Merge pull request #544 from AkinoKaede/dns-geo

Merge branch 'dns' into dns-geo
style: refine style
2025-08-23 18:16:50 +08:00 · 2021-05-03 21:20:31 +08:00 · 2021-05-01 10:44:29 +08:00 · 2021-05-01 08:55:27 +08:00 · 2021-05-01 08:48:51 +08:00 · 2021-04-18 13:24:44 +08:00
195 changed files with 9455 additions and 3632 deletions
--- a/.github/ISSUE_TEMPLATE/bug-en.md
+++ b/.github/ISSUE_TEMPLATE/bug-en.md
@@ -1,92 +0,0 @@
 ---
 name: Bug Report
 about: Create a bug report of Xray.
 title: '[Bug] <bug you are reporting>'
 labels: ''
 assignees: ''
 ---
 <!-- Thanks for your reporting.
 1. Please make sure you are submitting a bug of Xray-Core instead of acquiring usage or bug in third-party programs. If you are not sure, please contact us in our official Telegram group.
 2. Bug: **An error, flaw or fault in a program ** that causes it to produce an incorrect or unexpected result. (Reference: Wikipedia)
 3. Please check existing Issues and Discussions first and read the documentation in detail. Duplicated issues will be closed.
 4. Please don't report issue like "I can't use a feature". It's probably your own mistake.
 5. You should fully complete the following contents or this issue may not be handled.
 6. Please *make sure* the content you are submitting does not contain your private information.
 -->
 **Describe the bug**
 <!-- A clear and concise description of what the bug is. -->
 **To Reproduce**
 <!-- Steps to reproduce the bug: -->
 1.
 2.
 3.
 4.
 **Expected behavior**
 <!-- A clear and concise description of what you expected to happen. -->
 **Client Log**
 <details>
 ```
 Please paste your client log here:
 ```
 </details>
 **Server Log**
 <details>
 ```
 Please paste your server log here:
 ```
 </details>
 **Client config**
 <details>
 ```json
 Please paste your client config file here:
 ```
 </details>
 **Server Config**
 <details>
 ```json
 Please paste your server config file here:
 ```
 </details>
 **Client Information**
 - OS: [e.g. Windows 10]
 - Xray version [e.g. 1.3.1]
 - Xray installing approach：[e.g. Xray-install]
 **Server Information**
 - OS: [e.g. Windows 10]
 - Xray version [e.g. 1.3.1]
 - Xray installing approach：[e.g. Xray-install]
 **Additional Information**
 <!-- Add any other information about the problem here. -->
--- a/.github/ISSUE_TEMPLATE/bug-zh-CN.md
+++ b/.github/ISSUE_TEMPLATE/bug-zh-CN.md
@@ -1,91 +0,0 @@
 ---
 name: Bug 反馈
 about: 这是 Xray 的一个 bug。
 title: '[Bug] 你发现的bug'
 labels: ''
 assignees: ''
 ---
 <!-- 感谢您的反馈！
 1. 请先确认您提交的是 Xray-Core 的 Bug，而非使用咨询，抑或是第三方程序的 Bug。如果您不确定，请在 Telegram 群中反馈。
 2. Bug：软件运行中因为 **程序本身有错误** 而造成的功能不正常。(Reference: Wikipedia)
 3. 请先查询已有的 Issues 与 Discussions ，并且详细阅读文档的相关内容。如果您提出的是已知的问题，此 issue 将有可能被关闭。
 4. 请不要轻易提出类似“不能使用某功能”的问题。这往往是你自己的问题。
 5. 您需要完整地完成下列内容，否则此 issue 可能不会被处理。
 6. 请 *务必* 确保不包含任何个人隐私信息。
 -->
 **问题描述**
 <!-- 请清晰简洁地描述此问题。-->
 **复现方式**
 <!-- 复现此步骤的过程: -->
 1.
 2.
 3.
 4.
 **预期行为**
 <!-- 请清晰简洁地描述您期望的的行为。-->
 **客户端日志**
 <details>
 ```
 请删除此行，并在此处粘贴客户端日志
 ```
 </details>
 **服务端日志**
 <details>
 ```
 请删除此行，并在此处粘贴服务端日志
 ```
 </details>
 **客户端配置**
 <details>
 ```json
 请删除此行，并在此处粘贴客户端配置
 ```
 </details>
 **服务端配置**
 <details>
 ```json
 请删除此行，并在此处粘贴服务端日志
 ```
 </details>
 **客户端环境**
 - 系统与版本: [如 Windows 10]
 - Xray 版本 [如 1.3.1]
 - Xray 安装方式：[如 Xray-install]
 **服务端环境**
 - 系统与版本: [如 Windows 10]
 - Xray 版本 [如 1.3.1]
 - Xray 安装方式：[如 Xray-install]
 **附加信息**
 <!-- 如果您有额外的信息，请在此处说明。-->
--- a/.github/ISSUE_TEMPLATE/config.yaml
+++ b/.github/ISSUE_TEMPLATE/config.yaml
@@ -1,9 +0,0 @@
 contact_links:
  - name: 加入 Telegram 群组 / Join Telegram Group
    url: https://t.me/projectXray
  - name: 官方文档 / Official Document
    url: https://xtls.github.io/
  - name: 安装脚本 / Installing Script
    url: https://github.com/XTLS/Xray-install
  - name: 示例配置 / Example Config
    url: https://github.com/XTLS/Xray-examples
--- a/.github/ISSUE_TEMPLATE/feature-en.md
+++ b/.github/ISSUE_TEMPLATE/feature-en.md
@@ -1,32 +0,0 @@
 ---
 name: Feature Request
 about: Suggest an idea for Xray
 title: '[Feature] your idea'
 labels: ''
 assignees: ''
 ---
 <!-- Thanks for your support!
 1. Please confirm that you are submitting a feature request.
 2. We do not recommend any inexperienced users to request a new feature. 
 3. Please check existing Issues and Discussions first and read the documentation in detail. Duplicated issues will be closed
 4. To be clear: none of developers is obliged to meet your needs. In particular, features that do not make any sense.
 5. You should fully complete the following contents.
 -->
 **What's your idea？**
 <!-- A clear and concise description of your idea. -->
 **Is it related to an issue?**
 <!-- Please specify here if yes. -->
 **What's your solution?**
 <!-- Describe the solution you'd like. -->
 1. 
 2. 
 3. 
 4. 
 **Is there any additional information?**
 <!-- Add any other information here. -->
--- a/.github/ISSUE_TEMPLATE/feature-zh-CN.md
+++ b/.github/ISSUE_TEMPLATE/feature-zh-CN.md
@@ -1,32 +0,0 @@
 ---
 name: 功能请求
 about: 希望 Xray 添加一个新功能。
 title: '[Feature] 你的想法'
 labels: ''
 assignees: ''
 ---
 <!-- 感谢您的反馈！
 1. 请先确认您提交的是功能请求。
 2. 我们不建议缺少经验的用户提出功能请求。
 3. 请先查询已有的 Issues 与 Discussions ，并且详细阅读文档的相关内容。重复的 issue 将有可能被关闭。
 4. 需要向您明确一点：任何开发者均没有义务满足您的需求。特别是不合理或没有意义的功能。
 5. 您需要完整地完成下列内容，否则此 issue 可能不会被处理。
 -->
 **您的想法是什么？**
 <!-- 请清晰简洁地描述您预期中的功能。-->
 **是否与已知的 issue 相关？**
 <!-- 如果是，请在此注明 -->
 **您认为应如何实现此功能？**
 <!-- 请清晰简洁地描述如何实现此功能。-->
 1. 
 2. 
 3. 
 4. 
 **有没有额外的信息？**
 <!-- 如果您有额外的信息，请在此处说明。-->
--- a/.github/ISSUE_TEMPLATE/question-en.md
+++ b/.github/ISSUE_TEMPLATE/question-en.md
@@ -1,17 +0,0 @@
 ---
 name: Question
 about: Question of Xray.
 title: ''
 labels: ''
 assignees: ''
 ---
 <!-- Thanks for your support！
 1. Issue is **NOT** a proper place to ask a question, otherwise your issue may be closed.
 2. Please check existing Issues, Discussions and documentation in detail first. You may find the answers you want before you ask the question.
 3. If it is still not resolved, please give feedback in the our official Telegram group or Discussions.
 4. Wherever you ask a question, please *make sure* the content does not contain your private information.
 5. We highly recommend you to read https://github.com/tvvocold/How-To-Ask-Questions-The-Smart-Way.
 -->
--- a/.github/ISSUE_TEMPLATE/question-zh-CN.md
+++ b/.github/ISSUE_TEMPLATE/question-zh-CN.md
@@ -1,17 +0,0 @@
 ---
 name: 使用疑问
 about: 使用 Xray 时的疑问。
 title: ''
 labels: ''
 assignees: ''
 ---
 <!-- 感谢您的支持！
 1. Issue **不是**用来提问的, 否则将可能会被 close。
 2. 请先查询已有的 issue、discussion ，并且详细阅读文档的相关内容。那里可能有您需要的答案。
 3. 如果仍未解决，请在官方 Telegram 群中或 Discussion 区反馈。
 4. 无论在何处提问，请 *务必确保* 其不包含任何个人隐私信息。
 5. 我们强烈推荐您阅读 https://github.com/tvvocold/How-To-Ask-Questions-The-Smart-Way。
 -->
--- a/README.md
+++ b/README.md
@@ -23,8 +23,9 @@
  - [Xray4Magisk](https://github.com/CerteKim/Xray4Magisk)
  - [Xray_For_Magisk](https://github.com/E7KMbb/Xray_For_Magisk)
 - Homebrew
-  - [Repository 0](https://github.com/N4FA/homebrew-xray)
+  - `brew install xray`
-  - [Repository 1](https://github.com/xiruizhao/homebrew-xray)
+  - [(Tap) Repository 0](https://github.com/N4FA/homebrew-xray)
  - [(Tap) Repository 1](https://github.com/xiruizhao/homebrew-xray)
 ## Usage
--- a/app/dispatcher/default.go
+++ b/app/dispatcher/default.go
@@ -15,6 +15,7 @@ import (
 	"github.com/xtls/xray-core/common/protocol"
 	"github.com/xtls/xray-core/common/session"
 	"github.com/xtls/xray-core/core"
 	"github.com/xtls/xray-core/features/dns"
 	"github.com/xtls/xray-core/features/outbound"
 	"github.com/xtls/xray-core/features/policy"
 	"github.com/xtls/xray-core/features/routing"
@@ -175,17 +176,28 @@ func (d *DefaultDispatcher) getLink(ctx context.Context) (*transport.Link, *tran
 	return inboundLink, outboundLink
 }
-func shouldOverride(result SniffResult, request session.SniffingRequest) bool {
+func shouldOverride(ctx context.Context, result SniffResult, request session.SniffingRequest, destination net.Destination) bool {
 	domain := result.Domain()
-	for _, d := range request.ExcludeForDomain {
+	if request.ExcludedDomainMatcher != nil {
-		if domain == d {
+		if request.ExcludedDomainMatcher.ApplyDomain(domain) {
 			return false
 		}
 	}
-
+	var fakeDNSEngine dns.FakeDNSEngine
-	protocol := result.Protocol()
+	core.RequireFeatures(ctx, func(fdns dns.FakeDNSEngine) {
 		fakeDNSEngine = fdns
 	})
 	protocolString := result.Protocol()
 	if resComp, ok := result.(SnifferResultComposite); ok {
 		protocolString = resComp.ProtocolForDomainResult()
 	}
 	for _, p := range request.OverrideDestinationForProtocol {
-		if strings.HasPrefix(protocol, p) {
+		if strings.HasPrefix(protocolString, p) {
 			return true
 		}
 		if fakeDNSEngine != nil && protocolString != "bittorrent" && p == "fakedns" &&
 			destination.Address.Family().IsIP() && fakeDNSEngine.GetFakeIPRange().Contains(destination.Address.IP()) {
 			newError("Using sniffer ", protocolString, " since the fake DNS missed").WriteToLog(session.ExportIDToError(ctx))
 			return true
 		}
 	}
@@ -193,6 +205,16 @@ func shouldOverride(result SniffResult, request session.SniffingRequest) bool {
 	return false
 }
 func canSniff(ctx context.Context, req session.SniffingRequest, destination net.Destination) bool {
 	if destination.Address.Family().IsIP() && req.ExcludedIPMatcher != nil {
 		if req.ExcludedIPMatcher.MatchIP(destination.Address.IP()) {
 			return false
 		}
 	}
 	return true
 }
 // Dispatch implements routing.Dispatcher.
 func (d *DefaultDispatcher) Dispatch(ctx context.Context, destination net.Destination) (*transport.Link, error) {
 	if !destination.IsValid() {
@@ -210,19 +232,39 @@ func (d *DefaultDispatcher) Dispatch(ctx context.Context, destination net.Destin
 		ctx = session.ContextWithContent(ctx, content)
 	}
 	sniffingRequest := content.SniffingRequest
-	if destination.Network != net.Network_TCP || !sniffingRequest.Enabled {
+
 	if !canSniff(ctx, sniffingRequest, destination) {
 		newError("skip sniffing for ip ", destination.Address.String()).AtDebug().WriteToLog()
 		sniffingRequest.Enabled = false
 	}
 	switch {
 	case !sniffingRequest.Enabled:
 		go d.routedDispatch(ctx, outbound, destination)
-	} else {
+	case destination.Network != net.Network_TCP:
 		// Only metadata sniff will be used for non tcp connection
 		result, err := sniffer(ctx, nil, true)
 		if err == nil {
 			content.Protocol = result.Protocol()
 			if shouldOverride(ctx, result, sniffingRequest, destination) {
 				domain := result.Domain()
 				newError("sniffed domain: ", domain).WriteToLog(session.ExportIDToError(ctx))
 				destination.Address = net.ParseAddress(domain)
 				ob.Target = destination
 			}
 		}
 		go d.routedDispatch(ctx, outbound, destination)
 	default:
 		go func() {
 			cReader := &cachedReader{
 				reader: outbound.Reader.(*pipe.Reader),
 			}
 			outbound.Reader = cReader
-			result, err := sniffer(ctx, cReader)
+			result, err := sniffer(ctx, cReader, sniffingRequest.MetadataOnly)
 			if err == nil {
 				content.Protocol = result.Protocol()
 			}
-			if err == nil && shouldOverride(result, sniffingRequest) {
+			if err == nil && shouldOverride(ctx, result, sniffingRequest, destination) {
 				domain := result.Domain()
 				newError("sniffed domain: ", domain).WriteToLog(session.ExportIDToError(ctx))
 				destination.Address = net.ParseAddress(domain)
@@ -234,11 +276,19 @@ func (d *DefaultDispatcher) Dispatch(ctx context.Context, destination net.Destin
 	return inbound, nil
 }
-func sniffer(ctx context.Context, cReader *cachedReader) (SniffResult, error) {
+func sniffer(ctx context.Context, cReader *cachedReader, metadataOnly bool) (SniffResult, error) {
 	payload := buf.New()
 	defer payload.Release()
-	sniffer := NewSniffer()
+	sniffer := NewSniffer(ctx)
 	metaresult, metadataErr := sniffer.SniffMetadata(ctx)
 	if metadataOnly {
 		return metaresult, metadataErr
 	}
 	contentResult, contentErr := func() (SniffResult, error) {
 		totalAttempt := 0
 		for {
 			select {
@@ -252,7 +302,7 @@ func sniffer(ctx context.Context, cReader *cachedReader) (SniffResult, error) {
 				cReader.Cache(payload)
 				if !payload.IsEmpty() {
-				result, err := sniffer.Sniff(payload.Bytes())
+					result, err := sniffer.Sniff(ctx, payload.Bytes())
 					if err != common.ErrNoClue {
 						return result, err
 					}
@@ -262,20 +312,23 @@ func sniffer(ctx context.Context, cReader *cachedReader) (SniffResult, error) {
 				}
 			}
 		}
 	}()
 	if contentErr != nil && metadataErr == nil {
 		return metaresult, nil
 	}
 	if contentErr == nil && metadataErr == nil {
 		return CompositeResult(metaresult, contentResult), nil
 	}
 	return contentResult, contentErr
 }
 func (d *DefaultDispatcher) routedDispatch(ctx context.Context, link *transport.Link, destination net.Destination) {
 	var handler outbound.Handler
 	skipRoutePick := false
 	if content := session.ContentFromContext(ctx); content != nil {
 		skipRoutePick = content.SkipRoutePick
 	}
 	routingLink := routing_session.AsRoutingContext(ctx)
 	inTag := routingLink.GetInboundTag()
 	isPickRoute := false
-	if d.router != nil && !skipRoutePick {
+	if d.router != nil {
 		if route, err := d.router.PickRoute(routingLink); err == nil {
 			outTag := route.GetOutboundTag()
 			isPickRoute = true
--- a/app/dispatcher/fakednssniffer.go
+++ b/app/dispatcher/fakednssniffer.go
@@ -0,0 +1,49 @@
 package dispatcher
 import (
 	"context"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/session"
 	"github.com/xtls/xray-core/core"
 	"github.com/xtls/xray-core/features/dns"
 )
 // newFakeDNSSniffer Create a Fake DNS metadata sniffer
 func newFakeDNSSniffer(ctx context.Context) (protocolSnifferWithMetadata, error) {
 	var fakeDNSEngine dns.FakeDNSEngine
 	err := core.RequireFeatures(ctx, func(fdns dns.FakeDNSEngine) {
 		fakeDNSEngine = fdns
 	})
 	if err != nil {
 		return protocolSnifferWithMetadata{}, err
 	}
 	if fakeDNSEngine == nil {
 		errNotInit := newError("FakeDNSEngine is not initialized, but such a sniffer is used").AtError()
 		return protocolSnifferWithMetadata{}, errNotInit
 	}
 	return protocolSnifferWithMetadata{protocolSniffer: func(ctx context.Context, bytes []byte) (SniffResult, error) {
 		Target := session.OutboundFromContext(ctx).Target
 		if Target.Network == net.Network_TCP || Target.Network == net.Network_UDP {
 			domainFromFakeDNS := fakeDNSEngine.GetDomainFromFakeDNS(Target.Address)
 			if domainFromFakeDNS != "" {
 				newError("fake dns got domain: ", domainFromFakeDNS, " for ip: ", Target.Address.String()).WriteToLog(session.ExportIDToError(ctx))
 				return &fakeDNSSniffResult{domainName: domainFromFakeDNS}, nil
 			}
 		}
 		return nil, common.ErrNoClue
 	}, metadataSniffer: true}, nil
 }
 type fakeDNSSniffResult struct {
 	domainName string
 }
 func (fakeDNSSniffResult) Protocol() string {
 	return "fakedns"
 }
 func (f fakeDNSSniffResult) Domain() string {
 	return f.domainName
 }
--- a/app/dispatcher/sniffer.go
+++ b/app/dispatcher/sniffer.go
@@ -1,6 +1,8 @@
 package dispatcher
 import (
 	"context"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/protocol/bittorrent"
 	"github.com/xtls/xray-core/common/protocol/http"
@@ -12,30 +14,46 @@ type SniffResult interface {
 	Domain() string
 }
-type protocolSniffer func([]byte) (SniffResult, error)
+type protocolSniffer func(context.Context, []byte) (SniffResult, error)
 type protocolSnifferWithMetadata struct {
 	protocolSniffer protocolSniffer
 	// A Metadata sniffer will be invoked on connection establishment only, with nil body,
 	// for both TCP and UDP connections
 	// It will not be shown as a traffic type for routing unless there is no other successful sniffing.
 	metadataSniffer bool
 }
 type Sniffer struct {
-	sniffer []protocolSniffer
+	sniffer []protocolSnifferWithMetadata
 }
-func NewSniffer() *Sniffer {
+func NewSniffer(ctx context.Context) *Sniffer {
-	return &Sniffer{
+	ret := &Sniffer{
-		sniffer: []protocolSniffer{
+		sniffer: []protocolSnifferWithMetadata{
-			func(b []byte) (SniffResult, error) { return http.SniffHTTP(b) },
+			{func(c context.Context, b []byte) (SniffResult, error) { return http.SniffHTTP(b) }, false},
-			func(b []byte) (SniffResult, error) { return tls.SniffTLS(b) },
+			{func(c context.Context, b []byte) (SniffResult, error) { return tls.SniffTLS(b) }, false},
-			func(b []byte) (SniffResult, error) { return bittorrent.SniffBittorrent(b) },
+			{func(c context.Context, b []byte) (SniffResult, error) { return bittorrent.SniffBittorrent(b) }, false},
 		},
 	}
 	if sniffer, err := newFakeDNSSniffer(ctx); err == nil {
 		ret.sniffer = append(ret.sniffer, sniffer)
 	}
 	return ret
 }
 var errUnknownContent = newError("unknown content")
-func (s *Sniffer) Sniff(payload []byte) (SniffResult, error) {
+func (s *Sniffer) Sniff(c context.Context, payload []byte) (SniffResult, error) {
-	var pendingSniffer []protocolSniffer
+	var pendingSniffer []protocolSnifferWithMetadata
-	for _, s := range s.sniffer {
+	for _, si := range s.sniffer {
-		result, err := s(payload)
+		s := si.protocolSniffer
 		if si.metadataSniffer {
 			continue
 		}
 		result, err := s(c, payload)
 		if err == common.ErrNoClue {
-			pendingSniffer = append(pendingSniffer, s)
+			pendingSniffer = append(pendingSniffer, si)
 			continue
 		}
@@ -51,3 +69,55 @@ func (s *Sniffer) Sniff(payload []byte) (SniffResult, error) {
 	return nil, errUnknownContent
 }
 func (s *Sniffer) SniffMetadata(c context.Context) (SniffResult, error) {
 	var pendingSniffer []protocolSnifferWithMetadata
 	for _, si := range s.sniffer {
 		s := si.protocolSniffer
 		if !si.metadataSniffer {
 			pendingSniffer = append(pendingSniffer, si)
 			continue
 		}
 		result, err := s(c, nil)
 		if err == common.ErrNoClue {
 			pendingSniffer = append(pendingSniffer, si)
 			continue
 		}
 		if err == nil && result != nil {
 			return result, nil
 		}
 	}
 	if len(pendingSniffer) > 0 {
 		s.sniffer = pendingSniffer
 		return nil, common.ErrNoClue
 	}
 	return nil, errUnknownContent
 }
 func CompositeResult(domainResult SniffResult, protocolResult SniffResult) SniffResult {
 	return &compositeResult{domainResult: domainResult, protocolResult: protocolResult}
 }
 type compositeResult struct {
 	domainResult   SniffResult
 	protocolResult SniffResult
 }
 func (c compositeResult) Protocol() string {
 	return c.protocolResult.Protocol()
 }
 func (c compositeResult) Domain() string {
 	return c.domainResult.Domain()
 }
 func (c compositeResult) ProtocolForDomainResult() string {
 	return c.domainResult.Protocol()
 }
 type SnifferResultComposite interface {
 	ProtocolForDomainResult() string
 }
--- a/app/dns/config.go
+++ b/app/dns/config.go
@@ -0,0 +1,64 @@
 package dns
 import (
 	dm "github.com/xtls/xray-core/common/matcher/domain"
 	"github.com/xtls/xray-core/common/matcher/str"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/uuid"
 )
 var typeMap = map[dm.MatchingType]str.Type{
 	dm.MatchingType_Keyword:   str.Substr,
 	dm.MatchingType_Regex:     str.Regex,
 	dm.MatchingType_Subdomain: str.Domain,
 	dm.MatchingType_Full:      str.Full,
 }
 // References:
 // https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
 // https://unix.stackexchange.com/questions/92441/whats-the-difference-between-local-home-and-lan
 var localTLDsAndDotlessDomains = []*dm.Domain{
 	{Type: dm.MatchingType_Regex, Value: "^[^.]+$"}, // This will only match domains without any dot
 	{Type: dm.MatchingType_Subdomain, Value: "local"},
 	{Type: dm.MatchingType_Subdomain, Value: "localdomain"},
 	{Type: dm.MatchingType_Subdomain, Value: "localhost"},
 	{Type: dm.MatchingType_Subdomain, Value: "lan"},
 	{Type: dm.MatchingType_Subdomain, Value: "home.arpa"},
 	{Type: dm.MatchingType_Subdomain, Value: "example"},
 	{Type: dm.MatchingType_Subdomain, Value: "invalid"},
 	{Type: dm.MatchingType_Subdomain, Value: "test"},
 }
 var localTLDsAndDotlessDomainsRule = &NameServer_OriginalRule{
 	Rule: "geosite:private",
 	Size: uint32(len(localTLDsAndDotlessDomains)),
 }
 func toStrMatcher(t dm.MatchingType, domain string) (str.Matcher, error) {
 	strMType, f := typeMap[t]
 	if !f {
 		return nil, newError("unknown mapping type", t).AtWarning()
 	}
 	matcher, err := strMType.New(domain)
 	if err != nil {
 		return nil, newError("failed to create str matcher").Base(err)
 	}
 	return matcher, nil
 }
 func toNetIP(addrs []net.Address) ([]net.IP, error) {
 	ips := make([]net.IP, 0, len(addrs))
 	for _, addr := range addrs {
 		if addr.Family().IsIP() {
 			ips = append(ips, addr.IP())
 		} else {
 			return nil, newError("Failed to convert address", addr, "to Net IP.").AtWarning()
 		}
 	}
 	return ips, nil
 }
 func generateRandomTag() string {
 	id := uuid.New()
 	return "xray.system." + id.String()
 }
--- a/app/dns/config.pb.go
+++ b/app/dns/config.pb.go
@@ -1,14 +1,14 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.25.0
+// 	protoc-gen-go v1.26.0
-// 	protoc        v3.14.0
+// 	protoc        v3.15.8
 // source: app/dns/config.proto
 package dns
 import (
-	proto "github.com/golang/protobuf/proto"
+	domain "github.com/xtls/xray-core/common/matcher/domain"
-	router "github.com/xtls/xray-core/app/router"
+	geoip "github.com/xtls/xray-core/common/matcher/geoip"
 	net "github.com/xtls/xray-core/common/net"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
@@ -23,70 +23,114 @@ const (
 	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
 )
-// This is a compile-time assertion that a sufficiently up-to-date version
+type QueryStrategy int32
 // of the legacy proto package is being used.
 const _ = proto.ProtoPackageIsVersion4
 type DomainMatchingType int32
 const (
-	DomainMatchingType_Full      DomainMatchingType = 0
+	QueryStrategy_USE_IP  QueryStrategy = 0
-	DomainMatchingType_Subdomain DomainMatchingType = 1
+	QueryStrategy_USE_IP4 QueryStrategy = 1
-	DomainMatchingType_Keyword   DomainMatchingType = 2
+	QueryStrategy_USE_IP6 QueryStrategy = 2
 	DomainMatchingType_Regex     DomainMatchingType = 3
 )
-// Enum value maps for DomainMatchingType.
+// Enum value maps for QueryStrategy.
 var (
-	DomainMatchingType_name = map[int32]string{
+	QueryStrategy_name = map[int32]string{
-		0: "Full",
+		0: "USE_IP",
-		1: "Subdomain",
+		1: "USE_IP4",
-		2: "Keyword",
+		2: "USE_IP6",
 		3: "Regex",
 	}
-	DomainMatchingType_value = map[string]int32{
+	QueryStrategy_value = map[string]int32{
-		"Full":      0,
+		"USE_IP":  0,
-		"Subdomain": 1,
+		"USE_IP4": 1,
-		"Keyword":   2,
+		"USE_IP6": 2,
 		"Regex":     3,
 	}
 )
-func (x DomainMatchingType) Enum() *DomainMatchingType {
+func (x QueryStrategy) Enum() *QueryStrategy {
-	p := new(DomainMatchingType)
+	p := new(QueryStrategy)
 	*p = x
 	return p
 }
-func (x DomainMatchingType) String() string {
+func (x QueryStrategy) String() string {
 	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
 }
-func (DomainMatchingType) Descriptor() protoreflect.EnumDescriptor {
+func (QueryStrategy) Descriptor() protoreflect.EnumDescriptor {
 	return file_app_dns_config_proto_enumTypes[0].Descriptor()
 }
-func (DomainMatchingType) Type() protoreflect.EnumType {
+func (QueryStrategy) Type() protoreflect.EnumType {
 	return &file_app_dns_config_proto_enumTypes[0]
 }
-func (x DomainMatchingType) Number() protoreflect.EnumNumber {
+func (x QueryStrategy) Number() protoreflect.EnumNumber {
 	return protoreflect.EnumNumber(x)
 }
-// Deprecated: Use DomainMatchingType.Descriptor instead.
+// Deprecated: Use QueryStrategy.Descriptor instead.
-func (DomainMatchingType) EnumDescriptor() ([]byte, []int) {
+func (QueryStrategy) EnumDescriptor() ([]byte, []int) {
 	return file_app_dns_config_proto_rawDescGZIP(), []int{0}
 }
 type CacheStrategy int32
 const (
 	CacheStrategy_Cache_ALL     CacheStrategy = 0
 	CacheStrategy_Cache_NOERROR CacheStrategy = 1
 	CacheStrategy_Cache_DISABLE CacheStrategy = 2
 )
 // Enum value maps for CacheStrategy.
 var (
 	CacheStrategy_name = map[int32]string{
 		0: "Cache_ALL",
 		1: "Cache_NOERROR",
 		2: "Cache_DISABLE",
 	}
 	CacheStrategy_value = map[string]int32{
 		"Cache_ALL":     0,
 		"Cache_NOERROR": 1,
 		"Cache_DISABLE": 2,
 	}
 )
 func (x CacheStrategy) Enum() *CacheStrategy {
 	p := new(CacheStrategy)
 	*p = x
 	return p
 }
 func (x CacheStrategy) String() string {
 	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
 }
 func (CacheStrategy) Descriptor() protoreflect.EnumDescriptor {
 	return file_app_dns_config_proto_enumTypes[1].Descriptor()
 }
 func (CacheStrategy) Type() protoreflect.EnumType {
 	return &file_app_dns_config_proto_enumTypes[1]
 }
 func (x CacheStrategy) Number() protoreflect.EnumNumber {
 	return protoreflect.EnumNumber(x)
 }
 // Deprecated: Use CacheStrategy.Descriptor instead.
 func (CacheStrategy) EnumDescriptor() ([]byte, []int) {
 	return file_app_dns_config_proto_rawDescGZIP(), []int{1}
 }
 type NameServer struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	Address           *net.Endpoint              `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
-	PrioritizedDomain []*NameServer_PriorityDomain `protobuf:"bytes,2,rep,name=prioritized_domain,json=prioritizedDomain,proto3" json:"prioritized_domain,omitempty"`
+	ClientIp          []byte                     `protobuf:"bytes,5,opt,name=client_ip,json=clientIp,proto3" json:"client_ip,omitempty"`
-	Geoip             []*router.GeoIP              `protobuf:"bytes,3,rep,name=geoip,proto3" json:"geoip,omitempty"`
+	SkipFallback      bool                       `protobuf:"varint,6,opt,name=skipFallback,proto3" json:"skipFallback,omitempty"`
 	PrioritizedDomain []*domain.Domain           `protobuf:"bytes,2,rep,name=prioritized_domain,json=prioritizedDomain,proto3" json:"prioritized_domain,omitempty"`
 	Geoip             []*geoip.GeoIP             `protobuf:"bytes,3,rep,name=geoip,proto3" json:"geoip,omitempty"`
 	OriginalRules     []*NameServer_OriginalRule `protobuf:"bytes,4,rep,name=original_rules,json=originalRules,proto3" json:"original_rules,omitempty"`
 }
@@ -129,14 +173,28 @@ func (x *NameServer) GetAddress() *net.Endpoint {
 	return nil
 }
-func (x *NameServer) GetPrioritizedDomain() []*NameServer_PriorityDomain {
+func (x *NameServer) GetClientIp() []byte {
 	if x != nil {
 		return x.ClientIp
 	}
 	return nil
 }
 func (x *NameServer) GetSkipFallback() bool {
 	if x != nil {
 		return x.SkipFallback
 	}
 	return false
 }
 func (x *NameServer) GetPrioritizedDomain() []*domain.Domain {
 	if x != nil {
 		return x.PrioritizedDomain
 	}
 	return nil
 }
-func (x *NameServer) GetGeoip() []*router.GeoIP {
+func (x *NameServer) GetGeoip() []*geoip.GeoIP {
 	if x != nil {
 		return x.Geoip
 	}
@@ -174,6 +232,10 @@ type Config struct {
 	StaticHosts []*Config_HostMapping `protobuf:"bytes,4,rep,name=static_hosts,json=staticHosts,proto3" json:"static_hosts,omitempty"`
 	// Tag is the inbound tag of DNS client.
 	Tag string `protobuf:"bytes,6,opt,name=tag,proto3" json:"tag,omitempty"`
 	// DisableCache disables DNS cache
 	CacheStrategy   CacheStrategy `protobuf:"varint,8,opt,name=cache_strategy,json=cacheStrategy,proto3,enum=xray.app.dns.CacheStrategy" json:"cache_strategy,omitempty"`
 	QueryStrategy   QueryStrategy `protobuf:"varint,9,opt,name=query_strategy,json=queryStrategy,proto3,enum=xray.app.dns.QueryStrategy" json:"query_strategy,omitempty"`
 	DisableFallback bool          `protobuf:"varint,10,opt,name=disableFallback,proto3" json:"disableFallback,omitempty"`
 }
 func (x *Config) Reset() {
@@ -252,59 +314,25 @@ func (x *Config) GetTag() string {
 	return ""
 }
-type NameServer_PriorityDomain struct {
+func (x *Config) GetCacheStrategy() CacheStrategy {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	Type   DomainMatchingType `protobuf:"varint,1,opt,name=type,proto3,enum=xray.app.dns.DomainMatchingType" json:"type,omitempty"`
 	Domain string             `protobuf:"bytes,2,opt,name=domain,proto3" json:"domain,omitempty"`
 }
 func (x *NameServer_PriorityDomain) Reset() {
 	*x = NameServer_PriorityDomain{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_app_dns_config_proto_msgTypes[2]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *NameServer_PriorityDomain) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*NameServer_PriorityDomain) ProtoMessage() {}
 func (x *NameServer_PriorityDomain) ProtoReflect() protoreflect.Message {
 	mi := &file_app_dns_config_proto_msgTypes[2]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use NameServer_PriorityDomain.ProtoReflect.Descriptor instead.
 func (*NameServer_PriorityDomain) Descriptor() ([]byte, []int) {
 	return file_app_dns_config_proto_rawDescGZIP(), []int{0, 0}
 }
 func (x *NameServer_PriorityDomain) GetType() DomainMatchingType {
 	if x != nil {
-		return x.Type
+		return x.CacheStrategy
 	}
-	return DomainMatchingType_Full
+	return CacheStrategy_Cache_ALL
 }
-func (x *NameServer_PriorityDomain) GetDomain() string {
+func (x *Config) GetQueryStrategy() QueryStrategy {
 	if x != nil {
-		return x.Domain
+		return x.QueryStrategy
 	}
-	return ""
+	return QueryStrategy_USE_IP
 }
 func (x *Config) GetDisableFallback() bool {
 	if x != nil {
 		return x.DisableFallback
 	}
 	return false
 }
 type NameServer_OriginalRule struct {
@@ -319,7 +347,7 @@ type NameServer_OriginalRule struct {
 func (x *NameServer_OriginalRule) Reset() {
 	*x = NameServer_OriginalRule{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_app_dns_config_proto_msgTypes[3]
+		mi := &file_app_dns_config_proto_msgTypes[2]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -332,7 +360,7 @@ func (x *NameServer_OriginalRule) String() string {
 func (*NameServer_OriginalRule) ProtoMessage() {}
 func (x *NameServer_OriginalRule) ProtoReflect() protoreflect.Message {
-	mi := &file_app_dns_config_proto_msgTypes[3]
+	mi := &file_app_dns_config_proto_msgTypes[2]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -345,7 +373,7 @@ func (x *NameServer_OriginalRule) ProtoReflect() protoreflect.Message {
 // Deprecated: Use NameServer_OriginalRule.ProtoReflect.Descriptor instead.
 func (*NameServer_OriginalRule) Descriptor() ([]byte, []int) {
-	return file_app_dns_config_proto_rawDescGZIP(), []int{0, 1}
+	return file_app_dns_config_proto_rawDescGZIP(), []int{0, 0}
 }
 func (x *NameServer_OriginalRule) GetRule() string {
@@ -367,19 +395,18 @@ type Config_HostMapping struct {
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
-	Type   DomainMatchingType `protobuf:"varint,1,opt,name=type,proto3,enum=xray.app.dns.DomainMatchingType" json:"type,omitempty"`
+	Type   domain.MatchingType `protobuf:"varint,1,opt,name=type,proto3,enum=xray.common.matcher.domain.MatchingType" json:"type,omitempty"`
 	Domain string              `protobuf:"bytes,2,opt,name=domain,proto3" json:"domain,omitempty"`
 	Ip     [][]byte            `protobuf:"bytes,3,rep,name=ip,proto3" json:"ip,omitempty"`
 	// ProxiedDomain indicates the mapped domain has the same IP address on this
-	// domain. Xray will use this domain for IP queries. This field is only
+	// domain. Xray will use this domain for IP queries.
 	// effective if ip is empty.
 	ProxiedDomain string `protobuf:"bytes,4,opt,name=proxied_domain,json=proxiedDomain,proto3" json:"proxied_domain,omitempty"`
 }
 func (x *Config_HostMapping) Reset() {
 	*x = Config_HostMapping{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_app_dns_config_proto_msgTypes[5]
+		mi := &file_app_dns_config_proto_msgTypes[4]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -392,7 +419,7 @@ func (x *Config_HostMapping) String() string {
 func (*Config_HostMapping) ProtoMessage() {}
 func (x *Config_HostMapping) ProtoReflect() protoreflect.Message {
-	mi := &file_app_dns_config_proto_msgTypes[5]
+	mi := &file_app_dns_config_proto_msgTypes[4]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -408,11 +435,11 @@ func (*Config_HostMapping) Descriptor() ([]byte, []int) {
 	return file_app_dns_config_proto_rawDescGZIP(), []int{1, 1}
 }
-func (x *Config_HostMapping) GetType() DomainMatchingType {
+func (x *Config_HostMapping) GetType() domain.MatchingType {
 	if x != nil {
 		return x.Type
 	}
-	return DomainMatchingType_Full
+	return domain.MatchingType_Full
 }
 func (x *Config_HostMapping) GetDomain() string {
@@ -444,79 +471,96 @@ var file_app_dns_config_proto_rawDesc = []byte{
 	0x2e, 0x64, 0x6e, 0x73, 0x1a, 0x18, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6e, 0x65, 0x74,
 	0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c,
 	0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6e, 0x65, 0x74, 0x2f, 0x64, 0x65, 0x73, 0x74, 0x69,
-	0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x61, 0x70,
+	0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22, 0x63, 0x6f,
-	0x70, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x64, 0x6f, 0x6d,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xad, 0x03, 0x0a, 0x0a, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65,
+	0x61, 0x69, 0x6e, 0x2f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x72, 0x76, 0x65, 0x72, 0x12, 0x33, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18,
+	0x1a, 0x20, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
-	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d,
+	0x2f, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x2f, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x2e, 0x70, 0x72, 0x6f,
-	0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x74, 0x6f, 0x22, 0x93, 0x03, 0x0a, 0x0a, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65,
-	0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x56, 0x0a, 0x12, 0x70, 0x72, 0x69,
+	0x72, 0x12, 0x33, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01,
-	0x6f, 0x72, 0x69, 0x74, 0x69, 0x7a, 0x65, 0x64, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18,
+	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e,
-	0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70,
+	0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x07, 0x61,
-	0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x1b, 0x0a, 0x09, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
-	0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x52, 0x11,
+	0x5f, 0x69, 0x70, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x08, 0x63, 0x6c, 0x69, 0x65, 0x6e,
-	0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x7a, 0x65, 0x64, 0x44, 0x6f, 0x6d, 0x61, 0x69,
+	0x74, 0x49, 0x70, 0x12, 0x22, 0x0a, 0x0c, 0x73, 0x6b, 0x69, 0x70, 0x46, 0x61, 0x6c, 0x6c, 0x62,
-	0x6e, 0x12, 0x2c, 0x0a, 0x05, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b,
+	0x61, 0x63, 0x6b, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x73, 0x6b, 0x69, 0x70, 0x46,
-	0x32, 0x16, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x12, 0x51, 0x0a, 0x12, 0x70, 0x72, 0x69, 0x6f, 0x72,
-	0x65, 0x72, 0x2e, 0x47, 0x65, 0x6f, 0x49, 0x50, 0x52, 0x05, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x12,
+	0x69, 0x74, 0x69, 0x7a, 0x65, 0x64, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x02, 0x20,
-	0x4c, 0x0a, 0x0e, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x75, 0x6c, 0x65,
+	0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f,
-	0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61,
+	0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e,
-	0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65,
+	0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x52, 0x11, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74,
-	0x72, 0x2e, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x52, 0x0d,
+	0x69, 0x7a, 0x65, 0x64, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x36, 0x0a, 0x05, 0x67, 0x65,
-	0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x1a, 0x5e, 0x0a,
+	0x6f, 0x69, 0x70, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x78, 0x72, 0x61, 0x79,
-	0x0e, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12,
+	0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
-	0x34, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e,
+	0x67, 0x65, 0x6f, 0x69, 0x70, 0x2e, 0x47, 0x65, 0x6f, 0x49, 0x50, 0x52, 0x05, 0x67, 0x65, 0x6f,
-	0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x44, 0x6f, 0x6d,
+	0x69, 0x70, 0x12, 0x4c, 0x0a, 0x0e, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72,
-	0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x69, 0x6e, 0x67, 0x54, 0x79, 0x70, 0x65, 0x52,
+	0x75, 0x6c, 0x65, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x78, 0x72, 0x61,
 	0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65,
 	0x72, 0x76, 0x65, 0x72, 0x2e, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x75, 0x6c,
 	0x65, 0x52, 0x0d, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x73,
 	0x1a, 0x36, 0x0a, 0x0c, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x75, 0x6c, 0x65,
 	0x12, 0x12, 0x0a, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
 	0x72, 0x75, 0x6c, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x02, 0x20, 0x01,
 	0x28, 0x0d, 0x52, 0x04, 0x73, 0x69, 0x7a, 0x65, 0x22, 0xdf, 0x05, 0x0a, 0x06, 0x43, 0x6f, 0x6e,
 	0x66, 0x69, 0x67, 0x12, 0x3f, 0x0a, 0x0b, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65,
 	0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e,
 	0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f,
 	0x69, 0x6e, 0x74, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0b, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72,
 	0x76, 0x65, 0x72, 0x73, 0x12, 0x39, 0x0a, 0x0b, 0x6e, 0x61, 0x6d, 0x65, 0x5f, 0x73, 0x65, 0x72,
 	0x76, 0x65, 0x72, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x78, 0x72, 0x61, 0x79,
 	0x2e, 0x61, 0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72,
 	0x76, 0x65, 0x72, 0x52, 0x0a, 0x6e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12,
 	0x39, 0x0a, 0x05, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f,
 	0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x43, 0x6f,
 	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x42,
 	0x02, 0x18, 0x01, 0x52, 0x05, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x12, 0x1b, 0x0a, 0x09, 0x63, 0x6c,
 	0x69, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x08, 0x63,
 	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x49, 0x70, 0x12, 0x43, 0x0a, 0x0c, 0x73, 0x74, 0x61, 0x74, 0x69,
 	0x63, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e,
 	0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x43, 0x6f, 0x6e,
 	0x66, 0x69, 0x67, 0x2e, 0x48, 0x6f, 0x73, 0x74, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x52,
 	0x0b, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x12, 0x10, 0x0a, 0x03,
 	0x74, 0x61, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x74, 0x61, 0x67, 0x12, 0x42,
 	0x0a, 0x0e, 0x63, 0x61, 0x63, 0x68, 0x65, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79,
 	0x18, 0x08, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1b, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70,
 	0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x43, 0x61, 0x63, 0x68, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74,
 	0x65, 0x67, 0x79, 0x52, 0x0d, 0x63, 0x61, 0x63, 0x68, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65,
 	0x67, 0x79, 0x12, 0x42, 0x0a, 0x0e, 0x71, 0x75, 0x65, 0x72, 0x79, 0x5f, 0x73, 0x74, 0x72, 0x61,
 	0x74, 0x65, 0x67, 0x79, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1b, 0x2e, 0x78, 0x72, 0x61,
 	0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x51, 0x75, 0x65, 0x72, 0x79, 0x53,
 	0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x52, 0x0d, 0x71, 0x75, 0x65, 0x72, 0x79, 0x53, 0x74,
 	0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x28, 0x0a, 0x0f, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c,
 	0x65, 0x46, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x52,
 	0x0f, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b,
 	0x1a, 0x55, 0x0a, 0x0a, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10,
 	0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79,
 	0x12, 0x31, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
 	0x1b, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65,
 	0x74, 0x2e, 0x49, 0x50, 0x4f, 0x72, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x52, 0x05, 0x76, 0x61,
 	0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x1a, 0x9a, 0x01, 0x0a, 0x0b, 0x48, 0x6f, 0x73, 0x74,
 	0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x12, 0x3c, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18,
 	0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x28, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d,
 	0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x64, 0x6f, 0x6d, 0x61,
 	0x69, 0x6e, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x69, 0x6e, 0x67, 0x54, 0x79, 0x70, 0x65, 0x52,
 	0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18,
-	0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x1a, 0x36, 0x0a,
+	0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x0e, 0x0a,
-	0x0c, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x12, 0x12, 0x0a,
+	0x02, 0x69, 0x70, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x02, 0x69, 0x70, 0x12, 0x25, 0x0a,
-	0x04, 0x72, 0x75, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x72, 0x75, 0x6c,
+	0x0e, 0x70, 0x72, 0x6f, 0x78, 0x69, 0x65, 0x64, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18,
-	0x65, 0x12, 0x12, 0x0a, 0x04, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52,
+	0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x70, 0x72, 0x6f, 0x78, 0x69, 0x65, 0x64, 0x44, 0x6f,
-	0x04, 0x73, 0x69, 0x7a, 0x65, 0x22, 0x9f, 0x04, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x6d, 0x61, 0x69, 0x6e, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x2a, 0x35, 0x0a, 0x0d, 0x51, 0x75,
-	0x12, 0x3f, 0x0a, 0x0b, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x18,
+	0x65, 0x72, 0x79, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x0a, 0x0a, 0x06, 0x55,
-	0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d,
+	0x53, 0x45, 0x5f, 0x49, 0x50, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49,
-	0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x50, 0x34, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10,
-	0x42, 0x02, 0x18, 0x01, 0x52, 0x0b, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
+	0x02, 0x2a, 0x44, 0x0a, 0x0d, 0x43, 0x61, 0x63, 0x68, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65,
-	0x73, 0x12, 0x39, 0x0a, 0x0b, 0x6e, 0x61, 0x6d, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72,
+	0x67, 0x79, 0x12, 0x0d, 0x0a, 0x09, 0x43, 0x61, 0x63, 0x68, 0x65, 0x5f, 0x41, 0x4c, 0x4c, 0x10,
-	0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70,
+	0x00, 0x12, 0x11, 0x0a, 0x0d, 0x43, 0x61, 0x63, 0x68, 0x65, 0x5f, 0x4e, 0x4f, 0x45, 0x52, 0x52,
-	0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
+	0x4f, 0x52, 0x10, 0x01, 0x12, 0x11, 0x0a, 0x0d, 0x43, 0x61, 0x63, 0x68, 0x65, 0x5f, 0x44, 0x49,
-	0x52, 0x0a, 0x6e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x39, 0x0a, 0x05,
+	0x53, 0x41, 0x42, 0x4c, 0x45, 0x10, 0x02, 0x42, 0x46, 0x0a, 0x10, 0x63, 0x6f, 0x6d, 0x2e, 0x78,
-	0x48, 0x6f, 0x73, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x78, 0x72,
+	0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x50, 0x01, 0x5a, 0x21, 0x67,
-	0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78,
-	0x67, 0x2e, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x42, 0x02, 0x18, 0x01,
+	0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x70, 0x2f, 0x64, 0x6e, 0x73,
-	0x52, 0x05, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x12, 0x1b, 0x0a, 0x09, 0x63, 0x6c, 0x69, 0x65, 0x6e,
+	0xaa, 0x02, 0x0c, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x41, 0x70, 0x70, 0x2e, 0x44, 0x6e, 0x73, 0x62,
-	0x74, 0x5f, 0x69, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x08, 0x63, 0x6c, 0x69, 0x65,
+	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 	0x6e, 0x74, 0x49, 0x70, 0x12, 0x43, 0x0a, 0x0c, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x68,
 	0x6f, 0x73, 0x74, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x78, 0x72, 0x61,
 	0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
 	0x2e, 0x48, 0x6f, 0x73, 0x74, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x52, 0x0b, 0x73, 0x74,
 	0x61, 0x74, 0x69, 0x63, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x12, 0x10, 0x0a, 0x03, 0x74, 0x61, 0x67,
 	0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x74, 0x61, 0x67, 0x1a, 0x55, 0x0a, 0x0a, 0x48,
 	0x6f, 0x73, 0x74, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79,
 	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x31, 0x0a, 0x05, 0x76,
 	0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x78, 0x72, 0x61,
 	0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x49, 0x50, 0x4f,
 	0x72, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02,
 	0x38, 0x01, 0x1a, 0x92, 0x01, 0x0a, 0x0b, 0x48, 0x6f, 0x73, 0x74, 0x4d, 0x61, 0x70, 0x70, 0x69,
 	0x6e, 0x67, 0x12, 0x34, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e,
 	0x32, 0x20, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e,
 	0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x69, 0x6e, 0x67, 0x54, 0x79,
 	0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x64, 0x6f, 0x6d, 0x61,
 	0x69, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e,
 	0x12, 0x0e, 0x0a, 0x02, 0x69, 0x70, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x02, 0x69, 0x70,
 	0x12, 0x25, 0x0a, 0x0e, 0x70, 0x72, 0x6f, 0x78, 0x69, 0x65, 0x64, 0x5f, 0x64, 0x6f, 0x6d, 0x61,
 	0x69, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x70, 0x72, 0x6f, 0x78, 0x69, 0x65,
 	0x64, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x2a, 0x45, 0x0a, 0x12, 0x44, 0x6f, 0x6d, 0x61, 0x69,
 	0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x69, 0x6e, 0x67, 0x54, 0x79, 0x70, 0x65, 0x12, 0x08, 0x0a,
 	0x04, 0x46, 0x75, 0x6c, 0x6c, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x53, 0x75, 0x62, 0x64, 0x6f,
 	0x6d, 0x61, 0x69, 0x6e, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x4b, 0x65, 0x79, 0x77, 0x6f, 0x72,
 	0x64, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x65, 0x67, 0x65, 0x78, 0x10, 0x03, 0x42, 0x46,
 	0x0a, 0x10, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x64,
 	0x6e, 0x73, 0x50, 0x01, 0x5a, 0x21, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d,
 	0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f,
 	0x61, 0x70, 0x70, 0x2f, 0x64, 0x6e, 0x73, 0xaa, 0x02, 0x0c, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x41,
 	0x70, 0x70, 0x2e, 0x44, 0x6e, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 var (
@@ -531,37 +575,40 @@ func file_app_dns_config_proto_rawDescGZIP() []byte {
 	return file_app_dns_config_proto_rawDescData
 }
-var file_app_dns_config_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_app_dns_config_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
-var file_app_dns_config_proto_msgTypes = make([]protoimpl.MessageInfo, 6)
+var file_app_dns_config_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
 var file_app_dns_config_proto_goTypes = []interface{}{
-	(DomainMatchingType)(0),           // 0: xray.app.dns.DomainMatchingType
+	(QueryStrategy)(0),              // 0: xray.app.dns.QueryStrategy
-	(*NameServer)(nil),                // 1: xray.app.dns.NameServer
+	(CacheStrategy)(0),              // 1: xray.app.dns.CacheStrategy
-	(*Config)(nil),                    // 2: xray.app.dns.Config
+	(*NameServer)(nil),              // 2: xray.app.dns.NameServer
-	(*NameServer_PriorityDomain)(nil), // 3: xray.app.dns.NameServer.PriorityDomain
+	(*Config)(nil),                  // 3: xray.app.dns.Config
 	(*NameServer_OriginalRule)(nil), // 4: xray.app.dns.NameServer.OriginalRule
 	nil,                             // 5: xray.app.dns.Config.HostsEntry
 	(*Config_HostMapping)(nil),      // 6: xray.app.dns.Config.HostMapping
 	(*net.Endpoint)(nil),            // 7: xray.common.net.Endpoint
-	(*router.GeoIP)(nil),              // 8: xray.app.router.GeoIP
+	(*domain.Domain)(nil),           // 8: xray.common.matcher.domain.Domain
-	(*net.IPOrDomain)(nil),            // 9: xray.common.net.IPOrDomain
+	(*geoip.GeoIP)(nil),             // 9: xray.common.matcher.geoip.GeoIP
 	(*net.IPOrDomain)(nil),          // 10: xray.common.net.IPOrDomain
 	(domain.MatchingType)(0),        // 11: xray.common.matcher.domain.MatchingType
 }
 var file_app_dns_config_proto_depIdxs = []int32{
 	7,  // 0: xray.app.dns.NameServer.address:type_name -> xray.common.net.Endpoint
-	3,  // 1: xray.app.dns.NameServer.prioritized_domain:type_name -> xray.app.dns.NameServer.PriorityDomain
+	8,  // 1: xray.app.dns.NameServer.prioritized_domain:type_name -> xray.common.matcher.domain.Domain
-	8,  // 2: xray.app.dns.NameServer.geoip:type_name -> xray.app.router.GeoIP
+	9,  // 2: xray.app.dns.NameServer.geoip:type_name -> xray.common.matcher.geoip.GeoIP
 	4,  // 3: xray.app.dns.NameServer.original_rules:type_name -> xray.app.dns.NameServer.OriginalRule
 	7,  // 4: xray.app.dns.Config.NameServers:type_name -> xray.common.net.Endpoint
-	1,  // 5: xray.app.dns.Config.name_server:type_name -> xray.app.dns.NameServer
+	2,  // 5: xray.app.dns.Config.name_server:type_name -> xray.app.dns.NameServer
 	5,  // 6: xray.app.dns.Config.Hosts:type_name -> xray.app.dns.Config.HostsEntry
 	6,  // 7: xray.app.dns.Config.static_hosts:type_name -> xray.app.dns.Config.HostMapping
-	0,  // 8: xray.app.dns.NameServer.PriorityDomain.type:type_name -> xray.app.dns.DomainMatchingType
+	1,  // 8: xray.app.dns.Config.cache_strategy:type_name -> xray.app.dns.CacheStrategy
-	9,  // 9: xray.app.dns.Config.HostsEntry.value:type_name -> xray.common.net.IPOrDomain
+	0,  // 9: xray.app.dns.Config.query_strategy:type_name -> xray.app.dns.QueryStrategy
-	0,  // 10: xray.app.dns.Config.HostMapping.type:type_name -> xray.app.dns.DomainMatchingType
+	10, // 10: xray.app.dns.Config.HostsEntry.value:type_name -> xray.common.net.IPOrDomain
-	11, // [11:11] is the sub-list for method output_type
+	11, // 11: xray.app.dns.Config.HostMapping.type:type_name -> xray.common.matcher.domain.MatchingType
-	11, // [11:11] is the sub-list for method input_type
+	12, // [12:12] is the sub-list for method output_type
-	11, // [11:11] is the sub-list for extension type_name
+	12, // [12:12] is the sub-list for method input_type
-	11, // [11:11] is the sub-list for extension extendee
+	12, // [12:12] is the sub-list for extension type_name
-	0,  // [0:11] is the sub-list for field type_name
+	12, // [12:12] is the sub-list for extension extendee
 	0,  // [0:12] is the sub-list for field type_name
 }
 func init() { file_app_dns_config_proto_init() }
@@ -595,18 +642,6 @@ func file_app_dns_config_proto_init() {
 			}
 		}
 		file_app_dns_config_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*NameServer_PriorityDomain); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 		file_app_dns_config_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*NameServer_OriginalRule); i {
 			case 0:
 				return &v.state
@@ -618,7 +653,7 @@ func file_app_dns_config_proto_init() {
 				return nil
 			}
 		}
-		file_app_dns_config_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+		file_app_dns_config_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*Config_HostMapping); i {
 			case 0:
 				return &v.state
@@ -636,8 +671,8 @@ func file_app_dns_config_proto_init() {
 		File: protoimpl.DescBuilder{
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_app_dns_config_proto_rawDesc,
-			NumEnums:      1,
+			NumEnums:      2,
-			NumMessages:   6,
+			NumMessages:   5,
 			NumExtensions: 0,
 			NumServices:   0,
 		},
--- a/app/dns/config.proto
+++ b/app/dns/config.proto
@@ -8,31 +8,34 @@ option java_multiple_files = true;
 import "common/net/address.proto";
 import "common/net/destination.proto";
-import "app/router/config.proto";
+import "common/matcher/domain/domain.proto";
 import "common/matcher/geoip/geoip.proto";
 message NameServer {
  xray.common.net.Endpoint address = 1;
-
+  bytes client_ip = 5;
-  message PriorityDomain {
+  bool skipFallback = 6;
    DomainMatchingType type = 1;
    string domain = 2;
  }
  message OriginalRule {
    string rule = 1;
    uint32 size = 2;
  }
-  repeated PriorityDomain prioritized_domain = 2;
+  repeated xray.common.matcher.domain.Domain prioritized_domain = 2;
-  repeated xray.app.router.GeoIP geoip = 3;
+  repeated xray.common.matcher.geoip.GeoIP geoip = 3;
  repeated OriginalRule original_rules = 4;
 }
-enum DomainMatchingType {
+enum QueryStrategy {
-  Full = 0;
+  USE_IP = 0;
-  Subdomain = 1;
+  USE_IP4 = 1;
-  Keyword = 2;
+  USE_IP6 = 2;
-  Regex = 3;
+}
 enum CacheStrategy {
  Cache_ALL = 0;
  Cache_NOERROR = 1;
  Cache_DISABLE = 2;
 }
 message Config {
@@ -53,14 +56,13 @@ message Config {
  bytes client_ip = 3;
  message HostMapping {
-    DomainMatchingType type = 1;
+    xray.common.matcher.domain.MatchingType type = 1;
    string domain = 2;
    repeated bytes ip = 3;
    // ProxiedDomain indicates the mapped domain has the same IP address on this
-    // domain. Xray will use this domain for IP queries. This field is only
+    // domain. Xray will use this domain for IP queries.
    // effective if ip is empty.
    string proxied_domain = 4;
  }
@@ -68,4 +70,13 @@ message Config {
  // Tag is the inbound tag of DNS client.
  string tag = 6;
  reserved 7;
  // DisableCache disables DNS cache
  CacheStrategy cache_strategy = 8;
  QueryStrategy query_strategy = 9;
  bool disableFallback = 10;
 }
--- a/app/dns/dns.go
+++ b/app/dns/dns.go
@@ -2,3 +2,312 @@
 package dns
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
 import (
 	"context"
 	"fmt"
 	"strings"
 	"sync"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/matcher/geoip"
 	"github.com/xtls/xray-core/common/matcher/str"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/session"
 	"github.com/xtls/xray-core/features"
 	"github.com/xtls/xray-core/features/dns"
 )
 // DNS is a DNS rely server.
 type DNS struct {
 	sync.Mutex
 	tag             string
 	cacheStrategy   CacheStrategy
 	disableFallback bool
 	ipOption        *dns.IPOption
 	hosts           *StaticHosts
 	clients         []*Client
 	ctx             context.Context
 	domainMatcher   str.IndexMatcher
 	matcherInfos    []DomainMatcherInfo
 }
 // DomainMatcherInfo contains information attached to index returned by Server.domainMatcher
 type DomainMatcherInfo struct {
 	clientIdx     uint16
 	domainRuleIdx uint16
 }
 // New creates a new DNS server with given configuration.
 func New(ctx context.Context, config *Config) (*DNS, error) {
 	var tag string
 	if len(config.Tag) > 0 {
 		tag = config.Tag
 	} else {
 		tag = generateRandomTag()
 	}
 	var clientIP net.IP
 	switch len(config.ClientIp) {
 	case 0, net.IPv4len, net.IPv6len:
 		clientIP = net.IP(config.ClientIp)
 	default:
 		return nil, newError("unexpected client IP length ", len(config.ClientIp))
 	}
 	var ipOption *dns.IPOption
 	switch config.QueryStrategy {
 	case QueryStrategy_USE_IP:
 		ipOption = &dns.IPOption{
 			IPv4Enable: true,
 			IPv6Enable: true,
 			FakeEnable: false,
 		}
 	case QueryStrategy_USE_IP4:
 		ipOption = &dns.IPOption{
 			IPv4Enable: true,
 			IPv6Enable: false,
 			FakeEnable: false,
 		}
 	case QueryStrategy_USE_IP6:
 		ipOption = &dns.IPOption{
 			IPv4Enable: false,
 			IPv6Enable: true,
 			FakeEnable: false,
 		}
 	}
 	hosts, err := NewStaticHosts(config.StaticHosts, config.Hosts)
 	if err != nil {
 		return nil, newError("failed to create hosts").Base(err)
 	}
 	clients := []*Client{}
 	domainRuleCount := 0
 	for _, ns := range config.NameServer {
 		domainRuleCount += len(ns.PrioritizedDomain)
 	}
 	// MatcherInfos is ensured to cover the maximum index domainMatcher could return, where matcher's index starts from 1
 	matcherInfos := make([]DomainMatcherInfo, domainRuleCount+1)
 	domainMatcher := &str.MatcherGroup{}
 	geoipContainer := geoip.GeoIPMatcherContainer{}
 	for _, endpoint := range config.NameServers {
 		features.PrintDeprecatedFeatureWarning("simple DNS server")
 		client, err := NewSimpleClient(ctx, endpoint, clientIP)
 		if err != nil {
 			return nil, newError("failed to create client").Base(err)
 		}
 		clients = append(clients, client)
 	}
 	for _, ns := range config.NameServer {
 		clientIdx := len(clients)
 		updateDomain := func(domainRule str.Matcher, originalRuleIdx int, matcherInfos []DomainMatcherInfo) error {
 			midx := domainMatcher.Add(domainRule)
 			matcherInfos[midx] = DomainMatcherInfo{
 				clientIdx:     uint16(clientIdx),
 				domainRuleIdx: uint16(originalRuleIdx),
 			}
 			return nil
 		}
 		myClientIP := clientIP
 		switch len(ns.ClientIp) {
 		case net.IPv4len, net.IPv6len:
 			myClientIP = net.IP(ns.ClientIp)
 		}
 		client, err := NewClient(ctx, ns, myClientIP, geoipContainer, &matcherInfos, updateDomain)
 		if err != nil {
 			return nil, newError("failed to create client").Base(err)
 		}
 		clients = append(clients, client)
 	}
 	// If there is no DNS client in config, add a `localhost` DNS client
 	if len(clients) == 0 {
 		clients = append(clients, NewLocalDNSClient())
 	}
 	return &DNS{
 		tag:             tag,
 		hosts:           hosts,
 		ipOption:        ipOption,
 		clients:         clients,
 		ctx:             ctx,
 		domainMatcher:   domainMatcher,
 		matcherInfos:    matcherInfos,
 		cacheStrategy:   config.CacheStrategy,
 		disableFallback: config.DisableFallback,
 	}, nil
 }
 // Type implements common.HasType.
 func (*DNS) Type() interface{} {
 	return dns.ClientType()
 }
 // Start implements common.Runnable.
 func (s *DNS) Start() error {
 	return nil
 }
 // Close implements common.Closable.
 func (s *DNS) Close() error {
 	return nil
 }
 // IsOwnLink implements proxy.dns.ownLinkVerifier
 func (s *DNS) IsOwnLink(ctx context.Context) bool {
 	inbound := session.InboundFromContext(ctx)
 	return inbound != nil && inbound.Tag == s.tag
 }
 // LookupIP implements dns.Client.
 func (s *DNS) LookupIP(domain string) ([]net.IP, error) {
 	return s.lookupIPInternal(domain, s.ipOption.Copy())
 }
 // LookupOptions implements dns.Client.
 func (s *DNS) LookupOptions(domain string, opts ...dns.Option) ([]net.IP, error) {
 	opt := s.ipOption.Copy()
 	for _, o := range opts {
 		if o != nil {
 			o(opt)
 		}
 	}
 	return s.lookupIPInternal(domain, opt)
 }
 // LookupIPv4 implements dns.IPv4Lookup.
 func (s *DNS) LookupIPv4(domain string) ([]net.IP, error) {
 	return s.lookupIPInternal(domain, &dns.IPOption{
 		IPv4Enable: true,
 	})
 }
 // LookupIPv6 implements dns.IPv6Lookup.
 func (s *DNS) LookupIPv6(domain string) ([]net.IP, error) {
 	return s.lookupIPInternal(domain, &dns.IPOption{
 		IPv6Enable: true,
 	})
 }
 func (s *DNS) lookupIPInternal(domain string, option *dns.IPOption) ([]net.IP, error) {
 	if domain == "" {
 		return nil, newError("empty domain name")
 	}
 	if isQuery(option) {
 		return nil, newError("empty option: Impossible.").AtWarning()
 	}
 	// Normalize the FQDN form query
 	if strings.HasSuffix(domain, ".") {
 		domain = domain[:len(domain)-1]
 	}
 	// Static host lookup
 	switch addrs := s.hosts.Lookup(domain, option); {
 	case addrs == nil: // Domain not recorded in static host
 		break
 	case len(addrs) == 0: // Domain recorded, but no valid IP returned (e.g. IPv4 address with only IPv6 enabled)
 		return nil, dns.ErrEmptyResponse
 	case len(addrs) == 1 && addrs[0].Family().IsDomain(): // Domain replacement
 		newError("domain replaced: ", domain, " -> ", addrs[0].Domain()).WriteToLog()
 		domain = addrs[0].Domain()
 	default:
 		// Successfully found ip records in static host.
 		// Skip hosts mapping result in FakeDNS query.
 		if isIPQuery(option) {
 			newError("returning ", len(addrs), " IP(s) for domain ", domain, " -> ", addrs).WriteToLog()
 			return toNetIP(addrs)
 		}
 	}
 	// Name servers lookup
 	errs := []error{}
 	ctx := session.ContextWithInbound(s.ctx, &session.Inbound{Tag: s.tag})
 	for _, client := range s.sortClients(domain, option) {
 		ips, err := client.QueryIP(ctx, domain, *option, s.cacheStrategy)
 		if len(ips) > 0 {
 			return ips, nil
 		}
 		if err != nil {
 			newError("failed to lookup ip for domain ", domain, " at server ", client.Name()).Base(err).WriteToLog()
 			errs = append(errs, err)
 		}
 		if err != context.Canceled && err != context.DeadlineExceeded && err != errExpectedIPNonMatch {
 			return nil, err
 		}
 	}
 	return nil, newError("returning nil for domain ", domain).Base(errors.Combine(errs...))
 }
 func (s *DNS) sortClients(domain string, option *dns.IPOption) []*Client {
 	clients := make([]*Client, 0, len(s.clients))
 	clientUsed := make([]bool, len(s.clients))
 	clientNames := make([]string, 0, len(s.clients))
 	domainRules := []string{}
 	defer func() {
 		if len(domainRules) > 0 {
 			newError("domain ", domain, " matches following rules: ", domainRules).AtDebug().WriteToLog()
 		}
 		if len(clientNames) > 0 {
 			newError("domain ", domain, " will use DNS in order: ", clientNames).AtDebug().WriteToLog()
 		}
 		if len(clients) == 0 {
 			clients = append(clients, s.clients[0])
 			clientNames = append(clientNames, s.clients[0].Name())
 			newError("domain ", domain, " will use the first DNS: ", clientNames).AtDebug().WriteToLog()
 		}
 	}()
 	// Priority domain matching
 	for _, match := range s.domainMatcher.Match(domain) {
 		info := s.matcherInfos[match]
 		client := s.clients[info.clientIdx]
 		domainRule := client.domains[info.domainRuleIdx]
 		if !canQueryOnClient(option, client) {
 			newError("skipping the client " + client.Name()).AtDebug().WriteToLog()
 			continue
 		}
 		domainRules = append(domainRules, fmt.Sprintf("%s(DNS idx:%d)", domainRule, info.clientIdx))
 		if clientUsed[info.clientIdx] {
 			continue
 		}
 		clientUsed[info.clientIdx] = true
 		clients = append(clients, client)
 		clientNames = append(clientNames, client.Name())
 	}
 	if !s.disableFallback {
 		// Default round-robin query
 		for idx, client := range s.clients {
 			if clientUsed[idx] || client.skipFallback {
 				continue
 			}
 			if !canQueryOnClient(option, client) {
 				newError("skipping the client " + client.Name()).AtDebug().WriteToLog()
 				continue
 			}
 			clientUsed[idx] = true
 			clients = append(clients, client)
 			clientNames = append(clientNames, client.Name())
 		}
 	}
 	return clients
 }
 func init() {
 	common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
 		return New(ctx, config.(*Config))
 	}))
 }
--- a/app/dns/server_test.go
+++ b/app/dns/server_test.go
@@ -12,8 +12,9 @@ import (
 	"github.com/xtls/xray-core/app/policy"
 	"github.com/xtls/xray-core/app/proxyman"
 	_ "github.com/xtls/xray-core/app/proxyman/outbound"
 	"github.com/xtls/xray-core/app/router"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/matcher/domain"
 	"github.com/xtls/xray-core/common/matcher/geoip"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/serial"
 	"github.com/xtls/xray-core/core"
@@ -101,8 +102,8 @@ func (*staticHandler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
 			rr, _ := dns.NewRR("localhost-b. IN A 127.0.0.4")
 			ans.Answer = append(ans.Answer, rr)
-		case q.Name == "mijia\\ cloud." && q.Qtype == dns.TypeA:
+		case q.Name == "Mijia\\ Cloud." && q.Qtype == dns.TypeA:
-			rr, _ := dns.NewRR("mijia\\ cloud. IN A 127.0.0.1")
+			rr, _ := dns.NewRR("Mijia\\ Cloud. IN A 127.0.0.1")
 			ans.Answer = append(ans.Answer, rr)
 		}
 	}
@@ -303,10 +304,10 @@ func TestPrioritizedDomain(t *testing.T) {
 							},
 							Port: uint32(port),
 						},
-						PrioritizedDomain: []*NameServer_PriorityDomain{
+						PrioritizedDomain: []*domain.Domain{
 							{
-								Type:   DomainMatchingType_Full,
+								Type:  domain.MatchingType_Full,
-								Domain: "google.com",
+								Value: "google.com",
 							},
 						},
 					},
@@ -391,7 +392,6 @@ func TestUDPServerIPv6(t *testing.T) {
 	client := v.GetFeature(feature_dns.ClientType()).(feature_dns.Client)
 	client6 := client.(feature_dns.IPv6Lookup)
 	{
 		ips, err := client6.LookupIPv6("ipv6.google.com")
 		if err != nil {
@@ -433,7 +433,7 @@ func TestStaticHostDomain(t *testing.T) {
 				},
 				StaticHosts: []*Config_HostMapping{
 					{
-						Type:          DomainMatchingType_Full,
+						Type:          domain.MatchingType_Full,
 						Domain:        "example.com",
 						ProxiedDomain: "google.com",
 					},
@@ -497,10 +497,10 @@ func TestIPMatch(t *testing.T) {
 							},
 							Port: uint32(port),
 						},
-						Geoip: []*router.GeoIP{
+						Geoip: []*geoip.GeoIP{
 							{
 								CountryCode: "local",
-								Cidr: []*router.CIDR{
+								Cidr: []*geoip.CIDR{
 									{
 										// inner ip, will not match
 										Ip:     []byte{192, 168, 11, 1},
@@ -521,10 +521,10 @@ func TestIPMatch(t *testing.T) {
 							},
 							Port: uint32(port),
 						},
-						Geoip: []*router.GeoIP{
+						Geoip: []*geoip.GeoIP{
 							{
 								CountryCode: "test",
-								Cidr: []*router.CIDR{
+								Cidr: []*geoip.CIDR{
 									{
 										Ip:     []byte{8, 8, 8, 8},
 										Prefix: 32,
@@ -533,7 +533,7 @@ func TestIPMatch(t *testing.T) {
 							},
 							{
 								CountryCode: "test",
-								Cidr: []*router.CIDR{
+								Cidr: []*geoip.CIDR{
 									{
 										Ip:     []byte{8, 8, 8, 4},
 										Prefix: 32,
@@ -617,14 +617,14 @@ func TestLocalDomain(t *testing.T) {
 							},
 							Port: uint32(port),
 						},
-						PrioritizedDomain: []*NameServer_PriorityDomain{
+						PrioritizedDomain: []*domain.Domain{
 							// Equivalent of dotless:localhost
-							{Type: DomainMatchingType_Regex, Domain: "^[^.]*localhost[^.]*$"},
+							{Type: domain.MatchingType_Regex, Value: "^[^.]*localhost[^.]*$"},
 						},
-						Geoip: []*router.GeoIP{
+						Geoip: []*geoip.GeoIP{
 							{ // Will match localhost, localhost-a and localhost-b,
 								CountryCode: "local",
-								Cidr: []*router.CIDR{
+								Cidr: []*geoip.CIDR{
 									{Ip: []byte{127, 0, 0, 2}, Prefix: 32},
 									{Ip: []byte{127, 0, 0, 3}, Prefix: 32},
 									{Ip: []byte{127, 0, 0, 4}, Prefix: 32},
@@ -642,22 +642,22 @@ func TestLocalDomain(t *testing.T) {
 							},
 							Port: uint32(port),
 						},
-						PrioritizedDomain: []*NameServer_PriorityDomain{
+						PrioritizedDomain: []*domain.Domain{
 							// Equivalent of dotless: and domain:local
-							{Type: DomainMatchingType_Regex, Domain: "^[^.]*$"},
+							{Type: domain.MatchingType_Regex, Value: "^[^.]*$"},
-							{Type: DomainMatchingType_Subdomain, Domain: "local"},
+							{Type: domain.MatchingType_Subdomain, Value: "local"},
-							{Type: DomainMatchingType_Subdomain, Domain: "localdomain"},
+							{Type: domain.MatchingType_Subdomain, Value: "localdomain"},
 						},
 					},
 				},
 				StaticHosts: []*Config_HostMapping{
 					{
-						Type:   DomainMatchingType_Full,
+						Type:   domain.MatchingType_Full,
 						Domain: "hostnamestatic",
 						Ip:     [][]byte{{127, 0, 0, 53}},
 					},
 					{
-						Type:          DomainMatchingType_Full,
+						Type:          domain.MatchingType_Full,
 						Domain:        "hostnamealias",
 						ProxiedDomain: "hostname.localdomain",
 					},
@@ -813,15 +813,15 @@ func TestMultiMatchPrioritizedDomain(t *testing.T) {
 							},
 							Port: uint32(port),
 						},
-						PrioritizedDomain: []*NameServer_PriorityDomain{
+						PrioritizedDomain: []*domain.Domain{
 							{
-								Type:   DomainMatchingType_Subdomain,
+								Type:  domain.MatchingType_Subdomain,
-								Domain: "google.com",
+								Value: "google.com",
 							},
 						},
-						Geoip: []*router.GeoIP{
+						Geoip: []*geoip.GeoIP{
 							{ // Will only match 8.8.8.8 and 8.8.4.4
-								Cidr: []*router.CIDR{
+								Cidr: []*geoip.CIDR{
 									{Ip: []byte{8, 8, 8, 8}, Prefix: 32},
 									{Ip: []byte{8, 8, 4, 4}, Prefix: 32},
 								},
@@ -838,15 +838,15 @@ func TestMultiMatchPrioritizedDomain(t *testing.T) {
 							},
 							Port: uint32(port),
 						},
-						PrioritizedDomain: []*NameServer_PriorityDomain{
+						PrioritizedDomain: []*domain.Domain{
 							{
-								Type:   DomainMatchingType_Subdomain,
+								Type:  domain.MatchingType_Subdomain,
-								Domain: "google.com",
+								Value: "google.com",
 							},
 						},
-						Geoip: []*router.GeoIP{
+						Geoip: []*geoip.GeoIP{
 							{ // Will match 8.8.8.8 and 8.8.8.7, etc
-								Cidr: []*router.CIDR{
+								Cidr: []*geoip.CIDR{
 									{Ip: []byte{8, 8, 8, 7}, Prefix: 24},
 								},
 							},
@@ -862,15 +862,15 @@ func TestMultiMatchPrioritizedDomain(t *testing.T) {
 							},
 							Port: uint32(port),
 						},
-						PrioritizedDomain: []*NameServer_PriorityDomain{
+						PrioritizedDomain: []*domain.Domain{
 							{
-								Type:   DomainMatchingType_Subdomain,
+								Type:  domain.MatchingType_Subdomain,
-								Domain: "api.google.com",
+								Value: "api.google.com",
 							},
 						},
-						Geoip: []*router.GeoIP{
+						Geoip: []*geoip.GeoIP{
 							{ // Will only match 8.8.7.7 (api.google.com)
-								Cidr: []*router.CIDR{
+								Cidr: []*geoip.CIDR{
 									{Ip: []byte{8, 8, 7, 7}, Prefix: 32},
 								},
 							},
@@ -886,15 +886,15 @@ func TestMultiMatchPrioritizedDomain(t *testing.T) {
 							},
 							Port: uint32(port),
 						},
-						PrioritizedDomain: []*NameServer_PriorityDomain{
+						PrioritizedDomain: []*domain.Domain{
 							{
-								Type:   DomainMatchingType_Full,
+								Type:  domain.MatchingType_Full,
-								Domain: "v2.api.google.com",
+								Value: "v2.api.google.com",
 							},
 						},
-						Geoip: []*router.GeoIP{
+						Geoip: []*geoip.GeoIP{
 							{ // Will only match 8.8.7.8 (v2.api.google.com)
-								Cidr: []*router.CIDR{
+								Cidr: []*geoip.CIDR{
 									{Ip: []byte{8, 8, 7, 8}, Prefix: 32},
 								},
 							},
--- a/app/dns/dnscommon.go
+++ b/app/dns/dnscommon.go
@@ -2,6 +2,7 @@ package dns
 import (
 	"encoding/binary"
 	"strings"
 	"time"
 	"github.com/xtls/xray-core/common"
@@ -13,7 +14,7 @@ import (
 // Fqdn normalize domain make sure it ends with '.'
 func Fqdn(domain string) string {
-	if len(domain) > 0 && domain[len(domain)-1] == '.' {
+	if len(domain) > 0 && strings.HasSuffix(domain, ".") {
 		return domain
 	}
 	return domain + "."
@@ -112,7 +113,7 @@ func genEDNS0Options(clientIP net.IP) *dnsmessage.Resource {
 	return opt
 }
-func buildReqMsgs(domain string, option IPOption, reqIDGen func() uint16, reqOpts *dnsmessage.Resource) []*dnsRequest {
+func buildReqMsgs(domain string, option dns_feature.IPOption, reqIDGen func() uint16, reqOpts *dnsmessage.Resource) []*dnsRequest {
 	qA := dnsmessage.Question{
 		Name:  dnsmessage.MustNewName(domain),
 		Type:  dnsmessage.TypeA,
--- a/app/dns/dnscommon_test.go
+++ b/app/dns/dnscommon_test.go
@@ -9,6 +9,7 @@ import (
 	"github.com/miekg/dns"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/net"
 	dns_feature "github.com/xtls/xray-core/features/dns"
 	"golang.org/x/net/dns/dnsmessage"
 )
@@ -92,7 +93,7 @@ func Test_buildReqMsgs(t *testing.T) {
 	}
 	type args struct {
 		domain  string
-		option  IPOption
+		option  dns_feature.IPOption
 		reqOpts *dnsmessage.Resource
 	}
 	tests := []struct {
@@ -100,10 +101,26 @@ func Test_buildReqMsgs(t *testing.T) {
 		args args
 		want int
 	}{
-		{"dual stack", args{"test.com", IPOption{true, true}, nil}, 2},
+		{"dual stack", args{"test.com", dns_feature.IPOption{
-		{"ipv4 only", args{"test.com", IPOption{true, false}, nil}, 1},
+			IPv4Enable: true,
-		{"ipv6 only", args{"test.com", IPOption{false, true}, nil}, 1},
+			IPv6Enable: true,
-		{"none/error", args{"test.com", IPOption{false, false}, nil}, 0},
+			FakeEnable: false,
 		}, nil}, 2},
 		{"ipv4 only", args{"test.com", dns_feature.IPOption{
 			IPv4Enable: true,
 			IPv6Enable: false,
 			FakeEnable: false,
 		}, nil}, 1},
 		{"ipv6 only", args{"test.com", dns_feature.IPOption{
 			IPv4Enable: false,
 			IPv6Enable: true,
 			FakeEnable: false,
 		}, nil}, 1},
 		{"none/error", args{"test.com", dns_feature.IPOption{
 			IPv4Enable: false,
 			IPv6Enable: false,
 			FakeEnable: false,
 		}, nil}, 0},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
--- a/app/dns/fakedns/errors.generated.go
+++ b/app/dns/fakedns/errors.generated.go
@@ -0,0 +1,9 @@
 package fakedns
 import "github.com/xtls/xray-core/common/errors"
 type errPathObjHolder struct{}
 func newError(values ...interface{}) *errors.Error {
 	return errors.New(values...).WithPathObj(errPathObjHolder{})
 }
--- a/app/dns/fakedns/fake.go
+++ b/app/dns/fakedns/fake.go
@@ -0,0 +1,134 @@
 package fakedns
 import (
 	"context"
 	"math"
 	"math/big"
 	gonet "net"
 	"time"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/cache"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/features/dns"
 )
 type Holder struct {
 	domainToIP cache.Lru
 	ipRange    *gonet.IPNet
 	config *FakeDnsPool
 }
 func (*Holder) Type() interface{} {
 	return (*dns.FakeDNSEngine)(nil)
 }
 func (fkdns *Holder) Start() error {
 	return fkdns.initializeFromConfig()
 }
 func (fkdns *Holder) Close() error {
 	fkdns.domainToIP = nil
 	fkdns.ipRange = nil
 	return nil
 }
 func NewFakeDNSHolder() (*Holder, error) {
 	var fkdns *Holder
 	var err error
 	if fkdns, err = NewFakeDNSHolderConfigOnly(nil); err != nil {
 		return nil, newError("Unable to create Fake Dns Engine").Base(err).AtError()
 	}
 	err = fkdns.initialize(dns.FakeIPPool, 65535)
 	if err != nil {
 		return nil, err
 	}
 	return fkdns, nil
 }
 func NewFakeDNSHolderConfigOnly(conf *FakeDnsPool) (*Holder, error) {
 	return &Holder{nil, nil, conf}, nil
 }
 func (fkdns *Holder) initializeFromConfig() error {
 	return fkdns.initialize(fkdns.config.IpPool, int(fkdns.config.LruSize))
 }
 func (fkdns *Holder) initialize(ipPoolCidr string, lruSize int) error {
 	var ipRange *gonet.IPNet
 	var err error
 	if _, ipRange, err = gonet.ParseCIDR(ipPoolCidr); err != nil {
 		return newError("Unable to parse CIDR for Fake DNS IP assignment").Base(err).AtError()
 	}
 	ones, bits := ipRange.Mask.Size()
 	rooms := bits - ones
 	if math.Log2(float64(lruSize)) >= float64(rooms) {
 		return newError("LRU size is bigger than subnet size").AtError()
 	}
 	fkdns.domainToIP = cache.NewLru(lruSize)
 	fkdns.ipRange = ipRange
 	return nil
 }
 // GetFakeIPForDomain check and generate a fake IP for a domain name
 func (fkdns *Holder) GetFakeIPForDomain(domain string) []net.Address {
 	if v, ok := fkdns.domainToIP.Get(domain); ok {
 		return []net.Address{v.(net.Address)}
 	}
 	var currentTimeMillis = uint64(time.Now().UnixNano() / 1e6)
 	ones, bits := fkdns.ipRange.Mask.Size()
 	rooms := bits - ones
 	if rooms < 64 {
 		currentTimeMillis %= (uint64(1) << rooms)
 	}
 	var bigIntIP = big.NewInt(0).SetBytes(fkdns.ipRange.IP)
 	bigIntIP = bigIntIP.Add(bigIntIP, new(big.Int).SetUint64(currentTimeMillis))
 	var ip net.Address
 	for {
 		ip = net.IPAddress(bigIntIP.Bytes())
 		// if we run for a long time, we may go back to beginning and start seeing the IP in use
 		if _, ok := fkdns.domainToIP.PeekKeyFromValue(ip); !ok {
 			break
 		}
 		bigIntIP = bigIntIP.Add(bigIntIP, big.NewInt(1))
 		if !fkdns.ipRange.Contains(bigIntIP.Bytes()) {
 			bigIntIP = big.NewInt(0).SetBytes(fkdns.ipRange.IP)
 		}
 	}
 	fkdns.domainToIP.Put(domain, ip)
 	return []net.Address{ip}
 }
 // GetDomainFromFakeDNS check if an IP is a fake IP and have corresponding domain name
 func (fkdns *Holder) GetDomainFromFakeDNS(ip net.Address) string {
 	if !ip.Family().IsIP() || !fkdns.ipRange.Contains(ip.IP()) {
 		return ""
 	}
 	if k, ok := fkdns.domainToIP.GetKeyFromValue(ip); ok {
 		return k.(string)
 	}
 	newError("A fake ip request to ", ip, ", however there is no matching domain name in fake DNS").AtInfo().WriteToLog()
 	return ""
 }
 // GetFakeIPRange return fake IP range from configuration
 func (fkdns *Holder) GetFakeIPRange() *gonet.IPNet {
 	return fkdns.ipRange
 }
 func init() {
 	common.Must(common.RegisterConfig((*FakeDnsPool)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
 		var f *Holder
 		var err error
 		if f, err = NewFakeDNSHolderConfigOnly(config.(*FakeDnsPool)); err != nil {
 			return nil, err
 		}
 		return f, nil
 	}))
 }
--- a/app/dns/fakedns/fakedns.go
+++ b/app/dns/fakedns/fakedns.go
@@ -0,0 +1,3 @@
 package fakedns
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
--- a/app/dns/fakedns/fakedns.pb.go
+++ b/app/dns/fakedns/fakedns.pb.go
@@ -0,0 +1,164 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
 // 	protoc        v3.13.0
 // source: app/dns/fakedns/fakedns.proto
 package fakedns
 import (
 	proto "github.com/golang/protobuf/proto"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
 	reflect "reflect"
 	sync "sync"
 )
 const (
 	// Verify that this generated code is sufficiently up-to-date.
 	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
 	// Verify that runtime/protoimpl is sufficiently up-to-date.
 	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
 )
 // This is a compile-time assertion that a sufficiently up-to-date version
 // of the legacy proto package is being used.
 const _ = proto.ProtoPackageIsVersion4
 type FakeDnsPool struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	IpPool  string `protobuf:"bytes,1,opt,name=ip_pool,json=ipPool,proto3" json:"ip_pool,omitempty"` //CIDR of IP pool used as fake DNS IP
 	LruSize int64  `protobuf:"varint,2,opt,name=lruSize,proto3" json:"lruSize,omitempty"`            //Size of Pool for remembering relationship between domain name and IP address
 }
 func (x *FakeDnsPool) Reset() {
 	*x = FakeDnsPool{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_app_dns_fakedns_fakedns_proto_msgTypes[0]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *FakeDnsPool) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*FakeDnsPool) ProtoMessage() {}
 func (x *FakeDnsPool) ProtoReflect() protoreflect.Message {
 	mi := &file_app_dns_fakedns_fakedns_proto_msgTypes[0]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use FakeDnsPool.ProtoReflect.Descriptor instead.
 func (*FakeDnsPool) Descriptor() ([]byte, []int) {
 	return file_app_dns_fakedns_fakedns_proto_rawDescGZIP(), []int{0}
 }
 func (x *FakeDnsPool) GetIpPool() string {
 	if x != nil {
 		return x.IpPool
 	}
 	return ""
 }
 func (x *FakeDnsPool) GetLruSize() int64 {
 	if x != nil {
 		return x.LruSize
 	}
 	return 0
 }
 var File_app_dns_fakedns_fakedns_proto protoreflect.FileDescriptor
 var file_app_dns_fakedns_fakedns_proto_rawDesc = []byte{
 	0x0a, 0x1d, 0x61, 0x70, 0x70, 0x2f, 0x64, 0x6e, 0x73, 0x2f, 0x66, 0x61, 0x6b, 0x65, 0x64, 0x6e,
 	0x73, 0x2f, 0x66, 0x61, 0x6b, 0x65, 0x64, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
 	0x1a, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x70, 0x2e,
 	0x64, 0x6e, 0x73, 0x2e, 0x66, 0x61, 0x6b, 0x65, 0x64, 0x6e, 0x73, 0x22, 0x40, 0x0a, 0x0b, 0x46,
 	0x61, 0x6b, 0x65, 0x44, 0x6e, 0x73, 0x50, 0x6f, 0x6f, 0x6c, 0x12, 0x17, 0x0a, 0x07, 0x69, 0x70,
 	0x5f, 0x70, 0x6f, 0x6f, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x69, 0x70, 0x50,
 	0x6f, 0x6f, 0x6c, 0x12, 0x18, 0x0a, 0x07, 0x6c, 0x72, 0x75, 0x53, 0x69, 0x7a, 0x65, 0x18, 0x02,
 	0x20, 0x01, 0x28, 0x03, 0x52, 0x07, 0x6c, 0x72, 0x75, 0x53, 0x69, 0x7a, 0x65, 0x42, 0x5f, 0x0a,
 	0x1e, 0x63, 0x6f, 0x6d, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
 	0x61, 0x70, 0x70, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x66, 0x61, 0x6b, 0x65, 0x64, 0x6e, 0x73, 0x50,
 	0x01, 0x5a, 0x1e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x72,
 	0x65, 0x2f, 0x61, 0x70, 0x70, 0x2f, 0x64, 0x6e, 0x73, 0x2f, 0x66, 0x61, 0x6b, 0x65, 0x64, 0x6e,
 	0x73, 0xaa, 0x02, 0x1a, 0x56, 0x32, 0x52, 0x61, 0x79, 0x2e, 0x43, 0x6f, 0x72, 0x65, 0x2e, 0x41,
 	0x70, 0x70, 0x2e, 0x44, 0x6e, 0x73, 0x2e, 0x46, 0x61, 0x6b, 0x65, 0x64, 0x6e, 0x73, 0x62, 0x06,
 	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 var (
 	file_app_dns_fakedns_fakedns_proto_rawDescOnce sync.Once
 	file_app_dns_fakedns_fakedns_proto_rawDescData = file_app_dns_fakedns_fakedns_proto_rawDesc
 )
 func file_app_dns_fakedns_fakedns_proto_rawDescGZIP() []byte {
 	file_app_dns_fakedns_fakedns_proto_rawDescOnce.Do(func() {
 		file_app_dns_fakedns_fakedns_proto_rawDescData = protoimpl.X.CompressGZIP(file_app_dns_fakedns_fakedns_proto_rawDescData)
 	})
 	return file_app_dns_fakedns_fakedns_proto_rawDescData
 }
 var file_app_dns_fakedns_fakedns_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
 var file_app_dns_fakedns_fakedns_proto_goTypes = []interface{}{
 	(*FakeDnsPool)(nil), // 0: xray.app.dns.fakedns.FakeDnsPool
 }
 var file_app_dns_fakedns_fakedns_proto_depIdxs = []int32{
 	0, // [0:0] is the sub-list for method output_type
 	0, // [0:0] is the sub-list for method input_type
 	0, // [0:0] is the sub-list for extension type_name
 	0, // [0:0] is the sub-list for extension extendee
 	0, // [0:0] is the sub-list for field type_name
 }
 func init() { file_app_dns_fakedns_fakedns_proto_init() }
 func file_app_dns_fakedns_fakedns_proto_init() {
 	if File_app_dns_fakedns_fakedns_proto != nil {
 		return
 	}
 	if !protoimpl.UnsafeEnabled {
 		file_app_dns_fakedns_fakedns_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*FakeDnsPool); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 	}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
 		File: protoimpl.DescBuilder{
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_app_dns_fakedns_fakedns_proto_rawDesc,
 			NumEnums:      0,
 			NumMessages:   1,
 			NumExtensions: 0,
 			NumServices:   0,
 		},
 		GoTypes:           file_app_dns_fakedns_fakedns_proto_goTypes,
 		DependencyIndexes: file_app_dns_fakedns_fakedns_proto_depIdxs,
 		MessageInfos:      file_app_dns_fakedns_fakedns_proto_msgTypes,
 	}.Build()
 	File_app_dns_fakedns_fakedns_proto = out.File
 	file_app_dns_fakedns_fakedns_proto_rawDesc = nil
 	file_app_dns_fakedns_fakedns_proto_goTypes = nil
 	file_app_dns_fakedns_fakedns_proto_depIdxs = nil
 }
--- a/app/dns/fakedns/fakedns.proto
+++ b/app/dns/fakedns/fakedns.proto
@@ -0,0 +1,12 @@
 syntax = "proto3";
 package xray.app.dns.fakedns;
 option csharp_namespace = "Xray.App.Dns.Fakedns";
 option go_package = "github.com/xtls/xray-core/app/dns/fakedns";
 option java_package = "com.xray.app.dns.fakedns";
 option java_multiple_files = true;
 message FakeDnsPool{
  string ip_pool = 1; //CIDR of IP pool used as fake DNS IP
  int64  lruSize = 2; //Size of Pool for remembering relationship between domain name and IP address
 }
--- a/app/dns/fakedns/fakedns_test.go
+++ b/app/dns/fakedns/fakedns_test.go
@@ -0,0 +1,105 @@
 package fakedns
 import (
 	"testing"
 	"github.com/stretchr/testify/assert"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/uuid"
 	"github.com/xtls/xray-core/features/dns"
 )
 var (
 	ipPrefix = "198.18."
 )
 func TestNewFakeDnsHolder(_ *testing.T) {
 	_, err := NewFakeDNSHolder()
 	common.Must(err)
 }
 func TestFakeDnsHolderCreateMapping(t *testing.T) {
 	fkdns, err := NewFakeDNSHolder()
 	common.Must(err)
 	addr := fkdns.GetFakeIPForDomain("fakednstest.example.com")
 	assert.Equal(t, ipPrefix, addr[0].IP().String()[0:len(ipPrefix)])
 }
 func TestFakeDnsHolderCreateMappingMany(t *testing.T) {
 	fkdns, err := NewFakeDNSHolder()
 	common.Must(err)
 	addr := fkdns.GetFakeIPForDomain("fakednstest.example.com")
 	assert.Equal(t, ipPrefix, addr[0].IP().String()[0:len(ipPrefix)])
 	addr2 := fkdns.GetFakeIPForDomain("fakednstest2.example.com")
 	assert.Equal(t, ipPrefix, addr2[0].IP().String()[0:len(ipPrefix)])
 	assert.NotEqual(t, addr[0].IP().String(), addr2[0].IP().String())
 }
 func TestFakeDnsHolderCreateMappingManyAndResolve(t *testing.T) {
 	fkdns, err := NewFakeDNSHolder()
 	common.Must(err)
 	addr := fkdns.GetFakeIPForDomain("fakednstest.example.com")
 	addr2 := fkdns.GetFakeIPForDomain("fakednstest2.example.com")
 	{
 		result := fkdns.GetDomainFromFakeDNS(addr[0])
 		assert.Equal(t, "fakednstest.example.com", result)
 	}
 	{
 		result := fkdns.GetDomainFromFakeDNS(addr2[0])
 		assert.Equal(t, "fakednstest2.example.com", result)
 	}
 }
 func TestFakeDnsHolderCreateMappingManySingleDomain(t *testing.T) {
 	fkdns, err := NewFakeDNSHolder()
 	common.Must(err)
 	addr := fkdns.GetFakeIPForDomain("fakednstest.example.com")
 	addr2 := fkdns.GetFakeIPForDomain("fakednstest.example.com")
 	assert.Equal(t, addr[0].IP().String(), addr2[0].IP().String())
 }
 func TestFakeDnsHolderCreateMappingAndRollOver(t *testing.T) {
 	fkdns, err := NewFakeDNSHolderConfigOnly(&FakeDnsPool{
 		IpPool:  dns.FakeIPPool,
 		LruSize: 256,
 	})
 	common.Must(err)
 	err = fkdns.Start()
 	common.Must(err)
 	addr := fkdns.GetFakeIPForDomain("fakednstest.example.com")
 	addr2 := fkdns.GetFakeIPForDomain("fakednstest2.example.com")
 	for i := 0; i <= 8192; i++ {
 		{
 			result := fkdns.GetDomainFromFakeDNS(addr[0])
 			assert.Equal(t, "fakednstest.example.com", result)
 		}
 		{
 			result := fkdns.GetDomainFromFakeDNS(addr2[0])
 			assert.Equal(t, "fakednstest2.example.com", result)
 		}
 		{
 			uuid := uuid.New()
 			domain := uuid.String() + ".fakednstest.example.com"
 			tempAddr := fkdns.GetFakeIPForDomain(domain)
 			rsaddr := tempAddr[0].IP().String()
 			result := fkdns.GetDomainFromFakeDNS(net.ParseAddress(rsaddr))
 			assert.Equal(t, domain, result)
 		}
 	}
 }
--- a/app/dns/hosts.go
+++ b/app/dns/hosts.go
@@ -2,39 +2,21 @@ package dns
 import (
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/matcher/str"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/strmatcher"
 	"github.com/xtls/xray-core/features"
 	"github.com/xtls/xray-core/features/dns"
 )
 // StaticHosts represents static domain-ip mapping in DNS server.
 type StaticHosts struct {
 	ips      [][]net.Address
-	matchers *strmatcher.MatcherGroup
+	matchers *str.MatcherGroup
 }
 var typeMap = map[DomainMatchingType]strmatcher.Type{
 	DomainMatchingType_Full:      strmatcher.Full,
 	DomainMatchingType_Subdomain: strmatcher.Domain,
 	DomainMatchingType_Keyword:   strmatcher.Substr,
 	DomainMatchingType_Regex:     strmatcher.Regex,
 }
 func toStrMatcher(t DomainMatchingType, domain string) (strmatcher.Matcher, error) {
 	strMType, f := typeMap[t]
 	if !f {
 		return nil, newError("unknown mapping type", t).AtWarning()
 	}
 	matcher, err := strMType.New(domain)
 	if err != nil {
 		return nil, newError("failed to create str matcher").Base(err)
 	}
 	return matcher, nil
 }
 // NewStaticHosts creates a new StaticHosts instance.
 func NewStaticHosts(hosts []*Config_HostMapping, legacy map[string]*net.IPOrDomain) (*StaticHosts, error) {
-	g := new(strmatcher.MatcherGroup)
+	g := new(str.MatcherGroup)
 	sh := &StaticHosts{
 		ips:      make([][]net.Address, len(hosts)+len(legacy)+16),
 		matchers: g,
@@ -44,7 +26,7 @@ func NewStaticHosts(hosts []*Config_HostMapping, legacy map[string]*net.IPOrDoma
 		features.PrintDeprecatedFeatureWarning("simple host mapping")
 		for domain, ip := range legacy {
-			matcher, err := strmatcher.Full.New(domain)
+			matcher, err := str.Full.New(domain)
 			common.Must(err)
 			id := g.Add(matcher)
@@ -65,6 +47,9 @@ func NewStaticHosts(hosts []*Config_HostMapping, legacy map[string]*net.IPOrDoma
 		id := g.Add(matcher)
 		ips := make([]net.Address, 0, len(mapping.Ip)+1)
 		switch {
 		case len(mapping.ProxiedDomain) > 0:
 			ips = append(ips, net.DomainAddress(mapping.ProxiedDomain))
 		case len(mapping.Ip) > 0:
 			for _, ip := range mapping.Ip {
 				addr := net.IPAddress(ip)
@@ -74,49 +59,56 @@ func NewStaticHosts(hosts []*Config_HostMapping, legacy map[string]*net.IPOrDoma
 				ips = append(ips, addr)
 			}
 		case len(mapping.ProxiedDomain) > 0:
 			ips = append(ips, net.DomainAddress(mapping.ProxiedDomain))
 		default:
 			return nil, newError("neither IP address nor proxied domain specified for domain: ", mapping.Domain).AtWarning()
 		}
 		// Special handling for localhost IPv6. This is a dirty workaround as JSON config supports only single IP mapping.
 		if len(ips) == 1 && ips[0] == net.LocalHostIP {
 			ips = append(ips, net.LocalHostIPv6)
 		}
 		sh.ips[id] = ips
 	}
 	return sh, nil
 }
-func filterIP(ips []net.Address, option IPOption) []net.Address {
+func filterIP(ips []net.Address, option *dns.IPOption) []net.Address {
 	filtered := make([]net.Address, 0, len(ips))
 	for _, ip := range ips {
 		if (ip.Family().IsIPv4() && option.IPv4Enable) || (ip.Family().IsIPv6() && option.IPv6Enable) {
 			filtered = append(filtered, ip)
 		}
 	}
 	if len(filtered) == 0 {
 		return nil
 	}
 	return filtered
 }
-// LookupIP returns IP address for the given domain, if exists in this StaticHosts.
+func (h *StaticHosts) lookupInternal(domain string) []net.Address {
-func (h *StaticHosts) LookupIP(domain string, option IPOption) []net.Address {
+	var ips []net.Address
-	indices := h.matchers.Match(domain)
+	for _, id := range h.matchers.Match(domain) {
 	if len(indices) == 0 {
 		return nil
 	}
 	ips := []net.Address{}
 	for _, id := range indices {
 		ips = append(ips, h.ips[id]...)
 	}
 	if len(ips) == 1 && ips[0].Family().IsDomain() {
 		return ips
 	}
-	return filterIP(ips, option)
+	return ips
 }
 func (h *StaticHosts) lookup(domain string, option *dns.IPOption, maxDepth int) []net.Address {
 	switch addrs := h.lookupInternal(domain); {
 	case len(addrs) == 0: // Not recorded in static hosts, return nil
 		return nil
 	case len(addrs) == 1 && addrs[0].Family().IsDomain(): // Try to unwrap domain
 		newError("found replaced domain: ", domain, " -> ", addrs[0].Domain(), ". Try to unwrap it").AtDebug().WriteToLog()
 		if maxDepth > 0 {
 			unwrapped := h.lookup(addrs[0].Domain(), option, maxDepth-1)
 			if unwrapped != nil {
 				return unwrapped
 			}
 		}
 		return addrs
 	default: // IP record found, return a non-nil IP array
 		return filterIP(addrs, option)
 	}
 }
 // Lookup returns IP addresses or proxied domain for the given domain, if exists in this StaticHosts.
 func (h *StaticHosts) Lookup(domain string, option *dns.IPOption) []net.Address {
 	return h.lookup(domain, option, 5)
 }
--- a/app/dns/hosts_test.go
+++ b/app/dns/hosts_test.go
@@ -7,30 +7,47 @@ import (
 	. "github.com/xtls/xray-core/app/dns"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/matcher/domain"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/features/dns"
 )
 func TestStaticHosts(t *testing.T) {
 	pb := []*Config_HostMapping{
 		{
-			Type:   DomainMatchingType_Full,
+			Type:   domain.MatchingType_Full,
 			Domain: "example.com",
 			Ip: [][]byte{
 				{1, 1, 1, 1},
 			},
 		},
 		{
-			Type:   DomainMatchingType_Subdomain,
+			Type:   domain.MatchingType_Full,
 			Domain: "proxy.example.com",
 			Ip: [][]byte{
 				{1, 2, 3, 4},
 				{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1},
 			},
 			ProxiedDomain: "another-proxy.example.com",
 		},
 		{
 			Type:          domain.MatchingType_Full,
 			Domain:        "proxy2.example.com",
 			ProxiedDomain: "proxy.example.com",
 		},
 		{
 			Type:   domain.MatchingType_Subdomain,
 			Domain: "example.cn",
 			Ip: [][]byte{
 				{2, 2, 2, 2},
 			},
 		},
 		{
-			Type:   DomainMatchingType_Subdomain,
+			Type:   domain.MatchingType_Subdomain,
 			Domain: "baidu.com",
 			Ip: [][]byte{
 				{127, 0, 0, 1},
 				{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1},
 			},
 		},
 	}
@@ -39,7 +56,7 @@ func TestStaticHosts(t *testing.T) {
 	common.Must(err)
 	{
-		ips := hosts.LookupIP("example.com", IPOption{
+		ips := hosts.Lookup("example.com", &dns.IPOption{
 			IPv4Enable: true,
 			IPv6Enable: true,
 		})
@@ -52,7 +69,33 @@ func TestStaticHosts(t *testing.T) {
 	}
 	{
-		ips := hosts.LookupIP("www.example.cn", IPOption{
+		domain := hosts.Lookup("proxy.example.com", &dns.IPOption{
 			IPv4Enable: true,
 			IPv6Enable: false,
 		})
 		if len(domain) != 1 {
 			t.Error("expect 1 domain, but got ", len(domain))
 		}
 		if diff := cmp.Diff(domain[0].Domain(), "another-proxy.example.com"); diff != "" {
 			t.Error(diff)
 		}
 	}
 	{
 		domain := hosts.Lookup("proxy2.example.com", &dns.IPOption{
 			IPv4Enable: true,
 			IPv6Enable: false,
 		})
 		if len(domain) != 1 {
 			t.Error("expect 1 domain, but got ", len(domain))
 		}
 		if diff := cmp.Diff(domain[0].Domain(), "another-proxy.example.com"); diff != "" {
 			t.Error(diff)
 		}
 	}
 	{
 		ips := hosts.Lookup("www.example.cn", &dns.IPOption{
 			IPv4Enable: true,
 			IPv6Enable: true,
 		})
@@ -65,7 +108,7 @@ func TestStaticHosts(t *testing.T) {
 	}
 	{
-		ips := hosts.LookupIP("baidu.com", IPOption{
+		ips := hosts.Lookup("baidu.com", &dns.IPOption{
 			IPv4Enable: false,
 			IPv6Enable: true,
 		})
--- a/app/dns/nameserver.go
+++ b/app/dns/nameserver.go
@@ -2,53 +2,211 @@ package dns
 import (
 	"context"
 	"net/url"
 	"strings"
 	"time"
 	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/matcher/geoip"
 	"github.com/xtls/xray-core/common/matcher/str"
 	"github.com/xtls/xray-core/common/net"
-	"github.com/xtls/xray-core/features/dns/localdns"
+	core "github.com/xtls/xray-core/core"
 	"github.com/xtls/xray-core/features/dns"
 	"github.com/xtls/xray-core/features/routing"
 )
-// IPOption is an object for IP query options.
+// Server is the interface for Name Server.
-type IPOption struct {
+type Server interface {
-	IPv4Enable bool
+	// Name of the Client.
-	IPv6Enable bool
+	Name() string
 	// QueryIP sends IP queries to its configured server.
 	QueryIP(ctx context.Context, domain string, clientIP net.IP, option dns.IPOption, cs CacheStrategy) ([]net.IP, error)
 }
 // Client is the interface for DNS client.
-type Client interface {
+type Client struct {
-	// Name of the Client.
+	server       Server
-	Name() string
+	clientIP     net.IP
-
+	skipFallback bool
-	// QueryIP sends IP queries to its configured server.
+	domains      []string
-	QueryIP(ctx context.Context, domain string, option IPOption) ([]net.IP, error)
+	expectIPs    []*geoip.GeoIPMatcher
 }
-type LocalNameServer struct {
+var errExpectedIPNonMatch = errors.New("expectIPs not match")
-	client *localdns.Client
+
 // NewServer creates a name server object according to the network destination url.
 func NewServer(dest net.Destination, dispatcher routing.Dispatcher) (Server, error) {
 	if address := dest.Address; address.Family().IsDomain() {
 		u, err := url.Parse(address.Domain())
 		if err != nil {
 			return nil, err
 		}
 		switch {
 		case strings.EqualFold(u.String(), "localhost"):
 			return NewLocalNameServer(), nil
 		case strings.EqualFold(u.Scheme, "https"): // DOH Remote mode
 			return NewDoHNameServer(u, dispatcher)
 		case strings.EqualFold(u.Scheme, "https+local"): // DOH Local mode
 			return NewDoHLocalNameServer(u), nil
 		case strings.EqualFold(u.Scheme, "quic+local"): // DNS-over-QUIC Local mode
 			return NewQUICNameServer(u)
 		case strings.EqualFold(u.String(), "fakedns"):
 			return NewFakeDNSServer(), nil
 		}
 	}
 	if dest.Network == net.Network_Unknown {
 		dest.Network = net.Network_UDP
 	}
 	if dest.Network == net.Network_UDP { // UDP classic DNS mode
 		return NewClassicNameServer(dest, dispatcher), nil
 	}
 	return nil, newError("No available name server could be created from ", dest).AtWarning()
 }
-func (s *LocalNameServer) QueryIP(ctx context.Context, domain string, option IPOption) ([]net.IP, error) {
+// NewClient creates a DNS client managing a name server with client IP, domain rules and expected IPs.
-	if option.IPv4Enable && option.IPv6Enable {
+func NewClient(ctx context.Context, ns *NameServer, clientIP net.IP, container geoip.GeoIPMatcherContainer, matcherInfos *[]DomainMatcherInfo, updateDomainRule func(str.Matcher, int, []DomainMatcherInfo) error) (*Client, error) {
-		return s.client.LookupIP(domain)
+	client := &Client{}
 	err := core.RequireFeatures(ctx, func(dispatcher routing.Dispatcher) error {
 		// Create a new server for each client for now
 		server, err := NewServer(ns.Address.AsDestination(), dispatcher)
 		if err != nil {
 			return newError("failed to create nameserver").Base(err).AtWarning()
 		}
-	if option.IPv4Enable {
+		// Priotize local domains with specific TLDs or without any dot to local DNS
-		return s.client.LookupIPv4(domain)
+		if _, isLocalDNS := server.(*LocalNameServer); isLocalDNS {
 			ns.PrioritizedDomain = append(ns.PrioritizedDomain, localTLDsAndDotlessDomains...)
 			ns.OriginalRules = append(ns.OriginalRules, localTLDsAndDotlessDomainsRule)
 			// The following lines is a solution to avoid core panics（rule index out of range） when setting `localhost` DNS client in config.
 			// Because the `localhost` DNS client will apend len(localTLDsAndDotlessDomains) rules into matcherInfos to match `geosite:private` default rule.
 			// But `matcherInfos` has no enough length to add rules, which leads to core panics (rule index out of range).
 			// To avoid this, the length of `matcherInfos` must be equal to the expected, so manually append it with Golang default zero value first for later modification.
 			for i := 0; i < len(localTLDsAndDotlessDomains); i++ {
 				*matcherInfos = append(*matcherInfos, DomainMatcherInfo{
 					clientIdx:     uint16(0),
 					domainRuleIdx: uint16(0),
 				})
 			}
 		}
-	if option.IPv6Enable {
+		// Establish domain rules
-		return s.client.LookupIPv6(domain)
+		var rules []string
 		ruleCurr := 0
 		ruleIter := 0
 		for _, domain := range ns.PrioritizedDomain {
 			domainRule, err := toStrMatcher(domain.Type, domain.Value)
 			if err != nil {
 				return newError("failed to create prioritized domain").Base(err).AtWarning()
 			}
 			originalRuleIdx := ruleCurr
 			if ruleCurr < len(ns.OriginalRules) {
 				rule := ns.OriginalRules[ruleCurr]
 				if ruleCurr >= len(rules) {
 					rules = append(rules, rule.Rule)
 				}
 				ruleIter++
 				if ruleIter >= int(rule.Size) {
 					ruleIter = 0
 					ruleCurr++
 				}
 			} else { // No original rule, generate one according to current domain matcher (majorly for compatibility with tests)
 				rules = append(rules, domainRule.String())
 				ruleCurr++
 			}
 			err = updateDomainRule(domainRule, originalRuleIdx, *matcherInfos)
 			if err != nil {
 				return newError("failed to create prioritized domain").Base(err).AtWarning()
 			}
 		}
-	return nil, newError("neither IPv4 nor IPv6 is enabled")
+		// Establish expected IPs
 		var matchers []*geoip.GeoIPMatcher
 		for _, geoip := range ns.Geoip {
 			matcher, err := container.Add(geoip)
 			if err != nil {
 				return newError("failed to create ip matcher").Base(err).AtWarning()
 			}
 			matchers = append(matchers, matcher)
 		}
-func (s *LocalNameServer) Name() string {
+		if len(clientIP) > 0 {
-	return "localhost"
+			switch ns.Address.Address.GetAddress().(type) {
 			case *net.IPOrDomain_Domain:
 				newError("DNS: client ", ns.Address.Address.GetDomain(), " uses clientIP ", clientIP.String()).AtInfo().WriteToLog()
 			case *net.IPOrDomain_Ip:
 				newError("DNS: client ", ns.Address.Address.GetIp(), " uses clientIP ", clientIP.String()).AtInfo().WriteToLog()
 			}
 		}
-func NewLocalNameServer() *LocalNameServer {
+		client.server = server
-	newError("DNS: created localhost client").AtInfo().WriteToLog()
+		client.clientIP = clientIP
-	return &LocalNameServer{
+		client.domains = rules
-		client: localdns.New(),
+		client.expectIPs = matchers
 		return nil
 	})
 	return client, err
 }
 // NewSimpleClient creates a DNS client with a simple destination.
 func NewSimpleClient(ctx context.Context, endpoint *net.Endpoint, clientIP net.IP) (*Client, error) {
 	client := &Client{}
 	err := core.RequireFeatures(ctx, func(dispatcher routing.Dispatcher) error {
 		server, err := NewServer(endpoint.AsDestination(), dispatcher)
 		if err != nil {
 			return newError("failed to create nameserver").Base(err).AtWarning()
 		}
 		client.server = server
 		client.clientIP = clientIP
 		return nil
 	})
 	if len(clientIP) > 0 {
 		switch endpoint.Address.GetAddress().(type) {
 		case *net.IPOrDomain_Domain:
 			newError("DNS: client ", endpoint.Address.GetDomain(), " uses clientIP ", clientIP.String()).AtInfo().WriteToLog()
 		case *net.IPOrDomain_Ip:
 			newError("DNS: client ", endpoint.Address.GetIp(), " uses clientIP ", clientIP.String()).AtInfo().WriteToLog()
 		}
 	}
 	return client, err
 }
 // Name returns the server name the client manages.
 func (c *Client) Name() string {
 	return c.server.Name()
 }
 // QueryIP send DNS query to the name server with the client's IP.
 func (c *Client) QueryIP(ctx context.Context, domain string, option dns.IPOption, cs CacheStrategy) ([]net.IP, error) {
 	ctx, cancel := context.WithTimeout(ctx, 4*time.Second)
 	ips, err := c.server.QueryIP(ctx, domain, c.clientIP, option, cs)
 	cancel()
 	if err != nil {
 		return ips, err
 	}
 	return c.MatchExpectedIPs(domain, ips)
 }
 // MatchExpectedIPs matches queried domain IPs with expected IPs and returns matched ones.
 func (c *Client) MatchExpectedIPs(domain string, ips []net.IP) ([]net.IP, error) {
 	if len(c.expectIPs) == 0 {
 		return ips, nil
 	}
 	newIps := []net.IP{}
 	for _, ip := range ips {
 		for _, matcher := range c.expectIPs {
 			if matcher.Match(ip) {
 				newIps = append(newIps, ip)
 				break
 			}
 		}
 	}
 	if len(newIps) == 0 {
 		return nil, errExpectedIPNonMatch
 	}
 	newError("domain ", domain, " expectIPs ", newIps, " matched at server ", c.Name()).AtDebug().WriteToLog()
 	return newIps, nil
 }
--- a/app/dns/nameserver_doh.go
+++ b/app/dns/nameserver_doh.go
@@ -13,6 +13,7 @@ import (
 	"time"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/log"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/net/cnc"
 	"github.com/xtls/xray-core/common/protocol/dns"
@@ -41,20 +42,77 @@ type DoHNameServer struct {
 	name       string
 }
-// NewDoHNameServer creates DOH client object for remote resolving
+// NewDoHNameServer creates DOH server object for remote resolving
-func NewDoHNameServer(url *url.URL, dispatcher routing.Dispatcher, clientIP net.IP) (*DoHNameServer, error) {
+func NewDoHNameServer(url *url.URL, dispatcher routing.Dispatcher) (*DoHNameServer, error) {
 	newError("DNS: created Remote DOH client for ", url.String()).AtInfo().WriteToLog()
-	s := baseDOHNameServer(url, "DOH", clientIP)
+	s := baseDOHNameServer(url, "DOH")
 	s.dispatcher = dispatcher
 	tr := &http.Transport{
 		MaxIdleConns:        30,
 		IdleConnTimeout:     90 * time.Second,
 		TLSHandshakeTimeout: 30 * time.Second,
 		ForceAttemptHTTP2:   true,
 		DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
 			dispatcherCtx := context.Background()
 			dest, err := net.ParseDestination(network + ":" + addr)
 			if err != nil {
 				return nil, err
 			}
 			dispatcherCtx = session.ContextWithContent(dispatcherCtx, session.ContentFromContext(ctx))
 			dispatcherCtx = session.ContextWithInbound(dispatcherCtx, session.InboundFromContext(ctx))
 			dispatcherCtx = log.ContextWithAccessMessage(dispatcherCtx, &log.AccessMessage{
 				From:   "DoH",
 				To:     s.dohURL,
 				Status: log.AccessAccepted,
 				Reason: "",
 			})
 			link, err := s.dispatcher.Dispatch(dispatcherCtx, dest)
 			select {
 			case <-ctx.Done():
 				return nil, ctx.Err()
 			default:
 			}
 			if err != nil {
 				return nil, err
 			}
 			log.Record(&log.AccessMessage{
 				From:   "DoH",
 				To:     s.dohURL,
 				Status: log.AccessAccepted,
 				Detour: "local",
 			})
 			cc := common.ChainedClosable{}
 			if cw, ok := link.Writer.(common.Closable); ok {
 				cc = append(cc, cw)
 			}
 			if cr, ok := link.Reader.(common.Closable); ok {
 				cc = append(cc, cr)
 			}
 			return cnc.NewConnection(
 				cnc.ConnectionInputMulti(link.Writer),
 				cnc.ConnectionOutputMulti(link.Reader),
 				cnc.ConnectionOnClose(cc),
 			), nil
 		},
 	}
 	s.httpClient = &http.Client{
 		Timeout:   time.Second * 180,
 		Transport: tr,
 	}
 	return s, nil
 }
 // NewDoHLocalNameServer creates DOH client object for local resolving
-func NewDoHLocalNameServer(url *url.URL, clientIP net.IP) *DoHNameServer {
+func NewDoHLocalNameServer(url *url.URL) *DoHNameServer {
 	url.Scheme = "https"
-	s := baseDOHNameServer(url, "DOHL", clientIP)
+	s := baseDOHNameServer(url, "DOHL")
 	tr := &http.Transport{
 		IdleConnTimeout:   90 * time.Second,
 		ForceAttemptHTTP2: true,
@@ -64,6 +122,12 @@ func NewDoHLocalNameServer(url *url.URL, clientIP net.IP) *DoHNameServer {
 				return nil, err
 			}
 			conn, err := internet.DialSystem(ctx, dest, nil)
 			log.Record(&log.AccessMessage{
 				From:   "DoH",
 				To:     s.dohURL,
 				Status: log.AccessAccepted,
 				Detour: "local",
 			})
 			if err != nil {
 				return nil, err
 			}
@@ -78,10 +142,9 @@ func NewDoHLocalNameServer(url *url.URL, clientIP net.IP) *DoHNameServer {
 	return s
 }
-func baseDOHNameServer(url *url.URL, prefix string, clientIP net.IP) *DoHNameServer {
+func baseDOHNameServer(url *url.URL, prefix string) *DoHNameServer {
 	s := &DoHNameServer{
 		ips:    make(map[string]record),
 		clientIP: clientIP,
 		pub:    pubsub.NewService(),
 		name:   prefix + "//" + url.Host,
 		dohURL: url.String(),
@@ -94,7 +157,7 @@ func baseDOHNameServer(url *url.URL, prefix string, clientIP net.IP) *DoHNameSer
 	return s
 }
-// Name returns client name
+// Name implements Server.
 func (s *DoHNameServer) Name() string {
 	return s.name
 }
@@ -177,7 +240,7 @@ func (s *DoHNameServer) newReqID() uint16 {
 	return uint16(atomic.AddUint32(&s.reqID, 1))
 }
-func (s *DoHNameServer) sendQuery(ctx context.Context, domain string, option IPOption) {
+func (s *DoHNameServer) sendQuery(ctx context.Context, domain string, clientIP net.IP, option dns_feature.IPOption) {
 	newError(s.name, " querying: ", domain).AtInfo().WriteToLog(session.ExportIDToError(ctx))
 	if s.name+"." == "DOH//"+domain {
@@ -185,7 +248,7 @@ func (s *DoHNameServer) sendQuery(ctx context.Context, domain string, option IPO
 		return
 	}
-	reqs := buildReqMsgs(domain, option, s.newReqID, genEDNS0Options(s.clientIP))
+	reqs := buildReqMsgs(domain, option, s.newReqID, genEDNS0Options(clientIP))
 	var deadline time.Time
 	if d, ok := ctx.Deadline(); ok {
@@ -207,7 +270,7 @@ func (s *DoHNameServer) sendQuery(ctx context.Context, domain string, option IPO
 			dnsCtx = session.ContextWithContent(dnsCtx, &session.Content{
 				Protocol:       "https",
-				//SkipRoutePick: true,
+				SkipDNSResolve: true,
 			})
 			// forced to use mux for DOH
@@ -249,41 +312,6 @@ func (s *DoHNameServer) dohHTTPSContext(ctx context.Context, b []byte) ([]byte,
 	hc := s.httpClient
 	// Dispatched connection will be closed (interrupted) after each request
 	// This makes DOH inefficient without a keep-alived connection
 	// See: core/app/proxyman/outbound/handler.go:113
 	// Using mux (https request wrapped in a stream layer) improves the situation.
 	// Recommend to use NewDoHLocalNameServer (DOHL:) if xray instance is running on
 	//  a normal network eg. the server side of xray
 	if s.dispatcher != nil {
 		tr := &http.Transport{
 			MaxIdleConns:        30,
 			IdleConnTimeout:     90 * time.Second,
 			TLSHandshakeTimeout: 30 * time.Second,
 			ForceAttemptHTTP2:   true,
 			DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
 				dest, err := net.ParseDestination(network + ":" + addr)
 				if err != nil {
 					return nil, err
 				}
 				link, err := s.dispatcher.Dispatch(ctx, dest)
 				if err != nil {
 					return nil, err
 				}
 				return cnc.NewConnection(
 					cnc.ConnectionInputMulti(link.Writer),
 					cnc.ConnectionOutputMulti(link.Reader),
 				), nil
 			},
 		}
 		hc = &http.Client{
 			Timeout:   time.Second * 180,
 			Transport: tr,
 		}
 	}
 	resp, err := hc.Do(req.WithContext(ctx))
 	if err != nil {
 		return nil, err
@@ -298,7 +326,7 @@ func (s *DoHNameServer) dohHTTPSContext(ctx context.Context, b []byte) ([]byte,
 	return ioutil.ReadAll(resp.Body)
 }
-func (s *DoHNameServer) findIPsForDomain(domain string, option IPOption) ([]net.IP, error) {
+func (s *DoHNameServer) findIPsForDomain(domain string, option dns_feature.IPOption) ([]net.IP, error) {
 	s.RLock()
 	record, found := s.ips[domain]
 	s.RUnlock()
@@ -326,7 +354,7 @@ func (s *DoHNameServer) findIPsForDomain(domain string, option IPOption) ([]net.
 	}
 	if len(ips) > 0 {
-		return toNetIP(ips), nil
+		return toNetIP(ips)
 	}
 	if lastErr != nil {
@@ -340,15 +368,22 @@ func (s *DoHNameServer) findIPsForDomain(domain string, option IPOption) ([]net.
 	return nil, errRecordNotFound
 }
-// QueryIP is called from dns.Server->queryIPTimeout
+// QueryIP implements Server.
-func (s *DoHNameServer) QueryIP(ctx context.Context, domain string, option IPOption) ([]net.IP, error) {
+func (s *DoHNameServer) QueryIP(ctx context.Context, domain string, clientIP net.IP, option dns_feature.IPOption, cs CacheStrategy) ([]net.IP, error) { // nolint: dupl
 	fqdn := Fqdn(domain)
 	if cs == CacheStrategy_Cache_DISABLE {
 		newError("DNS cache is disabled. Querying IP for ", domain, " at ", s.name).AtDebug().WriteToLog()
 	} else {
 		ips, err := s.findIPsForDomain(fqdn, option)
 		if err != errRecordNotFound {
 			if cs == CacheStrategy_Cache_NOERROR && err == nil {
 				newError(s.name, " cache HIT ", domain, " -> ", ips).Base(err).AtDebug().WriteToLog()
 				log.Record(&log.DNSLog{s.name, domain, ips, log.DNSCacheHit, 0, err})
 				return ips, err
 			}
 		}
 	}
 	// ipv4 and ipv6 belong to different subscription groups
 	var sub4, sub6 *pubsub.Subscriber
@@ -376,11 +411,13 @@ func (s *DoHNameServer) QueryIP(ctx context.Context, domain string, option IPOpt
 		}
 		close(done)
 	}()
-	s.sendQuery(ctx, fqdn, option)
+	s.sendQuery(ctx, fqdn, clientIP, option)
 	start := time.Now()
 	for {
 		ips, err := s.findIPsForDomain(fqdn, option)
 		if err != errRecordNotFound {
 			log.Record(&log.DNSLog{s.name, domain, ips, log.DNSQueried, time.Since(start), err})
 			return ips, err
 		}
--- a/app/dns/nameserver_doh_test.go
+++ b/app/dns/nameserver_doh_test.go
@@ -0,0 +1,60 @@
 package dns_test
 import (
 	"context"
 	"net/url"
 	"testing"
 	"time"
 	"github.com/google/go-cmp/cmp"
 	. "github.com/xtls/xray-core/app/dns"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/net"
 	dns_feature "github.com/xtls/xray-core/features/dns"
 )
 func TestDOHNameServer(t *testing.T) {
 	url, err := url.Parse("https+local://1.1.1.1/dns-query")
 	common.Must(err)
 	s := NewDoHLocalNameServer(url)
 	ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
 	ips, err := s.QueryIP(ctx, "google.com", net.IP(nil), dns_feature.IPOption{
 		IPv4Enable: true,
 		IPv6Enable: true,
 	}, CacheStrategy_Cache_ALL)
 	cancel()
 	common.Must(err)
 	if len(ips) == 0 {
 		t.Error("expect some ips, but got 0")
 	}
 }
 func TestDOHNameServerWithCache(t *testing.T) {
 	url, err := url.Parse("https+local://1.1.1.1/dns-query")
 	common.Must(err)
 	s := NewDoHLocalNameServer(url)
 	ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
 	ips, err := s.QueryIP(ctx, "google.com", net.IP(nil), dns_feature.IPOption{
 		IPv4Enable: true,
 		IPv6Enable: true,
 	}, CacheStrategy_Cache_ALL)
 	cancel()
 	common.Must(err)
 	if len(ips) == 0 {
 		t.Error("expect some ips, but got 0")
 	}
 	ctx2, cancel := context.WithTimeout(context.Background(), time.Second*2)
 	ips2, err := s.QueryIP(ctx2, "google.com", net.IP(nil), dns_feature.IPOption{
 		IPv4Enable: true,
 		IPv6Enable: true,
 	}, CacheStrategy_Cache_ALL)
 	cancel()
 	common.Must(err)
 	if r := cmp.Diff(ips2, ips); r != "" {
 		t.Fatal(r)
 	}
 }
--- a/app/dns/nameserver_fakedns.go
+++ b/app/dns/nameserver_fakedns.go
@@ -0,0 +1,43 @@
 package dns
 import (
 	"context"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/core"
 	"github.com/xtls/xray-core/features/dns"
 )
 type FakeDNSServer struct {
 	fakeDNSEngine dns.FakeDNSEngine
 }
 func NewFakeDNSServer() *FakeDNSServer {
 	return &FakeDNSServer{}
 }
 const FakeDNSName = "FakeDNS"
 func (FakeDNSServer) Name() string {
 	return FakeDNSName
 }
 func (f *FakeDNSServer) QueryIP(ctx context.Context, domain string, _ net.IP, _ dns.IPOption, _ CacheStrategy) ([]net.IP, error) {
 	if f.fakeDNSEngine == nil {
 		if err := core.RequireFeatures(ctx, func(fd dns.FakeDNSEngine) {
 			f.fakeDNSEngine = fd
 		}); err != nil {
 			return nil, newError("Unable to locate a fake DNS Engine").Base(err).AtError()
 		}
 	}
 	ips := f.fakeDNSEngine.GetFakeIPForDomain(domain)
 	netIP, err := toNetIP(ips)
 	if err != nil {
 		return nil, newError("Unable to convert IP to net ip").Base(err).AtError()
 	}
 	newError(f.Name(), " got answer: ", domain, " -> ", ips).AtInfo().WriteToLog()
 	return netIP, nil
 }
--- a/app/dns/nameserver_local.go
+++ b/app/dns/nameserver_local.go
@@ -0,0 +1,53 @@
 package dns
 import (
 	"context"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/features/dns"
 	"github.com/xtls/xray-core/features/dns/localdns"
 )
 // LocalNameServer is an wrapper over local DNS feature.
 type LocalNameServer struct {
 	client *localdns.Client
 }
 // QueryIP implements Server.
 func (s *LocalNameServer) QueryIP(_ context.Context, domain string, _ net.IP, option dns.IPOption, _ CacheStrategy) ([]net.IP, error) {
 	var ips []net.IP
 	var err error
 	switch {
 	case option.IPv4Enable && option.IPv6Enable:
 		ips, err = s.client.LookupIP(domain)
 	case option.IPv4Enable:
 		ips, err = s.client.LookupIPv4(domain)
 	case option.IPv6Enable:
 		ips, err = s.client.LookupIPv6(domain)
 	}
 	if len(ips) > 0 {
 		newError("Localhost got answer: ", domain, " -> ", ips).AtInfo().WriteToLog()
 	}
 	return ips, err
 }
 // Name implements Server.
 func (s *LocalNameServer) Name() string {
 	return "localhost"
 }
 // NewLocalNameServer creates localdns server object for directly lookup in system DNS.
 func NewLocalNameServer() *LocalNameServer {
 	newError("DNS: created localhost client").AtInfo().WriteToLog()
 	return &LocalNameServer{
 		client: localdns.New(),
 	}
 }
 // NewLocalDNSClient creates localdns client object for directly lookup in system DNS.
 func NewLocalDNSClient() *Client {
 	return &Client{server: NewLocalNameServer()}
 }
--- a/app/dns/nameserver_local_test.go
+++ b/app/dns/nameserver_local_test.go
@@ -7,15 +7,17 @@ import (
 	. "github.com/xtls/xray-core/app/dns"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/features/dns"
 )
 func TestLocalNameServer(t *testing.T) {
 	s := NewLocalNameServer()
-	ctx, cancel := context.WithTimeout(context.Background(), time.Second*2)
+	ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
-	ips, err := s.QueryIP(ctx, "google.com", IPOption{
+	ips, err := s.QueryIP(ctx, "google.com", net.IP{}, dns.IPOption{
 		IPv4Enable: true,
 		IPv6Enable: true,
-	})
+	}, CacheStrategy_Cache_ALL)
 	cancel()
 	common.Must(err)
 	if len(ips) == 0 {
--- a/app/dns/nameserver_quic.go
+++ b/app/dns/nameserver_quic.go
@@ -0,0 +1,394 @@
 package dns
 import (
 	"context"
 	"net/url"
 	"sync"
 	"sync/atomic"
 	"time"
 	"github.com/lucas-clemente/quic-go"
 	"golang.org/x/net/dns/dnsmessage"
 	"golang.org/x/net/http2"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/buf"
 	"github.com/xtls/xray-core/common/log"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/protocol/dns"
 	"github.com/xtls/xray-core/common/session"
 	"github.com/xtls/xray-core/common/signal/pubsub"
 	"github.com/xtls/xray-core/common/task"
 	dns_feature "github.com/xtls/xray-core/features/dns"
 	"github.com/xtls/xray-core/transport/internet/tls"
 )
 // NextProtoDQ - During connection establishment, DNS/QUIC support is indicated
 // by selecting the ALPN token "dq" in the crypto handshake.
 const NextProtoDQ = "doq-i00"
 // QUICNameServer implemented DNS over QUIC
 type QUICNameServer struct {
 	sync.RWMutex
 	ips         map[string]record
 	pub         *pubsub.Service
 	cleanup     *task.Periodic
 	reqID       uint32
 	name        string
 	destination net.Destination
 	session     quic.Session
 }
 // NewQUICNameServer creates DNS-over-QUIC client object for local resolving
 func NewQUICNameServer(url *url.URL) (*QUICNameServer, error) {
 	newError("DNS: created Local DNS-over-QUIC client for ", url.String()).AtInfo().WriteToLog()
 	var err error
 	port := net.Port(784)
 	if url.Port() != "" {
 		port, err = net.PortFromString(url.Port())
 		if err != nil {
 			return nil, err
 		}
 	}
 	dest := net.UDPDestination(net.DomainAddress(url.Hostname()), port)
 	s := &QUICNameServer{
 		ips:         make(map[string]record),
 		pub:         pubsub.NewService(),
 		name:        url.String(),
 		destination: dest,
 	}
 	s.cleanup = &task.Periodic{
 		Interval: time.Minute,
 		Execute:  s.Cleanup,
 	}
 	return s, nil
 }
 // Name returns client name
 func (s *QUICNameServer) Name() string {
 	return s.name
 }
 // Cleanup clears expired items from cache
 func (s *QUICNameServer) Cleanup() error {
 	now := time.Now()
 	s.Lock()
 	defer s.Unlock()
 	if len(s.ips) == 0 {
 		return newError("nothing to do. stopping...")
