Rule Conditions
Choose Tunna rule conditions for domains, IPs, ports, TCP or UDP, HTTP or TLS sniffing, GeoSite assets, and GeoIP assets.
Use this page when a rule is not matching or when you need to decide which condition type should describe the traffic.
Rule conditions in plain language
Use these cards as a map of the visible labels in this view. Each card names one field, control, or status item and explains what it is for before you change it or rely on it.
Visible choices
These are controls, states, or measurements in the view. Read them as reference, not as feature claims.
Asset
Use provider-maintained GeoSite or GeoIP records instead of typing every destination. Tap a found chip to attach it. Tap an attached chip once to mark it excluded from this rule, and tap it again to include it again. GeoSite and GeoIP colors match the footer legend.
Domain
Match a site family, exact hostname, keyword, or pattern. Prefer Base or Full for ordinary website rules because they are easier to reason about and more useful for On-Demand.
IP and Port
Match network ranges or destination ports when a domain is not enough. The Port field currently accepts single integer ports.
Network protocol
Toggle TCP or UDP when the transport layer matters. This does not require Sniffing.
Application protocol
Toggle HTTP, TLS, or BT after Sniffing can identify the traffic. BT matching is only a clue; encrypted or disguised traffic may not be recognized. QUIC can be detected by Sniffing, but it is not a separate rule protocol choice.
Advanced webhook
Use URL for the webhook target, Deduplication to avoid repeated notifications for the same match, and Headers when the receiving service requires named header values.
Asset search starts from installed records
In the Asset tab, an empty search shows only records already attached to the rule. Type to search installed GeoSite and GeoIP records. Tunna searches case-insensitively, shows up to 20 new matches, prefers prefix matches, and adds the first found match when you press Return. While any asset is fetching or processing, the tab shows progress rows instead of search. Found and excluded chips use a pale background with a colored outline; included chips use the solid GeoSite or GeoIP color.
No assets yet? Add them from Rule Edit
If the Asset tab opens before any assets exist, Tunna shows compact asset setup instead of the search field. Use Add Predefined there to create the built-in GeoSite and GeoIP sources and start fetching them. Search returns after processing finishes.
Domain match types
| Type | Best for | Risk |
|---|---|---|
| Base | A domain and its subdomains. | Broad domains can catch more than expected. |
| Full | One exact hostname. | Related subdomains will not match. |
| Plain | A simple keyword inside the domain. | Short words can match unrelated sites. |
| RegEx | A pattern that the other types cannot express. | Powerful patterns are easy to make too broad. |
Application protocol rules need Sniffing
HTTP, TLS, and BT matching depends on Tunna recognizing the traffic. If those rules do not match, open the Sniffing page from Settings and confirm the recognition choices.