#!MANAGED-CONFIG https://raw.githubusercontent.com/ocd0711/Profiles/master/Surge/Outbound.conf interval=86400 strict=true # 官方手册 - https://manual.nssurge.com/ # 理解原理 - https://manual.nssurge.com/book/understanding-surge/cn/ # 帮助中心 - https://nssurge.zendesk.com/ # 技术社区 - https://community.nssurge.com # 推荐使用 module(顺序及为推荐排序): # https://github.com/ocd0711/Profiles/blob/master/Surge/Module/skip-proxy-lists.sgmodule?raw=true # https://github.com/ocd0711/Profiles/blob/master/Surge/Module/Advertising.sgmodule?raw=true # https://github.com/ocd0711/Profiles/blob/master/Surge/Module/Q-Search.sgmodule?raw=true # https://github.com/chavyleung/scripts/blob/master/box/rewrite/boxjs.rewrite.surge.sgmodule?raw=true # https://github.com/ocd0711/Profiles/blob/master/Surge/Module/SubStore.sgmodule?raw=true # https://github.com/VirgilClyne/iRingo/blob/main/sgmodule/Siri.sgmodule?raw=true # Panel 按需添加(自用) # https://github.com/ocd0711/Profiles/blob/master/Surge/Module/Panel.sgmodule?raw=true # 和 Panel 搭配使用, 开启抓包用 # https://github.com/ocd0711/Profiles/blob/master/Surge/Module/MitM_All_Hostnames.sgmodule?raw=true # 建议添加解决部分 app 检测问题 # https://github.com/ocd0711/Profiles/blob/master/Surge/Module/Tun_Only.sgmodule?raw=true # 按需添加(自用) # https://github.com/ocd0711/Profiles/blob/master/Surge/Module/WiFi_Skip.sgmodule?raw=true [General] # 通用设置 # > 增强版 Wi-Fi 助理 # (在 Wi-Fi 网络不佳时尝试使用数据网络建立连接, 请仅当使用不限量的数据流量时开启) wifi-assist = true # > Wi-Fi Cellular 并发与 wifi-assist 不能同开 all-hybrid = false # > Internet 测试 URL internet-test-url = http://wifi.vivo.com.cn/generate_204 # > 代理测速 URL proxy-test-url = http://cp.cloudflare.com/generate_204 # > 测试超时(秒) test-timeout = 5 # > 自定义 GeoIP 数据库 geoip-maxmind-url = https://raw.githubusercontent.com/Loyalsoldier/geoip/release/Country.mmdb # > IPv6 支持 # 如无特殊需求不应开启 IPv6, 目前网络环境下 IPv6 只会带来问题 ipv6 = true ipv6-vif = false # > http-api 控制 http-api = OCD@0.0.0.0:6166 http-api-web-dashboard = true # > 使用 HTTPS 替代 HTTP 协议, 需要先配置 MitM 的 CA 证书, 同时需要在客户端设备上手动安装并信任 CA 证书 http-api-tls = false # > external-controller-access 远程控制 external-controller-access = OCD@0.0.0.0:6170 # > 允许 Wi-Fi 访问 (仅 iOS, 若允许远程访问将「false」改为「true」) allow-wifi-access = true wifi-access-http-port = 8888 wifi-access-socks5-port = 8889 # > 允许个人热点使用代理 allow-hotspot-access = true # > 允许 Wi-Fi 访问 (仅 macOS, 若允许远程访问将「127.0.0.1」改为「0.0.0.0」) http-listen = 0.0.0.0:8888 socks5-listen = 0.0.0.0:8889 # 将限制代理和网关服务仅接受来自当前子网下的设备 proxy-restricted-to-lan=false gateway-restricted-to-lan=false # > 兼容模式 (仅 iOS) # compatibility-mode = 0 # > 跳过代理 skip-proxy = 127.0.0.1, 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, 100.64.0.0/10, localhost, *.local, www.baidu.com, yunbusiness.ccb.com, wxh.wo.cn, gate.lagou.com, www.abchina.com.cn, www.shanbay.com, login-service.mobile-bank.psbc.com, mobile-bank.psbc.com, *.prod.ondemandconnectivity.com, *.pub.3gppnetwork.org # > 排除简单主机名 exclude-simple-hostnames = true # > DNS 服务器 (如无必要不建议使用 DNS over HTTPS) dns-server = 223.5.5.5, 223.6.6.6, 2400:3200::1, 2400:3200:baba::1, system # > 除非当地 ISP 有严重的 DNS 污染问题, 否则没必要开启 DoH, 传统 DNS 的性能最优, 网络异常后恢复速度最快 encrypted-dns-server = https://dns.alidns.com/dns-query, h3://dns.alidns.com/dns-query, quic://dns.alidns.com:853 # > 通过代理使用 DoH # encrypted-dns-follow-outbound-mode = true # > 禁用 DNS-over-HTTPS 的服务器证书验证 # encrypted-dns-skip-cert-verification = true # > 从 /etc/hosts 读取 DNS 记录 read-etc-hosts = true # > DoH 请求通过代理策略执行 doh-follow-outbound-mode = false # > 包含所有网络请求 # > By default, some requests might not be taken over by Surge. For example, apps can bind to the physical network interface to bypass Surge VIF. Enabling the Include All Networks option to make sure all requests are handled by Surge without leaking. This option is useful when you use Surge as a firewall. (Requires iOS 14.0 or above) # > Enabling this option may cause AirDrop and Xcode debugging issues, Surge Dashboard via USB not working, and other unexpected side effects. Use with caution. include-all-networks = false # > 包含本地网络请求 # > Enable this option to make Surge VIF handle requests sent to LAN. (Requires iOS 14.2 or above) # > Enabling this option may cause AirDrop and Xcode debugging issues, Surge Dashboard via USB not working, and other unexpected side effects. Use with caution. include-local-networks = false # 高级设置 # > 日志级别 loglevel = notify # > 当遇到 REJECT 策略时返回错误页 show-error-page-for-reject = true # > Always Real IP Hosts always-real-ip = *.msftconnecttest.com, *.msftncsi.com, *.srv.nintendo.net, *.stun.playstation.net, xbox.*.microsoft.com, *.xboxlive.com, *.logon.battlenet.com.cn, *.logon.battle.net, stun.l.google.com, easy-login.10099.com.cn, *-update.xoyocdn.com # > Hijack DNS # > By default, Surge only returns fake IP addresses for DNS queries sent to Surge DNS address (198.18.0.2). Queries sent to a standard DNS will be forwarded. # > Some devices or software always use a hardcoded DNS server. (For example, Google Speakers always use 8.8.8.8). You may use this option to hijack the query to get a fake address. # > You may use hijack-dns = *:53 to hijack all DNS queries. hijack-dns = 8.8.8.8:53, 8.8.4.4:53 # > 如果 Wi-Fi 不是主接口, 则使用SSID组的默认策略(Only MacOS) use-default-policy-if-wifi-not-primary = false # > 开启后会提高处理 UDP 流量的优先级, 当系统负载高时会有比较明显的作用(如高性能联机游戏) udp-priority = true # 如果没有代理服务器支持 UDP 转发, 可修改为「 direct 」或注释下条, 但需注意同一目标主机名 TCP 请求与 UDP 请求的源地址不同所造成的隐私及安全风险 udp-policy-not-supported-behaviour = reject [Replica] # 0 为关闭, 1 为开启 # > 隐藏 Apple 请求 hide-apple-request = 0 # > 隐藏崩溃追踪器请求 hide-crash-reporter-request = 1 # > 隐藏 UDP 会话 hide-udp = 0 # > 关键词过滤器 # none (关闭关键词过滤器) / whitelist (仅记录包含关键字的请求) / blacklist (仅记录不包含关键字的请求) / pattern(匹配通配符的请求) # keyword-filter-type = none # > 关键词 # keyword-filter = (null) # > reject-img # ^http://t\.tt data="https://raw.githubusercontent.com/ocd0711/Profiles/master/reject-img.gif" # > reject-200 # ^http://t\.tt data="https://raw.githubusercontent.com/ocd0711/Profiles/master/reject-200.txt" # > reject-dict # ^http://t\.tt data="https://raw.githubusercontent.com/ocd0711/Profiles/master/reject-dict.json" # > reject-array # ^http://t\.tt data="https://raw.githubusercontent.com/ocd0711/Profiles/master/reject-array.json" [Map Local] [Proxy] # 该段定义可用的策略组 # 一个策略组可以包括多个子策略. # 子策略可以是一个代理策略, 或者另一个策略组, 或者是一个内置策略 (DIRECT 或 REJECT) # 有 5 种策略组类型: "select", "url-test", "fallback", "ssid" 和 "load-balance" # select: 具体哪个子策略将被使用, 由用户界面上进行选择 # url-test: 具体哪个子策略将被使用, 通过测试到具体 URL 的访问速度选择延迟最低的策略 # 参数: # url: 测试时用到的目标 URL. # interval: 可选, 秒 (默认值: 600s) # 指定在多长时间后, 上次的测试结果将被抛弃 # tolerance: 可选, 毫秒 (默认值: 100ms) # 只有当新的优选线路, 比原优选线路的响应时间, 大于该值的时候, 才会触发线路变更 # timeout: 可选, 秒 (默认值: 5s) # 如果某策略在该时间后依然没有完成, 放弃该策略 # fallback: 与 url-test 组基本一致, 区别是只关心子策略是否可用而不关心具体延迟, 然后 # 从可用策略中选择靠前的策略. 可以通过调小 timeout 参数将缓慢线路也标记为不可用 # 该类型没有 tolerance 参数 # ssid: 具体哪个子策略将被使用, 根据 Wi-FI 的 SSID、BSSID、路由 IP 地址决定 # 参数: # default: 必填 # 默认策略 # cellular: 可选 # 在数据网络下的策略. 若不填, 那么默认策略将被使用 # load-balance: 随机从子策略中选取一个策略使用. 当配置了 url 参数时, 会 # 按照 fallback 组的行为进行可用性检查, 然后仅从可用的子策略中随机选取 # 参数: # 除 url、timeout、interval外, 还有一个参数: # persistent:当 persistent=true 时, 对于同一目标主机名, 将尽量使用同一个策略 # 避免因出口 IP 不同而触发目标网站的风险控制. 但当可用性改变时可能导致策略变化 [Proxy Group] # 节点选项 Proxy = select, AutoTest, HK, TW, JP, US, SG, DIRECT, include-all-proxies=true, include-other-group=Airport, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Proxy.png # 白名单模式 PROXY, 黑名单模式 DIRECT Final = select, Proxy, DIRECT, hidden=true, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Final.png # Steam Steam = select, Proxy, HK, TW, JP, US, SG, DIRECT, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Steam.png # YouTube YouTube = select, Proxy, HK, TW, JP, US, SG, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/YouTube.png # Spotify Spotify = select, DIRECT, Proxy, HK, TW, JP, US, SG, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Spotify.png # 国际流媒体服务 Streaming = select, Proxy, HK, TW, JP, US, SG, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Streaming.png # Emby 流媒体 EmbyProxy = select, SG, TW, US, OTHER, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Emby.png Emby = select, DIRECT, Proxy, HK, TW, JP, US, SG, OTHER, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Emby.png # AI 相关 AI = select, Proxy, HK, TW, JP, US, SG, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Bot.png # 中国流媒体服务(面向海外版本) StreamingSE = select, DIRECT, HK, TW, include-other-group=Airport, policy-regex-filter=(?=.*(港|台))^((?!(Gamer)).)*$, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/StreamingSE.png # Telegram 分流 Telegram = select, Proxy, HK, TW, JP, US, SG, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Telegram.png # Paypal 加速 Paypal = select, US, Proxy, HK, TW, JP, SG, DIRECT, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/PayPal.png # Speedtest 分流 Speedtest = select, Proxy, HK, TW, JP, US, SG, DIRECT, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Speedtest.png # Duolingo 分流 Duolingo = select, Proxy, HK, TW, JP, US, SG, DIRECT, icon-url=https://raw.githubusercontent.com/ocd0711/Profiles/master/icon/duolingo_2.png # 地区节点 HK = smart, include-other-group=Airport, policy-regex-filter=(?=.*(香港|HK|🇭🇰))^((?!(Gamer|emby)).)*$, timeout=3, interval=600, tolerance=100, evaluate-before-use=true, no-alert=true, icon-url=https://raw.githubusercontent.com/Orz-3/mini/master/Color/HK.png TW = smart, include-other-group=Airport, policy-regex-filter=(?=.*(台湾|TW|🇹🇼))^((?!(Gamer|emby)).)*$, timeout=3, interval=600, tolerance=100, evaluate-before-use=true, no-alert=true, icon-url=https://raw.githubusercontent.com/Orz-3/mini/master/Color/TW.png JP = smart, include-other-group=Airport, policy-regex-filter=(?=.*(日本|JP|🇯🇵))^((?!(Gamer|emby)).)*$, timeout=3, interval=600, tolerance=100, evaluate-before-use=true, no-alert=true, icon-url=https://raw.githubusercontent.com/Orz-3/mini/master/Color/JP.png US = smart, include-other-group=Airport, policy-regex-filter=(?=.*(美国|US|🇺🇸))^((?!(Gamer|emby)).)*$, timeout=3, interval=600, tolerance=100, evaluate-before-use=true, no-alert=true, icon-url=https://raw.githubusercontent.com/Orz-3/mini/master/Color/US.png SG = smart, include-other-group=Airport, policy-regex-filter=(?=.*(新加坡|SG|🇸🇬))^((?!(Gamer|emby)).)*$, timeout=3, interval=600, tolerance=100, evaluate-before-use=true, no-alert=true, icon-url=https://raw.githubusercontent.com/Orz-3/mini/master/Color/SG.png OTHER = smart, include-other-group=Airport, policy-regex-filter=(?=.*(emby))^((?!(Gamer)).)*$, timeout=3, interval=600, tolerance=100, evaluate-before-use=true, no-alert=true, icon-url=https://raw.githubusercontent.com/Orz-3/mini/master/Color/StreamingSE.png # 延迟自动测试 AutoTest = smart, include-other-group=Airport, policy-regex-filter=^((?!(Gamer|arm|emby)).)*$, timeout=3, interval=600, tolerance=100, evaluate-before-use=true, no-alert=true, hidden=true, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Auto.png # 代理服务商提供的代理列表 Airport = select, policy-path=https://sub.store/download/collection/OCD, update-interval=0, hidden=true, icon-url=https://raw.githubusercontent.com/Orz-3/mini/master/Alpha/Dler.png [Rule] # Tailscale IP-CIDR,100.64.0.0/10,DIRECT,no-resolve # Client PROCESS-NAME,UUBooster,DIRECT # > Download PROCESS-NAME,aria2c,DIRECT PROCESS-NAME,fdm,DIRECT PROCESS-NAME,Folx,DIRECT PROCESS-NAME,NetTransport,DIRECT PROCESS-NAME,Thunder,DIRECT PROCESS-NAME,Transmission,DIRECT PROCESS-NAME,uTorrent,DIRECT PROCESS-NAME,WebTorrent,DIRECT PROCESS-NAME,WebTorrent Helper,DIRECT # 农行防代理检测 DOMAIN,msmp.abchina.com.cn,REJECT # DNS 修正 RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/HTTPDNS.list,REJECT # 直连 RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Special.list,DIRECT RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Surge/BOC/BOC.list,DIRECT # Steam 单独分流 RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Steam.list,Steam # YouTube 单独分流 RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/YouTube%20Music.list,YouTube RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/YouTube.list,YouTube # Spotify 单独分流 RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Spotify.list,Spotify # Streaming 国际流媒体服务 RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Netflix.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Disney%20Plus.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/ABC.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Abema%20TV.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Amazon.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Bahamut.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/BBC%20iPlayer.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/DAZN.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Discovery%20Plus.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/encoreTVB.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/F1%20TV.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Fox%20Now.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Fox%2B.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Hulu%20Japan.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Hulu.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Japonx.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/JOOX.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/KKBOX.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/KKTV.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Line%20TV.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Max.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/myTV%20SUPER.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Niconico.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Pandora.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/PBS.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Pornhub.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Soundcloud.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/ViuTV.