clash v1.11.8 releases: rule-based tunnel in Go
A rule-based tunnel in Go.
- Local HTTP/HTTPS/SOCKS server with authentication support
- VMess, Shadowsocks, Trojan, Snell protocol support for remote connections
- Built-in DNS server that aims to minimize DNS pollution attack impact, supports DoH/DoT upstream and fake IP.
- Rules-based off domains, GEOIP, IP CIDR, or ports to forward packets to different nodes
- Remote groups allow users to implement powerful rules. Supports automatic fallback, load balancing, or auto select node based off latency
- Remote providers, allowing users to get node lists remotely instead of hardcoding in config
- Netfilter TCP redirecting. Deploy Clash on your Internet gateway with iptables.
- Comprehensive HTTP RESTful API controller
- TUN mode on macOS, Linux, and Windows. Doc
- Match your tunnel by Script: Script enables users to programmatically select a policy for the packets with more flexibility.
- Rule Provider: It enables users to load rules from external sources and overall cleaner configuration. This feature is currently Premium core only.
- query string parse on ws-opts (#2213) @LJea
- macOS udp connection find process should use an unspecified fallback
- ALPN should be on DoH instead of DoT (#2232) @Skyxim
- handle parse socks5 udp address correctly (#2220) @kamingchan
- satisfy RFC4343 – DNS case insensitivity (#2260) @fakeboboliu
- http2 should use DialTLSContext and some TLS handshake should with context
Copyright (C) 2021 Dreamacro