socat - DeveloPassion

# socat socat (SOcket CAT) is a command-line utility that establishes two bidirectional byte streams and transfers data between them. It's often described as a more powerful version of [[netcat]] (nc), capable of handling many different types of connections and data channels. Created by [[Gerhard Rieger]], first released in 2002. ## Key Features ### Data Channels socat can connect virtually any type of data channel, including: - TCP and UDP sockets (IPv4 and IPv6) - Unix domain sockets - Files and pipes - PTY (pseudo-terminal) - Serial devices - SSL/TLS encrypted connections - SOCKS proxies - Standard input/output (STDIO) ### Capabilities - **Bidirectional transfer**: Data flows both ways simultaneously - **Protocol conversion**: Bridge different protocols together - **Port forwarding**: Forward local ports to remote destinations - **SSL/TLS wrapping**: Add encryption to unencrypted connections - **Address rewriting**: Modify source/destination addresses - **Logging and debugging**: Detailed connection diagnostics ## Common Use Cases ### Port Forwarding Forward a local port to a remote destination: ```bash socat TCP-LISTEN:8080,fork TCP:remote-host:80 ``` ### TCP to Unix Socket Bridge Connect a TCP port to a Unix domain socket: ```bash socat TCP-LISTEN:3306,fork UNIX-CONNECT:/var/run/mysqld/mysqld.sock ``` ### SSL/TLS Wrapper Add SSL to an unencrypted connection: ```bash socat TCP-LISTEN:443,fork SSL:backend:80,verify=0 ``` ### Serial Port Access Connect to a serial device over TCP: ```bash socat TCP-LISTEN:2000,fork /dev/ttyUSB0,b9600 ``` ### Chrome Remote Debugging Bridge Expose Chrome DevTools Protocol on a different interface: ```bash socat TCP-LISTEN:9223,bind=0.0.0.0,reuseaddr,fork TCP:127.0.0.1:9222 ``` ## Syntax Basic syntax: ```bash socat [options] <address1> <address2> ``` Common options: - `-d` - Increase verbosity (use `-d -d` for more) - `-v` - Write data to stderr - `-x` - Write data in hex to stderr - `fork` - Handle multiple connections - `reuseaddr` - Allow address reuse ## Address Types - `TCP:<host>:<port>` - TCP client connection - `TCP-LISTEN:<port>` - TCP server listener - `UDP:<host>:<port>` - UDP connection - `UNIX-CONNECT:<path>` - Unix socket client - `UNIX-LISTEN:<path>` - Unix socket server - `STDIO` - Standard input/output - `FILE:<path>` - File access - `EXEC:<command>` - Execute a program - `SSL:<host>:<port>` - SSL client connection - `OPENSSL-LISTEN:<port>` - SSL server listener ## Installation ```bash # Debian/Ubuntu sudo apt install socat # Arch Linux sudo pacman -S socat # Omarchy yay -S socat # macOS (Homebrew) brew install socat # Red Hat/CentOS sudo yum install socat ``` ## Comparison with netcat | Feature | socat | netcat | |---------|-------|--------| | SSL/TLS support | ✅ Native | ❌ Requires wrapper | | Unix sockets | ✅ | Limited | | Serial ports | ✅ | ❌ | | IPv6 | ✅ | Depends on version | | Complexity | Higher | Lower | | Learning curve | Steeper | Gentler | ## References - Official site: http://www.dest-unreach.org/socat/ - Man page: `man socat` - GitHub mirror: https://github.com/3ndG4me/socat - Wikipedia: https://en.wikipedia.org/wiki/Socat ## Related - [[netcat]]