ss: &ss type: ss cipher: 2022-blake3-aes-128-gcm password: c9AM1oorBgwaJuSPWNGAbA== udp: true udp-over-tcp: true # ip-version: ipv4 # 设置节点使用 IP 版本,可选:dual,ipv4,ipv6,ipv4-prefer,ipv6-prefer。默认使用 dual smux: enabled: true protocol: smux # smux/yamux/h2mux max-connections: 128 # Maximum connections. Conflict with max-streams. # min-streams: 1 # max-streams: 0 padding: true # statistic: false # only-tcp: false brutal-opts: enabled: true up: 50 down: 500 vmessBrutal: &vmessBrutal type: vmess uuid: bb102209-6292-9dd3-573c-c32970a3a585 alterId: 0 cipher: auto tls: false udp: true skip-cert-verify: true network: ws ws-opts: path: /ws headers: Host: node-speedtest.speedtest.cn max-early-data: 2048 early-data-header-name: Sec-WebSocket-Protocol smux: enabled: true protocol: h2mux max-connections: 64 min-streams: 4 padding: true brutal-opts: enabled: true up: 30 down: 30 cloudflare: &cloudflare server: cf.877774.xyz port: 443 client-fingerprint: random type: vmess uuid: bb102209-6292-9dd3-573c-c32970a3a585 alterId: 0 cipher: auto tls: true tfo: false skip-cert-verify: false network: ws ws-opts: path: "/ws?ed=2048" headers: Host: freewall1.tk udp: true cloudflare3: &cloudflare3 port: 443 client-fingerprint: random type: vmess uuid: bb102209-6292-9dd3-573c-c32970a3a585 alterId: 0 cipher: auto tls: true tfo: false skip-cert-verify: false network: ws ws-opts: path: "/ws?ed=2048" headers: Host: freewall3.tk udp: true mixed-port: 7897 allow-lan: true mode: rule log-level: warning ipv6: false find-process-mode: always ### 如果使用的是裸核,需要将下面的注释去掉,方便ui界面的使用 # external-controller: 0.0.0.0:9988 # external-ui: ui # external-ui-url: 'https://mirror.ghproxy.com/https://github.com/Zephyruso/zashboard/releases/latest/download/dist.zip' # secret: "maintell" profile: store-selected: true store-fake-ip: true smart-collector-size: 100 unified-delay: true tcp-concurrent: true # global-client-fingerprint: chrome geox-url: geoip: "https://fastly.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geoip.dat" geosite: "https://fastly.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geosite.dat" mmdb: "https://fastly.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geoip.metadb" geo-auto-update: true # 是否自动更新 geodata geo-update-interval: 24 # 更新间隔,单位:小时 dns: enable: true prefer-h3: true ipv6: false cache-algorithm: arc cache-max-size: 20000 enhanced-mode: fake-ip fake-ip-range: 198.18.0.1/16 # fake-ip-filter start fake-ip-filter: - +.+m2m - +.$injections.adguard.org - +.$local.adguard.org - +.+bogon - +.+lan - +.+localdomain - +.home.arpa - +.10.in-addr.arpa - +.16.172.in-addr.arpa - +.17.172.in-addr.arpa - +.18.172.in-addr.arpa - +.19.172.in-addr.arpa - +.20.172.in-addr.arpa - +.21.172.in-addr.arpa - +.22.172.in-addr.arpa - +.23.172.in-addr.arpa - +.24.172.in-addr.arpa - +.25.172.in-addr.arpa - +.26.172.in-addr.arpa - +.27.172.in-addr.arpa - +.28.172.in-addr.arpa - +.29.172.in-addr.arpa - +.30.172.in-addr.arpa - +.31.172.in-addr.arpa - +.168.192.in-addr.arpa - +.254.169.in-addr.arpa - dns.msftncsi.com - "*.srv.nintendo.net" - "*.stun.playstation.net" - xbox.*.microsoft.com - "*.xboxlive.com" - "*.turn.twilio.com" - "*.stun.twilio.com" - stun.syncthing.net - stun.* - '+.msftconnecttest.com' - '+.msftncsi.com' - '*.lan' - '*.localhost.app' # fake-ip-filter end respect-rules: true nameserver: - 1.1.1.1 - 8.8.8.8 - 8.8.4.4 - 208.67.222.222 - 208.67.220.220 - https://1.1.1.1/dns-query - https://8.8.8.8/dns-query proxy-server-nameserver: - https://1.12.12.12/dns-query - https://223.5.5.5/dns-query nameserver-policy: "geosite:cn": - 223.5.5.5 - 223.6.6.6 - 119.29.29.29 - https://223.5.5.5/dns-query - https://1.12.12.12/dns-query ### 域名嗅探 sniffer: enable: true sniff: HTTP: ports: [80, 8080-8880] override-destination: true TLS: ports: [443, 8443] QUIC: ports: [443, 8443] skip-domain: - "Mijia Cloud" - "+.push.apple.com" ### Tunnel配置 tun: enable: true stack: system device: Ethernet 99 auto-route: true auto-detect-interface: true dns-hijack: - any:53 - tcp://any:53 strict-route: true mtu: 1500 # 如果有使用zerotier或者headscale等,需要自己配置排除自己的网段 # route-exclude-address: ["192.168.110.0/24"] proxies: - name: "ss-tw" server: tw.658658.xyz port: 22266 type: ss cipher: 2022-blake3-aes-128-gcm password: c9AM1oorBgwaJuSPWNGAbA== udp: true smux: enabled: true protocol: smux # smux/yamux/h2mux #max-connections: 128 # Maximum connections. Conflict with max-streams. padding: true brutal-opts: enabled: true up: 500 down: 500 - name: "ss-tw1" <<: *ss server: tw.658658.xyz port: 22261 - name: "ss-or3" <<: *ss server: 152.70.237.123 port: 2067 - name: "ss-jp" <<: *ss server: 147.78.242.254 port: 2067 - name: "ss-hk" <<: *ss server: 43.128.9.132 port: 2067 - name: "ss-rn8t" <<: *ss server: 104.168.94.56 port: 2067 - name: "ss-ccs" <<: *ss server: 107.172.67.52 port: 2067 - name: "ss-qianyi" <<: *ss server: 148.135.82.105 port: 2067 - name: freewall1.tk-443 server: freewall1.tk port: 443 client-fingerprint: random type: vmess uuid: bb102209-6292-9dd3-573c-c32970a3a585 alterId: 0 cipher: auto tls: true tfo: false skip-cert-verify: false network: ws ws-opts: path: "/ws?ed=2048" headers: Host: freewall1.tk udp: true - name: freewall3.tk-443 server: freewall3.tk port: 443 client-fingerprint: random type: vmess uuid: bb102209-6292-9dd3-573c-c32970a3a585 alterId: 0 cipher: auto tls: true tfo: false skip-cert-verify: false network: ws ws-opts: path: "/ws?ed=2048" headers: Host: freewall3.tk udp: true - name: "vmess-ws-or2" type: vmess server: 193.123.231.61 port: 50080 uuid: bb102209-6292-9dd3-573c-c32970a3a585 alterId: 0 cipher: auto tls: false udp: true skip-cert-verify: true network: ws ws-opts: path: /ws headers: Host: dm.toudiao.com max-early-data: 2048 early-data-header-name: Sec-WebSocket-Protocol - name: "vmess-ws-or3" type: vmess server: 152.70.237.123 port: 80 uuid: bb102209-6292-9dd3-573c-c32970a3a585 alterId: 0 cipher: auto tls: false udp: true skip-cert-verify: true network: ws ws-opts: path: /ws headers: Host: dm.toudiao.com max-early-data: 2048 early-data-header-name: Sec-WebSocket-Protocol - name: "vmess-ws-hk-brutal" <<: *vmessBrutal server: 43.128.9.132 port: 2066 smux: brutal-opts: up: 30 down: 30 - name: "vmess-ws-tw-brutal" <<: *vmessBrutal server: tw.658658.xyz port: 22265 smux: brutal-opts: up: 50 down: 1000 - name: "vmess-ws-or3-brutal" <<: *vmessBrutal server: 152.70.237.123 port: 2066 smux: brutal-opts: up: 50 down: 1000 - name: "vmess-ws-rn-xray-brutal" <<: *vmessBrutal server: 104.168.94.56 port: 80 smux: brutal-opts: up: 50 down: 1000 - name: "vmess-ws-rn-brutal" <<: *vmessBrutal server: 104.168.94.56 port: 2066 smux: brutal-opts: up: 50 down: 1000 - name: "vmess-ws-jp-brutal" <<: *vmessBrutal server: 147.78.242.254 port: 2066 smux: brutal-opts: up: 50 down: 1000 - name: "reality-or2" type: vless server: 193.123.231.61 port: 2083 uuid: bb102209-6292-9dd3-573c-c32970a3a585 network: tcp tls: true udp: true flow: xtls-rprx-vision skip-cert-verify: true servername: download.oracle.com reality-opts: public-key: colQlZcxxwvm0NUbvOfqw_Gi6Cw6xwjnvtdlyZwuQSc client-fingerprint: safari - name: "reality-or3" type: vless server: 152.70.237.123 port: 2083 uuid: bb102209-6292-9dd3-573c-c32970a3a585 network: tcp tls: true udp: true flow: xtls-rprx-vision skip-cert-verify: true servername: download.oracle.com reality-opts: public-key: colQlZcxxwvm0NUbvOfqw_Gi6Cw6xwjnvtdlyZwuQSc client-fingerprint: chrome - name: "reality-jp" type: vless server: 147.78.242.254 port: 2083 uuid: bb102209-6292-9dd3-573c-c32970a3a585 network: tcp tls: true udp: true flow: xtls-rprx-vision skip-cert-verify: true servername: jp.msi.com reality-opts: public-key: colQlZcxxwvm0NUbvOfqw_Gi6Cw6xwjnvtdlyZwuQSc client-fingerprint: chrome - name: tuiccc server: cdn.oracle.com port: 28443 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: 74.48.25.250 heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native # Available: "native", "quic". Default: "native" congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: tuichk server: cdn.oracle.com port: 28443 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: 43.128.9.132 heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native # Available: "native", "quic". Default: "native" congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: tuicor1 server: cdn.oracle.com port: 28443 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: 132.145.93.143 heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native # Available: "native", "quic". Default: "native" congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: tuicor2 server: cdn.oracle.com port: 28443 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: 193.123.231.61 heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native # Available: "native", "quic". Default: "native" congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: tuicor3 server: cdn.oracle.com port: 28443 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: 152.70.237.123 heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native # Available: "native", "quic". Default: "native" congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: tuicjp server: cdn.oracle.com port: 28443 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: 147.78.242.254 heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: tuicla server: cdn.oracle.com port: 28443 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: 141.11.92.36 heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native # Available: "native", "quic". Default: "native" congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: tuiclzk server: cdn.oracle.com port: 28443 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: 141.11.93.199 heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native # Available: "native", "quic". Default: "native" congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: tuichk2 server: cdn.oracle.com port: 28443 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: 47.238.113.132 heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native # Available: "native", "quic". Default: "native" congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: tuictw server: cdn.oracle.com port: 22268 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: tw.658658.xyz heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native # Available: "native", "quic". Default: "native" congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: tuicrn server: cdn.oracle.com port: 28443 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: 104.168.94.56 heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native # Available: "native", "quic". Default: "native" congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: "hysteria2-serv00-S10" type: hysteria2 server: s10.serv00.com port: 32053 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 500 - name: "hysteria2-serv00-S11" type: hysteria2 server: s11.serv00.com port: 32053 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 500 - name: "hysteria2-serv00-S12" type: hysteria2 server: s12.serv00.com port: 32053 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 500 - name: "hysteria2-rnSanJose" type: hysteria2 server: 104.168.94.56 port: 2053 #ports: 2100-5000 #hop-interval: 30 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 500 - name: "hysteria2-ccs" type: hysteria2 server: 107.172.67.52 port: 2053 #ports: 2100-5000 #hop-interval: 30 password: maintell obfs: salamander obfs-password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 500 - name: "hysteria2-alihk2" type: hysteria2 server: 8.218.240.70 port: 2053 ports: 2100-5000 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 500 - name: "hysteria2-alihk1" type: hysteria2 server: 47.238.113.132 port: 2053 ports: 2100-5000 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 30 - name: "hysteria2-shanghai" type: hysteria2 server: 115.159.193.174 port: 2053 password: maintell sni: baidu.com skip-cert-verify: true up: 200 down: 200 - name: "hysteria2-hk" type: hysteria2 server: 43.128.9.132 port: 2053 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 30 - name: "hysteria2-jp" type: hysteria2 server: 147.78.242.254 port: 2053 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 500 - name: "hysteria2-or1" type: hysteria2 server: 132.145.93.143 port: 2053 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 500 - name: "hysteria2-or2" type: hysteria2 server: 193.123.231.61 port: 2053 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 500 - name: "hysteria2-or3" type: hysteria2 server: 152.70.237.123 port: 2053 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 500 - name: "hysteria2-lzk" type: hysteria2 server: 141.11.93.199 port: 2053 password: maintell sni: bing.com skip-cert-verify: true up: 30 down: 500 - name: "hysteria2-tw" type: hysteria2 server: tw.658658.xyz port: 22269 up: "500 Mbps" down: "500 Mbps" password: maintell sni: bing.com skip-cert-verify: true - name: tuicqyus server: cdn.oracle.com port: 28443 type: tuic uuid: bb102209-6292-9dd3-573c-c32970a3a585 password: maintell ip: 104.168.30.209 heartbeat-interval: 10000 alpn: [h3] disable-sni: true reduce-rtt: true request-timeout: 8000 udp-relay-mode: native congestion-controller: bbr # cwnd: 10 # default: 32 # max-udp-relay-packet-size: 1500 # fast-open: true skip-cert-verify: true - name: "hysteria2-qyus" type: hysteria2 server: 104.168.30.209 port: 2053 up: "1000 Mbps" down: "1000 Mbps" password: maintell sni: bing.com skip-cert-verify: true - name: "vmess-ws-qyus-brutal" type: vmess server: 104.168.30.209 port: 2066 uuid: bb102209-6292-9dd3-573c-c32970a3a585 alterId: 0 cipher: auto tls: false udp: true skip-cert-verify: true network: ws ws-opts: path: /ws headers: Host: dm.toudiao.com max-early-data: 2048 early-data-header-name: Sec-WebSocket-Protocol smux: enabled: true protocol: h2mux max-connections: 16 min-streams: 4 padding: true brutal-opts: enabled: true up: 30 down: 1000 - name: "ss-qyus" type: ss server: 104.168.30.209 port: 2067 cipher: 2022-blake3-aes-128-gcm password: "c9AM1oorBgwaJuSPWNGAbA==" udp: true udp-over-tcp: true ip-version: ipv4 # 设置节点使用 IP 版本,可选:dual,ipv4,ipv6,ipv4-prefer,ipv6-prefer。