[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-74931":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":25,"hasPages":23,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":33,"readmeContent":34,"aiSummary":35,"trendingCount":16,"starSnapshotCount":16,"syncStatus":36,"lastSyncTime":37,"discoverSource":38},74931,"neko-master","foru17\u002Fneko-master","foru17","A modern and elegant dashboard for network traffic visualization and analysis.","",null,"TypeScript",1895,116,4,19,0,3,10,31,9,19.2,"MIT License",false,"main",true,[27,28,29,30,31,32],"clash","dashboard","openclash","surge","traffic-monitor","visualization","2026-06-12 02:03:30","\u003Cp align=\"center\">\n  \u003Cimg src=\".\u002Fassets\u002Ficon-neko-master.png\" width=\"200\" alt=\"Neko Master Logo\" style=\"margin-bottom: 16px;\">\n  \u003Cbr>\n  \u003Cb style=\"font-size: 32px;\">Neko Master\u003C\u002Fb>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Cb>See your network traffic clearly.\u003C\u002Fb>\u003Cbr>\n  \u003Cspan>Real-time monitoring · Traffic auditing · Multi-gateway support\u003C\u002Fspan>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Cb>English\u003C\u002Fb> | \u003Ca href=\".\u002FREADME.zh.md\">中文\u003C\u002Fa>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fforu17\u002Fneko-master\u002Fstargazers\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002Fforu17\u002Fneko-master?style=flat-square&color=yellow\" alt=\"Stars\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fhub.docker.com\u002Fr\u002Fforu17\u002Fneko-master\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fdocker\u002Fpulls\u002Fforu17\u002Fneko-master?style=flat-square&color=blue&logo=docker\" alt=\"Docker Pulls\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fhub.docker.com\u002Fr\u002Fforu17\u002Fneko-master\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fdocker\u002Fv\u002Fforu17\u002Fneko-master?style=flat-square&label=Docker&color=2496ED\" alt=\"Docker Version\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fhub.docker.com\u002Fr\u002Fforu17\u002Fneko-master\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fdocker\u002Fimage-size\u002Fforu17\u002Fneko-master\u002Flatest?style=flat-square&logo=docker\" alt=\"Image Size\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fforu17\u002Fneko-master\u002Fblob\u002Fmain\u002FLICENSE\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flicense\u002Fforu17\u002Fneko-master?style=flat-square&color=green\" alt=\"License\">\u003C\u002Fa>\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FNode.js-22-339933?style=flat-square&logo=node.js\">\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fforu17\u002Fneko-master\u002Factions\u002Fworkflows\u002Fdocker-build.yml\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Factions\u002Fworkflow\u002Fstatus\u002Fforu17\u002Fneko-master\u002Fdocker-build.yml?style=flat-square&label=Docker%20CI\" alt=\"Docker CI\">\u003C\u002Fa>\n  \u003Ca href=\".\u002Fdocs\u002Farchitecture.en.md\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fdocs-architecture-0ea5e9?style=flat-square\" alt=\"Architecture Docs\">\u003C\u002Fa>\n\u003C\u002Fp>\n\n> [!IMPORTANT]\n> **Disclaimer**\n>\n> This project is a traffic analysis and visualization tool\n> for local gateway environments.\n>\n> It does not provide any network access service,\n> proxy subscription, or cross-network connectivity.\n> All data is collected from the user's own network environment.\n>\n> This project is open-sourced under the MIT License. We assume no responsibility for any consequences resulting from the use of this software. Please use it in compliance with applicable laws and regulations.\n\n\u003Ctable>\n  \u003Ctr>\n    \u003Ctd align=\"center\" width=\"50%\">\n      \u003Cimg src=\".\u002Fassets\u002Fneko-master-overview-light.png\" alt=\"Neko Master Preview (Light 1)\" \u002F>\n    \u003C\u002Ftd>\n    \u003Ctd align=\"center\" width=\"50%\">\n      \u003Cimg src=\".\u002Fassets\u002Fneko-master-regions-light.png\" alt=\"Neko Master Preview (Light 2)\" \u002F>\n    \u003C\u002Ftd>\n  \u003C\u002Ftr>\n  \u003Ctr>\n    \u003Ctd align=\"center\" width=\"50%\">\n      \u003Cimg src=\".\u002Fassets\u002Fneko-master-rules-dark.png\" alt=\"Neko Master Preview (Dark 1)\" \u002F>\n    \u003C\u002Ftd>\n    \u003Ctd align=\"center\" width=\"50%\">\n      \u003Cimg src=\".\u002Fassets\u002Fneko-master-domains-dark.png\" alt=\"Neko Master Preview (Dark 2)\" \u002F>\n    \u003C\u002Ftd>\n  \u003C\u002Ftr>\n\u003C\u002Ftable>\n\n## About the Name\n\n**Neko** (ねこ) means _cat_ in Japanese.\nPronounced **\u002Fˈneɪkoʊ\u002F** (NEH-ko).\n\nLike a cat, Neko Master observes network traffic quietly and precisely.\nIt is a lightweight analytics dashboard designed for modern gateway environments.\n\n## 📋 Table of Contents\n\n- [✨ Features](#-features)\n- [🚀 Quick Start](#-quick-start)\n- [🤖 Agent Deployment](#-agent-deployment)\n- [📖 First Use](#-first-use)\n- [🔧 Port Conflict Resolution](#-port-conflict-resolution)\n- [🐳 Docker Configuration](#-docker-configuration)\n- [🗄️ ClickHouse (Optional)](#-clickhouse-optional)\n- [🌐 Reverse Proxy & Tunnel](#-reverse-proxy--tunnel)\n- [🔐 Authentication & Security](#-authentication--security)\n- [❓ FAQ](#-faq)\n- [🏗️ Architecture Guide](#-architecture-guide)\n- [🤝 Feedback & Issues](#-feedback--issues)\n- [📁 Project Structure](#-project-structure)\n- [🛠️ Tech Stack](#-tech-stack)\n- [📄 License](#-license)\n\n## ✨ Features\n\n| Feature                     | Description                                                   |\n| --------------------------- | ------------------------------------------------------------- |\n| 📊 **Real-time Monitoring** | WebSocket real-time collection with millisecond latency       |\n| 📈 **Trend Analysis**       | Multi-dimensional traffic trends: 30min \u002F 1h \u002F 24h            |\n| 🌐 **Domain Analysis**      | View traffic, associated IPs, and connection count per domain |\n| 🗺️ **IP Analysis**          | ASN, geo-location, and associated domain display              |\n| 🚀 **Proxy Statistics**     | Traffic distribution and connection count per proxy node      |\n| 📱 **PWA Support**          | Install as desktop app for native experience                  |\n| 🌙 **Dark Mode**            | Light \u002F Dark \u002F System theme support                           |\n| 🌍 **i18n Support**         | English \u002F Chinese seamless switching                          |\n| 🔄 **Multi-Backend**        | Monitor multiple OpenClash backend instances simultaneously   |\n\n## 🚀 Quick Start\n\n### Option 1: Docker Compose (Recommended)\n\n> The repository's built-in `docker-compose.yml` maps `3000\u002F3001\u002F3002` by default.