support setting upstream DNS server
This commit is contained in:
garywill
garywill
parent
21a386aba2
commit
5532b4d1a9
47
README.md
47
README.md
|
|
@ -81,7 +81,7 @@ Internet----(eth0/wlan0)-Linux-(virtual interface)-----VM/container
|
||||||
### Transparent proxy with Tor
|
### Transparent proxy with Tor
|
||||||
|
|
||||||
```
|
```
|
||||||
# lnxrouter -i eth1 --tp 9040 --dns-proxy 9053
|
# lnxrouter -i eth1 --tp 9040 --dns 9053
|
||||||
```
|
```
|
||||||
|
|
||||||
In `torrc`
|
In `torrc`
|
||||||
|
|
@ -133,7 +133,7 @@ $ lxc profile add <container> profile5
|
||||||
```
|
```
|
||||||
That should make one container have 2 profiles. `profile5` will override `eth0`.
|
That should make one container have 2 profiles. `profile5` will override `eth0`.
|
||||||
```
|
```
|
||||||
# lnxrouter -i lxdbr5 --tp 9040 --dns-proxy 9053
|
# lnxrouter -i lxdbr5 --tp 9040 --dns 9053
|
||||||
```
|
```
|
||||||
To remove that new profile from container
|
To remove that new profile from container
|
||||||
```
|
```
|
||||||
|
|
@ -153,47 +153,52 @@ $ lxc config device remove <container> eth0
|
||||||
### Use as transparent proxy for VirtualBox
|
### Use as transparent proxy for VirtualBox
|
||||||
On VirtualBox's global settings, create a host-only network `vboxnet5` with DHCP disabled.
|
On VirtualBox's global settings, create a host-only network `vboxnet5` with DHCP disabled.
|
||||||
```
|
```
|
||||||
# lnxrouter -i vboxnet5 --tp 9040 --dns-proxy 9053
|
# lnxrouter -i vboxnet5 --tp 9040 --dns 9053
|
||||||
```
|
```
|
||||||
### CLI usage and other features
|
### CLI usage and other features
|
||||||
|
|
||||||
```
|
```
|
||||||
Usage: lnxrouter [options]
|
Usage: lnxrouter <options>
|
||||||
|
|
||||||
Options:
|
Options:
|
||||||
-h, --help Show this help
|
-h, --help Show this help
|
||||||
--version Print version number
|
--version Print version number
|
||||||
|
|
||||||
-i <interface> Interface to share Internet to.
|
-i <interface> Interface to make NATed sub-network,
|
||||||
An NATed subnet is made upon it.
|
and to provide Internet to
|
||||||
To create Wifi hotspot use '--ap' instead
|
(To create Wifi hotspot use '--ap' instead)
|
||||||
-n Disable Internet sharing
|
-n Disable Internet sharing
|
||||||
--tp <port> Transparent proxy.
|
|
||||||
redirect non-LAN tcp and udp traffic to port.
|
|
||||||
Usually used with '--dns-proxy'
|
|
||||||
|
|
||||||
-g <gateway> Set gateway IPv4 address, netmask is /24 .
|
-g <ip> Set this host's IPv4 address, netmask is 24
|
||||||
(default: 192.168.18.1)
|
(default: 192.168.18.1)
|
||||||
-6 Enable IPv6 (NAT)
|
-6 Enable IPv6 (NAT)
|
||||||
--p6 <prefix> Set IPv6 prefix (length 64)
|
--p6 <prefix> Set IPv6 prefix (length 64)
|
||||||
(default: fd00:1:1:1:: )
|
(default: fd00:1:1:1:: )
|
||||||
--dns-proxy <port> DNS server redirect queries to port
|
|
||||||
--no-serve-dns Disable DNS server
|
--dns <ip>|<port>|<ip:port>
|
||||||
--no-dnsmasq Disable dnsmasq server completely (DHCP, DNS, RA)
|
DNS server's upstream DNS.
|
||||||
--log-dns Show DNS server query log
|
Use ',' to seperate multiple servers
|
||||||
|
(default: use /etc/resolve.conf)
|
||||||
|
(Note IPv6 addresses need '[]' around)
|
||||||
|
--no-dns Do not serve DNS
|
||||||
|
--no-dnsmasq Disable dnsmasq server (DHCP, DNS, RA)
|
||||||
|
--log-dns Show DNS query log
|
||||||
--dhcp-dns <IP1[,IP2]>|no
|
--dhcp-dns <IP1[,IP2]>|no
|
||||||
Set IPv4 DNS offered by DHCP
|
Set IPv4 DNS offered by DHCP (default: this host)
|
||||||
(default: gateway as DNS)
|
|
||||||
--dhcp-dns6 <IP1[,IP2]>|no
|
--dhcp-dns6 <IP1[,IP2]>|no
|
||||||
Set IPv6 DNS offered by DHCP(RA)
|
Set IPv6 DNS offered by DHCP (RA)
|
||||||
(default: gateway as DNS)
|
(default: this host)
|
||||||
Note IPv6 addresses need '[]' around
|
(Note IPv6 addresses need '[]' around)
|
||||||
-d DNS server will take into account /etc/hosts
|
-d DNS server will take into account /etc/hosts
|
||||||
-e <hosts_file> DNS server will take into account additional
|
-e <hosts_file> DNS server will take into account additional
|
||||||
hosts file
|
hosts file
|
||||||
|
|
||||||
--mac <MAC> Set MAC address
|
--mac <MAC> Set MAC address
|
||||||
|
|
||||||
|
--tp <port> Transparent proxy,
|
||||||
|
redirect non-LAN tcp and udp traffic to port.
|
||||||
|
Usually used with '--dns'
|
||||||
|
|
||||||
Wifi hotspot options:
|
Wifi hotspot options:
|
||||||
--ap <wifi interface> <SSID>
|
--ap <wifi interface> <SSID>
|
||||||
Create Wifi access point
|
Create Wifi access point
|
||||||
|
|
@ -217,10 +222,12 @@ Options:
|
||||||
(defaults to /etc/hostapd/hostapd.accept)
|
(defaults to /etc/hostapd/hostapd.accept)
|
||||||
--hostapd-debug <level> 1 or 2. Passes -d or -dd to hostapd
|
--hostapd-debug <level> 1 or 2. Passes -d or -dd to hostapd
|
||||||
--isolate-clients Disable wifi communication between clients
|
--isolate-clients Disable wifi communication between clients
|
||||||
|
|
||||||
--ieee80211n Enable IEEE 802.11n (HT)
|
--ieee80211n Enable IEEE 802.11n (HT)
|
||||||
--ieee80211ac Enable IEEE 802.11ac (VHT)
|
--ieee80211ac Enable IEEE 802.11ac (VHT)
|
||||||
--ht_capab <HT> HT capabilities (default: [HT40+])
|
--ht_capab <HT> HT capabilities (default: [HT40+])
|
||||||
--vht_capab <VHT> VHT capabilities
|
--vht_capab <VHT> VHT capabilities
|
||||||
|
|
||||||
--no-haveged Do not run haveged automatically when needed
|
--no-haveged Do not run haveged automatically when needed
|
||||||
|
|
||||||
Instance managing:
|
Instance managing:
|
||||||
|
|
|
||||||
|
|
@ -29,8 +29,13 @@ Options:
|
||||||
--p6 <prefix> Set IPv6 prefix (length 64)
|
--p6 <prefix> Set IPv6 prefix (length 64)
|
||||||
(default: fd00:1:1:1:: )
|
(default: fd00:1:1:1:: )
|
||||||
|
|
||||||
--no-serve-dns Do not serve DNS
|
--dns <ip>|<port>|<ip:port>
|
||||||
--no-dnsmasq Disable dnsmasq server completely (DHCP, DNS, RA)
|
DNS server's upstream DNS.
|
||||||
|
Use ',' to seperate multiple servers
|
||||||
|
(default: use /etc/resolve.conf)
|
||||||
|
(Note IPv6 addresses need '[]' around)
|
||||||
|
--no-dns Do not serve DNS
|
||||||
|
--no-dnsmasq Disable dnsmasq server (DHCP, DNS, RA)
|
||||||
--log-dns Show DNS query log
|
--log-dns Show DNS query log
|
||||||
--dhcp-dns <IP1[,IP2]>|no
|
--dhcp-dns <IP1[,IP2]>|no
|
||||||
Set IPv4 DNS offered by DHCP (default: this host)
|
Set IPv4 DNS offered by DHCP (default: this host)
|
||||||
|
|
@ -46,8 +51,7 @@ Options:
|
||||||
|
|
||||||
--tp <port> Transparent proxy,
|
--tp <port> Transparent proxy,
|
||||||
redirect non-LAN tcp and udp traffic to port.
|
redirect non-LAN tcp and udp traffic to port.
