ss: &ss type: ss cipher: 2022-blake3-aes-128-gcm password: c9AM1oorBgwaJuSPWNGAbA== udp: true udp-over-tcp: true # ip-version: ipv4 # 设置节点使用 IP 版本,可选:dual,ipv4,ipv6,ipv4-prefer,ipv6-prefer。默认使用 dual smux: enabled: true protocol: smux # smux/yamux/h2mux max-connections: 128 # Maximum connections. Conflict with max-streams. # min-streams: 1 # max-streams: 0 padding: true # statistic: false # only-tcp: false brutal-opts: enabled: true up: 10 down: 500 vmessBrutal: &vmessBrutal type: vmess uuid: bb102209-6292-9dd3-573c-c32970a3a585 alterId: 0 cipher: auto tls: false udp: true skip-cert-verify: true network: ws ws-opts: path: /ws headers: Host: node-speedtest.speedtest.cn max-early-data: 2048 early-data-header-name: Sec-WebSocket-Protocol smux: enabled: true protocol: h2mux max-connections: 64 min-streams: 4 padding: true brutal-opts: enabled: true up: 30 down: 30 mixed-port: 7897 allow-lan: true mode: rule log-level: debug ipv6: false find-process-mode: always ### 如果使用的是裸核,需要将下面的注释去掉,方便ui界面的使用 # external-controller: 0.0.0.0:9988 # external-ui: ui # external-ui-url: 'https://mirror.ghproxy.com/https://github.com/Zephyruso/zashboard/releases/latest/download/dist.zip' # secret: "maintell" profile: store-selected: true store-fake-ip: true smart-collector-size: 100 unified-delay: true tcp-concurrent: true global-client-fingerprint: chrome geodata-mode: true geox-url: geoip: "https://fastly.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geoip.dat" geosite: "https://fastly.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geosite.dat" mmdb: "https://fastly.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geoip.metadb" asn: "https://fastly.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/GeoLite2-ASN.mmdb" geo-auto-update: true # 是否自动更新 geodata geo-update-interval: 24 # 更新间隔,单位:小时 dns: enable: true prefer-h3: true ipv6: false cache-algorithm: arc cache-max-size: 20000 enhanced-mode: fake-ip fake-ip-range: 198.18.0.1/16 # fake-ip-filter start fake-ip-filter: - +.+m2m - +.$injections.adguard.org - +.$local.adguard.org - +.+bogon - +.+lan - +.+localdomain - +.home.arpa - +.10.in-addr.arpa - +.16.172.in-addr.arpa - +.17.172.in-addr.arpa - +.18.172.in-addr.arpa - +.19.172.in-addr.arpa - +.20.172.in-addr.arpa - +.21.172.in-addr.arpa - +.22.172.in-addr.arpa - +.23.172.in-addr.arpa - +.24.172.in-addr.arpa - +.25.172.in-addr.arpa - +.26.172.in-addr.arpa - +.27.172.in-addr.arpa - +.28.172.in-addr.arpa - +.29.172.in-addr.arpa - +.30.172.in-addr.arpa - +.31.172.in-addr.arpa - +.168.192.in-addr.arpa - +.254.169.in-addr.arpa - dns.msftncsi.com - "*.srv.nintendo.net" - "*.stun.playstation.net" - xbox.*.microsoft.com - "*.xboxlive.com" - "*.turn.twilio.com" - "*.stun.twilio.com" - stun.syncthing.net - stun.* - '+.msftconnecttest.com' - '+.msftncsi.com' - '*.lan' - '*.localhost.app' # fake-ip-filter end respect-rules: true nameserver: - 1.1.1.1 - 8.8.8.8 - 8.8.4.4 - 208.67.222.222 - 208.67.220.220 - https://1.1.1.1/dns-query - https://8.8.8.8/dns-query proxy-server-nameserver: - https://1.12.12.12/dns-query - https://223.5.5.5/dns-query nameserver-policy: "geosite:cn": - 223.5.5.5 - 223.6.6.6 - 119.29.29.29 - https://223.5.5.5/dns-query - https://1.12.12.12/dns-query ### 域名嗅探 sniffer: enable: true sniff: HTTP: ports: [80, 8080-8880] override-destination: true TLS: ports: [443, 8443] QUIC: ports: [443, 8443] skip-domain: - "Mijia Cloud" - "+.push.apple.com" ### Tunnel配置 tun: enable: true stack: system device: Ethernet 99 auto-route: true auto-detect-interface: true dns-hijack: - any:53 - tcp://any:53 strict-route: true mtu: 1500 proxies: pp: &pp type: http interval: 21600 health-check: enable: true url: https://www.gstatic.com/generate_204 interval: 900 timeout: 3000 lazy: true expected-status: 204 # 策略组类型模板 - 定义不同的策略组基础配置 BaseFB: &BaseFB {type: fallback, interval: 60, tolerance: 20, lazy: true, url: 'https://www.google.com/generate_204'} BaseCH: &BaseCH {type: load-balance, interval: 60, tolerance: 20, lazy: true, url: 'https://www.google.com/generate_204', strategy: consistent-hashing, hidden: true} BaseCR: &BaseCR {type: load-balance, interval: 60, tolerance: 20, lazy: true, url: 'https://www.google.com/generate_204', strategy: round-robin, hidden: true} BaseUT: &BaseUT {type: url-test, interval: 60, tolerance: 20, lazy: true, url: 'https://www.google.com/generate_204', hidden: true} FilterWEBRTC: &FilterWEBRTC '^(?