DaTekShaman/clash-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e8daad461196ff1faebda50dfe7dc172ddcfc889
clash-rules/config/dts-pontifex.yaml
DaTekShaman e8daad4611 Old updates
2025-05-03 15:58:46 +03:00

598 lines
20 KiB
YAML
Raw Blame History

# —————————————————————————————————— local proxy —————————————————————————————————
port: 7890
socks-port: 7891
redir-port: 7892
tproxy-port: 7893
mixed-port: 7893
allow-lan: true
bind-address: "*"
# authentication of local SOCKS5/HTTP(S) server
# authentication:
# - "user1:pass1"
# - "user2:pass2"
# —————————————————————————————— external controller —————————————————————————————
external-controller: 127.0.0.1:9090
secret: '314159271828'
external-ui: "/usr/share/openclash/ui"
authentication:
- dts-pontifex-clash:314159271828
# ———————————————————————————————————— general ———————————————————————————————————
mode: rule
ipv6: false
unified-delay: true
log-level: info
disable-keep-alive: true
# interface-name: en0 # Outbound interface name
# ————————————————————————————————————— hosts ————————————————————————————————————
hosts:
# ———————————————————————————————————— profile ———————————————————————————————————
profile:
store-selected: true
store-fake-ip: true
# ———————————————————————————————————— sniffer ———————————————————————————————————
sniffer:
enable: true
parse-pure-ip: true
# —————————————————————————————————————— dns —————————————————————————————————————
dns:
enable: true
listen: 0.0.0.0:53
default-nameserver:
- 114.114.114.114
- 8.8.8.8
enhanced-mode: fake-ip
fake-ip-range: 198.18.0.1/16
fake-ip-filter-mode: blacklist
fake-ip-filter:
# ———————————————————— self-hosted domains ———————————————————
- '*.lan'
- '*.dts'
- '*.webway.dts'
- '*.netbird.selfhosted'
- '*.shamanlanding.org'
- '*.retreat.shamanlanding.org'
- '*.hq.shamanlanding.org'
nameserver:
- https://purpose.shamanlanding.org/dns-query/dts-pontifex
- https://d.adguard-dns.com/dns-query/5ffb7de2
# If IP addresses resolved with servers in `nameservers` are in the specified
# subnets below, they are considered invalid and results from `fallback`
# servers are used instead.
#
# IP address resolved with servers in `nameserver` is used when
# `fallback-filter.geoip` is true and when GEOIP of the IP address is `CN`.
#
# If `fallback-filter.geoip` is false, results from `nameserver` nameservers
# are always used if not match `fallback-filter.ipcidr`.
#
# This is a countermeasure against DNS pollution attacks.
# fallback-filter:
# geoip: true
# geoip-code: CN
# ipcidr:
# - 240.0.0.0/4
# domain:
# - '+.google.com'
# - '+.facebook.com'
# - '+.youtube.com'
# Lookup domains via specific nameservers
# nameserver-policy:
# 'www.baidu.com': '114.114.114.114'
# '+.internal.crop.com': '10.0.0.1'
# ————————————————————————————————————— macro ————————————————————————————————————
health-check-for-providers: &health_check_for_providers
enable: true
interval: 600
url: http://www.gstatic.com/generate_204
health-check-for-selectors: &health_check_for_selectors
url: https://cp.cloudflare.com/generate_204
interval: 300
health-check-for-load-balancers: &health_check_for_load_balancers
url: https://cp.cloudflare.com/generate_204
interval: 300
default-rule-provider-config: &default_rule_provider_config
type: http
behavior: classical
interval: 86400
private-vpn-list: &private_vpn_list
- vless-estonia
- vless-serbia
p-vpn-list_balancer: &p_vpn_list_balancer
type: load-balance
strategy: sticky-sessions
proxies:
- vless-estonia
- vless-serbia
p-vpn-list_selector: &p_vpn_list_selector
type: select
proxies:
- vless-estonia
- vless-serbia
np-vpn-list_balancer: &np_vpn_list_balancer
type: load-balance
strategy: sticky-sessions
use:
- xfizz
- arza-1
- Un1c4d3
np-vpn-list_selector: &np_vpn_list_selector
type: select
use:
- xfizz
- arza-1
- Un1c4d3
default-private-proxies-lb-selector: &default_private_proxies_lb_selector
type: select
proxies:
- vless-estonia
- vless-serbia
- ⚖️ Personal VPN
# ————————————————————————————————— proxies list —————————————————————————————————
proxies:
# ————————————————————— direct wan routes ————————————————————
- name: "WAN A [Мегафон]"
type: direct
udp: true
ip-version: ipv4
interface-name: eth2
- name: "WAN B [РосТелеКом]"
type: direct
udp: true
ip-version: ipv4
interface-name: eth2
- name: "WAN C [Mobile]"
type: direct
udp: true
ip-version: ipv4
interface-name: eth2
# ——————————————————— private vpn services ———————————————————
- name: vless-serbia
type: vless
server: 38.180.101.70
port: 443
uuid: e31308a8-f7d3-4007-b077-6fd21e9c7310
udp: true
tls: true
client-fingerprint: chrome
servername: kingnews.rs
network: tcp
flow: xtls-rprx-vision
reality-opts:
public-key: xBnrKijFwmka88VI1xWYzUS9jT1SyA5UdJQ8vg5BZzw
short-id: a9a07155
- name: vless-estonia
type: vless
server: 37.252.4.126
port: 443
uuid: '028c65fd-9192-4adc-af68-e01fe5881cdd'
udp: true
tls: true
client-fingerprint: chrome
servername: yahoo.com
network: tcp
flow: xtls-rprx-vision
reality-opts:
public-key: HwuNN-BUkUm1acVf0POkJHyfSj9puyATJDIxcR_OfE4
short-id: '58024220'
# ———————————————————————————————— proxy providers ———————————————————————————————
proxy-providers:
# ——————————————————— private vpn services ———————————————————
# ——————————————————— non-personal services ——————————————————
#https://xfizz.cc/sublink/XzU0rRmBeOZtIPprW46f2ieNFcF8PJw9?name=1Y:2213
xfizz:
type: http
url: "https://gitea.shamanlanding.org/DaTekShaman/arcadia/raw/branch/main/CLASH%20RULES/proxy-providers/gofinn-test-account-full"
interval: 3600
proxy: DIRECT
path: "./proxy_provider/fizz-vpn.txt"
exclude-filter: "(?i)Наш TG|Истекает|@FizzVPN|UNAVAILABLE|EXPIRE"
override:
additional-prefix: "[F] "
additional-suffix: ""
health-check:
<<: *health_check_for_providers
#https://arza.top/sub/dGZjNHVlLDE3MzIzMDQ2MTYowA-efEYOh
arza-1:
type: http
url: "https://gitea.shamanlanding.org/DaTekShaman/arcadia/raw/branch/main/CLASH%20RULES/proxy-providers/arza"
interval: 3600
proxy: DIRECT
path: "./proxy_provider/arza.txt"
exclude-filter: "(?i)Наш TG|Истекает|UNAVAILABLE"
override:
additional-prefix: "[A] "
additional-suffix: ""
health-check:
<<: *health_check_for_providers
