diff --git a/Dockerfile b/Dockerfile
index 95d66d5..a682732 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -32,7 +32,7 @@ RUN cp /src/Country-only-cn-private.mmdb.xz /tmp/ &&\
 
 FROM alpine:edge
 COPY --from=builder /src/ /usr/sbin/
-RUN apk add --no-cache dcron tzdata hiredis libevent curl dnscrypt-proxy inotify-tools bind-tools libgcc xz && \
+RUN apk add --no-cache ca-certificates dcron tzdata hiredis libevent dnscrypt-proxy inotify-tools bind-tools libgcc xz && \
     apk upgrade --no-cache &&\
     mkdir -p /etc/unbound && \
     mv /usr/sbin/named.cache /etc/unbound/named.cache &&           \
diff --git a/build_test.sh b/build_test.sh
index d77f309..46f95d1 100644
--- a/build_test.sh
+++ b/build_test.sh
@@ -43,7 +43,7 @@ t9=$(docker exec test1 dig host.paopaodns @127.0.0.1 -p53 A +short)
 v4check "$t9" USE_HOSTS
 t10=$(docker exec test1 dig force_ttl_rules.paopaodns @127.0.0.1 -p53 A +short)
 v4check "$t10" force_ttl_rules
-if docker exec test1 curl -s 127.0.0.1:7889 | grep -q Country-only-cn-private.mmdb; then
+if docker exec test1 mosdns curl http://127.0.0.1:7889 | grep -q Country-only-cn-private.mmdb; then
     echo HTTP_FILE pass.
 else
     exit
diff --git a/src/data_update.sh b/src/data_update.sh
index 6d3ba51..01cb2ba 100644
--- a/src/data_update.sh
+++ b/src/data_update.sh
@@ -50,7 +50,7 @@ file_update() {
     date +"%Y-%m-%d %H:%M:%S %Z"
     touch $update_file
     oldsum=$($hashcmd $update_file | grep -Eo "$update_reg")
-    newsum=$(curl -4L --connect-timeout 10 -s $(if [ -n "$SOCKS5ON" ]; then echo "--socks5-hostname "$SOCKS5""; fi) "$newsum_url" | grep -Eo "$update_reg" | head -1)
+    newsum=$(mosdns curl "$newsum_url" $(if [ -n "$SOCKS5ON" ]; then echo "$SOCKS5"; fi) | grep -Eo "$update_reg" | head -1)
     if echo "$newsum" | grep -qvE "$update_reg"; then
         echo "Network error: ""$SOCKS5ON" "$newsum_url"
         return 1
@@ -62,7 +62,7 @@ file_update() {
     echo $update_file "diff sha256sum, update..."
     echo newsum:"$newsum"
     echo oldsum:"$oldsum"
-    curl -4L --connect-timeout 10 $(if [ -n "$SOCKS5ON" ]; then echo "--socks5-hostname "$SOCKS5""; fi) "$down_url" -o $update_file_down
+    mosdns curl "$down_url" $(if [ -n "$SOCKS5ON" ]; then echo "$SOCKS5"; fi) $update_file_down
     downsum=$($hashcmd "$update_file_down" | grep -Eo "$update_reg")
     if [ "$newsum" = "$downsum" ]; then
         echo "$update_file_down" "Download OK."
@@ -101,7 +101,7 @@ file_update_try() {
 
 update-ca-certificates >/dev/null 2>&1
 apk update >/dev/null 2>&1
-apk add --upgrade curl ca-certificates >/dev/null 2>&1
+apk add --upgrade ca-certificates >/dev/null 2>&1
 
 update_file="/etc/unbound/named.cache"
 update_file_down="/tmp/named.cache"
diff --git a/src/debug.sh b/src/debug.sh
index e4ecc2a..caf097b 100644
--- a/src/debug.sh
+++ b/src/debug.sh
@@ -41,24 +41,25 @@ sleep 5
 echo "[test]" IP test, you will see that all the following IPs are your public network exit IP !
 echo "[test]" ========== IP TEST START ==========
 echo CN IP URL:
-curl -sk4 http://test.ipw.cn | grep -Eo "$IPREX4" | tail -1
-curl -sk4 http://ipsu.03k.org | grep -Eo "$IPREX4" | tail -1
+mosdns curl http://test.ipw.cn | grep -Eo "$IPREX4" | tail -1
+mosdns curl http://ipsu.03k.org/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
+mosdns curl https://cf-ns.com/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
 echo CN RAW-IP URL:
-curl -sk4 http://115.231.186.225/ | grep -Eo "$IPREX4" | grep -v "115.231.186.225" | tail -1
+mosdns curl http://115.231.186.225/ | grep -Eo "$IPREX4" | grep -v "115.231.186.225" | tail -1
 echo ------------------
 echo Non-CN IP URL:
-curl -sk4 https://www.cloudflare.com/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
-curl -sk4 http://checkip.synology.com/ | grep -Eo "$IPREX4" | tail -1
-curl -sk4 https://v4.ident.me/ | grep -Eo "$IPREX4" | tail -1
+mosdns curl https://www.cloudflare.com/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
+mosdns curl http://checkip.synology.com/ | grep -Eo "$IPREX4" | tail -1
+mosdns curl https://v4.ident.me/ | grep -Eo "$IPREX4" | tail -1
 echo Non-CN RAW-IP URL:
-curl -sk4 https://1.1.1.1/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
-curl -sk4 https://1.0.0.3/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
-curl -sk4 https://1.0.0.2/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
-curl -sk4 https://1.0.0.1/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
+mosdns curl https://1.1.1.1/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
+mosdns curl https://1.0.0.3/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
+mosdns curl https://1.0.0.2/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
+mosdns curl https://1.0.0.1/cdn-cgi/trace | grep -Eo "$IPREX4" | tail -1
 echo ------------------
 sleep 5
 echo IP INFO:
-curl -d "" http://ip.03k.org
+mosdns curl http://ip.03k.org
 echo
 sleep 1
 echo ------------------
@@ -79,6 +80,7 @@ echo
 echo "[test]" The DNS hijacking test, you will see timed out message !
 echo "[test]" ========== DNS HIJACK START ==========
 nslookup www.qq.com 9.8.7.6
+nslookup whether.114dns.com 114.114.114.114
 echo "[test]" ========== DNS HIJACK END ==========
 sleep 1
 echo "[test]" CN domain test, you will see that the DNS resolution result is CN IP !
diff --git a/src/watch_list.sh b/src/watch_list.sh
index b3792dd..ba68687 100644
--- a/src/watch_list.sh
+++ b/src/watch_list.sh
@@ -163,7 +163,7 @@ reload_dns() {
                 load_ttl_rules
                 if [ "$?" = "0" ]; then
                     if ps | grep dnscrypt-proxy | grep -q dnscrypt.toml; then
-                        dnscrypt_id=$(ps | grep dnscrypt-proxy | grep dnscrypt.toml | grep -Eo "[0-9]+" | head -1)
+                        dnscrypt_id=$(ps | grep -v "grep" | grep dnscrypt-proxy | grep dnscrypt.toml | grep -Eo "[0-9]+" | head -1)
                         kill "$dnscrypt_id"
                     fi
                     echo "dnscrypt reload rules..."
@@ -177,11 +177,11 @@ reload_dns() {
             export reload_mosdns=1
         fi
         if [ $reload_mosdns = "1" ]; then
-            while ps | grep -v grep | grep mosdns; do
-                killall mosdns
+            while ps | grep -v grep | grep "mosdns.yaml"; do
+                mosdns_id=$(ps | grep -v "grep" | grep "mosdns.yaml" | grep -Eo "[0-9]+" | head -1)
+                kill "$mosdns_id"
             done
             echo "mosdns reload..."
-            killall mosdns
             touch /data/custom_env.ini
             grep -Eo "^[_a-zA-Z0-9]+=\".+\"" /data/custom_env.ini >/tmp/custom_env.ini
             if [ -f "/tmp/custom_env.ini" ]; then
@@ -196,17 +196,14 @@ reload_dns() {
         fi
     fi
     if [ "$(gen_hash /etc/unbound/named.cache)" != "$named" ]; then
-        while ps | grep -v grep | grep unbound; do
-            killall unbound
+        while ps | grep -v grep | grep unbound_raw; do
+            unbound_id=$(ps | grep -v "grep" | grep "unbound_raw" | grep -Eo "[0-9]+" | head -1)
+            kill "$unbound_id"
         done
         echo "unbound reload..."
-        killall unbound
         unbound -c /tmp/unbound_raw.conf >/dev/null 2>&1 &
-        if [ -f /tmp/unbound_forward.conf ]; then
-            unbound -c /tmp/unbound_forward.conf >/dev/null 2>&1 &
-        fi
         sleep 1
-        ps -ef | grep -v "grep" | grep "unbound"
+        ps | grep -v grep | grep unbound_raw
     fi
 }