mirror of
https://repo.or.cz/socat.git
synced 2025-01-09 22:42:33 +00:00
2687 lines
182 KiB
HTML
2687 lines
182 KiB
HTML
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<html><head><title>socat</title>
|
||
|
|
||
|
<link rev="made" href="mailto:socat@dest-unreach.org">
|
||
|
</head>
|
||
|
<body>
|
||
|
|
||
|
<hr>
|
||
|
|
||
|
<h1>socat</h1>
|
||
|
<h2>socat</h2>
|
||
|
<h2>March 2007</h2>
|
||
|
|
||
|
|
||
|
|
||
|
<p>
|
||
|
<a name="CONTENTS"></a>
|
||
|
<h2>CONTENTS</h2>
|
||
|
|
||
|
<a href="socat.html#NAME">NAME</a><br>
|
||
|
<a href="socat.html#SYNOPSIS">SYNOPSIS</a><br>
|
||
|
<a href="socat.html#DESCRIPTION">DESCRIPTION</a><br>
|
||
|
<a href="socat.html#OPTIONS">OPTIONS</a><br>
|
||
|
<a href="socat.html#ADDRESS_SPECIFICATIONS">ADDRESS SPECIFICATIONS</a><br>
|
||
|
<a href="socat.html#ADDRESS_TYPES">ADDRESS TYPES</a><br>
|
||
|
<a href="socat.html#ADDRESS_OPTIONS">ADDRESS OPTIONS</a><br>
|
||
|
<a href="socat.html#VALUES">DATA VALUES</a><br>
|
||
|
<a href="socat.html#EXAMPLES">EXAMPLES</a><br>
|
||
|
<a href="socat.html#DIAGNOSTICS">DIAGNOSTICS</a><br>
|
||
|
<a href="socat.html#FILES">FILES</a><br>
|
||
|
<a href="socat.html#ENVIRONMENT_VARIABLES">ENVIRONMENT VARIABLES</a><br>
|
||
|
<a href="socat.html#CREDITS">CREDITS</a><br>
|
||
|
<a href="socat.html#VERSION">VERSION</a><br>
|
||
|
<a href="socat.html#BUGS">BUGS</a><br>
|
||
|
<a href="socat.html#SEEALSO">SEE ALSO</a><br>
|
||
|
<p><a name="NAME"></a>
|
||
|
<h2>NAME</h2>
|
||
|
socat - Multipurpose relay (SOcket CAT)
|
||
|
<p><a name="SYNOPSIS"></a>
|
||
|
<h2>SYNOPSIS</h2>
|
||
|
|
||
|
<code>socat [options] <address> <address></code><br>
|
||
|
<code>socat -V</code><br>
|
||
|
<code>socat -h[h[h]] | -?[?[?]]</code><br>
|
||
|
<code>filan</code><br>
|
||
|
<code>procan</code>
|
||
|
<p><a name="DESCRIPTION"></a>
|
||
|
<h2>DESCRIPTION</h2>
|
||
|
|
||
|
<p><strong>Socat</strong> is a command line based utility that establishes two bidirectional byte
|
||
|
streams and transfers data between them. Because the streams can be constructed
|
||
|
from a large set of different types of data sinks and sources
|
||
|
(see <a href="socat.html#ADDRESS_TYPES">address types</a>), and because lots of
|
||
|
<a href="socat.html#ADDRESS_OPTIONS">address options</a> may be applied to the streams, socat can
|
||
|
be used for many different purposes.
|
||
|
It might be one of the tools that one `has already needed'.
|
||
|
<p><strong>Filan</strong> is a utility that prints information about its active file
|
||
|
descriptors to stdout. It has been written for debugging <strong>socat</strong>, but might be
|
||
|
useful for other purposes too. Use the -h option to find more infos.
|
||
|
<p><strong>Procan</strong> is a utility that prints information about process parameters to
|
||
|
stdout. It has been written to better understand
|
||
|
some UNIX process properties and for debugging <strong>socat</strong>, but might be
|
||
|
useful for other purposes too.
|
||
|
<p>The life cycle of a <strong>socat</strong> instance typically consists of four phases.
|
||
|
<p>In the <em>init</em> phase, the command line options are parsed and logging is
|
||
|
initialized.
|
||
|
<p>During the <em>open</em> phase, <strong>socat</strong> opens the first address and afterwards the
|
||
|
second address. These steps are usually blocking; thus, especially for complex address types like socks,
|
||
|
connection requests or authentication dialogs must be completed before the next
|
||
|
step is started.
|
||
|
<p>In the <em>transfer</em> phase, <strong>socat</strong> watches both streams' read and write file
|
||
|
descriptors via <code>select()</code>, and, when data is available on one side <em>and</em>
|
||
|
can be written to the other side, socat reads it, performs newline
|
||
|
character conversions if required, and writes the data to the write file
|
||
|
descriptor of the other stream, then continues waiting for more data in both
|
||
|
directions.
|
||
|
<p>When one of the streams effectively reaches EOF, the <em>closing</em> phase
|
||
|
begins. <strong>Socat</strong> transfers the EOF condition to the other stream,
|
||
|
i.e. tries to shutdown only its write stream, giving it a chance to
|
||
|
terminate gracefully. For a defined time <strong>socat</strong> continues to transfer data in
|
||
|
the other direction, but then closes all remaining channels and terminates.
|
||
|
<p><a name="OPTIONS"></a>
|
||
|
<h2>OPTIONS</h2>
|
||
|
|
||
|
<p><strong>Socat</strong> provides some command line options that modify the behaviour of the
|
||
|
program. They have nothing to do with so called
|
||
|
<a href="socat.html#ADDRESS_OPTIONS">address options</a> that are used as parts of <a href="socat.html#ADDRESS_SPECIFICATIONS">address specifications</a>.
|
||
|
<p><dl>
|
||
|
<p></p><dt><strong><strong><code>-V</code></strong></strong><dd>
|
||
|
Print version and available feature information to stdout, and exit.
|
||
|
<p></p><dt><strong><strong><code>-h | -?</code></strong></strong><dd>
|
||
|
Print a help text to stdout describing command line options and available address
|
||
|
types, and exit.
|
||
|
<p></p><dt><strong><strong><code>-hh | -??</code></strong></strong><dd>
|
||
|
Like -h, plus a list of the short names of all available address options. Some options are
|
||
|
platform dependend, so this output is helpful for checking the particular
|
||
|
implementation.
|
||
|
<p></p><dt><strong><strong><code>-hhh | -???</code></strong></strong><dd>
|
||
|
Like -hh, plus a list of all available address option names.
|
||
|
<a name="option_d"></a><p></p><dt><strong><strong><code>-d</code></strong></strong><dd>
|
||
|
Without this option, only fatal and error messages are generated; applying
|
||
|
this option also prints warning messages. See <a href="socat.html#DIAGNOSTICS">DIAGNOSTICS</a>
|
||
|
for more information.
|
||
|
<a name="option_d_d"></a><p></p><dt><strong><strong><code>-d -d</code></strong></strong><dd> Prints fatal, error, warning, and notice messages.
|
||
|
<p></p><dt><strong><strong><code>-d -d -d</code></strong></strong><dd> Prints fatal, error, warning, notice, and info messages.
|
||
|
<p></p><dt><strong><strong><code>-d -d -d -d</code></strong></strong><dd> Prints fatal, error, warning, notice, info, and debug
|
||
|
messages.
|
||
|
<p></p><dt><strong><strong><code>-D</code></strong></strong><dd>
|
||
|
Logs information about file descriptors before starting the transfer phase.
|
||
|
<p></p><dt><strong><strong><code>-ly[<facility>]</code></strong></strong><dd>
|
||
|
Writes messages to syslog instead of stderr; severity as defined with -d
|
||
|
option. With optional <a href="socat.html#TYPE_FACILITY"><facility></a>, the syslog type can
|
||
|
be selected, default is "daemon".
|
||
|
<p></p><dt><strong><strong><code>-lf</code></strong><code> <logfile></code></strong><dd>
|
||
|
Writes messages to <logfile> [<a href="socat.html#TYPE_FILENAME">filename</a>] instead of
|
||
|
stderr.
|
||
|
<p></p><dt><strong><strong><code>-ls</code></strong></strong><dd>
|
||
|
Writes messages to stderr (this is the default).
|
||
|
<a name="option_lp"></a><p></p><dt><strong><strong><code>-lp</code></strong><code><progname></code></strong><dd>
|
||
|
Overrides the program name printed in error messages.
|
||
|
<p></p><dt><strong><strong><code>-lu</code></strong></strong><dd>
|
||
|
Extends the timestamp of error messages to microsecond resolution. Does not
|
||
|
work when logging to syslog.
|
||
|
<a name="option_lm"></a><p></p><dt><strong><strong><code>-lm[<facility>]</code></strong></strong><dd>
|
||
|
Mixed log mode. During startup messages are printed to stderr; when <strong>socat</strong>
|
||
|
starts the transfer phase loop or daemon mode (i.e. after opening all
|
||
|
streams and before starting data transfer, or, with listening sockets with
|
||
|
fork option, before the first accept call), it switches logging to syslog.
|
||
|
With optional <a href="socat.html#TYPE_FACILITY"><facility></a>, the syslog type can be
|
||
|
selected, default is "daemon".
|
||
|
<a name="option_lh"></a><p></p><dt><strong><strong><code>-lh</code></strong></strong><dd>
|
||
|
Adds hostname to log messages. Uses the value from environment variable
|
||
|
HOSTNAME or the value retrieved with <code>uname()</code> if HOSTNAME is not set.
|
||
|
<p></p><dt><strong><strong><code>-v</code></strong></strong><dd>
|
||
|
Writes the transferred data not only to their target streams, but also to
|
||
|
stderr. The output format is text with some conversions for readability, and
|
||
|
prefixed with "> " or "< " indicating flow directions.
|
||
|
<p></p><dt><strong><strong><code>-x</code></strong></strong><dd>
|
||
|
Writes the transferred data not only to their target streams, but also to
|
||
|
stderr. The output format is hexadecimal, prefixed with "> " or "< "
|
||
|
indicating flow directions. Can be combined with <code>-v</code>.
|
||
|
<a name="option_b"></a><p></p><dt><strong><strong><code>-b</code></strong><code><size></code></strong><dd>
|
||
|
Sets the data transfer block <size> [<a href="socat.html#TYPE_SIZE_T">size_t</a>].
|
||
|
At most <size> bytes are transferred per step. Default is 8192 bytes.
|
||
|
<a name="option_s"></a><p></p><dt><strong><strong><code>-s</code></strong></strong><dd>
|
||
|
By default, <strong>socat</strong> terminates when an error occurred to prevent the process
|
||
|
from running when some option could not be applied. With this
|
||
|
option, <strong>socat</strong> is sloppy with errors and tries to continue. Even with this
|
||
|
option, socat will exit on fatals, and will abort connection attempts when
|
||
|
security checks failed.
|
||
|
<a name="option_t"></a><p></p><dt><strong><strong><code>-t</code></strong><code><timeout></code></strong><dd>
|
||
|
When one channel has reached EOF, the write part of the other channel is shut
|
||
|
down. Then, <strong>socat</strong> waits <timeout> [<a href="socat.html#TYPE_TIMEVAL">timeval</a>] seconds
|
||
|
before terminating. Default is 0.5 seconds. This timeout only applies to
|
||
|
addresses where write and read part can be closed independently. When during
|
||
|
the timeout intervall the read part gives EOF, socat terminates without
|
||
|
awaiting the timeout.
|
||
|
<a name="option_T"></a><p></p><dt><strong><strong><code>-T</code></strong><code><timeout></code></strong><dd>
|
||
|
Total inactivity timeout: when socat is already in the transfer loop and
|
||
|
nothing has happened for <timeout> [<a href="socat.html#TYPE_TIMEVAL">timeval</a>] seconds
|
||
|
(no data arrived, no interrupt occurred...) then it terminates.
|
||
|
Useful with protocols like UDP that cannot transfer EOF.
|
||
|
<a name="option_u"></a><p></p><dt><strong><strong><code>-u</code></strong></strong><dd>
|
||
|
Uses unidirectional mode. The first address is only used for reading, and the
|
||
|
second address is only used for writing (<a href="socat.html#EXAMPLE_option_u">example</a>).
|
||
|
<a name="option_U"></a><p></p><dt><strong><strong><code>-U</code></strong></strong><dd>
|
||
|
Uses unidirectional mode in reverse direction. The first address is only
|
||
|
used for writing, and the second address is only used for reading.
|
||
|
<a name="option_g"></a><p></p><dt><strong><strong><code>-g</code></strong></strong><dd>
|
||
|
During address option parsing, don't check if the option is considered
|
||
|
useful in the given address environment. Use it if you want to force, e.g.,
|
||
|
appliance of a socket option to a serial device.
|
||
|
<a name="option_L"></a><p></p><dt><strong><strong><code>-L</code></strong><code><lockfile></code></strong><dd>
|
||
|
If lockfile exists, exits with error. If lockfile does not exist, creates it
|
||
|
and continues, unlinks lockfile on exit.
|
||
|
<a name="option_W"></a><p></p><dt><strong><strong><code>-W</code></strong><code><lockfile></code></strong><dd>
|
||
|
If lockfile exists, waits until it disappears. When lockfile does not exist,
|
||
|
creates it and continues, unlinks lockfile on exit.
|
||
|
<a name="option_4"></a><p></p><dt><strong><strong><code>-4</code></strong></strong><dd>
|
||
|
Use IP version 4 in case that the addresses do not implicitly or explicitly
|
||
|
specify a version; this is the default.
|
||
|
<a name="option_6"></a><p></p><dt><strong><strong><code>-6</code></strong></strong><dd>
|
||
|
Use IP version 6 in case that the addresses do not implicitly or explicitly
|
||
|
specify a version.
|
||
|
</dl>
|
||
|
<p><a name="ADDRESS_SPECIFICATIONS"></a>
|
||
|
<h2>ADDRESS SPECIFICATIONS</h2>
|
||
|
|
||
|
<p>With the address command line arguments, the user gives <strong>socat</strong> instructions and
|
||
|
the necessary information for establishing the byte streams.
|
||
|
<p>An address specification usually consists of an address type
|
||
|
keyword, zero or more required address parameters separated by ':' from the keyword and
|
||
|
from each
|
||
|
other, and zero or more address options separated by ','.
|
||
|
<p>The keyword specifies the address type (e.g., TCP4, OPEN, EXEC). For some
|
||
|
keywords there exist synonyms ('-' for STDIO, TCP for TCP4). Keywords are case
|
||
|
insensitive.
|
||
|
For a few special address types, the keyword may be omitted:
|
||
|
Address specifications starting with a number are assumed to be FD (raw file
|
||
|
descriptor) addresses;
|
||
|
if a '/' is found before the first ':' or ',', GOPEN (generic file open) is
|
||
|
assumed.
|
||
|
<p>The required number and type of address parameters depend on the address
|
||
|
type. E.g., TCP4 requires a server specification (name or address), and a port
|
||
|
specification (number or service name).
|
||
|
<p>Zero or more address options may be given with each address. They influence the
|
||
|
address in some ways.
|
||
|
Options consist of an option keyword or an option keyword and a value,
|
||
|
separated by '='. Option keywords are case insensitive.
|
||
|
For filtering the options that are useful with an address
|
||
|
type, each option is member of one option group. For
|
||
|
each address type there is a set of option groups allowed. Only options
|
||
|
belonging to one of these address groups may be used (except with <a href="socat.html#option_g">option -g</a>).
|
||
|
<p><a name="ADDRESS_DUAL"></a>
|
||
|
Address specifications following the above schema are also called <em>single</em>
|
||
|
address specifications.
|
||
|
Two single addresses can be combined with "!!" to form a <em>dual</em> type
|
||
|
address for one channel. Here, the first address is used by <strong>socat</strong> for reading
|
||
|
data, and the
|
||
|
second address for writing data. There is no way to specify an option only once
|
||
|
for being applied to both single addresses.
|
||
|
<p>Usually, addresses are opened in read/write
|
||
|
mode. When an address is part of a dual address specification, or when
|
||
|
<a href="socat.html#option_u">option -u</a> or <a href="socat.html#option_U">-U</a> is used, an address might be
|
||
|
used only for reading or for writing. Considering this is important with some
|
||
|
address types.
|
||
|
<p>With socat version 1.5.0 and higher, the lexical analysis tries to handle
|
||
|
quotes and parenthesis meaningfully and allows escaping of special characters.
|
||
|
If one of the characters ( { [ ' is found, the corresponding closing
|
||
|
character - ) } ] ' - is looked for; they may also be nested. Within these
|
||
|
constructs, socats special characters and strings : , !! are not handled
|
||
|
specially. All those characters and strings can be escaped with \ or within ""
|
||
|
<p><a name="ADDRESS_TYPES"></a>
|
||
|
<h2>ADDRESS TYPES</h2>
|
||
|
|
||
|
<p>This section describes the available address types with their keywords,
|
||
|
parameters, and semantics.
|
||
|
<p><dl>
|
||
|
<a name="ADDRESS_CREAT"></a><p></p><dt><strong><strong><code>CREATE:<filename></code></strong></strong><dd>
|
||
|
Opens <a href="socat.html#TYPE_FILENAME"><filename></a> with <code>creat()</code> and uses the file
|
||
|
descriptor for writing.
|
||
|
This address type requires write-only context, because a file opened with
|
||
|
<code>creat</code> cannot be read from.
|
||
|
<filename> must be a valid existing or not existing path.
|
||
|
If <filename> is a named pipe, <code>creat()</code> might block;
|
||
|
if <filename> refers to a socket, this is an error.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_REG">REG</a>,<a href="socat.html#GROUP_NAMED">NAMED</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_MODE">mode</a>,
|
||
|
<a href="socat.html#OPTION_USER">user</a>,
|
||
|
<a href="socat.html#OPTION_GROUP">group</a>,
|
||
|
<a href="socat.html#OPTION_UNLINK_EARLY">unlink-early</a>,
|
||
|
<a href="socat.html#OPTION_UNLINK_LATE">unlink-late</a>,
|
||
|
<a href="socat.html#OPTION_APPEND">append</a><br>
|
||
|
See also: <a href="socat.html#ADDRESS_OPEN">OPEN</a>, <a href="socat.html#ADDRESS_GOPEN">GOPEN</a>
|
||
|
<a name="ADDRESS_EXEC"></a><p></p><dt><strong><strong><code>EXEC:<command-line></code></strong></strong><dd>
|
||
|
Forks a sub process that establishes communication with its parent process
|
||
|
and invokes the specified program with <code>execvp()</code>.
|
||
|
<a href="socat.html#TYPE_COMMAND_LINE"><command-line></a> is a simple command
|
||
|
with arguments separated by single spaces. If the program name
|
||
|
contains a '/', the part after the last '/' is taken as ARGV[0]. If the
|
||
|
program name is a relative
|
||
|
path, the <code>execvp()</code> semantics for finding the program via
|
||
|
<code>$PATH</code>
|
||
|
apply. After successful program start, <strong>socat</strong> writes data to stdin of the
|
||
|
process and reads from its stdout using a UNIX domain socket generated by
|
||
|
<code>socketpair()</code> per default. (<a href="socat.html#EXAMPLE_ADDRESS_EXEC">example</a>) <br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_EXEC">EXEC</a>,<a href="socat.html#GROUP_FORK">FORK</a>,<a href="socat.html#GROUP_TERMIOS">TERMIOS</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_PATH">path</a>,
|
||
|
<a href="socat.html#OPTION_FDIN">fdin</a>,
|
||
|
<a href="socat.html#OPTION_FDOUT">fdout</a>,
|
||
|
<a href="socat.html#OPTION_CHROOT">chroot</a>,
|
||
|
<a href="socat.html#OPTION_SUBSTUSER">su</a>,
|
||
|
<a href="socat.html#OPTION_SUBSTUSER_DELAYED">su-d</a>,
|
||
|
<a href="socat.html#OPTION_NOFORK">nofork</a>,
|
||
|
<a href="socat.html#OPTION_PTY">pty</a>,
|
||
|
<a href="socat.html#OPTION_STDERR">stderr</a>,
|
||
|
<a href="socat.html#OPTION_CTTY">ctty</a>,
|
||
|
<a href="socat.html#OPTION_SETSID">setsid</a>,
|
||
|
<a href="socat.html#OPTION_PIPES">pipes</a>,
|
||
|
<a href="socat.html#OPTION_LOGIN">login</a>,
|
||
|
<a href="socat.html#OPTION_SIGINT">sigint</a>,
|
||
|
<a href="socat.html#OPTION_SIGQUIT">sigquit</a><br>
|
||
|
See also: <a href="socat.html#ADDRESS_SYSTEM">SYSTEM</a>
|
||
|
<a name="ADDRESS_FD"></a><p></p><dt><strong><strong><code>FD:<fdnum></code></strong></strong><dd>
|
||
|
Uses the file descriptor <a href="socat.html#TYPE_FDNUM"><fdnum></a>. It must already exist as
|
||
|
valid UN*X file descriptor.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a> (<a href="socat.html#GROUP_TERMIOS">TERMIOS</a>,<a href="socat.html#GROUP_REG">REG</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>) <br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_STDIO">STDIO</a>,
|
||
|
<a href="socat.html#ADDRESS_STDIN">STDIN</a>,
|
||
|
<a href="socat.html#ADDRESS_STDOUT">STDOUT</a>,
|
||
|
<a href="socat.html#ADDRESS_STDERR">STDERR</a>
|
||
|
<a name="ADDRESS_GOPEN"></a><p></p><dt><strong><strong><code>GOPEN:<filename></code></strong></strong><dd>
|
||
|
(Generic open) This address type tries to handle any file system entry
|
||
|
except directories usefully. <a href="socat.html#TYPE_FILENAME"><filename></a> may be a
|
||
|
relative or absolute path. If it already exists, its type is checked.
|
||
|
In case of a UNIX domain socket, <strong>socat</strong> connects; if connecting fails,
|
||
|
<strong>socat</strong> assumes a datagram socket and uses <code>sendto()</code> calls.
|
||
|
If the entry is not a socket, <strong>socat</strong> opens it applying the <code>O_APPEND</code>
|
||
|
flag.
|
||
|
If it does not exist, it is opened with flag
|
||
|
<code>O_CREAT</code> as a regular file (<a href="socat.html#EXAMPLE_ADDRESS_GOPEN">example</a>).<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_REG">REG</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_NAMED">NAMED</a>,<a href="socat.html#GROUP_OPEN">OPEN</a> <br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_OPEN">OPEN</a>,
|
||
|
<a href="socat.html#ADDRESS_CREAT">CREATE</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_CONNECT">UNIX-CONNECT</a>
|
||
|
<p><a name="ADDRESS_IP_SENDTO"></a><p></p><dt><strong><strong><code>IP-SENDTO:<host>:<protocol></code></strong></strong><dd>
|
||
|
Opens a raw IP socket. Depending on host specification or option <a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>, IP procotol version
|
||
|
4 or 6 is used. It uses <a href="socat.html#TYPE_PROTOCOL"><protocol></a> to send packets
|
||
|
to <host> [<a href="socat.html#TYPE_IP_ADDRESS">IP address</a>] and receives packets from
|
||
|
host, ignores packets from other hosts.
|
||
|
Protocol 255 uses the raw socket with the IP header being part of the
|
||
|
data.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>,
|
||
|
<a href="socat.html#OPTION_TTL">ttl</a>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_IP4_SENDTO">IP4-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_IP6_SENDTO">IP6-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_RECVFROM">IP-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_RECV">IP-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_SENDTO">UDP-SENDTO</a>
|
||
|
<a href="socat.html#ADDRESS_UNIX_SENDTO">UNIX-SENDTO</a>
|
||
|
<a name="ADDRESS_IP4_SENDTO"></a><p></p><dt><strong><strong><code>IP4-SENDTO:<host>:<protocol></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_IP_SENDTO">IP-SENDTO</a>, but always uses IPv4.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a> <br>
|
||
|
<a name="ADDRESS_IP6_SENDTO"></a><p></p><dt><strong><strong><code>IP6-SENDTO:<host>:<protocol></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_IP_SENDTO">IP-SENDTO</a>, but always uses IPv6.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP6">IP6</a> <br>
|
||
|
<p><a name="ADDRESS_IP_DATAGRAM"></a><p></p><dt><strong><strong><code>IP-DATAGRAM:<address>:<protocol></code></strong></strong><dd>
|
||
|
Sends outgoing data to the specified address which may in particular be a
|
||
|
broadcast or multicast address. Packets arriving on the local socket are
|
||
|
checked if their source addresses match
|
||
|
eventual <a href="socat.html#OPTION_RANGE">RANGE</a> or <a href="socat.html#OPTION_TCPWRAPPERS">TCPWRAP</a>
|
||
|
options. This address type can for example be used for implementing
|
||
|
symmetric or asymmetric broadcast or multicast communications.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>, <a href="socat.html#GROUP_SOCKET">SOCKET</a>,
|
||
|
<a href="socat.html#GROUP_IP4">IP4</a>, <a href="socat.html#GROUP_IP6">IP6</a>, <a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_RANGE">range</a>,
|
||
|
<a href="socat.html#OPTION_TCPWRAPPERS">tcpwrap</a>,
|
||
|
<a href="socat.html#OPTION_SO_BROADCAST">broadcast</a>,
|
||
|
<a href="socat.html#OPTION_IP_MULTICAST_LOOP">ip-multicast-loop</a>,
|
||
|
<a href="socat.html#OPTION_IP_MULTICAST_TTL">ip-multicast-ttl</a>,
|
||
|
<a href="socat.html#OPTION_IP_MULTICAST_IF">ip-multicast-if</a>,
|
||
|
<a href="socat.html#OPTION_IP_ADD_MEMBERSHIP">ip-add-membership</a>,
|
||
|
<a href="socat.html#OPTION_TTL">ttl</a>,
|
||
|
<a href="socat.html#OPTION_TOS">tos</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_IP4_DATAGRAM">IP4-DATAGRAM</a>,
|
||
|
<a href="socat.html#ADDRESS_IP6_DATAGRAM">IP6-DATAGRAM</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_SENDTO">IP-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_RECVFROM">IP-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_RECV">IP-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_DATAGRAM">UDP-DATAGRAM</a>
|
||
|
<a name="ADDRESS_IP4_DATAGRAM"></a><p></p><dt><strong><strong><code>IP4-DATAGRAM:<host>:<protocol></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_IP_DATAGRAM">IP-DATAGRAM</a>, but always uses IPv4.
|
||
|
(<a href="socat.html#EXAMPLE_ADDRESS_IP4_BROADCAST_CLIENT">example</a>)<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>, <a href="socat.html#GROUP_SOCKET">SOCKET</a>,
|
||
|
<a href="socat.html#GROUP_IP4">IP4</a>, <a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
<a name="ADDRESS_IP6_DATAGRAM"></a><p></p><dt><strong><strong><code>IP6-DATAGRAM:<host>:<protocol></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_IP_DATAGRAM">IP-DATAGRAM</a>, but always uses IPv6. Please
|
||
|
note that IPv6 does not know broadcasts.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>, <a href="socat.html#GROUP_SOCKET">SOCKET</a>,
|
||
|
<a href="socat.html#GROUP_IP6">IP6</a>, <a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
<p><a name="ADDRESS_IP_RECVFROM"></a><p></p><dt><strong><strong><code>IP-RECVFROM:<protocol></code></strong></strong><dd>
|
||
|
Opens a raw IP socket of <a href="socat.html#TYPE_PROTOCOL"><protocol></a>. Depending on option <a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>, IP procotol version
|
||
|
4 or 6 is used. It receives one packet from an unspecified peer and may send one or more answer packets to that peer.
|
||
|
This mode is particularly useful with fork option where each arriving packet - from arbitrary peers - is handled by its own sub process.
|
||
|
This allows a behaviour similar to typical UDP based servers like ntpd or named.
|
||
|
This address works well with IP-SENDTO address peers (see above).
|
||
|
Protocol 255 uses the raw socket with the IP header being part of the
|
||
|
data.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>,
|
||
|
<a href="socat.html#OPTION_FORK">fork</a>,
|
||
|
<a href="socat.html#OPTION_RANGE">range</a>,
|
||
|
<a href="socat.html#OPTION_TTL">ttl</a>,
|
||
|
<a href="socat.html#OPTION_SO_BROADCAST">broadcast</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_IP4_RECVFROM">IP4-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_IP6_RECVFROM">IP6-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_SENDTO">IP-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_RECV">IP-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_RECVFROM">UDP-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_RECVFROM">UNIX-RECVFROM</a>
|
||
|
<a name="ADDRESS_IP4_RECVFROM"></a><p></p><dt><strong><strong><code>IP4-RECVFROM:<protocol></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_IP_RECVFROM">IP-RECVFROM</a>, but always uses IPv4.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
<a name="ADDRESS_IP6_RECVFROM"></a><p></p><dt><strong><strong><code>IP6-RECVFROM:<protocol></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_IP_RECVFROM">IP-RECVFROM</a>, but always uses IPv6.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
<p><a name="ADDRESS_IP_RECV"></a><p></p><dt><strong><strong><code>IP-RECV:<protocol></code></strong></strong><dd>
|
||
|
Opens a raw IP socket of <a href="socat.html#TYPE_PROTOCOL"><protocol></a>. Depending on option <a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>, IP procotol version
|
||
|
4 or 6 is used. It receives packets from multiple unspecified peers and merges the data.
|
||
|
No replies are possible.
|
||
|
It can be, e.g., addressed by socat IP-SENDTO address peers.
|
||
|
Protocol 255 uses the raw socket with the IP header being part of the
|
||
|
data.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>,
|
||
|
<a href="socat.html#OPTION_RANGE">range</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_IP4_RECV">IP4-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_IP6_RECV">IP6-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_SENDTO">IP-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_RECVFROM">IP-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_RECV">UDP-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_RECV">UNIX-RECV</a>
|
||
|
<a name="ADDRESS_IP4_RECV"></a><p></p><dt><strong><strong><code>IP4-RECV:<protocol></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_IP_RECV">IP-RECV</a>, but always uses IPv4.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
<a name="ADDRESS_IP6_RECV"></a><p></p><dt><strong><strong><code>IP6-RECV:<protocol></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_IP_RECV">IP-RECV</a>, but always uses IPv6.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
<p><a name="ADDRESS_OPEN"></a><p></p><dt><strong><strong><code>OPEN:<filename></code></strong></strong><dd>
|
||
|
Opens <a href="socat.html#TYPE_FILENAME"><filename></a> using the <code>open()</code> system call
|
||
|
(<a href="socat.html#EXAMPLE_ADDRESS_OPEN">example</a>).
|
||
|
This operation fails on UNIX domain sockets. <br>
|
||
|
Note: This address type is rarly useful in bidirectional mode.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_REG">REG</a>,<a href="socat.html#GROUP_NAMED">NAMED</a>,<a href="socat.html#GROUP_OPEN">OPEN</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_CREAT">creat</a>,
|
||
|
<a href="socat.html#OPTION_EXCL">excl</a>,
|
||
|
<a href="socat.html#OPTION_O_NOATIME">noatime</a>,
|
||
|
<a href="socat.html#OPTION_NOFOLLOW">nofollow</a>,
|
||
|
<a href="socat.html#OPTION_APPEND">append</a>,
|
||
|
<a href="socat.html#OPTION_RDONLY">rdonly</a>,
|
||
|
<a href="socat.html#OPTION_WRONLY">wronly</a>,
|
||
|
<a href="socat.html#OPTION_LOCK">lock</a>,
|
||
|
<a href="socat.html#OPTION_READBYTES">readbytes</a>,
|
||
|
<a href="socat.html#OPTION_IGNOREEOF">ignoreeof</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_CREAT">CREATE</a>,
|
||
|
<a href="socat.html#ADDRESS_GOPEN">GOPEN</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_CONNECT">UNIX-CONNECT</a>
|
||
|
<a name="ADDRESS_OPENSSL_CONNECT"></a><p></p><dt><strong><strong><code>OPENSSL:<host>:<port></code></strong></strong><dd>
|
||
|
Tries to establish a SSL connection to <port> [<a href="socat.html#TYPE_TCP_SERVICE">TCP
|
||
|
service</a>] on
|
||
|
<host> [<a href="socat.html#TYPE_IP_ADDRESS">IP address</a>] using TCP/IP version 4 or 6
|
||
|
depending on address specification, name resolution, or option
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>.<br>
|
||
|
NOTE: The server certificate is only checked for validity against
|
||
|
<a href="socat.html#OPTION_OPENSSL_CAFILE">cafile</a> or <a href="socat.html#OPTION_OPENSSL_CAPATH">capath</a>,
|
||
|
but not for match with the server's name or its IP address!<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_TCP">TCP</a>,<a href="socat.html#GROUP_OPENSSL">OPENSSL</a>,<a href="socat.html#GROUP_RETRY">RETRY</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_OPENSSL_CIPHERLIST">cipher</a>,
|
||
|
<a href="socat.html#OPTION_OPENSSL_METHOD">method</a>,
|
||
|
<a href="socat.html#OPTION_OPENSSL_VERIFY">verify</a>,
|
||
|
<a href="socat.html#OPTION_OPENSSL_CAFILE">cafile</a>,
|
||
|
<a href="socat.html#OPTION_OPENSSL_CAPATH">capath</a>,
|
||
|
<a href="socat.html#OPTION_OPENSSL_CERTIFICATE">certificate</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>,
|
||
|
<a href="socat.html#OPTION_CONNECT_TIMEOUT">connect-timeout</a>,
|
||
|
<a href="socat.html#OPTION_SOURCEPORT">sourceport</a>,
|
||
|
<a href="socat.html#OPTION_RETRY">retry</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_OPENSSL_LISTEN">OPENSSL-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_TCP_CONNECT">TCP</a>
|
||
|
<a name="ADDRESS_OPENSSL_LISTEN"></a><p></p><dt><strong><strong><code>OPENSSL-LISTEN:<port></code></strong></strong><dd>
|
||
|
Listens on tcp <port> [<a href="socat.html#TYPE_TCP_SERVICE">TCP service</a>].
|
||
|
The IP version is 4 or the one specified with
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>. When a
|
||
|
connection is accepted, this address behaves as SSL server.<br>
|
||
|
Note: You probably want to use the <a href="socat.html#OPTION_OPENSSL_CERTIFICATE">certificate</a> option with this address.<br>
|
||
|
NOTE: The client certificate is only checked for validity against
|
||
|
<a href="socat.html#OPTION_OPENSSL_CAFILE">cafile</a> or <a href="socat.html#OPTION_OPENSSL_CAPATH">capath</a>,
|
||
|
but not for match with the client's name or its IP address!<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_TCP">TCP</a>,<a href="socat.html#GROUP_LISTEN">LISTEN</a>,<a href="socat.html#GROUP_OPENSSL">OPENSSL</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>,<a href="socat.html#GROUP_RETRY">RETRY</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>,
|
||
|
<a href="socat.html#OPTION_OPENSSL_CIPHERLIST">cipher</a>,
|
||
|
<a href="socat.html#OPTION_OPENSSL_METHOD">method</a>,
|
||
|
<a href="socat.html#OPTION_OPENSSL_VERIFY">verify</a>,
|
||
|
<a href="socat.html#OPTION_OPENSSL_CAFILE">cafile</a>,
|
||
|
<a href="socat.html#OPTION_OPENSSL_CAPATH">capath</a>,
|
||
|
<a href="socat.html#OPTION_OPENSSL_CERTIFICATE">certificate</a>,
|
||
|
<a href="socat.html#OPTION_FORK">fork</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_RANGE">range</a>,
|
||
|
<a href="socat.html#OPTION_TCPWRAPPERS">tcpwrap</a>,
|
||
|
<a href="socat.html#OPTION_SUBSTUSER">su</a>,
|
||
|
<a href="socat.html#OPTION_REUSEADDR">reuseaddr</a>,
|
||
|
<a href="socat.html#OPTION_RETRY">retry</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_OPENSSL_CONNECT">OPENSSL</a>,
|
||
|
<a href="socat.html#ADDRESS_TCP_CONNECT">TCP</a>
|
||
|
<a name="ADDRESS_NAMED_PIPE"></a><p></p><dt><strong><strong><code>PIPE:<filename></code></strong></strong><dd>
|
||
|
If <a href="socat.html#TYPE_FILENAME"><filename></a> already exists, it is opened.
|
||
|
If is does not exist, a named pipe is created and opened. Beginning with
|
||
|
socat version 1.4.3, the named pipe is removed when the address is closed
|
||
|
(but see option <a href="socat.html#OPTION_UNLINK_CLOSE">unlink-close</a><br>
|
||
|
Note: When a pipe is used for both reading and writing, it works
|
||
|
as echo service.<br>
|
||
|
Note: When a pipe is used for both reading and writing, and socat tries
|
||
|
to write more bytes than the pipe can buffer (Linux 2.4: 2048 bytes), socat
|
||
|
might block. Consider using socat option, e.g., <code>-b 2048</code> <br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_NAMED">NAMED</a>,<a href="socat.html#GROUP_OPEN">OPEN</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_RDONLY">rdonly</a>,
|
||
|
<a href="socat.html#OPTION_NONBLOCK">nonblock</a>,
|
||
|
<a href="socat.html#OPTION_GROUP">group</a>,
|
||
|
<a href="socat.html#OPTION_USER">user</a>,
|
||
|
<a href="socat.html#OPTION_MODE">mode</a>,
|
||
|
<a href="socat.html#OPTION_UNLINK_EARLY">unlink-early</a><br>
|
||
|
See also: <a href="socat.html#ADDRESS_UNNAMED_PIPE">unnamed pipe</a>
|
||
|
<a name="ADDRESS_UNNAMED_PIPE"></a><p></p><dt><strong><strong><code>PIPE</code></strong></strong><dd>
|
||
|
Creates an unnamed pipe and uses it for reading and writing. It works as an
|
||
|
echo, because everything written
|
||
|
to it appeares immediately as read data.<br>
|
||
|
Note: When socat tries to write more bytes than the pipe can queue (Linux
|
||
|
2.4: 2048 bytes), socat might block. Consider, e.g., using
|
||
|
option <code>-b 2048</code> <br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a> <br>
|
||
|
See also: <a href="socat.html#ADDRESS_NAMED_PIPE">named pipe</a>
|
||
|
<a name="ADDRESS_PROXY_CONNECT"></a><p></p><dt><strong><strong><code>PROXY:<proxy>:<hostname>:<port></code></strong></strong><dd>
|
||
|
Connects to an HTTP proxy server on port 8080 using TCP/IP version 4 or 6
|
||
|
depending on address specification, name resolution, or option
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>, and sends a CONNECT
|
||
|
request for hostname:port. If the proxy grants access and succeeds to
|
||
|
connect to the target, data transfer between socat and the target can
|
||
|
start. Note that the traffic need not be HTTP but can be an arbitrary
|
||
|
protocol. <br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_TCP">TCP</a>,<a href="socat.html#GROUP_HTTP">HTTP</a>,<a href="socat.html#GROUP_RETRY">RETRY</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_PROXYPORT">proxyport</a>,
|
||
|
<a href="socat.html#OPTION_IGNORECR">ignorecr</a>,
|
||
|
<a href="socat.html#OPTION_PROXY_AUTHORIZATION">proxyauth</a>,
|
||
|
<a href="socat.html#OPTION_PROXY_RESOLVE">resolve</a>,
|
||
|
<a href="socat.html#OPTION_CRNL">crnl</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_CONNECT_TIMEOUT">connect-timeout</a>,
|
||
|
<a href="socat.html#OPTION_MSS">mss</a>,
|
||
|
<a href="socat.html#OPTION_SOURCEPORT">sourceport</a>,
|
||
|
<a href="socat.html#OPTION_RETRY">retry</a> <br>
|
||
|
See also: <a href="socat.html#ADDRESS_SOCKS4">SOCKS</a>, <a href="socat.html#ADDRESS_TCP_CONNECT">TCP</a>
|
||
|
<a name="ADDRESS_PTY"></a><p></p><dt><strong><strong><code>PTY</code></strong></strong><dd>
|
||
|
Generates a pseudo terminal (pty) and uses its master side. Another process
|
||
|
may open the pty's slave side using it like a serial line or terminal.
|
||
|
(<a href="socat.html#EXAMPLE_ADDRESS_PTY">example</a>). If
|
||
|
both the ptmx and the openpty mechanisms are available, ptmx is used
|
||
|
(POSIX).<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_NAMED">NAMED</a>,<a href="socat.html#GROUP_PTY">PTY</a>,<a href="socat.html#GROUP_TERMIOS">TERMIOS</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_SYMBOLIC_LINK">link</a>,
|
||
|
<a href="socat.html#OPTION_OPENPTY">openpty</a>,
|
||
|
<a href="socat.html#OPTION_PTY_WAIT_SLAVE">wait-slave</a>,
|
||
|
<a href="socat.html#OPTION_MODE">mode</a>,
|
||
|
<a href="socat.html#OPTION_USER">user</a>,
|
||
|
<a href="socat.html#OPTION_GROUP">group</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UNIX_LISTEN">UNIX-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_NAMED_PIPE">PIPE</a>,
|
||
|
<a href="socat.html#ADDRESS_EXEC">EXEC</a>, <a href="socat.html#ADDRESS_SYSTEM">SYSTEM</a>
|
||
|
<a name="ADDRESS_READLINE"></a><p></p><dt><strong><strong><code>READLINE</code></strong></strong><dd>
|
||
|
Uses GNU readline and history on stdio to allow editing and reusing input
|
||
|
lines (<a href="socat.html#EXAMPLE_ADDRESS_READLINE">example</a>). This requires the GNU readline and
|
||
|
history libraries. Note that stdio should be a (pseudo) terminal device,
|
||
|
otherwise readline does not seem to work.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_READLINE">READLINE</a>,<a href="socat.html#GROUP_TERMIOS">TERMIOS</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_HISTORY">history</a>,
|
||
|
<a href="socat.html#OPTION_NOECHO">noecho</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_STDIO">STDIO</a>
|
||
|
<a name="ADDRESS_SOCKS4"></a><p></p><dt><strong><strong><code>SOCKS4:<socks-server>:<host>:<port></code></strong></strong><dd>
|
||
|
Connects via <socks-server> [<a href="socat.html#TYPE_IP_ADDRESS">IP address</a>]
|
||
|
to <host> [<a href="socat.html#TYPE_IPV4_ADDRESS">IPv4 address</a>]
|
||
|
on <port> [<a href="socat.html#TYPE_TCP_SERVICE">TCP service</a>],
|
||
|
using socks version 4 protocol over IP version 4 or 6 depending on address specification, name resolution, or option
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a> (<a href="socat.html#EXAMPLE_ADDRESS_SOCKS4">example</a>).<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_TCP">TCP</a>,<a href="socat.html#GROUP_SOCKS">SOCKS4</a>,<a href="socat.html#GROUP_RETRY">RETRY</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_SOCKSUSER">socksuser</a>,
|
||
|
<a href="socat.html#OPTION_SOCKSPORT">socksport</a>,
|
||
|
<a href="socat.html#OPTION_SOURCEPORT">sourceport</a>,
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>,
|
||
|
<a href="socat.html#OPTION_RETRY">retry</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_SOCKS4A">SOCKS4A</a>,
|
||
|
<a href="socat.html#ADDRESS_PROXY_CONNECT">PROXY</a>,
|
||
|
<a href="socat.html#ADDRESS_TCP_CONNECT">TCP</a>
|
||
|
<a name="ADDRESS_SOCKS4A"></a><p></p><dt><strong><strong><code>SOCKS4A:<socks-server>:<host>:<port></code></strong></strong><dd>
|
||
|
like <a href="socat.html#ADDRESS_SOCKS4">SOCKS4</a>, but uses socks protocol version 4a, thus
|
||
|
leaving host name resolution to the socks server.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_TCP">TCP</a>,<a href="socat.html#GROUP_SOCKS">SOCKS4</a>,<a href="socat.html#GROUP_RETRY">RETRY</a> <br>
|
||
|
<a name="ADDRESS_STDERR"></a><p></p><dt><strong><strong><code>STDERR</code></strong></strong><dd>
|
||
|
Uses file descriptor 2.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a> (<a href="socat.html#GROUP_TERMIOS">TERMIOS</a>,<a href="socat.html#GROUP_REG">REG</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>) <br>
|
||
|
See also: <a href="socat.html#ADDRESS_FD">FD</a>
|
||
|
<a name="ADDRESS_STDIN"></a><p></p><dt><strong><strong><code>STDIN</code></strong></strong><dd>
|
||
|
Uses file descriptor 0.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a> (<a href="socat.html#GROUP_TERMIOS">TERMIOS</a>,<a href="socat.html#GROUP_REG">REG</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>) <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_READBYTES">readbytes</a><br>
|
||
|
See also: <a href="socat.html#ADDRESS_FD">FD</a>
|
||
|
<a name="ADDRESS_STDIO"></a><p></p><dt><strong><strong><code>STDIO</code></strong></strong><dd>
|
||
|
Uses file descriptor 0 for reading, and 1 for writing.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a> (<a href="socat.html#GROUP_TERMIOS">TERMIOS</a>,<a href="socat.html#GROUP_REG">REG</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>) <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_READBYTES">readbytes</a><br>
|
||
|
See also: <a href="socat.html#ADDRESS_FD">FD</a>
|
||
|
<a name="ADDRESS_STDOUT"></a><p></p><dt><strong><strong><code>STDOUT</code></strong></strong><dd>
|
||
|
Uses file descriptor 1.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a> (<a href="socat.html#GROUP_TERMIOS">TERMIOS</a>,<a href="socat.html#GROUP_REG">REG</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>) <br>
|
||
|
See also: <a href="socat.html#ADDRESS_FD">FD</a>
|
||
|
<a name="ADDRESS_SYSTEM"></a><p></p><dt><strong><strong><code>SYSTEM:<shell-command></code></strong></strong><dd>
|
||
|
Forks a sub process that establishes communication with its parent process
|
||
|
and invokes the specified program with <code>system()</code>. Please note that
|
||
|
<shell-command> [<a href="socat.html#TYPE_STRING">string</a>] must
|
||
|
not contain ',' or "!!", and that shell meta characters may have to be
|
||
|
protected.
|
||
|
After successful program start, <strong>socat</strong> writes data to stdin of the
|
||
|
process and reads from its stdout.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_EXEC">EXEC</a>,<a href="socat.html#GROUP_FORK">FORK</a>,<a href="socat.html#GROUP_TERMIOS">TERMIOS</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_PATH">path</a>,
|
||
|
<a href="socat.html#OPTION_FDIN">fdin</a>,
|
||
|
<a href="socat.html#OPTION_FDOUT">fdout</a>,
|
||
|
<a href="socat.html#OPTION_CHROOT">chroot</a>,
|
||
|
<a href="socat.html#OPTION_SUBSTUSER">su</a>,
|
||
|
<a href="socat.html#OPTION_SUBSTUSER_DELAYED">su-d</a>,
|
||
|
<a href="socat.html#OPTION_NOFORK">nofork</a>,
|
||
|
<a href="socat.html#OPTION_PTY">pty</a>,
|
||
|
<a href="socat.html#OPTION_STDERR">stderr</a>,
|
||
|
<a href="socat.html#OPTION_CTTY">ctty</a>,
|
||
|
<a href="socat.html#OPTION_SETSID">setsid</a>,
|
||
|
<a href="socat.html#OPTION_PIPES">pipes</a>,
|
||
|
<a href="socat.html#OPTION_SIGINT">sigint</a>,
|
||
|
<a href="socat.html#OPTION_SIGQUIT">sigquit</a><br>
|
||
|
See also: <a href="socat.html#ADDRESS_EXEC">EXEC</a>
|
||
|
<a name="ADDRESS_TCP_CONNECT"></a><p></p><dt><strong><strong><code>TCP:<host>:<port></code></strong></strong><dd>
|
||
|
Connects to <port> [<a href="socat.html#TYPE_TCP_SERVICE">TCP service</a>] on
|
||
|
<host> [<a href="socat.html#TYPE_IP_ADDRESS">IP address</a>] using TCP/IP version 4 or 6
|
||
|
depending on address specification, name resolution, or option
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_TCP">TCP</a>,<a href="socat.html#GROUP_RETRY">RETRY</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_CRNL">crnl</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>,
|
||
|
<a href="socat.html#OPTION_CONNECT_TIMEOUT">connect-timeout</a>,
|
||
|
<a href="socat.html#OPTION_TOS">tos</a>,
|
||
|
<a href="socat.html#OPTION_MTUDISCOVER">mtudiscover</a>,
|
||
|
<a href="socat.html#OPTION_MSS">mss</a>,
|
||
|
<a href="socat.html#OPTION_NODELAY">nodelay</a>,
|
||
|
<a href="socat.html#OPTION_NONBLOCK">nonblock</a>,
|
||
|
<a href="socat.html#OPTION_SOURCEPORT">sourceport</a>,
|
||
|
<a href="socat.html#OPTION_RETRY">retry</a>,
|
||
|
<a href="socat.html#OPTION_READBYTES">readbytes</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_TCP4_CONNECT">TCP4</a>,
|
||
|
<a href="socat.html#ADDRESS_TCP6_CONNECT">TCP6</a>,
|
||
|
<a href="socat.html#ADDRESS_TCP_LISTEN">TCP-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_CONNECT">UDP</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_CONNECT">UNIX-CONNECT</a>
|
||
|
<a name="ADDRESS_TCP4_CONNECT"></a><p></p><dt><strong><strong><code>TCP4:<host>:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_TCP_CONNECT">TCP</a>, but only supports IPv4 protocol (<a href="socat.html#EXAMPLE_ADDRESS_TCP4_CONNECT">example</a>).<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_TCP">TCP</a>,<a href="socat.html#GROUP_RETRY">RETRY</a> <br>
|
||
|
<a name="ADDRESS_TCP6_CONNECT"></a><p></p><dt><strong><strong><code>TCP6:<host>:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_TCP_CONNECT">TCP</a>, but only supports IPv6 protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_TCP">TCP</a>,<a href="socat.html#GROUP_RETRY">RETRY</a> <br>
|
||
|
<a name="ADDRESS_TCP_LISTEN"></a><p></p><dt><strong><strong><code>TCP-LISTEN:<port></code></strong></strong><dd>
|
||
|
Listens on <port> [<a href="socat.html#TYPE_TCP_SERVICE">TCP service</a>] and accepts a
|
||
|
TCP/IP connection. The IP version is 4 or the one specified with
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>.
|
||
|
Note that opening
|
||
|
this address usually blocks until a client connects.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_LISTEN">LISTEN</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_TCP">TCP</a>,<a href="socat.html#GROUP_RETRY">RETRY</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_CRNL">crnl</a>,
|
||
|
<a href="socat.html#OPTION_FORK">fork</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_RANGE">range</a>,
|
||
|
<a href="socat.html#OPTION_TCPWRAPPERS">tcpwrap</a>,
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>,
|
||
|
<a href="socat.html#OPTION_BACKLOG">backlog</a>,
|
||
|
<a href="socat.html#OPTION_MSS">mss</a>,
|
||
|
<a href="socat.html#OPTION_SUBSTUSER">su</a>,
|
||
|
<a href="socat.html#OPTION_REUSEADDR">reuseaddr</a>,
|
||
|
<a href="socat.html#OPTION_RETRY">retry</a>,
|
||
|
<a href="socat.html#OPTION_COOL_WRITE">retry</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_TCP4_CONNECT">TCP4-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_TCP6_LISTEN">TCP6-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_LISTEN">UDP-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_LISTEN">UNIX-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_OPENSSL_LISTEN">OPENSSL-LISTEN</a>
|
||
|
<a name="ADDRESS_TCP4_LISTEN"></a><p></p><dt><strong><strong><code>TCP4-LISTEN:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_TCP_LISTEN">TCP-LISTEN</a>, but only supports IPv4
|
||
|
protocol (<a href="socat.html#EXAMPLE_ADDRESS_TCP4_LISTEN">example</a>).<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_LISTEN">LISTEN</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_TCP">TCP</a>,<a href="socat.html#GROUP_RETRY">RETRY</a> <br>
|
||
|
<a name="ADDRESS_TCP6_LISTEN"></a><p></p><dt><strong><strong><code>TCP6-LISTEN:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_TCP_LISTEN">TCP-LISTEN</a>, but only supports IPv6
|
||
|
protocol.<br>
|
||
|
Additional useful option:
|
||
|
<a href="socat.html#OPTION_IPV6_V6ONLY">ipv6only</a><br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_LISTEN">LISTEN</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_TCP">TCP</a>,<a href="socat.html#GROUP_RETRY">RETRY</a> <br>
|
||
|
<a name="ADDRESS_TUN"></a><p></p><dt><strong><strong><code>TUN:<if-addr>/<bits></code></strong></strong><dd>
|
||
|
Creates a Linux TUN/TAP device and assignes to it the address and netmask
|
||
|
defined by the parameters. The resulting network interface is ready for use
|
||
|
by other processes; socat serves its "wire side". This address requires read
|
||
|
and write access to the tunnel cloning device, usually <code>/dev/net/tun</code>.
|
||
|
<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_NAMED">NAMED</a>,<a href="socat.html#GROUP_OPEN">OPEN</a>,<a href="socat.html#GROUP_TUN">TUN</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_IFF_UP">iff-up</a>,
|
||
|
<a href="socat.html#OPTION_TUN_DEVICE">tun-device</a>,
|
||
|
<a href="socat.html#OPTION_TUN_NAME">tun-name</a>,
|
||
|
<a href="socat.html#OPTION_TUN_TYPE">tun-type</a>,
|
||
|
<a href="socat.html#OPTION_IFF_NO_PI">iff-no-pi</a> <br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_IP_RECV">ip-recv</a>
|
||
|
<a name="ADDRESS_UDP_CONNECT"></a><p></p><dt><strong><strong><code>UDP:<host>:<port></code></strong></strong><dd>
|
||
|
Connects to <port> [<a href="socat.html#TYPE_UDP_SERVICE">UDP service</a>] on
|
||
|
<host> [<a href="socat.html#TYPE_IP_ADDRESS">IP address</a>] using UDP/IP version 4 or 6
|
||
|
depending on address specification, name resolution, or option
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>.<br>
|
||
|
Please note that,
|
||
|
due to UDP protocol properties, no real connection is established; data has
|
||
|
to be sent for `connecting' to the server, and no end-of-file condition can
|
||
|
be transported.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_TTL">ttl</a>,
|
||
|
<a href="socat.html#OPTION_TOS">tos</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_SOURCEPORT">sourceport</a>,
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UDP4_CONNECT">UDP4</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP6_CONNECT">UDP6</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_LISTEN">UDP-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_TCP_CONNECT">TCP</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_SENDTO">IP</a>
|
||
|
<a name="ADDRESS_UDP4_CONNECT"></a><p></p><dt><strong><strong><code>UDP4:<host>:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_CONNECT">UDP</a>, but only supports IPv4 protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a> <br>
|
||
|
<a name="ADDRESS_UDP6_CONNECT"></a><p></p><dt><strong><strong><code>UDP6:<host>:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_CONNECT">UDP</a>, but only supports IPv6 protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP6">IP6</a> <br>
|
||
|
<a name="ADDRESS_UDP_DATAGRAM"></a><p></p><dt><strong><strong><code>UDP-DATAGRAM:<address>:<port></code></strong></strong><dd>
|
||
|
Sends outgoing data to the specified address which may in particular be a
|
||
|
broadcast or multicast address. Packets arriving on the local socket are
|
||
|
checked for the correct remote port and if their source addresses match
|
||
|
eventual <a href="socat.html#OPTION_RANGE">RANGE</a> or <a href="socat.html#OPTION_TCPWRAPPERS">TCPWRAP</a>
|
||
|
options. This address type can for example be used for implementing
|
||
|
symmetric or asymmetric broadcast or multicast communications.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_RANGE">range</a>,
|
||
|
<a href="socat.html#OPTION_TCPWRAPPERS">tcpwrap</a>,
|
||
|
<a href="socat.html#OPTION_SO_BROADCAST">broadcast</a>,
|
||
|
<a href="socat.html#OPTION_IP_MULTICAST_LOOP">ip-multicast-loop</a>,
|
||
|
<a href="socat.html#OPTION_IP_MULTICAST_TTL">ip-multicast-ttl</a>,
|
||
|
<a href="socat.html#OPTION_IP_MULTICAST_IF">ip-multicast-if</a>,
|
||
|
<a href="socat.html#OPTION_IP_ADD_MEMBERSHIP">ip-add-membership</a>,
|
||
|
<a href="socat.html#OPTION_TTL">ttl</a>,
|
||
|
<a href="socat.html#OPTION_TOS">tos</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_SOURCEPORT">sourceport</a>,
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UDP4_DATAGRAM">UDP4-DATAGRAM</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP6_DATAGRAM">UDP6-DATAGRAM</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_SENDTO">UDP-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_RECVFROM">UDP-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_RECV">UDP-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_CONNECT">UDP-CONNECT</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_LISTEN">UDP-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_DATAGRAM">IP-DATAGRAM</a>
|
||
|
<a name="ADDRESS_UDP4_DATAGRAM"></a><p></p><dt><strong><strong><code>UDP4-DATAGRAM:<address>:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_DATAGRAM">UDP-DATAGRAM</a>, but only supports IPv4
|
||
|
protocol (<a href="socat.html#EXAMPLE_ADDRESS_UDP4_BROADCAST_CLIENT">example1</a>,
|
||
|
<a href="socat.html#EXAMPLE_ADDRESS_UDP4_MULTICAST">example2</a>).<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>, <a href="socat.html#GROUP_SOCKET">SOCKET</a>,
|
||
|
<a href="socat.html#GROUP_IP4">IP4</a>, <a href="socat.html#GROUP_RANGE">RANGE</a>
|
||
|
<a name="ADDRESS_UDP6_DATAGRAM"></a><p></p><dt><strong><strong><code>UDP6-DATAGRAM:<address>:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_DATAGRAM">UDP-DATAGRAM</a>, but only supports IPv6
|
||
|
protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,
|
||
|
<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>
|
||
|
<a name="ADDRESS_UDP_LISTEN"></a><p></p><dt><strong><strong><code>UDP-LISTEN:<port></code></strong></strong><dd>
|
||
|
Waits for a UDP/IP packet arriving on <port>
|
||
|
[<a href="socat.html#TYPE_UDP_SERVICE">UDP service</a>] and `connects' back to sender.
|
||
|
The accepted IP version is 4 or the one specified with option
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>.
|
||
|
Please note that,
|
||
|
due to UDP protocol properties, no real connection is established; data has
|
||
|
to arrive from the peer first, and no end-of-file condition can be
|
||
|
transported. Note that opening
|
||
|
this address usually blocks until a client connects.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_LISTEN">LISTEN</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_FORK">fork</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_RANGE">range</a>,
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a> <br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UDP_CONNECT">UDP</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP4_LISTEN">UDP4-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP6_LISTEN">UDP6-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_TCP_LISTEN">TCP-LISTEN</a>
|
||
|
<a name="ADDRESS_UDP4_LISTEN"></a><p></p><dt><strong><strong><code>UDP4-LISTEN:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_LISTEN">UDP-LISTEN</a>, but only support IPv4
|
||
|
protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_LISTEN">LISTEN</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>,<a href="socat.html#GROUP_IP4">IP4</a> <br>
|
||
|
<a name="ADDRESS_UDP6_LISTEN"></a><p></p><dt><strong><strong><code>UDP6-LISTEN:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_LISTEN">UDP-LISTEN</a>, but only support IPv6
|
||
|
protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_LISTEN">LISTEN</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>,<a href="socat.html#GROUP_IP6">IP6</a> <br>
|
||
|
<a name="ADDRESS_UDP_SENDTO"></a><p></p><dt><strong><strong><code>UDP-SENDTO:<host>:<port></code></strong></strong><dd>
|
||
|
Communicates with the specified peer socket, defined by <port> [<a href="socat.html#TYPE_UDP_SERVICE">UDP
|
||
|
service</a>] on
|
||
|
<host> [<a href="socat.html#TYPE_IP_ADDRESS">IP address</a>], using UDP/IP version 4 or 6
|
||
|
depending on address specification, name resolution, or option
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>. It sends packets to and receives packets
|
||
|
from that peer socket only.
|
||
|
This address effectively implements a datagram client.
|
||
|
It works well with socat UDP-RECVFROM and UDP-RECV address peers.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_TTL">ttl</a>,
|
||
|
<a href="socat.html#OPTION_TOS">tos</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_SOURCEPORT">sourceport</a>,
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UDP4_SENDTO">UDP4-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP6_SENDTO">UDP6-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_RECVFROM">UDP-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_RECV">UDP-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_CONNECT">UDP-CONNECT</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_LISTEN">UDP-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_SENDTO">IP-SENDTO</a>
|
||
|
<a name="ADDRESS_UDP4_SENDTO"></a><p></p><dt><strong><strong><code>UDP4-SENDTO:<host>:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_SENDTO">UDP-SENDTO</a>, but only supports IPv4
|
||
|
protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>
|
||
|
<a name="ADDRESS_UDP6_SENDTO"></a><p></p><dt><strong><strong><code>UDP6-SENDTO:<host>:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_SENDTO">UDP-SENDTO</a>, but only supports IPv6
|
||
|
protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP6">IP6</a>
|
||
|
<p><a name="ADDRESS_UDP_RECVFROM"></a><p></p><dt><strong><strong><code>UDP-RECVFROM:<port></code></strong></strong><dd>
|
||
|
Creates a UDP socket on <port> [<a href="socat.html#TYPE_UDP_SERVICE">UDP service</a>] using
|
||
|
UDP/IP version 4 or 6
|
||
|
depending on option <a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>.
|
||
|
It receives one packet from an unspecified peer and may send one or more
|
||
|
answer packets to that peer. This mode is particularly useful with fork
|
||
|
option
|
||
|
where each arriving packet - from arbitrary peers - is handled by its own sub
|
||
|
process. This allows a behaviour similar to typical UDP based servers like ntpd
|
||
|
or named. This address works well with socat SENDTO address peers.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_FORK">fork</a>,
|
||
|
<a href="socat.html#OPTION_TTL">ttl</a>,
|
||
|
<a href="socat.html#OPTION_TOS">tos</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_SOURCEPORT">sourceport</a>,
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UDP4_RECVFROM">UDP4-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP6_RECVFROM">UDP6-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_SENDTO">UDP-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_RECV">UDP-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_CONNECT">UDP-CONNECT</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_LISTEN">UDP-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_RECVFROM">IP-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_RECVFROM">UNIX-RECVFROM</a>
|
||
|
<a name="ADDRESS_UDP4_RECVFROM"></a><p></p><dt><strong><strong><code>UDP4-RECVFROM:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_RECVFROM">UDP-RECVFROM</a>, but only supports IPv4 protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>
|
||
|
<a name="ADDRESS_UDP6_RECVFROM"></a><p></p><dt><strong><strong><code>UDP6-RECVFROM:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_RECVFROM">UDP-RECVFROM</a>, but only supports IPv6 protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>
|
||
|
<p><a name="ADDRESS_UDP_RECV"></a><p></p><dt><strong><strong><code>UDP-RECV:<port></code></strong></strong><dd>
|
||
|
Creates a UDP socket on <port> [<a href="socat.html#TYPE_UDP_SERVICE">UDP service</a>] using UDP/IP version 4 or 6
|
||
|
depending on option <a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>.
|
||
|
It receives packets from multiple unspecified peers and merges the data.
|
||
|
No replies are possible. It works well with, e.g., socat UDP-SENDTO address peers; it behaves similar to a syslog server.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_RANGE">RANGE</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_FORK">fork</a>,
|
||
|
<a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>,
|
||
|
<a href="socat.html#OPTION_BIND">bind</a>,
|
||
|
<a href="socat.html#OPTION_SOURCEPORT">sourceport</a>,
|
||
|
<a href="socat.html#OPTION_TTL">ttl</a>,
|
||
|
<a href="socat.html#OPTION_TOS">tos</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UDP4_RECV">UDP4-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP6_RECV">UDP6-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_SENDTO">UDP-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_RECVFROM">UDP-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_CONNECT">UDP-CONNECT</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_LISTEN">UDP-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_RECV">IP-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_RECV">UNIX-RECV</a>
|
||
|
<a name="ADDRESS_UDP4_RECV"></a><p></p><dt><strong><strong><code>UDP4-RECV:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_RECV">UDP-RECV</a>, but only supports IPv4 protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP4">IP4</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>
|
||
|
<a name="ADDRESS_UDP6_RECV"></a><p></p><dt><strong><strong><code>UDP6-RECV:<port></code></strong></strong><dd>
|
||
|
Like <a href="socat.html#ADDRESS_UDP_RECV">UDP-RECV</a>, but only supports IPv6 protocol.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,<a href="socat.html#GROUP_IP6">IP6</a>,<a href="socat.html#GROUP_RANGE">RANGE</a>
|
||
|
<p><a name="ADDRESS_UNIX_CONNECT"></a><p></p><dt><strong><strong><code>UNIX-CONNECT:<filename></code></strong></strong><dd>
|
||
|
Connects to <a href="socat.html#TYPE_FILENAME"><filename></a> assuming it is a UNIX domain
|
||
|
socket.
|
||
|
If <filename> does not exist, this is an error;
|
||
|
if <filename> is not a UNIX domain socket, this is an error;
|
||
|
if <filename> is a UNIX domain socket, but no process is listening, this is
|
||
|
an error.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,
|
||
|
<a href="socat.html#GROUP_NAMED">NAMED</a>,<a href="socat.html#GROUP_RETRY">RETRY</a>,
|
||
|
<a href="socat.html#GROUP_SOCK_UNIX">UNIX</a> <br>)
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_BIND">bind</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UNIX_LISTEN">UNIX-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_SENDTO">UNIX-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_TCP_CONNECT">TCP</a>
|
||
|
<p><a name="ADDRESS_UNIX_LISTEN"></a><p></p><dt><strong><strong><code>UNIX-LISTEN:<filename></code></strong></strong><dd>
|
||
|
Listens on <a href="socat.html#TYPE_FILENAME"><filename></a> using a UNIX domain stream
|
||
|
socket and accepts a connection.
|
||
|
If <filename> exists and is not a socket, this is an error.
|
||
|
If <filename> exists and is a UNIX domain socket, binding to the address
|
||
|
fails (use option <a href="socat.html#OPTION_UNLINK_EARLY">unlink-early</a>!).
|
||
|
Note that opening this address usually blocks until a client connects.
|
||
|
Beginning with socat version 1.4.3, the file system entry is removed when
|
||
|
this address is closed (but see option <a href="socat.html#OPTION_UNLINK_CLOSE">unlink-close</a>) (<a href="socat.html#EXAMPLE_ADDRESS_UNIX_LISTEN">example</a>).<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,
|
||
|
<a href="socat.html#GROUP_NAMED">NAMED</a>,<a href="socat.html#GROUP_LISTEN">LISTEN</a>,
|
||
|
<a href="socat.html#GROUP_CHILD">CHILD</a>,<a href="socat.html#GROUP_RETRY">RETRY</a>,
|
||
|
<a href="socat.html#GROUP_SOCK_UNIX">UNIX</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_FORK">fork</a>,
|
||
|
<a href="socat.html#OPTION_UMASK">umask</a>,
|
||
|
<a href="socat.html#OPTION_MODE">mode</a>,
|
||
|
<a href="socat.html#OPTION_USER">user</a>,
|
||
|
<a href="socat.html#OPTION_GROUP">group</a>,
|
||
|
<a href="socat.html#OPTION_UNLINK_EARLY">unlink-early</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UNIX_CONNECT">UNIX-CONNECT</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_RECVFROM">UNIX-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_RECV">UNIX-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_TCP4_LISTEN">TCP-LISTEN</a>
|
||
|
<p><a name="ADDRESS_UNIX_SENDTO"></a><p></p><dt><strong><strong><code>UNIX-SENDTO:<filename></code></strong></strong><dd>
|
||
|
Communicates with the specified peer socket, defined by [<a href="socat.html#TYPE_FILENAME"><filename></a>] assuming it is a UNIX domain datagram socket.
|
||
|
It sends packets to and receives packets from that peer socket only.
|
||
|
It works well with socat UNIX-RECVFROM and UNIX-RECV address peers.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,
|
||
|
<a href="socat.html#GROUP_NAMED">NAMED</a>,<a href="socat.html#GROUP_SOCK_UNIX">UNIX</a><br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_BIND">bind</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UNIX_RECVFROM">UNIX-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_RECV">UNIX-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_CONNECT">UNIX-CONNECT</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_SENDTO">UDP-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_SENDTO">IP-SENDTO</a>
|
||
|
<p><a name="ADDRESS_UNIX_RECVFROM"></a><p></p><dt><strong><strong><code>UNIX-RECVFROM:<filename></code></strong></strong><dd>
|
||
|
Creates a UNIX domain datagram socket [<a href="socat.html#TYPE_FILENAME"><filename></a>].
|
||
|
Receives one packet and may send one or more answer packets to that peer.
|
||
|
This mode is particularly useful with fork option where each arriving packet - from arbitrary peers - is handled by its own sub process.
|
||
|
This address works well with socat UNIX-SENDTO address peers.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,
|
||
|
<a href="socat.html#GROUP_NAMED">NAMED</a>,<a href="socat.html#GROUP_CHILD">CHILD</a>,
|
||
|
<a href="socat.html#GROUP_SOCK_UNIX">UNIX</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_FORK">fork</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UNIX_SENDTO">UNIX-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_RECV">UNIX-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_LISTEN">UNIX-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_RECVFROM">UDP-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_RECVFROM">IP-RECVFROM</a>
|
||
|
<p><a name="ADDRESS_UNIX_RECV"></a><p></p><dt><strong><strong><code>UNIX-RECV:<filename></code></strong></strong><dd>
|
||
|
Creates a UNIX domain datagram socket [<a href="socat.html#TYPE_FILENAME"><filename></a>].
|
||
|
Receives packets from multiple unspecified peers and merges the data.
|
||
|
No replies are possible. It can be, e.g., addressed by socat UNIX-SENDTO address peers.
|
||
|
It behaves similar to a syslog server.
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,
|
||
|
<a href="socat.html#GROUP_NAMED">NAMED</a>,<a href="socat.html#GROUP_SOCK_UNIX">UNIX</a> <br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UNIX_SENDTO">UNIX-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_RECVFROM">UNIX-RECVFROM</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_LISTEN">UNIX-LISTEN</a>,
|
||
|
<a href="socat.html#ADDRESS_UDP_RECV">UDP-RECV</a>,
|
||
|
<a href="socat.html#ADDRESS_IP_RECV">IP-RECV</a>
|
||
|
<p><a name="ADDRESS_UNIX_CLIENT"></a><p></p><dt><strong><strong><code>UNIX-CLIENT:<filename></code></strong></strong><dd>
|
||
|
Communicates with the specified peer socket, defined by
|
||
|
[<a href="socat.html#TYPE_FILENAME"><filename></a>] assuming it is a UNIX domain socket.
|
||
|
It first tries to connect and, if that fails, assumes it is a datagram
|
||
|
socket, thus supporting both types.<br>
|
||
|
Option groups: <a href="socat.html#GROUP_FD">FD</a>,<a href="socat.html#GROUP_SOCKET">SOCKET</a>,
|
||
|
<a href="socat.html#GROUP_NAMED">NAMED</a>,<a href="socat.html#GROUP_SOCK_UNIX">UNIX</a> <br>
|
||
|
Useful options:
|
||
|
<a href="socat.html#OPTION_BIND">bind</a><br>
|
||
|
See also:
|
||
|
<a href="socat.html#ADDRESS_UNIX_CONNECT">UNIX-CONNECT</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_SENDTO">UNIX-SENDTO</a>,
|
||
|
<a href="socat.html#ADDRESS_GOPEN">GOPEN</a>
|
||
|
<p><p></p><dt><strong><strong><code>ABSTRACT-CONNECT:<string></code></strong></strong><dd>
|
||
|
<p></p><dt><strong><strong><code>ABSTRACT-LISTEN:<string></code></strong></strong><dd>
|
||
|
<p></p><dt><strong><strong><code>ABSTRACT-SENDTO:<string></code></strong></strong><dd>
|
||
|
<p></p><dt><strong><strong><code>ABSTRACT-RECVFROM:<string></code></strong></strong><dd>
|
||
|
<p></p><dt><strong><strong><code>ABSTRACT-RECV:<string></code></strong></strong><dd>
|
||
|
<p></p><dt><strong><strong><code>ABSTRACT-CLIENT:<string></code></strong></strong><dd>
|
||
|
The ABSTRACT addresses are almost identical to the related UNIX addresses
|
||
|
except that they do not address file system based sockets but an alternate
|
||
|
UNIX domain address space. To archieve this the socket address strings are
|
||
|
prefixed with "\0" internally. This feature is available (only?) on Linux.
|
||
|
Option groups are the same as with the related UNIX addresses, except that
|
||
|
the ABSTRACT addresses are not member of the NAMED group.
|
||
|
</dl>
|
||
|
<p><a name="ADDRESS_OPTIONS"></a>
|
||
|
<h2>ADDRESS OPTIONS</h2>
|
||
|
|
||
|
<p>Address options can be applied to address specifications to influence the
|
||
|
process of opening the addresses and the
|
||
|
properties of the resulting data channels.
|
||
|
<p>For technical reasons not every option can be
|
||
|
applied to every address type; e.g., applying a socket option to a regular file
|
||
|
will fail. To catch most useless combinations as early as in the open phase,
|
||
|
the concept of <em>option groups</em> was introduced. Each option belongs to one
|
||
|
or more option groups. Options can be used only with address types that support
|
||
|
at least one of their option groups (but see <a href="socat.html#option_g">option -g</a>).
|
||
|
<p>Address options have data types that their values must conform to.
|
||
|
Every address option consists of just a keyword or a keyword followed by
|
||
|
"=value", where value must conform to the options type.
|
||
|
|
||
|
Some address options manipulate parameters of system calls;
|
||
|
e.g., option sync sets the <code>O_SYNC</code> flag with the <code>open()</code> call.
|
||
|
Other options cause a system or library call; e.g., with option `ttl=value'
|
||
|
the <code>setsockopt(fd, SOL_IP, IP_TTL, value, sizeof(int))</code> call is applied.
|
||
|
Other
|
||
|
options set internal <strong>socat</strong> variables that are used during data transfer;
|
||
|
e.g., `crnl' causes explicit character conversions.
|
||
|
A few options have more complex implementations; e.g., su-d
|
||
|
(substuser-delayed) inquires some user and group infos, stores them, and
|
||
|
applies them later after a possible <code>chroot()</code> call.
|
||
|
<p>If multiple options are given to an address, their sequence in the address specification has (almost) no
|
||
|
effect on the sequence of their execution/application. Instead, <strong>socat</strong> has
|
||
|
built in an <em>option phase</em> model that tries to bring the options in a useful
|
||
|
order. Some options exist in different forms (e.g.,
|
||
|
unlink, unlink-early, unlink-late) to control the time of their execution.
|
||
|
<p>If the same option is specified more than once within one address
|
||
|
specification, with equal or different values, the effect depends on the kind of option. Options
|
||
|
resulting in function calls like <code>setsockopt()</code> cause multiple
|
||
|
invocations. With options that set parameters for a required call like
|
||
|
<code>open()</code>
|
||
|
or set internal flags, the value of the last option occurrence is effective.
|
||
|
<p>The existence or semantics of many options are system dependent. <strong>Socat</strong>
|
||
|
usually does NOT try to emulate missing libc or kernel features, it just
|
||
|
provides an
|
||
|
interface to the underlying system. So, if an operating system lacks a feature,
|
||
|
the related option is simply not available on this platform.
|
||
|
<p>The following paragraphs introduce just the more common address options. For
|
||
|
a more comprehensive reference and to find information about canonical option
|
||
|
names, alias names, option phases, and platforms see file <strong>xio.help</strong>.
|
||
|
<br> <br>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_FD"></a><em><strong>FD option group</strong></em>
|
||
|
<p>This option group contains options that are applied to a UN*X
|
||
|
style file descriptor, no matter how it was generated.
|
||
|
Because all current <strong>socat</strong> address types are file descriptor based, these
|
||
|
options may be applied to any address. <br>
|
||
|
Note: Some of these options are also member of another option group, that
|
||
|
provides an other, non-fd based mechanism.
|
||
|
For these options, it depends on the actual address type and its option groups
|
||
|
which mechanism is used. The second, non-fd based mechanism is prioritized.
|
||
|
<dl>
|
||
|
<a name="OPTION_CLOEXEC"></a><p></p><dt><strong><strong><code>cloexec=<bool></code></strong></strong><dd>
|
||
|
Sets the <code>FD_CLOEXEC</code> flag with the <code>fcntl()</code> system call to value
|
||
|
<a href="socat.html#TYPE_BOOL"><bool></a>. If set,
|
||
|
the file descriptor is closed on <code>exec()</code> family function calls. <strong>Socat</strong>
|
||
|
internally handles
|
||
|
this flag for the fds it controls, so in most cases there will be no need to
|
||
|
apply this option.
|
||
|
<a name="OPTION_SETLK_WR"></a><p></p><dt><strong><strong><code>setlk</code></strong></strong><dd>
|
||
|
Tries to set a discretionary write lock to the whole file using the <code>fcntl(fd,
|
||
|
F_SETLK, ...)</code> system call. If the file is already locked, this call results
|
||
|
in an error.
|
||
|
On Linux, when the file permissions for group are "S" (g-x,g+s), and the
|
||
|
file system is locally mounted with the "mand" option, the lock is
|
||
|
mandatory, i.e. prevents other processes from opening the file.
|
||
|
<a name="OPTION_SETLKW_WR"></a><p></p><dt><strong><strong><code>setlkw</code></strong></strong><dd>
|
||
|
Tries to set a discretionary waiting write lock to the whole file using the
|
||
|
<code>fcntl(fd, F_SETLKW, ...)</code> system call. If the file is already locked,
|
||
|
this call blocks.
|
||
|
See option <a href="socat.html#OPTION_SETLK_WR">setlk</a> for information about making this
|
||
|
lock mandatory.
|
||
|
<a name="OPTION_SETLK_RD"></a><p></p><dt><strong><strong><code>setlk-rd</code></strong></strong><dd>
|
||
|
Tries to set a discretionary read lock to the whole file using the <code>fcntl(fd,
|
||
|
F_SETLK, ...)</code> system call. If the file is already write locked, this call
|
||
|
results in an error.
|
||
|
See option <a href="socat.html#OPTION_SETLK_WR">setlk</a> for information about making this
|
||
|
lock mandatory.
|
||
|
<a name="OPTION_SETLKW_RD"></a><p></p><dt><strong><strong><code>setlkw-rd</code></strong></strong><dd>
|
||
|
Tries to set a discretionary waiting read lock to the whole file using the
|
||
|
<code>fcntl(fd, F_SETLKW, ...)</code> system call. If the file is already write
|
||
|
locked, this call blocks.
|
||
|
See option <a href="socat.html#OPTION_SETLK_WR">setlk</a> for information about making this
|
||
|
lock mandatory.
|
||
|
<a name="OPTION_FLOCK_EX"></a><p></p><dt><strong><strong><code>flock-ex</code></strong></strong><dd>
|
||
|
Tries to set a blocking exclusive advisory lock to the file using the
|
||
|
<code>flock(fd, LOCK_EX)</code> system call. <strong>Socat</strong> hangs in this call if the file
|
||
|
is locked by another process.
|
||
|
<a name="OPTION_FLOCK_EX_NB"></a><p></p><dt><strong><strong><code>flock-ex-nb</code></strong></strong><dd>
|
||
|
Tries to set a nonblocking exclusive advisory lock to the file using the
|
||
|
<code>flock(fd, LOCK_EX|LOCK_NB)</code> system call. If the file is already locked,
|
||
|
this option results in an error.
|
||
|
<a name="OPTION_FLOCK_SH"></a><p></p><dt><strong><strong><code>flock-sh</code></strong></strong><dd>
|
||
|
Tries to set a blocking shared advisory lock to the file using the
|
||
|
<code>flock(fd, LOCK_SH)</code> system call. <strong>Socat</strong> hangs in this call if the file
|
||
|
is locked by another process.
|
||
|
<a name="OPTION_FLOCK_SH_NB"></a><p></p><dt><strong><strong><code>flock-sh-nb</code></strong></strong><dd>
|
||
|
Tries to set a nonblocking shared advisory lock to the file using the
|
||
|
<code>flock(fd, LOCK_SH|LOCK_NB)</code> system call. If the file is already locked,
|
||
|
this option results in an error.
|
||
|
<a name="OPTION_LOCK"></a><p></p><dt><strong><strong><code>lock</code></strong></strong><dd>
|
||
|
Sets a blocking lock on the file. Uses the setlk or flock mechanism
|
||
|
depending on availability on the particular platform. If both are available,
|
||
|
the POSIX variant (setlkw) is used.
|
||
|
<a name="OPTION_USER"></a><p></p><dt><strong><strong><code>user=<user></code></strong></strong><dd>
|
||
|
Sets the <a href="socat.html#TYPE_USER"><user></a> (owner) of the stream.
|
||
|
If the address is member of the NAMED option group,
|
||
|
<strong>socat</strong> uses the <code>chown()</code> system call after opening the
|
||
|
file or binding to the UNIX domain socket (race condition!).
|
||
|
Without filesystem entry, <strong>socat</strong> sets the user of the stream
|
||
|
using the <code>fchown()</code> system call.
|
||
|
These calls might require root privilege.
|
||
|
<a name="OPTION_USER_LATE"></a><p></p><dt><strong><strong><code>user-late=<user></code></strong></strong><dd>
|
||
|
Sets the owner of the fd to <a href="socat.html#TYPE_USER"><user></a> with the <code>fchown()</code>
|
||
|
system call after opening
|
||
|
or connecting the channel.
|
||
|
This is useful only on file system entries.
|
||
|
<a name="OPTION_GROUP"></a><p></p><dt><strong><strong><code>group=<group></code></strong></strong><dd>
|
||
|
Sets the <a href="socat.html#TYPE_GROUP"><group></a> of the stream.
|
||
|
If the address is member of the NAMED option group,
|
||
|
<strong>socat</strong> uses the <code>chown()</code> system call after opening the
|
||
|
file or binding to the UNIX domain socket (race condition!).
|
||
|
Without filesystem entry, <strong>socat</strong> sets the group of the stream
|
||
|
with the <code>fchown()</code> system call.
|
||
|
These calls might require group membership or root privilege.
|
||
|
<a name="OPTION_GROUP_LATE"></a><p></p><dt><strong><strong><code>group-late=<group></code></strong></strong><dd>
|
||
|
Sets the group of the fd to <a href="socat.html#TYPE_GROUP"><group></a> with the
|
||
|
<code>fchown()</code> system call after opening
|
||
|
or connecting the channel.
|
||
|
This is useful only on file system entries.
|
||
|
<a name="OPTION_MODE"></a><p></p><dt><strong><strong><code>mode=<mode></code></strong></strong><dd>
|
||
|
Sets the <mode> [<a href="socat.html#TYPE_MODE_T">mode_t</a>] (permissions) of the stream.
|
||
|
If the address is member of the NAMED option group and
|
||
|
uses the <code>open()</code> or <code>creat()</code> call, the mode is applied with these.
|
||
|
If the address is member of the NAMED option group without using these
|
||
|
system calls, <strong>socat</strong> uses the <code>chmod()</code> system call after opening the
|
||
|
filesystem entry or binding to the UNIX domain socket (race condition!).
|
||
|
Otherwise, <strong>socat</strong> sets the mode of the stream
|
||
|
using <code>fchmod()</code>.
|
||
|
These calls might require ownership or root privilege.
|
||
|
<a name="OPTION_PERM_LATE"></a><p></p><dt><strong><strong><code>perm-late=<mode></code></strong></strong><dd>
|
||
|
Sets the permissions of the fd to value <mode>
|
||
|
[<a href="socat.html#TYPE_MODE_T">mode_t</a>] using the <code>fchmod()</code> system call after
|
||
|
opening or connecting the channel.
|
||
|
This is useful only on file system entries.
|
||
|
<a name="OPTION_APPEND"></a><p></p><dt><strong><strong><code>append=<bool></code></strong></strong><dd>
|
||
|
Always writes data to the actual end of file.
|
||
|
If the address is member of the OPEN option group,
|
||
|
<strong>socat</strong> uses the <code>O_APPEND</code> flag with the <code>open()</code> system call
|
||
|
(<a href="socat.html#EXAMPLE_OPTION_APPEND">example</a>).
|
||
|
Otherwise, <strong>socat</strong> applies the <code>fcntl(fd, F_SETFL, O_APPEND)</code> call.
|
||
|
<a name="OPTION_NONBLOCK"></a><p></p><dt><strong><strong><code>nonblock=<bool></code></strong></strong><dd>
|
||
|
Tries to open or use file in nonblocking mode. Its only effects are that the
|
||
|
<code>connect()</code> call of TCP addresses does not block, and that opening a
|
||
|
named pipe for reading does not block.
|
||
|
If the address is member of the OPEN option group,
|
||
|
<strong>socat</strong> uses the <code>O_NONBLOCK</code> flag with the <code>open()</code> system call.
|
||
|
Otherwise, <strong>socat</strong> applies the <code>fcntl(fd, F_SETFL, O_NONBLOCK)</code> call.
|
||
|
|
||
|
|
||
|
<a name="OPTION_O_BINARY"></a><p></p><dt><strong><strong><code>binary</code></strong></strong><dd>
|
||
|
Opens the file in binary mode to avoid implicit line terminator
|
||
|
conversions (Cygwin).
|
||
|
<a name="OPTION_O_TEXT"></a><p></p><dt><strong><strong><code>text</code></strong></strong><dd>
|
||
|
Opens the file in text mode to force implicit line terminator conversions
|
||
|
(Cygwin).
|
||
|
<a name="OPTION_O_NOINHERIT"></a><p></p><dt><strong><strong><code>noinherit</code></strong></strong><dd>
|
||
|
Does not keep this file open in a spawned process (Cygwin).
|
||
|
<a name="OPTION_COOL_WRITE"></a><p></p><dt><strong><strong><code>cool-write</code></strong></strong><dd>
|
||
|
Takes it easy when write fails with EPIPE or ECONNRESET and logs the message
|
||
|
with <em>notice</em> level instead of <em>error</em>.
|
||
|
This prevents the log file from being filled with useless error messages
|
||
|
when socat is used as a high volume server or proxy where clients often
|
||
|
abort the connection.<br>
|
||
|
This option is experimental.
|
||
|
<a name="OPTION_END_CLOSE"></a><p></p><dt><strong><strong><code>end-close</code></strong></strong><dd>
|
||
|
Changes the (address dependent) method of ending a connection to just close
|
||
|
the file descriptors. This is useful when the connection is to be reused by
|
||
|
or shared with other processes (<a href="socat.html#EXAMPLE_END_CLOSE">example</a>).<br>
|
||
|
Normally, socket connections will be ended with <code>shutdown(2)</code> which
|
||
|
terminates the socket even if it is shared by multiple processes.
|
||
|
<code>close(2)</code> "unlinks" the socket from the process but keeps it active as
|
||
|
long as there are still links from other processes.<br>
|
||
|
Similarly, when an address of type EXEC or SYSTEM is ended, socat usually
|
||
|
will explicitely kill the sub process. With this option, it will just close
|
||
|
the file descriptors.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_NAMED"></a><em><strong>NAMED option group</strong></em>
|
||
|
<p>These options work on file system entries.<br>
|
||
|
See also options <a href="socat.html#OPTION_USER">user</a>, <a href="socat.html#OPTION_GROUP">group</a>, and
|
||
|
<a href="socat.html#OPTION_MODE">mode</a>.
|
||
|
<p><dl>
|
||
|
<a name="OPTION_USER_EARLY"></a><p></p><dt><strong><strong><code>user-early=<user></code></strong></strong><dd>
|
||
|
Changes the <a href="socat.html#TYPE_USER"><user></a> (owner) of the file system entry before
|
||
|
accessing it, using the
|
||
|
<code>chown()</code> system call. This call might require root privilege.
|
||
|
<a name="OPTION_GROUP_EARLY"></a><p></p><dt><strong><strong><code>group-early=<group></code></strong></strong><dd>
|
||
|
Changes the <a href="socat.html#TYPE_GROUP"><group></a> of the file system entry before
|
||
|
accessing it, using the
|
||
|
<code>chown()</code> system call. This call might require group membership or root
|
||
|
privilege.
|
||
|
<a name="OPTION_PERM_EARLY"></a><p></p><dt><strong><strong><code>perm-early=<mode></code></strong></strong><dd>
|
||
|
Changes the <mode> [<a href="socat.html#TYPE_MODE_T">mode_t</a>] of the file system entry
|
||
|
before accessing it, using the
|
||
|
<code>chmod()</code> system call. This call might require ownership or root
|
||
|
privilege.
|
||
|
<a name="OPTION_UMASK"></a><p></p><dt><strong><strong><code>umask=<mode></code></strong></strong><dd>
|
||
|
Sets the umask of the process to <mode> [<a href="socat.html#TYPE_MODE_T">mode_t</a>] before
|
||
|
accessing the file system entry (useful
|
||
|
with UNIX domain sockets!). This call might affect all further operations
|
||
|
of the <strong>socat</strong> process!
|
||
|
<a name="OPTION_UNLINK_EARLY"></a><p></p><dt><strong><strong><code>unlink-early</code></strong></strong><dd>
|
||
|
Unlinks (removes) the file before opening it and even before applying
|
||
|
user-early etc.
|
||
|
<a name="OPTION_UNLINK"></a><p></p><dt><strong><strong><code>unlink</code></strong></strong><dd>
|
||
|
Unlinks (removes) the file before accessing it, but after user-early etc.
|
||
|
<a name="OPTION_UNLINK_LATE"></a><p></p><dt><strong><strong><code>unlink-late</code></strong></strong><dd>
|
||
|
Unlinks (removes) the file after opening it to make it inaccessible for
|
||
|
other processes after a short race condition.
|
||
|
<a name="OPTION_UNLINK_CLOSE"></a><p></p><dt><strong><strong><code>unlink-close</code></strong></strong><dd>
|
||
|
Removes the addresses file system entry when closing the address.
|
||
|
For <a href="socat.html#ADDRESS_NAMED_PIPE">named pipes</a>,
|
||
|
<a href="socat.html#ADDRESS_UNIX_LISTEN">listening unix domain sockets</a>,
|
||
|
and the <a href="socat.html#OPTION_SYMBOLIC_LINK">symbolic links</a> of <a href="socat.html#ADDRESS_PTY">pty addresses</a>,
|
||
|
the default is 1; for <a href="socat.html#ADDRESS_CREAT">created files</a>,
|
||
|
<a href="socat.html#ADDRESS_OPEN">opened files</a>,
|
||
|
<a href="socat.html#ADDRESS_GOPEN">generic opened files</a>, and
|
||
|
<a href="socat.html#ADDRESS_UNIX_CONNECT">client unix domain sockets</a> the default is 0.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_OPEN"></a><em><strong>OPEN option group</strong></em>
|
||
|
<p>The OPEN group options allow to set flags with the <code>open()</code> system call.
|
||
|
E.g., option `creat' sets the <code>O_CREAT</code> flag.<br>
|
||
|
See also options <a href="socat.html#OPTION_APPEND">append</a> and
|
||
|
<a href="socat.html#OPTION_NONBLOCK">nonblock</a>.
|
||
|
<dl>
|
||
|
<a name="OPTION_CREAT"></a><p></p><dt><strong><strong><code>creat=<bool></code></strong></strong><dd>
|
||
|
Creates the file if it does not exist (<a href="socat.html#EXAMPLE_OPTION_CREAT">example</a>).
|
||
|
<a name="OPTION_DSYNC"></a><p></p><dt><strong><strong><code>dsync=<bool></code></strong></strong><dd>
|
||
|
Blocks <code>write()</code> calls until metainfo is physically written to media.
|
||
|
<a name="OPTION_EXCL"></a><p></p><dt><strong><strong><code>excl=<bool></code></strong></strong><dd>
|
||
|
With option creat, if file exists this is an error.
|
||
|
<a name="OPTION_LARGEFILE"></a><p></p><dt><strong><strong><code>largefile=<bool></code></strong></strong><dd>
|
||
|
On 32 bit systems, allows a file larger than 2^31 bytes.
|
||
|
<a name="OPTION_O_NOATIME"></a><p></p><dt><strong><strong><code>noatime</code></strong></strong><dd>
|
||
|
Sets the O_NOATIME options, so reads do not change the access timestamp.
|
||
|
<a name="OPTION_NOCTTY"></a><p></p><dt><strong><strong><code>noctty=<bool></code></strong></strong><dd>
|
||
|
Does not make this file the controlling terminal.
|
||
|
<a name="OPTION_NOFOLLOW"></a><p></p><dt><strong><strong><code>nofollow=<bool></code></strong></strong><dd>
|
||
|
Does not follow symbolic links.
|
||
|
<a name="OPTION_NSHARE"></a><p></p><dt><strong><strong><code>nshare=<bool></code></strong></strong><dd>
|
||
|
Does not allow to share this file with other processes.
|
||
|
<a name="OPTION_RSHARE"></a><p></p><dt><strong><strong><code>rshare=<bool></code></strong></strong><dd>
|
||
|
Does not allow other processes to open this file for writing.
|
||
|
<a name="OPTION_RSYNC"></a><p></p><dt><strong><strong><code>rsync=<bool></code></strong></strong><dd>
|
||
|
Blocks <code>write()</code> until metainfo is physically written to media.
|
||
|
<a name="OPTION_SYNC"></a><p></p><dt><strong><strong><code>sync=<bool></code></strong></strong><dd>
|
||
|
Blocks <code>write()</code> until data is physically written to media.
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a name="OPTION_RDONLY"></a><p></p><dt><strong><strong><code>rdonly=<bool></code></strong></strong><dd>
|
||
|
Opens the file for reading only.
|
||
|
|
||
|
<a name="OPTION_WRONLY"></a><p></p><dt><strong><strong><code>wronly=<bool></code></strong></strong><dd>
|
||
|
Opens the file for writing only.
|
||
|
<a name="OPTION_TRUNC"></a><p></p><dt><strong><strong><code>trunc</code></strong></strong><dd>
|
||
|
Truncates the file to size 0 during opening it.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_REG"></a><em><strong>REG and BLK option group</strong></em>
|
||
|
<p>These options are usually applied to a UN*X file descriptor, but their
|
||
|
semantics make sense only on a file supporting random access.
|
||
|
<dl>
|
||
|
<a name="OPTION_SEEK"></a><p></p><dt><strong><strong><code>seek=<offset></code></strong></strong><dd>
|
||
|
Applies the <code>lseek(fd, <offset>, SEEK_SET)</code> (or <code>lseek64</code>) system
|
||
|
call, thus positioning the file pointer absolutely to <offset>
|
||
|
[<a href="socat.html#TYPE_OFF">off_t</a> or <a href="socat.html#TYPE_OFF64">off64_t</a>].
|
||
|
<a name="OPTION_SEEK_CUR"></a><p></p><dt><strong><strong><code>seek-cur=<offset></code></strong></strong><dd>
|
||
|
Applies the <code>lseek(fd, <offset>, SEEK_CUR)</code> (or <code>lseek64</code>) system
|
||
|
call, thus positioning the file pointer <offset> [<a href="socat.html#TYPE_OFF">off_t</a> or
|
||
|
<a href="socat.html#TYPE_OFF64">off64_t</a>] bytes relatively to its current position (which
|
||
|
is usually 0).
|
||
|
<a name="OPTION_SEEK_END"></a><p></p><dt><strong><strong><code>seek-end=<offset></code></strong></strong><dd>
|
||
|
Applies the <code>lseek(fd, <offset>, SEEK_END)</code> (or <code>lseek64</code>) system
|
||
|
call, thus positioning the file pointer <offset> [<a href="socat.html#TYPE_OFF">off_t</a> or
|
||
|
<a href="socat.html#TYPE_OFF64">off64_t</a>] bytes relatively to the files current end.
|
||
|
<a name="OPTION_FTRUNCATE"></a><p></p><dt><strong><strong><code>ftruncate=<offset></code></strong></strong><dd>
|
||
|
Applies the <code>ftruncate(fd, <offset>)</code>
|
||
|
(or <code>ftruncate64</code> if available) system call, thus
|
||
|
truncating the file at the position <offset> [<a href="socat.html#TYPE_OFF">off_t</a> or
|
||
|
<a href="socat.html#TYPE_OFF64">off64_t</a>].
|
||
|
<p><a name="OPTION_EXT2_SECRM_FL"></a><p></p><dt><strong><strong><code>secrm=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_EXT2_UNRM"></a><p></p><dt><strong><strong><code>unrm=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_EXT2_COMPR"></a><p></p><dt><strong><strong><code>compr=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_EXT2_SYNC"></a><p></p><dt><strong><strong><code>ext2-sync=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_EXT2_IMMUTABLE"></a><p></p><dt><strong><strong><code>immutable=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_EXT2_APPEND"></a><p></p><dt><strong><strong><code>ext2-append=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_EXT2_NODUMP"></a><p></p><dt><strong><strong><code>nodump=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_EXT2_NOATIME"></a><p></p><dt><strong><strong><code>ext2-noatime=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_EXT2_JOURNAL_DATA"></a><p></p><dt><strong><strong><code>journal-data=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_EXT2_NOTAIL"></a><p></p><dt><strong><strong><code>notail=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_EXT2_DIRSYNC"></a><p></p><dt><strong><strong><code>dirsync=<bool></code></strong></strong><dd>
|
||
|
These options change non standard file attributes on operating systems and
|
||
|
file systems that support these features, like Linux with ext2fs,
|
||
|
ext3fs, or reiserfs. See man 1 chattr for information on these options.
|
||
|
Please note that there might be a race condition between creating the file
|
||
|
and applying these options.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_PROCESS"></a><em><strong>PROCESS option group</strong></em>
|
||
|
<p>Options of this group change the process properties instead of just affecting
|
||
|
one data channel.
|
||
|
For EXEC and SYSTEM addresses and for LISTEN and CONNECT type addresses with
|
||
|
option FORK,
|
||
|
these options apply to the child processes instead of the main socat process.
|
||
|
<dl>
|
||
|
<a name="OPTION_CHROOT"></a><p></p><dt><strong><strong><code>chroot=<directory></code></strong></strong><dd>
|
||
|
Performs a <code>chroot()</code> operation to <a href="socat.html#TYPE_DIRECTORY"><directory></a>
|
||
|
after processing the address (<a href="socat.html#EXAMPLE_OPTION_CHROOT">example</a>). This call might require root privilege.
|
||
|
<a name="OPTION_CHROOT_EARLY"></a><p></p><dt><strong><strong><code>chroot-early=<directory></code></strong></strong><dd>
|
||
|
Performs a <code>chroot()</code> operation to <a href="socat.html#TYPE_DIRECTORY"><directory></a>
|
||
|
before opening the address. This call might require root privilege.
|
||
|
<a name="OPTION_SETGID"></a><p></p><dt><strong><strong><code>setgid=<group></code></strong></strong><dd>
|
||
|
Changes the primary <a href="socat.html#TYPE_GROUP"><group></a> of the process after
|
||
|
processing the address. This call might require root privilege.
|
||
|
<a name="OPTION_SETGID_EARLY"></a><p></p><dt><strong><strong><code>setgid-early=<group></code></strong></strong><dd>
|
||
|
Changes the primary <a href="socat.html#TYPE_GROUP"><group></a> of the process before opening
|
||
|
the address. This call might require root privilege.
|
||
|
<a name="OPTION_SETUID"></a><p></p><dt><strong><strong><code>setuid=<user></code></strong></strong><dd>
|
||
|
Changes the <a href="socat.html#TYPE_USER"><user></a> (owner) of the process after processing
|
||
|
the address. This call might require root privilege.
|
||
|
<a name="OPTION_SETUID_EARLY"></a><p></p><dt><strong><strong><code>setuid-early=<user></code></strong></strong><dd>
|
||
|
Changes the <a href="socat.html#TYPE_USER"><user></a> (owner) of the process before opening
|
||
|
the address. This call might require root privilege.
|
||
|
<a name="OPTION_SUBSTUSER"></a><p></p><dt><strong><strong><code>su=<user></code></strong></strong><dd>
|
||
|
Changes the <a href="socat.html#TYPE_USER"><user></a> (owner) and groups of the process after
|
||
|
processing the address (<a href="socat.html#EXAMPLE_OPTION_SUBSTUSER">example</a>). This call might require root privilege.
|
||
|
<a name="OPTION_SUBSTUSER_DELAYED"></a><p></p><dt><strong><strong><code>su-d=<user></code></strong></strong><dd>
|
||
|
Short name for <strong><code>substuser-delayed</code></strong>.
|
||
|
Changes the <a href="socat.html#TYPE_USER"><user></a>
|
||
|
(owner) and groups of the process after processing the address (<a href="socat.html#EXAMPLE_OPTION_SUBSTUSER_DELAYED">example</a>).
|
||
|
The user and his groups are retrieved <em>before</em> a possible
|
||
|
<code>chroot()</code>. This call might require root privilege.
|
||
|
<a name="OPTION_SETPGID"></a><p></p><dt><strong><strong><code>setpgid=<pid_t></code></strong></strong><dd>
|
||
|
Makes the process a member of the specified process group
|
||
|
<a href="socat.html#TYPE_PID_T"><pid_t></a>. If no value
|
||
|
is given, or if the value is 0 or 1, the process becomes leader of a new
|
||
|
process group.
|
||
|
<a name="OPTION_SETSID"></a><p></p><dt><strong><strong><code>setsid</code></strong></strong><dd>
|
||
|
Makes the process the leader of a new session (<a href="socat.html#EXAMPLE_OPTION_SETSID">example</a>).
