Dnsproxy


This is a dns proxy server written by C.

It has some features:

  1. speedup the dns query
    forward the client dns request to more than one dns servers and get the fastest response.
  2. have a ip blacklist
    don't forward the response to the client when the response ip is in the ip blacklist.

When use blacklist, you can drop the fake ip and ISP's ad ip, the blacklist is under your control.

For DNS cache pollution, refer to this link.

Requirement

dnsproxy does not depend on the other libraries

Compile

Linux

on Linux, you can compile it with cmake or GNU automake

To use GNU automake, run command:

./gen.sh
 make

To use cmake, run command:

mkdir build
cd build
cmake ..
make

Windows

on Windows, you can compile it to use mingw with cmake, MSVC is not support.

run follow command to compile:

mkdir build
cd build
cmake -G "MinGW Makefiles" ..
mingw32-make

Dns server

dnsproxy

To run dnsproxy server, you need superuser privilege to listen on port 53

you can simple run

sudo ./dnsproxy

or sudo ./dnsproxy -c dnsproxy.cfg to special a configure file

use ./dnsproxy -h to show more options

test the server with this command on linux

dig @127.0.0.1 twitter.com

or this command on windows

nslookup twitter.com 127.0.0.1

you can set your system dns to 127.0.0.1

Config file

the default configure is dnsproxy.cfg at current director, or you can use -c to special a other configure file

this is a sample configure file

listen_ip = 127.0.0.1
listen_port = 53
servers = 192.168.1.1,8.8.8.8,202.180.160.1,202.45.84.59,202.45.84.67
blacklist= iplist.txt
daemon = 1
logfile = dnsproxy.log
loglevel = 3

Dns client

There is a dns test client, named dnsc

Usage:

./dnsc [-t type] [-s dnsserver] domain

Example:

./dnsc www.google.com
./dnsc -t AAAA www.google.com
./dnsc -t A www.google.com
./dnsc -s 8.8.8.8 www.google.com
./dnsc -s 4.2.2.2 www.google.com
./dnsc -t MX gmail.com