├── README.md ├── aio.sh ├── all_install.sh ├── alpine-debian-sb.sh ├── apline-mosdns.sh ├── clash.sh ├── config ├── clash-fake-ip.yaml ├── fake-ip.json └── sb-o.json ├── fake-ip.json ├── fake.sh ├── hy2-gohome.sh ├── install-sing-box-p.sh ├── install-sing-box.sh ├── install.sh ├── ip.sh ├── mosdns-o.sh ├── mosdns-o.zip ├── mosdns-p.sh ├── mosdns-p.zip ├── mosdns-ph ├── config.yaml ├── rule │ ├── blocklist.txt │ ├── cloudflare-cidr.txt │ ├── cnv6-only.txt │ ├── ddnslist.txt │ ├── geoip_cn.txt │ ├── geosite_apple.txt │ ├── geosite_cn.txt │ ├── geosite_geolocation-!cn.txt │ ├── geosite_no_cn.txt │ ├── greylist.txt │ ├── greylist.txt-opkg │ ├── hosts.txt │ ├── local-ptr.txt │ ├── local-ptr.txt-opkg │ ├── redirect.txt │ ├── whitelist.txt │ └── whitelist.txt-opkg └── unpack │ ├── disable-ads.txt │ ├── geoip_cn.txt │ ├── geosite_apple.txt │ ├── geosite_cn.txt │ ├── geosite_geolocation-!cn.txt │ └── geosite_geolocation-!cn.txt.bak ├── mosdns ├── config.yaml ├── disable-ads.txt ├── geoip_cn.txt ├── geosite_apple.txt ├── geosite_cn.txt ├── geosite_geolocation_noncn.txt ├── gfw.txt ├── mos_rule_update.sh └── rule │ ├── adlist.txt │ ├── blocklist.txt │ ├── cloudflare-cidr.txt │ ├── ddnslist.txt │ ├── greylist.txt │ ├── greylist.txt-opkg │ ├── hosts.txt │ ├── local-ptr.txt │ ├── local-ptr.txt-opkg │ ├── localptr.txt │ ├── redirect.txt │ ├── streaming.txt │ ├── whitelist.txt │ └── whitelist.txt-opkg ├── pve.sh ├── sb-o.json ├── singbox_rule ├── geoip │ ├── facebook.srs │ ├── geoip-cn.srs │ ├── google.srs │ ├── netflix.srs │ ├── telegram.srs │ └── twitter.srs └── geosite │ ├── amazon.srs │ ├── apple.srs │ ├── bilibili.srs │ ├── category-ads-all.srs │ ├── category-games.srs │ ├── category-games@cn.srs │ ├── disney.srs │ ├── facebook.srs │ ├── geolocation-!cn.srs │ ├── geosite-cn.srs │ ├── github.srs │ ├── google.srs │ ├── hbo.srs │ ├── instagram.srs │ ├── microsoft.srs │ ├── netflix.srs │ ├── openai.srs │ ├── primevideo.srs │ ├── telegram.srs │ ├── tiktok.srs │ ├── twitter.srs │ └── youtube.srs └── tproxy.json /README.md: -------------------------------------------------------------------------------- 1 | # install mosdns&sing-box fakeip模式 2 | 3 | ## 特解鸣谢: 4 | * @Panicpanic 5 | 6 | 7 | * @ovpavac 8 | ## 前言: 9 | 脚本根据O佬手搓流程写成 10 | 相关分流规则有O佬和ph佬两套配置 11 | 新手小白所以写的不咋地,有bug也不要见怪 12 | sing-box有两版内核分别: 13 | * 官方内核 14 | * puer sing-box内核 {支持机场} 15 | 16 | 脚本内的sing-box和mosdns请分为两个系统sing-box最好使用VM安装,当然lxc也可以。mosdns lxc vm都可以 17 | * 仅测试Ubuntu22.04安装,理论支持debian系统 18 | 19 | 支持:amd64 arm64 20 | 多合一脚本: 21 | ``` shell 22 | wget https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/install.sh && bash install.sh 23 | ``` 24 | 脚本内生成配置处`订阅地址`为自建[sub-singbox](https://github.com/Toperlock/sing-box-subscribe)转换方案,默认为本人自用地址,如有需要可以在github里的`install-sing-box.sh`里`sub_host=`后自行修改替换 25 | 26 | 27 | 更新记录: 28 | 29 | 增加写入快捷 方式: 30 | ``` shell 31 | wget -O /usr/bin/fake https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/fake.sh && chmod +x /usr/bin/fake 32 | ``` 33 | 之后更新核心配置。输入`fake`即可 34 | -------------------------------------------------------------------------------- /alpine-debian-sb.sh: -------------------------------------------------------------------------------- 1 | check_os(){ 2 | #获取系统发行版信息 3 | if [[ -f /etc/os-release ]]; then 4 | source /etc/os-release 5 | release=$ID 6 | elif [[ -f /usr/lib/os-release ]]; then 7 | source /usr/lib/os-release 8 | release=$ID 9 | else 10 | echo -e "${red_text}无法确定当前系统,请使用Debian/Ubuntu/Alpine/armbian运行此脚本${reset}" >&2 11 | exit 1 12 | fi 13 | 14 | echo -e "当前系统: ${green_text}${release}${reset}" 15 | 16 | # 支持的系统 17 | supported_systems=("ubuntu" "debian" "alpine") 18 | 19 | # 未测试兼容性的系统 20 | untested_systems=("arch" "armbian") 21 | 22 | # 不支持的系统 23 | unsupported_systems=("parch" "manjaro" "opensuse-tumbleweed" "centos" "fedora" "almalinux" "rocky" "oracle") 24 | 25 | # 检测系统 26 | if [[ " ${supported_systems[@]} " =~ " ${release} " ]]; then 27 | echo -e "${green_text}系统检测通过${reset}" 28 | export SYSTEM_RELEASE="$release" 29 | install_singbox 30 | elif [[ " ${untested_systems[@]} " =~ " ${release} " ]]; then 31 | echo -e "${red_text}${release}: 未测试兼容性${reset}" 32 | main 33 | elif [[ " ${unsupported_systems[@]} " =~ " ${release} " ]]; then 34 | echo -e "${red_text}${release}: 系统检测未通过,不支持${reset}" 35 | exit 1 36 | else 37 | echo -e "${red_text}你的系统不支持当前脚本,未通过兼容性测试${reset}\n" 38 | echo "请重新安装系统,推荐:" 39 | echo "- Ubuntu 20.04+" 40 | echo "- Debian 11+" 41 | echo "- Alpine 3.14+" 42 | exit 1 43 | fi 44 | 45 | } 46 | ################################编译 Sing-Box 的最新版本################################ 47 | install_singbox() { 48 | 49 | 50 | if [[ "$SYSTEM_RELEASE" == "alpine" ]]; then 51 | apk update 52 | apk add curl git build-base openssl-dev libevent-dev gawk nftables|| { echo "软件包安装失败!退出脚本"; exit 1; } 53 | #zlib-dev mingw-w64 54 | setup-timezone -z Asia/Shanghai || { echo "时区设置失败!退出脚本"; exit 1; } 55 | 56 | else 57 | apt update && apt -y upgrade || { echo "更新失败!退出脚本"; exit 1; } 58 | apt -y install curl git build-essential libssl-dev libevent-dev zlib1g-dev gcc-mingw-w64 nftables || { echo "软件包安装失败!退出脚本"; exit 1; } 59 | echo -e "\n设置时区为Asia/Shanghai" 60 | timedatectl set-timezone Asia/Shanghai || { echo -e "\e[31m时区设置失败!退出脚本\e[0m"; exit 1; } 61 | echo -e "\e[32m时区设置成功\e[0m" 62 | fi 63 | 64 | echo -e "编译Sing-Box 最新版本" 65 | sleep 1 66 | echo -e "开始编译Sing-Box 最新版本" 67 | rm -rf /root/go/bin/* 68 | 69 | # 获取 Go 版本 70 | Go_Version=$(curl -s https://github.com/golang/go/tags | grep '/releases/tag/go' | head -n 1 | gawk -F/ '{print $6}' | gawk -F\" '{print $1}') 71 | if [[ -z "$Go_Version" ]]; then 72 | echo "获取 Go 版本失败!退出脚本" 73 | exit 1 74 | fi 75 | 76 | # 判断 CPU 架构 77 | case $(uname -m) in 78 | aarch64) 79 | arch="arm64" 80 | ;; 81 | x86_64) 82 | arch="amd64" 83 | ;; 84 | armv7l) 85 | arch="armv7" 86 | ;; 87 | armhf) 88 | arch="armhf" 89 | ;; 90 | *) 91 | echo "未知的 CPU 架构: $(uname -m),退出脚本" 92 | exit 1 93 | ;; 94 | esac 95 | 96 | echo "系统架构是:$arch" 97 | wget -O ${Go_Version}.linux-$arch.tar.gz https://go.dev/dl/${Go_Version}.linux-$arch.tar.gz || { echo "下载 Go 版本失败!退出脚本"; exit 1; } 98 | tar -C /usr/local -xzf ${Go_Version}.linux-$arch.tar.gz || { echo "解压 Go 文件失败!退出脚本"; exit 1; } 99 | 100 | # 设置 Go 环境变量 101 | echo 'export PATH=$PATH:/usr/local/go/bin' > /etc/profile.d/golang.sh 102 | # 你可能需要手动执行以下命令使环境变量生效 103 | source /etc/profile.d/golang.sh 104 | 105 | # 编译 Sing-Box 106 | if ! go install -v -tags with_quic,with_grpc,with_dhcp,with_wireguard,with_ech,with_utls,with_reality_server,with_clash_api,with_gvisor,with_v2ray_api,with_lwip,with_acme github.com/sagernet/sing-box/cmd/sing-box@latest; then 107 | echo -e "Sing-Box 编译失败!退出脚本" 108 | exit 1 109 | fi 110 | 111 | echo -e "编译完成,开始安装" 112 | sleep 1 113 | 114 | # 检查是否存在旧版本的 sing-box 115 | if [ -f "/usr/local/bin/sing-box" ]; then 116 | echo "检测到已安装的 sing-box" 117 | read -p "是否替换升级?(y/n): " replace_confirm 118 | if [ "$replace_confirm" = "y" ]; then 119 | echo "正在替换升级 sing-box" 120 | cp "$(go env GOPATH)/bin/sing-box" /usr/local/bin/ || { echo "复制文件失败!退出脚本"; exit 1; } 121 | chmod +x /usr/local/bin/sing-box # 确保可执行权限 122 | echo "正在重启 sing-box" 123 | 124 | if [[ "$SYSTEM_RELEASE" == "alpine" ]]; then 125 | rc-service sing-box restart 126 | else 127 | systemctl restart sing-box 128 | fi 129 | 130 | echo "==================================================================" 131 | echo -e "\t\t\tSing-Box 内核升级完毕" 132 | echo -e "\t\t\tPowered by www.herozmy.com 2024" 133 | echo -e "\n" 134 | echo -e "温馨提示:\n本脚本仅在 LXC ubuntu22.04 环境下测试,其他环境未经验证,仅供个人使用" 135 | echo -e "本脚本仅适用于学习与研究等个人用途,请勿用于任何违反国家法律的活动!" 136 | echo "==================================================================" 137 | exit 0 # 替换完成后停止脚本运行 138 | else 139 | echo "用户取消了替换升级操作" 140 | fi 141 | else 142 | # 如果不存在旧版本,则直接安装新版本 143 | cp "$(go env GOPATH)/bin/sing-box" /usr/local/bin/ || { echo "复制文件失败!退出脚本"; exit 1; } 144 | chmod +x /usr/local/bin/sing-box # 确保可执行权限 145 | echo -e "Sing-Box 安装完成" 146 | fi 147 | 148 | # 创建 Sing-Box 配置目录 149 | mkdir -p /etc/sing-box || { echo "创建配置目录失败!退出脚本"; exit 1; } 150 | sleep 1 # 确保添加时间 151 | 152 | 153 | 154 | } 155 | 156 | ################################用户自定义设置################################ 157 | customize_settings() { 158 | echo "是否选择生成配置?(y/n)" 159 | echo "生成配置文件需要添加机场订阅,如自建vps请选择n" 160 | read choice 161 | if [ "$choice" = "y" ]; then 162 | read -p "输入订阅连接:" suburl 163 | suburl="${suburl:-https://}" 164 | echo "已设置订阅连接地址:$suburl" 165 | install_config 166 | 167 | elif [ "$choice" = "n" ]; then 168 | echo "请手动配置config.json." 169 | fi 170 | 171 | } 172 | 173 | ################################开始创建config.json################################ 174 | install_config() { 175 | sub_host="https://sub-singbox.herozmy.com" 176 | echo "请选择:" 177 | echo "1. tproxy_fake_ip O大原版 <适用机场多规则分流> 配合O大mosdns食用" 178 | echo "2. tproxy_fake_ip O大原版 <适用VPS自建模式>配合O大mosdns食用" 179 | read -p "请输入选项 [默认: 1]: " choice 180 | # 如果用户没有输入选择,则默认为1 181 | choice=${choice:-1} 182 | if [ $choice -eq 1 ]; then 183 | json_file="&file=https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/config/fake-ip.json" 184 | elif [ $choice -eq 2 ]; then 185 | json_file="&file=https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/fake-ip.json" 186 | else 187 | echo "无效的选择。" 188 | return 1 189 | fi 190 | curl -o config.json "${sub_host}/config/${suburl}${json_file}" 191 | # 检查下载是否成功 192 | if [ $? -eq 0 ]; then 193 | # 移动文件到目标位置 194 | mv config.json /etc/sing-box/config.json 195 | echo "Sing-box配置文件写入成功!" 196 | else 197 | echo "下载文件失败,请检查网络连接或者URL是否正确。" 198 | fi 199 | } 200 | ######################启动脚本################################ 201 | install_service() { 202 | echo -e "配置系统服务文件" 203 | sleep 1 204 | 205 | if [[ "$SYSTEM_RELEASE" == "alpine" ]]; then 206 | # 检查 /etc/init.d/sing-box 是否存在 207 | if [ ! -f "/etc/init.d/sing-box" ]; then 208 | # 写入 sing-box 开机启动 209 | cat << EOF > /etc/init.d/sing-box 210 | #!/sbin/openrc-run 211 | name=\$RC_SVCNAME 212 | description="sing-box service" 213 | 214 | command="/usr/local/bin/sing-box" 215 | command_args="-D /etc/sing-box -C /etc/sing-box run" 216 | supervisor="supervise-daemon" 217 | 218 | extra_started_commands="reload" 219 | 220 | depend() { 221 | after net dns 222 | } 223 | 224 | reload() { 225 | ebegin "Reloading \$RC_SVCNAME" 226 | supervise-daemon "\$RC_SVCNAME" --signal HUP 227 | eend \$? 228 | } 229 | EOF 230 | chmod +x /etc/init.d/sing-box 231 | echo "sing-box 服务脚本已创建" 232 | else 233 | echo "警告:sing-box 服务文件已存在,无需创建" 234 | fi 235 | else 236 | # 检查服务文件是否存在,如果不存在则创建 237 | sing_box_service_file="/etc/systemd/system/sing-box.service" 238 | if [ ! -f "$sing_box_service_file" ]; then 239 | # 如果服务文件不存在,则创建 240 | cat << EOF > "$sing_box_service_file" 241 | [Unit] 242 | Description=Sing-Box service 243 | Documentation=https://sing-box.sagernet.org 244 | After=network.target nss-lookup.target 245 | 246 | [Service] 247 | CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE 248 | AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE 249 | ExecStart=/usr/local/bin/sing-box run -c /etc/sing-box/config.json 250 | Restart=on-failure 251 | RestartSec=1800s 252 | LimitNOFILE=infinity 253 | 254 | [Install] 255 | WantedBy=multi-user.target 256 | EOF 257 | echo "sing-box 服务创建完成" 258 | else 259 | # 如果服务文件已经存在,则给出警告 260 | echo "警告:sing-box 服务文件已存在,无需创建" 261 | fi 262 | systemctl daemon-reload 263 | fi 264 | 265 | } 266 | ################################安装tproxy################################ 267 | install_tproxy() { 268 | if [ "$SYSTEM_RELEASE" = "ubuntu" ]; then 269 | echo "当前系统为 Ubuntu 系统" 270 | 271 | # 检查 /etc/systemd/resolved.conf 中是否已设置 DNSStubListener=no 272 | if grep -q "^DNSStubListener=no" /etc/systemd/resolved.conf; then 273 | echo "DNSStubListener 已经设置为 no, 无需修改" 274 | else 275 | # 修改 DNSStubListener 设置为 no 276 | sed -i '/^#*DNSStubListener/s/#*DNSStubListener=yes/DNSStubListener=no/' /etc/systemd/resolved.conf 277 | echo "DNSStubListener 已被设置为 no" 278 | 279 | # 重启 systemd-resolved 服务 280 | systemctl restart systemd-resolved.service 281 | sleep 1 282 | fi 283 | fi 284 | 285 | 286 | echo "创建系统转发" 287 | # 判断是否已存在 net.ipv4.ip_forward=1 288 | if ! grep -q '^net.ipv4.ip_forward=1$' /etc/sysctl.conf; then 289 | echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf 290 | fi 291 | 292 | # 判断是否已存在 net.ipv6.conf.all.forwarding = 1 293 | if ! grep -q '^net.ipv6.conf.all.forwarding = 1$' /etc/sysctl.conf; then 294 | echo 'net.ipv6.conf.all.forwarding = 1' >> /etc/sysctl.conf 295 | fi 296 | echo "系统转发创建完成" 297 | sleep 1 298 | echo "开始创建nftables tproxy转发" 299 | 300 | # 写入tproxy rule 301 | # 判断文件是否存在 302 | 303 | if [[ "$SYSTEM_RELEASE" == "alpine" ]]; then 304 | # 检查 /etc/init.d/singbox-route 是否存在 305 | if [ ! -f "/etc/init.d/sing-box-route" ]; then 306 | # 创建 Alpine 的服务脚本 307 | cat << 'EOF' > /etc/init.d/sing-box-route 308 | #!/sbin/openrc-run 309 | 310 | description="singbox-route service" 311 | 312 | depend() { 313 | need net 314 | after net 315 | } 316 | 317 | start() { 318 | echo "Starting sing-box-route service" 319 | singbox_route_service_start_command 320 | } 321 | 322 | stop() { 323 | echo "Stopping sing-box-route service" 324 | singbox_route_service_stop_command 325 | } 326 | 327 | singbox_route_service_start_command() { 328 | /sbin/ip rule add fwmark 1 table 100 329 | /sbin/ip route add local default dev lo table 100 330 | /sbin/ip -6 rule add fwmark 1 table 101 331 | /sbin/ip -6 route add local ::/0 dev lo table 101 332 | } 333 | 334 | singbox_route_service_stop_command() { 335 | /sbin/ip rule del fwmark 1 table 100 336 | /sbin/ip route del local default dev lo table 100 337 | /sbin/ip -6 rule del fwmark 1 table 101 338 | /sbin/ip -6 route del local ::/0 dev lo table 101 339 | } 340 | EOF 341 | chmod +x /etc/init.d/sing-box-route 342 | echo "已完成路由表添加" 343 | else 344 | echo "警告:singbox-route 服务文件已存在,无需创建" 345 | fi 346 | else 347 | # 检查 /etc/systemd/system/sing-box-router.service 是否存在 348 | if [ ! -f "/etc/systemd/system/sing-box-router.service" ]; then 349 | # 创建其他系统的服务文件 350 | cat << 'EOF' > "/etc/systemd/system/sing-box-router.service" 351 | [Unit] 352 | Description=sing-box TProxy Rules 353 | After=network.target 354 | Wants=network.target 355 | 356 | [Service] 357 | User=root 358 | Type=oneshot 359 | RemainAfterExit=yes 360 | ExecStart=/sbin/ip rule add fwmark 1 table 100; /sbin/ip route add local default dev lo table 100; /sbin/ip -6 rule add fwmark 1 table 101; /sbin/ip -6 route add local ::/0 dev lo table 101 361 | ExecStop=/sbin/ip rule del fwmark 1 table 100; /sbin/ip route del local default dev lo table 100; /sbin/ip -6 rule del fwmark 1 table 101; /sbin/ip -6 route del local ::/0 dev lo table 101 362 | 363 | [Install] 364 | WantedBy=multi-user.target 365 | EOF 366 | echo "sing-box-router 服务创建完成" 367 | else 368 | echo "警告:sing-box-router 服务文件已存在,无需创建" 369 | fi 370 | fi 371 | 372 | ################################写入nftables################################ 373 | check_interfaces 374 | echo "" > "/etc/nftables.conf" 375 | cat < "/etc/nftables.conf" 376 | #!/usr/sbin/nft -f 377 | flush ruleset 378 | table inet singbox { 379 | set local_ipv4 { 380 | type ipv4_addr 381 | flags interval 382 | elements = { 383 | 10.0.0.0/8, 384 | 127.0.0.0/8, 385 | 169.254.0.0/16, 386 | 172.16.0.0/12, 387 | 192.168.0.0/16, 388 | 240.0.0.0/4 389 | } 390 | } 391 | 392 | set local_ipv6 { 393 | type ipv6_addr 394 | flags interval 395 | elements = { 396 | ::ffff:0.0.0.0/96, 397 | 64:ff9b::/96, 398 | 100::/64, 399 | 2001::/32, 400 | 2001:10::/28, 401 | 2001:20::/28, 402 | 2001:db8::/32, 403 | 2002::/16, 404 | fc00::/7, 405 | fe80::/10 406 | } 407 | } 408 | 409 | chain singbox-tproxy { 410 | fib daddr type { unspec, local, anycast, multicast } return 411 | ip daddr @local_ipv4 return 412 | ip6 daddr @local_ipv6 return 413 | udp dport { 123 } return 414 | meta l4proto { tcp, udp } meta mark set 1 tproxy to :7896 accept 415 | } 416 | 417 | chain singbox-mark { 418 | fib daddr type { unspec, local, anycast, multicast } return 419 | ip daddr @local_ipv4 return 420 | ip6 daddr @local_ipv6 return 421 | udp dport { 123 } return 422 | meta mark set 1 423 | } 424 | 425 | chain mangle-output { 426 | type route hook output priority mangle; policy accept; 427 | meta l4proto { tcp, udp } skgid != 1 ct direction original goto singbox-mark 428 | } 429 | 430 | chain mangle-prerouting { 431 | type filter hook prerouting priority mangle; policy accept; 432 | iifname { wg0, lo, $selected_interface } meta l4proto { tcp, udp } ct direction original goto singbox-tproxy 433 | } 434 | } 435 | EOF 436 | echo "nftables规则写入完成" 437 | if [[ "$SYSTEM_RELEASE" == "alpine" ]]; then 438 | cp /etc/nftables.nft /etc/nftables.nft.bak 439 | mv /etc/nftables.conf /etc/nftables.nft 440 | fi 441 | install_over 442 | } 443 | ################################sing-box安装结束################################ 444 | install_over() { 445 | echo "启用相关服务" 446 | if [[ "$SYSTEM_RELEASE" == "alpine" ]]; then 447 | rc-update add sing-box-route && rc-service sing-box-route start 448 | rc-update add sing-box && rc-service sing-box start 449 | nft flush ruleset && nft -f /etc/nftables.nft && rc-service nftables restart && rc-update add nftables 450 | else 451 | nft flush ruleset && nft -f /etc/nftables.conf && systemctl enable --now nftables && systemctl enable --now sing-box-router && systemctl enable --now sing-box 452 | fi 453 | } 454 | 455 | #####################################获取网卡################################ 456 | check_interfaces() { 457 | interfaces=$(ip -o link show | awk -F': ' '{print $2}') 458 | # 输出物理网卡名称 459 | for interface in $interfaces; do 460 | # 检查是否为物理网卡(不包含虚拟、回环等),并排除@符号及其后面的内容 461 | if [[ $interface =~ ^(en|eth).* ]]; then 462 | interface_name=$(echo "$interface" | awk -F'@' '{print $1}') # 去掉@符号及其后面的内容 463 | echo "您的网卡是:$interface_name" 464 | valid_interfaces+=("$interface_name") # 存储有效的网卡名称 465 | fi 466 | done 467 | # 提示用户选择 468 | read -p "脚本自行检测的是否是您要的网卡?(y/n): " confirm_interface 469 | if [ "$confirm_interface" = "y" ]; then 470 | selected_interface="$interface_name" 471 | echo "您选择的网卡是: $selected_interface" 472 | elif [ "$confirm_interface" = "n" ]; then 473 | read -p "请自行输入您的网卡名称: " selected_interface 474 | echo "您输入的网卡名称是: $selected_interface" 475 | else 476 | echo "无效的选择" 477 | fi 478 | } 479 | 480 | 481 | ################################sing-box安装结束################################ 482 | install_sing_box_over() { 483 | echo "==================================================================" 484 | echo -e "\t\t\tSing-Box 安装完毕" 485 | echo -e "\t\t\tPowered by www.herozmy.com 2024" 486 | echo -e "\n" 487 | echo -e "singbox运行目录为/etc/sing-box" 488 | echo -e "singbox WebUI地址:http://ip:9090" 489 | echo -e "Mosdns配置脚本:wget https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/mosdns-o.sh && bash mosdns-o.sh" 490 | echo -e "温馨提示:\n本脚本仅在 LXC ubuntu22.04 环境下测试,其他环境未经验证,仅供个人使用" 491 | echo -e "本脚本仅适用于学习与研究等个人用途,请勿用于任何违反国家法律的活动!" 492 | echo "==================================================================" 493 | } 494 | main() { 495 | check_os 496 | # install_singbox 497 | customize_settings 498 | install_service 499 | install_tproxy 500 | install_sing_box_over 501 | } 502 | main 503 | -------------------------------------------------------------------------------- /apline-mosdns.sh: -------------------------------------------------------------------------------- 1 | if [[ $(uname -m) == "aarch64" ]]; then 2 | arch="arm64" 3 | elif [[ $(uname -m) == "x86_64" ]]; then 4 | arch="amd64" 5 | else 6 | arch="未知" 7 | exit 0 8 | fi 9 | echo "系统架构是:$arch" 10 | mosdns_host="https://github.com/IrineSistiana/mosdns/releases/download/v5.3.3/mosdns-linux-$arch.zip" 11 | apk update || { echo "更新失败!退出脚本"; exit 1; } 12 | apk add curl wget git tar gawk sed unzip nano || { echo "更新失败!退出脚本"; exit 1; } 13 | echo -e "\n设置时区为Asia/Shanghai" 14 | setup-timezone -z Asia/Shanghai || { echo "时区设置失败!退出脚本"; exit 1; } 15 | echo -e "\e[32m时区设置成功\e[0m" 16 | echo "开始下载 mosdns" 17 | wget "${mosdns_host}" || { echo -e "\e[31m下载失败!退出脚本\e[0m"; exit 1; } 18 | echo "开始解压" 19 | unzip ./mosdns-linux-$arch.zip 20 | echo "复制 mosdns 到 /usr/bin" 21 | sleep 1 22 | cp -rv ./mosdns /usr/bin 23 | chmod 0777 /usr/bin/mosdns 24 | echo -e "\n自定义设置(以下设置可直接回车使用默认值)" 25 | read -p "输入sing-box入站地址端口(默认10.10.10.147:6666):" uiport 26 | uiport="${uiport:-10.10.10.147:6666}" 27 | echo -e "已设置Singbox入站地址:\e[36m$uiport\e[0m" 28 | echo "配置mosdns规则" 29 | sleep 1 30 | git init 31 | git remote add -f origin https://github.com/herozmy/sing-box-mosdns-fakeip.git 32 | git config core.sparsecheckout true 33 | echo 'mosdns' > .git/info/sparse-checkout 34 | git pull origin main 35 | cd /root && mv mosdns /etc/ 36 | echo "配置mosdns" 37 | sed -i "s/- addr: 10.10.10.147:6666/- addr: ${uiport}/g" /etc/mosdns/config.yaml 38 | echo "设置mosdns开机自启动" 39 | echo '#!/sbin/openrc-run 40 | 41 | name=$RC_SVCNAME 42 | description="mosdns service" 43 | supervisor="supervise-daemon" 44 | command="/usr/bin/mosdns" 45 | command_args="start -c /etc/mosdns/config.yaml -d /etc/mosdns" 46 | extra_started_commands="reload" 47 | 48 | depend() { 49 | after net 50 | } 51 | 52 | reload() { 53 | ebegin "Reloading $RC_SVCNAME" 54 | $supervisor "$RC_SVCNAME" --signal HUP 55 | eend $? 56 | }' > /etc/init.d/mosdns 57 | chmod +x /etc/init.d/mosdns && rc-update add mosdns && rc-service mosdns restart 58 | echo "mosdns开机启动完成" -------------------------------------------------------------------------------- /clash.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | 5 | install_clash_config() { 6 | 7 | echo "创建 /etc/clash 目录" 8 | sleep 1 9 | mkdir /etc/clash >/dev/null 2>&1 10 | cd /etc/clash 11 | wget -O config.yaml https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Config/Clash_Sample_Configuration_By_iKeLee.yaml 12 | sed -i "s|^external-controller: :.*|external-controller: :$uiport|" /etc/clash/config.yaml 13 | 14 | # 如果设置的端口是53,则关闭系统的53端口并重启systemd-resolved服务 15 | if [ "$dnsport" -eq 53 ]; then 16 | echo "关闭系统53端口..." 17 | sed -i '/^#*DNSStubListener/s/#*DNSStubListener=yes/DNSStubListener=no/' /etc/systemd/resolved.conf 18 | systemctl restart systemd-resolved.service 19 | echo "系统53端口已关闭,systemd-resolved服务已重启。" 20 | fi 21 | sed -i "s/listen: 0.0.0.0:53/listen: 0.0.0.0:$dnsport/" /etc/clash/config.yaml 22 | sed -i "s|^subscribe-url:.*|subscribe-url: $suburl|" /etc/clash/config.yaml 23 | sed -i "s|url=机场订阅|url=$suburl|" /etc/clash/config.yaml 24 | #安装metacubexd面板 25 | wget https://github.com/MetaCubeX/metacubexd/releases/download/v1.138.1/compressed-dist.tgz 26 | mkdir -p /etc/clash/ui/metacubexd 27 | tar -xzvf compressed-dist.tgz -C /etc/clash/ui/metacubexd 28 | rm compressed-dist.tgz 29 | systemctl start clash 30 | sleep 1 31 | } 32 | 33 | check_interfaces() { 34 | interfaces=$(ip -o link show | awk -F': ' '{print $2}') 35 | # 输出物理网卡名称 36 | for interface in $interfaces; do 37 | # 检查是否为物理网卡(不包含虚拟、回环等),并排除@符号及其后面的内容 38 | if [[ $interface =~ ^(en|eth).* ]]; then 39 | interface_name=$(echo "$interface" | awk -F'@' '{print $1}') # 去掉@符号及其后面的内容 40 | echo "您的网卡是:$interface_name" 41 | valid_interfaces+=("$interface_name") # 存储有效的网卡名称 42 | fi 43 | done 44 | # 提示用户选择 45 | read -p "脚本自行检测的是否是您要的网卡?