[Bug 1295] [PATCH] Transparent proxy support on Linux

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Jul 20 11:50:06 EST 2012


--- Comment #17 from Damien Miller <djm at mindrot.org> ---
I'd like to get this done soon, but the current patch has bitrotted -
particularly in the pf department.

IMO this would be best as a helper program that:

1) accept()ed connections redirected to it by the packet filter
2) determined (by OS-specific means) the original address
3) connected to a running ssh via it's multiplexing socket and passes
in the accepted fd using MUX_C_NEW_STDIO_FWD

This makes the helper really small and simple, which is nice because it
looks like it will need privileges of some sort on OpenBSD at least.

You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

More information about the openssh-bugs mailing list