Configuration Overview
ClashX uses YAML format файл конфигурацииs to define all proxy behaviors. Understanding the structure and function of each configuration item is key to mastering ClashX.
The файл конфигурации is usually located at ~/.config/clash/config.yaml, and can also be automatically updated via ссылка подпискиs. This article will provide an in-depth analysis of each part of the файл конфигурации to help you create the most suitable configuration for your needs.
YAML is very sensitive to indentation and must use spaces (not tabs) for indentation. It рекомендуется to use 2 spaces for one level of indentation.
Basic Structure
A complete ClashX файл конфигурации mainly contains the following sections:
Basic Configuration File Structure
# 通用设置
port: 7890
socks-port: 7891
allow-lan: false
mode: rule
log-level: info
# 代理节点
proxies:
- name: "节点1"
type: ss
server: example.com
port: 443
# 策略组
proxy-groups:
- name: "🚀 节点选择"
type: select
proxies:
- "节点1"
# 规则
rules:
- DOMAIN-SUFFIX,google.com,🚀 节点选择
- GEOIP,CN,DIRECT
- MATCH,🚀 节点选择
General Settings
General settings control the basic behavior and производительность parameters of ClashX.
Port Configuration
# HTTP 代理端口
port: 7890
# SOCKS5 代理端口
socks-port: 7891
# 混合端口(同时支持 HTTP 和 SOCKS5)
mixed-port: 7892
# RESTful API 端口
external-controller: 127.0.0.1:9090
# API 访问密钥(可选)
secret: "your-secret-key"
Сеть Settings
# 允许局域网连接
allow-lan: false
# 绑定地址(局域网时使用)
bind-address: "*"
# 运行模式:rule(规则) / global(全局) / direct(直连)
mode: rule
# 日志级别:silent / error / warning / info / debug
log-level: info
# IPv6 支持
ipv6: true
Настройка DNS
DNS configuration affects the speed and accuracy of domain name resolution:
dns:
enable: true
listen: 0.0.0.0:53
enhanced-mode: fake-ip # 或 redir-host
# Fake-IP 地址池
fake-ip-range: 198.18.0.1/16
# Fake-IP 过滤(这些域名不使用 Fake-IP)
fake-ip-filter:
- "*.lan"
- "localhost.ptlogin2.qq.com"
# DNS 服务器
nameserver:
- 119.29.29.29
- 223.5.5.5
- https://doh.pub/dns-query
# 回落 DNS(当主 DNS 失败时使用)
fallback:
- https://1.1.1.1/dns-query
- https://dns.google/dns-query
# 根据域名选择 DNS
nameserver-policy:
"geosite:cn":
- 119.29.29.29
- 223.5.5.5
"geosite:geolocation-!cn":
- https://1.1.1.1/dns-query
fake-ip: Better производительность, but may be incompatible with some applications
redir-host: Good compatibility, but slightly slower
Proxy Configuration (Proxies)
The proxies section defines all available прокси-сервер nodes. ClashX supports multiple протокол проксиs.
Shadowsocks (SS)
proxies:
- name: "SS节点"
type: ss
server: example.com
port: 443
cipher: aes-256-gcm
password: "your-password"
udp: true
ShadowsocksR (SSR)
- name: "SSR节点"
type: ssr
server: example.com
port: 443
cipher: aes-256-cfb
password: "your-password"
protocol: auth_aes128_md5
protocol-param: ""
obfs: tls1.2_ticket_auth
obfs-param: "cloudflare.com"
VMess
- name: "VMess节点"
type: vmess
server: example.com
port: 443
uuid: b831381d-6324-4d53-ad4f-8cda48b30811
alterId: 0
cipher: auto
tls: true
skip-cert-verify: false
servername: example.com
network: ws
ws-opts:
path: /path
headers:
Host: example.com
Trojan
- name: "Trojan节点"
type: trojan
server: example.com
port: 443
password: "your-password"
sni: example.com
skip-cert-verify: false
udp: true
HTTP/HTTPS Proxy
- name: "HTTP代理"
type: http
server: example.com
port: 8080
username: user
password: pass
tls: true
skip-cert-verify: false
Proxy Groups Configuration
Proxy groups allow you to combine multiple nodes to achieve advanced features such as automatic selection and load balancing.
