samhocevar / rinetd Goto Github PK
View Code? Open in Web Editor NEWđĄ TCP/UDP port redirector
License: GNU General Public License v2.0
đĄ TCP/UDP port redirector
License: GNU General Public License v2.0
Please release a windows clientďźthk
This shouldnât be really hard to implement, and itâs important, because IPv6 will clearly be the protocol of the year 2000.
Hello,
Build under Ubuntu is fine. But i get a error building under Centos 32 and 64. glibc 2.12
Centos 6.7 and Centos 7 x64
What to do?
make all-am
make[1]: Entering directory /usr/src/rinetd-master' gcc -DHAVE_CONFIG_H -I. -std=c99 -D_XOPEN_SOURCE -D_DEFAULT_SOURCE -D_POSIX_C_SOURCE=200809L -Wall -Wextra -Wwrite-strings -I. -g -O2 -MT rinetd-rinetd.o -MD -MP -MF .deps/rinetd-rinetd.Tpo -c -o rinetd-rinetd.o
test -f 'rinetd.c' || echo './'`rinetd.c
rinetd.c: In function âgetAddressâ:
rinetd.c:1152: error: âh_errnoâ undeclared (first use in this function)
rinetd.c:1152: error: (Each undeclared identifier is reported only once
rinetd.c:1152: error: for each function it appears in.)
rinetd.c:1154: error: âHOST_NOT_FOUNDâ undeclared (first use in this function)
rinetd.c:1157: error: âNO_ADDRESSâ undeclared (first use in this function)
rinetd.c:1160: error: âNO_RECOVERYâ undeclared (first use in this function)
rinetd.c:1163: error: âTRY_AGAINâ undeclared (first use in this function)
rinetd.c:1172: error: âstruct hostentâ has no member named âh_addrâ
make[1]: *** [rinetd-rinetd.o] Error 1
Thank you,
This happens when a hostname starts with [0-9a-f]*
because it is incorrectly parsed as an IPv6.
Fixed in e3b47d0.
The program does not produce any output if the config file is absent / not found. Is this supposed to happen?
UPDATE: hm... I can't see any error for example when a host name in the config file cannot be resolved, it's as if stderr does not exist at all... I wonder what I'm doing wrong...
This new 0.73 build has severely degraded performance in my application compared to the previous 0.62_4. I'm running rinetd as a simple port 80/443 redirector over a Wireguard tunnel between two FreeBSD 13 servers.
Under the previous .62_4 version, loading a web page over the connection results in these respectable browser stats (about a second):
46 requests
759.24 kB / 413.67 kB transferred
Finish: 1.08 s
DOMContentLoaded: 468 ms
load: 603 ms
With the new 0.73 version, the same page has these stats (nearly 30 seconds):
45 requests
758.91 kB / 435.01 kB transferred
Finish: 28.06 s
DOMContentLoaded: 2.66 s
load: 28.06 s
You can literally watch the images on the page draw out in bands as the bytes stream over slowly and render like a PPP connection from 1998. Some requests simply fail to load and render broken web pages.
I initially suspected my problem was due to other factors, so I troubleshooted everything else until I finally narrowed it down to the recently updated version of rinetd. I found the older .62 package and installed it to replace .73 and all was well again.
I install rinetd through the FreeBSD packages mechanism. I reported this issue to the FreeBSD bug tracking system and the port maintainer requested that I share my findings here.
before:
allRules = (Rule *) realloc(allRules, sizeof(Rule *) * (allRulesCount + 1));
Rule * is pointer, size: int
after:
allRules = (Rule *) realloc(allRules, sizeof(Rule) * (allRulesCount + 1));
Hello!
Is it possible to listen on or redirect to an IPv6 link-local address that needs the interface information?
e.g. it should listen on ::1 80/tcp and redirect to fe80::abcd:ffff:ffff:eeee%eth0 80/tcp.
If it is supported, how looks the configuration?
kind regards
Can rinetd support forwarding UNIX domain socket?
suse had created a patch long time ago (https://build.opensuse.org/package/view_file/server:proxy/rinetd/rinetd-syslog.patch?expand=1)
this patch is not compatibel with the actual git tree could you forward patch or add thsi kind of support.
đ trying to build the latest release, but run into some build issue. The error log is as below:
rinetd.c:799:19: error: use of undeclared identifier 'NI_MAXHOST'
char addressText[NI_MAXHOST];
^
rinetd.c:924:19: error: use of undeclared identifier 'NI_MAXHOST'
char addressText[NI_MAXHOST] = { '?' };
^
2 errors generated.
make[2]: *** [___rinetd-rinetd.o] Error 1
make[2]: *** Waiting for unfinished jobs....
mv -f .deps/___rinetd-match.Tpo .deps/___rinetd-match.Po
mv -f .deps/___rinetd-parse.Tpo .deps/___rinetd-parse.Po
make[1]: *** [install] Error 2
make: *** [install-recursive] Error 1
Full build log is in here, https://github.com/Homebrew/homebrew-core/runs/1907745906
relates to Homebrew/homebrew-core#71237
Do you plan implementing this feature as well ?
