port: 7890 socks-port: 7891 redir-port: 7892 allow-lan: false mode: rule log-level: info external-controller: '0.0.0.0:9090' secret: '' ipv6: false # 启用 geodata 模式和自定义 geoip 数据库 geodata-mode: true geodata-loader: standard # 自动更新 GEO geo-auto-update: true # 更新间隔,单位为小时 geo-update-interval: 24 # 自定 GEO 下载地址 geox-url: geoip: 'https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geoip.dat/' geosite: 'https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geosite.dat/' mmdb: 'https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geoip.metadb/' asn: 'https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/GeoLite2-ASN.mmdb/' # 【Meta专属】TCP连接并发,如果域名解析结果对应多个IP,并发所有IP,选择握手最快的IP进行连接 tcp-concurrent: true # geox-url: # geoip: "https://cdn.jsdelivr.net/gh/Loyalsoldier/geoip@release/geoip.dat" # 添加远端节点链接 proxy-providers: isif18r: type: http url: http://152.53.33.92:50004/hatGZgTX6VUe2T2EwZJjf4PY3sr7/download/isif18r?target=ClashMeta&includeUnsupportedProxy=true interval: 3600 path: ./profiles/isif18r.yaml health-check: enable: true interval: 600 url: http://www.gstatic.com/generate_204 proxies: - name: "🇯🇵 WAP Vless" type: vless server: 103.238.129.85 port: 8549 uuid: d7d341eb-5818-4ac7-9ee7-83ab0042f729 network: tcp udp: true tls: true flow: xtls-rprx-vision servername: www.lovelive-anime.jp client-fingerprint: chrome reality-opts: public-key: "iGb6lCFLaqV2HfLMrLNhh1Zyc0z3tRStN5cnhLIyFg0" short-id: "73ffdce4e65638ea" - name: "🇯🇵 WAP SS" type: ss server: 103.238.129.85 port: 8546 tfo: true udp: true udp-over-tcp: true udp-over-tcp-version: 2 mptcp: true cipher: 2022-blake3-aes-128-gcm password: "gGbxvQIGYnsd8KNv0DzwzA==" smux: enabled: true padding: true - name: "🇯🇵 橙子云 SS" type: ss server: 74.113.96.208 port: 21001 tfo: true udp: true udp-over-tcp: true udp-over-tcp-version: 2 mptcp: true cipher: 2022-blake3-aes-128-gcm password: "gGbxvQIGYnsd8KNv0DzwzA==" smux: enabled: true padding: true - name: "🇩🇪 NETCUP Hysteria2" type: hysteria2 server: netcuphyw.812371.xyz port: 8849 password: gGbxvQIGYnsd8KNv0DzwzA== sni: netcuphyw.812371.xyz skip-cert-verify: false alpn: - h3 - name: "🇩🇪 9929-NETCUP SS" type: ss server: fastu.kxy.ovh port: 13121 tfo: true udp: true udp-over-tcp: true udp-over-tcp-version: 2 mptcp: true cipher: 2022-blake3-aes-128-gcm password: "gGbxvQIGYnsd8KNv0DzwzA==" smux: enabled: true padding: true - name: "🇺🇸 CNFaster CN2GIA Vless" type: vless server: cnfus.812371.xyz port: 8943 uuid: d7d341eb-5818-4ac7-9ee7-83ab0042f729 network: tcp udp: true tls: true flow: xtls-rprx-vision servername: www.lovelive-anime.jp client-fingerprint: chrome reality-opts: public-key: "iGb6lCFLaqV2HfLMrLNhh1Zyc0z3tRStN5cnhLIyFg0" short-id: "73ffdce4e65638ea" - name: "🇺🇸 CNFaster CN2GIA SS" type: ss server: cnfus.812371.xyz port: 8946 tfo: true udp: true udp-over-tcp: true udp-over-tcp-version: 2 mptcp: true cipher: 2022-blake3-aes-128-gcm password: "gGbxvQIGYnsd8KNv0DzwzA==" smux: enabled: true padding: true - name: "🇭🇰 KXY hk v6" type: hysteria2 server: hxyhk.812371.xyz port: 9049 password: gGbxvQIGYnsd8KNv0DzwzA== sni: hxyhk.812371.xyz skip-cert-verify: false alpn: - h3 - name: "🇺🇸 RackNerd Reality" type: vless server: racknerdus.812371.xyz port: 9843 uuid: bf000d23-0752-40b4-affe-68f7707a9661 network: tcp udp: true tls: true flow: xtls-rprx-vision servername: gamedownloads-rockstargames-com.akamaized.net client-fingerprint: chrome reality-opts: public-key: "cVoqcDbBIWrRCrKn2gI_VHFTbyjMOj4ovDE2jKjvJgA" short-id: "b2c86d5449d237fa" - name: "🇹🇼 IEPL-Lain SS" type: ss server: 103.216.253.110 port: 62016 cipher: aes-128-gcm password: 8eLTxLWml4weLT9KW2x9ig== udp: true - name: "🇹🇼 IEPL-Lain SS CMI" type: ss server: 120.232.217.115 port: 62016 cipher: aes-128-gcm password: 8eLTxLWml4weLT9KW2x9ig== udp: true - name: "🇹🇼 IEPL-CNF SS CMI" type: ss server: 103.216.253.110 port: 62017 cipher: aes-128-gcm password: 8eLTxLWml4weLT9KW2x9ig== udp: true - name: "🇹🇼 LOC-Lain Hysteria2" type: hysteria2 server: locvpshk.812371.xyz port: 10001 password: gGbxvQIGYnsd8KNv0DzwzA== sni: laintw.812371.xyz skip-cert-verify: false alpn: - h3 - name: "🇹🇼 LOC-Lain Reality" type: vless server: locvpshk.812371.xyz port: 10002 uuid: d7d341eb-5818-4ac7-9ee7-83ab0042f729 network: tcp udp: true tls: true flow: xtls-rprx-vision servername: www.lovelive-anime.jp client-fingerprint: chrome reality-opts: public-key: "iGb6lCFLaqV2HfLMrLNhh1Zyc0z3tRStN5cnhLIyFg0" short-id: "73ffdce4e65638ea" - name: "🇹🇼 LOC-Lain SS" type: ss server: locvpshk.812371.xyz port: 10008 tfo: true udp: true udp-over-tcp: true udp-over-tcp-version: 2 mptcp: true cipher: 2022-blake3-aes-128-gcm password: "gGbxvQIGYnsd8KNv0DzwzA==" smux: enabled: true padding: true - name: "🇭🇰 LOC-KXYHK Reality" type: vless server: locvpshk.812371.xyz port: 10003 uuid: bf000d23-0752-40b4-affe-68f7707a9661 network: tcp udp: true tls: true flow: xtls-rprx-vision servername: www.amd.com client-fingerprint: chrome reality-opts: public-key: "cVoqcDbBIWrRCrKn2gI_VHFTbyjMOj4ovDE2jKjvJgA" short-id: "b2c86d5449d237fa" - name: "🇮🇩 HK转印尼 Hysteria2" type: hysteria2 server: aliyunhk.812371.xyz port: 30010 password: gGbxvQIGYnsd8KNv0DzwzA== sni: yajiada.812371.xyz skip-cert-verify: true alpn: - h3 - name: 🇸🇬 BegaVM-AWS_Hy2 type: hysteria2 server: aswgs.xxop.de port: 30575 password: 7f1a51ce-d5df-4bd5-951a-a51c6535b488 alpn: - h3 sni: bsgg.xxop.de up: "2000 Mbps" down: "2000 Mbps" proxy-groups: - name: '🚀 节点选择' type: select proxies: - DIRECT - '🇯🇵 WAP Vless' - '🇯🇵 橙子云 SS' - '🇹🇼 LOC-Lain Reality' - '🇹🇼 IEPL-Lain SS' - '🇹🇼 IEPL-Lain SS CMI' - '🇹🇼 IEPL-CNF SS