Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mosdns转发至adguardhome在adguard中如何获取源IP,目前仅显示mosdns IP #816

Open
xihazhiwang opened this issue May 27, 2024 · 4 comments
Open

mosdns转发至adguardhome在adguard中如何获取源IP,目前仅显示mosdns IP #816

xihazhiwang opened this issue May 27, 2024 · 4 comments

Comments

@xihazhiwang
Copy link

环境:docker 部署 mosdns adguardhome mihomo
部署脚本:

version: '3'

services:
  mihomo:
    image: metacubex/mihomo
    container_name: mihomo
    networks:
      macvlan:
        ipv4_address: 192.168.51.8
    volumes:
      - /root/disk1/mihomo:/root/.config/mihomo/
    privileged: true
#    devices:
#      - /dev/net/tun
    restart: always
#    cap_add:
#      - NET_ADMIN
    sysctls:
      - net.ipv4.ip_forward=1

  adguardHome:
    image: adguard/adguardhome
    container_name: adguardHome
    networks:
      macvlan:
        ipv4_address: 192.168.51.6
    volumes:
      - /root/disk1/adguardhome/conf:/opt/adguardhome/conf
      - /root/disk1/adguardhome/work:/opt/adguardhome/work
    privileged: true
    restart: always

  mosdns:
    image: irinesistiana/mosdns:latest
    container_name: mosdns
    networks:
      macvlan:
        ipv4_address: 192.168.51.7
    volumes:
      - /root/disk1/mosdns/etc/mosdns:/etc/mosdns
      - /root/disk1/mosdns/var/mosdns:/var/mosdns
    privileged: true
    restart: always

networks:
  macvlan:
    driver: macvlan
    driver_opts:
      parent: ens18
      macvlan_mode: bridge
    ipam:
      config:
        - subnet: 192.168.51.0/24
          gateway: 192.168.51.1

mosdns 配置文件

log:
  level: info
  file: "/var/log/mosdns.log"

api:
  http: "0.0.0.0:9091"

include: []

plugins:
  - tag: geosite_cn
    type: domain_set
    args:
      files:
        - "/var/mosdns/geosite_cn.txt"

  - tag: geoip_cn
    type: ip_set
    args:
      files:
        - "/var/mosdns/geoip_cn.txt"

  - tag: geosite_apple
    type: domain_set
    args:
      files:
        - "/var/mosdns/geosite_apple.txt"

  - tag: geosite_no_cn
    type: domain_set
    args:
      files:
        - "/var/mosdns/geosite_geolocation-!cn.txt"

  - tag: whitelist
    type: domain_set
    args:
      files:
        - "/etc/mosdns/rule/whitelist.txt"

  - tag: blocklist
    type: domain_set
    args:
      files:
        - "/etc/mosdns/rule/blocklist.txt"

  - tag: greylist
    type: domain_set
    args:
      files:
        - "/etc/mosdns/rule/greylist.txt"

  - tag: ddnslist
    type: domain_set
    args:
      files:
        - "/etc/mosdns/rule/ddnslist.txt"

  - tag: hosts
    type: hosts
    args:
      files:
        - "/etc/mosdns/rule/hosts.txt"

  - tag: redirect
    type: redirect
    args:
      files:
        - "/etc/mosdns/rule/redirect.txt"

  - tag: adlist
    type: domain_set
    args:
      files:
        - "/etc/mosdns/rule/disable-ads.txt"

  - tag: local_ptr
    type: domain_set
    args:
      files:
        - "/etc/mosdns/rule/local-ptr.txt"

  - tag: cloudflare_cidr
    type: ip_set
    args:
      files:
        - "/etc/mosdns/rule/cloudflare-cidr.txt"

  - tag: lazy_cache
    type: cache
    args:
      size: 0
      lazy_cache_ttl: 0

  - tag: forward_xinfeng_udp
    type: forward
    args:
      concurrent: 2
      upstreams:
        - addr: "114.114.114.114"
        - addr: "114.114.115.115"

  - tag: forward_local
    type: forward
    args:
      concurrent: 1
      upstreams:
        - addr: "192.168.51.6"
          bootstrap: 119.29.29.29
          enable_pipeline: false
          max_conns: 2
          insecure_skip_verify: false
          idle_timeout: 30

  - tag: forward_remote
    type: forward
    args:
      concurrent: 1
      upstreams:
        - addr: "192.168.51.8"
          bootstrap: 8.8.8.8
          enable_pipeline: false
          max_conns: 2
          insecure_skip_verify: false
          idle_timeout: 30

  - tag: modify_ttl
    type: sequence
    args:
      - exec: ttl 0-0

  - tag: modify_ddns_ttl
    type: sequence
    args:
      - exec: ttl 5-5

  - tag: local_sequence
    type: sequence
    args:
      - exec: $forward_local

  - tag: remote_sequence
    type: sequence
    args:
      - exec: prefer_ipv4
      - exec: $forward_remote

  - tag: has_resp_sequence
    type: sequence
    args:
      - matches: qname $ddnslist
        exec: $modify_ddns_ttl
      - matches: "!qname $ddnslist"
        exec: $modify_ttl
      - matches: has_resp
        exec: accept

  - tag: query_is_local_ip
    type: sequence
    args:
      - exec: $local_sequence
      - matches: "!resp_ip $geoip_cn"
        exec: drop_resp

  - tag: query_is_remote
    type: sequence
    args:
      - exec: $remote_sequence

  - tag: fallback
    type: fallback
    args:
      primary: query_is_local_ip
      secondary: query_is_remote
      threshold: 500
      always_standby: true

  - tag: query_is_apple_domain
    type: sequence
    args:
      - matches: "!qname $geosite_apple"
        exec: return
      - exec: $forward_local
      - matches: "!resp_ip $geoip_cn"
        exec: drop_resp
      - matches: "!has_resp"
        exec: $forward_xinfeng_udp

  - tag: query_is_ddns_domain
    type: sequence
    args:
      - matches: qname $ddnslist
        exec: $local_sequence

  - tag: query_is_local_domain
    type: sequence
    args:
      - matches: qname $geosite_cn
        exec: $local_sequence

  - tag: query_is_no_local_domain
    type: sequence
    args:
      - matches: qname $geosite_no_cn
        exec: $remote_sequence

  - tag: query_is_whitelist_domain
    type: sequence
    args:
      - matches: qname $whitelist
        exec: $local_sequence

  - tag: query_is_greylist_domain
    type: sequence
    args:
      - matches: qname $greylist
        exec: $remote_sequence

  - tag: query_is_reject_domain
    type: sequence
    args:
      - matches: qname $blocklist
        exec: reject 3
      - matches: qname $adlist
        exec: reject 3
      - matches:
        - qtype 12
        - qname $local_ptr
        exec: reject 3
      - matches: qtype 65
        exec: reject 3

  - tag: main_sequence
    type: sequence
    args:
      - exec: $hosts
      - exec: jump has_resp_sequence
      - matches:
        - "!qname $ddnslist"
        - "!qname $blocklist"
        - "!qname $adlist"
        - "!qname $local_ptr"
        exec: $lazy_cache
      - exec: $redirect
      - exec: jump has_resp_sequence
      - exec: $query_is_ddns_domain
      - exec: jump has_resp_sequence
      - exec: $query_is_whitelist_domain
      - exec: jump has_resp_sequence
      - exec: $query_is_reject_domain
      - exec: jump has_resp_sequence
      - exec: $query_is_greylist_domain
      - exec: jump has_resp_sequence
      - exec: $query_is_local_domain
      - exec: jump has_resp_sequence
      - exec: $query_is_no_local_domain
      - exec: jump has_resp_sequence
      - exec: $fallback

  - tag: udp_server
    type: udp_server
    args:
      entry: main_sequence
      listen: ":53"

  - tag: tcp_server
    type: tcp_server
    args:
      entry: main_sequence
      listen: ":53"

目前adguardhome无法获取到内网IP,只能获取到mosdns 192.168.51.7,是哪里设置的不对吗?应该怎么改?
@OldCoding
Copy link

想要让adguardhome获取到设备IP,就必须让adguardhome最先接受dns查询请求

@luweijun1992
Copy link

luweijun1992 commented Jun 12, 2024
edited
Loading

换过来,终端请求先到adg,然后adg上游才是mosdns

@w22gb8
Copy link

w22gb8 commented Jun 13, 2024

改源码前端添加客户端ip为ecs,后端再根据ecs判断

@xueba0458
Copy link

换一下位置😂😂😂😂为啥非要把adguardhome放在后面😉😜 @xihazhiwang 我装了三个adguardhome,一个smartdns,一个mosdns。mosdns负责分流,两个adguardhome分别处理国外和国内的广告,smartdns进行国内双栈优选和缓存,mosdns前面再加一个adguardhome用于统计信息。我套娃套的有点多了🤣

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@w22gb8 @xihazhiwang @xueba0458 @luweijun1992 @OldCoding