From ddac51323c197790b2daaa8d88cc0c4d0cfa2e05 Mon Sep 17 00:00:00 2001 From: DaTekShaman Date: Wed, 3 Dec 2025 17:29:18 +0300 Subject: [PATCH] Updates --- config-clash/pontifex/pontifex.yaml | 176 +++++++++++------- .../testzone-a.yaml | 5 +- .../consolidated-services/crypto.yaml | 3 + rule-provider/consolidated-services/porn.yaml | 5 +- 4 files changed, 116 insertions(+), 73 deletions(-) diff --git a/config-clash/pontifex/pontifex.yaml b/config-clash/pontifex/pontifex.yaml index 81aa179..b7b26df 100644 --- a/config-clash/pontifex/pontifex.yaml +++ b/config-clash/pontifex/pontifex.yaml @@ -4,7 +4,12 @@ socks-port: 7891 redir-port: 7892 tproxy-port: 7893 mixed-port: 7894 + allow-lan: true +lan-allowed-ips: + - 0.0.0.0/0 + - ::/0 + bind-address: "*" # authentication of local SOCKS5/HTTP(S) server # authentication: @@ -22,12 +27,18 @@ ipv6: false unified-delay: true log-level: info disable-keep-alive: true -# interface-name: en0 # Outbound interface name +# keep-alive-interval: 15 +# keep-alive-idle: 15 +find-process-mode: off # Options: always, strict, off +# global-client-fingerprint: random # Options: chrome, firefox, safari, iOS, android, edge, 360, qq, random +# tcp-concurrent: true # Enable TCP concurrent connections, which will use all IP addresses resolved by DNS for connections, using the first successful connection. +# routing-mark: 6666 +# interface-name: eth0 # Outbound interface name # ————————————————————————————————————————————————————— SMART GROUPS ———————————————————————————————————————————————————— -lgbm-auto-update: true # enable model auto update, the default is false -lgbm-update-interval: 72 # model auto update interval, the default is 72 (hours) -lgbm-url: "https://github.com/vernesong/mihomo/releases/download/LightGBM-Model/Model.bin" # model update url +lgbm-auto-update: true # model auto update, the default is false +lgbm-update-interval: 72 # model auto update interval, the default is 72 (hours) +lgbm-url: "https://github.com/vernesong/mihomo/releases/download/LightGBM-Model/Model.bin" # model update url # ———————————————————————————————————————————————————————— HOSTS ———————————————————————————————————————————————————————— hosts: @@ -54,42 +65,57 @@ sniffer: parse-pure-ip: true override-destination: true sniff: - QUIC: - ports: - - 443 - TLS: - ports: - - 443 - - 8443 HTTP: - ports: - - 80 - - 8080-8880 + ports: [80, 8080-8880] override-destination: true - force-domain: - - "+.netflix.com" - - "+.nflxvideo.net" - - "+.amazonaws.com" - - "+.media.dssott.com" - skip-domain: - - "+.apple.com" - - Mijia Cloud - - dlg.io.mi.com - - "+.oray.com" - - "+.sunlogin.net" - - "+.push.apple.com" + TLS: + ports: [443, 8443] + QUIC: + ports: [443, 8443] + # force-domain: + # skip-domain: + # skip-src-address: + # skip-dst-address + +# ————————————————————————————————————————————————————————— TUN ————————————————————————————————————————————————————————— +tun: + enable: false + # stack: mixed + # auto-route: true + # auto-redirect: true + # auto-detect-interface: true + # dns-hijack: + # - any:53 + # - tcp://any:53 + # device: Mihomo + # mtu: 1420 + # strict-route: true + # gso: true + # gso-max-size: 65536 + # udp-timeout: 300 + +# ————————————————— GEO DATA CONFIGURATION ————————————————— https://github.com/runetfreedom/russia-v2ray-rules-dat ————— +geodata-mode: true +geodata-loader: memconservative +geo-auto-update: true +geo-update-interval: 24 +geox-url: + geoip: https://raw.githubusercontent.com/runetfreedom/russia-v2ray-rules-dat/release/geoip.dat + geosite: https://raw.githubusercontent.com/runetfreedom/russia-v2ray-rules-dat/release/geosite.dat +global-ua: clash.meta +etag-support: true # ————————————————————————————————————————————————————————— DNS ————————————————————————————————————————————————————————— dns: enable: true + enhanced-mode: fake-ip + cache-algorithm: arc ipv6: false listen: 0.0.0.0:53 - default-nameserver: - - 1.1.1.1 - - 8.8.8.8 - - 9.9.9.9 - enhanced-mode: fake-ip + prefer-h3: true + respect-rules: false use-hosts: true + fake-ip-range: 198.18.0.1/16 fake-ip-filter-mode: blacklist fake-ip-filter: @@ -103,6 +129,10 @@ dns: - '+.ru' - '+.рф' - '+.su' + default-nameserver: + - 1.1.1.1 + - 8.8.8.8 + - 9.9.9.9 nameserver: - 192.168.10.4 - 192.168.10.7 @@ -117,6 +147,8 @@ dns: # - https://d.adguard-dns.com/dns-query/5ffb7de2 # nameserver-policy: # '+.shamanlanding.org': '192.168.10.4' + direct-nameserver-follow-policy: true + fallback: - https://d.adguard-dns.com/dns-query/5ffb7de2 # Fallback DNS @ https://adguard-dns.io/en/dashboard/ - https://dns.comss.one/dns-query # Fallback DNS Comss.one @@ -130,13 +162,12 @@ dns: - 77.88.8.1 fallback-filter: geoip: false - ipcidr: [] - domain: [] - geosite: [] -# ————————————————————————————————————————————————————————— TUN ————————————————————————————————————————————————————————— + # ipcidr: [] + # domain: [] + # geosite: [] # ———————————————————————————————————————————————————————— MACRO ———————————————————————————————————————————————————————— -# # ————————————————————————————————— drect proxy ————————————————————————————————— # +# # ———————————————————————————————— direct proxy ————————————————————————————————— # direct_proxy: &direct_proxy type: direct udp: true @@ -144,11 +175,18 @@ dns: # # ———————————————————————————————— health checks ———————————————————————————————— # health-check-for-providers: &health_check_for_providers enable: true - interval: 600 + interval: 1200 + expected-status: 204 + timeout: 1000 + tolerance: 100 url: https://www.gstatic.com/generate_204 health-check: &health_check + enable: true interval: 300 + expected-status: 204 + timeout: 1000 + tolerance: 100 url: https://www.gstatic.com/generate_204 # # —————————————————————————————————— selectors —————————————————————————————————— # group-selector: &group_selector @@ -967,34 +1005,34 @@ rule-providers: <<: *default_rule_provider_config 🛜 VLAN10: - url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/VLAN10.yaml - path: "./rule_provider/services/consolidated-lists-private/VLAN10.yaml" + url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/vlan10.yaml + path: "./rule_provider/services/consolidated-lists-private/vlan10.yaml" <<: *default_rule_provider_config 🛜 VLAN20: - url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/VLAN20.yaml - path: "./rule_provider/services/consolidated-lists-private/VLAN20.yaml" + url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/vlan20.yaml + path: "./rule_provider/services/consolidated-lists-private/vlan20.yaml" <<: *default_rule_provider_config 🛜 VLAN30: - url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/VLAN30.yaml - path: "./rule_provider/services/consolidated-lists-private/VLAN30.yaml" + url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/vlan30.yaml + path: "./rule_provider/services/consolidated-lists-private/vlan30.yaml" <<: *default_rule_provider_config 🛜 VLAN40: - url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/VLAN40.yaml - path: "./rule_provider/services/consolidated-lists-private/VLAN40.yaml" + url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/vlan40.yaml + path: "./rule_provider/services/consolidated-lists-private/vlan40.yaml" <<: *default_rule_provider_config 🛜 VLAN50: - url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/VLAN50.yaml - path: "./rule_provider/services/consolidated-lists-private/VLAN50.yaml" + url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/vlan50.yaml + path: "./rule_provider/services/consolidated-lists-private/vlan50.yaml" <<: *default_rule_provider_config 🛜 VLAN90: - url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/VLAN90.yaml - path: "./rule_provider/services/consolidated-lists-private/VLAN90.yaml" + url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/vlan90.yaml + path: "./rule_provider/services/consolidated-lists-private/vlan90.yaml" <<: *default_rule_provider_config - 🛜 Webway Priority Clients: + 🛜 Webway Priority: url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/webway-priority.yaml path: "./rule_provider/services/consolidated-lists-private/webway-priority.yaml" <<: *default_rule_provider_config - 🛜 Webway Unprivileged Clients: + 🛜 Webway Unprivileged: url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-lists-private/webway-unprivileged.yaml path: "./rule_provider/services/consolidated-lists-private/webway-unprivileged.yaml" <<: *default_rule_provider_config @@ -1306,25 +1344,27 @@ rule-providers: # ———————————————————————————————————————————————————————— RULES ———————————————————————————————————————————————————————— rules: -# ————————————————————— source ip match ————————————————————— # +# ——————————————————————— direct first —————————————————————— # ————————————————————————————————————————————————————————— +- RULE-SET,📃 General Direct Domain List,DIRECT +- RULE-SET,📃 General Direct IP List,DIRECT +- GEOSITE,PRIVATE,DIRECT +- GEOIP,PRIVATE,DIRECT,no-resolve + +# ————————————————————— source ip match ————————————————————— # ————————————————————————————————————————————————————————— - RULE-SET,🛜 VLAN10,VLAN10 - RULE-SET,🛜 VLAN20,VLAN10 - RULE-SET,🛜 VLAN30,VLAN20 - RULE-SET,🛜 VLAN40,VLAN40 - RULE-SET,🛜 VLAN50,VLAN50 - RULE-SET,🛜 VLAN90,VLAN90 -- RULE-SET,🛜 Webway Priority Clients,Webway Priority Clients -- RULE-SET,🛜 Webway Unprivileged Clients,Webway Unprivileged Clients +- RULE-SET,🛜 Webway Priority,Webway Priority Clients +- RULE-SET,🛜 Webway Unprivileged,Webway Unprivileged Clients - RULE-SET,🛜 Smart TV Clients,Smart TV Clients - RULE-SET,🛜 Torrent Clients,Torrent Clients - RULE-SET,🛝 Testzone A,Testzone 🅰 - RULE-SET,🛝 Testzone B,Testzone 🅱 -# ——————————————————————— direct first —————————————————————— # -- RULE-SET,📃 General Direct Domain List,DIRECT -- RULE-SET,📃 General Direct IP List,DIRECT - -# ———————————————————————— by service ——————————————————————— # +# ———————————————————————— by service ——————————————————————— # ————————————————————————————————————————————————————————— - RULE-SET,Adobe,Adobe - RULE-SET,AliExpress,AliExpress - RULE-SET,Amazon,Amazon @@ -1364,7 +1404,7 @@ rules: - RULE-SET,XBox,XBox - RULE-SET,YouTube,YouTube -# ————————————————————— by service group ———————————————————— # +# ————————————————————— by service group ———————————————————— # ————————————————————————————————————————————————————————— - RULE-SET,📦 AI Stuff,AI Stuff - RULE-SET,📦 Crypto Stuff,Crypto Stuff - RULE-SET,📦 RU Intracountry VPN,RU Intracountry VPN @@ -1375,7 +1415,7 @@ rules: - RULE-SET,📦 Porn,Porn - RULE-SET,📦 Torrent Trackers,Torrent Trackers -# ———————————————————— by global service ———————————————————— # +# ———————————————————— by global service ———————————————————— # ————————————————————————————————————————————————————————— - RULE-SET,⬛ Yandex,Yandex - RULE-SET,⬛ VK,VK @@ -1384,7 +1424,7 @@ rules: - RULE-SET,⬛ Meta,Meta - RULE-SET,⬛ Microsoft,Microsoft -# ————————————————————— by cnd provider ————————————————————— # +# ————————————————————— by cnd provider ————————————————————— # ————————————————————————————————————————————————————————— - RULE-SET,🌐 Akamai,Akamai - RULE-SET,🌐 Amazon CloudFront,Amazon CloudFront - RULE-SET,🌐 Azure CDN,Azure CDN @@ -1392,32 +1432,32 @@ rules: - RULE-SET,🌐 Fastly,Fastly - RULE-SET,🌐 Google Cloud CDN,Google Cloud CDN -# ————————————————————— by private lists ———————————————————— # +# ————————————————————— by private lists ———————————————————— # ————————————————————————————————————————————————————————— - RULE-SET,📃 Persistent Proxy,Persistent Proxy - RULE-SET,📃 General Proxy Domain List,Adaptation - RULE-SET,📃 General Proxy IP List,Adaptation -# ————————————————————— community lists ————————————————————— # +# ————————————————————— community lists ————————————————————— # ————————————————————————————————————————————————————————— - RULE-SET,👥 Antifilter Community IP List,Antifilter - RULE-SET,👥 Antifilter Community Domain List,Antifilter - RULE-SET,👥 Antifilter IP List,Antifilter Extended -# ———————————————————————— adblocker ———————————————————————— # +# ———————————————————————— adblocker ———————————————————————— # ————————————————————————————————————————————————————————— - RULE-SET,🚫 Adblock List RU,Adblock 🇷🇺 - RULE-SET,🚫 Adblock List GL,Adblock 🗺️ -# ———————————— by service group (manual country) ———————————— # +# ———————————— by service group (manual country) ———————————— # ————————————————————————————————————————————————————————— - RULE-SET,📦 US Services Manual,US Services - RULE-SET,📦 EU Services Manual,EU Services - RULE-SET,📦 CN Services Manual,CN Services -# —————————————— force russian geoip to russia —————————————— # +# —————————————— force russian geoip to russia —————————————— # ————————————————————————————————————————————————————————— # - GEOIP,EU,EU Services # Split By Country - GEOIP,RU,RU Services # - GEOIP,US,US Services # - GEOIP,CN,CN Services -# ———————————————————— force other geoip ———————————————————— # +# ———————————————————— force other geoip ———————————————————— # ————————————————————————————————————————————————————————— - MATCH,FALLBACK # Epic \ No newline at end of file diff --git a/rule-provider/consolidated-lists-private/testzone-a.yaml b/rule-provider/consolidated-lists-private/testzone-a.yaml index 81a48dd..7b9503e 100644 --- a/rule-provider/consolidated-lists-private/testzone-a.yaml +++ b/rule-provider/consolidated-lists-private/testzone-a.yaml @@ -1,5 +1,2 @@ payload: - - DOMAIN-SUFFIX,ifconfig.me - - DOMAIN-SUFFIX,ipinfo.io - - DOMAIN-SUFFIX,pervertium.com - - DOMAIN-SUFFIX,tubesafari.com \ No newline at end of file + - SRC-IP-CIDR, 192.168.10.203/32 \ No newline at end of file diff --git a/rule-provider/consolidated-services/crypto.yaml b/rule-provider/consolidated-services/crypto.yaml index 73c7d63..34adb17 100644 --- a/rule-provider/consolidated-services/crypto.yaml +++ b/rule-provider/consolidated-services/crypto.yaml @@ -3,6 +3,9 @@ ##FETCH## payload: + # Own + - DOMAIN-SUFFIX,cryptocloud.plus + - DOMAIN-SUFFIX,payeer.com - DOMAIN-SUFFIX,pocket-exchange.com - DOMAIN-SUFFIX,volet.com diff --git a/rule-provider/consolidated-services/porn.yaml b/rule-provider/consolidated-services/porn.yaml index 2003f07..7c50c8c 100644 --- a/rule-provider/consolidated-services/porn.yaml +++ b/rule-provider/consolidated-services/porn.yaml @@ -60,4 +60,7 @@ payload: - DOMAIN-SUFFIX,vrninja.tv - DOMAIN-SUFFIX,sxyprn.net - DOMAIN-SUFFIX,fapcat.com - - DOMAIN-SUFFIX,redwap.me \ No newline at end of file + - DOMAIN-SUFFIX,redwap.me + + - DOMAIN-SUFFIX,pervertium.com + - DOMAIN-SUFFIX,tubesafari.com \ No newline at end of file