强化自定义订阅 后端逻辑 Beta

app/Components/Client/Clash.php

@@ -0,0 +1,87 @@
+<?php
+
+namespace App\Components\Client;
+
+/*
+ * 本文件依据Clash文件编辑
+ * https://github.com/Dreamacro/clash/tree/master/adapters/outbound
+ *
+ */
+
+class Clash
+{
+    public static function buildShadowsocks($server)
+    {
+        return [
+            'name' => $server['name'],
+            'type' => 'ss',
+            'server' => $server['host'],
+            'port' => $server['port'],
+            'password' => $server['passwd'],
+            'cipher' => $server['method'],
+            'udp' => $server['udp'],
+        ];
+    }
+
+    public static function buildShadowsocksr($server)
+    {
+        return [
+            'name' => $server['name'],
+            'type' => 'ssr',
+            'server' => $server['host'],
+            'port' => $server['port'],
+            'password' => $server['passwd'],
+            'cipher' => $server['method'],
+            'obfs' => $server['obfs'],
+            'obfsparam' => $server['obfs_param'],
+            'protocol' => $server['protocol'],
+            'protocolparam' => $server['protocol_param'],
+            'udp' => $server['udp'],
+        ];
+    }
+
+    public static function buildVmess($server)
+    {
+        $array = [
+            'name' => $server['name'],
+            'type' => 'vmess',
+            'server' => $server['host'],
+            'port' => $server['port'],
+            'uuid' => $server['uuid'],
+            'alterId' => $server['v2_alter_id'],
+            'cipher' => $server['method'],
+            'udp' => $server['udp'],
+        ];
+
+        if ($server['v2_tls']) {
+            $array['tls'] = true;
+            $array['servername'] = $server['v2_host'];
+        }
+        $array['network'] = $server['v2_net'];
+
+        if ($server['v2_net'] === 'ws') {
+            $array['ws-path'] = $server['v2_path'];
+            $array['ws-headers'] = ['Host' => $server['v2_host']];
+        }
+
+        return $array;
+    }
+
+    public static function buildTrojan($server)
+    {
+        $array = [
+            'name' => $server['name'],
+            'type' => 'trojan',
+            'server' => $server['host'],
+            'port' => $server['port'],
+            'password' => $server['passwd'],
+            'udp' => $server['udp'],
+        ];
+
+        if (! empty($server['sni'])) {
+            $array['sni'] = $server['sni'];
+        }
+
+        return $array;
+    }
+}

app/Components/Client/QuantumultX.php

@@ -0,0 +1,96 @@
+<?php
+
+namespace App\Components\Client;
+
+class QuantumultX
+{
+    public static function buildShadowsocks($server)
+    {
+        $config = [
+            "shadowsocks={$server['host']}:{$server['port']}",
+            "method={$server['method']}",
+            "password={$server['passwd']}",
+            'fast-open=true',
+            "udp-relay={$server['udp']}",
+            "tag={$server['name']}",
+        ];
+        $config = array_filter($config);
+
+        return implode(',', $config)."\r\n";
+    }
+
+    public static function buildShadowsocksr($server)
+    {
+        $config = [
+            "shadowsocks={$server['host']}:{$server['port']}",
+            "method={$server['method']}",
+            "password={$server['passwd']}",
+            "ssr-protocol={$server['protocol']}",
+            "ssr-protocol-param={$server['protocol_param']}",
+            "obfs={$server['obs']}",
+            "obfs-host={$server['obfs_param']}",
+            'fast-open=true',
+            "udp-relay={$server['udp']}",
+            "tag={$server['name']}",
+        ];
+        $config = array_filter($config);
+
+        return implode(',', $config)."\r\n";
+    }
+
+    public static function buildVmess($server)
+    {
+        $config = [
+            "vmess={$server['host']}:{$server['port']}",
+            "method={$server['method']}",
+            "password={$server['uuid']}",
+            'fast-open=true',
+            'udp-relay=true',
+            "tag={$server['name']}",
+        ];
+
+        if ($server['v2_tls']) {
+            if ($server['v2_net'] === 'tcp') {
+                $config[] = 'obfs=over-tls';
+            } else {
+                $config[] = 'obfs=wss';
+            }
+        } else {
+            if ($server['v2_net'] === 'ws') {
+                $config[] = 'obfs=ws';
+            }
+        }
+
+        if ($server['v2_tls']) {
+            $config[] = 'tls-verification=true';
+            if (isset($server['v2_host']) && ! empty($server['v2_host'])) {
+                $config[] = "tls-host={$server['v2_host']}";
+            }
+        }
+
+        if ($server['v2_type'] === 'ws' && isset($server['v2_path']) && ! empty($server['v2_path'])) {
+            $config[] = "obfs-uri={$server['v2_path']}";
+            $config[] = "obfs-host={$server['v2_host']}";
+        }
+
+        return implode(',', $config)."\r\n";
+    }
+
+    public static function buildTrojan($server)
+    {
+        $config = [
+            "trojan={$server['host']}:{$server['port']}",
+            "password={$server['passwd']}",
+            'over-tls=true',
+            $server['host'] ? "tls-host={$server['host']}" : '',
+            // Tips: allowInsecure=false = tls-verification=true
+            // $server['allow_insecure'] ? 'tls-verification=false' : 'tls-verification=true',
+            'fast-open=true',
+            'udp-relay=true',
+            "tag={$server['name']}",
+        ];
+        $config = array_filter($config);
+
+        return implode(',', $config)."\r\n";
+    }
+}

app/Components/Client/Surfboard.php

@@ -0,0 +1,47 @@
+<?php
+
+namespace App\Components\Client;
+
+class Surfboard
+{
+    public static function buildShadowsocks($server)
+    {
+        $config = [
+            "{$server['name']}=custom",
+            "{$server['host']}",
+            "{$server['port']}",
+            "{$server['method']}",
+            "{$server['passwd']}",
+            'https://raw.githubusercontent.com/Hackl0us/proxy-tool-backup/master/SSEncrypt.module',
+            'tfo=true',
+            "udp-relay={$server['udp']}",
+        ];
+        $config = array_filter($config);
+
+        return implode(',', $config)."\r\n";
+    }
+
+    public static function buildVmess($server)
+    {
+        $config = [
+            "{$server['name']}=vmess",
+            "{$server['host']}",
+            "{$server['port']}",
+            "username={$server['uuid']}",
+            'tfo=true',
+            "udp-relay={$server['udp']}",
+        ];
+
+        if ($server['v2_tls']) {
+            $config[] = 'tls=true';
+            $config[] = "sni={$server['v2_host']}";
+        }
+        if ($server['v2_net'] === 'ws') {
+            $config[] = 'ws=true';
+            $config[] = "ws-path={$server['v2_path']}";
+            $config[] = "ws-headers=Host:{$server['v2_host']}";
+        }
+
+        return implode(',', $config)."\r\n";
+    }
+}

app/Components/Client/Surge.php

@@ -0,0 +1,63 @@
+<?php
+
+namespace App\Components\Client;
+
+class Surge
+{
+    public static function buildShadowsocks($server)
+    {
+        $config = [
+            "{$server['name']}=ss",
+            "{$server['host']}",
+            "{$server['port']}",
+            "encrypt-method={$server['method']}",
+            "password={$server['passwd']}",
+            'tfo=true',
+            "udp-relay={$server['udp']}",
+        ];
+        $config = array_filter($config);
+
+        return implode(',', $config)."\r\n";
+    }
+
+    public static function buildVmess($server)
+    {
+        $config = [
+            "{$server['name']}=vmess",
+            "{$server['host']}",
+            "{$server['port']}",
+            "username={$server['uuid']}",
+            'tfo=true',
+            "udp-relay={$server['udp']}",
+        ];
+
+        if ($server['v2_tls']) {
+            $config[] = 'tls=true';
+            $config[] = "sni={$server['v2_host']}";
+        }
+        if ($server['v2_net'] === 'ws') {
+            $config[] = 'ws=true';
+            $config[] = "ws-path={$server['v2_path']}";
+            $config[] = "ws-headers=Host:{$server['v2_host']}";
+        }
+
+        return implode(',', $config)."\r\n";
+    }
+
+    public static function buildTrojan($server)
+    {
+        $config = [
+            "{$server['name']}=trojan",
+            "{$server['host']}",
+            "{$server['port']}",
+            "password={$server['passwd']}",
+            $server['sni'] ? "sni={$server['sni']}" : '',
+            'tfo=true',
+            "udp-relay={$server['udp']}",
+        ];
+
+        $config = array_filter($config);
+
+        return implode(',', $config)."\r\n";
+    }
+}

app/Components/Client/URLSchemes.php

@@ -0,0 +1,68 @@
+<?php
+
+namespace App\Components\Client;
+
+use App\Models\Server;
+
+class URLSchemes
+{
+    public static function buildShadowsocks($server)
+    {
+        $name = rawurlencode($server['name']);
+        $str = base64url_encode("{$server['method']}:{$server['method']}");
+
+        return "ss://{$str}@{$server['host']}:{$server['port']}#{$name}\r\n";
+    }
+
+    public static function buildShadowsocksr($server)
+    {
+        $setting = "{$server['host']}:{$server['port']}:{$server['protocol']}:{$server['method']}:{$server['obfs']}:";
+
+        return 'ssr://'.base64url_encode($setting.base64url_encode($server['passwd']).'/?obfsparam='.base64url_encode($server['obfs_param']).'&protoparam='.base64url_encode($server['protocol_param']).'&remarks='.base64url_encode($server['name']).'&group='.base64url_encode($server['group']).'&udpport='.$server['udp'].'&uot=0').'\r\n';
+    }
+
+    // TODO: More study required about id usage https://shadowsocks.org/en/wiki/SIP008-Online-Configuration-Delivery.html
+    public static function buildShadowsocksSIP008($server)
+    {
+        $config = [
+            'id' => $server['id'],
+            'remark' => $server['name'],
+            'server' => $server['host'],
+            'server_port' => $server['port'],
+            'password' => $server['passwd'],
+            'method' => $server['method'],
+        ];
+
+        return $config;
+    }
+
+    public static function buildVmess($server)
+    {
+        $config = [
+            'v' => '2',
+            'ps' => $server['name'],
+            'add' => $server['host'],
+            'port' => $server['port'],
+            'id' => $server['uuid'],
+            'aid' => $server['v2_alter_id'],
+            'net' => $server['v2_net'],
+            'type' => $server['v2_type'],
+            'host' => $server['v2_host'],
+            'path' => $server['v2_path'],
+            'tls' => $server['v2_tls'],
+        ];
+
+        return 'vmess://'.base64_encode(json_encode($config))."\r\n";
+    }
+
+    public static function buildTrojan($server)
+    {
+        $name = rawurlencode($server['name']);
+        $query = '';
+        if (array_key_exists('relay_server', $server)) {
+            $query = "?sni={$server['relay_server']}";
+        }
+
+        return "trojan://{$server['passwd']}@{$server['host']}:{$server['port']}{$query}#{$name}\r\n";
+    }
+}

app/Http/Controllers/User/SubscribeController.php

@@ -2,26 +2,36 @@
 
 namespace App\Http\Controllers\User;
 
+use App\Components\Client\Clash;
+use App\Components\Client\QuantumultX;
+use App\Components\Client\Shadowrocket;
+use App\Components\Client\Surfboard;
+use App\Components\Client\Surge;
+use App\Components\Client\URLSchemes;
 use App\Components\IP;
 use App\Http\Controllers\Controller;
+use App\Models\User;
 use App\Models\UserSubscribe;
 use App\Models\UserSubscribeLog;
 use Arr;
+use File;
 use Illuminate\Http\Request;
 use Redirect;
 use Response;
+use Symfony\Component\Yaml\Yaml;
 
 class SubscribeController extends Controller
 {
     private $subType;
 
     // 通过订阅码获取订阅信息
-    public function getSubscribeByCode(Request $request, $code)
+    public function getSubscribeByCode(Request $request, string $code)
     {
         if (empty($code)) {
             return Redirect::route('login');
         }
         $this->subType = $request->input('type');
+        $target = strtolower($request->input('target') ?? (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''));
 
         // 检查订阅码是否有效
         $subscribe = UserSubscribe::whereCode($code)->first();
@@ -75,47 +85,53 @@ class SubscribeController extends Controller
             $query = $query->whereType($this->subType);
         }
 
-        $nodeList = $query->orderByDesc('sort')->orderBy('id')->get()->toArray();
+        $nodeList = $query->orderByDesc('sort')->orderBy('id')->get();
         if (empty($nodeList)) {
             return $this->failed('无可用节点');
         }
 
+        $servers = [];
+        foreach ($nodeList as $node) {
+            $servers[] = $node->config($user);
+        }
+
         // 打乱数组
         if (sysConfig('rand_subscribe')) {
-            $nodeList = Arr::shuffle($nodeList);
+            $servers = Arr::shuffle($servers);
         }
 
-        $scheme = null;
-
-        // 展示到期时间和剩余流量
-        if (sysConfig('is_custom_subscribe')) {
-            $scheme .= $this->infoGenerator('到期时间: '.$user->expired_at).$this->infoGenerator('剩余流量: '.flowAutoShow($user->transfer_enable - $user->usedTraffic()));
+        if (sysConfig('subscribe_max')) {
+            $servers = array_slice($servers, 0, (int) sysConfig('subscribe_max'));
         }
 
-        // 控制客户端最多获取节点数
-        foreach ($nodeList as $key => $node) {
-            // 控制显示的节点数
-            if (sysConfig('subscribe_max') && $key >= sysConfig('subscribe_max')) {
-                break;
+        if ($target) {
+            if (strpos($target, 'quantumult%20x') !== false) {
+                exit($this->quantumultX($user, $servers));
+            }
+            if (strpos($target, 'quantumult') !== false) {
+                exit($this->quantumult($user, $servers));
+            }
+            if (strpos($target, 'clash') !== false) {
+                exit($this->clash($servers));
+            }
+            if (strpos($target, 'surfboard') !== false) {
+                exit($this->surfboard($user, $servers));
+            }
+            if (strpos($target, 'surge') !== false) {
+                exit($this->surge($user, $servers));
+            }
+            if (strpos($target, 'shadowrocket') !== false) {
+                exit($this->shadowrocket($user, $servers));
+            }
+            if (strpos($target, 'shadowsocks') !== false) {
+                exit($this->shaodowsocksSIP008($servers));
             }
-
-            $scheme .= $this->getUserNodeInfo($user->id, $node['id'], 0).PHP_EOL;
-        }
-
-        $headers = [
-            'Content-type' => 'application/octet-stream; charset=utf-8',
-            'Cache-Control' => 'no-store, no-cache, must-revalidate',
-            //'Content-Disposition' => 'attachment; filename='.$filename
-        ];
-
-        // 适配Quantumult的自定义订阅头
-        if (sysConfig('is_custom_subscribe')) {
-            $headers['Subscription-Userinfo'] = 'upload='.$user->u.'; download='.$user->d.'; total='.$user->transfer_enable.'; expire='.strtotime($user->expired_at);
         }
-
-        return Response::make(base64url_encode($scheme), 200, $headers);
+        exit($this->origin($servers));
     }
 
