Add options to force IP version for client DNS traffic

This commit is contained in:
Erik Ekman 2014-02-10 22:50:58 +01:00
parent b827a632ad
commit 619ede5da8
3 changed files with 24 additions and 8 deletions

12
README
View file

@ -104,11 +104,13 @@ end of the tunnel. In this case, ping 192.168.99.1 from the iodine client, and
MISC. INFO:
IPv6:
At the moment the iodined server only supports IPv4. The client can use
IPv4 or IPv6 nameservers to connect, and the relay nameservers will translate
between protocols automatically if needed. If the server hostname has an AAAA
record registered IPv6 mode will not work - in this case the client must be
configured with an IPv4 nameserver. The data inside the tunnel is IPv4 only.
At the moment the iodined server only supports IPv4. The data inside the tunnel
is IPv4 only.
The client can use IPv4 or IPv6 nameservers to connect to iodined. The relay
nameservers will translate between protocols automatically if needed. Use
options -4 or -6 to force the client to use a specific IP version for its DNS
queries.
Routing:
It is possible to route all traffic through the DNS tunnel. To do this, first

View file

@ -7,7 +7,7 @@ iodine, iodined \- tunnel IPv4 over DNS
.B iodine [-h]
.B iodine [-f] [-r] [-u
.B iodine [-4] [-6] [-f] [-r] [-u
.I user
.B ] [-P
.I password
@ -132,6 +132,12 @@ Apply SELinux 'context' after initialization.
Create 'pidfile' and write process id in it.
.SS Client Options:
.TP
.B -4
Force IPv4 DNS queries
.TP
.B -6
Force IPv6 DNS queries
.TP
.B -r
Skip raw UDP mode. If not used, iodine will try getting the public IP address
of the iodined host and test if it is reachable directly. If it is, traffic

View file

@ -137,6 +137,7 @@ main(int argc, char **argv)
int rtable = 0;
struct sockaddr_storage nameservaddr;
int nameservaddr_len;
int nameserv_family;
nameserv_host = NULL;
topdomain = NULL;
@ -159,6 +160,7 @@ main(int argc, char **argv)
lazymode = 1;
selecttimeout = 4;
hostname_maxlen = 0xFF;
nameserv_family = AF_UNSPEC;
#ifdef WINDOWS32
WSAStartup(req_version, &wsa_data);
@ -175,8 +177,14 @@ main(int argc, char **argv)
__progname++;
#endif
while ((choice = getopt(argc, argv, "vfhru:t:d:R:P:m:M:F:T:O:L:I:")) != -1) {
while ((choice = getopt(argc, argv, "46vfhru:t:d:R:P:m:M:F:T:O:L:I:")) != -1) {
switch(choice) {
case '4':
nameserv_family = AF_INET;
break;
case '6':
nameserv_family = AF_INET6;
break;
case 'v':
version();
/* NOTREACHED */
@ -279,7 +287,7 @@ main(int argc, char **argv)
}
if (nameserv_host) {
nameservaddr_len = get_addr(nameserv_host, DNS_PORT, AF_UNSPEC, 0, &nameservaddr);
nameservaddr_len = get_addr(nameserv_host, DNS_PORT, nameserv_family, 0, &nameservaddr);
if (nameservaddr_len < 0) {
errx(1, "Cannot lookup nameserver '%s': %s ",
nameserv_host, gai_strerror(nameservaddr_len));