wen-long/DNS.md

## clear DNS source.txt
整理结果

#wiki
#https://zh.wikipedia.org/wiki/%E5%9F%9F%E5%90%8D%E6%9C%8D%E5%8A%A1%E5%99%A8%E7%BC%93%E5%AD%98%E6%B1%A1%E6%9F%93
4.36.66.178
8.7.198.45
37.61.54.158
46.82.174.68
59.24.3.173
64.33.88.161
64.33.99.47
64.66.163.251
65.104.202.252
65.160.219.113
66.45.252.237
72.14.205.99
72.14.205.104
78.16.49.15
93.46.8.89
128.121.126.139
159.106.121.75
169.132.13.103
192.67.198.6
202.106.1.2
202.181.7.85
203.98.7.65
203.161.230.171
207.12.88.98
208.56.31.43
209.36.73.33
209.145.54.50
209.220.30.174
211.94.66.147
213.169.251.35
216.221.188.182
216.234.179.13
243.185.187.39

bogus domain
bogus-nxdomain.china.conf
https://raw.github.com/felixonmars/dnsmasq-china-list/master/bogus-nxdomain.china.conf

#OpenDNS
67.215.65.132
67.215.77.132
208.69.34.132
208.69.32.132

#DNSPai
123.125.81.12
101.226.10.8

#Nanfang Unicom (nfdnserror1.wo.com.cn to nfdnserror17.wo.com.cn)
220.250.64.18
220.250.64.19
220.250.64.20
220.250.64.21
220.250.64.22
220.250.64.23
220.250.64.24
220.250.64.25
220.250.64.26
220.250.64.27
220.250.64.28
220.250.64.29
220.250.64.30
220.250.64.225
220.250.64.226
220.250.64.227
220.250.64.228

#Shandong Unicom (sddnserror1.wo.com.cn to sddnserror9.wo.com.cn)
123.129.254.11
123.129.254.12
123.129.254.13
123.129.254.14
123.129.254.15
123.129.254.16
123.129.254.17
123.129.254.18
123.129.254.19

#Wuhan Telecom
58.53.211.46
58.53.211.47

#Nanjing Telecom
202.102.110.203
202.102.110.205

#Shanghai Telecom
180.168.41.175

#Beijing Unicom (bjdnserror1.wo.com.cn to bjdnserror5.wo.com.cn)
202.106.199.34
202.106.199.35
202.106.199.36
202.106.199.37
202.106.199.38

#Chengdu Telecom
61.139.8.101
61.139.8.102
61.139.8.103
61.139.8.104

#Hangzhou Telecom
60.191.124.236

#http://fxin.wap.blog.163.com/w2/blogDetail.do?hostID=fxin&blogId=fks_080068085082087064085086085095086080087064092095087
221.3.13.58
61.156.12.58
61.156.8.189

## DNS.md

      
    Raw
  

              DNS.md
            
          
    ##DNS

使用国内的干净的 DNS (OPENERDNS PandaDNS 中科大 DNS)
使用 TCP 或其他尚未被 GFW 干扰的 DNS 查询方式查询国外 DNS

pdnsd 支持 TCP
Tcp-DNS-proxy
非标准端口，德国隐私基金会, OPENDNS, V2EX DNS(3389端口可用)
dnscrypt-proxy


