[Bug 1295] [PATCH] Transparent proxy support on Linux

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Jul 20 11:50:06 EST 2012


https://bugzilla.mindrot.org/show_bug.cgi?id=1295

--- Comment #17 from Damien Miller <djm at mindrot.org> ---
I'd like to get this done soon, but the current patch has bitrotted -
particularly in the pf department.

IMO this would be best as a helper program that:

1) accept()ed connections redirected to it by the packet filter
2) determined (by OS-specific means) the original address
3) connected to a running ssh via it's multiplexing socket and passes
in the accepted fd using MUX_C_NEW_STDIO_FWD

This makes the helper really small and simple, which is nice because it
looks like it will need privileges of some sort on OpenBSD at least.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list