zeaslity/shell-scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

clash新规则 新增CN2GIA节点

Browse Source
This commit is contained in:
zeaslity
2025-08-22 18:00:42 +08:00
parent 4313a200c0
commit b9be57adfc
17 changed files with 5266 additions and 4346 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
0-部署应用/Seoul-arm64-02/Vaultwarden+CloudflareTunnel/vaultwarden-dockercompose.yaml
View File

@@ -2,7 +2,7 @@ version: '3.3'
services:
vaultwarden:
image: vaultwarden/server:alpine
image: vaultwarden/server:1.34.3-alpine
container_name: vault-warden
restart: always
environment:

6
1-代理Xray/0-主机网络优化/内核转发优化.txt
View File

@@ -69,7 +69,7 @@ sudo sysctl -p /etc/sysctl.d/proxy-wdd.conf
sysctl net.ipv4.tcp_congestion_control
sudo ethtool -K ens3 gro on
sudo ethtool -K ens3 gso on
sudo ethtool -K ens3 tso on
sudo ethtool -K enp3s0 gro on
sudo ethtool -K enp3s0 gso on
sudo ethtool -K enp3s0 tso on

106
1-代理Xray/10-clash规则/0-clash-rule.yaml Normal file
View File

@@ -0,0 +1,106 @@
# -----------------------------------------------------------------------------
# Clash 优化配置文件 (Optimized Clash Configuration File)
#
# 本配置旨在解决国内网站访问慢、DNS 解析超时等常见问题。
# 核心思想:通过精细化的 DNS 配置,实现国内外域名智能分流解析,
# 配合高效的规则集,达到最佳的网络访问体验。
# -----------------------------------------------------------------------------
# [通用设置] General Settings
# 混合端口:同时支持 HTTP 和 SOCKS5 代理协议。
mixed-port: 7890
# 允许局域网连接:允许同一局域网下的其他设备通过此 Clash 实例上网。
allow-lan: true
# 模式rule规则模式根据规则进行分流。
mode: rule
# 日志级别info。记录一般信息和错误方便排查问题。可选silent, error, warning, info, debug。
log-level: info
# 外部控制器:用于连接 Dashboard 面板进行图形化管理。
external-controller: '127.0.0.1:9090'
# --- 这是解决所有问题的关键部分 ---
dns:
# [总开关] 启用 Clash 内置的 DNS 服务器。必须为 true 才能使后续所有 DNS 设置生效。
enable: true
# [监听地址] DNS 服务器监听的地址和端口。'0.0.0.0:53' 表示允许局域网内其他设备使用 Clash 作为 DNS 服务器。
# 如果你只希望本机使用,可以改为 '127.0.0.1:53'。
listen: 0.0.0.0:53
# [IPv6 解析] 禁用 IPv6 解析。在国内大部分网络环境下,禁用可以避免不必要的解析延迟和连接问题。
ipv6: false
# [增强模式] 强烈推荐使用 fake-ip 模式,尤其是在开启 TUN 模式时。
# 它能通过返回虚假 IP 地址来接管所有应用的 DNS 请求,从而实现基于域名的精细化规则代理。
# 这是解决非代理感知程序(如命令行工具、某些桌面应用)代理问题的最佳方案。
enhanced-mode: fake-ip
# [Fake IP 地址池] fake-ip 模式使用的虚假 IP 地址范围。通常无需修改。
fake-ip-range: 198.18.0.1/16
# 仅用于解析下方 nameserver 和 fallback 中的 DoH/DoT 域名。必须使用纯 IP 地址。
# 这里选用可靠的国内公共 DNS。
default-nameserver:
- 223.5.5.5
- 119.29.29.29
# 用于解析国内域名。并发请求,谁快用谁。
# 使用国内的 DoH (DNS over HTTPS) 服务可以有效防止运营商劫持,且解析国内 CDN 准确、迅速。
nameserver:
- https://doh.pub/dns-query # 腾讯 DNSPod (DoH)
- https://dns.alidns.com/dns-query # 阿里 DNS (DoH)
# 当 nameserver 的解析结果被 fallback-filter 判定为污染时,将使用此组 DNS。
# 必须使用国外的、无污染的加密 DNS 服务,以确保能正确解析被 GFW 干扰的域名。
fallback:
- https://dns.google/dns-query # Google DNS (DoH)
- https://1.1.1.1/dns-query # Cloudflare DNS (DoH)
- tls://8.8.4.4:853 # Google DNS (DoT)
# [抗污染过滤器] 这是实现国内外智能分流的核心。
fallback-filter:
# [启用 GeoIP 过滤] 必须为 true。
geoip: true
# [GeoIP 信任代码] 仅当 nameserver 解析出的 IP 地址地理位置为中国 (CN) 时,才信任该结果。
# 如果解析出的 IP 在国外,则判定为 DNS 污染,转而使用 fallback 组的结果。
geoip-code: CN
# [代理节点] Proxies
# 此处请填写你自己的代理服务器信息。以下为示例格式。
proxies:
- name: "My-Proxy-Server-01"
type: ss
server: server_address
port: 443
cipher: aes-256-gcm
password: "password"
udp: true
# [代理组] Proxy Groups
# 用于组织代理节点,实现负载均衡、自动故障切换等策略。
proxy-groups:
- name: "PROXY"
type: select
proxies:
- "My-Proxy-Server-01"
- DIRECT
# [规则集] Rules
# 规则按从上到下的顺序进行匹配。
rules:
# 广告拦截
- DOMAIN-SUFFIX,ad.com,REJECT
# 常用国内网站直连
- DOMAIN-SUFFIX,cn,DIRECT
- DOMAIN-SUFFIX,163.com,DIRECT
- DOMAIN-SUFFIX,126.com,DIRECT
- DOMAIN-SUFFIX,qq.com,DIRECT
- DOMAIN-SUFFIX,tencent.com,DIRECT
- DOMAIN-SUFFIX,baidu.com,DIRECT
- DOMAIN-SUFFIX,taobao.com,DIRECT
- DOMAIN-SUFFIX,alipay.com,DIRECT
- DOMAIN-SUFFIX,jd.com,DIRECT
- DOMAIN-SUFFIX,zhihu.com,DIRECT
- DOMAIN-SUFFIX,weibo.com,DIRECT
- DOMAIN-SUFFIX,bilibili.com,DIRECT
# 局域网地址直连
- IP-CIDR,192.168.0.0/16,DIRECT
- IP-CIDR,10.0.0.0/8,DIRECT
- IP-CIDR,172.16.0.0/12,DIRECT
- IP-CIDR,127.0.0.0/8,DIRECT
# 中国大陆 IP 地址直连
- GEOIP,CN,DIRECT
# 剩余所有流量走代理
- MATCH,PROXY

663
1-代理Xray/10-clash规则/1-clash-expert-rule.yaml Normal file
View File

@@ -0,0 +1,663 @@
#--------------------------------------------------------------------------------#
# Clash 专家级配置文件 (适配 Clash.Meta 核心) #
#--------------------------------------------------------------------------------#
#
# 本配置文件专为在中国大陆网络环境中使用而设计,旨在提供一套自动化、智能化、高可用性
# 的网络流量管理方案。
#
# 核心特性:
# 1. TUN 模式: 接管系统所有网络流量,实现真正的全局透明代理。
# 2. 规则集 (Rule Providers): 动态从网络加载和更新分流规则,免去手动维护烦恼。
# 3. 分割 DNS (Split DNS): 智能区分国内外域名解析,有效抗 DNS 污染,兼顾速度与准确性。
# 4. 逻辑化规则排序: 通过精心设计的规则匹配顺序,实现精确的流量控制。
#
#--------------------------------------------------------------------------------#
#----------------#
# 常规配置 #
#----------------#
# HTTP 代理端口
port: 7890
# SOCKS5 代理端口
socks-port: 7891
# 允许局域网连接,设为 true 后,局域网内其他设备可将本机作为网关使用
allow-lan: true
# 代理模式rule 表示规则模式,是本配置的核心
mode: rule
# 日志级别info 级别提供了足够的信息且不过于冗长
log-level: info
# 外部控制器,用于让 GUI 客户端 (如 Clash Verge) 或 WebUI (如 yacd) 控制 Clash 核心
external-controller: '127.0.0.1:9090'
# 外部 UI指定一个 WebUI 面板的目录,'dashboard' 是一个常见的选择
# external-ui: dashboard
#----------------#
# DNS 配置 #
#----------------#
# DNS 模块是实现智能分流和抗污染的关键
dns:
# 启用 DNS 服务器
enable: true
# 监听地址,'0.0.0.0:53' 使 Clash DNS 可为局域网内其他设备服务
# 如果只为本机服务,可设为 '127.0.0.1:53'
listen: 0.0.0.0:53
# 优先使用 IPv4 DNS 解析
ipv6: false
# 增强模式fake-ip 是 TUN 模式下实现域名路由的基石
# 它会为域名分配一个虚假的 IP 地址,使 Clash 能在 IP 层识别出原始域名
enhanced-mode: fake-ip
# Fake-IP 地址池,使用 IETF 保留的地址段,避免与公网地址冲突
fake-ip-range: 198.18.0.1/16
# Fake-IP 例外名单对于这些域名Clash 将返回其真实的 IP 地址
# 这对于一些无法处理 Fake-IP 的内网服务或特定应用至关重要
fake-ip-filter:
- '*.lan'
- '*.local'
- '*.arpa'
- time.*.com
- ntp.*.com
- time.*.com
- +.market.xiaomi.com
- localhost.ptlogin2.qq.com
- '*.msftncsi.com'
- www.msftconnecttest.com
# [核心优化] 默认 DNS 服务器 (IP 格式)
# 用于解析 nameserver 和 fallback 中的 DNS 服务器域名,以及代理节点的域名。
# 必须使用纯 IP 地址,这是打破解析死锁、解决 DNS 超时问题的关键。
default-nameserver:
- 119.29.29.29
- 223.5.5.5
# [优化] 主 DNS 服务器列表 (国内,加密 DoH)
# 会与 Fallback DNS 并发请求,如果返回的 IP 是国内 IP则立即采用速度快
# 使用加密 DNS 替代传统 UDP DNS增强解析的稳定性和抗干扰性。
nameserver:
- https://doh.pub/dns-query # 腾讯 DoH DNS
- https://dns.alidns.com/dns-query # 阿里 DoH DNS
# 备用 DNS 服务器列表 (国外,加密)
# 用于解析国外域名。当主 DNS 返回国外 IP 时Clash 会认为可能被污染,
# 并采用 Fallback DNS 的解析结果,以确保准确性
fallback:
- https://dns.google/dns-query # Google DNS (DoH)
- https://1.1.1.1/dns-query # Cloudflare DNS (DoH)
- tls://8.8.4.4:853 # Google DNS (DoT)
# Fallback DNS 例外名单,匹配此列表的域名将只使用主 DNS 解析
fallback-filter:
geoip: true
geoip-code: CN # 如果是国内的网址使用nameserver解析到的地址
rule-set: direct
# Lookup domains via specific nameservers
# 以下规则强制所有已知国内域名走最快的 IP DNS彻底解决国内域名解析超时。
nameserver-policy:
'rule-set:direct':
- 119.29.29.29
- 223.5.5.5
- 114.114.114.114
'rule-set:apple':
- 119.29.29.29
- 223.5.5.5
'rule-set:icloud':
- 119.29.29.29
- 223.5.5.5
+.hq.cmcc:
- '192.168.78.39'
+.ops.uavcmlc.com:
- '192.168.34.40'
+.uavcmlc.com:
- '192.168.34.40'
ir.hq.cmcc:
- '192.168.78.39'
oa.cdcyy.cn:
- '192.168.78.39'
# 使用系统的hosts文件
use-system-hosts: true
# 请求DoH的DNS时 使用http3访问
prefer-h3: false
# DNS也遵循规则进行解析
respect-rules: false
# 代理的DNS解析地址
proxy-server-nameserver:
- 'https://dns.google/dns-query'
- 'https://1.1.1.1/dns-query'
# 直连模式下的DNS服务器
direct-nameserver:
- 119.29.29.29 # 腾讯 DNSPod
- 114.114.114.114 # 114 DNS
- 223.5.5.5 # 阿里 DNS
# 禁止远程调试
external-controller-cors: {}
##----------------#
## TUN 模式配置 #
##----------------#
## TUN 模式通过创建虚拟网卡,在系统网络层接管所有流量
#tun:
# # 启用 TUN 模式
# enable: true
# # 协议栈,'system' 在大多数系统上性能最佳
# # 在 macOS 上或遇到兼容性问题时可尝试 'gvisor'
# stack: system
# # DNS 劫持,将所有发往 53 端口的 DNS 请求重定向到 Clash 的 DNS 服务器
# # 这是强制所有应用使用 Clash DNS 的关键
# dns-hijack:
# - 'any:53'
# # 自动路由Clash 会自动配置系统路由表,将全局流量导向 TUN 网卡
# # 开启此项后,无需再进行任何手动网络设置
# auto-route: true
# # 自动检测出口网卡,适用于大多数单网卡设备
# # 如果设备有多个物理网卡,建议关闭此项并手动指定 interface-name
# auto-detect-interface: true
# [优化] 严格路由模式
# 开启后可防止 DNS 泄露,并解决在某些系统上 DNS 劫持不生效的问题。
# 注意:此设置会使局域网内的其他设备无法访问本机。如果不需要共享代理,建议开启。
# strict-route: true
#------------------------------------------------------------------#
# 代理节点 (Proxies) 和策略组 (Proxy Groups) - 用户需自行填充 #
#------------------------------------------------------------------#
#
# 请将您的订阅链接转换后,将 proxies 和 proxy-groups 的内容粘贴到此处
proxies:
- type: vless
name: TC-HongKong
server: 43.154.83.213
port: 24443
uuid: f8702759-f402-4e85-92a6-8540d577de22
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: BFC-LosAngles
server: 154.40.34.106
port: 443
uuid: 302fbcb8-e096-46a1-906f-e879ec5ab0c5
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: xx.l4.ca.bg.107421.xyz
tls: true
udp: true
- type: vless
name: CF-HongKong-R-TCHK
server: 43.154.83.213
port: 24453
uuid: 93be1d17-8e02-449d-bb99-683ed46fbe50
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: FV-HongKong
server: 43.154.83.213
port: 24452
uuid: cdf0b19a-9524-48d5-b697-5f10bb567734
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: Care-DEU-Dusseldorf-R-TCHK
server: 43.154.83.213
port: 24451
uuid: 9fa9b4e7-d76d-4890-92cf-ce9251a76f59
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: Care-DEU-Dusseldorf
server: 45.134.50.233
port: 443
uuid: b1417d92-998d-410b-a5f3-cf144b6f043e
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: bingo.107421.xyz
tls: true
udp: true
- type: vless
name: Oracle-KOR-Seoul
server: 140.238.14.103
port: 443
uuid: 1089cc14-557e-47ac-ac85-c07957b3cce3
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: xx.s4.cc.hh.107421.xyz
tls: true
udp: true
- type: vless
name: FV-DEU-Frankfurt
server: 43.154.83.213
port: 24444
uuid: 6055eac4-dee7-463b-b575-d30ea94bb768
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: FV-KOR-Seoul
server: 43.154.83.213
port: 24445
uuid: 1cd284b2-d3d8-4165-b773-893f836c2b51
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: FV-JPN-Tokyo
server: 43.154.83.213
port: 24446
uuid: bf0e9c35-84a9-460e-b5bf-2fa9f2fb3bca
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: FV-GBR-London
server: 43.154.83.213
port: 24447
uuid: adc19390-373d-4dfc-b0f6-19fab1b6fbf6
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: FV-SGP
server: 43.154.83.213
port: 24448
uuid: e31bc28e-8ebd-4d72-a98e-9227f26dfac3
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: Oracle-KOR-Seoul-R-TCHK
server: 43.154.83.213
port: 24449
uuid: 7e27da0c-3013-4ed4-817b-50cc76a0bf81
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: Oracle-JPN-Tokyo-R-TCHK
server: 43.154.83.213
port: 25000
uuid: c751811a-404f-4a05-bc41-5d572e741398
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: Oracle-USA-Phoenix-R-TCHK
server: 43.154.83.213
port: 25001
uuid: fce2a9c6-1380-4ffa-ba84-6b9ec9ee2eea
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- type: vless
name: FV-USA-LosAngles
server: 43.154.83.213
port: 24450
uuid: 56fb312c-bdb0-48ca-bf66-4a2dd34040c6
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: book.107421.xyz
tls: true
udp: true
- name: CF_VIDEO_1
type: vless
server: bingo.pp.icederce.ip-ddns.com
port: 8443
uuid: 86c50e3a-5b87-49dd-bd20-03c7f2735e40
udp: false
tls: true
network: ws
servername: pp.icederce.ip-ddns.com
ws-opts:
path: "/?ed=2560"
headers:
Host: pp.icederce.ip-ddns.com
- name: CF_VIDEO_2
type: vless
server: bingo.icederce.ip-ddns.com
port: 8443
uuid: 86c50e3a-5b87-49dd-bd20-03c7f2735e40
udp: false
tls: true
network: ws
servername: pp.icederce.ip-ddns.com
ws-opts:
path: "/?ed=2560"
headers:
Host: pp.icederce.ip-ddns.com
- type: socks5
name: TC-CHN-Shanghai
server: 42.192.52.227
port: 22887
username: zeaslity
password: a1f090ea-e39c-49e7-a3be-9af26b6ce563
udp: true
- type: vless
name: Oracle-JPN-Tokyo-R-OSel
server: 140.238.14.103
port: 20443
uuid: 21dab95b-088e-47bd-8351-609fd23cb33c
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: xx.t2.ll.c0.107421.xyz
tls: true
udp: true
- type: vless
name: Oracle-JPN-Osaka-R-OSel
server: 140.238.14.103
port: 21443
uuid: 4c2dd763-56e5-408f-bc8f-dbf4c1fe41f9
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: xx.o1.vl.s4.107421.xyz
tls: true
udp: true
- type: vless
name: Oracle-USA-Phoneix-R-OSel
server: 140.238.14.103
port: 22443
uuid: de576486-e254-4d9d-949a-37088358ec23
skip-cert-verify: false
network: tcp
flow: xtls-rprx-vision
servername: xx.p2.vl.s4.107421.xyz
tls: true
udp: true
- {"type":"socks5","name":"onetools-35-71","server":"192.168.35.71","port":22888,"username":"zeaslity","password":"password","udp":true}
proxy-groups:
- name: 🚀 节点选择
type: select
proxies:
- TC-HongKong
- BFC-LosAngles
- FV-HongKong
- Care-DEU-Dusseldorf-R-TCHK
- Oracle-KOR-Seoul-R-TCHK
- Oracle-JPN-Tokyo-R-TCHK
- Oracle-USA-Phoenix-R-TCHK
- Care-DEU-Dusseldorf
- Oracle-KOR-Seoul
- FV-DEU-Frankfurt
- FV-KOR-Seoul
- FV-JPN-Tokyo
- FV-GBR-London
- FV-USA-LosAngles
- CF-HongKong-R-TCHK
- FV-SGP
- CF_VIDEO_1
- CF_VIDEO_2
- Oracle-JPN-Tokyo-R-OSel
- Oracle-JPN-Osaka-R-OSel
- Oracle-USA-Phoneix-R-OSel
- TC-CHN-Shanghai
- ♻️ 自动选择
- DIRECT
- name: ♻️ 自动选择
type: url-test
url: https://www.gstatic.com/generate_204
interval: 300
tolerance: 50
proxies:
- BFC-LosAngles
- TC-HongKong
- Oracle-JPN-Tokyo-R-TCHK
- Oracle-USA-Phoenix-R-TCHK
- Oracle-KOR-Seoul
- Care-DEU-Dusseldorf
- Oracle-JPN-Tokyo-R-OSel
- Oracle-JPN-Osaka-R-OSel
- Oracle-USA-Phoneix-R-OSel
- name: 🌍 国外媒体
type: select
proxies:
- 🚀 节点选择
- ♻️ 自动选择
- 🎯 全球直连
- name: 📲 电报信息
type: select
proxies:
- 🚀 节点选择
- ♻️ 自动选择
- 🎯 全球直连
- name: Ⓜ️ 微软服务
type: select
proxies:
- 🎯 全球直连
- 🚀 节点选择
- name: 🍎 苹果服务
type: select
proxies:
- 🎯 全球直连
- 🚀 节点选择
- name: 💩 工作直连
type: select
proxies:
- DIRECT
- onetools-35-71
- name: 💩 工作代理
type: select
proxies:
- onetools-35-71
- DIRECT
- name: 🎯 全球直连
type: select
proxies:
- DIRECT
- 🚀 节点选择
- ♻️ 自动选择
- name: 🛑 全球拦截
type: select
proxies:
- REJECT
- DIRECT
- name: 🍃 应用净化
type: select
proxies:
- REJECT
- DIRECT
- name: 🐟 漏网之鱼
type: select
proxies:
- 🚀 节点选择
- 🎯 全球直连
- ♻️ 自动选择
- TC-HongKong
- Oracle-KOR-Seoul
#----------------#
# 规则集定义 #
#----------------#
# Rule Providers 用于从网络动态加载规则列表,实现规则的自动更新
rule-providers:
# 广告、追踪器、恶意域名规则集
reject:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/reject.txt"
path: ./ruleset/reject.yaml
interval: 604800 # 更新间隔: 7天
# iCloud 服务规则集
icloud:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/icloud.txt"
path: ./ruleset/icloud.yaml
interval: 604800
# 苹果服务规则集
apple:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/apple.txt"
path: ./ruleset/apple.yaml
interval: 604800
# 谷歌服务规则集
google:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/google.txt"
path: ./ruleset/google.yaml
interval: 604800
# 需要代理的域名规则集
proxy:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/proxy.txt"
path: ./ruleset/proxy.yaml
interval: 604800
# 需要直连的域名规则集
direct:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/direct.txt"
path: ./ruleset/direct.yaml
interval: 604800
# 私有网络域名规则集
private:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/private.txt"
path: ./ruleset/private.yaml
interval: 604800
# 中国大陆 IP 段规则集
cncidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/cncidr.txt"
path: ./ruleset/cncidr.yaml
interval: 604800
# 局域网 IP 段规则集
lancidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt"
path: ./ruleset/lancidr.yaml
interval: 604800
# Telegram 服务器 IP 段规则集
telegramcidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/telegramcidr.txt"
path: ./ruleset/telegramcidr.yaml
interval: 604800
#----------------#
# 分流规则 #
#----------------#
# 规则按从上到下的顺序进行匹配,一旦匹配成功,后续规则将不再执行
rules:
# 1. 广告、追踪器拦截规则 (最高优先级)
# 直接拒绝连接,提升网页加载速度和隐私保护
- RULE-SET,reject,REJECT
# [优化] 核心国内流量直连规则 (IP 维度)
# 将中国大陆的 IP 地址段置于高优先级。这是解决国内网站访问缓慢和超时的关键。
# 任何目标地址在此列表内的连接都会被立即直连,无需进行 DNS 查询和 GEOIP 判断。
- RULE-SET,cncidr,DIRECT
- # 5. 基于地理位置的补充规则
- # 所有目标 IP 位于中国大陆的流量都直连
- # 这条规则作为对域名规则的补充,确保国内 IP 流量的直连
- GEOIP,CN,DIRECT
# 工作代理模式
- DOMAIN-SUFFIX,cdcyy.cn,💩 工作直连
- DOMAIN-SUFFIX,hq.cmcc,💩 工作直连
- DOMAIN-SUFFIX,wdd.io,💩 工作直连
- DOMAIN-SUFFIX,harbor.cdcyy.com.cn,💩 工作直连
- DOMAIN-SUFFIX,ecs.io,💩 工作直连
- DOMAIN-SUFFIX,uavcmlc.com,💩 工作直连
# 2. 本地/内网流量直连规则
# 确保局域网设备和服务的访问不受代理影响
- RULE-SET,lancidr,DIRECT
- RULE-SET,private,DIRECT
# 3. 明确的国内服务直连规则
# 优先匹配已知需要直连的域名和服务 (Apple, iCloud 等)
- RULE-SET,icloud,🍎 苹果服务
- RULE-SET,apple,🍎 苹果服务
- RULE-SET,direct,🎯 全球直连
# 4. 明确的代理规则
# 匹配已知需要代理的服务 (Google, Telegram, 以及其他国际服务)
- RULE-SET,google,🌍 国外媒体
- RULE-SET,telegramcidr,📲 电报信息
- RULE-SET,proxy,🌍 国外媒体
# 6. 最终的兜底规则 (最低优先级)
# 所有未匹配到以上任何规则的流量,都走代理
# 这是确保未知的新网站或国外服务能正常访问的关键
- MATCH,🐟 漏网之鱼