\n> Scenarios A\u002FB below are minimal templates for common deployments.\n\n#### Scenario A: Minimal deployment (only expose 3000)\n\n```yaml\nservices:\n  neko-master:\n    image: foru17\u002Fneko-master:latest\n    container_name: neko-master\n    restart: unless-stopped\n    ports:\n      - \"3000:3000\" # Web UI\n    volumes:\n      - .\u002Fdata:\u002Fapp\u002Fdata\n      # Local MMDB (optional, files should be downloaded into .\u002Fgeoip)\n      - .\u002Fgeoip:\u002Fapp\u002Fdata\u002Fgeoip:ro\n    environment:\n      - NODE_ENV=production\n      - DB_PATH=\u002Fapp\u002Fdata\u002Fstats.db\n      - COOKIE_SECRET=${COOKIE_SECRET}\n```\n\n> Recommended in `.env` (same directory as `docker-compose.yml`):\n> `COOKIE_SECRET=\u003Cat least 32-byte random string>` (generate with `openssl rand -hex 32`)\n\n> This mode is fully upgrade-compatible and works out of the box.\n> If WS is not routed, the app falls back to HTTP polling automatically.\n\n#### Scenario B: Real-time WebSocket (recommended with reverse proxy)\n\n```yaml\nservices:\n  neko-master:\n    image: foru17\u002Fneko-master:latest\n    container_name: neko-master\n    restart: unless-stopped\n    ports:\n      - \"3000:3000\" # Web UI\n      - \"3002:3002\" # WebSocket (for Nginx \u002F Tunnel forwarding)\n    volumes:\n      - .\u002Fdata:\u002Fapp\u002Fdata\n      # Local MMDB (optional, files should be downloaded into .\u002Fgeoip)\n      - .\u002Fgeoip:\u002Fapp\u002Fdata\u002Fgeoip:ro\n    environment:\n      - NODE_ENV=production\n      - DB_PATH=\u002Fapp\u002Fdata\u002Fstats.db\n      - COOKIE_SECRET=${COOKIE_SECRET}\n```\n\nThen run:\n\n```bash\ndocker compose up -d\n```\n\nOpen \u003Chttp:\u002F\u002Flocalhost:3000> to get started.\n\nIf you use the repository's built-in Compose file (default `3000\u002F3001\u002F3002`), run the same command.\n\n### Option 2: Docker Run\n\n```bash\n# Generate a fixed cookie secret first (for session persistence)\nexport COOKIE_SECRET=\"$(openssl rand -hex 32)\"\n```\n\n```bash\n# Minimal (only 3000)\ndocker run -d \\\n  --name neko-master \\\n  -p 3000:3000 \\\n  -v $(pwd)\u002Fdata:\u002Fapp\u002Fdata \\\n  -e COOKIE_SECRET=\"$COOKIE_SECRET\" \\\n  --restart unless-stopped \\\n  foru17\u002Fneko-master:latest\n\n# Real-time WS (with reverse proxy)\ndocker run -d \\\n  --name neko-master \\\n  -p 3000:3000 \\\n  -p 3002:3002 \\\n  -v $(pwd)\u002Fdata:\u002Fapp\u002Fdata \\\n  -e COOKIE_SECRET=\"$COOKIE_SECRET\" \\\n  --restart unless-stopped \\\n  foru17\u002Fneko-master:latest\n```\n\nOpen \u003Chttp:\u002F\u002Flocalhost:3000> to get started.\n\n> The frontend uses same-origin `\u002Fapi` by default, so port 3001 is usually not required externally.\n> For real-time WS, your reverse proxy\u002Ftunnel must be able to reach port `3002`. If not, the app falls back to ~5s HTTP polling.\n\n> For `docker run`, change external ports using `-p` mappings directly.\n> Only if you use direct WS access (no reverse proxy) and external WS port is not `3002`, also pass `-e WS_EXTERNAL_PORT=\u003Cexternal-ws-port>`.\n>\n> Local MMDB lookup mode (optional): mount `-v $(pwd)\u002Fgeoip:\u002Fapp\u002Fdata\u002Fgeoip:ro`,\n> then switch source to Local in `Settings -> Preferences -> IP Lookup Source`.