diff --git a/ClashSample.yaml b/ClashSample.yaml new file mode 100644 index 0000000..52ba2a3 --- /dev/null +++ b/ClashSample.yaml @@ -0,0 +1,604 @@ +# Port of HTTP(S) proxy server on the local end +# port: 7890 + +# Port of SOCKS5 proxy server on the local end +# socks-port: 7891 + +# Transparent proxy server port for Linux and macOS (Redirect TCP and TProxy UDP) +# redir-port: 7892 + +# Transparent proxy server port for Linux (TProxy TCP and TProxy UDP) +# tproxy-port: 7893 + +# HTTP(S) and SOCKS5 server on the same port +mixed-port: 7890 + +# authentication of local SOCKS5/HTTP(S) server +# authentication: +# - "user1:pass1" +# - "user2:pass2" + +# Set to true to allow connections to the local-end server from +# other LAN IP addresses +allow-lan: false + +# This is only applicable when `allow-lan` is `true` +# '*': bind all IP addresses +# 192.168.122.11: bind a single IPv4 address +# "[aaaa::a8aa:ff:fe09:57d8]": bind a single IPv6 address +bind-address: '*' + +# Clash router working mode +# rule: rule-based packet routing +# global: all packets will be forwarded to a single endpoint +# direct: directly forward the packets to the Internet +mode: rule + +# Clash by default prints logs to STDOUT +# info / warning / error / debug / silent +log-level: info + +# When set to false, resolver won't translate hostnames to IPv6 addresses +ipv6: false + +# RESTful web API listening address +external-controller: 127.0.0.1:9090 + +# A relative path to the configuration directory or an absolute path to a +# directory in which you put some static web resource. Clash core will then +# serve it at `${API}/ui`. +# external-ui: folder + +# Secret for the RESTful API (optional) +# Authenticate by spedifying HTTP header `Authorization: Bearer ${secret}` +# ALWAYS set a secret if RESTful API is listening on 0.0.0.0 +# secret: "" + +# Outbound interface name +# interface-name: en0 + +# Static hosts for DNS server and connection establishment (like /etc/hosts) +# +# Wildcard hostnames are supported (e.g. *.clash.dev, *.foo.*.example.com) +# Non-wildcard domain names have a higher priority than wildcard domain names +# e.g. foo.example.com > *.example.com > .example.com +# P.S. +.foo.com equals to .foo.com and foo.com +hosts: + # '*.clash.dev': 127.0.0.1 + # '.dev': 127.0.0.1 + # 'alpha.clash.dev': '::1' + + # Firebase Cloud Messaging + 'mtalk.google.com': 108.177.125.188 + # Google Dl + 'dl.google.com': 180.163.151.161 + 'dl.l.google.com': 180.163.151.161 + +# DNS server settings +# This section is optional. When not present, the DNS server will be disabled. +dns: + enable: false + listen: 0.0.0.0:53 + # ipv6: false # when the false, response to AAAA questions will be empty + + # These nameservers are used to resolve the DNS nameserver hostnames below. + # Specify IP addresses only + default-nameserver: + - 119.29.29.29 + enhanced-mode: fake-ip # or redir-host + fake-ip-range: 198.18.0.1/16 # Fake IP addresses pool CIDR + # use-hosts: true # lookup hosts and return IP record + + # Hostnames in this list will not be resolved with fake IPs + # i.e. questions to these domain names will always be answered with their + # real IP addresses + fake-ip-filter: + - '*.lan' + - localhost.ptlogin2.qq.com + - '+.srv.nintendo.net' + - '+.stun.playstation.net' + - '+.msftconnecttest.com' + - '+.msftncsi.com' + - '+.xboxlive.com' + - 'msftconnecttest.com' + - 'xbox.