Date: Fri, 22 Jan 2010 12:01:38 -0800 From: Chris Peiffer <bsdlists@cabstand.com> To: freebsd-questions@freebsd.org Subject: ISO simple non-forking TCP connection forward/balance tool Message-ID: <20100122200138.GA19469@cabstand.com>
next in thread | raw e-mail | index | archive | help
I'm looking for a simple program I can use to forward incoming TCP connections to several other addr:port pairs. (including one on the machine itself.) Holding the connections open and passing the data back and forth until both parties close their ends. I need a solution that doesn't fork. One way to do it is just fork ad-hoc netcat pipes with inetd, but I'm trying to avoid the process overhead. An ssh tunnel is another option, but the crypto involves too much cpu overhead. I've investigaged ipnat rdr rules, but ipnat seems like it's too low-level, it wants to divert the packet directly w/o rewriting the "from" addr. This means that the return packet is a mismatch unless I make the machine running the forwarder into the router. I found a simple program called "balance" floating around out there, but unfortunately it uses an extremely naive fork-after-accept method that results in the same process overhead. Is there a simple kq-driven tcp forwarder out there? Is there a pure-TCP forwarding module for lighttpd? (or some other single-threaded app server?) Or is there a good way to do it in the kernel that I'm missing, and can someone direct me to an ipnat ruleset that creates new connections, so the TCP forwarding machine doesn't also need to be a router? Thanks very much for your help.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100122200138.GA19469>