I find myself lately doing a lot of raw TCP/IP stuff and had a need today to look at a protocol. I know there is Wireshark and similar utilities, but I needed to do something on a remote server, by creating a reverse proxy in order to learn the ins and outs of a custom protocol.
The below command creates a proxy and writes the protocol to files…
mknode /tmp/backpipe p
nc -l 61610 0</tmp/backpipe | \
tee -a /tmp/inflow | \
nc localhost 61611 | \
tee -a /tmp/outflow 1>/tmp/backpipe
In this case the server listens to port 61610 and then forwards the incoming packets to localhost:61611. You should modify the ports and forward host/port to what ever suits your need. Now, if you point the connection of any device to your server’s 61610 port, you can tail /tmp/inflow and /tmp/outflow to see the protocol communications, you can tail both together with…
tail -f /tmp/inflow /tmp/outflow
If you are on Mac OS X, in order to create a fifo file, you should replace the mknode command with…
mkfifo /tmp/backpipe
