├── README.md ├── dnsmasq.conf ├── dnsmasq_sniproxy.sh ├── proxy-domains.txt ├── sniproxy.conf ├── sniproxy.default └── sniproxy ├── sniproxy-0.6.0.el6.x86_64.rpm ├── sniproxy-0.6.0.el7.x86_64.rpm ├── sniproxy-0.6.0.el8.x86_64.rpm ├── sniproxy_0.6.0_amd64.deb └── sniproxy_0.6.0_i386.deb /README.md: -------------------------------------------------------------------------------- 1 | # Dnsmasq SNIproxy One-click Install 2 | 3 | ### 脚本说明: 4 | 5 | * 原理简述:使用[Dnsmasq](http://thekelleys.org.uk/dnsmasq/doc.html)的DNS将网站解析劫持到[SNI proxy](https://github.com/dlundquist/sniproxy)反向代理的页面上。 6 | 7 | * 用途:让无法观看流媒体的VPS可以观看(前提:VPS中要有一个是能观看流媒体的)。 8 | 9 | * 特性:脚本默认解锁`Netflix Hulu HBO`[等](https://github.com/myxuchangbin/dnsmasq_sniproxy_install/blob/master/proxy-domains.txt),如需增删流媒体域名请编辑文件`/etc/dnsmasq.d/custom_netflix.conf`和`/etc/sniproxy.conf` 10 | 11 | * 脚本支持系统:CentOS6+, Debian8+, Ubuntu16+ 12 | * CentOS6/7/8, Debian8/9/10, Ubuntu16/18 已测试成功 13 | * 理论上不限虚拟化类型,如有问题请反馈 14 | * 如果脚本最后显示的IP和实际公网IP不相符,请修改一下文件`/etc/sniproxy.conf`中的IP地址 15 | 16 | ### 脚本用法: 17 | 18 | bash dnsmasq_sniproxy.sh [-h] [-i] [-f] [-id] [-is] [-fs] [-u] [-ud] [-us] 19 | -h , --help 显示帮助信息 20 | -i , --install 安装 Dnsmasq + SNI Proxy 21 | -f , --fastinstall 快速安装 Dnsmasq + SNI Proxy 22 | -id, --installdnsmasq 仅安装 Dnsmasq 23 | -is, --installsniproxy 仅安装 SNI Proxy 24 | -fs, --fastinstallsniproxy 快速安装 SNI Proxy 25 | -u , --uninstall 卸载 Dnsmasq + SNI Proxy 26 | -ud, --undnsmasq 卸载 Dnsmasq 27 | -us, --unsniproxy 卸载 SNI Proxy 28 | 29 | ### 快速安装(推荐): 30 | ``` Bash 31 | wget --no-check-certificate -O dnsmasq_sniproxy.sh https://raw.githubusercontent.com/myxuchangbin/dnsmasq_sniproxy_install/master/dnsmasq_sniproxy.sh && bash dnsmasq_sniproxy.sh -f 32 | ``` 33 | 34 | ### 普通安装: 35 | ``` Bash 36 | wget --no-check-certificate -O dnsmasq_sniproxy.sh https://raw.githubusercontent.com/myxuchangbin/dnsmasq_sniproxy_install/master/dnsmasq_sniproxy.sh && bash dnsmasq_sniproxy.sh -i 37 | ``` 38 | 39 | ### 卸载方法: 40 | ``` Bash 41 | wget --no-check-certificate -O dnsmasq_sniproxy.sh https://raw.githubusercontent.com/myxuchangbin/dnsmasq_sniproxy_install/master/dnsmasq_sniproxy.sh && bash dnsmasq_sniproxy.sh -u 42 | ``` 43 | 44 | ### 使用方法: 45 | 将代理VPS的DNS地址修改为这个主机的IP就可以了,如果不能用,记得只保留一个DNS地址试一下。 46 | 47 | 防止滥用,建议不要随意公布IP地址,或使用防火墙做好限制工作。 48 | 49 | ### 调试排错: 50 | - 确认sniproxy有效运行 51 | 52 | 查看sni状态:systemctl status sniproxy 53 | 54 | 停止sni服务:service sniproxy stop 55 | 56 | 启动sni服务:service sniproxy start 57 | 58 | 如果sni不在运行,检查一下是否有其他服务占用80,443端口,以防端口冲突,先将其他服务更改一下监听端口,查看端口监听:netstat -tlunp|grep 443 59 | 60 | - 确认防火墙放行80,443,53 61 | 62 | 调试可直接关闭防火墙 systemctl stop firewalld.service 63 | 64 | 阿里云/谷歌云/AWS等运营商安全组端口同样需要放行 65 | 可通过其他服务器 telnet vpsip 53 以及 telnet vpsip 443 进行测试 66 | 67 | - 解析域名 68 | 69 | 尝试用其他服务器配置完毕dns后,解析域名:nslookup netflix.com 判断IP是否是NETFLIX代理机器IP 70 | 如果不存在nslookup命令,CENTOS安装:yum install -y bind-utils DEBIAN安装:apt-get -y install dnsutils 71 | 72 | --- 73 | 74 | ___本脚本仅限解锁流媒体使用___ 75 | -------------------------------------------------------------------------------- /dnsmasq.conf: -------------------------------------------------------------------------------- 1 | domain-needed 2 | bogus-priv 3 | no-resolv 4 | no-poll 5 | all-servers 6 | server=8.8.8.8 7 | server=1.1.1.1 8 | server=208.67.222.222 9 | server=4.2.2.1 10 | cache-size=2048 11 | local-ttl=60 12 | interface=* 13 | -------------------------------------------------------------------------------- /dnsmasq_sniproxy.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | 5 | red='\033[0;31m' 6 | green='\033[0;32m' 7 | yellow='\033[0;33m' 8 | plain='\033[0m' 9 | 10 | [[ $EUID -ne 0 ]] && echo -e "[${red}Error${plain}] 请使用root用户来执行脚本!" && exit 1 11 | 12 | disable_selinux(){ 13 | if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then 14 | sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config 15 | setenforce 0 16 | fi 17 | } 18 | 19 | check_sys(){ 20 | local checkType=$1 21 | local value=$2 22 | 23 | local release='' 24 | local systemPackage='' 25 | 26 | if [[ -f /etc/redhat-release ]]; then 27 | release="centos" 28 | systemPackage="yum" 29 | elif grep -Eqi "debian|raspbian" /etc/issue; then 30 | release="debian" 31 | systemPackage="apt" 32 | elif grep -Eqi "ubuntu" /etc/issue; then 33 | release="ubuntu" 34 | systemPackage="apt" 35 | elif grep -Eqi "centos|red hat|redhat" /etc/issue; then 36 | release="centos" 37 | systemPackage="yum" 38 | elif grep -Eqi "debian|raspbian" /proc/version; then 39 | release="debian" 40 | systemPackage="apt" 41 | elif grep -Eqi "ubuntu" /proc/version; then 42 | release="ubuntu" 43 | systemPackage="apt" 44 | elif grep -Eqi "centos|red hat|redhat" /proc/version; then 45 | release="centos" 46 | systemPackage="yum" 47 | fi 48 | 49 | if [[ "${checkType}" == "sysRelease" ]]; then 50 | if [ "${value}" == "${release}" ]; then 51 | return 0 52 | else 53 | return 1 54 | fi 55 | elif [[ "${checkType}" == "packageManager" ]]; then 56 | if [ "${value}" == "${systemPackage}" ]; then 57 | return 0 58 | else 59 | return 1 60 | fi 61 | fi 62 | } 63 | 64 | getversion(){ 65 | if [[ -s /etc/redhat-release ]]; then 66 | grep -oE "[0-9.]+" /etc/redhat-release 67 | else 68 | grep -oE "[0-9.]+" /etc/issue 69 | fi 70 | } 71 | 72 | centosversion(){ 73 | if check_sys sysRelease centos; then 74 | local code=$1 75 | local version="$(getversion)" 76 | local main_ver=${version%%.*} 77 | if [ "$main_ver" == "$code" ]; then 78 | return 0 79 | else 80 | return 1 81 | fi 82 | else 83 | return 1 84 | fi 85 | } 86 | 87 | get_ip(){ 88 | local IP=$( ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\.|^0\." | head -n 1 ) 89 | [ -z ${IP} ] && IP=$( wget -qO- -t1 -T2 ipv4.icanhazip.com ) 90 | [ -z ${IP} ] && IP=$( wget -qO- -t1 -T2 ipinfo.io/ip ) 91 | echo ${IP} 92 | } 93 | 94 | check_ip(){ 95 | local checkip=$1 96 | local valid_check=$(echo $checkip|awk -F. '$1<=255&&$2<=255&&$3<=255&&$4<=255{print "yes"}') 97 | if echo $checkip|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then 98 | if [ ${valid_check:-no} == "yes" ]; then 99 | return 0 100 | else 101 | echo -e "[${red}Error${plain}] IP $checkip not available!" 102 | return 1 103 | fi 104 | else 105 | echo -e "[${red}Error${plain}] IP format error!" 106 | return 1 107 | fi 108 | } 109 | 110 | download(){ 111 | local filename=${1} 112 | echo -e "[${green}Info${plain}] ${filename} download configuration now..." 113 | wget --no-check-certificate -q -t3 -T60 -O ${1} ${2} 114 | if [ $? -ne 0 ]; then 115 | echo -e "[${red}Error${plain}] Download ${filename} failed." 116 | exit 1 117 | fi 118 | } 119 | 120 | error_detect_depends(){ 121 | local command=$1 122 | local depend=`echo "${command}" | awk '{print $4}'` 123 | echo -e "[${green}Info${plain}] Starting to install package ${depend}" 124 | ${command} > /dev/null 2>&1 125 | if [ $? -ne 0 ]; then 126 | echo -e "[${red}Error${plain}] Failed to install ${red}${depend}${plain}" 127 | exit 1 128 | fi 129 | } 130 | 131 | config_firewall(){ 132 | if centosversion 6; then 133 | /etc/init.d/iptables status > /dev/null 2>&1 134 | if [ $? -eq 0 ]; then 135 | for port in ${ports}; do 136 | iptables -L -n | grep -i ${port} > /dev/null 2>&1 137 | if [ $? -ne 0 ]; then 138 | iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport ${port} -j ACCEPT 139 | if [ ${port} == "53" ]; then 140 | iptables -I INPUT -m state --state NEW -m udp -p udp --dport ${port} -j ACCEPT 141 | fi 142 | else 143 | echo -e "[${green}Info${plain}] port ${green}${port}${plain} already be enabled." 