Mikrotik HAP AX3通过container运行clash透明网关，抛弃旁路由，单机自由上网

xukongyang · 发表于 2023-3-21 10:47

本帖最后由 xukongyang 于 2024-4-26 22:34 编辑

本文操作复杂且小猫咪已经不再维护，请参考最新帖子！！！

https://www.right.com.cn/forum/thread-8371517-1-1.html

RouterOS配置Container容器安装Sing-Box实现单路由器上网

ax3通过container运行clash透明网关，抛弃旁路由，单机自由上网

折腾缘由

最近新买了个mikrotik hap ax3无线路由器，问为什么买就是因为喜欢ros了。

因为想体验完全使用原生ros来上网的感觉，所以这次不想使用旁路由了，否则又要外接个小主机跑openwrt，使用上和观感上都觉得累赘。不像单独使用小主机，装虚拟机跑ros，再装个虚拟机跑openwrt作为旁路由无所谓，因为所有东西都在小主机里面。

但是因为访问外网是刚需，又爱好了使用软路由时电脑和手机只需要接入wifi，无需做任何设置的方便。所以即使在上一篇帖子“ax3通过container安装clash与yacd网页界面”中在ax3的container中装好了clash，通过浏览器中安装的switchyomega能访问外网了，也还是不满意，因为要时不时手动打开或关闭SwitchOmega插件，在AX3或者其他软路由的环境中才能正常访问外网。

所以就折腾了快1个星期，终于基本上解决了这个问题，网络配置上网关和dns正常配置为最常规的192.168.1.1的配置，不需要指定为clash运行的ip地址（例如本文中clash配置的ip地址为192.168.1.6），这样就可以使用原生的ros系统来正常访问国内网站，用clash访问国外网站，同时即使container中运行的clash 出了问题，也不影响正常的国内上网，只对访问外网有影响。

Rb5009配置应该也一样，现在到处都买不到价格正常的全新rb5009，前段时间有点魔怔，一直想买rb5009，然后最近这段时间折腾ax3觉得性能也还不错，能满足满速跑pt（300m下30m上）的同时外网看4k60fps的视频，cpu消耗最多偶尔到30%，还带双频wifi，虽然信号一般，但也不是不能用，呵呵，暂时不在纠结rb5009了，有货价格正常了再看看。：）

运行环境

Ros 7.8stable

Ros 的dns 配置为 192.168.1.1 223.5.5.5

Ros的dhcp server配置为网关192.168.1.1 dns配置为192.168.1.1 和223.5.5.5

Clash安装于192.168.1.6

参考资料及操作

安装配置clash

Clash运行在192.168.1.6中，这里使用的是dreamacro大佬的clash-premium

可参考我的上一篇帖子“ax3通过container安装clash与yacd网页界面”，从下面的网址

https://registry.hub.docker.com/r/dreamacro/clash-premium

在container中安装好clash

2楼贴出的是能正常访问外网的clash配置文件，大家在只需要修改里面的服务器配置即可，编辑修改好config.json后，重启clas待用，执行完下面的配置后就能正常访问外网。

配置使用指定dns解析网址的gfwlist列表

https://github.com/ruijzhan/chnroute 持续更新的中国 IP 地址列表和gfwlist 域名列表

上面的帖子中参考小节

3.1 在RouterOS 中用环境变量指定无污染 DNS 服务器

的内容下载好gfwlist.rsc

Ros中创建个脚本，名字任意，例如set_dns_local

内容为

{

:global dnsserver 192.168.1.6;

}

自行更改为你对应的clash地址，然后运行这个脚本，然后检查是否设置成功，执行

/system/script/environment/print

查看变量是否设置成功。

然后再执行/im file=gfwlist.rsc

将gfw网址列表导入ros

导入的网址在/ip dns static 中查看

这样ros在发现访问的是gfwlist中的地址后会到我们指定的运行在ip地址例如192.168.1.6中的clash去查询对应的真实ip地址，因为我们配置的clash使用的是fake-ip方式运行，返回的其实是个198.18.*.*段的地址，这样就实现了国外地址的分流。

而如果访问的是国内网站，就会通过我们配置的正常的例如223.5.5.5去查询返回正常真实的国内ip地址。

可以使用ping国外或国内网址来查看是否如上所述。

配置国内ip地址

https://www.truenasscale.com/2022/04/23/1011.htmlRouterOS使用IP地址列表分流，分流给旁路由或者virtual**

上面的帖子中下载属于中国的ip地址cnip.rsc

下载好后执行

/imfile=cnip.rsc

将国内ip段导入ros

导入的国内ip地址在 /ip firewall address list 中可以看到。

配置路由表

/routingtable

adddisabled=no fib name=gfw_list

配置地址列表

/ipfirewall address-list

add address=198.18.0.0/16list=fake_ip

addaddress=192.168.1.155 list=dont_proxy

add address=192.168.1.6list=dont_proxy

192.168.1.6是clash的地址，所以不需要代理，需要跳过。

192.168.155是我这里用来跑pt的服务器，所以不需要代理。这里做个演示可以配置需要跳过代理的内网ip地址。

重要的是fake_ip这个地址配置，后面的mangle中需要用到，发现是目标地址是fake_ip地址段的都送到clash的192.168.1.6去代理出去

配置路由标签

/ipfirewall mangle

add action=acceptchain=prerouting src-address-list=dont_proxy

#发现是不需要代理的地址例如是clash的ip地址就通过

add action=mark-routingchain=prerouting dst-address-list=fake_ip dst-address-type="" \

in-interface-list=LANnew-routing-mark=gfw_list passthrough=yes

#发现目标地址是fake_ip的地址，说明是需要代理的地址，标记成gfw_list路由表，准备通过下面配置的路由送到clash所在的192.168.1.6处理，达到访问外网的目的

add action=mark-routingchain=prerouting dst-address-list=!CNIP dst-address-type=!local \

in-interface-list=LANnew-routing-mark=gfw_list passthrough=yes

#上面是发现漏网之鱼的访问，只要是访问非中国区的ip地址，都送往clash进行代理访问

#我对ros的防火墙不太熟悉，这里只是个能使用的配置，优化请有兴趣改进的大佬不吝指点。

addaction=change-mss chain=forward comment="Change MSS"new-mss=clamp-to-pmtu \

passthrough=yes protocol=tcp tcp-flags=syn

addaction=change-mss chain=output comment="Change MSS"new-mss=clamp-to-pmtu \

passthrough=no protocol=tcp tcp-flags=syn

配置路由处理

/ip route

add check-gateway=pingdisabled=no distance=1 dst-address=198.18.0.1/16 gateway=\

192.168.1.6 pref-src=""routing-table=gfw_list scope=30 suppress-hw-offload=no \

target-scope=10

重要，将上面mangle通过访问fake_ip段的已经标记routing-table=gfw_list的访问重新送往clash，clash发现目标地址是fake_ip段，在内部进行处理，使用代理服务器进行连接，达到上外网的目的。

特别注意，特别注意，特别注意，

上面这条命令中将新建的路由的distance（优先级）配置为1

需要将你原来的上外网的接口的优先级配置为2，

例如我是通过拨号上网的，则在 interface中，双击pppoe-out1，点击dial out，将里面的default route distance修改为2

使用其他连接上网的操作类似。

防火墙优化

https://www.shawnleetttt.cyou/posts/71e7c44b/ RouterOS+旁路由IP地址列表分流

参考其中的

修改 ROS 默认防火墙

打开 IP > Firewall > FilterRules
找到 action=drop chain=forward comment=“drop invalid” connection-state=invalid 这一条,双击打开,将 General 下的 In. Interface List 改为 !LAN 防止防火墙将加密过后的流量标记为 invalid 而造成 TCP 流量握手缓慢

这条 防止防火墙将加密过后的流量标记为 invalid 而造成 TCP 流量握手缓慢 似乎是有用的，我最初刚刚成功的时候，能访问外网，但是打开页面非常慢，7,8秒钟才能打开外网网页，后面不知道是clash的配置做好了，还是这条配置有用，估计是clash的配置做好了，这条可能是锦上添花，后面继续测试吧。

修改 Fasttrack 相关

打开IP > Firewall > FilterRules
打开 fasttrack connection ,将 General 下的 In. Interface List 改为 PPPoE 端口名称防止 Fasttrack 与 Mangle 冲突

我这里是将ax3的fasttrack中对应的这条更改成pppoe-out1

遗留问题

Tele使用问题

因为我们这里使用了clash的fake_ip机制通过域名代理来访问外网，对tele这种直接使用ip访问外网的的app就代理不了了。

https://blog.lv5.moe/p/use-dns-to-create-split-routing-for-different-domain-or-ip-ranges

巧用 DNS 实现国内外域名 ip 分流上网中

为直接使用 IP 的 APP 设置路由这一节给出了个解决方案

直接使用 ip 的软件没有经过 DNS 自然就无法获取到Clash 的 fake-ip，对于这种情况需要在主路由上添加静态路由将这些软件使用的 ip 的下一跳路由改为 Clash 的 fake-ip

目前我只发现 Tele 存在这种情况，需要添加的路由如下：

# 192.18.1.254 是 fake-ip，可以从 fake-ip-range 中随便选择一个route add -net 91.108.4.0/22 gw 192.18.1.254route add -net 91.108.8.0/22 gw 192.18.1.254route add -net 91.108.12.0/22 gw 192.18.1.254route add -net 91.108.16.0/22 gw 192.18.1.254route add -net 91.108.56.0/22 gw 192.18.1.254route add -net 149.154.160.0/20 gw 192.18.1.254

但我对ros还不太熟，不知道上面这个操作怎么完成，在mangle中使用prerouting的action配置为route来没有实现。希望有大佬能够指点下。

看网上资料说clash的tun配置中配置auto_route为true能解决这个问题，但是因为ros的container不完善还是不标准，配置这个参数后启动输出一条警告，说参数错误，估计是ros的container没有privilge特权模式造成的。

好了，做到这里，ax3已经能够单独流畅透明的访问外网了，不需要在配置一台小主机来作为旁路由啥的，当然如果有需要，也是可以装个小主机openwrt来配合ax3更好的上网的，看个人需要了。

xukongyang · 发表于 2023-3-21 10:48

本帖最后由 xukongyang 于 2023-3-30 20:41 编辑

这是clash的config.yaml配置文件的全部内容

只需修改那2行标红的配置服务器的就行，正常运行后再按需自行修改

- 'DOMAIN-SUFFIX,dianbao.org,11f-server'

上面这行是被屏蔽的，自己将dianbao替换成tele开头的英文完整单词然后添加

mixed-port: 1080
redir-port: 1082
allow-lan: true
bind-address: '*'
mode: rule
log-level: info
external-controller: '0.0.0.0:9090'
dns:
enable: true
ipv6: false
listen: :53
enhanced-mode: fake-ip
fake-ip-range: 198.18.0.1/16
use-hosts: true
default-nameserver:
   - 223.5.5.5
   - 119.29.29.29
nameserver:
   - 'tls://1.1.1.1:853'
   - 'tcp://1.1.1.1:53'
fallback:
   - 'tls://1.1.1.1:853'
   - 'tcp://1.1.1.1:53'
fallback-filter:
geoip: true
ipcidr:
   - 240.0.0.0/4
   - 127.0.0.1/8
   - 0.0.0.0/32
#interface-name: eth0
tun:
  enable: true
  stack: system
  auto-route: true
  #dns-hijack:
  #  - 223.5.5.5:53
  #  - tcp://223.5.5.5:53
#auto-redir:
#  enable: true
#  auto-route: true
proxies:
- { name: 'ss-11f-1-56638 | 11f', type: ss, server: 服务器地址, port: 56638, cipher: xchacha20-ietf-poly1305, password: 密码, udp: true }
- { name: 'tx-162-56618 | tx', type: ss, server: 服务器地址, port: 56618, cipher: xchacha20-ietf-poly1305, password: 密码, udp: true }
proxy-groups:
- { name: 11f-server, type: select, proxies: [auto-select, error-select, 'ss-11f-1-56638 | 11f', 'tx-162-56618 | tx', ] }
- { name: auto-select, type: url-test, proxies: ['ss-11f-1-56638 | 11f', 'tx-162-56618 | tx', ], url: 'http://www.gstatic.com/generate_204', interval: 86400 }
- { name: error-select, type: fallback, proxies: ['ss-11f-1-56638 | 11f', 'tx-162-56618 | tx'], url: 'http://www.gstatic.com/generate_204', interval: 7200 }
rules:
- 'DOMAIN,xn--4gq62f52gdss.com,DIRECT'
- 'DOMAIN-SUFFIX,services.googleapis.cn,11f-server'
- 'DOMAIN-SUFFIX,xn--ngstr-lra8j.com,11f-server'
- 'DOMAIN,safebrowsing.urlsec.qq.com,DIRECT'
- 'DOMAIN,safebrowsing.googleapis.com,DIRECT'
- 'DOMAIN,developer.apple.com,11f-server'
- 'DOMAIN-SUFFIX,digicert.com,11f-server'
- 'DOMAIN,ocsp.apple.com,11f-server'
- 'DOMAIN,ocsp.comodoca.com,11f-server'
- 'DOMAIN,ocsp.usertrust.com,11f-server'
- 'DOMAIN,ocsp.sectigo.com,11f-server'
- 'DOMAIN,ocsp.verisign.net,11f-server'
- 'DOMAIN-SUFFIX,apple-dns.net,11f-server'
- 'DOMAIN,testflight.apple.com,11f-server'
- 'DOMAIN,sandbox.itunes.apple.com,11f-server'
- 'DOMAIN,itunes.apple.com,11f-server'
- 'DOMAIN-SUFFIX,apps.apple.com,11f-server'
- 'DOMAIN-SUFFIX,blobstore.apple.com,11f-server'
- 'DOMAIN,cvws.icloud-content.com,11f-server'
- 'DOMAIN-SUFFIX,mzstatic.com,DIRECT'
- 'DOMAIN-SUFFIX,itunes.apple.com,DIRECT'
- 'DOMAIN-SUFFIX,icloud.com,DIRECT'
- 'DOMAIN-SUFFIX,icloud-content.com,DIRECT'
- 'DOMAIN-SUFFIX,me.com,DIRECT'
- 'DOMAIN-SUFFIX,aaplimg.com,DIRECT'
- 'DOMAIN-SUFFIX,cdn20.com,DIRECT'
- 'DOMAIN-SUFFIX,cdn-apple.com,DIRECT'
- 'DOMAIN-SUFFIX,akadns.net,DIRECT'
- 'DOMAIN-SUFFIX,akamaiedge.net,DIRECT'
- 'DOMAIN-SUFFIX,edgekey.net,DIRECT'
- 'DOMAIN-SUFFIX,mwcloudcdn.com,DIRECT'
- 'DOMAIN-SUFFIX,mwcname.com,DIRECT'
- 'DOMAIN-SUFFIX,apple.com,DIRECT'
- 'DOMAIN-SUFFIX,apple-cloudkit.com,DIRECT'
- 'DOMAIN-SUFFIX,apple-mapkit.com,DIRECT'
- 'DOMAIN-SUFFIX,126.com,DIRECT'
- 'DOMAIN-SUFFIX,126.net,DIRECT'
- 'DOMAIN-SUFFIX,127.net,DIRECT'
- 'DOMAIN-SUFFIX,163.com,DIRECT'
- 'DOMAIN-SUFFIX,360buyimg.com,DIRECT'
- 'DOMAIN-SUFFIX,36kr.com,DIRECT'
- 'DOMAIN-SUFFIX,acfun.tv,DIRECT'
- 'DOMAIN-SUFFIX,air-matters.com,DIRECT'
- 'DOMAIN-SUFFIX,aixifan.com,DIRECT'
- 'DOMAIN-KEYWORD,alicdn,DIRECT'
- 'DOMAIN-KEYWORD,alipay,DIRECT'
- 'DOMAIN-KEYWORD,taobao,DIRECT'
- 'DOMAIN-SUFFIX,amap.com,DIRECT'
- 'DOMAIN-SUFFIX,autonavi.com,DIRECT'
- 'DOMAIN-KEYWORD,baidu,DIRECT'
- 'DOMAIN-SUFFIX,bdimg.com,DIRECT'
- 'DOMAIN-SUFFIX,bdstatic.com,DIRECT'
- 'DOMAIN-SUFFIX,bilibili.com,DIRECT'
- 'DOMAIN-SUFFIX,bilivideo.com,DIRECT'
- 'DOMAIN-SUFFIX,caiyunapp.com,DIRECT'
- 'DOMAIN-SUFFIX,clouddn.com,DIRECT'
- 'DOMAIN-SUFFIX,cnbeta.com,DIRECT'
- 'DOMAIN-SUFFIX,cnbetacdn.com,DIRECT'
- 'DOMAIN-SUFFIX,cootekservice.com,DIRECT'
- 'DOMAIN-SUFFIX,csdn.net,DIRECT'
- 'DOMAIN-SUFFIX,ctrip.com,DIRECT'
- 'DOMAIN-SUFFIX,dgtle.com,DIRECT'
- 'DOMAIN-SUFFIX,dianping.com,DIRECT'
- 'DOMAIN-SUFFIX,douban.com,DIRECT'
- 'DOMAIN-SUFFIX,doubanio.com,DIRECT'
- 'DOMAIN-SUFFIX,duokan.com,DIRECT'
- 'DOMAIN-SUFFIX,easou.com,DIRECT'
- 'DOMAIN-SUFFIX,ele.me,DIRECT'
- 'DOMAIN-SUFFIX,feng.com,DIRECT'
- 'DOMAIN-SUFFIX,fir.im,DIRECT'
- 'DOMAIN-SUFFIX,frdic.com,DIRECT'
- 'DOMAIN-SUFFIX,g-cores.com,DIRECT'
- 'DOMAIN-SUFFIX,godic.net,DIRECT'
- 'DOMAIN-SUFFIX,gtimg.com,DIRECT'
- 'DOMAIN,cdn.hockeyapp.net,DIRECT'
- 'DOMAIN-SUFFIX,hongxiu.com,DIRECT'
- 'DOMAIN-SUFFIX,hxcdn.net,DIRECT'
- 'DOMAIN-SUFFIX,iciba.com,DIRECT'
- 'DOMAIN-SUFFIX,ifeng.com,DIRECT'
- 'DOMAIN-SUFFIX,ifengimg.com,DIRECT'
- 'DOMAIN-SUFFIX,ipip.net,DIRECT'
- 'DOMAIN-SUFFIX,iqiyi.com,DIRECT'
- 'DOMAIN-SUFFIX,jd.com,DIRECT'
- 'DOMAIN-SUFFIX,jianshu.com,DIRECT'
- 'DOMAIN-SUFFIX,knewone.com,DIRECT'
- 'DOMAIN-SUFFIX,le.com,DIRECT'
- 'DOMAIN-SUFFIX,lecloud.com,DIRECT'
- 'DOMAIN-SUFFIX,lemicp.com,DIRECT'
- 'DOMAIN-SUFFIX,licdn.com,DIRECT'
- 'DOMAIN-SUFFIX,luoo.net,DIRECT'
- 'DOMAIN-SUFFIX,meituan.com,DIRECT'
- 'DOMAIN-SUFFIX,meituan.net,DIRECT'
- 'DOMAIN-SUFFIX,mi.com,DIRECT'
- 'DOMAIN-SUFFIX,miaopai.com,DIRECT'
- 'DOMAIN-SUFFIX,microsoft.com,DIRECT'
- 'DOMAIN-SUFFIX,microsoftonline.com,DIRECT'
- 'DOMAIN-SUFFIX,miui.com,DIRECT'
- 'DOMAIN-SUFFIX,miwifi.com,DIRECT'
- 'DOMAIN-SUFFIX,mob.com,DIRECT'
- 'DOMAIN-SUFFIX,netease.com,DIRECT'
- 'DOMAIN-SUFFIX,office.com,DIRECT'
- 'DOMAIN-SUFFIX,office365.com,DIRECT'
- 'DOMAIN-KEYWORD,officecdn,DIRECT'
- 'DOMAIN-SUFFIX,oschina.net,DIRECT'
- 'DOMAIN-SUFFIX,ppsimg.com,DIRECT'
- 'DOMAIN-SUFFIX,pstatp.com,DIRECT'
- 'DOMAIN-SUFFIX,qcloud.com,DIRECT'
- 'DOMAIN-SUFFIX,qdaily.com,DIRECT'
- 'DOMAIN-SUFFIX,qdmm.com,DIRECT'
- 'DOMAIN-SUFFIX,qhimg.com,DIRECT'
- 'DOMAIN-SUFFIX,qhres.com,DIRECT'
- 'DOMAIN-SUFFIX,qidian.com,DIRECT'
- 'DOMAIN-SUFFIX,qihucdn.com,DIRECT'
- 'DOMAIN-SUFFIX,qiniu.com,DIRECT'
- 'DOMAIN-SUFFIX,qiniucdn.com,DIRECT'
- 'DOMAIN-SUFFIX,qiyipic.com,DIRECT'
- 'DOMAIN-SUFFIX,qq.com,DIRECT'
- 'DOMAIN-SUFFIX,qqurl.com,DIRECT'
- 'DOMAIN-SUFFIX,rarbg.to,DIRECT'
- 'DOMAIN-SUFFIX,ruguoapp.com,DIRECT'
- 'DOMAIN-SUFFIX,segmentfault.com,DIRECT'
- 'DOMAIN-SUFFIX,sinaapp.com,DIRECT'
- 'DOMAIN-SUFFIX,smzdm.com,DIRECT'
- 'DOMAIN-SUFFIX,snapdrop.net,DIRECT'
- 'DOMAIN-SUFFIX,sogou.com,DIRECT'
- 'DOMAIN-SUFFIX,sogoucdn.com,DIRECT'
- 'DOMAIN-SUFFIX,sohu.com,DIRECT'
- 'DOMAIN-SUFFIX,soku.com,DIRECT'
- 'DOMAIN-SUFFIX,speedtest.net,DIRECT'
- 'DOMAIN-SUFFIX,sspai.com,DIRECT'
- 'DOMAIN-SUFFIX,suning.com,DIRECT'
- 'DOMAIN-SUFFIX,taobao.com,DIRECT'
- 'DOMAIN-SUFFIX,tencent.com,DIRECT'
- 'DOMAIN-SUFFIX,tenpay.com,DIRECT'
- 'DOMAIN-SUFFIX,tianyancha.com,DIRECT'
- 'DOMAIN-SUFFIX,tmall.com,DIRECT'
- 'DOMAIN-SUFFIX,tudou.com,DIRECT'
- 'DOMAIN-SUFFIX,umetrip.com,DIRECT'
- 'DOMAIN-SUFFIX,upaiyun.com,DIRECT'
- 'DOMAIN-SUFFIX,upyun.com,DIRECT'
- 'DOMAIN-SUFFIX,veryzhun.com,DIRECT'
- 'DOMAIN-SUFFIX,weather.com,DIRECT'
- 'DOMAIN-SUFFIX,weibo.com,DIRECT'
- 'DOMAIN-SUFFIX,xiami.com,DIRECT'
- 'DOMAIN-SUFFIX,xiami.net,DIRECT'
- 'DOMAIN-SUFFIX,xiaomicp.com,DIRECT'
- 'DOMAIN-SUFFIX,ximalaya.com,DIRECT'
- 'DOMAIN-SUFFIX,xmcdn.com,DIRECT'
- 'DOMAIN-SUFFIX,xunlei.com,DIRECT'
- 'DOMAIN-SUFFIX,yhd.com,DIRECT'
- 'DOMAIN-SUFFIX,yihaodianimg.com,DIRECT'
- 'DOMAIN-SUFFIX,yinxiang.com,DIRECT'
- 'DOMAIN-SUFFIX,ykimg.com,DIRECT'
- 'DOMAIN-SUFFIX,youdao.com,DIRECT'
- 'DOMAIN-SUFFIX,youku.com,DIRECT'
- 'DOMAIN-SUFFIX,zealer.com,DIRECT'
- 'DOMAIN-SUFFIX,zhihu.com,DIRECT'
- 'DOMAIN-SUFFIX,zhimg.com,DIRECT'
- 'DOMAIN-SUFFIX,zimuzu.tv,DIRECT'
- 'DOMAIN-SUFFIX,zoho.com,DIRECT'
- 'DOMAIN-KEYWORD,amazon,11f-server'
- 'DOMAIN-KEYWORD,google,11f-server'
- 'DOMAIN-KEYWORD,gmail,11f-server'
- 'DOMAIN-KEYWORD,youtube,11f-server'
- 'DOMAIN-KEYWORD,facebook,11f-server'
- 'DOMAIN-SUFFIX,fb.me,11f-server'
- 'DOMAIN-SUFFIX,fbcdn.net,11f-server'
- 'DOMAIN-KEYWORD,twitter,11f-server'
- 'DOMAIN-KEYWORD,instagram,11f-server'
- 'DOMAIN-KEYWORD,dropbox,11f-server'
- 'DOMAIN-SUFFIX,twimg.com,11f-server'
- 'DOMAIN-KEYWORD,blogspot,11f-server'
- 'DOMAIN-SUFFIX,youtu.be,11f-server'
- 'DOMAIN-KEYWORD,whatsapp,11f-server'
- 'DOMAIN-KEYWORD,admarvel,REJECT'
- 'DOMAIN-KEYWORD,admaster,REJECT'
- 'DOMAIN-KEYWORD,adsage,REJECT'
- 'DOMAIN-KEYWORD,adsmogo,REJECT'
- 'DOMAIN-KEYWORD,adsrvmedia,REJECT'
- 'DOMAIN-KEYWORD,adwords,REJECT'
- 'DOMAIN-KEYWORD,adservice,REJECT'
- 'DOMAIN-SUFFIX,appsflyer.com,REJECT'
- 'DOMAIN-KEYWORD,domob,REJECT'
- 'DOMAIN-SUFFIX,doubleclick.net,REJECT'
- 'DOMAIN-KEYWORD,duomeng,REJECT'
- 'DOMAIN-KEYWORD,dwtrack,REJECT'
- 'DOMAIN-KEYWORD,guanggao,REJECT'
- 'DOMAIN-KEYWORD,lianmeng,REJECT'
- 'DOMAIN-SUFFIX,mmstat.com,REJECT'
- 'DOMAIN-KEYWORD,mopub,REJECT'
- 'DOMAIN-KEYWORD,omgmta,REJECT'
- 'DOMAIN-KEYWORD,openx,REJECT'
- 'DOMAIN-KEYWORD,partnerad,REJECT'
- 'DOMAIN-KEYWORD,pingfore,REJECT'
- 'DOMAIN-KEYWORD,supersonicads,REJECT'
- 'DOMAIN-KEYWORD,uedas,REJECT'
- 'DOMAIN-KEYWORD,umeng,REJECT'
- 'DOMAIN-KEYWORD,usage,REJECT'
- 'DOMAIN-SUFFIX,vungle.com,REJECT'
- 'DOMAIN-KEYWORD,wlmonitor,REJECT'
- 'DOMAIN-KEYWORD,zjtoolbar,REJECT'
- 'DOMAIN-SUFFIX,9to5mac.com,11f-server'
- 'DOMAIN-SUFFIX,abpchina.org,11f-server'
- 'DOMAIN-SUFFIX,adblockplus.org,11f-server'
- 'DOMAIN-SUFFIX,adobe.com,11f-server'
- 'DOMAIN-SUFFIX,akamaized.net,11f-server'
- 'DOMAIN-SUFFIX,alfredapp.com,11f-server'
- 'DOMAIN-SUFFIX,amplitude.com,11f-server'
- 'DOMAIN-SUFFIX,ampproject.org,11f-server'
- 'DOMAIN-SUFFIX,android.com,11f-server'
- 'DOMAIN-SUFFIX,angularjs.org,11f-server'
- 'DOMAIN-SUFFIX,aolcdn.com,11f-server'
- 'DOMAIN-SUFFIX,apkpure.com,11f-server'
- 'DOMAIN-SUFFIX,appledaily.com,11f-server'
- 'DOMAIN-SUFFIX,appshopper.com,11f-server'
- 'DOMAIN-SUFFIX,appspot.com,11f-server'
- 'DOMAIN-SUFFIX,arcgis.com,11f-server'
- 'DOMAIN-SUFFIX,archive.org,11f-server'
- 'DOMAIN-SUFFIX,armorgames.com,11f-server'
- 'DOMAIN-SUFFIX,aspnetcdn.com,11f-server'
- 'DOMAIN-SUFFIX,att.com,11f-server'
- 'DOMAIN-SUFFIX,awsstatic.com,11f-server'
- 'DOMAIN-SUFFIX,azureedge.net,11f-server'
- 'DOMAIN-SUFFIX,azurewebsites.net,11f-server'
- 'DOMAIN-SUFFIX,bing.com,11f-server'
- 'DOMAIN-SUFFIX,bintray.com,11f-server'
- 'DOMAIN-SUFFIX,bit.com,11f-server'
- 'DOMAIN-SUFFIX,bit.ly,11f-server'
- 'DOMAIN-SUFFIX,bitbucket.org,11f-server'
- 'DOMAIN-SUFFIX,bjango.com,11f-server'
- 'DOMAIN-SUFFIX,bkrtx.com,11f-server'
- 'DOMAIN-SUFFIX,blog.com,11f-server'
- 'DOMAIN-SUFFIX,blogcdn.com,11f-server'
- 'DOMAIN-SUFFIX,blogger.com,11f-server'
- 'DOMAIN-SUFFIX,blogsmithmedia.com,11f-server'
- 'DOMAIN-SUFFIX,blogspot.com,11f-server'
- 'DOMAIN-SUFFIX,blogspot.hk,11f-server'
- 'DOMAIN-SUFFIX,bloomberg.com,11f-server'
- 'DOMAIN-SUFFIX,box.com,11f-server'
- 'DOMAIN-SUFFIX,box.net,11f-server'
- 'DOMAIN-SUFFIX,cachefly.net,11f-server'
- 'DOMAIN-SUFFIX,chromium.org,11f-server'
- 'DOMAIN-SUFFIX,cl.ly,11f-server'
- 'DOMAIN-SUFFIX,cloudflare.com,11f-server'
- 'DOMAIN-SUFFIX,cloudfront.net,11f-server'
- 'DOMAIN-SUFFIX,cloudmagic.com,11f-server'
- 'DOMAIN-SUFFIX,cmail19.com,11f-server'
- 'DOMAIN-SUFFIX,cnet.com,11f-server'
- 'DOMAIN-SUFFIX,cocoapods.org,11f-server'
- 'DOMAIN-SUFFIX,comodoca.com,11f-server'
- 'DOMAIN-SUFFIX,crashlytics.com,11f-server'
- 'DOMAIN-SUFFIX,culturedcode.com,11f-server'
- 'DOMAIN-SUFFIX,d.pr,11f-server'
- 'DOMAIN-SUFFIX,danilo.to,11f-server'
- 'DOMAIN-SUFFIX,dayone.me,11f-server'
- 'DOMAIN-SUFFIX,db.tt,11f-server'
- 'DOMAIN-SUFFIX,deskconnect.com,11f-server'
- 'DOMAIN-SUFFIX,disq.us,11f-server'
- 'DOMAIN-SUFFIX,disqus.com,11f-server'
- 'DOMAIN-SUFFIX,disquscdn.com,11f-server'
- 'DOMAIN-SUFFIX,dnsimple.com,11f-server'
- 'DOMAIN-SUFFIX,docker.com,11f-server'
- 'DOMAIN-SUFFIX,dribbble.com,11f-server'
- 'DOMAIN-SUFFIX,droplr.com,11f-server'
- 'DOMAIN-SUFFIX,duckduckgo.com,11f-server'
- 'DOMAIN-SUFFIX,dueapp.com,11f-server'
- 'DOMAIN-SUFFIX,dytt8.net,11f-server'
- 'DOMAIN-SUFFIX,edgecastcdn.net,11f-server'
- 'DOMAIN-SUFFIX,edgekey.net,11f-server'
- 'DOMAIN-SUFFIX,edgesuite.net,11f-server'
- 'DOMAIN-SUFFIX,engadget.com,11f-server'
- 'DOMAIN-SUFFIX,entrust.net,11f-server'
- 'DOMAIN-SUFFIX,eurekavpt.com,11f-server'
- 'DOMAIN-SUFFIX,evernote.com,11f-server'
- 'DOMAIN-SUFFIX,fabric.io,11f-server'
- 'DOMAIN-SUFFIX,fast.com,11f-server'
- 'DOMAIN-SUFFIX,fastly.net,11f-server'
- 'DOMAIN-SUFFIX,fc2.com,11f-server'
- 'DOMAIN-SUFFIX,feedburner.com,11f-server'
- 'DOMAIN-SUFFIX,feedly.com,11f-server'
- 'DOMAIN-SUFFIX,feedsportal.com,11f-server'
- 'DOMAIN-SUFFIX,fiftythree.com,11f-server'
- 'DOMAIN-SUFFIX,firebaseio.com,11f-server'
- 'DOMAIN-SUFFIX,flexibits.com,11f-server'
- 'DOMAIN-SUFFIX,flickr.com,11f-server'
- 'DOMAIN-SUFFIX,flipboard.com,11f-server'
- 'DOMAIN-SUFFIX,g.co,11f-server'
- 'DOMAIN-SUFFIX,gabia.net,11f-server'
- 'DOMAIN-SUFFIX,geni.us,11f-server'
- 'DOMAIN-SUFFIX,gfx.ms,11f-server'
- 'DOMAIN-SUFFIX,ggpht.com,11f-server'
- 'DOMAIN-SUFFIX,ghostnoteapp.com,11f-server'
- 'DOMAIN-SUFFIX,git.io,11f-server'
- 'DOMAIN-KEYWORD,github,11f-server'
- 'DOMAIN-SUFFIX,globalsign.com,11f-server'
- 'DOMAIN-SUFFIX,gmodules.com,11f-server'
- 'DOMAIN-SUFFIX,godaddy.com,11f-server'
- 'DOMAIN-SUFFIX,golang.org,11f-server'
- 'DOMAIN-SUFFIX,gongm.in,11f-server'
- 'DOMAIN-SUFFIX,goo.gl,11f-server'
- 'DOMAIN-SUFFIX,goodreaders.com,11f-server'
- 'DOMAIN-SUFFIX,goodreads.com,11f-server'
- 'DOMAIN-SUFFIX,gravatar.com,11f-server'
- 'DOMAIN-SUFFIX,gstatic.com,11f-server'
- 'DOMAIN-SUFFIX,gvt0.com,11f-server'
- 'DOMAIN-SUFFIX,hockeyapp.net,11f-server'
- 'DOMAIN-SUFFIX,hotmail.com,11f-server'
- 'DOMAIN-SUFFIX,icons8.com,11f-server'
- 'DOMAIN-SUFFIX,ifixit.com,11f-server'
- 'DOMAIN-SUFFIX,ift.tt,11f-server'
- 'DOMAIN-SUFFIX,ifttt.com,11f-server'
- 'DOMAIN-SUFFIX,iherb.com,11f-server'
- 'DOMAIN-SUFFIX,imageshack.us,11f-server'
- 'DOMAIN-SUFFIX,img.ly,11f-server'
- 'DOMAIN-SUFFIX,imgur.com,11f-server'
- 'DOMAIN-SUFFIX,imore.com,11f-server'
- 'DOMAIN-SUFFIX,instapaper.com,11f-server'
- 'DOMAIN-SUFFIX,ipn.li,11f-server'
- 'DOMAIN-SUFFIX,is.gd,11f-server'
- 'DOMAIN-SUFFIX,issuu.com,11f-server'
- 'DOMAIN-SUFFIX,itgonglun.com,11f-server'
- 'DOMAIN-SUFFIX,itun.es,11f-server'
- 'DOMAIN-SUFFIX,ixquick.com,11f-server'
- 'DOMAIN-SUFFIX,j.mp,11f-server'
- 'DOMAIN-SUFFIX,js.revsci.net,11f-server'
- 'DOMAIN-SUFFIX,jshint.com,11f-server'
- 'DOMAIN-SUFFIX,jtvnw.net,11f-server'
- 'DOMAIN-SUFFIX,justgetflux.com,11f-server'
- 'DOMAIN-SUFFIX,kat.cr,11f-server'
- 'DOMAIN-SUFFIX,klip.me,11f-server'
- 'DOMAIN-SUFFIX,libsyn.com,11f-server'
- 'DOMAIN-SUFFIX,linkedin.com,11f-server'
- 'DOMAIN-SUFFIX,line-apps.com,11f-server'
- 'DOMAIN-SUFFIX,linode.com,11f-server'
- 'DOMAIN-SUFFIX,lithium.com,11f-server'
- 'DOMAIN-SUFFIX,littlehj.com,11f-server'
- 'DOMAIN-SUFFIX,live.com,11f-server'
- 'DOMAIN-SUFFIX,live.net,11f-server'
- 'DOMAIN-SUFFIX,livefilestore.com,11f-server'
- 'DOMAIN-SUFFIX,llnwd.net,11f-server'
- 'DOMAIN-SUFFIX,macid.co,11f-server'
- 'DOMAIN-SUFFIX,macromedia.com,11f-server'
- 'DOMAIN-SUFFIX,macrumors.com,11f-server'
- 'DOMAIN-SUFFIX,mashable.com,11f-server'
- 'DOMAIN-SUFFIX,mathjax.org,11f-server'
- 'DOMAIN-SUFFIX,medium.com,11f-server'
- 'DOMAIN-SUFFIX,mega.co.nz,11f-server'
- 'DOMAIN-SUFFIX,mega.nz,11f-server'
- 'DOMAIN-SUFFIX,megaupload.com,11f-server'
- 'DOMAIN-SUFFIX,microsofttranslator.com,11f-server'
- 'DOMAIN-SUFFIX,mindnode.com,11f-server'
- 'DOMAIN-SUFFIX,mobile01.com,11f-server'
- 'DOMAIN-SUFFIX,modmyi.com,11f-server'
- 'DOMAIN-SUFFIX,msedge.net,11f-server'
- 'DOMAIN-SUFFIX,myfontastic.com,11f-server'
- 'DOMAIN-SUFFIX,name.com,11f-server'
- 'DOMAIN-SUFFIX,nextmedia.com,11f-server'
- 'DOMAIN-SUFFIX,nsstatic.net,11f-server'
- 'DOMAIN-SUFFIX,nssurge.com,11f-server'
- 'DOMAIN-SUFFIX,nyt.com,11f-server'
- 'DOMAIN-SUFFIX,nytimes.com,11f-server'
- 'DOMAIN-SUFFIX,omnigroup.com,11f-server'
- 'DOMAIN-SUFFIX,onedrive.com,11f-server'
- 'DOMAIN-SUFFIX,onenote.com,11f-server'
- 'DOMAIN-SUFFIX,ooyala.com,11f-server'
- 'DOMAIN-SUFFIX,openvirtual**.net,11f-server'
- 'DOMAIN-SUFFIX,openwrt.org,11f-server'
- 'DOMAIN-SUFFIX,orkut.com,11f-server'
- 'DOMAIN-SUFFIX,osxdaily.com,11f-server'
- 'DOMAIN-SUFFIX,outlook.com,11f-server'
- 'DOMAIN-SUFFIX,ow.ly,11f-server'
- 'DOMAIN-SUFFIX,paddleapi.com,11f-server'
- 'DOMAIN-SUFFIX,parallels.com,11f-server'
- 'DOMAIN-SUFFIX,parse.com,11f-server'
- 'DOMAIN-SUFFIX,pdfexpert.com,11f-server'
- 'DOMAIN-SUFFIX,periscope.tv,11f-server'
- 'DOMAIN-SUFFIX,pinboard.in,11f-server'
- 'DOMAIN-SUFFIX,pinterest.com,11f-server'
- 'DOMAIN-SUFFIX,pixelmator.com,11f-server'
- 'DOMAIN-SUFFIX,pixiv.net,11f-server'
- 'DOMAIN-SUFFIX,playpcesor.com,11f-server'
- 'DOMAIN-SUFFIX,playstation.com,11f-server'
- 'DOMAIN-SUFFIX,playstation.com.hk,11f-server'
- 'DOMAIN-SUFFIX,playstation.net,11f-server'
- 'DOMAIN-SUFFIX,playstationnetwork.com,11f-server'
- 'DOMAIN-SUFFIX,pushwoosh.com,11f-server'
- 'DOMAIN-SUFFIX,rime.im,11f-server'
- 'DOMAIN-SUFFIX,servebom.com,11f-server'
- 'DOMAIN-SUFFIX,sfx.ms,11f-server'
- 'DOMAIN-SUFFIX,“师夷长技以制夷”.org,11f-server'
- 'DOMAIN-SUFFIX,sharethis.com,11f-server'
- 'DOMAIN-SUFFIX,shazam.com,11f-server'
- 'DOMAIN-SUFFIX,skype.com,11f-server'
- 'DOMAIN-SUFFIX,smartdns11f-server.com,11f-server'
- 'DOMAIN-SUFFIX,smartmailcloud.com,11f-server'
- 'DOMAIN-SUFFIX,sndcdn.com,11f-server'
- 'DOMAIN-SUFFIX,sony.com,11f-server'
- 'DOMAIN-SUFFIX,soundcloud.com,11f-server'
- 'DOMAIN-SUFFIX,sourceforge.net,11f-server'
- 'DOMAIN-SUFFIX,spotify.com,11f-server'
- 'DOMAIN-SUFFIX,squarespace.com,11f-server'
- 'DOMAIN-SUFFIX,sstatic.net,11f-server'
- 'DOMAIN-SUFFIX,st.luluku.pw,11f-server'
- 'DOMAIN-SUFFIX,stackoverflow.com,11f-server'
- 'DOMAIN-SUFFIX,startpage.com,11f-server'
- 'DOMAIN-SUFFIX,staticflickr.com,11f-server'
- 'DOMAIN-SUFFIX,steamcommunity.com,11f-server'
- 'DOMAIN-SUFFIX,symauth.com,11f-server'
- 'DOMAIN-SUFFIX,symcb.com,11f-server'
- 'DOMAIN-SUFFIX,symcd.com,11f-server'
- 'DOMAIN-SUFFIX,tapbots.com,11f-server'
- 'DOMAIN-SUFFIX,tapbots.net,11f-server'
- 'DOMAIN-SUFFIX,tdesktop.com,11f-server'
- 'DOMAIN-SUFFIX,techcrunch.com,11f-server'
- 'DOMAIN-SUFFIX,techsmith.com,11f-server'
- 'DOMAIN-SUFFIX,thepiratebay.org,11f-server'
- 'DOMAIN-SUFFIX,theverge.com,11f-server'
- 'DOMAIN-SUFFIX,time.com,11f-server'
- 'DOMAIN-SUFFIX,timeinc.net,11f-server'
- 'DOMAIN-SUFFIX,tiny.cc,11f-server'
- 'DOMAIN-SUFFIX,tinypic.com,11f-server'
- 'DOMAIN-SUFFIX,tmblr.co,11f-server'
- 'DOMAIN-SUFFIX,todoist.com,11f-server'
- 'DOMAIN-SUFFIX,trello.com,11f-server'
- 'DOMAIN-SUFFIX,trustasiassl.com,11f-server'
- 'DOMAIN-SUFFIX,tumblr.co,11f-server'
- 'DOMAIN-SUFFIX,tumblr.com,11f-server'
- 'DOMAIN-SUFFIX,tweetdeck.com,11f-server'
- 'DOMAIN-SUFFIX,tweetmarker.net,11f-server'
- 'DOMAIN-SUFFIX,twitch.tv,11f-server'
- 'DOMAIN-SUFFIX,txmblr.com,11f-server'
- 'DOMAIN-SUFFIX,typekit.net,11f-server'
- 'DOMAIN-SUFFIX,ubertags.com,11f-server'
- 'DOMAIN-SUFFIX,ublock.org,11f-server'
- 'DOMAIN-SUFFIX,ubnt.com,11f-server'
- 'DOMAIN-SUFFIX,ulyssesapp.com,11f-server'
- 'DOMAIN-SUFFIX,urchin.com,11f-server'
- 'DOMAIN-SUFFIX,usertrust.com,11f-server'
- 'DOMAIN-SUFFIX,v.gd,11f-server'
- 'DOMAIN-SUFFIX,v2ex.com,11f-server'
- 'DOMAIN-SUFFIX,vimeo.com,11f-server'
- 'DOMAIN-SUFFIX,vimeocdn.com,11f-server'
- 'DOMAIN-SUFFIX,vine.co,11f-server'
- 'DOMAIN-SUFFIX,vivaldi.com,11f-server'
- 'DOMAIN-SUFFIX,vox-cdn.com,11f-server'
- 'DOMAIN-SUFFIX,vsco.co,11f-server'
- 'DOMAIN-SUFFIX,vultr.com,11f-server'
- 'DOMAIN-SUFFIX,w.org,11f-server'
- 'DOMAIN-SUFFIX,w3schools.com,11f-server'
- 'DOMAIN-SUFFIX,webtype.com,11f-server'
- 'DOMAIN-SUFFIX,wikiwand.com,11f-server'
- 'DOMAIN-SUFFIX,wikileaks.org,11f-server'
- 'DOMAIN-SUFFIX,wikimedia.org,11f-server'
- 'DOMAIN-SUFFIX,wikipedia.com,11f-server'
- 'DOMAIN-SUFFIX,wikipedia.org,11f-server'
- 'DOMAIN-SUFFIX,windows.com,11f-server'
- 'DOMAIN-SUFFIX,windows.net,11f-server'
- 'DOMAIN-SUFFIX,wire.com,11f-server'
- 'DOMAIN-SUFFIX,wordpress.com,11f-server'
- 'DOMAIN-SUFFIX,workflowy.com,11f-server'
- 'DOMAIN-SUFFIX,wp.com,11f-server'
- 'DOMAIN-SUFFIX,wsj.com,11f-server'
- 'DOMAIN-SUFFIX,wsj.net,11f-server'
- 'DOMAIN-SUFFIX,xda-developers.com,11f-server'
- 'DOMAIN-SUFFIX,xeeno.com,11f-server'
- 'DOMAIN-SUFFIX,xiti.com,11f-server'
- 'DOMAIN-SUFFIX,yahoo.com,11f-server'
- 'DOMAIN-SUFFIX,yimg.com,11f-server'
- 'DOMAIN-SUFFIX,ying.com,11f-server'
- 'DOMAIN-SUFFIX,yoyo.org,11f-server'
- 'DOMAIN-SUFFIX,ytimg.com,11f-server'
- 'DOMAIN-SUFFIX,telegra.ph,11f-server'
- 'DOMAIN-SUFFIX,v2ex.com,11f-server'
- 'IP-CIDR,91.108.4.0/22,11f-server,no-resolve'
- 'IP-CIDR,91.108.8.0/22,11f-server,no-resolve'
- 'IP-CIDR,91.108.12.0/22,11f-server,no-resolve'
- 'IP-CIDR,91.108.16.0/22,11f-server,no-resolve'
- 'IP-CIDR,91.108.56.0/22,11f-server,no-resolve'
- 'IP-CIDR,149.154.160.0/20,11f-server,no-resolve'
- 'IP-CIDR6,2001:67c:4e8::/48,11f-server,no-resolve'
- 'IP-CIDR6,2001:b28:f23d::/48,11f-server,no-resolve'
- 'IP-CIDR6,2001:b28:f23f::/48,11f-server,no-resolve'
- 'IP-CIDR,120.232.181.162/32,11f-server,no-resolve'
- 'IP-CIDR,120.241.147.226/32,11f-server,no-resolve'
- 'IP-CIDR,120.253.253.226/32,11f-server,no-resolve'
- 'IP-CIDR,120.253.255.162/32,11f-server,no-resolve'
- 'IP-CIDR,120.253.255.34/32,11f-server,no-resolve'
- 'IP-CIDR,120.253.255.98/32,11f-server,no-resolve'
- 'IP-CIDR,180.163.150.162/32,11f-server,no-resolve'
- 'IP-CIDR,180.163.150.34/32,11f-server,no-resolve'
- 'IP-CIDR,180.163.151.162/32,11f-server,no-resolve'
- 'IP-CIDR,180.163.151.34/32,11f-server,no-resolve'
- 'IP-CIDR,203.208.39.0/24,11f-server,no-resolve'
- 'IP-CIDR,203.208.40.0/24,11f-server,no-resolve'
- 'IP-CIDR,203.208.41.0/24,11f-server,no-resolve'
- 'IP-CIDR,203.208.43.0/24,11f-server,no-resolve'
- 'IP-CIDR,203.208.50.0/24,11f-server,no-resolve'
- 'IP-CIDR,220.181.174.162/32,11f-server,no-resolve'
- 'IP-CIDR,220.181.174.226/32,11f-server,no-resolve'
- 'IP-CIDR,220.181.174.34/32,11f-server,no-resolve'
- 'DOMAIN,injections.adguard.org,DIRECT'
- 'DOMAIN,local.adguard.org,DIRECT'
- 'DOMAIN-SUFFIX,local,DIRECT'
- 'IP-CIDR,127.0.0.0/8,DIRECT'
- 'IP-CIDR,172.16.0.0/12,DIRECT'
- 'IP-CIDR,192.168.1.0/16,DIRECT'
- 'IP-CIDR,10.0.0.0/8,DIRECT'
- 'IP-CIDR,17.0.0.0/8,DIRECT'
- 'IP-CIDR,100.64.0.0/10,DIRECT'
- 'IP-CIDR,224.0.0.0/4,DIRECT'
- 'IP-CIDR6,fe80::/10,DIRECT'
- 'DOMAIN-SUFFIX,cn,DIRECT'
- 'DOMAIN-KEYWORD,-cn,DIRECT'
- 'GEOIP,US,11f-server'
- 'GEOIP,CN,DIRECT'
- 'MATCH,11f-server'