(y/n): " confirm_interface 46 | if [ "$confirm_interface" = "y" ]; then 47 | selected_interface="$interface_name" 48 | echo "您选择的网卡是: $selected_interface" 49 | elif [ "$confirm_interface" = "n" ]; then 50 | read -p "请自行输入您的网卡名称: " selected_interface 51 | echo "您输入的网卡名称是: $selected_interface" 52 | else 53 | echo "无效的选择" 54 | fi 55 | } 56 | 57 | customize_settings() { 58 | echo "自定义设置(以下设置可直接回车使用默认值)" 59 | read -p "输入clash webui端口(默认9090):" uiport 60 | uiport="${uiport:-9090}" 61 | echo "已设置ui端口:$uiport" 62 | 63 | read -p "请输入DNS监听端口 (默认53) :" dnsport 64 | dnsport="${dnsport:-53}" 65 | # 显示已设置的DNS监听端口 66 | echo "已设置DNS监听端口:$dnsport" 67 | 68 | read -p "输入订阅连接:" suburl 69 | suburl="${suburl:-https://}" 70 | echo "已设置订阅连接地址:$suburl" 71 | 72 | } 73 | 74 | apt update 75 | apt install unzip git nftables make curl wget gzip -y 76 | 77 | # 判断 CPU 架构 78 | if [[ $(uname -m) == "aarch64" ]]; then 79 | arch="armv8" 80 | elif [[ $(uname -m) == "x86_64" ]]; then 81 | arch="amd64" 82 | else 83 | arch="未知" 84 | exit 0 85 | fi 86 | 87 | customize_settings 88 | check_interfaces 89 | echo "系统架构是:$arch" 90 | 91 | #拉取github每日凌晨自动编译的核心 92 | wget -O mihomo-linux-$arch.tar.gz https://raw.githubusercontent.com/herozmy/herozmy-private/main/mihomo-alpha/mihomo-linux-$arch.tar.gz 93 | sleep 1 94 | echo -e "下载完成,开始安装" 95 | sleep 1 96 | tar -zxvf mihomo-linux-$arch.tar.gz 97 | chmod u+x clash 98 | echo "复制 clash 到 /usr/bin" 99 | cp clash /usr/bin 100 | sleep 1 101 | echo 'net.ipv4.ip_forward = 1' | tee -a /etc/sysctl.conf 102 | sleep 1 103 | touch /etc/systemd/system/clash.service 104 | echo "[Unit] 105 | Description=clash auto run 106 | 107 | [Service] 108 | Type=simple 109 | 110 | ExecStart=/usr/bin/clash -d /etc/clash/ 111 | 112 | [Install] 113 | WantedBy=default.target" >> /etc/systemd/system/clash.service 114 | install_clash_config 115 | #创建clash-route服务 116 | sleep 1 117 | touch /etc/systemd/system/clash-route.service 118 | echo "[Unit] 119 | Description=Clash TProxy Rules 120 | After=network.target 121 | Wants=network.target 122 | 123 | [Service] 124 | User=root 125 | Type=oneshot 126 | RemainAfterExit=yes 127 | # there must be spaces before and after semicolons 128 | ExecStart=/sbin/ip rule add fwmark 1 table 100 ; /sbin/ip route add local default dev lo table 100 ; /sbin/ip -6 rule add fwmark 1 table 101 ; /sbin/ip -6 route add local ::/0 dev lo table 101 129 | ExecStop=/sbin/ip rule del fwmark 1 table 100 ; /sbin/ip route del local default dev lo table 100 ; /sbin/ip -6 rule del fwmark 1 table 101 ; /sbin/ip -6 route del local ::/0 dev lo table 101 130 | 131 | [Install] 132 | WantedBy=multi-user.target" >> /etc/systemd/system/clash-route.service 133 | #写入nftables配置文件 134 | sleep 1 135 | echo "table inet clash { 136 | set local_ipv4 { 137 | type ipv4_addr 138 | flags interval 139 | elements = { 140 | 10.0.0.0/8, 141 | 127.0.0.0/8, 142 | 169.254.0.0/16, 143 | 172.16.0.0/12, 144 | 192.168.0.0/16, 145 | 240.0.0.0/4 146 | } 147 | } 148 | 149 | set local_ipv6 { 150 | type ipv6_addr 151 | flags interval 152 | elements = { 153 | ::ffff:0.0.0.0/96, 154 | 64:ff9b::/96, 155 | 100::/64, 156 | 2001::/32, 157 | 2001:10::/28, 158 | 2001:20::/28, 159 | 2001:db8::/32, 160 | 2002::/16, 161 | fc00::/7, 162 | fe80::/10 163 | } 164 | } 165 | 166 | chain clash-tproxy { 167 | fib daddr type { unspec, local, anycast, multicast } return 168 | ip daddr @local_ipv4 return 169 | ip6 daddr @local_ipv6 return 170 | udp dport { 123 } return 171 | meta l4proto { tcp, udp } meta mark set 1 tproxy to :7896 accept 172 | } 173 | 174 | chain clash-mark { 175 | fib daddr type { unspec, local, anycast, multicast } return 176 | ip daddr @local_ipv4 return 177 | ip6 daddr @local_ipv6 return 178 | udp dport { 123 } return 179 | meta mark set 1 180 | } 181 | 182 | chain mangle-output { 183 | type route hook output priority mangle; policy accept; 184 | meta l4proto { tcp, udp } skgid != 997 ct direction original jump clash-mark 185 | } 186 | 187 | chain mangle-prerouting { 188 | type filter hook prerouting priority mangle; policy accept; 189 | iifname { lo, $selected_interface } meta l4proto { tcp, udp } ct direction original jump clash-tproxy 190 | } 191 | }" >> /etc/nftables.conf 192 | sleep 1 193 | echo "Nftables规则生效" 194 | sleep 1 195 | nft -f /etc/nftables.conf 196 | echo "设置相关服务自启动" 197 | systemctl enable --now clash-route 198 | systemctl enable clash 199 | 200 | -------------------------------------------------------------------------------- /config/clash-fake-ip.yaml: -------------------------------------------------------------------------------- 1 | port: 7890 2 | socks-port: 7891 3 | mixed-port: 7892 4 | redir-port: 7893 5 | tproxy-port: 7896 6 | unified-delay: true 7 | geodata-mode: false 8 | geodata-loader: standard 9 | geo-auto-update: true 10 | geo-update-interval: 24 11 | tcp-concurrent: true 12 | find-process-mode: strict 13 | global-client-fingerprint: chrome 14 | bind-address: "*" 15 | allow-lan: true 16 | routing-mark: 1 17 | interface-name: eth0 18 | mode: rule 19 | log-level: info 20 | ipv6: true 21 | udp: true 22 | 23 | external-controller: :9090 24 | external-ui: /etc/mihomo/ui 25 | external-ui-url: 'https://github.com/MetaCubeX/metacubexd/archive/refs/heads/gh-pages.zip' 26 | 27 | geox-url: 28 | # geoip: 'https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/geoip.dat' 29 | # geosite: 'https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/geosite.dat' 30 | mmdb: 'https://gitlab.com/Masaiki/GeoIP2-CN/-/raw/release/Country.mmdb' 31 | asn: 'https://gitlab.com/Loon0x00/loon_data/-/raw/main/geo/GeoLite2-ASN.mmdb' 32 | 33 | profile: 34 | store-selected: true 35 | store-fake-ip: true 36 | 37 | sniffer: 38 | enable: true 39 | force-dns-mapping: true 40 | parse-pure-ip: true 41 | override-destination: true 42 | sniff: 43 | HTTP: 44 | ports: [80, 8080-8880] 45 | override-destination: true 46 | TLS: 47 | ports: [443, 8443] 48 | QUIC: 49 | ports: [443, 8443] 50 | force-domain: 51 | - +.v2ex.com 52 | 53 | skip-domain: 54 | - Mijia Cloud 55 | 56 | dns: 57 | enable: true 58 | listen: 0.0.0.0:53 59 | ipv6: true 60 | enhanced-mode: fake-ip 61 | fake-ip-range: 28.0.0.1/8 62 | fake-ip-filter: 63 | - "*" 64 | - +.lan 65 | default-nameserver: 66 | - 223.5.5.5 67 | - 223.6.6.6 68 | nameserver: 69 | - https://doh.pub/dns-query 70 | - https://dns.alidns.com/dns-query 71 | 72 | # 锚点 - 节点订阅的参数 [每小时更新一次订阅节点,每 6 秒一次健康检查] 73 | NodeParam: &NodeParam {type: http, interval: 3600, health-check: {enable: true, url: 'http://detectportal.firefox.com/success.txt', interval: 6}} 74 | 75 | # 锚点 - 节点订阅 76 | proxy-providers: 77 | 机场名称1: 78 | url: '机场订阅' 79 | <<: *NodeParam 80 | path: './proxy_providers/sub.yaml' 81 | override: 82 | additional-prefix: "[sub] " 83 | 84 | 85 | # 锚点 - 节点筛选组 86 | FilterHK: &FilterHK '^(?=.*((?i)🇭🇰|香港|(\b(HK|Hong)\b)))(?!.*((?i)回国|校园|游戏|🎮|(\b(GAME)\b))).*$' 87 | FilterTW: &FilterTW '^(?=.*((?i)🇹🇼|台湾|(\b(TW|Tai|Taiwan)\b)))(?!.*((?i)回国|校园|游戏|🎮|(\b(GAME)\b))).*$' 88 | FilterJP: &FilterJP '^(?=.*((?i)🇯🇵|日本|川日|东京|大阪|泉日|埼玉|(\b(JP|Japan)\b)))(?!.*((?i)回国|校园|游戏|🎮|(\b(GAME)\b))).*$' 89 | FilterKR: &FilterKR '^(?=.*((?i)🇰🇷|韩国|韓|首尔|(\b(KR|Korea)\b)))(?!.*((?i)回国|校园|游戏|🎮|(\b(GAME)\b))).*$' 90 | FilterSG: &FilterSG '^(?=.*((?i)🇸🇬|新加坡|狮|(\b(SG|Singapore)\b)))(?!.*((?i)回国|校园|游戏|🎮|(\b(GAME)\b))).*$' 91 | FilterUS: &FilterUS '^(?=.*((?i)🇺🇸|美国|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|(\b(US|United States)\b)))(?!.*((?i)回国|校园|游戏|🎮|(\b(GAME)\b))).*$' 92 | FilterUK: &FilterUK '^(?=.*((?i)🇬🇧|英国|伦敦|(\b(UK|United Kingdom)\b)))(?!.*((?i)回国|校园|游戏|🎮|(\b(GAME)\b))).*$' 93 | FilterFR: &FilterFR '^(?=.*((?i)🇫🇷|法国|(\b(FR|France)\b)))(?!.*((?i)回国|校园|游戏|🎮|(\b(GAME)\b))).*$' 94 | FilterDE: &FilterDE '^(?=.*((?i)🇩🇪|德国|(\b(DE|Germany)\b)))(?!.*((?i)回国|校园|游戏|🎮|(\b(GAME)\b))).*$' 95 | FilterGame: &FilterGame '^(?=.*((?i)游戏|🎮|(\b(GAME)\b)))(?!.*((?i)回国|校园)).*$' 96 | FilterAll: &FilterAll '^(?=.*(.))(?!.*((?i)群|邀请|返利|循环|官网|客服|网站|网址|获取|订阅|流量|到期|机场|下次|版本|官址|备用|过期|已用|联系|邮箱|工单|贩卖|通知|倒卖|防止|国内|地址|频道|无法|说明|使用|提示|特别|访问|支持|教程|关注|更新|作者|加入|(\b(USE|USED|TOTAL|EXPIRE|EMAIL|Panel|Channel|Author)\b|(\d{4}-\d{2}-\d{2}|\d+G)))).*$' 97 | 98 | # 策略组参数锚点 99 | # 锚点 - 时延优选参数 [每 6 秒一次惰性健康检查,容差 20ms,时延超过 2 秒判定为失败,失败 3 次则自动触发健康检查] 100 | UrlTest: &UrlTest {type: url-test, interval: 6, tolerance: 20, lazy: true, url: 'http://detectportal.firefox.com/success.txt', disable-udp: false, timeout: 2000, max-failed-times: 3, hidden: true, include-all-providers: true} 101 | # 锚点 - 故障转移参数 [每 6 秒一次惰性健康检查,时延超过 2 秒判定为失败,失败 3 次则自动触发健康检查] 102 | FallBack: &FallBack {type: fallback, interval: 6, lazy: true, url: 'http://detectportal.firefox.com/success.txt', disable-udp: false, timeout: 2000, max-failed-times: 3, hidden: true, include-all-providers: true} 103 | # 锚点 - 负载均衡参数 [每 6 秒一次惰性健康检查,时延超过 2 秒判定为失败,失败 3 次则自动触发健康检查] 104 | LoadBalance: &LoadBalance {type: load-balance, interval: 6, lazy: true, url: 'http://detectportal.firefox.com/success.txt', disable-udp: false, strategy: consistent-hashing, timeout: 2000, max-failed-times: 3, hidden: true, include-all-providers: true} 105 | # 锚点 - 规则参数 [每天更新一次订阅规则,更新规则时使用香港策略,] 106 | RuleProviders: &RuleProviders {type: http, behavior: classical, interval: 86400, format: yaml, proxy: 香港策略} 107 | 108 | # 策略组 109 | proxy-groups: 110 | - {name: 游戏选择, type: select, include-all-providers: true, filter: *FilterGame, proxies: [DIRECT, 全球选择]} 111 | - {name: 全球选择, type: select, include-all-providers: true, filter: *FilterAll} 112 | - {name: 境外下载, type: select, include-all-providers: true, filter: *FilterAll, proxies: [DIRECT]} 113 | - {name: AI, type: select, include-all-providers: true, filter: *FilterAll} 114 | - {name: TikTok, type: select, include-all-providers: true, filter: *FilterAll} 115 | - {name: Telegram, type: select, proxies: [香港策略, 台湾策略, 日本策略, 韩国策略, 新国策略, 美国策略, 英国策略, 法国策略, 德国策略]} 116 | - {name: App Store, type: select, proxies: [DIRECT, 香港策略, 台湾策略, 日本策略, 韩国策略, 新国策略, 美国策略, 英国策略, 法国策略, 德国策略]} 117 | - {name: Apple ID, type: select, proxies: [DIRECT, 香港策略, 台湾策略, 日本策略, 韩国策略, 新国策略, 美国策略, 英国策略, 法国策略, 德国策略]} 118 | - {name: TestFlight, type: select, proxies: [DIRECT, 香港策略, 台湾策略, 日本策略, 韩国策略, 新国策略, 美国策略, 英国策略, 法国策略, 德国策略]} 119 | - {name: 1Password, type: select, proxies: [DIRECT, 香港策略, 台湾策略, 日本策略, 韩国策略, 新国策略, 美国策略, 英国策略, 法国策略, 德国策略]} 120 | - {name: Microsoft, type: select, proxies: [DIRECT, 香港策略, 台湾策略, 日本策略, 韩国策略, 新国策略, 美国策略, 英国策略, 法国策略, 德国策略]} 121 | - {name: Netflix, type: select, proxies: [香港策略, 台湾策略, 日本策略, 韩国策略, 新国策略, 美国策略, 英国策略, 法国策略, 德国策略]} 122 | - {name: Emby, type: select, proxies: [DIRECT, 香港策略, 台湾策略, 日本策略, 韩国策略, 新国策略, 美国策略, 英国策略, 法国策略, 德国策略]} 123 | - {name: 兜底策略, type: select, proxies: [香港策略, 台湾策略, 日本策略, 韩国策略, 新国策略, 美国策略, 英国策略, 法国策略, 德国策略, DIRECT]} 124 | 125 | - {name: 香港策略, type: select, proxies: [⏱香港时延优选策略组, 🚥香港故障转移策略组, 🎛香港负载均衡策略组]} 126 | - {name: 台湾策略, type: select, proxies: [⏱台湾时延优选策略组, 🚥台湾故障转移策略组, 🎛台湾负载均衡策略组]} 127 | - {name: 日本策略, type: select, proxies: [⏱日本时延优选策略组, 🚥日本故障转移策略组, 🎛日本负载均衡策略组]} 128 | - {name: 韩国策略, type: select, proxies: [⏱韩国时延优选策略组, 🚥韩国故障转移策略组, 🎛韩国负载均衡策略组]} 129 | - {name: 新国策略, type: select, proxies: [⏱新国时延优选策略组, 🚥新国故障转移策略组, 🎛新国负载均衡策略组]} 130 | - {name: 美国策略, type: select, proxies: [⏱美国时延优选策略组, 🚥美国故障转移策略组, 🎛美国负载均衡策略组]} 131 | - {name: 英国策略, type: select, proxies: [⏱英国时延优选策略组, 🚥英国故障转移策略组, 🎛英国负载均衡策略组]} 132 | - {name: 法国策略, type: select, proxies: [⏱法国时延优选策略组, 🚥法国故障转移策略组, 🎛法国负载均衡策略组]} 133 | - {name: 德国策略, type: select, proxies: [⏱德国时延优选策略组, 🚥德国故障转移策略组, 🎛德国负载均衡策略组]} 134 | 135 | # 时延优选策略组 136 | - {name: ⏱香港时延优选策略组, <<: *UrlTest, filter: *FilterHK} 137 | - {name: ⏱台湾时延优选策略组, <<: *UrlTest, filter: *FilterTW} 138 | - {name: ⏱日本时延优选策略组, <<: *UrlTest, filter: *FilterJP} 139 | - {name: ⏱韩国时延优选策略组, <<: *UrlTest, filter: *FilterKR} 140 | - {name: ⏱新国时延优选策略组, <<: *UrlTest, filter: *FilterSG} 141 | - {name: ⏱美国时延优选策略组, <<: *UrlTest, filter: *FilterUS} 142 | - {name: ⏱英国时延优选策略组, <<: *UrlTest, filter: *FilterUK} 143 | - {name: ⏱法国时延优选策略组, <<: *UrlTest, filter: *FilterFR} 144 | - {name: ⏱德国时延优选策略组, <<: *UrlTest, filter: *FilterDE} 145 | 146 | # 故障转移策略组 147 | - {name: 🚥香港故障转移策略组, <<: *FallBack, filter: *FilterHK} 148 | - {name: 🚥台湾故障转移策略组, <<: *FallBack, filter: *FilterTW} 149 | - {name: 🚥日本故障转移策略组, <<: *FallBack, filter: *FilterJP} 150 | - {name: 🚥韩国故障转移策略组, <<: *FallBack, filter: *FilterKR} 151 | - {name: 🚥新国故障转移策略组, <<: *FallBack, filter: *FilterSG} 152 | - {name: 🚥美国故障转移策略组, <<: *FallBack, filter: *FilterUS} 153 | - {name: 🚥英国故障转移策略组, <<: *FallBack, filter: *FilterUK} 154 | - {name: 🚥法国故障转移策略组, <<: *FallBack, filter: *FilterFR} 155 | - {name: 🚥德国故障转移策略组, <<: *FallBack, filter: *FilterDE} 156 | 157 | # 负载均衡策略组 158 | - {name: 🎛香港负载均衡策略组, <<: *LoadBalance, filter: *FilterHK} 159 | - {name: 🎛台湾负载均衡策略组, <<: *LoadBalance, filter: *FilterTW} 160 | - {name: 🎛日本负载均衡策略组, <<: *LoadBalance, filter: *FilterJP} 161 | - {name: 🎛韩国负载均衡策略组, <<: *LoadBalance, filter: *FilterKR} 162 | - {name: 🎛新国负载均衡策略组, <<: *LoadBalance, filter: *FilterSG} 163 | - {name: 🎛美国负载均衡策略组, <<: *LoadBalance, filter: *FilterUS} 164 | - {name: 🎛英国负载均衡策略组, <<: *LoadBalance, filter: *FilterUK} 165 | - {name: 🎛法国负载均衡策略组, <<: *LoadBalance, filter: *FilterFR} 166 | - {name: 🎛德国负载均衡策略组, <<: *LoadBalance, filter: *FilterDE} 167 | 168 | # 订阅规则 169 | rule-providers: 170 | Lan: 171 | <<: *RuleProviders 172 | path: './rules/Lan.yaml' 173 | url: 'https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Lan/Lan.yaml' 174 | 175 | Direct: 176 | <<: *RuleProviders 177 | path: './rules/Direct.yaml' 178 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/Direct.yaml' 179 | 180 | Proxy: 181 | <<: *RuleProviders 182 | path: './rules/Proxy.yaml' 183 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/Proxy.yaml' 184 | 185 | ChinaDownloadCDN: 186 | <<: *RuleProviders 187 | path: './rules/ChinaDownloadCDN.yaml' 188 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/ChinaDownloadCDN.yaml' 189 | 190 | InternationalDownloadCDN: 191 | <<: *RuleProviders 192 | path: './rules/InternationalDownloadCDN.yaml' 193 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/InternationalDownloadCDN.yaml' 194 | 195 | AI: 196 | <<: *RuleProviders 197 | path: './rules/AI.yaml' 198 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/AI.yaml' 199 | 200 | TikTok: 201 | <<: *RuleProviders 202 | path: './rules/TikTok.yaml' 203 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/TikTok.yaml' 204 | 205 | Game: 206 | <<: *RuleProviders 207 | path: './rules/Game.yaml' 208 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/Game.yaml' 209 | 210 | 1Password: 211 | <<: *RuleProviders 212 | path: './rules/1PasswordUS.yaml' 213 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/1PasswordUS.yaml' 214 | 215 | Steam: 216 | <<: *RuleProviders 217 | path: './rules/Steam.yaml' 218 | url: 'https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Steam/Steam.yaml' 219 | 220 | Netflix: 221 | <<: *RuleProviders 222 | path: './rules/Netflix.yaml' 223 | url: 'https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Netflix/Netflix.yaml' 224 | 225 | Emby: 226 | <<: *RuleProviders 227 | path: './rules/Emby.yaml' 228 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/EmbyServer.yaml' 229 | 230 | iCloudChina: 231 | <<: *RuleProviders 232 | path: './rules/iCloudChina.yaml' 233 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/iCloudChina.yaml' 234 | 235 | ApplePushNotificationService: 236 | <<: *RuleProviders 237 | path: './rules/ApplePushNotificationService.yaml' 238 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/ApplePushNotificationService.yaml' 239 | 240 | AppleSoftwareUpdates: 241 | <<: *RuleProviders 242 | path: './rules/AppleSoftwareUpdates.yaml' 243 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/AppleSoftwareUpdates.yaml' 244 | 245 | AppleID: 246 | <<: *RuleProviders 247 | path: './rules/AppleID.yaml' 248 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/AppleID.yaml' 249 | 250 | AppStore: 251 | <<: *RuleProviders 252 | path: './rules/AppStore.yaml' 253 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/AppStore.yaml' 254 | 255 | TestFlight: 256 | <<: *RuleProviders 257 | path: './rules/TestFlight.yaml' 258 | url: 'https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/TestFlight/TestFlight.yaml' 259 | 260 | Microsoft: 261 | <<: *RuleProviders 262 | path: './rules/Microsoft.yaml' 263 | url: 'https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Microsoft/Microsoft.yaml' 264 | 265 | Google: 266 | <<: *RuleProviders 267 | path: './rules/Google.yaml' 268 | url: 'https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Clash/Google/Google.yaml' 269 | 270 | Telegram: 271 | <<: *RuleProviders 272 | path: './rules/Telegram.yaml' 273 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/Telegram.yaml' 274 | 275 | ESET_China: 276 | <<: *RuleProviders 277 | path: './rules/ESET_China.yaml' 278 | url: 'https://raw.githubusercontent.com/luestr/ProxyResource/main/Tool/Clash/Rule/ESET_China.yaml' 279 | 280 | # 规则指向 281 | rules: 282 | - RULE-SET, Lan, DIRECT 283 | - RULE-SET, Direct, DIRECT 284 | - RULE-SET, Proxy, 兜底策略 285 | - RULE-SET, ChinaDownloadCDN, DIRECT 286 | - RULE-SET, InternationalDownloadCDN, 境外下载 287 | - RULE-SET, AI, AI 288 | - RULE-SET, TikTok, TikTok 289 | - RULE-SET, Steam, 兜底策略 290 | - RULE-SET, Game, 游戏选择 291 | - RULE-SET, Netflix, Netflix 292 | - RULE-SET, Emby, Emby 293 | - RULE-SET, TestFlight, TestFlight 294 | - RULE-SET, iCloudChina, DIRECT 295 | - RULE-SET, ApplePushNotificationService, DIRECT 296 | - RULE-SET, AppleSoftwareUpdates, DIRECT 297 | - RULE-SET, AppleID, Apple ID 298 | - RULE-SET, AppStore, App Store 299 | - RULE-SET, 1Password, 1Password 300 | - RULE-SET, Microsoft, Microsoft 301 | - RULE-SET, Google, 兜底策略 302 | - RULE-SET, Telegram, Telegram 303 | - RULE-SET, ESET_China, DIRECT 304 | - GEOIP, CN, DIRECT 305 | - MATCH, 兜底策略 -------------------------------------------------------------------------------- /config/fake-ip.json: -------------------------------------------------------------------------------- 1 | { 2 | "log": { 3 | "disabled": false, 4 | "level": "info", 5 | "output": "/etc/sing-box/sing-box.log", 6 | "timestamp": true 7 | }, 8 | "dns": { 9 | "servers": [ 10 | { 11 | "tag": "nodedns", 12 | "address": "tls://223.5.5.5:853", 13 | "detour": "direct" 14 | }, 15 | { 16 | "tag": "fakeipDNS", 17 | "address": "fakeip" 18 | }, 19 | { 20 | "tag": "block", 21 | "address": "rcode://success" 22 | } 23 | ], 24 | "rules": [ 25 | { 26 | "query_type": [ 27 | "SVCB" 28 | ], 29 | "server": "block" 30 | }, 31 | { 32 | "inbound": "dns-in", 33 | "server": "fakeipDNS", 34 | "disable_cache": false, 35 | "rewrite_ttl": 1 36 | }, 37 | { 38 | "outbound": "any", 39 | "server": "nodedns", 40 | "disable_cache": true 41 | } 42 | ], 43 | "fakeip": { 44 | "enabled": true, 45 | "inet4_range": "28.0.0.1/8", 46 | "inet6_range": "f2b0::/18" 47 | }, 48 | "independent_cache": true 49 | }, 50 | "inbounds": [ 51 | { 52 | "type": "mixed", 53 | "listen": "::", 54 | "listen_port": 10000 55 | }, 56 | { 57 | "type": "direct", 58 | "tag": "dns-in", 59 | "listen": "::", 60 | "listen_port": 6666 61 | }, 62 | { 63 | "type": "tproxy", 64 | "tag": "tproxy-in", 65 | "listen": "::", 66 | "listen_port": 7896, 67 | "tcp_fast_open": true, 68 | "sniff": true, 69 | "sniff_override_destination": false, 70 | "sniff_timeout": "100ms" 71 | } 72 | ], 73 | "outbounds": [ 74 | { 75 | "tag":"Proxy", 76 | "type":"selector", 77 | "outbounds":[ 78 | "auto", 79 | "direct", 80 | "{all}" 81 | ] 82 | }, 83 | { 84 | "tag":"OpenAI", 85 | "type":"selector", 86 | "outbounds":[ 87 | "TaiWan", 88 | "Singapore", 89 | "Japan", 90 | "America", 91 | "Others" 92 | ], 93 | "default": "America" 94 | }, 95 | { 96 | "tag":"Google", 97 | "type":"selector", 98 | "outbounds":[ 99 | "HongKong", 100 | "TaiWan", 101 | "Singapore", 102 | "Japan", 103 | "America", 104 | "Others" 105 | ] 106 | }, 107 | { 108 | "tag":"Telegram", 109 | "type":"selector", 110 | "outbounds":[ 111 | "HongKong", 112 | "TaiWan", 113 | "Singapore", 114 | "Japan", 115 | "America", 116 | "Others" 117 | ] 118 | }, 119 | { 120 | "tag":"Twitter", 121 | "type":"selector", 122 | "outbounds":[ 123 | "HongKong", 124 | "TaiWan", 125 | "Singapore", 126 | "Japan", 127 | "America", 128 | "Others" 129 | ] 130 | }, 131 | { 132 | "tag":"Facebook", 133 | "type":"selector", 134 | "outbounds":[ 135 | "HongKong", 136 | "TaiWan", 137 | "Singapore", 138 | "Japan", 139 | "America", 140 | "Others" 141 | ] 142 | }, 143 | { 144 | "tag":"BiliBili", 145 | "type":"selector", 146 | "outbounds":[ 147 | "direct", 148 | "HongKong", 149 | "TaiWan" 150 | ] 151 | }, 152 | { 153 | "tag":"Bahamut", 154 | "type":"selector", 155 | "outbounds":[ 156 | "TaiWan", 157 | "Proxy" 158 | ] 159 | }, 160 | { 161 | "tag":"Spotify", 162 | "type":"selector", 163 | "outbounds":[ 164 | "HongKong", 165 | "TaiWan", 166 | "Singapore", 167 | "Japan", 168 | "America", 169 | "Others" 170 | ], 171 | "default": "America" 172 | }, 173 | { 174 | "tag":"TikTok", 175 | "type":"selector", 176 | "outbounds":[ 177 | "HongKong", 178 | "TaiWan", 179 | "Singapore", 180 | "Japan", 181 | "America" 182 | ], 183 | "default": "Japan" 184 | }, 185 | { 186 | "tag":"NETFLIX", 187 | "type":"selector", 188 | "outbounds":[ 189 | "HongKong", 190 | "TaiWan", 191 | "Singapore", 192 | "Japan", 193 | "America", 194 | "Others" 195 | ] 196 | }, 197 | { 198 | "tag":"Disney+", 199 | "type":"selector", 200 | "outbounds":[ 201 | "HongKong", 202 | "TaiWan", 203 | "Singapore", 204 | "Japan", 205 | "America", 206 | "Others" 207 | ] 208 | }, 209 | { 210 | "tag":"Apple", 211 | "type":"selector", 212 | "outbounds":[ 213 | "direct", 214 | "HongKong", 215 | "TaiWan", 216 | "Singapore", 217 | "Japan", 218 | "America", 219 | "Others" 220 | ] 221 | }, 222 | { 223 | "tag":"Microsoft", 224 | "type":"selector", 225 | "outbounds":[ 226 | "direct", 227 | "HongKong", 228 | "TaiWan", 229 | "Singapore", 230 | "Japan", 231 | "America", 232 | "Others" 233 | ] 234 | }, 235 | { 236 | "tag":"Games", 237 | "type":"selector", 238 | "outbounds":[ 239 | "direct", 240 | "HongKong", 241 | "TaiWan", 242 | "Singapore", 243 | "Japan", 244 | "America", 245 | "Others" 246 | ] 247 | }, 248 | { 249 | "tag":"Streaming", 250 | "type":"selector", 251 | "outbounds":[ 252 | "HongKong", 253 | "TaiWan", 254 | "Singapore", 255 | "Japan", 256 | "America", 257 | "Others" 258 | ] 259 | }, 260 | { 261 | "tag":"Global", 262 | "type":"selector", 263 | "outbounds":[ 264 | "HongKong", 265 | "TaiWan", 266 | "Singapore", 267 | "Japan", 268 | "America", 269 | "Others", 270 | "direct" 271 | ] 272 | }, 273 | { 274 | "tag":"China", 275 | "type":"selector", 276 | "outbounds":[ 277 | "direct", 278 | "Proxy" 279 | ] 280 | }, 281 | { 282 | "tag":"AdBlock", 283 | "type":"selector", 284 | "outbounds":[ 285 | "block", 286 | "direct" 287 | ] 288 | }, 289 | { 290 | "tag":"HongKong", 291 | "type":"selector", 292 | "outbounds":[ 293 | "{all}" 294 | ], 295 | "filter":[ 296 | {"action":"include","keywords":["🇭🇰|HK|hk|香港|港|HongKong"]} 297 | ] 298 | }, 299 | { 300 | "tag":"TaiWan", 301 | "type":"selector", 302 | "outbounds":[ 303 | "{all}" 304 | ], 305 | "filter":[ 306 | {"action":"include","keywords":["🇹🇼|TW|tw|台湾|臺灣|台|Taiwan"]} 307 | ] 308 | }, 309 | { 310 | "tag":"Singapore", 311 | "type":"selector", 312 | "outbounds":[ 313 | "{all}" 314 | ], 315 | "filter":[ 316 | {"action":"include","keywords":["🇸🇬|SG|sg|新加坡|狮|Singapore"]} 317 | ] 318 | }, 319 | { 320 | "tag":"Japan", 321 | "type":"selector", 322 | "outbounds":[ 323 | "{all}" 324 | ], 325 | "filter":[ 326 | {"action":"include","keywords":["🇯🇵|JP|jp|日本|日|Japan"]} 327 | ] 328 | }, 329 | { 330 | "tag":"America", 331 | "type":"selector", 332 | "outbounds":[ 333 | "{all}" 334 | ], 335 | "filter":[ 336 | {"action":"include","keywords":["🇺🇸|US|us|美国|美|United States"]} 337 | ] 338 | }, 339 | { 340 | "tag":"Others", 341 | "type":"selector", 342 | "outbounds":[ 343 | "{all}" 344 | ], 345 | "filter":[ 346 | {"action":"exclude","keywords":["🇭🇰|HK|hk|香港|香|🇹🇼|TW|tw|台湾|台|🇸🇬|SG|sg|新加坡|狮|🇯🇵|JP|jp|日本|日|🇺🇸|US|us|美国|美"]} 347 | ] 348 | }, 349 | { 350 | "tag":"auto", 351 | "type":"urltest", 352 | "outbounds":[ 353 | "{all}" 354 | ], 355 | "filter":[ 356 | {"action":"exclude","keywords":["网站|地址|剩余|过期|时间|有效"]} 357 | ], 358 | "url": "http://www.gstatic.com/generate_204", 359 | "interval": "10m", 360 | "tolerance": 50 361 | }, 362 | { 363 | "type": "direct", 364 | "tag": "direct" 365 | }, 366 | { 367 | "type": "block", 368 | "tag": "block" 369 | }, 370 | { 371 | "type": "dns", 372 | "tag": "dns-out" 373 | } 374 | ], 375 | "route": { 376 | "rules": [ 377 | { 378 | "inbound": "dns-in", 379 | "outbound": "dns-out" 380 | }, 381 | { 382 | "clash_mode": "direct", 383 | "outbound": "direct" 384 | }, 385 | { 386 | "clash_mode": "global", 387 | "outbound": "Proxy" 388 | }, 389 | { 390 | "network": "udp", 391 | "port": 443, 392 | "outbound": "block" 393 | }, 394 | { 395 | "ip_is_private": true, 396 | "outbound": "direct" 397 | }, 398 | { 399 | "domain_suffix": [ 400 | "browserleaks.com" 401 | ], 402 | "outbound": "Proxy" 403 | }, 404 | { 405 | "domain_suffix": [ 406 | "googleapis.com", 407 | "googleapis.cn", 408 | "gstatic.com" 409 | ], 410 | "outbound": "Proxy" 411 | }, 412 | { 413 | "domain_suffix": [ 414 | "office365.com", 415 | "office.com" 416 | ], 417 | "outbound": "direct" 418 | }, 419 | { 420 | "rule_set": [ 421 | 422 | "geosite-cn" 423 | ], 424 | "outbound": "China" 425 | }, 426 | { 427 | "rule_set": "geosite-category-games", 428 | "outbound": "Games" 429 | }, 430 | { 431 | "rule_set": "geoip-cn", 432 | "outbound": "China" 433 | }, 434 | { 435 | "rule_set": "geosite-openai", 436 | "outbound": "OpenAI" 437 | }, 438 | { 439 | "rule_set": [ 440 | "geosite-youtube", 441 | "geoip-google", 442 | "geosite-google", 443 | "geosite-github" 444 | ], 445 | "outbound": "Google" 446 | }, 447 | { 448 | "rule_set": [ 449 | "geoip-telegram", 450 | "geosite-telegram" 451 | ], 452 | "outbound": "Telegram" 453 | }, 454 | { 455 | "rule_set": [ 456 | "geoip-twitter", 457 | "geosite-twitter" 458 | ], 459 | "outbound": "Twitter" 460 | }, 461 | { 462 | "rule_set": [ 463 | "geoip-facebook", 464 | "geosite-facebook" 465 | ], 466 | "outbound": "Facebook" 467 | }, 468 | { 469 | "rule_set": [ 470 | "geoip-bilibili", 471 | "geosite-bilibili" 472 | ], 473 | "outbound": "BiliBili" 474 | }, 475 | { 476 | "rule_set": "geosite-bahamut", 477 | "outbound": "Bahamut" 478 | }, 479 | { 480 | "rule_set": "geosite-spotify", 481 | "outbound": "Spotify" 482 | }, 483 | { 484 | "rule_set": "geosite-tiktok", 485 | "outbound": "TikTok" 486 | }, 487 | { 488 | "rule_set": [ 489 | "geoip-netflix", 490 | "geosite-netflix" 491 | ], 492 | "outbound": "NETFLIX" 493 | }, 494 | { 495 | "rule_set": "geosite-disney", 496 | "outbound": "Disney+" 497 | }, 498 | { 499 | "rule_set": [ 500 | "geoip-apple", 501 | "geosite-apple", 502 | "geosite-amazon" 503 | ], 504 | "outbound": "Apple" 505 | }, 506 | { 507 | "rule_set": "geosite-microsoft", 508 | "outbound": "Microsoft" 509 | }, 510 | { 511 | "rule_set": [ 512 | "geosite-hbo", 513 | "geosite-primevideo" 514 | ], 515 | "outbound": "Streaming" 516 | }, 517 | { 518 | "rule_set": "geosite-geolocation-!cn", 519 | "outbound": "Proxy" 520 | }, 521 | { 522 | "rule_set": "geoip-cn", 523 | "invert": true, 524 | "outbound": "Proxy" 525 | } 526 | ], 527 | "rule_set": [ 528 | { 529 | "tag": "geoip-google", 530 | "type": "remote", 531 | "format": "binary", 532 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/google.srs", 533 | "download_detour": "direct", 534 | "update_interval": "7d" 535 | }, 536 | { 537 | "tag": "geoip-telegram", 538 | "type": "remote", 539 | "format": "binary", 540 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/telegram.srs", 541 | "download_detour": "direct", 542 | "update_interval": "7d" 543 | }, 544 | { 545 | "tag": "geoip-twitter", 546 | "type": "remote", 547 | "format": "binary", 548 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/twitter.srs", 549 | "download_detour": "direct", 550 | "update_interval": "7d" 551 | }, 552 | { 553 | "tag": "geoip-facebook", 554 | "type": "remote", 555 | "format": "binary", 556 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/facebook.srs", 557 | "download_detour": "direct", 558 | "update_interval": "7d" 559 | }, 560 | { 561 | "tag": "geoip-netflix", 562 | "type": "remote", 563 | "format": "binary", 564 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/netflix.srs", 565 | "download_detour": "direct", 566 | "update_interval": "7d" 567 | }, 568 | { 569 | "tag": "geoip-cn", 570 | "type": "remote", 571 | "format": "binary", 572 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs", 573 | "download_detour": "direct", 574 | "update_interval": "7d" 575 | }, 576 | { 577 | "tag": "geoip-hk", 578 | "type": "remote", 579 | "format": "binary", 580 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/hk.srs", 581 | "download_detour": "direct", 582 | "update_interval": "7d" 583 | }, 584 | { 585 | "tag": "geoip-mo", 586 | "type": "remote", 587 | "format": "binary", 588 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/mo.srs", 589 | "download_detour": "direct", 590 | "update_interval": "7d" 591 | }, 592 | { 593 | "tag": "geosite-openai", 594 | "type": "remote", 595 | "format": "binary", 596 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/openai.srs", 597 | "download_detour": "direct", 598 | "update_interval": "7d" 599 | }, 600 | { 601 | "tag": "geosite-youtube", 602 | "type": "remote", 603 | "format": "binary", 604 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/youtube.srs", 605 | "download_detour": "direct", 606 | "update_interval": "7d" 607 | }, 608 | { 609 | "tag": "geosite-google", 610 | "type": "remote", 611 | "format": "binary", 612 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/google.srs", 613 | "download_detour": "direct", 614 | "update_interval": "7d" 615 | }, 616 | { 617 | "tag": "geosite-github", 618 | "type": "remote", 619 | "format": "binary", 620 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/github.srs", 621 | "download_detour": "direct", 622 | "update_interval": "7d" 623 | }, 624 | { 625 | "tag": "geosite-telegram", 626 | "type": "remote", 627 | "format": "binary", 628 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/telegram.srs", 629 | "download_detour": "direct", 630 | "update_interval": "7d" 631 | }, 632 | { 633 | "tag": "geosite-twitter", 634 | "type": "remote", 635 | "format": "binary", 636 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/twitter.srs", 637 | "download_detour": "direct", 638 | "update_interval": "7d" 639 | }, 640 | { 641 | "tag": "geosite-facebook", 642 | "type": "remote", 643 | "format": "binary", 644 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/facebook.srs", 645 | "download_detour": "direct", 646 | "update_interval": "7d" 647 | }, 648 | { 649 | "tag": "geosite-instagram", 650 | "type": "remote", 651 | "format": "binary", 652 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/instagram.srs", 653 | "download_detour": "direct", 654 | "update_interval": "7d" 655 | }, 656 | { 657 | "tag": "geosite-amazon", 658 | "type": "remote", 659 | "format": "binary", 660 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/amazon.srs", 661 | "download_detour": "direct", 662 | "update_interval": "7d" 663 | }, 664 | { 665 | "tag": "geosite-apple", 666 | "type": "remote", 667 | "format": "binary", 668 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/apple.srs", 669 | "download_detour": "direct", 670 | "update_interval": "7d" 671 | }, 672 | { 673 | "tag": "geoip-apple", 674 | "type": "remote", 675 | "format": "binary", 676 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo-lite/geoip/apple.srs", 677 | "download_detour": "direct" 678 | }, 679 | { 680 | "tag": "geosite-apple-cn", 681 | "type": "remote", 682 | "format": "binary", 683 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/apple@cn.srs", 684 | "download_detour": "direct", 685 | "update_interval": "7d" 686 | }, 687 | { 688 | "tag": "geosite-microsoft", 689 | "type": "remote", 690 | "format": "binary", 691 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/microsoft.srs", 692 | "download_detour": "direct", 693 | "update_interval": "7d" 694 | }, 695 | { 696 | "tag": "geosite-spotify", 697 | "type": "remote", 698 | "format": "binary", 699 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/spotify.srs", 700 | "download_detour": "direct" 701 | }, 702 | { 703 | "tag": "geosite-microsoft-cn", 704 | "type": "remote", 705 | "format": "binary", 706 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/microsoft@cn.srs", 707 | "download_detour": "direct", 708 | "update_interval": "7d" 709 | }, 710 | { 711 | "tag": "geosite-category-games", 712 | "type": "remote", 713 | "format": "binary", 714 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-games.srs", 715 | "download_detour": "direct", 716 | "update_interval": "7d" 717 | }, 718 | { 719 | "tag": "geosite-category-games-cn", 720 | "type": "remote", 721 | "format": "binary", 722 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-games@cn.srs", 723 | "download_detour": "direct", 724 | "update_interval": "7d" 725 | }, 726 | { 727 | "tag": "geosite-bilibili", 728 | "type": "remote", 729 | "format": "binary", 730 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/bilibili.srs", 731 | "download_detour": "direct", 732 | "update_interval": "7d" 733 | }, 734 | { 735 | "tag": "geoip-bilibili", 736 | "type": "remote", 737 | "format": "binary", 738 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo-lite/geoip/bilibili.srs", 739 | "download_detour": "direct" 740 | }, 741 | { 742 | "tag": "geosite-tiktok", 743 | "type": "remote", 744 | "format": "binary", 745 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/tiktok.srs", 746 | "download_detour": "direct", 747 | "update_interval": "7d" 748 | }, 749 | { 750 | "tag": "geosite-netflix", 751 | "type": "remote", 752 | "format": "binary", 753 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/netflix.srs", 754 | "download_detour": "direct", 755 | "update_interval": "7d" 756 | }, 757 | { 758 | "tag": "geosite-hbo", 759 | "type": "remote", 760 | "format": "binary", 761 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/hbo.srs", 762 | "download_detour": "direct", 763 | "update_interval": "7d" 764 | }, 765 | { 766 | "tag": "geosite-disney", 767 | "type": "remote", 768 | "format": "binary", 769 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/disney.srs", 770 | "download_detour": "direct", 771 | "update_interval": "7d" 772 | }, 773 | { 774 | "tag": "geosite-primevideo", 775 | "type": "remote", 776 | "format": "binary", 777 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/primevideo.srs", 778 | "download_detour": "direct", 779 | "update_interval": "7d" 780 | }, 781 | { 782 | "tag": "geosite-cn", 783 | "type": "remote", 784 | "format": "binary", 785 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/cn.srs", 786 | "download_detour": "direct", 787 | "update_interval": "7d" 788 | }, 789 | { 790 | "tag": "geosite-geolocation-!cn", 791 | "type": "remote", 792 | "format": "binary", 793 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs", 794 | "download_detour": "direct", 795 | "update_interval": "7d" 796 | }, 797 | { 798 | "tag": "geosite-category-ads-all", 799 | "type": "remote", 800 | "format": "binary", 801 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-ads-all.srs", 802 | "download_detour": "direct", 803 | "update_interval": "7d" 804 | }, 805 | 806 | { 807 | "tag": "geosite-category-scholar-!cn", 808 | "type": "remote", 809 | "format": "binary", 810 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-scholar-!cn.srs", 811 | "download_detour": "direct", 812 | "update_interval": "7d" 813 | }, 814 | { 815 | "tag": "geosite-bahamut", 816 | "type": "remote", 817 | "format": "binary", 818 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/bahamut.srs", 819 | "download_detour": "direct" 820 | }, 821 | { 822 | "tag": "geosite-category-scholar-cn", 823 | "type": "remote", 824 | "format": "binary", 825 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-scholar-cn.srs", 826 | "download_detour": "direct", 827 | "update_interval": "7d" 828 | } 829 | ], 830 | "final": "Proxy", 831 | "auto_detect_interface": true, 832 | "default_mark": 1 833 | }, 834 | "experimental": { 835 | "clash_api": { 836 | "external_controller": "0.0.0.0:9090", 837 | "external_ui": "/etc/sing-box/ui", 838 | "secret": "", 839 | "external_ui_download_url": "https://github.com/MetaCubeX/metacubexd/archive/gh-pages.zip", 840 | "external_ui_download_detour": "Proxy", 841 | "default_mode": "rule" 842 | }, 843 | "cache_file": { 844 | "enabled": true, 845 | "path": "/etc/sing-box/cache.db", 846 | "cache_id": "my_profile1", 847 | "store_fakeip": true 848 | } 849 | } 850 | } 851 | -------------------------------------------------------------------------------- /config/sb-o.json: -------------------------------------------------------------------------------- 1 | # 本次配置文件的更新是为了FAKE v6 添加。 以及去除了 protocol and ports 53 -> dns out 的配置 2 | # "inet6_range": "f2b0::/18" , f2b0::/18 加到 OPN 静态路由 或者 别名中 。 3 | 4 | { 5 | "log": { 6 | "disabled": false, 7 | "level": "info", 8 | "output": "usr/local/etc/sing-box/sing-box.log", 9 | "timestamp": true 10 | }, 11 | "dns": { 12 | "servers": [ 13 | { 14 | "tag": "nodedns", 15 | "address": "tls://223.5.5.5:853", 16 | "detour": "direct" 17 | }, 18 | { 19 | "tag": "fakeipDNS", 20 | "address": "fakeip" 21 | }, 22 | { 23 | "tag": "block", 24 | "address": "rcode://success" 25 | } 26 | ], 27 | "rules": [ 28 | { 29 | "query_type": [ 30 | "SVCB" 31 | ], 32 | "server": "block" 33 | }, 34 | { 35 | "inbound": "dns-in", 36 | "server": "fakeipDNS", 37 | "disable_cache": false, 38 | "rewrite_ttl": 1 39 | }, 40 | { 41 | "outbound": "any", 42 | "server": "nodedns", 43 | "disable_cache": true 44 | } 45 | ], 46 | "fakeip": { 47 | "enabled": true, 48 | "inet4_range": "28.0.0.1/8", 49 | "inet6_range": "f2b0::/18" 50 | }, 51 | "independent_cache": true 52 | }, 53 | "inbounds": [ 54 | { 55 | "type": "mixed", 56 | "listen": "::", 57 | "listen_port": 10000 58 | }, 59 | { 60 | "type": "direct", # 这个6666 端口号 , 和MOSDNS remote 中的端口号一致 61 | "tag": "dns-in", 62 | "listen": "::", 63 | "listen_port": 6666 64 | }, 65 | { 66 | "type": "hysteria2", 67 | "tag": "hy2-in", 68 | "listen": "::", 69 | "listen_port": 8443, 70 | "sniff": true, 71 | "sniff_override_destination": false, 72 | "sniff_timeout": "100ms", 73 | "users": [ 74 | { 75 | "password": "" # 密码 76 | } 77 | ], 78 | "ignore_client_bandwidth": true, 79 | "tls": { 80 | "enabled": true, 81 | "alpn": [ 82 | "h3" 83 | ], 84 | "certificate_path": "/root/hysteria/cert.pem", 85 | "key_path": "/root/hysteria/private.key" 86 | } 87 | }, 88 | { 89 | "type": "tproxy", 90 | "tag": "tproxy-in", 91 | "listen": "::", 92 | "listen_port": 7896, 93 | "tcp_fast_open": true, 94 | "sniff": true, 95 | "sniff_override_destination": false, 96 | "sniff_timeout": "100ms" 97 | } 98 | ], 99 | "outbounds": [ 100 | { 101 | "tag":"♾️Global", # 这里我列举了三个出站配置, brutal V4 , brutal V6 , grpc, 何如填写配置不再说明, 关于V6 IP 的填写见 "server": "[]", 的说明 102 | "type":"selector", 103 | "outbounds":[ 104 | "♾️grpc", 105 | "♾️brutal_v4", 106 | "♾️brutal_v6" 107 | ] 108 | }, 109 | { 110 | "type": "vless", 111 | "tag": "♾️grpc", 112 | "server": "", 113 | "server_port": 443, 114 | "uuid": "", 115 | "tls": { 116 | "enabled": true, 117 | "server_name": "", 118 | "utls": { 119 | "enabled": true, 120 | "fingerprint": "chrome" 121 | } 122 | }, 123 | "packet_encoding": "xudp", 124 | "transport": { 125 | "type": "grpc", 126 | "service_name": "" 127 | } 128 | }, 129 | { 130 | "type": "vless", 131 | "tag": "♾️brutal_v4", 132 | "uuid": "", 133 | "packet_encoding": "xudp", 134 | "server": "", # VPS 上V4 地址 135 | "server_port": , 136 | "flow": "", 137 | "tls": { 138 | "enabled": true, 139 | "server_name": "", 140 | "utls": { 141 | "enabled": true, 142 | "fingerprint": "chrome" 143 | }, 144 | "reality": { 145 | "enabled": true, 146 | "public_key": "", 147 | "short_id": "" 148 | } 149 | }, 150 | "multiplex": { 151 | "enabled": true, 152 | "protocol": "h2mux", 153 | "max_connections": 1, 154 | "min_streams": 2, 155 | "padding": true, 156 | "brutal": { 157 | "enabled": true, 158 | "up_mbps": 50, 159 | "down_mbps": 800 160 | } 161 | } 162 | }, 163 | { 164 | "type": "vless", 165 | "tag": "♾️brutal_v6", 166 | "uuid": "", 167 | "packet_encoding": "xudp", 168 | "server": "[]", # VPS 上V6的地址,[] 里面打V6 的IP 169 | "server_port": , 170 | "flow": "", 171 | "tls": { 172 | "enabled": true, 173 | "server_name": "", 174 | "utls": { 175 | "enabled": true, 176 | "fingerprint": "chrome" 177 | }, 178 | "reality": { 179 | "enabled": true, 180 | "public_key": "", 181 | "short_id": "" 182 | } 183 | }, 184 | "multiplex": { 185 | "enabled": true, 186 | "protocol": "h2mux", 187 | "max_connections": 1, 188 | "min_streams": 2, 189 | "padding": true, 190 | "brutal": { 191 | "enabled": true, 192 | "up_mbps": 50, 193 | "down_mbps": 800 194 | } 195 | } 196 | }, 197 | { 198 | "type": "direct", 199 | "tag": "direct" 200 | }, 201 | { 202 | "type": "block", 203 | "tag": "block" 204 | }, 205 | { 206 | "type": "dns", 207 | "tag": "dns-out" 208 | } 209 | ], 210 | "route": { 211 | "rules": [ 212 | { 213 | "inbound": "dns-in", 214 | "outbound": "dns-out" 215 | }, 216 | { 217 | "clash_mode": "direct", 218 | "outbound": "direct" 219 | }, 220 | { 221 | "clash_mode": "global", 222 | "outbound": "♾️Global" 223 | }, 224 | { 225 | "network": "udp", 226 | "port": 443, 227 | "outbound": "block" 228 | }, 229 | { 230 | "ip_is_private": true, 231 | "outbound": "direct" 232 | }, 233 | { 234 | "domain_suffix": [ 235 | "browserleaks.com" 236 | ], 237 | "outbound": "♾️Global" 238 | }, 239 | { 240 | "domain_suffix": [ 241 | "googleapis.com", 242 | "googleapis.cn", 243 | "gstatic.com" 244 | ], 245 | "outbound": "♾️Global" 246 | }, 247 | { 248 | "domain_suffix": [ 249 | "office365.com", 250 | "office.com" 251 | ], 252 | "outbound": "direct" 253 | }, 254 | { 255 | "domain_suffix": [ 256 | "push.apple.com", 257 | "iphone-ld.apple.com", 258 | "lcdn-locator.apple.com", 259 | "lcdn-registration.apple.com" 260 | ], 261 | "outbound": "direct" 262 | }, 263 | { 264 | "rule_set": "geosite-cn", 265 | "outbound": "direct" 266 | }, 267 | { 268 | "rule_set": "geosite-category-games-cn", 269 | "outbound": "direct" 270 | }, 271 | { 272 | "rule_set": [ 273 | "geosite-category-scholar-!cn", 274 | "geosite-category-scholar-cn" 275 | ], 276 | "outbound": "direct" 277 | }, 278 | { 279 | "rule_set": "geoip-cn", 280 | "outbound": "direct" 281 | }, 282 | { 283 | "rule_set": "geosite-geolocation-!cn", 284 | "outbound": "♾️Global" 285 | }, 286 | { 287 | "rule_set": [ 288 | "geoip-telegram", 289 | "geosite-telegram" 290 | ], 291 | "outbound": "♾️Global" 292 | }, 293 | { 294 | "rule_set": [ 295 | "geoip-google", 296 | "geosite-google" 297 | ], 298 | "outbound": "♾️Global" 299 | }, 300 | { 301 | "rule_set": "geoip-cn", 302 | "invert": true, 303 | "outbound": "♾️Global" 304 | } 305 | ], 306 | "rule_set": [ 307 | { 308 | "tag": "geoip-google", 309 | "type": "remote", 310 | "format": "binary", 311 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/google.srs", 312 | "download_detour": "direct", 313 | "update_interval": "7d" 314 | }, 315 | { 316 | "tag": "geoip-telegram", 317 | "type": "remote", 318 | "format": "binary", 319 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/telegram.srs", 320 | "download_detour": "direct", 321 | "update_interval": "7d" 322 | }, 323 | { 324 | "tag": "geoip-twitter", 325 | "type": "remote", 326 | "format": "binary", 327 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/twitter.srs", 328 | "download_detour": "direct", 329 | "update_interval": "7d" 330 | }, 331 | { 332 | "tag": "geoip-facebook", 333 | "type": "remote", 334 | "format": "binary", 335 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/facebook.srs", 336 | "download_detour": "direct", 337 | "update_interval": "7d" 338 | }, 339 | { 340 | "tag": "geoip-netflix", 341 | "type": "remote", 342 | "format": "binary", 343 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/netflix.srs", 344 | "download_detour": "direct", 345 | "update_interval": "7d" 346 | }, 347 | { 348 | "tag": "geoip-cn", 349 | "type": "remote", 350 | "format": "binary", 351 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs", 352 | "download_detour": "direct", 353 | "update_interval": "7d" 354 | }, 355 | { 356 | "tag": "geoip-hk", 357 | "type": "remote", 358 | "format": "binary", 359 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/hk.srs", 360 | "download_detour": "direct", 361 | "update_interval": "7d" 362 | }, 363 | { 364 | "tag": "geoip-mo", 365 | "type": "remote", 366 | "format": "binary", 367 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/mo.srs", 368 | "download_detour": "direct", 369 | "update_interval": "7d" 370 | }, 371 | { 372 | "tag": "geosite-openai", 373 | "type": "remote", 374 | "format": "binary", 375 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/openai.srs", 376 | "download_detour": "direct", 377 | "update_interval": "7d" 378 | }, 379 | { 380 | "tag": "geosite-youtube", 381 | "type": "remote", 382 | "format": "binary", 383 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/youtube.srs", 384 | "download_detour": "direct", 385 | "update_interval": "7d" 386 | }, 387 | { 388 | "tag": "geosite-google", 389 | "type": "remote", 390 | "format": "binary", 391 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/google.srs", 392 | "download_detour": "direct", 393 | "update_interval": "7d" 394 | }, 395 | { 396 | "tag": "geosite-github", 397 | "type": "remote", 398 | "format": "binary", 399 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/github.srs", 400 | "download_detour": "direct", 401 | "update_interval": "7d" 402 | }, 403 | { 404 | "tag": "geosite-telegram", 405 | "type": "remote", 406 | "format": "binary", 407 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/telegram.srs", 408 | "download_detour": "direct", 409 | "update_interval": "7d" 410 | }, 411 | { 412 | "tag": "geosite-twitter", 413 | "type": "remote", 414 | "format": "binary", 415 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/twitter.srs", 416 | "download_detour": "direct", 417 | "update_interval": "7d" 418 | }, 419 | { 420 | "tag": "geosite-facebook", 421 | "type": "remote", 422 | "format": "binary", 423 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/facebook.srs", 424 | "download_detour": "direct", 425 | "update_interval": "7d" 426 | }, 427 | { 428 | "tag": "geosite-instagram", 429 | "type": "remote", 430 | "format": "binary", 431 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/instagram.srs", 432 | "download_detour": "direct", 433 | "update_interval": "7d" 434 | }, 435 | { 436 | "tag": "geosite-amazon", 437 | "type": "remote", 438 | "format": "binary", 439 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/amazon.srs", 440 | "download_detour": "direct", 441 | "update_interval": "7d" 442 | }, 443 | { 444 | "tag": "geosite-apple", 445 | "type": "remote", 446 | "format": "binary", 447 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/apple.srs", 448 | "download_detour": "direct", 449 | "update_interval": "7d" 450 | }, 451 | { 452 | "tag": "geosite-apple-cn", 453 | "type": "remote", 454 | "format": "binary", 455 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/apple@cn.srs", 456 | "download_detour": "direct", 457 | "update_interval": "7d" 458 | }, 459 | { 460 | "tag": "geosite-microsoft", 461 | "type": "remote", 462 | "format": "binary", 463 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/microsoft.srs", 464 | "download_detour": "direct", 465 | "update_interval": "7d" 466 | }, 467 | { 468 | "tag": "geosite-microsoft-cn", 469 | "type": "remote", 470 | "format": "binary", 471 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/microsoft@cn.srs", 472 | "download_detour": "direct", 473 | "update_interval": "7d" 474 | }, 475 | { 476 | "tag": "geosite-category-games", 477 | "type": "remote", 478 | "format": "binary", 479 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-games.srs", 480 | "download_detour": "direct", 481 | "update_interval": "7d" 482 | }, 483 | { 484 | "tag": "geosite-category-games-cn", 485 | "type": "remote", 486 | "format": "binary", 487 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-games@cn.srs", 488 | "download_detour": "direct", 489 | "update_interval": "7d" 490 | }, 491 | { 492 | "tag": "geosite-bilibili", 493 | "type": "remote", 494 | "format": "binary", 495 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/bilibili.srs", 496 | "download_detour": "direct", 497 | "update_interval": "7d" 498 | }, 499 | { 500 | "tag": "geosite-tiktok", 501 | "type": "remote", 502 | "format": "binary", 503 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/tiktok.srs", 504 | "download_detour": "direct", 505 | "update_interval": "7d" 506 | }, 