From 29e7be855cd331d5f883a4d9e35e0bb111b09105 Mon Sep 17 00:00:00 2001 From: Beta Soft Date: Sat, 5 Dec 2020 21:25:11 +0800 Subject: [PATCH] rules: update default clash & surfboard & surge rules Signed-off-by: Beta Soft --- resources/rules/default.clash.yaml | 4 +- resources/rules/default.surfboard.conf | 65 +++++++++++++------------- resources/rules/default.surge.conf | 8 ++-- 3 files changed, 40 insertions(+), 37 deletions(-) diff --git a/resources/rules/default.clash.yaml b/resources/rules/default.clash.yaml index 3b84602f..88742465 100644 --- a/resources/rules/default.clash.yaml +++ b/resources/rules/default.clash.yaml @@ -4,6 +4,7 @@ # tproxy-port: 7893 mixed-port: 7890 allow-lan: true +bind-address: "*" mode: rule log-level: info external-controller: 127.0.0.1:9090 @@ -20,15 +21,16 @@ dns: fake-ip-range: 198.18.0.1/16 use-hosts: true nameserver: - - https://dns.alidns.com/dns-query - https://doh.pub/dns-query fallback: - tls://1.0.0.1:853 + - https://cloudflare-dns.com/dns-query - https://dns.google/dns-query fallback-filter: geoip: true ipcidr: - 240.0.0.0/4 + - 0.0.0.0/32 proxies: diff --git a/resources/rules/default.surfboard.conf b/resources/rules/default.surfboard.conf index 5ea3bcb5..13426cce 100644 --- a/resources/rules/default.surfboard.conf +++ b/resources/rules/default.surfboard.conf @@ -55,22 +55,22 @@ DOMAIN,itunes.apple.com,Proxy DOMAIN-SUFFIX,apps.apple.com,Proxy DOMAIN-SUFFIX,blobstore.apple.com,Proxy DOMAIN,cvws.icloud-content.com,Proxy -DOMAIN-SUFFIX,mzstatic.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,itunes.apple.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,icloud.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,icloud-content.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,me.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,aaplimg.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,cdn20.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,cdn-apple.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,akadns.net,DIRECT,force-remote-dns -DOMAIN-SUFFIX,akamaiedge.net,DIRECT,force-remote-dns -DOMAIN-SUFFIX,edgekey.net,DIRECT,force-remote-dns -DOMAIN-SUFFIX,mwcloudcdn.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,mwcname.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,apple.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,apple-cloudkit.com,DIRECT,force-remote-dns -DOMAIN-SUFFIX,apple-mapkit.com,DIRECT,force-remote-dns +DOMAIN-SUFFIX,mzstatic.com,DIRECT +DOMAIN-SUFFIX,itunes.apple.com,DIRECT +DOMAIN-SUFFIX,icloud.com,DIRECT +DOMAIN-SUFFIX,icloud-content.com,DIRECT +DOMAIN-SUFFIX,me.com,DIRECT +DOMAIN-SUFFIX,aaplimg.com,DIRECT +DOMAIN-SUFFIX,cdn20.com,DIRECT +DOMAIN-SUFFIX,cdn-apple.com,DIRECT +DOMAIN-SUFFIX,akadns.net,DIRECT +DOMAIN-SUFFIX,akamaiedge.net,DIRECT +DOMAIN-SUFFIX,edgekey.net,DIRECT +DOMAIN-SUFFIX,mwcloudcdn.com,DIRECT +DOMAIN-SUFFIX,mwcname.com,DIRECT +DOMAIN-SUFFIX,apple.com,DIRECT +DOMAIN-SUFFIX,apple-cloudkit.com,DIRECT +DOMAIN-SUFFIX,apple-mapkit.com,DIRECT # 国内网站 DOMAIN-SUFFIX,cn,DIRECT @@ -203,22 +203,7 @@ DOMAIN-SUFFIX,zhimg.com,DIRECT DOMAIN-SUFFIX,zimuzu.tv,DIRECT DOMAIN-SUFFIX,zoho.com,DIRECT -# 抗 DNS 污染 -DOMAIN-KEYWORD,amazon,Proxy -DOMAIN-KEYWORD,gmail,Proxy -DOMAIN-KEYWORD,youtube,Proxy -DOMAIN-KEYWORD,facebook,Proxy -DOMAIN-SUFFIX,fb.me,Proxy -DOMAIN-SUFFIX,fbcdn.net,Proxy -DOMAIN-KEYWORD,twitter,Proxy -DOMAIN-KEYWORD,instagram,Proxy -DOMAIN-KEYWORD,dropbox,Proxy -DOMAIN-SUFFIX,twimg.com,Proxy -DOMAIN-KEYWORD,blogspot,Proxy -DOMAIN-SUFFIX,youtu.be,Proxy -DOMAIN-KEYWORD,whatsapp,Proxy - -# 常见广告域名关键词屏蔽 +# 常见广告域名屏蔽 DOMAIN-KEYWORD,admarvel,REJECT DOMAIN-KEYWORD,admaster,REJECT DOMAIN-KEYWORD,adsage,REJECT @@ -247,6 +232,22 @@ DOMAIN-SUFFIX,vungle.com,REJECT DOMAIN-KEYWORD,wlmonitor,REJECT DOMAIN-KEYWORD,zjtoolbar,REJECT +# 抗 DNS 污染 +DOMAIN-KEYWORD,amazon,Proxy +DOMAIN-KEYWORD,google,Proxy +DOMAIN-KEYWORD,gmail,Proxy +DOMAIN-KEYWORD,youtube,Proxy +DOMAIN-KEYWORD,facebook,Proxy +DOMAIN-SUFFIX,fb.me,Proxy +DOMAIN-SUFFIX,fbcdn.net,Proxy +DOMAIN-KEYWORD,twitter,Proxy +DOMAIN-KEYWORD,instagram,Proxy +DOMAIN-KEYWORD,dropbox,Proxy +DOMAIN-SUFFIX,twimg.com,Proxy +DOMAIN-KEYWORD,blogspot,Proxy +DOMAIN-SUFFIX,youtu.be,Proxy +DOMAIN-KEYWORD,whatsapp,Proxy + # 国外网站 DOMAIN-SUFFIX,9to5mac.com,Proxy DOMAIN-SUFFIX,abpchina.org,Proxy diff --git a/resources/rules/default.surge.conf b/resources/rules/default.surge.conf index 99e91028..15352891 100644 --- a/resources/rules/default.surge.conf +++ b/resources/rules/default.surge.conf @@ -4,9 +4,9 @@ [General] loglevel = notify # 从 Surge iOS 4 / Surge Mac 3.3.0 起,工具开始支持 DoH -doh-server = https://dns.alidns.com/dns-query -# https://13800000000.rubyfish.cn/, https://doh.360.cn/dns-query, https://dns.google/dns-query -dns-server = 223.5.5.5, 114.114.114.114, 119.29.29.29 +doh-server = https://doh.pub/dns-query +# https://dns.alidns.com/dns-query, https://13800000000.rubyfish.cn/, https://dns.google/dns-query +dns-server = 223.5.5.5, 114.114.114.114 tun-excluded-routes = 0.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16, 192.88.99.0/24, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 255.255.255.255/32 skip-proxy = localhost, *.local, injections.adguard.org, local.adguard.org, captive.apple.com, guzzoni.apple.com, 0.0.0.0/8, 10.0.0.0/8, 17.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16, 192.88.99.0/24, 198.18.0.0/15, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 240.0.0.0/4, 255.255.255.255/32 @@ -58,7 +58,7 @@ fallback = fallback, $proxy_group, url=http://www.gstatic.com/generate_204, inte # 实用规则片段集 # RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-News.list,Proxy RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-proxy.list,Proxy -RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-direct.list,DIRECT,force-remote-dns +RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-direct.list,DIRECT RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/CN.list,DIRECT RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/common-ad-keyword.list,REJECT-TINYGIF RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/foreign.list,Proxy