Crap parkers

You know what I really hate? Crap parkers. People that have a car, and that, according to them, needs to take up atleast 1.5 parking spots. Parking so badly that you – parked nicely in between the lines, in the bloody center – can’t get in or out of your car anymore, save by crawling in the car over the seats.

Lately we’ve been encountering more and more of these idiots, so we’re starting a new category: the crap parkers.

Here’s the first (ok, not _that_ crap, but it was crap enough that I couldn’t get in anymore the regular way) – car on the left:

Iodine (dns tunnel) on your Mac (to escape those evil firewalls)

Here’s a short how-to to get the iodine dns tunnel working on your Mac.

In this short howto, I’ll assume you’ll be using a linux server to act as your gateway to the world. I’ll also assume you’ve read the iodine documentation and setup your DNS accordingly. For my example, I’ll be using a (nonexistant) DynDNS.org static DNS entry, iodine.rulestheworld.tld. I’ll also assume that you’ll be using a public internet address of 1.2.3.4, and a private subnet of 10.0.0.1.

  1. Install the tun/tap driver for Mac OS X. Easy as doing *click* *click* done! :p
  2. Next, install iodine on your Mac. Easy as download, extract, and typing make; make install
  3. Now, install iodine on your linux box. It’s included in the package repositories of the usual suspects, for instance debian: apt-get install iodine.

    Start it (or configure it to use) with:
    iodined -P <password> <unused private IP> <dns name>
    or in our example:
    iodined -P mypass 10.0.0.1 iodine.rulestheworld.tld

    This should return the following:

    Opened dns0
    Setting IP of dns0 to 10.0.0.1
    Setting MTU of dns0 to 1024
    Opened UDP socket
    Listening to dns for domain iodine.rulestheworld.tld

  4. Configure your linux box for IP forwarding: sysctl -e net.ipv4.ip_forward=1
    (and add this to your /etc/sysctl.conf file), and configuring your firewall (iptables) for masquerading:
    iptables -t nat -A POSTROUTING -s 10.0.0.0/255.255.255.0 -o eth0 -j MASQUERADE
  5. Next, download NStun.sh, a very handy script that does all the hard work of changing the routes and so on :p

    You’ll want to change the script: change the first lines as the script reads, and lower, change the

    NS=`grep nameserver /etc/resolv.conf|head -1|awk ‘{print $2}’`

    line to read

    NS=”62.213.207.197″

Now, start NStun.sh on your Mac, and surf away! (well, slowly, but freely, atleast!)