193 lines
4.6 KiB
YAML
193 lines
4.6 KiB
YAML
# ============================================
|
||
# MosDNS v5 完整配置:中英文注释版
|
||
# ============================================
|
||
|
||
log:
|
||
level: info # 可选: debug/info/warn/error
|
||
|
||
# 管理 API(可用于调试、监控)
|
||
api:
|
||
http: "0.0.0.0:5535"
|
||
|
||
# 引入上游 DNS 配置文件(在 dns.yaml 中)
|
||
include: ['/opt/mosdns/dns.yaml']
|
||
|
||
plugins:
|
||
# ======================
|
||
# 域名/IP 匹配规则
|
||
# ======================
|
||
|
||
# GFW 域名列表(如 google.com)
|
||
- tag: GFW_domains
|
||
type: domain_set
|
||
args:
|
||
files:
|
||
- "/opt/mosdns/config/geosite_tiktok.txt"
|
||
- "/opt/mosdns/config/gfwlist.out.txt"
|
||
|
||
# Amazon 域名列表(如 amazon.com)
|
||
- tag: amazon_domains
|
||
type: domain_set
|
||
args:
|
||
files:
|
||
- "/opt/mosdns/config/geosite_amazon.txt"
|
||
- "/opt/mosdns/config/geosite_amazon-ads.txt"
|
||
- "/opt/mosdns/config/geosite_amazontrust.txt"
|
||
- "/opt/mosdns/config/amazon.txt"
|
||
|
||
# 中国大陆常用域名(如 .cn / baidu.com)
|
||
- tag: CN_domains
|
||
type: domain_set
|
||
args:
|
||
files:
|
||
- "/opt/mosdns/config/domains.txt"
|
||
|
||
# 中国大陆 IP 列表
|
||
- tag: geoip_cn
|
||
type: ip_set
|
||
args:
|
||
files:
|
||
- "/opt/mosdns/config/cn.txt"
|
||
|
||
# ======================
|
||
# 缓存模块
|
||
# ======================
|
||
- tag: cache
|
||
type: cache
|
||
args:
|
||
size: 32768 # 最大缓存条目数
|
||
lazy_cache_ttl: 43200 # 默认缓存 TTL(秒)
|
||
|
||
# ======================
|
||
# 上游 DNS 定义
|
||
# ======================
|
||
|
||
# 国内 DNS fallback 模式
|
||
- tag: forward_local
|
||
type: fallback
|
||
args:
|
||
primary: cn-dns
|
||
secondary: cn-dns
|
||
threshold: 500
|
||
always_standby: true
|
||
|
||
# 国外 DNS fallback 模式
|
||
- tag: forward_remote
|
||
type: fallback
|
||
args:
|
||
primary: jp-dns
|
||
secondary: jp-dns
|
||
threshold: 500
|
||
always_standby: true
|
||
|
||
# 封装调用国内 DNS
|
||
- tag: forward_local_upstream
|
||
type: sequence
|
||
args:
|
||
- exec: prefer_ipv4
|
||
- exec: query_summary forward_local
|
||
- exec: $forward_local
|
||
|
||
# 封装调用国外 DNS
|
||
- tag: forward_remote_upstream
|
||
type: sequence
|
||
args:
|
||
- exec: prefer_ipv4
|
||
- exec: query_summary forward_remote
|
||
- exec: $forward_remote
|
||
|
||
# 如果已有响应,直接返回
|
||
- tag: has_resp_sequence
|
||
type: sequence
|
||
args:
|
||
- matches: has_resp
|
||
exec: accept
|
||
|
||
# ======================
|
||
# 查询逻辑
|
||
# ======================
|
||
|
||
# 拒绝无效查询(如 HTTPS 记录)
|
||
- tag: query_is_reject_domain
|
||
type: sequence
|
||
args:
|
||
- matches: qtype 65
|
||
exec: reject 3
|
||
|
||
# GFW 域名:强制走国外 DNS
|
||
- tag: query_is_foreign_domain
|
||
type: sequence
|
||
args:
|
||
- matches: qname $GFW_domains
|
||
exec: $forward_remote_upstream
|
||
- exec: query_summary gfw_domain
|
||
|
||
# 国内域名:强制走国内 DNS
|
||
- tag: query_is_cn_domain
|
||
type: sequence
|
||
args:
|
||
- matches: qname $CN_domains
|
||
exec: $forward_local_upstream
|
||
- exec: query_summary cn_domain
|
||
|
||
# Amazon 域名:走国外 DNS 并添加到 MikroTik
|
||
- tag: query_is_amazon_domain
|
||
type: sequence
|
||
args:
|
||
- matches: qname $amazon_domains
|
||
exec: $forward_remote_upstream
|
||
- exec: $mikrotik_amazon
|
||
- exec: query_summary amazon_domain
|
||
|
||
# 未知域名处理逻辑:
|
||
# 先查国内 DNS → 如果返回非 CN IP ⇒ fallback 到国外
|
||
- tag: query_unknown_fallback
|
||
type: sequence
|
||
args:
|
||
- exec: prefer_ipv4
|
||
- exec: $forward_local
|
||
- matches: resp_ip $geoip_cn
|
||
exec: accept
|
||
- exec: $forward_remote_upstream
|
||
- exec: query_summary fallback_to_remote
|
||
|
||
# ======================
|
||
# 主查询处理流程
|
||
# ======================
|
||
- tag: main_sequence
|
||
type: sequence
|
||
args:
|
||
- exec: $cache # 首先查缓存
|
||
- exec: $query_is_reject_domain
|
||
- exec: jump has_resp_sequence
|
||
|
||
- exec: $query_is_foreign_domain # gfwlist
|
||
- exec: jump has_resp_sequence
|
||
|
||
- exec: $query_is_cn_domain # 国内域名
|
||
- exec: jump has_resp_sequence
|
||
|
||
- exec: $query_is_amazon_domain # Amazon 域名(走国外 DNS + 添加到 MikroTik)
|
||
- exec: jump has_resp_sequence
|
||
|
||
- exec: $query_unknown_fallback # 其他未知域名 fallback 流程
|
||
- exec: jump has_resp_sequence
|
||
|
||
# ======================
|
||
# 服务监听
|
||
# ======================
|
||
|
||
# UDP 监听
|
||
- tag: udp_server
|
||
type: udp_server
|
||
args:
|
||
entry: main_sequence
|
||
listen: ":5300"
|
||
|
||
# TCP 监听
|
||
- tag: tcp_server
|
||
type: tcp_server
|
||
args:
|
||
entry: main_sequence
|
||
listen: ":5300"
|