├── .gitignore ├── README.md ├── backup ├── mosdns │ ├── apple-cn.txt │ ├── china_ip_list.txt │ ├── config.yaml │ ├── direct-list.txt │ ├── hosts.txt │ ├── mosdns.log │ ├── my-proxy-list.txt │ ├── my-reject-list.txt │ ├── mydns.txt │ ├── myvpsip.txt │ ├── proxy-device-list.txt │ ├── proxy-list.txt │ ├── pt-list.txt │ └── reject-list.txt └── ph │ └── mosdns │ ├── config.yaml │ ├── gen │ ├── fakeiplist.txt │ ├── fakeiprule.txt │ ├── nodenov4list.txt │ ├── nodenov4rule.txt │ ├── nodenov6list.txt │ ├── nodenov6rule.txt │ ├── notinlist.txt │ ├── notinrule.txt │ ├── nov4list.txt │ ├── nov4rule.txt │ ├── nov6list.txt │ ├── nov6rule.txt │ ├── realiplist.txt │ └── realiprule.txt │ ├── proxy-device-list.txt │ ├── rule │ ├── blocklist.txt │ ├── blocklistv4.txt │ ├── blocklistv6.txt │ ├── cloudflare-cidr.txt │ ├── cnv6-only.txt │ ├── ddnslist.txt │ ├── geoip_cn.txt │ ├── geosite_cn.txt │ ├── googlev6.txt │ ├── greylist.txt │ ├── hosts.txt │ ├── local-ptr.txt │ ├── realiplist.txt │ ├── redirect.txt │ └── whitelist.txt │ └── unpack │ ├── disable-ads.txt │ ├── geoip_cn.txt │ ├── geosite_apple.txt │ ├── geosite_cn.txt │ └── geosite_geolocation-!cn.txt ├── docs ├── fakeip.md └── png │ ├── dhcp.png │ ├── dns.png │ ├── netwatch.png │ ├── routelist.png │ ├── watchdown.png │ └── watchup.png ├── install.sh ├── mssb ├── fb │ └── fb.json ├── mihomo │ ├── config.yaml │ └── phone_config.yaml ├── mosdns │ ├── config.yaml │ ├── gen │ │ ├── fakeiplist.txt │ │ ├── fakeiprule.txt │ │ ├── nodenov4list.txt │ │ ├── nodenov4rule.txt │ │ ├── nodenov6list.txt │ │ ├── nodenov6rule.txt │ │ ├── notinlist.txt │ │ ├── notinrule.txt │ │ ├── nov4list.txt │ │ ├── nov4rule.txt │ │ ├── nov6list.txt │ │ ├── nov6rule.txt │ │ ├── realiplist.txt │ │ └── realiprule.txt │ ├── proxy-device-list.txt │ ├── rule │ │ ├── blocklist.txt │ │ ├── blocklistv4.txt │ │ ├── blocklistv6.txt │ │ ├── cloudflare-cidr.txt │ │ ├── cnv6-only.txt │ │ ├── ddnslist.txt │ │ ├── geoip_cn.txt │ │ ├── geosite_cn.txt │ │ ├── googlev6.txt │ │ ├── greylist.txt │ │ ├── hosts.txt │ │ ├── local-ptr.txt │ │ ├── realiplist.txt │ │ ├── redirect.txt │ │ └── whitelist.txt │ └── unpack │ │ ├── disable-ads.txt │ │ ├── geoip_cn.txt │ │ ├── geosite_apple.txt │ │ ├── geosite_cn.txt │ │ └── geosite_geolocation-!cn.txt └── sing-box │ ├── config.json │ ├── rule │ ├── geoip │ │ ├── facebook.srs │ │ ├── geoip-cn.srs │ │ ├── google.srs │ │ ├── netflix.srs │ │ ├── telegram.srs │ │ └── twitter.srs │ └── geosite │ │ ├── amazon.srs │ │ ├── apple.srs │ │ ├── bilibili.srs │ │ ├── category-ads-all.srs │ │ ├── category-games.srs │ │ ├── category-games@cn.srs │ │ ├── disney.srs │ │ ├── facebook.srs │ │ ├── geolocation-!cn.srs │ │ ├── geosite-cn.srs │ │ ├── github.srs │ │ ├── google.srs │ │ ├── hbo.srs │ │ ├── instagram.srs │ │ ├── microsoft.srs │ │ ├── netflix.srs │ │ ├── openai.srs │ │ ├── primevideo.srs │ │ ├── telegram.srs │ │ ├── tiktok.srs │ │ ├── twitter.srs │ │ └── youtube.srs │ └── ruleset │ ├── mydirect.json │ ├── myproxy.json │ ├── networktest.srs │ └── pt.srs ├── run_msmo └── supervisord.conf ├── run_mssb └── supervisord.conf ├── update_sub.py └── watch ├── update_cn.sh ├── update_mihomo.sh ├── update_mosdns.sh ├── update_sb.sh ├── watch_mihomo.sh ├── watch_mosdns.sh └── watch_sing_box.sh /.gitignore: -------------------------------------------------------------------------------- 1 | ### PowerShell template 2 | # Exclude packaged modules 3 | *.zip 4 | 5 | # Exclude .NET assemblies from source 6 | *.dll 7 | 8 | ### GNOMEShellExtension template 9 | # Ignored files for GNOME extension git repository 10 | .idea 11 | 12 | .DS_Store -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Mosdns + Singbox/Mihomo 虚拟机分流代理项目(纯自用版本) 2 | 3 | ## 项目简介 4 | 5 | > ⚠️ 本项目为自用版本,可能存在部分 bug,敬请见谅。 6 | 7 | 封装 `mosdns` 和 `singbox/mihomo` 两个服务,旨在实现高效的分流代理功能。 8 | 9 | * `mosdns` 使用 53 端口对外提供 DNS 服务; 10 | * `singbox/mihomo` 使用 6666 端口与 `mosdns` 对接,代理转发使用统一的 TProxy 高效端口 7896; 11 | * 出国访问通过 `mosdns` 转发到 `singbox/mihomo`,并启用 `fakeip` 模式(使用网段 28.0.0.0/8),需在主路由上添加相应静态路由; 12 | * 文档参考:[fakeip.md](docs/fakeip.md) 13 | 14 | 项目同时整合: 15 | 16 | * `filebrowser`:用于配置文件的可视化管理; 17 | * `zashboard`:`singbox/mihomo` 的 Web UI 界面。 18 | 19 | 感谢各位大佬的贡献,特别是 PH 和 hero 两位大佬的支持。 20 | 21 | ## 项目功能 22 | 23 | * ✅ **进程管理**:通过 `supervisor` 管理服务进程 24 | * ✅ **高效分流代理**:`mosdns` + `singbox/mihomo` 分流代理架构 25 | * ✅ **可视化管理**:使用 `filebrowser` 管理配置文件 26 | * ✅ **前端界面**:通过 `zashboard` 提供友好的配置界面 27 | 28 | ## 架构图 29 | 30 | ```plaintext 31 | +------------------+ +----------------------+ 32 | | filebrowser | | zashboard | 33 | +------------------+ +----------------------+ 34 | | | 35 | +------------------+ +----------------------+ 36 | | mosdns | --------> | singbox/mihomo | 37 | +------------------+ +----------------------+ 38 | ``` 39 | 40 | ### 服务端口分配 41 | 42 | | 服务 | 端口 | 描述 | 43 | | ------------------ | ---- | ------------------- | 44 | | filebrowser | 8088 | 文件管理界面 | 45 | | supervisor | 9001 | 进程管理界面 | 46 | | mosdns | 53 | DNS 服务入口 | 47 | | singbox DNS 接口 | 6666 | 与 mosdns 对接端口 | 48 | | socks5代理 | 7891 | singbox SOCKS5 代理端口 | 49 | | TProxy透明代理 | 7896 | 高效透明代理端口 | 50 | | Web UI (zashboard) | 9090 | singbox Web 界面 | 51 | 52 | ## 安装方法 53 | 54 | 适用于 Debian 12 系统: 55 | 56 | ```bash 57 | # 若主机无代理,可通过导出局域网代理环境变量临时加速安装 58 | # 示例:使用 Mac 上的 surge 或 Windows 上的 mihomo 开启局域网代理 59 | export https_proxy=http://192.168.12.239:6152 60 | export http_proxy=http://192.168.12.239:6152 61 | export all_proxy=socks5://192.168.12.239:6153 62 | 63 | # 拉取仓库并安装(包含安装、卸载、启动、停止功能) 64 | git clone --depth=1 https://github.com/baozaodetudou/mssb.git && cd mssb && bash install.sh 65 | ``` 66 | 67 | ## 查看日志 68 | 69 | 查看所有服务日志: 70 | 71 | ```bash 72 | tail -f /var/log/supervisor/*.log 73 | ``` 74 | 75 | ## 附注信息 76 | 77 | ### 1. filebrowser 78 | 79 | * 端口:8088 80 | * 默认用户:`admin` 81 | * 默认密码:`admin` 82 | * 有些人不想要登录可以执行下边的命令 83 | ```shell 84 | # 取消用户密码登录登录功能 85 | supervisorctl stop filebrowser && filebrowser config set --auth.method=noauth -c /mssb/fb/fb.json -d /mssb/fb/fb.db && supervisorctl start filebrowser 86 | # 恢复用户密码登录登录功能 87 | supervisorctl stop filebrowser && filebrowser config set --auth.method=json -c /mssb/fb/fb.json -d /mssb/fb/fb.db && supervisorctl start filebrowser 88 | ``` 89 | 90 | ### 2. supervisor 91 | 92 | * 端口:9001 93 | * 默认用户:`mssb` 94 | * 默认密码:`mssb123..` 95 | 96 | ### 3. mosdns 统计页面 97 | 98 | * 地址:http\://{主机IP}:9099/graphic 99 | 100 | ### 4. 功能说明 101 | 102 | * `mosdns`:提供 DNS 解析与缓存加速; 103 | * `singbox`:提供 SOCKS5 和透明代理; 104 | * `zashboard`:配置前端界面,状态显示。 105 | 106 | ### 5. 使用方法 107 | 108 | * 安装完成后,将主路由的 DNS 设置为 Debian 主机的 IP; 109 | * 实现分流控制:将需要走代理的设备 IP 添加到 `proxy-device-list.txt` 文件中,路径为: 110 | 111 | ```text 112 | /mssb/mosdns/proxy-device-list.txt 113 | ``` 114 | 115 | * 文件中未列出的 IP 只使用 mosdns 加速,不通过代理。 116 | 117 | --- 118 | 119 | ### 项目来源和参考 120 | 121 | * [https://github.com/herozmy/StoreHouse/tree/latest](https://github.com/herozmy/StoreHouse/tree/latest) 122 | * 感谢英雄佬的脚本教程 123 | * PH 大佬的 mosdns 配置基础 124 | * 感谢 mosdns/singbox/mihomo的各位开发大佬们 125 | 126 | 感谢所有提供支持与灵感的开源作者! 127 | -------------------------------------------------------------------------------- /backup/mosdns/config.yaml: -------------------------------------------------------------------------------- 1 | log: 2 | level: error # 设置日志级别为error 3 | # file: "./mosdns.log" # 日志文件路径 注释输出至 stderr 。 4 | production: false # 非生产环境配置 5 | 6 | plugins: 7 | # 缓存 8 | - tag: cache 9 | type: cache 10 | args: 11 | size: 10240 # 缓存大小 12 | lazy_cache_ttl: 86400 # 缓存过期时间 13 | 14 | # 转发至国内DNS,并发查询 15 | - tag: forward_local 16 | type: forward 17 | args: 18 | concurrent: 2 # 并发查询数量 19 | upstreams: 20 | - addr: udp://223.5.5.5 21 | - addr: udp://119.29.29.29 22 | # - addr: udp://2400:3200::1 23 | # - addr: udp://2402:4e00:: 24 | 25 | # 转发至国外DNS,拿真实ip 26 | - tag: forward_real 27 | type: forward 28 | args: 29 | concurrent: 1 # 并发查询数量 30 | upstreams: 31 | #- addr: 192.168.20.5:6666 # 本地DNS服务器地址ipv4 32 | #- addr: tcp://192.168.20.5:6666 # TCP协议的本地DNS服务器地址ipv4 33 | - addr: tcp://8.8.8.8 34 | 35 | # 转发至sb/mihomo,拿fake ip 36 | - tag: forward_fake 37 | type: forward 38 | args: 39 | concurrent: 2 # 并发查询数量 40 | upstreams: 41 | - addr: tcp://127.0.0.1:6666 42 | - addr: udp://127.0.0.1:6666 43 | 44 | # 自定义hosts 45 | - tag: hosts 46 | type: hosts 47 | args: 48 | files: 49 | - "./hosts.txt" 50 | 51 | # china ip和自己的vps ip 52 | - tag: local_ip 53 | type: ip_set 54 | args: 55 | files: 56 | - ./china_ip_list.txt 57 | - ./myvpsip.txt 58 | 59 | # fallback的primary服务器,只接受国内ip,丢弃非国内ip 60 | - tag: local_sequence 61 | type: sequence 62 | args: 63 | - exec: $forward_local 64 | - matches: "resp_ip $local_ip" # 检查是否是国内IP 65 | exec: accept # 如果是国内IP,则接受 66 | - exec: drop_resp # 丢弃非国内ip 67 | 68 | # fake_fallback的secondary服务器,直接接受结果 69 | - tag: fake_sequence 70 | type: sequence 71 | args: 72 | - exec: $forward_fake 73 | - exec: accept # fakeip全部接受 74 | 75 | # real_fallback的secondary服务器, 76 | - tag: real_sequence 77 | type: sequence 78 | args: 79 | - exec: $forward_real 80 | - matches: "!resp_ip $local_ip" 81 | exec: accept # 只接受国外ip 82 | 83 | # fallback_real sequence 84 | - tag: fallback_real 85 | type: fallback 86 | args: 87 | primary: local_sequence 88 | secondary: real_sequence 89 | threshold: 500 # 超时时间,单位为毫秒 90 | always_standby: true # 总是保持备用 91 | 92 | # fallback_fake sequence 93 | - tag: fallback_fake 94 | type: fallback 95 | args: 96 | primary: local_sequence 97 | secondary: fake_sequence 98 | threshold: 500 # 超时时间,单位为毫秒 99 | always_standby: true # 总是保持备用 100 | 101 | # 主运行序列 102 | - tag: main_sequence 103 | type: sequence 104 | args: 105 | # 执行hosts解析 106 | - exec: $hosts 107 | - matches: has_resp 108 | exec: accept # 如果hosts解析有响应,则接受并返回 109 | 110 | # 拒绝HTTPS类型查询 111 | - matches: qtype 65 112 | exec: black_hole 113 | 114 | # 拒绝在拒绝列表中的域名 115 | - matches: qname &./reject-list.txt &./my-reject-list.txt 116 | exec: reject 117 | 118 | # 优先使用IPv4解析 119 | - exec: prefer_ipv4 120 | 121 | # ddns域名走国内 122 | - matches: "qname ./mydns.txt" 123 | exec: $forward_local 124 | - matches: has_resp 125 | exec: accept # 如果有响应,则接受 126 | 127 | # proxy-device-list & client-ip 匹配内网需翻墙设备&被禁域名,走fakeip 128 | - matches: 129 | - qname &./proxy-list.txt &./my-proxy-list.txt 130 | - client_ip &./proxy-device-list.txt 131 | exec: $forward_fake 132 | - matches: has_resp 133 | exec: accept # 如果有响应,则接受 134 | 135 | # 查找缓存,命中则接受 136 | - exec: $cache 10240 # 查找 cache。 137 | - matches: 138 | - has_resp 139 | exec: accept 140 | 141 | # 特定列表中的域名使用国内DNS解析 142 | - matches: qname &./direct-list.txt &./apple-cn.txt 143 | exec: $forward_local 144 | - matches: has_resp 145 | exec: accept # 如果有响应,则接受 146 | 147 | # 转发国外dns,走real ip 148 | - matches: qname &./proxy-list.txt 149 | exec: $forward_real 150 | - matches: has_resp 151 | exec: accept # 如果有响应,则接受 152 | 153 | # 执行fallback_real策略兜底 154 | - exec: $fallback_real 155 | 156 | # 启动监听服务 157 | - tag: udp_server 158 | type: udp_server 159 | args: 160 | entry: main_sequence # 主运行序列入口 161 | listen: :53 # 监听UDP端口53 162 | 163 | - tag: tcp_server 164 | type: tcp_server 165 | args: 166 | entry: main_sequence # 主运行序列入口 167 | listen: :53 # 监听TCP端口53 168 | 169 | api: 170 | http: "0.0.0.0:8080" # API服务监听地址和端口 171 | -------------------------------------------------------------------------------- /backup/mosdns/hosts.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/mosdns/hosts.txt -------------------------------------------------------------------------------- /backup/mosdns/mosdns.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/mosdns/mosdns.log -------------------------------------------------------------------------------- /backup/mosdns/my-proxy-list.txt: -------------------------------------------------------------------------------- 1 | keyword,metadata-static.plex.tv 2 | keyword,metadata.provider.plex.tv 3 | keyword,provider.plex.tv 4 | keyword,analytics.plex.tv 5 | keyword,meta.plex.tv 6 | keyword,support.plex.tv 7 | keyword,forums.plex.tv 8 | keyword,downloads.plex.tv 9 | keyword,clients.plex.tv 10 | keyword,pubsub.plex.tv 11 | keyword,images.plex.tv 12 | keyword,together.plex.tv 13 | keyword,community.plex.tv 14 | keyword,scrobbles.plex.tv 15 | keyword,features.plex.tv 16 | -------------------------------------------------------------------------------- /backup/mosdns/my-reject-list.txt: -------------------------------------------------------------------------------- 1 | sl. -------------------------------------------------------------------------------- /backup/mosdns/mydns.txt: -------------------------------------------------------------------------------- 1 | huacloud.xyz 2 | doumao.fun 3 | right.com.cn -------------------------------------------------------------------------------- /backup/mosdns/myvpsip.txt: -------------------------------------------------------------------------------- 1 | 192.168.20.0/24 2 | 192.168.99.0/24 -------------------------------------------------------------------------------- /backup/mosdns/proxy-device-list.txt: -------------------------------------------------------------------------------- 1 | 192.168.20.99 2 | 192.168.20.100 3 | -------------------------------------------------------------------------------- /backup/mosdns/pt-list.txt: -------------------------------------------------------------------------------- 1 | domain:ptsbao.club 2 | domain:discfan.net 3 | domain:chdbits.co 4 | domain:open.cd 5 | domain:hdsky.me 6 | domain:hdchina.org 7 | domain:m-team.io 8 | domain:m-team.cc 9 | domain:hdhome.org 10 | domain:pttime.org 11 | domain:audiences.me 12 | domain:cinefiles.info 13 | domain:beitai.pt 14 | domain:springsunday.net 15 | domain:totheglory.im 16 | domain:keepfrds.com 17 | domain:pterclub.com 18 | domain:soulvoice.club 19 | domain:hddolby.com 20 | domain:pthome.net 21 | domain:hdatmos.club 22 | domain:ourbits.club 23 | domain:nicept.net 24 | domain:hdfans.org 25 | domain:hhanclub.top 26 | domain:hhan.club 27 | domain:piggo.me 28 | domain:agsvpt.com 29 | domain:hares.top 30 | domain:ultrahd.net 31 | domain:hdmayi.com 32 | domain:eastgame.org 33 | domain:hdarea.club 34 | domain:leaves.red 35 | domain:hdvideo.one -------------------------------------------------------------------------------- /backup/ph/mosdns/config.yaml: -------------------------------------------------------------------------------- 1 | log: 2 | level: error 3 | file: "./mosdns.log" 4 | 5 | api: 6 | http: "0.0.0.0:9099" 7 | 8 | include: [] 9 | 10 | plugins: 11 | #列表外域名访问记录 12 | - tag: my_notinlist 13 | type: domain_output 14 | args: 15 | file_stat: ./gen/notinlist.txt 16 | file_rule: ./gen/notinrule.txt 17 | max_entries: 20 18 | dump_interval: 36000 19 | 20 | #访问过的realip的域名清单和生成规则 21 | - tag: my_realiplist 22 | type: domain_output 23 | args: 24 | file_stat: ./gen/realiplist.txt 25 | file_rule: ./gen/realiprule.txt 26 | max_entries: 1000 27 | dump_interval: 36005 28 | 29 | #访问过的fakeip的域名清单和生成规则 30 | - tag: my_fakeiplist 31 | type: domain_output 32 | args: 33 | file_stat: ./gen/fakeiplist.txt 34 | file_rule: ./gen/fakeiprule.txt 35 | max_entries: 1000 36 | dump_interval: 36010 37 | 38 | #访问过的无v6 ip的域名清单和生成规则 39 | - tag: my_nov6list 40 | type: domain_output 41 | args: 42 | file_stat: ./gen/nov6list.txt 43 | file_rule: ./gen/nov6rule.txt 44 | max_entries: 10 45 | dump_interval: 36020 46 | 47 | #访问过的无v4 v6 ip的域名清单和生成规则 48 | - tag: my_nov4list 49 | type: domain_output 50 | args: 51 | file_stat: ./gen/nov4list.txt 52 | file_rule: ./gen/nov4rule.txt 53 | max_entries: 3 54 | dump_interval: 36030 55 | 56 | #节点域名无v6 ip的域名清单和生成规则 57 | - tag: my_nodenov6list 58 | type: domain_output 59 | args: 60 | file_stat: ./gen/nodenov6list.txt 61 | file_rule: ./gen/nodenov6rule.txt 62 | max_entries: 1000 63 | dump_interval: 36070 64 | 65 | #节点域名无v4 v6 ip的域名清单和生成规则 66 | - tag: my_nodenov4list 67 | type: domain_output 68 | args: 69 | file_stat: ./gen/nodenov4list.txt 70 | file_rule: ./gen/nodenov4rule.txt 71 | max_entries: 2 72 | dump_interval: 36080 73 | 74 | #生成的realip规则 75 | - tag: my_realiprule 76 | type: domain_set 77 | args: 78 | files: 79 | - "./gen/realiprule.txt" 80 | 81 | #生成的fakeip规则 82 | - tag: my_fakeiprule 83 | type: domain_set 84 | args: 85 | files: 86 | - "./gen/fakeiprule.txt" 87 | 88 | #生成的没有v6的域名规则 89 | - tag: my_nov6rule 90 | type: domain_set 91 | args: 92 | files: 93 | - "./gen/nov6rule.txt" 94 | 95 | #生成的没有ip的域名规则 96 | - tag: my_nov4rule 97 | type: domain_set 98 | args: 99 | files: 100 | - "./gen/nov4rule.txt" 101 | 102 | #生成的节点没有v6的域名规则 103 | - tag: my_nodenov6rule 104 | type: domain_set 105 | args: 106 | files: 107 | - "./gen/nodenov6rule.txt" 108 | 109 | #生成的节点没有ip的域名规则 110 | - tag: my_nodenov4rule 111 | type: domain_set 112 | args: 113 | files: 114 | - "./gen/nodenov4rule.txt" 115 | 116 | #过期缓存 117 | - tag: cache_all 118 | type: cache 119 | args: 120 | size: 20000000 121 | lazy_cache_ttl: 259200000 122 | dump_file: ./cache_all.dump 123 | dump_interval: 36000 124 | 125 | #中国域名列表的过期缓存 126 | - tag: cache_cn 127 | type: cache 128 | args: 129 | size: 20000000 130 | lazy_cache_ttl: 259200000 131 | dump_file: ./cache_cn.dump 132 | dump_interval: 36000 133 | 134 | #列表外域名的过期缓存 135 | - tag: cache_google 136 | type: cache 137 | args: 138 | size: 20000000 139 | lazy_cache_ttl: 259200000 140 | dump_file: ./cache_google.dump 141 | dump_interval: 36000 142 | 143 | #节点域名列表的过期缓存 144 | - tag: cache_node 145 | type: cache 146 | args: 147 | size: 20000000 148 | lazy_cache_ttl: 259200000 149 | dump_file: ./cache_node.dump 150 | dump_interval: 36000 151 | 152 | #中国域名列表 153 | - tag: geosite_cn 154 | type: domain_set 155 | args: 156 | files: 157 | - "./unpack/geosite_cn.txt" 158 | 159 | #中国IP列表 160 | - tag: geoip_cn 161 | type: ip_set 162 | args: 163 | files: 164 | - "./unpack/geoip_cn.txt" 165 | 166 | #国外域名列表 167 | - tag: geosite_no_cn 168 | type: domain_set 169 | args: 170 | files: 171 | - "./unpack/geosite_geolocation-!cn.txt" 172 | 173 | #自定义白名单域名列表 174 | - tag: whitelist 175 | type: domain_set 176 | args: 177 | files: 178 | - "./rule/whitelist.txt" 179 | 180 | #屏蔽域名列表 181 | - tag: blocklist 182 | type: domain_set 183 | args: 184 | files: 185 | - "./rule/blocklist.txt" 186 | 187 | #屏蔽V4解析的域名列表 188 | - tag: blocklistv4 189 | type: domain_set 190 | args: 191 | files: 192 | - "./rule/blocklistv4.txt" 193 | 194 | #屏蔽V6解析的域名列表 195 | - tag: blocklistv6 196 | type: domain_set 197 | args: 198 | files: 199 | - "./rule/blocklistv6.txt" 200 | 201 | #国外dns解析realip域名列表 202 | - tag: realiplist 203 | type: domain_set 204 | args: 205 | files: 206 | - "./rule/realiplist.txt" 207 | 208 | #自定义强制代理域名列表 209 | - tag: greylist 210 | type: domain_set 211 | args: 212 | files: 213 | - "./rule/greylist.txt" 214 | 215 | #自定义hosts域名列表 216 | - tag: hosts 217 | type: hosts 218 | args: 219 | files: 220 | - "./rule/hosts.txt" 221 | 222 | #转发dns请求到google dns 223 | - tag: forward_google 224 | type: forward 225 | args: 226 | concurrent: 2 227 | upstreams: 228 | - addr: "https://1.1.1.1/dns-query" 229 | # socks5: "127.0.0.1:7891" 230 | - addr: "https://8.8.8.8/dns-query" 231 | # socks5: "127.0.0.1:7891" 232 | upstream_query_timeout: 1000 233 | # - addr: "tls://1.1.1.1" 234 | # enable_pipeline: true 235 | # socks5: "127.0.0.1:7891" 236 | # - addr: "tls://8.8.8.8" 237 | # enable_pipeline: true 238 | # socks5: "127.0.0.1:7891" 239 | 240 | #转发请求到阿里dns 241 | - tag: forward_local 242 | type: forward 243 | args: 244 | concurrent: 3 245 | upstreams: 246 | - addr: "223.5.5.5" 247 | - addr: "quic://223.5.5.5" 248 | - addr: "202.102.128.68" 249 | upstream_query_timeout: 5 250 | 251 | #转发请求至sing-box/mihome dns请求fakeip 252 | - tag: forward_fakeip 253 | type: forward 254 | args: 255 | concurrent: 1 256 | upstreams: 257 | - addr: 127.0.0.1:6666 258 | 259 | #转发国内请求到内部带过期缓存的服务 260 | - tag: forward_local_in 261 | type: forward 262 | args: 263 | concurrent: 1 264 | upstreams: 265 | - addr: "udp://127.0.0.1:2222" 266 | 267 | #国内域名 内部使用 268 | - tag: sequence_local_in 269 | type: sequence 270 | args: 271 | - exec: $cache_cn 272 | - matches: has_resp 273 | exec: accept 274 | - exec: $forward_local 275 | 276 | #转发国外请求到内部带过期缓存的服务 277 | - tag: forward_google_in 278 | type: forward 279 | args: 280 | concurrent: 1 281 | upstreams: 282 | - addr: "udp://127.0.0.1:3333" 283 | 284 | #国内域名 内部使用 285 | - tag: sequence_google_in 286 | type: sequence 287 | args: 288 | - exec: $cache_google 289 | - matches: has_resp 290 | exec: accept 291 | - exec: $forward_google 292 | 293 | #缓存序列-国内域名 294 | - tag: sequence_local 295 | type: sequence 296 | args: 297 | - exec: drop_resp #丢弃用于标记的blackhole ip 298 | - exec: $forward_local_in 299 | 300 | #缓存序列-国内域名 301 | - tag: sequence_fakeip 302 | type: sequence 303 | args: 304 | - exec: drop_resp #丢弃用于标记的blackhole ip 305 | - matches: "!client_ip &./proxy-device-list.txt" 306 | exec: $forward_local_in 307 | - matches: "client_ip &./proxy-device-list.txt" 308 | exec: $forward_fakeip 309 | 310 | #缓存序列-列表外域名 311 | - tag: sequence_google 312 | type: sequence 313 | args: 314 | - exec: drop_resp #丢弃用于标记的blackhole ip 315 | - exec: $forward_google_in 316 | 317 | #转发国外请求到内部带过期缓存的服务 318 | - tag: forward_all_in 319 | type: forward 320 | args: 321 | concurrent: 1 322 | upstreams: 323 | - addr: "udp://127.0.0.1:5656" 324 | 325 | #缓存序列-all 326 | - tag: sequence_all_single 327 | type: sequence 328 | args: 329 | - matches: "qtype 6 12 65" 330 | exec: reject 0 331 | # - exec: $cache_all 332 | # - matches: has_resp 333 | # exec: accept 334 | - exec: $forward_all_in 335 | 336 | - tag: sequence_all 337 | type: fallback 338 | args: 339 | primary: sequence_all_single 340 | secondary: sequence_all_single 341 | threshold: 3 342 | always_standby: false 343 | 344 | #列表外的域名的处理逻辑 345 | - tag: sequence_not_in_list 346 | type: sequence 347 | args: 348 | - matches: "resp_ip 127.0.0.3 ::3" 349 | exec: mark 68 #列表外 350 | - matches: mark 68 351 | exec: drop_resp #丢弃结果 352 | - matches: mark 68 353 | exec: $my_notinlist 354 | - matches: mark 68 355 | exec: $sequence_local #表外域名先发到国内 356 | - matches: #对于223没有返回V6地址且不是污染地址的,接受 357 | - "mark 68" 358 | - "qtype 28" 359 | - "rcode 0 2 3 5" 360 | - "!resp_ip 2000::/3" 361 | - "!resp_ip ::1" 362 | exec: ttl 60000 363 | - matches: 364 | - "mark 68" 365 | - "qtype 28" 366 | - "rcode 0 2 3 5" 367 | - "!resp_ip 2000::/3" 368 | - "!resp_ip ::1" 369 | - "!cname keyword:." 370 | exec: $my_nov6list #生成域名规则 371 | - matches: 372 | - "mark 68" 373 | - "qtype 28" 374 | - "rcode 0 2 3 5" 375 | - "!resp_ip 2000::/3" 376 | - "!resp_ip ::1" 377 | exec: accept #没有ip就接受 378 | - matches: "!resp_ip 0.0.0.0/0 2000::/3" #rcode 235及没有IP等情况 379 | exec: mark 123 #标记 380 | - matches: "resp_ip 127.0.0.1 0.0.0.0 ::1" #有污染IP的 381 | exec: mark 123 #标记 382 | - matches: mark 123 383 | exec: drop_resp #丢弃结果 384 | - matches: mark 123 385 | exec: $sequence_google #google dns再查一次 386 | - matches: "!resp_ip 0.0.0.0/0 2000::/3" 387 | exec: ttl 60000 #再没有IP延长TTL 388 | - matches: 389 | - "qtype 28" 390 | - "rcode 0 2 3 5" 391 | - "!resp_ip 2000::/3" 392 | - "!cname keyword:." 393 | exec: $my_nov6list #生成域名规则 394 | - matches: 395 | - "qtype 1" 396 | - "rcode 0 2 3 5" 397 | - "!resp_ip 0.0.0.0/0" 398 | - "!cname keyword:." 