Proxyify application that does not support proxy

I have a legacy application that needs to connect over a proxy such as squid or HAProxy to a service on the internet. In other words I want to use netcat (nc) or something similar to proxy traffic through a proxy using the proxy protocol (or CONNECT method).

I call this how to proxify an application. It can be done using socat.

Lets say I have an application that needs to send mail over a port that is open on a proxy (port TCP 23) but my legacy application (in this case telnet) does not understand how to talk through a proxy.

The below socat command will listen on TCP port 2023, any connection to localhost:2023 will make socat send the CONNECT method to to the proxy my-proxy.local:3128 and send all data over the tunnel to on port 23.

socat TCP4-LISTEN:2023,reuseaddr,fork,proxyport=3128

So now I can use telnet via the proxy to talk to the SMTP server (via the proxy).

brent@DESKTOP:$ telnet 2023
Connected to
Escape character is '^]'.

socat tips

Address already in use

Sometimes you will get the “Address already in use” error. This will happen because the linger time has not expired from the last socket bind, and that can be observed below:

After exiting the socat listen we run it again, netstat shows that bind in TIME_WAIT mode, subsequent bind to this address will fail until linger time has expired. This can be worked around by including the resuseaddr option which will bind with the SO_REUSEADDR. Here is a great stackoverflow explanation.

brent@ubuntu:~$ socat TCP4-LISTEN:2023,fork, STDOUT
^Cbrent@ubuntu:~$ socat TCP4-LISTEN:2023,fork, STDOUT
2022/01/23 09:03:51 socat[3989] E bind(5, {AF=2}, 16): Address already in use
brent@ubuntu:~$ netstat -an | grep TIME_WAIT
tcp        0      0         TIME_WAIT
socat TCP4-LISTEN:2023,reuseaddr,fork,proxyport=3128


comments powered by Disqus