前言

最近在闲鱼上淘了一个二手 macbook m1 air 16+512，想着把 windows 上的 singbox 搬过去。因为之前都是跑的纯内核，所以这时也打算用纯内核来跑。

遇到第一个问题，配置文件是 1.11 时候写的，但是很多带 provider 的 singbox 修改版，都没有历史版本，不打 tag，编译出来的都是最新版本，或者是有 1.11 Tag，Fork 了一下自己跑 Github action，但是编译出来的是原版。或者是原仓库之前 action 跑过的，很多产物都已经失效了无法下载。

后面只能尝试用 1.12 版本，找了一个仓库 lux5am/sing-box，这个看着是挺不错的，然后下载了个 1.12 版本，但是配置跑不起来，一直报错 loop on detour: direct。

+0800 2026-01-21 20:07:33 INFO network: updated default interface en0, index 11
+0800 2026-01-21 20:07:33 DEBUG router: updating rule-set geosite-microsoft from URL: https://github.com/CHIZI-0618/v2ray-rules-dat/raw/refs/heads/release/singbox_rule_set/geosite-microsoft.srs
+0800 2026-01-21 20:07:33 DEBUG router: updating rule-set category-ads-all from URL: https://raw.githubusercontent.com/CHIZI-0618/v2ray-rules-dat/release/singbox_rule_set/geosite-category-ads-all.srs
+0800 2026-01-21 20:07:33 DEBUG router: updating rule-set cn-domain from URL: https://raw.githubusercontent.com/CHIZI-0618/v2ray-rules-dat/release/singbox_rule_set/geosite-cn.srs
+0800 2026-01-21 20:07:33 DEBUG router: updating rule-set category-games@cn from URL: https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-category-games@cn.srs
+0800 2026-01-21 20:07:33 DEBUG router: updating rule-set alibaba from URL: https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-alibaba.srs
+0800 2026-01-21 20:07:33 INFO outbound/direct: outbound connection to github.com:443
+0800 2026-01-21 20:07:33 DEBUG dns: lookup domain github.com
+0800 2026-01-21 20:07:33 INFO outbound/direct: outbound connection to raw.githubusercontent.com:443
+0800 2026-01-21 20:07:33 INFO outbound/direct: outbound connection to raw.githubusercontent.com:443
+0800 2026-01-21 20:07:33 DEBUG dns: lookup domain raw.githubusercontent.com
+0800 2026-01-21 20:07:33 DEBUG dns: lookup failed for github.com: loop on detour: direct

改了半天配置，又去参考了一下别人的，或者是换另外一个仓库的 1.12 修改版，最终都跑不起来，折腾了好久最终是放弃了。然后想着，如果后面又遇到这种问题，再加上 singbox 的配置语法经常变更，后面又得折腾一下，想了想还是换内核吧。

那也没啥好选了，只能是 mihomo 了。于是就弄了一下这玩意的开机自启。

配置开机自启

主要是参考：OKHK ✨ macOS 上 配置 Launchctl 运行 Clash Meta（Mihomo）内核服务
其实里面文件的路径应该是能变的，但是我为了复制方便，直接就用文章的了 。

核心文件准备

sudo mv mihomo-darwin-arm64-v1.19.19 /usr/local/bin/clash
sudo chown root clash
sudo chmod +x clash
mkdir -p /Users/app/.config/clash
mv config.yaml /Users/app/.config/clash
chmod 644 /Users/app/.config/clash/config.yaml

launchctl 配置文件

/usr/local/bin/start_clash_with_dns.sh：设置 dns + 启动核心

#!/bin/bash set -e

export PATH="/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin" export HOME="/Users/app" timeout=120
elapsed=0
while [ $elapsed -lt $timeout ]; do if scutil --dns | grep -q "nameserver"; then
        networksetup -setdnsservers Wi-Fi 198.18.0.2
        echo "$(date) DNS:198.18.0.2" >> /Users/app/.config/clash/clash_dns.log
        break fi sleep 5
    elapsed=$((elapsed + 5))
done exec /usr/local/bin/clash -d /Users/app/.config/clash

/Library/LaunchDaemons/clash.plist：launchctl plist 配置文件

<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>clash</string> <key>ProgramArguments</key> <array> <string>/bin/bash</string> <string>/usr/local/bin/start_clash_with_dns.sh</string> </array> <key>RunAtLoad</key> <true/> <key>WorkingDirectory</key> <string>/Users/app/.config/clash</string> <key>StandardOutPath</key> <string>/Users/app/.config/clash/clash_stdout.log</string> <key>StandardErrorPath</key> <string>/Users/app/.config/clash/clash_stderr.log</string> </dict> </plist> 

授予权限：

sudo chown root /Library/LaunchDaemons/clash.plist
sudo chmod 644 /Library/LaunchDaemons/clash.plist
sudo chown root /usr/local/bin/start_clash_with_dns.sh
sudo chmod +x /usr/local/bin/start_clash_with_dns.sh

启动服务

第一次启动用下面的命令，如果是已经 load 过的，用下面的 alias 的 startclash。
反复 load 会出错或者是 unload 还没有 load 的也会出错，但是错误日志没有具体怎么写，这里提醒一下。

sudo launchctl load /Library/LaunchDaemons/clash.plist

一些常用命令

重启

sudo launchctl unload /Library/LaunchDaemons/clash.plist
sudo launchctl load /Library/LaunchDaemons/clash.plist

alias 用于方便手动控制：

alias stopclash='sudo launchctl stop clash && networksetup -setdnsservers Wi-Fi Empty && sudo launchctl list | grep clash' alias startclash='sudo launchctl start clash && networksetup -setdnsservers Wi-Fi 192.168.0.2 && sudo launchctl list | grep clash' 

uu 远程连接不上

tun 启动之后不知道为什么 uu 远程用不了，显示没有网络链接。
问了一下 AI，给了一些方法，现在虽然是解决，但我不知道具体是哪个命令解决的。
这里我都贴出来有遇到的老友可以试一试这一些方法，如果关闭 clash 之后没有网络，可以开关一下 wifi，这样就有网络了。

sudo route -n flush
sudo ifconfig en0 down
sudo ifconfig en0 up
sudo pkill -f "uu\|tun" sudo rm /Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist
sudo rm /Library/Preferences/SystemConfiguration/NetworkInterfaces.plist
sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder

sudo route -n flush 这个可以执行多次，时不时执行一下，比如关闭 uu 远程之后，打开了之后。
如果实在不行就把 uu 远程卸载了，重启电脑，再安装上，然后再试试。不行的话就再执行一下上面这些命令。
查看路由表： netstat -rn -f inet

Surge iOS/Mac 配置又双叒叕更新辽一下，更适合中国宝宝食用的 Surge 配置

配置预览

GitHUB：GitHub - curtinp118/Surge5: 专为 Surge Pro 用户打造的配置文件：集成智能地区分流、多订阅自动聚合、隐私保护及主流应用策略优化，安全稳定且易于定制。

主要特性

• 极致分流：

  • 多地区策略：预设香港、美国、日本、台湾、韩国、新加坡等地区优选策略组 (smart 模式)。
  • 应用级优化：针对 Netflix, YouTube, Spotify, Disney+, Telegram, Google, Apple 等常用服务独立分流。
  • 自动测速与故障转移：核心策略组采用自动测速，确保始终连接最快节点。

• 多订阅聚合：

  • 预设 🔰 Sub-01 至 🔰 Sub-04 四个标准订阅。
  • 通过 HUB 策略组自动聚合所有订阅节点，无需手动管理。

• 隐私与去广告：

  • 集成主流去广告规则集 (Adblock4limbo 等)。
  • 内置隐私保护规则，屏蔽跟踪器与恶意网站。
  • DNS 防泄漏与 DoH (DNS over HTTPS) 支持。

• 安全策略适度
  仅对 Google 域名启用 HTTPS 解密，避免不必要的风险和性能开销。

如何使用

1. 下载配置

1. 配置文件长按复制，打开 Surge5，点击 - 导入 - 从 URL 下载配置。

2. 填入订阅信息

使用文本编辑器打开配置文件，定位到 [Proxy Group] 区域：

[Proxy Group]
...
🔰 Sub-01 = select, policy-path=http://example.com/api/v1/client/subscribe?token=YOUR_TOKEN&flag, ...
🔰 Sub-02 = select, policy-path=https://example.com/api/v1/client/subscribe?token=YOUR_TOKEN, ...

