chore: adjust config.yaml.
This commit is contained in:
parent
22726c1de8
commit
e6377eac9b
1 changed files with 236 additions and 222 deletions
458
docs/config.yaml
458
docs/config.yaml
|
@ -7,22 +7,17 @@ mixed-port: 10801 # HTTP(S) 和 SOCKS 代理混合端口
|
||||||
# tproxy-port: 7893
|
# tproxy-port: 7893
|
||||||
|
|
||||||
allow-lan: true # 允许局域网连接
|
allow-lan: true # 允许局域网连接
|
||||||
bind-address: "*" # 绑定IP地址,仅作用于 allow-lan 为 true,'*'表示所有地址
|
bind-address: "*" # 绑定 IP 地址,仅作用于 allow-lan 为 true,'*'表示所有地址
|
||||||
|
|
||||||
# find-process-mode has 3 values: always, strict, off
|
# find-process-mode has 3 values:always, strict, off
|
||||||
# - always, 开启,强制匹配所有进程
|
# - always, 开启,强制匹配所有进程
|
||||||
# - strict, 默认,由clash判断是否开启
|
# - strict, 默认,由 clash 判断是否开启
|
||||||
# - off, 不匹配进程,推荐在路由器上使用此模式
|
# - off, 不匹配进程,推荐在路由器上使用此模式
|
||||||
find-process-mode: strict
|
find-process-mode: strict
|
||||||
|
|
||||||
# global-client-fingerprint:全局TLS指纹,优先低于proxy内的 client-fingerprint
|
|
||||||
# accepts "chrome","firefox","safari","ios","random","none" options.
|
|
||||||
# Utls is currently support TLS transport in TCP/grpc/WS/HTTP for VLESS/Vmess and trojan.
|
|
||||||
global-client-fingerprint: chrome
|
|
||||||
|
|
||||||
mode: rule
|
mode: rule
|
||||||
|
|
||||||
#自定义 geox-url
|
#自定义 geodata url
|
||||||
geox-url:
|
geox-url:
|
||||||
geoip: "https://cdn.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/geoip.dat"
|
geoip: "https://cdn.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/geoip.dat"
|
||||||
geosite: "https://cdn.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/geosite.dat"
|
geosite: "https://cdn.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/geosite.dat"
|
||||||
|
@ -32,16 +27,25 @@ log-level: debug # 日志等级 silent/error/warning/info/debug
|
||||||
|
|
||||||
ipv6: true # 开启 IPv6 总开关,关闭阻断所有 IPv6 链接和屏蔽 DNS 请求 AAAA 记录
|
ipv6: true # 开启 IPv6 总开关,关闭阻断所有 IPv6 链接和屏蔽 DNS 请求 AAAA 记录
|
||||||
|
|
||||||
|
tls:
|
||||||
|
certificate: string # 证书 PEM 格式,或者 证书的路径
|
||||||
|
private-key: string # 证书对应的私钥 PEM 格式,或者私钥路径
|
||||||
|
|
||||||
external-controller: 0.0.0.0:9093 # RESTful API 监听地址
|
external-controller: 0.0.0.0:9093 # RESTful API 监听地址
|
||||||
external-controller-tls: 0.0.0.0:9443 # RESTful API HTTPS 监听地址,需要配置 tls 部分配置文件
|
external-controller-tls: 0.0.0.0:9443 # RESTful API HTTPS 监听地址,需要配置 tls 部分配置文件
|
||||||
# secret: "123456" # `Authorization: Bearer ${secret}`
|
# secret: "123456" # `Authorization:Bearer ${secret}`
|
||||||
|
|
||||||
# tcp-concurrent: true # TCP并发连接所有IP, 将使用最快握手的TCP
|
# tcp-concurrent: true # TCP 并发连接所有 IP, 将使用最快握手的 TCP
|
||||||
external-ui: /path/to/ui/folder # 配置WEB UI目录,使用http://{{external-controller}}/ui 访问
|
external-ui: /path/to/ui/folder # 配置 WEB UI 目录,使用 http://{{external-controller}}/ui 访问
