interesting
/
linux-router
mirror of https://github.com/garywill/linux-router.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Setting this host's name replied by DNS

This commit is contained in:
garywill 2018-08-31 18:41:06 +08:00 committed by garywill
parent 5532b4d1a9
commit 2b103e3838
2 changed files with 22 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -74,8 +74,8 @@ Internet----(eth0/wlan0)-Linux-(virtual interface)-----VM/container
### LAN without Internet ### LAN without Internet
``` ```
# lnxrouter -i eth1 -n # lnxrouter -n -i eth1
# lnxrouter --ap wlan0 MyAccessPoint --password MyPassPhrase -n # lnxrouter -n --ap wlan0 MyAccessPoint --password MyPassPhrase
``` ```
### Transparent proxy with Tor ### Transparent proxy with Tor
@ -189,6 +189,8 @@ Options:
Set IPv6 DNS offered by DHCP (RA) Set IPv6 DNS offered by DHCP (RA)
(default: this host) (default: this host)
(Note IPv6 addresses need '[]' around) (Note IPv6 addresses need '[]' around)
--hostname <name> DNS server associate this name with this host.
Use '-' to read name from /etc/hostname
-d DNS server will take into account /etc/hosts -d DNS server will take into account /etc/hosts
-e <hosts_file> DNS server will take into account additional -e <hosts_file> DNS server will take into account additional
hosts file hosts file

