├── README.md └── config.ss.general.yaml /README.md: -------------------------------------------------------------------------------- 1 | # Buff 2 | 3 | ### A proxy tool for macOS. 4 | 5 | 6 | 7 | 8 | ## 自定义规则 9 | [ss(r)内置规则模板](https://github.com/nidom/buff/blob/master/config.ss.general.yaml) 10 | 11 | ##语法 12 | 自定义配置使用YAML标准格式,通过 [YAML官网](http://www.yaml.org/) 或 [docs.ansible.com](http://docs.ansible.com/ansible/YAMLSyntax.html) 了解语法。 13 | 14 | > Note:YAML对缩进非常严格,并且只能用空格。 15 | 16 | 17 | ##基本概念 18 | rule 和 adapter 是自定义配置的两个核心概念:rule表示规则,用于匹配网络请求,网络请求匹配到某条规则之后,会被分配到相应的adapter上。示例是一条 Country rule,当请求对应的IP归属中国,那么请求将被分配到名为 adapterName 的 adapter 上。 19 | 20 | ``` 21 | - type: country 22 | country: CN 23 | match: true 24 | adapter: adapterName 25 | ``` 26 | 27 | 一个自定义规则中可以包含多个 rule 和 adapter。除了 direct 这个内置的 adapter,每个 adapter 需要定义唯一的 id 。每条 rule 我们需要给它指定相应的 adapter 。 28 | 29 | 一个自定义配置的框架如下: 30 | 31 | ``` 32 | 33 | adapter: 34 | - id: adapter1 35 | ... 36 | - id: adapter2 37 | ... 38 | rule: 39 | - type: iplist 40 | adapter: adapter1 41 | ... 42 | - type: country 43 | adapter: adapter2 44 | ... 45 | ``` 46 | 47 | ##Adapter详解 48 | Buff支持以下几个类型的Adapter 49 | ####HTTP(S) 50 | HTTP代理 51 | 52 | ``` 53 | - id: httpAdapterName 54 | type: HTTP 55 | host: http.host 56 | port: 8080 57 | auth: true #可选,是否需要身份验证 58 | username: proxy_username #可选 59 | password: proxy_password #可选 60 | ``` 61 | HTTPS代理 62 | 63 | ``` 64 | - id: httpAdapterName 65 | type: SHTTP 66 | host: http.proxy.connect.via.https 67 | port: 8080 68 | auth: true #可选,是否需要身份验证 69 | username: proxy_username #可选 70 | password: proxy_password #可选 71 | ``` 72 | 73 | ####SOCK5 74 | socks5代理 75 | 76 | ``` 77 | - id: socks5AdapterName 78 | type: socks5 79 | host: socks5.host 80 | port: 3128 81 | ``` 82 | ####SS 83 | SS代理 84 | 85 | ``` 86 | - id: ssAdapterName 87 | type: ss 88 | host: ss.host 89 | port: 1024 90 | method: AES-128-CFB #可选 AES-128-CFB, AES-192-CFB, AES-256-CFB, chacha20, salsa20, rc4-md5 91 | password: ss_password 92 | protocol: origin #可选 origin(无)、verify_sha1(OTA) 93 | obfs: origin #可选 origin(无)、http_simple、tls1.2_ticket_auth 94 | obfs_param: "" 95 | ``` 96 | ####Speed 97 | speed用于选择最快连接成功的线路, 98 | >每次网络请求, speed 都会连接所有线路,选择最快连接成功的线路。 99 | 100 | ``` 101 | - id: speedAdapterName 102 | type: speed 103 | adapters: 104 | - id: adapter1 105 | delay: 300 # 延时300毫秒 106 | - id: adapter2 107 | delay: 300 108 | - id: adapter3 109 | delay: 300 110 | - id: direct 111 | delay: 0 112 | ``` 113 | ####Reject 114 | reject会抛弃网络请求 115 | 116 | ``` 117 | - id: reject 118 | type: reject 119 | delay: 300 #延时300毫秒 120 | ``` 121 | ####Direct 122 | 直连网络 123 | 124 | ``` 125 | 内置 adapter ,不需要定义 126 | ``` 127 | ##Rule详解 128 | >rule 自上而下匹配的,以第一次匹配为准,所以rule书写的前后顺序会影响结果 129 | 130 | ####Country 131 | 同个IP判断归属国家 132 | 133 | ``` 134 | - type: country 135 | country: CN # ISO Country code,‘--’表示未知国家 136 | match: true #是否匹配 137 | adapter: adapterName 138 | ``` 139 | ####Domain List 140 | 匹配域名列表,criteria中的p,k,s,r分别表示 prefix (前缀),keyword(关键词),suffix(后缀),regex(正则表达式) 141 | 142 | 143 | ``` 144 | - type: domainlist 145 | criteria: 146 | - p,ad 147 | - k,google 148 | - s,ad.com 149 | - r,google+.