• 将 YOUR_TOKEN 替换为你的机场订阅 Token。
• 或者直接替换整段 policy-path 链接。

3. 配置安全认证 (可选但推荐)

定位到 [General] 区域，修改远程控制密码：

[General] external-controller-access = YOUR_PASSWORD@127.0.0.1:6170 http-api = YOUR_PASSWORD@0.0.0.0:6171 

将 YOUR_PASSWORD 替换为你自己的强密码。

4. 启用 MITM 功能

为了实现 HTTPS 解密（用于去广告、URL 重写等高级功能），你需要配置 CA 证书。

方法 A：生成新证书（推荐新手）

1. 导入配置到 Surge。
2. 进入 Surge 设置 → MitM → 配置根证书。
3. 点击 “生成新的 CA 证书”，并按照提示安装并信任证书。

方法 B：填入已有证书
如果你已有 P12 证书，替换 [MITM] 区域的占位符：

[MITM] ca-passphrase = YOUR_PASSPHRASE
ca-p12 = YOUR_P12_BASE64_DATA

策略组说明

核心策略组

地区智能优选 (Smart)

这些策略组会自动从所有节点中筛选对应地区的节点，并选择延迟最低的节点使用。

应用与服务分流

针对特定应用或服务的独立分流策略，确保最佳访问体验。

故障转移策略 (Fallback)

感觉 surge 还是好用呀。

[General]
loglevel = notify
# 从 Surge iOS 4 / Surge Mac 3.3.0 起，工具开始支持 DoH
dns-server = 223.5.5.5, 119.29.29.29, 223.6.6.6, 180.76.76.76, 114.114.115.115, 114.114.114.114, 8.8.8.8, 8.8.4.4, 1.1.1.1, 1.0.0.1, 208.67.222.222, 208.67.220.220, system
# https://dns.alidns.com/dns-query, https://13800000000.rubyfish.cn/, https://doh.360.cn/dns-query, https://dns.google/dns-query
skip-proxy = 192.178.0.0/16,127.0.0.1, 192.168.0.0/16,192.18.0.0/16, 198.18.0.1,198.18.0.0/16,10.0.0.0/8, 172.16.0.0/12, 100.64.0.0/10,192.168.65.0/24, localhost, *.local,passenger.t3go.cn, sequoia.apple.com, seed-sequoia.siri.apple.com
wifi-assist = false
wifi-access-http-port = 6152
wifi-access-socks5-port = 6153
http-api-web-dashboard = true
replica = 0
tls-provider = default
network-framework = false
exclude-simple-hostnames = true
ipv6 = true
test-timeout = 2
proxy-test-url = http://cp.cloudflare.com/generate_204
geoip-maxmind-url = https://cdn.jsdelivr.net/gh/Hackl0us/GeoIP2-CN@release/Country.mmdb
use-local-host-item-for-proxy = true
show-error-page-for-reject = true
# 高级设置
# > 日志级别
# > 当遇到 REJECT 策略时返回错误页
always-real-ip = msftconnecttest.com, msftncsi.com, *.msftconnecttest.com, *.msftncsi.com, *.srv.nintendo.net, *.stun.playstation.net, xbox.*.microsoft.com, *.xboxlive.com, *.battlenet.com.cn, *.battlenet.com, *.blzstatic.cn, *.battle.net
# > Always Real IP Hosts
force-http-engine-hosts = *.ott.cibntv.net, 123.59.31.1,119.18.193.135, 122.14.246.33, 175.102.178.52, 116.253.24.*, 175.6.26.*, 220.169.153.*
# > TCP Force HTTP Hosts
# KOOWO - 123.59.31.1,119.18.193.135, 122.14.246.33, 175.102.178.52
# TencentVideo - 116.253.24.*, 175.6.26.*, 220.169.153.*
tun-excluded-routes = 239.255.255.250/32
# > VIF Excluded Routes
allow-wifi-access = false
http-api-tls = false
encrypted-dns-server = https://doh.pub/dns-query, https://dns.alidns.com/dns-query
http-listen = 0.0.0.0
socks5-listen = 0.0.0.0

[Proxy]
Direct = direct, allow-other-interface=true
Reject = reject
WARP = wireguard, section-name=Cloudflare, test-url=http://cp.cloudflare.com/generate_204
#这个场景是在公司办公的时候： 1、公司网络有两种，WiFi只有外网，外网网速快，网线有外网和公网。配置了这个策略，内网走网线，外网走WiFi，具体的接口自己找一下即可。
公司网络 = direct, interface=en7, allow-other-interface=true
VMess_WS = 
trojan_tcp_Trojan = 
dmit-torjan = 
公司vpn = direct, interface=ppp0, allow-other-interface=true, dns-follow-interface=true  #有远程办公的需求，mac我们公司vpn 比较老，必须要加路由才行，配置了这个就不用加路由了。连接即用 surge 下面进行分流
家宽 = 家宽的信息, underlying-proxy=机场 #(配置机场做了链式代理) 

[Proxy Group]
#节点信息我做了删除，补充自己的进来。注意，名称如果错误记得调整下。
Proxy = select, 机场, VMess_WS, trojan_tcp_Trojan, dmit-torjan, 家宽, include-all-proxies=0
🛡Guard = select, Reject, Direct
机场 = select, 

[Rule]
DOMAIN-SUFFIX,linux.do,trojan_tcp_Trojan,extended-matching
IP-CIDR,69.63.208.186,DIRECT,no-resolve
IP-CIDR,148.135.32.199,DIRECT,no-resolve
RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/ChinaMedia/ChinaMedia.list,DIRECT,"update-interval=7200"
RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/GlobalMedia/GlobalMedia_All_No_Resolve.list,Proxy,"update-interval=7200"
# RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/ChinaMax/ChinaMax_All.list,DIRECT,"update-interval=7200"
RULE-SET,https://github.com/blackmatrix7/ios_rule_script/tree/master/rule/Surge/Gemini,家宽,"update-interval=7200"
RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/115/115.list,DIRECT,"update-interval=7200"
RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/OpenAI/OpenAI.list,家宽,extended-matching,"update-interval=7200"
DOMAIN-SUFFIX,navicat.com.cn,Reject
DOMAIN-SUFFIX,navicat.com,Reject
RULE-SET,https://raw.githubusercontent.com/limbopro/Adblock4limbo/main/Adblock4limbo_surge.list,Reject,"update-interval=3600"

#谷歌的走家宽，家宽用机场链式代理。
RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Google/Google.list,家宽,extended-matching,"update-interval=3600"
RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/GoogleDrive/GoogleDrive.list,家宽,extended-matching,"update-interval=3600"
RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/GoogleEarth/GoogleEarth.list,家宽,extended-matching,"update-interval=3600"
RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/GoogleFCM/GoogleFCM.list,家宽,extended-matching,"update-interval=3600"
RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/GoogleSearch/GoogleSearch.list,家宽,extended-matching,"update-interval=3600"
DOMAIN,juejin.cn,DIRECT
DOMAIN,copilot-telemetry-service.copilot.supercopilot.top,DIRECT,extended-matching
DOMAIN,copilot-proxy.copilot.supercopilot.top,DIRECT,extended-matching
DOMAIN,api.copilot.supercopilot.top,DIRECT,extended-matching
DOMAIN,copilot.supercopilot.top,DIRECT,extended-matching
# Non IP
RULE-SET,https://ruleset.skk.moe/List/non_ip/reject-no-drop.conf,REJECT
RULE-SET,https://ruleset.skk.moe/List/non_ip/reject.conf,REJECT,extended-matching
RULE-SET,https://ruleset.skk.moe/List/non_ip/reject-drop.conf,REJECT
RULE-SET,https://ruleset.skk.moe/List/ip/reject.conf,REJECT
RULE-SET,https://ruleset.skk.moe/List/non_ip/reject-url-regex.conf,REJECT
RULE-SET,https://ruleset.skk.moe/List/non_ip/sogouinput.conf,REJECT
GEOIP,CN,DIRECT
RULE-SET,https://ruleset.skk.moe/List/non_ip/lan.conf,DIRECT
# IP
RULE-SET,https://ruleset.skk.moe/List/ip/lan.conf,DIRECT
RULE-SET,https://ruleset.skk.moe/List/non_ip/apple_cn.conf,DIRECT
# Non IP
# 基础的 12 万拦截域名
# URL-REGEX
# 额外 20 万拦截域名，作为基础的补充，启用时需要搭配基础一起使用
# 在 Surge 5 for Mac（或更新版本），即使同时启用基础和额外的拦截域名也不会导致匹配性能下降或内存占用过高
# 需搭配 Surge 模块 https://ruleset.skk.moe/Modules/sukka_mitm_hostnames.sgmodule 使用
# MITM 和 URL-REGEX 性能开销极大，不推荐使用

# IP
DOMAIN-SET,https://ruleset.skk.moe/List/domainset/speedtest.conf,Proxy,extended-matching
DOMAIN-SET,https://ruleset.skk.moe/List/domainset/cdn.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/non_ip/cdn.conf,Proxy
# 北美相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_us.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/ip/stream_us.conf,Proxy
# 欧洲相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_eu.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/ip/stream_eu.conf,Proxy
# 日本相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_jp.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/ip/stream_jp.conf,Proxy
# 韩国相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_kr.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/ip/stream_kr.conf,Proxy
# 香港相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_hk.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/ip/stream_hk.conf,Proxy
# 台湾相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_tw.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/ip/stream_tw.conf,Proxy
# 所有流媒体（包括上述所有流媒体）
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/ip/stream.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/non_ip/ai.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/non_ip/telegram.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/ip/telegram.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/ip/telegram_asn.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/non_ip/microsoft_cdn.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/non_ip/microsoft.conf,Proxy
RULE-SET,https://ruleset.skk.moe/List/ip/china_ip.conf,DIRECT
# Only use it if you are using IPv6
RULE-SET,https://ruleset.skk.moe/List/ip/china_ip_ipv6.conf,DIRECT



RULE-SET,https://raw.githubusercontent.com/limbopro/Adblock4limbo/main/Adblock4limbo_surge.list,REJECT,"update-interval=3600"
# MacWk.com Start
# DaisyDisk
DOMAIN,daisydiskapp.com,REJECT
# Viscosity
DOMAIN,sparklabs.com,REJECT
DOMAIN,swupdate.sparklabs.com,REJECT
DOMAIN,www.sparklabs.com,REJECT
# Sidify Music Converter
DOMAIN,www.sidify.com,REJECT
DOMAIN,sidify.com,REJECT
# Sublime Text
DOMAIN,www.sublimetext.com,REJECT
DOMAIN,sublimetext.com,REJECT
DOMAIN,license.sublimehq.com,REJECT
# MacWk.com End
AND,((PROTOCOL,UDP), (DEST-PORT,443)),REJECT-NO-DROP
PROCESS-NAME,v2ray,DIRECT
PROCESS-NAME,clash,DIRECT
PROCESS-NAME,ss-local,DIRECT
PROCESS-NAME,privoxy,DIRECT
PROCESS-NAME,trojan,DIRECT
PROCESS-NAME,trojan-go,DIRECT
PROCESS-NAME,naive,DIRECT
PROCESS-NAME,fdm,DIRECT
PROCESS-NAME,Thunder,DIRECT
PROCESS-NAME,Folx,DIRECT
PROCESS-NAME,DownloadService,DIRECT
PROCESS-NAME,qBittorrent,DIRECT
PROCESS-NAME,Transmission,DIRECT
PROCESS-NAME,fdm,DIRECT
PROCESS-NAME,aria2c,DIRECT
PROCESS-NAME,Folx,DIRECT
PROCESS-NAME,NetTransport,DIRECT
PROCESS-NAME,uTorrent,DIRECT
PROCESS-NAME,WebTorrent,DIRECT
PROCESS-NAME,"WebTorrent Helper",DIRECT
# Local Area Network 局域网
RULE-SET,LAN,DIRECT
DOMAIN-SET,https://cdn.jsdelivr.net/gh/Loyalsoldier/surge-rules@release/private.txt,DIRECT
DOMAIN-SET,https://cdn.jsdelivr.net/gh/Loyalsoldier/surge-rules@release/reject.txt,REJECT
RULE-SET,SYSTEM,DIRECT
DOMAIN-SET,https://cdn.jsdelivr.net/gh/Loyalsoldier/surge-rules@release/tld-not-cn.txt,Proxy
DOMAIN-SET,https://cdn.jsdelivr.net/gh/Loyalsoldier/surge-rules@release/gfw.txt,Proxy
DOMAIN-SET,https://cdn.jsdelivr.net/gh/Loyalsoldier/surge-rules@release/greatfire.txt,Proxy
RULE-SET,https://cdn.jsdelivr.net/gh/Loyalsoldier/surge-rules@release/telegramcidr.txt,Proxy
# 实用规则片段集
# RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-News.list,Proxy
RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-proxy.list,Proxy
RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-direct.list,DIRECT
RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/CN.list,DIRECT
RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/common-ad-keyword.list,REJECT
RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/foreign.list,Proxy
RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/App/social/Telegram.list,Proxy
RULE-SET,LAN,DIRECT
# 最终规则
FINAL,Proxy,dns-failed

[Host]


[URL Rewrite]
^https?://(www.)?(g|google).cn https://www.google.com 302

[MITM]
skip-server-cert-verify = true
tcp-connection = true

其中节点自己换一换就可以用了。不行找 ai 跑一下自己的节点信息替换进去。
欢迎大家指正补充分流策略。

链式代理配置，其他如果自建的节点也可以按此方式配置：

一、背景介绍
因为最近换了联通卡，发现联通流量特别不经用，虽然看着有 100G，但是半个月不到就完了。所以只能搞一些骚操作了
这个就是以前的免流，效果各地区不一样，我这边重庆效果挺好。因为我的手机是 IOS，所以跳点挺高（推测是因为 IPV6 导致），所以标题给了一个省流
二、实现途径
在 VLESS 中，通过修改 HOST 地址为 pull.free.video.10010.com，走联通的公免流量达到免流效果（客户端和服务器都要修改，有些机场支持自定义 host）。

有国内服务器的可以上国内服务器，这样日常体验上基本无感。我没有国内服务器，只有通过联通办理的家宽（有公网 IP）来搭建 V2 服务器，日常使用上也是没什么差异。
V2 上还可以做分流操作，免流 + 翻墙一站式解决。
附上一个效果图

PS: 各位多点点赞让我赚点 LDC 呀

Sub-Converter 的模板，主要是对 dns 的部分做了一些适配，放置在 subconverter/base/clash.tpl，佬友们可以直接抄，或者觉得有不合理需要调整的地方也可以指正。

mixed-port: 7890 allow-lan: false mode: rule log-level: info tcp-concurrent: true global-client-fingerprint: chrome ipv6: false external-controller: '127.0.0.1:9090' hosts: dns.google: - 8.8.8.8 - 8.8.4.4 - '2001:4860:4860::8888' - '2001:4860:4860::8844' doh.pub: - 1.12.12.12 - 1.12.12.21 - 120.53.53.53 dns.alidns.com: - 223.5.5.5 - 223.6.6.6 - '2400:3200::1' - '2400:3200:baba::1' tun: enable: true stack: mixed dns-hijack: - 'any:53' - 'tcp://any:53' auto-route: true auto-detect-interface: true strict-route: true route-exclude-address: - 192.168.0.0/16 - 'fc00::/7' clash-for-android: append-system-dns: false profile: tracing: true store-selected: true store-fake-ip: true sniffer: enable: true override-destination: false force-dns-mapping: true parse-pure-ip: true sniff: TLS: ports: - 443 - 8443 HTTP: ports: - 80 - 8080-8880 QUIC: ports: - 443 - 8443 skip-domain: - Mijia Cloud - +.push.apple.com experimental: sniff-tls-sni: true dns: enable: true prefer-h3: false listen: '127.0.0.1:8853' respect-rules: true ipv6: false cache-algorithm: arc enhanced-mode: fake-ip fake-ip-range: 198.18.0.1/16 fake-ip-range6: 'fc00::/18' fake-ip-filter: - '*.lan' - '*.local' - '*.localhost' - '*.home.arpa' - time.*.com - time.*.gov - time.*.apple.com - ntp.*.com - +.pool.ntp.org - +.msftconnecttest.com - +.msftncsi.com - +.srv.nintendo.net - +.stun.playstation.net - xbox.*.microsoft.com - +.battlenet.com.cn - +.music.163.com - +.y.qq.com - +.bilivideo.cn - localhost.ptlogin2.qq.com - lens.l.google.com default-nameserver: - 223.5.5.5 - 119.29.29.29 nameserver: - 'https://dns.alidns.com/dns-query' - 'https://doh.pub/dns-query' fallback: - 'https://dns.google/dns-query' - 'https://1.1.1.1/dns-query' proxy-server-nameserver: - 'https://dns.alidns.com/dns-query' - 'https://doh.pub/dns-query' direct-nameserver: - 'https://dns.alidns.com/dns-query' - 'https://doh.pub/dns-query' nameserver-policy: 'geosite:cn': - 'https://dns.alidns.com/dns-query' - 'https://doh.pub/dns-query' dl.google.com: - 223.5.5.5 - 119.29.29.29 dl.l.google.com: - 223.5.5.5 - 119.29.29.29 +.in-addr.arpa: 10.0.0.1 +.ip6.arpa: 10.0.0.1 fallback-filter: geoip: true geoip-code: CN geosite: - gfw ipcidr: - 0.0.0.0/8 - 10.0.0.0/8 - 100.64.0.0/10 - 127.0.0.0/8 - 169.254.0.0/16 - 172.16.0.0/12 - 192.168.0.0/16 - 240.0.0.0/4

