
sans – A simple anti-spoofing DNS server.
Simple Anti-spoofing Name Server, designed to defend against DNS spoofing, suitable for embedded devices and low end boxes.
Latest Change 24/12/2015:
+ add homebrew build script.
Features:
+ Support both UDP and TCP
+ Detect if a domain is polluted
+ Query polluted domains over TCP or SOCKS5
Note:
+ If SOCKS5 server is not given, polluted domains will be queried over TCP. It’s faster than querying over SOCKS5, but may not work in some networks.
+ Since there is no cache in sans, you may need to set it as an upstream DNS server for Dnsmasq instead of using it directly.
TODO:
– cache
– retry on error
– auto pre-query
– recursive
Installation and usage:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
git clone https://github.com/XiaoxiaoPu/sans autoreconf -if ./configure --prefix=/usr --sysconfdir=/etc make sudo make install cd src ./sans -h (for helper command) Update: cd sans folder git pull OSX brew install --HEAD https://github.com/XiaoxiaoPu/sans/raw/master/contrib/homebrew/sans.rb setup cross compile tool chain: export PATH="$PATH:/pato/to/cross/compile/toolchain/" build autoreconf -if ./configure --host=arm-unknown-linux-gnueabihf \ --prefix=/usr --sysconfdir=/etc make Build with MinGW: autoreconf -if ./configure --host=i686-w64-mingw32 make |
sample configuration:
1 2 3 4 5 6 7 |
user=nobody group=nobody listen=127.0.0.1:5300 socks5=127.0.0.1:1080 test_server=8.8.8.8:53 cn_server=114.114.114.114:53 server=8.8.8.8:53 |
Source : https://github.com/XiaoxiaoPu