Releases: MetaCubeX/mihomo
Releases · MetaCubeX/mihomo
v1.14.1
What's Changed
- Chore: proxy-provider and proxy-groups support exclude node by node type by @ag2s20150909
- Fix: Process rule is not work in classical rule-set by @Skyxim
- Fix #322: add option general.find-process-mode, user can turn off findProcess feature in router by @chain710
- Fix: geoip mmdb/geodata init by @cubemaze
- Fix: vless RoutingMark bind by @cubemaze
- Fix: vmess udp by @wwqgtxx
- Chore: vemss converter xudp is true by default by @cubemaze
- Fix: ss2022 converter password decode error by @cubemaze
- Chore: Refine converter packet encoding parse by @H1JK
- Fix: Converter VMess XUDP not enabled by default when using v2rayN style share linkby @H1JK
- Chore: ss2022 converter method verify by @cubemaze
- Feat: Support ShadowTLS v2 as Shadowsocks plugin by @3andero
- Fix: dns cache index out of range by @wwqgtxx
- Feat: VLESS support packet encodings by @H1JK
- Refactor: VLESS with packet encodings by @H1JK
- Fix: Deprecate TCPMSS by @Larvan2
New Contributors
- @ag2s20150909 made their first contribution in #321
- @Rasphino made their first contribution in #327
- @Larvan2 made their first contribution in #336
Full Changelog: v1.14.0...v1.14.1
Contributors
chain710, wwqgtxx, and 7 other contributors
Assets 25
v1.14.0
What's Changed
- Chore: add exclude-filter to ProxyGroup by @wwqgtxx
- Chore: support wireguard outbound by @wwqgtxx (doc)
- Chore: add vmess, shadowsocks, tcptun and udptun listener by @wwqgtxx (doc)
- Chore: support IN-PORT rule by @wwqgtxx
- Featrue: DoH and DoQ are implemented using AdGuardTeam/dnsProxy, DoH support perfer and force http3 @Skyxim
- Chore: better dns background fetch retrying by @wwqgtxx
- Chore: Update tfo to v2, ss and vmess inbound add tfo by @zhudan
- Chore: support old chacha20 by @wwqgtxx
- Chore: add retry in tunnel dial by @wwqgtxx
- Chore: add tuic outbound by @wwqgtxx (doc)
- Feat: support fast_open for hysteria, and unified parameter naming by @Skyxim
- Chore: decrease DomainTrie's memory use by @wwqgtxx
- Fix: a temporary solution for error reporting when enabling tun for devices that do not have an ipv6 environment by @cubemaze
- Feat: add tls port for RESTful api and external controller by @Skyxim (doc)
- Feat: add listeners by @Skyxim (doc, doc)
- Chore: listeners support tuic/shadowsocks/vmess/tunnel/tun by @wwqgtxx (doc)
- Chore: Android version supports child processes following the main process rules by @cubemaze
- Chore: wireguard's reserved support base64 input by @wwqgtxx
- Chore: support relay native udp when using ss and ssr protocol by @wwqgtxx
- Chore: rebuild relay by @wwqgtxx
- Chore: linux ipv6 REDIRECT by @embeddedlove in #311
- Fix: trying to let hysteria's port hopping work by @wwqgtxx
- Update README.md by @tdjnodj in #282
- Fix nix build fail by @oluceps in #302
New Contributors
- @tdjnodj made their first contribution in #282
- @embeddedlove made their first contribution in #311
Full Changelog: v1.13.2...v1.14.0
Contributors
wwqgtxx, suzukua, and 4 other contributors
Assets 25
v1.13.2
What's Changed
- Add iptables package to docker by @sjtuross in #189
- Chore: compatible with Stash hysteria config by @StashNetworks in #191
- add: flake.nix and other required files for nix build by @oluceps in #201
- Refactor flake by @oluceps in #202
