diff --git a/man/iodine.8 b/man/iodine.8 index 0eb9b9b..2942ac0 100644 --- a/man/iodine.8 +++ b/man/iodine.8 @@ -35,6 +35,8 @@ iodine, iodined \- tunnel IPv4 over DNS .I 0|1 .B ] [-I .I interval +.B ] [-o +.I interval .B ] .B [ .I nameserver @@ -236,8 +238,10 @@ There are some DNS relays with very small timeouts, notably dnsadvantage.com (ultradns), that will give SERVFAIL errors even with \-I1; data will still get trough, and these errors can be ignored. -Maximum useful value is 59, since iodined will close a client's -connection after 60 seconds of inactivity. +Maximum useful value is less than specified in \-o. +.TP +.B -o interval +Inactivity timeout interval. Defaults to 60 seconds. .SS Server Options: .TP .B -c diff --git a/src/client.c b/src/client.c index 7f33654..1e51b8e 100644 --- a/src/client.c +++ b/src/client.c @@ -95,6 +95,7 @@ static unsigned short do_qtype = T_UNSET; static enum connection conn; static int selecttimeout; /* RFC says timeout minimum 5sec */ +static int inactivitytimeout; static int lazymode; static long send_ping_soon; static time_t lastdownstreamtime; @@ -211,6 +212,12 @@ client_set_selecttimeout(int select_timeout) selecttimeout = select_timeout; } +void +client_set_inactivitytimeout(int inactivity_timeout) +{ + inactivitytimeout = inactivity_timeout; +} + void client_set_lazymode(int lazy_mode) { @@ -847,7 +854,7 @@ tunnel_dns(int tun_fd, int dns_fd) } if (read == 5 && !strncmp("BADIP", buf, 5)) { - warnx("BADIP: Server rejected sender IP address (maybe iodined -c will help), or server kicked us due to timeout. Will exit if no downstream data is received in 60 seconds."); + warnx("BADIP: Server rejected sender IP address (maybe iodined -c will help), or server kicked us due to timeout. Will exit if no downstream data is received in %d seconds.", inactivitytimeout); return -1; /* nothing done */ } @@ -1117,8 +1124,8 @@ client_tunnel(int tun_fd, int dns_fd) i = select(MAX(tun_fd, dns_fd) + 1, &fds, NULL, NULL, &tv); - if (lastdownstreamtime + 60 < time(NULL)) { - warnx("No downstream data received in 60 seconds, shutting down."); + if (lastdownstreamtime + inactivitytimeout < time(NULL)) { + warnx("No downstream data received in %d seconds, shutting down.", inactivitytimeout); running = 0; } diff --git a/src/client.h b/src/client.h index 3dab6fb..6025620 100644 --- a/src/client.h +++ b/src/client.h @@ -31,6 +31,7 @@ int client_set_qtype(char *qtype); char *client_get_qtype(void); void client_set_downenc(char *encoding); void client_set_selecttimeout(int select_timeout); +void client_set_inactivitytimeout(int inactivity_timeout); void client_set_lazymode(int lazy_mode); void client_set_hostname_maxlen(int i); diff --git a/src/iodine.c b/src/iodine.c index 64ed950..5d1a066 100644 --- a/src/iodine.c +++ b/src/iodine.c @@ -98,7 +98,8 @@ static void help(FILE *stream, bool verbose) " -t dir to chroot to directory dir\n" " -d device to set tunnel device name\n" " -z context, to apply specified SELinux context after initialization\n" - " -F pidfile to write pid to a file\n\n" + " -F pidfile to write pid to a file\n" + " -o inactivity timeout interval\n\n" "nameserver is the IP number/hostname of the relaying nameserver. If absent,\n" " /etc/resolv.conf is used\n" "topdomain is the FQDN that is delegated to the tunnel endpoint.\n"); @@ -143,6 +144,7 @@ int main(int argc, char **argv) int raw_mode; int lazymode; int selecttimeout; + int inactivitytimeout; int hostname_maxlen; #ifdef OPENBSD int rtable = 0; @@ -172,6 +174,7 @@ int main(int argc, char **argv) raw_mode = 1; lazymode = 1; selecttimeout = 4; + inactivitytimeout = 60; hostname_maxlen = 0xFF; nameserv_family = AF_UNSPEC; @@ -190,7 +193,7 @@ int main(int argc, char **argv) __progname++; #endif - while ((choice = getopt(argc, argv, "46vfhru:t:d:R:P:m:M:F:T:O:L:I:")) != -1) { + while ((choice = getopt(argc, argv, "46vfhru:t:d:R:P:m:M:F:T:O:L:I:o:")) != -1) { switch(choice) { case '4': nameserv_family = AF_INET; @@ -271,6 +274,11 @@ int main(int argc, char **argv) if (selecttimeout < 1) selecttimeout = 1; break; + case 'o': + inactivitytimeout = atoi(optarg); + if (inactivitytimeout < 1) + inactivitytimeout = 1; + break; default: usage(); /* NOTREACHED */ @@ -322,6 +330,7 @@ int main(int argc, char **argv) } client_set_selecttimeout(selecttimeout); + client_set_inactivitytimeout(inactivitytimeout); client_set_lazymode(lazymode); client_set_topdomain(topdomain); client_set_hostname_maxlen(hostname_maxlen);