To the servers in this section along with servers in nameservers. When fallback is present, the DNS server will send concurrent requests Clash answers the DNS question with the first result gathered. You can specify the port to connect to.Īll DNS questions are sent directly to the nameserver, without proxies questions to these domain names will always be answered with their real IP addresses fake-ip-filter: ‘.lan’ Specify IP addresses only default-nameserver: – 114.114.114.114 – 8.8.8.8 enhanced-mode: redir-host # or fake-ip fake-ip-range: 198.18.0.1/16 # Fake IP addresses pool CIDR use-hosts: true # lookup hosts and return IP record Hostnames in this list will not be resolved with fake IPs i.e. dns: enable: false listen: 0.0.0.0:53 ipv6: false # when the false, response to AAAA questions will be empty These nameservers are used to resolve the DNS nameserver hostnames below. When not present, the DNS server will be disabled. foo.com and foo.com hosts: v’: 127.0.0.1 dev’: 127.0.0.1 ‘’: ‘::1’ profile: Store the select results in $HOME/.config/clash/.cache set false If you don’t want this behavior when two different configurations have groups with the same name, the selected values are shared store-selected: false DNS server settings This section is optional. Non-wildcard domain names have a higher priority than wildcard domain namesĮ.g. Static hosts for DNS server and connection establishment (like /etc/hosts) Clash core will thenĪuthenticate by spedifying HTTP header Authorization: Bearer $ĪLWAYS set a secret if RESTful API is listening on 0.0.0.0 When set to false, resolver won’t translate hostnames to IPv6 addressesĪ relative path to the configuration directory or an absolute path to aĭirectory in which you put some static web resource. Global: all packets will be forwarded to a single endpointĭirect: directly forward the packets to the Internet This is only applicable when allow-lan is trueġ92.168.122.11: bind a single IPv4 address Set to true to allow connections to the local-end server from HTTP(S) and SOCKS4(A)/SOCKS5 server on the same portĪuthentication of local SOCKS5/HTTP(S) server Transparent proxy server port for Linux (TProxy TCP and TProxy UDP) Transparent proxy server port for Linux and macOS (Redirect TCP and TProxy UDP) Port of SOCKS5 proxy server on the local end Port of HTTP(S) proxy server on the local end When a request, or say packet, comes in, Clash routes the packet to different remote servers (“nodes”) with either VMess, Shadowsocks, Snell, Trojan, SOCKS5 or HTTP protocol. In this chapter, we’ll cover the common features of Clash and how they should be used and configured.Ĭlash works by opening HTTP, SOCKS5, or the transparent proxy server on the local end. YAML is designed to be easy to be read, be written, and be interpreted by computers, and is commonly used for exact configuration files. You can now move forward to the next chapters of this wiki in which we’ll cover the configuration syntax of Clash.Ĭlash uses YAML, YAML Ain’t Markup Language, for configuration files.
Clashx ipv6 install#
$ go install binary is built under $GOPATH/bin You can either grab the pre-built binaries of Clash from or build locally.Ĭlash requires Golang 1.17 or a higher version. TUN mode on macOS, Linux and Windows. Doc.Comprehensive HTTP RESTful API controller.Deploy Clash on your Internet gateway with iptables. Remote providers, allowing users to get node lists remotely instead of hardcoding in config.Supports automatic fallback, load balancing or auto select node based off latency Remote groups allow users to implement powerful rules.Rules based off domains, GEOIP, IPCIDR or Process to forward packets to different nodes.Built-in DNS server that aims to minimize DNS pollution attack impact, supports DoH/DoT upstream and fake IP.VMess, Shadowsocks, Trojan, Snell protocol support for remote connections.Local HTTP/HTTPS/SOCKS server with authentication support.
0 kommentar(er)
