Open liang-hiwin opened 1 week ago
I don't think it's possible exactly like in the example. Though what you should be able to do is setup different interfaces, and then have a listener on each.
I don't think it's possible exactly like in the example. Though what you should be able to do is setup different interfaces, and then have a listener on each.
I want to use the same port and then decide which upstream to use depending on the domain name
You can do that much more easily with a single listener that receives the query, then either a router or a blocklist behind it to send it upstream to the right place
I still don't quite understand how to distinguish them. For example, if I build the dns-over-tls server: no-block.example.com:853, the upstream is clean and does not block ads. However, the upstream of the dns-over-tls server block.example.com:853 with ads removed is the upstream after ads are removed. I don't know how to configure it now.
Hmm, if you want to have two different listeners on the same host with the client being able to choose, you could setup 2 different interfaces (with different IPs) on the host. So basically address = "<IP1>:853"
and address = "<IP2>:853"
. Then set no-block.example.com -> IP1
and block.example.com -> IP2
to resolve the right IP.
Hmm, if you want to have two different listeners on the same host with the client being able to choose, you could setup 2 different interfaces (with different IPs) on the host. So basically
address = "<IP1>:853"
andaddress = "<IP2>:853"
. Then setno-block.example.com -> IP1
andblock.example.com -> IP2
to resolve the right IP.
I only have one public IP address for the same host, so it’s a bit difficult.
With DoH it would be possible to do something like that (not implemented yet though), since the HTTP headers which contain the name the client used would be available to the listener.
With DoH it would be possible to do something like that (not implemented yet though), since the HTTP headers which contain the name the client used would be available to the listener.
Yes doh I can do this using nginx
This should work:
[listeners.local-dtls]
address = ":853"
protocol = "dtls"
resolver = "route-queries"
server-crt = "example-config/server-ec.crt"
server-key = "example-config/server-ec.key"
[router.route-queries]
routes = [
{servername = '^block\.', resolver = "Blockads-cloudflare-dot"},
{servername = '^no-block\.', resolver = "no_blockads-cloudflare-dot"},
]
Not sure it works with dtls
but it does with dot
, and doq
queries (I use it).
P.S. Make sure your certicate used, have both domains/servernames in it.
853
Thanks for taking the time to test it.
for example: