I wanna tunnel my ssh though port 80(listened by apache). mod_proxy & mod_proxy_connect provide me with AllowCONNECT directive, allowing me to use CONNECT host:22 HTTP/1.1 to connect to my ssh host. But the host following CONNECT is not limited, is there a solution?
I figured it out myself. Just to add a few lines in the
apache2.2/modules/proxy/mod_proxy_connect.c +123
char *allowed_hosts[] = {
"your host",
"127.0.0.1",
"localhost"
};
int hosts_num = sizeof(allowed_hosts) / sizeof(allowed_hosts[0]);
int k;
for (k = 0; k < hosts_num; k++) {
if (strncmp(uri.hostname, allowed_hosts[k], strlen(allowed_hosts[k])) == 0) {
break;
}
}
if (k == hosts_num) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
apr_pstrcat(p, "host not allowed for: ",
uri.hostname, NULL));
}