From 0852866608749c37e5452c4c84241694be88283a Mon Sep 17 00:00:00 2001 From: loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com> Date: Fri, 30 Oct 2020 07:06:58 +0800 Subject: [PATCH] Add blacklist mode --- .github/workflows/run.yml | 20 ++++++- README.md | 109 ++++++++++++++++++++++++++++++++++++-- 2 files changed, 123 insertions(+), 6 deletions(-) diff --git a/.github/workflows/run.yml b/.github/workflows/run.yml index c93aa5c..5d922df 100644 --- a/.github/workflows/run.yml +++ b/.github/workflows/run.yml @@ -17,9 +17,12 @@ jobs: echo "RELEASE_NAME=Released on $(date +%Y%m%d%H%M)" >> $GITHUB_ENV echo "TAG_NAME=$(date +%Y%m%d%H%M)" >> $GITHUB_ENV echo "custom_icloud=https://raw.githubusercontent.com/Loyalsoldier/domain-list-custom/release/icloud.txt" >> $GITHUB_ENV + echo "custom_tld-not-cn=https://raw.githubusercontent.com/Loyalsoldier/domain-list-custom/release/tld-\!cn.txt" >> $GITHUB_ENV echo "Loyalsoldier_reject=https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/reject-list.txt" >> $GITHUB_ENV echo "Loyalsoldier_proxy=https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/proxy-list.txt" >> $GITHUB_ENV echo "Loyalsoldier_direct=https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/direct-list.txt" >> $GITHUB_ENV + echo "Loyalsoldier_gfw=https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/gfw.txt" >> $GITHUB_ENV + echo "Loyalsoldier_greatfire=https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/greatfire.txt" >> $GITHUB_ENV echo "felixonmars_apple=https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/apple.china.conf" >> $GITHUB_ENV echo "felixonmars_google=https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/google.china.conf" >> $GITHUB_ENV echo "ipipnet_chinaiplist=https://raw.githubusercontent.com/17mon/china_ip_list/master/china_ip_list.txt" >> $GITHUB_ENV @@ -60,6 +63,21 @@ jobs: echo "payload:" > reject.txt curl -sSL ${Loyalsoldier_reject} | perl -ne '/^([-_a-zA-Z0-9]+(\.[-_a-zA-Z0-9]+)*)/ && print " - |+.$1|\n"' | sed "s/|/'/g" >> reject.txt + - name: Generate gfw.txt file + run: | + echo "payload:" > gfw.txt + curl -sSL ${Loyalsoldier_gfw} | perl -ne '/^([-_a-zA-Z0-9]+(\.[-_a-zA-Z0-9]+)*)/ && print " - |+.$1|\n"' | sed "s/|/'/g" >> gfw.txt + + - name: Generate greatfire.txt file + run: | + echo "payload:" > greatfire.txt + curl -sSL ${Loyalsoldier_greatfire} | perl -ne '/^([-_a-zA-Z0-9]+(\.[-_a-zA-Z0-9]+)*)/ && print " - |+.$1|\n"' | sed "s/|/'/g" >> greatfire.txt + + - name: Generate tld-not-cn.txt file + run: | + echo "payload:" > tld-not-cn.txt + curl -sSL ${custom_tld-not-cn} | perl -ne '/^domain:([-_a-zA-Z0-9]+(\.[-_a-zA-Z0-9]+)*)/ && print " - |+.$1|\n"' | sed "s/|/'/g" >> tld-not-cn.txt + - name: Generate cncidr.txt file run: | echo "payload:" > cncidr.txt @@ -68,7 +86,7 @@ jobs: - name: Move files to publish directory run: | mkdir -p publish - install -p {apple,icloud,google,proxy,direct,reject,cncidr,lancidr}.txt ./publish/ + install -p {apple,icloud,google,proxy,direct,reject,gfw,greatfire,tld-not-cn,cncidr,lancidr}.txt ./publish/ - name: Release and upload assets uses: softprops/action-gh-release@v1 diff --git a/README.md b/README.md index 64d70ba..6ece0fb 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ ## 说明 -本项目的规则集(RULE-SET)主要来源于项目 [@Loyalsoldier/v2ray-rules-dat](https://github.com/Loyalsoldier/v2ray-rules-dat) 和 [@v2fly/domain-list-community](https://github.com/v2fly/domain-list-community);[`Apple`](https://github.com/Loyalsoldier/clash-rules/blob/release/apple.txt) 和 [`Google`](https://github.com/Loyalsoldier/clash-rules/blob/release/google.txt) 列表里的部分域名来源于项目 [@felixonmars/dnsmasq-china-list](https://github.com/felixonmars/dnsmasq-china-list);中国大陆 IPv4 地址数据使用 [@17mon/china_ip_list](https://github.com/17mon/china_ip_list)。 +本项目的规则集(RULE-SET)主要来源于项目 [@Loyalsoldier/v2ray-rules-dat](https://github.com/Loyalsoldier/v2ray-rules-dat) 和 [@v2fly/domain-list-community](https://github.com/v2fly/domain-list-community);[`Apple`](https://github.com/Loyalsoldier/clash-rules/blob/release/apple.txt) 和 [`Google`](https://github.com/Loyalsoldier/clash-rules/blob/release/google.txt) 列表里的域名来源于项目 [@felixonmars/dnsmasq-china-list](https://github.com/felixonmars/dnsmasq-china-list);中国大陆 IPv4 地址数据使用 [@17mon/china_ip_list](https://github.com/17mon/china_ip_list)。 本项目的规则集(RULE-SET)只适用于 Clash **Premium** 版本。Clash Premium 相对于普通版,增加了 **TUN 增强模式**,能接管设备所有 TCP 和 UDP 流量,类似 [Surge for Mac](https://nssurge.com) 的增强模式。更多高级特性请看[官方 wiki](https://github.com/Dreamacro/clash/wiki/premium-core-features)。 @@ -38,6 +38,15 @@ - **Google 域名列表 google.txt**: - [https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/google.txt](https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/google.txt) - [https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/google.txt](https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/google.txt) +- **GFWList 域名列表 gfw.txt**: + - [https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/gfw.txt](https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/gfw.txt) + - [https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/gfw.txt](https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/gfw.txt) +- **GreatFire 域名列表 greatfire.txt**: + - [https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/greatfire.txt](https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/greatfire.txt) + - [https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/greatfire.txt](https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/greatfire.txt) +- **非中国大陆使用的顶级域名列表 tld-not-cn.txt**: + - [https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/tld-not-cn.txt](https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/tld-not-cn.txt) + - [https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/tld-not-cn.txt](https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/tld-not-cn.txt) - **局域网 IP 及保留 IP 地址列表 lancidr.txt**: - [https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/lancidr.txt](https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/lancidr.txt) - [https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt](https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt) @@ -97,6 +106,27 @@ rule-providers: path: ./ruleset/direct.yaml interval: 86400 + gfw: + type: http + behavior: domain + url: "https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/gfw.txt" + path: ./ruleset/gfw.yaml + interval: 86400 + + greatfire: + type: http + behavior: domain + url: "https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/greatfire.txt" + path: ./ruleset/greatfire.yaml + interval: 86400 + + tld-not-cn: + type: http + behavior: domain + url: "https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/tld-not-cn.txt" + path: ./ruleset/tld-not-cn.yaml + interval: 86400 + cncidr: type: http behavior: ipcidr @@ -112,12 +142,13 @@ rule-providers: interval: 86400 ``` -#### Rules 配置方式 +#### 白名单模式 Rules 配置方式(推荐) +- 白名单模式,意为「**没有命中规则的网络流量,统统使用代理**」,适用于服务器线路网络质量稳定、快速,不缺服务器流量的用户。 - 以下配置中的 `PROCESS-NAME` 规则类型**只能**在 **ClashX Pro** 中使用,其余版本均不能使用,需要手动删除。 -- 如果希望使用 DNS 来解析未命中域名类型规则的域名,而不是直接走代理,请删除 `cncidr` 行尾的 `,no-resolve`。 - 以下配置中,除了 `DIRECT` 和 `REJECT` 是默认存在于 Clash 中的 policy(路由策略/流量处理策略),其余均为自定义 policy,对应配置文件中 `proxies` 或 `proxy-groups` 中的 `name`。如你直接使用下面的 `rules` 规则,则需要在 `proxies` 或 `proxy-groups` 中手动配置一个 `name` 为 `PROXY` 的 policy。 - 如你希望 Apple、iCloud 和 Google 列表中的域名使用代理,则把 policy 由 `DIRECT` 改为 `PROXY`,以此类推,举一反三。 +- 如你不希望进行 DNS 解析,可在 `GEOIP` 规则的最后加上 `,no-resolve`,如 `GEOIP,CN,DIRECT,no-resolve`。 ```yaml rules: @@ -144,14 +175,82 @@ rules: - RULE-SET,google,DIRECT - RULE-SET,proxy,PROXY - RULE-SET,direct,DIRECT - - RULE-SET,lancidr,DIRECT,no-resolve - - RULE-SET,cncidr,DIRECT,no-resolve + - GEOIP,,DIRECT + - GEOIP,CN,DIRECT - MATCH,PROXY ``` +#### 黑名单模式 Rules 配置方式 + +- 黑名单模式,意为「**只有命中规则的网络流量,才使用代理**」,适用于服务器线路网络质量不稳定或不够快,或服务器流量紧缺的用户。通常也是软路由用户、家庭网关用户的常用模式。 +- 以下配置中的 `PROCESS-NAME` 规则类型**只能**在 **ClashX Pro** 中使用,其余版本均不能使用,需要手动删除。 +- 以下配置中,除了 `DIRECT` 和 `REJECT` 是默认存在于 Clash 中的 policy(路由策略/流量处理策略),其余均为自定义 policy,对应配置文件中 `proxies` 或 `proxy-groups` 中的 `name`。如你直接使用下面的 `rules` 规则,则需要在 `proxies` 或 `proxy-groups` 中手动配置一个 `name` 为 `PROXY` 的 policy。 + +```yaml +rules: + - PROCESS-NAME,v2ray,DIRECT + - PROCESS-NAME,Surge%203,DIRECT + - PROCESS-NAME,ss-local,DIRECT + - PROCESS-NAME,privoxy,DIRECT + - PROCESS-NAME,trojan,DIRECT + - PROCESS-NAME,trojan-go,DIRECT + - PROCESS-NAME,naive,DIRECT + - PROCESS-NAME,Thunder,DIRECT + - PROCESS-NAME,DownloadService,DIRECT + - PROCESS-NAME,qBittorrent,DIRECT + - PROCESS-NAME,Transmission,DIRECT + - PROCESS-NAME,fdm,DIRECT + - PROCESS-NAME,aria2c,DIRECT + - PROCESS-NAME,Folx,DIRECT + - PROCESS-NAME,NetTransport,DIRECT + - PROCESS-NAME,uTorrent,DIRECT + - PROCESS-NAME,WebTorrent,DIRECT + - RULE-SET,reject,REJECT + - RULE-SET,tld-not-cn,PROXY + - RULE-SET,gfw,PROXY + - RULE-SET,greatfire,PROXY + - GEOIP,AE,PROXY + - GEOIP,AU,PROXY + - GEOIP,BR,PROXY + - GEOIP,CA,PROXY + - GEOIP,DE,PROXY + - GEOIP,DK,PROXY + - GEOIP,ES,PROXY + - GEOIP,FI,PROXY + - GEOIP,FR,PROXY + - GEOIP,GB,PROXY + - GEOIP,GR,PROXY + - GEOIP,HK,PROXY + - GEOIP,ID,PROXY + - GEOIP,IL,PROXY + - GEOIP,IN,PROXY + - GEOIP,IQ,PROXY + - GEOIP,IR,PROXY + - GEOIP,IT,PROXY + - GEOIP,JP,PROXY + - GEOIP,KR,PROXY + - GEOIP,MO,PROXY + - GEOIP,MY,PROXY + - GEOIP,NL,PROXY + - GEOIP,NO,PROXY + - GEOIP,NZ,PROXY + - GEOIP,PH,PROXY + - GEOIP,RU,PROXY + - GEOIP,SA,PROXY + - GEOIP,SG,PROXY + - GEOIP,TH,PROXY + - GEOIP,TR,PROXY + - GEOIP,TW,PROXY + - GEOIP,US,PROXY + - GEOIP,VN,PROXY + - MATCH,DIRECT +``` + ## 致谢 - [@Loyalsoldier/v2ray-rules-dat](https://github.com/Loyalsoldier/v2ray-rules-dat) +- [@Loyalsoldier/cn-blocked-domain](https://github.com/Loyalsoldier/cn-blocked-domain) +- [@gfwlist/gfwlist](https://github.com/gfwlist/gfwlist) - [@v2fly/domain-list-community](https://github.com/v2fly/domain-list-community) - [@felixonmars/dnsmasq-china-list](https://github.com/felixonmars/dnsmasq-china-list) - [@17mon/china_ip_list](https://github.com/17mon/china_ip_list)