GitXplorerGitXplorer
l

proxifier-rules

public
59 stars
22 forks
2 issues

Commits

List of commits on branch master.
Unverified
e92c4e0be18a0ff1f4cfefaff87ba560675ffe30

Generate compact proxifier profile

llaggardkernel committed 5 years ago
Unverified
8f2276531623b0af6e5567bb683197ff1c70758b

Direct: irc networks

llaggardkernel committed 5 years ago
Unverified
4ddc7ee9c24bda2b024b1579f035daf7ff1ba7f5

Update README for lite version of Mellow rule

llaggardkernel committed 5 years ago
Unverified
a617aa8ce82c8709c373379c478522164880582a

Proxifier: remove ads block rules by default

llaggardkernel committed 5 years ago
Unverified
fc25eb10b9655f07e8c68644947deae4a26adca4

Proxifier: remove ads block rules by default

llaggardkernel committed 5 years ago
Unverified
5a573c5314b4d7ba92abc63b638ef4ffb7b25c1a

Rename to lower case names

llaggardkernel committed 5 years ago

README

The README file for this repository.

Proxifier Rules

Unmaintained, switched to Clash Premium, or Clash.Meta based GUIs like ClashX Pro, Clash for Windows, ClashDotNetFramework. Clash Premium has built-in support to handle GFW DNS pollution (which is not seen in Proxifier), RULE-SET, extra proxy protocols support like Shadowsocks(R), Vmess, Trojan. The only drawback of Clash I've known is that the Enhanced Mode is based on TUN and it makes traceroute fail to work.

Rules for proxifier based on lhie1/Rules.

A proxifier is a software program which can make other programs pass through a proxy server by intercepting and modifying their network requests.

Proxifier

Raw files

Anti DNS Pollution

Warning: "Detect DNS settings automatically" and "Resolve hostnames through proxy" are not designed for handling DNS pollution. Please use a clean DNS.

IrineSistiana/mosdns is recommended if you wanna setup a local stub/forwarding DNS.

mosdns, A very flexible DNS forwarder written in Go

Another setup with "dnsmasq/unbound + chinadns + dnsforwarder/cdns/..." is also popular. But mosdns can support all these features in one app.

Features

Default conf

  • proxy: socks5://127.0.0.1:1080
  • Proxy rule as the fallback rule

Optional rules, put at the top for quick switch

  • Direct network tool or not? (nslookup, dig, traceroute, mtr, etc)

Direct rules

  • Apple services
  • Part of Google domains available in China
  • Proxy client applications
  • BT client applications
  • Common domestic domains
  • IRC domains from rahatarmanahmed/irc-networks
  • China IP list from 17mon/china_ip_list based on routing tables

Proxy rules

  • Foreign IM applications
  • Common foreign domains
  • Top blocked domains
  • Amazon IP
  • Facebook IP
  • Google IP
  • Kakao Talk IP
  • Potato Chat IP
  • Telegram IP
  • Blacklist from gfwlist

Block/Reject rules (Separated)

  • Ads domains in video apps
  • Huge list of ads domains
  • China Railcom

URL related rules are dropped cause Proxifier doesn't support it. Luckily, these rules are used for redirection and ads block only.

Kitsunebi-Android, Mellow

Raw files

You need to change the proxy conf in the Mellow rule.

Caveats

  • Rule syntax for Kitsunebi iOS and Android are different
  • only ; is supported as comment mark in Mellow
  • only # is supported as comment mark in Kitsunebi-Android
  • Unsupported rules in Mellow: USER-AGENT
  • Unsupported rules in Kitsunebi-Android: Custom Endpoint, PROCESS-NAME, USER-AGENT, maybe IP-CIDR
  • Conf in Mellow is case sensitive, but not in Kitsunebi-Android

How to Contribute

Edit the source file named proxifier/Proxifier.ppx. Proxifer.ppx under project root directory is used for release only. Besides, Proxifier.ppx under project root is compressed to speedup config loading.

Todo

  • [x] Merge rules from gfwlist
  • [x] Use 17mon/china_ip_list instead of the delegated APNIC list
  • [x] Diff *.ppx within proxifier/ as text, treat released *.ppx as binary
  • [x] Merge Jamesits/proxifier-profiles
    • Proxy client apps ONLY
    • All the other app specific rules are useless, since there's huge domain based rules already
  • [x] Merge felixonmars/dnsmasq-china-list
    • Merged Apple China domains
    • Merged Google China domains
    • Dropped China site domains cause it's so huge
  • [x] Convert REJECT rules as confs for dnsmasq, unbound
  • [x] Direct IRC connections cause proxy may close TCP connection after timeout

F.A.Q

Proxy Rules doesn't Work on macOS

The DNS resolution feature from Proxifier macOS is not designed for handling DNS pollution. There's performance issue in real use for handling DNS pollution. In case that is causes problem for users, I disabled this feature in the config file.

Please set a clean DNS in your Network Setting.

Why do you use Proxifier instead of Surge?

I used to be a user of Surge 2. I mainly used its Enhanced Mode to proxy all the TCP connections. (UDP is not available until v2.5.3)

The rules from Proxifier seems to be more flexible for me, port nubmer rule is supported, different kinds of rules could be chained together. This combination logical is not available in Surge until Surge 3.

Besides, Surge 2 has some serious drawbacks/bugs in the Enhanced Mode:

  • Virtual machines need to be configured in bridged mode.
  • Many unknown process appearr in the monitor panel.

Another drawback of Surge is that, HTTPS rules could NOT be used for proxy.

Rules Support Proxifier Surge 2 Surge 3
Domain
Domain Suffix
Application/PROCESS-NAME
Port ✅ (dst port) ✅ (in, dst port)
Header
HTTP(S) Redirect, Reject
HTTPS Proxy
TCP
UDP ✅ (added after v2.5.3)
Proxy Chain
Config Import/RULESET
Combination Logical
Price ¥141.55 on lizhi.io $49.99 for 1 license $49.99 for 1 license
Problems DNS on macOS Unknow process, bridged requirement for VM in Enhanced Mode Not sure the problems from 2 are fixed or not

Credit

License

GNU General Public License v2.0