forked from Loon0x00/LoonExampleConfig
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathexample.conf
153 lines (136 loc) · 8.62 KB
/
example.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
#default configure
#Update Date: 2021.02.19 22:34:05 +0000
#author: Loon
[General]
skip-proxy = 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12,localhost,*.local,e.crashlynatics.com
bypass-tun = 10.0.0.0/8,100.64.0.0/10,127.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.0.0.0/24,192.0.2.0/24,192.88.99.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,224.0.0.0/4,255.255.255.255/32
# DNS server
dns-server = system,119.29.29.29,223.5.5.5
# Doh server, only for Wireformat
doh-server = https://example.com/dns-query
allow-udp-proxy = false
allow-wifi-access = true
wifi-access-http-port = 7222
wifi-access-socket5-port = 7221
proxy-test-url = http://www.qualcomm.cn/generate_204
test-timeout = 3
resource-parser = http://www.example.com/parser.js
ssid-trigger = SSID-DIRECT
real-ip = *.apple.com, *apple.com
[Proxy]
# 内置 DIRECT、REJECT 策略
# 内置 PROXY 指向本地节点或者订阅节点中的任何一个(有本地节点默认指向第一个本地节点,当没有本地节点但有订阅节点时,指向第一个订阅的第一个节点,本地节点和订阅节点都不存在时指向DIRECT)
#ss
ss1 = Shadowsocks,example.com,443,aes-128-gcm,"password",fast-open=false,udp=true
ss2 = Shadowsocks,example2.com,443,chacha20,"password",fast-open=true,udp=true
#ss+simple obfs
ssObfs1 = Shadowsocks,example.com,80,aes-128-gcm,"password",obfs-name=http,obfs-host=www.micsoft.com,fast-open=true,udp=true
ssObfs2 = Shadowsocks,example.com,443,aes-128-gcm,"password",obfs-name=tls,obfs-host=www.micsoft.com,fast-open=true,udp=true
#ssr
# 节点名称 = 协议,服务器地址,端口,加密方式,密码,protocol = 协议,protocol-param = 协议参数,obfs=混淆,obfs-param=混淆参数
ssr1 = ShadowsocksR,example.com,443,aes-256-cfb,"password",protocol=orig,obfs=http_simple,obfs-param=download.windows.com,fast-open=false,udp=true
ssr2 = ShadowsocksR,example.com,10076,aes-128-cfb,"password",protocol=auth_chain_a,protocol-param=9555:loon,obfs=http_post,obfs-param=download.windows.com,fast-open=false,udp=true
ssr3 = ShadowsocksR,example.com,10076,chacha20,"password",protocol=auth_aes128_md5,protocol-param=9555:loon,obfs=tls1.2_ticket_auth,obfs-param=download.windows.com,fast-open=false,udp=true
ssr4 = ShadowsocksR,example.com,10076,chacha20-ietf,"password",protocol=auth_aes128_sha1,protocol-param=9555:loon,obfs=plain,fast-open=false,udp=true
#http
http1 = http,example.com,80
http2 = http,example.com,80,username,"password"
#https
https1 = https,example.com,443
https2 = https,example.com,443,username,"password"
https3 = https,example.com,443,username,"password",skip-cert-verify=true,tls-name=example.com
#vmess+tcp
# 节点名称 = 协议,服务器地址,端口,加密方式,UUID,传输方式:(tcp/ws),path=websocket握手header中的path, host=websocket握手header中的path, over-tls=是否tls, tls-name=tls名字, skip-cert-verify=是否跳过证书校验(默认否)
vmess1 = vmess,example.com,10086,aes-128-gcm,"52396e06-041a-4cc2-be5c-8525eb457809",transport=tcp,path=/,host=v3-dy-y.ixigua.com,over-tls=false
#vmess+tcp+tls
vmess2 = vmess,example.com,10086,aes-128-gcm,"52396e06-041a-4cc2-be5c-8525eb457809",transport=tcp,path=/,host=v3-dy-y.ixigua.com,over-tls=true,tls-name=example.com,skip-cert-verify=true
#vmess+ws
vmess3 = vmess,example.com,10086,aes-128-gcm,"52396e06-041a-4cc2-be5c-8525eb457809",transport=ws,path=/,host=v3-dy-y.ixigua.com,over-tls=false
#vmess+wss
vmess4 = vmess,example.com,10086,aes-128-gcm,"52396e06-041a-4cc2-be5c-8525eb457809",transport=ws,path=/,host=v3-dy-y.ixigua.com,over-tls=true,tls-name=example.com,skip-cert-verify=true
#VLESS
vless1 = VLESS,example.com,10087,"52396e06-041a-4cc2-be5c-8525eb457809",,transport=tcp,path=/,host=v3-dy-y.ixigua.com,over-tls=false
vless2 = VLESS,example.com,10087,"52396e06-041a-4cc2-be5c-8525eb457809",transport=ws,path=/,host=v3-dy-y.ixigua.com,over-tls=true,tls-name=example.com,skip-cert-verify=true