 	}
 	for domain, record := range s.ips {
 		if record.A != nil && record.A.Expire.Before(now) {
 			record.A = nil
 		}
 		if record.AAAA != nil && record.AAAA.Expire.Before(now) {
 			record.AAAA = nil
 		}
 		if record.A == nil && record.AAAA == nil {
 			newError(s.name, " cleanup ", domain).AtDebug().WriteToLog()
 			delete(s.ips, domain)
 		} else {
 			s.ips[domain] = record
 		}
 	}
 	if len(s.ips) == 0 {
 		s.ips = make(map[string]record)
 	}
 	return nil
 }
 func (s *QUICNameServer) updateIP(req *dnsRequest, ipRec *IPRecord) {
 	elapsed := time.Since(req.start)
 	s.Lock()
 	rec := s.ips[req.domain]
 	updated := false
 	switch req.reqType {
 	case dnsmessage.TypeA:
 		if isNewer(rec.A, ipRec) {
 			rec.A = ipRec
 			updated = true
 		}
 	case dnsmessage.TypeAAAA:
 		addr := make([]net.Address, 0)
 		for _, ip := range ipRec.IP {
 			if len(ip.IP()) == net.IPv6len {
 				addr = append(addr, ip)
 			}
 		}
 		ipRec.IP = addr
 		if isNewer(rec.AAAA, ipRec) {
 			rec.AAAA = ipRec
 			updated = true
 		}
 	}
 	newError(s.name, " got answer: ", req.domain, " ", req.reqType, " -> ", ipRec.IP, " ", elapsed).AtInfo().WriteToLog()
 	if updated {
 		s.ips[req.domain] = rec
 	}
 	switch req.reqType {
 	case dnsmessage.TypeA:
 		s.pub.Publish(req.domain+"4", nil)
 	case dnsmessage.TypeAAAA:
 		s.pub.Publish(req.domain+"6", nil)
 	}
 	s.Unlock()
 	common.Must(s.cleanup.Start())
 }
 func (s *QUICNameServer) newReqID() uint16 {
 	return uint16(atomic.AddUint32(&s.reqID, 1))
 }
 func (s *QUICNameServer) sendQuery(ctx context.Context, domain string, clientIP net.IP, option dns_feature.IPOption) {
 	newError(s.name, " querying: ", domain).AtInfo().WriteToLog(session.ExportIDToError(ctx))
 	reqs := buildReqMsgs(domain, option, s.newReqID, genEDNS0Options(clientIP))
 	var deadline time.Time
 	if d, ok := ctx.Deadline(); ok {
 		deadline = d
 	} else {
 		deadline = time.Now().Add(time.Second * 5)
 	}
 	for _, req := range reqs {
 		go func(r *dnsRequest) {
 			// generate new context for each req, using same context
 			// may cause reqs all aborted if any one encounter an error
 			dnsCtx := context.Background()
 			// reserve internal dns server requested Inbound
 			if inbound := session.InboundFromContext(ctx); inbound != nil {
 				dnsCtx = session.ContextWithInbound(dnsCtx, inbound)
 			}
 			dnsCtx = session.ContextWithContent(dnsCtx, &session.Content{
 				Protocol:       "quic",
 				SkipDNSResolve: true,
 			})
 			dnsCtx = log.ContextWithAccessMessage(dnsCtx, &log.AccessMessage{
 				From:   "DoQ",
 				To:     s.name,
 				Status: log.AccessAccepted,
 				Reason: "",
 			})
 			var cancel context.CancelFunc
 			dnsCtx, cancel = context.WithDeadline(dnsCtx, deadline)
 			defer cancel()
 			b, err := dns.PackMessage(r.msg)
 			if err != nil {
 				newError("failed to pack dns query").Base(err).AtError().WriteToLog()
 				return
 			}
 			conn, err := s.openStream(dnsCtx)
 			if err != nil {
 				newError("failed to open quic session").Base(err).AtError().WriteToLog()
 				return
 			}
 			_, err = conn.Write(b.Bytes())
 			if err != nil {
 				newError("failed to send query").Base(err).AtError().WriteToLog()
 				return
 			}
 			_ = conn.Close()
 			respBuf := buf.New()
 			defer respBuf.Release()
 			n, err := respBuf.ReadFrom(conn)
 			if err != nil && n == 0 {
 				newError("failed to read response").Base(err).AtError().WriteToLog()
 				return
 			}
 			rec, err := parseResponse(respBuf.Bytes())
 			if err != nil {
 				newError("failed to handle response").Base(err).AtError().WriteToLog()
 				return
 			}
 			s.updateIP(r, rec)
 		}(req)
 	}
 }
 func (s *QUICNameServer) findIPsForDomain(domain string, option dns_feature.IPOption) ([]net.IP, error) {
 	s.RLock()
 	record, found := s.ips[domain]
 	s.RUnlock()
 	if !found {
 		return nil, errRecordNotFound
 	}
 	var ips []net.Address
 	var lastErr error
 	if option.IPv6Enable && record.AAAA != nil && record.AAAA.RCode == dnsmessage.RCodeSuccess {
 		aaaa, err := record.AAAA.getIPs()
 		if err != nil {
 			lastErr = err
 		}
 		ips = append(ips, aaaa...)
 	}
 	if option.IPv4Enable && record.A != nil && record.A.RCode == dnsmessage.RCodeSuccess {
 		a, err := record.A.getIPs()
 		if err != nil {
 			lastErr = err
 		}
 		ips = append(ips, a...)
 	}
 	if len(ips) > 0 {
 		return toNetIP(ips)
 	}
 	if lastErr != nil {
 		return nil, lastErr
 	}
 	if (option.IPv4Enable && record.A != nil) || (option.IPv6Enable && record.AAAA != nil) {
 		return nil, dns_feature.ErrEmptyResponse
 	}
 	return nil, errRecordNotFound
 }
 // QueryIP is called from dns.Server->queryIPTimeout
 func (s *QUICNameServer) QueryIP(ctx context.Context, domain string, clientIP net.IP, option dns_feature.IPOption, cs CacheStrategy) ([]net.IP, error) {
 	fqdn := Fqdn(domain)
 	if cs == CacheStrategy_Cache_DISABLE {
 		newError("DNS cache is disabled. Querying IP for ", domain, " at ", s.name).AtDebug().WriteToLog()
 	} else {
 		ips, err := s.findIPsForDomain(fqdn, option)
 		if err != errRecordNotFound {
 			if cs == CacheStrategy_Cache_NOERROR && err == nil {
 				newError(s.name, " cache HIT ", domain, " -> ", ips).Base(err).AtDebug().WriteToLog()
 				log.Record(&log.DNSLog{s.name, domain, ips, log.DNSCacheHit, 0, err})
 				return ips, err
 			}
 		}
 	}
 	// ipv4 and ipv6 belong to different subscription groups
 	var sub4, sub6 *pubsub.Subscriber
 	if option.IPv4Enable {
 		sub4 = s.pub.Subscribe(fqdn + "4")
 		defer sub4.Close()
 	}
 	if option.IPv6Enable {
 		sub6 = s.pub.Subscribe(fqdn + "6")
 		defer sub6.Close()
 	}
 	done := make(chan interface{})
 	go func() {
 		if sub4 != nil {
 			select {
 			case <-sub4.Wait():
 			case <-ctx.Done():
 			}
 		}
 		if sub6 != nil {
 			select {
 			case <-sub6.Wait():
 			case <-ctx.Done():
 			}
 		}
 		close(done)
 	}()
 	s.sendQuery(ctx, fqdn, clientIP, option)
 	start := time.Now()
 	for {
 		ips, err := s.findIPsForDomain(fqdn, option)
 		if err != errRecordNotFound {
 			log.Record(&log.DNSLog{s.name, domain, ips, log.DNSQueried, time.Since(start), err})
 			return ips, err
 		}
 		select {
 		case <-ctx.Done():
 			return nil, ctx.Err()
 		case <-done:
 		}
 	}
 }
 func isActive(s quic.Session) bool {
 	select {
 	case <-s.Context().Done():
 		return false
 	default:
 		return true
 	}
 }
 func (s *QUICNameServer) getSession() (quic.Session, error) {
 	var session quic.Session
 	s.RLock()
 	session = s.session
 	if session != nil && isActive(session) {
 		s.RUnlock()
 		return session, nil
 	}
 	if session != nil {
 		// we're recreating the session, let's create a new one
 		_ = session.CloseWithError(0, "")
 	}
 	s.RUnlock()
 	s.Lock()
 	defer s.Unlock()
 	var err error
 	session, err = s.openSession()
 	if err != nil {
 		// This does not look too nice, but QUIC (or maybe quic-go)
 		// doesn't seem stable enough.
 		// Maybe retransmissions aren't fully implemented in quic-go?
 		// Anyways, the simple solution is to make a second try when
 		// it fails to open the QUIC session.
 		session, err = s.openSession()
 		if err != nil {
 			return nil, err
 		}
 	}
 	s.session = session
 	return session, nil
 }
 func (s *QUICNameServer) openSession() (quic.Session, error) {
 	tlsConfig := tls.Config{}
 	quicConfig := &quic.Config{}
 	session, err := quic.DialAddrContext(context.Background(), s.destination.NetAddr(), tlsConfig.GetTLSConfig(tls.WithNextProto("http/1.1", http2.NextProtoTLS, NextProtoDQ)), quicConfig)
 	if err != nil {
 		return nil, err
 	}
 	return session, nil
 }
 func (s *QUICNameServer) openStream(ctx context.Context) (quic.Stream, error) {
 	session, err := s.getSession()
 	if err != nil {
 		return nil, err
 	}
 	// open a new stream
 	return session.OpenStreamSync(ctx)
 }
--- a/app/dns/nameserver_quic_test.go
+++ b/app/dns/nameserver_quic_test.go
@@ -0,0 +1,60 @@
 package dns_test
 import (
 	"context"
 	"net/url"
 	"testing"
 	"time"
 	"github.com/google/go-cmp/cmp"
 	. "github.com/xtls/xray-core/app/dns"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/net"
 	dns_feature "github.com/xtls/xray-core/features/dns"
 )
 func TestQUICNameServer(t *testing.T) {
 	url, err := url.Parse("quic://dns.adguard.com")
 	common.Must(err)
 	s, err := NewQUICNameServer(url)
 	common.Must(err)
 	ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
 	ips, err := s.QueryIP(ctx, "google.com", net.IP(nil), dns_feature.IPOption{
 		IPv4Enable: true,
 		IPv6Enable: true,
 	}, CacheStrategy_Cache_ALL)
 	cancel()
 	common.Must(err)
 	if len(ips) == 0 {
 		t.Error("expect some ips, but got 0")
 	}
 }
 func TestQUICNameServerWithCache(t *testing.T) {
 	url, err := url.Parse("quic://dns.adguard.com")
 	common.Must(err)
 	s, err := NewQUICNameServer(url)
 	common.Must(err)
 	ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
 	ips, err := s.QueryIP(ctx, "google.com", net.IP(nil), dns_feature.IPOption{
 		IPv4Enable: true,
 		IPv6Enable: true,
 	}, CacheStrategy_Cache_ALL)
 	cancel()
 	common.Must(err)
 	if len(ips) == 0 {
 		t.Error("expect some ips, but got 0")
 	}
 	ctx2, cancel := context.WithTimeout(context.Background(), time.Second*5)
 	ips2, err := s.QueryIP(ctx2, "google.com", net.IP(nil), dns_feature.IPOption{
 		IPv4Enable: true,
 		IPv6Enable: true,
 	}, CacheStrategy_Cache_ALL)
 	cancel()
 	common.Must(err)
 	if r := cmp.Diff(ips2, ips); r != "" {
 		t.Fatal(r)
 	}
 }
--- a/app/dns/nameserver_udp.go
+++ b/app/dns/nameserver_udp.go
@@ -8,6 +8,7 @@ import (
 	"time"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/log"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/protocol/dns"
 	udp_proto "github.com/xtls/xray-core/common/protocol/udp"
@@ -30,10 +31,10 @@ type ClassicNameServer struct {
 	udpServer *udp.Dispatcher
 	cleanup   *task.Periodic
 	reqID     uint32
 	clientIP  net.IP
 }
-func NewClassicNameServer(address net.Destination, dispatcher routing.Dispatcher, clientIP net.IP) *ClassicNameServer {
+// NewClassicNameServer creates udp server object for remote resolving.
 func NewClassicNameServer(address net.Destination, dispatcher routing.Dispatcher) *ClassicNameServer {
 	// default to 53 if unspecific
 	if address.Port == 0 {
 		address.Port = net.Port(53)
@@ -43,7 +44,6 @@ func NewClassicNameServer(address net.Destination, dispatcher routing.Dispatcher
 		address:  address,
 		ips:      make(map[string]record),
 		requests: make(map[uint16]dnsRequest),
 		clientIP: clientIP,
 		pub:      pubsub.NewService(),
 		name:     strings.ToUpper(address.String()),
 	}
@@ -52,14 +52,16 @@ func NewClassicNameServer(address net.Destination, dispatcher routing.Dispatcher
 		Execute:  s.Cleanup,
 	}
 	s.udpServer = udp.NewDispatcher(dispatcher, s.HandleResponse)
-	newError("DNS: created udp client inited for ", address.NetAddr()).AtInfo().WriteToLog()
+	newError("DNS: created UDP client initialized for ", address.NetAddr()).AtInfo().WriteToLog()
 	return s
 }
 // Name implements Server.
 func (s *ClassicNameServer) Name() string {
 	return s.name
 }
 // Cleanup clears expired items from cache
 func (s *ClassicNameServer) Cleanup() error {
 	now := time.Now()
 	s.Lock()
@@ -101,6 +103,7 @@ func (s *ClassicNameServer) Cleanup() error {
 	return nil
 }
 // HandleResponse handles udp response packet from remote DNS server.
 func (s *ClassicNameServer) HandleResponse(ctx context.Context, packet *udp_proto.Packet) {
 	ipRec, err := parseResponse(packet.Payload.Bytes())
 	if err != nil {
@@ -178,10 +181,10 @@ func (s *ClassicNameServer) addPendingRequest(req *dnsRequest) {
 	s.requests[id] = *req
 }
-func (s *ClassicNameServer) sendQuery(ctx context.Context, domain string, option IPOption) {
+func (s *ClassicNameServer) sendQuery(ctx context.Context, domain string, clientIP net.IP, option dns_feature.IPOption) {
 	newError(s.name, " querying DNS for: ", domain).AtDebug().WriteToLog(session.ExportIDToError(ctx))
-	reqs := buildReqMsgs(domain, option, s.newReqID, genEDNS0Options(s.clientIP))
+	reqs := buildReqMsgs(domain, option, s.newReqID, genEDNS0Options(clientIP))
 	for _, req := range reqs {
 		s.addPendingRequest(req)
@@ -193,11 +196,17 @@ func (s *ClassicNameServer) sendQuery(ctx context.Context, domain string, option
 		udpCtx = session.ContextWithContent(udpCtx, &session.Content{
 			Protocol: "dns",
 		})
 		udpCtx = log.ContextWithAccessMessage(udpCtx, &log.AccessMessage{
 			From:   "DNS",
 			To:     s.address,
 			Status: log.AccessAccepted,
 			Reason: "",
 		})
 		s.udpServer.Dispatch(udpCtx, s.address, b)
 	}
 }
-func (s *ClassicNameServer) findIPsForDomain(domain string, option IPOption) ([]net.IP, error) {
+func (s *ClassicNameServer) findIPsForDomain(domain string, option dns_feature.IPOption) ([]net.IP, error) {
 	s.RLock()
 	record, found := s.ips[domain]
 	s.RUnlock()
@@ -225,7 +234,7 @@ func (s *ClassicNameServer) findIPsForDomain(domain string, option IPOption) ([]
 	}
 	if len(ips) > 0 {
-		return toNetIP(ips), nil
+		return toNetIP(ips)
 	}
 	if lastErr != nil {
@@ -235,14 +244,22 @@ func (s *ClassicNameServer) findIPsForDomain(domain string, option IPOption) ([]
 	return nil, dns_feature.ErrEmptyResponse
 }
-func (s *ClassicNameServer) QueryIP(ctx context.Context, domain string, option IPOption) ([]net.IP, error) {
+// QueryIP implements Server.
 func (s *ClassicNameServer) QueryIP(ctx context.Context, domain string, clientIP net.IP, option dns_feature.IPOption, cs CacheStrategy) ([]net.IP, error) {
 	fqdn := Fqdn(domain)
 	if cs == CacheStrategy_Cache_DISABLE {
 		newError("DNS cache is disabled. Querying IP for ", domain, " at ", s.name).AtDebug().WriteToLog()
 	} else {
 		ips, err := s.findIPsForDomain(fqdn, option)
 		if err != errRecordNotFound {
 			if cs == CacheStrategy_Cache_NOERROR && err == nil {
 				newError(s.name, " cache HIT ", domain, " -> ", ips).Base(err).AtDebug().WriteToLog()
 				log.Record(&log.DNSLog{s.name, domain, ips, log.DNSCacheHit, 0, err})
 				return ips, err
 			}
 		}
 	}
 	// ipv4 and ipv6 belong to different subscription groups
 	var sub4, sub6 *pubsub.Subscriber
@@ -270,11 +287,13 @@ func (s *ClassicNameServer) QueryIP(ctx context.Context, domain string, option I
 		}
 		close(done)
 	}()
-	s.sendQuery(ctx, fqdn, option)
+	s.sendQuery(ctx, fqdn, clientIP, option)
 	start := time.Now()
 	for {
 		ips, err := s.findIPsForDomain(fqdn, option)
 		if err != errRecordNotFound {
 			log.Record(&log.DNSLog{s.name, domain, ips, log.DNSQueried, time.Since(start), err})
 			return ips, err
 		}
--- a/app/dns/options.go
+++ b/app/dns/options.go
@@ -0,0 +1,16 @@
 package dns
 import "github.com/xtls/xray-core/features/dns"
 func isIPQuery(o *dns.IPOption) bool {
 	return o.IPv4Enable || o.IPv6Enable
 }
 func canQueryOnClient(o *dns.IPOption, c *Client) bool {
 	isIPClient := !(c.Name() == FakeDNSName)
 	return isIPClient && isIPQuery(o)
 }
 func isQuery(o *dns.IPOption) bool {
 	return !(o.IPv4Enable || o.IPv6Enable || o.FakeEnable)
 }
--- a/app/dns/server.go
+++ b/app/dns/server.go
@@ -1,448 +0,0 @@
 package dns
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
 import (
 	"context"
 	"fmt"
 	"log"
 	"net/url"
 	"strings"
 	"sync"
 	"time"
 	"github.com/xtls/xray-core/app/router"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/session"
 	"github.com/xtls/xray-core/common/strmatcher"
 	"github.com/xtls/xray-core/common/uuid"
 	core "github.com/xtls/xray-core/core"
 	"github.com/xtls/xray-core/features"
 	"github.com/xtls/xray-core/features/dns"
 	"github.com/xtls/xray-core/features/routing"
 )
 // Server is a DNS rely server.
 type Server struct {
 	sync.Mutex
 	hosts         *StaticHosts
 	clientIP      net.IP
 	clients       []Client             // clientIdx -> Client
 	ipIndexMap    []*MultiGeoIPMatcher // clientIdx -> *MultiGeoIPMatcher
 	domainRules   [][]string           // clientIdx -> domainRuleIdx -> DomainRule
 	domainMatcher strmatcher.IndexMatcher
 	matcherInfos  []DomainMatcherInfo // matcherIdx -> DomainMatcherInfo
 	tag           string
 }
 // DomainMatcherInfo contains information attached to index returned by Server.domainMatcher
 type DomainMatcherInfo struct {
 	clientIdx     uint16
 	domainRuleIdx uint16
 }
 // MultiGeoIPMatcher for match
 type MultiGeoIPMatcher struct {
 	matchers []*router.GeoIPMatcher
 }
 var errExpectedIPNonMatch = errors.New("expectIPs not match")
 // Match check ip match
 func (c *MultiGeoIPMatcher) Match(ip net.IP) bool {
 	for _, matcher := range c.matchers {
 		if matcher.Match(ip) {
 			return true
 		}
 	}
 	return false
 }
 // HasMatcher check has matcher
 func (c *MultiGeoIPMatcher) HasMatcher() bool {
 	return len(c.matchers) > 0
 }
 func generateRandomTag() string {
 	id := uuid.New()
 	return "xray.system." + id.String()
 }
 // New creates a new DNS server with given configuration.
 func New(ctx context.Context, config *Config) (*Server, error) {
 	server := &Server{
 		clients: make([]Client, 0, len(config.NameServers)+len(config.NameServer)),
 		tag:     config.Tag,
 	}
 	if server.tag == "" {
 		server.tag = generateRandomTag()
 	}
 	if len(config.ClientIp) > 0 {
 		if len(config.ClientIp) != net.IPv4len && len(config.ClientIp) != net.IPv6len {
 			return nil, newError("unexpected IP length", len(config.ClientIp))
 		}
 		server.clientIP = net.IP(config.ClientIp)
 	}
 	hosts, err := NewStaticHosts(config.StaticHosts, config.Hosts)
 	if err != nil {
 		return nil, newError("failed to create hosts").Base(err)
 	}
 	server.hosts = hosts
 	addNameServer := func(ns *NameServer) int {
 		endpoint := ns.Address
 		address := endpoint.Address.AsAddress()
 		switch {
 		case address.Family().IsDomain() && address.Domain() == "localhost":
 			server.clients = append(server.clients, NewLocalNameServer())
 			// Priotize local domains with specific TLDs or without any dot to local DNS
 			// References:
 			// https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
 			// https://unix.stackexchange.com/questions/92441/whats-the-difference-between-local-home-and-lan
 			localTLDsAndDotlessDomains := []*NameServer_PriorityDomain{
 				{Type: DomainMatchingType_Regex, Domain: "^[^.]+$"}, // This will only match domains without any dot
 				{Type: DomainMatchingType_Subdomain, Domain: "local"},
 				{Type: DomainMatchingType_Subdomain, Domain: "localdomain"},
 				{Type: DomainMatchingType_Subdomain, Domain: "localhost"},
 				{Type: DomainMatchingType_Subdomain, Domain: "lan"},
 				{Type: DomainMatchingType_Subdomain, Domain: "home.arpa"},
 				{Type: DomainMatchingType_Subdomain, Domain: "example"},
 				{Type: DomainMatchingType_Subdomain, Domain: "invalid"},
 				{Type: DomainMatchingType_Subdomain, Domain: "test"},
 			}
 			ns.PrioritizedDomain = append(ns.PrioritizedDomain, localTLDsAndDotlessDomains...)
 		case address.Family().IsDomain() && strings.HasPrefix(address.Domain(), "https+local://"):
 			// URI schemed string treated as domain
 			// DOH Local mode
 			u, err := url.Parse(address.Domain())
 			if err != nil {
 				log.Fatalln(newError("DNS config error").Base(err))
 			}
 			server.clients = append(server.clients, NewDoHLocalNameServer(u, server.clientIP))
 		case address.Family().IsDomain() && strings.HasPrefix(address.Domain(), "https://"):
 			// DOH Remote mode
 			u, err := url.Parse(address.Domain())
 			if err != nil {
 				log.Fatalln(newError("DNS config error").Base(err))
 			}
 			idx := len(server.clients)
 			server.clients = append(server.clients, nil)
 			// need the core dispatcher, register DOHClient at callback
 			common.Must(core.RequireFeatures(ctx, func(d routing.Dispatcher) {
 				c, err := NewDoHNameServer(u, d, server.clientIP)
 				if err != nil {
 					log.Fatalln(newError("DNS config error").Base(err))
 				}
 				server.clients[idx] = c
 			}))
 		default:
 			// UDP classic DNS mode
 			dest := endpoint.AsDestination()
 			if dest.Network == net.Network_Unknown {
 				dest.Network = net.Network_UDP
 			}
 			if dest.Network == net.Network_UDP {
 				idx := len(server.clients)
 				server.clients = append(server.clients, nil)
 				common.Must(core.RequireFeatures(ctx, func(d routing.Dispatcher) {
 					server.clients[idx] = NewClassicNameServer(dest, d, server.clientIP)
 				}))
 			}
 		}
 		server.ipIndexMap = append(server.ipIndexMap, nil)
 		return len(server.clients) - 1
 	}
 	if len(config.NameServers) > 0 {
 		features.PrintDeprecatedFeatureWarning("simple DNS server")
 		for _, destPB := range config.NameServers {
 			addNameServer(&NameServer{Address: destPB})
 		}
 	}
 	if len(config.NameServer) > 0 {
 		clientIndices := []int{}
 		domainRuleCount := 0
 		for _, ns := range config.NameServer {
 			idx := addNameServer(ns)
 			clientIndices = append(clientIndices, idx)
 			domainRuleCount += len(ns.PrioritizedDomain)
 		}
 		domainRules := make([][]string, len(server.clients))
 		domainMatcher := &strmatcher.MatcherGroup{}
 		matcherInfos := make([]DomainMatcherInfo, domainRuleCount+1) // matcher index starts from 1
 		var geoIPMatcherContainer router.GeoIPMatcherContainer
 		for nidx, ns := range config.NameServer {
 			idx := clientIndices[nidx]
 			// Establish domain rule matcher
 			rules := []string{}
 			ruleCurr := 0
 			ruleIter := 0
 			for _, domain := range ns.PrioritizedDomain {
 				matcher, err := toStrMatcher(domain.Type, domain.Domain)
 				if err != nil {
 					return nil, newError("failed to create prioritized domain").Base(err).AtWarning()
 				}
 				midx := domainMatcher.Add(matcher)
 				if midx >= uint32(len(matcherInfos)) { // This rarely happens according to current matcher's implementation
 					newError("expanding domain matcher info array to size ", midx, " when adding ", matcher).AtDebug().WriteToLog()
 					matcherInfos = append(matcherInfos, make([]DomainMatcherInfo, midx-uint32(len(matcherInfos))+1)...)
 				}
 				info := &matcherInfos[midx]
 				info.clientIdx = uint16(idx)
 				if ruleCurr < len(ns.OriginalRules) {
 					info.domainRuleIdx = uint16(ruleCurr)
 					rule := ns.OriginalRules[ruleCurr]
 					if ruleCurr >= len(rules) {
 						rules = append(rules, rule.Rule)
 					}
 					ruleIter++
 					if ruleIter >= int(rule.Size) {
 						ruleIter = 0
 						ruleCurr++
 					}
 				} else { // No original rule, generate one according to current domain matcher (majorly for compatibility with tests)
 					info.domainRuleIdx = uint16(len(rules))
 					rules = append(rules, matcher.String())
 				}
 			}
 			domainRules[idx] = rules
 			// only add to ipIndexMap if GeoIP is configured
 			if len(ns.Geoip) > 0 {
 				var matchers []*router.GeoIPMatcher
 				for _, geoip := range ns.Geoip {
 					matcher, err := geoIPMatcherContainer.Add(geoip)
 					if err != nil {
 						return nil, newError("failed to create ip matcher").Base(err).AtWarning()
 					}
 					matchers = append(matchers, matcher)
 				}
 				matcher := &MultiGeoIPMatcher{matchers: matchers}
 				server.ipIndexMap[idx] = matcher
 			}
 		}
 		server.domainRules = domainRules
 		server.domainMatcher = domainMatcher
 		server.matcherInfos = matcherInfos
 	}
 	if len(server.clients) == 0 {
 		server.clients = append(server.clients, NewLocalNameServer())
 		server.ipIndexMap = append(server.ipIndexMap, nil)
 	}
 	return server, nil
 }
 // Type implements common.HasType.
 func (*Server) Type() interface{} {
 	return dns.ClientType()
 }
 // Start implements common.Runnable.
 func (s *Server) Start() error {
 	return nil
 }
 // Close implements common.Closable.
 func (s *Server) Close() error {
 	return nil
 }
 func (s *Server) IsOwnLink(ctx context.Context) bool {
 	inbound := session.InboundFromContext(ctx)
 	return inbound != nil && inbound.Tag == s.tag
 }
 // Match check dns ip match geoip
 func (s *Server) Match(idx int, client Client, domain string, ips []net.IP) ([]net.IP, error) {
 	var matcher *MultiGeoIPMatcher
 	if idx < len(s.ipIndexMap) {
 		matcher = s.ipIndexMap[idx]
 	}
 	if matcher == nil {
 		return ips, nil
 	}
 	if !matcher.HasMatcher() {
 		newError("domain ", domain, " server has no valid matcher: ", client.Name(), " idx:", idx).AtDebug().WriteToLog()
 		return ips, nil
 	}
 	newIps := []net.IP{}
 	for _, ip := range ips {
 		if matcher.Match(ip) {
 			newIps = append(newIps, ip)
 		}
 	}
 	if len(newIps) == 0 {
 		return nil, errExpectedIPNonMatch
 	}
 	newError("domain ", domain, " expectIPs ", newIps, " matched at server ", client.Name(), " idx:", idx).AtDebug().WriteToLog()
 	return newIps, nil
 }
 func (s *Server) queryIPTimeout(idx int, client Client, domain string, option IPOption) ([]net.IP, error) {
 	ctx, cancel := context.WithTimeout(context.Background(), time.Second*4)
 	if len(s.tag) > 0 {
 		ctx = session.ContextWithInbound(ctx, &session.Inbound{
 			Tag: s.tag,
 		})
 	}
 	ips, err := client.QueryIP(ctx, domain, option)
 	cancel()
 	if err != nil {
 		return ips, err
 	}
 	ips, err = s.Match(idx, client, domain, ips)
 	return ips, err
 }
 // LookupIP implements dns.Client.
 func (s *Server) LookupIP(domain string) ([]net.IP, error) {
 	return s.lookupIPInternal(domain, IPOption{
 		IPv4Enable: true,
 		IPv6Enable: true,
 	})
 }
 // LookupIPv4 implements dns.IPv4Lookup.
 func (s *Server) LookupIPv4(domain string) ([]net.IP, error) {
 	return s.lookupIPInternal(domain, IPOption{
 		IPv4Enable: true,
 		IPv6Enable: false,
 	})
 }
 // LookupIPv6 implements dns.IPv6Lookup.
 func (s *Server) LookupIPv6(domain string) ([]net.IP, error) {
 	return s.lookupIPInternal(domain, IPOption{
 		IPv4Enable: false,
 		IPv6Enable: true,
 	})
 }
 func (s *Server) lookupStatic(domain string, option IPOption, depth int32) []net.Address {
 	ips := s.hosts.LookupIP(domain, option)
 	if ips == nil {
 		return nil
 	}
 	if ips[0].Family().IsDomain() && depth < 5 {
 		if newIPs := s.lookupStatic(ips[0].Domain(), option, depth+1); newIPs != nil {
 			return newIPs
 		}
 	}
 	return ips
 }
 func toNetIP(ips []net.Address) []net.IP {
 	if len(ips) == 0 {
 		return nil
 	}
 	netips := make([]net.IP, 0, len(ips))
 	for _, ip := range ips {
 		netips = append(netips, ip.IP())
 	}
 	return netips
 }
 func (s *Server) lookupIPInternal(domain string, option IPOption) ([]net.IP, error) {
 	if domain == "" {
 		return nil, newError("empty domain name")
 	}
 	domain = strings.ToLower(domain)
 	// normalize the FQDN form query
 	if domain[len(domain)-1] == '.' {
 		domain = domain[:len(domain)-1]
 	}
 	ips := s.lookupStatic(domain, option, 0)
 	if ips != nil && ips[0].Family().IsIP() {
 		newError("returning ", len(ips), " IPs for domain ", domain).WriteToLog()
 		return toNetIP(ips), nil
 	}
 	if ips != nil && ips[0].Family().IsDomain() {
 		newdomain := ips[0].Domain()
 		newError("domain replaced: ", domain, " -> ", newdomain).WriteToLog()
 		domain = newdomain
 	}
 	var lastErr error
 	var matchedClient Client
 	if s.domainMatcher != nil {
 		indices := s.domainMatcher.Match(domain)
 		domainRules := []string{}
 		matchingDNS := []string{}
 		for _, idx := range indices {
 			info := s.matcherInfos[idx]
 			rule := s.domainRules[info.clientIdx][info.domainRuleIdx]
 			domainRules = append(domainRules, fmt.Sprintf("%s(DNS idx:%d)", rule, info.clientIdx))
 			matchingDNS = append(matchingDNS, s.clients[info.clientIdx].Name())
 		}
 		if len(domainRules) > 0 {
 			newError("domain ", domain, " matches following rules: ", domainRules).AtDebug().WriteToLog()
 		}
 		if len(matchingDNS) > 0 {
 			newError("domain ", domain, " uses following DNS first: ", matchingDNS).AtDebug().WriteToLog()
 		}
 		for _, idx := range indices {
 			clientIdx := int(s.matcherInfos[idx].clientIdx)
 			matchedClient = s.clients[clientIdx]
 			ips, err := s.queryIPTimeout(clientIdx, matchedClient, domain, option)
 			if len(ips) > 0 {
 				return ips, nil
 			}
 			if err == dns.ErrEmptyResponse {
 				return nil, err
 			}
 			if err != nil {
 				newError("failed to lookup ip for domain ", domain, " at server ", matchedClient.Name()).Base(err).WriteToLog()
 				lastErr = err
 			}
 		}
 	}
 	for idx, client := range s.clients {
 		if client == matchedClient {
 			newError("domain ", domain, " at server ", client.Name(), " idx:", idx, " already lookup failed, just ignore").AtDebug().WriteToLog()
 			continue
 		}
 		ips, err := s.queryIPTimeout(idx, client, domain, option)
 		if len(ips) > 0 {
 			return ips, nil
 		}
 		if err != nil {
 			newError("failed to lookup ip for domain ", domain, " at server ", client.Name()).Base(err).WriteToLog()
 			lastErr = err
 		}
 		if err != context.Canceled && err != context.DeadlineExceeded && err != errExpectedIPNonMatch {
 			return nil, err
 		}
 	}
 	return nil, newError("returning nil for domain ", domain).Base(lastErr)
 }
 func init() {
 	common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
 		return New(ctx, config.(*Config))
 	}))
 }
--- a/app/log/config.pb.go
+++ b/app/log/config.pb.go
@@ -88,6 +88,7 @@ type Config struct {
 	ErrorLogPath  string       `protobuf:"bytes,3,opt,name=error_log_path,json=errorLogPath,proto3" json:"error_log_path,omitempty"`
 	AccessLogType LogType      `protobuf:"varint,4,opt,name=access_log_type,json=accessLogType,proto3,enum=xray.app.log.LogType" json:"access_log_type,omitempty"`
 	AccessLogPath string       `protobuf:"bytes,5,opt,name=access_log_path,json=accessLogPath,proto3" json:"access_log_path,omitempty"`
 	EnableDnsLog  bool         `protobuf:"varint,6,opt,name=enable_dns_log,json=enableDnsLog,proto3" json:"enable_dns_log,omitempty"`
 }
 func (x *Config) Reset() {
@@ -157,13 +158,20 @@ func (x *Config) GetAccessLogPath() string {
 	return ""
 }
 func (x *Config) GetEnableDnsLog() bool {
 	if x != nil {
 		return x.EnableDnsLog
 	}
 	return false
 }
 var File_app_log_config_proto protoreflect.FileDescriptor
 var file_app_log_config_proto_rawDesc = []byte{
 	0x0a, 0x14, 0x61, 0x70, 0x70, 0x2f, 0x6c, 0x6f, 0x67, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
 	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70,
 	0x2e, 0x6c, 0x6f, 0x67, 0x1a, 0x14, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6c, 0x6f, 0x67,
-	0x2f, 0x6c, 0x6f, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x95, 0x02, 0x0a, 0x06, 0x43,
+	0x2f, 0x6c, 0x6f, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xbb, 0x02, 0x0a, 0x06, 0x43,
 	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3b, 0x0a, 0x0e, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x6c,
 	0x6f, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x15, 0x2e,
 	0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x6c, 0x6f, 0x67, 0x2e, 0x4c, 0x6f, 0x67,
@@ -181,15 +189,17 @@ var file_app_log_config_proto_rawDesc = []byte{
 	0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x54, 0x79, 0x70, 0x65, 0x12, 0x26, 0x0a, 0x0f, 0x61, 0x63,
 	0x63, 0x65, 0x73, 0x73, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x05, 0x20,
 	0x01, 0x28, 0x09, 0x52, 0x0d, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x50, 0x61,
-	0x74, 0x68, 0x2a, 0x35, 0x0a, 0x07, 0x4c, 0x6f, 0x67, 0x54, 0x79, 0x70, 0x65, 0x12, 0x08, 0x0a,
+	0x74, 0x68, 0x12, 0x24, 0x0a, 0x0e, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x64, 0x6e, 0x73,
-	0x04, 0x4e, 0x6f, 0x6e, 0x65, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, 0x43, 0x6f, 0x6e, 0x73, 0x6f,
+	0x5f, 0x6c, 0x6f, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x65, 0x6e, 0x61, 0x62,
-	0x6c, 0x65, 0x10, 0x01, 0x12, 0x08, 0x0a, 0x04, 0x46, 0x69, 0x6c, 0x65, 0x10, 0x02, 0x12, 0x09,
+	0x6c, 0x65, 0x44, 0x6e, 0x73, 0x4c, 0x6f, 0x67, 0x2a, 0x35, 0x0a, 0x07, 0x4c, 0x6f, 0x67, 0x54,
-	0x0a, 0x05, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x10, 0x03, 0x42, 0x46, 0x0a, 0x10, 0x63, 0x6f, 0x6d,
+	0x79, 0x70, 0x65, 0x12, 0x08, 0x0a, 0x04, 0x4e, 0x6f, 0x6e, 0x65, 0x10, 0x00, 0x12, 0x0b, 0x0a,
-	0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x6c, 0x6f, 0x67, 0x50, 0x01, 0x5a,
+	0x07, 0x43, 0x6f, 0x6e, 0x73, 0x6f, 0x6c, 0x65, 0x10, 0x01, 0x12, 0x08, 0x0a, 0x04, 0x46, 0x69,
-	0x21, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73,
+	0x6c, 0x65, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x10, 0x03, 0x42,
-	0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x70, 0x2f, 0x6c,
+	0x46, 0x0a, 0x10, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e,
-	0x6f, 0x67, 0xaa, 0x02, 0x0c, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x41, 0x70, 0x70, 0x2e, 0x4c, 0x6f,
+	0x6c, 0x6f, 0x67, 0x50, 0x01, 0x5a, 0x21, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f,
-	0x67, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65,
 	0x2f, 0x61, 0x70, 0x70, 0x2f, 0x6c, 0x6f, 0x67, 0xaa, 0x02, 0x0c, 0x58, 0x72, 0x61, 0x79, 0x2e,
 	0x41, 0x70, 0x70, 0x2e, 0x4c, 0x6f, 0x67, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 var (
--- a/app/log/config.proto
+++ b/app/log/config.proto
@@ -22,4 +22,5 @@ message Config {
  LogType access_log_type = 4;
  string access_log_path = 5;
  bool enable_dns_log = 6;
 }
--- a/app/log/log.go
+++ b/app/log/log.go
@@ -17,6 +17,7 @@ type Instance struct {
 	accessLogger log.Handler
 	errorLogger  log.Handler
 	active       bool
 	dns          bool
 }
 // New creates a new log.Instance based on the given config.
@@ -24,6 +25,7 @@ func New(ctx context.Context, config *Config) (*Instance, error) {
 	g := &Instance{
 		config: config,
 		active: false,
 		dns:    config.EnableDnsLog,
 	}
 	log.RegisterHandler(g)
@@ -103,6 +105,10 @@ func (g *Instance) Handle(msg log.Message) {
 		if g.accessLogger != nil {
 			g.accessLogger.Handle(msg)
 		}
 	case *log.DNSLog:
 		if g.dns && g.accessLogger != nil {
 			g.accessLogger.Handle(msg)
 		}
 	case *log.GeneralMessage:
 		if g.errorLogger != nil && msg.Severity <= g.config.ErrorLogLevel {
 			g.errorLogger.Handle(msg)
--- a/app/proxyman/config.go
+++ b/app/proxyman/config.go
@@ -1,5 +1,12 @@
 package proxyman
 import (
 	"github.com/xtls/xray-core/common/matcher/domain"
 	"github.com/xtls/xray-core/common/matcher/geoip"
 )
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
 func (s *AllocationStrategy) GetConcurrencyValue() uint32 {
 	if s == nil || s.Concurrency == nil {
 		return 3
@@ -37,3 +44,32 @@ func (c *ReceiverConfig) GetEffectiveSniffingSettings() *SniffingConfig {
 	return nil
 }
 type SniffingMatcher struct {
 	ExDomain *domain.DomainMatcher
 	ExIP     *geoip.MultiGeoIPMatcher
 }
 func NewSniffingMatcher(sc *SniffingConfig) (*SniffingMatcher, error) {
 	m := new(SniffingMatcher)
 	if sc == nil {
 		return m, nil
 	}
 	if sc.DomainsExcluded != nil {
 		exDomain, err := domain.NewDomainMatcher(sc.DomainsExcluded)
 		if err != nil {
 			return nil, newError("failed to parse domain").Base(err)
 		}
 		m.ExDomain = exDomain
 	}
 	if sc.IpsExcluded != nil {
 		exIP, err := geoip.NewMultiGeoIPMatcher(sc.IpsExcluded, true)
 		if err != nil {
 			return nil, newError("failed to parse ip").Base(err)
 		}
 		m.ExIP = exIP
 	}
 	return m, nil
 }
--- a/app/proxyman/config.pb.go
+++ b/app/proxyman/config.pb.go
@@ -1,13 +1,15 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
-// 	protoc        v3.14.0
+// 	protoc        v3.15.6
 // source: app/proxyman/config.proto
 package proxyman
 import (
 	proto "github.com/golang/protobuf/proto"
 	domain "github.com/xtls/xray-core/common/matcher/domain"
 	geoip "github.com/xtls/xray-core/common/matcher/geoip"
 	net "github.com/xtls/xray-core/common/net"
 	serial "github.com/xtls/xray-core/common/serial"
 	internet "github.com/xtls/xray-core/transport/internet"
@@ -239,9 +241,13 @@ type SniffingConfig struct {
 	// Whether or not to enable content sniffing on an inbound connection.
