所有的东西都已正常

稳定版本,但是访问3000端口都导向gitea还没修
2026-05-24 10:35:19 +08:00 · 2026-05-24 10:11:58 +08:00
8 changed files with 56 additions and 444 deletions
@@ -10,7 +10,7 @@
 | 设备 | IP / 域名 | 角色 |
 |---|---|---|
 | **北京 VPS** | `salmonstill.cn` / `49.232.242.90` | 公网入口，Nginx + Xray + socat + WireGuard |
-| **东京 VPS** | `tokyo.salmonstill.cn` / `43.165.178.10` | 代理出口，Xray Reality 出站 |
+| **搬瓦工 VPS** | `173.242.118.60` | 代理出口，Xray Reality 入站（客户端直连） |
 | **旁路由** | `192.168.1.199` / WG `10.0.0.2` | 内网核心，Xray bridge + Mihomo 代理 |
 | **NAS** | `192.168.1.188` | 绿联云 UGOS，思源笔记等服务 |
 | **qBittorrent** | `192.168.1.200` (macvlan) | PT 下载，独立 IP |
@@ -26,12 +26,12 @@
 | SNI | 后端 | 端口 | 用途 |
 |---|---|---|---|
 | `www.apple.com` | Xray interconn | :9443 | 反向代理隧道 |
-| `www.microsoft.com` | Xray mihomo_in | :9444 | Mihomo 客户端 → 东京出口 |
+| `www.microsoft.com` | Xray mihomo_in | :9444 | Mihomo 客户端 → 搬瓦工出口 |
 | `news.apple.com` | Xray proxy_from_lan | :9445 | 北京直连代理 |
 | `drive.salmonstill.cn` | NAS | :38653 | 绿联云直接转发 |
 | 默认 | NPM | :8443 | Nginx Proxy Manager |

-东京 VPS (`东京-vps-stream.conf`)：`www.microsoft.com` → Xray :9443，默认 → NPM。
+搬瓦工 VPS（部署 `东京-vps-stream.conf` + `tokyo-vps-config.json`）：`www.microsoft.com` → Xray :9443，默认 → NPM。

 ---

@@ -61,7 +61,7 @@
 | `external_spark_rdp` | 38660 | → portal → Spark (166) :3389 |
 | `external_router_web` | 39766 | → portal → 旁路由 :80 |
 | `external_tmp` | 8501 | → portal → Windows :8501 |
-| `external_3000` | 3000 | → portal → NAS :3000 |
+| `external_gitea` | 38661 | → portal → NAS :3000 |
 | `external_222` | 222 | → portal → NAS :222 |
 | `external_qbit` | 51413 | → portal → qBittorrent :51413 |

@@ -69,10 +69,10 @@

 | Tag | 端口 | 类型 | 用途 |
 |---|---|---|---|
-| `proxy_in` | 10809 | mixed | SOCKS5/HTTP 代理 → 东京出口 |
+| `proxy_in` | 10809 | mixed | SOCKS5/HTTP 代理 → 搬瓦工出口 |
 | `socks-dynamic` | 38658 | SOCKS5 (password) | 动态 LAN 端口访问 |

-**出站**：`direct`（freedom 直连）、`to_tokyo`（VLESS+Reality → `us.salmonstill.cn:443`）
+**出站**：`direct`（freedom 直连）、`to_tokyo`（VLESS+Reality → `173.242.118.60:443`）

 **路由**：所有 `external_*` + `interconn` + `socks-dynamic` → `portal`（反向隧道）；`mihomo_in` + `proxy_in` → `to_tokyo`；`proxy_from_lan` → `direct`

@@ -109,7 +109,7 @@
 - 38657 → `to_router_ssh`
 - 8501 → `to_tmp`
 - 39766 → `to_router_web`
- 3000 → `to_3000`
+- 38661 → `to_3000`
 - 222 → `to_222`
 - 39132 → `to_minecraft`
 - 51413 → `to_qbit`
@@ -121,9 +121,10 @@

 > 所有显式端口规则优先于 catch-all，现有端口转发不受影响。

-### 东京 VPS (`tokyo-vps-config.json`)
+### 搬瓦工 VPS / 洛杉矶 (`tokyo-vps-config.json`)

 极简：VLESS+Reality 入站 `:9443`（SNI=www.microsoft.com），freedom 出站。
+所有客户端（Spark、旁路由、macOS）直连此服务器，不再经北京 VPS 中转。

 ---

@@ -142,13 +143,12 @@
 配合 **fake-ip DNS**（`enhanced-mode: fake-ip`），DNS 请求返回 `198.18.x.x` 假 IP，强制流量进入代理路由。

 **代理节点**：
- `US-Direct` — VLESS+Reality → `us.salmonstill.cn:443`（默认国外出口）
- `Xray-Real` — VLESS+Reality → `49.232.242.90:443`（备用，经北京→东京）
+- `US-Direct` — VLESS+Reality → `173.242.118.60:443`（默认国外出口，客户端直连搬瓦工）

 **关键策略组**：
 - 国外 → `[US-Direct, 直连]`

-**防死循环 IP**：`49.232.242.90`（北京 VPS）、`43.165.178.10`（东京 VPS）强制直连。
+**防死循环 IP**：`49.232.242.90`（北京 VPS）、`173.242.118.60`（搬瓦工 VPS）强制直连。

 **额外监听器**：`:7891`（全局→US-Direct）、`:7892`（强制直连）

@@ -156,15 +156,17 @@

 结构与旁路由一致，无 TUN，监听器 `:7890` + `:7891` + `:7892`。

+**重启**（launchctl 管理）：
+```bash
+launchctl unload ~/Library/LaunchAgents/com.mihomo.proxy.plist
+launchctl load ~/Library/LaunchAgents/com.mihomo.proxy.plist
+```
+
 ### Ubuntu / Spark (`tun模式的主机mihomo config.yaml`)

 本地 TUN 模式（`stack: system`），不依赖旁路由网关。设备重启后 `auto-route` 自建路由表，稳定可靠。监听器 `:7890` + `:7891` + `:7892`，节点直连 US-Direct。

-### subscribe.yaml

-通用订阅模板，节点：US-Direct（默认）、Xray-Real（备选）。国外组 `[Xray-Real, US-Direct, 直连]`，global-mixed listener 走 US-Direct。
-
---

 ## qBittorrent 透明代理

@@ -208,7 +210,7 @@ qBittorrent 设置：SOCKS5 代理 → 旁路由 `192.168.1.199:1080`，监听 `
 | 位置 | Private Key | Public Key (客户端用) |
 |---|---|---|
 | **北京 VPS**（3 个入站共用） | `GGT9LfN_2JdQG68cwrULgUK-adfT6wIokLzWjaB0fXs` | `62y5gDjPrdeuePGl-D2IW4Cw9Kb8_bSBBTmArvL7Nhs` |
-| **东京 VPS**（to_tokyo 出口） | `iBlu3eH1VLf1S5Qw87m_1w0TGYUktDwHAzgpQ2aKuGI` | `jr_zQjC4mvlQITuG5Ap5Mxqe5EBbGyyvwbVLDEi8OCA` |
+| **搬瓦工 VPS**（客户端直连） | `iBlu3eH1VLf1S5Qw87m_1w0TGYUktDwHAzgpQ2aKuGI` | `jr_zQjC4mvlQITuG5Ap5Mxqe5EBbGyyvwbVLDEi8OCA` |

 `Beijing-Direct` 节点必须 `skip-cert-verify: true`，因 Reality 返回 target（`www.apple.com`）的证书，而 SNI 是 `news.apple.com`，TLS SAN 校验会失败。

