Reading time: 11 – 18 minutes
Assume that we have a service only available in localhost (127.0.0.1/8) and we want to expose this port temporarily. Of course, you can use iptables for redirecting the port. But take care, this is not a simple DNAT because packets will not be evaluated by PREROUTING (-t nat) rules.
Another option is using an old-powerful Swiss knife tool: socat (github).
# binds public port to any local interface socat TCP-LISTEN:<public_port>,fork TCP:127.0.0.1:<internal_port> # binds only to an IP address SOCAT_SOCKADDR=<interface_IP> socat TCP-LISTEN:<public_port>,fork TCP:127.0.0.1:<internal_port> # examples: # binds to all interfaces: socat TCP-LISTEN:1880,fork TCP:127.0.0.1:1880 # just for an IP address of one interface: SOCAT_SOCKADDR=10.2.0.110 socat TCP-LISTEN:1880,fork TCP:127.0.0.1:1880