Support gid-based routing and allow tunnel localhost ports #873
Merged
brianmay merged 7 commits intosshuttle:masterfrom Aug 7, 2023
Merged
Support gid-based routing and allow tunnel localhost ports #873brianmay merged 7 commits intosshuttle:masterfrom
brianmay merged 7 commits intosshuttle:masterfrom
Conversation
Member
|
In general looks good to me. Some of these functions, e.g. main, have a huge number of parameters. This is likely to result in bugs with parameters being passed in the wrong order (for example). Think at some point this really needs to be refactored somehow. I will merge after the flake8 issue is fixed. Thanks! |
Author
|
Whoops sorry, I have fixed the issues that
Agree 100%. Maybe for starter we can try by using a dataclass to pass in the parameters i think 🤔 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add
--groupflag to filter network traffic emitted by the given group.This flag is useful especially when we want to run sshuttle on a docker container with
--net=hostbut doesn't have the luxury to setup a new user to filter the traffic that we want to tunnel so that it wont affect the other container.Allow user to tunnel localhost port in the remote host.
This is useful for users that uses
sshuttleto tunnel their traffic to a jumpbox that has some sidecars listening on127.0.0.1on that server. e.g.sshuttle -r <remote> 0/0 127.0.0.1:8200/32Afterwards, users can reserve port
8200so that the kernel won't allocate port on8200using ip_local_reserved_ports in Linux.This MR only enable this capability for
iptablesbecause I don't have access to test other firewalls.