Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Shuchen Zhang
committed
Nov 28, 2020
1 parent
9f980b7
commit 5c44f09
Showing
1 changed file
with
209 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,209 @@ | ||
# 基于官方 Quantumult 示例配置文件 v1.0.9 修改 | ||
# | ||
# 以 ";" 或 "#" 或 "//" 开头的行为注释行。 | ||
# | ||
# SS-URI scheme 请参考 https://shadowsocks.org/en/spec/SIP002-URI-Scheme.html | ||
# | ||
# Quantumult 使用 HTTP HEAD 方法对测试网址 server_check_url 进行网页响应性测试(测试结果为通过该节点访问此网页获得 HTTP 响应所需要的时间),来确认节点的可用性。 | ||
# Quantumult 界面中的延迟测试方式均为网页响应性测试,显示的最终延迟均为通过对应节点访问测试网页获得 HTTP 响应所需要时间。 | ||
# 由于 Trojan 协议为无响应校验协议,使得 HTTP 检测方式即使获得了 HTTP 响应,也不代表节点一定可用。 | ||
# | ||
# dns_exclusion_list 包含需要关闭 placeholder IP(240.*) 的域名列表, 不在 dns_exclusion_list 列表中的所域名将默认开启 placeholder IP 并启用 resolve-on-remote(远端解析 DNS). | ||
# | ||
# udp_whitelist 包含目的地的 UDP 端口, 如果留空则默认表示所有的端口都在 udp_whitelist 中。如果带有目的地端口 UDP 包 (通过 Quantumult tunnel interface) 不在 udp_whitelist 中,该 UDP 包将会被丢弃. 此项设置不会影响策略或代理服务器。 | ||
# | ||
# Quantumult X 将不会处理向 excluded_routes 列表中请求的流量,当你每次修改这个配置时,最好重新启动你的设备。 | ||
# | ||
# resource_parser_url 的配置文件示例可以参考 https://raw.githubusercontent.com/crossutility/Quantumult-X/master/resource-parser.js | ||
# | ||
|
||
[general] | ||
profile_img_url=https://i.loli.net/2020/11/26/6brRELctkPX57TQ.png | ||
;resource_parser_url=http://www.example.com/parser.js | ||
server_check_url=http://www.google.com/generate_204 | ||
;geo_location_checker=http://www.example.com/json/, https://www.example.com/script.js | ||
;running_mode_trigger=filter, filter, LINK_22E171:all_proxy, LINK_22E172:all_direct | ||
dns_exclusion_list=*.cmpassport.com, *.jegotrip.com.cn, *.icitymobile.mobi, id6.me | ||
;ssid_suspended_list=LINK_22E174, LINK_22E175 | ||
;udp_whitelist=53, 123, 1900, 80-443 | ||
excluded_routes= 0.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16, 192.88.99.0/24, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 255.255.255.255/32 | ||
;icmp_auto_reply=true | ||
|
||
# | ||
# 为保证获得最佳的 DNS 解析性能体验,Quantumult X 默认总是从当前网络(系统配置)的 DNS 服务器获取解析结果,但你可以使用 no-system 参数来关闭此操作,但是必须至少定义一个 DNS 服务器,如 "server=223.5.5.5" | ||
# DNS 解析结果仅用于 直连(direct)规则和判定 IP 分流条件,而不会用于 代理 的规则策略(而是会在远端解析),Quantumult 不会获得目的 IP 和相关的域名。 | ||
# 此处不允许将特定的域名指向 127.0.0.1. 如果你想将某个域名指向 127.0.0.1 如 example.com,你可以直接在 "filter_local" 中添加 "host, example.com, reject" 来实现。这一操作将会让域名的 DNS 结果返回 127.0.0.1 | ||
# | ||
[dns] | ||
no-system | ||
;no-ipv6 | ||
server=223.5.5.5 | ||
server=114.114.114.114 | ||
;server=8.8.4.4:53 | ||
;server=/example0.com/system | ||
;server=/example1.com/8.8.4.4 | ||
;server=/*.example2.com/223.5.5.5 | ||
;server=/example4.com/[2001:4860:4860::8888]:53 | ||
;address=/example5.com/192.168.16.18 | ||
;address=/example6.com/[2001:8d3:8d3:8d3:8d3:8d3:8d3:8d3] | ||
|
||
|
||
# | ||
# static 策略组会使用你 手动选择 的服务器 | ||
# available 策略组使用第一个通过 server_check_url 测试后可用的服务器 . | ||
# round-robin 策略组会为每一个新链接轮询使用组内策略 | ||
# ssid 策略组会根据网络环境选用指定的服务器 | ||
# | ||
[policy] | ||
; 策略组命名不能为 direct, proxy, reject,它们都是工具保留的特殊策略组名称 | ||
static=select-proxy-group, ss1, ss2 | ||
;static=policy-name-1, Sample-A, Sample-B, Sample-C, img-url=http://example.com/icon.png | ||
;available=policy-name-2, Sample-A, Sample-B, Sample-C | ||
;round-robin=policy-name-3, Sample-A, Sample-B, Sample-C | ||
;ssid=policy-name-4, Sample-A, Sample-B, LINK_22E171:Sample-B, LINK_22E172:Sample-C | ||
|
||
# | ||
# "tag" 和 "enabled" 参数是可选参数 | ||
# 默认所有远程资源的同步时间间隔是 24 * 60 * 60 秒 (24 小时). | ||
# 你可以将使用类似 update-interval=172800 的方式去自定义同步时间间隔(单位为秒),如果 update-internal 的数值设置为负数,则会禁用自动同步功能。 | ||
# | ||
[server_remote] | ||
;https://raw.githubusercontent.com/crossutility/Quantumult-X/master/server.txt, tag=Sample-01 | ||
;https://raw.githubusercontent.com/crossutility/Quantumult-X/master/server.txt, opt-parser=true, tag=Sample-01 | ||
;https://raw.githubusercontent.com/crossutility/Quantumult-X/master/server.txt, update-interval=-1, tag=Sample-01 | ||
;https://raw.githubusercontent.com/crossutility/Quantumult-X/master/server-complete.txt, tag=Sample-02, as-policy=static, img-url=http://example.com/icon.png, enabled=false | ||
|
||
# | ||
# "tag", "force-policy" 和 "enabled" 是可选参数. | ||
# 当设置 force-policy 参数时,远程资源的 filter 中指定的策略将会被忽略,而会强制使用 force-policy 指定的策略 | ||
# | ||
[filter_remote] | ||
; 你可以在需要走代理的节点后使用 force-policy 参数配置你自己定义的策略组(如: force-policy = Apple_Proxy)来覆盖规则集中的代理策略,默认是 proxy. | ||
https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Quantumult/Basic/Apple-News.list, tag=Hackl0us, force-policy=proxy, enabled=false | ||
https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Quantumult/Basic/Apple-proxy.list, tag=Hackl0us, force-policy=proxy, enabled=true | ||
https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Quantumult/Basic/Apple-direct.list, tag=Hackl0us, enabled=true | ||
https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Quantumult/Basic/CN.list, tag=Hackl0us, enabled=true | ||
https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Quantumult/Basic/common-ad-keyword.list, tag=Hackl0us, enabled=true | ||
https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Quantumult/Basic/foreign.list, tag=Hackl0us, force-policy=proxy, enabled=true | ||
https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Quantumult/App/social/Telegram.list, tag=Hackl0us, force-policy=proxy, enabled=true | ||
https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Quantumult/Basic/LAN.list, tag=Hackl0us, enabled=true | ||
|
||
# | ||
# "tag" 和 "enabled" 是可选参数 | ||
# | ||
[rewrite_remote] | ||
;https://raw.githubusercontent.com/crossutility/Quantumult-X/master/sample-import-rewrite.txt, tag=Sample, enabled=true | ||
https://cdn.jsdelivr.net/gh/Hackl0us/SS-Rule-Snippet@master/Rulesets/Quantumult/rewrite.list, tag=Hackl0us, enabled=true | ||
|
||
