OpenWrt使用ADGuard+小猫咪+SmartDns进行国内国外分流组网详细教程
本帖最后由 OEONE 于 2023-4-7 11:58 编辑新帖已经更新:【2023年最新版】OpenWrt使用小猫咪103版本+Mosdns v5进行国内国外分流组网详细教程前言
本教程的目的是介于目前市面上还有很多使用了垃圾宽带导致日常上网体验及其不稳定的情况下,使用开源服务SmartDns搭配ADGuard进行全套的上网加速功能。本教程适用于各种固件,请自行解决安装问题,文章中示范固件为OpenWrt。
一:SmartDns
1、启用smartdns,端口默认「6053」,开启「域名预加载」,「过期缓存服务」,重定向选择「无」,缓存大小可根据需求填入,这里填入「1024」,域名TTL可根据需求填入,这里填入「30」、域名TTL最小值填入「30」、域名TTL最大值填入「300」。
2、上游dns服务器可以选择几个公共dns,还可以选配自己带宽自带dns。但是为了减少dns查询次数和时间,一般不建议超过10个,在这里我们只选择1个国内的,例如:
而且不需要详细设置。
不用怀疑,这里不需要添加国外的DNS,因为在后面会一次性完善。
3、启用第二DNS服务器,端口默认「6553」,开启「TCP服务器」,服务器组填入GLOBAL。
4、自定义设置里填入以下规则:
speed-check-mode ping
server 114.114.114.114 -group CN -check-edns #国内
server 180.76.76.76 -group CN -check-edns #国内
server 223.5.5.5 -group CN -check-edns #国内
server 119.29.29.29 -group CN -check-edns #国内
server 61.132.163.68 -group CN -check-edns #国内
server-tcp 1.1.1.1 -group GLOBAL -check-edns-exclude-default-group #国外
server-tcp 8.8.8.8 -group GLOBAL -check-edns-exclude-default-group #国外
server-tcp 9.9.9.9 -group GLOBAL -check-edns-exclude-default-group #国外
server-tcp 208.67.222.222 -group GLOBAL -check-edns-exclude-default-group #国外
注意:以上规则中的IP可根据自己实际需要自行修改。
二:小猫咪
「DNS设置」->「*本地DNS劫持」选择禁用,「自定义上游DNS服务器」选择启用,「禁止Dnsmasq缓存DNS」选择启用。
上游DNS服务器设置,有且只能添加两条规则如下:
三:AdGuard Home
1、首先更新核心版本,然后点击「详细日志」、「开机后网络准备好时重启」、「在关机时备份工作目录文件」所有的√。
重定向方式任选以下其一:
一:「作为dnsmasq的上游服务器」
二:「重定向53端口到ADGuardHome」
2、打开「手动设置」,把附录2中的模板文件全部替换进去,然后点击保存并应用。
注:不要点使用模板。
3、打开AdGuardHome网页,点击「过滤器」->「DNS封锁清单」,检查更新即可。
修改密码方法:点击AdGuard Home在OpenWrt的设置页面下方的「更多选项」选择改变网页登录密码点击添加,然后点击载入计算模块,输入你想要的密码,点击计算,最后复制生成的密钥到「手动设置」页面复制进第五行password后面。
4、最新版更新方法:
https://static.adguard.com/adguardhome/edge/AdGuardHome_linux_$%7BArch%7D.tar.gz
注:lan口设置
设置lan口dns服务器为本机,即127.0.0.1。
附加:
1、smartdnsblacklist名单
blacklist-ip 8.7.198.45
blacklist-ip 31.13.64.1
blacklist-ip 31.13.64.33
blacklist-ip 31.13.64.49
blacklist-ip 31.13.65.1
blacklist-ip 31.13.65.17
blacklist-ip 31.13.65.18
blacklist-ip 31.13.66.1
blacklist-ip 31.13.66.6
blacklist-ip 31.13.66.23
blacklist-ip 31.13.68.1
blacklist-ip 31.13.68.22
blacklist-ip 31.13.69.33
blacklist-ip 31.13.69.86
blacklist-ip 31.13.69.129
blacklist-ip 31.13.69.160
blacklist-ip 31.13.70.1
blacklist-ip 31.13.70.20
blacklist-ip 31.13.71.7
blacklist-ip 31.13.71.23
blacklist-ip 31.13.72.1
blacklist-ip 31.13.72.17
blacklist-ip 31.13.72.23
blacklist-ip 31.13.72.34
blacklist-ip 31.13.72.54
blacklist-ip 31.13.73.1
blacklist-ip 31.13.73.17
blacklist-ip 31.13.73.23
blacklist-ip 31.13.74.1
blacklist-ip 31.13.74.17
blacklist-ip 31.13.75.17
blacklist-ip 31.13.75.18
blacklist-ip 31.13.76.8
blacklist-ip 31.13.76.16
blacklist-ip 31.13.77.33
blacklist-ip 31.13.77.55
blacklist-ip 31.13.78.65
blacklist-ip 31.13.78.66
blacklist-ip 31.13.79.1
blacklist-ip 31.13.79.17
blacklist-ip 31.13.80.1
blacklist-ip 31.13.80.17
blacklist-ip 31.13.81.1
blacklist-ip 31.13.81.17
blacklist-ip 31.13.82.1
