# DNS防泄露版本 # 不是必须请勿用,不懂不要随便更改DNS模块 # 必读!!! # 注意规则在满足自己需求情况下,尽量做到精简,不要过度复杂,以免影响性能。 # 跑裸核用户请自行去掉下方控制面板模块的注释。 # 机场订阅 proxy-providers: Airport1: url: "https://substore.fed.cc/L5kRzQn7Xg9tJcVb2pM4/download/collection/Combo?target=ClashMeta" type: http interval: 86400 health-check: enable: true url: http://wifi.vivo.com.cn/generate_204 interval: 300 proxy: 直连 # 节点信息 proxies: - {name: 直连, type: direct} - name: "🇭🇰 HK | Jinx(Vless)" type: vless server: 103.135.251.145 port: 19524 uuid: b243998a-e985-4401-9f2c-66ca9b6abfd8 network: tcp tls: true udp: true flow: xtls-rprx-vision client-fingerprint: safari servername: icloud.com reality-opts: public-key: lo01-TUk_Oc3Ahzs6YfKQu-kYAfF4wH9OO4U5QJMwjg - name: "🇭🇰 HK | HKT(Vless)" type: vless server: 157.254.53.140 port: 443 uuid: 628880dd-02e4-4637-d8e8-689c0548a568 network: tcp tls: true udp: true flow: xtls-rprx-vision client-fingerprint: chrome servername: www.icloud.com reality-opts: public-key: Z3P-jKtg3meORnm8Qiwx9f8B_FcPa5DRkUGcC5WMWlU - name: "🇯🇵 JP | Bage(Vless)" type: vless server: 103.117.102.106 port: 443 uuid: 954253b4-4a4e-4b17-e470-54024114c6d3 network: tcp tls: true udp: true flow: xtls-rprx-vision client-fingerprint: chrome servername: icloud.com reality-opts: public-key: 3SzRiXjn4zg37CoGEELfuJTwmH9VeBMvWOI0iSTSHFc - name: "🇸🇬 SG | Onidel(Vless)" type: vless server: 103.135.251.145 port: 25027 uuid: 796258ed-53e4-4120-d6d6-67279a5a9a1b network: tcp tls: true udp: true flow: xtls-rprx-vision client-fingerprint: safari servername: icloud.com reality-opts: public-key: _K5TaKp28yEiTCcoUle9zZN-uCfTnwJMY7qmknkpjDw - name: "🇺🇲 US | PalmSpring(Vless)" type: vless server: 154.21.87.9 port: 443 uuid: f766b909-7000-4403-c26f-201afcaafdaa network: tcp tls: true udp: true flow: xtls-rprx-vision client-fingerprint: firefox servername: amd.com reality-opts: public-key: r2tAPH-K1WLjlpytoWstVxFrytTEYxdNf5HYrlS24lo # 全局配置 port:0 socks-port: 7891 redir-port: 7892 mixed-port: 7890 tproxy-port: 7894 allow-lan: true bind-address: "*" ipv6: false unified-delay: true tcp-concurrent: true log-level: warning find-process-mode: 'off' global-client-fingerprint: chrome keep-alive-idle: 600 keep-alive-interval: 15 profile: store-selected: true store-fake-ip: true # 嗅探配置 sniffer: enable: true parse-pure-ip: true # 建议开启,有利于嗅探纯IP流量 sniff: HTTP: ports: [80, 8080-8880] override-destination: false TLS: ports: [443, 8443] QUIC: ports: [443, 8443] force-domain: - "+.v2ex.com" skip-domain: - "+.baidu.com" - "Mijia Cloud" - "+.push.apple.com" # 优化:跳过苹果推送嗅探 # 入站配置 tun: enable: true stack: mixed dns-hijack: ["any:53", "tcp://any:53"] auto-route: false auto-redirect: false auto-detect-interface: false # DNS模块 - 优化版 dns: enable: true listen: 0.0.0.0:1053 ipv6: false respect-rules: true enhanced-mode: fake-ip fake-ip-range: 28.0.0.1/8 fake-ip-filter-mode: blacklist proxy-server-nameserver: - 223.5.5.5 - 119.29.29.29 # 优化:默认 DNS 使用 UDP 以提高速度,DoH 虽然安全但握手较慢,适合作为 nameserver-policy 或 fallback default-nameserver: - 223.5.5.5 - 119.29.29.29 nameserver: - 223.5.5.5 - 119.29.29.29 # 策略分流 nameserver-policy: "rule-set:private_domain,cn_domain,apple_domain": - 223.5.5.5 - 119.29.29.29 fake-ip-filter: - "rule-set:private_domain,cn_domain,apple_domain" - "+.stun.*.*" - "+.stun.