dnstt is a DNS tunnel that can use DNS over HTTPS (DoH) and DNS over TLS (DoT) resolvers.
A DNS tunnel is one way of circumventing network censorship. A recursive DNS resolver’s purpose is to receive packets and forward them somewhere else—in effect, working as a kind of network proxy. DNS tunnels over plaintext UDP are generally considered easy to detect because of the unusual DNS messages they use. However DoH and DoT are encrypted—an outside observer can see that you are communicating with a public resolver, but cannot decrypt the raw DNS messages to see that they embed a tunneling protocol. (The resolver itself can still easily tell that you are using a tunnel.)
support DNSTT VPS server, Ubuntu 18, 16 x 64, release port 5300 on your Xing Ling server dashboard (VPS)
have a DNS panel, to make it easier lol
create one with O
A with the name tns pointed to the IP of your VPS
NS with the name t pointing to the domain tns. seudominio
DNS setup
Go into your name registrar’s configuration panel and add three records:
A tns.example.com points to 203.0.113.2
AAAA tns.example.com points to 2001:db8::2
NS t.example.com is managed by tns.example.com
download the GO compiler
cd /usr/local wget https://golang.org/dl/go1.16.2.linux-amd64.tar.gz tar xvf go1.16.2.linux-amd64.tar.gz export GOROOT=/usr/local/go export PATH=$GOPATH/bin:$GOROOT/bin:$PATH
to see if it worked, run the command
go version
the version will appear (or should appear lol)
download DNSTT
cd /root git clone https://www.bamsoftware.com/git/dnstt.git cd /dnstt/dnstt-server go build
this command will create an executable named dnstt-server
run the command
./dnstt-server -gen-key -privkey-file server.key -pubkey-file server.pub
will create 2 files: the .pub and the one that will be used for the person to connect
add this text to your SSH Script manager and restart
nano /etc/ssh/sshd_config AllowTcpForwarding yes Ctrl+o Ctrl +x /etc/init.d/ssh restart
to start server with slowdns SSH mode in directory
cd /root/dnstt/dnstt-server screen -dmS slowdns ./dnstt-server -udp :5300 -privkey-file server.key t.seudominio.com 127.0.0.1:22
esse modo na vpn (nos apps) usa direct SSH
SSL mode
screen -dmS slowdns ./dnstt-server -udp :5300 -privkey-file server.key t.seudominio.com 127.0.0.1:443
they way use SSH and SSL
iptables command
tunnel-server$ sudo iptables -I INPUT -p udp --dport 5300 -j ACCEPT tunnel-server$ sudo iptables -t nat -I PREROUTING -i eth0 -p udp --dport 53 -j REDIRECT --to-ports 5300 tunnel-server$ sudo ip6tables -I INPUT -p udp --dport 5300 -j ACCEPT tunnel-server$ sudo ip6tables -t nat -I PREROUTING -i eth0 -p udp --dport 53 -j REDIRECT --to-ports 5300
to see if it is running, command
lsof -i :5300
and…practical way too, if you want, of course, install ssh plus cracked, activate ssl, badvpn, create users…rsl
