daxi20/smartdns
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add bind-https option

Browse Source
This commit is contained in:
Nick Peng
2023-11-12 09:58:02 +08:00
parent 6b1744e645
commit 0b3dfaec64
4 changed files with 28 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
docs/config/server-config.md
View File

@@ -5,7 +5,7 @@ hide:
# 服务端配置
smartdns目前提供了UDP, TCP, DOT种服务端模式。
smartdns目前提供了UDP, TCP, DOT, DOH四种服务端模式。
## UDP服务端
@@ -39,14 +39,20 @@ smartdns目前提供了UDP, TCP, DOT三种服务端模式。
tcp-idle-time 120
```
## DOT服务端
## DOT,DOH服务端
1. 通过`bind-tls`参数配置,配置例子如下:
1. 通过`bind-tls`, `bind-https`参数配置,配置例子如下:
```shell
bind-tls 0.0.0.0:53@eth0
bind-tls [::]:53@eth0
bind-tls :53@eth0
# DOT 服务器
bind-tls 0.0.0.0:853@eth0
bind-tls [::]:853@eth0
bind-tls :853@eth0
# DOH 服务器
bind-https 0.0.0.0:443@eth0
bind-https [::]:443@eth0
bind-https :443@eth0
```

1
docs/configuration.md
View File

@@ -16,6 +16,7 @@ hide:
| bind | DNS 监听端口号 | [::]:53 | 可绑定多个端口。<br />IP:PORT@DEVICE: 服务器 IP:端口号@设备名<br />[-group]: 请求时使用的 DNS 服务器组<br />[-no-rule-addr]:跳过 address 规则<br />[-no-rule-nameserver]:跳过 Nameserver 规则<br />[-no-rule-ipset]:跳过 ipset 和 nftset 规则<br />[-no-rule-soa]:跳过 SOA(#) 规则<br />[-no-dualstack-selection]:停用双栈测速<br />[-no-speed-check]:停用测速<br />[-no-cache]:停止缓存 <br />[-force-aaaa-soa]: 禁用IPV6查询 <br />[-ipset]: 设置IPSet参考ipset选项 <br />[-nftset]: 设置nftset参考nftset选项| bind :53@eth0 |
| bind-tcp | DNS TCP 监听端口号 | [::]:53 | 可绑定多个端口。<br />IP:PORT@DEVICE: 服务器 IP:端口号@设备名<br />[-group]: 请求时使用的 DNS 服务器组<br />[-no-rule-addr]:跳过 address 规则<br />[-no-rule-nameserver]:跳过 nameserver 规则<br />[-no-rule-ipset]:跳过 ipset 和 nftset 规则。<br />[-no-rule-soa]:跳过 SOA(#) 规则<br />[-no-dualstack-selection]:停用双栈测速<br />[-no-speed-check]:停用测速<br />[-no-cache]:停止缓存 <br />[-force-aaaa-soa]: 禁用IPV6查询 <br />[-ipset]: 设置IPSet参考ipset选项 <br />[-nftset]: 设置nftset参考nftset选项 | bind-tcp :53 |
| bind-tls | DNS Over TLS 监听端口号 | [::]:853 | 可绑定多个端口。<br />IP:PORT@DEVICE: 服务器 IP:端口号@设备名<br />[-group]: 请求时使用的 DNS 服务器组<br />[-no-rule-addr]:跳过 address 规则<br />[-no-rule-nameserver]:跳过 nameserver 规则<br />[-no-rule-ipset]:跳过 ipset 和 nftset 规则。<br />[-no-rule-soa]:跳过 SOA(#) 规则<br />[-no-dualstack-selection]:停用双栈测速<br />[-no-speed-check]:停用测速<br />[-no-cache]:停止缓存 <br />[-force-aaaa-soa]: 禁用IPV6查询 <br />[-ipset]: 设置IPSet参考ipset选项 <br />[-nftset]: 设置nftset参考nftset选项| bind-tls :853 |
| bind-https | DNS Over HTTPS 监听端口号 | [::]:853 | 可绑定多个端口。<br />IP:PORT@DEVICE: 服务器 IP:端口号@设备名<br />[-group]: 请求时使用的 DNS 服务器组<br />[-no-rule-addr]:跳过 address 规则<br />[-no-rule-nameserver]:跳过 nameserver 规则<br />[-no-rule-ipset]:跳过 ipset 和 nftset 规则。<br />[-no-rule-soa]:跳过 SOA(#) 规则<br />[-no-dualstack-selection]:停用双栈测速<br />[-no-speed-check]:停用测速<br />[-no-cache]:停止缓存 <br />[-force-aaaa-soa]: 禁用IPV6查询 <br />[-ipset]: 设置IPSet参考ipset选项 <br />[-nftset]: 设置nftset参考nftset选项| bind-https :853 |
| bind-cert-file | SSL证书文件路径 | smartdns-cert.pem | 合法路径字符串 | bind-cert-file cert.pem |
| bind-cert-key-file | SSL证书KEY文件路径 | smartdns-key.pem | 合法路径字符串 | bind-cert-key-file key.pem |
| bind-cert-key-pass | SSL证书KEY文件密码 | 无 | 字符串 | bind-cert-key-pass password |

20
en/docs/config/server-config.md
View File

@@ -5,7 +5,7 @@ hide:
# Server Configuration
Currently, smartdns provides three server modes: UDP, TCP, and DOT.
Currently, smartdns provides three server modes: UDP, TCP, DOH, and DOT.
## UDP Server
@@ -39,15 +39,21 @@ Currently, smartdns provides three server modes: UDP, TCP, and DOT.
tcp-idle-time 120
```
## DOT Server
## DOT, DOH Server
1. Configure with the `bind-tls` parameter. For example:
1. Configure with the `bind-tls`, `bind-https` parameter. For example:
```shell
bind-tls 0.0.0.0:53@eth0
bind-tls [::]:53@eth0
bind-tls :53@eth0
```
# DOT server
bind-tls 0.0.0.0:853@eth0
bind-tls [::]:853@eth0
bind-tls :853@eth0
# DOH server
bind-https 0.0.0.0:443@eth0
bind-https [::]:443@eth0
bind-https :443@eth0
1. Set certificate and key files