\.com 150 | adapter: adapterName 151 | ``` 152 | 153 | ####IP List 154 | 匹配IP列表 155 | 156 | ``` 157 | - type: iplist 158 | criteria: 159 | - 127.0.0.0/8 160 | - 192.168.0.0/16 161 | - 10.0.0.0/8 162 | - 224.0.0.0/8 163 | - 169.254.0.0/16 164 | adapter: adapterName 165 | ``` 166 | 167 | ####List 168 | list规则是一组doamin的正则表达式 169 | 170 | ``` 171 | - type: list 172 | criteria: 173 | - \.cn 174 | - zhihu\.com 175 | adapter: adaterName 176 | ``` 177 | ####DNSFail 178 | DNS解析错误的时候匹配 179 | 180 | ``` 181 | - type: dnsfail 182 | adapter: adapterName 183 | ``` 184 | ####All 185 | 匹配所有网络请求 186 | 187 | ``` 188 | - type: all 189 | adapter: adapterName 190 | ``` 191 | ##示例 192 | ####所有请求走SS代理 193 | 这是最简单的一个自定义规则 194 | 195 | ``` 196 | adapter: 197 | - id: ss_proxy 198 | type: ss 199 | method: ss_method 200 | host: ss_host 201 | port: ss_port 202 | password: ss_password 203 | rule: 204 | - type: all 205 | adapter: ss_proxy 206 | ``` 207 | ####稍微复杂一点的规则 208 | 内网IP和中国IP不走代理,美国和日本的网站连接位于东京的SS代理,其他国外网站连接香港的HTTPS代理。 209 | >注:不同的 rule 可以指向相同的 adapter 210 | 211 | 212 | ``` 213 | 214 | adapter: 215 | - id: tokyo_ss_proxy 216 | type: ss 217 | method: ss_method 218 | host: ss_host 219 | port: ss_port 220 | password: ss_password 221 | - id: hk_https_proxy 222 | type: http 223 | host: http.host 224 | port: 8080 225 | secured: true 226 | auth: true 227 | username: proxy_username 228 | password: proxy_password 229 | rule: 230 | - type: domainlist 231 | criteria: 232 | - 127.0.0.0/8 233 | - 192.168.0.0/16 234 | - 10.0.0.0/8 235 | - 224.0.0.0/8 236 | - 169.254.0.0/16 237 | adapter: direct 238 | - type: country 239 | country: US 240 | match: true 241 | adapter: tokyo_ss_proxy 242 | - type: country 243 | country: JP 244 | match: true 245 | adapter: tokyo_ss_proxy 246 | - type: country 247 | country: CN 248 | match: true 249 | adapter: direct 250 | - type: all 251 | adapter: hk_https_proxy 252 | ``` 253 | -------------------------------------------------------------------------------- /config.ss.general.yaml: -------------------------------------------------------------------------------- 1 | port: 8899 2 | adapter: 3 | - id: proxyAdapter 4 | type: ss 5 | method: {ss_method} 6 | host: {ss_host} 7 | port: {ss_port} 8 | password: {ss_password} 9 | # default set "origin" 10 | protocol: {ss_protocol} 11 | # default set "origin" 12 | obfs: {ss_obfs} 13 | # default set "" 14 | obfs_param: {ss_obfsParam} 15 | - id: speed 16 | type: SPEED 17 | adapters: 18 | - id: direct 19 | delay: 0 20 | - id: proxyAdapter 21 | delay: 500 22 | rule: 23 | - type: domainlist 24 | adapter: direct 25 | criteria: 26 | - s,apple.com 27 | - s,icloud.com 28 | - s,itunes.com 29 | - s,crashlytics.com 