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_READLINE"></a><em><strong>READLINE option group</strong></em>
|
||
|
<p>These options apply to the readline address type.
|
||
|
<dl>
|
||
|
<a name="OPTION_HISTORY"></a><p></p><dt><strong><strong><code>history=<filename></code></strong></strong><dd>
|
||
|
Reads and writes history from/to <a href="socat.html#TYPE_FILENAME"><filename></a> (<a href="socat.html#EXAMPLE_OPTION_HISTORY">example</a>).
|
||
|
<a name="OPTION_NOPROMPT"></a><p></p><dt><strong><strong><code>noprompt</code></strong></strong><dd>
|
||
|
Since version 1.4.0, socat per default tries to determine a prompt -
|
||
|
that is then passed to the readline call - by remembering the last
|
||
|
incomplete line of the output. With this option, socat does not pass a
|
||
|
prompt to readline, so it begins line editing in the first column
|
||
|
of the terminal.
|
||
|
<a name="OPTION_NOECHO"></a><p></p><dt><strong><strong><code>noecho=<pattern></code></strong></strong><dd>
|
||
|
Specifies a regular pattern for a prompt that prevents the following input
|
||
|
line from being displayed on the screen and from being added to the history.
|
||
|
The prompt is defined as the text that was output to the readline address
|
||
|
after the lastest newline character and before an input character was
|
||
|
typed. The pattern is a regular expression, e.g.
|
||
|
"^[Pp]assword:.*$" or "([Uu]ser:|[Pp]assword:)". See regex(7) for details.
|
||
|
(<a href="socat.html#EXAMPLE_OPTION_NOECHO">example</a>)
|
||
|
<a name="OPTION_PROMPT"></a><p></p><dt><strong><strong><code>prompt=<string></code></strong></strong><dd>
|
||
|
Passes the string as prompt to the readline function. readline prints this
|
||
|
prompt when stepping through the history. If this string matches a constant
|
||
|
prompt issued by an interactive program on the other socat address,
|
||
|
consistent look and feel can be archieved.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_APPLICATION"></a><em><strong>APPLICATION option group</strong></em>
|
||
|
<p>This group contains options that work at data level.
|
||
|
Note that these options only apply to the "raw" data transferred by socat,
|
||
|
but not to protocol data used by addresses like
|
||
|
<a href="socat.html#ADDRESS_PROXY_CONNECT">PROXY</a>.
|
||
|
<dl>
|
||
|
<a name="OPTION_CR"></a><p></p><dt><strong><strong><code>cr</code></strong></strong><dd>
|
||
|
Converts the default line termination character NL ('\n', 0x0a) to/from CR
|
||
|
('\r', 0x0d) when writing/reading on this channel.
|
||
|
<a name="OPTION_CRNL"></a><p></p><dt><strong><strong><code>crnl</code></strong></strong><dd>
|
||
|
Converts the default line termination character NL ('\n', 0x0a) to/from CRNL
|
||
|
("\r\n", 0x0d0a) when writing/reading on this channel (<a href="socat.html#EXAMPLE_OPTION_CRNL">example</a>).
|
||
|
Note: socat simply strips all CR characters.
|
||
|
<a name="OPTION_IGNOREEOF"></a><p></p><dt><strong><strong><code>ignoreeof</code></strong></strong><dd>
|
||
|
When EOF occurs on this channel, <strong>socat</strong> ignores it and tries to read more
|
||
|
data (like "tail -f") (<a href="socat.html#EXAMPLE_OPTION_IGNOREEOF">example</a>).
|
||
|
<a name="OPTION_READBYTES"></a><p></p><dt><strong><strong><code>readbytes=<bytes></code></strong></strong><dd>
|
||
|
<strong>socat</strong> reads only so many bytes from this address (the address provides
|
||
|
only so many bytes for transfer and pretends to be at EOF afterwards).
|
||
|
Must be greater than 0.
|
||
|
<a name="OPTION_LOCKFILE"></a><p></p><dt><strong><strong><code>lockfile=<filename></code></strong></strong><dd>
|
||
|
If lockfile exists, exits with error. If lockfile does not exist, creates it
|
||
|
and continues, unlinks lockfile on exit.
|
||
|
<a name="OPTION_WAITLOCK"></a><p></p><dt><strong><strong><code>waitlock=<filename></code></strong></strong><dd>
|
||
|
If lockfile exists, waits until it disappears. When lockfile does not exist,
|
||
|
creates it and continues, unlinks lockfile on exit.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_SOCKET"></a><em><strong>SOCKET option group</strong></em>
|
||
|
<p>These options are intended for all kinds of sockets, e.g. IP or UNIX domain. Most are applied with a <code>setsockopt()</code> call.
|
||
|
<dl>
|
||
|
<a name="OPTION_BIND"></a><p></p><dt><strong><strong><code>bind=<sockname></code></strong></strong><dd>
|
||
|
Binds the socket to the given socket address using the <code>bind()</code> system
|
||
|
call. The form of <sockname> is socket domain dependent:
|
||
|
IP4 and IP6 allow the form [hostname|hostaddress][:(service|port)] (<a href="socat.html#EXAMPLE_OPTION_BIND_TCP4">example</a>),
|
||
|
UNIX domain sockets require <a href="socat.html#TYPE_FILENAME"><filename></a>.
|
||
|
<a name="OPTION_CONNECT_TIMEOUT"></a><p></p><dt><strong><strong><code>connect-timeout=<seconds></code></strong></strong><dd>
|
||
|
Abort the connection attempt after <seconds> [<a href="socat.html#TYPE_TIMEVAL">timeval</a>]
|
||
|
with error status.
|
||
|
<a name="OPTION_INTERFACE"></a><p></p><dt><strong><strong><code>interface=<interface></code></strong></strong><dd>
|
||
|
Binds the socket to the given <a href="socat.html#TYPE_INTERFACE"><interface></a>.
|
||
|
This option might require root privilege.
|
||
|
<a name="OPTION_SO_BROADCAST"></a><p></p><dt><strong><strong><code>broadcast</code></strong></strong><dd>
|
||
|
For datagram sockets, allows sending to broadcast addresses and receiving
|
||
|
packets addressed to broadcast addresses.
|
||
|
<a name="OPTION_BSDCOMPAT"></a><p></p><dt><strong><strong><code>bsdcompat</code></strong></strong><dd>
|
||
|
Emulates some (old?) bugs of the BSD socket implementation.
|
||
|
<a name="OPTION_DEBUG"></a><p></p><dt><strong><strong><code>debug</code></strong></strong><dd>
|
||
|
Enables socket debugging.
|
||
|
<a name="OPTION_DONTROUTE"></a><p></p><dt><strong><strong><code>dontroute</code></strong></strong><dd>
|
||
|
Only communicates with directly connected peers, does not use routers.
|
||
|
<a name="OPTION_KEEPALIVE"></a><p></p><dt><strong><strong><code>keepalive</code></strong></strong><dd>
|
||
|
Enables sending keepalives on the socket.
|
||
|
<a name="OPTION_LINGER"></a><p></p><dt><strong><strong><code>linger=<seconds></code></strong></strong><dd>
|
||
|
Blocks <code>shutdown()</code> or <code>close()</code> until data transfers have finished
|
||
|
or the given timeout [<a href="socat.html#TYPE_INT">int</a>] expired.
|
||
|
|
||
|
<a name="OPTION_OOBINLINE"></a><p></p><dt><strong><strong><code>oobinline</code></strong></strong><dd>
|
||
|
Places out-of-band data in the input data stream.
|
||
|
<a name="OPTION_PRIORITY"></a><p></p><dt><strong><strong><code>priority=<priority></code></strong></strong><dd>
|
||
|
Sets the protocol defined <priority> [<a href="socat.html#TYPE_INT"><int></a>] for outgoing
|
||
|
packets.
|
||
|
<a name="OPTION_RCVBUF"></a><p></p><dt><strong><strong><code>rcvbuf=<bytes></code></strong></strong><dd>
|
||
|
Sets the size of the receive buffer after the <code>socket()</code> call to
|
||
|
<bytes> [<a href="socat.html#TYPE_INT">int</a>]. With TCP
|
||
|
sockets, this value corresponds to the socket's maximal window size.
|
||
|
<a name="OPTION_RCVBUF_LATE"></a><p></p><dt><strong><strong><code>rcvbuf-late=<bytes></code></strong></strong><dd>
|
||
|
Sets the size of the receive buffer when the socket is already
|
||
|
connected to <bytes> [<a href="socat.html#TYPE_INT">int</a>].
|
||
|
With TCP sockets, this value corresponds to the socket's
|
||
|
maximal window size.
|
||
|
<a name="OPTION_RCVLOWAT"></a><p></p><dt><strong><strong><code>rcvlowat=<bytes></code></strong></strong><dd>
|
||
|
Specifies the minimum number of received bytes [<a href="socat.html#TYPE_INT">int</a>] until
|
||
|
the socket layer will pass the buffered data to <strong>socat</strong>.
|
||
|
<a name="OPTION_RCVTIMEO"></a><p></p><dt><strong><strong><code>rcvtimeo=<seconds></code></strong></strong><dd>
|
||
|
Sets the receive timeout [<a href="socat.html#TYPE_TIMEVAL">timeval</a>].
|
||
|
<a name="OPTION_REUSEADDR"></a><p></p><dt><strong><strong><code>reuseaddr</code></strong></strong><dd>
|
||
|
Allows other sockets to bind to an address even if parts of it (e.g. the
|
||
|
local port) are already in use by <strong>socat</strong> (<a href="socat.html#EXAMPLE_OPTION_REUSEADDR">example</a>).
|
||
|
<a name="OPTION_SNDBUF"></a><p></p><dt><strong><strong><code>sndbuf=<bytes></code></strong></strong><dd>
|
||
|
Sets the size of the send buffer after the <code>socket()</code> call to
|
||
|
<bytes> [<a href="socat.html#TYPE_INT">int</a>].
|
||
|
<a name="OPTION_SNDBUF_LATE"></a><p></p><dt><strong><strong><code>sndbuf-late=<bytes></code></strong></strong><dd>
|
||
|
Sets the size of the send buffer when the socket is connected to
|
||
|
<bytes> [<a href="socat.html#TYPE_INT">int</a>].
|
||
|
<a name="OPTION_SNDLOWAT"></a><p></p><dt><strong><strong><code>sndlowat=<bytes></code></strong></strong><dd>
|
||
|
Specifies the minimum number of bytes in the send buffer until the socket
|
||
|
layer will send the data to <bytes> [<a href="socat.html#TYPE_INT">int</a>].
|
||
|
<a name="OPTION_SNDTIMEO"></a><p></p><dt><strong><strong><code>sndtimeo=<seconds></code></strong></strong><dd>
|
||
|
Sets the send timeout to seconds [<a href="socat.html#TYPE_TIMEVAL">timeval</a>].
|
||
|
<a name="OPTION_TYPE"></a><p></p><dt><strong><strong><code>type=<type></code></strong></strong><dd>
|
||
|
Sets the type of the socket, usually as argument to the <code>socket()</code> or
|
||
|
<code>socketpair()</code> call, to <type> [<a href="socat.html#TYPE_INT">int</a>].
|
||
|
Under Linux, 1 means stream oriented socket, 2 means datagram socket, and 3
|
||
|
means raw socket.
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a name="OPTION_PROTOCOL_FAMILY"></a><p></p><dt><strong><strong><code>pf=<string></code></strong></strong><dd>
|
||
|
Forces the use of the specified IP version. <string> can be
|
||
|
something like "ip4" or "ip6".
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_SOCK_UNIX"></a><em><strong>UNIX option group</strong></em>
|
||
|
<p>These options apply to UNIX domain based addresses.
|
||
|
<dl>
|
||
|
<a name="OPTION_UNIX_TIGHTSOCKLEN"></a><p></p><dt><strong><strong><code>unix-tightsocklen=[0|1]</code></strong></strong><dd>
|
||
|
On socket operations, pass a socket address length that does not include the
|
||
|
whole <code>struct sockaddr_un</code> record but (besides other components) only
|
||
|
the relevant part of the filename or abstract string. Default is 1.
|
||
|
</dl>
|
||
|
<p><a name="GROUP_IP4"></a>
|
||
|
<a name="GROUP_IP"></a><em><strong>IP4 and IP6 option groups</strong></em>
|
||
|
<p>These options can be used with IPv4 and IPv6 based sockets.
|
||
|
<dl>
|
||
|
<a name="OPTION_TOS"></a><p></p><dt><strong><strong><code>tos=<tos></code></strong></strong><dd>
|
||
|
Sets the TOS (type of service) field of outgoing packets to <tos>
|
||
|
[<a href="socat.html#TYPE_BYTE">byte</a>] (see RFC 791).
|
||
|
<a name="OPTION_TTL"></a><p></p><dt><strong><strong><code>ttl=<ttl></code></strong></strong><dd>
|
||
|
Sets the TTL (time to live) field of outgoing packets to <ttl>
|
||
|
[<a href="socat.html#TYPE_BYTE">byte</a>].
|
||
|
<a name="OPTION_IPOPTIONS"></a><p></p><dt><strong><strong><code>ipoptions=<data></code></strong></strong><dd>
|
||
|
Sets IP options like source routing. Must be given in binary form,
|
||
|
recommended format is a leading "x" followed by an even number of hex
|
||
|
digits. This option may be used multiple times, data are appended.
|
||
|
E.g., to connect to host 10.0.0.1 via some gateway using a loose source
|
||
|
route, use the gateway as address parameter and set a loose source route
|
||
|
using the option <code>ipoptions=x8307040a000001</code>.<br>
|
||
|
IP options are defined in RFC 791. <br>
|
||
|
|
||
|
<a name="OPTION_MTUDISCOVER"></a><p></p><dt><strong><strong><code>mtudiscover=<0|1|2></code></strong></strong><dd>
|
||
|
Takes 0, 1, 2 to never, want, or always use path MTU discover on this
|
||
|
socket.
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a name="OPTION_IP_ADD_MEMBERSHIP"></a>
|
||
|
<p></p><dt><strong><strong><code>ip-add-membership=<multicast-address:interface-address></code></strong></strong><dd>
|
||
|
<p></p><dt><strong><strong><code>ip-add-membership=<multicast-address:interface-name></code></strong></strong><dd>
|
||
|
<p></p><dt><strong><strong><code>ip-add-membership=<multicast-address:interface-index></code></strong></strong><dd>
|
||
|
<p></p><dt><strong><strong><code>ip-add-membership=<multicast-address:interface-address:interface-name></code></strong></strong><dd>
|
||
|
<p></p><dt><strong><strong><code>ip-add-membership=<multicast-address:interface-address:interface-index></code></strong></strong><dd>
|
||
|
Makes the socket member of the specified multicast group. This is currently
|
||
|
only implemented for IPv4. The option takes the IP address of the multicast
|
||
|
group and info about the desired network interface. The most common syntax
|
||
|
is the first one, while the others are only available on systems that
|
||
|
provide <code>struct mreqn</code> (Linux).<br>
|
||
|
The indices of active network interfaces can be shown using the utility
|
||
|
<strong>procan</strong>.
|
||
|
<a name="OPTION_IP_MULTICAST_IF"></a>
|
||
|
dif(<strong><code>ip-multicast-if=<hostname></code></strong>)
|
||
|
Specifies hostname or address of the network interface to be used for
|
||
|
multicast traffic.
|
||
|
<a name="OPTION_IP_MULTICAST_LOOP"></a>
|
||
|
dif(<strong><code>ip-multicast-loop=<bool></code></strong>)
|
||
|
Specifies if outgoing multicast traffic should loop back to the interface.
|
||
|
<a name="OPTION_IP_MULTICAST_TTL"></a>
|
||
|
dif(<strong><code>ip-multicast-ttl=<byte></code></strong>)
|
||
|
Sets the TTL used for outgoing multicast traffic. Default is 1.
|
||
|
<a name="OPTION_RES_DEBUG"></a><p></p><dt><strong><strong><code>res-debug</code></strong></strong><dd>
|
||
|
<a name="OPTION_RES_AAONLY"></a><p></p><dt><strong><strong><code>res-aaonly</code></strong></strong><dd>
|
||
|
<a name="OPTION_RES_USEVC"></a><p></p><dt><strong><strong><code>res-usevc</code></strong></strong><dd>
|
||
|
<a name="OPTION_RES_PRIMARY"></a><p></p><dt><strong><strong><code>res-primary</code></strong></strong><dd>
|
||
|
<a name="OPTION_RES_IGNTC"></a><p></p><dt><strong><strong><code>res-igntc</code></strong></strong><dd>
|
||
|
<a name="OPTION_RES_RECURSE"></a><p></p><dt><strong><strong><code>res-recurse</code></strong></strong><dd>
|
||
|
<a name="OPTION_RES_DEFNAMES"></a><p></p><dt><strong><strong><code>res-defnames</code></strong></strong><dd>
|
||
|
<a name="OPTION_RES_STAYOPEN"></a><p></p><dt><strong><strong><code>res-stayopen</code></strong></strong><dd>
|
||
|
<a name="OPTION_RES_DNSRCH"></a><p></p><dt><strong><strong><code>res-dnsrch</code></strong></strong><dd>
|
||
|
These options set the corresponding resolver (name resolution) option flags.
|
||
|
Append "=0" to clear a default option. See man resolver(5) for more
|
||
|
information on these options. Note: these options are valid only for the
|
||
|
address they are applied to.
|
||
|
<p></dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_IP6"></a><em><strong>IP6 option group</strong></em>
|
||
|
<p>These options can only be used on IPv6 based sockets. See <a href="socat.html#GROUP_IP">IP
|
||
|
options</a> for options that can be applied to both IPv4 and IPv6
|
||
|
sockets.
|
||
|
<dl>
|
||
|
<a name="OPTION_IPV6_V6ONLY"></a><p></p><dt><strong><strong><code>ipv6only=<bool></code></strong></strong><dd>
|
||
|
Sets the IPV6_V6ONLY socket option. If 0, the TCP stack will also accept
|
||
|
connections using IPv4 protocol on the same port. The default is system
|
||
|
dependent.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_TCP"></a><em><strong>TCP option group</strong></em>
|
||
|
<p>These options may be applied to TCP sockets. They work by invoking <code>setsockopt()</code> with the appropriate parameters.
|
||
|
<dl>
|
||
|
<a name="OPTION_CORK"></a><p></p><dt><strong><strong><code>cork</code></strong></strong><dd>
|
||
|
Doesn't send packets smaller than MSS (maximal segment size).
|
||
|
<a name="OPTION_DEFER-ACCEPT"></a><p></p><dt><strong><strong><code>defer-accept</code></strong></strong><dd>
|
||
|
While listening, accepts connections only when data from the peer arrived.
|
||
|
<a name="OPTION_KEEPCNT"></a><p></p><dt><strong><strong><code>keepcnt=<count></code></strong></strong><dd>
|
||
|
Sets the number of keepalives before shutting down the socket to
|
||
|
<count> [<a href="socat.html#TYPE_INT">int</a>].
|
||
|
<a name="OPTION_KEEPIDLE"></a><p></p><dt><strong><strong><code>keepidle=<seconds></code></strong></strong><dd>
|
||
|
Sets the idle time before sending the first keepalive to <seconds>
|
||
|
[<a href="socat.html#TYPE_INT">int</a>].
|
||
|
<a name="OPTION_KEEPINTVL"></a><p></p><dt><strong><strong><code>keepintvl=<seconds></code></strong></strong><dd>
|
||
|
Sets the intervall between two keepalives to <seconds>
|
||
|
[<a href="socat.html#TYPE_INT">int</a>].
|
||
|
<a name="OPTION_LINGER2"></a><p></p><dt><strong><strong><code>linger2=<seconds></code></strong></strong><dd>
|
||
|
Sets the time to keep the socket in FIN-WAIT-2 state to <seconds>
|
||
|
[<a href="socat.html#TYPE_INT">int</a>].
|
||
|
<a name="OPTION_MSS"></a><p></p><dt><strong><strong><code>mss=<bytes></code></strong></strong><dd>
|
||
|
Sets the MSS (maximum segment size) after the <code>socket()</code> call to <bytes>
|
||
|
[<a href="socat.html#TYPE_INT">int</a>]. This
|
||
|
value is then proposed to the peer with the SYN or SYN/ACK packet
|
||
|
(<a href="socat.html#EXAMPLE_OPTION_MSS">example</a>).
|
||
|
<a name="OPTION_MSS_LATE"></a><p></p><dt><strong><strong><code>mss-late=<bytes></code></strong></strong><dd>
|
||
|
Sets the MSS of the socket after connection has been established to <bytes>
|
||
|
[<a href="socat.html#TYPE_INT">int</a>].
|
||
|
<a name="OPTION_NODELAY"></a><p></p><dt><strong><strong><code>nodelay</code></strong></strong><dd>
|
||
|
Turns off the Nagle algorithm for measuring the RTT (round trip time).
|
||
|
<a name="OPTION_RFC1323"></a><p></p><dt><strong><strong><code>rfc1323</code></strong></strong><dd>
|
||
|
Enables RFC1323 TCP options: TCP window scale, round-trip time measurement
|
||
|
(RTTM), and protect against wrapped sequence numbers (PAWS) (AIX).
|
||
|
<a name="OPTION_STDURG"></a><p></p><dt><strong><strong><code>stdurg</code></strong></strong><dd>
|
||
|
Enables RFC1122 compliant urgent pointer handling (AIX).
|
||
|
<a name="OPTION_SYNCNT"></a><p></p><dt><strong><strong><code>syncnt=<count></code></strong></strong><dd>
|
||
|
Sets the maximal number of SYN retransmits during connect to <count>
|
||
|
[<a href="socat.html#TYPE_INT">int</a>].
|
||
|
|
||
|
|
||
|
<a name="OPTION_TCP_MD5SIG"></a><p></p><dt><strong><strong><code>md5sig</code></strong></strong><dd>
|
||
|
Enables generation of MD5 digests on the packets (FreeBSD).
|
||
|
<a name="OPTION_TCP_NOOPT"></a><p></p><dt><strong><strong><code>noopt</code></strong></strong><dd>
|
||
|
Disables use of TCP options (FreeBSD, MacOSX).
|
||
|
<a name="OPTION_TCP_NOPUSH"></a><p></p><dt><strong><strong><code>nopush</code></strong></strong><dd>
|
||
|
sets the TCP_NOPUSH socket option (FreeBSD, MacOSX).
|
||
|
<a name="OPTION_TCP_SACK_DISABLE"></a><p></p><dt><strong><strong><code>sack-disable</code></strong></strong><dd>
|
||
|
Disables use the selective acknowledge feature (OpenBSD).
|
||
|
<a name="OPTION_TCP_SIGNATURE_ENABLE"></a><p></p><dt><strong><strong><code>signature-enable</code></strong></strong><dd>
|
||
|
Enables generation of MD5 digests on the packets (OpenBSD).
|
||
|
<a name="OPTION_TCP_ABORT_THRESHOLD"></a><p></p><dt><strong><strong><code>abort-threshold=<milliseconds></code></strong></strong><dd>
|
||
|
Sets the time to wait for an answer of the peer on an established connection
|
||
|
(HP-UX).
|
||
|
<a name="OPTION_TCP_CONN_ABORT_THRESHOLD"></a><p></p><dt><strong><strong><code>conn-abort-threshold=<milliseconds></code></strong></strong><dd>
|
||
|
Sets the time to wait for an answer of the server during the initial connect
|
||
|
(HP-UX).
|
||
|
<a name="OPTION_TCP_KEEPINIT"></a><p></p><dt><strong><strong><code>keepinit</code></strong></strong><dd>
|
||
|
Sets the time to wait for an answer of the server during connect() before
|
||
|
giving up. Value in half seconds, default is 150 (75s) (Tru64).
|
||
|
<a name="OPTION_TCP_PAWS"></a><p></p><dt><strong><strong><code>paws</code></strong></strong><dd>
|
||
|
Enables the "protect against wrapped sequence numbers" feature (Tru64).
|
||
|
<a name="OPTION_TCP_SACKENA"></a><p></p><dt><strong><strong><code>sackena</code></strong></strong><dd>
|
||
|
Enables selective acknowledge (Tru64).
|
||
|
<a name="OPTION_TCP_TSOPTENA"></a><p></p><dt><strong><strong><code>tsoptena</code></strong></strong><dd>
|
||
|
Enables the time stamp option that allows RTT recalculation on existing
|
||
|
connections (Tru64).
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><em><strong>UDP and TCP option groups</strong></em>
|
||
|
<p>Here we find options that are related to the network port mechanism and that
|
||
|
thus can be used with UDP and TCP, client and server addresses.
|
||
|
<dl>
|
||
|
<a name="OPTION_SOURCEPORT"></a><p></p><dt><strong><strong><code>sourceport=<port></code></strong></strong><dd>
|
||
|
For outgoing (client) TCP and UDP connections, it sets the source
|
||
|
<a href="socat.html#TYPE_PORT"><port></a> using an extra <code>bind()</code> call.
|
||
|
With TCP or UDP listen addresses, socat immediately shuts down the
|
||
|
connection if the client does not use this sourceport (<a href="socat.html#EXAMPLE_OPTION_SOURCEPORT">example</a>).
|
||
|
<a name="OPTION_LOWPORT"></a><p></p><dt><strong><strong><code>lowport</code></strong></strong><dd>
|
||
|
Outgoing (client) TCP and UDP connections with this option use
|
||
|
an unused random source port between 640 and 1023 incl. On UNIX class operating
|
||
|
systems, this requires root privilege, and thus indicates that the
|
||
|
client process is authorized by local root.
|
||
|
TCP and UDP listen addresses with this option immediately shut down the
|
||
|
connection if the client does not use a sourceport <= 1023.
|
||
|
This mechanism can provide limited authorization under some circumstances.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_SOCKS"></a><em><strong>SOCKS option group</strong></em>
|
||
|
<p>When using SOCKS type addresses, some socks specific options can be set.
|
||
|
<dl>
|
||
|
<a name="OPTION_SOCKSPORT"></a><p></p><dt><strong><strong><code>socksport=<tcp service></code></strong></strong><dd>
|
||
|
Overrides the default "socks" service or port 1080 for the socks server
|
||
|
port with <a href="socat.html#TYPE_TCP_SERVICE"><TCP service></a>.
|
||
|
<a name="OPTION_SOCKSUSER"></a><p></p><dt><strong><strong><code>socksuser=<user></code></strong></strong><dd>
|
||
|
Sends the <user> [<a href="socat.html#TYPE_STRING">string</a>] in the username field to the
|
||
|
socks server. Default is the actual user name ($LOGNAME or $USER) (<a href="socat.html#EXAMPLE_OPTION_SOCKSUSER">example</a>).
