@sskaje

Protected: 歌华电视在线看

By @sskaje
Link: https://sskaje.me/2019/04/%e6%ad%8c%e5%8d%8e%e7%94%b5%e8%a7%86%e5%9c%a8%e7%ba%bf%e7%9c%8b/

Protected: 歌华电视在线看 by @sskaje: https://sskaje.me/2019/04/%e6%ad%8c%e5%8d%8e%e7%94%b5%e8%a7%86%e5%9c%a8%e7%ba%bf%e7%9c%8b/

Hijack DnsPod HttpDNS

By @sskaje
Link: https://sskaje.me/2019/04/hijack-dnspod-httpdns/

劫持DNS是个很简单的工作，家用路由器基本都自带dnsmasq，直接加解析就行。

之前某次尝试劫持某视频App的广告接口解析到一个空的本地服务器上，发现该App使用了DnsPod的HttpDNS服务，所以传统的DNS劫持方案不好用。而EdgeRouter的DPI功能也没有对外开放墙一般的高级接口，所以这次用NAT来实现。

Continue reading “Hijack DnsPod HttpDNS” »

Hijack DnsPod HttpDNS by @sskaje: https://sskaje.me/2019/04/hijack-dnspod-httpdns/

Asus Merlin Policy Based Routing

By @sskaje
Link: https://sskaje.me/2019/02/asus-merlin-policy-based-routing/

之前写过一个版本，基于380.x的，一开始好用，最近过来发现不好使了。索性把家里路由升级到384.9，重新配置。

拓扑结构基本不变，增加了需求让两边家里能互通，所以把NAT关了。

这回直接简化，搞了个github的repo，https://github.com/sskaje/merlin-pbr，把jffs的配置脚本放进去了，依旧是 dnsmasq + ipset，但是openvpn-event脚本也可以手工维护路由列表，自动走openvpn的网卡。

Asus Merlin Policy Based Routing by @sskaje: https://sskaje.me/2019/02/asus-merlin-policy-based-routing/

北京联通IPv6 DNS

By @sskaje
Link: https://sskaje.me/2018/12/beijing-china-unicom-ipv6-dns/

2408:8000:1010:1::8
2408:8000:1010:2::8

1 2	2408:8000:1010:1::8 2408:8000:1010:2::8

之前google搜的时候，看到有人说一个好像是 dnslab.net 的，千万别用！！！

北京联通IPv6 DNS by @sskaje: https://sskaje.me/2018/12/beijing-china-unicom-ipv6-dns/

北京联通EdgeRouter开启IPv6

By @sskaje
Link: https://sskaje.me/2018/12/china-unicom-beijing-edgerouter-enable-ipv6-pppoe/

看到说北京联通的pppoe也开始启用ipv6了，在EdgeRouter Lite上开了一下设置。

联通给了个 /56 的prefix。

我的eth1接了上行，pppoe拨号，eth0是lan。

set interfaces ethernet eth1 pppoe 0 ipv6 address autoconf
set interfaces ethernet eth1 pppoe 0 ipv6 enable
set interfaces ethernet eth1 pppoe 0 ipv6 dup-addr-detect-transmits 1 

set interfaces ethernet eth1 pppoe 0 dhcpv6-pd pd 0 interface eth0 service slaac
set interfaces ethernet eth1 pppoe 0 dhcpv6-pd pd 0 prefix-length /56

set interfaces ethernet eth1 pppoe 0 ipv6 address autoconf

set interfaces ethernet eth1 pppoe 0 ipv6 enable

set interfaces ethernet eth1 pppoe 0 ipv6 dup-addr-detect-transmits 1

set interfaces ethernet eth1 pppoe 0 dhcpv6-pd pd 0 interface eth0 service slaac

set interfaces ethernet eth1 pppoe 0 dhcpv6-pd pd 0 prefix-length /56

lan

interface {
  ethernet eth0 {
    ipv6 {
      router-advert {
          cur-hop-limit 64
          link-mtu 0
          managed-flag false
          max-interval 600
          other-config-flag false
          prefix ::/64 {
              autonomous-flag true
              on-link-flag true
              valid-lifetime 2592000
          }
          reachable-time 0
          retrans-timer 0
          send-advert false
      }
    }
  }
}

interface {

ethernet eth0 {

ipv6 {

router-advert {

cur-hop-limit 64

link-mtu 0

managed-flag false

max-interval 600

other-config-flag false

prefix ::/64 {

autonomous-flag true

on-link-flag true

valid-lifetime 2592000

}

reachable-time 0

retrans-timer 0

send-advert false

}

记住配置防火墙

北京联通EdgeRouter开启IPv6 by @sskaje: https://sskaje.me/2018/12/china-unicom-beijing-edgerouter-enable-ipv6-pppoe/