sing-box/docs/configuration/dns/rule.md

### Structure

```json
{
  "dns": {
    "rules": [
      {
        "inbound": [
          "mixed-in"
        ],
        "network": "tcp",
        "auth_user": [
          "usera",
          "userb"
        ],
        "protocol": [
          "tls",
          "http",
          "quic"
        ],
        "domain": [
          "test.com"
        ],
        "domain_suffix": [
          ".cn"
        ],
        "domain_keyword": [
          "test"
        ],
        "domain_regex": [
          "^stun\\..+"
        ],
        "geosite": [
          "cn"
        ],
        "source_geoip": [
          "private"
        ],
        "source_ip_cidr": [
          "10.0.0.0/24"
        ],
        "source_port": [
          12345
        ],
        "source_port_range": [
          "1000:2000",
          ":3000",
          "4000:"
        ],
        "port": [
          80,
          443
        ],
        "port_range": [
          "1000:2000",
          ":3000",
          "4000:"
        ],
        "process_name": [
          "curl"
        ],
        "package_name": [
          "com.termux"
        ],
        "user": [
          "sekai"
        ],
        "user_id": [
          1000
        ],
        "invert": false,
        "outbound": [
          "direct"
        ],
        "server": "local",
        "disable_cache": false
      },
      {
        "type": "logical",
        "mode": "and",
        "rules": [],
        "server": "local",
        "disable_cache": false
      }
    ]
  }
}

```

!!! note ""

    You can ignore the JSON Array [] tag when the content is only one item

### Default Fields

!!! note ""

    The default rule uses the following matching logic:  
    (`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite`) &&  
    (`source_geoip` || `source_ip_cidr`) &&  
    `other fields`  

#### inbound

Tags of [inbound](../inbound).

#### network

`tcp` or `udp`.

#### user

Username, see each inbound for details.

#### protocol

Sniffed protocol, see [Sniff](/configuration/route/sniff/) for details.

#### domain

Match full domain.

#### domain_suffix

Match domain suffix.

#### domain_keyword

Match domain using keyword.

#### domain_regex

Match domain using regular expression.

#### geosite

Match geosite.

#### source_geoip

Match source geoip.

#### source_ip_cidr

Match source ip cidr.

#### source_port

Match source port.

#### source_port_range

Match source port range.

#### port

Match port.

#### port_range

Match port range.

#### process_name

!!! error ""

    Only supported on Linux, Windows, and macOS.

Match process name.

#### package_name

Match android package name.

#### user

!!! error ""

    Only supported on Linux.

Match user name.

#### user_id

!!! error ""

    Only supported on Linux.

Match user id.

#### invert

Invert match result.

#### outbound

Match outbound.

#### server

==Required==

Tag of the target dns server.

#### disable_cache

Disable cache and save cache in this query.

### Logical Fields

#### type

`logical`

#### mode

`and` or `or`

#### rules

Included default rules.

#### invert

Invert match result.

#### server

==Required==

Tag of the target dns server.

#### disable_cache

Disable cache and save cache in this query.
Add log and dns documentation 2022-07-08 09:01:38 +00:00			`### Structure`

			```json
			`{`
			`"dns": {`
			`"rules": [`
			`{`
			`"inbound": [`
			`"mixed-in"`
			`],`
			`"network": "tcp",`
Update documentation 2022-07-27 04:03:07 +00:00			`"auth_user": [`
Add user rule item 2022-07-17 07:11:26 +00:00			`"usera",`
			`"userb"`
			`],`
Add log and dns documentation 2022-07-08 09:01:38 +00:00			`"protocol": [`
			`"tls",`
			`"http",`
			`"quic"`
			`],`
			`"domain": [`
			`"test.com"`
			`],`
			`"domain_suffix": [`
			`".cn"`
			`],`
			`"domain_keyword": [`
			`"test"`
			`],`
			`"domain_regex": [`
			`"^stun\\..+"`
			`],`
			`"geosite": [`
			`"cn"`
			`],`
			`"source_geoip": [`
			`"private"`
			`],`
			`"source_ip_cidr": [`
			`"10.0.0.0/24"`
			`],`
			`"source_port": [`
			`12345`
			`],`
Update documentation 2022-07-27 04:03:07 +00:00			`"source_port_range": [`
			`"1000:2000",`
			`":3000",`
			`"4000:"`
			`],`
Add log and dns documentation 2022-07-08 09:01:38 +00:00			`"port": [`
			`80,`
			`443`
			`],`
Update documentation 2022-07-27 04:03:07 +00:00			`"port_range": [`
			`"1000:2000",`
			`":3000",`
			`"4000:"`
			`],`
			`"process_name": [`
			`"curl"`
			`],`
			`"package_name": [`
			`"com.termux"`
			`],`
			`"user": [`
			`"sekai"`
			`],`
			`"user_id": [`
			`1000`
			`],`
			`"invert": false,`
Add log and dns documentation 2022-07-08 09:01:38 +00:00			`"outbound": [`
			`"direct"`
			`],`
Update documentation 2022-07-27 04:03:07 +00:00			`"server": "local",`
			`"disable_cache": false`
Add log and dns documentation 2022-07-08 09:01:38 +00:00			`},`
			`{`
			`"type": "logical",`
			`"mode": "and",`
			`"rules": [],`
Update documentation 2022-07-27 04:03:07 +00:00			`"server": "local",`
			`"disable_cache": false`
Add log and dns documentation 2022-07-08 09:01:38 +00:00			`}`
			`]`
			`}`
			`}`

			```

