个人工具

UbuntuHelp:Dnsmasq/zh-hans

来自Ubuntu中文

跳转至: 导航, 搜索
 


值得关注:

我并没有使用dnsmasq的dhcp功能,而只使用它的dns功能。谁能帮忙把DHCP部分加上那就太好了,请通知我,我会把它加上。:)
来自Ubuntu:HervéFache的提示: 你可以在 UbuntuWirelessRouter 上找到更多关于怎么设置dnsmasq的信息。

准备

首先我们要做一些看起来并不相关的事── 我们将创建一个新的resolv.conf文件并命名为 '/etc/nameservers'(文件名是任意的,但这各名字更好些)。

首先打开一个终端,对你的ISP的每个域名服务器执行‘host’命令(就像这样)

[email protected]:~$ host ns1.on.net
ns1.on.net has address 216.200.145.64
[email protected]:~$ host ns2.on.net
ns2.on.net has address 192.231.203.2
[email protected]:~$ host ns3.on.net
ns3.on.net has address 192.83.231.19
[email protected]:~$ host ns4.on.net
ns4.on.net has address 192.231.203.3

在终端中把这些信息保存到‘/etc/nameservers’文件中

sudo nano /etc/nameservers

文件中的内容大致是这样的,具体内容来自上面命令的输出

nameserver 216.200.145.64
nameserver 192.231.203.2
nameserver 192.83.231.19
nameserver 192.231.203.3

你的文件可能不到4行,这没关系,但域名服务器越多出错的可能就越小。这个文件准备好了吗?让我们正式开始安装。

配置dnsmasq

和许多其他的Ubuntu包一样,dnsmasq在universe区中。确认已经激活了universe区,然后执行下面命令

sudo apt-get update
sudo apt-get install dnsmasq

开始通过编辑下面的文件来配置dnsmasq

/etc/dnsmasq.conf

On the first page of options is one to "... filter useless windows-originated DNS requests which can trigger dial-on-demand links needlessly." If your in that situation, you might want to uncomment `filterwin2k`. How about making use of that file we made before? Uncomment the next option in the config file, and add your nameserver file to the end. `resolv-file=/etc/nameservers` Now we can be sure our nameserver is getting its dns from a trusted upstream source, and isnt going to go walkabout. Now we dont need to really worry about any settings untill we get down to "# Add domains which you want to force to an IP address here.". This one is fun, as we can point any dns request that comes in to any ip we want. In the mood to spread Ubuntu love? How about all requests to Microsoft.com go... astray? All we need is this option and an ip to redirect to.

address=/microsoft.com/82.211.81.158

With this line added to your dnsmasq, visits to Microsoft are a thing of the past. ( Its now pointing to ubuntulinux.org ;) ) Heres my current list, perhaps it will grow as needed:

address=/doubleclick.net/192.168.0.2
address=/googlesyndication.com/192.168.0.2
address=/google-analytics.com/192.168.0.2
address=/googleadservices.com/192.168.0.2
address=/decideinteractive.com/192.168.0.2

# Not blocking redirects (google.com -> google.com.au)
address=/google.com/216.239.39.104

Its a short list, mainly because with stuff like privoxy installed there isn't much call for a long one. This is just to weed out servers that privoxy misses, you dont want people visiting, or to put in simple redirects :) Heading down a few lines and we are looking at the interface line. This specifies which Ethernet device to bind to (`eth0`, `eth1` etc), or if you would rather you can use the bind-address just below it and bind it to an IP instead (`127.0.0.1`, `192.168.0.1`, 10.0.1.254`, etc).

Guess what? We just finished!

Save and exit the file, restart the daemon and you should be running.

sudo /etc/init.d/dnsmasq restart

The last thing that has to be done is editing your /etc/resolv.conf to point to the IP address of dnsmasq - this is the last option you set, so I hope you still remember it :) To your local dns cache address being overwritten in /etc/resolv.conf, you can add the line

prepend domain-name-servers 127.0.0.1

to /etc/dhcp3/dhclient.conf