diff options
author | txyyh | 2022-08-06 23:53:17 +0800 |
---|---|---|
committer | txyyh | 2022-08-07 00:19:45 +0800 |
commit | 3e686f8fb77a1062c7cc2cc1725c7cbab1ad1d4e (patch) | |
tree | ae248d0c52debd0b9dfabe52e8f771d03ce1037e /config.yaml | |
download | aur-3e686f8fb77a1062c7cc2cc1725c7cbab1ad1d4e.tar.gz |
Initial commit
Diffstat (limited to 'config.yaml')
-rw-r--r-- | config.yaml | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/config.yaml b/config.yaml new file mode 100644 index 000000000000..4b69b9b7d5cb --- /dev/null +++ b/config.yaml @@ -0,0 +1,73 @@ +# ipv6: false # When set to false, resolver won't translate hostnames to IPv6 addresses +# tcp-concurrent: true # default false +# geodata-mode: true +# external-controller: 127.0.0.1:9090 +# external-ui: dashboard +# secret: '' +log-level: info + + +dns: + enable: true + # listen: 0.0.0.0:53 + # ipv6: false # when the false, response to AAAA questions will be empty + + # These nameservers are used to resolve the DNS nameserver hostnames below. + # Specify IP addresses only + enhanced-mode: fake-ip # redir-host # (not recommended) + # fake-ip-range: 198.18.0.1/16 # Fake IP addresses pool CIDR + # use-hosts: true # lookup hosts and return IP record + + # Hostnames in this list will not be resolved with fake IPs + # i.e. questions to these domain names will always be answered with their + # real IP addresses + # fake-ip-filter: + # - '*.lan' + # - localhost.ptlogin2.qq.com + + # Supports UDP, TCP, DoT, DoH. You can specify the port to connect to. + # All DNS questions are sent directly to the nameserver, without proxies + # involved. Clash answers the DNS question with the first result gathered. + nameserver: + - tls://1dot1dot1dot1.cloudflare-dns.com # DNS over TLS + - https://1.1.1.1/dns-query # DNS over HTTPS + - 1.1.1.1 # Cloudflare + - 1.0.0.1 # Cloudflare + + # When `fallback` is present, the DNS server will send concurrent requests + # to the servers in this section along with servers in `nameservers`. + # The answers from fallback servers are used when the GEOIP country + # is not `CN`. + # fallback: + # - tcp://1.1.1.1 + + # If IP addresses resolved with servers in `nameservers` are in the specified + # subnets below, they are considered invalid and results from `fallback` + # servers are used instead. + # + # IP address resolved with servers in `nameserver` is used when + # `fallback-filter.geoip` is true and when GEOIP of the IP address is `CN`. + # + # If `fallback-filter.geoip` is false, results from `nameserver` nameservers + # are always used if not match `fallback-filter.ipcidr`. + # + # This is a countermeasure against DNS pollution attacks. + # fallback-filter: + # geoip: true + # ipcidr: + # - 240.0.0.0/4 + # domain: + # - '+.google.com' + # - '+.facebook.com' + # - '+.youtube.com' + +# Enable the TUN listener +tun: + enable: true + stack: system # or gvisor + device: Meta + dns-hijack: + - any:53 + auto-route: true # auto set global route + auto-detect-interface: true # conflict with interface-name + |