Skip to content

feat: Add SSH port forwarding support (-L, -R, -D options) #21

Closed
#31
Closed
feat: Add SSH port forwarding support (-L, -R, -D options)#21
#31
Assignees
inureyes
Labels
priority:highHigh priority issuestatus:doneCompletedtype:enhancementNew feature or request
@inureyes

Description

@inureyes
inureyes
opened on Aug 27, 2025

Overview

Implement comprehensive SSH port forwarding capabilities in bssh to support local (-L), remote (-R), and dynamic (-D) port forwarding, enabling full SSH tunneling functionality compatible with both single-host and multi-host cluster modes.

Technical Approach

The implementation uses russh's channel capabilities with a custom async forwarding manager built on Tokio. Key architectural decisions include:

  • Async-first design for handling thousands of concurrent connections efficiently
  • Centralized ForwardingManager for lifecycle management and monitoring
  • Multiplexed channels over single SSH connections for resource efficiency
  • Automatic reconnection with exponential backoff for resilience
  • Graceful shutdown with proper resource cleanup on termination

Implementation Tasks

Phase 1: Foundation and Local Forwarding

  • Create port forwarding module structure (src/forwarding/mod.rs)
  • Implement forwarding specification parser for -L/-R/-D formats
  • Create ForwardingManager with lifecycle management
  • Implement local TCP listener with async accept loop
  • Add channel multiplexing support to SSH client wrapper
  • Create bidirectional data pump for channel I/O
  • Implement local port forwarding (-L) with error handling
  • Add connection retry logic with exponential backoff

Phase 2: Remote and Dynamic Forwarding

  • Implement SSH tcpip-forward request protocol
  • Handle forwarded-tcpip channel requests from server
  • Create remote port forwarding (-R) implementation
  • Implement SOCKS v4/v5 protocol parser
  • Create SOCKS server with authentication support
  • Implement dynamic port forwarding (-D) with SOCKS proxy
  • Add DNS resolution through remote connection

Phase 3: Multi-Host Support

  • Extend ForwardingManager for multi-host cluster mode
  • Implement forwarding persistence across reconnections
  • Add bandwidth throttling and rate limiting
  • Create forwarding status monitoring interface

Success Criteria

  • Local port forwarding works identically to OpenSSH -L
  • Remote port forwarding works identically to OpenSSH -R
  • Dynamic forwarding provides full SOCKS v5 compatibility
  • All forwarding types work in single-host and cluster modes
  • Performance within 10% of OpenSSH for throughput

Labels

enhancement, help wanted, ssh-compat

Metadata

Metadata

Assignees

Labels

priority:highHigh priority issuestatus:doneCompletedtype:enhancementNew feature or request

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions