Created
September 1, 2022 03:36
-
-
Save satifanie/7c5453dfb6185ddfe3218aaf01106d6a to your computer and use it in GitHub Desktop.
mosdns的配置文件备份。其中,
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# docker run -d \ | |
# --name mosdns \ | |
# --net=host \ | |
# -v /opt/etc/mosdns:/etc/mosdns \ | |
# --restart=always \ | |
# irinesistiana/mosdns:latest | |
# 可参考改进版本:https://gist.github.com/satifanie/2a3b2d89bdcc56b79e8301fe2afc587e | |
# cat > /root/auto_update_geoxx.sh << EOF | |
# #!/bin/sh | |
# wget --no-check-certificate https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat -O /opt/etc/mosdns/geosite.dat | |
# wget --no-check-certificate https://raw.githubusercontent.com/Loyalsoldier/geoip/release/geoip-only-cn-private.dat -O /opt/etc/mosdns/geoip-only-cn-private.dat | |
# docker restart mosdns | |
# EOF | |
# chmod +x /root/auto_update_geoxx.sh | |
# OpenWrt在计划任务里添加下面这行即可 | |
# 33 3 * * * /root/auto_update_geoxx.sh | |
# OpenWRT DHCP 设置 | |
# 安装完成之后我们需要对OpenWrt进行一些简单的配置 | |
# 网络 - DHCP/DNS - 基本设置 - DNS转发设置为127.0.0.1#5335 | |
# 网络 - DHCP/DNS - HOSTS和解析文件 - 勾选忽略解析文件 | |
# 网络 - DHCP/DNS - 高级设置 - DNS 查询缓存的大小设置为0 | |
## 部分插件的设置 | |
# 最后只需简单设置一下SSRP/Passwall/HelloWorld就完成了。 | |
# # OpenClash 设置不走代理域名、强制走代理域名 | |
# 以SSRP/HelloWorld为例,只要把DNS解析方式使用本机端口为5335的DNS服务 | |
# Passwall的话可以使用不过滤模式,如果需要分流可以用自定义DNS,同样的端口需要设置为5335 | |
#此文件需要命名为 config.yaml | |
log: | |
level: error | |
file: "/etc/mosdns/mosdns.log" | |
data_providers: | |
- tag: geosite | |
file: ./geosite.dat | |
auto_reload: true | |
- tag: geoip | |
file: ./geoip-only-cn-private.dat | |
auto_reload: true | |
plugins: | |
# 缓存 | |
- tag: cache | |
type: cache | |
args: | |
size: 4096 | |
lazy_cache_ttl: 86400 | |
lazy_cache_reply_ttl: 30 | |
## use redis as the backend cache | |
# redis: 'redis://localhost:6379/0' | |
# redis_timeout: 50 | |
# 转发至本地服务器的插件 | |
- tag: forward_local | |
type: fast_forward | |
args: | |
upstream: | |
- addr: tls://120.53.53.53:853 | |
enable_pipeline: true | |
- addr: tls://223.6.6.6:853 | |
idle_timeout: 8 | |
trusted: true | |
# 转发至远程服务器的插件 | |
- tag: forward_remote | |
type: fast_forward | |
args: | |
upstream: | |
- addr: "tls://8.8.8.8:853" | |
socks5: 127.0.0.1:7891 | |
enable_pipeline: true # 支持TCP/DoT,即tcp或者tls开头的 | |
- addr: tls://208.67.220.220:853 | |
socks5: 127.0.0.1:7891 | |
enable_pipeline: true | |
trusted: true | |
# - addr: tls://208.67.220.220:853 | |
# enable_pipeline: true | |
# - addr: "https://cloudflare-dns.com/dns-query" | |
# dial_addr: "1.1.1.1:443" | |
# idle_timeout: 30 | |
# trusted: true | |
# - addr: "https://dns.google/dns-query" | |
# dial_addr: "8.8.8.8:443" | |
# idle_timeout: 30 | |
# trusted: true | |
# 匹配本地域名的插件 | |
- tag: query_is_local_domain | |
type: query_matcher | |
args: | |
domain: | |
- 'provider:geosite:apple-cn' | |
- 'provider:geosite:cn' | |
# 匹配非本地域名的插件 | |
- tag: query_is_non_local_domain | |
type: query_matcher | |
args: | |
domain: | |
- 'provider:geosite:geolocation-!cn' | |
# 匹配广告域名的插件 | |
- tag: query_is_ad_domain | |
type: query_matcher | |
args: | |
domain: | |
- 'provider:geosite:category-ads-all' | |
# 匹配本地 IP 的插件 | |
- tag: response_has_local_ip | |
type: response_matcher | |
args: | |
ip: | |
- 'provider:geoip:cn' | |
- tag: "hosts" | |
type: "hosts" | |
args: | |
hosts: | |
- "abcdefghijklm00a.com 108.177.122.113" # 可以是一条记录 | |
#- "provider:hosts" # 可以是由 data-provider 提供的外部数据,格式 "provider:tag"。 | |
# 主要的运行逻辑插件 | |
# sequence 插件中调用的插件 tag 必须在 sequence 前定义, | |
# 否则 sequence 找不到对应插件。 | |
- tag: main_sequence | |
type: sequence | |
args: | |
exec: | |
# 删除ECS | |
- _no_ecs | |
# 缓存 | |
- cache | |
# 屏蔽广告域名 | |
- if: query_is_ad_domain | |
exec: | |
- _new_nxdomain_response | |
- _return | |
# 已知的本地域名用本地服务器解析 | |
- if: query_is_local_domain | |
exec: | |
- forward_local | |
- _return | |
# 已知的非本地域名用远程服务器解析 | |
- if: query_is_non_local_domain | |
exec: | |
- _prefer_ipv4 | |
- forward_remote | |
- _return | |
# 剩下的未知域名用 IP 分流。 | |
# 这里借助了 `fallback` 工作机制。分流原理请参考 `fallback` | |
# 的工作流程。 | |
# primary 从本地服务器获取应答,丢弃非本地 IP 的结果。 | |
- primary: | |
- forward_local | |
- if: "(! response_has_local_ip) && [_response_valid_answer]" | |
exec: | |
- _drop_response | |
# secondary 从远程服务器获取应答。 | |
secondary: | |
- _prefer_ipv4 | |
- forward_remote | |
# 这里建议设置成 local 服务器正常延时的 2~5 倍。 | |
# 这个延时保证了 local 延时偶尔变高时,其结果不会被 remote 抢答。 | |
# 如果 local 超过这个延时还没响应,可以假设 local 出现了问题。 | |
# 这时用就采用 remote 的应答。单位: 毫秒。 | |
fast_fallback: 200 | |
servers: | |
- exec: main_sequence | |
listeners: | |
- protocol: udp | |
addr: 0.0.0.0:5335 | |
- protocol: tcp | |
addr: 0.0.0.0:5335 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment