Clash 配置示例
特点
- 深度优化DNS解析。
- 力求隐藏解析大型外国网站的痕迹。尽管会泄露小网站的域名解析痕迹,但应该问题不大。
- 使用大型DNS提供商,解析结果、可靠性更好。
- 路由规则更全面
示例配置
yml
unified-delay: true
dns:
enable: true
ipv6: true
enhanced-mode: fake-ip
use-hosts: true
prefer-h3: true
dns-set:
a: &cn-DNS
# - system
# - 240e:1f:1::1 # 电信 家宽
- https://doh.pub/dns-query
- https://dns.alidns.com/dns-query
b: &Foreign-DNS
- https://dns.cloudflare.com/dns-query#🔰 节点选择&h3=true
- https://dns.google/dns-query#🔰 节点选择&h3=true
- https://208.67.220.220/dns-query#🔰 节点选择 # OpenDNS
# - https://dns.twnic.tw/dns-query#🔰 节点选择
# - https://doh.dns.sb/dns-query#🔰 节点选择
default-nameserver:
- https://223.5.5.5/dns-query # 阿里
- https://120.53.53.53/dns-query # 腾讯
- https://208.67.220.220/dns-query # OpenDNS
# - 119.29.29.29 # 腾讯
proxy-server-nameserver:
- https://dns.cloudflare.com/dns-query#🔰 节点选择&h3=true
- https://dns.google/dns-query#🔰 节点选择&h3=true
- https://208.67.220.220/dns-query#🔰 节点选择 # OpenDNS
- https://dns.cloudflare.com/dns-query#&h3=true
- https://dns.google/dns-query
- https://208.67.220.220/dns-query # OpenDNS
nameserver-policy:
'rule-set:代理,国外限定,安全测试,gfw,tld-not-cn,proxy,google,apple': *Foreign-DNS
'rule-set:直连,direct': *cn-DNS
'rule-set:private': system # 本地域名
nameserver: *cn-DNS
fallback: *Foreign-DNS
fallback-filter:
# geoip: true
ipcidr:
- 0.0.0.0/8
- 10.0.0.0/8
- 100.64.0.0/10
- 127.0.0.0/8
- 169.254.0.0/16
- 172.16.0.0/12
- 192.0.0.0/24
- 192.0.2.0/24
- 192.168.0.0/16
- 192.88.99.0/24
- 198.18.0.0/15
- 198.51.100.0/24
- 203.0.113.0/24
- 224.0.0.0/4
- 240.0.0.0/4
- 255.255.255.255/32
domain:
- '+.google.com'
- '+.youtube.com'
- '+.facebook.com'
fake-ip-range: 198.18.0.1/16
fake-ip-filter:
- '*.lan'
- "*.local"
- '*.linksys.com'
- '*.linksyssmartwifi.com'
- swscan.apple.com
- mesu.apple.com
- '*.msftconnecttest.com'
- '*.msftncsi.com'
- time.*.com
- time.*.gov
- time.*.edu.cn
- time.*.apple.com
- time1.*.com
- time2.*.com
- time3.*.com
- time4.*.com
- time5.*.com
- time6.*.com
- time7.*.com
- ntp.*.com
- ntp.*.com
- ntp1.*.com
- ntp2.*.com
- ntp3.*.com
- ntp4.*.com
- ntp5.*.com
- ntp6.*.com
- ntp7.*.com
- '*.time.edu.cn'
- '*.ntp.org.cn'
- +.pool.ntp.org
- time1.cloud.tencent.com
- +.music.163.com
- '*.126.net'
- musicapi.taihe.com
- music.taihe.com
- songsearch.kugou.com
- trackercdn.kugou.com
- '*.kuwo.cn'
- api-jooxtt.sanook.com
- api.joox.com
- joox.com
- +.y.qq.com
- +.music.tc.qq.com
- aqqmusic.tc.qq.com
- +.stream.qqmusic.qq.com
- '*.xiami.com'
- +.music.migu.cn
- +.srv.nintendo.net
- +.stun.playstation.net
- xbox.*.microsoft.com
- +.xboxlive.com
- localhost.ptlogin2.qq.com
- proxy.golang.org
- stun.*.*
- stun.*.*.*
- '*.mcdn.bilivideo.cn'
sniffer:
enable: true
force-dns-mapping: true
parse-pure-ip: true
override-destination: true
sniff:
HTTP:
ports: [80, 8080-8880]
override-destination: true
TLS:
ports: [443, 8443]
QUIC:
ports: [443, 8443]
force-domain:
- +.v2ex.com
skip-domain:
- Mijia Cloud
proxies:
- {name: 节点A, server: proxy.example.com, port: 666, reality-opts: {public-key: xx}, client-fingerprint: chrome, type: vless, uuid: xxx, tls: true, tfo: false, flow: xtls-rprx-vision, skip-cert-verify: false, servername: oc.iopenai.tech, network: tcp}
proxy-providers:
机场-1: &Provider_config_Ordinary
type: http
url: "https://api2.xxx.com/api/v1/client/subscribe?token=xxx&flag=clashmeta"
path: ./proxy_providers/机场-1.yml
interval: 3600
override:
down: "100 Mbps"
up: "40 Mbps"
exclude-filter: "剩余|流量|距离|到期|官网|导航|备用|最新|更新订阅|节点|抽奖|过滤|受骗|免费机场|付费机场|NekoBox|test"
health-check:
enable: true
# interval: 60
# lazy: false
url: http://www.gstatic.com/generate_204
机场-2:
<<: *Provider_config_Ordinary
url: "https://proc.xxx.cn/api/v1/client/subscribe?token=xxx"
path: ./proxy_providers/机场-2.yml
# icon: ♻️ 🔯 ⚖️ 🔗 🛑 🌍 🍎 📲 Ⓜ️
proxy-groups:
- name: 🔰 节点选择
type: select
lazy: false
interval: 60
proxies:
- 机场 1
- 机场 2
- 🔯 回退
- ♻️ 自动选择
# - 🔗 链式
- ⚖️ 负载集群
- name: 机场 1
type: select
url: http://www.gstatic.com/generate_204
use:
- 机场-1
- name: 机场 2
type: url-test
use:
- 机场-2
- name: 🔯 回退
type: fallback
# hidden: true
exclude-filter: "🇨🇳|小水管"
proxies:
use:
- 机场-1
- 机场-2
- name: ♻️ 自动选择
type: url-test
# hidden: true
use:
- 机场 1
- 机场 2
# - name: 🔗 链式
# type: relay
# hidden: true
# proxies:
# - ⚖️ 负载均衡
# - 落地
- name: ⚖️ 负载集群
type: load-balance
strategy: round-robin
hidden: true
use:
- 机场-1
- 机场-2
- name: 🌍 国外媒体
type: select
hidden: true
# icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/webp/youtube.webp
proxies:
- 🔰 节点选择
- 🎯 直连
- name: 📲 电报
type: select
hidden: true
# icon: https://cdn.jsdelivr.net/gh/Koolson/Qure/IconSet/Color/Telegram_X.png
proxies:
- 🔰 节点选择
- 🎯 直连
- name: Ⓜ️ 微软
type: select
# icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/webp/microsoft.webp
proxies:
- 🔰 节点选择
- 🎯 直连
- name: 🍎 苹果
type: select
# icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/webp/apple.webp
proxies:
- 🔰 节点选择
- 🎯 直连
- name: Spotify
type: select
# icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/webp/spotify.webp
proxies:
- 🔰 节点选择
- 🎯 直连
use:
- 基本
filter: "🇯🇵|日本"
# - name: 日本
# type: select
# use:
# - 基本
# filter: "🇯🇵|日本"
- name: 🛑 拒绝
type: select
hidden: true
proxies:
- REJECT
- DIRECT
- name: ⚖️ 负载均衡
type: select
proxies:
- 🔰 节点选择
- ⚖️ 负载集群
- name: 🎯 直连
type: select
proxies:
- DIRECT
- 🔰 节点选择
- name: 🐟 漏网之鱼
type: select
proxies:
- 🔰 节点选择
- 🎯 直连
# tunnels:
# # Wireguard
# - udp,127.0.0.1:5040,192.168.5.1:5040,回家
# # Sunshine
# - tcp,127.0.0.2:47984,192.168.5.16:47984,回家
# - tcp,127.0.0.2:47989,192.168.5.16:47989,回家
# - tcp,127.0.0.2:47990,192.168.5.16:47990,回家
# - tcp,127.0.0.2:48010,192.168.5.16:48010,回家
# - udp,127.0.0.2:47998,192.168.5.16:47998,回家
# - udp,127.0.0.2:47999,192.168.5.16:47999,回家
# - udp,127.0.0.2:48000,192.168.5.16:48000,回家
hosts:
# ip.skk.moe: 2606:4700:3036::ac43:bbdb
rule-providers:
