静看光阴荏苒
不管不顾不问不说也不念

overture:自建无污染的DNS服务

overture是一个用Go开发的DNS服务器,我个人觉得这是个神器,配置简单,使用方便。就是比较小众,用的人不多。。

以下部署步骤请在国内服务器或者本地进行。我这边就在本地的PVE开了一台Debian9部署。

首先在这里下载最新版本的压缩包:

https://github.com/shawn1m/overture/releases

用ROOT权限登录进去安装一些需要用到的工具:

apt -y install dnsutils lrzsz unzip supervisor

新建目录然后用rz命令把下载好的压缩包传到Debian内:

mkdir -p /opt/overture && cd /opt/overture && rz

解压/重命名:

unzip overture-linux-amd64.zip
cp overture-linux-amd64 overture

下载GFWLIST/CHNROUTER列表:

wget https://cokebar.github.io/gfwlist2dnsmasq/gfwlist_domain.txt
wget https://raw.githubusercontent.com/17mon/china_ip_list/master/china_ip_list.txt

编辑OVERTURE的配置文件:

nano /opt/overture/config.json

下面是我的配置:

{
  "BindAddress": ":53",
  "DebugHTTPAddress": "127.0.0.1:5555",
  "PrimaryDNS": [
    {
      "Name": "DNSPod",
      "Address": "119.29.29.29:53",
      "Protocol": "udp",
      "SOCKS5Address": "",
      "Timeout": 6,
      "EDNSClientSubnet": {
        "Policy": "disable",
        "ExternalIP": "",
        "NoCookie": true
      }
    },
    {
      "Name": "AliDNS",
      "Address": "223.5.5.5:53",
      "Protocol": "udp",
      "SOCKS5Address": "",
      "Timeout": 6,
      "EDNSClientSubnet": {
        "Policy": "disable",
        "ExternalIP": "",
        "NoCookie": true
      }
    }
  ],
  "AlternativeDNS": [
    {
      "Name": "CloudFlareDNS",
      "Address": "one.one.one.one:853",
      "Protocol": "tcp-tls",
      "SOCKS5Address": "",
      "Timeout": 6,
      "EDNSClientSubnet": {
        "Policy": "disable",
        "ExternalIP": "",
        "NoCookie": true
      }
    },
    {
      "Name": "GoogleDNS",
      "Address": "dns.google:853",
      "Protocol": "tcp-tls",
      "SOCKS5Address": "",
      "Timeout": 6,
      "EDNSClientSubnet": {
        "Policy": "disable",
        "ExternalIP": "",
        "NoCookie": true
      }
    }
  ],
  "OnlyPrimaryDNS": false,
  "IPv6UseAlternativeDNS": false,
  "WhenPrimaryDNSAnswerNoneUse": "PrimaryDNS",
  "IPNetworkFile": {
    "Primary": "./china_ip_list.txt",
    "Alternative": ""
  },
  "DomainFile": {
    "Primary": "",
    "Alternative": "./gfwlist_domain.txt",
    "Matcher":  "regex-list"
  },
  "HostsFile": "./hosts_sample",
  "MinimumTTL": 0,
  "DomainTTLFile" : "./domain_ttl_sample",
  "CacheSize" : 0,
  "RejectQType": [255]
}

新建supervisor配置文件:

nano /etc/supervisor/conf.d/overture.conf

写入如下配置:

[program:overture]
priority=1
directory=/opt/overture
command=/opt/overture/overture -c /opt/overture/config.json
autostart=true
autorestart=true
redirect_stderr=true
stdout_logfile=/var/log/supervisor/overture.log

更新supervisor配置,然后查看overture的运行状态:

supervisorctl update
supervisorctl status overture

是RUNNING状态就OK了,接下来使用dig命令进行测试,正好就拿我这个破博客测试吧,我这个域名就是被污染的,如果能够解析出正确的IP那么就说明overture工作是正常的:

dig @127.0.0.1 lala.im

OK没问题:

那么现在局域网内的其他机器修改DNS地址为这台Debian的IP即可享用无污染DNS服务了:

赞(4)
未经允许不得转载:荒岛 » overture:自建无污染的DNS服务
分享到: 更多 (0)

评论 8

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
  1. #1

    实力划水 :razz:

    橘子3周前 (10-03) Google Chrome 77.0.3833.95 Google Chrome 77.0.3833.95 Windows 10 x64 Edition Windows 10 x64 Edition回复
  2. #2

    蛮有兴趣的,奈何平时走动频繁,局域网本地配置需求不大,只能走公有云。然而国内服务器上是不允许自建DNS服务的,我怕…… :cry: :cry:
    倘若找海外机或是HK的,这个不是DoH或是DoT,我担心会不会出现本地运营商DNS抢答的情况。(倘若会,那么如此一来不就白忙活了,233O:-)

    Summer3周前 (10-03) Google Chrome 77.0.3865.92 Google Chrome 77.0.3865.92 Android 9 Android 9回复
    • 不要怂就是干,找个小商家买台小鸡鸡,自己低调用就是了。我折腾这个是打算配合SS做透明代理用的,奈何这两天实在没精力折腾就鸽了。。

      LALA3周前 (10-04) Google Chrome 74.0.3729.169 Google Chrome 74.0.3729.169 Windows 10 x64 Edition Windows 10 x64 Edition回复
  3. #3

    8说了,配置文件写清楚了,DNS默认常规UDP53端口,我凉了,带哥的好东西我用不到了, :!: :!:

    Summer3周前 (10-03) Google Chrome 77.0.3865.92 Google Chrome 77.0.3865.92 Android 9 Android 9回复
    • 国内的DNS肯定是用常规的UDP53,国外是CF和Google的DoT啊。。

      LALA3周前 (10-04) Google Chrome 74.0.3729.169 Google Chrome 74.0.3729.169 Windows 10 x64 Edition Windows 10 x64 Edition回复
  4. #4

    又学习了。谢谢

    玩et3周前 (10-03) Google Chrome 77.0.3865.90 Google Chrome 77.0.3865.90 Windows 10 x64 Edition Windows 10 x64 Edition回复
  5. #5

    这个DNS对服务器带宽有要求吗,我想部署在腾讯云hk :cool:

    demo111周前 (10-16) Safari 7.0.3 Safari 7.0.3 Mac OS X  10.9.3 Mac OS X 10.9.3回复
    • 没有要求,就自己用的话,查询几个DNS请求也用不到多少流量。

      LALA6天前 Google Chrome 74.0.3729.169 Google Chrome 74.0.3729.169 Windows 10 x64 Edition Windows 10 x64 Edition回复

分享创造快乐

广告合作资源投稿