#!MANAGED-CONFIG # -------------------------------------------------------------------------------------------------- # Surge 配置文件使用说明 # -------------------------------------------------------------------------------------------------- # 1. 订阅链接配置 [Proxy Group] # 请在下方 [Proxy Group] 区域找到 🔰 Sub-01 到 🔰 Sub-04。 # 将 policy-path 中的 token=YOUR_TOKEN 替换为您实际的订阅 Token 或完整订阅链接。 # 例如:policy-path=https://example.com/api/v1/client/subscribe?token=123456 # # 2. 密码修改 [General] # - external-controller-access = YOUR_PASSWORD@... # - http-api = YOUR_PASSWORD@... # 请将 YOUR_PASSWORD 替换为您自己的强密码。 # # 3. MITM 证书配置 [MITM] # 为了进行 HTTPS 解密(如去广告、重写),需要配置 CA 证书。 # - ca-passphrase: 证书密码 # - ca-p12: 证书的 Base64 编码数据 # 如果您已有证书,请替换 YOUR_PASSPHRASE 和 YOUR_P12_BASE64_DATA。 # 如果您是新用户,建议在 Surge App 中重新生成证书并安装信任。 # -------------------------------------------------------------------------------------------------- [General] # > 日志级别 verbose, info, notify, or warning loglevel = notify # > 显示错误页面拒绝 show-error-page-for-reject = true # > 允许Wi-Fi访问 allow-wifi-access = false # > All Hybrid 网络并发 all-hybrid = false # > IPv6 支持(默认关闭)启用完整的 IPv6 支持 ipv6 = true # > IPv6 VIF ipv6-vif = auto # > 测试超时(秒)建议设置为 5s 以避免误判 test-timeout = 5 # > Internet 测试 URL internet-test-url = http://www.baidu.com # internet-test-url = http://connect.rom.miui.com/generate_204 # internet-test-url = http://www.apple.com/library/test/success.html # > 代理测速 URL proxy-test-url = http://www.apple.com/library/test/success.html # proxy-test-url = http://www.gstatic.com/generate_204 # proxy-test-url = https://translate.google.cn/generate_204 # > GeoIP数据库 geoip-maxmind-url = https://raw.githubusercontent.com/adysec/IP_database/main/geolite/GeoLite2-Country.mmdb # > 禁用GEOIP 自动更新 disable-geoip-db-auto-update = false # > 排除简单主机名 此选项允许请求使用由 Surge VIF 而不是 Surge 代理处理的简单主机名 exclude-simple-hostnames = true # > DNS 服务器 上游DNS服务器的IP地址 dns-server = 223.5.5.5, 223.6.6.6, 119.29.29.29 # > 加密 DNS 跟随出站模式,默认情况下,加密的 DNS 查找使用直接出站。启用该选项将使 DOH 遵循出站模式设置和规则。 encrypted-dns-follow-outbound-mode = true # > DNS 加密服务器 encrypted-dns-server = https://223.5.5.5/dns-query # > DNS 劫持 hijack-dns = 8.8.8.8:53, 8.8.4.4:53 # predict-alternative-dns-answering = true # > 优先使用 /etc/hosts 中的本地解析结果 use-local-host-item-for-proxy = true # > 从 /etc/hosts 读取 DNS 记录 read-etc-hosts = true # > 远程控制器 启用 HTTP API 和 Web 仪表盘 http-api-web-dashboard = true # > 跳过代理 skip-proxy = 223.5.5.5, 127.0.0.1, 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 100.64.0.0/10, 17.0.0.0/8, *.local, *.crashlytics.com, seed-sequoia.siri.apple.com, localhost, sequoia.apple.com, www.abchina.com.cn, captive.apple.com, 169.254.0.0/16, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16 # > Always Real IP Hosts 始终使用真实 IP 访问的主机列表 always-real-ip = *.srv.nintendo.net, *.stun.playstation.net, xbox.*.microsoft.com, *.xboxlive.com, *.battlenet.com.cn, *.battlenet.com, *.blzstatic.cn, *.battle.net, 192.168.0.0/16 # > 当设备/环境不支持 UDP 策略时的处理方式 udp-policy-not-supported-behaviour = reject # > UDP 优先级 udp-priority = true # > 总是使用原始 TCP 连接的主机列表 always-raw-tcp-hosts = *.baidu.com, *.qq.com, *.weibo.com, *.taobao.com, *.tmall.com, *.jd.com, *.alicdn.com, *.aliyun.com, *.mi.com, *.xiaomi.com, *.sina.com.cn # > 当系统负载非常高且数据包处理延迟时,启用将优先处理 UDP 数据包。也称为游戏模式 allow-hotspot-access = false # > 启用 HTTP API TLS http-api-tls = true # > 允许个人热点访问 proxy-restricted-to-lan = false ; Security default: bind proxy ports to localhost to avoid exposing them on LAN/Wi-Fi. ; If you intentionally want to share to LAN devices, change to 0.0.0.0 and use firewall + strong auth. http-listen = 127.0.0.1 socks5-listen = 127.0.0.1 external-controller-access = YOUR_PASSWORD@127.0.0.1:6170 # > WEB 仪表盘 proxy-test-udp = apple.com@1.0.0.1 ; Security default: keep API/dashboard on localhost. http-api = YOUR_PASSWORD@127.0.0.1:6171 [Proxy Group] Proxy = select, "🇭🇰 香港优选", "🇺🇸 美国优选", "🇯🇵 日本优选", "🇨🇳 台湾优选", "🇰🇷 韩国优选", "🇸🇬 狮城优选", "🔰 Sub-01", "🔰 Sub-02", "🔰 Sub-03", "🔰 Sub-04", icon-url=https://raw.githubusercontent.com/Irrucky/Tool/main/Surge/icon/surge_2.png, no-alert=0, hidden=0, include-all-proxies=0 ADs = select, DIRECT, REJECT, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Advertising.png, no-alert=0, hidden=0, include-all-proxies=0 Apple = select, DIRECT, "🇭🇰 香港优选", "🇺🇸 美国优选", "⚙️ 手动节点", icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/apps/Apple_01.png, no-alert=0, hidden=0, include-all-proxies=0 Google = select, Proxy, "⚙️ 手动节点", AI, "🇭🇰 香港优选", "🇺🇸 美国优选", "🇸🇬 狮城优选", no-alert=0, hidden=0, include-all-proxies=0, icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Google_Search.png AI = select, AI-Fallback, "⚙️ 手动节点", icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/apps/ChatGPT4.png, no-alert=0, hidden=0, include-all-proxies=0 Telegram = select, Proxy, "🇭🇰 香港优选", "🇺🇸 美国优选", "🇯🇵 日本优选", "🇨🇳 台湾优选", "🇸🇬 狮城优选", icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/apps/Telegram_03.png Twitter = select, X-Fallback, "⚙️ 手动节点", icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Twitter.png, no-alert=0, hidden=0, include-all-proxies=0 Spotify = select, Proxy, "🇭🇰 香港优选", "🇸🇬 狮城优选", icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/apps/Spotify_01.png Netflix = select, Proxy, "🇭🇰 香港优选", "🇺🇸 美国优选", "🇯🇵 日本优选", "🇨🇳 台湾优选", "🇰🇷 韩国优选", "🇸🇬 狮城优选", icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Netflix.png YouTube = select, Proxy, "🇭🇰 香港优选", "🇺🇸 美国优选", "🇯🇵 日本优选", "🇸🇬 狮城优选", icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/apps/YouTube_01.png Microsoft = select, Proxy, DIRECT, "🇭🇰 香港优选", "🇺🇸 美国优选", "🇸🇬 狮城优选", icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Windows_11.png, no-alert=0, hidden=0, include-all-proxies=0 PayPal = select, Proxy, DIRECT, "⚙️ 手动节点", "🇭🇰 香港优选", "🇺🇸 美国优选", "🇯🇵 日本优选", "🇨🇳 台湾优选", "🇰🇷 韩国优选", "🇸🇬 狮城优选", icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/apps/Paypal.png, no-alert=0, hidden=0, include-all-proxies=0 BiliBili = select, DIRECT, "🇭🇰 香港优选", "🇨🇳 台湾优选", "🇸🇬 狮城优选", icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/bilibili.png GlobalMedia = select, Proxy, DIRECT, "⚙️ 手动节点", "🇭🇰 香港优选", "🇺🇸 美国优选", "🇯🇵 日本优选", "🇨🇳 台湾优选", "🇰🇷 韩国优选", "🇸🇬 狮城优选", icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/HKMTMedia.png, no-alert=0, hidden=0, include-all-proxies=0 Gamer = select, Proxy, DIRECT, "🇭🇰 香港优选", "🇺🇸 美国优选", "🇸🇬 狮城优选", icon-url=https://raw.githubusercontent.com/Koolson/Qure/master/IconSet/Color/Game.png 🇭🇰 香港优选 = smart, include-other-group=HUB, update-interval=0, no-alert=0, hidden=1, include-all-proxies=0, policy-regex-filter=(🇭🇰)|(港)|(香港)|(Hong)|(HK), icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/lige47/Hongkong.png 🇺🇸 美国优选 = smart, include-other-group=HUB, update-interval=0, no-alert=0, hidden=1, include-all-proxies=0, policy-regex-filter=(🇺🇸)|(美)|(美国)|(States)|(US), icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/lige47/US.png 🇯🇵 日本优选 = smart, include-other-group=HUB, update-interval=0, no-alert=0, hidden=1, include-all-proxies=0, policy-regex-filter=(🇯🇵)|(日本)|(Japan)|(JP), icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/lige47/zl-icon-jp-flag.png 🇨🇳 台湾优选 = smart, include-other-group=HUB, update-interval=0, no-alert=0, hidden=1, include-all-proxies=0, policy-regex-filter=(🇨🇳)|(湾)|(台湾)|(Tai)|(TW), icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/lige47/taiwan(2).png 🇰🇷 韩国优选 = smart, include-other-group=HUB, update-interval=0, no-alert=0, hidden=1, include-all-proxies=0, policy-regex-filter=(🇰🇷)|(韩)|(韩国)|(Korea)|(KR), icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/lige47/Korea.png 🇸🇬 狮城优选 = smart, include-other-group=HUB, update-interval=0, no-alert=0, hidden=1, include-all-proxies=0, policy-regex-filter=(🇸🇬)|(新)|(狮)|(新加坡)|(Singapore)|(SG), icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/lige47/singapore(1).png ⚙️ 手动节点 = select, include-other-group=HUB, update-interval=0, no-alert=0, hidden=0, include-all-proxies=0, policy-regex-filter=(🇭🇰|港|香港|HK|Hong|HK-?|HKG|hongkong|HongKong|Hong Kong|港区|香港CN2|香港IEPL|香港IPLC|hk节点|hk-|港速|香港优化) |(🇺🇸|🇺🇲|美|美国|USA|US|United States|UnitedStates|America|米国|美国节点|us节点|us-|US-|美国西海岸|美国东海岸|洛杉矶|LA|LAX|圣何塞|SJC|硅谷|西雅图|SEA|凤凰城|芝加哥|纽约|NY|达拉斯|阿什本|Ashburn|拉斯维加斯|拉斯维加斯|拉斯维加斯节点) |(🇸🇬|新|新加坡|SG|狮城|坡县|狮|Singa|Singapore|SGP|新加|新加坡节点|sg节点|sg-|SG-|新加坡CN2|新加坡IEPL), icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/softlyx/JieNiGui.png AI-Fallback = fallback, include-other-group=HUB, policy-regex-filter=(Oracle), no-alert=0, hidden=0, include-all-proxies=0 X-Fallback = fallback, "🇺🇸 美国优选", "🇸🇬 狮城优选", no-alert=0, hidden=0, include-all-proxies=0 🔰 Sub-01 = select, policy-path=http://login.91unicorn.cc/api/v1/client/subscribe?token=YOUR_TOKEN&flag, update-interval=86400, no-alert=0, hidden=0, include-all-proxies=0 🔰 Sub-02 = select, policy-path=https://ktmcloud.win/api/v1/client/subscribe?token=YOUR_TOKEN, update-interval=86400, no-alert=0, hidden=0, include-all-proxies=0, icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/lige47/telegram.png 🔰 Sub-03 = select, policy-path=https://nxsubnx.delu168.cn/api/v1/client/subscribe?token=YOUR_TOKEN, update-interval=86400, no-alert=0, hidden=0, include-all-proxies=0, icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/apps/Apple_iCloud.png 🔰 Sub-04 = select, policy-path=https://surgepro.wcnmm.com/share/sub/backup?token=YOUR_TOKEN, update-interval=86400, no-alert=0, hidden=0, include-all-proxies=0, icon-url=https://raw.githubusercontent.com/fmz200/wool_scripts/main/icons/apps/Surge.png HUB = select, include-other-group="🔰 Sub-01, 🔰 Sub-02, 🔰 Sub-03, 🔰 Sub-04", update-interval=0, no-alert=0, hidden=1, include-all-proxies=0 [Rule] # > 防止应用循环请求 IP-CIDR,0.0.0.0/32,REJECT,no-resolve # > 局域网地址 RULE-SET,LAN,DIRECT # > ASN China 分流 RULE-SET,https://github.com/VirgilClyne/GetSomeFries/raw/main/ruleset/ASN.China.list,DIRECT # > 中国大陆规则(优化精确性) RULE-SET,https://raw.githubusercontent.com/Loyalsoldier/surge-rules/release/ruleset/direct.txt,DIRECT,no-resolve # RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/ChinaMax/ChinaMax_All.list,DIRECT,no-resolve # > 微信直连 RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/WeChat/WeChat.list,DIRECT # > 国内媒体分流 RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/ChinaMedia/ChinaMedia.list,DIRECT,no-resolve # > Telegram RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Telegram/Telegram.list,Telegram,no-resolve # > Twitter RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Twitter/Twitter.list,Twitter,no-resolve # > 广告屏蔽 RULE-SET,https://limbopro.com/Adblock4limbo_surge.list,ADs,no-resolve # > 苹果服务 RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Apple/Apple_All_No_Resolve.list,Apple,no-resolve RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Google/Google.list,Google,no-resolve # > AI服务 RULE-SET,https://raw.githubusercontent.com/curtinp118/Surge5/refs/heads/main/rule/ai.list,AI,no-resolve RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Gemini/Gemini.list,AI,no-resolve # > GitHub RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/GitHub/GitHub.list,Proxy,no-resolve # > 微软服务 RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Microsoft/Microsoft.list,Microsoft,no-resolve # > PayPal RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/refs/heads/master/rule/Surge/PayPal/PayPal.list,PayPal,no-resolve # > 游戏平台 RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Epic/Epic.list,Gamer,no-resolve RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Sony/Sony.list,Gamer,no-resolve RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Steam/Steam.list,Gamer,no-resolve RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Nintendo/Nintendo.list,Gamer,no-resolve # > 流媒体服务 RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/YouTube/YouTube.list,YouTube,no-resolve RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Netflix/Netflix.list,Netflix,no-resolve RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/Spotify/Spotify.list,Spotify,no-resolve RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/BiliBili/BiliBili.list,BiliBili,no-resolve # > 全球媒体 RULE-SET,https://raw.githubusercontent.com/blackmatrix7/ios_rule_script/master/rule/Surge/GlobalMedia/GlobalMedia_All_No_Resolve.list,GlobalMedia,no-resolve # > 兜底 FINAL,Proxy,dns-failed [Host] # > 定义本地DNS记录 # 该功能等同于 /etc/hosts,加上了泛解析和别名支持。 # > Firebase Cloud Messaging (硬编码 IP 可能失效,建议使用 DoH 或 Rule 处理) # mtalk.google.com = 108.177.125.188 # > Google Dl dl.google.com = server:119.29.29.29 dl.l.google.com = server:119.29.29.29 update.googleapis.com = server:119.29.29.29 # > PlayStation *.dl.playstation.net = server:119.29.29.29 # > 淘宝 *.taobao.com = server:223.5.5.5 # > 天猫 *.tmall.com = server:223.5.5.5 # > 阿里云 *.alicdn.com = server:223.5.5.5 *.aliyun.com = server:223.5.5.5 # > 腾迅 *.tencent.com = server:119.29.29.29 # > 腾讯QQ *.qq.com = server:119.29.29.29 # > 微信 *.weixin.com = server:119.29.29.29 *.qpic.cn = server:119.29.29.29 # > 京东 *.jd.com = server:119.29.29.29 # > 哔哩哔喱 *.bilibili.com = server:119.29.29.29 hdslb.com = server:119.29.29.29 # > 网易 *.163.com = server:119.29.29.29 *.126.com = server:119.29.29.29 *.126.net = server:119.29.29.29 *.127.net = server:119.29.29.29 *.netease.com = server:119.29.29.29 # > 小米 *.mi.com = server:119.29.29.29 *.xiaomi.com = server:119.29.29.29 # > Router Admin Panel amplifi.lan = server:system // Ubiquiti Amplifi Router router.synology.com = server:system // Synology Router sila.razer.com = server:system // Razer Sila Router router.asus.com = server:system // Asus Router routerlogin.net = server:system // Netgear Router orbilogin.com = server:system // Netgear Obri Router www.LinksysSmartWiFi.com = server:system // Linksys Router LinksysSmartWiFi.com = server:system // Linksys Router myrouter.local = server:system // Linksys Router www.miwifi.com = server:system // Xiaomi Mi WiFi Router miwifi.com = server:system // Xiaomi Mi WiFi Router mediarouter.home = server:system // Huawei Router tplogin.cn = server:system // TP-Link Router tplinklogin.net = server:system // TP-Link Router melogin.cn = server:system // MERCURY Router falogin.cn = server:system # > Fuck Telegram bad IPs 91.108.56.100 = 91.108.56.147,91.108.56.135,91.108.56.130 91.108.56.101 = 91.108.56.147,91.108.56.135,91.108.56.130 91.108.56.104 = 91.108.56.147,91.108.56.135,91.108.56.130 91.108.56.107 = 91.108.56.147,91.108.56.135,91.108.56.130 91.108.56.120 = 91.108.56.147,91.108.56.135,91.108.56.130 91.108.56.125 = 91.108.56.147,91.108.56.135,91.108.56.130 91.108.56.126 = 91.108.56.147,91.108.56.135,91.108.56.130 91.108.56.128 = 91.108.56.147,91.108.56.135,91.108.56.130 91.108.56.156 = 91.108.56.147,91.108.56.135,91.108.56.130 [URL Rewrite] # > Google重定向 header ^https?://(www.)?g.cn https://www.google.com 302 ^https?://(www.)?google.cn https://www.google.com 302 [MITM] skip-server-cert-verify = false h2 = true hostname = www.google.cn, www.g.cn ca-passphrase = YOUR_PASSPHRASE ca-p12 = YOUR_P12_BASE64_DATA