Its often really useful to be able to forward network traffic from one host to another. Possible applications include:
- Bouncing traffic via a trusted host in order to get through a firewall.
- Directing web users to an alternative server while performing maintenace on another.
There are a few ways to acheive this:
Redir redirects tcp connections coming in to a local port to a specified address/port combination. It may be run either from inetd or as a standalone daemon. It can do more complex tasks, such as redirecting ftp sessions, basic bandwidth limiting, and tcp-wrappers support - but a simple example would be:
# Forward web traffic on webserver1 (10.0.0.1) to the
proxy server on webserver2 (10.0.0.2)
redir --lport=80 --laddr=10.0.0.1 --cport=8080 --caddr=10.0.0.2
Another method would be use Rinetd. Rinetd is a single-process server for either Linux or Microsoft Windows. It can handles any number of connections to the address/port pairs specified in the file /etc/rinetd.conf. Rinetd isn't as feature packed as redir, but it is a little simpler to use, particular if you're interested in limiting access to the redirection. Read the manpage before using the access rules though. The ordering of directives is important, and it does come with a significant performance hit.
[[email protected]]# cat /etc/rinetd.conf
Forward web traffic from hosts from 10.0.0.*
to webserver1 (10.0.0.1) to the proxy server on
10.0.0.1 80 10.0.0.2 8080
Alternatively, if you only need to redirect traffic to another port on the same server, then you could simply use iptables, saving you a download. You'll obviously need the required kernel modules, etc - but RHEL has everything you need out-of-the-box.
# Redirect incoming web requests to squid proxy
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080