\n\n### Option 3: One-Click Script\n\nAutomatically detects port conflicts and configures everything:\n\n```bash\n# Using curl\ncurl -fsSL https:\u002F\u002Fraw.githubusercontent.com\u002Fforu17\u002Fneko-master\u002Fmain\u002Fsetup.sh | bash\n\n# Or using wget\nwget -qO- https:\u002F\u002Fraw.githubusercontent.com\u002Fforu17\u002Fneko-master\u002Fmain\u002Fsetup.sh | bash\n```\n\nThe script will automatically:\n\n- ✅ Download `docker-compose.yml`\n- ✅ Check if default ports (3000\u002F3001\u002F3002) are in use\n- ✅ Suggest available alternative ports\n- ✅ Create configuration file and start the service\n\n### Option 4: Source Code\n\n```bash\n# 1. Clone the repository\ngit clone https:\u002F\u002Fgithub.com\u002Fforu17\u002Fneko-master.git\ncd neko-master\n\n# 2. Install dependencies\npnpm install\n\n# 3. Prepare collector env (source mode reads apps\u002Fcollector\u002F.env)\ncp apps\u002Fcollector\u002F.env.example apps\u002Fcollector\u002F.env\n\n# 4. Start development services\npnpm dev\n```\n\nOpen \u003Chttp:\u002F\u002Flocalhost:3000> to configure.\n\n> In source mode: collector listens on `3001\u002F3002`, web listens on `3000` by default.\n> If you changed `API_PORT` (not 3001), set `API_URL` accordingly (for example `API_URL=http:\u002F\u002Flocalhost:4001`) so web `\u002Fapi` rewrite targets the correct API.\n> `apps\u002Fcollector\u002F.env.local` takes precedence over `apps\u002Fcollector\u002F.env`.\n\n## 🤖 Agent Deployment\n\nUse Agent mode when you want one centralized Neko Master service and multiple remote devices (OpenWrt, Linux, macOS) collecting local gateway data. The agent runs near the gateway, pulls data, and reports to the panel — the panel never connects to the gateway directly.\n\nSupported gateway types: **Clash \u002F Mihomo** (WebSocket real-time) and **Surge v5+** (HTTP polling).\n\n### Quick Install (UI-generated command)\n\n1. In the dashboard, go to `Settings → Backends`, add an `Agent` backend, select gateway type\n2. Click **\"View Agent Script\"** and copy the one-line install command, then run it on the target host:\n\n```bash\n# Clash \u002F Mihomo gateway example\ncurl -fsSL https:\u002F\u002Fraw.githubusercontent.com\u002Fforu17\u002Fneko-master\u002Fmain\u002Fapps\u002Fagent\u002Finstall.sh \\\n  | env NEKO_SERVER='http:\u002F\u002Fyour-panel:3000' \\\n        NEKO_BACKEND_ID='1' \\\n        NEKO_BACKEND_TOKEN='ag_xxx' \\\n        NEKO_GATEWAY_TYPE='clash' \\\n        NEKO_GATEWAY_URL='http:\u002F\u002F127.0.0.1:9090' \\\n        sh\n\n# Surge gateway example\ncurl -fsSL https:\u002F\u002Fraw.githubusercontent.com\u002Fforu17\u002Fneko-master\u002Fmain\u002Fapps\u002Fagent\u002Finstall.sh \\\n  | env NEKO_SERVER='http:\u002F\u002Fyour-panel:3000' \\\n        NEKO_BACKEND_ID='2' \\\n        NEKO_BACKEND_TOKEN='ag_yyy' \\\n        NEKO_GATEWAY_TYPE='surge' \\\n        NEKO_GATEWAY_URL='http:\u002F\u002F127.0.0.1:9091' \\\n        sh\n```\n\nAfter install, manage instances with `nekoagent`:\n\n```bash\nnekoagent list               # list all instances\nnekoagent status \u003Cinstance>  # check running state\nnekoagent logs \u003Cinstance>    # tail live logs\nnekoagent restart \u003Cinstance> # restart\nnekoagent upgrade            # global upgrade (CLI + binary)\n```\n\n> The script auto-detects an existing installation — if `neko-agent` is already present, it only adds the new instance without re-downloading.\n> Multiple instances can run on the same host (different `NEKO_INSTANCE_NAME`), each pointing to a different gateway.\n\n### Agent Documentation\n\n- [Overview](.\u002Fdocs\u002Fagent\u002Foverview.en.md): architecture, Direct vs Agent comparison, security model\n- [Quick Start](.\u002Fdocs\u002Fagent\u002Fquick-start.en.md): end-to-end setup from UI to running agent\n- [Install Guide](.\u002Fdocs\u002Fagent\u002Finstall.en.md): install methods, systemd \u002F launchd autostart\n- [Configuration](.\u002Fdocs\u002Fagent\u002Fconfig.en.md): full flag and env variable reference\n- [Release Flow](.\u002Fdocs\u002Fagent\u002Frelease.en.md): versioning and compatibility policy\n- [Troubleshooting](.\u002Fdocs\u002Fagent\u002Ftroubleshooting.en.md): common errors and fixes\n\n## 📖 First Use\n\n![First Use](.\u002Fassets\u002Fneko-master-setup.png)\n\n### Connect Clash \u002F Mihomo\n\n1. Open \u003Chttp:\u002F\u002Flocalhost:3000>\n2. The **Gateway Configuration** dialog will appear on first visit\n3. Fill in your network gateway (e.g., OpenClash) connection info:\n   - **Name**: Custom name (e.g., \"Home Gateway\")\n   - **Type**: Select `Clash \u002F Mihomo`\n   - **Host**: Gateway backend address (e.g., `192.168.101.1`)\n   - **Port**: Gateway backend port (e.g., `9090`)\n   - **Token**: Fill if Secret is configured, otherwise leave empty\n4. Click \"Add Backend\" to save\n5. The system will automatically start collecting and analyzing traffic data\n\n> 💡 **Get Gateway Address**: Go to your gateway control panel (e.g., OpenClash) → Enable \"External Control\" → Copy API address\n\n### Connect Surge\n\n![Surge HTTP API Configuration](.\u002Fassets\u002Fneko-master-surge.png)\n\nNeko Master supports connecting to Surge gateways for complete rule chain visualization and traffic analysis.\n\n#### 1. Enable Surge HTTP API\n\nEnable HTTP remote API in your Surge configuration:\n\n```ini\n[General]\nhttp-api = 127.0.0.1:9091\nhttp-api-tls = false\nhttp-api-web-dashboard = true\n```\n\nOr configure via Surge's graphical interface:\n\n- **HTTP Remote API**: `Settings` → `General` → `HTTP Remote API`\n- **Port**: Default `9091`\n- **Authentication**: Recommended to set a password for enhanced security\n\n#### 2. Add Surge Backend in Neko Master\n\n1. Open Neko Master settings dialog\n2. Click \"Add Backend\"\n3. Fill in the connection info:\n   - **Name**: Custom name (e.g., \"Surge Home\")\n   - **Type**: Select `Surge`\n   - **Host**: IP address where Surge is running (e.g., `192.168.1.1` or `127.0.0.1`)\n   - **Port**: HTTP API port (default `9091`)\n   - **Token**: HTTP API password (if configured)\n4. Click \"Test Connection\" to verify the configuration\n5. Save the configuration\n\n> 💡 **Note**: Surge uses HTTP polling to fetch data (compared to Clash's WebSocket real-time stream), with a data refresh delay of approximately 2 seconds.\n\n## 🔧 Port Conflict Resolution\n\nIf you see \"port already in use\" error, here are the solutions:\n\n### Solution 1: Use .env File\n\nCreate a `.env` file in the same directory as `docker-compose.yml`:\n\n```env\nWEB_EXTERNAL_PORT=8080    # Change Web UI port\nAPI_EXTERNAL_PORT=8081    # Change API port\nWS_EXTERNAL_PORT=8082     # Change WebSocket external port (only for direct access)\nCOOKIE_SECRET=your-long-random-secret   # Strongly recommended to keep fixed\n```\n\nThen restart:\n\n```bash\ndocker compose down\ndocker compose up -d\n```\n\nNow access \u003Chttp:\u002F\u002Flocalhost:8080>\n\n### Solution 2: Directly Modify docker-compose.yml\n\n```yaml\nports:\n  - \"8080:3000\" # External 8080 → Internal 3000\n  - \"8082:3002\" # External 8082 → Internal 3002 (for proxy\u002Ftunnel WS forwarding)\n```\n\n> Note: if you use direct WS access (no reverse proxy) and external WS port is not `3002`, set `WS_EXTERNAL_PORT=\u003Cexternal-ws-port>`.