*" - "+.time.windows.com" - "wlan.m.iqiyi.com" - "msftconnecttest.com" - "msftncsi.com" # 出站策略 - 优化:精简了列表,移除了冗余的节点组 proxy-groups: # 核心策略 - {name: 🚀 默认代理, type: select, proxies: [♻️ 自动选择, ♻️ 香港自动, ♻️ 日本自动, ♻️ 狮城自动, ♻️ 美国自动, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇸🇬 狮城节点, 🇺🇲 美国节点, 🔯 香港故转, 🔯 日本故转, 🔯 狮城故转, 🔯 美国故转, 直连]} - {name: ✈️ Speedtest, type: select, include-all: true} # 场景策略 (精简了列表,优先展示自动优选和地区选择,减少视觉干扰) - {name: 📹 YouTube, type: select, proxies: [♻️ 美国自动, ♻️ 香港自动, ♻️ 日本自动, ♻️ 狮城自动, ♻️ 自动选择, 🇺🇲 美国节点, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇸🇬 狮城节点, 🚀 默认代理]} - {name: 🍀 Google, type: select, proxies: [♻️ 香港自动, ♻️ 日本自动, ♻️ 狮城自动, ♻️ 美国自动, ♻️ 自动选择, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇸🇬 狮城节点, 🇺🇲 美国节点, 🚀 默认代理]} - {name: 🤖 AI, type: select, proxies: [♻️ 美国自动, ♻️ 日本自动, ♻️ 狮城自动, 🇺🇲 美国节点, 🇯🇵 日本节点, 🇸🇬 狮城节点, 🚀 默认代理]} - {name: 📲 Telegram, type: select, proxies: [♻️ 自动选择, ♻️ 香港自动, ♻️ 狮城自动, ♻️ 日本自动, ♻️ 美国自动, 🇭🇰 香港节点, 🇸🇬 狮城节点, 🚀 默认代理]} - {name: 🎥 NETFLIX, type: select, proxies: [♻️ 狮城自动, ♻️ 香港自动, ♻️ 日本自动, ♻️ 美国自动, 🇸🇬 狮城节点, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇺🇲 美国节点, 🚀 默认代理]} # 其他应用策略 - {name: 🍎 Apple, type: select, proxies: [🚀 默认代理, 直连, ♻️ 美国自动, ♻️ 香港自动, ♻️ 日本自动, ♻️ 自动选择]} - {name: 👨🏿‍💻 GitHub, type: select, proxies: [🚀 默认代理, ♻️ 香港自动, ♻️ 美国自动, ♻️ 自动选择]} - {name: 🐬 OneDrive, type: select, proxies: [🚀 默认代理, 直连, ♻️ 自动选择]} - {name: 🪟 Microsoft, type: select, proxies: [🚀 默认代理, 直连, ♻️ 自动选择]} - {name: 🎵 TikTok, type: select, proxies: [♻️ 日本自动, ♻️ 狮城自动, ♻️ 美国自动, 🇯🇵 日本节点, 🇸🇬 狮城节点, 🇺🇲 美国节点]} - {name: 💶 PayPal, type: select, proxies: [🚀 默认代理, ♻️ 美国自动, ♻️ 自动选择]} - {name: 🐟 漏网之鱼, type: select, proxies: [🚀 默认代理, 直连, ♻️ 自动选择]} # 地区筛选组 (保持原样,逻辑正确) - {name: 🇭🇰 香港节点, type: select, include-all: true, filter: "(?i)港|hk|hongkong|hong kong"} - {name: 🇯🇵 日本节点, type: select, include-all: true, filter: "(?i)日|jp|japan"} - {name: 🇸🇬 狮城节点, type: select, include-all: true, filter: "(?i)新加坡|坡|狮城|SG|Singapore"} - {name: 🇺🇲 美国节点, type: select, include-all: true, filter: "(?i)美|us|unitedstates|united states"} # 自动优选组 (URL-Test) - {name: ♻️ 自动选择, type: url-test, include-all: true, tolerance: 50, interval: 300, filter: "^((?!(直连|流量|剩|到期|重置|官网)).)*$"} - {name: ♻️ 香港自动, type: url-test, include-all: true, tolerance: 20, interval: 300, filter: "(?=.*(港|HK|(?i)Hong))^((?!(台|日|韩|新|深|美)).)*$"} - {name: ♻️ 日本自动, type: url-test, include-all: true, tolerance: 20, interval: 300, filter: "(?=.*(日|JP|(?i)Japan))^((?!(港|台|韩|新|美)).)*$" } - {name: ♻️ 狮城自动, type: url-test, include-all: true, tolerance: 20, interval: 300, filter: "(?=.*(新加坡|坡|狮城|SG|Singapore))^((?!(港|台|韩|日|美)).)*$" } - {name: ♻️ 美国自动, type: url-test, include-all: true, tolerance: 20, interval: 300, filter: "(?=.*(美|US|(?i)States|America))^((?!(港|台|日|韩|新)).)*$"} # 故障转移组 (Fallback) - 放在最后,作为备选 - {name: 🔯 香港故转, type: fallback, include-all: true, tolerance: 20, interval: 300, filter: "(?=.*(港|HK|(?i)Hong))^((?!(台|日|韩|新|深|美)).)*$"} - {name: 🔯 日本故转, type: fallback, include-all: true, tolerance: 20, interval: 300, filter: "(?=.*(日|JP|(?i)Japan))^((?!(港|台|韩|新|美)).)*$" } - {name: 🔯 狮城故转, type: fallback, include-all: true, tolerance: 20, interval: 300, filter: "(?=.*(新加坡|坡|狮城|SG|Singapore))^((?!(台|日|韩|深|美)).)*$"} - {name: 🔯 美国故转, type: fallback, include-all: true, tolerance: 20, interval: 300, filter: "(?