{"id":19993557,"url":"https://github.com/ChisBread/chislash","last_synced_at":"2025-05-04T12:32:02.370Z","repository":{"id":37748890,"uuid":"489704650","full_name":"ChisBread/chislash","owner":"ChisBread","description":"🐳 proxycenter in container 家用代理中心, 集成clash/yacd/subconverter","archived":false,"fork":false,"pushed_at":"2023-01-09T15:16:18.000Z","size":763,"stargazers_count":142,"open_issues_count":3,"forks_count":18,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-07-30T17:37:12.424Z","etag":null,"topics":["clash","docker","proxy","proxy-server"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ChisBread.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-05-07T15:01:31.000Z","updated_at":"2024-07-26T07:53:48.000Z","dependencies_parsed_at":"2023-02-08T12:31:42.258Z","dependency_job_id":null,"html_url":"https://github.com/ChisBread/chislash","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ChisBread%2Fchislash","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ChisBread%2Fchislash/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ChisBread%2Fchislash/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ChisBread%2Fchislash/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ChisBread","download_url":"https://codeload.github.com/ChisBread/chislash/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224393834,"owners_count":17303720,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["clash","docker","proxy","proxy-server"],"created_at":"2024-11-13T04:52:48.117Z","updated_at":"2024-11-13T04:56:49.779Z","avatar_url":"https://github.com/ChisBread.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"# chislash\n- 开箱即用的clash透明网关\n- 也可作为[纯订阅转换服务](#其它场景)使用\n## 警告\n- 十分**不建议**在云服务器(甲骨文,AWS...)上使用透明代理特性(IP_ROUTE=1)! 任何意外情况都可能导致你的服务器失联\n- 如果依然要使用,请关闭透明代理特性,作为HTTP/SOCKS5代理服务器使用; 参考[非透明代理](#其它场景)\n## 环境检查\n- 检查是否支持TProxy(支持TProxy, 才能使用透明代理)\n```\nlsmod | grep xt_TPROXY\n```\n- 如果没有返回,则需要加载\n```\nmodprobe xt_TPROXY\n``` \n- 如果没有报错,设置自动加载xt_TPROXY\n```\nsudo bash -c \"echo 'xt_TPROXY' \u003e/etc/modules-load.d/TPROXY.conf\"\n```\n## 快速上手\n- 将Linux服务器(树莓派,工控机,闲置电脑)作为透明代理\n- 一行搞定\n```bash\nsudo docker run --name chislash \\\n --network=\"host\" \\\n --privileged \\\n --rm -it \\\n -e SUBSCR_URLS=\u003c(自带配置可不填)节点订阅链接或代理节点的分享链接, 多个用'|'分隔\u003e \\\n -v $HOME/.config/chislash:/etc/clash \\\n -v /dev:/dev \\\n -v /lib/modules:/lib/modules \\\n chisbread/chislash:latest\n```\n- 成功启动, 输出如下图的日志\n![quickstart](https://github.com/ChisBread/chislash/raw/master/images/quickstart.png)\n- 如果失败, 请检查\n - 订阅链接(SUBSCR_URLS)是否能正常访问. 如果不能, 请联系供应商\n - 规则链接(REMOTE_CONV_RULE)是否能正常访问. 可添加 *-e REMOTE_CONV_RULE=\"\"* 到命令中重试\n- 调试通过后, 作为后台服务: 将 *--rm -it* 改为 *--restart unless-stopped -d*\n- 此时Linux服务器本身已经被代理接管, 将其设置为网关后, 其它机器也可获得透明代理\n- 控制台\n - **http://\u003c 服务器IP \u003e:8080/ui** 为clash的WebUI, 用于切换节点\n - **http://\u003c 服务器IP \u003e:25500** 为subconverter后端服务地址, 用于节点订阅转换\n## 其它场景\n- 非透明代理\n```bash\nsudo docker run --name chislash \\\n --network=\"host\" \\\n --rm -it \\\n -e IP_ROUTE=0 \\\n -e SUBSCR_URLS=\u003c(自带配置可不填)节点订阅链接或代理节点的分享链接, 多个用'|'分隔\u003e \\\n -v $HOME/.config/chislash:/etc/clash \\\n chisbread/chislash:latest\n```\n- 关闭IPv6代理: *-e IPV6_PROXY=0*\n- 关闭UDP代理: *-e UDP_PROXY=0*\n- 纯订阅转换服务(subconverter)\n```bash\nsudo docker run --name chislash \\\n --rm -it \\\n -e ENABLE_CLASH=0 \\\n -p 25500:25500 \\\n -p 8091:8091 \\\n -e SUBSCR_URLS=\u003c(可不填, 填写后启动会更新/etc/clash/config.yaml)\u003e \\\n -v $HOME/.config/chislash:/etc/clash \\\n chisbread/chislash:latest\n```\n - 转换服务: *http://127.0.0.1:25500/sub*\n - 转换规则: *http://127.0.0.1:8091/ACL4SSR/Clash/config/* \n## 进阶使用\n- 一些细节\n - 透明代理: 容器自动映射路由表, 劫持本地DNS流量实现本地透明代理; 亦可作为网关使用, 需要将网关和DNS指定为服务器IP\n - 配置文件: 请注意备份配置文件, 容器会修改部分用户配置来统一端口和部分高级配置, utils/override.py中定义了本镜像修改用户配置的方式\n- docker-compose\n```yaml\nversion: \"3.4\"\nservices:\n chislash:\n image: chisbread/chislash\n container_name: chislash\n # 以下样例中的 \"/etc/clash/\" 代表容器内目录\n environment:\n - TZ=Asia/Shanghai # optional\n - REQUIRED_CONFIG=\u003cpath to required.yaml\u003e # optional \n # REQUIRED_CONFIG: 不能被覆盖的设置项, 最高优先级 (e.g. /etc/clash/required.yaml)\n - CLASH_HTTP_PORT=7890 # optional (default:7890)\n - CLASH_SOCKS_PORT=7891 # optional (default:7891)\n - CLASH_TPROXY_PORT=7892 # optional (default:7892)\n - CLASH_MIXED_PORT=7893 # optional (default:7893)\n - DASH_PORT=8080 # optional (default:8080) RESTful API端口(对应WebUI http://IP:8080/ui)\n - DASH_PATH=\u003cpath to ui\u003e # optional (default:\"/etc/clash/dashboard/public\")\n - IP_ROUTE=1 # optional (default:1) 开启透明代理(本机透明代理/作为旁路网关)\n - UDP_PROXY=1 # optional (default:1) 开启透明代理-UDP转发(需要节点支持)\n - IPV6_PROXY=1 # optional (default:1) 开启IPv6透明代理\n - LOG_LEVEL=info # optional (default:info) 日志等级\n - ENABLE_SUBCONV=1 # optional (default:1) 开启本地订阅转换服务, 指定SUBSCR_URLS, 且没有外部订阅转换服务时, 需要为1\n - SUBCONV_URL=http://127.0.0.1:25500/sub # optional (default:\"http://127.0.0.1:25500/sub\") 订阅转换服务地址\n - SUBSCR_URLS=\u003cURLs split by '|'\u003e # optional 订阅的节点链接, 多个链接用'|'分隔, 会覆盖原有的config.yaml\n - SUBSCR_EXPR=86400 # optional (default:86400) 订阅过期时间(秒), 下次启动如果过期, 会重新订阅\n - REMOTE_CONV_RULE=\u003cURL of remote rule\u003e # optional (default:⬇️) 订阅转换规则\n # REMOTE_CONV_RULE: 默认使用内部服务提供的链接 \"http://127.0.0.1:8091/ACL4SSR/Clash/config/ACL4SSR_Online_Full.ini\"\n # 在浏览器打开 http://\u003c 服务器IP \u003e:8091/ACL4SSR/Clash/config/ 即可查看内部服务支持的规则列表\n - EXPORT_DIR_PORT=8091\n - EXPORT_DIR_BIND=0.0.0.0\n - NO_ENGLISH=true # optional (default:true) 提醒自己这玩意主要是国人用\n - PREMIUM=false # optional (default:false) 使用闭源版本内核\n volumes:\n - \u003cpath to config\u003e:/etc/clash # required config.yaml的存放路径\n - /dev:/dev # optional 用于自动挂载TPROXY模块\n - /lib/modules:/lib/modules # optional 用于自动挂载TPROXY模块\n network_mode: \"host\" # required 如果开启IP_ROUTE, 则必须是host\n privileged: true # required 如果开启IP_ROUTE, 则必须是true\n restart: unless-stopped\n```\n- docker run (参考docker-compose)\n\n## 支持情况\n\n| OS | 透明代理/网关(Transparent Gateway) | 服务端(HTTP/SOCKS5 Proxy Server) |\n| ----------------------------- | ---------------------------------- | -------------------------------- |\n| Linux (with tproxy module) | ✅ | ✅ |\n| Linux (without tproxy module) | ❎ | ✅ |\n| Windows | ❓ | ❓ |\n| macOS | ❓ | ❓ |\n\n## 感谢\n- https://github.com/Dreamacro/clash\n- https://github.com/haishanh/yacd\n- https://github.com/tindy2013/subconverter\n- https://github.com/ACL4SSR/ACL4SSR\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FChisBread%2Fchislash","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FChisBread%2Fchislash","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FChisBread%2Fchislash/lists"}