默认使用 dual smux: enabled: true protocol: smux max-connections: 128 padding: true brutal-opts: enabled: true up: 30 down: 1000 - name: LA-CF-WARP type: wireguard server: engage.cloudflareclient.com port: 2408 private-key: wEDwVYKBZ5pBucXEYEUYiLSR6oBOLon2CTtSYb1uxl0= public-key: bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo= ip: 172.16.0.2 mtu: 1280 remote-dns-resolve: true udp: true - name: "vmess-freebandwith" type: vmess server: 49.235.127.179 port: 8080 uuid: bb102209-6292-9dd3-573c-c32970a3a585 alterId: 0 cipher: auto tls: false udp: true skip-cert-verify: true network: ws ws-opts: path: /ws headers: Host: szextshort.weixin.qq.com max-early-data: 2048 early-data-header-name: Sec-WebSocket-Protocol - name: "warpsocks5" type: socks5 server: 127.0.0.1 port: 9091 skip-cert-verify: true udp: true - name: cloudflare-cf <<: *cloudflare server: cf.877774.xyz - name: cloudflare-ct <<: *cloudflare server: ct.877774.xyz - name: cloudflare-ct3 <<: *cloudflare3 server: ct.877774.xyz - name: cloudflare-cmcc <<: *cloudflare server: cmcc.877774.xyz - name: cloudflare-cmcc3 <<: *cloudflare3 server: cmcc.877774.xyz - name: cloudflare-cu <<: *cloudflare server: cu.877774.xyz - name: cloudflare-cu3 <<: *cloudflare3 server: cu.877774.xyz - name: cloudflare-asia <<: *cloudflare server: asia.877774.xyz - name: cloudflare-asia3 <<: *cloudflare3 server: asia.877774.xyz - name: cloudflare-eur <<: *cloudflare server: eur.877774.xyz - name: cloudflare-na <<: *cloudflare server: na.877774.xyz - name: cloudflare-cnae <<: *cloudflare server: cf.cnae.top - name: cloudflare-cnae3 <<: *cloudflare3 server: cf.cnae.top - name: mieru-rn type: mieru server: 104.168.94.56 #port: 20022 port-range: 20010-20022 #(不可同时填写 port 和 port-range) transport: TCP # 支持 TCP 或者 UDP udp: true # 支持 UDP over TCP username: maintell password: 951236 # 可以使用的值包括 MULTIPLEXING_OFF, MULTIPLEXING_LOW, MULTIPLEXING_MIDDLE, MULTIPLEXING_HIGH。其中 MULTIPLEXING_OFF 会关闭多路复用功能。默认值为 MULTIPLEXING_LOW。 multiplexing: MULTIPLEXING_MIDDLE # 如果想开启 0-RTT 握手,请设置为 HANDSHAKE_NO_WAIT,否则请设置为 HANDSHAKE_STANDARD。默认值为 HANDSHAKE_STANDARD handshake-mode: HANDSHAKE_NO_WAIT - name: mieru-ccs type: mieru server: 107.172.67.52 #port: 20022 port-range: 20010-20022 #(不可同时填写 port 和 port-range) transport: TCP # 支持 TCP 或者 UDP udp: true # 支持 UDP over TCP username: maintell password: 951236 # 可以使用的值包括 MULTIPLEXING_OFF, MULTIPLEXING_LOW, MULTIPLEXING_MIDDLE, MULTIPLEXING_HIGH。其中 MULTIPLEXING_OFF 会关闭多路复用功能。默认值为 MULTIPLEXING_LOW。 multiplexing: MULTIPLEXING_MIDDLE # 如果想开启 0-RTT 握手,请设置为 HANDSHAKE_NO_WAIT,否则请设置为 HANDSHAKE_STANDARD。默认值为 HANDSHAKE_STANDARD handshake-mode: HANDSHAKE_NO_WAIT - name: "ccs-kcptun" type: ss server: 107.172.67.52 port: 29900 cipher: 2022-blake3-aes-128-gcm password: c9AM1oorBgwaJuSPWNGAbA== plugin: kcptun plugin-opts: key: maintell # pre-shared secret between client and server crypt: none # aes, aes-128, aes-192, salsa20, blowfish, twofish, cast5, 3des, tea, xtea, xor, none, null mode: manual # profiles: fast3, fast2, fast, normal, manual conn: 16 # set num of UDP connections to server autoexpire: 0 # set auto expiration time(in seconds) for a single UDP connection, 0 to disable scavengettl: 600 # set how long an expired connection can live (in seconds) mtu: 512 # set maximum transmission unit for UDP packets sndwnd: 512 # set send window size(num of packets) rcvwnd: 512 # set receive window size(num of packets) datashard: 70 # set reed-solomon erasure coding - datashard parityshard: 40 # set reed-solomon erasure coding - parityshard dscp: 0 # set DSCP(6bit) nocomp: true # disable compression acknodelay: false # flush ack immediately