search for: channel_setup_local_fwd_listener

...d", - listen_port); + error("channel_setup_fwd_listener: cannot listen to port: %s/%d", + listen_addr == NULL ? "0.0.0.0" : listen_addr, listen_port); freeaddrinfo(aitop); return success; } /* protocol local port fwd, used by ssh (and sshd in v1) */ int -channel_setup_local_fwd_listener(u_short listen_port, +channel_setup_local_fwd_listener(const char *listen_host, u_short listen_port, const char *host_to_connect, u_short port_to_connect, int gateway_ports) { return channel_setup_fwd_listener(SSH_CHANNEL_PORT_LISTENER, - NULL, listen_port, host_to_connect, port_to_conn...

...sfwd_port, buf, sfwd_host_port) != 3) { - logit("Bad forwarding specification."); - goto out; - } - if ((fwd_port = a2port(sfwd_port)) == 0 || - (fwd_host_port = a2port(sfwd_host_port)) == 0) { - logit("Bad forwarding port(s)."); - goto out; - } - if (local) { - if (channel_setup_local_fwd_listener(fwd_port, buf, - fwd_host_port, options.gateway_ports) < 0) { + if (socks){ + if ( (sscanf(s, "%5[0-9]", sfwd_port)) != 1) { + logit("Bad forwarding port."); + goto out; + } + + fwd_port = a2port(sfwd_port); + if (channel_setup_local_fwd_listener(fwd_port, &quo...

...client program. Following the codepath, it ends up as an option for the server program. Server process receives in serverloop.c:1409 "streamlocal-forward at openssh.com" receives fwd.listen_path calls channel_setup_remote_fwd_listener(&fwd, NULL, &options.fwd_opts) channels.c: channel_setup_local_fwd_listener -> channel_setup_fwd_listener_streamlocal channel_setup_fwd_listener_streamlocal(int type, struct Forward *fwd, struct ForwardOptions *fwd_opts) calls unix_listener(fwd->listen_path, SSH_LISTEN_BACKLOG, fwd_opts->streamlocal_bind_unlink) fwd_opts->streamlocal_bind_unlink...

These patches implement a new mux client request to list the currently opened TCP forwardings. It also removes some todos regarding keeping the list of forwardings in the options up-to-date. Bert Wesarg (6): attach the forwarding type to struct Forward merge local and remote forward lists generate unique ids for forwardings to be used for identification remove closed forwardings from

Hi, Just a usecase that I'm sure has been covered before but just in case its not an openssh solution would be very helpful. I was trying to install software on a server that was firewalled so no outbound http connections would work. I was also tunnelling via another server. Outbound ssh connections also were a convenient option. What would have been nice would be a remote version of

...(void); void channel_input_port_forward_request(int, int); -int channel_connect_to(const char *, u_short); +int channel_connect_to(const char *, u_short, void *); int channel_connect_by_listen_address(u_short); void channel_request_remote_forwarding(u_short, const char *, u_short); int channel_setup_local_fwd_listener(u_short, const char *, u_short, int); diff -nru openssh-3.8.1p1/serverloop.c openssh-3.8.1p1-devs//serverloop.c --- openssh-3.8.1p1/serverloop.c Wed Jan 21 01:02:50 2004 +++ openssh-3.8.1p1-devs//serverloop.c Mon Feb 21 11:33:13 2005 @@ -867,7 +867,7 @@ originator, originator_port, target, tar...

...q, void *ctxt) +{ + channel_input_port_open(type, seq, ctxt, 1); +} + /* -- tcp forwarding */ @@ -2209,6 +2229,8 @@ port); #endif /* Initiate forwarding */ + log("TCP forwarding listening on port %d %s", port, + gateway_ports ? "open" : "private"); channel_setup_local_fwd_listener(port, hostname, host_port, gateway_ports); /* Free the argument string. */ @@ -2227,10 +2249,31 @@ all_opens_permitted = 1; } +/* + * If the server-wide configuration specifies some permitted_opens + * then don't allow users to add to them. + */ void -channel_add_permitted_opens(char...

Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in

...uot;, __func__); + buffer_put_int(r, MUX_S_PERMISSION_DENIED); + buffer_put_cstring(r, "Permission denied"); + goto out; + } + } + + if (ftype == MUX_FWD_LOCAL || ftype == MUX_FWD_DYNAMIC) { + if (options.num_local_forwards + 1 >= + SSH_MAX_FORWARDS_PER_DIRECTION || + channel_setup_local_fwd_listener(fwd.listen_host, + fwd.listen_port, fwd.connect_host, fwd.connect_port, + options.gateway_ports) < 0) { + fail: + logit("slave-requested %s failed", fwd_desc); + buffer_put_int(r, MUX_S_FAILURE); + buffer_put_cstring(r, "Port forwarding failed"); + goto out;...