问题: 有3个节点 A: 英国 B: 美国 C: 德国 . 要通过节点转发DNS 请求, 这样避免DNS请求被”墙“,或者被劫持。如何利用MosDns 配合Passwall 完成操作?
解决方案:
1: Passwall 开3个Socks 端口分别对应3个节点。 A: sock5: 1083 B: sock5:1084 C: sock5:1085 , 并且修改配置文件 /etc/config/passwall
config acl_rule
option enabled '1'
option remarks 'L1'
option interface 'L1'
option sources '192.168.101.0/24'
option tcp_no_redir_ports 'disable'
option udp_no_redir_ports 'disable'
option use_global_config '0'
option tcp_node 'oCQMCVBg'
option udp_node 'tcp'
option tcp_proxy_drop_ports 'disable'
option udp_proxy_drop_ports 'disable'
option tcp_redir_ports '1:65535'
option udp_redir_ports '1:65535'
option use_direct_list '0'
option use_proxy_list '0'
option use_block_list '0'
option use_gfw_list '0'
option chn_list '0'
option tcp_proxy_mode 'proxy'
option udp_proxy_mode 'proxy'
option dns_shunt 'dnsmasq'
option dns_mode 'tcp'
option dnsmasq_dns_redirect '0'
option remote_dns '127.0.0.1:5135'
config acl_rule
option enabled '1'
option remarks 'L2'
option interface 'L2'
option sources '192.168.102.0/24'
option tcp_no_redir_ports 'disable'
option udp_no_redir_ports 'disable'
option use_global_config '0'
option tcp_node 'XxxWUfAC'
option udp_node 'tcp'
option tcp_proxy_drop_ports 'disable'
option udp_proxy_drop_ports 'disable'
option tcp_redir_ports '1:65535'
option udp_redir_ports '1:65535'
option use_direct_list '0'
option use_proxy_list '0'
option use_block_list '0'
option use_gfw_list '0'
option chn_list '0'
option tcp_proxy_mode 'proxy'
option udp_proxy_mode 'proxy'
option dns_shunt 'tcp'
option dns_mode 'tcp'
option dnsmasq_dns_redirect '0'
option remote_dns '127.0.0.1:5136'
config acl_rule
option enabled '1'
option remarks 'L3'
option interface 'L3'
option sources '192.168.103.0/24'
option tcp_no_redir_ports 'disable'
option udp_no_redir_ports 'disable'
option use_global_config '0'
option tcp_node 'AI7uCLje'
option udp_node 'tcp'
option tcp_proxy_drop_ports 'disable'
option udp_proxy_drop_ports 'disable'
option tcp_redir_ports '1:65535'
option udp_redir_ports '1:65535'
option use_direct_list '0'
option use_proxy_list '0'
option use_block_list '0'
option use_gfw_list '0'
option chn_list '0'
option tcp_proxy_mode 'proxy'
option udp_proxy_mode 'proxy'
option dns_shunt 'dnsmasq'
option dns_mode 'tcp'
option dnsmasq_dns_redirect '0'
option remote_dns '127.0.0.1:5137'
2: MosDNS 开3个实例, 每个实例监听不同端口 A: 5135 B: 5136 C: 5137
A 实例配置(监听端口 5135,SOCKS5 代理 127.0.0.1:1083)
文件名示例:config_A.yaml
log:
level: info
file: "/tmp/mosdns_a.log"
plugins:
- tag: forward_remote
type: forward
args:
concurrent: 1
upstreams:
- tag: google_doh
addr: "https://dns.google/dns-query"
dial_addr: "8.8.8.8"
bootstrap: "8.8.8.8"
idle_timeout: 30
socks5: "127.0.0.1:1083"
- addr: "tcp://8.8.8.8"
idle_timeout: 30
socks5: "127.0.0.1:1083"
enable_pipeline: true
- tag: main_sequence
type: sequence
args:
- exec: $forward_remote
- tag: udp_server
type: udp_server
args:
entry: main_sequence
listen: ":5135"
- tag: tcp_server
type: tcp_server
args:
entry: main_sequence
listen: ":5135"
B 实例配置(监听端口 5136,SOCKS5 代理 127.0.0.1:1084)
文件名示例:config_B.yaml
log:
level: info
file: "/tmp/mosdns_b.log"
plugins:
- tag: forward_remote
type: forward
args:
concurrent: 1
upstreams:
- tag: google_doh
addr: "https://dns.google/dns-query"
dial_addr: "8.8.8.8"
bootstrap: "8.8.8.8"
idle_timeout: 30
socks5: "127.0.0.1:1084"
- addr: "tcp://8.8.8.8"
idle_timeout: 30
socks5: "127.0.0.1:1084"
enable_pipeline: true
- tag: main_sequence
type: sequence
args:
- exec: $forward_remote
- tag: udp_server
type: udp_server
args:
entry: main_sequence
listen: ":5136"
- tag: tcp_server
type: tcp_server
args:
entry: main_sequence
listen: ":5136"
C 实例配置(监听端口 5137,SOCKS5 代理 127.0.0.1:1085)
文件名示例:config_C.yaml
log:
level: info
file: "/tmp/mosdns_c.log"
plugins:
- tag: forward_remote
type: forward
args:
concurrent: 1
upstreams:
- tag: google_doh
addr: "https://dns.google/dns-query"
dial_addr: "8.8.8.8"
bootstrap: "8.8.8.8"
idle_timeout: 30
socks5: "127.0.0.1:1085"
- addr: "tcp://8.8.8.8"
idle_timeout: 30
socks5: "127.0.0.1:1085"
enable_pipeline: true
- tag: main_sequence
type: sequence
args:
- exec: $forward_remote
- tag: udp_server
type: udp_server
args:
entry: main_sequence
listen: ":5137"
- tag: tcp_server
type: tcp_server
args:
entry: main_sequence
listen: ":5137"