144 | fi 145 | done 146 | /etc/init.d/iptables save 147 | /etc/init.d/iptables restart 148 | else 149 | echo -e "[${yellow}Warning${plain}] iptables looks like not running or not installed, please enable port ${ports} manually if necessary." 150 | fi 151 | elif centosversion 7 || centosversion 8; then 152 | systemctl status firewalld > /dev/null 2>&1 153 | if [ $? -eq 0 ]; then 154 | default_zone=$(firewall-cmd --get-default-zone) 155 | for port in ${ports}; do 156 | firewall-cmd --permanent --zone=${default_zone} --add-port=${port}/tcp 157 | if [ ${port} == "53" ]; then 158 | firewall-cmd --permanent --zone=${default_zone} --add-port=${port}/udp 159 | fi 160 | firewall-cmd --reload 161 | done 162 | else 163 | echo -e "[${yellow}Warning${plain}] firewalld looks like not running or not installed, please enable port ${ports} manually if necessary." 164 | fi 165 | fi 166 | } 167 | 168 | install_dependencies(){ 169 | echo "安装依赖软件..." 170 | if check_sys packageManager yum; then 171 | echo -e "[${green}Info${plain}] Checking the EPEL repository..." 172 | if [ ! -f /etc/yum.repos.d/epel.repo ]; then 173 | yum install -y epel-release > /dev/null 2>&1 174 | fi 175 | [ ! -f /etc/yum.repos.d/epel.repo ] && echo -e "[${red}Error${plain}] Install EPEL repository failed, please check it." && exit 1 176 | [ ! "$(command -v yum-config-manager)" ] && yum install -y yum-utils > /dev/null 2>&1 177 | [ x"$(yum-config-manager epel | grep -w enabled | awk '{print $3}')" != x"True" ] && yum-config-manager --enable epel > /dev/null 2>&1 178 | echo -e "[${green}Info${plain}] Checking the EPEL repository complete..." 179 | 180 | if [[ ${fastmode} = "1" ]]; then 181 | yum_depends=( 182 | curl gettext-devel libev-devel pcre-devel perl udns-devel 183 | ) 184 | else 185 | yum_depends=( 186 | wget git autoconf automake curl gettext-devel libev-devel pcre-devel perl pkgconfig rpm-build udns-devel 187 | ) 188 | fi 189 | for depend in ${yum_depends[@]}; do 190 | error_detect_depends "yum -y install ${depend}" 191 | done 192 | if [[ ${fastmode} = "0" ]]; then 193 | if centosversion 6; then 194 | error_detect_depends "yum -y groupinstall development" 195 | error_detect_depends "yum -y install centos-release-scl" 196 | error_detect_depends "yum -y install devtoolset-6-gcc-c++" 197 | elif centosversion 7 || centosversion 8; then 198 | yum groups list development | grep Installed > /dev/null 2>&1 199 | if [[ $? -eq 0 ]]; then 200 | yum groups mark remove development -y > /dev/null 2>&1 201 | fi 202 | error_detect_depends "yum -y groupinstall development" 203 | fi 204 | fi 205 | elif check_sys packageManager apt; then 206 | if [[ ${fastmode} = "1" ]]; then 207 | apt_depends=( 208 | curl gettext libev-dev libpcre3-dev libudns-dev 209 | ) 210 | else 211 | apt_depends=( 212 | wget git autotools-dev cdbs debhelper dh-autoreconf dpkg-dev gettext libev-dev libpcre3-dev libudns-dev pkg-config fakeroot devscripts 213 | ) 214 | fi 215 | apt-get -y update 216 | for depend in ${apt_depends[@]}; do 217 | error_detect_depends "apt-get -y install ${depend}" 218 | done 219 | if [[ ${fastmode} = "0" ]]; then 220 | error_detect_depends "apt-get -y install build-essential" 221 | fi 222 | fi 223 | } 224 | 225 | install_dnsmasq(){ 226 | netstat -a -n -p | grep LISTEN | grep -P "\d+\.\d+\.\d+\.\d+:53\s+" > /dev/null && echo -e "[${red}Error${plain}] required port 53 already in use\n" && exit 1 227 | echo "安装Dnsmasq..." 