507 | { 508 | "tag": "geosite-netflix", 509 | "type": "remote", 510 | "format": "binary", 511 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/netflix.srs", 512 | "download_detour": "direct", 513 | "update_interval": "7d" 514 | }, 515 | { 516 | "tag": "geosite-hbo", 517 | "type": "remote", 518 | "format": "binary", 519 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/hbo.srs", 520 | "download_detour": "direct", 521 | "update_interval": "7d" 522 | }, 523 | { 524 | "tag": "geosite-disney", 525 | "type": "remote", 526 | "format": "binary", 527 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/disney.srs", 528 | "download_detour": "direct", 529 | "update_interval": "7d" 530 | }, 531 | { 532 | "tag": "geosite-primevideo", 533 | "type": "remote", 534 | "format": "binary", 535 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/primevideo.srs", 536 | "download_detour": "direct", 537 | "update_interval": "7d" 538 | }, 539 | { 540 | "tag": "geosite-cn", 541 | "type": "remote", 542 | "format": "binary", 543 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/cn.srs", 544 | "download_detour": "direct", 545 | "update_interval": "7d" 546 | }, 547 | { 548 | "tag": "geosite-geolocation-!cn", 549 | "type": "remote", 550 | "format": "binary", 551 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs", 552 | "download_detour": "direct", 553 | "update_interval": "7d" 554 | }, 555 | { 556 | "tag": "geosite-category-ads-all", 557 | "type": "remote", 558 | "format": "binary", 559 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-ads-all.srs", 560 | "download_detour": "direct", 561 | "update_interval": "7d" 562 | }, 563 | { 564 | "tag": "geosite-category-scholar-!cn", 565 | "type": "remote", 566 | "format": "binary", 567 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-scholar-!cn.srs", 568 | "download_detour": "direct", 569 | "update_interval": "7d" 570 | }, 571 | { 572 | "tag": "geosite-category-scholar-cn", 573 | "type": "remote", 574 | "format": "binary", 575 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-scholar-cn.srs", 576 | "download_detour": "direct", 577 | "update_interval": "7d" 578 | } 579 | ], 580 | "final": "♾️Global", 581 | "auto_detect_interface": true, 582 | "default_mark": 1 583 | }, 584 | "experimental": { 585 | "clash_api": { 586 | "external_controller": "0.0.0.0:9090", 587 | "external_ui": "/usr/local/etc/sing-box/ui", 588 | "secret": "", 589 | "external_ui_download_url": "https://github.com/MetaCubeX/metacubexd/archive/gh-pages.zip", 590 | "external_ui_download_detour": "♾️Global", 591 | "default_mode": "rule" 592 | }, 593 | "cache_file": { 594 | "enabled": true, 595 | "path": "/root/cache.db", 596 | "cache_id": "my_profile1", 597 | "store_fakeip": true 598 | } 599 | } 600 | } 601 | -------------------------------------------------------------------------------- /fake-ip.json: -------------------------------------------------------------------------------- 1 | { 2 | "log": { 3 | "disabled": false, 4 | "level": "info", 5 | "output": "/etc/sing-box/sing-box.log", 6 | "timestamp": true 7 | }, 8 | "dns": { 9 | "servers": [ 10 | { 11 | "tag": "nodedns", 12 | "address": "tls://223.5.5.5:853", 13 | "detour": "direct" 14 | }, 15 | { 16 | "tag": "fakeipDNS", 17 | "address": "fakeip" 18 | }, 19 | { 20 | "tag": "block", 21 | "address": "rcode://success" 22 | } 23 | ], 24 | "rules": [ 25 | { 26 | "query_type": [ 27 | "SVCB" 28 | ], 29 | "server": "block" 30 | }, 31 | { 32 | "inbound": "dns-in", 33 | "server": "fakeipDNS", 34 | "disable_cache": false, 35 | "rewrite_ttl": 1 36 | }, 37 | { 38 | "outbound": "any", 39 | "server": "nodedns", 40 | "disable_cache": true 41 | } 42 | ], 43 | "fakeip": { 44 | "enabled": true, 45 | "inet4_range": "28.0.0.1/8", 46 | "inet6_range": "f2b0::/18" 47 | }, 48 | "independent_cache": true 49 | }, 50 | "inbounds": [ 51 | { 52 | "type": "mixed", 53 | "listen": "::", 54 | "listen_port": 10000 55 | }, 56 | { 57 | "type": "direct", 58 | "tag": "dns-in", 59 | "listen": "::", 60 | "listen_port": 6666 61 | }, 62 | { 63 | "type": "tproxy", 64 | "tag": "tproxy-in", 65 | "listen": "::", 66 | "listen_port": 7896, 67 | "tcp_fast_open": true, 68 | "sniff": true, 69 | "sniff_override_destination": false, 70 | "sniff_timeout": "100ms" 71 | } 72 | ], 73 | "outbounds": [ 74 | { 75 | "tag":"♾️Global", 76 | "type":"selector", 77 | "outbounds":[ 78 | "{all}" 79 | ] 80 | }, 81 | { 82 | "type": "direct", 83 | "tag": "direct" 84 | }, 85 | { 86 | "type": "block", 87 | "tag": "block" 88 | }, 89 | { 90 | "type": "dns", 91 | "tag": "dns-out" 92 | } 93 | ], 94 | "route": { 95 | "rules": [ 96 | { 97 | "inbound": "dns-in", 98 | "outbound": "dns-out" 99 | }, 100 | { 101 | "clash_mode": "direct", 102 | "outbound": "direct" 103 | }, 104 | { 105 | "clash_mode": "global", 106 | "outbound": "♾️Global" 107 | }, 108 | { 109 | "network": "udp", 110 | "port": 443, 111 | "outbound": "block" 112 | }, 113 | { 114 | "ip_is_private": true, 115 | "outbound": "direct" 116 | }, 117 | { 118 | "domain_suffix": [ 119 | "browserleaks.com" 120 | ], 121 | "outbound": "♾️Global" 122 | }, 123 | { 124 | "domain_suffix": [ 125 | "googleapis.com", 126 | "googleapis.cn", 127 | "gstatic.com" 128 | ], 129 | "outbound": "♾️Global" 130 | }, 131 | { 132 | "domain_suffix": [ 133 | "office365.com", 134 | "office.com" 135 | ], 136 | "outbound": "direct" 137 | }, 138 | { 139 | "domain_suffix": [ 140 | "push.apple.com", 141 | "iphone-ld.apple.com", 142 | "lcdn-locator.apple.com", 143 | "lcdn-registration.apple.com" 144 | ], 145 | "outbound": "direct" 146 | }, 147 | { 148 | "rule_set": "geosite-cn", 149 | "outbound": "direct" 150 | }, 151 | { 152 | "rule_set": "geosite-category-games-cn", 153 | "outbound": "direct" 154 | }, 155 | { 156 | "rule_set": [ 157 | "geosite-category-scholar-!cn", 158 | "geosite-category-scholar-cn" 159 | ], 160 | "outbound": "direct" 161 | }, 162 | { 163 | "rule_set": "geoip-cn", 164 | "outbound": "direct" 165 | }, 166 | { 167 | "rule_set": "geosite-geolocation-!cn", 168 | "outbound": "♾️Global" 169 | }, 170 | { 171 | "rule_set": [ 172 | "geoip-telegram", 173 | "geosite-telegram" 174 | ], 175 | "outbound": "♾️Global" 176 | }, 177 | { 178 | "rule_set": [ 179 | "geoip-google", 180 | "geosite-google" 181 | ], 182 | "outbound": "♾️Global" 183 | }, 184 | { 185 | "rule_set": "geoip-cn", 186 | "invert": true, 187 | "outbound": "♾️Global" 188 | } 189 | ], 190 | "rule_set": [ 191 | { 192 | "tag": "geoip-google", 193 | "type": "remote", 194 | "format": "binary", 195 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/google.srs", 196 | "download_detour": "direct", 197 | "update_interval": "7d" 198 | }, 199 | { 200 | "tag": "geoip-telegram", 201 | "type": "remote", 202 | "format": "binary", 203 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/telegram.srs", 204 | "download_detour": "direct", 205 | "update_interval": "7d" 206 | }, 207 | { 208 | "tag": "geoip-twitter", 209 | "type": "remote", 210 | "format": "binary", 211 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/twitter.srs", 212 | "download_detour": "direct", 213 | "update_interval": "7d" 214 | }, 215 | { 216 | "tag": "geoip-facebook", 217 | "type": "remote", 218 | "format": "binary", 219 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/facebook.srs", 220 | "download_detour": "direct", 221 | "update_interval": "7d" 222 | }, 223 | { 224 | "tag": "geoip-netflix", 225 | "type": "remote", 226 | "format": "binary", 227 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/netflix.srs", 228 | "download_detour": "direct", 229 | "update_interval": "7d" 230 | }, 231 | { 232 | "tag": "geoip-cn", 233 | "type": "remote", 234 | "format": "binary", 235 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs", 236 | "download_detour": "direct", 237 | "update_interval": "7d" 238 | }, 239 | { 240 | "tag": "geoip-hk", 241 | "type": "remote", 242 | "format": "binary", 243 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/hk.srs", 244 | "download_detour": "direct", 245 | "update_interval": "7d" 246 | }, 247 | { 248 | "tag": "geoip-mo", 249 | "type": "remote", 250 | "format": "binary", 251 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/mo.srs", 252 | "download_detour": "direct", 253 | "update_interval": "7d" 254 | }, 255 | { 256 | "tag": "geosite-openai", 257 | "type": "remote", 258 | "format": "binary", 259 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/openai.srs", 260 | "download_detour": "direct", 261 | "update_interval": "7d" 262 | }, 263 | { 264 | "tag": "geosite-youtube", 265 | "type": "remote", 266 | "format": "binary", 267 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/youtube.srs", 268 | "download_detour": "direct", 269 | "update_interval": "7d" 270 | }, 271 | { 272 | "tag": "geosite-google", 273 | "type": "remote", 274 | "format": "binary", 275 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/google.srs", 276 | "download_detour": "direct", 277 | "update_interval": "7d" 278 | }, 279 | { 280 | "tag": "geosite-github", 281 | "type": "remote", 282 | "format": "binary", 283 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/github.srs", 284 | "download_detour": "direct", 285 | "update_interval": "7d" 286 | }, 287 | { 288 | "tag": "geosite-telegram", 289 | "type": "remote", 290 | "format": "binary", 291 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/telegram.srs", 292 | "download_detour": "direct", 293 | "update_interval": "7d" 294 | }, 295 | { 296 | "tag": "geosite-twitter", 297 | "type": "remote", 298 | "format": "binary", 299 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/twitter.srs", 300 | "download_detour": "direct", 301 | "update_interval": "7d" 302 | }, 303 | { 304 | "tag": "geosite-facebook", 305 | "type": "remote", 306 | "format": "binary", 307 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/facebook.srs", 308 | "download_detour": "direct", 309 | "update_interval": "7d" 310 | }, 311 | { 312 | "tag": "geosite-instagram", 313 | "type": "remote", 314 | "format": "binary", 315 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/instagram.srs", 316 | "download_detour": "direct", 317 | "update_interval": "7d" 318 | }, 319 | { 320 | "tag": "geosite-amazon", 321 | "type": "remote", 322 | "format": "binary", 323 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/amazon.srs", 324 | "download_detour": "direct", 325 | "update_interval": "7d" 326 | }, 327 | { 328 | "tag": "geosite-apple", 329 | "type": "remote", 330 | "format": "binary", 331 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/apple.srs", 332 | "download_detour": "direct", 333 | "update_interval": "7d" 334 | }, 335 | { 336 | "tag": "geosite-apple-cn", 337 | "type": "remote", 338 | "format": "binary", 339 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/apple@cn.srs", 340 | "download_detour": "direct", 341 | "update_interval": "7d" 342 | }, 343 | { 344 | "tag": "geosite-microsoft", 345 | "type": "remote", 346 | "format": "binary", 347 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/microsoft.srs", 348 | "download_detour": "direct", 349 | "update_interval": "7d" 350 | }, 351 | { 352 | "tag": "geosite-microsoft-cn", 353 | "type": "remote", 354 | "format": "binary", 355 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/microsoft@cn.srs", 356 | "download_detour": "direct", 357 | "update_interval": "7d" 358 | }, 359 | { 360 | "tag": "geosite-category-games", 361 | "type": "remote", 362 | "format": "binary", 363 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-games.srs", 364 | "download_detour": "direct", 365 | "update_interval": "7d" 366 | }, 367 | { 368 | "tag": "geosite-category-games-cn", 369 | "type": "remote", 370 | "format": "binary", 371 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-games@cn.srs", 372 | "download_detour": "direct", 373 | "update_interval": "7d" 374 | }, 375 | { 376 | "tag": "geosite-bilibili", 377 | "type": "remote", 378 | "format": "binary", 379 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/bilibili.srs", 380 | "download_detour": "direct", 381 | "update_interval": "7d" 382 | }, 383 | { 384 | "tag": "geosite-tiktok", 385 | "type": "remote", 386 | "format": "binary", 387 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/tiktok.srs", 388 | "download_detour": "direct", 389 | "update_interval": "7d" 390 | }, 391 | { 392 | "tag": "geosite-netflix", 393 | "type": "remote", 394 | "format": "binary", 395 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/netflix.srs", 396 | "download_detour": "direct", 397 | "update_interval": "7d" 398 | }, 399 | { 400 | "tag": "geosite-hbo", 401 | "type": "remote", 402 | "format": "binary", 403 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/hbo.srs", 404 | "download_detour": "direct", 405 | "update_interval": "7d" 406 | }, 407 | { 408 | "tag": "geosite-disney", 409 | "type": "remote", 410 | "format": "binary", 411 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/disney.srs", 412 | "download_detour": "direct", 413 | "update_interval": "7d" 414 | }, 415 | { 416 | "tag": "geosite-primevideo", 417 | "type": "remote", 418 | "format": "binary", 419 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/primevideo.srs", 420 | "download_detour": "direct", 421 | "update_interval": "7d" 422 | }, 423 | { 424 | "tag": "geosite-cn", 425 | "type": "remote", 426 | "format": "binary", 427 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/cn.srs", 428 | "download_detour": "direct", 429 | "update_interval": "7d" 430 | }, 431 | { 432 | "tag": "geosite-geolocation-!cn", 433 | "type": "remote", 434 | "format": "binary", 435 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs", 436 | "download_detour": "direct", 437 | "update_interval": "7d" 438 | }, 439 | { 440 | "tag": "geosite-category-ads-all", 441 | "type": "remote", 442 | "format": "binary", 443 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-ads-all.srs", 444 | "download_detour": "direct", 445 | "update_interval": "7d" 446 | }, 447 | { 448 | "tag": "geosite-category-scholar-!cn", 449 | "type": "remote", 450 | "format": "binary", 451 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-scholar-!cn.srs", 452 | "download_detour": "direct", 453 | "update_interval": "7d" 454 | }, 455 | { 456 | "tag": "geosite-category-scholar-cn", 457 | "type": "remote", 458 | "format": "binary", 459 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-scholar-cn.srs", 460 | "download_detour": "direct", 461 | "update_interval": "7d" 462 | } 463 | ], 464 | "final": "♾️Global", 465 | "auto_detect_interface": true, 466 | "default_mark": 1 467 | }, 468 | "experimental": { 469 | "clash_api": { 470 | "external_controller": "0.0.0.0:9090", 471 | "external_ui": "/etc/sing-box/ui", 472 | "secret": "", 473 | "default_mode": "rule" 474 | }, 475 | "cache_file": { 476 | "enabled": true, 477 | "path": "/etc/sing-box/cache.db", 478 | "cache_id": "my_profile1", 479 | "store_fakeip": true 480 | } 481 | } 482 | } 483 | -------------------------------------------------------------------------------- /fake.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 检查是否为root用户执行 4 | [[ $EUID -ne 0 ]] && echo -e "错误:必须使用root用户运行此脚本!\n" && exit 1 5 | 6 | # 定义函数提示用户输入 7 | prompt_user() { 8 | echo -e " 9 | Herozmy 自用脚本 10 | 请选择需要管理的程序 11 | ———————————————— 12 | 1. sing-box 13 | 2. mosdns 14 | 3. 更新脚本 15 | 0. 退出脚本 16 | " 17 | 18 | } 19 | 20 | checksingbox_core(){ 21 | echo -e " 22 | 请选择sing-box核心 23 | ———————————————— 24 | 1. sing-box 官方核心 25 | 2. sing-box puer核心 26 | " 27 | while true; do 28 | read -p "请输入选择 (1 或 2): " choice 29 | 30 | if [[ $choice == 1 ]]; then 31 | check_uninstall && install_singbox 32 | break 33 | elif [[ $choice == 2 ]]; then 34 | check_uninstall && install_singbox_p 35 | break 36 | else 37 | echo "无效选择,请重新输入。" 38 | fi 39 | done 40 | } 41 | 42 | checkcore() { 43 | if [[ $system == "sing-box" ]]; then 44 | show_menu_singbox 45 | elif [[ $system == "mosdns" ]]; then 46 | show_menu_mosdns 47 | fi 48 | } 49 | 50 | show_status() { 51 | check_status 52 | case $? in 53 | 0) 54 | echo -e "$system: 已运行" 55 | 56 | ;; 57 | 1) 58 | echo -e "$system: 未运行" 59 | 60 | ;; 61 | 2) 62 | echo -e "$system: 未安装" 63 | ;; 64 | esac 65 | } 66 | 67 | check_status() { 68 | if [[ ! -f /etc/systemd/system/$system.service ]]; then 69 | return 2 70 | fi 71 | temp=$(systemctl is-active $system) 72 | if [[ $temp == "active" ]]; then 73 | return 0 74 | else 75 | return 1 76 | fi 77 | } 78 | 79 | check_uninstall() { 80 | check_status 81 | if [[ $? != 2 ]]; then 82 | echo "" 83 | echo "$system已安装,即将安装最新版本内核" 84 | if [[ $# == 0 ]]; then 85 | install_singbox_p 86 | fi 87 | return 1 88 | else 89 | return 0 90 | fi 91 | } 92 | 93 | check_uninstall_p() { 94 | check_status 95 | if [[ $? != 2 ]]; then 96 | echo "" 97 | echo "$system已安装,即将安装最新版本内核" 98 | if [[ $# == 0 ]]; then 99 | install_singbox_p 100 | fi 101 | return 1 102 | else 103 | return 0 104 | fi 105 | } 106 | 107 | install_singbox() { 108 | 109 | echo -e "编译Sing-Box 最新版本" 110 | sleep 1 111 | apt -y install curl git build-essential libssl-dev libevent-dev zlib1g-dev gcc-mingw-w64 112 | echo -e "开始编译Sing-Box 最新版本" 113 | rm -rf /root/go/bin/* 114 | Go_Version=$(curl https://github.com/golang/go/tags | grep '/releases/tag/go' | head -n 1 | gawk -F/ '{print $6}' | gawk -F\" '{print $1}') 115 | # 判断 **CPU 架构 116 | if [[ $(uname -m) == "aarch64" ]]; then 117 | arch="arm64" 118 | elif [[ $(uname -m) == "x86_64" ]]; then 119 | arch="amd64" 120 | else 121 | arch="未知" 122 | exit 0 123 | fi 124 | echo "系统架构是:$arch" 125 | wget -O ${Go_Version}.linux-$arch.tar.gz https://go.dev/dl/${Go_Version}.linux-$arch.tar.gz 126 | tar -C /usr/local -xzf ${Go_Version}.linux-$arch.tar.gz 127 | echo 'export PATH=$PATH:/usr/local/go/bin' > /etc/profile.d/golang.sh 128 | source /etc/profile.d/golang.sh 129 | if ! go install -v -tags with_quic,with_grpc,with_dhcp,with_wireguard,with_ech,with_utls,with_reality_server,with_clash_api,with_gvisor,with_v2ray_api,with_lwip,with_acme github.com/sagernet/sing-box/cmd/sing-box@latest; then 130 | echo -e "Sing-Box 编译失败!退出脚本" 131 | exit 1 132 | fi 133 | echo -e "编译完成,开始安装" 134 | sleep 1 135 | # 检查是否存在旧版本的 sing-box 136 | if [ -f "/usr/local/bin/sing-box" ]; then 137 | echo "检测到已安装的 sing-box" 138 | read -p "是否替换升级?(y/n): " replace_confirm 139 | if [ "$replace_confirm" = "y" ]; then 140 | echo "正在替换升级 sing-box" 141 | cp "$(go env GOPATH)/bin/sing-box" /usr/local/bin/ 142 | echo "正在重启sing-box" 143 | systemctl restart sing-box 144 | echo "==================================================================" 145 | echo -e "\t\t\tSing-Box 内核升级完毕" 146 | echo -e "\t\t\tPowered by www.herozmy.com 2024" 147 | echo "==================================================================" 148 | exit 0 # 替换完成后停止脚本运行 149 | else 150 | echo "用户取消了替换升级操作" 151 | fi 152 | else 153 | # 如果不存在旧版本,则直接安装新版本 154 | wget https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/install-sing-box.sh && bash install-sing-box.sh 155 | fi 156 | } 157 | 158 | install_singbox_p() { 159 | echo -e "开始安装P_sing-box" 160 | sleep 1 161 | # 判断 CPU 架构 162 | if [[ $(uname -m) == "aarch64" ]]; then 163 | arch="armv8" 164 | elif [[ $(uname -m) == "x86_64" ]]; then 165 | arch="amd64" 166 | else 167 | arch="未知" 168 | exit 0 169 | fi 170 | echo "系统架构是:$arch" 171 | 172 | #拉取github每日凌晨自动编译的核心 173 | wget -O sing-box-linux-$arch.tar.gz https://raw.githubusercontent.com/herozmy/herozmy-private/main/sing-box-puernya/sing-box-linux-$arch.tar.gz 174 | sleep 1 175 | echo -e "下载完成,开始安装" 176 | sleep 1 177 | tar -zxvf sing-box-linux-$arch.tar.gz 178 | if [ -f "/usr/local/bin/sing-box" ]; then 179 | echo "检测到已安装的 sing-box" 180 | read -p "是否替换升级?(y/n): " replace_confirm 181 | if [ "$replace_confirm" = "y" ]; then 182 | echo "正在替换升级 sing-box" 183 | mv sing-box /usr/local/bin/ 184 | systemctl restart sing-box 185 | echo "==================================================================" 186 | echo -e "\t\t\tSing-Box P核升级完毕" 187 | echo -e "\t\t\tPowered by www.herozmy.com 2024" 188 | echo "==================================================================" 189 | exit 0 # 替换完成后停止脚本运行 190 | else 191 | echo "用户取消了替换升级操作" 192 | fi 193 | else 194 | # 如果不存在旧版本,则直接安装新版本 195 | wget https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/install-sing-box-p.sh && bash install-sing-box-p.sh 196 | fi 197 | } 198 | 199 | del_singbox() { 200 | echo "开始卸载sing-box核心程序及其相关配置文件" 201 | echo "关闭sing-box" 202 | systemctl stop sing-box 203 | echo "卸载sing-box自启动" 204 | systemctl disable sing-box 205 | echo "关闭nftables防火墙规则" 206 | systemctl stop nftables 207 | echo "nftables防火墙规则" 208 | systemctl disable nftables 209 | echo "关闭sing-box路由规则" 210 | systemctl stop sing-box-router 211 | echo "卸载sing-box路由规则" 212 | systemctl disable sing-box-router 213 | 214 | 215 | echo "删除相关配置文件" 216 | rm -rf /etc/systemd/system/sing-box* 217 | 218 | rm -rf /etc/sing-box 219 | rm -f /usr/local/bin/sing-box 220 | echo "卸载完成" 221 | } 222 | 223 | del_cache() { 224 | echo "停止sing-box" 225 | systemctl stop sing-box 226 | rm -rf /etc/sing-box/cache.db 227 | echo "sing-box缓存清理完成" 228 | systemctl start sing-box 229 | echo "sing-box启动" 230 | } 231 | sub_config(){ 232 | sub_host="https://sub-singbox.herozmy.com" 233 | read -p "输入订阅连接:" suburl 234 | suburl="${suburl:-https://}" 235 | echo "已设置订阅连接地址:$suburl" 236 | echo "请选择:" 237 | echo "1. tproxy_fake_ip O大原版 <适用机场多规则分流>" 238 | echo "2. tproxy_fake_ip O大原版 <适用VPS自建模式>" 239 | read -p "请输入选项 [默认: 1]: " choice 240 | # 如果用户没有输入选择,则默认为1 241 | choice=${choice:-1} 242 | if [ $choice -eq 1 ]; then 243 | json_file="&file=https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/config/fake-ip.json" 244 | elif [ $choice -eq 2 ]; then 245 | json_file="&file=https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/fake-ip.json" 246 | else 247 | echo "无效的选择。" 248 | return 1 249 | fi 250 | curl -o config.json "${sub_host}/config/${suburl}${json_file}" 251 | # 检查下载是否成功 252 | if [ $? -eq 0 ]; then 253 | # 移动文件到目标位置 254 | mv config.json /etc/sing-box/config.json >/dev/null 2>&1 255 | echo "Sing-box配置文件写入成功!" 256 | echo "如config.json内容为空,则说明订阅问题,请重新输入订阅连接。" 257 | else 258 | echo "下载文件失败,请检查网络连接或者URL是否正确。" 259 | fi 260 | } 261 | before_show_menu() { 262 | echo && echo -n -e "按回车返回主菜单: " && read temp 263 | checkcore 264 | } 265 | 266 | show_menu_singbox() { 267 | echo -e " 268 | 面板管理脚本 269 | 0. 退出脚本 270 | ———————————————— 271 | 1. 安装/更新 sing-box | sing-box-puer核心 272 | 2. 卸载 sing-box 273 | 3. 清理 sing-box缓存 274 | 4. 更新官核节点配置 275 | " 276 | show_status 277 | echo && read -p "请输入选择 [0-5]: " num 278 | 279 | case "${num}" in 280 | 0) 281 | exit 0 282 | ;; 283 | 1) 284 | checksingbox_core 285 | ;; 286 | 2) 287 | del_singbox 288 | ;; 289 | 3) 290 | del_cache 291 | ;; 292 | 4) 293 | sub_config 294 | ;; 295 | *) 296 | echo "请输入正确的数字 [0-4]" 297 | ;; 298 | esac 299 | } 300 | 301 | show_menu_mosdns() { 302 | echo -e " 303 | 面板管理脚本 304 | 0. 退出脚本 305 | ———————————————— 306 | 1. 更新 mosdns 远程规则 307 | 2. 卸载 mosdns 308 | 3. 清理 mosdns 缓存 309 | 4. 重新启动 mosdns 310 | 5. 更新mosdns核心 311 | " 312 | show_status 313 | echo && read -p "请输入选择 [0-6]: " num 314 | 315 | case "${num}" in 316 | 0) 317 | exit 0 318 | ;; 319 | 1) 320 | updata_mosdns_rule 321 | ;; 322 | 2) 323 | del_mosdns 324 | ;; 325 | 3) 326 | del_mosdns_cache 327 | ;; 328 | 4) 329 | systemctl restart mosdns 330 | ;; 331 | 5) 332 | update_mosdns 333 | ;; 334 | *) 335 | echo "请输入正确的数字 [0-5]" 336 | ;; 337 | esac 338 | } 339 | 340 | updata_mosdns_rule() { 341 | mkdir -p /etc/mosdns_install 342 | 343 | # 下载并重命名文件 344 | curl -s https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/direct-list.txt > /etc/mosdns_install/geosite_cn.txt 345 | curl -s https://raw.githubusercontent.com/Hackl0us/GeoIP2-CN/release/CN-ip-cidr.txt > /etc/mosdns_install/geoip_cn.txt 346 | curl -s https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/proxy-list.txt > /etc/mosdns_install/geosite_geolocation_noncn.txt 347 | curl -s https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/gfw.txt > /etc/mosdns_install/gfw.txt 348 | 349 | # 删除小于50KB的文件 350 | find /etc/mosdns_install/ -type f -size -50k -exec rm {} \; 351 | 352 | # 将文件复制到 /etc/mosdns 353 | cp -r /etc/mosdns_install/* /etc/mosdns/ 354 | 355 | # 重启 mosdns 服务 356 | systemctl restart mosdns.service 357 | 358 | 359 | } 360 | 361 | del_mosdns() { 362 | echo "更新mosdns的代码未提供" 363 | } 364 | 365 | del_mosdns_cache() { 366 | echo "清理cache.jump缓存" 367 | systemctl stop mosdns 368 | rm -rf /etc/mosdns/cache.jump 369 | echo "清理cache.jump完成,正在启动mosdns" 370 | systemctl start mosdns 371 | } 372 | update_mosdns() { 373 | systemctl stop mosdns 374 | if [[ $(uname -m) == "aarch64" ]]; then 375 | arch="arm64" 376 | elif [[ $(uname -m) == "x86_64" ]]; then 377 | arch="amd64" 378 | else 379 | arch="未知" 380 | exit 0 381 | fi 382 | echo "系统架构是:$arch" 383 | rm -rf mosdns* 384 | mosdns_host="https://github.com/IrineSistiana/mosdns/releases/download/v5.3.3/mosdns-linux-$arch.zip" 385 | wget "${mosdns_host}" || { echo -e "\e[31m下载失败!