#https://subs.un1c4d3.ru:52478/sub/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJQTF9WTFNTX0FMTDIxMCIsImFjY2VzcyI6InN1YnNjcmlwdGlvbiIsImlhdCI6MTczNzgwMDQwOH0.mPr4BSMMpo1mrlZPvB34IRGcn2mHOZetHXaZyebirT4
Un1c4d3:
type: http
url: "https://gitea.shamanlanding.org/DaTekShaman/arcadia/raw/branch/main/CLASH%20RULES/proxy-providers/Un1c4d3"
interval: 3600
proxy: DIRECT
path: "./proxy_provider/Un1c4d3.txt"
exclude-filter: "(?i)Наш TG|Истекает|EXPIRE|TELEGRAM|UNAVAILABLE"
override:
additional-prefix: "[U] "
additional-suffix: ""
health-check:
<<: *health_check_for_providers
# ————————————————————————————————— proxy groups —————————————————————————————————
proxy-groups:
# ————————————————————————— fallback —————————————————————————
- name: "Automatic Fallback Route"
type: fallback
proxies:
- DIRECT
hidden: true
url: 'https://cp.cloudflare.com/generate_204'
interval: 300
# ————————————————————— direct wan routes ————————————————————
- name: ⚖️ AB
type: load-balance
disable-udp: false
proxies:
- WAN A [Мегафон]
- WAN B [РосТелеКом]
hidden: true
- name: ⚖️ ABC
type: load-balance
disable-udp: false
proxies:
- WAN A [Мегафон]
- WAN B [РосТелеКом]
- WAN C [Mobile]
hidden: true
# ————————————————————— direct selectors —————————————————————
- name: 🖥️ LAN Clients
type: select
disable-udp: false
proxies:
- ⚖️ AB
- ⚖️ ABC
- WAN A [Мегафон]
- WAN B [РосТелеКом]
- WAN C [Mobile]
- name: 🛋️ IOT Clients
type: select
disable-udp: false
proxies:
- 🖥️ LAN Clients
- ⚖️ AB
- ⚖️ ABC
- WAN A [Мегафон]
- WAN B [РосТелеКом]
- WAN C [Mobile]
- name: 👾 Unprivileged Webway
type: select
disable-udp: false
proxies:
- 🖥️ LAN Clients
- ⚖️ AB
- ⚖️ ABC
- WAN A [Мегафон]
- WAN B [РосТелеКом]
- WAN C [Mobile]
- name: 🌟 Privileged Webway
type: select
disable-udp: false
proxies:
- 🖥️ LAN Clients
- ⚖️ AB
- ⚖️ ABC
- WAN A [Мегафон]
- WAN B [РосТелеКом]
- WAN C [Mobile]
# —————————————— load balancers for personal vpn —————————————
- name: ⚖️ Personal VPN
<<: *p_vpn_list_balancer
<<: *health_check_for_load_balancers
# ———————————— load balancers for non-personal vpn ———————————
- name: ⚖️ Russian
<<: *np_vpn_list_balancer
disable-udp: false
filter: "(?i)Russia"
<<: *health_check_for_load_balancers
- name: ⚖️ Europe
<<: *np_vpn_list_balancer
disable-udp: false
filter: "(?i)NL|Finland|Estonia|France|Germany|Sweden|Ireland"
<<: *health_check_for_load_balancers
- name: ⚖️ USA
<<: *np_vpn_list_balancer
disable-udp: false
filter: "(?i)USA|Canada"
<<: *health_check_for_load_balancers
- name: ⚖️ Asia
<<: *np_vpn_list_balancer
disable-udp: false
filter: "(?i)Hong Kong|China|Malaysia|Philippines|Japan|Singapore"
<<: *health_check_for_load_balancers
- name: ⚖️ High Bandwidth
<<: *np_vpn_list_balancer
disable-udp: false
filter: "(?i)10 Gbit"
<<: *health_check_for_load_balancers
- name: ⚖️ Fast Servers
<<: *np_vpn_list_balancer
disable-udp: false
filter: "(?i)Low Ping"
<<: *health_check_for_load_balancers
# ————————————— global selectors for personal vpn ————————————
- name: 🔢 Personal VPN
<<: *p_vpn_list_selector
disable-udp: false
<<: *health_check_for_selectors
# ——————————— global selectors for non-personal vpn ——————————
- name: 🔢 Russian
<<: *np_vpn_list_selector
disable-udp: false
filter: "(?i)Russia"
<<: *health_check_for_selectors
- name: 🔢 Europe
<<: *np_vpn_list_selector
disable-udp: false
filter: "(?i)NL|Finland|Estonia|France|Germany|Sweden|Ireland|Moldova"
<<: *health_check_for_selectors
- name: 🔢 USA
<<: *np_vpn_list_selector
disable-udp: false
filter: "(?i)USA|Canada"
<<: *health_check_for_selectors
- name: 🔢 Asia
<<: *np_vpn_list_selector
disable-udp: false
filter: "(?i)Hong Kong|China|Malaysia|Philippines|Japan|Singapore"
<<: *health_check_for_selectors
- name: 🔢 Kazakhstan
<<: *np_vpn_list_selector
disable-udp: false
filter: "(?i)Kazakhstan|KZ"
<<: *health_check_for_selectors
- name: 🔢 All non-personal
<<: *np_vpn_list_selector
disable-udp: false
filter: ""
<<: *health_check_for_selectors
- name: 🔢 Gaming
<<: *np_vpn_list_selector
disable-udp: false
filter: "(?i)game"
<<: *health_check_for_selectors
- name: 🔢 Torrent Compliant
<<: *np_vpn_list_selector
disable-udp: false
filter: "(?i)torrent"
<<: *health_check_for_selectors
- name: 🔢 TOR Compliant
<<: *np_vpn_list_selector
disable-udp: false
filter: "(?i)TOR✅"
<<: *health_check_for_selectors
- name: 🔢 Fast Servers
<<: *np_vpn_list_selector
disable-udp: false
filter: "(?i)10 Gbit|10Gbit"
<<: *health_check_for_selectors
# —————————— selectors for unprivileged webway rules —————————
# ——————— selectors for local & privileged webway rules ——————
- name: YouTube [LAN]
type: select
proxies:
- 🔢 Russian
- 🔢 Personal VPN
- 🔢 Europe
- ⚖️ Europe
- ⚖️ Russian
- ⚖️ Personal VPN
<<: *health_check_for_selectors
- name: Adaptaion
type: select
proxies:
- 🔢 Fast Servers
- 🔢 Personal VPN
- 🔢 Europe
- ⚖️ Fast Servers
- ⚖️ Personal VPN
- ⚖️ Europe
<<: *health_check_for_selectors
- name: Antifilter
type: select
proxies:
- 🔢 Fast Servers
- 🔢 Personal VPN
- 🔢 Europe
- ⚖️ Fast Servers
- ⚖️ Personal VPN
- ⚖️ Europe
<<: *health_check_for_selectors
- name: Discord
type: select
disable-udp: false
proxies:
- 🔢 Fast Servers
- 🔢 Personal VPN
- 🔢 Europe
- ⚖️ Fast Servers
- ⚖️ Personal VPN
- ⚖️ Europe
<<: *health_check_for_selectors
- name: USA Services
type: select
disable-udp: false
proxies:
- 🔢 USA
- 🔢 Personal VPN
- ⚖️ USA
- ⚖️ Personal VPN
<<: *health_check_for_selectors
- name: Notion
type: select
proxies:
- vless-estonia
- vless-serbia
<<: *health_check_for_selectors
- name: Testzone A
type: select
proxies:
- 🔢 All non-personal
- 🔢 Russian
- 🔢 Europe
- 🔢 USA
- 🔢 Asia
- 🔢 Kazakhstan
- ⚖️ Europe
- ⚖️ USA
- ⚖️ Asia
- ⚖️ Fast Servers
- ⚖️ Personal VPN
<<: *health_check_for_selectors
# ———————————————————————————————— rule providers ————————————————————————————————
rule-providers:
# ———————————————————————— gitea lists ———————————————————————
AI Stuff (Western):
url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/2005-lpu-ai-stuff-western.yaml # AI Stuff
path: "./rule_provider/2005-lpu-ai-stuff-western.yaml"
<<: *default_rule_provider_config
Discord:
url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/2005-lpu-ai-stuff-western.yaml # AI Stuff
path: "./rule_provider/discord.yaml"
<<: *default_rule_provider_config
Notion:
url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/2000-lpu-notion.yaml # Notion
path: "./rule_provider/2000-lpu-notion.yaml"
<<: *default_rule_provider_config
Youtube:
url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/1003-lpx-youtube.yaml # Youtube
path: "./rule_provider/1003-lpx-youtube.yaml"
<<: *default_rule_provider_config
Testzone A:
url: https://gitea.shamanlanding.org/DaTekShaman/arcadia/raw/branch/main/CLASH%20RULES/rule-providers/ip-test.yaml
path: "./rule_provider/0000-lpx-testzone-a.yaml"
<<: *default_rule_provider_config
USA Services:
url: https://gitea.shamanlanding.org/DaTekShaman/arcadia/raw/branch/main/CLASH%20RULES/rule-providers/usa-services.yaml
path: "./rule_provider/usa-services.yaml"
<<: *default_rule_provider_config
# —————————————————————— adaptaion lists —————————————————————
General Direct Domain List:
url: http://purpose.shamanlanding.org:9999/direct-domain.yaml
path: "./ruleset/0001-lpu-direct-domain.yaml"
<<: *default_rule_provider_config
General Direct IP List:
url: http://purpose.shamanlanding.org:9999/direct-ip.yaml
path: "./ruleset/0001-lpu-direct-ip.yaml"
<<: *default_rule_provider_config
General Proxy Domain List:
url: http://purpose.shamanlanding.org:9999/proxy-domain.yaml
path: "./ruleset/0002-lpx-adaptation-domain-proxy.yaml"
<<: *default_rule_provider_config
General Proxy IP List:
url: http://purpose.shamanlanding.org:9999/proxy-ip.yaml
path: "./ruleset/0002-lpx-adaptation-ip-proxy.yaml"
<<: *default_rule_provider_config
# ————————————————— antifilter community list ————————————————
Antifilter IP List:
url: http://purpose.shamanlanding.org:9999/antifilter-ip.yaml
path: "./ruleset/9998-lpx-antifilter-ip-proxy.yaml"
<<: *default_rule_provider_config
Antifilter Community IP List:
url: http://purpose.shamanlanding.org:9999/antifilter-community-ip.yaml
path: "./ruleset/9999-lpx-antifilter-community-ip-proxy.yaml"
<<: *default_rule_provider_config
Antifilter Community Domain List:
url: http://purpose.shamanlanding.org:9999/antifilter-community-domain.yaml
path: "./ruleset/9998-lpx-antifilter-domain-proxy.yaml"
<<: *default_rule_provider_config
# ————————————————————————————————————— rules ————————————————————————————————————
rules:
# —————————————————————— by application ——————————————————————
- RULE-SET,Youtube,YouTube [LAN]
- RULE-SET,Notion,Notion
- RULE-SET,Testzone A,Testzone A
- RULE-SET,AI Stuff (Western),Testzone A
- RULE-SET,Discord,Discord
- RULE-SET,USA Services,USA Services
# —————————————————————— adaptaion lists —————————————————————
- RULE-SET,General Direct Domain List,🖥️ LAN Clients
- RULE-SET,General Direct IP List,🖥️ LAN Clients
- RULE-SET,General Proxy Domain List,Adaptaion
- RULE-SET,General Proxy IP List,Adaptaion
- RULE-SET,Antifilter IP List,Antifilter
- RULE-SET,Antifilter Community IP List,Antifilter
- RULE-SET,Antifilter Community Domain List,Antifilter
- MATCH,🖥️ LAN Clients
Reference in New Issue View Git Blame Copy Permalink