228 | if check_sys packageManager yum; then 229 | error_detect_depends "yum -y install dnsmasq" 230 | if centosversion 6; then 231 | error_detect_depends "yum -y install make" 232 | error_detect_depends "yum -y install gcc-c++" 233 | cd /tmp/ 234 | if [ -e dnsmasq-2.80 ]; then 235 | rm -rf dnsmasq-2.80 236 | fi 237 | download dnsmasq-2.80.tar.gz http://www.thekelleys.org.uk/dnsmasq/dnsmasq-2.80.tar.gz 238 | tar -zxf dnsmasq-2.80.tar.gz 239 | cd dnsmasq-2.80 240 | make 241 | if [ $? -ne 0 ]; then 242 | echo -e "[${red}Error${plain}] dnsmasq upgrade failed." 243 | rm -rf /tmp/dnsmasq-2.80 /tmp/dnsmasq-2.80.tar.gz 244 | exit 1 245 | fi 246 | yes|cp -f /tmp/dnsmasq-2.80/src/dnsmasq /usr/sbin/dnsmasq && chmod 755 /usr/sbin/dnsmasq 247 | fi 248 | elif check_sys packageManager apt; then 249 | error_detect_depends "apt-get -y install dnsmasq" 250 | fi 251 | [ ! -f /usr/sbin/dnsmasq ] && echo -e "[${red}Error${plain}] 安装dnsmasq出现问题,请检查." && exit 1 252 | download /etc/dnsmasq.d/custom_netflix.conf https://raw.githubusercontent.com/myxuchangbin/dnsmasq_sniproxy_install/master/dnsmasq.conf 253 | download /tmp/proxy-domains.txt https://raw.githubusercontent.com/myxuchangbin/dnsmasq_sniproxy_install/master/proxy-domains.txt 254 | for domain in $(cat /tmp/proxy-domains.txt); do 255 | printf "address=/${domain}/${publicip}\n"\ 256 | | tee -a /etc/dnsmasq.d/custom_netflix.conf > /dev/null 2>&1 257 | done 258 | [ "$(grep -x -E "(conf-dir=/etc/dnsmasq.d|conf-dir=/etc/dnsmasq.d,.bak|conf-dir=/etc/dnsmasq.d/,\*.conf|conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig)" /etc/dnsmasq.conf)" ] || echo -e "\nconf-dir=/etc/dnsmasq.d" >> /etc/dnsmasq.conf 259 | echo "启动 Dnsmasq 服务..." 260 | if check_sys packageManager yum; then 261 | if centosversion 6; then 262 | chkconfig dnsmasq on 263 | service dnsmasq start 264 | elif centosversion 7 || centosversion 8; then 265 | systemctl enable dnsmasq 266 | systemctl start dnsmasq 267 | fi 268 | elif check_sys packageManager apt; then 269 | systemctl enable dnsmasq 270 | systemctl restart dnsmasq 271 | fi 272 | cd /tmp 273 | rm -rf /tmp/dnsmasq-2.80 /tmp/dnsmasq-2.80.tar.gz /tmp/proxy-domains.txt 274 | echo -e "[${green}Info${plain}] dnsmasq install complete..." 275 | } 276 | 277 | install_sniproxy(){ 278 | for aport in 80 443; do 279 | netstat -a -n -p | grep LISTEN | grep -P "\d+\.\d+\.\d+\.\d+:${aport}\s+" > /dev/null && echo -e "[${red}Error${plain}] required port ${aport} already in use\n" && exit 1 280 | done 281 | install_dependencies 282 | echo "安装SNI Proxy..." 283 | if check_sys packageManager yum; then 284 | rpm -qa | grep sniproxy >/dev/null 2>&1 285 | if [ $? -eq 0 ]; then 286 | rpm -e sniproxy 287 | fi 288 | elif check_sys packageManager apt; then 289 | dpkg -s sniproxy >/dev/null 2>&1 290 | if [ $? -eq 0 ]; then 291 | dpkg -r sniproxy 292 | fi 293 | fi 294 | bit=`uname -m` 295 | cd /tmp 296 | if [[ ${fastmode} = "0" ]]; then 297 | if [ -e sniproxy ]; then 298 | rm -rf sniproxy 299 | fi 300 | git clone https://github.com/dlundquist/sniproxy.git 301 | cd sniproxy 302 | fi 303 | if check_sys packageManager yum; then 304 | if [[ ${fastmode} = "1" ]]; then 305 | if [[ ${bit} = "x86_64" ]]; then 306 | download /tmp/sniproxy-0.6.0.el7.x86_64.rpm https://github.com/myxuchangbin/dnsmasq_sniproxy_install/raw/master/sniproxy/sniproxy-0.6.0.el7.x86_64.rpm 307 | error_detect_depends "yum -y install /tmp/sniproxy-0.6.0.el7.x86_64.rpm" 308 | rm -rf /tmp/sniproxy-0.6.0.el7.x86_64.rpm 309 | else 310 | echo -e "${red}暂不支持${bit}内核,请使用编译模式安装!