|
||||||
|
|
||||||
# interface-name: en0 # 设置出口网卡
|
# interface-name: en0 # 设置出口网卡
|
||||||
|
|
||||||
# routing-mark: 6666 # 配置 fwmark 仅用于Linux
|
# 全局 TLS 指纹,优先低于 proxy 内的 client-fingerprint
|
||||||
|
# 可选: "chrome","firefox","safari","ios","random","none" options.
|
||||||
|
# Utls is currently support TLS transport in TCP/grpc/WS/HTTP for VLESS/Vmess and trojan.
|
||||||
|
global-client-fingerprint: chrome
|
||||||
|
|
||||||
|
# routing-mark:6666 # 配置 fwmark 仅用于 Linux
|
||||||
experimental:
|
experimental:
|
||||||
|
|
||||||
# 类似于 /etc/hosts, 仅支持配置单个 IP
|
# 类似于 /etc/hosts, 仅支持配置单个 IP
|
||||||
|
@ -50,6 +54,13 @@ hosts:
|
||||||
# '.dev': 127.0.0.1
|
# '.dev': 127.0.0.1
|
||||||
# 'alpha.clash.dev': '::1'
|
# 'alpha.clash.dev': '::1'
|
||||||
|
|
||||||
|
profile:
|
||||||
|
# 存储 select 选择记录
|
||||||
|
store-selected: false
|
||||||
|
|
||||||
|
# 持久化 fake-ip
|
||||||
|
store-fake-ip: true
|
||||||
|
|
||||||
# Tun 配置
|
# Tun 配置
|
||||||
tun:
|
tun:
|
||||||
enable: false
|
enable: false
|
||||||
|
@ -75,10 +86,10 @@ tun:
|
||||||
#- 1000
|
#- 1000
|
||||||
# exclude_uid_range: # 排除路由的的用户范围
|
# exclude_uid_range: # 排除路由的的用户范围
|
||||||
# - 1000-99999
|
# - 1000-99999
|
||||||
|
|
||||||
# Android 用户和应用规则仅在 Android 下被支持
|
# Android 用户和应用规则仅在 Android 下被支持
|
||||||
# 并且需要 auto_route
|
# 并且需要 auto_route
|
||||||
|
|
||||||
# include_android_user: # 限制被路由的 Android 用户
|
# include_android_user: # 限制被路由的 Android 用户
|
||||||
# - 0
|
# - 0
|
||||||
# - 10
|
# - 10
|
||||||
|
@ -105,15 +116,13 @@ sniffer:
|
||||||
# 是否使用嗅探结果作为实际访问,默认 true
|
# 是否使用嗅探结果作为实际访问,默认 true
|
||||||
# 全局配置,优先级低于 sniffer.sniff 实际配置
|
# 全局配置,优先级低于 sniffer.sniff 实际配置
|
||||||
override-destination: false
|
override-destination: false
|
||||||
sniff:
|
sniff: # TLS 默认如果不配置 ports 默认嗅探 443
|
||||||
# TLS 默认如果不配置 ports 默认嗅探 443
|
|
||||||
TLS:
|
TLS:
|
||||||
# ports: [443, 8443]
|
# ports: [443, 8443]
|
||||||
|
|
||||||
# 默认嗅探 80
|
# 默认嗅探 80
|
||||||
HTTP:
|
HTTP: # 需要嗅探的端口
|
||||||
# 需要嗅探的端口
|
|
||||||
|
|
||||||
ports: [80, 8080-8880]
|
ports: [80, 8080-8880]
|
||||||
# 可覆盖 sniffer.override-destination
|
# 可覆盖 sniffer.override-destination
|
||||||
override-destination: true
|
override-destination: true
|
||||||
|
@ -128,7 +137,7 @@ sniffer:
|
||||||
- tls
|
- tls
|
||||||
- http
|
- http
|
||||||
# 强制对此域名进行嗅探
|
# 强制对此域名进行嗅探
|
||||||
|
|
||||||
# 仅对白名单中的端口进行嗅探,默认为 443,80
|
# 仅对白名单中的端口进行嗅探,默认为 443,80
|
||||||
# 已废弃,若 sniffer.sniff 配置则此项无效
|
# 已废弃,若 sniffer.sniff 配置则此项无效
|
||||||
port-whitelist:
|
port-whitelist:
|
||||||
|
@ -136,27 +145,8 @@ sniffer:
|
||||||
- "443"
|
- "443"
|
||||||
# - 8000-9999
|
# - 8000-9999
|
||||||
|
|
||||||
# shadowsocks,vmess 入口配置(传入流量将和socks,mixed等入口一样按照mode所指定的方式进行匹配处理)
|
|
||||||
# ss-config: ss://2022-blake3-aes-256-gcm:vlmpIPSyHH6f4S8WVPdRIHIlzmB+GIRfoH3aNJ/t9Gg=@:23456
|
|
||||||
# vmess-config: vmess://1:9d0cb9d0-964f-4ef6-897d-6c6b3ccf9e68@:12345
|
|
||||||
|
|
||||||
# tuic服务器入口(传入流量将和socks,mixed等入口一样按照mode所指定的方式进行匹配处理)
|
tunnels: # one line config
|
||||||
#tuic-server:
|
|
||||||
# enable: true
|
|
||||||
# listen: 127.0.0.1:10443
|
|
||||||
# token:
|
|
||||||
# - TOKEN
|
|
||||||
# certificate: ./server.crt
|
|
||||||
# private-key: ./server.key
|
|
||||||
# congestion-controller: bbr
|
|
||||||
# max-idle-time: 15000
|
|
||||||
# authentication-timeout: 1000
|
|
||||||
# alpn:
|
|
||||||
# - h3
|
|
||||||
# max-udp-relay-packet-size: 1500
|
|
||||||
|
|
||||||
tunnels:
|
|
||||||
# one line config
|
|
||||||
- tcp/udp,127.0.0.1:6553,114.114.114.114:53,proxy
|
- tcp/udp,127.0.0.1:6553,114.114.114.114:53,proxy
|
||||||
- tcp,127.0.0.1:6666,rds.mysql.com:3306,vpn
|
- tcp,127.0.0.1:6666,rds.mysql.com:3306,vpn
|
||||||
# full yaml config
|
# full yaml config
|
||||||
|
@ -165,12 +155,6 @@ tunnels:
|
||||||
target: target.com
|
target: target.com
|
||||||
proxy: proxy
|
proxy: proxy
|
||||||
|
|
||||||
profile:
|
|
||||||
# 存储select选择记录
|
|
||||||
store-selected: false
|
|
||||||
|
|
||||||
# 持久化fake-ip
|
|
||||||
store-fake-ip: true
|
|
||||||
|
|
||||||
# DNS配置
|
# DNS配置
|
||||||
dns:
|
dns:
|
||||||
|
@ -178,7 +162,7 @@ dns:
|
||||||
prefer-h3: true # 开启 DoH 支持 HTTP/3,将并发尝试
|
prefer-h3: true # 开启 DoH 支持 HTTP/3,将并发尝试
|
||||||
listen: 0.0.0.0:53 # 开启 DNS 服务器监听
|
listen: 0.0.0.0:53 # 开启 DNS 服务器监听
|
||||||
# ipv6: false # false 将返回 AAAA 的空结果
|
# ipv6: false # false 将返回 AAAA 的空结果
|