blacklist-ip 31.13.82.17
blacklist-ip 31.13.82.23
blacklist-ip 31.13.83.1
blacklist-ip 31.13.83.8
blacklist-ip 31.13.83.16
blacklist-ip 31.13.84.1
blacklist-ip 31.13.84.8
blacklist-ip 31.13.84.16
blacklist-ip 31.13.85.1
blacklist-ip 31.13.85.8
blacklist-ip 31.13.85.16
blacklist-ip 31.13.86.1
blacklist-ip 31.13.86.8
blacklist-ip 31.13.86.16
blacklist-ip 31.13.97.245
blacklist-ip 31.13.97.248
blacklist-ip 46.82.174.68
blacklist-ip 59.24.3.173
blacklist-ip 64.13.192.74
blacklist-ip 64.13.192.76
blacklist-ip 64.13.232.149
blacklist-ip 66.220.146.94
blacklist-ip 66.220.147.11
blacklist-ip 66.220.147.44
blacklist-ip 66.220.147.47
blacklist-ip 66.220.149.18
blacklist-ip 66.220.149.32
blacklist-ip 66.220.149.99
blacklist-ip 66.220.151.20
blacklist-ip 66.220.152.17
blacklist-ip 66.220.152.28
blacklist-ip 66.220.155.12
blacklist-ip 66.220.155.14
blacklist-ip 66.220.158.32
blacklist-ip 67.15.100.252
blacklist-ip 67.15.129.210
blacklist-ip 67.228.37.26
blacklist-ip 67.228.74.123
blacklist-ip 67.228.102.32
blacklist-ip 67.228.126.62
blacklist-ip 67.228.221.221
blacklist-ip 67.228.235.91
blacklist-ip 67.228.235.93
blacklist-ip 69.63.176.15
blacklist-ip 69.63.176.59
blacklist-ip 69.63.176.143
blacklist-ip 69.63.178.13
blacklist-ip 69.63.180.173
blacklist-ip 69.63.181.11
blacklist-ip 69.63.181.12
blacklist-ip 69.63.184.14
blacklist-ip 69.63.184.30
blacklist-ip 69.63.184.142
blacklist-ip 69.63.186.30
blacklist-ip 69.63.186.31
blacklist-ip 69.63.187.12
blacklist-ip 69.63.189.16
blacklist-ip 69.63.190.26
blacklist-ip 69.171.224.12
blacklist-ip 69.171.224.40
blacklist-ip 69.171.224.85
blacklist-ip 69.171.225.13
blacklist-ip 69.171.227.37
blacklist-ip 69.171.228.20
blacklist-ip 69.171.228.74
blacklist-ip 69.171.229.11
blacklist-ip 69.171.229.28
blacklist-ip 69.171.229.73
blacklist-ip 69.171.230.18
blacklist-ip 69.171.232.21
blacklist-ip 69.171.233.24
blacklist-ip 69.171.233.33
blacklist-ip 69.171.233.37
blacklist-ip 69.171.234.18
blacklist-ip 69.171.234.29
blacklist-ip 69.171.234.48
blacklist-ip 69.171.235.16
blacklist-ip 69.171.235.64
blacklist-ip 69.171.235.101
blacklist-ip 69.171.237.16
blacklist-ip 69.171.237.26
blacklist-ip 69.171.239.11
blacklist-ip 69.171.240.27
blacklist-ip 69.171.242.11
blacklist-ip 69.171.242.30
blacklist-ip 69.171.244.11
blacklist-ip 69.171.244.12
blacklist-ip 69.171.244.15
blacklist-ip 69.171.245.49
blacklist-ip 69.171.245.53
blacklist-ip 69.171.245.84
blacklist-ip 69.171.246.9
blacklist-ip 69.171.247.20
blacklist-ip 69.171.247.32
blacklist-ip 69.171.247.71
blacklist-ip 69.171.248.65
blacklist-ip 69.171.248.112
blacklist-ip 69.171.248.128
blacklist-ip 74.86.3.208
blacklist-ip 74.86.12.172
blacklist-ip 74.86.12.173
blacklist-ip 74.86.17.48
blacklist-ip 74.86.118.24
blacklist-ip 74.86.142.55
blacklist-ip 74.86.151.162
blacklist-ip 74.86.151.167
blacklist-ip 74.86.226.234
blacklist-ip 74.86.228.110
blacklist-ip 74.86.235.236
blacklist-ip 75.126.2.43
blacklist-ip 75.126.33.156
blacklist-ip 75.126.115.192
blacklist-ip 75.126.124.162
blacklist-ip 75.126.135.131
blacklist-ip 75.126.150.210
blacklist-ip 75.126.164.178
blacklist-ip 75.126.215.88
blacklist-ip 78.16.49.15
blacklist-ip 88.191.249.182
blacklist-ip 88.191.249.183
blacklist-ip 88.191.253.157
blacklist-ip 93.46.8.89
blacklist-ip 173.252.73.48
blacklist-ip 173.252.100.21
blacklist-ip 173.252.100.32
blacklist-ip 173.252.102.16
blacklist-ip 173.252.102.241
blacklist-ip 173.252.103.64
blacklist-ip 173.252.110.21
blacklist-ip 174.36.196.242
blacklist-ip 174.36.228.136
blacklist-ip 174.37.54.20
blacklist-ip 174.37.154.236
blacklist-ip 174.37.175.229
blacklist-ip 199.16.156.7
blacklist-ip 199.16.156.40
blacklist-ip 199.16.158.190
blacklist-ip 199.59.148.14
blacklist-ip 199.59.148.97
blacklist-ip 199.59.148.140
blacklist-ip 199.59.148.209
blacklist-ip 199.59.149.136
blacklist-ip 199.59.149.244
blacklist-ip 199.59.150.11
blacklist-ip 199.59.150.49
blacklist-ip 205.186.152.122
blacklist-ip 208.43.170.231
blacklist-ip 208.43.237.140
blacklist-ip 208.101.21.43
blacklist-ip 208.101.48.171
blacklist-ip 208.101.60.87
blacklist-ip 243.185.187.39
2、adg懒人模板
bind_host: 0.0.0.0
bind_port: 3000
users:
- name: root
password: $2a$10$R823NIDOLRWukfXH8L5yRewC8bahsXtjfM/0Pqt6rCdR37dZllveO
http_proxy: ""
language: ""
rlimit_nofile: 0
debug_pprof: false
web_session_ttl: 720
dns:
bind_host:0.0.0.0
port: 5553
statistics_interval: 7
querylog_enabled: true
querylog_interval:1
querylog_size_memory: 1000
anonymize_client_ip: false
protection_enabled: true
blocking_mode: default
blocking_ipv4: ""
blocking_ipv6: ""
blocked_response_ttl: 10
parental_block_host: family-block.dns.adguard.com
safebrowsing_block_host: standard-block.dns.adguard.com
ratelimit: 0
ratelimit_whitelist: []
refuse_any:true
upstream_dns:
-127.0.0.1:7874
bootstrap_dns:
-114.114.114.114
- 1.1.1.1
- 2620:fe::10
- 2620:fe::fe:10
all_servers:false
fastest_addr:false
allowed_clients: []
disallowed_clients: []
blocked_hosts: []
cache_size:4194304
cache_ttl_min: 0
cache_ttl_max: 0
bogus_nxdomain: []
aaaa_disabled: false
enable_dnssec: false
edns_client_subnet:false
filtering_enabled: true
filters_update_interval: 24
parental_enabled: false
safesearch_enabled: false
safebrowsing_enabled: false
safebrowsing_cache_size: 1048576
safesearch_cache_size: 1048576
parental_cache_size:1048576
cache_time:30
rewrites: []
blocked_services: []
tls:
enabled:false
server_name:""
force_https:false
port_https:443
port_dns_over_tls: 853
allow_unencrypted_doh: false
strict_sni_check: false
certificate_chain:""
private_key:""
certificate_path: ""
private_key_path: ""
filters:
- enabled: true
url:https://raw.githubusercontent.co ... filters/filters.txt
name: uBlockfilters
id:1587388244
- enabled: true
url:https://raw.githubusercontent.co ... filters/badware.txt
name: uBlockfilters – Badware risks
id:1587388245
- enabled: true
url:https://raw.githubusercontent.co ... filters/privacy.txt
name: uBlockfilters – Privacy
id:1587394825
- enabled: true
url:https://raw.githubusercontent.co ... /resource-abuse.txt
name: uBlockfilters – Resource abuse
id:1587394826
- enabled: true
url:https://raw.githubusercontent.co ... filters/unbreak.txt
name: uBlockfilters -- Unbreak
id:1587394827
- enabled: true
url:https://filters.adtidy.org/exten ... ithout_easylist.txt
name: AdGuardBase filter
id:1587394828
- enabled: true
url:https://filters.adtidy.org/extension/chromium/filters/2.txt
name: AdGuardBase filter
id:1587394829
- enabled: true
url:https://filters.adtidy.org/extension/ublock/filters/11.txt
name: AdGuardMobile Ads filter
id:1587394830
- enabled: true
url:https://easylist.to/easylist/easylist.txt
name:EasyList
id:1587394831
- enabled: true
url:https://easylist.to/easylist/easyprivacy.txt
name:EasyPrivacy
id:1587394832
- enabled: true
url:https://gitcdn.xyz/cdn/NanoMeow/ ... 16d692c64/hosts.txt
name: MalwareDomain List
id:1587394833
- enabled: true
url:https://mirror.cedia.org.ec/malwaredomains/justdomains
name:justdomains
id:1587394834
- enabled: true
url:https://pgl.yoyo.org/adservers/s ... &mimetype=plaintext
name: PeterLowe’s Ad and tracking server list
id:1587394835
- enabled: true
url:https://raw.githubusercontent.co ... /master/cjxlist.txt
name: CJX'sEasyList Lite
id:1587394836
- enabled: true
url:https://raw.githubusercontent.co ... ster/data/tvbox.txt
name: tvbox
id:1575018007
- enabled: true
url:https://hosts.nfz.moe/full/hosts
name:neoHosts full
id:1575618240
- enabled: true
url:https://hosts.nfz.moe/basic/hosts
name:neoHosts basic
id:1575618241
- enabled: true
url:http://sbc.io/hosts/hosts
name:StevenBlack host basic
id:1575618242
- enabled: true
url:https://cdn.jsdelivr.net/gh/priv ... nti-ad-easylist.txt
name:anti-AD(Adblock+neohosts+yhosts+cjxlist+adhlist)
id: 1577113202
- enabled: true
url:https://gitee.com/xinggsf/Adblock-Rule/raw/master/rule.txt
name: 码云
id:1592991052
- enabled: true
url:https://gitee.com/xinggsf/Adblock-Rule/raw/master/mv.txt
name: MV
id:1592991053
- enabled: true
url:http://sub.adtchrome.com/adt-chinalist-easylist.txt
name:ChinaList+EasyList(修正)
id:1592991058
- enabled: true
url:https://www.daxiaamu.com/wp-content/uploads/files/blocklist.txt
name:blocklist
id:1592991065
- enabled: true
url: http://git.oschina.net/halflife/list/raw/master/ad.txt
name: MyAdFilters
id:1592991067
- enabled: true
url:https://filters.adtidy.org/extension/chromium/filters/10.txt
name: Filterunblocking search ads and self-promotion
id:1592991069
- enabled: true
url:https://filters.adtidy.org/extension/chromium/filters/14.txt
name: AdGuardAnnoyances filter
id:1592991070
- enabled: true
url:https://filters.adtidy.org/extension/chromium/filters/3.txt
