iodine
iodine
erlaubt es, IPv4 Daten über DNS zu tunneln. Eine hilfreiche Sache, wenn
man z.B. hinter einer restriktiven Firewall sitzt - da DNS Traffic in
den seltensten Fällen geblockt wird
See package dns2tcp for signing up with FreeDNS and some other details.
Put this in your rc.custom (there is no WebIF):
mkdir /tmp/iodine
chown nobody /tmp/iodine
iodined -c -P <password> -u nobody -t /tmp/iodine 10.0.0.1 -p 10053 dns2tcp.strangled.net
(assuming user nobody exists)
The trunk version of Freetz has an iodine WebIF now (changeset [#6657]; thanks oliver!)
Create a tunnel from the client like this:
sudo ./bin/iodine -f -P <password> dns2tcp.strangled.net
To connect to [Polipo?]:
ssh [email protected] -L 8123:localhost:8123
The advantages over dns2tcp are:
- There is an iodine Windows client available
- It is possible to run iodine on Android
- Traffic can easily be route through the tunnel
Building iodine for Android.
Install iptables and add these rules to allow only traffic to the internet and not your local net:
iptables -I OUTPUT -o dns0 -s 192.168.178.0/24 -j DROP
iptables -I INPUT -i dns0 -d 192.168.178.0/24 -j DROP
iptables -A FORWARD -i dns0 -o dsl -j ACCEPT
iptables -A FORWARD -i dns0 -j DROP
Of course you can always allow specific traffic from tunnel to your local net, for example to a SSH server by using something like:
iptables -I INPUT -i dns0 -p tcp --dport 22 -j ACCEPT
iodine can forward DNS requests for unknown (sub)domains to a real DNS-server on another port with this switch:
-b 5353