Skip to content

Instantly share code, notes, and snippets.

@blackgear
Created October 26, 2015 05:39
Show Gist options
  • Save blackgear/31875f7c937c9dc28a7f to your computer and use it in GitHub Desktop.
Save blackgear/31875f7c937c9dc28a7f to your computer and use it in GitHub Desktop.
Surge config for new user
[General]
loglevel = warning
bypass-system = true
skip-proxy = 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12,localhost,*.local,*.lan
bypass-tun = 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12
dns-server = 114.114.114.114,114.114.115.115
[Proxy]
PROXY = custom,服务器地址,服务器端口,加密方式,密码,模块地址,tcp-fast-open=true
[Rule]
# Block privacy tracker and advertisement
DOMAIN,adash.m.taobao.com,REJECT
DOMAIN,bam.nr-data.net,REJECT
DOMAIN,beacon.qq.com,REJECT
DOMAIN,beacon.sina.com.cn,REJECT
DOMAIN,js-agent.newrelic.com,REJECT
DOMAIN,m.simaba.taobao.com,REJECT
DOMAIN,monitor.uu.qq.com,REJECT
DOMAIN,mtj.baidu.com,REJECT
DOMAIN,pingma.qq.com,REJECT
DOMAIN,sax.sina.cn,REJECT
DOMAIN,stat.m.jd.com,REJECT
DOMAIN,x.jd.com,REJECT
DOMAIN-KEYWORD,adermob,REJECT
DOMAIN-KEYWORD,ads,REJECT
DOMAIN-KEYWORD,analytics,REJECT
DOMAIN-KEYWORD,track,REJECT
DOMAIN-KEYWORD,traffic,REJECT
DOMAIN-SUFFIX,acs86.com,REJECT
DOMAIN-SUFFIX,ad.unimhk.com,REJECT
DOMAIN-SUFFIX,adchina.com,REJECT
DOMAIN-SUFFIX,adcome.cn,REJECT
DOMAIN-SUFFIX,adinfuse.com,REJECT
DOMAIN-SUFFIX,admaster.com.cn,REJECT
DOMAIN-SUFFIX,admob.com,REJECT
DOMAIN-SUFFIX,ads.mobclix.com,REJECT
DOMAIN-SUFFIX,adsage.cn,REJECT
DOMAIN-SUFFIX,adsage.com,REJECT
DOMAIN-SUFFIX,adsmogo.org,REJECT
DOMAIN-SUFFIX,aduu.cn,REJECT
DOMAIN-SUFFIX,adview.cn,REJECT
DOMAIN-SUFFIX,adwhirl.com,REJECT
DOMAIN-SUFFIX,adwo.com,REJECT
DOMAIN-SUFFIX,adxmi.com,REJECT
DOMAIN-SUFFIX,anquan.org,REJECT
DOMAIN-SUFFIX,appads.com,REJECT
DOMAIN-SUFFIX,baidustatic.com,REJECT
DOMAIN-SUFFIX,baifendian.com,REJECT
DOMAIN-SUFFIX,beacon.qq.com,REJECT
DOMAIN-SUFFIX,cnzz.com,REJECT
DOMAIN-SUFFIX,domob.cn,REJECT
DOMAIN-SUFFIX,domob.com.cn,REJECT
DOMAIN-SUFFIX,domob.org,REJECT
DOMAIN-SUFFIX,doubleclick.net,REJECT
DOMAIN-SUFFIX,duomeng.cn,REJECT
DOMAIN-SUFFIX,duomeng.net,REJECT
DOMAIN-SUFFIX,duomeng.org,REJECT
DOMAIN-SUFFIX,flurry.com,REJECT
DOMAIN-SUFFIX,googeadsserving.cn,REJECT
DOMAIN-SUFFIX,guomob.com,REJECT
DOMAIN-SUFFIX,immob.cn,REJECT
DOMAIN-SUFFIX,inmobi.com,REJECT
DOMAIN-SUFFIX,mmstat.com,REJECT
DOMAIN-SUFFIX,mobads-logs.baidu.com,REJECT
DOMAIN-SUFFIX,mobads.baidu.com,REJECT
DOMAIN-SUFFIX,monitor.uu.qq.com,REJECT
DOMAIN-SUFFIX,pingma.qq.com,REJECT
DOMAIN-SUFFIX,smartadserver.com,REJECT
DOMAIN-SUFFIX,smartmad.com,REJECT
DOMAIN-SUFFIX,stat.m.jd.com,REJECT
DOMAIN-SUFFIX,tanx.com,REJECT
DOMAIN-SUFFIX,tapjoyads.com,REJECT
DOMAIN-SUFFIX,umeng.co,REJECT
DOMAIN-SUFFIX,umeng.com,REJECT
DOMAIN-SUFFIX,umeng.net,REJECT
DOMAIN-SUFFIX,umtrack.com,REJECT
DOMAIN-SUFFIX,ushaqi.com,REJECT
DOMAIN-SUFFIX,uyunad.com,REJECT
DOMAIN-SUFFIX,waps.cn,REJECT
DOMAIN-SUFFIX,wiyun.com,REJECT
DOMAIN-SUFFIX,wooboo.com.cn,REJECT
DOMAIN-SUFFIX,wqmobile.com,REJECT
DOMAIN-SUFFIX,youmi.net,REJECT
IP-CIDR,221.179.140.0/24,REJECT
DOMAIN-SUFFIX,lh1.ggpht.com,REJECT
DOMAIN-SUFFIX,lh2.ggpht.com,REJECT
DOMAIN-SUFFIX,lh3.ggpht.com,REJECT
DOMAIN-SUFFIX,lh4.ggpht.com,REJECT
DOMAIN-SUFFIX,lh5.ggpht.com,REJECT
DOMAIN-SUFFIX,lh6.ggpht.com,REJECT
DOMAIN-SUFFIX,lh7.ggpht.com,REJECT
DOMAIN-SUFFIX,lh8.ggpht.com,REJECT
DOMAIN-SUFFIX,www.panoramio.com,REJECT
# Accelerate most visited sites
DOMAIN-KEYWORD,360buy,DIRECT
DOMAIN-KEYWORD,alipay,DIRECT
DOMAIN-KEYWORD,baidu,DIRECT
DOMAIN-KEYWORD,qiyi,DIRECT
DOMAIN-KEYWORD,sohu,DIRECT
DOMAIN-KEYWORD,taobao,DIRECT
DOMAIN-SUFFIX,126.net,DIRECT
DOMAIN-SUFFIX,163.com,DIRECT
DOMAIN-SUFFIX,adcdownload.apple.com,DIRECT
DOMAIN-SUFFIX,alicdn.com,DIRECT
DOMAIN-SUFFIX,amap.com,DIRECT
DOMAIN-SUFFIX,appldnld.apple.com,DIRECT
DOMAIN-SUFFIX,bdimg.com,DIRECT
DOMAIN-SUFFIX,bdstatic.com,DIRECT
DOMAIN-SUFFIX,cn,DIRECT
DOMAIN-SUFFIX,cnbeta.com,DIRECT
DOMAIN-SUFFIX,cnzz.com,DIRECT
DOMAIN-SUFFIX,douban.com,DIRECT
DOMAIN-SUFFIX,gtimg.com,DIRECT
DOMAIN-SUFFIX,hao123.com,DIRECT
DOMAIN-SUFFIX,haosou.com,DIRECT
DOMAIN-SUFFIX,icloud-content.com,DIRECT
DOMAIN-SUFFIX,ifeng.com,DIRECT
DOMAIN-SUFFIX,iqiyi.com,DIRECT
DOMAIN-SUFFIX,jd.com,DIRECT
DOMAIN-SUFFIX,lcdn-registration.apple.com,DIRECT
DOMAIN-SUFFIX,ls.apple.com,DIRECT
DOMAIN-SUFFIX,netease.com,DIRECT
DOMAIN-SUFFIX,phobos.apple.com,DIRECT
DOMAIN-SUFFIX,qhimg.com,DIRECT
DOMAIN-SUFFIX,qq.com,DIRECT
DOMAIN-SUFFIX,sogou.com,DIRECT
DOMAIN-SUFFIX,sohu.com,DIRECT
DOMAIN-SUFFIX,soso.com,DIRECT
DOMAIN-SUFFIX,suning.com,DIRECT
DOMAIN-SUFFIX,swcdn.apple.com,DIRECT
DOMAIN-SUFFIX,tmall.com,DIRECT
DOMAIN-SUFFIX,tudou.com,DIRECT
DOMAIN-SUFFIX,weibo.com,DIRECT
DOMAIN-SUFFIX,xunlei.com,DIRECT
DOMAIN-SUFFIX,youku.com,DIRECT
DOMAIN-SUFFIX,zhihu.com,DIRECT
# Top blocked sites with tcp
DOMAIN-KEYWORD,facebook,PROXY,force-remote-dns
DOMAIN-KEYWORD,gmail,PROXY,force-remote-dns
DOMAIN-KEYWORD,google,PROXY,force-remote-dns
DOMAIN-KEYWORD,instagram,PROXY,force-remote-dns
DOMAIN-KEYWORD,twitter,PROXY,force-remote-dns
DOMAIN-KEYWORD,youtube,PROXY,force-remote-dns
DOMAIN-SUFFIX,appspot.com,PROXY,force-remote-dns
DOMAIN-SUFFIX,t.co,PROXY,force-remote-dns
DOMAIN-SUFFIX,twimg.com,PROXY,force-remote-dns
# Top blocked sites
DOMAIN-KEYWORD,aka,PROXY
DOMAIN-KEYWORD,blogspot,PROXY
DOMAIN-SUFFIX,akamaihd.net,PROXY
DOMAIN-SUFFIX,amazon.com,PROXY
DOMAIN-SUFFIX,amazonaws.com,PROXY
DOMAIN-SUFFIX,android.com,PROXY
DOMAIN-SUFFIX,angularjs.org,PROXY
DOMAIN-SUFFIX,apple.com,PROXY
DOMAIN-SUFFIX,appspot.com,PROXY
DOMAIN-SUFFIX,bit.ly,PROXY
DOMAIN-SUFFIX,bitbucket.org,PROXY
DOMAIN-SUFFIX,blog.com,PROXY
DOMAIN-SUFFIX,blogcdn.com,PROXY
DOMAIN-SUFFIX,blogger.com,PROXY
DOMAIN-SUFFIX,blogsmithmedia.com,PROXY
DOMAIN-SUFFIX,bloomberg.com,PROXY
DOMAIN-SUFFIX,box.net,PROXY
DOMAIN-SUFFIX,chromium.org,PROXY
DOMAIN-SUFFIX,cl.ly,PROXY
DOMAIN-SUFFIX,cloudflare.com,PROXY
DOMAIN-SUFFIX,cloudfront.net,PROXY
DOMAIN-SUFFIX,cocoapods.org,PROXY
DOMAIN-SUFFIX,crashlytics.com,PROXY
DOMAIN-SUFFIX,digicert.com,PROXY
DOMAIN-SUFFIX,dnsimple.com,PROXY
DOMAIN-SUFFIX,docker.com,PROXY
DOMAIN-SUFFIX,dribbble.com,PROXY
DOMAIN-SUFFIX,dropbox.com,PROXY
DOMAIN-SUFFIX,dropboxstatic.com,PROXY
DOMAIN-SUFFIX,dropboxusercontent.com,PROXY
DOMAIN-SUFFIX,duckduckgo.com,PROXY
DOMAIN-SUFFIX,edgecastcdn.net,PROXY
DOMAIN-SUFFIX,engadget.com,PROXY
DOMAIN-SUFFIX,eurekavpt.com,PROXY
DOMAIN-SUFFIX,fabric.io,PROXY
DOMAIN-SUFFIX,fastly.net,PROXY
DOMAIN-SUFFIX,fb.me,PROXY
DOMAIN-SUFFIX,fbcdn.net,PROXY
DOMAIN-SUFFIX,fc2.com,PROXY
DOMAIN-SUFFIX,feedburner.com,PROXY
DOMAIN-SUFFIX,flickr.com,PROXY
DOMAIN-SUFFIX,ggpht.com,PROXY
DOMAIN-SUFFIX,github.com,PROXY
DOMAIN-SUFFIX,github.io,PROXY
DOMAIN-SUFFIX,githubusercontent.com,PROXY
DOMAIN-SUFFIX,godaddy.com,PROXY
DOMAIN-SUFFIX,golang.org,PROXY
DOMAIN-SUFFIX,goo.gl,PROXY
DOMAIN-SUFFIX,gravatar.com,PROXY
DOMAIN-SUFFIX,gstatic.com,PROXY
DOMAIN-SUFFIX,icloud.com,PROXY
DOMAIN-SUFFIX,ift.tt,PROXY
DOMAIN-SUFFIX,imageshack.us,PROXY
DOMAIN-SUFFIX,imgur.com,PROXY
DOMAIN-SUFFIX,itunes.com,PROXY
DOMAIN-SUFFIX,j.mp,PROXY
DOMAIN-SUFFIX,jshint.com,PROXY
DOMAIN-SUFFIX,kat.cr,PROXY
DOMAIN-SUFFIX,licdn.com,PROXY
DOMAIN-SUFFIX,linkedin.com,PROXY
DOMAIN-SUFFIX,linode.com,PROXY
DOMAIN-SUFFIX,lithium.com,PROXY
DOMAIN-SUFFIX,me.com,PROXY
DOMAIN-SUFFIX,megaupload.com,PROXY
DOMAIN-SUFFIX,mobile01.com,PROXY
DOMAIN-SUFFIX,modmyi.com,PROXY
DOMAIN-SUFFIX,mzstatic.com,PROXY
DOMAIN-SUFFIX,name.com,PROXY
DOMAIN-SUFFIX,nytimes.com,PROXY
DOMAIN-SUFFIX,openvpn.net,PROXY
DOMAIN-SUFFIX,openwrt.org,PROXY
DOMAIN-SUFFIX,ow.ly,PROXY
DOMAIN-SUFFIX,pinboard.in,PROXY
DOMAIN-SUFFIX,squarespace.com,PROXY
DOMAIN-SUFFIX,ssl-images-amazon.com,PROXY
DOMAIN-SUFFIX,sstatic.net,PROXY
DOMAIN-SUFFIX,stackoverflow.com,PROXY
DOMAIN-SUFFIX,staticflickr.com,PROXY
DOMAIN-SUFFIX,symauth.com,PROXY
DOMAIN-SUFFIX,symcb.com,PROXY
DOMAIN-SUFFIX,symcd.com,PROXY
DOMAIN-SUFFIX,thepiratebay.org,PROXY
DOMAIN-SUFFIX,tumblr.com,PROXY
DOMAIN-SUFFIX,twitch.tv,PROXY
DOMAIN-SUFFIX,ubnt.com,PROXY
DOMAIN-SUFFIX,vimeo.com,PROXY
DOMAIN-SUFFIX,wikimedia.org,PROXY
DOMAIN-SUFFIX,wikipedia.com,PROXY
DOMAIN-SUFFIX,wikipedia.org,PROXY
DOMAIN-SUFFIX,wordpress.com,PROXY
DOMAIN-SUFFIX,wp.com,PROXY
DOMAIN-SUFFIX,wsj.com,PROXY
DOMAIN-SUFFIX,wsj.net,PROXY
DOMAIN-SUFFIX,youtu.be,PROXY
DOMAIN-SUFFIX,ytimg.com,PROXY
# Telegram
IP-CIDR,91.108.56.0/22,PROXY,no-resolve
IP-CIDR,91.108.4.0/22,PROXY,no-resolve
IP-CIDR,109.239.140.0/24,PROXY,no-resolve
IP-CIDR,149.154.160.0/20,PROXY,no-resolve
# LAN
IP-CIDR,192.168.0.0/16,DIRECT
IP-CIDR,10.0.0.0/8,DIRECT
IP-CIDR,172.16.0.0/12,DIRECT
IP-CIDR,127.0.0.0/8,DIRECT
# Detect local network
GEOIP,CN,DIRECT
# Use proxy for all others
FINAL,PROXY
@debiansid
Copy link

