OpenWRT Dnsmasq 设置示例

发表评论

先劫持局域网内机器的域名解析:

# Intercept DNS traffic
uci -q delete firewall.dns_int
uci set firewall.dns_int="redirect"
uci set firewall.dns_int.name="Intercept-DNS"
uci set firewall.dns_int.src="lan"
uci set firewall.dns_int.src_dport="53"
uci set firewall.dns_int.proto="tcp udp"
uci set firewall.dns_int.family="any"
uci set firewall.dns_int.target="DNAT"
uci commit firewall
service firewall restart

将域名 demo.com 强制解析到ip 192.168.1.100:

/demo.com/#
/demo.com/192.168.3.100

第一行是避免解析到ipv6地址。

屏蔽域名 demo.com 以及它的所有子域名,也就是解析不了任何ip:

/demo.com/#

https://openwrt.org/docs/guide-user/firewall/fw3_configurations/intercept_dns

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注