-- Leo's gemini proxy

-- Connecting to git.thebackupbox.net:1965...

-- Connected

-- Sending request

-- Meta line: 20 text/gemini

repo: blog
action: blob
revision:
path_from: NAT-and-dns
revision_from: refs/heads/master:
path_to:
revision_to:

refs/heads/master:/NAT-and-dns
 # NAT pinning is yucky anyway

 (I need to get this turned into a normal text file and not copy-pasta IRC log)
 08:04:40 < epoch> I thought of a neat idea for dealing with LAN and internet DNS
 08:04:59 < epoch> probably how it was intended to be done, but I hadn't read to do it this way before
 08:05:28 < epoch> so, you have a "domain" line in resolv.conf, which can be passed out by the DHCP server
 08:05:52 < epoch> set it to something like, .local
 08:06:30 < epoch> and if the domain that resolves to your WAN IP is domain.tld
 08:06:37 < epoch> you make a domain.tld.local record
 08:07:15 < epoch> since LAN hosts will check for domain.tld.local, you can have it be a LAN IP
 08:08:17 < epoch> and since almost nobody uses absolute domain names (trailing .) you could also use this to hijack and DNS request
 08:09:36 < epoch> my LAN is set to use whois.ano for the LAN domain, so I have thebackupbox.net.whois.ano set to the anonet IP
 08:09:54 < epoch> of the box that my NAT would be forwarding the http port to
 08:11:11 < randyr> just woke up and this melted my brain will read again after coffee
 08:11:16 < epoch> now... if tor would have another fake TLD that I could use as "domain" so then I could force almost all things over tor by just setting the domain to it.
 08:11:31 < epoch> like, derp.com.tor
 08:11:43 < epoch> would be the transparent proxy IP for it
 08:12:38 < epoch> I /could/ make a hidden service that uses its subdomain to proxy requests
 08:12:54 < epoch> derp.com.asdfasdfasdf.onion
 08:14:49 < epoch> I like this idea better than NAT pinning
 08:15:18 < epoch> because it doesn't possibly cause the REMOTE_HOST to be my router IP instead of the client IP

-- Response ended

-- Page fetched on Sun Jun 2 18:09:36 2024