相关文章推荐
高大的茄子  ·  C/C++ ...·  10 月前    · 
精明的大海  ·  云托管python如何安装包,例如Numpy ...·  1 年前    · 
很酷的跑步机  ·  python数据可视化开发(2):panda ...·  1 年前    · 
开朗的烈酒  ·  vue.js - vuex: ...·  1 年前    · 
小眼睛的羊肉串  ·  linux----gdb调试记录(指针的指针 ...·  2 年前    · 
Code  ›  mosdns v5 配置 · GitHub
cloudflare tls https dns
https://gist.github.com/Jasper-1024/9242288c2907b1f06412a04d3f861dba
发财的黑框眼镜
1 周前
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Show hidden characters

config 文件是支持拆分的, v5 版本顺势拆分成了 config.yaml dat_exec.yaml dns.yaml

使用前需要更新两个字段

dashboard/mosdns/config/dns.yaml 的 addr 为本地运营商 dns 地址 

  # local dns
  - tag: local
    type: forward
    args:
      concurrent: 1
      upstreams:
        - addr: "udp://192.168.1.1:53" # 更新为本地 dns 地址, 一般是 网关地址

dashboard/mosdns/config/dat_exec.yaml 的 preset 为本地公网 ip 

  # 附加 ecs cn 信息
  - tag: ecs_cn
    type: "ecs_handler"
    args:
      forward: false # 是否转发来自下游的 ecs
      preset: 202.120.2.100 # 发送预设 ecs
      send: false # 是否发送 ecs
      mask4: 24 # ipv4 掩码。默认 24
      mask6: 48 # ipv6 掩码。默认 48
- addr : " https://dns.google/dns-query " dial_addr : " 2001:4860:4860::6464 " - addr : " https://dns.google/dns-query " dial_addr : " 2001:4860:4860::0064 " - addr : " https://dns.google/dns-query " dial_addr : " 2001:4860:4860::8844 " - addr : " https://dns.google/dns-query " dial_addr : " 2001:4860:4860::8888 " - addr : " https://dns.google/dns-query " dial_addr : " 8.8.4.4 " - addr : " https://dns.google/dns-query " dial_addr : " 8.8.8.8 " - addr : " tls://dns.google " dial_addr : " 8.8.4.4 " enable_pipeline : true # TCP/DoT 启用 RFC 7766 新的 query pipelining 连接复用模式 - addr : " tls://dns.google " dial_addr : " 2001:4860:4860::8888 " enable_pipeline : true - addr : " tls://dns.google " dial_addr : " 8.8.8.8 " enable_pipeline : true - addr : " https://dns.google/dns-query " dial_addr : " 2001:4860:4860::8844 " enable_http3 : true - addr : " https://dns.google/dns-query " dial_addr : " 8.8.4.4 " enable_http3 : true - addr : " https://dns.google/dns-query " dial_addr : " 2001:4860:4860::8888 " enable_http3 : true - addr : " https://dns.google/dns-query " dial_addr : " 8.8.8.8 " enable_http3 : true # cloudflare doh dot h3 - tag : cloudflare type : forward args : concurrent : 3 upstreams : - addr : " https://cloudflare-dns.com/dns-query " dial_addr : " 2606:4700:4700::1001 " - addr : " https://cloudflare-dns.com/dns-query " dial_addr : " 1.0.0.1 " - addr : " https://cloudflare-dns.com/dns-query " dial_addr : " 2606:4700:4700::1111 " - addr : " https://cloudflare-dns.com/dns-query " dial_addr : " 1.0.0.1 " - addr : " tls://1dot1dot1dot1.cloudflare-dns.com " dial_addr : " 2606:4700:4700::1001 " enable_pipeline : true # TCP/DoT 启用 RFC 7766 新的 query pipelining 连接复用模式 - addr : " tls://1dot1dot1dot1.cloudflare-dns.com " dial_addr : " 1.0.0.1 " enable_pipeline : true - addr : " tls://1dot1dot1dot1.cloudflare-dns.com " dial_addr : " 2606:4700:4700::1111 " enable_pipeline : true - addr : " tls://1dot1dot1dot1.cloudflare-dns.com " dial_addr : " 1.0.0.1 " enable_pipeline : true - addr : " https://cloudflare-dns.com/dns-query " dial_addr : " 2606:4700:4700::1001 " enable_http3 : true - addr : " https://cloudflare-dns.com/dns-query " dial_addr : " 1.0.0.1 " enable_http3 : true - addr : " https://cloudflare-dns.com/dns-query " dial_addr : " 2606:4700:4700::1111 " enable_http3 : true - addr : " https://cloudflare-dns.com/dns-query " dial_addr : " 1.1.1.1 " enable_http3 : true # ali doh dot h3 - tag : ali type : forward args : concurrent : 3 upstreams : - addr : " https://dns.alidns.com/dns-query " dial_addr : " 2400:3200:baba::1 " - addr : " https://dns.alidns.com/dns-query " dial_addr : " 223.5.5.5 " - addr : " https://dns.alidns.com/dns-query " dial_addr : " 2400:3200::1 " - addr : " https://dns.alidns.com/dns-query " dial_addr : " 223.6.6.6 " - addr : " tls://dns.alidns.com " dial_addr : " 2400:3200:baba::1 " enable_pipeline : true - addr : " tls://dns.alidns.com " dial_addr : " 223.5.5.5 " enable_pipeline : true - addr : " tls://dns.alidns.com " dial_addr : " 2400:3200::1 " enable_pipeline : true - addr : " tls://dns.alidns.com " dial_addr : " 223.6.6.6 " enable_pipeline : true - addr : " https://dns.alidns.com/dns-query " dial_addr : " 2400:3200:baba::1 " enable_http3 : true - addr : " https://dns.alidns.com/dns-query " dial_addr : " 223.5.5.5 " enable_http3 : true - addr : " https://dns.alidns.com/dns-query " dial_addr : " 2400:3200::1 " enable_http3 : true - addr : " https://dns.alidns.com/dns-query " dial_addr : " 223.6.6.6 " enable_http3 : true # dnspod doh dot - tag : dnspod type : forward args : concurrent : 3 upstreams : - addr : " https://doh.pub/dns-query " dial_addr : " 1.12.12.12 " - addr : " https://doh.pub/dns-query " dial_addr : " 120.53.53.53 " - addr : " tls://dot.pub " dial_addr : " 1.12.12.12 " enable_pipeline : true - addr : " tls://dot.pub " dial_addr : " 120.53.53.53 " enable_pipeline : true # local dns - tag : local type : forward args : concurrent : 1 upstreams : - addr : " udp://192.168.1.1:53 " # server 失败 - tag : reject_2 type : sequence args : - exec : reject 2 # 拒绝响应 - tag : reject_3 type : sequence args : - exec : reject 3 # 不支持的操作 - tag : reject_5 type : sequence args : - exec : reject 5
- exec : $dns_nocn_seq - matches : " resp_ip $geoip_cn " # 响应为 cn ip exec : drop_resp # 丢弃 # query lan - tag : query_lan type : sequence args : - exec : $cache_lan - matches : has_resp # 命中了 lan cache exec : return # - exec: $no_ecs - exec : $local_seq # 其他所有情况 - tag : query_other type : sequence args : # - exec: $no_ecs - exec : $other_seq - tag : pre_handle type : sequence args : - exec : $ttl_1h # ttl 1h - exec : accept # 接受响应,终止流程 - tag : main_handle type : sequence args : - exec : $ttl_5m # ttl 5min - exec : accept # 接受响应,终止流程 # pre_sequence 结果处理 - tag : has_resp_pre type : sequence args : - matches : has_resp # 如果 pre 序列已有响应 exec : goto pre_handle # main_sequence 结果处理 - tag : has_resp_main type : sequence args : - matches : has_resp exec : goto main_handle # pre_sequence - tag : pre_sequence type : sequence args : - matches : qtype 65 # TYPE 65 类型|DNS服务器状态 exec : $reject_qtype65 - matches : " qname keyword:: " # 无效域名 exec : $reject_null_domain - matches : qtype 12 # TYPE 12 类型|反查域名 PTR 记录 exec : $query_other - matches : qtype 255 # TYPE 255 类型|DNS服务器拓展支持 exec : $query_other - matches : ptr_ip $geoip_private # private ip exec : $query_lan - exec : jump has_resp_pre # main_sequence - tag : main_sequence type : sequence args : - matches : qname $geosite_ads-all # ad 域名 exec : $reject_ad - exec : $cache_wan # cache wan - exec : jump has_resp_main - matches : qname $geosite_cn # cn 域名 exec : $query_cn - exec : jump has_resp_main - matches : qname $geosite_location-!cn # 非 cn 域名 exec : $query_nocn - exec : jump has_resp_main - exec : $no_ecs - exec : $query_nocn - exec : jump has_resp_main - tag : sequence type : sequence args : - exec : $pre_sequence # 预处理 - exec : $main_sequence # 主执行序列 # 在同一端口启动 udp 和 tcp 服务器。 - type : udp_server args : entry : sequence listen : :53 - type : tcp_server args : entry : sequence listen : :53
 
推荐文章
高大的茄子  ·  C/C++ 下载安装及环境变量配置_path变量如何加入c安装目录-CSDN博客
10 月前
精明的大海  ·  云托管python如何安装包,例如Numpy? | 微信开放社区
1 年前
很酷的跑步机  ·  python数据可视化开发(2):pandas读取Excel的数据格式处理(数据读取、指定列数据、DataFrame转json、数学运算、透视表运算输出)-阿里云开发者社区
1 年前
开朗的烈酒  ·  vue.js - vuex: unknown action type -> Vue 3 with Typescript - Stack Overflow
1 年前
小眼睛的羊肉串  ·  linux----gdb调试记录(指针的指针) - Brickert - 博客园
2 年前
今天看啥   ·   Py中国   ·   codingpro   ·   小百科   ·   link之家   ·   卧龙AI搜索
删除内容请联系邮箱 2879853325@qq.com
Code - 代码工具平台
© 2024 ~ 沪ICP备11025650号