ca3-3b6a-ac1a-c496e94eb969@netfence.it> MIME-Version: 1.0 Subject: Re: Proxy a TCP connection To: freebsd-net@freebsd.org,Andrea Venturoli From: Reshad Patuck Message-ID: <0A8A304F-0772-4F1D-8906-B1AB9B7E2F36@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.26 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 May 2018 22:08:27 -0000 Hi, If you are running pf or ipfw on your router you could use a forward rule = to forward connections that come in on a certain internet IP and port to a = select internal IP or port=2E If you don't have a firewall running and can install ports on your router = have a look at relayd, it should do what you want=2E Best, Reshad On 18 May 2018 5:29:33 PM GMT-04:00, Andrea Venturoli w= rote: >Hello=2E > >Let's say I have a router connected to the Internet on one side and to >a=20 >LAN with private IPs on the other=2E >I want some clients from outside to be able to connect to a TCP service > >on a machine on the LAN: they should connect to port X on the >firewall's=20 >public IP and reach port Y on the internal box=2E > >I've used net/socket in the past, but stopped when, in some corner >case,=20 >it would "ruin" the data; besides it has been removed from the port >tree=2E > >I happily switched to net/tcpproxy, but lately it's dying every few >days=20 >and must be restarted; I could drop its rc=2Ed script and use=20 >sysutils/daemontools' svscan instead, but if there's a simpler >solution=2E=2E=2E > >Does anyone have a good suggestion for a program similar to the above >ones? >I require nothing fancy, I just want it to be reliable=2E > > bye & Thanks > av=2E >_______________________________________________ >freebsd-net@freebsd=2Eorg mailing list >https://lists=2Efreebsd=2Eorg/mailman/listinfo/freebsd-net >To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd=2Eorg"