主要通过修改系统时间, 以及利用 Unix 的 pf 防火墙 实现屏蔽 Surge 自身发起的 NTP 请求.
1) /etc/pf.conf
中加入屏蔽 IP 规则.
block drop from any to 17.253.114.125
block drop from any to 17.253.114.253
block drop from any to 17.253.84.123
block drop from any to 17.253.84.125
block drop from any to 17.253.84.251
2) 创建 pf 开机自启动脚本 /etc/mypfctl.sh
并配置权限.
/sbin/pfctl -ef /etc/pf.conf
exit 0
sudo chown root:wheel /etc/mypfctl.sh
sudo chmod a+x /etc/mypfctl.sh
sudo /etc/mypfctl.sh
3) 创建 MacOS 开机自启动 split /Library/LaunchDaemons/pf.mypfctl.plist
并配置权限.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>pf.firewall</string>
<key>ProgramArguments</key>
<array>
<string>/bin/sh</string>
<string>-c</string>
<string>/etc/mypfctl.sh</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>ExitTimeOut</key>
<integer>1</integer>
</dict>
</plist>
sudo chmod 644 /Library/LaunchDaemons/pf.mypfctl.plist
sudo chown root:wheel /Library/LaunchDaemons/pf.mypfctl.plist
sudo launchctl unload '/Library/LaunchDaemons/pf.mypfctl.plist'
sudo launchctl load '/Library/LaunchDaemons/pf.mypfctl.plist'
4) Surge 启动脚本 surge.sh
.
#!/usr/bin/env bash
cd $(dirname "$0")
read -sp "Password: " pwd
echo
rm -rf ~/Library/Application Support/com.nssurge.surge-*
echo "${pwd}" | sudo -S date 010110002018
./Surge.app/Contents/MacOS/Surge &
sleep 2
echo "${pwd}" | sudo -S sntp -sS time.apple.com
参考: