#default configure #Update Date: 2021.02.19 22:34:05 +0000 #author: Loon [General] skip-proxy = 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12,localhost,*.local,e.crashlynatics.com bypass-tun = 10.0.0.0/8,100.64.0.0/10,127.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.0.0.0/24,192.0.2.0/24,192.88.99.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,224.0.0.0/4,255.255.255.255/32 # DNS server dns-server = system,119.29.29.29,223.5.5.5 # Doh server, only for Wireformat doh-server = https://example.com/dns-query allow-udp-proxy = false allow-wifi-access = true wifi-access-http-port = 7222 wifi-access-socket5-port = 7221 proxy-test-url = http://www.qualcomm.cn/generate_204 test-timeout = 3 resource-parser = http://www.example.com/parser.js ssid-trigger = SSID-DIRECT real-ip = *.apple.com, *apple.com [Proxy] # 内置 DIRECT、REJECT 策略 # 内置 PROXY 指向本地节点或者订阅节点中的任何一个(有本地节点默认指向第一个本地节点,当没有本地节点但有订阅节点时,指向第一个订阅的第一个节点,本地节点和订阅节点都不存在时指向DIRECT) #ss ss1 = Shadowsocks,example.com,443,aes-128-gcm,"password",fast-open=false,udp=true ss2 = Shadowsocks,example2.com,443,chacha20,"password",fast-open=true,udp=true #ss+simple obfs ssObfs1 = Shadowsocks,example.com,80,aes-128-gcm,"password",obfs-name=http,obfs-host=www.micsoft.com,fast-open=true,udp=true ssObfs2 = Shadowsocks,example.com,443,aes-128-gcm,"password",obfs-name=tls,obfs-host=www.micsoft.com,fast-open=true,udp=true #ssr # 节点名称 = 协议,服务器地址,端口,加密方式,密码,protocol = 协议,protocol-param = 协议参数,obfs=混淆,obfs-param=混淆参数 ssr1 = ShadowsocksR,example.com,443,aes-256-cfb,"password",protocol=orig,obfs=http_simple,obfs-param=download.windows.com,fast-open=false,udp=true ssr2 = ShadowsocksR,example.com,10076,aes-128-cfb,"password",protocol=auth_chain_a,protocol-param=9555:loon,obfs=http_post,obfs-param=download.windows.com,fast-open=false,udp=true ssr3 = ShadowsocksR,example.com,10076,chacha20,"password",protocol=auth_aes128_md5,protocol-param=9555:loon,obfs=tls1.2_ticket_auth,obfs-param=download.windows.com,fast-open=false,udp=true ssr4 = ShadowsocksR,example.com,10076,chacha20-ietf,"password",protocol=auth_aes128_sha1,protocol-param=9555:loon,obfs=plain,fast-open=false,udp=true #http http1 = http,example.com,80 http2 = http,example.com,80,username,"password" #https https1 = https,example.com,443 https2 = https,example.com,443,username,"password" https3 = https,example.com,443,username,"password",skip-cert-verify=true,tls-name=example.com #vmess+tcp # 节点名称 = 协议,服务器地址,端口,加密方式,UUID,传输方式:(tcp/ws),path=websocket握手header中的path, host=websocket握手header中的path, over-tls=是否tls, tls-name=tls名字, skip-cert-verify=是否跳过证书校验(默认否) vmess1 = vmess,example.com,10086,aes-128-gcm,"52396e06-041a-4cc2-be5c-8525eb457809",transport=tcp,path=/,host=v3-dy-y.ixigua.com,over-tls=false #vmess+tcp+tls vmess2 = vmess,example.com,10086,aes-128-gcm,"52396e06-041a-4cc2-be5c-8525eb457809",transport=tcp,path=/,host=v3-dy-y.ixigua.com,over-tls=true,tls-name=example.com,skip-cert-verify=true #vmess+ws vmess3 = vmess,example.com,10086,aes-128-gcm,"52396e06-041a-4cc2-be5c-8525eb457809",transport=ws,path=/,host=v3-dy-y.ixigua.com,over-tls=false #vmess+wss vmess4 = vmess,example.com,10086,aes-128-gcm,"52396e06-041a-4cc2-be5c-8525eb457809",transport=ws,path=/,host=v3-dy-y.ixigua.com,over-tls=true,tls-name=example.com,skip-cert-verify=true #VLESS vless1 = VLESS,example.com,10087,"52396e06-041a-4cc2-be5c-8525eb457809",,transport=tcp,path=/,host=v3-dy-y.ixigua.com,over-tls=false vless2 = VLESS,example.com,10087,"52396e06-041a-4cc2-be5c-8525eb457809",transport=ws,path=/,host=v3-dy-y.ixigua.com,over-tls=true,tls-name=example.com,skip-cert-verify=true #trojan trojan1 = trojan,example.com,443,"password",skip-cert-verify=false,tls-name=example.com trojan2 = trojan,example.com,443,"password",skip-cert-verify=true,tls-name=example.com [Remote Proxy] # 订阅节点 # 别名 = 订阅URL Subs = https://example/server-complete.txt Subs2 = https://example2/server-complete.txt [Remote Filter] # 筛选订阅节点,筛选后的结果可加入到策略组中,目前支持三种筛选方式 # NodeSelect: 使用在UI上选择的节点。 # NameKeyword: 根据提供的关键词对订阅中所有节点的名称进行筛选,使用筛选后的节点。 # NameRegex: 根据提供的正则表达式对订阅中所有节点的名称进行筛选,使用筛选后的节点。 Netflix = NodeSelect,Subs Hulu = NameKeyword,Subs,Subs2,FilterKey = Hulu HK = NameRegex,Subs,FilterKey = *HK [Proxy Group] # 节点选项 PROXY = select,Auto,1,2,3,4,Subs # url-test模式,给提供的url发出http header请求,根据返回结果,选择测速最快的节点,默认间隔600s,测速超时时间5s,为了避免资源浪费,建议节点数不要过多,只支持单个节点和远端节点,其他会被忽略 Auto = url-test,1,2,3,4,Subs,url = http://bing.com/,interval = 600 # fallback模式,和url-test类似,不同的是会根据顺序返回第一个可用的节点,为了避免资源浪费,建议节点数不要过多,只支持单个节点和远端节点,其他会被忽略 Auto1 = fallback,1,2,3,4,Subs,url = http://bing.com/,interval = 600 # 别名 = ssid,默认 = 策略, 蜂窝 = 策略, ssid名称 = 策略 SSID = ssid, default = PROXY, cellular = DIRECT, "DivineEngine" = PROXY #负载均衡,可选三种算法:random:随机选择策略组可用节点,round-robin:轮询策略组可用节点,pcc:在random基础上,针对相同host使用同一节点,此处url用来测试节点可用性,每隔interval进行一次测速,max-timeout参数用于筛选测试时间超过max-timeout的节点为不可用节点 LoadBalance = load-balance,node1,node2,remoteNodes, url = http://bing.com, interval = 600,algorithm = pcc, max-timeout=3000 # 广告模式 Advertising = select,REJECT,DIRECT # 白名单模式 PROXY,黑名单模式 DIRECT Final = select,PROXY,DIRECT [Rule] # Local RULE # Type:DOMAIN-SUFFIX,DOMAIN,DOMAIN-KEYWORD,USER-AGENT,URL-REGEX,IP-CIDR # Strategy:DIRECT,Proxy,REJECT # Options:no-resolve(no-resolve(only for cidr)) DOMAIN,google.com,PROXY # GeoIP China GEOIP,CN,DIRECT FINAL,Final [Remote Rule] # Remote Rule # 订阅规则URL,策略 # PROXY https://raw.githubusercontent.com/Loon0x00/LoonExampleConfig/master/Rule/ExampleRule.list,policy=PROXY,enabled=true [Rewrite] # Redirect Google Search Service ^https?:\/\/(www.)?(g|google)\.cn https://www.google.com 302 [Remote Rewrite] # 订阅 URL Rewrite # 订阅url,别名(可选) https://raw.githubusercontent.com/Loon0x00/LoonExampleConfig/master/Rewrite/AutoRewrite_Example.list,tag=auto,enable=true [Host] #可以指定一下四种模式: # 1、指定域名使用对应的IP地址 # 2、将域名指向另一个域名 # 3、指定域名请求DNS时使用特定的DNS服务器,格式为:google.com = server:8.8.8.8 或者 *.baidu.com = server:https://example.com/dns-query # 4、指定具体的SSID环境下使用特定的DNS服务器 *.testflight.apple.com = server:8.8.4.4 ssid:LOON WIFI = server:system [Script] # http-request 处理请求的脚本 # http-response 处理请求响应的脚本 # cron 定时脚本 # network-changed 网络发生变化触发脚本 # generic 通用型脚本,可用在操作节点/策略组中,执行是会带入节点名称和策略组名称,脚本必须在开启NE时 # http-request ^https?:\/\/(www.)?(example)\.com script-path=localscript.js,tag = requestScript,enable=true # http-response ^https?:\/\/(www.)?(example)\.com script-path=https://example.com/loon.js,timeout=10,requires-body = true,tag = responseScript,enable=true # cron "0 8 * * *" script-path=cron.js,tag = responseScript,enable=true network-changed script-path=https://raw.githubusercontent.com/Loon0x00/LoonExampleConfig/master/Script/netChanged.js, tag=changeModel,enable=true generic script-path=https://raw.githubusercontent.com/Loon0x00/LoonExampleConfig/master/Script/generic_example.js,tag=GeoLocation,timeout=10,img-url=location.fill.viewfinder.system [Remote Script] # https://example.com/loon.js, tag=scripts, enable=true [Plugin] # plugin-url tag=tag,proxy=插件中PROXY所指向的策略,enable=true # plugin策略可设置为DIRECT,REJECT,PROXY,其中PROXY为用户在app中手动映射的策略,rule后不跟随策略默认使用PROXY # example: https://raw.githubusercontent.com/Loon0x00/LoonExampleConfig/master/Rewrite/AutoRewrite_Example.list,tag=boxjs,enable=true [MITM] hostname = *.example.com,*.sample.com enable = true skip-server-cert-verify = true #ca-p12 = #ca-passphrase =