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_HTTP"></a><em><strong>HTTP option group</strong></em>
|
||
|
<p>Options that can be provided with HTTP type addresses. The only HTTP address
|
||
|
currently implemented is <a href="socat.html#ADDRESS_PROXY_CONNECT">proxy-connect</a>.
|
||
|
<p><dl>
|
||
|
<a name="OPTION_PROXYPORT"></a><p></p><dt><strong><strong><code>proxyport=<TCP service></code></strong></strong><dd>
|
||
|
Overrides the default HTTP proxy port 8080 with
|
||
|
<a href="socat.html#TYPE_TCP_SERVICE"><TCP service></a>.
|
||
|
<a name="OPTION_IGNORECR"></a><p></p><dt><strong><strong><code>ignorecr</code></strong></strong><dd>
|
||
|
The HTTP protocol requires the use of CR+NL as line terminator. When a proxy
|
||
|
server violates this standard, socat might not understand its answer.
|
||
|
This option directs socat to interprete NL as line terminator and
|
||
|
to ignore CR in the answer. Nevertheless, socat sends CR+NL to the proxy.
|
||
|
<a name="OPTION_PROXY_AUTHORIZATION"></a><p></p><dt><strong><strong><code>proxyauth=<username>:<password></code></strong></strong><dd>
|
||
|
Provide "basic" authentication to the proxy server. The argument to the
|
||
|
option is used with a "Proxy-Authorization: Base" header in base64 encoded
|
||
|
form.<br>
|
||
|
Note: username and password are visible for every user on the local machine
|
||
|
in the process list; username and password are transferred to the proxy
|
||
|
server unencrypted (base64 encoded) and might be sniffed.
|
||
|
<a name="OPTION_PROXY_RESOLVE"></a><p></p><dt><strong><strong><code>resolve</code></strong></strong><dd>
|
||
|
Per default, socat sends to the proxy a CONNECT request containing the
|
||
|
target hostname. With this option, socat resolves the hostname locally and
|
||
|
sends the IP address. Please note that, according to RFC 2396, only name
|
||
|
resolution to IPv4 addresses is implemented.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_RANGE"></a><em><strong>RANGE option group</strong></em>
|
||
|
<p>These options check if a connecting client should be granted access. They can
|
||
|
be applied to listening and receiving network sockets. tcp-wrappers options
|
||
|
fall into this group.
|
||
|
<dl>
|
||
|
<a name="OPTION_RANGE"></a><p></p><dt><strong><strong><code>range=<address-range></code></strong></strong><dd>
|
||
|
After accepting a connection, tests if the peer is within <em>range</em>. For
|
||
|
IPv4 addresses, address-range takes the form address/bits, e.g.
|
||
|
10.0.0.0/8, or address:mask, e.g. 10.0.0.0:255.0.0.0 (<a href="socat.html#EXAMPLE_OPTION_RANGE">example</a>); for IPv6, it is [ip6-address/bits], e.g. [::1/128].
|
||
|
If the client address does not match, <strong>socat</strong> issues a warning and keeps
|
||
|
listening/receiving.
|
||
|
<a name="OPTION_TCPWRAPPERS"></a><p></p><dt><strong><strong><code>tcpwrap[=<name>]</code></strong></strong><dd>
|
||
|
Uses Wietse Venema's libwrap (tcpd) library to determine
|
||
|
if the client is allowed to connect. The configuration files are
|
||
|
/etc/hosts.allow and /etc/hosts.deny per default, see "man 5 hosts_access"
|
||
|
for more information. The optional <name> (type <a href="socat.html#TYPE_STRING">string</a>)
|
||
|
is passed to the wrapper functions as daemon process name (<a href="socat.html#EXAMPLE_OPTION_TCPWRAPPERS">example</a>).
|
||
|
If omitted, the basename of socats invocation (argv[0]) is passed.
|
||
|
If both tcpwrap and range options are applied to an address, both
|
||
|
conditions must be fulfilled to allow the connection.
|
||
|
<a name="OPTION_TCPWRAP_HOSTS_ALLOW_TABLE"></a><p></p><dt><strong><strong><code>allow-table=<filename></code></strong></strong><dd>
|
||
|
Takes the specified file instead of /etc/hosts.allow.
|
||
|
<a name="OPTION_TCPWRAP_HOSTS_DENY_TABLE"></a><p></p><dt><strong><strong><code>deny-table=<filename></code></strong></strong><dd>
|
||
|
Takes the specified file instead of /etc/hosts.deny.
|
||
|
<a name="OPTION_TCPWRAP_ETC"></a><p></p><dt><strong><strong><code>tcpwrap-etc=<directoryname></code></strong></strong><dd>
|
||
|
Looks for hosts.allow and hosts.deny in the specified directory. Is
|
||
|
overridden by options <a href="socat.html#OPTION_TCPWRAP_HOSTS_ALLOW_TABLE">hosts-allow</a>
|
||
|
and <a href="socat.html#OPTION_TCPWRAP_HOSTS_DENY_TABLE">hosts-deny</a>.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_LISTEN"></a><em><strong>LISTEN option group</strong></em>
|
||
|
<p>Options specific to listening sockets.
|
||
|
<dl>
|
||
|
<a name="OPTION_BACKLOG"></a><p></p><dt><strong><strong><code>backlog=<count></code></strong></strong><dd>
|
||
|
Sets the backlog value passed with the <code>listen()</code> system call to <count>
|
||
|
[<a href="socat.html#TYPE_INT">int</a>]. Default is 5.
|
||
|
</dl>
|
||
|
<dl></dl><br>
|
||
|
<p><a name="GROUP_CHILD"></a><em><strong>CHILD option group</strong></em>
|
||
|
<p>Options for addresses with multiple connections via child processes.
|
||
|
<dl>
|
||
|
<a name="OPTION_FORK"></a><p></p><dt><strong><strong><code>fork</code></strong></strong><dd>
|
||
|
After establishing a connection, handles its channel in a child process and
|
||
|
keeps the parent process attempting to produce more connections, either by
|
||
|
listening or by connecting in a loop (<a href="socat.html#EXAMPLE_OPTION_FORK">example</a>).<br>
|
||
|
SSL-CONNECT and SSL-LISTEN differ in when they actually fork off the child:
|
||
|
SSL-LISTEN forks <em>before</em> the SSL handshake, while SSL-CONNECT forks
|
||
|
<em>afterwards</em>.
|
||
|
RETRY and FOREVER options are not inherited by the child process.<br>
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_EXEC"></a><em><strong>EXEC option group</strong></em>
|
||
|
<p>Options for addresses that invoke a program.
|
||
|
<dl>
|
||
|
<a name="OPTION_PATH"></a><p></p><dt><strong><strong><code>path=<string></code></strong></strong><dd>
|
||
|
Overrides the PATH environment variable for searching the program with
|
||
|
<a href="socat.html#TYPE_STRING"><string></a>. This
|
||
|
<code>$PATH</code> value is effective in the child process too.
|
||
|
<a name="OPTION_LOGIN"></a><p></p><dt><strong><strong><code>login</code></strong></strong><dd>
|
||
|
Prefixes <code>argv[0]</code> for the <code>execvp()</code> call with '-', thus making a
|
||
|
shell behave as login shell.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_FORK"></a><em><strong>FORK option group</strong></em>
|
||
|
<p>EXEC or SYSTEM addresses invoke a program using a child process and transfer data between <strong>socat</strong> and the program. The interprocess communication mechanism can be influenced with the following options. Per
|
||
|
default, a <code>socketpair()</code> is created and assigned to stdin and stdout of
|
||
|
the child process, while stderr is inherited from the <strong>socat</strong> process, and the
|
||
|
child process uses file descriptors 0 and 1 for communicating with the main
|
||
|
socat process.
|
||
|
<dl>
|
||
|
<a name="OPTION_NOFORK"></a><p></p><dt><strong><strong><code>nofork</code></strong></strong><dd>
|
||
|
Does not fork a subprocess for executing the program, instead calls execvp()
|
||
|
or system() directly from the actual socat instance. This avoids the
|
||
|
overhead of another process between the program and its peer,
|
||
|
but introduces a lot of restrictions:
|
||
|
<dl>
|
||
|
<li > this option can only be applied to the second <strong>socat</strong> address.
|
||
|
<li > it cannot be applied to a part of a <a href="socat.html#ADDRESS_DUAL">dual</a> address.
|
||
|
<li > the first socat address cannot be OPENSSL or READLINE
|
||
|
<li > socat options -b, -t, -D, -l, -v, -x become useless
|
||
|
<li > for both addresses, options ignoreeof, cr, and crnl become useless
|
||
|
<li > for the second address (the one with option nofork), options
|
||
|
append, <!--async,--> cloexec, flock, user, group, mode, nonblock,
|
||
|
perm-late, setlk, and setpgid cannot be applied. Some of these could be
|
||
|
used on the first address though.
|
||
|
</dl>
|
||
|
<a name="OPTION_PIPES"></a><p></p><dt><strong><strong><code>pipes</code></strong></strong><dd>
|
||
|
Creates a pair of unnamed pipes for interprocess communication instead of a
|
||
|
socket pair.
|
||
|
<a name="OPTION_OPENPTY"></a><p></p><dt><strong><strong><code>openpty</code></strong></strong><dd>
|
||
|
Establishes communication with the sub process using a pseudo terminal
|
||
|
created with <code>openpty()</code> instead of the default (socketpair or ptmx).
|
||
|
<a name="OPTION_PTMX"></a><p></p><dt><strong><strong><code>ptmx</code></strong></strong><dd>
|
||
|
Establishes communication with the sub process using a pseudo terminal
|
||
|
created by opening <strong>/dev/ptmx</strong> or <strong>/dev/ptc</strong> instead of the default
|
||
|
(socketpair).
|
||
|
<a name="OPTION_PTY"></a><p></p><dt><strong><strong><code>pty</code></strong></strong><dd>
|
||
|
Establishes communication with the sub process using a pseudo terminal
|
||
|
instead of a socket pair. Creates the pty with an available mechanism. If
|
||
|
openpty and ptmx are both available, it uses ptmx because this is POSIX
|
||
|
compliant (<a href="socat.html#EXAMPLE_OPTION_PTY">example</a>).
|
||
|
<a name="OPTION_CTTY"></a><p></p><dt><strong><strong><code>ctty</code></strong></strong><dd>
|
||
|
Makes the pty the controlling tty of the sub process (<a href="socat.html#EXAMPLE_OPTION_CTTY">example</a>).
|
||
|
<a name="OPTION_STDERR"></a><p></p><dt><strong><strong><code>stderr</code></strong></strong><dd>
|
||
|
Directs stderr of the sub process to its output channel by making stderr a
|
||
|
<code>dup()</code> of stdout (<a href="socat.html#EXAMPLE_OPTION_STDERR">example</a>).
|
||
|
<a name="OPTION_FDIN"></a><p></p><dt><strong><strong><code>fdin=<fdnum></code></strong></strong><dd>
|
||
|
Assigns the sub processes input channel to its file descriptor
|
||
|
<a href="socat.html#TYPE_FDNUM"><fdnum></a>
|
||
|
instead of stdin (0). The program started from the subprocess has to use
|
||
|
this fd for reading data from <strong>socat</strong> (<a href="socat.html#EXAMPLE_OPTION_FDIN">example</a>).
|
||
|
<a name="OPTION_FDOUT"></a><p></p><dt><strong><strong><code>fdout=<fdnum></code></strong></strong><dd>
|
||
|
Assigns the sub processes output channel to its file descriptor
|
||
|
<a href="socat.html#TYPE_FDNUM"><fdnum></a>
|
||
|
instead of stdout (1). The program started from the subprocess has to use
|
||
|
this fd for writing data to <strong>socat</strong> (<a href="socat.html#EXAMPLE_OPTION_FDOUT">example</a>).
|
||
|
<a name="OPTION_SIGHUP"></a><a name="OPTION_SIGINT"></a><a name="OPTION_SIGQUIT"></a><p></p><dt><strong><strong><code>sighup</code></strong>, <strong><code>sigint</code></strong>, <strong><code>sigquit</code></strong></strong><dd>
|
||
|
Has <strong>socat</strong> pass an eventual signal of this type to the sub process.
|
||
|
If no address has this option, socat terminates on these signals.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_TERMIOS"></a><em><strong>TERMIOS option group</strong></em>
|
||
|
<p>For addresses that work on a tty (e.g., stdio, file:/dev/tty, exec:...,pty), the terminal parameters defined in the UN*X termios mechanism are made available as address option parameters.
|
||
|
Please note that changes of the parameters of your interactive terminal
|
||
|
remain effective after <strong>socat</strong>'s termination, so you might have to enter "reset"
|
||
|
or "stty sane" in your shell afterwards.
|
||
|
For EXEC and SYSTEM addresses with option PTY,
|
||
|
these options apply to the pty by the child processes.
|
||
|
<p><dl>
|
||
|
<a name="OPTION_B0"></a><p></p><dt><strong><strong><code>b0</code></strong></strong><dd>
|
||
|
Disconnects the terminal.
|
||
|
<a name="OPTION_B19200"></a><p></p><dt><strong><strong><code>b19200</code></strong></strong><dd>
|
||
|
Sets the serial line speed to 19200 baud. Some other rates are possible; use
|
||
|
something like <code>socat -hh |grep ' b[1-9]'</code> to find all speeds supported by
|
||
|
your implementation.<br>
|
||
|
Note: On some operating systems, these options may not be
|
||
|
available. Use <a href="socat.html#OPTION_ISPEED">ispeed</a> or <a href="socat.html#OPTION_OSPEED">ospeed</a>
|
||
|
instead.
|
||
|
<a name="OPTION_ECHO"></a><p></p><dt><strong><strong><code>echo=<bool></code></strong></strong><dd>
|
||
|
Enables or disables local echo (<a href="socat.html#EXAMPLE_OPTION_ECHO">example</a>).
|
||
|
<a name="OPTION_ICANON"></a><p></p><dt><strong><strong><code>icanon=<bool></code></strong></strong><dd>
|
||
|
Sets or clears canonical mode, enabling line buffering and some special
|
||
|
characters.
|
||
|
<a name="OPTION_RAW"></a><p></p><dt><strong><strong><code>raw</code></strong></strong><dd>
|
||
|
Sets raw mode, thus passing input and output almost unprocessed (<a href="socat.html#EXAMPLE_OPTION_RAW">example</a>).
|
||
|
<a name="OPTION_IGNBRK"></a><p></p><dt><strong><strong><code>ignbrk=<bool></code></strong></strong><dd>
|
||
|
Ignores or interpretes the BREAK character (e.g., ^C)
|
||
|
<a name="OPTION_BRKINT"></a><p></p><dt><strong><strong><code>brkint=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_BS0"></a><p></p><dt><strong><strong><code>bs0</code></strong></strong><dd>
|
||
|
<a name="OPTION_BS1"></a><p></p><dt><strong><strong><code>bs1</code></strong></strong><dd>
|
||
|
<a name="OPTION_BSDLY"></a><p></p><dt><strong><strong><code>bsdly=<0|1></code></strong></strong><dd>
|
||
|
<a name="OPTION_CLOCAL"></a><p></p><dt><strong><strong><code>clocal=<bool></code></strong></strong><dd>
|
||
|
<p><a name="OPTION_CR0"></a><a name="OPTION_CR1"></a><a name="OPTION_CR2"></a><a name="OPTION_CR3"></a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<dt><code><strong>cr0</strong><br>
|
||
|
<strong>cr1</strong><br>
|
||
|
<strong>cr2</strong><br>
|
||
|
<strong>cr3</strong></code><dd>
|
||
|
Sets the carriage return delay to 0, 1, 2, or 3, respectively.
|
||
|
0 means no delay, the other values are terminal dependent.
|
||
|
<p><a name="OPTION_CRDLY"></a><p></p><dt><strong><strong><code>crdly=<0|1|2|3></code></strong></strong><dd>
|
||
|
<a name="OPTION_CREAD"></a><p></p><dt><strong><strong><code>cread=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_CRTSCTS"></a><p></p><dt><strong><strong><code>crtscts=<bool></code></strong></strong><dd>
|
||
|
<p><a name="OPTION_CS5"></a><a name="OPTION_CS6"></a><a name="OPTION_CS7"></a><a name="OPTION_CS8"></a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<dt><code><strong>cs5</strong><br>
|
||
|
<strong>cs6</strong><br>
|
||
|
<strong>cs7</strong><br>
|
||
|
<strong>cs8</strong></code><dd>
|
||
|
Sets the character size to 5, 6, 7, or 8 bits, respectively.
|
||
|
<p><a name="OPTION_CSIZE"></a><p></p><dt><strong><strong><code>csize=<0|1|2|3></code></strong></strong><dd>
|
||
|
<a name="OPTION_CSTOPB"></a><p></p><dt><strong><strong><code>cstopb=<bool></code></strong></strong><dd>
|
||
|
Sets two stop bits, rather than one.
|
||
|
<a name="OPTION_VDSUSP"></a><p></p><dt><strong><strong><code>dsusp=<byte></code></strong></strong><dd>
|
||
|
Sets the value for the VDSUSP character that suspends the current foreground
|
||
|
process and reactivates the shell (all except Linux).
|
||
|
<a name="OPTION_ECHOCTL"></a><p></p><dt><strong><strong><code>echoctl=<bool></code></strong></strong><dd>
|
||
|
Echos control characters in hat notation (e.g. ^A)
|
||
|
<a name="OPTION_ECHOE"></a><p></p><dt><strong><strong><code>echoe=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_ECHOK"></a><p></p><dt><strong><strong><code>echok=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_ECHOKE"></a><p></p><dt><strong><strong><code>echoke=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_ECHONL"></a><p></p><dt><strong><strong><code>echonl=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_ECHOPRT"></a><p></p><dt><strong><strong><code>echoprt=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_EOF"></a><p></p><dt><strong><strong><code>eof=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_EOL"></a><p></p><dt><strong><strong><code>eol=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_EOL2"></a><p></p><dt><strong><strong><code>eol2=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_ERASE"></a><p></p><dt><strong><strong><code>erase=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_DISCARD"></a><p></p><dt><strong><strong><code>discard=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_FF0"></a><p></p><dt><strong><strong><code>ff0</code></strong></strong><dd>
|
||
|
<a name="OPTION_FF1"></a><p></p><dt><strong><strong><code>ff1</code></strong></strong><dd>
|
||
|
<a name="OPTION_FFDLY"></a><p></p><dt><strong><strong><code>ffdly=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_FLUSHO"></a><p></p><dt><strong><strong><code>flusho=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_HUPCL"></a><p></p><dt><strong><strong><code>hupcl=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_ICRNL"></a><p></p><dt><strong><strong><code>icrnl=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_IEXTEN"></a><p></p><dt><strong><strong><code>iexten=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_IGNCR"></a><p></p><dt><strong><strong><code>igncr=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_IGNPAR"></a><p></p><dt><strong><strong><code>ignpar=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_IMAXBEL"></a><p></p><dt><strong><strong><code>imaxbel=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_INLCR"></a><p></p><dt><strong><strong><code>inlcr=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_INPCK"></a><p></p><dt><strong><strong><code>inpck=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_INTR"></a><p></p><dt><strong><strong><code>intr=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_ISIG"></a><p></p><dt><strong><strong><code>isig=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_ISPEED"></a><p></p><dt><strong><strong><code>ispeed=<unsigned-int></code></strong></strong><dd>
|
||
|
Set the baud rate for incoming data on this line.<br>
|
||
|
See also: <a href="socat.html#OPTION_OSPEED">ospeed</a>, <a href="socat.html#OPTION_B19200">b19200</a>
|
||
|
<a name="OPTION_ISTRIP"></a>dif(<strong><code>istrip=<bool></code></strong>)
|
||
|
<a name="OPTION_IUCLC"></a><p></p><dt><strong><strong><code>iuclc=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_IXANY"></a><p></p><dt><strong><strong><code>ixany=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_IXOFF"></a><p></p><dt><strong><strong><code>ixoff=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_IXON"></a><p></p><dt><strong><strong><code>ixon=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_KILL"></a><p></p><dt><strong><strong><code>kill=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_LNEXT"></a><p></p><dt><strong><strong><code>lnext=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_MIN"></a><p></p><dt><strong><strong><code>min=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_NL0"></a><p></p><dt><strong><strong><code>nl0</code></strong></strong><dd>
|
||
|
Sets the newline delay to 0.
|
||
|
<a name="OPTION_NL1"></a><p></p><dt><strong><strong><code>nl1</code></strong></strong><dd>
|
||
|
<a name="OPTION_NLDLY"></a><p></p><dt><strong><strong><code>nldly=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_NOFLSH"></a><p></p><dt><strong><strong><code>noflsh=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_OCRNL"></a><p></p><dt><strong><strong><code>ocrnl=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_OFDEL"></a><p></p><dt><strong><strong><code>ofdel=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_OFILL"></a><p></p><dt><strong><strong><code>ofill=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_OLCUC"></a><p></p><dt><strong><strong><code>olcuc=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_ONLCR"></a><p></p><dt><strong><strong><code>onlcr=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_ONLRET"></a><p></p><dt><strong><strong><code>onlret=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_ONOCR"></a><p></p><dt><strong><strong><code>onocr=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_OPOST"></a><p></p><dt><strong><strong><code>opost=<bool></code></strong></strong><dd>
|
||
|
Enables or disables output processing; e.g., converts NL to CR-NL.
|
||
|
<a name="OPTION_OSPEED"></a><p></p><dt><strong><strong><code>ospeed=<unsigned-int></code></strong></strong><dd>
|
||
|
Set the baud rate for outgoing data on this line.<br>
|
||
|
See also: <a href="socat.html#OPTION_ISPEED">ispeed</a>, <a href="socat.html#OPTION_B19200">b19200</a>
|
||
|
<a name="OPTION_PARENB"></a><p></p><dt><strong><strong><code>parenb=<bool></code></strong></strong><dd>
|
||
|
Enable parity generation on output and parity checking for input.
|
||
|
<a name="OPTION_PARMRK"></a><p></p><dt><strong><strong><code>parmrk=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_PARODD"></a><p></p><dt><strong><strong><code>parodd=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_PENDIN"></a><p></p><dt><strong><strong><code>pendin=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_QUIT"></a><p></p><dt><strong><strong><code>quit=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_REPRINT"></a><p></p><dt><strong><strong><code>reprint=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_SANE"></a><p></p><dt><strong><strong><code>sane</code></strong></strong><dd>
|
||
|
Brings the terminal to something like a useful default state.
|
||
|
<a name="OPTION_START"></a><p></p><dt><strong><strong><code>start=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_STOP"></a><p></p><dt><strong><strong><code>stop=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_SUSP"></a><p></p><dt><strong><strong><code>susp=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_SWTC"></a><p></p><dt><strong><strong><code>swtc=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_TAB0"></a><p></p><dt><strong><strong><code>tab0</code></strong></strong><dd>
|
||
|
<a name="OPTION_TAB1"></a><p></p><dt><strong><strong><code>tab1</code></strong></strong><dd>
|
||
|
<a name="OPTION_TAB2"></a><p></p><dt><strong><strong><code>tab2</code></strong></strong><dd>
|
||
|
<a name="OPTION_TAB3"></a><p></p><dt><strong><strong><code>tab3</code></strong></strong><dd>
|
||
|
<a name="OPTION_TABDLY"></a><p></p><dt><strong><strong><code>tabdly=<unsigned-int></code></strong></strong><dd>
|
||
|
<a name="OPTION_TIME"></a><p></p><dt><strong><strong><code>time=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_TOSTOP"></a><p></p><dt><strong><strong><code>tostop=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_VT0"></a><p></p><dt><strong><strong><code>vt0</code></strong></strong><dd>
|
||
|
<a name="OPTION_VT1"></a><p></p><dt><strong><strong><code>vt1</code></strong></strong><dd>
|
||
|
<a name="OPTION_VTDLY"></a><p></p><dt><strong><strong><code>vtdly=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_WERASE"></a><p></p><dt><strong><strong><code>werase=<byte></code></strong></strong><dd>
|
||
|
<a name="OPTION_XCASE"></a><p></p><dt><strong><strong><code>xcase=<bool></code></strong></strong><dd>
|
||
|
<a name="OPTION_XTABS"></a><p></p><dt><strong><strong><code>xtabs</code></strong></strong><dd>
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_PTY"></a><em><strong>PTY option group</strong></em>
|
||
|
<p>These options are intended for use with the <a href="socat.html#ADDRESS_PTY">pty</a> address
|
||
|
type.
|
||
|
<p><dl>
|
||
|
<a name="OPTION_SYMBOLIC_LINK"></a><p></p><dt><strong><strong><code>link=<filename></code></strong></strong><dd>
|
||
|
Generates a symbolic link that points to the actual pseudo terminal
|
||
|
(pty). This might help
|
||
|
to solve the problem that ptys are generated with more or less
|
||
|
unpredictable names, making it difficult to directly access the socat
|
||
|
generated pty automatically. With this option, the user can specify a "fix"
|
||
|
point in the file hierarchy that helps him to access the actual pty
|
||
|
(<a href="socat.html#EXAMPLE_OPTION_SYMBOLIC_LINK">example</a>).
|
||
|
Beginning with <strong>socat</strong> version 1.4.3, the symbolic link is removed when
|
||
|
the address is closed (but see option <a href="socat.html#OPTION_UNLINK_CLOSE">unlink-close</a>).
|
||
|
<a name="OPTION_PTY_WAIT_SLAVE"></a><p></p><dt><strong><strong><code>wait-slave</code></strong></strong><dd>
|
||
|
Blocks the open phase until a process opens the slave side of the pty.
|
||
|
Usually, socat continues after generating the pty with opening the next
|
||
|
address or with entering the transfer loop. With the wait-slave option,
|
||
|
socat waits until some process opens the slave side of the pty before
|
||
|
continuing.
|
||
|
This option only works if the operating system provides the <code>poll()</code>
|
||
|
system call. And it depends on an undocumented behaviour of pty's, so it
|
||
|
does not work on all operating systems. It has successfully been tested on
|
||
|
Linux, FreeBSD, NetBSD, and on Tru64 with openpty.
|
||
|
<a name="OPTION_PTY_INTERVALL"></a><p></p><dt><strong><strong><code>pty-intervall=<seconds></code></strong></strong><dd>
|
||
|
When the <a href="socat.html#OPTION_PTY_WAIT_SLAVE">wait-slave</a> option is set, socat
|
||
|
periodically checks the HUP condition using <code>poll()</code> to find if the pty's
|
||
|
slave side has been opened. The default polling intervall is 1s. Use the
|
||
|
pty-intervall option [<a href="socat.html#TYPE_TIMEVAL">timeval</a>] to change this value.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_OPENSSL"></a><em><strong>OPENSSL option group</strong></em>
|
||
|
<p>These options apply to the <a href="socat.html#ADDRESS_OPENSSL_CONNECT">openssl</a> and
|
||
|
<a href="socat.html#ADDRESS_OPENSSL_LISTEN">openssl-listen</a> address types.
|
||
|
<p><dl>
|
||
|
<a name="OPTION_OPENSSL_CIPHERLIST"></a><p></p><dt><strong><strong><code>cipher=<cipherlist></code></strong></strong><dd>
|
||
|
Selects the list of ciphers that may be used for the connection.
|
||
|
See the man page of <code>ciphers</code>, section <strong>CIPHER LIST FORMAT</strong>, for
|
||
|
detailed information about syntax, values, and default of <cipherlist>.<br>
|
||
|
Several cipher strings may be given, separated by ':'.
|
||
|
Some simple cipher strings:
|
||
|
<dl>
|
||
|
<p></p><dt><strong>3DES</strong><dd> Uses a cipher suite with triple DES.
|
||
|
<p></p><dt><strong>MD5</strong><dd> Uses a cipher suite with MD5.
|
||
|
<p></p><dt><strong>aNULL</strong><dd> Uses a cipher suite without authentication.
|
||
|
<p></p><dt><strong>NULL</strong><dd> Does not use encryption.
|
||
|
<p></p><dt><strong>HIGH</strong><dd> Uses a cipher suite with "high" encryption.
|
||
|
</dl>
|
||
|
Note that the peer must support the selected property, or the negotiation
|
||
|
will fail.
|
||
|
<a name="OPTION_OPENSSL_METHOD"></a><p></p><dt><strong><strong><code>method=<ssl-method></code></strong></strong><dd>
|
||
|
Sets the protocol version to be used. Valid strings (not case sensitive)
|
||
|
are:
|
||
|
<dl>
|
||
|
<p></p><dt><strong><code>SSLv2</code></strong><dd> Select SSL protocol version 2.
|
||
|
<p></p><dt><strong><code>SSLv3</code></strong><dd> Select SSL protocol version 3.
|
||
|
<p></p><dt><strong><code>SSLv23</code></strong><dd> Select SSL protocol version 2 or 3. This is the default when
|
||
|
this option is not provided.
|
||
|
<p></p><dt><strong><code>TLSv1</code></strong><dd> Select TLS protocol version 1.
|
||
|
</dl>
|
||
|
<a name="OPTION_OPENSSL_VERIFY"></a><p></p><dt><strong><strong><code>verify=<bool></code></strong></strong><dd>
|
||
|
Controls check of the peer's certificate. Default is 1 (true). Disabling
|
||
|
verify might open your socket for everyone, making the encryption useless!
|
||
|
<a name="OPTION_OPENSSL_CERTIFICATE"></a><p></p><dt><strong><strong><code>cert=<filename></code></strong></strong><dd>
|
||
|
Specifies the file with the certificate and private key for authentication.
|
||
|
The certificate must be in OpenSSL format (*.pem).
|
||
|
With openssl-listen, use of this option is strongly
|
||
|
recommended. Except with cipher aNULL, "no shared ciphers" error will
|
||
|
occur when no certificate is given.
|
||
|
<a name="OPTION_OPENSSL_KEY"></a><p></p><dt><strong><strong><code>key=<filename></code></strong></strong><dd>
|
||
|
Specifies the file with the private key. The private key may be in this
|
||
|
file or in the file given with the <a href="socat.html#OPTION_OPENSSL_CERTIFICATE">cert</a> option. The party that has
|
||
|
to proof that it is the owner of a certificate needs the private key.
|
||
|
<a name="OPTION_OPENSSL_DHPARAMS"></a><p></p><dt><strong><strong><code>dhparams=<filename></code></strong></strong><dd>
|
||
|
Specifies the file with the Diffie Hellman parameters. These parameters may
|
||
|
also be in the file given with the <a href="socat.html#OPTION_OPENSSL_CERTIFICATE">cert</a>
|
||
|
option in which case the dhparams option is not needed.
|
||
|
<a name="OPTION_OPENSSL_CAFILE"></a><p></p><dt><strong><strong><code>cafile=<filename></code></strong></strong><dd>
|
||
|
Specifies the file with the trusted (root) authority certificates. The file
|
||
|
must be in PEM format and should contain one or more certificates. The party
|
||
|
that checks the authentication of its peer trusts only certificates that are
|
||
|
in this file.
|
||
|
<a name="OPTION_OPENSSL_CAPATH"></a><p></p><dt><strong><strong><code>capath=<dirname></code></strong></strong><dd>
|
||
|
Specifies the directory with the trusted (root) certificates. The directory
|
||
|
must contain certificates in PEM format and their hashes (see OpenSSL
|
||
|
documentation)
|
||
|
<a name="OPTION_OPENSSL_EGD"></a><p></p><dt><strong><strong><code>egd=<filename></code></strong></strong><dd>
|
||
|
On some systems, openssl requires an explicit source of random data. Specify
|
||
|
the socket name where an entropy gathering daemon like egd provides random
|
||
|
data, e.g. /dev/egd-pool.
|
||
|
<a name="OPTION_OPENSSL_PSEUDO"></a><p></p><dt><strong><strong><code>pseudo</code></strong></strong><dd>
|
||
|
On systems where openssl cannot find an entropy source and where no entropy
|
||
|
gathering daemon can be utilized, this option activates a mechanism for
|
||
|
providing pseudo entropy. This is archieved by taking the current time in
|
||
|
microseconds for feeding the libc pseudo random number generator with an
|
||
|
initial value. openssl is then feeded with output from random() calls.<br>
|
||
|
NOTE:This mechanism is not sufficient for generation of secure keys!
|
||
|
<a name="OPTION_OPENSSL_FIPS"></a><p></p><dt><strong><strong><code>fips</code></strong></strong><dd>
|
||
|
Enables FIPS mode if compiled in. For info about the FIPS encryption
|
||
|
implementation standard see <a href="http://oss-institute.org/fips-faq.html">http://oss-institute.org/fips-faq.html</a>.
|
||
|
This mode might require that the involved certificates are generated with a
|
||
|
FIPS enabled version of openssl. Setting or clearing this option on one
|
||
|
socat address affects all OpenSSL addresses of this process.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_RETRY"></a><em><strong>RETRY option group</strong></em>
|
||
|
<p>Options that control retry of some system calls, especially connection
|
||
|
attempts.
|
||
|
<p><dl>
|
||
|
<a name="OPTION_RETRY"></a><p></p><dt><strong><strong><code>retry=<num></code></strong></strong><dd>
|
||
|
Number of retries before the connection or listen attempt is aborted.
|
||
|
Default is 0, which means just one attempt.
|
||
|
<a name="OPTION_INTERVALL"></a><p></p><dt><strong><strong><code>intervall=<timespec></code></strong></strong><dd>
|
||
|
Time between consecutive attempts (seconds,
|
||
|
[<a href="socat.html#TYPE_TIMESPEC">timespec</a>]). Default is 1 second.
|
||
|
<a name="OPTION_FOREVER"></a><p></p><dt><strong><strong><code>forever</code></strong></strong><dd>
|
||
|
Performs an unlimited number of retry attempts.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="GROUP_TUN"></a><em><strong>TUN option group</strong></em>
|
||
|
<p>Options that control Linux TUN/TAP interface device addresses.
|
||
|
<p><dl>
|
||
|
<a name="OPTION_TUN_DEVICE"></a><p></p><dt><strong><strong><code>tun-device=<device-file></code></strong></strong><dd>
|
||
|
Instructs socat to take another path for the TUN clone device. Default is
|
||
|
<code>/dev/net/tun</code>.
|
||
|
<a name="OPTION_TUN_NAME"></a><p></p><dt><strong><strong><code>tun-name=<if-name></code></strong></strong><dd>
|
||
|
Gives the resulting network interface a specific name instead of the system
|
||
|
generated (tun0, tun1, etc.)
|
||
|
<a name="OPTION_TUN_TYPE"></a><p></p><dt><strong><strong><code>tun-type=[tun|tap]</code></strong></strong><dd>
|
||
|
Sets the type of the TUN device; use this option to generate a TAP
|
||
|
device. See the Linux docu for the difference between these types.
|
||
|
When you try to establish a tunnel between two TUN devices, their types
|
||
|
should be the same.
|
||
|
<a name="OPTION_IFF_NO_PI"></a><p></p><dt><strong><strong><code>iff-no-pi</code></strong></strong><dd>
|
||
|
Sets the IFF_NO_PI flag which controls if the device includes additional
|
||
|
packet information in the tunnel.
|
||
|
When you try to establish a tunnel between two TUN devices, these flags
|
||
|
should have the same values.
|
||
|
<a name="OPTION_IFF_UP"></a><p></p><dt><strong><strong><code>iff-up</code></strong></strong><dd>
|
||
|
Sets the TUN network interface status UP. Strongly recommended.
|
||
|
<a name="OPTION_IFF_BROADCAST"></a><p></p><dt><strong><strong><code>iff-broadcast</code></strong></strong><dd>
|
||
|
Sets the BROADCAST flag of the TUN network interface.
|
||
|
<a name="OPTION_IFF_DEBUG"></a><p></p><dt><strong><strong><code>iff-debug</code></strong></strong><dd>
|
||
|
Sets the DEBUG flag of the TUN network interface.
|
||
|
<a name="OPTION_IFF_LOOPBACK"></a><p></p><dt><strong><strong><code>iff-loopback</code></strong></strong><dd>
|
||
|
Sets the LOOPBACK flag of the TUN network interface.
|
||
|
<a name="OPTION_IFF_POINTOPOINT"></a><p></p><dt><strong><strong><code>iff-pointopoint</code></strong></strong><dd>
|
||
|
Sets the POINTOPOINT flag of the TUN device.
|
||
|
<a name="OPTION_IFF_NOTRAILERS"></a><p></p><dt><strong><strong><code>iff-notrailers</code></strong></strong><dd>
|
||
|
Sets the NOTRAILERS flag of the TUN device.
|
||
|
<a name="OPTION_IFF_RUNNING"></a><p></p><dt><strong><strong><code>iff-running</code></strong></strong><dd>
|
||
|
Sets the RUNNING flag of the TUN device.
|
||
|
<a name="OPTION_IFF_NOARP"></a><p></p><dt><strong><strong><code>iff-noarp</code></strong></strong><dd>
|
||
|
Sets the NOARP flag of the TUN device.
|
||
|
<a name="OPTION_IFF_PROMISC"></a><p></p><dt><strong><strong><code>iff-promisc</code></strong></strong><dd>
|
||
|
Sets the PROMISC flag of the TUN device.
|
||
|
<a name="OPTION_IFF_ALLMULTI"></a><p></p><dt><strong><strong><code>iff-allmulti</code></strong></strong><dd>
|
||
|
Sets the ALLMULTI flag of the TUN device.
|
||
|
<a name="OPTION_IFF_MASTER"></a><p></p><dt><strong><strong><code>iff-master</code></strong></strong><dd>
|
||
|
Sets the MASTER flag of the TUN device.
|
||
|
<a name="OPTION_IFF_SLAVE"></a><p></p><dt><strong><strong><code>iff-slave</code></strong></strong><dd>
|
||
|
Sets the SLAVE flag of the TUN device.
|
||
|
<a name="OPTION_IFF_MULTICAST"></a><p></p><dt><strong><strong><code>iff-multicast</code></strong></strong><dd>
|
||
|
Sets the MULTICAST flag of the TUN device.
|
||
|
<a name="OPTION_IFFPORTSEL_"></a><p></p><dt><strong><strong><code>iff-portsel</code></strong></strong><dd>
|
||
|
Sets the PORTSEL flag of the TUN device.
|
||
|
<a name="OPTION_IFF_AUTOMEDIA"></a><p></p><dt><strong><strong><code>iff-automedia</code></strong></strong><dd>
|
||
|
Sets the AUTOMEDIA flag of the TUN device.
|
||
|
<a name="OPTION_IFF_DYNAMIC"></a><p></p><dt><strong><strong><code>iff-dynamic</code></strong></strong><dd>
|
||
|
Sets the DYNAMIC flag of the TUN device.
|
||
|
</dl>
|
||
|
<p><dl></dl><br>
|
||
|
<p><a name="VALUES"></a>
|
||
|
<h2>DATA VALUES</h2>
|
||
|
|
||
|
<p>This section explains the different data types that address parameters and
|
||
|
address options can take.
|
||
|
<p><dl>
|
||
|
<a name="TYPE_ADDRESS_RANGE"></a><p></p><dt><strong>address-range</strong><dd>
|
||
|
Is currently only implemented for IPv4 and IPv6. See address-option
|
||
|
<a href="socat.html#OPTION_RANGE">`range'</a>
|
||
|
<a name="TYPE_BOOL"></a><p></p><dt><strong>bool</strong><dd>
|
||
|
"0" or "1"; if value is omitted, "1" is taken.
|
||
|
<a name="TYPE_BYTE"></a><p></p><dt><strong>byte</strong><dd>
|
||
|
An unsigned int number, read with <code>strtoul()</code>, lower or equal to
|
||
|
<code>UCHAR_MAX</code>.
|
||
|
<a name="TYPE_COMMAND_LINE"></a><p></p><dt><strong>command-line</strong><dd>
|
||
|
A string specifying a program name and its arguments, separated by single
|
||
|
spaces.
|
||
|
<a name="TYPE_DATA"></a><p></p><dt><strong>data</strong><dd>
|
||
|
A raw data specification following <em>dalan</em> syntax. The only documented
|
||
|
form is a string starting with 'x' followed by an even number of hex digits.
|
||
|
<a name="TYPE_DIRECTORY"></a><p></p><dt><strong>directory</strong><dd>
|
||
|
A string with usual UN*X directory name semantics.
|
||
|
<a name="TYPE_FACILITY"></a><p></p><dt><strong>facility</strong><dd>
|
||
|
The name of a syslog facility in lower case characters.
|
||
|
<a name="TYPE_FDNUM"></a><p></p><dt><strong>fdnum</strong><dd>
|
||
|
An unsigned int type, read with <code>strtoul()</code>, specifying a UN*X file
|
||
|
descriptor.
|
||
|
<a name="TYPE_FILENAME"></a><p></p><dt><strong>filename</strong><dd>
|
||
|
A string with usual UN*X filename semantics.
|
||
|
<a name="TYPE_GROUP"></a><p></p><dt><strong>group</strong><dd>
|
||
|
If the first character is a decimal digit, the value is read with
|
||
|
<code>strtoul()</code> as unsigned integer specifying a group id. Otherwise, it
|
||
|
must be an existing group name.
|
||
|
<a name="TYPE_INT"></a><p></p><dt><strong>int</strong><dd>
|
||
|
A number following the rules of the <code>strtol()</code> function with base
|
||
|
"0", i.e. decimal number, octal number with leading "0", or hexadecimal
|
||
|
number with leading "0x". The value must fit into a C int.
|
||
|
<a name="TYPE_INTERFACE"></a><p></p><dt><strong>interface</strong><dd>
|
||
|
A string specifying the device name of a network interface, e.g. "eth0".
|
||
|
<a name="TYPE_IP_ADDRESS"></a><p></p><dt><strong>IP address</strong><dd>
|
||
|
An IPv4 address in numbers-and-dots notation, an IPv6 address in hex
|
||
|
notation enclosed in brackets, or a hostname that resolves to an IPv4 or an
|
||
|
IPv6 address.<br>
|
||
|
Examples: 127.0.0.1, [::1], www.dest-unreach.org, dns1
|
||
|
<a name="TYPE_IPV4_ADDRESS"></a><p></p><dt><strong>IPv4 address</strong><dd>
|
||
|
An IPv4 address in numbers-and-dots notation or a hostname that resolves to
|
||
|
an IPv4 address.<br>
|
||
|
Examples: 127.0.0.1, www.dest-unreach.org, dns2
|
||
|
<a name="TYPE_IPV6_ADDRESS"></a><p></p><dt><strong>IPv6 address</strong><dd>
|
||
|
An iPv6 address in hexnumbers-and-colons notation enclosed in brackets, or a
|
||
|
hostname that resolves to an IPv6 address.<br>
|
||
|
Examples: [::1], [1234:5678:9abc:def0:1234:5678:9abc:def0],
|
||
|
ip6name.domain.org
|
||
|
<a name="TYPE_LONG"></a><p></p><dt><strong>long</strong><dd>
|
||
|
A number read with <code>strtol()</code>. The value must fit into a C long.
|
||
|
<a name="TYPE_LONGLONG"></a><p></p><dt><strong>long long</strong><dd>
|
||
|
A number read with <code>strtoll()</code>. The value must fit into a C long long.
|
||
|
<a name="TYPE_OFF"></a><p></p><dt><strong>off_t</strong><dd>
|
||
|
An implementation dependend signed number, usually 32 bits, read with strtol
|
||
|
or strtoll.
|
||
|
<a name="TYPE_OFF64"></a><p></p><dt><strong>off64_t</strong><dd>
|
||
|
An implementation dependend signed number, usually 64 bits, read with strtol
|
||
|
or strtoll.
|
||
|
<a name="TYPE_MODE_T"></a><p></p><dt><strong>mode_t</strong><dd>
|
||
|
An unsigned integer, read with <code>strtoul()</code>, specifying mode (permission)
|
||
|
bits.
|
||
|
<a name="TYPE_PID_T"></a><p></p><dt><strong>pid_t</strong><dd>
|
||
|
A number, read with <code>strtol()</code>, specifying a process id.
|
||
|
<a name="TYPE_PORT"></a><p></p><dt><strong>port</strong><dd>
|
||
|
A uint16_t (16 bit unsigned number) specifying a TCP or UDP port, read
|
||
|
with <code>strtoul()</code>.
|
||
|
<a name="TYPE_PROTOCOL"></a><p></p><dt><strong>protocol</strong><dd>
|
||
|
An unsigned 8 bit number, read with <code>strtoul()</code>.
|
||
|
<a name="TYPE_SIZE_T"></a><p></p><dt><strong>size_t</strong><dd>
|
||
|
An unsigned number with size_t limitations, read with <code>strtoul</code>.
|
||
|
<a name="TYPE_SOCKNAME"></a><p></p><dt><strong>sockname</strong><dd>
|
||
|
A socket address. See address-option <a href="socat.html#OPTION_BIND">`bind'</a>
|
||
|
<a name="TYPE_STRING"></a><p></p><dt><strong>string</strong><dd>
|
||
|
A sequence of characters, not containing '\0' and, depending on
|
||
|
the position within the command line, ':', ',', or "!!". Note
|
||
|
that you might have to escape shell meta characters in the command line.
|
||
|
<a name="TYPE_TCP_SERVICE"></a><p></p><dt><strong>TCP service</strong><dd>
|
||
|
A service name, not starting with a digit, that is resolved by
|
||
|
<code>getservbyname()</code>, or an unsigned int 16 bit number read with
|
||
|
<code>strtoul()</code>.
|
||
|
<a name="TYPE_TIMEVAL"></a><p></p><dt><strong>timeval</strong><dd>
|
||
|
A double float specifying seconds; the number is mapped into a
|
||
|
struct timeval, consisting of seconds and microseconds.
|
||
|
<a name="TYPE_TIMESPEC"></a><p></p><dt><strong>timespec</strong><dd>
|
||
|
A double float specifying seconds; the number is mapped into a
|
||
|
struct timespec, consisting of seconds and nanoseconds.
|
||
|
<a name="TYPE_UDP_SERVICE"></a><p></p><dt><strong>UDP service</strong><dd>
|
||
|
A service name, not starting with a digit, that is resolved by
|
||
|
<code>getservbyname()</code>, or an unsigned int 16 bit number read with
|
||
|
<code>strtoul()</code>.
|
||
|
<a name="TYPE_UNSIGNED_INT"></a><p></p><dt><strong>unsigned int</strong><dd>
|
||
|
A number read with <code>strtoul()</code>. The value must fit into a C unsigned
|
||
|
int.
|
||
|
<a name="TYPE_USER"></a><p></p><dt><strong>user</strong><dd>
|
||
|
If the first character is a decimal digit, the value is read with
|
||
|
<code>strtoul()</code> as unsigned integer specifying a user id. Otherwise, it must
|
||
|
be an existing user name.
|
||
|
</dl>
|
||
|
<p><a name="EXAMPLES"></a>
|
||
|
<h2>EXAMPLES</h2>
|
||
|
|
||
|
<p><dl>
|
||
|
<p><a name="EXAMPLE_ADDRESS_TCP4_CONNECT"></a>
|
||
|
<p></p><dt><strong><strong><code>socat - TCP4:www.domain.org:80</code></strong></strong><dd>
|
||
|
<p>Transfers data between <a href="socat.html#ADDRESS_STDIO">STDIO</a> (-) and a
|
||
|
<a href="socat.html#ADDRESS_TCP4_CONNECT">TCP4</a> connection to port 80 of host
|
||
|
www.domain.org. This example results in an interactive connection similar to
|
||
|
telnet or netcat. The stdin terminal parameters are not changed, so you may
|
||
|
close the relay with ^D or abort it with ^C.
|
||
|
<p><a name="EXAMPLE_ADDRESS_READLINE"></a>
|
||
|
<a name="EXAMPLE_OPTION_HISTORY"></a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<p><dt><code><strong>socat -d -d READLINE,history=$HOME/.http_history \</strong><br>
|
||
|
<strong>TCP4:www.domain.org:www,crnl</strong></code><dd>
|
||
|
<p>This is similar to the previous example, but you can edit the current line in a
|
||
|
bash like manner (<a href="socat.html#ADDRESS_READLINE">READLINE</a>) and use the
|
||
|
<a href="socat.html#OPTION_HISTORY">history</a> file .http_history; <strong>socat</strong>
|
||
|
prints messages about progress (<a href="socat.html#option_d_d">-d -d</a>). The port is specified by service name
|
||
|
(www), and correct network line termination characters (<a href="socat.html#OPTION_CRNL">crnl</a>) instead of NL
|
||
|
are used.
|
||
|
<p><a name="EXAMPLE_ADDRESS_TCP4_LISTEN"></a>
|
||
|
<p></p><dt><strong><strong><code>socat TCP4-LISTEN:www TCP4:www.domain.org:www</code></strong></strong><dd>
|
||
|
<p>Installs a simple TCP port forwarder. With
|
||
|
<a href="socat.html#ADDRESS_TCP4_LISTEN">TCP4-LISTEN</a> it listens on local port "www" until a
|
||
|
connection comes in, accepts it, then connects to the remote host
|
||
|
(<a href="socat.html#ADDRESS_TCP4_CONNECT">TCP4</a>) and starts data transfer. It will not accept a
|
||
|
second connection.
|
||
|
<p><a name="EXAMPLE_OPTION_BIND_TCP4"></a>
|
||
|
<a name="EXAMPLE_OPTION_REUSEADDR"></a>
|
||
|
<a name="EXAMPLE_OPTION_FORK"></a>
|
||
|
<a name="EXAMPLE_OPTION_SUBSTUSER"></a>
|
||
|
<a name="EXAMPLE_OPTION_RANGE"></a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<p><dt><code><strong>socat -d -d -lmlocal2 \</strong><br>
|
||
|
<strong>TCP4-LISTEN:80,bind=myaddr1,su=nobody,fork,range=10.0.0.0/8,reuseaddr \</strong><br>
|
||
|
<strong>TCP4:www.domain.org:80,bind=myaddr2</strong></code><dd>
|
||
|
<p>TCP port forwarder, each side bound to another local IP address
|
||
|
(<a href="socat.html#OPTION_BIND">bind</a>). This example handles an almost
|
||
|
arbitrary number of parallel or consecutive connections by
|
||
|
<a href="socat.html#OPTION_FORK">fork</a>'ing a new
|
||
|
process after each <code>accept()</code>. It provides a little security by
|
||
|
<a href="socat.html#OPTION_SUBSTUSER">su</a>'ing to user
|
||
|
nobody after forking; it only permits connections from the private 10 network (<a href="socat.html#OPTION_RANGE">range</a>);
|
||
|
due to <a href="socat.html#OPTION_REUSEADDR">reuseaddr</a>, it allows immediate restart after master process's
|
||
|
termination, even if some child sockets are not completely shut down.
|
||
|
With <a href="socat.html#option_lm">-lmlocal2</a>, socat logs to stderr until successfully
|
||
|
reaching the accept loop. Further logging is directed to syslog with facility
|
||
|
local2.
|
||
|
<p><a name="EXAMPLE_ADDRESS_EXEC"></a>
|
||
|
<a name="EXAMPLE_OPTION_TCPWRAPPERS"></a>
|
||
|
<a name="EXAMPLE_OPTION_CHROOT"></a>
|
||
|
<a name="EXAMPLE_OPTION_SUBSTUSER_DELAYED"></a>
|
||
|
<a name="EXAMPLE_OPTION_PTY"></a>
|
||
|
<a name="EXAMPLE_OPTION_STDERR"></a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<p><dt><code><strong>socat TCP4-LISTEN:5555,fork,tcpwrap=script \</strong><br>
|
||
|
<strong>EXEC:/bin/myscript,chroot=/home/sandbox,su-d=sandbox,pty,stderr</strong></code><dd>
|
||
|
<p>A simple server that accepts connections
|
||
|
(<a href="socat.html#ADDRESS_TCP4_LISTEN">TCP4-LISTEN</a>) and <a href="socat.html#OPTION_FORK">fork</a>'s a new
|
||
|
child process for each connection; every child acts as single relay.
|
||
|
The client must match the rules for daemon process name "script" in
|
||
|
/etc/hosts.allow and /etc/hosts.deny, otherwise it is refused access (see "man
|
||
|
5 hosts_access").