*.microsoft.com' + - '*.battlenet.com.cn' + - '*.battlenet.com' + - '*.blzstatic.cn' + - '*.battle.net' + # === Linksys Wireless Router === + - '*.linksys.com' + - '*.linksyssmartwifi.com' + # === Apple Software Update Service === + - 'swscan.apple.com' + - 'mesu.apple.com' + # === Windows 10 Connnect Detection === + - '*.msftconnecttest.com' + - '*.msftncsi.com' + # === NTP Service === + - 'time.*.com' + - 'time.*.gov' + - 'time.*.edu.cn' + - 'time.*.apple.com' + + - 'time1.*.com' + - 'time2.*.com' + - 'time3.*.com' + - 'time4.*.com' + - 'time5.*.com' + - 'time6.*.com' + - 'time7.*.com' + + - 'ntp.*.com' + - 'ntp.*.com' + - 'ntp1.*.com' + - 'ntp2.*.com' + - 'ntp3.*.com' + - 'ntp4.*.com' + - 'ntp5.*.com' + - 'ntp6.*.com' + - 'ntp7.*.com' + + - '*.time.edu.cn' + - '*.ntp.org.cn' + - '+.pool.ntp.org' + + - 'time1.cloud.tencent.com' + # === Music Service === + ## NetEase + - '+.music.163.com' + - '*.126.net' + ## Baidu + - 'musicapi.taihe.com' + - 'music.taihe.com' + ## Kugou + - 'songsearch.kugou.com' + - 'trackercdn.kugou.com' + ## Kuwo + - '*.kuwo.cn' + ## JOOX + - 'api-jooxtt.sanook.com' + - 'api.joox.com' + - 'joox.com' + ## QQ + - '+.y.qq.com' + - '+.music.tc.qq.com' + - 'aqqmusic.tc.qq.com' + - '+.stream.qqmusic.qq.com' + ## Xiami + - '*.xiami.com' + ## Migu + - '+.music.migu.cn' + # === Game Service === + ## Nintendo Switch + - '+.srv.nintendo.net' + ## Sony PlayStation + - '+.stun.playstation.net' + ## Microsoft Xbox + - 'xbox.*.microsoft.com' + - '+.xboxlive.com' + # === Other === + ## QQ Quick Login + - 'localhost.ptlogin2.qq.com' + ## Golang + - 'proxy.golang.org' + ## STUN Server + - 'stun.*.*' + - 'stun.*.*.*' + + # Supports UDP, TCP, DoT, DoH. You can specify the port to connect to. + # All DNS questions are sent directly to the nameserver, without proxies + # involved. Clash answers the DNS question with the first result gathered. + nameserver: + - 119.29.29.29 + - 223.5.5.5 + # - tls://dns.rubyfish.cn:853 # DNS over TLS + # - https://1.1.1.1/dns-query # DNS over HTTPS + + # When `fallback` is present, the DNS server will send concurrent requests + # to the servers in this section along with servers in `nameservers`. + # The answers from fallback servers are used when the GEOIP country + # is not `CN`. + # fallback: + # - tcp://1.1.1.1 + fallback: + - tls://one.one.one.one:853 + - tls://dns.google:853 + - https://dns.twnic.tw/dns-query + - https://dns.adguard.com/dns-query + - https://doh.dns.sb/dns-query + + # If IP addresses resolved with servers in `nameservers` are in the specified + # subnets below, they are considered invalid and results from `fallback` + # servers are used instead. + # + # IP address resolved with servers in `nameserver` is used when + # `fallback-filter.geoip` is true and when GEOIP of the IP address is `CN`. + # + # If `fallback-filter.geoip` is false, results from `nameserver` nameservers + # are always used if not match `fallback-filter.ipcidr`. + # + # This is a countermeasure against DNS pollution attacks. + fallback-filter: + geoip: true + ipcidr: + # - 240.0.0.0/4 + # domain: + # - '+.google.com' + # - '+.facebook.com' + # - '+.youtube.com' + +# +# https://github.com/Dreamacro/clash/wiki/premium-core-features +# +# tun: +# enable: true +# stack: system # or gvisor +# # dns-hijack: +# # - 8.8.8.8:53 +# # - tcp://8.8.8.8:53 +# macOS-auto-route: true # auto set global route +# macOS-auto-detect-interface: true # conflict with interface-name + +proxies: +# 支持的协议及加密算法示例请查阅 Clash 项目 README 以使用最新格式:https://github.com/Dreamacro/clash/wiki/configuration + + +# 服务器节点订阅 +proxy-providers: + # name: # Provider 名称 + # type: http # http 或 file + # path: # 文件路径 + # url: # 只有当类型为 HTTP 时才可用,您不需要在本地空间中创建新文件。 + # interval: # 自动更新间隔,仅在类型为 HTTP 时可用 + # health-check: # 健康检查选项从此处开始 + # enable: + # url: + # interval: + + # + # 「url」参数填写订阅链接 + # + # 订阅链接可以使用 API 进行转换,如:https://dove.589669.xyz/web + # + # + + # 此处只是订阅示例,如果没有订阅链接的使用需求,此处及 proxy-groups 的相关内容可删除 + +## 订阅 URL 拼接说明 +# 第一段: sub 转换地址 https://SUB-API-URL/sub?target=clash&url= +# 第二段: 订阅地址 urlencode https%3A%2F%2Ffast.losadhwselfff2332dasd.xyz%2Flink%xxxxxxxxxx%3Fsub%3D1 +# 第三段: 过滤文字提取信息 &exclude=(%E6%B5%81%E9%87%8F%7C%E5%AE%98%E7%BD%91%7C%E6%9C%AC%E7%AB%99%7C%E5%8A%A0%E5%85%A5%7C%E8%BF%87%E6%9C%9F)&emoji=true&list=true&udp=false&tfo=false&scv=false&fdn=false&sort=false + + Amy: + type: http + url: "" + interval: 3600 + path: ./Proxy/Amy.yaml # 注意此处文件名不可相同 + health-check: + enable: true + interval: 600 + url: http://www.gstatic.com/generate_204 + + CNIX: + type: http + url: "" + interval: 3600 + path: ./Proxy/CNIX.yaml # 注意此处文件名不可相同 + health-check: + enable: true + interval: 600 + url: http://www.gstatic.com/generate_204 + + Dler: + type: http + url: "" + interval: 3600 + path: ./Proxy/Dler.yaml # 注意此处文件名不可相同 + health-check: + enable: true + interval: 600 + url: http://www.gstatic.com/generate_204 + +proxy-groups: +# 策略组示例请查阅 Clash 项目 README 以使用最新格式:https://github.com/Dreamacro/clash/wiki/configuration + +# +# 策略组说明 +# +# 「MATCH」类似 Surge 的「Final」,此处用于选择白名单模式(PROXY 策略)和黑名单模式(DIRECT 策略) +# +# 「Streaming」和「StreamingSE」比较好理解,有专用于流媒体的节点就设置到其中,如果没有「StreamingSE」的需求可以连带 Rule 部分一起删掉,「Streaming」需至少保留 Rule,用「PROXY」即可。 +# +# 「PROXY」是代理规则策略,它可以指定为某个节点或嵌套一个其他策略组,如:「自动测试」、「Fallback」或「负载均衡」的策略组,关于这 3 个策略组的具体示例可以看官方示例:https://github.com/Dreamacro/clash +# + + # 注意此处的「use」而不是「proxies」,当然也可以不用在此先嵌套一个策略组进行选择,可以直接使用,如 + # + # # 代理节点选择 + # - name: "PROXY" + # type: select + # use: + # - DuckDuckGo # 嵌套使用订阅节点策略组 + # proxies: + # - Fallback + # - 1 + # - 2 + # - 3 + # + # 但如果订阅节点很多选起来就很麻烦,不如先嵌套一个策略组进行手动或自动的选择。 + + # 代理节点选择 + - name: "PROXY" + type: select # 亦可使用 fallback 或 load-balance + use: + - Amy + - CNIX + - Dler + + # YouTube 服务 + - name: "YouTube" + type: select + use: + - Amy + - CNIX + - Dler + proxies: + - PROXY + + # Netflix 服务 + - name: "Netflix" + type: select + use: + - Amy + - CNIX + - Dler + proxies: + - PROXY + + # DisneyPlus 服务 + - name: "DisneyPlus" + type: select + use: + - Amy + - CNIX + - Dler + proxies: + - PROXY + + # AppleTV 服务 + - name: "AppleTV" + type: select + use: + - Amy + - CNIX + - Dler + proxies: + - DIRECT + - PROXY + + # Apple 服务 + - name: "Apple" + type: select + use: + - Amy + - CNIX + - Dler + proxies: + - DIRECT + - PROXY + + # Microsoft服务 + - name: "Microsoft" + type: select + use: + - Amy + - CNIX + - Dler + proxies: + - DIRECT + - PROXY + + # PayPal 服务 + - name: "PayPal" + type: select + use: + - Amy + - CNIX + - Dler + proxies: + - DIRECT + - PROXY + + # 广告拦截 + - name: "AdBlock" + type: select + use: + - Amy + - CNIX + - Dler + proxies: + - DIRECT + - PROXY + - REJECT + +# 关于 Rule Provider 请查阅:https://lancellc.gitbook.io/clash/clash-config-file/rule-provider + +rule-providers: +# name: # Provider 名称 +# type: http # http 或 file +# behavior: classical # 或 ipcidr、domain +# path: # 文件路径 +# url: # 只有当类型为 HTTP 时才可用,您不需要在本地空间中创建新文件。 +# interval: # 自动更新间隔,仅在类型为 HTTP 时可用 + + Unbreak: + type: http + behavior: classical + path: ./RuleSet/Unbreak.yaml + url: https://git.jasuit.com/jh163888/Profiles/raw/branch/master/Clash/RuleSet/Unbreak.yaml + interval: 86400 + + AdBlock: + type: http + behavior: classical + path: ./RuleSet/AdBlock.