diff options
Diffstat (limited to 'svr-tcpfwd.c')
| -rw-r--r-- | svr-tcpfwd.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/svr-tcpfwd.c b/svr-tcpfwd.c index 4aa3152..7967cfa 100644 --- a/svr-tcpfwd.c +++ b/svr-tcpfwd.c @@ -289,6 +289,11 @@ static int newtcpdirect(struct Channel * channel) { goto out; } + if (!svr_pubkey_allows_local_tcpfwd(desthost, destport)) { + TRACE(("leave newtcpdirect: local tcp forwarding not permitted to requested destination")); + goto out; + } + snprintf(portstring, sizeof(portstring), "%u", destport); channel->conn_pending = connect_remote(desthost, portstring, channel_connect_done, channel, NULL, NULL, DROPBEAR_PRIO_NORMAL); |