Bug 2526

Summary: Support for transparent proxying
Product: Portable OpenSSH Reporter: Joel Lehtonen <joel.lehtonen>
Component: sshAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED DUPLICATE    
Severity: enhancement CC: djm, joel.lehtonen
Priority: P5    
Version: 7.1p1   
Hardware: Other   
OS: All   

Description Joel Lehtonen 2016-01-18 02:49:24 AEDT 
I propose OpenSSH to add support for application level transparent proxying in addition to DynamicForward. This feature would be implemented to SSH client.

It seems a common practice to use Redsocks and OpenSSH dynamic port forwarding to achieve transparent proxying. I'd like to see direct support for transparent proxy in ssh to avoid the complexity of setting up multiple daemons for a single job.

Using a transparent proxy is in many cases a better and easier job than to get an arbitrary application to support SOCKS proxy.

Implementing target IP detection for transparent proxies is a bit operating system dependent but Redsocks supports at least Linux, OpenBSD, and FreeBSD. This is the way redsocks does it for Linux:

https://github.com/darkk/redsocks/blob/master/base.c#L210
Comment 1 Damien Miller 2016-02-11 17:26:14 AEDT 

*** This bug has been marked as a duplicate of bug 1295 ***
Comment 2 Damien Miller 2016-08-02 10:41:30 AEST 
Close all resolved bugs after 7.3p1 release