退出脚本\e[0m"; exit 1; } 386 | echo "开始解压" 387 | unzip ./mosdns-linux-$arch.zip 388 | echo "复制 mosdns 到 /usr/bin" 389 | sleep 1 390 | cp -rv ./mosdns /usr/bin 391 | chmod 0777 /usr/bin/mosdns 392 | systemctl start mosdns 393 | } 394 | system="" 395 | 396 | # 循环直到用户输入正确的值或选择退出 397 | while true; do 398 | prompt_user 399 | read -p "请输入选择 [0-2]: " choice 400 | 401 | if [[ $choice -eq 1 ]]; then 402 | system="sing-box" 403 | break 404 | elif [[ $choice -eq 2 ]]; then 405 | system="mosdns" 406 | break 407 | elif [[ $choice -eq 3 ]]; then 408 | rm -rf /usr/bin/fake 409 | wget -O /usr/bin/fake https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/fake.sh 410 | chmod +x /usr/bin/fake 411 | exit 0 412 | elif [[ $choice -eq 0 ]]; then 413 | echo "退出脚本" 414 | exit 0 415 | else 416 | echo "无效输入,请输入1、2或0。" 417 | fi 418 | done 419 | echo "进入 $system 管理菜单" 420 | sleep 1 421 | 422 | checkcore 423 | -------------------------------------------------------------------------------- /hy2-gohome.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | echo -e "hysteria2 回家 自签证书" 3 | echo -e "开始创建证书存放目录" 4 | mkdir -p /root/hysteria 5 | echo -e "自签bing.com证书100年" 6 | openssl ecparam -genkey -name prime256v1 -out /root/hysteria/private.key && openssl req -new -x509 -days 36500 -key /root/hysteria/private.key -out /root/hysteria/cert.pem -subj "/CN=bing.com" 7 | while true; do 8 | # 提示用户输入域名 9 | read -p "请输入家庭DDNS域名: " domain 10 | # 检查域名格式是否正确 11 | if [[ $domain =~ ^[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then 12 | break 13 | else 14 | echo "域名格式不正确,请重新输入" 15 | fi 16 | done 17 | # 输入端口号 18 | while true; do 19 | read -p "请输入端口号: " hyport 20 | 21 | # 检查端口号是否为数字 22 | if [[ $hyport =~ ^[0-9]+$ ]]; then 23 | break 24 | else 25 | echo "端口号格式不正确,请重新输入" 26 | fi 27 | done 28 | read -p "请输入密码: " password 29 | echo "您输入的域名是: $domain" 30 | echo "您输入的端口号是: $hyport" 31 | echo "您输入的密码是: $password" 32 | sleep 2 33 | echo "开始生成配置文件" 34 | # 检查sb配置文件是否存在 35 | config_file="/etc/sing-box/config.json" 36 | if [ ! -f "$config_file" ]; then 37 | echo "错误:配置文件 $config_file 不存在" 38 | echo "请选择生成singbox或者P核singbox config.json脚本" 39 | 40 | exit 1 41 | fi 42 | hy_config='{ 43 | "type": "hysteria2", 44 | "tag": "hy2-in", 45 | "listen": "::", 46 | "listen_port": '"${hyport}"', 47 | "sniff": true, 48 | "sniff_override_destination": false, 49 | "sniff_timeout": "100ms", 50 | "users": [ 51 | { 52 | "password": "'"${password}"'" 53 | } 54 | ], 55 | "ignore_client_bandwidth": true, 56 | "tls": { 57 | "enabled": true, 58 | "alpn": [ 59 | "h3" 60 | ], 61 | "certificate_path": "/root/hysteria/cert.pem", 62 | "key_path": "/root/hysteria/private.key" 63 | } 64 | }, 65 | ' 66 | line_num=$(grep -n 'inbounds' /etc/sing-box/config.json | cut -d ":" -f 1) 67 | # 如果找到了行号,则在其后面插入 JSON 字符串,否则不进行任何操作 68 | if [ ! -z "$line_num" ]; then 69 | # 将文件分成两部分,然后在中间插入新的 JSON 字符串 70 | head -n "$line_num" /etc/sing-box/config.json > tmpfile 71 | echo "$hy_config" >> tmpfile 72 | tail -n +$(($line_num + 1)) /etc/sing-box/config.json >> tmpfile 73 | mv tmpfile /etc/sing-box/config.json 74 | fi 75 | echo "HY2回家配置写入完成" 76 | echo "开始重启sing-box" 77 | systemctl restart sing-box 78 | echo "开始生成sing-box回家-手机配置" 79 | cat << EOF > "/root/go_home.json" 80 | { 81 | "log": { 82 | "level": "info", 83 | "timestamp": false 84 | }, 85 | "dns": { 86 | "servers": [ 87 | { 88 | "tag": "dns_proxy", 89 | "address": "tls://1.1.1.1:853", 90 | "strategy": "ipv4_only", 91 | "detour": "proxy" 92 | }, 93 | { 94 | "tag": "dns_direct", 95 | "address": "https://223.5.5.5/dns-query", 96 | "strategy": "prefer_ipv6", 97 | "detour": "direct" 98 | }, 99 | { 100 | "tag": "dns_resolver", 101 | "address": "223.5.5.5", 102 | "detour": "direct" 103 | }, 104 | { 105 | "tag": "dns_success", 106 | "address": "rcode://success" 107 | }, 108 | { 109 | "tag": "dns_refused", 110 | "address": "rcode://refused" 111 | }, 112 | { 113 | "tag": "dns_fakeip", 114 | "address": "fakeip" 115 | } 116 | ], 117 | "rules": [ 118 | { 119 | "domain_suffix": [ 120 | "${domain}" 121 | ], 122 | "server": "dns_direct", 123 | "disable_cache": true 124 | }, 125 | { 126 | "rule_set": "geosite-cn", 127 | "query_type": [ 128 | "A", 129 | "AAAA" 130 | ], 131 | "server": "dns_direct" 132 | }, 133 | { 134 | "rule_set": "geosite-cn", 135 | "query_type": [ 136 | "CNAME" 137 | ], 138 | "server": "dns_direct" 139 | }, 140 | { 141 | "rule_set": "geosite-geolocation-!cn", 142 | "query_type": [ 143 | "A" 144 | ], 145 | "server": "dns_fakeip" 146 | }, 147 | { 148 | "rule_set": "geosite-geolocation-!cn", 149 | "query_type": [ 150 | "CNAME" 151 | ], 152 | "server": "dns_proxy" 153 | }, 154 | { 155 | "query_type": [ 156 | "A", 157 | "AAAA", 158 | "CNAME" 159 | ], 160 | "invert": true, 161 | "server": "dns_refused", 162 | "disable_cache": true 163 | } 164 | ], 165 | "final": "dns_proxy", 166 | "independent_cache": true, 167 | "fakeip": { 168 | "enabled": true, 169 | "inet4_range": "198.18.0.0/15", 170 | "inet6_range": "fc00::/18" 171 | } 172 | }, 173 | "route": { 174 | "rule_set": [ 175 | { 176 | "tag": "geosite-category-ads-all", 177 | "type": "remote", 178 | "format": "binary", 179 | "url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-category-ads-all.srs", 180 | "download_detour": "proxy" 181 | }, 182 | { 183 | "tag": "geosite-cn", 184 | "type": "remote", 185 | "format": "binary", 186 | "url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-cn.srs", 187 | "download_detour": "proxy" 188 | }, 189 | { 190 | "tag": "geosite-geolocation-!cn", 191 | "type": "remote", 192 | "format": "binary", 193 | "url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-geolocation-!cn.srs", 194 | "download_detour": "proxy" 195 | }, 196 | { 197 | "tag": "geoip-cn", 198 | "type": "remote", 199 | "format": "binary", 200 | "url": "https://raw.githubusercontent.com/SagerNet/sing-geoip/rule-set/geoip-cn.srs", 201 | "download_detour": "proxy" 202 | } 203 | ], 204 | "rules": [ 205 | { 206 | "protocol": "dns", 207 | "outbound": "dns-out" 208 | }, 209 | { 210 | "ip_cidr": [ 211 | "10.10.10.0/24" 212 | ], 213 | "outbound": "telecom_home" 214 | }, 215 | { 216 | "network": "udp", 217 | "port": 443, 218 | "outbound": "block" 219 | }, 220 | { 221 | "domain_suffix": [ 222 | ".cn" 223 | ], 224 | "outbound": "direct" 225 | }, 226 | { 227 | "domain_suffix": [ 228 | "office365.com" 229 | ], 230 | "outbound": "direct" 231 | }, 232 | { 233 | "domain_suffix": [ 234 | "push.apple.com", 235 | "iphone-ld.apple.com", 236 | "lcdn-locator.apple.com", 237 | "lcdn-registration.apple.com" 238 | ], 239 | "outbound": "direct" 240 | }, 241 | { 242 | "rule_set": "geosite-cn", 243 | "outbound": "direct" 244 | }, 245 | { 246 | "rule_set": "geosite-geolocation-!cn", 247 | "outbound": "proxy" 248 | }, 249 | { 250 | "rule_set": "geoip-cn", 251 | "outbound": "direct" 252 | }, 253 | { 254 | "ip_is_private": true, 255 | "outbound": "direct" 256 | } 257 | ], 258 | "final": "proxy", 259 | "auto_detect_interface": true 260 | }, 261 | "inbounds": [ 262 | { 263 | "type": "tun", 264 | "tag": "tun-in", 265 | "inet4_address": "172.16.0.1/30", 266 | "inet6_address": "fd00::1/126", 267 | "mtu": 1400, 268 | "auto_route": true, 269 | "strict_route": true, 270 | "stack": "gvisor", 271 | "sniff": true, 272 | "sniff_override_destination": false 273 | } 274 | ], 275 | "outbounds": [ 276 | { 277 | "tag":"proxy", 278 | "type":"selector", 279 | "outbounds":[ 280 | "telecom_home" 281 | ] 282 | }, 283 | { 284 | "type": "hysteria2", 285 | "server": "${domain}", 286 | "server_port": ${hyport}, 287 | "tag": "telecom_home", 288 | "up_mbps": 50, 289 | "down_mbps": 500, 290 | "password": "${password}", 291 | "tls": { 292 | "enabled": true, 293 | "server_name": "bing.com", 294 | "insecure": true, 295 | "alpn": [ 296 | "h3" 297 | ] 298 | } 299 | }, 300 | 301 | { 302 | "type": "direct", 303 | "tag": "direct" 304 | }, 305 | { 306 | "type": "block", 307 | "tag": "block" 308 | }, 309 | { 310 | "type": "dns", 311 | "tag": "dns-out" 312 | } 313 | ], 314 | "experimental": { 315 | "cache_file": { 316 | "enabled": true, 317 | "path": "cache.db", 318 | "store_fakeip": true 319 | } 320 | } 321 | } 322 | EOF 323 | sleep 1 324 | echo "==================================================================" 325 | echo -e "\t\t\tSing-Box 回家配置生成完毕" 326 | echo -e "\t\t\tPowered by www.herozmy.com 2024" 327 | echo -e "\n" 328 | echo -e "sing-box 回家配置生成路径为: /root/go_home.json\t\t请自行复制至 sing-box 客户端" 329 | echo -e "温馨提示:\n本脚本仅在 LXC ubuntu22.04 环境下测试,其他环境未经验证,仅供个人使用" 330 | echo -e "本脚本仅适用于学习与研究等个人用途,请勿用于任何违反国家法律的活动!" 331 | echo "=================================================================" -------------------------------------------------------------------------------- /install-sing-box.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################编译 Sing-Box 的最新版本################################ 3 | install_singbox() { 4 | apt update && apt -y upgrade || { echo "更新失败!退出脚本"; exit 1; } 5 | apt install curl wget tar gawk sed cron unzip nano -y || { echo "更新失败!退出脚本"; exit 1; } 6 | echo -e "\n设置时区为Asia/Shanghai" 7 | timedatectl set-timezone Asia/Shanghai || { echo -e "\e[31m时区设置失败!退出脚本\e[0m"; exit 1; } 8 | echo -e "\e[32m时区设置成功\e[0m" 9 | echo -e "编译Sing-Box 最新版本" 10 | sleep 1 11 | apt -y install curl git build-essential libssl-dev libevent-dev zlib1g-dev gcc-mingw-w64 12 | echo -e "开始编译Sing-Box 最新版本" 13 | rm -rf /root/go/bin/* 14 | Go_Version=$(curl https://github.com/golang/go/tags | grep '/releases/tag/go' | head -n 1 | gawk -F/ '{print $6}' | gawk -F\" '{print $1}') 15 | # 判断 CPU 架构 16 | if [[ $(uname -m) == "aarch64" ]]; then 17 | arch="arm64" 18 | elif [[ $(uname -m) == "x86_64" ]]; then 19 | arch="amd64" 20 | else 21 | arch="未知" 22 | exit 0 23 | fi 24 | echo "系统架构是:$arch" 25 | wget -O ${Go_Version}.linux-$arch.tar.gz https://go.dev/dl/${Go_Version}.linux-$arch.tar.gz 26 | tar -C /usr/local -xzf ${Go_Version}.linux-$arch.tar.gz 27 | echo 'export PATH=$PATH:/usr/local/go/bin' > /etc/profile.d/golang.sh 28 | source /etc/profile.d/golang.sh 29 | if ! go install -v -tags with_quic,with_grpc,with_dhcp,with_wireguard,with_ech,with_utls,with_reality_server,with_clash_api,with_gvisor,with_v2ray_api,with_lwip,with_acme github.com/sagernet/sing-box/cmd/sing-box@latest; then 30 | echo -e "Sing-Box 编译失败!退出脚本" 31 | exit 1 32 | fi 33 | echo -e "编译完成,开始安装" 34 | sleep 1 35 | # 检查是否存在旧版本的 sing-box 36 | if [ -f "/usr/local/bin/sing-box" ]; then 37 | echo "检测到已安装的 sing-box" 38 | read -p "是否替换升级?(y/n): " replace_confirm 39 | if [ "$replace_confirm" = "y" ]; then 40 | echo "正在替换升级 sing-box" 41 | cp "$(go env GOPATH)/bin/sing-box" /usr/local/bin/ 42 | echo "正在重启sing-box" 43 | systemctl restart sing-box 44 | echo "==================================================================" 45 | echo -e "\t\t\tSing-Box 内核升级完毕" 46 | echo -e "\t\t\tPowered by www.herozmy.com 2024" 47 | echo -e "\n" 48 | echo -e "温馨提示:\n本脚本仅在 LXC ubuntu22.04 环境下测试,其他环境未经验证,仅供个人使用" 49 | echo -e "本脚本仅适用于学习与研究等个人用途,请勿用于任何违反国家法律的活动!" 50 | echo "==================================================================" 51 | exit 0 # 替换完成后停止脚本运行 52 | else 53 | echo "用户取消了替换升级操作" 54 | fi 55 | else 56 | # 如果不存在旧版本,则直接安装新版本 57 | cp "$(go env GOPATH)/bin/sing-box" /usr/local/bin/ 58 | echo -e "Sing-Box 安装完成" 59 | fi 60 | 61 | mkdir -p /etc/sing-box 62 | sleep 1 63 | } 64 | 65 | ################################用户自定义设置################################ 66 | customize_settings() { 67 | echo "是否选择生成配置?(y/n)" 68 | echo "生成配置文件需要添加机场订阅,如自建vps请选择n" 69 | read choice 70 | if [ "$choice" = "y" ]; then 71 | read -p "输入订阅连接:" suburl 72 | suburl="${suburl:-https://}" 73 | echo "已设置订阅连接地址:$suburl" 74 | install_config 75 | 76 | elif [ "$choice" = "n" ]; then 77 | echo "请手动配置config.json." 78 | fi 79 | 80 | } 81 | 82 | ######### ui 83 | ui_install(){ 84 | echo "是否拉取ui源码 y/n" 85 | read choice 86 | if [ "$choice" = "y" ]; then 87 | apt install git 88 | git clone https://github.com/metacubex/metacubexd.git -b gh-pages /etc/sing-box/ui 89 | 90 | elif [ "$choice" = "n" ]; then 91 | echo "请手动下载源码并解压至/etc/sing-box/ui." 92 | echo "地址: https://github.com/metacubex/metacubexd" 93 | fi 94 | 95 | } 96 | ################################开始创建config.json################################ 97 | install_config() { 98 | sub_host="https://sub-singbox.herozmy.com" 99 | echo "请选择:" 100 | echo "1. tproxy_fake_ip O大原版 <适用机场多规则分流> 配合O大mosdns食用" 101 | echo "2. tproxy_fake_ip O大原版 <适用VPS自建模式>配合O大mosdns食用" 102 | read -p "请输入选项 [默认: 1]: " choice 103 | # 如果用户没有输入选择,则默认为1 104 | choice=${choice:-1} 105 | if [ $choice -eq 1 ]; then 106 | json_file="&file=https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/config/fake-ip.json" 107 | elif [ $choice -eq 2 ]; then 108 | json_file="&file=https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/fake-ip.json" 109 | else 110 | echo "无效的选择。" 111 | return 1 112 | fi 113 | curl -o config.json "${sub_host}/config/${suburl}${json_file}" 114 | # 检查下载是否成功 115 | if [ $? -eq 0 ]; then 116 | # 移动文件到目标位置 117 | mv config.json /etc/sing-box/config.json 118 | echo "Sing-box配置文件写入成功!" 119 | else 120 | echo "下载文件失败,请检查网络连接或者URL是否正确。" 121 | fi 122 | } 123 | ######################启动脚本################################ 124 | install_service() { 125 | echo -e "配置系统服务文件" 126 | sleep 1 127 | 128 | # 检查服务文件是否存在,如果不存在则创建 129 | sing_box_service_file="/etc/systemd/system/sing-box.service" 130 | if [ ! -f "$sing_box_service_file" ]; then 131 | # 如果服务文件不存在,则创建 132 | cat << EOF > "$sing_box_service_file" 133 | [Unit] 134 | Description=Sing-Box service 135 | Documentation=https://sing-box.sagernet.org 136 | After=network.target nss-lookup.target 137 | 138 | [Service] 139 | CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE 140 | AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE 141 | ExecStart=/usr/local/bin/sing-box run -c /etc/sing-box/config.json 142 | Restart=on-failure 143 | RestartSec=1800s 144 | LimitNOFILE=infinity 145 | 146 | [Install] 147 | WantedBy=multi-user.target 148 | EOF 149 | echo "sing-box服务创建完成" 150 | else 151 | # 如果服务文件已经存在,则给出警告 152 | echo "警告:sing-box服务文件已存在,无需创建" 153 | fi 154 | sleep 1 155 | systemctl daemon-reload 156 | 157 | } 158 | ################################安装tproxy################################ 159 | install_tproxy() { 160 | 161 | if [ -f /etc/os-release ]; then 162 | . /etc/os-release 163 | if [ "$ID" = "debian" ]; then 164 | echo "当前系统为 Debian 系统" 165 | elif [ "$ID" = "ubuntu" ]; then 166 | echo "当前系统为 Ubuntu 系统" 167 | echo "关闭 53 端口监听" 168 | 169 | # 确保 DNSStubListener 没有已经被设置为 no 170 | if grep -q "^DNSStubListener=no" /etc/systemd/resolved.conf; then 171 | echo "DNSStubListener 已经设置为 no, 无需修改" 172 | else 173 | sed -i '/^#*DNSStubListener/s/#*DNSStubListener=yes/DNSStubListener=no/' /etc/systemd/resolved.conf 174 | echo "DNSStubListener 已被设置为 no" 175 | systemctl restart systemd-resolved.service 176 | sleep 1 177 | fi 178 | else 179 | echo "当前系统不是 Debian 或 Ubuntu. 请更换系统" 180 | exit 0 181 | fi 182 | else 183 | echo "无法识别系统,请更换 Ubuntu 或 Debian" 184 | exit 0 185 | fi 186 | 187 | echo "创建系统转发" 188 | # 判断是否已存在 net.ipv4.ip_forward=1 189 | if ! grep -q '^net.ipv4.ip_forward=1$' /etc/sysctl.conf; then 190 | echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf 191 | fi 192 | 193 | # 判断是否已存在 net.ipv6.conf.all.forwarding = 1 194 | if ! grep -q '^net.ipv6.conf.all.forwarding = 1$' /etc/sysctl.conf; then 195 | echo 'net.ipv6.conf.all.forwarding = 1' >> /etc/sysctl.conf 196 | fi 197 | echo "系统转发创建完成" 198 | sleep 1 199 | echo "开始创建nftables tproxy转发" 200 | apt install nftables -y 201 | # 写入tproxy rule 202 | # 判断文件是否存在 203 | if [ ! -f "/etc/systemd/system/sing-box-router.service" ]; then 204 | cat < "/etc/systemd/system/sing-box-router.service" 205 | [Unit] 206 | Description=sing-box TProxy Rules 207 | After=network.target 208 | Wants=network.target 209 | 210 | [Service] 211 | User=root 212 | Type=oneshot 213 | RemainAfterExit=yes 214 | # there must be spaces before and after semicolons 215 | ExecStart=/sbin/ip rule add fwmark 1 table 100 ; /sbin/ip route add local default dev lo table 100 ; /sbin/ip -6 rule add fwmark 1 table 101 ; /sbin/ip -6 route add local ::/0 dev lo table 101 216 | ExecStop=/sbin/ip rule del fwmark 1 table 100 ; /sbin/ip route del local default dev lo table 100 ; /sbin/ip -6 rule del fwmark 1 table 101 ; /sbin/ip -6 route del local ::/0 dev lo table 101 217 | 218 | [Install] 219 | WantedBy=multi-user.target 220 | EOF 221 | echo "sing-box-router 服务创建完成" 222 | else 223 | echo "警告:sing-box-router 服务文件已存在,无需创建" 224 | fi 225 | ################################写入nftables################################ 226 | check_interfaces 227 | echo "" > "/etc/nftables.conf" 228 | cat < "/etc/nftables.conf" 229 | #!/usr/sbin/nft -f 230 | flush ruleset 231 | table inet singbox { 232 | set local_ipv4 { 233 | type ipv4_addr 234 | flags interval 235 | elements = { 236 | 10.0.0.0/8, 237 | 127.0.0.0/8, 238 | 169.254.0.0/16, 239 | 172.16.0.0/12, 240 | 192.168.0.0/16, 241 | 240.0.0.0/4 242 | } 243 | } 244 | 245 | set local_ipv6 { 246 | type ipv6_addr 247 | flags interval 248 | elements = { 249 | ::ffff:0.0.0.0/96, 250 | 64:ff9b::/96, 251 | 100::/64, 252 | 2001::/32, 253 | 2001:10::/28, 254 | 2001:20::/28, 255 | 2001:db8::/32, 256 | 2002::/16, 257 | fc00::/7, 258 | fe80::/10 259 | } 260 | } 261 | 262 | chain singbox-tproxy { 263 | fib daddr type { unspec, local, anycast, multicast } return 264 | ip daddr @local_ipv4 return 265 | ip6 daddr @local_ipv6 return 266 | udp dport { 123 } return 267 | meta l4proto { tcp, udp } meta mark set 1 tproxy to :7896 accept 268 | } 269 | 270 | chain singbox-mark { 271 | fib daddr type { unspec, local, anycast, multicast } return 272 | ip daddr @local_ipv4 return 273 | ip6 daddr @local_ipv6 return 274 | udp dport { 123 } return 275 | meta mark set 1 276 | } 277 | 278 | chain mangle-output { 279 | type route hook output priority mangle; policy accept; 280 | meta l4proto { tcp, udp } skgid != 1 ct direction original goto singbox-mark 281 | } 282 | 283 | chain mangle-prerouting { 284 | type filter hook prerouting priority mangle; policy accept; 285 | iifname { wg0, lo, $selected_interface } meta l4proto { tcp, udp } ct direction original goto singbox-tproxy 286 | } 287 | } 288 | EOF 289 | echo "nftables规则写入完成" 290 | echo "清空 nftalbes 规则" 291 | nft flush ruleset 292 | sleep 1 293 | echo "新规则生效" 294 | sleep 1 295 | nft -f /etc/nftables.conf 296 | install_over 297 | } 298 | ################################sing-box安装结束################################ 299 | install_over() { 300 | echo "启用相关服务" 301 | systemctl enable --now nftables 302 | systemctl enable --now sing-box-router 303 | systemctl enable --now sing-box 304 | } 305 | 306 | #####################################获取网卡################################ 307 | check_interfaces() { 308 | interfaces=$(ip -o link show | awk -F': ' '{print $2}') 309 | # 输出物理网卡名称 310 | for interface in $interfaces; do 311 | # 检查是否为物理网卡(不包含虚拟、回环等),并排除@符号及其后面的内容 312 | if [[ $interface =~ ^(en|eth).* ]]; then 313 | interface_name=$(echo "$interface" | awk -F'@' '{print $1}') # 去掉@符号及其后面的内容 314 | echo "您的网卡是:$interface_name" 315 | valid_interfaces+=("$interface_name") # 存储有效的网卡名称 316 | fi 317 | done 318 | # 提示用户选择 319 | read -p "脚本自行检测的是否是您要的网卡?(y/n): " confirm_interface 320 | if [ "$confirm_interface" = "y" ]; then 321 | selected_interface="$interface_name" 322 | echo "您选择的网卡是: $selected_interface" 323 | elif [ "$confirm_interface" = "n" ]; then 324 | read -p "请自行输入您的网卡名称: " selected_interface 325 | echo "您输入的网卡名称是: $selected_interface" 326 | else 327 | echo "无效的选择" 328 | fi 329 | } 330 | 331 | 332 | ################################sing-box安装结束################################ 333 | install_sing_box_over() { 334 | echo "==================================================================" 335 | echo -e "\t\t\tSing-Box 安装完毕" 336 | echo -e "\t\t\tPowered by www.herozmy.com 2024" 337 | echo -e "\n" 338 | echo -e "singbox运行目录为/etc/sing-box" 339 | echo -e "singbox WebUI地址:http://ip:9090" 340 | echo -e "singbox快捷指令: fake " 341 | echo -e "Mosdns配置脚本: wget https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/mosdns-o.sh && bash mosdns-o.sh" 342 | echo -e "温馨提示:\n本脚本仅在 LXC ubuntu22.04 环境下测试,其他环境未经验证,仅供个人使用" 343 | echo -e "本脚本仅适用于学习与研究等个人用途,请勿用于任何违反国家法律的活动!" 344 | echo "==================================================================" 345 | 346 | } 347 | main() { 348 | install_singbox 349 | customize_settings 350 | ui_install 351 | install_service 352 | install_tproxy 353 | install_sing_box_over 354 | } 355 | main 356 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################入口################################ 3 | 4 | # check root 5 | [[ $EUID -ne 0 ]] && echo -e "错误:必须使用root用户运行此脚本!\n" && exit 1 6 | main() { 7 | home 8 | } 9 | ################################主菜单################################ 10 | home() { 11 | clear 12 | echo "==================================================================" 13 | echo -e "\t\tLinux | 一键搭建脚本" 14 | echo -e "\t\tPowered by www.herozmy.com 2024 1" 15 | echo -e "\t\\n" 16 | echo -e "温馨提示:\n本脚本推荐使用ububtu22.04环境,其他环境未经验证,仅供个人使用" 17 | echo -e "本脚本仅适用于学习与研究等个人用途,请勿用于任何违反国家法律的活动!" 18 | echo "==================================================================" 19 | read -p "按Enter键继续~" -r 20 | sleep 1 21 | choose_singbox 22 | } 23 | ################################选择安装################################ 24 | choose_singbox() { 25 | echo "欢迎使用脚本安装程序" 26 | echo "请选择要安装的版本:" 27 | echo "1. 编译官方sing-box Core/升级" 28 | echo "2. Mosdns-O佬 fakeip分流配置" 29 | echo "3. P版sing-box Core/升级" 30 | #echo "4. Mosdns-PH佬 fakeip分流配置" 31 | echo "5. hysteria2 回家" 32 | echo "6. mihomo (clash meta)" 33 | read choice 34 | case $choice in 35 | 1) 36 | wget https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/install-sing-box.sh >/dev/null 2>&1 37 | bash install-sing-box.sh 38 | ;; 39 | 2) 40 | wget https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/mosdns-o.sh >/dev/null 2>&1 41 | bash mosdns-o.sh 42 | ;; 43 | 3) 44 | wget https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/install-sing-box-p.sh >/dev/null 2>&1 45 | bash install-sing-box-p.sh 46 | ;; 47 | #4) 48 | #wget https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/mosdns-p.sh >/dev/null 2>&1 49 | #bash mosdns-p.sh 50 | # ;; 51 | 5) 52 | wget https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/hy2-gohome.sh >/dev/null 2>&1 53 | bash hy2-gohome.sh 54 | ;; 55 | 6) 56 | wget https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/clash.sh >/dev/null 2>&1 57 | bash clash.sh 58 | ;; 59 | *) 60 | echo "无效的选项,请重新运行脚本并选择有效的选项." 61 | ;; 62 | esac 63 | } 64 | main 65 | -------------------------------------------------------------------------------- /ip.