# 官方手册 - https://manual.nssurge.com/ # 理解原理 - https://manual.nssurge.com/book/understanding-surge/cn/ # 帮助中心 - https://nssurge.zendesk.com/ # 技术社区 - https://community.nssurge.com [General] # 通用设置 # > 增强版 Wi-Fi 助理 wifi-assist = true # > 允许 Wi-Fi 访问 (仅 iOS) allow-wifi-access = false wifi-access-http-port = 6152 wifi-access-socks5-port = 6153 # > DNS 服务器 dns-server = 119.29.29.29, 223.5.5.5, 114.114.114.114, 8.8.8.8, system # > DNS over HTPPS (如无必要不建议使用 DNS over HTTPS) # doh-server = https://doh.pub/dns-query # > 从 /etc/hosts 读取 DNS 记录 read-etc-hosts = true # > TLS 引擎 tls-provider = openssl # > HTTP-API # 依次为:密码,主机名,端口 http-api = zqzess@127.0.0.1:6171 # > Internet 测试 URL internet-test-url = http://connect.rom.miui.com/generate_204 # > 代理测速 URL #proxy-test-url = http://www.qualcomm.cn/generate_204 #proxy-test-url = http://cp.cloudflare.com/generate_204 proxy-test-url = http://www.google.com/generate_204 # > 测试超时(秒) test-timeout = 3 # > Network framwork network-framework = false # > 自定义 GeoIP 数据库 geoip-maxmind-url = https://raw.githubusercontent.com/JMVoid/ipip2mmdb/release/Country.mmdb # > IPv6 支持(默认关闭) ipv6 = false # > 兼容模式 (仅 iOS) # compatibility-mode = 0 # > 排除简单主机名 exclude-simple-hostnames = true # > 跳过代理 skip-proxy = 127.0.0.1, 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, 100.64.0.0/10, localhost, *.local, passenger.t3go.cn # bypass-tun = 10.0.0.0/8,100.64.0.0/10,127.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.0.0.0/24,192.0.2.0/24,192.88.99.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,224.0.0.0/4,255.255.255.255/32 # 高级设置 # > 日志级别 loglevel = warning # > 当遇到 REJECT 策略时返回错误页 show-error-page-for-reject = true # > Always Real IP Hosts always-real-ip = *.msftconnecttest.com, *.msftncsi.com, *.srv.nintendo.net, *.stun.playstation.net, xbox.*.microsoft.com, *.xboxlive.com, *.logon.battlenet.com.cn, *.logon.battle.net, stun.l.google.com # > TCP Force HTTP Hosts # force-http-engine-hosts = *.ott.cibntv.net, 123.59.31.1,119.18.193.135, 122.14.246.33, 175.102.178.52, 116.253.24.*, 175.6.26.*, 220.169.153.* # > VIF Excluded Routes tun-excluded-routes = 239.255.255.250/32 # > 路由防火墙 include-all-networks = false include-local-networks = false [Replica] # 0 为关闭,1 为开启 # > 关键词过滤器 keyword-filter-type = pattern # > 关键词 keyword-filter = * # > 隐藏 Apple 请求 hide-apple-request = 1 # > 隐藏崩溃追踪器请求 hide-crash-reporter-request = 1 hide-udp = 0 [Proxy] #trojan-us = trojan, example.com, 端口号, password=密码 🇨🇳Direct = direct ⛔️Reject = reject [Proxy Group] #Proxy = select, policy-path=订阅地址, update-interval=0, no-alert=0, hidden=0 #订阅地址可以在安装sub-store模组后,访问sub.store添加订阅获取转换后的订阅链接,在使用外部代理列表填入转换后的订阅链接 🌑PROXY = select, trojan-us, update-interval=0, hidden=0, policy-path=https://sub.store/download/bityun, no-alert=0 节点选择 = select, 🌑PROXY, 容灾自选, 自动选择, 香港, 美国, 🇨🇳Direct, ⛔️Reject, hidden=0, no-alert=0 自动选择 = url-test, policy-path=https://sub.whitemoon.top/download/collection/collect, update-interval=0, interval=600, tolerance=50, hidden=1, no-alert=1, policy-regex-filter=^([^线]|[^专]线)+$ 