blob: 95e99066f6942fc7931a38a48b1a3b89aef71fed (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
# Each commented option contains the default value.
[dns]
# Listening address of the resolver.
#
# listen = "127.0.0.1:53000"
# Listening protocol. The only supported one is "udp".
#
# protocol = "udp"
# Maximum number of entries to keep in the DNS cache. The cache discards older
# entries once the number of entries exceeds this size.
#
# cache_size = 4096
# Cache pre-fetching.
#
# If enabled, cached entries will be re-resolved asynchronously. Note that this
# may lead to slightly stale entries, but cached requests will never block
# waiting for the upstream resolver.
#
# cache_prefetch = false
# Cache persistence.
#
# If enabled, cache contents is periodically written to disk. The persisted
# content will then be used to pre-populate the cache on startup.
#
# cache_persist = false
# Upstream DNS servers to use when answering queries.
#
# The default is Cloudflare DNS servers, which support DNS-over-TLS.
# https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/
#
# resolvers = [
# "1.1.1.1:853",
# "1.0.0.1:853",
# ]
#
# Or using DNS-over-HTTPS:
#
# resolvers = [
# "https://cloudflare-dns.com/dns-query",
# ]
# Configure how to answer hijacked DNS requests.
#
# zero: Respond with the IPv4 zero address (0.0.0.0) to type A requests.
# Respond with the IPv6 zero address (::) to type AAAA requests.
# empty: Respond with an empty answer to all hijacked requests.
# hosts: Respond with the corresponding inline host, if any.
#
# hijack_mode = "zero"
# Configures the interval when each remote hosts list should be refreshed.
#
# hosts_refresh_interval = "48h"
# Path to the database. This is used for persistence, such as logging of DNS requests.
#
# database = ""
# Set logging mode. The option log_database must be set when setting this to
# non-empty.
#
# all: Logs all requests.
# hijacked: Logs only hijacked requests
# empty string: Log nothing (default).
#
# log_mode = ""
# Configure the duration of logged requests. Log entries older than this will be
# removed.
#
# log_ttl = "168h"
# HTTP server for inspecting logs and cache. Setting a listening address on the
# form addr:port will enable the server. Set to empty string to disable.
#
# listen_http = "127.0.0.1:8053"
[resolver]
# Set the protocol to use when sending requests to upstream resolvers. Supported protocols:
#
# tcp-tls: DNS over TLS (encrypted). Note that the upstream resolver must
# support this protocol.
# https: DNS over HTTPS (encrypted). Only recommended for networks where tcp-tls
# does not work, due to e.g. aggressive firewalls. Note that the upstream
# resolver must support this protocol.
# udp: DNS over UDP (plaintext).
# tcp: DNS over TCP (plaintext).
#
# protocol = "tcp-tls"
# Set the maximum timeout of a DNS request.
#
# timeout = "5s"
# Answer queries from static hosts files. There are no default values for the
# following examples.
#
# Load hosts from an URL. The hijack option can be one of:
#
# true: Matching requests will be answered according to hijack_mode.
# false: Matching requests will never be hijacked. This can be used to
# whitelist particular hosts as shown in the example below.
#
# [[hosts]]
# url = "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"
# hijack = true
# timeout = "5s"
# Load hosts from a local file.
#
# [[hosts]]
# url = "file:///home/foo/myhosts.txt"
# hijack = true
# Inline hosts list. Useful for blocking or whitelisting a small set of hosts.
#
# [[hosts]]
# entries = [
# # Unblock the following to avoid breaking video watching history
# "0.0.0.0 s.youtube.com",
# ]
# hijack = false
|
