forked from yaosj2k/dnsforwarder
-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathdefault.en.config
executable file
·489 lines (440 loc) · 18.8 KB
/
default.en.config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
# Configuration File for dnsforwarder
# This file should be encoded in ANSI
# Comments start with `#'
# Sorry for my poor English
# Writing of Relative Paths:
# Windows:
# `% %' styled relative path, for example `%SYSTEMROOT%\System32\drivers\etc\hosts'.
# In particular,
# `%PROGRAMDIRECTORY%' represents the folder in which the executable file is.
# `%CONFIGFILEDIRECTORY%' represents the folder in which the configuration file is. (since 6.1.3)
#
# Linux:
# `${HOME}' styled relative path, for example `${HOME}/hosts'.
# In particular,
# `${PROGRAMDIRECTORY}' represents the configuration folder, generally it is `/root/.dnsforwarder/'
# but may vary in some other situations.
# You can execute `dnsforwarder -p' to obtain the correct location.
# `%{CONFIGFILEDIRECTORY}' represents the folder in which the configuration file is. (since 6.1.3)
##################################################
#
# Log File
#
##################################################
# LogOn <BOOLEAN>
# Log to file (since 5.0.4)
# `true' or `false'
LogOn false
# LogFileThresholdLength <NUM>
# The threshold length of a single log file (in bytes) (since 5.0.4)
# Once the length of current file exceeds the threshold, logs are rotated
LogFileThresholdLength 102400
# LogFileFolder <PATH>
# Where to save log files (since 5.0.4)
# By default, the location is the folder in which the executable file is (Windows),
# or the configuration folder (Linux)
LogFileFolder
##################################################
#
# Local Interface
#
##################################################
# UDPLocal <IP[:PORT]>,<IP[:PORT]>,...
# Local UDP interfaces being bound (IP[:PORT]-tuples, comma-separated),
# which could contain loopback addresses (127.0.0.1), LAN addresses and internet addresses (since 6.0.0)
# An IPv6 address should be square-bracket-rounded, e.g. [::1]:53 and [fe80::699c:f79a:9bb6:1]:5353
# `[:PORT]' can be ommited, in which case the port number 53 is to be used
#
# Example:
# UDPLocal 127.0.0.1:53,[::1]:53
UDPLocal 127.0.0.1:53
# This version of program cannot bind local TCP interfaces.
##################################################
#
# Response Selection
#
##################################################
#########################
# Server Groups
#########################
# UDPGroup <IP1[:PORT],IP2[:PORT],...> <DOMAIN1,DOMAIN2,...> <on|off>
# Set a group of upstream servers with which UDP protocol is used,
# and specify domains so that queries to these domains are forwarded to these servers (since 6.0.0)
# The first part `<IP1[:PORT],IP2[:PORT],...>' is comma-separated IP[:PORT]-tuples
# which specifies the servers in the group.
# The port number 53 is to be used if `[:PORT]' is ommited
# The second part `<DOMAIN1,DOMAIN2,...>' specifies domains
# that queries to these domains are forwarded to these servers in the group.
# Wildcards(`?',`*') are supported
# The third part `<on|off>' sets whether to use parallel query, either `on' or `off'
# When parallel query is on, every query pertaining to this group is forwarded to
# all the servers in this group. For each query, The fastest non-blocked response would be selected
# and forwarded back to the client, the rest responses would simply be discarded
# Multiple `UDPGroup' statements are allowed
UDPGroup 1.2.4.8:53,114.114.114.114 * on