容灾自选 = fallback, policy-path=https://sub.whitemoon.top/download/collection/collect, update-interval=0, interval=600, tolerance=50, hidden=1, no-alert=1 out_ssid = subnet, default = 节点选择, "TYPE:CELLULAR" = 节点选择, "617" = 🇨🇳Direct 香港 = fallback, update-interval=0, interval=600, tolerance=50, hidden=1, no-alert=1, policy-path=https://sub.whitemoon.top/download/collection/collect, policy-regex-filter=(?i)(港|HK|Hong) 美国 = url-test, policy-path=https://sub.whitemoon.top/download/collection/collect, update-interval=0, policy-regex-filter=(?i)(美|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|US|United States), interval=600, tolerance=50, hidden=1, no-alert=1 Reject = select, ⛔️Reject, 🇨🇳Direct, no-alert=0, hidden=0 Paypal = select, 🌑PROXY, DIRECT, 香港, 美国, trojan-us, no-alert=0, hidden=0 Spotify = select, 美国, trojan-us, 🌑PROXY, 节点选择, 香港, DIRECT, hidden=0, no-alert=0 Outside = select, out_ssid, 🌑PROXY, 节点选择, 香港, 美国, 🇨🇳Direct, hidden=0, update-interval=259200, no-alert=0 🧭Final = select, 🇨🇳Direct, 🌑PROXY, 节点选择, out_ssid, hidden=0, no-alert=0 [Rule] # 规则集 RULE-SET,SYSTEM,DIRECT # Apple 服务 RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Extra/Apple/Apple.list,🇨🇳Direct # Spotify RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/StreamingMedia/Music/Spotify.list,Spotify,update-interval=604800 # Paypal RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Extra/PayPal.list,Paypal # Telegram RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Extra/Telegram/Telegram.list,Outside # 代理 RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/Global.list,Outside # China 中国直连 RULE-SET,https://raw.githubusercontent.com/DivineEngine/Profiles/master/Surge/Ruleset/China.list,🇨🇳Direct # 局域网 RULE-SET,LAN,🇨🇳Direct GEOIP,CN,🇨🇳Direct FINAL,🧭Final,dns-failed [Host] # > PlayStation *.dl.playstation.net = server:119.29.29.29 *.taobao.com = server:223.5.5.5 *.tmall.com = server:223.5.5.5 *.alipay.com = server:223.5.5.5 *.alicdn.com = server:223.5.5.5 *.aliyun.com = server:223.5.5.5 *.jd.com = server:119.29.29.29 *.qq.com = server:119.29.29.29 *.tencent.com = server:119.29.29.29 *.weixin.com = server:119.29.29.29 *.bilibili.com = server:119.29.29.29 hdslb.com = server:119.29.29.29 *.163.com = server:119.29.29.29 *.126.com = server:119.29.29.29 *.126.net = server:119.29.29.29 *.127.net = server:119.29.29.29 *.netease.com = server:119.29.29.29 *.mi.com = server:119.29.29.29 *.xiaomi.com = server:119.29.29.29 # > Google Dl dl.google.com = server:119.29.29.29 dl.l.google.com = server:119.29.29.29 update.googleapis.com = server:119.29.29.29 # Apple TestFlight testflight.apple.com = server:8.8.4.4 # Firebase Cloud Messaging mtalk.google.com = 108.177.125.188 [URL Rewrite] # > Fake Website Made By C&J Marketing ^https?:\/\/(www.)?abbyychina\.com\/ https://www.abbyy.cn/ 302 [Header Rewrite] [MITM] skip-server-cert-verify = true tcp-connection = true [Script]