[UPSTREAM] - Update to the latest changes
3b18058ae5 (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3) a713e1a517 (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3) ee5711fbd6 (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3) 8a9e61d6cd (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3) 7c6f0823ea (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3) 5861a58089 (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3) 197f13ea0f (diff-b6fe19ee681b8c138db91ad0d6a3706af903f89fbb7134b9e6531d04d3068be3)
This commit is contained in:
parent
5df2386d4e
commit
130c92e5c0
|
@ -346,6 +346,7 @@ reject_ttl = 600
|
||||||
# cloak_ttl = 600
|
# cloak_ttl = 600
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
###########################
|
###########################
|
||||||
# DNS cache #
|
# DNS cache #
|
||||||
###########################
|
###########################
|
||||||
|
@ -381,6 +382,20 @@ cache_neg_max_ttl = 600
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# Captive portal handling #
|
||||||
|
########################################
|
||||||
|
|
||||||
|
[captive_portals]
|
||||||
|
|
||||||
|
## A file that contains a set of names used by operating systems to
|
||||||
|
## check for connectivity and captive portals, along with hard-coded
|
||||||
|
## IP addresses to return.
|
||||||
|
|
||||||
|
# map_file = 'example-captive-portals.txt'
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
##################################
|
##################################
|
||||||
# Local DoH server #
|
# Local DoH server #
|
||||||
##################################
|
##################################
|
||||||
|
@ -688,7 +703,7 @@ cache_neg_max_ttl = 600
|
||||||
# The list below enables workarounds to make non-relayed usage more reliable
|
# The list below enables workarounds to make non-relayed usage more reliable
|
||||||
# until the servers are fixed.
|
# until the servers are fixed.
|
||||||
|
|
||||||
fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familyshield-ipv6', 'cleanbrowsing-adult', 'cleanbrowsing-family-ipv6', 'cleanbrowsing-family', 'cleanbrowsing-security']
|
fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familyshield-ipv6', 'cleanbrowsing-adult', 'cleanbrowsing-adult-ipv6', 'cleanbrowsing-family', 'cleanbrowsing-family-ipv6', 'cleanbrowsing-security', 'cleanbrowsing-security-ipv6']
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -726,8 +741,8 @@ fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familys
|
||||||
## DNSCrypt stamp) or a server name.
|
## DNSCrypt stamp) or a server name.
|
||||||
##
|
##
|
||||||
## The following example routes "example-server-1" via `anon-example-1` or `anon-example-2`,
|
## The following example routes "example-server-1" via `anon-example-1` or `anon-example-2`,
|
||||||
## and "example-server-2" via the relay whose relay DNS stamp
|
## and "example-server-2" via the relay whose relay DNS stamp is
|
||||||
## is "sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM".
|
## "sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM".
|
||||||
##
|
##
|
||||||
## !!! THESE ARE JUST EXAMPLES !!!
|
## !!! THESE ARE JUST EXAMPLES !!!
|
||||||
##
|
##
|
||||||
|
@ -736,8 +751,15 @@ fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familys
|
||||||
##
|
##
|
||||||
## Carefully choose relays and servers so that they are run by different entities.
|
## Carefully choose relays and servers so that they are run by different entities.
|
||||||
##
|
##
|
||||||
## "server_name" can also be set to "*" to define a default route, but this is not
|
## "server_name" can also be set to "*" to define a default route, for all servers:
|
||||||
## recommended. If you do so, keep "server_names" short and distinct from relays.
|
## { server_name='*', via=['anon-example-1', 'anon-example-2'] }
|
||||||
|
##
|
||||||
|
## If a route is ["*"], the proxy automatically picks a relay on a distinct network.
|
||||||
|
## { server_name='*', via=['*'] } is also an option, but is likely to be suboptimal.
|
||||||
|
##
|
||||||
|
## Manual selection is always recommended over automatic selection, so that you can
|
||||||
|
## select (relay,server) pairs that work well and fit your own criteria (close by or
|
||||||
|
## in different countries, operated by different entities, on distinct ISPs...)
|
||||||
|
|
||||||
routes = [
|
routes = [
|
||||||
{ server_name='acsacsar-ams-ipv4', via=['anon-meganerd', 'anon-scaleway-ams'] },
|
{ server_name='acsacsar-ams-ipv4', via=['anon-meganerd', 'anon-scaleway-ams'] },
|
||||||
|
@ -776,8 +798,10 @@ fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familys
|
||||||
# { server_name='example-server-2', via=['sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM'] }
|
# { server_name='example-server-2', via=['sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM'] }
|
||||||
]
|
]
|
||||||
|
|
||||||
|
# routes = { server_name='*', via = ['*'] }
|
||||||
|
|
||||||
# skip resolvers incompatible with anonymization instead of using them directly
|
|
||||||
|
# Skip resolvers incompatible with anonymization instead of using them directly
|
||||||
|
|
||||||
skip_incompatible = true
|
skip_incompatible = true
|
||||||
|
|
||||||
|
@ -833,4 +857,4 @@ direct_cert_fallback = false
|
||||||
[static]
|
[static]
|
||||||
|
|
||||||
# [static.'myserver']
|
# [static.'myserver']
|
||||||
# stamp = 'sdns:AQcAAAAAAAAAAAAQMi5kbnNjcnlwdC1jZXJ0Lg'
|
# stamp = 'sdns://AQcAAAAAAAAAAAAQMi5kbnNjcnlwdC1jZXJ0Lg'
|
||||||
|
|
Loading…
Reference in New Issue