logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

Streamlined Proxy Rule Optimization Tool

This utility refines configuration directives for proxy clients, focusing on enhancing connection performance and simplifying management. It supplies pre-sorted rule sets, notably incorporating specific directives tailored for services such as Microsoft products. Security, in this context, involves safeguarding connection integrity and resilience against unauthorized access or performance degradation, mirroring the broader concept of protection from hostile digital forces.

Author

Streamlined Proxy Rule Optimization Tool logo

Job28703

No License

Quick Info

GitHub GitHub Stars 0
NPM Weekly Downloads 0
Tools 1
Last Updated 2026-02-19

Actions

GitHub View on GitHub

Tags

proxyjob28703securitysecurity job28703proxy rulesjob28703 clash

Introduction

This toolkit assists users in managing complex proxy rule configurations, often associated with tools like Clash. Standard rule sets can become overly extensive, potentially introducing noticeable latency during operation. The primary objective here is streamlining these directives by removing unneeded entries. This approach facilitates easier customization and promotes more resilient network security postures against unwanted changes or slowdowns.

Setup

To begin utilizing this repository, the first step involves creating a personal fork of the original project structure. This action establishes your working copy for subsequent modifications. Following the fork, you should activate the designated GitHub Action workflow labeled 'Generate Rules for Clash'. This process ensures your local rule files are prepared for potential synchronization.

How to Customize

Modifications are made by directly editing the specific rule text files within the forked repository. Users should focus their attention on files conventionally named with a 'rule.txt' suffix. Any newly created files following this naming convention will also be integrated into the automated process. After updating your local files, refreshing the configuration within your local Clash application is necessary to apply the changes.

Usage

Once rules are customized, a GitHub Action automatically takes these refined lists and stages them onto a global Content Delivery Network (CDN). This caching mechanism ensures quick retrieval across different devices. You can reference the finalized, hosted rule files using the following base URL structure, substituting the placeholder with your actual GitHub username:

https://cdn.jsdelivr.net/gh/{Your-GitHub-Username}/clash-rules-lite@release/proxy-rules.txt
https://cdn.jsdelivr.net/gh/{Your-GitHub-Username}/clash-rules-lite@release/microsoft-rules.txt https://cdn.jsdelivr.net/gh/{Your-GitHub-Username}/clash-rules-lite@release/blacklist-rules.txt

Deployment in Clash Desktop

To integrate these rules into the desktop client securely, it is recommended to duplicate your primary subscription configuration file. Rename this copy locally to 'local' to prevent automated updates from overwriting your manual adjustments. Within this new 'local' file, carefully adjust sections pertaining to proxies, proxy groups, and the rule provider URLs. The following code snippet demonstrates the areas requiring substitution with your personal settings, including the GitHub username placeholder:

mixed-port: 7890
allow-lan: true
bind-address: '*'
mode: rule
log-level: silent
external-controller: '127.0.0.1:9090'
proxies:
    <b>- { name: '1-香港', type: *, server: **, port: *, cipher: **, password: **, udp: true }</b>
    <b>- { name: '2-香港', type: *, server: **, port: *, cipher: **, password: **, udp: true }</b>
    <b>- ...</b>
proxy-groups:
    <b>- { name: '🔰 节点选择', type: select, proxies: ['1-香港', '2-香港'] }</b>
    <b>- { name: '🎯 全球直连', type: select, proxies: ['DIRECT'] }</b>
    <b>- { name: '🛑 全球拦截', type: select, proxies: ['REJECT'] }</b>
    <b>- { name: 'Ⓜ️ 微软服务', type: select, proxies: ['🎯 全球直连', ] }</b>
    <b>- { name: '🐟 漏网之鱼', type: select, proxies: ['🔰 节点选择'] }</b>
    <b>- ...</b>
rules:
  - RULE-SET,Backlist,🛑 全球拦截
  - RULE-SET,Proxy,🔰 节点选择
  - RULE-SET,Microsoft,Ⓜ️ 微软服务
  - GEOIP,CN,🎯 全球直连
  - MATCH,🐟 漏网之鱼
rule-providers:
  Proxy:
    type: http
    behavior: classical
    url: "https://cdn.jsdelivr.net/gh/zhanyeye/clash-rules-lite@release/proxy-rules.txt"
    path: ./providers/rule-proxy.yaml
    interval: 86400
  Microsoft:
    type: http
    behavior: classical
    url: "https://cdn.jsdelivr.net/gh/zhanyeye/clash-rules-lite@release/microsoft-rules.txt"
    path: ./providers/rule-microsoft.yaml
    interval: 86400
  Backlist:
    type: http
    behavior: classical
    url: "https://cdn.jsdelivr.net/gh/zhanyeye/clash-rules-lite@release/blacklist-rules.txt"
    path: ./providers/rule-backlist.yaml
    interval: 86400

After implementing these configurations in the local file, run the modified configuration and switch the operational mode to 'Rule'.

Deployment in OpenWrt (OpenClash)

Users employing OpenWrt devices should specifically update the 'rules' and 'rule-providers' sections within their configuration file. Remember that the repository owner's username must be substituted with your own unique identifier. Furthermore, ensure that the proxy groups referenced in the rules align with those defined in your customized proxy-groups section.

rules:
  - RULE-SET,Backlist,🛑 全球拦截
  - RULE-SET,Proxy,🔰 节点选择
  - RULE-SET,Microsoft,Ⓜ️ 微软服务
  - GEOIP,CN,🎯 全球直连
  - MATCH,🐟 漏网之鱼
rule-providers:
  Proxy:
    type: http
    behavior: classical
    url: "https://cdn.jsdelivr.net/gh/zhanyeye/clash-rules-lite@release/proxy-rules.txt"
    path: ./providers/rule-proxy.yaml
    interval: 86400
  Microsoft:
    type: http
    behavior: classical
    url: "https://cdn.jsdelivr.net/gh/zhanyeye/clash-rules-lite@release/microsoft-rules.txt"
    path: ./providers/rule-microsoft.yaml
    interval: 86400
  Backlist:
    type: http
    behavior: classical
    url: "https://cdn.jsdelivr.net/gh/zhanyeye/clash-rules-lite@release/blacklist-rules.txt"
    path: ./providers/rule-backlist.yaml
    interval: 86400

CDN Cache Invalidation

If rule updates hosted on the jsDelivr CDN do not immediately reflect, this is due to caching mechanisms. While the default refresh cycle might be extensive, a manual purge option exists. If your file URL is structured like this:

https://cdn.jsdelivr.net/xxx/xxx...

Modify the domain segment from 'cdn' to 'purge' to force an immediate update:

https://purge.jsdelivr.net/xxx/xxx...

Accessing this purged URL confirms that the content refresh operation has been successfully initiated.

  • Proxy Server Protocols
  • Network Traffic Filtering
  • Geographic IP Location Rules
  • Data Containment Strategies
  • Resilience Against Digital Coercion
  • Virtual Security Systems

Extra Details

The original configuration often contained extensive rule lists intended for broad compatibility. This tool focuses on minimizing that scope, concentrating only on frequently accessed domains. Security benefits from this minimalism by reducing the potential attack surface created by unnecessary routing rules. Feeling secure in one's network connection relies on both accurate configuration and resilience against external interference.

Conclusion

Employing this streamlined rule management system promotes operational efficiency within your proxy environment. By customizing the traffic routing logic, users gain finer control over data pathways. This level of configuration mastery contributes positively to maintaining a desired state of network security and predictable performance characteristics.

See Also

Man Pages
rules Man Pages
Man Pages
set.rules Man Pages
Man Pages
proxy Man Pages
Clash
Clash PNG Icons
Type
Type PNG Icons
MCP
Globalping-mcp-server Mcp
Https
Https PNG Icons
MCP
Iterm-mcp Mcp
MCP
Genaiscript Mcp
← Back to Security🙏  Credits & Acknowledgments
`