Cool

@scomper
Copy link

scomper commented Oct 29, 2015

IP-CIDR,221.179.140.0/24,REJECT,no-resolve

@paicha
Copy link

paicha commented Oct 29, 2015

哪条是 ingress 的配置?

@hansnow
Copy link

hansnow commented Nov 9, 2015

这个配置对ingress确实有奇效,很好奇是哪条起了作用

@w12928293
Copy link

试了下,分流确实可以,只是不知道多久会更新

@paicha
Copy link

paicha commented Nov 12, 2015

@hansnow 找到了,是 DOMAIN-SUFFIX,appspot.com,PROXY,force-remote-dns

@blackgear
Copy link
Author

@paicha @hansnow
这一段是屏蔽ingress里po的预览图片显示,这样可以节约ingress的50%-70%的流量消耗

DOMAIN-SUFFIX,lh1.ggpht.com,REJECT
DOMAIN-SUFFIX,lh2.ggpht.com,REJECT
DOMAIN-SUFFIX,lh3.ggpht.com,REJECT
DOMAIN-SUFFIX,lh4.ggpht.com,REJECT
DOMAIN-SUFFIX,lh5.ggpht.com,REJECT
DOMAIN-SUFFIX,lh6.ggpht.com,REJECT
DOMAIN-SUFFIX,lh7.ggpht.com,REJECT
DOMAIN-SUFFIX,lh8.ggpht.com,REJECT
DOMAIN-SUFFIX,www.panoramio.com,REJECT

至于连接ingress用的那条规则,你已经发现了。

@Luciushy
Copy link

an ssl error occurred and a secure connection to the server cannot be made.
不好意思,出现这种问题,如何解决?

@mmmaooo
Copy link

mmmaooo commented Feb 24, 2016

好棒,ingress心里感觉快多了。。哈哈 cool

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment