New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Any socat users?
Basically my question is the same as this: http://superuser.com/questions/168452/remote-listening-of-unix-sockets and the answer is fine.
However, I'm wondering if socat has the option to whitelist some IPs on the TCP end of things, as I just want the TCP listener to accept input from a handful of IPs.
Comments
I've just went and used iptables instead which is probably more sensible, though just looking to whitelist a handful of IPs rather than one.
iptables -I INPUT -p tcp ! -s remoteip --dport 12300 -j DROP
socat TCP-LISTEN:12300,fork UNIX-CONNECT:/home/tmp/search.sock
you can create your own chain, direct packets with --dort 12300 to it, allow several ips and then drop everything.
yep, that's what I ended up with after a bit of Googling
iptables -N domhuff
iptables -A domhuff -p tcp -s ip1 --dport 12300 -j ACCEPT
iptables -A domhuff -p tcp -s ip2 --dport 12300 -j ACCEPT
iptables -A domhuff -p tcp -s ip3 --dport 12300 -j ACCEPT
iptables -A domhuff -j DROP
iptables -I INPUT -m tcp -p tcp --dport 12300 -j domhuff