dae/example.dae

107 lines
4.0 KiB
Plaintext

global {
# tproxy port to listen at.
tproxy_port: 12345
# Log level: error, warn, info, debug, trace.
log_level: info
# Node connectivity check.
# Host of URL should have both IPv4 and IPv6 if you have double stack in local.
tcp_check_url: 'http://cp.cloudflare.com'
# This DNS will be used to check UDP connectivity. And if dns_upstream below contains tcp, it also be used to check
# TCP DNS connectivity of nodes.
# Host of DNS should have both IPv4 and IPv6 if you have double stack in local.
udp_check_dns: 'dns.google:53'
check_interval: 30s
# Group will switch node only when new_latency <= old_latency - tolerance.
check_tolerance: 50ms
# Value can be scheme://host:port or empty string ''.
# The scheme can be tcp/udp/tcp+udp. Empty string '' indicates as-is.
# If host is a domain and has both IPv4 and IPv6 record, dae will automatically choose
# IPv4 or IPv6 to use according to group policy (such as min latency policy).
# Please make sure DNS traffic will go through and be forwarded by dae, which is REQUIRED for domain routing.
# The upstream DNS answer MUST NOT be polluted, so domestic public DNS is not recommended.
# The request to DNS upstream follows the routing defined below.
dns_upstream: 'tcp+udp://dns.google:53'
# The LAN interface to bind. Use it if you only want to proxy LAN instead of localhost.
# Multiple interfaces split by ",".
# lan_interface: docker0
# SNAT for incoming connection to avoid MAC learning.
# Set it true if you are NOT using dae as a transparent bridge, but will reduce forwarding
# performance for direct traffic.
# This option does not affect direct traffic performance of WAN.
lan_nat_direct: true
# The WAN interface to bind. Use it if you want to proxy localhost.
# Multiple interfaces split by ",".
wan_interface: wlp5s0
}
# Subscriptions defined here will be resolved as nodes and merged as a part of the global node pool.
# Support to give the subscription a tag, and filter nodes from a given subscription in the group section.
subscription {
# Add your subscription links here.
my_sub: 'https://www.example.com/subscription/link'
another_sub: 'https://example.com/another_sub'
'https://example.com/no_tag_link'
}
# Nodes defined here will be merged as a part of the global node pool.
node {
# Add your node links here.
# Support socks5, http, https, ss, ssr, vmess, vless, trojan, trojan-go
'socks5://localhost:1080'
'ss://LINK'
}
# Node group (outbound).
group {
my_group {
# Filter nodes from the global node pool defined by the subscription and node section above.
# Pass node names as input of keyword/regex filter.
filter: name(regex:'HK|SG|TW', keyword:'JP', keyword: SH) && !name(keyword:"GCP")
# Randomly select a node from the group for every connection.
# policy: random
# Select the first node from the group for every connection.
# policy: fixed(0)
# Select the node with min last latency from the group for every connection.
policy: min
}
group2 {
# Filter nodes from the global node pool defined by the subscription and node section above.
# Pass node names as input of keyword/regex filter.
filter: subtag(regex: '^my_', another_sub) && !name(keyword: 'ExpireAt:')
# Select the node with min average of the last 10 latencies from the group for every connection.
policy: min_avg10
}
}
# See routing.md for full examples.
routing {
ip(geoip:private, 224.0.0.0/3, 'ff00::/8') -> direct # Put it first unless you know what you're doing.
# Write your rules below.
# dae arms DNS rush-answer filter so we can use dns.google regardless of DNS pollution.
domain(full:dns.google) && port(53) -> direct
pname(firefox) && domain(ip.sb) -> direct
pname(curl) && domain(ip.sb) -> my_group
ip(geoip:cn) -> direct
domain(geosite:cn) -> direct
# Define final as the fallback outbound.
final: my_group
}