Idea: reverse socks proxy
Dan Kaminsky
dan at doxpara.com
Fri Jan 8 08:51:46 EST 2010
On Thu, Jan 7, 2010 at 10:31 PM, Markus Friedl <markus.r.friedl at arcor.de>wrote:
> On Thu, Jan 07, 2010 at 05:44:17PM +0100, Dan Kaminsky wrote:
> > Couldn't we just do exactly what we did to -L, where the listener is
> > lazy in determining socket destination and uses the SOCKS parser for
> > determining target?
>
> yes, this is what this patch is doing, but just on the server side.
> as i said before, this could be done on the client side, too, but
> requires much more code changes (and risks breaking other things).
>
It's not a very useful patch if it's server-side only. Anything that
requires a client and a server to patch is fundamentally less useful than
something that just requires a client patch. I wouldn't want to see a patch
like this in the codebase, for example, while I would want to see the
client-only version.
Meh. Maybe I'll try to take a crack at this next week.
--Dan
P.S. Sort of amazing to me that, ten years later, it's still the same krew
around here :)
More information about the openssh-unix-dev
mailing list