First, all credit to Vladimir Parkhaev as this is his code. He may have
submitted this before for all I know, but I for one definitely would like
to see this end up in the codebase, so I'm submitting it.
*** openssh-5.1p1/serverloop.c Fri Jul 4 09:10:49 2008
--- openssh-5.1p1-RCFHACKS/serverloop.c Thu Jan 29 08:56:11 2009
***************
*** 957,962 ****
--- 957,968 ----
c = channel_connect_to(target, target_port,
"direct-tcpip", "direct-tcpip");
+ if (c == NULL){
+ verbose("Tunnel denied: user '%s' from %s to %s:%d",
the_authctxt->user, get_remote_ipaddr(), target, target_port);
+ } else {
+ verbose("Tunnel opened: user '%s' from %s to %s:%d",
the_authctxt->user, get_remote_ipaddr(), target, target_port);
+ }
+
xfree(originator);
xfree(target);
Circa 2009-01-30 14:21 dixit jblaine at kickflop.net:
: First, all credit to Vladimir Parkhaev as this is his code. He may have
: submitted this before for all I know, but I for one definitely would like
: to see this end up in the codebase, so I'm submitting it.
:
: [snip: Patch to log tunnel information]
Probably a good idea to put this in the OpenSSH Bugzilla:
http://www.openssh.com/report.html
http://bugzilla.mindrot.org/
--jim
--
jim knoble | jmknoble at pobox.com | http://www.pobox.com/~jmknoble/
(GnuPG key ID: C6F31FFA >>>>>>
http://www.pobox.com/~jmknoble/keys/ )
(GnuPG fingerprint: 99D8:1D89:8C66:08B5:5C34::5527:A543:8C33:C6F3:1FFA)
+----------------------------------------------------------------------+
|[L]iberty, as we all know, cannot flourish in a country that is perma-|
| nently on a war footing, or even a near-war footing. --Aldous Huxley|
+----------------------------------------------------------------------+