本文系统使用Debian 10 X64
你可以直接在 Releases 页面下载到编译好的可执行文件
实际使用请根据对应系统下载。
最新版本:V1.7
下载Overture,
wget https://github.com/shawn1m/overture/releases/download/v1.7/overture-windows-amd64.zip
安装Overture
unzip -d /usr/local/overture overture-linux-amd64.zip
配置
DNS: 支持tcp udp 和 dot
主DNS(PrimaryDNS) : 主要用于国内解析
备用DNS(AlternativeDNS) : 一般配置成无污染DNS,解析国外域名.
IPNetworkFileIPNetworkFile: 按ip地址过滤
Primary: 当主 DNS 返回的结果在此集合中时,不再等待备用 DNS 结果,直接返回.
Alternative: 当备用 DNS 返回的结果在此集合中时,不再等待主 DNS 结果,直接返回.
DomainFile: 按域名过滤
Primary: 只使用主 DNS 的域名
Alternative: 只使用备用 DNS 的域名,一般要配置成 gfwlist.
Matcher: 1.6版本以后,增加了域名文件的过滤方式,这里保持默认 regex-list 即按照域名后缀匹配.
IPNetworkFile
只需要配置 Primary 为国内 ip 列表,这样主 DNS 的解析结果是国内 ip 时,直接采用.
国内 ip 列表.推荐 IPIP 维护的 chnrouter. 已足够使用.
DomainFile
主要是区分国内外域名,如果域名是国内域名直接交给 主DNS,国外域名直接交给 备用DNS.
匹配方式这里选择 suffix-tree 即域名后缀匹配.
Primary
Primary 配置成常见国内域名.信息来自 fancyss 和 dnsmasq-china-list
curl https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/accelerated-domains.china.conf | sed 's/server=\///g;s/\/114.114.114.114//g' > china_list1.txt
curl https://raw.githubusercontent.com/hq450/fancyss/master/rules/WhiteList_new.txt | sed 's/Server=\///g;s/\///g' > china_list2.txt
cat china_list1.txt china_list2.txt | sort -u > china_list.txt
rm china_list1.txt china_list2.txtAlternative
基本上 g*wlist 就够了
curl https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt | base64 -d | sort -u | sed '/^$\|@@/d'| sed 's#!.\+##; s#|##g; s#@##g; s#http:\/\/##; s#https:\/\/##;' | sed '/\*/d; /apple\.com/d; /sina\.cn/d; /sina\.com\.cn/d; /baidu\.com/d; /qq\.com/d' | sed '/^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$/d' | grep '^[0-9a-zA-Z\.-]\+$' | grep '\.' | sed 's#^\.\+##' | sort -u > /tmp/temp_gfwlist.txt
curl https://raw.githubusercontent.com/hq450/fancyss/master/rules/gfwlist.conf | sed 's/ipset=\/\.//g; s/\/gfwlist//g; /^server/d' > /tmp/temp_koolshare.txt
cat /tmp/temp_gfwlist.txt /tmp/temp_koolshare.txt | sort -u > gfw_all_domain.txt然后将上述3个txt文件移至Overture根目录,本文目录/usr/local/overture
创建配置文件:
nano /usr/local/overture/config.yml
写入以下内容
bindAddress: :53
debugHTTPAddress: 127.0.0.1:5555
dohEnabled: true
primaryDNS:
- name: Ali
address: https://dns.alidns.com/dns-query
protocol: https
socks5Address:
timeout: 6
ednsClientSubnet:
policy: auto
externalIP:
noCookie: true
alternativeDNS:
- name: Cloudflare
address: one.one.one.one:[email protected]
protocol: tcp-tls
socks5Address:
timeout: 6
ednsClientSubnet:
policy: auto
externalIP:
noCookie: true
onlyPrimaryDNS: false
ipv6UseAlternativeDNS: false
alternativeDNSConcurrent: false
whenPrimaryDNSAnswerNoneUse: alternativeDNS
ipNetworkFile:
primary: ./cnip.txt
alternative: ./ip_network_alternative_sample
domainFile:
primary: ./china_list.txt
alternative: ./gfw_all_domain.txt
matcher: suffix-tree
hostsFile:
hostsFile: ./hosts_sample
finder: full-map
minimumTTL: 1
domainTTLFile: ./domain_ttl_sample
cacheSize: 5000
cacheRedisUrl: redis://localhost:6379/0
cacheRedisConnectionPoolSize: 100
rejectQType:
- 255配置开机启动 vi /etc/systemd/system/overture.service 并输入内容如下:
[Unit]
Description=overture
After=network.target
[Service]
ExecStart=/usr/local/overture/overture-linux-amd64 -c /usr/local/overture/config.yml
Restart=on-abort
[Install]
WantedBy=multi-user.target启动 Overture 服务
systemctl enable overture
systemctl start overture至此,一台纯净的DNS服务器搭建完毕。
