# 综合示例:显式代理 + DNS/Fake-IP + TUN + Sniffer + HTTP Engine。 # 用途:作为“从哪里开始组装完整配置”的参考骨架。 # 注意:这份示例默认所有流量 DIRECT,只演示数据流和模块关系。 mixed-port: 7890 mode: rule log-level: info allow-lan: false dns: enable: true listen: 127.0.0.1:1053 enhanced-mode: fake-ip fake-ip-range: 198.18.0.1/16 nameserver: - https://223.5.5.5/dns-query - tls://223.5.5.5:853 nameserver-policy: '+.lan': system:// '+.local': system:// fake-ip-filter: - '*.lan' - '+.local' - router.asus.com tun: enable: true backend: auto auto-route: true auto-detect-interface: true dns-hijack: - any:53 route-exclude-address: - 127.0.0.0/8 - 10.0.0.0/8 - 172.16.0.0/12 - 192.168.0.0/16 sniffer: enable: true override-destination: true force-dns-mapping: true sniff: HTTP: ports: [80, 8080] override-destination: true TLS: ports: [443] QUIC: ports: [443] skip-domain: - '+.lan' - '+.local' http-engine: enabled: true defaults: body-max-size: 1 MiB script-timeout: 50ms script-memory-limit: 8 MiB on-error: fail-open capture: enabled: true max-flows: 200 body-preview-bytes: 4 KiB store-full-body: false scripts: - name: mark-json source: inline: | function onResponse(payload) { const body = payload.response.body; if (!body || typeof body !== "object") return; body.linkOne = true; return { headers: { "Content-Type": "application/json", "X-Link1-Example": "1" }, body: body }; } rules: header-rewrite: - name: add-request-marker direction: request match: host: debug.example.com operations: - op: set key: X-Link1-Debug value: '1' script: - name: mark-json-response direction: response match: host: debug.example.com content-type: [application/json] script: mark-json require-body: true max-size: 256 KiB timeout: 50ms on-error: fail-open rules: - IP-CIDR,127.0.0.0/8,DIRECT,no-resolve - IP-CIDR,10.0.0.0/8,DIRECT,no-resolve - IP-CIDR,172.16.0.0/12,DIRECT,no-resolve - IP-CIDR,192.168.0.0/16,DIRECT,no-resolve - MATCH,DIRECT