Last active
July 24, 2020 16:12
-
-
Save wen-long/8653492 to your computer and use it in GitHub Desktop.
Revisions
-
wen-long revised this gist
Jan 30, 2014 . No changes.There are no files selected for viewing
-
Jan 29, 2014 . 1 changed file with 3 additions and 13 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -21,30 +21,20 @@ list notinterface eth0.2 >pdnsd 可以通过 TCP 查询(也需要 DNS 服务器支持),获得未受劫持的结果 配置文件`/etc/pdnsd.conf`中有多个 server 段,上面的查询失败就使用下一个,所以一般应该按照延迟排序,在这里只用一个 server 段 global 段中修改为 `query_method=tcp_only`和`server_ip = 路由器ip` server段如下即可 ``` server { label= "myisp"; ip = 8.8.8.8,8.8.4.4; # Put your ISP's DNS-server address(es) here. timeout=4; # Server timeout; this may be much shorter # that the global timeout option. interval=ontimeout; # Check every 10 minutes. purge_cache=off; # Keep stale cache entries in case the ISP's # DNS servers go offline. edns_query=yes; # Use EDNS for outgoing queries to allow UDP messages # larger than 512 bytes. May cause trouble with some # legacy systems. } ``` ####可能会影响国内网站 CDN 后果自负 -
Jan 27, 2014 . 1 changed file with 3 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -13,11 +13,9 @@ list notinterface eth0.2 可以在网页设置的启动项管理中重启 dnsmasq 运行 `netstat -anp`查看是否有 dnsmasq 监听54端口 ####修改后 DNS 推送可能有问题 在`/etc/config/dhcp`文件`config dhcp 'lan'`的最后添加 `list 'dhcp_option' '6,XXX.XXX.XXX.XXX'`XXX.XXX.XXX.XXX为路由器 ip ####配置pdnsd >pdnsd 可以通过 TCP 查询(也需要 DNS 服务器支持),获得未受劫持的结果 -
Jan 27, 2014 . 1 changed file with 6 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -13,6 +13,12 @@ list notinterface eth0.2 可以在网页设置的启动项管理中重启 dnsmasq 运行 `netstat -anp`查看是否有 dnsmasq 监听54端口 ####修改后 DNS 推送 可能有问题 在 `/etc/config/dhcp`的 `config dhcp 'lan'`zui'zui'hzuizui `list 'dhcp_option' '6,87.216.1.65,87.216.1.66'` ####配置pdnsd >pdnsd 可以通过 TCP 查询(也需要 DNS 服务器支持),获得未受劫持的结果 -
Jan 27, 2014 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -48,4 +48,5 @@ server { 解决 CDN 问题可以参考: [openwrt 上通过 pdnsd 和 dnsmasq 解决 dns污染](https://wido.me/sunteya/use-openwrt-resolve-gfw-dns-spoofing) [pdnsd Documentation](http://members.home.nl/p.a.rombouts/pdnsd/doc.html) -
Jan 27, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,51 @@ dnsmasq的配置文件由`/etc/config/dhcp`决定 ####禁用 dnsmasq 的 DNS 功能 在该文件 `config dnsmasq`下添加 ``` option port 54 ``` 如果你的 WAN 口是 PPPOE 等方式连接,而且系统日志中有 `DHCP packet received on eth0.2 which has no address` 就再添加 ``` list notinterface eth0.2 ``` 可以在网页设置的启动项管理中重启 dnsmasq 运行 `netstat -anp`查看是否有 dnsmasq 监听54端口 ####配置pdnsd >pdnsd 可以通过 TCP 查询(也需要 DNS 服务器支持),获得未受劫持的结果 配置文件`/etc/pdnsd.conf`中有多个 server 段,上面的查询失败就使用下一个,所以一般应该按照延迟排序,在这里只用一个 server 段 global 段中修改为 `query_method=tcp_only`和`server_ip = 0.0.0.0` server段如下即可 ``` server { label= "myisp"; ip = 8.8.8.8; # Put your ISP's DNS-server address(es) here. # proxy_only=on; # Do not query any name servers beside your ISP's. # This may be necessary if you are behind some # kind of firewall and cannot receive replies # from outside name servers. timeout=4; # Server timeout; this may be much shorter # that the global timeout option. uptest=if; # Test if the network interface is active. interface=eth0; # The name of the interface to check. interval=10m; # Check every 10 minutes. purge_cache=off; # Keep stale cache entries in case the ISP's # DNS servers go offline. edns_query=yes; # Use EDNS for outgoing queries to allow UDP messages # larger than 512 bytes. May cause trouble with some # legacy systems. # exclude=.thepiratebay.org, # If your ISP censors certain names, you may # .thepiratebay.se, # want to exclude them here, and provide an # .piratebay.org, # alternative server section below that will # .piratebay.se; # successfully resolve the names. } ``` ####可能会影响国内网站 CDN 后果自负 解决 CDN 问题可以参考: [openwrt 上通过 pdnsd 和 dnsmasq 解决 dns污染](https://wido.me/sunteya/use-openwrt-resolve-gfw-dns-spoofing) [pdnsd Documentation](http://members.home.nl/p.a.rombouts/pdnsd/doc.html)