From 6937695b52c0f5ffa80ed99be1ec5fa4856c03a5 Mon Sep 17 00:00:00 2001
From: Ryo Ota <nwtgck@nwtgck.org>
Date: Fri, 11 Aug 2023 11:44:23 +0900
Subject: [PATCH] docs: --allow-streamlocal-forward

---
 README.md | 38 ++++++++++++++++++++------------------
 1 file changed, 20 insertions(+), 18 deletions(-)

diff --git a/README.md b/README.md
index 6e47a8c..a648d72 100644
--- a/README.md
+++ b/README.md
@@ -46,24 +46,25 @@ There are several permissions:
 * --allow-direct-tcpip
 * --allow-execute
 * --allow-sftp
+* --allow-streamlocal-forward
 * --allow-tcpip-forward
 
 **All permissions are allowed when nothing is specified.** The log shows "allowed: " and "NOT allowed: " permissions as follows:
 
 ```console
 $ handy-sshd --user "john:"
-2023/08/11 09:42:05 INFO listening on :2222...
-2023/08/11 09:42:05 INFO allowed: "tcpip-forward", "direct-tcpip", "execute", "sftp", "direct-streamlocal"
-2023/08/11 09:42:05 INFO NOT allowed: none
+2023/08/11 11:40:44 INFO listening on :2222...
+2023/08/11 11:40:44 INFO allowed: "tcpip-forward", "direct-tcpip", "execute", "sftp", "streamlocal-forward", "direct-streamlocal"
+2023/08/11 11:40:44 INFO NOT allowed: none
 ```
 
 For example, specifying `--allow-direct-tcpip` and `--allow-execute` allows only them:
 
 ```console
 $ handy-sshd --user "john:" --allow-direct-tcpip --allow-execute
-2023/08/11 09:38:58 INFO listening on :2222...
-2023/08/11 09:38:58 INFO allowed: "direct-tcpip", "execute"
-2023/08/11 09:38:58 INFO NOT allowed: "tcpip-forward", "sftp", "direct-streamlocal"
+2023/08/11 11:41:03 INFO listening on :2222...
+2023/08/11 11:41:03 INFO allowed: "direct-tcpip", "execute"
+2023/08/11 11:41:03 INFO NOT allowed: "tcpip-forward", "sftp", "streamlocal-forward", "direct-streamlocal"
 ```
 
 ## --help
@@ -75,16 +76,17 @@ Usage:
   handy-sshd [flags]
 
 Flags:
-      --allow-direct-streamlocal   client can use Unix domain socket local forwarding
-      --allow-direct-tcpip         client can use local forwarding and SOCKS proxy
-      --allow-execute              client can use shell/interactive shell
-      --allow-sftp                 client can use SFTP and SSHFS
-      --allow-tcpip-forward        client can use remote forwarding
-  -h, --help                       help for handy-sshd
-      --host string                SSH server host (e.g. 127.0.0.1)
-  -p, --port uint16                SSH server port (default 2222)
-      --shell string               Shell
-      --unix-socket string         Unix domain socket
-      --user stringArray           SSH user name (e.g. "john:mypassword")
-  -v, --version                    show version
+      --allow-direct-streamlocal    client can use Unix domain socket local forwarding
+      --allow-direct-tcpip          client can use local forwarding and SOCKS proxy
+      --allow-execute               client can use shell/interactive shell
+      --allow-sftp                  client can use SFTP and SSHFS
+      --allow-streamlocal-forward   client can use Unix domain socket remote forwarding
+      --allow-tcpip-forward         client can use remote forwarding
+  -h, --help                        help for handy-sshd
+      --host string                 SSH server host (e.g. 127.0.0.1)
+  -p, --port uint16                 SSH server port (default 2222)
+      --shell string                Shell
+      --unix-socket string          Unix domain socket
+      --user stringArray            SSH user name (e.g. "john:mypassword")
+  -v, --version                     show version
 ```