search

XTLS / Xray-core

Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration.
https://t.me/projectXray
Mozilla Public License 2.0
25.54k stars 3.95k forks source link

[Feature Request] FakeDNS 修改 TTL 和 禁用 HTTPS QType 65 转发 #3006

Closed qwerr0 closed 8 months ago

qwerr0 commented 9 months ago

默认的 TTL 是 600, 由于 Xray 还不支持 FakeIP 的持久化和 Reload, 所以每次重启 Xray 都需要清理一次 DNS 缓存 如果能提供一个选项把 FakeDNS 提供的响应的 TTL 改小一些, 如 TTL=5, TTL=1 就可以避免这些问题

在使用 FakeDNS 后, 需要把 DNS 解析设置到 Xray 上, 默认是丢弃除了A和AAAA记录的DNS请求, 可以设置 nonIPQuery 来转发这些请求, 但是开启后, HTTPS QType 65 记录可能会被污染, iOS 上需要单独屏蔽 HTTPS 记录的转发, 也希望添加一个选项在 nonIPQuery 为 skip 时能丢弃 HTTPS QType 65 记录

qwerr0 commented 9 months ago

我觉得应该会有和我一样想法的人, 如果能搜到这里, 我提供一份 Patch (我不会 GO 修改很直接) 来修改实现这些功能

diff --git a/proxy/dns/dns.go b/proxy/dns/dns.go
index 415fe99..26204da 100644
--- a/proxy/dns/dns.go
+++ b/proxy/dns/dns.go
@@ -5,6 +5,7 @@ import (
    "io"
    "sync"
    "time"
+   "strings"

    "github.com/xtls/xray-core/common"
    "github.com/xtls/xray-core/common/buf"
@@ -179,7 +180,7 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, d internet.
                if isIPQuery {
                    go h.handleIPQuery(id, qType, domain, writer)
                }
-               if isIPQuery || h.nonIPQuery == "drop" {
+               if isIPQuery || h.nonIPQuery == "drop" || qType == 65 {
                    b.Release()
                    continue
                }
@@ -246,10 +247,16 @@ func (h *Handler) handleIPQuery(id uint16, qType dnsmessage.Type, domain string,

    switch qType {
    case dnsmessage.TypeA:
+       if len(ips) > 0 && strings.HasPrefix(ips[0].String(), "198.18.") {
+           ttl = 1
+       }
        for i, ip := range ips {
            ips[i] = ip.To4()
        }
    case dnsmessage.TypeAAAA:
+       if len(ips) > 0 && strings.HasPrefix(ips[0].String(), "fc00::") {
+           ttl = 1
+       }
        for i, ip := range ips {
            ips[i] = ip.To16()
        }
o0HalfLife0o commented 9 months ago

fakedns ttl这个问题我记得以前看到@yuhan6665 说之后会改短,但一直没有后续,刚刚试着搜了下,也没找到,不知道是不是混在哪个不相关的issue里

yuhan6665 commented 9 months ago

好吧 感谢两位催更 我这周看下。。

yuhan6665 commented 8 months ago

@qwerr0 能帮忙测下是否有用 https://github.com/XTLS/Xray-core/actions/runs/7982602924

qwerr0 commented 8 months ago

@qwerr0 能帮忙测下是否有用 https://github.com/XTLS/Xray-core/actions/runs/7982602924

很感谢添加这个功能, 已经测试了, FakeIP 的 TTL 为1, 且会丢弃 HTTPS DNS 记录, 但是有些网站没有解析到IP似乎会越界: Wed Feb 21 15:34:16 2024 daemon.err xray[709]: panic: runtime error: index out of range [0] with length 0 Wed Feb 21 15:34:16 2024 daemon.err xray[709]: Wed Feb 21 15:34:16 2024 daemon.err xray[709]: goroutine 370 [running]: Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns.(Handler).handleIPQuery(0x4000492ea0, 0xa79e, 0x1c, {0x4000126420, 0x21}, {0x10678c0, 0x40008f16a0}) Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns/dns.go:251 +0xaec Wed Feb 21 15:34:16 2024 daemon.err xray[709]: created by github.com/xtls/xray-core/proxy/dns.(Handler).Process.func2 in goroutine 341 Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns/dns.go:184 +0x228

qwerr0 commented 8 months ago

我目前的 DNS 配置:

{
  "dns": {
    "tag": "dns-inner",
    "disableFallbackIfMatch": true,
    "servers": [
      {
        "address": "dns.alidns.com",
        "expectIPs": ["geoip:direct"],
        "queryStrategy": "UseIP",
        "skipFallback": false
      },
      {
        "address": "fakedns",
        "queryStrategy": "UseIP",
        "skipFallback": false
      },
      {
        "address": "2400:3200::1",
        "domains": ["full:dns.alidns.com"],
        "queryStrategy": "UseIP",
        "skipFallback": true
      },
      {
        "address": "223.5.5.5",
        "domains": ["full:dns.alidns.com"],
        "queryStrategy": "UseIP",
        "skipFallback": true
      },
      {
        "address": "dns.alidns.com",
        "domains": ["geosite:direct"],
        "queryStrategy": "UseIP",
        "skipFallback": true
      },
      {
        "address": "fakedns",
        "domains": ["geosite:proxy"],
        "queryStrategy": "UseIP",
        "skipFallback": true
      }
    ]
  },
  "fakedns": [
    {
      "ipPool": "198.18.0.0/16",
      "poolSize": 65535
    },
    {
      "ipPool": "fc00::/112",
      "poolSize": 65535
    }
  ]
}
yuhan6665 commented 8 months ago

@qwerr0 能帮忙测下是否有用 https://github.com/XTLS/Xray-core/actions/runs/7982602924

很感谢添加这个功能, 已经测试了, FakeIP 的 TTL 为1, 且会丢弃 HTTPS DNS 记录, 但是有些网站没有解析到IP似乎会越界: Wed Feb 21 15:34:16 2024 daemon.err xray[709]: panic: runtime error: index out of range [0] with length 0 Wed Feb 21 15:34:16 2024 daemon.err xray[709]: Wed Feb 21 15:34:16 2024 daemon.err xray[709]: goroutine 370 [running]: Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns.(Handler).handleIPQuery(0x4000492ea0, 0xa79e, 0x1c, {0x4000126420, 0x21}, {0x10678c0, 0x40008f16a0}) Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns/dns.go:251 +0xaec Wed Feb 21 15:34:16 2024 daemon.err xray[709]: created by github.com/xtls/xray-core/proxy/dns.(Handler).Process.func2 in goroutine 341 Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns/dns.go:184 +0x228

感谢 我以为到这儿不应该有空解析了 现在应该可以了