Profiles/Surge/Outbound.conf

# 官方手册 - https://manual.nssurge.com/
# 理解原理 - https://manual.nssurge.com/book/understanding-surge/cn/
# 帮助中心 - https://nssurge.zendesk.com/
# 技术社区 - https://community.nssurge.com

[General]
# 通用设置

# > 增强版 Wi-Fi 助理
# (在 Wi-Fi 网络不佳时尝试使用数据网络建立连接，请仅当使用不限量的数据流量时开启)
wifi-assist = true
# > Wi-Fi Cellular 并发与 wifi-assist 不能同开
all-hybrid = false

# > Internet 测试 URL
internet-test-url = http://wifi.vivo.com.cn/generate_204
# > 代理测速 URL
proxy-test-url = http://cp.cloudflare.com/generate_204
# > 测试超时（秒）
test-timeout = 5

# > 自定义 GeoIP 数据库
geoip-maxmind-url = https://raw.githubusercontent.com/Loyalsoldier/geoip/release/Country.mmdb

# > IPv6 支持（默认关闭）
ipv6 = true
# > http-api 控制
http-api = OCD@0.0.0.0:6166
http-api-web-dashboard = true
# > external-controller-access 远程控制
external-controller-access = OCD@0.0.0.0:6170
# > 允许 Wi-Fi 访问 (仅 iOS，若允许远程访问将「false」改为「true」)
allow-wifi-access = false
wifi-access-http-port = 8888
wifi-access-socks5-port = 8889
# > 允许个人热点使用代理
allow-hotspot-access = true
# > 允许 Wi-Fi 访问 (仅 macOS，若允许远程访问将「127.0.0.1」改为「0.0.0.0」)
http-listen = 0.0.0.0:8888
socks5-listen = 0.0.0.0:8889

# > 兼容模式 (仅 iOS)
# compatibility-mode = 0
# > 跳过代理
skip-proxy = 127.0.0.1, 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, 100.64.0.0/10, localhost, *.local, passenger.t3go.cn
# > 排除简单主机名
exclude-simple-hostnames = true

# > Network framwork
network-framework = false

# > DNS 服务器 (如无必要不建议使用 DNS over HTTPS)
dns-server = 223.5.5.5, 223.6.6.6, system
doh-server = https://223.5.5.5/dns-query
# > 使 DoH 请求通过代理策略执行
doh-follow-outbound-mode = true
# > 从 /etc/hosts 读取 DNS 记录
read-etc-hosts = true

# 高级设置

# > 日志级别
loglevel = notify

# > 当遇到 REJECT 策略时返回错误页
show-error-page-for-reject = true

# > Always Real IP Hosts
always-real-ip = *.msftconnecttest.com, *.msftncsi.com, *.srv.nintendo.net, *.stun.playstation.net, xbox.*.microsoft.com, *.xboxlive.com, *.logon.battlenet.com.cn, *.logon.battle.net, stun.l.google.com

# 如果没有代理服务器支持 UDP 转发，可修改为「 direct 」或注释下条，但需注意同一目标主机名 TCP 请求与 UDP 请求的源地址不同所造成的隐私及安全风险。
udp-policy-not-supported-behaviour = reject

# > 隐藏 VPN 图标
hide-vpn-icon = true

[Replica]
# 0 为关闭，1 为开启
# > 隐藏 Apple 请求
hide-apple-request = 0
# > 隐藏崩溃追踪器请求
hide-crash-reporter-request = 1
# > 隐藏 UDP 会话
hide-udp = 0
# > 关键词过滤器
# none（关闭关键词过滤器） / whitelist（blacklist（仅记录包含关键字的请求）） / blacklist（仅记录不包含关键字的请求） / pattern（匹配通配符的请求）
# keyword-filter-type = none
# > 关键词
# keyword-filter = (null)

[Proxy]
🇯🇵 𝗦𝗻𝗲𝗹𝗹 = snell, x.x.x.x, xxxx, psk=xxxx, obfs=http, obfs-host=www.bing.com, version=3, underlying-proxy=𝗣𝗿𝗼𝘅𝘆𝗖𝗵𝗮𝗶𝗻, tfo=true
🇯🇵 𝗦𝗦 = ss, 1x.x.x.x, xxxx, encrypt-method=aes-128-gcm, password=xxxx, obfs=tls, obfs-host=bing.com, udp-relay=true, underlying-proxy=𝗣𝗿𝗼𝘅𝘆𝗖𝗵𝗮𝗶𝗻, tfo=true

