[UPSTREAM] - Update to the latest changes

3b18058ae5 (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3)
a713e1a517 (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3)
ee5711fbd6 (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3)
8a9e61d6cd (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3)
7c6f0823ea (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3)
5861a58089 (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3)
197f13ea0f (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3)
This commit is contained in:
quindecim 2021-01-03 10:16:47 -05:00
parent 5df2386d4e
commit 130c92e5c0
1 changed files with 31 additions and 7 deletions

View File

@ -346,6 +346,7 @@ reject_ttl = 600
# cloak_ttl = 600 # cloak_ttl = 600
########################### ###########################
# DNS cache # # DNS cache #
########################### ###########################
@ -381,6 +382,20 @@ cache_neg_max_ttl = 600
########################################
# Captive portal handling #
########################################
[captive_portals]
## A file that contains a set of names used by operating systems to
## check for connectivity and captive portals, along with hard-coded
## IP addresses to return.
# map_file = 'example-captive-portals.txt'
################################## ##################################
# Local DoH server # # Local DoH server #
################################## ##################################
@ -688,7 +703,7 @@ cache_neg_max_ttl = 600
# The list below enables workarounds to make non-relayed usage more reliable # The list below enables workarounds to make non-relayed usage more reliable
# until the servers are fixed. # until the servers are fixed.
fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familyshield-ipv6', 'cleanbrowsing-adult', 'cleanbrowsing-family-ipv6', 'cleanbrowsing-family', 'cleanbrowsing-security'] fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familyshield-ipv6', 'cleanbrowsing-adult', 'cleanbrowsing-adult-ipv6', 'cleanbrowsing-family', 'cleanbrowsing-family-ipv6', 'cleanbrowsing-security', 'cleanbrowsing-security-ipv6']
@ -726,8 +741,8 @@ fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familys
## DNSCrypt stamp) or a server name. ## DNSCrypt stamp) or a server name.
## ##
## The following example routes "example-server-1" via `anon-example-1` or `anon-example-2`, ## The following example routes "example-server-1" via `anon-example-1` or `anon-example-2`,
## and "example-server-2" via the relay whose relay DNS stamp ## and "example-server-2" via the relay whose relay DNS stamp is
## is "sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM". ## "sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM".
## ##
## !!! THESE ARE JUST EXAMPLES !!! ## !!! THESE ARE JUST EXAMPLES !!!
## ##
@ -736,8 +751,15 @@ fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familys
## ##
## Carefully choose relays and servers so that they are run by different entities. ## Carefully choose relays and servers so that they are run by different entities.
## ##
## "server_name" can also be set to "*" to define a default route, but this is not ## "server_name" can also be set to "*" to define a default route, for all servers:
## recommended. If you do so, keep "server_names" short and distinct from relays. ## { server_name='*', via=['anon-example-1', 'anon-example-2'] }
##
## If a route is ["*"], the proxy automatically picks a relay on a distinct network.
## { server_name='*', via=['*'] } is also an option, but is likely to be suboptimal.
##
## Manual selection is always recommended over automatic selection, so that you can
## select (relay,server) pairs that work well and fit your own criteria (close by or
## in different countries, operated by different entities, on distinct ISPs...)
routes = [ routes = [
{ server_name='acsacsar-ams-ipv4', via=['anon-meganerd', 'anon-scaleway-ams'] }, { server_name='acsacsar-ams-ipv4', via=['anon-meganerd', 'anon-scaleway-ams'] },
@ -776,8 +798,10 @@ fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familys
# { server_name='example-server-2', via=['sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM'] } # { server_name='example-server-2', via=['sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM'] }
] ]
# routes = { server_name='*', via = ['*'] }
# skip resolvers incompatible with anonymization instead of using them directly
# Skip resolvers incompatible with anonymization instead of using them directly
skip_incompatible = true skip_incompatible = true
@ -833,4 +857,4 @@ direct_cert_fallback = false
[static] [static]
# [static.'myserver'] # [static.'myserver']
# stamp = 'sdns:AQcAAAAAAAAAAAAQMi5kbnNjcnlwdC1jZXJ0Lg' # stamp = 'sdns://AQcAAAAAAAAAAAAQMi5kbnNjcnlwdC1jZXJ0Lg'