||||||
|
|
||||||
# 用于解析 nameserver,fallback 以及其他DNS服务器配置的,DNS 服务域名
|
# 用于解析 nameserver,fallback 以及其他DNS服务器配置的,DNS 服务域名
|
||||||
# 只能使用纯 IP 地址,可使用加密 DNS
|
# 只能使用纯 IP 地址,可使用加密 DNS
|
||||||
default-nameserver:
|
default-nameserver:
|
||||||
|
@ -187,16 +171,16 @@ dns:
|
||||||
- tls://1.12.12.12:853
|
- tls://1.12.12.12:853
|
||||||
- tls://223.5.5.5:853
|
- tls://223.5.5.5:853
|
||||||
enhanced-mode: fake-ip # or redir-host
|
enhanced-mode: fake-ip # or redir-host
|
||||||
|
|
||||||
fake-ip-range: 198.18.0.1/16 # fake-ip 池设置
|
fake-ip-range: 198.18.0.1/16 # fake-ip 池设置
|
||||||
|
|
||||||
# use-hosts: true # 查询 hosts
|
# use-hosts: true # 查询 hosts
|
||||||
|
|
||||||
# 配置不使用fake-ip的域名
|
# 配置不使用fake-ip的域名
|
||||||
# fake-ip-filter:
|
# fake-ip-filter:
|
||||||
# - '*.lan'
|
# - '*.lan'
|
||||||
# - localhost.ptlogin2.qq.com
|
# - localhost.ptlogin2.qq.com
|
||||||
|
|
||||||
# DNS主要域名配置
|
# DNS主要域名配置
|
||||||
# 支持 UDP,TCP,DoT,DoH,DoQ
|
# 支持 UDP,TCP,DoT,DoH,DoQ
|
||||||
# 这部分为主要 DNS 配置,影响所有直连,确保使用对大陆解析精准的 DNS
|
# 这部分为主要 DNS 配置,影响所有直连,确保使用对大陆解析精准的 DNS
|
||||||
|
@ -210,20 +194,20 @@ dns:
|
||||||
- dhcp://en0 # dns from dhcp
|
- dhcp://en0 # dns from dhcp
|
||||||
- quic://dns.adguard.com:784 # DNS over QUIC
|
- quic://dns.adguard.com:784 # DNS over QUIC
|
||||||
# - '8.8.8.8#en0' # 兼容指定DNS出口网卡
|
# - '8.8.8.8#en0' # 兼容指定DNS出口网卡
|
||||||
|
|
||||||
# 当配置 fallback 时,会查询 nameserver 中返回的 IP 是否为 CN,非必要配置
|
# 当配置 fallback 时,会查询 nameserver 中返回的 IP 是否为 CN,非必要配置
|
||||||
# 当不是 CN,则使用 fallback 中的 DNS 查询结果
|
# 当不是 CN,则使用 fallback 中的 DNS 查询结果
|
||||||
# 确保配置 fallback 时能够正常查询
|
# 确保配置 fallback 时能够正常查询
|
||||||
# fallback:
|
# fallback:
|
||||||
# - tcp://1.1.1.1
|
# - tcp://1.1.1.1
|
||||||
# - 'tcp://1.1.1.1#ProxyGroupName' # 指定 DNS 过代理查询,ProxyGroupName 为策略组名或节点名,过代理配置优先于配置出口网卡,当找不到策略组或节点名则设置为出口网卡
|
# - 'tcp://1.1.1.1#ProxyGroupName' # 指定 DNS 过代理查询,ProxyGroupName 为策略组名或节点名,过代理配置优先于配置出口网卡,当找不到策略组或节点名则设置为出口网卡
|
||||||
|
|
||||||
# 专用于节点域名解析的 DNS 服务器,非必要配置项
|
# 专用于节点域名解析的 DNS 服务器,非必要配置项
|
||||||
# 配置服务器若查询失败将使用 nameserver,非并发查询
|
# 配置服务器若查询失败将使用 nameserver,非并发查询
|
||||||
# proxy-server-nameserver:
|
# proxy-server-nameserver:
|
||||||
# - https://dns.google/dns-query
|
# - https://dns.google/dns-query
|
||||||
# - tls://one.one.one.one
|
# - tls://one.one.one.one
|
||||||
|
|
||||||
# 配置 fallback 使用条件
|
# 配置 fallback 使用条件
|
||||||
# fallback-filter:
|
# fallback-filter:
|
||||||
# geoip: true # 配置是否使用 geoip
|
# geoip: true # 配置是否使用 geoip
|
||||||
|
@ -238,14 +222,53 @@ dns:
|
||||||
# - '+.google.com'
|
# - '+.google.com'
|
||||||
# - '+.facebook.com'
|
# - '+.facebook.com'
|
||||||
# - '+.youtube.com'
|
# - '+.youtube.com'
|
||||||
|
|
||||||
# 配置查询域名使用的 DNS 服务器
|
# 配置查询域名使用的 DNS 服务器
|
||||||
nameserver-policy:
|
nameserver-policy: # 'www.baidu.com': '114.114.114.114'
|
||||||
# 'www.baidu.com': '114.114.114.114'
|
|
||||||
# '+.internal.crop.com': '10.0.0.1'
|
# '+.internal.crop.com': '10.0.0.1'
|
||||||
"geosite:cn": "https://doh.pub/dns-query"
|
"geosite:cn":
|
||||||
"www.baidu.com": [https://doh.pub/dns-query,https://dns.alidns.com/dns-query]
|
- https://doh.pub/dns-query
|
||||||
proxies:
|
- https://dns.alidns.com/dns-query
|
||||||
|
"www.baidu.com": [https://doh.pub/dns-query, https://dns.alidns.com/dns-query]
|
||||||
|
|
||||||
|
proxies: # socks5
|
||||||
|
- name: "socks"
|
||||||
|
type: socks5
|
||||||
|
server: server
|
||||||
|
port: 443
|
||||||
|
# username: username
|
||||||
|
# password: password
|
||||||
|
# tls: true
|
||||||
|
# fingerprint: xxxx
|
||||||
|
# skip-cert-verify: true
|
||||||
|
# udp: true
|
||||||
|
# ip-version: ipv6
|
||||||
|
|
||||||
|
# http
|
||||||
|
- name: "http"
|
||||||
|
type: http
|
||||||
|
server: server
|
||||||
|
port: 443
|
||||||
|
# username: username
|
||||||
|
# password: password
|
||||||
|
# tls: true # https
|
||||||
|
# skip-cert-verify: true
|
||||||
|
# sni: custom.com
|
||||||
|
# fingerprint: xxxx # 同 experimental.fingerprints 使用 sha256 指纹,配置协议独立的指纹,将忽略 experimental.fingerprints
|
||||||
|
# ip-version: dual
|
||||||
|
|
||||||
|
# Snell
|
||||||
|
# Beware that there's currently no UDP support yet
|
||||||
|
- name: "snell"
|
||||||
|
type: snell
|
||||||
|
server: server
|
||||||
|
port: 44046
|
||||||
|
psk: yourpsk
|
||||||
|
# version: 2
|
||||||
|
# obfs-opts:
|
||||||
|
# mode: http # or tls
|
||||||
|
# host: bing.com
|
||||||
|
|
||||||
# Shadowsocks
|
# Shadowsocks
|
||||||
# cipher支持:
|
# cipher支持:
|
||||||
# aes-128-gcm aes-192-gcm aes-256-gcm
|
# aes-128-gcm aes-192-gcm aes-256-gcm
|
||||||
|
@ -268,6 +291,7 @@ proxies:
|
||||||
# UDP 则为双栈解析,获取结果中的第一个 IPv4
|
# UDP 则为双栈解析,获取结果中的第一个 IPv4
|
||||||
# ipv6-prefer 同 ipv4-prefer
|
# ipv6-prefer 同 ipv4-prefer
|
||||||
# 现有协议都支持此参数,TCP 效果仅在开启 tcp-concurrent 生效
|
# 现有协议都支持此参数,TCP 效果仅在开启 tcp-concurrent 生效
|
||||||
|
|
||||||
- name: "ss2"
|
- name: "ss2"
|
||||||
type: ss
|
type: ss
|
||||||
server: server
|
server: server
|
||||||
|
@ -278,7 +302,7 @@ proxies:
|
||||||
plugin-opts:
|
plugin-opts:
|
||||||
mode: tls # or http
|
mode: tls # or http
|
||||||
# host: bing.com
|
# host: bing.com
|
||||||
|
|
||||||
- name: "ss3"
|
- name: "ss3"
|
||||||
type: ss
|
type: ss
|
||||||
server: server
|
server: server
|
||||||
|
@ -288,17 +312,17 @@ proxies:
|
||||||
plugin: v2ray-plugin
|
plugin: v2ray-plugin
|
||||||
plugin-opts:
|
plugin-opts:
|
||||||
mode: websocket # no QUIC now
|
mode: websocket # no QUIC now
|
||||||
# tls: true # wss
|
# tls: true # wss
|
||||||
# 可使用 openssl x509 -noout -fingerprint -sha256 -inform pem -in yourcert.pem 获取
|
# 可使用 openssl x509 -noout -fingerprint -sha256 -inform pem -in yourcert.pem 获取
|
||||||
# 配置指纹将实现 SSL Pining 效果
|
# 配置指纹将实现 SSL Pining 效果
|
||||||
# fingerprint: xxxx
|
# fingerprint: xxxx
|
||||||
# skip-cert-verify: true
|
# skip-cert-verify: true
|
||||||
# host: bing.com
|
# host: bing.com
|
||||||
# path: "/"
|
# path: "/"
|
||||||
# mux: true
|
# mux: true
|
||||||
# headers:
|
# headers:
|
||||||
# custom: value
|
# custom: value
|
||||||
|
|
||||||
- name: "ss4"
|
- name: "ss4"
|
||||||
type: ss
|
type: ss
|
||||||
server: server
|
server: server
|
||||||
|
@ -310,7 +334,7 @@ proxies:
|
||||||
host: "cloud.tencent.com"
|
host: "cloud.tencent.com"
|
||||||
password: "shadow_tls_password"
|
password: "shadow_tls_password"
|
||||||
version: 2 # support 1/2/3
|
version: 2 # support 1/2/3
|
||||||
|
|
||||||
# vmess
|
# vmess
|
||||||
# cipher支持 auto/aes-128-gcm/chacha20-poly1305/none
|
# cipher支持 auto/aes-128-gcm/chacha20-poly1305/none
|
||||||
- name: "vmess"
|
- name: "vmess"
|
||||||
|
@ -333,7 +357,7 @@ proxies:
|
||||||
# Host: v2ray.com
|
# Host: v2ray.com
|
||||||
# max-early-data: 2048
|
# max-early-data: 2048
|
||||||
# early-data-header-name: Sec-WebSocket-Protocol
|
# early-data-header-name: Sec-WebSocket-Protocol
|
||||||
|
|
||||||
- name: "vmess-h2"
|
- name: "vmess-h2"
|
||||||
type: vmess
|
type: vmess
|
||||||
server: server
|
server: server
|
||||||
|
@ -349,7 +373,7 @@ proxies:
|
||||||
- http.example.com
|
- http.example.com
|
||||||
- http-alt.example.com
|
- http-alt.example.com
|
||||||
path: /
|
path: /
|
||||||
|
|
||||||
- name: "vmess-http"
|
- name: "vmess-http"
|
||||||
type: vmess
|
type: vmess
|
||||||
server: server
|
server: server
|
||||||
|
@ -360,15 +384,15 @@ proxies:
|
||||||
# udp: true
|
# udp: true
|
||||||
# network: http
|
# network: http
|
||||||
# http-opts:
|
# http-opts:
|
||||||
# # method: "GET"
|
# method: "GET"
|
||||||
# # path:
|
# path:
|
||||||
# # - '/'
|
# - '/'
|
||||||
# # - '/video'
|
# - '/video'
|
||||||
# # headers:
|
# headers:
|
||||||
# # Connection:
|
# Connection:
|
||||||
# # - keep-alive
|
# - keep-alive
|
||||||
# ip-version: ipv4 # 设置使用 IP 类型偏好,可选:ipv4,ipv6,dual,默认值:dual
|
# ip-version: ipv4 # 设置使用 IP 类型偏好,可选:ipv4,ipv6,dual,默认值:dual
|
||||||
|
|
||||||
- name: vmess-grpc
|
- name: vmess-grpc
|
||||||
server: server
|
server: server
|
||||||
port: 443
|
port: 443
|
||||||
|
@ -384,100 +408,7 @@ proxies:
|
||||||
grpc-opts:
|
grpc-opts:
|
||||||
grpc-service-name: "example"
|
grpc-service-name: "example"
|
||||||
# ip-version: ipv4
|
# ip-version: ipv4
|
||||||
|
|
||||||
# socks5
|
|
||||||
- name: "socks"
|
|
||||||
type: socks5
|
|
||||||
server: server
|
|
||||||
port: 443
|
|
||||||
# username: username
|
|
||||||
# password: password
|
|
||||||
# tls: true
|
|
||||||
# fingerprint: xxxx
|
|
||||||
# skip-cert-verify: true
|
|
||||||
# udp: true
|
|
||||||
# ip-version: ipv6
|
|
||||||
|
|
||||||
# http
|
|
||||||
- name: "http"
|
|
||||||
type: http
|
|
||||||
server: server
|
|
||||||
port: 443
|
|
||||||
# username: username
|
|
||||||
# password: password
|
|
||||||
# tls: true # https
|
|
||||||
# skip-cert-verify: true
|
|
||||||