# | ||
# 只有在 obfs 混淆方式为 obfs=http, obfs=ws, obfs=wss 的条件下,才能填写 obfs-uri 参数 | ||
# 在 wss 混淆方式中,obfs-host 参数将被用来进行 TLS 握手和设置 HTTP 请求头中的 host 字段, 如果使用 wss 混淆方式而不配置 obfs-host,将会使用服务器地址作为混淆域名 | ||
# VMess 和 Trojan 协议暂时不支持 UDP 转发 | ||
# 当使用 obfs=ws 或 obfs=wss 的混淆方式时,服务端可以使用 v2ray-plugin (mux = 0) 或 v2ray-core 完成部署 | ||
# obfs 混淆插件 tls1.2_ticket_auth 会比 tls1.2_ticket_fastauth 和 obfs tls 多一次 RTT, 因此更建议使用 tls1.2_ticket_fastauth | ||
# chacha20-ietf-poly1305 和 chacha20-poly1305 这两种加密方式在 VMess 配置中效果一样 | ||
# | ||
[server_local] | ||
# 可选参数 tls13 仅适用于 shadowsocks obfs=wss | ||
;shadowsocks=example.com:80, method=chacha20, password=pwd, obfs=http, obfs-host=bing.com, obfs-uri=/resource/file, fast-open=false, udp-relay=false, server_check_url=http://www.apple.com/generate_204, tag=ss-01 | ||
;shadowsocks=example.com:80, method=chacha20, password=pwd, obfs=http, obfs-host=bing.com, obfs-uri=/resource/file, fast-open=false, udp-relay=false, tag=ss-02 | ||
;shadowsocks=example.com:443, method=chacha20, password=pwd, obfs=tls, obfs-host=bing.com, fast-open=false, udp-relay=false, tag=ss-03 | ||
;shadowsocks=example.com:443, method=chacha20, password=pwd, ssr-protocol=auth_chain_b, ssr-protocol-param=def, obfs=tls1.2_ticket_fastauth, obfs-host=bing.com, tag=ssr | ||
;shadowsocks=example.com:80, method=aes-128-gcm, password=pwd, obfs=ws, fast-open=false, udp-relay=false, tag=ss-ws-01 | ||
;shadowsocks=example.com:80, method=aes-128-gcm, password=pwd, obfs=ws, obfs-uri=/ws, fast-open=false, udp-relay=false, tag=ss-ws-02 | ||
;shadowsocks=example.com:443, method=aes-128-gcm, password=pwd, obfs=wss, obfs-uri=/ws, fast-open=false, udp-relay=false, tag=ss-ws-tls-01 | ||
;shadowsocks=example.com:443, method=aes-128-gcm, password=pwd, obfs=wss, obfs-uri=/ws, tls13=true, fast-open=false, udp-relay=false, tag=ss-ws-tls-02 | ||
# | ||
# 可选参数 tls13 仅适用于 vmess obfs=over-tls 或 obfs=wss | ||
;vmess=example.com:80, method=none, password=23ad6b10-8d1a-40f7-8ad0-e3e35cd32291, fast-open=false, udp-relay=false, tag=vmess-01 | ||
;vmess=example.com:80, method=aes-128-gcm, password=23ad6b10-8d1a-40f7-8ad0-e3e35cd32291, fast-open=false, udp-relay=false, tag=vmess-02 | ||
;vmess=example.com:443, method=none, password=23ad6b10-8d1a-40f7-8ad0-e3e35cd32291, obfs=over-tls, fast-open=false, udp-relay=false, tag=vmess-tls-01 | ||
;vmess=192.168.1.1:443, method=none, password=23ad6b10-8d1a-40f7-8ad0-e3e35cd32291, obfs=over-tls, obfs-host=example.com, fast-open=false, udp-relay=false, tag=vmess-tls-02 | ||
;vmess=192.168.1.1:443, method=none, password=23ad6b10-8d1a-40f7-8ad0-e3e35cd32291, obfs=over-tls, obfs-host=example.com, tls13=true, fast-open=false, udp-relay=false, tag=vmess-tls-03 | ||
;vmess=example.com:80, method=chacha20-poly1305, password=23ad6b10-8d1a-40f7-8ad0-e3e35cd32291, obfs=ws, obfs-uri=/ws, fast-open=false, udp-relay=false, tag=vmess-ws-01 | ||
;vmess=192.168.1.1:80, method=chacha20-poly1305, password=23ad6b10-8d1a-40f7-8ad0-e3e35cd32291, obfs=ws, obfs-host=example.com, obfs-uri=/ws, fast-open=false, udp-relay=false, tag=vmess-ws-02 | ||
