OpenWrt编译版本查询任意域名返回局域网内IP #230

giveup · 2024-01-12T06:45:25Z

自编译OpenWrt版本
OpenWrt 23.05.2

smartdns-rs 698ffd8

配置文件

server-name smartdns
speed-check-mode none
dualstack-ip-selection no
prefetch-domain yes
serve-expired yes
dnsmasq-lease-file /tmp/dhcp.leases
rr-ttl-min 600
log-size 128
log-num 1
log-level debug
log-file /tmp/smartdns2.log
audit-size 64K
audit-num 1
cache-persist yes
cache-file /tmp/smartdns/smartdns.cache
resolv-file /tmp/resolv.conf.d/resolv.conf.auto
bind :1253@br-lan -group domestic
bind :1253@lo -group domestic
bind :1254@br-lan  -no-speed-check -no-dualstack-selection -force-aaaa-soa -group oversea
bind :1254@lo  -no-speed-check -no-dualstack-selection -force-aaaa-soa -group oversea
server-tls 223.5.5.5  -no-check-certificate -group domestic
server-tls 223.6.6.6  -no-check-certificate -group domestic
server-tls 223.5.5.5  -no-check-certificate -group oversea -subnet 172.67.141.83
server-tls 223.6.6.6  -no-check-certificate -group oversea -subnet 172.67.141.83
domain-set -name domain-block-list -file /etc/smartdns/domain-block.list
domain-rules /domain-set:domain-block-list/ -address #
conf-file /etc/smartdns/address.conf
conf-file /etc/smartdns/blacklist-ip.conf
conf-file /etc/smartdns/custom.conf

启动参数

./smartdns-rs -f -c ./test.conf

启动日志

:/etc/smartdns# ./smartdns-rs -f -c ./test.conf 
2024-01-12 06:31:38.973:INFO: Smart-DNS 🐋 0.7.2 starting
2024-01-12 06:31:38.974:INFO: loading configuration from: "./test.conf"
2024-01-12 06:31:38.974:WARN:smartdns::dns_conf:800: unknown conf: log-size 128, Error(Error { input: "log-size 128", code: Tag })
2024-01-12 06:31:38.976:INFO: DoaminSet load 0 records into domain-block-list
2024-01-12 06:31:38.983:INFO: whoami 👉 smartdns
2024-01-12 06:31:38.983:INFO: upstream server: tls://223.5.5.5?ssl_verify=false [Group: ["domestic"]] 
2024-01-12 06:31:38.984:INFO: upstream server: tls://223.6.6.6?ssl_verify=false [Group: ["domestic"]] 
2024-01-12 06:31:38.984:INFO: upstream server: tls://223.5.5.5?ssl_verify=false [Group: ["oversea"]] 
2024-01-12 06:31:38.984:INFO: upstream server: tls://223.6.6.6?ssl_verify=false [Group: ["oversea"]] 
2024-01-12 06:31:38.984:INFO: upstream server: tls://223.5.5.5?ssl_verify=false [Group: default]
2024-01-12 06:31:38.984:INFO: upstream server: tls://223.6.6.6?ssl_verify=false [Group: default]
2024-01-12 06:31:38.984:INFO: upstream server: tls://223.5.5.5?ssl_verify=false [Group: default]
2024-01-12 06:31:38.984:INFO: upstream server: tls://223.6.6.6?ssl_verify=false [Group: default]
2024-01-12 06:31:39.43:INFO: bootstrap-dns tls://223.5.5.5?ssl_verify=false
2024-01-12 06:31:39.44:INFO: bootstrap-dns tls://223.6.6.6?ssl_verify=false
2024-01-12 06:31:39.44:INFO: bootstrap-dns tls://223.5.5.5?ssl_verify=false
2024-01-12 06:31:39.44:INFO: bootstrap-dns tls://223.6.6.6?ssl_verify=false
2024-01-12 06:31:39.56:INFO: listening for UDP on 192.168.31.1:1253@br-lan
2024-01-12 06:31:39.57:INFO: listening for UDP on 127.0.0.1:1253@lo
2024-01-12 06:31:39.57:INFO: listening for UDP on 192.168.31.1:1254@br-lan
2024-01-12 06:31:39.57:INFO: listening for UDP on 127.0.0.1:1254@lo
2024-01-12 06:31:39.59:INFO: 
2024-01-12 06:31:39.59:INFO:      _____                      _       _____  _   _  _____ 
2024-01-12 06:31:39.59:INFO:     / ____|                    | |     |  __ \| \ | |/ ____|
2024-01-12 06:31:39.60:INFO:    | (___  _ __ ___   __ _ _ __| |_    | |  | |  \| | (___  
2024-01-12 06:31:39.60:INFO:     \___ \| '_ ` _ \ / _` | '__| __|   | |  | | . ` |\___ \ 
2024-01-12 06:31:39.60:INFO:     ____) | | | | | | (_| | |  | |_    | |__| | |\  |____) |
2024-01-12 06:31:39.60:INFO:    |_____/|_| |_| |_|\__,_|_|   \__|   |_____/|_| \_|_____/ 
2024-01-12 06:31:39.60:INFO: 
2024-01-12 06:31:39.60:INFO: awaiting connections...
2024-01-12 06:31:39.60:INFO: server starting up

