由 Sukka 搜集、整理、维护的、个人自用的、适用于 Surge、Mihomo、Clash Premium (Dreamacro)、sing-box、Surfboard for Android 和 Stash 的 Ruleset Snippet。
本项目除 List/ip/china_ip.conf 文件使用 CC BY-SA 2.0 协议分享以外,均使用 AGPL-3.0 协议开源,不提供任何担保,即:本项目的作者和所有贡献者不会提供任何技术支持,也不会对你的任何损失负责,包括但不限于:你的软件无法启动和正常工作、Kernel Panic、设备无法开机或正常使用、硬盘损坏或数据丢失、原子弹爆炸、第三次世界大战、SCP 基金会 无法阻止的全球 CK 级现实重构等。
如果你正在使用商业性质的公共代理服务,请务必先仔细阅读相关服务商的 服务条款与条件(ToS)。部分公共代理服务商的服务条款与条件规定,如果用户使用任何第三方规则文件将会被视为自动放弃 SLA 和技术支持服务。
如果你从 Sukka 提供的 Ruleset Server(https://ruleset.skk.moe)获取本项目中的规则组文件,则意味着你已知晓并同意 隐私政策 中的所有条款。如果你不同意,请通过 GitHub 获取本项目中的源码、自行构建规则组文件。
ruleset.skk.moe 是由 Sukka 提供的 Ruleset Server,由 Cloudflare 驱动。但是由于众所周知的原因、Cloudflare 的节点在中国大陆的访问速度和稳定性都不理想。目前,Sukka Ruleset 提供了以下官方镜像:
ruleset-mirror.skk.moe:由 Sukka 维护。为了改善访问速度和稳定性,欢迎大家搭建镜像、从以下 Git 仓库同步更新:
/List/domainset/:DOMAIN-SET,不会触发 DNS 解析的、仅包含域名的规则组/List/non_ip/:RULE-SET,不会触发 DNS 解析的规则组/List/ip/:RULE-SET,会触发 DNS 解析的规则组/Clash/domainset/:domain & text,不会触发 DNS 解析的、仅域名的规则组截至 2025 年 5 月 3 日 UTC+0,Mihomo 仅针对 behavior 为 domain 和 ipcidr 的规则组进行了优化/Clash/non_ip/:classical & text,不会触发 DNS 解析的规则组/Clash/ip/:classical & text 或 ipcidr & text,会触发 DNS 解析的规则组/LegacyClashPremium/domainset/ 的 DOMAIN SET 的格式,请使用 Mihomo 的 DOMAIN SET 规则组(/Clash/domainset/),behavior 和 format 一致。/LegacyClashPremium/non_ip/:classical & text,不会触发 DNS 解析的规则组/LegacyClashPremium/ip/:classical & text 或 ipcidr & text,会触发 DNS 解析的规则组/sing-box/domainset/:不会触发 DNS 解析的、仅包含域名的规则/sing-box/non_ip/:不会触发 DNS 解析的规则/sing-box/ip/:会触发 DNS 解析的规则/Surfboard/domainset/ 的 DOMAIN-SET,请使用 Surge 的 DOMAIN SET 规则组(/List/domainset/)。/Surfboard/non_ip/:RULE-SET,不会触发 DNS 解析的规则/Surfboard/ip/:RULE-SET,会触发 DNS 解析的规则请务必按照 domainset、non_ip、ip,和 README 中的顺序 将规则组添加到你的配置文件中,请 务必确保 所有 domainset 或 non_ip 规则组、以及你自己额外添加的 DOMAIN、DOMAIN-SUFFIX、DOMAIN-KEYWORD 规则,必须放置在所有的 ip 规则组、你自己添加的 IP-CIDR、IP-CIDR6、IP-ASN 和 GEOIP 规则之前,没有任何例外。
假如 你将任何一个 ip 规则组、或你自己的 IP-CIDR、IP-CIDR6、IP-ASN 和 GEOIP 规则放置在任何一个 domainset 或 non_ip 规则组、你自己额外添加的 DOMAIN、DOMAIN-SUFFIX、DOMAIN-KEYWORD 规则之前,那么你会立刻失去 Surge、Clash、Mihomo、Surfboard、以及本项目 为你提供的 DNS 污染保护,你将会彻底暴露在 GFW 的 DNS 污染之下。
Surge、Clash、Mihomo、Surfboard 会按照规则在配置中的顺序、从上到下逐一匹配,当且仅当进行 IP 类规则的匹配、FINAL、或 direct 策略时,才会进行 DNS 解析。按照上述顺序添加规则组,可以尽可能避免你的设备对需要被代理的域名发起 DNS 解析、从而提供一定程度的所谓「DNS 污染」的保护。
build-reject-domainset.tsSurge
# Non IP
RULE-SET,https://ruleset.skk.moe/List/non_ip/reject-drop.conf,REJECT-DROP,pre-matching
# 基础的 12 万拦截域名
DOMAIN-SET,https://ruleset.skk.moe/List/domainset/reject.conf,REJECT,extended-matching
# 额外 9 万拦截域名,作为基础的补充,启用时需要搭配基础一起使用
DOMAIN-SET,https://ruleset.skk.moe/List/domainset/reject_extra.conf,REJECT
# 钓鱼网站拦截域名列表,共 13 万拦截域名
# 在 Surge 5 for Mac(或更新版本),即使同时启用基础和额外的拦截域名也不会导致匹配性能下降或内存占用过高
# DOMAIN-SET,https://ruleset.skk.moe/List/domainset/reject_phishing.conf,REJECT
RULE-SET,https://ruleset.skk.moe/List/non_ip/reject.conf,REJECT,extended-matching
RULE-SET,https://ruleset.skk.moe/List/non_ip/reject-no-drop.conf,REJECT-NO-DROP,extended-matching
# URL-REGEX
# 需搭配 Surge 模块 https://ruleset.skk.moe/Modules/sukka_mitm_hostnames.sgmodule 使用
# MITM 和 URL-REGEX 性能开销极大,不推荐使用
# RULE-SET,https://ruleset.skk.moe/List/non_ip/reject-url-regex.conf,REJECT
# IP
RULE-SET,https://ruleset.skk.moe/List/ip/reject.conf,REJECT-DROP
Mihomo
rule-providers:
reject_non_ip_no_drop:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/reject-no-drop.txt
path: ./sukkaw_ruleset/reject_non_ip_no_drop.txt
