Skip to content

Instantly share code, notes, and snippets.

@missdeer
Last active April 12, 2024 10:08
Show Gist options
  • Save missdeer/5c7c82b5b67f8afb41cfd43d51b82c2d to your computer and use it in GitHub Desktop.
Save missdeer/5c7c82b5b67f8afb41cfd43d51b82c2d to your computer and use it in GitHub Desktop.
generate Corefile which uses your ISP's DNS servers to resolve domain names in China and uses OpenDNS/Cloudflare/Google DNS servers to resolve domain names outside China for CoreDNS. You should change 119.29.29.29/223.5.5.5 to your ISP's DNS server address or use public DNS server such as 114/DNSPod etc. directly.
#!/bin/sh
echo 'use "curl -sSL git.io/corefile | bash" to update Corefile'
echo "remember to change 192.168.1.1 to your ISP's DNS server address or use public DNS server such as 114/DNSPod etc. directly"
china=`curl -sSL https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/accelerated-domains.china.conf | while read line; do awk -F '/' '{print $2}' | grep -v '#' ; done | paste -sd " " -`
apple=`curl -sSL https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/apple.china.conf | while read line; do awk -F '/' '{print $2}' | grep -v '#' ; done | paste -sd " " -`
google=`curl -sSL https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/google.china.conf | while read line; do awk -F '/' '{print $2}' | grep -v '#' ; done | paste -sd " " -`
bogus=`curl -sSL https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/bogus-nxdomain.china.conf | grep "=" | while read line; do awk -F '=' '{print $2}' | grep -v '#' ; done | paste -sd " " -`
cat>Corefile<<EOF
. {
# comment below lines to disable ads plugin
ads {
blacklist https://anti-ad.net/domains.txt
blacklist https://raw.githubusercontent.com/missdeer/blocklist/master/convert/AdguardMobileAds.txt
blacklist https://raw.githubusercontent.com/missdeer/blocklist/master/convert/AdguardMobileSpyware.txt
blacklist https://raw.githubusercontent.com/missdeer/blocklist/master/convert/AdguardTracking.txt
blacklist https://raw.githubusercontent.com/missdeer/blocklist/master/convert/AdguardCNAMEAds.txt
blacklist https://raw.githubusercontent.com/missdeer/blocklist/master/convert/AdguardCNAMEClickthroughs.txt
blacklist https://raw.githubusercontent.com/missdeer/blocklist/master/convert/AdguardCNAMEMicrosites.txt
blacklist https://raw.githubusercontent.com/missdeer/blocklist/master/convert/AdguardCNAME.txt
blacklist https://raw.githubusercontent.com/missdeer/blocklist/master/convert/AdguardDNS.txt
blacklist https://raw.githubusercontent.com/missdeer/blocklist/master/convert/EasyPrivacyCNAME.txt
blacklist https://raw.githubusercontent.com/missdeer/blocklist/master/convert/EasyPrivacySpecific.txt
blacklist https://raw.githubusercontent.com/missdeer/blocklist/master/convert/EasyPrivacy3rdParty.txt
nxdomain
log
auto-update-interval 24h
list-store ads-cache
}
hosts {
fallthrough
}
# choose your favourite DNS servers below
forward . 127.0.0.1:5300 127.0.0.1:5301 127.0.0.1:5302 127.0.0.1:5303 127.0.0.1:5304 {
except $china $apple $google dns.quad9.net cloudflare-dns.com dns.google dns.opendns.com
}
proxy . 119.29.29.29 223.5.5.5
bogus $bogus
log
cache
# uncomment lines below to enable redis plugin
#redisc {
# endpoint 127.0.0.1:6379
#}
health
reload
}
.:5300 {
bind 127.0.0.1
forward . tls://208.67.222.222 tls://208.67.220.220 {
tls_servername dns.opendns.com
health_check 60s
}
cache
}
.:5301 {
bind 127.0.0.1
forward . tls://9.9.9.9 tls://9.9.9.10 {
tls_servername dns.quad9.net
health_check 60s
}
cache
}
.:5302 {
bind 127.0.0.1
forward . tls://1.1.1.1 tls://1.0.0.1 {
tls_servername cloudflare-dns.com
health_check 60s
}
cache
}
.:5303 {
bind 127.0.0.1
forward . tls://8.8.8.8 tls://8.8.4.4 {
tls_servername dns.google
health_check 60s
}
cache
}
EOF
@snakwu
Copy link

snakwu commented Apr 18, 2020

PS C:\WINDOWS\system32> ipconfig /flushdns

Windows IP 配置

已成功刷新 DNS 解析缓存。
PS C:\WINDOWS\system32> nslookup www.taobao.com
服务器: SnakWu-OpenWrt.lan
Address: fd00:100:100::1

非权威应答:
名称: www.taobao.com.danuoyi.tbcache.com
Addresses: 240e:ff:d800:500:3::3fa
240e:ff:d800:500:3::3f9
113.96.109.101
113.96.109.100
Aliases: www.taobao.com

PS C:\WINDOWS\system32>

snakwu@hassio-server:~/go-workspace/src/coredns$ dig www.taobao.com

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> www.taobao.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63926
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;www.taobao.com. IN A

;; ANSWER SECTION:
www.taobao.com. 562 IN CNAME www.taobao.com.danuoyi.tbcache.com.
www.taobao.com.danuoyi.tbcache.com. 554 IN A 113.96.109.101
www.taobao.com.danuoyi.tbcache.com. 554 IN A 113.96.109.100

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Apr 18 10:26:23 CST 2020
;; MSG SIZE rcvd: 120

@snakwu
Copy link

snakwu commented Apr 18, 2020

image
看日志很正常,就是为什么打开网页这么慢!

@missdeer
Copy link
Author

ns的结果正常,就是打开网页非常慢!

估计是屏蔽了一些css,js的链接,导致整个网页都卡了

@missdeer
Copy link
Author

话说你怎么那么多block的解析请求

@snakwu
Copy link

snakwu commented Apr 18, 2020

话说你怎么那么多block的解析请求

加的源和你的是一样的,只是我打开的网页比较多广告吧,网页卡这问题怎么破?

@missdeer
Copy link
Author

加的源和你的是一样的,只是我打开的网页比较多广告吧,网页卡这问题怎么破?

我觉得你可以问一下源的作者

@snakwu
Copy link

snakwu commented Apr 18, 2020

加的源和你的是一样的,只是我打开的网页比较多广告吧,网页卡这问题怎么破?

我觉得你可以问一下源的作者

ok.thx!

@echowings
Copy link

用coredns 每次解析都很慢,需要刷好几下,才能返回正确的dns解析,这个怎么破?

@recall704
Copy link

这个 ipset 需要先创建吗? 还是说会自动创建?

@missdeer
Copy link
Author

这个 ipset 需要先创建吗? 还是说会自动创建?

要事先手动创建。

@zone009
Copy link

zone009 commented Dec 7, 2020

coredns 把proxy插件给干掉了,增加进去编译不成功了,有替代的插件吗?

@missdeer
Copy link
Author

missdeer commented Dec 8, 2020

coredns 把proxy插件给干掉了,增加进去编译不成功了,有替代的插件吗?

参考:
https://github.com/missdeer/coredns_custom_build

@ppproxy
Copy link

ppproxy commented Feb 3, 2024

line 7, there is a duplicate letter "m" for "https://raw.521000.bestm"

@missdeer
Copy link
Author

missdeer commented Feb 6, 2024

line 7, there is a duplicate letter "m" for "https://raw.521000.bestm"

Fixed. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment