fix(run.sh): fix wrong dnssec settings per protocol

2025-10-12 00:03:27 +01:00
parent ecb50f8cab
commit 1a82de9111
1 changed files with 69 additions and 29 deletions
--- a/run.sh
+++ b/run.sh
@@ -4,12 +4,8 @@ TOOL_PATH="$1"/"qol"
 DOMAINS_FILE="$1"/"domains.txt"
 OUTPUT_DIR="$1"/"results"

-# All servers in one command (same as yours)
-SERVERS=(
-    -s "udp://8.8.8.8:53"
-    -s "udp://1.1.1.1:53"
-    -s "udp://9.9.9.9:53"
-    -s "udp://dns.adguard-dns.com:53"
+# Connection-based protocols that benefit from keep-alive (TCP-based)
+CONN_SERVERS=(
    -s "tls://8.8.8.8:853"
    -s "tls://1.1.1.1:853"
    -s "tls://9.9.9.9:853"
@@ -18,60 +14,104 @@ SERVERS=(
    -s "https://cloudflare-dns.com/dns-query"
    -s "https://dns10.quad9.net/dns-query"
    -s "https://dns.adguard-dns.com/dns-query"
+)
+
+# QUIC-based protocols (have built-in 0-RTT, keep-alive doesn't add value)
+QUIC_SERVERS=(
    -s "doh3://dns.google/dns-query"
    -s "doh3://cloudflare-dns.com/dns-query"
    -s "doh3://dns.adguard-dns.com/dns-query"
    -s "doq://dns.adguard-dns.com:853"
 )

+# Connectionless protocols (no keep-alive)
+CONNLESS_SERVERS=(
+    -s "udp://8.8.8.8:53"
+    -s "udp://1.1.1.1:53"
+    -s "udp://9.9.9.9:53"
+    -s "udp://dns.adguard-dns.com:53"
+)
+
 # Common args
 COMMON_ARGS=(
    "$DOMAINS_FILE"
    --interface eth0
    --timeout 5s
-    "${SERVERS[@]}"
 )

-# Define all combinations as arrays of extra flags (no suffixes here, since flags are in filenames)
-COMBINATIONS=(
+# Combinations for TCP-based connection protocols
+CONN_COMBINATIONS=(
    # DNSSEC off, Keep off
    ""
    
    # DNSSEC off, Keep on
    "--keep-alive"
    
-    # DNSSEC on (trust), Keep off
-    "--dnssec"
-
    # DNSSEC on (trust), Keep on
    "--dnssec --keep-alive"
    
-    # DNSSEC on (auth), Keep off
-    "--dnssec --auth-dnssec"
-
    # DNSSEC on (auth), Keep on
    "--dnssec --auth-dnssec --keep-alive"
 )

-# Run each combination with a unique timestamped output dir
-for ((i=0; i<${#COMBINATIONS[@]}; i++)); do
-    FLAGS=${COMBINATIONS[$i]}
+# Combinations for QUIC and connectionless protocols (no keep-alive)
+NO_KEEPALIVE_COMBINATIONS=(
+    # DNSSEC off
+    ""
    
-    # Generate a unique timestamp for this run (YYYYMMDD_HHMMSS)
-    TIMESTAMP=$(date '+%Y%m%d_%H%M%S')
+    # DNSSEC on (trust)
+    "--dnssec"
    
+    # DNSSEC on (auth)
+    "--dnssec --auth-dnssec"
+)

-    echo "Running combination: $FLAGS (output: $OUTPUT_DIR)"
+echo "=== Running TCP-based protocols (TLS/HTTPS) ==="
+for FLAGS in "${CONN_COMBINATIONS[@]}"; do
+    echo "Running: $FLAGS"
    
-    # Convert FLAGS string to array (split by space)
    FLAGS_ARRAY=($FLAGS)
    
    sudo "$TOOL_PATH" run \
        --output-dir "$OUTPUT_DIR" \
        "${COMMON_ARGS[@]}" \
+        "${CONN_SERVERS[@]}" \
        "${FLAGS_ARRAY[@]}"
    
    sleep 1
 done

+echo ""
+echo "=== Running QUIC-based protocols (DoH3/DoQ) ==="
+for FLAGS in "${NO_KEEPALIVE_COMBINATIONS[@]}"; do
+    echo "Running: $FLAGS"
+    
+    FLAGS_ARRAY=($FLAGS)
+    
+    sudo "$TOOL_PATH" run \
+        --output-dir "$OUTPUT_DIR" \
+        "${COMMON_ARGS[@]}" \
+        "${QUIC_SERVERS[@]}" \
+        "${FLAGS_ARRAY[@]}"
+    
+    sleep 1
+done
+
+echo ""
+echo "=== Running connectionless protocols (UDP) ==="
+for FLAGS in "${NO_KEEPALIVE_COMBINATIONS[@]}"; do
+    echo "Running: $FLAGS"
+    
+    FLAGS_ARRAY=($FLAGS)
+    
+    sudo "$TOOL_PATH" run \
+        --output-dir "$OUTPUT_DIR" \
+        "${COMMON_ARGS[@]}" \
+        "${CONNLESS_SERVERS[@]}" \
+        "${FLAGS_ARRAY[@]}"
+    
+    sleep 1
+done
+
+echo ""
 echo "All combinations completed!"