# sni: custom.com
|
|
||||||
# fingerprint: xxxx # 同 experimental.fingerprints 使用 sha256 指纹,配置协议独立的指纹,将忽略 experimental.fingerprints
|
|
||||||
# ip-version: dual
|
|
||||||
|
|
||||||
# Snell
|
|
||||||
# Beware that there's currently no UDP support yet
|
|
||||||
- name: "snell"
|
|
||||||
type: snell
|
|
||||||
server: server
|
|
||||||
port: 44046
|
|
||||||
psk: yourpsk
|
|
||||||
# version: 2
|
|
||||||
# obfs-opts:
|
|
||||||
# mode: http # or tls
|
|
||||||
# host: bing.com
|
|
||||||
|
|
||||||
# Trojan
|
|
||||||
- name: "trojan"
|
|
||||||
type: trojan
|
|
||||||
server: server
|
|
||||||
port: 443
|
|
||||||
password: yourpsk
|
|
||||||
# client-fingerprint: random # Available: "chrome","firefox","safari","random","none"
|
|
||||||
# fingerprint: xxxx
|
|
||||||
# udp: true
|
|
||||||
# sni: example.com # aka server name
|
|
||||||
# alpn:
|
|
||||||
# - h2
|
|
||||||
# - http/1.1
|
|
||||||
# skip-cert-verify: true
|
|
||||||
|
|
||||||
- name: trojan-grpc
|
|
||||||
server: server
|
|
||||||
port: 443
|
|
||||||
type: trojan
|
|
||||||
password: "example"
|
|
||||||
network: grpc
|
|
||||||
sni: example.com
|
|
||||||
# skip-cert-verify: true
|
|
||||||
# fingerprint: xxxx
|
|
||||||
udp: true
|
|
||||||
grpc-opts:
|
|
||||||
grpc-service-name: "example"
|
|
||||||
|
|
||||||
- name: trojan-ws
|
|
||||||
server: server
|
|
||||||
port: 443
|
|
||||||
type: trojan
|
|
||||||
password: "example"
|
|
||||||
network: ws
|
|
||||||
sni: example.com
|
|
||||||
# skip-cert-verify: true
|
|
||||||
# fingerprint: xxxx
|
|
||||||
udp: true
|
|
||||||
# ws-opts:
|
|
||||||
# path: /path
|
|
||||||
# headers:
|
|
||||||
# Host: example.com
|
|
||||||
|
|
||||||
- name: "trojan-xtls"
|
|
||||||
type: trojan
|
|
||||||
server: server
|
|
||||||
port: 443
|
|
||||||
password: yourpsk
|
|
||||||
flow: "xtls-rprx-direct" # xtls-rprx-origin xtls-rprx-direct
|
|
||||||
flow-show: true
|
|
||||||
# udp: true
|
|
||||||
# sni: example.com # aka server name
|
|
||||||
# skip-cert-verify: true
|
|
||||||
# fingerprint: xxxx
|
|
||||||
|
|
||||||
# vless
|
# vless
|
||||||
- name: "vless-tcp"
|
- name: "vless-tcp"
|
||||||
type: vless
|
type: vless
|
||||||
|
@ -490,7 +421,21 @@ proxies:
|
||||||
# skip-cert-verify: true
|
# skip-cert-verify: true
|
||||||
# fingerprint: xxxx
|
# fingerprint: xxxx
|
||||||
# client-fingerprint: random # Available: "chrome","firefox","safari","random","none"
|
# client-fingerprint: random # Available: "chrome","firefox","safari","random","none"
|
||||||
|
|
||||||
|
- name: "vless-vision"
|
||||||
|
type: vless
|
||||||
|
server: server
|
||||||
|
port: 443
|
||||||
|
uuid: uuid
|
||||||
|
network: tcp
|
||||||
|
tls: true
|
||||||
|
udp: true
|
||||||
|
xudp: true
|
||||||
|
flow: xtls-rprx-vision # xtls-rprx-origin # enable XTLS
|
||||||
|
client-fingerprint: chrome
|
||||||
|
# fingerprint: xxxx
|
||||||
|
# skip-cert-verify: true
|
||||||
|
|
||||||
- name: "vless-ws"
|
- name: "vless-ws"
|
||||||
type: vless
|
type: vless
|
||||||
server: server
|
server: server
|
||||||
|
@ -507,6 +452,61 @@ proxies:
|
||||||
path: "/"
|
path: "/"
|
||||||
headers:
|
headers:
|
||||||
Host: example.com
|
Host: example.com
|
||||||
|
|
||||||
|
# Trojan
|
||||||
|
- name: "trojan"
|
||||||
|
type: trojan
|
||||||
|
server: server
|
||||||
|
port: 443
|
||||||
|
password: yourpsk
|
||||||
|
# client-fingerprint: random # Available: "chrome","firefox","safari","random","none"
|
||||||
|
# fingerprint: xxxx
|
||||||
|
# udp: true
|
||||||
|
# sni: example.com # aka server name
|
||||||
|
# alpn:
|
||||||
|
# - h2
|
||||||
|
# - http/1.1
|
||||||
|
# skip-cert-verify: true
|
||||||
|
|
||||||
|
- name: trojan-grpc
|
||||||
|
server: server
|
||||||
|
port: 443
|
||||||
|
type: trojan
|
||||||
|
password: "example"
|
||||||
|
network: grpc
|
||||||
|
sni: example.com
|
||||||
|
# skip-cert-verify: true
|
||||||
|
# fingerprint: xxxx
|
||||||
|
udp: true
|
||||||
|
grpc-opts:
|
||||||
|
grpc-service-name: "example"
|
||||||
|
|
||||||
|
- name: trojan-ws
|
||||||
|
server: server
|
||||||
|
port: 443
|
||||||
|
type: trojan
|
||||||
|
password: "example"
|
||||||
|
network: ws
|
||||||
|
sni: example.com
|
||||||
|
# skip-cert-verify: true
|
||||||
|
# fingerprint: xxxx
|
||||||
|
udp: true
|
||||||
|
# ws-opts:
|
||||||
|
# path: /path
|
||||||
|
# headers:
|
||||||
|
# Host: example.com
|
