# This config file was created for myself (@a1ickgu0). # You may want to add or remove some rules to make efficient use of the Internet. # This file depends on the main.conf which defines your own proxy. # Your main.conf will look like this: # ---- START ---- # #!PROXY-OVERRIDE:rules.conf # [Proxy] # Proxy = https, server.address, port, username, password # ---- END ---- # # Make sure the PROXY-OVERRIDE line included in the main.conf [General] loglevel = warning skip-proxy = 192.168.0.0/16, 10.0.0.0/8, 172.0.0.0/8, localhost, *.local, e.crashlytics.com bypass-tun = 192.168.0.0/16, 10.0.0.0/8, 172.0.0.0/8 # Google/Tencent/Ali DNS Server dns-server = 8.8.8.8, 119.29.29.29, 223.5.5.5 # stub proxy to stop surge complaining, leave this. [Proxy] #Proxy = https, 1.2.3.4, 1234 Proxy = custom, 1.2.3.4, 443, aes-256-cfb, password, https://github.com/a1ickgu0/surge-ss-conf/raw/master/SSEncrypt.module [Rule] # Accelerate most visited sites, part 1 DOMAIN-KEYWORD, ali, DIRECT DOMAIN-KEYWORD, taobao, DIRECT DOMAIN, weixin.qq.com, DIRECT DOMAIN-KEYWORD, weibo, DIRECT DOMAIN-KEYWORD, didi, DIRECT # Block privacy tracker within apps DOMAIN, monitor.uu.qq.com, REJECT DOMAIN, pagead2.googlesyndication.com, REJECT DOMAIN, cpro.baidu.com, REJECT DOMAIN, pingma.qq.com, REJECT DOMAIN, stat.m.jd.com, REJECT DOMAIN, ads.mopub.com, REJECT # Prevent stream services from displaying ads DOMAIN, ad.api.3g.youku.com, REJECT DOMAIN, atm.youku.com, REJECT DOMAIN, lives.l.qq.com, REJECT DOMAIN, ark.letv.com, REJECT DOMAIN, asimgs.pplive.cn, REJECT # Disable customized fonts DOMAIN, fonts.googleapis.com, REJECT # Prevent sniffer from a public WiFi DOMAIN, init.icloud-analysis.com, REJECT # Other privacy trackers DOMAIN-KEYWORD, umeng.co, REJECT DOMAIN-KEYWORD, flurry.co, REJECT DOMAIN-KEYWORD, cnzz, REJECT DOMAIN-SUFFIX, mmstat.com, REJECT DOMAIN-SUFFIX, doubleclick.net, REJECT DOMAIN-SUFFIX, youmi.net, REJECT DOMAIN-SUFFIX, beacon.qq.com, REJECT DOMAIN-SUFFIX, mob.com, REJECT DOMAIN-SUFFIX, 127.net, REJECT DOMAIN-SUFFIX, sinajs.cn, REJECT # Accelerate most visited sites, part 2 DOMAIN, ele.me, DIRECT DOMAIN, elemecdn.com, DIRECT DOMAIN, baby.360.cn, DIRECT DOMAIN, jianshuapi.com, DIRECT DOMAIN-KEYWORD, live.com, DIRECT DOMAIN-KEYWORD, ele.me, DIRECT DOMAIN-SUFFIX, cn, DIRECT DOMAIN-SUFFIX, qq.com, DIRECT DOMAIN-SUFFIX, jd.com, DIRECT DOMAIN-SUFFIX, 163.com, DIRECT DOMAIN-SUFFIX, 126.net, DIRECT DOMAIN-SUFFIX, netease.com, DIRECT DOMAIN-SUFFIX, gtimg.com, DIRECT DOMAIN-KEYWORD, tietuku, DIRECT DOMAIN-KEYWORD, baidu, DIRECT DOMAIN-KEYWORD, 360, DIRECT DOMAIN-KEYWORD, sina, DIRECT # Some services are available locally DOMAIN-SUFFIX, ls.apple.com, DIRECT DOMAIN-SUFFIX, itunes.apple.com, DIRECT DOMAIN-SUFFIX, dl.google.com, DIRECT # Apple services DOMAIN-SUFFIX, apple.com, Proxy DOMAIN-SUFFIX, icloud.com, Proxy DOMAIN-SUFFIX, mzstatic.com, Proxy DOMAIN-KEYWORD, aka, Proxy # Streaming services, comment out if you don't need DOMAIN-KEYWORD, sohu, DIRECT DOMAIN-KEYWORD, qiyi, DIRECT # Force some domains which are fucked by GFW while resolving DNS DOMAIN-KEYWORD, tumblr, Proxy, force-remote-dns DOMAIN-KEYWORD, google, Proxy, force-remote-dns DOMAIN-KEYWORD, facebook, Proxy, force-remote-dns DOMAIN-KEYWORD, youtube, Proxy, force-remote-dns DOMAIN-KEYWORD, twitter, Proxy, force-remote-dns DOMAIN-KEYWORD, gmail, Proxy, force-remote-dns DOMAIN-SUFFIX, twimg.com, Proxy, force-remote-dns # Workaround for some apps # Instagram DOMAIN-KEYWORD, instagram, Proxy, force-remote-dns # Telegram IP-CIDR, 91.108.56.0/22, Proxy, no-resolve IP-CIDR, 91.108.4.0/22, Proxy, no-resolve IP-CIDR, 109.239.140.0/24, Proxy, no-resolve IP-CIDR, 149.154.160.0/20, Proxy, no-resolve # Reserved networks, debugging rules should place above this line IP-CIDR, 192.168.0.0/16, DIRECT IP-CIDR, 10.0.0.0/8, DIRECT IP-CIDR, 172.0.0.0/8, DIRECT IP-CIDR, 127.0.0.0/8, DIRECT IP-CIDR, 100.64.0.0/10, DIRECT # Detect local network GEOIP, CN, DIRECT # Use proxy for all others FINAL, Proxy