${plain}" && exit 1 311 | fi 312 | else 313 | ./autogen.sh && ./configure && make dist 314 | if centosversion 6; then 315 | scl enable devtoolset-6 'rpmbuild --define "_sourcedir `pwd`" --define "_topdir /tmp/sniproxy/rpmbuild" --define "debug_package %{nil}" -ba redhat/sniproxy.spec' 316 | elif centosversion 7 || centosversion 8; then 317 | sed -i "s/\%configure CFLAGS\=\"-I\/usr\/include\/libev\"/\%configure CFLAGS\=\"-fPIC -I\/usr\/include\/libev\"/" redhat/sniproxy.spec 318 | rpmbuild --define "_sourcedir `pwd`" --define "_topdir /tmp/sniproxy/rpmbuild" --define "debug_package %{nil}" -ba redhat/sniproxy.spec 319 | fi 320 | error_detect_depends "yum -y install /tmp/sniproxy/rpmbuild/RPMS/x86_64/sniproxy-*.rpm" 321 | fi 322 | download /etc/init.d/sniproxy https://raw.githubusercontent.com/dlundquist/sniproxy/master/redhat/sniproxy.init && chmod +x /etc/init.d/sniproxy 323 | elif check_sys packageManager apt; then 324 | if [[ ${fastmode} = "1" ]]; then 325 | if [[ ${bit} = "x86_64" ]]; then 326 | download /tmp/sniproxy_0.6.0_amd64.deb https://github.com/myxuchangbin/dnsmasq_sniproxy_install/raw/master/sniproxy/sniproxy_0.6.0_amd64.deb 327 | error_detect_depends "dpkg -i --no-debsig /tmp/sniproxy_0.6.0_amd64.deb" 328 | rm -rf /tmp/sniproxy_0.6.0_amd64.deb 329 | elif [[ ${bit} = "i386" ]]; then 330 | download /tmp/sniproxy_0.6.0_i386.deb https://github.com/myxuchangbin/dnsmasq_sniproxy_install/raw/master/sniproxy/sniproxy_0.6.0_i386.deb 331 | error_detect_depends "dpkg -i --no-debsig /tmp/sniproxy_0.6.0_i386.deb" 332 | rm -rf /tmp/sniproxy_0.6.0_i386.deb 333 | else 334 | echo -e "${red}暂不支持${bit}内核,请使用编译模式安装!${plain}" && exit 1 335 | fi 336 | else 337 | ./autogen.sh && dpkg-buildpackage 338 | error_detect_depends "dpkg -i --no-debsig ../sniproxy_*.deb" 339 | rm -rf /tmp/sniproxy*.deb 340 | fi 341 | download /etc/init.d/sniproxy https://raw.githubusercontent.com/dlundquist/sniproxy/master/debian/init.d && chmod +x /etc/init.d/sniproxy 342 | download /etc/default/sniproxy https://raw.githubusercontent.com/myxuchangbin/dnsmasq_sniproxy_install/master/sniproxy.default 343 | fi 344 | [ ! -f /usr/sbin/sniproxy ] && echo -e "[${red}Error${plain}] 安装Sniproxy出现问题,请检查." && exit 1 345 | [ ! -f /etc/init.d/sniproxy ] && echo -e "[${red}Error${plain}] 下载Sniproxy启动文件出现问题,请检查." && exit 1 346 | download /etc/sniproxy.conf https://raw.githubusercontent.com/myxuchangbin/dnsmasq_sniproxy_install/master/sniproxy.conf 347 | download /tmp/sniproxy-domains.txt https://raw.githubusercontent.com/myxuchangbin/dnsmasq_sniproxy_install/master/proxy-domains.txt 348 | sed -i -e 's/\./\\\./g' -e 's/^/ \.\*/' -e 's/$/\$ \*/' /tmp/sniproxy-domains.txt || (echo -e "[${red}Error:${plain}] Failed to configuration sniproxy." && exit 1) 349 | sed -i '/table {/r /tmp/sniproxy-domains.txt' /etc/sniproxy.conf || (echo -e "[${red}Error:${plain}] Failed to configuration sniproxy." && exit 1) 350 | if [ ! -e /var/log/sniproxy ]; then 351 | mkdir /var/log/sniproxy 352 | fi 353 | echo "启动 SNI Proxy 服务..." 354 | if check_sys packageManager yum; then 355 | if centosversion 6; then 356 | chkconfig sniproxy on > /dev/null 2>&1 357 | service sniproxy start || (echo -e "[${red}Error:${plain}] Failed to start sniproxy." && exit 1) 358 | elif centosversion 7 || centosversion 8; then 359 | systemctl enable sniproxy > /dev/null 2>&1 360 | systemctl start sniproxy || (echo -e "[${red}Error:${plain}] Failed to start sniproxy." && exit 1) 361 | fi 362 | elif check_sys packageManager apt; then 363 | systemctl daemon-reload 364 | systemctl enable sniproxy > /dev/null 2>&1 365 | systemctl restart sniproxy || (echo -e "[${red}Error:${plain}] Failed to start sniproxy." && exit 1) 366 | fi 367 | cd /tmp 368 | rm -rf /tmp/sniproxy/ 369 | rm -rf /tmp/sniproxy-domains.txt 370 | echo -e "[${green}Info${plain}] sniproxy install complete..." 371 | } 372 | 373 | install_check(){ 374 | if check_sys packageManager yum || check_sys packageManager apt; then 375 | if centosversion 5; then 376 | return 1 377 | fi 378 | return 0 379 | else 380 | return 1 381 | fi 382 | } 383 | 384 | ready_install(){ 385 | echo "检测您的系統..." 