From cd2806be2388dc308a88cb571037a66bdbbd6046 Mon Sep 17 00:00:00 2001 From: Ekko Date: Wed, 16 Oct 2024 00:03:54 +0800 Subject: [PATCH] feat(openclash): add more ip to openclash_custom_fallback_filter.yaml --- .../openclash_custom_fallback_filter.yaml | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 modules/openclash/files/etc/openclash/custom/openclash_custom_fallback_filter.yaml diff --git a/modules/openclash/files/etc/openclash/custom/openclash_custom_fallback_filter.yaml b/modules/openclash/files/etc/openclash/custom/openclash_custom_fallback_filter.yaml new file mode 100644 index 0000000..dd88c89 --- /dev/null +++ b/modules/openclash/files/etc/openclash/custom/openclash_custom_fallback_filter.yaml @@ -0,0 +1,42 @@ +# If IP addresses resolved with servers in `nameservers` are in the specified +# subnets below, they are considered invalid and results from `fallback` +# servers are used instead. +# +# IP address resolved with servers in `nameserver` is used when +# `fallback-filter.geoip` is true and when GEOIP of the IP address is `CN`. +# +# If `fallback-filter.geoip` is false, results from `nameserver` nameservers +# are always used if not match `fallback-filter.ipcidr`. +# +# This is a countermeasure against DNS pollution attacks. + +fallback-filter: + geoip: true + geoip-code: CN + ipcidr: + - ::1/128 + - 2001::/32 + - 0.0.0.0/8 + - 10.0.0.0/8 + - 100.64.0.0/10 + - 127.0.0.0/8 + - 169.254.0.0/16 + - 172.16.0.0/12 + - 192.0.0.0/24 + - 192.0.2.0/24 + - 192.88.99.0/24 + - 192.168.0.0/16 + - 198.18.0.0/15 + - 198.51.100.0/24 + - 203.0.113.0/24 + - 224.0.0.0/4 + - 240.0.0.0/4 + - 255.255.255.255/32 + domain: + - "+.google.com" + - "+.facebook.com" + - "+.youtube.com" + - "+.githubusercontent.com" + - "+.googlevideo.com" + - "+.msftconnecttest.com" + - "+.msftncsi.com" \ No newline at end of file