# Iodine

## Install Software

```sh
sudo apt install iodine
```

## Apply Configuration

```sh
EXTERNAL=eth0
INTERNAL=dns0

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
echo 'net.ipv4.ip_forward = 1' | sudo tee /etc/sysctl.d/60-ipv4-forward.conf

sudo iptables -t nat -A POSTROUTING -o $EXTERNAL -j MASQUERADE
sudo iptables -A INPUT -p udp --dport 5353 -j ACCEPT
sudo iptables -A INPUT -i $INTERNAL -j ACCEPT

# Necessary only if default policy is not ACCEPT
sudo iptables -A FORWARD -i $EXTERNAL -o $INTERNAL -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i $INTERNAL -o $EXTERNAL -j ACCEPT

# Adjust domain:
sudo iptables -t nat -A PREROUTING -p udp --dport 53 -m string --hex-string "|01|t|07|example|03|com|00|" --algo bm --from 20 --to 65535 -j REDIRECT --to-ports 5353

sudo cp my-iodined.service /etc/systemd/system
sudo cp my-iodined.conf /etc
sudo chmod 600 /etc/my-iodined.conf

sudo editor /etc/my-iodined.conf
sudo systemctl enable my-iodined
sudo systemctl start my-iodined
```