DNS Server Setup
- Get a domain name for your computer and set it to point to the IP address of your computer. You can use dyndns.org or no-ip.com to get one for free. If you have a dynamic IP, these services provide you with an application that updates the domain whenever the IP address changes. In the following, we assume that your computer is identified by mycomputer.dyndns.org.
- Get a domain name for the tunnel. Go to your registrar and create a domain (or a subdomain) for the tunnel. We assume that you created a subdomain mytunnel.mydomain.org. After you created it, point its NS entry to mycomputer.dyndns.org that you set up above. This means that all queries of the form asdfasdfasdwre.mytunnel.mydomain.org will be forwarded to your own computer, on which you run the DNS tunneling server.
- Download and install iodine from http://code.kryo.se/iodine/
tar xzvf iodine-0.7.0.tar.gz
- Launch the server
sudo ./bin/iodined -c -P my_password -d tap0 192.168.233.1/24 mytunnel.mydomain.org
- Setup the iptables
# Allow the DNS server to send and receive queries
$ sudo iptables -A INPUT -p udp -m multiport –dports 53 -i eth0 -j ACCEPT
$ sudo iptables -A OUTPUT -p udp -m multiport –dports 53 -o eth0 -j ACCEPT# Allow the connected clients to talk to the server machine
$ sudo iptables -A INPUT -i tap0 -j ACCEPT
$ sudo iptables -A OUTPUT -o tap0 -j ACCEPT# Forward Internet traffic
$ sudo iptables -A FORWARD -i tap0 -o eth0 -m state –state NEW,ESTABLISHED,RELATED -j ACCEPT
$ sudo iptables -A FORWARD -i eth0 -o tap0 -m state –state ESTABLISHED,RELATED -j ACCEPT
$ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
- Allow ip forward
echo 1 > /proc/sys/net/ipv4/ip_forward
- Install AndIodine
- Setup a connection with the password defined in server (my_password) in this case.
- Connected and done.