[Proxy Group]
# 节点选项
𝗣𝗿𝗼𝘅𝘆 = select, 𝗣𝗿𝗼𝘅𝘆𝗖𝗵𝗮𝗶𝗻, include-all-proxies=true
# 代理链
𝗣𝗿𝗼𝘅𝘆𝗖𝗵𝗮𝗶𝗻 = select, 𝗙𝗮𝗹𝗹𝗯𝗮𝗰𝗸, 𝗔𝘂𝘁𝗼𝗧𝗲𝘀𝘁, 𝗛𝗞, 𝗧𝗪, 𝗝𝗣, 𝗨𝗦, include-other-group=𝗗𝗹𝗲𝗿𝗖𝗹𝗼𝘂𝗱
# 白名单模式 PROXY，黑名单模式 DIRECT
𝗙𝗶𝗻𝗮𝗹 = select, 𝗣𝗿𝗼𝘅𝘆, DIRECT, hidden=true
# 国际流媒体服务
𝗦𝘁𝗿𝗲𝗮𝗺𝗶𝗻𝗴 = select, 𝗣𝗿𝗼𝘅𝘆, include-other-group=𝗗𝗹𝗲𝗿𝗖𝗹𝗼𝘂𝗱
# 中国流媒体服务（面向海外版本）
𝗦𝘁𝗿𝗲𝗮𝗺𝗶𝗻𝗴𝗦𝗘 = select, DIRECT, 𝗛𝗞, 𝗧𝗪
# 地区节点
𝗛𝗞 = url-test, include-other-group=𝗗𝗹𝗲𝗿𝗖𝗹𝗼𝘂𝗱, policy-regex-filter=香港, no-alert=true, hidden=true
𝗧𝗪 = url-test, include-other-group=𝗗𝗹𝗲𝗿𝗖𝗹𝗼𝘂𝗱, policy-regex-filter=台湾, no-alert=true, hidden=true
𝗝𝗣 = url-test, include-other-group=𝗗𝗹𝗲𝗿𝗖𝗹𝗼𝘂𝗱, policy-regex-filter=日本, no-alert=true, hidden=true
𝗨𝗦 = url-test, include-other-group=𝗗𝗹𝗲𝗿𝗖𝗹𝗼𝘂𝗱, policy-regex-filter=美国, no-alert=true, hidden=true
# 防御
𝗚𝘂𝗮𝗿𝗱 = select, REJECT, DIRECT
# 可用性自动测试
𝗙𝗮𝗹𝗹𝗯𝗮𝗰𝗸 = fallback, include-other-group=𝗗𝗹𝗲𝗿𝗖𝗹𝗼𝘂𝗱, policy-regex-filter=香港, no-alert=true, hidden=true
# 延迟自动测试
𝗔𝘂𝘁𝗼𝗧𝗲𝘀𝘁 = url-test, include-other-group=𝗗𝗹𝗲𝗿𝗖𝗹𝗼𝘂𝗱, no-alert=true, hidden=true
# 代理服务商提供的代理列表
𝗗𝗹𝗲𝗿𝗖𝗹𝗼𝘂𝗱 = select, policy-path=https://sub.store/download/DlerCloud, update-interval=0, hidden=true

[Rule]
# EMBY 影视规则修正
DOMAIN-SUFFIX,emby.kim,𝗦𝘁𝗿𝗲𝗮𝗺𝗶𝗻𝗴
DOMAIN,embyaz.misakaf.xyz,𝗛𝗞
# 天气 api 域名分流 指向日本线路
DOMAIN,aqi.waqi.info,𝗝𝗣
# StreamingSE 中国流媒体服务（面向海外版本）为了特定路由直连方便独立配置, 由 Streaming 下移动至此
RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/StreamingMedia/StreamingSE.list,𝗦𝘁𝗿𝗲𝗮𝗺𝗶𝗻𝗴𝗦𝗘
# > Look Up (Only for Wikipedia@macOS, Surge Enhance Mode enabled required)
RULE-SET,https://raw.githubusercontent.com/VirgilClyne/iRingo/main/RuleSet/Wikipedia_for_Look_Up.list,𝗣𝗿𝗼𝘅𝘆
# 在连接特定 Wi-Fi 时直连
SUBNET,SSID:OCD_AP*,DIRECT

# Client
PROCESS-NAME,UUBooster,DIRECT
# > Download
PROCESS-NAME,aria2c,DIRECT
PROCESS-NAME,fdm,DIRECT
PROCESS-NAME,Folx,DIRECT
PROCESS-NAME,NetTransport,DIRECT
PROCESS-NAME,Thunder,DIRECT
PROCESS-NAME,Transmission,DIRECT
PROCESS-NAME,uTorrent,DIRECT
PROCESS-NAME,WebTorrent,DIRECT
PROCESS-NAME,WebTorrent Helper,DIRECT

# Unbreak 后续规则修正
RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Unbreak.list,DIRECT

# Advertising 广告
RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Guard/Advertising.list,𝗚𝘂𝗮𝗿𝗱
DOMAIN-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Guard/AdvertisingPlus.list,𝗚𝘂𝗮𝗿𝗱

# Privacy 隐私
# RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Guard/Privacy.list,𝗚𝘂𝗮𝗿𝗱

# Hijacking 运营商劫持或恶意网站
RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Guard/Hijacking.list,𝗚𝘂𝗮𝗿𝗱

# Disney+
# RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/StreamingMedia/Video/DisneyPlus.list,𝗦𝘁𝗿𝗲𝗮𝗺𝗶𝗻𝗴
# Netflix
# RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/StreamingMedia/Video/Netflix.list,𝗦𝘁𝗿𝗲𝗮𝗺𝗶𝗻𝗴
# YouTube
# RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/StreamingMedia/Video/YouTube.list,𝗦𝘁𝗿𝗲𝗮𝗺𝗶𝗻𝗴
# Spotify
# RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/StreamingMedia/Music/Spotify.list,𝗦𝘁𝗿𝗲𝗮𝗺𝗶𝗻𝗴

