How to run our own Smart DNS to bypass geo restrictions
Hey folks, I hope you’re doing well :)
As you may know, I’m still living in Iran, well we can’t even use DockerHub properly :D
so we need to use VPN on our local systems and tunneling + proxying and a lot of other stuff in order to use these services in our daily usage and even on our data centers. it’s kinda boring!
there are some services like shecan.ir that provides a bypass way for some specific services like docker hub and other stuff but as you may guess it’s not completely free ( the free service is kinda very slow ) so we can’t use it in production.
long story short, I needed to powerup my own alternative platform to shecan to use it in production here are the step that I’ve done to achieve this goal :
I find out the technology that Shecan is using is called SmartProxy so I bring up my own Shecan alternative
Basically, Smart DNS changes your geographical location so you can access restricted websites and services from a different location.
To use maj0r Smart DNS stay with us and follow the following steps:
0- clone the project and give it a star :)
git clone https://github.com/maj0rmil4d/maj0rdns/
1- build the docker image, so you could use the docker image and its context in the future easily.
docker build -t maj0rdns:latest .
2- Now run the mentioned docker in the previous step.
docker run -d -it — cap-add=NET_ADMIN -p 53:53/udp -p 443:443 -p 80:80 -e IP=PublicIpOfContainer maj0rdns:latest
3- Now the docker will be running in the background, so we could use it by changing the main dns configuration file and add the public IP address of the container to the resolve.conf file.
echo “” > /etc/resolv.conf && echo “nameserver Public_IP_Of_Container” >> /etc/resolv.conf
4- To be sure that everything works correctly, use the following command on your local system.
5- If you saw your public IP address of the container, it’s time to restart everything in order to make sure:
restart.sh is a bash script file that stops and starts the container in the background, actually if you add some new domains to dnsmasq.custom file you need to run the restart.sh too
After all, I strongly recommend that this service be only available at specific Geo or IP addresses to prevent attacks and other problems.
6- For example, with running iraccess.sh file the Service will be limited to Iran IP addresses:
You can also increase reliability and connectivity, with help of Cluster Mode. To have a cluster, do the following steps:
1- At first, initialize the swarm, swarm mode :
docker swarm init
the swarm mode was enabled
2- Now create docker swarm service with the following command:
docker service create — cap-add=NET_ADMIN -p 53:53/udp -p 443:443 -p 80:80 -e IP=PublicIpOfContainer — name maj0rdnscontainer maj0rdns:latest
3- You could scale the service to 5 docker containers:
docker service scale maj0rdnscontainer=5
4- It’s necessary to verify that the previous steps are working correctly and that all of them are running.
docker service ls && docker service ps maj0rdnscontainer
5- You can see the logs by the following command :
Finally, I want to say thanks to Miss “Maede Yavari” that helped me to write this article, you all know that I’m bad at writing something :D
I hope you enjoyed the article and this could help you to get more freedom on Internet, good luck