{% if local.clash.new_field_name == "true" %}
proxies: - name: dns-拦截 type: dns proxy-groups: ~ rules: ~
{% else %}
Proxy: ~ Proxy Group: ~ Rule: - 'DST-PORT,53,dns-拦截'
{% endif %}

从 自写的 QuantumultX 优化配置 🎉 继续说起
最近抽空又双更新了一下 QuantumultX 配置
目前 使用的 Surge 备用机 QuantumultX ，后面整理更新一下 Surge 配置
Github：https://github.com/curtinp118/QuantumultX

配置预览

以下为 Quantumult X 配置界面预览：

配置文件：

# 自用QuantumultX规则
# 更新日期：2026/01/12




[general]

# 直连网络测试URL
network_check_url = http://taobao.com/

# 节点延迟测试URL
server_check_url= http://www.gstatic.com/generate_204
#server_check_url = http://cp.cloudflare.com/generate_204

# 节点延迟测试超时参数
server_check_timeout=2000

# 配置文件图标
profile_img_url = https://raw.githubusercontent.com/curtinp118/QuantumultX/refs/heads/main/icons/Curtin.jpg


# 资源解析器 @XIAO_KOP 
resource_parser_url=https://raw.githubusercontent.com/KOP-XIAO/QuantumultX/master/Scripts/resource-parser.js

# 节点信息 @XIAO_KOP 
geo_location_checker=http://ip-api.com/json/?lang=zh-CN, https://raw.githubusercontent.com/KOP-XIAO/QuantumultX/master/Scripts/IP_API.js

# 绕过QuantumultX代理
excluded_routes=192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, 100.64.0.0/10, 17.0.0.0/8,239.255.255.250/32, 24.105.30.129/32, 185.60.112.157/32, 185.60.112.158/32, 182.162.132.1/32

# UDP白名单端口列表
udp_whitelist=1-442, 444-65535

# 不使用fake-ip 及远程解析域名列表
dns_exclusion_list=*.cmpassport.com, *.jegotrip.com.cn, *.icitymobile.mobi, id6.me, *.pingan.com.cn, *.cmbchina.com, *.localnetwork.uop, mfs.ykimg.com*.ttf, *.icbc.com.cn

# DoH请求头 User-Agent参数
;doh_user_agent=Agent/1.0



[dns]
# 禁用系统DNS
no-ipv6

# 禁用IPV6
no-system

# DNS 服务器列表
server=223.5.5.5
server=119.29.29.29
server=114.114.114.114
server=1.2.4.8
server=/*.taobao.com/223.5.5.5
server=/*.tmall.com/223.5.5.5
server=/*.alipay.com/223.5.5.5
server=/*.alicdn.com/223.5.5.5
server=/*.aliyun.com/223.5.5.5
server=/*.jd.com/119.28.28.28
server=/*.qq.com/119.28.28.28
server=/*.tencent.com/119.29.29.29
server=/*.bilibili.com/119.29.29.29
server=/hdslb.com/119.29.29.29
server=/*.163.com/119.29.29.29
server=/*.126.com/119.29.29.29
server=/*.126.net/119.29.29.29
server=/*.127.net/119.29.29.29
server=/*.netease.com/119.29.29.29
server=/*.mi.com/119.29.29.29
server=/*.xiaomi.com/119.29.29.29
address=/mtalk.google.com/108.177.125.188
server=/*.icloud.com/119.29.29.29
server=/*.icloud.com.cn/119.29.29.29
server=/*.weixin.com/119.29.29.29


# 策略组配置
[policy]
static=国内网站, direct, proxy, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Domestic.png
static=境外网站, proxy, Hong Kong, Taiwan, Japan, Korea, Singapore, United States, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Global.png
static=Apple, direct, proxy, img-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/apps/Apple_01.png
static=Netflix, PROXY, Hong Kong, Taiwan, Japan, Korea, Singapore, United States, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Netflix_Letter.png
static=YouTube, Hong Kong, Taiwan, Japan, Korea, Singapore, United States, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/YouTube.png
static=Spotify, direct, proxy, Hong Kong, Singapore, United States, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Spotify.png
static=ChatGPT, proxy, Singapore, United States, img-url=https://raw.githubusercontent.com/chxm1023/Script_X/main/icon/ChatGPT/ChatGPT3.png
static=Telegram, proxy, Hong Kong, Taiwan, Japan, Korea, Singapore, United States, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Telegram.png
static=Twitter, proxy, Hong Kong, Taiwan, Japan, Korea, Singapore, United States, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Twitter.png
static=AdBlock, direct, reject, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Advertising.png
static=Final, proxy, direct, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Final.png
url-latency-benchmark=Hong Kong, server-tag-regex=(?=.*(港|🇭🇰|香港|HK|(?i)Hong))^((?!(台|日|韩|新|美)).)*$, check-interval=1200, tolerance=0, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Hong_Kong.png
url-latency-benchmark=Taiwan, server-tag-regex=(?=.*(台|🇹🇼|臺|台湾|台灣|TW|(?i)Taiwan))^((?!(港|日|韩|新|美)).)*$, check-interval=1200, tolerance=0, alive-checking=false, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Taiwan.png
url-latency-benchmark=Japan, server-tag-regex=(?=.*(日|🇯🇵|日本|JP|(?i)Japan))^((?!(港|台|韩|新|美)).)*$, check-interval=1200, tolerance=0, alive-checking=false, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Japan.png
url-latency-benchmark=Korea, server-tag-regex=(?=.*(韩|🇰🇷|韓|韩国|韓國|南朝鲜|KR|(?i)Korean))^((?!(港|台|日|新|美)).)*$, check-interval=1800, tolerance=10, alive-checking=false, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Korea.png
url-latency-benchmark=Singapore, server-tag-regex=(?=.*(新|🇸🇬|狮|獅|SG|(?i)Singapore))^((?!(港|台|日|韩|美)).)*$, check-interval=600, tolerance=0, alive-checking=false, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Singapore.png
url-latency-benchmark=United States, server-tag-regex=(?=.*(美|🇺🇸|美国|美國|US|(?i)States|American))^((?!(港|台|日|韩|新)).)*$, check-interval=600, tolerance=0, alive-checking=false, img-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/United_States.png




# 本地服务器节点
[server_local]



# 服务器订阅
[server_remote]
https://sub-url.com, tag=机场订阅, update-interval=604800, opt-parser=true, enabled=true



# 远程分流规则
[filter_remote]
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/QuantumultX/WeChat/WeChat.list, tag=WeChat (微信直连), force-policy=direct, update-interval=172800, opt-parser=false, enabled=true
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/QuantumultX/China/China.list, tag=Mainland (国内网站), force-policy=国内网站, update-interval=86400, opt-parser=true, enabled=true
https://raw.githubusercontent.com/TG-Twilight/AWAvenue-Ads-Rule/main/Filters/AWAvenue-Ads-Rule-QuantumultX.list, tag=Ads, force-policy=AdBlock, update-interval=172800, opt-parser=false, enabled=true
https://github.com/Repcz/Tool/raw/X/QuantumultX/Rules/OpenAI.list, tag=OpenAI, force-policy=ChatGPT, update-interval=172800, opt-parser=false, enabled=true
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/QuantumultX/Global/Global.list, tag=Outside (境外网站), force-policy=proxy, update-interval=86400, opt-parser=true, enabled=true
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/QuantumultX/Apple/Apple.list, tag=Apple (Apple服务), force-policy=Apple, update-interval=86400, opt-parser=false, enabled=true
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/QuantumultX/Netflix/Netflix.list, tag=Netflix（奈飞）, force-policy=Netflix, update-interval=86400, opt-parser=false, enabled=true
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/QuantumultX/YouTube/YouTube.list, tag=YouTube（油管）, force-policy=YouTube, update-interval=86400, opt-parser=false, enabled=true
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/QuantumultX/Spotify/Spotify.list, tag=Spotify（声破天）, force-policy=Spotify, update-interval=86400, opt-parser=false, enabled=true
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/QuantumultX/OpenAI/OpenAI.list, tag=ChatGPT（狗屁通）, force-policy=ChatGPT, update-interval=86400, opt-parser=true, inserted-resource=true, enabled=true
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/QuantumultX/Telegram/Telegram.list, tag=Telegram（电报）, force-policy=Telegram, update-interval=86400, opt-parser=false, enabled=true
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/QuantumultX/Twitter/Twitter.list, tag=Twitter（推特）, force-policy=Twitter, update-interval=86400, opt-parser=false, enabled=true
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/QuantumultX/Advertising/Advertising.list, tag=AdBlock (广告拦截), force-policy=AdBlock, update-interval=604800, opt-parser=false, enabled=true


# 本地分流规则
[filter_local]
host, glados.network, 境外网站
host, glados.rocks, 境外网站
host, update.glados-config.com, direct

# 避免迅雷版权问题
host, hub5idx.v6.shub.sandai.net, reject
host, hub5emu.v6.shub.sandai.net, reject
host, hub5btmain.v6.shub.sandai.net, reject

HOST-SUFFIX,95599.cn,direct
HOST-SUFFIX,abchina.com,direct
HOST-SUFFIX,bscabank.com,direct
HOST-SUFFIX,openaboc.cn,direct
HOST-SUFFIX,openaboc.com,direct
HOST-SUFFIX,openaboc.com.cn,direct
ip-cidr, 180.76.76.200/32, reject
host-suffix, local, direct
host-keyword, yattazen, proxy
ip-cidr, 10.0.0.0/8, direct
ip-cidr, 17.0.0.0/8, direct
ip-cidr, 100.64.0.0/10, direct
ip-cidr, 127.0.0.0/8, direct
ip-cidr, 172.16.0.0/12, direct
ip-cidr, 192.168.0.0/16, direct
ip-cidr, 224.0.0.0/24, direct
ip-cidr, 182.254.116.0/24, direct
geoip, cn, direct
final, Final


# 本地复写规则
[rewrite_local]

# 远程复写规则
[rewrite_remote]
https://raw.githubusercontent.com/chxm1023/Advertising/main/AppAd.conf, tag=App广告拦截, update-interval=172800, opt-parser=true, enabled=true
https://ddgksf2013.top/rewrite/StartUpAds.conf, tag=开屏广告拦截, update-interval=172800, opt-parser=true, enabled=true
https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rewrite/QuantumultX/Redirect/Redirect.conf, tag=重定向, update-interval=172800, opt-parser=true, enabled=true

# 定时任务，UI交互脚本，网络切换脚本配置
[task_local]


# 流媒体解锁查询
event-interaction https://raw.githubusercontent.com/KOP-XIAO/QuantumultX/master/Scripts/streaming-ui-check.js, tag=流媒体解锁查询, img-url=arrowtriangle.right.square.system, enabled=true

# GeoIP 查询
event-interaction https://raw.githubusercontent.com/KOP-XIAO/QuantumultX/master/Scripts/geo_location.js, tag=GeoIP 查询, img-url=location.fill.viewfinder.system

# 网络信息查询
event-interaction https://raw.githubusercontent.com/xream/scripts/main/surge/modules/network-info/net-lsp-x.js, tag=网络信息查询, img-url=link.circle.system, enabled=true


# 本地HTTP服务器
[http_backend]



[mitm]
hostname = 
passphrase = 
p12 = 

自用的 mihomo 配置分享，有完整配置和覆写脚本以及单规则的覆写脚本
个人配置仓库 Ayanami0 的配置仓库
配置不一定适合所有人，可以自行更改

以下是两个配置文件的预览

完整配置

###Ayanami0's config_full###
mixed-port: 7890
redir-port: 7891
tproxy-port: 1536
ipv6: false
mode: Rule
allow-lan: true
bind-address: "*"
disable-keep-alive: true
unified-delay: true
tcp-concurrent: true
log-level: silent
find-process-mode: strict
global-client-fingerprint: random

external-controller: 127.0.0.1:9090
secret: "123456"
external-ui: WebUI/Zashboard
external-ui-url: "https://github.com/Zephyruso/zashboard/releases/latest/download/dist-no-fonts.zip"
external-controller-cors:
  allow-origins:
    - "*"
  allow-private-network: true

profile:
  store-selected: true
  store-fake-ip: true
# —————————

p: &p
  type: http
  interval: 86400
  health-check:
    enable: true
    url: https://cp.cloudflare.com
    interval: 300
  proxy: DIRECT
  header:
      User-Agent:
        - "clash-verge/v2.2.3"
        - "ClashMetaForAndroid/2.11.2.Meta"
        - "ClashforWindows/0.19.23"
        - "clash.meta"
        - "mihomo"

proxy-providers:
  α:
    <<: *p
    override:
      additional-prefix: "α-"
    path: ./proxies/α.yaml
    url: ##"订阅链接"##

  β:
    <<: *p
    override:
      additional-prefix: "β-"
    path: ./proxies/β.yaml
    url: ##"订阅链接"##

  γ:
    <<: *p
    override:
      additional-prefix: "γ-"
    path: ./proxies/γ.yaml
    url: ##"订阅链接"##

  δ:
    <<: *p
    override:
      additional-prefix: "δ-"
    path: ./proxies/δ.yaml
    url: ##"订阅链接"##
# —————————

sniffer:
  enable: true
  force-dns-mapping: true
  parse-pure-ip: true
  override-destination: true
  sniff:
    HTTP:
      ports: [80, 8080-8880]
    TLS:
      ports: [443, 8443]
    QUIC:
      ports: [443, 8443]
  force-domain:
    - "+.v2ex.com"
  skip-domain:
    - "Mijia Cloud"
    - "+.push.apple.com"
# —————————

tun:
  enable: false
  device: Meta
  stack: mixed
  dns-hijack:
    - any:53
    - tcp://any:53
  udp-timeout: 300
  auto-route: true
  strict-route: true
  auto-redirect: false
  auto-detect-interface: true
# —————————

dns:
  enable: true
  ipv6: false
  listen: 0.0.0.0:1053
  prefer-h3: false     # 如果DNS服务器支持DoH3会优先使用h3，默认关
  respect-rules: true  # 让连接DNS服务器时能够遵循规则
  cache-algorithm: arc # 使用性能更优的 ARC 缓存算法
  cache-size: 2048     # 限制缓存大小，避免占用过多内存
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/16
  fake-ip-filter-mode: blacklist
  fake-ip-filter:
    - "*.lan"
    - "*.local"
    - "time.*.com"
    - "ntp.*.com"
    - "RULE-SET:Private_Domain"
    - "RULE-SET:GoogleFCM_Domain"
  default-nameserver:
    - 223.5.5.5
    - 119.29.29.29
    - 223.6.6.6
  direct-nameserver:
    - https://dns.alidns.com/dns-query
    - https://doh.pub/dns-query
  proxy-server-nameserver:
    - https://dns.alidns.com/dns-query
    - https://doh.pub/dns-query
  nameserver:
    - https://dns.google/dns-query
    - https://cloudflare-dns.com/dns-query
  nameserver-policy:
    "RULE-SET:ChinaMax_Domain,Microsoft_Domain,Apple_Domain":
       - https://dns.alidns.com/dns-query
       - https://doh.pub/dns-query
# —————————

lite: &lite
    type: select
    include-all: true

pg: &pg
    type: select
    proxies:
      - PROXY
      - HK
      - SG
      - JP
      - TW
      - US
      - WD
      - LowRate
      - DIRECT

proxy-groups:
  - name: PROXY
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/All.svg"
    type: select
    proxies:
      - HK
      - SG
      - JP
      - TW
      - US
      - WD
      - LowRate
      - DIRECT
    include-all: true

  - name: HK
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Hong_Kong.png"
    filter: "^(?=.*(港|HK|hk|Hong Kong|HongKong|hongkong)).*$"
    <<: *lite

  - name: SG
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Singapore.png"
    filter: "^(?=.*(新加坡|坡|狮城|SG|Singapore)).*$"
    <<: *lite

  - name: JP
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Japan.png"
    filter: "^(?=.*(日本|川日|东京|大阪|泉日|埼玉|沪日|深日|[^-]日|JP|Japan)).*$"
    <<: *lite

  - name: TW
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Taiwan.png"
    filter: "^(?=.*(台|新北|彰化|TW|Taiwan)).*$"
    <<: *lite

  - name: US
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/United_States.png"
    filter: "^(?=.*(美|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|US|United States|UnitedStates)).*$"
    <<: *lite

  - name: WD
    icon: "https://raw.githubusercontent.com/GitMetaio/Surfing/refs/heads/rm/Home/icon/Globe.svg"
    filter: "^(?!.*(港|HK|hk|Hong Kong|HongKong|hongkong|日本|川日|东京|大阪|泉日|埼玉|沪日|深日|[^-]日|JP|Japan|美|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|US|United States|UnitedStates|台|新北|彰化|TW|Taiwan|新加坡|坡|狮城|SG|Singapore|灾|网易|Netease|套餐|重置|剩余|到期|订阅|群|账户|流量|有效期|时间|官网)).*$"
    <<: *lite

  - name: LowRate
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Download.png"
    filter: (?<![0-9])0\.(?:0[0-9]{1,2}|[1-9])(?![0-9])
    <<: *lite

  - name: ADS
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/No-ads-all.svg"
    type: select
    proxies:
      - REJECT
      - PROXY

  - name: GAME
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Steam.svg"
    type: select
    proxies:
      - DIRECT
      - PROXY

  - name: Apple
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Apple.svg"
    type: select
    proxies:
      - DIRECT
      - PROXY

  - name: Microsoft
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Microsoft.svg"
    type: select
    proxies:
      - DIRECT
      - PROXY

  - name: GoogleFCM
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/GoogleFCM.svg"
    type: select
    proxies:
      - DIRECT
      - PROXY

  - name: Emby
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Emby.png"
    <<: *pg

  - name: Telegram
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Telegram.svg"
    <<: *pg

  - name: Discord
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Discord.svg"
    <<: *pg

  - name: Spotify
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Spotify.svg"
    <<: *pg

  - name: TikTok
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/TikTok.svg"
    <<: *pg

  - name: YouTube
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/YouTube.svg"
    <<: *pg

  - name: Netflix
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Netflix.svg"
    <<: *pg

  - name: Google
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Google.svg"
    <<: *pg

  - name: Facebook
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Facebook.svg"
    <<: *pg

  - name: OpenAI
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/OpenAI.svg"
    <<: *pg

  - name: GitHub
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/GitHub.svg"
    <<: *pg

  - name: Twitter(X)
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Twitter.svg"
    <<: *pg

  - name: FINAL
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/HBASE-copy.svg"
    <<: *pg

  - name: LOWEST
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Return.svg"
    type: url-test
    filter: "^(?!.*(套餐|重置|剩余|到期|订阅|群|账户|流量|有效期|时间|官网|失联|余额)).*$"
    include-all: true

  - name: FALLBACK
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Return.svg"
    type: fallback
    filter: "^(?!.*(套餐|重置|剩余|到期|订阅|群|账户|流量|有效期|时间|官网|失联|余额)).*$"
    include-all: true

  - name: BALANCE
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Return.svg"
    type: load-balance
    strategy: round-robin
    filter: "^(?!.*(套餐|重置|剩余|到期|订阅|群|账户|流量|有效期|时间|官网|失联|余额)).*$"
    include-all: true
# —————————

rule-anchor:
  YAML: &YAML
    {type: http, behavior: classical, format: yaml, interval: 86400}
  IPCIDR: &IPCIDR
    {type: http, behavior: ipcidr, format: mrs, interval: 86400}
  Domain: &Domain
    {type: http, behavior: domain, format: mrs, interval: 86400}

rule-providers:

###国内/私有###

  ChinaMax_IP:
    <<: *IPCIDR
    path: ./rules/ChinaMax_OCD_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/ChinaMax/ChinaMax_OCD_IP.mrs"
  ChinaMax_Domain:
    <<: *Domain
    path: ./rules/ChinaMax_OCD_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/ChinaMax/ChinaMax_OCD_Domain.mrs"
  Private_Domain:
    <<: *Domain
    path: ./rules/Lan_OCD_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Lan/Lan_OCD_Domain.mrs"
  Private_IP:
    <<: *IPCIDR
    path: ./rules/Lan_OCD_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Lan/Lan_OCD_IP.mrs"

###直连/代理规则###

  Direct:
    <<: *YAML
    path: ./ruleset/direct.yaml
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Direct/Direct.yaml"
  Global_Domain:
    <<: *Domain
    path: ./rules/Global_OCD_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Global/Global_OCD_Domain.mrs"
  Global_IP:
    <<: *IPCIDR
    path: ./rules/Global_OCD_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Global/Global_OCD_IP.mrs"

###去广告###

  AWAvenue_Ads_Rule:
    <<: *YAML
    path: ./ruleset/AWAvenue_Ads_Rule_Clash.yaml
    url: "https://raw.githubusercontent.com/TG-Twilight/AWAvenue-Ads-Rule/main//Filters/AWAvenue-Ads-Rule-Clash.yaml"

###游戏###

  Game_Domain:
    <<: *Domain
    path: ./rules/Game_OCD_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Game/Game_OCD_Domain.mrs"
  Game_IP:
    <<: *IPCIDR
    path: ./rules/Game_OCD_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Game/Game_OCD_IP.mrs"
  GameDownload_Domain:
    <<: *Domain
    path: ./rules/GameDownload_OCD_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Game/GameDownload/GameDownload_OCD_Domain.mrs"

###国外###

  Emby_Domain:
    <<: *Domain
    path: ./rules/Emby_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Emby/Emby_OCD_Domain.mrs"

  TikTok_Domain:
    <<: *Domain
    path: ./rules/TikTok.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/TikTok/TikTok_OCD_Domain.mrs"

  Spotify_Domain:
    <<: *Domain
    path: ./rules/Spotify.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Spotify/Spotify_OCD_Domain.mrs"
  Spotify_IP:
    <<: *IPCIDR
    path: ./rules/Spotify_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Spotify/Spotify_OCD_IP.mrs"

  Facebook_Domain:
    <<: *Domain
    path: ./rules/Facebook.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Facebook/Facebook_OCD_Domain.mrs"
  Facebook_IP:
    <<: *IPCIDR
    path: ./rules/Facebook_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Facebook/Facebook_OCD_IP.mrs"

  Telegram_Domain:
    <<: *Domain
    path: ./rules/Telegram.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Telegram/Telegram_OCD_Domain.mrs"
  Telegram_IP:
    <<: *IPCIDR
    path: ./rules/Telegram_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Telegram/Telegram_OCD_IP.mrs"
  Telegram_No_Resolve:
    <<: *YAML
    path: ./rules/Telegram_No_Resolve.yaml
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Telegram/Telegram_No_Resolve.yaml"

  YouTube_Domain:
    <<: *Domain
    path: ./rules/YouTube.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/YouTube/YouTube_OCD_Domain.mrs"
  YouTube_IP:
    <<: *IPCIDR
    path: ./rules/YouTube_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/YouTube/YouTube_OCD_IP.mrs"

  Google_Domain:
    <<: *Domain
    path: ./rules/Google.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Google/Google_OCD_Domain.mrs"
  Google_IP:
    <<: *IPCIDR
    path: ./rules/Google_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Google/Google_OCD_IP.mrs"

  GoogleFCM_Domain:
    <<: *Domain
    path: ./rules/GoogleFCM.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/GoogleFCM/GoogleFCM_OCD_Domain.mrs"
  GoogleFCM_IP:
    <<: *IPCIDR
    path: ./rules/GoogleFCM_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/GoogleFCM/GoogleFCM_OCD_IP.mrs"

  Microsoft_Domain:
    <<: *Domain
    path: ./rules/Microsoft.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Microsoft/Microsoft_OCD_Domain.mrs"

  Apple_Domain:
    <<: *Domain
    path: ./rules/Apple.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Apple/Apple_OCD_Domain.mrs"
  Apple_IP:
    <<: *IPCIDR
    path: ./rules/Apple_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Apple/Apple_OCD_IP.mrs"

  OpenAI_Domain:
    <<: *Domain
    path: ./rules/OpenAI.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/OpenAI/OpenAI_OCD_Domain.mrs"
  OpenAI_IP:
    <<: *IPCIDR
    path: ./rules/OpenAI_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/OpenAI/OpenAI_OCD_IP.mrs"

  Netflix_Domain:
    <<: *Domain
    path: ./rules/Netflix.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Netflix/Netflix_OCD_Domain.mrs"
  Netflix_IP:
    <<: *IPCIDR
    path: ./rules/Netflix_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Netflix/Netflix_OCD_IP.mrs"

  Discord_Domain:
    <<: *Domain
    path: ./rules/Discord.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Discord/Discord_OCD_Domain.mrs"

  GitHub_Domain:
    <<: *Domain
    path: ./rules/GitHub.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/GitHub/GitHub_OCD_Domain.mrs"

  Twitter_Domain:
    <<: *Domain
    path: ./rules/Twitter.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Twitter/Twitter_OCD_Domain.mrs"
  Twitter_IP:
    <<: *IPCIDR
    path: ./rules/Twitter_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Twitter/Twitter_OCD_IP.mrs"

rules:
  - DST-PORT,53,DIRECT
  - DST-PORT,853,DIRECT

  - RULE-SET,Direct,DIRECT               #直连规则
  - RULE-SET,AWAvenue_Ads_Rule,ADS       #去广告
  - RULE-SET,Game_Domain,Game            #游戏，走直连
  - RULE-SET,Game_IP,Game
  - RULE-SET,GameDownload_Domain,Game
  - RULE-SET,ChinaMax_Domain,DIRECT,no-resolve
  - RULE-SET,ChinaMax_IP,DIRECT
  - RULE-SET,Private_Domain,DIRECT
  - RULE-SET,Private_IP,DIRECT

