XZ

Xiao Z's blog

Learn, build, share

Building a Web Interface for DNSmasq Using PHPDNS

phpdnsdnsmasq web interfaceself-hosted dnsdns ad blockingrecursive dns setup
Published·Modified·

DNSmasq is a lightweight and convenient tool for configuring DNS and DHCP, suitable for small networks. It provides DNS functionality with optional DHCP capabilities. Using DNSmasq makes it easy to set up recursive DNS (public DNS, such as 8.8.8.8), and PHPDNS allows for easy management of DNSmasq.

DNSmasq Interface

Environment Requirements

  • CentOS 6/7
  • PHP 5.6+ (PDO component required)
  • SQLite 3

Recursive DNS vs. Authoritative DNS

Some users ask if this supports GEO functionality. The answer is no, as these are features of authoritative DNS. DNSmasq belongs to recursive DNS, used for resolving queries on your local computer, similar to Google's public DNS 8.8.8.8.

  • Authoritative DNS: Built by domain name resolution service providers, providing domain management services and maintaining domain resolution records.
  • Recursive DNS: Built by network operators, providing domain name query and resolution services.

For detailed explanations, please refer to:

Advantages of Self-Hosted DNS

  • Custom DNS resolution
  • Ad blocking
  • Prevention of DNS hijacking

Detailed Working Principle

  1. Every time a host is added, PHPDNS generates a configuration file suitable for DNSmasq and saves it to the application/conf directory.

  2. After adding a configuration, DNSmasq must be restarted for it to take effect. However, DNSmasq does not know that the administrator has added a host list. By using a simple shell script with the find command to detect if the application/conf configuration file has been modified within the last minute, DNSmasq can be restarted automatically to apply the changes. For example:

#!/bin/bash
find /data/wwwroot/xxx.com/application/conf/ -name '*.conf' -mmin -1 -exec /usr/bin/systemctl restart dnsmasq.service {} \;

  1. Combined with crontab to execute the shell command every minute for detection, this ultimately achieves real-time DNSmasq effectiveness when an administrator adds a host. The benefit is that PHP does not need to execute backend shell commands; the server handles subsequent work, which is relatively safer. The downside is that it takes at least one minute for changes to take effect after addition, which is generally acceptable. Currently, there is no way to verify if the DNSmasq configuration generated by PHPDNS is syntactically correct. If an administrator triggers a bug or adds illegal hosts, it may cause DNSmasq to fail.

  2. Principle of Ad Blocking: This works by redirecting ad domains, such as ad.baidu.com, to 127.0.0.1, preventing ads from loading normally. This achieves ad blocking without installing additional plugins, as DNS handles all these tasks.

Obtaining the Donated Version

The PHPDNS donated version has no functional differences from the standard version. The donated version offers initial installation and debugging support.

Donation QR Code

Documentation: https://doc.xiaoz.org/docs/phpdns/ Source Code: https://github.com/helloxz/phpdns