=.*(美|US|(?i)States|America))^((?!(港|台|韩|新|日)).)*$" } # 规则匹配 - 优化:修复了Apple规则冲突,调整了顺序 rules: # 自定义规则 - DOMAIN-SUFFIX,uhdnow.com,🇭🇰 HK | Jinx(Vless) - DOMAIN-SUFFIX,qichiyu.com,🚀 默认代理 # 本地/私有网络 - 必须最优先 - RULE-SET,private_ip,直连,no-resolve - RULE-SET,private_domain,直连 # 特定应用规则 - RULE-SET,speedtest,✈️ Speedtest - RULE-SET,ai,🤖 AI - RULE-SET,github_domain,👨🏿‍💻 GitHub - RULE-SET,youtube_domain,📹 YouTube - RULE-SET,google_domain,🍀 Google - RULE-SET,onedrive_domain,🐬 OneDrive - RULE-SET,microsoft_domain,🪟 Microsoft - RULE-SET,tiktok_domain,🎵 TikTok - RULE-SET,telegram_domain,📲 Telegram - RULE-SET,netflix_domain,🎥 NETFLIX - RULE-SET,paypal_domain,💶 PayPal # Apple 优化:只保留一个策略,由策略组决定是直连还是代理 - RULE-SET,apple_domain,🍎 Apple - RULE-SET,apple_ip,🍎 Apple # IP 规则 (带 no-resolve 的放在域名规则后) - RULE-SET,google_ip,🍀 Google,no-resolve - RULE-SET,netflix_ip,🎥 NETFLIX,no-resolve - RULE-SET,telegram_ip,📲 Telegram,no-resolve # 兜底规则 - RULE-SET,geolocation-!cn,🚀 默认代理 - RULE-SET,cn_domain,直连 - RULE-SET,cn_ip,直连 - MATCH,🐟 漏网之鱼 # 规则集 (保持原样,无需修改) rule-anchor: ip: &ip {type: http, interval: 86400, behavior: ipcidr, format: mrs} domain: &domain {type: http, interval: 86400, behavior: domain, format: mrs} class: &class {type: http, interval: 86400, behavior: classical, format: text} rule-providers: speedtest: type: http behavior: domain format: text interval: 86400 url: https://ruleset.skk.moe/Clash/domainset/speedtest.txt path: ./sukkaw_ruleset/speedtest.txt private_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/private.mrs"} proxylite: { <<: *class, url: "https://raw.githubusercontent.com/qichiyuhub/rule/refs/heads/main/proxy.list"} ai: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/category-ai-!cn.mrs" } youtube_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/youtube.mrs"} google_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/google.mrs"} github_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/github.mrs"} telegram_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/telegram.mrs"} netflix_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/netflix.mrs"} paypal_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/paypal.mrs"} onedrive_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/onedrive.mrs"} microsoft_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/microsoft.mrs"} apple_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/apple.mrs"} tiktok_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/tiktok.mrs"} geolocation-!cn: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/geolocation-!cn.mrs"} cn_domain: { <<: *domain, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/cn.mrs"} private_ip: {<<: *ip, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geoip/private.mrs"} cn_ip: { <<: *ip, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geoip/cn.mrs"} google_ip: { <<: *ip, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geoip/google.mrs"} telegram_ip: { <<: *ip, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geoip/telegram.mrs"} netflix_ip: { <<: *ip, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geoip/netflix.mrs"} apple_ip: {<<: *ip, url: "https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo-lite/geoip/apple.mrs"}