309 lines
12 KiB
YAML
309 lines
12 KiB
YAML
# —————————————————————————————————— local proxy —————————————————————————————————
|
|
port: 7890
|
|
socks-port: 7891
|
|
redir-port: 7892
|
|
tproxy-port: 7893
|
|
mixed-port: 7893
|
|
allow-lan: true
|
|
bind-address: "*"
|
|
# authentication of local SOCKS5/HTTP(S) server
|
|
# authentication:
|
|
# - "user1:pass1"
|
|
# - "user2:pass2"
|
|
|
|
# —————————————————————————————— external controller —————————————————————————————
|
|
external-controller: 127.0.0.1:9090
|
|
secret: '314159271828'
|
|
external-ui: "/usr/share/openclash/ui"
|
|
authentication:
|
|
- dts-pontifex-clash:314159271828
|
|
|
|
# ———————————————————————————————————— general ———————————————————————————————————
|
|
mode: rule
|
|
ipv6: false
|
|
unified-delay: true
|
|
log-level: info
|
|
disable-keep-alive: true
|
|
# interface-name: en0 # Outbound interface name
|
|
|
|
# ————————————————————————————————————— hosts ————————————————————————————————————
|
|
hosts:
|
|
|
|
# ———————————————————————————————————— profile ———————————————————————————————————
|
|
profile:
|
|
store-selected: true
|
|
store-fake-ip: true
|
|
|
|
# ———————————————————————————————————— sniffer ———————————————————————————————————
|
|
sniffer:
|
|
enable: true
|
|
parse-pure-ip: true
|
|
|
|
# —————————————————————————————————————— dns —————————————————————————————————————
|
|
dns:
|
|
enable: true
|
|
listen: 0.0.0.0:53
|
|
default-nameserver:
|
|
- 114.114.114.114
|
|
- 8.8.8.8
|
|
enhanced-mode: fake-ip
|
|
fake-ip-range: 198.18.0.1/16
|
|
fake-ip-filter-mode: blacklist
|
|
fake-ip-filter:
|
|
# ———————————————————— self-hosted domains ———————————————————
|
|
- '*.lan'
|
|
- '*.dts'
|
|
- '*.webway.dts'
|
|
- '*.netbird.selfhosted'
|
|
- '*.shamanlanding.org'
|
|
- '*.retreat.shamanlanding.org'
|
|
- '*.hq.shamanlanding.org'
|
|
nameserver:
