iodine erlaubt es, IPv4 Daten über DNS zu tunneln. Eine hilfreiche Sache, wenn man z.B. hinter einer restriktiven Firewall sitzt - da DNS Traffic in den seltensten Fällen geblockt wird ;)

Using with FreeDNS

See package dns2tcp for signing up with FreeDNS and some other details.

Put this in your rc.custom (there is no WebIF):

mkdir /tmp/iodine
chown nobody /tmp/iodine 
iodined -c -P <password> -u nobody -t /tmp/iodine -p 10053

(assuming user nobody exists)

The trunk version of Freetz has an iodine WebIF now (changeset #6657; thanks oliver!)

Create a tunnel from the client like this:

sudo ./bin/iodine -f -P <password>

To connect to Polipo?:

ssh root@ -L 8123:localhost:8123

The advantages over dns2tcp are:

  • There is an iodine Windows client available
  • It is possible to run iodine on Android
  • Traffic can easily be route through the tunnel

Building iodine for Android.


Install iptables and add these rules to allow only traffic to the internet and not your local net:

iptables -I OUTPUT -o dns0 -s -j DROP
iptables -I INPUT -i dns0 -d -j DROP
iptables -A FORWARD -i dns0 -o dsl -j ACCEPT
iptables -A FORWARD -i dns0 -j DROP

Of course you can always allow specific traffic from tunnel to your local net, for example to a SSH server by using something like:

iptables -I INPUT -i dns0 -p tcp --dport 22 -j ACCEPT


iodine can forward DNS requests for unknown (sub)domains to a real DNS-server on another port with this switch:

-b 5353
zuletzt geändert vor 5 Jahren Zuletzt geändert am 30.03.2011 18:53:56