  - RULE-SET,Emby_Domain,Emby

  - RULE-SET,GitHub_Domain,GitHub

  - RULE-SET,Discord_Domain,Discord

  - RULE-SET,TikTok_Domain,TikTok

  - RULE-SET,Twitter_Domain,Twitter(X)
  - RULE-SET,Twitter_IP,Twitter(X)

  - RULE-SET,YouTube_Domain,YouTube
  - RULE-SET,YouTube_IP,YouTube

  - RULE-SET,GoogleFCM_Domain,GoogleFCM
  - RULE-SET,GoogleFCM_IP,GoogleFCM

  - RULE-SET,Google_Domain,Google
  - RULE-SET,Google_IP,Google

  - RULE-SET,Netflix_Domain,Netflix
  - RULE-SET,Netflix_IP,Netflix

  - RULE-SET,Spotify_Domain,Spotify
  - RULE-SET,Spotify_IP,Spotify

  - RULE-SET,Facebook_Domain,Facebook
  - RULE-SET,Facebook_IP,Facebook

  - RULE-SET,OpenAI_Domain,OpenAI
  - RULE-SET,OpenAI_IP,OpenAI

  - RULE-SET,Apple_Domain,Apple
  - RULE-SET,Apple_IP,Apple

  - RULE-SET,Microsoft_Domain,Microsoft

  - RULE-SET,Telegram_Domain,Telegram
  - RULE-SET,Telegram_IP,Telegram,no-resolve
  - RULE-SET,Telegram_No_Resolve,Telegram,no-resolve

  - DOMAIN,browserleaks.com,FINAL

  - RULE-SET,Global_Domain,PROXY
  - RULE-SET,Global_IP,PROXY

  - MATCH,FINAL
# —————————

覆写脚本 (规则组和策略组版)

###Ayanami0's override_rule-full###
lite: &lite
    type: select
    include-all: true

pg: &pg
    type: select
    proxies:
      - PROXY
      - HK
      - SG
      - JP
      - TW
      - US
      - WD
      - LowRate
      - DIRECT

proxy-groups:
  - name: PROXY
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/All.svg"
    type: select
    proxies:
      - HK
      - SG
      - JP
      - TW
      - US
      - WD
      - LowRate
      - DIRECT
    include-all: true

  - name: HK
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Hong_Kong.png"
    filter: "^(?=.*(港|HK|hk|Hong Kong|HongKong|hongkong)).*$"
    <<: *lite

  - name: SG
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Singapore.png"
    filter: "^(?=.*(新加坡|坡|狮城|SG|Singapore)).*$"
    <<: *lite

  - name: JP
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Japan.png"
    filter: "^(?=.*(日本|川日|东京|大阪|泉日|埼玉|沪日|深日|[^-]日|JP|Japan)).*$"
    <<: *lite

  - name: TW
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Taiwan.png"
    filter: "^(?=.*(台|新北|彰化|TW|Taiwan)).*$"
    <<: *lite

  - name: US
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/United_States.png"
    filter: "^(?=.*(美|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|US|United States|UnitedStates)).*$"
    <<: *lite

  - name: WD
    icon: "https://raw.githubusercontent.com/GitMetaio/Surfing/refs/heads/rm/Home/icon/Globe.svg"
    filter: "^(?!.*(港|HK|hk|Hong Kong|HongKong|hongkong|日本|川日|东京|大阪|泉日|埼玉|沪日|深日|[^-]日|JP|Japan|美|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|US|United States|UnitedStates|台|新北|彰化|TW|Taiwan|新加坡|坡|狮城|SG|Singapore|灾|网易|Netease|套餐|重置|剩余|到期|订阅|群|账户|流量|有效期|时间|官网)).*$"
    <<: *lite

  - name: LowRate
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Download.png"
    filter: (?<![0-9])0\.(?:0[0-9]{1,2}|[1-9])(?![0-9])
    <<: *lite

  - name: ADS
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/No-ads-all.svg"
    type: select
    proxies:
      - REJECT
      - PROXY

  - name: GAME
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Steam.svg"
    type: select
    proxies:
      - DIRECT
      - PROXY

  - name: Apple
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Apple.svg"
    type: select
    proxies:
      - DIRECT
      - PROXY

  - name: Microsoft
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Microsoft.svg"
    type: select
    proxies:
      - DIRECT
      - PROXY

  - name: GoogleFCM
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/GoogleFCM.svg"
    type: select
    proxies:
      - DIRECT
      - PROXY

  - name: Emby
    icon: "https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Emby.png"
    <<: *pg

  - name: Telegram
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Telegram.svg"
    <<: *pg

  - name: Discord
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Discord.svg"
    <<: *pg

  - name: Spotify
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Spotify.svg"
    <<: *pg

  - name: TikTok
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/TikTok.svg"
    <<: *pg

  - name: YouTube
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/YouTube.svg"
    <<: *pg

  - name: Netflix
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Netflix.svg"
    <<: *pg

  - name: Google
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Google.svg"
    <<: *pg

  - name: Facebook
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Facebook.svg"
    <<: *pg

  - name: OpenAI
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/OpenAI.svg"
    <<: *pg

  - name: GitHub
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/GitHub.svg"
    <<: *pg

  - name: Twitter(X)
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Twitter.svg"
    <<: *pg

  - name: FINAL
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/HBASE-copy.svg"
    <<: *pg

  - name: LOWEST
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Return.svg"
    type: url-test
    filter: "^(?!.*(套餐|重置|剩余|到期|订阅|群|账户|流量|有效期|时间|官网|失联|余额)).*$"
    include-all: true

  - name: FALLBACK
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Return.svg"
    type: fallback
    filter: "^(?!.*(套餐|重置|剩余|到期|订阅|群|账户|流量|有效期|时间|官网|失联|余额)).*$"
    include-all: true

  - name: BALANCE
    icon: "https://cdn.jsdelivr.net/gh/GitMetaio/Surfing@rm/Home/icon/Return.svg"
    type: load-balance
    strategy: round-robin
    filter: "^(?!.*(套餐|重置|剩余|到期|订阅|群|账户|流量|有效期|时间|官网|失联|余额)).*$"
    include-all: true
# —————————

rule-anchor:
  YAML: &YAML
    {type: http, behavior: classical, format: yaml, interval: 86400}
  IPCIDR: &IPCIDR
    {type: http, behavior: ipcidr, format: mrs, interval: 86400}
  Domain: &Domain
    {type: http, behavior: domain, format: mrs, interval: 86400}

rule-providers:

###国内/私有###

  ChinaMax_IP:
    <<: *IPCIDR
    path: ./rules/ChinaMax_OCD_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/ChinaMax/ChinaMax_OCD_IP.mrs"
  ChinaMax_Domain:
    <<: *Domain
    path: ./rules/ChinaMax_OCD_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/ChinaMax/ChinaMax_OCD_Domain.mrs"
  Private_Domain:
    <<: *Domain
    path: ./rules/Lan_OCD_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Lan/Lan_OCD_Domain.mrs"
  Private_IP:
    <<: *IPCIDR
    path: ./rules/Lan_OCD_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Lan/Lan_OCD_IP.mrs"

###直连/代理规则###

  Direct:
    <<: *YAML
    path: ./ruleset/direct.yaml
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Direct/Direct.yaml"
  Global_Domain:
    <<: *Domain
    path: ./rules/Global_OCD_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Global/Global_OCD_Domain.mrs"
  Global_IP:
    <<: *IPCIDR
    path: ./rules/Global_OCD_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Global/Global_OCD_IP.mrs"

###去广告###

  AWAvenue_Ads_Rule:
    <<: *YAML
    path: ./ruleset/AWAvenue_Ads_Rule_Clash.yaml
    url: "https://raw.githubusercontent.com/TG-Twilight/AWAvenue-Ads-Rule/main//Filters/AWAvenue-Ads-Rule-Clash.yaml"

###游戏###

  Game_Domain:
    <<: *Domain
    path: ./rules/Game_OCD_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Game/Game_OCD_Domain.mrs"
  Game_IP:
    <<: *IPCIDR
    path: ./rules/Game_OCD_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Game/Game_OCD_IP.mrs"
  GameDownload_Domain:
    <<: *Domain
    path: ./rules/GameDownload_OCD_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Game/GameDownload/GameDownload_OCD_Domain.mrs"

###国外###

  Emby_Domain:
    <<: *Domain
    path: ./rules/Emby_Domain.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Emby/Emby_OCD_Domain.mrs"

  TikTok_Domain:
    <<: *Domain
    path: ./rules/TikTok.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/TikTok/TikTok_OCD_Domain.mrs"

