DNS Tunnel aufbauen

Download der Software iodine

http://code.kryo.se/iodine/
wget http://code.kryo.se/iodine/iodine-0.7.0.tar.gz
apt-get install zlib1g-dev
tar -xzvf iodine-0.7.0.tar.gz
make

Serverseite

./iodined -f -c -P test 192.168.99.1 t1.test.domain
Opened dns0
Setting IP of dns0 to 192.168.99.1
Setting MTU of dns0 to 1130
Opened IPv4 UDP socket
Listening to dns for domain t1.test.domain

Clientseite

C:\iodine-0.7.0-windows\32bit>iodine.exe -f -P test t1.test.domain
Opening device LAN-Verbindung 2
Opened IPv4 UDP socket
Opened IPv4 UDP socket
Sending DNS queries for t1.test.domain to 127.0.0.1
Autodetecting DNS query type (use -T to override).Opened IPv4 UDP socket

Using DNS type NULL queries
Version ok, both using protocol v 0x00000502. You are user #0
Enabling interface ‚LAN-Verbindung 2‘
Setting IP of interface ‚LAN-Verbindung 2‘ to 192.168.99.2 (can take a few secon
ds)…

Server tunnel IP is 192.168.99.1
Testing raw UDP data to the server (skip with -r)
Server is at 1.2.3.4, trying raw login: OK
Sending raw traffic directly to 1.2.3.4
Connection setup complete, transmitting data.

Anmerkung zu Windows 7

Hier konnte der Tunnel erst aufgebaut werden, als die Netzwerkverbindung „LAN-Verbindung 2“ umbenannt wurde.

Im konkreten Fall habe ich die Verbindung nur „dns“ genannt.

C:\iodine-0.7.0-windows\32bit>iodine.exe -f -P test t1.test.domain
Opening device dns
Opened IPv4 UDP socket
Opened IPv4 UDP socket
Opened IPv4 UDP socket
Sending DNS queries for t1.test.domain to 127.0.0.1
Autodetecting DNS query type (use -T to override).
Using DNS type NULL queries
Version ok, both using protocol v 0x00000502. You are user #1
Enabling interface ‚dns‘
Setting IP of interface ‚dns‘ to 192.168.99.3 (can take a few seconds)…

Server tunnel IP is 192.168.99.1
Testing raw UDP data to the server (skip with -r)
Server is at 1.2.3.4, trying raw login: ….failed
Using EDNS0 extension
Switching upstream to codec Base64
Server switched upstream to codec Base64
No alternative downstream codec available, using default (Raw)
Switching to lazy mode for low-latency
Server switched to lazy mode
Autoprobing max downstream fragment size… (skip with -m fragsize)
768 ok.. 1152 ok.. …1344 not ok.. …1248 not ok.. …1200 not ok.. 1176 ok.. 1188 ok.. will use 1188-2=1186
Setting downstream fragment size to max 1186…
Connection setup complete, transmitting data.
Got SERVFAIL as reply: server failed or recursion timeout
Hmm, that’s 2619924. Your data should still go through…
Got SERVFAIL as reply: server failed or recursion timeout
Hmm, that’s 2619924. Your data should still go through…
Got SERVFAIL as reply: server failed or recursion timeout
Hmm, that’s 2619924. Your data should still go through…
Got SERVFAIL as reply: server failed or recursion timeout
Hmm, that’s 2619924. Your data should still go through…
Got SERVFAIL as reply: server failed or recursion timeout
I think 2619924 is too many. Setting interval to 1 to hopefully reduce SERVFAILs. But just ignore them if data still comes through
. (Use -I1 next time on this network.)

Schreibe einen Kommentar