25
lnxrouter Executable file → Normal file
View File

@ -43,6 +43,8 @@ Options:
Set IPv6 DNS offered by DHCP (RA) Set IPv6 DNS offered by DHCP (RA)
(default: this host) (default: this host)
(Note IPv6 addresses need '[]' around) (Note IPv6 addresses need '[]' around)
--hostname <name> DNS server associate this name with this host.
Use '-' to read name from /etc/hostname
-d DNS server will take into account /etc/hosts -d DNS server will take into account /etc/hosts
-e <hosts_file> DNS server will take into account additional -e <hosts_file> DNS server will take into account additional
hosts file hosts file
@ -120,6 +122,7 @@ ETC_HOSTS=0
ADDN_HOSTS= ADDN_HOSTS=
SUBNET_IFACE= SUBNET_IFACE=
CONN_IFACE= CONN_IFACE=
THISHOSTNAME=
SHARE_METHOD=nat SHARE_METHOD=nat
TP_PORT= TP_PORT=
@ -230,6 +233,11 @@ while [[ -n "$1" ]]; do
shift shift
SHOW_DNS_QUERY=1 SHOW_DNS_QUERY=1
;; ;;
--hostname)
shift
THISHOSTNAME="$1"
shift
;;
-d) -d)
shift shift
ETC_HOSTS=1 ETC_HOSTS=1
@ -715,11 +723,13 @@ start_redsocks() {
iptables_ -t nat -N REDSOCKS-${SUBNET_IFACE} || die iptables_ -t nat -N REDSOCKS-${SUBNET_IFACE} || die
iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 0.0.0.0/8 -j RETURN || die iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 0.0.0.0/8 -j RETURN || die
iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 10.0.0.0/8 -j RETURN || die iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 10.0.0.0/8 -j RETURN || die
iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 100.64.0.0/10 -j RETURN || die
iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 127.0.0.0/8 -j RETURN || die iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 127.0.0.0/8 -j RETURN || die
iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 169.254.0.0/16 -j RETURN || die iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 169.254.0.0/16 -j RETURN || die
iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 172.16.0.0/12 -j RETURN || die iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 172.16.0.0/12 -j RETURN || die
iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 192.168.0.0/16 -j RETURN || die iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 192.168.0.0/16 -j RETURN || die
iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 224.0.0.0/4 -j RETURN || die iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 224.0.0.0/4 -j RETURN || die
iptables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 255.255.255.255 -j RETURN || die
iptables_ -v -t nat -A REDSOCKS-${SUBNET_IFACE} -p tcp -j REDIRECT --to-ports ${TP_PORT} || die iptables_ -v -t nat -A REDSOCKS-${SUBNET_IFACE} -p tcp -j REDIRECT --to-ports ${TP_PORT} || die
iptables_ -v -t nat -A REDSOCKS-${SUBNET_IFACE} -p udp -j REDIRECT --to-ports ${TP_PORT} || die iptables_ -v -t nat -A REDSOCKS-${SUBNET_IFACE} -p udp -j REDIRECT --to-ports ${TP_PORT} || die
@ -736,7 +746,6 @@ start_redsocks() {
ip6tables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d ff00::/8 -j RETURN || die ip6tables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d ff00::/8 -j RETURN || die
ip6tables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d ::1 -j RETURN || die ip6tables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d ::1 -j RETURN || die
ip6tables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d :: -j RETURN || die ip6tables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d :: -j RETURN || die
ip6tables_ -t nat -A REDSOCKS-${SUBNET_IFACE} -d 0100::/64 -j RETURN || die
ip6tables_ -v -t nat -A REDSOCKS-${SUBNET_IFACE} -p tcp -j REDIRECT --to-ports ${TP_PORT} || die ip6tables_ -v -t nat -A REDSOCKS-${SUBNET_IFACE} -p tcp -j REDIRECT --to-ports ${TP_PORT} || die
ip6tables_ -v -t nat -A REDSOCKS-${SUBNET_IFACE} -p udp -j REDIRECT --to-ports ${TP_PORT} || die ip6tables_ -v -t nat -A REDSOCKS-${SUBNET_IFACE} -p udp -j REDIRECT --to-ports ${TP_PORT} || die
@ -1391,6 +1400,10 @@ if [[ $NO_DNSMASQ -eq 0 ]]; then
[[ -n "$MTU" ]] && echo "dhcp-option-force=option:mtu,${MTU}" >> $CONFDIR/dnsmasq.conf [[ -n "$MTU" ]] && echo "dhcp-option-force=option:mtu,${MTU}" >> $CONFDIR/dnsmasq.conf
[[ $ETC_HOSTS -eq 0 ]] && echo no-hosts >> $CONFDIR/dnsmasq.conf [[ $ETC_HOSTS -eq 0 ]] && echo no-hosts >> $CONFDIR/dnsmasq.conf
[[ -n "$ADDN_HOSTS" ]] && echo "addn-hosts=${ADDN_HOSTS}" >> $CONFDIR/dnsmasq.conf [[ -n "$ADDN_HOSTS" ]] && echo "addn-hosts=${ADDN_HOSTS}" >> $CONFDIR/dnsmasq.conf
if [[ "$THISHOSTNAME" ]]; then
[[ "$THISHOSTNAME" == "-" ]] && THISHOSTNAME="$(cat /etc/hostname)"
echo "interface-name=$THISHOSTNAME,$SUBNET_IFACE" >> $CONFDIR/dnsmasq.conf
fi
if [[ ! "$SHOW_DNS_QUERY" -eq 0 ]]; then if [[ ! "$SHOW_DNS_QUERY" -eq 0 ]]; then
echo log-queries=extra >> $CONFDIR/dnsmasq.conf echo log-queries=extra >> $CONFDIR/dnsmasq.conf
fi fi
@ -1502,11 +1515,8 @@ elif [[ "$SHARE_METHOD" == "redsocks" ]]; then
if [[ $IPV6 -eq 1 ]]; then if [[ $IPV6 -eq 1 ]]; then
echo 1 > /proc/sys/net/ipv6/conf/$SUBNET_IFACE/forwarding || die "Failed enabling $SUBNET_IFACE ipv6 forwarding" echo 1 > /proc/sys/net/ipv6/conf/$SUBNET_IFACE/forwarding || die "Failed enabling $SUBNET_IFACE ipv6 forwarding"
fi fi
if [[ "$dnsmasq_NO_DNS" -eq 0 ]]; then [[ "$dnsmasq_NO_DNS" -eq 0 && ! $DNS ]] && echo -e "\nWARN: You are using transparent proxy but this host is providing local DNS, this may cause privacy leak !!!\n" >&2
echo
echo "WARN: You are using transparent proxy but gateway is providing local DNS, this may cause privacy leak !!!" >&2
echo
fi
start_redsocks start_redsocks
fi fi
@ -1543,7 +1553,8 @@ if [[ $NO_DNSMASQ -eq 0 ]]; then
fi fi
echo
echo "== Setting up completed, now linux-router is working =="
# need loop to keep this script running # need loop to keep this script running
bash -c "while :; do sleep 8000 ; done " & bash -c "while :; do sleep 8000 ; done " &
KEEP_RUNNING_PID=$! KEEP_RUNNING_PID=$!