 	Enabled bool `protobuf:"varint,1,opt,name=enabled,proto3" json:"enabled,omitempty"`
 	// Override target destination if sniff'ed protocol is in the given list.
-	// Supported values are "http", "tls".
+	// Supported values are "http", "tls", "fakedns".
 	DestinationOverride []string         `protobuf:"bytes,2,rep,name=destination_override,json=destinationOverride,proto3" json:"destination_override,omitempty"`
-	DomainsExcluded     []string `protobuf:"bytes,3,rep,name=domains_excluded,json=domainsExcluded,proto3" json:"domains_excluded,omitempty"`
+	DomainsExcluded     []*domain.Domain `protobuf:"bytes,3,rep,name=domains_excluded,json=domainsExcluded,proto3" json:"domains_excluded,omitempty"`
 	IpsExcluded         []*geoip.GeoIP   `protobuf:"bytes,5,rep,name=ips_excluded,json=ipsExcluded,proto3" json:"ips_excluded,omitempty"`
 	// Whether should only try to sniff metadata without waiting for client input.
 	// Can be used to support SMTP like protocol where server send the first message.
 	MetadataOnly bool `protobuf:"varint,4,opt,name=metadata_only,json=metadataOnly,proto3" json:"metadata_only,omitempty"`
 }
 func (x *SniffingConfig) Reset() {
@@ -290,13 +296,27 @@ func (x *SniffingConfig) GetDestinationOverride() []string {
 	return nil
 }
-func (x *SniffingConfig) GetDomainsExcluded() []string {
+func (x *SniffingConfig) GetDomainsExcluded() []*domain.Domain {
 	if x != nil {
 		return x.DomainsExcluded
 	}
 	return nil
 }
 func (x *SniffingConfig) GetIpsExcluded() []*geoip.GeoIP {
 	if x != nil {
 		return x.IpsExcluded
 	}
 	return nil
 }
 func (x *SniffingConfig) GetMetadataOnly() bool {
 	if x != nil {
 		return x.MetadataOnly
 	}
 	return false
 }
 type ReceiverConfig struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
@@ -728,131 +748,144 @@ var File_app_proxyman_config_proto protoreflect.FileDescriptor
 var file_app_proxyman_config_proto_rawDesc = []byte{
 	0x0a, 0x19, 0x61, 0x70, 0x70, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x2f, 0x63,
 	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x11, 0x78, 0x72, 0x61,
-	0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x1a, 0x18,
+	0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x1a, 0x22,
-	0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6e, 0x65, 0x74, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65,
+	0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x64,
-	0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x15, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e,
+	0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x2f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x2e, 0x70, 0x72, 0x6f,
-	0x2f, 0x6e, 0x65, 0x74, 0x2f, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x74, 0x6f, 0x1a, 0x20, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68,
-	0x1f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72,
+	0x65, 0x72, 0x2f, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x2f, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x2e, 0x70,
-	0x6e, 0x65, 0x74, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x18, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6e, 0x65, 0x74,
-	0x1a, 0x21, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x2f,
+	0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x15,
-	0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x2e, 0x70, 0x72,
+	0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6e, 0x65, 0x74, 0x2f, 0x70, 0x6f, 0x72, 0x74, 0x2e,
-	0x6f, 0x74, 0x6f, 0x22, 0x0f, 0x0a, 0x0d, 0x49, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x43, 0x6f,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74,
-	0x6e, 0x66, 0x69, 0x67, 0x22, 0xae, 0x03, 0x0a, 0x12, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74,
+	0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
-	0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x3e, 0x0a, 0x04, 0x74,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x73,
-	0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2a, 0x2e, 0x78, 0x72, 0x61, 0x79,
+	0x65, 0x72, 0x69, 0x61, 0x6c, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x6d, 0x65, 0x73, 0x73,
 	0x61, 0x67, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x0f, 0x0a, 0x0d, 0x49, 0x6e, 0x62,
 	0x6f, 0x75, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0xae, 0x03, 0x0a, 0x12, 0x41,
 	0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67,
 	0x79, 0x12, 0x3e, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32,
 	0x2a, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79,
 	0x6d, 0x61, 0x6e, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74,
 	0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70,
 	0x65, 0x12, 0x65, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79,
 	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x43, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70,
 	0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x63,
 	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x2e, 0x41, 0x6c,
 	0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79,
 	0x43, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x52, 0x0b, 0x63, 0x6f, 0x6e,
 	0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x12, 0x59, 0x0a, 0x07, 0x72, 0x65, 0x66, 0x72,
 	0x65, 0x73, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3f, 0x2e, 0x78, 0x72, 0x61, 0x79,
 	0x2e, 0x61, 0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x2e, 0x41, 0x6c,
 	0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79,
-	0x2e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x65, 0x0a, 0x0b, 0x63,
+	0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74,
-	0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x65, 0x67, 0x79, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x52, 0x07, 0x72, 0x65, 0x66, 0x72,
-	0x32, 0x43, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78,
+	0x65, 0x73, 0x68, 0x1a, 0x35, 0x0a, 0x1d, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f,
-	0x79, 0x6d, 0x61, 0x6e, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53,
+	0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72,
-	0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69,
+	0x65, 0x6e, 0x63, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20,
-	0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x63, 0x75, 0x72,
+	0x01, 0x28, 0x0d, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x1a, 0x31, 0x0a, 0x19, 0x41, 0x6c,
-	0x72, 0x65, 0x6e, 0x63, 0x79, 0x52, 0x0b, 0x63, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e,
+	0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79,
-	0x63, 0x79, 0x12, 0x59, 0x0a, 0x07, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x18, 0x03, 0x20,
+	0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
-	0x01, 0x28, 0x0b, 0x32, 0x3f, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x70,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x2c, 0x0a,
-	0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69,
+	0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0a, 0x0a, 0x06, 0x41, 0x6c, 0x77, 0x61, 0x79, 0x73, 0x10,
-	0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x63,
+	0x00, 0x12, 0x0a, 0x0a, 0x06, 0x52, 0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x10, 0x01, 0x12, 0x0c, 0x0a,
-	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x52, 0x65, 0x66,
+	0x08, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x10, 0x02, 0x22, 0x96, 0x02, 0x0a, 0x0e,
-	0x72, 0x65, 0x73, 0x68, 0x52, 0x07, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x1a, 0x35, 0x0a,
+	0x53, 0x6e, 0x69, 0x66, 0x66, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x18,
-	0x1d, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74,
+	0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52,
-	0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x12, 0x14,
+	0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x31, 0x0a, 0x14, 0x64, 0x65, 0x73, 0x74,
-	0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x76,
+	0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65,
-	0x61, 0x6c, 0x75, 0x65, 0x1a, 0x31, 0x0a, 0x19, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69,
+	0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x13, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74,
-	0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73,
+	0x69, 0x6f, 0x6e, 0x4f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x12, 0x4d, 0x0a, 0x10, 0x64,
-	0x68, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d,
+	0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x5f, 0x65, 0x78, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x64, 0x18,
-	0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x2c, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x12,
+	0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d,
-	0x0a, 0x0a, 0x06, 0x41, 0x6c, 0x77, 0x61, 0x79, 0x73, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x52,
+	0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x64, 0x6f, 0x6d, 0x61,
-	0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08, 0x45, 0x78, 0x74, 0x65, 0x72,
+	0x69, 0x6e, 0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x52, 0x0f, 0x64, 0x6f, 0x6d, 0x61, 0x69,
-	0x6e, 0x61, 0x6c, 0x10, 0x02, 0x22, 0x88, 0x01, 0x0a, 0x0e, 0x53, 0x6e, 0x69, 0x66, 0x66, 0x69,
+	0x6e, 0x73, 0x45, 0x78, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x64, 0x12, 0x43, 0x0a, 0x0c, 0x69, 0x70,
-	0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62,
+	0x73, 0x5f, 0x65, 0x78, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x64, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b,
-	0x6c, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c,
+	0x32, 0x20, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d,
-	0x65, 0x64, 0x12, 0x31, 0x0a, 0x14, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x2e, 0x47, 0x65, 0x6f,
-	0x6e, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09,
+	0x49, 0x50, 0x52, 0x0b, 0x69, 0x70, 0x73, 0x45, 0x78, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x64, 0x12,
-	0x52, 0x13, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x76, 0x65,
+	0x23, 0x0a, 0x0d, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x6f, 0x6e, 0x6c, 0x79,
-	0x72, 0x72, 0x69, 0x64, 0x65, 0x12, 0x29, 0x0a, 0x10, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
-	0x5f, 0x65, 0x78, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x64, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52,
+	0x4f, 0x6e, 0x6c, 0x79, 0x22, 0x90, 0x04, 0x0a, 0x0e, 0x52, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65,
-	0x0f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x45, 0x78, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x64,
+	0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x39, 0x0a, 0x0a, 0x70, 0x6f, 0x72, 0x74, 0x5f,
-	0x22, 0x90, 0x04, 0x0a, 0x0e, 0x52, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x72, 0x43, 0x6f, 0x6e,
+	0x72, 0x61, 0x6e, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x78, 0x72,
-	0x66, 0x69, 0x67, 0x12, 0x39, 0x0a, 0x0a, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x72, 0x61, 0x6e, 0x67,
+	0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x50, 0x6f,
-	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63,
+	0x72, 0x74, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x09, 0x70, 0x6f, 0x72, 0x74, 0x52, 0x61, 0x6e,
-	0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x50, 0x6f, 0x72, 0x74, 0x52, 0x61,
+	0x67, 0x65, 0x12, 0x33, 0x0a, 0x06, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01,
-	0x6e, 0x67, 0x65, 0x52, 0x09, 0x70, 0x6f, 0x72, 0x74, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x33,
+	0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e,
-	0x0a, 0x06, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b,
+	0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x49, 0x50, 0x4f, 0x72, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x52,
-	0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74,
+	0x06, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x12, 0x56, 0x0a, 0x13, 0x61, 0x6c, 0x6c, 0x6f, 0x63,
-	0x2e, 0x49, 0x50, 0x4f, 0x72, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x52, 0x06, 0x6c, 0x69, 0x73,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x18, 0x03,
-	0x74, 0x65, 0x6e, 0x12, 0x56, 0x0a, 0x13, 0x61, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e,
-	0x6e, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74,
-	0x32, 0x25, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78,
+	0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x52, 0x12, 0x61, 0x6c, 0x6c,
-	0x79, 0x6d, 0x61, 0x6e, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53,
+	0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12,
-	0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x52, 0x12, 0x61, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74,
+	0x4e, 0x0a, 0x0f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e,
-	0x69, 0x6f, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x4e, 0x0a, 0x0f, 0x73,
+	0x67, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e,
-	0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x04,
+	0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e,
-	0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e,
+	0x65, 0x74, 0x2e, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52,
-	0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x53,
+	0x0e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12,
-	0x74, 0x72, 0x65, 0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x73, 0x74, 0x72,
+	0x40, 0x0a, 0x1c, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69,
-	0x65, 0x61, 0x6d, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x40, 0x0a, 0x1c, 0x72,
+	0x6e, 0x61, 0x6c, 0x5f, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18,
-	0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f,
+	0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1a, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x4f, 0x72,
-	0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x44, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f,
-	0x08, 0x52, 0x1a, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e,
+	0x6e, 0x12, 0x4e, 0x0a, 0x0f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x5f, 0x6f, 0x76, 0x65, 0x72,
-	0x61, 0x6c, 0x44, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x4e, 0x0a,
+	0x72, 0x69, 0x64, 0x65, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x21, 0x2e, 0x78, 0x72, 0x61,
-	0x0f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65,
+	0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x2e, 0x4b,
-	0x18, 0x07, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x21, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70,
+	0x6e, 0x6f, 0x77, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x42, 0x02, 0x18,
-	0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x2e, 0x4b, 0x6e, 0x6f, 0x77, 0x6e,
+	0x01, 0x52, 0x0e, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x4f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64,
-	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0e, 0x64,
+	0x65, 0x12, 0x4e, 0x0a, 0x11, 0x73, 0x6e, 0x69, 0x66, 0x66, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x65,
-	0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x4f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x12, 0x4e, 0x0a,
+	0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x78,
-	0x11, 0x73, 0x6e, 0x69, 0x66, 0x66, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e,
+	0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e,
-	0x67, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e,
+	0x2e, 0x53, 0x6e, 0x69, 0x66, 0x66, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52,
-	0x61, 0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x2e, 0x53, 0x6e, 0x69,
+	0x10, 0x73, 0x6e, 0x69, 0x66, 0x66, 0x69, 0x6e, 0x67, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67,
-	0x66, 0x66, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x10, 0x73, 0x6e, 0x69,
+	0x73, 0x4a, 0x04, 0x08, 0x06, 0x10, 0x07, 0x22, 0xc0, 0x01, 0x0a, 0x14, 0x49, 0x6e, 0x62, 0x6f,
-	0x66, 0x66, 0x69, 0x6e, 0x67, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x4a, 0x04, 0x08,
+	0x75, 0x6e, 0x64, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
-	0x06, 0x10, 0x07, 0x22, 0xc0, 0x01, 0x0a, 0x14, 0x49, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x48,
+	0x12, 0x10, 0x0a, 0x03, 0x74, 0x61, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x74,
-	0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x10, 0x0a, 0x03,
+	0x61, 0x67, 0x12, 0x4d, 0x0a, 0x11, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x72, 0x5f, 0x73,
-	0x74, 0x61, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x74, 0x61, 0x67, 0x12, 0x4d,
+	0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e,
-	0x0a, 0x11, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x72, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69,
+	0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x73, 0x65, 0x72, 0x69,
-	0x6e, 0x67, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x78, 0x72, 0x61, 0x79,
+	0x61, 0x6c, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x52,
 	0x10, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x72, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67,
 	0x73, 0x12, 0x47, 0x0a, 0x0e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69,
 	0x6e, 0x67, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x78, 0x72, 0x61, 0x79,
 	0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x2e, 0x54,
-	0x79, 0x70, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x52, 0x10, 0x72, 0x65, 0x63,
+	0x79, 0x70, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x52, 0x0d, 0x70, 0x72, 0x6f,
-	0x65, 0x69, 0x76, 0x65, 0x72, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x47, 0x0a,
+	0x78, 0x79, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x22, 0x10, 0x0a, 0x0e, 0x4f, 0x75,
-	0x0e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18,
+	0x74, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0xb0, 0x02, 0x0a,
-	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d,
+	0x0c, 0x53, 0x65, 0x6e, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2d, 0x0a,
-	0x6d, 0x6f, 0x6e, 0x2e, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64,
+	0x03, 0x76, 0x69, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x78, 0x72, 0x61,
-	0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x52, 0x0d, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x53, 0x65,
+	0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x49, 0x50, 0x4f,
-	0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x22, 0x10, 0x0a, 0x0e, 0x4f, 0x75, 0x74, 0x62, 0x6f, 0x75,
+	0x72, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x52, 0x03, 0x76, 0x69, 0x61, 0x12, 0x4e, 0x0a, 0x0f,
-	0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0xb0, 0x02, 0x0a, 0x0c, 0x53, 0x65, 0x6e,
+	0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18,
-	0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2d, 0x0a, 0x03, 0x76, 0x69, 0x61,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e,
-	0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x49, 0x50, 0x4f, 0x72, 0x44, 0x6f, 0x6d,
+	0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x73, 0x74,
-	0x61, 0x69, 0x6e, 0x52, 0x03, 0x76, 0x69, 0x61, 0x12, 0x4e, 0x0a, 0x0f, 0x73, 0x74, 0x72, 0x65,
+	0x72, 0x65, 0x61, 0x6d, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x4b, 0x0a, 0x0e,
-	0x61, 0x6d, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x03,
-	0x0b, 0x32, 0x25, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e,
-	0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x53, 0x74, 0x72, 0x65,
+	0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x50,
-	0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x72, 0x6f, 0x78, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0d, 0x70, 0x72, 0x6f, 0x78,
-	0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x4b, 0x0a, 0x0e, 0x70, 0x72, 0x6f, 0x78,
+	0x79, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x54, 0x0a, 0x12, 0x6d, 0x75, 0x6c,
-	0x79, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x74, 0x69, 0x70, 0x6c, 0x65, 0x78, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18,
-	0x32, 0x24, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72,
+	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70,
-	0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79,
+	0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x2e, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x70,
-	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0d, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x53, 0x65, 0x74,
+	0x6c, 0x65, 0x78, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x11, 0x6d, 0x75,
-	0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x54, 0x0a, 0x12, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c,
+	0x6c, 0x74, 0x69, 0x70, 0x6c, 0x65, 0x78, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x22,
-	0x65, 0x78, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x50, 0x0a, 0x12, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x65, 0x78, 0x69, 0x6e, 0x67, 0x43,
-	0x0b, 0x32, 0x25, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64,
-	0x78, 0x79, 0x6d, 0x61, 0x6e, 0x2e, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x65, 0x78, 0x69,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12,
-	0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x11, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x70,
+	0x20, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x18, 0x02,
-	0x6c, 0x65, 0x78, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x22, 0x50, 0x0a, 0x12, 0x4d,
+	0x20, 0x01, 0x28, 0x0d, 0x52, 0x0b, 0x63, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63,
-	0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x65, 0x78, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x79, 0x2a, 0x23, 0x0a, 0x0e, 0x4b, 0x6e, 0x6f, 0x77, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63,
-	0x67, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01,
+	0x6f, 0x6c, 0x73, 0x12, 0x08, 0x0a, 0x04, 0x48, 0x54, 0x54, 0x50, 0x10, 0x00, 0x12, 0x07, 0x0a,
-	0x28, 0x08, 0x52, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x20, 0x0a, 0x0b, 0x63,
+	0x03, 0x54, 0x4c, 0x53, 0x10, 0x01, 0x42, 0x55, 0x0a, 0x15, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72,
-	0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d,
+	0x61, 0x79, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x50,
-	0x52, 0x0b, 0x63, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x2a, 0x23, 0x0a,
+	0x01, 0x5a, 0x26, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74,
-	0x0e, 0x4b, 0x6e, 0x6f, 0x77, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x12,
+	0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x70,
-	0x08, 0x0a, 0x04, 0x48, 0x54, 0x54, 0x50, 0x10, 0x00, 0x12, 0x07, 0x0a, 0x03, 0x54, 0x4c, 0x53,
+	0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0xaa, 0x02, 0x11, 0x58, 0x72, 0x61, 0x79,
-	0x10, 0x01, 0x42, 0x55, 0x0a, 0x15, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x61,
+	0x2e, 0x41, 0x70, 0x70, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x62, 0x06, 0x70,
-	0x70, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x50, 0x01, 0x5a, 0x26, 0x67,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
 	0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78,
 	0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x70, 0x2f, 0x70, 0x72, 0x6f,
 	0x78, 0x79, 0x6d, 0x61, 0x6e, 0xaa, 0x02, 0x11, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x41, 0x70, 0x70,
 	0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x6d, 0x61, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
 	0x33,
 }
 var (
@@ -882,33 +915,37 @@ var file_app_proxyman_config_proto_goTypes = []interface{}{
 	(*MultiplexingConfig)(nil),                               // 9: xray.app.proxyman.MultiplexingConfig
 	(*AllocationStrategy_AllocationStrategyConcurrency)(nil), // 10: xray.app.proxyman.AllocationStrategy.AllocationStrategyConcurrency
 	(*AllocationStrategy_AllocationStrategyRefresh)(nil),     // 11: xray.app.proxyman.AllocationStrategy.AllocationStrategyRefresh
-	(*net.PortRange)(nil),                                    // 12: xray.common.net.PortRange
+	(*domain.Domain)(nil),                                    // 12: xray.common.matcher.domain.Domain
-	(*net.IPOrDomain)(nil),                                   // 13: xray.common.net.IPOrDomain
+	(*geoip.GeoIP)(nil),                                      // 13: xray.common.matcher.geoip.GeoIP
-	(*internet.StreamConfig)(nil),                            // 14: xray.transport.internet.StreamConfig
+	(*net.PortRange)(nil),                                    // 14: xray.common.net.PortRange
-	(*serial.TypedMessage)(nil),                              // 15: xray.common.serial.TypedMessage
+	(*net.IPOrDomain)(nil),                                   // 15: xray.common.net.IPOrDomain
-	(*internet.ProxyConfig)(nil),                             // 16: xray.transport.internet.ProxyConfig
+	(*internet.StreamConfig)(nil),                            // 16: xray.transport.internet.StreamConfig
 	(*serial.TypedMessage)(nil),                              // 17: xray.common.serial.TypedMessage
 	(*internet.ProxyConfig)(nil),                             // 18: xray.transport.internet.ProxyConfig
 }
 var file_app_proxyman_config_proto_depIdxs = []int32{
 	1,  // 0: xray.app.proxyman.AllocationStrategy.type:type_name -> xray.app.proxyman.AllocationStrategy.Type
 	10, // 1: xray.app.proxyman.AllocationStrategy.concurrency:type_name -> xray.app.proxyman.AllocationStrategy.AllocationStrategyConcurrency
 	11, // 2: xray.app.proxyman.AllocationStrategy.refresh:type_name -> xray.app.proxyman.AllocationStrategy.AllocationStrategyRefresh
-	12, // 3: xray.app.proxyman.ReceiverConfig.port_range:type_name -> xray.common.net.PortRange
+	12, // 3: xray.app.proxyman.SniffingConfig.domains_excluded:type_name -> xray.common.matcher.domain.Domain
-	13, // 4: xray.app.proxyman.ReceiverConfig.listen:type_name -> xray.common.net.IPOrDomain
+	13, // 4: xray.app.proxyman.SniffingConfig.ips_excluded:type_name -> xray.common.matcher.geoip.GeoIP
-	3,  // 5: xray.app.proxyman.ReceiverConfig.allocation_strategy:type_name -> xray.app.proxyman.AllocationStrategy
+	14, // 5: xray.app.proxyman.ReceiverConfig.port_range:type_name -> xray.common.net.PortRange
-	14, // 6: xray.app.proxyman.ReceiverConfig.stream_settings:type_name -> xray.transport.internet.StreamConfig
+	15, // 6: xray.app.proxyman.ReceiverConfig.listen:type_name -> xray.common.net.IPOrDomain
-	0,  // 7: xray.app.proxyman.ReceiverConfig.domain_override:type_name -> xray.app.proxyman.KnownProtocols
+	3,  // 7: xray.app.proxyman.ReceiverConfig.allocation_strategy:type_name -> xray.app.proxyman.AllocationStrategy
-	4,  // 8: xray.app.proxyman.ReceiverConfig.sniffing_settings:type_name -> xray.app.proxyman.SniffingConfig
+	16, // 8: xray.app.proxyman.ReceiverConfig.stream_settings:type_name -> xray.transport.internet.StreamConfig
-	15, // 9: xray.app.proxyman.InboundHandlerConfig.receiver_settings:type_name -> xray.common.serial.TypedMessage
+	0,  // 9: xray.app.proxyman.ReceiverConfig.domain_override:type_name -> xray.app.proxyman.KnownProtocols
-	15, // 10: xray.app.proxyman.InboundHandlerConfig.proxy_settings:type_name -> xray.common.serial.TypedMessage
+	4,  // 10: xray.app.proxyman.ReceiverConfig.sniffing_settings:type_name -> xray.app.proxyman.SniffingConfig
-	13, // 11: xray.app.proxyman.SenderConfig.via:type_name -> xray.common.net.IPOrDomain
+	17, // 11: xray.app.proxyman.InboundHandlerConfig.receiver_settings:type_name -> xray.common.serial.TypedMessage
-	14, // 12: xray.app.proxyman.SenderConfig.stream_settings:type_name -> xray.transport.internet.StreamConfig
+	17, // 12: xray.app.proxyman.InboundHandlerConfig.proxy_settings:type_name -> xray.common.serial.TypedMessage
-	16, // 13: xray.app.proxyman.SenderConfig.proxy_settings:type_name -> xray.transport.internet.ProxyConfig
+	15, // 13: xray.app.proxyman.SenderConfig.via:type_name -> xray.common.net.IPOrDomain
-	9,  // 14: xray.app.proxyman.SenderConfig.multiplex_settings:type_name -> xray.app.proxyman.MultiplexingConfig
+	16, // 14: xray.app.proxyman.SenderConfig.stream_settings:type_name -> xray.transport.internet.StreamConfig
-	15, // [15:15] is the sub-list for method output_type
+	18, // 15: xray.app.proxyman.SenderConfig.proxy_settings:type_name -> xray.transport.internet.ProxyConfig
-	15, // [15:15] is the sub-list for method input_type
+	9,  // 16: xray.app.proxyman.SenderConfig.multiplex_settings:type_name -> xray.app.proxyman.MultiplexingConfig
-	15, // [15:15] is the sub-list for extension type_name
+	17, // [17:17] is the sub-list for method output_type
-	15, // [15:15] is the sub-list for extension extendee
+	17, // [17:17] is the sub-list for method input_type
-	0,  // [0:15] is the sub-list for field type_name
+	17, // [17:17] is the sub-list for extension type_name
 	17, // [17:17] is the sub-list for extension extendee
 	0,  // [0:17] is the sub-list for field type_name
 }
 func init() { file_app_proxyman_config_proto_init() }
--- a/app/proxyman/config.proto
+++ b/app/proxyman/config.proto
@@ -6,6 +6,8 @@ option go_package = "github.com/xtls/xray-core/app/proxyman";
 option java_package = "com.xray.app.proxyman";
 option java_multiple_files = true;
 import "common/matcher/domain/domain.proto";
 import "common/matcher/geoip/geoip.proto";
 import "common/net/address.proto";
 import "common/net/port.proto";
 import "transport/internet/config.proto";
@@ -54,9 +56,15 @@ message SniffingConfig {
  bool enabled = 1;
  // Override target destination if sniff'ed protocol is in the given list.
-  // Supported values are "http", "tls".
+  // Supported values are "http", "tls", "fakedns".
  repeated string destination_override = 2;
-  repeated string domains_excluded = 3;
+
  repeated xray.common.matcher.domain.Domain domains_excluded = 3;
  repeated xray.common.matcher.geoip.GeoIP ips_excluded = 5;
  // Whether should only try to sniff metadata without waiting for client input.
  // Can be used to support SMTP like protocol where server send the first message.
  bool metadata_only = 4;
 }
 message ReceiverConfig {
--- a/app/proxyman/errors.generated.go
+++ b/app/proxyman/errors.generated.go
@@ -0,0 +1,9 @@
 package proxyman
 import "github.com/xtls/xray-core/common/errors"
 type errPathObjHolder struct{}
 func newError(values ...interface{}) *errors.Error {
 	return errors.New(values...).WithPathObj(errPathObjHolder{})
 }
--- a/app/proxyman/inbound/always.go
+++ b/app/proxyman/inbound/always.go
@@ -91,13 +91,20 @@ func NewAlwaysOnInboundHandler(ctx context.Context, tag string, receiverConfig *
 		if net.HasNetwork(nl, net.Network_UNIX) {
 			newError("creating unix domain socket worker on ", address).AtDebug().WriteToLog()
 			sc := receiverConfig.GetEffectiveSniffingSettings()
 			sm, err := proxyman.NewSniffingMatcher(sc)
 			if err != nil {
 				return nil, err
 			}
 			worker := &dsWorker{
 				address:         address,
 				proxy:           p,
 				stream:          mss,
 				tag:             tag,
 				dispatcher:      h.mux,
-				sniffingConfig:  receiverConfig.GetEffectiveSniffingSettings(),
+				sniffingConfig:  sc,
 				sniffingMatcher: sm,
 				uplinkCounter:   uplinkCounter,
 				downlinkCounter: downlinkCounter,
 				ctx:             ctx,
@@ -110,6 +117,12 @@ func NewAlwaysOnInboundHandler(ctx context.Context, tag string, receiverConfig *
 			if net.HasNetwork(nl, net.Network_TCP) {
 				newError("creating stream worker on ", address, ":", port).AtDebug().WriteToLog()
 				sc := receiverConfig.GetEffectiveSniffingSettings()
 				sm, err := proxyman.NewSniffingMatcher(sc)
 				if err != nil {
 					return nil, err
 				}
 				worker := &tcpWorker{
 					address:         address,
 					port:            net.Port(port),
@@ -118,7 +131,8 @@ func NewAlwaysOnInboundHandler(ctx context.Context, tag string, receiverConfig *
 					recvOrigDest:    receiverConfig.ReceiveOriginalDestination,
 					tag:             tag,
 					dispatcher:      h.mux,
-					sniffingConfig:  receiverConfig.GetEffectiveSniffingSettings(),
+					sniffingConfig:  sc,
 					sniffingMatcher: sm,
 					uplinkCounter:   uplinkCounter,
 					downlinkCounter: downlinkCounter,
 					ctx:             ctx,
@@ -133,6 +147,7 @@ func NewAlwaysOnInboundHandler(ctx context.Context, tag string, receiverConfig *
 					address:         address,
 					port:            net.Port(port),
 					dispatcher:      h.mux,
 					sniffingConfig:  receiverConfig.GetEffectiveSniffingSettings(),
 					uplinkCounter:   uplinkCounter,
 					downlinkCounter: downlinkCounter,
 					stream:          mss,
--- a/app/proxyman/inbound/dynamic.go
+++ b/app/proxyman/inbound/dynamic.go
@@ -153,6 +153,7 @@ func (h *DynamicInboundHandler) refresh() error {
 				address:         address,
 				port:            port,
 				dispatcher:      h.mux,
 				sniffingConfig:  h.receiverConfig.GetEffectiveSniffingSettings(),
 				uplinkCounter:   uplinkCounter,
 				downlinkCounter: downlinkCounter,
 				stream:          h.streamSettings,
--- a/app/proxyman/inbound/worker.go
+++ b/app/proxyman/inbound/worker.go
@@ -39,6 +39,7 @@ type tcpWorker struct {
 	tag             string
 	dispatcher      routing.Dispatcher
 	sniffingConfig  *proxyman.SniffingConfig
 	sniffingMatcher *proxyman.SniffingMatcher
 	uplinkCounter   stats.Counter
 	downlinkCounter stats.Counter
@@ -97,7 +98,9 @@ func (w *tcpWorker) callback(conn internet.Connection) {
 	if w.sniffingConfig != nil {
 		content.SniffingRequest.Enabled = w.sniffingConfig.Enabled
 		content.SniffingRequest.OverrideDestinationForProtocol = w.sniffingConfig.DestinationOverride
-		content.SniffingRequest.ExcludeForDomain = w.sniffingConfig.DomainsExcluded
+		content.SniffingRequest.ExcludedDomainMatcher = w.sniffingMatcher.ExDomain
 		content.SniffingRequest.ExcludedIPMatcher = w.sniffingMatcher.ExIP
 		content.SniffingRequest.MetadataOnly = w.sniffingConfig.MetadataOnly
 	}
 	ctx = session.ContextWithContent(ctx, content)
@@ -235,6 +238,7 @@ type udpWorker struct {
 	tag             string
 	stream          *internet.MemoryStreamConfig
 	dispatcher      routing.Dispatcher
 	sniffingConfig  *proxyman.SniffingConfig
 	uplinkCounter   stats.Counter
 	downlinkCounter stats.Counter
@@ -297,7 +301,7 @@ func (w *udpWorker) callback(b *buf.Buffer, source net.Destination, originalDest
 		common.Must(w.checker.Start())
 		go func() {
-			ctx := context.Background()
+			ctx := w.ctx
 			sid := session.NewID()
 			ctx = session.ContextWithID(ctx, sid)
@@ -311,6 +315,13 @@ func (w *udpWorker) callback(b *buf.Buffer, source net.Destination, originalDest
 				Gateway: net.UDPDestination(w.address, w.port),
 				Tag:     w.tag,
 			})
 			content := new(session.Content)
 			if w.sniffingConfig != nil {
 				content.SniffingRequest.Enabled = w.sniffingConfig.Enabled
 				content.SniffingRequest.OverrideDestinationForProtocol = w.sniffingConfig.DestinationOverride
 				content.SniffingRequest.MetadataOnly = w.sniffingConfig.MetadataOnly
 			}
 			ctx = session.ContextWithContent(ctx, content)
 			if err := w.proxy.Process(ctx, net.Network_UDP, conn, w.dispatcher); err != nil {
 				newError("connection ends").Base(err).WriteToLog(session.ExportIDToError(ctx))
 			}
@@ -419,6 +430,7 @@ type dsWorker struct {
 	tag             string
 	dispatcher      routing.Dispatcher
 	sniffingConfig  *proxyman.SniffingConfig
 	sniffingMatcher *proxyman.SniffingMatcher
 	uplinkCounter   stats.Counter
 	downlinkCounter stats.Counter
@@ -450,7 +462,9 @@ func (w *dsWorker) callback(conn internet.Connection) {
 	if w.sniffingConfig != nil {
 		content.SniffingRequest.Enabled = w.sniffingConfig.Enabled
 		content.SniffingRequest.OverrideDestinationForProtocol = w.sniffingConfig.DestinationOverride
-		content.SniffingRequest.ExcludeForDomain = w.sniffingConfig.DomainsExcluded
+		content.SniffingRequest.ExcludedDomainMatcher = w.sniffingMatcher.ExDomain
 		content.SniffingRequest.ExcludedIPMatcher = w.sniffingMatcher.ExIP
 		content.SniffingRequest.MetadataOnly = w.sniffingConfig.MetadataOnly
 	}
 	ctx = session.ContextWithContent(ctx, content)
--- a/app/router/command/command_test.go
+++ b/app/router/command/command_test.go
@@ -12,6 +12,8 @@ import (
 	. "github.com/xtls/xray-core/app/router/command"
 	"github.com/xtls/xray-core/app/stats"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/matcher/domain"
 	"github.com/xtls/xray-core/common/matcher/geoip"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/features/routing"
 	"github.com/xtls/xray-core/testing/mocks"
@@ -231,11 +233,11 @@ func TestSerivceTestRoute(t *testing.T) {
 				TargetTag:      &router.RoutingRule_Tag{Tag: "out"},
 			},
 			{
-				Domain:    []*router.Domain{{Type: router.Domain_Domain, Value: "com"}},
+				Domain:    []*domain.Domain{{Type: domain.MatchingType_Subdomain, Value: "com"}},
 				TargetTag: &router.RoutingRule_Tag{Tag: "out"},
 			},
 			{
-				SourceGeoip: []*router.GeoIP{{CountryCode: "private", Cidr: []*router.CIDR{{Ip: []byte{127, 0, 0, 0}, Prefix: 8}}}},
+				SourceGeoip: []*geoip.GeoIP{{CountryCode: "private", Cidr: []*geoip.CIDR{{Ip: []byte{127, 0, 0, 0}, Prefix: 8}}}},
 				TargetTag:   &router.RoutingRule_Tag{Tag: "out"},
 			},
 			{
--- a/app/router/command/config.go
+++ b/app/router/command/config.go
@@ -28,6 +28,12 @@ func (c routingContext) GetTargetPort() net.Port {
 	return net.Port(c.RoutingContext.GetTargetPort())
 }
 // GetSkipDNSResolve is a mock implementation here to match the interface,
 // SkipDNSResolve is set from dns module, no use if coming from a protobuf object?
 func (c routingContext) GetSkipDNSResolve() bool {
 	return false
 }
 // AsRoutingContext converts a protobuf RoutingContext into an implementation of routing.Context.
 func AsRoutingContext(r *RoutingContext) routing.Context {
 	return routingContext{r}
--- a/app/router/condition.go
+++ b/app/router/condition.go
@@ -7,7 +7,6 @@ import (
 	"go.starlark.net/syntax"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/strmatcher"
 	"github.com/xtls/xray-core/features/routing"
 )
@@ -41,100 +40,6 @@ func (v *ConditionChan) Len() int {
 	return len(*v)
 }
 var matcherTypeMap = map[Domain_Type]strmatcher.Type{
 	Domain_Plain:  strmatcher.Substr,
 	Domain_Regex:  strmatcher.Regex,
 	Domain_Domain: strmatcher.Domain,
 	Domain_Full:   strmatcher.Full,
 }
 func domainToMatcher(domain *Domain) (strmatcher.Matcher, error) {
 	matcherType, f := matcherTypeMap[domain.Type]
 	if !f {
 		return nil, newError("unsupported domain type", domain.Type)
 	}
 	matcher, err := matcherType.New(domain.Value)
 	if err != nil {
 		return nil, newError("failed to create domain matcher").Base(err)
 	}
 	return matcher, nil
 }
 type DomainMatcher struct {
 	matchers strmatcher.IndexMatcher
 }
 func NewDomainMatcher(domains []*Domain) (*DomainMatcher, error) {
 	g := new(strmatcher.MatcherGroup)
 	for _, d := range domains {
 		m, err := domainToMatcher(d)
 		if err != nil {
 			return nil, err
 		}
 		g.Add(m)
 	}
 	return &DomainMatcher{
 		matchers: g,
 	}, nil
 }
 func (m *DomainMatcher) ApplyDomain(domain string) bool {
 	return len(m.matchers.Match(domain)) > 0
 }
 // Apply implements Condition.
 func (m *DomainMatcher) Apply(ctx routing.Context) bool {
 	domain := ctx.GetTargetDomain()
 	if len(domain) == 0 {
 		return false
 	}
 	return m.ApplyDomain(strings.ToLower(domain))
 }
 type MultiGeoIPMatcher struct {
 	matchers []*GeoIPMatcher
 	onSource bool
 }
 func NewMultiGeoIPMatcher(geoips []*GeoIP, onSource bool) (*MultiGeoIPMatcher, error) {
 	var matchers []*GeoIPMatcher
 	for _, geoip := range geoips {
 		matcher, err := globalGeoIPContainer.Add(geoip)
 		if err != nil {
 			return nil, err
 		}
 		matchers = append(matchers, matcher)
 	}
 	matcher := &MultiGeoIPMatcher{
 		matchers: matchers,
 		onSource: onSource,
 	}
 	return matcher, nil
 }
 // Apply implements Condition.
 func (m *MultiGeoIPMatcher) Apply(ctx routing.Context) bool {
 	var ips []net.IP
 	if m.onSource {
 		ips = ctx.GetSourceIPs()
 	} else {
 		ips = ctx.GetTargetIPs()
 	}
 	for _, ip := range ips {
 		for _, matcher := range m.matchers {
 			if matcher.Match(ip) {
 				return true
 			}
 		}
 	}
 	return false
 }
 type PortMatcher struct {
 	port     net.MemoryPortList
 	onSource bool
--- a/app/router/condition_test.go
+++ b/app/router/condition_test.go
@@ -11,6 +11,9 @@ import (
 	. "github.com/xtls/xray-core/app/router"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/matcher/domain"
 	"github.com/xtls/xray-core/common/matcher/geoip"
 	"github.com/xtls/xray-core/common/matcher/geosite"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/platform"
 	"github.com/xtls/xray-core/common/platform/filesystem"
@@ -26,10 +29,10 @@ func init() {
 	common.Must(err)
 	if _, err := os.Stat(platform.GetAssetLocation("geoip.dat")); err != nil && os.IsNotExist(err) {
-		common.Must(filesystem.CopyFile(platform.GetAssetLocation("geoip.dat"), filepath.Join(wd, "..", "..", "release", "config", "geoip.dat")))
+		common.Must(filesystem.CopyFile(platform.GetAssetLocation("geoip.dat"), filepath.Join(wd, "..", "..", "resources", "geoip.dat")))
 	}
 	if _, err := os.Stat(platform.GetAssetLocation("geosite.dat")); err != nil && os.IsNotExist(err) {
-		common.Must(filesystem.CopyFile(platform.GetAssetLocation("geosite.dat"), filepath.Join(wd, "..", "..", "release", "config", "geosite.dat")))
+		common.Must(filesystem.CopyFile(platform.GetAssetLocation("geosite.dat"), filepath.Join(wd, "..", "..", "resources", "geosite.dat")))
 	}
 }
@@ -61,18 +64,18 @@ func TestRoutingRule(t *testing.T) {
 	}{
 		{
 			rule: &RoutingRule{
-				Domain: []*Domain{
+				Domain: []*domain.Domain{
 					{
 						Value: "example.com",
-						Type:  Domain_Plain,
+						Type:  domain.MatchingType_Keyword,
 					},
 					{
 						Value: "google.com",
-						Type:  Domain_Domain,
+						Type:  domain.MatchingType_Subdomain,
 					},
 					{
 						Value: "^facebook\\.com$",
-						Type:  Domain_Regex,
+						Type:  domain.MatchingType_Regex,
 					},
 				},
 			},
@@ -109,7 +112,7 @@ func TestRoutingRule(t *testing.T) {
 		},
 		{
 			rule: &RoutingRule{
-				Cidr: []*CIDR{
+				Cidr: []*geoip.CIDR{
 					{
 						Ip:     []byte{8, 8, 8, 8},
 						Prefix: 32,
@@ -145,9 +148,9 @@ func TestRoutingRule(t *testing.T) {
 		},
 		{
 			rule: &RoutingRule{
-				Geoip: []*GeoIP{
+				Geoip: []*geoip.GeoIP{
 					{
-						Cidr: []*CIDR{
+						Cidr: []*geoip.CIDR{
 							{
 								Ip:     []byte{8, 8, 8, 8},
 								Prefix: 32,
@@ -185,7 +188,7 @@ func TestRoutingRule(t *testing.T) {
 		},
 		{
 			rule: &RoutingRule{
-				SourceCidr: []*CIDR{
+				SourceCidr: []*geoip.CIDR{
 					{
 						Ip:     []byte{192, 168, 0, 0},
 						Prefix: 16,
@@ -333,19 +336,19 @@ func TestRoutingRule(t *testing.T) {
 	}
 }
-func loadGeoSite(country string) ([]*Domain, error) {
+func loadGeoSite(country string) ([]*domain.Domain, error) {
 	geositeBytes, err := filesystem.ReadAsset("geosite.dat")
 	if err != nil {
 		return nil, err
 	}
-	var geositeList GeoSiteList
+	var geositeList geosite.GeoSiteList
 	if err := proto.Unmarshal(geositeBytes, &geositeList); err != nil {
 		return nil, err
 	}
 	for _, site := range geositeList.Entry {
 		if site.CountryCode == country {
-			return site.Domain, nil
+			return geosite.ToDomains(site.Domain), nil
 		}
 	}
@@ -356,7 +359,10 @@ func TestChinaSites(t *testing.T) {
 	domains, err := loadGeoSite("CN")
 	common.Must(err)
-	matcher, err := NewDomainMatcher(domains)
+	matcher, err := domain.NewDomainMatcher(domains)
 	common.Must(err)
 	acMatcher, err := domain.NewMphMatcherGroup(domains)
 	common.Must(err)
 	type TestCase struct {
@@ -387,20 +393,126 @@ func TestChinaSites(t *testing.T) {
 	}
 	for _, testCase := range testCases {
-		r := matcher.ApplyDomain(testCase.Domain)
+		r1 := matcher.ApplyDomain(testCase.Domain)
-		if r != testCase.Output {
+		r2 := acMatcher.ApplyDomain(testCase.Domain)
-			t.Error("expected output ", testCase.Output, " for domain ", testCase.Domain, " but got ", r)
+		if r1 != testCase.Output {
 			t.Error("DomainMatcher expected output ", testCase.Output, " for domain ", testCase.Domain, " but got ", r1)
 		} else if r2 != testCase.Output {
 			t.Error("ACDomainMatcher expected output ", testCase.Output, " for domain ", testCase.Domain, " but got ", r2)
 		}
 	}
 }
 func BenchmarkMphDomainMatcher(b *testing.B) {
 	domains, err := loadGeoSite("CN")
 	common.Must(err)
 	matcher, err := domain.NewMphMatcherGroup(domains)
 	common.Must(err)
 	type TestCase struct {
 		Domain string
 		Output bool
 	}
 	testCases := []TestCase{
 		{
 			Domain: "163.com",
 			Output: true,
 		},
 		{
 			Domain: "163.com",
 			Output: true,
 		},
 		{
 			Domain: "164.com",
 			Output: false,
 		},
 		{
 			Domain: "164.com",
 			Output: false,
 		},
 	}
 	for i := 0; i < 1024; i++ {
 		testCases = append(testCases, TestCase{Domain: strconv.Itoa(i) + ".not-exists.com", Output: false})
 	}
 	b.ResetTimer()
 	for i := 0; i < b.N; i++ {
 		for _, testCase := range testCases {
 			_ = matcher.ApplyDomain(testCase.Domain)
 		}
 	}
 }
 func BenchmarkDomainMatcher(b *testing.B) {
 	domains, err := loadGeoSite("CN")
 	common.Must(err)
 	matcher, err := domain.NewDomainMatcher(domains)
 	common.Must(err)
 	type TestCase struct {
 		Domain string
 		Output bool
 	}
 	testCases := []TestCase{
 		{
 			Domain: "163.com",
 			Output: true,
 		},
 		{
 			Domain: "163.com",
 			Output: true,
 		},
 		{
 			Domain: "164.com",
 			Output: false,
 		},
 		{
 			Domain: "164.com",
 			Output: false,
 		},
 	}
 	for i := 0; i < 1024; i++ {
 		testCases = append(testCases, TestCase{Domain: strconv.Itoa(i) + ".not-exists.com", Output: false})
 	}
 	b.ResetTimer()
 	for i := 0; i < b.N; i++ {
 		for _, testCase := range testCases {
 			_ = matcher.ApplyDomain(testCase.Domain)
 		}
 	}
 }
 func loadGeoIP(country string) ([]*geoip.CIDR, error) {
 	geoipBytes, err := filesystem.ReadAsset("dat")
 	if err != nil {
 		return nil, err
 	}
 	var geoipList geoip.GeoIPList
 	if err := proto.Unmarshal(geoipBytes, &geoipList); err != nil {
 		return nil, err
 	}
 	for _, geoip := range geoipList.Entry {
 		if geoip.CountryCode == country {
 			return geoip.Cidr, nil
 		}
 	}
 	panic("country not found: " + country)
 }
 func BenchmarkMultiGeoIPMatcher(b *testing.B) {
-	var geoips []*GeoIP
+	var geoips []*geoip.GeoIP
 	{
 		ips, err := loadGeoIP("CN")
 		common.Must(err)
-		geoips = append(geoips, &GeoIP{
+		geoips = append(geoips, &geoip.GeoIP{
 			CountryCode: "CN",
 			Cidr:        ips,
 		})
@@ -409,7 +521,7 @@ func BenchmarkMultiGeoIPMatcher(b *testing.B) {
 	{
 		ips, err := loadGeoIP("JP")
 		common.Must(err)
-		geoips = append(geoips, &GeoIP{
+		geoips = append(geoips, &geoip.GeoIP{
 			CountryCode: "JP",
 			Cidr:        ips,
 		})
@@ -418,7 +530,7 @@ func BenchmarkMultiGeoIPMatcher(b *testing.B) {
 	{
 		ips, err := loadGeoIP("CA")
 		common.Must(err)
-		geoips = append(geoips, &GeoIP{
+		geoips = append(geoips, &geoip.GeoIP{
 			CountryCode: "CA",
 			Cidr:        ips,
 		})
@@ -427,13 +539,13 @@ func BenchmarkMultiGeoIPMatcher(b *testing.B) {
 	{
 		ips, err := loadGeoIP("US")
 		common.Must(err)
-		geoips = append(geoips, &GeoIP{
+		geoips = append(geoips, &geoip.GeoIP{
 			CountryCode: "US",
 			Cidr:        ips,
 		})
 	}
-	matcher, err := NewMultiGeoIPMatcher(geoips, false)
+	matcher, err := geoip.NewMultiGeoIPMatcher(geoips, false)
 	common.Must(err)
 	ctx := withOutbound(&session.Outbound{Target: net.TCPDestination(net.ParseAddress("8.8.8.8"), 80)})
--- a/app/router/config.go
+++ b/app/router/config.go
@@ -1,50 +1,13 @@
 package router
 import (
 	dm "github.com/xtls/xray-core/common/matcher/domain"
 	"github.com/xtls/xray-core/common/matcher/geoip"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/features/outbound"
 	"github.com/xtls/xray-core/features/routing"
 )
 // CIDRList is an alias of []*CIDR to provide sort.Interface.
