{ "version": "https://jsonfeed.org/version/1.1", "user_comment": "This feed allows you to read the posts from this site in any feed reader that supports the JSON Feed format. To add this feed to your reader, copy the following URL -- https://matoken.org/blog/tag/dns/feed/json/ -- and add it your reader.", "home_page_url": "https://matoken.org/blog/tag/dns/", "feed_url": "https://matoken.org/blog/tag/dns/feed/json/", "language": "ja", "title": "DNS – matoken's blog", "description": "Is there no plan B?", "icon": "https://matoken.org/blog/wp-content/uploads/2025/03/cropped-1865f695c4eecc844385acef2f078255036adccd42c254580ea3844543ab56d9.jpeg", "items": [ { "id": "http://matoken.org/blog/?p=3178", "url": "https://matoken.org/blog/2021/04/02/a-tool-to-spy-on-your-dns-queries-dnspeep/", "title": "dns\u30af\u30a8\u30ea\u3092\u30b9\u30d1\u30a4\u3059\u308b dnspeep", "content_html": "
\n

dnspeep \u3068\u3044\u3046Rust\u88fd\u306edns\u306e\u30af\u30a8\u30ea\u5185\u5bb9\u3092\u8868\u793a\u3059\u308b\u30d7\u30ed\u30b0\u30e9\u30e0\u3092\u77e5\u3063\u305f\u306e\u3067\u5c11\u3057\u8a66\u3057\u3066\u307f\u307e\u3057\u305f\uff0e

\n
\n
\n\n
\n
\n

GitHub\u306eRelease\u30da\u30fc\u30b8\u306bLinux x86_64\u3068macOS x86_64\u306e\u30d0\u30a4\u30ca\u30ea\u304c\u7f6e\u3044\u3066\u3042\u308b\u306e\u3067\u305d\u306e\u74b0\u5883\u3060\u3068\u305d\u308c\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u4f1a\u4f0a\u85e4\u3059\u308b\u3060\u3051\u3067\u4f7f\u3048\u307e\u3059\uff0e\u4ed6\u306e\u74b0\u5883\u3067\u306f cargo build \u3059\u308c\u3070\u3044\u3044\u306e\u304b\u306a?

\n
\n
\n
\n
$ wget https://github.com/jvns/dnspeep/releases/download/v0.1.1/dnspeep-linux.tar.gz\n$ tar tvf ./dnspeep-linux.tar.gz\n-rwxr-xr-x runner/docker 5570536 2021-04-02 06:20 dnspeep\n$ file dnspeep\ndnspeep: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=a917041c223b18db709ff3c563ee1a6a3c82ba6e, for GNU/Linux 3.2.0, with debug_info, not stripped\n$ ./dnspeep -h|xsel\nUsage: ./dnspeep [options]\n\nOptions:\n    -p, --port PORT     port number to listen on\n    -f, --file FILENAME read packets from pcap file\n    -h, --help          print this help menu\n\nWhat the output columns mean:\n   query:     DNS query type (A, CNAME, etc)\n   name:      Hostname the DNS query is requesting\n   server IP: IP address of the DNS server the query was made to\n   response:  Responses from the Answer section of the DNS response (or \"<no response>\" if none was found).\n              Multiple responses are separated by commas.\n\n$ sudo ./dnspeep\nquery name                           server IP            response\nA     tweetdeck.twitter.com.         192.168.1.102        CNAME: td.twitter.com., A: 104.244.42.132, A: 104.244.42.4, A: 104.244.42.68, A: 104.244.42.196\n  :
\n
\n
\n
\n

libpcap\u304b\u3089\u30d1\u30b1\u30c3\u30c8\u3092\u5f15\u3063\u5f35\u3063\u3066dns\u306e\u30af\u30a8\u30ea\u3092\u6574\u5f62\u3057\u3066\u51fa\u529b\u3057\u3066\u3044\u308b\u3088\u3046\u3067\u3059\uff0e\u3053\u3093\u306a\u611f\u3058\u3067tcpdump\u3067\u3082\u3044\u3044\u306e\u3067\u3059\u304c\uff0cdns\u306b\u7279\u5316\u3057\u3066\u3044\u308b\u306e\u3067\u30aa\u30d7\u30b7\u30e7\u30f3\u3068\u304b\u899a\u3048\u306a\u304f\u3066\u3044\u3044\u306e\u306f\u3044\u3044\u3067\u3059\u306d\uff0e

\n
\n
\n
\n
$ sudo tcpdump -i eth0 udp port 53 or tcp port 53
\n
\n
\n
https://youtu.be/3fEvpzDUDmw
\n
\n
\u74b0\u5883
\n

dnspeep v0.1.1

\n
\n
\n
\n
$ dpkg-query -W libpcap0.8 tcpdump\nlibpcap0.8:amd64        1.10.0-2\nlibpcap0.8:i386 1.10.0-2\ntcpdump 4.99.0-2\n$ lsb_release -dr\nDescription:    Debian GNU/Linux bullseye/sid\nRelease:        unstable\n$ arch\nx86_64
\n
\n
\n", "content_text": "dnspeep \u3068\u3044\u3046Rust\u88fd\u306edns\u306e\u30af\u30a8\u30ea\u5185\u5bb9\u3092\u8868\u793a\u3059\u308b\u30d7\u30ed\u30b0\u30e9\u30e0\u3092\u77e5\u3063\u305f\u306e\u3067\u5c11\u3057\u8a66\u3057\u3066\u307f\u307e\u3057\u305f\uff0e\n\n\n\nA tool to spy on your DNS queries: dnspeep\n\n\nA tool to spy on your DNS queries: dnspeep : commandline\n\n\n\n\n\n\nGitHub\u306eRelease\u30da\u30fc\u30b8\u306bLinux x86_64\u3068macOS x86_64\u306e\u30d0\u30a4\u30ca\u30ea\u304c\u7f6e\u3044\u3066\u3042\u308b\u306e\u3067\u305d\u306e\u74b0\u5883\u3060\u3068\u305d\u308c\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u4f1a\u4f0a\u85e4\u3059\u308b\u3060\u3051\u3067\u4f7f\u3048\u307e\u3059\uff0e\u4ed6\u306e\u74b0\u5883\u3067\u306f cargo build \u3059\u308c\u3070\u3044\u3044\u306e\u304b\u306a?\n\n\n\n$ wget https://github.com/jvns/dnspeep/releases/download/v0.1.1/dnspeep-linux.tar.gz\n$ tar tvf ./dnspeep-linux.tar.gz\n-rwxr-xr-x runner/docker 5570536 2021-04-02 06:20 dnspeep\n$ file dnspeep\ndnspeep: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=a917041c223b18db709ff3c563ee1a6a3c82ba6e, for GNU/Linux 3.2.0, with debug_info, not stripped\n$ ./dnspeep -h|xsel\nUsage: ./dnspeep [options]\n\nOptions:\n -p, --port PORT port number to listen on\n -f, --file FILENAME read packets from pcap file\n -h, --help print this help menu\n\nWhat the output columns mean:\n query: DNS query type (A, CNAME, etc)\n name: Hostname the DNS query is requesting\n server IP: IP address of the DNS server the query was made to\n response: Responses from the Answer section of the DNS response (or \"<no response>\" if none was found).\n Multiple responses are separated by commas.\n\n$ sudo ./dnspeep\nquery name server IP response\nA tweetdeck.twitter.com. 192.168.1.102 CNAME: td.twitter.com., A: 104.244.42.132, A: 104.244.42.4, A: 104.244.42.68, A: 104.244.42.196\n :\n\n\n\nlibpcap\u304b\u3089\u30d1\u30b1\u30c3\u30c8\u3092\u5f15\u3063\u5f35\u3063\u3066dns\u306e\u30af\u30a8\u30ea\u3092\u6574\u5f62\u3057\u3066\u51fa\u529b\u3057\u3066\u3044\u308b\u3088\u3046\u3067\u3059\uff0e\u3053\u3093\u306a\u611f\u3058\u3067tcpdump\u3067\u3082\u3044\u3044\u306e\u3067\u3059\u304c\uff0cdns\u306b\u7279\u5316\u3057\u3066\u3044\u308b\u306e\u3067\u30aa\u30d7\u30b7\u30e7\u30f3\u3068\u304b\u899a\u3048\u306a\u304f\u3066\u3044\u3044\u306e\u306f\u3044\u3044\u3067\u3059\u306d\uff0e\n\n\n\n$ sudo tcpdump -i eth0 udp port 53 or tcp port 53\n\n\nhttps://youtu.be/3fEvpzDUDmw\n\n\u74b0\u5883\ndnspeep v0.1.1\n\n\n\n$ dpkg-query -W libpcap0.8 tcpdump\nlibpcap0.8:amd64 1.10.0-2\nlibpcap0.8:i386 1.10.0-2\ntcpdump 4.99.0-2\n$ lsb_release -dr\nDescription: Debian GNU/Linux bullseye/sid\nRelease: unstable\n$ arch\nx86_64", "date_published": "2021-04-02T23:49:16+09:00", "date_modified": "2021-04-03T00:01:03+09:00", "authors": [ { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" } ], "author": { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" }, "tags": [ "DNS", "Debian", "Linux", "sid" ] }, { "id": "http://matoken.org/blog/?p=2172", "url": "https://matoken.org/blog/2018/10/06/try-dns-over-https-with-firefox/", "title": "Firefox \u3067 DNS-over-HTTPS \u3092\u8a66\u3059", "content_html": "
\n

\u6700\u8fd1\u306e Firefox \u306fTrusted Recursive Resolver\uff08TRR\uff09\u3092\u5229\u7528\u3057\u3066 DNS-over-HTTPS \u304c\u5229\u7528\u3067\u304d\u308b\u3088\u3046\u3067\u3059\uff0e\u8a66\u3057\u3066\u307f\u307e\u3057\u305f\uff0e

\n
\n
\n

\u30a2\u30c9\u30ec\u30b9\u30d0\u30fc\u306b about:config \u5165\u529b\u3057\u3066\u79fb\u52d5\uff0e

\n
\n
\n

\"44211559615

\n
\n
\n

network.trr.mode \u3092\u8a2d\u5b9a\uff0e\u4eca\u56de\u306f`3`\u306eTRR\u306e\u307f\u5229\u7528\u3092\u6307\u5b9a\u3057\u305f\uff0e

\n
\n
\n

\"44402653684
\n\"43309711340

\n
\n
\n\n
\n
\n

\u6b21\u306b network.trr.uri \u3092\u6307\u5b9a\uff0e\u597d\u307f\u306eDNS-over-HTTPS \u306e\u30ea\u30be\u30eb\u30d0\u3092\u6307\u5b9a\uff0e

