diff --git a/resolver/config.go b/resolver/config.go index 227e4864..44f8280a 100644 --- a/resolver/config.go +++ b/resolver/config.go @@ -88,23 +88,28 @@ func prepConfig() error { err := config.Register(&config.Option{ Name: "DNS Servers", Key: CfgOptionNameServersKey, - Description: "DNS Servers to use for resolving DNS requests.", - Help: strings.ReplaceAll(`DNS Servers are used in the order as entered. The first one will be used as the primary DNS Server. Only if it fails, will the other servers be used as a fallback - in their respective order. If all fail, or if no DNS Server is configured here, the Portmaster will use the one configured in your system or network. + Description: "DNS servers to use for resolving DNS requests.", + Help: strings.ReplaceAll(`DNS servers are used in the order as entered. The first one will be used as the primary DNS Server. Only if it fails, will the other servers be used as a fallback - in their respective order. If all fail, or if no DNS Server is configured here, the Portmaster will use the one configured in your system or network. -Additionally, if it is more likely that the DNS Server of your system or network has a (better) answer to a request, they will be asked first. This will be the case for special local domains and domain spaces announced on the current network. +Additionally, if it is more likely that the DNS server of your system or network has a (better) answer to a request, they will be asked first. This will be the case for special local domains and domain spaces announced on the current network. -DNS Servers are configured in a URL format. This allows you to specify special settings for a resolver. If you just want to use a resolver at IP 10.2.3.4, please enter: "dns://10.2.3.4" -The format is: "protocol://ip:port?parameter=value¶meter=value" +DNS servers are configured in a URL format. This allows you to specify special settings for a resolver. If you just want to use a resolver at IP 10.2.3.4, please enter: "dns://10.2.3.4" +The format is: "protocol://host:port?parameter=value¶meter=value" + +For DoH servers, you can also just paste the URL given by the DNS provider. +When referring to the DNS server using a domain name, as with DoH, it is highly recommended to also specify the IP address using the "ip" parameter, so Portmaster does not have to resolve it. - Protocol - - "dot": DNS-over-TLS (recommended) + - "dot": DNS-over-TLS (or "tls"; recommended) + - "doh": DNS-over-HTTPS (or "https") - "dns": plain old DNS - "tcp": plain old DNS over TCP -- IP: always use the IP address and _not_ the domain name! +- Host: specify the domain or IP of the resolver - Port: optionally define a custom port - Parameters: - "name": give your DNS Server a name that is used for messages and logs - - "verify": domain name to verify for "dot", required and only valid for protocol "dot" + - "verify": domain name to verify for "dot", only valid for "dot" and "doh" + - "ip": IP address (if using a domain), so Portmaster does not need to resolve it using the system resolver - this is highly recommended - "blockedif": detect if the name server blocks a query, options: - "empty": server replies with NXDomain status, but without any other record in any section - "refused": server replies with Refused status