Skip to content

Instantly share code, notes, and snippets.

@Epivalent

Epivalent/20240711T194009Z.md

Created July 11, 2024 19:40
Show Gist options
  • Save Epivalent/84e96d352cd94860b7c115d18ddf3dbf to your computer and use it in GitHub Desktop.
Save Epivalent/84e96d352cd94860b7c115d18ddf3dbf to your computer and use it in GitHub Desktop.
Download ZIP
Raw
20240711T194009Z.md

To achieve this with socat, you can set up a listener on a local TCP port that forwards incoming connections to another host and port using SSL. Additionally, you can enable forking so that each incoming connection is handled by a separate process.

Here's an example command:

socat -d -d -d TCP-LISTEN:LOCAL_PORT,fork,reuseaddr OPENSSL:REMOTE_HOST:REMOTE_PORT,verify=0

Explanation of the options used:

  • -d -d -d: Enable debug output (optional but useful for troubleshooting).
  • TCP-LISTEN:LOCAL_PORT: Listen on the specified local TCP port.
    • fork: Fork a new process for each incoming connection.
    • reuseaddr: Allow reuse of the address (useful if restarting socat quickly).
  • OPENSSL:REMOTE_HOST:REMOTE_PORT: Forward the connection to the specified remote host and port using SSL.
    • verify=0: Disable SSL certificate verification (you may want to adjust this based on your security requirements).

Replace LOCAL_PORT with the local port number you want to listen on, and replace REMOTE_HOST and REMOTE_PORT with the target host and port you want to tunnel to via SSL.

Example usage:

socat -d -d -d TCP-LISTEN:8080,fork,reuseaddr OPENSSL:www.example.com:443,verify=0

This command will listen on local port 8080. When a client connects to this port, socat will fork a new process and forward the connection over SSL to www.example.com on port 443.

Thu Jul 11 07:40:09 PM UTC 2024 - socat invocation to listen on local interface on some tcp port and tunnel via ssl to another host:port pair with forking

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment