这是一个创建于 3336 天前的主题,其中的信息可能已经有所发展或是发生改变。
源DNS:bind搭建或者使用其它公共DNS
自己搭建:
yum install bind
nano /etc/named.conf
acl goodclients {
2.2.0.0/16;
3.3.3.3;
localhost;
localnets; #允许的IP
};
options {
listen-on port 53 { 1.2.3.4; }; #自己的服务器IP
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { goodclients; };
allow-query-cache { goodclients; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
controls { };
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
channel querylog {
file "data/named.log" versions 5 size 32m;
severity debug 3;
print-category yes;
print-time yes;
print-severity yes;
};
category queries {
querylog;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
本地DNS:
apt-get install unbound
nano /etc/unbound/unbound.conf
server:
verbosity: 1
num-threads: 2
interface: 192.168.1.2 #树莓派IP
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
tcp-upstream: yes
do-daemonize: yes
access-control: 192.168.1.0/24 allow
forward-zone:
name: "."
forward-addr: 1.2.3.4 #自己搭建的DNS
forward-addr: 8.8.8.8
可以正常查询到twitterIP,但是访问不了
自己搭建:
yum install bind
nano /etc/named.conf
acl goodclients {
2.2.0.0/16;
3.3.3.3;
localhost;
localnets; #允许的IP
};
options {
listen-on port 53 { 1.2.3.4; }; #自己的服务器IP
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { goodclients; };
allow-query-cache { goodclients; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
controls { };
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
channel querylog {
file "data/named.log" versions 5 size 32m;
severity debug 3;
print-category yes;
print-time yes;
print-severity yes;
};
category queries {
querylog;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
本地DNS:
apt-get install unbound
nano /etc/unbound/unbound.conf
server:
verbosity: 1
num-threads: 2
interface: 192.168.1.2 #树莓派IP
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
tcp-upstream: yes
do-daemonize: yes
access-control: 192.168.1.0/24 allow
forward-zone:
name: "."
forward-addr: 1.2.3.4 #自己搭建的DNS
forward-addr: 8.8.8.8
可以正常查询到twitterIP,但是访问不了
 |
1
xiaozhizhu1997 2015-03-08 22:29:06 +08:00
推、FB之类的光防污染没用,还有IP地址封锁。
防污染主要是应对edgecast之类的CDN,这种找不全域名的,直接自动反污染,非常有效。 |
 |
2
alairs 2015-06-05 10:28:19 +08:00
没污染是没污染,但没多大用啊
|
Select Language