diff --git a/config/example-cloaking-rules.txt b/config/example-cloaking-rules.txt index e672afb..249410d 100644 --- a/config/example-cloaking-rules.txt +++ b/config/example-cloaking-rules.txt @@ -13,6 +13,8 @@ www.google.* forcesafesearch.google.com www.bing.com strict.bing.com +yandex.ru familysearch.yandex.ru + www.youtube.com restrictmoderate.youtube.com m.youtube.com restrictmoderate.youtube.com youtubei.googleapis.com restrictmoderate.youtube.com diff --git a/config/example-dnscrypt-proxy.toml b/config/example-dnscrypt-proxy.toml index 02b613f..6fdfe35 100644 --- a/config/example-dnscrypt-proxy.toml +++ b/config/example-dnscrypt-proxy.toml @@ -38,7 +38,7 @@ listen_addresses = ['127.0.0.1:53', '[::1]:53'] ## Maximum number of simultaneous client connections to accept -max_clients = 150 +max_clients = 250 ## Switch to a different system user after listening sockets have been created. @@ -103,7 +103,7 @@ force_tcp = false ## How long a DNS query will wait for a response, in milliseconds -timeout = 1500 +timeout = 2500 ## Keepalive for HTTP (HTTPS, HTTP/2) queries, in seconds @@ -118,10 +118,15 @@ keepalive = 30 refused_code_in_responses = false -## Load-balancing strategy: 'p2' (default), 'ph', 'fastest' or 'random' +## Load-balancing strategy: 'p2' (default), 'ph', 'first' or 'random' # lb_strategy = 'p2' +## Set to `true` to constantly try to estimate the latency of all the resolvers +## and adjust the load-balancing parameters accordingly, or to `false` to disable. + +# lb_estimator = true + ## Log level (0-6, default: 2 - 0 is very verbose, 6 only contains fatal errors) @@ -168,7 +173,7 @@ cert_refresh_delay = 240 ## Keep tls_cipher_suite empty if you have issues fetching sources or ## connecting to some DoH servers. Google and Cloudflare are fine with it. -tls_cipher_suite = [52392, 49199] +# tls_cipher_suite = [52392, 49199] ## Fallback resolver @@ -198,10 +203,22 @@ ignore_system_dns = false ## initializing the proxy. ## Useful if the proxy is automatically started at boot, and network ## connectivity is not guaranteed to be immediately available. -## Use 0 to disable. +## Use 0 to not test for connectivity at all, +## and -1 to wait as much as possible. netprobe_timeout = 60 +## Address and port to try initializing a connection to, just to check +## if the network is up. It can be any address and any port, even if +## there is nothing answering these on the other side. Just don't use +## a local address, as the goal is to check for Internet connectivity. +## On Windows, a datagram with a single, nul byte will be sent, only +## when the system starts. +## On other operating systems, the connection will be initialized +## but nothing will be sent at all. + +netprobe_address = "9.9.9.9:53" + ## Offline mode - Do not use any remote encrypted servers. ## The proxy will remain fully functional to respond to queries that @@ -213,7 +230,7 @@ netprobe_timeout = 60 ## Automatic log files rotation # Maximum log files size in MB -log_files_max_size = 1 +log_files_max_size = 10 # How long to keep backup files, in days log_files_max_age = 7