Can --transproxy work with --ftp?

/usr/bin/redir -nsp -I ftp21p --ftp=both :21 192.168.1.1:2100
ftp21p[27900]: Failed binding to outbound address: Cannot assign requested address

Without the -p it works as intended.

How to cancel port forwarding?

trying to redirect ssh service to port 2222

usage text:

Usage: redir [-hinspv] [-b IP]  [-f TYPE] [-I NAME] [-l LEVEL] [-t SEC]
                       [-x STR] [-m BPS] [-o FLAG] [-w MSEC] [-z BYTES]
                       [SRC]:PORT [DST]:PORT

so src should come first, followed by dst, and the ips are optional

# redir :22 :2222
# echo $?
0
# pgrep redir
#

no output, success exit status, but nothing running.

next try:

# redir -n :22 :2222
redir[12124]: Failed binding server socket: Address in use
#

ah, that's better. at least we got a clue.

# redir -n :2222 :22

finally works, but the src and dst are reversed.

Hi,

I tried using redir for a specific port and after using the command it says:
Failed binding server socket: Cannot assign requested address
Is there a package that I forgot to install?

I used the command
redir --laddr=127.0.0.1 --lport=6901 --caddr=35.187.226.20 --cport=6901

Regards

"--disable-shaper" in readme is wrong, should be "--disable-shaping"

It happens on CentOS 6 - nvm, probably bad configuration, loop.

On centos 7 spawns 2 more processes.

So apparently it spawns a new process for each connection. Anyway to have those as threads as opposed to new processes?

is there any way to make server detect real ip of client while port forwarding?

I often noticed there are remaining processes that become deamons at the event the terminal window lost connexion. I think it was never the case in the earlier versions of redir (not sure about this)

case:

• you get redir active on some port
• you brutally close the connection ( laptop to sleep, close the term window)

would it be possible to listen to signal() & avoid that kind of situation?

impossible to make it work in Amazon EC2.

As you might know, in AWS there is a local private IP (ie 10.0.0.x) mapped (routed) to a public IP.
I tried with --laddr providing local private IP
I tried --bind with public IP
I obvisouly opened the port in Security Group

It never receives the connection

how to stop redir?

The INFO message on redirect:

redir[25398]: Connecting IP:port to IP:port

Contains the same IP in both fields due to the use of the inet_ntoa call being used twice in the same message. Since the return is a pointer to a internal string buffer, it always uses the same thing for both fields.

how to delete port forwarding rules?

I found a bof in doproxyconnect() function:

void doproxyconnect(int socket)
{
	int x;
	char buf[128];

	/* write CONNECT string to proxy */
	sprintf((char *)&buf, "CONNECT %s HTTP/1.0\n\n", connect_str);
	...
}

We should use snprintf() instead of sprintf().

More:

0x555555558912 <client_accept+594> call doproxyconnect <0x555555558370>
rdi: 0x6

In file: /home/h4niz/Downloads/redir-master/redir.c
868 if (connect_str)
► 869 doproxyconnect(sd);

pwndbg> ni
*** stack smashing detected ***: terminated

Hello, is there any option for SSL similar to how socat can pass certs?

socat TCP4-LISTEN:26714,fork OPENSSL:123.123.2.1:26714,cert=//tmp/cs44.pem,method=TLS1.2,verify=0

Thanks.

I try to redirector in SSL，but i can't do it，redir can run in SSL or not ？If it can, can you demo with me？ thank you !

Option --foreground cannot be used as an alternative to -n because it is not recognized:

$ redir --foreground
redir: unrecognized option '--foreground'

Usage: redir [-hinspv] ...

$ redir -v
3.2

Can multiple ports redirection be accomplished with redir?

It can be something like:
redir --laddr=8.0.8.0 --lport=80,443 --caddr=10.0.3.69 --cport=80,443

or maybe:

redir --laddr=8.0.8.0 --lport=80 --lport=443 --caddr=10.0.3.69 --cport=80 --cport=443

Hello, all in the title,
is redir compatible to ipv6 , yes we are using port forwarding on ipv6 :)
regards

Hi there! Would it be possible for redir to also forward user connection IP? At current state, if I, as an example, setup redir on machine A with IP 2.2.2.2 to machine B, all incoming connections will be recognized as 2.2.2.2 instead of real user IP.

Thanks!

Sorry if out of scope, but is there any suggestion on how to check the state of port redirection? e.g. given an incoming port, could I determine if/where it's redirected to (with redir or any other tool).

Let's say I have two interfaces, eth0 (192.168.1.40), eth1 (192.168.2.50)
A web server is running on port 80 of eth1.

Can redir redirect the 2.50:80 to 1:40:80?

