On-demand TCP over DNS server

Virtual servers have become quite cheap these days, to the point where I can justify paying the monthly charge on one when I'm not sure how much I'll use it. One of the things I have been running on my VM is a TCP-over-DNS server; it will allow you access to the Internet through some access points where you're forced to login, though it relies on the network administrator neglecting to block certain types of DNS query.  The author has posted a good how-to and overview of how it works so I'm not going to go into that here. Now, I don't anticipate using this tunneller very often so it'd be nice to not run the daemon all the time, but I obviously can't enable myself unless I know in advance that I won't have Internet access. Therefore, ideally I want the server to run only when I want to use it. Fortunately Linux has long had a means of doing this with the inetd daemon. The inetd daemon will monitor a network socket, waiting for incoming traffic, and launch your daemon only when it is needed. It then passes the daemon process the existing sockets and waits for it to finish, at which point it'll go back to watching for traffic again. The config line you'll need for inetd is as follows (you may need to highlight it and copy it elsewhere, as it doesn't show up well in this theme):

domain  dgram   udp     wait    root    /usr/bin/java   java -jar /path/to/tcp-over-dns-server.jar --domain delegated.domain.com --forward-port 22 --forward-address 127.0.0.1 --mtu 1500 --log-level 1 --idle-timeout 10 --log-file /var/log/tcp-over-dns

Aside from modifying the server to support inherited channels I have:

  1. Added an idle time limit (so the program can exit if it sees no clients after a set number of seconds, and let inetd monitor the port again)
  2. Added a log file option (programs launched by inetd can't log to the standard output or error channels as inetd will pipe them into the inherited connection.)
  3. Changed the default behaviour (If a channel is inherited the server will no longer try to bind on its default port)

If you're interested you can download the source code or just the pre-compiled jar file.