Closed mtmiller closed 7 years ago
At a stretch, maybe automatically replace localhost with INTERNAL_IP4_ADDRESS?
I think you would want VPNGATEWAY
? But that's an external IP address so it may or may not work, depending on the setup.
Right, VPNGATEWAY
. But yes, I have no idea if this is safe for every setup, just that that's what I intended localhost
to mean for my setup.
fa6cdaa0 takes care of the "at a minimum", so you can close this if anything else seems like overreach.
A typical port forwarding pattern with ssh is something like
ssh -L 8080:localhost:80
to access a service running on the remote machine itself.This does not work with
ocproxy -L 2222:localhost:22
, where the openconnect server provides ssh access. However, specifying the server's localnet IP address does work, e.g.ocproxy -L 2222:192.168.1.1:22
.At a minimum it would be helpful to document this exception to commonly expected behavior.
At a stretch, maybe automatically replace
localhost
withINTERNAL_IP4_ADDRESS
?