1
c0okies 186 天前
这个好像所有 dns 查询都优先通过 google ,除了出口服务器的域名
|
2
xyseer2 186 天前
#1 说的没错,这样写所有流量默认过 google-dns ,这样的问题是墙内的直连流量不一定能搜到(部分地区 google-dns 直接 ban )所以官方那个配置下面加了几个 cn 规则去避免这个问题。
至于漏不漏呢,除了节点域名都是用 google-dns 查的,理应不漏,但考虑到墙内对 google-dns 的应对方式不同,我不好说完全不漏 lol |
3
isAK47 185 天前
tun 配置还有一个问题,就是有些域名即使配置了代理也无效,只有终端里面是正常的,浏览器不行,一直找不到解决办法
|
4
vfx666 OP @xyseer2 如果是所有流量都过 Google dns ,为啥 dns 规则的写法是 any local 呢,不应该是 any proxy ?
|
5
vfx666 OP |
6
aflow 184 天前
dns 里也可以配置规则,设置非国内域名走代理解析,这是我抄的规则
```json "dns": { "servers": [ { "tag": "dns_proxy", "address": "tls://1.1.1.1", "address_resolver": "dns_resolver" }, { "tag": "dns_direct", "address": "h3://dns.alidns.com/dns-query", "address_resolver": "dns_resolver", "detour": "direct" }, { "tag": "dns_fakeip", "address": "fakeip" }, { "tag": "dns_resolver", "address": "223.5.5.5", "detour": "direct" }, { "tag": "block", "address": "rcode://success" } ], "rules": [ { "outbound": [ "any" ], "server": "dns_resolver" }, { "geosite": [ "category-ads-all" ], "server": "dns_block", "disable_cache": true }, { "geosite": [ "geolocation-!cn" ], "query_type": [ "A" ], "server": "dns_fakeip" }, { "geosite": [ "geolocation-!cn" ], "server": "dns_proxy" } ], "final": "dns_direct", "independent_cache": true, "fakeip": { "enabled": true, "inet6_range": "fc00::/18", "inet4_range": "198.18.0.0/15" } } ``` |