Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Yet another config for Surge.app

Install

  1. Modify index.txt with your output path and proxy info
  2. Use Text Builder to build configuration for Surge: $ text-builder -index /path/to/index.txt Or run $ sh build-all to build all your index files.
  3. Import configuration via AirDrop/iTunes/Dropbox/iCloud

本人不提供任何保证和技术支持,使用者自负风险。
There are no guarantees, no any support. Use it at your own risk.

#!/usr/bin/env sh
# Written by janlay, janlay@gmail.com
for file in ./index-*.txt
do
echo "Building file $file..."
text-builder -index $file
done
[General]
# used by Surge for Mac
interface = 127.0.0.1
port = 8800
loglevel = warning
bypass-tun = 192.168.0.0/16, 10.0.0.0/8, 172.0.0.0/8, 100.64.0.0/10
skip-proxy = 127.0.0.1, 192.168.0.0/16, 10.0.0.0/8, 172.0.0.0/8, 100.64.0.0/10, localhost, *.local, e.crashlytics.com
dns-server = system, 223.5.5.5, 8.8.8.8, 8.8.4.4
[Host]
api.smoot.apple.com.cn = api.smoot.apple.com
[URL Rewrite]
^http://www.google.cn http://www.google.com
^http://mp.weixin.qq.com/mp/report reject
[Proxy]
#include proxy.txt
# Surge config index file for iOS 9+
#output 🚦 Auto.conf
#include https://gist.github.com/janlay/b57476c72a93b7e622a6/raw/config.txt
[Rule]
#include https://gist.github.com/janlay/b57476c72a93b7e622a6/raw/rules-app-blockers.txt
#include https://gist.github.com/janlay/b57476c72a93b7e622a6/raw/rules-main.txt
# Surge config index file for Mac OS X 10.11+
# !Use your username here
#output /Users/janlay/.surge.conf
#include https://gist.github.com/janlay/b57476c72a93b7e622a6/raw/config.txt
[Rule]
#include https://gist.github.com/janlay/b57476c72a93b7e622a6/raw/rules-intranet.txt
#include https://gist.github.com/janlay/b57476c72a93b7e622a6/raw/rules-mac-blockers.txt
#include https://gist.github.com/janlay/b57476c72a93b7e622a6/raw/rules-main.txt
💊 Play with GFW = direct
🇯🇵 SSLedge TYO1 = custom <<<
[Proxy Group]
Proxy = select, 💊 Play with GFW, 🇯🇵 SSLedge TYO1
# Block privacy tracker within apps
DOMAIN, ads.mopub.com, REJECT
DOMAIN, cpro.baidu.com, REJECT
DOMAIN, hm.baidu.com, REJECT
DOMAIN, hmma.baidu.com, REJECT
DOMAIN, monitor.uu.qq.com, REJECT
DOMAIN, graph.facebook.com, REJECT
DOMAIN, pagead2.googlesyndication.com, REJECT
DOMAIN, pgdt.gtimg.cn, REJECT
DOMAIN, pingma.qq.com, REJECT
DOMAIN, stat.m.jd.com, REJECT
DOMAIN-KEYWORD, analytics, REJECT
DOMAIN-KEYWORD, cnzz, REJECT
DOMAIN-KEYWORD, domob, REJECT
DOMAIN-KEYWORD, flurry.co, REJECT
DOMAIN-KEYWORD, umeng.co, REJECT
DOMAIN-SUFFIX, 127.net, REJECT
DOMAIN-SUFFIX, amazon-adsystem.com, REJECT
DOMAIN-SUFFIX, applovin.com, REJECT
DOMAIN-SUFFIX, beacon.qq.com, REJECT
DOMAIN-SUFFIX, doubleclick.net, REJECT
DOMAIN-SUFFIX, duomeng.cn, REJECT
DOMAIN-SUFFIX, mmstat.com, REJECT
DOMAIN-SUFFIX, mob.com, REJECT
DOMAIN-SUFFIX, sponsorpay.com, REJECT
DOMAIN-SUFFIX, youmi.net, REJECT
# Prevent stream services from displaying ads
DOMAIN, ad.api.3g.youku.com, REJECT
DOMAIN, agn.aty.sohu.com, REJECT
DOMAIN, ark.letv.com, REJECT
DOMAIN, asimgs.pplive.cn, REJECT
DOMAIN, atm.youku.com, REJECT
DOMAIN, lives.l.qq.com, REJECT
# Disable customized fonts
DOMAIN, fonts.googleapis.com, REJECT
# Awful ads served by China Telecom
DOMAIN-KEYWORD, 61.160.200, REJECT
# Prevent sniffer from a public WiFi
DOMAIN, init.icloud-analysis.com, REJECT
# Update certificates on iOS
USER-AGENT, com.apple.trustd/*, DIRECT
# Special rules for your intranet
DOMAIN, order.mi.com, Proxy
DOMAIN, pan.baidu.com, Proxy
DOMAIN-SUFFIX, 115.com, Proxy
# Block privacy tracker within apps
DOMAIN, ads.mopub.com, REJECT
DOMAIN, cpro.baidu.com, REJECT
DOMAIN, hm.baidu.com, REJECT
DOMAIN, hmma.baidu.com, REJECT
DOMAIN, monitor.uu.qq.com, REJECT
DOMAIN, graph.facebook.com, REJECT
DOMAIN, pagead2.googlesyndication.com, REJECT
DOMAIN, pgdt.gtimg.cn, REJECT
DOMAIN, pingma.qq.com, REJECT
DOMAIN, stat.m.jd.com, REJECT
DOMAIN-KEYWORD, analytics, REJECT
DOMAIN-KEYWORD, cnzz, REJECT
DOMAIN-KEYWORD, flurry.co, REJECT
DOMAIN-KEYWORD, umeng.co, REJECT
DOMAIN-SUFFIX, 127.net, REJECT
DOMAIN-SUFFIX, amazon-adsystem.com, REJECT
DOMAIN-SUFFIX, applovin.com, REJECT
DOMAIN-SUFFIX, beacon.qq.com, REJECT
DOMAIN-SUFFIX, doubleclick.net, REJECT
DOMAIN-SUFFIX, duomeng.cn, REJECT
DOMAIN-SUFFIX, mmstat.com, REJECT
DOMAIN-SUFFIX, mob.com, REJECT
DOMAIN-SUFFIX, sponsorpay.com, REJECT
DOMAIN-SUFFIX, youmi.net, REJECT
# Prevent stream services from displaying ads
DOMAIN, ad.api.3g.youku.com, REJECT
DOMAIN, agn.aty.sohu.com, REJECT
DOMAIN, ark.letv.com, REJECT
DOMAIN, asimgs.pplive.cn, REJECT
DOMAIN, atm.youku.com, REJECT
DOMAIN, lives.l.qq.com, REJECT
# Disable customized fonts
DOMAIN, fonts.googleapis.com, REJECT
# Awful ads served by China Telecom
DOMAIN, 61.160.200.252, REJECT
# Prevent sniffer from a public WiFi
DOMAIN, init.icloud-analysis.com, REJECT
# Direct rules
DOMAIN-SUFFIX, cn, DIRECT
DOMAIN-KEYWORD, zj, DIRECT
DOMAIN-KEYWORD, hz, DIRECT
DOMAIN-KEYWORD, ali, DIRECT
DOMAIN-KEYWORD, taobao, DIRECT
DOMAIN-KEYWORD, 360, DIRECT
DOMAIN-KEYWORD, baidu, DIRECT
DOMAIN-SUFFIX, 126.net, DIRECT
DOMAIN-SUFFIX, 163.com, DIRECT
DOMAIN-SUFFIX, gtimg.com, DIRECT
DOMAIN-SUFFIX, jd.com, DIRECT
DOMAIN-SUFFIX, netease.com, DIRECT
DOMAIN-SUFFIX, qq.com, DIRECT
# Wi-Fi Authentication
DOMAIN, captive.apple.com, DIRECT
# Some services are available locally
DOMAIN-SUFFIX, ls.apple.com, DIRECT
# Apple services
DOMAIN-SUFFIX, apple.com, Proxy
DOMAIN-SUFFIX, icloud.com, Proxy
DOMAIN-SUFFIX, mzstatic.com, Proxy
DOMAIN-KEYWORD, aka, Proxy
# Streaming services, comment out if you don't need
DOMAIN-KEYWORD, qiyi, DIRECT
DOMAIN-KEYWORD, sohu, DIRECT
# Mac apps
PROCESS-NAME, trustd, DIRECT
PROCESS-NAME, Speedtest, DIRECT
PROCESS-NAME, WeChat, DIRECT
PROCESS-NAME, Tweetbot, Proxy
PROCESS-NAME, Dropbox, Proxy
PROCESS-NAME, Telegram, Proxy
PROCESS-NAME, Thunder, DIRECT
PROCESS-NAME, Jietu, REJECT
# Force some domains which are fucked by GFW while resolving DNS
DOMAIN-KEYWORD, facebook, Proxy, force-remote-dns
DOMAIN-KEYWORD, gmail, Proxy, force-remote-dns
DOMAIN-KEYWORD, google, Proxy, force-remote-dns
DOMAIN-KEYWORD, youtube, Proxy, force-remote-dns
DOMAIN-SUFFIX, fbcdn.net, Proxy, force-remote-dns
DOMAIN-SUFFIX, twitter.com, Proxy, force-remote-dns
DOMAIN-SUFFIX, twimg.com, Proxy, force-remote-dns
DOMAIN-SUFFIX, github.com, Proxy, force-remote-dns
# Workaround for some apps
# Instagram
DOMAIN-KEYWORD, instagram, Proxy, force-remote-dns
# SeekingAlpha
DOMAIN-SUFFIX, seekingalpha.com, DIRECT
# Reserved networks, debugging rules should place above this line
IP-CIDR, 10.0.0.0/8, DIRECT
IP-CIDR, 100.64.0.0/10, DIRECT
IP-CIDR, 127.0.0.0/8, DIRECT
IP-CIDR, 172.0.0.0/8, DIRECT
IP-CIDR, 192.168.0.0/16, DIRECT
# Detect local network
GEOIP, CN, DIRECT
# Use proxy for all others
FINAL, Proxy
@jostyee

This comment has been minimized.

Show comment Hide comment
@jostyee

jostyee Oct 5, 2015

应该可以加条 腾讯分析 的规则 DOMAIN-SUFFIX,tajs.qq.com,REJECT

jostyee commented Oct 5, 2015

应该可以加条 腾讯分析 的规则 DOMAIN-SUFFIX,tajs.qq.com,REJECT

@janlay

This comment has been minimized.

Show comment Hide comment
@janlay

janlay Oct 5, 2015

这些规则主要针对 apps 的隐私收集,浏览器页面上的,交给 Content Blocking 插件搞定就好啦。

Owner

janlay commented Oct 5, 2015

这些规则主要针对 apps 的隐私收集,浏览器页面上的,交给 Content Blocking 插件搞定就好啦。

@xiaoyigg

This comment has been minimized.

Show comment Hide comment
@xiaoyigg

xiaoyigg Oct 13, 2015

你好,我想配合我的shadowsocks帐号密码使用该怎么修改配置文件了,我试了修改proxy那里不行。。

你好,我想配合我的shadowsocks帐号密码使用该怎么修改配置文件了,我试了修改proxy那里不行。。

@bviews

This comment has been minimized.

Show comment Hide comment
@bviews

bviews Oct 14, 2015

使用这个Rule时,微信的语音聊天似乎没有办法成功连接

bviews commented Oct 14, 2015

使用这个Rule时,微信的语音聊天似乎没有办法成功连接

@kuyapp

This comment has been minimized.

Show comment Hide comment
@kuyapp

kuyapp Oct 15, 2015

有了skip-proxy后边的LAN可以省掉了

kuyapp commented Oct 15, 2015

有了skip-proxy后边的LAN可以省掉了

@crystoneme

This comment has been minimized.

Show comment Hide comment
@crystoneme

crystoneme Oct 23, 2015

现在的问题是等surge正式上架

现在的问题是等surge正式上架

@janlay

This comment has been minimized.

Show comment Hide comment
@janlay

janlay Oct 26, 2015

@kuyapp: 不能省,skip-proxy 只能处理用 IP 访问的情况,后边的还可以处理域名指向 LAN 地址的 case.

Owner

janlay commented Oct 26, 2015

@kuyapp: 不能省,skip-proxy 只能处理用 IP 访问的情况,后边的还可以处理域名指向 LAN 地址的 case.

@Caixiaopig

This comment has been minimized.

Show comment Hide comment
@Caixiaopig

Caixiaopig Oct 26, 2015

这个配置,对下载app store的速度有提升吗?

这个配置,对下载app store的速度有提升吗?

@Caixiaopig

This comment has been minimized.

Show comment Hide comment
@Caixiaopig

Caixiaopig Nov 3, 2015

作者建议的bypass-tun是这样的:
bypass-tun = 0.0.0.0/8, 1.0.0.0/9, 1.160.0.0/11, 1.192.0.0/11, 10.0.0.0/8, 14.0.0.0/11, 14.96.0.0/11, 14.128.0.0/11, 14.192.0.0/11, 27.0.0.0/10, 27.96.0.0/11, 27.128.0.0/9, 36.0.0.0/10, 36.96.0.0/11, 36.128.0.0/9, 39.0.0.0/11, 39.64.0.0/10, 39.128.0.0/10, 42.0.0.0/8, 43.224.0.0/11, 45.64.0.0/10, 47.64.0.0/10, 49.0.0.0/9, 49.128.0.0/11, 49.192.0.0/10, 54.192.0.0/11, 58.0.0.0/9, 58.128.0.0/11, 58.192.0.0/10, 59.32.0.0/11, 59.64.0.0/10, 59.128.0.0/9, 60.0.0.0/10, 60.160.0.0/11, 60.192.0.0/10, 61.0.0.0/10, 61.64.0.0/11, 61.128.0.0/10, 61.224.0.0/11, 100.64.0.0/10, 101.0.0.0/9, 101.128.0.0/11, 101.192.0.0/10, 103.0.0.0/10, 103.192.0.0/10, 106.0.0.0/9, 106.224.0.0/11, 110.0.0.0/7, 112.0.0.0/9, 112.128.0.0/11, 112.192.0.0/10, 113.0.0.0/9, 113.128.0.0/11, 113.192.0.0/10, 114.0.0.0/9, 114.128.0.0/11, 114.192.0.0/10, 115.0.0.0/8, 116.0.0.0/8, 117.0.0.0/9, 117.128.0.0/10, 118.0.0.0/11, 118.64.0.0/10, 118.128.0.0/9, 119.0.0.0/9, 119.128.0.0/10, 119.224.0.0/11, 120.0.0.0/10, 120.64.0.0/11, 120.128.0.0/11, 120.192.0.0/10, 121.0.0.0/9, 121.192.0.0/10, 122.0.0.0/7, 124.0.0.0/8, 125.0.0.0/9, 125.160.0.0/11, 125.192.0.0/10, 127.0.0.0/8, 139.0.0.0/11, 139.128.0.0/9, 140.64.0.0/11, 140.128.0.0/11, 140.192.0.0/10, 144.0.0.0/10, 144.96.0.0/11, 144.224.0.0/11, 150.0.0.0/11, 150.96.0.0/11, 150.128.0.0/11, 150.192.0.0/10, 152.96.0.0/11, 153.0.0.0/10, 153.96.0.0/11, 157.0.0.0/10, 157.96.0.0/11, 157.128.0.0/11, 157.224.0.0/11, 159.224.0.0/11, 161.192.0.0/11, 162.96.0.0/11, 163.0.0.0/10, 163.96.0.0/11, 163.128.0.0/10, 163.192.0.0/11, 166.96.0.0/11, 167.128.0.0/10, 167.192.0.0/11, 168.160.0.0/11, 169.254.0.0/16, 171.0.0.0/9, 171.192.0.0/11, 172.16.0.0/12, 175.0.0.0/9, 175.128.0.0/10, 180.64.0.0/10, 180.128.0.0/9, 182.0.0.0/8, 183.0.0.0/10, 183.64.0.0/11, 183.128.0.0/9, 192.0.0.0/24, 192.0.2.0/24, 192.88.99.0/24, 192.96.0.0/11, 192.160.0.0/11, 198.18.0.0/15, 198.51.100.0/24, 202.0.0.0/9, 202.128.0.0/10, 202.192.0.0/11, 203.0.0.0/9, 203.128.0.0/10, 203.192.0.0/11, 210.0.0.0/10, 210.64.0.0/11, 210.160.0.0/11, 210.192.0.0/11, 211.64.0.0/10, 211.128.0.0/10, 218.0.0.0/9, 218.160.0.0/11, 218.192.0.0/10, 219.64.0.0/11, 219.128.0.0/11, 219.192.0.0/10, 220.96.0.0/11, 220.128.0.0/9, 221.0.0.0/11, 221.96.0.0/11, 221.128.0.0/9, 222.0.0.0/8, 223.0.0.0/11, 223.64.0.0/10, 223.128.0.0/9

作者建议的bypass-tun是这样的:
bypass-tun = 0.0.0.0/8, 1.0.0.0/9, 1.160.0.0/11, 1.192.0.0/11, 10.0.0.0/8, 14.0.0.0/11, 14.96.0.0/11, 14.128.0.0/11, 14.192.0.0/11, 27.0.0.0/10, 27.96.0.0/11, 27.128.0.0/9, 36.0.0.0/10, 36.96.0.0/11, 36.128.0.0/9, 39.0.0.0/11, 39.64.0.0/10, 39.128.0.0/10, 42.0.0.0/8, 43.224.0.0/11, 45.64.0.0/10, 47.64.0.0/10, 49.0.0.0/9, 49.128.0.0/11, 49.192.0.0/10, 54.192.0.0/11, 58.0.0.0/9, 58.128.0.0/11, 58.192.0.0/10, 59.32.0.0/11, 59.64.0.0/10, 59.128.0.0/9, 60.0.0.0/10, 60.160.0.0/11, 60.192.0.0/10, 61.0.0.0/10, 61.64.0.0/11, 61.128.0.0/10, 61.224.0.0/11, 100.64.0.0/10, 101.0.0.0/9, 101.128.0.0/11, 101.192.0.0/10, 103.0.0.0/10, 103.192.0.0/10, 106.0.0.0/9, 106.224.0.0/11, 110.0.0.0/7, 112.0.0.0/9, 112.128.0.0/11, 112.192.0.0/10, 113.0.0.0/9, 113.128.0.0/11, 113.192.0.0/10, 114.0.0.0/9, 114.128.0.0/11, 114.192.0.0/10, 115.0.0.0/8, 116.0.0.0/8, 117.0.0.0/9, 117.128.0.0/10, 118.0.0.0/11, 118.64.0.0/10, 118.128.0.0/9, 119.0.0.0/9, 119.128.0.0/10, 119.224.0.0/11, 120.0.0.0/10, 120.64.0.0/11, 120.128.0.0/11, 120.192.0.0/10, 121.0.0.0/9, 121.192.0.0/10, 122.0.0.0/7, 124.0.0.0/8, 125.0.0.0/9, 125.160.0.0/11, 125.192.0.0/10, 127.0.0.0/8, 139.0.0.0/11, 139.128.0.0/9, 140.64.0.0/11, 140.128.0.0/11, 140.192.0.0/10, 144.0.0.0/10, 144.96.0.0/11, 144.224.0.0/11, 150.0.0.0/11, 150.96.0.0/11, 150.128.0.0/11, 150.192.0.0/10, 152.96.0.0/11, 153.0.0.0/10, 153.96.0.0/11, 157.0.0.0/10, 157.96.0.0/11, 157.128.0.0/11, 157.224.0.0/11, 159.224.0.0/11, 161.192.0.0/11, 162.96.0.0/11, 163.0.0.0/10, 163.96.0.0/11, 163.128.0.0/10, 163.192.0.0/11, 166.96.0.0/11, 167.128.0.0/10, 167.192.0.0/11, 168.160.0.0/11, 169.254.0.0/16, 171.0.0.0/9, 171.192.0.0/11, 172.16.0.0/12, 175.0.0.0/9, 175.128.0.0/10, 180.64.0.0/10, 180.128.0.0/9, 182.0.0.0/8, 183.0.0.0/10, 183.64.0.0/11, 183.128.0.0/9, 192.0.0.0/24, 192.0.2.0/24, 192.88.99.0/24, 192.96.0.0/11, 192.160.0.0/11, 198.18.0.0/15, 198.51.100.0/24, 202.0.0.0/9, 202.128.0.0/10, 202.192.0.0/11, 203.0.0.0/9, 203.128.0.0/10, 203.192.0.0/11, 210.0.0.0/10, 210.64.0.0/11, 210.160.0.0/11, 210.192.0.0/11, 211.64.0.0/10, 211.128.0.0/10, 218.0.0.0/9, 218.160.0.0/11, 218.192.0.0/10, 219.64.0.0/11, 219.128.0.0/11, 219.192.0.0/10, 220.96.0.0/11, 220.128.0.0/9, 221.0.0.0/11, 221.96.0.0/11, 221.128.0.0/9, 222.0.0.0/8, 223.0.0.0/11, 223.64.0.0/10, 223.128.0.0/9

@janlay

This comment has been minimized.

Show comment Hide comment
@janlay

janlay Nov 8, 2015

这个略难看… 待我找到微信的网段再单独加进去

Owner

janlay commented Nov 8, 2015

这个略难看… 待我找到微信的网段再单独加进去

@imagelife

This comment has been minimized.

Show comment Hide comment
@imagelife

imagelife Nov 11, 2015

IP-CIDR,183.128.0.0/10,REJECT,no-resolve
这个规则不能加,加了之后微信群里面的图片打不开。

IP-CIDR,183.128.0.0/10,REJECT,no-resolve
这个规则不能加,加了之后微信群里面的图片打不开。

@vvtommy

This comment has been minimized.

Show comment Hide comment
@vvtommy

vvtommy Nov 23, 2015

star 一个先。

vvtommy commented Nov 23, 2015

star 一个先。

@fearfulcacti

This comment has been minimized.

Show comment Hide comment
@fearfulcacti

fearfulcacti Nov 24, 2015

赞一个

赞一个

@everard1993

This comment has been minimized.

Show comment Hide comment
@everard1993

everard1993 Mar 5, 2016

赞一个

赞一个

@rollcn

This comment has been minimized.

Show comment Hide comment
@rollcn

rollcn Apr 11, 2016

多谢作者。想问下,keyword规则可以单独使用吗?

rollcn commented Apr 11, 2016

多谢作者。想问下,keyword规则可以单独使用吗?

@janlay

This comment has been minimized.

Show comment Hide comment
@janlay

janlay Apr 19, 2016

@rollcn 可以按需提取规则。

Owner

janlay commented Apr 19, 2016

@rollcn 可以按需提取规则。

@kevin-isky

This comment has been minimized.

Show comment Hide comment
@kevin-isky

kevin-isky Apr 23, 2016

想问下作者,配置的ss在移动4g网络下测试连接时总是unavailable,wifi下都正常,是不是针对蜂窝网络需要有什么特别的配置(配置文件用的是这个https://gist.github.com/scomper/b0c6129840272c136a82 …)

想问下作者,配置的ss在移动4g网络下测试连接时总是unavailable,wifi下都正常,是不是针对蜂窝网络需要有什么特别的配置(配置文件用的是这个https://gist.github.com/scomper/b0c6129840272c136a82 …)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment