Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

请教下如何自定义DOH(https_dns_proxy)? #75

Open
Myzhivago opened this issue Jan 13, 2025 · 3 comments
Open

请教下如何自定义DOH(https_dns_proxy)? #75

Myzhivago opened this issue Jan 13, 2025 · 3 comments

Comments

@Myzhivago
Copy link

请教下作者在[DNS设定]->[选择外国DNS]中,选择[https_dns_proxy],默认使用Cloudflare的DOH,Cloudflare的DOH目前都已经屏蔽无法使用,如何自定义DOH。
@cary-sas
Copy link
Owner

https_dns_proxy itself doesn’t have a direct --proxy command-line option, but it does honor standard proxy environment variables such as HTTPS_PROXY, http_proxy, or ALL_PROXY. That means you can “chain” DNS-over-HTTPS queries through another proxy (e.g., Shadowsocks, SOCKS, HTTP proxy, etc.) by setting the appropriate environment variable before invoking https_dns_proxy.

If you want to make it part of your shell script (i.e., only set the variable if https://cloudflare-dns.com is blocked in your region), you could do something like:

Example: Using a SOCKS5 proxy on 127.0.0.1:23456

if [ "$ss_foreign_dns" == "6" ]; then
    echo_date "开启 https_dns_proxy,用于dns解析..."

    # If https://cloudflare-dns.com is unreachable directly, use a proxy
    export HTTPS_PROXY="socks5://127.0.0.1:23456"

    if [ -n "$ss_basic_server_ip" ]; then
        # 用 chnroute 去判断 SS 服务器在国内还是在国外
        ipset test chnroute $ss_basic_server_ip > /dev/null 2>&1
        if [ "$?" != "0" ]; then
            ss_real_server_ip="$ss_basic_server_ip"
        else
            ss_real_server_ip="8.8.8.8"
        fi
    else
        ss_real_server_ip="8.8.8.8"
    fi

    https_dns_proxy \
      -u nobody \
      -p 7913 \
      -b 8.8.8.8,1.1.1.1,8.8.4.4,1.0.0.1,145.100.185.15,145.100.185.16,185.49.141.37 \
      -e "$ss_real_server_ip/16" \
      -r "https://cloudflare-dns.com/dns-query?ct=application/dns-json&" \
      -d
unset HTTPS_PROXY
fi

This way, the DNS queries always go through your proxy if direct access to cloudflare-dns.com is blocked.

@cary-sas
Copy link
Owner

Or you can change the DOH like this, still in file ssconfig.sh,

https_dns_proxy \
  -u nobody \
  -p 7913 \
  -b 8.8.8.8,1.1.1.1 \
  -e "$ss_real_server_ip/16" \
  -r "https://dns.google/dns-query?ct=application/dns-json&" \
  -d

Popular DoH Endpoints
Here are some well-known DoH providers:

Google
Endpoint: https://dns.google/dns-query
Optional JSON param: ?ct=application/dns-json
Cloudflare
Endpoint: https://cloudflare-dns.com/dns-query
Optional JSON param: ?ct=application/dns-json
Quad9
Endpoint: https://dns.quad9.net/dns-query
AdGuard
Endpoint: https://dns.adguard.com/dns-query
NextDNS
Endpoint: https://dns.nextdns.io/YOUR_NEXTDNS_ID
(May require an ID or special parameter for configuration.)

Anyway, ChatGPT can teach you a lot if you are interested in this. For me, I just use ChinaDNS-ng.

@Myzhivago
Copy link
Author

Myzhivago commented Jan 14, 2025
edited
Loading

Thank you very much. I will try following what the author said.

According to the second comment by the author which is easily understand, i found file"ssconfig.sh" in the folder "/jffs/.koolshare/ss". Then I used the "vi" command to repalce the cloudflare DOH. Now I am still in testing new DOH.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cary-sas @Myzhivago