mirror of
https://github.com/yarrick/iodine.git
synced 2025-01-12 02:49:30 +00:00
Updated README with IPv6 details and fixed a bug with IPV6 only
enabled on one end of the tunnelx
This commit is contained in:
parent
846082f13e
commit
ab7e5b8656
10
README.md
10
README.md
|
@ -123,7 +123,7 @@ end of the tunnel. In this case, `ping 192.168.99.1` from the iodine client, and
|
||||||
### MISC. INFO
|
### MISC. INFO
|
||||||
|
|
||||||
#### IPv6
|
#### IPv6
|
||||||
The data inside the tunnel is IPv4 only.
|
The data inside the tunnel may be IPv4 or IPv6.
|
||||||
|
|
||||||
The server listens to both IPv4 and IPv6 for incoming requests by default.
|
The server listens to both IPv4 and IPv6 for incoming requests by default.
|
||||||
Use options `-4` or `-6` to only listen on one protocol. Raw mode will be
|
Use options `-4` or `-6` to only listen on one protocol. Raw mode will be
|
||||||
|
@ -141,6 +141,14 @@ to your DNS setup. Extending the example above would look like this:
|
||||||
t1ns IN A 10.15.213.99
|
t1ns IN A 10.15.213.99
|
||||||
t1ns IN AAAA 2001:db8::1001:99
|
t1ns IN AAAA 2001:db8::1001:99
|
||||||
|
|
||||||
|
On the server, specify -S followed by an IPv6 address that will be the server end
|
||||||
|
of the IPv6 pool to allocate to clients. The server only supports a /64 subnet
|
||||||
|
mask, which is assumed and can be omitted. The first 64 bits are the network from
|
||||||
|
which IPv6 addresses are allocated from.
|
||||||
|
|
||||||
|
The client will automatically check for IPv6 capability on the server and
|
||||||
|
assign the allocated address to its tunnel interface. No flags are needed.
|
||||||
|
|
||||||
#### Routing
|
#### Routing
|
||||||
It is possible to route all traffic through the DNS tunnel. To do this, first
|
It is possible to route all traffic through the DNS tunnel. To do this, first
|
||||||
add a host route to the nameserver used by iodine over the wired/wireless
|
add a host route to the nameserver used by iodine over the wired/wireless
|
||||||
|
|
|
@ -2440,11 +2440,12 @@ int
|
||||||
handshake_check_v6(int dns_fd)
|
handshake_check_v6(int dns_fd)
|
||||||
{
|
{
|
||||||
char in[4096];
|
char in[4096];
|
||||||
char server6[1024];
|
char server6[INET6_ADDRSTRLEN];
|
||||||
char client6[1024];
|
char client6[INET6_ADDRSTRLEN];
|
||||||
int i;
|
int i;
|
||||||
int read;
|
int read;
|
||||||
int netmask6 = 0;
|
int netmask6 = 0;
|
||||||
|
int length_recieved;
|
||||||
|
|
||||||
fprintf(stderr, "Autoprobing server IPV6 tunnel support\n");
|
fprintf(stderr, "Autoprobing server IPV6 tunnel support\n");
|
||||||
|
|
||||||
|
@ -2468,10 +2469,13 @@ handshake_check_v6(int dns_fd)
|
||||||
fprintf(stderr, "Server tunnel IPv6 is %s\n", server6);
|
fprintf(stderr, "Server tunnel IPv6 is %s\n", server6);
|
||||||
fprintf(stderr, "Local tunnel IPv6 is %s\n", client6);
|
fprintf(stderr, "Local tunnel IPv6 is %s\n", client6);
|
||||||
|
|
||||||
|
length_recieved = strlen(client6);
|
||||||
|
if (length_recieved > 2) {
|
||||||
if (tun_setip6(client6, server6, netmask6) == 0) {
|
if (tun_setip6(client6, server6, netmask6) == 0) {
|
||||||
|
|
||||||
use_v6 = true;
|
use_v6 = true;
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
errx(4, "Failed to set IPv6 tunnel address");
|
errx(4, "Failed to set IPv6 tunnel address");
|
||||||
}
|
}
|
||||||
|
@ -2479,6 +2483,7 @@ handshake_check_v6(int dns_fd)
|
||||||
fprintf(stderr, "Received bad IPv6 tunnel handshake\n");
|
fprintf(stderr, "Received bad IPv6 tunnel handshake\n");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
fprintf(stderr, "Retrying IPv6 tunnel handshake...\n");
|
fprintf(stderr, "Retrying IPv6 tunnel handshake...\n");
|
||||||
}
|
}
|
||||||
|
|
|
@ -90,8 +90,8 @@ static int my_mtu;
|
||||||
static in_addr_t my_ip;
|
static in_addr_t my_ip;
|
||||||
|
|
||||||
char display_ip6[INET6_ADDRSTRLEN];
|
char display_ip6[INET6_ADDRSTRLEN];
|
||||||
char *display_ip6_buffer;
|
char *display_ip6_buffer = NULL;
|
||||||
char *ip6_netmask_buffer;
|
char *ip6_netmask_buffer = NULL;
|
||||||
|
|
||||||
static struct in6_addr my_ip6;
|
static struct in6_addr my_ip6;
|
||||||
static int netmask;
|
static int netmask;
|
||||||
|
@ -2590,8 +2590,11 @@ main(int argc, char **argv)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if (display_ip6_buffer != NULL) {
|
||||||
|
|
||||||
ip6_netmask_buffer = strchr(display_ip6_buffer, '/');
|
ip6_netmask_buffer = strchr(display_ip6_buffer, '/');
|
||||||
if (ip6_netmask_buffer) {
|
|
||||||
|
if (ip6_netmask_buffer != NULL) {
|
||||||
if (atoi(ip6_netmask_buffer+1) != ip6_netmask) {
|
if (atoi(ip6_netmask_buffer+1) != ip6_netmask) {
|
||||||
warnx("IPv6 address must be a 64-bit mask.");
|
warnx("IPv6 address must be a 64-bit mask.");
|
||||||
usage();
|
usage();
|
||||||
|
@ -2606,6 +2609,7 @@ main(int argc, char **argv)
|
||||||
warnx("Bad IPv6 address to use inside tunnel.");
|
warnx("Bad IPv6 address to use inside tunnel.");
|
||||||
usage();
|
usage();
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
topdomain = strdup(argv[1]);
|
topdomain = strdup(argv[1]);
|
||||||
if (check_topdomain(topdomain, 1, &errormsg)) {
|
if (check_topdomain(topdomain, 1, &errormsg)) {
|
||||||
|
@ -2753,10 +2757,11 @@ main(int argc, char **argv)
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (display_ip6_buffer != NULL) {
|
||||||
if (tun_setip6(display_ip6, display_other_ip6, ip6_netmask) != 0 ) {
|
if (tun_setip6(display_ip6, display_other_ip6, ip6_netmask) != 0 ) {
|
||||||
retval = 1;
|
retval = 1;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((mtu < 1280) && (sizeof(display_ip6)) != 0) {
|
if ((mtu < 1280) && (sizeof(display_ip6)) != 0) {
|
||||||
|
|
Loading…
Reference in a new issue