| * `clash`, the proxy client used, also supports other proxy protocols such as Shadowsocks in addition to SOCKS5 and HTTP(S), see [their documentation](https://dreamacro.github.io/clash/configuration/outbound.html#proxies) for more details
* `dnscrypt-proxy`, the DNS client used, is being used with a minimal configuration that has two preconfigured DNS servers: Quad9's and Mullvad's DoH servers. You can also configure sources for lists of DNS servers, but make sure to preserve the custom configuration in our `dnscrypt-proxy.toml` file (before `[static]`). See their [documentation](https://github.com/DNSCrypt/dnscrypt-proxy/wiki) and [example config file](https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml) for details | * `clash`, the proxy client used, also supports other proxy protocols such as Shadowsocks in addition to SOCKS5 and HTTP(S), see [their documentation](https://dreamacro.github.io/clash/configuration/outbound.html#proxies) for more details.
* `dnscrypt-proxy`, the DNS client used, is being used with a minimal configuration that has two preconfigured DNS servers: Quad9's and Mullvad's DoH servers. You can also configure sources for lists of DNS servers, but make sure to preserve the custom configuration in our `dnscrypt-proxy.toml` file (before `[static]`). See their [documentation](https://github.com/DNSCrypt/dnscrypt-proxy/wiki) and [example config file](https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml) for details.
* It should be leak-proof, since `qvm-firewall` is used to block all traffic of all kinds from `sys-proxy` to any non-proxy IPs. |