This required for packaging for Fedora/RHEL (e.g.)
I have an embedded system with a read-only filesystem, so the base configuration file cannot be edited. In another context, I might have a system that could install several optional services, each of which might need to install its own configuration fragment for rinetd
.
To support these use cases, I propose adding a new include
directive. This would permit adding lines similar to the following, allowing configuration fragments to be stored in a multiple separate locations.
include /etc/rinetd.d/extra-rules.conf
include /data/rinetd.d/*
If globs end up being too big an ask, a simpler directive for scanning a directory would probably be more than sufficient (e.g. includedir /path/without/globs/
).
After a quick glance at the parser definition, this seems like a reasonable extension that would be fairly easy to implement (for someone that knows that code). Notably, the parseConfiguration
routine simply would be called recursively by the rules that implement the include
directive(s). Easy peasy, yeah?
Is polling in epoll mode?
$ ./bootstrap
+ test no = yes
+ aclocal -I .auto -I .
+ autoconf
+ test yes = yes
+ autoheader
+ test yes = yes
+ automake --foreign --add-missing --copy
configure.ac:7: installing '.auto/install-sh'
configure.ac:7: installing '.auto/missing'
configure.ac:37: error: required file 'src/Makefile.in' not found
I saw the 0.71 version mentioned to support IPv6, but I can't connect my vps with IPv6, the vps has IPv6 & IPv4, maybe it does not support IPv6 & IPv4 machine? Or is my configuration wrong?
These are the configurations I have used:
0.0.0.0 12345/tcp domain.name.com 23456/tcp
0.0.0.0 12345/udp domain.name.com 23456/udp
0.0.0.0 12345/tcp domain.name.com 23456/tcp
0.0.0.0 12345/udp domain.name.com 23456/udp
::1 12345/tcp domain.name.com 23456/tcp
::1 12345/udp domain.name.com 23456/udp
::1 12345/tcp domain.name.com 23456/tcp
::1 12345/udp domain.name.com 23456/udp
Hi,
I'd like to change the port for outgoing traffic to one specific external IP. I use this configurationline:
12.34.56.78 443 12.34.56.78 12345
But rinetd tells me:
rinetd error: couldn't bind to address 12.34.56.78 port 443 (Cannot assign requested address)
If I use
127.0.0.1 443 12.34.56.78 12345
it works perfectly. Does rinetd doesn't work for external IPs?
Background:
I'd like to make my collabora server to speak with my nextcloud server (12.34.56.78) that doesn' listen on 443 but due to security reasons on port 12345. Because my collabora server shall connect to other nextcloud servers on the standard 443, I can't change default outgouing port of collabora server.
pve lxc debian container..
rinetd 0.73 ..
pls. help
port 10767,can't listen in windows( not test other OS ).
Download File:
Error Info
[root@localhost rinetd-0.73]# ./bootstrap
-bash: ./bootstrap: /usr/bin/sh^M: bad interpreter: No such file or directory
OS Release
[root@localhost rinetd-0.73]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="8 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Linux 8 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-8"
CENTOS_MANTISBT_PROJECT_VERSION="8"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="8"
dos2unix
[root@localhost rinetd-0.73]# dos2unix bootstrap
dos2unix: converting file bootstrap to Unix format...
[root@localhost rinetd-0.73]# ./bootstrap
+ test no = yes
+ aclocal -I .auto -I .
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LC_CTYPE = "UTF-8",
LANG = "en_US.UTF-8"
Thanks for your time working on rinetd
In the BUGS AND LIMITATIONS section, you mension
"The server redirected to is not able to identify the host the client really came from."
Might the proxy protocol http://www.haproxy.org/download/2.8/doc/proxy-protocol.txt
be a solution for this problem?
Thanks.
A simple way to crash rinetd is through the following configuration file:
for x in `seq 8000 9024`; do echo 0 $x 0 $(($x + 1)); done > conf-fdset
rinetd -f -c conf-fdset
Even if the server takes care not to create too many rules, this can be abused by clients.
I noticed that every few hours (after some reloads) rinetd on a productive machine became unresponsive. With the follwing test setup i was able to reproduce the behavior:
rinetd 0.73+git20210302.d4e0a60 on Debian Testing (bookworm)
/etc/rinetd.conf:
logfile /var/log/rinetd.log
127.0.0.1 2222/tcp 127.0.0.1 22/tcp
127.0.0.1 1111/udp 127.0.0.1 111/udp
Start rinetd:
# /usr/sbin/rinetd -f
rinetd: starting redirections...
Log in via ssh through rinetd:
$ ssh -p 2222 127.0.0.1
/var/log/rinetd.log:
09/Sep/2022:12:31:32 127.0.0.1 127.0.0.1 2222 127.0.0.1 22 0 0 opened
1st Reload:
# kill -HUP 'pidof rinetd'
Rinetd stdout:
rinetd: received SIGHUP, reloading configuration...
rinetd error: accept(5): Resource temporarily unavailable
/var/log/rinetd.log:
09/Sep/2022:12:32:07 ? 127.0.0.1 2222 127.0.0.1 22 0 0 accept-failed -
=> Rinetd still works (existing ssh session is ok, new sessions can be opened).
