proxychains curl www.baidu.com
[proxychains] config file found: /etc/proxychains.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.16
[proxychains] Strict chain ... 192.168.50.1:1080 ... www.baidu.com:80 ... OK
curl: (56) Recv failure: Connection reset by peer
port: 7890
socks-port: 1080 # SOCKS5代理端口,DNS请求会中转
redir-port: 3333 # 透明代理端口
allow-lan: true
# allow-lan=true时,最好设置内网访问IP,关闭IPv6监听
# '*': bind all IP addresses
# 192.168.122.11: bind a single IPv4 address
# "[aaaa::a8aa:ff:fe09:57d8]": bind a single IPv6 addres
bind-address: '*'
# 不使用IPv6地址(配合上面的bind-address)
ipv6: true
mode: Rule
log-level: info # 日志显示级别: debug-问题调试,info-基本信息
external-controller: 192.168.50.1:9090
external-ui: /koolshare/clash/dashboard
secret: route
# 透明代理开启DNS
dns:
enable: true
ipv6: true
listen: 0.0.0.0:1053
enhanced-mode: redir-host # redir-host or fake-ip
fake-ip-range: 198.18.0.1/16 # Fake IP addresses pool CIDR
use-hosts: false # lookup hosts and return IP record
nameserver:
# - 114.114.114.114
# - https://dns.alidns.com/dns-query
- tcp://223.5.5.5:53
# 提供 fallback 时,如果GEOIP非 CN **时使用 fallback 解析
fallback:
- 8.8.8.8 # Google DNS over TCP
- tls://dns.google # Google DNS over TLS
# - 1.1.1.1 # cloudflare DNS over TCP
# - '[2001:4860:4860::8888]:53' # Google ipv6 DNS
# - '[2606:4700:4700::1111]:53' # cloudflare ipv6 DNS
# - '[2620:119:35::35]:53' # openDNS ipv6 DNS
# - https://dns.google/dns-query # Google DNS over HTTPS
# - https://cloudflare-dns.com/dns-query # cloudflare DNS over HTTPS
# 强制DNS解析使用`fallback`配置
fallback-filter:
# true: CN使用nameserver解析,非CN使用fallback
geoip: true
geoip-code: CN
# geoip设置为false时有效: 不匹配`ipcidr`地址时会使用`nameserver`结果,匹配`ipcidr`地址时使用`fallback`结果。
ipcidr:
- 240.0.0.0/4
domain:
- +.google.com
- +.facebook.com
- +.youtube.com
- +.duckduckgo.com
- +.startpage.com
# 保留的proxy节点列表(启动配置文件不包含任何节点信息,节点信息通过 proxy-provider 提供)
proxies: []
# 配置规则参考文档: https://github.com/Dreamacro/clash/wiki/configuration
# 设置代理提供者(远程订阅地址+本地订阅文件)
proxy-providers:
provider_url:
# 免费订阅源代理组
type: file
path: ./providers/provider_remote.yaml
health-check:
enable: true
interval: 600
url: http://www.gstatic.com/generate_204
provider_diy:
# 个人VPS代理组
type: file
path: ./providers/provider_diy.yaml
health-check:
enable: true
interval: 600
url: http://www.gstatic.com/generate_204
provider_free:
# 墙内可用代理组
type: file
path: ./providers/provider_free.yaml
health-check:
enable: true
interval: 600
url: http://www.gstatic.com/generate_204
provider_outwall:
# 被墙代理组
type: file
path: ./providers/provider_outwall.yaml
health-check:
enable: true
interval: 600
url: http://www.gstatic.com/generate_204
provider_netflix:
# 解锁Netflix代理组
type: file
path: ./providers/provider_netflix.yaml
health-check:
enable: true
interval: 600
url: http://www.gstatic.com/generate_204
provider_home_netflix:
# 解锁Netflix代理组
type: file
path: ./providers/provider_home_netflix.yaml
health-check:
enable: true
interval: 600
url: http://www.gstatic.com/generate_204
# 类型选择 简介
# select : 用于选择代理或代理组, 可以通过 RESTful API 来切换代理,建议在 GUI 中使用
# load-balance : 相同eTLD+1的请求将拨号到同一个代理。
# url-test : 通过对 URL 的速度进行基准测试来选择将使用哪个代理。
# fallback : 按优先级选择可用的策略。通过访问 URL 来测试可用性,就像自动 url-test 组一样。
# relay : 中继链接代理。代理不应包含中继。不支持 UDP。 流量:Clash <-> http <-> vmess <-> ss1 <-> ss2 <-> Internet
#
# 推荐选择:
# 命令行服务建议选择 url-test / fallback / load-balance
# GUI窗口 官方建议选择 select ,当然也推荐使用url-test 自动检测可用性。
proxy-groups:
# 保留的自定义节点
- name: DIY组 # 私人的代理节点组
type: select # load-balance, select, relay, fallback, url-test
use: # 引入 proxy-provider 使用 use 关键字
- provider_diy # 个人自定义的代理文件
url: http://www.gstatic.com/generate_204
interval: 300
- name: 跳板代理组 # 为了让DIY组可以做出口