|
||
|
For <a href="socat.html#ADDRESS_EXEC">EXEC</a>'uting the program, the child process
|
||
|
<a href="socat.html#OPTION_CHROOT">chroot</a>'s
|
||
|
to <strong>/home/sandbox</strong>, <a href="socat.html#OPTION_SUBSTUSER">su</a>'s to user sandbox, and then starts
|
||
|
the program <strong>/home/sandbox/bin/myscript</strong>. <strong>Socat</strong> and
|
||
|
myscript communicate via a pseudo tty (<a href="socat.html#OPTION_PTY">pty</a>); myscript's
|
||
|
<a href="socat.html#OPTION_STDERR">stderr</a> is redirected to stdout,
|
||
|
so its error messages are transferred via <strong>socat</strong> to the connected client.
|
||
|
<p><a name="EXAMPLE_OPTION_FDIN"></a>
|
||
|
<a name="EXAMPLE_OPTION_FDOUT"></a>
|
||
|
<a name="EXAMPLE_OPTION_CRNL"></a>
|
||
|
<a name="EXAMPLE_OPTION_MSS"></a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<p><dt><code><strong>socat EXEC:"mail.sh target@domain.com",fdin=3,fdout=4 \</strong><br>
|
||
|
<strong>TCP4:mail.relay.org:25,crnl,bind=alias1.server.org,mss=512</strong></code><dd>
|
||
|
<p><strong>mail.sh</strong> is a shell script, distributed with <strong>socat</strong>, that implements a
|
||
|
simple
|
||
|
SMTP client. It is programmed to "speak" SMTP on its FDs 3 (in) and 4 (out).
|
||
|
The <a href="socat.html#OPTION_FDIN">fdin</a> and <a href="socat.html#OPTION_FDOUT">fdout</a> options tell <strong>socat</strong>
|
||
|
to use these FDs for communication with
|
||
|
the program. Because mail.sh inherits stdin and stdout while <strong>socat</strong> does not
|
||
|
use them, the script can read a
|
||
|
mail body from stdin. <strong>Socat</strong> makes alias1 your local source address
|
||
|
(<a href="socat.html#OPTION_BIND">bind</a>), cares for correct network line termination
|
||
|
(<a href="socat.html#OPTION_CRNL">crnl</a>) and sends
|
||
|
at most 512 data bytes per packet (<a href="socat.html#OPTION_MSS">mss</a>).
|
||
|
<p><a name="EXAMPLE_ADDRESS_GOPEN"></a>
|
||
|
<a name="EXAMPLE_OPTION_RAW"></a>
|
||
|
<a name="EXAMPLE_OPTION_ECHO"></a>
|
||
|
<p></p><dt><strong><strong><code>socat - /dev/ttyS0,raw,echo=0,crnl</code></strong></strong><dd>
|
||
|
<p>Opens an interactive connection via the serial line, e.g. for talking with a
|
||
|
modem. <a href="socat.html#OPTION_RAW">raw</a> and <a href="socat.html#OPTION_ECHO">echo</a> set ttyS0's terminal
|
||
|
parameters to practicable values, <a href="socat.html#OPTION_CRNL">crnl</a>
|
||
|
converts to correct newline characters. Consider using
|
||
|
<a href="socat.html#ADDRESS_READLINE">READLINE</a> instead of `-'.
|
||
|
<p><a name="EXAMPLE_ADDRESS_UNIX_LISTEN"></a>
|
||
|
<a name="EXAMPLE_ADDRESS_SOCKS4"></a>
|
||
|
<a name="EXAMPLE_OPTION_SOCKSUSER"></a>
|
||
|
<a name="EXAMPLE_OPTION_SOURCEPORT"></a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<p><dt><code><strong>socat UNIX-LISTEN:/tmp/.X11-unix/X1,fork \</strong><br>
|
||
|
<strong>SOCKS4:host.victim.org:127.0.0.1:6000,socksuser=nobody,sourceport=20</strong></code><dd>
|
||
|
<p>With <a href="socat.html#ADDRESS_UNIX_LISTEN">UNIX-LISTEN</a>, <strong>socat</strong> opens a listening
|
||
|
UNIX domain socket <strong>/tmp/.X11-unix/X1</strong>. This path corresponds
|
||
|
to local XWindow display :1 on your machine, so XWindow client connections to
|
||
|
DISPLAY=:1 are accepted. <strong>Socat</strong> then speaks with
|
||
|
the <a href="socat.html#ADDRESS_SOCKS4">SOCKS4</a> server host.victim.org that might permit
|
||
|
<a href="socat.html#OPTION_SOURCEPORT">sourceport</a> 20 based connections due to an FTP related
|
||
|
weakness in its static IP filters. <strong>Socat</strong>
|
||
|
pretends to be invoked by <a href="socat.html#OPTION_SOCKSUSER">socksuser</a> nobody, and
|
||
|
requests to be connected to
|
||
|
loopback port 6000 (only weak sockd configurations will allow this). So we get
|
||
|
a connection to the victims XWindow server and, if it does not require MIT
|
||
|
cookies or Kerberos authentication, we can start work. Please note that there
|
||
|
can only be one connection at a time, because TCP can establish only one
|
||
|
session with a given set of addresses and ports.
|
||
|
<p><a name="EXAMPLE_option_u"></a>
|
||
|
<a name="EXAMPLE_OPTION_IGNOREEOF"></a>
|
||
|
<p></p><dt><strong><strong><code>socat -u /tmp/readdata,seek-end=0,ignoreeof -</code></strong></strong><dd>
|
||
|
<p>This is an example for unidirectional data transfer
|
||
|
(<a href="socat.html#option_u">-u</a>). <strong>Socat</strong> transfers data
|
||
|
from file /tmp/readdata (implicit address <a href="socat.html#ADDRESS_GOPEN">GOPEN</a>), starting
|
||
|
at its current end (<a href="socat.html#OPTION_SEEK_END">seek-end</a>=0 lets <strong>socat</strong> start
|
||
|
reading at current end of file; use <a href="socat.html#OPTION_SEEK">seek</a>=0 or no
|
||
|
seek option to first read the existing data) in a "tail -f" like mode
|
||
|
(<a href="socat.html#OPTION_IGNOREEOF">ignoreeof</a>). The "file"
|
||
|
might also be a listening UNIX domain socket (do not use a seek option then).
|
||
|
<p><a name="EXAMPLE_OPTION_SETSID"></a>
|
||
|
<a name="EXAMPLE_OPTION_CTTY"></a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<p><dt><code><strong>(echo PASSWORD; sleep 5; echo ls; sleep 1) |</strong><br>
|
||
|
<strong>socat - EXEC:'ssh -l user server',pty,setsid,ctty</strong></code><dd>
|
||
|
<p><a href="socat.html#ADDRESS_EXEC">EXEC</a>'utes an ssh session to server. Uses a <a href="socat.html#OPTION_PTY">pty</a> for communication between <strong>socat</strong> and
|
||
|
ssh, makes it ssh's controlling tty (<a href="socat.html#OPTION_CTTY">ctty</a>),
|
||
|
and makes this pty the owner of
|
||
|
a new process group (<a href="socat.html#OPTION_SETSID">setsid</a>), so ssh accepts the password from <strong>socat</strong>.
|
||
|
<p><a name="EXAMPLE_ADDRESS_OPEN"></a>
|
||
|
<a name="EXAMPLE_OPTION_CREAT"></a>
|
||
|
<a name="EXAMPLE_OPTION_APPEND"></a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<p><dt><code><strong>socat -u TCP4-LISTEN:3334,reuseaddr,fork \</strong><br>
|
||
|
<strong>OPEN:/tmp/in.log,creat,append</strong></code><dd>
|
||
|
<p>Implements a simple network based message collector.
|
||
|
For each client connecting to port 3334, a new child process is generated (option <a href="socat.html#OPTION_FORK">fork</a>).
|
||
|
All data sent by the clients are <a href="socat.html#OPTION_APPEND">append</a>'ed to the file /tmp/in.log.
|
||
|
If the file does not exist, socat <a href="socat.html#OPTION_CREAT">creat</a>'s it.
|
||
|
Option <a href="socat.html#OPTION_REUSEADDR">reuseaddr</a> allows immediate restart of the server
|
||
|
process.
|
||
|
<p>
|
||
|
|
||
|
<p><a name="EXAMPLE_OPTION_NOECHO"></a>
|
||
|
<p></p><dt><strong><strong><code>socat READLINE,noecho='[Pp]assword:' EXEC:'ftp ftp.server.com',pty,setsid,ctty</code></strong></strong><dd>
|
||
|
<p>Wraps a command line history (<a href="socat.html#ADDRESS_READLINE">READLINE</a>) around the <a href="socat.html#ADDRESS_EXEC">EXEC</a>'uted ftp client utility.
|
||
|
This allows editing and reuse of FTP commands for relatively comfortable
|
||
|
browsing through the ftp directory hierarchy. The password is echoed!
|
||
|
<a href="socat.html#OPTION_PTY">pty</a> is required to have ftp issue a prompt.
|
||
|
Nevertheless, there may occur some confusion with the password and FTP
|
||
|
prompts.
|
||
|
<p><a name="EXAMPLE_ADDRESS_PTY"></a>
|
||
|
<a name="EXAMPLE_OPTION_SYMBOLIC_LINK"></a>
|
||
|
<a name="EXAMPLE_OPTION_WAITSLAVE"></a>
|
||
|
<a name="EXAMPLE_OPTION_NONBLOCK"></a>
|
||
|
(<strong><code>socat PTY,link=$HOME/dev/vmodem0,raw,echo=0,waitslave EXEC:'"ssh modemserver.us.org socat - /dev/ttyS0,nonblock,raw,echo=0"'</code></strong>)
|
||
|
<p>Generates a pseudo terminal
|
||
|
device (<a href="socat.html#ADDRESS_PTY">PTY</a>) on the client that can be reached under the
|
||
|
symbolic <a href="socat.html#OPTION_SYMBOLIC_LINK">link</a> <strong>$HOME/dev/vmodem0</strong>.
|
||
|
An application that expects a serial line or modem
|
||
|
can be configured to use <strong>$HOME/dev/vmodem0</strong>; its traffic will be directed
|
||
|
to a modemserver via ssh where another socat instance links it with
|
||
|
<strong>/dev/ttyS0</strong>.
|
||
|
<p>
|
||
|
|
||
|
|
||
|
|
||
|
<p><dt><code><strong>socat TCP4-LISTEN:2022,reuseaddr,fork \</strong><br>
|
||
|
<strong>PROXY:proxy:www.domain.org:22,proxyport=3128,proxyauth=user:pass</strong></code><dd>
|
||
|
<p>starts a forwarder that accepts connections on port 2022, and directs them
|
||
|
through the <a href="socat.html#ADDRESS_PROXY_CONNECT">proxy</a> daemon listening on port 3128
|
||
|
(<a href="socat.html#OPTION_PROXYPORT">proxyport</a>) on host proxy, using the
|
||
|
CONNECT method, where they are authenticated as "user" with "pass" (<a href="socat.html#OPTION_PROXY_AUTHORIZATION">proxyauth</a>). The proxy
|
||
|
should establish connections to host www.domain.org on port 22 then.
|
||
|
<p><a name="EXAMPLE_ADDRESS_OPENSSL_CONNECT"></a>
|
||
|
<p></p><dt><strong><strong><code>socat - SSL:server:4443,cafile=server.crt,cert=client.pem</code></strong></strong><dd>
|
||
|
<p>is an OpenSSL client that tries to establish a secure connection to an SSL
|
||
|
server. Option <a href="socat.html#OPTION_OPENSSL_CAFILE">cafile</a> specifies a file that
|
||
|
contains trust certificates: we trust the server only when it presents one of
|
||
|
these certificates and proofs that it owns the related private key.
|
||
|
Otherwise the connection is terminated.
|
||
|
With <a href="socat.html#OPTION_OPENSSL_CERTIFICATE">cert</a> a file containing the client certificate
|
||
|
and the associated private key is specified. This is required in case the
|
||
|
server wishes a client authentication; many Internet servers do not.<br>
|
||
|
The first address ('-') can be replaced by almost any other socat address.
|
||
|
<p><a name="EXAMPLE_ADDRESS_OPENSSL_LISTEN"></a>
|
||
|
<p></p><dt><strong><strong><code>socat SSL-LISTEN:4443,reuseaddr,pf=ip4,fork,cert=server.pem,cafile=client.crt PIPE</code></strong></strong><dd>
|
||
|
<p>is an OpenSSL server that accepts TCP connections, presents the certificate
|
||
|
from the file server.pem and forces the client to present a certificate that is
|
||
|
verified against cafile.crt.<br>
|
||
|
The second address ('PIPE') can be replaced by almost any other socat
|
||
|
address.<br>
|
||
|
For instructions on generating and distributing OpenSSL keys and certificates
|
||
|
see the additional socat docu <code>socat-openssl.txt</code>.
|
||
|
<p><p></p><dt><strong><strong><code>echo |socat -u - file:/tmp/bigfile,create,largefile,seek=100000000000</code></strong></strong><dd>
|
||
|
<p>creates a 100GB sparse file; this requires a file system type that
|
||
|
supports this (ext2, ext3, reiserfs, jfs; not minix, vfat). The operation of
|
||
|
writing 1 byte might take long (reiserfs: some minutes; ext2: "no" time), and
|
||
|
the resulting file can consume some disk space with just its inodes (reiserfs:
|
||
|
2MB; ext2: 16KB).
|
||
|
<p><p></p><dt><strong><strong><code>socat tcp-l:7777,reuseaddr,fork system:'filan -i 0 -s >&2',nofork</code></strong></strong><dd>
|
||
|
<p>listens for incoming TCP connections on port 7777. For each accepted
|
||
|
connection, invokes a shell. This shell has its stdin and stdout directly
|
||
|
connected to the TCP socket (<a href="socat.html#OPTION_NOFORK">nofork</a>). The shell starts filan and lets it print the socket addresses to
|
||
|
stderr (your terminal window).
|
||
|
<p><p></p><dt><strong><strong><code>echo -e "\0\14\0\0\c" |socat -u - file:/usr/bin/squid.exe,seek=0x00074420</code></strong></strong><dd>
|
||
|
<p>functions as primitive binary editor: it writes the 4 bytes 000 014 000 000 to
|
||
|
the executable /usr/bin/squid at offset 0x00074420 (this is a real world patch
|
||
|
to make the squid executable from Cygwin run under Windows, actual per May 2004).
|
||
|
<p><p></p><dt><strong><strong><code>socat - tcp:www.blackhat.org:31337,readbytes=1000</code></strong></strong><dd>
|
||
|
<p>connects to an unknown service and prevents being flooded.
|
||
|
<p><a name="EXAMPLE_END_CLOSE"></a>
|
||
|
<p></p><dt><strong><strong><code>socat -U TCP:target:9999,end-close TCP-L:8888,reuseaddr,fork</code></strong></strong><dd>
|
||
|
<p>merges data arriving from different TCP streams on port 8888 to just one stream
|
||
|
to target:9999. The <a href="socat.html#OPTION_END_CLOSE">end-close</a> option prevents the child
|
||
|
processes forked off by the second address from terminating the shared
|
||
|
connection to 9999 (close(2) just unlinks the inode which stays active as long
|
||
|
as the parent process lives; shutdown(2) would actively terminate the
|
||
|
connection).
|
||
|
<p><a name="EXAMPLE_ADDRESS_UDP4_BROADCAST_CLIENT"></a>
|
||
|
<p></p><dt><strong><strong><code>socat - UDP4-DATAGRAM:192.168.1.0:123,sp=123,broadcast,range=192.168.1.0/24</code></strong></strong><dd>
|
||
|
<p>sends a broadcast to the network 192.168.1.0/24 and receives the replies of the
|
||
|
timeservers there. Ignores NTP packets from hosts outside this network.
|
||
|
<p><a name="EXAMPLE_ADDRESS_IP4_BROADCAST_CLIENT"></a>
|
||
|
<p></p><dt><strong><strong><code>socat - IP4-DATAGRAM:255.255.255.255:44,broadcast,range=10.0.0.0/8</code></strong></strong><dd>
|
||
|
<p>sends a broadcast to the local network(s) using protocol 44. Accepts replies
|
||
|
from the private address range only.
|
||
|
<p><a name="EXAMPLE_ADDRESS_UDP4_MULTICAST"></a>
|
||
|
<p></p><dt><strong><strong><code>socat - UDP4-DATAGRAM:224.255.0.1:6666,bind=:6666,ip-add-membership=224.255.0.1:eth0</code></strong></strong><dd>
|
||
|
<p>transfers data from stdin to the specified multicast address using UDP. Both
|
||
|
local and remote ports are 6666. Tells the interface eth0 to also accept
|
||
|
multicast packets of the given group. Multiple hosts on the local network can
|
||
|
run this command, so all data sent by any of the hosts will be received
|
||
|
by all the other ones. Note that there are many possible reasons for failure,
|
||
|
including IP-filters, routing issues, wrong interface selection by the
|
||
|
operating system, bridges, or a badly configured switch.
|
||
|
<p><a name="EXAMPLE_ADDRESS_TUN"></a>
|
||
|
<p></p><dt><strong><strong><code>socat TCP:host2:4443 TUN:192.168.255.1/24,up</code></strong></strong><dd>
|
||
|
<p>establishes one side of a virtual (but not private!) network with host2 where a
|
||
|
similar process might run, with TCP-L and tun address 192.168.255.2. They
|
||
|
can reach each other using the addresses 192.168.255.1 and
|
||
|
192.168.255.2. Substitute the TCP link with an SSL connection protected by
|
||
|
client and server authentication (see OpenSSL
|
||
|
<a href="socat.html#EXAMPLE_ADDRESS_OPENSSL_CONNECT">client</a> and
|
||
|
<a href="socat.html#EXAMPLE_ADDRESS_OPENSSL_LISTEN">server</a>).
|
||
|
<p></dl>
|
||
|
<p><a name="DIAGNOSTICS"></a>
|
||
|
<h2>DIAGNOSTICS</h2>
|
||
|
|
||
|
<p><strong>Socat</strong> uses a logging mechanism that allows to filter messages by severity. The
|
||
|
severities provided are more or less compatible to the appropriate syslog
|
||
|
priority. With one or up to four occurrences of the -d command line option, the
|
||
|
lowest priority of messages that are issued can be selected. Each message
|
||
|
contains a single uppercase character specifying the messages severity (one of
|
||
|
F, E, W, N, I, or D)
|
||
|
<p><dl>
|
||
|
<p></p><dt><strong>FATAL:</strong><dd> Conditions that require unconditional and immediate program termination.
|
||
|
<p></p><dt><strong>ERROR:</strong><dd> Conditions that prevent proper program processing. Usually the
|
||
|
program is terminated (see <a href="socat.html#option_s">option -s</a>).
|
||
|
<p></p><dt><strong>WARNING:</strong><dd> Something did not function correctly or is in a state where
|
||
|
correct further processing cannot be guaranteed, but might be possible.
|
||
|
<p></p><dt><strong>NOTICE:</strong><dd> Interesting actions of the program, e.g. for supervising <strong>socat</strong> in some kind of server mode.
|
||
|
<p></p><dt><strong>INFO:</strong><dd> Description of what the program does, and maybe why it
|
||
|
happens. Allows to monitor the lifecycles of file descriptors.
|
||
|
<p></p><dt><strong>DEBUG:</strong><dd> Description of how the program works, all system or library calls and their results.
|
||
|
</dl>
|
||
|
<p>Log messages can be written to stderr, to a file, or to syslog.
|
||
|
<p>On exit, <strong>socat</strong> gives status 0 if it terminated due to EOF or inactivity
|
||
|
timeout, with a positive value on error, and with a negative value on fatal
|
||
|
error.
|
||
|
<p><a name="FILES"></a>
|
||
|
<h2>FILES</h2>
|
||
|
|
||
|
<p>/usr/bin/socat <br>
|
||
|
/usr/bin/filan <br>
|
||
|
/usr/bin/procan
|
||
|
<p><a name="ENVIRONMENT_VARIABLES"></a>
|
||
|
<h2>ENVIRONMENT VARIABLES</h2>
|
||
|
|
||
|
<p><dl>
|
||
|
<p></p><dt><strong><strong>SOCAT_DEFAULT_LISTEN_IP</strong></strong><dd> (Values 4 or 6) Sets the IP version to be used
|
||
|
for listen, recv, and recvfrom addresses if no <a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a>
|
||
|
(protocol-family) option is given. Is overridden by socat options
|
||
|
<a href="socat.html#option_4">-4</a> or <a href="socat.html#option_6">-6</a>.
|
||
|
<p><p></p><dt><strong><strong>SOCAT_PREFERRED_RESOLVE_IP</strong></strong><dd> (Values 0, 4, or 6) Sets the IP version to
|
||
|
be used when resolving target host names when version is not specified by
|
||
|
address type, option <a href="socat.html#OPTION_PROTOCOL_FAMILY">pf</a> (protocol-family), or
|
||
|
address format. If name resolution does not return a matching entry, the first
|
||
|
result (with differing IP version) is taken. With value 0, socat always selects
|
||
|
the first record and its IP version.
|
||
|
<p><p></p><dt><strong><strong>SOCAT_FORK_WAIT</strong></strong><dd> Specifies the time (seconds) to sleep the parent and
|
||
|
child processes after successful fork(). Useful for debugging.
|
||
|
<p><p></p><dt><strong><strong>HOSTNAME</strong></strong><dd> Is used to determine the hostname for logging (see
|
||
|
<a href="socat.html#option_lh">-lh</a>).
|
||
|
<p><p></p><dt><strong><strong>LOGNAME</strong></strong><dd> Is used as name for the socks client user name if no
|
||
|
<a href="socat.html#OPTION_SOCKSUSER">socksuser</a> is given.<br>
|
||
|
With options <a href="socat.html#OPTION_SUBSTUSER">su</a> and
|
||
|
<a href="socat.html#OPTION_SUBSTUSER_DELAYED">su-d</a>, LOGNAME is set to the given user name.
|
||
|
<p><p></p><dt><strong><strong>USER</strong></strong><dd> Is used as name for the socks client user name if no
|
||
|
<a href="socat.html#OPTION_SOCKSUSER">socksuser</a> is given and LOGNAME is empty.<br>
|
||
|
With options <a href="socat.html#OPTION_SUBSTUSER">su</a> and
|
||
|
<a href="socat.html#OPTION_SUBSTUSER_DELAYED">su-d</a>, USER is set to the given user name.
|
||
|
<p><p></p><dt><strong><strong>SHELL</strong></strong><dd>
|
||
|
With options <a href="socat.html#OPTION_SUBSTUSER">su</a> and
|
||
|
<a href="socat.html#OPTION_SUBSTUSER_DELAYED">su-d</a>, SHELL is set to the login shell of the
|
||
|
given user.
|
||
|
<p><p></p><dt><strong><strong>PATH</strong></strong><dd>
|
||
|
Can be set with option <a href="socat.html#OPTION_PATH">path</a> for <a href="socat.html#ADDRESS_EXEC">exec</a> and
|
||
|
<a href="socat.html#ADDRESS_SYSTEM">system</a> addresses.
|
||
|
<p><p></p><dt><strong><strong>HOME</strong></strong><dd>
|
||
|
With options <a href="socat.html#OPTION_SUBSTUSER">su</a> and
|
||
|
<a href="socat.html#OPTION_SUBSTUSER_DELAYED">su-d</a>, HOME is set to the home directory of the
|
||
|
given user.
|
||
|
<p></dl>
|
||
|
<p><a name="CREDITS"></a>
|
||
|
<h2>CREDITS</h2>
|
||
|
|
||
|
<p>The work of the following groups and organizations was invaluable for this
|
||
|
project:
|
||
|
<p>The <em>FSF</em> (GNU, <a href="http://www.fsf.org/">http://www.fsf.org/</a> project
|
||
|
with their free and portable development software and
|
||
|
lots of other useful tools and libraries.
|
||
|
<p>The <em>Linux developers community</em> (<a href="http://www.linux.org/">http://www.linux.org/</a>) for providing a free, open source operating
|
||
|
system.
|
||
|
<p>The <em>Open Group</em> (<a href="http://www.unix-systems.org/">http://www.unix-systems.org/</a>) for making their
|
||
|
standard specifications available on the Internet for free.
|
||
|
<p><a name="VERSION"></a>
|
||
|
<h2>VERSION</h2>
|
||
|
|
||
|
<p>This man page describes version 1.6.0 of <strong>socat</strong>.
|
||
|
<p><a name="BUGS"></a>
|
||
|
<h2>BUGS</h2>
|
||
|
|
||
|
<p>Addresses cannot be nested, so a single socat process cannot, e.g., drive ssl
|
||
|
over socks.
|
||
|
<p>Address option ftruncate without value uses default 1 instead of 0.
|
||
|
<p>Verbose modes (-x and/or -v) display line termination characters inconsistently
|
||
|
when address options cr or crnl are used: They show the data <em>after</em>
|
||
|
conversion in either direction.
|
||
|
<p>The data transfer blocksize setting (-b) is ignored with address readline.
|
||
|
<p>Send bug reports to <socat@dest-unreach.org>
|
||
|
<p><a name="SEEALSO"></a>
|
||
|
<h2>SEE ALSO</h2>
|
||
|
|
||
|
<p>
|
||
|
nc(1), netcat6(1), sock(1), rinetd(8), cage(1), socks.conf(5), openssl(1),
|
||
|
stunnel(8), pty(1), rlwrap(1), setsid(1)
|
||
|
<p><strong>Socat</strong> home page <a href="http://www.dest-unreach.org/socat/">http://www.dest-unreach.org/socat/</a>
|
||
|
<p><a name="AUTHOR"></a>
|
||
|
<h2>AUTHOR</h2>
|
||
|
|
||
|
<p>Gerhard Rieger <rieger@dest-unreach.org>
|
||
|
</body>
|
||
|
</html>
|