			`!!! note ""`

			`You can ignore the JSON Array [] tag when the content is only one item`

			`### Default Fields`

			`!!! note ""`

			`The default rule uses the following matching logic:`
			(`domain` \|\| `domain_suffix` \|\| `domain_keyword` \|\| `domain_regex` \|\| `geosite`) &&
			(`source_geoip` \|\| `source_ip_cidr`) &&
			`other fields`

			`#### inbound`

			`Tags of [inbound](../inbound).`

			`#### network`

			`tcp` or `udp`.

Add user rule item 2022-07-17 07:11:26 +00:00			`#### user`

			`Username, see each inbound for details.`

			`#### protocol`

			`Sniffed protocol, see [Sniff](/configuration/route/sniff/) for details.`

Add log and dns documentation 2022-07-08 09:01:38 +00:00			`#### domain`

			`Match full domain.`

			`#### domain_suffix`

			`Match domain suffix.`

			`#### domain_keyword`

			`Match domain using keyword.`

			`#### domain_regex`

			`Match domain using regular expression.`

			`#### geosite`

			`Match geosite.`

			`#### source_geoip`

			`Match source geoip.`

			`#### source_ip_cidr`

			`Match source ip cidr.`

			`#### source_port`

			`Match source port.`

Update documentation 2022-07-27 04:03:07 +00:00			`#### source_port_range`

			`Match source port range.`

Add log and dns documentation 2022-07-08 09:01:38 +00:00			`#### port`

			`Match port.`

Update documentation 2022-07-27 04:03:07 +00:00			`#### port_range`

			`Match port range.`

			`#### process_name`

			`!!! error ""`

			`Only supported on Linux, Windows, and macOS.`

			`Match process name.`

			`#### package_name`

			`Match android package name.`

			`#### user`

			`!!! error ""`

Remove incorrect warning 2022-08-09 08:36:17 +00:00			`Only supported on Linux.`
Update documentation 2022-07-27 04:03:07 +00:00
			`Match user name.`

			`#### user_id`

			`!!! error ""`

			`Only supported on Linux.`

			`Match user id.`

			`#### invert`

			`Invert match result.`

Add log and dns documentation 2022-07-08 09:01:38 +00:00			`#### outbound`

			`Match outbound.`

			`#### server`

Update documentation 2022-07-27 04:03:07 +00:00			`==Required==`

Add log and dns documentation 2022-07-08 09:01:38 +00:00			`Tag of the target dns server.`

Update documentation 2022-07-27 04:03:07 +00:00			`#### disable_cache`

			`Disable cache and save cache in this query.`

Add log and dns documentation 2022-07-08 09:01:38 +00:00			`### Logical Fields`

			`#### type`

			`logical`

			`#### mode`

			`and` or `or`

			`#### rules`

			`Included default rules.`

Update documentation 2022-07-27 04:03:07 +00:00			`#### invert`

			`Invert match result.`

Add log and dns documentation 2022-07-08 09:01:38 +00:00			`#### server`

Declare required fields in the documentation 2022-07-09 01:26:50 +00:00			`==Required==`

Add log and dns documentation 2022-07-08 09:01:38 +00:00			`Tag of the target dns server.`
Update documentation 2022-07-27 04:03:07 +00:00
			`#### disable_cache`

			`Disable cache and save cache in this query.`