3783
1-代理Xray/10-clash规则/98-subscribe-clash.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

31
1-代理Xray/10-clash规则/clash规则-prompt.txt Normal file
View File

@@ -0,0 +1,31 @@
请查阅clash的配置规格修改上述的配置文件要求对配置进行详细的中文注释说明。
## 参考配置
- https://en.clash.wiki/configuration/getting-started.html
## 修改功能说明,配置最终需要满足如下条件
- 开启TUN模式规则模式下在GFW之内使用
- 访问CN的IP及网址是直连状态,无需任何代理,使用223.5.5.5 119.29.29.29作为DNS
- 访问特殊网址规则,按照clash中规则定义进行访问
- 访问规则之外的CN之外的IP及网址,走代理访问,使用8.8.8.8 1.1.1.1作为DNS
- 规则模式下,在GFW之内使用
- 同上述规则
请查阅clash的配置规格修改上述的配置文件要求对配置进行详细的中文注释说明。
## 参考配置
- https://en.clash.wiki/configuration/getting-started.html
请分析上述的配置文件,无论是否开启TUN模式,在规则模式之后
访问国内的网址出现大量错误,典型的错误如下
[TCP] dial DIRECT (match RuleSet/cncidr) 127.0.0.1:50173 --> www.zhihu.com:443 error: dns resolve failed: context deadline exceeded
[TCP] dial 🎯 全球直连 (match RuleSet/direct) 127.0.0.1:56064 --> static.zhihu.com:443 error: dns resolve failed: context deadline exceeded
访问网址非常卡顿,请给出解决方案.考虑自建DNS服务器是否能够解决问题

277
1-代理Xray/12-DNS服务器AdGuard/AdGuardHome.yaml Normal file
View File

@@ -0,0 +1,277 @@
# AdGuard Home 配置文件
# 官方文档参考: https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration
# HTTP/Web 界面相关设置
#http:
# # pprof (性能分析) 相关设置
# pprof:
# port: 6060 # pprof 服务的端口
# enabled: false # 是否启用 pprof默认为 false建议保持禁用
# address: https://xx.tc.hk.go.107421.xyz # Web 界面的监听地址和端口
# session_ttl: 720h # Web 界面登录会话的有效时间 (720小时 = 30天)
# 用户认证设置
users:
# 在这里添加您的用户。您必须手动生成密码的 bcrypt 哈希值。
# 例如,在 Linux 系统中,您可以使用 htpasswd 工具生成:
# htpasswd -nb your_username your_password
# 然后将输出的整行 (例如: your_username:$apr1$....) 替换掉下面的内容。
- name: zeaslity # 您的用户名
password: "$2y$05$b8Vbq3FrGqFNDceFTPFf.eRVYznIineyqtVr60hURTmFKLwdvadCi" # 将这里替换为您生成的密码哈希值
# 认证尝试次数与锁定时间
auth_attempts: 5 # 允许的最大登录失败次数
block_auth_min: 15 # 登录失败次数过多后,锁定登录的分钟数
http_proxy: "" # HTTP 代理地址,通常留空
language: "zh-cn" # Web 界面语言,留空则自动检测浏览器语言
theme: auto # Web 界面主题 (auto, light, dark)
# DNS 服务器相关设置
dns:
bind_hosts:
- 0.0.0.0 # DNS 服务器监听的 IP 地址127.0.0.1 表示只允许本机访问
port: 53 # DNS 服务器监听的端口53是标准DNS端口
anonymize_client_ip: false # 是否在将 EDNS Client Subnet (ECS) 信息转发给上游时匿名化客户端 IP
# DNS 请求速率限制
ratelimit: 40 # 每个客户端每秒允许的最大 DNS 请求数
ratelimit_subnet_len_ipv4: 24 # 用于速率限制的 IPv4 子网掩码长度 (24表示C类地址)
ratelimit_subnet_len_ipv6: 56 # 用于速率限制的 IPv6 子网掩码长度
ratelimit_whitelist: [] # 不受速率限制的 IP 地址列表
refuse_any: true # 是否拒绝类型为 ANY 的 DNS 请求,以防止被用于 DNS 放大攻击
# 上游 DNS 服务器设置
upstream_dns:
- https://dns.google/dns-query # Google DNS (DoH)
- https://1.1.1.1/dns-query # Cloudflare DNS (DoH)
- tls://8.8.4.4:853 # Google DNS (DoT)
upstream_dns_file: "" # 从文件中加载上游 DNS 服务器列表,留空则不使用
# 引导 DNS 服务器 (用于解析上游 DoH/DoT/DoQ 的域名)
bootstrap_dns:
- 1.1.1.1
- 8.8.8.8
# 备用 DNS 服务器,当所有上游服务器都不可用时使用,可以留空
fallback_dns:
- 1.1.1.1
- 8.8.8.8
# 上游服务器查询模式
upstream_mode: load_balance # "load_balance": 负载均衡, "parallel": 并行请求, "fastest_ip": 最快IP模式
fastest_timeout: 1s # 在 "fastest_ip" 模式下,等待响应的超时时间
# 访问控制
allowed_clients: [] # 允许访问的客户端列表,留空表示允许所有
disallowed_clients: [] # 禁止访问的客户端列表
# 默认拦截的域名
blocked_hosts:
- version.bind
- id.server
- hostname.bind
# 信任的反向代理 IP 地址范围
trusted_proxies:
- 127.0.0.0/8
- ::1/128
# DNS 缓存设置
cache_enabled: true # 是否启用 DNS 缓存
cache_size: 419430400 # 缓存大小 (字节, 这里是 400MB)
cache_ttl_min: 0 # 覆盖 DNS 记录的最小 TTL (秒)0 表示不覆盖
cache_ttl_max: 0 # 覆盖 DNS 记录的最大 TTL (秒)0 表示不覆盖
cache_optimistic: false # 是否启用乐观缓存 (返回过期的缓存记录并异步刷新)
bogus_nxdomain: [] # 将指定的 IP 地址的 NXDOMAIN 响应视为伪造响应
aaaa_disabled: false # 是否禁用对 IPv6 (AAAA) 记录的解析
enable_dnssec: false # 是否启用 DNSSEC 支持
# EDNS Client Subnet (ECS) 设置
edns_client_subnet:
custom_ip: "" # 自定义发送给上游的 IP 地址
enabled: false # 是否启用 ECS
use_custom: false # 是否使用上面定义的 custom_ip
max_goroutines: 300 # 处理 DNS 请求的最大并发协程数
handle_ddr: true # 是否处理 Discovery of Designated Resolvers (DDR)
# IPSet 设置 (需要内核支持)
ipset: []
ipset_file: ""
bootstrap_prefer_ipv6: false # 引导DNS是否优先使用 IPv6
upstream_timeout: 10s # 上游 DNS 请求的超时时间
private_networks: [] # 自定义的私有网络范围
use_private_ptr_resolvers: true # 是否为私有地址使用私有反向DNS解析器
local_ptr_upstreams: [] # 用于PTR请求的本地上游DNS
# DNS64 设置 (用于 NAT64)
use_dns64: false
dns64_prefixes: []
# HTTP/3 相关
serve_http3: false # 是否通过 HTTP/3 提供 DoH 服务
use_http3_upstreams: true # 是否使用 HTTP/3 连接到上游 DoH 服务器
serve_plain_dns: false # 是否为 DoH 和 DoT 客户端提供普通DNS (53端口)
hostsfile_enabled: true # 是否使用操作系统的 hosts 文件
# 待处理请求队列 (防止重复向上游请求)
pending_requests:
enabled: true
# TLS (加密) 相关设置
tls:
enabled: true # 是否启用 TLS (HTTPS, DoH, DoT, DoQ)
server_name: xx.tc.hk.go.107421.xyz # 您的服务器域名
force_https: true # 是否强制将 HTTP 请求重定向到 HTTPS
port_https: 443 # HTTPS 端口
port_dns_over_tls: 253 # DNS-over-TLS (DoT) 端口
port_dns_over_quic: 253 # DNS-over-QUIC (DoQ) 端口
port_dnscrypt: 0 # DNSCrypt 端口0表示禁用
dnscrypt_config_file: "" # DNSCrypt 配置文件路径
allow_unencrypted_doh: false # 是否允许通过未加密的 HTTP 接收 DoH 请求
# 证书和私钥设置
certificate_chain: "" # 证书链内容 (如果直接粘贴内容)
private_key: "" # 私钥内容 (如果直接粘贴内容)
certificate_path: /root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/fullchain.cer # 证书文件路径
private_key_path: /root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/xx.tc.hk.go.107421.xyz.key # 私钥文件路径
strict_sni_check: true # 是否为 DoT 和 DoH 启用严格的 SNI 检查
# 查询日志设置
querylog:
dir_path: "" # 日志文件存储目录,留空为 AdGuard Home 工作目录
ignored: [] # 不记录日志的域名列表
interval: 2160h # 日志轮转周期 (90天)
size_memory: 1000 # 在内存中保留的最新日志条数
enabled: true # 是否启用查询日志
file_enabled: false # 是否将日志写入文件
# 统计信息设置
statistics:
dir_path: "" # 统计数据存储目录
ignored: [] # 不计入统计的域名列表
interval: 24h # 统计信息保留时长
enabled: true # 是否启用统计功能
# 过滤规则列表设置
filters:
# AdGuard DNS 过滤器
- enabled: true
url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt
name: AdGuard DNS filter
id: 1
# AdAway 默认黑名单 (已禁用)
- enabled: false
url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_2.txt
name: AdAway Default Blocklist
id: 2
whitelist_filters: [] # 白名单过滤列表
user_rules: [] # 用户自定义过滤规则
# DHCP 服务器设置 (当前禁用)
dhcp:
enabled: false
interface_name: ""
local_domain_name: lan
dhcpv4:
gateway_ip: ""
subnet_mask: ""
range_start: ""
range_end: ""
lease_duration: 86400
icmp_timeout_msec: 1000
options: []
dhcpv6:
range_start: ""
lease_duration: 86400
ra_slaac_only: false
ra_allow_slaac: false
# 内容过滤总设置
filtering:
blocking_ipv4: "" # 当域名被拦截时,返回的 IPv4 地址 (留空为默认)
blocking_ipv6: "" # 当域名被拦截时,返回的 IPv6 地址 (留空为默认)
# 按服务拦截
blocked_services:
schedule:
time_zone: Local # 时间表使用的时区
ids: [] # 要拦截的服务 ID 列表
protection_disabled_until: null # 临时禁用保护直至指定时间
# 安全搜索设置
safe_search:
enabled: false # 是否为搜索引擎强制启用安全搜索
bing: true
duckduckgo: true
ecosia: true
google: true
pixabay: true
yandex: true
youtube: true
# 拦截模式
blocking_mode: default # default: 默认模式; nxdomain: 返回 NXDOMAIN; null_ip: 返回 0.0.0.0; custom_ip: 返回自定义 IP
parental_block_host: family-block.dns.adguard.com # 家长控制拦截主机
safebrowsing_block_host: standard-block.dns.adguard.com # 安全浏览拦截主机
rewrites: [] # DNS 重写规则
safe_fs_patterns: [] # 文件系统安全模式
# 各种功能的缓存大小 (字节)
safebrowsing_cache_size: 104857600 # 安全浏览 (100MB)
safesearch_cache_size: 104857600 # 安全搜索 (100MB)
parental_cache_size: 1048576 # 家长控制 (1MB)
cache_time: 180 # 缓存时间 (秒)
filters_update_interval: 24 # 过滤器自动更新间隔 (小时)
blocked_response_ttl: 10 # 被拦截域名的 DNS 响应 TTL (秒)
# 总开关
filtering_enabled: true # 是否启用广告过滤
parental_enabled: false # 是否启用家长控制
safebrowsing_enabled: false # 是否启用安全浏览
protection_enabled: true # AdGuard 总保护开关
# 客户端设置
clients:
runtime_sources:
whois: true
arp: true
rdns: false
dhcp: true
hosts: true
persistent: [] # 持久化客户端设置
# 一般日志设置
log:
enabled: true # 是否启用 AdGuard Home 本身的日志记录
file: "" # 日志文件路径,留空为 stdout
max_backups: 0 # 保留的旧日志文件数量
max_size: 100 # 每个日志文件的最大大小 (MB)
max_age: 3 # 旧日志文件保留天数
compress: false # 是否压缩旧日志文件
local_time: false # 是否使用本地时间记录日志
verbose: false # 是否启用详细日志模式
# 操作系统相关设置
os:
group: ""
user: ""
rlimit_nofile: 0
schema_version: 30 # 配置文件架构版本,请勿手动修改

