I've been playing around a bit with different variations and can't seem to find something that quite works.
I want to be able to 'bridge' an SSL connection across a particular gateway node in the network. In particular I want to further be able to control the outgoing source port for the TCP connection.
I can use stunnel for part of this -- to bridge the SSL connection. I know I can use nc to set the source port for a connection, but how might I connect these two together to allow specifying the source port for the outgoing connection? (Or is there an alternative solution here I should be considering?)
I feel like if I can get nc to work as a transparent proxy this will be fine, since I can set the source port with it. I feel like I may just be missing something about how nc works. So just to provide a little more context, here's what I'm trying. Suppose I've got an SSL server running locally on 1235. I want to connect to it with an SSL client, but I want to make sure my outgoing source port for the connection is always, say, 1234. (I can connect directly with the client, but I'm given an arbitrary high-number port; I need to be able to specify it.)
My thought was trying to use nc as a bridge here, with something like:
# nc -l localhost:1234 | nc localhost:1235
This definitely establishes proxies something -- I see traffic flowing between the right endpoints -- but it doesn't seem to handle the SSL very well at all. The secure link won't get established and I can't actually communicate between the two using openssl client/server.
What might I need to do to get this working? I'm going to try to determine if stunnel can assist me here; I was thinking that between the two of them I might be able to get this working.
Alright, I have played with socat a little bit, which does seem to bridge the connection -- but I can't seem to figure out how to specify the source port. Any thoughts?