||||||
|
|
||||||
|
- name: "trojan-xtls"
|
||||||
|
type: trojan
|
||||||
|
server: server
|
||||||
|
port: 443
|
||||||
|
password: yourpsk
|
||||||
|
flow: "xtls-rprx-direct" # xtls-rprx-origin xtls-rprx-direct
|
||||||
|
flow-show: true
|
||||||
|
# udp: true
|
||||||
|
# sni: example.com # aka server name
|
||||||
|
# skip-cert-verify: true
|
||||||
|
# fingerprint: xxxx
|
||||||
|
|
||||||
#hysteria
|
#hysteria
|
||||||
- name: "hysteria"
|
- name: "hysteria"
|
||||||
|
@ -533,7 +533,8 @@ proxies:
|
||||||
# disable_mtu_discovery: false
|
# disable_mtu_discovery: false
|
||||||
# fingerprint: xxxx
|
# fingerprint: xxxx
|
||||||
# fast-open: true # 支持 TCP 快速打开,默认为 false
|
# fast-open: true # 支持 TCP 快速打开,默认为 false
|
||||||
|
|
||||||
|
# wireguard
|
||||||
- name: "wg"
|
- name: "wg"
|
||||||
type: wireguard
|
type: wireguard
|
||||||
server: 162.159.192.1
|
server: 162.159.192.1
|
||||||
|
@ -543,7 +544,9 @@ proxies:
|
||||||
private-key: eCtXsJZ27+4PbhDkHnB923tkUn2Gj59wZw5wFA75MnU=
|
private-key: eCtXsJZ27+4PbhDkHnB923tkUn2Gj59wZw5wFA75MnU=
|
||||||
public-key: Cr8hWlKvtDt7nrvf+f0brNQQzabAqrjfBvas9pmowjo=
|
public-key: Cr8hWlKvtDt7nrvf+f0brNQQzabAqrjfBvas9pmowjo=
|
||||||
udp: true
|
udp: true
|
||||||
# reserved: 'U4An'
|
reserved: "U4An"
|
||||||
|
|
||||||
|
# tuic
|
||||||
- name: tuic
|
- name: tuic
|
||||||
server: www.example.com
|
server: www.example.com
|
||||||
port: 10443
|
port: 10443
|
||||||
|
@ -552,16 +555,16 @@ proxies:
|
||||||
# ip: 127.0.0.1 # for overwriting the DNS lookup result of the server address set in option 'server'
|
# ip: 127.0.0.1 # for overwriting the DNS lookup result of the server address set in option 'server'
|
||||||
# heartbeat-interval: 10000
|
# heartbeat-interval: 10000
|
||||||
# alpn: [h3]
|
# alpn: [h3]
|
||||||
# disable-sni: true
|
disable-sni: true
|
||||||
reduce-rtt: true
|
reduce-rtt: true
|
||||||
# request-timeout: 8000
|
request-timeout: 8000
|
||||||
udp-relay-mode: native # Available: "native", "quic". Default: "native"
|
udp-relay-mode: native # Available: "native", "quic". Default: "native"
|
||||||
# congestion-controller: bbr # Available: "cubic", "new_reno", "bbr". Default: "cubic"
|
# congestion-controller: bbr # Available: "cubic", "new_reno", "bbr". Default: "cubic"
|
||||||
# max-udp-relay-packet-size: 1500
|
# max-udp-relay-packet-size: 1500
|
||||||
# fast-open: true
|
# fast-open: true
|
||||||
# skip-cert-verify: true
|
# skip-cert-verify: true
|
||||||
# max-open-streams: 20 # default 100, too many open streams may hurt performance
|
# max-open-streams: 20 # default 100, too many open streams may hurt performance
|
||||||
|
|
||||||
# ShadowsocksR
|
# ShadowsocksR
|
||||||
# The supported ciphers (encryption methods): all stream ciphers in ss
|
# The supported ciphers (encryption methods): all stream ciphers in ss
|
||||||
# The supported obfses:
|
# The supported obfses:
|
||||||
|
@ -582,8 +585,7 @@ proxies:
|
||||||
# protocol-param: "#"
|
# protocol-param: "#"
|
||||||
# udp: true
|
# udp: true
|
||||||
|
|
||||||
proxy-groups:
|
proxy-groups: # 代理链,若落地协议支持 UDP over TCP 则可支持 UDP
|
||||||
# 代理链,若落地协议支持 UDP over TCP 则可支持 UDP
|
|
||||||
# Traffic: clash <-> http <-> vmess <-> ss1 <-> ss2 <-> Internet
|
# Traffic: clash <-> http <-> vmess <-> ss1 <-> ss2 <-> Internet
|
||||||
- name: "relay"
|
- name: "relay"
|
||||||
type: relay
|
type: relay
|
||||||
|
@ -592,7 +594,7 @@ proxy-groups:
|
||||||
- vmess
|
- vmess
|
||||||
- ss1
|
- ss1
|
||||||
- ss2
|
- ss2
|
||||||
|
|
||||||
# url-test 将按照 url 测试结果使用延迟最低节点
|
# url-test 将按照 url 测试结果使用延迟最低节点
|
||||||
- name: "auto"
|
- name: "auto"
|
||||||
type: url-test
|
type: url-test
|
||||||
|
@ -604,7 +606,7 @@ proxy-groups:
|
||||||
# lazy: true
|
# lazy: true
|
||||||
url: "https://cp.cloudflare.com/generate_204"
|
url: "https://cp.cloudflare.com/generate_204"
|
||||||
interval: 300
|
interval: 300
|
||||||
|
|
||||||
# fallback 将按照 url 测试结果按照节点顺序选择
|
# fallback 将按照 url 测试结果按照节点顺序选择
|
||||||
- name: "fallback-auto"
|
- name: "fallback-auto"
|
||||||
type: fallback
|
type: fallback
|
||||||
|
@ -614,7 +616,7 @@ proxy-groups:
|
||||||
- vmess1
|
- vmess1
|
||||||
url: "https://cp.cloudflare.com/generate_204"
|
url: "https://cp.cloudflare.com/generate_204"
|
||||||
interval: 300
|
interval: 300
|
||||||
|
|
||||||
# load-balance 将按照算法随机选择节点
|
# load-balance 将按照算法随机选择节点
|