 type CIDRList []*CIDR
 // Len implements sort.Interface.
 func (l *CIDRList) Len() int {
 	return len(*l)
 }
 // Less implements sort.Interface.
 func (l *CIDRList) Less(i int, j int) bool {
 	ci := (*l)[i]
 	cj := (*l)[j]
 	if len(ci.Ip) < len(cj.Ip) {
 		return true
 	}
 	if len(ci.Ip) > len(cj.Ip) {
 		return false
 	}
 	for k := 0; k < len(ci.Ip); k++ {
 		if ci.Ip[k] < cj.Ip[k] {
 			return true
 		}
 		if ci.Ip[k] > cj.Ip[k] {
 			return false
 		}
 	}
 	return ci.Prefix < cj.Prefix
 }
 // Swap implements sort.Interface.
 func (l *CIDRList) Swap(i int, j int) {
 	(*l)[i], (*l)[j] = (*l)[j], (*l)[i]
 }
 type Rule struct {
 	Tag       string
 	Balancer  *Balancer
@@ -67,11 +30,24 @@ func (rr *RoutingRule) BuildCondition() (Condition, error) {
 	conds := NewConditionChan()
 	if len(rr.Domain) > 0 {
-		matcher, err := NewDomainMatcher(rr.Domain)
+		switch rr.DomainMatcher {
 		case "linear":
 			matcher, err := dm.NewDomainMatcher(rr.Domain)
 			if err != nil {
 				return nil, newError("failed to build domain condition").Base(err)
 			}
 			conds.Add(matcher)
 		case "mph", "hybrid":
 			fallthrough
 		default:
 			matcher, err := dm.NewMphMatcherGroup(rr.Domain)
 			if err != nil {
 				return nil, newError("failed to build domain condition with MphDomainMatcher").Base(err)
 			}
 			newError("MphDomainMatcher is enabled for ", len(rr.Domain), " domain rule(s)").AtDebug().WriteToLog()
 			conds.Add(matcher)
 		}
 	}
 	if len(rr.UserEmail) > 0 {
@@ -99,13 +75,13 @@ func (rr *RoutingRule) BuildCondition() (Condition, error) {
 	}
 	if len(rr.Geoip) > 0 {
-		cond, err := NewMultiGeoIPMatcher(rr.Geoip, false)
+		cond, err := geoip.NewMultiGeoIPMatcher(rr.Geoip, false)
 		if err != nil {
 			return nil, err
 		}
 		conds.Add(cond)
 	} else if len(rr.Cidr) > 0 {
-		cond, err := NewMultiGeoIPMatcher([]*GeoIP{{Cidr: rr.Cidr}}, false)
+		cond, err := geoip.NewMultiGeoIPMatcher([]*geoip.GeoIP{{Cidr: rr.Cidr}}, false)
 		if err != nil {
 			return nil, err
 		}
@@ -113,13 +89,13 @@ func (rr *RoutingRule) BuildCondition() (Condition, error) {
 	}
 	if len(rr.SourceGeoip) > 0 {
-		cond, err := NewMultiGeoIPMatcher(rr.SourceGeoip, true)
+		cond, err := geoip.NewMultiGeoIPMatcher(rr.SourceGeoip, true)
 		if err != nil {
 			return nil, err
 		}
 		conds.Add(cond)
 	} else if len(rr.SourceCidr) > 0 {
-		cond, err := NewMultiGeoIPMatcher([]*GeoIP{{Cidr: rr.SourceCidr}}, true)
+		cond, err := geoip.NewMultiGeoIPMatcher([]*geoip.GeoIP{{Cidr: rr.SourceCidr}}, true)
 		if err != nil {
 			return nil, err
 		}
--- a/app/router/config.pb.go
+++ b/app/router/config.pb.go
--- a/app/router/config.proto
+++ b/app/router/config.proto
@@ -8,66 +8,8 @@ option java_multiple_files = true;
 import "common/net/port.proto";
 import "common/net/network.proto";
-
+import "common/matcher/domain/domain.proto";
-// Domain for routing decision.
+import "common/matcher/geoip/geoip.proto";
 message Domain {
  // Type of domain value.
  enum Type {
    // The value is used as is.
    Plain = 0;
    // The value is used as a regular expression.
    Regex = 1;
    // The value is a root domain.
    Domain = 2;
    // The value is a domain.
    Full = 3;
  }
  // Domain matching type.
  Type type = 1;
  // Domain value.
  string value = 2;
  message Attribute {
    string key = 1;
    oneof typed_value {
      bool bool_value = 2;
      int64 int_value = 3;
    }
  }
  // Attributes of this domain. May be used for filtering.
  repeated Attribute attribute = 3;
 }
 // IP for routing decision, in CIDR form.
 message CIDR {
  // IP address, should be either 4 or 16 bytes.
  bytes ip = 1;
  // Number of leading ones in the network mask.
  uint32 prefix = 2;
 }
 message GeoIP {
  string country_code = 1;
  repeated CIDR cidr = 2;
 }
 message GeoIPList {
  repeated GeoIP entry = 1;
 }
 message GeoSite {
  string country_code = 1;
  repeated Domain domain = 2;
 }
 message GeoSiteList {
  repeated GeoSite entry = 1;
 }
 message RoutingRule {
  oneof target_tag {
@@ -79,17 +21,17 @@ message RoutingRule {
  }
  // List of domains for target domain matching.
-  repeated Domain domain = 2;
+  repeated xray.common.matcher.domain.Domain domain = 2;
  // List of CIDRs for target IP address matching.
  // Deprecated. Use geoip below.
-  repeated CIDR cidr = 3 [deprecated = true];
+  repeated xray.common.matcher.geoip.CIDR cidr = 3 [deprecated = true];
  // List of GeoIPs for target IP address matching. If this entry exists, the
  // cidr above will have no effect. GeoIP fields with the same country code are
  // supposed to contain exactly same content. They will be merged during
  // runtime. For customized GeoIPs, please leave country code empty.
-  repeated GeoIP geoip = 10;
+  repeated xray.common.matcher.geoip.GeoIP geoip = 10;
  // A range of port [from, to]. If the destination port is in this range, this
  // rule takes effect. Deprecated. Use port_list.
@@ -105,11 +47,11 @@ message RoutingRule {
  repeated xray.common.net.Network networks = 13;
  // List of CIDRs for source IP address matching.
-  repeated CIDR source_cidr = 6 [deprecated = true];
+  repeated xray.common.matcher.geoip.CIDR source_cidr = 6 [deprecated = true];
  // List of GeoIPs for source IP address matching. If this entry exists, the
  // source_cidr above will have no effect.
-  repeated GeoIP source_geoip = 11;
+  repeated xray.common.matcher.geoip.GeoIP source_geoip = 11;
  // List of ports for source port matching.
  xray.common.net.PortList source_port_list = 16;
@@ -119,6 +61,8 @@ message RoutingRule {
  repeated string protocol = 9;
  string attributes = 15;
  string domain_matcher = 17;
 }
 message BalancingRule {
--- a/app/router/router.go
+++ b/app/router/router.go
@@ -80,7 +80,13 @@ func (r *Router) PickRoute(ctx routing.Context) (routing.Route, error) {
 }
 func (r *Router) pickRouteInternal(ctx routing.Context) (*Rule, routing.Context, error) {
-	if r.domainStrategy == Config_IpOnDemand {
+
 	// SkipDNSResolve is set from DNS module.
 	// the DOH remote server maybe a domain name,
 	// this prevents cycle resolving dead loop
 	skipDNSResolve := ctx.GetSkipDNSResolve()
 	if r.domainStrategy == Config_IpOnDemand && !skipDNSResolve {
 		ctx = routing_dns.ContextWithDNSClient(ctx, r.dns)
 	}
@@ -90,7 +96,7 @@ func (r *Router) pickRouteInternal(ctx routing.Context) (*Rule, routing.Context,
 		}
 	}
-	if r.domainStrategy != Config_IpIfNonMatch || len(ctx.GetTargetDomain()) == 0 {
+	if r.domainStrategy != Config_IpIfNonMatch || len(ctx.GetTargetDomain()) == 0 || skipDNSResolve {
 		return nil, ctx, common.ErrNoClue
 	}
--- a/app/router/router_test.go
+++ b/app/router/router_test.go
@@ -7,6 +7,7 @@ import (
 	"github.com/golang/mock/gomock"
 	. "github.com/xtls/xray-core/app/router"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/matcher/geoip"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/session"
 	"github.com/xtls/xray-core/features/outbound"
@@ -101,7 +102,7 @@ func TestIPOnDemand(t *testing.T) {
 				TargetTag: &RoutingRule_Tag{
 					Tag: "test",
 				},
-				Cidr: []*CIDR{
+				Cidr: []*geoip.CIDR{
 					{
 						Ip:     []byte{192, 168, 0, 0},
 						Prefix: 16,
@@ -136,7 +137,7 @@ func TestIPIfNonMatchDomain(t *testing.T) {
 				TargetTag: &RoutingRule_Tag{
 					Tag: "test",
 				},
-				Cidr: []*CIDR{
+				Cidr: []*geoip.CIDR{
 					{
 						Ip:     []byte{192, 168, 0, 0},
 						Prefix: 16,
@@ -171,7 +172,7 @@ func TestIPIfNonMatchIP(t *testing.T) {
 				TargetTag: &RoutingRule_Tag{
 					Tag: "test",
 				},
-				Cidr: []*CIDR{
+				Cidr: []*geoip.CIDR{
 					{
 						Ip:     []byte{127, 0, 0, 0},
 						Prefix: 8,
--- a/app/stats/command/command.go
+++ b/app/stats/command/command.go
@@ -11,7 +11,7 @@ import (
 	"github.com/xtls/xray-core/app/stats"
 	"github.com/xtls/xray-core/common"
-	"github.com/xtls/xray-core/common/strmatcher"
+	"github.com/xtls/xray-core/common/matcher/str"
 	"github.com/xtls/xray-core/core"
 	feature_stats "github.com/xtls/xray-core/features/stats"
 )
@@ -49,7 +49,7 @@ func (s *statsServer) GetStats(ctx context.Context, request *GetStatsRequest) (*
 }
 func (s *statsServer) QueryStats(ctx context.Context, request *QueryStatsRequest) (*QueryStatsResponse, error) {
-	matcher, err := strmatcher.Substr.New(request.Pattern)
+	matcher, err := str.Substr.New(request.Pattern)
 	if err != nil {
 		return nil, err
 	}
--- a/common/buf/buffer.go
+++ b/common/buf/buffer.go
@@ -31,6 +31,22 @@ func New() *Buffer {
 	}
 }
 func NewExisted(b []byte) *Buffer {
 	if cap(b) < Size {
 		panic("Invalid buffer")
 	}
 	oLen := len(b)
 	if oLen < Size {
 		b = b[:Size]
 	}
 	return &Buffer{
 		v:   b,
 		end: int32(oLen),
 	}
 }
 // StackNew creates a new Buffer object on stack.
 // This method is for buffers that is released in the same function.
 func StackNew() Buffer {
--- a/common/cache/lru.go
+++ b/common/cache/lru.go
@@ -0,0 +1,85 @@
 package cache
 import (
 	"container/list"
 	sync "sync"
 )
 // Lru simple, fast lru cache implementation
 type Lru interface {
 	Get(key interface{}) (value interface{}, ok bool)
 	GetKeyFromValue(value interface{}) (key interface{}, ok bool)
 	PeekKeyFromValue(value interface{}) (key interface{}, ok bool) // Peek means check but NOT bring to top
 	Put(key, value interface{})
 }
 type lru struct {
 	capacity         int
 	doubleLinkedlist *list.List
 	keyToElement     *sync.Map
 	valueToElement   *sync.Map
 	mu               *sync.Mutex
 }
 type lruElement struct {
 	key   interface{}
 	value interface{}
 }
 // NewLru init a lru cache
 func NewLru(cap int) Lru {
 	return lru{
 		capacity:         cap,
 		doubleLinkedlist: list.New(),
 		keyToElement:     new(sync.Map),
 		valueToElement:   new(sync.Map),
 		mu:               new(sync.Mutex),
 	}
 }
 func (l lru) Get(key interface{}) (value interface{}, ok bool) {
 	if v, ok := l.keyToElement.Load(key); ok {
 		element := v.(*list.Element)
 		l.doubleLinkedlist.MoveBefore(element, l.doubleLinkedlist.Front())
 		return element.Value.(lruElement).value, true
 	}
 	return nil, false
 }
 func (l lru) GetKeyFromValue(value interface{}) (key interface{}, ok bool) {
 	if k, ok := l.valueToElement.Load(value); ok {
 		element := k.(*list.Element)
 		l.doubleLinkedlist.MoveBefore(element, l.doubleLinkedlist.Front())
 		return element.Value.(lruElement).key, true
 	}
 	return nil, false
 }
 func (l lru) PeekKeyFromValue(value interface{}) (key interface{}, ok bool) {
 	if k, ok := l.valueToElement.Load(value); ok {
 		element := k.(*list.Element)
 		return element.Value.(lruElement).key, true
 	}
 	return nil, false
 }
 func (l lru) Put(key, value interface{}) {
 	e := lruElement{key, value}
 	if v, ok := l.keyToElement.Load(key); ok {
 		element := v.(*list.Element)
 		element.Value = e
 		l.doubleLinkedlist.MoveBefore(element, l.doubleLinkedlist.Front())
 	} else {
 		l.mu.Lock()
 		element := l.doubleLinkedlist.PushFront(e)
 		l.keyToElement.Store(key, element)
 		l.valueToElement.Store(value, element)
 		if l.doubleLinkedlist.Len() > l.capacity {
 			toBeRemove := l.doubleLinkedlist.Back()
 			l.doubleLinkedlist.Remove(toBeRemove)
 			l.keyToElement.Delete(toBeRemove.Value.(lruElement).key)
 			l.valueToElement.Delete(toBeRemove.Value.(lruElement).value)
 		}
 		l.mu.Unlock()
 	}
 }
--- a/common/cache/lru_test.go
+++ b/common/cache/lru_test.go
@@ -0,0 +1,86 @@
 package cache_test
 import (
 	"testing"
 	. "github.com/xtls/xray-core/common/cache"
 )
 func TestLruReplaceValue(t *testing.T) {
 	lru := NewLru(2)
 	lru.Put(2, 6)
 	lru.Put(1, 5)
 	lru.Put(1, 2)
 	v, _ := lru.Get(1)
 	if v != 2 {
 		t.Error("should get 2", v)
 	}
 	v, _ = lru.Get(2)
 	if v != 6 {
 		t.Error("should get 6", v)
 	}
 }
 func TestLruRemoveOld(t *testing.T) {
 	lru := NewLru(2)
 	v, ok := lru.Get(2)
 	if ok {
 		t.Error("should get nil", v)
 	}
 	lru.Put(1, 1)
 	lru.Put(2, 2)
 	v, _ = lru.Get(1)
 	if v != 1 {
 		t.Error("should get 1", v)
 	}
 	lru.Put(3, 3)
 	v, ok = lru.Get(2)
 	if ok {
 		t.Error("should get nil", v)
 	}
 	lru.Put(4, 4)
 	v, ok = lru.Get(1)
 	if ok {
 		t.Error("should get nil", v)
 	}
 	v, _ = lru.Get(3)
 	if v != 3 {
 		t.Error("should get 3", v)
 	}
 	v, _ = lru.Get(4)
 	if v != 4 {
 		t.Error("should get 4", v)
 	}
 }
 func TestGetKeyFromValue(t *testing.T) {
 	lru := NewLru(2)
 	lru.Put(3, 3)
 	lru.Put(2, 2)
 	lru.GetKeyFromValue(3)
 	lru.Put(1, 1)
 	v, ok := lru.GetKeyFromValue(2)
 	if ok {
 		t.Error("should get nil", v)
 	}
 	v, _ = lru.GetKeyFromValue(3)
 	if v != 3 {
 		t.Error("should get 3", v)
 	}
 }
 func TestPeekKeyFromValue(t *testing.T) {
 	lru := NewLru(2)
 	lru.Put(3, 3)
 	lru.Put(2, 2)
 	lru.PeekKeyFromValue(3)
 	lru.Put(1, 1)
 	v, ok := lru.PeekKeyFromValue(3)
 	if ok {
 		t.Error("should get nil", v)
 	}
 	v, _ = lru.PeekKeyFromValue(2)
 	if v != 2 {
 		t.Error("should get 2", v)
 	}
 }
--- a/common/errors/errors.go
+++ b/common/errors/errors.go
@@ -40,11 +40,9 @@ func (err *Error) pkgPath() string {
 		return ""
 	}
 	path := reflect.TypeOf(err.pathObj).PkgPath()
-	for i := 0; i < len(path); i++ {
+	if len(path) >= trim {
 		if path[i] == '/' {
 		return path[trim:]
 	}
 	}
 	return path
 }
--- a/common/log/dns.go
+++ b/common/log/dns.go
@@ -0,0 +1,59 @@
 package log
 import (
 	"net"
 	"strings"
 	"time"
 )
 type DNSLog struct {
 	Server  string
 	Domain  string
 	Result  []net.IP
 	Status  dnsStatus
 	Elapsed time.Duration
 	Error   error
 }
 func (l *DNSLog) String() string {
 	builder := &strings.Builder{}
 	// Server got answer: domain -> [ip1, ip2] 23ms
 	builder.WriteString(l.Server)
 	builder.WriteString(" ")
 	builder.WriteString(string(l.Status))
 	builder.WriteString(" ")
 	builder.WriteString(l.Domain)
 	builder.WriteString(" -> [")
 	builder.WriteString(joinNetIP(l.Result))
 	builder.WriteString("]")
 	if l.Elapsed > 0 {
 		builder.WriteString(" ")
 		builder.WriteString(l.Elapsed.String())
 	}
 	if l.Error != nil {
 		builder.WriteString(" <")
 		builder.WriteString(l.Error.Error())
 		builder.WriteString(">")
 	}
 	return builder.String()
 }
 type dnsStatus string
 var (
 	DNSQueried  = dnsStatus("got answer:")
 	DNSCacheHit = dnsStatus("cache HIT:")
 )
 func joinNetIP(ips []net.IP) string {
 	if len(ips) == 0 {
 		return ""
 	}
 	sips := make([]string, 0, len(ips))
 	for _, ip := range ips {
 		sips = append(sips, ip.String())
 	}
 	return strings.Join(sips, ", ")
 }
--- a/common/matcher/domain/conf/conf.go
+++ b/common/matcher/domain/conf/conf.go
@@ -0,0 +1,3 @@
 package conf
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
--- a/common/matcher/domain/conf/domain.go
+++ b/common/matcher/domain/conf/domain.go
@@ -0,0 +1,94 @@
 package conf
 import (
 	"strings"
 	dm "github.com/xtls/xray-core/common/matcher/domain"
 	"github.com/xtls/xray-core/common/matcher/geosite"
 )
 func ParseDomainRule(domain string) ([]*dm.Domain, error) {
 	if strings.HasPrefix(domain, "geosite:") {
 		country := strings.ToUpper(domain[8:])
 		domains, err := geosite.LoadGeositeWithAttr("geosite.dat", country)
 		if err != nil {
 			return nil, newError("failed to load geosite: ", country).Base(err)
 		}
 		return domains, nil
 	}
 	var isExtDatFile = 0
 	{
 		const prefix = "ext:"
 		if strings.HasPrefix(domain, prefix) {
 			isExtDatFile = len(prefix)
 		}
 		const prefixQualified = "ext-domain:"
 		if strings.HasPrefix(domain, prefixQualified) {
 			isExtDatFile = len(prefixQualified)
 		}
 	}
 	if isExtDatFile != 0 {
 		kv := strings.Split(domain[isExtDatFile:], ":")
 		if len(kv) != 2 {
 			return nil, newError("invalid external resource: ", domain)
 		}
 		filename := kv[0]
 		country := kv[1]
 		domains, err := geosite.LoadGeositeWithAttr(filename, country)
 		if err != nil {
 			return nil, newError("failed to load external sites: ", country, " from ", filename).Base(err)
 		}
 		return domains, nil
 	}
 	domainRule := new(dm.Domain)
 	switch {
 	case strings.HasPrefix(domain, "regexp:"):
 		regexpVal := domain[7:]
 		if len(regexpVal) == 0 {
 			return nil, newError("empty regexp type of rule: ", domain)
 		}
 		domainRule.Type = dm.MatchingType_Regex
 		domainRule.Value = regexpVal
 	case strings.HasPrefix(domain, "domain:"):
 		domainName := domain[7:]
 		if len(domainName) == 0 {
 			return nil, newError("empty domain type of rule: ", domain)
 		}
 		domainRule.Type = dm.MatchingType_Subdomain
 		domainRule.Value = domainName
 	case strings.HasPrefix(domain, "full:"):
 		fullVal := domain[5:]
 		if len(fullVal) == 0 {
 			return nil, newError("empty full domain type of rule: ", domain)
 		}
 		domainRule.Type = dm.MatchingType_Full
 		domainRule.Value = fullVal
 	case strings.HasPrefix(domain, "keyword:"):
 		keywordVal := domain[8:]
 		if len(keywordVal) == 0 {
 			return nil, newError("empty keyword type of rule: ", domain)
 		}
 		domainRule.Type = dm.MatchingType_Keyword
 		domainRule.Value = keywordVal
 	case strings.HasPrefix(domain, "dotless:"):
 		domainRule.Type = dm.MatchingType_Regex
 		switch substr := domain[8:]; {
 		case substr == "":
 			domainRule.Value = "^[^.]*$"
 		case !strings.Contains(substr, "."):
 			domainRule.Value = "^[^.]*" + substr + "[^.]*$"
 		default:
 			return nil, newError("substr in dotless rule should not contain a dot: ", substr)
 		}
 	default:
 		domainRule.Type = dm.MatchingType_Keyword
 		domainRule.Value = domain
 	}
 	return []*dm.Domain{domainRule}, nil
 }
--- a/common/matcher/domain/conf/errors.generated.go
+++ b/common/matcher/domain/conf/errors.generated.go
@@ -0,0 +1,9 @@
 package conf
 import "github.com/xtls/xray-core/common/errors"
 type errPathObjHolder struct{}
 func newError(values ...interface{}) *errors.Error {
 	return errors.New(values...).WithPathObj(errPathObjHolder{})
 }
--- a/common/matcher/domain/domain.go
+++ b/common/matcher/domain/domain.go
@@ -0,0 +1,3 @@
 package domain
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
--- a/common/matcher/domain/domain.pb.go
+++ b/common/matcher/domain/domain.pb.go
@@ -0,0 +1,229 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
 // 	protoc        v3.15.6
 // source: common/matcher/domain/domain.proto
 package domain
 import (
 	proto "github.com/golang/protobuf/proto"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
 	reflect "reflect"
 	sync "sync"
 )
 const (
 	// Verify that this generated code is sufficiently up-to-date.
 	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
 	// Verify that runtime/protoimpl is sufficiently up-to-date.
 	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
 )
 // This is a compile-time assertion that a sufficiently up-to-date version
 // of the legacy proto package is being used.
 const _ = proto.ProtoPackageIsVersion4
 type MatchingType int32
 const (
 	MatchingType_Full      MatchingType = 0
 	MatchingType_Subdomain MatchingType = 1
 	MatchingType_Keyword   MatchingType = 2
 	MatchingType_Regex     MatchingType = 3
 )
 // Enum value maps for MatchingType.
 var (
 	MatchingType_name = map[int32]string{
 		0: "Full",
 		1: "Subdomain",
 		2: "Keyword",
 		3: "Regex",
 	}
 	MatchingType_value = map[string]int32{
 		"Full":      0,
 		"Subdomain": 1,
 		"Keyword":   2,
 		"Regex":     3,
 	}
 )
 func (x MatchingType) Enum() *MatchingType {
 	p := new(MatchingType)
 	*p = x
 	return p
 }
 func (x MatchingType) String() string {
 	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
 }
 func (MatchingType) Descriptor() protoreflect.EnumDescriptor {
 	return file_common_matcher_domain_domain_proto_enumTypes[0].Descriptor()
 }
 func (MatchingType) Type() protoreflect.EnumType {
 	return &file_common_matcher_domain_domain_proto_enumTypes[0]
 }
 func (x MatchingType) Number() protoreflect.EnumNumber {
 	return protoreflect.EnumNumber(x)
 }
 // Deprecated: Use MatchingType.Descriptor instead.
 func (MatchingType) EnumDescriptor() ([]byte, []int) {
 	return file_common_matcher_domain_domain_proto_rawDescGZIP(), []int{0}
 }
 type Domain struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	// Domain matching type.
 	Type MatchingType `protobuf:"varint,1,opt,name=type,proto3,enum=xray.common.matcher.domain.MatchingType" json:"type,omitempty"`
 	// Domain value.
 	Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
 }
 func (x *Domain) Reset() {
 	*x = Domain{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_common_matcher_domain_domain_proto_msgTypes[0]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *Domain) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*Domain) ProtoMessage() {}
 func (x *Domain) ProtoReflect() protoreflect.Message {
 	mi := &file_common_matcher_domain_domain_proto_msgTypes[0]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use Domain.ProtoReflect.Descriptor instead.
 func (*Domain) Descriptor() ([]byte, []int) {
 	return file_common_matcher_domain_domain_proto_rawDescGZIP(), []int{0}
 }
 func (x *Domain) GetType() MatchingType {
 	if x != nil {
 		return x.Type
 	}
 	return MatchingType_Full
 }
 func (x *Domain) GetValue() string {
 	if x != nil {
 		return x.Value
 	}
 	return ""
 }
 var File_common_matcher_domain_domain_proto protoreflect.FileDescriptor
 var file_common_matcher_domain_domain_proto_rawDesc = []byte{
 	0x0a, 0x22, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
 	0x2f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x2f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x2e, 0x70,
 	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1a, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f,
 	0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e,
 	0x22, 0x5c, 0x0a, 0x06, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x3c, 0x0a, 0x04, 0x74, 0x79,
 	0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x28, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e,
 	0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x64,
 	0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x69, 0x6e, 0x67, 0x54, 0x79,
 	0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75,
 	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x2a, 0x3f,
 	0x0a, 0x0c, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x69, 0x6e, 0x67, 0x54, 0x79, 0x70, 0x65, 0x12, 0x08,
 	0x0a, 0x04, 0x46, 0x75, 0x6c, 0x6c, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x53, 0x75, 0x62, 0x64,
 	0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x4b, 0x65, 0x79, 0x77, 0x6f,
 	0x72, 0x64, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x65, 0x67, 0x65, 0x78, 0x10, 0x03, 0x42,
 	0x70, 0x0a, 0x1e, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d,
 	0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x64, 0x6f, 0x6d, 0x61, 0x69,
 	0x6e, 0x50, 0x01, 0x5a, 0x2f, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
 	0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x63,
 	0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x64, 0x6f,
 	0x6d, 0x61, 0x69, 0x6e, 0xaa, 0x02, 0x1a, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x43, 0x6f, 0x6d, 0x6d,
 	0x6f, 0x6e, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69,
 	0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 var (
 	file_common_matcher_domain_domain_proto_rawDescOnce sync.Once
 	file_common_matcher_domain_domain_proto_rawDescData = file_common_matcher_domain_domain_proto_rawDesc
 )
 func file_common_matcher_domain_domain_proto_rawDescGZIP() []byte {
 	file_common_matcher_domain_domain_proto_rawDescOnce.Do(func() {
 		file_common_matcher_domain_domain_proto_rawDescData = protoimpl.X.CompressGZIP(file_common_matcher_domain_domain_proto_rawDescData)
 	})
 	return file_common_matcher_domain_domain_proto_rawDescData
 }
 var file_common_matcher_domain_domain_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
 var file_common_matcher_domain_domain_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
 var file_common_matcher_domain_domain_proto_goTypes = []interface{}{
 	(MatchingType)(0), // 0: xray.common.matcher.domain.MatchingType
 	(*Domain)(nil),    // 1: xray.common.matcher.domain.Domain
 }
 var file_common_matcher_domain_domain_proto_depIdxs = []int32{
 	0, // 0: xray.common.matcher.domain.Domain.type:type_name -> xray.common.matcher.domain.MatchingType
 	1, // [1:1] is the sub-list for method output_type
 	1, // [1:1] is the sub-list for method input_type
 	1, // [1:1] is the sub-list for extension type_name
 	1, // [1:1] is the sub-list for extension extendee
 	0, // [0:1] is the sub-list for field type_name
 }
 func init() { file_common_matcher_domain_domain_proto_init() }
 func file_common_matcher_domain_domain_proto_init() {
 	if File_common_matcher_domain_domain_proto != nil {
 		return
 	}
 	if !protoimpl.UnsafeEnabled {
 		file_common_matcher_domain_domain_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*Domain); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 	}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
 		File: protoimpl.DescBuilder{
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_common_matcher_domain_domain_proto_rawDesc,
 			NumEnums:      1,
 			NumMessages:   1,
 			NumExtensions: 0,
 			NumServices:   0,
 		},
 		GoTypes:           file_common_matcher_domain_domain_proto_goTypes,
 		DependencyIndexes: file_common_matcher_domain_domain_proto_depIdxs,
 		EnumInfos:         file_common_matcher_domain_domain_proto_enumTypes,
 		MessageInfos:      file_common_matcher_domain_domain_proto_msgTypes,
 	}.Build()
 	File_common_matcher_domain_domain_proto = out.File
 	file_common_matcher_domain_domain_proto_rawDesc = nil
 	file_common_matcher_domain_domain_proto_goTypes = nil
 	file_common_matcher_domain_domain_proto_depIdxs = nil
 }
--- a/common/matcher/domain/domain.proto
+++ b/common/matcher/domain/domain.proto
@@ -0,0 +1,39 @@
 syntax = "proto3";
 package xray.common.matcher.domain;
 option csharp_namespace = "Xray.Common.Matcher.Domain";
 option go_package = "github.com/xtls/xray-core/common/matcher/domain";
 option java_package = "com.xray.common.matcher.domain";
 option java_multiple_files = true;
 enum MatchingType {
  Full = 0;
  Subdomain = 1;
  Keyword = 2;
  Regex = 3;
 }
 message Domain {
  // Domain matching type.
  MatchingType type = 1;
  // Domain value.
  string value = 2;
 }
 /*
 func toDomainMatchingType(t router.Domain_Type) dns.DomainMatchingType {
 	switch t {
 	case router.Domain_Domain:
 		return dns.DomainMatchingType_Subdomain
 	case router.Domain_Full:
 		return dns.DomainMatchingType_Full
 	case router.Domain_Plain:
 		return dns.DomainMatchingType_Keyword
 	case router.Domain_Regex:
 		return dns.DomainMatchingType_Regex
 	default:
 		panic("unknown domain type")
 	}
 }
 */
--- a/common/matcher/domain/errors.generated.go
+++ b/common/matcher/domain/errors.generated.go
@@ -0,0 +1,9 @@
 package domain
 import "github.com/xtls/xray-core/common/errors"
 type errPathObjHolder struct{}
 func newError(values ...interface{}) *errors.Error {
 	return errors.New(values...).WithPathObj(errPathObjHolder{})
 }
--- a/common/matcher/domain/matcher.go
+++ b/common/matcher/domain/matcher.go
@@ -0,0 +1,79 @@
 package domain
 import (
 	"strings"
 	"github.com/xtls/xray-core/common/matcher/str"
 	"github.com/xtls/xray-core/features/routing"
 )
 var matcherTypeMap = map[MatchingType]str.Type{
 	MatchingType_Keyword:   str.Substr,
 	MatchingType_Regex:     str.Regex,
 	MatchingType_Subdomain: str.Domain,
 	MatchingType_Full:      str.Full,
 }
 func domainToMatcher(domain *Domain) (str.Matcher, error) {
 	matcherType, f := matcherTypeMap[domain.Type]
 	if !f {
 		return nil, newError("unsupported domain type", domain.Type)
 	}
 	matcher, err := matcherType.New(domain.Value)
 	if err != nil {
 		return nil, newError("failed to create domain matcher").Base(err)
 	}
 	return matcher, nil
 }
 type DomainMatcher struct {
 	matchers str.IndexMatcher
 }
 func NewMphMatcherGroup(domains []*Domain) (*DomainMatcher, error) {
 	g := str.NewMphMatcherGroup()
 	for _, d := range domains {
 		matcherType, f := matcherTypeMap[d.Type]
 		if !f {
 			return nil, newError("unsupported domain type", d.Type)
 		}
 		_, err := g.AddPattern(d.Value, matcherType)
 		if err != nil {
 			return nil, err
 		}
 	}
 	g.Build()
 	return &DomainMatcher{
 		matchers: g,
 	}, nil
 }
 func NewDomainMatcher(domains []*Domain) (*DomainMatcher, error) {
 	g := new(str.MatcherGroup)
 	for _, d := range domains {
 		m, err := domainToMatcher(d)
 		if err != nil {
 			return nil, err
 		}
 		g.Add(m)
 	}
 	return &DomainMatcher{
 		matchers: g,
 	}, nil
 }
 func (m *DomainMatcher) ApplyDomain(domain string) bool {
 	return len(m.matchers.Match(strings.ToLower(domain))) > 0
 }
 // Apply implements Condition.
 func (m *DomainMatcher) Apply(ctx routing.Context) bool {
 	domain := ctx.GetTargetDomain()
 	if len(domain) == 0 {
 		return false
 	}
 	return m.ApplyDomain(domain)
 }
--- a/common/matcher/geoip/conf.go
+++ b/common/matcher/geoip/conf.go
@@ -0,0 +1,224 @@
 package geoip
 import (
 	"runtime"
 	"strconv"
 	"strings"
 	"github.com/golang/protobuf/proto"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/platform/filesystem"
 )
 var (
 	FileCache = make(map[string][]byte)
 	IPCache   = make(map[string]*GeoIP)
 )
 func LoadGeoIP(code string) ([]*CIDR, error) {
 	return LoadIPFile("geoip.dat", code)
 }
 func LoadIPFile(file, code string) ([]*CIDR, error) {
 	index := file + ":" + code
 	if IPCache[index] == nil {
 		bs, err := loadFile(file)
 		if err != nil {
 			return nil, newError("failed to load file: ", file).Base(err)
 		}
 		bs = find(bs, []byte(code))
 		if bs == nil {
 			return nil, newError("code not found in ", file, ": ", code)
 		}
 		var geoipdat GeoIP
 		if err := proto.Unmarshal(bs, &geoipdat); err != nil {
 			return nil, newError("error unmarshal IP in ", file, ": ", code).Base(err)
 		}
 		defer runtime.GC()        // or debug.FreeOSMemory()
 		return geoipdat.Cidr, nil // do not cache geoip
 		// IPCache[index] = &geoipdat
 	}
 	return IPCache[index].Cidr, nil
 }
 func loadFile(file string) ([]byte, error) {
 	if FileCache[file] == nil {
 		bs, err := filesystem.ReadAsset(file)
 		if err != nil {
 			return nil, newError("failed to open file: ", file).Base(err)
 		}
 		if len(bs) == 0 {
 			return nil, newError("empty file: ", file)
 		}
 		// Do not cache file, may save RAM when there
 		// are many files, but consume CPU each time.
 		return bs, nil
 		// FileCache[file] = bs
 	}
 	return FileCache[file], nil
 }
 func find(data, code []byte) []byte {
 	codeL := len(code)
 	if codeL == 0 {
 		return nil
 	}
 	for {
 		dataL := len(data)
 		if dataL < 2 {
 			return nil
 		}
 		x, y := proto.DecodeVarint(data[1:])
 		if x == 0 && y == 0 {
 			return nil
 		}
 		headL, bodyL := 1+y, int(x)
 		dataL -= headL
 		if dataL < bodyL {
 			return nil
 		}
 		data = data[headL:]
 		if int(data[1]) == codeL {
 			for i := 0; i < codeL && data[2+i] == code[i]; i++ {
 				if i+1 == codeL {
 					return data[:bodyL]
 				}
 			}
 		}
 		if dataL == bodyL {
 			return nil
 		}
 		data = data[bodyL:]
 	}
 }
 func ParseIPList(ips []string) ([]*GeoIP, error) {
 	var geoipList []*GeoIP
 	var customCidrs []*CIDR
 	for _, ip := range ips {
 		if strings.HasPrefix(ip, "geoip:") {
 			country := ip[6:]
 			isReverseMatch := false
 			if strings.HasPrefix(country, "!") {
 				country = country[1:]
 				isReverseMatch = true
 			}
 			geoipc, err := LoadGeoIP(strings.ToUpper(country))
 			if err != nil {
 				return nil, newError("failed to load GeoIP: ", country).Base(err)
 			}
 			geoipList = append(geoipList, &GeoIP{
 				CountryCode:  strings.ToUpper(country),
 				Cidr:         geoipc,
 				ReverseMatch: isReverseMatch,
 			})
 			continue
 		}
 		var isExtDatFile = 0
 		{
 			const prefix = "ext:"
 			if strings.HasPrefix(ip, prefix) {
 				isExtDatFile = len(prefix)
 			}
 			const prefixQualified = "ext-ip:"
 			if strings.HasPrefix(ip, prefixQualified) {
 				isExtDatFile = len(prefixQualified)
 			}
 		}
 		if isExtDatFile != 0 {
 			kv := strings.Split(ip[isExtDatFile:], ":")
 			if len(kv) != 2 {
 				return nil, newError("invalid external resource: ", ip)
 			}
 			filename := kv[0]
 			country := kv[1]
 			if len(filename) == 0 || len(country) == 0 {
 				return nil, newError("empty filename or empty country in rule")
 			}
 			isReverseMatch := false
 			if strings.HasPrefix(country, "!") {
 				country = country[1:]
 				isReverseMatch = true
 			}
 			geoipc, err := LoadIPFile(filename, strings.ToUpper(country))
 			if err != nil {
 				return nil, newError("failed to load IPs: ", country, " from ", filename).Base(err)
 			}
 			geoipList = append(geoipList, &GeoIP{
 				CountryCode:  strings.ToUpper(filename + "_" + country),
 				Cidr:         geoipc,
 				ReverseMatch: isReverseMatch,
 			})
 			continue
 		}
 		ipRule, err := ParseIP(ip)
 		if err != nil {
 			return nil, newError("invalid IP: ", ip).Base(err)
 		}
 		customCidrs = append(customCidrs, ipRule)
 	}
 	if len(customCidrs) > 0 {
 		geoipList = append(geoipList, &GeoIP{
 			Cidr: customCidrs,
 		})
 	}
 	return geoipList, nil
 }
 func ParseIP(s string) (*CIDR, error) {
 	var addr, mask string
 	i := strings.Index(s, "/")
 	if i < 0 {
 		addr = s
 	} else {
 		addr = s[:i]
 		mask = s[i+1:]
 	}
 	ip := net.ParseAddress(addr)
 	switch ip.Family() {
 	case net.AddressFamilyIPv4:
 		bits := uint32(32)
 		if len(mask) > 0 {
 			bits64, err := strconv.ParseUint(mask, 10, 32)
 			if err != nil {
 				return nil, newError("invalid network mask for router: ", mask).Base(err)
 			}
 			bits = uint32(bits64)
 		}
 		if bits > 32 {
 			return nil, newError("invalid network mask for router: ", bits)
 		}
 		return &CIDR{
 			Ip:     ip.IP(),
 			Prefix: bits,
 		}, nil
 	case net.AddressFamilyIPv6:
 		bits := uint32(128)
 		if len(mask) > 0 {
 			bits64, err := strconv.ParseUint(mask, 10, 32)
 			if err != nil {
 				return nil, newError("invalid network mask for router: ", mask).Base(err)
 			}
 			bits = uint32(bits64)
 		}
 		if bits > 128 {
 			return nil, newError("invalid network mask for router: ", bits)
 		}
 		return &CIDR{
 			Ip:     ip.IP(),
 			Prefix: bits,
 		}, nil
 	default:
 		return nil, newError("unsupported address for router: ", s)
 	}
 }
--- a/common/matcher/geoip/crid.go
+++ b/common/matcher/geoip/crid.go
@@ -0,0 +1,40 @@
 package geoip
 // CIDRList is an alias of []*CIDR to provide sort.Interface.
 type CIDRList []*CIDR
 // Len implements sort.Interface.
 func (l *CIDRList) Len() int {
 	return len(*l)
 }
 // Less implements sort.Interface.
 func (l *CIDRList) Less(i int, j int) bool {
 	ci := (*l)[i]
 	cj := (*l)[j]
 	if len(ci.Ip) < len(cj.Ip) {
 		return true
 	}
 	if len(ci.Ip) > len(cj.Ip) {
 		return false
 	}
 	for k := 0; k < len(ci.Ip); k++ {
 		if ci.Ip[k] < cj.Ip[k] {
 			return true
 		}
 		if ci.Ip[k] > cj.Ip[k] {
 			return false
 		}
 	}
 	return ci.Prefix < cj.Prefix
 }
 // Swap implements sort.Interface.
 func (l *CIDRList) Swap(i int, j int) {
 	(*l)[i], (*l)[j] = (*l)[j], (*l)[i]
 }
--- a/common/matcher/geoip/errors.generated.go
+++ b/common/matcher/geoip/errors.generated.go
@@ -0,0 +1,9 @@
 package geoip
 import "github.com/xtls/xray-core/common/errors"
 type errPathObjHolder struct{}
 func newError(values ...interface{}) *errors.Error {
 	return errors.New(values...).WithPathObj(errPathObjHolder{})
 }
--- a/common/matcher/geoip/geoip.go
+++ b/common/matcher/geoip/geoip.go
@@ -1,4 +1,4 @@
-package router
+package geoip
 import (
 	"encoding/binary"
@@ -7,6 +7,8 @@ import (
 	"github.com/xtls/xray-core/common/net"
 )
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
 type ipv6 struct {
 	a uint64
 	b uint64
@@ -14,12 +16,17 @@ type ipv6 struct {
 type GeoIPMatcher struct {
 	countryCode  string
 	reverseMatch bool
 	ip4          []uint32
 	prefix4      []uint8
 	ip6          []ipv6
 	prefix6      []uint8
 }
 func (m *GeoIPMatcher) SetReverseMatch(isReverseMatch bool) {
 	m.reverseMatch = isReverseMatch
 }
 func normalize4(ip uint32, prefix uint8) uint32 {
 	return (ip >> (32 - prefix)) << (32 - prefix)
 }
@@ -147,8 +154,17 @@ func (m *GeoIPMatcher) match6(ip ipv6) bool {
 func (m *GeoIPMatcher) Match(ip net.IP) bool {
 	switch len(ip) {
 	case 4:
 		if m.reverseMatch {
 			return !m.match4(binary.BigEndian.Uint32(ip))
 		}
 		return m.match4(binary.BigEndian.Uint32(ip))
 	case 16:
 		if m.reverseMatch {
 			return !m.match6(ipv6{
 				a: binary.BigEndian.Uint64(ip[0:8]),
 				b: binary.BigEndian.Uint64(ip[8:16]),
 			})
 		}
 		return m.match6(ipv6{
 			a: binary.BigEndian.Uint64(ip[0:8]),
 			b: binary.BigEndian.Uint64(ip[8:16]),
@@ -168,7 +184,7 @@ type GeoIPMatcherContainer struct {
 func (c *GeoIPMatcherContainer) Add(geoip *GeoIP) (*GeoIPMatcher, error) {
 	if len(geoip.CountryCode) > 0 {
 		for _, m := range c.matchers {
-			if m.countryCode == geoip.CountryCode {
+			if m.countryCode == geoip.CountryCode && m.reverseMatch == geoip.ReverseMatch {
 				return m, nil
 			}
 		}
@@ -176,6 +192,7 @@ func (c *GeoIPMatcherContainer) Add(geoip *GeoIP) (*GeoIPMatcher, error) {
 	m := &GeoIPMatcher{
 		countryCode:  geoip.CountryCode,
 		reverseMatch: geoip.ReverseMatch,
 	}
 	if err := m.Init(geoip.Cidr); err != nil {
 		return nil, err
@@ -187,5 +204,5 @@ func (c *GeoIPMatcherContainer) Add(geoip *GeoIP) (*GeoIPMatcher, error) {
 }
 var (
-	globalGeoIPContainer GeoIPMatcherContainer
+	GlobalGeoIPContainer GeoIPMatcherContainer
 )
--- a/common/matcher/geoip/geoip.pb.go
+++ b/common/matcher/geoip/geoip.pb.go
@@ -0,0 +1,317 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
 // 	protoc        v3.15.7
 // source: common/matcher/geoip/geoip.proto
 package geoip
 import (
 	proto "github.com/golang/protobuf/proto"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
 	reflect "reflect"
 	sync "sync"
 )
 const (
 	// Verify that this generated code is sufficiently up-to-date.
