三生有幸,四季如春 | 言文

Windows 下的 DNS over Https 服务

2020.02.19

dnscrypt-proxy

dnscrypt-proxy

一款灵活的 DNS 代理软件,常用于在本地建立一个 DNS 服务,支持以加密的方式传输 DNS 请求,如 Dns Over Https (DoH),以避免 DNS 请求遭到劫持和污染。

下载

dnscrypt-proxy-win64

配置

下为配置文件,仅列出部分重点选项

# dnscrypt-proxy.toml

# dns 服务器配置名
server_names = ['geekdns-cn', 'dns.sb', 'doh-jp-blahdns']

# 本地监听地址
listen_addresses = ['127.0.0.1:53']

# 启用 doh 服务
doh_servers = true

# 备选 DNS 服务地址
fallback_resolvers = ['114.114.114.114:53', '8.8.8.8:53']

# 开启缓存
cache = true

# DNS 服务配置地址
[sources]
  [sources.'public-resolvers']
  urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
  cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md'
  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
  prefix = ''

  ## 匿名 DNS 中继

  [sources.'relays']
  urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/relays.md', 'https://download.dnscrypt.info/resolvers-list/v2/relays.md']
  cache_file = '/var/cache/dnscrypt-proxy/relays.md'
  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
  refresh_delay = 72
  prefix = ''

# 自定义 DNS 配置
[static]
    [static.'geekdns-cn']
    stamp = 'sdns://AgcAAAAAAAAAAAALaS4yMzNweS5jb20KL2Rucy1xdWVyeQ'

后记

官方列出的配置可以在此找到:https://dnscrypt.info/public-servers

自定义 DNS 配置由此生成:https://dnscrypt.info/stamps/

以系统服务的方式安装和运行

# 注册服务(注意配置文件位置)
./dnscrypt-proxy -config ./dnscrypt-proxy.toml -service install
# 运行
./dnscrypt-proxy -service start
# 手动查询解析
./dnscrypt-proxy -resolve example.com
comments powered by Disqus