# Loon配置文件 by cobalue # GitHub仓库地址:https://github.com/cobalue/Netool-Config/blob/main/Loon/Loon.conf # 具体语法和格式参考:https://github.com/Loon0x00/LoonExampleConfig # 🟢>>>>>>>>>>>基本设置<<<<<<<<<<<<<<<🟢 [General] fast-switch = true sni-sniffing = true # IPv6 支持 ipv6 = false # 跳过某个域名或者IP段 skip-proxy = localhost,*.local,passenger.t3go.cn,e.crashlytics.com,captive.apple.com,app.yinxiang.com,injections.adguard.org,local.adguard.org,cable.auth.com,www.baidu.com,yunbusiness.ccb.com,10.0.0.0/8,100.64.0.0/10,127.0.0.1/32,169.254.0.0/16,172.16.0.0/12,192.168.0.0/16,224.0.0.0/4,240.0.0.0/4,::1/128,fc00::/7,fd00::/8,fe80::/10,ff00::/8,2001::/32,2001:db8::/32,2002::/16,::ffff:0:0:0:0/1,::ffff:128:0:0:0/1,teams.microsoft.com,deltaww.com.cn,book.yunzhan365.com bypass-tun = 10.0.0.0/8,100.64.0.0/10,127.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.0.0.0/24,192.0.2.0/24,192.88.99.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,224.0.0.0/4,255.255.255.255/32 # DNS服务,system表示系统自带dns服务器 dns-server = system,119.29.29.29,223.5.5.5 # WiFi访问 # 是否允许 Wi-Fi 网络下其它设备访问 allow-udp-proxy = true allow-wifi-access = false # wifi共享开启时http服务的端口 wifi-access-http-port = 1234 # wifi共享开启时socks5服务的端口 wifi-access-socks5-port = 1235 # 节点测速 # 节点测速时的url proxy-test-url = http://cp.cloudflare.com/generate_204 # proxy-test-url = http://www.gstatic.com/generate_204 # 节点测速时的超时秒数 test-timeout = 1 interface-mode = auto # 当节点连续失败多少次后开始切换节点 switch-node-after-failure-times = 2 # 资源解析器 resource-parser = https://raw.githubusercontent.com/Peng-YM/Sub-Store/master/backend/dist/sub-store-parser.loon.min.js # ssid-trigger参数,用于指定SSID环境下使用的策略,如"loon-wifi5g":DIRECT,表示在loon-wifi5g这个wifi网络下使用直连模式,"cellular":PROXY,表示在蜂窝网络下使用代理模式,"default":RULE,默认使用分流模式 # default表示默认,cellular表示蜂窝,目前支持三种值:rule,direct,proxy # ssid-trigger = "default":rule, "cellular":rule,"ASUS_5G":direct # geoip geoip-url = https://github.com/Hackl0us/GeoIP2-CN/raw/release/Country.mmdb # 更全IP地址 # https://raw.githubusercontent.com/Loyalsoldier/geoip/release/Country.mmdb # 使用方法:https://github.com/Loyalsoldier/geoip # 策略切换时关闭链接 disconnect-on-policy-change = false # udp端口禁用 disable-stun = true disable-udp-ports = 443 # 解决一些ip请求无法匹配域名类规则的问题。real-ip指定的域名将不返回fake ip响应,直接将dns请求发往目标dns服务器 # 以下配置的域名不会使用fakeip进行映射 real-ip = msftconnecttest.com, msftncsi.com, *.msftconnecttest.com, *.msftncsi.com, *.srv.nintendo.net, *.stun.playstation.net, xbox.*.microsoft.com, *.xboxlive.com, *.battlenet.com.cn, *.battlenet.com, *.blzstatic.cn, *.battle.net real-ip = *.apple.com, *apple.com # 🟢>>>>>>>>>>>代理配置<<<<<<<<<<<<<<<🟢 # 语法和格式参见示例 [Proxy] # 内置 DIRECT、REJECT 策略 # 内置 PROXY 指向本地节点或者订阅节点中的任何一个(有本地节点默认指向第一个本地节点,当没有本地节点但有订阅节点时,指向第一个订阅的第一个节点,本地节点和订阅节点都不存在时指向DIRECT) [Remote Proxy] # 订阅节点 # 别名 = 订阅URL # 🟢>>>>>>>>>>>节点筛选<<<<<<<<<<<<<<<🟢 [Remote Filter] # 筛选节点,筛选后的结果可加入到策略组中,目前支持三种筛选方式 # NodeSelect: 使用在UI上选择的节点。 # NameKeyword: 根据提供的关键词对订阅中所有节点的名称进行筛选,使用筛选后的节点。 # NameRegex: 根据提供的正则表达式对订阅中所有节点的名称进行筛选,使用筛选后的节点。 全部 = NameRegex, FilterKey = "^(?!.*(网易云|关注|招商|公众号|频道))" 香港 = NameRegex, FilterKey = "(?i)(香港|港|HK|Hong)" 台湾 = NameRegex, FilterKey = "(?i)(台湾|台|TW|Tai|中国)" 日本 = NameRegex, FilterKey = "(?i)(日本|日|川日|东京|大阪|泉日|埼玉|沪日|深日|JP|Japan)" 韩国 = NameRegex, FilterKey = "(?i)(韩国|韩|首尔|釜山|仁川|KR|Korea)" 新加坡 = NameRegex, FilterKey = "(?i)(新加坡|坡|狮城|SG|Singapore)" 美国 = NameRegex, FilterKey = "(?i)(美|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|US|United States)" # 🟢>>>>>>>>>>>策略分组<<<<<<<<<<<<<<<🟢 [Proxy Group] # 节点选项 # url-test模式,给提供的url发出http header请求,根据返回结果,选择测速最快的节点,当前间隔600s,测速超时时间5s,为了避免资源浪费,建议节点数不要过多 # fallback模式,和url-test类似,不同的是会根据顺序返回第一个可用的节点,为了避免资源浪费,建议节点数不要过多 自选节点 = select,全部,img-url = https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Proxy.png 优选节点 = url-test,全部,url = http://cp.cloudflare.com/generate_204,interval = 1800,img-url = https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Filter.png 大陆服务 = select,DIRECT,REJECT,自选节点,优选节点,img-url = https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/China_Map.png 海外服务 = select,自选节点,优选节点,香港服务,台湾服务,美国服务,日本服务,新加坡服,img-url = https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Global.png 兜底规则 = select,DIRECT,REJECT,自选节点,优选节点,img-url = https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Final.png 香港服务 = url-test,香港,url = http://cp.cloudflare.com/generate_204,interval = 1800,img-url = https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Hong_Kong.png 台湾服务 = url-test,台湾,url = http://cp.cloudflare.com/generate_204,interval = 1800,img-url = https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Taiwan.png 日本服务 = url-test,日本,url = http://cp.cloudflare.com/generate_204,interval = 1800,img-url = https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Japan.png 韩国服务 = url-test,韩国,url = http://cp.cloudflare.com/generate_204,interval = 1800,img-url = https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Korea.png 新加坡服 = url-test,新加坡,url = http://cp.cloudflare.com/generate_204,interval = 1800,img-url = https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Singapore.png 美国服务 = url-test,美国,url = http://cp.cloudflare.com/generate_204,interval = 1800,img-url = https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/United_States.png # 🟢>>>>>>>>>>>规则分流<<<<<<<<<<<<<<<🟢 [Rule] # 本地分流规则 GEOIP,CN,DIRECT FINAL,兜底规则 [Remote Rule] # 远程订阅分流规则 https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Loon/Apple/Apple.list, policy=DIRECT, tag=Apple, enabled=true https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Loon/Apple/Apple_Domain.list, policy=DIRECT, tag=Apple, enabled=true https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Loon/China/China.list, policy=大陆服务, tag=大陆服务, enabled=true https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Loon/China/China_Domain.list.list, policy=大陆服务, tag=大陆服务, enabled=true https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Loon/Global/Global.list, policy=海外服务, tag=海外服务, enabled=true https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Loon/Global/Global_Domain.list, policy=海外服务, tag=海外服务, enabled=true # 🟢>>>>>>>>>>>重写规则<<<<<<<<<<<<<<<🟢 [Rewrite] # 🟢>>>>>>>>>>>DNS映射<<<<<<<<<<<<<<<🟢 [Host] #可以指定以下四种模式:①指定域名使用对应的IP地址。②将域名指向另一个域名。③指定域名请求DNS时使用特定的DNS服务器,格式为:google.com = server:8.8.8.8 或者 *.baidu.com = server:https://example.com/dns-query。④指定具体的SSID环境下使用特定的DNS服务器,如:*.testflight.apple.com = server:8.8.4.4;*.apple.com = server:system;ssid:LOON's WIFI = server:system;ssid:LOON WIFI = server:https://example.com/dns-query *.taobao.com = server:223.5.5.5 *.tmall.com = server:223.5.5.5 *.alipay.com = server:223.5.5.5 *.alicdn.com = server:223.5.5.5 *.aliyun.com = server:223.5.5.5 *.tencent.com = server:119.29.29.29 *.qq.com = server:119.29.29.29 *.weixin.com = server:119.29.29.29 # 🟢>>>>>>>>>>>脚本任务<<<<<<<<<<<<<<<🟢 [Script] # http-request 处理请求的脚本 # http-response 处理请求响应的脚本 # cron 定时脚本 # network-changed 网络发生变化触发脚本 # generic 通用型脚本,可用在操作节点/策略组中,执行是会带入节点名称和策略组名称,脚本必须在开启NE时 [Remote Script] # 🟢>>>>>>>>>>>插件模块<<<<<<<<<<<<<<<🟢 [Plugin] # plugin-url tag=tag,proxy=插件中PROXY所指向的策略,enable=true # plugin策略可设置为DIRECT,REJECT,PROXY,其中PROXY为用户在app中手动映射的策略,rule后不跟随策略默认使用PROXY https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rewrite/Loon/SafeRedirect/SafeRedirect.plugin, tag=安全重定向, enabled=true https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rewrite/Loon/AdvertisingLite/AdvertisingLite.plugin, tag=屏蔽广告 (严格版), policy=REJECT, enabled=true https://raw.githubusercontent.com/VirgilClyne/GetSomeFries/main/plugin/DNS.plugin, tag=DNS解析, enabled=true https://raw.githubusercontent.com/VirgilClyne/GetSomeFries/main/plugin/HTTPDNS.Block.plugin, tag=DNS防劫持, enabled=true https://raw.githubusercontent.com/Script-Hub-Org/Script-Hub/main/modules/script-hub.loon.plugin, tag=插件转换, enabled=true https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Loon.plugin, tag=Sub-Store, enabled=true https://raw.githubusercontent.com/chavyleung/scripts/master/box/rewrite/boxjs.rewrite.loon.plugin, tag=BoxJs, enabled=true # 🟢>>>>>>>>>>>证书MITM<<<<<<<<<<<<<<🟢 [MITM] hostname = ca-p12 = ca-passphrase = enable = false skip-server-cert-verify = true