This repository has been archived by the owner on Feb 25, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 6
/
flixproxy.conf
134 lines (121 loc) · 3.53 KB
/
flixproxy.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
#
# flixproxy.conf
#
# This file is in YAML format.
#
#
# Logging.
#
# List of logging destinations with format and level filter definition.
# Logs are re-opened if the process receives SIGHUP signal.
#
# destination: stdout | stderr | syslog | /some/file/name.log
# format: terminal | logfmt | json
# level: debug | info | warn | error | crit
logging:
- destination: stdout
format: terminal
level: debug
- destination: /tmp/flixproxy.log
format: logfmt
level: debug
#- destination: /tmp/flixproxy.jsonlog
# format: json
# level: debug
#- destination: syslog
# format: logfmt
# level: info
#
# Access control lists.
#
# ACLs have an arbitrary name. They are matched from top to bottom. Search
# is terminated on first match. Default is deny if no match occurs.
#
# cidr: 192.0.2.0/24 | 2001:db8::/32
# allow: true | false
acl:
users:
- { cidr: 192.168.0.253/32, allow: false }
- { cidr: 192.168.0.0/16, allow: true }
- { cidr: 10.0.0.0/8, allow: true }
# other:
# - { cidr: 192.0.2.0/24, allow: false }
#
# DNS proxy settings.
#
# Multiple DNS proxies can be run simultaneously. Several proxy instances with
# different listen ports or IP addresses can be specified. The DNS proxy listens
# to both UDP and TCP queries. Comment out to disable.
#
# The proxy looks up first for RRs that are defined in the "spoof"
# setting. If there is no match, the proxy forwards the query to the
# forwarder address. There should be a recursive DNS server such as
# unbound or BIND running at the forwarder address.
#
# listen: 192.0.2.1:53 | 2001:db8::1:53 | :53
# id: identifier # instance identifier for logging purposes
# acl: acl_name
# forwarder: 192.0.2.2:53 | 2001:db8::2:53
# spoof: DNS records in zone file text format
dns:
- listen: 192.168.0.10:53
acl: users
forwarder: 127.0.0.1:53
spoof: |
netflix.com. A 192.168.0.10
*.netflix.com. 3600 A 192.168.0.10
test.example.com. 300 IN A 127.0.0.1
test2.example.com. A 127.0.0.1
test2.example.com. AAAA ::1
test3.example.com. A 127.0.0.1
test3.example.com. A 127.0.0.2
test3.example.com. A 127.0.0.3
*.example.net. A 127.0.0.1
*.example.net. A 127.0.0.2
#
# HTTP proxy settings.
#
# Multiple HTTP proxies can be run simultaneously. Several proxy instances with
# different listen ports or IP addresses can be specified. Comment out to
# disable.
#
# listen: 192.0.2.1:80 | 2001:db8::1:80 | :80
# id: identifier # instance identifier for logging purposes
# acl: acl_name
# upstreamport: upstream default port number
# upstreams: list of glob patterns for determining if request is allowed
# deadline: time limit for waiting for HTTP request on a new connection (s)
# idle: idle time limit for proxied connection (s)
# logrequest: true | false # request logging
http:
- listen: :80
acl: users
upstreamport: 80
upstreams:
- '*.netflix.com:80'
deadline: 60
idle: 600
logrequest: true
#
# TLS proxy settings.
#
# Multiple TLS proxies can be run simultaneously. Several proxy instances with
# different listen ports or IP addresses can be specified. Comment out to
# disable.
#
# listen: 192.0.2.1:443 | 2001:db8::1:443 | :443
# id: identifier # instance identifier for logging purposes
# acl: acl_name
# upstreamport: upstream port number
# upstreams: list of glob patterns for determining if request is allowed
# deadline: time limit for waiting for TLS packet on a new connection (s)
# idle: idle time limit for proxied connection (s)
tls:
- listen: :443
acl: users
upstreamport: 443
upstreams:
- '*.netflix.com:443'
deadline: 60
idle: 600
# eof