...
Now the myself user will be able to bind to port 80.
Using xinetd
With modern Linux flavours, inetd has a newer, better big brother xinetd. I'm not going to get into detail about it, there are plenty of man pages etc out there.
But the point is that you can use xinetd to redirect network traffic, and all you need is a text editor.
xinetd is driven by text files. Now there's 2 ways to give xinetd instructions:
- Add a new service to etc/xinetd.conf
- Add a new file to the directory etc/xinetd.d
Take your pick, the format is the same, if you have a look at the file/directory, you will get the picture.
The following entry will redirect all inward tcp traffic on port 80 to port 8888 on the local machine. Of course you can
redirect to other machines for gimp proxying:
| Code Block |
|---|
service my_redirector
{
type = UNLISTED
disable = no
socket_type = stream
protocol = tcp
user = root
wait = no
port = 80
redirect = 127.0.0.1 8888
log_type = FILE /tmp/somefile.log
}
|
Points to Note
- Space on either side of the '=' or it is ignored.
type = UNLISTEDmeans that the name of the service does not have to be in/etc/services, but you have to specify port and protocol. If you want to do use an existing service name, e.g. http:
Have a browse in /etc/services and it will all become clear.Code Block service http { disable = no socket_type = stream user = root wait = no redirect = 127.0.0.1 8888 log_type = FILE /tmp/somefile.log }- Logging may present certain security problems, you might want to leave that out.
- RHEL5 for some reason doesn't contain xinetd by default for reasons best known to themselves. yum install xinetd will fix that.
Xinetd is a hugely powerful and configurable system so expect to do some reading.