A simple single file smart sni proxy with doh and dot written in go.
This DNS Proxy Server is a Go-based server capable of handling both DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) requests. It features rate limiting and can process DNS queries based on a custom JSON configuration file.
- DNS-over-HTTPS (DoH): Accepts and processes DNS queries over HTTPS.
- DNS-over-TLS (DoT): Accepts and processes DNS queries over TLS.
- Rate Limiting: Throttles the number of requests using a limiter.
- Custom Domain Handling: Matches DNS queries to a list of specified domains and returns corresponding IP addresses.
- SNI Proxy: Proxies non-matching domains to their respective addresses.
- Configurable: Uses a
config.json
file to define behavior for specified domains.
The server uses a config.json
file which should be structured as follows:
{
"host": "your.host.com",
"domains": {
"example.com": "1.2.3.4",
"anotherdomain.com": "1.2.3.4"
}
}
Replace the IP addresses with your server's public IP to ensure transparent proxying(Here it's 1.2.3.4).
You can use this code to proxy all domains(its not recommended)
{
"host": "your.host.com",
"domains": {
".": "1.2.3.4"
}
}
The DoT and DOH servers expect TLS certificates to be located at /etc/letsencrypt/live/your.host.com/
. Make sure you have valid certificates named fullchain.pem
and privkey.pem
.
You can obtain a valid certificate for your domain with lets encrypt
bash <(curl -fsSL https://raw.githubusercontent.com/bepass-org/smartSNI/main/install.sh)
- Install Requirements
apt update
apt install nginx certbot python3-certbot-nginx
snap install go --classic
- Change server_name in /etc/nginx/sites-enabled/default to your
domain
- Obtain a valid certificate for nginx
certbot --nginx -d <YOUR_DOMAIN>
- Clone the repository to your local machine.
- Create and configure your
config.json
file. - Run
go build
to compile the server. - Run the compiled binary to start the server in tmux or in background with nohup.
./name-of-compiled-binary
The server uses the golang.org/x/time/rate
package to implement rate limiting. You can adjust the rate limiter in the main
function to suit your needs.
Contributions to this project are welcome. Please fork the repository, make your changes, and submit a pull request.
Special thanks to Peyman for auto install script.
from https://github.com/bepass-org/smartSNI
No comments:
Post a Comment