Iodine (dns tunnel) on your Mac (to escape those evil firewalls)
Here’s a short how-to to get the iodine dns tunnel working on your Mac.
In this short howto, I’ll assume you’ll be using a linux server to act as your gateway to the world. I’ll also assume you’ve read the iodine documentation and setup your DNS accordingly. For my example, I’ll be using a (nonexistant) DynDNS.org static DNS entry, iodine.rulestheworld.tld. I’ll also assume that you’ll be using a public internet address of 1.2.3.4, and a private subnet of 10.0.0.1.
- Install the tun/tap driver for Mac OS X. Easy as doing *click* *click* done! :p
- Next, install iodine on your Mac. Easy as download, extract, and typing
make; make install
-
Now, install iodine on your linux box. It’s included in the package repositories of the usual suspects, for instance debian:
apt-get install iodine
. Start it (or configure it to use) with:
iodined -P <password> <unused private IP> <dns name>
or in our example:
iodined -P mypass 10.0.0.1 iodine.rulestheworld.tld
This should return the following:
> Opened dns0 > Setting IP of dns0 to 10.0.0.1 > Setting MTU of dns0 to 1024 > Opened UDP socket > Listening to dns for domain iodine.rulestheworld.tld
- Configure your linux box for IP forwarding:
sysctl -e net.ipv4.ip_forward=1
(and add this to your/etc/sysctl.conf
file), and configuring your firewall (iptables) for masquerading:
iptables -t nat -A POSTROUTING -s 10.0.0.0/255.255.255.0 -o eth0 -j MASQUERADE
- Next, download NStun.sh, a very handy script that does all the hard work of changing the routes and so on :p
You’ll want to change the script: change the first lines as the script reads, and lower, change the
NS=\`grep nameserver /etc/resolv.conf|head -1|awk '{print $2}'\`
line to read
NS="62.213.207.197"
Now, start NStun.sh
on your Mac, and surf away! (well, slowly, but freely, atleast!)
Comments