dest-unreach / socat / socat-version2
socat version 2 is currently under development. Its main enhancement are so called address chains that concatenate simple addresses. Address chains are similar to command shell pipes, but they work bidirectionally.
Here is a simple example that drives OpenSSL via SCTP/IPv6:
socat - 'OPENSSL,verify=0 | SCTP6:sctp.domain.com:443'
A more complex example connects with TCP to an HTTP proxy server on port 8080, requests a connection to home.provider.com:443, then drives OpenSSL over the proxy to the home server (where a socks server is prepared), and requests a socks connection to some target server:
socat - 'SOCKS:www.forbidden.org:80|OPENSSL-CLIENT,cafile=./server.crt|PROXY:home.provider.com:443|TCP:proxy.domain.com:8080
Documentation: man page in the package; address chain mini howto; integration of external programs; a less detailled introduction to the new features can be found in the Linuxwochen presentation starting with slide 39.
Currently socat version 2 is in beta state. socat 2.0.0-b1 was branched off
socat 1.6.0.0; 2.0.0-b2 is a merge of 2.0.0-b1 and 1.7.0.0, that means it is
directly derived from 2.0.0-b1 but contains all bug fixes and features that
have been introduced with versions 1.6.0.1 and 1.7.0.0.
2.0.0-b3 is a merge of 2.0.0-b2 and 1.7.1.0.
Beta development state currently means: has not been compiled on a system other than Linux; no systematic tests beyond executing the test.sh script have been performed; documentation is incomplete. Bugs that occur during beta development but have not been present in version 1 will be fixed without notice. More significant changes might be performed before the stable release.
Download: socat-2.0.0-b8.tar.gz, socat-2.0.0-b8.tar.bz2