\n
\n
\n

\"43309712480
\n\"44402653984

\n
\n
\n\n
\n
\n

about:networking#dns \u306b\u30a2\u30af\u30bb\u30b9\u3057\u3066TRR\u304c true \u306b\u306a\u3063\u3066\u3044\u308c\u3070 TRR \u3092\u5229\u7528\u3057\u3066\u3044\u308b\u306f\u305a\uff0e

\n
\n
\n

\"44402654944

\n
\n
\n\n
\n
\n
\u74b0\u5883
\n
\n
$ dpkg-query -W firefox\r\nfirefox 62.0.3-1\r\n$ lsb_release -d\r\nDescription:    Debian GNU/Linux unstable (sid)\r\n$ uname -m\r\nx86_64
\n
\n
\n
\n

\"44402653394

\n
\n", "content_text": "\u6700\u8fd1\u306e Firefox \u306fTrusted Recursive Resolver\uff08TRR\uff09\u3092\u5229\u7528\u3057\u3066 DNS-over-HTTPS \u304c\u5229\u7528\u3067\u304d\u308b\u3088\u3046\u3067\u3059\uff0e\u8a66\u3057\u3066\u307f\u307e\u3057\u305f\uff0e\n\n\n\u30a2\u30c9\u30ec\u30b9\u30d0\u30fc\u306b about:config \u5165\u529b\u3057\u3066\u79fb\u52d5\uff0e\n\n\n\n\n\nnetwork.trr.mode \u3092\u8a2d\u5b9a\uff0e\u4eca\u56de\u306f`3`\u306eTRR\u306e\u307f\u5229\u7528\u3092\u6307\u5b9a\u3057\u305f\uff0e\n\n\n\n\n\n\n\n\nnetwork.trr.mode\n\n\n\n0 : TRR\u7121\u52b9(\u65e2\u5b9a\u5024)\uff0e\n\n\n1 : \u901a\u5e38\u306eDNS\u3068TRR\u3092\u4e26\u884c\u5b9f\u884c\u3057\u3066\u6700\u521d\u306b\u5e30\u3063\u3066\u304d\u305f\u7d50\u679c\u3092\u5229\u7528\u3059\u308b\uff0e\n\n\n2 : TRR\u3092\u512a\u5148\u5229\u7528\uff0e\n\n\n3 : TRR\u306e\u307f\u3092\u5229\u7528\uff0e\n\n\n4 : \u901a\u5e38\u306eDNS\u3092\u5229\u7528\u3059\u308b\uff0eTRR\u306f\u60c5\u5831\u53ce\u96c6\u306e\u305f\u3081\u3060\u3051\u306b\u52d5\u304f\uff0e\n\n\n5 : TRR\u3092\u660e\u793a\u7684\u306b\u7121\u52b9\u306b\u3059\u308b\n\n\n\n\n\n\n\n\u6b21\u306b network.trr.uri \u3092\u6307\u5b9a\uff0e\u597d\u307f\u306eDNS-over-HTTPS \u306e\u30ea\u30be\u30eb\u30d0\u3092\u6307\u5b9a\uff0e\n\n\n\n\n\n\n\n\nnetwork.trr.uri\n\n\n\nhttps://dns.cloudflare.com/.well-known/dns (Cloudflare)\n\n\nhttps://dns.google.com/experimental (Google)\n\n\nhttps://doh.cleanbrowsing.org/doh/secure-filter/ (CleanBrowsing \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5411\u3051\u30d5\u30a3\u30eb\u30bf)\n\n\nhttps://doh.cleanbrowsing.org/doh/family-filter/ (CleanBrowsing \u306e\u30d5\u30a1\u30df\u30ea\u30fc\u5411\u3051\u30d5\u30a3\u30eb\u30bf)\n\n\nhttps://doh.cleanbrowsing.org/doh/adult-filter/ (CleanBrowsing \u306e\u30a2\u30c0\u30eb\u30c8\u30b3\u30f3\u30c6\u30f3\u30c4\u30d5\u30a3\u30eb\u30bf)\n\n\n\n\n\n\n\nabout:networking#dns \u306b\u30a2\u30af\u30bb\u30b9\u3057\u3066TRR\u304c true \u306b\u306a\u3063\u3066\u3044\u308c\u3070 TRR \u3092\u5229\u7528\u3057\u3066\u3044\u308b\u306f\u305a\uff0e\n\n\n\n\n\n\n\nLinux \u3067 DNS-over-HTTPS \u3092\u5229\u7528\u3059\u308b \u2013 matoken\u2019s meme\n\n\nAndroid 4.0 \u4ee5\u964d\u3092 DNS-over-HTTPS \u5bfe\u5fdc\u306b\u3059\u308b Intra \u3092\u5c11\u3057\u8a66\u3059 \u2013 matoken\u2019s meme\n\n\n\n\n\u74b0\u5883\n\n$ dpkg-query -W firefox\r\nfirefox 62.0.3-1\r\n$ lsb_release -d\r\nDescription: Debian GNU/Linux unstable (sid)\r\n$ uname -m\r\nx86_64", "date_published": "2018-10-06T07:03:15+09:00", "date_modified": "2018-10-06T07:03:15+09:00", "authors": [ { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" } ], "author": { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" }, "tags": [ "DNS", "DNS-over-HTTPS", "Firefox", "Debian", "Linux", "sid" ] }, { "id": "http://matoken.org/blog/?p=2169", "url": "https://matoken.org/blog/2018/10/05/using-dns-over-https-on-linux/", "title": "Linux \u3067 DNS-over-HTTPS \u3092\u5229\u7528\u3059\u308b", "content_html": "
\n

Android \u3067 DNS-over-HTTPS \u304c\u7c21\u5358\u306b\u51fa\u6765\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f\uff0e

\n
\n
\n\n
\n
\n

Linux\u3060\u3069\u3046\u306a\u3093\u3060\u308d\u3046\u3068\u4ee5\u4e0b\u306e`dns-over-https` \u3092\u8a66\u3057\u3066\u307f\u307e\u3057\u305f\uff0e\u3053\u3053\u3067\u306f Debian sid amd64 \u3067\u8a66\u3057\u3066\u3044\u307e\u3059\u304c\uff0c\u516c\u5f0f\u306e\u624b\u9806\u306b\u306f Ubuntu 18.04 LTS, macOS \u306e\u624b\u9806\u304c\u8f09\u3063\u3066\u3044\u307e\u3059\uff0e

\n
\n
\n\n
\n
\n
\u5c0e\u5165\u4f8b
\n
\n
$ sudo apt install git golang\r\n$ git clone https://github.com/m13253/dns-over-https.git\r\n$ cd dns-over-https\r\n$ make\r\n$ sudo checkinstall
\n
\n
\n
\n
\u898f\u5b9a\u5024\u306e\u30b5\u30fc\u30d0\u306f Google Public DNS \u306b\u306a\u3063\u3066\u3044\u308b\uff0e\u5909\u66f4\u3057\u305f\u3044\u5834\u5408\u306f\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb( /etc/dns-over-https/doh-client.conf )\u3092\u7de8\u96c6
\n
\n
$ sudo edit /etc/dns-over-https/doh-client.conf
\n
\n
\n
\n
CleanBrowsing\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d5\u30a3\u30eb\u30bf\u30fc\u3092\u5229\u7528\u3059\u308b\u5834\u5408\u306e\u8a2d\u5b9a\u4f8b
\n
\n
diff --git a/dns-over-https/doh-client.conf b/dns-over-https/doh-client.conf\r\nindex 3b5de14..1791397 100644\r\n--- a/dns-over-https/doh-client.conf\r\n+++ b/dns-over-https/doh-client.conf\r\n@@ -11,7 +11,7 @@ listen = [\r\n upstream_google = [\r\n\r\n     # Google's productive resolver, good ECS, bad DNSSEC\r\n-    \"https://dns.google.com/resolve\",\r\n+    #\"https://dns.google.com/resolve\",\r\n\r\n     # CloudFlare's resolver, bad ECS, good DNSSEC\r\n     #\"https://cloudflare-dns.com/dns-query\",\r\n@@ -39,6 +39,9 @@ upstream_ietf = [\r\n     # Blog: https://blog.cloudflare.com/welcome-hidden-resolver/\r\n     #\"https://dns4torpnlfs2ifuz2s2yf3fc7rdmsbhm6rw75euj35pac6ap25zgqad.onion/dns-query\",\r\n\r\n+    # CleanBrowsing https://cleanbrowsing.org/dnsoverhttps\r\n+    \"https://doh.cleanbrowsing.org/doh/security-filter/\"\r\n+\r\n ]\r\n\r\n # Bootstrap DNS server to resolve the address of the upstream resolver
\n
\n
\n
\n
\u8d77\u52d5
\n
\n
$ sudo systemctl restart doh-client
\n
\n
\n
\n
\u540d\u524d\u304c\u5f15\u3051\u308b\u306e\u3092\u78ba\u8a8d
\n
\n
$ dig @127.0.0.1 | grep SERVER\r\n;; SERVER: 127.0.0.1#53(127.0.0.1)
\n
\n
\n
\n
trace
\n
\n
$ dig +trace matoken.org @127.0.0.1\r\n\r\n; <<>> DiG 9.11.4-P2-3-Debian <<>> +trace matoken.org @127.0.0.1\r\n;; global options: +cmd\r\n.                       24820   IN      NS      m.root-servers.net.\r\n.                       24820   IN      NS      b.root-servers.net.\r\n.                       24820   IN      NS      c.root-servers.net.\r\n.                       24820   IN      NS      d.root-servers.net.\r\n.                       24820   IN      NS      e.root-servers.net.\r\n.                       24820   IN      NS      f.root-servers.net.\r\n.                       24820   IN      NS      g.root-servers.net.\r\n.                       24820   IN      NS      h.root-servers.net.\r\n.                       24820   IN      NS      i.root-servers.net.\r\n.                       24820   IN      NS      j.root-servers.net.\r\n.                       24820   IN      NS      a.root-servers.net.\r\n.                       24820   IN      NS      k.root-servers.net.\r\n.                       24820   IN      NS      l.root-servers.net.\r\n;; Received 239 bytes from 127.0.0.1#53(127.0.0.1) in 1334 ms\r\n\r\norg.                    172800  IN      NS      a0.org.afilias-nst.info.\r\norg.                    172800  IN      NS      a2.org.afilias-nst.info.\r\norg.                    172800  IN      NS      b0.org.afilias-nst.org.\r\norg.                    172800  IN      NS      b2.org.afilias-nst.org.\r\norg.                    172800  IN      NS      c0.org.afilias-nst.info.\r\norg.                    172800  IN      NS      d0.org.afilias-nst.org.\r\norg.                    86400   IN      DS      9795 7 1 364DFAB3DAF254CAB477B5675B10766DDAA24982\r\norg.                    86400   IN      DS      9795 7 2 3922B31B6F3A4EA92B19EB7B52120F031FD8E05FF0B03BAFCF9F891B FE7FF8E5\r\norg.                    86400   IN      RRSIG   DS 8 1 86400 20181018050000 20181005040000 2134 . bYogBWKVV1SnjoHjS5LnLBE1mWC6UwkYT6muOjcHnuMNzJM1DY3YhSCT d9QOYlvvprUyD37xYIQ10BUZQ8hcNpnQ2TPUTNzd621lsqth6QK8zDN6 eP5AvZXlPy+9wni71rJIHy1wzepn9yrh3jp70zZhnEVxxgItWaYzsayY Jf+UfFQPmOKX0gn0GqcQ09CSZHdZhwbUT2AT1Rs0atkj6VaOy2TT1aQ1 gAtGF+5uA4uqLJegiEe/zneTeyuNE5QDQWKUNaeWEDE9kxylhv6m/3vE tQ8EHFpzOL9x+ed25LNcnRXH8K/xCW43R1FyaVNaA6xcsvGHCysqLneI v/RYMQ==\r\n;; Received 813 bytes from 193.0.14.129#53(k.root-servers.net) in 210 ms\r\n\r\nmatoken.org.            86400   IN      NS      ns-cloud-d2.googledomains.com.\r\nmatoken.org.            86400   IN      NS      ns-cloud-d4.googledomains.com.\r\nmatoken.org.            86400   IN      NS      ns-cloud-d1.googledomains.com.\r\nmatoken.org.            86400   IN      NS      ns-cloud-d3.googledomains.com.\r\nh9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 86400 IN NSEC3 1 1 1 D399EAAB H9PARR669T6U8O1GSG9E1LMITK4DEM0T NS SOA RRSIG DNSKEY NSEC3PARAM\r\nh9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 86400 IN RRSIG NSEC3 7 2 86400 20181026101800 20181005091800 1862 org. edCrqcIYiHlMMzuacuX0DlobcQkymqClpK5C4QLzsNWtvp942bFRjbb2 WDX/6TsHO0noBNoKH2i+TU70WqpW7sVsXbjV9nkeLMZjxz/VLyAJOXWk 2ITvZwhjbe96lCSAIafm824pBx94ruieKZ2Yj8pYTBIrhDBoffjPhuem 44k=\r\na85qqkk8n39d1c6m55g8ucjhm6u3jjcs.org. 86400 IN NSEC3 1 1 1 D399EAAB A86TS1MQ34BR2A3D3CT8D5SCHKAPPBPJ NS DS RRSIG\r\na85qqkk8n39d1c6m55g8ucjhm6u3jjcs.org. 86400 IN RRSIG NSEC3 7 2 86400 20181022152743 20181001142743 1862 org. G15dhaW+53QBX9nTtsIUCnSRrMO0FCkQJE3jydb6hmRQEA328trp9OqK 6fuvl+RZBhBFeMeJV1Tz0Uezp9YvymfRWwdHiiFFLy3KBt5cTZJUXxTZ jXnMT9PoHZcIVJzN65vqQHDI2MzWYoQYr1WoKmJxOC5FQzFctZElyzEq fNQ=\r\n;; Received 654 bytes from 199.19.56.1#53(a0.org.afilias-nst.info) in 217 ms\r\n\r\nmatoken.org.            120     IN      A       153.121.44.87\r\n;; Received 56 bytes from 216.239.38.109#53(ns-cloud-d4.googledomains.com) in 388 ms
\n
\n
\n
\n

\u30d1\u30b1\u30c3\u30c8\u30ad\u30e3\u30d7\u30c1\u30e3\u3057\u3066\u307f\u308b

\n
\n
\n\n
\n
\n
dig 2quepghecPeuj.matoken.org
\n
\n
$ sudo tcpdump -n -nn -t -l -A -s0 2>/dev/null | grep 2quepghecPeuj.matoken.org\r\nIP 192.168.2.203.49026 > 192.168.2.211.53: 49901+ [1au] A? 2quepghecPeuj.matoken.org. (66)\r\nE..^.,..@.0t...........5.J..... .........2quepghecPeuj.matoken.org.......).........\r\nE...z.@.@.8f.........5...w............. .2quepghecPeuj.matoken.org..............x...y,W........2....ns-cloud-d2.googledomains.com.........2....ns-cloud-d4.S........2....ns-cloud-d1.S........2....ns-cloud-d3.S.........d.... m.G.......+....\"m.........D....$m.r......#P....&m............ .H`H..2.......m.G......+W.. .H`H..4.......m............ .H`H..6.......m.r......Ov.. .H`H..8.......m..)........\r\n^C
\n
\n
\n
\n\n
\n
\n

\u540d\u524d\u306f\u898b\u5f53\u305f\u3089\u306a\u3044

\n
\n
\n
dig 2quepghecPeuj.matoken.org @127.0.0.1
\n
\n
$ sudo tcpdump -n -nn -t -l -A -s0 2>/dev/null | grep 2quepghecPeuj.matoken.org\r\n^C
\n
\n
\n
\n

loopback \u90e8\u5206\u306fHTTPS\u306b\u306a\u308b\u524d\u306e\u90e8\u5206\u306f\u898b\u3048\u308b

\n
\n
\n
dig 2quepghecPeuj.matoken.org @127.0.0.1
\n
\n
$ sudo tcpdump -i lo -n -nn -t -l -A -s0 2>/dev/null | grep 2quepghecPeuj.matoken.org\r\nIP 127.0.0.1.52265 > 127.0.0.1.53: 25766+ [1au] A? 2quepghecPeuj.matoken.org. (66)\r\nE..^C...@.8..........).5.J.]d.. .........2quepghecPeuj.matoken.org.......).........\r\nE..bD(@.@..`.........5.).N.ad............2quepghecPeuj.matoken.org..............w...y,W..)........\r\n^C
\n
\n
\n
\n
\u6c38\u7d9a\u5316
\n
\n
$ sudo systemctl enable doh-client
\n
\n
\n
\n

\u5f8c\u306f /etc/network/interfaces \u3084 NetworkManager \u3067 DNS server \u306b 127.0.0.1 \u3092\u6307\u5b9a\u3059\u308b\uff0e

\n
\n
\n
\u74b0\u5883
\n
\n
$ dpkg-query -W git golang dnsutils\r\ndnsutils        1:9.11.4.P2+dfsg-3\r\ngit     1:2.19.0-1\r\ngolang  2:1.10~5\r\n$ lsb_release -d\r\nDescription:    Debian GNU/Linux unstable (sid)\r\n$ uname -m\r\nx86_64
\n
\n
\n", "content_text": "Android \u3067 DNS-over-HTTPS \u304c\u7c21\u5358\u306b\u51fa\u6765\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f\uff0e\n\n\n\n\nAndroid 4.0 \u4ee5\u964d\u3092 DNS-over-HTTPS \u5bfe\u5fdc\u306b\u3059\u308b Intra \u3092\u5c11\u3057\u8a66\u3059 \u2013 matoken\u2019s meme\n\n\n\n\nLinux\u3060\u3069\u3046\u306a\u3093\u3060\u308d\u3046\u3068\u4ee5\u4e0b\u306e`dns-over-https` \u3092\u8a66\u3057\u3066\u307f\u307e\u3057\u305f\uff0e\u3053\u3053\u3067\u306f Debian sid amd64 \u3067\u8a66\u3057\u3066\u3044\u307e\u3059\u304c\uff0c\u516c\u5f0f\u306e\u624b\u9806\u306b\u306f Ubuntu 18.04 LTS, macOS \u306e\u624b\u9806\u304c\u8f09\u3063\u3066\u3044\u307e\u3059\uff0e\n\n\n\n\nm13253/dns-over-https: High performance DNS over HTTPS client & server\n\n\nSetup Guide – DNS-over-HTTPS.com\n\n\n\n\n\u5c0e\u5165\u4f8b\n\n$ sudo apt install git golang\r\n$ git clone https://github.com/m13253/dns-over-https.git\r\n$ cd dns-over-https\r\n$ make\r\n$ sudo checkinstall\n\n\n\n\u898f\u5b9a\u5024\u306e\u30b5\u30fc\u30d0\u306f Google Public DNS \u306b\u306a\u3063\u3066\u3044\u308b\uff0e\u5909\u66f4\u3057\u305f\u3044\u5834\u5408\u306f\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb( /etc/dns-over-https/doh-client.conf )\u3092\u7de8\u96c6\n\n$ sudo edit /etc/dns-over-https/doh-client.conf\n\n\n\nCleanBrowsing\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d5\u30a3\u30eb\u30bf\u30fc\u3092\u5229\u7528\u3059\u308b\u5834\u5408\u306e\u8a2d\u5b9a\u4f8b\n\ndiff --git a/dns-over-https/doh-client.conf b/dns-over-https/doh-client.conf\r\nindex 3b5de14..1791397 100644\r\n--- a/dns-over-https/doh-client.conf\r\n+++ b/dns-over-https/doh-client.conf\r\n@@ -11,7 +11,7 @@ listen = [\r\n upstream_google = [\r\n\r\n # Google's productive resolver, good ECS, bad DNSSEC\r\n- \"https://dns.google.com/resolve\",\r\n+ #\"https://dns.google.com/resolve\",\r\n\r\n # CloudFlare's resolver, bad ECS, good DNSSEC\r\n #\"https://cloudflare-dns.com/dns-query\",\r\n@@ -39,6 +39,9 @@ upstream_ietf = [\r\n # Blog: https://blog.cloudflare.com/welcome-hidden-resolver/\r\n #\"https://dns4torpnlfs2ifuz2s2yf3fc7rdmsbhm6rw75euj35pac6ap25zgqad.onion/dns-query\",\r\n\r\n+ # CleanBrowsing https://cleanbrowsing.org/dnsoverhttps\r\n+ \"https://doh.cleanbrowsing.org/doh/security-filter/\"\r\n+\r\n ]\r\n\r\n # Bootstrap DNS server to resolve the address of the upstream resolver\n\n\n\n\u8d77\u52d5\n\n$ sudo systemctl restart doh-client\n\n\n\n\u540d\u524d\u304c\u5f15\u3051\u308b\u306e\u3092\u78ba\u8a8d\n\n$ dig @127.0.0.1 | grep SERVER\r\n;; SERVER: 127.0.0.1#53(127.0.0.1)\n\n\n\ntrace\n\n$ dig +trace matoken.org @127.0.0.1\r\n\r\n; <<>> DiG 9.11.4-P2-3-Debian <<>> +trace matoken.org @127.0.0.1\r\n;; global options: +cmd\r\n. 24820 IN NS m.root-servers.net.\r\n. 24820 IN NS b.root-servers.net.\r\n. 24820 IN NS c.root-servers.net.\r\n. 24820 IN NS d.root-servers.net.\r\n. 24820 IN NS e.root-servers.net.\r\n. 24820 IN NS f.root-servers.net.\r\n. 24820 IN NS g.root-servers.net.\r\n. 24820 IN NS h.root-servers.net.\r\n. 24820 IN NS i.root-servers.net.\r\n. 24820 IN NS j.root-servers.net.\r\n. 24820 IN NS a.root-servers.net.\r\n. 24820 IN NS k.root-servers.net.\r\n. 24820 IN NS l.root-servers.net.\r\n;; Received 239 bytes from 127.0.0.1#53(127.0.0.1) in 1334 ms\r\n\r\norg. 172800 IN NS a0.org.afilias-nst.info.\r\norg. 172800 IN NS a2.org.afilias-nst.info.\r\norg. 172800 IN NS b0.org.afilias-nst.org.\r\norg. 172800 IN NS b2.org.afilias-nst.org.\r\norg. 172800 IN NS c0.org.afilias-nst.info.\r\norg. 172800 IN NS d0.org.afilias-nst.org.\r\norg. 86400 IN DS 9795 7 1 364DFAB3DAF254CAB477B5675B10766DDAA24982\r\norg. 86400 IN DS 9795 7 2 3922B31B6F3A4EA92B19EB7B52120F031FD8E05FF0B03BAFCF9F891B FE7FF8E5\r\norg. 86400 IN RRSIG DS 8 1 86400 20181018050000 20181005040000 2134 . bYogBWKVV1SnjoHjS5LnLBE1mWC6UwkYT6muOjcHnuMNzJM1DY3YhSCT d9QOYlvvprUyD37xYIQ10BUZQ8hcNpnQ2TPUTNzd621lsqth6QK8zDN6 eP5AvZXlPy+9wni71rJIHy1wzepn9yrh3jp70zZhnEVxxgItWaYzsayY Jf+UfFQPmOKX0gn0GqcQ09CSZHdZhwbUT2AT1Rs0atkj6VaOy2TT1aQ1 gAtGF+5uA4uqLJegiEe/zneTeyuNE5QDQWKUNaeWEDE9kxylhv6m/3vE tQ8EHFpzOL9x+ed25LNcnRXH8K/xCW43R1FyaVNaA6xcsvGHCysqLneI v/RYMQ==\r\n;; Received 813 bytes from 193.0.14.129#53(k.root-servers.net) in 210 ms\r\n\r\nmatoken.org. 86400 IN NS ns-cloud-d2.googledomains.com.\r\nmatoken.org. 86400 IN NS ns-cloud-d4.googledomains.com.\r\nmatoken.org. 86400 IN NS ns-cloud-d1.googledomains.com.\r\nmatoken.org. 86400 IN NS ns-cloud-d3.googledomains.com.\r\nh9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 86400 IN NSEC3 1 1 1 D399EAAB H9PARR669T6U8O1GSG9E1LMITK4DEM0T NS SOA RRSIG DNSKEY NSEC3PARAM\r\nh9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 86400 IN RRSIG NSEC3 7 2 86400 20181026101800 20181005091800 1862 org. edCrqcIYiHlMMzuacuX0DlobcQkymqClpK5C4QLzsNWtvp942bFRjbb2 WDX/6TsHO0noBNoKH2i+TU70WqpW7sVsXbjV9nkeLMZjxz/VLyAJOXWk 2ITvZwhjbe96lCSAIafm824pBx94ruieKZ2Yj8pYTBIrhDBoffjPhuem 44k=\r\na85qqkk8n39d1c6m55g8ucjhm6u3jjcs.org. 86400 IN NSEC3 1 1 1 D399EAAB A86TS1MQ34BR2A3D3CT8D5SCHKAPPBPJ NS DS RRSIG\r\na85qqkk8n39d1c6m55g8ucjhm6u3jjcs.org. 86400 IN RRSIG NSEC3 7 2 86400 20181022152743 20181001142743 1862 org. G15dhaW+53QBX9nTtsIUCnSRrMO0FCkQJE3jydb6hmRQEA328trp9OqK 6fuvl+RZBhBFeMeJV1Tz0Uezp9YvymfRWwdHiiFFLy3KBt5cTZJUXxTZ jXnMT9PoHZcIVJzN65vqQHDI2MzWYoQYr1WoKmJxOC5FQzFctZElyzEq fNQ=\r\n;; Received 654 bytes from 199.19.56.1#53(a0.org.afilias-nst.info) in 217 ms\r\n\r\nmatoken.org. 120 IN A 153.121.44.87\r\n;; Received 56 bytes from 216.239.38.109#53(ns-cloud-d4.googledomains.com) in 388 ms\n\n\n\n\u30d1\u30b1\u30c3\u30c8\u30ad\u30e3\u30d7\u30c1\u30e3\u3057\u3066\u307f\u308b\n\n\n\n\n\u901a\u5e38\u306eDNS\n\n\n\n\ndig 2quepghecPeuj.matoken.org\n\n$ sudo tcpdump -n -nn -t -l -A -s0 2>/dev/null | grep 2quepghecPeuj.matoken.org\r\nIP 192.168.2.203.49026 > 192.168.2.211.53: 49901+ [1au] A? 2quepghecPeuj.matoken.org. (66)\r\nE..^.,..@.0t...........5.J..... .........2quepghecPeuj.matoken.org.......).........\r\nE...z.@.@.8f.........5...w............. .2quepghecPeuj.matoken.org..............x...y,W........2....ns-cloud-d2.googledomains.com.........2....ns-cloud-d4.S........2....ns-cloud-d1.S........2....ns-cloud-d3.S.........d.... m.G.......+....\"m.........D....$m.r......#P....&m............ .H`H..2.......m.G......+W.. .H`H..4.......m............ .H`H..6.......m.r......Ov.. .H`H..8.......m..)........\r\n^C\n\n\n\n\n\nDNS over HTTPS\n\n\n\n\n\u540d\u524d\u306f\u898b\u5f53\u305f\u3089\u306a\u3044\n\n\ndig 2quepghecPeuj.matoken.org @127.0.0.1\n\n$ sudo tcpdump -n -nn -t -l -A -s0 2>/dev/null | grep 2quepghecPeuj.matoken.org\r\n^C\n\n\n\nloopback \u90e8\u5206\u306fHTTPS\u306b\u306a\u308b\u524d\u306e\u90e8\u5206\u306f\u898b\u3048\u308b\n\n\ndig 2quepghecPeuj.matoken.org @127.0.0.1\n\n$ sudo tcpdump -i lo -n -nn -t -l -A -s0 2>/dev/null | grep 2quepghecPeuj.matoken.org\r\nIP 127.0.0.1.52265 > 127.0.0.1.53: 25766+ [1au] A? 2quepghecPeuj.matoken.org. (66)\r\nE..^C...@.8..........).5.J.]d.. .........2quepghecPeuj.matoken.org.......).........\r\nE..bD(@.@..`.........5.).N.ad............2quepghecPeuj.matoken.org..............w...y,W..)........\r\n^C\n\n\n\n\u6c38\u7d9a\u5316\n\n$ sudo systemctl enable doh-client\n\n\n\n\u5f8c\u306f /etc/network/interfaces \u3084 NetworkManager \u3067 DNS server \u306b 127.0.0.1 \u3092\u6307\u5b9a\u3059\u308b\uff0e\n\n\n\u74b0\u5883\n\n$ dpkg-query -W git golang dnsutils\r\ndnsutils 1:9.11.4.P2+dfsg-3\r\ngit 1:2.19.0-1\r\ngolang 2:1.10~5\r\n$ lsb_release -d\r\nDescription: Debian GNU/Linux unstable (sid)\r\n$ uname -m\r\nx86_64", "date_published": "2018-10-05T20:25:47+09:00", "date_modified": "2018-10-05T20:25:47+09:00", "authors": [ { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" } ], "author": { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" }, "tags": [ "DNS", "DNS-over-HTTPS", "Debian", "Linux", "sid" ] }, { "id": "http://matoken.org/blog/?p=2161", "url": "https://matoken.org/blog/2018/10/05/try-intra-a-bit-to-make-dns-over-https-compatible-with-android-4-0-or-later/", "title": "Android 4.0 \u4ee5\u964d\u3092 DNS-over-HTTPS \u5bfe\u5fdc\u306b\u3059\u308b Intra \u3092\u5c11\u3057\u8a66\u3059", "content_html": "
\n

Alpabet \u306e\u6280\u8853\u30a4\u30f3\u30ad\u30e5\u30d9\u30fc\u30bf\u306eJigsaw\u3068\u3044\u3046\u3068\u3053\u308d\u304c\u4f5c\u3063\u305f Intra \u3068\u3044\u3046 Android \u30a2\u30d7\u30ea\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u307e\u3057\u305f\uff0e

\n
\n
\n

\u901a\u5e38\u306e DNS \u306f\u6697\u53f7\u5316\u3055\u308c\u305a\u6539\u3056\u3093\u304c\u53ef\u80fd\u3067\u3059\uff0eIntra \u306f DNS \u3092\u6697\u53f7\u5316\u3059\u308b DNS-over-HTTPS \u3092 Android 4.0 \u4ee5\u964d\u3067\u5229\u7528\u3067\u304d\u308b\u3088\u3046\u306b\u3059\u308b\u30a2\u30d7\u30ea\u3067\u3059\uff0e

\n
\n
\n\n
\n
\n

\"31226501238
\n\"31226501848
\n\"31226502538

\n
\n
\n
VPN\u63a5\u7d9a\u306e\u78ba\u8a8d\u304c\u3055\u308c\u308b
\n

\"31226505068

\n
\n
\n
DNS\u4fdd\u8b77\u72b6\u614b
\n

\"31226508208
\n\"31226510648

\n
\n
\n
DNS-over-HTTPS \u30b5\u30fc\u30d0\u306e\u65e2\u5b9a\u5024\u306fGoogle\u3067\uff0cCloudflare\u3082\u9078\u629e\u3067\u304d\u308b\uff0e\u305d\u306e\u4ed6\u306e\u30b5\u30fc\u30d0\u3082\u624b\u52d5\u3067\u6307\u5b9a\u3067\u304d\u308b
\n

\"31226511688

\n
\n
\n
DNS \u306f 8.8.8.8 \u306e Google \u3092\u898b\u306b\u884c\u3063\u3066\u3044\u308b\u306e\u304c\u308f\u304b\u308b
\n

\"31226512688

\n
\n
\n
VPN\u304c\u6709\u52b9\u306b\u306a\u3063\u3066\u3044\u308b\u304c\uff0cIP\u306f\u305d\u306e\u307e\u307e
\n

\"45100103761

\n
\n
\n
\u30c0\u30c3\u30b7\u30e5\u30dc\u30fc\u30c9\u753b\u9762\u3067\u6700\u8fd1\u306e\u30af\u30a8\u30ea\u306e\u78ba\u8a8d\u3082\u51fa\u6765\u308b
\n

\"30162180647

\n
\n
\n
\u8a66\u3057\u305f\u74b0\u5883\u306f\u4eee\u60f3\u74b0\u5883\u306eAndroid 8.1.0(x86_64), Intra 1.0.0
\n

\"44189409735
\n\"44380132464

\n
\n
\n

\u81ea\u5206\u306f\u57fa\u672c\u7684\u306b\u51fa\u5148\u3067\u306f VPN \u3092\u5229\u7528\u3057\u3066\u3044\u308b\u306e\u3067\u5fc5\u8981\u306a\u3044\u304b\u306a\u3068\u601d\u3046\u306e\u3067\u3059\u304c\uff0c\u304a\u624b\u8efd\u306b\u7121\u6599\u3067\u304b\u3064\u53e4\u3044\u30c7\u30d0\u30a4\u30b9\u306b\u3082\u5bfe\u5fdc\u3057\u3066\u3044\u308b\u306e\u3067\u826f\u3055\u305d\u3046\u3067\u3059\u306d\uff0e\u3061\u306a\u307f\u306b\u3053\u306e\u6a5f\u80fd\u306f Android Pie \u306b\u306f\u6a19\u6e96\u642d\u8f09\u3055\u308c\u3066\u3044\u308b\u305d\u3046\u3067\u3059\uff0e

\n
\n
\n

\uff03Wi-Fi\u306a\u3093\u304b\u3067DNS\u6539\u3056\u3093\u3057\u3066\u8a8d\u8a3c\u753b\u9762\u306b\u98db\u3070\u3057\u305f\u308a\u3059\u308b\u3088\u3046\u306a\u306e\u306f\u3069\u3046\u3044\u3046\u52d5\u304d\u306b\u306a\u308b\u3093\u3060\u308d\u3046?

\n
\n", "content_text": "Alpabet \u306e\u6280\u8853\u30a4\u30f3\u30ad\u30e5\u30d9\u30fc\u30bf\u306eJigsaw\u3068\u3044\u3046\u3068\u3053\u308d\u304c\u4f5c\u3063\u305f Intra \u3068\u3044\u3046 Android \u30a2\u30d7\u30ea\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u307e\u3057\u305f\uff0e\n\n\n\u901a\u5e38\u306e DNS \u306f\u6697\u53f7\u5316\u3055\u308c\u305a\u6539\u3056\u3093\u304c\u53ef\u80fd\u3067\u3059\uff0eIntra \u306f DNS \u3092\u6697\u53f7\u5316\u3059\u308b DNS-over-HTTPS \u3092 Android 4.0 \u4ee5\u964d\u3067\u5229\u7528\u3067\u304d\u308b\u3088\u3046\u306b\u3059\u308b\u30a2\u30d7\u30ea\u3067\u3059\uff0e\n\n\n\n\nIntra\n\n\nIntra – Google Play \u306e\u30a2\u30d7\u30ea\n\n\nJigsaw-Code/Intra: An experimental tool that allows you to test new DNS-over-HTTPS services on Android\n\n\nIntra\n\n\nJigsaw\n\n\nSetup Guide – DNS-over-HTTPS.com\n\n\n\n\n\n\n\n\n\nVPN\u63a5\u7d9a\u306e\u78ba\u8a8d\u304c\u3055\u308c\u308b\n\n\n\nDNS\u4fdd\u8b77\u72b6\u614b\n\n\n\n\nDNS-over-HTTPS \u30b5\u30fc\u30d0\u306e\u65e2\u5b9a\u5024\u306fGoogle\u3067\uff0cCloudflare\u3082\u9078\u629e\u3067\u304d\u308b\uff0e\u305d\u306e\u4ed6\u306e\u30b5\u30fc\u30d0\u3082\u624b\u52d5\u3067\u6307\u5b9a\u3067\u304d\u308b\n\n\n\nDNS \u306f 8.8.8.8 \u306e Google \u3092\u898b\u306b\u884c\u3063\u3066\u3044\u308b\u306e\u304c\u308f\u304b\u308b\n\n\n\nVPN\u304c\u6709\u52b9\u306b\u306a\u3063\u3066\u3044\u308b\u304c\uff0cIP\u306f\u305d\u306e\u307e\u307e\n\n\n\n\u30c0\u30c3\u30b7\u30e5\u30dc\u30fc\u30c9\u753b\u9762\u3067\u6700\u8fd1\u306e\u30af\u30a8\u30ea\u306e\u78ba\u8a8d\u3082\u51fa\u6765\u308b\n\n\n\n\u8a66\u3057\u305f\u74b0\u5883\u306f\u4eee\u60f3\u74b0\u5883\u306eAndroid 8.1.0(x86_64), Intra 1.0.0\n\n\n\n\n\u81ea\u5206\u306f\u57fa\u672c\u7684\u306b\u51fa\u5148\u3067\u306f VPN \u3092\u5229\u7528\u3057\u3066\u3044\u308b\u306e\u3067\u5fc5\u8981\u306a\u3044\u304b\u306a\u3068\u601d\u3046\u306e\u3067\u3059\u304c\uff0c\u304a\u624b\u8efd\u306b\u7121\u6599\u3067\u304b\u3064\u53e4\u3044\u30c7\u30d0\u30a4\u30b9\u306b\u3082\u5bfe\u5fdc\u3057\u3066\u3044\u308b\u306e\u3067\u826f\u3055\u305d\u3046\u3067\u3059\u306d\uff0e\u3061\u306a\u307f\u306b\u3053\u306e\u6a5f\u80fd\u306f Android Pie \u306b\u306f\u6a19\u6e96\u642d\u8f09\u3055\u308c\u3066\u3044\u308b\u305d\u3046\u3067\u3059\uff0e\n\n\n\uff03Wi-Fi\u306a\u3093\u304b\u3067DNS\u6539\u3056\u3093\u3057\u3066\u8a8d\u8a3c\u753b\u9762\u306b\u98db\u3070\u3057\u305f\u308a\u3059\u308b\u3088\u3046\u306a\u306e\u306f\u3069\u3046\u3044\u3046\u52d5\u304d\u306b\u306a\u308b\u3093\u3060\u308d\u3046?", "date_published": "2018-10-05T05:15:02+09:00", "date_modified": "2018-10-05T05:15:02+09:00", "authors": [ { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" } ], "author": { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" }, "tags": [ "Android", "DNS", "DNS-over-HTTPS" ] }, { "id": "http://matoken.org/blog/?p=2079", "url": "https://matoken.org/blog/2018/09/01/try-pi-hole-of-dns-cache-server-ad-blocker/", "title": "DNS\u30ad\u30e3\u30c3\u30b7\u30e5\u30b5\u30fc\u30d0\u306a\u30a2\u30c9\u30d6\u30ed\u30c3\u30ab\u30fc\u306ePi-hole\u3092\u8a66\u3059", "content_html": "
\n

2018-08-18 \u306e\u9e7f\u5150\u5cf6Linux\u52c9\u5f37\u4f1a 2018.08 \u3067\u767a\u8868\u3057\u305f\u3082\u306e\u306b\u52a0\u7b46\u4fee\u6b63\u3057\u305f\u3082\u306e\uff0e

\n
\n
\n\n
\n
\n

\u30a2\u30c9\u30d6\u30ed\u30c3\u30ab\u30fc?

\n
\n
\n
    \n
  • \n

    \u5e83\u544a\u3092\u30d6\u30ed\u30c3\u30af

    \n
    • \n
  • \n

    \u30d6\u30e9\u30a6\u30b6\u306e\u62e1\u5f35\u6a5f\u80fd\u306a\u3069\u3067\u5b9f\u73fe\u3059\u308b\u306e\u304c\u4e00\u822c\u7684(\u91cd\u3044&\u30d6\u30e9\u30a6\u30b6\u6bce\u306b\u8a2d\u5b9a\u304c\u5fc5\u8981)

    \n
    \n
      \n
    • \n

      uBlock Origin\u7b49

      \n
      • \n
    • \n

      \u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30d6\u30e9\u30a6\u30b8\u30f3\u30b0\u30e2\u30fc\u30c9\u3067\u306f(\u57fa\u672c\u7684\u306b)\u5229\u7528\u3067\u304d\u306a\u3044

      \n
      • \n
    \n
    \n
    • \n
  • \n

    \u30b9\u30de\u30fc\u30c8\u30d5\u30a9\u30f3\u306f?

    \n
    \n
      \n
    • \n

      root\u306a\u3069\u304c\u5fc5\u8981(\u30a6\u30a7\u30d6\u30d6\u30e9\u30a6\u30b8\u30f3\u30b0\u306f\u62e1\u5f35\u6a5f\u80fd\u3084\u5e83\u544a\u30d6\u30ed\u30c3\u30af\u6a5f\u80fd\u306e\u3042\u308b\u30a6\u30a7\u30d6\u30d6\u30e9\u30a6\u30b6\u306a\u3069\u3067\u56de\u907f\u53ef\u80fd)

      \n
      • \n
    \n
    \n
    • \n
\n
\n
\n
\n
\n

Pi-hole

\n
\n
\n\n
\n
\n

\"29084865297

\n
\n
\n
    \n
  • \n

    DNS\u30ad\u30e3\u30c3\u30b7\u30e5\u30b5\u30fc\u30d0\u3068\u3057\u3066\u52d5\u4f5c\u3057\u3066\u5e83\u544a\u3092DNS\u30d9\u30fc\u30b9\u3067\u30d6\u30ed\u30c3\u30af

    \n
    \n
      \n
    • \n

      PC\u5074\u3067\u306f\u8a2d\u5b9a\u4e0d\u8981 or DNS\u8a2d\u5b9a\u306e\u307f

      \n
      • \n
    • \n

      \u8efd\u3044

      \n
      • \n
    \n
    \n
    • \n
  • \n

    Web\u30d9\u30fc\u30b9\u306e\u7ba1\u7406\u753b\u9762\u304c\u5229\u7528\u53ef\u80fd

    \n
    • \n
  • \n

    DNS\u4ee5\u5916\u306bDHCP\u30b5\u30fc\u30d0\u6a5f\u80fd\u3082\u5229\u7528\u53ef\u80fd

    \n
    • \n
\n
\n
\n
\n
\n

\u52d5\u4f5c\u8981\u4ef6

\n
\n
\n

\u540d\u524d\u306bPi\u3068\u3064\u3044\u3066\u3044\u308b\u3057\u4e8b\u4f8b\u304c\u591a\u3044\u304cRaspberry Pi\u4ee5\u5916\u3067\u3082\u52d5\u4f5c\u3059\u308b

\n
\n
\n
https://discourse.pi-hole.net/t/hardware-software-requirements/273
\n
\n
Hardware\r\nPi-hole is very lightweight as it only handles DNS queries and returns a blank HTML file so it doesn\u2019t need much processing power.\r\n\r\n~52MB of free space\r\n512 MB RAM\r\nSoftware\r\nPi-hole will run on most Debian-based distro\u2019s and is the preferred platform for it.\r\n\r\nWe officially support the following:\r\n\r\nRaspbian: Jessie/Stretch\r\nUbuntu: 16.04 / 16.10\r\nDebian: 8 / 9\r\nFedora 26\r\nCentOS: 7 (not ARM)
\n
\n
\n
\n
\n
\n

\u5c0e\u5165\u4f8b

\n
\n
\n

\u304a\u624b\u8efd\u306a\u30a4\u30f3\u30b9\u30c8\u30fc\u30ebscript\u304c\u7528\u610f\u3055\u308c\u3066\u3044\u308b
\n\u516c\u5f0f\u30da\u30fc\u30b8\u3067\u306f\uff0c

\n
\n
\n
\n
curl -sSL https://install.pi-hole.net | bash
\n
\n
\n
\n

\u3068\u306f\u3044\u3048\u6016\u3044\u306e\u3067\uff0c\u3053\u3093\u306a\u611f\u3058\u3067\u5165\u308c\u305f

\n
\n
\n
\n
$ wget -O basic-install.sh https://install.pi-hole.net\r\n$ lv basic-install.sh\r\n$ sudo porg -lp pi-hole bash ./basic-install.sh
\n
\n
\n
\n
    \n
  • \n

    \u30a4\u30f3\u30b9\u30c8\u30fc\u30e9\u306fTUI\u3067\u3044\u304f\u3064\u304b\u306e\u9078\u629e\u80a2\u304c\u8868\u793a\u3055\u308c\u308b

    \n
    • \n
  • \n

    \u8a2d\u5b9a\u306f\u3053\u306e\u3042\u305f\u308a\u306b/etc/pihole/setupVars.conf

    \n
    • \n
  • \n

    \u30a2\u30f3\u30b9\u30c8\u30fc\u30e9\u30fc\u3082\u3064\u3044\u3066\u3044\u308b\u304c\uff0c\u30d1\u30c3\u30b1\u30fc\u30b8\u5468\u308a\u3068\u304b\u9762\u5012(\u5c0e\u5165\u6e08\u307f\u3060\u3063\u305f\u304b\u3069\u3046\u304b\u95a2\u4fc2\u306a\u304f\u95a2\u9023\u30d1\u30c3\u30b1\u30fc\u30b8\u30921\u3064\u3065\u3064\u78ba\u8a8d\u3057\u306a\u3044\u3068\u3044\u3051\u306a\u3044)\u306a\u306e\u3067chroot\u74b0\u5883\u306a\u3069\u3067\u8a66\u3057\u305f\u307b\u3046\u304c\u826f\u3044

    \n
    • \n
\n
\n
\n
\n
\n

logo

\n
\n
\n

\"44003211731

\n
\n
\n
\n
\n

DNS\u306e\u9078\u629e

\n
\n
\n
    \n
  • \n

    Public DNS\u5404\u7a2e\u3082\u3057\u304f\u306fCustom\u304b\u3089\u4efb\u610f\u306eDNS\u304c\u6307\u5b9a\u53ef\u80fd

    \n
    • \n
  • \n

    \u4eca\u56de\u306f\u81ea\u5206\u306e\u5bb6\u306eUnbound\u3092\u6307\u5b9a

    \n
    • \n
  • \n

    \u5fc5\u8981\u306a\u30d1\u30c3\u30b1\u30fc\u30b8\u306f\u81ea\u52d5\u3067\u5c0e\u5165\u3055\u308c\u308b

    \n
    • \n
\n
\n
\n

\"43284561304
\n\"44003212211

\n
\n
\n
\n
\n

ad list\u306e\u9078\u629e

\n
\n
\n

\"43284561514

\n
\n
\n
\n
\n

Protocol\u306e\u9078\u629e

\n
\n
\n

\"44003212531

\n
\n
\n
\n
\n

Web\u7ba1\u7406\u753b\u9762\u6709\u52b9\u7121\u52b9

\n
\n
\n

\"43284561704
\n\"44003212851

\n
\n
\n
\n
\n

\u30ed\u30b0

\n
\n
\n

\"43284561874

\n
\n
\n
\n
\n

\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u5b8c\u4e86

\n
\n
\n

\u3053\u306e\u753b\u9762\u306f\u30e1\u30e2\u3057\u3066\u304a\u304d\u307e\u3057\u3087\u3046

\n
\n
\n

\"44003213001

\n
\n
\n
\n
\n

\u3082\u3057\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u5fd8\u308c\u305f\u3089

\n
\n
\n
\n
$ pihole -a -p\r\nEnter New Password (Blank for no password):\r\nConfirm Password:\r\n  [\u2713] New password set
\n
\n
\n
\n
\n
\n

\u7aef\u672b\u306eDNS\u3092Pi-hole\u306b\u5411\u3051\u3066\u8a66\u3059(adhoc)

\n
\n
\n

\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306eDNS\u3092Pi-hole\u306eip\u306b\u3057\u307e\u3059

\n
\n
\n
nm-applet
\n

\"42224130270

\n
\n
\n
/etc/resolv.conf
\n
\n
nameserver 192.168.2.211
\n
\n
\n
\n
\n
\n

\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5168\u4f53\u306b\u53cd\u6620

\n
\n
\n
    \n
  • \n

    DHCP\u30b5\u30fc\u30d0\u304b\u3089\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u308bDNS\u60c5\u5831\u3092Pi-hole\u306e\u3082\u306e\u306b\u5dee\u3057\u66ff\u3048\u308b

    \n
    • \n
\n
\n
\n

or

\n
\n
\n
    \n
  • \n

    DHCP\u30b5\u30fc\u30d0\u3092Pi-hole\u306b\u5207\u308a\u66ff\u3048\u308b

    \n
    \n
      \n
    • \n

      Pi-hole\u306eDHCPD\u306f\u7ba1\u7406\u753b\u9762\u306eSettings \u2192 DHCP\u304b\u3089\u6709\u52b9\u306b\u3067\u304d\u308b

      \n
      • \n
    \n
    \n
    • \n
\n
\n
\n

\u304b\u3089\u6709\u52b9\u306b\u3067\u304d\u308b

\n
\n
\n
\n
\n

VPN \u306e nameserver \u306b\u6307\u5b9a

\n
\n
\n

\u81ea\u5206\u306f\u5916\u3067\u306f VPN \u3092\u4f7f\u3046\u304c\uff0c\u305d\u306e\u3068\u304d\u3053\u306e nameserver \u3092\u6307\u5b9a\u3059\u308b\u3068\u643a\u5e2f\u56de\u7dda\u3067\u3082\u30d1\u30b1\u30c3\u30c8\u306e\u6d88\u8cbb\u304c\u6291\u3048\u3089\u308c\u308b\u52b9\u679c\u3082\u3042\u308b

\n
\n
\n
\n
\n

DNS\u304c\u5207\u308a\u66ff\u308f\u3063\u305f\u304b\u78ba\u8a8d

\n
\n
\n
\u78ba\u8a8d\u4f8b
\n
\n
$ dig example.com|grep -i server\r\n;; SERVER: 192.168.2.211#53(192.168.2.211)
\n
\n
\n
\n
\n
\n

\u7ba1\u7406\u753b\u9762

\n
\n
\n
\u30c0\u30c3\u30b7\u30e5\u30dc\u30fc\u30c9
\n

\"43115604235

\n
\n
\n
log
\n

\"43973290462

\n
\n
\n
\u30b7\u30b9\u30c6\u30e0\u60c5\u5831
\n

\"29084598777

\n
\n
\n
\u5e83\u544a\u30d6\u30ed\u30c3\u30af\u30ea\u30b9\u30c8\u7ba1\u7406
\n

\"43303343644

\n
\n
\n
DNS\u8a2d\u5b9a
\n

\"30153543558

\n
\n
\n
DHCP\u8a2d\u5b9a
\n

\"30153549218

\n
\n
\n
API/Web\u7ba1\u7406\u753b\u9762\u8a2d\u5b9a
\n

\"42212991130

\n
\n
\n
\u30d7\u30e9\u30a4\u30d0\u30b7\u30fc\u8a2d\u5b9a
\n

\"43973382062

\n
\n
\n
\u30c6\u30ec\u30dd\u30fc\u30bf\u30fc(\u8a2d\u5b9a\u306e\u30a4\u30f3\u30dd\u30fc\u30c8\u30a8\u30af\u30b9\u30dd\u30fc\u30c8)
\n

\"43973387132

\n
\n
\n
\n
\n

\u30ed\u30b0\u304b\u3089\u30db\u30ef\u30a4\u30c8\u30ea\u30b9\u30c8\u30d6\u30e9\u30c3\u30af\u30ea\u30b9\u30c8\u306b

\n
\n
\n

\u30ed\u30b0\u304b\u3089\u30c9\u30e1\u30a4\u30f3\u3092\u30db\u30ef\u30a4\u30c8\u30ea\u30b9\u30c8\uff0c\u30d6\u30e9\u30c3\u30af\u30ea\u30b9\u30c8\u306b\u79fb\u52d5\u3067\u304d\u308b

\n
\n
\n

\"43301172114
\n\"43113907005

\n
\n
\n
\n
\n

WebIF\u306foption

\n
\n
\n

pihole command\u304c\u5b58\u5728\u3059\u308b

\n
\n
\n
help
\n
\n
$ pihole --help\r\nUsage: pihole [options]\r\nExample: 'pihole -w -h'\r\nAdd '-h' after specific commands for more information on usage\r\n\r\nWhitelist/Blacklist Options:\r\n  -w, whitelist       Whitelist domain(s)\r\n  -b, blacklist       Blacklist domain(s)\r\n  --wild, wildcard     Wildcard blacklist domain(s)\r\n  --regex, regex       Regex blacklist domains(s)\r\n                        Add '-h' for more info on whitelist/blacklist usage\r\n\r\nDebugging Options:\r\n  -d, debug           Start a debugging session\r\n                        Add '-a' to enable automated debugging\r\n  -f, flush           Flush the Pi-hole log\r\n  -r, reconfigure     Reconfigure or Repair Pi-hole subsystems\r\n  -t, tail            View the live output of the Pi-hole log\r\n\r\nOptions:\r\n  -a, admin           Web interface options\r\n                        Add '-h' for more info on Web Interface usage\r\n  -c, chronometer     Calculates stats and displays to an LCD\r\n                        Add '-h' for more info on chronometer usage\r\n  -g, updateGravity   Update the list of ad-serving domains\r\n  -h, --help, help    Show this help dialog\r\n  -l, logging         Specify whether the Pi-hole log should be used\r\n                        Add '-h' for more info on logging usage\r\n  -q, query           Query the adlists for a specified domain\r\n                        Add '-h' for more info on query usage\r\n  -up, updatePihole   Update Pi-hole subsystems\r\n                        Add '--check-only' to exit script before update is performed.\r\n  -v, version         Show installed versions of Pi-hole, Web Interface & FTL\r\n                        Add '-h' for more info on version usage\r\n  uninstall           Uninstall Pi-hole from your system\r\n  status              Display the running status of Pi-hole subsystems\r\n  enable              Enable Pi-hole subsystems\r\n  disable             Disable Pi-hole subsystems\r\n                        Add '-h' for more info on disable usage\r\n  restartdns          Restart Pi-hole subsystems\r\n  checkout            Switch Pi-hole subsystems to a different Github branch\r\n                        Add '-h' for more info on checkout usage
\n
\n
\n
\n
\n
\n

Pi-hole \u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306e\u78ba\u8a8d\u3068\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8

\n
\n
\n
Pi-hole\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u78ba\u8a8d
\n
\n
$ pihole -up --check-only\r\n
  [i] Checking for updates...\r\n
  [i] Pi-hole Core:     up to date\r\n
  [i] Web Interface:    up to date\r\n
  [i] FTL:              up to date\r\n
 \r\n
  [\u2713] Everything is up to date!\r\n
\n
\n
\n
\n
Pi-hole\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8
\n
\n
$ pihole -up\r\n
\n
\n
\n
\n
\u5e83\u544a\u30c9\u30e1\u30a4\u30f3\u30ea\u30b9\u30c8\u306e\u66f4\u65b0
\n
\n
$ pihole updateGravity\r\n  [i] Neutrino emissions detected...\r\n  [\u2713] Pulling blocklist source list into range\r\n\r\n  [i] Target: raw.githubusercontent.com (hosts)\r\n  [\u2713] Status: Retrieval successful\r\n\r\n  [i] Target: mirror1.malwaredomains.com (justdomains)\r\n  [\u2713] Status: No changes detected\r\n\r\n  [i] Target: sysctl.org (hosts)\r\n  [\u2713] Status: No changes detected\r\n\r\n  [i] Target: zeustracker.abuse.ch (blocklist.php?download=domainblocklist)\r\n  [\u2713] Status: No changes detected\r\n\r\n  [i] Target: s3.amazonaws.com (simple_tracking.txt)\r\n  [\u2713] Status: No changes detected\r\n\r\n  [i] Target: s3.amazonaws.com (simple_ad.txt)\r\n  [\u2713] Status: No changes detected\r\n\r\n  [i] Target: hosts-file.net (ad_servers.txt)\r\n  [\u2713] Status: No changes detected\r\n\r\n  [\u2713] Consolidating blocklists\r\n  [\u2713] Extracting domains from blocklists\r\n  [i] Number of domains being pulled in by gravity: 157918\r\n  [\u2713] Removing duplicate domains\r\n  [i] Number of unique domains trapped in the Event Horizon: 134681\r\n  [i] Number of whitelisted domains: 0\r\n  [i] Number of blacklisted domains: 0\r\n  [i] Number of regex filters: 0\r\n  [\u2713] Parsing domains into hosts format\r\n  [\u2713] Cleaning up stray matter\r\n\r\n  [\u2713] Force-reloading DNS service\r\n  [\u2713] DNS service is running\r\n  [\u2713] Pi-hole blocking is Enabled
\n
\n
\n
\n
crontab\u306b\u767b\u9332
\n
\n
# Pi-hole\u5e83\u544a\u30c9\u30e1\u30a4\u30f3\u30ea\u30b9\u30c8\u66f4\u65b0\r\n7 3 * * * pihole updateGravity | tee >$(telegram-msg-cron)\r\n# Pi-hole \u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u30c1\u30a7\u30c3\u30af\r\n11 3 * * *      if [ $(pihole -up --check-only|tail -1|grep -c 'Everything is up to date!') ]; then echo ''; else echo \"${HOSTNAME} : please Pi-hole update!\" | tee >$(telegram-msg-cron) ; fi
\n
\n
\n
\n
\n
\n

\u65e5\u672c\u5411\u3051\u5e83\u544a\u30ea\u30b9\u30c8\u3092\u8ffd\u52a0\u3057\u3066\u307f\u308b

\n
\n
\n
280blocker | \u30e2\u30d0\u30a4\u30eb\u5e83\u544a\u30d6\u30ed\u30c3\u30ab\u30fc \u5229\u7528\u4f8b
\n
\n
$ echo 'https://280blocker.net/files/280blocker_host.txt' | sudo tee -a /etc/pihole/adlists.list\r\nhttps://280blocker.net/files/280blocker_host.txt\r\n$ pihole -g
\n
\n
\n
\n

\u691c\u7d22\u3059\u308b\u3068\u69d8\u3005\u306a\u30c9\u30e1\u30a4\u30f3\u30ea\u30b9\u30c8\u304c\u5b58\u5728\u3059\u308b\uff0e\u7528\u9014\u306b\u5408\u308f\u305b\u3066\u767b\u9332\u3059\u308b\u3068\u826f\u3055\u305d\u3046\uff0e

\n
\n
\n\n
\n
\n
\n
\n

Pi-hole \u30e1\u30ea\u30c3\u30c8\uff0c\u30c7\u30e1\u30ea\u30c3\u30c8

\n
\n
\n
    \n
  • \n

    \u30e1\u30ea\u30c3\u30c8

    \n
    \n
      \n
    • \n

      \u8efd\u91cf\u3067\u52d5\u4f5c\u8981\u4ef6\u3082\u4f4e\u3044

      \n
      • \n
    • \n

      DNS\u30d9\u30fc\u30b9\u306a\u306e\u3067\u30b9\u30de\u30fc\u30c8\u30d5\u30a9\u30f3\u306a\u3069\u3067\u3082OK!(\u30a2\u30d7\u30ea\u5185\u306e\u5e83\u544a\u30d6\u30ed\u30c3\u30af\u3082)

      \n
      • \n
    • \n

      \u30a6\u30a7\u30d6\u30d6\u30e9\u30a6\u30b6\u306e\u5834\u5408\u3067\u3082\u7aef\u672b\u3084\u30d6\u30e9\u30a6\u30b6\u6bce\u306b\u500b\u5225\u306b\u8a2d\u5b9a\u3059\u308b\u5fc5\u8981\u304c\u306a\u3044

      \n
      • \n
    • \n

      \u8a2d\u5b9a\u3082\u7c21\u5358\u3067\u52d5\u4f5c\u3082\u7ba1\u7406\u753b\u9762\u3067\u78ba\u8a8d\u3057\u3084\u3059\u3044

      \n
      • \n
    • \n

      \u8ee2\u9001\u91cf\u3082\u6e1b\u308b

      \n
      • \n
    \n
    \n
    • \n
  • \n

    \u30c7\u30e1\u30ea\u30c3\u30c8

    \n
    \n
      \n
    • \n

      uBlock Origin\u306b\u6bd4\u3079\u308b\u3068\u5e83\u544a\u306e\u30d6\u30ed\u30c3\u30af\u7387\u304c\u4f4e\u3044?(\u898b\u3066\u3044\u308bsite\u306b\u3082\u4f9d\u308b\u304b\u3082)

      \n
      \n
        \n
      • \n

        \u62e1\u5f35\u6027\u304c\u3042\u308b\u306e\u3067\u597d\u307f\u306e\u30ea\u30b9\u30c8\u3092\u8ffd\u52a0\u3059\u308c\u3070\u826f\u3055\u305d\u3046

        \n
        • \n
      \n
      \n
      • \n
    • \n

      \u4eca\u898b\u3048\u3066\u3044\u308b\u5e83\u544a\u3092\u30d6\u30ed\u30c3\u30af\u3057\u305f\u3044\u3068\u3044\u3063\u305f\u3068\u304d\u306b\u306f\u30d6\u30e9\u30a6\u30b6\u306e\u62e1\u5f35\u6a5f\u80fd\u306e\u307b\u3046\u304c\u4fbf\u5229

      \n
      • \n
    • \n

      \u5e83\u544a\u306e\u52d5\u304d\u3092\u78ba\u8a8d\u3059\u308b\u306b\u306fDNS\u3092\u5207\u308a\u66ff\u3048\u308b\u5fc5\u8981\u304c\u3042\u308a\u9762\u5012

      \n
      \n
        \n
      • \n

        nm-applet\u3060\u3068Pi-hole\u3068\u901a\u5e38DNS\u306e\u8a2d\u5b9a\u3092\u305d\u308c\u305e\u308c\u4f5c\u3063\u3066\u304a\u304f\u3068\u30ef\u30f3\u30bf\u30c3\u30c1\u3067\u5207\u308a\u66ff\u3048\u3089\u308c\u3066\u4fbf\u5229
        \n\"43127431915

        \n
        \n
          \n
        • \n

          PC \u2192 Pi-hole \u2192 Unbound \u2192 ISP

          \n
          • \n
        • \n

          PC \u2192 Unbound \u2192 ISP

          \n
          • \n
        \n
        \n
        • \n
      • \n

        Wi-Fi AP \u3092 Pi-hole \u5229\u7528\u3068\u305d\u3046\u3067\u306a\u3044\u3082\u306e\u306e2\u3064\u7528\u610f\u3059\u308b

        \n
        • \n
      \n
      \n
      • \n
    \n
    \n
    • \n
\n
\n
\n

\u5bb6\u5ead\u3084\u5c0f\u898f\u6a21\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5411\u3051?

\n
\n
\n
\n
\n

\u5225\u89e3

\n
\n
\n

Pi-hole\u306ead list\u3092\u305d\u306e\u307e\u307eor\u6574\u5f62\u3057\u3066/etc/hosts\u306b\u7a81\u3063\u8fbc\u3081\u3070\u3068\u308a\u3042\u3048\u305ablock\u3067\u304d\u308b
\n(Unbound\u3084Dnsmasq\u3068\u304b\u306b\u5165\u308c\u3066\u3082)

\n
\n
\n
ad list
\n
\n
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts\r\nhttps://mirror1.malwaredomains.com/files/justdomains\r\nhttp://sysctl.org/cameleon/hosts\r\nhttps://zeustracker.abuse.ch/blocklist.php?download=domainblocklist\r\nhttps://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt\r\nhttps://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt\r\nhttps://hosts-file.net/ad_servers.txt
\n
\n
\n
\n
list\u306e\u5185\u5bb9
\n
\n
$ wget -q -O - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts | lv\r\n  :\r\n0.0.0.0 1493361689.rsc.cdn77.org\r\n0.0.0.0 30-day-change.com\r\n0.0.0.0 2468.go2cloud.org\r\n0.0.0.0 adservice.google.nl\r\n0.0.0.0 adsmws.cloudapp.net\r\n  :\r\n$ wget -q -O - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts|lv\r\namazon.co.uk.security-check.ga\r\nautosegurancabrasil.com\r\ndadossolicitado-antendimento.sad879.mobi\r\nhitnrun.com.my\r\nmaruthorvattomsrianjaneyatemple.org\r\n  :
\n
\n
\n
\n
\n
\n

\u5225\u89e3?