3
en/docs/configuration.md
View File

@@ -11,7 +11,8 @@ hide:
|server-name|DNS name|host name/smartdns|any string like hostname|server-name smartdns
|bind|DNS listening port number|[::]:53|Support binding multiple ports<br />`IP:PORT@DEVICE`: server IP, port number, and device. <br />`[-group]`: The DNS server group used when requesting. <br />`[-no-rule-addr]`: Skip the address rule. <br />`[-no-rule-nameserver]`: Skip the Nameserver rule. <br />`[-no-rule-ipset]`: Skip the Ipset or nftset rules. <br />`[-no-rule-soa]`: Skip address SOA(#) rules.<br />`[-no-dualstack-selection]`: Disable dualstack ip selection.<br />`[-no-speed-check]`: Disable speed measurement. <br />`[-no-cache]`: stop caching <br />[-force-aaaa-soa]: force AAAA query return SOA, <br />[-ipset]: set IPSet, refer to ipset option <br />[-nftset]: set nftset, refer to nftset option |bind :53@eth0
|bind-tcp|TCP mode DNS listening port number|[::]:53|Support binding multiple ports<br />`IP:PORT@DEVICE`: server IP, port number and device. <br />`[-group]`: The DNS server group used when requesting. <br />`[-no-rule-addr]`: Skip the address rule. <br />`[-no-rule-nameserver]`: Skip the Nameserver rule. <br />`[-no-rule-ipset]`: Skip the ipset or nftset rules. <br />`[-no-rule-soa]`: Skip address SOA(#) rules.<br />`[-no-dualstack-selection]`: Disable dualstack ip selection.<br />`[-no-speed-check]`: Disable speed measurement. <br />`[-no-cache]`: stop caching <br />[-force-aaaa-soa]: force AAAA query return SOA, <br />[-ipset]: set IPSet, refer to ipset option <br />[-nftset]: set nftset, refer to nftset option |bind-tcp :53
|bind-tls|DOT mode DNS listening port number|[::]:853|Support binding multiple ports<br />`IP:PORT@DEVICE`: server IP, port number and device. <br />`[-group]`: The DNS server group used when requesting. <br />`[-no-rule-addr]`: Skip the address rule. <br />`[-no-rule-nameserver]`: Skip the Nameserver rule. <br />`[-no-rule-ipset]`: Skip the ipset or nftset rules. <br />`[-no-rule-soa]`: Skip address SOA(#) rules.<br />`[-no-dualstack-selection]`: Disable dualstack ip selection.<br />`[-no-speed-check]`: Disable speed measurement. <br />`[-no-cache]`: stop caching <br />[-force-aaaa-soa]: force AAAA query return SOA, <br />[-ipset]: set IPSet, refer to ipset option <br />[-nftset]: set nftset, refer to nftset option |bind-tcp :853
|bind-tls|DOT mode DNS listening port number|[::]:853|Support binding multiple ports<br />`IP:PORT@DEVICE`: server IP, port number and device. <br />`[-group]`: The DNS server group used when requesting. <br />`[-no-rule-addr]`: Skip the address rule. <br />`[-no-rule-nameserver]`: Skip the Nameserver rule. <br />`[-no-rule-ipset]`: Skip the ipset or nftset rules. <br />`[-no-rule-soa]`: Skip address SOA(#) rules.<br />`[-no-dualstack-selection]`: Disable dualstack ip selection.<br />`[-no-speed-check]`: Disable speed measurement. <br />`[-no-cache]`: stop caching <br />[-force-aaaa-soa]: force AAAA query return SOA, <br />[-ipset]: set IPSet, refer to ipset option <br />[-nftset]: set nftset, refer to nftset option |bind-tls :853
|bind-https|DOH mode DNS listening port number|[::]:853|Support binding multiple ports<br />`IP:PORT@DEVICE`: server IP, port number and device. <br />`[-group]`: The DNS server group used when requesting. <br />`[-no-rule-addr]`: Skip the address rule. <br />`[-no-rule-nameserver]`: Skip the Nameserver rule. <br />`[-no-rule-ipset]`: Skip the ipset or nftset rules. <br />`[-no-rule-soa]`: Skip address SOA(#) rules.<br />`[-no-dualstack-selection]`: Disable dualstack ip selection.<br />`[-no-speed-check]`: Disable speed measurement. <br />`[-no-cache]`: stop caching <br />[-force-aaaa-soa]: force AAAA query return SOA, <br />[-ipset]: set IPSet, refer to ipset option <br />[-nftset]: set nftset, refer to nftset option |bind-https :853
|bind-cert-file|SSL Certificate file path|smartdns-cert.pem|path| bind-cert-file cert.pem |
|bind-cert-key-file|SSL Certificate key file path|none|smartdns-key.pem| bind-cert-key-file key.pem |
|bind-cert-key-pass|SSL Certificate key file password|none|string| bind-cert-key-pass password |