Detecting SSH tunnels on a linux firewall

Dave Long long.dave at
Wed Jan 10 10:47:37 MST 2007

On 1/10/07, Matthew Walker <rorith at> wrote:
> On Wed, January 10, 2007 10:15 am, Kyle Robinson wrote:
> >
> > Force the HTTP traffic into a transparent proxy.
> >
> Won't work. I can use Putty to create an SSH tunnel to a server I control
> running Squid, and direct my local browser to use the localhost port as
> proxy. This routes the entire request through the SSH tunnel to the remote
> Squid server, which then handles the request from there.
> There is no way to stop this short of forbidding SSH connections to
> external servers.

This situation where the user is ssh'ing to an outside box (from
inside the network) to a box presumably with squid is what I am trying
to determine.  I do not want to be an evil admin and block all ssh

Dave Long
long.dave at

More information about the PLUG mailing list