name: AdGuardTracking Protection filter
id:1592991071
- enabled: true
url:https://raw.githubusercontent.co ... r/cjx-annoyance.txt
name: CJX'sAnnoyance List
id: 1593149805
- enabled: true
url:https://easylist-downloads.adblockplus.org/easylistchina.txt
name:EasyList China
id:1593149807
- enabled: true
url:https://easylist-downloads.adblockplus.org/fanboy-social.txt
name:Fanboy's Social Blocking List
id:1593149810
- enabled: true
url:https://gitee.com/banbendalao/adguard/raw/master/ADgk.txt
name: adgk手机去广告规则
id:1593149812
- enabled: true
url:https://cdn.jsdelivr.net/gh/priv ... nti-ad-easylist.txt
name: anti-AD
id:1593149815
- enabled: true
url:http://winhelp2002.mvps.org/hosts.txt
name: MVPSHOSTS
id:1593149817
- enabled: true
url: https://filters.adtidy.org/extension/chromium/filters/15.txt
name: AdGuardSimplified domain names filter
id:1593149818
- enabled: true
url:https://easylist.to/easylist/fanboy-annoyance.txt
name:Fanboy's Annoyance List
id:1593149820
- enabled: true
url:https://fanboy.co.nz/enhancedstats.txt
name:Fanboy's Enhanced Tracking List
id:1593149821
- enabled: true
url:https://easylist-downloads.adblockplus.org/antiadblockfilters.txt
name: AdblockWarning Removal List
id: 1593149822
- enabled: true
url:https://raw.githubusercontent.co ... -killer-filters.txt
name: AakList(Anti-Adblock Killer)
id:1593149823
- enabled: true
url:https://easylist-downloads.adblo ... aredomains_full.txt
name: malwaredomains
id:1593149824
whitelist_filters: []
user_rules:
- ""
dhcp:
enabled:false
interface_name: ""
gateway_ip:""
subnet_mask:""
range_start:""
range_end:""
lease_duration: 86400
icmp_timeout_msec: 1000
clients: []
log_file: ""
verbose: false
schema_version: 6
一楼沙发
二楼板凳 2楼板凳https://www.right.com.cn/forum//mobcent//app/data/phiz/default/03.png
3楼独脚凳:( 先收藏了,虽然看不懂,饮料 plus怎么用 gl_wuxi 发表于 2020-9-6 22:13
先收藏了,虽然看不懂,饮料 plus怎么用
那个不支持这种高级操作 我没太理解你的做法。首先,clash劫持了DNS,此时提供DNS服务的有两个端口,一是国内一是国外,clash只劫持了国内,那么国外怎么解析?另外,ADH里的上游DNS端口为7894,这又是哪来的?然后现在我不太明白整个DNS解析的流程是怎么样的。 现在设备收到的DNS服务器为op,op的dnsmasq上游是ADH,ADH的上游是7894,然后clash又劫持了smartdns的结果,那么。。。。 先收藏,再学习
非常不错,楼主如果能画一个dns路径图就更好理解了 本帖最后由 OEONE 于 2020-9-7 08:32 编辑
cyberzyh 发表于 2020-9-7 01:14
我没太理解你的做法。首先,clash劫持了DNS,此时提供DNS服务的有两个端口,一是国内一是国外,clash只劫持 ...
你看错了,不是7894,是7874,也就是小猫咪的dns。完整的dns路径。简单来说就是adg是dnsmasq的上游,小猫咪是adg的上游,smartdns是小猫咪的上游。 本帖最后由 OEONE 于 2020-9-7 08:30 编辑
guhill 发表于 2020-9-7 08:12
非常不错,楼主如果能画一个dns路径图就更好理解了
借楼回复一下完整的dns路径。简单来说就是adg是dnsmasq的上游,小猫咪是adg的上游,smartdns是小猫咪的上游 OEONE 发表于 2020-9-7 08:28
借楼回复一下完整的dns路径。简单来说就是adg是dnsmasq的上游,小猫咪是adg的上游,smartdns是小猫咪的上 ...
多谢解答,理解了 无意之中看到adguardhome的核心无效的解决。但是我用了楼主的方案还是不行 本帖最后由 OEONE 于 2020-9-7 09:02 编辑
铁甲依然在 发表于 2020-9-7 08:51
无意之中看到adguardhome的核心无效的解决。但是我用了楼主的方案还是不行
这样啊,我也是在github看见的,我去看了一下,作者已经更新了最新版,应该修复了,https://github.com/kongfl888/luci-app-adguardhome/releases/tag/v1.8-20200824