Bug 2526 - Support for transparent proxying
Summary: Support for transparent proxying
Status: CLOSED DUPLICATE of bug 1295
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: 7.1p1
Hardware: Other All
: P5 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-01-18 02:49 AEDT by Joel Lehtonen
Modified: 2016-08-02 10:41 AEST (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Joel Lehtonen 2016-01-18 02:49:24 AEDT 
I propose OpenSSH to add support for application level transparent proxying in addition to DynamicForward. This feature would be implemented to SSH client.

It seems a common practice to use Redsocks and OpenSSH dynamic port forwarding to achieve transparent proxying. I'd like to see direct support for transparent proxy in ssh to avoid the complexity of setting up multiple daemons for a single job.

Using a transparent proxy is in many cases a better and easier job than to get an arbitrary application to support SOCKS proxy.

Implementing target IP detection for transparent proxies is a bit operating system dependent but Redsocks supports at least Linux, OpenBSD, and FreeBSD. This is the way redsocks does it for Linux:

https://github.com/darkk/redsocks/blob/master/base.c#L210
Comment 1 Damien Miller 2016-02-11 17:26:14 AEDT 

*** This bug has been marked as a duplicate of bug 1295 ***
Comment 2 Damien Miller 2016-08-02 10:41:30 AEST 
Close all resolved bugs after 7.3p1 release