|
# Mac apps |
|
PROCESS-NAME, Dropbox, Proxy |
|
PROCESS-NAME, Telegram, Proxy |
|
PROCESS-NAME, Tweetbot, Proxy |
|
PROCESS-NAME, trustd, DIRECT |
|
PROCESS-NAME, WeChat, DIRECT |
|
PROCESS-NAME, Thunder, DIRECT |
|
PROCESS-NAME, Transmission, DIRECT |
|
PROCESS-NAME, Microsoft AU Daemon, DIRECT |
|
PROCESS-NAME, Microsoft AutoUpdate, DIRECT |
|
PROCESS-NAME, Jietu, REJECT |
|
|
|
# Direct rules |
|
DOMAIN-SUFFIX, cn, DIRECT |
|
DOMAIN-KEYWORD, zj, DIRECT |
|
DOMAIN-KEYWORD, hz, DIRECT |
|
DOMAIN-KEYWORD, taobao, DIRECT |
|
DOMAIN-KEYWORD, alipay, DIRECT |
|
DOMAIN-KEYWORD, alibaba, DIRECT |
|
DOMAIN-KEYWORD, 360, DIRECT |
|
DOMAIN-KEYWORD, baidu, DIRECT |
|
DOMAIN-SUFFIX, 126.net, DIRECT |
|
DOMAIN-SUFFIX, 163.com, DIRECT |
|
DOMAIN-SUFFIX, gtimg.com, DIRECT |
|
DOMAIN-SUFFIX, jd.com, DIRECT |
|
DOMAIN-SUFFIX, netease.com, DIRECT |
|
DOMAIN-SUFFIX, qq.com, DIRECT |
|
DOMAIN-SUFFIX, ourbits.club, DIRECT |
|
DOMAIN-SUFFIX, iptorrents.com, DIRECT |
|
|
|
# Wi-Fi Authentication |
|
DOMAIN, captive.apple.com, DIRECT |
|
|
|
# Update certificates on iOS |
|
USER-AGENT, com.apple.trustd/*, DIRECT |
|
|
|
# Some services are available locally |
|
DOMAIN-SUFFIX, ls.apple.com, DIRECT |
|
USER-AGENT, FindMyFriends*, DIRECT |
|
USER-AGENT, FindMyiPhone*, DIRECT |
|
|
|
# Apple services |
|
DOMAIN-SUFFIX, apple.com, Proxy |
|
DOMAIN-SUFFIX, icloud.com, Proxy |
|
DOMAIN-SUFFIX, mzstatic.com, Proxy |
|
DOMAIN-KEYWORD, aka, Proxy |
|
|
|
# Streaming services, comment out if you don't need |
|
DOMAIN-KEYWORD, qiyi, DIRECT |
|
DOMAIN-KEYWORD, sohu, DIRECT |
|
|
|
# Force some domains which are fucked by GFW while resolving DNS |
|
DOMAIN-KEYWORD, facebook, Proxy, force-remote-dns |
|
DOMAIN-KEYWORD, gmail, Proxy, force-remote-dns |
|
DOMAIN-KEYWORD, google, Proxy, force-remote-dns |
|
DOMAIN-KEYWORD, youtube, Proxy, force-remote-dns |
|
DOMAIN-KEYWORD, instagram, Proxy, force-remote-dns |
|
DOMAIN-KEYWORD, telegra, Proxy, force-remote-dns |
|
DOMAIN-SUFFIX, fbcdn.net, Proxy, force-remote-dns |
|
DOMAIN-SUFFIX, f8.com, Proxy, force-remote-dns |
|
DOMAIN-SUFFIX, twitter.com, Proxy, force-remote-dns |
|
DOMAIN-SUFFIX, twimg.com, Proxy, force-remote-dns |
|
DOMAIN-SUFFIX, github.com, Proxy, force-remote-dns |
|
DOMAIN-SUFFIX, gstatic.com, Proxy, force-remote-dns |
|
|
|
# iStat Menu IP Test |
|
DOMAIN, ip.bjango.com, DIRECT |
|
|
|
# Reserved networks, debugging rules should place above this line |
|
IP-CIDR, 10.0.0.0/8, DIRECT |
|
IP-CIDR, 100.64.0.0/10, DIRECT |
|
IP-CIDR, 127.0.0.0/8, DIRECT |
|
IP-CIDR, 172.0.0.0/8, DIRECT |
|
IP-CIDR, 192.168.0.0/16, DIRECT |
|
|
|
# Detect local network |
|
GEOIP, CN, DIRECT |
|
# Use proxy for all others |
|
FINAL, Proxy |
作者建议的bypass-tun是这样的:
bypass-tun = 0.0.0.0/8, 1.0.0.0/9, 1.160.0.0/11, 1.192.0.0/11, 10.0.0.0/8, 14.0.0.0/11, 14.96.0.0/11, 14.128.0.0/11, 14.192.0.0/11, 27.0.0.0/10, 27.96.0.0/11, 27.128.0.0/9, 36.0.0.0/10, 36.96.0.0/11, 36.128.0.0/9, 39.0.0.0/11, 39.64.0.0/10, 39.128.0.0/10, 42.0.0.0/8, 43.224.0.0/11, 45.64.0.0/10, 47.64.0.0/10, 49.0.0.0/9, 49.128.0.0/11, 49.192.0.0/10, 54.192.0.0/11, 58.0.0.0/9, 58.128.0.0/11, 58.192.0.0/10, 59.32.0.0/11, 59.64.0.0/10, 59.128.0.0/9, 60.0.0.0/10, 60.160.0.0/11, 60.192.0.0/10, 61.0.0.0/10, 61.64.0.0/11, 61.128.0.0/10, 61.224.0.0/11, 100.64.0.0/10, 101.0.0.0/9, 101.128.0.0/11, 101.192.0.0/10, 103.0.0.0/10, 103.192.0.0/10, 106.0.0.0/9, 106.224.0.0/11, 110.0.0.0/7, 112.0.0.0/9, 112.128.0.0/11, 112.192.0.0/10, 113.0.0.0/9, 113.128.0.0/11, 113.192.0.0/10, 114.0.0.0/9, 114.128.0.0/11, 114.192.0.0/10, 115.0.0.0/8, 116.0.0.0/8, 117.0.0.0/9, 117.128.0.0/10, 118.0.0.0/11, 118.64.0.0/10, 118.128.0.0/9, 119.0.0.0/9, 119.128.0.0/10, 119.224.0.0/11, 120.0.0.0/10, 120.64.0.0/11, 120.128.0.0/11, 120.192.0.0/10, 121.0.0.0/9, 121.192.0.0/10, 122.0.0.0/7, 124.0.0.0/8, 125.0.0.0/9, 125.160.0.0/11, 125.192.0.0/10, 127.0.0.0/8, 139.0.0.0/11, 139.128.0.0/9, 140.64.0.0/11, 140.128.0.0/11, 140.192.0.0/10, 144.0.0.0/10, 144.96.0.0/11, 144.224.0.0/11, 150.0.0.0/11, 150.96.0.0/11, 150.128.0.0/11, 150.192.0.0/10, 152.96.0.0/11, 153.0.0.0/10, 153.96.0.0/11, 157.0.0.0/10, 157.96.0.0/11, 157.128.0.0/11, 157.224.0.0/11, 159.224.0.0/11, 161.192.0.0/11, 162.96.0.0/11, 163.0.0.0/10, 163.96.0.0/11, 163.128.0.0/10, 163.192.0.0/11, 166.96.0.0/11, 167.128.0.0/10, 167.192.0.0/11, 168.160.0.0/11, 169.254.0.0/16, 171.0.0.0/9, 171.192.0.0/11, 172.16.0.0/12, 175.0.0.0/9, 175.128.0.0/10, 180.64.0.0/10, 180.128.0.0/9, 182.0.0.0/8, 183.0.0.0/10, 183.64.0.0/11, 183.128.0.0/9, 192.0.0.0/24, 192.0.2.0/24, 192.88.99.0/24, 192.96.0.0/11, 192.160.0.0/11, 198.18.0.0/15, 198.51.100.0/24, 202.0.0.0/9, 202.128.0.0/10, 202.192.0.0/11, 203.0.0.0/9, 203.128.0.0/10, 203.192.0.0/11, 210.0.0.0/10, 210.64.0.0/11, 210.160.0.0/11, 210.192.0.0/11, 211.64.0.0/10, 211.128.0.0/10, 218.0.0.0/9, 218.160.0.0/11, 218.192.0.0/10, 219.64.0.0/11, 219.128.0.0/11, 219.192.0.0/10, 220.96.0.0/11, 220.128.0.0/9, 221.0.0.0/11, 221.96.0.0/11, 221.128.0.0/9, 222.0.0.0/8, 223.0.0.0/11, 223.64.0.0/10, 223.128.0.0/9