622 lines
16 KiB
YAML
622 lines
16 KiB
YAML
# Port of HTTP(S) proxy server on the local end
|
||
# port: 7890
|
||
|
||
# Port of SOCKS5 proxy server on the local end
|
||
# socks-port: 7891
|
||
|
||
# Transparent proxy server port for Linux and macOS (Redirect TCP and TProxy UDP)
|
||
# redir-port: 7892
|
||
|
||
# Transparent proxy server port for Linux (TProxy TCP and TProxy UDP)
|
||
# tproxy-port: 7893
|
||
|
||
# HTTP(S) and SOCKS5 server on the same port
|
||
mixed-port: 7890
|
||
|
||
# authentication of local SOCKS5/HTTP(S) server
|
||
# authentication:
|
||
# - "user1:pass1"
|
||
# - "user2:pass2"
|
||
|
||
# Set to true to allow connections to the local-end server from
|
||
# other LAN IP addresses
|
||
allow-lan: false
|
||
|
||
# This is only applicable when `allow-lan` is `true`
|
||
# '*': bind all IP addresses
|
||
# 192.168.122.11: bind a single IPv4 address
|
||
# "[aaaa::a8aa:ff:fe09:57d8]": bind a single IPv6 address
|
||
bind-address: '*'
|
||
|
||
# Clash router working mode
|
||
# rule: rule-based packet routing
|
||
# global: all packets will be forwarded to a single endpoint
|
||
# direct: directly forward the packets to the Internet
|
||
mode: rule
|
||
|
||
# Clash by default prints logs to STDOUT
|
||
# info / warning / error / debug / silent
|
||
log-level: info
|
||
|
||
# When set to false, resolver won't translate hostnames to IPv6 addresses
|
||
ipv6: false
|
||
|
||
# RESTful web API listening address
|
||
external-controller: 127.0.0.1:9090
|
||
|
||
# A relative path to the configuration directory or an absolute path to a
|
||
# directory in which you put some static web resource. Clash core will then
|
||
# serve it at `${API}/ui`.
|
||
# external-ui: folder
|
||
|
||
# Secret for the RESTful API (optional)
|
||
# Authenticate by spedifying HTTP header `Authorization: Bearer ${secret}`
|
||
# ALWAYS set a secret if RESTful API is listening on 0.0.0.0
|
||
# secret: ""
|
||
|
||
# Outbound interface name
|
||
# interface-name: en0
|
||
|
||
# Static hosts for DNS server and connection establishment (like /etc/hosts)
|
||
#
|
||
# Wildcard hostnames are supported (e.g. *.clash.dev, *.foo.*.example.com)
|
||
# Non-wildcard domain names have a higher priority than wildcard domain names
|
||
# e.g. foo.example.com > *.example.com > .example.com
|
||
# P.S. +.foo.com equals to .foo.com and foo.com
|
||
hosts:
|
||
# '*.clash.dev': 127.0.0.1
|
||
# '.dev': 127.0.0.1
|
||
# 'alpha.clash.dev': '::1'
|
||
|
||
# Firebase Cloud Messaging
|
||
'mtalk.google.com': 108.177.125.188
|
||
# Google Dl
|
||
'dl.google.com': 180.163.151.161
|
||
'dl.l.google.com': 180.163.151.161
|
||
|
||
# DNS server settings
|
||
# This section is optional. When not present, the DNS server will be disabled.
|
||
dns:
|
||
enable: false
|
||
listen: 0.0.0.0:53
|
||
# ipv6: false # when the false, response to AAAA questions will be empty
|
||
|
||
# These nameservers are used to resolve the DNS nameserver hostnames below.
|
||
# Specify IP addresses only
|
||
default-nameserver:
|
||
- 119.29.29.29
|
||
enhanced-mode: fake-ip # or redir-host
|
||
fake-ip-range: 198.18.0.1/16 # Fake IP addresses pool CIDR
|
||
# use-hosts: true # lookup hosts and return IP record
|
||
|
||
# Hostnames in this list will not be resolved with fake IPs
|
||
# i.e. questions to these domain names will always be answered with their
|
||
# real IP addresses
|
||
fake-ip-filter:
|
||
- '*.lan'
|
||
- localhost.ptlogin2.qq.com
|
||
- '+.srv.nintendo.net'
|
||
- '+.stun.playstation.net'
|
||
- '+.msftconnecttest.com'
|
||
- '+.msftncsi.com'
|
||
- '+.xboxlive.com'
|
||
- 'msftconnecttest.com'
|
||
- 'xbox.*.microsoft.com'
|
||
- '*.battlenet.com.cn'
|
||
- '*.battlenet.com'
|
||
- '*.blzstatic.cn'
|
||
- '*.battle.net'
|
||
# === Linksys Wireless Router ===
|
||
- '*.linksys.com'
|
||
- '*.linksyssmartwifi.com'
|
||
# === Apple Software Update Service ===
|
||
- 'swscan.apple.com'
|
||
- 'mesu.apple.com'
|
||
# === Windows 10 Connnect Detection ===
|
||
- '*.msftconnecttest.com'
|
||
- '*.msftncsi.com'
|
||
# === NTP Service ===
|
||
- 'time.*.com'
|
||
- 'time.*.gov'
|
||
- 'time.*.edu.cn'
|
||
- 'time.*.apple.com'
|
||
|
||
- 'time1.*.com'
|
||
- 'time2.*.com'
|
||
- 'time3.*.com'
|
||
- 'time4.*.com'
|
||
- 'time5.*.com'
|
||
- 'time6.*.com'
|
||
- 'time7.*.com'
|
||
|
||
- 'ntp.*.com'
|
||
- 'ntp.*.com'
|
||
- 'ntp1.*.com'
|
||
- 'ntp2.*.com'
|
||
- 'ntp3.*.com'
|
||
- 'ntp4.*.com'
|
||
- 'ntp5.*.com'
|
||
- 'ntp6.*.com'
|
||
- 'ntp7.*.com'
|
||
|
||
- '*.time.edu.cn'
|
||
- '*.ntp.org.cn'
|
||
- '+.pool.ntp.org'
|
||
|
||
- 'time1.cloud.tencent.com'
|
||
# === Music Service ===
|
||
## NetEase
|
||
- '+.music.163.com'
|
||
- '*.126.net'
|
||
## Baidu
|
||
- 'musicapi.taihe.com'
|
||
- 'music.taihe.com'
|
||
## Kugou
|
||
- 'songsearch.kugou.com'
|
||
- 'trackercdn.kugou.com'
|
||
## Kuwo
|
||
- '*.kuwo.cn'
|
||
## JOOX
|
||
- 'api-jooxtt.sanook.com'
|
||
- 'api.joox.com'
|
||
- 'joox.com'
|
||
## QQ
|
||
- '+.y.qq.com'
|
||
- '+.music.tc.qq.com'
|
||
- 'aqqmusic.tc.qq.com'
|
||
- '+.stream.qqmusic.qq.com'
|
||
## Xiami
|
||
- '*.xiami.com'
|
||
## Migu
|
||
- '+.music.migu.cn'
|
||
# === Game Service ===
|
||
## Nintendo Switch
|
||
- '+.srv.nintendo.net'
|
||
## Sony PlayStation
|
||
- '+.stun.playstation.net'
|
||
## Microsoft Xbox
|
||
- 'xbox.*.microsoft.com'
|
||
- '+.xboxlive.com'
|
||
# === Other ===
|
||
## QQ Quick Login
|
||
- 'localhost.ptlogin2.qq.com'
|
||
## Golang
|
||
- 'proxy.golang.org'
|
||
## STUN Server
|
||
- 'stun.*.*'
|
||
- 'stun.*.*.*'
|
||
|
||
# Supports UDP, TCP, DoT, DoH. You can specify the port to connect to.
|
||
# All DNS questions are sent directly to the nameserver, without proxies
|
||
# involved. Clash answers the DNS question with the first result gathered.
|
||
nameserver:
|
||
- 119.29.29.29
|
||
- 223.5.5.5
|
||
# - tls://dns.rubyfish.cn:853 # DNS over TLS
|
||
# - https://1.1.1.1/dns-query # DNS over HTTPS
|
||
|
||
# When `fallback` is present, the DNS server will send concurrent requests
|
||
# to the servers in this section along with servers in `nameservers`.
|
||
# The answers from fallback servers are used when the GEOIP country
|
||
# is not `CN`.
|
||
# fallback:
|
||
# - tcp://1.1.1.1
|
||
fallback:
|
||
- tls://one.one.one.one:853
|
||
- tls://dns.google:853
|
||
- https://dns.twnic.tw/dns-query
|
||
- https://dns.adguard.com/dns-query
|
||
- https://doh.dns.sb/dns-query
|
||
|
||
# If IP addresses resolved with servers in `nameservers` are in the specified
|
||
# subnets below, they are considered invalid and results from `fallback`
|
||
# servers are used instead.
|
||
#
|
||
# IP address resolved with servers in `nameserver` is used when
|
||
# `fallback-filter.geoip` is true and when GEOIP of the IP address is `CN`.
|
||
#
|
||
# If `fallback-filter.geoip` is false, results from `nameserver` nameservers
|
||
# are always used if not match `fallback-filter.ipcidr`.
|
||
#
|
||
# This is a countermeasure against DNS pollution attacks.
|
||
fallback-filter:
|
||
geoip: true
|
||
ipcidr:
|
||
# - 240.0.0.0/4
|
||
# domain:
|
||
# - '+.google.com'
|
||
# - '+.facebook.com'
|
||
# - '+.youtube.com'
|
||
|
||
#
|
||
# https://github.com/Dreamacro/clash/wiki/premium-core-features
|
||
#
|
||
# tun:
|
||
# enable: true
|
||
# stack: system # or gvisor
|
||
# # dns-hijack:
|
||
# # - 8.8.8.8:53
|
||
# # - tcp://8.8.8.8:53
|
||
# macOS-auto-route: true # auto set global route
|
||
# macOS-auto-detect-interface: true # conflict with interface-name
|
||
|
||
proxies:
|
||
# 支持的协议及加密算法示例请查阅 Clash 项目 README 以使用最新格式:https://github.com/Dreamacro/clash/wiki/configuration
|
||
|
||
|
||
# 服务器节点订阅
|
||
proxy-providers:
|
||
# name: # Provider 名称
|
||
# type: http # http 或 file
|
||
# path: # 文件路径
|
||
# url: # 只有当类型为 HTTP 时才可用,您不需要在本地空间中创建新文件。
|
||
# interval: # 自动更新间隔,仅在类型为 HTTP 时可用
|
||
# health-check: # 健康检查选项从此处开始
|
||
# enable:
|
||
# url:
|
||
# interval:
|
||
|
||
#
|
||
# 「url」参数填写订阅链接
|
||
#
|
||
# 订阅链接可以使用 API 进行转换,如:https://dove.589669.xyz/web
|
||
#
|
||
#
|
||
|
||
# 此处只是订阅示例,如果没有订阅链接的使用需求,此处及 proxy-groups 的相关内容可删除
|
||
|
||
## 订阅 URL 拼接说明
|
||
# 第一段: sub 转换地址 https://SUB-API-URL/sub?target=clash&url=
|
||
# 第二段: 订阅地址 urlencode https%3A%2F%2Ffast.losadhwselfff2332dasd.xyz%2Flink%xxxxxxxxxx%3Fsub%3D1
|
||
# 第三段: 过滤文字提取信息 &exclude=(%E6%B5%81%E9%87%8F%7C%E5%AE%98%E7%BD%91%7C%E6%9C%AC%E7%AB%99%7C%E5%8A%A0%E5%85%A5%7C%E8%BF%87%E6%9C%9F)&emoji=true&list=true&udp=false&tfo=false&scv=false&fdn=false&sort=false
|
||
|
||
Amy:
|
||
type: http
|
||
url: ""
|
||
interval: 3600
|
||
path: ./Proxy/Amy.yaml # 注意此处文件名不可相同
|
||
health-check:
|
||
enable: true
|
||
interval: 600
|
||
url: http://www.gstatic.com/generate_204
|
||
|
||
CNIX:
|
||
type: http
|
||
url: ""
|
||
interval: 3600
|
||
path: ./Proxy/CNIX.yaml # 注意此处文件名不可相同
|
||
health-check:
|
||
enable: true
|
||
interval: 600
|
||
url: http://www.gstatic.com/generate_204
|
||
|
||
GuGuEX:
|
||
type: http
|
||
url: ""
|
||
interval: 3600
|
||
path: ./Proxy/GuGuEX.yaml # 注意此处文件名不可相同
|
||
health-check:
|
||
enable: true
|
||
interval: 600
|
||
url: http://www.gstatic.com/generate_204
|
||
|
||
Dler:
|
||
type: http
|
||
url: ""
|
||
interval: 3600
|
||
path: ./Proxy/Dler.yaml # 注意此处文件名不可相同
|
||
health-check:
|
||
enable: true
|
||
interval: 600
|
||
url: http://www.gstatic.com/generate_204
|
||
|
||
proxy-groups:
|
||
# 策略组示例请查阅 Clash 项目 README 以使用最新格式:https://github.com/Dreamacro/clash/wiki/configuration
|
||
|
||
#
|
||
# 策略组说明
|
||
#
|
||
# 「MATCH」类似 Surge 的「Final」,此处用于选择白名单模式(PROXY 策略)和黑名单模式(DIRECT 策略)
|