  Spotify_Domain:
    <<: *Domain
    path: ./rules/Spotify.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Spotify/Spotify_OCD_Domain.mrs"
  Spotify_IP:
    <<: *IPCIDR
    path: ./rules/Spotify_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Spotify/Spotify_OCD_IP.mrs"

  Facebook_Domain:
    <<: *Domain
    path: ./rules/Facebook.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Facebook/Facebook_OCD_Domain.mrs"
  Facebook_IP:
    <<: *IPCIDR
    path: ./rules/Facebook_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Facebook/Facebook_OCD_IP.mrs"

  Telegram_Domain:
    <<: *Domain
    path: ./rules/Telegram.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Telegram/Telegram_OCD_Domain.mrs"
  Telegram_IP:
    <<: *IPCIDR
    path: ./rules/Telegram_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Telegram/Telegram_OCD_IP.mrs"
  Telegram_No_Resolve:
    <<: *YAML
    path: ./rules/Telegram_No_Resolve.yaml
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Telegram/Telegram_No_Resolve.yaml"

  YouTube_Domain:
    <<: *Domain
    path: ./rules/YouTube.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/YouTube/YouTube_OCD_Domain.mrs"
  YouTube_IP:
    <<: *IPCIDR
    path: ./rules/YouTube_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/YouTube/YouTube_OCD_IP.mrs"

  Google_Domain:
    <<: *Domain
    path: ./rules/Google.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Google/Google_OCD_Domain.mrs"
  Google_IP:
    <<: *IPCIDR
    path: ./rules/Google_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Google/Google_OCD_IP.mrs"

  GoogleFCM_Domain:
    <<: *Domain
    path: ./rules/GoogleFCM.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/GoogleFCM/GoogleFCM_OCD_Domain.mrs"
  GoogleFCM_IP:
    <<: *IPCIDR
    path: ./rules/GoogleFCM_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/GoogleFCM/GoogleFCM_OCD_IP.mrs"

  Microsoft_Domain:
    <<: *Domain
    path: ./rules/Microsoft.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Microsoft/Microsoft_OCD_Domain.mrs"

  Apple_Domain:
    <<: *Domain
    path: ./rules/Apple.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Apple/Apple_OCD_Domain.mrs"
  Apple_IP:
    <<: *IPCIDR
    path: ./rules/Apple_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Apple/Apple_OCD_IP.mrs"

  OpenAI_Domain:
    <<: *Domain
    path: ./rules/OpenAI.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/OpenAI/OpenAI_OCD_Domain.mrs"
  OpenAI_IP:
    <<: *IPCIDR
    path: ./rules/OpenAI_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/OpenAI/OpenAI_OCD_IP.mrs"

  Netflix_Domain:
    <<: *Domain
    path: ./rules/Netflix.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Netflix/Netflix_OCD_Domain.mrs"
  Netflix_IP:
    <<: *IPCIDR
    path: ./rules/Netflix_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Netflix/Netflix_OCD_IP.mrs"

  Discord_Domain:
    <<: *Domain
    path: ./rules/Discord.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Discord/Discord_OCD_Domain.mrs"

  GitHub_Domain:
    <<: *Domain
    path: ./rules/GitHub.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/GitHub/GitHub_OCD_Domain.mrs"

  Twitter_Domain:
    <<: *Domain
    path: ./rules/Twitter.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Twitter/Twitter_OCD_Domain.mrs"
  Twitter_IP:
    <<: *IPCIDR
    path: ./rules/Twitter_IP.mrs
    url: "https://cdn.jsdelivr.net/gh/Ayanami0xL1l1th/Rule-for-OCD@master/rule/Clash/Twitter/Twitter_OCD_IP.mrs"

rules:
  - DST-PORT,53,DIRECT
  - DST-PORT,853,DIRECT

  - RULE-SET,Direct,DIRECT               #直连规则
  - RULE-SET,AWAvenue_Ads_Rule,ADS       #去广告
  - RULE-SET,Game_Domain,Game            #游戏，走直连
  - RULE-SET,Game_IP,Game
  - RULE-SET,GameDownload_Domain,Game
  - RULE-SET,ChinaMax_Domain,DIRECT,no-resolve
  - RULE-SET,ChinaMax_IP,DIRECT
  - RULE-SET,Private_Domain,DIRECT
  - RULE-SET,Private_IP,DIRECT

  - RULE-SET,Emby_Domain,Emby

  - RULE-SET,GitHub_Domain,GitHub

  - RULE-SET,Discord_Domain,Discord

  - RULE-SET,TikTok_Domain,TikTok

  - RULE-SET,Twitter_Domain,Twitter(X)
  - RULE-SET,Twitter_IP,Twitter(X)

  - RULE-SET,YouTube_Domain,YouTube
  - RULE-SET,YouTube_IP,YouTube

  - RULE-SET,GoogleFCM_Domain,GoogleFCM
  - RULE-SET,GoogleFCM_IP,GoogleFCM

  - RULE-SET,Google_Domain,Google
  - RULE-SET,Google_IP,Google

  - RULE-SET,Netflix_Domain,Netflix
  - RULE-SET,Netflix_IP,Netflix

  - RULE-SET,Spotify_Domain,Spotify
  - RULE-SET,Spotify_IP,Spotify

  - RULE-SET,Facebook_Domain,Facebook
  - RULE-SET,Facebook_IP,Facebook

  - RULE-SET,OpenAI_Domain,OpenAI
  - RULE-SET,OpenAI_IP,OpenAI

  - RULE-SET,Apple_Domain,Apple
  - RULE-SET,Apple_IP,Apple

  - RULE-SET,Microsoft_Domain,Microsoft

  - RULE-SET,Telegram_Domain,Telegram
  - RULE-SET,Telegram_IP,Telegram,no-resolve
  - RULE-SET,Telegram_No_Resolve,Telegram,no-resolve

  - DOMAIN,browserleaks.com,FINAL

  - RULE-SET,Global_Domain,PROXY
  - RULE-SET,Global_IP,PROXY

  - MATCH,FINAL
# —————————

预览就放这么多，还有一般版和超级精简版 (纯 geo) 的一些配置文件，可以在仓库中查看

Cloudflare Workers 部署的节点无法直接访问使用 Cloudflare CDN 服务的网站，为了解决这个限制，通过配置有效的 ProxyIP，可以绕过限制，成功访问托管在 Cloudflare 上的目标网站。

扫到一些 IP 分享出来，有需要拿去使用，会不定期更新。

注意：ProxyIP 不可作为优选 IP 使用！随时可能失效！

Check ProxyIP - 代理 IP 检测

首先非常感谢佬友造的轮子 lumine 一个绕过 sni 阻断的工具（理论上换成 byedpi 之类的应该也行？）
之前发现的 cromite 浏览器当时还勉强能用，但是现在在移动网络下已经几乎不可用了（联通感觉还行），且它不支持自定义 clienthello 分片参数等，已经打不过现在的墙了（
所以我推荐可以使用佬友的 lumine（可惜不能手机端了）
lumine 需要任意一个本地 udp dns 服务，这里我更推荐 mosdns，可以使用 doh 作为上游并且可选参数很多

1. lumine 配置
   我用的 windows 下载的是 github 仓库的 release，解压后在同一目录下创建 config.json，这里使用仓库中的 config.json
   如果担心端口占用可以自行修改，和下面本地 dns 服务的保持相同即可

2. mosdns 配置
   先从 github release 下载，在解压的目录下创建 config.yaml，可以参考官方配置教程
   由于上文 lumine 的 dns 地址设置为 “127.0.0.1:8053”，所以需要改 mosdns 的端口为 8053

log: level: info plugins: - args: upstreams: - addr: https://abcdefg.cloudflare-gateway.com/dns-query bootstrap: "223.5.5.5" tag: forward_google type: forward - args: entry: forward_google listen: 127.0.0.1:8053 tag: udp_server type: udp_server - args: entry: forward_google listen: 127.0.0.1:8053 tag: tcp_server type: tcp_server 

可以换成自己的 doh 服务器，这里使用 cloudflare-gateway 的，一定要记得填 bootstrap 到一个 udp dns 来解析 doh 域名

3. 启动
   首先分别在两个软件目录下启动终端，lumine 直接使用./lumine 启动，mosdns 使用./mosdns start 启动
   然后可以直接填在 windows 的代理那边，但是我还是更推荐使用 v2rayn 进行分流，添加 socks 代理，服务器 127.0.0.1，端口填你 lumine 配置里写的那个（默认 1080），然后开 “自动配置系统代理” 就行了

目前测下来能用的：

• spotify
• wikipedia
• linux.do
• google（它居然能用？）
• 等等一系列不列举了

测下来不太能用的：

• youtube
• X(twitter)
• 等等一系列会 ban 中国 ip 的或者直接封 ip 的

使用 ipv6 可以极大减少直接封 ip 的几率