399 | exec: $my_nov4list #生成域名规则 400 | - matches: "!resp_ip 0.0.0.0/0 2000::/3" 401 | exec: accept #没有ip就接受 402 | - matches: "resp_ip 127.0.0.1 0.0.0.0 ::1" #有污染IP的 403 | exec: accept #谷歌dns结果没有正常ip也接受 404 | - matches: "resp_ip 17.0.0.0/8" 405 | exec: $my_realiplist 406 | - matches: "resp_ip 17.0.0.0/8" 407 | exec: accept #苹果ip就接受 408 | - matches: "!resp_ip $geoip_cn" 409 | exec: mark 89 #标记 410 | - matches: mark 89 411 | exec: $sequence_fakeip 412 | - matches: mark 89 413 | exec: $my_fakeiplist 414 | - exec: accept 415 | 416 | #生成的规则用本地dns查询 417 | - tag: gen_is_local_dns 418 | type: sequence 419 | args: 420 | - matches: qname $my_realiprule 421 | exec: black_hole 127.0.0.1 ::1 422 | 423 | #生成的规则请求fakeip 424 | - tag: gen_is_fakeip 425 | type: sequence 426 | args: 427 | - matches: qname $my_fakeiprule 428 | exec: black_hole 127.0.0.2 ::2 429 | - matches: "!resp_ip 127.0.0.2 ::2" 430 | exec: black_hole 127.0.0.3 ::3 431 | 432 | #生成的列表国内国外并发匹配,结果是black_hole的即列表外域名 433 | - tag: gen_conc 434 | type: fallback 435 | args: 436 | primary: gen_is_local_dns 437 | secondary: gen_is_fakeip 438 | threshold: 20000 439 | always_standby: true 440 | 441 | #用本地dns查询 442 | - tag: query_is_local_dns 443 | type: sequence 444 | args: 445 | - matches: qname $geosite_cn 446 | exec: black_hole 127.0.0.1 ::1 447 | 448 | #fallback并发primary和secondary都没有IP返回,会抛出错误 449 | #导致后续逻辑无法执行,在secondary中使用black_hole给假 450 | #ip作为标记供后续判断 451 | 452 | #国外域名列表/灰名单直接请求fakeip 453 | - tag: query_is_fakeip 454 | type: sequence 455 | args: 456 | - matches: qname $geosite_no_cn 457 | exec: black_hole 127.0.0.2 ::2 458 | - matches: "!resp_ip 127.0.0.2 ::2" 459 | exec: black_hole 127.0.0.3 ::3 460 | 461 | #列表内域名国内国外并发匹配,结果是black_hole的即列表外域名 462 | - tag: conc_lookup 463 | type: fallback 464 | args: 465 | primary: query_is_local_dns 466 | secondary: query_is_fakeip 467 | threshold: 20000 468 | always_standby: true 469 | 470 | #主分流序列 471 | - tag: sequence_main 472 | type: sequence 473 | args: 474 | - matches: qname $blocklist 475 | exec: reject 3 476 | - exec: $hosts 477 | - matches: has_resp 478 | exec: accept 479 | - matches: "!qtype 1 28" 480 | exec: $sequence_google 481 | - matches: "!qtype 1 28" 482 | exec: accept 483 | - matches: qname $greylist 484 | exec: mark 22 485 | - matches: mark 22 486 | exec: $sequence_fakeip 487 | - matches: mark 22 488 | exec: accept 489 | - matches: #屏蔽没有v4地址的域名 490 | - qtype 1 491 | - qname $my_nov4rule 492 | exec: reject 0 493 | - matches: #屏蔽没有v6地址的域名 494 | - qtype 28 495 | - qname $my_nov6rule 496 | exec: reject 0 497 | - matches: qname $whitelist 498 | exec: mark 11 499 | - matches: mark 11 500 | exec: $sequence_local 501 | - matches: 502 | - "mark 11" 503 | - "rcode 0 2 3 5" 504 | - "!resp_ip 0.0.0.0/0 2000::/3" 505 | exec: ttl 60000 #非A没有IP,延长TTL 506 | - matches: 507 | - "qtype 28" 508 | - "mark 11" 509 | - "rcode 0 2 3 5" 510 | - "!resp_ip 2000::/3" 511 | - "!cname keyword:." 512 | exec: $my_nov6list #生成域名规则 513 | - matches: 514 | - "qtype 1" 515 | - "mark 11" 516 | - "rcode 0 2 3 5" 517 | - "!resp_ip 0.0.0.0/0" 518 | - "!cname keyword:." 519 | exec: $my_nov4list #生成域名规则 520 | - matches: mark 11 #白名单中域名不往下漏 521 | exec: accept 522 | - matches: qname $realiplist 523 | exec: mark 33 524 | - matches: mark 33 525 | exec: $sequence_google 526 | - matches: mark 33 527 | exec: accept 528 | - exec: $gen_conc 529 | - matches: "resp_ip 127.0.0.1 ::1" 530 | exec: mark 888 #生成的域名列表匹配为realip 531 | - matches: "resp_ip 127.0.0.2 ::2" 532 | exec: mark 999 #生成的域名列表匹配为realip 533 | - matches: "resp_ip 127.0.0.3 ::3" 534 | exec: mark 666 #标记 535 | - matches: mark 666 536 | exec: drop_resp #丢弃结果 537 | - matches: mark 666 538 | exec: $conc_lookup 539 | - matches: "resp_ip 127.0.0.1 ::1" 540 | exec: $sequence_local 541 | - matches: "resp_ip 127.0.0.2 ::2" 542 | exec: mark 777 #标记 543 | - matches: mark 777 544 | exec: $sequence_fakeip 545 | - matches: 546 | - "mark 777" #fakeip 547 | - "!mark 999" #并没有在gen fakeip列表中 548 | exec: $my_fakeiplist #生成域名规则 549 | - matches: mark 777 550 | exec: accept #fakeip就接受 551 | - matches: 552 | - "!mark 888" #并没有在gen realip列表中 553 | - "resp_ip 17.0.0.0/8" #fakeip 554 | exec: $my_realiplist #生成域名规则 555 | - matches: "resp_ip 17.0.0.0/8" 556 | exec: accept #fakeip ios ip就接受 557 | - matches: 558 | - "qtype 28" #非A的只要不是黑洞IP,有没有IP都接受 559 | - "rcode 0 2 3 5" 560 | - "!resp_ip 2000::/3" 561 | - "!resp_ip ::1 ::2 ::3" 562 | exec: ttl 60000 #非A没有IP,延长TTL 563 | - matches: 564 | - "qtype 28" #非A的只要不是黑洞IP,有没有IP都接受 565 | - "rcode 0 2 3 5" 566 | - "!resp_ip 2000::/3" 567 | - "!resp_ip ::1 ::2 ::3" 568 | - "!cname keyword:." 569 | exec: $my_nov6list #生成域名规则 570 | - matches: 571 | - "qtype 28" #非A的有realip的情况 572 | - "!mark 888" #并没有在gen realip列表中 573 | - "resp_ip 2000::/3" 574 | - "!resp_ip ::1 ::2 ::3" 575 | exec: $my_realiplist #生成域名规则 576 | - matches: 577 | - "qtype 28" #非A的只要不是黑洞IP,有没有IP都接受 578 | - "!resp_ip ::1 ::2 ::3" 579 | exec: accept 580 | - matches: 581 | - "qtype 1" #A的不是黑洞IP,有正经IP才接受 582 | - "!mark 888" #并没有在gen realip列表中 583 | - "resp_ip 0.0.0.0/0" 584 | - "!resp_ip 0.0.0.0 127.0.0.1 127.0.0.2 127.0.0.3" 585 | exec: $my_realiplist #生成域名规则 586 | - matches: 587 | - "qtype 1" #A的不是黑洞IP或者污染ip,有正经IP才接受 588 | - "resp_ip 0.0.0.0/0" 589 | - "!resp_ip 0.0.0.0 127.0.0.1 127.0.0.2 127.0.0.3" 590 | exec: accept 591 | - exec: $sequence_not_in_list #其它走表外逻辑 592 | - exec: accept 593 | 594 | #专门用于解析域名节点,默认使用8888解析,5毫秒不通用换223解析 595 | - tag: sbnodefallback 596 | type: fallback 597 | args: 598 | primary: sequence_google 599 | secondary: sequence_local 600 | threshold: 5 601 | always_standby: false 602 | 603 | - tag: sequence_sbnode 604 | type: sequence 605 | args: 606 | - matches: #屏蔽没有v4地址的域名 607 | - qtype 1 608 | - qname $my_nodenov4rule 609 | exec: reject 0 610 | - matches: #屏蔽没有v6地址的域名 611 | - qtype 28 612 | - qname $my_nodenov6rule 613 | exec: reject 0 614 | - exec: $cache_node 615 | - matches: has_resp 616 | exec: accept 617 | - exec: sleep 1000 618 | - exec: $sbnodefallback 619 | - matches: 620 | - "qtype 1" 621 | - "rcode 0 2 3 5" 622 | - "!resp_ip 0.0.0.0/0" 623 | - "!cname keyword:." 624 | exec: $my_nodenov4list #生成域名规则 625 | - matches: 626 | - "qtype 28" 627 | - "rcode 0 2 3 5" 628 | - "!resp_ip 2000::/3" 629 | - "!cname keyword:." 630 | exec: $my_nodenov6list #生成域名规则 631 | 632 | ####################对外服务端口定义部分############ 633 | #解析节点域名的服务器 634 | - tag: sbnode_udp 635 | type: udp_server 636 | args: 637 | entry: sequence_sbnode 638 | listen: ":7777" 639 | 640 | - tag: sbnode_tcp 641 | type: tcp_server 642 | args: 643 | entry: sequence_sbnode 644 | listen: ":7777" 645 | 646 | #sing-box使用的服务器 647 | - tag: sb_udp 648 | type: udp_server 649 | args: 650 | entry: sequence_local 651 | listen: ":8888" 652 | 653 | - tag: sb_tcp 654 | type: tcp_server 655 | args: 656 | entry: sequence_local 657 | listen: ":8888" 658 | 659 | #国内 660 | - tag: udp_local 661 | type: udp_server 662 | args: 663 | entry: sequence_local_in 664 | listen: ":2222" 665 | 666 | - tag: tcp_local 667 | type: tcp_server 668 | args: 669 | entry: sequence_local_in 670 | listen: ":2222" 671 | 672 | #国外 673 | - tag: udp_google 674 | type: udp_server 675 | args: 676 | entry: sequence_google_in 677 | listen: ":3333" 678 | 679 | - tag: tcp_google 680 | type: tcp_server 681 | args: 682 | entry: sequence_google_in 683 | listen: ":3333" 684 | 685 | #主分流服务器 686 | - tag: udp_main 687 | type: udp_server 688 | args: 689 | entry: sequence_main 690 | listen: ":53" 691 | 692 | - tag: tcp_main 693 | type: tcp_server 694 | args: 695 | entry: sequence_main 696 | listen: ":53" 697 | idle_timeout: 720 698 | -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/fakeiplist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/fakeiplist.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/fakeiprule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/fakeiprule.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/nodenov4list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/nodenov4list.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/nodenov4rule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/nodenov4rule.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/nodenov6list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/nodenov6list.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/nodenov6rule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/nodenov6rule.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/notinlist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/notinlist.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/notinrule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/notinrule.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/nov4list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/nov4list.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/nov4rule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/nov4rule.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/nov6list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/nov6list.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/nov6rule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/nov6rule.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/realiplist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/realiplist.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/gen/realiprule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/gen/realiprule.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/proxy-device-list.txt: -------------------------------------------------------------------------------- 1 | 192.168.20.99 2 | 192.168.20.100 3 | -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/blocklist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/rule/blocklist.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/blocklistv4.txt: -------------------------------------------------------------------------------- 1 | regexp:^(2408-|2409-|240e-).* -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/blocklistv6.txt: -------------------------------------------------------------------------------- 1 | domain:philma.fun 2 | regexp:^\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3}\..*$ -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/cloudflare-cidr.txt: -------------------------------------------------------------------------------- 1 | 173.245.48.0/20 2 | 103.21.244.0/22 3 | 103.22.200.0/22 4 | 103.31.4.0/22 5 | 141.101.64.0/18 6 | 108.162.192.0/18 7 | 190.93.240.0/20 8 | 188.114.96.0/20 9 | 197.234.240.0/22 10 | 198.41.128.0/17 11 | 162.158.0.0/15 12 | 104.16.0.0/13 13 | 104.24.0.0/14 14 | 172.64.0.0/13 15 | 131.0.72.0/22 16 | 2400:cb00::/32 17 | 2606:4700::/32 18 | 2803:f800::/32 19 | 2405:b500::/32 20 | 2405:8100::/32 21 | 2a06:98c0::/29 22 | 2c0f:f248::/32 23 | -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/cnv6-only.txt: -------------------------------------------------------------------------------- 1 | full:6.ipw.cn 2 | full:test6.ustc.edu.cn 3 | domain:philma.fun 4 | domain:mbjlkg.lol 5 | domain:huacloud.xyz 6 | domain:rfp4ucx.xyz 7 | domain:myip.ipip.net 8 | domain:nexconvert.com 9 | domain:msftconnecttest.com 10 | domain:space.bilibili.com 11 | domain:b23.tv 12 | domain:msedge.com 13 | domain:msedge.net 14 | domain:azurefd.com 15 | domain:azure.com 16 | domain:default.exp-tas.com 17 | domain:azureedge.net 18 | domain:msftncsi.com 19 | domain:nn.ci 20 | domain:config.edge.skype.com 21 | regexp:^rr[0-9]+---sn-[a-z0-9]+\.googlevideo\.com$ -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/ddnslist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/rule/ddnslist.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/googlev6.txt: -------------------------------------------------------------------------------- 1 | domain:googlevideo.com 2 | -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/greylist.txt: -------------------------------------------------------------------------------- 1 | full:mypikpak.com 2 | full:access.mypikpak.com 3 | domain:googleapis.cn 4 | domain:4d4y.com 5 | domain:iii80.com 6 | domain:googleapis.com 7 | domain:google.com 8 | domain:gstatic.com 9 | full:e13252.dscg.akamaiedge.net 10 | full:h-netflix.online-metrix.net 11 | full:netflix.com.edgesuite.net 12 | domain:cookielaw.org 13 | domain:fast.com 14 | domain:flxvpn.net 15 | domain:netflix.ca 16 | domain:netflix.com 17 | domain:netflix.com.au 18 | domain:netflix.com.edgesuite.net 19 | domain:netflix.net 20 | domain:netflixdnstest0.com 21 | domain:netflixdnstest1.com 22 | domain:netflixdnstest10.com 23 | domain:netflixdnstest2.com 24 | domain:netflixdnstest3.com 25 | domain:netflixdnstest4.com 26 | domain:netflixdnstest5.com 27 | domain:netflixdnstest6.com 28 | domain:netflixdnstest7.com 29 | domain:netflixdnstest8.com 30 | domain:netflixdnstest9.com 31 | domain:netflixinvestor.com 32 | domain:netflixstudios.com 33 | domain:netflixtechblog.com 34 | domain:nflxext.com 35 | domain:nflximg.com 36 | domain:nflximg.net 37 | domain:nflxsearch.net 38 | domain:nflxso.net 39 | domain:nflxvideo.net 40 | domain:onetrust.com 41 | domain:us-west-2.amazonaws.com 42 | domain:store.ui.com.cn 43 | domain:hassbian.com 44 | domain:copilot.microsoft.com 45 | domain:prod.rewardsplatform.microsoft.com 46 | domain:edge.microsoft.com 47 | domain:nav-edge.smartscreen.microsoft.com 48 | domain:functional.events.data.microsoft.com 49 | domain:edgeservices.bing.com 50 | domain:sydney.bing.com 51 | domain:bing.com 52 | domain:bing.com.cn 53 | domain:bing.net 54 | domain:bingads.com 55 | domain:bingagencyawards.com 56 | domain:bingapistatistics.com 57 | domain:bingsandbox.com 58 | domain:bingvisualsearch.com 59 | domain:bingworld.com 60 | keyword:apiproxy-device-prod-nlb- 61 | keyword:dualstack.apiproxy- 62 | keyword:dualstack.ichnaea-web- 63 | keyword:netflixdnstest -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/hosts.txt: -------------------------------------------------------------------------------- 1 | logs.netflix.com 127.0.0.1 ::1 2 | trace-server.prod-clustered.bugs.firebat.prime-video.amazon.dev 127.0.0.1 ::1 -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/local-ptr.txt: -------------------------------------------------------------------------------- 1 | 0.in-addr.arpa 2 | 10.in-addr.arpa 3 | 127.in-addr.arpa 4 | 16.172.in-addr.arpa 5 | 17.172.in-addr.arpa 6 | 18.172.in-addr.arpa 7 | 19.172.in-addr.arpa 8 | 20.172.in-addr.arpa 9 | 21.172.in-addr.arpa 10 | 22.172.in-addr.arpa 11 | 23.172.in-addr.arpa 12 | 24.172.in-addr.arpa 13 | 25.172.in-addr.arpa 14 | 26.172.in-addr.arpa 15 | 27.172.in-addr.arpa 16 | 28.172.in-addr.arpa 17 | 29.172.in-addr.arpa 18 | 30.172.in-addr.arpa 19 | 31.172.in-addr.arpa 20 | 64.100.in-addr.arpa 21 | 65.100.in-addr.arpa 22 | 66.100.in-addr.arpa 23 | 67.100.in-addr.arpa 24 | 68.100.in-addr.arpa 25 | 69.100.in-addr.arpa 26 | 70.100.in-addr.arpa 27 | 71.100.in-addr.arpa 28 | 72.100.in-addr.arpa 29 | 73.100.in-addr.arpa 30 | 74.100.in-addr.arpa 31 | 75.100.in-addr.arpa 32 | 76.100.in-addr.arpa 33 | 77.100.in-addr.arpa 34 | 78.100.in-addr.arpa 35 | 79.100.in-addr.arpa 36 | 80.100.in-addr.arpa 37 | 81.100.in-addr.arpa 38 | 82.100.in-addr.arpa 39 | 83.100.in-addr.arpa 40 | 84.100.in-addr.arpa 41 | 85.100.in-addr.arpa 42 | 86.100.in-addr.arpa 43 | 87.100.in-addr.arpa 44 | 88.100.in-addr.arpa 45 | 89.100.in-addr.arpa 46 | 90.100.in-addr.arpa 47 | 91.100.in-addr.arpa 48 | 92.100.in-addr.arpa 49 | 93.100.in-addr.arpa 50 | 94.100.in-addr.arpa 51 | 95.100.in-addr.arpa 52 | 96.100.in-addr.arpa 53 | 97.100.in-addr.arpa 54 | 98.100.in-addr.arpa 55 | 99.100.in-addr.arpa 56 | 100.100.in-addr.arpa 57 | 101.100.in-addr.arpa 58 | 102.100.in-addr.arpa 59 | 103.100.in-addr.arpa 60 | 104.100.in-addr.arpa 61 | 105.100.in-addr.arpa 62 | 106.100.in-addr.arpa 63 | 107.100.in-addr.arpa 64 | 108.100.in-addr.arpa 65 | 109.100.in-addr.arpa 66 | 110.100.in-addr.arpa 67 | 111.100.in-addr.arpa 68 | 112.100.in-addr.arpa 69 | 113.100.in-addr.arpa 70 | 114.100.in-addr.arpa 71 | 115.100.in-addr.arpa 72 | 116.100.in-addr.arpa 73 | 117.100.in-addr.arpa 74 | 118.100.in-addr.arpa 75 | 119.100.in-addr.arpa 76 | 120.100.in-addr.arpa 77 | 121.100.in-addr.arpa 78 | 122.100.in-addr.arpa 79 | 123.100.in-addr.arpa 80 | 124.100.in-addr.arpa 81 | 125.100.in-addr.arpa 82 | 126.100.in-addr.arpa 83 | 127.100.in-addr.arpa 84 | 2.0.192.in-addr.arpa 85 | 168.192.in-addr.arpa 86 | 255.255.255.255.in-addr.arpa 87 | domain:ip6.arpa -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/realiplist.txt: -------------------------------------------------------------------------------- 1 | domain:manhuagui.com -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/redirect.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/rule/redirect.txt -------------------------------------------------------------------------------- /backup/ph/mosdns/rule/whitelist.txt: -------------------------------------------------------------------------------- 1 | full:6.ipw.cn 2 | full:test6.ustc.edu.cn 3 | full:apiauth.quickconnect.to 4 | domain:nkvod.com 5 | domain:mbjlkg.lol 6 | domain:huacloud.xyz 7 | domain:rfp4ucx.xyz 8 | domain:myip.ipip.net 9 | domain:nexconvert.com 10 | domain:heartbeat.belkin.com 11 | domain:msftconnecttest.com 12 | domain:space.bilibili.com 13 | domain:b23.tv 14 | domain:msedge.com 15 | domain:msedge.net 16 | domain:azurefd.com 17 | domain:azure.com 18 | domain:default.exp-tas.com 19 | domain:azureedge.net 20 | domain:xboxlive.com 21 | domain:sfx.ms 22 | domain:msftncsi.com 23 | domain:nn.ci 24 | domain:config.edge.skype.com 25 | domain:bing.com 26 | domain:push-apple.com.akadns.net 27 | domain:live.com 28 | domain:msn.com 29 | domain:ntp.org 30 | domain:office.com 31 | domain:qlogo.cn 32 | domain:qq.com 33 | domain:jd.com 34 | domain:jd.hk 35 | domain:apple.cn 36 | domain:me.com 37 | domain:apple.com 38 | domain:icloud.com 39 | domain:icloud-content.com 40 | domain:push-apple.com.akadns.net 41 | domain:push.apple.com 42 | domain:iphone-ld.apple.com 43 | domain:lcdn-locator.apple.com 44 | domain:lcdn-registration.apple.com 45 | domain:cn-ssl.ls.apple.com 46 | domain:time.apple.com 47 | full:gs-loc-cn.apple.com 48 | full:gsp10-ssl-cn.ls.apple.com 49 | full:gsp12-cn.ls.apple.com 50 | full:gsp13-cn.ls.apple.com 51 | full:gsp4-cn.ls.apple.com.edgekey.net.globalredir.akadns.net 52 | full:gsp4-cn.ls.apple.com.edgekey.net 53 | full:gsp4-cn.ls.apple.com 54 | full:gsp5-cn.ls.apple.com 55 | full:gsp85-cn-ssl.ls.apple.com 56 | full:gspe19-2-cn-ssl.ls.apple.com 57 | full:gspe19-cn-ssl.ls.apple.com 58 | full:gspe19-cn.ls-apple.com.akadns.net 59 | full:gspe19-cn.ls.apple.com 60 | full:gspe79-cn-ssl.ls.apple.com 61 | full:cl2-cn.apple.com 62 | full:cl4-cn.apple.com 63 | domain:dht.libtorrent.org 64 | domain:dht.transmissionbt.com 65 | domain:dns.msftncsi.com 66 | domain:ipv6.msftconnecttest.com 67 | domain:www.msftconnecttest.com 68 | domain:microsoft.com 69 | domain:office.com 70 | domain:office365.com 71 | domain:xiuxitong.com 72 | domain:pc528.net 73 | domain:pc521.net 74 | domain:redhat.com 75 | domain:steamserver.net 76 | domain:tawk.to 77 | keyword:jd.com 78 | keyword:douyin 79 | keyword:microsoft 80 | keyword:windows 81 | keyword:apple 82 | keyword:icloud 83 | keyword:itunes 84 | keyword:douyin 85 | keyword:aaplimg 86 | keyword:akadns 87 | keyword:akamai 88 | keyword:qtlcdn 89 | -------------------------------------------------------------------------------- /backup/ph/mosdns/unpack/disable-ads.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/backup/ph/mosdns/unpack/disable-ads.txt -------------------------------------------------------------------------------- /docs/fakeip.md: -------------------------------------------------------------------------------- 1 | ## ROS + FakeIP 使用配置示例 2 | 3 | 本文档以 ROS(RouterOS)软路由环境为例,说明如何搭配 sing-box + mihomo + mosdns 实现 DNS 分流及故障自动切换。 4 | 5 | ### 网络环境说明 6 | 7 | * RouterOS IP:`192.168.20.1` 8 | * sing-box + mihomo + mosdns 所在主机 IP:`192.168.20.2` 9 | * 默认上游 DNS(备用):`223.5.5.5` 10 | 11 | --- 12 | 13 | ### 步骤一:确保 RouterOS 能够正常上网 14 | 15 | 确保 RouterOS 已连接外网,当前 DNS 设置为 `223.5.5.5`,并能正常访问互联网。 16 | 17 | --- 18 | 19 | ### 步骤二:配置 Route List 20 | 21 | 在 WinBox 或 WebFig 中,进入 `IP > Routes`,添加如下 Route 规则: 22 | 23 | ![routelist.png](png/routelist.png) 24 | 命令示例: 25 | ```shell 26 | /ip route 27 | add comment="mihomo/singbox fakeip" disabled=no distance=1 dst-address=28.0.0.0/8 gateway=192.168.20.2 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 28 | add disabled=no distance=1 dst-address=149.154.160.0/22 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 29 | add disabled=no distance=1 dst-address=149.154.164.0/22 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 30 | add disabled=no distance=1 dst-address=149.154.172.0/22 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 31 | add disabled=no distance=1 dst-address=91.108.4.0/22 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 32 | add disabled=no distance=1 dst-address=91.108.20.0/22 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 33 | add disabled=no distance=1 dst-address=91.108.56.0/22 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 34 | add disabled=no distance=1 dst-address=91.108.8.0/22 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 35 | add disabled=no distance=1 dst-address=95.161.64.0/22 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 36 | add disabled=no distance=1 dst-address=91.108.12.0/22 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 37 | add disabled=no distance=1 dst-address=91.108.16.0/22 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 38 | add disabled=no distance=1 dst-address=67.198.55.0/24 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 39 | add disabled=no distance=1 dst-address=109.239.140.0/24 gateway=192.168.20.2 scope=30 suppress-hw-offload=no target-scope=10 40 | ``` 41 | 42 | --- 43 | 44 | ### 步骤三:设置 DNS 和 DHCP 45 | 46 | 1. 修改 DNS 服务器: 47 | 48 | * 路由器 DNS 设置改为:`192.168.20.2` 49 | 2. DHCP Server 配置: 50 | 51 | * 将分发给客户端的 DNS 改为:`192.168.20.2` 52 | * 可根据实际情况设定较短的租约时间(如 3 分钟),方便 mosdns 挂掉时快速回退。 53 | 54 | 示例截图: 55 | 56 | ![dns.png](png/dns.png) 57 | 58 | ![dhcp.png](png/dhcp.png) 59 | 60 | --- 61 | 62 | ### 步骤四:添加 Netwatch 事件监听 63 | 64 | 进入 `Tools > Netwatch`,设置目标 IP(如 1.1.1.1),并配置当目标 IP 不可达时自动切换 DNS。 65 | 66 | #### up 参数(目标 IP 恢复时执行) 67 | 68 | ```shell 69 | /ip dns set server=192.168.20.2 70 | /ip dhcp-server network set dns-server=192.168.20.2 numbers=0 71 | ``` 72 | 73 | #### down 参数(目标 IP 不可达时执行) 74 | 75 | ```shell 76 | /ip dns set server=223.5.5.5 77 | /ip dhcp-server network set dns-server=223.5.5.5 numbers=0 78 | ``` 79 | 80 | 示意图: 81 | 82 | ![netwatch.png](png/netwatch.png) 83 | 84 | ![watchup.png](png/watchup.png) 85 | 86 | ![watchdown.png](png/watchdown.png) 87 | 88 | --- 89 | 90 | 以上配置完成后,RouterOS 将会优先使用 mosdns 作为主 DNS,当 mosdns 失效时自动切换至备用 DNS(如 223.5.5.5),实现更高的网络稳定性。 91 | -------------------------------------------------------------------------------- /docs/png/dhcp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/docs/png/dhcp.png -------------------------------------------------------------------------------- /docs/png/dns.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/docs/png/dns.png -------------------------------------------------------------------------------- /docs/png/netwatch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/docs/png/netwatch.png -------------------------------------------------------------------------------- /docs/png/routelist.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/docs/png/routelist.png -------------------------------------------------------------------------------- /docs/png/watchdown.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/docs/png/watchdown.png -------------------------------------------------------------------------------- /docs/png/watchup.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/docs/png/watchup.png -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 定义颜色变量 4 | green_text="\033[32m" 5 | yellow="\033[33m" 6 | reset="\033[0m" 7 | red='\033[1;31m' 8 | 9 | # 获取本机 IP 10 | local_ip=$(hostname -I | awk '{print $1}') 11 | 12 | # 日志输出函数 13 | log() { 14 | echo "[$(date +"%F %T")] $1" 15 | } 16 | 17 | # 系统更新和安装必要软件 18 | update_system() { 19 | log "开始更新系统..." 20 | if ! apt update; then 21 | log "${red}系统更新失败,退出!${reset}" 22 | exit 1 23 | fi 24 | 25 | log "安装必要的软件包..." 26 | if ! apt install -y supervisor inotify-tools curl git wget tar gawk sed cron unzip nano nftables; then 27 | log "${red}软件包安装失败,退出!${reset}" 28 | exit 1 29 | fi 30 | } 31 | # 设置时区 32 | set_timezone() { 33 | log "设置时区为Asia/Shanghai" 34 | if ! timedatectl set-timezone Asia/Shanghai; then 35 | log "${red}时区设置失败!退出脚本!${reset}" 36 | exit 1 37 | fi 38 | log "时区设置成功" 39 | } 40 | 41 | # 检查程序是否安装 42 | check_installed() { 43 | programs=("sing-box" "mosdns" "mihomo" "filebrowser") 44 | echo -e "\n${yellow}检测本机安装情况 (本地IP: $local_ip)...${reset}" 45 | 46 | for program in "${programs[@]}"; do 47 | if [ -f "/usr/local/bin/$program" ]; then 48 | echo -e " ${green_text}✔ 已安装${reset} - $program" 49 | else 50 | echo -e " ${red}✘ 未安装${reset} - $program" 51 | fi 52 | done 53 | } 54 | # 检查服务是否启用 55 | check_core_status() { 56 | green_text="\e[32m" 57 | red_text="\e[31m" 58 | reset="\e[0m" 59 | 60 | echo -e "\n检查服务状态..." 61 | echo -e "----------------------------------------" 62 | 63 | # 主程序服务 64 | core_programs=("sing-box" "mihomo" "mosdns") 65 | # 对应看门狗服务 66 | watch_services=("watch_sing_box" "watch_mihomo" "watch_mosdns") 67 | 68 | # 检查核心服务状态 69 | for program in "${core_programs[@]}"; do 70 | echo -e "\n服务名称: ${program}" 71 | 72 | if supervisorctl status | grep -qE "^${program}\s+RUNNING"; then 73 | case "$program" in 74 | "sing-box"|"mihomo") 75 | echo -e " 类型: 路由服务 状态: ${green_text}运行中 ✅${reset}" 76 | ;; 77 | "mosdns") 78 | echo -e " 类型: DNS服务 状态: ${green_text}运行中 ✅${reset}" 79 | ;; 80 | *) 81 | echo -e " 类型: 未知 ${green_text}运行中 ✅${reset}" 82 | ;; 83 | esac 84 | else 85 | case "$program" in 86 | "sing-box"|"mihomo") 87 | echo -e " 类型: 路由服务 ${red_text}未运行 ❌${reset}" 88 | ;; 89 | "mosdns") 90 | echo -e " 类型: DNS服务 ${red_text}未运行 ❌${reset}" 91 | ;; 92 | *) 93 | echo -e " 类型: 未知 ${red_text}未运行 ❌${reset}" 94 | ;; 95 | esac 96 | fi 97 | done 98 | 99 | # 检查看门狗服务状态 100 | for watch in "${watch_services[@]}"; do 101 | echo -e "\n服务名称: ${watch}" 102 | 103 | if supervisorctl status | grep -qE "^${watch}\s+RUNNING"; then 104 | echo -e " 类型: 监听服务 状态: ${green_text}运行中 ✅${reset}" 105 | else 106 | echo -e " 类型: 监听服务 状态: ${red_text}未运行 ❌${reset}" 107 | fi 108 | done 109 | 110 | echo -e "\n----------------------------------------" 111 | } 112 | # 检测系统 CPU 架构,并返回标准格式(适用于多数构建/下载脚本) 113 | detect_architecture() { 114 | case "$(uname -m)" in 115 | x86_64) echo "amd64" ;; # 64 位 x86 架构 116 | aarch64) echo "arm64" ;; # 64 位 ARM 架构 117 | armv7l) echo "armv7" ;; # 32 位 ARM 架构(常见于树莓派) 118 | armhf) echo "armhf" ;; # ARM 硬浮点 119 | s390x) echo "s390x" ;; # IBM 架构 120 | i386|i686) echo "386" ;; # 32 位 x86 架构 121 | *) 122 | echo -e "${yellow}不支持的CPU架构: $(uname -m)${reset}" 123 | exit 1 124 | ;; 125 | esac 126 | } 127 | 128 | # 安装mosdns 129 | install_mosdns() { 130 | # 下载并安装 MosDNS 131 | log "开始下载 MosDNS..." 132 | arch=$(detect_architecture) 133 | log "系统架构是:$arch" 134 | # LATEST_MOSDNS_VERSION=$(curl -sL -o /dev/null -w %{url_effective} https://github.com/IrineSistiana/mosdns/releases/latest | awk -F '/' '{print $NF}') 135 | # MOSDNS_URL="https://github.com/IrineSistiana/mosdns/releases/download/${LATEST_MOSDNS_VERSION}/mosdns-linux-$arch.zip" 136 | MOSDNS_URL="https://github.com/herozmy/StoreHouse/releases/download/mosdns/mosdns-linux-$arch.zip" 137 | 138 | 139 | log "从 $MOSDNS_URL 下载 MosDNS..." 140 | if curl -L -o /tmp/mosdns.zip "$MOSDNS_URL"; then 141 | log "MosDNS 下载成功。" 142 | else 143 | log "MosDNS 下载失败,请检查网络连接或 URL 是否正确。" 144 | exit 1 145 | fi 146 | 147 | log "解压 MosDNS..." 148 | if unzip -o /tmp/mosdns.zip -d /usr/local/bin; then 149 | log "MosDNS 解压成功。" 150 | else 151 | log "MosDNS 解压失败,请检查压缩包是否正确。" 152 | exit 1 153 | fi 154 | 155 | log "设置 MosDNS 可执行权限..." 156 | if chmod +x /usr/local/bin/mosdns; then 157 | log "设置权限成功。" 158 | else 159 | log "设置权限失败,请检查文件路径和权限设置。" 160 | exit 1 161 | fi 162 | } 163 | # 安装filebrower 164 | install_filebrower() { 165 | # 下载并安装 Filebrowser 166 | log "开始下载 Filebrowser..." 167 | arch=$(detect_architecture) 168 | log "系统架构是:$arch" 169 | LATEST_FILEBROWSER_VERSION=$(curl -sL -o /dev/null -w %{url_effective} https://github.com/filebrowser/filebrowser/releases/latest | awk -F '/' '{print $NF}') 170 | FILEBROWSER_URL="https://github.com/filebrowser/filebrowser/releases/download/${LATEST_FILEBROWSER_VERSION}/linux-$arch-filebrowser.tar.gz" 171 | 172 | log "从 $FILEBROWSER_URL 下载 Filebrowser..." 173 | if curl -L --fail -o /tmp/filebrowser.tar.gz "$FILEBROWSER_URL"; then 174 | log "Filebrowser 下载成功。" 175 | else 176 | log "Filebrowser 下载失败,请检查网络连接或 URL 是否正确。" 177 | exit 1 178 | fi 179 | 180 | log "解压 Filebrowser..." 181 | if tar -zxvf /tmp/filebrowser.tar.gz -C /usr/local/bin; then 182 | log "Filebrowser 解压成功。" 183 | else 184 | log "Filebrowser 解压失败,请检查压缩包是否正确。" 185 | exit 1 186 | fi 187 | 188 | log "设置 Filebrowser 可执行权限..." 189 | if chmod +x /usr/local/bin/filebrowser; then 190 | log "Filebrowser 设置权限成功。" 191 | else 192 | log "Filebrowser 设置权限失败,请检查文件路径和权限设置。" 193 | exit 1 194 | fi 195 | } 196 | # 安装 Sing-Box 197 | install_singbox() { 198 | log "开始安装 Sing-Box" 199 | arch=$(detect_architecture) 200 | log "系统架构是:$arch" 201 | # 定义下载 URL 202 | SING_BOX_URL="https://github.com/herozmy/StoreHouse/releases/download/sing-box/sing-box-puernya-linux-$arch.tar.gz" 203 | 204 | # 下载文件 205 | log "正在下载 Sing-Box: $SING_BOX_URL" 206 | wget -O "sing-box-linux-$arch.tar.gz" "$SING_BOX_URL" 207 | if [ $? -ne 0 ]; then 208 | log "Sing-Box 下载失败!退出脚本。" 209 | exit 1 210 | fi 211 | 212 | # 解压文件 213 | tar -zxvf "sing-box-linux-$arch.tar.gz" 214 | if [ $? -ne 0 ]; then 215 | log "解压失败,请检查文件完整性!退出脚本。" 216 | exit 1 217 | fi 218 | 219 | # 检查是否已安装 220 | if [ -f "/usr/local/bin/sing-box" ]; then 221 | log "检测到已安装的 Sing-Box" 222 | read -p "是否替换升级?(y/n): " replace_confirm 223 | if [ "$replace_confirm" == "y" ]; then 224 | log "正在替换升级 Sing-Box" 225 | mv -f sing-box /usr/local/bin/ 226 | log "Sing-Box 替换升级完成" 227 | else 228 | log "用户取消了替换升级操作" 229 | fi 230 | else 231 | mv -f sing-box /usr/local/bin/ 232 | log "Sing-Box 安装完成" 233 | fi 234 | 235 | log "设置 sing-box 可执行权限..." 236 | if chmod +x /usr/local/bin/sing-box; then 237 | log "设置权限成功。" 238 | else 239 | log "设置权限失败,请检查文件路径和权限设置。" 240 | exit 1 241 | fi 242 | 243 | # 清理临时文件 244 | rm -f "sing-box-linux-$arch.tar.gz" 245 | log "临时文件已清理" 246 | } 247 | # singbox用户自定义设置 248 | singbox_customize_settings() { 249 | echo "是否选择生成配置(更新安装请选择n)?(y/n)" 250 | echo "生成配置文件需要添加机场订阅,如自建 VPS 请选择 n" 251 | read choice 252 | if [ "$choice" = "y" ]; then 253 | while true; do 254 | read -p "输入订阅连接(多个用空格分隔,输入 q 退出): " suburls 255 | 256 | if [[ "$suburls" == "q" ]]; then 257 | log "已取消自动生成配置,请手动编辑 /mssb/sing-box/config.json" 258 | break 259 | fi 260 | 261 | valid=true 262 | for url in $suburls; do 263 | if [[ $url != http* ]]; then 264 | echo "❌ 无效的订阅连接:$url(应以 http 开头)" 265 | valid=false 266 | break 267 | fi 268 | done 269 | 270 | if [ "$valid" = true ]; then 271 | echo "✅ 已设置订阅连接地址:$suburls" 272 | python3 update_sub.py -v "$suburls" 273 | log "订阅连接处理完成。" 274 | break 275 | else 276 | log "部分订阅链接不符合要求,请重新输入。" 277 | fi 278 | done 279 | elif [ "$choice" = "n" ]; then 280 | log "你选择了手动配置,请编辑 /mssb/sing-box/config.json" 281 | else 282 | log "无效选择,请输入 y 或 n。" 283 | singbox_customize_settings # 递归重新执行 284 | fi 285 | } 286 | # 安装mihomo 287 | install_mihomo() { 288 | arch=$(detect_architecture) 289 | download_url="https://github.com/herozmy/StoreHouse/releases/download/mihomo/mihomo-meta-linux-${arch}.tar.gz" 290 | log "开始下载 Mihomo 核心..." 291 | 292 | if ! wget -O /tmp/mihomo.tar.gz "$download_url"; then 293 | log "Mihomo 下载失败,请检查网络连接" 294 | exit 1 295 | fi 296 | 297 | log "Mihomo 下载完成,开始安装" 298 | tar -zxvf /tmp/mihomo.tar.gz -C /usr/local/bin > /dev/null 2>&1 || { 299 | log "解压 Mihomo 失败,请检查压缩包完整性" 300 | exit 1 301 | } 302 | 303 | chmod +x /usr/local/bin/mihomo || log "警告:未能设置 Mihomo 执行权限" 304 | rm -f /tmp/mihomo.tar.gz 305 | log "Mihomo 安装完成,临时文件已清理" 306 | } 307 | # mihomo用户自定义设置 308 | mihomo_customize_settings() { 309 | echo "是否选择生成配置(更新安装请选择n)?(y/n)" 310 | echo "生成配置文件需要添加机场订阅,如自建vps请选择n" 311 | read choice 312 | if [ "$choice" = "y" ]; then 313 | while true; do 314 | read -p "输入订阅连接(mihomo模式暂时只支持单个,多个需手动修改yaml文件),输入 q 返回上一步: " suburl 315 | if [[ "$suburl" == "q" ]]; then 316 | log "已取消自动生成配置,请手动编辑 /mssb/mihomo/config.yaml" 317 | break 318 | elif [[ -n "$suburl" ]]; then 319 | escaped_url=$(printf '%s\n' "$suburl" | sed 's/[&/\]/\\&/g') 320 | sed -i "s|url: '机场订阅'|url: '$escaped_url'|" /mssb/mihomo/config.yaml 321 | sed -i "s|interface-name: eth0|interface-name: $selected_interface|" /mssb/mihomo/config.yaml 322 | log "订阅链接已写入。" 323 | break 324 | else 325 | echo "订阅链接不能为空,请重新输入或输入 q 退出。" 326 | fi 327 | done 328 | elif [ "$choice" = "n" ]; then 329 | log "你选择了手动配置 /mssb/mihomo/config.yaml。" 330 | else 331 | log "无效选择,请输入 y 或 n。" 332 | mihomo_customize_settings # 重新询问 333 | fi 334 | } 335 | 336 | # 检测ui是否存在 337 | check_ui() { 338 | if [ -z "$core_name" ]; then 339 | echo -e "${red}未检测到核心程序名(core_name),请先设置 core_name${reset}" 340 | return 1 341 | fi 342 | 343 | ui_path="/mssb/${core_name}/ui" 344 | 345 | if [ -d "$ui_path" ]; then 346 | echo "检测到已有 UI,正在更新 WEBUI..." 347 | rm -rf "$ui_path" 348 | git_ui 349 | else 350 | echo "未检测到 UI,首次安装 WEBUI..." 351 | git_ui 352 | fi 353 | } 354 | # 下载UI源码 355 | git_ui(){ 356 | if git clone --depth=1 https://github.com/Zephyruso/zashboard.git -b gh-pages /mssb/${core_name}/ui; then 357 | echo -e "UI 源码拉取${green_text}成功${reset}。" 358 | else 359 | echo "拉取源码失败,请手动下载源码并解压至 /mssb/${core_name}/ui." 360 | echo "地址: https://github.com/Zephyruso/zashboard.git" 361 | fi 362 | } 363 | 364 | # 检查dns 53是否被占用 365 | check_resolved(){ 366 | if [ -f /etc/systemd/resolved.conf ]; then 367 | # 检测是否有未注释的 DNSStubListener 行 368 | dns_stub_listener=$(grep "^DNSStubListener=" /etc/systemd/resolved.conf) 369 | if [ -z "$dns_stub_listener" ]; then 370 | # 如果没有找到未注释的 DNSStubListener 行,检查是否有被注释的 DNSStubListener 371 | commented_dns_stub_listener=$(grep "^#DNSStubListener=" /etc/systemd/resolved.conf) 372 | if [ -n "$commented_dns_stub_listener" ]; then 373 | # 如果找到被注释的 DNSStubListener,取消注释并改为 no 374 | sed -i 's/^#DNSStubListener=.*/DNSStubListener=no/' /etc/systemd/resolved.conf 375 | systemctl restart systemd-resolved.service 376 | green "53端口占用已解除" 377 | else 378 | green "未找到53端口占用配置,无需操作" 379 | fi 380 | elif [ "$dns_stub_listener" = "DNSStubListener=yes" ]; then 381 | # 如果找到 DNSStubListener=yes,则修改为 no 382 | sed -i 's/^DNSStubListener=yes/DNSStubListener=no/' /etc/systemd/resolved.conf 383 | systemctl restart systemd-resolved.service 384 | green "53端口占用已解除" 385 | elif [ "$dns_stub_listener" = "DNSStubListener=no" ]; then 386 | # 如果 DNSStubListener 已为 no,提示用户无需修改 387 | echo -e "${yellow}53端口未被占用,无需操作${reset}" 388 | fi 389 | else 390 | echo -e "${yellow} /etc/systemd/resolved.conf 不存在,无需操作${reset}" 391 | fi 392 | } 393 | # tproxy转发服务安装 394 | install_tproxy() { 395 | check_resolved 396 | sleep 1 397 | echo -e "${yellow}配置tproxy${reset}" 398 | sleep 1 399 | echo -e "${yellow}创建系统转发${reset}" 400 | # 判断是否已存在 net.ipv4.ip_forward=1 401 | if ! grep -q '^net.ipv4.ip_forward=1$' /etc/sysctl.conf; then 402 | echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf 403 | fi 404 | 405 | # 判断是否已存在 net.ipv6.conf.all.forwarding = 1 406 | # if ! grep -q '^net.ipv6.conf.all.forwarding = 1$' /etc/sysctl.conf; then 407 | # echo 'net.ipv6.conf.all.forwarding = 1' >> /etc/sysctl.conf 408 | # fi 409 | sleep 1 410 | echo -e "${green_text}系统转发创建完成${reset}" 411 | sleep 1 412 | echo -e "${yellow}开始创建nftables tproxy转发${reset}" 413 | apt install nftables -y 414 | # 写入tproxy rule 415 | # 判断文件是否存在"$core_name" = "sing-box" 416 | if [ ! -f "/etc/systemd/system/${core_name}-router.service" ]; then 417 | cat < "/etc/systemd/system/${core_name}-router.service" 418 | [Unit] 419 | Description=${core_name} TProxy Rules 420 | After=network.target 421 | Wants=network.target 422 | 423 | [Service] 424 | User=root 425 | Type=oneshot 426 | RemainAfterExit=yes 427 | # there must be spaces before and after semicolons 428 | ExecStart=/sbin/ip rule add fwmark 1 table 100 ; /sbin/ip route add local default dev lo table 100 ; /sbin/ip -6 rule add fwmark 1 table 101 ; /sbin/ip -6 route add local ::/0 dev lo table 101 429 | ExecStop=/sbin/ip rule del fwmark 1 table 100 ; /sbin/ip route del local default dev lo table 100 ; /sbin/ip -6 rule del fwmark 1 table 101 ; /sbin/ip -6 route del local ::/0 dev lo table 101 430 | 431 | [Install] 432 | WantedBy=multi-user.target 433 | EOF 434 | echo "${core_name}-router 服务创建完成" 435 | else 436 | echo "警告:${core_name}-router 服务文件已存在,无需创建" 437 | fi 438 | ################################写入nftables################################ 439 | check_interfaces 440 | echo "" > "/etc/nftables.conf" 441 | cat < "/etc/nftables.conf" 442 | #!/usr/sbin/nft -f 443 | flush ruleset 444 | table inet $core_name { 445 | set local_ipv4 { 446 | type ipv4_addr 447 | flags interval 448 | elements = { 449 | 10.0.0.0/8, 450 | 127.0.0.0/8, 451 | 169.254.0.0/16, 452 | 172.16.0.0/12, 453 | 192.168.0.0/16, 454 | 240.0.0.0/4 455 | } 456 | } 457 | 458 | set local_ipv6 { 459 | type ipv6_addr 460 | flags interval 461 | elements = { 462 | ::ffff:0.0.0.0/96, 463 | 64:ff9b::/96, 464 | 100::/64, 465 | 2001::/32, 466 | 2001:10::/28, 467 | 2001:20::/28, 468 | 2001:db8::/32, 469 | 2002::/16, 470 | fc00::/7, 471 | fe80::/10 472 | } 473 | } 474 | 475 | chain ${core_name}-tproxy { 476 | fib daddr type { unspec, local, anycast, multicast } return 477 | ip daddr @local_ipv4 return 478 | ip6 daddr @local_ipv6 return 479 | udp dport { 123 } return 480 | udp dport { 53 } accept 481 | meta l4proto { tcp, udp } meta mark set 1 tproxy to :7896 accept 482 | } 483 | 484 | chain ${core_name}-mark { 485 | fib daddr type { unspec, local, anycast, multicast } return 486 | ip daddr @local_ipv4 return 487 | ip6 daddr @local_ipv6 return 488 | udp dport { 123 } return 489 | udp dport { 53 } accept 490 | meta mark set 1 491 | } 492 | 493 | chain mangle-output { 494 | type route hook output priority mangle; policy accept; 495 | meta l4proto { tcp, udp } skgid != 1 ct direction original goto ${core_name}-mark 496 | } 497 | 498 | chain mangle-prerouting { 499 | type filter hook prerouting priority mangle; policy accept; 500 | iifname { wg0, lo, $selected_interface } meta l4proto { tcp, udp } ct direction original goto ${core_name}-tproxy 501 | } 502 | } 503 | EOF 504 | 505 | echo -e "${green_text}nftables规则写入完成${reset}" 506 | sleep 1 507 | echo "清空 nftalbes 规则" 508 | nft flush ruleset 509 | sleep 1 510 | echo "新规则生效" 511 | sleep 1 512 | nft -f /etc/nftables.conf 513 | echo "启用相关服务" 514 | systemctl enable --now nftables 515 | if [ "$core_name" = "sing-box" ]; then 516 | # 启用 sing-box-router,禁用 mihomo-router 517 | systemctl disable --now mihomo-router &>/dev/null 518 | rm -f /etc/systemd/system/mihomo-router.service 519 | systemctl enable --now sing-box-router || { log "启用相关服务 失败!退出脚本。"; exit 1; } 520 | elif [ "$core_name" = "mihomo" ]; then 521 | # 启用 mihomo-router,禁用 sing-box-router 522 | systemctl disable --now sing-box-router &>/dev/null 523 | rm -f /etc/systemd/system/sing-box-router.service 524 | systemctl enable --now mihomo-router || { log "启用相关服务 失败!退出脚本。"; exit 1; } 525 | else 526 | log "未识别的 core_name: $core_name,跳过 启用相关服务。" 527 | fi 528 | } 529 | 530 | # 网卡检测或者手动输入 531 | check_interfaces() { 532 | interfaces=$(ip -o link show | awk -F': ' '{print $2}') 533 | # 输出物理网卡名称 534 | for interface in $interfaces; do 535 | if [[ $interface =~ ^(en|eth).* ]]; then 536 | interface_name=$(echo "$interface" | awk -F'@' '{print $1}') 537 | echo "您的网卡是:$interface_name" 538 | fi 539 | done 540 | read -p "脚本自行检测的是否是您要的网卡?(y/n): " confirm_interface 541 | if [ "$confirm_interface" = "y" ]; then 542 | selected_interface="$interface_name" 543 | log "您选择的网卡是: $selected_interface" 544 | elif [ "$confirm_interface" = "n" ]; then 545 | read -p "请自行输入您的网卡名称: " selected_interface 546 | log "您输入的网卡名称是: $selected_interface" 547 | else 548 | log "无效的选择" 549 | exit 1 550 | fi 551 | } 552 | 553 | # 函数:检查并复制文件夹 554 | check_and_copy_folder() { 555 | local folder_name=$1 556 | if [ -d "/mssb/$folder_name" ]; then 557 | log "/mssb/$folder_name 文件夹已存在,跳过替换。" 558 | else 559 | cp -r "mssb/$folder_name" "/mssb/" || { log "复制 mssb/$folder_name 目录失败!退出脚本。"; exit 1; } 560 | log "成功复制 mssb/$folder_name 目录到 /mssb/" 561 | fi 562 | } 563 | # 复制 mssb/mosdns fb 配置文件 564 | cp_config_files() { 565 | log "复制 mssb/fb 目录..." 566 | check_and_copy_folder "fb" 567 | 568 | # =============================== 569 | # 备份 proxy-device-list.txt 570 | # =============================== 571 | if [ -f "/mssb/mosdns/proxy-device-list.txt" ]; then 572 | log "备份 /mssb/mosdns/proxy-device-list.txt 到 /tmp/ 目录..." 573 | cp "/mssb/mosdns/proxy-device-list.txt" /tmp/proxy-device-list.txt.bak || { 574 | log "备份 proxy-device-list.txt 失败,退出脚本。" 575 | exit 1 576 | } 577 | fi 578 | 579 | log "复制 mssb/mosdns 目录..." 580 | check_and_copy_folder "mosdns" 581 | 582 | # =============================== 583 | # 恢复 proxy-device-list.txt 584 | # =============================== 585 | if [ -f "/tmp/proxy-device-list.txt.bak" ]; then 586 | log "恢复 proxy-device-list.txt 到 /mssb/mosdns/..." 587 | cp /tmp/proxy-device-list.txt.bak /mssb/mosdns/proxy-device-list.txt || { 588 | log "恢复 proxy-device-list.txt 失败,退出脚本。" 589 | exit 1 590 | } 591 | rm -f /tmp/proxy-device-list.txt.bak 592 | fi 593 | 594 | log "复制supervisor配置文件..." 595 | if [ "$core_name" = "sing-box" ]; then 596 | cp run_mssb/supervisord.conf /etc/supervisor/ || { 597 | log "复制 supervisord.conf 失败!退出脚本。" 598 | exit 1 599 | } 600 | elif [ "$core_name" = "mihomo" ]; then 601 | cp run_msmo/supervisord.conf /etc/supervisor/ || { 602 | log "复制 supervisord.conf 失败!退出脚本。" 603 | exit 1 604 | } 605 | else 606 | log "未识别的 core_name: $core_name,跳过复制 supervisor 配置文件。" 607 | fi 608 | 609 | cp -r watch / || { 610 | log "复制 watch 目录失败!退出脚本。" 611 | exit 1 612 | } 613 | 614 | log "设置脚本可执行权限..." 615 | chmod +x /watch/*.sh || { 616 | log "设置 /watch/*.sh 权限失败!退出脚本。" 617 | exit 1 618 | } 619 | } 620 | 621 | 622 | # singbox配置文件复制 623 | singbox_configure_files() { 624 | log "检查是否存在 /mssb/sing-box/config.json ..." 625 | CONFIG_JSON="/mssb/sing-box/config.json" 626 | BACKUP_JSON="/tmp/config_backup.json" 627 | 628 | # 如果 config.json 存在,则进行备份 629 | if [ -f "$CONFIG_JSON" ]; then 630 | log "发现 config.json 文件,备份到 /tmp 目录..." 631 | cp "$CONFIG_JSON" "$BACKUP_JSON" || { log "备份 config.json 失败!退出脚本。"; exit 1; } 632 | else 633 | log "未发现 config.json 文件,跳过备份步骤。" 634 | fi 635 | # 复制 mssb/sing-box 目录 636 | log "复制 mssb/sing-box 目录..." 637 | if [ -d "/mssb/sing-box" ]; then 638 | log "/mssb/sing-box 目录已存在,跳过替换。" 639 | else 640 | cp -r mssb/sing-box /mssb || { log "复制 mssb/sing-box 目录失败!退出脚本。"; exit 1; } 641 | log "成功复制 mssb/sing-box 目录到 /mssb" 642 | fi 643 | 644 | # 如果之前有备份 config.json,则恢复备份文件 645 | if [ -f "$BACKUP_JSON" ]; then 646 | log "恢复 config.json 文件到 /mssb/sing-box ..." 647 | cp "$BACKUP_JSON" "$CONFIG_JSON" || { log "恢复 config.json 失败!退出脚本。"; exit 1; } 648 | log "恢复完成,删除临时备份文件..." 649 | rm -f "$BACKUP_JSON" 650 | fi 651 | } 652 | # mihomo配置文件复制 653 | mihomo_configure_files() { 654 | log "检查是否存在 /mssb/mihomo/config.yaml ..." 655 | CONFIG_YAML="/mssb/mihomo/config.yaml" 656 | BACKUP_YAML="/tmp/mihomo_config.yaml" 657 | 658 | # 如果 config.json 存在,则进行备份 659 | if [ -f "$CONFIG_YAML" ]; then 660 | log "发现 config.yaml 文件,备份到 /tmp 目录..." 661 | cp "$CONFIG_YAML" "$BACKUP_YAML" || { log "备份 config.yaml 失败!退出脚本。"; exit 1; } 662 | else 663 | log "未发现 config.yaml 文件,跳过备份步骤。" 664 | fi 665 | # 复制 mssb/sing-box 目录 666 | log "复制 mssb/mihomo 目录..." 667 | if [ -d "/mssb/mihomo" ]; then 668 | log "/mssb/mihomo 目录已存在,跳过替换。" 669 | else 670 | cp -r mssb/mihomo /mssb || { log "复制 mssb/mihomo 目录失败!退出脚本。"; exit 1; } 671 | log "成功复制 mssb/mihomo目录到 /mssb" 672 | fi 673 | 674 | # 如果之前有备份 config.json,则恢复备份文件 675 | if [ -f "$BACKUP_YAML" ]; then 676 | log "恢复 config.json 文件到 /mssb/mihomo ..." 677 | cp "$BACKUP_YAML" "$CONFIG_YAML" || { log "恢复 config.yaml 失败!退出脚本。"; exit 1; } 678 | log "恢复完成,删除临时备份文件..." 679 | rm -f "$BACKUP_YAML" 680 | fi 681 | } 682 | # 服务启动和重载 683 | reload_service() { 684 | log "重启 Supervisor..." 685 | if ! supervisorctl stop all; then 686 | log "停止 Supervisor 失败!" 687 | exit 1 688 | fi 689 | log "Supervisor 停止成功。" 690 | sleep 2 691 | 692 | if ! supervisorctl reload; then 693 | log "重启 Supervisor 失败!" 694 | exit 1 695 | fi 696 | log "Supervisor 重启成功。" 697 | sleep 2 698 | 699 | # 根据 core_name 重启 systemd 服务 700 | if [ "$core_name" = "sing-box" ]; then 701 | systemctl restart sing-box-router 702 | log "已重启 sing-box-router 服务。" 703 | elif [ "$core_name" = "mihomo" ]; then 704 | systemctl restart mihomo-router 705 | log "已重启 mihomo-router 服务。" 706 | else 707 | log "未识别的 core_name: $core_name,跳过 systemd 服务重启。" 708 | fi 709 | } 710 | # 添加任务到 crontab 711 | add_cron_jobs() { 712 | if [ "$core_name" = "sing-box" ]; then 713 | cron_jobs=( 714 | "0 4 * * 1 /watch/update_mosdns.sh # update_mosdns" 715 | "15 4 * * 1 /watch/update_cn.sh # update_cn" 716 | "10 4 * * 1 /watch/update_sb.sh # update_sb" 717 | ) 718 | 719 | # 清除旧的 sing-box 相关任务 720 | (crontab -l | grep -v -e "# update_mosdns" -e "# update_sb" -e "# update_cn") | crontab - 721 | elif [ "$core_name" = "mihomo" ]; then 722 | cron_jobs=( 723 | "0 4 * * 1 /watch/update_mosdns.sh # update_mosdns" 724 | "15 4 * * 1 /watch/update_cn.sh # update_cn" 725 | "10 4 * * 1 /watch/update_mihomo.sh # update_mihomo" 726 | ) 727 | 728 | # 清除旧的 mihomo 相关任务 729 | (crontab -l | grep -v -e "# update_mosdns" -e "# update_mihomo" -e "# update_cn") | crontab - 730 | else 731 | log "未识别的 core_name($core_name),跳过定时任务设置。" 732 | return 733 | fi 734 | 735 | for job in "${cron_jobs[@]}"; do 736 | if (crontab -l | grep -q -F "$job"); then 737 | log "定时任务已存在:$job" 738 | else 739 | (crontab -l; echo "$job") | crontab - 740 | log "定时任务已成功添加:$job" 741 | fi 742 | done 743 | } 744 | 745 | 746 | # 主函数 747 | main() { 748 | green_text="\e[32m" 749 | red_text="\e[31m" 750 | reset="\e[0m" 751 | 752 | echo -e "${green_text}------------------------注意:请使用 root 用户安装!!!-------------------------${reset}" 753 | echo -e "${green_text}请选择操作:${reset}" 754 | echo -e "${green_text}1) 安装/更新代理转发服务${reset}" 755 | echo -e "${red_text}2) 停止所有转发服务${reset}" 756 | echo -e "${red_text}3) 停止所有服务并卸载 + 删除所有相关文件${reset}" 757 | echo -e "${green_text}4) 启用所有服务${reset}" 758 | echo -e "${green_text}-------------------------------------------------${reset}" 759 | read -p "请输入选项 (1/2/3/4): " main_choice 760 | 761 | case "$main_choice" in 762 | 2) 763 | echo -e "${red_text}⛔ 正在停止所有转发相关服务...${reset}" 764 | supervisorctl stop all || echo "supervisorctl 未安装或未配置" 765 | systemctl stop sing-box-router.service 2>/dev/null 766 | systemctl stop mihomo-router.service 2>/dev/null 767 | systemctl stop nftables.service 2>/dev/null 768 | log "所有相关服务已停止。" 769 | exit 0 770 | ;; 771 | 3) 772 | echo -e "${red_text}⚠️ 正在停止并卸载所有服务...${reset}" 773 | supervisorctl stop all || echo "supervisorctl 未安装或未配置" 774 | systemctl stop sing-box-router.service 2>/dev/null 775 | systemctl stop mihomo-router.service 2>/dev/null 776 | systemctl stop nftables.service 2>/dev/null 777 | 778 | systemctl disable sing-box-router.service 2>/dev/null 779 | systemctl disable mihomo-router.service 2>/dev/null 780 | systemctl disable nftables.service 2>/dev/null 781 | 782 | rm -rf /mssb 783 | rm -rf /etc/systemd/system/sing-box-router.service 784 | rm -rf /etc/systemd/system/mihomo-router.service 785 | rm -rf /etc/nftables.conf 786 | rm -rf /usr/local/bin/mosdns 787 | rm -f /etc/supervisor/supervisord.conf 788 | apt-get remove -y supervisor >/dev/null 2>&1 789 | apt-get purge -y supervisor >/dev/null 2>&1 790 | systemctl daemon-reload 791 | 792 | log "✅ 所有服务已停止,配置与文件已删除,supervisor 已卸载。" 793 | exit 0 794 | ;; 795 | 4) 796 | echo -e "${green_text}✅ 正在启动所有转发相关服务...