[Bug 2526] New: Support for transparent proxying

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Mon Jan 18 02:49:24 AEDT 2016


https://bugzilla.mindrot.org/show_bug.cgi?id=2526

            Bug ID: 2526
           Summary: Support for transparent proxying
           Product: Portable OpenSSH
           Version: 7.1p1
          Hardware: Other
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: joel.lehtonen at iki.fi

I propose OpenSSH to add support for application level transparent
proxying in addition to DynamicForward. This feature would be
implemented to SSH client.

It seems a common practice to use Redsocks and OpenSSH dynamic port
forwarding to achieve transparent proxying. I'd like to see direct
support for transparent proxy in ssh to avoid the complexity of setting
up multiple daemons for a single job.

Using a transparent proxy is in many cases a better and easier job than
to get an arbitrary application to support SOCKS proxy.

Implementing target IP detection for transparent proxies is a bit
operating system dependent but Redsocks supports at least Linux,
OpenBSD, and FreeBSD. This is the way redsocks does it for Linux:

https://github.com/darkk/redsocks/blob/master/base.c#L210

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list