WoChen5770
commented
5 years ago ip_network_primary_sample 已经包含 183.0.0.0/10 和 121.32.0.0/14
Closed WoChen5770 closed 5 years ago
WoChen5770
commented
5 years ago ip_network_primary_sample 已经包含 183.0.0.0/10 和 121.32.0.0/14
WoChen5770
commented
5 years ago 多种方法多次验证,我认为可能是程序加载文件或者程序调度功能出bug了
WoChen5770
commented
5 years ago { "BindAddress": ":53", "DebugHTTPAddress": "127.0.0.1:5555", "PrimaryDNS": [ { "Name": "DNS1", "Address": "119.29.29.29:53", "Protocol": "udp", "SOCKS5Address": "", "Timeout": 6, "EDNSClientSubnet": { "Policy": "auto", "ExternalIP": "", "NoCookie": true } }, { "Name": "DNS2", "Address": "119.28.28.28:53", "Protocol": "udp", "SOCKS5Address": "", "Timeout": 6, "EDNSClientSubnet": { "Policy": "auto", "ExternalIP": "", "NoCookie": true } } ], "AlternativeDNS": [ { "Name": "DNS3", "Address": "208.67.222.222:443", "Protocol": "tcp", "SOCKS5Address": "", "Timeout": 6, "EDNSClientSubnet": { "Policy": "auto", "ExternalIP": "", "NoCookie": true } } ], "OnlyPrimaryDNS": false, "IPv6UseAlternativeDNS": false, "WhenPrimaryDNSAnswerNoneUse": "PrimaryDNS", "IPNetworkFile": { "Primary": "/etc/overture/ip_network_primary_sample", "Alternative": "/etc/overture/ip_network_alternative_sample" }, "DomainFile": { "Primary": "/etc/overture/domain_primary_sample", "Alternative": "/etc/overture/domain_alternative_sample", "Matcher": "suffix-tree" }, "HostsFile": "/etc/overture/hosts_sample", "MinimumTTL": 0, "DomainTTLFile" : "/etc/overture/domain_ttl_sample", "CacheSize" : 0, "RejectQType": [255] }
ysc3839
commented
5 years ago 你请求的是 TXT,匹配功能只支持 A 或 AAAA 吧?
shawn1m
commented
5 years ago 你请求的是 TXT,匹配功能只支持 A 或 AAAA 吧?
正解。TXT 与 CIDR 匹配完全不相容。
WoChen5770
commented
5 years ago 我现在用的是所有ip白名单,gfw域名黑名单方式解析。 之前我也请求过a记录,有时间我用之前的方式再测试一下
像dns 请求xxx.ip.dnspod.net 的解析记录,返回的两个值 第一列就是递归 dns 的出口 IP,第二列是自己的出口 IP/24.1。Primary dns解析正常,而overture拿的是alternative DNS的解析结果 DEBU[2019-07-04 11:51:58] Question from 121.33.215.*: ;xxx.ip.dnspod.net. IN TXT DEBU[2019-07-04 11:51:58] Domain Primary match fail DEBU[2019-07-04 11:51:58] Domain Alternative match fail DEBU[2019-07-04 11:51:59] Answer from DNS1: xxx.ip.dnspod.net. 60 IN TXT "183.57.53.63,121.33.215.1" DEBU[2019-07-04 11:51:59] Try to match response ip address with IP network DEBU[2019-07-04 11:51:59] IP network match failed, finally use alternative DNS DEBU[2019-07-04 11:51:59] Answer from DNS2: xxx.ip.dnspod.net. 60 IN TXT "183.57.53.63,121.33.215.1" DEBU[2019-07-04 11:51:59] Answer from DNS3: xxx.ip.dnspod.net. 0 IN TXT "162.158.56.130"