+    // TODO 通过Token获取订阅信息
+
     // 抛出错误的节点信息，用于兼容防止客户端订阅失败
     private function failed($text)
     {
@@ -155,4 +171,212 @@ class SubscribeController extends Controller
         $log->request_header = $headers;
         $log->save();
     }
+
+    private function quantumultX(User $user, array $servers = []): string
+    {
+        $uri = '';
+        header("subscription-userinfo: upload={$user->u}; download={$user->d}; total={$user->transfer_enable}; expire={$user->expired_at}");
+        foreach ($servers as $server) {
+            if ($server['type'] === 'shadowsocks') {
+                $uri .= QuantumultX::buildShadowsocks($server);
+            }
+            if ($server['type'] === 'shadowsocksr') {
+                $uri .= QuantumultX::buildShadowsocksr($server);
+            }
+            if ($server['type'] === 'v2ray') {
+                $uri .= QuantumultX::buildVmess($server);
+            }
+            if ($server['type'] === 'trojan') {
+                $uri .= QuantumultX::buildTrojan($server);
+            }
+        }
+
+        return base64_encode($uri);
+    }
+
+    private function quantumult(User $user, array $servers = []): string
+    {
+        header('subscription-userinfo: upload='.$user->u.'; download='.$user->d.';total='.$user->transfer_enable).'; expire='.strtotime($user->expired_at);
+        $uri = $this->origin($servers);
+
+        return base64_encode($uri);
+    }
+
+    private function origin(array $servers = [], bool $encode = true): string
+    {
+        $uri = '';
+        foreach ($servers as $server) {
+            if ($server['type'] === 'shadowsocks') {
+                $uri .= URLSchemes::buildShadowsocks($server);
+            }
+            if ($server['type'] === 'shadowsocksr') {
+                $uri .= URLSchemes::buildShadowsocksr($server);
+            }
+            if ($server['type'] === 'v2ray') {
+                $uri .= URLSchemes::buildVmess($server);
+            }
+            if ($server['type'] === 'trojan') {
+                $uri .= URLSchemes::buildTrojan($server);
+            }
+        }
+
+        return $encode ? base64_encode($uri) : $uri;
+    }
+
+    private function clash($servers)
+    {
+        $defaultConfig = base_path().'/resources/rules/default.clash.yaml';
+        $customConfig = base_path().'/resources/rules/custom.clash.yaml';
+        if (File::exists($customConfig)) {
+            $config = Yaml::parseFile($customConfig);
+        } else {
+            $config = Yaml::parseFile($defaultConfig);
+        }
+        $proxy = [];
+        $proxies = [];
+
+        foreach ($servers as $server) {
+            if ($server['type'] === 'shadowsocks') {
+                $proxy[] = Clash::buildShadowsocks($server);
+                $proxies[] = $server['name'];
+            }
+            if ($server['type'] === 'shadowsocksr') {
+                $proxy[] = Clash::buildShadowsocksr($server);
+                $proxies[] = $server['name'];
+            }
+            if ($server['type'] === 'v2ray') {
+                $proxy[] = Clash::buildVmess($server);
+                $proxies[] = $server['name'];
+            }
+            if ($server['type'] === 'trojan') {
+                $proxy[] = Clash::buildTrojan($server);
+                $proxies[] = $server['name'];
+            }
+        }
+
+        $config['proxies'] = array_merge($config['proxies'] ?: [], $proxy);
+        foreach ($config['proxy-groups'] as $k => $v) {
+            if (! is_array($config['proxy-groups'][$k]['proxies'])) {
+                continue;
+            }
+            $config['proxy-groups'][$k]['proxies'] = array_merge($config['proxy-groups'][$k]['proxies'], $proxies);
+        }
+        $yaml = Yaml::dump($config);
+        $yaml = str_replace('$app_name', sysConfig('website_name'), $yaml);
+
+        return $yaml;
+    }
+
+    private function surfboard(User $user, array $servers = [])
+    {
+        $proxies = '';
+        $proxyGroup = '';
+
+        foreach ($servers as $server) {
+            if ($server['type'] === 'shadowsocks') {
+                // [Proxy]
+                $proxies .= Surfboard::buildShadowsocks($server);
+                // [Proxy Group]
+                $proxyGroup .= $server['name'].', ';
+            }
+            if ($server['type'] === 'v2ray') {
+                // [Proxy]
+                $proxies .= Surfboard::buildVmess($server);
+                // [Proxy Group]
+                $proxyGroup .= $server['name'].', ';
+            }
+        }
+
+        $defaultConfig = base_path().'/resources/rules/default.surfboard.conf';
+        $customConfig = base_path().'/resources/rules/custom.surfboard.conf';
+        if (File::exists($customConfig)) {
+            $config = file_get_contents("$customConfig");
+        } else {
+            $config = file_get_contents("$defaultConfig");
+        }
+
+        // Subscription link
+        $subsURL = route('sub', $user->subscribe->code);
+
+        $config = str_replace('$subs_link', $subsURL, $config);
+        $config = str_replace('$proxies', $proxies, $config);
+        $config = str_replace('$proxy_group', rtrim($proxyGroup, ', '), $config);
+
+        return $config;
+    }
+
+    private function surge(User $user, array $servers = [])
+    {
+        $proxies = '';
+        $proxyGroup = '';
+
+        foreach ($servers as $server) {
+            if ($server['type'] === 'shadowsocks') {
+                // [Proxy]
+                $proxies .= Surge::buildShadowsocks($server);
+                // [Proxy Group]
+                $proxyGroup .= $server['name'].', ';
+            }
+            if ($server['type'] === 'v2ray') {
+                // [Proxy]
+                $proxies .= Surge::buildVmess($server);
+                // [Proxy Group]
+                $proxyGroup .= $server['name'].', ';
+            }
+            if ($server['type'] === 'trojan') {
+                // [Proxy]
+                $proxies .= Surge::buildTrojan($server);
+                // [Proxy Group]
+                $proxyGroup .= $server['name'].', ';
+            }
+        }
+
+        $defaultConfig = base_path().'/resources/rules/default.surge.conf';
+        $customConfig = base_path().'/resources/rules/custom.surge.conf';
+        if (File::exists($customConfig)) {
+            $config = file_get_contents("$customConfig");
+        } else {
+            $config = file_get_contents("$defaultConfig");
+        }
+
+        // Subscription link
+        $subsURL = route('sub', $user->subscribe->code);
+
+        $config = str_replace('$subs_link', $subsURL, $config);
+        $config = str_replace('$proxies', $proxies, $config);
+        $config = str_replace('$proxy_group', rtrim($proxyGroup, ', '), $config);
+
+        return $config;
+    }
+
+    private function shadowrocket(User $user, array $servers = []): string
+    {
+        //display remaining traffic and expire date
+        $upload = flowAutoShow($user->u);
+        $download = flowAutoShow($user->d);
+        $totalTraffic = flowAutoShow($user->transfer_enable);
+        $uri = "STATUS=🚀↑:{$upload},↓:{$download},TOT:{$totalTraffic}💡Expires:{$user->expired_at}\r\n";
+        $uri .= $this->origin($servers, false);
+
+        return base64_encode($uri);
+    }
+
+    private function shaodowsocksSIP008(array $servers = []): string
+    {
+        $configs = [];
+        $subs = [];
+        $subs['servers'] = [];
+
+        foreach ($servers as $server) {
+            if ($server['type'] === 'shadowsocks') {
+                $configs[] = URLSchemes::buildShadowsocksSIP008($server);
+            }
+        }
+
+        $subs['version'] = 1;
+        $subs['remark'] = sysConfig('website_name');
+        $subs['servers'] = array_merge($subs['servers'] ?: [], $configs);
+
+        return json_encode($subs, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT);
+    }
 }

app/Models/Node.php

@@ -74,6 +74,74 @@ class Node extends Model
         return $query->whereStatus(1)->where('level', '<=', $user_level ?: 0);
     }
 
+    public function config($user)
+    {
+        $config = [
+            'name' => $this->name,
+            'host' => $this->is_relay ? $this->relay_server : ($this->server ?: $this->ip),
+            'group' => sysConfig('website_name'),
+        ];
+        switch ($this->type) {
+            case 2:
+                $config = array_merge($config, [
+                    'type' => 'v2ray',
+                    'port' => $this->is_relay ? $this->relay_port : $this->v2_port,
+                    'uuid' => $user->vmess_id,
+                    'method' => $this->v2_method,
+                    'v2_alter_id' => $this->v2_alter_id,
+                    'v2_net' => $this->v2_net,
+                    'v2_type' => $this->v2_type,
+                    'v2_host' => $this->v2_host,
+                    'v2_path' => $this->v2_path,
+                    'v2_tls' => $this->v2_tls ? 'tls' : '',
+                    'udp' => $this->is_udp,
+                ]);
+                break;
+            case 3:
+                $config = array_merge($config, [
+                    'type' => 'trojan',
+                    'port' => $this->is_relay ? $this->relay_port : $this->v2_port,
+                    'passwd' => $user->passwd,
+                    'sni' => $this->is_relay ? $this->server : '',
+                    'udp' => $this->is_udp,
+                ]);
+                break;
+            case 1:
+            case 4:
+                $config = array_merge($config, [
+                    'method' => $this->method,
+                    'protocol' => $this->protocol,
+                    'obfs' => $this->obfs,
+                    'obfs_param' => $this->obfs_param,
+                    'udp' => $this->is_udp,
+                ]);
+                if ($this->single) {
+                    //单端口使用中转的端口
+                    $config['port'] = $this->is_relay ? $this->relay_port : $this->port;
+                    $config['passwd'] = $this->passwd;
+                    $config['protocol_param'] = $user->port.':'.$user->passwd;
+                } else {
+                    $config['port'] = $user->port;
+                    $config['passwd'] = $user->passwd;
+                    $config['protocol_param'] = $this->protocol_param;
+                    if ($this->type === 1) {
+                        $config['method'] = $user->method;
+                        $config['protocol'] = $user->protocol;
+                        $config['obfs'] = $user->obfs;
+                    }
+                }
+
+                if ($this->compatible) {
+                    $config['type'] = 'shadowsocks';
+                } else {
+                    $config['type'] = 'shadowsocksr';
+                }
+                break;
+        }
+
+        return $config;
+    }
+
     public function getSpeedLimitAttribute($value)
     {
         return $value / Mbps;

composer.json

@@ -32,6 +32,8 @@
     "spatie/laravel-permission": "^3.17",
     "srmklive/paypal": "^1.7",
     "stripe/stripe-php": "^7.61",
+    "symfony/yaml": "^5.2",
+    "tymon/jwt-auth": "^1.0",
     "xhat/payjs": "^1.4",
     "zbrettonye/geetest": "^1.2",
     "zbrettonye/hcaptcha": "^1.0",

composer.lock

@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "e238ecae1978980ec9886ddabeba916d",
+    "content-hash": "04879cdf04f34417c35aebbabc2229f6",
     "packages": [
         {
             "name": "asm89/stack-cors",
@@ -1915,6 +1915,75 @@
             },
             "time": "2020-10-29T13:07:12+00:00"
         },
+        {
+            "name": "lcobucci/jwt",
+            "version": "3.3.3",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/lcobucci/jwt.git",
+                "reference": "c1123697f6a2ec29162b82f170dd4a491f524773"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/lcobucci/jwt/zipball/c1123697f6a2ec29162b82f170dd4a491f524773",
+                "reference": "c1123697f6a2ec29162b82f170dd4a491f524773",
+                "shasum": ""
+            },
+            "require": {
+                "ext-mbstring": "*",
+                "ext-openssl": "*",
+                "php": "^5.6 || ^7.0"
+            },
+            "require-dev": {
+                "mikey179/vfsstream": "~1.5",
+                "phpmd/phpmd": "~2.2",
+                "phpunit/php-invoker": "~1.1",
+                "phpunit/phpunit": "^5.7 || ^7.3",
+                "squizlabs/php_codesniffer": "~2.3"
+            },
+            "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "3.1-dev"
+                }
+            },
+            "autoload": {
+                "psr-4": {
+                    "Lcobucci\\JWT\\": "src"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "BSD-3-Clause"
+            ],
+            "authors": [
+                {
+                    "name": "Luís Otávio Cobucci Oblonczyk",
+                    "email": "lcobucci@gmail.com",
+                    "role": "Developer"
+                }
+            ],
+            "description": "A simple library to work with JSON Web Token and JSON Web Signature",
+            "keywords": [
+                "JWS",
+                "jwt"
+            ],
+            "support": {
+                "issues": "https://github.com/lcobucci/jwt/issues",
+                "source": "https://github.com/lcobucci/jwt/tree/3.3.3"
+            },
+            "funding": [
+                {
+                    "url": "https://github.com/lcobucci",
+                    "type": "github"
+                },
+                {
+                    "url": "https://www.patreon.com/lcobucci",
+                    "type": "patreon"
+                }
+            ],
+            "time": "2020-08-20T13:22:28+00:00"
+        },
         {
             "name": "league/commonmark",
             "version": "1.5.7",
@@ -2889,6 +2958,73 @@
             ],
             "time": "2020-11-14T18:14:52+00:00"
         },
+        {
+            "name": "namshi/jose",
+            "version": "7.2.3",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/namshi/jose.git",
+                "reference": "89a24d7eb3040e285dd5925fcad992378b82bcff"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/namshi/jose/zipball/89a24d7eb3040e285dd5925fcad992378b82bcff",
+                "reference": "89a24d7eb3040e285dd5925fcad992378b82bcff",
+                "shasum": ""
+            },
+            "require": {
+                "ext-date": "*",
+                "ext-hash": "*",
+                "ext-json": "*",
+                "ext-pcre": "*",
+                "ext-spl": "*",
+                "php": ">=5.5",
+                "symfony/polyfill-php56": "^1.0"
+            },
+            "require-dev": {
+                "phpseclib/phpseclib": "^2.0",
+                "phpunit/phpunit": "^4.5|^5.0",
+                "satooshi/php-coveralls": "^1.0"
+            },
+            "suggest": {
+                "ext-openssl": "Allows to use OpenSSL as crypto engine.",
+                "phpseclib/phpseclib": "Allows to use Phpseclib as crypto engine, use version ^2.0."
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Namshi\\JOSE\\": "src/Namshi/JOSE/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Alessandro Nadalin",
+                    "email": "alessandro.nadalin@gmail.com"
+                },
+                {
+                    "name": "Alessandro Cinelli (cirpo)",
+                    "email": "alessandro.cinelli@gmail.com"
+                }
+            ],
+            "description": "JSON Object Signing and Encryption library for PHP.",
+            "keywords": [
+                "JSON Web Signature",
+                "JSON Web Token",
+                "JWS",
+                "json",
+                "jwt",
+                "token"
+            ],
+            "support": {
+                "issues": "https://github.com/namshi/jose/issues",
+                "source": "https://github.com/namshi/jose/tree/master"
+            },
+            "time": "2016-12-05T07:27:31+00:00"
+        },
         {
             "name": "nesbot/carbon",
             "version": "2.42.0",
@@ -5741,6 +5877,74 @@
             ],
             "time": "2020-10-23T14:02:19+00:00"
         },
+        {
+            "name": "symfony/polyfill-php56",
+            "version": "v1.20.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/symfony/polyfill-php56.git",
+                "reference": "54b8cd7e6c1643d78d011f3be89f3ef1f9f4c675"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/symfony/polyfill-php56/zipball/54b8cd7e6c1643d78d011f3be89f3ef1f9f4c675",
+                "reference": "54b8cd7e6c1643d78d011f3be89f3ef1f9f4c675",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=7.1"
+            },
+            "type": "metapackage",
+            "extra": {
+                "branch-alias": {
+                    "dev-main": "1.20-dev"
+                },
+                "thanks": {
+                    "name": "symfony/polyfill",
+                    "url": "https://github.com/symfony/polyfill"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Nicolas Grekas",
+                    "email": "p@tchwork.com"
+                },
+                {
+                    "name": "Symfony Community",
+                    "homepage": "https://symfony.com/contributors"
+                }
+            ],
+            "description": "Symfony polyfill backporting some PHP 5.6+ features to lower PHP versions",
+            "homepage": "https://symfony.com",
+            "keywords": [
+                "compatibility",
+                "polyfill",
+                "portable",
+                "shim"
+            ],
+            "support": {
+                "source": "https://github.com/symfony/polyfill-php56/tree/v1.20.0"
+            },
+            "funding": [
+                {
+                    "url": "https://symfony.com/sponsor",
+                    "type": "custom"
+                },
+                {
+                    "url": "https://github.com/fabpot",
+                    "type": "github"
+                },
+                {
+                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
+                    "type": "tidelift"
+                }
+            ],
+            "time": "2020-10-23T14:02:19+00:00"
+        },
         {
             "name": "symfony/polyfill-php72",
             "version": "v1.20.0",
@@ -6552,6 +6756,81 @@
             ],
             "time": "2020-11-27T00:39:34+00:00"
         },
+        {
+            "name": "symfony/yaml",
+            "version": "v5.2.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/symfony/yaml.git",
+                "reference": "bb73619b2ae5121bbbcd9f191dfd53ded17ae598"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/symfony/yaml/zipball/bb73619b2ae5121bbbcd9f191dfd53ded17ae598",
+                "reference": "bb73619b2ae5121bbbcd9f191dfd53ded17ae598",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=7.2.5",
+                "symfony/deprecation-contracts": "^2.1",
+                "symfony/polyfill-ctype": "~1.8"
+            },
+            "conflict": {
+                "symfony/console": "<4.4"
+            },
+            "require-dev": {
+                "symfony/console": "^4.4|^5.0"
+            },
+            "suggest": {
+                "symfony/console": "For validating YAML files using the lint command"
+            },
+            "bin": [
+                "Resources/bin/yaml-lint"
+            ],
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Symfony\\Component\\Yaml\\": ""
+                },
+                "exclude-from-classmap": [
+                    "/Tests/"
+                ]
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Fabien Potencier",
+                    "email": "fabien@symfony.com"
+                },
+                {
+                    "name": "Symfony Community",
+                    "homepage": "https://symfony.com/contributors"
+                }
+            ],
+            "description": "Symfony Yaml Component",
+            "homepage": "https://symfony.com",
+            "support": {
+                "source": "https://github.com/symfony/yaml/tree/v5.2.0"
+            },
+            "funding": [
+                {
+                    "url": "https://symfony.com/sponsor",
+                    "type": "custom"
+                },
+                {
+                    "url": "https://github.com/fabpot",
+                    "type": "github"
+                },
+                {
+                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
+                    "type": "tidelift"
+                }
+            ],
+            "time": "2020-11-28T10:57:20+00:00"
+        },
         {
             "name": "tijsverkoyen/css-to-inline-styles",
             "version": "2.2.3",
@@ -6605,6 +6884,90 @@
             },
             "time": "2020-07-13T06:12:54+00:00"
         },
+        {
+            "name": "tymon/jwt-auth",
+            "version": "1.0.2",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/tymondesigns/jwt-auth.git",
+                "reference": "e588cb719539366c0e2f6017f975379cb73e9680"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/tymondesigns/jwt-auth/zipball/e588cb719539366c0e2f6017f975379cb73e9680",
+                "reference": "e588cb719539366c0e2f6017f975379cb73e9680",
+                "shasum": ""
+            },
+            "require": {
+                "illuminate/auth": "^5.2|^6|^7|^8",
+                "illuminate/contracts": "^5.2|^6|^7|^8",
+                "illuminate/http": "^5.2|^6|^7|^8",
+                "illuminate/support": "^5.2|^6|^7|^8",
+                "lcobucci/jwt": "<3.4",
+                "namshi/jose": "^7.0",
+                "nesbot/carbon": "^1.0|^2.0",
+                "php": "^5.5.9|^7.0"
+            },
+            "require-dev": {
+                "illuminate/console": "^5.2|^6|^7|^8",
+                "illuminate/database": "^5.2|^6|^7|^8",
+                "illuminate/routing": "^5.2|^6|^7|^8",
+                "mockery/mockery": ">=0.9.9",
+                "phpunit/phpunit": "~4.8|~6.0"
+            },
+            "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-develop": "1.0-dev"
+                },
+                "laravel": {
+                    "aliases": {
+                        "JWTAuth": "Tymon\\JWTAuth\\Facades\\JWTAuth",
+                        "JWTFactory": "Tymon\\JWTAuth\\Facades\\JWTFactory"
+                    },
+                    "providers": [
+                        "Tymon\\JWTAuth\\Providers\\LaravelServiceProvider"
+                    ]
+                }
+            },
+            "autoload": {
+                "psr-4": {
+                    "Tymon\\JWTAuth\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Sean Tymon",
+                    "email": "tymon148@gmail.com",
+                    "homepage": "https://tymon.xyz",
+                    "role": "Developer"
+                }
+            ],
+            "description": "JSON Web Token Authentication for Laravel and Lumen",
+            "homepage": "https://github.com/tymondesigns/jwt-auth",
+            "keywords": [
+                "Authentication",
+                "JSON Web Token",
+                "auth",
+                "jwt",
+                "laravel"
+            ],
+            "support": {
+                "issues": "https://github.com/tymondesigns/jwt-auth/issues",
+                "source": "https://github.com/tymondesigns/jwt-auth"
+            },
+            "funding": [
+                {
+                    "url": "https://www.patreon.com/seantymon",
+                    "type": "patreon"
+                }
+            ],
+            "time": "2020-11-27T12:32:42+00:00"
+        },
         {
             "name": "vlucas/phpdotenv",
             "version": "v4.1.8",

