配合chinadns-ng增强dns防污染 #9852
w311ang
started this conversation in
Show and tell
配合chinadns-ng增强dns防污染
#9852
Replies: 1 comment
-
|
请问这种情况下ssrp的dns怎么设置?使用5335端口的服务吗?谢谢 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
gfwlist并不完善,总有漏网之鱼,导致了DNS被污染,基于chinadns的工作原理,简单来说就是国内DNS回应的污染IP一定是国外IP,根据这个规律,一旦国内DNS回应了国外IP那就等待可信DNS回应正确的国外IP
编译前,menuconfig选中luci-chinadns-ng
进入chinadns-ng设置,监听端口5353,可信dns改
127.0.0.1#5335,把所有节点的域名都添加到白名单打开DHCP/DNS设置,设置DNS转发
127.0.0.1#5353,启动项添加并ssh运行uci set dhcp.@dnsmasq[0].noresolv="1"; uci commit dhcp; /etc/init.d/dnsmasq restartissue,若使用dnsforwarder并且未配置addr命令这一步可以省略这样就完成了,你会发现之前打不开的一些网站现在可以打开了
Beta Was this translation helpful? Give feedback.
All reactions