iodine enables tunneling of IPv4 data through DNS servers to bypass firewalls that block internet access but allow DNS queries.
Official git repo for iodine dns tunnel
This tool is primarily used to establish network tunnels in restrictive environments where conventional internet traffic is blocked but DNS traffic is permitted. Network administrators, security researchers, or users in censored or firewalled networks can use iodine to maintain connectivity by encapsulating IPv4 traffic within DNS queries.
Both server and client must run the exact same iodine version due to protocol compatibility requirements. Running iodine alongside existing DNS servers requires careful configuration and is not recommended for production due to incomplete DNS forwarding transparency. Using a dynamic DNS provider is supported for servers with dynamic IP addresses. Password protection is recommended for securing tunnels.
Ensure relevant header files for SELinux and systemd are present in /usr/include for optional features
Run `make` to compile server and client binaries
Run `make install` to copy binaries and manpages to the destination directory
Run `make test` to compile and execute unit tests (requires the check library)./iodined -f 10.0.0.1 test.com
Start the iodine server in the foreground with tunnel IP 10.0.0.1 and domain test.com
./iodine -f -r 192.168.0.1 test.com
Start the iodine client in the foreground, connecting to server at 192.168.0.1 using domain test.com
./iodined -f -b ...
Run iodine server with DNS forwarding enabled (used when another DNS server is running on the machine)
Add NS and A records to DNS zone file
Delegate a subdomain to the iodine server by adding NS and A records in the DNS zone file