${reset}" 797 | # 启动 sing-box-router 798 | systemctl start sing-box-router.service 2>/dev/null || echo "❌ sing-box-router 启动失败" 799 | # 启动 mihomo-router 800 | systemctl start mihomo-router.service 2>/dev/null || echo "❌ mihomo-router 启动失败" 801 | # 清空 nftables 前备份,防止错误导致无规则运行 802 | cp /etc/nftables.conf /etc/nftables.conf.bak 803 | # 语法检查 nft 配置,避免意外 804 | if nft -c -f /etc/nftables.conf; then 805 | nft flush ruleset 806 | sleep 1 807 | nft -f /etc/nftables.conf 808 | systemctl start nftables.service 2>/dev/null || echo "❌ nftables 服务启动失败" 809 | else 810 | echo "⚠️ /etc/nftables.conf 有语法错误,已取消加载。" 811 | fi 812 | # 判断 supervisor 是否安装 813 | if command -v supervisorctl &>/dev/null; then 814 | supervisorctl start all || echo "❌ supervisorctl 执行失败" 815 | else 816 | echo "⚠️ supervisorctl 未安装" 817 | fi 818 | 819 | log "✅ 所有相关服务已启动完成。" 820 | exit 0 821 | ;; 822 | 1) 823 | echo -e "${green_text}✅ 继续安装/更新代理服务...${reset}" 824 | ;; 825 | *) 826 | log "无效选项,退出脚本。" 827 | exit 1 828 | ;; 829 | esac 830 | 831 | update_system 832 | set_timezone 833 | 834 | echo -e "${green_text}-------------------------------------------------${reset}" 835 | echo -e "${green_text}Fake-ip 网关代理方案:sing-box P核/mihomo + MosDNS${reset}" 836 | echo "---支持 debian,其他系统未测试。理论上支持debian/ubuntu 安装前请确保系统未安装其他代理软件---" 837 | echo "---完全参考 https://github.com/herozmy/StoreHouse/tree/latest ---" 838 | echo -e "当前机器地址:${green_text}${local_ip}${reset}" 839 | check_installed 840 | check_core_status 841 | echo -e "${green_text}-------------------------------------------------${reset}" 842 | echo 843 | 844 | echo -e "${green_text}请选择安装方案:${reset}" 845 | echo "1) 方案1:Sing-box P核(支持订阅) + MosDNS" 846 | echo "2) 方案2:Mihomo + MosDNS" 847 | echo -e "${green_text}-------------------------------------------------${reset}" 848 | read -p "请输入选项 (1/2): " choice 849 | case "$choice" in 850 | 1) 851 | core_name="sing-box" 852 | log "你选择了方案1:Sing-box P核(支持订阅) + MosDNS" 853 | install_filebrower 854 | install_mosdns 855 | install_singbox 856 | cp_config_files 857 | singbox_configure_files 858 | singbox_customize_settings 859 | check_ui 860 | install_tproxy 861 | reload_service 862 | ;; 863 | 2) 864 | core_name="mihomo" 865 | log "你选择了方案2:Mihomo + MosDNS" 866 | install_filebrower 867 | install_mosdns 868 | install_mihomo 869 | cp_config_files 870 | mihomo_configure_files 871 | check_ui 872 | install_tproxy 873 | mihomo_customize_settings 874 | reload_service 875 | ;; 876 | *) 877 | log "无效选项,退出安装。" 878 | exit 1 879 | ;; 880 | esac 881 | 882 | echo 883 | echo -e "${green_text}-------------------------------------------------${reset}" 884 | echo "是否添加以下定时更新任务?每周一凌晨执行:" 885 | echo "- 4:00 更新 MosDNS" 886 | if [ "$core_name" = "sing-box" ]; then 887 | echo "- 4:10 更新 Sing-box" 888 | echo "- 4:15 更新 CN 域名数据" 889 | else 890 | echo "- 4:10 更新 Mihomo" 891 | echo "- 4:15 更新 CN 域名数据" 892 | fi 893 | echo -e "${green_text}-------------------------------------------------${reset}" 894 | read -p "是否添加定时任务?(y/n): " enable_cron 895 | if [[ "$enable_cron" == "y" || "$enable_cron" == "Y" ]]; then 896 | add_cron_jobs 897 | else 898 | log "用户选择不添加定时任务。" 899 | fi 900 | 901 | echo -e "${green_text}-------------------------------------------------${reset}" 902 | echo -e "${green_text}🎉 安装成功!以下是服务信息:${reset}" 903 | echo -e "🌐 Mosdns 统计界面:${green_text}http://${local_ip}:9099/graphic${reset}" 904 | echo 905 | echo -e "📦 Supervisor 管理界面:${green_text}http://${local_ip}:9001${reset}" 906 | echo -e " - 用户名:mssb" 907 | echo -e " - 密码:mssb123.." 908 | echo 909 | echo -e "🗂️ 文件管理服务 Filebrowser:${green_text}http://${local_ip}:8088${reset}" 910 | echo -e " - 用户名:admin" 911 | echo -e " - 密码:admin" 912 | echo 913 | echo -e "🕸️ Sing-box/Mihomo 面板 UI:${green_text}http://${local_ip}:9090/ui${reset}" 914 | echo -e " - 密码:mssb123.." 915 | echo -e "${green_text}-------------------------------------------------${reset}" 916 | 917 | 918 | log "脚本执行完成。" 919 | } 920 | 921 | 922 | main 923 | -------------------------------------------------------------------------------- /mssb/fb/fb.json: -------------------------------------------------------------------------------- 1 | { 2 | "address": "0.0.0.0", 3 | "port": 8088, 4 | "database": "/mssb/fb/fb.db", 5 | "root": "/mssb", 6 | "baseURL": "/mssb", 7 | "locale": "zh-cn", 8 | "authMethod": "default", 9 | "branding": { 10 | "name": "mssb文件编辑", 11 | "disableExternal": false, 12 | "files": "" 13 | }, 14 | "defaults": { 15 | "scope": "/", 16 | "locale": "zh-cn", 17 | "viewMode": "mosaic", 18 | "singleClick": false, 19 | "permissions": { 20 | "admin": false, 21 | "execute": true, 22 | "create": true, 23 | "rename": true, 24 | "modify": true, 25 | "delete": true, 26 | "share": true, 27 | "download": true 28 | } 29 | }, 30 | "commands": [], 31 | "shell": "/bin/bash" 32 | } 33 | -------------------------------------------------------------------------------- /mssb/mihomo/config.yaml: -------------------------------------------------------------------------------- 1 | ## ----全局配置------ 2 | 3 | # 运行模式 4 | mode: rule 5 | # 日志级别 6 | log-level: info 7 | # 统一延迟 8 | unified-delay: true 9 | # TCP 并发 10 | tcp-concurrent: true 11 | # 网口指定,不要删除,脚本会自动修改 12 | interface-name: eth0 13 | # v6设置 14 | ipv6: true 15 | # udp设置 16 | udp: true 17 | # 端口相关设置 18 | # HTTP 代理端口 用于传统的 HTTP 代理 19 | port: 7890 20 | # SOCKS5 代理端口 21 | socks-port: 7891 22 | # 混合端口 HTTP + SOCKS5 23 | # 启用后,这个端口同时支持 HTTP 和 SOCKS5 协议 24 | mixed-port: 7892 25 | # Redirect 模式端口 用于 Linux 下 iptables 的 TUN/透明代理 26 | redir-port: 7893 27 | # TPROXY 模式端口 Transparent Proxy 不要修改脚本需要通过这个端口进行转发 28 | # 也用于透明代理,但相比 redir-port,TPROXY 可以保留原始源地址 29 | tproxy-port: 7896 30 | # 是否启用 新一代 GEO 数据 geoip、geosite 模式 31 | geodata-mode: true 32 | # GEO 数据加载方式: 33 | # 34 | # standard 使用官方推荐的稳定数据格式 配合 geosite.dat, geoip.dat 35 | # 36 | # lite 更轻量,数据更小 裁剪版 37 | # 38 | # mmdb 兼容传统 Clash 的 Country.mmdb 39 | geodata-loader: standard 40 | # 是否自动更新 geo 数据 41 | geo-auto-update: true 42 | # 每 24 小时更新一次 43 | geo-update-interval: 24 44 | # 匹配进程 always/strict/off 流量进程识别 45 | find-process-mode: strict 46 | # 指纹伪装 47 | global-client-fingerprint: chrome 48 | # "*" 表示监听所有网卡 包括外网 IP、局域网 IP 49 | bind-address: "*" 50 | # 是否允许 LAN 内其他设备连接代理 51 | allow-lan: true 52 | # 高级路由标记 53 | routing-mark: 1 54 | 55 | # 控制面板 56 | external-controller: :9090 57 | external-ui: /mssb/mihomo/ui 58 | external-ui-url: 'https://github.com/Zephyruso/zashboard/archive/refs/heads/gh-pages.zip' 59 | 60 | geox-url: 61 | geoip: "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geoip.dat" 62 | geosite: "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geosite.dat" 63 | mmdb: 'https://gitlab.com/Masaiki/GeoIP2-CN/-/raw/release/Country.mmdb' 64 | asn: 'https://gitlab.com/Loon0x00/loon_data/-/raw/main/geo/GeoLite2-ASN.mmdb' 65 | 66 | profile: 67 | store-selected: true 68 | store-fake-ip: true 69 | 70 | sniffer: 71 | # 搭配mosdns要关闭不能打开不然转发失败 72 | enable: false 73 | tun: 74 | # 搭配mosdns要关闭不能打开不然转发失败 75 | enable: false 76 | 77 | dns: 78 | enable: true 79 | # 默认端口也不能修改 80 | listen: 0.0.0.0:6666 81 | ipv6: true 82 | enhanced-mode: fake-ip 83 | # 这个也不能修改和mosdns联动的 84 | fake-ip-range: 28.0.0.1/8 85 | fake-ip-filter: 86 | - "*" 87 | - +.lan 88 | default-nameserver: 89 | - 223.5.5.5 90 | - 119.29.29.249 91 | nameserver: 92 | - 223.5.5.5 93 | - 119.29.29.249 94 | - https://223.5.5.5/resolve 95 | - https://doh.pub/dns-query 96 | - https://dns.alidns.com/dns-query 97 | 98 | # 锚点 - 节点订阅的参数 [每小时更新一次订阅节点,每 6 秒一次健康检查] 99 | NodeParam: &NodeParam {type: http, interval: 3600, health-check: {enable: true, url: 'http://detectportal.firefox.com/success.txt', interval: 6}} 100 | 101 | # 锚点 - 节点订阅 102 | proxy-providers: 103 | 机场名称1: 104 | url: '机场订阅' 105 | <<: *NodeParam 106 | path: './proxy_providers/sub.yaml' 107 | 108 | # 锚点 - 节点筛选组 109 | FilterAll: &FilterAll '^(?=.*(.))(?!.*((?i)群|邀请|返利|循环|官网|客服|网站|网址|获取|订阅|流量|到期|机场|下次|版本|官址|备用|过期|已用|联系|邮箱|工单|贩卖|通知|倒卖|防止|国内|地址|频道|无法|说明|使用|提示|特别|访问|支持|教程|关注|更新|作者|加入|(\b(USE|USED|TOTAL|EXPIRE|EMAIL|Panel|Channel|Author)\b|(\d{4}-\d{2}-\d{2}|\d+G)))).*$' 110 | 111 | # 策略组参数锚点 112 | # 锚点 - 时延优选参数 [每 30 秒一次惰性健康检查,容差 20ms,时延超过 2 秒判定为失败,失败 3 次则自动触发健康检查] 113 | UrlTest: &UrlTest {type: url-test, interval: 30, tolerance: 20, lazy: true, url: 'http://detectportal.firefox.com/success.txt', disable-udp: false, timeout: 2000, max-failed-times: 3, hidden: true, include-all-providers: true} 114 | # 锚点 - 故障转移参数 [每 6 秒一次惰性健康检查,时延超过 2 秒判定为失败,失败 3 次则自动触发健康检查] 115 | # FallBack: &FallBack {type: fallback, interval: 6, lazy: true, url: 'http://detectportal.firefox.com/success.txt', disable-udp: false, timeout: 2000, max-failed-times: 3, hidden: true, include-all-providers: true} 116 | # 锚点 - 负载均衡参数 [每 6 秒一次惰性健康检查,时延超过 2 秒判定为失败,失败 3 次则自动触发健康检查] 117 | # LoadBalance: &LoadBalance {type: load-balance, interval: 6, lazy: true, url: 'http://detectportal.firefox.com/success.txt', disable-udp: false, strategy: consistent-hashing, timeout: 2000, max-failed-times: 3, hidden: true, include-all-providers: true} 118 | # 锚点 - 规则参数 [每天更新一次订阅规则,更新规则时使用香港策略,] 119 | # RuleProviders: &RuleProviders {type: http, behavior: classical, interval: 86400, format: yaml} 120 | 121 | proxy-groups: 122 | - {name: ✈️ 节点选择, type: select, proxies: [🇨🇳 台湾节点, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点, 📺 省流节点, 👍 高级节点, 🚀 手动切换, 🎯 全球直连]} 123 | - {name: 🐟 漏网之鱼, type: select, proxies: [🎯 全球直连, ✈️ 节点选择, 🇭🇰 香港节点, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点, 📺 省流节点, 👍 高级节点, 🚀 手动切换]} 124 | - {name: 🎮 游戏平台, type: select, proxies: [✈️ 节点选择, 🎯 全球直连, 👍 高级节点, 🎮 游戏节点]} 125 | - {name: 🍎 苹果服务, type: select, proxies: [🎯 全球直连, ✈️ 节点选择, 🇨🇳 台湾节点, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 126 | - {name: 🎞️ 国外媒体, type: select, proxies: [🇭🇰 香港节点, ✈️ 节点选择, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点, 📺 省流节点]} 127 | - {name: 🎬 国内媒体, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 128 | - {name: 🎵 TikTok, type: select, proxies: [🇨🇳 台湾节点, 🇭🇰 香港节点, ✈️ 节点选择, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 129 | - {name: 📈 网络测试, type: select, proxies: [🎯 全球直连, ✈️ 节点选择, 🇭🇰 香港节点, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇰🇷 韩国节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点]} 130 | - {name: 📲 Telegram, type: select, proxies: [ 🇭🇰 香港节点, ✈️ 节点选择, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点 ] } 131 | - {name: 🚀 手动切换, type: select, proxies: [🇨🇳 台湾节点, 🇭🇰 香港节点, 🎯 全球直连, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点, 📺 省流节点, 👍 高级节点, 🎮 游戏节点, ✈️ 机场节点]} 132 | # - {name: 🎥 奈飞视频, type: select, proxies: [🇭🇰 香港节点, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 133 | # - {name: 📽️ 迪士尼+, type: select, proxies: [🇭🇰 香港节点, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 134 | # - {name: 📹 油管视频, type: select, proxies: [✈️ 节点选择, 🇭🇰 香港节点, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 135 | # - {name: 📺 哔哩哔哩, type: select, proxies: [🎯 全球直连, ✈️ 节点选择, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点]} 136 | - {name: 🤖 人工智能, type: select, proxies: [🇨🇳 台湾节点, 🇺🇸 美国节点, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, ✈️ 节点选择]} 137 | - {name: 🧲 PT下载, type: select, proxies: [🎯 全球直连, 🇭🇰 香港节点, ✈️ 节点选择, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 138 | # - {name: Ⓜ️ 微软云盘, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 139 | - {name: Ⓜ️ 微软服务, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 140 | - {name: 🛒 亚马逊, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 141 | # - {name: 📢 谷歌中国, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 142 | # - {name: ☁️ Cloudflare, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 143 | # - {name: 🖥️ 直连软件, type: select, proxies: [🎯 全球直连]} 144 | # - {name: 🔒 私有网络, type: select, proxies: [🎯 全球直连]} 145 | - {name: 🎯 全球直连, type: select, proxies: [DIRECT]} 146 | # - {name: ⛔ 禁止代理, type: select, proxies: [🎯 全球直连]} 147 | # - {name: ✅ 允许代理, type: select, proxies: [✈️ 节点选择]} 148 | - {name: 📺 省流节点, <<: *UrlTest, filter: "(0.[1-5]|低倍率|省流|大流量)"} 149 | - {name: 👍 高级节点, <<: *UrlTest, filter: "(专线|专用|高级|直连|急速|高倍率|游戏|game|Game|GAME|IEPL|IPLC|AIA|CTM|CC|iepl|iplc|aia|ctm|cc|AC)"} 150 | - {name: 🎮 游戏节点, <<: *UrlTest, filter: "^(?=.*((?i)游戏|🎮|(\b(GAME)\b)))(?!.*((?i)回国|校园)).*$"} 151 | - {name: 🇭🇰 香港节点, <<: *UrlTest, filter: "(?i)港|hk|hongkong|hong kong"} 152 | - {name: 🇨🇳 台湾节点, <<: *UrlTest, filter: "(?i)台|tw|taiwan"} 153 | - {name: 🇯🇵 日本节点, <<: *UrlTest, filter: "(?i)日本|jp|japan"} 154 | - {name: 🇸🇬 新加坡节点, <<: *UrlTest, filter: "(?i)新|sg|singapore"} 155 | - {name: 🇺🇸 美国节点, <<: *UrlTest, filter: "(?i)美|us|unitedstates|united states"} 156 | - {name: 🇰🇷 韩国节点, <<: *UrlTest, filter: "(?i)韩|kr|korea"} 157 | - {name: ✈️ 机场节点, type: select, include-all-providers: true, filter: *FilterAll} 158 | # - {name: 🇹🇭 泰国节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)泰|th|thailand"} 159 | # - {name: 🇩🇪 德国节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)德|de|germany"} 160 | # - {name: 🇬🇧 英国节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)英|uk|united kingdom"} 161 | # - {name: 🇨🇦 加拿大节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)加拿大|ca|canada"} 162 | # - {name: 🇦🇺 澳大利亚节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)澳大利亚|au|australia"} 163 | # - {name: 🇲🇾 马来西亚节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)马来西亚|my|malaysia"} 164 | # - {name: 🇮🇳 印度节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)印度|in|india"} 165 | # - {name: 🇹🇷 土耳其节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)土耳其|tr|turkey"} 166 | # - {name: 🇦🇷 阿根廷节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)阿根廷|ar|argentina"} 167 | 168 | rule-providers: 169 | SteamCN: {type: http, behavior: classical, format: text, path: ./RuleSet/SteamCN.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Clash/SteamCN/SteamCN.list", interval: 21600, proxy: 🇭🇰 香港节点} 170 | # 自定义的两个分组看自己需求修改 171 | Myself_Direct: {type: http, behavior: classical, format: text, path: ./RuleSet/Myself_Direct.list, url: "https://raw.githubusercontent.com/baozaodetudou/singbox/refs/heads/main/mihomo/direct.list", interval: 21600, proxy: 🇭🇰 香港节点} 172 | Myself_Proxy: {type: http, behavior: classical, format: text, path: ./RuleSet/Myself_Proxy.list, url: "https://raw.githubusercontent.com/baozaodetudou/singbox/refs/heads/main/mihomo/proxy.list", interval: 21600, proxy: 🇭🇰 香港节点} 173 | # Tailscale-Derp: {type: http, behavior: classical, format: text, path: ./RuleSet/Tailscale-Derp.list, url: "**自定义", interval: 21600} 174 | Private: {type: http, behavior: classical, format: text, path: ./RuleSet/Lan.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Lan/Lan.list", interval: 21600, proxy: 🇭🇰 香港节点} 175 | Direct: {type: http, behavior: classical, format: text, path: ./RuleSet/Direct.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Direct/Direct.list", interval: 21600, proxy: 🇭🇰 香港节点} 176 | PT: {type: http, behavior: classical, format: text, path: ./RuleSet/PT.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Clash/PrivateTracker/PrivateTracker.list", interval: 21600, proxy: 🇭🇰 香港节点} 177 | # Applications: {type: http, behavior: classical, format: text, path: ./RuleSet/Applications.list, url: "https://cdn.jsdelivr.net/gh/DustinWin/ruleset_geodata@clash-ruleset/applications.list", interval: 21600, proxy: 🇭🇰 香港节点} 178 | Speedtest: {type: http, behavior: classical, format: text, path: ./RuleSet/Speedtest.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Clash/Speedtest/Speedtest.list", interval: 21600, proxy: 🇭🇰 香港节点} 179 | Apple: {type: http, behavior: classical, format: text, path: ./RuleSet/Apple.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Apple/Apple.list", interval: 21600, proxy: 🇭🇰 香港节点} 180 | OpenAI: {type: http, behavior: classical, format: text, path: ./RuleSet/OpenAI.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/OpenAI/OpenAI.list", interval: 21600, proxy: 🇭🇰 香港节点} 181 | Bing: {type: http, behavior: classical, format: text, path: ./RuleSet/Bing.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Bing/Bing.list", interval: 21600, proxy: 🇭🇰 香港节点} 182 | Gemini: {type: http, behavior: classical, format: text, path: ./RuleSet/Gemini.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Gemini/Gemini.list", interval: 21600, proxy: 🇭🇰 香港节点} 183 | Claude: {type: http, behavior: classical, format: text, path: ./RuleSet/Claude.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Claude/Claude.list", interval: 21600, proxy: 🇭🇰 香港节点} 184 | Copilot: {type: http, behavior: classical, format: text, path: ./RuleSet/Copilot.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Clash/Copilot/Copilot.list", interval: 21600, proxy: 🇭🇰 香港节点} 185 | AmazonCN: {type: http, behavior: classical, format: text, path: ./RuleSet/AmazonCN.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/AmazonCN/AmazonCN.list", interval: 21600, proxy: 🇭🇰 香港节点} 186 | # Cloudflarecn: {type: http, behavior: classical, format: text, path: ./RuleSet/Cloudflarecn.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Cloudflarecn/Cloudflarecn.list", interval: 21600} 187 | # GoogleCN: {type: http, behavior: classical, format: text, path: ./RuleSet/GoogleCN.list, url: "https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/GoogleCN.list", interval: 21600} 188 | # OneDrive: {type: http, behavior: classical, format: text, path: ./RuleSet/OneDrive.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/OneDrive/OneDrive.list", interval: 21600} 189 | Microsoft: {type: http, behavior: classical, format: text, path: ./RuleSet/Microsoft.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Microsoft/Microsoft.list", interval: 21600, proxy: 🇭🇰 香港节点} 190 | Amazon: {type: http, behavior: classical, format: text, path: ./RuleSet/Amazon.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Amazon/Amazon.list", interval: 21600, proxy: 🇭🇰 香港节点} 191 | Telegram: {type: http, behavior: classical, format: text, path: ./RuleSet/Telegram.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Telegram/Telegram.list", interval: 21600, proxy: 🇭🇰 香港节点} 192 | Epic: {type: http, behavior: classical, format: text, path: ./RuleSet/Epic.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Epic/Epic.list", interval: 21600, proxy: 🇭🇰 香港节点} 193 | Sony: {type: http, behavior: classical, format: text, path: ./RuleSet/Sony.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Sony/Sony.list", interval: 21600, proxy: 🇭🇰 香港节点} 194 | Steam: {type: http, behavior: classical, format: text, path: ./RuleSet/Steam.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Steam/Steam.list", interval: 21600, proxy: 🇭🇰 香港节点} 195 | Nintendo: {type: http, behavior: classical, format: text, path: ./RuleSet/Nintendo.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Nintendo/Nintendo.list", interval: 21600, proxy: 🇭🇰 香港节点} 196 | # Cloudflare: {type: http, behavior: classical, format: text, path: ./RuleSet/Cloudflare.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Cloudflare/Cloudflare.list", interval: 21600} 197 | # YouTube: {type: http, behavior: classical, format: text, path: ./RuleSet/YouTube.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/YouTube/YouTube.list", interval: 21600} 198 | # Netflix: {type: http, behavior: classical, format: text, path: ./RuleSet/Netflix.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Netflix/Netflix.list", interval: 21600} 199 | # Disney: {type: http, behavior: classical, format: text, path: ./RuleSet/Disney.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Disney/Disney.list", interval: 21600} 200 | # BiliBili: {type: http, behavior: classical, format: text, path: ./RuleSet/BiliBili.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/BiliBili/BiliBili.list", interval: 21600} 201 | ChinaMedia: {type: http, behavior: classical, format: text, path: ./RuleSet/ChinaMedia.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/ChinaMedia/ChinaMedia.list", interval: 21600, proxy: 🇭🇰 香港节点} 202 | TikTok: {type: http, behavior: classical, format: text, path: ./RuleSet/TikTok.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/TikTok/TikTok.list", interval: 21600, proxy: 🇭🇰 香港节点} 203 | GlobalMedia: {type: http, behavior: classical, format: text, path: ./RuleSet/GlobalMedia.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/GlobalMedia/GlobalMedia.list", interval: 21600, proxy: 🇭🇰 香港节点} 204 | Docker: {type: http, behavior: classical, format: text, path: ./RuleSet/Docker.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Docker/Docker.list", interval: 21600, proxy: 🇭🇰 香港节点} 205 | GitHub: {type: http, behavior: classical, format: text, path: ./RuleSet/GitHub.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/GitHub/GitHub.list", interval: 21600, proxy: 🇭🇰 香港节点} 206 | Proxy: {type: http, behavior: classical, format: text, path: ./RuleSet/Proxy.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Proxy/Proxy.list", interval: 21600, proxy: 🇭🇰 香港节点} 207 | ChinaMaxNoIP: {type: http, behavior: classical, format: text, path: ./RuleSet/ChinaMax.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/ChinaMaxNoIP/ChinaMaxNoIP.list", interval: 21600, proxy: 🇭🇰 香港节点} 208 | # ChinaASN: {type: http, behavior: classical, format: text, path: ./RuleSet/ChinaASN.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/ChinaASN/ChinaASN_Resolve.list", interval: 21600, proxy: 🇭🇰 香港节点} 209 | 210 | rules: 211 | - DOMAIN-SUFFIX,dnsany.com,🎯 全球直连 212 | - DOMAIN-SUFFIX,cmvideo.cn,🎯 全球直连 213 | - DOMAIN-SUFFIX,chinamobile.com,🎯 全球直连 214 | - DOMAIN-SUFFIX,mobaibox.com,🎯 全球直连 215 | - DOMAIN-SUFFIX,gitv.tv,🎯 全球直连 216 | - DOMAIN-SUFFIX,cctv.cn,🎯 全球直连 217 | - DOMAIN-SUFFIX,yangshipin.cn,🎯 全球直连 218 | - IP-CIDR,183.206.0.0/15,🎯 全球直连,no-resolve 219 | - IP-CIDR,8.8.8.8/32,✈️ 节点选择 220 | - IP-CIDR,1.1.1.1/32,✈️ 节点选择 221 | - RULE-SET,SteamCN,🎯 全球直连 222 | # 自行测试当地是否能够直连,不能直连删掉下面这行 223 | # - DOMAIN,beesport.livednow.com,🎯 全球直连 224 | - RULE-SET,Myself_Direct,🎯 全球直连 225 | - RULE-SET,Myself_Proxy,✈️ 节点选择 226 | - RULE-SET,SteamCN,🎯 全球直连 227 | - RULE-SET,Private,🎯 全球直连 228 | - RULE-SET,Direct,🎯 全球直连 229 | - RULE-SET,PT,🧲 PT下载 230 | # - RULE-SET,Applications,🖥️ 直连软件 231 | - RULE-SET,Speedtest,📈 网络测试 232 | - RULE-SET,Apple,🍎 苹果服务 233 | - RULE-SET,OpenAI,🤖 人工智能 234 | # - RULE-SET,Bing,🤖 人工智能 235 | - RULE-SET,Gemini,🤖 人工智能 236 | - RULE-SET,Claude,🤖 人工智能 237 | - RULE-SET,Copilot,🤖 人工智能 238 | - RULE-SET,AmazonCN,🎯 全球直连 239 | - RULE-SET,Microsoft,Ⓜ️ 微软服务 240 | - RULE-SET,Amazon,🛒 亚马逊 241 | - RULE-SET,Telegram,📲 Telegram 242 | - RULE-SET,Epic,🎮 游戏平台 243 | - RULE-SET,Sony,🎮 游戏平台 244 | - RULE-SET,Steam,🎮 游戏平台 245 | - RULE-SET,Nintendo,🎮 游戏平台 246 | # - RULE-SET,YouTube,📹 油管视频 247 | # - RULE-SET,Netflix,🎥 奈飞视频 248 | # - RULE-SET,Disney,📽️ 迪士尼+ 249 | # - RULE-SET,BiliBili,📺 哔哩哔哩 250 | - RULE-SET,ChinaMedia,🎬 国内媒体 251 | - RULE-SET,TikTok,🎵 TikTok 252 | - RULE-SET,GlobalMedia,🎞️ 国外媒体 253 | - RULE-SET,Docker,✈️ 节点选择 254 | - RULE-SET,GitHub,✈️ 节点选择 255 | - RULE-SET,Proxy,✈️ 节点选择 256 | - RULE-SET,ChinaMaxNoIP,🎯 全球直连 257 | # - RULE-SET,ChinaASN,🎯 全球直连 258 | - GEOIP,CN,🎯 全球直连 259 | - MATCH,🐟 漏网之鱼 -------------------------------------------------------------------------------- /mssb/mihomo/phone_config.yaml: -------------------------------------------------------------------------------- 1 | ## ----全局配置------ 2 | # 手机端使用配置不同 3 | 4 | # 运行模式 5 | mode: rule 6 | # 日志级别 7 | log-level: info 8 | # 统一延迟 9 | unified-delay: true 10 | # TCP 并发 11 | tcp-concurrent: true 12 | # v6设置 13 | ipv6: true 14 | # udp设置 15 | udp: true 16 | # 端口相关设置 17 | # HTTP 代理端口 用于传统的 HTTP 代理 18 | port: 7890 19 | # SOCKS5 代理端口 20 | socks-port: 7891 21 | # 混合端口 HTTP + SOCKS5 22 | # 启用后,这个端口同时支持 HTTP 和 SOCKS5 协议 23 | mixed-port: 7892 24 | # Redirect 模式端口 用于 Linux 下 iptables 的 TUN/透明代理 25 | redir-port: 7893 26 | # TPROXY 模式端口 Transparent Proxy 不要修改脚本需要通过这个端口进行转发 27 | # 也用于透明代理,但相比 redir-port,TPROXY 可以保留原始源地址 28 | tproxy-port: 7896 29 | # 是否启用 新一代 GEO 数据 geoip、geosite 模式 30 | geodata-mode: true 31 | # GEO 数据加载方式: 32 | # 33 | # standard 使用官方推荐的稳定数据格式 配合 geosite.dat, geoip.dat 34 | # 35 | # lite 更轻量,数据更小 裁剪版 36 | # 37 | # mmdb 兼容传统 Clash 的 Country.mmdb 38 | geodata-loader: standard 39 | # 是否自动更新 geo 数据 40 | geo-auto-update: true 41 | # 每 24 小时更新一次 42 | geo-update-interval: 24 43 | # 匹配进程 always/strict/off 流量进程识别 44 | find-process-mode: strict 45 | # 指纹伪装 46 | global-client-fingerprint: chrome 47 | # "*" 表示监听所有网卡(包括外网 IP、局域网 IP) 48 | bind-address: "*" 49 | # 是否允许 LAN 内其他设备连接代理 50 | allow-lan: true 51 | # 高级路由标记 52 | routing-mark: 1 53 | 54 | # 控制面板 55 | external-controller: :9090 56 | external-ui: /mssb/mihomo/ui 57 | external-ui-url: 'https://github.com/Zephyruso/zashboard/archive/refs/heads/gh-pages.zip' 58 | 59 | geox-url: 60 | # geoip: 'https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/geoip.dat' 61 | # geosite: 'https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/geosite.dat' 62 | geoip: "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geoip.dat" 63 | geosite: "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geosite.dat" 64 | mmdb: 'https://gitlab.com/Masaiki/GeoIP2-CN/-/raw/release/Country.mmdb' 65 | asn: 'https://gitlab.com/Loon0x00/loon_data/-/raw/main/geo/GeoLite2-ASN.mmdb' 66 | 67 | profile: 68 | store-selected: true 69 | store-fake-ip: true 70 | 71 | # # 流量嗅探 72 | # 流量嗅探 73 | sniffer: 74 | enable: true 75 | sniff: 76 | HTTP: 77 | ports: [80, 8080-8880] 78 | override-destination: true 79 | TLS: 80 | ports: [443, 8443] 81 | QUIC: 82 | ports: [443, 8443] 83 | force-domain: 84 | - +.v2ex.com 85 | skip-domain: 86 | - "dlg.io.mi.com" 87 | - "+.push.apple.com" 88 | - "+.apple.com" 89 | 90 | #代理模式 91 | tun: 92 | enable: true 93 | stack: mixed 94 | mtu: 9000 95 | dns-hijack: 96 | - "198.18.0.2:53" 97 | auto-route: true 98 | auto-redirect: true 99 | auto-detect-interface: true 100 | 101 | dns: 102 | enable: true 103 | # 默认端口也不能修改 104 | listen: 0.0.0.0:53 105 | ipv6: true 106 | enhanced-mode: redir-host 107 | # 这个也不能修改和mosdns联动的 108 | fake-ip-range: 28.0.0.1/8 109 | fake-ip-filter: 110 | - "*" 111 | - +.lan 112 | default-nameserver: 113 | - 223.5.5.5 114 | - 119.29.29.249 115 | nameserver: 116 | - 223.5.5.5 117 | - 119.29.29.249 118 | - https://223.5.5.5/resolve 119 | - https://doh.pub/dns-query 120 | - https://dns.alidns.com/dns-query 121 | fallback: 122 | - 'https://doh.dns.sb/dns-query' 123 | - 'https://dns.cloudflare.com/dns-query' 124 | - 'https://dns.twnic.tw/dns-query' 125 | - 'tls://1.1.1.1:853' 126 | fallback-filter: 127 | geoip: true 128 | 129 | 130 | # 锚点 - 节点订阅的参数 [每小时更新一次订阅节点,每 6 秒一次健康检查] 131 | NodeParam: &NodeParam {type: http, interval: 3600, health-check: {enable: true, url: 'http://detectportal.firefox.com/success.txt', interval: 6}} 132 | 133 | # 锚点 - 节点订阅 134 | proxy-providers: 135 | 机场名称1: 136 | url: '机场订阅' 137 | <<: *NodeParam 138 | path: './proxy_providers/sub.yaml' 139 | 140 | # 锚点 - 节点筛选组 141 | FilterAll: &FilterAll '^(?