# 自编
直连: &rule-config { type: http, format: text, behavior: classical, path: ./rule-set/直连.txt, url: "https://alist.muelsyse.uk/d/Service/App_Data/Proxy/Clash/%E8%A7%84%E5%88%99/My/%E7%9B%B4%E8%BF%9E.txt.coffee?sign=-Gi-iz2m82hhBlWH4DWy2NbT-eOrmQfN670X1n98XhU=:0", interval: 600 }
代理: { <<: *rule-config, path: ./rule-set/代理.txt, url: "https://alist.muelsyse.uk/d/Service/App_Data/Proxy/Clash/%E8%A7%84%E5%88%99/My/%E4%BB%A3%E7%90%86.txt.coffee?sign=DDlEKZTcqkApHwFvhjE3KlI6R88Llw9CPOnZevhwtEI=:0" }
国外限定: { <<: *rule-config, path: ./rule-set/国外限定.txt, url: "https://alist.muelsyse.uk/d/Service/App_Data/Proxy/Clash/%E8%A7%84%E5%88%99/My/%E5%9B%BD%E5%A4%96%E9%99%90%E5%AE%9A.txt.coffee?sign=SOAQlVAyIyK7SqUbyGoYXd1BcY7bt3zZao-kihy9nms=:0" }
拒绝: { <<: *rule-config, path: ./rule-set/拒绝.txt, url: "https://alist.muelsyse.uk/d/Service/App_Data/Proxy/Clash/%E8%A7%84%E5%88%99/My/%E6%8B%92%E7%BB%9D.txt.coffee?sign=vc8QbX1I9tle-HyMOXObvpJLdNWNOOUw_lIibYqQ6LU=:0" }
负载均衡: { <<: *rule-config, path: ./rule-set/负载均衡.txt, url: "https://alist.muelsyse.uk/d/Service/App_Data/Proxy/Clash/%E8%A7%84%E5%88%99/My/%E8%B4%9F%E8%BD%BD%E5%9D%87%E8%A1%A1.txt.coffee?sign=Z_QJPvS-EACNM1cD_kKYnieWHeK0CtmAbDOgX_uiuC4=:0" }
安全测试: { <<: *rule-config, format: yaml, path: ./rule-set/安全测试.yml, url: "https://alist.muelsyse.uk/d/Service/App_Data/Proxy/Clash/%E8%A7%84%E5%88%99/My/%E5%AE%89%E5%85%A8%E6%B5%8B%E8%AF%95.yml?sign=IVly0cxnLom1t8bCkbzDt_xacY_CpI--sHZWsyhY5tM=:0" }
# Loyalsoldier/clash-rules
reject: &rule-config-2 { type: http, behavior: domain, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/reject.txt", path: ./rule-set/reject.yaml, interval: 86400 }
icloud: { <<: *rule-config-2, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/icloud.txt", path: ./rule-set/icloud.yaml }
apple: { <<: *rule-config-2, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/apple.txt", path: ./rule-set/apple.yaml }
google: { <<: *rule-config-2, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/google.txt", path: ./rule-set/google.yaml }
proxy: { <<: *rule-config-2, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/proxy.txt", path: ./rule-set/proxy.yaml }
direct: { <<: *rule-config-2, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/direct.txt", path: ./rule-set/direct.yaml }
private: { <<: *rule-config-2, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/private.txt", path: ./rule-set/private.yaml }
gfw: { <<: *rule-config-2, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/gfw.txt", path: ./rule-set/gfw.yaml }
tld-not-cn: { <<: *rule-config-2, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/tld-not-cn.txt", path: ./rule-set/tld-not-cn.yaml }
telegramcidr: &rule-config-3 {type: http, behavior: ipcidr, interval: 86400, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/telegramcidr.txt", path: ./rule-set/telegramcidr.yaml }
