DianQK/clash_dns.yaml Secret

## clash_dns.yaml
dns:
  enable: true
  use-hosts: true
  ipv6: false
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/16
  listen: 0.0.0.0:53
  default-nameserver:
    - 119.29.29.29
    - 114.114.114.114
  nameserver:
    - dhcp://en0 # 使用 dhcp 来的 dns
    - x.x.x.x # 额外的内网 dns？
    - https://223.5.5.5/dns-query
    - https://doh.pub/dns-query
  fake-ip-filter:
    - '*.example.com' # 绕过的内网域名
    - '*.lan'
    - '*.edu.cn'
    - localhost.ptlogin2.qq.com
    - +.stun.*.*
    - +.stun.*.*.*
    - +.stun.*.*.*.*
    - +.stun.*.*.*.*.*
    - lens.l.google.com
    - '*.mcdn.bilivideo.cn'
    - .cn

tun:
  enable: true
  stack: gvisor
  auto-route: false

## com.clash.tund.plist
路径 /Library/LaunchDaemons/com.clash.tund.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>com.clash.tund</string>
	<key>ProgramArguments</key>
	<array>
    	<string>/usr/local/bin/clash</string>
		<string>-d</string>
        <string>/etc/clash</string>
	</array>
	<key>RunAtLoad</key>
	<true/>
    <key>KeepAlive</key>
	<true/>
    <key>StandardOutPath</key>
	<string>/Library/Application Support/Clash/output.log</string>
	<key>StandardErrorPath</key>
	<string>/Library/Application Support/Clash/output.log</string>
</dict>
</plist>

## com.clash.tund.route.plist
路径 /Library/LaunchDaemons/com.clash.tund.route.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>com.clash.tund.route</string>
	<key>ProgramArguments</key>
	<array>
    	<string>/etc/clash/enable_tun_route.sh</string>
	</array>
	<key>RunAtLoad</key>
	<true/>
    <key>KeepAlive</key>
    <dict>
        <key>OtherJobEnabled</key>
        <dict>
            <key>com.clash.tund</key>
            <true/>
        </dict>
    </dict>
    <key>StandardOutPath</key>
	<string>/Library/Application Support/Clash/output-tun-route.log</string>
	<key>StandardErrorPath</key>
	<string>/Library/Application Support/Clash/output-tun-route.log</string>
</dict>
</plist>

## enable_tun_route.sh
#!/bin/sh

# 路径 /etc/clash/enable_tun_route.sh

StartService() {
    while true; do
        tun_ip=$(ifconfig -a | grep 198.18.0.1)
        if [ -z "$tun_ip" ]
        then
            sleep 1
        else
            break
        fi
    done
    route -n add -net 198.18.0.0/16 198.18.0.1
    networksetup -setdnsservers Wi-Fi 198.18.0.1
    dscacheutil -flushcache
    killall -HUP mDNSResponder
    echo "启动 Clash 的 tun 路由"
}

StopService() {
    route -n delete 198.18.0.0/16
    networksetup -setdnsservers Wi-Fi "Empty"
    dscacheutil -flushcache
    killall -HUP mDNSResponder
    echo "停止 Clash 的 tun 路由"
    exit 0
}

StartService
trap StopService SIGTERM SIGHUP SIGINT
while true; do
    sleep 86400 &
    wait $!
done
	dns:
	enable: true
	use-hosts: true
	ipv6: false
	enhanced-mode: fake-ip
	fake-ip-range: 198.18.0.1/16
	listen: 0.0.0.0:53
	default-nameserver:
	- 119.29.29.29
	- 114.114.114.114
	nameserver:
	- dhcp://en0 # 使用 dhcp 来的 dns
	- x.x.x.x # 额外的内网 dns？
	- https://223.5.5.5/dns-query
	- https://doh.pub/dns-query
	fake-ip-filter:
	- '*.example.com' # 绕过的内网域名
	- '*.lan'
	- '*.edu.cn'
	- localhost.ptlogin2.qq.com
	- +.stun..
	- +.stun...*
	- +.stun....
	- +.stun.....*
	- lens.l.google.com
	- '*.mcdn.bilivideo.cn'
	- .cn

	tun:
	enable: true
	stack: gvisor
	auto-route: false
	路径 /Library/LaunchDaemons/com.clash.tund.plist
	<?xml version="1.0" encoding="UTF-8"?>
	<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
	<plist version="1.0">
	<dict>
	<key>Label</key>
	<string>com.clash.tund</string>
	<key>ProgramArguments</key>
	<array>
	<string>/usr/local/bin/clash</string>
	<string>-d</string>
	<string>/etc/clash</string>
	</array>
	<key>RunAtLoad</key>
	<true/>
	<key>KeepAlive</key>
	<true/>
	<key>StandardOutPath</key>
	<string>/Library/Application Support/Clash/output.log</string>
	<key>StandardErrorPath</key>
	<string>/Library/Application Support/Clash/output.log</string>
	</dict>
	</plist>
	#!/bin/sh

	# 路径 /etc/clash/enable_tun_route.sh

	StartService() {
	while true; do
	tun_ip=$(ifconfig -a \| grep 198.18.0.1)
	if [ -z "$tun_ip" ]
	then
	sleep 1
	else
	break
	fi
	done
	route -n add -net 198.18.0.0/16 198.18.0.1
	networksetup -setdnsservers Wi-Fi 198.18.0.1
	dscacheutil -flushcache
	killall -HUP mDNSResponder
	echo "启动 Clash 的 tun 路由"
	}

	StopService() {
	route -n delete 198.18.0.0/16
	networksetup -setdnsservers Wi-Fi "Empty"
	dscacheutil -flushcache
	killall -HUP mDNSResponder
	echo "停止 Clash 的 tun 路由"
	exit 0
	}

	StartService
	trap StopService SIGTERM SIGHUP SIGINT
	while true; do
	sleep 86400 &
	wait $!
	done