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Advertising/Advertising_Classical.yaml + interval: 86400 + + YouTube: + type: http + behavior: classical + path: ./RuleSet/YouTube.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/YouTube/YouTube.yaml + interval: 86400 + + Netflix: + type: http + behavior: classical + path: ./RuleSet/Netflix.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Netflix/Netflix.yaml + interval: 86400 + + DisneyPlus: + type: http + behavior: classical + path: ./RuleSet/DisneyPlus.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Disney/Disney.yaml + interval: 86400 + + AppleTV: + type: http + behavior: classical + path: ./RuleSet/AppleTV.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/AppleTV/AppleTV.yaml + interval: 86400 + + Apple: + type: http + behavior: classical + path: ./RuleSet/Apple.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Apple/Apple.yaml + interval: 86400 + + Microsoft: + type: http + behavior: classical + path: ./RuleSet/Microsoft.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Microsoft/Microsoft.yaml + interval: 86400 + + PayPal: + type: http + behavior: classical + path: ./RuleSet/PayPal.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/PayPal/PayPal.yaml + interval: 86400 + + SpeedTest: + type: http + behavior: classical + path: ./RuleSet/SpeedTest.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Speedtest/Speedtest.yaml + interval: 86400 + + Steam: + type: http + behavior: classical + path: ./RuleSet/Steam.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Steam/Steam.yaml + interval: 86400 + + PrivateTracker: + type: http + behavior: classical + path: ./RuleSet/PrivateTracker.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/PrivateTracker/PrivateTracker.yaml + interval: 86400 + + Global: + type: http + behavior: classical + path: ./RuleSet/Global.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Global/Global_Classical.yaml + interval: 86400 + + China: + type: http + behavior: classical + path: ./RuleSet/China.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/China/China.yaml + interval: 86400 + + ChinaIP: + type: http + behavior: ipcidr + path: ./RuleSet/Extra/ChinaIP.yaml + url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/ChinaIPs/ChinaIPs_IP.yaml + interval: 86400 + +# 规则 +rules: + # Unbreak 避免被去广告误伤 + - RULE-SET,Unbreak,DIRECT + + # AdBlock 去广告 + - RULE-SET,AdBlock,AdBlock + + # YouTube 苹果服务 + - RULE-SET,YouTube,YouTube + + # Netflix 奈飞服务 + - RULE-SET,Netflix,Netflix + + # DisneyPlus 迪士尼+ + - RULE-SET,DisneyPlus,DisneyPlus + + # AppleTV 苹果服务 + - RULE-SET,AppleTV,AppleTV + + # Apple 苹果服务 + - RULE-SET,Apple,Apple + + # Microsoft 微软服务 + - RULE-SET,Microsoft,Microsoft + + # PayPal 贝宝服务 + - RULE-SET,PayPal,PayPal + + # Speedtest 测速服务 + - RULE-SET,SpeedTest,DIRECT + + # Steam 游戏服务 + - RULE-SET,Steam,DIRECT + + # PT 下载 + - RULE-SET,PrivateTracker,DIRECT + + # 全球代理 + - RULE-SET,Global,PROXY + + # China Area Network + - RULE-SET,China,DIRECT + + # Local Area Network + - IP-CIDR,192.168.0.0/16,DIRECT + - IP-CIDR,10.0.0.0/8,DIRECT + - IP-CIDR,172.16.0.0/12,DIRECT + - IP-CIDR,127.0.0.0/8,DIRECT + - IP-CIDR,100.64.0.0/10,DIRECT + - IP-CIDR,224.0.0.0/4,DIRECT + - IP-CIDR,fe80::/10,DIRECT + + # China IP Network + - RULE-SET,ChinaIP,DIRECT + + # (可选)使用来自 ipipdotnet 的 ChinaIP 以解决数据不准确的问题,使用 ChinaIP.yaml 时可禁用下列直至(包括)「GEOIP,CN」规则 + # - RULE-SET,ChinaIP,DIRECT + # Tencent + #- IP-CIDR,119.28.28.28/32,DIRECT + #- IP-CIDR,182.254.116.0/24,DIRECT + # GeoIP China + #- GEOIP,CN,DIRECT + + - MATCH,PROXY \ No newline at end of file