|
|
- https://purpose.shamanlanding.org/dns-query/dts-pontifex
|
|
|
|
# If IP addresses resolved with servers in `nameservers` are in the specified
|
|
# subnets below, they are considered invalid and results from `fallback`
|
|
# servers are used instead.
|
|
#
|
|
# IP address resolved with servers in `nameserver` is used when
|
|
# `fallback-filter.geoip` is true and when GEOIP of the IP address is `CN`.
|
|
#
|
|
# If `fallback-filter.geoip` is false, results from `nameserver` nameservers
|
|
# are always used if not match `fallback-filter.ipcidr`.
|
|
#
|
|
# This is a countermeasure against DNS pollution attacks.
|
|
# fallback-filter:
|
|
# geoip: true
|
|
# geoip-code: CN
|
|
# ipcidr:
|
|
# - 240.0.0.0/4
|
|
# domain:
|
|
# - '+.google.com'
|
|
# - '+.facebook.com'
|
|
# - '+.youtube.com'
|
|
# Lookup domains via specific nameservers
|
|
# nameserver-policy:
|
|
# 'www.baidu.com': '114.114.114.114'
|
|
# '+.internal.crop.com': '10.0.0.1'
|
|
|
|
# ————————————————————————————————————— macro ————————————————————————————————————
|
|
health-check-1min-gstatic: &health_check_1min_gstatic
|
|
enable: true
|
|
interval: 600
|
|
url: http://www.gstatic.com/generate_204
|
|
|
|
default-rule-provider-config: &default_rule_provider_config
|
|
type: http
|
|
behavior: classical
|
|
interval: 86400
|
|
|
|
|
|
# ————————————————————————————————— proxies list —————————————————————————————————
|
|
proxies:
|
|
# ————————————————————— direct wan routes ————————————————————
|
|
- name: "Direct WAN A [Мегафон]"
|
|
type: direct
|
|
udp: true
|
|
ip-version: ipv4
|
|
interface-name: eth2
|
|
- name: "Direct WAN B [РосТелеКом]"
|
|
type: direct
|
|
udp: true
|
|
ip-version: ipv4
|
|
interface-name: eth2
|
|
- name: "Direct WAN C [Мобильная сеть]"
|
|
type: direct
|
|
udp: true
|
|
ip-version: ipv4
|
|
interface-name: eth2
|
|
|
|
# ——————————————————— private vpn services ———————————————————
|
|
- name: vless-serbia
|
|
type: vless
|
|
server: 38.180.101.70
|
|
port: 443
|
|
uuid: e31308a8-f7d3-4007-b077-6fd21e9c7310
|
|
udp: false
|
|
tls: true
|
|
client-fingerprint: chrome
|
|
servername: kingnews.rs
|
|
network: tcp
|
|
flow: xtls-rprx-vision
|
|
reality-opts:
|
|
public-key: xBnrKijFwmka88VI1xWYzUS9jT1SyA5UdJQ8vg5BZzw
|
|
short-id: a9a07155
|
|
|
|
- name: vless-estonia
|
|
type: vless
|
|
server: 37.252.4.126
|
|
port: 443
|
|
uuid: '028c65fd-9192-4adc-af68-e01fe5881cdd'
|
|
udp: false
|
|
tls: true
|
|
client-fingerprint: chrome
|
|
servername: yahoo.com
|
|
network: tcp
|
|
flow: xtls-rprx-vision
|
|
reality-opts:
|
|
public-key: HwuNN-BUkUm1acVf0POkJHyfSj9puyATJDIxcR_OfE4
|
|
short-id: '58024220'
|
|
|
|
|
|
# ———————————————————————————————— proxy providers ———————————————————————————————
|
|
proxy-providers:
|
|
# ——————————————————— private vpn services ———————————————————
|
|
|
|
|
|
# ——————————————————— non-personal services ——————————————————
|
|
full-xfinn-test:
|
|
type: http
|
|
url: "https://gitea.shamanlanding.org/DaTekShaman/arcadia/raw/branch/main/CLASH%20RULES/proxy-providers/gofinn-test-account-full"
|
|
interval: 3600
|
|
proxy: DIRECT
|
|
path: "./proxy_provider/gofinn-test-acoount-full.txt"
|
|
health-check:
|
|
<<: *health_check_1min_gstatic
|
|
|
|
# ————————————————————————————————— proxy groups —————————————————————————————————
|
|
proxy-groups:
|
|
# ————————————————————————— fallback —————————————————————————
|
|
- name: "Automatic Fallback Route"
|
|
type: fallback
|
|
proxies:
|
|
- DIRECT
|
|
url: 'https://cp.cloudflare.com/generate_204'
|
|
interval: 300
|
|
|
|
# ————————————————————— direct wan routes ————————————————————
|
|
- name: Direct Multi-WAN Load Balancer [AB]
|
|
type: load-balancer
|
|
disable-udp: false
|
|
proxies:
|
|
- Direct WAN A [Мегафон]
|
|
- Direct WAN B [РосТелеКом]
|
|
|
|
- name: Direct Route for Unprivileged Webway Clients
|
|
type: select
|
|
disable-udp: false
|
|
proxies:
|
|
- Direct WAN A [Мегафон]
|
|
- Direct WAN B [РосТелеКом]
|
|
|
|
- name: Direct Route for Privileged Webway Clients
|
|
type: select
|
|
disable-udp: false
