clash

Proxy network traffic based on rules

TLDR

Specify a configuration [d]irectory

$ clash -d [path/to/directory]

Specify a configuration [f]ile

$ clash -f [path/to/configuration_file]

-d <string>
    Config root directory (default: ".")

-f <string>
    Path to config file (default: "")

-p <string>
    HTTP proxy/API listen address (default: ":9090")

-test
    Test config validity and exit

-u <string>
    Run as specific user

-v <int>
    Log level: 0=panic,1=fatal,2=error,3=warn,4=info,5=debug (default 1)

-ver
    Display version and exit

DESCRIPTION

Clash is a modern, open-source rule-based tunnel written in Go, providing fine-grained control over internet traffic routing.

It supports protocols like Shadowsocks, VMess, Trojan, Hysteria, and more, with features such as proxy groups, URL-test/health-checks, load balancing, and fallback policies.

On Linux, Clash excels in TUN/TPROXY modes for transparent system-wide proxying, DNS hijacking, and process-based routing. It includes a RESTful API server, web dashboard (external UI), and logging.

Configuration uses human-readable YAML files defining proxies, rules (domain, geoip, ipcidr, process, etc.), and modes (global, rule, direct).

Popular for censorship circumvention, privacy, and geoblocking bypass, Clash is lightweight, performant, and extensible via plugins in forks like Clash Premium/Meta.

Usage involves downloading the binary, editing config.yaml, and running as user/service. Supports auto-update and speed tests.

clash

Proxy network traffic based on rules

TLDR

SYNOPSIS

PARAMETERS

DESCRIPTION

CAVEATS

INSTALLATION

CONFIG EXAMPLE

HISTORY

SEE ALSO