update document for new options.

docs/config/ad-block.md

@@ -37,6 +37,19 @@ smartdns可以通过address选项来屏蔽广告。
     address /sub.example.com/-
     ```
 
+1. 前缀通配与主域名匹配
+
+    ```shell
+    // 通配
+    *-a.example.com 
+    // 仅匹配子域名
+    *.example.com
+    // 仅匹配主域名
+    -.example.com
+    ```
+
+    注意：* 和 - 仅支持写在域名开头。其他位置的写法均不支持。
+
 ## 使用域名集合
 
 对于单个域名屏蔽，可以方便使用address参数屏蔽，对于较多的域名，可通过域名集合屏蔽，更加方便管理广告域名列表。

docs/config/domain-address.md

@@ -27,6 +27,19 @@ address除了可以设置屏蔽广告外，还可以指定域名的IP地址。
     address /example.com/::1
     ```
 
+1. 前缀通配与主域名匹配
+
+    ```shell
+    // 通配
+    *-a.example.com 
+    // 仅匹配子域名
+    *.example.com
+    // 仅匹配主域名
+    -.example.com
+    ```
+
+    注意：* 和 - 仅支持写在域名开头。其他位置的写法均不支持。
+
 ## 自动扩展address对应的PTR记录
 
 如果想扩展上述address对应的PTR记录，可以使用`expand-ptr-from-address`开关开启自动扩展。`expand-ptr-from-address`参数可以重复设置，参数对设置后的`address`生效。

docs/configuration.md

@@ -45,14 +45,15 @@ hide:
 | conf-file | 附加配置文件 | 无 | 合法路径字符串 | conf-file /etc/smartdns/smartdns.more.conf |
 | server | 上游 UDP DNS | 无 | 可重复。<br />[ip][:port]\|URL：服务器 IP:端口（可选）或 URL <br />[-blacklist-ip]：配置 IP 过滤结果。<br />[-whitelist-ip]：指定仅接受参数中配置的 IP 范围<br />[-group [group] ...]：DNS 服务器所属组，比如 office 和 foreign，和 nameserver 配套使用<br />[-exclude-default-group]：将 DNS 服务器从默认组中排除。<br />[-set-mark mark]：设置数据包标记so-mark。<br />[-proxy name]：设置代理服务器。 <br />[-bootstrap-dns]：标记此服务器为bootstrap服务器。<br />[-subnet]：指定服务器使用的edns-client-subnet| server 8.8.8.8:53 -blacklist-ip -group g1 -proxy proxy<br /> server tls://8.8.8.8|
 | server-tcp | 上游 TCP DNS | 无 | 可重复。<br />[ip][:port]：服务器 IP:端口（可选）<br />[-blacklist-ip]：配置 IP 过滤结果<br />[-whitelist-ip]：指定仅接受参数中配置的 IP 范围。<br />[-group [group] ...]：DNS 服务器所属组，比如 office 和 foreign，和 nameserver 配套使用<br />[-exclude-default-group]：将 DNS 服务器从默认组中排除。<br />[-set-mark mark]：设置数据包标记so-mark。<br />[-proxy name]：设置代理服务器。 <br />[-bootstrap-dns]：标记此服务器为bootstrap服务器。<br />[-subnet]：指定服务器使用的edns-client-subnet| server-tcp 8.8.8.8:53 |
-| server-tls | 上游 TLS DNS | 无 | 可重复。<br />[ip][:port]：服务器 IP:端口（可选)<br />[-spki-pin [sha256-pin]]：TLS 合法性校验 SPKI 值，base64 编码的 sha256 SPKI pin 值<br />[-host-name]：TLS SNI 名称, 名称设置为-，表示停用SNI名称<br />[-tls-host-verify]：TLS 证书主机名校验<br /> [-no-check-certificate]：跳过证书校验<br />[-blacklist-ip]：配置 IP 过滤结果<br />[-whitelist-ip]：仅接受参数中配置的 IP 范围<br />[-group [group] ...]：DNS 服务器所属组，比如 office 和 foreign，和 nameserver 配套使用<br />[-exclude-default-group]：将 DNS 服务器从默认组中排除。<br />[-set-mark mark]：设置数据包标记so-mark。<br />[-proxy name]：设置代理服务器。 <br />[-bootstrap-dns]：标记此服务器为bootstrap服务器。<br />[-subnet]：指定服务器使用的edns-client-subnet| server-tls 8.8.8.8:853 |
-| server-https | 上游 HTTPS DNS | 无 | 可重复。<br />https://[host>][:port]/path：服务器 IP:端口（可选）<br />[-spki-pin [sha256-pin]]：TLS 合法性校验 SPKI 值，base64 编码的 sha256 SPKI pin 值<br />[-host-name]：TLS SNI 名称<br />[-http-host]：http 协议头主机名<br />[-tls-host-verify]：TLS 证书主机名校验<br /> [-no-check-certificate]：跳过证书校验<br />[-blacklist-ip]：配置 IP 过滤结果<br />[-whitelist-ip]：仅接受参数中配置的 IP 范围。<br />[-group [group] ...]：DNS 服务器所属组，比如 office 和 foreign，和 nameserver 配套使用<br />[-exclude-default-group]：将 DNS 服务器从默认组中排除。<br />[-set-mark]：设置数据包标记so-mark。<br />[-proxy name]：设置代理服务器。 <br />[-bootstrap-dns]：标记此服务器为bootstrap服务器。<br />[-subnet]：指定服务器使用的edns-client-subnet| server-https https://cloudflare-dns.com/dns-query |
+| server-tls | 上游 TLS DNS | 无 | 可重复。<br />[ip][:port]：服务器 IP:端口（可选)<br />[-spki-pin [sha256-pin]]：TLS 合法性校验 SPKI 值，base64 编码的 sha256 SPKI pin 值<br />[-host-name]：TLS SNI 名称, 名称设置为-，表示停用SNI名称。<br />[-host-ip]: 主机IP地址。<br />[-tls-host-verify]：TLS 证书主机名校验<br /> [-no-check-certificate]：跳过证书校验<br />[-blacklist-ip]：配置 IP 过滤结果<br />[-whitelist-ip]：仅接受参数中配置的 IP 范围<br />[-group [group] ...]：DNS 服务器所属组，比如 office 和 foreign，和 nameserver 配套使用<br />[-exclude-default-group]：将 DNS 服务器从默认组中排除。<br />[-set-mark mark]：设置数据包标记so-mark。<br />[-proxy name]：设置代理服务器。 <br />[-bootstrap-dns]：标记此服务器为bootstrap服务器。<br />[-subnet]：指定服务器使用的edns-client-subnet| server-tls 8.8.8.8:853 |
+| server-https | 上游 HTTPS DNS | 无 | 可重复。<br />https://[host>][:port]/path：服务器 IP:端口（可选）<br />[-spki-pin [sha256-pin]]：TLS 合法性校验 SPKI 值，base64 编码的 sha256 SPKI pin 值<br />[-host-name]：TLS SNI 名称, 名称设置为-，表示停用SNI名称。<br />[-host-ip]: 主机IP地址。<br />[-http-host]：http 协议头主机名<br />[-tls-host-verify]：TLS 证书主机名校验<br /> [-no-check-certificate]：跳过证书校验<br />[-blacklist-ip]：配置 IP 过滤结果<br />[-whitelist-ip]：仅接受参数中配置的 IP 范围。<br />[-group [group] ...]：DNS 服务器所属组，比如 office 和 foreign，和 nameserver 配套使用<br />[-exclude-default-group]：将 DNS 服务器从默认组中排除。<br />[-set-mark]：设置数据包标记so-mark。<br />[-proxy name]：设置代理服务器。 <br />[-bootstrap-dns]：标记此服务器为bootstrap服务器。<br />[-subnet]：指定服务器使用的edns-client-subnet| server-https https://cloudflare-dns.com/dns-query |
 | proxy-server | 代理服务器 | 无 | 可重复。<br />proxy-server URL <br />[URL]: [socks5\|http]://[username:password@]host:port<br />[-name]: 代理服务器名称。 |proxy-server socks5://user:pass@1.2.3.4:1080 -name proxy|
 | speed-check-mode | 测速模式选择 | 无 | [ping\|tcp:[80]\|none] | speed-check-mode ping,tcp:80,tcp:443 |
 | response-mode | 首次查询响应模式 | first-ping |模式：[first-ping\|fastest-ip\|fastest-response]<br /> [first-ping]: 最快ping响应地址模式，DNS上游最快查询时延+ping时延最短，查询等待与链接体验最佳;<br />[fastest-ip]: 最快IP地址模式，查询到的所有IP地址中ping最短的IP。需等待IP测速; <br />[fastest-response]: 最快响应的DNS结果，DNS查询等待时间最短，返回的IP地址可能不是最快。| response-mode first-ping |
 | expand-ptr-from-address | 是否扩展Address对应的PTR记录 | no | [yes\|no] | expand-ptr-from-address yes |
-| address | 指定域名 IP 地址 | 无 | address /domain/[ip1[,ip2,...]\|-\|-4\|-6\|#\|#4\|#6] <br />- 表示忽略 <br /># 表示返回 SOA <br />4 表示 IPv4 <br />6 表示 IPv6 | address /www.example.com/1.2.3.4<br />address /www.example.com/::1 <br />address /example.com/1.2.3.4,5.6.7.8 |
+| address | 指定域名 IP 地址 | 无 | address /[*\|-.]domain/[ip1[,ip2,...]\|-\|-4\|-6\|#\|#4\|#6] <br />- 表示忽略 <br /># 表示返回 SOA <br />4 表示 IPv4 <br />6 表示 IPv6 <br /> * 开头表示通配<br />- 开头表示主域名<br /> `*` 和 `-` 只能在域名开头，其他位置不生效。| address /www.example.com/1.2.3.4<br />address /www.example.com/::1 <br />address /example.com/1.2.3.4,5.6.7.8 <br /> address /\*-a.example.com/ <br /> address /\*.example.com/ <br > address /-.example.com/|
 | cname | 指定域名别名 | 无 | cname /domain/target <br />- 表示忽略 <br />指定对应域名的cname | cname /www.example.com/cdn.example.com |
+| ddns-domain | 指定DDNS域名 | 无 | ddns-domain doamin.com, 用于将指定的域名解析为smartdns所在主机IP地址。| ddns-domain example.com
 | dns64 | DNS64转换 | 无 | dns64 ip-prefix/mask <br /> ipv6前缀和掩码 | dns64 64:ff9b::/96 |
 | edns-client-subnet | DNS ECS | 无 | edns-client-subnet ip-prefix/mask <br /> 指定EDNS客户端子网 | ip-prefix/mask 1.2.3.4/23 |
 | nameserver | 指定域名使用 server 组解析 | 无 | nameserver /domain/[group\|-], group 为组名，- 表示忽略此规则，配套 server 中的 -group 参数使用 | nameserver /www.example.com/office |

