#StackBounty: #linux #networking #socat socat sending from the wrong IP address

Bounty: 50

I am using socat to forward UDP traffic from one port to another with the following command:

socat -T5 UDP4-LISTEN:12345,reuseaddr,fork UDP4:127.0.0.1:23456,bind=127.0.0.2,so-bindtodevice=lo

Using netcat to test this, I ran nc -u -l -p 23456 -vv and echo test | nc -u 127.0.0.1 12345. This gave me the following unexpected output:

listening on [any] 23456 ...
connect to [<myPublicIp>] from <hostname> [<myPublicIp>] 53995
test

Instead of seeing <myPublicIp> as the source address, I would have expected to see 127.0.0.2. Am I misunderstanding something about networking, or am I using socat incorrectly?

The affected server is running Debian 10, Linux kernel version is 4.19.0-13-amd64, socat version is 1.7.3.2.

EDIT:
When using TCP, the output is slightly different:

listening on [any] 23456 ...
connect to [127.0.0.1] from <hostname> [<myPublicIp>] 48520
test

As requested, the relevant output of netstat -aun

Proto Recv-Q Send-Q Local Address           Foreign Address         State  
udp        0      0 0.0.0.0:12345           0.0.0.0:*
udp        0      0 <myPublicIp>:23456      <myPublicIp>:54299      ESTABLISHED
udp        0      0 127.0.0.1:33156         127.0.0.1:12345         ESTABLISHED


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.