d3cim
/
dnscrypt-proxy-android
mirror of https://github.com/d3cim/dnscrypt-proxy-android.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update example-dnscrypt-proxy.toml

This commit is contained in:
George Daniel 2019-06-12 06:07:10 +00:00 committed by GitHub
parent 0293eb2f64
commit c4f5498b64
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
config/example-dnscrypt-proxy.toml
View File

@ -1,4 +1,7 @@
#dnscrypt-proxy.toml of lindroidux
############################################## ##############################################
# # # #
# dnscrypt-proxy configuration # # dnscrypt-proxy configuration #
@ -33,12 +36,14 @@
## List of local addresses and ports to listen to. Can be IPv4 and/or IPv6. ## List of local addresses and ports to listen to. Can be IPv4 and/or IPv6.
## Note: When using systemd socket activation, choose an empty set (i.e. [] ). ## Note: When using systemd socket activation, choose an empty set (i.e. [] ).
listen_addresses = ['127.0.0.1:53', '[::1]:53'] listen_addresses = ['127.0.0.1:5354', '[::1]:5354']
# listen_addresses = ['127.0.0.1:5354']
## Maximum number of simultaneous client connections to accept ## Maximum number of simultaneous client connections to accept
max_clients = 150 max_clients = 50
## Switch to a different system user after listening sockets have been created. ## Switch to a different system user after listening sockets have been created.
@ -55,7 +60,7 @@ max_clients = 150
ipv4_servers = true ipv4_servers = true
# Use servers reachable over IPv6 -- Do not enable if you don't have IPv6 connectivity # Use servers reachable over IPv6 -- Do not enable if you don't have IPv6 connectivity
ipv6_servers = false ipv6_servers = true
# Use servers implementing the DNSCrypt protocol # Use servers implementing the DNSCrypt protocol
dnscrypt_servers = true dnscrypt_servers = true
@ -67,7 +72,7 @@ doh_servers = true
## Require servers defined by remote sources to satisfy specific properties ## Require servers defined by remote sources to satisfy specific properties
# Server must support DNS security extensions (DNSSEC) # Server must support DNS security extensions (DNSSEC)
require_dnssec = false require_dnssec = true
# Server must not log user queries (declarative) # Server must not log user queries (declarative)
require_nolog = true require_nolog = true
@ -75,9 +80,6 @@ require_nolog = true
# Server must not enforce its own blacklist (for parental control, ads blocking...) # Server must not enforce its own blacklist (for parental control, ads blocking...)
require_nofilter = true require_nofilter = true
# Server names to avoid even if they match all criteria
disabled_server_names = []
## Always use TCP to connect to upstream servers. ## Always use TCP to connect to upstream servers.
## This can be useful if you need to route everything through Tor. ## This can be useful if you need to route everything through Tor.
@ -103,7 +105,7 @@ force_tcp = false
## How long a DNS query will wait for a response, in milliseconds ## How long a DNS query will wait for a response, in milliseconds
timeout = 1500 timeout = 2500
## Keepalive for HTTP (HTTPS, HTTP/2) queries, in seconds ## Keepalive for HTTP (HTTPS, HTTP/2) queries, in seconds
@ -118,6 +120,7 @@ keepalive = 30
refused_code_in_responses = false refused_code_in_responses = false
## Load-balancing strategy: 'p2' (default), 'ph', 'fastest' or 'random' ## Load-balancing strategy: 'p2' (default), 'ph', 'fastest' or 'random'
# lb_strategy = 'p2' # lb_strategy = 'p2'
@ -125,12 +128,12 @@ refused_code_in_responses = false
## Log level (0-6, default: 2 - 0 is very verbose, 6 only contains fatal errors) ## Log level (0-6, default: 2 - 0 is very verbose, 6 only contains fatal errors)
# log_level = 2 log_level = 0
## log file for the application ## log file for the application
# log_file = 'dnscrypt-proxy.log' log_file = 'dnscrypt-proxy.log'
## Use the system logger (syslog on Unix, Event Log on Windows) ## Use the system logger (syslog on Unix, Event Log on Windows)
@ -168,7 +171,7 @@ cert_refresh_delay = 240
## Keep tls_cipher_suite empty if you have issues fetching sources or ## Keep tls_cipher_suite empty if you have issues fetching sources or
## connecting to some DoH servers. Google and Cloudflare are fine with it. ## connecting to some DoH servers. Google and Cloudflare are fine with it.
tls_cipher_suite = [52392, 49199] # tls_cipher_suite = [52392, 49199]
## Fallback resolver ## Fallback resolver
@ -185,13 +188,16 @@ tls_cipher_suite = [52392, 49199]
## People in China may need to use 114.114.114.114:53 here. ## People in China may need to use 114.114.114.114:53 here.
## Other popular options include 8.8.8.8 and 1.1.1.1. ## Other popular options include 8.8.8.8 and 1.1.1.1.
fallback_resolver = '9.9.9.9:53' # fallback_resolver = '9.9.9.9:53'
fallback_resolver = '1.1.1.1:53'
## Never let dnscrypt-proxy try to use the system DNS settings; ## Never let dnscrypt-proxy try to use the system DNS settings;
## unconditionally use the fallback resolver. ## unconditionally use the fallback resolver.
ignore_system_dns = false ignore_system_dns = true
## Maximum time (in seconds) to wait for network connectivity before ## Maximum time (in seconds) to wait for network connectivity before
@ -200,7 +206,7 @@ ignore_system_dns = false
## connectivity is not guaranteed to be immediately available. ## connectivity is not guaranteed to be immediately available.
## Use 0 to disable. ## Use 0 to disable.
netprobe_timeout = 60 netprobe_timeout = 864000
## Offline mode - Do not use any remote encrypted servers. ## Offline mode - Do not use any remote encrypted servers.
@ -213,7 +219,7 @@ netprobe_timeout = 60
## Automatic log files rotation ## Automatic log files rotation
# Maximum log files size in MB # Maximum log files size in MB
log_files_max_size = 1 log_files_max_size = 10
# How long to keep backup files, in days # How long to keep backup files, in days
log_files_max_age = 7 log_files_max_age = 7
@ -310,7 +316,7 @@ cache_neg_max_ttl = 600
## Path to the query log file (absolute, or relative to the same directory as the executable file) ## Path to the query log file (absolute, or relative to the same directory as the executable file)
# file = 'query.log' file = 'query.log'
## Query log format (currently supported: tsv and ltsv) ## Query log format (currently supported: tsv and ltsv)
@ -336,7 +342,7 @@ cache_neg_max_ttl = 600
## Path to the query log file (absolute, or relative to the same directory as the executable file) ## Path to the query log file (absolute, or relative to the same directory as the executable file)
# file = 'nx.log' file = 'nx.log'
## Query log format (currently supported: tsv and ltsv) ## Query log format (currently supported: tsv and ltsv)