en/docs/config/ad-block.md

@@ -37,6 +37,19 @@ Note: If you're using OpenWrt with LuCI, please refer to OpenWrt's domain blocki
     address /sub.example.com/-
     ```
 
+1. The prefix wildcard matches the main domain name
+
+    ```shell
+    // prefix wild card
+    *-a.example.com
+    // only match subdomains
+    *.example.com
+    // only match the main domain name
+    -.example.com
+    ```
+
+    Note: * and - are only supported at the beginning of the domain name. Wording in other locations is not supported.
+
 ## Usage of Domain Set
 
 For a single domain name blocking, you can conveniently use the address parameter to block it. For more domain names, you can block it through the domain-set, which is more convenient to manage the list of advertising domain names.

en/docs/config/domain-address.md

@@ -27,6 +27,19 @@ In addition to blocking ads, `address` can also be used to specify the IP addres
     address /example.com/::1
     ```
 
+1. The prefix wildcard matches the main domain name
+
+    ```shell
+    // prefix wild card
+    *-a.example.com
+    // only match subdomains
+    *.example.com
+    // only match the main domain name
+    -.example.com
+    ```
+
+    Note: * and - are only supported at the beginning of the domain name. Wording in other locations is not supported.
+
 ## Automatically Expand PTR Records Corresponding to address
 
 If you want to expand the PTR record corresponding to the above `address`, you can use the `expand-ptr-from-address` switch to turn on automatic expansion. The `expand-ptr-from-address` parameter can be set repeatedly, and the parameter takes effect for the `address` set after it.

en/docs/configuration.md

@@ -41,14 +41,15 @@ hide:
 |conf-file|additional conf file|None|File path|conf-file /etc/smartdns/smartdns.more.conf
 |server|Upstream UDP DNS server|None|Repeatable <br />`[ip][:port]\|URL`: Server IP, port optional OR URL. <br />`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br />`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br />`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br />`[-exclude-default-group]`: Exclude DNS servers from the default group. <br />`[-set-mark mark]`: set mark on packets <br /> `[-proxy name]`: set proxy server <br /> `[-bootstrap-dns]`: set as bootstrap dns server <br />[-subnet]：set per server edns-client-subnet | server 8.8.8.8:53 -blacklist-ip<br />server tls://8.8.8.8
 |server-tcp|Upstream TCP DNS server|None|Repeatable <br />`[ip][:port]`: Server IP, port optional. <br />`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br />`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br />`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br />`[-exclude-default-group]`: Exclude DNS servers from the default group <br />`[-set-mark mark]`: set mark on packets <br /> `[-proxy name]`: set proxy server <br /> `[-bootstrap-dns]`: set as bootstrap dns server <br />[-subnet]：set per server edns-client-subnet | server-tcp 8.8.8.8:53
-|server-tls|Upstream TLS DNS server|None|Repeatable <br />`[ip][:port]`: Server IP, port optional. <br />`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br />`[-host-name]`:TLS Server name. `-` to disable SNI name.<br />`[-tls-host-verify]`: TLS cert hostname to verify. <br />`-no-check-certificate:`: No check certificate. <br />`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br />`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br />`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br />`[-exclude-default-group]`: Exclude DNS servers from the default group <br /> `[-set-mark mark]`: set mark on packets <br /> `[-proxy name]`: set proxy server <br /> `[-bootstrap-dns]`: set as bootstrap dns server <br />[-subnet]：set per server edns-client-subnet | server-tls 8.8.8.8:853
-|server-https|Upstream HTTPS DNS server|None|Repeatable <br />`https://[host][:port]/path`: Server IP, port optional. <br />`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br />`[-host-name]`:TLS Server name<br />`[-http-host]`: http header host. <br />`[-tls-host-verify]`: TLS cert hostname to verify. <br />`-no-check-certificate:`: No check certificate. <br />`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br />`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br />`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br />`[-exclude-default-group]`: Exclude DNS servers from the default group <br /> `[-set-mark mark]`: set mark on packets <br /> `[-proxy name]`: set proxy server <br /> `[-bootstrap-dns]`: set as bootstrap dns server <br />[-subnet]：set per server edns-client-subnet | server-https <https://cloudflare-dns.com/dns-query>
+|server-tls|Upstream TLS DNS server|None|Repeatable <br />`[ip][:port]`: Server IP, port optional. <br />`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br />`[-host-name]`:TLS Server name. `-` to disable SNI name.<br />[-host-ip]: host ip address. <br />`[-tls-host-verify]`: TLS cert hostname to verify. <br />`-no-check-certificate:`: No check certificate. <br />`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br />`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br />`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br />`[-exclude-default-group]`: Exclude DNS servers from the default group <br /> `[-set-mark mark]`: set mark on packets <br /> `[-proxy name]`: set proxy server <br /> `[-bootstrap-dns]`: set as bootstrap dns server <br />[-subnet]：set per server edns-client-subnet | server-tls 8.8.8.8:853
+|server-https|Upstream HTTPS DNS server|None|Repeatable <br />`https://[host][:port]/path`: Server IP, port optional. <br />`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br />`[-host-name]`:TLS Server name<br />`[-http-host]`: http header host. <br />[-host-ip]: host ip address. <br />`[-tls-host-verify]`: TLS cert hostname to verify. <br />`-no-check-certificate:`: No check certificate. <br />`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br />`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br />`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br />`[-exclude-default-group]`: Exclude DNS servers from the default group <br /> `[-set-mark mark]`: set mark on packets <br /> `[-proxy name]`: set proxy server <br /> `[-bootstrap-dns]`: set as bootstrap dns server <br />[-subnet]：set per server edns-client-subnet | server-https <https://cloudflare-dns.com/dns-query>
 |proxy-server| proxy server | None | Repeatable. <br />`proxy-server URL` <br />[URL]: `[socks5\|http]://[username:password@]host:port`<br />[-name]:  proxy server name. |proxy-server socks5://user:pass@1.2.3.4:1080 -name proxy|
 |speed-check-mode|Speed ​​mode|None|[ping\|tcp:[80]\|none]|speed-check-mode ping,tcp:80,tcp:443
 |response-mode|First query response mode|first-ping|Mode: [first-ping\|fastest-ip\|fastest-response]<br /> [first-ping]: The fastest dns + ping response mode, DNS query delay + ping delay is the shortest;<br />[fastest-ip]: The fastest IP address mode, return the fastest ip address, may take some time to test speed. <br />[fastest-response]: The fastest response DNS result mode, the DNS query waiting time is the shortest. | response-mode first-ping |
 |expand-ptr-from-address| Whether to expand the address record corresponding to PTR record | no | [yes\|no] | expand-ptr-from-address yes |
-|address|Domain IP address|None|address /domain/[ip1[,ip2,...]\|-\|-4\|-6\|#\|#4\|#6], `-` for ignore, `#` for return SOA, `4` for IPV4, `6` for IPV6| address /www.example.com/1.2.3.4<br />address /www.example.com/::1 <br />address /example.com/1.2.3.4,5.6.7.8 
+|address|Domain IP address|None|address /[*\|-]domain/[ip1[,ip2,...]\|-\|-4\|-6\|#\|#4\|#6]<br />`-` for ignore <br />`#` for return SOA <br />`4` for IPV4 <br />`6` for IPV6 <br /> `*` at the beginning means wildcard<br />`-` means the main domain name at the beginning<br /> `*` and `-` can only be at the beginning of the domain name, other positions will not take effect.| address /www.example.com/1.2.3.4<br />address /www.example.com/::1 <br />address /example.com/1.2.3.4,5.6.7.8<br /> address /\*-a.example.com/ <br /> address /\*.example.com/ <br > address /-.example.com/
 |cname|set cname to domain| None | cname /domain/target <br />- for ignore <br />set cname to domain. | cname /www.example.com/cdn.example.com |
+|ddns-domain|Specifies the DDNS domain name |None|ddns-domain domainin.com, used to resolve the specified domain name to the IP address of the host where smartdns resides. | ddns-domain example.com
 |dns64|dns64 translation | None | dns64 ip-prefix/mask <br /> ipv6 prefix and mask. | dns64 64:ff9b::/96 |
 |edns-client-subnet| DNS ECS | None |edns-client-subnet ip-prefix/mask <br /> set EDNS client subnet | ip-prefix/mask 1.2.3.4/23 |
 |nameserver|To query domain with specific server group|None|nameserver /domain/[group\|-], `group` is the group name, `-` means ignore this rule, use the `-group` parameter in the related server|nameserver /www.example.com/office