386 | if ! install_check; then 387 | echo -e "[${red}Error${plain}] Your OS is not supported to run it!" 388 | echo -e "Please change to CentOS 6+/Debian 8+/Ubuntu 16+ and try again." 389 | exit 1 390 | fi 391 | if check_sys packageManager yum; then 392 | error_detect_depends "yum -y install net-tools" 393 | elif check_sys packageManager apt; then 394 | error_detect_depends "apt-get -y install net-tools" 395 | fi 396 | disable_selinux 397 | if check_sys packageManager yum; then 398 | config_firewall 399 | fi 400 | echo -e "[${green}Info${plain}] Checking the system complete..." 401 | } 402 | 403 | hello(){ 404 | echo "" 405 | echo -e "${yellow}Dnsmasq + SNI Proxy自助安装脚本${plain}" 406 | echo -e "${yellow}支持系统: CentOS 6+, Debian8+, Ubuntu16+${plain}" 407 | echo "" 408 | } 409 | 410 | help(){ 411 | hello 412 | echo "使用方法:bash $0 [-h] [-i] [-f] [-id] [-is] [-fs] [-u] [-ud] [-us]" 413 | echo "" 414 | echo " -h , --help 显示帮助信息" 415 | echo " -i , --install 安装 Dnsmasq + SNI Proxy" 416 | echo " -f , --fastinstall 快速安装 Dnsmasq + SNI Proxy" 417 | echo " -id, --installdnsmasq 仅安装 Dnsmasq" 418 | echo " -is, --installsniproxy 仅安装 SNI Proxy" 419 | echo " -fs, --fastinstallsniproxy 快速安装 SNI Proxy" 420 | echo " -u , --uninstall 卸载 Dnsmasq + SNI Proxy" 421 | echo " -ud, --undnsmasq 卸载 Dnsmasq" 422 | echo " -us, --unsniproxy 卸载 SNI Proxy" 423 | echo "" 424 | } 425 | 426 | install_all(){ 427 | ports="53 80 443" 428 | publicip=$(get_ip) 429 | hello 430 | ready_install 431 | install_dnsmasq 432 | install_sniproxy 433 | echo "" 434 | echo -e "${yellow}Dnsmasq + SNI Proxy 已完成安装!${plain}" 435 | echo "" 436 | echo -e "${yellow}将您的DNS更改为 $(get_ip) 即可以观看Netflix节目了。${plain}" 437 | echo "" 438 | } 439 | 440 | only_dnsmasq(){ 441 | ports="53" 442 | hello 443 | ready_install 444 | inputipcount=1 445 | echo -e "请输入SNIProxy服务器的IP地址" 446 | read -e -p "(默认为本机公网IP): " inputip 447 | while true; do 448 | if [ "${inputipcount}" == 3 ]; then 449 | echo -e "[${red}Error:${plain}] IP输入错误次数过多,请重新执行脚本。" 450 | exit 1 451 | fi 452 | if [ -z ${inputip} ]; then 453 | publicip=$(get_ip) 454 | break 455 | else 456 | check_ip ${inputip} 457 | if [ $? -eq 0 ]; then 458 | publicip=${inputip} 459 | break 460 | else 461 | echo -e "请重新输入SNIProxy服务器的IP地址" 462 | read -e -p "(默认为本机公网IP): " inputip 463 | fi 464 | fi 465 | inputipcount=`expr ${inputipcount} + 1` 466 | done 467 | install_dnsmasq 468 | echo "" 469 | echo -e "${yellow}Dnsmasq 已完成安装!${plain}" 470 | echo "" 471 | echo -e "${yellow}将您的DNS更改为 $(get_ip) 即可以观看Netflix节目了。${plain}" 472 | echo "" 473 | } 474 | 475 | only_sniproxy(){ 476 | ports="80 443" 477 | hello 478 | ready_install 479 | install_sniproxy 480 | echo "" 481 | echo -e "${yellow}SNI Proxy 已完成安装!${plain}" 482 | echo "" 483 | echo -e "${yellow}将Netflix的相关域名解析到 $(get_ip) 即可以观看Netflix节目了。${plain}" 484 | echo "" 485 | } 486 | 487 | undnsmasq(){ 488 | echo -e "[${green}Info${plain}] Stoping dnsmasq services." 489 | if check_sys packageManager yum; then 490 | if centosversion 6; then 491 | chkconfig dnsmasq off > /dev/null 2>&1 492 | service dnsmasq stop || echo -e "[${red}Error:${plain}] Failed to stop dnsmasq." 493 | elif centosversion 7 || centosversion 8; then 494 | systemctl disable dnsmasq > /dev/null 2>&1 495 | systemctl stop dnsmasq || echo -e "[${red}Error:${plain}] Failed to stop dnsmasq." 496 | fi 497 | elif check_sys packageManager apt; then 498 | systemctl disable dnsmasq > /dev/null 2>&1 499 | systemctl stop dnsmasq || echo -e "[${red}Error:${plain}] Failed to stop dnsmasq." 500 | fi 501 | echo -e "[${green}Info${plain}] Starting to uninstall dnsmasq services." 