Gih's Blog

只言片语
Posts tagged as internet

整理了一下博客

2015-04-06 by gihnius, tagged as internet
今天更新了式样, 添加了 Disqus 评论系统, 欢迎评论. 链接也采用标题描述取代原来的日期方式.

Setup a DNS cache server using dnsmasq

2014-08-08 by gihnius, tagged as internet

Dnsmasq is a lightweight, easy to configure, DNS forwarder and DHCP server. It is designed to provide DNS and optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. 

apt-get update
apt-get install dnsmasq

if installed successful, test it by:

dig google.com @localhost

Setup local caching

Edit /etc/dnsmasq.conf (default location in debian linux).

#listen-address=0.0.0.0 ## default 
port=53

no-poll

no-resolv

#forwarding google dns and opendns
server=8.8.8.8
server=8.8.4.4
server=208.67.222.222
server=208.67.220.220

cache-size=1024

neg-ttl=7200

max-ttl=86400

interface=eth0

interface=lo0

In order to configure dnsmasq to act as cache for the host on which it is running, put  nameserver 127.0.0.1 in /etc/resolv.conf to force local processes to send queries to dnsmasq. 

in /etc/resolv.conf:

nameserver 127.0.0.1

then restart dnsmasq. /etc/init.d/dnsmasq restart.


DNS (UDP) tunneling by SSH with socat.

2014-08-08 by gihnius, tagged as internet

Intro

In China, many "ISP" sucks. Their DNS servers often return incorrect ip address results,  is known as DNS poisoning! DNS poisoning is a common and simple way to stop people reaching correct web pages.

Here is a solution to get the correct DNS queries results.

Dependent tools

  • Server
    • A VPS server that can access famous public DNS servers correctly, eg. 8.8.8.8 (google dns) or 208.67.222.222 (opendns).
    • SSH server running on that VPS. (Please google: how to setup ssh server)
    • socat (Socket Cat). (Please google: how to setup or install socat)
    • dnsmasq (Optional, for caching).
  • Local
    • SSH client
    • socat (Socket Cat)
    • dnsmasq (Optional, for caching).

ssh, socat, dnsmasq are open source softwares which can be found and installed easily.

Samples and Steps

  • Server
    • Setup a DNS caching server using dnsmasq. (Optional)
    • If no local dns server, just use a public dns server instead, eg. 8.8.8.8:53
    • Forwarding UDP to TCP by socat (listen on port: 15353)
      • install socat
      • start socat:
        • if use a public dns server, eg. 8.8.8.8:53
          socat tcp4-listen:15353,reuseaddr,fork,bind=127.0.0.1 UDP:8.8.8.8:53
        • if use local dns caching server: 127.0.0.1:5353
          socat tcp4-listen:15353,reuseaddr,fork,bind=127.0.0.1 UDP:127.0.0.1:53
    • You can check the forwarding dns server using command line:
      dig +tcp google.com @127.0.0.1 -p 15353
  • Local
    • Setup SSH tunnel 
      ssh -N -L 15353:localhost:15353 username@vps.ip
    • Forwarding TCP to UDP by socat
      • if no local dns caching server, you can forward to port 53
        socat udp-recvfrom:53,reuseaddr,bind=127.0.0.1,fork tcp:127.0.0.1:15353
      • of cause can forward to any port that can be used.
        socat udp-recvfrom:15353,reuseaddr,bind=127.0.0.1,fork tcp:127.0.0.1:15353
    • Setup local dns caching server (Optional but recommend). See the server instruction above.

OK! 

Oh not yet!

ssh (tunnel) is not always working well! WTF!

近段时间暂时没心情写博客

2011-08-23 by gihnius, tagged as internet

正在用 Common Lisp 写一个博客程序, 练练手. 现在这个博客程序系用 C 写的, 看看写个 Lisp 的效果如何.

Welcome!

2011-06-01 by gihnius, tagged as internet
欢迎访问我的个人博客. 从QQ空间搬到这里, 清静多了.