2nd Reload:
# kill -HUP 'pidof rinetd'
Rinetd stdout:
rinetd: received SIGHUP, reloading configuration...
rinetd error: accept(5): Resource temporarily unavailable
/var/log/rinetd.log:
09/Sep/2022:12:32:55 ? 127.0.0.1 2222 127.0.0.1 22 0 0 accept-failed -
=> Rinetd hangs: Existing ssh session becomes unresponsive, no new ssh session is possible (port 2222 is open, but does not send any response, no connection to the real destination port 22 is opened).
3th and subsequent Reloads:
# kill -HUP 'pidof rinetd'
Rinetd stdout:
rinetd: received SIGHUP, reloading configuration...
(no "Resource temporarily unavailable")
/var/log/rinetd.log:
(nothing)
This is 100% reproducable and also happens when there is no open tcp session during the reload.
When I remove the UDP redirection from rinetd.conf I still get the above messages on every reload ("Resource temporarily unavailable" and "accept-failed", also after the 3th reload), but rinetd behaves normally also after many reloads (existing ssh session works, new sessions possible).
When I built the software using MinGW (x64), I've got a crash in the function selectPass. After watching the behaviour of select() on windows, I've got this patch to make it work:
@@ -572,9 +573,15 @@ static ConnectionInfo *findAvailableConnection(void)
static void selectPass(void) {
int const fdSetCount = maxfd / FD_SETSIZE + 1;
+#ifndef _WIN32
# define FD_ZERO_EXT(ar) for (int i = 0; i < fdSetCount; ++i) { FD_ZERO(&(ar)[i]); }
# define FD_SET_EXT(fd, ar) FD_SET((fd) % FD_SETSIZE, &(ar)[(fd) / FD_SETSIZE])
# define FD_ISSET_EXT(fd, ar) FD_ISSET((fd) % FD_SETSIZE, &(ar)[(fd) / FD_SETSIZE])
+#else
+# define FD_ZERO_EXT(ar) FD_ZERO(ar);
+# define FD_SET_EXT(fd, ar) FD_SET(fd, ar)
+# define FD_ISSET_EXT(fd, ar) FD_ISSET(fd, ar)
+#endif
fd_set readfds[fdSetCount], writefds[fdSetCount];
FD_ZERO_EXT(readfds);
Hello,
I have used the rinet for quite a while now.
I use rite on a server to redirect users to another server.
But when I see its logs, it shows:
Jan 15 11:19:32 vpn rinetd[10473]: socket(): Too many open files
And its effect on the speed.
But when I restart the rite, its performance is good until that error shows up again!
How can I fix it?
PS: I Increased my limit on open files on ubuntu, but nothing changed.
$ rinetd --version
rinetd 0.62.1sam
Can you add a Http or Socket query interface for total upstream and downstream traffic?
As reported in Debian bug #173801:
rinetd should really resolve IP addresses on each connection instead of
only once during the config read. It's not a short-lived process and
having to restart it any time the IP address of a machine changes is
bad.
I want to try to use the source code on Windows to compile the exe executable file. can anyone help me, thanks
From popular user request.
Is it possible to add mac address filtering function
How do I configure rinetd.conf to allow multiple IP, to have one IP address per line like this?
allow 14.49.36.1
allow 14.46.200.1
0.0.0.0 24057 127.0.0.1 6120
But after testing, I found that this configuration is not working, it is only valid for the last line of allow.
Configured this way, it fails to start on reload.
:: 14622/tcp fd00:1:1:1::175 22/tcp
0.0.0.0 14622/tcp 10.0.0.146 22/tcp
Hi everyone, we have been using rinetd here at Nvidia for a certain project and I see that this tool keeps hoggs up a particular port. Use case is this:
Ubuntu 14.04, x86
application A runs a python script which internally starts rinetd (nohup /usr/sbin/service rinetd restart &). A listens to 2020 (http listener). We restart A and we notice that rinetd starts listening to port 2020
$ sudo netstat -ntlp | grep rinetd
tcp 0 0 127.0.0.1:2020 0.0.0.0:* LISTEN 64807/rinetd
tcp 0 0 127.0.0.1:1100 0.0.0.0:* LISTEN 64807/rinetd
Why does rinetd hog port 2020 when its config file is shown below? How can me make sure that rinetd doesn't listen to ports that it is not supposed to?
localhost 1100 111.11.111.111 2181
thanks
As the question goes, I have a service on port 3333 on the intranet. How should I set up the client to access it on a server with a public network?
just like
0.0.0.0 8080 127.0.0.1 1212
0.0.0.0 8080 127.0.0.1 1213
then, rinetd will forward the request to the port 1212 or 1213, just random is ok
A declarative, efficient, and flexible JavaScript library for building user interfaces.
đ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. đđđ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google â¤ď¸ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.