23
1-代理Xray/12-DNS服务器AdGuard/ad-guard-prompt.md Normal file
View File

@@ -0,0 +1,23 @@
请详细参考AdGuard官方的教程,
- https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration
基于上文给出的配置文件,做出如下的修改
- 针对每一行的配置,给出中文的注释说明
- 实现用户名密码访问控制台,禁止非登录访问
htpasswd -nb -B zeaslity MSuper@123.IO9
zeaslity:$2y$05$b8Vbq3FrGqFNDceFTPFf.eRVYznIineyqtVr60hURTmFKLwdvadCi
dnslookup www.youtube.com https://xx.tc.hk.go.107421.xyz/dns-query
bitsflowcx1@outlook.com
urh!ude9zdf5njy0ZJN
aaa20250822

70
1-代理Xray/3-BitsFLowCloud-洛杉矶/0-vless-speed.json Normal file
View File

@@ -0,0 +1,70 @@
{
"log": {
"loglevel": "error"
},
"inbounds": [
{
"port": 443,
"protocol": "vless",
"tag": "proxy",
"settings": {
"clients": [
{
"id": "302fbcb8-e096-46a1-906f-e879ec5ab0c5",
"flow": "xtls-rprx-vision",
"email": "bfc@vless.com",
"level": 0
}
],
"decryption": "none",
"fallbacks": [
{
"dest": "/dev/shm/h2c.sock",
"xver": 2,
"alpn": "h2"
},
{
"dest": "/dev/shm/h1.sock",
"xver": 2
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/root/.acme.sh/xx.l4.ca.bg.107421.xyz_ecc/fullchain.cer",
"keyFile": "/root/.acme.sh/xx.l4.ca.bg.107421.xyz_ecc/xx.l4.ca.bg.107421.xyz.key"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"alpn": [
"h2",
"http/1.1"
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
}
],
"outbounds": [
{
"protocol": "freedom"
},
{
"protocol": "freedom",
"tag": "proxy"
}
]
}

5
1-代理Xray/9-伪装网站/在线安装nginx.sh
View File

@@ -19,6 +19,9 @@ sudo apt update
sudo apt install -y nginx
mkdir -p /var/www/html/
# 上传文件
mv dist.zip /var/www/html/
cd /var/www/html/
unzip dist.zip
@@ -26,6 +29,8 @@ chown -R www-data:www-data /var/www/html/
chmod -R 755 /var/www/html/
# nginx配置
systemctl restart nginx
systemctl enable nginx

3700
1-代理Xray/98-subscribe-clash.yaml
View File

File diff suppressed because it is too large Load Diff

1
1-代理Xray/99-subscribe-octopus-latest.txt
View File

@@ -1,4 +1,5 @@
vless://f8702759-f402-4e85-92a6-8540d577de22@43.154.83.213:24443?type=tcp&encryption=none&security=tls&path=%2f&flow=xtls-rprx-vision&sni=book.107421.xyz#TC-HongKong
vless://302fbcb8-e096-46a1-906f-e879ec5ab0c5@154.40.34.106:443?type=tcp&encryption=none&security=tls&path=%2f&flow=xtls-rprx-vision&sni=xx.l4.ca.bg.107421.xyz#BFC-LosAngles
vless://93be1d17-8e02-449d-bb99-683ed46fbe50@43.154.83.213:24453?type=tcp&encryption=none&security=tls&path=%2f&flow=xtls-rprx-vision&sni=book.107421.xyz#CF-HongKong-R-TCHK
vless://cdf0b19a-9524-48d5-b697-5f10bb567734@43.154.83.213:24452?type=tcp&encryption=none&security=tls&path=%2f&flow=xtls-rprx-vision&sni=book.107421.xyz#FV-HongKong

896
1-代理Xray/Clash/clash-config.yaml
View File

@@ -1,896 +0,0 @@
#---------------------------------------------------#
## 更新2022-09-28 09:02:50
## 感谢https://github.com/Hackl0us/SS-Rule-Snippet
## 链接https://link.oness.xyz/link/0fHPiayjsMIn6BUC?clash=1
#---------------------------------------------------#
# HTTP 代理端口
port: 7890
# SOCKS5 代理端口
socks-port: 7891
# Linux 和 macOS 的 redir 代理端口
redir-port: 7892
# 允许局域网的连接
allow-lan: true
# 规则模式Rule规则 / Global全局代理/ Direct全局直连
mode: Rule
# 设置日志输出级别 (默认级别silent即不输出任何内容以避免因日志内容过大而导致程序内存溢出
# 5 个级别silent / info / warning / error / debug。级别越高日志输出量越大越倾向于调试若需要请自行开启。
log-level: info
# Clash 的 RESTful API
external-controller: '0.0.0.0:9090'
# RESTful API 的口令
secret: ''
# 您可以将静态网页资源(如 clash-dashboard放置在一个目录中clash 将会服务于 `RESTful API/ui`
# 参数应填写配置目录的相对路径或绝对路径。
# external-ui: folder
proxies:
# vmess
# cipher support auto/aes-128-gcm/chacha20-poly1305/none
- name: "Tencent-Shanghai-Relay"
type: vmess
server: 42.192.52.227
port: 19999
uuid: 7318178c-5583-40dd-996c-a0add1f8fc1e
alterId: 0
cipher: auto
# udp: true
tls: false
skip-cert-verify: true
# servername: example.com # priority over wss host
network: http
http-opts:
host:
path:
- /v2ice-vmess-tcp-seoul
# headers:
# Host: v2ray.com
# max-early-data: 2048
# early-data-header-name: Sec-WebSocket-Protocol
proxy-groups:
- name: Proxy
type: select
# disable-udp: true
proxies:
- Tencent-Shanghai-Relay
- name: Direct
type: select
proxies:
- DIRECT
- name: Domestic
type: select
proxies:
- DIRECT
- Proxy
- name: Others
type: select
proxies:
- Proxy
- DIRECT
# 规则
rules:
# anti-ads
- DOMAIN-KEYWORD,adservice,REJECT
- DOMAIN-SUFFIX,adcolony.com,REJECT
- DOMAIN-SUFFIX,adinall.com,REJECT
- DOMAIN-SUFFIX,admaster.com.cn,REJECT
- DOMAIN-SUFFIX,admob.com,REJECT
- DOMAIN-SUFFIX,adnxs.com,REJECT
- DOMAIN-SUFFIX,adnyg.com,REJECT
- DOMAIN-SUFFIX,adsensor.org,REJECT
- DOMAIN-SUFFIX,adsymptotic.com,REJECT
- DOMAIN-SUFFIX,adthor.com,REJECT
- DOMAIN-SUFFIX,adwhirl.com,REJECT
- DOMAIN-SUFFIX,amazon-adsystem.com,REJECT
- DOMAIN-SUFFIX,amobee.com,REJECT
- DOMAIN-SUFFIX,app-adforce.jp,REJECT
- DOMAIN-SUFFIX,appads.com,REJECT
- DOMAIN-SUFFIX,appcpi.net,REJECT
- DOMAIN-SUFFIX,appier.net,REJECT
- DOMAIN-SUFFIX,applift.com,REJECT
- DOMAIN-SUFFIX,applovin.com,REJECT
- DOMAIN-SUFFIX,applvn.com,REJECT
- DOMAIN-SUFFIX,apsalar.com,REJECT
- DOMAIN-SUFFIX,apxadtracking.net,REJECT
- DOMAIN-SUFFIX,axonix.com,REJECT
- DOMAIN-SUFFIX,bayimob.com,REJECT
- DOMAIN-SUFFIX,bjvvqu.cn,REJECT
- DOMAIN-SUFFIX,bulldogcpi.com,REJECT
- DOMAIN-SUFFIX,clotfun.mobi,REJECT
- DOMAIN-SUFFIX,clotfun.online,REJECT
- DOMAIN-SUFFIX,cloudmobi.net,REJECT
- DOMAIN-SUFFIX,crwdcntrl.net,REJECT
- DOMAIN-SUFFIX,ctrmi.com,REJECT
- DOMAIN-SUFFIX,exosrv.com,REJECT
- DOMAIN-SUFFIX,go2cloud.org,REJECT
- DOMAIN-SUFFIX,growingio.com,REJECT
- DOMAIN-SUFFIX,haloapps.com,REJECT
- DOMAIN-SUFFIX,hypers.com,REJECT
- DOMAIN-SUFFIX,idealads.net,REJECT
- DOMAIN-SUFFIX,inmobi.cn,REJECT
- DOMAIN-SUFFIX,inmobi.com,REJECT
- DOMAIN-SUFFIX,inmobi.net,REJECT
- DOMAIN-SUFFIX,inmobicdn.cn,REJECT
- DOMAIN-SUFFIX,inmobicdn.net,REJECT
- DOMAIN-SUFFIX,inner-active.mobi,REJECT
- DOMAIN-SUFFIX,insurads.com,REJECT
- DOMAIN-SUFFIX,ironsrc.com,REJECT
- DOMAIN-SUFFIX,irs01.com,REJECT
- DOMAIN-SUFFIX,iskyworker.com,REJECT
- DOMAIN-SUFFIX,juicyads.com,REJECT
- DOMAIN-SUFFIX,kochava.com,REJECT
- DOMAIN-SUFFIX,leadboltmobile.net,REJECT
- DOMAIN-SUFFIX,lenzmx.com,REJECT
- DOMAIN-SUFFIX,liveadvert.com,REJECT
- DOMAIN-SUFFIX,lnk0.com,REJECT
- DOMAIN-SUFFIX,lnk8.cn,REJECT
- DOMAIN-SUFFIX,localytics.com,REJECT
- DOMAIN-SUFFIX,mdfull.com,REJECT
- DOMAIN-SUFFIX,measurementapi.com,REJECT
- DOMAIN-SUFFIX,medialytics.com,REJECT
- DOMAIN-SUFFIX,meetrics.com,REJECT
- DOMAIN-SUFFIX,meetrics.net,REJECT
- DOMAIN-SUFFIX,miaozhen.com,REJECT
- DOMAIN-SUFFIX,mmstat.com,REJECT
- DOMAIN-SUFFIX,moatads.com,REJECT
- DOMAIN-SUFFIX,mobclix.com,REJECT
- DOMAIN-SUFFIX,mopub.com,REJECT
- DOMAIN-SUFFIX,okjhb.xyz,REJECT
- DOMAIN-SUFFIX,openx.net,REJECT
- DOMAIN-SUFFIX,outbrain.com,REJECT
- DOMAIN-SUFFIX,pubmatic.com,REJECT
- DOMAIN-SUFFIX,qchannel01.cn,REJECT
- DOMAIN-SUFFIX,rayjump.com,REJECT
- DOMAIN-SUFFIX,rtbasia.com,REJECT
- DOMAIN-SUFFIX,rubiconproject.com,REJECT
- DOMAIN-SUFFIX,scorecardresearch.com,REJECT
- DOMAIN-SUFFIX,sdkclick.com,REJECT
- DOMAIN-SUFFIX,shuzilm.cn,REJECT
- DOMAIN-SUFFIX,smaato.net,REJECT
- DOMAIN-SUFFIX,smartadserver.com,REJECT
- DOMAIN-SUFFIX,smartnews-ads.com,REJECT
- DOMAIN-SUFFIX,supersonic.com,REJECT
- DOMAIN-SUFFIX,supersonicads.com,REJECT
- DOMAIN-SUFFIX,tagtic.cn,REJECT
- DOMAIN-SUFFIX,tanv.com,REJECT
- DOMAIN-SUFFIX,tanx.com,REJECT
- DOMAIN-SUFFIX,tapjoy.com,REJECT
- DOMAIN-SUFFIX,trafficjunky.net,REJECT
- DOMAIN-SUFFIX,turn.com,REJECT
- DOMAIN-SUFFIX,uri6.com,REJECT
- DOMAIN-SUFFIX,vidoomy.com,REJECT
- DOMAIN-SUFFIX,vungle.com,REJECT
- DOMAIN-SUFFIX,wedolook.com,REJECT
- DOMAIN-SUFFIX,xdrig.com,REJECT
- DOMAIN-SUFFIX,yumimobi.com,REJECT
- DOMAIN-SUFFIX,zu08e.cn,REJECT
- DOMAIN-SUFFIX,ad.cmvideo.cn,REJECT
- DOMAIN-SUFFIX,ad.daum.net,REJECT
- DOMAIN,abema-adx.ameba.jp,REJECT
- DOMAIN,ad.12306.cn,REJECT
- DOMAIN,ad.360in.com,REJECT
- DOMAIN,ad.51wnl-cq.com,REJECT
- DOMAIN,ad.caiyunapp.com,REJECT
- DOMAIN,ad.huajiao.com,REJECT
- DOMAIN,ad.hzyoka.com,REJECT
- DOMAIN,ad.jiemian.com,REJECT
- DOMAIN,ad.qingting.fm,REJECT
- DOMAIN,ad.wappalyzer.com,REJECT
- DOMAIN,ad-cn.jovcloud.com,REJECT
- DOMAIN,adextra.51wnl-cq.com,REJECT
- DOMAIN,api.adnet.mob.com,REJECT
- DOMAIN,ads.adadapted.com,REJECT
- DOMAIN,ads.chinadaily.com.cn,REJECT
- DOMAIN,ads.daydaycook.com.cn,REJECT
- DOMAIN,ads.weilitoutiao.net,REJECT
- DOMAIN,adsapi.manhuaren.com,REJECT
- DOMAIN,adsdk.dmzj.com,REJECT
- DOMAIN,adserver.pandora.com,REJECT
- DOMAIN,adshow.58.com,REJECT
- DOMAIN,adui.tg.meitu.com,REJECT
- DOMAIN,adv.bandi.so,REJECT
- DOMAIN,app-ad.variflight.com,REJECT
- DOMAIN,appnext.hs.llnwd.net,REJECT
- DOMAIN,appnext-a.akamaihd.net,REJECT
- DOMAIN,ggs.myzaker.com,REJECT
- DOMAIN,itad.linetv.tw,REJECT
- DOMAIN,ja.chushou.tv,REJECT
- DOMAIN,mads.suning.com,REJECT
- DOMAIN,mobileads.msn.com,REJECT
- DOMAIN,mopnativeadv.037201.com,REJECT
- DOMAIN,nativeadv.dftoutiao.com,REJECT
- DOMAIN-SUFFIX,iadsdk.apple.com,REJECT
- DOMAIN-SUFFIX,ads.internal.unity3d.com,REJECT
- DOMAIN-SUFFIX,ads.prd.ie.internal.unity3d.com,REJECT
- DOMAIN-SUFFIX,unityads.unity3d.com,REJECT
- DOMAIN,optimus-ads.amap.com,REJECT
- DOMAIN,optimus-ads.amap.com.w.alikunlun.com,REJECT
- DOMAIN,tunion-api.m.taobao.com,REJECT
- DOMAIN,adproxy.autohome.com.cn,REJECT
- DOMAIN,rd.autohome.com.cn,REJECT
- DOMAIN,al.autohome.com.cn,REJECT
- DOMAIN,applogapi.autohome.com.cn,REJECT
- DOMAIN-SUFFIX,cpro.baidu.com,REJECT
- DOMAIN-SUFFIX,pos.baidu.com,REJECT
- DOMAIN,afd.baidu.com,REJECT
- DOMAIN,als.baidu.com,REJECT
- DOMAIN,duclick.baidu.com,REJECT
- DOMAIN,mobads.baidu.com,REJECT
- DOMAIN,mobads-logs.baidu.com,REJECT
- DOMAIN,nsclick.baidu.com,REJECT
- DOMAIN,ad.toutiao.com,REJECT
- DOMAIN,adx.yiche.com,REJECT
- DOMAIN,log.ycapp.yiche.com,REJECT
- DOMAIN,advertise.baicizhan.com,REJECT
- DOMAIN,advertise.baicizhan.org,REJECT
- DOMAIN,galaxy.bjcathay.com,REJECT
- DOMAIN,mdrecv.app.cntvwb.cn,REJECT
- DOMAIN,sdapprecv.app.cntvwb.cn,REJECT
- DOMAIN,vdapprecv.app.cntvwb.cn,REJECT
- DOMAIN,ad.21cn.com,REJECT
- DOMAIN,ad.k.21cn.com,REJECT
- DOMAIN,admarket.21cn.com,REJECT
- DOMAIN,adshows.21cn.com,REJECT
- DOMAIN,atrace.chelaile.net.cn,REJECT
- DOMAIN,logs.chelaile.net.cn,REJECT
- DOMAIN-SUFFIX,doubleclick.net,REJECT
- DOMAIN-SUFFIX,googleadservices.com,REJECT
- DOMAIN-SUFFIX,googleadsserving.cn,REJECT
- DOMAIN-SUFFIX,googlesyndication.com,REJECT
- DOMAIN-SUFFIX,da.mgtv.com,REJECT
- DOMAIN-SUFFIX,da.hunantv.com,REJECT
- DOMAIN,adx.hupu.com,REJECT
- DOMAIN,adx-api.hupu.com,REJECT
- DOMAIN,goblin.hupu.com,REJECT
- DOMAIN,t7z.cupid.iqiyi.com,REJECT
- IP-CIDR,101.227.97.240/32,REJECT,no-resolve
- IP-CIDR,101.227.200.11/32,REJECT,no-resolve
- IP-CIDR,101.227.200.28/32,REJECT,no-resolve
- IP-CIDR,124.192.153.42/32,REJECT,no-resolve
- DOMAIN-SUFFIX,deliver.ifeng.com,REJECT
- DOMAIN,api.newad.ifeng.com,REJECT
- DOMAIN,ifengad.3g.ifeng.com,REJECT
- DOMAIN,adserviceretry.kugou.com,REJECT
- DOMAIN,ads.service.kugou.com,REJECT
- DOMAIN,adsfile.bssdlbig.kugou.com,REJECT
- DOMAIN,g.koowo.com,REJECT
- DOMAIN,kgmobilestat.kugou.com,REJECT
- DOMAIN,kgmobilestatbak.kugou.com,REJECT
- DOMAIN,mobilelog.kugou.com,REJECT
- DOMAIN,mobilead.kuwo.cn,REJECT
- DOMAIN,rich.kuwo.cn,REJECT
- DOMAIN,ad-stat.ksosoft.com,REJECT
- DOMAIN,img.auction-ads.wpscdn.cn,REJECT
- DOMAIN,counter.kingsoft.com,REJECT
- DOMAIN,counter.ksosoft.com,REJECT
- DOMAIN,minfo.wps.cn,REJECT
- DOMAIN,mobad.ijinshan.com,REJECT
- DOMAIN,ups.ksmobile.net,REJECT
- DOMAIN,ws.ksmobile.net,REJECT
- DOMAIN-SUFFIX,webp2p.letv.com,REJECT
- DOMAIN,ark.letv.com,REJECT
- DOMAIN,emma-414870e223.huodonghezi.com,REJECT
- DOMAIN,g3.letv.com,REJECT
- DOMAIN,n.mark.letv.com,REJECT
- DOMAIN,ad.hpplay.cn,REJECT
- DOMAIN,adcdn.hpplay.cn,REJECT
- DOMAIN,adeng.hpplay.cn,REJECT
- DOMAIN,rp.hpplay.cn,REJECT
- DOMAIN-SUFFIX,ad.intl.xiaomi.com,REJECT
- DOMAIN-SUFFIX,ad.xiaomi.com,REJECT
- DOMAIN-SUFFIX,admob.xiaomi.com,REJECT
- DOMAIN,adv.sec.intl.miui.com,REJECT
- DOMAIN,adv.sec.miui.com,REJECT
- DOMAIN,ad.api.moji.com,REJECT
- DOMAIN,adlaunch.moji.com,REJECT
- DOMAIN,ads.mojicdn.com,REJECT
- DOMAIN,v1.log.moji.com,REJECT
- DOMAIN,ad.bn.netease.com,REJECT
- DOMAIN,ad.yixin.im,REJECT
- DOMAIN,admusicpic.music.126.net,REJECT
- DOMAIN,gorgon.youdao.com,REJECT
- DOMAIN,iadmat.nosdn.127.net,REJECT
- DOMAIN,iadmusicmat.music.126.net,REJECT
- DOMAIN,iadmusicmatvideo.music.126.net,REJECT
- DOMAIN,impservice.dictapp.youdao.com,REJECT
- DOMAIN,impservice.youdao.com,REJECT
- DOMAIN,log.yex.youdao.com,REJECT
- DOMAIN,log-yex.youdao.com,REJECT
- DOMAIN,n.3g.163.com,REJECT
- DOMAIN,nex.163.com,REJECT
- DOMAIN,yt-adp.nosdn.127.net,REJECT
- DOMAIN,yt-adp.ws.126.net,REJECT
- DOMAIN,ads.aplus.pptv.com,REJECT
- DOMAIN,ads.aplusapi.pptv.com,REJECT
- DOMAIN,asimgs.pplive.cn,REJECT
- DOMAIN,de.as.pptv.com,REJECT
- DOMAIN,regist.fotoable.com,REJECT
- DOMAIN,cdn.adapi.fotoable.com,REJECT
- DOMAIN,adnew.wifi8.com,REJECT
- DOMAIN,adfile.wifi8.com,REJECT
- DOMAIN-SUFFIX,beacon.sina.com.cn,REJECT
- DOMAIN,adimg.vue.weibo.com,REJECT
- DOMAIN,u1.img.mobile.sina.cn,REJECT
- DOMAIN,sax.sina.com.cn,REJECT
- DOMAIN,saxs.sina.com.cn,REJECT
- DOMAIN,saxn.sina.com.cn,REJECT
- DOMAIN-SUFFIX,ad.sohu.com,REJECT
- DOMAIN-SUFFIX,ads.sohu.com,REJECT
- DOMAIN-SUFFIX,aty.sohu.com,REJECT
- DOMAIN,imp.optaim.com,REJECT
- DOMAIN,v2.reachmax.cn,REJECT
- DOMAIN,track.sohu.com,REJECT
- DOMAIN,hui.sohu.com,REJECT
- DOMAIN-SUFFIX,e.qq.com,REJECT
- DOMAIN-SUFFIX,gdt.qq.com,REJECT
- DOMAIN-SUFFIX,l.qq.com,REJECT
- DOMAIN,adsmind.apdcdn.tc.qq.com,REJECT
- DOMAIN,adsmind.gdtimg.com,REJECT
- DOMAIN,adsmind.tc.qq.com,REJECT
- DOMAIN,pgdt.gtimg.cn,REJECT
- DOMAIN,pgdt.gtimg.com,REJECT
- DOMAIN,pgdt.ugdtimg.com,REJECT
- DOMAIN,splashqqlive.gtimg.com,REJECT
- DOMAIN,wa.gtimg.com,REJECT
- DOMAIN,wxsnsdy.wxs.qq.com,REJECT
- DOMAIN,wxsnsdythumb.wxs.qq.com,REJECT
- DOMAIN,admonitor.thepaper.cn,REJECT
- DOMAIN,adpai.thepaper.cn,REJECT
- DOMAIN,imgadpai.thepaper.cn,REJECT
- DOMAIN,adsp.xunlei.com,REJECT
- DOMAIN,etl.xlmc.sandai.net,REJECT
- DOMAIN,adm.10jqka.com.cn,REJECT
- DOMAIN,stat.10jqka.com.cn,REJECT
- DOMAIN,ad-analysis.pconline.com.cn,REJECT
- DOMAIN,iad0ssl.pcauto.com.cn,REJECT
- DOMAIN,iad0ssl.pconline.com.cn,REJECT
- DOMAIN,imgad0.pcauto.com.cn,REJECT
- DOMAIN,imgad0.pconline.com.cn,REJECT
- DOMAIN,ivy.pchouse.com.cn,REJECT
- DOMAIN,a.wkanx.com,REJECT
- DOMAIN,cwx.lianwangtech.com,REJECT
- DOMAIN,c1wx.lianwangtech.com,REJECT
- DOMAIN,ad.ximalaya.com,REJECT
- DOMAIN,adbs.ximalaya.com,REJECT
- DOMAIN,adse.ximalaya.com,REJECT
- DOMAIN,adse.wsa.ximalaya.com,REJECT
- DOMAIN,adbehavior.wsa.ximalaya.com,REJECT
- DOMAIN,adsebs.ximalaya.com,REJECT
- DOMAIN,ads-img-qc.xhscdn.com,REJECT
- DOMAIN,ads-video-qc.xhscdn.com,REJECT
- DOMAIN,t-ads.xiaohongshu.com,REJECT
- DOMAIN-SUFFIX,atm.youku.com,REJECT
- DOMAIN,ad.mobile.youku.com,REJECT
- DOMAIN,iyes.youku.com,REJECT
- DOMAIN,apppv.zol.com.cn,REJECT
- DOMAIN,pvnapp.zol.com.cn,REJECT
# (DNS Cache Pollution Protection)
# > Google
- DOMAIN-SUFFIX,appspot.com,Proxy
- DOMAIN-SUFFIX,blogger.com,Proxy
- DOMAIN-SUFFIX,getoutline.org,Proxy
- DOMAIN-SUFFIX,gvt0.com,Proxy
- DOMAIN-SUFFIX,gvt1.com,Proxy
- DOMAIN-SUFFIX,gvt3.com,Proxy
- DOMAIN-SUFFIX,xn--ngstr-lra8j.com,Proxy
- DOMAIN-KEYWORD,google,Proxy
- DOMAIN-KEYWORD,blogspot,Proxy
# > Facebook
- DOMAIN-SUFFIX,cdninstagram.com,Proxy
- DOMAIN-SUFFIX,fb.com,Proxy
- DOMAIN-SUFFIX,fb.me,Proxy
- DOMAIN-SUFFIX,fbaddins.com,Proxy
- DOMAIN-SUFFIX,fbcdn.net,Proxy
- DOMAIN-SUFFIX,fbsbx.com,Proxy
- DOMAIN-SUFFIX,fbworkmail.com,Proxy
- DOMAIN-SUFFIX,instagram.com,Proxy
- DOMAIN-SUFFIX,m.me,Proxy
- DOMAIN-SUFFIX,messenger.com,Proxy
- DOMAIN-SUFFIX,oculus.com,Proxy
- DOMAIN-SUFFIX,oculuscdn.com,Proxy
- DOMAIN-SUFFIX,rocksdb.org,Proxy
- DOMAIN-SUFFIX,whatsapp.com,Proxy
- DOMAIN-SUFFIX,whatsapp.net,Proxy
- DOMAIN-KEYWORD,facebook,Proxy
# > Twitter
- DOMAIN-SUFFIX,pscp.tv,Proxy
- DOMAIN-SUFFIX,periscope.tv,Proxy
- DOMAIN-SUFFIX,t.co,Proxy
- DOMAIN-SUFFIX,twimg.co,Proxy
- DOMAIN-SUFFIX,twimg.com,Proxy
- DOMAIN-SUFFIX,twitpic.com,Proxy
- DOMAIN-SUFFIX,vine.co,Proxy
- DOMAIN-KEYWORD,twitter,Proxy
# > Telegram
- DOMAIN-SUFFIX,t.me,Proxy
- DOMAIN-SUFFIX,tdesktop.com,Proxy
- DOMAIN-SUFFIX,telegra.ph,Proxy
- DOMAIN-SUFFIX,telegram.me,Proxy
- DOMAIN-SUFFIX,telegram.org,Proxy
# > Line
- DOMAIN-SUFFIX,line.me,Proxy
- DOMAIN-SUFFIX,line-apps.com,Proxy
- DOMAIN-SUFFIX,line-scdn.net,Proxy
- DOMAIN-SUFFIX,naver.jp,Proxy
# > Other
- DOMAIN-SUFFIX,4shared.com,Proxy
- DOMAIN-SUFFIX,881903.com,Proxy
- DOMAIN-SUFFIX,abc.net.au,Proxy
- DOMAIN-SUFFIX,abebooks.com,Proxy
- DOMAIN-SUFFIX,amazon.co.jp,Proxy
- DOMAIN-SUFFIX,apigee.com,Proxy
- DOMAIN-SUFFIX,apk-dl.com,Proxy
- DOMAIN-SUFFIX,apkmirror.com,Proxy
- DOMAIN-SUFFIX,apkmonk.com,Proxy
- DOMAIN-SUFFIX,apkpure.com,Proxy
- DOMAIN-SUFFIX,aptoide.com,Proxy
- DOMAIN-SUFFIX,archive.is,Proxy
- DOMAIN-SUFFIX,archive.org,Proxy
- DOMAIN-SUFFIX,arte.tv,Proxy
- DOMAIN-SUFFIX,ask.com,Proxy
- DOMAIN-SUFFIX,avgle.com,Proxy
- DOMAIN-SUFFIX,badoo.com,Proxy
- DOMAIN-SUFFIX,bandwagonhost.com,Proxy
- DOMAIN-SUFFIX,bbc.com,Proxy
- DOMAIN-SUFFIX,behance.net,Proxy
- DOMAIN-SUFFIX,bibox.com,Proxy
- DOMAIN-SUFFIX,biggo.com.tw,Proxy
- DOMAIN-SUFFIX,binance.com,Proxy
- DOMAIN-SUFFIX,bitcointalk.org,Proxy
- DOMAIN-SUFFIX,bitfinex.com,Proxy
- DOMAIN-SUFFIX,bitmex.com,Proxy
- DOMAIN-SUFFIX,bit-z.com,Proxy
- DOMAIN-SUFFIX,bloglovin.com,Proxy
- DOMAIN-SUFFIX,bloomberg.cn,Proxy
- DOMAIN-SUFFIX,bloomberg.com,Proxy
- DOMAIN-SUFFIX,book.com.tw,Proxy
- DOMAIN-SUFFIX,booklive.jp,Proxy
- DOMAIN-SUFFIX,books.com.tw,Proxy
- DOMAIN-SUFFIX,box.com,Proxy
- DOMAIN-SUFFIX,brookings.edu,Proxy
- DOMAIN-SUFFIX,businessinsider.com,Proxy
- DOMAIN-SUFFIX,bwh1.net,Proxy
- DOMAIN-SUFFIX,castbox.fm,Proxy
- DOMAIN-SUFFIX,cbc.ca,Proxy
- DOMAIN-SUFFIX,cdw.com,Proxy
- DOMAIN-SUFFIX,change.org,Proxy
- DOMAIN-SUFFIX,ck101.com,Proxy
- DOMAIN-SUFFIX,clarionproject.org,Proxy
- DOMAIN-SUFFIX,clyp.it,Proxy
- DOMAIN-SUFFIX,cna.com.tw,Proxy
- DOMAIN-SUFFIX,comparitech.com,Proxy
- DOMAIN-SUFFIX,conoha.jp,Proxy
- DOMAIN-SUFFIX,crucial.com,Proxy
- DOMAIN-SUFFIX,cts.com.tw,Proxy
- DOMAIN-SUFFIX,cw.com.tw,Proxy
- DOMAIN-SUFFIX,cyberctm.com,Proxy
- DOMAIN-SUFFIX,dailymotion.com,Proxy
- DOMAIN-SUFFIX,dailyview.tw,Proxy
- DOMAIN-SUFFIX,daum.net,Proxy
- DOMAIN-SUFFIX,daumcdn.net,Proxy
- DOMAIN-SUFFIX,dcard.tw,Proxy
- DOMAIN-SUFFIX,deepdiscount.com,Proxy
- DOMAIN-SUFFIX,deezer.com,Proxy
- DOMAIN-SUFFIX,depositphotos.com,Proxy
- DOMAIN-SUFFIX,disconnect.me,Proxy
- DOMAIN-SUFFIX,discordapp.com,Proxy
- DOMAIN-SUFFIX,discordapp.net,Proxy
- DOMAIN-SUFFIX,disqus.com,Proxy
- DOMAIN-SUFFIX,dns2go.com,Proxy
- DOMAIN-SUFFIX,dropbox.com,Proxy
- DOMAIN-SUFFIX,dropboxusercontent.com,Proxy
- DOMAIN-SUFFIX,duckduckgo.com,Proxy
- DOMAIN-SUFFIX,dw.com,Proxy
- DOMAIN-SUFFIX,dynu.com,Proxy
- DOMAIN-SUFFIX,earthcam.com,Proxy
- DOMAIN-SUFFIX,ebookservice.tw,Proxy
- DOMAIN-SUFFIX,economist.com,Proxy
- DOMAIN-SUFFIX,edgecastcdn.net,Proxy
- DOMAIN-SUFFIX,edu,Proxy
- DOMAIN-SUFFIX,elpais.com,Proxy
- DOMAIN-SUFFIX,enanyang.my,Proxy
- DOMAIN-SUFFIX,euronews.com,Proxy
- DOMAIN-SUFFIX,feedly.com,Proxy
- DOMAIN-SUFFIX,files.wordpress.com,Proxy
- DOMAIN-SUFFIX,flickr.com,Proxy
- DOMAIN-SUFFIX,flitto.com,Proxy
- DOMAIN-SUFFIX,foreignpolicy.com,Proxy
- DOMAIN-SUFFIX,friday.tw,Proxy
- DOMAIN-SUFFIX,gate.io,Proxy
- DOMAIN-SUFFIX,getlantern.org,Proxy
- DOMAIN-SUFFIX,getsync.com,Proxy
- DOMAIN-SUFFIX,globalvoices.org,Proxy
- DOMAIN-SUFFIX,goo.ne.jp,Proxy
- DOMAIN-SUFFIX,goodreads.com,Proxy
- DOMAIN-SUFFIX,gov.tw,Proxy
- DOMAIN-SUFFIX,gumroad.com,Proxy
- DOMAIN-SUFFIX,hbg.com,Proxy
- DOMAIN-SUFFIX,hightail.com,Proxy
- DOMAIN-SUFFIX,hk01.com,Proxy
- DOMAIN-SUFFIX,hkbf.org,Proxy
- DOMAIN-SUFFIX,hkbookcity.com,Proxy
- DOMAIN-SUFFIX,hkej.com,Proxy
- DOMAIN-SUFFIX,hket.com,Proxy
- DOMAIN-SUFFIX,hkgolden.com,Proxy
- DOMAIN-SUFFIX,hootsuite.com,Proxy
- DOMAIN-SUFFIX,hudson.org,Proxy
- DOMAIN-SUFFIX,huobi.pro,Proxy
- DOMAIN-SUFFIX,initiummall.com,Proxy
- DOMAIN-SUFFIX,ipfs.io,Proxy
- DOMAIN-SUFFIX,issuu.com,Proxy
- DOMAIN-SUFFIX,japantimes.co.jp,Proxy
- DOMAIN-SUFFIX,jiji.com,Proxy
- DOMAIN-SUFFIX,jinx.com,Proxy
- DOMAIN-SUFFIX,jkforum.net,Proxy
- DOMAIN-SUFFIX,joinmastodon.org,Proxy
- DOMAIN-SUFFIX,kakao.com,Proxy
- DOMAIN-SUFFIX,lihkg.com,Proxy
- DOMAIN-SUFFIX,live.com,Proxy
- DOMAIN-SUFFIX,mail.ru,Proxy
- DOMAIN-SUFFIX,matters.news,Proxy
- DOMAIN-SUFFIX,medium.com,Proxy
- DOMAIN-SUFFIX,mega.nz,Proxy
- DOMAIN-SUFFIX,mil,Proxy
- DOMAIN-SUFFIX,mobile01.com,Proxy
- DOMAIN-SUFFIX,naver.com,Proxy
- DOMAIN-SUFFIX,nikkei.com,Proxy
- DOMAIN-SUFFIX,nofile.io,Proxy
- DOMAIN-SUFFIX,now.com,Proxy
- DOMAIN-SUFFIX,nyt.com,Proxy
- DOMAIN-SUFFIX,nytchina.com,Proxy
- DOMAIN-SUFFIX,nytcn.me,Proxy
- DOMAIN-SUFFIX,nytco.com,Proxy
- DOMAIN-SUFFIX,nytimes.com,Proxy
- DOMAIN-SUFFIX,nytimg.com,Proxy
- DOMAIN-SUFFIX,nytlog.com,Proxy
- DOMAIN-SUFFIX,nytstyle.com,Proxy
- DOMAIN-SUFFIX,ok.ru,Proxy
- DOMAIN-SUFFIX,okex.com,Proxy
- DOMAIN-SUFFIX,pcloud.com,Proxy
- DOMAIN-SUFFIX,pinimg.com,Proxy
- DOMAIN-SUFFIX,pixiv.net,Proxy
- DOMAIN-SUFFIX,pornhub.com,Proxy
- DOMAIN-SUFFIX,pureapk.com,Proxy
- DOMAIN-SUFFIX,quora.com,Proxy
- DOMAIN-SUFFIX,quoracdn.net,Proxy
- DOMAIN-SUFFIX,rakuten.co.jp,Proxy
- DOMAIN-SUFFIX,reddit.com,Proxy
- DOMAIN-SUFFIX,redditmedia.com,Proxy
- DOMAIN-SUFFIX,resilio.com,Proxy
- DOMAIN-SUFFIX,reuters.com,Proxy
- DOMAIN-SUFFIX,scmp.com,Proxy
- DOMAIN-SUFFIX,scribd.com,Proxy
- DOMAIN-SUFFIX,seatguru.com,Proxy
- DOMAIN-SUFFIX,shadowsocks.org,Proxy
- DOMAIN-SUFFIX,slideshare.net,Proxy
- DOMAIN-SUFFIX,soundcloud.com,Proxy
- DOMAIN-SUFFIX,startpage.com,Proxy
- DOMAIN-SUFFIX,steamcommunity.com,Proxy
- DOMAIN-SUFFIX,steemit.com,Proxy
- DOMAIN-SUFFIX,t66y.com,Proxy
- DOMAIN-SUFFIX,teco-hk.org,Proxy
- DOMAIN-SUFFIX,teco-mo.org,Proxy
- DOMAIN-SUFFIX,teddysun.com,Proxy
- DOMAIN-SUFFIX,theinitium.com,Proxy
- DOMAIN-SUFFIX,tineye.com,Proxy
- DOMAIN-SUFFIX,torproject.org,Proxy
- DOMAIN-SUFFIX,tumblr.com,Proxy