502 | if check_sys packageManager yum; then 503 | yum remove dnsmasq -y > /dev/null 2>&1 504 | if [ $? -ne 0 ]; then 505 | echo -e "[${red}Error${plain}] Failed to uninstall ${red}dnsmasq${plain}" 506 | fi 507 | elif check_sys packageManager apt; then 508 | apt-get remove dnsmasq -y > /dev/null 2>&1 509 | if [ $? -ne 0 ]; then 510 | echo -e "[${red}Error${plain}] Failed to uninstall ${red}dnsmasq${plain}" 511 | fi 512 | fi 513 | rm -rf /etc/dnsmasq.d/custom_netflix.conf 514 | echo -e "[${green}Info${plain}] services uninstall dnsmasq complete..." 515 | } 516 | 517 | unsniproxy(){ 518 | echo -e "[${green}Info${plain}] Stoping sniproxy services." 519 | if check_sys packageManager yum; then 520 | if centosversion 6; then 521 | chkconfig sniproxy off > /dev/null 2>&1 522 | service sniproxy stop || echo -e "[${red}Error:${plain}] Failed to stop sniproxy." 523 | elif centosversion 7 || centosversion 8; then 524 | systemctl disable sniproxy > /dev/null 2>&1 525 | systemctl stop sniproxy || echo -e "[${red}Error:${plain}] Failed to stop sniproxy." 526 | fi 527 | elif check_sys packageManager apt; then 528 | systemctl disable sniproxy > /dev/null 2>&1 529 | systemctl stop sniproxy || echo -e "[${red}Error:${plain}] Failed to stop sniproxy." 530 | fi 531 | echo -e "[${green}Info${plain}] Starting to uninstall sniproxy services." 532 | if check_sys packageManager yum; then 533 | yum remove sniproxy -y > /dev/null 2>&1 534 | if [ $? -ne 0 ]; then 535 | echo -e "[${red}Error${plain}] Failed to uninstall ${red}sniproxy${plain}" 536 | fi 537 | elif check_sys packageManager apt; then 538 | apt-get remove sniproxy -y > /dev/null 2>&1 539 | if [ $? -ne 0 ]; then 540 | echo -e "[${red}Error${plain}] Failed to uninstall ${red}sniproxy${plain}" 541 | fi 542 | fi 543 | rm -rf /etc/sniproxy.conf 544 | echo -e "[${green}Info${plain}] services uninstall sniproxy complete..." 545 | } 546 | 547 | confirm(){ 548 | echo -e "${yellow}是否继续执行?(n:取消/y:继续)${plain}" 549 | read -e -p "(默认:取消): " selection 550 | [ -z "${selection}" ] && selection="n" 551 | if [ ${selection} != "y" ]; then 552 | exit 0 553 | fi 554 | } 555 | 556 | if [[ $# = 1 ]];then 557 | key="$1" 558 | case $key in 559 | -i|--install) 560 | fastmode=0 561 | install_all 562 | ;; 563 | -f|--fastinstall) 564 | fastmode=1 565 | install_all 566 | ;; 567 | -id|--installdnsmasq) 568 | fastmode=0 569 | only_dnsmasq 570 | ;; 571 | -is|--installsniproxy) 572 | fastmode=0 573 | only_sniproxy 574 | ;; 575 | -fs|--fastinstallsniproxy) 576 | fastmode=1 577 | only_sniproxy 578 | ;; 579 | -u|--uninstall) 580 | hello 581 | echo -e "${yellow}正在执行卸载Dnsmasq和SNI Proxy.${plain}" 582 | confirm 583 | undnsmasq 584 | unsniproxy 585 | ;; 586 | -ud|--undnsmasq) 587 | hello 588 | echo -e "${yellow}正在执行卸载Dnsmasq.${plain}" 589 | confirm 590 | undnsmasq 591 | ;; 592 | -us|--unsniproxy) 593 | hello 594 | echo -e "${yellow}正在执行卸载SNI Proxy.${plain}" 595 | confirm 596 | unsniproxy 597 | ;; 598 | -h|--help|*) 599 | help 600 | ;; 601 | esac 602 | else 603 | help 604 | fi 605 | -------------------------------------------------------------------------------- /proxy-domains.txt: -------------------------------------------------------------------------------- 1 | akadns.net 2 | akam.net 3 | akamai.com 4 | akamai.net 5 | akamaiedge.net 6 | akamaihd.net 7 | akamaistream.net 8 | akamaitech.net 9 | akamaitechnologies.com 10 | akamaitechnologies.fr 11 | akamaized.net 12 | edgekey.net 13 | edgesuite.net 14 | srip.net 15 | footprint.net 16 | level3.net 17 | llnwd.net 18 | edgecastcdn.net 19 | cloudfront.net 20 | netflix.com 21 | netflix.net 22 | nflximg.net 23 | nflxvideo.net 24 | nflxso.net 25 | nflxext.com 26 | hulu.com 27 | huluim.com 28 | hbonow.com 29 | hbogo.com 