summarylogtreecommitdiffstats
path: root/patch-openssh-DNAT.txt
blob: 5eb1f3380a63bb8518a48780bf05d76b8d0b4a85 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

--- openssh-8.5p1/channels.c.orig       2021-03-02 05:31:47.000000000 -0500
+++ openssh-8.5p1/channels.c    2021-03-11 08:53:54.502299035 -0500
@@ -83,6 +83,10 @@
 #include "authfd.h"
 #include "pathnames.h"
 #include "match.h"
+#define LINUX_NETFILTER
+#ifdef LINUX_NETFILTER
+#include <linux/netfilter_ipv4.h>
+#endif

 /* -- agent forwarding */
 #define        NUM_SOCKS       10
@@ -1695,6 +1699,20 @@
                remote_ipaddr = xstrdup("127.0.0.1");
                remote_port = 65535;
        }
+       if(strcmp(rtype, "direct-tcpip") == 0) {
+          struct sockaddr_in orig_addr,sock_addr;
+          int s_orig_addr ,s_sock_addr;
+          s_orig_addr = s_sock_addr = sizeof orig_addr;
+    #ifdef LINUX_NETFILTER
+          if(getsockopt(c->sock, SOL_IP, SO_ORIGINAL_DST, &orig_addr, &s_orig_addr) == 0
+           && getsockname(c->sock, (struct sockaddr *)&sock_addr, &s_sock_addr) == 0
+           && memcmp(&orig_addr.sin_addr,&sock_addr.sin_addr,sizeof orig_addr.sin_addr) != 0 ) {
+             free(c->path) ;
+             c->path = xstrdup(inet_ntoa(orig_addr.sin_addr));
+             c->host_port = ntohs(orig_addr.sin_port);
+          }
+    #endif
+       }

        free(c->remote_name);
        xasprintf(&c->remote_name,