Skip to content

Instantly share code, notes, and snippets.

@PrintNow

PrintNow/clash-config-example.md

Last active March 6, 2025 07:10
Show Gist options
  • Save PrintNow/fe43f882ae56926f9818c5481031c322 to your computer and use it in GitHub Desktop.
Save PrintNow/fe43f882ae56926f9818c5481031c322 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
clash-config-example.md

DNS 配置相关

Note

优先推荐使用这种配置,放弃 fallback 过时的方式

dns:
  enable: true
  use-system-hosts: true
  listen: '127.0.0.1:5335'
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/16
  fake-ip-filter: [
    '*.lan', '+.local', 'stun.*.*.*', 'stun.*.*', '+.market.xiaomi.com',
    time.windows.com, time.nist.gov, time.apple.com, time.asia.apple.com, '*.ntp.org.cn', '*.openwrt.pool.ntp.org', time1.cloud.tencent.com, time.ustc.edu.cn, pool.ntp.org, ntp.ubuntu.com, ntp.aliyun.com, ntp1.aliyun.com, ntp2.aliyun.com, ntp3.aliyun.com, ntp4.aliyun.com, ntp5.aliyun.com, ntp6.aliyun.com, ntp7.aliyun.com, time1.aliyun.com, time2.aliyun.com, time3.aliyun.com, time4.aliyun.com, time5.aliyun.com, time6.aliyun.com, time7.aliyun.com, '*.time.edu.cn', time1.apple.com, time2.apple.com, time3.apple.com, time4.apple.com, time5.apple.com, time6.apple.com, time7.apple.com, time1.google.com, time2.google.com, time3.google.com, time4.google.com, 
    music.163.com, '*.music.163.com', '*.126.net', musicapi.taihe.com, music.taihe.com, songsearch.kugou.com, trackercdn.kugou.com, '*.kuwo.cn', api-jooxtt.sanook.com, api.joox.com, joox.com, y.qq.com, '*.y.qq.com', streamoc.music.tc.qq.com, mobileoc.music.tc.qq.com, isure.stream.qqmusic.qq.com, dl.stream.qqmusic.qq.com, aqqmusic.tc.qq.com, amobile.music.tc.qq.com, '*.xiami.com', '*.music.migu.cn', music.migu.cn, '*.msftconnecttest.com', '*.msftncsi.com', localhost.ptlogin2.qq.com, '*.*.*.srv.nintendo.net', '*.*.stun.playstation.net', 'xbox.*.*.microsoft.com', '*.ipv6.microsoft.com', '*.*.xboxlive.com', speedtest.cros.wr.pvp.net,
     # FCM
    'mtalk.google.com', 'alt1-mtalk.google.com', 'alt2-mtalk.google.com', 'alt3-mtalk.google.com', 'alt4-mtalk.google.com', 'alt5-mtalk.google.com', 'alt6-mtalk.google.com', 'alt7-mtalk.google.com', 'alt8-mtalk.google.com',
  ]
  
  # 用以解析 DNS-Server 域名
  default-nameserver: [
    # 公共 DNS
    '223.5.5.5', 
    'https://223.6.6.6/dns-query#h3=true',
    'https://223.5.5.5/dns-query',
    'https://120.53.53.53/dns-query'
  ]
  
  # 代理节点域名解析服务器,仅用于解析代理节点的域名
  proxy-server-nameserver: [
    'https://223.6.6.6/dns-query#h3=true',
    'https://223.5.5.5/dns-query',
    'https://doh.pub/dns-query',
  ]

  nameserver-policy:
    "geosite:cn,private": [
      "202.96.134.133", 
      "202.96.128.166",
      "https://223.5.5.5/dns-query",
      "https://120.53.53.53/dns-query",
    ]
    "geosite:geolocation-!cn": [
      "https://dns.cloudflare.com/dns-query#RULES",
      "https://dns.google/dns-query#RULES",
      "tls://1.0.0.1:853#RULES",
      "tls://8.8.4.4#RULES",
    ]

Note

使国外 DNS 走 Proxy Server,这样会获得较快的解析速度而不影响网站的访问,主要配置项是 dns.respect-rules: true

请记得修改 默认的域名解析服务器,运营商 DNS 改为你自己运营商的 DNS 或者完全使用公共 DNS

dns:
  enable: true
  use-system-hosts: true
  listen: '127.0.0.1:5335'
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/16
  fake-ip-filter: [
    '*.lan', 'stun.*.*.*', 'stun.*.*', time.windows.com, time.nist.gov, time.apple.com, time.asia.apple.com, '*.ntp.org.cn', '*.openwrt.pool.ntp.org', time1.cloud.tencent.com, time.ustc.edu.cn, pool.ntp.org, ntp.ubuntu.com, ntp.aliyun.com, ntp1.aliyun.com, ntp2.aliyun.com, ntp3.aliyun.com, ntp4.aliyun.com, ntp5.aliyun.com, ntp6.aliyun.com, ntp7.aliyun.com, time1.aliyun.com, time2.aliyun.com, time3.aliyun.com, time4.aliyun.com, time5.aliyun.com, time6.aliyun.com, time7.aliyun.com, '*.time.edu.cn', time1.apple.com, time2.apple.com, time3.apple.com, time4.apple.com, time5.apple.com, time6.apple.com, time7.apple.com, time1.google.com, time2.google.com, time3.google.com, time4.google.com, music.163.com, '*.music.163.com', '*.126.net', musicapi.taihe.com, music.taihe.com, songsearch.kugou.com, trackercdn.kugou.com, '*.kuwo.cn', api-jooxtt.sanook.com, api.joox.com, joox.com, y.qq.com, '*.y.qq.com', streamoc.music.tc.qq.com, mobileoc.music.tc.qq.com, isure.stream.qqmusic.qq.com, dl.stream.qqmusic.qq.com, aqqmusic.tc.qq.com, amobile.music.tc.qq.com, '*.xiami.com', '*.music.migu.cn', music.migu.cn, '*.msftconnecttest.com', '*.msftncsi.com', localhost.ptlogin2.qq.com, '*.*.*.srv.nintendo.net', '*.*.stun.playstation.net', 'xbox.*.*.microsoft.com', '*.ipv6.microsoft.com', '*.*.xboxlive.com', speedtest.cros.wr.pvp.net,
     # FCM
    'mtalk.google.com', 'alt1-mtalk.google.com', 'alt2-mtalk.google.com', 'alt3-mtalk.google.com', 'alt4-mtalk.google.com', 'alt5-mtalk.google.com', 'alt6-mtalk.google.com', 'alt7-mtalk.google.com', 'alt8-mtalk.google.com',      
  ]

  # 默认 DNS, 用于解析 DNS 服务器的域名
  default-nameserver: [ 223.5.5.5, 223.6.6.6 ]
  
  # 默认的域名解析服务器
  nameserver: [
    # 深圳电信
    "2402:4e00::",
     202.96.134.133, 
     202.96.128.166,

    # 公共 DNS
    '223.5.5.5', 
    'https://223.6.6.6/dns-query#h3=true',
    'https://223.5.5.5/dns-query'
  ]

  # 国外 DNS 走代理解析
  respect-rules: true
  
  # 代理节点域名解析服务器,仅用于解析代理节点的域名,如果不填则遵循 nameserver-policy、nameserver 和 fallback的配置
  proxy-server-nameserver: [
    'https://doh.pub/dns-query',
    'https://223.6.6.6/dns-query#h3=true',
    'https://223.5.5.5/dns-query'
  ]

  fallback: [
    "https://cloudflare-dns.com/dns-query",
    "tls://1.0.0.1:853",
    "https://101.101.101.101/dns-query",
    "https://public.dns.iij.jp/dns-query",
    "tls://8.8.4.4",
  ]

  fallback-filter: {
    # 使用GeoIP规则过滤掉国内的IP地址
    geoip: true,
    # 保证以下私有地址范围不使用fallback DNS
    ipcidr: [ 240.0.0.0/4, 0.0.0.0/32, 127.0.0.1/32, 100.64.0.0/10 ],
    domain: [ +.google.com, +.facebook.com, +.twitter.com, +.youtube.com, +.xn--ngstr-lra8j.com, +.google.cn, +.googleapis.cn, +.googleapis.com, +.gvt1.com ]
  }
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment