overture是一个用Go开发的DNS服务器,我个人觉得这是个神器,配置简单,使用方便。就是比较小众,用的人不多。。
以下部署步骤请在国内服务器或者本地进行。我这边就在本地的PVE开了一台Debian9部署。
首先在这里下载最新版本的压缩包:
https://github.com/shawn1m/overture/releases
用ROOT权限登录进去安装一些需要用到的工具:
apt -y install dnsutils lrzsz unzip supervisor
新建目录然后用rz命令把下载好的压缩包传到Debian内:
mkdir -p /opt/overture && cd /opt/overture && rz
解压/重命名:
unzip overture-linux-amd64.zip cp overture-linux-amd64 overture
下载GFWLIST/CHNROUTER列表:
wget https://cokebar.github.io/gfwlist2dnsmasq/gfwlist_domain.txt wget https://raw.githubusercontent.com/17mon/china_ip_list/master/china_ip_list.txt
编辑OVERTURE的配置文件:
nano /opt/overture/config.json
下面是我的配置:
{ "BindAddress": ":53", "DebugHTTPAddress": "127.0.0.1:5555", "PrimaryDNS": [ { "Name": "DNSPod", "Address": "119.29.29.29:53", "Protocol": "udp", "SOCKS5Address": "", "Timeout": 6, "EDNSClientSubnet": { "Policy": "disable", "ExternalIP": "", "NoCookie": true } }, { "Name": "AliDNS", "Address": "223.5.5.5:53", "Protocol": "udp", "SOCKS5Address": "", "Timeout": 6, "EDNSClientSubnet": { "Policy": "disable", "ExternalIP": "", "NoCookie": true } } ], "AlternativeDNS": [ { "Name": "CloudFlareDNS", "Address": "one.one.one.one:853", "Protocol": "tcp-tls", "SOCKS5Address": "", "Timeout": 6, "EDNSClientSubnet": { "Policy": "disable", "ExternalIP": "", "NoCookie": true } }, { "Name": "GoogleDNS", "Address": "dns.google:853", "Protocol": "tcp-tls", "SOCKS5Address": "", "Timeout": 6, "EDNSClientSubnet": { "Policy": "disable", "ExternalIP": "", "NoCookie": true } } ], "OnlyPrimaryDNS": false, "IPv6UseAlternativeDNS": false, "WhenPrimaryDNSAnswerNoneUse": "PrimaryDNS", "IPNetworkFile": { "Primary": "./china_ip_list.txt", "Alternative": "" }, "DomainFile": { "Primary": "", "Alternative": "./gfwlist_domain.txt", "Matcher": "regex-list" }, "HostsFile": "./hosts_sample", "MinimumTTL": 0, "DomainTTLFile" : "./domain_ttl_sample", "CacheSize" : 0, "RejectQType": [255] }
新建supervisor配置文件:
nano /etc/supervisor/conf.d/overture.conf
写入如下配置:
[program:overture] priority=1 directory=/opt/overture command=/opt/overture/overture -c /opt/overture/config.json autostart=true autorestart=true redirect_stderr=true stdout_logfile=/var/log/supervisor/overture.log
更新supervisor配置,然后查看overture的运行状态:
supervisorctl update
supervisorctl status overture
是RUNNING状态就OK了,接下来使用dig命令进行测试,正好就拿我这个破博客测试吧,我这个域名就是被污染的,如果能够解析出正确的IP那么就说明overture工作是正常的:
dig @127.0.0.1 lala.im
OK没问题:
那么现在局域网内的其他机器修改DNS地址为这台Debian的IP即可享用无污染DNS服务了: