Linux配置Clash VPN

1. 下载和安装软件

软件下载：链接

• 原作者: Dreamacro
• 软件: clash latest-clash-linux-amd64-v3-latest.gz
• Country.mmdb下载: GitHub链接
  • 用于geoip路由决策

下载后解压：

# 解压并删除源文件
gunzip clash-linux-amd64-v3-latest.gz 
mv clash-linux-amd64-v3-latest clash
chmod u+x clash

# Country.mmdb复制到.config/clash位置

2. 配置梯子

配置路径：.config/clash/config.yaml

也可以参考文末链接，手动配置。

config基本格式：

[General]
port = 7890
socks-port = 7891

# A RESTful API for clash
external-controller = 127.0.0.1:8080

[Proxy]
# name = ss, server, port, cipher, password
# The types of cipher are consistent with go-shadowsocks2
# support AEAD_AES_128_GCM AEAD_AES_192_GCM AEAD_AES_256_GCM AEAD_CHACHA20_POLY1305 AES-128-CTR AES-192-CTR AES-256-CTR AES-128-CFB AES-192-CFB AES-256-CFB CHACHA20-IETF XCHACHA20
Proxy1 = ss, server1, port, AEAD_CHACHA20_POLY1305, password
Proxy2 = ss, server2, port, AEAD_CHACHA20_POLY1305, password

[Proxy Group]
# url-test select which proxy will be used by benchmarking speed to a URL.
# name = url-test, [proxys], url, interval(second)
Proxy = url-test, Proxy1, Proxy2, http://www.google.com/generate_204, 300

[Rule]
DOMAIN-SUFFIX,google.com,Proxy
DOMAIN-KEYWORD,google,Proxy
DOMAIN-SUFFIX,ad.com,REJECT
GEOIP,CN,DIRECT
FINAL,,Proxy # note: there is two ","

已有订阅链接访问方法：

# 下载链接的方法，三选一
wget -O /etc/clash/config.yaml [你的订阅链接]
curl -o config.yaml 'longURL'
curl -L -o config.yaml 'shortURL'
# 或是
# 复制订阅链接，然后在末尾加上
&flag=clash
# 然后更名为
config.yaml

里头大多数都是没啥用的。

external-controller: '127.0.0.1:6091'
端口随便改个。原本的7890一般都有别的东西在用，随便选个趁手的就行。
mixed-port: 7890
allow-lan: true
bind-address: '*'
mode: rule
log-level: info
external-controller: '127.0.0.1:9090'
dns:
    enable: true
    ipv6: false
    default-nameserver: [223.5.5.5, 119.29.29.29]
    enhanced-mode: fake-ip
    fake-ip-range: 198.18.0.1/16
    use-hosts: true
    nameserver: ['https://doh.pub/dns-query', 'https://dns.alidns.com/dns-query']
    fallback: ['https://doh.dns.sb/dns-query', 'https://dns.cloudflare.com/dns-query', 'https://dns.twnic.tw/dns-query', 'tls://8.8.4.4:853']
    fallback-filter: { geoip: true, ipcidr: [240.0.0.0/4, 0.0.0.0/32] }
proxies:
    - { name: '香港-进阶IEPL 03', type: trojan, server: iepl05.catcat-123.com, port: 20058, password: ff31df8e-aee8-4629-b4ff-d66855642ba1, udp: true, sni: JP-02.oneok.link }
rules:
    - GEOIP,CN,DIRECT
    - IP-CIDR,240.0.0.0/4,DIRECT
    - IP-CIDR,0.0.0.0/32,DIRECT
    - DOMAIN-SUFFIX,chatgpt.com,香港-进阶IEPL 03
    - DOMAIN-SUFFIX,openai.com,香港-进阶IEPL 03
    - DOMAIN-SUFFIX,github.com,香港-进阶IEPL 03
    - DOMAIN-SUFFIX,huggingface.co,香港-进阶IEPL 03
    - GEOIP,CN,DIRECT
    - MATCH,DIRECT

proxies和rules各自改成这样就够了。

3. 开始使用

/usr/local/bin/clash
# 启动服务。第三条不知道有啥用
export http_proxy="http://127.0.0.1:7890"
export https_proxy="http://127.0.0.1:7890"
export no_proxy="localhost, 127.0.0.1"
# 停止服务
unset http_proxy
unset https_proxy

4. 设置成开机自启

将关键文件移动到本地目录。

clash移动到 /usr/local/bin
配置移动到 /etc/clash
sudo mkdir /etc/clash
sudo cp clash /usr/local/bin
sudo cp config.yaml /etc/clash/
sudo cp Country.mmdb /etc/clash/

touch /etc/systemd/system/clash.service
vim /etc/systemd/system/clash.service

clash.service内容:

注意修改clash文件路径和配置路径，即ExecStart条目和后面的-d。

[Unit]
Description=clash daemon
After=network.target

[Service]
Type=simple
User=root
ExecStart=/usr/local/bin/clash -d /etc/clash
Restart=on-failure

[Install]
WantedBy=multi-user.target

也可：

Restart=always

其他和法1一样。

第一条为启动。需要sudo就sudo：

systemctl start clash.service
systemctl enable clash.service

重启：

systemctl restart clash.service

查看运行状态：

systemctl status clash.service

修改配置后重载：

systemctl daemon-reload

查看日志：

journalctl -e -u clash.service

按时间查看日志：

journalctl -u clash.service --since "2023-11-25 11:00:00" --until "2023-11-25 12:00:00"

不换行查看日志：

journalctl -u clash.service | less -S

输出日志：

journalctl -u clash.service > clash_logs.txt

重定向日志：

# Works only in systemd v240 and newer!
StandardOutput=append:/var/log/clash/log.log
StandardError=append:/var/log/clash/error.log

测试方法：

curl -I https://chat.openai.com/

在python中执行相关命令：

import os
import subprocess

# Set environment variables
os.environ['http_proxy'] = 'http://127.0.0.1:7890'
os.environ['https_proxy'] = 'http://127.0.0.1:7890'
os.environ['no_proxy'] = 'localhost,127.0.0.1'

print("http_proxy set to:", os.environ.get('http_proxy'))

del os.environ['http_proxy']
del os.environ['https_proxy']

或使用subprocess：

import subprocess

# Run export commands
subprocess.run("export http_proxy='http://127.0.0.1:7890'", shell=True)
subprocess.run("export https_proxy='http://127.0.0.1:7890'", shell=True)
subprocess.run("export no_proxy='localhost,127.0.0.1'", shell=True)

# Your code here...

# Run unset commands
subprocess.run("unset http_proxy", shell=True)
subprocess.run("unset https_proxy", shell=True)

教程 链接 备用软件和指南 链接 软件本体 链接 订阅转换网页 链接 订阅转换代码 链接 教程 链接 systemd日志重定向文档 链接