819576c450
Some checks failed
Test mosdns / build (push) Has been cancelled
1. 增强 mikrotik_addresslist 插件 新增 domain_files 参数支持 自动域名匹配功能 保持原有所有功能不变 向后兼容,不影响现有用法 2. 核心功能实现 GFW 域名分流:gfwlist.out.txt 仅用于分流,不写入任何设备 多设备支持:a.txt → 设备A,b.txt → 设备B 自动匹配:插件自动检查域名是否在其域名文件中 性能优化:内存缓存、异步处理、智能跳过 3. 配置大幅简化 从 ~60 行复杂配置减少到 ~15 行 不需要手动定义 domain_set 不需要复杂的 sequence 逻辑 添加新设备只需要几行配置
244 lines
6.2 KiB
YAML
244 lines
6.2 KiB
YAML
# ============================================
|
||
# MosDNS v5 最终优化配置
|
||
# 基于增强的 mikrotik_addresslist 插件
|
||
# ============================================
|
||
|
||
log:
|
||
level: info
|
||
|
||
# 管理 API
|
||
api:
|
||
http: "0.0.0.0:5535"
|
||
|
||
plugins:
|
||
# ========= 基础组件 =========
|
||
|
||
# GFW 域名列表(仅用于分流,不写入设备)
|
||
- tag: GFW_domains
|
||
type: domain_set
|
||
args:
|
||
files:
|
||
- "/usr/local/jinlingma/config/gfwlist.out.txt"
|
||
|
||
# 中国大陆 IP 列表
|
||
- tag: geoip_cn
|
||
type: ip_set
|
||
args:
|
||
files:
|
||
- "/usr/local/jinlingma/config/cn.txt"
|
||
|
||
# 缓存
|
||
- tag: cache
|
||
type: cache
|
||
args:
|
||
size: 32768
|
||
lazy_cache_ttl: 43200
|
||
|
||
# ========= 上游 DNS 定义 =========
|
||
|
||
# 国内 DNS
|
||
- tag: china-dns
|
||
type: forward
|
||
args:
|
||
concurrent: 6
|
||
upstreams:
|
||
- addr: "udp://202.96.128.86"
|
||
- addr: "udp://202.96.128.166"
|
||
- addr: "udp://119.29.29.29"
|
||
- addr: "udp://223.5.5.5"
|
||
- addr: "udp://114.114.114.114"
|
||
- addr: "udp://180.76.76.76"
|
||
|
||
# 国外 DNS(DoT)
|
||
- tag: overseas-dns
|
||
type: forward
|
||
args:
|
||
concurrent: 4
|
||
upstreams:
|
||
- addr: "tls://1dot1dot1dot1.cloudflare-dns.com"
|
||
dial_addr: "1.1.1.1"
|
||
enable_pipeline: true
|
||
- addr: "tls://1dot1dot1dot1.cloudflare-dns.com"
|
||
dial_addr: "1.0.0.1"
|
||
enable_pipeline: true
|
||
- addr: "tls://dns.google"
|
||
dial_addr: "8.8.8.8"
|
||
enable_pipeline: true
|
||
- addr: "tls://dns.google"
|
||
dial_addr: "8.8.4.4"
|
||
enable_pipeline: true
|
||
|
||
# fallback 封装
|
||
- tag: forward_local
|
||
type: fallback
|
||
args:
|
||
primary: china-dns
|
||
secondary: china-dns
|
||
threshold: 500
|
||
always_standby: true
|
||
|
||
- tag: forward_remote
|
||
type: fallback
|
||
args:
|
||
primary: overseas-dns
|
||
secondary: overseas-dns
|
||
threshold: 500
|
||
always_standby: true
|
||
|
||
# 便捷封装:国内/国外
|
||
- tag: forward_local_upstream
|
||
type: sequence
|
||
args:
|
||
- exec: prefer_ipv4
|
||
- exec: query_summary forward_local
|
||
- exec: $forward_local
|
||
|
||
- tag: forward_remote_upstream
|
||
type: sequence
|
||
args:
|
||
- exec: prefer_ipv4
|
||
- exec: query_summary forward_remote
|
||
- exec: $forward_remote
|
||
|
||
# ========= 🚀 增强的 MikroTik 插件(支持多设备多规则)=========
|
||
|
||
# 设备 A:Amazon 相关域名
|
||
- tag: mikrotik_amazon
|
||
type: mikrotik_addresslist
|
||
domain_files:
|
||
- "/usr/local/jinlingma/config/amazon.txt"
|
||
- "/usr/local/jinlingma/config/aws.txt"
|
||
args:
|
||
host: "10.96.1.22"
|
||
port: 9728
|
||
username: "admin"
|
||
password: "szn0s!nw@pwd()"
|
||
use_tls: false
|
||
timeout: 3
|
||
address_list4: "Amazon"
|
||
address_list6: "Amazon6"
|
||
mask4: 24 # 使用/24网段,减少条目数量
|
||
mask6: 64
|
||
comment: "Amazon-AutoAdd"
|
||
timeout_addr: 43200 # 12小时
|
||
cache_ttl: 3600 # 1小时缓存
|
||
verify_add: false # 关闭验证,提升性能
|
||
add_all_ips: true # 添加所有IP
|
||
max_ips: 20 # 限制每域名最多20个IP
|
||
|
||
# 设备 B:Google 相关域名
|
||
- tag: mikrotik_google
|
||
type: mikrotik_addresslist
|
||
domain_files:
|
||
- "/usr/local/jinlingma/config/google.txt"
|
||
- "/usr/local/jinlingma/config/youtube.txt"
|
||
args:
|
||
host: "10.96.1.23"
|
||
port: 9728
|
||
username: "admin"
|
||
password: "szn0s!nw@pwd()"
|
||
use_tls: false
|
||
timeout: 3
|
||
address_list4: "Google"
|
||
mask4: 32 # 精确匹配单个IP
|
||
comment: "Google-AutoAdd"
|
||
timeout_addr: 21600 # 6小时
|
||
cache_ttl: 1800 # 30分钟缓存
|
||
verify_add: false
|
||
add_all_ips: true
|
||
max_ips: 15
|
||
|
||
# 设备 C:流媒体相关域名
|
||
- tag: mikrotik_streaming
|
||
type: mikrotik_addresslist
|
||
domain_files:
|
||
- "/usr/local/jinlingma/config/netflix.txt"
|
||
- "/usr/local/jinlingma/config/disney.txt"
|
||
args:
|
||
host: "10.96.1.24"
|
||
port: 9728
|
||
username: "admin"
|
||
password: "szn0s!nw@pwd()"
|
||
use_tls: false
|
||
timeout: 5 # 流媒体可能需要更长时间
|
||
address_list4: "Streaming"
|
||
mask4: 32
|
||
comment: "Streaming-AutoAdd"
|
||
timeout_addr: 21600 # 6小时(流媒体IP变化较频繁)
|
||
cache_ttl: 1800 # 30分钟缓存
|
||
verify_add: false
|
||
add_all_ips: true
|
||
max_ips: 30 # 流媒体服务IP较多
|
||
|
||
# ========= 查询逻辑 =========
|
||
|
||
# 检查是否有响应
|
||
- tag: has_resp_sequence
|
||
type: sequence
|
||
args:
|
||
- matches: has_resp
|
||
exec: accept
|
||
|
||
# 拒绝无效查询
|
||
- tag: reject_invalid
|
||
type: sequence
|
||
args:
|
||
- matches: qtype 65
|
||
exec: reject 3
|
||
|
||
# GFW 域名分流(仅解析,不写入设备)
|
||
- tag: gfw_routing_only
|
||
type: sequence
|
||
args:
|
||
- matches: qname $GFW_domains
|
||
exec: $forward_remote_upstream
|
||
- exec: query_summary gfw_overseas_routing
|
||
|
||
# 智能 fallback 处理
|
||
- tag: smart_fallback_handler
|
||
type: sequence
|
||
args:
|
||
- exec: prefer_ipv4
|
||
- exec: $forward_local_upstream
|
||
- matches: resp_ip $geoip_cn
|
||
exec: accept
|
||
- exec: $forward_remote_upstream
|
||
- exec: query_summary fallback_to_overseas
|
||
|
||
# 🚀 主序列(极简版)
|
||
- tag: main_sequence
|
||
type: sequence
|
||
args:
|
||
# 1. 缓存检查
|
||
- exec: $cache
|
||
|
||
# 2. 拒绝无效查询
|
||
- exec: $reject_invalid
|
||
- exec: jump has_resp_sequence
|
||
|
||
# 3. GFW 域名分流(仅解析)
|
||
- exec: $gfw_routing_only
|
||
- exec: jump has_resp_sequence
|
||
|
||
# 4. 智能 fallback
|
||
- exec: $smart_fallback_handler
|
||
- exec: jump has_resp_sequence
|
||
|
||
# 5. 🚀 MikroTik 设备处理(每个插件自动匹配域名)
|
||
- exec: $mikrotik_amazon # 自动处理 Amazon 域名
|
||
- exec: $mikrotik_google # 自动处理 Google 域名
|
||
- exec: $mikrotik_streaming # 自动处理流媒体域名
|
||
|
||
# ========= 服务监听 =========
|
||
- tag: udp_server
|
||
type: udp_server
|
||
args:
|
||
entry: main_sequence
|
||
listen: ":5322"
|
||
|
||
- tag: tcp_server
|
||
type: tcp_server
|
||
args:
|
||
entry: main_sequence
|
||
listen: ":5322"
|