cncidr: { <<: *rule-config-3, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/cncidr.txt", path: ./rule-set/cncidr.yaml }
lancidr: { <<: *rule-config-3, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt", path: ./rule-set/lancidr.yaml }
# applications: { <<: *rule-config-2, behavior: classical, url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/applications.txt", path: ./rule-set/applications.yaml}
# blackmatrix7/ios_rule_script
微软: &rule-config-4 {type: http, behavior: classical, url: https://cdn.jsdelivr.net/gh/blackmatrix7/ios_rule_script@master/rule/Clash/Microsoft/Microsoft.yaml, path: ./rule-set/微软.yml, }
Spotify: {<<: *rule-config-4, url: https://cdn.jsdelivr.net/gh/blackmatrix7/ios_rule_script@master/rule/Clash/Spotify/Spotify.yaml, path: ./rule-set/Spotify.yml }
# 甲骨文: {<<: *rule-config-4, url: https://cdn.jsdelivr.net/gh/blackmatrix7/ios_rule_script@master/rule/Clash/Oracle/Oracle.yaml, path: ./rule-set/Oracle.yml, }
# 广告
广告: { <<: *rule-config-4, url: https://cdn.jsdelivr.net/gh/blackmatrix7/ios_rule_script@master/rule/Clash/Advertising/Advertising_Classical.yaml, path: ./rule-set/Advertising_Classical.yml }
秋风广告: { <<: *rule-config-2, url: https://raw.githubusercontent.com/TG-Twilight/AWAvenue-Ads-Rule/main/Filters/AWAvenue-Ads-Rule-Clash.yaml, path: ./rule-set/秋风广告.yml }
anti-AD: { type: http, behavior: domain, format: mrs, url: https://raw.githubusercontent.com/privacy-protection-tools/anti-ad.github.io/master/docs/mihomo.mrs }
# 隐私
隐私: { <<: *rule-config, url: https://cdn.jsdelivr.net/gh/blackmatrix7/ios_rule_script@master/rule/Clash/Privacy/Privacy.list, path: ./rule-set/Privacy.list }
MIUIPrivacy: { <<: *rule-config-4, format: text, url: https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/MIUIPrivacy.list, path: ./rule-set/MIUIPrivacy.list }
# BanEasyPrivacy: { <<: *rule-config-4, format: text, url: https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/BanEasyPrivacy.list, path: ./rule-set/BanEasyPrivacy.list }
# 其他
# DNS: { <<: *rule-config, url: https://raw.githubusercontent.com//master/Special/DNS.list, path: ./rule-set/DNS.list }
# ChatGPT_1: { type: http, behavior: classical, url: http://clash.xiaoya.pro/rule_provider/OpenAI, path: ./rule-set/ChatGPT-xiaoya.yml }
rules:
- RULE-SET,直连,🎯 直连
- RULE-SET,代理,🔰 节点选择
- RULE-SET,负载均衡,⚖️ 负载均衡
- RULE-SET,拒绝,🛑 拒绝
- RULE-SET,微软,Ⓜ️ 微软
- RULE-SET,apple,🍎 苹果
- RULE-SET,icloud,🍎 苹果
- RULE-SET,Spotify,Spotify,no-resolve
- RULE-SET,telegramcidr,📲 电报,no-resolve
# - RULE-SET,google,🔰 节点选择
- RULE-SET,gfw,🔰 节点选择
- RULE-SET,proxy,🔰 节点选择
- RULE-SET,reject,🛑 拒绝
- RULE-SET,秋风广告,🛑 拒绝,no-resolve
- RULE-SET,广告,🛑 拒绝,no-resolve
- RULE-SET,anti-AD,🛑 拒绝,no-resolve
- RULE-SET,隐私,🛑 拒绝,no-resolve
- RULE-SET,MIUIPrivacy,🛑 拒绝,no-resolve
- RULE-SET,direct,🎯 直连
- RULE-SET,private,🎯 直连
# - RULE-SET,applications,🎯 直连
- RULE-SET,cncidr,🎯 直连
- RULE-SET,lancidr,🎯 直连,no-resolve
- GEOIP,LAN,🎯 直连,no-resolve
- GEOIP,CN,🎯 直连
- MATCH,🐟 漏网之鱼