首先感谢大佬的付出，从v3就开始用，真的非常不错，感谢！

Question

首先感谢大佬的付出，从v3就开始用，真的非常不错，感谢！

zhh01jd920 opened this issue 9 months ago · comments

这个配置可以实现：
1.国内域名（已知和未知）用国内DNS解析，直连
2.国外域名（已经和未知）用国外DNS解析，走代理访问（ipset方式）

log:
  level: info

plugins:
  # 缓存
  - tag: cache
    type: cache
    args:
      size: 10240
      lazy_cache_ttl: 86400

  # 重定向域名
  - tag: redirect
    type: redirect
    args:
      rules:
        - www.cnbeta.com www.cnbeta.com.cdn.cloudflare.net

  # 转发至国内DNS，并发查询
  - tag: forward_local
    type: forward
    args:
      concurrent: 2
      upstreams:
        - addr: udp://119.29.29.29
        - addr: udp://223.5.5.5

  # 转发至国外DNS，并发查询
  - tag: forward_remote
    type: forward
    args:
      concurrent: 2
      upstreams:
        - addr: tcp://8.8.8.8
        - addr: tcp://1.1.1.1

  # 自定义hosts
  - tag: hosts
    type: hosts
    args:
      files:
        - "/etc/mosdns/hosts"

  # china ip和自己的vps ip
  - tag: local_ip
    type: ip_set
    args:
      files:
        - /etc/mosdns/china_ip_list.txt
        - /etc/mosdns/myvpsip.txt

  # fallback的primary服务器,返回非国内ip则drop_resp
  - tag: local_sequence
    type: sequence
    args:
      - exec: $forward_local
      - matches: "!resp_ip $local_ip"
        exec: accept
      - exec: drop_resp

  # fallback的secondary服务器,返回非国内ip则添加至ipset,返回国内ip只接受不会添加ipset
  - tag: remote_sequence
    type: sequence
    args:
      - exec: $forward_remote
      - matches: "!resp_ip $local_ip"
        exec: ipset gfwlist,inet,24
      - exec: accept

  # fallback sequence
  - tag: fallback
    type: fallback
    args:
      primary: local_sequence
      secondary: remote_sequence
      threshold: 500
      always_standby: true

  # gfwlist解析出的ip添加至ipset，添加前先判断是否为国内ip或内网ip
  - tag: gfw-list
    type: sequence
    args:
      - exec: ttl 300-3600
      - matches: "!resp_ip $local_ip"
        exec: ipset gfwlist,inet,24
      - exec: accept

  # 主运行序列
  - tag: main_sequence
    type: sequence
    args:
      - exec: $hosts
      - matches: has_resp
        exec: accept
      
      - matches: qtype 65
        exec: reject 3

      - matches: qname &/etc/mosdns/reject-list.txt &/etc/mosdns/my-reject-list.txt
        exec: reject

      - exec: prefer_ipv4

      - exec: $redirect

      # 动态域名跳过缓存
      - matches: "!qname 00006801.com"
        exec: $cache
      - matches: has_resp
        exec: accept

      - matches: qname &/etc/mosdns/direct-list.txt
        exec: $forward_local
      - matches: has_resp
        exec: accept

      - matches: qname &/etc/mosdns/proxy-list.txt
        exec: $forward_remote
      - matches: has_resp
        exec: goto gfw-list

      - exec: $fallback


  # 启动监听服务
  - tag: udp_server
    type: udp_server
    args:
      entry: main_sequence
      listen: :53

  - tag: tcp_server
    type: tcp_server
    args:
      entry: main_sequence
      listen: :53

Originally posted by @PHCSJC in #605