;vmess=example.com:443, method=chacha20-poly1305, password=23ad6b10-8d1a-40f7-8ad0-e3e35cd32291, obfs=wss, obfs-uri=/ws, fast-open=false, udp-relay=false, tag=vmess-ws-tls-01 | ||
;vmess=192.168.1.1:443, method=chacha20-poly1305, password=23ad6b10-8d1a-40f7-8ad0-e3e35cd32291, obfs=wss, obfs-host=example.com, obfs-uri=/ws, fast-open=false, udp-relay=false, tag=vmess-ws-tls-02 | ||
;vmess=192.168.1.1:443, method=chacha20-poly1305, password=23ad6b10-8d1a-40f7-8ad0-e3e35cd32291, obfs=wss, obfs-host=example.com, obfs-uri=/ws, tls13=true, fast-open=false, udp-relay=false, tag=vmess-ws-tls-03 | ||
# | ||
# 可选参数 tls13 仅适用于 http over-tls=true | ||
;http=example.com:80,fast-open=false, udp-relay=false, tag=http-01 | ||
;http=example.com:80, username=name, password=pwd, fast-open=false, udp-relay=false, tag=http-02 | ||
;http=example.com:443, username=name, password=pwd, over-tls=true, tls-host=example.com, tls-verification=true, fast-open=false, udp-relay=false, tag=http-tls-01 | ||
;http=example.com:443, username=name, password=pwd, over-tls=true, tls-host=example.com, tls-verification=true, tls13=true, fast-open=false, udp-relay=false, tag=http-tls-02 | ||
# | ||
# 可选参数 tls13 仅适用于 trojan over-tls=true | ||
;trojan=example.com:443, password=pwd, over-tls=true, tls-verification=true, fast-open=false, udp-relay=false, tag=trojan-tls-01 | ||
;trojan=example.com:443, password=pwd, over-tls=true, tls-verification=true, tls13=true, fast-open=false, udp-relay=false, tag=trojan-tls-02 | ||
;trojan=192.168.1.1:443, password=pwd, over-tls=true, tls-host=example.com, tls-verification=true, fast-open=false, udp-relay=false, tag=trojan-tls-03 | ||
;trojan=192.168.1.1:443, password=pwd, over-tls=true, tls-host=example.com, tls-verification=true, tls13=true, fast-open=false, udp-relay=false, tag=trojan-tls-04 | ||
|
||
[filter_local] | ||
;user-agent, ?abc*, proxy | ||
;host, www.google.com, proxy | ||
;host-keyword, adsite, reject | ||
;host-suffix, googleapis.com, proxy | ||
;ip6-cidr, 2001:4860:4860::8888/32, direct | ||
geoip,cn,direct | ||
final, proxy | ||
|
||
|
||
# | ||
# "reject" 策略会返回 HTTP 状态码 404,不附带任何额外内容 | ||
# "reject-200" 策略会返回 HTTP 状态码 200,不附带任何额外内容 | ||
# "reject-img" 策略返回 HTTP 状态码 200,同时附带 1px gif | ||
# "reject-dict" 策略返回 HTTP 状态码 200,同时附带一个空的 JSON 对象. | ||
# "reject-array" 策略返回 HTTP 状态码 200,同时附带一个空的 JSON 数组. | ||
# "request-header" 适用于所有 HTTP header, 你可以在一个正在表达式中匹配多个 header(包括 CRLF) | ||
# 如果 rewrite 操作与 body 相关,Quantumult 会自动处理长度和编码相关的 HTTP header 的字段,无需自行处理。 