MENU

Clash神机规则备份|Clash配置文件模板存档

• 2020 年 03 月 06 日 • 教程·知识共享

Backed up from: https://github.com/DivineEngine/Profiles/blob/master/Clash/Global.yaml

# Port of HTTP(S) proxy server on the local end
# port: 7890

# Port of SOCKS5 proxy server on the local end
# socks-port: 7891

# Transparent proxy server port for Linux and macOS
# redir-port: 7892

# HTTP(S) and SOCKS5 server on the same port
mixed-port: 7890

# authentication of local SOCKS5/HTTP(S) server
# authentication:
#  - "user1:pass1"
#  - "user2:pass2"

# Set to true to allow connections to local-end server from
# other LAN IP addresses
allow-lan: false

# This is only applicable when `allow-lan` is `true`
# '*': bind all IP addresses
# 192.168.122.11: bind a single IPv4 address
# "[aaaa::a8aa:ff:fe09:57d8]": bind a single IPv6 address
bind-address: '*'

# Clash router working mode
# rule: rule-based packet routing
# global: all packets will be forwarded to a single endpoint
# direct: directly forward the packets to the Internet
mode: rule

# Clash by default prints logs to STDOUT
# info / warning / error / debug / silent
log-level: info

# When set to false, resolver won't translate hostnames to IPv6 addresses
ipv6: false

# RESTful web API listening address
external-controller: 127.0.0.1:9090

# A relative path to the configuration directory or an absolute path to a
# directory in which you put some static web resource. Clash core will then
# serve it at `${API}/ui`.
# external-ui: folder

# Secret for the RESTful API (optional)
# Authenticate by spedifying HTTP header `Authorization: Bearer ${secret}`
# ALWAYS set a secret if RESTful API is listening on 0.0.0.0
# secret: ""

# Outbound interface name
# interface-name: en0

# Static hosts for DNS server and connection establishment, only works
# when `dns.enhanced-mode` is `redir-host`.
#
# Wildcard hostnames are supported (e.g. *.clash.dev, *.foo.*.example.com)
# Non-wildcard domain names has a higher priority than wildcard domain names
# e.g. foo.example.com > *.example.com > .example.com
# P.S. +.foo.com equals to .foo.com and foo.com
hosts:
  'mtalk.google.com': 108.177.125.188
  't.cn': 203.107.55.116
  # '*.clash.dev': 127.0.0.1
  # '.dev': 127.0.0.1
  # 'alpha.clash.dev': '::1'

# DNS server settings
# This section is optional. When not present, DNS server will be disabled.
dns:
  enable: false
  listen: 0.0.0.0:53
  # ipv6: false # when false, response to AAAA questions will be empty

  # These nameservers are used to resolve the DNS nameserver hostnames below.
  # Specify IP addresses only
  default-nameserver:
    - 119.29.29.29
    - 1.0.0.1
  enhanced-mode: redir-host # or fake-ip
  fake-ip-range: 198.18.0.1/16 # Fake IP addresses pool CIDR
  
  # Hostnames in this list will not be resolved with fake IPs
  # i.e. questions to these domain names will always be answered with their
  # real IP addresses
  # fake-ip-filter:
  #   - '*.lan'
  #   - localhost.ptlogin2.qq.com
  
  # Supports UDP, TCP, DoT, DoH. You can specify the port to connect to.
  # All DNS questions are sent directly to the nameserver, without proxies
  # involved. Clash answers the DNS question with the first result gathered.
  nameserver:
    - 119.29.29.29
    # - tls://dns.rubyfish.cn:853 # DNS over TLS
    # - https://1.1.1.1/dns-query # DNS over HTTPS

  # When `fallback` is present, the DNS server will send concurrent requests
  # to the servers in this section along with servers in `nameservers`.
  # The answers from fallback servers are used when the GEOIP country
  # is not `CN`.
  fallback:
    - https://cloudflare-dns.com/dns-query

  # If IP addresses resolved with servers in `nameservers` are in the specified
  # subnets below, they are considered invalid and results from `fallback`
  # servers are used instead.
  #
  # IP address resolved with servers in `nameserver` is used when
  # `fallback-filter.geoip` is true and when GEOIP of the IP address is `CN`.
  #
  # If `fallback-filter.geoip` is false, results from `fallback` nameservers
  # are always used, and answers from `nameservers` are discarded.
  #
  # This is a countermeasure against DNS pollution attacks.
  fallback-filter:
    geoip: true
    ipcidr:
      # - 240.0.0.0/4

proxies:
# 支持的协议及加密算法示例请查阅 Clash 项目 README 以使用最新格式:https://github.com/Dreamacro/clash/blob/master/README.md

  # Shadowsocks(Websocket + TLS)
  - name: "1"
    type: ss
    server: server
    port: 443
    cipher: chacha20-ietf-poly1305
    password: "password"
    plugin: v2ray-plugin
    plugin-opts:
      mode: websocket # no QUIC now
      tls: true # wss
      # skip-cert-verify: true
      # host: bing.com
      path: "/s"
      # mux: true
      # headers:
      #   custom: value