30 | - s,mzstatic.com 31 | - s,localhost 32 | - s,.cn 33 | - s,126.net 34 | - type: domainlist 35 | adapter: proxyAdapter 36 | criteria: 37 | - k,instagram 38 | - k,cdninstagram 39 | - k,twitter 40 | - k,twimg 41 | - k,facebook 42 | - k,fbcdn 43 | - k,google 44 | - k,telegram 45 | - s,gstatic.com 46 | - type: iplist 47 | adapter: direct 48 | criteria: 49 | - 127.0.0.0/8 50 | - 192.168.0.0/16 51 | - 10.0.0.0/8 52 | - 224.0.0.0/8 53 | - 169.254.0.0/16 54 | - type: iplist 55 | adapter: proxyAdapter 56 | criteria: 57 | - 4.36.66.178/32 58 | - 8.7.198.45/32 59 | - 23.89.5.60/32 60 | - 37.61.54.158/32 61 | - 46.82.174.68/32 62 | - 49.2.123.56/32 63 | - 54.76.135.1/32 64 | - 59.24.3.173/32 65 | - 64.33.88.161/32 66 | - 64.33.99.47/32 67 | - 64.66.163.251/32 68 | - 65.104.202.252/32 69 | - 65.160.219.113/32 70 | - 66.45.252.237/32 71 | - 72.14.205.99/32 72 | - 72.14.205.104/32 73 | - 77.4.7.92/32 74 | - 78.16.49.15/32 75 | - 93.46.8.89/32 76 | - 118.5.49.6/32 77 | - 128.121.126.139/32 78 | - 159.106.121.75/32 79 | - 169.132.13.103/32 80 | - 188.5.4.96/32 81 | - 189.163.17.5/32 82 | - 192.67.198.6/32 83 | - 197.4.4.12/32 84 | - 202.106.1.2/32 85 | - 202.181.7.85/32 86 | - 203.98.7.65/32 87 | - 203.161.230.171/32 88 | - 207.12.88.98/32 89 | - 208.56.31.43/32 90 | - 209.36.73.33/32 91 | - 209.145.54.50/32 92 | - 209.220.30.174/32 93 | - 211.94.66.147/32 94 | - 213.169.251.35/32 95 | - 216.221.188.182/32 96 | - 216.234.179.13/32 97 | - 243.185.187.39/32 98 | - 249.129.46.48/32 99 | - 253.157.14.165/32 100 | - 74.125.31.113/32 101 | - 74.125.39.102/32 102 | - 74.125.39.113/32 103 | - 74.125.127.102/32 104 | - 74.125.130.47/32 105 | - 74.125.155.102/32 106 | - 209.85.229.138/32 107 | - 210.242.125.20/32 108 | - 2.1.1.2/32 109 | - 4.193.80.0/32 110 | - 8.105.84.0/32 111 | - 12.87.133.0/32 112 | - 16.63.155.0/32 113 | - 20.139.56.0/32 114 | - 24.51.184.0/32 115 | - 28.121.126.139/32 116 | - 28.13.216.0/32 117 | - 46.20.126.252/32 118 | - 46.38.24.209/32 119 | - 61.54.28.6/32 120 | - 66.206.11.194/32 121 | - 74.117.57.138/32 122 | - 89.31.55.106/32 123 | - 113.11.194.190/32 124 | - 118.5.49.6/32 125 | - 122.218.101.190/32 126 | - 123.50.49.171/32 127 | - 123.126.249.238/32 128 | - 125.230.148.48/32 129 | - 173.201.216.6/32 130 | - 203.199.57.81/32 131 | - 208.109.138.55/32 132 | - 211.5.133.18/32 133 | - 211.8.69.27/32 134 | - 213.186.33.5/32 135 | - 216.139.213.144/32 136 | - 221.8.69.27/32 137 | - 243.185.187.3/32 138 | - 243.185.187.30/32 139 | - 91.108.4.0/22 140 | - 91.108.56.0/22 141 | - 149.154.160.0/20 142 | - 109.239.140.0/24 143 | - type: DNSFail 144 | adapter: proxyAdapter 145 | - type: country 146 | country: CN 147 | match: true 148 | adapter: direct 149 | - type: country 150 | country: -- 151 | match: true 152 | adapter: speed 153 | - type: all 154 | adapter: proxyAdapter 155 | --------------------------------------------------------------------------------