=.*(.))(?!.*((?i)群|邀请|返利|循环|官网|客服|网站|网址|获取|订阅|流量|到期|机场|下次|版本|官址|备用|过期|已用|联系|邮箱|工单|贩卖|通知|倒卖|防止|国内|地址|频道|无法|说明|使用|提示|特别|访问|支持|教程|关注|更新|作者|加入|(\b(USE|USED|TOTAL|EXPIRE|EMAIL|Panel|Channel|Author)\b|(\d{4}-\d{2}-\d{2}|\d+G)))).*$' 142 | 143 | # 策略组参数锚点 144 | # 锚点 - 时延优选参数 [每 30 秒一次惰性健康检查,容差 20ms,时延超过 2 秒判定为失败,失败 3 次则自动触发健康检查] 145 | UrlTest: &UrlTest {type: url-test, interval: 30, tolerance: 20, lazy: true, url: 'http://detectportal.firefox.com/success.txt', disable-udp: false, timeout: 2000, max-failed-times: 3, hidden: true, include-all-providers: true} 146 | # 锚点 - 故障转移参数 [每 6 秒一次惰性健康检查,时延超过 2 秒判定为失败,失败 3 次则自动触发健康检查] 147 | # FallBack: &FallBack {type: fallback, interval: 6, lazy: true, url: 'http://detectportal.firefox.com/success.txt', disable-udp: false, timeout: 2000, max-failed-times: 3, hidden: true, include-all-providers: true} 148 | # 锚点 - 负载均衡参数 [每 6 秒一次惰性健康检查,时延超过 2 秒判定为失败,失败 3 次则自动触发健康检查] 149 | # LoadBalance: &LoadBalance {type: load-balance, interval: 6, lazy: true, url: 'http://detectportal.firefox.com/success.txt', disable-udp: false, strategy: consistent-hashing, timeout: 2000, max-failed-times: 3, hidden: true, include-all-providers: true} 150 | # 锚点 - 规则参数 [每天更新一次订阅规则,更新规则时使用香港策略,] 151 | # RuleProviders: &RuleProviders {type: http, behavior: classical, interval: 86400, format: yaml} 152 | 153 | 154 | proxies: 155 | - name: "wg_home" 156 | type: wireguard 157 | private-key: eCtXsJZ27+4PbhDkHnB923tkUn2Gj59wZw5wFA75MnU= 158 | server: 162.159.192.1 159 | port: 2480 160 | ip: 172.16.0.2 161 | # ipv6: 可选,如果你使用 IPv6,可以加上 162 | ipv6: fd01:5ca1:ab1e:80fa:ab85:6eea:213f:f4a5 163 | public-key: Cr8hWlKvtDt7nrvf+f0brNQQzabAqrjfBvas9pmowjo= 164 | allowed-ips: ["0.0.0.0/0", "::/0"] 165 | mtu: 1420 166 | udp: true 167 | # dialer-proxy: "ss1" # 一个出站代理的标识。当值不为空时,将使用指定的 proxy/proxy-group 发出连接 168 | # remote-dns-resolve: true # 强制dns远程解析,默认值为false 169 | # dns: [ 1.1.1.1, 8.8.8.8 ] # 仅在remote-dns-resolve为true时生效 170 | # 如果存在则开启AmneziaWG功能 171 | # amnezia-wg-option: 172 | # jc: 5 173 | # jmin: 500 174 | # jmax: 501 175 | # s1: 30 176 | # s2: 40 177 | # h1: 123456 178 | # h2: 67543 179 | # h4: 32345 180 | # h3: 123123 181 | 182 | proxy-groups: 183 | - {name: ✈️ 节点选择, type: select, proxies: [🇨🇳 台湾节点, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点, 📺 省流节点, 👍 高级节点, 🚀 手动切换, 🎯 全球直连]} 184 | - {name: 🐟 漏网之鱼, type: select, proxies: [🎯 全球直连, ✈️ 节点选择, 🇭🇰 香港节点, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点, 📺 省流节点, 👍 高级节点, 🚀 手动切换]} 185 | - {name: 🎮 游戏平台, type: select, proxies: [✈️ 节点选择, 🎯 全球直连, 👍 高级节点, 🎮 游戏节点]} 186 | - {name: 🍎 苹果服务, type: select, proxies: [🎯 全球直连, ✈️ 节点选择, 🇨🇳 台湾节点, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 187 | - {name: 🎞️ 国外媒体, type: select, proxies: [🇭🇰 香港节点, ✈️ 节点选择, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点, 📺 省流节点]} 188 | - {name: 🎬 国内媒体, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 189 | - {name: 🎵 TikTok, type: select, proxies: [🇨🇳 台湾节点, 🇭🇰 香港节点, ✈️ 节点选择, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 190 | - {name: 📈 网络测试, type: select, proxies: [🎯 全球直连, ✈️ 节点选择, 🇭🇰 香港节点, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇰🇷 韩国节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点]} 191 | - {name: 📲 Telegram, type: select, proxies: [ 🇭🇰 香港节点, ✈️ 节点选择, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点 ] } 192 | - {name: 🚀 手动切换, type: select, proxies: [🇨🇳 台湾节点, 🇭🇰 香港节点, 🎯 全球直连, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点, 📺 省流节点, 👍 高级节点, 🎮 游戏节点, ✈️ 机场节点]} 193 | # - {name: 🎥 奈飞视频, type: select, proxies: [🇭🇰 香港节点, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 194 | # - {name: 📽️ 迪士尼+, type: select, proxies: [🇭🇰 香港节点, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 195 | # - {name: 📹 油管视频, type: select, proxies: [✈️ 节点选择, 🇭🇰 香港节点, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 196 | # - {name: 📺 哔哩哔哩, type: select, proxies: [🎯 全球直连, ✈️ 节点选择, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点]} 197 | - {name: 🤖 人工智能, type: select, proxies: [🇨🇳 台湾节点, 🇺🇸 美国节点, 🇭🇰 香港节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, ✈️ 节点选择]} 198 | - {name: 🧲 PT下载, type: select, proxies: [🎯 全球直连, 🇭🇰 香港节点, ✈️ 节点选择, 🇨🇳 台湾节点, 🇯🇵 日本节点, 🇸🇬 新加坡节点, 🇺🇸 美国节点, 🇰🇷 韩国节点]} 199 | # - {name: Ⓜ️ 微软云盘, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 200 | - {name: Ⓜ️ 微软服务, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 201 | - {name: 🛒 亚马逊, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 202 | # - {name: 📢 谷歌中国, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 203 | # - {name: ☁️ Cloudflare, type: select, proxies: [🎯 全球直连, ✈️ 节点选择]} 204 | # - {name: 🖥️ 直连软件, type: select, proxies: [🎯 全球直连]} 205 | # - {name: 🔒 私有网络, type: select, proxies: [🎯 全球直连]} 206 | - {name: 🎯 全球直连, type: select, proxies: [DIRECT]} 207 | # - {name: ⛔ 禁止代理, type: select, proxies: [🎯 全球直连]} 208 | # - {name: ✅ 允许代理, type: select, proxies: [✈️ 节点选择]} 209 | - {name: 📺 省流节点, <<: *UrlTest, filter: "(0.[1-5]|低倍率|省流|大流量)"} 210 | - {name: 👍 高级节点, <<: *UrlTest, filter: "(专线|专用|高级|直连|急速|高倍率|游戏|game|Game|GAME|IEPL|IPLC|AIA|CTM|CC|iepl|iplc|aia|ctm|cc|AC)"} 211 | - {name: 🎮 游戏节点, <<: *UrlTest, filter: "^(?=.*((?i)游戏|🎮|(\b(GAME)\b)))(?!.*((?i)回国|校园)).*$"} 212 | - {name: 🇭🇰 香港节点, <<: *UrlTest, filter: "(?i)港|hk|hongkong|hong kong"} 213 | - {name: 🇨🇳 台湾节点, <<: *UrlTest, filter: "(?i)台|tw|taiwan"} 214 | - {name: 🇯🇵 日本节点, <<: *UrlTest, filter: "(?i)日本|jp|japan"} 215 | - {name: 🇸🇬 新加坡节点, <<: *UrlTest, filter: "(?i)新|sg|singapore"} 216 | - {name: 🇺🇸 美国节点, <<: *UrlTest, filter: "(?i)美|us|unitedstates|united states"} 217 | - {name: 🇰🇷 韩国节点, <<: *UrlTest, filter: "(?i)韩|kr|korea"} 218 | - {name: ✈️ 机场节点, type: select, include-all-providers: true, filter: *FilterAll} 219 | # - {name: 🇹🇭 泰国节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)泰|th|thailand"} 220 | # - {name: 🇩🇪 德国节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)德|de|germany"} 221 | # - {name: 🇬🇧 英国节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)英|uk|united kingdom"} 222 | # - {name: 🇨🇦 加拿大节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)加拿大|ca|canada"} 223 | # - {name: 🇦🇺 澳大利亚节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)澳大利亚|au|australia"} 224 | # - {name: 🇲🇾 马来西亚节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)马来西亚|my|malaysia"} 225 | # - {name: 🇮🇳 印度节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)印度|in|india"} 226 | # - {name: 🇹🇷 土耳其节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)土耳其|tr|turkey"} 227 | # - {name: 🇦🇷 阿根廷节点, <<: *UrlTest, tolerance: 100, lazy: true, include-all-providers: true, filter: "(?i)阿根廷|ar|argentina"} 228 | 229 | rule-providers: 230 | SteamCN: {type: http, behavior: classical, format: text, path: ./RuleSet/SteamCN.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Clash/SteamCN/SteamCN.list", interval: 21600, proxy: 🇭🇰 香港节点} 231 | # 自定义的两个分组看自己需求修改 232 | Myself_Direct: {type: http, behavior: classical, format: text, path: ./RuleSet/Myself_Direct.list, url: "https://raw.githubusercontent.com/baozaodetudou/singbox/refs/heads/main/mihomo/direct.list", interval: 21600, proxy: 🇭🇰 香港节点} 233 | Myself_Proxy: {type: http, behavior: classical, format: text, path: ./RuleSet/Myself_Proxy.list, url: "https://raw.githubusercontent.com/baozaodetudou/singbox/refs/heads/main/mihomo/proxy.list", interval: 21600, proxy: 🇭🇰 香港节点} 234 | # Tailscale-Derp: {type: http, behavior: classical, format: text, path: ./RuleSet/Tailscale-Derp.list, url: "**自定义", interval: 21600} 235 | Private: {type: http, behavior: classical, format: text, path: ./RuleSet/Lan.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Lan/Lan.list", interval: 21600, proxy: 🇭🇰 香港节点} 236 | Direct: {type: http, behavior: classical, format: text, path: ./RuleSet/Direct.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Direct/Direct.list", interval: 21600, proxy: 🇭🇰 香港节点} 237 | PT: {type: http, behavior: classical, format: text, path: ./RuleSet/PT.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Clash/PrivateTracker/PrivateTracker.list", interval: 21600, proxy: 🇭🇰 香港节点} 238 | # Applications: {type: http, behavior: classical, format: text, path: ./RuleSet/Applications.list, url: "https://cdn.jsdelivr.net/gh/DustinWin/ruleset_geodata@clash-ruleset/applications.list", interval: 21600, proxy: 🇭🇰 香港节点} 239 | Speedtest: {type: http, behavior: classical, format: text, path: ./RuleSet/Speedtest.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Clash/Speedtest/Speedtest.list", interval: 21600, proxy: 🇭🇰 香港节点} 240 | Apple: {type: http, behavior: classical, format: text, path: ./RuleSet/Apple.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Apple/Apple.list", interval: 21600, proxy: 🇭🇰 香港节点} 241 | OpenAI: {type: http, behavior: classical, format: text, path: ./RuleSet/OpenAI.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/OpenAI/OpenAI.list", interval: 21600, proxy: 🇭🇰 香港节点} 242 | Bing: {type: http, behavior: classical, format: text, path: ./RuleSet/Bing.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Bing/Bing.list", interval: 21600, proxy: 🇭🇰 香港节点} 243 | Gemini: {type: http, behavior: classical, format: text, path: ./RuleSet/Gemini.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Gemini/Gemini.list", interval: 21600, proxy: 🇭🇰 香港节点} 244 | Claude: {type: http, behavior: classical, format: text, path: ./RuleSet/Claude.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Claude/Claude.list", interval: 21600, proxy: 🇭🇰 香港节点} 245 | Copilot: {type: http, behavior: classical, format: text, path: ./RuleSet/Copilot.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Clash/Copilot/Copilot.list", interval: 21600, proxy: 🇭🇰 香港节点} 246 | AmazonCN: {type: http, behavior: classical, format: text, path: ./RuleSet/AmazonCN.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/AmazonCN/AmazonCN.list", interval: 21600, proxy: 🇭🇰 香港节点} 247 | # Cloudflarecn: {type: http, behavior: classical, format: text, path: ./RuleSet/Cloudflarecn.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Cloudflarecn/Cloudflarecn.list", interval: 21600} 248 | # GoogleCN: {type: http, behavior: classical, format: text, path: ./RuleSet/GoogleCN.list, url: "https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/GoogleCN.list", interval: 21600} 249 | # OneDrive: {type: http, behavior: classical, format: text, path: ./RuleSet/OneDrive.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/OneDrive/OneDrive.list", interval: 21600} 250 | Microsoft: {type: http, behavior: classical, format: text, path: ./RuleSet/Microsoft.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Microsoft/Microsoft.list", interval: 21600, proxy: 🇭🇰 香港节点} 251 | Amazon: {type: http, behavior: classical, format: text, path: ./RuleSet/Amazon.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Amazon/Amazon.list", interval: 21600, proxy: 🇭🇰 香港节点} 252 | Telegram: {type: http, behavior: classical, format: text, path: ./RuleSet/Telegram.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Telegram/Telegram.list", interval: 21600, proxy: 🇭🇰 香港节点} 253 | Epic: {type: http, behavior: classical, format: text, path: ./RuleSet/Epic.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Epic/Epic.list", interval: 21600, proxy: 🇭🇰 香港节点} 254 | Sony: {type: http, behavior: classical, format: text, path: ./RuleSet/Sony.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Sony/Sony.list", interval: 21600, proxy: 🇭🇰 香港节点} 255 | Steam: {type: http, behavior: classical, format: text, path: ./RuleSet/Steam.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Steam/Steam.list", interval: 21600, proxy: 🇭🇰 香港节点} 256 | Nintendo: {type: http, behavior: classical, format: text, path: ./RuleSet/Nintendo.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Nintendo/Nintendo.list", interval: 21600, proxy: 🇭🇰 香港节点} 257 | # Cloudflare: {type: http, behavior: classical, format: text, path: ./RuleSet/Cloudflare.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Cloudflare/Cloudflare.list", interval: 21600} 258 | # YouTube: {type: http, behavior: classical, format: text, path: ./RuleSet/YouTube.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/YouTube/YouTube.list", interval: 21600} 259 | # Netflix: {type: http, behavior: classical, format: text, path: ./RuleSet/Netflix.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Netflix/Netflix.list", interval: 21600} 260 | # Disney: {type: http, behavior: classical, format: text, path: ./RuleSet/Disney.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Disney/Disney.list", interval: 21600} 261 | # BiliBili: {type: http, behavior: classical, format: text, path: ./RuleSet/BiliBili.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/BiliBili/BiliBili.list", interval: 21600} 262 | ChinaMedia: {type: http, behavior: classical, format: text, path: ./RuleSet/ChinaMedia.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/ChinaMedia/ChinaMedia.list", interval: 21600, proxy: 🇭🇰 香港节点} 263 | TikTok: {type: http, behavior: classical, format: text, path: ./RuleSet/TikTok.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/TikTok/TikTok.list", interval: 21600, proxy: 🇭🇰 香港节点} 264 | GlobalMedia: {type: http, behavior: classical, format: text, path: ./RuleSet/GlobalMedia.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/GlobalMedia/GlobalMedia.list", interval: 21600, proxy: 🇭🇰 香港节点} 265 | Docker: {type: http, behavior: classical, format: text, path: ./RuleSet/Docker.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Docker/Docker.list", interval: 21600, proxy: 🇭🇰 香港节点} 266 | GitHub: {type: http, behavior: classical, format: text, path: ./RuleSet/GitHub.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/GitHub/GitHub.list", interval: 21600, proxy: 🇭🇰 香港节点} 267 | Proxy: {type: http, behavior: classical, format: text, path: ./RuleSet/Proxy.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Proxy/Proxy.list", interval: 21600, proxy: 🇭🇰 香港节点} 268 | ChinaMaxNoIP: {type: http, behavior: classical, format: text, path: ./RuleSet/ChinaMax.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/ChinaMaxNoIP/ChinaMaxNoIP.list", interval: 21600, proxy: 🇭🇰 香港节点} 269 | # ChinaASN: {type: http, behavior: classical, format: text, path: ./RuleSet/ChinaASN.list, url: "https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/ChinaASN/ChinaASN_Resolve.list", interval: 21600, proxy: 🇭🇰 香港节点} 270 | 271 | rules: 272 | - DOMAIN-SUFFIX,dnsany.com,🎯 全球直连 273 | - DOMAIN-SUFFIX,cmvideo.cn,🎯 全球直连 274 | - DOMAIN-SUFFIX,chinamobile.com,🎯 全球直连 275 | - DOMAIN-SUFFIX,mobaibox.com,🎯 全球直连 276 | - DOMAIN-SUFFIX,gitv.tv,🎯 全球直连 277 | - DOMAIN-SUFFIX,cctv.cn,🎯 全球直连 278 | - DOMAIN-SUFFIX,yangshipin.cn,🎯 全球直连 279 | - IP-CIDR,183.206.0.0/15,🎯 全球直连,no-resolve 280 | - IP-CIDR,8.8.8.8/32,✈️ 节点选择 281 | - IP-CIDR,1.1.1.1/32,✈️ 节点选择 282 | - RULE-SET,SteamCN,🎯 全球直连 283 | # 自行测试当地是否能够直连,不能直连删掉下面这行 284 | # - DOMAIN,beesport.livednow.com,🎯 全球直连 285 | - RULE-SET,Myself_Direct,🎯 全球直连 286 | - RULE-SET,Myself_Proxy,✈️ 节点选择 287 | - RULE-SET,SteamCN,🎯 全球直连 288 | - RULE-SET,Private,🎯 全球直连 289 | - RULE-SET,Direct,🎯 全球直连 290 | - RULE-SET,PT,🧲 PT下载 291 | # - RULE-SET,Applications,🖥️ 直连软件 292 | - RULE-SET,Speedtest,📈 网络测试 293 | - RULE-SET,Apple,🍎 苹果服务 294 | - RULE-SET,OpenAI,🤖 人工智能 295 | # - RULE-SET,Bing,🤖 人工智能 296 | - RULE-SET,Gemini,🤖 人工智能 297 | - RULE-SET,Claude,🤖 人工智能 298 | - RULE-SET,Copilot,🤖 人工智能 299 | - RULE-SET,AmazonCN,🎯 全球直连 300 | - RULE-SET,Microsoft,Ⓜ️ 微软服务 301 | - RULE-SET,Amazon,🛒 亚马逊 302 | - RULE-SET,Telegram,📲 Telegram 303 | - RULE-SET,Epic,🎮 游戏平台 304 | - RULE-SET,Sony,🎮 游戏平台 305 | - RULE-SET,Steam,🎮 游戏平台 306 | - RULE-SET,Nintendo,🎮 游戏平台 307 | # - RULE-SET,YouTube,📹 油管视频 308 | # - RULE-SET,Netflix,🎥 奈飞视频 309 | # - RULE-SET,Disney,📽️ 迪士尼+ 310 | # - RULE-SET,BiliBili,📺 哔哩哔哩 311 | - RULE-SET,ChinaMedia,🎬 国内媒体 312 | - RULE-SET,TikTok,🎵 TikTok 313 | - RULE-SET,GlobalMedia,🎞️ 国外媒体 314 | - RULE-SET,Docker,✈️ 节点选择 315 | - RULE-SET,GitHub,✈️ 节点选择 316 | - RULE-SET,Proxy,✈️ 节点选择 317 | - RULE-SET,ChinaMaxNoIP,🎯 全球直连 318 | # - RULE-SET,ChinaASN,🎯 全球直连 319 | - GEOIP,CN,🎯 全球直连 320 | - MATCH,🐟 漏网之鱼 -------------------------------------------------------------------------------- /mssb/mosdns/config.yaml: -------------------------------------------------------------------------------- 1 | log: 2 | level: error 3 | file: "./mosdns.log" 4 | 5 | api: 6 | http: "0.0.0.0:9099" 7 | 8 | include: [] 9 | 10 | plugins: 11 | #列表外域名访问记录 12 | - tag: my_notinlist 13 | type: domain_output 14 | args: 15 | file_stat: ./gen/notinlist.txt 16 | file_rule: ./gen/notinrule.txt 17 | max_entries: 20 18 | dump_interval: 36000 19 | 20 | #访问过的realip的域名清单和生成规则 21 | - tag: my_realiplist 22 | type: domain_output 23 | args: 24 | file_stat: ./gen/realiplist.txt 25 | file_rule: ./gen/realiprule.txt 26 | max_entries: 1000 27 | dump_interval: 36005 28 | 29 | #访问过的fakeip的域名清单和生成规则 30 | - tag: my_fakeiplist 31 | type: domain_output 32 | args: 33 | file_stat: ./gen/fakeiplist.txt 34 | file_rule: ./gen/fakeiprule.txt 35 | max_entries: 1000 36 | dump_interval: 36010 37 | 38 | #访问过的无v6 ip的域名清单和生成规则 39 | - tag: my_nov6list 40 | type: domain_output 41 | args: 42 | file_stat: ./gen/nov6list.txt 43 | file_rule: ./gen/nov6rule.txt 44 | max_entries: 10 45 | dump_interval: 36020 46 | 47 | #访问过的无v4 v6 ip的域名清单和生成规则 48 | - tag: my_nov4list 49 | type: domain_output 50 | args: 51 | file_stat: ./gen/nov4list.txt 52 | file_rule: ./gen/nov4rule.txt 53 | max_entries: 3 54 | dump_interval: 36030 55 | 56 | #节点域名无v6 ip的域名清单和生成规则 57 | - tag: my_nodenov6list 58 | type: domain_output 59 | args: 60 | file_stat: ./gen/nodenov6list.txt 61 | file_rule: ./gen/nodenov6rule.txt 62 | max_entries: 1000 63 | dump_interval: 36070 64 | 65 | #节点域名无v4 v6 ip的域名清单和生成规则 66 | - tag: my_nodenov4list 67 | type: domain_output 68 | args: 69 | file_stat: ./gen/nodenov4list.txt 70 | file_rule: ./gen/nodenov4rule.txt 71 | max_entries: 2 72 | dump_interval: 36080 73 | 74 | #生成的realip规则 75 | - tag: my_realiprule 76 | type: domain_set 77 | args: 78 | files: 79 | - "./gen/realiprule.txt" 80 | 81 | #生成的fakeip规则 82 | - tag: my_fakeiprule 83 | type: domain_set 84 | args: 85 | files: 86 | - "./gen/fakeiprule.txt" 87 | 88 | #生成的没有v6的域名规则 89 | - tag: my_nov6rule 90 | type: domain_set 91 | args: 92 | files: 93 | - "./gen/nov6rule.txt" 94 | 95 | #生成的没有ip的域名规则 96 | - tag: my_nov4rule 97 | type: domain_set 98 | args: 99 | files: 100 | - "./gen/nov4rule.txt" 101 | 102 | #生成的节点没有v6的域名规则 103 | - tag: my_nodenov6rule 104 | type: domain_set 105 | args: 106 | files: 107 | - "./gen/nodenov6rule.txt" 108 | 109 | #生成的节点没有ip的域名规则 110 | - tag: my_nodenov4rule 111 | type: domain_set 112 | args: 113 | files: 114 | - "./gen/nodenov4rule.txt" 115 | 116 | #过期缓存 117 | - tag: cache_all 118 | type: cache 119 | args: 120 | size: 20000000 121 | lazy_cache_ttl: 259200000 122 | dump_file: ./cache_all.dump 123 | dump_interval: 36000 124 | 125 | #中国域名列表的过期缓存 126 | - tag: cache_cn 127 | type: cache 128 | args: 129 | size: 20000000 130 | lazy_cache_ttl: 259200000 131 | dump_file: ./cache_cn.dump 132 | dump_interval: 36000 133 | 134 | #列表外域名的过期缓存 135 | - tag: cache_google 136 | type: cache 137 | args: 138 | size: 20000000 139 | lazy_cache_ttl: 259200000 140 | dump_file: ./cache_google.dump 141 | dump_interval: 36000 142 | 143 | #节点域名列表的过期缓存 144 | - tag: cache_node 145 | type: cache 146 | args: 147 | size: 20000000 148 | lazy_cache_ttl: 259200000 149 | dump_file: ./cache_node.dump 150 | dump_interval: 36000 151 | 152 | #中国域名列表 153 | - tag: geosite_cn 154 | type: domain_set 155 | args: 156 | files: 157 | - "./unpack/geosite_cn.txt" 158 | 159 | #中国IP列表 160 | - tag: geoip_cn 161 | type: ip_set 162 | args: 163 | files: 164 | - "./unpack/geoip_cn.txt" 165 | 166 | #国外域名列表 167 | - tag: geosite_no_cn 168 | type: domain_set 169 | args: 170 | files: 171 | - "./unpack/geosite_geolocation-!cn.txt" 172 | 173 | #自定义白名单域名列表 174 | - tag: whitelist 175 | type: domain_set 176 | args: 177 | files: 178 | - "./rule/whitelist.txt" 179 | 180 | #屏蔽域名列表 181 | - tag: blocklist 182 | type: domain_set 183 | args: 184 | files: 185 | - "./rule/blocklist.txt" 186 | 187 | #屏蔽V4解析的域名列表 188 | - tag: blocklistv4 189 | type: domain_set 190 | args: 191 | files: 192 | - "./rule/blocklistv4.txt" 193 | 194 | #屏蔽V6解析的域名列表 195 | - tag: blocklistv6 196 | type: domain_set 197 | args: 198 | files: 199 | - "./rule/blocklistv6.txt" 200 | 201 | #国外dns解析realip域名列表 202 | - tag: realiplist 203 | type: domain_set 204 | args: 205 | files: 206 | - "./rule/realiplist.txt" 207 | 208 | #自定义强制代理域名列表 209 | - tag: greylist 210 | type: domain_set 211 | args: 212 | files: 213 | - "./rule/greylist.txt" 214 | 215 | #自定义hosts域名列表 216 | - tag: hosts 217 | type: hosts 218 | args: 219 | files: 220 | - "./rule/hosts.txt" 221 | 222 | #转发dns请求到google dns 223 | - tag: forward_google 224 | type: forward 225 | args: 226 | concurrent: 2 227 | upstreams: 228 | - addr: "https://8.8.8.8/dns-query" 229 | # socks5: "127.0.0.1:7891" 230 | upstream_query_timeout: 1000 231 | - addr: "https://1.1.1.1/dns-query" 232 | # socks5: "127.0.0.1:7891" 233 | 234 | #转发请求到阿里dns 235 | - tag: forward_local 236 | type: forward 237 | args: 238 | concurrent: 3 239 | upstreams: 240 | - addr: "223.5.5.5" 241 | - addr: "quic://223.5.5.5" 242 | - addr: "202.102.128.68" 243 | upstream_query_timeout: 5 244 | 245 | #转发请求至sing-box/mihome dns请求fakeip 246 | - tag: forward_fakeip 247 | type: forward 248 | args: 249 | concurrent: 1 250 | upstreams: 251 | - addr: 127.0.0.1:6666 252 | 253 | #转发国内请求到内部带过期缓存的服务 254 | - tag: forward_local_in 255 | type: forward 256 | args: 257 | concurrent: 1 258 | upstreams: 259 | - addr: "udp://127.0.0.1:2222" 260 | 261 | #国内域名 内部使用 262 | - tag: sequence_local_in 263 | type: sequence 264 | args: 265 | - exec: $cache_cn 266 | - matches: has_resp 267 | exec: accept 268 | - exec: $forward_local 269 | 270 | #转发国外请求到内部带过期缓存的服务 271 | - tag: forward_google_in 272 | type: forward 273 | args: 274 | concurrent: 1 275 | upstreams: 276 | - addr: "udp://127.0.0.1:3333" 277 | 278 | #国内域名 内部使用 279 | - tag: sequence_google_in 280 | type: sequence 281 | args: 282 | - exec: $cache_google 283 | - matches: has_resp 284 | exec: accept 285 | - exec: $forward_google 286 | 287 | #缓存序列-国内域名 288 | - tag: sequence_local 289 | type: sequence 290 | args: 291 | - exec: drop_resp #丢弃用于标记的blackhole ip 292 | - exec: $forward_local_in 293 | 294 | #缓存序列-国内域名 295 | - tag: sequence_fakeip 296 | type: sequence 297 | args: 298 | - exec: drop_resp #丢弃用于标记的blackhole ip 299 | - matches: "!client_ip &./proxy-device-list.txt" 300 | exec: $forward_local_in 301 | - matches: "client_ip &./proxy-device-list.txt" 302 | exec: $forward_fakeip 303 | 304 | #缓存序列-列表外域名 305 | - tag: sequence_google 306 | type: sequence 307 | args: 308 | - exec: drop_resp #丢弃用于标记的blackhole ip 309 | - exec: $forward_google_in 310 | 311 | #转发国外请求到内部带过期缓存的服务 312 | - tag: forward_all_in 313 | type: forward 314 | args: 315 | concurrent: 1 316 | upstreams: 317 | - addr: "udp://127.0.0.1:5656" 318 | 319 | #缓存序列-all 320 | - tag: sequence_all_single 321 | type: sequence 322 | args: 323 | - matches: "qtype 6 12 65" 324 | exec: reject 0 325 | # - exec: $cache_all 326 | # - matches: has_resp 327 | # exec: accept 328 | - exec: $forward_all_in 329 | 330 | - tag: sequence_all 331 | type: fallback 332 | args: 333 | primary: sequence_all_single 334 | secondary: sequence_all_single 335 | threshold: 3 336 | always_standby: false 337 | 338 | #列表外的域名的处理逻辑 339 | - tag: sequence_not_in_list 340 | type: sequence 341 | args: 342 | - matches: "resp_ip 127.0.0.3 ::3" 343 | exec: mark 68 #列表外 344 | - matches: mark 68 345 | exec: drop_resp #丢弃结果 346 | - matches: mark 68 347 | exec: $my_notinlist 348 | - matches: mark 68 349 | exec: $sequence_local #表外域名先发到国内 350 | - matches: #对于223没有返回V6地址且不是污染地址的,接受 351 | - "mark 68" 352 | - "qtype 28" 353 | - "rcode 0 2 3 5" 354 | - "!resp_ip 2000::/3" 355 | - "!resp_ip ::1" 356 | exec: ttl 60000 357 | - matches: 358 | - "mark 68" 359 | - "qtype 28" 360 | - "rcode 0 2 3 5" 361 | - "!resp_ip 2000::/3" 362 | - "!resp_ip ::1" 363 | - "!cname keyword:." 