From 7d6cac73d4f9a8ab537851f97b3591fe9f5208d7 Mon Sep 17 00:00:00 2001
From: Yves Rutschle <git1@rutschle.net>
Date: Sun, 30 Mar 2014 18:25:03 +0200
Subject: [PATCH] added transparent option to man page and help

---
 sslh-main.c | 5 +++--
 sslh.pod    | 9 ++++++++-
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/sslh-main.c b/sslh-main.c
index 907969f..31bd6c6 100644
--- a/sslh-main.c
+++ b/sslh-main.c
@@ -2,7 +2,7 @@
 # main: processing of config file, command line options and start the main
 # loop.
 #
-# Copyright (C) 2007-2012  Yves Rutschle
+# Copyright (C) 2007-2014  Yves Rutschle
 # 
 # This program is free software; you can redistribute it
 # and/or modify it under the terms of the GNU General Public
@@ -33,7 +33,7 @@
 const char* USAGE_STRING =
 "sslh " VERSION "\n" \
 "usage:\n" \
-"\tsslh  [-v] [-i] [-V] [-f] [-n] [-F <file>]\n"
+"\tsslh  [-v] [-i] [-V] [-f] [-n] [--transparent] [-F <file>]\n"
 "\t[-t <timeout>] [-P <pidfile>] -u <username> -p <add> [-p <addr> ...] \n" \
 "%s\n\n" /* Dynamically built list of builtin protocols */  \
 "\t[--on-timeout <addr>]\n" \
@@ -41,6 +41,7 @@ const char* USAGE_STRING =
 "-V: version\n" \
 "-f: foreground\n" \
 "-n: numeric output\n" \
+"--transparent: behave as a transparent proxy\n" \
 "-F: use configuration file\n" \
 "--on-timeout: connect to specified address upon timeout (default: ssh address)\n" \
 "-t: seconds to wait before connecting to --on-timeout address.\n" \
diff --git a/sslh.pod b/sslh.pod
index eb9f421..d8bab21 100644
--- a/sslh.pod
+++ b/sslh.pod
@@ -6,7 +6,7 @@
 
 =head1 SYNOPSIS
 
-sslh [B<-F> I<config file>] [ B<-t> I<num> ] [B<-p> I<listening address> [B<-p> I<listening address> ...] [B<--ssl> I<target address for SSL>] [B<--ssh> I<target address for SSH>] [B<--openvpn> I<target address for OpenVPN>] [B<--http> I<target address for HTTP>] [B<--anyprot> I<default target address>] [B<--on-timeout> I<protocol name>] [B<-u> I<username>] [B<-P> I<pidfile>] [-v] [-i] [-V] [-f] [-n]
+sslh [B<-F> I<config file>] [ B<-t> I<num> ] [B<--transparent>] [B<-p> I<listening address> [B<-p> I<listening address> ...] [B<--ssl> I<target address for SSL>] [B<--ssh> I<target address for SSH>] [B<--openvpn> I<target address for OpenVPN>] [B<--http> I<target address for HTTP>] [B<--anyprot> I<default target address>] [B<--on-timeout> I<protocol name>] [B<-u> I<username>] [B<-P> I<pidfile>] [-v] [-i] [-V] [-f] [-n]
 
 =head1 DESCRIPTION
 
@@ -86,6 +86,13 @@ protocol (which should usually be SSH). Default is 2s.
 Name of the protocol to connect to after the timeout period
 is over. Default is 'ssh'.
 
+=item B<--transparent>
+
+Makes B<sslh> behave as a transparent proxy, i.e. the
+receiving service sees the original client's IP address.
+This works on Linux only and involves B<iptables> settings.
+Refer to the README for more information.
+
 =item B<-p> I<listening address>, B<--listen> I<listening address>
 
 Interface and port on which to listen, e.g. I<foobar:443>,