|
||||||
Usually used with '--dns-proxy'
|
Usually used with '--dns'
|
||||||
--dns-proxy <port> DNS server redirects queries to
|
|
||||||
|
|
||||||
Wifi hotspot options:
|
Wifi hotspot options:
|
||||||
--ap <wifi interface> <SSID>
|
--ap <wifi interface> <SSID>
|
||||||
|
|
@ -93,7 +97,7 @@ Examples:
|
||||||
$PROGNAME --ap wlan0 MyAccessPoint
|
$PROGNAME --ap wlan0 MyAccessPoint
|
||||||
$PROGNAME --ap wlan0 MyAccessPoint --password MyPassPhrase
|
$PROGNAME --ap wlan0 MyAccessPoint --password MyPassPhrase
|
||||||
$PROGNAME -n --ap wlan0 MyAccessPoint --password MyPassPhrase
|
$PROGNAME -n --ap wlan0 MyAccessPoint --password MyPassPhrase
|
||||||
$PROGNAME -i eth1 --tp <transparent-proxy> --dns-proxy <dns-proxy>
|
$PROGNAME -i eth1 --tp <transparent-proxy> --dns <dns-proxy>
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -119,7 +123,7 @@ CONN_IFACE=
|
||||||
|
|
||||||
SHARE_METHOD=nat
|
SHARE_METHOD=nat
|
||||||
TP_PORT=
|
TP_PORT=
|
||||||
TP_DNS_PORT=
|
DNS=
|
||||||
|
|
||||||
NEW_MACADDR=
|
NEW_MACADDR=
|
||||||
OLD_MACADDR=
|
OLD_MACADDR=
|
||||||
|
|
@ -199,12 +203,12 @@ while [[ -n "$1" ]]; do
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
|
|
||||||
--dns-proxy)
|
--dns)
|
||||||
shift
|
shift
|
||||||
TP_DNS_PORT="$1"
|
DNS="$1"
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
--no-serve-dns)
|
--no-dns)
|
||||||
shift
|
shift
|
||||||
dnsmasq_NO_DNS=1
|
dnsmasq_NO_DNS=1
|
||||||
;;
|
;;
|
||||||
|
|
@ -370,6 +374,38 @@ while [[ -n "$1" ]]; do
|
||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
|
|
||||||
|
sep_ip_port() {
|
||||||
|
local IP
|
||||||
|
local PORT
|
||||||
|
local INPUT
|
||||||
|
INPUT="$1"
|
||||||
|
if (echo $INPUT | grep '\.' >/dev/null 2>&1) ;then
|
||||||
|
if (echo $INPUT | grep ':' >/dev/null 2>&1) ;then
|
||||||
|
# ipv4 + port
|
||||||
|
IP="$(echo $INPUT | cut -d: -f1)"
|
||||||
|
PORT="$(echo $INPUT | cut -d: -f2)"
|
||||||
|
else
|
||||||
|
# ipv4
|
||||||
|
IP="$INPUT"
|
||||||
|
fi
|
||||||
|
elif (echo $INPUT | grep '\]' >/dev/null 2>&1) ;then
|
||||||
|
if (echo $INPUT | grep '\]\:' >/dev/null 2>&1) ;then
|
||||||
|
# ipv6 + port
|
||||||
|
IP="$(echo $INPUT | cut -d']' -f1 | cut -d'[' -f2)"
|
||||||
|
PORT="$(echo $INPUT | cut -d']' -f2 |cut -d: -f2)"
|
||||||
|
else
|
||||||
|
# ipv6
|
||||||
|
IP="$(echo $INPUT | cut -d']' -f1 | cut -d'[' -f2)"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
# port
|
||||||
|
IP='127.0.0.1'
|
||||||
|
PORT="$INPUT"
|
||||||
|
fi
|
||||||
|
printf -v "$2" %s "$IP"
|
||||||
|
printf -v "$3" %s "$PORT"
|
||||||
|
}
|
||||||
|
|
||||||
USE_IWCONFIG=0
|
USE_IWCONFIG=0
|
||||||
|
|
||||||
is_interface() {
|
is_interface() {
|
||||||
|
|
@ -1359,11 +1395,17 @@ if [[ $NO_DNSMASQ -eq 0 ]]; then
|
||||||
echo log-queries=extra >> $CONFDIR/dnsmasq.conf
|
echo log-queries=extra >> $CONFDIR/dnsmasq.conf
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ $TP_DNS_PORT ]]; then
|
if [[ $DNS ]]; then
|
||||||
|
DNS_count=$(echo $DNS | awk -F, '{print NF}')
|
||||||
|
for (( i=1;i<=DNS_count;i++ )); do
|
||||||
|
sep_ip_port "$(echo $DNS | cut -d, -f$i)" DNS_IP DNS_PORT
|
||||||
|
[[ "$DNS_PORT" ]] && DNS_PORT_D="#$DNS_PORT"
|
||||||
|
echo "server=${DNS_IP}${DNS_PORT_D}" >> $CONFDIR/dnsmasq.conf
|
||||||
|
done
|
||||||
|
|
||||||
cat <<- EOF >> $CONFDIR/dnsmasq.conf
|
cat <<- EOF >> $CONFDIR/dnsmasq.conf
|
||||||
no-resolv
|
no-resolv
|
||||||
no-poll
|
no-poll
|
||||||
server=127.0.0.1#${TP_DNS_PORT}
|
|
||||||
EOF
|
EOF
|
||||||
fi
|
fi
|
||||||
if [[ $IPV6 -eq 1 ]];then
|
if [[ $IPV6 -eq 1 ]];then
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue