### 1.11 规则重构 #### Final actions ```json { "action": "route", // default in route rules "outbound": "proxy", "udp_disable_domain_unmapping": false } ``` ```json { "action": "route", // default in DNS rules "server": "local", "disable_cache": false, "rewrite_ttl": 600, "client_subnet": "" } ``` ```json { "action": "return" } ``` ```json { "action": "hijack-dns" } ``` ```json { "action": "reject", "method": "default" // reset network-unreachable host-unreachable port-unreachable drop } ``` 需要注意的是，要使 reject action 发挥优于 block outbound 的作用 （仅生效于 TUN inbounds），被操作的连接不可以被执行 sniff（TCP 建立连接）。 另外 [network/host]-unreachable 疑似无效，可能只能由本机系统产生。 #### Non-final actions (Only in route rules) ```json { "action": "sniff", "sniffer": "tls", // [...], "timeout": "3s" } ``` ```json { "action": "resolve", "strategy": "prefer_ipv4", "server": "local" // optional } ``` #### 脚本 (TODO) 仅构思，请（其他应用的 MITM 脚本编写者）或 （需要 External API 的开发者）提供思路和反馈。 添加一种新的 action type，以通过脚本（goja）或外部 API （HTTP/gRPC?) 控制路由和劫持连接。 ```json { "route": { "rules": [ { "action": "external", "method": "http", "url": "http://127.0.0.1" }, { "action": "script", "script": "my" } ], "scripts": [ { "tag": "my", "type": "local", // remove "path": "myScript.js" // url download_detour update_interval } ] } } ```