Port redirection under Windows

When you want to forward a port, there are several possibilities from iptables to SSH. However I needed a low-latency link with no encryption or compression (because the protocol running over it was encrypted and double-encryption just slows things down without any substantial benefit in this case). My first idea was to chain two Netcat instances together like this:

nc -L -p [new port] -e "nc.exe [other host] [old port]"

(In this context means to listen on all the interfaces, because Netcat defaults to the safe thing to do and listens only on the localhost interface – of course if you have a multi-home situation you can put a given interface there to listen only on that)

However this didn’t seem to work, and netcat kept erroring out on me with "invalid connection". Then a little searching turned up this blog post from 2004: Port redirection in Windows and two tool recomendations: stunnel for tunneling TCP streams over SSL (I didn’t try this, but probably is useful when you can’t use SSH – you don’t have a SSH account or a SSH server on one or both of the machines) and rinetd. This was exactly what I needed. To run it, create a configuration file (lets say "rinetd.conf") with the following content (to get the equivalent result to the netcat version): [new port] [other host] [old port]

Then run rinetd -c rinetd.conf The software has other useful features like logging, allow and deny rules and so on and it comes with source code :-).

2 responses to “Port redirection under Windows”

  1. Hi and thanks for this article.
    Will rinetd actually mirror the data stream?
    What I’m trying to achieve:

    – computer (192.168.x.x) receives audio stream via dsl connection and must process this and send audio out of soundcard.

    – I would like to mirror this tcpip stream and send it back out to content provider (217.x.x.x).

    Will this work?

    Many thanks in advance!

  2. @Anonymous: unfortunately no. Using it would mean the same thing as connecting twice to the source, which would mean using the double bandwidth.

Leave a Reply

Your email address will not be published. Required fields are marked *