Hello.
I am currently using the ForwardingFilter's canListen() & canConnect()
functions in my application to control which port forwards SSH clients are
allowed to create. I would like to also be able to filter incoming
connections to listening port forwards. For the moment I added a method to
the ForwardingFilter interface:
boolean isAllowed(InetSocketAddress sourceAddress, InetSocketAddress
destinationAddress, ServerSession session);
And check with it from TcpipForwardSupport's sessionCreated() function.
I think this is a useful capability for applications with embedded SSH
servers, and would like to submit a patch, rather than re-applying it to
each release, but I wanted to ask if there would be a better, more likely to
be accepted, design for it, and also ask if I have just missed a less
obvious way to accomplish this with the existing code.
Thanks,
Bill
