#!/bin/bash set -e # This is client side, with: # apt install iodine redsocks # systemctl disable redsocks # # For the server side: # apt install iodine # cat /etc/default/iodine # START_IODINED="true" # IODINED_ARGS="192.168.99.1 ipodns.example.com" # IODINED_PASSWORD="changeme" IODINE_PWD=changeme IODINE_PUBLIC_ADDR=ipodns.example.com IODINE_PRIVATE_ADDR=192.168.99.1 SSH_USER=$USER function reverse() { trap - EXIT ERR INT set +e sudo iptables -t nat -D OUTPUT -p tcp -j REDSOCKS sudo iptables -t nat -F REDSOCKS sudo iptables -t nat -X REDSOCKS [ -z "$PID_SSH" ] || sudo kill -9 $PID_SSH &> /dev/null [ -z "$PID_IODINE" ] || sudo kill -9 $PID_IODINE &> /dev/null sudo systemctl stop redsocks exit 0 } trap reverse EXIT ERR INT sudo iptables -t nat -N REDSOCKS sudo iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN sudo iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN sudo iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN sudo iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN sudo iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN sudo iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN sudo iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN sudo iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN sudo iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN sudo iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345 sudo iptables -t nat -A OUTPUT -p tcp -j REDSOCKS sudo systemctl start redsocks sudo iodine -I 50 -f -P "${IODINE_PWD}" "${IODINE_PUBLIC_ADDR}" &> /tmp/ipodns_iodine.log & PID_IODINE=$! echo Waiting for dns0... while ! ip link show dns0 &> /dev/null; do sleep 1; done echo '=> dns0 ready' ssh -ND 1080 "${SSH_USER}@${IODINE_PRIVATE_ADDR}" &> /tmp/ipodns_ssh.log & PID_SSH=$! echo Waiting for SOCKS... while ! netstat -4nl | grep -q :1080; do sleep 1; done echo '=> SOCKS ready' # IPv6: https://github.com/darkk/redsocks/issues/89 cat <