# TCPGroup <IP1[:PORT],IP2[:PORT],...> <DOMAIN1,DOMAIN2,...> <no|PROXY1[:PORT],PROXY2[:PORT],...>
# Set a group of upstream servers with which TCP protocol is used,
# and specify domains so that queries to these domains are forwarded to these servers (since 6.0.0)
# The first part `<IP1[:PORT],IP2[:PORT],...>' is comma-separated IP[:PORT]-tuples
# which specifies the servers in the group.
# The port number 53 is to be used if `[:PORT]' is ommited
# The second part `<DOMAIN1,DOMAIN2,...>' specifies domains
# that queries to these domains are forwarded to these servers in the group.
# Wildcards(`?',`*') are supported
# The third part `<no|PROXY1[:PORT],PROXY2[:PORT],...>' sets whether to use Socks5 proxy to communicate with servers.
# `no' means do not use any proxy. Otherwise comma-separated PROXY[:PORT]-tuples indicate the proxies to be used,
# the port number 1080 is to be used if `[:PORT]' is ommited
# Multiple `TCPGroup' statements are allowed
#
# Example 1:
# TCPGroup 1.2.4.8:53,114.114.114.114 *.example.com 192.168.50.5:8080,192.168.50.6:8080
# Queries to `*.example.com' are forwarded to 1.2.4.8:53 or 114.114.114.114 over TCP
# through Socks5 proxies 192.168.50.5:8080 or 192.168.50.6:8080
# Example 2:
# TCPGroup 8.8.8.8,114.114.114.114:53 * no
# Queries to `*.example.com' are forwarded to 8.8.8.8 or 114.114.114.114:53 over TCP
# directly(thought no proxy)
TCPGroup
# GroupFile <PATH>
# If you think writing `UDPGroup' or `TCPGroup' is tedious,
# you can write the corresponding rules in a file and import here with this option (since 6.1.3)
# Please consult the following page for the details:https://github.com/holmium/dnsforwarder/wiki/GroupFile-%E7%9A%84%E5%86%99%E6%B3%95-%7C-How-to-write-GroupFiles
# Multiple `GroupFile' statements are allowed
#
# Example 1:
# GroupFile D:\group.txt
#
# Example 2:
# GroupFile /etc/group.txt
GroupFile
# Notes:
# 1.For domains that aren't explicitly specified, a random server group will be chosen.
# 2.For domains specified to more than one server groups, the order of seletion is as follows:
# (1) The matched item without any wildcards.
# If there are still more than one, choose the most matchable one
# (e.g. `ipv6.microsoft.com' is more matchable than `microsoft.com'
# when matching with `teredo.ipv6.microsoft.com').
# If there are more than one most matchable items, choose the last one.
# (2) The matched item with wildcards.
# If there are more than one, the first is chosen.
#
# Other Examples:
# 1. Forward quieries to domains tailed with microsoft.com or office.com to 1.2.4.8 over UDP,
# and quieries to any other domain to 8.8.4.4 over TCP:
# UDPGroup 1.2.4.8 microsoft.com,office.com on
# TCPGroup 8.8.4.4 * no
# The order of these two lines should be maintained
#########################
# Response Selections
#########################
# BlockIP <IP1>,<IP2>,.....
# Ignore DNS responses from servers with these IPs (since 6.0.0)
# An IPv6 address should NOT be square-bracket-rounded
BlockIP 243.185.187.39,46.82.174.68,37.61.54.158,93.46.8.89,59.24.3.173,203.98.7.65,8.7.198.45,78.16.49.15,159.106.121.75
