Hello list,
this diff provides transparent forward for sslh on OpenBSD too.
I'm not a dev so I'm sure it can be done better. But I've tested with
IPv4 and it works.
If You want to proxy to a local address You need to fiddle around with
pf. I didn't get the pf rules running yet. Proxy to an external
address works without further configuration.
Thanks for any hint and testing.
Regards Uwe
--- common.c.orig Mon Mar 9 21:51:39 2015
+++ common.c Wed Nov 4 11:21:46 2015
@@ -120,20 +120,20 @@ int bind_peer(int fd, int fd_from)
* got here */
res = getpeername(fd_from, from.ai_addr, &from.ai_addrlen);
CHECK_RES_RETURN(res, "getpeername");
-#ifndef IP_BINDANY /* use IP_TRANSPARENT */
- res = setsockopt(fd, IPPROTO_IP, IP_TRANSPARENT, &trans, sizeof(trans));
+#ifndef SO_BINDANY /* use IP_TRANSPARENT */
+ res = setsockopt(fd, SOL_SOCKET, SO_BINDANY, &trans, sizeof(trans));
CHECK_RES_DIE(res, "setsockopt");
#else
if (from.ai_addr->sa_family==AF_INET) { /* IPv4 */
- res = setsockopt(fd, IPPROTO_IP, IP_BINDANY, &trans, sizeof(trans));
- CHECK_RES_RETURN(res, "setsockopt IP_BINDANY");
+ res = setsockopt(fd, SOL_SOCKET, SO_BINDANY, &trans, sizeof(trans));
+ CHECK_RES_RETURN(res, "setsockopt SO_BINDANY");
#ifdef IPV6_BINDANY
} else { /* IPv6 */
- res = setsockopt(fd, IPPROTO_IPV6, IPV6_BINDANY, &trans,
sizeof(trans));
- CHECK_RES_RETURN(res, "setsockopt IPV6_BINDANY");
+ res = setsockopt(fd, SOL_SOCKET, SO_BINDANY, &trans, sizeof(trans));
+ CHECK_RES_RETURN(res, "setsockopt SO_BINDANY");
#endif /* IPV6_BINDANY */
}
-#endif /* IP_TRANSPARENT / IP_BINDANY */
+#endif /* IP_TRANSPARENT / SO_BINDANY */
res = bind(fd, from.ai_addr, from.ai_addrlen);
CHECK_RES_RETURN(res, "bind");