||||||
- name: "load-balance"
|
- name: "load-balance"
|
||||||
type: load-balance
|
type: load-balance
|
||||||
|
@ -624,8 +626,8 @@ proxy-groups:
|
||||||
- vmess1
|
- vmess1
|
||||||
url: "https://cp.cloudflare.com/generate_204"
|
url: "https://cp.cloudflare.com/generate_204"
|
||||||
interval: 300
|
interval: 300
|
||||||
# strategy: consistent-hashing # 可选 round-robin 和 sticky-sessions
|
# strategy: consistent-hashing # 可选 round-robin 和 sticky-sessions
|
||||||
|
|
||||||
# select 用户自行选择节点
|
# select 用户自行选择节点
|
||||||
- name: Proxy
|
- name: Proxy
|
||||||
type: select
|
type: select
|
||||||
|
@ -635,7 +637,7 @@ proxy-groups:
|
||||||
- ss2
|
- ss2
|
||||||
- vmess1
|
- vmess1
|
||||||
- auto
|
- auto
|
||||||
|
|
||||||
# 配置指定 interface-name 和 fwmark 的 DIRECT
|
# 配置指定 interface-name 和 fwmark 的 DIRECT
|
||||||
- name: en1
|
- name: en1
|
||||||
type: select
|
type: select
|
||||||
|
@ -643,7 +645,7 @@ proxy-groups:
|
||||||
routing-mark: 6667
|
routing-mark: 6667
|
||||||
proxies:
|
proxies:
|
||||||
- DIRECT
|
- DIRECT
|
||||||
|
|
||||||
- name: UseProvider
|
- name: UseProvider
|
||||||
type: select
|
type: select
|
||||||
filter: "HK|TW" # 正则表达式,过滤 provider1 中节点名包含 HK 或 TW
|
filter: "HK|TW" # 正则表达式,过滤 provider1 中节点名包含 HK 或 TW
|
||||||
|
@ -690,7 +692,8 @@ rules:
|
||||||
- DOMAIN-KEYWORD,google,ss1
|
- DOMAIN-KEYWORD,google,ss1
|
||||||
- IP-CIDR,1.1.1.1/32,ss1
|
- IP-CIDR,1.1.1.1/32,ss1
|
||||||
- IP-CIDR6,2409::/64,DIRECT
|
- IP-CIDR6,2409::/64,DIRECT
|
||||||
- SUB-RULE,(OR,((NETWORK,TCP),(NETWORK,UDP))),sub-rule-name1 # 当满足条件是 TCP 或 UDP 流量时,使用名为 sub-rule-name1 当规则集
|
# 当满足条件是 TCP 或 UDP 流量时,使用名为 sub-rule-name1 的规则集
|
||||||
|
- SUB-RULE,(OR,((NETWORK,TCP),(NETWORK,UDP))),sub-rule-name1
|
||||||
- SUB-RULE,(AND,((NETWORK,UDP))),sub-rule-name2
|
- SUB-RULE,(AND,((NETWORK,UDP))),sub-rule-name2
|
||||||
# 定义多个子规则集,规则将以分叉匹配,使用 SUB-RULE 使用
|
# 定义多个子规则集,规则将以分叉匹配,使用 SUB-RULE 使用
|
||||||
# google.com(not match)--> baidu.com(match)
|
# google.com(not match)--> baidu.com(match)
|
||||||
|
@ -717,15 +720,6 @@ sub-rules:
|
||||||
- IP-CIDR,8.8.8.8/32,ss1
|
- IP-CIDR,8.8.8.8/32,ss1
|
||||||
- DOMAIN,dns.alidns.com,REJECT
|
- DOMAIN,dns.alidns.com,REJECT
|
||||||
|
|
||||||
tls:
|
|
||||||
certificate: string # 证书 PEM 格式,或者 证书的路径
|
|
||||||
private-key: string # 证书对应的私钥 PEM 格式,或者私钥路径
|
|
||||||
# 自定义证书验证,将加入 Clash 证书验证中,绝大多数 TLS 相关支持,如:DNS
|
|
||||||
# 可用于自定义证书的验证
|
|
||||||
custom-certificates:
|
|
||||||
- certificate: string # 证书 PEM 格式,或者 证书的路径
|
|
||||||
private-key: string # 证书对应的私钥 PEM 格式,或者私钥路径
|
|
||||||
|
|
||||||
# 流量入站
|
# 流量入站
|
||||||
listeners:
|
listeners:
|
||||||
- name: socks5-in-1
|
- name: socks5-in-1
|
||||||
|
@ -735,14 +729,14 @@ listeners:
|
||||||
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
||||||
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理
|
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理
|
||||||
# udp: false # 默认 true
|
# udp: false # 默认 true
|
||||||
|
|
||||||
- name: http-in-1
|
- name: http-in-1
|
||||||
type: http
|
type: http
|
||||||
port: 10809
|
port: 10809
|
||||||
listen: 0.0.0.0
|
listen: 0.0.0.0
|
||||||
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
||||||
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
||||||
|
|
||||||
- name: mixed-in-1
|
- name: mixed-in-1
|
||||||
type: mixed # HTTP(S) 和 SOCKS 代理混合
|
type: mixed # HTTP(S) 和 SOCKS 代理混合
|
||||||
port: 10810
|
port: 10810
|
||||||
|
@ -750,14 +744,14 @@ listeners:
|
||||||
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
||||||
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
||||||
# udp: false # 默认 true
|
# udp: false # 默认 true
|
||||||
|
|
||||||
- name: reidr-in-1
|
- name: reidr-in-1
|
||||||
type: redir
|
type: redir
|
||||||
port: 10811
|
port: 10811
|
||||||
listen: 0.0.0.0
|
listen: 0.0.0.0
|
||||||
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
||||||
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
||||||
|
|
||||||
- name: tproxy-in-1
|
- name: tproxy-in-1
|
||||||
type: tproxy
|
type: tproxy
|
||||||
port: 10812
|
port: 10812
|
||||||
|
@ -765,7 +759,7 @@ listeners:
|
||||||
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
||||||
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
||||||
# udp: false # 默认 true
|
# udp: false # 默认 true
|
||||||
|
|
||||||
- name: shadowsocks-in-1
|
- name: shadowsocks-in-1
