Whitelist for Connections to a PortForward

[Clement Tse <ct...@martellotech.com>]

I'm looking to add functionality to the Apache SSHD such that once a remote
port forward is created, every connection to the remote port (on the server)
is checked against a Whitelist to determine whether said connection is
allowed access.

For this feature, I am thinking of using one of two possible approaches:
1) Add a method 'allowIncomingConnectionToPortForward(IoSession,
ServerSession)' into the ForwardingFilter interface to be called when a
connection is being made to the port forward.
2) Update TcpipForwardSupport class to use a factory for Whitelist
objects.the TcpipForward class would then use the object from the factory to
filter the connections.

Is this a viable feature to include? Which of these solutions would better
suit the current Mina design? Are there other reasonable solutions that
should be considered?

Thanks,
Clement