Giter Site home page Giter Site logo

clearmediaukltd / snidust Goto Github PK

View Code? Open in Web Editor NEW

This project forked from seji64/snidust

0.0 0.0 0.0 99 KB

SmartDNS Proxy to hide your GeoLocation. Based on DnsDist and SniProxy

License: GNU General Public License v3.0

Shell 74.52% Dockerfile 25.48%

snidust's Introduction

Docker

SniDust

SmartDNS Proxy to hide your GeoLocation. Based on DnsDist and SniProxy

Supported Services

  • Zattoo
  • Yallo.tv
  • Netflix
  • Hulu
  • Amazon Prime
  • SRF.ch (live tv)

Prerequisites

You will need a VPS or a Root Server where you can install Docker (or Docker is already installed).

Usage

Get your Public IP (Client)

## run this in your terminal or use your webbrowser
curl https://ifconfig.me

For this example i we assume your public ip (of your client) is 10.111.123.7

Get your IP of your Server

curl https://ifconfig.me

For this example i we assume your public ip (of your server) is 10.111.123.8

Run SniDust on your Server

docker run -d --name snidust -e ALLOWED_CLIENTS="127.0.0.1, 10.111.123.7" -e EXTERNAL_IP=10.111.123.8 -p 443:443 -p 80:80 -p 53:5300/udp ghcr.io/seji64/snidust:main

Or if you use docker-compose:

version: '3.3'
services:
    snidust:
        container_name: snidust
        environment:
            - 'ALLOWED_CLIENTS=127.0.0.1, 10.111.123.7'
            - EXTERNAL_IP=10.111.123.8
            - SPOOF_ALL_DOMAINS=false # Set to true (case sensetive!) if you want spoof ALL domains.
        ports:
            - '443:443'
            - '80:80'
            - '53:5300/udp'
        image: 'ghcr.io/seji64/snidust:main'

Check logs of the container

docker logs snidust

The logs should look something like this:

...
Webserver launched on 127.0.0.1:8083
Marking downstream 1.0.0.1:443 as 'up'
Marking downstream dns.google (8.8.8.8:853) as 'up'
Marking downstream dns.google (8.8.4.4:853) as 'up'
Marking downstream 1.1.1.1:443 as 'up'
Polled security status of version 1.7.1 at startup, no known issues reported: OK

Configure your client

Change your network settings and set as DNS Server 10.111.123.8 (PUBLIC_VPS_IP)

Your GeoLaction should now hidden :-)

Troubleshooting

Error Port 53 is already in use

In this case you either run another service (like Pi-Hole) which already uses this Port or you likely use an linux distribution which uses systemd.

In case systemd is already using port 53 you can follow this Guide to free up this port.

Advanced

Configure DNS Rate Limiting

The default is the following:

Generate a warning if we detect a query rate above 800 qps for at least 60s."
If the query rate raises above 1000 qps for 60 seconds, we'll block the client for 360s."

To customize this behavior you can use the following environment variables:

DNSDIST_RATE_LIMIT_WARN (default: 800)
DNSDIST_RATE_LIMIT_BLOCK (default: 1000)
DNSDIST_RATE_LIMIT_BLOCK_DURATION (default: 360)
DNSDIST_RATE_LIMIT_EVAL_WINDOW (default: 60)

If you want disable Rate Limiting completely set DNSDIST_RATE_LIMIT_DISABLE to true

Use custom Upstream DNS Servers

By default SniDust is using Cloudflare's and Google's DNS Servers as Upstream. To use your own/custom upstream DNS Server you have to do the following:

Configure and use Custom Upstream Pool

  • Create a file named 99-customUpstream.conf
  • Use the DNSDist Documentation to create you own upstream pool. Example: 
    newServer("192.0.2.1", name="custom1", pool="customUpstream")
newServer("192.0.2.2", name="custom2", pool="customUpstream")
  • Ensure you have set a pool and it is NOT named upstream (this name is already used by sniDust itself)
  • Set Environment Variable DNSDIST_UPSTREAM_POOL_NAME to your pool name (here: customUpstream)
  • Map your file 99-customUpstream.conf 
    ...
        volumes:
         - ~/99-customUpstream.conf:/etc/dnsdist/conf.d/99-customUpstream.conf
 ...

Add custom domains

In case you want to add custom domains which not included by default, this can be done easily. Create a file with the name 99-custom.lst. Insert all your custom domains in this file.

Mount it

docker run --name snidust -e ALLOWED_CLIENTS="127.0.0.1, 10.111.123.7" -e EXTERNAL_IP=10.111.123.8 -p 443:443 -p 80:80 -p 53:5300/udp -v ~/99-custom.lst:/etc/snidust/domains.d/99-custom.lst:ro ghcr.io/seji64/snidust:main

Or if you use docker-compose:

version: '3.3'
services:
    snidust:
        container_name: snidust
        environment:
            - 'ALLOWED_CLIENTS=127.0.0.1, 10.111.123.7'
            - EXTERNAL_IP=10.111.123.8
        ports:
            - '443:443'
            - '80:80'
            - '53:5300/udp'
        volumes:
            - '~/99-custom.lst:/etc/snidust/domains.d/99-custom.lst:ro'
        image: 'ghcr.io/seji64/snidust:main'

Spoof all domains

If you don't want to maintain a list of domains and you just want to spoof everything set SPOOF_ALL_DOMAINS to true

version: '3.3'
services:
    snidust:
        container_name: snidust
        environment:
            - 'ALLOWED_CLIENTS=127.0.0.1, 10.111.123.7'
            - EXTERNAL_IP=10.111.123.8
            - SPOOF_ALL_DOMAINS=true
...

Reload allowed clients without container restart

In case you want to have a dynamic ALLOWED_CLIENTS ACL's change your docker-compose to this:

version: '3.3'
services:
    snidust:
        container_name: snidust
        environment:
            - 'ALLOWED_CLIENTS_FILE=/tmp/myacls.acl'
            - EXTERNAL_IP=10.111.123.8
        ports:
            - '443:443'
            - '80:80'
            - '53:5300/udp'
        volumes:
            - '~/myacls.acl:/tmp/myacls.acl:ro'
        image: 'ghcr.io/seji64/snidust:main'

Then you can reload your acls by querying a specific dns name:

# assuming 10.11.123.8 is your ip of your Server where snidust runs
dig @10.111.123.8 reload.acl.snidust.local

You should see in the logs (docker logs snidust) snidust has reloaded your acl's

[SniDust] *** Reloading ACL... ***
...
[SniDust] *** ACL reload complete! ***

Reload Domains without container restart

In case you added custom domains like above, updates the 99-custom.lst file but don't want to restart your SniDust container each time, you can reload all domains with a custom dns question.

# assuming 10.11.123.8 is your ip of your Server where snidust runs
dig @10.111.123.8 reload.domainlist.snidust.local

You should see in the logs (docker logs snidust) snidust has reloaded your domain

[SniDust] Reloading domain lists..
...
[SniDust] *** End of Domain List ***
[SniDust] Domain Lists reloaded!

Credits

Based on the following projects:

snidust's People

Contributors

seji64 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.