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | read -ep "是否执行网络静态设置部分脚本 ( y or n):" other 4 | if [ y == $other ]; then 5 | other=`cat /etc/network/interfaces | grep 'static' | wc -l` 6 | if [ "$other" -eq "1" ]; then 7 | read -ep "已是静态ip分配,是否继续修改 ( y or n):" other 8 | if [ y == $other ]; then 9 | sed -i '/address/d' /etc/network/interfaces 10 | sed -i '/netmask/d' /etc/network/interfaces 11 | sed -i '/gateway/d' /etc/network/interfaces 12 | sed -i '/nameserver/d' /etc/resolv.conf 13 | read -ep "请输入ip地址 如( 192.168.1.100 ):" other 14 | read -ep "请输入子网掩码 如( 255.255.255.0 ):" other1 15 | read -ep "请输入网关地址 如( 192.168.1.1 ):" other2 16 | read -ep "请输入dns地址 如( 223.5.5.5 ):" other3 17 | echo "address $other 18 | netmask $other1 19 | gateway $other2" >> /etc/network/interfaces 20 | echo "nameserver $other3" >> /etc/resolv.conf 21 | systemctl restart networking.service 22 | echo '已完成重启网络' 23 | else 24 | echo '已退出静态ip分配部分' 25 | fi 26 | else 27 | addressname=`cat /proc/net/dev | awk '{i++; if(i>2){print $1}}' | sed 's/^[\t]*//g' | sed 's/[:]*$//g' | grep -v 'lo'` 28 | sed -i 's/^allow-hotplug/#allow-hotplug/' /etc/network/interfaces 29 | sed -i "s/^iface.*inet dhcp/#iface $addressname inet dhcp/" /etc/network/interfaces 30 | sed -i '/nameserver/d' /etc/resolv.conf 31 | read -ep "请输入ip地址 如( 192.168.1.100 ):" other 32 | read -ep "请输入子网掩码 如( 255.255.255.0 ):" other1 33 | read -ep "请输入网关地址 如( 192.168.1.1 ):" other2 34 | read -ep "请输入dns地址 如( 223.5.5.5 ):" other3 35 | echo "auto $addressname 36 | iface $addressname inet static 37 | address $other 38 | netmask $other1 39 | gateway $other2" >> /etc/network/interfaces 40 | echo "nameserver $other3" >> /etc/resolv.conf 41 | systemctl restart networking.service 42 | echo '已完成重启网络' 43 | fi 44 | fi -------------------------------------------------------------------------------- /mosdns-o.sh: -------------------------------------------------------------------------------- 1 | 2 | if [[ $(uname -m) == "aarch64" ]]; then 3 | arch="arm64" 4 | elif [[ $(uname -m) == "x86_64" ]]; then 5 | arch="amd64" 6 | else 7 | arch="未知" 8 | exit 0 9 | fi 10 | echo "系统架构是:$arch" 11 | mosdns_host="https://github.com/IrineSistiana/mosdns/releases/download/v5.3.3/mosdns-linux-$arch.zip" 12 | apt update && apt -y upgrade || { echo "更新失败!退出脚本"; exit 1; } 13 | apt install curl wget git tar gawk sed cron unzip nano -y || { echo "更新失败!退出脚本"; exit 1; } 14 | echo -e "\n设置时区为Asia/Shanghai" 15 | timedatectl set-timezone Asia/Shanghai || { echo -e "\e[31m时区设置失败!退出脚本\e[0m"; exit 1; } 16 | echo -e "\e[32m时区设置成功\e[0m" 17 | echo "开始下载 mosdns" 18 | wget "${mosdns_host}" || { echo -e "\e[31m下载失败!退出脚本\e[0m"; exit 1; } 19 | echo "开始解压" 20 | unzip ./mosdns-linux-$arch.zip 21 | echo "复制 mosdns 到 /usr/bin" 22 | sleep 1 23 | cp -rv ./mosdns /usr/bin 24 | chmod 0777 /usr/bin/mosdns 25 | echo -e "\n自定义设置(以下设置可直接回车使用默认值)" 26 | read -p "输入sing-box入站地址端口(默认10.10.10.147:6666):" uiport 27 | uiport="${uiport:-10.10.10.147:6666}" 28 | echo -e "已设置Singbox入站地址:\e[36m$uiport\e[0m" 29 | echo "关闭53端口监听" 30 | sed -i '/^#*DNSStubListener/s/#*DNSStubListener=yes/DNSStubListener=no/' /etc/systemd/resolved.conf 31 | systemctl restart systemd-resolved.service 32 | echo "配置mosdns规则" 33 | sleep 1 34 | git init 35 | git remote add -f origin https://github.com/herozmy/sing-box-mosdns-fakeip.git 36 | git config core.sparsecheckout true 37 | echo 'mosdns' > .git/info/sparse-checkout 38 | git pull origin main 39 | cd /root && mv mosdns /etc/ 40 | echo "配置mosdns" 41 | sed -i "s/- addr: 10.10.10.147:6666/- addr: ${uiport}/g" /etc/mosdns/config.yaml 42 | echo "设置mosdns开机自启动" 43 | mosdns service install -d /etc/mosdns -c /etc/mosdns/config.yaml 44 | echo "mosdns开机启动完成" 45 | sleep 1 46 | systemctl restart mosdns 47 | sleep 2 48 | echo "是否安装 mosdns webui y/n" 49 | read choice 50 | if [ "$choice" = "y" ]; then 51 | cd /root 52 | wget https://github.com/grafana/loki/releases/download/v3.1.0/loki_3.1.0_amd64.deb 53 | 54 | dpkg -i loki_3.1.0_amd64.deb 55 | 56 | # 安装必需的软件包 57 | apt-get install -y adduser libfontconfig1 musl 58 | 59 | # 下载并安装 Grafana Enterprise 60 | wget https://dl.grafana.com/enterprise/release/grafana-enterprise_11.0.0_amd64.deb 61 | dpkg -i grafana-enterprise_11.0.0_amd64.deb 62 | 63 | # 重新加载 systemd 并启用/启动 Grafana 服务器 64 | systemctl daemon-reload 65 | systemctl enable grafana-server 66 | systemctl start grafana-server 67 | apt-get install -y prometheus 68 | # 添加 mosdns 任务配置 69 | cat << EOF | tee -a /etc/prometheus/prometheus.yml 70 | - job_name: mosdns 71 | scrape_interval: 5s 72 | static_configs: 73 | - targets: ['localhost:8338'] 74 | EOF 75 | # 重启 Prometheus 76 | systemctl restart prometheus 77 | 78 | curl --proto '=https' --tlsv1.2 -sSfL https://sh.vector.dev | bash -s -- -y > /dev/null 2>&1 79 | 80 | rm -f /root/.vector/config/vector.yaml 81 | 82 | curl -L https://github.com/KHTdhl/AIO/releases/download/v1.0/vector.yaml -o /root/.vector/config/vector.yaml 83 | 84 | cd /etc/systemd/system/ 85 | 86 | touch vector.service 87 | 88 | cat << 'EOF' > vector.service 89 | [Unit] 90 | Description=Vector Service 91 | After=network.target 92 | 93 | [Service] 94 | Type=simple 95 | User=root 96 | ExecStartPre=/bin/sleep 10 97 | ExecStartPre=/bin/mkdir -p /tmp/vector 98 | ExecStart=/root/.vector/bin/vector --config /root/.vector/config/vector.yaml 99 | Restart=on-failure 100 | RestartSec=5s 101 | 102 | [Install] 103 | WantedBy=multi-user.target 104 | EOF 105 | 106 | sudo systemctl daemon-reload 107 | 108 | sudo systemctl enable vector 109 | 110 | echo "Vector 配置文件已更新" 111 | (crontab -l 2>/dev/null; echo "0 0 * * 0 sudo truncate -s 0 /etc/mosdns/mosdns.log && /etc/mosdns/mos_rule_update.sh") | crontab - 112 | 113 | echo "定时更新规则与清理日志添加完成" 114 | 115 | local_ip=$(hostname -I | awk '{print $1}') 116 | echo "==================================================================" 117 | echo -e "\t\t\Mosdns fake安装完成" 118 | echo -e "\t\t\tPowered by www.herozmy.com 2024" 119 | echo -e "\n" 120 | echo -e "温馨提示:\nMosdns网关自行配置为sing-box,dns随意" 121 | echo -e "本脚本仅适用于学习与研究等个人用途,请勿用于任何违反国家法律的活动!" 122 | echo "==================================================================" 123 | # 打印 IP 地址 124 | echo "机器将在5秒后重启,重启后打开:$local_ip:3000,进入ui管理界面,后续参考孔佬教程" 125 | 126 | sleep 6 127 | 128 | reboot 129 | 130 | elif [ "$choice" = "n" ]; then 131 | echo "==================================================================" 132 | echo -e "\t\t\Mosdns fake安装完成" 133 | echo -e "\t\t\tPowered by www.herozmy.com 2024" 134 | echo -e "\n" 135 | echo -e "温馨提示:\nMosdns网关自行配置为sing-box,dns随意" 136 | echo -e "本脚本仅适用于学习与研究等个人用途,请勿用于任何违反国家法律的活动!" 137 | echo "==================================================================" 138 | fi 139 | 140 | 141 | -------------------------------------------------------------------------------- /mosdns-o.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns-o.zip -------------------------------------------------------------------------------- /mosdns-p.sh: -------------------------------------------------------------------------------- 1 | 2 | if [[ $(uname -m) == "aarch64" ]]; then 3 | arch="arm64" 4 | elif [[ $(uname -m) == "x86_64" ]]; then 5 | arch="amd64" 6 | else 7 | arch="未知" 8 | exit 0 9 | fi 10 | echo "系统架构是:$arch" 11 | mosdns_host="https://github.com/IrineSistiana/mosdns/releases/download/v5.3.1/mosdns-linux-$arch.zip" 12 | apt update && apt -y upgrade || { echo "更新失败!退出脚本"; exit 1; } 13 | apt install curl wget tar gawk sed cron unzip nano -y || { echo "更新失败!退出脚本"; exit 1; } 14 | echo -e "\n设置时区为Asia/Shanghai" 15 | timedatectl set-timezone Asia/Shanghai || { echo -e "\e[31m时区设置失败!退出脚本\e[0m"; exit 1; } 16 | echo -e "\e[32m时区设置成功\e[0m" 17 | echo "开始下载 mosdns" 18 | wget "${mosdns_host}" || { echo -e "\e[31m下载失败!退出脚本\e[0m"; exit 1; } 19 | echo "开始解压" 20 | unzip ./mosdns-linux-$arch.zip 21 | echo "复制 mosdns 到 /usr/bin" 22 | sleep 1 23 | cp -rv ./mosdns /usr/bin 24 | chmod 0777 /usr/bin/mosdns 25 | echo -e "\n自定义设置(以下设置可直接回车使用默认值)" 26 | read -p "输入sing-box入站地址端口(默认10.10.10.147:6666):" uiport 27 | uiport="${uiport:-10.10.10.147:6666}" 28 | echo -e "已设置Singbox入站地址:\e[36m$uiport\e[0m" 29 | read -p "输入sing-box sock5地址端口(默认10.10.10.147:7891):" sock5port 30 | uiport="${sock5port:-10.10.10.147:7891}" 31 | echo -e "已设置sock5:\e[36m$sock5port\e[0m" 32 | echo "关闭53端口监听" 33 | sed -i '/^#*DNSStubListener/s/#*DNSStubListener=yes/DNSStubListener=no/' /etc/systemd/resolved.conf 34 | systemctl restart systemd-resolved.service 35 | echo "配置mosdns规则" 36 | sleep 1 37 | mkdir /etc/mosdns 38 | cd /etc/mosdns 39 | wget -O mosdns.zip https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/main/mosdns-p.zip 40 | unzip mosdns.zip 41 | echo "配置mosdns" 42 | sed -i "s/- addr: 10.10.10.147:6666/- addr: ${uiport}/g" /etc/mosdns/config.yaml 43 | sed -i "s/socks5: 10.10.10.147:7891/socks5: ${sock5port}/g" /etc/mosdns/config.yaml 44 | echo "设置mosdns开机自启动" 45 | mosdns service install -d /etc/mosdns -c /etc/mosdns/config.yaml 46 | echo "mosdns开机启动完成" 47 | sleep 1 48 | systemctl restart mosdns 49 | sleep 2 50 | echo "==================================================================" 51 | echo -e "\t\t\Mosdns fake安装完成" 52 | echo -e "\t\t\tPowered by www.herozmy.com 2024" 53 | echo -e "\n" 54 | echo -e "本脚本仅适用于学习与研究等个人用途,请勿用于任何违反国家法律的活动!" 55 | echo "==================================================================" 56 | -------------------------------------------------------------------------------- /mosdns-p.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns-p.zip -------------------------------------------------------------------------------- /mosdns-ph/config.yaml: -------------------------------------------------------------------------------- 1 | log: 2 | level: warn 3 | file: "/tmp/mosdns.log" 4 | 5 | api: 6 | http: "0.0.0.0:9099" 7 | 8 | include: [] 9 | 10 | plugins: 11 | #中国域名列表的过期缓存 12 | - tag: cache_all 13 | type: cache 14 | args: 15 | size: 20000000 16 | lazy_cache_ttl: 259200000 17 | dump_file: /etc/mosdns/cache_all.dump 18 | dump_interval: 3600 19 | 20 | #中国域名列表的过期缓存 21 | - tag: cache_cn 22 | type: cache 23 | args: 24 | size: 20000000 25 | lazy_cache_ttl: 259200000 26 | dump_file: /etc/mosdns/cache_cn.dump 27 | dump_interval: 36000 28 | 29 | #列表外域名的过期缓存 30 | - tag: cache_google 31 | type: cache 32 | args: 33 | size: 20000000 34 | lazy_cache_ttl: 259200000 35 | dump_file: /etc/mosdns/cache_google.dump 36 | dump_interval: 36000 37 | 38 | #列表外域名的过期缓存 39 | - tag: cache_cf 40 | type: cache 41 | args: 42 | size: 20000000 43 | lazy_cache_ttl: 259200000 44 | dump_file: /etc/mosdns/cache_cf.dump 45 | dump_interval: 3600 46 | 47 | #节点域名列表的过期缓存 48 | - tag: cache_node 49 | type: cache 50 | args: 51 | size: 20000000 52 | lazy_cache_ttl: 259200000 53 | dump_file: /etc/mosdns/cache_node.dump 54 | dump_interval: 36000 55 | 56 | #中国域名列表 57 | - tag: geosite_cn 58 | type: domain_set 59 | args: 60 | files: 61 | - "/etc/mosdns/rule/geosite_cn.txt" 62 | #中国IP列表 63 | - tag: geoip_cn 64 | type: ip_set 65 | args: 66 | files: 67 | - "/etc/mosdns/rule/geoip_cn.txt" 68 | 69 | #国外域名列表 70 | - tag: geosite_no_cn 71 | type: domain_set 72 | args: 73 | files: 74 | - "/etc/mosdns/rule/geosite_geolocation-!cn.txt" 75 | 76 | #自定义白名单域名列表 77 | - tag: whitelist 78 | type: domain_set 79 | args: 80 | files: 81 | - "/etc/mosdns/rule/whitelist.txt" 82 | 83 | #屏蔽域名列表 84 | - tag: blocklist 85 | type: domain_set 86 | args: 87 | files: 88 | - "/etc/mosdns/rule/blocklist.txt" 89 | 90 | #自定义强制代理域名列表 91 | - tag: greylist 92 | type: domain_set 93 | args: 94 | files: 95 | - "/etc/mosdns/rule/greylist.txt" 96 | 97 | #自定义hosts域名列表 98 | - tag: hosts 99 | type: hosts 100 | args: 101 | files: 102 | - "/etc/mosdns/rule/hosts.txt" 103 | 104 | #转发dns请求到google dns 105 | - tag: forward_google 106 | type: forward 107 | args: 108 | concurrent: 1 109 | upstreams: 110 | - addr: "tls://8.8.8.8" #不要改,只有tls和tcp支持pipeline 111 | #socks5: "127.0.0.1:7891" #修改点 改为自己的socks5,sb作为网关的可以删除此行1 112 | enable_pipeline: true 113 | insecure_skip_verify: true 114 | 115 | #转发dns请求到cf dns 116 | - tag: forward_cf 117 | type: forward 118 | args: 119 | concurrent: 1 120 | upstreams: 121 | - addr: "tls://1.1.1.1" #不要改,只有tls和tcp支持pipeline 122 | #socks5: "127.0.0.1:7891" #修改点 改为自己的socks5,sb作为网关的可以删除此行 123 | enable_pipeline: true 124 | insecure_skip_verify: true 125 | 126 | #转发请求到阿里dns 127 | - tag: forward_local 128 | type: forward 129 | args: 130 | concurrent: 2 131 | upstreams: 132 | - addr: "https://dns.alidns.com/dns-query" #修改点 可以换为自己的私有doh 133 | dial_addr: "223.5.5.5" 134 | insecure_skip_verify: true 135 | enable_http3: true #确实支持h3,已测试 136 | - addr: "quic://223.5.5.5" #QUIC牛逼 137 | 138 | #转发请求至sing-box/mihome dns请求fakeip 139 | - tag: forward_fakeip 140 | type: forward 141 | args: 142 | concurrent: 1 143 | upstreams: 144 | - addr: 10.10.10.147:6666 #修改点 换为自己的sb/mihomo fakeip dns 145 | 146 | #过期缓存在域名TTL过期后~lazy_cache_ttl时间段内被更新 147 | #请求时马上返回结果,同时后台异步更新缓存 148 | #异步更新时,新进程执行$cache_cn后面的逻辑去获取IP 149 | #$调用序列会异步调用,被调用的序列内accept 150 | #只会结束被调用的序列 151 | #过期缓存是上次请求时的结果,不一定符合本次的ecs信息 152 | 153 | #缓存序列-国内域名 154 | - tag: sequence_local 155 | type: sequence 156 | args: 157 | - exec: drop_resp #丢弃用于标记的blackhole ip 158 | - exec: $cache_cn 159 | - matches: has_resp 160 | exec: accept 161 | - exec: ecs 2408:8214:213::1 #修改点 公网IP 无须更新 使用/48段 使用自己的V6让chatgpt转换 162 | - exec: $forward_local 163 | - matches: 164 | - "rcode 0" 165 | - "qtype 1 28" 166 | - "!resp_ip 0.0.0.0/0 2000::/3" 167 | exec: ttl 60000 168 | - matches: has_resp 169 | exec: accept 170 | 171 | #缓存序列-列表外域名 172 | - tag: sequence_google 173 | type: sequence 174 | args: 175 | - exec: $cache_google 176 | - matches: has_resp 177 | exec: accept 178 | - exec: ecs 2408:8214:213::1 #修改点 使用自己的公网IP,无须更新 179 | - exec: $forward_google 180 | - matches: 181 | - "rcode 0" 182 | - "qtype 1 28" 183 | # - "!resp_ip 0.0.0.0/0 2000::/3" 184 | exec: ttl 60000 185 | - matches: has_resp 186 | exec: accept 187 | 188 | #缓存序列-列表外域名 189 | - tag: sequence_cf 190 | type: sequence 191 | args: 192 | - exec: $cache_cf 193 | - matches: has_resp 194 | exec: accept 195 | - exec: $forward_cf 196 | - matches: 197 | - "rcode 0" 198 | - "qtype 1 28" 199 | # - "!resp_ip 0.0.0.0/0 2000::/3" 200 | exec: ttl 60000 201 | - matches: has_resp 202 | exec: accept 203 | 204 | #列表外的域名的处理逻辑 205 | #先带ecs到8888,如果返回235,就用cf再查一次,如果还返回235 206 | #25的情况用223再查,3的情况返回no error 207 | - tag: sequence_not_in_list 208 | type: sequence 209 | args: 210 | - exec: drop_resp #丢弃用于标记的blackhole ip 211 | - exec: $sequence_google #表外域名先带ecs发到8888 212 | - matches: "!resp_ip 0.0.0.0/0 2000::/3" #rcode 235及没有IP等情况 213 | exec: mark 123 #标记 214 | - matches: mark 123 215 | exec: drop_resp #丢弃结果 216 | - matches: mark 123 217 | exec: $sequence_cf #cf dns再查一次 218 | - matches: "rcode 3" #失败或者拒绝 219 | exec: ttl 60000 220 | - matches: "rcode 3" #没有域名 221 | exec: reject 0 222 | - matches: "rcode 2 5" #失败或者拒绝 223 | exec: mark 456 #失败拒绝标记 224 | - matches: mark 456 225 | exec: drop_resp #丢弃结果 226 | - matches: mark 456 #只有rcode 2 5需要到国内查询,rcode3 会接受结果 227 | exec: $sequence_local #SERVFAIL用国内dns再查一次 228 | - matches: "rcode 2 3 5" #失败或者拒绝 229 | exec: mark 789 #失败拒绝标记 230 | - matches: mark 789 231 | exec: drop_resp #丢弃结果 232 | - matches: mark 789 233 | exec: $forward_fakeip #请求fakeip返回 234 | - matches: "resp_ip 28.0.0.0/8 f2b0::/18" 235 | exec: accept #fakeip就接受 236 | - matches: "!resp_ip 0.0.0.0/0 2000::/3" 237 | exec: accept #再没有IP返回就把结果返回给客户端 238 | - matches: "!resp_ip $geoip_cn" 239 | exec: $forward_fakeip #如果是国外IP,就请求fakeip返回 240 | - matches: has_resp 241 | exec: accept 242 | 243 | #用本地dns查询 244 | - tag: query_is_local_dns 245 | type: sequence 246 | args: 247 | - matches: qname $whitelist 248 | exec: black_hole 127.0.0.1 ::1 249 | - matches: qname $geosite_cn 250 | exec: black_hole 127.0.0.1 ::1 251 | 252 | #fallback并发primary和secondary都没有IP返回,会抛出错误 253 | #导致后续逻辑无法执行,在secondary中使用black_hole给假 254 | #ip作为标记供后续判断 255 | 256 | #国外域名列表/灰名单直接请求fakeip 257 | - tag: query_is_fakeip 258 | type: sequence 259 | args: 260 | - matches: qname $geosite_no_cn 261 | exec: black_hole 127.0.0.2 ::2 262 | - matches: "!resp_ip 127.0.0.2 ::2" 263 | exec: black_hole 127.0.0.3 ::3 264 | 265 | #列表内域名国内国外并发匹配,结果是black_hole的即列表外域名 266 | - tag: conc_lookup 267 | type: fallback 268 | args: 269 | primary: query_is_local_dns 270 | secondary: query_is_fakeip 271 | threshold: 0 272 | always_standby: true 273 | 274 | #主分流序列 275 | - tag: sequence_main 276 | type: sequence 277 | args: 278 | - matches: "qtype 12 65" 279 | exec: reject 0 280 | - matches: qname $blocklist 281 | exec: reject 0 282 | - exec: $hosts 283 | - matches: has_resp 284 | exec: accept 285 | - exec: $cache_all 286 | - matches: "qtype 16 33" 287 | exec: $forward_google 288 | - matches: 289 | - has_resp 290 | - "!resp_ip 127.0.0.1 ::1" 291 | exec: accept 292 | - matches: qname $greylist 293 | exec: $forward_fakeip 294 | - matches: has_resp 295 | exec: accept 296 | - exec: $conc_lookup 297 | - matches: "resp_ip 127.0.0.1 ::1" 298 | exec: $sequence_local 299 | - matches: "resp_ip 127.0.0.2 ::2" 300 | exec: $forward_fakeip 301 | - matches: "resp_ip 28.0.0.0/8 f2b0::/18" 302 | exec: accept #fakeip就接受 303 | - matches: 304 | - has_resp 305 | - "!qtype 1" #非A的只要不是黑洞IP,有没有IP都接受 306 | - "!resp_ip 127.0.0.1 ::1 127.0.0.2 ::2 127.0.0.3 ::3" 307 | exec: accept 308 | - matches: 309 | - has_resp 310 | - "qtype 1" #A的不是黑洞IP,有正经IP才接受 311 | - "resp_ip 0.0.0.0/0 2000::/3" 312 | - "!resp_ip 127.0.0.1 ::1 127.0.0.2 ::2 127.0.0.3 ::3" 313 | exec: accept 314 | - exec: $sequence_not_in_list #其它走表外逻辑 315 | 316 | #处理列表外域名的缓存序列 317 | - tag: sequence_google_forsbnode 318 | type: sequence 319 | args: 320 | - exec: $cache_node 321 | - matches: has_resp 322 | exec: accept 323 | - exec: ecs 2408:8214:213::1 #修改点 同上 324 | - exec: $forward_google 325 | 326 | #专门用于解析域名节点,默认使用8888解析,300毫秒不通用换223解析 327 | - tag: sbnodefallback 328 | type: fallback 329 | args: 330 | primary: sequence_google_forsbnode 331 | secondary: sequence_local 332 | threshold: 300 333 | always_standby: false 334 | 335 | - tag: sequence_sbnode 336 | type: sequence 337 | args: 338 | - exec: $sbnodefallback 339 | 340 | #用于sing-box的分流序列,只返回real ip 341 | - tag: sequence_sb 342 | type: sequence 343 | args: 344 | - matches: "qtype 12 65" 345 | exec: reject 0 346 | # - matches: "!qtype 1 5 16 28 33" 347 | # exec: reject 0 348 | - matches: qname $blocklist 349 | exec: reject 0 350 | - matches: qname $whitelist 351 | exec: $sequence_local 352 | - matches: has_resp 353 | exec: accept 354 | - matches: qname $greylist #cn列表中强制代理的 355 | exec: $sequence_google 356 | - matches: has_resp 357 | exec: accept 358 | - matches: qname $geosite_cn 359 | exec: $sequence_local 360 | - matches: has_resp 361 | exec: accept 362 | - matches: "qtype 16 33" 363 | exec: $forward_google 364 | - matches: has_resp 365 | exec: accept 366 | - exec: $sequence_google 367 | - matches: "rcode 2 3 5" #失败或者拒绝 368 | exec: mark 123 #失败拒绝标记 369 | - matches: mark 123 370 | exec: drop_resp #丢弃结果 371 | - matches: mark 123 372 | exec: $sequence_cf #NXDomain用cf dns再查一次 373 | - matches: "rcode 3" #失败或者拒绝 374 | exec: ttl 60000 375 | - matches: "rcode 3" #没有域名 376 | exec: reject 0 377 | - matches: "rcode 2 5" #失败或者拒绝 378 | exec: mark 456 #失败拒绝标记 379 | - matches: mark 456 380 | exec: drop_resp #丢弃结果 381 | - matches: mark 456 382 | exec: $sequence_local #SERVFAIL用国内dns再查一次 383 | 384 | #主分流服务器 385 | - tag: udp_main 386 | type: udp_server 387 | args: 388 | entry: sequence_main 389 | listen: ":53" #修改点 改为自己需要的端口 比如53 390 | 391 | - tag: tcp_main 392 | type: tcp_server 393 | args: 394 | entry: sequence_main 395 | listen: ":53" #修改点 改为自己需要的端口 比如53 -------------------------------------------------------------------------------- /mosdns-ph/rule/blocklist.txt: -------------------------------------------------------------------------------- 1 | full:trace-server.prod-clustered.bugs.firebat.prime-video.amazon.dev 2 | full:xmbc.highrez.co.uk 3 | domain:jddebug.com 4 | domain:mdbook.cn 5 | domain:jsqmt.qq.com 6 | domain:t-ring-fallbacks2.msedge.net 7 | domain:init.phpwind.net 8 | domain:cdn.bootcss.com 9 | domain:cdn.bootcdn.net 10 | domain:cdn.staticfile.net 11 | domain:cdn.staticfile.org 12 | domain:cdn.polyfill.io 13 | full:chenmeideiphone 14 | full:phil14plus -------------------------------------------------------------------------------- /mosdns-ph/rule/cloudflare-cidr.txt: -------------------------------------------------------------------------------- 1 | 173.245.48.0/20 2 | 103.21.244.0/22 3 | 103.22.200.0/22 4 | 103.31.4.0/22 5 | 141.101.64.0/18 6 | 108.162.192.0/18 7 | 190.93.240.0/20 8 | 188.114.96.0/20 9 | 197.234.240.0/22 10 | 198.41.128.0/17 11 | 162.158.0.0/15 12 | 104.16.0.0/13 13 | 104.24.0.0/14 14 | 172.64.0.0/13 15 | 131.0.72.0/22 16 | 2400:cb00::/32 17 | 2606:4700::/32 18 | 2803:f800::/32 19 | 2405:b500::/32 20 | 2405:8100::/32 21 | 2a06:98c0::/29 22 | 2c0f:f248::/32 23 | -------------------------------------------------------------------------------- /mosdns-ph/rule/cnv6-only.txt: -------------------------------------------------------------------------------- 1 | full:6.ipw.cn 2 | full:test6.ustc.edu.cn 3 | domain:philma.fun 4 | domain:mbjlkg.lol 5 | domain:huacloud.xyz 6 | domain:rfp4ucx.xyz 7 | domain:myip.ipip.net 8 | domain:nexconvert.com 9 | domain:msftconnecttest.com 10 | domain:space.bilibili.com 11 | domain:b23.tv 12 | domain:msedge.com 13 | domain:msedge.net 14 | domain:azurefd.com 15 | domain:azure.com 16 | domain:default.exp-tas.com 17 | domain:azureedge.net 18 | domain:msftncsi.com 19 | domain:nn.ci 20 | domain:config.edge.skype.com -------------------------------------------------------------------------------- /mosdns-ph/rule/ddnslist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns-ph/rule/ddnslist.txt -------------------------------------------------------------------------------- /mosdns-ph/rule/greylist.txt: -------------------------------------------------------------------------------- 1 | full:mypikpak.com 2 | full:access.mypikpak.com 3 | domain:googleapis.cn 4 | domain:4d4y.com 5 | domain:iii80.com 6 | domain:googleapis.com 7 | domain:google.com 8 | domain:gstatic.com 9 | full:e13252.dscg.akamaiedge.net 10 | full:h-netflix.online-metrix.net 11 | full:netflix.com.edgesuite.net 12 | domain:cookielaw.org 13 | domain:fast.com 14 | domain:flxvpn.net 15 | domain:netflix.ca 16 | domain:netflix.com 17 | domain:netflix.com.au 18 | domain:netflix.com.edgesuite.net 19 | domain:netflix.net 20 | domain:netflixdnstest0.com 21 | domain:netflixdnstest1.com 22 | domain:netflixdnstest10.com 23 | domain:netflixdnstest2.com 24 | domain:netflixdnstest3.com 25 | domain:netflixdnstest4.com 26 | domain:netflixdnstest5.com 27 | domain:netflixdnstest6.com 28 | domain:netflixdnstest7.com 29 | domain:netflixdnstest8.com 30 | domain:netflixdnstest9.com 31 | domain:netflixinvestor.com 32 | domain:netflixstudios.com 33 | domain:netflixtechblog.com 34 | domain:nflxext.com 35 | domain:nflximg.com 36 | domain:nflximg.net 37 | domain:nflxsearch.net 38 | domain:nflxso.net 39 | domain:nflxvideo.net 40 | domain:onetrust.com 41 | domain:us-west-2.amazonaws.com 42 | domain:store.ui.com.cn 43 | domain:hassbian.com 44 | domain:copilot.microsoft.com 45 | domain:prod.rewardsplatform.microsoft.com 46 | domain:edge.microsoft.com 47 | domain:nav-edge.smartscreen.microsoft.com 48 | domain:functional.events.data.microsoft.com 49 | domain:edgeservices.bing.com 50 | domain:sydney.bing.com 51 | domain:bing.com 52 | domain:bing.com.cn 53 | domain:bing.net 54 | domain:bingads.com 55 | domain:bingagencyawards.com 56 | domain:bingapistatistics.com 57 | domain:bingsandbox.com 58 | domain:bingvisualsearch.com 59 | domain:bingworld.com 60 | keyword:apiproxy-device-prod-nlb- 61 | keyword:dualstack.apiproxy- 62 | keyword:dualstack.ichnaea-web- 63 | keyword:netflixdnstest -------------------------------------------------------------------------------- /mosdns-ph/rule/greylist.txt-opkg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns-ph/rule/greylist.txt-opkg -------------------------------------------------------------------------------- /mosdns-ph/rule/hosts.txt: -------------------------------------------------------------------------------- 1 | logs.netflix.com 127.0.0.1 ::1 2 | trace-server.prod-clustered.bugs.firebat.prime-video.amazon.dev 127.0.0.1 ::1 -------------------------------------------------------------------------------- /mosdns-ph/rule/local-ptr.txt: -------------------------------------------------------------------------------- 1 | 0.in-addr.arpa 