Port mirroring as a Windows service

windows-server-2008 port-forwarding xmpp

Is anyone familiar with a port mirroring or port translation tool for Windows (2k8 if it makes a difference)? I have an installation of Openfire that needs to run over 443, however, it doesn't support client connections on that port (currently is on port 5222). Currently the firewall is handling this port translation, however, this doesn't work for internal users as DNS is pointed to a local address and not the firewall.


You could use rinetd which is a similar solution to that of the other answers, or you could run Openfire as an administrator which will allow it to listen on ports <1024, such as 443, without any port mirroring.


I am not sure if this works using the same local IP address as remote adress, but you could try this free tool: RelayTCP

RelayTCP allows to redirect TCP/IP connections from a local port to a remote IP and port.

There is two versions of the software:

  • RelayTCP command line: is a command line executable to make one socket redirection.
  • RelayTCP service: is a NT service that allows make multiple redirections.

If you don't mind having your XMPP sessions encrypted (and why would you?!) you should be able to use stunnel to proxy between the two ports.

There are Windows binaries available, although I don't know if it can run as a service "out of the box".


You could try socat under cygwin, it is a "swiss army knife" like netcat, but works for bidrectional connections:

http://www.dest-unreach.org/socat/

one example from the man-page:

socat -d -d -lmlocal2 \
TCP4-LISTEN:80,bind=myaddr1,su=nobody,fork,range=10.0.0.0/8,reuseaddr \
TCP4:www.domain.org:80,bind=myaddr2

TCP port forwarder, each side bound to another local IP address (bind). This example handles an almost arbitrary number of parallel or consecutive connections by fork'ing a new process after each accept() . It provides a little security by su'ing to user nobody after forking; it only permits connections from the private 10 network (range); due to reuseaddr, it allows immediate restart after master process's termination, even if some child sockets are not completely shut down. With -lmlocal2, socat logs to stderr until successfully reaching the accept loop. Further logging is directed to syslog with facility local2.

Related

Which kernel parameters should be adjusted to fix RX overruns?
Client sends RST after FIN,ACK
How to make VPN connections to different networks which have the same CIDR?
Poor guest I/O performance KVM Ubuntu 12.04
Zabbix Trigger Hysteresis - Incorrect trigger expression
placeholder for later username in /etc/skel
LImiting overall memory usage for child processes
Gzip pre-compression
Outlook Anywhere asking for password
NexentaStor vs FreeNAS
AWS: How to redirect HTTP to HTTPS on App Load Balancer?
mysql - grant create AND all privileges on user own database