type: select # load-balance, select, relay, fallback, url-test
use:
- provider_diy
url: http://www.gstatic.com/generate_204
interval: 300
- name: PROXY # 免费可用代理组
type: select
use:
- provider_url
- provider_free
url: http://www.gstatic.com/generate_204
interval: 300
- name: 被墙代理组 # 国内不可用,国外可用
type: select
use: # 引入 proxy-provider 使用 use 关键字
- provider_outwall # 墙外订阅源代理组
url: http://www.gstatic.com/generate_204
interval: 300
- name: 仅支持Netflix自制剧
type: select
use:
- provider_home_netflix
url: http://www.gstatic.com/generate_204
interval: 300
- name: 解锁Netflix非自制剧
type: select
use:
- provider_netflix
url: http://www.gstatic.com/generate_204
interval: 300
- name: 入口代理组
type: select
url: http://www.gstatic.com/generate_204
interval: 300
proxies:
- 跳板代理组
- DIY组
- PROXY
- 仅支持Netflix自制剧
- 解锁Netflix非自制剧
- name: 出口代理组
type: select
url: http://www.gstatic.com/generate_204
interval: 300
proxies:
- 解锁Netflix非自制剧
- 被墙代理组
- 仅支持Netflix自制剧
- DIY组
- name: 中继组-解锁奈飞
# 中继代理组,不支持UDP协议。线路: clash <-> 入口代理组 <-> 出口代理组 <-> Internet
type: relay
url: http://www.gstatic.com/generate_204
interval: 300
proxies:
- 入口代理组
- 出口代理组
- name: NETFLIX_PROXY
type: select
url: http://www.gstatic.com/generate_204
interval: 300
proxies:
- 中继组-解锁奈飞
- DIY组
- 解锁Netflix非自制剧
- 仅支持Netflix自制剧
- PROXY
- name: Tiktok_PROXY
type: select
url: http://www.gstatic.com/generate_204
interval: 300
proxies:
- DIY组
- 中继组-解锁奈飞
- 解锁Netflix非自制剧
- 仅支持Netflix自制剧
- PROXY
- DIRECT
- name: Bili_PROXY
type: select
url: http://www.gstatic.com/generate_204
interval: 300
proxies:
- DIRECT
- DIY组
- 中继组-解锁奈飞
- PROXY
- 解锁Netflix非自制剧
- 仅支持Netflix自制剧
- name: IQiyi_PROXY
type: select
url: http://www.gstatic.com/generate_204
interval: 300
proxies:
- DIRECT
- DIY组
- PROXY
- 解锁Netflix非自制剧
- 仅支持Netflix自制剧
- name: 默认代理组
type: select
url: http://www.gstatic.com/generate_204
interval: 300
proxies:
- DIY组
- PROXY
- 解锁Netflix非自制剧
- 仅支持Netflix自制剧
- 中继组-解锁奈飞
- DIRECT
rule-providers:
webgfw:
type: http
behavior: domain
url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/gfw.txt
path: ./ruleset/gfw.yaml
interval: 86400
webdirect:
type: http
behavior: domain
url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/direct.txt
path: ./ruleset/direct.yaml
interval: 86400
telegramcidr:
type: http
behavior: domain
url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/telegramcidr.txt
path: ./ruleset/telegramcidr.yaml
interval: 86400
lancidr:
type: file
behavior: domain
path: ./ruleset/lancidr.yaml
gfw:
type: file
behavior: domain
path: ./ruleset/rule_diy_gfw.yaml
direct:
type: file
behavior: domain
path: ./ruleset/rule_diy_direct.yaml
blacklist_rules:
type: file
behavior: classical
path: ./ruleset/rule_diy_blacklist.yaml
whitelist_rules:
type: file
behavior: classical
path: ./ruleset/rule_diy_whitelist.yaml
video_netflix:
type: file
behavior: classical
path: ./ruleset/video_netflix.yaml
video_tiktok:
type: file
behavior: classical
path: ./ruleset/video_tiktok.yaml
video_iqiyi:
type: file
behavior: classical
path: ./ruleset/video_iqiyi.yaml
video_ibilibili:
type: file
behavior: classical
path: ./ruleset/video_ibilibili.yaml
# 黑名单模式,命中规则使用代理
rules:
- DOMAIN,clash.razord.top,DIRECT
- DOMAIN,yacd.haishan.me,DIRECT
# 所有IPv6直连-避免不支持IPv6代理节点无法处理请求而导致无法上网问题
- IP-CIDR6,::/0,DIRECT,no-resolve
- RULE-SET,lancidr,DIRECT
- RULE-SET,video_netflix,NETFLIX_PROXY
- RULE-SET,video_tiktok,Tiktok_PROXY
- RULE-SET,video_iqiyi,IQiyi_PROXY
- RULE-SET,video_ibilibili,Bili_PROXY
# > 白名单列表
- RULE-SET,whitelist_rules,DIRECT
# > 黑名单列表
- RULE-SET,blacklist_rules,默认代理组
# 白名单模式最后规则
- RULE-SET,direct,DIRECT
- GEOIP,CN,DIRECT,no-resolve
- MATCH,默认代理组