#trojan
trojan1 = trojan,example.com,443,"password",skip-cert-verify=false,tls-name=example.com
trojan2 = trojan,example.com,443,"password",skip-cert-verify=true,tls-name=example.com
[Remote Proxy]
# 订阅节点
# 别名 = 订阅URL
Subs = https://example/server-complete.txt
Subs2 = https://example2/server-complete.txt
[Remote Filter]
# 筛选订阅节点,筛选后的结果可加入到策略组中,目前支持三种筛选方式
# NodeSelect: 使用在UI上选择的节点。
# NameKeyword: 根据提供的关键词对订阅中所有节点的名称进行筛选,使用筛选后的节点。
# NameRegex: 根据提供的正则表达式对订阅中所有节点的名称进行筛选,使用筛选后的节点。
Netflix = NodeSelect,Subs
Hulu = NameKeyword,Subs,Subs2,FilterKey = Hulu
HK = NameRegex,Subs,FilterKey = *HK
[Proxy Group]
# 节点选项
PROXY = select,Auto,1,2,3,4,Subs
# url-test模式,给提供的url发出http header请求,根据返回结果,选择测速最快的节点,默认间隔600s,测速超时时间5s,为了避免资源浪费,建议节点数不要过多,只支持单个节点和远端节点,其他会被忽略
Auto = url-test,1,2,3,4,Subs,url = http://bing.com/,interval = 600
# fallback模式,和url-test类似,不同的是会根据顺序返回第一个可用的节点,为了避免资源浪费,建议节点数不要过多,只支持单个节点和远端节点,其他会被忽略
Auto1 = fallback,1,2,3,4,Subs,url = http://bing.com/,interval = 600
# 别名 = ssid,默认 = 策略, 蜂窝 = 策略, ssid名称 = 策略
SSID = ssid, default = PROXY, cellular = DIRECT, "DivineEngine" = PROXY
#负载均衡,可选三种算法:random:随机选择策略组可用节点,round-robin:轮询策略组可用节点,pcc:在random基础上,针对相同host使用同一节点,此处url用来测试节点可用性,每隔interval进行一次测速,max-timeout参数用于筛选测试时间超过max-timeout的节点为不可用节点
LoadBalance = load-balance,node1,node2,remoteNodes, url = http://bing.com, interval = 600,algorithm = pcc, max-timeout=3000
# 广告模式
Advertising = select,REJECT,DIRECT
# 白名单模式 PROXY,黑名单模式 DIRECT
Final = select,PROXY,DIRECT
[Rule]
# Local RULE
# Type:DOMAIN-SUFFIX,DOMAIN,DOMAIN-KEYWORD,USER-AGENT,URL-REGEX,IP-CIDR
# Strategy:DIRECT,Proxy,REJECT
# Options:no-resolve(no-resolve(only for cidr))
DOMAIN,google.com,PROXY
# GeoIP China
GEOIP,CN,DIRECT
FINAL,Final
[Remote Rule]
# Remote Rule
# 订阅规则URL,策略
# PROXY
https://raw.githubusercontent.com/Loon0x00/LoonExampleConfig/master/Rule/ExampleRule.list,policy=PROXY,enabled=true
[Rewrite]
# Redirect Google Search Service
^https?:\/\/(www.)?(g|google)\.cn https://www.google.com 302
[Remote Rewrite]
# 订阅 URL Rewrite
# 订阅url,别名(可选)
https://raw.githubusercontent.com/Loon0x00/LoonExampleConfig/master/Rewrite/AutoRewrite_Example.list,tag=auto,enable=true
[Host]
#可以指定一下四种模式:
# 1、指定域名使用对应的IP地址
# 2、将域名指向另一个域名
# 3、指定域名请求DNS时使用特定的DNS服务器,格式为:google.com = server:8.8.8.8 或者 *.baidu.com = server:https://example.com/dns-query
# 4、指定具体的SSID环境下使用特定的DNS服务器
*.testflight.apple.com = server:8.8.4.4
ssid:LOON WIFI = server:system
[Script]
# http-request 处理请求的脚本
# http-response 处理请求响应的脚本
# cron 定时脚本
# network-changed 网络发生变化触发脚本
# generic 通用型脚本,可用在操作节点/策略组中,执行是会带入节点名称和策略组名称,脚本必须在开启NE时
# http-request ^https?:\/\/(www.)?(example)\.com script-path=localscript.js,tag = requestScript,enable=true
# http-response ^https?:\/\/(www.)?(example)\.com script-path=https://example.com/loon.js,timeout=10,requires-body = true,tag = responseScript,enable=true
# cron "0 8 * * *" script-path=cron.js,tag = responseScript,enable=true
network-changed script-path=https://raw.githubusercontent.com/Loon0x00/LoonExampleConfig/master/Script/netChanged.js, tag=changeModel,enable=true
generic script-path=https://raw.githubusercontent.com/Loon0x00/LoonExampleConfig/master/Script/generic_example.js,tag=GeoLocation,timeout=10,img-url=location.fill.viewfinder.system
[Remote Script]
# https://example.com/loon.js, tag=scripts, enable=true
[Plugin]
# plugin-url tag=tag,proxy=插件中PROXY所指向的策略,enable=true
# plugin策略可设置为DIRECT,REJECT,PROXY,其中PROXY为用户在app中手动映射的策略,rule后不跟随策略默认使用PROXY
# example: https://raw.githubusercontent.com/Loon0x00/LoonExampleConfig/master/Rewrite/AutoRewrite_Example.list,tag=boxjs,enable=true
[MITM]
hostname = *.example.com,*.sample.com
enable = true
skip-server-cert-verify = true
#ca-p12 =
#ca-passphrase =