2 | 10.in-addr.arpa 3 | 127.in-addr.arpa 4 | 16.172.in-addr.arpa 5 | 17.172.in-addr.arpa 6 | 18.172.in-addr.arpa 7 | 19.172.in-addr.arpa 8 | 20.172.in-addr.arpa 9 | 21.172.in-addr.arpa 10 | 22.172.in-addr.arpa 11 | 23.172.in-addr.arpa 12 | 24.172.in-addr.arpa 13 | 25.172.in-addr.arpa 14 | 26.172.in-addr.arpa 15 | 27.172.in-addr.arpa 16 | 28.172.in-addr.arpa 17 | 29.172.in-addr.arpa 18 | 30.172.in-addr.arpa 19 | 31.172.in-addr.arpa 20 | 64.100.in-addr.arpa 21 | 65.100.in-addr.arpa 22 | 66.100.in-addr.arpa 23 | 67.100.in-addr.arpa 24 | 68.100.in-addr.arpa 25 | 69.100.in-addr.arpa 26 | 70.100.in-addr.arpa 27 | 71.100.in-addr.arpa 28 | 72.100.in-addr.arpa 29 | 73.100.in-addr.arpa 30 | 74.100.in-addr.arpa 31 | 75.100.in-addr.arpa 32 | 76.100.in-addr.arpa 33 | 77.100.in-addr.arpa 34 | 78.100.in-addr.arpa 35 | 79.100.in-addr.arpa 36 | 80.100.in-addr.arpa 37 | 81.100.in-addr.arpa 38 | 82.100.in-addr.arpa 39 | 83.100.in-addr.arpa 40 | 84.100.in-addr.arpa 41 | 85.100.in-addr.arpa 42 | 86.100.in-addr.arpa 43 | 87.100.in-addr.arpa 44 | 88.100.in-addr.arpa 45 | 89.100.in-addr.arpa 46 | 90.100.in-addr.arpa 47 | 91.100.in-addr.arpa 48 | 92.100.in-addr.arpa 49 | 93.100.in-addr.arpa 50 | 94.100.in-addr.arpa 51 | 95.100.in-addr.arpa 52 | 96.100.in-addr.arpa 53 | 97.100.in-addr.arpa 54 | 98.100.in-addr.arpa 55 | 99.100.in-addr.arpa 56 | 100.100.in-addr.arpa 57 | 101.100.in-addr.arpa 58 | 102.100.in-addr.arpa 59 | 103.100.in-addr.arpa 60 | 104.100.in-addr.arpa 61 | 105.100.in-addr.arpa 62 | 106.100.in-addr.arpa 63 | 107.100.in-addr.arpa 64 | 108.100.in-addr.arpa 65 | 109.100.in-addr.arpa 66 | 110.100.in-addr.arpa 67 | 111.100.in-addr.arpa 68 | 112.100.in-addr.arpa 69 | 113.100.in-addr.arpa 70 | 114.100.in-addr.arpa 71 | 115.100.in-addr.arpa 72 | 116.100.in-addr.arpa 73 | 117.100.in-addr.arpa 74 | 118.100.in-addr.arpa 75 | 119.100.in-addr.arpa 76 | 120.100.in-addr.arpa 77 | 121.100.in-addr.arpa 78 | 122.100.in-addr.arpa 79 | 123.100.in-addr.arpa 80 | 124.100.in-addr.arpa 81 | 125.100.in-addr.arpa 82 | 126.100.in-addr.arpa 83 | 127.100.in-addr.arpa 84 | 2.0.192.in-addr.arpa 85 | 168.192.in-addr.arpa 86 | 255.255.255.255.in-addr.arpa 87 | domain:ip6.arpa -------------------------------------------------------------------------------- /mosdns-ph/rule/local-ptr.txt-opkg: -------------------------------------------------------------------------------- 1 | 0.in-addr.arpa 2 | 10.in-addr.arpa 3 | 127.in-addr.arpa 4 | 16.172.in-addr.arpa 5 | 17.172.in-addr.arpa 6 | 18.172.in-addr.arpa 7 | 19.172.in-addr.arpa 8 | 20.172.in-addr.arpa 9 | 21.172.in-addr.arpa 10 | 22.172.in-addr.arpa 11 | 23.172.in-addr.arpa 12 | 24.172.in-addr.arpa 13 | 25.172.in-addr.arpa 14 | 26.172.in-addr.arpa 15 | 27.172.in-addr.arpa 16 | 28.172.in-addr.arpa 17 | 29.172.in-addr.arpa 18 | 30.172.in-addr.arpa 19 | 31.172.in-addr.arpa 20 | 64.100.in-addr.arpa 21 | 65.100.in-addr.arpa 22 | 66.100.in-addr.arpa 23 | 67.100.in-addr.arpa 24 | 68.100.in-addr.arpa 25 | 69.100.in-addr.arpa 26 | 70.100.in-addr.arpa 27 | 71.100.in-addr.arpa 28 | 72.100.in-addr.arpa 29 | 73.100.in-addr.arpa 30 | 74.100.in-addr.arpa 31 | 75.100.in-addr.arpa 32 | 76.100.in-addr.arpa 33 | 77.100.in-addr.arpa 34 | 78.100.in-addr.arpa 35 | 79.100.in-addr.arpa 36 | 80.100.in-addr.arpa 37 | 81.100.in-addr.arpa 38 | 82.100.in-addr.arpa 39 | 83.100.in-addr.arpa 40 | 84.100.in-addr.arpa 41 | 85.100.in-addr.arpa 42 | 86.100.in-addr.arpa 43 | 87.100.in-addr.arpa 44 | 88.100.in-addr.arpa 45 | 89.100.in-addr.arpa 46 | 90.100.in-addr.arpa 47 | 91.100.in-addr.arpa 48 | 92.100.in-addr.arpa 49 | 93.100.in-addr.arpa 50 | 94.100.in-addr.arpa 51 | 95.100.in-addr.arpa 52 | 96.100.in-addr.arpa 53 | 97.100.in-addr.arpa 54 | 98.100.in-addr.arpa 55 | 99.100.in-addr.arpa 56 | 100.100.in-addr.arpa 57 | 101.100.in-addr.arpa 58 | 102.100.in-addr.arpa 59 | 103.100.in-addr.arpa 60 | 104.100.in-addr.arpa 61 | 105.100.in-addr.arpa 62 | 106.100.in-addr.arpa 63 | 107.100.in-addr.arpa 64 | 108.100.in-addr.arpa 65 | 109.100.in-addr.arpa 66 | 110.100.in-addr.arpa 67 | 111.100.in-addr.arpa 68 | 112.100.in-addr.arpa 69 | 113.100.in-addr.arpa 70 | 114.100.in-addr.arpa 71 | 115.100.in-addr.arpa 72 | 116.100.in-addr.arpa 73 | 117.100.in-addr.arpa 74 | 118.100.in-addr.arpa 75 | 119.100.in-addr.arpa 76 | 120.100.in-addr.arpa 77 | 121.100.in-addr.arpa 78 | 122.100.in-addr.arpa 79 | 123.100.in-addr.arpa 80 | 124.100.in-addr.arpa 81 | 125.100.in-addr.arpa 82 | 126.100.in-addr.arpa 83 | 127.100.in-addr.arpa 84 | 2.0.192.in-addr.arpa 85 | 168.192.in-addr.arpa 86 | 255.255.255.255.in-addr.arpa 87 | domain:ip6.arpa 88 | -------------------------------------------------------------------------------- /mosdns-ph/rule/redirect.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns-ph/rule/redirect.txt -------------------------------------------------------------------------------- /mosdns-ph/rule/whitelist.txt: -------------------------------------------------------------------------------- 1 | full:6.ipw.cn 2 | full:test6.ustc.edu.cn 3 | full:apiauth.quickconnect.to 4 | domain:mbjlkg.lol 5 | domain:huacloud.xyz 6 | domain:rfp4ucx.xyz 7 | domain:myip.ipip.net 8 | domain:nexconvert.com 9 | domain:heartbeat.belkin.com 10 | domain:msftconnecttest.com 11 | domain:space.bilibili.com 12 | domain:b23.tv 13 | domain:msedge.com 14 | domain:msedge.net 15 | domain:azurefd.com 16 | domain:azure.com 17 | domain:default.exp-tas.com 18 | domain:azureedge.net 19 | domain:xboxlive.com 20 | domain:sfx.ms 21 | domain:msftncsi.com 22 | domain:nn.ci 23 | domain:config.edge.skype.com 24 | domain:bing.com 25 | domain:push-apple.com.akadns.net 26 | domain:live.com 27 | domain:msn.com 28 | domain:ntp.org 29 | domain:office.com 30 | domain:qlogo.cn 31 | domain:qq.com 32 | domain:jd.com 33 | domain:jd.hk 34 | domain:apple.cn 35 | domain:me.com 36 | domain:apple.com 37 | domain:icloud.com 38 | domain:icloud-content.com 39 | domain:push-apple.com.akadns.net 40 | domain:push.apple.com 41 | domain:iphone-ld.apple.com 42 | domain:lcdn-locator.apple.com 43 | domain:lcdn-registration.apple.com 44 | domain:cn-ssl.ls.apple.com 45 | domain:time.apple.com 46 | full:gs-loc-cn.apple.com 47 | full:gsp10-ssl-cn.ls.apple.com 48 | full:gsp12-cn.ls.apple.com 49 | full:gsp13-cn.ls.apple.com 50 | full:gsp4-cn.ls.apple.com.edgekey.net.globalredir.akadns.net 51 | full:gsp4-cn.ls.apple.com.edgekey.net 52 | full:gsp4-cn.ls.apple.com 53 | full:gsp5-cn.ls.apple.com 54 | full:gsp85-cn-ssl.ls.apple.com 55 | full:gspe19-2-cn-ssl.ls.apple.com 56 | full:gspe19-cn-ssl.ls.apple.com 57 | full:gspe19-cn.ls-apple.com.akadns.net 58 | full:gspe19-cn.ls.apple.com 59 | full:gspe79-cn-ssl.ls.apple.com 60 | full:cl2-cn.apple.com 61 | full:cl4-cn.apple.com 62 | domain:dht.libtorrent.org 63 | domain:dht.transmissionbt.com 64 | domain:dns.msftncsi.com 65 | domain:ipv6.msftconnecttest.com 66 | domain:www.msftconnecttest.com 67 | domain:microsoft.com 68 | domain:office.com 69 | domain:office365.com 70 | domain:xiuxitong.com 71 | domain:pc528.net 72 | domain:pc521.net 73 | domain:redhat.com 74 | keyword:douyin 75 | keyword:microsoft 76 | keyword:windows 77 | -------------------------------------------------------------------------------- /mosdns-ph/rule/whitelist.txt-opkg: -------------------------------------------------------------------------------- 1 | domain:bing.com 2 | domain:live.com 3 | domain:msn.com 4 | domain:ntp.org 5 | domain:office.com 6 | domain:qlogo.cn 7 | domain:qq.com 8 | domain:redhat.com 9 | keyword:douyin 10 | keyword:microsoft 11 | keyword:windows 12 | -------------------------------------------------------------------------------- /mosdns-ph/unpack/disable-ads.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns-ph/unpack/disable-ads.txt -------------------------------------------------------------------------------- /mosdns/config.yaml: -------------------------------------------------------------------------------- 1 | log: 2 | level: info 3 | file: "/etc/mosdns/mosdns.log" 4 | 5 | api: 6 | http: "0.0.0.0:8338" 7 | 8 | include: [] 9 | 10 | plugins: 11 | - tag: geosite_cn 12 | type: domain_set 13 | args: 14 | files: 15 | - "/etc/mosdns/geosite_cn.txt" 16 | 17 | - tag: geoip_cn 18 | type: ip_set 19 | args: 20 | files: 21 | - "/etc/mosdns/geoip_cn.txt" 22 | 23 | - tag: geosite_no_cn 24 | type: domain_set 25 | args: 26 | files: 27 | - "/etc/mosdns/geosite_geolocation_noncn.txt" 28 | 29 | - tag: whitelist 30 | type: domain_set 31 | args: 32 | files: 33 | - "/etc/mosdns/rule/whitelist.txt" 34 | 35 | - tag: blocklist 36 | type: domain_set 37 | args: 38 | files: 39 | - "/etc/mosdns/rule/blocklist.txt" 40 | 41 | - tag: greylist 42 | type: domain_set 43 | args: 44 | files: 45 | - "/etc/mosdns/rule/greylist.txt" 46 | 47 | - tag: ddnslist 48 | type: domain_set 49 | args: 50 | files: 51 | - "/etc/mosdns/rule/ddnslist.txt" 52 | 53 | - tag: hosts 54 | type: hosts 55 | args: 56 | files: 57 | - "/etc/mosdns/rule/hosts.txt" 58 | 59 | - tag: redirect 60 | type: redirect 61 | args: 62 | files: 63 | - "/etc/mosdns/rule/redirect.txt" 64 | 65 | - tag: adlist 66 | type: domain_set 67 | args: 68 | files: 69 | - "/etc/mosdns/rule/adlist.txt" 70 | 71 | - tag: local_ptr 72 | type: domain_set 73 | args: 74 | files: 75 | - "/etc/mosdns/rule/localptr.txt" 76 | 77 | - tag: ecs_local 78 | type: ecs_handler 79 | args: 80 | forward: false 81 | preset: 183.195.1.1 82 | mask4: 24 83 | 84 | - tag: lazy_cache 85 | type: cache 86 | args: 87 | size: 0 88 | lazy_cache_ttl: 0 89 | dump_file: /etc/mosdns/cache.dump 90 | dump_interval: 0 91 | 92 | 93 | 94 | - tag: reject_3 95 | type: sequence 96 | args: 97 | - exec: reject 3 98 | 99 | - tag: reject_blocklist 100 | type: sequence 101 | args: 102 | - exec: query_summary reject_blocklist 103 | - exec: $reject_3 104 | 105 | - tag: reject_adlist 106 | type: sequence 107 | args: 108 | - exec: query_summary reject_adlist 109 | - exec: $reject_3 110 | 111 | - tag: reject_ptrlist 112 | type: sequence 113 | args: 114 | - exec: query_summary reject_ptrlist 115 | - exec: $reject_3 116 | 117 | - tag: reject_qtype65 118 | type: sequence 119 | args: 120 | - exec: query_summary reject_qtype65 121 | - exec: $reject_3 122 | 123 | - tag: forward_local 124 | type: forward 125 | args: 126 | concurrent: 3 127 | upstreams: 128 | - addr: "https://dns.alidns.com/dns-query" 129 | dial_addr: "223.5.5.5" 130 | insecure_skip_verify: true 131 | enable_http3: 132 | - addr: "quic://223.5.5.5" 133 | - addr: "tcp://223.5.5.5" 134 | 135 | 136 | - tag: forward_remote 137 | type: forward 138 | args: 139 | concurrent: 1 140 | upstreams: 141 | # - addr: 10.10.10.254:5353 142 | #- addr: 10.10.10.114 143 | - addr: 10.10.10.114:6666 144 | enable_pipeline: false 145 | insecure_skip_verify: false 146 | idle_timeout: 50 147 | enable_http3: false 148 | 149 | - tag: forward_google 150 | type: forward 151 | args: 152 | concurrent: 1 153 | upstreams: 154 | - addr: tls://8.8.8.8:853 155 | #- addr: 10.10.10.250 156 | #- addr: tcp://10.10.10.250 157 | enable_pipeline: false 158 | insecure_skip_verify: false 159 | idle_timeout: 50 160 | enable_http3: false 161 | 162 | - tag: forward_cf 163 | type: forward 164 | args: 165 | concurrent: 1 166 | upstreams: 167 | - addr: tls://1.1.1.1:853 168 | enable_pipeline: false 169 | insecure_skip_verify: false 170 | idle_timeout: 50 171 | enable_http3: false 172 | 173 | - tag: modify_ttl 174 | type: sequence 175 | args: 176 | - exec: ttl 0-0 177 | 178 | - tag: modify_ddns_ttl 179 | type: sequence 180 | args: 181 | - exec: ttl 5-5 182 | 183 | - tag: local_sequence 184 | type: sequence 185 | args: 186 | - exec: query_summary forward_local 187 | - exec: $forward_local 188 | 189 | - tag: remote_sequence 190 | type: sequence 191 | args: 192 | - exec: query_summary forward_remote 193 | - exec: $forward_remote 194 | 195 | - tag: forward_google_upstream 196 | type: sequence 197 | args: 198 | - exec: query_summary forward_google 199 | - exec: $forward_google 200 | 201 | - tag: forward_cf_upstream 202 | type: sequence 203 | args: 204 | - exec: query_summary forward_cf 205 | - exec: $forward_cf 206 | 207 | - tag: has_resp_sequence 208 | type: sequence 209 | args: 210 | - matches: qname $ddnslist 211 | exec: $modify_ddns_ttl 212 | - matches: "!qname $ddnslist" 213 | exec: $modify_ttl 214 | - matches: has_resp 215 | exec: accept 216 | 217 | - tag: query_is_ddns_domain 218 | type: sequence 219 | args: 220 | - matches: qname $ddnslist 221 | exec: $local_sequence 222 | 223 | - tag: query_is_srv_domain 224 | type: sequence 225 | args: 226 | - matches: 227 | - qtype 33 228 | exec: $forward_google_upstream 229 | 230 | - tag: query_is_mx_domain 231 | type: sequence 232 | args: 233 | - matches: 234 | - qtype 15 235 | exec: $forward_google_upstream 236 | 237 | - tag: query_is_local_domain 238 | type: sequence 239 | args: 240 | - matches: qname $geosite_cn 241 | exec: $local_sequence 242 | 243 | - tag: query_is_no_local_domain 244 | type: sequence 245 | args: 246 | - matches: qname $geosite_no_cn 247 | exec: $remote_sequence 248 | 249 | - tag: query_is_whitelist_domain 250 | type: sequence 251 | args: 252 | - matches: qname $whitelist 253 | exec: $local_sequence 254 | 255 | - tag: query_is_greylist_domain 256 | type: sequence 257 | args: 258 | - matches: qname $greylist 259 | exec: $remote_sequence 260 | 261 | - tag: query_is_reject_domain 262 | type: sequence 263 | args: 264 | - matches: qname $blocklist 265 | exec: $reject_blocklist 266 | - matches: qname $adlist 267 | exec: $reject_adlist 268 | - matches: 269 | - qtype 12 270 | - qname $local_ptr 271 | exec: $reject_ptrlist 272 | - matches: qtype 65 273 | exec: $reject_qtype65 274 | 275 | - tag: fallback_sequence 276 | type: sequence 277 | args: 278 | #- exec: $ecs_local 279 | - exec: $forward_google_upstream 280 | - matches: "rcode 2" 281 | exec: goto local_sequence 282 | - matches: "rcode 3" 283 | exec: goto forward_cf_upstream 284 | - matches: "rcode 5" 285 | exec: goto local_sequence 286 | - matches: "resp_ip $geoip_cn" 287 | exec: goto local_sequence 288 | - matches: "!resp_ip 0.0.0.0/0 ::/0" 289 | exec: accept 290 | - matches: "!resp_ip $geoip_cn" 291 | exec: goto remote_sequence 292 | 293 | - tag: main_sequence 294 | type: sequence 295 | args: 296 | - exec: metrics_collector metrics 297 | - exec: $hosts 298 | - exec: jump has_resp_sequence 299 | - matches: 300 | - "!qname $ddnslist" 301 | - "!qname $blocklist" 302 | - "!qname $adlist" 303 | - "!qname $local_ptr" 304 | exec: $lazy_cache 305 | - exec: $redirect 306 | - exec: jump has_resp_sequence 307 | - exec: $query_is_ddns_domain 308 | - exec: jump has_resp_sequence 309 | - exec: $query_is_srv_domain 310 | - exec: jump has_resp_sequence 311 | - exec: $query_is_mx_domain 312 | - exec: jump has_resp_sequence 313 | - exec: $query_is_whitelist_domain 314 | - exec: jump has_resp_sequence 315 | - exec: $query_is_reject_domain 316 | - exec: jump has_resp_sequence 317 | - exec: $query_is_greylist_domain 318 | - exec: jump has_resp_sequence 319 | - exec: $query_is_local_domain 320 | - exec: jump has_resp_sequence 321 | - exec: $query_is_no_local_domain 322 | - exec: jump has_resp_sequence 323 | - exec: $fallback_sequence 324 | 325 | - tag: udp_server 326 | type: udp_server 327 | args: 328 | entry: main_sequence 329 | listen: ":53" 330 | 331 | - tag: tcp_server 332 | type: tcp_server 333 | args: 334 | entry: main_sequence 335 | listen: ":53" 336 | -------------------------------------------------------------------------------- /mosdns/disable-ads.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns/disable-ads.txt -------------------------------------------------------------------------------- /mosdns/mos_rule_update.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 设置需要下载的文件 URL 4 | proxy_list_url="https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/proxy-list.txt" 5 | gfw_list_url="https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/gfw.txt" 6 | direct_list_url="https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/direct-list.txt" 7 | cn_ip_cidr_url="https://raw.githubusercontent.com/Hackl0us/GeoIP2-CN/release/CN-ip-cidr.txt" 8 | 9 | # 设置本地文件路径 10 | geosite_cn_file="/etc/mosdns/geosite_cn.txt" 11 | geoip_cn_file="/etc/mosdns/geoip_cn.txt" 12 | geosite_geolocation_noncn_file="/etc/mosdns/geosite_geolocation_noncn.txt" 13 | gfw_file="/etc/mosdns/gfw.txt" 14 | 15 | # 下载并替换文件的函数 16 | download_and_replace() { 17 | local url=$1 18 | local file=$2 19 | 20 | # 下载文件 21 | curl -s "$url" -o "$file.tmp" 22 | 23 | # 检查下载是否成功 24 | if [ $? -eq 0 ]; then 25 | # 用下载的文件替换原文件 26 | mv "$file.tmp" "$file" 27 | echo "文件 $file 更新成功。" 28 | else 29 | echo "下载 $file 失败。" 30 | fi 31 | } 32 | 33 | # 下载并替换文件 34 | download_and_replace "$proxy_list_url" "$geosite_geolocation_noncn_file" 35 | download_and_replace "$gfw_list_url" "$gfw_file" 36 | download_and_replace "$direct_list_url" "$geosite_cn_file" 37 | download_and_replace "$cn_ip_cidr_url" "$geoip_cn_file" 38 | 39 | echo "所有文件更新完成。" -------------------------------------------------------------------------------- /mosdns/rule/adlist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns/rule/adlist.txt -------------------------------------------------------------------------------- /mosdns/rule/blocklist.txt: -------------------------------------------------------------------------------- 1 | domain:logs.netflix.com -------------------------------------------------------------------------------- /mosdns/rule/cloudflare-cidr.txt: -------------------------------------------------------------------------------- 1 | 173.245.48.0/20 2 | 103.21.244.0/22 3 | 103.22.200.0/22 4 | 103.31.4.0/22 5 | 141.101.64.0/18 6 | 108.162.192.0/18 7 | 190.93.240.0/20 8 | 188.114.96.0/20 9 | 197.234.240.0/22 10 | 198.41.128.0/17 11 | 162.158.0.0/15 12 | 104.16.0.0/13 13 | 104.24.0.0/14 14 | 172.64.0.0/13 15 | 131.0.72.0/22 16 | 2400:cb00::/32 17 | 2606:4700::/32 18 | 2803:f800::/32 19 | 2405:b500::/32 20 | 2405:8100::/32 21 | 2a06:98c0::/29 22 | 2c0f:f248::/32 23 | -------------------------------------------------------------------------------- /mosdns/rule/ddnslist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns/rule/ddnslist.txt -------------------------------------------------------------------------------- /mosdns/rule/greylist.txt: -------------------------------------------------------------------------------- 1 | full:e13252.dscg.akamaiedge.net 2 | full:h-netflix.online-metrix.net 3 | full:netflix.com.edgesuite.net 4 | domain:cookielaw.org 5 | domain:fast.com 6 | domain:flxvpn.net 7 | domain:netflix.ca 8 | domain:netflix.com 9 | domain:netflix.com.au 10 | domain:netflix.com.edgesuite.net 11 | domain:netflix.net 12 | domain:netflixdnstest0.com 13 | domain:netflixdnstest1.com 14 | domain:netflixdnstest10.com 15 | domain:netflixdnstest2.com 16 | domain:netflixdnstest3.com 17 | domain:netflixdnstest4.com 18 | domain:netflixdnstest5.com 19 | domain:netflixdnstest6.com 20 | domain:netflixdnstest7.com 21 | domain:netflixdnstest8.com 22 | domain:netflixdnstest9.com 23 | domain:netflixinvestor.com 24 | domain:netflixstudios.com 25 | domain:netflixtechblog.com 26 | domain:nflxext.com 27 | domain:nflximg.com 28 | domain:nflximg.net 29 | domain:nflxsearch.net 30 | domain:nflxso.net 31 | domain:nflxvideo.net 32 | domain:onetrust.com 33 | domain:us-west-2.amazonaws.com 34 | keyword:apiproxy-device-prod-nlb- 35 | keyword:dualstack.apiproxy- 36 | keyword:dualstack.ichnaea-web- 37 | keyword:netflixdnstest 38 | -------------------------------------------------------------------------------- /mosdns/rule/greylist.txt-opkg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns/rule/greylist.txt-opkg -------------------------------------------------------------------------------- /mosdns/rule/hosts.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns/rule/hosts.txt -------------------------------------------------------------------------------- /mosdns/rule/local-ptr.txt: -------------------------------------------------------------------------------- 1 | 0.in-addr.arpa 2 | 10.in-addr.arpa 3 | 127.in-addr.arpa 4 | 16.172.in-addr.arpa 5 | 17.172.in-addr.arpa 6 | 18.172.in-addr.arpa 7 | 19.172.in-addr.arpa 8 | 20.172.in-addr.arpa 9 | 21.172.in-addr.arpa 10 | 22.172.in-addr.arpa 11 | 23.172.in-addr.arpa 12 | 24.172.in-addr.arpa 13 | 25.172.in-addr.arpa 14 | 26.172.in-addr.arpa 15 | 27.172.in-addr.arpa 16 | 28.172.in-addr.arpa 17 | 29.172.in-addr.arpa 18 | 30.172.in-addr.arpa 19 | 31.172.in-addr.arpa 20 | 64.100.in-addr.arpa 21 | 65.100.in-addr.arpa 22 | 66.100.in-addr.arpa 23 | 67.100.in-addr.arpa 24 | 68.100.in-addr.arpa 25 | 69.100.in-addr.arpa 26 | 70.100.in-addr.arpa 27 | 71.100.in-addr.arpa 28 | 72.100.in-addr.arpa 29 | 73.100.in-addr.arpa 30 | 74.100.in-addr.arpa 31 | 75.100.in-addr.arpa 32 | 76.100.in-addr.arpa 33 | 77.100.in-addr.arpa 34 | 78.100.in-addr.arpa 35 | 79.100.in-addr.arpa 36 | 80.100.in-addr.arpa 37 | 81.100.in-addr.arpa 38 | 82.100.in-addr.arpa 39 | 83.100.in-addr.arpa 40 | 84.100.in-addr.arpa 41 | 85.100.in-addr.arpa 42 | 86.100.in-addr.arpa 43 | 87.100.in-addr.arpa 44 | 88.100.in-addr.arpa 45 | 89.100.in-addr.arpa 46 | 90.100.in-addr.arpa 47 | 91.100.in-addr.arpa 48 | 92.100.in-addr.arpa 49 | 93.100.in-addr.arpa 50 | 94.100.in-addr.arpa 51 | 95.100.in-addr.arpa 52 | 96.100.in-addr.arpa 53 | 97.100.in-addr.arpa 54 | 98.100.in-addr.arpa 55 | 99.100.in-addr.arpa 56 | 100.100.in-addr.arpa 57 | 101.100.in-addr.arpa 58 | 102.100.in-addr.arpa 59 | 103.100.in-addr.arpa 60 | 104.100.in-addr.arpa 61 | 105.100.in-addr.arpa 62 | 106.100.in-addr.arpa 63 | 107.100.in-addr.arpa 64 | 108.100.in-addr.arpa 65 | 109.100.in-addr.arpa 66 | 110.100.in-addr.arpa 67 | 111.100.in-addr.arpa 68 | 112.100.in-addr.arpa 69 | 113.100.in-addr.arpa 70 | 114.100.in-addr.arpa 71 | 115.100.in-addr.arpa 72 | 116.100.in-addr.arpa 73 | 117.100.in-addr.arpa 74 | 118.100.in-addr.arpa 75 | 119.100.in-addr.arpa 76 | 120.100.in-addr.arpa 77 | 121.100.in-addr.arpa 78 | 122.100.in-addr.arpa 79 | 123.100.in-addr.arpa 80 | 124.100.in-addr.arpa 81 | 125.100.in-addr.arpa 82 | 126.100.in-addr.arpa 83 | 127.100.in-addr.arpa 84 | 2.0.192.in-addr.arpa 85 | 168.192.in-addr.arpa 86 | 255.255.255.255.in-addr.arpa 87 | domain:ip6.arpa 88 | -------------------------------------------------------------------------------- /mosdns/rule/local-ptr.txt-opkg: -------------------------------------------------------------------------------- 1 | 0.in-addr.arpa 2 | 10.in-addr.arpa 3 | 127.in-addr.arpa 4 | 16.172.in-addr.arpa 5 | 17.172.in-addr.arpa 6 | 18.172.in-addr.arpa 7 | 19.172.in-addr.arpa 8 | 20.172.in-addr.arpa 9 | 21.172.in-addr.arpa 10 | 22.172.in-addr.arpa 11 | 23.172.in-addr.arpa 12 | 24.172.in-addr.arpa 13 | 25.172.in-addr.arpa 14 | 26.172.in-addr.arpa 15 | 27.172.in-addr.arpa 16 | 28.172.in-addr.arpa 17 | 29.172.in-addr.arpa 18 | 30.172.in-addr.arpa 19 | 31.172.in-addr.arpa 20 | 64.100.in-addr.arpa 21 | 65.100.in-addr.arpa 22 | 66.100.in-addr.arpa 23 | 67.100.in-addr.arpa 24 | 68.100.in-addr.arpa 25 | 69.100.in-addr.arpa 26 | 70.100.in-addr.arpa 27 | 71.100.in-addr.arpa 28 | 72.100.in-addr.arpa 29 | 73.100.in-addr.arpa 30 | 74.100.in-addr.arpa 31 | 75.100.in-addr.arpa 32 | 76.100.in-addr.arpa 33 | 77.100.in-addr.arpa 34 | 78.100.in-addr.arpa 35 | 79.100.in-addr.arpa 36 | 80.100.in-addr.arpa 37 | 81.100.in-addr.arpa 38 | 82.100.in-addr.arpa 39 | 83.100.in-addr.arpa 40 | 84.100.in-addr.arpa 41 | 85.100.in-addr.arpa 42 | 86.100.in-addr.arpa 43 | 87.100.in-addr.arpa 44 | 88.100.in-addr.arpa 45 | 89.100.in-addr.arpa 46 | 90.100.in-addr.arpa 47 | 91.100.in-addr.arpa 48 | 92.100.in-addr.arpa 49 | 93.100.in-addr.arpa 50 | 94.100.in-addr.arpa 51 | 95.100.in-addr.arpa 52 | 96.100.in-addr.arpa 53 | 97.100.in-addr.arpa 54 | 98.100.in-addr.arpa 55 | 99.100.in-addr.arpa 56 | 100.100.in-addr.arpa 57 | 101.100.in-addr.arpa 58 | 102.100.in-addr.arpa 59 | 103.100.in-addr.arpa 60 | 104.100.in-addr.arpa 61 | 105.100.in-addr.arpa 62 | 106.100.in-addr.arpa 63 | 107.100.in-addr.arpa 64 | 108.100.in-addr.arpa 65 | 109.100.in-addr.arpa 66 | 110.100.in-addr.arpa 67 | 111.100.in-addr.arpa 68 | 112.100.in-addr.arpa 69 | 113.100.in-addr.arpa 70 | 114.100.in-addr.arpa 71 | 115.100.in-addr.arpa 72 | 116.100.in-addr.arpa 73 | 117.100.in-addr.arpa 74 | 118.100.in-addr.arpa 75 | 119.100.in-addr.arpa 76 | 120.100.in-addr.arpa 77 | 121.100.in-addr.arpa 78 | 122.100.in-addr.arpa 79 | 123.100.in-addr.arpa 80 | 124.100.in-addr.arpa 81 | 125.100.in-addr.arpa 82 | 126.100.in-addr.arpa 83 | 127.100.in-addr.arpa 84 | 2.0.192.in-addr.arpa 85 | 168.192.in-addr.arpa 86 | 255.255.255.255.in-addr.arpa 87 | domain:ip6.arpa 88 | -------------------------------------------------------------------------------- /mosdns/rule/localptr.txt: -------------------------------------------------------------------------------- 1 | # block all PTR requests 2 | domain:in-addr.arpa 3 | domain:ip6.arpa 4 | -------------------------------------------------------------------------------- /mosdns/rule/redirect.