Unmaintained, switched to Clash Premium, or Clash.Meta based GUIs like ClashX Pro,
Clash for Windows, ClashDotNetFramework. Clash Premium has built-in support to handle
GFW DNS pollution (which is not seen in Proxifier), RULE-SET, extra proxy
protocols support like Shadowsocks(R), Vmess, Trojan. The only drawback of
Clash I've known is that the Enhanced Mode is based on TUN and it makes traceroute
fail to work.
Rules for proxifier based on lhie1/Rules.
A proxifier is a software program which can make other programs pass through a proxy server by intercepting and modifying their network requests.
Raw files
Warning: "Detect DNS settings automatically" and "Resolve hostnames through proxy" are not designed for handling DNS pollution. Please use a clean DNS.
IrineSistiana/mosdns is recommended if you wanna setup a local stub/forwarding DNS.
mosdns, A very flexible DNS forwarder written in Go
Another setup with "dnsmasq/unbound + chinadns + dnsforwarder/cdns/..." is also popular. But mosdns can support all these features in one app.
Default conf
- proxy:
socks5://127.0.0.1:1080 - Proxy rule as the fallback rule
Optional rules, put at the top for quick switch
- Direct network tool or not? (
nslookup,dig,traceroute,mtr, etc)
Direct rules
- Apple services
- Part of Google domains available in China
- Proxy client applications
- BT client applications
- Common domestic domains
- IRC domains from rahatarmanahmed/irc-networks
- China IP list from 17mon/china_ip_list based on routing tables
Proxy rules
- Foreign IM applications
- Common foreign domains
- Top blocked domains
- Amazon IP
- Facebook IP
- Google IP
- Kakao Talk IP
- Potato Chat IP
- Telegram IP
- Blacklist from gfwlist
Block/Reject rules (Separated)
- Ads domains in video apps
- Huge list of ads domains
- China Railcom
URL related rules are dropped cause Proxifier doesn't support it. Luckily, these rules are used for redirection and ads block only.
Raw files
- Kitsunebi-Android
- Kitsunebi-Android Lite, without ad block
- Mellow
- Mellow Lite
You need to change the proxy conf in the Mellow rule.
Caveats
- Rule syntax for Kitsunebi iOS and Android are different
- only
;is supported as comment mark in Mellow - only
#is supported as comment mark in Kitsunebi-Android - Unsupported rules in Mellow: USER-AGENT
- Unsupported rules in Kitsunebi-Android: Custom Endpoint, PROCESS-NAME, USER-AGENT, maybe IP-CIDR
- Conf in Mellow is case sensitive, but not in Kitsunebi-Android
Edit the source file named proxifier/Proxifier.ppx. Proxifer.ppx under project root
directory is used for release only. Besides, Proxifier.ppx under project root is
compressed to speedup config loading.
- Merge rules from gfwlist
- Use 17mon/china_ip_list instead of the delegated APNIC list
- Diff
*.ppxwithinproxifier/as text, treat released*.ppxas binary -
Merge Jamesits/proxifier-profiles- Proxy client apps ONLY
- All the other app specific rules are useless, since there's huge domain based rules already
- Merge felixonmars/dnsmasq-china-list
- Merged Apple China domains
- Merged Google China domains
- Dropped China site domains cause it's so huge
- Convert REJECT rules as confs for dnsmasq, unbound
- Direct IRC connections cause proxy may close TCP connection after timeout
The DNS resolution feature from Proxifier macOS is not designed for handling DNS pollution. There's performance issue in real use for handling DNS pollution. In case that is causes problem for users, I disabled this feature in the config file.
Please set a clean DNS in your Network Setting.
I used to be a user of Surge 2. I mainly used its Enhanced Mode to proxy all the TCP connections. (UDP is not available until v2.5.3)
The rules from Proxifier seems to be more flexible for me, port nubmer rule is
supported, different kinds of rules could be chained together.
This combination logical is not available in Surge until Surge 3.
Besides, Surge 2 has some serious drawbacks/bugs in the Enhanced Mode:
- Virtual machines need to be configured in bridged mode.
- Many unknown process appearr in the monitor panel.
Another drawback of Surge is that, HTTPS rules could NOT be used for proxy.
| Rules Support | Proxifier | Surge 2 | Surge 3 |
|---|---|---|---|
| Domain | ✅ | ✅ | ✅ |
| Domain Suffix | ✅ | ✅ | ✅ |
| Application/PROCESS-NAME | ✅ | ✅ | ✅ |
| Port | ✅ (dst port) | ❌ | ✅ (in, dst port) |
| Header | ❌ | ✅ | ✅ |
| HTTP(S) Redirect, Reject | ❌ | ✅ | ✅ |
| HTTPS Proxy | ❌ | ❌ | ❌ |
| TCP | ✅ | ✅ | ✅ |
| UDP | ❌ | ✅ (added after v2.5.3) | ✅ |
| Proxy Chain | ✅ | ❌ | ❌ |
| Config Import/RULESET | ❌ | ❌ | ✅ |
| Combination Logical | ✅ | ❌ | ✅ |
| Price | ¥141.55 on lizhi.io | $49.99 for 1 license | $49.99 for 1 license |
| Problems | DNS on macOS | Unknow process, bridged requirement for VM in Enhanced Mode | Not sure the problems from 2 are fixed or not |
- Proxifier Documentation
- lhie1/Rules
- gfwlist
- cokebar/gfwlist2dnsmasq
- 17mon/china_ip_list
- felixonmars/dnsmasq-china-list
- rahatarmanahmed/irc-networks
GNU General Public License v2.0