- add: current version and BuildTime for nix build by @oluceps in #203
- Update vendorSha256 by @oluceps in #206
- add: with_gvisor tag for nix build by @oluceps in #207
- docker: add iptables package by @sjtuross
- fix: when connection refused active health test by @Skyxim
- chore: Cache and skip multiple failed addresses @Skyxim
- chore: add global-padding support for vmess by @H1JK
- chore: add xudp and packet-encoding support for vmess by @wwqgtxx
- chore: use sing-tun to replace old tun_adapter (support IPV6 in tun now) by @wwqgtxx
- chore: add parse-pure-ip and force-dns-mapping in sniffer by @wwqgtxx
- chore: parse user's hosts before remoteDial by @wwqgtxx
- chore: support multi filter like subconverter in ProxyProvider and GroupBase and add exclude-filter to ProxyProvider by @wwqgtxx
New Contributors
- @sjtuross made their first contribution in #189
- @StashNetworks made their first contribution in #191
Full Changelog: v1.13.1...v1.13.2
Contributors
wwqgtxx, sjtuross, and 4 other contributors
Assets 25
v1.13.1
What's Changed
- 入站增加TFO支持(默认不开启) by @zhudan in #129
- support ebpf by @zhudan in #144
- fix: Converter error when VMess
aidfield not exists by @H1JK in #151 - feat: Update Converter by @H1JK in #167
- Alpha by @zhudan in #174
- Add
ip-versionparam for proxy, wiki @Skyxim
New Contributors
Full Changelog: v1.12.0...v1.13.0
Contributors
suzukua, Skyxim, and H1JK
Assets 25
v1.12.0
Feature
-
Hysteria协议支持
# 部分配置 - name: hysteria-node type: hysteria server: server port: port auth_str: pass protocol: udp up: 40 #默认为Mbps down: 400 -
Shadowsocks-2022加密方式支持
- 2022-blake3-aes-128-gcm
- 2022-blake3-aes-256-gcm
- 2022-blake3-chacha20-poly1305
Shadowsocks-2022采用预共享密钥方式作为密码,不同加密方式对密钥长度有要求,可参考 Xray
-
Shadowsocks 支持UDP over TCP(Xray-core v1.5.7)
udp-over-tcp: true
v1.11.2
v1.11.1
v1.11.0
增加域名嗅探
域名嗅探,用于嗅探TCP请求中实际的域名
sniffer:
enable: true #控制开关
sniffing:
- tls
- http
port-whitelist: #目的端口白名单,嗅探器只会嗅探白名单中的端口,默认0-65535,推荐设置成常见端口
- 80
- 443
- 8000-9000
skip-domain: # 嗅探的域名结果如果在此名单则不会生效
- baidu.com
- google.com
force-domain: # 需要嗅探的域名,这里域名是clash原有逻辑获取的域名,如为空则只会嗅探IP请求,如填写'+'则嗅探所有请求
- +.qq.com
添加TCP并发连接
TCP并发连接将使用所有IP进行TCP握手,并使用最先握手的IP进行后续请求
tcp-concurrent: true #默认为false
完善Relay策略组
Relay策略可以利用udp over tcp的协议作为落地协议从而使其支持UDP
- name: RelayTest
type: relay
proxies:
- Chains
- Trojan # Vmess Snell...
策略组过滤节点优化
优化节点过滤逻辑,当前将不会每次请求进行一次过滤匹配,减少无意义的消耗
其他
-
IPv6
ipv6: false将完全关闭IPv6请求,不允许IPv6请求连接,包括纯IPv6 -
DOQ
DOQ环流问题优化
-
支持UUID Map
详情见 XTLS/Xray-core#158 -
稳定性优化
v1.10.0
代理模块:
支持出站传输协议 VLESS XTLS / Trojan XTLS
主动健康检测urltest/fallback(基于tcp握手,限定时间内多次失败会主动触发健康检测使用节点)
采用 Regex2 依赖,支持策略组正则筛选
允许provider请求过clash
规则模块:
支持PASS ( 跳过 )规则
支持规则 GEOSITE
支持规则集 RULE-SET
支持规则 SRC-PORT 和 DST-PORT 的多端口条件
支持规则对TCP / UDP分别管控
支持 Network 规则, 支持匹配网络类型 ( TCP / UDP )
支持多条件规则 ( NOT / OR / AND )
支持所有规则的源 IPCIDR 条件,只需附加到末尾即可
支持GEODATA MODE切换,mmdb / dat
支持切换GEODATA LOADER模式切换 , 普通 / 小内存模式
支持GeoSite延迟加载 (无Geosite规则,getsite.dat不下载)
GEOIP / GEOSITE 数据库基于 Loyalsoldier/v2ray-rules-dat
DNS模块:
支持 TLS Sniffing
支持 Fallback-Filter 使用 Geosite
恢复 Redir-Host 远程解析
支持使用代理解析 ip
支持DNS over QUIC
TUN模块:
支持 macOS、Linux 和 Windows
内置iptables,无需手动配置
内置 Wintun 驱动
支持 gVisor / System 堆栈
v1.9.0
What's Features
DNS configuration
- Support
geositewithfallback-filter. - Restore
Redir remote resolution. - Support resolve ip with a
Proxy Tunnel.