CMI' - '🇹🇼 LOC-Lain SS' - '🇺🇸 CNFaster CN2GIA SS' - '🇺🇸 CNFaster CN2GIA Vless' - '🇺🇸 RackNerd Reality' - '🇩🇪 9929-NETCUP SS' use: - isif18r - name: 'Ⓜ️ 微软服务' type: select proxies: - '🎯 全球直连' - '🚀 节点选择' - name: '🍎 苹果服务' type: select proxies: - '🚀 节点选择' - '🎯 全球直连' - name: '📢 谷歌FCM' type: select proxies: - '🚀 节点选择' - '🎯 全球直连' - name: '🎯 全球直连' type: select proxies: - DIRECT - '🚀 节点选择' - name: '📽︎ PT 站点' type: select proxies: - '🚀 节点选择' - '🇯🇵 WAP Vless' - name: '🐟 漏网之鱼' type: select proxies: - '🚀 节点选择' - '🎯 全球直连' - name: '🤖 GPT' type: select proxies: - '🇹🇼 LOC-Lain SS' - '🇯🇵 WAP SS' - '🇯🇵 WAP Vless' - '🚀 节点选择' - name: '🤖 Gemini' type: select proxies: - '🇺🇸 CNFaster CN2GIA SS' - '🇺🇸 CNFaster CN2GIA Vless' - '🇺🇸 RackNerd Reality' - name: '🍿 NETFLIX' type: select proxies: - '🇸🇬 BegaVM-AWS_Hy2' - '🚀 节点选择' - name: '🎮 Steam' type: select proxies: - '🇺🇸 CNFaster CN2GIA SS' - '🇺🇸 CNFaster CN2GIA Vless' - '🚀 节点选择' - name: '🐧 论坛' type: select proxies: - '🇺🇸 CNFaster CN2GIA SS' - '🔄 故障转移' - '🚀 节点选择' - '🇭🇰 LOC-KXYHK Reality' - '🇺🇸 CNFaster CN2GIA Vless' - '🇺🇸 RackNerd Reality' - '🇯🇵 WAP Vless' - name: "💚 NTRRR自动切换" type: fallback url: "https://stream.ntrrr.top" interval: 200 tolerance: 1000 proxies: - '🇯🇵 WAP SS' - '🇯🇵 WAP Vless' - name: "🔄 故障转移" type: fallback url: "http://www.gstatic.com/generate_204" interval: 30 tolerance: 50 proxies: - '🇯🇵 WAP SS' - '🇯🇵 WAP Vless' - '🇺🇸 RackNerd Reality' - '🇸🇬 BegaVM-AWS_Hy2' rules: # PROXY # Steam - DOMAIN-SUFFIX,steam-chat.com,🎮 Steam - DOMAIN-SUFFIX,steamcommunity.com,🎮 Steam - DOMAIN-SUFFIX,steamdb.info,🎮 Steam - DOMAIN-SUFFIX,steampowered.com,🎮 Steam - DOMAIN-SUFFIX,steamstatic.com,DIRECT - DOMAIN-SUFFIX,steamserver.net,DIRECT # OpenAI - GEOSITE,openai,🤖 GPT - DOMAIN-SUFFIX,chatgpt.com,🤖 GPT # Claude - DOMAIN,cdn.usefathom.com,🤖 GPT - DOMAIN-SUFFIX,anthropic.com,🤖 GPT - DOMAIN-SUFFIX,claude.ai,🤖 GPT # Deepseek - DOMAIN-SUFFIX,deepseek.com,🤖 GPT # Gemini - RULE-SET,gemini,🤖 Gemini # NETFLIX - RULE-SET,netflix,🍿 NETFLIX # OZOO.TOP - DOMAIN-KEYWORD,ozoo.top,🐧 论坛 #论坛 - DOMAIN,www.nodeseek.com,🐧 论坛 - DOMAIN,www.nodehatch.com,🐧 论坛 - DOMAIN-KEYWORD,linux.do,🐧 论坛 - DOMAIN-SUFFIX,right.com.cn,🐧 论坛 - DOMAIN-KEYWORD,gmail678.cc,🐧 论坛 #gmail发卡网 # 强制代理 - DOMAIN,stream.ntrrr.top,💚 NTRRR自动切换 # PT站 - DOMAIN-KEYWORD,hhanclub,📽︎ PT 站点 - DOMAIN-KEYWORD,club.hares,📽︎ PT 站点 - DOMAIN-KEYWORD,piggo.me,📽︎ PT 站点 - DOMAIN-KEYWORD,leaves.red,📽︎ PT 站点 # Direct直连 - IP-CIDR,13.113.147.158/8,🎯 全球直连 - DOMAIN-KEYWORD,1password,🎯 全球直连 # 苹果服务 - GEOSITE,icloud,🍎 苹果服务 - GEOSITE,apple,🍎 苹果服务 # 谷歌服务 - GEOSITE,google,🚀 节点选择 - GEOIP,google,🚀 节点选择,no-resolve # 微软服务 - RULE-SET,Microsoft,Ⓜ️ 微软服务 # 微信 - RULE-SET,wechat,🎯 全球直连 # 最终规则 - RULE-SET,reject,REJECT - RULE-SET,applications,🎯 全球直连 - DOMAIN,clash.razord.top,🎯 全球直连 - DOMAIN,yacd.haishan.me,🎯 全球直连 - RULE-SET,proxy,🚀 节点选择 - RULE-SET,private,🎯 全球直连 - RULE-SET,direct,🎯 全球直连 - GEOIP,LAN,🎯 全球直连 - GEOSITE,geolocation-cn,DIRECT - GEOIP,CN,🎯 全球直连 - MATCH,🐟 漏网之鱼 rule-providers: reject: type: http behavior: domain url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/reject.txt" path: ./ruleset/reject.yaml interval: 86400 Microsoft: type: http behavior: domain url: "https://gitea.ozoo.top/public/rule/src/commit/13a014bdc2d40eca741dee407b99e32b800215ad/Microsoft.yaml" path: ./ruleset/Microsoft.yaml interval: 86400 proxy: type: http behavior: domain url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/proxy.txt" path: ./ruleset/proxy.yaml interval: 86400 direct: type: http behavior: domain url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/direct.txt" path: ./ruleset/direct.yaml interval: 86400 private: type: http behavior: domain url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/private.txt" path: ./ruleset/private.yaml interval: 86400 applications: type: http behavior: classical url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/applications.txt" path: ./ruleset/applications.yaml interval: 86400 netflix: type: http behavior: classical url: "https://cdn.jsdelivr.net/gh/blackmatrix7/ios_rule_script@master/rule/Clash/Netflix/Netflix.yaml" path: ./ruleset/netflix.yaml interval: 86400 gemini: type: http behavior: classical url: "https://cdn.jsdelivr.net/gh/blackmatrix7/ios_rule_script@master/rule/Clash/Gemini/Gemini.yaml" path: ./ruleset/gemini.yaml interval: 86400 wechat: type: http behavior: classical url: "https://cdn.jsdelivr.net/gh/blackmatrix7/ios_rule_script@master/rule/Loon/WeChat/WeChat.list" path: ./ruleset/wechat.yaml interval: 86400 # DNS 服务器配置(可选;若不配置,程序内置的 DNS 服务会被关闭) dns: enable: true listen: :53 ipv6: false # 当此选项为 false 时, AAAA 请求将返回空 prefer-h3: false respect-rules: true enhanced-mode: redir-host # 以下填写的 DNS 服务器将会被用来解析 DNS 服务的域名 # 仅填写 DNS 服务器的 IP 地址 default-nameserver: - 119.29.29.29 - 223.6.6.6 # enhanced-mode: fake-ip # 或 redir-host # fake-ip-range: 198.18.0.1/16 # Fake IP 地址池 (CIDR 形式) # # use-hosts: true # 查询 hosts 并返回 IP 记录 # # 在以下列表的域名将不会被解析为 fake ip,这些域名相关的解析请求将会返回它们真实的 IP 地址 # fake-ip-filter: # # 以下域名列表参考自 vernesong/OpenClash 项目,并由 Hackl0us 整理补充 # - '*.lan' # - '*.localdomain' # - '*.example' # - '*.invalid' # - '*.localhost' # - '*.test' # - '*.local' # - '*.home.arpa' # - 'time.*.com' # - 'time.*.gov' # - 'time.*.edu.cn' # - 'time.*.apple.com' # - 'time1.*.com' # - 'time2.*.com' # - 'time3.*.com' # - 'time4.*.com' # - 'time5.*.com' # - 'time6.*.com' # - 'time7.*.com' # - 'ntp.*.com' # - 'ntp1.*.com' # - 'ntp2.*.com' # - 'ntp3.*.com' # - 'ntp4.*.com' # - 'ntp5.*.com' # - 'ntp6.*.com' # - 'ntp7.