diff --git a/docs/api/index.en.md b/docs/api/index.en.md index e231735d..27e4ed81 100644 --- a/docs/api/index.en.md +++ b/docs/api/index.en.md @@ -121,11 +121,16 @@ Request method: `GET` - Retrieve specific policy group information. +Request method: `DELETE` + +- Clear the fixed selection of the automatic policy group. + ### `/group/group_name/delay` Request method: `GET` -- Test nodes/policy groups within a specified policy group and return new delay information; the URL must include `?url=xxx&timeout=5000`, modified as needed. +- Test the nodes/strategy groups within the specified strategy group, return new latency information, and clear the fixed selection of the automatic strategy group +- the URL must include `?url=xxx&timeout=5000`, modified as needed. ## Proxies @@ -149,7 +154,8 @@ Request method: `PUT` Request method: `GET` -- Test a specified proxy and return new delay information; the URL must include `?url=xxx&timeout=5000`, modified as needed. +- Test a specified proxy and return new delay information +- the URL must include `?url=xxx&timeout=5000`, modified as needed. ## Proxy Sets @@ -177,7 +183,8 @@ Request method: `GET` ### `/providers/proxies/providers_name/proxies_name/healthcheck` -- Test a specified proxy within the proxy set and return new delay information; the URL must include `?url=xxx&timeout=5000`, modified as needed. +- Test a specified proxy within the proxy set and return new delay information +- the URL must include `?url=xxx&timeout=5000`, modified as needed. ## Rules @@ -225,7 +232,8 @@ Request method: `DELETE` Request method: `GET` -- Retrieve DNS query data for a specified name and type; the URL must include `?name=example.com&type=A`, modified as needed. +- Retrieve DNS query data for a specified name and type +- the URL must include `?name=example.com&type=A`, modified as needed. ## DEBUG diff --git a/docs/api/index.md b/docs/api/index.md index 5073651c..e1d756dc 100644 --- a/docs/api/index.md +++ b/docs/api/index.md @@ -121,11 +121,16 @@ curl 示例 `curl -H 'Authorization: Bearer ${secret}' http://${controller-api} - 获取具体的策略组信息 +请求方法:`DELETE` + +- 清除自动策略组 fixed 选择 + ### `/group/group_name/delay` 请求方法:`GET` -- 对指定策略组内的节点/策略组进行测试,并返回新的延迟信息,URL 需携带`?url=xxx&timeout=5000`,按需修改 +- 对指定策略组内的节点/策略组进行测试,返回新的延迟信息,,并清除自动策略组的 fixed 选择 +- URL 需携带`?url=xxx&timeout=5000`,按需修改 ## 代理 @@ -149,7 +154,8 @@ curl 示例 `curl -H 'Authorization: Bearer ${secret}' http://${controller-api} 请求方法:`GET` -- 对指定代理进行测试,并返回新的延迟信息,URL 需携带`?url=xxx&timeout=5000`,按需修改 +- 对指定代理进行测试,并返回新的延迟信息 +- URL 需携带`?url=xxx&timeout=5000`,按需修改 ## 代理集合 @@ -177,7 +183,8 @@ curl 示例 `curl -H 'Authorization: Bearer ${secret}' http://${controller-api} ### `/providers/proxies/providers_name/proxies_name/healthcheck` -- 对代理集合内的指定代理进行测试,并返回新的延迟信息,URL 需携带`?url=xxx&timeout=5000`,按需修改 +- 对代理集合内的指定代理进行测试,并返回新的延迟信息 +- URL 需携带`?url=xxx&timeout=5000`,按需修改 ## 规则 @@ -225,7 +232,8 @@ curl 示例 `curl -H 'Authorization: Bearer ${secret}' http://${controller-api} 请求方法:`GET` -- 获取指定名称和类型的 DNS 查询数据,URL 需携带`?name=example.com&type=A`,按需修改 +- 获取指定名称和类型的 DNS 查询数据 +- URL 需携带`?name=example.com&type=A`,按需修改 ## DEBUG diff --git a/docs/config/dns/index.en.md b/docs/config/dns/index.en.md index e2c41f87..6316b749 100644 --- a/docs/config/dns/index.en.md +++ b/docs/config/dns/index.en.md @@ -105,13 +105,21 @@ Keys support [domain wildcards](../../handbook/syntax.md#domain-wildcards). Values support strings/arrays. -## nameserver +## proxy-server-nameserver -Default domain name resolution server. +The proxy node domain resolution server is used solely for resolving the domain names of proxy nodes. If left blank, it will follow the configurations of nameserver-policy, nameserver, and