--- a/tcp-accept.c	Wed Nov 30 10:11:24 2005 +0000
+++ b/tcp-accept.c	Sun Dec 04 16:13:11 2005 +0000
@@ -39,6 +39,7 @@
 	struct TCPListener *tcpinfo = (struct TCPListener*)(listener->typedata);
 
 	m_free(tcpinfo->sendaddr);
+	m_free(tcpinfo->listenaddr);
 	m_free(tcpinfo);
 }
 
@@ -65,10 +66,14 @@
 
 	if (send_msg_channel_open_init(fd, tcpinfo->chantype) == DROPBEAR_SUCCESS) {
 
-		buf_putstring(ses.writepayload, tcpinfo->sendaddr, 
-				strlen(tcpinfo->sendaddr));
-		buf_putint(ses.writepayload, tcpinfo->sendport);
+		// address that was connected
+		buf_putstring(ses.writepayload, tcpinfo->listenaddr, 
+				strlen(tcpinfo->listenaddr));
+		// port that was connected
+		buf_putint(ses.writepayload, tcpinfo->listenport);
+		// originator ip
 		buf_putstring(ses.writepayload, ipstring, strlen(ipstring));
+		// originator port
 		buf_putint(ses.writepayload, atol(portstring));
 
 		encrypt_packet();
@@ -86,16 +91,21 @@
 	struct Listener *listener = NULL;
 	int nsocks;
 	char* errstring = NULL;
+	// listen_spec = NULL indicates localhost
+	const char* listen_spec = NULL;
 
 	TRACE(("enter listen_tcpfwd"))
 
 	/* first we try to bind, so don't need to do so much cleanup on failure */
 	snprintf(portstring, sizeof(portstring), "%d", tcpinfo->listenport);
 
-	/* XXX Note: we're just listening on localhost, no matter what they tell
-	 * us. If someone wants to make it listen otherways, then change
-	 * the "" argument. but that requires UI changes too */
-	nsocks = dropbear_listen("", portstring, socks, 
+	/* a listenaddr of "" will indicate all interfaces */
+	if (opts.listen_fwd_all 
+			&& (strcmp(tcpinfo->listenaddr, "localhost") != 0) ) {
+		listen_spec = tcpinfo->listenaddr;
+	}
+
+	nsocks = dropbear_listen(listen_spec, portstring, socks, 
 			DROPBEAR_MAX_SOCKS, &errstring, &ses.maxfd);
 	if (nsocks < 0) {
 		dropbear_log(LOG_INFO, "TCP forward failed: %s", errstring);