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns/rule/redirect.txt -------------------------------------------------------------------------------- /mosdns/rule/streaming.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/mosdns/rule/streaming.txt -------------------------------------------------------------------------------- /mosdns/rule/whitelist.txt: -------------------------------------------------------------------------------- 1 | domain:apple.cn 2 | domain:push-apple.com.akadns.net 3 | domain:push.apple.com 4 | domain:iphone-ld.apple.com 5 | domain:iphone-ld.origin-apple.com.akadns.net 6 | domain:iphone-ld-cn.origin-apple.com.akadns.net 7 | domain:iphone-ld.apple.com.download.ks-cdn.com 8 | domain:k128.gslb.ksyuncdn.com 9 | domain:lcdn-locator.apple.com 10 | domain:lcdn-registration.apple.com 11 | domain:cn-ssl.ls.apple.com 12 | domain:time.apple.com 13 | domain:test-ipv6.com 14 | domain:cravatar.com 15 | domain:store.ui.com.cn 16 | domain:dht.libtorrent.org 17 | domain:dht.transmissionbt.com 18 | domain:amd.com 19 | domain:dns.msftncsi.com 20 | domain:msftncsi.com 21 | domain:ipv6.msftconnecttest.com 22 | domain:www.msftconnecttest.com 23 | domain:msftconnecttest.com 24 | domain:microsoft.com 25 | domain:office.com 26 | domain:office365.com 27 | domain:xiuxitong.com 28 | domain:pc528.net 29 | domain:pc521.net 30 | domain:qq.com 31 | domain:wswebpic.com 32 | domain:akasripcn.net 33 | domain:steamserver.net 34 | domain:trip.com 35 | domain:oneclient.sfx.ms 36 | full:gs-loc-cn.apple.com 37 | full:gsp10-ssl-cn.ls.apple.com 38 | full:gsp12-cn.ls.apple.com 39 | full:gsp13-cn.ls.apple.com 40 | full:gsp4-cn.ls.apple.com.edgekey.net.globalredir.akadns.net 41 | full:gsp4-cn.ls.apple.com.edgekey.net 42 | full:gsp4-cn.ls.apple.com 43 | full:gsp5-cn.ls.apple.com 44 | full:gsp85-cn-ssl.ls.apple.com 45 | full:gspe19-2-cn-ssl.ls.apple.com 46 | full:gspe19-cn-ssl.ls.apple.com 47 | full:gspe19-cn.ls-apple.com.akadns.net 48 | full:gspe19-cn.ls.apple.com 49 | full:gspe79-cn-ssl.ls.apple.com 50 | full:cl2-cn.apple.com 51 | full:cl4-cn.apple.com 52 | 53 | 54 | 55 | 56 | 57 | domain:bing.com 58 | domain:live.com 59 | domain:msn.com 60 | domain:ntp.org 61 | 62 | domain:qlogo.cn 63 | domain:qq.com 64 | domain:redhat.com 65 | keyword:douyin 66 | 67 | keyword:windows 68 | 69 | keyword:herozmy 70 | keyword:52zr 71 | file.52zr.top 72 | keyword:ptchdbits 73 | keyword:tjupt 74 | keyword:qingwa 75 | keyword:piggo 76 | keyword:pterclub 77 | keyword:sharkpt 78 | #keyword:hhanclub 79 | keyword:audiences 80 | keyword:rousi 81 | keyword:zhuque 82 | keyword:ptlsp 83 | keyword:discfan 84 | keyword:hdfun 85 | keyword:pttime 86 | keyword:hdfans 87 | keyword:hdtime 88 | keyword:hdvideo 89 | keyword:hdpt 90 | keyword:ptsbao 91 | keyword:2xfree 92 | keyword:ptchina 93 | keyword:hdmayi 94 | keyword:hddolby 95 | keyword:beitai 96 | keyword:wintersakura 97 | keyword:hdatmos 98 | keyword:greatposterwall 99 | keyword:soulvoice 100 | keyword:hdarea 101 | keyword:icc2022 102 | keyword:dajiao 103 | keyword:m-team 104 | keyword:tracker 105 | domain:chdbits.xyz 106 | keyword:springsunday 107 | domain:connects.icu 108 | keyword:ourbits 109 | keyword:formovie 110 | 111 | keyword:totheglory 112 | keyword:hdsky 113 | -------------------------------------------------------------------------------- /mosdns/rule/whitelist.txt-opkg: -------------------------------------------------------------------------------- 1 | domain:bing.com 2 | domain:live.com 3 | domain:msn.com 4 | domain:ntp.org 5 | domain:office.com 6 | domain:qlogo.cn 7 | domain:qq.com 8 | domain:redhat.com 9 | keyword:douyin 10 | keyword:microsoft 11 | keyword:windows 12 | -------------------------------------------------------------------------------- /pve.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 定义配置内容 4 | CONFIG=" 5 | PasswordAuthentication yes 6 | PermitEmptyPasswords no 7 | UseDNS no 8 | " 9 | 10 | # 将配置写入 /etc/ssh/sshd_config.d/10-server-sshd.conf 文件 11 | echo "$CONFIG" | sudo tee /etc/ssh/sshd_config.d/10-server-sshd.conf > /dev/null 12 | sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config 13 | # 重启 SSH 服务 14 | sudo systemctl restart ssh.service 15 | 16 | # 输出完成信息 17 | echo "SSH 配置已更新并重启服务。" -------------------------------------------------------------------------------- /sb-o.json: -------------------------------------------------------------------------------- 1 | { 2 | "log": { 3 | "disabled": false, 4 | "level": "info", 5 | "output": "usr/local/etc/sing-box/sing-box.log", 6 | "timestamp": true 7 | }, 8 | "dns": { 9 | "servers": [ 10 | { 11 | "tag": "nodedns", 12 | "address": "tls://223.5.5.5:853", 13 | "detour": "direct" 14 | }, 15 | { 16 | "tag": "fakeipDNS", 17 | "address": "fakeip" 18 | }, 19 | { 20 | "tag": "block", 21 | "address": "rcode://success" 22 | } 23 | ], 24 | "rules": [ 25 | { 26 | "query_type": [ 27 | "SVCB" 28 | ], 29 | "server": "block" 30 | }, 31 | { 32 | "inbound": "dns-in", 33 | "server": "fakeipDNS", 34 | "disable_cache": false, 35 | "rewrite_ttl": 1 36 | }, 37 | { 38 | "outbound": "any", 39 | "server": "nodedns", 40 | "disable_cache": true 41 | } 42 | ], 43 | "fakeip": { 44 | "enabled": true, 45 | "inet4_range": "28.0.0.1/8", 46 | "inet6_range": "f2b0::/18" 47 | }, 48 | "independent_cache": true 49 | }, 50 | "inbounds": [ 51 | { 52 | "type": "mixed", 53 | "listen": "::", 54 | "listen_port": 10000 55 | }, 56 | { 57 | "type": "direct", # 这个6666 端口号 , 和MOSDNS remote 中的端口号一致 58 | "tag": "dns-in", 59 | "listen": "::", 60 | "listen_port": 6666 61 | }, 62 | { 63 | "type": "hysteria2", 64 | "tag": "hy2-in", 65 | "listen": "::", 66 | "listen_port": 8443, 67 | "sniff": true, 68 | "sniff_override_destination": false, 69 | "sniff_timeout": "100ms", 70 | "users": [ 71 | { 72 | "password": "" # 密码 73 | } 74 | ], 75 | "ignore_client_bandwidth": true, 76 | "tls": { 77 | "enabled": true, 78 | "alpn": [ 79 | "h3" 80 | ], 81 | "certificate_path": "/root/hysteria/cert.pem", 82 | "key_path": "/root/hysteria/private.key" 83 | } 84 | }, 85 | { 86 | "type": "tproxy", 87 | "tag": "tproxy-in", 88 | "listen": "::", 89 | "listen_port": 7896, 90 | "tcp_fast_open": true, 91 | "sniff": true, 92 | "sniff_override_destination": false, 93 | "sniff_timeout": "100ms" 94 | } 95 | ], 96 | "outbounds": [ 97 | { 98 | "tag":"♾️Global", # 这里我列举了三个出站配置, brutal V4 , brutal V6 , grpc, 何如填写配置不再说明, 关于V6 IP 的填写见 "server": "[]", 的说明 99 | "type":"selector", 100 | "outbounds":[ 101 | "♾️grpc", 102 | "♾️brutal_v4", 103 | "♾️brutal_v6" 104 | ] 105 | }, 106 | { 107 | "type": "vless", 108 | "tag": "♾️grpc", 109 | "server": "", 110 | "server_port": 443, 111 | "uuid": "", 112 | "tls": { 113 | "enabled": true, 114 | "server_name": "", 115 | "utls": { 116 | "enabled": true, 117 | "fingerprint": "chrome" 118 | } 119 | }, 120 | "packet_encoding": "xudp", 121 | "transport": { 122 | "type": "grpc", 123 | "service_name": "" 124 | } 125 | }, 126 | { 127 | "type": "vless", 128 | "tag": "♾️brutal_v4", 129 | "uuid": "", 130 | "packet_encoding": "xudp", 131 | "server": "", # VPS 上V4 地址 132 | "server_port": , 133 | "flow": "", 134 | "tls": { 135 | "enabled": true, 136 | "server_name": "", 137 | "utls": { 138 | "enabled": true, 139 | "fingerprint": "chrome" 140 | }, 141 | "reality": { 142 | "enabled": true, 143 | "public_key": "", 144 | "short_id": "" 145 | } 146 | }, 147 | "multiplex": { 148 | "enabled": true, 149 | "protocol": "h2mux", 150 | "max_connections": 1, 151 | "min_streams": 2, 152 | "padding": true, 153 | "brutal": { 154 | "enabled": true, 155 | "up_mbps": 50, 156 | "down_mbps": 800 157 | } 158 | } 159 | }, 160 | { 161 | "type": "vless", 162 | "tag": "♾️brutal_v6", 163 | "uuid": "", 164 | "packet_encoding": "xudp", 165 | "server": "[]", # VPS 上V6的地址,[] 里面打V6 的IP 166 | "server_port": , 167 | "flow": "", 168 | "tls": { 169 | "enabled": true, 170 | "server_name": "", 171 | "utls": { 172 | "enabled": true, 173 | "fingerprint": "chrome" 174 | }, 175 | "reality": { 176 | "enabled": true, 177 | "public_key": "", 178 | "short_id": "" 179 | } 180 | }, 181 | "multiplex": { 182 | "enabled": true, 183 | "protocol": "h2mux", 184 | "max_connections": 1, 185 | "min_streams": 2, 186 | "padding": true, 187 | "brutal": { 188 | "enabled": true, 189 | "up_mbps": 50, 190 | "down_mbps": 800 191 | } 192 | } 193 | }, 194 | { 195 | "type": "direct", 196 | "tag": "direct" 197 | }, 198 | { 199 | "type": "block", 200 | "tag": "block" 201 | }, 202 | { 203 | "type": "dns", 204 | "tag": "dns-out" 205 | } 206 | ], 207 | "route": { 208 | "rules": [ 209 | { 210 | "inbound": "dns-in", 211 | "outbound": "dns-out" 212 | }, 213 | { 214 | "clash_mode": "direct", 215 | "outbound": "direct" 216 | }, 217 | { 218 | "clash_mode": "global", 219 | "outbound": "♾️Global" 220 | }, 221 | { 222 | "network": "udp", 223 | "port": 443, 224 | "outbound": "block" 225 | }, 226 | { 227 | "ip_is_private": true, 228 | "outbound": "direct" 229 | }, 230 | { 231 | "domain_suffix": [ 232 | "browserleaks.com" 233 | ], 234 | "outbound": "♾️Global" 235 | }, 236 | { 237 | "domain_suffix": [ 238 | "googleapis.com", 239 | "googleapis.cn", 240 | "gstatic.com" 241 | ], 242 | "outbound": "♾️Global" 243 | }, 244 | { 245 | "domain_suffix": [ 246 | "office365.com", 247 | "office.com" 248 | ], 249 | "outbound": "direct" 250 | }, 251 | { 252 | "domain_suffix": [ 253 | "push.apple.com", 254 | "iphone-ld.apple.com", 255 | "lcdn-locator.apple.com", 256 | "lcdn-registration.apple.com" 257 | ], 258 | "outbound": "direct" 259 | }, 260 | { 261 | "rule_set": "geosite-cn", 262 | "outbound": "direct" 263 | }, 264 | { 265 | "rule_set": "geosite-category-games-cn", 266 | "outbound": "direct" 267 | }, 268 | { 269 | "rule_set": [ 270 | "geosite-category-scholar-!cn", 271 | "geosite-category-scholar-cn" 272 | ], 273 | "outbound": "direct" 274 | }, 275 | { 276 | "rule_set": "geoip-cn", 277 | "outbound": "direct" 278 | }, 279 | { 280 | "rule_set": "geosite-geolocation-!cn", 281 | "outbound": "♾️Global" 282 | }, 283 | { 284 | "rule_set": [ 285 | "geoip-telegram", 286 | "geosite-telegram" 287 | ], 288 | "outbound": "♾️Global" 289 | }, 290 | { 291 | "rule_set": [ 292 | "geoip-google", 293 | "geosite-google" 294 | ], 295 | "outbound": "♾️Global" 296 | }, 297 | { 298 | "rule_set": "geoip-cn", 299 | "invert": true, 300 | "outbound": "♾️Global" 301 | } 302 | ], 303 | "rule_set": [ 304 | { 305 | "tag": "geoip-google", 306 | "type": "remote", 307 | "format": "binary", 308 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/google.srs", 309 | "download_detour": "direct", 310 | "update_interval": "7d" 311 | }, 312 | { 313 | "tag": "geoip-telegram", 314 | "type": "remote", 315 | "format": "binary", 316 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/telegram.srs", 317 | "download_detour": "direct", 318 | "update_interval": "7d" 319 | }, 320 | { 321 | "tag": "geoip-twitter", 322 | "type": "remote", 323 | "format": "binary", 324 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/twitter.srs", 325 | "download_detour": "direct", 326 | "update_interval": "7d" 327 | }, 328 | { 329 | "tag": "geoip-facebook", 330 | "type": "remote", 331 | "format": "binary", 332 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/facebook.srs", 333 | "download_detour": "direct", 334 | "update_interval": "7d" 335 | }, 336 | { 337 | "tag": "geoip-netflix", 338 | "type": "remote", 339 | "format": "binary", 340 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/netflix.srs", 341 | "download_detour": "direct", 342 | "update_interval": "7d" 343 | }, 344 | { 345 | "tag": "geoip-cn", 346 | "type": "remote", 347 | "format": "binary", 348 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs", 349 | "download_detour": "direct", 350 | "update_interval": "7d" 351 | }, 352 | { 353 | "tag": "geoip-hk", 354 | "type": "remote", 355 | "format": "binary", 356 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/hk.srs", 357 | "download_detour": "direct", 358 | "update_interval": "7d" 359 | }, 360 | { 361 | "tag": "geoip-mo", 362 | "type": "remote", 363 | "format": "binary", 364 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/mo.srs", 365 | "download_detour": "direct", 366 | "update_interval": "7d" 367 | }, 368 | { 369 | "tag": "geosite-openai", 370 | "type": "remote", 371 | "format": "binary", 372 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/openai.srs", 373 | "download_detour": "direct", 374 | "update_interval": "7d" 375 | }, 376 | { 377 | "tag": "geosite-youtube", 378 | "type": "remote", 379 | "format": "binary", 380 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/youtube.srs", 381 | "download_detour": "direct", 382 | "update_interval": "7d" 383 | }, 384 | { 385 | "tag": "geosite-google", 386 | "type": "remote", 387 | "format": "binary", 388 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/google.srs", 389 | "download_detour": "direct", 390 | "update_interval": "7d" 391 | }, 392 | { 393 | "tag": "geosite-github", 394 | "type": "remote", 395 | "format": "binary", 396 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/github.srs", 397 | "download_detour": "direct", 398 | "update_interval": "7d" 399 | }, 400 | { 401 | "tag": "geosite-telegram", 402 | "type": "remote", 403 | "format": "binary", 404 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/telegram.srs", 405 | "download_detour": "direct", 406 | "update_interval": "7d" 407 | }, 408 | { 409 | "tag": "geosite-twitter", 410 | "type": "remote", 411 | "format": "binary", 412 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/twitter.srs", 413 | "download_detour": "direct", 414 | "update_interval": "7d" 415 | }, 416 | { 417 | "tag": "geosite-facebook", 418 | "type": "remote", 419 | "format": "binary", 420 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/facebook.srs", 421 | "download_detour": "direct", 422 | "update_interval": "7d" 423 | }, 424 | { 425 | "tag": "geosite-instagram", 426 | "type": "remote", 427 | "format": "binary", 428 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/instagram.srs", 429 | "download_detour": "direct", 430 | "update_interval": "7d" 431 | }, 432 | { 433 | "tag": "geosite-amazon", 434 | "type": "remote", 435 | "format": "binary", 436 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/amazon.srs", 437 | "download_detour": "direct", 438 | "update_interval": "7d" 439 | }, 440 | { 441 | "tag": "geosite-apple", 442 | "type": "remote", 443 | "format": "binary", 444 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/apple.srs", 445 | "download_detour": "direct", 446 | "update_interval": "7d" 447 | }, 448 | { 449 | "tag": "geosite-apple-cn", 450 | "type": "remote", 451 | "format": "binary", 452 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/apple@cn.srs", 453 | "download_detour": "direct", 454 | "update_interval": "7d" 455 | }, 456 | { 457 | "tag": "geosite-microsoft", 458 | "type": "remote", 459 | "format": "binary", 460 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/microsoft.srs", 461 | "download_detour": "direct", 462 | "update_interval": "7d" 463 | }, 464 | { 465 | "tag": "geosite-microsoft-cn", 466 | "type": "remote", 467 | "format": "binary", 468 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/microsoft@cn.srs", 469 | "download_detour": "direct", 470 | "update_interval": "7d" 471 | }, 472 | { 473 | "tag": "geosite-category-games", 474 | "type": "remote", 475 | "format": "binary", 476 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-games.srs", 477 | "download_detour": "direct", 478 | "update_interval": "7d" 479 | }, 480 | { 481 | "tag": "geosite-category-games-cn", 482 | "type": "remote", 483 | "format": "binary", 484 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-games@cn.srs", 485 | "download_detour": "direct", 486 | "update_interval": "7d" 487 | }, 488 | { 489 | "tag": "geosite-bilibili", 490 | "type": "remote", 491 | "format": "binary", 492 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/bilibili.srs", 493 | "download_detour": "direct", 494 | "update_interval": "7d" 495 | }, 496 | { 497 | "tag": "geosite-tiktok", 498 | "type": "remote", 499 | "format": "binary", 500 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/tiktok.srs", 501 | "download_detour": "direct", 502 | "update_interval": "7d" 503 | }, 504 | { 505 | "tag": "geosite-netflix", 506 | "type": "remote", 507 | "format": "binary", 508 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/netflix.srs", 509 | "download_detour": "direct", 510 | "update_interval": "7d" 511 | }, 512 | { 513 | "tag": "geosite-hbo", 514 | "type": "remote", 515 | "format": "binary", 516 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/hbo.srs", 517 | "download_detour": "direct", 518 | "update_interval": "7d" 519 | }, 520 | { 521 | "tag": "geosite-disney", 522 | "type": "remote", 523 | "format": "binary", 524 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/disney.srs", 525 | "download_detour": "direct", 526 | "update_interval": "7d" 527 | }, 528 | { 529 | "tag": "geosite-primevideo", 530 | "type": "remote", 531 | "format": "binary", 532 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/primevideo.srs", 533 | "download_detour": "direct", 534 | "update_interval": "7d" 535 | }, 536 | { 537 | "tag": "geosite-cn", 538 | "type": "remote", 539 | "format": "binary", 540 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/cn.srs", 541 | "download_detour": "direct", 542 | "update_interval": "7d" 543 | }, 544 | { 545 | "tag": "geosite-geolocation-!cn", 546 | "type": "remote", 547 | "format": "binary", 548 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs", 549 | "download_detour": "direct", 550 | "update_interval": "7d" 551 | }, 552 | { 553 | "tag": "geosite-category-ads-all", 554 | "type": "remote", 555 | "format": "binary", 556 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-ads-all.srs", 557 | "download_detour": "direct", 558 | "update_interval": "7d" 559 | }, 560 | { 561 | "tag": "geosite-category-scholar-!cn", 562 | "type": "remote", 563 | "format": "binary", 564 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-scholar-!cn.srs", 565 | "download_detour": "direct", 566 | "update_interval": "7d" 567 | }, 568 | { 569 | "tag": "geosite-category-scholar-cn", 570 | "type": "remote", 571 | "format": "binary", 572 | "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-scholar-cn.srs", 573 | "download_detour": "direct", 574 | "update_interval": "7d" 575 | } 576 | ], 577 | "final": "♾️Global", 578 | "auto_detect_interface": true, 579 | "default_mark": 1 580 | }, 581 | "experimental": { 582 | "clash_api": { 583 | "external_controller": "0.0.0.0:9090", 584 | "external_ui": "/usr/local/etc/sing-box/ui", 585 | "secret": "", 586 | "external_ui_download_url": "https://github.com/MetaCubeX/metacubexd/archive/gh-pages.zip", 587 | "external_ui_download_detour": "♾️Global", 588 | "default_mode": "rule" 589 | }, 590 | "cache_file": { 591 | "enabled": true, 592 | "path": "/root/cache.db", 593 | "cache_id": "my_profile1", 594 | "store_fakeip": true 595 | } 596 | } 597 | } 598 | -------------------------------------------------------------------------------- /singbox_rule/geoip/facebook.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geoip/facebook.srs -------------------------------------------------------------------------------- /singbox_rule/geoip/geoip-cn.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geoip/geoip-cn.srs -------------------------------------------------------------------------------- /singbox_rule/geoip/google.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geoip/google.srs -------------------------------------------------------------------------------- /singbox_rule/geoip/netflix.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geoip/netflix.srs -------------------------------------------------------------------------------- /singbox_rule/geoip/telegram.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geoip/telegram.srs -------------------------------------------------------------------------------- /singbox_rule/geoip/twitter.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geoip/twitter.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/amazon.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/amazon.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/apple.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/apple.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/bilibili.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/bilibili.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/category-ads-all.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/category-ads-all.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/category-games.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/category-games.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/category-games@cn.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/category-games@cn.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/disney.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/disney.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/facebook.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/facebook.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/geolocation-!cn.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/geolocation-!cn.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/geosite-cn.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/geosite-cn.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/github.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/github.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/google.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/google.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/hbo.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/hbo.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/instagram.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/instagram.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/microsoft.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/microsoft.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/netflix.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/netflix.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/openai.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/openai.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/primevideo.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/primevideo.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/telegram.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/telegram.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/tiktok.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/tiktok.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/twitter.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/twitter.srs -------------------------------------------------------------------------------- /singbox_rule/geosite/youtube.srs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/herozmy/sing-box-mosdns-fakeip/fe9d4ffede0ec8ac2730cf97a203444cb4d941aa/singbox_rule/geosite/youtube.srs --------------------------------------------------------------------------------