MosDNS 三实例 init 脚本合集,适用于 OpenWRT,分别控制 A/B/C 实例。
1. /etc/init.d/mosdns_a
#!/bin/sh /etc/rc.common
#
# Copyright (C) 2020-2022, IrineSistiana
#
# This file is part of mosdns.
#
# mosdns is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# mosdns is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
START=99
USE_PROCD=1
##### ONLY CHANGE THIS BLOCK ######
PROG=/usr/bin/mosdns # where is mosdns
RES_DIR=/etc/mosdns/ # resource dir / working dir / the dir where you store ip/domain lists
CONF=./config_A.yaml # where is the config file, it can be a relative path to $RES_DIR
##### ONLY CHANGE THIS BLOCK ######
start_service() {
procd_open_instance
procd_set_param command $PROG start -d $RES_DIR -c $CONF
procd_set_param user root
procd_set_param stdout 1
procd_set_param stderr 1
procd_set_param respawn "${respawn_threshold:-3600}" "${respawn_timeout:-5}" "${respawn_retry:-5}"
procd_close_instance
echo "mosdns is started!"
}
reload_service() {
stop
sleep 2s
echo "mosdns is restarted!"
start
}
2. /etc/init.d/mosdns_b
#!/bin/sh /etc/rc.common
#
# Copyright (C) 2020-2022, IrineSistiana
#
# This file is part of mosdns.
#
# mosdns is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# mosdns is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
START=99
USE_PROCD=1
##### ONLY CHANGE THIS BLOCK ######
PROG=/usr/bin/mosdns # where is mosdns
RES_DIR=/etc/mosdns/ # resource dir / working dir / the dir where you store ip/domain lists
CONF=./config_B.yaml # where is the config file, it can be a relative path to $RES_DIR
##### ONLY CHANGE THIS BLOCK ######
start_service() {
procd_open_instance
procd_set_param command $PROG start -d $RES_DIR -c $CONF
procd_set_param user root
procd_set_param stdout 1
procd_set_param stderr 1
procd_set_param respawn "${respawn_threshold:-3600}" "${respawn_timeout:-5}" "${respawn_retry:-5}"
procd_close_instance
echo "mosdns is started!"
}
reload_service() {
stop
sleep 2s
echo "mosdns is restarted!"
start
}
3. /etc/init.d/mosdns_c
#!/bin/sh /etc/rc.common
#
# Copyright (C) 2020-2022, IrineSistiana
#
# This file is part of mosdns.
#
# mosdns is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# mosdns is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
START=99
USE_PROCD=1
##### ONLY CHANGE THIS BLOCK ######
PROG=/usr/bin/mosdns # where is mosdns
RES_DIR=/etc/mosdns/ # resource dir / working dir / the dir where you store ip/domain lists
CONF=./config_C.yaml # where is the config file, it can be a relative path to $RES_DIR
##### ONLY CHANGE THIS BLOCK ######
start_service() {
procd_open_instance
procd_set_param command $PROG start -d $RES_DIR -c $CONF
procd_set_param user root
procd_set_param stdout 1
procd_set_param stderr 1
procd_set_param respawn "${respawn_threshold:-3600}" "${respawn_timeout:-5}" "${respawn_retry:-5}"
procd_close_instance
echo "mosdns is started!"
}
reload_service() {
stop
sleep 2s
echo "mosdns is restarted!"
start
}
统一控制脚本 /etc/init.d/mosdns_all,可以用来同时启动、停止、重启 MosDNS 的 A、B、C 三个实例。
/etc/init.d/mosdns_all
#!/bin/sh /etc/rc.common
# Unified control for MosDNS A, B, C instances
START=96
STOP=9
start() {
echo "Starting all MosDNS instances..."
/etc/init.d/mosdns_a start
/etc/init.d/mosdns_b start
/etc/init.d/mosdns_c start
}
stop() {
echo "Stopping all MosDNS instances..."
/etc/init.d/mosdns_a stop
/etc/init.d/mosdns_b stop
/etc/init.d/mosdns_c stop
}
restart() {
echo "Restarting all MosDNS instances..."
/etc/init.d/mosdns_a restart
/etc/init.d/mosdns_b restart
/etc/init.d/mosdns_c restart
}
使用方式:
chmod +x /etc/init.d/mosdns_all
/etc/init.d/mosdns_all enable
/etc/init.d/mosdns_all start # 启动全部
/etc/init.d/mosdns_all stop # 停止全部
/etc/init.d/mosdns_all restart # 重启全部