DNS (Resolver) tag in server side config has no effect

[robin98]

Describe the bug
I tried the resolver tag on my server side config at /etc/hysteria/config.yaml like this;
but this method didn't work for my clients as their resolver didn't change from alibaba to any other DNS resolver I specified.

listen: :8443

tls:
  cert: /opt/cert/xxxx/fullchain.pem
  key: /opt/cert/xxxx/privkey.pem

auth:
  type: password
  password: xxxx

masquerade:
  type: proxy
  proxy:
    url: https://xxxx.com/
    rewriteHost: true

resolver:
  type: udp
  udp:
    addr: 9.9.9.9:53
    timeout: 10s

Logs

Device and Operating System
ubuntu server 22.04.4

[haruue]

If you use Hysteria client with transparent proxy (e.g. redirect/proxy/tun), name resolving is done on client side, so server side DNS setting & domain ACL will not work in this case.

We have plan to introduce feature known as "sniffing" or "deep packet inspection" on server side to extract hostname from SNI in ClientHello and resolve it again. This will be able to fix the problem, but not available now.

[eddiehex]

If you use Hysteria client with transparent proxy (e.g. redirect/proxy/tun), name resolving is done on client side, so server side DNS setting & domain ACL will not work in this case.

We have plan to introduce feature known as "sniffing" or "deep packet inspection" on server side to extract hostname from SNI in ClientHello and resolve it again. This will be able to fix the problem, but not available now.

If I enable the sniffing in the client side, will ACL work?