blob: 78e2528de672753781263364fc622650c0dc965a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
plugin:
- tag: log # 日志
type: logger
args:
level: info
- tag: main_server # 启动服务器
type: server
args:
entry: pipeline
max_concurrent_queries: 0
server:
- protocol: udp
addr: 127.0.0.1:53
- protocol: tcp
addr: 127.0.0.1:53
- protocol: udp
addr: "[::1]:53"
- protocol: tcp
addr: "[::1]:53"
################# 可执行插件 ################
- tag: pipeline
type: pipeline
args:
pipe:
- _default_cache # 缓存
- main_sequence # 处理请求的主要执行序列
- tag: main_sequence
type: sequence
args:
exec:
- if:
- match_ad_domain # 处理已知的广告域名
exec:
- _block_with_nxdomain # 屏蔽
goto: _end
- if:
- match_local_domain # 处理已知的本地域名
- _query_type_is_unusual # 和不常见的请求类型
exec:
- forward_local
goto: _end
- if:
- match_non_local_domain # 处理已知的非本地域名
exec:
- forward_remote
goto: _end
- sequence_bypass_local # 分流未知域名。有两种方案:顺序或并行。这是顺序执行。
# - parallel_bypass_local # 如果想用类似 ChinaDNS 的并发分流逻辑。用这个。
- tag: sequence_bypass_local # 顺序执行的分流逻辑
type: sequence
args:
exec:
- forward_local # 先请求转发至本地服务器
- if:
- match_local_ip # 如果应答包含本地 IP
goto: _end # 就直接采用结果
- forward_remote # 否则用远程服务器的结果
- tag: parallel_bypass_local # 并发执行的分流的逻辑
type: parallel
args:
exec:
- - forward_local # 并发请求本地和远程服务器
- if:
- !match_local_ip # 本地服务器返回的非本地 IP 的应答会被丢弃
exec:
- _drop_response
- - forward_remote
- tag: forward_local # 转发至本地服务器的插件
type: forward
args:
upstream:
- addr: https://223.5.5.5/dns-query
- tag: forward_remote # 转发至远程服务器的插件
type: forward
args:
upstream:
- addr: https://dns.google/dns-query
- addr: https://1.0.0.1/dns-query
- addr: https://1.1.1.1/dns-query
- addr: https://2606:4700:4700::1111/dns-query
- addr: https://2606:4700:4700::1001/dns-query
################ 匹配器插件 #################
- tag: match_local_domain # 匹配本地域名的插件
type: domain_matcher
args:
check_cname: false
check_question: true
domain:
- "/usr/share/v2ray/geosite.dat:cn"
- tag: match_non_local_domain # 匹配非本地域名的插件
type: domain_matcher
args:
check_cname: false
check_question: true
domain:
- "/usr/share/v2ray/geosite.dat:geolocation-!cn"
- tag: match_local_ip # 匹配本地 IP的插件
type: ip_matcher
args:
match_client: false
match_response: true
ip:
- "/usr/share/v2ray/geoip.dat:cn"
- tag: match_ad_domain # 匹配广告域名的插件
type: domain_matcher
args:
check_cname: false
check_question: true
domain:
- "/usr/share/v2ray/geosite.dat:category-ads-all"
include: []
|