This is based on the existing "gateway forwards" mechanism which allowed traffic sent to the gateway to be forwarded.
A forwards.json can be dynamically updated with IP network matches and Unix domain socket / Windows named pipe paths. When a SYN arrives, a request is sent on the Unix domain socket, allowing the server to reject or accept the request. Assuming the connection is accepted, the handshake is completed and traffic flows.
This is based on the existing "gateway forwards" mechanism which allowed traffic sent to the gateway to be forwarded.
A
forwards.jsoncan be dynamically updated with IP network matches and Unix domain socket / Windows named pipe paths. When a SYN arrives, a request is sent on the Unix domain socket, allowing the server to reject or accept the request. Assuming the connection is accepted, the handshake is completed and traffic flows.