# Each commented option contains the default value. [dns] # Listening address of the resolver. # # listen = "127.0.0.1:53000" # Listening protocol. The only supported one is "udp". # # protocol = "udp" # Maxium number of entries to keep in the DNS cache. The cache discards older # entries once the number of entries exceeds this size. # # cache_size = 4096 # # Configures the interval when expired entries should be removed from the cache. # TTLs are always respected, regardless of this value. # # cache_expiry_interval = "1m" # Upstream DNS servers to use when answering queries. # # The default is Cloudflare DNS servers, which support DNS-over-TLS. # https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/ # # resolvers = [ # "1.1.1.1:853", # "1.0.0.1:853", # ] # Configure how to answer hijacked DNS requests. # # zero: Respond with the IPv4 zero address (0.0.0.0) to type A requests. # Respond with the IPv6 zero address (::) to type AAAA requests. # empty: Respond with an empty answer to all hijacked requests. # hosts: Respond with the corresponding inline host, if any. # # hijack_mode = "zero" # Configures the interval when each remote hosts list should be refreshed. # # hosts_refresh_interval = "24h" # Path to the log database. Configuring a path here will enable logging of DNS # requests to a SQLite database. # # log_database = "" # Enable request logging. The option log_database must be set when enabling # this. # # all: Logs all requests. # hijacked: Logs only hijacked requests # empty string: Log nothing (default). # # log_mode = "" # HTTP server for inspecting logs and cache. Setting a listening address on the # form addr:port will enable the server. # # listen_http = "127.0.0.1:8053" [resolver] # Set the protocol to use when sending requests to upstream resolvers. Support protocols: # # tcp-tls: Use encrypted protocol (DNS-over-TLS). Note that the configured upstream resolvers must support this protocol. # udp: Plain DNS over UDP. # tcp: Plain DNS over TCP. # # protocol = "udp" # Set the maximum timeout of a DNS request. # # timeout = "5s" # Answer queries from static hosts files. There are no default values for the # following examples. # # Load hosts from an URL. The hijack option can be one of: # # true: Matching requests will be answered according to hijack_mode. # false: Matching requests will never be hijacked. This can be used to # whitelist particular hosts as shown in the example below. # # [[hosts]] # url = "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" # hijack = true # timeout = "5s" # Load hosts from a local file. # # [[hosts]] # url = "file:///home/foo/myhosts.txt" # hijack = true # Inline hosts list. Useful for blocking or whitelisting a small set of hosts. # # [[hosts]] # entries = [ # # Unblock the following to avoid breaking video watching history # "0.0.0.0 s.youtube.com", # ] # hijack = false