zhao/luci-app-mosdns
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
45d9ca79b8
luci-app-mosdns/luci-app-mosdns/root/etc/mosdns/config_custom.yaml

232 lines
4.9 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

log:
level: info
file: "/tmp/mosdns.log"
plugins:
# 国内域名
- tag: geosite_cn
type: domain_set
args:
files:
- "/var/mosdns/geosite_cn.txt"
# 国内ip
- tag: geoip_cn
type: ip_set
args:
files:
- "/var/mosdns/geoip_cn.txt"
# 国外域名
- tag: geosite_no_cn
type: domain_set
args:
files:
- "/var/mosdns/geosite_geolocation-!cn.txt"
# 白名单 加入的域名始终允许使用 “本地 DNS” 进行解析
- tag: whitelist
type: domain_set
args:
files:
- "/etc/mosdns/rule/whitelist.txt"
# 黑名单 加入的域名将屏蔽 DNS 解析
- tag: blocklist
type: domain_set
args:
files:
- "/etc/mosdns/rule/blocklist.txt"
# 灰名单 加入的域名始终使用 “远程 DNS” 进行解析
- tag: greylist
type: domain_set
args:
files:
- "/etc/mosdns/rule/greylist.txt"
# 自定义 Hosts 重写
- tag: hosts
type: hosts
args:
files:
- "/etc/mosdns/rule/hosts.txt"
# 重定向请求的域名
- tag: redirect
type: redirect
args:
files:
- "/etc/mosdns/rule/redirect.txt"
# PTR 黑名单 加入的域名将阻止 PTR 请求
- tag: local_ptr
type: domain_set
args:
files:
- "/etc/mosdns/rule/local-ptr.txt"
# 屏蔽失效/威胁 URL
- tag: sp_low
type: domain_set
args:
files:
- "/usr/share/mosdns/sp_low.tdata"
# 缓存
- tag: cache
type: cache
args:
size: 20000
lazy_cache_ttl: 86400
dump_file: "/etc/mosdns/cache.dump"
dump_interval: 600
# 转发至本地服务器
- tag: forward_local
type: forward
args:
upstreams:
- addr: "https://doh.pub/dns-query"
bootstrap: 180.76.76.76
- addr: 119.29.29.29
# 转发至远程服务器
- tag: forward_remote
type: forward
args:
upstreams:
- addr: tls://8.8.8.8
enable_pipeline: false
# 修改ttl默认0 不修改ttl
- tag: modify_ttl
type: sequence
args:
- exec: ttl 0-0
# 国内解析
- tag: local_sequence
type: sequence
args:
- exec: $forward_local
# 国外解析
- tag: remote_sequence
type: sequence
args:
- exec: prefer_ipv4
- exec: $forward_remote
# 有响应终止返回
- tag: has_resp_sequence
type: sequence
args:
- exec: $modify_ttl
- matches: has_resp
exec: accept
# fallback 用本地服务器 sequence
# 返回非国内 ip 则 drop_resp
- tag: query_is_local_ip
type: sequence
args:
- exec: $local_sequence
- matches: "!resp_ip $geoip_cn"
exec: drop_resp
# fallback 用远程服务器 sequence
- tag: query_is_remote
type: sequence
args:
- exec: $remote_sequence
# fallback 用远程服务器 sequence
- tag: fallback
type: fallback
args:
primary: query_is_local_ip
secondary: query_is_remote
threshold: 500
always_standby: true
# 查询国内域名
- tag: query_is_local_domain
type: sequence
args:
- matches: qname $geosite_cn
exec: $local_sequence
# 查询国外域名
- tag: query_is_no_local_domain
type: sequence
args:
- matches: qname $geosite_no_cn
exec: $remote_sequence
# 查询白名单
- tag: query_is_whitelist_domain
type: sequence
args:
- matches: qname $whitelist
exec: $local_sequence
# 查询灰名单
- tag: query_is_greylist_domain
type: sequence
args:
- matches: qname $greylist
exec: $remote_sequence
# 拒绝名单
- tag: query_is_reject_domain
type: sequence
args:
- matches: qname $blocklist
exec: reject 3
- matches: qname $sp_low
exec: reject 3
- matches:
- qtype 12
- qname $local_ptr
exec: reject 3
- matches: qtype 65
exec: reject 3
# 主要的运行逻辑插件
# sequence 插件中调用的插件 tag 必须在 sequence 前定义,
# 否则 sequence 找不到对应插件。
- tag: main_sequence
type: sequence
args:
- exec: $hosts
- exec: jump has_resp_sequence
- exec: $redirect
- exec: jump has_resp_sequence
- exec: $query_is_whitelist_domain
- exec: jump has_resp_sequence
- exec: $query_is_reject_domain
- exec: $cache
- exec: jump has_resp_sequence
- exec: $query_is_greylist_domain
- exec: jump has_resp_sequence
- exec: $query_is_local_domain
- exec: jump has_resp_sequence
- exec: $query_is_no_local_domain
- exec: jump has_resp_sequence
- exec: $fallback
# 启动 udp 服务器。
- tag: udp_server
type: udp_server
args:
entry: main_sequence
listen: ":5335"
# 启动 tcp 服务器。
- tag: tcp_server
type: tcp_server
args:
entry: main_sequence
listen: ":5335"
Reference in New Issue View Git Blame Copy Permalink