||
#
|
||
# 「Streaming」和「StreamingSE」比较好理解,有专用于流媒体的节点就设置到其中,如果没有「StreamingSE」的需求可以连带 Rule 部分一起删掉,「Streaming」需至少保留 Rule,用「PROXY」即可。
|
||
#
|
||
# 「PROXY」是代理规则策略,它可以指定为某个节点或嵌套一个其他策略组,如:「自动测试」、「Fallback」或「负载均衡」的策略组,关于这 3 个策略组的具体示例可以看官方示例:https://github.com/Dreamacro/clash
|
||
#
|
||
|
||
# 注意此处的「use」而不是「proxies」,当然也可以不用在此先嵌套一个策略组进行选择,可以直接使用,如
|
||
#
|
||
# # 代理节点选择
|
||
# - name: "PROXY"
|
||
# type: select
|
||
# use:
|
||
# - DuckDuckGo # 嵌套使用订阅节点策略组
|
||
# proxies:
|
||
# - Fallback
|
||
# - 1
|
||
# - 2
|
||
# - 3
|
||
#
|
||
# 但如果订阅节点很多选起来就很麻烦,不如先嵌套一个策略组进行手动或自动的选择。
|
||
|
||
# 代理节点选择
|
||
- name: "PROXY"
|
||
type: select # 亦可使用 fallback 或 load-balance
|
||
use:
|
||
- CNIX
|
||
- GuGuEX
|
||
- Dler
|
||
|
||
# YouTube 服务
|
||
- name: "YouTube"
|
||
type: select
|
||
use:
|
||
- Amy
|
||
- CNIX
|
||
- Dler
|
||
proxies:
|
||
- PROXY
|
||
|
||
# Netflix 服务
|
||
- name: "Netflix"
|
||
type: select
|
||
use:
|
||
- Amy
|
||
- CNIX
|
||
- Dler
|
||
proxies:
|
||
- PROXY
|
||
|
||
# DisneyPlus 服务
|
||
- name: "DisneyPlus"
|
||
type: select
|
||
use:
|
||
- Amy
|
||
- CNIX
|
||
- Dler
|
||
proxies:
|
||
- PROXY
|
||
|
||
# AppleTV 服务
|
||
- name: "AppleTV"
|
||
type: select
|
||
use:
|
||
- Amy
|
||
- CNIX
|
||
- Dler
|
||
proxies:
|
||
- DIRECT
|
||
- PROXY
|
||
|
||
# Apple 服务
|
||
- name: "Apple"
|
||
type: select
|
||
use:
|
||
- Amy
|
||
- CNIX
|
||
- Dler
|
||
proxies:
|
||
- DIRECT
|
||
- PROXY
|
||
|
||
# Microsoft服务
|
||
- name: "Microsoft"
|
||
type: select
|
||
use:
|
||
- Amy
|
||
- CNIX
|
||
- Dler
|
||
proxies:
|
||
- DIRECT
|
||
- PROXY
|
||
|
||
# PayPal 服务
|
||
- name: "PayPal"
|
||
type: select
|
||
use:
|
||
- Amy
|
||
- CNIX
|
||
- Dler
|
||
proxies:
|
||
- DIRECT
|
||
- PROXY
|
||
|
||
# 广告拦截
|
||
- name: "AdBlock"
|
||
type: select
|
||
use:
|
||
- Amy
|
||
- CNIX
|
||
- Dler
|
||
proxies:
|
||
- DIRECT
|
||
- PROXY
|
||
- REJECT
|
||
|
||
# 最终策略
|
||
- name: "漏网之鱼"
|
||
type: select
|
||
proxies:
|
||
- DIRECT
|
||
- PROXY
|
||
|
||
# 关于 Rule Provider 请查阅:https://lancellc.gitbook.io/clash/clash-config-file/rule-provider
|
||
|
||
rule-providers:
|
||
# name: # Provider 名称
|
||
# type: http # http 或 file
|
||
# behavior: classical # 或 ipcidr、domain
|
||
# path: # 文件路径
|
||
# url: # 只有当类型为 HTTP 时才可用,您不需要在本地空间中创建新文件。
|
||
# interval: # 自动更新间隔,仅在类型为 HTTP 时可用
|
||
|
||
Unbreak:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/Unbreak.yaml
|
||
url: https://git.jasuit.com/jh163888/Profiles/raw/branch/master/Clash/RuleSet/Unbreak.yaml
|
||
interval: 86400
|
||
|
||
AdBlock:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/AdBlock.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Advertising/Advertising_Classical.yaml
|
||
interval: 86400
|
||
|
||
YouTube:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/YouTube.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/YouTube/YouTube.yaml
|
||
interval: 86400
|
||
|
||
Netflix:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/Netflix.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Netflix/Netflix.yaml
|
||
interval: 86400
|
||
|
||
DisneyPlus:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/DisneyPlus.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Disney/Disney.yaml
|
||
interval: 86400
|
||
|
||
