杭州电信DNS
202.101.172.35
202.101.172.47
wget https://thekelleys.org.uk/dnsmasq/dnsmasq-2.78.tar.gz
tar xvf dnsmasq-2.78.tar.gz
cd dnsmasq-2.78
make
sudo make install
sudo /usr/local/sbin/dnsmasq
检查DNS服务器服务开启(53端口)
telnet x.x.x.x 53
Ctrl + ]
quit
# CentOS6
iptables -L -n
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
iptables -I INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
/etc/init.d/iptables save
/etc/init.d/iptables restart
# CentOS7
default_zone=$(firewall-cmd --get-default-zone) # public
firewall-cmd --permanent --zone=${default_zone} --add-port=53/tcp
firewall-cmd --permanent --zone=${default_zone} --add-port=53/udp
firewall-cmd --reload
能ping通,但是telnet ip port 提示
Trying x.x.x.x...
telnet: connect to address x.x.x.x: No route to host
服务端lsof -i:端口号,有输出
[user@vultr dnsmasq-2.78]$ sudo lsof -i:53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
dnsmasq 23058 nobody 4u IPv4 131090 0t0 UDP *:domain
dnsmasq 23058 nobody 5u IPv4 131091 0t0 TCP *:domain (LISTEN)
dnsmasq 23058 nobody 6u IPv6 131092 0t0 UDP *:domain
dnsmasq 23058 nobody 7u IPv6 131093 0t0 TCP *:domain (LISTEN)
说明防火墙的问题
欢迎使用 Microsoft Telnet Client Escape 字符为 'CTRL+]' Microsoft Telnet> quit
yum provides */dig
sudo yum install bind-utils
firewall.sh 添加指定端口允许防火墙通过
#!/usr/bin/env bash
if [ "$#" -ne 1 ]; then
echo "Usage: $0 PORT"
exit 22 # Invalid Arguments
fi
PORT=$1
default_zone=$(firewall-cmd --get-default-zone)
firewall-cmd --permanent --zone=${default_zone} --add-port=${PORT}/tcp
firewall-cmd --permanent --zone=${default_zone} --add-port=${PORT}/udp
firewall-cmd --reload
firewall-cmd --state
firewall-cmd --list-all --zone=${default_zone}
[mzh@vultr workspace]$ sudo ./firewall.sh 12345
success
success
success
running
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client ssh
ports: 15544/tcp 15544/udp 12839/tcp 12839/udp 80/tcp 80/udp 8080/tcp 8080/udp 8081/tcp 8081/udp 12345/tcp 12345/udp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
注意: 访问IPv6地址要用方括号[]括起来
http://[2001:19f0:7001:1046:5400:4ff:****:****]:8080/index.html
配置ssh同理