# This config file was created for myself (@janlay). You may want to add or remove some rules to make efficient use of the Internet. 

# This file depends on the main.conf which defines your own proxy.
# Your main.conf will look like this:
# ---- START ----
# #!PROXY-OVERRIDE:rules.conf
# [Proxy]
# Proxy = https,server.address,port,username,password
# ---- END ----
#
# Make sure the PROXY-OVERRIDE line included in the main.conf

[General]
loglevel = warning
skip-proxy = 192.168.0.0/16, 10.0.0.0/8, 172.0.0.0/8, localhost, *.local, e.crashlytics.com
bypass-tun = 192.168.0.0/16, 10.0.0.0/8, 172.0.0.0/8
dns-server = 119.29.29.29, 223.5.5.5, 114.114.114.114

# stub proxy to stop surge complaining, leave this.
[Proxy]
Proxy = https,1.2.3.4,1234

[Rule]
# Accelerate most visited sites, part 1
DOMAIN-KEYWORD,ali,DIRECT
DOMAIN-KEYWORD,taobao,DIRECT

# Block privacy tracker within apps
DOMAIN-KEYWORD,umeng.co,REJECT
DOMAIN-KEYWORD,flurry.co,REJECT
DOMAIN-KEYWORD,cnzz,REJECT
DOMAIN-SUFFIX,mmstat.com,REJECT
DOMAIN-SUFFIX,doubleclick.net,REJECT
DOMAIN-SUFFIX,youmi.net,REJECT
DOMAIN,monitor.uu.qq.com,REJECT
DOMAIN,pagead2.googlesyndication.com,REJECT
DOMAIN,cpro.baidu.com,REJECT
DOMAIN-SUFFIX,beacon.qq.com,REJECT
DOMAIN,pingma.qq.com,REJECT
DOMAIN,stat.m.jd.com,REJECT
DOMAIN,ads.mopub.com,REJECT
DOMAIN-SUFFIX,mob.com,REJECT
DOMAIN-SUFFIX,127.net,REJECT
DOMAIN-SUFFIX,sinajs.cn,REJECT
# prevent sniffer from a public WiFi
DOMAIN,init.icloud-analysis.com,REJECT

# Accelerate most visited sites, part 2
DOMAIN-SUFFIX,cn,DIRECT
DOMAIN-KEYWORD,baidu,DIRECT
DOMAIN-KEYWORD,360,DIRECT
DOMAIN-SUFFIX,qq.com,DIRECT
DOMAIN-SUFFIX,jd.com,DIRECT
DOMAIN-SUFFIX,163.com,DIRECT
DOMAIN-SUFFIX,126.net,DIRECT
DOMAIN-SUFFIX,netease.com,DIRECT
DOMAIN-SUFFIX,gtimg.com,DIRECT
DOMAIN-SUFFIX,ls.apple.com,DIRECT
DOMAIN-SUFFIX,apple.com,Proxy
DOMAIN-SUFFIX,icloud.com,Proxy
DOMAIN-SUFFIX,mzstatic.com,Proxy
DOMAIN-KEYWORD,aka,Proxy

# Streaming services, comment out if you don't need
DOMAIN-KEYWORD,sohu,DIRECT
DOMAIN-KEYWORD,qiyi,DIRECT

# Force some domains which are fucked by GFW while resolving DNS
DOMAIN-KEYWORD,google,Proxy,force-remote-dns
DOMAIN-KEYWORD,facebook,Proxy,force-remote-dns
DOMAIN-KEYWORD,youtube,Proxy,force-remote-dns
DOMAIN-KEYWORD,twitter,Proxy,force-remote-dns
DOMAIN-SUFFIX,twimg.com,Proxy,force-remote-dns
DOMAIN-KEYWORD,gmail,Proxy,force-remote-dns

# Workaround for some apps
# Instagram
DOMAIN-KEYWORD,instagram,Proxy,force-remote-dns
# Telegram
IP-CIDR,91.108.56.0/22,Proxy,no-resolve
IP-CIDR,91.108.4.0/22,Proxy,no-resolve
IP-CIDR,109.239.140.0/24,Proxy,no-resolve
IP-CIDR,149.154.160.0/20,Proxy,no-resolve

# Reserved networks, debugging rules should place above this line
IP-CIDR,192.168.0.0/16,DIRECT
IP-CIDR,10.0.0.0/8,DIRECT
IP-CIDR,172.0.0.0/8,DIRECT
IP-CIDR,127.0.0.0/8,DIRECT
IP-CIDR,100.64.0.0/10,DIRECT

# Detect local network
GEOIP,CN,DIRECT
# Use proxy for all others
FINAL,Proxy