首先感谢大佬的付出,从v3就开始用,真的非常不错,感谢!
zhh01jd920 opened this issue · comments
hui qing zhou commented
首先感谢大佬的付出,从v3就开始用,真的非常不错,感谢!
这个配置可以实现:
1.国内域名(已知和未知)用国内DNS解析,直连
2.国外域名(已经和未知)用国外DNS解析,走代理访问(ipset方式)
log:
level: info
plugins:
# 缓存
- tag: cache
type: cache
args:
size: 10240
lazy_cache_ttl: 86400
# 重定向域名
- tag: redirect
type: redirect
args:
rules:
- www.cnbeta.com www.cnbeta.com.cdn.cloudflare.net
# 转发至国内DNS,并发查询
- tag: forward_local
type: forward
args:
concurrent: 2
upstreams:
- addr: udp://119.29.29.29
- addr: udp://223.5.5.5
# 转发至国外DNS,并发查询
- tag: forward_remote
type: forward
args:
concurrent: 2
upstreams:
- addr: tcp://8.8.8.8
- addr: tcp://1.1.1.1
# 自定义hosts
- tag: hosts
type: hosts
args:
files:
- "/etc/mosdns/hosts"
# china ip和自己的vps ip
- tag: local_ip
type: ip_set
args:
files:
- /etc/mosdns/china_ip_list.txt
- /etc/mosdns/myvpsip.txt
# fallback的primary服务器,返回非国内ip则drop_resp
- tag: local_sequence
type: sequence
args:
- exec: $forward_local
- matches: "!resp_ip $local_ip"
exec: accept
- exec: drop_resp
# fallback的secondary服务器,返回非国内ip则添加至ipset,返回国内ip只接受不会添加ipset
- tag: remote_sequence
type: sequence
args:
- exec: $forward_remote
- matches: "!resp_ip $local_ip"
exec: ipset gfwlist,inet,24
- exec: accept
# fallback sequence
- tag: fallback
type: fallback
args:
primary: local_sequence
secondary: remote_sequence
threshold: 500
always_standby: true
# gfwlist解析出的ip添加至ipset,添加前先判断是否为国内ip或内网ip
- tag: gfw-list
type: sequence
args:
- exec: ttl 300-3600
- matches: "!resp_ip $local_ip"
exec: ipset gfwlist,inet,24
- exec: accept
# 主运行序列
- tag: main_sequence
type: sequence
args:
- exec: $hosts
- matches: has_resp
exec: accept
- matches: qtype 65
exec: reject 3
- matches: qname &/etc/mosdns/reject-list.txt &/etc/mosdns/my-reject-list.txt
exec: reject
- exec: prefer_ipv4
- exec: $redirect
# 动态域名跳过缓存
- matches: "!qname 00006801.com"
exec: $cache
- matches: has_resp
exec: accept
- matches: qname &/etc/mosdns/direct-list.txt
exec: $forward_local
- matches: has_resp
exec: accept
- matches: qname &/etc/mosdns/proxy-list.txt
exec: $forward_remote
- matches: has_resp
exec: goto gfw-list
- exec: $fallback
# 启动监听服务
- tag: udp_server
type: udp_server
args:
entry: main_sequence
listen: :53
- tag: tcp_server
type: tcp_server
args:
entry: main_sequence
listen: :53