Skip to main content
Mplexia

socat: The Swiss Army Knife of Networking

·349 words·2 mins

I Wanted to Talk About Cool Stuff… But First, socat
#

Today I really wanted to jump into more advanced topics, but I realised I first need to address something fundamental.

TCP connections are actually very simple.

Think of them like a phone call:

  • You dial → connect
  • You talk and listen
  • You hang up

Applications basically do the same thing: they open a socket and just read/write data. Everything else (handshakes, retransmissions, congestion control) is handled by the kernel.

But what if we could treat a network connection exactly like a Unix pipe?

That’s where socat comes in.

socat = cat Over the Network
#

socat (short for SOcket CAT) lets you create bidirectional byte streams between almost anything: TCP, UDP, files, serial ports, etc.

Simple File Copy Over TCP
#

On the receiving side (remotehost):

socat TCP-LISTEN:12345,fork,reuseaddr - > file2

On the sending side (localhost):

cat file1 | socat - TCP:remotehost:12345

That’s it. You just copied a file over the network as easily as cat file1 > file2.

simple copy

More Advanced: UDP → TCP Proxy
#

On the receiving side (remotehost) - that’s the same as previous:

socat TCP-LISTEN:12345,fork,reuseaddr - > file2

On the proxy (middleman):

socat -u UDP-LISTEN:54321,fork TCP:remotehost:12345

And finally on the sending side (localhost):

cat file1 | socat -u - UDP:proxy:54321

That’s it - we just sent the file over UDP and TCP glued together by the TCP-to-UDP proxy.

copy via tcp-udp proxy

Real-World Example: SSH Over UDP
#

# On remotehost (forward UDP 2222 → local SSH)
socat UDP-LISTEN:2222,reuseaddr,fork TCP:localhost:22

# On localhost (forward local TCP 2222 → remote UDP)
socat TCP-LISTEN:2222,reuseaddr,fork UDP:remotehost:2222

and then just:

ssh -p2222 localhost

!SSH OVER UDP! 🎉
#

ssh via udp

Why This Matters
#

socat proves that at the end of the day, most network communication is just streams of bytes. Once you understand that, you can:

  • Forward ports creatively
  • Build quick proxies and tunnels
  • Debug tricky connectivity issues
  • Create powerful one-liners

It really is the Swiss Army knife of networking.

Many other official examples: http://www.dest-unreach.org/socat/doc/socat.html#EXAMPLES

I’ll be showing more advanced socat use cases in future posts (port forwarding, TLS tunnels, relay chains, etc.).

Ludek Rozehnal
Author
Ludek Rozehnal
AWS Cloud Network Engineer & Terraform Expert with 20+ years’ experience. For the last 8+ years I’ve been the primary cloud network architect and IaC authority at Flextrade Systems (UK remote), where I designed and delivered fully automated global multi-region/multi-account AWS networking using Terraform and GitOps. I combine deep traditional networking knowledge with DevOps practices to eliminate manual processes, reduce risk, and accelerate cloud migrations — especially for low-latency, business-critical workloads. I’m passionate about sharing my expertise through blogging, open-source contributions, and speaking engagements. If you’re looking for guidance on AWS cloud networking or Terraform best practices, let’s connect!