Replies: 36 comments 47 replies
-
一些解释: |
Beta Was this translation helpful? Give feedback.
-
这是V5的配置吗?看起来好像比V4翻到简洁了。 不过逻辑似乎都没变。 |
Beta Was this translation helpful? Give feedback.
-
您好,请问加入ipset有什么好处呢,我看您加入的ipset的名字是gfwlist,是和ssrp配合的吗?我用套娃把dns方案独立出来了,用ipset list gfwlist命令看并没有条目,也没有影响我科学上网。 |
Beta Was this translation helpful? Give feedback.
-
个人感觉很漂亮,谢谢分享 |
Beta Was this translation helpful? Give feedback.
-
关于IPSET,最近学习了一下ssrp和passwall关于ipset的部分,发现都向op的防火墙添加了match-set相关的规则,我觉得可以利用blacklist和whitelist,这2个ipset在ssrp和passwall中都被使用了,gfwlist这个ipset反而没有被添加到防火墙规则当中,楼主是自己添加了iptables规则吗? |
Beta Was this translation helpful? Give feedback.
-
不知道咋个用,直接复制配置文件到自定义配置里就可以了嘛? |
Beta Was this translation helpful? Give feedback.
-
plugins: 缓存
重定向域名
转发至国内DNS,并发查询
转发至国外DNS,并发查询
自定义hosts
china ip和自己的vps ip
fallback的primary服务器,返回非国内ip则drop_resp
fallback的secondary服务器,返回非国内ip则添加至ipset,返回国内ip只接受不会添加ipset
fallback sequence
gfwlist解析出的ip添加至ipset,添加前先判断是否为国内ip或内网ip
主运行序列
启动监听服务
我下载了需要的配置文件,并且修改了配置的路径,为何运行不起来呢 |
Beta Was this translation helpful? Give feedback.
-
local_sequence这段的执行是不是搞反了?和注释的逻辑不一样吧? |
Beta Was this translation helpful? Give feedback.
-
请问下我想 可以直接用这个配置吗。如果不行应该怎么设置 都是debian 系统 谢谢🙏 |
Beta Was this translation helpful? Give feedback.
-
"concurrent: 2" 要放在 "upstreams:" 上面,不然会运行不起来 |
Beta Was this translation helpful? Give feedback.
-
openwrt里5.1.3,把相应文件放到\etc\mosdns后直接复制粘贴到自定义配置里运行不起来 |
Beta Was this translation helpful? Give feedback.
-
|
Beta Was this translation helpful? Give feedback.
-
大佬,hosts文件在哪里下载呢? |
Beta Was this translation helpful? Give feedback.
-
这个配置要修改哪里才能够支持IPv6? |
Beta Was this translation helpful? Give feedback.
-
这些iplist一定要下载到本地吗?能不能设置成随在线版本更新? |
Beta Was this translation helpful? Give feedback.
-
版本5.3,按照大佬们的教程配置成功,效果还待进一步测试。 |
Beta Was this translation helpful? Give feedback.
-
这个配置远程用的是公共的DNS,分配不到离远程IP属地最快的IP吧 |
Beta Was this translation helpful? Give feedback.
-
仔细的看了几遍说明,已经用起来了,感谢分享 |
Beta Was this translation helpful? Give feedback.
-
感觉多次一举,未知的域名依然会用国内dns解析。按你们说法照样泄露。还不如单用clash效率高 |
Beta Was this translation helpful? Give feedback.
-
@PHCSJC 大佬,iptables 的配置可以分享一下吗,我用的是 v2ray 做的代理,我感觉所有流量都到上面去了,翻了一夜,总感觉怪怪的。 还有一个问题,mosdns 有好多 2024-05-30T01:24:48.154+0800 WARN forward_remote upstream error {"uqid": 5879, "qname": "play.google.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:24:48.834+0800 WARN forward_remote upstream error {"uqid": 5897, "qname": "www.youtube.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://8.8.8.8", "error": "read tcp 192.168.10.15:33232->8.8.8.8:53: read: connection reset by peer"}
2024-05-30T01:24:53.726+0800 WARN forward_remote upstream error {"uqid": 5897, "qname": "www.youtube.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:24:53.726+0800 WARN udp_server entry err {"query": {"uqid": 5897, "client": "::ffff:127.0.0.1", "qname": "www.youtube.com.", "qtype": 1, "qclass": 1, "elapsed": "5.001293645s"}, "error": "context deadline exceeded"}
2024-05-30T01:26:18.371+0800 WARN forward_remote upstream error {"uqid": 5941, "qname": "displaycatalog.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:26:21.569+0800 WARN forward_remote upstream error {"uqid": 5944, "qname": "fe3cr.delivery.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:26:21.595+0800 WARN forward_remote upstream error {"uqid": 5945, "qname": "fe3cr.delivery.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:26:52.700+0800 WARN fallback secondary error {"query": {"uqid": 5952, "client": "::ffff:127.0.0.1", "qname": "path2.xtracloud.net.", "qtype": 1, "qclass": 1, "elapsed": "5.000200667s"}, "error": "context deadline exceeded"}
2024-05-30T01:26:52.702+0800 WARN forward_remote upstream error {"uqid": 5952, "qname": "path2.xtracloud.net.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:26:52.702+0800 WARN forward_remote upstream error {"uqid": 5952, "qname": "path2.xtracloud.net.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "dial tcp 1.1.1.1:53: i/o timeout"}
2024-05-30T01:27:10.085+0800 WARN forward_remote upstream error {"uqid": 5961, "qname": "tsfe.trafficshaping.dsp.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:27:10.404+0800 WARN forward_remote upstream error {"uqid": 5962, "qname": "settings-win.data.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:27:13.567+0800 WARN forward_remote upstream error {"uqid": 5966, "qname": "geo.prod.do.dsp.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:27:13.581+0800 WARN udp_server entry err {"query": {"uqid": 5967, "client": "::ffff:127.0.0.1", "qname": "cp801.prod.do.dsp.mp.microsoft.com.", "qtype": 1, "qclass": 1, "elapsed": "5.000662322s"}, "error": "context deadline exceeded"}
2024-05-30T01:27:13.581+0800 WARN forward_remote upstream error {"uqid": 5967, "qname": "cp801.prod.do.dsp.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "dial tcp 1.1.1.1:53: i/o timeout"}
2024-05-30T01:27:13.581+0800 WARN forward_remote upstream error {"uqid": 5967, "qname": "cp801.prod.do.dsp.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:27:13.609+0800 WARN forward_remote upstream error {"uqid": 5968, "qname": "cp801.prod.do.dsp.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:27:17.374+0800 WARN forward_remote upstream error {"uqid": 5973, "qname": "cp601.prod.do.dsp.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:27:18.887+0800 WARN forward_remote upstream error {"uqid": 5974, "qname": "disc601.prod.do.dsp.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:27:18.887+0800 WARN forward_remote upstream error {"uqid": 5974, "qname": "disc601.prod.do.dsp.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "dial tcp 1.1.1.1:53: i/o timeout"}
2024-05-30T01:27:18.887+0800 WARN udp_server entry err {"query": {"uqid": 5974, "client": "::ffff:127.0.0.1", "qname": "disc601.prod.do.dsp.mp.microsoft.com.", "qtype": 1, "qclass": 1, "elapsed": "5.000295575s"}, "error": "all upstream servers failed"}
2024-05-30T01:27:18.913+0800 WARN forward_remote upstream error {"uqid": 5975, "qname": "disc601.prod.do.dsp.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:27:18.914+0800 WARN forward_remote upstream error {"uqid": 5975, "qname": "disc601.prod.do.dsp.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "dial tcp 1.1.1.1:53: i/o timeout"}
2024-05-30T01:27:18.914+0800 WARN udp_server entry err {"query": {"uqid": 5975, "client": "::ffff:127.0.0.1", "qname": "disc601.prod.do.dsp.mp.microsoft.com.", "qtype": 1, "qclass": 1, "elapsed": "5.000895049s"}, "error": "all upstream servers failed"}
2024-05-30T01:27:20.880+0800 WARN forward_remote upstream error {"uqid": 5977, "qname": "array614.prod.do.dsp.mp.microsoft.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
2024-05-30T01:27:41.324+0800 WARN forward_remote upstream error {"uqid": 6004, "qname": "github.com.", "qclass": 1, "qtype": 1, "upstream": "tcp://1.1.1.1", "error": "context deadline exceeded"}
|
Beta Was this translation helpful? Give feedback.
-
老哥们,这个配置咋放进去,哪位老哥给详细说说 |
Beta Was this translation helpful? Give feedback.
-
完全使用了这个配置,为什么DNS渗漏检测还是不通过 |
Beta Was this translation helpful? Give feedback.
-
时隔一年多,再看楼主的配置,有些建议,供参考。 1:用8888等国外dns做上游,如果mosdns运行的环境网关对8888没做代理,需要加socks5,要不然得到的结果是被劫持的。 |
Beta Was this translation helpful? Give feedback.
-
建议国内的上游换成 dot 或者doh - tag: forward_local
type: forward
args:
concurrent: 3
upstreams:
- addr: tls://120.53.53.53:853
- addr: tls://223.6.6.6:853
- addr: https://223.5.5.5/dns-query |
Beta Was this translation helpful? Give feedback.
-
你好 请问下配置文件能用 日志级别也是info 但是除了缓存保存有提示 再就没有任何日志信息 换别的配置文件都可以显示请求信息什么的 这是哪里出问题了呢 |
Beta Was this translation helpful? Give feedback.
-
感谢,看完让人茅塞顿开 文档没有足够丰富的例子 这个例子感觉可以加到文档里 |
Beta Was this translation helpful? Give feedback.
-
没看懂你的这个gfwlist是要用在代理软件作分流吗? |
Beta Was this translation helpful? Give feedback.
-
首先感谢大佬的付出,从v3就开始用,真的非常不错,感谢!
这个配置可以实现:
1.国内域名(已知和未知)用国内DNS解析,直连
2.国外域名(已经和未知)用国外DNS解析,走代理访问(ipset方式)
未知域名的处理方式:先用国内和国外DNS并行解析出ip,再用ip判断,如果是国内ip则直连,如果是国外ip则走代理
Beta Was this translation helpful? Give feedback.
All reactions