[UPSTREAM] - (see description)
5db4365540
d766dc8bf7
f48b13f7b8
b32ffbb807
87c161ab76
8945cb1b90
This commit is contained in:
parent
f95932cfa8
commit
5bc1cce8bf
|
@ -140,11 +140,20 @@ keepalive = 30
|
|||
# log_level = 2
|
||||
|
||||
|
||||
## log file for the application
|
||||
## Log file for the application, as an alternative to sending logs to
|
||||
## the standard system logging service (syslog/Windows event log).
|
||||
##
|
||||
## This file is different from other log files, and will not be
|
||||
## automatically rotated by the application.
|
||||
|
||||
# log_file = 'dnscrypt-proxy.log'
|
||||
|
||||
|
||||
## When using a log file, only keep logs from the most recent launch.
|
||||
|
||||
# log_file_latest = true
|
||||
|
||||
|
||||
## Use the system logger (syslog on Unix, Event Log on Windows)
|
||||
|
||||
# use_syslog = true
|
||||
|
@ -636,17 +645,18 @@ fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familys
|
|||
|
||||
|
||||
|
||||
|
||||
#################################################################
|
||||
# Certificate-based client authentication for DoH #
|
||||
#################################################################
|
||||
|
||||
# Use a X509 certificate to authenticate yourself when connecting to DoH servers.
|
||||
# This is only useful if you are operating your own, private DoH server(s).
|
||||
# (for DNSCrypt, see the `query_meta` feature instead)
|
||||
# 'creds' maps servers to certificates, and supports multiple entries.
|
||||
# If you are not using the standard root CA, an optional "root_ca"
|
||||
# property set to the path to a root CRT file can be added to a server entry.
|
||||
|
||||
# [doh_client_x509_auth]
|
||||
|
||||
#
|
||||
# creds = [
|
||||
# { server_name='myserver', client_cert='client.crt', client_key='client.key' }
|
||||
# ]
|
||||
|
@ -693,6 +703,42 @@ skip_incompatible = false
|
|||
|
||||
|
||||
|
||||
###############################
|
||||
# DNS64 #
|
||||
###############################
|
||||
|
||||
## DNS64 is a mechanism for synthesizing AAAA records from A records.
|
||||
## It is used with an IPv6/IPv4 translator to enable client-server
|
||||
## communication between an IPv6-only client and an IPv4-only server,
|
||||
## without requiring any changes to either the IPv6 or the IPv4 node,
|
||||
## for the class of applications that work through NATs.
|
||||
##
|
||||
## There are two options to synthesize such records:
|
||||
## Option 1: Using a set of static IPv6 prefixes;
|
||||
## Option 2: By discovering the IPv6 prefix from DNS64-enabled resolver.
|
||||
##
|
||||
## If both options are configured - only static prefixes are used.
|
||||
## (Ref. RFC6147, RFC6052, RFC7050)
|
||||
##
|
||||
## Do not enable unless you know what DNS64 is and why you need it, or else
|
||||
## you won't be able to connect to anything at all.
|
||||
|
||||
# [dns64]
|
||||
|
||||
## (Option 1) Static prefix(es) as Pref64::/n CIDRs.
|
||||
# prefix = ["64:ff9b::/96"]
|
||||
|
||||
## (Option 2) DNS64-enabled resolver(s) to discover Pref64::/n CIDRs.
|
||||
## These resolvers are used to query for Well-Known IPv4-only Name (WKN) "ipv4only.arpa." to discover only.
|
||||
## Set with your ISP's resolvers in case of custom prefixes (other than Well-Known Prefix 64:ff9b::/96).
|
||||
## IMPORTANT: Default resolvers listed below support Well-Known Prefix 64:ff9b::/96 only.
|
||||
# resolver = ["[2606:4700:4700::64]:53", "[2001:4860:4860::64]:53"]
|
||||
|
||||
|
||||
|
||||
########################################
|
||||
# Static entries #
|
||||
########################################
|
||||
|
||||
## Optional, local, static list of additional servers
|
||||
## Mostly useful for testing your own servers.
|
||||
|
|
Loading…
Reference in New Issue