  # VMess(Websocket + TLS)
  - name: "2"
    type: vmess
    server: v2ray.cool
    port: 443
    uuid: a3482e88-686a-4a58-8126-99c9df64b7bf
    alterId: 32
    cipher: auto
    # udp: true
    tls: true
    # skip-cert-verify: true
    network: ws
    ws-path: /v
    # ws-headers:
    #   Host: v2ray.com

  # Trojan
  - name: "3"
    type: trojan
    server: server
    port: 443
    password: yourpsk
    # udp: true
    # sni: example.com # aka server name
    # alpn:
    #   - h2
    #   - http/1.1
    # skip-cert-verify: true

# 服务器节点订阅
proxy-providers:
  # name: # Provider 名称
  #   type: http # http 或 file
  #   path: # 文件路径
  #   url: # 只有当类型为 HTTP 时才可用,您不需要在本地空间中创建新文件。
  #   interval: # 自动更新间隔,仅在类型为 HTTP 时可用
  #   health-check: # 健康检查选项从此处开始
  #     enable:
  #     url: 
  #     interval: 

  #
  # 「url」参数填写订阅链接
  #
  # 订阅链接可以使用 API 进行转换,如:https://sub.dler.io/
  #
  # 1.模式选择「进阶模式」 2.填写订阅链接 3.勾选「输出为 Node List」 4.「生成订阅链接」
  #

  # 此处只是订阅示例,如果没有订阅链接的使用需求,此处及 proxy-groups 的相关内容可删除

  DuckDuckGoList: #「冲鸭机场」订阅
    type: http
    url: "https://raw.githubusercontent.com/DivineEngine/Profiles/master/Clash/ProxyList/List.yaml" # 放机场订阅链接
    interval: 3600
    path: ./Proxy/List.yaml # 注意此处文件名不可相同
    health-check:
      enable: true
      interval: 600
      url: http://www.gstatic.com/generate_204

  # DuckDuckGoUS: #「冲鸭机场」订阅美国地区节点
  #   type: http
  #   url: "https://raw.githubusercontent.com/DivineEngine/Profiles/master/Clash/ProxyList/US.yaml" # 放机场订阅链接
  #   interval: 3600
  #   path: ./Proxy/US.yaml # 注意此处文件名不可相同
  #   health-check:
  #     enable: true
  #     interval: 600
  #     url: http://www.gstatic.com/generate_204

proxy-groups:
# 策略组示例请查阅 Clash 项目 README 以使用最新格式:https://github.com/Dreamacro/clash/blob/master/README.md

#
# 策略组说明
#
# 「MATCH」类似 Surge 的「Final」,此处用于选择白名单模式(PROXY 策略)和黑名单模式(DIRECT 策略)
#
# 「Streaming」和「StreamingSE」比较好理解,有专用于流媒体的节点就设置到其中,如果没有「StreamingSE」的需求可以连带 Rule 部分一起删掉,「Streaming」需至少保留 Rule,用「PROXY」即可。
#
# 「PROXY」是代理规则策略,它可以指定为某个节点或嵌套一个其他策略组,如:「自动测试」、「Fallback」或「负载均衡」的策略组,关于这 3 个策略组的具体示例可以看官方示例:https://github.com/Dreamacro/clash
#

  # 注意此处的「use」而不是「proxies」,当然也可以不用在此先嵌套一个策略组进行选择,可以直接使用,如
  #
  # # 代理节点选择
  # - name: "PROXY"
  #   type: select
  #   use:
  #     - DuckDuckGo # 嵌套使用订阅节点策略组
  #   proxies:
  #     - Fallback
  #     - 1
  #     - 2
  #     - 3
  #
  # 但如果订阅节点很多选起来就很麻烦,不如先嵌套一个策略组进行手动或自动的选择。

  # 手动选择订阅节点
  - name: "DuckDuckGo"
    type: select # 亦可使用 fallback 或 load-balance
    use: # 注意此处是「use」
      - DuckDuckGoList # 这是上面「proxy-providers」的名称

  # - name: "US"
  #   type: select # 亦可使用 fallback 或 load-balance
  #   use: # 注意此处是「use」
  #     - DuckDuckGoUS # 这是上面「proxy-providers」的名称

  # Fallback 比较实用的策略组类型,用于测试服务器节点的可用性,当第一个节点不可用时切换到第二个,以此类推。
  - name: "Fallback"
    type: fallback
    proxies:
      - 1
      - 2
      - 3
    url: 'http://www.gstatic.com/generate_204'
    interval: 300

  # 代理节点选择
  - name: "PROXY"
    type: select
    proxies:
      - Fallback
      - 1
      - 2
      - 3
      - DuckDuckGo # 嵌套使用订阅节点策略组

  # 白名单模式 PROXY, 黑名单模式 DIRECT, 不知道别动
  - name: "MATCH"
    type: select
    proxies:
      - PROXY
      - DIRECT

  # 国际流媒体服务
  - name: "Streaming"
    type: select
    proxies:
      - PROXY
      - 1
      - 2
      - 3
      # - US

  # 中国流媒体服务(面向海外版本)
  # 用于观看部分国内流媒体面向港澳台的地区的限定内容,此处应放港澳台节点,如果没有此需求可删除此处策略组及相关规则
  - name: "StreamingSE"
    type: select
    proxies:
      - DIRECT
      - 2

# 关于 Rule Provider 请查阅:https://lancellc.gitbook.io/clash/clash-config-file/rule-provider

rule-providers:
# name: # Provider 名称
#   type: http # http 或 file
#   behavior: classical # 或 ipcidr、domain
#   path: # 文件路径
#   url: # 只有当类型为 HTTP 时才可用,您不需要在本地空间中创建新文件。
#   interval: # 自动更新间隔,仅在类型为 HTTP 时可用

  Unbreak:
    type: http
    behavior: classical
    path: ./RuleSet/Unbreak.yaml
    url: https://raw.githubusercontent.com/DivineEngine/Profiles/master/Clash/RuleSet/Unbreak.yaml
    interval: 86400

  Streaming:
    type: http
    behavior: classical
    path: ./RuleSet/StreamingMedia/Streaming.yaml
    url: https://raw.githubusercontent.com/DivineEngine/Profiles/master/Clash/RuleSet/StreamingMedia/Streaming.yaml
    interval: 86400

  StreamingSE:
    type: http
    behavior: classical
    path: ./RuleSet/StreamingMedia/StreamingSE.yaml
    url: https://raw.githubusercontent.com/DivineEngine/Profiles/master/Clash/RuleSet/StreamingMedia/StreamingSE.yaml
    interval: 86400

  Global:
    type: http
    behavior: classical
    path: ./RuleSet/Global.yaml
    url: https://raw.githubusercontent.com/DivineEngine/Profiles/master/Clash/RuleSet/Global.yaml
    interval: 86400

  China:
    type: http
    behavior: classical
    path: ./RuleSet/China.yaml
    url: https://raw.githubusercontent.com/DivineEngine/Profiles/master/Clash/RuleSet/China.yaml
    interval: 86400

  ChinaIP:
    type: http
    behavior: ipcidr
    path: ./RuleSet/Extra/ChinaIP.yaml
    url: https://raw.githubusercontent.com/DivineEngine/Profiles/master/Clash/RuleSet/Extra/ChinaIP.yaml
    interval: 86400

# 规则
rules:
  # Unbreak
  - RULE-SET,Unbreak,DIRECT

  # Global Area Network

  # (Streaming Media)
  - RULE-SET,Streaming,Streaming

  # (StreamingSE)
  - RULE-SET,StreamingSE,StreamingSE

  # (DNS Cache Pollution) / (IP Blackhole) / (Region-Restricted Access Denied) / (Network Jitter)
  - RULE-SET,Global,PROXY

  # China Area Network
  - RULE-SET,China,DIRECT

  # Local Area Network
  - IP-CIDR,192.168.0.0/16,DIRECT
  - IP-CIDR,10.0.0.0/8,DIRECT
  - IP-CIDR,172.16.0.0/12,DIRECT
  - IP-CIDR,127.0.0.0/8,DIRECT
  - IP-CIDR,100.64.0.0/10,DIRECT
  - IP-CIDR,224.0.0.0/4,DIRECT

  # (可选)使用来自 ipipdotnet 的 ChinaIP 以解决数据不准确的问题,使用 ChinaIP.yaml 时可禁用下列直至(包括)「GEOIP,CN」规则
  # - RULE-SET,ChinaIP,DIRECT
  # Tencent
  - IP-CIDR,119.28.28.28/32,DIRECT
  - IP-CIDR,182.254.116.0/24,DIRECT
  # GeoIP China
  - GEOIP,CN,DIRECT

  - MATCH,MATCH
最后编辑于: 2020 年 09 月 08 日
返回文章列表 打赏
本页链接的二维码
打赏二维码
添加新评论

已有 10 条评论
  1. nanashi nanashi

    想问下,mac的clash怎么导入这些规则啊

    1. @nanashi可以在本地手动编辑,也可以在线编辑👉 https://clash.skk.moe/
      编辑完成后手动导入ClashX(R)。也可以直接用订阅API转换,转换之后会替换成神机规则。
      参考👇
      https://merlinblog.xyz/wiki/ClashX.html
      https://merlinblog.xyz/wiki/api.html

  2. 马马虎虎 马马虎虎

    请问怎么吧规则设置成延迟最低?我在你给的那个api转换上,给的是fallback规则,为什么没有test,请教一下

    1. @马马虎虎手动改成url-test即可。或者使用配置文件版。可以在教程里找找灵感:https://merlinblog.xyz/wiki/api.html

  3. 诺陌 诺陌

    谢谢大佬

  4. loong loong

    请问这个规则 可以放到你提供的API编辑吗

    1. @loong你可以使用这个API的进阶版来选择远程配置:https://gfwsb.114514.best/

  5. br br

    clash安卓导入失败,提示initial rule provider streaming error:not support on this platform,在Windows上正常。

    1. @br安卓平台貌似还不支持provider的写法吧。