*.com' # - '*.time.edu.cn' # - '*.ntp.org.cn' # - '+.pool.ntp.org' # - 'time1.cloud.tencent.com' # - 'music.163.com' # - '*.music.163.com' # - '*.126.net' # - 'musicapi.taihe.com' # - 'music.taihe.com' # - 'songsearch.kugou.com' # - 'trackercdn.kugou.com' # - '*.kuwo.cn' # - 'api-jooxtt.sanook.com' # - 'api.joox.com' # - 'joox.com' # - 'y.qq.com' # - '*.y.qq.com' # - 'streamoc.music.tc.qq.com' # - 'mobileoc.music.tc.qq.com' # - 'isure.stream.qqmusic.qq.com' # - 'dl.stream.qqmusic.qq.com' # - 'aqqmusic.tc.qq.com' # - 'amobile.music.tc.qq.com' # - '*.xiami.com' # - '*.music.migu.cn' # - 'music.migu.cn' # - '*.msftconnecttest.com' # - '*.msftncsi.com' # - 'msftconnecttest.com' # - 'msftncsi.com' # - 'localhost.ptlogin2.qq.com' # - 'localhost.sec.qq.com' # - '+.srv.nintendo.net' # - '+.stun.playstation.net' # - 'xbox.*.microsoft.com' # - '*.*.xboxlive.com' # - '+.battlenet.com.cn' # - '+.wotgame.cn' # - '+.wggames.cn' # - '+.wowsgame.cn' # - '+.wargaming.net' # - 'proxy.golang.org' # - 'stun.*.*' # - 'stun.*.*.*' # - '+.stun.*.*' # - '+.stun.*.*.*' # - '+.stun.*.*.*.*' # - 'heartbeat.belkin.com' # - '*.linksys.com' # - '*.linksyssmartwifi.com' # - '*.router.asus.com' # - 'mesu.apple.com' # - 'swscan.apple.com' # - 'swquery.apple.com' # - 'swdownload.apple.com' # - 'swcdn.apple.com' # - 'swdist.apple.com' # - 'lens.l.google.com' # - 'stun.l.google.com' # - '+.nflxvideo.net' # - '*.square-enix.com' # - '*.finalfantasyxiv.com' # - '*.ffxiv.com' # - '*.mcdn.bilivideo.cn' # - WORKGROUP # 支持 UDP / TCP / DoT / DoH 协议的 DNS 服务,可以指明具体的连接端口号。 # 所有 DNS 请求将会直接发送到服务器,不经过任何代理。 # Clash 会使用最先获得的解析记录回复 DNS 请求 nameserver-policy: "geosite:cn,private,geolocation-cn": [https://1.12.12.12/dns-query, https://223.5.5.5/dns-query] nameserver: - https://8.8.8.8/dns-query - https://1.1.1.1/dns-query proxy-server-nameserver: - https://1.12.12.12/dns-query - https://223.5.5.5/dns-query # 当 fallback 参数被配置时, DNS 请求将同时发送至上方 nameserver 列表和下方 fallback 列表中配置的所有 DNS 服务器. # 当解析得到的 IP 地址的地理位置不是 CN 时,clash 将会选用 fallback 中 DNS 服务器的解析结果。 # fallback: # - https://dns.google/dns-query # 如果使用 nameserver 列表中的服务器解析的 IP 地址在下方列表中的子网中,则它们被认为是无效的, # Clash 会选用 fallback 列表中配置 DNS 服务器解析得到的结果。 # # 当 fallback-filter.geoip 为 true 且 IP 地址的地理位置为 CN 时, # Clash 会选用 nameserver 列表中配置 DNS 服务器解析得到的结果。 # # 当 fallback-filter.geoip 为 false, 如果解析结果不在 fallback-filter.ipcidr 范围内, # Clash 总会选用 nameserver 列表中配置 DNS 服务器解析得到的结果。 # # 采取以上逻辑进行域名解析是为了对抗 DNS 投毒攻击。 # fallback-filter: # geoip: false # ipcidr: # - 0.0.0.0/8 # - 10.0.0.0/8 # - 100.64.0.0/10 # - 127.0.0.0/8 # - 169.254.0.0/16 # - 172.16.0.0/12 # - 192.0.0.0/24 # - 192.0.2.0/24 # - 192.88.99.0/24 # - 192.168.0.0/16 # - 198.18.0.0/15 # - 198.51.100.0/24 # - 203.0.113.0/24 # - 224.0.0.0/4 # - 240.0.0.0/4 # - 255.255.255.255/32 # domain: # - '+.google.com' # - '+.facebook.com' # - '+.youtube.com' # - '+.githubusercontent.com' # - '+.googlevideo.com'