A-A+
自用的 clash 规则+对于“防 DNS 泄露”
以下是我自己使用的 yaml 配置文件,使用了 rule-providers 特性以进行规则分流,并使这些规则每 24hr 自动更新。规则来自Loyalsoldier/clash-rules
适用于 PC 端的 clash-verge-rev 、OpenWrt 端的 openclash 、iOS 端的 stash ,其余未测试(最好尽量关闭这些客户端的 dns 覆写设置)
未使用在 ip 规则后加 no-resolve ,或 nameserver-policy 等方式进行所谓的“防止 DNS 泄露”,如有需要可在配置底部最后 5 条“IP 地址规则”末尾添加“,no-resolve”即可,但个人并不建议这样操作,原因后面会说,这里先贴出完整配置(节点信息自己补充)
port: 7890
socks-port: 7891
allow-lan: true
mode: Rule
log-level: info
external-controller: :9090
dns:
enable: true
prefer-h3: true
default-nameserver:
- 114.114.114.114
- 119.29.29.29
nameserver:
- 114.114.114.114
- 119.29.29.29
fallback:
- https://dns.google/dns-query
- https://dns.cloudflare.com/dns-query
fake-ip-filter:
[
"*.n.n.srv.nintendo.net",
+.stun.playstation.net,
xbox.*.*.microsoft.com,
"*.msftncsi.com",
"*.msftconnecttest.com",
WORKGROUP,
"*.lan",
stun.*.*,
stun.*.*.*,
+.stun.*.*,
+.stun.*.*.*,
+.stun.*.*.*.*,
+.stun.*.*.*.*.*,
time.windows.com,
time.nist.gov,
time.apple.com,
time.asia.apple.com,
"*.ntp.org.cn",
"*.openwrt.pool.ntp.org",
time1.cloud.tencent.com,
time.ustc.edu.cn,
pool.ntp.org,
ntp.ubuntu.com,
"*.*.xboxlive.com",
speedtest.cros.wr.pvp.net,
]
proxies: ~
proxy-groups:
- name: 节点选择
type: select
proxies:
- DIRECT
- 自动选择
- name: 自动选择
type: url-test
url: http://www.gstatic.com/generate_204
interval: 300
- name: 全球直连
type: select
proxies:
- DIRECT
- 节点选择
- 自动选择
- name: 一堵高墙
type: select
proxies:
- 节点选择
- 自动选择
- 全球直连
- name: 谷歌
type: select
proxies:
- 节点选择
- 自动选择
- 全球直连
- name: 电报
type: select
proxies:
- 节点选择
- 自动选择
- 全球直连
- name: 苹果云同步
type: select
proxies:
- 节点选择
- 自动选择
- 全球直连
- name: 苹果
type: select
proxies:
- 节点选择
- 自动选择
- 全球直连
- name: 境外
type: select
proxies:
- 节点选择
- 自动选择
- 全球直连
- name: 私有
type: select
proxies:
- 全球直连
- 节点选择
- 自动选择
- name: 境内
type: select
proxies:
- 全球直连
- 节点选择
- 自动选择
- name: 常用软件
type: select
proxies:
- 全球直连
- 节点选择
- 自动选择
- name: 漏网之鱼
type: select
proxies:
- 节点选择
- 自动选择
- 全球直连
rule-providers:
icloud:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/icloud.txt"
path: ./ruleset/icloud.yaml
interval: 86400
apple:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/apple.txt"
path: ./ruleset/apple.yaml
interval: 86400
google:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/google.txt"
path: ./ruleset/google.yaml
interval: 86400
proxy:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/proxy.txt"
path: ./ruleset/proxy.yaml
interval: 86400
direct:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/direct.txt"
path: ./ruleset/direct.yaml
interval: 86400
private:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/private.txt"
path: ./ruleset/private.yaml
interval: 86400
gfw:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/gfw.txt"
path: ./ruleset/gfw.yaml
interval: 86400
tld-not-cn:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/tld-not-cn.txt"
path: ./ruleset/tld-not-cn.yaml
interval: 86400
telegramcidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/telegramcidr.txt"
path: ./ruleset/telegramcidr.yaml
interval: 86400
cncidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/cncidr.txt"
path: ./ruleset/cncidr.yaml
interval: 86400
lancidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt"
path: ./ruleset/lancidr.yaml
interval: 86400
applications:
type: http
behavior: classical
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/applications.txt"
path: ./ruleset/applications.yaml
interval: 86400
rules:
# 普通规则
- RULE-SET,private,私有
- RULE-SET,applications,常用软件
- RULE-SET,direct,境内
- RULE-SET,gfw,一堵高墙
- RULE-SET,icloud,苹果云同步
- RULE-SET,apple,苹果
- RULE-SET,google,谷歌
- RULE-SET,proxy,境外
# IP 地址规则
- RULE-SET,telegramcidr,电报
- RULE-SET,lancidr,私有
- RULE-SET,cncidr,境内
- GEOIP,LAN,私有
- GEOIP,CN,境内
# 兜底规则
- MATCH,漏网之鱼
文章来源:https://www.v2ex.com/t/1137959#reply10
布施恩德可便相知重
微信扫一扫打赏
支付宝扫一扫打赏