本地忽略虚假 DNS 应答

AntiDNSPoisoning(底层)(可以参考)
ch3n2k(用的是 iptables u32 模块)
本地运行 DNS 代理服务器

BlackHolePy
blackhole
dnschina
fqdns
dnsproxy


DNS via SOCKS5

dns-tcp-socks-proxy


###WIN下比较方便的

pydnsproxy
pwx-dns-proxy


## gen u32 string.js
//生成iptables清理DNS的u32模块使用的字符串
var ss = ['4.36.66.178','8.7.198.45','37.61.54.158','46.82.174.68','59.24.3.173','64.33.88.161','64.33.99.47','64.66.163.251','65.104.202.252','65.160.219.113','66.45.252.237','72.14.205.99','72.14.205.104','78.16.49.15','93.46.8.89','128.121.126.139','159.106.121.75','169.132.13.103','192.67.198.6','202.106.1.2','202.181.7.85','203.98.7.65','203.161.230.171','207.12.88.98','208.56.31.43','209.36.73.33','209.145.54.50','209.220.30.174','211.94.66.147','213.169.251.35','216.221.188.182','216.234.179.13','243.185.187.39','67.215.65.132','67.215.77.132','208.69.34.132','208.69.32.132','123.125.81.12','101.226.10.8','220.250.64.18','220.250.64.19','220.250.64.20','220.250.64.21','220.250.64.22','220.250.64.23','220.250.64.24','220.250.64.25','220.250.64.26','220.250.64.27','220.250.64.28','220.250.64.29','220.250.64.30','220.250.64.225','220.250.64.226','220.250.64.227','220.250.64.228','123.129.254.11','123.129.254.12','123.129.254.13','123.129.254.14','123.129.254.15','123.129.254.16','123.129.254.17','123.129.254.18','123.129.254.19','58.53.211.46','58.53.211.47','202.102.110.203','202.102.110.205','180.168.41.175','202.106.199.34','202.106.199.35','202.106.199.36','202.106.199.37','202.106.199.38','61.139.8.101','61.139.8.102','61.139.8.103','61.139.8.104','60.191.124.236','221.3.13.58','61.156.12.58','61.156.8.189'];
function ip2int(ip)
{
    var num = 0;
    ip = ip.split(".");
    num = Number(ip[0]) * 256 * 256 * 256 + Number(ip[1]) * 256 * 256 + Number(ip[2]) * 256 + Number(ip[3]);
    num = num >>> 0;
    return num;
}

var re = ["","","","","","","","","","","","","","","",""];

//10,iptables貌似最多只能有10个一起
for (i in ss) {
	re[Math.floor((i)/10)] += ("0x" + ip2int(ss[i]).toString(16) + ",");
}

## openwrt clearDNS.sh
#包含了clear DNS source.txt所有IP
#openwrt 清理DNS
iptables -N cleardns -t mangle
iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x42442b2,0x807c62d,0x253d369e,0x2e52ae44,0x3b1803ad,0x402158a1,0x4021632f,0x4042a3fb,0x4168cafc,0x41a0db71" -j DROP
iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x422dfced,0x480ecd63,0x480ecd68,0x4e10310f,0x5d2e0859,0x80797e8b,0x9f6a794b,0xa9840d67,0xc043c606,0xca6a0102" -j DROP
iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xcab50755,0xcb620741,0xcba1e6ab,0xcf0c5862,0xd0381f2b,0xd1244921,0xd1913632,0xd1dc1eae,0xd35e4293,0xd5a9fb23" -j DROP
iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xd8ddbcb6,0xd8eab30d,0xf3b9bb27,0x43d74184,0x43d74d84,0xd0452284,0xd0452084,0x7b7d510c,0x65e20a08,0xdcfa4012" -j DROP
iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdcfa4013,0xdcfa4014,0xdcfa4015,0xdcfa4016,0xdcfa4017,0xdcfa4018,0xdcfa4019,0xdcfa401a,0xdcfa401b,0xdcfa401c" -j DROP
iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdcfa401d,0xdcfa401e,0xdcfa40e1,0xdcfa40e2,0xdcfa40e3,0xdcfa40e4,0x7b81fe0b,0x7b81fe0c,0x7b81fe0d,0x7b81fe0e" -j DROP
iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x7b81fe0f,0x7b81fe10,0x7b81fe11,0x7b81fe12,0x7b81fe13,0x3a35d32e,0x3a35d32f,0xca666ecb,0xca666ecd,0xb4a829af" -j DROP
iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xca6ac722,0xca6ac723,0xca6ac724,0xca6ac725,0xca6ac726,0x3d8b0865,0x3d8b0866,0x3d8b0867,0x3d8b0868,0x3cbf7cec" -j DROP
iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdd030d3a,0x3d9c0c3a,0x3d9c08bd" -j DROP
#丢掉不包含任何查询结果的包
iptables -t mangle -I cleardns -p udp --sport 53 -m u32 --u32 "4 & 0x1FFF = 0 && 0 >> 22 & 0x3C @ 8 & 0x8000 = 0x8000 && 0 >> 22 & 0x3C @ 14 = 0" -j DROP
#丢掉Answer、Authority和Additional均为0的应答
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|81 80 00 01 00 00 00 00 00 00|" --from 30 --to 40 -j DROP

iptables -t mangle -I PREROUTING -m udp -p udp --sport 53 -j cleardns

## openwrt clearDNS_use_string_module.sh
#感谢AntiDNSPoisoning
#建议使用u32模块
#包含了clear DNS source.txt所有IP
#hex-string必须是8位,前面是0的要写

#todo bm算法可能有遗漏
#todo 不推荐在mangle表做操作
#todo 对某些情况(nslookup 递归查询联通DNS,可能会返回同时包含真假结果的包)无效

iptables -N cleardns -t mangle

iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|042442b2|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|0807c62d|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|253d369e|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|2e52ae44|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|3b1803ad|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|402158a1|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|4021632f|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|4042a3fb|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|4168cafc|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|422dfced|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|480ecd63|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|480ecd68|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|4e10310f|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|5d2e0859|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|80797e8b|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|9f6a794b|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|a9840d67|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|c043c606|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|cab50755|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|cb620741|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|cba1e6ab|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|cf0c5862|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|d0381f2b|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|d1244921|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|d1913632|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|d1dc1eae|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|d35e4293|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|d8ddbcb6|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|d8eab30d|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|f3b9bb27|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|43d74184|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|43d74d84|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|d0452284|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|d0452084|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|7b7d510c|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|65e20a08|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa4013|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa4014|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa4015|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa4016|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa4017|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa4018|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa4019|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa401a|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa401b|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa401d|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa401e|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa40e1|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa40e2|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa40e3|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dcfa40e4|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|7b81fe0b|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|7b81fe0c|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|7b81fe0d|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|7b81fe0f|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|7b81fe10|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|7b81fe11|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|7b81fe12|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|7b81fe13|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|3a35d32e|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|3a35d32f|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|ca666ecb|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|ca666ecd|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|ca6ac722|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|ca6ac723|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|ca6ac724|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|ca6ac725|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|ca6ac726|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|3d8b0865|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|3d8b0866|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|3d8b0867|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|3d8b0868|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|dd030d3a|" --from 60 --to 180  -j DROP
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|3d9c0c3a|" --from 60 --to 180  -j DROP
#丢掉不包含任何查询结果的包
iptables -t mangle -I cleardns -p udp --sport 53 -m u32 --u32 "4 & 0x1FFF = 0 && 0 >> 22 & 0x3C @ 8 & 0x8000 = 0x8000 && 0 >> 22 & 0x3C @ 14 = 0" -j DROP
#丢掉Answer、Authority和Additional均为0的应答
iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "|81 80 00 01 00 00 00 00 00 00|" --from 30 --to 40 -j DROP

iptables -t mangle -I PREROUTING -m udp -p udp --sport 53 -j cleardns

## u32模块怎么用.md

      
    Raw
  

              u32模块怎么用.md
            
          
    ##u32模块怎么用
以
iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 \
"0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdd030d3a,0x3d9c0c3a,0x3d9c08bd"\
-j DROP

为例
关键部分是
"0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdd030d3a,0x3d9c0c3a,0x3d9c08bd"

开始的0意思是从ip包的第0个byte开始，抓取4bytes(这里的4是u32模块抓取的固定长度)
&后面的0x0F000000是掩码，即将上面抓取的4bytes与掩码做与运算，过滤掉不需要的部分
=后面的0x05000000是比较对象，即将上面与运算后的结果与之比较，如果相等则匹配成功
上面的全部规则匹配ip头为20的包(IP头长度由IP包的4-7bit决定)
&&就是&&
22&0xFFFF参考上面说过的，上面已经确定IP头为20字节长，所以可以确定UDP包头从20字节开始，UDP包头的长度在UDP包的4,5字节确定，所以抓取时，要抓取到UDP包的2,3,4,5字节，也就是IP包的22,23,24,25字节,所以从22字节开始抓取,抓取4字节,与FFFF与运算后得到后两个字节,即下图的Length


7. @的作用是从ip包的0字节开始,跳过@的左面的式子计算的结果,16是从之后的结果开始,抓取第16,17,18,19字节,这四个字节就是DNS包应答结果的第一个IP

上图中高亮部分即为IP包头,长度为20字节,IP包从高亮部分头开始计算长度
参考官网
有个用u32来屏蔽某些网站的,可以参考
DNS Amplification Attacks Observer

