在 Linux 下使用 Clash 进行全局上网代理及自动订阅代理和规则

简介

本文将详细介绍如何在 Linux 环境下配置 Clash，以实现全局网络代理。

同时使用 proxy-group 与 rule-providers，来实现机场链接和规则的自动订阅。

准备工作

1. 从以下备份库下载 Clash Premium:

   由于 Clash Premium 的主库已被删除，我们将使用备份库来获取吧。
   Clash-premium-backup

安装和配置

1. 解压下载的文件：

   gzip -d clash-linux-amd64-n2023-09-05-gdcc8d87.gz
   chmod +x clash-linux-amd64
   mv clash-linux-amd64 clash

2. 创建配置文件 config.yaml，并编辑配置：

   确保替换掉 <这里替换为你机场的订阅链接> 为你的实际订阅链接。

   这里我们用了 proxy-groups 和 rule-providers，一来可以直接自动订阅节点，第二可以自动订阅规则。不需要再去配置 crontab 之类的东西了，应该是目前最简单的方式，且最好用。

port: 7890
socks-port: 7891
redir-port: 7892
mixed-port: 7893
allow-lan: false
mode: rule
log-level: info
ipv6: false
external-controller: 0.0.0.0:9090
clash-for-android:
  append-system-dns: false
profile:
  tracing: true
experimental:
  sniff-tls-sni: true


tun:
  enable: true
  stack: system
  dns-hijack:
    - any:53
  auto-route: true
  auto-detect-interface: true

dns:
  enable: true
  enhanced-mode: fake-ip
  listen: :53
  default-nameserver:
      - 210.5.56.145
  nameserver:
      - 114.114.114.114
  fallback:
      - https://8888.google/dns-query
      - https://1.0.0.1/dns-query
      - https://dns.twnic.tw/dns-query
      - https://doh.opendns.com/dns-query
      - https://dns-nyc.aaflalo.me/dns-query
      - https://dns.aa.net.uk/dns-query
      - https://sg.adhole.org/dns-query
      - https://kaitain.restena.lu/dns-query
      - https://hydra.plan9-ns1.com/dns-query
      - https://jp.tiar.app/dns-query
      - https://doh.asia.dnswarden.com/adblock
  fallback-filter:
    geoip: true
    geoip-code: CN

proxy-providers:
  Exemple:
    type: http
    path: ./example.yaml
    url: <这里替换为你机场的订阅链接>
  interval: 3600
    health-check:
        enable: true
        url: http://www.gstatic.com/generate_204
        interval: 300

proxy-groups:
  - name: PROXY
    type: select
    url: http://www.gstatic.com/generate_204
    interval: 3600
    use:
      - Exemple

rule-providers:
  reject:
    type: http
    behavior: domain
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/reject.txt"
    path: ./ruleset/reject.yaml
    interval: 86400

  icloud:
    type: http
    behavior: domain
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/icloud.txt"
    path: ./ruleset/icloud.yaml
    interval: 86400

  apple:
    type: http
    behavior: domain
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/apple.txt"
    path: ./ruleset/apple.yaml
    interval: 86400

  google:
    type: http
    behavior: domain
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/google.txt"
    path: ./ruleset/google.yaml
    interval: 86400

  proxy:
    type: http
    behavior: domain
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/proxy.txt"
    path: ./ruleset/proxy.yaml
    interval: 86400

  direct:
    type: http
    behavior: domain
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/direct.txt"
    path: ./ruleset/direct.yaml
    interval: 86400

  private:
    type: http
    behavior: domain
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/private.txt"
    path: ./ruleset/private.yaml
    interval: 86400

  gfw:
    type: http
    behavior: domain
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/gfw.txt"
    path: ./ruleset/gfw.yaml
    interval: 86400

  tld-not-cn:
    type: http
    behavior: domain
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/tld-not-cn.txt"
    path: ./ruleset/tld-not-cn.yaml
    interval: 86400

  telegramcidr:
    type: http
    behavior: ipcidr
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/telegramcidr.txt"
    path: ./ruleset/telegramcidr.yaml
    interval: 86400

  cncidr:
    type: http
    behavior: ipcidr
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/cncidr.txt"
    path: ./ruleset/cncidr.yaml
    interval: 86400

  lancidr:
    type: http
    behavior: ipcidr
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt"
    path: ./ruleset/lancidr.yaml
    interval: 86400

  applications:
    type: http
    behavior: classical
    url: "https://fastly.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/applications.txt"
    path: ./ruleset/applications.yaml
    interval: 86400



rules:
  - RULE-SET,applications,DIRECT
  - DOMAIN,clash.razord.top,DIRECT
  - DOMAIN,yacd.haishan.me,DIRECT
  - RULE-SET,private,DIRECT
  - RULE-SET,reject,REJECT
  - RULE-SET,tld-not-cn,PROXY
  - RULE-SET,gfw,PROXY
  - RULE-SET,google,PROXY
  - RULE-SET,telegramcidr,PROXY
  - MATCH,DIRECT

测试和运行

运行 Clash:

clash -f /path/to/your/config.yaml

注意：请替换 /path/to/your/config.yaml 为你的实际配置文件路径。

2. 测试代理是否工作正常。

curl -L google.com

设置开机自启

1. 创建一个 systemd 服务文件，例如 /etc/systemd/system/clash.service，内容如下：

   [Unit]
   Description=Clash Service
   After=network.target
   
   [Service]
   Type=simple
   User=<你的用户名>
   WorkingDirectory=<Clash配置文件目录>
   ExecStart=<Clash执行文件路径> -f <Clash配置文件路径>
   Restart=on-failure
   
   [Install]
   WantedBy=multi-user.target

替换 <你的用户名>、<Clash 配置文件目录 >、<Clash 执行文件路径 > 和 < Clash 配置文件路径 > 为你的实际信息。
重新加载 systemd 管理器配置，并启用 Clash 服务：

sudo systemctl daemon-reload
sudo systemctl enable --now clash.service
systemctl status clash.service

注意事项

1. 确保遵守您所在地区的法律法规。

2. 代理服务器的使用应出于合法和正当目的。

3. 本教程仅供教育和学习交流，请勿用于非法活动。