Sniffing
Recognize destination names and application protocols.
Updated
Sniffing can recognize target names from DNS queries and supported traffic types. The Enabled switch controls whether Tunna uses sniffing, but the page still lets you prepare destination override, matching, routing-only, and exclusion settings while it is off.
Controls on the Sniffing screen
General Options
These controls turn sniffing on and open the exclusion child page.
Enabled
Turns sniffing on or off. Turning it off does not erase the other choices on this page.
Domains Excluded
Opens the child page and shows the current count. Matching entries preserve the original target address.
Destination Override
These controls decide which sniffed clues may replace the connection destination.
FakeDNS
Uses DNS-query clues to obtain target domain names.
Type
HTTP, TLS, and QUIC are independent multi-select buttons. They are unavailable when Metadata Only is enabled.
Matching Options
These controls reduce how deeply Tunna looks and how it uses sniffed names.
Metadata Only
Uses only connection metadata. FakeDNS remains useful; HTTP, TLS, and QUIC override buttons are disabled.
Routing Only
Uses sniffed domains for route matching, then connects by IP. It requires at least one destination override; with Metadata Only, it also requires FakeDNS.
Domains Excluded is a child page
Choose Base or RegEx, enter one domain or several domains separated by commas or new lines, then tap plus or press Return. New entries are added to the top. Delete entries from the editable list when they should no longer preserve the original target address.
Practical sniffing uses
Help protocol rules match
Enable sniffing when routing rules need HTTP, TLS, QUIC, or BitTorrent protocol clues.
Good fit A rule should match application behavior instead of only address, port, or domain text.
Not ideal Simple domain and IP routing is already enough.
Use routing-only matching
Routing Only lets sniffed domains choose a rule while the connection still uses the original IP path.
Good fit You want domain-aware route selection without replacing the final connection target.
Not ideal Destination Override is empty, or Metadata Only is on without FakeDNS.
Preserve sensitive targets
Add Domains Excluded entries when a site should keep its original destination even if sniffing is enabled.
Good fit A service breaks when its destination is replaced.
Not ideal You are trying to make a rule match that domain through sniffed names.
Sniffing saves when you leave
The Enabled switch, override buttons, matching options, and Domains Excluded list are kept when you leave the Sniffing screen. Disabled HTTP, TLS, and QUIC buttons mean Metadata Only is currently limiting override choices to FakeDNS.