@@ -222,10 +224,10 @@ qBittorrent 设置：SOCKS5 代理 → 旁路由 `192.168.1.199:1080`，监听 `
  → 端口匹配出站 → 内网目标 → 原路返回
 ```

-### 路径 2：代理翻墙（东京出口）
+### 路径 2：代理翻墙（直连搬瓦工）
 ```
-Mihomo 客户端 → salmonstill.cn:443 (SNI=www.microsoft.com)
-  → mihomo_in :9444 → to_tokyo → 东京 VPS → freedom → 互联网
+Mihomo 客户端 → 173.242.118.60:443 (SNI=www.microsoft.com)
+  → Nginx 分流 → Xray :9443 → freedom → 互联网
 ```

 ### 路径 3：qBittorrent 代理出站
@@ -250,22 +252,19 @@ BT Peer → salmonstill.cn:51413 → portal → 隧道 → bridge → to_qbit
  → bridge → catch-all direct → 任意 LAN IP:PORT
 ```

---

-## 文件清单

 | 文件 | 目标设备 | 部署路径 |
 |---|---|---|
 | `beijing-vps-stream.conf` | 北京 VPS | `/etc/nginx/stream.conf.d/` |
 | `xray-北京vps-config.json` | 北京 VPS | `/usr/local/etc/xray/config.json` |
-| `东京-vps-stream.conf` | 东京 VPS | `/etc/nginx/stream.conf.d/` |
-| `tokyo-vps-config.json` | 东京 VPS | `/usr/local/etc/xray/config.json` |
+| `东京-vps-stream.conf` | 搬瓦工 VPS | `/etc/nginx/stream.conf.d/` |
+| `tokyo-vps-config.json` | 搬瓦工 VPS | `/usr/local/etc/xray/config.json` |
 | `xray-旁路由-config.json` | 旁路由 | `/etc/xray/config.json` |
 | `旁路由的mihomo config.yaml` | 旁路由 | `/opt/mihomo/config.yaml` |
 | `非tun模式的主机mihomo config.yaml` | macOS | `~/Library/LaunchAgents/` (launchctl 管理) |
 | `tun模式的主机mihomo config.yaml` | Spark (Ubuntu) | `/opt/mihomo/config.yaml` (systemd) |
-| `subscribe.yaml` | 通用 | 订阅模板 |
-| `subscribe-7891-only.yaml` | 通用 | 精简版模板 |
+| `subscribe-7891-only.yaml` | 通用 | 精简版模板（单独 7891 端口） |
 | `qbittorrent流量转发.md` | — | 方案文档 |
 | `我的世界udp转发.md` | — | 方案文档 |

@@ -279,7 +278,7 @@ BT Peer → salmonstill.cn:51413 → portal → 隧道 → bridge → to_qbit
 3. 北京 VPS: 部署 Xray → systemctl restart xray
 4. 北京 VPS: 部署 WireGuard → wg-quick@wg0
 5. 北京 VPS: 部署 socat → systemctl start mc-forward
-6. 东京 VPS: 部署 Nginx + Xray
+6. 搬瓦工 VPS: 部署 Nginx + Xray
 7. 旁路由: 部署 Xray → /etc/init.d/xray restart
 8. 旁路由: 部署 Mihomo → /etc/init.d/mihomo restart
 9. 旁路由: 配置 WireGuard + 端口转发 + SNAT（LuCI）
@@ -296,8 +295,8 @@ BT Peer → salmonstill.cn:51413 → portal → 隧道 → bridge → to_qbit
 ss -tlnp | grep -E '944[345]|3865[3-8]|51413|10809'
 systemctl status nginx xray wg-quick@wg0 mc-forward

-# 东京 VPS
-ss -tlnp | grep 9443
+# 搬瓦工 VPS
+ss -tlnp | grep -E '443|9443'
 systemctl status nginx xray

 # 旁路由
@@ -1,49 +0,0 @@
-mixed-port: 7890
-allow-lan: true
-bind-address: '*'
-mode: rule
-log-level: info
-external-controller: '127.0.0.1:9090'
-
-find-process-mode: off
-
-dns:
-  enable: true
-  ipv6: false
-  enhanced-mode: fake-ip
-  fake-ip-range: 198.18.0.1/16
-  default-nameserver:
-    - tls://223.5.5.5
-    - tls://223.6.6.6
-  nameserver:
-    - https://dns.alidns.com/dns-query
-    - https://doh.pub/dns-query
-  respect-rules: false
-
-proxies:
-  - name: Xray-Real
-    type: vless
-    server: salmonstill.cn
-    port: 443
-    uuid: "113e167a-a2be-4b46-9010-60020108626c"
-    udp: true
-    flow: xtls-rprx-vision
-    packet-encoding: xudp
-    tls: true
-    servername: www.microsoft.com
-    client-fingerprint: chrome
-    reality-opts:
-      public-key: "62y5gDjPrdeuePGl-D2IW4Cw9Kb8_bSBBTmArvL7Nhs"
-      short-id: "7c947a71b94f369e"
-    network: tcp
-
-listeners:
-  - name: global-mixed
-    type: mixed
-    port: 7891
-    listen: 0.0.0.0
-    udp: true
-    proxy: Xray-Real
-
-rules:
-  - MATCH,DIRECT
@@ -1,325 +0,0 @@
-# ========================
-# Clash-ALL 思路（单上游 Xray Reality 精简版） + 额外端口：7891 全局代理 + 7892 强制直连
-# ========================
-
-mixed-port: 7890
-allow-lan: true
-bind-address: '*'
-mode: rule
-log-level: info
-external-controller: '127.0.0.1:9090'
-
-find-process-mode: off
-
-dns:
-  enable: true
-  ipv6: false
-  prefer-h3: false
-  use-hosts: false
-  use-system-hosts: true
-  enhanced-mode: fake-ip
-  fake-ip-range: 198.18.0.1/16
-  fake-ip-filter:
-    - geosite:private
-    - geosite:tracker
-    - geosite:cn
-    - geosite:apple@cn
-    - geosite:microsoft@cn
-    - geosite:microsoft
-    - '+.lan'
-    - '+.local'
-  default-nameserver:
-    - 223.5.5.5
-    - 223.6.6.6
-  nameserver:
-    - https://9.9.9.9/dns-query
-    - https://149.112.112.112/dns-query
-    - https://94.140.14.14/dns-query
-    - https://94.140.15.15/dns-query
-  proxy-server-nameserver:
-    - https://dns.alidns.com/dns-query
-    - https://doh.pub/dns-query
-  direct-nameserver:
-    - https://dns.alidns.com/dns-query
-    - https://doh.pub/dns-query
-  respect-rules: true
-
-# ========================
-# 代理定义
-# ========================
-proxies:
-  - name: 直连
-    type: direct
-  - name: 拒绝
-    type: reject
-
-  - name: Xray-Real
-    type: vless
-    server: salmonstill.cn
-    port: 443
-    uuid: "113e167a-a2be-4b46-9010-60020108626c"
-    udp: true
-    flow: xtls-rprx-vision
-    packet-encoding: xudp
-    tls: true
-    servername: www.microsoft.com
-    client-fingerprint: chrome
-    reality-opts:
-      public-key: "62y5gDjPrdeuePGl-D2IW4Cw9Kb8_bSBBTmArvL7Nhs"
-      short-id: "7c947a71b94f369e"
-    network: tcp
-
-  - name: US-Direct
-    type: vless
-    server: us.salmonstill.cn
-    port: 443
-    uuid: "4d222c16-53bb-4402-814e-c8188cebcea6"
-    udp: true
-    flow: xtls-rprx-vision
-    packet-encoding: xudp
-    tls: true
-    servername: www.microsoft.com
-    client-fingerprint: chrome
-    reality-opts:
-      public-key: "jr_zQjC4mvlQITuG5Ap5Mxqe5EBbGyyvwbVLDEi8OCA"
-      short-id: "a1b2c3d4"
-    network: tcp
-
-# ========================
-# 策略组
-# ========================
-proxy-groups:
-  - name: 国内
-    type: select
-    proxies: [直连]
-
-  - name: 国外
-    type: select
-    proxies: [Xray-Real, US-Direct, 直连]
-
-  - name: Steam-rule
-    type: select
-    proxies: [国内, 国外, 直连]
-
-  - name: Microsoft-rule
-    type: select
-    proxies: [国内, 国外, 直连]
-
-  - name: AI
-    type: select
-    proxies: [国外, 国内, 直连]
-
-  - name: Stream Media
-    type: select
-    proxies: [国外, 国内, 直连]
-
-  - name: GitHub
-    type: select
-    proxies: [国外, 国内, 直连]
-
-  - name: Crypto
-    type: select
-    proxies: [国外, 国内, 直连]
-
-  - name: Block
-    type: select
-    proxies: [拒绝, 直连]
-
-  - name: 其他
-    type: select
-    proxies: [国外, 国内, 直连, 拒绝]