查询日志

2024-01-12 06:32:16.252:DEBUG:smartdns::server::udp:43: received udp request from: 192.168.31.205:51486
2024-01-12 06:32:16.263:DEBUG:smartdns::app:365: request:9688 src:UDP://192.168.31.205#51486 type:QUERY dnssec:false QUERY:www.hao123.com.:A:IN qflags:RD,AD
2024-01-12 06:33:47.864:DEBUG:smartdns::server::udp:43: received udp request from: 192.168.31.205:52654
2024-01-12 06:33:47.866:DEBUG:smartdns::app:365: request:28853 src:UDP://192.168.31.205#52654 type:QUERY dnssec:false QUERY:www.hao123.com.:A:IN qflags:RD,AD

dig @192.168.31.1 -p 1253 www.hao123.com

; <<>> DiG 9.10.6 <<>> @192.168.31.1 -p 1253 www.hao123.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28853
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.hao123.com.			IN	A

;; ANSWER SECTION:
www.hao123.com.		600	IN	A	192.168.31.198

;; Query time: 51 msec
;; SERVER: 192.168.31.1#1253(192.168.31.1)
;; WHEN: Fri Jan 12 14:33:45 CST 2024
;; MSG SIZE  rcvd: 48

brew安装的macOS版本无此问题

The text was updated successfully, but these errors were encountered:

mokeyish · 2024-01-12T10:45:18Z

没有配置的话，不会返回随机局域网 ip 的。要么上游返回的，要么配置了地址

你有启用 https 监听吗？
有的话可以访问 https://localhost/api/addresses
看看

https://github.com/mokeyish/smartdns-rs/blob/main/src/api/address.rs#L7-L9

giveup · 2024-01-12T11:44:53Z

没有配置的话，不会返回随机局域网 ip 的。要么上游返回的，要么配置了地址

你有启用 https 监听吗？有的话可以访问 https://localhost/api/addresses 看看

https://github.com/mokeyish/smartdns-rs/blob/main/src/api/address.rs#L7-L9

上游就是阿里dns，而且这是国内域名，也几乎不存在污染的可能性。
贴的配置文件就是全部内容，有几个conf都是空的。（openwrt安装自带的配置文件）
主要用于dnsmasq的上游，因此没有配置https监听（似乎dnsmasq还不支持）
代码的话...rust不懂。
我需要做什么来进一步排查这个问题？

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OpenWrt编译版本查询任意域名返回局域网内IP #230

OpenWrt编译版本查询任意域名返回局域网内IP #230

giveup commented Jan 12, 2024 •

edited

mokeyish commented Jan 12, 2024 •

edited

giveup commented Jan 12, 2024

OpenWrt编译版本查询任意域名返回局域网内IP #230

OpenWrt编译版本查询任意域名返回局域网内IP #230

Comments

giveup commented Jan 12, 2024 • edited

mokeyish commented Jan 12, 2024 • edited

giveup commented Jan 12, 2024

giveup commented Jan 12, 2024 •

edited

mokeyish commented Jan 12, 2024 •

edited