Get APLawrence.com by RSS(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Home > Girish Venkatachalam > Socat relay for bidirectional data transfer between two independent data channel
Printer Friendly Version
SOCAT - The most comprehensive networking utility
Girish Venkatachalam
Girish Venkatachalam is a UNIX hacker with more than a decade of
networking and crypto programming experience.
His hobbies include yoga,cycling, cooking and he runs his own
business. Details here:
http://gayatri-hitech.com
http://spam-cheetah.com
I am a big fan of netcat known in short as just nc. It has helped me figure out whether a firewall is blocking a UDP or TCP port. It has taught me how to solve complex port forwarding scenarios and netcat has also helped me develop and debug socket programs whether written in C or perl or any other language.
netcat has been around for some years now and remained largely unknown and then one day socat came along and changed the scene completely.
With netcat you can only do so much. You can do TCP, UDP and UNIX domain sockets in client or server mode and is very handy for many tasks. It can do port scanning, sniffing and so on.
But then socat can do so much more. And what a tool?
netcat is good for its smallness and agility and lack of complexity. The learning curve is not steep either.
socat is comprehensive, cool and fantastic for what it can do.
For the uninitiated socat can even bewilder and make the head roll.
socat can setup a pipeline just like the UNIX command line pipe "|" except that with socat you setup a two way pipe. That is the beauty of socat.
With the UNIX command line you can only setup a one way pipe.
For instance, when you type:
$ ls -ltr | grep ^d | less
each command reads from the previous command. So less can read from grep but grep can never read from less.
Pipe is a unidirectional construct but with socat you can do bidirectional communication.
Most real life problems involve setting up a two way pipe. Full duplex.
socat saves your day.
For instance, I am faced with having to scan for viruses in my spam control product SpamCheetah and socat did something that no other tool could. In addition to scanning for virus on a pipe, I can do so much more like content inspection in a very loose sense, adding a trailer advertising my product and so on.
With plain socat itself I could remove the restriction of setting the mail server's default router as SpamCheetah - a restriction imposed by port forwarding that is done by the firewall at the kernel level.
But once you setup TCP proxying with socat your mail server can be across the world and you can still use the network level filter SpamCheetah.
In fact you don't have to change a single parameter in your mail server.
Ain't that cool?
For instance with a simple command line:
$ socat TCP-LISTEN:5000,fork TCP-CONNECT:23.3.4.45:25
what you are doing is actually setup a TCP relay between two sides and acting as an SMTP pass through proxy.
With UNIX pipes you can only do one way communication. With socat you can do two way.
Moreover with socat you can setup one way communication too.
You want to know more?
socat can talk READLINE, PTY, serial ports and so much more.
I tested whatever I wanted. I am able to benefit by its features since I have been tinkering with UNIX for more than a decade. But for beginners socat can be quite overwhelming.
It also comes with a bunch of switches with a garden variety of features that obviates the need for having any other utility.
For my virus scanning however I ended up having three instances of socat in place of one but I am yet to finish it. I know it will work. It is only a matter of working out the details.
For now I will say that the approach I arrived at is this:
$ socat TCP-LISTEN:5000 PIPE:/tmp/tomailserver $ socat PIPE:/tmp/tomailclient TCP-CONNECT:23.3.4.45:25 $ socat -u PIPE:/tmp/tomailclient PIPE:/tmp/tomailserver $ (My custom shell script to read attachments and scan for viruses from /tmp/tomailserver FIFO)
Suffice it to say that with this arrangement I can do whatever I can. I can inject or remove anything I want from an incoming mail.
Imagine what I would have done without socat!
If this page was useful to you, please click to help others find it:
Your +1's can help friends, contacts, and others on the web find the best stuff when they search.
Inexpensive and informative Apple related e-books:
Exploring & Customizing Snow Leopard
Making Music with GarageBand '06
iWeb '08
Take Control of iPhone Basics, iOS 4 Edition
Getting Started with DEVONthink 2
More Articles by Girish Venkatachalam
Have you tried Searching this site?
Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.
Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.
Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.
We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.
Click here to add your comments
Don't miss responses! Subscribe to Comments by RSS or by Email
Click here to add your comments
If you want a picture to show with your comment, go get a Gravatar