# ============================================ # MosDNS v5 完整配置:中英文注释版 # ============================================ log: level: info # 可选: debug/info/warn/error # 管理 API(可用于调试、监控) api: http: "0.0.0.0:5535" # 引入上游 DNS 配置文件(在 dns.yaml 中) include: ['/opt/mosdns/dns.yaml'] plugins: # ====================== # 域名/IP 匹配规则 # ====================== # GFW 域名列表(如 google.com) - tag: GFW_domains type: domain_set args: files: - "/opt/mosdns/config/geosite_tiktok.txt" - "/opt/mosdns/config/gfwlist.out.txt" # Amazon 域名列表(如 amazon.com) - tag: amazon_domains type: domain_set args: files: - "/opt/mosdns/config/geosite_amazon.txt" - "/opt/mosdns/config/geosite_amazon-ads.txt" - "/opt/mosdns/config/geosite_amazontrust.txt" - "/opt/mosdns/config/amazon.txt" # 中国大陆常用域名(如 .cn / baidu.com) - tag: CN_domains type: domain_set args: files: - "/opt/mosdns/config/domains.txt" # 中国大陆 IP 列表 - tag: geoip_cn type: ip_set args: files: - "/opt/mosdns/config/cn.txt" # ====================== # 缓存模块 # ====================== - tag: cache type: cache args: size: 32768 # 最大缓存条目数 lazy_cache_ttl: 43200 # 默认缓存 TTL(秒) # ====================== # 上游 DNS 定义 # ====================== # 国内 DNS fallback 模式 - tag: forward_local type: fallback args: primary: cn-dns secondary: cn-dns threshold: 500 always_standby: true # 国外 DNS fallback 模式 - tag: forward_remote type: fallback args: primary: jp-dns secondary: jp-dns threshold: 500 always_standby: true # 封装调用国内 DNS - tag: forward_local_upstream type: sequence args: - exec: prefer_ipv4 - exec: query_summary forward_local - exec: $forward_local # 封装调用国外 DNS - tag: forward_remote_upstream type: sequence args: - exec: prefer_ipv4 - exec: query_summary forward_remote - exec: $forward_remote # 如果已有响应,直接返回 - tag: has_resp_sequence type: sequence args: - matches: has_resp exec: accept # ====================== # 查询逻辑 # ====================== # 拒绝无效查询(如 HTTPS 记录) - tag: query_is_reject_domain type: sequence args: - matches: qtype 65 exec: reject 3 # GFW 域名:强制走国外 DNS - tag: query_is_foreign_domain type: sequence args: - matches: qname $GFW_domains exec: $forward_remote_upstream - exec: query_summary gfw_domain # 国内域名:强制走国内 DNS - tag: query_is_cn_domain type: sequence args: - matches: qname $CN_domains exec: $forward_local_upstream - exec: query_summary cn_domain # Amazon 域名:走国外 DNS 并添加到 MikroTik - tag: query_is_amazon_domain type: sequence args: - matches: qname $amazon_domains exec: $forward_remote_upstream - exec: $mikrotik_amazon - exec: query_summary amazon_domain # 未知域名处理逻辑: # 先查国内 DNS → 如果返回非 CN IP ⇒ fallback 到国外 - tag: query_unknown_fallback type: sequence args: - exec: prefer_ipv4 - exec: $forward_local - matches: resp_ip $geoip_cn exec: accept - exec: $forward_remote_upstream - exec: query_summary fallback_to_remote # ====================== # 主查询处理流程 # ====================== - tag: main_sequence type: sequence args: - exec: $cache # 首先查缓存 - exec: $query_is_reject_domain - exec: jump has_resp_sequence - exec: $query_is_foreign_domain # gfwlist - exec: jump has_resp_sequence - exec: $query_is_cn_domain # 国内域名 - exec: jump has_resp_sequence - exec: $query_is_amazon_domain # Amazon 域名(走国外 DNS + 添加到 MikroTik) - exec: jump has_resp_sequence - exec: $query_unknown_fallback # 其他未知域名 fallback 流程 - exec: jump has_resp_sequence # ====================== # 服务监听 # ====================== # UDP 监听 - tag: udp_server type: udp_server args: entry: main_sequence listen: ":5300" # TCP 监听 - tag: tcp_server type: tcp_server args: entry: main_sequence listen: ":5300"