Page 7 of 7 « First 56 7
Reply
Thread Tools
debernardis's Avatar
debernardis is offline debernardis
2007-08-30 , 08:20
Posts: 2,142 | Thanked: 2,054 times | Joined on Dec 2006 @ Sicily
#61
It works for me now . Thanks to those who helped.
The key issue was enabling ip masquerade - my ubuntu feisty box had not that by default. The simplest guide to do that was in http://www.ibiblio.org/pub/Linux/doc...ple-HOWTO.html.

No need for hacking routing tables on my wi-fi router.
Now I can invoke iodined server in a root terminal by doing

Code:
modprobe ipt_MASQUERADE
iptables -F; iptables -t nat -F; iptables -t mangle -F
iptables -t nat -A POSTROUTING -s 172.16.0.0/8 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
iodined -P my_password -m 220 172.16.0.1 my.tunnel.domain
Setting MTU to 220 was sadly being necessary for my settings.

The thing seems slow though. Since I don't have hotels or airports or other pay-per-connect wireless networks nearby, I have tested it using a gprs connection on my IT, so most likely it is going to be quicker when using the real thing.

Do I need it? No, because I have flat gprs. Did I enjoy troubleshooting? Yes a lot . Shall I use it on the road? Maybe (I'll try to post from jail, afterwards)
 
debernardis's Avatar
debernardis is offline debernardis
2007-09-18 , 08:53
Posts: 2,142 | Thanked: 2,054 times | Joined on Dec 2006 @ Sicily
#62
Attendng a congress, iodinizing the hotel's wi-fi cloud, all-right. Woha! And I feel no shame... must be my antisocial personality disorder.
 
R-R's Avatar
R-R is offline R-R
2007-10-30 , 06:01
Posts: 739 | Thanked: 242 times | Joined on Sep 2007 @ Montreal
#63
There is something i don't understand here... and it also applies to ssh tunnels (-w option).

How can you delete the default (from the real device!) route and hope that your tunnel device (be it br0, dns0, tun0, ppp0 or whatever) will be able to get it's traffic outside the local network without knowing where the gateway is?!

I'm missing something about IP networking here... anybody cares to enlighten me?

Originally Posted by asinus View Post
Today I successfully established a DNS tunnel with iodine. I tested it at different hotspots from two of the major wireless operators in Sweden. Both are using unencrypted networks with web login.

Here is my recipe (exchange mytunnel.mydomain.com with your subdomain):

Run iodined on your server:
Code:
iodined -f 10.9.0.1 mytunnel.mydomain.com
Choose a password.

Save this shell script on your tablet and run it as root. It will change the default gateway so all traffic is routed through the tunnel. Enter the password you chose above when asked:
Code:
#!/bin/sh

DOMAIN="mytunnel.mydomain.com"
IFACE="wlan0"

RESOLV="/tmp/resolv.conf"
GW=`route -n | tail -1 | cut -d ' ' -f 10`

for NS in `grep nameserver  $RESOLV.$IFACE | cut -d ' ' -f 2`
do
  echo route add $NS gw $GW $IFACE
  route add $NS gw $GW $IFACE
done

echo iodine $NS $DOMAIN
iodine $NS $DOMAIN
route del default
route add default gw 10.9.0.1 dns0
This script makes a few assumptions on the output of the route command but it has worked for me.

To stop the tunnel, run:
Code:
killall iodine
This will not restore the default gateway. Just reconnect to the network if you want it back.
 
Reply
Page 7 of 7 « First 56 7

« Previous Thread | Next Thread »
Thread Tools

 
Forum Jump


All times are GMT. The time now is 17:34.

Contact Us - Home - Archive - Top