Skip to content

Commit

Permalink
remove sniff=dns
Browse files Browse the repository at this point in the history
  • Loading branch information
kkkgo committed May 25, 2024
1 parent c531cd9 commit 31147a4
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 29 deletions.
1 change: 0 additions & 1 deletion FILES/etc/sysctl.conf

This file was deleted.

24 changes: 12 additions & 12 deletions FILES/usr/bin/ppg.sh
Original file line number Diff line number Diff line change
Expand Up @@ -245,18 +245,18 @@ load_clash() {
log "[OK] SNIFF OK." succ
else
if [ -f /www/sniffdns ]; then
if [ -z "$dns_ip" ]; then
dns_ip="1.0.0.1"
fi
if [ -z "$dns_port" ]; then
dns_port="53"
fi
sed "s/dns_ip/$dns_ip/g" /etc/config/sing-box/sniff.json >/tmp/sniff.json
sed -i "s/dns_port/$dns_port/g" /tmp/sniff.json
if ps | grep -v "grep" | grep "d /etc/config/clash"; then
/usr/bin/sing-box run -c /tmp/sniff.json >/dev/tty0 2>&1 &
fi
else
# if [ -z "$dns_ip" ]; then
# dns_ip="1.0.0.1"
# fi
# if [ -z "$dns_port" ]; then
# dns_port="53"
# fi
# sed "s/dns_ip/$dns_ip/g" /etc/config/sing-box/sniff.json >/tmp/sniff.json
# sed -i "s/dns_port/$dns_port/g" /tmp/sniff.json
# if ps | grep -v "grep" | grep "d /etc/config/clash"; then
# /usr/bin/sing-box run -c /tmp/sniff.json >/dev/tty0 2>&1 &
# fi
# else
if ps | grep -v "grep" | grep "d /etc/config/clash"; then
/usr/bin/sing-box run -c /etc/config/sing-box/sniff.json >/dev/tty0 2>&1 &
fi
Expand Down
6 changes: 0 additions & 6 deletions ReadMe.md
Original file line number Diff line number Diff line change
Expand Up @@ -222,12 +222,6 @@ docker run --rm -v .:/data sliamb/ppgwiso:fullmod
docker pull sliamb/ppgwiso
docker run --rm -e SNIFF=yes -v .:/data sliamb/ppgwiso
```
此外,有时候节点远程解析的DNS存在问题或者其他自定义原因,而又没有节点服务器的控制权,出于避免DNS请求泄漏到节点或者其他场景,如果你想在嗅探的基础上,使用本地可信任DNS(ppgw.ini中所配置的)来解析所有请求来代替远程解析,可以使用`SNIFF=dns`
```shell
docker pull sliamb/ppgwiso
docker run --rm -e SNIFF=dns -v .:/data sliamb/ppgwiso
```
*注:一般情况下,远程解析可以获得更快的连接速度,如无特殊自定义需求不建议定制`SNIFF=dns`*
## 与DNS服务器配合完成分流
PaoPao GateWay启动后会监听53端口作为FAKEIP的DNS服务器,所有域名的查询到达的话这里都会解析成`fake_cidr`内的IP。当你在主路由添加`fake_cidr`段到PaoPao GateWay的静态路由后,你只需要把需要走网关的域名解析转发到PaoPao GateWay的53端口即可,能实现这个功能的DNS软件很多,比如有些系统自带的dnsmasq就可以指定某个域名使用某个DNS服务器。
配合[PaoPaoDNS](https://github.com/kkkgo/PaoPaoDNS)`CUSTOM_FORWARD`功能就可以完成简单精巧的分流,以下是一个简单的非CN IP的域名转发到PaoPao GateWay的docker compose配置:
Expand Down
20 changes: 10 additions & 10 deletions remakeiso.sh
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ if [ -f /data/Country.mmdb ]; then
cp /data/Country.mmdb $root"/etc/config/clash/Country.mmdb"
fi

if [ "$SNIFF" = "yes" ]; then
if [ "$SNIFF" = "yes" ] || [ "$SNIFF" = "dns" ]|| [ "$sniff" = "yes" ]|| [ "$sniff" = "dns" ]; then
echo Patching sniff...
mkdir -p $root"/etc/config/sing-box"
echo "$json" >$root"/etc/config/sing-box/sniff.json"
Expand All @@ -121,15 +121,15 @@ if [ "$SNIFF" = "yes" ]; then
cp /sing-box $root"/usr/bin/"
fi

if [ "$SNIFF" = "dns" ]; then
echo Patching sniff with dns...
mkdir -p $root"/etc/config/sing-box"
echo "$dnsjson" >$root"/etc/config/sing-box/sniff.json"
sed -i 's/1082/1081/g' $root"/usr/bin/nft.sh"
sed -i 's/1082/1081/g' $root"/usr/bin/nft_tcp.sh"
cp /sing-box $root"/usr/bin/"
touch $root"/www/sniffdns"
fi
# if [ "$SNIFF" = "dns" ]; then
# echo Patching sniff with dns...
# mkdir -p $root"/etc/config/sing-box"
# echo "$dnsjson" >$root"/etc/config/sing-box/sniff.json"
# sed -i 's/1082/1081/g' $root"/usr/bin/nft.sh"
# sed -i 's/1082/1081/g' $root"/usr/bin/nft_tcp.sh"
# cp /sing-box $root"/usr/bin/"
# touch $root"/www/sniffdns"
# fi

if [ -f /data/clash ]; then
ls -lah /data/clash
Expand Down

0 comments on commit 31147a4

Please sign in to comment.