This is a dns proxy server written by C.
It has some features:
- speedup the dns query
forward the client dns request to more than one dns servers and get the fastest response.
- have a ip blacklist
don't forward the response to the client when the response ip is in the ip blacklist.
When use blacklist, you can drop the fake ip and ISP's ad ip, the blacklist is under your control.
For DNS cache pollution, refer to this link.
dnsproxy does not depend on the other libraries
on Linux, you can compile it with cmake or GNU automake
To use GNU automake, run command:
To use cmake, run command:
mkdir build cd build cmake .. make
on Windows, you can compile it to use mingw with cmake, MSVC is not support.
run follow command to compile:
mkdir build cd build cmake -G "MinGW Makefiles" .. mingw32-make
To run dnsproxy server, you need superuser privilege to listen on port 53
you can simple run
./dnsproxy -c dnsproxy.cfg to special a configure file
./dnsproxy -h to show more options
test the server with this command on linux
dig @127.0.0.1 twitter.com
or this command on windows
nslookup twitter.com 127.0.0.1
you can set your system dns to 127.0.0.1
the default configure is
dnsproxy.cfg at current director, or you can use
-c to special a other configure file
this is a sample configure file
listen_ip = 127.0.0.1 listen_port = 53 servers = 192.168.1.1,188.8.131.52,184.108.40.206,220.127.116.11,18.104.22.168 blacklist= iplist.txt daemon = 1 logfile = dnsproxy.log loglevel = 3
There is a dns test client, named
./dnsc [-t type] [-s dnsserver] domain
./dnsc www.google.com ./dnsc -t AAAA www.google.com ./dnsc -t A www.google.com ./dnsc -s 22.214.171.124 www.google.com ./dnsc -s 126.96.36.199 www.google.com ./dnsc -t MX gmail.com