NSTX 1.1 review
DownloadNSTX (the Nameserver Transfer Protocol) makes it possible to create IP tunnels using DNS queries and replies for IP packet encapsulat
|
|
NSTX (the Nameserver Transfer Protocol) makes it possible to create IP tunnels using DNS queries and replies for IP packet encapsulation where IP traffic other than DNS isn't possible.
You need to have the ethertap-dev up and running on both sides of the tunnel. Configure e.g. 192.168.0.1 on one ethertap and 192.168.0.2 on the other end. Then create a netroute for 192.168.0.0/24 through the ethertap (on both sides). Client and server both will know that the ethertap-sevice is /dev/tap0.
Then start the server on one end:
./nstxd tun.yomama.com
and the client on the other end:
./nstxcd tun.yomama.com 125.23.53.12
125.23.53.12 has to be a DNS-server which can be reached by the client-side. The server *must* run on a server where an NS-record for tun.yomama.com points to. So if the server has the IP 1.2.3.4 there must exist an entry in the zonefile of yomama.com: tun IN NS 1.2.3.4
What's New in This Release:
extensive const-poisoning;
removal of some of the unused functions;
switch from `LINUX' to `linux' -- a define provided by the compiler automaticly on Linux;
use of syslog(3) instead of printfs for debugging;
chroot-ing into a specified directory and setuid-ing to a specified uid after initialization (nstxd only for now, nstxcd should have this too) -- the daemons should, probably, refuse to run as root after initializing.
NSTX 1.1 keywords