Port Redirection

rinetd redirects TCP connections from one IP address and port to another, with basic IP-based access control.rinetd is a single-process server which handles any number of connections to the address/port pairs specified in the file /etc/rinetd.conf. Since rinetd runs as a single process using nonblocking I/O, it is able to redirect a large number of connections without a severe impact on the machine. This makes it practical to run services on machines inside an IP masquerading firewall.


apt-get install rinetd

Configure rinetd

The configuration file is located at /etc/rinetd.conf.

# forwarding rules come here
# you may specify allow and deny rules after a specific forwarding rule
# to apply to only that forwarding rule
# bindadress bindport connectaddress connectport

# logging information
logfile /var/log/rinetd.log

# uncomment the following line if you want web-server style logfile format
# logcommon

Config Example

Assume that you have a machine with the IP address which has been running Apache, and that you’d like to move that to the IP address

You’ve already updated DNS to point visitors to the new IP address, but you want to ensure that people connecting to the old IP still continue to receive service.

To handle this example you should update the /etc/rinetd.conf file to read:

# bindadress bindport connectaddress connectport 80 80 443 443

Once you restart rinetd all incoming connections on port 80 and 443 will be seamlessly redirected from the old IP to the new one — although you will need to restart rinetd after making the change to your configuration file.

sudo /etc/init.d/rinetd restart

Stopping internet redirection server: rinetd.
Starting internet redirection server: rinetd.

One more Example

Although responding on individual interfaces rather than on all interfaces is one of rinetd’s primary features, sometimes it is preferable to respond on all IP addresses that belong to the server. In this situation, the special IP address can be used. For example: 23 23

Would redirect all connections to port 23, for all IP addresses assigned to the server. This is the default behavior for most other programs.