364 | exec: $my_nov6list #生成域名规则 365 | - matches: 366 | - "mark 68" 367 | - "qtype 28" 368 | - "rcode 0 2 3 5" 369 | - "!resp_ip 2000::/3" 370 | - "!resp_ip ::1" 371 | exec: accept #没有ip就接受 372 | - matches: "!resp_ip 0.0.0.0/0 2000::/3" #rcode 235及没有IP等情况 373 | exec: mark 123 #标记 374 | - matches: "resp_ip 127.0.0.1 0.0.0.0 ::1" #有污染IP的 375 | exec: mark 123 #标记 376 | - matches: mark 123 377 | exec: drop_resp #丢弃结果 378 | - matches: mark 123 379 | exec: $sequence_google #google dns再查一次 380 | - matches: "!resp_ip 0.0.0.0/0 2000::/3" 381 | exec: ttl 60000 #再没有IP延长TTL 382 | - matches: 383 | - "qtype 28" 384 | - "rcode 0 2 3 5" 385 | - "!resp_ip 2000::/3" 386 | - "!cname keyword:." 387 | exec: $my_nov6list #生成域名规则 388 | - matches: 389 | - "qtype 1" 390 | - "rcode 0 2 3 5" 391 | - "!resp_ip 0.0.0.0/0" 392 | - "!cname keyword:." 393 | exec: $my_nov4list #生成域名规则 394 | - matches: "!resp_ip 0.0.0.0/0 2000::/3" 395 | exec: accept #没有ip就接受 396 | - matches: "resp_ip 127.0.0.1 0.0.0.0 ::1" #有污染IP的 397 | exec: accept #谷歌dns结果没有正常ip也接受 398 | - matches: "resp_ip 17.0.0.0/8" 399 | exec: $my_realiplist 400 | - matches: "resp_ip 17.0.0.0/8" 401 | exec: accept #苹果ip就接受 402 | - matches: "!resp_ip $geoip_cn" 403 | exec: mark 89 #标记 404 | - matches: mark 89 405 | exec: $sequence_fakeip 406 | - matches: mark 89 407 | exec: $my_fakeiplist 408 | - exec: accept 409 | 410 | #生成的规则用本地dns查询 411 | - tag: gen_is_local_dns 412 | type: sequence 413 | args: 414 | - matches: qname $my_realiprule 415 | exec: black_hole 127.0.0.1 ::1 416 | 417 | #生成的规则请求fakeip 418 | - tag: gen_is_fakeip 419 | type: sequence 420 | args: 421 | - matches: qname $my_fakeiprule 422 | exec: black_hole 127.0.0.2 ::2 423 | - matches: "!resp_ip 127.0.0.2 ::2" 424 | exec: black_hole 127.0.0.3 ::3 425 | 426 | #生成的列表国内国外并发匹配,结果是black_hole的即列表外域名 427 | - tag: gen_conc 428 | type: fallback 429 | args: 430 | primary: gen_is_local_dns 431 | secondary: gen_is_fakeip 432 | threshold: 20000 433 | always_standby: true 434 | 435 | #用本地dns查询 436 | - tag: query_is_local_dns 437 | type: sequence 438 | args: 439 | - matches: qname $geosite_cn 440 | exec: black_hole 127.0.0.1 ::1 441 | 442 | #fallback并发primary和secondary都没有IP返回,会抛出错误 443 | #导致后续逻辑无法执行,在secondary中使用black_hole给假 444 | #ip作为标记供后续判断 445 | 446 | #国外域名列表/灰名单直接请求fakeip 447 | - tag: query_is_fakeip 448 | type: sequence 449 | args: 450 | - matches: qname $geosite_no_cn 451 | exec: black_hole 127.0.0.2 ::2 452 | - matches: "!resp_ip 127.0.0.2 ::2" 453 | exec: black_hole 127.0.0.3 ::3 454 | 455 | #列表内域名国内国外并发匹配,结果是black_hole的即列表外域名 456 | - tag: conc_lookup 457 | type: fallback 458 | args: 459 | primary: query_is_local_dns 460 | secondary: query_is_fakeip 461 | threshold: 20000 462 | always_standby: true 463 | 464 | #主分流序列 465 | - tag: sequence_main 466 | type: sequence 467 | args: 468 | - matches: qname $blocklist 469 | exec: reject 3 470 | - exec: $hosts 471 | - matches: has_resp 472 | exec: accept 473 | - matches: "!qtype 1 28" 474 | exec: $sequence_google 475 | - matches: "!qtype 1 28" 476 | exec: accept 477 | - matches: qname $greylist 478 | exec: mark 22 479 | - matches: mark 22 480 | exec: $sequence_fakeip 481 | - matches: mark 22 482 | exec: accept 483 | - matches: #屏蔽没有v4地址的域名 484 | - qtype 1 485 | - qname $my_nov4rule 486 | exec: reject 0 487 | - matches: #屏蔽没有v6地址的域名 488 | - qtype 28 489 | - qname $my_nov6rule 490 | exec: reject 0 491 | - matches: qname $whitelist 492 | exec: mark 11 493 | - matches: mark 11 494 | exec: $sequence_local 495 | - matches: 496 | - "mark 11" 497 | - "rcode 0 2 3 5" 498 | - "!resp_ip 0.0.0.0/0 2000::/3" 499 | exec: ttl 60000 #非A没有IP,延长TTL 500 | - matches: 501 | - "qtype 28" 502 | - "mark 11" 503 | - "rcode 0 2 3 5" 504 | - "!resp_ip 2000::/3" 505 | - "!cname keyword:." 506 | exec: $my_nov6list #生成域名规则 507 | - matches: 508 | - "qtype 1" 509 | - "mark 11" 510 | - "rcode 0 2 3 5" 511 | - "!resp_ip 0.0.0.0/0" 512 | - "!cname keyword:." 513 | exec: $my_nov4list #生成域名规则 514 | - matches: mark 11 #白名单中域名不往下漏 515 | exec: accept 516 | - matches: qname $realiplist 517 | exec: mark 33 518 | - matches: mark 33 519 | exec: $sequence_google 520 | - matches: mark 33 521 | exec: accept 522 | - exec: $gen_conc 523 | - matches: "resp_ip 127.0.0.1 ::1" 524 | exec: mark 888 #生成的域名列表匹配为realip 525 | - matches: "resp_ip 127.0.0.2 ::2" 526 | exec: mark 999 #生成的域名列表匹配为realip 527 | - matches: "resp_ip 127.0.0.3 ::3" 528 | exec: mark 666 #标记 529 | - matches: mark 666 530 | exec: drop_resp #丢弃结果 531 | - matches: mark 666 532 | exec: $conc_lookup 533 | - matches: "resp_ip 127.0.0.1 ::1" 534 | exec: $sequence_local 535 | - matches: "resp_ip 127.0.0.2 ::2" 536 | exec: mark 777 #标记 537 | - matches: mark 777 538 | exec: $sequence_fakeip 539 | - matches: 540 | - "mark 777" #fakeip 541 | - "!mark 999" #并没有在gen fakeip列表中 542 | exec: $my_fakeiplist #生成域名规则 543 | - matches: mark 777 544 | exec: accept #fakeip就接受 545 | - matches: 546 | - "!mark 888" #并没有在gen realip列表中 547 | - "resp_ip 17.0.0.0/8" #fakeip 548 | exec: $my_realiplist #生成域名规则 549 | - matches: "resp_ip 17.0.0.0/8" 550 | exec: accept #fakeip ios ip就接受 551 | - matches: 552 | - "qtype 28" #非A的只要不是黑洞IP,有没有IP都接受 553 | - "rcode 0 2 3 5" 554 | - "!resp_ip 2000::/3" 555 | - "!resp_ip ::1 ::2 ::3" 556 | exec: ttl 60000 #非A没有IP,延长TTL 557 | - matches: 558 | - "qtype 28" #非A的只要不是黑洞IP,有没有IP都接受 559 | - "rcode 0 2 3 5" 560 | - "!resp_ip 2000::/3" 561 | - "!resp_ip ::1 ::2 ::3" 562 | - "!cname keyword:." 563 | exec: $my_nov6list #生成域名规则 564 | - matches: 565 | - "qtype 28" #非A的有realip的情况 566 | - "!mark 888" #并没有在gen realip列表中 567 | - "resp_ip 2000::/3" 568 | - "!resp_ip ::1 ::2 ::3" 569 | exec: $my_realiplist #生成域名规则 570 | - matches: 571 | - "qtype 28" #非A的只要不是黑洞IP,有没有IP都接受 572 | - "!resp_ip ::1 ::2 ::3" 573 | exec: accept 574 | - matches: 575 | - "qtype 1" #A的不是黑洞IP,有正经IP才接受 576 | - "!mark 888" #并没有在gen realip列表中 577 | - "resp_ip 0.0.0.0/0" 578 | - "!resp_ip 0.0.0.0 127.0.0.1 127.0.0.2 127.0.0.3" 579 | exec: $my_realiplist #生成域名规则 580 | - matches: 581 | - "qtype 1" #A的不是黑洞IP或者污染ip,有正经IP才接受 582 | - "resp_ip 0.0.0.0/0" 583 | - "!resp_ip 0.0.0.0 127.0.0.1 127.0.0.2 127.0.0.3" 584 | exec: accept 585 | - exec: $sequence_not_in_list #其它走表外逻辑 586 | - exec: accept 587 | 588 | #专门用于解析域名节点,默认使用8888解析,5毫秒不通用换223解析 589 | - tag: sbnodefallback 590 | type: fallback 591 | args: 592 | primary: sequence_google 593 | secondary: sequence_local 594 | threshold: 5 595 | always_standby: false 596 | 597 | - tag: sequence_sbnode 598 | type: sequence 599 | args: 600 | - matches: #屏蔽没有v4地址的域名 601 | - qtype 1 602 | - qname $my_nodenov4rule 603 | exec: reject 0 604 | - matches: #屏蔽没有v6地址的域名 605 | - qtype 28 606 | - qname $my_nodenov6rule 607 | exec: reject 0 608 | - exec: $cache_node 609 | - matches: has_resp 610 | exec: accept 611 | - exec: sleep 1000 612 | - exec: $sbnodefallback 613 | - matches: 614 | - "qtype 1" 615 | - "rcode 0 2 3 5" 616 | - "!resp_ip 0.0.0.0/0" 617 | - "!cname keyword:." 618 | exec: $my_nodenov4list #生成域名规则 619 | - matches: 620 | - "qtype 28" 621 | - "rcode 0 2 3 5" 622 | - "!resp_ip 2000::/3" 623 | - "!cname keyword:." 624 | exec: $my_nodenov6list #生成域名规则 625 | 626 | ####################对外服务端口定义部分############ 627 | #解析节点域名的服务器 628 | - tag: sbnode_udp 629 | type: udp_server 630 | args: 631 | entry: sequence_sbnode 632 | listen: ":7777" 633 | 634 | - tag: sbnode_tcp 635 | type: tcp_server 636 | args: 637 | entry: sequence_sbnode 638 | listen: ":7777" 639 | 640 | #sing-box使用的服务器 641 | - tag: sb_udp 642 | type: udp_server 643 | args: 644 | entry: sequence_local 645 | listen: ":8888" 646 | 647 | - tag: sb_tcp 648 | type: tcp_server 649 | args: 650 | entry: sequence_local 651 | listen: ":8888" 652 | 653 | #国内 654 | - tag: udp_local 655 | type: udp_server 656 | args: 657 | entry: sequence_local_in 658 | listen: ":2222" 659 | 660 | - tag: tcp_local 661 | type: tcp_server 662 | args: 663 | entry: sequence_local_in 664 | listen: ":2222" 665 | 666 | #国外 667 | - tag: udp_google 668 | type: udp_server 669 | args: 670 | entry: sequence_google_in 671 | listen: ":3333" 672 | 673 | - tag: tcp_google 674 | type: tcp_server 675 | args: 676 | entry: sequence_google_in 677 | listen: ":3333" 678 | 679 | #主分流服务器 680 | - tag: udp_main 681 | type: udp_server 682 | args: 683 | entry: sequence_main 684 | listen: ":53" 685 | 686 | - tag: tcp_main 687 | type: tcp_server 688 | args: 689 | entry: sequence_main 690 | listen: ":53" 691 | idle_timeout: 720 692 | -------------------------------------------------------------------------------- /mssb/mosdns/gen/fakeiplist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/fakeiplist.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/fakeiprule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/fakeiprule.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/nodenov4list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/nodenov4list.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/nodenov4rule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/nodenov4rule.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/nodenov6list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/nodenov6list.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/nodenov6rule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/nodenov6rule.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/notinlist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/notinlist.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/notinrule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/notinrule.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/nov4list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/nov4list.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/nov4rule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/nov4rule.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/nov6list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/nov6list.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/nov6rule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/nov6rule.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/realiplist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/realiplist.txt -------------------------------------------------------------------------------- /mssb/mosdns/gen/realiprule.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/gen/realiprule.txt -------------------------------------------------------------------------------- /mssb/mosdns/proxy-device-list.txt: -------------------------------------------------------------------------------- 1 | 192.168.20.99 2 | 192.168.20.100 3 | -------------------------------------------------------------------------------- /mssb/mosdns/rule/blocklist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/rule/blocklist.txt -------------------------------------------------------------------------------- /mssb/mosdns/rule/blocklistv4.txt: -------------------------------------------------------------------------------- 1 | regexp:^(2408-|2409-|240e-).* -------------------------------------------------------------------------------- /mssb/mosdns/rule/blocklistv6.txt: -------------------------------------------------------------------------------- 1 | domain:philma.fun 2 | regexp:^\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3}\..*$ -------------------------------------------------------------------------------- /mssb/mosdns/rule/cloudflare-cidr.txt: -------------------------------------------------------------------------------- 1 | 173.245.48.0/20 2 | 103.21.244.0/22 3 | 103.22.200.0/22 4 | 103.31.4.0/22 5 | 141.101.64.0/18 6 | 108.162.192.0/18 7 | 190.93.240.0/20 8 | 188.114.96.0/20 9 | 197.234.240.0/22 10 | 198.41.128.0/17 11 | 162.158.0.0/15 12 | 104.16.0.0/13 13 | 104.24.0.0/14 14 | 172.64.0.0/13 15 | 131.0.72.0/22 16 | 2400:cb00::/32 17 | 2606:4700::/32 18 | 2803:f800::/32 19 | 2405:b500::/32 20 | 2405:8100::/32 21 | 2a06:98c0::/29 22 | 2c0f:f248::/32 23 | -------------------------------------------------------------------------------- /mssb/mosdns/rule/cnv6-only.txt: -------------------------------------------------------------------------------- 1 | full:6.ipw.cn 2 | full:test6.ustc.edu.cn 3 | domain:philma.fun 4 | domain:mbjlkg.lol 5 | domain:huacloud.xyz 6 | domain:rfp4ucx.xyz 7 | domain:myip.ipip.net 8 | domain:nexconvert.com 9 | domain:msftconnecttest.com 10 | domain:space.bilibili.com 11 | domain:b23.tv 12 | domain:msedge.com 13 | domain:msedge.net 14 | domain:azurefd.com 15 | domain:azure.com 16 | domain:default.exp-tas.com 17 | domain:azureedge.net 18 | domain:msftncsi.com 19 | domain:nn.ci 20 | domain:config.edge.skype.com 21 | regexp:^rr[0-9]+---sn-[a-z0-9]+\.googlevideo\.com$ -------------------------------------------------------------------------------- /mssb/mosdns/rule/ddnslist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/rule/ddnslist.txt -------------------------------------------------------------------------------- /mssb/mosdns/rule/googlev6.txt: -------------------------------------------------------------------------------- 1 | domain:googlevideo.com 2 | -------------------------------------------------------------------------------- /mssb/mosdns/rule/greylist.txt: -------------------------------------------------------------------------------- 1 | full:mypikpak.com 2 | full:access.mypikpak.com 3 | domain:googleapis.cn 4 | domain:4d4y.com 5 | domain:iii80.com 6 | domain:googleapis.com 7 | domain:google.com 8 | domain:gstatic.com 9 | full:e13252.dscg.akamaiedge.net 10 | full:h-netflix.online-metrix.net 11 | full:netflix.com.edgesuite.net 12 | domain:cookielaw.org 13 | domain:fast.com 14 | domain:flxvpn.net 15 | domain:netflix.ca 16 | domain:netflix.com 17 | domain:netflix.com.au 18 | domain:netflix.com.edgesuite.net 19 | domain:netflix.net 20 | domain:netflixdnstest0.com 21 | domain:netflixdnstest1.com 22 | domain:netflixdnstest10.com 23 | domain:netflixdnstest2.com 24 | domain:netflixdnstest3.com 25 | domain:netflixdnstest4.com 26 | domain:netflixdnstest5.com 27 | domain:netflixdnstest6.com 28 | domain:netflixdnstest7.com 29 | domain:netflixdnstest8.com 30 | domain:netflixdnstest9.com 31 | domain:netflixinvestor.com 32 | domain:netflixstudios.com 33 | domain:netflixtechblog.com 34 | domain:nflxext.com 35 | domain:nflximg.com 36 | domain:nflximg.net 37 | domain:nflxsearch.net 38 | domain:nflxso.net 39 | domain:nflxvideo.net 40 | domain:onetrust.com 41 | domain:us-west-2.amazonaws.com 42 | domain:store.ui.com.cn 43 | domain:hassbian.com 44 | domain:copilot.microsoft.com 45 | domain:prod.rewardsplatform.microsoft.com 46 | domain:edge.microsoft.com 47 | domain:nav-edge.smartscreen.microsoft.com 48 | domain:functional.events.data.microsoft.com 49 | domain:edgeservices.bing.com 50 | domain:sydney.bing.com 51 | domain:bing.com 52 | domain:bing.com.cn 53 | domain:bing.net 54 | domain:bingads.com 55 | domain:bingagencyawards.com 56 | domain:bingapistatistics.com 57 | domain:bingsandbox.com 58 | domain:bingvisualsearch.com 59 | domain:bingworld.com 60 | keyword:apiproxy-device-prod-nlb- 61 | keyword:dualstack.apiproxy- 62 | keyword:dualstack.ichnaea-web- 63 | keyword:netflixdnstest -------------------------------------------------------------------------------- /mssb/mosdns/rule/hosts.txt: -------------------------------------------------------------------------------- 1 | logs.netflix.com 127.0.0.1 ::1 2 | trace-server.prod-clustered.bugs.firebat.prime-video.amazon.dev 127.0.0.1 ::1 -------------------------------------------------------------------------------- /mssb/mosdns/rule/local-ptr.txt: -------------------------------------------------------------------------------- 1 | 0.in-addr.arpa 2 | 10.in-addr.arpa 3 | 127.in-addr.arpa 4 | 16.172.in-addr.arpa 5 | 17.172.in-addr.arpa 6 | 18.172.in-addr.arpa 7 | 19.172.in-addr.arpa 8 | 20.172.in-addr.arpa 9 | 21.172.in-addr.arpa 10 | 22.172.in-addr.arpa 11 | 23.172.in-addr.arpa 12 | 24.172.in-addr.arpa 13 | 25.172.in-addr.arpa 14 | 26.172.in-addr.arpa 15 | 27.172.in-addr.arpa 16 | 28.172.in-addr.arpa 17 | 29.172.in-addr.arpa 18 | 30.172.in-addr.arpa 19 | 31.172.in-addr.arpa 20 | 64.100.in-addr.arpa 21 | 65.100.in-addr.arpa 22 | 66.100.in-addr.arpa 23 | 67.100.in-addr.arpa 24 | 68.100.in-addr.arpa 25 | 69.100.in-addr.arpa 26 | 70.100.in-addr.arpa 27 | 71.100.in-addr.arpa 28 | 72.100.in-addr.arpa 29 | 73.100.in-addr.arpa 30 | 74.100.in-addr.arpa 31 | 75.100.in-addr.arpa 32 | 76.100.in-addr.arpa 33 | 77.100.in-addr.arpa 34 | 78.100.in-addr.arpa 35 | 79.100.in-addr.arpa 36 | 80.100.in-addr.arpa 37 | 81.100.in-addr.arpa 38 | 82.100.in-addr.arpa 39 | 83.100.in-addr.arpa 40 | 84.100.in-addr.arpa 41 | 85.100.in-addr.arpa 42 | 86.100.in-addr.arpa 43 | 87.100.in-addr.arpa 44 | 88.100.in-addr.arpa 45 | 89.100.in-addr.arpa 46 | 90.100.in-addr.arpa 47 | 91.100.in-addr.arpa 48 | 92.100.in-addr.arpa 49 | 93.100.in-addr.arpa 50 | 94.100.in-addr.arpa 51 | 95.100.in-addr.arpa 52 | 96.100.in-addr.arpa 53 | 97.100.in-addr.arpa 54 | 98.100.in-addr.arpa 55 | 99.100.in-addr.arpa 56 | 100.100.in-addr.arpa 57 | 101.100.in-addr.arpa 58 | 102.100.in-addr.arpa 59 | 103.100.in-addr.arpa 60 | 104.100.in-addr.arpa 61 | 105.100.in-addr.arpa 62 | 106.100.in-addr.arpa 63 | 107.100.in-addr.arpa 64 | 108.100.in-addr.arpa 65 | 109.100.in-addr.arpa 66 | 110.100.in-addr.arpa 67 | 111.100.in-addr.arpa 68 | 112.100.in-addr.arpa 69 | 113.100.in-addr.arpa 70 | 114.100.in-addr.arpa 71 | 115.100.in-addr.arpa 72 | 116.100.in-addr.arpa 73 | 117.100.in-addr.arpa 74 | 118.100.in-addr.arpa 75 | 119.100.in-addr.arpa 76 | 120.100.in-addr.arpa 77 | 121.100.in-addr.arpa 78 | 122.100.in-addr.arpa 79 | 123.100.in-addr.arpa 80 | 124.100.in-addr.arpa 81 | 125.100.in-addr.arpa 82 | 126.100.in-addr.arpa 83 | 127.100.in-addr.arpa 84 | 2.0.192.in-addr.arpa 85 | 168.192.in-addr.arpa 86 | 255.255.255.255.in-addr.arpa 87 | domain:ip6.arpa -------------------------------------------------------------------------------- /mssb/mosdns/rule/realiplist.txt: -------------------------------------------------------------------------------- 1 | domain:manhuagui.com -------------------------------------------------------------------------------- /mssb/mosdns/rule/redirect.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/rule/redirect.txt -------------------------------------------------------------------------------- /mssb/mosdns/rule/whitelist.txt: -------------------------------------------------------------------------------- 1 | full:6.ipw.cn 2 | full:test6.ustc.edu.cn 3 | full:apiauth.quickconnect.to 4 | domain:nkvod.com 5 | domain:mbjlkg.lol 6 | domain:huacloud.xyz 7 | domain:rfp4ucx.xyz 8 | domain:myip.ipip.net 9 | domain:nexconvert.com 10 | domain:heartbeat.belkin.com 11 | domain:msftconnecttest.com 12 | domain:space.bilibili.com 13 | domain:b23.tv 14 | domain:msedge.com 15 | domain:msedge.net 16 | domain:azurefd.com 17 | domain:azure.com 18 | domain:default.exp-tas.com 19 | domain:azureedge.net 20 | domain:xboxlive.com 21 | domain:sfx.ms 22 | domain:msftncsi.com 23 | domain:nn.ci 24 | domain:config.edge.skype.com 25 | domain:bing.com 26 | domain:push-apple.com.akadns.net 27 | domain:live.com 28 | domain:msn.com 29 | domain:ntp.org 30 | domain:office.com 31 | domain:qlogo.cn 32 | domain:qq.com 33 | domain:jd.com 34 | domain:jd.hk 35 | domain:apple.cn 36 | domain:me.com 37 | domain:apple.com 38 | domain:icloud.com 39 | domain:icloud-content.com 40 | domain:push-apple.com.akadns.net 41 | domain:push.apple.com 42 | domain:iphone-ld.apple.com 43 | domain:lcdn-locator.apple.com 44 | domain:lcdn-registration.apple.com 45 | domain:cn-ssl.ls.apple.com 46 | domain:time.apple.com 47 | full:gs-loc-cn.apple.com 48 | full:gsp10-ssl-cn.ls.apple.com 49 | full:gsp12-cn.ls.apple.com 50 | full:gsp13-cn.ls.apple.com 51 | full:gsp4-cn.ls.apple.com.edgekey.net.globalredir.akadns.net 52 | full:gsp4-cn.ls.apple.com.edgekey.net 53 | full:gsp4-cn.ls.apple.com 54 | full:gsp5-cn.ls.apple.com 55 | full:gsp85-cn-ssl.ls.apple.com 56 | full:gspe19-2-cn-ssl.ls.apple.com 57 | full:gspe19-cn-ssl.ls.apple.com 58 | full:gspe19-cn.ls-apple.com.akadns.net 59 | full:gspe19-cn.ls.apple.com 60 | full:gspe79-cn-ssl.ls.apple.com 61 | full:cl2-cn.apple.com 62 | full:cl4-cn.apple.com 63 | domain:dht.libtorrent.org 64 | domain:dht.transmissionbt.com 65 | domain:dns.msftncsi.com 66 | domain:ipv6.msftconnecttest.com 67 | domain:www.msftconnecttest.com 68 | domain:microsoft.com 69 | domain:office.com 70 | domain:office365.com 71 | domain:xiuxitong.com 72 | domain:pc528.net 73 | domain:pc521.net 74 | domain:redhat.com 75 | domain:steamserver.net 76 | domain:tawk.to 77 | keyword:jd.com 78 | keyword:douyin 79 | keyword:microsoft 80 | keyword:windows 81 | keyword:apple 82 | keyword:icloud 83 | keyword:itunes 84 | keyword:douyin 85 | keyword:aaplimg 86 | keyword:akadns 87 | keyword:akamai 88 | keyword:qtlcdn 89 | -------------------------------------------------------------------------------- /mssb/mosdns/unpack/disable-ads.