mosdns转发至adguardhome在adguard中如何获取源IP,目前仅显示mosdns IP
xihazhiwang opened this issue · comments
环境:docker 部署 mosdns adguardhome mihomo
部署脚本:
version: '3'
services:
mihomo:
image: metacubex/mihomo
container_name: mihomo
networks:
macvlan:
ipv4_address: 192.168.51.8
volumes:
- /root/disk1/mihomo:/root/.config/mihomo/
privileged: true
# devices:
# - /dev/net/tun
restart: always
# cap_add:
# - NET_ADMIN
sysctls:
- net.ipv4.ip_forward=1
adguardHome:
image: adguard/adguardhome
container_name: adguardHome
networks:
macvlan:
ipv4_address: 192.168.51.6
volumes:
- /root/disk1/adguardhome/conf:/opt/adguardhome/conf
- /root/disk1/adguardhome/work:/opt/adguardhome/work
privileged: true
restart: always
mosdns:
image: irinesistiana/mosdns:latest
container_name: mosdns
networks:
macvlan:
ipv4_address: 192.168.51.7
volumes:
- /root/disk1/mosdns/etc/mosdns:/etc/mosdns
- /root/disk1/mosdns/var/mosdns:/var/mosdns
privileged: true
restart: always
networks:
macvlan:
driver: macvlan
driver_opts:
parent: ens18
macvlan_mode: bridge
ipam:
config:
- subnet: 192.168.51.0/24
gateway: 192.168.51.1
mosdns 配置文件
log:
level: info
file: "/var/log/mosdns.log"
api:
http: "0.0.0.0:9091"
include: []
plugins:
- tag: geosite_cn
type: domain_set
args:
files:
- "/var/mosdns/geosite_cn.txt"
- tag: geoip_cn
type: ip_set
args:
files:
- "/var/mosdns/geoip_cn.txt"
- tag: geosite_apple
type: domain_set
args:
files:
- "/var/mosdns/geosite_apple.txt"
- tag: geosite_no_cn
type: domain_set
args:
files:
- "/var/mosdns/geosite_geolocation-!cn.txt"
- tag: whitelist
type: domain_set
args:
files:
- "/etc/mosdns/rule/whitelist.txt"
- tag: blocklist
type: domain_set
args:
files:
- "/etc/mosdns/rule/blocklist.txt"
- tag: greylist
type: domain_set
args:
files:
- "/etc/mosdns/rule/greylist.txt"
- tag: ddnslist
type: domain_set
args:
files:
- "/etc/mosdns/rule/ddnslist.txt"
- tag: hosts
type: hosts
args:
files:
- "/etc/mosdns/rule/hosts.txt"
- tag: redirect
type: redirect
args:
files:
- "/etc/mosdns/rule/redirect.txt"
- tag: adlist
type: domain_set
args:
files:
- "/etc/mosdns/rule/disable-ads.txt"
- tag: local_ptr
type: domain_set
args:
files:
- "/etc/mosdns/rule/local-ptr.txt"
- tag: cloudflare_cidr
type: ip_set
args:
files:
- "/etc/mosdns/rule/cloudflare-cidr.txt"
- tag: lazy_cache
type: cache
args:
size: 0
lazy_cache_ttl: 0
- tag: forward_xinfeng_udp
type: forward
args:
concurrent: 2
upstreams:
- addr: "114.114.114.114"
- addr: "114.114.115.115"
- tag: forward_local
type: forward
args:
concurrent: 1
upstreams:
- addr: "192.168.51.6"
bootstrap: 119.29.29.29
enable_pipeline: false
max_conns: 2
insecure_skip_verify: false
idle_timeout: 30
- tag: forward_remote
type: forward
args:
concurrent: 1
upstreams:
- addr: "192.168.51.8"
bootstrap: 8.8.8.8
enable_pipeline: false
max_conns: 2
insecure_skip_verify: false
idle_timeout: 30
- tag: modify_ttl
type: sequence
args:
- exec: ttl 0-0
- tag: modify_ddns_ttl
type: sequence
args:
- exec: ttl 5-5
- tag: local_sequence
type: sequence
args:
- exec: $forward_local
- tag: remote_sequence
type: sequence
args:
- exec: prefer_ipv4
- exec: $forward_remote
- tag: has_resp_sequence
type: sequence
args:
- matches: qname $ddnslist
exec: $modify_ddns_ttl
- matches: "!qname $ddnslist"
exec: $modify_ttl
- matches: has_resp
exec: accept
- tag: query_is_local_ip
type: sequence
args:
- exec: $local_sequence
- matches: "!resp_ip $geoip_cn"
exec: drop_resp
- tag: query_is_remote
type: sequence
args:
- exec: $remote_sequence
- tag: fallback
type: fallback
args:
primary: query_is_local_ip
secondary: query_is_remote
threshold: 500
always_standby: true
- tag: query_is_apple_domain
type: sequence
args:
- matches: "!qname $geosite_apple"
exec: return
- exec: $forward_local
- matches: "!resp_ip $geoip_cn"
exec: drop_resp
- matches: "!has_resp"
exec: $forward_xinfeng_udp
- tag: query_is_ddns_domain
type: sequence
args:
- matches: qname $ddnslist
exec: $local_sequence
- tag: query_is_local_domain
type: sequence
args:
- matches: qname $geosite_cn
exec: $local_sequence
- tag: query_is_no_local_domain
type: sequence
args:
- matches: qname $geosite_no_cn
exec: $remote_sequence
- tag: query_is_whitelist_domain
type: sequence
args:
- matches: qname $whitelist
exec: $local_sequence
- tag: query_is_greylist_domain
type: sequence
args:
- matches: qname $greylist
exec: $remote_sequence
- tag: query_is_reject_domain
type: sequence
args:
- matches: qname $blocklist
exec: reject 3
- matches: qname $adlist
exec: reject 3
- matches:
- qtype 12
- qname $local_ptr
exec: reject 3
- matches: qtype 65
exec: reject 3
- tag: main_sequence
type: sequence
args:
- exec: $hosts
- exec: jump has_resp_sequence
- matches:
- "!qname $ddnslist"
- "!qname $blocklist"
- "!qname $adlist"
- "!qname $local_ptr"
exec: $lazy_cache
- exec: $redirect
- exec: jump has_resp_sequence
- exec: $query_is_ddns_domain
- exec: jump has_resp_sequence
- exec: $query_is_whitelist_domain
- exec: jump has_resp_sequence
- exec: $query_is_reject_domain
- exec: jump has_resp_sequence
- exec: $query_is_greylist_domain
- exec: jump has_resp_sequence
- exec: $query_is_local_domain
- exec: jump has_resp_sequence
- exec: $query_is_no_local_domain
- exec: jump has_resp_sequence
- exec: $fallback
- tag: udp_server
type: udp_server
args:
entry: main_sequence
listen: ":53"
- tag: tcp_server
type: tcp_server
args:
entry: main_sequence
listen: ":53"
目前adguardhome无法获取到内网IP,只能获取到mosdns 192.168.51.7,是哪里设置的不对吗?应该怎么改?
想要让adguardhome获取到设备IP,就必须让adguardhome最先接受dns查询请求
换过来,终端请求先到adg,然后adg上游才是mosdns
改源码前端添加客户端ip为ecs,后端再根据ecs判断