carloss Posted January 13, 2010 Posted January 13, 2010 (edited) Im trying to get this working. I tried multiple tutorials in the web, the one from mubix aswell. And like that tutorial: LINK When i do this: /droute.pl -r DNS-Server-IP sshdns.passwort.tunnel.nobaq.net[/code] The client gives me signs that look like i have the wrong charset sellected. When i do: ssh -o ProxyCommand="./droute.pl sshdns.dtun.example.org" -N -D 9999 -C jdoe@localhost The client does nothing. Until i press ctrl C In both cases the server displayes: UDP connection from 217.237.149.139:28864 to 0.0.0.0 query 11433: (2176-56640.id-13401.down.dns.tunnel.domain.co.cc, IN, TXT) - 2176-56640.id-13401.down.dns.tunnel.domain.co.cc. 0 IN TXT "Hi: Wed Jan 13 05:09:23 UTC 2010" NOERROR ;; id = 11433 ;; qr = 1 opcode = QUERY aa = 1 tc = 0 rd = 0 ;; ra = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 1 nscount = 0 arcount = 0 Maximum reply length as advertosed in EDNS from 217.237.149.139:28864: 512 Writing response - done Waiting for connections... UDP connection from 217.237.149.139:50086 to 0.0.0.0 query 42994: (2193-15449.id-13401.down.dns.tunnel.domain.co.cc, IN, TXT) - 2193-15449.id-13401.down.dns.tunnel.domain.co.cc. 0 IN TXT "Hi: Wed Jan 13 05:09:23 UTC 2010" NOERROR ;; id = 42994 ;; qr = 1 opcode = QUERY aa = 1 tc = 0 rd = 0 ;; ra = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 1 nscount = 0 arcount = 0 Maximum reply length as advertosed in EDNS from 217.237.149.139:50086: 512 And the red Parts keep changing until i press ctrl C on my client. The IP: 217.237.149.139 is the DNS Server from my ISP. Ayone an idea?? Would be realy great! Sorry for my bad english! Edited April 27, 2010 by carloss Quote
Joe Schmoe Posted January 31, 2010 Posted January 31, 2010 check out the following links, this is much easier to configure. http://linux.die.net/man/8/iodine http://dev.kryo.se/iodine/ Quote
mubix Posted February 21, 2010 Posted February 21, 2010 check out the following links, this is much easier to configure. http://linux.die.net/man/8/iodine http://dev.kryo.se/iodine/ How's your experience been with Iodine? I've found Ozyman a bit more stable, but ya, definitely Iodine is easier. Quote
Skinner Posted February 22, 2010 Posted February 22, 2010 I've had the ozyman-mod working but it is SLOOOWW (like 0.5k/sec). I know that ppl have said it would be slow but is that normal? I get timeouts with it all the time , esp with sites containing dynamic content. Tried from a couple of hotels and my own links which are quite fast so it's not line speed. Because it's a cname I suppose the parent dns (godaddy) could be rate limiting queries I suppose. Sk Quote
Oni Posted April 18, 2010 Posted April 18, 2010 I've been having a lot of trouble with this and I can't see why it wont work, save for some outside intervention.\\ Ive setup on my external Nameserver running box: subethanet.mydomain.com NS -> mydomain.dyndns.org Now, I can see this is working fine as I run wireshark on mydomain.dyndns.org and I can see all the DNS requests arriving on port 53 for subethanet.mydomain.com. So you'd think that'd be it? Sadly, I cant seem to do anything with these requests. I've tried both Ozymandns and the dnstunneld script (the updated Ozymandns) and I have little luck. Neither seem to do anything with the packets. I did try dnsspoof and that at least heard the requests (it printed the A requests I was sending from the 'host' lookup i was doing) but it wouldnt send replies either. So im a little stumped. I can see that port 53 is open as i've nmap'd from another server outside my home network and that seems good too. Totally stumped :S Quote
Oni Posted April 24, 2010 Posted April 24, 2010 (edited) Ok, so heres the setup I have that doesn't quite seem to work DNS Setup on mydomain.com Name Server Subdomain myserver.dyndns.com dnstunnel.mydomain.com on my box at home: myserver.dyndns.com settings DNSHOST="dnstunnel.mydomain.com" # change this to your DNS name REPLYIP="127.0.0.1" # what to answer on real DNS requests OPTIONS="" # give additional options here DNSTUNNELD="/opt/dnstunnel/dnstunneld" # the server script /etc/init.d/dnstunneld start On the client box ssh -C -o ProxyCommand="dnstunnelc -v sshdns.dnstunnel.mydomain.com" root@localhost Resolving through: Up: 192.168.1.254 Down: 192.168.1.254 ssh -D 8000 -N -C -o ProxyCommand="dnstunnelc sshdns.dnstunnel.mydomain.com" root@localhost (this command just sits there... probably doing it's proxy thing) I then setup firefox to do its test thing I should point out my server is behind my NAT which has 53 open on the access box Back on the Server So the packets are arriving but they simply arent being forwarded properly and there is no return. Im following the instructions given at http://www.splitbrain.org/blog/2008-11/02-...ing_made_simple Edited April 24, 2010 by Oni Quote
Oni Posted April 26, 2010 Posted April 26, 2010 Should point out that it appears that dnstunneld is bound to *.*:53 according to netstat on my little server box so clearly the resolution is working. host mytunnel.mydomain.com doesnt return anything and times out but the packets still arrive so dnstunneld isn't doing basic DNS replies either. Something must be wrong with the way i've setup dnstunneld Quote
C-S-B Posted May 1, 2010 Posted May 1, 2010 How's your experience been with Iodine? I've found Ozyman a bit more stable, but ya, definitely Iodine is easier. I run Iodine on my WRT54g and have successfully tunnelled from netbook and N900. I had to set a lower mtu to get an ssh connection. Not had any trouble yet but I don't use it all that frequently with HSPDA access being much faster. Quote
Oni Posted May 17, 2010 Posted May 17, 2010 I think I might have cracked it.... moblock! I was running moblock and never released it was blocking my linode as it tends to be silent or at least, silentish. I really REALLY need to get a cool app to do logging. With moblock off I can at least get DNS to reply and play nice. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.