-
-# ========================
-# rule-providers
-# ========================
-rule-providers:
-  Ads:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/category-ads-all.mrs
-    path: ./rule-providers/ads.mrs
-    proxy: 国外
-
-  Private_Domain:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/private.mrs
-    path: ./rule-providers/private_domain.mrs
-    proxy: 国外
-
-  Private_IP:
-    type: http
-    behavior: ipcidr
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geoip/private.mrs
-    path: ./rule-providers/private_ip.mrs
-    proxy: 国外
-
-  China_Domain:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/cn.mrs
-    path: ./rule-providers/cn_domain.mrs
-    proxy: 国外
-
-  China_IP:
-    type: http
-    behavior: ipcidr
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geoip/cn.mrs
-    path: ./rule-providers/cn_ip.mrs
-    proxy: 国外
-
-  Oracle:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/oracle.mrs
-    path: ./rule-providers/oracle.mrs
-    proxy: 国外
-
-  OpenAI:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/openai.mrs
-    path: ./rule-providers/openai.mrs
-    proxy: 国外
-
-  GitHub_Domain:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/github.mrs
-    path: ./rule-providers/github.mrs
-    proxy: 国外
-
-  Netflix_Domain:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/netflix.mrs
-    path: ./rule-providers/netflix_domain.mrs
-    proxy: 国外
-
-  Netflix_IP:
-    type: http
-    behavior: ipcidr
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geoip/netflix.mrs
-    path: ./rule-providers/netflix_ip.mrs
-    proxy: 国外
-
-  Steam_CN:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/steam@cn.mrs
-    path: ./rule-providers/steam_cn.mrs
-    proxy: 国外
-
-  Steam:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/steam.mrs
-    path: ./rule-providers/steam.mrs
-    proxy: 国外
-
-  GFW:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/gfw.mrs
-    path: ./rule-providers/gfw.mrs
-    proxy: 国外
-
-  Geo_NoCN:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/geolocation-!cn.mrs
-    path: ./rule-providers/geo_nocn.mrs
-    proxy: 国外
-
-  Microsoft:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/microsoft.mrs
-    path: ./rule-providers/microsoft.mrs
-    proxy: 国外
-
-  Crypto:
-    type: http
-    behavior: domain
-    format: mrs
-    interval: 86400
-    url: https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/meta/geo/geosite/category-cryptocurrency.mrs
-    path: ./rule-providers/crypto.mrs
-    proxy: 国外
-
-# ========================
-# 多监听器部分
-# ========================
-listeners:
-  - name: global-mixed
-    type: mixed
-    port: 7891
-    listen: 127.0.0.1
-    udp: true
-    proxy: US-Direct
-
-  - name: direct-mixed
-    type: mixed
-    port: 7892
-    listen: 127.0.0.1
-    udp: true
-    proxy: 直连
-
-# ========================
-# rules
-# ========================
-rules:
-  - DOMAIN,vs18.bj2cu.u3.ucweb.com,拒绝
-  - DOMAIN-SUFFIX,salmonstill.cn,直连
-  - DOMAIN-KEYWORD,raylink,直连
-  - IP-CIDR,49.232.242.90/32,直连
-  - IP-CIDR,43.165.178.10/32,直连
-  - DOMAIN-SUFFIX,ubuntu.com,国外
-  - DOMAIN-SUFFIX,canonical.com,国外
-  - RULE-SET,Ads,Block
-  - RULE-SET,Private_Domain,国内
-  - RULE-SET,Private_IP,国内,no-resolve
-  - RULE-SET,China_Domain,国内
-  - RULE-SET,Oracle,国内
-  - RULE-SET,China_IP,国内,no-resolve
-  - RULE-SET,OpenAI,AI
-  - RULE-SET,GitHub_Domain,GitHub
-  - RULE-SET,Netflix_Domain,Stream Media
-  - RULE-SET,Netflix_IP,Stream Media,no-resolve
-  - RULE-SET,Steam_CN,国内
-  - RULE-SET,Steam,Steam-rule
-  - RULE-SET,Microsoft,Microsoft-rule
-  - RULE-SET,Crypto,Crypto
-  - RULE-SET,GFW,国外
-  - RULE-SET,Geo_NoCN,国外
-  - MATCH,其他
@@ -1,6 +1,6 @@
 # ========================
 # Spark (Ubuntu) Mihomo 配置
-# 基于 subscribe.yaml + 本地 TUN 模式
+# 本地 TUN 模式，国外走 US-Direct 直连
 # ========================