  
## 反解string模块的ip.js
//ss只是个示范，没啥意义
var ss = ['CA 6A 01 02', 'DC FA 40 E2', 'DC FA 40 E3', 'DC FA 40 E4'];


function long2ip (num) {
    var str;
    var tt = new Array();
    tt[0] = (num >>> 24) >>> 0;
    tt[1] = ((num << 8) >>> 24) >>> 0;
    tt[2] = (num << 16) >>> 24;
    tt[3] = (num << 24) >>> 24;
    str = String(tt[0]) + "." + String(tt[1]) + "." + String(tt[2]) + "." + String(tt[3]);
    return str;
};

var re = [];

for (i in ss) {

	re.push(long2ip(parseInt(ss[i].replace(/ /g,''), 16)));
}

## 反解u32模块的ip.js
//ss只是个示范，没啥意义
var ss = ['d0381f2b','d1244921','d1913632','d1dc1eae','d35e4293','d5a9fb23'];

function long2ip (num) {
    var str;
    var tt = new Array();
    tt[0] = (num >>> 24) >>> 0;
    tt[1] = ((num << 8) >>> 24) >>> 0;
    tt[2] = (num << 16) >>> 24;
    tt[3] = (num << 24) >>> 24;
    str = String(tt[0]) + "." + String(tt[1]) + "." + String(tt[2]) + "." + String(tt[3]);
    return str;
};
var re = [];

for (i in ss) {
	re.push(long2ip(parseInt(ss[i], 16)));
}
	整理结果

	#wiki
	#https://zh.wikipedia.org/wiki/%E5%9F%9F%E5%90%8D%E6%9C%8D%E5%8A%A1%E5%99%A8%E7%BC%93%E5%AD%98%E6%B1%A1%E6%9F%93
	4.36.66.178
	8.7.198.45
	37.61.54.158
	46.82.174.68
	59.24.3.173
	64.33.88.161
	64.33.99.47
	64.66.163.251
	65.104.202.252
	65.160.219.113
	66.45.252.237
	72.14.205.99
	72.14.205.104
	78.16.49.15
	93.46.8.89
	128.121.126.139
	159.106.121.75
	169.132.13.103
	192.67.198.6
	202.106.1.2
	202.181.7.85
	203.98.7.65
	203.161.230.171
	207.12.88.98
	208.56.31.43
	209.36.73.33
	209.145.54.50
	209.220.30.174
	211.94.66.147
	213.169.251.35
	216.221.188.182
	216.234.179.13
	243.185.187.39

	bogus domain
	bogus-nxdomain.china.conf
	https://raw.github.com/felixonmars/dnsmasq-china-list/master/bogus-nxdomain.china.conf

	#OpenDNS
	67.215.65.132
	67.215.77.132
	208.69.34.132
	208.69.32.132

	#DNSPai
	123.125.81.12
	101.226.10.8

	#Nanfang Unicom (nfdnserror1.wo.com.cn to nfdnserror17.wo.com.cn)
	220.250.64.18
	220.250.64.19
	220.250.64.20
	220.250.64.21
	220.250.64.22
	220.250.64.23
	220.250.64.24
	220.250.64.25
	220.250.64.26
	220.250.64.27
	220.250.64.28
	220.250.64.29
	220.250.64.30
	220.250.64.225
	220.250.64.226
	220.250.64.227
	220.250.64.228

	#Shandong Unicom (sddnserror1.wo.com.cn to sddnserror9.wo.com.cn)
	123.129.254.11
	123.129.254.12
	123.129.254.13
	123.129.254.14
	123.129.254.15
	123.129.254.16
	123.129.254.17
	123.129.254.18
	123.129.254.19

	#Wuhan Telecom
	58.53.211.46
	58.53.211.47

	#Nanjing Telecom
	202.102.110.203
	202.102.110.205

	#Shanghai Telecom
	180.168.41.175

	#Beijing Unicom (bjdnserror1.wo.com.cn to bjdnserror5.wo.com.cn)
	202.106.199.34
	202.106.199.35
	202.106.199.36
	202.106.199.37
	202.106.199.38

	#Chengdu Telecom
	61.139.8.101
	61.139.8.102
	61.139.8.103
	61.139.8.104

	#Hangzhou Telecom
	60.191.124.236

	#http://fxin.wap.blog.163.com/w2/blogDetail.do?hostID=fxin&blogId=fks_080068085082087064085086085095086080087064092095087
	221.3.13.58
	61.156.12.58
	61.156.8.189
	//生成iptables清理DNS的u32模块使用的字符串
	var ss = ['4.36.66.178','8.7.198.45','37.61.54.158','46.82.174.68','59.24.3.173','64.33.88.161','64.33.99.47','64.66.163.251','65.104.202.252','65.160.219.113','66.45.252.237','72.14.205.99','72.14.205.104','78.16.49.15','93.46.8.89','128.121.126.139','159.106.121.75','169.132.13.103','192.67.198.6','202.106.1.2','202.181.7.85','203.98.7.65','203.161.230.171','207.12.88.98','208.56.31.43','209.36.73.33','209.145.54.50','209.220.30.174','211.94.66.147','213.169.251.35','216.221.188.182','216.234.179.13','243.185.187.39','67.215.65.132','67.215.77.132','208.69.34.132','208.69.32.132','123.125.81.12','101.226.10.8','220.250.64.18','220.250.64.19','220.250.64.20','220.250.64.21','220.250.64.22','220.250.64.23','220.250.64.24','220.250.64.25','220.250.64.26','220.250.64.27','220.250.64.28','220.250.64.29','220.250.64.30','220.250.64.225','220.250.64.226','220.250.64.227','220.250.64.228','123.129.254.11','123.129.254.12','123.129.254.13','123.129.254.14','123.129.254.15','123.129.254.16','123.129.254.17','123.129.254.18','123.129.254.19','58.53.211.46','58.53.211.47','202.102.110.203','202.102.110.205','180.168.41.175','202.106.199.34','202.106.199.35','202.106.199.36','202.106.199.37','202.106.199.38','61.139.8.101','61.139.8.102','61.139.8.103','61.139.8.104','60.191.124.236','221.3.13.58','61.156.12.58','61.156.8.189'];
	function ip2int(ip)
	{
	var num = 0;
	ip = ip.split(".");
	num = Number(ip[0]) * 256 * 256 * 256 + Number(ip[1]) * 256 * 256 + Number(ip[2]) * 256 + Number(ip[3]);
	num = num >>> 0;
	return num;
	}

	var re = ["","","","","","","","","","","","","","","",""];

	//10,iptables貌似最多只能有10个一起
	for (i in ss) {
	re[Math.floor((i)/10)] += ("0x" + ip2int(ss[i]).toString(16) + ",");
	}
	#包含了clear DNS source.txt所有IP
	#openwrt 清理DNS
	iptables -N cleardns -t mangle
	iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x42442b2,0x807c62d,0x253d369e,0x2e52ae44,0x3b1803ad,0x402158a1,0x4021632f,0x4042a3fb,0x4168cafc,0x41a0db71" -j DROP
	iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x422dfced,0x480ecd63,0x480ecd68,0x4e10310f,0x5d2e0859,0x80797e8b,0x9f6a794b,0xa9840d67,0xc043c606,0xca6a0102" -j DROP
	iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xcab50755,0xcb620741,0xcba1e6ab,0xcf0c5862,0xd0381f2b,0xd1244921,0xd1913632,0xd1dc1eae,0xd35e4293,0xd5a9fb23" -j DROP
	iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xd8ddbcb6,0xd8eab30d,0xf3b9bb27,0x43d74184,0x43d74d84,0xd0452284,0xd0452084,0x7b7d510c,0x65e20a08,0xdcfa4012" -j DROP
	iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdcfa4013,0xdcfa4014,0xdcfa4015,0xdcfa4016,0xdcfa4017,0xdcfa4018,0xdcfa4019,0xdcfa401a,0xdcfa401b,0xdcfa401c" -j DROP
	iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdcfa401d,0xdcfa401e,0xdcfa40e1,0xdcfa40e2,0xdcfa40e3,0xdcfa40e4,0x7b81fe0b,0x7b81fe0c,0x7b81fe0d,0x7b81fe0e" -j DROP
	iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x7b81fe0f,0x7b81fe10,0x7b81fe11,0x7b81fe12,0x7b81fe13,0x3a35d32e,0x3a35d32f,0xca666ecb,0xca666ecd,0xb4a829af" -j DROP
	iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xca6ac722,0xca6ac723,0xca6ac724,0xca6ac725,0xca6ac726,0x3d8b0865,0x3d8b0866,0x3d8b0867,0x3d8b0868,0x3cbf7cec" -j DROP
	iptables -t mangle -I cleardns -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdd030d3a,0x3d9c0c3a,0x3d9c08bd" -j DROP
	#丢掉不包含任何查询结果的包
	iptables -t mangle -I cleardns -p udp --sport 53 -m u32 --u32 "4 & 0x1FFF = 0 && 0 >> 22 & 0x3C @ 8 & 0x8000 = 0x8000 && 0 >> 22 & 0x3C @ 14 = 0" -j DROP
	#丢掉Answer、Authority和Additional均为0的应答
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|81 80 00 01 00 00 00 00 00 00\|" --from 30 --to 40 -j DROP

	iptables -t mangle -I PREROUTING -m udp -p udp --sport 53 -j cleardns
	#感谢AntiDNSPoisoning
	#建议使用u32模块
	#包含了clear DNS source.txt所有IP
	#hex-string必须是8位,前面是0的要写

	#todo bm算法可能有遗漏
	#todo 不推荐在mangle表做操作
	#todo 对某些情况(nslookup 递归查询联通DNS,可能会返回同时包含真假结果的包)无效

	iptables -N cleardns -t mangle

	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|042442b2\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|0807c62d\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|253d369e\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|2e52ae44\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|3b1803ad\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|402158a1\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|4021632f\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|4042a3fb\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|4168cafc\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|422dfced\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|480ecd63\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|480ecd68\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|4e10310f\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|5d2e0859\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|80797e8b\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|9f6a794b\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|a9840d67\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|c043c606\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|cab50755\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|cb620741\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|cba1e6ab\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|cf0c5862\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|d0381f2b\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|d1244921\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|d1913632\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|d1dc1eae\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|d35e4293\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|d8ddbcb6\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|d8eab30d\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|f3b9bb27\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|43d74184\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|43d74d84\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|d0452284\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|d0452084\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|7b7d510c\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|65e20a08\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa4013\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa4014\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa4015\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa4016\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa4017\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa4018\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa4019\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa401a\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa401b\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa401d\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa401e\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa40e1\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa40e2\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa40e3\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dcfa40e4\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|7b81fe0b\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|7b81fe0c\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|7b81fe0d\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|7b81fe0f\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|7b81fe10\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|7b81fe11\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|7b81fe12\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|7b81fe13\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|3a35d32e\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|3a35d32f\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|ca666ecb\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|ca666ecd\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|ca6ac722\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|ca6ac723\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|ca6ac724\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|ca6ac725\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|ca6ac726\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|3d8b0865\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|3d8b0866\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|3d8b0867\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|3d8b0868\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|dd030d3a\|" --from 60 --to 180 -j DROP
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|3d9c0c3a\|" --from 60 --to 180 -j DROP
	#丢掉不包含任何查询结果的包
	iptables -t mangle -I cleardns -p udp --sport 53 -m u32 --u32 "4 & 0x1FFF = 0 && 0 >> 22 & 0x3C @ 8 & 0x8000 = 0x8000 && 0 >> 22 & 0x3C @ 14 = 0" -j DROP
	#丢掉Answer、Authority和Additional均为0的应答
	iptables -t mangle -I cleardns -p udp --sport 53 -m string --algo bm --hex-string "\|81 80 00 01 00 00 00 00 00 00\|" --from 30 --to 40 -j DROP

	iptables -t mangle -I PREROUTING -m udp -p udp --sport 53 -j cleardns
	//ss只是个示范，没啥意义
	var ss = ['CA 6A 01 02', 'DC FA 40 E2', 'DC FA 40 E3', 'DC FA 40 E4'];


	function long2ip (num) {
	var str;
	var tt = new Array();
	tt[0] = (num >>> 24) >>> 0;
	tt[1] = ((num << 8) >>> 24) >>> 0;
	tt[2] = (num << 16) >>> 24;
	tt[3] = (num << 24) >>> 24;
	str = String(tt[0]) + "." + String(tt[1]) + "." + String(tt[2]) + "." + String(tt[3]);
	return str;
	};

	var re = [];

	for (i in ss) {

	re.push(long2ip(parseInt(ss[i].replace(/ /g,''), 16)));
	}
	//ss只是个示范，没啥意义
	var ss = ['d0381f2b','d1244921','d1913632','d1dc1eae','d35e4293','d5a9fb23'];

	function long2ip (num) {
	var str;
	var tt = new Array();
	tt[0] = (num >>> 24) >>> 0;
	tt[1] = ((num << 8) >>> 24) >>> 0;
	tt[2] = (num << 16) >>> 24;
	tt[3] = (num << 24) >>> 24;
	str = String(tt[0]) + "." + String(tt[1]) + "." + String(tt[2]) + "." + String(tt[3]);
	return str;
	};
	var re = [];

	for (i in ss) {
	re.push(long2ip(parseInt(ss[i], 16)));
	}