On Wed, Feb 21, 2018 at 9:43 PM, Carson Gaspar <carson@xxxxxxxxxx> wrote: > On 2/21/2018 7:53 PM, Damien Miller wrote: > > Yeah, IMO it would be better to write a small userspace NAT helper e.g. >> using IPPROTO_DIVERT that proxied things via SOCKS (assuming someone >> hasn't already done this). >> > > I haven't used them, but they exist: > > https://github.com/darkk/redsocks > https://github.com/cybozu-go/transocks > > These use tun, but achieve a similar goal: > > https://github.com/normanr/socks-tun > https://github.com/ambrop72/badvpn/wiki/Tun2socks > > The LD_PRELOAD method can intercept getaddrinfo()/gethostbyname() to > handle name resolution on a per-process basis, which is an advantage to > that method (dsocks does this). > > Of course as OpenSSH doesn't implement the UDP interfaces of SOCKS5, that > limits what any client can do (although tun2socks has a UDP gateway to work > around this). > > Would you ship such interfaces, if a patch was provided? > -- > Carson Gaspar > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
