Skip to content

[Feature Request] FakeDNS 修改 TTL 和 禁用 HTTPS QType 65 转发 #3006

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
qwerr0 opened this issue Feb 8, 2024 · 7 comments
Closed

[Feature Request] FakeDNS 修改 TTL 和 禁用 HTTPS QType 65 转发 #3006

qwerr0 opened this issue Feb 8, 2024 · 7 comments

Comments

@qwerr0
Copy link

qwerr0 commented Feb 8, 2024

默认的 TTL 是 600, 由于 Xray 还不支持 FakeIP 的持久化和 Reload, 所以每次重启 Xray 都需要清理一次 DNS 缓存
如果能提供一个选项把 FakeDNS 提供的响应的 TTL 改小一些, 如 TTL=5, TTL=1 就可以避免这些问题

在使用 FakeDNS 后, 需要把 DNS 解析设置到 Xray 上, 默认是丢弃除了A和AAAA记录的DNS请求, 可以设置 nonIPQuery 来转发这些请求, 但是开启后, HTTPS QType 65 记录可能会被污染, iOS 上需要单独屏蔽 HTTPS 记录的转发, 也希望添加一个选项在 nonIPQuery 为 skip 时能丢弃 HTTPS QType 65 记录
@qwerr0
Copy link
Author

qwerr0 commented Feb 8, 2024
edited
Loading

我觉得应该会有和我一样想法的人, 如果能搜到这里, 我提供一份 Patch (我不会 GO 修改很直接) 来修改实现这些功能

diff --git a/proxy/dns/dns.go b/proxy/dns/dns.go
index 415fe99..26204da 100644
--- a/proxy/dns/dns.go
+++ b/proxy/dns/dns.go
@@ -5,6 +5,7 @@ import (
 	"io"
 	"sync"
 	"time"
+	"strings"
 
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/buf"
@@ -179,7 +180,7 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, d internet.
 				if isIPQuery {
 					go h.handleIPQuery(id, qType, domain, writer)
 				}
-				if isIPQuery || h.nonIPQuery == "drop" {
+				if isIPQuery || h.nonIPQuery == "drop" || qType == 65 {
 					b.Release()
 					continue
 				}
@@ -246,10 +247,16 @@ func (h *Handler) handleIPQuery(id uint16, qType dnsmessage.Type, domain string,
 
 	switch qType {
 	case dnsmessage.TypeA:
+		if len(ips) > 0 && strings.HasPrefix(ips[0].String(), "198.18.") {
+		    ttl = 1
+		}
 		for i, ip := range ips {
 			ips[i] = ip.To4()
 		}
 	case dnsmessage.TypeAAAA:
+		if len(ips) > 0 && strings.HasPrefix(ips[0].String(), "fc00::") {
+		    ttl = 1
+		}
 		for i, ip := range ips {
 			ips[i] = ip.To16()
 		}

@o0HalfLife0o
Copy link
Contributor

fakedns ttl这个问题我记得以前看到@yuhan6665 说之后会改短,但一直没有后续,刚刚试着搜了下,也没找到,不知道是不是混在哪个不相关的issue里

@yuhan6665
Copy link
Member

好吧 感谢两位催更 我这周看下。。

@yuhan6665
Copy link
Member

@qwerr0 能帮忙测下是否有用 https://github.com/XTLS/Xray-core/actions/runs/7982602924

@qwerr0
Copy link
Author

qwerr0 commented Feb 21, 2024
edited
Loading

@qwerr0 能帮忙测下是否有用 https://github.com/XTLS/Xray-core/actions/runs/7982602924

很感谢添加这个功能, 已经测试了, FakeIP 的 TTL 为1, 且会丢弃 HTTPS DNS 记录, 但是有些网站没有解析到IP似乎会越界:
Wed Feb 21 15:34:16 2024 daemon.err xray[709]: panic: runtime error: index out of range [0] with length 0
Wed Feb 21 15:34:16 2024 daemon.err xray[709]:
Wed Feb 21 15:34:16 2024 daemon.err xray[709]: goroutine 370 [running]:
Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns.(*Handler).handleIPQuery(0x4000492ea0, 0xa79e, 0x1c, {0x4000126420, 0x21}, {0x10678c0, 0x40008f16a0})
Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns/dns.go:251 +0xaec
Wed Feb 21 15:34:16 2024 daemon.err xray[709]: created by github.com/xtls/xray-core/proxy/dns.(*Handler).Process.func2 in goroutine 341
Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns/dns.go:184 +0x228

@qwerr0
Copy link
Author

qwerr0 commented Feb 21, 2024

我目前的 DNS 配置:

{
  "dns": {
    "tag": "dns-inner",
    "disableFallbackIfMatch": true,
    "servers": [
      {
        "address": "dns.alidns.com",
        "expectIPs": ["geoip:direct"],
        "queryStrategy": "UseIP",
        "skipFallback": false
      },
      {
        "address": "fakedns",
        "queryStrategy": "UseIP",
        "skipFallback": false
      },
      {
        "address": "2400:3200::1",
        "domains": ["full:dns.alidns.com"],
        "queryStrategy": "UseIP",
        "skipFallback": true
      },
      {
        "address": "223.5.5.5",
        "domains": ["full:dns.alidns.com"],
        "queryStrategy": "UseIP",
        "skipFallback": true
      },
      {
        "address": "dns.alidns.com",
        "domains": ["geosite:direct"],
        "queryStrategy": "UseIP",
        "skipFallback": true
      },
      {
        "address": "fakedns",
        "domains": ["geosite:proxy"],
        "queryStrategy": "UseIP",
        "skipFallback": true
      }
    ]
  },
  "fakedns": [
    {
      "ipPool": "198.18.0.0/16",
      "poolSize": 65535
    },
    {
      "ipPool": "fc00::/112",
      "poolSize": 65535
    }
  ]
}

@yuhan6665
Copy link
Member

@qwerr0 能帮忙测下是否有用 https://github.com/XTLS/Xray-core/actions/runs/7982602924

很感谢添加这个功能, 已经测试了, FakeIP 的 TTL 为1, 且会丢弃 HTTPS DNS 记录, 但是有些网站没有解析到IP似乎会越界: Wed Feb 21 15:34:16 2024 daemon.err xray[709]: panic: runtime error: index out of range [0] with length 0 Wed Feb 21 15:34:16 2024 daemon.err xray[709]: Wed Feb 21 15:34:16 2024 daemon.err xray[709]: goroutine 370 [running]: Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns.(*Handler).handleIPQuery(0x4000492ea0, 0xa79e, 0x1c, {0x4000126420, 0x21}, {0x10678c0, 0x40008f16a0}) Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns/dns.go:251 +0xaec Wed Feb 21 15:34:16 2024 daemon.err xray[709]: created by github.com/xtls/xray-core/proxy/dns.(*Handler).Process.func2 in goroutine 341 Wed Feb 21 15:34:16 2024 daemon.err xray[709]: github.com/xtls/xray-core/proxy/dns/dns.go:184 +0x228

感谢 我以为到这儿不应该有空解析了 现在应该可以了

@rp-hello rp-hello mentioned this issue Mar 31, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@yuhan6665 @o0HalfLife0o @qwerr0