all: refactoring DoT and DoH to use listen address instead portHEAD main dev

Using port makes the IP address of DoT and DoH listen on the same address with UDP. If we set ListenAddress to 0.0.0.0 and TLS termination is handled by proxy, this cause DoT and DoH will also listen on all addresses. This behaviour makes the server open DoT and DoH ports to the public, where it should be on local address only.
author: Shulhan <ms@kilabit.info> 2026-03-26 05:57:47 +0700
committer: Shulhan <ms@kilabit.info> 2026-03-26 05:59:26 +0700
commit: 06e602df04fe8f8c96505993b7f5c48527f83d63 (patch)
tree: f1624476efbcfde12d8d7266721f23b402eb8e74 /_www/doc/rescached.cfg.adoc
parent: ce1c579b5db1a51a8e7e1f36c09a4cddb378ebc8 (diff)
download: rescached-dev.tar.xz
1 files changed, 10 insertions, 10 deletions
diff --git a/_www/doc/rescached.cfg.adoc b/_www/doc/rescached.cfg.adoc
index ef32b18..33d4567 100644
--- a/_www/doc/rescached.cfg.adoc
+++ b/_www/doc/rescached.cfg.adoc
@@ -156,19 +156,19 @@ query from client.
 If you want rescached to serve a query from another host in your local
 network, change this value to `0.0.0.0:53`.
 
-[#http-port]
-==== http.port
+[#doh.listen]
+==== doh.listen
 
-Format:: Number
-Default:: 443
-Description:: Port to serve DNS over HTTP.
+Format:: String
+Default:: (empty)
+Description:: Address to serve DNS over HTTP.
 
-[#tls-port]
-==== tls.port
+[#dot.listen]
+==== dot.listen
 
-Format:: Number
-Default:: 853
-Description:: Port to serve DNS over TLS.
+Format:: String
+Default:: (empty)
+Description:: Address to serve DNS over TLS.
 
 [#tls-certificate]
 ==== tls.certificate
author	Shulhan <ms@kilabit.info>	2026-03-26 05:57:47 +0700
committer	Shulhan <ms@kilabit.info>	2026-03-26 05:59:26 +0700
commit	06e602df04fe8f8c96505993b7f5c48527f83d63 (patch)
tree	f1624476efbcfde12d8d7266721f23b402eb8e74 /_www/doc/rescached.cfg.adoc
parent	ce1c579b5db1a51a8e7e1f36c09a4cddb378ebc8 (diff)
download	rescached-dev.tar.xz