[Bug 1295] [PATCH] Transparent proxy support on Linux
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Apr 10 10:06:37 EST 2007
http://bugzilla.mindrot.org/show_bug.cgi?id=1295
------- Comment #8 from dtucker at zip.com.au 2007-04-10 10:06 -------
(In reply to comment #7)
> Because this avoids the extra overhead and hassle of the nat-to-socks
> application.
A separate nat-to-socks application does have some advantages, though.
You could open the tunnels on demand, and you could use different
tunnels based on different conditions (eg: target, current location on
the network). Both of those are things that would be useful to me.
Going back to comment #6, there's another way it could be done on
OpenBSD without running sshd as root: you could use a setuid/setgid
helper to return an open descriptor on /dev/pf.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list