Proxy a TCP connection
Eugene Grosbein
eugen at grosbein.net
Sat May 19 17:50:16 UTC 2018
20.05.2018 0:26, Andrea Venturoli wrote:
>> Additional advantage of this approach is that
>> internal hosts will see real public IP address of connecting external host
>> instead of your own.
>
> This is exactly what I don't want, as, unfortunately, we have some devices which will refuse connections unless they come from their own subnet.
I'm fine with net/bounce for cases like yours. It does not have any docs but works just fine.
Use: bounce [-a localaddr | -b localaddr] [-d] [-q] [-p localport] [-t timer] machine port
-a specifies listening IP address (or all, if the switch is not used)
-p is for listening port, if differs from target one
-b specifies IP address to bind to when connecting as client to target machine:port (or let system choose one)
-d should be used when "machine" is FQDN to resolve it each time new connection is forwarded (or at start only by default)
-q to supress syslogging for each forwarded connection
-t to establish limit for connection life time, in seconds
More information about the freebsd-net
mailing list