diff --git a/config/config.go b/config/config.go index efc89032..301126a6 100644 --- a/config/config.go +++ b/config/config.go @@ -162,6 +162,7 @@ type DNS struct { FakeIPRange6 netip.Prefix FakeIPPool6 *fakeip.Pool FakeIPSkipper *fakeip.Skipper + FakeIPTTL int NameServerPolicy []dns.Policy ProxyServerNameserver []dns.NameServer DirectNameServer []dns.NameServer @@ -228,6 +229,7 @@ type RawDNS struct { FakeIPRange6 string `yaml:"fake-ip-range6" json:"fake-ip-range6"` FakeIPFilter []string `yaml:"fake-ip-filter" json:"fake-ip-filter"` FakeIPFilterMode C.FilterMode `yaml:"fake-ip-filter-mode" json:"fake-ip-filter-mode"` + FakeIPTTL int `yaml:"fake-ip-ttl" json:"fake-ip-ttl"` DefaultNameserver []string `yaml:"default-nameserver" json:"default-nameserver"` CacheAlgorithm string `yaml:"cache-algorithm" json:"cache-algorithm"` CacheMaxSize int `yaml:"cache-max-size" json:"cache-max-size"` @@ -490,6 +492,7 @@ func DefaultRawConfig() *RawConfig { IPv6Timeout: 100, EnhancedMode: C.DNSMapping, FakeIPRange: "198.18.0.1/16", + FakeIPTTL: 1, FallbackFilter: RawFallbackFilter{ GeoIP: true, GeoIPCode: "CN", @@ -1458,6 +1461,7 @@ func parseDNS(rawCfg *RawConfig, ruleProviders map[string]P.RuleProvider) (*DNS, Mode: cfg.FakeIPFilterMode, } dnsCfg.FakeIPSkipper = skipper + dnsCfg.FakeIPTTL = cfg.FakeIPTTL if dnsCfg.FakeIPRange.IsValid() { pool, err := fakeip.New(fakeip.Options{ diff --git a/dns/enhancer.go b/dns/enhancer.go index 7e349772..0661362f 100644 --- a/dns/enhancer.go +++ b/dns/enhancer.go @@ -14,6 +14,7 @@ type ResolverEnhancer struct { fakeIPPool *fakeip.Pool fakeIPPool6 *fakeip.Pool fakeIPSkipper *fakeip.Skipper + fakeIPTTL int mapping *lru.LruCache[netip.Addr, string] useHosts bool } @@ -162,6 +163,7 @@ type EnhancerConfig struct { FakeIPPool *fakeip.Pool FakeIPPool6 *fakeip.Pool FakeIPSkipper *fakeip.Skipper + FakeIPTTL int UseHosts bool } @@ -177,6 +179,10 @@ func NewEnhancer(cfg EnhancerConfig) *ResolverEnhancer { e.fakeIPPool6 = cfg.FakeIPPool6 } e.fakeIPSkipper = cfg.FakeIPSkipper + e.fakeIPTTL = cfg.FakeIPTTL + if e.fakeIPTTL < 1 { + e.fakeIPTTL = 1 + } e.mapping = lru.New(lru.WithSize[netip.Addr, string](4096)) } diff --git a/dns/middleware.go b/dns/middleware.go index 4e026cd9..180cf00e 100644 --- a/dns/middleware.go +++ b/dns/middleware.go @@ -146,7 +146,7 @@ func withMapping(mapping *lru.LruCache[netip.Addr, string]) middleware { } } -func withFakeIP(skipper *fakeip.Skipper, fakePool *fakeip.Pool, fakePool6 *fakeip.Pool) middleware { +func withFakeIP(skipper *fakeip.Skipper, fakePool *fakeip.Pool, fakePool6 *fakeip.Pool, fakeIPTTL int) middleware { return func(next handler) handler { return func(ctx *icontext.DNSContext, r *D.Msg) (*D.Msg, error) { q := r.Question[0] @@ -186,7 +186,7 @@ func withFakeIP(skipper *fakeip.Skipper, fakePool *fakeip.Pool, fakePool6 *fakei msg.Answer = []D.RR{rr} ctx.SetType(icontext.DNSTypeFakeIP) - setMsgTTL(msg, 1) + setMsgTTL(msg, uint32(fakeIPTTL)) msg.SetRcode(r, D.RcodeSuccess) msg.Authoritative = true msg.RecursionAvailable = true @@ -238,7 +238,7 @@ func newHandler(resolver *Resolver, mapper *ResolverEnhancer) handler { } if mapper.mode == C.DNSFakeIP { - middlewares = append(middlewares, withFakeIP(mapper.fakeIPSkipper, mapper.fakeIPPool, mapper.fakeIPPool6)) + middlewares = append(middlewares, withFakeIP(mapper.fakeIPSkipper, mapper.fakeIPPool, mapper.fakeIPPool6, mapper.fakeIPTTL)) } if mapper.mode != C.DNSNormal { diff --git a/docs/config.yaml b/docs/config.yaml index 8a5ec1f7..d6421e10 100644 --- a/docs/config.yaml +++ b/docs/config.yaml @@ -275,6 +275,8 @@ dns: # 配置fake-ip-filter的匹配模式,默认为blacklist,即如果匹配成功不返回fake-ip # 可设置为whitelist,即只有匹配成功才返回fake-ip fake-ip-filter-mode: blacklist + # 配置fakeip查询返回的TTL,非必要情况下请勿修改 + fake-ip-ttl: 1 # use-hosts: true # 查询 hosts diff --git a/hub/executor/executor.go b/hub/executor/executor.go index 988d73e2..184e64de 100644 --- a/hub/executor/executor.go +++ b/hub/executor/executor.go @@ -269,6 +269,7 @@ func updateDNS(c *config.DNS, generalIPv6 bool) { FakeIPPool: c.FakeIPPool, FakeIPPool6: c.FakeIPPool6, FakeIPSkipper: c.FakeIPSkipper, + FakeIPTTL: c.FakeIPTTL, UseHosts: c.UseHosts, })