when a packet is received nodelay: 0 interval: 20 resend: 0 sockbuf: 16777217 # per-socket buffer in bytes smuxver: 2 # specify smux version, available 1,2 smuxbuf: 16777217 # the overall de-mux buffer in bytes streambuf: 2097152 # per stream receive buffer in bytes, smux v2+ keepalive: 10 # seconds between heartbeats proxy-groups: - name: "AutoFallback" type: fallback proxies: - AutoSelectUS - AutoSelectUSCDN - AutoSelectJP - AutoSelectHKWARP - AutoSelectHK - AutoSelect - LoadBanlanceUS - LoadBanlanceHK url: "https://www.apple.com/library/test/success.html" interval: 30 lazy: false - name: AutoSelectUS type: url-test url: https://www.apple.com/library/test/success.html interval: 300 tolerance: 30 proxies: - hysteria2-ccs - hysteria2-rnSanJose - ccs-kcptun - ss-rn8t #- mieru-ccs #- mieru-rn - name: AutoSelectUSCDN type: url-test url: https://www.apple.com/library/test/success.html interval: 300 tolerance: 30 proxies: - freewall1.tk-443 - freewall3.tk-443 #- cloudflare-cf - cloudflare-ct - cloudflare-cmcc - cloudflare-cu - cloudflare-asia - cloudflare-ct3 - cloudflare-cmcc3 - cloudflare-cu3 - cloudflare-asia3 #- cloudflare-eur #- cloudflare-na - cloudflare-cnae - cloudflare-cnae3 - name: "GoogleAutoFallback" type: fallback proxies: - AutoSelectUS - freewall1.tk-443 - freewall3.tk-443 url: "https://www.apple.com/library/test/success.html" interval: 30 lazy: false - name: AutoSelectHKWARP type: url-test url: https://www.apple.com/library/test/success.html interval: 30 tolerance: 10 proxies: - hysteria2-alihk2 - hysteria2-alihk1 - name: AutoSelectHK type: url-test url: https://www.apple.com/library/test/success.html interval: 30 tolerance: 10 proxies: - hysteria2-alihk1 - hysteria2-alihk2 - name: LoadBanlanceUS type: load-balance url: https://www.apple.com/library/test/success.html interval: 30 tolerance: 30 proxies: - tuicrn - hysteria2-rnSanJose - freewall1.tk-443 - freewall3.tk-443 - name: AutoSelect type: url-test url: https://www.apple.com/library/test/success.html interval: 300 proxies: - vmess-ws-tw-brutal - vmess-ws-rn-brutal - vmess-ws-rn-xray-brutal - vmess-ws-or3-brutal - vmess-ws-jp-brutal - tuiccc - tuicla - tuiclzk - hysteria2-jp - hysteria2-rnSanJose - hysteria2-ccs - ss-rn8t - ss-ccs - name: ManualSelect type: select proxies: - AutoFallback - AutoSelect - LoadBanlanceUS - LoadBanlanceHK - 全球直连 - vmess-ws-tw-brutal - vmess-ws-rn-brutal - vmess-ws-or3-brutal - vmess-ws-jp-brutal - hysteria2-hk - hysteria2-alihk1 - hysteria2-alihk2 - vmess-ws-or3 - vmess-ws-or2 - reality-or2 - reality-or3 - reality-jp - tuiccc - tuichk - tuicor1 - tuicor2 - tuicor3 - tuicjp - tuicla - tuiclzk - tuictw - hysteria2-jp - hysteria2-or1 - hysteria2-or2 - hysteria2-or3 - hysteria2-tw - hysteria2-rnSanJose - hysteria2-ccs - freewall1.tk-443 - freewall3.tk-443 - ss-rn8t - ss-or3 - ss-ccs - vmess-freebandwith - name: SpecialRDP type: select proxies: - hysteria2-or1 - hysteria2-or2 - vmess-ws-tw-brutal - vmess-ws-or3-brutal - vmess-ws-jp-brutal - name: google type: select proxies: - ManualSelect - hysteria2-rnSanJose - hysteria2-ccs - ss-rn8t - ss-ccs - hysteria2-tw - AutoSelect - 全球直连 - AutoSelectUS - freewall1.tk-443 - freewall3.tk-443 - AutoSelectHK - vmess-ws-or3 - vmess-ws-or2 - vmess-ws-tw-brutal - vmess-ws-rn-brutal - vmess-ws-or3-brutal - vmess-ws-jp-brutal - vmess-ws-hk-brutal - hysteria2-alihk1 - hysteria2-alihk2 - reality-or2 - reality-or3 - reality-jp - hysteria2-jp - hysteria2-or1 - hysteria2-or2 - hysteria2-or3 - name: OPENAI type: select proxies: - ManualSelect - AutoSelectJP - AutoSelectKR - AutoSelectHK - AutoSelect - 全球直连 - vmess-ws-or3 - vmess-ws-or2 - vmess-ws-tw-brutal - vmess-ws-rn-brutal - vmess-ws-or3-brutal - vmess-ws-jp-brutal - hysteria2-hk - hysteria2-jp - reality-or2 - reality-or3 - reality-jp - hysteria2-tw - hysteria2-or1 - hysteria2-or2 - freewall1.tk-443 - freewall3.tk-443 - hysteria2-or3 - name: AutoSelectKR type: url-test url: https://cp.cloudflare.com/generate_204 interval: 30 lazy: false tolerance: 20 proxies: - hysteria2-or1 - hysteria2-or2 - hysteria2-or3 - tuicor1 - tuicor2 - tuicor3 - ss-or3 - name: AutoSelectJP type: url-test url: https://cp.cloudflare.com/generate_204 interval: 30 lazy: false tolerance: 20 proxies: - vmess-ws-jp-brutal - hysteria2-jp - reality-jp - tuicjp - ss-jp - name: LoadBanlanceHK type: load-balance url: https://www.apple.com/library/test/success.html interval: 30 tolerance: 10 proxies: - hysteria2-hk - hysteria2-alihk1 - hysteria2-alihk2 - name: 全球直连 type: select proxies: - DIRECT - name: 全球拦截 type: select proxies: - REJECT - DIRECT # 简化的锚点定义 RuleSet_base: &RuleSet_base type: http interval: 43200 format: text proxy: ManualSelect rule-providers: # 核心拦截规则 - 只保留最重要的一个 reject_main: <<: *RuleSet_base behavior: domain url: "https://ruleset.skk.moe/Clash/domainset/reject.txt" path: "./rule_set/reject.txt" # AI 服务 ai_non_ip: <<: *RuleSet_base behavior: classical url: https://ruleset.skk.moe/Clash/non_ip/ai.txt path: ./rule_set/ai.txt # Telegram telegram_non_ip: <<: *RuleSet_base behavior: classical url: https://ruleset.skk.moe/Clash/non_ip/telegram.txt path: ./rule_set/telegram.txt telegram_ip: <<: *RuleSet_base behavior: classical url: https://ruleset.skk.moe/Clash/ip/telegram.txt path: ./rule_set/telegram_ip.txt # Apple 相关 - 合并为直连 apple_cdn: <<: *RuleSet_base behavior: domain url: https://ruleset.skk.moe/Clash/domainset/apple_cdn.txt path: ./rule_set/apple_cdn.txt apple_cn_non_ip: <<: *RuleSet_base behavior: classical url: https://ruleset.skk.moe/Clash/non_ip/apple_cn.txt path: ./rule_set/apple_cn.txt # 国内直连 domestic_non_ip: <<: *RuleSet_base behavior: classical url: https://ruleset.skk.moe/Clash/non_ip/domestic.txt path: ./rule_set/domestic.txt # 国外代理 global_non_ip: <<: *RuleSet_base behavior: classical url: https://ruleset.skk.moe/Clash/non_ip/global.txt path: ./rule_set/global.txt # 中国 IP china_ip: <<: *RuleSet_base behavior: ipcidr url: https://ruleset.skk.moe/Clash/ip/china_ip.txt path: ./rule_set/china_ip.txt # 精简的分流规则 rules: # 自定义直连 - DOMAIN-SUFFIX,akile.io,DIRECT - DOMAIN-SUFFIX,eisaas.com,DIRECT - DST-PORT,123,DIRECT - DOMAIN-KEYWORD,akile,DIRECT - DOMAIN-SUFFIX,fonts.googleapis.com,DIRECT - DOMAIN-SUFFIX,alicdn.com,DIRECT - IP-CIDR,147.78.242.254/24,DIRECT - DOMAIN-SUFFIX,moonshot.cn,DIRECT - DOMAIN-SUFFIX,kimi.com,DIRECT - DOMAIN,union.baidu.com,DIRECT # OpenAI 相关 - DOMAIN,cdn.auth0.com,OPENAI - DOMAIN-KEYWORD,ciciai,OPENAI - DOMAIN-SUFFIX,cici.com,OPENAI - DOMAIN-KEYWORD,bytedapm,OPENAI - DOMAIN-KEYWORD,byteoversea,OPENAI - DOMAIN-SUFFIX,ciciaicdn.com,OPENAI - DOMAIN-SUFFIX,ciciai.com,OPENAI - DOMAIN-SUFFIX,byteoversea.com,OPENAI # 规则集应用 - RULE-SET,ai_non_ip,OPENAI - RULE-SET,reject_main,REJECT - RULE-SET,telegram_non_ip,ManualSelect - RULE-SET,telegram_ip,ManualSelect - RULE-SET,apple_cdn,DIRECT - RULE-SET,apple_cn_non_ip,DIRECT - RULE-SET,global_non_ip,ManualSelect - RULE-SET,domestic_non_ip,DIRECT - RULE-SET,china_ip,DIRECT # 局域网直连 - IP-CIDR,192.168.0.0/16,DIRECT,no-resolve - IP-CIDR,10.0.0.0/8,DIRECT,no-resolve - IP-CIDR,172.16.0.0/12,DIRECT,no-resolve - IP-CIDR,127.0.0.0/8,DIRECT,no-resolve # 兜底规则 - MATCH,ManualSelect