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Apple%20Music.list,DIRECT RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Apple%20News.list,Streaming RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Apple%20TV.list,Streaming # Emby 流媒体 RULE-SET,https://raw.githubusercontent.com/ocd0711/Profiles/master/Surge/Ruleset/emby-proxy.list,EmbyProxy RULE-SET,https://raw.githubusercontent.com/ocd0711/Profiles/master/Surge/Ruleset/emby-direct.list,DIRECT RULE-SET,https://raw.githubusercontent.com/ocd0711/Profiles/master/Surge/Ruleset/emby.list,Emby # AI 相关 RULE-SET,https://kelee.one/Tool/Loon/Lsr/AI.lsr,AI RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/refs/heads/main/Surge/Surge%203/Provider/AI%20Suite.list,AI # StreamingSE 中国流媒体服务 (面向海外版本) RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Bilibili.list,StreamingSE RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/IQ.list,StreamingSE RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/IQIYI.list,StreamingSE RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Letv.list,StreamingSE RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/MOO.list,StreamingSE RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Netease%20Music.list,StreamingSE RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Tencent%20Video.list,StreamingSE RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/Youku.list,StreamingSE RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Media/WeTV.list,StreamingSE # Telegram 加速 RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Telegram.list,Telegram # Paypal 加速 RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/PayPal.list,Paypal # Speedtest 分流 RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Speedtest.list,Speedtest # Duolingo 分流 RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Duolingo/Duolingo.list,Duolingo # Apple 服务 RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Apple.list,DIRECT # Global 全球加速 RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Proxy.list,Proxy # ASN China RULE-SET,https://raw.githubusercontent.com/VirgilClyne/GetSomeFries/main/ruleset/ASN.China.list,DIRECT # China DIRECT # RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Domestic.list,DIRECT # RULE-SET,https://raw.githubusercontent.com/dler-io/Rules/main/Surge/Surge%203/Provider/Domestic%20IPs.list,DIRECT # Local Area Network 局域网 RULE-SET,LAN,DIRECT # GeoIP China GEOIP,CN,DIRECT FINAL,Final,dns-failed [Host] # Tailscale *.ts.net = server:100.100.100.100 # > Router Admin Panel homeassistant.local = server:syslib // HomeAssistant amplifi.lan = server:syslib // Ubiquiti Amplifi Router router.synology.com = server:syslib // Synology Router sila.razer.com = server:syslib // Razer Sila Router router.asus.com = server:syslib // Asus Router routerlogin.net = server:syslib // Netgear Router orbilogin.com = server:syslib // Netgear Obri Router www.LinksysSmartWiFi.com = server:syslib // Linksys Router LinksysSmartWiFi.com = server:syslib // Linksys Router myrouter.local = server:syslib // Linksys Router www.miwifi.com = server:syslib // Xiaomi Mi WiFi Router miwifi.com = server:syslib // Xiaomi Mi WiFi Router mediarouter.home = server:syslib // Huawei Router tplogin.cn = server:syslib // TP-Link Router tplinklogin.net = server:syslib // TP-Link Router melogin.cn = server:syslib // MERCURY Router falogin.cn = server:syslib // FAST Router ocd-center.local = server:syslib [SSID Setting] SSID:OCD_AP* tfo-behaviour=force-disabled, cellular-fallback=off TYPE:WIFI tfo-behaviour=force-disabled, cellular-fallback=default TYPE:CELLULAR tfo-behaviour=force-disabled [MITM] # > 跳过服务器证书验证 skip-server-cert-verify = true # > VIF 对原始 TCP 流量进行解密 tcp-connection = true # > MITM 使用 HTTP/2 协议 h2 = true # > CA 证书 ca-keystore-name = OCD