pkgsrc

kpriv/pkgsrc

Fork 0

Commit graph

Author	SHA1	Message	Date
wiz	9257c54713	Update to 0.7.0, fixing a security issue. 2014-06-16: 0.7.0 "Kryoptonite" - Partial IPv6 support (#107) Client can connect to iodined through an relaying IPv6 nameserver. Server only supports IPv4 for now. Traffic inside tunnel is IPv4. - Add socket activation for systemd, by Michael Scherer. - Add automated lookup of external ip (via -n auto). - Bugfix for OS X (Can't assign requested address) - Fix DNS tunneling bug caused by uninitialized variable, #94 - Handle spaces when entering password interactively, fixes #93. Patch by Hagar. - Add -R option to set OpenBSD routing domain for the DNS socket. Patch by laurent at gouloum fr, fixes #95. - Add android patches and makefile, from Marcel Bokhorst, fixes #105. - Added missing break in iodine.c, by Pavel Pergamenshchik, #108. - A number of minor patches from Frank Denis, Gregor Herrmann and Barak A. Pearlmutter. - Testcase compilation fixes for OS X and FreeBSD - Do not let sockets be inherited by sub-processes, fixes #99. - Add unspecified RR type (called PRIVATE; id 65399, in private use range). For servers with RFC3597 support. Fixes #97. - Fix authentication bypass vulnerability; found by Oscar Reparaz.	2014-06-26 18:54:09 +00:00
wiz	d7abf1e85f	Import iodine-0.6.0rc1 as net/iodine, packaged for wip by Moritz Wilhelmy, Georg Schwarz and MJ Turner. iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed. It runs on Linux, Mac OS X, FreeBSD, NetBSD and OpenBSD and needs a TUN/TAP device. The bandwidth is assymetrical with limited upstream and up to 1 Mbit/s downstream. Compared to other DNS tunnel implementations, iodine offers: * Higher performance: iodine uses the NULL type that allows the downstream data to be sent without encoding. Each DNS reply can contain nearly a kilobyte of payload data. * Portability: iodine runs on many different UNIX-like systems. Tunnels can be set up between two hosts no matter their endianness or operating system. * Security: iodine uses challenge-response login secured by MD5 hash. It also filters out any packets not coming from the IP and port used when logging in. * Less setup: iodine handles setting IP number on interfaces automatically, and up to 8 users can share one server at the same time.	2012-12-12 13:19:06 +00:00

Author

SHA1

Message

Date

wiz

9257c54713

Update to 0.7.0, fixing a security issue.

2014-06-16: 0.7.0 "Kryoptonite"
	- Partial IPv6 support (#107)
	   Client can connect to iodined through an relaying IPv6
	   nameserver. Server only supports IPv4 for now.
	   Traffic inside tunnel is IPv4.
	- Add socket activation for systemd, by Michael Scherer.
	- Add automated lookup of external ip (via -n auto).
	- Bugfix for OS X (Can't assign requested address)
	- Fix DNS tunneling bug caused by uninitialized variable, #94
	- Handle spaces when entering password interactively, fixes #93.
		Patch by Hagar.
	- Add -R option to set OpenBSD routing domain for the DNS socket.
		Patch by laurent at gouloum fr, fixes #95.
	- Add android patches and makefile, from Marcel Bokhorst, fixes #105.
	- Added missing break in iodine.c, by Pavel Pergamenshchik, #108.
	- A number of minor patches from Frank Denis, Gregor Herrmann and
		Barak A. Pearlmutter.
	- Testcase compilation fixes for OS X and FreeBSD
	- Do not let sockets be inherited by sub-processes, fixes #99.
	- Add unspecified RR type (called PRIVATE; id 65399, in private use
		range). For servers with RFC3597 support. Fixes #97.
	- Fix authentication bypass vulnerability; found by Oscar Reparaz.

2014-06-26 18:54:09 +00:00

wiz

d7abf1e85f

Import iodine-0.6.0rc1 as net/iodine, packaged for wip by Moritz Wilhelmy,

Georg Schwarz and MJ Turner.

iodine lets you tunnel IPv4 data through a DNS server. This can be usable in
different situations where internet access is firewalled, but DNS queries are
allowed.

It runs on Linux, Mac OS X, FreeBSD, NetBSD and OpenBSD and needs a TUN/TAP
device. The bandwidth is assymetrical with limited upstream and up to 1 Mbit/s
downstream.

Compared to other DNS tunnel implementations, iodine offers:
 * Higher performance: iodine uses the NULL type that allows the downstream
   data to be sent without encoding. Each DNS reply can contain nearly a
   kilobyte of payload data.

 * Portability: iodine runs on many different UNIX-like systems. Tunnels can be
   set up between two hosts no matter their endianness or operating system.

 * Security: iodine uses challenge-response login secured by MD5 hash. It also
   filters out any packets not coming from the IP and port used when logging
   in.

 * Less setup: iodine handles setting IP number on interfaces automatically,
   and up to 8 users can share one server at the same time.

2012-12-12 13:19:06 +00:00

2 commits