redsocks2 https://github.com/semigodking/redsocks
redsocks2 配置文件
echo 'base{log_debug = on; log_info = on; log = "file:/tmp/reddi.log";
daemon = on; redirector = iptables;}
redsocks { local_ip = 127.0.0.1; local_port = 12345; ip = 127.0.0.1;
port = 1080; type = socks5; }' > redsocks.confiptables
iptables -t nat -A OUTPUT -d 0.0.0.0/8 -j RETURN
iptables -t nat -A OUTPUT -d 10.0.0.0/8 -j RETURN
iptables -t nat -A OUTPUT -d 100.64.0.0/10 -j RETURN
iptables -t nat -A OUTPUT -d 127.0.0.0/8 -j RETURN
iptables -t nat -A OUTPUT -d 169.254.0.0/16 -j RETURN
iptables -t nat -A OUTPUT -d 172.16.0.0/12 -j RETURN
iptables -t nat -A OUTPUT -d 192.168.0.0/16 -j RETURN
iptables -t nat -A OUTPUT -d 198.18.0.0/15 -j RETURN
iptables -t nat -A OUTPUT -d 224.0.0.0/4 -j RETURN
iptables -t nat -A OUTPUT -d 240.0.0.0/4 -j RETURN
iptables -t nat -A OUTPUT -d x.x.x.x/32 -j RETURN
iptables -t nat -A OUTPUT -d 1.1.1.1/32 -p tcp -j REDIRECT --to-ports 12345
iptables -t nat -A OUTPUT -p tcp --dport 18080 -j REDIRECT --to-ports 12345
将访问其他DNS服务器数据包重定向到本机53端口
iptables -t nat -A OUTPUT -p udp --dport 53 ! -d 127.0.0.1 -j REDIRECT --to-ports 53
DOH
./cloudflared-linux-amd64 proxy-dns --address 127.0.0.1 --port 53 --upstream "https://1.1.1.1/dns-query"
修改/etc/resolv.conf,/etc/hosts
测试curl -v -H 'accept: application/dns-json' https://1.1.1.1/dns-query?name=www.google.com&type=A
