Scroll to navigation

REDIR(1) General Commands Manual (smm) REDIR(1)


redirect TCP connections


redir [-hinpsv] [-b IP] [-f TYPE] [-I NAME] [-l LEVEL] [-m BPS] [-o <1,2,3>] [-t SEC] [-w MSEC] [-x HOST:PORT] [-z BYTES] [SRC]:PORT [DST]:PORT


redir redirects TCP connections coming in on a local port, [SRC]:PORT, to a specified address/port combination, [DST]:PORT. Both the SRC and DST arguments can be left out, redir will then use

redir can be run either from inetd or as a standalone daemon. In --inetd mode the listening SRC:PORT combo is handled by another process, usually inetd, and a connected socket is handed over to redir via stdin. Hence only [DST]:PORT is required in --inetd mode. In standalone mode redir can run either in the foreground, -n, or in the background, detached like a proper UNIX daemon. This is the default. When running in the foreground log messages are also printed to stderr, unless the -s flag is given.

Depending on how redir was compiled, not all options may be available.


Mandatory arguments to long options are mandatory for short options too.
Forces redir to pick a specific address/interface to bind to when it listens for incoming connections.
Show built-in help text.
When using redir for an FTP server, this will cause redir to also redirect FTP connections. Type should be specified as either "port", "pasv", or "both", to specify what type of FTP connection to handle. Note that --transproxy often makes one or the other (generally port) undesirable.
Run as a process started from inetd(1), with the connection passed as stdin and stdout on startup.
Specify program identity (name) to be used for TCP wrapper checks and syslog messages.
Set log level: none, err, notice, info, debug. Default is notice.
Run in foreground, do not detach from controlling terminal.
On a Linux system with transparent proxying enabled, causes redir to make connections appear as if they had come from their true origin. See the file transproxy.txt in the distribution, and the Linux Documentation/networking/tproxy.txt for details. Untested on modern Linux kernels.
Log messages to syslog.
Timeout and close the connection after SEC seconds of inactivity.
Show program version.
Redirects connections through an HTTP proxy which supports the CONNECT command. Specify the address and port of the proxy using [DST]:PORT. --connect requires the hostname and port which the HTTP proxy will be asked to connect to.


The following options control traffic shaping, if redir is built with shaping enabled.
Reduce the bandwidth to be no more than BPS bits/sec. The algorithm is basic, the goal is to simulate a slow connection, so there is no peak acceptance.
Apply --max-bandwidth and --random-wait for input(1), output(2), or both(3).
Wait between 0 and 2 x n milliseconds before each "packet". A "packet" is a block of data read in one time by redir. A "packet" size is always less than the bufsize (see also --bufsize)
Set the bufsize (defaut 4096) in bytes. Can be used combined with --max-bandwidth or --random-wait to simulate a slow connection.


inetd(1) uredir(1)


redir is written by Nigel Metheringham and Sam Creasey, with contributions from many others. It is currently being maintained at GitHub by Joachim Nilsson.
01 May, 2016 Linux 4.19.0-6-amd64