Closed ibinlike closed 10 months ago
刚刚升级到最新版本的Passwall以及mosdns 插件, 版本号5.3.0.
我的应用场景是, Passwall要分流奈法, 上级DNS为MosDNS。
MosDNS的配制如下:
log: level: info file: "/tmp/mosdns.log" include: [] plugins: - tag: geosite_cn type: domain_set args: files: - "/var/mosdns/geosite_cn.txt" - "/var/mosdns/geosite_google-cn.txt" - tag: geoip_cn type: ip_set args: files: - "/var/mosdns/geoip_cn.txt" - tag: geosite_no_cn type: domain_set args: files: - "/var/mosdns/geosite_geolocation-!cn.txt" - tag: nf_ds type: domain_set args: files: - "/etc/mosdns/rule/nf_ds.txt" - tag: whitelist type: domain_set args: files: - "/etc/mosdns/rule/whitelist.txt" - tag: blocklist type: domain_set args: files: - "/etc/mosdns/rule/blocklist.txt" - tag: greylist type: domain_set args: files: - "/etc/mosdns/rule/greylist.txt" - tag: ddnslist type: domain_set args: files: - "/etc/mosdns/rule/ddnslist.txt" - tag: hosts type: hosts args: files: - "/etc/mosdns/rule/hosts.txt" - tag: redirect type: redirect args: files: - "/etc/mosdns/rule/redirect.txt" - tag: local_ptr type: domain_set args: files: - "/etc/mosdns/rule/local-ptr.txt" - tag: lazy_cache type: cache args: size: 8000 lazy_cache_ttl: 86400 - tag: forward_local type: forward args: concurrent: 1 upstreams: - addr: "udp://223.5.5.5" - addr: "udp://119.29.29.29" - tag: forward_remote type: forward args: concurrent: 1 upstreams: - addr: "tcp://8.8.8.8" enable_pipeline: false max_conns: 2 insecure_skip_verify: false idle_timeout: 30 enable_http3: false - tag: forward_nf_ds type: forward args: concurrent: 1 upstreams: - addr: "x.x.x.x" - tag: modify_ttl type: sequence args: - exec: ttl 0-0 - tag: modify_ddns_ttl type: sequence args: - exec: ttl 5-5 - tag: local_sequence type: sequence args: - exec: $forward_local - tag: remote_sequence type: sequence args: - exec: prefer_ipv4 - exec: $forward_remote - tag: remote_sequence_nf type: sequence args: - exec: $forward_nf_ds - tag: has_resp_sequence type: sequence args: - matches: qname $ddnslist exec: $modify_ddns_ttl - matches: "!qname $ddnslist" exec: $modify_ttl - matches: has_resp exec: accept - tag: query_is_local_ip type: sequence args: - exec: $local_sequence - matches: "!resp_ip $geoip_cn" exec: drop_resp - tag: query_is_remote type: sequence args: - exec: $remote_sequence - tag: fallback type: fallback args: primary: query_is_local_ip secondary: query_is_remote threshold: 500 always_standby: true - tag: query_is_nf_ds type: sequence args: - matches: qname $nf_ds exec: $remote_sequence_nf - tag: query_is_ddns_domain type: sequence args: - matches: qname $ddnslist exec: $local_sequence - tag: query_is_local_domain type: sequence args: - matches: qname $geosite_cn exec: $local_sequence - tag: query_is_no_local_domain type: sequence args: - matches: qname $geosite_no_cn exec: $remote_sequence - tag: query_is_whitelist_domain type: sequence args: - matches: qname $whitelist exec: $local_sequence - tag: query_is_greylist_domain type: sequence args: - matches: qname $greylist exec: $remote_sequence - tag: query_is_reject_domain type: sequence args: - matches: qname $blocklist exec: reject 3 - matches: - qtype 12 - qname $local_ptr exec: reject 3 - matches: qtype 65 exec: reject 3 - tag: main_sequence type: sequence args: - exec: $hosts - exec: jump has_resp_sequence - matches: - "!qname $ddnslist" - "!qname $blocklist" - "!qname $local_ptr" exec: $lazy_cache - exec: $redirect - exec: jump has_resp_sequence - exec: $query_is_nf_ds - exec: jump has_resp_sequence - exec: $query_is_ddns_domain - exec: jump has_resp_sequence - exec: $query_is_whitelist_domain - exec: jump has_resp_sequence - exec: $query_is_reject_domain - exec: jump has_resp_sequence - exec: $query_is_greylist_domain - exec: jump has_resp_sequence - exec: $query_is_local_domain - exec: jump has_resp_sequence - exec: $query_is_no_local_domain - exec: jump has_resp_sequence - exec: $fallback - tag: udp_server type: udp_server args: entry: main_sequence listen: 127.0.0.1:5335 - tag: tcp_server type: tcp_server args: entry: main_sequence listen: 127.0.0.1:5335
奈飞的线路是一个hysteria2的节点, 在节点上hysteria2服务器端的配置:
resolver: type: udp tcp: addr: x.x.x.x:53 timeout: 4s udp: addr: x.x.x.x:53 timeout: 4s quic: initStreamReceiveWindow: 16777216 maxStreamReceiveWindow: 16777216 initConnReceiveWindow: 33554432 maxConnReceiveWindow: 33554432 auth: type: password password: xxxxxxxxxxxxxxxxxxxxxx masquerade: type: proxy proxy: url: https://maimai.sega.jp rewriteHost: true
其中x.x.x.x是奈飞DNS解锁服务器的地址。
现在这样配制以后, 发现能正常访问奈法, 但是不是DNS服务解锁区域的内容(比如DNS解锁区域是新加坡, 但是访问奈法网站仍然是它全球网站, 不是新加坡的奈飞, 而且只能看自制内容。
所以不知道是哪个部分出了问题, 还请大家帮忙看看
规则配置问题,建议到 mosdns 官方仓库讨论区。https://github.com/IrineSistiana/mosdns/discussions
请问你解决这个问题了吗
刚刚升级到最新版本的Passwall以及mosdns 插件, 版本号5.3.0.
我的应用场景是, Passwall要分流奈法, 上级DNS为MosDNS。
MosDNS的配制如下:
奈飞的线路是一个hysteria2的节点, 在节点上hysteria2服务器端的配置:
其中x.x.x.x是奈飞DNS解锁服务器的地址。
现在这样配制以后, 发现能正常访问奈法, 但是不是DNS服务解锁区域的内容(比如DNS解锁区域是新加坡, 但是访问奈法网站仍然是它全球网站, 不是新加坡的奈飞, 而且只能看自制内容。
所以不知道是哪个部分出了问题, 还请大家帮忙看看