Matt Ryall

Tech & opinion since 2002

UDP port forwarding with socat

This morning I was trying to do what should be a trivial operation with any modern operating system: forward traffic destined for a UDP port on my machine to a different port on the same machine. Specifically, I wanted to redirect SNMP traffic coming in to UDP port 161 over to UDP port 10161 so a user program could receive the packets.

My first feeble attempts to achieve this with netcat (or nc) met with failure, when the sending netcat process terminated after processing the first UDP datagram:

# This processes one packet then dies :-(
$ sudo nc -u -l 161 | nc -k -u localhost 10161

Perhaps there’s some way to get the second process not to die when it receives the data, but I couldn’t see how to do it.

The second approach I tried was using my Mac’s firewall tool, ipfw. This is the BSD industrial-strength firewall tool and should definitely be up to the task.

You need to enable the firewall via System Preferences, Security, then add the rule via ipfw. Here’s the rule I added:

# This logs that it is redirecting traffic but doesn't seem to do it
$ sudo ipfw add fwd localhost,10161 log udp from any to any dst-port 161 in

Again, this seems like it should work, the system logs indicated it was working, but no data arrived on port 10161 when I configured the listening process. Here are the configured rules listed by ipfw:

$ sudo ipfw list
00100 fwd 127.0.0.1,10161 log udp from any to any dst-port 161 in
65535 allow ip from any to any

Solution

After all these false starts, my actual solution was to install and use socat, a multi-purpose networking relay tool. Here’s the relevant command:

$ sudo socat UDP4-RECVFROM:161,fork UDP4-SENDTO:localhost:10161

Running this in the background redirects all the traffic from UDP port 161 to port 10161 on the localhost loopback interface. I also ended up redirecting stderr to /dev/null/ to avoid useless errors when the listening process on port 10161 wasn’t running.

If you know a way to get the same thing working with either of the tools above, please let me know. I’d be glad to have it posted here for posterity.

Update 15 November: UDP4-RECVFROM and UDP4-SENDTO are better options for use with an unreliable receiving server.

Portrait of Matt Ryall

About Matt

I’m a technology nerd, husband and father of four, living in beautiful Sydney, Australia.

My passion is building software products that make the world a better place. For the last 15 years, I’ve led product teams at Atlassian to create collaboration tools.

I'm also a startup advisor and investor, with an interest in advancing the Australian space industry. You can read more about my work on my LinkedIn profile.

To contact me, please send an email or reply on Twitter.

© 2023 Matt Ryall
Back to top