diff --git a/Clash/China.yaml b/Clash/China.yaml new file mode 100644 index 0000000..12120a7 --- /dev/null +++ b/Clash/China.yaml @@ -0,0 +1,249 @@ +# 本地端 HTTP(S)代理服务器端口 +port: 7890 + +# 本地端 SOCKS5 代理服务器端口 +socks-port: 7891 + +# Linux 和 macOS 的透明代理服务器端口 +redir-port: 7892 + +# HTTP(S) 和 SOCKS5 代理服务器共用端口 +# mixed-port: 7890 + +# 本地 SOCKS5/HTTP(S) 服务器验证 +# authentication: +# - "user1:pass1" +# - "user2:pass2" + +# 设置为 true 以允许从其他 LAN IP 地址连接到本地端服务器 +allow-lan: false + +# 仅适用于设置 allow-lan 为 true 时 +# '*': 绑定所有 IP 地址 +# 192.168.122.11: 绑定一个 IPv4 地址 +# "[aaaa::a8aa:ff:fe09:57d8]": 绑定一个 IPv6 地址 +bind-address: '*' + +# Clash router working mode +# rule: rule-based packet routing +# global: all packets will be forwarded to a single endpoint +# direct: directly forward the packets to the Internet +mode: rule + +# Clash by default prints logs to STDOUT +# info / warning / error / debug / silent +log-level: info + +# When set to false, resolver won't translate hostnames to IPv6 addresses +ipv6: true + +# RESTful web API listening address +external-controller: 127.0.0.1:9090 + +# A relative path to the configuration directory or an absolute path to a +# directory in which you put some static web resource. Clash core will then +# serve it at `http://{{external-controller}}/ui`. +external-ui: folder + +# Secret for the RESTful API (optional) +# Authenticate by spedifying HTTP header `Authorization: Bearer ${secret}` +# ALWAYS set a secret if RESTful API is listening on 0.0.0.0 +# secret: "" + +# Outbound interface name +interface-name: en0 + +# Static hosts for DNS server and connection establishment, only works +# when `dns.enhanced-mode` is `redir-host`. +# +# Wildcard hostnames are supported (e.g. *.clash.dev, *.foo.*.example.com) +# Non-wildcard domain names has a higher priority than wildcard domain names +# e.g. foo.example.com > *.example.com > .example.com +# P.S. +.foo.com equals to .foo.com and foo.com +hosts: + 'mtalk.google.com': 108.177.125.188 + # '*.clash.dev': 127.0.0.1 + # '.dev': 127.0.0.1 + # 'alpha.clash.dev': '::1' + +# DNS server settings +# This section is optional. When not present, DNS server will be disabled. +dns: + enable: false + listen: 0.0.0.0:53 + # ipv6: false # when false, response to AAAA questions will be empty + + # These nameservers are used to resolve the DNS nameserver hostnames below. + # Specify IP addresses only + default-nameserver: + - 114.114.114.114 + - 8.8.8.8 + enhanced-mode: redir-host # or fake-ip + fake-ip-range: 198.18.0.1/16 # Fake IP addresses pool CIDR + + # Hostnames in this list will not be resolved with fake IPs + # i.e. questions to these domain names will always be answered with their + # real IP addresses + # fake-ip-filter: + # - '*.lan' + # - localhost.ptlogin2.qq.com + + # Supports UDP, TCP, DoT, DoH. You can specify the port to connect to. + # All DNS questions are sent directly to the nameserver, without proxies + # involved. Clash answers the DNS question with the first result gathered. + nameserver: + - 114.114.114.114 # default value + - 8.8.8.8 # default value + - tls://dns.rubyfish.cn:853 # DNS over TLS + - https://1.1.1.1/dns-query # DNS over HTTPS + + # When `fallback` is present, the DNS server will send concurrent requests + # to the servers in this section along with servers in `nameservers`. + # The answers from fallback servers are used when the GEOIP country + # is not `CN`. + # fallback: + # - tcp://1.1.1.1 + + # If IP addresses resolved with servers in `nameservers` are in the specified + # subnets below, they are considered invalid and results from `fallback` + # servers are used instead. + # + # IP address resolved with servers in `nameserver` is used when + # `fallback-filter.geoip` is true and when GEOIP of the IP address is `CN`. + # + # If `fallback-filter.geoip` is false, results from `fallback` nameservers + # are always used, and answers from `nameservers` are discarded. + # + # This is a countermeasure against DNS pollution attacks. + fallback-filter: + geoip: true + ipcidr: + # - 240.0.0.0/4 + +proxies: +# 支持的协议及加密算法示例请查阅 Clash 项目 README 以使用最新格式:https://github.com/Dreamacro/clash/blob/master/README.md + + # Shadowsocks(Websocket + TLS) + - name: "CN1" + type: ss + server: server + port: 443 + cipher: chacha20-ietf-poly1305 + password: "password" + plugin: v2ray-plugin + plugin-opts: + mode: websocket # no QUIC now + tls: true # wss + # skip-cert-verify: true + # host: bing.com + path: "/s" + # mux: true + # headers: + # custom: value + + # VMess(Websocket + TLS) + - name: "CN2" + type: vmess + server: v2ray.cool + port: 443 + uuid: a3482e88-686a-4a58-8126-99c9df64b7bf + alterId: 32 + cipher: auto + # udp: true + tls: true + # skip-cert-verify: true + network: ws + ws-path: /v + # ws-headers: + # Host: v2ray.com + + # Trojan + - name: "CN3" + type: trojan + server: server + port: 443 + password: yourpsk + # udp: true + # sni: example.com # aka server name + # alpn: + # - h2 + # - http/1.1 + # skip-cert-verify: true + +# 节点订阅 +proxy-providers: + # name: # Provider 名称 + # type: http # http 或 file + # path: # 文件路径 + # url: # 只有当类型为 HTTP 时才可用,您不需要在本地空间中创建新文件。 + # interval: # 自动更新间隔,仅在类型为 HTTP 时可用 + # health-check: # 健康检查选项从此处开始 + # enable: + # url: + # interval: + + # DuckDuckGo: # 冲鸭机场订阅链接 + # type: http + # url: "https://duckduckgo.security/user/sub.php?token=DivineEngine" + # interval: 3600 + # path: ./Proxy/ProxyList.yaml + # health-check: + # enable: true + # interval: 600 + # url: http://www.gstatic.com/generate_204 + +proxy-groups: +# 策略组示例请查阅 Clash 项目 README 以使用最新格式:https://github.com/Dreamacro/clash/blob/master/README.md + + # Fallback + - name: "Fallback" + type: fallback + # use: + # - DuckDuckGo + proxies: + - CN1 + - CN2 + - CN3 + url: 'http://cp.cloudflare.com/generate_204' + interval: 300 + + # 代理节点选择 + - name: "PROXY" + type: select + proxies: + - Fallback + - CN1 + - CN2 + - CN3 + +rule-providers: + # name: # Provider 名称 + # type: http # http 或 file + # behavior: classical # 或 ipcidr、domain + # path: # 文件路径 + # url: # 只有当类型为 HTTP 时才可用,您不需要在本地空间中创建新文件。 + # interval: # 自动更新间隔,仅在类型为 HTTP 时可用 + + StreamingCN: + type: http + behavior: classical + path: ./RuleSet/StreamingMedia/StreamingCN.yaml + url: https://raw.githubusercontent.com/DivineEngine/Profiles/master/Clash/RuleSet/StreamingMedia/StreamingCN.yaml + interval: 86400 + +rules: + + - RULE-SET,StreamingCN,PROXY + + # Local Area Network + - IP-CIDR,192.168.0.0/16,DIRECT + - IP-CIDR,10.0.0.0/8,DIRECT + - IP-CIDR,172.16.0.0/12,DIRECT + - IP-CIDR,127.0.0.0/8,DIRECT + - IP-CIDR,100.64.0.0/10,DIRECT + - IP-CIDR,224.0.0.0/4,DIRECT + + # GeoIP China + - GEOIP,CN,PROXY + + - MATCH,DIRECT \ No newline at end of file diff --git a/Clash/Outbound.yaml b/Clash/Global.yaml similarity index 64% rename from Clash/Outbound.yaml rename to Clash/Global.yaml index 3efd730..474525a 100644 --- a/Clash/Outbound.yaml +++ b/Clash/Global.yaml @@ -1,78 +1,124 @@ -mixed-port: 7890 +# 本地端 HTTP(S)代理服务器端口 +port: 7890 -# HTTP 端口 -# port: 7891 +# 本地端 SOCKS5 代理服务器端口 +socks-port: 7891 -# SOCKS5 端口 -# socks-port: 7892 +# Linux 和 macOS 的透明代理服务器端口 +redir-port: 7892 -# Linux 及 macOS 的 redir 端口 -# redir-port: 7893 +# HTTP(S) 和 SOCKS5 代理服务器共用端口 +# mixed-port: 7890 +# 本地 SOCKS5/HTTP(S) 服务器验证 +# authentication: +# - "user1:pass1" +# - "user2:pass2" + +# 设置为 true 以允许从其他 LAN IP 地址连接到本地端服务器 allow-lan: false # 仅适用于设置 allow-lan 为 true 时 -# "*": 绑定所有 IP 地址 -# 192.168.122.11: 绑定单个 IPv4 地址 -# "[aaaa::a8aa:ff:fe09:57d8]": 绑定单个 IPv6 地址 -# bind-address: "*" - -# Rule / Global / Direct (默认为 Rule 模式) -mode: Rule - -# 设置输出日志的等级 (默认为 info) +# '*': 绑定所有 IP 地址 +# 192.168.122.11: 绑定一个 IPv4 地址 +# "[aaaa::a8aa:ff:fe09:57d8]": 绑定一个 IPv6 地址 +bind-address: '*' + +# Clash router working mode +# rule: rule-based packet routing +# global: all packets will be forwarded to a single endpoint +# direct: directly forward the packets to the Internet +mode: rule + +# Clash by default prints logs to STDOUT # info / warning / error / debug / silent log-level: info -# RESTful API for clash +# When set to false, resolver won't translate hostnames to IPv6 addresses +ipv6: true + +# RESTful web API listening address external-controller: 127.0.0.1:9090 -# you can put the static web resource (such as clash-dashboard) to a directory, and clash would serve in `${API}/ui` -# input is a relative path to the configuration directory or an absolute path -# external-ui: folder +# A relative path to the configuration directory or an absolute path to a +# directory in which you put some static web resource. Clash core will then +# serve it at `http://{{external-controller}}/ui`. +external-ui: folder -# Secret for RESTful API (Optional) +# Secret for the RESTful API (optional) +# Authenticate by spedifying HTTP header `Authorization: Bearer ${secret}` +# ALWAYS set a secret if RESTful API is listening on 0.0.0.0 # secret: "" -# 实验性功能 -experimental: - ignore-resolve-fail: true # 忽略 DNS 解析失败,默认值为true - # interface-name: en0 # 出站接口名称 - -# 本地 SOCKS5/HTTP(S) 服务器认证 -# authentication: -# - "user1:pass1" -# - "user2:pass2" +# Outbound interface name +interface-name: en0 -# # 实验性 hosts, 支持通配符(如 *.clash.dev 甚至 *.foo.*.examplex.com ) -# # 静态域的优先级高于通配符域(foo.example.com > *.example.com) +# Static hosts for DNS server and connection establishment, only works +# when `dns.enhanced-mode` is `redir-host`. +# +# Wildcard hostnames are supported (e.g. *.clash.dev, *.foo.*.example.com) +# Non-wildcard domain names has a higher priority than wildcard domain names +# e.g. foo.example.com > *.example.com > .example.com +# P.S. +.foo.com equals to .foo.com and foo.com hosts: 'mtalk.google.com': 108.177.125.188 -# '*.clash.dev': 127.0.0.1 -# 'alpha.clash.dev': '::1' - -# dns: - # enable: true # set true to enable dns (default is false) - # ipv6: false # default is false - # listen: 0.0.0.0:53 - # # default-nameserver: # resolve dns nameserver host, should fill pure IP - # # - 114.114.114.114 - # # - 8.8.8.8 - # enhanced-mode: redir-host # or fake-ip - # # fake-ip-range: 198.18.0.1/16 # if you don't know what it is, don't change it - # fake-ip-filter: # fake ip white domain list + # '*.clash.dev': 127.0.0.1 + # '.dev': 127.0.0.1 + # 'alpha.clash.dev': '::1' + +# DNS server settings +# This section is optional. When not present, DNS server will be disabled. +dns: + enable: false + listen: 0.0.0.0:53 + # ipv6: false # when false, response to AAAA questions will be empty + + # These nameservers are used to resolve the DNS nameserver hostnames below. + # Specify IP addresses only + default-nameserver: + - 114.114.114.114 + - 8.8.8.8 + enhanced-mode: redir-host # or fake-ip + fake-ip-range: 198.18.0.1/16 # Fake IP addresses pool CIDR + + # Hostnames in this list will not be resolved with fake IPs + # i.e. questions to these domain names will always be answered with their + # real IP addresses + # fake-ip-filter: # - '*.lan' # - localhost.ptlogin2.qq.com - # nameserver: - # - 114.114.114.114 - # - tls://dns.rubyfish.cn:853 # dns over tls - # - https://1.1.1.1/dns-query # dns over https - # fallback: # concurrent request with nameserver, fallback used when GEOIP country isn't CN + + # Supports UDP, TCP, DoT, DoH. You can specify the port to connect to. + # All DNS questions are sent directly to the nameserver, without proxies + # involved. Clash answers the DNS question with the first result gathered. + nameserver: + - 114.114.114.114 # default value + - 8.8.8.8 # default value + - tls://dns.rubyfish.cn:853 # DNS over TLS + - https://1.1.1.1/dns-query # DNS over HTTPS + + # When `fallback` is present, the DNS server will send concurrent requests + # to the servers in this section along with servers in `nameservers`. + # The answers from fallback servers are used when the GEOIP country + # is not `CN`. + # fallback: # - tcp://1.1.1.1 - # fallback-filter: - # geoip: true # default - # ipcidr: # ips in these subnets will be considered polluted - # - 240.0.0.0/4 + + # If IP addresses resolved with servers in `nameservers` are in the specified + # subnets below, they are considered invalid and results from `fallback` + # servers are used instead. + # + # IP address resolved with servers in `nameserver` is used when + # `fallback-filter.geoip` is true and when GEOIP of the IP address is `CN`. + # + # If `fallback-filter.geoip` is false, results from `fallback` nameservers + # are always used, and answers from `nameservers` are discarded. + # + # This is a countermeasure against DNS pollution attacks. + fallback-filter: + geoip: true + ipcidr: + # - 240.0.0.0/4 proxies: # 支持的协议及加密算法示例请查阅 Clash 项目 README 以使用最新格式:https://github.com/Dreamacro/clash/blob/master/README.md diff --git a/Clash/Inbound.yaml b/Clash/Inbound.yaml deleted file mode 100644 index 25692af..0000000 --- a/Clash/Inbound.yaml +++ /dev/null @@ -1,202 +0,0 @@ -mixed-port: 7890 - -# HTTP 端口 -# port: 7891 - -# SOCKS5 端口 -# socks-port: 7892 - -# Linux 及 macOS 的 redir 端口 -# redir-port: 7893 - -allow-lan: false - -# 仅适用于设置 allow-lan 为 true 时 -# "*": 绑定所有 IP 地址 -# 192.168.122.11: 绑定单个 IPv4 地址 -# "[aaaa::a8aa:ff:fe09:57d8]": 绑定单个 IPv6 地址 -# bind-address: "*" - -# Rule / Global / Direct (默认为 Rule 模式) -mode: Rule - -# 设置输出日志的等级 (默认为 info) -# info / warning / error / debug / silent -log-level: info - -# RESTful API for clash -external-controller: 127.0.0.1:9090 - -# you can put the static web resource (such as clash-dashboard) to a directory, and clash would serve in `${API}/ui` -# input is a relative path to the configuration directory or an absolute path -# external-ui: folder - -# Secret for RESTful API (Optional) -# secret: "" - -# 实验性功能 -experimental: - ignore-resolve-fail: true # 忽略 DNS 解析失败,默认值为true - # interface-name: en0 # 出站接口名称 - -# 本地 SOCKS5/HTTP(S) 服务器认证 -# authentication: -# - "user1:pass1" -# - "user2:pass2" - -# # 实验性 hosts, 支持通配符(如 *.clash.dev 甚至 *.foo.*.examplex.com ) -# # 静态域的优先级高于通配符域(foo.example.com > *.example.com) -# hosts: -# '*.clash.dev': 127.0.0.1 -# 'alpha.clash.dev': '::1' - -# dns: - # enable: true # set true to enable dns (default is false) - # ipv6: false # default is false - # listen: 0.0.0.0:53 - # # default-nameserver: # resolve dns nameserver host, should fill pure IP - # # - 114.114.114.114 - # # - 8.8.8.8 - # enhanced-mode: redir-host # or fake-ip - # # fake-ip-range: 198.18.0.1/16 # if you don't know what it is, don't change it - # fake-ip-filter: # fake ip white domain list - # - '*.lan' - # - localhost.ptlogin2.qq.com - # nameserver: - # - 114.114.114.114 - # - tls://dns.rubyfish.cn:853 # dns over tls - # - https://1.1.1.1/dns-query # dns over https - # fallback: # concurrent request with nameserver, fallback used when GEOIP country isn't CN - # - tcp://1.1.1.1 - # fallback-filter: - # geoip: true # default - # ipcidr: # ips in these subnets will be considered polluted - # - 240.0.0.0/4 - -proxies: -# 支持的协议及加密算法示例请查阅 Clash 项目 README 以使用最新格式:https://github.com/Dreamacro/clash/blob/master/README.md - - # Shadowsocks(Websocket + TLS) - - name: "CN1" - type: ss - server: server - port: 443 - cipher: chacha20-ietf-poly1305 - password: "password" - plugin: v2ray-plugin - plugin-opts: - mode: websocket # no QUIC now - tls: true # wss - # skip-cert-verify: true - # host: bing.com - path: "/s" - # mux: true - # headers: - # custom: value - - # VMess(Websocket + TLS) - - name: "CN2" - type: vmess - server: v2ray.cool - port: 443 - uuid: a3482e88-686a-4a58-8126-99c9df64b7bf - alterId: 32 - cipher: auto - # udp: true - tls: true - # skip-cert-verify: true - network: ws - ws-path: /v - # ws-headers: - # Host: v2ray.com - - # Trojan - - name: "CN3" - type: trojan - server: server - port: 443 - password: yourpsk - # udp: true - # sni: example.com # aka server name - # alpn: - # - h2 - # - http/1.1 - # skip-cert-verify: true - -# 节点订阅 -proxy-providers: - # name: # Provider 名称 - # type: http # http 或 file - # path: # 文件路径 - # url: # 只有当类型为 HTTP 时才可用,您不需要在本地空间中创建新文件。 - # interval: # 自动更新间隔,仅在类型为 HTTP 时可用 - # health-check: # 健康检查选项从此处开始 - # enable: - # url: - # interval: - - # DuckDuckGo: # 冲鸭机场订阅链接 - # type: http - # url: "https://duckduckgo.security/user/sub.php?token=DivineEngine" - # interval: 3600 - # path: ./Proxy/ProxyList.yaml - # health-check: - # enable: true - # interval: 600 - # url: http://www.gstatic.com/generate_204 - -proxy-groups: -# 策略组示例请查阅 Clash 项目 README 以使用最新格式:https://github.com/Dreamacro/clash/blob/master/README.md - - # Fallback - - name: "Fallback" - type: fallback - # use: - # - DuckDuckGo - proxies: - - CN1 - - CN2 - - CN3 - url: 'http://cp.cloudflare.com/generate_204' - interval: 300 - - # 代理节点选择 - - name: "PROXY" - type: select - proxies: - - Fallback - - CN1 - - CN2 - - CN3 - -rule-providers: - # name: # Provider 名称 - # type: http # http 或 file - # behavior: classical # 或 ipcidr、domain - # path: # 文件路径 - # url: # 只有当类型为 HTTP 时才可用,您不需要在本地空间中创建新文件。 - # interval: # 自动更新间隔,仅在类型为 HTTP 时可用 - - StreamingCN: - type: http - behavior: classical - path: ./RuleSet/StreamingMedia/StreamingCN.yaml - url: https://raw.githubusercontent.com/DivineEngine/Profiles/master/Clash/RuleSet/StreamingMedia/StreamingCN.yaml - interval: 86400 - -rules: - - - RULE-SET,StreamingCN,PROXY - - # Local Area Network - - IP-CIDR,192.168.0.0/16,DIRECT - - IP-CIDR,10.0.0.0/8,DIRECT - - IP-CIDR,172.16.0.0/12,DIRECT - - IP-CIDR,127.0.0.0/8,DIRECT - - IP-CIDR,100.64.0.0/10,DIRECT - - IP-CIDR,224.0.0.0/4,DIRECT - - # GeoIP China - - GEOIP,CN,PROXY - - - MATCH,DIRECT \ No newline at end of file diff --git a/Quantumult/Inbound.conf b/Quantumult/China.conf similarity index 100% rename from Quantumult/Inbound.conf rename to Quantumult/China.conf diff --git a/Quantumult/Outbound.conf b/Quantumult/Global.conf similarity index 100% rename from Quantumult/Outbound.conf rename to Quantumult/Global.conf diff --git a/Surge/Inbound.conf b/Surge/China.conf similarity index 100% rename from Surge/Inbound.conf rename to Surge/China.conf diff --git a/Surge/Outbound.conf b/Surge/Global.conf similarity index 100% rename from Surge/Outbound.conf rename to Surge/Global.conf diff --git a/Surge/Outbound2.conf b/Surge/Global2.conf similarity index 100% rename from Surge/Outbound2.conf rename to Surge/Global2.conf