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/mosdns/unpack/disable-ads.txt -------------------------------------------------------------------------------- /mssb/sing-box/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "log": { 3 | "disabled": false, 4 | "level": "panic", 5 | "timestamp": true 6 | }, 7 | "experimental": { 8 | "clash_api": { 9 | "external_controller": "0.0.0.0:9090", 10 | "external_ui": "/mssb/sing-box/ui", 11 | "secret": "", 12 | "default_mode": "rule" 13 | }, 14 | "cache_file": { 15 | "enabled": true, 16 | "path": "/mssb/sing-box/cache.db", 17 | "store_fakeip": true 18 | } 19 | }, 20 | "dns": { 21 | "servers": [ 22 | {"tag": "localDns", "address": "tls://223.5.5.5:853", "detour": "direct"}, 23 | {"tag": "nodedns", "address": "tls://223.6.6.6:853", "detour": "direct"}, 24 | {"tag": "fakeipDNS", "address": "fakeip"}, 25 | {"tag": "block", "address": "rcode://success"} 26 | ], 27 | "rules": [ 28 | {"inbound": "in-dns", "server": "fakeipDNS", "disable_cache": false, "rewrite_ttl": 1}, 29 | {"outbound": "direct", "server": "localDns"}, 30 | {"outbound": "any", "server": "nodedns", "disable_cache": false} 31 | ], 32 | "fakeip": {"enabled": true, "inet4_range": "28.0.0.0/8", "inet6_range": "f2b0::/18"}, 33 | "independent_cache": true, 34 | "lazy_cache": true, 35 | "disable_expire": false, 36 | "final": "localDns" 37 | }, 38 | "inbounds": [ 39 | {"type": "mixed", "listen": "::", "listen_port": 10000}, 40 | {"type": "direct", "tag": "in-dns", "tcp_fast_open": true, "sniff": false, "listen": "::", "listen_port": 6666}, 41 | {"type": "tproxy", "tag": "tp", "listen": "::", "listen_port": 7896, "tcp_fast_open": true, "sniff": false, 42 | "sniff_override_destination": false, 43 | "sniff_timeout": "300ms", 44 | "udp_disable_domain_unmapping": false, 45 | "udp_timeout": "5m" 46 | }, 47 | {"type": "socks", "listen": "0.0.0.0", "listen_port": 7891, "tcp_multi_path": false, "tcp_fast_open": false, 48 | "udp_fragment": false, 49 | "sniff": false, 50 | "users": [] 51 | }, 52 | {"type": "shadowsocks", "tag": "ss-in", "tcp_fast_open": true, "listen": "0.0.0.0", "listen_port": 10813, 53 | "method": "aes-128-gcm", 54 | "password": "1234567890", 55 | "multiplex": {} 56 | } 57 | ], 58 | "outbound_providers": [ 59 | { 60 | "type": "remote", 61 | "path": "/mssb/sing-box/providers/1.yaml", 62 | "tag": "✈️机场1", 63 | "healthcheck_url": "http://www.gstatic.com/generate_204", 64 | "healthcheck_interval": "10m0s", 65 | "download_url": "https://", 66 | "download_ua": "clash.meta", 67 | "download_interval": "24h0m0s", 68 | "download_detour": "direct" 69 | } 70 | ], 71 | "outbounds": [ 72 | {"tag": "♻️ 手动选择", "type": "selector", 73 | "use_all_providers": true, 74 | "excludes": "Premium" 75 | }, 76 | {"tag": "🚀 节点选择", "type": "selector", 77 | "outbounds": [ 78 | "♻️ 手动选择", 79 | "🇯🇵 日本节点-urltest", 80 | "✨台湾节点-urltest", 81 | "🇸🇬 新加坡节点-urltest", 82 | "🇭🇰 香港节点-urltest", 83 | "🇺🇲 美国节点-urltest", 84 | "🔰 其它节点-urltest", 85 | "🇯🇵 日本节点", 86 | "✨台湾节点", 87 | "🇸🇬 新加坡节点", 88 | "🇭🇰 香港节点", 89 | "🇺🇲 美国节点", 90 | "🔰 其它节点" 91 | ], 92 | "excludes": "Premium" 93 | }, 94 | {"tag": "👦的代理", "type": "selector", 95 | "outbounds": [ 96 | "direct", 97 | "🚀 节点选择", 98 | "♻️ 手动选择", 99 | "🇯🇵 日本节点-urltest", 100 | "✨台湾节点-urltest", 101 | "🇸🇬 新加坡节点-urltest", 102 | "🇭🇰 香港节点-urltest", 103 | "🇺🇲 美国节点-urltest", 104 | "🔰 其它节点-urltest", 105 | "✨台湾节点", 106 | "🇯🇵 日本节点", 107 | "🇸🇬 新加坡节点", 108 | "🇭🇰 香港节点", 109 | "🇺🇲 美国节点", 110 | "🔰 其它节点" 111 | ], 112 | "excludes": "Premium", 113 | "default": "🇭🇰 香港节点" 114 | }, 115 | {"tag": "👦的直连", "type": "selector", 116 | "outbounds": [ 117 | "direct", 118 | "🚀 节点选择", 119 | "♻️ 手动选择" 120 | ], 121 | "excludes": "Premium", 122 | "default": "direct" 123 | }, 124 | {"tag": "🎬PT站点", "type": "selector", 125 | "outbounds": [ 126 | "direct", 127 | "🚀 节点选择", 128 | "♻️ 手动选择" 129 | ], 130 | "excludes": "Premium", 131 | "default": "direct" 132 | }, 133 | {"tag": "📈网络测试", "type": "selector", 134 | "outbounds": [ 135 | "direct", 136 | "🚀 节点选择", 137 | "♻️ 手动选择", 138 | "🇯🇵 日本节点-urltest", 139 | "✨台湾节点-urltest", 140 | "🇸🇬 新加坡节点-urltest", 141 | "🇭🇰 香港节点-urltest", 142 | "🇺🇲 美国节点-urltest", 143 | "🔰 其它节点-urltest", 144 | "✨台湾节点", 145 | "🇯🇵 日本节点", 146 | "🇸🇬 新加坡节点", 147 | "🇭🇰 香港节点", 148 | "🇺🇲 美国节点", 149 | "🔰 其它节点" 150 | ], 151 | "excludes": "Premium", 152 | "default": "direct" 153 | }, 154 | {"tag": "🌌 Google", "type": "selector", 155 | "outbounds": [ 156 | "🚀 节点选择", 157 | "♻️ 手动选择", 158 | "🇯🇵 日本节点-urltest", 159 | "✨台湾节点-urltest", 160 | "🇸🇬 新加坡节点-urltest", 161 | "🇭🇰 香港节点-urltest", 162 | "🇺🇲 美国节点-urltest", 163 | "🔰 其它节点-urltest", 164 | "✨台湾节点", 165 | "🇯🇵 日本节点", 166 | "🇸🇬 新加坡节点", 167 | "🇭🇰 香港节点", 168 | "🇺🇲 美国节点", 169 | "🔰 其它节点" 170 | ], 171 | "excludes": "Premium", 172 | "default": "🇭🇰 香港节点" 173 | }, 174 | {"tag": "🤖 OpenAI", "type": "selector", 175 | "outbounds": [ 176 | "🚀 节点选择", 177 | "♻️ 手动选择", 178 | "🇯🇵 日本节点-urltest", 179 | "✨台湾节点-urltest", 180 | "🇸🇬 新加坡节点-urltest", 181 | "🇭🇰 香港节点-urltest", 182 | "🇺🇲 美国节点-urltest", 183 | "🔰 其它节点-urltest", 184 | "✨台湾节点", 185 | "🇯🇵 日本节点", 186 | "🇸🇬 新加坡节点", 187 | "🇭🇰 香港节点", 188 | "🇺🇲 美国节点", 189 | "🔰 其它节点" 190 | ], 191 | "excludes": "Premium", 192 | "default": "🇺🇲 美国节点" 193 | }, 194 | {"tag": "📲 电报消息", "type": "selector", 195 | "outbounds": [ 196 | "🚀 节点选择", 197 | "♻️ 手动选择", 198 | "🇯🇵 日本节点-urltest", 199 | "✨台湾节点-urltest", 200 | "🇸🇬 新加坡节点-urltest", 201 | "🇭🇰 香港节点-urltest", 202 | "🇺🇲 美国节点-urltest", 203 | "🔰 其它节点-urltest", 204 | "✨台湾节点", 205 | "🇯🇵 日本节点", 206 | "🇸🇬 新加坡节点", 207 | "🇭🇰 香港节点", 208 | "🇺🇲 美国节点", 209 | "🔰 其它节点" 210 | ], 211 | "excludes": "Premium" 212 | }, 213 | {"tag": "🎬 MediaVideo", "type": "selector", 214 | "outbounds": [ 215 | "🚀 节点选择", 216 | "🇯🇵 日本节点-urltest", 217 | "✨台湾节点-urltest", 218 | "🇸🇬 新加坡节点-urltest", 219 | "🇭🇰 香港节点-urltest", 220 | "🇺🇲 美国节点-urltest", 221 | "🔰 其它节点-urltest", 222 | "♻️ 手动选择", 223 | "✨台湾节点", 224 | "🇯🇵 日本节点", 225 | "🇸🇬 新加坡节点", 226 | "🇭🇰 香港节点", 227 | "🇺🇲 美国节点", 228 | "🔰 其它节点" 229 | ], 230 | "excludes": "Premium", 231 | "default": "🚀 节点选择" 232 | }, 233 | {"tag": "🍎 苹果服务", "type": "selector", 234 | "outbounds": [ 235 | "direct", 236 | "🇯🇵 日本节点-urltest", 237 | "✨台湾节点-urltest", 238 | "🇸🇬 新加坡节点-urltest", 239 | "🇭🇰 香港节点-urltest", 240 | "🇺🇲 美国节点-urltest", 241 | "🔰 其它节点-urltest", 242 | "🚀 节点选择", 243 | "♻️ 手动选择", 244 | "🇯🇵 日本节点", 245 | "✨台湾节点", 246 | "🇸🇬 新加坡节点", 247 | "🇭🇰 香港节点", 248 | "🇺🇲 美国节点", 249 | "🔰 其它节点" 250 | ], 251 | "excludes": "Premium", 252 | "default": "direct" 253 | }, 254 | {"tag": "🧩 Microsoft", "type": "selector", 255 | "outbounds": [ 256 | "direct", 257 | "🇯🇵 日本节点-urltest", 258 | "✨台湾节点-urltest", 259 | "🇸🇬 新加坡节点-urltest", 260 | "🇭🇰 香港节点-urltest", 261 | "🇺🇲 美国节点-urltest", 262 | "🔰 其它节点-urltest", 263 | "🚀 节点选择", 264 | "♻️ 手动选择", 265 | "✨台湾节点", 266 | "🇯🇵 日本节点", 267 | "🇸🇬 新加坡节点", 268 | "🇭🇰 香港节点", 269 | "🇺🇲 美国节点", 270 | "🔰 其它节点" 271 | ], 272 | "excludes": "Premium", 273 | "default": "direct" 274 | }, 275 | {"tag": "🐦 Twitter", "type": "selector", 276 | "outbounds": [ 277 | "🚀 节点选择", 278 | "🇯🇵 日本节点-urltest", 279 | "✨台湾节点-urltest", 280 | "🇸🇬 新加坡节点-urltest", 281 | "🇭🇰 香港节点-urltest", 282 | "🇺🇲 美国节点-urltest", 283 | "🔰 其它节点-urltest", 284 | "♻️ 手动选择", 285 | "✨台湾节点", 286 | "🇯🇵 日本节点", 287 | "🇸🇬 新加坡节点", 288 | "🇭🇰 香港节点", 289 | "🇺🇲 美国节点", 290 | "🔰 其它节点" 291 | ], 292 | "excludes": "Premium", 293 | "default": "🇺🇲 美国节点" 294 | }, 295 | {"tag": "👤 Facebook", "type": "selector", 296 | "outbounds": [ 297 | "🚀 节点选择", 298 | "🇯🇵 日本节点-urltest", 299 | "✨台湾节点-urltest", 300 | "🇸🇬 新加坡节点-urltest", 301 | "🇭🇰 香港节点-urltest", 302 | "🇺🇲 美国节点-urltest", 303 | "🔰 其它节点-urltest", 304 | "♻️ 手动选择", 305 | "✨台湾节点", 306 | "🇯🇵 日本节点", 307 | "🇸🇬 新加坡节点", 308 | "🇭🇰 香港节点", 309 | "🇺🇲 美国节点", 310 | "🔰 其它节点" 311 | ], 312 | "excludes": "Premium", 313 | "default": "🚀 节点选择" 314 | }, 315 | {"tag": "🛍️ Amazon", "type": "selector", 316 | "outbounds": [ 317 | "🚀 节点选择", 318 | "🇯🇵 日本节点-urltest", 319 | "✨台湾节点-urltest", 320 | "🇸🇬 新加坡节点-urltest", 321 | "🇭🇰 香港节点-urltest", 322 | "🇺🇲 美国节点-urltest", 323 | "🔰 其它节点-urltest", 324 | "♻️ 手动选择", 325 | "✨台湾节点", 326 | "🇯🇵 日本节点", 327 | "🇸🇬 新加坡节点", 328 | "🇭🇰 香港节点", 329 | "🇺🇲 美国节点", 330 | "🔰 其它节点" 331 | ], 332 | "excludes": "Premium", 333 | "default": "🚀 节点选择" 334 | }, 335 | {"tag": "🎮 Game", "type": "selector", 336 | "outbounds": [ 337 | "direct", 338 | "🇯🇵 日本节点-urltest", 339 | "✨台湾节点-urltest", 340 | "🇸🇬 新加坡节点-urltest", 341 | "🇭🇰 香港节点-urltest", 342 | "🇺🇲 美国节点-urltest", 343 | "🔰 其它节点-urltest", 344 | "🚀 节点选择", 345 | "♻️ 手动选择", 346 | "🇯🇵 日本节点", 347 | "✨台湾节点", 348 | "🇸🇬 新加坡节点", 349 | "🇭🇰 香港节点", 350 | "🇺🇲 美国节点", 351 | "🔰 其它节点" 352 | ], 353 | "excludes": "Premium", 354 | "default": "direct" 355 | }, 356 | {"tag": "block", "type": "block"}, 357 | {"tag": "direct", "type": "direct", "tcp_fast_open": false, "udp_fragment": false, "tcp_multi_path": false}, 358 | {"tag": "dns-out", "type": "dns"}, 359 | {"tag": "🇯🇵 日本节点", "type": "selector", "use_all_providers": true, 360 | "includes": "(?i)日本|东京|大阪|[^-]日|JP|Japan", 361 | "excludes": "Premium" 362 | }, 363 | {"tag": "🇸🇬 新加坡节点", "type": "selector", "use_all_providers": true, 364 | "includes": "(?i)新加坡|坡|狮城|SG|Singapore", 365 | "excludes": "Premium" 366 | }, 367 | {"tag": "🇭🇰 香港节点", "type": "selector", 368 | "use_all_providers": true, 369 | "includes": "(?i)香港|HK|hk|Hong Kong|HongKong|hongkong", 370 | "excludes": "Premium" 371 | }, 372 | {"tag": "✨台湾节点", "type": "selector", 373 | "use_all_providers": true, 374 | "includes": "(?i)🇹🇼|TW|tw|台湾|臺灣|台|Taiwan", 375 | "excludes": "Premium" 376 | }, 377 | {"tag": "🇺🇲 美国节点", "type": "selector", 378 | "use_all_providers": true, 379 | "includes": "(?i)美|达拉斯|洛杉矶|圣何塞|US|United States", 380 | "excludes": "Premium" 381 | }, 382 | {"tag": "🔰 其它节点", "type": "selector", 383 | "use_all_providers": true, 384 | "includes": "(?i)德国|DE|brd|germany|荷兰|NL|Netherlands|法国|FR|France|French Republic|澳大利亚|AU|Australia|迪拜|UAE|Dubai|印度|IN|India|KR|Korea|KOR|首尔|韩|韓|英国|UnitedKingdom|UK|英|瑞典|Sweden|SE|巴西|Brazil|BR|非洲|Africa|AF", 385 | "excludes": "Premium" 386 | }, 387 | {"tag": "🇯🇵 日本节点-urltest", "type": "urltest", 388 | "use_all_providers": true, 389 | "includes": "(?i)日本|东京|大阪|[^-]日|JP|Japan", 390 | "excludes": "Premium" 391 | }, 392 | {"tag": "🇸🇬 新加坡节点-urltest", "type": "urltest", 393 | "use_all_providers": true, 394 | "includes": "(?i)新加坡|坡|狮城|SG|Singapore", 395 | "excludes": "Premium" 396 | }, 397 | {"tag": "🇭🇰 香港节点-urltest", "type": "urltest", 398 | "use_all_providers": true, 399 | "includes": "(?i)香港|HK|hk|Hong Kong|HongKong|hongkong", 400 | "excludes": "Premium" 401 | }, 402 | {"tag": "✨台湾节点-urltest", "type": "urltest", 403 | "use_all_providers": true, 404 | "includes": "(?i)🇹🇼|TW|tw|台湾|臺灣|台|Taiwan", 405 | "excludes": "Premium" 406 | }, 407 | {"tag": "🇺🇲 美国节点-urltest", "type": "urltest", 408 | "use_all_providers": true, 409 | "includes": "(?i)美|达拉斯|洛杉矶|圣何塞|US|United States", 410 | "excludes": "Premium" 411 | }, 412 | {"tag": "🔰 其它节点-urltest", "type": "urltest", 413 | "use_all_providers": true, 414 | "includes": "(?i)德国|DE|brd|germany|荷兰|NL|Netherlands|法国|FR|France|French Republic|澳大利亚|AU|Australia|迪拜|UAE|Dubai|印度|IN|India|KR|Korea|KOR|首尔|韩|韓|英国|UnitedKingdom|UK|英|瑞典|Sweden|SE|巴西|Brazil|BR|非洲|Africa|AF", 415 | "excludes": "Premium" 416 | }, 417 | {"tag": "🐟 漏网之鱼", "type": "selector", 418 | "outbounds": "🚀 节点选择", 419 | "excludes": "Premium" 420 | } 421 | ], 422 | "route": { 423 | "final": "🐟 漏网之鱼", 424 | "auto_detect_interface": true, 425 | "concurrent_dial": true, 426 | "default_mark": 1, 427 | "rules": [ 428 | {"inbound": "in-dns", "outbound": "dns-out"}, 429 | {"ip_cidr": ["8.8.8.8", "8.8.4.4", "1.1.1.1", "1.0.0.1", "9.9.9.9"], "skip_resolve": true, "outbound": "🚀 节点选择"}, 430 | {"ip_cidr": ["223.5.5.5", "223.6.6.5", "119.29.29.29", "119.28.28.28"], "skip_resolve": true, "outbound": "direct"}, 431 | {"network": "udp", "port": 443, "outbound": "block"}, 432 | {"rule_set": "mydirect", "skip_resolve": true, "outbound": "👦的直连" }, 433 | {"rule_set": "myproxy", "skip_resolve": true, "outbound": "👦的代理" }, 434 | {"rule_set": "pt", "skip_resolve": true, "outbound": "🎬PT站点" }, 435 | {"rule_set": "networktest", "skip_resolve": true, "outbound": "📈网络测试" }, 436 | {"rule_set": "geosite-openai", "skip_resolve": true, "outbound": "🤖 OpenAI"}, 437 | {"rule_set": "geosite-youtube", "skip_resolve": true, "outbound": "🌌 Google"}, 438 | {"rule_set": ["geosite-google", "geoip-google", "geosite-github"], "skip_resolve": true, "outbound": "🌌 Google"}, 439 | {"rule_set": ["geosite-telegram", "geoip-telegram"], "skip_resolve": true, "outbound": "📲 电报消息"}, 440 | {"rule_set": ["geosite-twitter", "geoip-twitter"], "skip_resolve": true, "outbound": "🐦 Twitter"}, 441 | {"rule_set": ["geosite-facebook", "geoip-facebook", "geosite-instagram"], "skip_resolve": true, "outbound": "👤 Facebook"}, 442 | {"rule_set": ["geosite-tiktok", "geosite-netflix", "geoip-netflix", "geosite-hbo", "geosite-disney", "geosite-primevideo"], "skip_resolve": true, "outbound": "🎬 MediaVideo"}, 443 | {"rule_set": "geosite-amazon", "skip_resolve": true, "outbound": "🛍️ Amazon"}, 444 | {"rule_set": "geosite-apple", "skip_resolve": true, "outbound": "🍎 苹果服务"}, 445 | {"rule_set": "geosite-microsoft", "skip_resolve": true, "outbound": "🧩 Microsoft"}, 446 | {"rule_set": "geosite-category-games-cn", "skip_resolve": true, "outbound": "direct"}, 447 | {"rule_set": "geosite-category-games", "skip_resolve": true, "outbound": "🎮 Game"}, 448 | {"rule_set": "geosite-geolocation-!cn", "skip_resolve": true, "outbound": "🚀 节点选择"}, 449 | {"rule_set": "geoip-cn", "skip_resolve": true, "outbound": "direct"}, 450 | {"port_range": "10000:30000", "skip_resolve": true, "outbound": "direct"}, 451 | {"ip_is_private": true, "skip_resolve": true, "outbound": "direct"} 452 | ], 453 | "rule_set": [ 454 | { 455 | "tag": "mydirect", 456 | "type": "remote", 457 | "format": "source", 458 | "path": "/mssb/sing-box/ruleset/mydirect.json", 459 | "url": "https://raw.githubusercontent.com/baozaodetudou/singbox/main/rule/direct.json", 460 | "download_detour": "🚀 节点选择", 461 | "update_interval": "1h" 462 | }, 463 | { 464 | "tag": "myproxy", 465 | "type": "remote", 466 | "format": "source", 467 | "path": "/mssb/sing-box/ruleset/myproxy.json", 468 | "url": "https://raw.githubusercontent.com/baozaodetudou/singbox/main/rule/proxy.json", 469 | "download_detour": "🚀 节点选择", 470 | "update_interval": "1h" 471 | }, 472 | { 473 | "tag": "pt", 474 | "type": "remote", 475 | "path": "/mssb/sing-box/ruleset/pt.srs", 476 | "format": "binary", 477 | "url": "https://cdn.jsdelivr.net/gh/baozaodetudou/ruleset_geodata@sing-box-ruleset/pt.srs", 478 | "download_detour": "direct", 479 | "update_interval": "7d" 480 | }, 481 | { 482 | "tag": "networktest", 483 | "type": "remote", 484 | "format": "binary", 485 | "path": "/mssb/sing-box/ruleset/networktest.srs", 486 | "url": "https://cdn.jsdelivr.net/gh/DustinWin/ruleset_geodata@sing-box-ruleset/networktest.srs", 487 | "download_detour": "direct", 488 | "update_interval": "7d" 489 | }, 490 | { 491 | "tag": "geoip-google", 492 | "type": "remote", 493 | "path": "/mssb/sing-box/rule/geoip/google.srs", 494 | "format": "binary", 495 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/google.srs", 496 | "download_detour": "direct", 497 | "update_interval": "7d" 498 | }, 499 | { 500 | "tag": "geoip-telegram", 501 | "type": "remote", 502 | "format": "binary", 503 | "path": "/mssb/sing-box/rule/geoip/telegram.srs", 504 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/telegram.srs", 505 | "download_detour": "direct", 506 | "update_interval": "7d" 507 | }, 508 | { 509 | "tag": "geoip-twitter", 510 | "type": "remote", 511 | "format": "binary", 512 | "path": "/mssb/sing-box/rule/geoip/twitter.srs", 513 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/twitter.srs", 514 | "download_detour": "direct", 515 | "update_interval": "7d" 516 | }, 517 | { 518 | "tag": "geoip-facebook", 519 | "type": "remote", 520 | "format": "binary", 521 | "path": "/mssb/sing-box/rule/geoip/facebook.srs", 522 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/facebook.srs", 523 | "download_detour": "direct", 524 | "update_interval": "7d" 525 | }, 526 | { 527 | "tag": "geoip-netflix", 528 | "type": "remote", 529 | "format": "binary", 530 | "path": "/mssb/sing-box/rule/geoip/netflix.srs", 531 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/netflix.srs", 532 | "download_detour": "direct", 533 | "update_interval": "7d" 534 | }, 535 | { 536 | "tag": "geoip-cn", 537 | "type": "remote", 538 | "format": "binary", 539 | "path": "/mssb/sing-box/rule/geoip/geoip-cn.srs", 540 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs", 541 | "download_detour": "direct", 542 | "update_interval": "7d" 543 | }, 544 | { 545 | "tag": "geosite-openai", 546 | "type": "remote", 547 | "format": "binary", 548 | "path": "/mssb/sing-box/rule/geosite/openai.srs", 549 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/openai.srs", 550 | "download_detour": "direct", 551 | "update_interval": "7d" 552 | }, 553 | { 554 | "tag": "geosite-youtube", 555 | "type": "remote", 556 | "format": "binary", 557 | "path": "/mssb/sing-box/rule/geosite/youtube.srs", 558 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/youtube.srs", 559 | "download_detour": "direct", 560 | "update_interval": "7d" 561 | }, 562 | { 563 | "tag": "geosite-google", 564 | "type": "remote", 565 | "format": "binary", 566 | "path": "/mssb/sing-box/rule/geosite/google.srs", 567 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/google.srs", 568 | "download_detour": "direct", 569 | "update_interval": "7d" 570 | }, 571 | { 572 | "tag": "geosite-github", 573 | "type": "remote", 574 | "format": "binary", 575 | "path": "/mssb/sing-box/rule/geosite/github.srs", 576 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/github.srs", 577 | "download_detour": "direct", 578 | "update_interval": "7d" 579 | }, 580 | { 581 | "tag": "geosite-telegram", 582 | "type": "remote", 583 | "format": "binary", 584 | "path": "/mssb/sing-box/rule/geosite/telegram.srs", 585 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/telegram.srs", 586 | "download_detour": "direct", 587 | "update_interval": "7d" 588 | }, 589 | { 590 | "tag": "geosite-twitter", 591 | "type": "remote", 592 | "format": "binary", 593 | "path": "/mssb/sing-box/rule/geosite/twitter.srs", 594 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/twitter.srs", 595 | "download_detour": "direct", 596 | "update_interval": "7d" 597 | }, 598 | { 599 | "tag": "geosite-facebook", 600 | "type": "remote", 601 | "format": "binary", 602 | "path": "/mssb/sing-box/rule/geosite/facebook.srs", 603 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/facebook.srs", 604 | "download_detour": "direct", 605 | "update_interval": "7d" 606 | }, 607 | { 608 | "tag": "geosite-instagram", 609 | "type": "remote", 610 | "format": "binary", 611 | "path": "/mssb/sing-box/rule/geosite/instagram.srs", 612 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/instagram.srs", 613 | "download_detour": "direct", 614 | "update_interval": "7d" 615 | }, 616 | { 617 | "tag": "geosite-amazon", 618 | "type": "remote", 619 | "format": "binary", 620 | "path": "/mssb/sing-box/rule/geosite/amazon.srs", 621 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/amazon.srs", 622 | "download_detour": "direct", 623 | "update_interval": "7d" 624 | }, 625 | { 626 | "tag": "geosite-apple", 627 | "type": "remote", 628 | "format": "binary", 629 | "path": "/mssb/sing-box/rule/geosite/apple.srs", 630 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/apple.srs", 631 | "download_detour": "direct", 632 | "update_interval": "7d" 633 | }, 634 | { 635 | "tag": "geosite-microsoft", 636 | "type": "remote", 637 | "format": "binary", 638 | "path": "/mssb/sing-box/rule/geosite/microsoft.srs", 639 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/microsoft.srs", 640 | "download_detour": "direct", 641 | "update_interval": "7d" 642 | }, 643 | { 644 | "tag": "geosite-category-games", 645 | "type": "remote", 646 | "format": "binary", 647 | "path": "/mssb/sing-box/rule/geosite/category-games.srs", 648 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-games.srs", 649 | "download_detour": "direct", 650 | "update_interval": "7d" 651 | }, 652 | { 653 | "tag": "geosite-category-games-cn", 654 | "type": "remote", 655 | "format": "binary", 656 | "path": "/mssb/sing-box/rule/geosite/category-games@cn.srs", 657 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-games@cn.srs", 658 | "download_detour": "direct", 659 | "update_interval": "7d" 660 | }, 661 | { 662 | "tag": "geosite-bilibili", 663 | "type": "remote", 664 | "format": "binary", 665 | "path": "/mssb/sing-box/rule/geosite/bilibili.srs", 666 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/bilibili.srs", 667 | "download_detour": "direct", 668 | "update_interval": "7d" 669 | }, 670 | { 671 | "tag": "geosite-tiktok", 672 | "type": "remote", 673 | "format": "binary", 674 | "path": "/mssb/sing-box/rule/geosite/tiktok.srs", 675 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/tiktok.srs", 676 | "download_detour": "direct", 677 | "update_interval": "7d" 678 | }, 679 | { 680 | "tag": "geosite-netflix", 681 | "type": "remote", 682 | "format": "binary", 683 | "path": "/mssb/sing-box/rule/geosite/netflix.srs", 684 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/netflix.srs", 685 | "download_detour": "direct", 686 | "update_interval": "7d" 687 | }, 688 | { 689 | "tag": "geosite-hbo", 690 | "type": "remote", 691 | "format": "binary", 692 | "path": "/mssb/sing-box/rule/geosite/hbo.srs", 693 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/hbo.srs", 694 | "download_detour": "direct", 695 | "update_interval": "7d" 696 | }, 697 | { 698 | "tag": "geosite-disney", 699 | "type": "remote", 700 | "format": "binary", 701 | "path": "/mssb/sing-box/rule/geosite/disney.srs", 702 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/disney.srs", 703 | "download_detour": "direct", 704 | "update_interval": "7d" 705 | }, 706 | { 707 | "tag": "geosite-primevideo", 708 | "type": "remote", 709 | "format": "binary", 710 | "path": "/mssb/sing-box/rule/geosite/primevideo.srs", 711 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/primevideo.srs", 712 | "download_detour": "direct", 713 | "update_interval": "7d" 714 | }, 715 | { 716 | "tag": "geosite-cn", 717 | "type": "remote", 718 | "format": "binary", 719 | "path": "/mssb/sing-box/rule/geosite/geosite-cn.srs", 720 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/cn.srs", 721 | "download_detour": "direct", 722 | "update_interval": "7d" 723 | }, 724 | { 725 | "tag": "geosite-geolocation-!cn", 726 | "type": "remote", 727 | "format": "binary", 728 | "path": "/mssb/sing-box/rule/geosite/geolocation-!cn.srs", 729 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs", 730 | "download_detour": "direct", 731 | "update_interval": "7d" 732 | }, 733 | { 734 | "tag": "geosite-category-ads-all", 735 | "type": "remote", 736 | "format": "binary", 737 | "path": "/mssb/sing-box/rule/geosite/category-ads-all.srs", 738 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-ads-all.srs", 739 | "download_detour": "direct", 740 | "update_interval": "7d" 741 | } 742 | ] 743 | } 744 | } 745 | 746 | -------------------------------------------------------------------------------- /mssb/sing-box/rule/geoip/facebook.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geoip/facebook.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geoip/geoip-cn.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geoip/geoip-cn.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geoip/google.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geoip/google.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geoip/netflix.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geoip/netflix.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geoip/telegram.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geoip/telegram.