A generic guide to deploy mosdns to OPNSense
This repo provides a generic guide to deploy mosdns to OPNSense with ease. However, it requires users to have some fundamental knowledge about OPNSense and mosdns.
Mosdns Official Wiki: https://irine-sistiana.gitbook.io/mosdns-wiki/
Know DNS Providers: https://adguard-dns.io/kb/general/dns-providers/
Copyright 2023-2024 @TechProber. All rights reserved.
Maintainer: Kevin Yu (@yqlbu)
- Related Projects
- Steps to deploy
- Cronjobs
- Forward requests to designated gateways
- Maintenance
- Appendix
- techprober/mosdns-lxc-deploy - Deploy mosdns in Proxmox LXC Container
- IrineSistiana/mosdns - A self-hosted DNS resolver
- tteck/Proxmox - Proxmox Helper Scripts
- Loyalsoldier/v2ray-rules-dat - Enhanced edition of V2Ray rules dat files, compatible with Xray-core, Shadowsocks-windows, Trojan-Go and leaf.
- Loyalsoldier/geoip - Enhanced edition of GeoIP files for V2Ray, Xray-core, Trojan-Go, Clash and Leaf, with replaced CN IPv4 CIDR available from ipip.net, appended CIDR lists and more.
Create a new directory for mosdns
sudo mkdir -p /etc/usr/local/mosdns
Create sub directories
sudo mkdir -p /usr/local/etc/mosdns/{ips,domains,downloads,custom}
Make sure you have the following file structure present on your host:
# /usr/local/etc/mosdns
./
|-- config.yml
|-- custom
|-- domains
|-- downloads
|-- scripts
`-- ips
5 directories, 1 file
Install Vim (Optional)
sudo pkg install vim
https://github.com/IrineSistiana/mosdns/releases
cd /usr/local/etc/mosdns/downloads
curl -o mosdns.zip https://github.com/IrineSistiana/mosdns/releases/download/{VERSION}/mosdns-freebsd-amd64.zip
unzip mosdns.zip
sudo install -Dm755 mosdns /usr/bin/
sudo touch /var/log/mosdns.log
Reference: https://github.com/techprober/mosdns-lxc-deploy
Artifacts Source: https://github.com/techprober/v2ray-rules-dat/releases
Note
You may selectively download the rule lists you need from the release branch from @techprober/v2ray-rules-dat.
set MOSDNS_PATH=/usr/local/etc/mosdns
curl --progress-bar -JL -o $MOSDNS_PATH/downloads/geoip.zip https://github.com/techprober/v2ray-rules-dat/raw/release/geoip.zip
curl --progress-bar -JL -o $MOSDNS_PATH/downloads/geosite.zip https://github.com/techprober/v2ray-rules-dat/raw/release/geosite.zip
unzip -o $MOSDNS_PATH/downloads/geoip.zip -d $MOSDNS_PATH/ips
unzip -o $MOSDNS_PATH/downloads/geosite.zip -d $MOSDNS_PATH/domains
Note
Alternatively, you may use a dedicated script to automatically download and extract the geodata artifacts. See ./scripts/geodata-update.sh
Warning
Doing so will free port 53
for mosdns to use
# stop unbound service
# /usr/local/opnsense/service/conf/actions.d/actions_unbound.conf
configctl unbound stop
/usr/local/sbin/pluginctl dns stop
/usr/local/sbin/pluginctl dns disable
Paste the content from ./rc.d/mosdns in this repo to /usr/local/etc/rc.d/mosdns
in OPNSense.
sudo chmod +x /usr/local/etc/rc.d/mosdns
Note
You may start with the recommended config, which provides out-of-the-box ip leak prevent feature.
Warning
Please take a look at the content of config-{VERSION}.yml
before you copy it to /usr/local/etc/mosdns
. It is a boilerplate template which intends to provide users a reference to start with customizing their own config.
echo 'mosdns_enable="YES"' >> /etc/rc.conf
sudo service mosdns start
sudo service mosdns enable
ps -aux | grep mosdns
sudo service mosdns status
Important
To write logs to a file, you need to specify the log file destination in your config as shown in the following:
## -- Log Config -- ##
log:
level: debug # ["debug", "info", "warn", and "error"], default is set to "info"
production: true
file: "/var/log/mosdns.log"
sudo tail -f /var/log/mosdns.log
Create a .conf
file in /usr/local/opnsense/service/conf/actions.d/
(your file must start with actions_
)
vi /usr/local/opnsense/service/conf/actions.d/actions_mosdns-logs-cleanup.conf
Available in ./actions.d/actions_mosdns.conf
Restart and reload
sudo service configd restart
sudo configctl mosdns logs-cleanup
Add geodata-update script
The script is available in ./scripts/geodata-update.sh.
Download save it in /usr/local/etc/mosdns/scripts/
curl -L -o /usr/local/etc/mosdns/scripts/geodata-update.sh https://github.com/techprober/mosdns-opnsense-install/raw/master/scripts/geodata-update.sh
Set permission
sudo chmod +x /usr/local/etc/mosdns/scripts/geodata-update.sh
Run the action
sudo configctl mosdns geodata-update
Go to System
> Settings
> Cron
and Add a Job
You can show your cron command in dropdown Command. Plan your cron schedule as you wish.
Note
For those who would like to further forward DNS requests to designated gateways, depending on the DNS provider of choice, you may achieve so following the route setting below.
# force stop
ps -aux | grep mosdns
kill -9 <mosdns pid>
# restart
service mosdns start
- Auto-generate
geoip.txt
,geosites.txt
(since*.dat
are deprecated in v5) - https://github.com/techprober/v2dat - Available Rules - https://github.com/techprober/v2ray-rules-dat/releases