-------------------------------------------------------------------------------
Set up a proxy server

Using netcat

Open a localport 12345  connecting to www.google.come
=======8<--------
ncat -l 12345 -c 'nc www.google.com 80'
=======8<--------

Older method using piplines (and named pipe for bidirectionally)
=======8<--------
mkfifo backpipe    # feed back results from the piped requests
nc -l 12345 0<backpipe | nc www.google.com 80 1>backpipe
=======8<--------


Create a backdoor shell (danger)
=======8<--------
nc -l -p 1234 -e /bin/sh
=======8<--------


Using socat

Once only forwarder
=======8<--------
socat TCP4-LISTEN:12345 TCP4:www.google.com:www
=======8<--------

Multi-parrallel connections
forked server,
with su for security,
and only accept from the 10 intranet,
log to local2 syslog after starting the accept loop
=======8<--------
socat -d -d -lmlocal2 \
   TCP4-LISTEN:12345,bind=myaddr1,su=nobody,fork,range=10.0.0.0/8,reuseaddr \
   TCP4:www.google.com:80,bind=myaddr2
=======8<--------

Sandbox Backdoor
tcpwrappered (/etc/hosts.allow)
chroots to sandbox, then runs 'myscript'
=======8<--------
socat TCP4-LISTEN:5555,fork,tcpwrap=script \
EXEC:/bin/myscript,chroot=/home/sandbox,su-d=sandbox,pty,stderr
=======8<--------

-------------------------------------------------------------------------------