proxy-groups:
- name: DNS
type: url-test
use:
- HK
url: http://cp.cloudflare.com
interval: 180
lazy: truedns:
enable: true
use-hosts: true
ipv6: false
enhanced-mode: redir-host
fake-ip-range: 198.18.0.1/16
listen: 127.0.0.1:6868
default-nameserver:
- 119.29.29.29
- 114.114.114.114
nameserver:
- https://doh.pub/dns-query
- tls://223.5.5.5:853
fallback:
- 'https://1.0.0.1/dns-query#DNS' # append the proxy adapter name or group name to the end of DNS URL with '#' prefix.
- 'tls://8.8.4.4:853#DNS'
fallback-filter:
geoip: false
geosite:
- gfw # `geosite` filter only use fallback server to resolve ip, prevent DNS leaks to unsafe DNS providers.
domain:
- +.example.com
ipcidr:
- 0.0.0.0/32TUN configuration
- Supports macOS, Linux and Windows.
- Built-in Wintun driver.
# Enable the TUN listener
tun:
enable: true
stack: gvisor # only gvisor
dns-hijack:
- 0.0.0.0:53 # additional dns server listen on TUN
auto-route: true # auto set global routeRules configuration
- Support rule
GEOSITE. - Support rule-providers
RULE-SET. - Support
multiportcondition for ruleSRC-PORTandDST-PORT. - Support
networkcondition for all rules. - Support source IPCIDR condition for all rules, just append to the end.
- The
GEOSITEdatabases via https://github.com/Loyalsoldier/v2ray-rules-dat.
rules:
# network(tcp/udp) condition for all rules
- DOMAIN-SUFFIX,bilibili.com,DIRECT,tcp
- DOMAIN-SUFFIX,bilibili.com,REJECT,udp
# multiport condition for rules SRC-PORT and DST-PORT
- DST-PORT,123/136/137-139,DIRECT,udp
# rule GEOSITE
- GEOSITE,category-ads-all,REJECT
- GEOSITE,icloud@cn,DIRECT
- GEOSITE,apple@cn,DIRECT
- GEOSITE,apple-cn,DIRECT
- GEOSITE,microsoft@cn,DIRECT
- GEOSITE,facebook,PROXY
- GEOSITE,youtube,PROXY
- GEOSITE,geolocation-cn,DIRECT
- GEOSITE,geolocation-!cn,PROXY
# source IPCIDR condition for all rules in gateway proxy
#- GEOSITE,geolocation-!cn,REJECT,192.168.1.88/32,192.168.1.99/32
- GEOIP,telegram,PROXY,no-resolve
- GEOIP,private,DIRECT,no-resolve
- GEOIP,cn,DIRECT
- MATCH,PROXYProxies configuration
- Active health detection
urltest / fallback(based on tcp handshake, multiple failures within a limited time will actively trigger health detection to use the node) - Support
Policy Group Filter
proxy-groups:
- name: 🚀 HK Group
type: select
use:
- ALL
filter: 'HK'
- name: 🚀 US Group
type: select
use:
- ALL
filter: 'US'
proxy-providers:
ALL:
type: http
url: "xxxxx"
interval: 3600
path: "xxxxx"
health-check:
enable: true
interval: 600
url: http://www.gstatic.com/generate_204
- Support outbound transport protocol
VLESS.
The XTLS support TCP / UDP by the XRAY-CORE.
proxies:
- name: "vless-tcp"
type: vless
server: server
port: 443
uuid: uuid
network: tcp
servername: example.com # AKA SNI
# flow: xtls-rprx-direct # xtls-rprx-origin # enable XTLS
# skip-cert-verify: true
- name: "vless-ws"
type: vless
server: server
port: 443
uuid: uuid
udp: true
network: ws
servername: example.com # priority over wss host
# skip-cert-verify: true
ws-path: /path
ws-headers:
Host: example.comWhat's Changed
New Contributors
Full Changelog: v1.8.0...v1.9.0
Contributors
xsxun