Surge for macOS Usage Guide

· 4 min read · 673 Words · -Views -Comments

I bought Surge for Mac because I wanted fine-grained control over network traffic. For example, sending Gmail via the Mail app should go through a proxy, while messages to other domains should be direct. You can cobble that together with Shadowsocks + Proxifier, but Surge is a cleaner, all-in-one solution.

The manual is long, the price is high ($69.99 for macOS, $49.99 for iOS + $14.99/year for feature unlocks), but after using it you understand the appeal—it really does “meet all your personalization about network.”

Purchasing Tips

  • Buy from the official site using Alipay or a credit card.
  • Do not purchase via in-app purchase. Web purchases give you a license key + email immediately; in-app purchases lock you out of license binding for 90 days.
  • One macOS license covers 3 devices; iOS licenses are separate (also 3 devices).

Current Versions

I keep Surge updated. As of this writing:

  1. Surge for Mac v5.10.0
  2. Surge for iOS v5.21.0

Download

macOS builds are only available from nssurge.com. iOS/tvOS are on the App Store.

Initial Configuration

Surge’s config can be intimidating. Start with a template, then tailor it.

  1. Launch Surge → Settings → Configurations.
  2. Choose Install from URL and enter https://raw.githubusercontent.com/alanhe421/surge-config/main/surge.conf.

Proxy Servers

After importing the template, open Proxies and edit the servers to match your own nodes. I have multiple SS/V2Ray/Trojan endpoints listed.

Shadowsocks is dated; consider V2Ray/Trojan + dedicated lines.

V2Ray Support

macOS 3.3.1+ / iOS 4.1.0+ support V2Ray:

v2rayProxy = vmess, host.example.com, 30544, username=uuid, tls=true, ws=true, ws-path=/helloMario

Trojan Support

Available since 3.4:

ProxyTrojan = trojan, 192.168.20.6, 443, password=password1

Proxy Chains

Use Proxy = custom, policy=ProxyChain, proxy=HK@DIRECT style definitions to route traffic through downstream proxies. Handy when a new node is unstable but works reliably when chained through a known-good server.

Policy Rules

Split Domestic/International Traffic

Direct CN traffic, proxy everything else. Keep rulesets under ~500 entries to avoid performance hits. Surge processes rules top-to-bottom.

Ad Blocking

Use maintained rule lists (e.g., from GitHub) and subscribe via RULE-SET to reject ad domains automatically. Surge updates them on schedule.

Local DNS Spoofing

You can override DNS with [Host] or dns-fakes modules to speed up or bypass geo restrictions.

Modules

Modules are reusable configuration blocks. Examples:

  • DNS fakes
  • Rewrite rules
  • Script modules for auto tasks

Install via URL and toggle them in the dashboard. They’re processed before regular rules and are great for blending airport configs with custom tweaks.

Dashboard

Open the dashboard to:

  1. Inspect which policy a request hit
  2. Capture MITM traffic
  3. View DNS results (mirrors the iOS Tools → DNS Result feature)

IPv6

If IPv6 tests fail while Surge proxying is on, enable it explicitly:

ipv6 = true
ipv6-vif = auto

Beta Builds

iOS

  1. Visit https://nssurge.com/accountApply TestFlight.
  2. Install TestFlight, accept the invite, and update Surge to the beta.
  3. For in-app purchases, bind an email after 90 days to obtain a license key, then follow the same steps.

macOS

In Preferences → Updates, tick “Include beta versions” and click Check Now.

Upgrades & Legacy Builds

macOS licenses are perpetual per major version; upgrade pricing is available on the buy page (Upgrade button). Legacy downloads: https://kb.nssurge.com/surge-knowledge-base/release-notes/surge-mac-legacy

Multi-Device Strategy (Mac/iOS/tvOS)

  1. Keep macOS and iOS configs independent; tvOS can reuse the iOS profile.
  2. Split proxies/groups/rules into separate .dconf includes for reuse:
    [Proxy]
#!include block_proxy.dconf

[Proxy Group]
#!include block_group.dconf

[Rule]
#!include block_rule.dconf

License Limits

Licenses cap at 5 devices (depending on purchase). There’s no upgrade beyond that; buy another license if needed. Manage activations at https://nssurge.com/account

Combining Airport Rules with Local Rules

  1. Use modules—module rules take priority over file rules.
  2. Or subscribe only to the airport’s proxies and maintain all rules locally.

Windows?

No plans. Surge is Apple-only. Use Clash or similar on Windows.

Useful Resources

Support & Community

  1. Official forum: https://community.nssurge.com/
  2. Email: support@nssurge.com
  3. Comment on this blog

Final Thoughts

With Surge, switching proxies, failover, rule matching—all happen transparently. This guide only scratches the surface; explore the manual for more advanced automation, scripting, and integrations.

References

Networking Mac IOS
Authors
Developer, digital product enthusiast, tinkerer, sharer, open source lover

Related