 	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
 	// Verify that runtime/protoimpl is sufficiently up-to-date.
 	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
 )
 // This is a compile-time assertion that a sufficiently up-to-date version
 // of the legacy proto package is being used.
 const _ = proto.ProtoPackageIsVersion4
 // IP for routing decision, in CIDR form.
 type CIDR struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	// IP address, should be either 4 or 16 bytes.
 	Ip []byte `protobuf:"bytes,1,opt,name=ip,proto3" json:"ip,omitempty"`
 	// Number of leading ones in the network mask.
 	Prefix uint32 `protobuf:"varint,2,opt,name=prefix,proto3" json:"prefix,omitempty"`
 }
 func (x *CIDR) Reset() {
 	*x = CIDR{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_common_matcher_geoip_geoip_proto_msgTypes[0]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *CIDR) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*CIDR) ProtoMessage() {}
 func (x *CIDR) ProtoReflect() protoreflect.Message {
 	mi := &file_common_matcher_geoip_geoip_proto_msgTypes[0]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use CIDR.ProtoReflect.Descriptor instead.
 func (*CIDR) Descriptor() ([]byte, []int) {
 	return file_common_matcher_geoip_geoip_proto_rawDescGZIP(), []int{0}
 }
 func (x *CIDR) GetIp() []byte {
 	if x != nil {
 		return x.Ip
 	}
 	return nil
 }
 func (x *CIDR) GetPrefix() uint32 {
 	if x != nil {
 		return x.Prefix
 	}
 	return 0
 }
 type GeoIP struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	CountryCode  string  `protobuf:"bytes,1,opt,name=country_code,json=countryCode,proto3" json:"country_code,omitempty"`
 	Cidr         []*CIDR `protobuf:"bytes,2,rep,name=cidr,proto3" json:"cidr,omitempty"`
 	ReverseMatch bool    `protobuf:"varint,3,opt,name=reverse_match,json=reverseMatch,proto3" json:"reverse_match,omitempty"`
 }
 func (x *GeoIP) Reset() {
 	*x = GeoIP{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_common_matcher_geoip_geoip_proto_msgTypes[1]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *GeoIP) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*GeoIP) ProtoMessage() {}
 func (x *GeoIP) ProtoReflect() protoreflect.Message {
 	mi := &file_common_matcher_geoip_geoip_proto_msgTypes[1]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use GeoIP.ProtoReflect.Descriptor instead.
 func (*GeoIP) Descriptor() ([]byte, []int) {
 	return file_common_matcher_geoip_geoip_proto_rawDescGZIP(), []int{1}
 }
 func (x *GeoIP) GetCountryCode() string {
 	if x != nil {
 		return x.CountryCode
 	}
 	return ""
 }
 func (x *GeoIP) GetCidr() []*CIDR {
 	if x != nil {
 		return x.Cidr
 	}
 	return nil
 }
 func (x *GeoIP) GetReverseMatch() bool {
 	if x != nil {
 		return x.ReverseMatch
 	}
 	return false
 }
 type GeoIPList struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	Entry []*GeoIP `protobuf:"bytes,1,rep,name=entry,proto3" json:"entry,omitempty"`
 }
 func (x *GeoIPList) Reset() {
 	*x = GeoIPList{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_common_matcher_geoip_geoip_proto_msgTypes[2]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *GeoIPList) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*GeoIPList) ProtoMessage() {}
 func (x *GeoIPList) ProtoReflect() protoreflect.Message {
 	mi := &file_common_matcher_geoip_geoip_proto_msgTypes[2]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use GeoIPList.ProtoReflect.Descriptor instead.
 func (*GeoIPList) Descriptor() ([]byte, []int) {
 	return file_common_matcher_geoip_geoip_proto_rawDescGZIP(), []int{2}
 }
 func (x *GeoIPList) GetEntry() []*GeoIP {
 	if x != nil {
 		return x.Entry
 	}
 	return nil
 }
 var File_common_matcher_geoip_geoip_proto protoreflect.FileDescriptor
 var file_common_matcher_geoip_geoip_proto_rawDesc = []byte{
 	0x0a, 0x20, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
 	0x2f, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x2f, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x2e, 0x70, 0x72, 0x6f,
 	0x74, 0x6f, 0x12, 0x19, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e,
 	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x22, 0x2e, 0x0a,
 	0x04, 0x43, 0x49, 0x44, 0x52, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28,
 	0x0c, 0x52, 0x02, 0x69, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18,
 	0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x22, 0x84, 0x01,
 	0x0a, 0x05, 0x47, 0x65, 0x6f, 0x49, 0x50, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x6f, 0x75, 0x6e, 0x74,
 	0x72, 0x79, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63,
 	0x6f, 0x75, 0x6e, 0x74, 0x72, 0x79, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x33, 0x0a, 0x04, 0x63, 0x69,
 	0x64, 0x72, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e,
 	0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x67,
 	0x65, 0x6f, 0x69, 0x70, 0x2e, 0x43, 0x49, 0x44, 0x52, 0x52, 0x04, 0x63, 0x69, 0x64, 0x72, 0x12,
 	0x23, 0x0a, 0x0d, 0x72, 0x65, 0x76, 0x65, 0x72, 0x73, 0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68,
 	0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x72, 0x65, 0x76, 0x65, 0x72, 0x73, 0x65, 0x4d,
 	0x61, 0x74, 0x63, 0x68, 0x22, 0x43, 0x0a, 0x09, 0x47, 0x65, 0x6f, 0x49, 0x50, 0x4c, 0x69, 0x73,
 	0x74, 0x12, 0x36, 0x0a, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b,
 	0x32, 0x20, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d,
 	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x2e, 0x47, 0x65, 0x6f,
 	0x49, 0x50, 0x52, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x42, 0x6d, 0x0a, 0x1d, 0x63, 0x6f, 0x6d,
 	0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74,
 	0x63, 0x68, 0x65, 0x72, 0x2e, 0x67, 0x65, 0x6f, 0x69, 0x70, 0x50, 0x01, 0x5a, 0x2e, 0x67, 0x69,
 	0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72,
 	0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d,
 	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x67, 0x65, 0x6f, 0x69, 0x70, 0xaa, 0x02, 0x19, 0x58,
 	0x72, 0x61, 0x79, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68,
 	0x65, 0x72, 0x2e, 0x47, 0x65, 0x6f, 0x49, 0x50, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 var (
 	file_common_matcher_geoip_geoip_proto_rawDescOnce sync.Once
 	file_common_matcher_geoip_geoip_proto_rawDescData = file_common_matcher_geoip_geoip_proto_rawDesc
 )
 func file_common_matcher_geoip_geoip_proto_rawDescGZIP() []byte {
 	file_common_matcher_geoip_geoip_proto_rawDescOnce.Do(func() {
 		file_common_matcher_geoip_geoip_proto_rawDescData = protoimpl.X.CompressGZIP(file_common_matcher_geoip_geoip_proto_rawDescData)
 	})
 	return file_common_matcher_geoip_geoip_proto_rawDescData
 }
 var file_common_matcher_geoip_geoip_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
 var file_common_matcher_geoip_geoip_proto_goTypes = []interface{}{
 	(*CIDR)(nil),      // 0: xray.common.matcher.geoip.CIDR
 	(*GeoIP)(nil),     // 1: xray.common.matcher.geoip.GeoIP
 	(*GeoIPList)(nil), // 2: xray.common.matcher.geoip.GeoIPList
 }
 var file_common_matcher_geoip_geoip_proto_depIdxs = []int32{
 	0, // 0: xray.common.matcher.geoip.GeoIP.cidr:type_name -> xray.common.matcher.geoip.CIDR
 	1, // 1: xray.common.matcher.geoip.GeoIPList.entry:type_name -> xray.common.matcher.geoip.GeoIP
 	2, // [2:2] is the sub-list for method output_type
 	2, // [2:2] is the sub-list for method input_type
 	2, // [2:2] is the sub-list for extension type_name
 	2, // [2:2] is the sub-list for extension extendee
 	0, // [0:2] is the sub-list for field type_name
 }
 func init() { file_common_matcher_geoip_geoip_proto_init() }
 func file_common_matcher_geoip_geoip_proto_init() {
 	if File_common_matcher_geoip_geoip_proto != nil {
 		return
 	}
 	if !protoimpl.UnsafeEnabled {
 		file_common_matcher_geoip_geoip_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*CIDR); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 		file_common_matcher_geoip_geoip_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*GeoIP); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 		file_common_matcher_geoip_geoip_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*GeoIPList); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 	}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
 		File: protoimpl.DescBuilder{
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_common_matcher_geoip_geoip_proto_rawDesc,
 			NumEnums:      0,
 			NumMessages:   3,
 			NumExtensions: 0,
 			NumServices:   0,
 		},
 		GoTypes:           file_common_matcher_geoip_geoip_proto_goTypes,
 		DependencyIndexes: file_common_matcher_geoip_geoip_proto_depIdxs,
 		MessageInfos:      file_common_matcher_geoip_geoip_proto_msgTypes,
 	}.Build()
 	File_common_matcher_geoip_geoip_proto = out.File
 	file_common_matcher_geoip_geoip_proto_rawDesc = nil
 	file_common_matcher_geoip_geoip_proto_goTypes = nil
 	file_common_matcher_geoip_geoip_proto_depIdxs = nil
 }
--- a/common/matcher/geoip/geoip.proto
+++ b/common/matcher/geoip/geoip.proto
@@ -0,0 +1,26 @@
 syntax = "proto3";
 package xray.common.matcher.geoip;
 option csharp_namespace = "Xray.Common.Matcher.GeoIP";
 option go_package = "github.com/xtls/xray-core/common/matcher/geoip";
 option java_package = "com.xray.common.matcher.geoip";
 option java_multiple_files = true;
 // IP for routing decision, in CIDR form.
 message CIDR {
  // IP address, should be either 4 or 16 bytes.
  bytes ip = 1;
  // Number of leading ones in the network mask.
  uint32 prefix = 2;
 }
 message GeoIP {
  string country_code = 1;
  repeated CIDR cidr = 2;
  bool reverse_match =3;
 }
 message GeoIPList {
  repeated GeoIP entry = 1;
 }
--- a/common/matcher/geoip/geoip_test.go
+++ b/common/matcher/geoip/geoip_test.go
@@ -1,16 +1,16 @@
-package router_test
+package geoip_test
 import (
 	"os"
 	"path/filepath"
 	"testing"
 	"github.com/golang/protobuf/proto"
 	"github.com/xtls/xray-core/app/router"
 	"github.com/xtls/xray-core/common"
 	. "github.com/xtls/xray-core/common/matcher/geoip"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/platform"
 	"github.com/xtls/xray-core/common/platform/filesystem"
 	"google.golang.org/protobuf/proto"
 )
 func init() {
@@ -18,27 +18,47 @@ func init() {
 	common.Must(err)
 	if _, err := os.Stat(platform.GetAssetLocation("geoip.dat")); err != nil && os.IsNotExist(err) {
-		common.Must(filesystem.CopyFile(platform.GetAssetLocation("geoip.dat"), filepath.Join(wd, "..", "..", "resources", "geoip.dat")))
+		common.Must(filesystem.CopyFile(platform.GetAssetLocation("geoip.dat"), filepath.Join(wd, "..", "..", "..", "resources", "geoip.dat")))
 	}
 	if _, err := os.Stat(platform.GetAssetLocation("geoiptestrouter.dat")); err != nil && os.IsNotExist(err) {
 		common.Must(filesystem.CopyFile(platform.GetAssetLocation("geoiptestrouter.dat"), filepath.Join(wd, "..", "..", "..", "resources", "geoip.dat")))
 	}
 	if _, err := os.Stat(platform.GetAssetLocation("geosite.dat")); err != nil && os.IsNotExist(err) {
-		common.Must(filesystem.CopyFile(platform.GetAssetLocation("geosite.dat"), filepath.Join(wd, "..", "..", "resources", "geosite.dat")))
+		common.Must(filesystem.CopyFile(platform.GetAssetLocation("geosite.dat"), filepath.Join(wd, "..", "..", "..", "resources", "geosite.dat")))
 	}
 }
 func TestParseIPList(t *testing.T) {
 	ips := []string{
 		"geoip:us",
 		"geoip:cn",
 		"geoip:!cn",
 		"ext:geoiptestrouter.dat:!cn",
 		"ext:geoiptestrouter.dat:ca",
 		"ext-ip:geoiptestrouter.dat:!cn",
 		"ext-ip:geoiptestrouter.dat:!ca",
 	}
 	_, err := ParseIPList(ips)
 	if err != nil {
 		t.Fatalf("Failed to parse geoip list, got %s", err)
 	}
 }
 func TestGeoIPMatcherContainer(t *testing.T) {
-	container := &router.GeoIPMatcherContainer{}
+	container := &GeoIPMatcherContainer{}
-	m1, err := container.Add(&router.GeoIP{
+	m1, err := container.Add(&GeoIP{
 		CountryCode: "CN",
 	})
 	common.Must(err)
-	m2, err := container.Add(&router.GeoIP{
+	m2, err := container.Add(&GeoIP{
 		CountryCode: "US",
 	})
 	common.Must(err)
-	m3, err := container.Add(&router.GeoIP{
+	m3, err := container.Add(&GeoIP{
 		CountryCode: "CN",
 	})
 	common.Must(err)
@@ -53,7 +73,7 @@ func TestGeoIPMatcherContainer(t *testing.T) {
 }
 func TestGeoIPMatcher(t *testing.T) {
-	cidrList := router.CIDRList{
+	cidrList := CIDRList{
 		{Ip: []byte{0, 0, 0, 0}, Prefix: 8},
 		{Ip: []byte{10, 0, 0, 0}, Prefix: 8},
 		{Ip: []byte{100, 64, 0, 0}, Prefix: 10},
@@ -70,7 +90,7 @@ func TestGeoIPMatcher(t *testing.T) {
 		{Ip: []byte{91, 108, 4, 0}, Prefix: 16},
 	}
-	matcher := &router.GeoIPMatcher{}
+	matcher := &GeoIPMatcher{}
 	common.Must(matcher.Init(cidrList))
 	testCases := []struct {
@@ -123,11 +143,47 @@ func TestGeoIPMatcher(t *testing.T) {
 	}
 }
 func TestGeoIPReverseMatcher(t *testing.T) {
 	cidrList := CIDRList{
 		{Ip: []byte{8, 8, 8, 8}, Prefix: 32},
 		{Ip: []byte{91, 108, 4, 0}, Prefix: 16},
 	}
 	matcher := &GeoIPMatcher{}
 	matcher.SetReverseMatch(true) // Reverse match
 	common.Must(matcher.Init(cidrList))
 	testCases := []struct {
 		Input  string
 		Output bool
 	}{
 		{
 			Input:  "8.8.8.8",
 			Output: false,
 		},
 		{
 			Input:  "2001:cdba::3257:9652",
 			Output: true,
 		},
 		{
 			Input:  "91.108.255.254",
 			Output: false,
 		},
 	}
 	for _, testCase := range testCases {
 		ip := net.ParseAddress(testCase.Input).IP()
 		actual := matcher.Match(ip)
 		if actual != testCase.Output {
 			t.Error("expect input", testCase.Input, "to be", testCase.Output, ", but actually", actual)
 		}
 	}
 }
 func TestGeoIPMatcher4CN(t *testing.T) {
 	ips, err := loadGeoIP("CN")
 	common.Must(err)
-	matcher := &router.GeoIPMatcher{}
+	matcher := &GeoIPMatcher{}
 	common.Must(matcher.Init(ips))
 	if matcher.Match([]byte{8, 8, 8, 8}) {
@@ -139,7 +195,7 @@ func TestGeoIPMatcher6US(t *testing.T) {
 	ips, err := loadGeoIP("US")
 	common.Must(err)
-	matcher := &router.GeoIPMatcher{}
+	matcher := &GeoIPMatcher{}
 	common.Must(matcher.Init(ips))
 	if !matcher.Match(net.ParseAddress("2001:4860:4860::8888").IP()) {
@@ -147,12 +203,12 @@ func TestGeoIPMatcher6US(t *testing.T) {
 	}
 }
-func loadGeoIP(country string) ([]*router.CIDR, error) {
+func loadGeoIP(country string) ([]*CIDR, error) {
 	geoipBytes, err := filesystem.ReadAsset("geoip.dat")
 	if err != nil {
 		return nil, err
 	}
-	var geoipList router.GeoIPList
+	var geoipList GeoIPList
 	if err := proto.Unmarshal(geoipBytes, &geoipList); err != nil {
 		return nil, err
 	}
@@ -170,7 +226,7 @@ func BenchmarkGeoIPMatcher4CN(b *testing.B) {
 	ips, err := loadGeoIP("CN")
 	common.Must(err)
-	matcher := &router.GeoIPMatcher{}
+	matcher := &GeoIPMatcher{}
 	common.Must(matcher.Init(ips))
 	b.ResetTimer()
@@ -184,7 +240,7 @@ func BenchmarkGeoIPMatcher6US(b *testing.B) {
 	ips, err := loadGeoIP("US")
 	common.Must(err)
-	matcher := &router.GeoIPMatcher{}
+	matcher := &GeoIPMatcher{}
 	common.Must(matcher.Init(ips))
 	b.ResetTimer()
--- a/common/matcher/geoip/matcher.go
+++ b/common/matcher/geoip/matcher.go
@@ -0,0 +1,57 @@
 package geoip
 import (
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/features/routing"
 )
 type MultiGeoIPMatcher struct {
 	matchers []*GeoIPMatcher
 	onSource bool
 }
 func NewMultiGeoIPMatcher(geoips []*GeoIP, onSource bool) (*MultiGeoIPMatcher, error) {
 	var matchers []*GeoIPMatcher
 	for _, geoip := range geoips {
 		matcher, err := GlobalGeoIPContainer.Add(geoip)
 		if err != nil {
 			return nil, err
 		}
 		matchers = append(matchers, matcher)
 	}
 	matcher := &MultiGeoIPMatcher{
 		matchers: matchers,
 		onSource: onSource,
 	}
 	return matcher, nil
 }
 // Apply implements Condition.
 func (m *MultiGeoIPMatcher) Apply(ctx routing.Context) bool {
 	var ips []net.IP
 	if m.onSource {
 		ips = ctx.GetSourceIPs()
 	} else {
 		ips = ctx.GetTargetIPs()
 	}
 	for _, ip := range ips {
 		for _, matcher := range m.matchers {
 			if matcher.Match(ip) {
 				return true
 			}
 		}
 	}
 	return false
 }
 // MatchIP match given ip.
 func (m *MultiGeoIPMatcher) MatchIP(ip net.IP) bool {
 	for _, matcher := range m.matchers {
 		if matcher.Match(ip) {
 			return true
 		}
 	}
 	return false
 }
--- a/common/matcher/geosite/attribute.go
+++ b/common/matcher/geosite/attribute.go
@@ -0,0 +1,35 @@
 package geosite
 import "strings"
 type AttributeList struct {
 	matcher []AttributeMatcher
 }
 func (al *AttributeList) Match(domain *Domain) bool {
 	for _, matcher := range al.matcher {
 		if !matcher.Match(domain) {
 			return false
 		}
 	}
 	return true
 }
 func (al *AttributeList) IsEmpty() bool {
 	return len(al.matcher) == 0
 }
 type AttributeMatcher interface {
 	Match(*Domain) bool
 }
 type BooleanMatcher string
 func (m BooleanMatcher) Match(domain *Domain) bool {
 	for _, attr := range domain.Attribute {
 		if strings.EqualFold(attr.GetKey(), string(m)) {
 			return true
 		}
 	}
 	return false
 }
--- a/common/matcher/geosite/conf.go
+++ b/common/matcher/geosite/conf.go
@@ -0,0 +1,42 @@
 package geosite
 import (
 	"strings"
 	dm "github.com/xtls/xray-core/common/matcher/domain"
 )
 func LoadGeositeWithAttr(file string, siteWithAttr string) ([]*dm.Domain, error) {
 	parts := strings.Split(siteWithAttr, "@")
 	if len(parts) == 0 {
 		return nil, newError("empty site")
 	}
 	country := strings.ToUpper(parts[0])
 	attrs := parseAttrs(parts[1:])
 	domains, err := loadSite(file, country)
 	if err != nil {
 		return nil, err
 	}
 	if attrs.IsEmpty() {
 		return ToDomains(domains), nil
 	}
 	filteredDomains := make([]*dm.Domain, 0, len(domains))
 	for _, domain := range domains {
 		if attrs.Match(domain) {
 			filteredDomains = append(filteredDomains, domain.ToDomain())
 		}
 	}
 	return filteredDomains, nil
 }
 func parseAttrs(attrs []string) *AttributeList {
 	al := new(AttributeList)
 	for _, attr := range attrs {
 		lc := strings.ToLower(attr)
 		al.matcher = append(al.matcher, BooleanMatcher(lc))
 	}
 	return al
 }
--- a/common/matcher/geosite/errors.generated.go
+++ b/common/matcher/geosite/errors.generated.go
@@ -0,0 +1,9 @@
 package geosite
 import "github.com/xtls/xray-core/common/errors"
 type errPathObjHolder struct{}
 func newError(values ...interface{}) *errors.Error {
 	return errors.New(values...).WithPathObj(errPathObjHolder{})
 }
--- a/common/matcher/geosite/file.go
+++ b/common/matcher/geosite/file.go
@@ -0,0 +1,86 @@
 package geosite
 import (
 	"runtime"
 	"github.com/golang/protobuf/proto"
 	"github.com/xtls/xray-core/common/platform/filesystem"
 )
 var (
 	SiteCache = make(map[string]*GeoSite)
 	FileCache = make(map[string][]byte)
 )
 func loadFile(file string) ([]byte, error) {
 	if FileCache[file] == nil {
 		bs, err := filesystem.ReadAsset(file)
 		if err != nil {
 			return nil, newError("failed to open file: ", file).Base(err)
 		}
 		if len(bs) == 0 {
 			return nil, newError("empty file: ", file)
 		}
 		// Do not cache file, may save RAM when there
 		// are many files, but consume CPU each time.
 		return bs, nil
 		FileCache[file] = bs
 	}
 	return FileCache[file], nil
 }
 func loadSite(file, code string) ([]*Domain, error) {
 	index := file + ":" + code
 	if SiteCache[index] == nil {
 		bs, err := loadFile(file)
 		if err != nil {
 			return nil, newError("failed to load file: ", file).Base(err)
 		}
 		bs = find(bs, []byte(code))
 		if bs == nil {
 			return nil, newError("list not found in ", file, ": ", code)
 		}
 		var ges GeoSite
 		if err := proto.Unmarshal(bs, &ges); err != nil {
 			return nil, newError("error unmarshal Site in ", file, ": ", code).Base(err)
 		}
 		defer runtime.GC()     // or debug.FreeOSMemory()
 		return ges.Domain, nil // do not cache geosite
 		SiteCache[index] = &ges
 	}
 	return SiteCache[index].Domain, nil
 }
 func find(data, code []byte) []byte {
 	codeL := len(code)
 	if codeL == 0 {
 		return nil
 	}
 	for {
 		dataL := len(data)
 		if dataL < 2 {
 			return nil
 		}
 		x, y := proto.DecodeVarint(data[1:])
 		if x == 0 && y == 0 {
 			return nil
 		}
 		headL, bodyL := 1+y, int(x)
 		dataL -= headL
 		if dataL < bodyL {
 			return nil
 		}
 		data = data[headL:]
 		if int(data[1]) == codeL {
 			for i := 0; i < codeL && data[2+i] == code[i]; i++ {
 				if i+1 == codeL {
 					return data[:bodyL]
 				}
 			}
 		}
 		if dataL == bodyL {
 			return nil
 		}
 		data = data[bodyL:]
 	}
 }
--- a/common/matcher/geosite/geosite.go
+++ b/common/matcher/geosite/geosite.go
@@ -0,0 +1,33 @@
 package geosite
 import "github.com/xtls/xray-core/common/matcher/domain"
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
 func ToDomains(dms []*Domain) []*domain.Domain {
 	dm := make([]*domain.Domain, len(dms))
 	for idx, entry := range dms {
 		dm[idx] = entry.ToDomain()
 	}
 	return dm
 }
 func (d *Domain) ToDomain() *domain.Domain {
 	return &domain.Domain{Type: d.Type.ToMatchingType(), Value: d.Value}
 }
 func (t Domain_Type) ToMatchingType() domain.MatchingType {
 	switch t {
 	case Domain_Plain:
 		return domain.MatchingType_Keyword
 	case Domain_Regex:
 		return domain.MatchingType_Regex
 	case Domain_Domain:
 		return domain.MatchingType_Subdomain
 	case Domain_Full:
 		return domain.MatchingType_Full
 	}
 	panic("impossible")
 }
--- a/common/matcher/geosite/geosite.pb.go
+++ b/common/matcher/geosite/geosite.pb.go
@@ -0,0 +1,501 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
 // 	protoc        v3.15.6
 // source: common/matcher/geosite/geosite.proto
 package geosite
 import (
 	proto "github.com/golang/protobuf/proto"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
 	reflect "reflect"
 	sync "sync"
 )
 const (
 	// Verify that this generated code is sufficiently up-to-date.
 	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
 	// Verify that runtime/protoimpl is sufficiently up-to-date.
 	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
 )
 // This is a compile-time assertion that a sufficiently up-to-date version
 // of the legacy proto package is being used.
 const _ = proto.ProtoPackageIsVersion4
 type Domain_Type int32
 const (
 	// The value is used as is.
 	Domain_Plain Domain_Type = 0
 	// The value is used as a regular expression.
 	Domain_Regex Domain_Type = 1
 	// The value is a root domain.
 	Domain_Domain Domain_Type = 2
 	// The value is a domain.
 	Domain_Full Domain_Type = 3
 )
 // Enum value maps for Domain_Type.
 var (
 	Domain_Type_name = map[int32]string{
 		0: "Plain",
 		1: "Regex",
 		2: "Domain",
 		3: "Full",
 	}
 	Domain_Type_value = map[string]int32{
 		"Plain":  0,
 		"Regex":  1,
 		"Domain": 2,
 		"Full":   3,
 	}
 )
 func (x Domain_Type) Enum() *Domain_Type {
 	p := new(Domain_Type)
 	*p = x
 	return p
 }
 func (x Domain_Type) String() string {
 	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
 }
 func (Domain_Type) Descriptor() protoreflect.EnumDescriptor {
 	return file_common_matcher_geosite_geosite_proto_enumTypes[0].Descriptor()
 }
 func (Domain_Type) Type() protoreflect.EnumType {
 	return &file_common_matcher_geosite_geosite_proto_enumTypes[0]
 }
 func (x Domain_Type) Number() protoreflect.EnumNumber {
 	return protoreflect.EnumNumber(x)
 }
 // Deprecated: Use Domain_Type.Descriptor instead.
 func (Domain_Type) EnumDescriptor() ([]byte, []int) {
 	return file_common_matcher_geosite_geosite_proto_rawDescGZIP(), []int{0, 0}
 }
 type Domain struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	// Domain matching type.
 	Type Domain_Type `protobuf:"varint,1,opt,name=type,proto3,enum=xray.common.matcher.geosite.Domain_Type" json:"type,omitempty"`
 	// Domain value.
 	Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
 	// Attributes of this domain. May be used for filtering.
 	Attribute []*Domain_Attribute `protobuf:"bytes,3,rep,name=attribute,proto3" json:"attribute,omitempty"`
 }
 func (x *Domain) Reset() {
 	*x = Domain{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_common_matcher_geosite_geosite_proto_msgTypes[0]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *Domain) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*Domain) ProtoMessage() {}
 func (x *Domain) ProtoReflect() protoreflect.Message {
 	mi := &file_common_matcher_geosite_geosite_proto_msgTypes[0]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use Domain.ProtoReflect.Descriptor instead.
 func (*Domain) Descriptor() ([]byte, []int) {
 	return file_common_matcher_geosite_geosite_proto_rawDescGZIP(), []int{0}
 }
 func (x *Domain) GetType() Domain_Type {
 	if x != nil {
 		return x.Type
 	}
 	return Domain_Plain
 }
 func (x *Domain) GetValue() string {
 	if x != nil {
 		return x.Value
 	}
 	return ""
 }
 func (x *Domain) GetAttribute() []*Domain_Attribute {
 	if x != nil {
 		return x.Attribute
 	}
 	return nil
 }
 type GeoSite struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	CountryCode string    `protobuf:"bytes,1,opt,name=country_code,json=countryCode,proto3" json:"country_code,omitempty"`
 	Domain      []*Domain `protobuf:"bytes,2,rep,name=domain,proto3" json:"domain,omitempty"`
 }
 func (x *GeoSite) Reset() {
 	*x = GeoSite{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_common_matcher_geosite_geosite_proto_msgTypes[1]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *GeoSite) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*GeoSite) ProtoMessage() {}
 func (x *GeoSite) ProtoReflect() protoreflect.Message {
 	mi := &file_common_matcher_geosite_geosite_proto_msgTypes[1]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use GeoSite.ProtoReflect.Descriptor instead.
 func (*GeoSite) Descriptor() ([]byte, []int) {
 	return file_common_matcher_geosite_geosite_proto_rawDescGZIP(), []int{1}
 }
 func (x *GeoSite) GetCountryCode() string {
 	if x != nil {
 		return x.CountryCode
 	}
 	return ""
 }
 func (x *GeoSite) GetDomain() []*Domain {
 	if x != nil {
 		return x.Domain
 	}
 	return nil
 }
 type GeoSiteList struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	Entry []*GeoSite `protobuf:"bytes,1,rep,name=entry,proto3" json:"entry,omitempty"`
 }
 func (x *GeoSiteList) Reset() {
 	*x = GeoSiteList{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_common_matcher_geosite_geosite_proto_msgTypes[2]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *GeoSiteList) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*GeoSiteList) ProtoMessage() {}
 func (x *GeoSiteList) ProtoReflect() protoreflect.Message {
 	mi := &file_common_matcher_geosite_geosite_proto_msgTypes[2]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use GeoSiteList.ProtoReflect.Descriptor instead.
 func (*GeoSiteList) Descriptor() ([]byte, []int) {
 	return file_common_matcher_geosite_geosite_proto_rawDescGZIP(), []int{2}
 }
 func (x *GeoSiteList) GetEntry() []*GeoSite {
 	if x != nil {
 		return x.Entry
 	}
 	return nil
 }
 type Domain_Attribute struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
 	// Types that are assignable to TypedValue:
 	//	*Domain_Attribute_BoolValue
 	//	*Domain_Attribute_IntValue
 	TypedValue isDomain_Attribute_TypedValue `protobuf_oneof:"typed_value"`
 }
 func (x *Domain_Attribute) Reset() {
 	*x = Domain_Attribute{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_common_matcher_geosite_geosite_proto_msgTypes[3]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *Domain_Attribute) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*Domain_Attribute) ProtoMessage() {}
 func (x *Domain_Attribute) ProtoReflect() protoreflect.Message {
 	mi := &file_common_matcher_geosite_geosite_proto_msgTypes[3]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use Domain_Attribute.ProtoReflect.Descriptor instead.
 func (*Domain_Attribute) Descriptor() ([]byte, []int) {
 	return file_common_matcher_geosite_geosite_proto_rawDescGZIP(), []int{0, 0}
 }
 func (x *Domain_Attribute) GetKey() string {
 	if x != nil {
 		return x.Key
 	}
 	return ""
 }
 func (m *Domain_Attribute) GetTypedValue() isDomain_Attribute_TypedValue {
 	if m != nil {
 		return m.TypedValue
 	}
 	return nil
 }
 func (x *Domain_Attribute) GetBoolValue() bool {
 	if x, ok := x.GetTypedValue().(*Domain_Attribute_BoolValue); ok {
 		return x.BoolValue
 	}
 	return false
 }
 func (x *Domain_Attribute) GetIntValue() int64 {
 	if x, ok := x.GetTypedValue().(*Domain_Attribute_IntValue); ok {
 		return x.IntValue
 	}
 	return 0
 }
 type isDomain_Attribute_TypedValue interface {
 	isDomain_Attribute_TypedValue()
 }
 type Domain_Attribute_BoolValue struct {
 	BoolValue bool `protobuf:"varint,2,opt,name=bool_value,json=boolValue,proto3,oneof"`
 }
 type Domain_Attribute_IntValue struct {
 	IntValue int64 `protobuf:"varint,3,opt,name=int_value,json=intValue,proto3,oneof"`
 }
 func (*Domain_Attribute_BoolValue) isDomain_Attribute_TypedValue() {}
 func (*Domain_Attribute_IntValue) isDomain_Attribute_TypedValue() {}
 var File_common_matcher_geosite_geosite_proto protoreflect.FileDescriptor
 var file_common_matcher_geosite_geosite_proto_rawDesc = []byte{
 	0x0a, 0x24, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
 	0x2f, 0x67, 0x65, 0x6f, 0x73, 0x69, 0x74, 0x65, 0x2f, 0x67, 0x65, 0x6f, 0x73, 0x69, 0x74, 0x65,
 	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1b, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d,
 	0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x67, 0x65, 0x6f, 0x73,
 	0x69, 0x74, 0x65, 0x22, 0xcb, 0x02, 0x0a, 0x06, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x3c,
 	0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x28, 0x2e, 0x78,
 	0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
 	0x65, 0x72, 0x2e, 0x67, 0x65, 0x6f, 0x73, 0x69, 0x74, 0x65, 0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69,
 	0x6e, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x05,
 	0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c,
 	0x75, 0x65, 0x12, 0x4b, 0x0a, 0x09, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x18,
 	0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d,
 	0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x67, 0x65, 0x6f, 0x73,
 	0x69, 0x74, 0x65, 0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x2e, 0x41, 0x74, 0x74, 0x72, 0x69,
 	0x62, 0x75, 0x74, 0x65, 0x52, 0x09, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x1a,
 	0x6c, 0x0a, 0x09, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x12, 0x10, 0x0a, 0x03,
 	0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x1f,
 	0x0a, 0x0a, 0x62, 0x6f, 0x6f, 0x6c, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01,
 	0x28, 0x08, 0x48, 0x00, 0x52, 0x09, 0x62, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12,
 	0x1d, 0x0a, 0x09, 0x69, 0x6e, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01,
 	0x28, 0x03, 0x48, 0x00, 0x52, 0x08, 0x69, 0x6e, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0d,
 	0x0a, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x32, 0x0a,
 	0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, 0x0a, 0x05, 0x50, 0x6c, 0x61, 0x69, 0x6e, 0x10, 0x00,
 	0x12, 0x09, 0x0a, 0x05, 0x52, 0x65, 0x67, 0x65, 0x78, 0x10, 0x01, 0x12, 0x0a, 0x0a, 0x06, 0x44,
 	0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x10, 0x02, 0x12, 0x08, 0x0a, 0x04, 0x46, 0x75, 0x6c, 0x6c, 0x10,
 	0x03, 0x22, 0x69, 0x0a, 0x07, 0x47, 0x65, 0x6f, 0x53, 0x69, 0x74, 0x65, 0x12, 0x21, 0x0a, 0x0c,
 	0x63, 0x6f, 0x75, 0x6e, 0x74, 0x72, 0x79, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01,
 	0x28, 0x09, 0x52, 0x0b, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x72, 0x79, 0x43, 0x6f, 0x64, 0x65, 0x12,
 	0x3b, 0x0a, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32,
 	0x23, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61,
 	0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x67, 0x65, 0x6f, 0x73, 0x69, 0x74, 0x65, 0x2e, 0x44, 0x6f,
 	0x6d, 0x61, 0x69, 0x6e, 0x52, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x22, 0x49, 0x0a, 0x0b,
 	0x47, 0x65, 0x6f, 0x53, 0x69, 0x74, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x3a, 0x0a, 0x05, 0x65,
 	0x6e, 0x74, 0x72, 0x79, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x78, 0x72, 0x61,
 	0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
 	0x2e, 0x67, 0x65, 0x6f, 0x73, 0x69, 0x74, 0x65, 0x2e, 0x47, 0x65, 0x6f, 0x53, 0x69, 0x74, 0x65,
 	0x52, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x42, 0x73, 0x0a, 0x1f, 0x63, 0x6f, 0x6d, 0x2e, 0x78,
 	0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
 	0x65, 0x72, 0x2e, 0x67, 0x65, 0x6f, 0x73, 0x69, 0x74, 0x65, 0x50, 0x01, 0x5a, 0x30, 0x67, 0x69,
 	0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72,
 	0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d,
 	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x67, 0x65, 0x6f, 0x73, 0x69, 0x74, 0x65, 0xaa, 0x02,
 	0x1b, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x61, 0x74,
 	0x63, 0x68, 0x65, 0x72, 0x2e, 0x47, 0x65, 0x6f, 0x53, 0x69, 0x74, 0x65, 0x62, 0x06, 0x70, 0x72,
 	0x6f, 0x74, 0x6f, 0x33,
 }
 var (
 	file_common_matcher_geosite_geosite_proto_rawDescOnce sync.Once
 	file_common_matcher_geosite_geosite_proto_rawDescData = file_common_matcher_geosite_geosite_proto_rawDesc
 )
 func file_common_matcher_geosite_geosite_proto_rawDescGZIP() []byte {
 	file_common_matcher_geosite_geosite_proto_rawDescOnce.Do(func() {
 		file_common_matcher_geosite_geosite_proto_rawDescData = protoimpl.X.CompressGZIP(file_common_matcher_geosite_geosite_proto_rawDescData)
 	})
 	return file_common_matcher_geosite_geosite_proto_rawDescData
 }
 var file_common_matcher_geosite_geosite_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
 var file_common_matcher_geosite_geosite_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
 var file_common_matcher_geosite_geosite_proto_goTypes = []interface{}{
 	(Domain_Type)(0),         // 0: xray.common.matcher.geosite.Domain.Type
 	(*Domain)(nil),           // 1: xray.common.matcher.geosite.Domain
 	(*GeoSite)(nil),          // 2: xray.common.matcher.geosite.GeoSite
 	(*GeoSiteList)(nil),      // 3: xray.common.matcher.geosite.GeoSiteList
 	(*Domain_Attribute)(nil), // 4: xray.common.matcher.geosite.Domain.Attribute
 }
 var file_common_matcher_geosite_geosite_proto_depIdxs = []int32{
 	0, // 0: xray.common.matcher.geosite.Domain.type:type_name -> xray.common.matcher.geosite.Domain.Type
 	4, // 1: xray.common.matcher.geosite.Domain.attribute:type_name -> xray.common.matcher.geosite.Domain.Attribute
 	1, // 2: xray.common.matcher.geosite.GeoSite.domain:type_name -> xray.common.matcher.geosite.Domain
 	2, // 3: xray.common.matcher.geosite.GeoSiteList.entry:type_name -> xray.common.matcher.geosite.GeoSite
 	4, // [4:4] is the sub-list for method output_type
 	4, // [4:4] is the sub-list for method input_type
 	4, // [4:4] is the sub-list for extension type_name
 	4, // [4:4] is the sub-list for extension extendee
 	0, // [0:4] is the sub-list for field type_name
 }
 func init() { file_common_matcher_geosite_geosite_proto_init() }
 func file_common_matcher_geosite_geosite_proto_init() {
 	if File_common_matcher_geosite_geosite_proto != nil {
 		return
 	}
 	if !protoimpl.UnsafeEnabled {
 		file_common_matcher_geosite_geosite_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*Domain); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 		file_common_matcher_geosite_geosite_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*GeoSite); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 		file_common_matcher_geosite_geosite_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*GeoSiteList); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 		file_common_matcher_geosite_geosite_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*Domain_Attribute); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 	}
 	file_common_matcher_geosite_geosite_proto_msgTypes[3].OneofWrappers = []interface{}{
 		(*Domain_Attribute_BoolValue)(nil),
 		(*Domain_Attribute_IntValue)(nil),
 	}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
 		File: protoimpl.DescBuilder{
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_common_matcher_geosite_geosite_proto_rawDesc,
 			NumEnums:      1,
 			NumMessages:   4,
 			NumExtensions: 0,
 			NumServices:   0,
 		},
 		GoTypes:           file_common_matcher_geosite_geosite_proto_goTypes,
 		DependencyIndexes: file_common_matcher_geosite_geosite_proto_depIdxs,
 		EnumInfos:         file_common_matcher_geosite_geosite_proto_enumTypes,
 		MessageInfos:      file_common_matcher_geosite_geosite_proto_msgTypes,
 	}.Build()
 	File_common_matcher_geosite_geosite_proto = out.File
 	file_common_matcher_geosite_geosite_proto_rawDesc = nil
 	file_common_matcher_geosite_geosite_proto_goTypes = nil
 	file_common_matcher_geosite_geosite_proto_depIdxs = nil
 }
--- a/common/matcher/geosite/geosite.proto
+++ b/common/matcher/geosite/geosite.proto
@@ -0,0 +1,46 @@
 syntax = "proto3";
 package xray.common.matcher.geosite;
 option csharp_namespace = "Xray.Common.Matcher.GeoSite";
 option go_package = "github.com/xtls/xray-core/common/matcher/geosite";
 option java_package = "com.xray.common.matcher.geosite";
 option java_multiple_files = true;
 message Domain {
  enum Type {
    // The value is used as is.
    Plain = 0;
    // The value is used as a regular expression.
    Regex = 1;
    // The value is a root domain.
    Domain = 2;
    // The value is a domain.
    Full = 3;
  }
  // Domain matching type.
  Type type = 1;
  // Domain value.
  string value = 2;
  message Attribute {
    string key = 1;
    oneof typed_value {
      bool bool_value = 2;
      int64 int_value = 3;
    }
  }
  // Attributes of this domain. May be used for filtering.
  repeated Attribute attribute = 3;
 }
 message GeoSite {
  string country_code = 1;
  repeated Domain domain = 2;
 }
 message GeoSiteList {
  repeated GeoSite entry = 1;
 }
--- a/common/matcher/str/ac_automaton_matcher.go
+++ b/common/matcher/str/ac_automaton_matcher.go
@@ -0,0 +1,243 @@
 package str
 import (
 	"container/list"
 )
 const validCharCount = 53
 type MatchType struct {
 	matchType Type
 	exist     bool
 }
 const (
 	TrieEdge bool = true
 	FailEdge bool = false
 )
 type Edge struct {
 	edgeType bool
 	nextNode int
 }
 type ACAutomaton struct {
 	trie   [][validCharCount]Edge
 	fail   []int
 	exists []MatchType
 	count  int
 }
 func newNode() [validCharCount]Edge {
 	var s [validCharCount]Edge
 	for i := range s {
 		s[i] = Edge{
 			edgeType: FailEdge,
 			nextNode: 0,
 		}
 	}
 	return s
 }
 var char2Index = []int{
 	'A':  0,
 	'a':  0,
 	'B':  1,
 	'b':  1,
 	'C':  2,
 	'c':  2,
 	'D':  3,
 	'd':  3,
 	'E':  4,
 	'e':  4,
 	'F':  5,
 	'f':  5,
 	'G':  6,
 	'g':  6,
 	'H':  7,
 	'h':  7,
 	'I':  8,
 	'i':  8,
 	'J':  9,
 	'j':  9,
 	'K':  10,
 	'k':  10,
 	'L':  11,
 	'l':  11,
 	'M':  12,
 	'm':  12,
 	'N':  13,
 	'n':  13,
 	'O':  14,
 	'o':  14,
 	'P':  15,
 	'p':  15,
 	'Q':  16,
 	'q':  16,
 	'R':  17,
 	'r':  17,
 	'S':  18,
 	's':  18,
 	'T':  19,
 	't':  19,
 	'U':  20,
 	'u':  20,
 	'V':  21,
 	'v':  21,
 	'W':  22,
 	'w':  22,
 	'X':  23,
 	'x':  23,
 	'Y':  24,
 	'y':  24,
 	'Z':  25,
 	'z':  25,
 	'!':  26,
 	'$':  27,
 	'&':  28,
 	'\'': 29,
 	'(':  30,
 	')':  31,
 	'*':  32,
 	'+':  33,
 	',':  34,
 	';':  35,
 	'=':  36,
 	':':  37,
 	'%':  38,
 	'-':  39,
 	'.':  40,
 	'_':  41,
 	'~':  42,
 	'0':  43,
 	'1':  44,
 	'2':  45,
 	'3':  46,
 	'4':  47,
 	'5':  48,
 	'6':  49,
 	'7':  50,
 	'8':  51,
 	'9':  52,
 }
 func NewACAutomaton() *ACAutomaton {
 	var ac = new(ACAutomaton)
 	ac.trie = append(ac.trie, newNode())
 	ac.fail = append(ac.fail, 0)
 	ac.exists = append(ac.exists, MatchType{
 		matchType: Full,
 		exist:     false,
 	})
 	return ac
 }
 func (ac *ACAutomaton) Add(domain string, t Type) {
 	var node = 0
 	for i := len(domain) - 1; i >= 0; i-- {
 		var idx = char2Index[domain[i]]
 		if ac.trie[node][idx].nextNode == 0 {
 			ac.count++
 			if len(ac.trie) < ac.count+1 {
 				ac.trie = append(ac.trie, newNode())
 				ac.fail = append(ac.fail, 0)
 				ac.exists = append(ac.exists, MatchType{
 					matchType: Full,
 					exist:     false,
 				})
 			}
 			ac.trie[node][idx] = Edge{
 				edgeType: TrieEdge,
 				nextNode: ac.count,
 			}
 		}
 		node = ac.trie[node][idx].nextNode
 	}
 	ac.exists[node] = MatchType{
 		matchType: t,
 		exist:     true,
 	}
 	switch t {
 	case Domain:
 		ac.exists[node] = MatchType{
 			matchType: Full,
 			exist:     true,
 		}
 		var idx = char2Index['.']
 		if ac.trie[node][idx].nextNode == 0 {
 			ac.count++
 			if len(ac.trie) < ac.count+1 {
 				ac.trie = append(ac.trie, newNode())
 				ac.fail = append(ac.fail, 0)
 				ac.exists = append(ac.exists, MatchType{
 					matchType: Full,
 					exist:     false,
 				})
 			}
 			ac.trie[node][idx] = Edge{
 				edgeType: TrieEdge,
 				nextNode: ac.count,
 			}
 		}
 		node = ac.trie[node][idx].nextNode
 		ac.exists[node] = MatchType{
 			matchType: t,
 			exist:     true,
 		}
 	default:
 		break
 	}
 }
 func (ac *ACAutomaton) Build() {
 	var queue = list.New()
 	for i := 0; i < validCharCount; i++ {
 		if ac.trie[0][i].nextNode != 0 {
 			queue.PushBack(ac.trie[0][i])
 		}
 	}
 	for {
 		var front = queue.Front()
 		if front == nil {
 			break
 		} else {
 			var node = front.Value.(Edge).nextNode
 			queue.Remove(front)
 			for i := 0; i < validCharCount; i++ {
 				if ac.trie[node][i].nextNode != 0 {
 					ac.fail[ac.trie[node][i].nextNode] = ac.trie[ac.fail[node]][i].nextNode
 					queue.PushBack(ac.trie[node][i])
 				} else {
 					ac.trie[node][i] = Edge{
 						edgeType: FailEdge,
 						nextNode: ac.trie[ac.fail[node]][i].nextNode,
 					}
 				}
 			}
 		}
 	}
 }
 func (ac *ACAutomaton) Match(s string) bool {
 	var node = 0
 	var fullMatch = true
 	// 1. the match string is all through trie edge. FULL MATCH or DOMAIN
 	// 2. the match string is through a fail edge. NOT FULL MATCH
 	// 2.1 Through a fail edge, but there exists a valid node. SUBSTR
 	for i := len(s) - 1; i >= 0; i-- {
 		var idx = char2Index[s[i]]
 		fullMatch = fullMatch && ac.trie[node][idx].edgeType
 		node = ac.trie[node][idx].nextNode
 		switch ac.exists[node].matchType {
 		case Substr:
 			return true
 		case Domain:
 			if fullMatch {
 				return true
 			}
 		default:
 			break
 		}
 	}
 	return fullMatch && ac.exists[node].exist
 }
--- a/common/matcher/str/benchmark_test.go
+++ b/common/matcher/str/benchmark_test.go
@@ -1,13 +1,26 @@
-package strmatcher_test
+package str_test
 import (
 	"strconv"
 	"testing"
 	"github.com/xtls/xray-core/common"
-	. "github.com/xtls/xray-core/common/strmatcher"
+	. "github.com/xtls/xray-core/common/matcher/str"
 )
 func BenchmarkACAutomaton(b *testing.B) {
 	ac := NewACAutomaton()
 	for i := 1; i <= 1024; i++ {
 		ac.Add(strconv.Itoa(i)+".xray.com", Domain)
 	}
 	ac.Build()
 	b.ResetTimer()
 	for i := 0; i < b.N; i++ {
 		_ = ac.Match("0.xray.com")
 	}
 }
 func BenchmarkDomainMatcherGroup(b *testing.B) {
 	g := new(DomainMatcherGroup)
--- a/common/matcher/str/domain_matcher.go
+++ b/common/matcher/str/domain_matcher.go
@@ -1,4 +1,4 @@
-package strmatcher
+package str
 import "strings"
--- a/common/matcher/str/domain_matcher_test.go
+++ b/common/matcher/str/domain_matcher_test.go
@@ -1,10 +1,10 @@
-package strmatcher_test
+package str_test
 import (
 	"reflect"
 	"testing"
-	. "github.com/xtls/xray-core/common/strmatcher"
+	. "github.com/xtls/xray-core/common/matcher/str"
 )
 func TestDomainMatcherGroup(t *testing.T) {
--- a/common/matcher/str/full_matcher.go
+++ b/common/matcher/str/full_matcher.go
@@ -1,4 +1,4 @@
-package strmatcher
+package str
 type FullMatcherGroup struct {
 	matchers map[string][]uint32
--- a/common/matcher/str/full_matcher_test.go
+++ b/common/matcher/str/full_matcher_test.go
@@ -1,10 +1,10 @@
-package strmatcher_test
+package str_test
 import (
 	"reflect"
 	"testing"
-	. "github.com/xtls/xray-core/common/strmatcher"
+	. "github.com/xtls/xray-core/common/matcher/str"
 )
 func TestFullMatcherGroup(t *testing.T) {
--- a/common/matcher/str/matchers.go
+++ b/common/matcher/str/matchers.go
@@ -1,4 +1,4 @@
-package strmatcher
+package str
 import (
 	"regexp"
--- a/common/matcher/str/matchers_test.go
+++ b/common/matcher/str/matchers_test.go
@@ -1,10 +1,10 @@
-package strmatcher_test
+package str_test
 import (
 	"testing"
 	"github.com/xtls/xray-core/common"
-	. "github.com/xtls/xray-core/common/strmatcher"
+	. "github.com/xtls/xray-core/common/matcher/str"
 )
 func TestMatcher(t *testing.T) {
--- a/common/matcher/str/mph_matcher.go
+++ b/common/matcher/str/mph_matcher.go
@@ -0,0 +1,301 @@
 package str
 import (
 	"math/bits"
 	"regexp"
 	"sort"
 	"strings"
 	"unsafe"
 )
 // PrimeRK is the prime base used in Rabin-Karp algorithm.
 const PrimeRK = 16777619
 // calculate the rolling murmurHash of given string
 func RollingHash(s string) uint32 {
 	h := uint32(0)
 	for i := len(s) - 1; i >= 0; i-- {
 		h = h*PrimeRK + uint32(s[i])
 	}
 	return h
 }
 // A MphMatcherGroup is divided into three parts:
 // 1. `full` and `domain` patterns are matched by Rabin-Karp algorithm and minimal perfect hash table;
 // 2. `substr` patterns are matched by ac automaton;
 // 3. `regex` patterns are matched with the regex library.
 type MphMatcherGroup struct {
 	ac            *ACAutomaton
 	otherMatchers []matcherEntry
 	rules         []string
 	level0        []uint32
 	level0Mask    int
 	level1        []uint32
 	level1Mask    int
 	count         uint32
 	ruleMap       *map[string]uint32
 }
 func (g *MphMatcherGroup) AddFullOrDomainPattern(pattern string, t Type) {
 	h := RollingHash(pattern)
 	switch t {
 	case Domain:
 		(*g.ruleMap)["."+pattern] = h*PrimeRK + uint32('.')
 		fallthrough
 	case Full:
 		(*g.ruleMap)[pattern] = h
 	default:
 	}
 }
 func NewMphMatcherGroup() *MphMatcherGroup {
 	return &MphMatcherGroup{
 		ac:            nil,
 		otherMatchers: nil,
 		rules:         nil,
 		level0:        nil,
 		level0Mask:    0,
 		level1:        nil,
 		level1Mask:    0,
 		count:         1,
 		ruleMap:       &map[string]uint32{},
 	}
 }
 // AddPattern adds a pattern to MphMatcherGroup
 func (g *MphMatcherGroup) AddPattern(pattern string, t Type) (uint32, error) {
 	switch t {
 	case Substr:
 		if g.ac == nil {
 			g.ac = NewACAutomaton()
 		}
 		g.ac.Add(pattern, t)
 	case Full, Domain:
 		pattern = strings.ToLower(pattern)
 		g.AddFullOrDomainPattern(pattern, t)
 	case Regex:
 		r, err := regexp.Compile(pattern)
 		if err != nil {
 			return 0, err
 		}
 		g.otherMatchers = append(g.otherMatchers, matcherEntry{
 			m:  &regexMatcher{pattern: r},
 			id: g.count,
 		})
 	default:
 		panic("Unknown type")
 	}
 	return g.count, nil
 }
 // Build builds a minimal perfect hash table and ac automaton from insert rules
 func (g *MphMatcherGroup) Build() {
 	if g.ac != nil {
 		g.ac.Build()
 	}
 	keyLen := len(*g.ruleMap)
 	if keyLen == 0 {
 		keyLen = 1
 		(*g.ruleMap)["empty___"] = RollingHash("empty___")
 	}
 	g.level0 = make([]uint32, nextPow2(keyLen/4))
 	g.level0Mask = len(g.level0) - 1
 	g.level1 = make([]uint32, nextPow2(keyLen))
 	g.level1Mask = len(g.level1) - 1
 	var sparseBuckets = make([][]int, len(g.level0))
 	var ruleIdx int
 	for rule, hash := range *g.ruleMap {
 		n := int(hash) & g.level0Mask
 		g.rules = append(g.rules, rule)
 		sparseBuckets[n] = append(sparseBuckets[n], ruleIdx)
 		ruleIdx++
 	}
 	g.ruleMap = nil
 	var buckets []indexBucket
 	for n, vals := range sparseBuckets {
 		if len(vals) > 0 {
 			buckets = append(buckets, indexBucket{n, vals})
 		}
 	}
 	sort.Sort(bySize(buckets))
 	occ := make([]bool, len(g.level1))
 	var tmpOcc []int
 	for _, bucket := range buckets {
 		var seed = uint32(0)
 		for {
 			findSeed := true
 			tmpOcc = tmpOcc[:0]
 			for _, i := range bucket.vals {
 				n := int(strhashFallback(unsafe.Pointer(&g.rules[i]), uintptr(seed))) & g.level1Mask
 				if occ[n] {
 					for _, n := range tmpOcc {
 						occ[n] = false
 					}
 					seed++
 					findSeed = false
 					break
 				}
 				occ[n] = true
 				tmpOcc = append(tmpOcc, n)
 				g.level1[n] = uint32(i)
 			}
 			if findSeed {
 				g.level0[bucket.n] = seed
 				break
 			}
 		}
 	}
 }
 func nextPow2(v int) int {
 	if v <= 1 {
 		return 1
 	}
 	const MaxUInt = ^uint(0)
 	n := (MaxUInt >> bits.LeadingZeros(uint(v))) + 1
 	return int(n)
 }
 // Lookup searches for s in t and returns its index and whether it was found.
 func (g *MphMatcherGroup) Lookup(h uint32, s string) bool {
 	i0 := int(h) & g.level0Mask
 	seed := g.level0[i0]
 	i1 := int(strhashFallback(unsafe.Pointer(&s), uintptr(seed))) & g.level1Mask
 	n := g.level1[i1]
 	return s == g.rules[int(n)]
 }
 // Match implements IndexMatcher.Match.
 func (g *MphMatcherGroup) Match(pattern string) []uint32 {
 	result := []uint32{}
 	hash := uint32(0)
 	for i := len(pattern) - 1; i >= 0; i-- {
 		hash = hash*PrimeRK + uint32(pattern[i])
 		if pattern[i] == '.' {
 			if g.Lookup(hash, pattern[i:]) {
 				result = append(result, 1)
 				return result
 			}
 		}
 	}
 	if g.Lookup(hash, pattern) {
 		result = append(result, 1)
 		return result
 	}
 	if g.ac != nil && g.ac.Match(pattern) {
 		result = append(result, 1)
 		return result
 	}
 	for _, e := range g.otherMatchers {
 		if e.m.Match(pattern) {
 			result = append(result, e.id)
 			return result
 		}
 	}
 	return nil
 }
 type indexBucket struct {
 	n    int
 	vals []int
 }
 type bySize []indexBucket
 func (s bySize) Len() int           { return len(s) }
 func (s bySize) Less(i, j int) bool { return len(s[i].vals) > len(s[j].vals) }
 func (s bySize) Swap(i, j int)      { s[i], s[j] = s[j], s[i] }
 type stringStruct struct {
 	str unsafe.Pointer
 	len int
 }
 func strhashFallback(a unsafe.Pointer, h uintptr) uintptr {
 	x := (*stringStruct)(a)
 	return memhashFallback(x.str, h, uintptr(x.len))
 }
 const (
 	// Constants for multiplication: four random odd 64-bit numbers.
 	m1 = 16877499708836156737
 	m2 = 2820277070424839065
 	m3 = 9497967016996688599
 	m4 = 15839092249703872147
 )
 var hashkey = [4]uintptr{1, 1, 1, 1}
 func memhashFallback(p unsafe.Pointer, seed, s uintptr) uintptr {
 	h := uint64(seed + s*hashkey[0])
 tail:
 	switch {
 	case s == 0:
 	case s < 4:
 		h ^= uint64(*(*byte)(p))
 		h ^= uint64(*(*byte)(add(p, s>>1))) << 8
 		h ^= uint64(*(*byte)(add(p, s-1))) << 16
 		h = rotl31(h*m1) * m2
 	case s <= 8:
 		h ^= uint64(readUnaligned32(p))
 		h ^= uint64(readUnaligned32(add(p, s-4))) << 32
 		h = rotl31(h*m1) * m2
 	case s <= 16:
 		h ^= readUnaligned64(p)
 		h = rotl31(h*m1) * m2
 		h ^= readUnaligned64(add(p, s-8))
 		h = rotl31(h*m1) * m2
 	case s <= 32:
 		h ^= readUnaligned64(p)
 		h = rotl31(h*m1) * m2
 		h ^= readUnaligned64(add(p, 8))
 		h = rotl31(h*m1) * m2
 		h ^= readUnaligned64(add(p, s-16))
 		h = rotl31(h*m1) * m2
 		h ^= readUnaligned64(add(p, s-8))
 		h = rotl31(h*m1) * m2
 	default:
 		v1 := h
 		v2 := uint64(seed * hashkey[1])
 		v3 := uint64(seed * hashkey[2])
 		v4 := uint64(seed * hashkey[3])
 		for s >= 32 {
 			v1 ^= readUnaligned64(p)
 			v1 = rotl31(v1*m1) * m2
 			p = add(p, 8)
 			v2 ^= readUnaligned64(p)
 			v2 = rotl31(v2*m2) * m3
 			p = add(p, 8)
 			v3 ^= readUnaligned64(p)
 			v3 = rotl31(v3*m3) * m4
 			p = add(p, 8)
 			v4 ^= readUnaligned64(p)
 			v4 = rotl31(v4*m4) * m1
 			p = add(p, 8)
 			s -= 32
 		}
 		h = v1 ^ v2 ^ v3 ^ v4
 		goto tail
 	}
 	h ^= h >> 29
 	h *= m3
 	h ^= h >> 32
 	return uintptr(h)
 }
 func add(p unsafe.Pointer, x uintptr) unsafe.Pointer {
 	return unsafe.Pointer(uintptr(p) + x)
 }
 func readUnaligned32(p unsafe.Pointer) uint32 {
 	q := (*[4]byte)(p)
 	return uint32(q[0]) | uint32(q[1])<<8 | uint32(q[2])<<16 | uint32(q[3])<<24
 }
 func rotl31(x uint64) uint64 {
 	return (x << 31) | (x >> (64 - 31))
 }
 func readUnaligned64(p unsafe.Pointer) uint64 {
 	q := (*[8]byte)(p)
 	return uint64(q[0]) | uint64(q[1])<<8 | uint64(q[2])<<16 | uint64(q[3])<<24 | uint64(q[4])<<32 | uint64(q[5])<<40 | uint64(q[6])<<48 | uint64(q[7])<<56
 }
--- a/common/matcher/str/strmatcher.go
+++ b/common/matcher/str/strmatcher.go
@@ -1,4 +1,4 @@
-package strmatcher
+package str
 import (
 	"regexp"
@@ -27,6 +27,7 @@ const (
 // New creates a new Matcher based on the given pattern.
 func (t Type) New(pattern string) (Matcher, error) {
 	// 1. regex matching is case-sensitive
 	switch t {
 	case Full:
 		return fullMatcher(pattern), nil
--- a/common/matcher/str/strmatcher_test.go
+++ b/common/matcher/str/strmatcher_test.go
@@ -0,0 +1,262 @@
 package str_test
 import (
 	"reflect"
 	"testing"
 	"github.com/xtls/xray-core/common"
 	. "github.com/xtls/xray-core/common/matcher/str"
 )
 func TestMatcherGroup(t *testing.T) {
 	rules := []struct {
 		Type   Type
 		Domain string
 	}{
 		{
 			Type:   Regex,
 			Domain: "apis\\.us$",
 		},
 		{
 			Type:   Substr,
 			Domain: "apis",
 		},
 		{
 			Type:   Domain,
 			Domain: "googleapis.com",
 		},
 		{
 			Type:   Domain,
 			Domain: "com",
 		},
 		{
 			Type:   Full,
 			Domain: "www.baidu.com",
 		},
 		{
 			Type:   Substr,
 			Domain: "apis",
 		},
 		{
 			Type:   Domain,
 			Domain: "googleapis.com",
 		},
 		{
 			Type:   Full,
 			Domain: "fonts.googleapis.com",
 		},
 		{
 			Type:   Full,
 			Domain: "www.baidu.com",
 		},
 		{
 			Type:   Domain,
 			Domain: "example.com",
 		},
 	}
 	cases := []struct {
 		Input  string
 		Output []uint32
 	}{
 		{
 			Input:  "www.baidu.com",
 			Output: []uint32{5, 9, 4},
 		},
 		{
 			Input:  "fonts.googleapis.com",
 			Output: []uint32{8, 3, 7, 4, 2, 6},
 		},
 		{
 			Input:  "example.googleapis.com",
 			Output: []uint32{3, 7, 4, 2, 6},
 		},
 		{
 			Input:  "testapis.us",
 			Output: []uint32{1, 2, 6},
 		},
 		{
 			Input:  "example.com",
 			Output: []uint32{10, 4},
 		},
 	}
 	matcherGroup := &MatcherGroup{}
 	for _, rule := range rules {
 		matcher, err := rule.Type.New(rule.Domain)
 		common.Must(err)
 		matcherGroup.Add(matcher)
 	}
 	for _, test := range cases {
 		if m := matcherGroup.Match(test.Input); !reflect.DeepEqual(m, test.Output) {
 			t.Error("unexpected output: ", m, " for test case ", test)
 		}
 	}
 }
 func TestACAutomaton(t *testing.T) {
 	cases1 := []struct {
 		pattern string
 		mType   Type
 		input   string
 		output  bool
 	}{
 		{
 			pattern: "xtls.github.io",
 			mType:   Domain,
 			input:   "www.xtls.github.io",
 			output:  true,
 		},
 		{
 			pattern: "xtls.github.io",
 			mType:   Domain,
 			input:   "xtls.github.io",
 			output:  true,
 		},
 		{
 			pattern: "xtls.github.io",
 			mType:   Domain,
 			input:   "www.xtis.github.io",
 			output:  false,
 		},
 		{
 			pattern: "xtls.github.io",
 			mType:   Domain,
 			input:   "tls.github.io",
 			output:  false,
 		},
 		{
 			pattern: "xtls.github.io",
 			mType:   Domain,
 			input:   "xxtls.github.io",
 			output:  false,
 		},
 		{
 			pattern: "xtls.github.io",
 			mType:   Full,
 			input:   "xtls.github.io",
 			output:  true,
 		},
 		{
 			pattern: "xtls.github.io",
 			mType:   Full,
 			input:   "xxtls.github.io",
 			output:  false,
 		},
 	}
 	for _, test := range cases1 {
 		var ac = NewACAutomaton()
 		ac.Add(test.pattern, test.mType)
 		ac.Build()
 		if m := ac.Match(test.input); m != test.output {
 			t.Error("unexpected output: ", m, " for test case ", test)
 		}
 	}
 	{
 		cases2Input := []struct {
 			pattern string
 			mType   Type
 		}{
 			{
 				pattern: "163.com",
 				mType:   Domain,
 			},
 			{
 				pattern: "m.126.com",
 				mType:   Full,
 			},
 			{
 				pattern: "3.com",
 				mType:   Full,
 			},
 			{
 				pattern: "google.com",
 				mType:   Substr,
 			},
 			{
 				pattern: "vgoogle.com",
 				mType:   Substr,
 			},
 		}
 		var ac = NewACAutomaton()
 		for _, test := range cases2Input {
 			ac.Add(test.pattern, test.mType)
 		}
 		ac.Build()
 		cases2Output := []struct {
 			pattern string
 			res     bool
 		}{
 			{
 				pattern: "126.com",
 				res:     false,
 			},
 			{
 				pattern: "m.163.com",
 				res:     true,
 			},
 			{
 				pattern: "mm163.com",
 				res:     false,
 			},
 			{
 				pattern: "m.126.com",
 				res:     true,
 			},
 			{
 				pattern: "163.com",
 				res:     true,
 			},
 			{
 				pattern: "63.com",
 				res:     false,
 			},
 			{
 				pattern: "oogle.com",
 				res:     false,
 			},
 			{
 				pattern: "vvgoogle.com",
 				res:     true,
 			},
 		}
 		for _, test := range cases2Output {
 			if m := ac.Match(test.pattern); m != test.res {
 				t.Error("unexpected output: ", m, " for test case ", test)
 			}
 		}
 	}
 	{
 		cases3Input := []struct {
 			pattern string
 			mType   Type
 		}{
 			{
 				pattern: "video.google.com",
 				mType:   Domain,
 			},
 			{
 				pattern: "gle.com",
 				mType:   Domain,
 			},
 		}
 		var ac = NewACAutomaton()
 		for _, test := range cases3Input {
 			ac.Add(test.pattern, test.mType)
 		}
 		ac.Build()
 		cases3Output := []struct {
 			pattern string
 			res     bool
 		}{
 			{
 				pattern: "google.com",
 				res:     false,
 			},
 		}
 		for _, test := range cases3Output {
 			if m := ac.Match(test.pattern); m != test.res {
 				t.Error("unexpected output: ", m, " for test case ", test)
 			}
 		}
 	}
 }
--- a/common/protocol/tls/sniff.go
+++ b/common/protocol/tls/sniff.go
@@ -102,7 +102,7 @@ func ReadClientHello(data []byte, h *SniffHeader) error {
 					return errNotClientHello
 				}
 				if nameType == 0 {
-					serverName := strings.ToLower(string(d[:nameLen]))
+					serverName := string(d[:nameLen])
 					// An SNI value may not include a
 					// trailing dot. See
 					// https://tools.ietf.org/html/rfc6066#section-3.
--- a/common/session/session.go
+++ b/common/session/session.go
@@ -6,6 +6,8 @@ import (
 	"math/rand"
 	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/matcher/domain"
 	"github.com/xtls/xray-core/common/matcher/geoip"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/protocol"
 	"github.com/xtls/xray-core/common/signal"
@@ -60,9 +62,11 @@ type Outbound struct {
 // SniffingRequest controls the behavior of content sniffing.
 type SniffingRequest struct {
-	ExcludeForDomain               []string
+	ExcludedDomainMatcher          *domain.DomainMatcher
 	ExcludedIPMatcher              *geoip.MultiGeoIPMatcher
 	OverrideDestinationForProtocol []string
 	Enabled                        bool
 	MetadataOnly                   bool
 }
 // Content is the metadata of the connection content.
@@ -74,7 +78,7 @@ type Content struct {
 	Attributes map[string]string
-	SkipRoutePick bool
+	SkipDNSResolve bool
 }
 // Sockopt is the settings for socket connection.
--- a/common/strmatcher/strmatcher_test.go
+++ b/common/strmatcher/strmatcher_test.go
@@ -1,93 +0,0 @@
 package strmatcher_test
 import (
 	"reflect"
 	"testing"
 	"github.com/xtls/xray-core/common"
 	. "github.com/xtls/xray-core/common/strmatcher"
 )
 func TestMatcherGroup(t *testing.T) {
 	rules := []struct {
 		Type   Type
 		Domain string
 	}{
 		{
 			Type:   Regex,
 			Domain: "apis\\.us$",
 		},
 		{
 			Type:   Substr,
 			Domain: "apis",
 		},
 		{
 			Type:   Domain,
 			Domain: "googleapis.com",
 		},
 		{
 			Type:   Domain,
 			Domain: "com",
 		},
 		{
 			Type:   Full,
 			Domain: "www.baidu.com",
 		},
 		{
 			Type:   Substr,
 			Domain: "apis",
 		},
 		{
 			Type:   Domain,
 			Domain: "googleapis.com",
 		},
 		{
 			Type:   Full,
 			Domain: "fonts.googleapis.com",
 		},
 		{
 			Type:   Full,
 			Domain: "www.baidu.com",
 		},
 		{
 			Type:   Domain,
 			Domain: "example.com",
 		},
 	}
 	cases := []struct {
 		Input  string
 		Output []uint32
 	}{
 		{
 			Input:  "www.baidu.com",
 			Output: []uint32{5, 9, 4},
 		},
 		{
 			Input:  "fonts.googleapis.com",
 			Output: []uint32{8, 3, 7, 4, 2, 6},
 		},
 		{
 			Input:  "example.googleapis.com",
 			Output: []uint32{3, 7, 4, 2, 6},
 		},
 		{
 			Input:  "testapis.us",
 			Output: []uint32{1, 2, 6},
 		},
 		{
 			Input:  "example.com",
 			Output: []uint32{10, 4},
 		},
 	}
 	matcherGroup := &MatcherGroup{}
 	for _, rule := range rules {
 		matcher, err := rule.Type.New(rule.Domain)
 		common.Must(err)
 		matcherGroup.Add(matcher)
 	}
 	for _, test := range cases {
 		if m := matcherGroup.Match(test.Input); !reflect.DeepEqual(m, test.Output) {
 			t.Error("unexpected output: ", m, " for test case ", test)
 		}
 	}
 }
--- a/core/config.go
+++ b/core/config.go
@@ -80,14 +80,25 @@ func getFormat(filename string) string {
 func LoadConfig(formatName string, input interface{}) (*Config, error) {
 	switch v := input.(type) {
 	case cmdarg.Arg:
 		formats := make([]string, len(v))
 		hasProtobuf := false
 		for i, file := range v {
-			f := getFormat(file)
+			var f string
-			if f == "" {
+
 			if formatName == "auto" {
 				if file != "stdin:" {
 					f = getFormat(file)
 				} else {
 					f = "json"
 				}
 			} else {
 				f = formatName
 			}
 			if f == "" {
 				return nil, newError("Failed to get format of ", file).AtWarning()
 			}
 			if f == "protobuf" {
 				hasProtobuf = true
 			}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
hmol233	b85eef0131	Merge pull request #544 from AkinoKaede/dns-geo Merge branch 'dns' into dns-geo	2021-05-03 21:20:31 +08:00
秋のかえで	a3e63e6928	style: refine style	2021-05-01 10:44:29 +08:00
秋のかえで	ec9f19039e	remove v2ray.com	2021-05-01 08:55:27 +08:00
秋のかえで	ee682b17d1	Merge branch 'dns' into dns-geo	2021-05-01 08:48:51 +08:00
秋のかえで	2e56fe11e1	Merge branch 'main' into dns	2021-04-18 13:24:44 +08:00
秋のかえで	7b7084f825	Refactor: A faster DomainMatcher implementation (#348 ) Co-authored-by: DarthVader <61409963+darsvador@users.noreply.github.com>	2021-04-18 13:21:17 +08:00
秋のかえで	a5b2a9be2d	Merge branch 'dns' into dns-geo	2021-04-15 13:27:35 +08:00
秋のかえで	d5a195458b	chore: regenerate protobufs	2021-04-15 13:23:21 +08:00
秋のかえで	f8b8e8a53a	Merge branch 'dns' into dns-geo	2021-04-14 13:04:45 +08:00
秋のかえで	7cf30d5101	Feat: DNS hosts support multiple addresses	2021-04-12 00:05:26 +08:00
秋のかえで	598e15aed2	style: refine var name	2021-04-11 12:45:16 +08:00
秋のかえで	708ce026ca	Refine the test of dns conf	2021-04-10 17:22:44 +08:00
秋のかえで	b0a66e650c	Merge branch 'dns' into dns-geo	2021-04-10 13:02:48 +08:00
JimhHan	217844cc37	Refine DNS Options	2021-04-10 11:36:58 +08:00
JimhHan	f20c445974	Fix typo	2021-04-10 00:33:55 +08:00
秋のかえで	6e902b24ae	Feat: add disableFallback & skipFallback option for DNS client (#489 )	2021-04-10 00:07:08 +08:00
JimhHan	70b63e21a5	Fix testing	2021-04-09 23:36:48 +08:00
JimhHan	726a722019	Refine DNS strategies	2021-04-09 23:36:36 +08:00
JimhHan	16017304b8	Merge remote-tracking branch 'upstream/dns-geo-reverse-match' into dns-geo	2021-04-09 18:48:44 +08:00
秋のかえで	9721ff7a56	Style: comment unused code	2021-04-08 23:19:43 +08:00
秋のかえで	eeb40c9ce2	Refine tests	2021-04-08 22:51:55 +08:00
JimhHan	095b17da62	Fix typo	2021-04-08 19:19:53 +08:00
JimhHan	1c3abb2ec3	Fix: config loader	2021-04-08 19:18:23 +08:00
秋のかえで	5d5beb2028	Add test to ParaseIPList	2021-04-08 13:36:35 +08:00
秋のかえで	44317bd657	Refine router config parse	2021-04-08 13:19:25 +08:00
秋のかえで	68201a8898	Feat: add reverse match for GeoIP	2021-04-08 13:07:53 +08:00
秋のかえで	8a7cd65fc2	Merge branch 'dns' into dns-geo	2021-04-07 23:17:59 +08:00
秋のかえで	f4a048aa0c	Merge branch 'main' into dns	2021-04-07 23:15:45 +08:00
秋のかえで	946a7a2647	Refine DomainStrategy config	2021-04-07 22:53:21 +08:00
Bhoppi Chaw	bf94fb53ca	Fix QUIC disconnecting issue (#475 ) Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>	2021-04-06 16:37:28 +00:00
lucifer	1d13a8da49	fix grpc dial ipv6 address (#476 )	2021-04-05 09:00:46 +08:00
秋のかえで	90c81e8459	fix: fix clientIP config	2021-04-02 16:57:31 +08:00
秋のかえで	364086c974	fix: remove AA header flag in DNS query	2021-04-02 16:47:19 +08:00
Jim Han	f65c21337c	v1.4.2	2021-04-01 21:08:53 +08:00
RPRX	4bf8b6d89c	Fix uTLS fingerprints support Thank @HirbodBehnam https://github.com/XTLS/Xray-core/issues/461	2021-04-01 09:15:18 +00:00
秋のかえで	7a778d74d0	feat: change the handshake timeout of quic to default vaule	2021-03-31 22:55:28 +08:00
秋のかえで	d3533abe3c	Merge branch 'main' into dns	2021-03-31 22:53:43 +08:00
Jim Han	95a68a6d73	v1.4.1	2021-03-31 16:00:16 +08:00
秋のかえで	7f2fad73d4	Chore: Upgrade dependencies (#432 ) Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>	2021-03-31 06:18:34 +00:00
Jim Han	3ed14c2fcd	Fix: gRPC & HTTP/2 dialer (#445 )	2021-03-30 16:43:31 +00:00
risetechlab	b63049f404	Fix: TFO AsIs bug (#452 )	2021-03-30 16:42:02 +00:00
JimhHan	b9c5de96e7	Fix: test	2021-03-29 18:57:09 +08:00
JimhHan	b8196a22a0	Fix: matching type mismatch	2021-03-29 18:57:07 +08:00
JimhHan	6471cfd290	Fix: typo	2021-03-29 18:57:05 +08:00
JimhHan	58bca70dfb	Revert: move common.go to common	2021-03-29 18:57:03 +08:00
RPRX	a9e11075d1	Add uTLS fingerprints support (#451 )	2021-03-29 10:08:29 +00:00
Jim Han	e564d9ef7e	Fix: TCP & WS override AcceptProxyProtocol (#425 )	2021-03-28 16:16:07 +00:00
秋のかえで	6c936e2fd3	fix: set json to default format to stdin (#446 )	2021-03-28 23:45:13 +08:00
秋のかえで	b2d8168284	docs: add common name to the help of tls cert (#435 )	2021-03-27 18:32:30 +08:00
JimhHan	4eb3acb4dd	Fix: format	2021-03-26 17:30:24 +08:00
JimhHan	fc8b580017	Fix: tests	2021-03-26 17:20:28 +08:00
JimhHan	06fc82bad1	Feat: sniffer exclude domain & ip	2021-03-26 16:56:43 +08:00
JimhHan	14189eba07	Replace: domain conf loader	2021-03-26 15:28:27 +08:00
JimhHan	b11429eaee	Refactor: GeoSite & GeoIP	2021-03-24 23:01:20 +08:00
RPRX	e0910ab4d9	Update dialer.html	2021-03-23 16:55:05 +00:00
RPRX	d46af8b5d4	Add WSS Browser Dialer support (#421 )	2021-03-23 09:25:35 +00:00
AkinoKaede	58daa2f788	fix: DNS tests timeout due to network instability	2021-03-22 13:20:14 +08:00
Jim Han	0470381fe2	Fix: gRPC multi accepting empty bytes (#411 )	2021-03-21 09:16:52 +00:00
秋のかえで	b0e7ad9663	Fix: format flag not working (#410 )	2021-03-21 09:13:51 +00:00
AkinoKaede	8382b29922	feat: add queryStrategy option for DNS	2021-03-19 23:35:01 +08:00
JimhHan	41d3f31447	Fix: DNS query log	2021-03-19 22:01:39 +08:00
AkinoKaede	9b93b90fa9	feat: add DNS logs to DNS over QUIC	2021-03-19 13:19:43 +08:00
AkinoKaede	b15fffaac6	fix: fix tests	2021-03-18 23:52:00 +08:00
AkinoKaede	8884e948fe	refactor: new dns app	2021-03-18 23:28:01 +08:00
Kid	4e63c22197	Add Homebrew installation command (#392 ) Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>	2021-03-17 17:56:56 +00:00
maskedeken	36961ed882	Add remote addr to gRPC transport layer conn (#382 ) Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>	2021-03-17 17:55:51 +00:00
JimhHan	de54d4b08f	Fix: sniffer call IP() on a DomainAddress	2021-03-17 23:29:06 +08:00
JimhHan	32713bcc0e	Fix: Context without proper session close https://github.com/XTLS/Xray-core/issues/383	2021-03-17 23:27:42 +08:00
RPRX	9dec65e367	v1.4.0	2021-03-14 15:59:19 +00:00
Jim Han	3fe85449a9	Use 198.18.0.0/16 as default Fake IP Pool (#377 )	2021-03-14 15:58:27 +00:00
Jim Han	e0526c27b3	Removal: confonly (#368 )	2021-03-14 15:05:08 +00:00
RPRX	a0a32ee00d	Add gRPC Transport support (#356 ) Co-authored-by: JimhHan <50871214+JimhHan@users.noreply.github.com>	2021-03-14 15:02:07 +00:00
RPRX	60b06877bf	Add WebSocket 0-RTT support (#375 )	2021-03-14 07:10:10 +00:00
JimhHan	9adce5a6c4	Fix: core/config.proto	2021-03-13 20:49:02 +08:00
RPRX	100edc370b	Stop at '?' when reading HTTP PATH before shunting	2021-03-12 11:50:59 +00:00
RPRX	819717d278	Fix https://github.com/XTLS/Xray-core/issues/366	2021-03-12 11:38:36 +00:00
Raymond Luo	fcc9d97074	Do not cause error when `json:"fallback"` is `null` (#361 ) Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>	2021-03-10 16:17:27 +00:00
RPRX	439c91d509	Update fakedns_test.go	2021-03-10 14:55:51 +00:00
RPRX	924fe16077	Skip Port 53, 443 before using single XUDP for VLESS & VMess	2021-03-08 18:36:45 +00:00
RPRX	3de5af0611	Fix https://github.com/XTLS/Xray-core/issues/350	2021-03-08 18:12:38 +00:00
Jim Han	d7cd71b741	Resolve conflicting changes in DNS #309 #341 (#346 ) Co-authored-by: yuhan6665 <1588741+yuhan6665@users.noreply.github.com>	2021-03-07 07:12:50 +00:00
yuhan6665	f50eff5ebb	Add Fake DNS support (#309 ) Co-authored-by: Xiaokang Wang <xiaokangwang@outlook.com> Co-authored-by: loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com> Co-authored-by: kslr <kslrwang@gmail.com>	2021-03-07 04:39:50 +00:00
Jim Han	db32ce6fd9	Enhance DNS and Dialer (#341 )	2021-03-06 16:29:17 +00:00
risetechlab	ad1807dd99	Enhance TCP Fast Open (#310 )	2021-03-06 14:45:12 +00:00
		`@@ -0,0 +1,3 @@`
							`package fakedns`

							`//go:generate go run github.com/xtls/xray-core/common/errors/errorgen`
		`@@ -0,0 +1,3 @@`
							`package conf`

							`//go:generate go run github.com/xtls/xray-core/common/errors/errorgen`
		`@@ -0,0 +1,3 @@`
							`package domain`

							`//go:generate go run github.com/xtls/xray-core/common/errors/errorgen`
`@@ -1,4 +1,4 @@`
	`package strmatcher`	`package str`

	`import "strings"`	`import "strings"`