 mixed-port: 7890
@@ -38,14 +38,13 @@ dns:
    - geosite:microsoft
    - '+.lan'
    - '+.local'
+    - '+.hf-mirror.com'
  default-nameserver:
    - 223.5.5.5
    - 223.6.6.6
  nameserver:
-    - https://9.9.9.9/dns-query
-    - https://149.112.112.112/dns-query
-    - https://94.140.14.14/dns-query
-    - https://94.140.15.15/dns-query
+    - https://dns.alidns.com/dns-query
+    - https://doh.pub/dns-query
  proxy-server-nameserver:
    - https://dns.alidns.com/dns-query
    - https://doh.pub/dns-query
@@ -63,25 +62,9 @@ proxies:
  - name: 拒绝
    type: reject

-  - name: Xray-Real
-    type: vless
-    server: salmonstill.cn
-    port: 443
-    uuid: "113e167a-a2be-4b46-9010-60020108626c"
-    udp: true
-    flow: xtls-rprx-vision
-    packet-encoding: xudp
-    tls: true
-    servername: www.microsoft.com
-    client-fingerprint: chrome
-    reality-opts:
-      public-key: "62y5gDjPrdeuePGl-D2IW4Cw9Kb8_bSBBTmArvL7Nhs"
-      short-id: "7c947a71b94f369e"
-    network: tcp
-
  - name: US-Direct
    type: vless
-    server: us.salmonstill.cn
+    server: 173.242.118.60
    port: 443
    uuid: "4d222c16-53bb-4402-814e-c8188cebcea6"
    udp: true
@@ -105,7 +88,7 @@ proxy-groups:

  - name: 国外
    type: select
-    proxies: [Xray-Real, US-Direct, 直连]
+    proxies: [US-Direct, 直连]

  - name: Steam-rule
    type: select
@@ -311,11 +294,14 @@ listeners:
 rules:
  - DOMAIN,vs18.bj2cu.u3.ucweb.com,拒绝
  - DOMAIN-SUFFIX,salmonstill.cn,直连
+  - DOMAIN-SUFFIX,hf-mirror.com,国内
  - DOMAIN-KEYWORD,raylink,直连
  - IP-CIDR,49.232.242.90/32,直连
-  - IP-CIDR,43.165.178.10/32,直连
+  - IP-CIDR,173.242.118.60/32,直连
  - DOMAIN-SUFFIX,ubuntu.com,国外
  - DOMAIN-SUFFIX,canonical.com,国外
+  - DOMAIN-SUFFIX,okx.com,国外
+  - DOMAIN-SUFFIX,okxc.com,国外
  - RULE-SET,Ads,Block
  - RULE-SET,Private_Domain,国内
  - RULE-SET,Private_IP,国内,no-resolve
@@ -109,13 +109,13 @@
      }
    },
    {
-      "tag": "external_3000",
+      "tag": "external_gitea",
      "listen": "0.0.0.0",
-      "port": 3000,
+      "port": 38661,
      "protocol": "dokodemo-door",
      "settings": {
        "address": "127.0.0.1",
-        "port": 3000,
+        "port": 38661,
        "network": "tcp"
      }
    },
@@ -281,7 +281,7 @@
      "settings": {
        "vnext": [
          {
-            "address": "us.salmonstill.cn",
+            "address": "173.242.118.60",
            "port": 443,
            "users": [
              {
@@ -361,7 +361,7 @@
      {
        "type": "field",
        "inboundTag": [
-          "external_3000"
+          "external_gitea"
        ],
        "outboundTag": "portal"
      },
@@ -253,7 +253,7 @@
        "inboundTag": [
          "bridge"
        ],
-        "port": "3000",
+        "port": "38661",
        "outboundTag": "to_3000"
      },
      {
@@ -35,10 +35,8 @@ dns:
    - 223.5.5.5
    - 114.114.114.114
  nameserver:
-    - https://9.9.9.9/dns-query
-    - https://149.112.112.112/dns-query
-    - https://94.140.14.14/dns-query
-    - https://94.140.15.15/dns-query
+    - https://dns.alidns.com/dns-query
+    - https://doh.pub/dns-query
  proxy-server-nameserver:
    - https://dns.alidns.com/dns-query
    - https://doh.pub/dns-query
@@ -74,7 +72,7 @@ proxies:

  - name: US-Direct
    type: vless
-    server: us.salmonstill.cn
+    server: 173.242.118.60
    port: 443
    uuid: "4d222c16-53bb-4402-814e-c8188cebcea6"
    udp: true
@@ -307,9 +305,11 @@ rules:
  - DOMAIN-SUFFIX,volces.com,直连
  - DOMAIN-KEYWORD,raylink,直连
  - IP-CIDR,49.232.242.90/32,直连
-  - IP-CIDR,43.165.178.10/32,直连
+  - IP-CIDR,173.242.118.60/32,直连
  - DOMAIN-SUFFIX,ubuntu.com,国外
  - DOMAIN-SUFFIX,canonical.com,国外
+  - DOMAIN-SUFFIX,okx.com,国外
+  - DOMAIN-SUFFIX,okxc.com,国外
  - RULE-SET,Ads,Block
  - RULE-SET,Private_Domain,国内
  - RULE-SET,Private_IP,国内,no-resolve
@@ -32,10 +32,8 @@ dns:
    - 223.5.5.5
    - 223.6.6.6
  nameserver:
-    - https://9.9.9.9/dns-query
-    - https://149.112.112.112/dns-query
-    - https://94.140.14.14/dns-query
-    - https://94.140.15.15/dns-query
+    - https://dns.alidns.com/dns-query
+    - https://doh.pub/dns-query
  proxy-server-nameserver:
    - https://dns.alidns.com/dns-query
    - https://doh.pub/dns-query
@@ -71,7 +69,7 @@ proxies:

  - name: US-Direct
    type: vless
-    server: us.salmonstill.cn
+    server: 173.242.118.60
    port: 443
    uuid: "4d222c16-53bb-4402-814e-c8188cebcea6"
    udp: true
@@ -301,11 +299,14 @@ listeners:
 rules:
  - DOMAIN,vs18.bj2cu.u3.ucweb.com,拒绝
  - DOMAIN-SUFFIX,salmonstill.cn,直连
+  - DOMAIN-SUFFIX,hf-mirror.com,国内
  - DOMAIN-KEYWORD,raylink,直连
  - IP-CIDR,49.232.242.90/32,直连
-  - IP-CIDR,43.165.178.10/32,直连
+  - IP-CIDR,173.242.118.60/32,直连
  - DOMAIN-SUFFIX,ubuntu.com,国外
  - DOMAIN-SUFFIX,canonical.com,国外
+  - DOMAIN-SUFFIX,okx.com,国外
+  - DOMAIN-SUFFIX,okxc.com,国外
  - RULE-SET,Ads,Block
  - RULE-SET,Private_Domain,国内
  - RULE-SET,Private_IP,国内,no-resolve
Author	SHA1	Message	Date
salmonstill	5c66bc599a	所有的东西都已正常	2026-05-24 10:35:19 +08:00
salmonstill	1b604b502f	稳定版本,但是访问3000端口都导向gitea还没修	2026-05-24 10:11:58 +08:00