clash premium 配置并将所有流量导向指定服务器
事情的起因在于我的 vps 的地址被墙了,更换 ip 或者换新机器属于是费钱又费力,谁也无法保证墙会不会继续发疯,所以有了该篇。
目的主要有两个:
- 能够在国内访问到互联网
- 访问的终端 IP 保持固定,避免 IP 漂移,避免触发部分网站的风控
主要参考以下两个链接,建议先进行阅读:
clash premium 是闭源软件,介意的可以去更换 Dreamacro/clash 。在这篇里主要用到了 rule-providers 这个特性,使用开源版本需要手动的配置 rule 信息。
clash 不做太多的介绍,了解更多查看 clash doc。
clash 通过配置文件进行驱动,主要分四块内容:
- 基本配置,端口、运行模式、日志等级等等
- 代理节点信息
- 代理规则(代理分组)配置
- rule 配置
“代理节点信息”就是流量服务器的具体信息,通过它可以连接到该服务器;“代理规则”配置就是组织“代理节点信息”,通过不同的需求配置不同的节点;“rule 配置”就是根据“欲访问的网站”和“代理规则”之间的联系进行数据分发。
当你想要访问 google.com 的时候,先通过 “rule 规则”确定使用哪一个 “代理规则”,“代理规则”再去确认使用哪一个“代理节点”。
配置文件
#---------------------------------------------------#
## 配置文件需要放置在 $HOME/.config/clash/*.yaml
## 如果您不知道如何操作,请参阅 官方Github文档 https://github.com/Dreamacro/clash/blob/dev/README.md
#---------------------------------------------------#
port: 7890
socks-port: 7891
# RESTful API for clash
external-controller: 127.0.0.1:9090
allow-lan: true
mode: rule
log-level: warning
proxies:
- name: "Static_Node"
type: ss
server: xxx.xxx.xxx.xxx
port: 1080
cipher: aes-256-cfb
password: $PASSWORD
proxy-providers:
Airport:
type: http
url: https://airport.com
path: ./Proxy/airport.yml
interval: 86400
health-check:
enable: false
interval: 600
url: https://www.gstatic.com/generate_204
proxy-groups:
- name: Relay-Proxy
type: select
proxies:
- Private Relay
- DIRECT
- name: Private Relay
type: relay
proxies:
- 机场们
- Static_Node
- name: 机场们
type: select
use:
- Airport
rule-providers:
reject:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/reject.txt"
path: ./ruleset/reject.yaml
interval: 86400
icloud:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/icloud.txt"
path: ./ruleset/icloud.yaml
interval: 86400
apple:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/apple.txt"
path: ./ruleset/apple.yaml
interval: 86400
google:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/google.txt"
path: ./ruleset/google.yaml
interval: 86400
proxy:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/proxy.txt"
path: ./ruleset/proxy.yaml
interval: 86400
direct:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/direct.txt"
path: ./ruleset/direct.yaml
interval: 86400
private:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/private.txt"
path: ./ruleset/private.yaml
interval: 86400
gfw:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/gfw.txt"
path: ./ruleset/gfw.yaml
interval: 86400
tld-not-cn:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/tld-not-cn.txt"
path: ./ruleset/tld-not-cn.yaml
interval: 86400
telegramcidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/telegramcidr.txt"
path: ./ruleset/telegramcidr.yaml
interval: 86400
cncidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/cncidr.txt"
path: ./ruleset/cncidr.yaml
interval: 86400
lancidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt"
path: ./ruleset/lancidr.yaml
interval: 86400
applications:
type: http
behavior: classical
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/applications.txt"
path: ./ruleset/applications.yaml
interval: 86400
rules:
- RULE-SET,applications,DIRECT
- DOMAIN,clash.razord.top,DIRECT
- DOMAIN,yacd.haishan.me,DIRECT
- RULE-SET,private,DIRECT
- RULE-SET,reject,REJECT
- RULE-SET,icloud,DIRECT
- RULE-SET,apple,DIRECT
- RULE-SET,google,Relay-Proxy
- RULE-SET,proxy,Relay-Proxy
- RULE-SET,direct,DIRECT
- RULE-SET,lancidr,DIRECT
- RULE-SET,cncidr,DIRECT
- RULE-SET,telegramcidr,Relay-Proxy
- GEOIP,LAN,DIRECT
- GEOIP,CN,DIRECT
- MATCH,Relay-Proxy
配置分析
port: 7890
socks-port: 7891
# RESTful API for clash
external-controller: 127.0.0.1:9090
allow-lan: true
mode: rule
log-level: warning
上面的是基础信息,没什么好解释的。
proxies:
- name: "Static_Node"
type: ss
server: xxx.xxx.xxx.xxx
port: 1080
cipher: aes-256-cfb
password: $PASSWORD
proxy-providers:
Airport:
type: http
url: https://airport.com
path: ./Proxy/airport.yml
interval: 86400
health-check:
enable: false
interval: 600
url: https://www.gstatic.com/generate_204
以上都是 “代理节点信息”。如果使用机场一键订阅那么大概率所有的节点信息都在 proxies 下,这也没什么不好,只是无法应用于多个机场聚合。proxies 可以理解为手动的配置信息,这里的节点指的是 vps 开启了 ss 服务。vps 安装 shadowsockets 服务可以参考:zhaoweih/Shadowsocks-Tutorial。这里需要记住的是 vps 的名字:Static_Node(自定义的,下面有用)。
proxy-providers 则是自动化的配置信息,一般做的比较大的机场都会给 clash 订阅地址,这里增加了24小时自动更新和健康检查等服务,根据实际情况填写即可。这里需要记住的是机场的名字:Airport(自定义,下面有用)。多个机场就写多个块。
proxy-groups:
- name: Relay-Proxy
type: select
proxies:
- Private Relay
- DIRECT
- name: Private Relay
type: relay
proxies:
- 机场们
- Static_Node
- name: 机场们
type: select
use:
- Airport
这是“代理规则”配置,这里的配置算是最简化的,可以根据实际需求进行设计。这里设计了最上层的 Relay-Proxy,记住这个名字,在 rule 配置的时候会用上,它主要功能就是选择使用 “Private Relay” 这个规则。“Private Relay” 就是通过 relay 方法将机场的数据导向 vps,然后 vps 再去访问实际的地址。“机场们” 就是 “proxy-providers” 的配置。
rule-providers:
reject:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/reject.txt"
path: ./ruleset/reject.yaml
interval: 86400
icloud:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/icloud.txt"
path: ./ruleset/icloud.yaml
interval: 86400
apple:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/apple.txt"
path: ./ruleset/apple.yaml
interval: 86400
google:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/google.txt"
path: ./ruleset/google.yaml
interval: 86400
proxy:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/proxy.txt"
path: ./ruleset/proxy.yaml
interval: 86400
direct:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/direct.txt"
path: ./ruleset/direct.yaml
interval: 86400
private:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/private.txt"
path: ./ruleset/private.yaml
interval: 86400
gfw:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/gfw.txt"
path: ./ruleset/gfw.yaml
interval: 86400
tld-not-cn:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/tld-not-cn.txt"
path: ./ruleset/tld-not-cn.yaml
interval: 86400
telegramcidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/telegramcidr.txt"
path: ./ruleset/telegramcidr.yaml
interval: 86400
cncidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/cncidr.txt"
path: ./ruleset/cncidr.yaml
interval: 86400
lancidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt"
path: ./ruleset/lancidr.yaml
interval: 86400
applications:
type: http
behavior: classical
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/applications.txt"
path: ./ruleset/applications.yaml
interval: 86400
rules:
- RULE-SET,applications,DIRECT
- DOMAIN,clash.razord.top,DIRECT
- DOMAIN,yacd.haishan.me,DIRECT
- RULE-SET,private,DIRECT
- RULE-SET,reject,REJECT
- RULE-SET,icloud,DIRECT
- RULE-SET,apple,DIRECT
- RULE-SET,google,Relay-Proxy
- RULE-SET,proxy,Relay-Proxy
- RULE-SET,direct,DIRECT
- RULE-SET,lancidr,DIRECT
- RULE-SET,cncidr,DIRECT
- RULE-SET,telegramcidr,Relay-Proxy
- GEOIP,LAN,DIRECT
- GEOIP,CN,DIRECT
- MATCH,Relay-Proxy
“rule 配置” 是最长的,但也是最容易写的,主要就是参考:Loyalsoldier/clash-rules。“rule-providers” 就是定期的更新 “域名” 文件。“rules” 有多种方式可选,这里选择的是白名单模式,先根据顺序进行匹配,实在匹配不到就走代理。