github.com/inazumav/sing-box@v0.0.0-20230926072359-ab51429a14f1/docs/configuration/dns/rule.md (about) 1 ### Structure 2 3 ```json 4 { 5 "dns": { 6 "rules": [ 7 { 8 "inbound": [ 9 "mixed-in" 10 ], 11 "ip_version": 6, 12 "query_type": [ 13 "A", 14 "HTTPS", 15 32768 16 ], 17 "network": "tcp", 18 "auth_user": [ 19 "usera", 20 "userb" 21 ], 22 "protocol": [ 23 "tls", 24 "http", 25 "quic" 26 ], 27 "domain": [ 28 "test.com" 29 ], 30 "domain_suffix": [ 31 ".cn" 32 ], 33 "domain_keyword": [ 34 "test" 35 ], 36 "domain_regex": [ 37 "^stun\\..+" 38 ], 39 "geosite": [ 40 "cn" 41 ], 42 "source_geoip": [ 43 "private" 44 ], 45 "source_ip_cidr": [ 46 "10.0.0.0/24", 47 "192.168.0.1" 48 ], 49 "source_port": [ 50 12345 51 ], 52 "source_port_range": [ 53 "1000:2000", 54 ":3000", 55 "4000:" 56 ], 57 "port": [ 58 80, 59 443 60 ], 61 "port_range": [ 62 "1000:2000", 63 ":3000", 64 "4000:" 65 ], 66 "process_name": [ 67 "curl" 68 ], 69 "process_path": [ 70 "/usr/bin/curl" 71 ], 72 "package_name": [ 73 "com.termux" 74 ], 75 "user": [ 76 "sekai" 77 ], 78 "user_id": [ 79 1000 80 ], 81 "clash_mode": "direct", 82 "invert": false, 83 "outbound": [ 84 "direct" 85 ], 86 "server": "local", 87 "disable_cache": false, 88 "rewrite_ttl": 100 89 }, 90 { 91 "type": "logical", 92 "mode": "and", 93 "rules": [], 94 "server": "local", 95 "disable_cache": false, 96 "rewrite_ttl": 100 97 } 98 ] 99 } 100 } 101 102 ``` 103 104 !!! note "" 105 106 You can ignore the JSON Array [] tag when the content is only one item 107 108 ### Default Fields 109 110 !!! note "" 111 112 The default rule uses the following matching logic: 113 (`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite`) && 114 (`port` || `port_range`) && 115 (`source_geoip` || `source_ip_cidr`) && 116 (`source_port` || `source_port_range`) && 117 `other fields` 118 119 #### inbound 120 121 Tags of [Inbound](/configuration/inbound). 122 123 #### ip_version 124 125 4 (A DNS query) or 6 (AAAA DNS query). 126 127 Not limited if empty. 128 129 #### query_type 130 131 DNS query type. Values can be integers or type name strings. 132 133 #### network 134 135 `tcp` or `udp`. 136 137 #### auth_user 138 139 Username, see each inbound for details. 140 141 #### protocol 142 143 Sniffed protocol, see [Sniff](/configuration/route/sniff/) for details. 144 145 #### domain 146 147 Match full domain. 148 149 #### domain_suffix 150 151 Match domain suffix. 152 153 #### domain_keyword 154 155 Match domain using keyword. 156 157 #### domain_regex 158 159 Match domain using regular expression. 160 161 #### geosite 162 163 Match geosite. 164 165 #### source_geoip 166 167 Match source geoip. 168 169 #### source_ip_cidr 170 171 Match source ip cidr. 172 173 #### source_port 174 175 Match source port. 176 177 #### source_port_range 178 179 Match source port range. 180 181 #### port 182 183 Match port. 184 185 #### port_range 186 187 Match port range. 188 189 #### process_name 190 191 !!! error "" 192 193 Only supported on Linux, Windows, and macOS. 194 195 Match process name. 196 197 #### process_path 198 199 !!! error "" 200 201 Only supported on Linux, Windows, and macOS. 202 203 Match process path. 204 205 #### package_name 206 207 Match android package name. 208 209 #### user 210 211 !!! error "" 212 213 Only supported on Linux. 214 215 Match user name. 216 217 #### user_id 218 219 !!! error "" 220 221 Only supported on Linux. 222 223 Match user id. 224 225 #### clash_mode 226 227 Match Clash mode. 228 229 #### invert 230 231 Invert match result. 232 233 #### outbound 234 235 Match outbound. 236 237 `any` can be used as a value to match any outbound. 238 239 #### server 240 241 ==Required== 242 243 Tag of the target dns server. 244 245 #### disable_cache 246 247 Disable cache and save cache in this query. 248 249 #### rewrite_ttl 250 251 Rewrite TTL in DNS responses. 252 253 ### Logical Fields 254 255 #### type 256 257 `logical` 258 259 #### mode 260 261 `and` or `or` 262 263 #### rules 264 265 Included default rules.