rules.conf

# This config file was created for myself (@a1ickgu0).
# You may want to add or remove some rules to make efficient use of the Internet.

# This file depends on the main.conf which defines your own proxy.
# Your main.conf will look like this:
# ---- START ----
# #!PROXY-OVERRIDE:rules.conf
# [Proxy]
# Proxy = https, server.address, port, username, password
# ---- END ----
#
# Make sure the PROXY-OVERRIDE line included in the main.conf

[General]
loglevel = warning
skip-proxy = 192.168.0.0/16, 10.0.0.0/8, 172.0.0.0/8, localhost, *.local, e.crashlytics.com
bypass-tun = 192.168.0.0/16, 10.0.0.0/8, 172.0.0.0/8
# Google/Tencent/Ali DNS Server
dns-server = 8.8.8.8, 119.29.29.29, 223.5.5.5

# stub proxy to stop surge complaining, leave this.
[Proxy]
#Proxy = https, 1.2.3.4, 1234
Proxy = custom, 1.2.3.4, 443, aes-256-cfb, password, https://github.com/a1ickgu0/surge-ss-conf/raw/master/SSEncrypt.module

[Rule]
# Accelerate most visited sites, part 1
DOMAIN-KEYWORD, ali, DIRECT
DOMAIN-KEYWORD, taobao, DIRECT
DOMAIN, weixin.qq.com, DIRECT
DOMAIN-KEYWORD, weibo, DIRECT
DOMAIN-KEYWORD, didi, DIRECT

# Block privacy tracker within apps
DOMAIN, monitor.uu.qq.com, REJECT
DOMAIN, pagead2.googlesyndication.com, REJECT
DOMAIN, cpro.baidu.com, REJECT
DOMAIN, pingma.qq.com, REJECT
DOMAIN, stat.m.jd.com, REJECT
DOMAIN, ads.mopub.com, REJECT

# Prevent stream services from displaying ads
DOMAIN, ad.api.3g.youku.com, REJECT
DOMAIN, atm.youku.com, REJECT
DOMAIN, lives.l.qq.com, REJECT
DOMAIN, ark.letv.com, REJECT
DOMAIN, asimgs.pplive.cn, REJECT

# Disable customized fonts
DOMAIN, fonts.googleapis.com, REJECT

# Prevent sniffer from a public WiFi
DOMAIN, init.icloud-analysis.com, REJECT

# Other privacy trackers
DOMAIN-KEYWORD, umeng.co, REJECT
DOMAIN-KEYWORD, flurry.co, REJECT
DOMAIN-KEYWORD, cnzz, REJECT
DOMAIN-SUFFIX, mmstat.com, REJECT
DOMAIN-SUFFIX, doubleclick.net, REJECT
DOMAIN-SUFFIX, youmi.net, REJECT
DOMAIN-SUFFIX, beacon.qq.com, REJECT
DOMAIN-SUFFIX, mob.com, REJECT
DOMAIN-SUFFIX, 127.net, REJECT
DOMAIN-SUFFIX, sinajs.cn, REJECT

# Accelerate most visited sites, part 2
DOMAIN, ele.me, DIRECT
DOMAIN, elemecdn.com, DIRECT
DOMAIN, baby.360.cn, DIRECT
DOMAIN, jianshuapi.com, DIRECT
DOMAIN-KEYWORD, live.com, DIRECT
DOMAIN-KEYWORD, ele.me, DIRECT

DOMAIN-SUFFIX, cn, DIRECT
DOMAIN-SUFFIX, qq.com, DIRECT
DOMAIN-SUFFIX, jd.com, DIRECT
DOMAIN-SUFFIX, 163.com, DIRECT
DOMAIN-SUFFIX, 126.net, DIRECT
DOMAIN-SUFFIX, netease.com, DIRECT
DOMAIN-SUFFIX, gtimg.com, DIRECT
DOMAIN-KEYWORD, tietuku, DIRECT
DOMAIN-KEYWORD, baidu, DIRECT
DOMAIN-KEYWORD, 360, DIRECT
DOMAIN-KEYWORD, sina, DIRECT

# Some services are available locally
DOMAIN-SUFFIX, ls.apple.com, DIRECT
DOMAIN-SUFFIX, itunes.apple.com, DIRECT
DOMAIN-SUFFIX, dl.google.com, DIRECT

# Apple services
DOMAIN-SUFFIX, apple.com, Proxy
DOMAIN-SUFFIX, icloud.com, Proxy
DOMAIN-SUFFIX, mzstatic.com, Proxy
DOMAIN-KEYWORD, aka, Proxy

# Streaming services, comment out if you don't need
DOMAIN-KEYWORD, sohu, DIRECT
DOMAIN-KEYWORD, qiyi, DIRECT

# Force some domains which are fucked by GFW while resolving DNS
DOMAIN-KEYWORD, tumblr, Proxy, force-remote-dns
DOMAIN-KEYWORD, google, Proxy, force-remote-dns
DOMAIN-KEYWORD, facebook, Proxy, force-remote-dns
DOMAIN-KEYWORD, youtube, Proxy, force-remote-dns
DOMAIN-KEYWORD, twitter, Proxy, force-remote-dns
DOMAIN-KEYWORD, gmail, Proxy, force-remote-dns
DOMAIN-SUFFIX, twimg.com, Proxy, force-remote-dns

# Workaround for some apps
# Instagram
DOMAIN-KEYWORD, instagram, Proxy, force-remote-dns

# Telegram
IP-CIDR, 91.108.56.0/22, Proxy, no-resolve
IP-CIDR, 91.108.4.0/22, Proxy, no-resolve
IP-CIDR, 109.239.140.0/24, Proxy, no-resolve
IP-CIDR, 149.154.160.0/20, Proxy, no-resolve

# Reserved networks, debugging rules should place above this line
IP-CIDR, 192.168.0.0/16, DIRECT
IP-CIDR, 10.0.0.0/8, DIRECT
IP-CIDR, 172.0.0.0/8, DIRECT
IP-CIDR, 127.0.0.0/8, DIRECT
IP-CIDR, 100.64.0.0/10, DIRECT

# Detect local network
GEOIP, CN, DIRECT

# Use proxy for all others
FINAL, Proxy