response-body 和 script-response-body 最大支持的返回体大小为 1024 KB(解压后) | ||
# 如果 body 为空,则不会执行 body 相关 rewrite 操作 | ||
# 当在 rewrite 中使用 javascript 时, 你可以使用这些对象: $request, $response, $notify(title, subtitle, message), console.log(message) 和 Quantumult 所有内置对象(带有前缀"$") | ||
# 支持: $request.scheme, $request.method, $request.url, $request.path, $request.headers, $response.statusCode, $response.headers, $response.body | ||
# $notify(title, subtitle, message) 将会触发 iOS 推送,前提需要在系统中开启 Quantumult 的推送权限 | ||
# $prefs 用来持久化存储: $prefs.valueForKey(key), $prefs.setValueForKey(value, key), $prefs.removeValueForKey(key), $prefs.removeAllValues(). | ||
# console.log(message) 会将输出记录到 Quantumult 的日志文件中,前提需要将 log level 设置为 debug 等级 | ||
# setTimeout(function() { }, interval) 会在指定时间间隔(单位:毫秒)后运行函数 | ||
# 适用于 script-request-header, script-request-body, script-response-header, script-response-body 和 script-echo-response 的脚本应该存储在本地 "我的 iPhone - Quantumult X - Scripts" 或 "iCloud Drive - Quantumult X - Scripts". 脚本内容可以参考 https://github.com/crossutility/Quantumult-X | ||
# | ||
[rewrite_local] | ||
;^http://example\.com/resource1/1/ url reject | ||
;^http://example\.com/resource1/2/ url reject-img | ||
;^http://example\.com/resource1/3/ url reject-200 | ||
;^http://example\.com/resource1/4/ url reject-dict | ||
;^http://example\.com/resource1/5/ url reject-array | ||
;^http://example\.com/resource2/ url 302 http://example.com/new-resource2/ | ||
;^http://example\.com/resource3/ url 307 http://example.com/new-resource3/ | ||
;^http://example\.com/resource4/ url request-header ^GET /resource4/ HTTP/1\.1(\r\n) request-header GET /api/ HTTP/1.1$1 | ||
;^http://example\.com/resource4/ url request-header (\r\n)User-Agent:.+(\r\n) request-header $1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36$2 | ||
;^http://example\.com/resource5/ url request-body "info":\[.+\],"others" request-body "info":[],"others" | ||
;^http://example\.com/resource5/ url response-body "info":\[.+\],"others" response-body "info":[],"others" | ||
;^http://example\.com/resource6/ url script-response-body response-body.js | ||
;^http://example\.com/resource7/ url script-echo-response script-echo.js | ||
;^http://example\.com/resource8/ url script-response-header response-header.js | ||
;^http://example\.com/resource9/ url script-request-header request-header.js | ||
;^http://example\.com/resource10/ url script-request-body request-body.js | ||
|
||
|
||
# | ||
# $task.fetch() 会构造一个 HTTP 请求并处理返回,body 仅支持纯文本。如果你想串行请求,你可以将 $task.fetch() 可以嵌入到另一个 $task.fetch() 的 completionHandler 中 | ||
# 脚本应该存储在本地 "我的 iPhone - Quantumult X - Scripts" 或 "iCloud Drive - Quantumult X - Scripts". 脚本内容可以参考 https://github.com/crossutility/Quantumult-X/blob/master/sample-task.js | ||
# 默认 HTTP 请求过期时间是 10 秒 | ||
# | ||
# 支持 5 段式(命令列除外) cron 定时任务语法 | ||
# | ||
[task_local] | ||
;* * * * * sample-task.js | ||
|
||
|
||
# | ||
# 只有 TLS SNI 或 hostname 中的目的地地址才会被 MitM 处理 | ||
# | ||
# 为安全起见,请妥善保管 CA 密码和 p12 证书,切勿泄露! | ||
# | ||
[mitm] | ||
;passphrase = | ||
;p12 = | ||
;skip_validating_cert = true | ||
;force_sni_domain_name = false | ||
;hostname = *.example.com, *.sample.com, non-existed-domain.com, *.non-connected-domain.com | ||
;simple_cert_hostname = non-existed-domain.com, *.non-connected-domain.com |