diff --git a/README b/README index 0ef5614..53eded6 100644 --- a/README +++ b/README @@ -104,11 +104,13 @@ end of the tunnel. In this case, ping 192.168.99.1 from the iodine client, and MISC. INFO: IPv6: -At the moment the iodined server only supports IPv4. The client can use -IPv4 or IPv6 nameservers to connect, and the relay nameservers will translate -between protocols automatically if needed. If the server hostname has an AAAA -record registered IPv6 mode will not work - in this case the client must be -configured with an IPv4 nameserver. The data inside the tunnel is IPv4 only. +At the moment the iodined server only supports IPv4. The data inside the tunnel +is IPv4 only. + +The client can use IPv4 or IPv6 nameservers to connect to iodined. The relay +nameservers will translate between protocols automatically if needed. Use +options -4 or -6 to force the client to use a specific IP version for its DNS +queries. Routing: It is possible to route all traffic through the DNS tunnel. To do this, first diff --git a/man/iodine.8 b/man/iodine.8 index e3adcac..49ba7b7 100644 --- a/man/iodine.8 +++ b/man/iodine.8 @@ -7,7 +7,7 @@ iodine, iodined \- tunnel IPv4 over DNS .B iodine [-h] -.B iodine [-f] [-r] [-u +.B iodine [-4] [-6] [-f] [-r] [-u .I user .B ] [-P .I password @@ -132,6 +132,12 @@ Apply SELinux 'context' after initialization. Create 'pidfile' and write process id in it. .SS Client Options: .TP +.B -4 +Force IPv4 DNS queries +.TP +.B -6 +Force IPv6 DNS queries +.TP .B -r Skip raw UDP mode. If not used, iodine will try getting the public IP address of the iodined host and test if it is reachable directly. If it is, traffic diff --git a/src/iodine.c b/src/iodine.c index d1a3b18..f8e1e94 100644 --- a/src/iodine.c +++ b/src/iodine.c @@ -137,6 +137,7 @@ main(int argc, char **argv) int rtable = 0; struct sockaddr_storage nameservaddr; int nameservaddr_len; + int nameserv_family; nameserv_host = NULL; topdomain = NULL; @@ -159,6 +160,7 @@ main(int argc, char **argv) lazymode = 1; selecttimeout = 4; hostname_maxlen = 0xFF; + nameserv_family = AF_UNSPEC; #ifdef WINDOWS32 WSAStartup(req_version, &wsa_data); @@ -175,8 +177,14 @@ main(int argc, char **argv) __progname++; #endif - while ((choice = getopt(argc, argv, "vfhru:t:d:R:P:m:M:F:T:O:L:I:")) != -1) { + while ((choice = getopt(argc, argv, "46vfhru:t:d:R:P:m:M:F:T:O:L:I:")) != -1) { switch(choice) { + case '4': + nameserv_family = AF_INET; + break; + case '6': + nameserv_family = AF_INET6; + break; case 'v': version(); /* NOTREACHED */ @@ -279,7 +287,7 @@ main(int argc, char **argv) } if (nameserv_host) { - nameservaddr_len = get_addr(nameserv_host, DNS_PORT, AF_UNSPEC, 0, &nameservaddr); + nameservaddr_len = get_addr(nameserv_host, DNS_PORT, nameserv_family, 0, &nameservaddr); if (nameservaddr_len < 0) { errx(1, "Cannot lookup nameserver '%s': %s ", nameserv_host, gai_strerror(nameservaddr_len));