default.surge.conf 4.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102
  1. #!MANAGED-CONFIG $subs_link interval=43200 strict=true
  2. # Surge 的规则配置手册: https://manual.nssurge.com/
  3. [General]
  4. loglevel = notify
  5. # 从 Surge iOS 4 / Surge Mac 3.3.0 起,工具开始支持 DoH
  6. doh-server = https://doh.pub/dns-query
  7. # https://dns.alidns.com/dns-query, https://13800000000.rubyfish.cn/, https://dns.google/dns-query
  8. dns-server = 223.5.5.5, 114.114.114.114
  9. tun-excluded-routes = 0.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16, 192.88.99.0/24, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 255.255.255.255/32
  10. skip-proxy = localhost, *.local, injections.adguard.org, local.adguard.org, captive.apple.com, guzzoni.apple.com, 0.0.0.0/8, 10.0.0.0/8, 17.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16, 192.88.99.0/24, 198.18.0.0/15, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 240.0.0.0/4, 255.255.255.255/32
  11. wifi-assist = true
  12. allow-wifi-access = true
  13. wifi-access-http-port = 6152
  14. wifi-access-socks5-port = 6153
  15. http-listen = 0.0.0.0:6152
  16. socks5-listen = 0.0.0.0:6153
  17. external-controller-access = surgepasswd@0.0.0.0:6170
  18. replica = false
  19. tls-provider = openssl
  20. network-framework = false
  21. exclude-simple-hostnames = true
  22. ipv6 = true
  23. test-timeout = 4
  24. proxy-test-url = http://www.gstatic.com/generate_204
  25. geoip-maxmind-url = https://cdn.jsdelivr.net/gh/Hackl0us/GeoIP2-CN@release/Country.mmdb
  26. [Replica]
  27. hide-apple-request = true
  28. hide-crashlytics-request = true
  29. use-keyword-filter = false
  30. hide-udp = false
  31. # -----------------------------
  32. # Surge 的几种策略配置规范,请参考 https://manual.nssurge.com/policy/proxy.html
  33. # 不同的代理策略有*很多*可选参数,请参考上方连接的 Parameters 一段,根据需求自行添加参数。
  34. #
  35. # Surge 现已支持 UDP 转发功能,请参考: https://trello.com/c/ugOMxD3u/53-udp-%E8%BD%AC%E5%8F%91
  36. # Surge 现已支持 TCP-Fast-Open 技术,请参考: https://trello.com/c/ij65BU6Q/48-tcp-fast-open-troubleshooting-guide
  37. # Surge 现已支持 ss-libev 的全部加密方式和混淆,请参考: https://trello.com/c/BTr0vG1O/47-ss-libev-%E7%9A%84%E6%94%AF%E6%8C%81%E6%83%85%E5%86%B5
  38. # -----------------------------
  39. [Proxy]
  40. $proxies
  41. [Proxy Group]
  42. Proxy = select, auto, fallback, $proxy_group
  43. auto = url-test, $proxy_group, url=http://www.gstatic.com/generate_204, interval=43200
  44. fallback = fallback, $proxy_group, url=http://www.gstatic.com/generate_204, interval=43200
  45. [Rule]
  46. # 自定义规则
  47. ## 您可以在此处插入自定义规则
  48. # 强制订阅域名直连
  49. DOMAIN,$subs_domain,DIRECT
  50. # Google 中国服务
  51. DOMAIN-SUFFIX,services.googleapis.cn,Proxy
  52. DOMAIN-SUFFIX,xn--ngstr-lra8j.com,Proxy
  53. # 实用规则片段集
  54. # RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-News.list,Proxy
  55. RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-proxy.list,Proxy
  56. RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/Apple-direct.list,DIRECT
  57. RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/CN.list,DIRECT
  58. RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/common-ad-keyword.list,REJECT-TINYGIF
  59. RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/Basic/foreign.list,Proxy
  60. RULE-SET,https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Surge/App/social/Telegram.list,Proxy
  61. # Google 中国服务 services.googleapis.cn
  62. IP-CIDR,120.232.181.162/32,Proxy,no-resolve
  63. IP-CIDR,120.241.147.226/32,Proxy,no-resolve
  64. IP-CIDR,120.253.253.226/32,Proxy,no-resolve
  65. IP-CIDR,120.253.255.162/32,Proxy,no-resolve
  66. IP-CIDR,120.253.255.34/32,Proxy,no-resolve
  67. IP-CIDR,120.253.255.98/32,Proxy,no-resolve
  68. IP-CIDR,180.163.150.162/32,Proxy,no-resolve
  69. IP-CIDR,180.163.150.34/32,Proxy,no-resolve
  70. IP-CIDR,180.163.151.162/32,Proxy,no-resolve
  71. IP-CIDR,180.163.151.34/32,Proxy,no-resolve
  72. IP-CIDR,203.208.39.0/24,Proxy,no-resolve
  73. IP-CIDR,203.208.40.0/24,Proxy,no-resolve
  74. IP-CIDR,203.208.41.0/24,Proxy,no-resolve
  75. IP-CIDR,203.208.43.0/24,Proxy,no-resolve
  76. IP-CIDR,203.208.50.0/24,Proxy,no-resolve
  77. IP-CIDR,220.181.174.162/32,Proxy,no-resolve
  78. IP-CIDR,220.181.174.226/32,Proxy,no-resolve
  79. IP-CIDR,220.181.174.34/32,Proxy,no-resolve
  80. RULE-SET,LAN,DIRECT
  81. # 最终规则
  82. GEOIP,CN,DIRECT
  83. FINAL,Proxy,dns-failed
  84. [URL Rewrite]
  85. ^https?://(www.)?(g|google).cn https://www.google.com 302