resources/rules/.gitignore

@@ -0,0 +1 @@
+custom.clash.yaml

resources/rules/app.clash.yaml

@@ -0,0 +1,536 @@
+port: 8890
+socks-port: 8891
+allow-lan: false
+mode: rule
+log-level: info
+external-controller: 127.0.0.1:9091
+experimental:
+  ignore-resolve-fail: true
+dns:
+  enable: true
+  # listen: 0.0.0.0:53
+  ipv6: false
+
+  default-nameserver:
+    - 223.5.5.5
+    - 119.29.29.29
+  enhanced-mode: redir-host
+  fake-ip-range: 198.18.0.1/16
+  use-hosts: true
+  nameserver:
+    - https://dns.alidns.com/dns-query
+    - https://doh.pub/dns-query
+  fallback:
+    - tls://1.0.0.1:853
+    - https://dns.google/dns-query
+  fallback-filter:
+    geoip: true
+    ipcidr:
+      - 240.0.0.0/4
+
+proxies:
+
+proxy-groups:
+  - { name: "SELECT", type: select, proxies: ["自动选择", "故障转移"] }
+  - { name: "自动选择", type: url-test, proxies: [], url: "http://www.gstatic.com/generate_204", interval: 86400 }
+  - { name: "故障转移", type: fallback, proxies: [], url: "http://www.gstatic.com/generate_204", interval: 7200 }
+
+rules:
+  # Apple
+  - DOMAIN,safebrowsing.urlsec.qq.com,DIRECT # 如果您并不信任此服务提供商或防止其下载消耗过多带宽资源，可以进入 Safari 设置，关闭 Fraudulent Website Warning 功能，并使用 REJECT 策略。
+  - DOMAIN,safebrowsing.googleapis.com,DIRECT # 如果您并不信任此服务提供商或防止其下载消耗过多带宽资源，可以进入 Safari 设置，关闭 Fraudulent Website Warning 功能，并使用 REJECT 策略。
+  - DOMAIN,ocsp.apple.com,SELECT
+  - DOMAIN-SUFFIX,digicert.com,SELECT
+  - DOMAIN-SUFFIX,entrust.net,SELECT
+  - DOMAIN,ocsp.verisign.net,SELECT
+  - DOMAIN-SUFFIX,apps.apple.com,SELECT
+  - DOMAIN,itunes.apple.com,SELECT
+  - DOMAIN-SUFFIX,blobstore.apple.com,SELECT
+  - DOMAIN-SUFFIX,music.apple.com,DIRECT
+  - DOMAIN-SUFFIX,mzstatic.com,DIRECT
+  - DOMAIN-SUFFIX,itunes.apple.com,DIRECT
+  - DOMAIN-SUFFIX,icloud.com,DIRECT
+  - DOMAIN-SUFFIX,icloud-content.com,DIRECT
+  - DOMAIN-SUFFIX,me.com,DIRECT
+  - DOMAIN-SUFFIX,mzstatic.com,DIRECT
+  - DOMAIN-SUFFIX,akadns.net,DIRECT
+  - DOMAIN-SUFFIX,aaplimg.com,DIRECT
+  - DOMAIN-SUFFIX,cdn-apple.com,DIRECT
+  - DOMAIN-SUFFIX,apple.com,DIRECT
+  - DOMAIN-SUFFIX,apple-cloudkit.com,DIRECT
+  # - DOMAIN,e.crashlytics.com,REJECT //注释此选项有助于大多数App开发者分析崩溃信息；如果您拒绝一切崩溃数据统计、搜集，请取消 # 注释。
+
+
+  # 自定义规则
+  ## 您可以在此处插入您补充的自定义规则（请注意保持缩进）
+
+  # 国内网站
+  - DOMAIN-SUFFIX,cn,DIRECT
+  - DOMAIN-KEYWORD,-cn,DIRECT
+
+  - DOMAIN-SUFFIX,126.com,DIRECT
+  - DOMAIN-SUFFIX,126.net,DIRECT
+  - DOMAIN-SUFFIX,127.net,DIRECT
+  - DOMAIN-SUFFIX,163.com,DIRECT
+  - DOMAIN-SUFFIX,360buyimg.com,DIRECT
+  - DOMAIN-SUFFIX,36kr.com,DIRECT
+  - DOMAIN-SUFFIX,acfun.tv,DIRECT
+  - DOMAIN-SUFFIX,air-matters.com,DIRECT
+  - DOMAIN-SUFFIX,aixifan.com,DIRECT
+  - DOMAIN-SUFFIX,akamaized.net,DIRECT
+  - DOMAIN-KEYWORD,alicdn,DIRECT
+  - DOMAIN-KEYWORD,alipay,DIRECT
+  - DOMAIN-KEYWORD,taobao,DIRECT
+  - DOMAIN-SUFFIX,amap.com,DIRECT
+  - DOMAIN-SUFFIX,autonavi.com,DIRECT
+  - DOMAIN-KEYWORD,baidu,DIRECT
+  - DOMAIN-SUFFIX,bdimg.com,DIRECT
+  - DOMAIN-SUFFIX,bdstatic.com,DIRECT
+  - DOMAIN-SUFFIX,bilibili.com,DIRECT
+  - DOMAIN-SUFFIX,bilivideo.com,DIRECT
+  - DOMAIN-SUFFIX,caiyunapp.com,DIRECT
+  - DOMAIN-SUFFIX,clouddn.com,DIRECT
+  - DOMAIN-SUFFIX,cnbeta.com,DIRECT
+  - DOMAIN-SUFFIX,cnbetacdn.com,DIRECT
+  - DOMAIN-SUFFIX,cootekservice.com,DIRECT
+  - DOMAIN-SUFFIX,csdn.net,DIRECT
+  - DOMAIN-SUFFIX,ctrip.com,DIRECT
+  - DOMAIN-SUFFIX,dgtle.com,DIRECT
+  - DOMAIN-SUFFIX,dianping.com,DIRECT
+  - DOMAIN-SUFFIX,douban.com,DIRECT
+  - DOMAIN-SUFFIX,doubanio.com,DIRECT
+  - DOMAIN-SUFFIX,duokan.com,DIRECT
+  - DOMAIN-SUFFIX,easou.com,DIRECT
+  - DOMAIN-SUFFIX,ele.me,DIRECT
+  - DOMAIN-SUFFIX,feng.com,DIRECT
+  - DOMAIN-SUFFIX,fir.im,DIRECT
+  - DOMAIN-SUFFIX,frdic.com,DIRECT
+  - DOMAIN-SUFFIX,g-cores.com,DIRECT
+  - DOMAIN-SUFFIX,godic.net,DIRECT
+  - DOMAIN-SUFFIX,gtimg.com,DIRECT
+  - DOMAIN,cdn.hockeyapp.net,DIRECT
+  - DOMAIN-SUFFIX,hdslb.com,DIRECT
+  - DOMAIN-SUFFIX,hongxiu.com,DIRECT
+  - DOMAIN-SUFFIX,hxcdn.net,DIRECT
+  - DOMAIN-SUFFIX,iciba.com,DIRECT
+  - DOMAIN-SUFFIX,ifeng.com,DIRECT
+  - DOMAIN-SUFFIX,ifengimg.com,DIRECT
+  - DOMAIN-SUFFIX,ipip.net,DIRECT
+  - DOMAIN-SUFFIX,iqiyi.com,DIRECT
+  - DOMAIN-SUFFIX,jd.com,DIRECT
+  - DOMAIN-SUFFIX,jianshu.com,DIRECT
+  - DOMAIN-SUFFIX,knewone.com,DIRECT
+  - DOMAIN-SUFFIX,le.com,DIRECT
+  - DOMAIN-SUFFIX,lecloud.com,DIRECT
+  - DOMAIN-SUFFIX,lemicp.com,DIRECT
+  - DOMAIN-SUFFIX,licdn.com,DIRECT
+  - DOMAIN-SUFFIX,linkedin.com,DIRECT
+  - DOMAIN-SUFFIX,luoo.net,DIRECT
+  - DOMAIN-SUFFIX,meituan.com,DIRECT
+  - DOMAIN-SUFFIX,meituan.net,DIRECT
+  - DOMAIN-SUFFIX,mi.com,DIRECT
+  - DOMAIN-SUFFIX,miaopai.com,DIRECT
+  - DOMAIN-SUFFIX,microsoft.com,DIRECT
+  - DOMAIN-SUFFIX,microsoftonline.com,DIRECT
+  - DOMAIN-SUFFIX,miui.com,DIRECT
+  - DOMAIN-SUFFIX,miwifi.com,DIRECT
+  - DOMAIN-SUFFIX,mob.com,DIRECT
+  - DOMAIN-SUFFIX,netease.com,DIRECT
+  - DOMAIN-SUFFIX,office.com,DIRECT
+  - DOMAIN-SUFFIX,office365.com,DIRECT
+  - DOMAIN-KEYWORD,officecdn,DIRECT
+  - DOMAIN-SUFFIX,oschina.net,DIRECT
+  - DOMAIN-SUFFIX,ppsimg.com,DIRECT
+  - DOMAIN-SUFFIX,pstatp.com,DIRECT
+  - DOMAIN-SUFFIX,qcloud.com,DIRECT
+  - DOMAIN-SUFFIX,qdaily.com,DIRECT
+  - DOMAIN-SUFFIX,qdmm.com,DIRECT
+  - DOMAIN-SUFFIX,qhimg.com,DIRECT
+  - DOMAIN-SUFFIX,qhres.com,DIRECT
+  - DOMAIN-SUFFIX,qidian.com,DIRECT
+  - DOMAIN-SUFFIX,qihucdn.com,DIRECT
+  - DOMAIN-SUFFIX,qiniu.com,DIRECT
+  - DOMAIN-SUFFIX,qiniucdn.com,DIRECT
+  - DOMAIN-SUFFIX,qiyipic.com,DIRECT
+  - DOMAIN-SUFFIX,qq.com,DIRECT
+  - DOMAIN-SUFFIX,qqurl.com,DIRECT
+  - DOMAIN-SUFFIX,rarbg.to,DIRECT
+  - DOMAIN-SUFFIX,ruguoapp.com,DIRECT
+  - DOMAIN-SUFFIX,segmentfault.com,DIRECT
+  - DOMAIN-SUFFIX,sinaapp.com,DIRECT
+  - DOMAIN-SUFFIX,smzdm.com,DIRECT
+  - DOMAIN-SUFFIX,snapdrop.net,DIRECT
+  - DOMAIN-SUFFIX,sogou.com,DIRECT
+  - DOMAIN-SUFFIX,sogoucdn.com,DIRECT
+  - DOMAIN-SUFFIX,sohu.com,DIRECT
+  - DOMAIN-SUFFIX,soku.com,DIRECT
+  - DOMAIN-SUFFIX,speedtest.net,DIRECT
+  - DOMAIN-SUFFIX,sspai.com,DIRECT
+  - DOMAIN-SUFFIX,suning.com,DIRECT
+  - DOMAIN-SUFFIX,taobao.com,DIRECT
+  - DOMAIN-SUFFIX,tencent.com,DIRECT
+  - DOMAIN-SUFFIX,tenpay.com,DIRECT
+  - DOMAIN-SUFFIX,tianyancha.com,DIRECT
+  - DOMAIN-SUFFIX,tmall.com,DIRECT
+  - DOMAIN-SUFFIX,tudou.com,DIRECT
+  - DOMAIN-SUFFIX,umetrip.com,DIRECT
+  - DOMAIN-SUFFIX,upaiyun.com,DIRECT
+  - DOMAIN-SUFFIX,upyun.com,DIRECT
+  - DOMAIN-SUFFIX,veryzhun.com,DIRECT
+  - DOMAIN-SUFFIX,weather.com,DIRECT
+  - DOMAIN-SUFFIX,weibo.com,DIRECT
+  - DOMAIN-SUFFIX,xiami.com,DIRECT
+  - DOMAIN-SUFFIX,xiami.net,DIRECT
+  - DOMAIN-SUFFIX,xiaomicp.com,DIRECT
+  - DOMAIN-SUFFIX,ximalaya.com,DIRECT
+  - DOMAIN-SUFFIX,xmcdn.com,DIRECT
+  - DOMAIN-SUFFIX,xunlei.com,DIRECT
+  - DOMAIN-SUFFIX,yhd.com,DIRECT
+  - DOMAIN-SUFFIX,yihaodianimg.com,DIRECT
+  - DOMAIN-SUFFIX,yinxiang.com,DIRECT
+  - DOMAIN-SUFFIX,ykimg.com,DIRECT
+  - DOMAIN-SUFFIX,youdao.com,DIRECT
+  - DOMAIN-SUFFIX,youku.com,DIRECT
+  - DOMAIN-SUFFIX,zealer.com,DIRECT
+  - DOMAIN-SUFFIX,zhihu.com,DIRECT
+  - DOMAIN-SUFFIX,zhimg.com,DIRECT
+  - DOMAIN-SUFFIX,zimuzu.tv,DIRECT
+  - DOMAIN-SUFFIX,zoho.com,DIRECT
+
+  # 抗 DNS 污染
+  - DOMAIN-KEYWORD,amazon,SELECT
+  - DOMAIN-KEYWORD,google,SELECT
+  - DOMAIN-KEYWORD,gmail,SELECT
+  - DOMAIN-KEYWORD,youtube,SELECT
+  - DOMAIN-KEYWORD,facebook,SELECT
+  - DOMAIN-SUFFIX,fb.me,SELECT
+  - DOMAIN-SUFFIX,fbcdn.net,SELECT
+  - DOMAIN-KEYWORD,twitter,SELECT
+  - DOMAIN-KEYWORD,instagram,SELECT
+  - DOMAIN-KEYWORD,dropbox,SELECT
+  - DOMAIN-SUFFIX,twimg.com,SELECT
+  - DOMAIN-KEYWORD,blogspot,SELECT
+  - DOMAIN-SUFFIX,youtu.be,SELECT
+  - DOMAIN-KEYWORD,whatsapp,SELECT
+
+  # 常见广告域名屏蔽
+  - DOMAIN-KEYWORD,admarvel,REJECT
+  - DOMAIN-KEYWORD,admaster,REJECT
+  - DOMAIN-KEYWORD,adsage,REJECT
+  - DOMAIN-KEYWORD,adsmogo,REJECT
+  - DOMAIN-KEYWORD,adsrvmedia,REJECT
+  - DOMAIN-KEYWORD,adwords,REJECT
+  - DOMAIN-KEYWORD,adservice,REJECT
+  - DOMAIN-KEYWORD,domob,REJECT
+  - DOMAIN-KEYWORD,duomeng,REJECT
+  - DOMAIN-KEYWORD,dwtrack,REJECT
+  - DOMAIN-KEYWORD,guanggao,REJECT
+  - DOMAIN-KEYWORD,lianmeng,REJECT
+  - DOMAIN-SUFFIX,mmstat.com,REJECT
+  - DOMAIN-KEYWORD,omgmta,REJECT
+  - DOMAIN-KEYWORD,openx,REJECT
+  - DOMAIN-KEYWORD,partnerad,REJECT
+  - DOMAIN-KEYWORD,pingfore,REJECT
+  - DOMAIN-KEYWORD,supersonicads,REJECT
+  - DOMAIN-KEYWORD,tracking,REJECT
+  - DOMAIN-KEYWORD,uedas,REJECT
+  - DOMAIN-KEYWORD,umeng,REJECT
+  - DOMAIN-KEYWORD,usage,REJECT
+  - DOMAIN-KEYWORD,wlmonitor,REJECT
+  - DOMAIN-KEYWORD,zjtoolbar,REJECT
+
+  # 国外网站
+  - DOMAIN-SUFFIX,9to5mac.com,SELECT
+  - DOMAIN-SUFFIX,abpchina.org,SELECT
+  - DOMAIN-SUFFIX,adblockplus.org,SELECT
+  - DOMAIN-SUFFIX,adobe.com,SELECT
+  - DOMAIN-SUFFIX,alfredapp.com,SELECT
+  - DOMAIN-SUFFIX,amplitude.com,SELECT
+  - DOMAIN-SUFFIX,ampproject.org,SELECT
+  - DOMAIN-SUFFIX,android.com,SELECT
+  - DOMAIN-SUFFIX,angularjs.org,SELECT
+  - DOMAIN-SUFFIX,aolcdn.com,SELECT
+  - DOMAIN-SUFFIX,apkpure.com,SELECT
+  - DOMAIN-SUFFIX,appledaily.com,SELECT
+  - DOMAIN-SUFFIX,appshopper.com,SELECT
+  - DOMAIN-SUFFIX,appspot.com,SELECT
+  - DOMAIN-SUFFIX,arcgis.com,SELECT
+  - DOMAIN-SUFFIX,archive.org,SELECT
+  - DOMAIN-SUFFIX,armorgames.com,SELECT
+  - DOMAIN-SUFFIX,aspnetcdn.com,SELECT
+  - DOMAIN-SUFFIX,att.com,SELECT
+  - DOMAIN-SUFFIX,awsstatic.com,SELECT
+  - DOMAIN-SUFFIX,azureedge.net,SELECT
+  - DOMAIN-SUFFIX,azurewebsites.net,SELECT
+  - DOMAIN-SUFFIX,bing.com,SELECT
+  - DOMAIN-SUFFIX,bintray.com,SELECT
+  - DOMAIN-SUFFIX,bit.com,SELECT
+  - DOMAIN-SUFFIX,bit.ly,SELECT
+  - DOMAIN-SUFFIX,bitbucket.org,SELECT
+  - DOMAIN-SUFFIX,bjango.com,SELECT
+  - DOMAIN-SUFFIX,bkrtx.com,SELECT
+  - DOMAIN-SUFFIX,blog.com,SELECT
+  - DOMAIN-SUFFIX,blogcdn.com,SELECT
+  - DOMAIN-SUFFIX,blogger.com,SELECT
+  - DOMAIN-SUFFIX,blogsmithmedia.com,SELECT
+  - DOMAIN-SUFFIX,blogspot.com,SELECT
+  - DOMAIN-SUFFIX,blogspot.hk,SELECT
+  - DOMAIN-SUFFIX,bloomberg.com,SELECT
+  - DOMAIN-SUFFIX,box.com,SELECT
+  - DOMAIN-SUFFIX,box.net,SELECT
+  - DOMAIN-SUFFIX,cachefly.net,SELECT
+  - DOMAIN-SUFFIX,chromium.org,SELECT
+  - DOMAIN-SUFFIX,cl.ly,SELECT
+  - DOMAIN-SUFFIX,cloudflare.com,SELECT
+  - DOMAIN-SUFFIX,cloudfront.net,SELECT
+  - DOMAIN-SUFFIX,cloudmagic.com,SELECT
+  - DOMAIN-SUFFIX,cmail19.com,SELECT
+  - DOMAIN-SUFFIX,cnet.com,SELECT
+  - DOMAIN-SUFFIX,cocoapods.org,SELECT
+  - DOMAIN-SUFFIX,comodoca.com,SELECT
+  - DOMAIN-SUFFIX,crashlytics.com,SELECT
+  - DOMAIN-SUFFIX,culturedcode.com,SELECT
+  - DOMAIN-SUFFIX,d.pr,SELECT
+  - DOMAIN-SUFFIX,danilo.to,SELECT
+  - DOMAIN-SUFFIX,dayone.me,SELECT
+  - DOMAIN-SUFFIX,db.tt,SELECT
+  - DOMAIN-SUFFIX,deskconnect.com,SELECT
+  - DOMAIN-SUFFIX,disq.us,SELECT
+  - DOMAIN-SUFFIX,disqus.com,SELECT
+  - DOMAIN-SUFFIX,disquscdn.com,SELECT
+  - DOMAIN-SUFFIX,dnsimple.com,SELECT
+  - DOMAIN-SUFFIX,docker.com,SELECT
+  - DOMAIN-SUFFIX,dribbble.com,SELECT
+  - DOMAIN-SUFFIX,droplr.com,SELECT
+  - DOMAIN-SUFFIX,duckduckgo.com,SELECT
+  - DOMAIN-SUFFIX,dueapp.com,SELECT
+  - DOMAIN-SUFFIX,dytt8.net,SELECT
+  - DOMAIN-SUFFIX,edgecastcdn.net,SELECT
+  - DOMAIN-SUFFIX,edgekey.net,SELECT
+  - DOMAIN-SUFFIX,edgesuite.net,SELECT
+  - DOMAIN-SUFFIX,engadget.com,SELECT
+  - DOMAIN-SUFFIX,entrust.net,SELECT
+  - DOMAIN-SUFFIX,eurekavpt.com,SELECT
+  - DOMAIN-SUFFIX,evernote.com,SELECT
+  - DOMAIN-SUFFIX,fabric.io,SELECT
+  - DOMAIN-SUFFIX,fast.com,SELECT
+  - DOMAIN-SUFFIX,fastly.net,SELECT
+  - DOMAIN-SUFFIX,fc2.com,SELECT
+  - DOMAIN-SUFFIX,feedburner.com,SELECT
+  - DOMAIN-SUFFIX,feedly.com,SELECT
+  - DOMAIN-SUFFIX,feedsportal.com,SELECT
+  - DOMAIN-SUFFIX,fiftythree.com,SELECT
+  - DOMAIN-SUFFIX,firebaseio.com,SELECT
+  - DOMAIN-SUFFIX,flexibits.com,SELECT
+  - DOMAIN-SUFFIX,flickr.com,SELECT
+  - DOMAIN-SUFFIX,flipboard.com,SELECT
+  - DOMAIN-SUFFIX,g.co,SELECT
+  - DOMAIN-SUFFIX,gabia.net,SELECT
+  - DOMAIN-SUFFIX,geni.us,SELECT
+  - DOMAIN-SUFFIX,gfx.ms,SELECT
+  - DOMAIN-SUFFIX,ggpht.com,SELECT
+  - DOMAIN-SUFFIX,ghostnoteapp.com,SELECT
+  - DOMAIN-SUFFIX,git.io,SELECT
+  - DOMAIN-KEYWORD,github,SELECT
+  - DOMAIN-SUFFIX,globalsign.com,SELECT
+  - DOMAIN-SUFFIX,gmodules.com,SELECT
+  - DOMAIN-SUFFIX,godaddy.com,SELECT
+  - DOMAIN-SUFFIX,golang.org,SELECT
+  - DOMAIN-SUFFIX,gongm.in,SELECT
+  - DOMAIN-SUFFIX,goo.gl,SELECT
+  - DOMAIN-SUFFIX,goodreaders.com,SELECT
+  - DOMAIN-SUFFIX,goodreads.com,SELECT
+  - DOMAIN-SUFFIX,gravatar.com,SELECT
+  - DOMAIN-SUFFIX,gstatic.com,SELECT
+  - DOMAIN-SUFFIX,gvt0.com,SELECT
+  - DOMAIN-SUFFIX,hockeyapp.net,SELECT
+  - DOMAIN-SUFFIX,hotmail.com,SELECT
+  - DOMAIN-SUFFIX,icons8.com,SELECT
+  - DOMAIN-SUFFIX,ifixit.com,SELECT
+  - DOMAIN-SUFFIX,ift.tt,SELECT
+  - DOMAIN-SUFFIX,ifttt.com,SELECT
+  - DOMAIN-SUFFIX,iherb.com,SELECT
+  - DOMAIN-SUFFIX,imageshack.us,SELECT
+  - DOMAIN-SUFFIX,img.ly,SELECT
+  - DOMAIN-SUFFIX,imgur.com,SELECT
+  - DOMAIN-SUFFIX,imore.com,SELECT
+  - DOMAIN-SUFFIX,instapaper.com,SELECT
+  - DOMAIN-SUFFIX,ipn.li,SELECT
+  - DOMAIN-SUFFIX,is.gd,SELECT
+  - DOMAIN-SUFFIX,issuu.com,SELECT
+  - DOMAIN-SUFFIX,itgonglun.com,SELECT
+  - DOMAIN-SUFFIX,itun.es,SELECT
+  - DOMAIN-SUFFIX,ixquick.com,SELECT
+  - DOMAIN-SUFFIX,j.mp,SELECT
+  - DOMAIN-SUFFIX,js.revsci.net,SELECT
+  - DOMAIN-SUFFIX,jshint.com,SELECT
+  - DOMAIN-SUFFIX,jtvnw.net,SELECT
+  - DOMAIN-SUFFIX,justgetflux.com,SELECT
+  - DOMAIN-SUFFIX,kat.cr,SELECT
+  - DOMAIN-SUFFIX,klip.me,SELECT
+  - DOMAIN-SUFFIX,libsyn.com,SELECT
+  - DOMAIN-SUFFIX,linode.com,SELECT
+  - DOMAIN-SUFFIX,lithium.com,SELECT
+  - DOMAIN-SUFFIX,littlehj.com,SELECT
+  - DOMAIN-SUFFIX,live.com,SELECT
+  - DOMAIN-SUFFIX,live.net,SELECT
+  - DOMAIN-SUFFIX,livefilestore.com,SELECT
+  - DOMAIN-SUFFIX,llnwd.net,SELECT
+  - DOMAIN-SUFFIX,macid.co,SELECT
+  - DOMAIN-SUFFIX,macromedia.com,SELECT
+  - DOMAIN-SUFFIX,macrumors.com,SELECT
+  - DOMAIN-SUFFIX,mashable.com,SELECT
+  - DOMAIN-SUFFIX,mathjax.org,SELECT
+  - DOMAIN-SUFFIX,medium.com,SELECT
+  - DOMAIN-SUFFIX,mega.co.nz,SELECT
+  - DOMAIN-SUFFIX,mega.nz,SELECT
+  - DOMAIN-SUFFIX,megaupload.com,SELECT
+  - DOMAIN-SUFFIX,microsofttranslator.com,SELECT
+  - DOMAIN-SUFFIX,mindnode.com,SELECT
+  - DOMAIN-SUFFIX,mobile01.com,SELECT
+  - DOMAIN-SUFFIX,modmyi.com,SELECT
+  - DOMAIN-SUFFIX,msedge.net,SELECT
+  - DOMAIN-SUFFIX,myfontastic.com,SELECT
+  - DOMAIN-SUFFIX,name.com,SELECT
+  - DOMAIN-SUFFIX,nextmedia.com,SELECT
+  - DOMAIN-SUFFIX,nsstatic.net,SELECT
+  - DOMAIN-SUFFIX,nssurge.com,SELECT
+  - DOMAIN-SUFFIX,nyt.com,SELECT
+  - DOMAIN-SUFFIX,nytimes.com,SELECT
+  - DOMAIN-SUFFIX,omnigroup.com,SELECT
+  - DOMAIN-SUFFIX,onedrive.com,SELECT
+  - DOMAIN-SUFFIX,onenote.com,SELECT
+  - DOMAIN-SUFFIX,ooyala.com,SELECT
+  - DOMAIN-SUFFIX,openvpn.net,SELECT
+  - DOMAIN-SUFFIX,openwrt.org,SELECT
+  - DOMAIN-SUFFIX,orkut.com,SELECT
+  - DOMAIN-SUFFIX,osxdaily.com,SELECT
+  - DOMAIN-SUFFIX,outlook.com,SELECT
+  - DOMAIN-SUFFIX,ow.ly,SELECT
+  - DOMAIN-SUFFIX,paddleapi.com,SELECT
+  - DOMAIN-SUFFIX,parallels.com,SELECT
+  - DOMAIN-SUFFIX,parse.com,SELECT
+  - DOMAIN-SUFFIX,pdfexpert.com,SELECT
+  - DOMAIN-SUFFIX,periscope.tv,SELECT
+  - DOMAIN-SUFFIX,pinboard.in,SELECT
+  - DOMAIN-SUFFIX,pinterest.com,SELECT
+  - DOMAIN-SUFFIX,pixelmator.com,SELECT
+  - DOMAIN-SUFFIX,pixiv.net,SELECT
+  - DOMAIN-SUFFIX,playpcesor.com,SELECT
+  - DOMAIN-SUFFIX,playstation.com,SELECT
+  - DOMAIN-SUFFIX,playstation.com.hk,SELECT
+  - DOMAIN-SUFFIX,playstation.net,SELECT
+  - DOMAIN-SUFFIX,playstationnetwork.com,SELECT
+  - DOMAIN-SUFFIX,pushwoosh.com,SELECT
+  - DOMAIN-SUFFIX,rime.im,SELECT
+  - DOMAIN-SUFFIX,servebom.com,SELECT
+  - DOMAIN-SUFFIX,sfx.ms,SELECT
+  - DOMAIN-SUFFIX,shadowsocks.org,SELECT
+  - DOMAIN-SUFFIX,sharethis.com,SELECT
+  - DOMAIN-SUFFIX,shazam.com,SELECT
+  - DOMAIN-SUFFIX,skype.com,SELECT
+  - DOMAIN-SUFFIX,smartdnsSELECT.com,SELECT
+  - DOMAIN-SUFFIX,smartmailcloud.com,SELECT
+  - DOMAIN-SUFFIX,sndcdn.com,SELECT
+  - DOMAIN-SUFFIX,sony.com,SELECT
+  - DOMAIN-SUFFIX,soundcloud.com,SELECT
+  - DOMAIN-SUFFIX,sourceforge.net,SELECT
+  - DOMAIN-SUFFIX,spotify.com,SELECT
+  - DOMAIN-SUFFIX,squarespace.com,SELECT
+  - DOMAIN-SUFFIX,sstatic.net,SELECT
+  - DOMAIN-SUFFIX,st.luluku.pw,SELECT
+  - DOMAIN-SUFFIX,stackoverflow.com,SELECT
+  - DOMAIN-SUFFIX,startpage.com,SELECT
+  - DOMAIN-SUFFIX,staticflickr.com,SELECT
+  - DOMAIN-SUFFIX,steamcommunity.com,SELECT
+  - DOMAIN-SUFFIX,symauth.com,SELECT
+  - DOMAIN-SUFFIX,symcb.com,SELECT
+  - DOMAIN-SUFFIX,symcd.com,SELECT
+  - DOMAIN-SUFFIX,tapbots.com,SELECT
+  - DOMAIN-SUFFIX,tapbots.net,SELECT
+  - DOMAIN-SUFFIX,tdesktop.com,SELECT
+  - DOMAIN-SUFFIX,techcrunch.com,SELECT
+  - DOMAIN-SUFFIX,techsmith.com,SELECT
+  - DOMAIN-SUFFIX,thepiratebay.org,SELECT
+  - DOMAIN-SUFFIX,theverge.com,SELECT
+  - DOMAIN-SUFFIX,time.com,SELECT
+  - DOMAIN-SUFFIX,timeinc.net,SELECT
+  - DOMAIN-SUFFIX,tiny.cc,SELECT
+  - DOMAIN-SUFFIX,tinypic.com,SELECT
+  - DOMAIN-SUFFIX,tmblr.co,SELECT
+  - DOMAIN-SUFFIX,todoist.com,SELECT
+  - DOMAIN-SUFFIX,trello.com,SELECT
+  - DOMAIN-SUFFIX,trustasiassl.com,SELECT
+  - DOMAIN-SUFFIX,tumblr.co,SELECT
+  - DOMAIN-SUFFIX,tumblr.com,SELECT
+  - DOMAIN-SUFFIX,tweetdeck.com,SELECT
+  - DOMAIN-SUFFIX,tweetmarker.net,SELECT
+  - DOMAIN-SUFFIX,twitch.tv,SELECT
+  - DOMAIN-SUFFIX,txmblr.com,SELECT
+  - DOMAIN-SUFFIX,typekit.net,SELECT
+  - DOMAIN-SUFFIX,ubertags.com,SELECT
+  - DOMAIN-SUFFIX,ublock.org,SELECT
+  - DOMAIN-SUFFIX,ubnt.com,SELECT
+  - DOMAIN-SUFFIX,ulyssesapp.com,SELECT
+  - DOMAIN-SUFFIX,urchin.com,SELECT
+  - DOMAIN-SUFFIX,usertrust.com,SELECT
+  - DOMAIN-SUFFIX,v.gd,SELECT
+  - DOMAIN-SUFFIX,v2ex.com,SELECT
+  - DOMAIN-SUFFIX,vimeo.com,SELECT
+  - DOMAIN-SUFFIX,vimeocdn.com,SELECT
+  - DOMAIN-SUFFIX,vine.co,SELECT
+  - DOMAIN-SUFFIX,vivaldi.com,SELECT
+  - DOMAIN-SUFFIX,vox-cdn.com,SELECT
+  - DOMAIN-SUFFIX,vsco.co,SELECT
+  - DOMAIN-SUFFIX,vultr.com,SELECT
+  - DOMAIN-SUFFIX,w.org,SELECT
+  - DOMAIN-SUFFIX,w3schools.com,SELECT
+  - DOMAIN-SUFFIX,webtype.com,SELECT
+  - DOMAIN-SUFFIX,wikiwand.com,SELECT
+  - DOMAIN-SUFFIX,wikileaks.org,SELECT
+  - DOMAIN-SUFFIX,wikimedia.org,SELECT
+  - DOMAIN-SUFFIX,wikipedia.com,SELECT
+  - DOMAIN-SUFFIX,wikipedia.org,SELECT
+  - DOMAIN-SUFFIX,windows.com,SELECT
+  - DOMAIN-SUFFIX,windows.net,SELECT
+  - DOMAIN-SUFFIX,wire.com,SELECT
+  - DOMAIN-SUFFIX,wordpress.com,SELECT
+  - DOMAIN-SUFFIX,workflowy.com,SELECT
+  - DOMAIN-SUFFIX,wp.com,SELECT
+  - DOMAIN-SUFFIX,wsj.com,SELECT
+  - DOMAIN-SUFFIX,wsj.net,SELECT
+  - DOMAIN-SUFFIX,xda-developers.com,SELECT
+  - DOMAIN-SUFFIX,xeeno.com,SELECT
+  - DOMAIN-SUFFIX,xiti.com,SELECT
+  - DOMAIN-SUFFIX,yahoo.com,SELECT
+  - DOMAIN-SUFFIX,yimg.com,SELECT
+  - DOMAIN-SUFFIX,ying.com,SELECT
+  - DOMAIN-SUFFIX,yoyo.org,SELECT
+  - DOMAIN-SUFFIX,ytimg.com,SELECT
+
+  # Telegram
+  - DOMAIN-SUFFIX,telegra.ph,SELECT
+  - DOMAIN-SUFFIX,telegram.org,SELECT
+
+  - IP-CIDR,91.108.4.0/22,SELECT,no-resolve
+  - IP-CIDR,91.108.8.0/22,SELECT,no-resolve
+  - IP-CIDR,91.108.12.0/22,SELECT,no-resolve
+  - IP-CIDR,91.108.16.0/22,SELECT,no-resolve
+  - IP-CIDR,91.108.56.0/22,SELECT,no-resolve
+  - IP-CIDR,149.154.160.0/22,SELECT,no-resolve
+  - IP-CIDR,149.154.164.0/22,SELECT,no-resolve
+  - IP-CIDR,149.154.168.0/22,SELECT,no-resolve
+  - IP-CIDR,149.154.172.0/22,SELECT,no-resolve
+
+  # LAN
+  - DOMAIN-SUFFIX,local,DIRECT
+  - IP-CIDR,127.0.0.0/8,DIRECT
+  - IP-CIDR,172.16.0.0/12,DIRECT
+  - IP-CIDR,192.168.0.0/16,DIRECT
+  - IP-CIDR,10.0.0.0/8,DIRECT
+  - IP-CIDR,17.0.0.0/8,DIRECT
+  - IP-CIDR,100.64.0.0/10,DIRECT
+
+  # 最终规则
+  - GEOIP,CN,DIRECT
+  - MATCH,SELECT

resources/rules/default.clash.yaml

@@ -0,0 +1,554 @@
+# port: 7890
+# socks-port: 7891
+# redir-port: 7892
+# tproxy-port: 7893
+mixed-port: 7890
+allow-lan: true
+bind-address: "*"
+mode: rule
+log-level: info
+external-controller: 127.0.0.1:9090
+
+dns:
+  enable: true
+  # listen: 0.0.0.0:53
+  ipv6: false
+
+  default-nameserver:
+    - 223.5.5.5
+    - 119.29.29.29
+  enhanced-mode: redir-host
+  fake-ip-range: 198.18.0.1/16
+  use-hosts: true
+  nameserver:
+    - https://doh.pub/dns-query
+  fallback:
+    - tls://1.0.0.1:853
+    - https://cloudflare-dns.com/dns-query
+    - https://dns.google/dns-query
+  fallback-filter:
+    geoip: true
+    ipcidr:
+      - 240.0.0.0/4
+      - 0.0.0.0/32
+
+proxies:
+
+proxy-groups:
+  - { name: "$app_name", type: select, proxies: ["自动选择", "故障转移"] }
+  - { name: "自动选择", type: url-test, proxies: [], url: "http://www.gstatic.com/generate_204", interval: 86400 }
+  - { name: "故障转移", type: fallback, proxies: [], url: "http://www.gstatic.com/generate_204", interval: 7200 }
+
+rules:
+  # 自定义规则
+  ## 您可以在此处插入您补充的自定义规则（请注意保持缩进）
+
+  # Apple
+  - DOMAIN,safebrowsing.urlsec.qq.com,DIRECT # 如果您并不信任此服务提供商或防止其下载消耗过多带宽资源，可以进入 Safari 设置，关闭 Fraudulent Website Warning 功能，并使用 REJECT 策略。
+  - DOMAIN,safebrowsing.googleapis.com,DIRECT # 如果您并不信任此服务提供商或防止其下载消耗过多带宽资源，可以进入 Safari 设置，关闭 Fraudulent Website Warning 功能，并使用 REJECT 策略。
+  - DOMAIN,developer.apple.com,$app_name
+  - DOMAIN-SUFFIX,digicert.com,$app_name
+  - DOMAIN,ocsp.apple.com,$app_name
+  - DOMAIN,ocsp.comodoca.com,$app_name
+  - DOMAIN,ocsp.usertrust.com,$app_name
+  - DOMAIN,ocsp.sectigo.com,$app_name
+  - DOMAIN,ocsp.verisign.net,$app_name
+  - DOMAIN-SUFFIX,apple-dns.net,$app_name
+  - DOMAIN,testflight.apple.com,$app_name
+  - DOMAIN,sandbox.itunes.apple.com,$app_name
+  - DOMAIN,itunes.apple.com,$app_name
+  - DOMAIN-SUFFIX,apps.apple.com,$app_name
+  - DOMAIN-SUFFIX,blobstore.apple.com,$app_name
+  - DOMAIN,cvws.icloud-content.com,$app_name
+  - DOMAIN-SUFFIX,mzstatic.com,DIRECT
+  - DOMAIN-SUFFIX,itunes.apple.com,DIRECT
+  - DOMAIN-SUFFIX,icloud.com,DIRECT
+  - DOMAIN-SUFFIX,icloud-content.com,DIRECT
+  - DOMAIN-SUFFIX,me.com,DIRECT
+  - DOMAIN-SUFFIX,aaplimg.com,DIRECT
+  - DOMAIN-SUFFIX,cdn20.com,DIRECT
+  - DOMAIN-SUFFIX,cdn-apple.com,DIRECT
+  - DOMAIN-SUFFIX,akadns.net,DIRECT
+  - DOMAIN-SUFFIX,akamaiedge.net,DIRECT
+  - DOMAIN-SUFFIX,edgekey.net,DIRECT
+  - DOMAIN-SUFFIX,mwcloudcdn.com,DIRECT
+  - DOMAIN-SUFFIX,mwcname.com,DIRECT
+  - DOMAIN-SUFFIX,apple.com,DIRECT
+  - DOMAIN-SUFFIX,apple-cloudkit.com,DIRECT
+  - DOMAIN-SUFFIX,apple-mapkit.com,DIRECT
+  # - DOMAIN,e.crashlytics.com,REJECT //注释此选项有助于大多数App开发者分析崩溃信息；如果您拒绝一切崩溃数据统计、搜集，请取消 # 注释。
+
+  # 国内网站
+  - DOMAIN-SUFFIX,cn,DIRECT
+  - DOMAIN-KEYWORD,-cn,DIRECT
+
+  - DOMAIN-SUFFIX,126.com,DIRECT
+  - DOMAIN-SUFFIX,126.net,DIRECT
+  - DOMAIN-SUFFIX,127.net,DIRECT
+  - DOMAIN-SUFFIX,163.com,DIRECT
+  - DOMAIN-SUFFIX,360buyimg.com,DIRECT
+  - DOMAIN-SUFFIX,36kr.com,DIRECT
+  - DOMAIN-SUFFIX,acfun.tv,DIRECT
+  - DOMAIN-SUFFIX,air-matters.com,DIRECT
+  - DOMAIN-SUFFIX,aixifan.com,DIRECT
+  - DOMAIN-KEYWORD,alicdn,DIRECT
+  - DOMAIN-KEYWORD,alipay,DIRECT
+  - DOMAIN-KEYWORD,taobao,DIRECT
+  - DOMAIN-SUFFIX,amap.com,DIRECT
+  - DOMAIN-SUFFIX,autonavi.com,DIRECT
+  - DOMAIN-KEYWORD,baidu,DIRECT
+  - DOMAIN-SUFFIX,bdimg.com,DIRECT
+  - DOMAIN-SUFFIX,bdstatic.com,DIRECT
+  - DOMAIN-SUFFIX,bilibili.com,DIRECT
+  - DOMAIN-SUFFIX,bilivideo.com,DIRECT
+  - DOMAIN-SUFFIX,caiyunapp.com,DIRECT
+  - DOMAIN-SUFFIX,clouddn.com,DIRECT
+  - DOMAIN-SUFFIX,cnbeta.com,DIRECT
+  - DOMAIN-SUFFIX,cnbetacdn.com,DIRECT
+  - DOMAIN-SUFFIX,cootekservice.com,DIRECT
+  - DOMAIN-SUFFIX,csdn.net,DIRECT
+  - DOMAIN-SUFFIX,ctrip.com,DIRECT
+  - DOMAIN-SUFFIX,dgtle.com,DIRECT
+  - DOMAIN-SUFFIX,dianping.com,DIRECT
+  - DOMAIN-SUFFIX,douban.com,DIRECT
+  - DOMAIN-SUFFIX,doubanio.com,DIRECT
+  - DOMAIN-SUFFIX,duokan.com,DIRECT
+  - DOMAIN-SUFFIX,easou.com,DIRECT
+  - DOMAIN-SUFFIX,ele.me,DIRECT
+  - DOMAIN-SUFFIX,feng.com,DIRECT
+  - DOMAIN-SUFFIX,fir.im,DIRECT
+  - DOMAIN-SUFFIX,frdic.com,DIRECT
+  - DOMAIN-SUFFIX,g-cores.com,DIRECT
+  - DOMAIN-SUFFIX,godic.net,DIRECT
+  - DOMAIN-SUFFIX,gtimg.com,DIRECT
+  - DOMAIN,cdn.hockeyapp.net,DIRECT
+  - DOMAIN-SUFFIX,hongxiu.com,DIRECT
+  - DOMAIN-SUFFIX,hxcdn.net,DIRECT
+  - DOMAIN-SUFFIX,iciba.com,DIRECT
+  - DOMAIN-SUFFIX,ifeng.com,DIRECT
+  - DOMAIN-SUFFIX,ifengimg.com,DIRECT
+  - DOMAIN-SUFFIX,ipip.net,DIRECT
+  - DOMAIN-SUFFIX,iqiyi.com,DIRECT
+  - DOMAIN-SUFFIX,jd.com,DIRECT
+  - DOMAIN-SUFFIX,jianshu.com,DIRECT
+  - DOMAIN-SUFFIX,knewone.com,DIRECT
+  - DOMAIN-SUFFIX,le.com,DIRECT
+  - DOMAIN-SUFFIX,lecloud.com,DIRECT
+  - DOMAIN-SUFFIX,lemicp.com,DIRECT
+  - DOMAIN-SUFFIX,licdn.com,DIRECT
+  - DOMAIN-SUFFIX,linkedin.com,DIRECT
+  - DOMAIN-SUFFIX,luoo.net,DIRECT
+  - DOMAIN-SUFFIX,meituan.com,DIRECT
+  - DOMAIN-SUFFIX,meituan.net,DIRECT
+  - DOMAIN-SUFFIX,mi.com,DIRECT
+  - DOMAIN-SUFFIX,miaopai.com,DIRECT
+  - DOMAIN-SUFFIX,microsoft.com,DIRECT
+  - DOMAIN-SUFFIX,microsoftonline.com,DIRECT
+  - DOMAIN-SUFFIX,miui.com,DIRECT
+  - DOMAIN-SUFFIX,miwifi.com,DIRECT
+  - DOMAIN-SUFFIX,mob.com,DIRECT
+  - DOMAIN-SUFFIX,netease.com,DIRECT
+  - DOMAIN-SUFFIX,office.com,DIRECT
+  - DOMAIN-SUFFIX,office365.com,DIRECT
+  - DOMAIN-KEYWORD,officecdn,DIRECT
+  - DOMAIN-SUFFIX,oschina.net,DIRECT
+  - DOMAIN-SUFFIX,ppsimg.com,DIRECT
+  - DOMAIN-SUFFIX,pstatp.com,DIRECT
+  - DOMAIN-SUFFIX,qcloud.com,DIRECT
+  - DOMAIN-SUFFIX,qdaily.com,DIRECT
+  - DOMAIN-SUFFIX,qdmm.com,DIRECT
+  - DOMAIN-SUFFIX,qhimg.com,DIRECT
+  - DOMAIN-SUFFIX,qhres.com,DIRECT
+  - DOMAIN-SUFFIX,qidian.com,DIRECT
+  - DOMAIN-SUFFIX,qihucdn.com,DIRECT
+  - DOMAIN-SUFFIX,qiniu.com,DIRECT
+  - DOMAIN-SUFFIX,qiniucdn.com,DIRECT
+  - DOMAIN-SUFFIX,qiyipic.com,DIRECT
+  - DOMAIN-SUFFIX,qq.com,DIRECT
+  - DOMAIN-SUFFIX,qqurl.com,DIRECT
+  - DOMAIN-SUFFIX,rarbg.to,DIRECT
+  - DOMAIN-SUFFIX,ruguoapp.com,DIRECT
+  - DOMAIN-SUFFIX,segmentfault.com,DIRECT
+  - DOMAIN-SUFFIX,sinaapp.com,DIRECT
+  - DOMAIN-SUFFIX,smzdm.com,DIRECT
+  - DOMAIN-SUFFIX,snapdrop.net,DIRECT
+  - DOMAIN-SUFFIX,sogou.com,DIRECT
+  - DOMAIN-SUFFIX,sogoucdn.com,DIRECT
+  - DOMAIN-SUFFIX,sohu.com,DIRECT
+  - DOMAIN-SUFFIX,soku.com,DIRECT
+  - DOMAIN-SUFFIX,speedtest.net,DIRECT
+  - DOMAIN-SUFFIX,sspai.com,DIRECT
+  - DOMAIN-SUFFIX,suning.com,DIRECT
+  - DOMAIN-SUFFIX,taobao.com,DIRECT
+  - DOMAIN-SUFFIX,tencent.com,DIRECT
+  - DOMAIN-SUFFIX,tenpay.com,DIRECT
+  - DOMAIN-SUFFIX,tianyancha.com,DIRECT
+  - DOMAIN-SUFFIX,tmall.com,DIRECT
+  - DOMAIN-SUFFIX,tudou.com,DIRECT
+  - DOMAIN-SUFFIX,umetrip.com,DIRECT
+  - DOMAIN-SUFFIX,upaiyun.com,DIRECT
+  - DOMAIN-SUFFIX,upyun.com,DIRECT
+  - DOMAIN-SUFFIX,veryzhun.com,DIRECT
+  - DOMAIN-SUFFIX,weather.com,DIRECT
+  - DOMAIN-SUFFIX,weibo.com,DIRECT
+  - DOMAIN-SUFFIX,xiami.com,DIRECT
+  - DOMAIN-SUFFIX,xiami.net,DIRECT
+  - DOMAIN-SUFFIX,xiaomicp.com,DIRECT
+  - DOMAIN-SUFFIX,ximalaya.com,DIRECT
+  - DOMAIN-SUFFIX,xmcdn.com,DIRECT
+  - DOMAIN-SUFFIX,xunlei.com,DIRECT
+  - DOMAIN-SUFFIX,yhd.com,DIRECT
+  - DOMAIN-SUFFIX,yihaodianimg.com,DIRECT
+  - DOMAIN-SUFFIX,yinxiang.com,DIRECT
+  - DOMAIN-SUFFIX,ykimg.com,DIRECT
+  - DOMAIN-SUFFIX,youdao.com,DIRECT
+  - DOMAIN-SUFFIX,youku.com,DIRECT
+  - DOMAIN-SUFFIX,zealer.com,DIRECT
+  - DOMAIN-SUFFIX,zhihu.com,DIRECT
+  - DOMAIN-SUFFIX,zhimg.com,DIRECT
+  - DOMAIN-SUFFIX,zimuzu.tv,DIRECT
+  - DOMAIN-SUFFIX,zoho.com,DIRECT
+
+  # 抗 DNS 污染
+  - DOMAIN-KEYWORD,amazon,$app_name
+  - DOMAIN-KEYWORD,google,$app_name
+  - DOMAIN-KEYWORD,gmail,$app_name
+  - DOMAIN-KEYWORD,youtube,$app_name
+  - DOMAIN-KEYWORD,facebook,$app_name
+  - DOMAIN-SUFFIX,fb.me,$app_name
+  - DOMAIN-SUFFIX,fbcdn.net,$app_name
+  - DOMAIN-KEYWORD,twitter,$app_name
+  - DOMAIN-KEYWORD,instagram,$app_name
+  - DOMAIN-KEYWORD,dropbox,$app_name
+  - DOMAIN-SUFFIX,twimg.com,$app_name
+  - DOMAIN-KEYWORD,blogspot,$app_name
+  - DOMAIN-SUFFIX,youtu.be,$app_name
+  - DOMAIN-KEYWORD,whatsapp,$app_name
+
+  # 常见广告域名屏蔽
+  - DOMAIN-KEYWORD,admarvel,REJECT
+  - DOMAIN-KEYWORD,admaster,REJECT
+  - DOMAIN-KEYWORD,adsage,REJECT
+  - DOMAIN-KEYWORD,adsmogo,REJECT
+  - DOMAIN-KEYWORD,adsrvmedia,REJECT
+  - DOMAIN-KEYWORD,adwords,REJECT
+  - DOMAIN-KEYWORD,adservice,REJECT
+  - DOMAIN-SUFFIX,appsflyer.com,REJECT
+  - DOMAIN-KEYWORD,domob,REJECT
+  - DOMAIN-SUFFIX,doubleclick.net,REJECT
+  - DOMAIN-KEYWORD,duomeng,REJECT
+  - DOMAIN-KEYWORD,dwtrack,REJECT
+  - DOMAIN-KEYWORD,guanggao,REJECT
+  - DOMAIN-KEYWORD,lianmeng,REJECT
+  - DOMAIN-SUFFIX,mmstat.com,REJECT
+  - DOMAIN-KEYWORD,mopub,REJECT
+  - DOMAIN-KEYWORD,omgmta,REJECT
+  - DOMAIN-KEYWORD,openx,REJECT
+  - DOMAIN-KEYWORD,partnerad,REJECT
+  - DOMAIN-KEYWORD,pingfore,REJECT
+  - DOMAIN-KEYWORD,supersonicads,REJECT
+  - DOMAIN-KEYWORD,uedas,REJECT
+  - DOMAIN-KEYWORD,umeng,REJECT
+  - DOMAIN-KEYWORD,usage,REJECT
+  - DOMAIN-SUFFIX,vungle.com,REJECT
+  - DOMAIN-KEYWORD,wlmonitor,REJECT
+  - DOMAIN-KEYWORD,zjtoolbar,REJECT
+
+  # 国外网站
+  - DOMAIN-SUFFIX,9to5mac.com,$app_name
+  - DOMAIN-SUFFIX,abpchina.org,$app_name
+  - DOMAIN-SUFFIX,adblockplus.org,$app_name
+  - DOMAIN-SUFFIX,adobe.com,$app_name
+  - DOMAIN-SUFFIX,akamaized.net,$app_name
+  - DOMAIN-SUFFIX,alfredapp.com,$app_name
+  - DOMAIN-SUFFIX,amplitude.com,$app_name
+  - DOMAIN-SUFFIX,ampproject.org,$app_name
+  - DOMAIN-SUFFIX,android.com,$app_name
+  - DOMAIN-SUFFIX,angularjs.org,$app_name
+  - DOMAIN-SUFFIX,aolcdn.com,$app_name
+  - DOMAIN-SUFFIX,apkpure.com,$app_name
+  - DOMAIN-SUFFIX,appledaily.com,$app_name
+  - DOMAIN-SUFFIX,appshopper.com,$app_name
+  - DOMAIN-SUFFIX,appspot.com,$app_name
+  - DOMAIN-SUFFIX,arcgis.com,$app_name
+  - DOMAIN-SUFFIX,archive.org,$app_name
+  - DOMAIN-SUFFIX,armorgames.com,$app_name
+  - DOMAIN-SUFFIX,aspnetcdn.com,$app_name
+  - DOMAIN-SUFFIX,att.com,$app_name
+  - DOMAIN-SUFFIX,awsstatic.com,$app_name
+  - DOMAIN-SUFFIX,azureedge.net,$app_name
+  - DOMAIN-SUFFIX,azurewebsites.net,$app_name
+  - DOMAIN-SUFFIX,bing.com,$app_name
+  - DOMAIN-SUFFIX,bintray.com,$app_name
+  - DOMAIN-SUFFIX,bit.com,$app_name
+  - DOMAIN-SUFFIX,bit.ly,$app_name
+  - DOMAIN-SUFFIX,bitbucket.org,$app_name
+  - DOMAIN-SUFFIX,bjango.com,$app_name
+  - DOMAIN-SUFFIX,bkrtx.com,$app_name
+  - DOMAIN-SUFFIX,blog.com,$app_name
+  - DOMAIN-SUFFIX,blogcdn.com,$app_name
+  - DOMAIN-SUFFIX,blogger.com,$app_name
+  - DOMAIN-SUFFIX,blogsmithmedia.com,$app_name
+  - DOMAIN-SUFFIX,blogspot.com,$app_name
+  - DOMAIN-SUFFIX,blogspot.hk,$app_name
+  - DOMAIN-SUFFIX,bloomberg.com,$app_name
+  - DOMAIN-SUFFIX,box.com,$app_name
+  - DOMAIN-SUFFIX,box.net,$app_name
+  - DOMAIN-SUFFIX,cachefly.net,$app_name
+  - DOMAIN-SUFFIX,chromium.org,$app_name
+  - DOMAIN-SUFFIX,cl.ly,$app_name
+  - DOMAIN-SUFFIX,cloudflare.com,$app_name
+  - DOMAIN-SUFFIX,cloudfront.net,$app_name
+  - DOMAIN-SUFFIX,cloudmagic.com,$app_name
+  - DOMAIN-SUFFIX,cmail19.com,$app_name
+  - DOMAIN-SUFFIX,cnet.com,$app_name
+  - DOMAIN-SUFFIX,cocoapods.org,$app_name
+  - DOMAIN-SUFFIX,comodoca.com,$app_name
+  - DOMAIN-SUFFIX,crashlytics.com,$app_name
+  - DOMAIN-SUFFIX,culturedcode.com,$app_name
+  - DOMAIN-SUFFIX,d.pr,$app_name
+  - DOMAIN-SUFFIX,danilo.to,$app_name
+  - DOMAIN-SUFFIX,dayone.me,$app_name
+  - DOMAIN-SUFFIX,db.tt,$app_name
+  - DOMAIN-SUFFIX,deskconnect.com,$app_name
+  - DOMAIN-SUFFIX,disq.us,$app_name
+  - DOMAIN-SUFFIX,disqus.com,$app_name
+  - DOMAIN-SUFFIX,disquscdn.com,$app_name
+  - DOMAIN-SUFFIX,dnsimple.com,$app_name
+  - DOMAIN-SUFFIX,docker.com,$app_name
+  - DOMAIN-SUFFIX,dribbble.com,$app_name
+  - DOMAIN-SUFFIX,droplr.com,$app_name
+  - DOMAIN-SUFFIX,duckduckgo.com,$app_name
+  - DOMAIN-SUFFIX,dueapp.com,$app_name
+  - DOMAIN-SUFFIX,dytt8.net,$app_name
+  - DOMAIN-SUFFIX,edgecastcdn.net,$app_name
+  - DOMAIN-SUFFIX,edgekey.net,$app_name
+  - DOMAIN-SUFFIX,edgesuite.net,$app_name
+  - DOMAIN-SUFFIX,engadget.com,$app_name
+  - DOMAIN-SUFFIX,entrust.net,$app_name
+  - DOMAIN-SUFFIX,eurekavpt.com,$app_name
+  - DOMAIN-SUFFIX,evernote.com,$app_name
+  - DOMAIN-SUFFIX,fabric.io,$app_name
+  - DOMAIN-SUFFIX,fast.com,$app_name
+  - DOMAIN-SUFFIX,fastly.net,$app_name
+  - DOMAIN-SUFFIX,fc2.com,$app_name
+  - DOMAIN-SUFFIX,feedburner.com,$app_name
+  - DOMAIN-SUFFIX,feedly.com,$app_name
+  - DOMAIN-SUFFIX,feedsportal.com,$app_name
+  - DOMAIN-SUFFIX,fiftythree.com,$app_name
+  - DOMAIN-SUFFIX,firebaseio.com,$app_name
+  - DOMAIN-SUFFIX,flexibits.com,$app_name
+  - DOMAIN-SUFFIX,flickr.com,$app_name
+  - DOMAIN-SUFFIX,flipboard.com,$app_name
+  - DOMAIN-SUFFIX,g.co,$app_name
+  - DOMAIN-SUFFIX,gabia.net,$app_name
+  - DOMAIN-SUFFIX,geni.us,$app_name
+  - DOMAIN-SUFFIX,gfx.ms,$app_name
+  - DOMAIN-SUFFIX,ggpht.com,$app_name
+  - DOMAIN-SUFFIX,ghostnoteapp.com,$app_name
+  - DOMAIN-SUFFIX,git.io,$app_name
+  - DOMAIN-KEYWORD,github,$app_name
+  - DOMAIN-SUFFIX,globalsign.com,$app_name
+  - DOMAIN-SUFFIX,gmodules.com,$app_name
+  - DOMAIN-SUFFIX,godaddy.com,$app_name
+  - DOMAIN-SUFFIX,golang.org,$app_name
+  - DOMAIN-SUFFIX,gongm.in,$app_name
+  - DOMAIN-SUFFIX,goo.gl,$app_name
+  - DOMAIN-SUFFIX,goodreaders.com,$app_name
+  - DOMAIN-SUFFIX,goodreads.com,$app_name
+  - DOMAIN-SUFFIX,gravatar.com,$app_name
+  - DOMAIN-SUFFIX,gstatic.com,$app_name
+  - DOMAIN-SUFFIX,gvt0.com,$app_name
+  - DOMAIN-SUFFIX,hockeyapp.net,$app_name
+  - DOMAIN-SUFFIX,hotmail.com,$app_name
+  - DOMAIN-SUFFIX,icons8.com,$app_name
+  - DOMAIN-SUFFIX,ifixit.com,$app_name
+  - DOMAIN-SUFFIX,ift.tt,$app_name
+  - DOMAIN-SUFFIX,ifttt.com,$app_name
+  - DOMAIN-SUFFIX,iherb.com,$app_name
+  - DOMAIN-SUFFIX,imageshack.us,$app_name
+  - DOMAIN-SUFFIX,img.ly,$app_name
+  - DOMAIN-SUFFIX,imgur.com,$app_name
+  - DOMAIN-SUFFIX,imore.com,$app_name
+  - DOMAIN-SUFFIX,instapaper.com,$app_name
+  - DOMAIN-SUFFIX,ipn.li,$app_name
+  - DOMAIN-SUFFIX,is.gd,$app_name
+  - DOMAIN-SUFFIX,issuu.com,$app_name
+  - DOMAIN-SUFFIX,itgonglun.com,$app_name
+  - DOMAIN-SUFFIX,itun.es,$app_name
+  - DOMAIN-SUFFIX,ixquick.com,$app_name
+  - DOMAIN-SUFFIX,j.mp,$app_name
+  - DOMAIN-SUFFIX,js.revsci.net,$app_name
+  - DOMAIN-SUFFIX,jshint.com,$app_name
+  - DOMAIN-SUFFIX,jtvnw.net,$app_name
+  - DOMAIN-SUFFIX,justgetflux.com,$app_name
+  - DOMAIN-SUFFIX,kat.cr,$app_name
+  - DOMAIN-SUFFIX,klip.me,$app_name
+  - DOMAIN-SUFFIX,libsyn.com,$app_name
+  - DOMAIN-SUFFIX,linode.com,$app_name
+  - DOMAIN-SUFFIX,lithium.com,$app_name
+  - DOMAIN-SUFFIX,littlehj.com,$app_name
+  - DOMAIN-SUFFIX,live.com,$app_name
+  - DOMAIN-SUFFIX,live.net,$app_name
+  - DOMAIN-SUFFIX,livefilestore.com,$app_name
+  - DOMAIN-SUFFIX,llnwd.net,$app_name
+  - DOMAIN-SUFFIX,macid.co,$app_name
+  - DOMAIN-SUFFIX,macromedia.com,$app_name
+  - DOMAIN-SUFFIX,macrumors.com,$app_name
+  - DOMAIN-SUFFIX,mashable.com,$app_name
+  - DOMAIN-SUFFIX,mathjax.org,$app_name
+  - DOMAIN-SUFFIX,medium.com,$app_name
+  - DOMAIN-SUFFIX,mega.co.nz,$app_name
+  - DOMAIN-SUFFIX,mega.nz,$app_name
+  - DOMAIN-SUFFIX,megaupload.com,$app_name
+  - DOMAIN-SUFFIX,microsofttranslator.com,$app_name
+  - DOMAIN-SUFFIX,mindnode.com,$app_name
+  - DOMAIN-SUFFIX,mobile01.com,$app_name
+  - DOMAIN-SUFFIX,modmyi.com,$app_name
+  - DOMAIN-SUFFIX,msedge.net,$app_name
+  - DOMAIN-SUFFIX,myfontastic.com,$app_name
+  - DOMAIN-SUFFIX,name.com,$app_name
+  - DOMAIN-SUFFIX,nextmedia.com,$app_name
+  - DOMAIN-SUFFIX,nsstatic.net,$app_name
+  - DOMAIN-SUFFIX,nssurge.com,$app_name
+  - DOMAIN-SUFFIX,nyt.com,$app_name
+  - DOMAIN-SUFFIX,nytimes.com,$app_name
+  - DOMAIN-SUFFIX,omnigroup.com,$app_name
+  - DOMAIN-SUFFIX,onedrive.com,$app_name
+  - DOMAIN-SUFFIX,onenote.com,$app_name
+  - DOMAIN-SUFFIX,ooyala.com,$app_name
+  - DOMAIN-SUFFIX,openvpn.net,$app_name
+  - DOMAIN-SUFFIX,openwrt.org,$app_name
+  - DOMAIN-SUFFIX,orkut.com,$app_name
+  - DOMAIN-SUFFIX,osxdaily.com,$app_name
+  - DOMAIN-SUFFIX,outlook.com,$app_name
+  - DOMAIN-SUFFIX,ow.ly,$app_name
+  - DOMAIN-SUFFIX,paddleapi.com,$app_name
+  - DOMAIN-SUFFIX,parallels.com,$app_name
+  - DOMAIN-SUFFIX,parse.com,$app_name
+  - DOMAIN-SUFFIX,pdfexpert.com,$app_name
+  - DOMAIN-SUFFIX,periscope.tv,$app_name
+  - DOMAIN-SUFFIX,pinboard.in,$app_name
+  - DOMAIN-SUFFIX,pinterest.com,$app_name
+  - DOMAIN-SUFFIX,pixelmator.com,$app_name
+  - DOMAIN-SUFFIX,pixiv.net,$app_name
+  - DOMAIN-SUFFIX,playpcesor.com,$app_name
+  - DOMAIN-SUFFIX,playstation.com,$app_name
+  - DOMAIN-SUFFIX,playstation.com.hk,$app_name
+  - DOMAIN-SUFFIX,playstation.net,$app_name
+  - DOMAIN-SUFFIX,playstationnetwork.com,$app_name
+  - DOMAIN-SUFFIX,pushwoosh.com,$app_name
+  - DOMAIN-SUFFIX,rime.im,$app_name
+  - DOMAIN-SUFFIX,servebom.com,$app_name
+  - DOMAIN-SUFFIX,sfx.ms,$app_name
+  - DOMAIN-SUFFIX,shadowsocks.org,$app_name
+  - DOMAIN-SUFFIX,sharethis.com,$app_name
+  - DOMAIN-SUFFIX,shazam.com,$app_name
+  - DOMAIN-SUFFIX,skype.com,$app_name
+  - DOMAIN-SUFFIX,smartdns$app_name.com,$app_name
+  - DOMAIN-SUFFIX,smartmailcloud.com,$app_name
+  - DOMAIN-SUFFIX,sndcdn.com,$app_name
+  - DOMAIN-SUFFIX,sony.com,$app_name
+  - DOMAIN-SUFFIX,soundcloud.com,$app_name
+  - DOMAIN-SUFFIX,sourceforge.net,$app_name
+  - DOMAIN-SUFFIX,spotify.com,$app_name
+  - DOMAIN-SUFFIX,squarespace.com,$app_name
+  - DOMAIN-SUFFIX,sstatic.net,$app_name
+  - DOMAIN-SUFFIX,st.luluku.pw,$app_name
+  - DOMAIN-SUFFIX,stackoverflow.com,$app_name
+  - DOMAIN-SUFFIX,startpage.com,$app_name
+  - DOMAIN-SUFFIX,staticflickr.com,$app_name
+  - DOMAIN-SUFFIX,steamcommunity.com,$app_name
+  - DOMAIN-SUFFIX,symauth.com,$app_name
+  - DOMAIN-SUFFIX,symcb.com,$app_name
+  - DOMAIN-SUFFIX,symcd.com,$app_name
+  - DOMAIN-SUFFIX,tapbots.com,$app_name
+  - DOMAIN-SUFFIX,tapbots.net,$app_name
+  - DOMAIN-SUFFIX,tdesktop.com,$app_name
+  - DOMAIN-SUFFIX,techcrunch.com,$app_name
+  - DOMAIN-SUFFIX,techsmith.com,$app_name
+  - DOMAIN-SUFFIX,thepiratebay.org,$app_name
+  - DOMAIN-SUFFIX,theverge.com,$app_name
+  - DOMAIN-SUFFIX,time.com,$app_name
+  - DOMAIN-SUFFIX,timeinc.net,$app_name
+  - DOMAIN-SUFFIX,tiny.cc,$app_name
+  - DOMAIN-SUFFIX,tinypic.com,$app_name
+  - DOMAIN-SUFFIX,tmblr.co,$app_name
+  - DOMAIN-SUFFIX,todoist.com,$app_name
+  - DOMAIN-SUFFIX,trello.com,$app_name
+  - DOMAIN-SUFFIX,trustasiassl.com,$app_name
+  - DOMAIN-SUFFIX,tumblr.co,$app_name
+  - DOMAIN-SUFFIX,tumblr.com,$app_name
+  - DOMAIN-SUFFIX,tweetdeck.com,$app_name
+  - DOMAIN-SUFFIX,tweetmarker.net,$app_name
+  - DOMAIN-SUFFIX,twitch.tv,$app_name
+  - DOMAIN-SUFFIX,txmblr.com,$app_name
+  - DOMAIN-SUFFIX,typekit.net,$app_name
+  - DOMAIN-SUFFIX,ubertags.com,$app_name
+  - DOMAIN-SUFFIX,ublock.org,$app_name
+  - DOMAIN-SUFFIX,ubnt.com,$app_name
+  - DOMAIN-SUFFIX,ulyssesapp.com,$app_name
+  - DOMAIN-SUFFIX,urchin.com,$app_name
+  - DOMAIN-SUFFIX,usertrust.com,$app_name
+  - DOMAIN-SUFFIX,v.gd,$app_name
+  - DOMAIN-SUFFIX,v2ex.com,$app_name
+  - DOMAIN-SUFFIX,vimeo.com,$app_name
+  - DOMAIN-SUFFIX,vimeocdn.com,$app_name
+  - DOMAIN-SUFFIX,vine.co,$app_name
+  - DOMAIN-SUFFIX,vivaldi.com,$app_name
+  - DOMAIN-SUFFIX,vox-cdn.com,$app_name
+  - DOMAIN-SUFFIX,vsco.co,$app_name
+  - DOMAIN-SUFFIX,vultr.com,$app_name
+  - DOMAIN-SUFFIX,w.org,$app_name
+  - DOMAIN-SUFFIX,w3schools.com,$app_name
+  - DOMAIN-SUFFIX,webtype.com,$app_name
+  - DOMAIN-SUFFIX,wikiwand.com,$app_name
+  - DOMAIN-SUFFIX,wikileaks.org,$app_name
+  - DOMAIN-SUFFIX,wikimedia.org,$app_name
+  - DOMAIN-SUFFIX,wikipedia.com,$app_name
+  - DOMAIN-SUFFIX,wikipedia.org,$app_name
+  - DOMAIN-SUFFIX,windows.com,$app_name
+  - DOMAIN-SUFFIX,windows.net,$app_name
+  - DOMAIN-SUFFIX,wire.com,$app_name
+  - DOMAIN-SUFFIX,wordpress.com,$app_name
+  - DOMAIN-SUFFIX,workflowy.com,$app_name
+  - DOMAIN-SUFFIX,wp.com,$app_name
+  - DOMAIN-SUFFIX,wsj.com,$app_name
+  - DOMAIN-SUFFIX,wsj.net,$app_name
+  - DOMAIN-SUFFIX,xda-developers.com,$app_name
+  - DOMAIN-SUFFIX,xeeno.com,$app_name
+  - DOMAIN-SUFFIX,xiti.com,$app_name
+  - DOMAIN-SUFFIX,yahoo.com,$app_name
+  - DOMAIN-SUFFIX,yimg.com,$app_name
+  - DOMAIN-SUFFIX,ying.com,$app_name
+  - DOMAIN-SUFFIX,yoyo.org,$app_name
+  - DOMAIN-SUFFIX,ytimg.com,$app_name
+
+  # Telegram
+  - DOMAIN-SUFFIX,telegra.ph,$app_name
+  - DOMAIN-SUFFIX,telegram.org,$app_name
+  - IP-CIDR,91.108.4.0/22,$app_name,no-resolve
+  - IP-CIDR,91.108.8.0/21,$app_name,no-resolve
+  - IP-CIDR,91.108.16.0/22,$app_name,no-resolve
+  - IP-CIDR,91.108.56.0/22,$app_name,no-resolve
+  - IP-CIDR,149.154.160.0/20,$app_name,no-resolve
+  - IP-CIDR6,2001:67c:4e8::/48,$app_name,no-resolve
+  - IP-CIDR6,2001:b28:f23d::/48,$app_name,no-resolve
+  - IP-CIDR6,2001:b28:f23f::/48,$app_name,no-resolve
+
+  # LAN
+  - DOMAIN,injections.adguard.org,DIRECT
+  - DOMAIN,local.adguard.org,DIRECT
+  - DOMAIN-SUFFIX,local,DIRECT
+  - IP-CIDR,127.0.0.0/8,DIRECT
+  - IP-CIDR,172.16.0.0/12,DIRECT
+  - IP-CIDR,192.168.0.0/16,DIRECT
+  - IP-CIDR,10.0.0.0/8,DIRECT
+  - IP-CIDR,17.0.0.0/8,DIRECT
+  - IP-CIDR,100.64.0.0/10,DIRECT
+  - IP-CIDR,224.0.0.0/4,DIRECT
+  - IP-CIDR6,fe80::/10,DIRECT
+
+  # 最终规则
+  - GEOIP,CN,DIRECT
+  - MATCH,$app_name

resources/rules/default.surfboard.conf

@@ -0,0 +1,543 @@
+#!MANAGED-CONFIG $subs_link interval=43200 strict=true
+
+[General]
+loglevel = notify
+interface = 127.0.0.1
+skip-proxy = localhost, *.local, injections.adguard.org, local.adguard.org, 0.0.0.0/8, 10.0.0.0/8, 17.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16, 192.88.99.0/24, 198.18.0.0/15, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 240.0.0.0/4, 255.255.255.255/32
+ipv6 = true
+dns-server = 1.2.4.8, 114.114.114.114, 223.5.5.5, 119.29.29.29
+exclude-simple-hostnames = true
+enhanced-mode-by-rule = true
+
+# Surfboard 的服务器和策略组配置方式与 Surge 类似, 可以参考 Surge 的规则配置手册: https://manual.nssurge.com/
+
+[Proxy]
+$proxies
+
+[Proxy Group]
+Proxy = select, auto, fallback, $proxy_group
+auto = url-test, $proxy_group, url=http://www.gstatic.com/generate_204, interval=43200
+fallback = fallback, $proxy_group, url=http://www.gstatic.com/generate_204, interval=43200
+
+[Rule]
+# 自定义规则
+## 您可以在这里插入自定义规则
+
+# Google Service
+DOMAIN-SUFFIX,googleapis.cn,Proxy
+DOMAIN-KEYWORD,ampproject,Proxy
+DOMAIN-SUFFIX,android.com,Proxy
+DOMAIN-SUFFIX,g.co,Proxy
+DOMAIN-SUFFIX,ggpht.com,Proxy
+DOMAIN-SUFFIX,goo.gl,Proxy
+DOMAIN-KEYWORD,gstatic,Proxy
+DOMAIN-SUFFIX,gvt0.com,Proxy
+DOMAIN-SUFFIX,gvt1.com,Proxy
+DOMAIN-SUFFIX,gvt2.com,Proxy
+DOMAIN-SUFFIX,gvt3.com,Proxy
+DOMAIN-SUFFIX,appspot.com,Proxy,force-remote-dns
+DOMAIN-KEYWORD,google,Proxy,force-remote-dns
+
+# Apple
+DOMAIN,safebrowsing.urlsec.qq.com,DIRECT
+DOMAIN,safebrowsing.googleapis.com,DIRECT
+DOMAIN,developer.apple.com,Proxy
+DOMAIN-SUFFIX,digicert.com,Proxy
+DOMAIN,ocsp.apple.com,Proxy
+DOMAIN,ocsp.comodoca.com,Proxy
+DOMAIN,ocsp.usertrust.com,Proxy
+DOMAIN,ocsp.sectigo.com,Proxy
+DOMAIN,ocsp.verisign.net,Proxy
+DOMAIN-SUFFIX,apple-dns.net,Proxy
+DOMAIN,testflight.apple.com,Proxy
+DOMAIN,sandbox.itunes.apple.com,Proxy
+DOMAIN,itunes.apple.com,Proxy
+DOMAIN-SUFFIX,apps.apple.com,Proxy
+DOMAIN-SUFFIX,blobstore.apple.com,Proxy
+DOMAIN,cvws.icloud-content.com,Proxy
+DOMAIN-SUFFIX,mzstatic.com,DIRECT
+DOMAIN-SUFFIX,itunes.apple.com,DIRECT
+DOMAIN-SUFFIX,icloud.com,DIRECT
+DOMAIN-SUFFIX,icloud-content.com,DIRECT
+DOMAIN-SUFFIX,me.com,DIRECT
+DOMAIN-SUFFIX,aaplimg.com,DIRECT
+DOMAIN-SUFFIX,cdn20.com,DIRECT
+DOMAIN-SUFFIX,cdn-apple.com,DIRECT
+DOMAIN-SUFFIX,akadns.net,DIRECT
+DOMAIN-SUFFIX,akamaiedge.net,DIRECT
+DOMAIN-SUFFIX,edgekey.net,DIRECT
+DOMAIN-SUFFIX,mwcloudcdn.com,DIRECT
+DOMAIN-SUFFIX,mwcname.com,DIRECT
+DOMAIN-SUFFIX,apple.com,DIRECT
+DOMAIN-SUFFIX,apple-cloudkit.com,DIRECT
+DOMAIN-SUFFIX,apple-mapkit.com,DIRECT
+
+# 国内网站
+DOMAIN-SUFFIX,cn,DIRECT
+DOMAIN-KEYWORD,-cn,DIRECT
+
+DOMAIN-SUFFIX,126.com,DIRECT
+DOMAIN-SUFFIX,126.net,DIRECT
+DOMAIN-SUFFIX,127.net,DIRECT
+DOMAIN-SUFFIX,163.com,DIRECT
+DOMAIN-SUFFIX,360buyimg.com,DIRECT
+DOMAIN-SUFFIX,36kr.com,DIRECT
+DOMAIN-SUFFIX,acfun.tv,DIRECT
+DOMAIN-SUFFIX,air-matters.com,DIRECT
+DOMAIN-SUFFIX,aixifan.com,DIRECT
+DOMAIN-KEYWORD,alicdn,DIRECT
+DOMAIN-KEYWORD,alipay,DIRECT
+DOMAIN-KEYWORD,taobao,DIRECT
+DOMAIN-SUFFIX,amap.com,DIRECT
+DOMAIN-SUFFIX,autonavi.com,DIRECT
+DOMAIN-KEYWORD,baidu,DIRECT
+DOMAIN-SUFFIX,bdimg.com,DIRECT
+DOMAIN-SUFFIX,bdstatic.com,DIRECT
+DOMAIN-SUFFIX,bilibili.com,DIRECT
+DOMAIN-SUFFIX,bilivideo.com,DIRECT
+DOMAIN-SUFFIX,caiyunapp.com,DIRECT
+DOMAIN-SUFFIX,clouddn.com,DIRECT
+DOMAIN-SUFFIX,cnbeta.com,DIRECT
+DOMAIN-SUFFIX,cnbetacdn.com,DIRECT
+DOMAIN-SUFFIX,cootekservice.com,DIRECT
+DOMAIN-SUFFIX,csdn.net,DIRECT
+DOMAIN-SUFFIX,ctrip.com,DIRECT
+DOMAIN-SUFFIX,dgtle.com,DIRECT
+DOMAIN-SUFFIX,dianping.com,DIRECT
+DOMAIN-SUFFIX,douban.com,DIRECT
+DOMAIN-SUFFIX,doubanio.com,DIRECT
+DOMAIN-SUFFIX,duokan.com,DIRECT
+DOMAIN-SUFFIX,easou.com,DIRECT
+DOMAIN-SUFFIX,ele.me,DIRECT
+DOMAIN-SUFFIX,feng.com,DIRECT
+DOMAIN-SUFFIX,fir.im,DIRECT
+DOMAIN-SUFFIX,frdic.com,DIRECT
+DOMAIN-SUFFIX,g-cores.com,DIRECT
+DOMAIN-SUFFIX,godic.net,DIRECT
+DOMAIN-SUFFIX,gtimg.com,DIRECT
+DOMAIN,cdn.hockeyapp.net,DIRECT
+DOMAIN-SUFFIX,hongxiu.com,DIRECT
+DOMAIN-SUFFIX,hxcdn.net,DIRECT
+DOMAIN-SUFFIX,iciba.com,DIRECT
+DOMAIN-SUFFIX,ifeng.com,DIRECT
+DOMAIN-SUFFIX,ifengimg.com,DIRECT
+DOMAIN-SUFFIX,ipip.net,DIRECT
+DOMAIN-SUFFIX,iqiyi.com,DIRECT
+DOMAIN-SUFFIX,jd.com,DIRECT
+DOMAIN-SUFFIX,jianshu.com,DIRECT
+DOMAIN-SUFFIX,knewone.com,DIRECT
+DOMAIN-SUFFIX,le.com,DIRECT
+DOMAIN-SUFFIX,lecloud.com,DIRECT
+DOMAIN-SUFFIX,lemicp.com,DIRECT
+DOMAIN-SUFFIX,licdn.com,DIRECT
+DOMAIN-SUFFIX,linkedin.com,DIRECT
+DOMAIN-SUFFIX,luoo.net,DIRECT
+DOMAIN-SUFFIX,meituan.com,DIRECT
+DOMAIN-SUFFIX,meituan.net,DIRECT
+DOMAIN-SUFFIX,mi.com,DIRECT
+DOMAIN-SUFFIX,miaopai.com,DIRECT
+DOMAIN-SUFFIX,microsoft.com,DIRECT
+DOMAIN-SUFFIX,microsoftonline.com,DIRECT
+DOMAIN-SUFFIX,miui.com,DIRECT
+DOMAIN-SUFFIX,miwifi.com,DIRECT
+DOMAIN-SUFFIX,mob.com,DIRECT
+DOMAIN-SUFFIX,netease.com,DIRECT
+DOMAIN-SUFFIX,office.com,DIRECT
+DOMAIN-KEYWORD,officecdn,DIRECT
+DOMAIN-SUFFIX,office365.com,DIRECT
+DOMAIN-SUFFIX,oschina.net,DIRECT
+DOMAIN-SUFFIX,ppsimg.com,DIRECT
+DOMAIN-SUFFIX,pstatp.com,DIRECT
+DOMAIN-SUFFIX,qcloud.com,DIRECT
+DOMAIN-SUFFIX,qdaily.com,DIRECT
+DOMAIN-SUFFIX,qdmm.com,DIRECT
+DOMAIN-SUFFIX,qhimg.com,DIRECT
+DOMAIN-SUFFIX,qhres.com,DIRECT
+DOMAIN-SUFFIX,qidian.com,DIRECT
+DOMAIN-SUFFIX,qihucdn.com,DIRECT
+DOMAIN-SUFFIX,qiniu.com,DIRECT
+DOMAIN-SUFFIX,qiniucdn.com,DIRECT
+DOMAIN-SUFFIX,qiyipic.com,DIRECT
+DOMAIN-SUFFIX,qq.com,DIRECT
+DOMAIN-SUFFIX,qqurl.com,DIRECT
+DOMAIN-SUFFIX,rarbg.to,DIRECT
+DOMAIN-SUFFIX,ruguoapp.com,DIRECT
+DOMAIN-SUFFIX,segmentfault.com,DIRECT
+DOMAIN-SUFFIX,sinaapp.com,DIRECT
+DOMAIN-SUFFIX,smzdm.com,DIRECT
+DOMAIN-SUFFIX,snapdrop.net,DIRECT
+DOMAIN-SUFFIX,sogou.com,DIRECT
+DOMAIN-SUFFIX,sogoucdn.com,DIRECT
+DOMAIN-SUFFIX,sohu.com,DIRECT
+DOMAIN-SUFFIX,soku.com,DIRECT
+DOMAIN-SUFFIX,speedtest.net,DIRECT
+DOMAIN-SUFFIX,sspai.com,DIRECT
+DOMAIN-SUFFIX,suning.com,DIRECT
+DOMAIN-SUFFIX,taobao.com,DIRECT
+DOMAIN-SUFFIX,tencent.com,DIRECT
+DOMAIN-SUFFIX,tenpay.com,DIRECT
+DOMAIN-SUFFIX,tianyancha.com,DIRECT
+DOMAIN-SUFFIX,tmall.com,DIRECT
+DOMAIN-SUFFIX,tudou.com,DIRECT
+DOMAIN-SUFFIX,umetrip.com,DIRECT
+DOMAIN-SUFFIX,upaiyun.com,DIRECT
+DOMAIN-SUFFIX,upyun.com,DIRECT
+DOMAIN-SUFFIX,veryzhun.com,DIRECT
+DOMAIN-SUFFIX,weather.com,DIRECT
+DOMAIN-SUFFIX,weibo.com,DIRECT
+DOMAIN-SUFFIX,xiami.com,DIRECT
+DOMAIN-SUFFIX,xiami.net,DIRECT
+DOMAIN-SUFFIX,xiaomicp.com,DIRECT
+DOMAIN-SUFFIX,ximalaya.com,DIRECT
+DOMAIN-SUFFIX,xmcdn.com,DIRECT
+DOMAIN-SUFFIX,xunlei.com,DIRECT
+DOMAIN-SUFFIX,yhd.com,DIRECT
+DOMAIN-SUFFIX,yihaodianimg.com,DIRECT
+DOMAIN-SUFFIX,yinxiang.com,DIRECT
+DOMAIN-SUFFIX,ykimg.com,DIRECT
+DOMAIN-SUFFIX,youdao.com,DIRECT
+DOMAIN-SUFFIX,youku.com,DIRECT
+DOMAIN-SUFFIX,zealer.com,DIRECT
+DOMAIN-SUFFIX,zhihu.com,DIRECT
+DOMAIN-SUFFIX,zhimg.com,DIRECT
+DOMAIN-SUFFIX,zimuzu.tv,DIRECT
+DOMAIN-SUFFIX,zoho.com,DIRECT
+
+# 常见广告域名屏蔽
+DOMAIN-KEYWORD,admarvel,REJECT
+DOMAIN-KEYWORD,admaster,REJECT
+DOMAIN-KEYWORD,adsage,REJECT
+DOMAIN-KEYWORD,adsmogo,REJECT
+DOMAIN-KEYWORD,adsrvmedia,REJECT
+DOMAIN-KEYWORD,adwords,REJECT
+DOMAIN-KEYWORD,adservice,REJECT
+DOMAIN-SUFFIX,appsflyer.com,REJECT
+DOMAIN-KEYWORD,domob,REJECT
+DOMAIN-SUFFIX,doubleclick.net,REJECT
+DOMAIN-KEYWORD,duomeng,REJECT
+DOMAIN-KEYWORD,dwtrack,REJECT
+DOMAIN-KEYWORD,guanggao,REJECT
+DOMAIN-KEYWORD,lianmeng,REJECT
+DOMAIN-SUFFIX,mmstat.com,REJECT
+DOMAIN-KEYWORD,mopub,REJECT
+DOMAIN-KEYWORD,omgmta,REJECT
+DOMAIN-KEYWORD,openx,REJECT
+DOMAIN-KEYWORD,partnerad,REJECT
+DOMAIN-KEYWORD,pingfore,REJECT
+DOMAIN-KEYWORD,supersonicads,REJECT
+DOMAIN-KEYWORD,uedas,REJECT
+DOMAIN-KEYWORD,umeng,REJECT
+DOMAIN-KEYWORD,usage,REJECT
+DOMAIN-SUFFIX,vungle.com,REJECT
+DOMAIN-KEYWORD,wlmonitor,REJECT
+DOMAIN-KEYWORD,zjtoolbar,REJECT
+
+# 抗 DNS 污染
+DOMAIN-KEYWORD,amazon,Proxy
+DOMAIN-KEYWORD,google,Proxy
+DOMAIN-KEYWORD,gmail,Proxy
+DOMAIN-KEYWORD,youtube,Proxy
+DOMAIN-KEYWORD,facebook,Proxy
+DOMAIN-SUFFIX,fb.me,Proxy
+DOMAIN-SUFFIX,fbcdn.net,Proxy
+DOMAIN-KEYWORD,twitter,Proxy
+DOMAIN-KEYWORD,instagram,Proxy
+DOMAIN-KEYWORD,dropbox,Proxy
+DOMAIN-SUFFIX,twimg.com,Proxy
+DOMAIN-KEYWORD,blogspot,Proxy
+DOMAIN-SUFFIX,youtu.be,Proxy
+DOMAIN-KEYWORD,whatsapp,Proxy
+
+# 国外网站
+DOMAIN-SUFFIX,9to5mac.com,Proxy
+DOMAIN-SUFFIX,abpchina.org,Proxy
+DOMAIN-SUFFIX,adblockplus.org,Proxy
+DOMAIN-SUFFIX,adobe.com,Proxy
+DOMAIN-SUFFIX,akamaized.net,Proxy
+DOMAIN-SUFFIX,alfredapp.com,Proxy
+DOMAIN-SUFFIX,amplitude.com,Proxy
+DOMAIN-SUFFIX,ampproject.org,Proxy
+DOMAIN-SUFFIX,android.com,Proxy
+DOMAIN-SUFFIX,angularjs.org,Proxy
+DOMAIN-SUFFIX,aolcdn.com,Proxy
+DOMAIN-SUFFIX,apkpure.com,Proxy
+DOMAIN-SUFFIX,appledaily.com,Proxy
+DOMAIN-SUFFIX,appshopper.com,Proxy
+DOMAIN-SUFFIX,appspot.com,Proxy
+DOMAIN-SUFFIX,arcgis.com,Proxy
+DOMAIN-SUFFIX,archive.org,Proxy
+DOMAIN-SUFFIX,armorgames.com,Proxy
+DOMAIN-SUFFIX,aspnetcdn.com,Proxy
+DOMAIN-SUFFIX,att.com,Proxy
+DOMAIN-SUFFIX,awsstatic.com,Proxy
+DOMAIN-SUFFIX,azureedge.net,Proxy
+DOMAIN-SUFFIX,azurewebsites.net,Proxy
+DOMAIN-SUFFIX,bing.com,Proxy
+DOMAIN-SUFFIX,bintray.com,Proxy
+DOMAIN-SUFFIX,bit.com,Proxy
+DOMAIN-SUFFIX,bit.ly,Proxy
+DOMAIN-SUFFIX,bitbucket.org,Proxy
+DOMAIN-SUFFIX,bjango.com,Proxy
+DOMAIN-SUFFIX,bkrtx.com,Proxy
+DOMAIN-SUFFIX,blog.com,Proxy
+DOMAIN-SUFFIX,blogcdn.com,Proxy
+DOMAIN-SUFFIX,blogger.com,Proxy
+DOMAIN-SUFFIX,blogsmithmedia.com,Proxy
+DOMAIN-SUFFIX,blogspot.com,Proxy
+DOMAIN-SUFFIX,blogspot.hk,Proxy
+DOMAIN-SUFFIX,bloomberg.com,Proxy
+DOMAIN-SUFFIX,box.com,Proxy
+DOMAIN-SUFFIX,box.net,Proxy
+DOMAIN-SUFFIX,cachefly.net,Proxy
+DOMAIN-SUFFIX,chromium.org,Proxy
+DOMAIN-SUFFIX,cl.ly,Proxy
+DOMAIN-SUFFIX,cloudflare.com,Proxy
+DOMAIN-SUFFIX,cloudfront.net,Proxy
+DOMAIN-SUFFIX,cloudmagic.com,Proxy
+DOMAIN-SUFFIX,cmail19.com,Proxy
+DOMAIN-SUFFIX,cnet.com,Proxy
+DOMAIN-SUFFIX,cocoapods.org,Proxy
+DOMAIN-SUFFIX,comodoca.com,Proxy
+DOMAIN-SUFFIX,crashlytics.com,Proxy
+DOMAIN-SUFFIX,culturedcode.com,Proxy
+DOMAIN-SUFFIX,d.pr,Proxy
+DOMAIN-SUFFIX,danilo.to,Proxy
+DOMAIN-SUFFIX,dayone.me,Proxy
+DOMAIN-SUFFIX,db.tt,Proxy
+DOMAIN-SUFFIX,deskconnect.com,Proxy
+DOMAIN-SUFFIX,disq.us,Proxy
+DOMAIN-SUFFIX,disqus.com,Proxy
+DOMAIN-SUFFIX,disquscdn.com,Proxy
+DOMAIN-SUFFIX,dnsimple.com,Proxy
+DOMAIN-SUFFIX,docker.com,Proxy
+DOMAIN-SUFFIX,dribbble.com,Proxy
+DOMAIN-SUFFIX,droplr.com,Proxy
+DOMAIN-SUFFIX,duckduckgo.com,Proxy
+DOMAIN-SUFFIX,dueapp.com,Proxy
+DOMAIN-SUFFIX,dytt8.net,Proxy
+DOMAIN-SUFFIX,edgecastcdn.net,Proxy
+DOMAIN-SUFFIX,edgekey.net,Proxy
+DOMAIN-SUFFIX,edgesuite.net,Proxy
+DOMAIN-SUFFIX,engadget.com,Proxy
+DOMAIN-SUFFIX,entrust.net,Proxy
+DOMAIN-SUFFIX,eurekavpt.com,Proxy
+DOMAIN-SUFFIX,evernote.com,Proxy
+DOMAIN-SUFFIX,fabric.io,Proxy
+DOMAIN-SUFFIX,fast.com,Proxy
+DOMAIN-SUFFIX,fastly.net,Proxy
+DOMAIN-SUFFIX,fc2.com,Proxy
+DOMAIN-SUFFIX,feedburner.com,Proxy
+DOMAIN-SUFFIX,feedly.com,Proxy
+DOMAIN-SUFFIX,feedsportal.com,Proxy
+DOMAIN-SUFFIX,fiftythree.com,Proxy
+DOMAIN-SUFFIX,firebaseio.com,Proxy
+DOMAIN-SUFFIX,flexibits.com,Proxy
+DOMAIN-SUFFIX,flickr.com,Proxy
+DOMAIN-SUFFIX,flipboard.com,Proxy
+DOMAIN-SUFFIX,g.co,Proxy
+DOMAIN-SUFFIX,gabia.net,Proxy
+DOMAIN-SUFFIX,geni.us,Proxy
+DOMAIN-SUFFIX,gfx.ms,Proxy
+DOMAIN-SUFFIX,ggpht.com,Proxy
+DOMAIN-SUFFIX,ghostnoteapp.com,Proxy
+DOMAIN-SUFFIX,git.io,Proxy
+DOMAIN-KEYWORD,github,Proxy
+DOMAIN-SUFFIX,globalsign.com,Proxy
+DOMAIN-SUFFIX,gmodules.com,Proxy
+DOMAIN-SUFFIX,godaddy.com,Proxy
+DOMAIN-SUFFIX,golang.org,Proxy
+DOMAIN-SUFFIX,gongm.in,Proxy
+DOMAIN-SUFFIX,goodreaders.com,Proxy
+DOMAIN-SUFFIX,goodreads.com,Proxy
+DOMAIN-SUFFIX,gravatar.com,Proxy
+DOMAIN-SUFFIX,hockeyapp.net,Proxy
+DOMAIN-SUFFIX,hotmail.com,Proxy
+DOMAIN-SUFFIX,icons8.com,Proxy
+DOMAIN-SUFFIX,ifixit.com,Proxy
+DOMAIN-SUFFIX,ift.tt,Proxy
+DOMAIN-SUFFIX,ifttt.com,Proxy
+DOMAIN-SUFFIX,iherb.com,Proxy
+DOMAIN-SUFFIX,imageshack.us,Proxy
+DOMAIN-SUFFIX,img.ly,Proxy
+DOMAIN-SUFFIX,imgur.com,Proxy
+DOMAIN-SUFFIX,imore.com,Proxy
+DOMAIN-SUFFIX,instapaper.com,Proxy
+DOMAIN-SUFFIX,ipn.li,Proxy
+DOMAIN-SUFFIX,is.gd,Proxy
+DOMAIN-SUFFIX,issuu.com,Proxy
+DOMAIN-SUFFIX,itgonglun.com,Proxy
+DOMAIN-SUFFIX,itun.es,Proxy
+DOMAIN-SUFFIX,ixquick.com,Proxy
+DOMAIN-SUFFIX,j.mp,Proxy
+DOMAIN-SUFFIX,js.revsci.net,Proxy
+DOMAIN-SUFFIX,jshint.com,Proxy
+DOMAIN-SUFFIX,jtvnw.net,Proxy
+DOMAIN-SUFFIX,justgetflux.com,Proxy
+DOMAIN-SUFFIX,kat.cr,Proxy
+DOMAIN-SUFFIX,klip.me,Proxy
+DOMAIN-SUFFIX,libsyn.com,Proxy
+DOMAIN-SUFFIX,linode.com,Proxy
+DOMAIN-SUFFIX,lithium.com,Proxy
+DOMAIN-SUFFIX,littlehj.com,Proxy
+DOMAIN-SUFFIX,live.com,Proxy
+DOMAIN-SUFFIX,live.net,Proxy
+DOMAIN-SUFFIX,livefilestore.com,Proxy
+DOMAIN-SUFFIX,llnwd.net,Proxy
+DOMAIN-SUFFIX,macid.co,Proxy
+DOMAIN-SUFFIX,macromedia.com,Proxy
+DOMAIN-SUFFIX,macrumors.com,Proxy
+DOMAIN-SUFFIX,mashable.com,Proxy
+DOMAIN-SUFFIX,mathjax.org,Proxy
+DOMAIN-SUFFIX,medium.com,Proxy
+DOMAIN-SUFFIX,mega.co.nz,Proxy
+DOMAIN-SUFFIX,mega.nz,Proxy
+DOMAIN-SUFFIX,megaupload.com,Proxy
+DOMAIN-SUFFIX,microsofttranslator.com,Proxy
+DOMAIN-SUFFIX,mindnode.com,Proxy
+DOMAIN-SUFFIX,mobile01.com,Proxy
+DOMAIN-SUFFIX,modmyi.com,Proxy
+DOMAIN-SUFFIX,msedge.net,Proxy
+DOMAIN-SUFFIX,myfontastic.com,Proxy
+DOMAIN-SUFFIX,name.com,Proxy
+DOMAIN-SUFFIX,nextmedia.com,Proxy
+DOMAIN-SUFFIX,nsstatic.net,Proxy
+DOMAIN-SUFFIX,nssurge.com,Proxy
+DOMAIN-SUFFIX,nyt.com,Proxy
+DOMAIN-SUFFIX,nytimes.com,Proxy
+DOMAIN-SUFFIX,omnigroup.com,Proxy
+DOMAIN-SUFFIX,onedrive.com,Proxy
+DOMAIN-SUFFIX,onenote.com,Proxy
+DOMAIN-SUFFIX,ooyala.com,Proxy
+DOMAIN-SUFFIX,openvpn.net,Proxy
+DOMAIN-SUFFIX,openwrt.org,Proxy
+DOMAIN-SUFFIX,orkut.com,Proxy
+DOMAIN-SUFFIX,osxdaily.com,Proxy
+DOMAIN-SUFFIX,outlook.com,Proxy
+DOMAIN-SUFFIX,ow.ly,Proxy
+DOMAIN-SUFFIX,paddleapi.com,Proxy
+DOMAIN-SUFFIX,parallels.com,Proxy
+DOMAIN-SUFFIX,parse.com,Proxy
+DOMAIN-SUFFIX,pdfexpert.com,Proxy
+DOMAIN-SUFFIX,periscope.tv,Proxy
+DOMAIN-SUFFIX,pinboard.in,Proxy
+DOMAIN-SUFFIX,pinterest.com,Proxy
+DOMAIN-SUFFIX,pixelmator.com,Proxy
+DOMAIN-SUFFIX,pixiv.net,Proxy
+DOMAIN-SUFFIX,playpcesor.com,Proxy
+DOMAIN-SUFFIX,playstation.com,Proxy
+DOMAIN-SUFFIX,playstation.com.hk,Proxy
+DOMAIN-SUFFIX,playstation.net,Proxy
+DOMAIN-SUFFIX,playstationnetwork.com,Proxy
+DOMAIN-SUFFIX,pushwoosh.com,Proxy
+DOMAIN-SUFFIX,rime.im,Proxy
+DOMAIN-SUFFIX,servebom.com,Proxy
+DOMAIN-SUFFIX,sfx.ms,Proxy
+DOMAIN-SUFFIX,shadowsocks.org,Proxy
+DOMAIN-SUFFIX,sharethis.com,Proxy
+DOMAIN-SUFFIX,shazam.com,Proxy
+DOMAIN-SUFFIX,skype.com,Proxy
+DOMAIN-SUFFIX,smartdnsProxy.com,Proxy
+DOMAIN-SUFFIX,smartmailcloud.com,Proxy
+DOMAIN-SUFFIX,sndcdn.com,Proxy
+DOMAIN-SUFFIX,sony.com,Proxy
+DOMAIN-SUFFIX,soundcloud.com,Proxy
+DOMAIN-SUFFIX,sourceforge.net,Proxy
+DOMAIN-SUFFIX,spotify.com,Proxy
+DOMAIN-SUFFIX,squarespace.com,Proxy
+DOMAIN-SUFFIX,sstatic.net,Proxy
+DOMAIN-SUFFIX,st.luluku.pw,Proxy
+DOMAIN-SUFFIX,stackoverflow.com,Proxy
+DOMAIN-SUFFIX,startpage.com,Proxy
+DOMAIN-SUFFIX,staticflickr.com,Proxy
+DOMAIN-SUFFIX,steamcommunity.com,Proxy
+DOMAIN-SUFFIX,symauth.com,Proxy
+DOMAIN-SUFFIX,symcb.com,Proxy
+DOMAIN-SUFFIX,symcd.com,Proxy
+DOMAIN-SUFFIX,tapbots.com,Proxy
+DOMAIN-SUFFIX,tapbots.net,Proxy
+DOMAIN-SUFFIX,tdesktop.com,Proxy
+DOMAIN-SUFFIX,techcrunch.com,Proxy
+DOMAIN-SUFFIX,techsmith.com,Proxy
+DOMAIN-SUFFIX,thepiratebay.org,Proxy
+DOMAIN-SUFFIX,theverge.com,Proxy
+DOMAIN-SUFFIX,time.com,Proxy
+DOMAIN-SUFFIX,timeinc.net,Proxy
+DOMAIN-SUFFIX,tiny.cc,Proxy
+DOMAIN-SUFFIX,tinypic.com,Proxy
+DOMAIN-SUFFIX,tmblr.co,Proxy
+DOMAIN-SUFFIX,todoist.com,Proxy
+DOMAIN-SUFFIX,trello.com,Proxy
+DOMAIN-SUFFIX,trustasiassl.com,Proxy
+DOMAIN-SUFFIX,tumblr.co,Proxy
+DOMAIN-SUFFIX,tumblr.com,Proxy
+DOMAIN-SUFFIX,tweetdeck.com,Proxy
+DOMAIN-SUFFIX,tweetmarker.net,Proxy
+DOMAIN-SUFFIX,twitch.tv,Proxy
+DOMAIN-SUFFIX,txmblr.com,Proxy
+DOMAIN-SUFFIX,typekit.net,Proxy
+DOMAIN-SUFFIX,ubertags.com,Proxy
+DOMAIN-SUFFIX,ublock.org,Proxy
+DOMAIN-SUFFIX,ubnt.com,Proxy
+DOMAIN-SUFFIX,ulyssesapp.com,Proxy
+DOMAIN-SUFFIX,urchin.com,Proxy
+DOMAIN-SUFFIX,usertrust.com,Proxy
+DOMAIN-SUFFIX,v.gd,Proxy
+DOMAIN-SUFFIX,v2ex.com,Proxy
+DOMAIN-SUFFIX,vimeo.com,Proxy
+DOMAIN-SUFFIX,vimeocdn.com,Proxy
+DOMAIN-SUFFIX,vine.co,Proxy
+DOMAIN-SUFFIX,vivaldi.com,Proxy
+DOMAIN-SUFFIX,vox-cdn.com,Proxy
+DOMAIN-SUFFIX,vsco.co,Proxy
+DOMAIN-SUFFIX,vultr.com,Proxy
+DOMAIN-SUFFIX,w.org,Proxy
+DOMAIN-SUFFIX,w3schools.com,Proxy
+DOMAIN-SUFFIX,webtype.com,Proxy
+DOMAIN-SUFFIX,wikiwand.com,Proxy
+DOMAIN-SUFFIX,wikileaks.org,Proxy
+DOMAIN-SUFFIX,wikimedia.org,Proxy
+DOMAIN-SUFFIX,wikipedia.com,Proxy
+DOMAIN-SUFFIX,wikipedia.org,Proxy
+DOMAIN-SUFFIX,windows.com,Proxy
+DOMAIN-SUFFIX,windows.net,Proxy
+DOMAIN-SUFFIX,wire.com,Proxy
+DOMAIN-SUFFIX,wordpress.com,Proxy
+DOMAIN-SUFFIX,workflowy.com,Proxy
+DOMAIN-SUFFIX,wp.com,Proxy
+DOMAIN-SUFFIX,wsj.com,Proxy
+DOMAIN-SUFFIX,wsj.net,Proxy
+DOMAIN-SUFFIX,xda-developers.com,Proxy
+DOMAIN-SUFFIX,xeeno.com,Proxy
+DOMAIN-SUFFIX,xiti.com,Proxy
+DOMAIN-SUFFIX,yahoo.com,Proxy
+DOMAIN-SUFFIX,yimg.com,Proxy
+DOMAIN-SUFFIX,ying.com,Proxy
+DOMAIN-SUFFIX,yoyo.org,Proxy
+DOMAIN-SUFFIX,ytimg.com,Proxy
+
+# Telegram
+DOMAIN-SUFFIX,telegra.ph,Proxy
+DOMAIN-SUFFIX,telegram.org,Proxy
+IP-CIDR,91.108.4.0/22,Proxy,no-resolve
+IP-CIDR,91.108.8.0/21,Proxy,no-resolve
+IP-CIDR,91.108.16.0/22,Proxy,no-resolve
+IP-CIDR,91.108.56.0/22,Proxy,no-resolve
+IP-CIDR,149.154.160.0/20,Proxy,no-resolve
+IP-CIDR6,2001:67c:4e8::/48,Proxy,no-resolve
+IP-CIDR6,2001:b28:f23d::/48,Proxy,no-resolve
+IP-CIDR6,2001:b28:f23f::/48,Proxy,no-resolve
+
+# LAN
+DOMAIN-SUFFIX,local,DIRECT
+IP-CIDR,127.0.0.0/8,DIRECT
+IP-CIDR,172.16.0.0/12,DIRECT
+IP-CIDR,192.168.0.0/16,DIRECT
+IP-CIDR,10.0.0.0/8,DIRECT
+IP-CIDR,17.0.0.0/8,DIRECT
+IP-CIDR,100.64.0.0/10,DIRECT
+IP-CIDR,224.0.0.0/4,DIRECT
+IP-CIDR6,fe80::/10,DIRECT
+
+# 最终规则
+GEOIP,CN,DIRECT
+FINAL,Proxy

resources/rules/default.surge.conf

@@ -0,0 +1,73 @@
+#!MANAGED-CONFIG $subs_link interval=43200 strict=true
+# Surge 的规则配置手册: https://manual.nssurge.com/
+
+[General]
+loglevel = notify
+# 从 Surge iOS 4 / Surge Mac 3.3.0 起，工具开始支持 DoH
+doh-server = https://doh.pub/dns-query
+# https://dns.alidns.com/dns-query, https://13800000000.rubyfish.cn/, https://dns.google/dns-query
+dns-server = 223.5.5.5, 114.114.114.114
+tun-excluded-routes = 0.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16, 192.88.99.0/24, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 255.255.255.255/32
+skip-proxy = localhost, *.local, injections.adguard.org, local.adguard.org, captive.apple.com, guzzoni.apple.com, 0.0.0.0/8, 10.0.0.0/8, 17.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16, 192.88.99.0/24, 198.18.0.0/15, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 240.0.0.0/4, 255.255.255.255/32
+
+wifi-assist = true
+allow-wifi-access = true
+wifi-access-http-port = 6152
+wifi-access-socks5-port = 6153
+http-listen = 0.0.0.0:6152
+socks5-listen = 0.0.0.0:6153
+
+external-controller-access = surgepasswd@0.0.0.0:6170
+replica = false
+
+tls-provider = openssl
+network-framework = false
+exclude-simple-hostnames = true
+ipv6 = true
+
+test-timeout = 4
+proxy-test-url = http://www.gstatic.com/generate_204
+
+[Replica]
+hide-apple-request = true
+hide-crashlytics-request = true
+use-keyword-filter = false
+hide-udp = false
+
+# -----------------------------
+# Surge 的几种策略配置规范，请参考 https://manual.nssurge.com/policy/proxy.html
+# 不同的代理策略有*很多*可选参数，请参考上方连接的 Parameters 一段，根据需求自行添加参数。
+#
+# Surge 现已支持 UDP 转发功能，请参考: https://trello.com/c/ugOMxD3u/53-udp-%E8%BD%AC%E5%8F%91
+# Surge 现已支持 TCP-Fast-Open 技术，请参考: https://trello.com/c/ij65BU6Q/48-tcp-fast-open-troubleshooting-guide
+# Surge 现已支持 ss-libev 的全部加密方式和混淆，请参考: https://trello.com/c/BTr0vG1O/47-ss-libev-%E7%9A%84%E6%94%AF%E6%8C%81%E6%83%85%E5%86%B5
+# -----------------------------
+
+[Proxy]
+$proxies
+
+[Proxy Group]
+Proxy = select, auto, fallback, $proxy_group
+auto = url-test, $proxy_group, url=http://www.gstatic.com/generate_204, interval=43200
+fallback = fallback, $proxy_group, url=http://www.gstatic.com/generate_204, interval=43200
+
+[Rule]
+# 自定义规则
+## 您可以在此处插入自定义规则
+
+# 实用规则片段集
+# RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-News.list,Proxy
+RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-proxy.list,Proxy
+RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-direct.list,DIRECT
+RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/CN.list,DIRECT
+RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/common-ad-keyword.list,REJECT-TINYGIF
+RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/foreign.list,Proxy
+RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/App/social/Telegram.list,Proxy
+RULE-SET,LAN,DIRECT
+
+# 最终规则
+GEOIP,CN,DIRECT
+FINAL,Proxy,dns-failed
+
+[URL Rewrite]
+^https?://(www.)?(g|google).cn https://www.google.com 302