select - Ручной выборion
Users manually select which node to use:
proxy-groups:
- name: "🚀 节点选择"
type: select
proxies:
- "🇭🇰 香港节点"
- "🇯🇵 日本节点"
- "🇺🇸 美国节点"
- DIRECT
url-test - Auto Speed Test
Automatically select the node with the lowest latency:
- name: "♻️ 自动选择"
type: url-test
proxies:
- "节点1"
- "节点2"
- "节点3"
url: "http://www.gstatic.com/generate_204"
interval: 300 # 测试间隔(秒)
tolerance: 50 # 容差(毫秒)
fallback - Failover
Automatically switch to backup nodes when primary node fails:
- name: "🔰 故障转移"
type: fallback
proxies:
- "主节点"
- "备用节点1"
- "备用节点2"
url: "http://www.gstatic.com/generate_204"
interval: 300
load-balance - Балансировка нагрузки
Distribute трафик among multiple nodes:
- name: "⚖️ 负载均衡"
type: load-balance
proxies:
- "节点1"
- "节点2"
- "节点3"
url: "http://www.gstatic.com/generate_204"
interval: 300
strategy: consistent-hashing # 或 round-robin
relay - Chain Proxy
Трафик passes through multiple прокси-узелs:
- name: "🔗 链式代理"
type: relay
proxies:
- "节点1"
- "节点2"
• Create different группа проксиs for different purposes (e.g., streaming, gaming, downloads)
• Use url-test for automatic оптимизация
• Include url-test groups as options in select groups
Rules Configuration
Rules determine which трафик goes through proxy and which goes direct. Rules are matched from top to bottom, and stop matching once matched.
Complete Rule Example
rules:
# 局域网直连
- DOMAIN-SUFFIX,local,DIRECT
- IP-CIDR,127.0.0.0/8,DIRECT
- IP-CIDR,192.168.0.0/16,DIRECT,no-resolve
- IP-CIDR,10.0.0.0/8,DIRECT,no-resolve
# 屏蔽广告
- DOMAIN-KEYWORD,adservice,REJECT
- DOMAIN-SUFFIX,doubleclick.net,REJECT
# 流媒体
- DOMAIN-SUFFIX,youtube.com,🎬 流媒体
- DOMAIN-SUFFIX,netflix.com,🎬 流媒体
- DOMAIN-KEYWORD,spotify,🎬 流媒体
# Apple 服务
- DOMAIN-SUFFIX,apple.com,🍎 苹果服务
- DOMAIN-SUFFIX,icloud.com,🍎 苹果服务
# Google 服务
- DOMAIN-SUFFIX,google.com,🚀 代理
- DOMAIN-SUFFIX,googleapis.com,🚀 代理
- DOMAIN-SUFFIX,gstatic.com,🚀 代理
# 国内网站直连
- GEOIP,CN,DIRECT
# 最终规则
- MATCH,🚀 代理
Rule Priority Recommendations
Advanced Configuration Options
Rule Providers
Load rules from external files for easier maintenance and updates:
rule-providers:
reject:
type: http
behavior: domain
url: "https://cdn.example.com/reject.yaml"
path: ./ruleset/reject.yaml
interval: 86400
proxy:
type: http
behavior: domain
url: "https://cdn.example.com/proxy.yaml"
path: ./ruleset/proxy.yaml
interval: 86400
rules:
- RULE-SET,reject,REJECT
- RULE-SET,proxy,🚀 代理
Режим TUN
System-level proxy, no need to configure applications:
tun:
enable: true
stack: system # 或 gvisor
dns-hijack:
- any:53
auto-route: true
auto-detect-interface: true
Experimental Features
experimental:
# 忽略解析失败的域名
ignore-resolve-fail: true
# 接口名称检测
interface-name: en0
• режим TUN requires administrator privileges
• Configuration changes need to be reloaded to take effect
• Recommended to validate configuration in test environment first