# IPSubstituting <IP1 IP'1>,<IP2 IP'2>,.....
# Replace an IP with another in every response from servers(only IPv4 supported) (since 5.0.1)
# e.g.
# IPSubstituting 127.0.0.1 1.2.0.127
# Which is, replacing 127.0.0.1 with 1.2.0.127 in every response from servers
# This option only affects responses from servers, but not responses from hosts and cache
# Adjacent items should be separated by a comma, or split them to different lines of `IPSubstituting'
IPSubstituting
# BlockNegativeResponse <BOOLEAN>
# Ignore negative responses from upstream servers (since 6.1.1)
# Negative responses are, for example:
# Format Error
# Server Failure
# Non-Existent Domain
# Query Refused
# etc.
# Refer RFC 6895, section `2.3. RCODE Assignment' for more details
# `true' or `false'
BlockNegativeResponse false
#########################
# IP List (only IPv4 supported)
#########################
# Checking lists of IP addresses periodically, and picking up the fastest one for each list
# GoodIPList <NAME> <INTERVAL>
# Define an IP list, where <NAME> is the name which can be referred in host items and
# <INTERVAL> is the interval between successive checkings(of availability of IPs in the list), in milliseconds
# Example:
# GoodIPList list1 60000
# GoodIPListAddIP <LIST_NAME> <IP:PORT>
# Add an IP to an IP list
# Port numbers MUST be assigned
# Example:
# GoodIPListAddIP list1 120.0.0.1:80
#########################
# Hosts
#########################
# Hosts <STRING>
# Load hosts from files(local or remote) (since 5.0.5)
# The path to a local file should begin with `file://',
# and the path to a remote file should begin with `http://' or `https://'
# You can specify multiple hosts files with multiple `Hosts' statements
# Do not surround a path with quotation marks
# Wildcards(`?',`*') are supported
# Hosts files should be in its raw format, but not archive and html
# Hosts files had better be in ANSI
# An IPv6 address in hosts files should not be square-bracket-rounded
#
# Examples:
# Hosts file://C:/Windows/System32/drivers/etc/hosts
# Hosts file:///etc/hosts
# Hosts http://xxx.com/hosts
Hosts
# HostsUpdateInterval <NUM>
# The period between two reloadings of hosts files, in seconds (since 2.2)
# Set to -1 it you don't want to reload
# The default is 18000 if leaved empty
HostsUpdateInterval 18000
# HostsDownloadPath <PATH>
# The path to local hosts cache file (not to a folder) (since 2.2)
# The file may be overwritten without any prompting
# By default, the file is in the folder in which the executable file is (Windows),
# or the configuration folder (Linux), named `hosts.txt'
#
# Examples:
# HostsDownloadPath D:\Temp\hosts.txt
# HostsDownloadPath /var/cache/hosts.txt
HostsDownloadPath
# HostsScript <PATH>
# The script running after caching all the hosts and before loading hosts (since 2.2)
HostsScript
# HostsRetryInterval <NUM>
# The number of seconds waiting before retrying when failed to download hosts (since 2.2.2)
# The default is 30 if leaved empty
HostsRetryInterval 30
# AppendHosts <HOSTS>,<HOSTS>,...
# Manually add a host item (since 2.2.2)
# The writing of a host here is the same as that of in hosts files
# You can specify multiple host items either by separating them by commas
# or use multiple `AppendHosts' statements
# For example:
# AppendHosts 127.0.0.1 123.com,127.0.0.1 456.com,1.2.3.4 foobar.*
# Which is equivalent to the following:
# AppendHosts 127.0.0.1 123.com
# AppendHosts 127.0.0.1 456.com
# AppendHosts 1.2.3.4 foobar.*
#
# Unconventional types of hosts:
# Type 1: Hosts point to IP lists
# AppendHosts <list1> www.123.com
# Where `list1' is the name of an IP list defined by a `GoodIPList' option
# This makes the IP address of www.123.com be the fastest one in `list1'
#
# Type 2: CName redirections
# AppendHosts www.google.cn *.google.com
# This makes the IP addresses of *.google.com be the same as these of www.google.cn
#
# Type 3: Skipping queryings from hosts
# AppendHosts @@ *.012345.com
# Then any query to *.012345.com won't be queried from hosts
# (as if there is no host item of *.012345.com)
#
# Priorities of different types of hosts(from higher to lower):
# 1. Type 3 unconventional hosts
# 2. Conventional hosts and type 1 unconventional hosts
# 3. Type 2 unconventional hosts
AppendHosts
# BlockIpv6WhenIpv4Exists <BOOLEAN>
# Refuse to query to IPv6 addresses of domains that have IPv4 host items (since 5.0.12, renamed after 6.0.0)
# `true' or `false'
BlockIpv6WhenIpv4Exists false
##################################################
#
# DNS Cache
#
##################################################
# UseCache <BOOLEAN>
# Turn on DNS cache (since 2.2)
# `true' or `false'
UseCache false
# CacheSize <NUM>
# Cache size (in bytes)
# Not less than 102400 (100KB) (since 2.3)
CacheSize 1048576
# MemoryCache <BOOLEAN>
# Use memory cache instead of file cache (since 2.3.2)
# `true' or `false'
MemoryCache true
# CacheFile <PATH>
# When using file cache(`MemoryCache' is `false'), the path to this file (since 2.3)
# By default, the file is located in the folder in which the executable file is (Windows),
# or the configuration folder (Linux)
CacheFile
# IgnoreTTL <BOOLEAN>
# Ignore cache items' TTL (since 2.2)
# When set to `true', all the cache items won't be swept,
# otherwise, every cache item will be swept after it exceeds its TTL
# `true' or `false'
IgnoreTTL false
# OverrideTTL <NUM>
# Override all cache items' TTL to specified number(usually in seconds)
# Set to `-1' to disable overriding
# This option is equivalent to `CacheControl * fixed <NUM>' (since 5.0.18)
OverrideTTL -1
# MultipleTTL <NUM>
# Multiply every TTL by <NUM> (since 2.2)
# This option is equivalent to `CacheControl * vari <NUM>x+0' (since 5.0.18)
MultipleTTL 1
# CacheControl <DOMAIN> [$[$]]<TYPE> [ARGUMENT]
# Advanced cache controls (since 5.0.18)
# This option only takes effect when cache is turned on
# Where,
# <DOMAIN> a domain specifier(wildcards(`?',`*') supported);
# [$[$]] sets the contagiousness;
# <TYPE> is the type(see below);
# [ARGUMENT] is an argument(see below)
#
# <TYPE> could be one of the followings(all lowercase):
# orig : Do not change TTLs, no [ARGUMENT] needed
# nocache : Do not cache corresponding items, no [ARGUMENT] needed
# fixed : Set TTLs to a fixed number of [ARGUMENT]
# vari : Set TTLs to a number computed with [ARGUMENT],
# In this case, [ARGUMENT] should be in the form of `ax+b' where
# `a' and `b' are user-specified non-negative numbers,
# `x' is its original TTL(just leave it `x')
#
# Examples:
# CacheControl baidu.com orig # Do not change TTLs of domains tailed with `baidu.com'
# CacheControl 163.com nocache # Do not cache domains tailed with `163.com'
# CacheControl qq.com fixed 500 # Change every TTL of domains tailed with `qq.com' to 500
# CacheControl sina.com.cn vari 2x+200 # Change every TTL of domains tailed with `sina.com.cn'
# to 2*x+200, where `x' is its original TTL
#
# Contagiousness:
# Problem arised for domains that have CName records, such as www.windowsupdate.com:
# ;; QUESTION SECTION:
# ;www.windowsupdate.com. IN A
#
# ;; ANSWER SECTION:
# www.windowsupdate.com. 3585 IN CNAME windowsupdate.microsoft.nsatc.net. (Record 1)
# windowsupdate.microsoft.nsatc.net. 285 IN CNAME www.update.microsoft.com.nsatc.net. (Record 2)
# www.update.microsoft.com.nsatc.net. 285 IN A 134.170.58.222 (Record 3)
# www.update.microsoft.com.nsatc.net. 285 IN A 65.55.50.157 (Record 4)
#
# Consider if there is a control rule for `www.windowsupdate.com',
# how to handle with `windowsupdate.microsoft.nsatc.net' and
# `www.update.microsoft.com.nsatc.net'? To inheret from `www.windowsupdate.com'
# or use its own rules(if any)?
# To solve this problem I introduced contagiousness. There are three contagion mechanism,
# exampled with `www.windowsupdate.com':
# Actively : Whether or not there is any independent rule,
# the rule for `www.windowsupdate.com' will always be used.
# This is the default
# Passively : First use the independent rule. If none,
# use the rule for `www.windowsupdate.com'
# No : If there is a independent rule, use it. Otherwise, leave its TTL as is
#
# Examples:
# Actively:
# CacheControl www.windowsupdate.com fixed 1000
# CacheControl 163.com orig
# Passively (one `$' before <TYPE>):
# CacheControl www.windowsupdate.com $fixed 1500
# CacheControl sina.com.cn $nocache
# No contagion (two `$' before <TYPE>):
# CacheControl www.windowsupdate.com $$fixed 2000
# CacheControl windowsupdate.microsoft.nsatc.net $$vari 2x+100
#
# More Examples (Again exampled with `www.windowsupdate.com'):
# CacheControl www.windowsupdate.com fixed 1000
# CacheControl windowsupdate.microsoft.nsatc.net fixed 500
# The net effect is, the TTLs of record 1, 2, 3 and 4 will be changed to 1000
#
# CacheControl www.windowsupdate.com $fixed 1000
# CacheControl windowsupdate.microsoft.nsatc.net fixed 500
# The net effect is, the TTLs of record 1, 3 and 4 will be changed to 1000,
# that of record 2 will be changed to 500
#
# CacheControl www.windowsupdate.com $$fixed 1000
# CacheControl windowsupdate.microsoft.nsatc.net fixed 500
# The net effect is, the TTL of record 1 will be changed to 1000,
# that of record 2 will be changed to 500, record 3 and 4 won't be chagned
# ReloadCache <BOOLEAN>
# If file cache is used, when the program starts,
# whether to reload the existing cache file (since 2.2.3)
# The size of the existing cache MUST be equal to `CacheSize'
# `true' or `false'
# This option is useless if `MemoryCache' is `true'
ReloadCache false
# OverwriteCache <BOOLEAN>
# If it failed to reload the cache file, whether to overwrite it (since 2.3)
# `true' or `false'
OverwriteCache false
##################################################
#
# Miscellaneous
#
##################################################
# DisabledType <NUM1>,<NUM2>,.....
# Refuse to query specified types of DNS (since 2.2)
# Some DNS types:
# A 1 IPv4 Address
# AAAA 28 IPv6 Address
# APL 42
# CERT 37
# CNAME 5
# DHCID 49
# DLV 32769
# DNAME 39
# DNSKEY 48
# DS 43
# HIP 55
# IPSECKEY 45
# KEY 25
# KX 36
# LOC 29
# MX 15
# NAPTR 35
# NS 2 Name Server
# NSEC 47
# NSEC3 50
# NSEC3PARAM 51
# PTR 12 Domain pointer
# RRSIG 46
# RP 17
# SIG 24
# SOA 6 start of authority record
# SPF 99
# SRV 33
# SSHFP 44
# TA 32768
# TKEY 249
# TSIG 250
# TXT 16
# ANY 255
# AXFR 252
# IXFR 251
# OPT 41
DisabledType
# DisabledDomain <DOMAIN1>,<DOMAIN2>,.....
# Refuse to query specified domains. Adjacent items should be separated by a comma,
# or split them to different lines of `DisabledDomain' (since 2.2.2)
# Wildcards(`?',`*') are supported
DisabledDomain
# DisabledList <PATH>
# Import disabled domains from files (since 5.0.3)
# You can use multiple `DisabledList' statements to import more than one file
# Do not surround a path with quotation marks
DisabledList
# DomainStatistic <BOOLEAN>
# Turn on domain statistics (since 2.5 b1)
# The result would be saved according to the templet file,
# at the folder in which the executable file is (Windows), or the configuration folder (Linux),
# named `statistic.html'
# `true' or `false'
DomainStatistic false
# DomainStatisticTempletFile <PATH>
# The path to the templet file (since 5.0.23)
# By default, the file is in the folder in which the executable file is (Windows),
# or the configuration folder (Linux), named `StatisticTemplate.html'
DomainStatisticTempletFile
# StatisticInsertionPosition <STRING>
# Where to insert statistics in the templet file (since 5.0.23)
# By default, it is where `<!-- INSERT HERE -->' is
# StatisticInsertionPosition <!-- INSERT HERE -->
# StatisticUpdateInterval <NUM>
# Statistics updating interval(in seconds) (since 2.5 b1)
StatisticUpdateInterval 29