blob: 3cf0ed338a1adc3659199a11a87d613f8563b9bb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
# Linum
A simple DNS recursive resolver written in Golang. Linum supports both
recursive resolution from root hints and forwarding to upstream resolvers with
built-in hosts blocking.
## Features
- UDP, TCP, DoT listeners
- Recursive & foreward modes
- Host blocking
## Requirements
- Go 1.26+
- Linux
- Root to bind port 53 / 853
## Quickstart
```bash
git clone https://codeberg.org/radhitya/linum.git
cd linum
make
./build/linum -config linum.toml
```
Test with dig:
```bash
dig @127.0.0.1 -p 5353 example.com
```
### Build & Install
From source
```bash
make
sudo make install
sudo make install-config
```
and install systemd service
```bash
sudo make install-service
sudo systemctl enable --now linum
```
## Config Reference
Save as /etc/linum/linum.toml
```
[server]
listen_udp = ":5353"
listen_tcp = ":5353"
listen_doh = ":8443"
listen_dot = ":853"
[cache]
max_entries = 100000
db_path = "/var/cache/linum/cache.db"
[resolver]
mode = "recursive" # "recursive" or "forward"
timeout = "2s"
max_delegations = 30
# forwarders = ["1.1.1.1", "8.8.8.8"] # only used when mode = "forward"
[blocklist]
response = "zero_ip" # "zero_ip" or "nxdomain"
files = ["etc/blocklist/*.txt"]
# urls = [
# "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts",
# ]
[acl]
allow = ["127.0.0.1/8", "::1/128"]
rate_limit_qps = 50
rate_limit_burst = 10
[admin]
listen = "127.0.0.1:8080"
[tls]
cert = "/etc/linum/linum-cert.pem"
key = "/etc/linum/linum-key.pem"
[log]
level = "info"
```
## Blocklist Format
Linum supports several rule formats:
```txt
# hosts format
0.0.0.0 example.com
# AdGuard format
||example.com^
# Exception / whitelist
@@||example.com^
```
Set response = "zero_ip" to return 0.0.0.0 / ::, or response = "nxdomain" to return NXDOMAIN.
- [codeberg.org/miekg/dns](https://codeberg.org/miekg/dns)
- [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml)
- [modernc.org/sqlite](https://modernc.org/sqlite)
|
