udpxd/udpxd.1

.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.16)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is turned on, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.ie \nF \{\
.    de IX
.    tm Index:\\$1\t\\n%\t"\\$2"
..
.    nr % 0
.    rr F
.\}
.el \{\
.    de IX
..
.\}
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
.    \" fudge factors for nroff and troff
.if n \{\
.    ds #H 0
.    ds #V .8m
.    ds #F .3m
.    ds #[ \f1
.    ds #] \fP
.\}
.if t \{\
.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
.    ds #V .6m
.    ds #F 0
.    ds #[ \&
.    ds #] \&
.\}
.    \" simple accents for nroff and troff
.if n \{\
.    ds ' \&
.    ds ` \&
.    ds ^ \&
.    ds , \&
.    ds ~ ~
.    ds /
.\}
.if t \{\
.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
.    \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.    \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
.    \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
.    ds : e
.    ds 8 ss
.    ds o a
.    ds d- d\h'-1'\(ga
.    ds D- D\h'-1'\(hy
.    ds th \o'bp'
.    ds Th \o'LP'
.    ds ae ae
.    ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "UDPXD 1"
.TH UDPXD 1 "2015-2016-04-27" "perl v5.14.2" "User Contributed Perl Documentation"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
udpxd \- A general purpose UDP relay/port forwarder/proxy
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& Usage: udpxd [\-lbdfpvhV]
\&
\& Options:
\& \-\-listen     \-l <ip:port>     listen for incoming requests
\& \-\-bind       \-b <ip>          bind ip used for outgoing requests
\& \-\-to         \-t <ip:port>     destination to forward requests to
\& \-\-daemon     \-d               daemon mode, fork into background
\& \-\-pidfile    \-p <file>        pidfile, default: /var/run/udpxd.pid
\& \-\-user       \-u <user>        run as user (only in daemon mode)
\& \-\-chroot     \-c <path>        chroot to <path> (only in daemon mode)
\& \-\-help       \-h \-?            print help message
\& \-\-version    \-V               print program version
\& \-\-verbose    \-v               enable verbose logging
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
udpxd can be used to forward or proxy \s-1UDP\s0 client traffic
to another port on another system. It also supports binding
to a specific ip address which will be used as the source
for outgoing packets.
.PP
It listens on the ip address and port specified with \fB\-l\fR
and waits for incoming udp packets. If one arrives, it sends
it to the destination specified with \fB\-t\fR. Responses will
be sent back accordingly.
.PP
If \fB\-b\fR has not been specified, udpxd uses the operating
systems default (e.g. routing) as the source where it sends
requests packets out. If \fB\-b\fR has been specified, then it
binds to the given ip address and uses this as the source
address.
.PP
In any case, udpxd behaves like a proxy. The receiving end
(\fB\-t\fR) only sees the source ip address of the outgoing
interface of the system running udpxd or the address specified
with \fB\-b\fR.
.PP
The options \fB\-l\fR and \fB\-t\fR are mandatory.
.PP
If the option \fB\-d\fR has been specified, udpxd forks into
the background and becomes a daemon. It writes it pidfile to
\&\f(CW\*(C`/var/run/udpxd.pid\*(C'\fR, which can be changed with the \fB\-p\fR
option. If started as root, it also drops privileges to the
user \f(CW\*(C`nobody\*(C'\fR or the user specified with \fB\-u\fR and chroots
to \f(CW\*(C`/var/empty\*(C'\fR or the directory specified with \fB\-c\fR.
.PP
\&\fBCaution: if not running in daemon mode, udpxd does not drop
its privileges and will continue to run as root (if started as
root).\fR
.PP
Udpxd supports ip version 4 and 6, it doesn't support hostnames,
\&\fB\-l\fR, \fB\-t\fR and \fB\-b\fR must be ip addresses. In order to specify an ipv6
address and a port, use:
.PP
.Vb 1
\& \-l [::1]:53
.Ve
.PP
that is, surround the ipv6 address with brackets.
.PP
Port forwardings can be mixed:
.PP
.Vb 6
\& listen | forward to
\& \-\-\-\-\-\-\-+\-\-\-\-\-\-\-\-\-\-\-
\& ipv4   | ipv4
\& ipv6   | ipv4
\& ipv4   | ipv6
\& ipv6   | ipv6
.Ve
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Let's say you operate a multihomed unix system named 'foo'
with two interfaces: eth0 on the inside, eth1 on the outside:
.PP
.Vb 3
\& foo:
\&  eth0: 192.168.1.1
\&  eth1: 10.0.0.1
.Ve
.PP
And let's say, you have a client in network 10.0.0.0/24 who whiches to reach
an ntp server in network 192.168.1.0/24; and you dont operate a
firewall, nat or routing on 'foo'. Run udpxd like this:
.PP
.Vb 1
\& udpxd \-l 10.0.0.1:123 \-t 192.168.1.199:123
.Ve
.PP
Now, if a client with the source ip address 10.0.0.110 sends
a ntp request to 10.0.0.1:123, udpxd will forward that
packet to 192.168.1.199:123 with the source ip address
192.168.1.1 (because this is where the route points to: eth0).
Responses from the ntp server will reach udpxd, which in turn
sends them back to the client, where they arrive with the source
address (and port) where udpxd is listening.
.PP
As you can see, udpxd can be used to implement hiding nat for
udp services in user space.
.PP
Another example would be, if 'foo' has multiple ip addresses
on eth0 (aliases) and you don't want to use the primary address
of the interface for outgoing packets.
.PP
.Vb 3
\& foo, again:
\&  eth0: 192.168.1.1,192.168.1.45
\&  eth0: 10.0.0.1
.Ve
.PP
In order to use 192.168.1.45 as the source ip address, use the
\&\fB\-b\fR parameter:
.PP
.Vb 1
\&  udpxd \-l 10.0.0.1:123 \-t 192.168.1.199:123 \-b 192.168.1.45
.Ve
.PP
In this case for the client everything looks as before, but the
ntp server on the other end will see ntp requests coming from
192.168.1.45 instead.
.PP
Here we listen on the ip v6 loopback address and forward traffic
to another ip v6 destination address:
.PP
.Vb 1
\& udpxd \-l [::1]:53 \-t [2001:4860:4860::8888]:53
.Ve
.PP
Or, we could listen on an ip v4 address and forward to an ip v6
address:
.PP
.Vb 1
\& udpxd \-l 192.168.1.1:53 \-t [2001:4860:4860::8888]:53
.Ve
.SH "FILES"
.IX Header "FILES"
\&\fB/var/run/udpxd.pid\fR: created if running in daemon mode (\fB\-d\fR).
.SH "BUGS"
.IX Header "BUGS"
In order to report a bug, unexpected behavior, feature requests
or to submit a patch, please open an issue on github:
<https://github.com/TLINDEN/udpxd/issues>.
.SH "LICENSE"
.IX Header "LICENSE"
This software is licensed under the \s-1GNU\s0 \s-1GENERAL\s0 \s-1PUBLIC\s0 \s-1LICENSE\s0 version 3.
.PP
Copyright (c) 2015-2016 by T. v. Dein.
.PP
This software uses \fButhash\fR (bundled), which is
Copyright (c) 2003\-2013 by Troy D. Hanson.
.SH "AUTHORS"
.IX Header "AUTHORS"
T.v.Dein \fBtom \s-1AT\s0 vondein \s-1DOT\s0 org\fR