\n
\n
\n

\u30a6\u30a7\u30d6\u30d6\u30e9\u30a6\u30b8\u30f3\u30b0\u6642\u306b\u5e83\u544a\u3060\u3051\u3067\u306a\u304f\u30c8\u30e9\u30c3\u30ad\u30f3\u30b0\u306a\u3069\u3082\u8003\u616e
\n\u3053\u306e\u3042\u305f\u308a\u306f\u3053\u307e\u3081\u306b\u8a2d\u5b9a\u304c\u5fc5\u8981\u306a\u306e\u3067\u4e00\u62ec\u7ba1\u7406\u306f\u96e3\u3057\u305d\u3046

\n
\n
\n\n
\n
\n
\n
\n

Pi-hole

\n
\n
\n
    \n
  • \n

    \u5c0e\u5165\u304c\u7c21\u5358

    \n
    • \n
  • \n

    \u30ea\u30bd\u30fc\u30b9\u5c11\u306a\u3081

    \n
    • \n
  • \n

    \u7ba1\u7406\u753b\u9762\u304c\u308f\u304b\u308a\u3084\u3059\u3044

    \n
    • \n
  • \n

    \u5bb6\u5ead\u3084\u5c0f\u898f\u6a21\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5411\u3051?

    \n
    • \n
\n
\n
\n
\n
\n

QA

\n
\n
\n
*BSD\u3068\u304b\u3067\u306f\u52d5\u304b\u305b\u306a\u3044?
\n
\n
\n

\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u78ba\u8a8d\u3068\u5c0e\u5165\u5468\u308a\u3068\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u8a2d\u5b9a\u3042\u305f\u308a\u3092\u5408\u308f\u305b\u308c\u3070\u3044\u3051\u308b\u306e\u3067\u306f?
\n\u3067\u3082hosts\u3084Unbound\u306a\u3069\u3067\u8a2d\u5b9a\u3057\u305f\u307b\u3046\u304c\u304d\u3063\u3068\u697d

\n
\n
\n
\n
\n
\u5e83\u544a\u304cdomain\u3067\u306f\u306a\u304fip\u3067\u914d\u4fe1\u3055\u308c\u308b\u3088\u3046\u306b\u306a\u3063\u305f\u3089?
\n
\n
\n

ip\u30a2\u30c9\u30ec\u30b9\u3092 Pi-hole \u306e Block list \u306b\u767b\u9332\u3057\u3066\u307f\u305f\u3089\u767b\u9332\u3067\u304d\u305f\uff0e\u3057\u304b\u3057\u30d6\u30ed\u30c3\u30af\u306f\u3067\u304d\u306a\u304b\u3063\u305f\uff0eiptables\u306a\u3069\u3067\u30d6\u30ed\u30c3\u30af\u3059\u308b\u611f\u3058?

\n
\n
\n
\n
\n
\n", "content_text": "2018-08-18 \u306e\u9e7f\u5150\u5cf6Linux\u52c9\u5f37\u4f1a 2018.08 \u3067\u767a\u8868\u3057\u305f\u3082\u306e\u306b\u52a0\u7b46\u4fee\u6b63\u3057\u305f\u3082\u306e\uff0e\n\n\n\n\n\u9e7f\u5150\u5cf6Linux\u52c9\u5f37\u4f1a 2018.08 – connpass\n\n\n\u9e7f\u5150\u5cf6\u3089\u3050(Linux User\u2019s Group)\n\n\n\n\n\u30a2\u30c9\u30d6\u30ed\u30c3\u30ab\u30fc?\n\n\n\n\n\u5e83\u544a\u3092\u30d6\u30ed\u30c3\u30af\n\n\n\u30d6\u30e9\u30a6\u30b6\u306e\u62e1\u5f35\u6a5f\u80fd\u306a\u3069\u3067\u5b9f\u73fe\u3059\u308b\u306e\u304c\u4e00\u822c\u7684(\u91cd\u3044&\u30d6\u30e9\u30a6\u30b6\u6bce\u306b\u8a2d\u5b9a\u304c\u5fc5\u8981)\n\n\n\nuBlock Origin\u7b49\n\n\n\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30d6\u30e9\u30a6\u30b8\u30f3\u30b0\u30e2\u30fc\u30c9\u3067\u306f(\u57fa\u672c\u7684\u306b)\u5229\u7528\u3067\u304d\u306a\u3044\n\n\n\n\n\n\u30b9\u30de\u30fc\u30c8\u30d5\u30a9\u30f3\u306f?\n\n\n\nroot\u306a\u3069\u304c\u5fc5\u8981(\u30a6\u30a7\u30d6\u30d6\u30e9\u30a6\u30b8\u30f3\u30b0\u306f\u62e1\u5f35\u6a5f\u80fd\u3084\u5e83\u544a\u30d6\u30ed\u30c3\u30af\u6a5f\u80fd\u306e\u3042\u308b\u30a6\u30a7\u30d6\u30d6\u30e9\u30a6\u30b6\u306a\u3069\u3067\u56de\u907f\u53ef\u80fd)\n\n\n\n\n\n\n\n\n\nPi-hole\n\n\n\n\nPi-hole\u00ae: A black hole for Internet advertisements \u2013 curl -sSL https://install.pi-hole.net | bash\n\n\n\n\n\n\n\n\n\nDNS\u30ad\u30e3\u30c3\u30b7\u30e5\u30b5\u30fc\u30d0\u3068\u3057\u3066\u52d5\u4f5c\u3057\u3066\u5e83\u544a\u3092DNS\u30d9\u30fc\u30b9\u3067\u30d6\u30ed\u30c3\u30af\n\n\n\nPC\u5074\u3067\u306f\u8a2d\u5b9a\u4e0d\u8981 or DNS\u8a2d\u5b9a\u306e\u307f\n\n\n\u8efd\u3044\n\n\n\n\n\nWeb\u30d9\u30fc\u30b9\u306e\u7ba1\u7406\u753b\u9762\u304c\u5229\u7528\u53ef\u80fd\n\n\nDNS\u4ee5\u5916\u306bDHCP\u30b5\u30fc\u30d0\u6a5f\u80fd\u3082\u5229\u7528\u53ef\u80fd\n\n\n\n\n\n\n\u52d5\u4f5c\u8981\u4ef6\n\n\n\u540d\u524d\u306bPi\u3068\u3064\u3044\u3066\u3044\u308b\u3057\u4e8b\u4f8b\u304c\u591a\u3044\u304cRaspberry Pi\u4ee5\u5916\u3067\u3082\u52d5\u4f5c\u3059\u308b\n\n\nhttps://discourse.pi-hole.net/t/hardware-software-requirements/273\n\nHardware\r\nPi-hole is very lightweight as it only handles DNS queries and returns a blank HTML file so it doesn\u2019t need much processing power.\r\n\r\n~52MB of free space\r\n512 MB RAM\r\nSoftware\r\nPi-hole will run on most Debian-based distro\u2019s and is the preferred platform for it.\r\n\r\nWe officially support the following:\r\n\r\nRaspbian: Jessie/Stretch\r\nUbuntu: 16.04 / 16.10\r\nDebian: 8 / 9\r\nFedora 26\r\nCentOS: 7 (not ARM)\n\n\n\n\n\n\u5c0e\u5165\u4f8b\n\n\n\u304a\u624b\u8efd\u306a\u30a4\u30f3\u30b9\u30c8\u30fc\u30ebscript\u304c\u7528\u610f\u3055\u308c\u3066\u3044\u308b\n\u516c\u5f0f\u30da\u30fc\u30b8\u3067\u306f\uff0c\n\n\n\ncurl -sSL https://install.pi-hole.net | bash\n\n\n\n\u3068\u306f\u3044\u3048\u6016\u3044\u306e\u3067\uff0c\u3053\u3093\u306a\u611f\u3058\u3067\u5165\u308c\u305f\n\n\n\n$ wget -O basic-install.sh https://install.pi-hole.net\r\n$ lv basic-install.sh\r\n$ sudo porg -lp pi-hole bash ./basic-install.sh\n\n\n\n\n\n\u30a4\u30f3\u30b9\u30c8\u30fc\u30e9\u306fTUI\u3067\u3044\u304f\u3064\u304b\u306e\u9078\u629e\u80a2\u304c\u8868\u793a\u3055\u308c\u308b\n\n\n\u8a2d\u5b9a\u306f\u3053\u306e\u3042\u305f\u308a\u306b/etc/pihole/setupVars.conf\n\n\n\u30a2\u30f3\u30b9\u30c8\u30fc\u30e9\u30fc\u3082\u3064\u3044\u3066\u3044\u308b\u304c\uff0c\u30d1\u30c3\u30b1\u30fc\u30b8\u5468\u308a\u3068\u304b\u9762\u5012(\u5c0e\u5165\u6e08\u307f\u3060\u3063\u305f\u304b\u3069\u3046\u304b\u95a2\u4fc2\u306a\u304f\u95a2\u9023\u30d1\u30c3\u30b1\u30fc\u30b8\u30921\u3064\u3065\u3064\u78ba\u8a8d\u3057\u306a\u3044\u3068\u3044\u3051\u306a\u3044)\u306a\u306e\u3067chroot\u74b0\u5883\u306a\u3069\u3067\u8a66\u3057\u305f\u307b\u3046\u304c\u826f\u3044\n\n\n\n\n\n\nlogo\n\n\n\n\n\n\n\nDNS\u306e\u9078\u629e\n\n\n\n\nPublic DNS\u5404\u7a2e\u3082\u3057\u304f\u306fCustom\u304b\u3089\u4efb\u610f\u306eDNS\u304c\u6307\u5b9a\u53ef\u80fd\n\n\n\u4eca\u56de\u306f\u81ea\u5206\u306e\u5bb6\u306eUnbound\u3092\u6307\u5b9a\n\n\n\u5fc5\u8981\u306a\u30d1\u30c3\u30b1\u30fc\u30b8\u306f\u81ea\u52d5\u3067\u5c0e\u5165\u3055\u308c\u308b", "date_published": "2018-09-01T21:57:27+09:00", "date_modified": "2018-09-01T21:57:27+09:00", "authors": [ { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" } ], "author": { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" }, "tags": [ "AdBlock", "DNS", "Pi-hole", "Linux" ] } ] }