github.com/sagernet/sing-box@v1.2.7/docs/configuration/dns/rule.md (about) 1 ### Structure 2 3 ```json 4 { 5 "dns": { 6 "rules": [ 7 { 8 "inbound": [ 9 "mixed-in" 10 ], 11 "ip_version": 6, 12 "query_type": [ 13 "A", 14 "HTTPS", 15 32768 16 ], 17 "network": "tcp", 18 "auth_user": [ 19 "usera", 20 "userb" 21 ], 22 "protocol": [ 23 "tls", 24 "http", 25 "quic" 26 ], 27 "domain": [ 28 "test.com" 29 ], 30 "domain_suffix": [ 31 ".cn" 32 ], 33 "domain_keyword": [ 34 "test" 35 ], 36 "domain_regex": [ 37 "^stun\\..+" 38 ], 39 "geosite": [ 40 "cn" 41 ], 42 "source_geoip": [ 43 "private" 44 ], 45 "source_ip_cidr": [ 46 "10.0.0.0/24", 47 "192.168.0.1" 48 ], 49 "source_port": [ 50 12345 51 ], 52 "source_port_range": [ 53 "1000:2000", 54 ":3000", 55 "4000:" 56 ], 57 "port": [ 58 80, 59 443 60 ], 61 "port_range": [ 62 "1000:2000", 63 ":3000", 64 "4000:" 65 ], 66 "process_name": [ 67 "curl" 68 ], 69 "process_path": [ 70 "/usr/bin/curl" 71 ], 72 "package_name": [ 73 "com.termux" 74 ], 75 "user": [ 76 "sekai" 77 ], 78 "user_id": [ 79 1000 80 ], 81 "clash_mode": "direct", 82 "invert": false, 83 "outbound": [ 84 "direct" 85 ], 86 "server": "local", 87 "disable_cache": false 88 }, 89 { 90 "type": "logical", 91 "mode": "and", 92 "rules": [], 93 "server": "local", 94 "disable_cache": false 95 } 96 ] 97 } 98 } 99 100 ``` 101 102 !!! note "" 103 104 You can ignore the JSON Array [] tag when the content is only one item 105 106 ### Default Fields 107 108 !!! note "" 109 110 The default rule uses the following matching logic: 111 (`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite`) && 112 (`port` || `port_range`) && 113 (`source_geoip` || `source_ip_cidr`) && 114 (`source_port` || `source_port_range`) && 115 `other fields` 116 117 #### inbound 118 119 Tags of [Inbound](/configuration/inbound). 120 121 #### ip_version 122 123 4 (A DNS query) or 6 (AAAA DNS query). 124 125 Not limited if empty. 126 127 #### query_type 128 129 DNS query type. Values can be integers or type name strings. 130 131 #### network 132 133 `tcp` or `udp`. 134 135 #### auth_user 136 137 Username, see each inbound for details. 138 139 #### protocol 140 141 Sniffed protocol, see [Sniff](/configuration/route/sniff/) for details. 142 143 #### domain 144 145 Match full domain. 146 147 #### domain_suffix 148 149 Match domain suffix. 150 151 #### domain_keyword 152 153 Match domain using keyword. 154 155 #### domain_regex 156 157 Match domain using regular expression. 158 159 #### geosite 160 161 Match geosite. 162 163 #### source_geoip 164 165 Match source geoip. 166 167 #### source_ip_cidr 168 169 Match source ip cidr. 170 171 #### source_port 172 173 Match source port. 174 175 #### source_port_range 176 177 Match source port range. 178 179 #### port 180 181 Match port. 182 183 #### port_range 184 185 Match port range. 186 187 #### process_name 188 189 !!! error "" 190 191 Only supported on Linux, Windows, and macOS. 192 193 Match process name. 194 195 #### process_path 196 197 !!! error "" 198 199 Only supported on Linux, Windows, and macOS. 200 201 Match process path. 202 203 #### package_name 204 205 Match android package name. 206 207 #### user 208 209 !!! error "" 210 211 Only supported on Linux. 212 213 Match user name. 214 215 #### user_id 216 217 !!! error "" 218 219 Only supported on Linux. 220 221 Match user id. 222 223 #### clash_mode 224 225 Match Clash mode. 226 227 #### invert 228 229 Invert match result. 230 231 #### outbound 232 233 Match outbound. 234 235 `any` can be used as a value to match any outbound. 236 237 #### server 238 239 ==Required== 240 241 Tag of the target dns server. 242 243 #### disable_cache 244 245 Disable cache and save cache in this query. 246 247 ### Logical Fields 248 249 #### type 250 251 `logical` 252 253 #### mode 254 255 `and` or `or` 256 257 #### rules 258 259 Included default rules.