Hello list, this diff provides transparent forward for sslh on OpenBSD too.
I'm not a dev so I'm sure it can be done better. But I've tested with IPv4 and it works. If You want to proxy to a local address You need to fiddle around with pf. I didn't get the pf rules running yet. Proxy to an external address works without further configuration. Thanks for any hint and testing. Regards Uwe --- common.c.orig Mon Mar 9 21:51:39 2015 +++ common.c Wed Nov 4 11:21:46 2015 @@ -120,20 +120,20 @@ int bind_peer(int fd, int fd_from) * got here */ res = getpeername(fd_from, from.ai_addr, &from.ai_addrlen); CHECK_RES_RETURN(res, "getpeername"); -#ifndef IP_BINDANY /* use IP_TRANSPARENT */ - res = setsockopt(fd, IPPROTO_IP, IP_TRANSPARENT, &trans, sizeof(trans)); +#ifndef SO_BINDANY /* use IP_TRANSPARENT */ + res = setsockopt(fd, SOL_SOCKET, SO_BINDANY, &trans, sizeof(trans)); CHECK_RES_DIE(res, "setsockopt"); #else if (from.ai_addr->sa_family==AF_INET) { /* IPv4 */ - res = setsockopt(fd, IPPROTO_IP, IP_BINDANY, &trans, sizeof(trans)); - CHECK_RES_RETURN(res, "setsockopt IP_BINDANY"); + res = setsockopt(fd, SOL_SOCKET, SO_BINDANY, &trans, sizeof(trans)); + CHECK_RES_RETURN(res, "setsockopt SO_BINDANY"); #ifdef IPV6_BINDANY } else { /* IPv6 */ - res = setsockopt(fd, IPPROTO_IPV6, IPV6_BINDANY, &trans, sizeof(trans)); - CHECK_RES_RETURN(res, "setsockopt IPV6_BINDANY"); + res = setsockopt(fd, SOL_SOCKET, SO_BINDANY, &trans, sizeof(trans)); + CHECK_RES_RETURN(res, "setsockopt SO_BINDANY"); #endif /* IPV6_BINDANY */ } -#endif /* IP_TRANSPARENT / IP_BINDANY */ +#endif /* IP_TRANSPARENT / SO_BINDANY */ res = bind(fd, from.ai_addr, from.ai_addrlen); CHECK_RES_RETURN(res, "bind");