clash v1.14 releases: rule-based tunnel in Go
clash
A rule-based tunnel in Go.
Features
- Local HTTP/HTTPS/SOCKS server with authentication support
- VMess, Shadowsocks, Trojan, Snell protocol support for remote connections
- Built-in DNS server that aims to minimize DNS pollution attack impact, supports DoH/DoT upstream and fake IP.
- Rules-based off domains, GEOIP, IP CIDR, or ports to forward packets to different nodes
- Remote groups allow users to implement powerful rules. Supports automatic fallback, load balancing, or auto select node based off latency
- Remote providers, allowing users to get node lists remotely instead of hardcoding in config
- Netfilter TCP redirecting. Deploy Clash on your Internet gateway with iptables.
- Comprehensive HTTP RESTful API controller
Premium Features
- TUN mode on macOS, Linux, and Windows. Doc
- Match your tunnel by Script: Script enables users to programmatically select a policy for the packets with more flexibility.
- Rule Provider: It enables users to load rules from external sources and overall cleaner configuration. This feature is currently Premium core only.
Changelog v1.14
Feature
- support vmess ‘zero’ security (#2513) @fakeboboliu
- migration go1.20
- add meanDelay field on delay API.
- add support for dns search domains for A/AAAA (#2597) @jeff-an
Change
- remove
redir-host
as config. since redir-host brings a lot of misunderstandings and problems (some of which are even hard to find). I decided to remove it. It is only used in the fake-ip-filter for a few domain name mappings. I know that it can be bypassed and “recovered” in fake-ip mode. If fake-ip-filter finds that it has been abused, I will delete the domain mapping mode completely.
Bugfixes
- fix a fakeip udp bug, and you can try removing some of the fake-ip-filter lists for the game
- modify local ip to pass all test (#2595) @daveyuuuu
Download & Use
Copyright (C) 2021 Dreamacro