Well, there'd be no way for a firewall to block a request like:
dig -b peername data.data.data.data
And let the "name server" on the other end listening on port 53 parse the data. You _would_ have to be able to listen on port 53 and of course it would be slow as hell, but it's unblockable.
Interesting, thanks. Seems like the firewall would have to be specifically configured to block, say "WebRTC through DNS tunneling" in this case, though.
dig -b peername data.data.data.data
And let the "name server" on the other end listening on port 53 parse the data. You _would_ have to be able to listen on port 53 and of course it would be slow as hell, but it's unblockable.