Wow, this is fantastic, thanks! I was looking for something like this a while ago and the closest I could find was transocks, which is Linux-only, not overly stable, not actively maintained, and TCP-only.

sshuttle is currently TCP-only i remember seeing some people discussing about UDP, and DNS forwarding on top of sshuttle but it hasn't gotten very far.

How can something like this work without admin access? Mucking around with network routing using requires root, doesn't it?

It require root access on the client, on the server it only needs ssh and python >= 2.3

Thanks - that's awesome. Pandora is back.

Nice piece of code - tons of interesting possibilities there.

I wish this would automatically omit locally attached networks -although easy enough to do from the command line.

What does this do that ssh -Dport user@host does not?

Forward transparently your traffic using iptables. So, if you use sshuttle on your gateway all the tcps connections to the specified subnets are forwarded using ssh for the gateway and all the machines using that gateway.

You can do this

# sshuttle -v -r user@host:443 10.0.0.0/8 # ssh user@10.0.0.138

Connections to 10.0.0.0/8 goes through ssh automatically.