xukongyang · 发表于 2023-3-21 10:48

本帖最后由 xukongyang 于 2023-3-25 09:05 编辑

问题与改进

0.clash修改配置文件重启后，浏览器发现不能访问外网了，记得重启下浏览器再试！！！

1.似乎非中国ip地址的代理没有起作用？
有个网址little开头的，ping返回的是 76.223.126.*的地址段，这是aws的地址，不在cnip中，但是也没有被代理，将这个网址加入到gfwlist是能正常访问的。

2.发现馒头的地址在gfwlist中，clash返回198.18.*的地址导致下载有问题，在dns中将馒头的网址禁用，然后重启qb即可。

3.发现t.co不能访问，自行加入到dns的gfw_list中即可访问。

badcrazy · 发表于 2023-3-21 11:30

ros有docker以后还可以搭adh这类，甚至可以整个op，是不需要旁路由了

jkenshan · 发表于 2023-3-21 19:20

更新clash配置文件麻烦，如果鸡chang不稳定的话要经常更新，很麻烦，如果能找到一种方便的更新方式那就好了

savage0203 · 发表于 2023-3-22 15:25

mangle开启的话好像跟fastpath有冲突的吧

349601929 · 发表于 2023-3-22 16:21

clash麻烦 v2tay的还要去转

349601929 · 发表于 2023-3-22 16:22

楼主说的那2个镜像搞得太麻烦了 container直接拉取就好了

349601929 · 发表于 2023-3-22 16:23

/container add remote-image=baone/clash start-on-boot=yes hostname=clash interface=veth2 root-dir=/docker/clash logging=yes
/container add remote-image=baone/yacd start-on-boot=yes hostname=yacd interface=veth3 root-dir=/docker/yacd logging=yes

ckle8322 · 发表于 2023-3-29 13:26

楼主！clash的config.json配置文件在哪里啊！我clash目录找不到啊

xukongyang · 发表于 2023-3-29 19:29

ckle8322 发表于 2023-3-29 13:26
楼主！clash的config.json配置文件在哪里啊！我clash目录找不到啊

你的clash的docker运行目录根目录下的
/.config/clash
目录

例如我的clash的docker运行目录是
usb2-part1/docker/clash
则完整的目录路径就是

usb2-part1/docker/clash/.config/clash

将上面标红的路径替换成的你的实际路径即可

ckle8322 · 发表于 2023-3-29 20:23

我的目录没有这个文件，这个目录下总共才三个文件：cache.db，config.yaml，Country.mmdb，我的机子型号：5009UG+S

xukongyang · 发表于 2023-3-29 21:35

clash的配置文件就是目录里面config.yaml文件啊

kinkit · 发表于 2023-3-30 08:29

不错，值得收藏！！

ckle8322 · 发表于 2023-3-30 09:47

楼主，我已经设置好了clash（直接用Windows 下的clash配置文件），但有点不了解的是：这个clash 是代理模式，直接设代理为这个clash 可以正常使用，但作为网关使用不了啊，要设置什么参数才变成网关模式？

账号		自动登录	找回密码
密码			立即注册

[Router OS] Mikrotik HAP AX3通过container运行clash透明网关，抛弃旁路由，单机自由上网

点评

点评

本帖子中包含更多资源

点评

欢迎大家光临恩山无线论坛 1/1