AppleTV:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/AppleTV.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/AppleTV/AppleTV.yaml
|
||
interval: 86400
|
||
|
||
Apple:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/Apple.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Apple/Apple.yaml
|
||
interval: 86400
|
||
|
||
Microsoft:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/Microsoft.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Microsoft/Microsoft.yaml
|
||
interval: 86400
|
||
|
||
PayPal:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/PayPal.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/PayPal/PayPal.yaml
|
||
interval: 86400
|
||
|
||
SpeedTest:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/SpeedTest.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Speedtest/Speedtest.yaml
|
||
interval: 86400
|
||
|
||
Steam:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/Steam.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Steam/Steam.yaml
|
||
interval: 86400
|
||
|
||
PrivateTracker:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/PrivateTracker.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/PrivateTracker/PrivateTracker.yaml
|
||
interval: 86400
|
||
|
||
Global:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/Global.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/Global/Global_Classical.yaml
|
||
interval: 86400
|
||
|
||
China:
|
||
type: http
|
||
behavior: classical
|
||
path: ./RuleSet/China.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/China/China.yaml
|
||
interval: 86400
|
||
|
||
ChinaIP:
|
||
type: http
|
||
behavior: ipcidr
|
||
path: ./RuleSet/Extra/ChinaIP.yaml
|
||
url: https://git.jasuit.com/jh163888/ios_rule_script/raw/branch/master/rule/Clash/ChinaIPs/ChinaIPs_IP.yaml
|
||
interval: 86400
|
||
|
||
# 规则
|
||
rules:
|
||
# Unbreak 避免被去广告误伤
|
||
- RULE-SET,Unbreak,DIRECT
|
||
|
||
# AdBlock 去广告
|
||
- RULE-SET,AdBlock,AdBlock
|
||
|
||
# YouTube 苹果服务
|
||
- RULE-SET,YouTube,YouTube
|
||
|
||
# Netflix 奈飞服务
|
||
- RULE-SET,Netflix,Netflix
|
||
|
||
# DisneyPlus 迪士尼+
|
||
- RULE-SET,DisneyPlus,DisneyPlus
|
||
|
||
# AppleTV 苹果服务
|
||
- RULE-SET,AppleTV,AppleTV
|
||
|
||
# Apple 苹果服务
|
||
- RULE-SET,Apple,Apple
|
||
|
||
# Microsoft 微软服务
|
||
- RULE-SET,Microsoft,Microsoft
|
||
|
||
# PayPal 贝宝服务
|
||
- RULE-SET,PayPal,PayPal
|
||
|
||
# Speedtest 测速服务
|
||
- RULE-SET,SpeedTest,DIRECT
|
||
|
||
# Steam 游戏服务
|
||
- RULE-SET,Steam,DIRECT
|
||
|
||
# PT 下载
|
||
- RULE-SET,PrivateTracker,DIRECT
|
||
|
||
# 全球代理
|
||
- RULE-SET,Global,PROXY
|
||
|
||
# China Area Network
|
||
- RULE-SET,China,DIRECT
|
||
|
||
# Local Area Network
|
||
- IP-CIDR,192.168.0.0/16,DIRECT
|
||
- IP-CIDR,10.0.0.0/8,DIRECT
|
||
- IP-CIDR,172.16.0.0/12,DIRECT
|
||
- IP-CIDR,127.0.0.0/8,DIRECT
|
||
- IP-CIDR,100.64.0.0/10,DIRECT
|
||
- IP-CIDR,224.0.0.0/4,DIRECT
|
||
- IP-CIDR,fe80::/10,DIRECT
|
||
|
||
# China IP Network
|
||
- RULE-SET,ChinaIP,DIRECT
|
||
|
||
# (可选)使用来自 ipipdotnet 的 ChinaIP 以解决数据不准确的问题,使用 ChinaIP.yaml 时可禁用下列直至(包括)「GEOIP,CN」规则
|
||
# - RULE-SET,ChinaIP,DIRECT
|
||
# Tencent
|
||
#- IP-CIDR,119.28.28.28/32,DIRECT
|
||
#- IP-CIDR,182.254.116.0/24,DIRECT
|
||
# GeoIP China
|
||
#- GEOIP,CN,DIRECT
|
||
|
||
# - MATCH,PROXY
|
||
- MATCH,漏网之鱼 |