-- Leo's gemini proxy
-- Connecting to git.thebackupbox.net:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
repo: blog action: blob revision: path_from: NAT-and-dns revision_from: refs/heads/master: path_to: revision_to:
/ NAT-and-dns
refs/heads/master:/NAT-and-dns # NAT pinning is yucky anyway (I need to get this turned into a normal text file and not copy-pasta IRC log) 08:04:40 < epoch> I thought of a neat idea for dealing with LAN and internet DNS 08:04:59 < epoch> probably how it was intended to be done, but I hadn't read to do it this way before 08:05:28 < epoch> so, you have a "domain" line in resolv.conf, which can be passed out by the DHCP server 08:05:52 < epoch> set it to something like, .local 08:06:30 < epoch> and if the domain that resolves to your WAN IP is domain.tld 08:06:37 < epoch> you make a domain.tld.local record 08:07:15 < epoch> since LAN hosts will check for domain.tld.local, you can have it be a LAN IP 08:08:17 < epoch> and since almost nobody uses absolute domain names (trailing .) you could also use this to hijack and DNS request 08:09:36 < epoch> my LAN is set to use whois.ano for the LAN domain, so I have thebackupbox.net.whois.ano set to the anonet IP 08:09:54 < epoch> of the box that my NAT would be forwarding the http port to 08:11:11 < randyr> just woke up and this melted my brain will read again after coffee 08:11:16 < epoch> now... if tor would have another fake TLD that I could use as "domain" so then I could force almost all things over tor by just setting the domain to it. 08:11:31 < epoch> like, derp.com.tor 08:11:43 < epoch> would be the transparent proxy IP for it 08:12:38 < epoch> I /could/ make a hidden service that uses its subdomain to proxy requests 08:12:54 < epoch> derp.com.asdfasdfasdf.onion 08:14:49 < epoch> I like this idea better than NAT pinning 08:15:18 < epoch> because it doesn't possibly cause the REMOTE_HOST to be my router IP instead of the client IP
-- Response ended
-- Page fetched on Sun Jun 2 18:09:36 2024