- DOMAIN-SUFFIX,turbobit.net,Proxy
- DOMAIN-SUFFIX,twitch.tv,Proxy
- DOMAIN-SUFFIX,udn.com,Proxy
- DOMAIN-SUFFIX,unseen.is,Proxy
- DOMAIN-SUFFIX,upmedia.mg,Proxy
- DOMAIN-SUFFIX,uptodown.com,Proxy
- DOMAIN-SUFFIX,ustream.tv,Proxy
- DOMAIN-SUFFIX,uwants.com,Proxy
- DOMAIN-SUFFIX,v2ray.com,Proxy
- DOMAIN-SUFFIX,viber.com,Proxy
- DOMAIN-SUFFIX,videopress.com,Proxy
- DOMAIN-SUFFIX,vimeo.com,Proxy
- DOMAIN-SUFFIX,voxer.com,Proxy
- DOMAIN-SUFFIX,vzw.com,Proxy
- DOMAIN-SUFFIX,w3schools.com,Proxy
- DOMAIN-SUFFIX,wattpad.com,Proxy
- DOMAIN-SUFFIX,whoer.net,Proxy
- DOMAIN-SUFFIX,wikimapia.org,Proxy
- DOMAIN-SUFFIX,wikipedia.org,Proxy
- DOMAIN-SUFFIX,wire.com,Proxy
- DOMAIN-SUFFIX,worldcat.org,Proxy
- DOMAIN-SUFFIX,wsj.com,Proxy
- DOMAIN-SUFFIX,wsj.net,Proxy
- DOMAIN-SUFFIX,xboxlive.com,Proxy
- DOMAIN-SUFFIX,xvideos.com,Proxy
- DOMAIN-SUFFIX,yahoo.com,Proxy
- DOMAIN-SUFFIX,yesasia.com,Proxy
- DOMAIN-SUFFIX,yes-news.com,Proxy
- DOMAIN-SUFFIX,yomiuri.co.jp,Proxy
- DOMAIN-SUFFIX,you-get.org,Proxy
- DOMAIN-SUFFIX,zb.com,Proxy
- DOMAIN-SUFFIX,zello.com,Proxy
- DOMAIN-SUFFIX,zeronet.io,Proxy
- DOMAIN,cdn-images.mailchimp.com,Proxy
- DOMAIN,id.heroku.com,Proxy
- DOMAIN-KEYWORD,github,Proxy
- DOMAIN-KEYWORD,jav,Proxy
- DOMAIN-KEYWORD,pinterest,Proxy
- DOMAIN-KEYWORD,porn,Proxy
- DOMAIN-KEYWORD,wikileaks,Proxy
# (Region-Restricted Access Denied)
- DOMAIN-SUFFIX,apartmentratings.com,Proxy
- DOMAIN-SUFFIX,apartments.com,Proxy
- DOMAIN-SUFFIX,bankmobilevibe.com,Proxy
- DOMAIN-SUFFIX,bing.com,Proxy
- DOMAIN-SUFFIX,booktopia.com.au,Proxy
- DOMAIN-SUFFIX,centauro.com.br,Proxy
- DOMAIN-SUFFIX,clearsurance.com,Proxy
- DOMAIN-SUFFIX,costco.com,Proxy
- DOMAIN-SUFFIX,crackle.com,Proxy
- DOMAIN-SUFFIX,depositphotos.cn,Proxy
- DOMAIN-SUFFIX,dish.com,Proxy
- DOMAIN-SUFFIX,dmm.co.jp,Proxy
- DOMAIN-SUFFIX,dmm.com,Proxy
- DOMAIN-SUFFIX,dnvod.tv,Proxy
- DOMAIN-SUFFIX,esurance.com,Proxy
- DOMAIN-SUFFIX,extmatrix.com,Proxy
- DOMAIN-SUFFIX,fastpic.ru,Proxy
- DOMAIN-SUFFIX,flipboard.com,Proxy
- DOMAIN-SUFFIX,fnac.be,Proxy
- DOMAIN-SUFFIX,fnac.com,Proxy
- DOMAIN-SUFFIX,funkyimg.com,Proxy
- DOMAIN-SUFFIX,fxnetworks.com,Proxy
- DOMAIN-SUFFIX,gettyimages.com,Proxy
- DOMAIN-SUFFIX,jcpenney.com,Proxy
- DOMAIN-SUFFIX,kknews.cc,Proxy
- DOMAIN-SUFFIX,nationwide.com,Proxy
- DOMAIN-SUFFIX,nbc.com,Proxy
- DOMAIN-SUFFIX,nordstrom.com,Proxy
- DOMAIN-SUFFIX,nordstromimage.com,Proxy
- DOMAIN-SUFFIX,nordstromrack.com,Proxy
- DOMAIN-SUFFIX,read01.com,Proxy
- DOMAIN-SUFFIX,superpages.com,Proxy
- DOMAIN-SUFFIX,target.com,Proxy
- DOMAIN-SUFFIX,thinkgeek.com,Proxy
- DOMAIN-SUFFIX,tracfone.com,Proxy
- DOMAIN-SUFFIX,uploader.jp,Proxy
- DOMAIN-SUFFIX,vevo.com,Proxy
- DOMAIN-SUFFIX,viu.tv,Proxy
- DOMAIN-SUFFIX,vk.com,Proxy
- DOMAIN-SUFFIX,vsco.co,Proxy
- DOMAIN-SUFFIX,xfinity.com,Proxy
- DOMAIN-SUFFIX,zattoo.com,Proxy
- DOMAIN,abc.com,Proxy
- DOMAIN,abc.go.com,Proxy
- DOMAIN,abc.net.au,Proxy
- DOMAIN,wego.here.com,Proxy
# > Telegram
- DOMAIN-SUFFIX,t.me,Proxy
- DOMAIN-SUFFIX,tdesktop.com,Proxy
- DOMAIN-SUFFIX,telegra.ph,Proxy
- DOMAIN-SUFFIX,telegram.me,Proxy
- DOMAIN-SUFFIX,telegram.org,Proxy
- IP-CIDR,91.108.0.0/16,Proxy,no-resolve
- IP-CIDR,109.239.140.0/24,Proxy,no-resolve
- IP-CIDR,149.154.160.0/20,Proxy,no-resolve
- IP-CIDR6,2001:67c:4e8::/48,Proxy,no-resolve
- IP-CIDR6,2001:b28:f23d::/48,Proxy,no-resolve
- IP-CIDR6,2001:b28:f23f::/48,Proxy,no-resolve
#USER-AGENT,Roam*,Proxy
# (The Most Popular Sites)
# > Apple
# > Apple URL Shortener
- DOMAIN-SUFFIX,appsto.re,Proxy
# > TestFlight
- DOMAIN,beta.itunes.apple.com,Proxy
# > iBooks Store download
- DOMAIN,books.itunes.apple.com,Proxy
# > iTunes Store Moveis Trailers
- DOMAIN,hls.itunes.apple.com,Proxy
# App Store Preview
- DOMAIN,itunes.apple.com,Proxy
# > Spotlight
- DOMAIN,api-glb-sea.smoot.apple.com,Proxy
# > Dictionary
- DOMAIN,lookup-api.apple.com,Proxy
#PROCESS-NAME,LookupViewService,Proxy
# > Google
- DOMAIN-SUFFIX,abc.xyz,Proxy
- DOMAIN-SUFFIX,android.com,Proxy
- DOMAIN-SUFFIX,androidify.com,Proxy
- DOMAIN-SUFFIX,dialogflow.com,Proxy
- DOMAIN-SUFFIX,autodraw.com,Proxy
- DOMAIN-SUFFIX,capitalg.com,Proxy
- DOMAIN-SUFFIX,certificate-transparency.org,Proxy
- DOMAIN-SUFFIX,chrome.com,Proxy
- DOMAIN-SUFFIX,chromeexperiments.com,Proxy
- DOMAIN-SUFFIX,chromestatus.com,Proxy
- DOMAIN-SUFFIX,chromium.org,Proxy
- DOMAIN-SUFFIX,creativelab5.com,Proxy
- DOMAIN-SUFFIX,debug.com,Proxy
- DOMAIN-SUFFIX,deepmind.com,Proxy
- DOMAIN-SUFFIX,firebaseio.com,Proxy
- DOMAIN-SUFFIX,getmdl.io,Proxy
- DOMAIN-SUFFIX,ggpht.com,Proxy
- DOMAIN-SUFFIX,gmail.com,Proxy
- DOMAIN-SUFFIX,gmodules.com,Proxy
- DOMAIN-SUFFIX,godoc.org,Proxy
- DOMAIN-SUFFIX,golang.org,Proxy
- DOMAIN-SUFFIX,gstatic.com,Proxy
- DOMAIN-SUFFIX,gv.com,Proxy
- DOMAIN-SUFFIX,gwtproject.org,Proxy
- DOMAIN-SUFFIX,itasoftware.com,Proxy
- DOMAIN-SUFFIX,madewithcode.com,Proxy
- DOMAIN-SUFFIX,material.io,Proxy
- DOMAIN-SUFFIX,polymer-project.org,Proxy
- DOMAIN-SUFFIX,admin.recaptcha.net,Proxy
- DOMAIN-SUFFIX,recaptcha.net,Proxy
- DOMAIN-SUFFIX,shattered.io,Proxy
- DOMAIN-SUFFIX,synergyse.com,Proxy
- DOMAIN-SUFFIX,tensorflow.org,Proxy
- DOMAIN-SUFFIX,tiltbrush.com,Proxy
- DOMAIN-SUFFIX,waveprotocol.org,Proxy
- DOMAIN-SUFFIX,waymo.com,Proxy
- DOMAIN-SUFFIX,webmproject.org,Proxy
- DOMAIN-SUFFIX,webrtc.org,Proxy
- DOMAIN-SUFFIX,whatbrowser.org,Proxy
- DOMAIN-SUFFIX,widevine.com,Proxy
- DOMAIN-SUFFIX,x.company,Proxy
- DOMAIN-SUFFIX,youtu.be,Proxy
- DOMAIN-SUFFIX,yt.be,Proxy
- DOMAIN-SUFFIX,ytimg.com,Proxy
# > Steam
- DOMAIN,media.steampowered.com,Proxy
- DOMAIN,store.steampowered.com,Proxy
# > Other
- DOMAIN-SUFFIX,0rz.tw,Proxy
- DOMAIN-SUFFIX,4bluestones.biz,Proxy
- DOMAIN-SUFFIX,9bis.net,Proxy
- DOMAIN-SUFFIX,allconnected.co,Proxy
- DOMAIN-SUFFIX,amazonaws.com,Proxy
- DOMAIN-SUFFIX,aol.com,Proxy
- DOMAIN-SUFFIX,bcc.com.tw,Proxy
- DOMAIN-SUFFIX,bit.ly,Proxy
- DOMAIN-SUFFIX,bitshare.com,Proxy
- DOMAIN-SUFFIX,blog.jp,Proxy
- DOMAIN-SUFFIX,blogimg.jp,Proxy
- DOMAIN-SUFFIX,blogtd.org,Proxy
- DOMAIN-SUFFIX,broadcast.co.nz,Proxy
- DOMAIN-SUFFIX,camfrog.com,Proxy
- DOMAIN-SUFFIX,cfos.de,Proxy
- DOMAIN-SUFFIX,citypopulation.de,Proxy
- DOMAIN-SUFFIX,cloudfront.net,Proxy
- DOMAIN-SUFFIX,ctitv.com.tw,Proxy
- DOMAIN-SUFFIX,cuhk.edu.hk,Proxy
- DOMAIN-SUFFIX,cusu.hk,Proxy
- DOMAIN-SUFFIX,discuss.com.hk,Proxy
- DOMAIN-SUFFIX,dropboxapi.com,Proxy
- DOMAIN-SUFFIX,edditstatic.com,Proxy
- DOMAIN-SUFFIX,flickriver.com,Proxy
- DOMAIN-SUFFIX,focustaiwan.tw,Proxy
- DOMAIN-SUFFIX,free.fr,Proxy
- DOMAIN-SUFFIX,ftchinese.com,Proxy
- DOMAIN-SUFFIX,gigacircle.com,Proxy
- DOMAIN-SUFFIX,gov,Proxy
- DOMAIN-SUFFIX,hk-pub.com,Proxy
- DOMAIN-SUFFIX,hosting.co.uk,Proxy
- DOMAIN-SUFFIX,hwcdn.net,Proxy
- DOMAIN-SUFFIX,jtvnw.net,Proxy
- DOMAIN-SUFFIX,linksalpha.com,Proxy
- DOMAIN-SUFFIX,manyvids.com,Proxy
- DOMAIN-SUFFIX,myactimes.com,Proxy
- DOMAIN-SUFFIX,newsblur.com,Proxy
- DOMAIN-SUFFIX,now.im,Proxy
- DOMAIN-SUFFIX,redditlist.com,Proxy
- DOMAIN-SUFFIX,signal.org,Proxy
- DOMAIN-SUFFIX,sparknotes.com,Proxy
- DOMAIN-SUFFIX,streetvoice.com,Proxy
- DOMAIN-SUFFIX,ttvnw.net,Proxy
- DOMAIN-SUFFIX,tv.com,Proxy
- DOMAIN-SUFFIX,twitchcdn.net,Proxy
- DOMAIN-SUFFIX,typepad.com,Proxy
- DOMAIN-SUFFIX,udnbkk.com,Proxy
- DOMAIN-SUFFIX,whispersystems.org,Proxy
- DOMAIN-SUFFIX,wikia.com,Proxy
- DOMAIN-SUFFIX,wn.com,Proxy
- DOMAIN-SUFFIX,wolframalpha.com,Proxy
- DOMAIN-SUFFIX,x-art.com,Proxy
- DOMAIN-SUFFIX,yimg.com,Proxy
- DOMAIN-KEYWORD,dlercloud,Proxy
- DOMAIN-SUFFIX,dler.cloud,Proxy
# Local Area Network
- DOMAIN-KEYWORD,announce,DIRECT
- DOMAIN-KEYWORD,torrent,DIRECT
- DOMAIN-KEYWORD,tracker,DIRECT
- DOMAIN-SUFFIX,smtp,DIRECT
- DOMAIN-SUFFIX,local,DIRECT
- IP-CIDR,192.168.0.0/16,DIRECT
- IP-CIDR,10.0.0.0/8,DIRECT
- IP-CIDR,172.16.0.0/12,DIRECT
- IP-CIDR,127.0.0.0/8,DIRECT
- IP-CIDR,100.64.0.0/10,DIRECT
# # > IQIYI
# - IP-CIDR,101.227.0.0/16,Bilibili|iQIYI|NeteaseMusic|TencentVideo
# - IP-CIDR,101.224.0.0/13,Bilibili|iQIYI|NeteaseMusic|TencentVideo
# - IP-CIDR,119.176.0.0/12,Bilibili|iQIYI|NeteaseMusic|TencentVideo
# # > Youku
# - IP-CIDR,106.11.0.0/16,Bilibili|iQIYI|NeteaseMusic|TencentVideo
# > Telegram
- IP-CIDR,67.198.55.0/24,Proxy
- IP-CIDR,91.108.4.0/22,Proxy
- IP-CIDR,91.108.8.0/22,Proxy
- IP-CIDR,91.108.12.0/22,Proxy
- IP-CIDR,91.108.16.0/22,Proxy
- IP-CIDR,91.108.56.0/22,Proxy
- IP-CIDR,109.239.140.0/24,Proxy
- IP-CIDR,149.154.160.0/20,Proxy
- IP-CIDR,205.172.60.0/22,Proxy
# (Extra IP-CIRD)
# > Google
- IP-CIDR,35.190.247.0/24,Proxy
- IP-CIDR,64.233.160.0/19,Proxy
- IP-CIDR,66.102.0.0/20,Proxy
- IP-CIDR,66.249.80.0/20,Proxy
- IP-CIDR,72.14.192.0/18,Proxy
- IP-CIDR,74.125.0.0/16,Proxy
- IP-CIDR,108.177.8.0/21,Proxy
- IP-CIDR,172.217.0.0/16,Proxy
- IP-CIDR,173.194.0.0/16,Proxy
- IP-CIDR,209.85.128.0/17,Proxy
- IP-CIDR,216.58.192.0/19,Proxy
- IP-CIDR,216.239.32.0/19,Proxy
# > Facebook
- IP-CIDR,31.13.24.0/21,Proxy
- IP-CIDR,31.13.64.0/18,Proxy
- IP-CIDR,45.64.40.0/22,Proxy
- IP-CIDR,66.220.144.0/20,Proxy
- IP-CIDR,69.63.176.0/20,Proxy
- IP-CIDR,69.171.224.0/19,Proxy
- IP-CIDR,74.119.76.0/22,Proxy
- IP-CIDR,103.4.96.0/22,Proxy
- IP-CIDR,129.134.0.0/17,Proxy
- IP-CIDR,157.240.0.0/17,Proxy
- IP-CIDR,173.252.64.0/19,Proxy
- IP-CIDR,173.252.96.0/19,Proxy
- IP-CIDR,179.60.192.0/22,Proxy
- IP-CIDR,185.60.216.0/22,Proxy
- IP-CIDR,204.15.20.0/22,Proxy
# > Twitter
- IP-CIDR,69.195.160.0/19,Proxy
- IP-CIDR,104.244.42.0/21,Proxy
- IP-CIDR,192.133.76.0/22,Proxy
- IP-CIDR,199.16.156.0/22,Proxy
- IP-CIDR,199.59.148.0/22,Proxy
- IP-CIDR,199.96.56.0/21,Proxy
- IP-CIDR,202.160.128.0/22,Proxy
- IP-CIDR,209.237.192.0/19,Proxy
# GeoIP China
- GEOIP,CN,Domestic
- MATCH,Others

