Anyone use Iodine?

amrogers3

Gawd
Joined
Nov 7, 2010
Messages
641
I am trying to configure Iodine and having couple issues. Server is set up as

iodined -c -f 10.0.0.54 -P password test.com

HTML:
Opened dns2
Setting IP of dns2 to 10.0.0.54
Setting MTU of dns2 to 1130
Opened UDP socket
Listening to dns for domain test.com

Client is set up as

iodine -f -I0 -m 1130 -P password test.com

When I connect, I get this....

Using DNS type NULL queries
Version ok, both using protocol v 0x00000502. You are user #0
Retrying login...
Retrying login...
Enabling interface 'Local Area Connection 2'
Setting IP of interface 'Local Area Connection 2' to 10.0.0.33 (can take a few s
econds)...

Server tunnel IP is 10.0.0.54
Testing raw UDP data to the server (skip with -r).
Server is at 10.0.1.19, trying raw login: ....failed
Retrying EDNS0 support test...
Using EDNS0 extension
Retrying upstream codec test...
Retrying upstream codec test...
Retrying upstream codec test...
Switching upstream to codec Base128
Server switched upstream to codec Base128
No alternative downstream codec available, using default (Raw)
Switching to lazy mode for low-latency
Server switched to lazy mode
Setting downstream fragment size to max 1130...
Connection setup complete, transmitting data.

I try to ping 10.0.0.54 with no success. Also, trying raw login fails. I did some research and can't find a solution. Any help would be appreciated.


.
 
Last edited:
Been a while since I used iodine - I'd sniff traffic at both ends to verify packets are actually arriving at their destination.

It looks like you're testing locally - i.e. not using an authoritative name server to grab all requests to that domain.

Looking at the man page (http://linux.die.net/man/8/iodine), I don't think your client command is right. Breaking it down:
-f = run in foreground
-I0 = what? do you mean "-I 0"?
-m 1130 = shouldn't be needed, 1130 is default mtu
-P password = self explanatory
test.com = self explanatory

I don't see a nameserver declaration. Try:
iodine -f -P password <ip_of_server> test.com

I'd really sniff the the traffic though. You could just use dig or nslookup to send a query to the server, sniff the traffic and see if even gets there.

The readme (http://code.kryo.se/iodine/README.html) has some good testing methods -
...the iodined server will answer requests starting with 'z' for any of the supported request types.
What's the result of these?
 
First of all, thank you for taking the time to respond to my post.

So if I understand you correctly, one of your concerns is if the requests is making it to the Iodine server? My apologies nameserver is in the form of test.test.com.

So you can test your iodine setup here: http://code.kryo.se/iodine/check-it/

Here are the results of that test

Analyzing DNS setup for tunnel domain 'test.test.com'... (might take some time)

Looking for nameserver for test.com.. got ns3.afraid.org (at 109.12.18.162).
Resolving delegation of test.test.com at 109.12.18.162... to test.test.com (at 209.122.196.187).

Expecting iodined to be accessible at 209.122.196.187... yes, using proto 00000502.
Testing iodine reply using default nameserver... ok.

Well done, your iodine setup seems fine!

dig -t TXT z456.test.test.com

HTML:
; <<>> DiG 9.8.3-P1 <<>> -t TXT z456.test.test.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 25729
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;z456.test.test.com.	IN	TXT

;; Query time: 3601 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Fri Dec  5 21:42:08 2014
;; MSG SIZE  rcvd: 46
So it seems to connect even though it says raw login failed. However, I can't ping the server side of the tunnel. The tunnel is 192.168.99.1 and my side is 192.168.99.2

HTML:
Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-B7-B4-97-A7
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3212:34ac:1b9a:40dc%19(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.99.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.224
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 318832567
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-48-83-06-00-0C-29-2E-D2-C9

   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

I sniffed on host 192.168.99.1 and saw no results.

I am stuck, any ideas would be appreciated.
 
I think I am missing something trivial here. Seems like server setup is good. Client connects but can't seem to ping other side of tunnel.

Any ideas?
 
Hi there,

I'm having the same problem. Iodine sets up the tunnel properly, but I can't ping the tunnel server.

My friend, using a different internet connection and device is able to set up the iodine tunnel with the same server and ping the tunnel server.

We're you able to figure out why the server could not be pinged?
 
Hello,

No, I didn't. I can't figure it out either. Not sure what I am doing wrong. Have you tried to connect to your friend's server to see if it works?
 
so my friend can connect to his iodine server via his ipod. on his laptop the tunnel timed out sometimes.

I'm testing through two different networks, one my mobile and the other is wi-fi.

I keep thinking there's a routing issue and that the 10.0.0.1 packets are going out through another network interface.

I'm starting to use Wireshark to diagnose the problem, but I just don't see any reply packets coming back in when I try to ping the server side.

I have the SSH tunnel open on the server, but I don't see any diagnostics with Iodined running in the foreground (-f).
 
That is exactly what I am seeing as well.

I tried Wireshark but I don't see any packets reaching the tunnel interface. I could try something else on my setup if you have any ideas/suggestions. Stumped at this point though, I am not sure what else I can do.
 
Got iodine working yesterday. I switched to using Linux inside a virtual machine and it instantly worked. Maybe there is something wrong with the windows version of the iodine client.
 
Nice work Curea, that is something I didn't think about but is a very good possibility. Can you outline how you set up your linux VM?
 
I installed Kali Linux which had Iodine already pre-installed. But if you have any flavour of Linux installed you can install Iodine via the command line with 'apt-get install iodine' command. you may need to add Kali sources if you use another distro. There's tonnes of resources out there on how to install Kali on vmware, that's probably the easiest route to take.
 
Hi Curea, thanks for the heads up. I am running vmware so that is exactly what I am looking for. I'll try and set up Kali tomorrow.

thanks again for the info!
 
Back
Top