reject_non_ip_drop:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/reject-drop.txt
path: ./sukkaw_ruleset/reject_non_ip_drop.txt
reject_non_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/reject.txt
path: ./sukkaw_ruleset/reject_non_ip.txt
reject_domainset:
type: http
behavior: domain
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/domainset/reject.txt
path: ./sukkaw_ruleset/reject_domainset.txt
# 在 Clash 上,同时启用基础和额外的拦截域名会导致内存占用过高和匹配用时增加等性能问题
reject_extra_domainset:
type: http
behavior: domain
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/domainset/reject_extra.txt
path: ./sukkaw_ruleset/reject_domainset_extra.txt
reject_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/ip/reject.txt
path: ./sukkaw_ruleset/reject_ip.txt
# Non IP
rules:
- RULE-SET,reject_non_ip_drop,REJECT-DROP
- RULE-SET,reject_domainset,REJECT
- RULE-SET,reject_extra_domainset,REJECT
- RULE-SET,reject_non_ip,REJECT
- RULE-SET,reject_non_ip_no_drop,REJECT
# IP
rules:
- RULE-SET,reject_ip,REJECT
get.sogou.com/q 等域名回传Surge
RULE-SET,https://ruleset.skk.moe/List/non_ip/sogouinput.conf,REJECT
Mihomo
rule-providers:
sogouinput:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/sogouinput.txt
path: ./sukkaw_ruleset/sogouinput.txt
rules:
- RULE-SET,sogouinput,REJECT
speedtest.net 测速点通过 Speedtest API 获取数十个常见地区的测速服务器域名netQuality 等其它测速工具的测速服务器域名fast.com 测速点和 Netflix CDN 共享基础设施和域名、影响流媒体分流,故不包含在此规则组中Surge
DOMAIN-SET,https://ruleset.skk.moe/List/domainset/speedtest.conf,[Replace with your policy],extended-matching
Mihomo
rule-providers:
speedtest:
type: http
behavior: domain
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/domainset/speedtest.txt
path: ./sukkaw_ruleset/speedtest.txt
rules:
- RULE-SET,speedtest,[Replace with your policy]
global.conf 的域名,因此即使你用不到商业性质的公共代理服务提供的低倍率节点也不需要分流,也依然建议使用这部分规则,此时分配与 global.conf 相同的策略即可Surge
DOMAIN-SET,https://ruleset.skk.moe/List/domainset/cdn.conf,[Replace with your policy]
RULE-SET,https://ruleset.skk.moe/List/non_ip/cdn.conf,[Replace with your policy]
Mihomo
rule-providers:
cdn_domainset:
type: http
behavior: domain
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/domainset/cdn.txt
path: ./sukkaw_ruleset/cdn_domainset.txt
cdn_non_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/cdn.txt
path: ./sukkaw_ruleset/cdn_non_ip.txt
rules:
- RULE-SET,cdn_domainset,[Replace with your policy]
- RULE-SET,cdn_non_ip,[Replace with your policy]
Surge
# Non IP
# 北美相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_us.conf,[Replace with your policy]
# 欧洲相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_eu.conf,[Replace with your policy]
# 日本相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_jp.conf,[Replace with your policy]
# 韩国相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_kr.conf,[Replace with your policy]
# 香港相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_hk.conf,[Replace with your policy]
# 台湾相关流媒体
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream_tw.conf,[Replace with your policy]
# 所有流媒体(包括上述所有流媒体)
RULE-SET,https://ruleset.skk.moe/List/non_ip/stream.conf,[Replace with your policy]
# IP
# 北美相关流媒体
RULE-SET,https://ruleset.skk.moe/List/ip/stream_us.conf,[Replace with your policy]
# 欧洲相关流媒体
RULE-SET,https://ruleset.skk.moe/List/ip/stream_eu.conf,[Replace with your policy]
# 日本相关流媒体
RULE-SET,https://ruleset.skk.moe/List/ip/stream_jp.conf,[Replace with your policy]
# 韩国相关流媒体
RULE-SET,https://ruleset.skk.moe/List/ip/stream_kr.conf,[Replace with your policy]
# 香港相关流媒体
RULE-SET,https://ruleset.skk.moe/List/ip/stream_hk.conf,[Replace with your policy]
# 台湾相关流媒体
RULE-SET,https://ruleset.skk.moe/List/ip/stream_tw.conf,[Replace with your policy]
# 所有流媒体(包括上述所有流媒体)
RULE-SET,https://ruleset.skk.moe/List/ip/stream.conf,[Replace with your policy]
Mihomo
rule-providers:
# 北美相关流媒体
stream_us_non_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/stream_us.txt
path: ./sukkaw_ruleset/stream_us_non_ip.txt
stream_us_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/ip/stream_us.txt
path: ./sukkaw_ruleset/stream_us_ip.txt
# 欧洲相关流媒体
stream_eu_non_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/stream_eu.txt
path: ./sukkaw_ruleset/stream_eu_non_ip.txt
stream_eu_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/ip/stream_eu.txt
path: ./sukkaw_ruleset/stream_eu_ip.txt
# 日本相关流媒体
stream_jp_non_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/stream_jp.txt
path: ./sukkaw_ruleset/stream_jp_non_ip.txt
stream_jp_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/ip/stream_jp.txt
path: ./sukkaw_ruleset/stream_jp_ip.txt
# 韩国相关流媒体
stream_kr_non_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/stream_kr.txt
path: ./sukkaw_ruleset/stream_kr_non_ip.txt
stream_kr_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/ip/stream_kr.txt
path: ./sukkaw_ruleset/stream_kr_ip.txt
# 香港相关流媒体
stream_hk_non_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/stream_hk.txt
path: ./sukkaw_ruleset/stream_hk_non_ip.txt
stream_hk_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/ip/stream_hk.txt
path: ./sukkaw_ruleset/stream_hk_ip.txt
# 台湾相关流媒体
stream_tw_non_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/stream_tw.txt
path: ./sukkaw_ruleset/stream_tw_non_ip.txt
stream_tw_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/ip/stream_tw.txt
path: ./sukkaw_ruleset/stream_tw_ip.txt
# 所有流媒体(包括上述所有流媒体)
stream_non_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/non_ip/stream.txt
path: ./sukkaw_ruleset/stream_non_ip.txt
stream_ip:
type: http
behavior: classical
format: text
interval: 43200
url: https://ruleset.skk.moe/Clash/ip/stream.txt
path: ./sukkaw_ruleset/stream_ip.txt
# Non IP
rules:
- RULE-SET,stream_us_non_ip,[Replace with your policy]
- RULE-SET,stream_eu_non_ip,[Replace with your policy]
- RULE-SET,stream_jp_non_ip,[Replace with your policy]
- RULE-SET,stream_kr_non_ip,[Replace with your policy]
- RULE-SET,stream_hk_non_ip,[Replace with your policy]
- RULE-SET,stream_tw_non_ip,[Replace with your policy]
- RULE-SET,stream_non_ip,[Replace with your policy]
# IP
rules:
- RULE-SET,stream_us_ip,[Replace with your policy]
- RULE-SET,stream_eu_ip,[Replace with your policy]
- RULE-SET,stream_jp_ip,[Replace with your policy]
- RULE-SET,stream_kr_ip,[Replace with your policy]
- RULE-SET,stream_hk_ip,[Replace with your policy]
- RULE-SET,stream_tw_ip,[Replace with your policy]
- RULE-SET,stream_ip,[Replace with your policy]
Surge
RULE-SET,https://ruleset.skk.moe/List/non_ip/ai.conf,[Replace with your policy]
RULE-SET,https://ruleset.skk.moe/List/non_ip/apple_intelligence.conf,[Replace with your policy],extended-matching
Mihomo
```yaml rule-providers: ai_non_ip: type: http behavior: classical format: text interval: 43200 url: https://ruleset.skk.moe/Clash/non_ip/ai.txt path: ./suk
$ claude mcp add Surge \
-- python -m otcore.mcp_server <graph>