28
1-代理Xray/Clash/clash-for-windows-config.yaml
View File

@@ -1,28 +0,0 @@
mixed-port: 7890
allow-lan: false
external-controller: 127.0.0.1:61889
secret: 5c090877-21bb-4006-a97c-0bd4bfbb9be9
log-level: info
ipv6: false
proxy-groups:
- name: PROXY-ALL
type: select
proxies:
- tc-sh
proxies:
- name: proxy-server
type: socks5
server: 192.168.11.19
port: 22999
username: zeaslity
password: password
- name: tc-sh
type: socks5
server: 42.192.52.227
port: 28888
username: zeaslity
password: lovemm.23
- name: tc-sh
type: socks5
server: 42.192.52.227
port: 28889

0
1-代理Xray/Clash/clash-socks5-server.yaml
View File

2
1-代理Xray/XRay-安装脚本/Xray安装脚本.txt
View File

@@ -10,3 +10,5 @@ systemctl enable xray
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ upgrade
journalctl -u xray -n 100 -f
xx.l4.ca.bg.107421.xyz

3
2-NGINX相关/107421.xyz/21-申请证书.sh
View File

@@ -27,6 +27,9 @@ export DOMAIN_NAME=xx.o1.vl.s4.107421.xyz
# Oracle-USA-Phoneix-R-OSel
export DOMAIN_NAME=xx.p2.vl.s4.107421.xyz
# BitsFlow-USA-LosAngles-CN2GIA
export DOMAIN_NAME=xx.l4.ca.bg.107421.xyz
export CF_Token="y-OqT1Gan37vBUC1YaedmkKbsH6Kf84RH6Ve2b5x"
export CF_Account_ID="dfaadeb83406ef5ad35da02617af9191"
export CF_Zone_ID="511894a4f1357feb905e974e16241ebb"