Simulate TCP and TLS Proxy using SOcket CAT

ChandraChandra
2 min read

SOCAT is a command line based utility that establishes two bidirectional byte streams and transfers data between them. We can leverage SOCAT’s support for different types of sources and sinks to simulate TCP and TLS proxies. This type of simulation helps us understand the impact of a proxy (between server and client) and establish a baseline for the latency and throughput.

TCP Proxy using SOCAT

SOCAT can be used to simulate a TCP proxy to proxy the data between the server and the client. TCP Proxy in this context is a sidecar process that proxies client or server data.

To simulate the TCP Proxy, use the following command:

socat -v TCP4-LISTEN:8888,fork,reuseaddr,ignoreeof TCP4:192.168.0.10:8088

This command spawns a process that listens for new connections on port 8888 and forwards the data to port 192.168.0.10:8088.

TLS Client Proxy using SOCAT

SOCAT can also be used to simulate TLS client proxy. TLS client proxy in this context is a sidecar process that upgrades a normal connection to a TLS connection.

To simulate a TLS client proxy, use the following command:

socat tcp4-listen:8888,fork,reuseaddr,ignoreeof openssl:192.168.0.10:8088,commonname=some-server,key=./client-key.pem,cert=./client-cert.pem,cafile=./ca.pem

This command spawns a process that listens for new plain text connections on port 8888 and proxies the data on TLS connection to 192.168.0.10:8088.

TLS Server Proxy using SOCAT

Similar to TLS client proxy, SOCAT can be used to simulate TLS server proxy too. TLS server proxy in this context is a sidecar process that terminates a TLS connection.

To simulate a TLS server proxy, use the following command:

socat openssl-listen:8888,fork,reuseaddr,ignoreeof tcp4:192.168.0.10:8088,commonname=some-server,key=./client-key.pem,cert=./client-cert.pem,cafile=./ca.pem

This command spawns a process that listens for TLS connections on port 8888, terminates the TLS connection and proxies the data on TCP connection to 192.168.0.10:8088.

References

0
Subscribe to my newsletter

Read articles from Chandra directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Chandra
Chandra