树莓派搭建无污染 DNS

2015-03-08 22:26:39 +08:00
 Tianpu
源DNS:bind搭建或者使用其它公共DNS

自己搭建:
yum install bind
nano /etc/named.conf
acl goodclients {
2.2.0.0/16;
3.3.3.3;
localhost;
localnets; #允许的IP
};
options {
listen-on port 53 { 1.2.3.4; }; #自己的服务器IP
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { goodclients; };
allow-query-cache { goodclients; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
controls { };
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
channel querylog {
file "data/named.log" versions 5 size 32m;
severity debug 3;
print-category yes;
print-time yes;
print-severity yes;
};
category queries {
querylog;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";


本地DNS:
apt-get install unbound
nano /etc/unbound/unbound.conf
server:
verbosity: 1
num-threads: 2
interface: 192.168.1.2 #树莓派IP
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
tcp-upstream: yes
do-daemonize: yes
access-control: 192.168.1.0/24 allow
forward-zone:
name: "."
forward-addr: 1.2.3.4 #自己搭建的DNS
forward-addr: 8.8.8.8

可以正常查询到twitterIP,但是访问不了
7306 次点击
所在节点    Raspberry Pi
2 条回复
xiaozhizhu1997
2015-03-08 22:29:06 +08:00
推、FB之类的光防污染没用,还有IP地址封锁。
防污染主要是应对edgecast之类的CDN,这种找不全域名的,直接自动反污染,非常有效。
alairs
2015-06-05 10:28:19 +08:00
没污染是没污染,但没多大用啊

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/175400

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX