##########################################
#    __    _     _   ___   ____  ___  
#   / /`_ | |   | | | | \ | |_  | |_) 
#   \_\_/ |_|__ |_| |_|_/ |_|__ |_| \ 
#
# Glider is a forward proxy with multiple protocols support, and also a dns forwarding server with ipset management features(like dnsmasq).
#
# We can set up local listeners as proxy, and forward requests to internet via forwarders.
#
#                |Forwarder ----------------->|         
#   Listener --> |                            | Internet
#                |Forwarder --> Forwarder->...| 
# 
# -----------------------------------------------------------
#
# This is a sample configuration file for glider.
# 
# Format is one option per line, legal options are the same
# as the options legal on the command line. See "glider -help" for details.
#
# Comment line starts with "#", values set in the format: 
# KEY=VALUE
#
# -----------------------------------------------------------

# Verbose mode, print logs
verbose=True

# LISTENERS
# ---------
# Local listeners, we can set up multiple listeners on different port with
# different protocols.

# listen on 8443, serve as http/socks5 proxy on the same port.
listen=:8443

# listen on 8448 as a ss server.
# listen=ss://AEAD_CHACHA20_POLY1305:pass@:8448

# listen on 8080 as a http proxy server.
listen=http://:8080

# listen on 1080 as a socks5 proxy server.
listen=socks5://:1080

# listen on 1081 as a linux transparent proxy server.
# listen=redir://:1081

# listen on 1082 as a tcp tunnel, all requests to :1082 will be forward to 1.1.1.1:80
# listen=tcptun://:1082=1.1.1.1:80

# listen on 1083 as a udp tunnel, all requests to :1083 will be forward to 1.1.1.1:53
# listen=udptun://:1083=1.1.1.1:53

# listen on 1084 as a udp over tcp tunnel, all requests to :1084 will be forward to 1.1.1.1:53
# listen=uottun://:1084=1.1.1.1:53

# FORWARDERS
# ----------
# Forwarders, we can setup multiple forwarders.

# Socks5 proxy as forwarder
# forward=socks5://192.168.1.10:1080

# SS proxy as forwarder
# forward=ss://method:pass@1.1.1.1:8443

# SSR proxy as forwarder
# forward=ssr://method:pass@1.1.1.1:8443?protocol=auth_aes128_md5&protocol_param=xxx&obfs=tls1.2_ticket_auth&obfs_param=yyy

# http proxy as forwarder
# forward=http://1.1.1.1:8080

# vmess with none security
# forward=vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98@1.1.1.1:443?alterID=2

# vmess with aes-128-gcm security
# forward=vmess://aes-128-gcm:5a146038-0b56-4e95-b1dc-5c6f5a32cd98@1.1.1.1:443?alterID=2

# vmess over tls
# forward=tls://1.1.1.1:443,vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98@?alterID=2

# vmess over websocket
# forward=ws://1.1.1.1:80/path,vmess://chacha20-poly1305:5a146038-0b56-4e95-b1dc-5c6f5a32cd98@?alterID=2

# vmess over ws over tls
# forward=tls://1.1.1.1:443,ws://,vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98@?alterID=2
# forward=tls://1.1.1.1:443,ws://@/path,vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98@?alterID=2

# FORWARDER CHAIN
# ---------------
# We can setup a forward chain using 1 forward option, 
# use comma to separate different upstream forward proxies.
#forward=http://1.1.1.1:8080,socks5://2.2.2.2:1080


# FORWARDE STRATEGY
# -----------------
# If we set up multiple forwarders, we can use them in our own strategy.

# Round Robin mode: rr
# High Availability mode: ha
strategy=rr


# FORWARDERS CHECK
# ----------------
# We can check whether a forwarder is available.

# Used to connect via forwarders, if the host is unreachable, the forwarder
# will be set to disabled.
# MUST be a HTTP website server address, format: HOST[:PORT]. HTTPS NOT SUPPORTED.
checkwebsite=www.apple.com

# check duration(seconds)
checkduration=30


# DNS FORWARDING SERVER
# ----------------
# we can specify different upstream dns server in rule file for different destinations

# Setup a dns forwarding server
dns=:53
# global remote dns server (you can specify different dns server in rule file)
dnsserver=8.8.8.8:53
dnsserver=1.1.1.1:53
# custom records
dnsrecord=www.example.com/1.2.3.4
dnsrecord=www.example.com/2606:2800:220:1:248:1893:25c8:1946


# IPSET MANAGEMENT
# ----------------
# Create and mange ipset on linux based on destinations in rule files
#   - add ip/cidrs in rule files on startup
#   - add resolved ips for domains in rule files by dns forwarding server 
# Usually used in transparent proxy mode on linux
ipset=glider


# RULE FILES
# ----------
# Specify additional forward rules

# specify rules folder, so all *.rule files under this folder will be parsed as rule file
rules-dir=rules.d

# specify a rule file
#rulefile=office.rule
#rulefile=home.rule