|
|
proxies:
|
|
- Direct WAN A [Мегафон]
|
|
- Direct WAN B [РосТелеКом]
|
|
|
|
- name: Direct Route for LAN Clients
|
|
type: select
|
|
disable-udp: false
|
|
proxies:
|
|
- Direct Multi-WAN Load Balancer [AB]
|
|
- Direct WAN A [Мегафон]
|
|
- Direct WAN B [РосТелеКом]
|
|
- Direct WAN C [Мобильная сеть]
|
|
|
|
- name: Direct Route for IOT Clients
|
|
type: select
|
|
disable-udp: false
|
|
proxies:
|
|
- Direct Multi-WAN Load Balancer [AB]
|
|
- Direct WAN A [Мегафон]
|
|
- Direct WAN B [РосТелеКом]
|
|
- Direct WAN C [Мобильная сеть]
|
|
|
|
# ————————————————————————— selectors ————————————————————————
|
|
|
|
- name: YouTube for LAN Clients
|
|
type: select
|
|
use:
|
|
- full-xfinn-test
|
|
proxies:
|
|
- vless-estonia
|
|
- vless-serbia
|
|
url: https://cp.cloudflare.com/generate_204
|
|
interval: 300
|
|
|
|
- name: Testzone A
|
|
type: select
|
|
use:
|
|
- full-xfinn-test
|
|
proxies:
|
|
- vless-estonia
|
|
- vless-serbia
|
|
url: https://cp.cloudflare.com/generate_204
|
|
interval: 300
|
|
|
|
# ———————————————————————————————— rule providers ————————————————————————————————
|
|
rule-providers:
|
|
|
|
# ———————————————————— external providers ————————————————————
|
|
AI Stuff:
|
|
url: https://testingcf.jsdelivr.net/gh/dler-io/Rules@main/Clash/Provider/AI%20Suite.yaml # AI Stuff
|
|
path: "./rule_provider/ai-stuff.yaml"
|
|
<<: *default_rule_provider_config
|
|
|
|
Notion:
|
|
url: https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Clash/Notion/Notion.yaml # Notion
|
|
path: "./rule_provider/notion.yaml"
|
|
<<: *default_rule_provider_config
|
|
|
|
Youtube:
|
|
url: https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Clash/Notion/Notion.yaml # Youtube
|
|
path: "./rule_provider/youtube.yaml"
|
|
<<: *default_rule_provider_config
|
|
|
|
# ———————————————————— internal providers ————————————————————
|
|
Testzone A:
|
|
url: https://gitea.shamanlanding.org/DaTekShaman/arcadia/raw/branch/main/CLASH%20RULES/rule-providers/ip-test.yaml
|
|
path: "./rule_provider/0000-lpx-testzone-a.yaml"
|
|
<<: *default_rule_provider_config
|
|
General Direct Domain List:
|
|
url: http://purpose.shamanlanding.org:9999/direct-domain.yaml
|
|
path: "./ruleset/direct-domain.yaml"
|
|
<<: *default_rule_provider_config
|
|
General Direct IP List:
|
|
url: http://purpose.shamanlanding.org:9999/direct-ip.yaml
|
|
path: "./ruleset/direct-ip.yaml"
|
|
<<: *default_rule_provider_config
|
|
General Proxy Domain List:
|
|
url: http://purpose.shamanlanding.org:9999/proxy-domain.yaml
|
|
path: "./ruleset/proxy-domain.yaml"
|
|
<<: *default_rule_provider_config
|
|
General Proxy IP List:
|
|
url: http://purpose.shamanlanding.org:9999/proxy-ip.yaml
|
|
path: "./ruleset/proxy-ip.yaml"
|
|
<<: *default_rule_provider_config
|
|
|
|
# ————————————————— antifilter community list ————————————————
|
|
Antifilter IP List:
|
|
url: http://purpose.shamanlanding.org:9999/antifilter-ip.yaml
|
|
path: "./ruleset/antifilter-ip.yaml"
|
|
<<: *default_rule_provider_config
|
|
Antifilter Community IP List:
|
|
url: http://purpose.shamanlanding.org:9999/antifilter-community-ip.yaml
|
|
path: "./ruleset/antifilter-community-ip.yaml"
|
|
<<: *default_rule_provider_config
|
|
Antifilter Community Domain List:
|
|
url: http://purpose.shamanlanding.org:9999/antifilter-community-domain.yaml
|
|
path: "./ruleset/antifilter-community-domain.yaml"
|
|
<<: *default_rule_provider_config
|
|
|
|
# ————————————————————————————————————— rules ————————————————————————————————————
|
|
rules:
|
|
|
|
- RULE-SET,Youtube,YouTube for LAN Clients
|
|
- RULE-SET,Testzone A,Testzone A
|
|
|
|
- RULE-SET,General Direct Domain List,Direct Route for LAN Clients
|
|
- RULE-SET,General Direct IP List,Direct Route for LAN Clients
|
|
- RULE-SET,General Proxy Domain List,Testzone A
|
|
- RULE-SET,General Proxy IP List,Testzone A
|
|
|
|
- RULE-SET,Antifilter IP List,Testzone A
|
|
- RULE-SET,Antifilter Community IP List,Testzone A
|
|
- RULE-SET,Antifilter Community Domain List,Testzone A
|
|
|
|
- MATCH,Direct Route for LAN Clients |