30 | hbo.com 31 | amazon.com 32 | amazon.co.uk 33 | amazonvideo.com 34 | crackle.com 35 | pandora.com 36 | vudu.com 37 | blinkbox.com 38 | abc.com 39 | fox.com 40 | theplatform.com 41 | nbc.com 42 | nbcuni.com 43 | ip2location.com 44 | pbs.org 45 | warnerbros.com 46 | southpark.cc.com 47 | cbs.com 48 | brightcove.com 49 | cwtv.com 50 | spike.com 51 | go.com 52 | mtv.com 53 | mtvnservices.com 54 | playstation.net 55 | uplynk.com 56 | maxmind.com 57 | disney.com 58 | disneyjunior.com 59 | xboxlive.com 60 | lovefilm.com 61 | turner.com 62 | amctv.com 63 | sho.com 64 | mog.com 65 | wdtvlive.com 66 | beinsportsconnect.tv 67 | beinsportsconnect.net 68 | fig.bbc.co.uk 69 | open.live.bbc.co.uk 70 | sa.bbc.co.uk 71 | www.bbc.co.uk 72 | crunchyroll.com 73 | ifconfig.co 74 | omtrdc.net 75 | sling.com 76 | movetv.com 77 | happyon.jp 78 | abema.tv 79 | hulu.jp 80 | optus.com.au 81 | optusnet.com.au 82 | gamer.com.tw 83 | bahamut.com.tw 84 | hinet.net 85 | -------------------------------------------------------------------------------- /sniproxy.conf: -------------------------------------------------------------------------------- 1 | user daemon 2 | pidfile /var/tmp/sniproxy.pid 3 | 4 | error_log { 5 | syslog daemon 6 | priority notice 7 | } 8 | 9 | resolver { 10 | nameserver 8.8.8.8 11 | nameserver 8.8.4.4 # local dns should be better 12 | mode ipv4_only 13 | } 14 | listener 0.0.0.0:80 { 15 | proto http 16 | access_log { 17 | filename /var/log/sniproxy/http_access.log 18 | priority notice 19 | } 20 | } 21 | listener 0.0.0.0:443 { 22 | proto tls 23 | access_log { 24 | filename /var/log/sniproxy/https_access.log 25 | priority notice 26 | } 27 | } 28 | 29 | table { 30 | 31 | } -------------------------------------------------------------------------------- /sniproxy.default: -------------------------------------------------------------------------------- 1 | # Defaults for sniproxy initscript 2 | 3 | # This file has two functions: 4 | # 1) to completely disable starting sniproxy, 5 | # 2) to select an alternative config file 6 | # by setting DAEMON_ARGS to -c 7 | 8 | # Additional options that are passed to the Daemon. 9 | DAEMON_ARGS="-c /etc/sniproxy.conf" 10 | 11 | # Whether or not to run the sniproxy daemon; set to 0 to disable, 1 to enable. 12 | ENABLED=1 13 | 14 | -------------------------------------------------------------------------------- /sniproxy/sniproxy-0.6.0.el6.x86_64.rpm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/xsidc/dnsmasq/f1117c8e0aedf1e1b829c8f043c7e1bbaf45d878/sniproxy/sniproxy-0.6.0.el6.x86_64.rpm -------------------------------------------------------------------------------- /sniproxy/sniproxy-0.6.0.el7.x86_64.rpm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/xsidc/dnsmasq/f1117c8e0aedf1e1b829c8f043c7e1bbaf45d878/sniproxy/sniproxy-0.6.0.el7.x86_64.rpm -------------------------------------------------------------------------------- /sniproxy/sniproxy-0.6.0.el8.x86_64.rpm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/xsidc/dnsmasq/f1117c8e0aedf1e1b829c8f043c7e1bbaf45d878/sniproxy/sniproxy-0.6.0.el8.x86_64.rpm -------------------------------------------------------------------------------- /sniproxy/sniproxy_0.6.0_amd64.deb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/xsidc/dnsmasq/f1117c8e0aedf1e1b829c8f043c7e1bbaf45d878/sniproxy/sniproxy_0.6.0_amd64.deb -------------------------------------------------------------------------------- /sniproxy/sniproxy_0.6.0_i386.deb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/xsidc/dnsmasq/f1117c8e0aedf1e1b829c8f043c7e1bbaf45d878/sniproxy/sniproxy_0.6.0_i386.deb --------------------------------------------------------------------------------