I did $ sudo redir -n 192.168.2.50:80 192.168.1.40:80
redir[28285]: Failed binding server socket: Cannot assign requested address

Built redir, but it doesn't start:

How to install redir in centos7

this program traditionally was a tiny helper program and simple in the unix sense of "do one thing and do it well", so it just did the work and behaved like unix programs usually do: i.e. it stays in the foreground and prints errors to stderr and other stuff to stdout.
you've changed that to daemonize by default and log to syslog by default, which violates the principle of least surprise a lot. as noted in #1 if you make a mistake in the syntax or some other error happens, by default you dont get any output - it just seems to the user that the program doesn't work. if you really want to keep these features in redir, you should at least make them optional. currently, i am not really happy about how this fork behaves and consider switching back to the original.

I am using the software on debian and I have forwarded to multiple ports, but when I use the v2ray server at the same time, I find that the local side informs me that there is a problem with the proxy server, all my firewalls have been turned off and the v2ray run logs do not report any errors, I would like to ask what I need to do to use this software together with v2ray
Thank you

hello, why choosing to log to stderr?

I wanted to tee the logs, and I am forced to write this:

redir --lport=XXX --laddr=$ME --cport=XXX --caddr=$target -l info 2>&1 | tee /var/log/redir-`date +%Y-%m-%d-%H%m%S`.log

the trick is " 2>&1 ".
It works, but it is far from perfect for use (you can lose the log depending on what happens to the console)

Why not directly logging to STDOUT as usual?

Best, I would love to be able to log to /var/log, in a separate file, with a format like info level, improved with the timestamp and the PEER IP
ie

timestamp: Connecting PEER:port => TARGET:port

Hi there,

I might use the --bind option in an inappropriate way, but from the manual I understand that you can ensure that bind is listening on a given interface by specifying --bind=X.X.X.X where X.X.X.X is the ip from which you want to receive the incoming connections.

However, when I do

redir --bind=X.X.X.X :1234 localhost 1234

redir seems to listen on any interfaces (netstat list redir with 0.0.0.0:1234 local address), wheras if I do

redir X.X.X.X:1234 localhost 1234

redir seems to listen on X.X.X.X only (netstat list redir with X.X.X.X:1234 local address)

It seems that:

1. bind option does not work properly
2. the bind effect can be obtained by specifying the listening address (without bind option)

Thanks for this very useful piece of software anyway !

Noticed that the original binary is in homebrew but your updated version is not.

✗ brew info redir
redir: stable 2.2.1-9 (bottled)
Port redirector
http://sammy.net/~sammy/hacks/
Not installed
From: https://github.com/Homebrew/homebrew-core/blob/master/Formula/redir.rb
==> Analytics
install: 20 (30 days), 38 (90 days), 158 (365 days)
install_on_request: 20 (30 days), 38 (90 days), 157 (365 days)
build_error: 0 (30 days)

Would be nice to have the latest binary installable using brew.

https://github.com/Homebrew/homebrew-core/blob/master/Formula/redir.rb

@lucaskanashiro reports Debian bug 870064:

Dear Maintainer,

specifying a port as a name from /etc/services does not work in Stretch version anymore.

In Jessie it was working fine.

Sample:
/etc/services contains
minecraft	10001/tcp			# Minecraft Server
minecraft	10001/udp			# Minecraft Server

redir ... --lport=minecraft ...
was working in Jessie but does not work in stretch

redir ... --lport=10001 ...
also works fine in Stretch

I suppose deactivating support for service names was not intended.

Best regards
Marko

hello is there any yum repo for this? How do I install redir on fedora/centos/rhel?

Hello, I try with full new installed Ubuntu 20 TLS but still no luck.
I get that error;
Failed connecting to target 127.0.0.1: Connection refused

I tried them;
redir :1019 127.0.0.1:80
redir --lport=1019 --caddr=127.0.0.1
redir --lport=1019 --caddr=127.0.0.1 --cport=80
redir --lport=1019 --caddr=127.0.0.1 --cport=8080

I don't understand. Why should be?

By the way I am trying to connect from my local macOS with Firefox proxy settings: 192.168.0.19 Port: 1019

Version - Git clone of 30 Sept 2021
Command line
./redir -n :3306 "uk-stats.cluster-ckf8f623clex.eu-west-2.rds.amazonaws.com":3306

Output
redir[20091]: Unknown host uk-stats.cluster-ckf8f623clex.eu-west-2.rds.a

The source and destination addresses seem to be assumed to be IP addresses with a max length of an IPv6 address, INET6_ADDRESTLEN, at line 281 of redir.c.

	extern int optind;
	int opt, compat = 0;
	char src[INET6_ADDRSTRLEN] = "", dst[INET6_ADDRSTRLEN] = "";
#ifndef NO_FTP
	char *ftp_type = NULL;
#define FTP_OPTS "f"

This is not a safe assumption when hostnames are being used instead of IP addresses.

If I test with, say, 256 chars for the src and dst name buffer then redir works as expected.
char src[256] = "", dst[256] = "";