fallback. -## proxy-server-nameserver +## direct-nameserver + +The DNS server for domain resolution at the direct exit. If left blank, it will follow the configurations of nameserver-policy, nameserver, and fallback. -Proxy node domain name resolution server, used only for resolving the domain names of proxy nodes. +## direct-nameserver-follow-policy + +Indicates whether to adhere to the nameserver-policy. The default is not to comply, and it only takes effect when direct-nameserver is not empty. + +## nameserver + +Default domain name resolution server. ## fallback diff --git a/docs/config/dns/index.md b/docs/config/dns/index.md index f6e9ceb9..146f5e83 100644 --- a/docs/config/dns/index.md +++ b/docs/config/dns/index.md @@ -29,6 +29,9 @@ dns: - tls://1.1.1.1 proxy-server-nameserver: - https://doh.pub/dns-query + direct-nameserver: + - system + direct-nameserver-follow-policy: false fallback-filter: geoip: true geoip-code: CN @@ -105,13 +108,21 @@ dns 连接遵守[路由规则](../rules/index.md),需配置 [proxy-server-name 值支持字符串/数组 -## nameserver +## proxy-server-nameserver -默认的域名解析服务器 +代理节点域名解析服务器,仅用于解析代理节点的域名,如果不填则遵循nameserver-policy、nameserver和fallback的配置 -## proxy-server-nameserver +## direct-nameserver + +用于direct出口域名解析的 DNS 服务器,如果不填则遵循nameserver-policy、nameserver和fallback的配置 -代理节点域名解析服务器,仅用于解析代理节点的域名 +## direct-nameserver-follow-policy + +是否遵循nameserver-policy,默认为不遵守,仅当direct-nameserver不为空时生效 + +## nameserver + +默认的域名解析服务器 ## fallback diff --git a/docs/config/general.en.md b/docs/config/general.en.md index 68d44444..77fb5f02 100644 --- a/docs/config/general.en.md +++ b/docs/config/general.en.md @@ -90,19 +90,27 @@ default is `true`. ipv6: true ``` -## TCP Keep Alive Interval +## TCP Keep Alive Settings -Controls the interval at which Clash sends out TCP Keep Alive packets to reduce temporary measures for mobile device power consumption. +Modify this item to reduce the [power consumption issue](https://github.com/vernesong/OpenClash/issues/2614) on mobile devices -unit is seconds +The interval for TCP Keep Alive packets, measured in seconds. ```{.yaml linenums="1"} -keep-alive-interval: 30 +keep-alive-interval: 15 ``` -The time Clash discovers and closes an invalid TCP connection: +The maximum idle time for TCP Keep Alive. -1 × keep-alive-interval + 9 × keep-alive-interval +```{.yaml linenums="1"} +keep-alive-idle: 15 +``` + +Disable TCP Keep Alive; on Android, this is set to true by default. + +```{.yaml linenums="1"} +disable-keep-alive: false +``` ## Process Matching Mode @@ -126,6 +134,15 @@ API listening address, you can change `127.0.0.1` to `0.0.0.0` to listen on all external-controller: 127.0.0.1:9090 ``` +API CORS Header Configuration + +```{.yaml linenums="1"} +external-controller-cors: + allow-origins: + - * + allow-private-network: true +``` + Unix socket API listening address !!! warning "" @@ -135,6 +152,15 @@ Unix socket API listening address external-controller-unix: mihomo.sock ``` +Windows Named Pipe API Listening Address + +!!! warning "" + Accessing the API interface via Windows Named Pipe does not validate the secret. If enabled, please ensure your security. + +```{.yaml linenums="1"} +external-controller-pipe: \\.\pipe\mihomo +``` + HTTPS-API listening address, requires configuring the tls section for certificate and private key configuration, external-controller must also be filled in. ```{.yaml linenums="1"} @@ -286,3 +312,11 @@ Custom UA used when downloading external resources, default is clash.meta. ```{.yaml linenums="1"} global-ua: clash.meta ``` + +## ETag Support + +ETag support for external resource downloads is enabled by default. + +```{.yaml linenums="1"} +etag-support: true +``` diff --git a/docs/config/general.md b/docs/config/general.md index b6569261..ed68ad2e 100644 --- a/docs/config/general.md +++ b/docs/config/general.md @@ -92,18 +92,27 @@ log-level: info ipv6: true ``` -## TCP Keep Alive 间隔 +## TCP Keep Alive 设置 -控制 Clash 发出 TCP Keep Alive 包的间隔,减少移动设备[耗电问题](https://github.com/vernesong/OpenClash/issues/2614)的临时措施。 +修改此项以减少移动设备[耗电问题](https://github.com/vernesong/OpenClash/issues/2614) -单位为秒 +TCP Keep Alive 包的间隔,单位为秒 ```{.yaml linenums="1"} -keep-alive-interval: 30 +keep-alive-interval: 15 ``` -此时 Clash 发现并关闭一个无效 TCP 连接用时: -`1*keep-alive-interval + 9*keep-alive-interval` +TCP Keep Alive 的最大空闲时间 + +```{.yaml linenums="1"} +keep-alive-idle: 15 +``` + +禁用 TCP Keep Alive,在 Amdroid 默认为 true + +```{.yaml linenums="1"} +disable-keep-alive: false +``` ## 进程匹配模式 @@ -127,6 +136,15 @@ API 监听地址,你可以将 127.0.0.1 修改为 0.0.0.0 来监听所有 IP external-controller: 127.0.0.1:9090 ``` +API CORS 标头配置 + +```{.yaml linenums="1"} +external-controller-cors: + allow-origins: + - * + allow-private-network: true +``` + Unix socket API 监听地址 !!! warning "" @@ -136,6 +154,15 @@ Unix socket API 监听地址 external-controller-unix: mihomo.sock ``` +Windows namedpipe API 监听地址 + +!!! warning "" + 从Windows namedpipe访问api接口不会验证secret, 如果开启请自行保证安全问题 + +```{.yaml linenums="1"} +external-controller-pipe: \\.\pipe\mihomo +``` + HTTPS-API 监听地址,需要配置 `tls` 部分证书和其私钥配置,使用 TLS 也必须填写 `external-controller` ```{.yaml linenums="1"} @@ -296,3 +323,11 @@ geox-url: ```{.yaml linenums="1"} global-ua: clash.meta ``` + +## ETag 支持 + +外部资源下载的 ETag 支持,默认为 `true` + +```{.yaml linenums="1"} +etag-support: true +``` \ No newline at end of file diff --git a/docs/config/proxies/wg.md b/docs/config/proxies/wg.md index 0779d424..944c2c37 100644 --- a/docs/config/proxies/wg.md +++ b/docs/config/proxies/wg.md @@ -22,6 +22,17 @@ proxies: # dialer-proxy: "ss1" # 一个出站代理的标识。当值不为空时,将使用指定的 proxy/proxy-group 发出连接 # remote-dns-resolve: true # 强制dns远程解析,默认值为false # dns: [ 1.1.1.1, 8.8.8.8 ] # 仅在remote-dns-resolve为true时生效 + # 如果存在则开启AmneziaWG功能 + # amnezia-wg-option: + # jc: 5 + # jmin: 500 + # jmax: 501 + # s1: 30 + # s2: 40 + # h1: 123456 + # h2: 67543 + # h4: 32345 + # h3: 123123 ``` ## 完整写法 diff --git a/docs/config/sniff/index.md b/docs/config/sniff/index.md index 6b442981..e0867bb7 100644 --- a/docs/config/sniff/index.md +++ b/docs/config/sniff/index.md @@ -1,11 +1,5 @@ # 域名嗅探 -Clash 使用 Mapping 机制解决透明代理情况下,无法通过 Redir 端口传递域名的问题;但此机制会导致如果不使用 Clash 内置的 DNS 解析服务,就无法准确还原域名,进行域名分流的问题。 - -Meta 内置了 Sniffer 域名嗅探器,通过读取握手包内的域名字段,将 IP 还原成域名,有效解决 Mapping 机制的短板。 - -## 示例 - ```{.yaml linenums="1"} sniffer: enable: false @@ -24,37 +18,47 @@ sniffer: - +.v2ex.com skip-domain: - Mijia Cloud + skip-src-address: + - 192.168.0.3/32 + skip-dst-address: + - 192.168.0.3/32 ``` -## 字段解释 - -### enable +## enable 是否启用 sniffer -### force-dns-mapping +## force-dns-mapping -对 redir-host 类型识别的流量进行强制嗅探 +对 `redir-host` 类型识别的流量进行强制嗅探 -### parse-pure-ip +## parse-pure-ip 对所有未获取到域名的流量进行强制嗅探 -### override-destination +## override-destination 是否使用嗅探结果作为实际访问,默认为 true -### sniff +## sniff + +需要嗅探的协议设置,仅支持 `HTTP`/`TLS`/`QUIC` + +- `ports`: [端口范围](../../handbook/syntax.md#_14) +- `override-destination`: 覆盖全局`override-destination`设置 + +## force-domain + +强制进行嗅探的域名列表,使用[域名通配](../../handbook/syntax.md#_8) -一个数组,里面可以包含多个协议对象。每种协议对象包含: +## skip-domain -- `ports`字段,表示端口范围。示例:`ports: [80, 8080-8880]` -- `override-destination`字段(可选),用于覆盖全局`override-destination`设置 +跳过嗅探的域名列表,使用[域名通配](../../handbook/syntax.md#_8) -### force-domain +## skip-src-address -需要强制嗅探的域名(默认情况下只对 IP 进行嗅探) +跳过嗅探的来源 IP 段列表 -### skip-domain +## skip-dst-address -需要跳过嗅探的域名。主要解决部分站点 sni 字段非域名,导致嗅探结果异常的问题,如米家设备`Mijia Cloud` +跳过嗅探的目标 IP 段列表