Displaying 3 results from an estimated 3 matches for "fwd_permit_any_port".
2017 May 04
5
OpenSSH contract development / patch
On Thu, May 04, 2017 at 09:37:59AM +1000, Adam Eijdenberg wrote:
> Hi Devin, have you looked at using openssh certificates to help manage
[...]
> While the feature has been around for a while now (and is really
> useful), there doesn't seem to be huge amount of documentation around
> it. I found the following useful when getting a client of my running
Yeah, when I wrote about it
2016 Jun 05
5
[Bug 2582] New: Allow PermitOpen to use a wildcard hostname with a fixed port
...vers and there might be 2-3 servers that have
been decommissioned.
This patch is a huge improvement over allowing all ports to all
hosts, which is all that I can do at this point without having
a huge management headache. I was very surprised this wasn't
supported alongside FWD_PERMIT_ANY_PORT. It's a simple enough
change. I wonder if there was any debate on this or if it just
slipped through the cracks as an uncommon use case?
Note that this doesn't go down the more complex road of allowing
more finegrained cases. The '*' is NOT actually a pattern, it is...
2012 Oct 22
1
[PATCH] Implement remote dynamic TCP forwarding
...nnel_connect_by_listen_address(u_short listen_port, char *ctype, char *rname)
for (i = 0; i < num_permitted_opens; i++) {
if (permitted_opens[i].host_to_connect != NULL &&
port_match(permitted_opens[i].listen_port, listen_port)) {
+ if (permitted_opens[i].port_to_connect == FWD_PERMIT_ANY_PORT)
+ return channel_new(ctype, SSH_CHANNEL_RDYNAMIC, -1, -1, -1,
+ CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, rname, 1);
+
return connect_to(
permitted_opens[i].host_to_connect,
permitted_opens[i].port_to_connect, ctype, rname);
diff --git a/channels.h b/channe...