=.*(?i)(WEBRTC))(?!.*(DIRECT|RELAY|CDN)).*$' FilterDirect: &FilterDirect '^(?=.*(?i)(DIRECT))(?!.*(WEBRTC|RELAY|CDN)).*$' FilterRelay: &FilterRelay '^(?=.*(?i)(RELAY))(?!.*(WEBRTC|DIRECT|CDN)).*$' FilterCDN: &FilterCDN '^(?=.*(?i)(CDN))(?!.*(WEBRTC|RELAY|DIRECT)).*$' proxy-providers: webrtc: <<: *pp url: "https://sub.658658.xyz/webrtc.yaml" path: ./proxy_providers/webrtc.yaml override: additional-prefix: "[WEBRTC]" direct: <<: *pp url: "https://sub.658658.xyz/direct.yaml" path: ./proxy_providers/direct.yaml override: additional-prefix: "[DIRECT]" relay: <<: *pp url: "https://sub.658658.xyz/relay.yaml" path: ./proxy_providers/relay.yaml override: additional-prefix: "[RELAY]" cdn: <<: *pp url: "https://sub.658658.xyz/cdn.yaml" path: ./proxy_providers/cdn.yaml override: additional-prefix: "[CDN]" #------------------------------------------------------------------------------ proxy-groups: - {name: WebrtcAuto, <<: *BaseUT, include-all: true, filter: *FilterWEBRTC, hidden: false} - {name: DirectAuto, <<: *BaseUT, include-all: true, filter: *FilterDirect, hidden: false} - {name: RelayAuto, <<: *BaseUT, include-all: true, filter: *FilterRelay, hidden: false} - {name: CDNAuto, <<: *BaseUT, include-all: true, filter: *FilterCDN, hidden: false} - {name: AllAuto, <<: *BaseUT, include-all: true, hidden: false} - {name: DirectOut, type: select, proxies: [DIRECT], hidden: true} - {name: FallBackAuto, <<: *BaseFB, proxies: [WebrtcAuto, DirectAuto, RelayAuto, CDNAuto, AllAuto]} - {name: Advertise, type: select, proxies: [REJECT,DIRECT], hidden: false} rule-providers: ads: type: http behavior: domain format: mrs path: ./ruleset/ads.mrs url: "https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/ads.mrs" interval: 86400 private: type: http behavior: domain format: mrs path: ./ruleset/private.mrs url: "https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/private.mrs" interval: 86400 applications: type: http behavior: classical format: text path: ./ruleset/applications.list url: "https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/applications.list" interval: 86400 microsoft-cn: type: http behavior: domain format: mrs path: ./ruleset/microsoft-cn.mrs url: "https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/microsoft-cn.mrs" interval: 86400 apple-cn: type: http behavior: domain format: mrs path: ./ruleset/apple-cn.mrs url: "https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/apple-cn.mrs" interval: 86400 google-cn: type: http behavior: domain format: mrs path: ./ruleset/google-cn.mrs url: "https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/google-cn.mrs" interval: 86400 games-cn: type: http behavior: domain format: mrs path: ./ruleset/games-cn.mrs url: "https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/games-cn.mrs" interval: 86400 ai: type: http behavior: domain format: mrs path: ./ruleset/ai.mrs url: "https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/ai.mrs" interval: 86400 cn: type: http behavior: domain format: mrs path: ./ruleset/cn.mrs url: "https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/cn-lite.mrs" interval: 86400 privateip: type: http behavior: ipcidr format: mrs path: ./ruleset/privateip.mrs url: "https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/privateip.mrs" interval: 86400 cnip: type: http behavior: ipcidr format: mrs path: ./ruleset/cnip.mrs url: "https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/cnip.mrs" interval: 86400 # 分流规则 rules: - RULE-SET,ads,Advertise - RULE-SET,ai,FallBackAuto - RULE-SET,private,DirectOut - RULE-SET,privateip,DIRECT,no-resolve - RULE-SET,applications,DirectOut - RULE-SET,microsoft-cn,DirectOut - RULE-SET,apple-cn,DirectOut - RULE-SET,google-cn,DirectOut - RULE-SET,games-cn,DirectOut - RULE-SET,cn,DirectOut - RULE-SET,cnip,DirectOut - MATCH,FallBackAuto