Hi, After reading the previous thread. I decided to give it a try. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=543683 Here's the diff (written against openbsd -current): https://bugzilla.mindrot.org/attachment.cgi?id=2104 What I did was filling list of permitted sockets with NULL. When this list is compared against the list of connections, The local port fowardings are rejected. Any idea to improve the diff would be nice :-) -- Brightest day, Blackest night, No bug shall escape my sight, And those who worship evil's mind, be wary of my powers, puffy lantern's light !