dnsrelay is a DNS proxy like godns and ChinaDNS. The goal of this project is to defeat DNS poisoning powered by GFW(The Great Firewall of China)
Thans to godns,grimd,ChinaDNS,dnsserver and dns-reverse-proxy for the idea.
- go dns
- toml, TOML config file parsing
- go-logger
- Query multiple upstream DNS group concurrently
- Cache all mostly used domain names
- Hosts configuration
- Domain name matching for custom DNS server
- GeoIP strategy for filtering untrusted DNS results from DNS server of China
- Black IP list for filtering untrusted DNS results
- Load all mostly used domain names at startup
If DNS protocol are poisoning and filtering like in China, DNS server like 8.8.8.8 may not response, so VPN(and some routing tables entry for 8.8.8.8, e.g.) is required to get dnsrelay work.
The configuration dnsrelay.toml is a TOML format config file.
- DNS group
You can define multiple groups, default groups is used to send all DNS request that no rules match.
default-group = ["CN","FG"]
[DNSGroup]
CN=["192.168.1.1", "114.114.114.114", "223.6.6.6:53", "223.5.5.5"]
FG=["8.8.8.8", "8.8.4.4"]
- DNS matching Rules
For example, if there is a DNS request asking A record for “baidu.com”, the rule bellow matched, the DNS group specified by ‘domain-group’ is CN. Then the the DNS request is send to all DNS defined by CN group
[[DomainRule]]
scheme="DOMAIN-MATCH"
group="CN"
value=[
"order.mi.com",
"baidu.com",
]
- Hosts
Like /etc/hosts, you can set one or more ip for a domain without sending any DNS requests:
[[Host]]
name="example.com"
ip=["93.184.216.34"]
[[Host]]
name="ip.com"
ip=["64.111.96.203"]
- Ip filtering
DNS result may points to the wrong Ip in China because of DNS poisoning power by GFW(?), so ip filtering is needed:
[IPFilter]
ip=[
"64.111.96.204"
]
- Cache DNS results
[Cache]
backend = "memory"
expire = 3600
maxcount = 500
Copyright (c) 2016 <booopooob@gmail.com>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.