We use port redirection/proxy often on our platforms. In the production setup, separate (Linux-based) servers take care of this, but for our development and testing environment, we need port redirection for Windows system. I generally use 2 command-line packages:

  • stunnel.org: TCP proxy for adding or removing TLS (tunnel encryption aka SSL) from a stream
  • rinetd: plain TCP proxy for that accepts TCP connections and just transfers them to another TCP/IP address/port

    Typical use of stunnel:

  • adding TLS to a non-secure server (you will need a server certificate for this), HTTP to HTTPS, SMTP to SMTPS, POP3 to POP3S, FTP to FTPS, … stunnel -d smtps -r localhost:smtp
  • adding TLS to a non-secure client, e.g. a mail client without SMTPS
  • tunnel an existing non-TLS capable protocol through a TLS tunnel (e.g. DNS)

    Typical use of rinetd:

  • transfer a site on port 8080 to another IP address on port 80, to get rid of server:8080 side effects
  • transfer a port 88 to port 80, so you can have different Network Load Balancing policies on both ports, while they both run off the same site

    Claire Forlani
    Meanwhile on the other screen: Claire Forlani in ‘Meet Joe Black’. Mediocre movie, lousy acting by most of the crew, but mmmmm, that face.