# Streaming 国际流媒体服务
RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/StreamingMedia/Streaming.list,𝗦𝘁𝗿𝗲𝗮𝗺𝗶𝗻𝗴

# Telegram
# RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Extra/Telegram/Telegram.list,𝗣𝗿𝗼𝘅𝘆

# Paypal 加速
RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Extra/PayPal.list,𝗣𝗿𝗼𝘅𝘆

# Global 全球加速
RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Global.list,𝗣𝗿𝗼𝘅𝘆

# Apple 服务
RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Extra/Apple/Apple.list,DIRECT

# China 中国直连
RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/China.list,DIRECT

# Local Area Network 局域网
RULE-SET,LAN,DIRECT

# GeoIP China
GEOIP,CN,DIRECT

FINAL,𝗙𝗶𝗻𝗮𝗹,dns-failed

[Host]
# > Firebase Cloud Messaging
mtalk.google.com = 108.177.125.188

# > Google Dl
dl.google.com = server:119.29.29.29
dl.l.google.com = server:119.29.29.29
update.googleapis.com = server:119.29.29.29

# > PlayStation
*.dl.playstation.net = server:119.29.29.29

# > Router Admin Panel
amplifi.lan = server:syslib // Ubiquiti Amplifi Router
router.synology.com = server:syslib // Synology Router
sila.razer.com = server:syslib // Razer Sila Router
router.asus.com = server:syslib // Asus Router
routerlogin.net = server:syslib // Netgear Router
orbilogin.com = server:syslib // Netgear Obri Router
www.LinksysSmartWiFi.com = server:syslib // Linksys Router
LinksysSmartWiFi.com = server:syslib // Linksys Router
myrouter.local = server:syslib // Linksys Router
www.miwifi.com = server:syslib // Xiaomi Mi WiFi Router
miwifi.com = server:syslib // Xiaomi Mi WiFi Router
mediarouter.home = server:syslib // Huawei Router
tplogin.cn = server:syslib // TP-Link Router
tplinklogin.net = server:syslib // TP-Link Router
melogin.cn = server:syslib // MERCURY Router
falogin.cn = server:syslib // FAST Router

[SSID Setting]
TYPE:WIFI tfo-behaviour=force-enabled, cellular-fallback=default
TYPE:CELLULAR tfo-behaviour=force-disabled

[MITM]
skip-server-cert-verify = true
tcp-connection = true
ca-passphrase = Dler
ca-p12 = MIIDGgIBAzCCAuAGCSqGSIb3DQEHAaCCAtEEggLNMIICyTCCAb8GCSqGSIb3DQEHBqCCAbAwggGsAgEAMIIBpQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI5e4W8st2yMMCAggAgIIBeBDhcB5oCpEtPyamF2QSSZMoKnIQ9idB7/spS4BgYMq/zDT8c7SDSKM746+4D98feqkJmAYFUWlXtXOHwSR8QlFad9dTYw4SulHDpDAVr/+da6iCX+LeQuducormCI6xVcmpfZ8qvHWzpfHy5mrKxkuyj5OHlehvYOedDZ9P9s9ME2qZFsffKC4kk398QPjoBMLCb73m7QcFdzdus7NuVAd/kYZRww7ODcXcb5a45Yv4NeRwRjnVT8eCgjGXjJXQgJPAtyAWPLW+o1uS132Qdkmg+8EjwuxL/lOu3rLKh0gWWUFHcxv2rg4OcezyoZuv70zs3A8Ju3wmQ6oZuakeRuRyKu6+9BtgOqxnoBwvTMCI4saY8E318DWZjBOzg9N2vPOhKDeoh8ES9TAbRlcp5Bnp5TWrPhae+XeHlHde5KCr3kjB15/DAhrlh7+ht18I/p1shnRKAd1tH6p62to51j9mSHNxOFFCbBPiFqBSnPmuV2SSOOYHcjUwggECBgkqhkiG9w0BBwGggfQEgfEwge4wgesGCyqGSIb3DQEMCgECoIG0MIGxMBwGCiqGSIb3DQEMAQMwDgQI/FfHqSBxFUoCAggABIGQIJa8eopsdqunR4ZwxWt/ThhdkRw2LFHTbgg5jWdAUQfK2b+I6+Wk9Dimdb2xGzAaYcAVt3ArbfuDTjDUTI4m3pzXBe/edyeXagr6i6DgM9TluB4OsG6hC/MFtF3rvqnCT3DGf5b48hSj0Y5OfJy+iFXmasxtwVIf4pFFylXOOJeJdQry1NgImb0nZwsS8NJAMSUwIwYJKoZIhvcNAQkVMRYEFHijHPCciGG5pbv+qBYZvjpHBIFnMDEwITAJBgUrDgMCGgUABBSxzZGBSpKB8R5FQ6wdiWxFka+xcgQIxB+kS2hfUpkCAggA