Network

DNS server UDP -> TCP

GitHub - bitsadmin/lofl: Living Off the Foreign Land setup scriptsGitHub

Create a system container that wil run dnsmasq and the dns_over_tcp.py script

incus launch images:debian/12 sshvpn-dns
incus exec sshvpn-dns bash


# cat << EOF | tee /etc/systemd/resolved.conf
[Resolve]
DNSStubListener=no
EOF
# systemctl restart systemd-resolved
# apt install dnsmasq python3 curl python3-dnslib

# cat << EOF | tee /etc/dnsmasq.conf
port=5353

server=/REMOTE_DOMAIN/REMOTE_RESOLVER_IP
server=/REMOTE_RESOLVER_REVERSE_IP.in-addr.arpa/REMOTE_RESOLVER_IP

server=LOCAL_RESOLVER
EOF

# systemctl restart dnsmasq
# curl -OL https://raw.githubusercontent.com/bitsadmin/lofl/main/dns_over_tcp.py
# python3 dns_over_tcp.py

Configure systemd-networkd to use the system container to resolve specific domains

cat << EOF | tee /etc/systemd/network/remote_dns.network
[Match]
Name=tun1337

[Address]
Address=192.0.2.253/30
Peer=192.0.2.254/32

[Network]
LinkLocalAddressing=ipv4
DNS=<system container IP>
Domains=~REMOTE_DOMAIN ~REMOTE_DOMAIN

SSH point-to-point tunnel

An alternative to using a SOCKS proxy when doing remote engagements. The tunnel is compatible natively with TCP and UDP traffic. The target networks to reach are defined using static routes in systemd-networkd configuration file.

By pre-creating the TUN devices, root-level access on both systems is no longer required.

Local

# /etc/systemd/network/sshvpn.netdev
[NetDev]
Name=tun1337
Kind=tun
[Tun]
Group=LOCAL_USER_GROUP
User=LOCAL_USER

# /etc/systemd/network/sshvpn.network
[Match]
Name=tun1337

[Address]
Address=192.0.2.253/30
Peer=192.0.2.254/32

[Network]
LinkLocalAddressing=ipv4
DNS=LOCAL_DNS_RESOLVER
Domains=~exemple.com

[Route]
Gateway=192.0.2.254
Destination=REMOTE_NETWORK_RANGE

# ~/.ssh/config
Host sshvpn
	Hostname $hostname
	User $user
	Port $port
	IdentityFile $ssh_key
	SessionType none
	Tunnel point-to-point
	TunnelDevice 1337:1337
	ExitOnForwardFailure yes

Remote

iptables --policy FORWARD ACCEPT
iptables -t nat -A POSTROUTING -s 192.0.2.253 ! -d 192.0.2.254 -o REMOTE_OUTGOING_INTERFACE -j MASQUERADE

# /etc/systemd/network/sshvpn.network
[Match]
Name=tun1337

[Address]
Address=192.0.2.254/30
Peer=192.0.2.253/32

[Network]
LinkLocalAddressing=ipv4

# /etc/systemd/network/sshvpn.netdev
[NetDev]
Name=tun1337
Kind=tun
[Tun]
Group=REMOTE_SSH_USER_GROUP
User=REMOTE_SSH_USER

# /etc/ssh/sshd_config
match user REMOTE_USER
    PermitTunnel yes

Connect to the remote host with ssh REMOTE_HOST -w 1337:1337. This will bring the interfaces UP on both ends and add the configured network routes on the local host.

PreviousOne-liners NextKnowledge Bits

Last updated 1 year ago

hashtagDNS server UDP -> TCP

hashtagSSH point-to-point tunnel

hashtagLocal

hashtagRemote

DNS server UDP -> TCP

SSH point-to-point tunnel

Local

Remote