|
||||||
type: shadowsocks
|
type: shadowsocks
|
||||||
port: 10813
|
port: 10813
|
||||||
|
@ -774,7 +768,7 @@ listeners:
|
||||||
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
||||||
password: vlmpIPSyHH6f4S8WVPdRIHIlzmB+GIRfoH3aNJ/t9Gg=
|
password: vlmpIPSyHH6f4S8WVPdRIHIlzmB+GIRfoH3aNJ/t9Gg=
|
||||||
cipher: 2022-blake3-aes-256-gcm
|
cipher: 2022-blake3-aes-256-gcm
|
||||||
|
|
||||||
- name: vmess-in-1
|
- name: vmess-in-1
|
||||||
type: vmess
|
type: vmess
|
||||||
port: 10814
|
port: 10814
|
||||||
|
@ -785,7 +779,7 @@ listeners:
|
||||||
- username: 1
|
- username: 1
|
||||||
uuid: 9d0cb9d0-964f-4ef6-897d-6c6b3ccf9e68
|
uuid: 9d0cb9d0-964f-4ef6-897d-6c6b3ccf9e68
|
||||||
alterId: 1
|
alterId: 1
|
||||||
|
|
||||||
- name: tuic-in-1
|
- name: tuic-in-1
|
||||||
type: tuic
|
type: tuic
|
||||||
port: 10815
|
port: 10815
|
||||||
|
@ -802,7 +796,7 @@ listeners:
|
||||||
# alpn:
|
# alpn:
|
||||||
# - h3
|
# - h3
|
||||||
# max-udp-relay-packet-size: 1500
|
# max-udp-relay-packet-size: 1500
|
||||||
|
|
||||||
- name: tunnel-in-1
|
- name: tunnel-in-1
|
||||||
type: tunnel
|
type: tunnel
|
||||||
port: 10816
|
port: 10816
|
||||||
|
@ -811,7 +805,7 @@ listeners:
|
||||||
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
# proxy: proxy # 如果不为空则直接将该入站流量交由指定proxy处理(当proxy不为空时,这里的proxy名称必须合法,否则会出错)
|
||||||
network: [tcp, udp]
|
network: [tcp, udp]
|
||||||
target: target.com
|
target: target.com
|
||||||
|
|
||||||
- name: tun-in-1
|
- name: tun-in-1
|
||||||
type: tun
|
type: tun
|
||||||
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
# rule: sub-rule-name1 # 默认使用 rules,如果未找到 sub-rule 则直接使用 rules
|
||||||
|
@ -827,25 +821,25 @@ listeners:
|
||||||
inet6-address: # 必须手动设置ipv6地址段
|
inet6-address: # 必须手动设置ipv6地址段
|
||||||
- "fdfe:dcba:9877::1/126"
|
- "fdfe:dcba:9877::1/126"
|
||||||
# strict_route: true # 将所有连接路由到tun来防止泄漏,但你的设备将无法其他设备被访问
|
# strict_route: true # 将所有连接路由到tun来防止泄漏,但你的设备将无法其他设备被访问
|
||||||
# inet4_route_address: # 启用 auto_route 时使用自定义路由而不是默认路由
|
# inet4_route_address: # 启用 auto_route 时使用自定义路由而不是默认路由
|
||||||
# - 0.0.0.0/1
|
# - 0.0.0.0/1
|
||||||
# - 128.0.0.0/1
|
# - 128.0.0.0/1
|
||||||
# inet6_route_address: # 启用 auto_route 时使用自定义路由而不是默认路由
|
# inet6_route_address: # 启用 auto_route 时使用自定义路由而不是默认路由
|
||||||
# - "::/1"
|
# - "::/1"
|
||||||
# - "8000::/1"
|
# - "8000::/1"
|
||||||
# endpoint_independent_nat: false # 启用独立于端点的 NAT
|
# endpoint_independent_nat: false # 启用独立于端点的 NAT
|
||||||
# include_uid: # UID 规则仅在 Linux 下被支持,并且需要 auto_route
|
# include_uid: # UID 规则仅在 Linux 下被支持,并且需要 auto_route
|
||||||
# - 0
|
# - 0
|
||||||
# include_uid_range: # 限制被路由的的用户范围
|
# include_uid_range: # 限制被路由的的用户范围
|
||||||
# - 1000-99999
|
# - 1000-99999
|
||||||
# exclude_uid: # 排除路由的的用户
|
# exclude_uid: # 排除路由的的用户
|
||||||
#- 1000
|
# - 1000
|
||||||
# exclude_uid_range: # 排除路由的的用户范围
|
# exclude_uid_range: # 排除路由的的用户范围
|
||||||
# - 1000-99999
|
# - 1000-99999
|
||||||
|
|
||||||
# Android 用户和应用规则仅在 Android 下被支持
|
# Android 用户和应用规则仅在 Android 下被支持
|
||||||
# 并且需要 auto_route
|
# 并且需要 auto_route
|
||||||
|
|
||||||
# include_android_user: # 限制被路由的 Android 用户
|
# include_android_user: # 限制被路由的 Android 用户
|
||||||
# - 0
|
# - 0
|
||||||
# - 10
|
# - 10
|
||||||
|
@ -853,3 +847,23 @@ listeners:
|
||||||
# - com.android.chrome
|
# - com.android.chrome
|
||||||
# exclude_package: # 排除被路由的 Android 应用包名
|
# exclude_package: # 排除被路由的 Android 应用包名
|
||||||
# - com.android.captiveportallogin
|
# - com.android.captiveportallogin
|
||||||
|
|
||||||
|
# 入口配置与 Listener 等价,传入流量将和 socks,mixed 等入口一样按照 mode 所指定的方式进行匹配处理
|
||||||
|
# shadowsocks,vmess 入口配置(传入流量将和socks,mixed等入口一样按照mode所指定的方式进行匹配处理)
|
||||||
|
# ss-config: ss://2022-blake3-aes-256-gcm:vlmpIPSyHH6f4S8WVPdRIHIlzmB+GIRfoH3aNJ/t9Gg=@:23456
|
||||||
|
# vmess-config: vmess://1:9d0cb9d0-964f-4ef6-897d-6c6b3ccf9e68@:12345
|
||||||
|
|
||||||
|
# tuic服务器入口(传入流量将和socks,mixed等入口一样按照mode所指定的方式进行匹配处理)
|
||||||
|
# tuic-server:
|
||||||
|
# enable: true
|
||||||
|
# listen: 127.0.0.1:10443
|
||||||
|
# token:
|
||||||
|
# - TOKEN
|
||||||
|
# certificate: ./server.crt
|
||||||
|
# private-key: ./server.key
|
||||||
|
# congestion-controller: bbr
|
||||||
|
# max-idle-time: 15000
|
||||||
|
# authentication-timeout: 1000
|
||||||
|
# alpn:
|
||||||
|
# - h3
|
||||||
|
# max-udp-relay-packet-size: 1500
|
Loading…
Reference in a new issue