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geoip/twitter.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geoip/twitter.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/amazon.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/amazon.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/apple.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/apple.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/bilibili.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/bilibili.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/category-ads-all.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/category-ads-all.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/category-games.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/category-games.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/category-games@cn.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/category-games@cn.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/disney.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/disney.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/facebook.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/facebook.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/geolocation-!cn.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/geolocation-!cn.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/geosite-cn.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/geosite-cn.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/github.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/github.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/google.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/google.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/hbo.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/hbo.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/instagram.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/instagram.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/microsoft.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/microsoft.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/netflix.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/netflix.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/openai.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/openai.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/primevideo.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/primevideo.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/telegram.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/telegram.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/tiktok.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/tiktok.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/twitter.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/twitter.srs -------------------------------------------------------------------------------- /mssb/sing-box/rule/geosite/youtube.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/rule/geosite/youtube.srs -------------------------------------------------------------------------------- /mssb/sing-box/ruleset/mydirect.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": 1, 3 | "rules": [ 4 | { 5 | "domain": [ 6 | "doumao.fun" 7 | ], 8 | "domain_keyword": [ 9 | "announce", 10 | "tracker" 11 | ], 12 | "domain_suffix": [ 13 | "plex.direct", 14 | "v4.plex.tv" 15 | ], 16 | "ip_cidr": [ 17 | "192.168.20.0/24" 18 | ] 19 | } 20 | ] 21 | } 22 | -------------------------------------------------------------------------------- /mssb/sing-box/ruleset/myproxy.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": 1, 3 | "rules": [ 4 | { 5 | "domain": [ 6 | "hub.docker.com", 7 | "fast.com", 8 | "github.com" 9 | ], 10 | "domain_keyword": [ 11 | 12 | ], 13 | "domain_suffix": [ 14 | "provider.plex.tv", 15 | "www.plex.tv", 16 | "metadata-static.plex.tv", 17 | "metadata.provider.plex.tv", 18 | "analytics.plex.tv", 19 | "meta.plex.tv", 20 | "support.plex.tv", 21 | "forums.plex.tv", 22 | "downloads.plex.tv", 23 | "clients.plex.tv", 24 | "pubsub.plex.tv", 25 | "images.plex.tv", 26 | "together.plex.tv", 27 | "community.plex.tv", 28 | "scrobbles.plex.tv", 29 | "app.plex.tv", 30 | "features.plex.tv" 31 | ], 32 | "source_ip_cidr": [ 33 | "192.168.20.135", 34 | "192.168.20.77", 35 | "192.168.20.3", 36 | "192.168.20.4" 37 | ] 38 | } 39 | ] 40 | } 41 | -------------------------------------------------------------------------------- /mssb/sing-box/ruleset/networktest.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/ruleset/networktest.srs -------------------------------------------------------------------------------- /mssb/sing-box/ruleset/pt.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/baozaodetudou/mssb/c3451929c57d81ce844cf21fc99eadba4612d78c/mssb/sing-box/ruleset/pt.srs -------------------------------------------------------------------------------- /run_msmo/supervisord.conf: -------------------------------------------------------------------------------- 1 | [unix_http_server] 2 | file=/var/run/supervisor.sock ; (the path to the socket file) 3 | chmod=0700 ; sockef file mode (default 0700) 4 | 5 | [supervisord] 6 | logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log) 7 | pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) 8 | childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP) 9 | 10 | ; the below section must remain in the config file for RPC 11 | ; (supervisorctl/web interface) to work, additional interfaces may be 12 | ; added by defining them in separate rpcinterface: sections 13 | [rpcinterface:supervisor] 14 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface 15 | 16 | [inet_http_server] 17 | port=*:9001 ; 监听地址和端口,例如:http://127.0.0.1:9001 18 | username=mssb ; 可选:设置登录用户名 19 | password=mssb123.. ; 可选:设置登录密码 20 | 21 | [supervisorctl] 22 | serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket 23 | 24 | ; The [include] section can just contain the "files" setting. This 25 | ; setting can list multiple files (separated by whitespace or 26 | ; newlines). It can also contain wildcards. The filenames are 27 | ; interpreted as relative to this file. Included files *cannot* 28 | ; include files themselves. 29 | 30 | [include] 31 | files = /etc/supervisor/conf.d/*.conf 32 | 33 | [program:mosdns] 34 | command=/usr/local/bin/mosdns start --dir /mssb/mosdns 35 | autostart=true 36 | autorestart=true 37 | stdout_logfile=/var/log/supervisor/mosdns_stdout.log 38 | stderr_logfile=/var/log/supervisor/mosdns_stderr.log 39 | stdout_logfile_maxbytes=2MB 40 | stderr_logfile_maxbytes=2MB 41 | 42 | [program:mihomo] 43 | command=/usr/local/bin/mihomo -d /mssb/mihomo/ 44 | autostart=true 45 | autorestart=true 46 | stdout_logfile=/var/log/supervisor/mihomo_stdout.log 47 | stderr_logfile=/var/log/supervisor/mihomo_stderr.log 48 | stdout_logfile_maxbytes=2MB 49 | stderr_logfile_maxbytes=2MB 50 | 51 | [program:filebrowser] 52 | command=/usr/local/bin/filebrowser -c /mssb/fb/fb.json -d /mssb/fb/fb.db --root /mssb --address 0.0.0.0 --port 8088 53 | autostart=true 54 | autorestart=true 55 | stdout_logfile=/var/log/supervisor/filebrowser_stdout.log 56 | stderr_logfile=/var/log/supervisor/filebrowser_stderr.log 57 | stdout_logfile_maxbytes=2MB 58 | stderr_logfile_maxbytes=2MB 59 | 60 | [program:watch_mosdns] 61 | command=/watch/watch_mosdns.sh 62 | autostart=true 63 | autorestart=true 64 | stdout_logfile=/var/log/supervisor/watch_mosdns_stdout.log 65 | stderr_logfile=/var/log/supervisor/watch_mosdns_stderr.log 66 | stdout_logfile_maxbytes=2MB 67 | stderr_logfile_maxbytes=2MB 68 | 69 | [program:watch_mihomo] 70 | command=/watch/watch_mihomo.sh 71 | autostart=true 72 | autorestart=true 73 | stdout_logfile=/var/log/supervisor/watch_mihomo_stdout.log 74 | stderr_logfile=/var/log/supervisor/watch_mihomo_stderr.log 75 | stdout_logfile_maxbytes=2MB 76 | stderr_logfile_maxbytes=2MB 77 | -------------------------------------------------------------------------------- /run_mssb/supervisord.conf: -------------------------------------------------------------------------------- 1 | [unix_http_server] 2 | file=/var/run/supervisor.sock ; (the path to the socket file) 3 | chmod=0700 ; sockef file mode (default 0700) 4 | 5 | [supervisord] 6 | logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log) 7 | pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) 8 | childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP) 9 | 10 | ; the below section must remain in the config file for RPC 11 | ; (supervisorctl/web interface) to work, additional interfaces may be 12 | ; added by defining them in separate rpcinterface: sections 13 | [rpcinterface:supervisor] 14 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface 15 | 16 | [inet_http_server] 17 | port=*:9001 ; 监听地址和端口,例如:http://127.0.0.1:9001 18 | username=mssb ; 可选:设置登录用户名 19 | password=mssb123.. ; 可选:设置登录密码 20 | 21 | [supervisorctl] 22 | serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket 23 | 24 | ; The [include] section can just contain the "files" setting. This 25 | ; setting can list multiple files (separated by whitespace or 26 | ; newlines). It can also contain wildcards. The filenames are 27 | ; interpreted as relative to this file. Included files *cannot* 28 | ; include files themselves. 29 | 30 | [include] 31 | files = /etc/supervisor/conf.d/*.conf 32 | 33 | [program:mosdns] 34 | command=/usr/local/bin/mosdns start --dir /mssb/mosdns 35 | autostart=true 36 | autorestart=true 37 | stdout_logfile=/var/log/supervisor/mosdns_stdout.log 38 | stderr_logfile=/var/log/supervisor/mosdns_stderr.log 39 | stdout_logfile_maxbytes=2MB 40 | stderr_logfile_maxbytes=2MB 41 | 42 | [program:sing-box] 43 | command=/usr/local/bin/sing-box run -c /mssb/sing-box/config.json 44 | autostart=true 45 | autorestart=true 46 | stdout_logfile=/var/log/supervisor/sing_box_stdout.log 47 | stderr_logfile=/var/log/supervisor/sing_box_stderr.log 48 | stdout_logfile_maxbytes=2MB 49 | stderr_logfile_maxbytes=2MB 50 | 51 | [program:filebrowser] 52 | command=/usr/local/bin/filebrowser -c /mssb/fb/fb.json -d /mssb/fb/fb.db --root /mssb --address 0.0.0.0 --port 8088 53 | autostart=true 54 | autorestart=true 55 | stdout_logfile=/var/log/supervisor/filebrowser_stdout.log 56 | stderr_logfile=/var/log/supervisor/filebrowser_stderr.log 57 | stdout_logfile_maxbytes=2MB 58 | stderr_logfile_maxbytes=2MB 59 | 60 | [program:watch_mosdns] 61 | command=/watch/watch_mosdns.sh 62 | autostart=true 63 | autorestart=true 64 | stdout_logfile=/var/log/supervisor/watch_mosdns_stdout.log 65 | stderr_logfile=/var/log/supervisor/watch_mosdns_stderr.log 66 | stdout_logfile_maxbytes=2MB 67 | stderr_logfile_maxbytes=2MB 68 | 69 | [program:watch_sing_box] 70 | command=/watch/watch_sing_box.sh 71 | autostart=true 72 | autorestart=true 73 | stdout_logfile=/var/log/supervisor/watch_sing_box_stdout.log 74 | stderr_logfile=/var/log/supervisor/watch_sing_box_stderr.log 75 | stdout_logfile_maxbytes=2MB 76 | stderr_logfile_maxbytes=2MB 77 | -------------------------------------------------------------------------------- /update_sub.py: -------------------------------------------------------------------------------- 1 | import json 2 | import argparse 3 | import os 4 | import shutil 5 | 6 | def modify_outbound_providers(json_file, outbound_providers_value): 7 | # 检查文件是否存在 8 | if not os.path.exists(json_file): 9 | print(f"错误: 文件 '{json_file}' 不存在") 10 | return 11 | 12 | # 读取 JSON 文件 13 | with open(json_file, 'r', encoding='utf-8') as file: 14 | try: 15 | data = json.load(file) 16 | except json.JSONDecodeError as e: 17 | print(f"错误: 无法解析 JSON 文件 - {e}") 18 | return 19 | 20 | # 创建备份文件 21 | backup_file = f"{json_file}.bak" 22 | shutil.copy(json_file, backup_file) 23 | print(f"备份文件已创建: '{backup_file}'") 24 | 25 | # 修改 JSON 中的 outbound_providers 的值 26 | data['outbound_providers'] = outbound_providers_value 27 | 28 | # 将修改后的内容写回 JSON 文件 29 | with open(json_file, 'w', encoding='utf-8') as file: 30 | json.dump(data, file, indent=4, ensure_ascii=False) 31 | 32 | print("outbound_providers 已成功更新为:") 33 | print(json.dumps(data['outbound_providers'], indent=4, ensure_ascii=False)) 34 | 35 | # 主函数 36 | if __name__ == "__main__": 37 | # 设置命令行参数 38 | parser = argparse.ArgumentParser(description="修改 config.json 中 outbound_providers 的值") 39 | parser.add_argument('-f', '--file', type=str, default='/mssb/sing-box/config.json', help='JSON 文件路径,默认为 /mssb/sing-box/config.json') 40 | parser.add_argument('-v', '--value', type=str, required=True, help='机场订阅 URL') 41 | 42 | # 解析参数 43 | args = parser.parse_args() 44 | print(args.value) 45 | 46 | outbound_providers_value = [] 47 | for index, url in enumerate(args.value.split(' '), start=1): 48 | # 构建 outbound_providers 的新值 49 | outbound_providers_value.append({ 50 | "type": "remote", 51 | "path": f"/mssb/sing-box/providers/{index}.yaml", 52 | "tag": f"✈️机场{index}", 53 | "healthcheck_url": "http://www.gstatic.com/generate_204", 54 | "healthcheck_interval": "10m0s", 55 | "download_url": url, 56 | "download_ua": "clash.meta", 57 | "download_interval": "24h0m0s", 58 | "download_detour": "direct" 59 | }) 60 | # 修改 outbound_providers 61 | modify_outbound_providers(args.file, outbound_providers_value) 62 | -------------------------------------------------------------------------------- /watch/update_cn.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 如果代理变量非空,则设置 curl 命令使用代理 4 | if [ -n "$proxy" ]; then 5 | CURL_COMMAND="curl --progress-bar --show-error -x $proxy -o" 6 | else 7 | CURL_COMMAND="curl --progress-bar --show-error -o" 8 | fi 9 | 10 | # 定义一个函数来处理下载结果 11 | download_file() { 12 | local url=$1 13 | local destination=$2 14 | local description=$3 15 | 16 | echo "## 正在更新 ${description}..." 17 | if $CURL_COMMAND "$destination" "$url"; then 18 | echo "[$(date)] ${description} 更新成功。" 19 | else 20 | echo "[$(date)] ${description} 更新失败,请检查网络连接或 URL 是否正确。" 21 | exit 1 # 如果下载失败,则退出脚本 22 | fi 23 | } 24 | 25 | # 开始更新 MosDNS 文件 26 | echo "[$(date)] 开始更新 MosDNS 文件..." 27 | 28 | download_file "https://raw.githubusercontent.com/lingkai995/geoip/refs/heads/release/apple-cn.txt" "/mssb/mosdns/apple-cn.txt" "apple-cn.txt" 29 | download_file "https://raw.githubusercontent.com/17mon/china_ip_list/master/china_ip_list.txt" "/mssb/mosdns/china_ip_list.txt" "china_ip_list.txt" 30 | download_file "https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/direct-list.txt" "/mssb/mosdns/direct-list.txt" "direct-list.txt" 31 | download_file "https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/proxy-list.txt" "/mssb/mosdns/proxy-list.txt" "proxy-list.txt" 32 | download_file "https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/reject-list.txt" "/mssb/mosdns/reject-list.txt" "reject-list.txt" 33 | 34 | echo "[$(date)] MosDNS 文件更新完成!" 35 | 36 | # 重启 MosDNS 服务 37 | echo "[$(date)] 正在通过 Supervisor 重启 MosDNS 服务..." 38 | if supervisorctl restart mosdns; then 39 | echo "[$(date)] MosDNS 服务重启成功。" 40 | else 41 | echo "[$(date)] MosDNS 服务重启失败,请检查 Supervisor 配置。" 42 | exit 1 # 如果重启失败,退出脚本 43 | fi 44 | 45 | # 完成更新和重启日志 46 | echo "[$(date)] MosDNS 更新和重启流程成功完成。" 47 | -------------------------------------------------------------------------------- /watch/update_mihomo.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 颜色变量 4 | yellow="\033[33m" 5 | green_text="\033[32m" 6 | reset="\033[0m" 7 | 8 | # 日志函数 9 | log() { 10 | echo -e "[$(date +'%F %T')] ${yellow}$*${reset}" 11 | } 12 | 13 | # 检测系统架构 14 | detect_architecture() { 15 | case "$(uname -m)" in 16 | x86_64) echo "amd64" ;; 17 | aarch64) echo "arm64" ;; 18 | armv7l) echo "armv7" ;; 19 | armhf) echo "armhf" ;; 20 | s390x) echo "s390x" ;; 21 | i386|i686) echo "386" ;; 22 | *) 23 | log "不支持的CPU架构: $(uname -m)" 24 | exit 1 25 | ;; 26 | esac 27 | } 28 | 29 | # 安装 Mihomo 核心 30 | mihomo_install() { 31 | arch=$(detect_architecture) 32 | download_url="https://github.com/herozmy/StoreHouse/releases/download/mihomo/mihomo-meta-linux-${arch}.tar.gz" 33 | log "开始下载 Mihomo 核心:$download_url" 34 | 35 | if ! wget -O /tmp/mihomo.tar.gz "$download_url"; then 36 | log "Mihomo 下载失败,请检查网络连接" 37 | exit 1 38 | fi 39 | 40 | log "Mihomo 下载完成,开始安装..." 41 | mkdir -p /usr/local/bin 42 | tar -zxvf /tmp/mihomo.tar.gz -C /usr/local/bin > /dev/null 2>&1 || { 43 | log "解压 Mihomo 失败,请检查压缩包完整性" 44 | exit 1 45 | } 46 | 47 | chmod +x /usr/local/bin/mihomo || log "警告:未能设置 Mihomo 执行权限" 48 | rm -f /tmp/mihomo.tar.gz 49 | log "Mihomo 安装完成,临时文件已清理" 50 | } 51 | 52 | # 下载 UI 源码函数 53 | git_ui() { 54 | if git clone --depth=1 https://github.com/Zephyruso/zashboard.git -b gh-pages /mssb/${core_name}/ui; then 55 | echo -e "UI 源码拉取${green_text}成功${reset}。" 56 | else 57 | echo "拉取源码失败,请手动下载源码并解压至 /mssb/${core_name}/ui" 58 | echo "地址: https://github.com/Zephyruso/zashboard.git" 59 | fi 60 | } 61 | 62 | # 主逻辑 63 | log "开始更新 mihomo..." 64 | 65 | # 设置核心名称(默认值) 66 | core_name="mihomo" 67 | 68 | # 安装核心 69 | mihomo_install 70 | 71 | # 拉取 UI 72 | git_ui 73 | 74 | # 重启服务 75 | log "正在通过 Supervisor 重启 mihomo 服务..." 76 | if supervisorctl restart mihomo && systemctl restart mihomo-router; then 77 | log "mihomo 服务重启成功。" 78 | else 79 | log "mihomo 服务重启失败,请检查 Supervisor 配置。" 80 | exit 1 81 | fi 82 | 83 | # 清理临时文件 84 | rm -rf /tmp/* 85 | -------------------------------------------------------------------------------- /watch/update_mosdns.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 定义颜色变量 3 | yellow="\033[33m" 4 | reset="\033[0m" 5 | 6 | # 记录当前时间 7 | echo "[$(date)] 开始更新 MosDNS..." 8 | 9 | # 获取系统架构 10 | # 检测系统 CPU 架构,并返回标准格式(适用于多数构建/下载脚本) 11 | detect_architecture() { 12 | case "$(uname -m)" in 13 | x86_64) echo "amd64" ;; # 64 位 x86 架构 14 | aarch64) echo "arm64" ;; # 64 位 ARM 架构 15 | armv7l) echo "armv7" ;; # 32 位 ARM 架构(常见于树莓派) 16 | armhf) echo "armhf" ;; # ARM 硬浮点 17 | s390x) echo "s390x" ;; # IBM 架构 18 | i386|i686) echo "386" ;; # 32 位 x86 架构 19 | *) 20 | echo -e "${yellow}不支持的CPU架构: $(uname -m)${reset}" 21 | exit 1 22 | ;; 23 | esac 24 | } 25 | 26 | #LATEST_RELEASE_URL="https://github.com/IrineSistiana/mosdns/releases/latest" 27 | #LATEST_VERSION=$(curl -sL -o /dev/null -w %{url_effective} $LATEST_RELEASE_URL | awk -F '/' '{print $NF}') 28 | #MOSDNS_URL="https://github.com/IrineSistiana/mosdns/releases/download/${LATEST_VERSION}/mosdns-linux-${TARGETARCH}.zip" 29 | arch=$(detect_architecture) 30 | MOSDNS_URL="https://github.com/herozmy/StoreHouse/releases/download/mosdns/mosdns-linux-${arch}.zip" 31 | 32 | # 下载最新的 MosDNS 33 | echo "[$(date)] 正在从 $MOSDNS_URL 下载 MosDNS..." 34 | if curl -L -o /tmp/mosdns.zip $MOSDNS_URL; then 35 | echo "[$(date)] MosDNS 下载成功。" 36 | else 37 | echo "[$(date)] MosDNS 下载失败,请检查网络连接或 URL 是否正确。" 38 | exit 1 39 | fi 40 | 41 | # 解压并安装 MosDNS 42 | echo "[$(date)] 正在解压 MosDNS..." 43 | if unzip -o /tmp/mosdns.zip -d /usr/local/bin; then 44 | echo "[$(date)] MosDNS 解压成功。" 45 | else 46 | echo "[$(date)] MosDNS 解压失败,请检查压缩包是否正确。" 47 | exit 1 48 | fi 49 | 50 | # 设置执行权限 51 | echo "[$(date)] 正在设置 MosDNS 可执行权限..." 52 | if chmod +x /usr/local/bin/mosdns; then 53 | echo "[$(date)] 设置执行权限成功。" 54 | else 55 | echo "[$(date)] 设置执行权限失败,请检查文件路径和权限设置。" 56 | exit 1 57 | fi 58 | 59 | # 清理临时文件 60 | rm -rf /tmp/* 61 | 62 | # 重启 MosDNS 服务 63 | echo "[$(date)] 正在通过 Supervisor 重启 MosDNS 服务..." 64 | if supervisorctl restart mosdns; then 65 | echo "[$(date)] MosDNS 服务重启成功。" 66 | else 67 | echo "[$(date)] MosDNS 服务重启失败,请检查 Supervisor 配置。" 68 | exit 1 69 | fi 70 | 71 | # 更新完成日志 72 | echo "[$(date)] MosDNS 更新并重启成功。" 73 | -------------------------------------------------------------------------------- /watch/update_sb.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 定义颜色变量 4 | yellow="\033[33m" 5 | green="\033[32m" 6 | reset="\033[0m" 7 | 8 | log() { 9 | echo -e "[$(date +'%F %T')] $*" 10 | } 11 | 12 | # 检测系统 CPU 架构 13 | detect_architecture() { 14 | case "$(uname -m)" in 15 | x86_64) echo "amd64" ;; 16 | aarch64) echo "arm64" ;; 17 | armv7l) echo "armv7" ;; 18 | armhf) echo "armhf" ;; 19 | s390x) echo "s390x" ;; 20 | i386|i686) echo "386" ;; 21 | *) 22 | echo -e "${yellow}不支持的CPU架构: $(uname -m)${reset}" 23 | exit 1 24 | ;; 25 | esac 26 | } 27 | 28 | # 主体流程 29 | main() { 30 | log "开始更新 Sing-box..." 31 | 32 | arch=$(detect_architecture) 33 | SING_BOX_URL="https://github.com/herozmy/StoreHouse/releases/download/sing-box/sing-box-puernya-linux-${arch}.tar.gz" 34 | 35 | log "正在从 $SING_BOX_URL 下载 Sing-box..." 36 | if wget -O /tmp/sing-box.tar.gz "$SING_BOX_URL"; then 37 | log "Sing-box 下载成功。" 38 | else 39 | log "Sing-box 下载失败,请检查网络连接或 URL 是否正确。" 40 | exit 1 41 | fi 42 | 43 | log "正在解压 Sing-box..." 44 | if tar -zxvf /tmp/sing-box.tar.gz -C /usr/local/bin; then 45 | log "Sing-box 解压成功。" 46 | else 47 | log "Sing-box 解压失败,请检查压缩包是否正确。" 48 | exit 1 49 | fi 50 | 51 | log "设置 Sing-box 可执行权限..." 52 | if chmod +x /usr/local/bin/sing-box; then 53 | log "设置执行权限成功。" 54 | else 55 | log "设置执行权限失败,请检查文件路径和权限。" 56 | exit 1 57 | fi 58 | 59 | # 更新 UI 60 | log "准备更新 UI..." 61 | mkdir -p /mssb/sing-box/ui/ 62 | rm -rf /tmp/ui 63 | if git clone --depth=1 https://github.com/Zephyruso/zashboard.git -b gh-pages /tmp/ui; then 64 | cp -r /tmp/ui/* /mssb/sing-box/ui/ 65 | log "UI 文件克隆并复制成功。" 66 | else 67 | log "UI 文件克隆失败,请检查 GitHub URL 或网络连接。" 68 | exit 1 69 | fi 70 | 71 | # 重启服务 72 | log "正在通过 Supervisor 重启 Sing-box 服务..." 73 | if supervisorctl restart sing-box && systemctl restart sing-box-router; then 74 | log "Sing-box 服务重启成功。" 75 | else 76 | log "Sing-box 服务重启失败,请检查 Supervisor 配置。" 77 | exit 1 78 | fi 79 | 80 | # 清理临时文件 81 | rm -rf /tmp/* 82 | log "${green}Sing-box 更新完成,临时文件已清理。${reset}" 83 | } 84 | 85 | # 执行主函数 86 | main 87 | -------------------------------------------------------------------------------- /watch/watch_mihomo.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 延迟 60 秒 3 | sleep 60 4 | # 需要监听的目录 5 | CONFIG_DIR="/mssb/mihomo" 6 | 7 | # 使用 inotifywait 监听特定文件类型的变动 8 | while true; do 9 | inotifywait -e modify,create,delete -r $CONFIG_DIR --include '.*\.(txt|yaml|json|srs|yml)$' 10 | echo "mihomo 配置文件发生变化,重启 mihomo 服务..." 11 | 12 | # 通过 supervisorctl 重启 mihomo 服务 13 | supervisorctl restart mihomo 14 | done 15 | -------------------------------------------------------------------------------- /watch/watch_mosdns.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 防抖时间(秒) 3 | DEBOUNCE_TIME=6 4 | CONFIG_DIR="/mssb/mosdns" 5 | LAST_RESTART=0 6 | 7 | echo "$(date '+%Y-%m-%d %H:%M:%S') 启动 MosDNS 配置文件监控..." 8 | 9 | while read -r EVENT FILE; do 10 | # 只处理特定扩展名文件 11 | if [[ "$FILE" =~ \.(txt|yaml|yml|json|srs)$ ]]; then 12 | CURRENT_TIME=$(date +%s) 13 | if (( CURRENT_TIME - LAST_RESTART >= DEBOUNCE_TIME )); then 14 | echo "$(date '+%Y-%m-%d %H:%M:%S') 有效变更: [$EVENT] $FILE" 15 | 16 | if supervisorctl restart mosdns; then 17 | LAST_RESTART=$CURRENT_TIME 18 | echo "$(date '+%Y-%m-%d %H:%M:%S') 重启成功 ✅,下次可重启时间: $(date -d @"$((LAST_RESTART + DEBOUNCE_TIME))" '+%Y-%m-%d %H:%M:%S')" 19 | else 20 | echo "$(date '+%Y-%m-%d %H:%M:%S') ❌ 重启失败,当前状态:" 21 | supervisorctl status mosdns 22 | fi 23 | else 24 | echo "$(date '+%Y-%m-%d %H:%M:%S') 防抖忽略: [$EVENT] $FILE" 25 | fi 26 | fi 27 | done < <( 28 | inotifywait -q -m -e modify,create,delete,move -r "$CONFIG_DIR" \ 29 | --exclude '/mssb/mosdns/gen' \ 30 | --format '%e %w%f' 31 | ) 32 | -------------------------------------------------------------------------------- /watch/watch_sing_box.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 延迟 60 秒 3 | sleep 60 4 | # 需要监听的目录 5 | CONFIG_DIR="/mssb/sing-box" 6 | 7 | # 使用 inotifywait 监听特定文件类型的变动 8 | while true; do 9 | inotifywait -e modify,create,delete -r $CONFIG_DIR --include '.*\.(txt|yaml|json|srs|yml)$' 10 | echo "Sing-box 配置文件发生变化,重启 Sing-box 服务..." 11 | 12 | # 通过 supervisorctl 重启 Sing-box 服务 13 | supervisorctl restart sing-box && systemctl restart sing-box-router 14 | done 15 | --------------------------------------------------------------------------------