\n\n### Solution 3: Use One-Click Script\n\n```bash\ncurl -fsSL https:\u002F\u002Fraw.githubusercontent.com\u002Fforu17\u002Fneko-master\u002Fmain\u002Fsetup.sh | bash\n```\n\nThe script will automatically detect and suggest available ports.\n\n## 🐳 Docker Configuration\n\n### Ports\n\n| Port |  Purpose  | External Required | Description                                                                                                 |\n| :--: | :-------: | :---------------: | :---------------------------------------------------------------------------------------------------------- |\n| 3000 |  Web UI   |        ✅         | Frontend entry point                                                                                        |\n| 3001 |    API    |     Optional      | Frontend uses same-origin `\u002Fapi` by default; usually no public exposure needed (default Compose maps it)  |\n| 3002 | WebSocket |     Optional      | Real-time push endpoint; recommended for reverse proxy\u002Ftunnel forwarding only (default Compose maps it)    |\n\n### Environment Variables (Deployment)\n\n| Variable | Default | Purpose | When to set |\n| :-- | :-- | :-- | :-- |\n| `WEB_PORT` | `3000` | Web listen port (inside container) | Usually unchanged |\n| `API_PORT` | `3001` | API listen port (inside container) | Usually unchanged |\n| `COLLECTOR_WS_PORT` | `3002` | WS listen port (inside container) | Usually unchanged |\n| `DB_PATH` | `\u002Fapp\u002Fdata\u002Fstats.db` | SQLite data path | Custom data path |\n| `WEB_EXTERNAL_PORT` | `3000` | External web port mapping in `docker-compose.yml` | External web port changed |\n| `API_EXTERNAL_PORT` | `3001` | External API port mapping in `docker-compose.yml` | Direct external API access needed |\n| `WS_EXTERNAL_PORT` | `3002` | External WS port mapping in `docker-compose.yml`; also used for direct WS port inference | Direct WS access without proxy and external WS port changed |\n| `NEXT_PUBLIC_API_URL` | empty | Override frontend API base URL (e.g. `https:\u002F\u002Fapi.example.com`) | API is not same-origin `\u002Fapi` |\n| `NEXT_PUBLIC_WS_URL` | empty | Override frontend WS URL (absolute URL or `\u002Fcustom_ws`) | Custom WS path\u002Fdomain |\n| `NEXT_PUBLIC_WS_PORT` | `3002` | WS direct-connection fallback port (**build-time only — setting this at Docker runtime has no effect**; use `WS_EXTERNAL_PORT` instead) | Only for custom source builds |\n| `API_URL` | `http:\u002F\u002Flocalhost:3001` | Next.js `\u002Fapi` rewrite target (mainly source\u002Fcustom builds) | API listen address changed |\n| `COOKIE_SECRET` | auto-generated | Cookie signing secret; if not fixed, sessions can be invalidated after restart when data dir is not persisted | Strongly recommended in production |\n| `GEOIP_LOOKUP_PROVIDER` | `online` | IP geolocation source (`online` \u002F `local`) | Default to local MMDB lookup |\n| `GEOIP_ONLINE_API_URL` | `https:\u002F\u002Fapi.ipinfo.es\u002Fipinfo` | Online IP geolocation API endpoint (must be compatible with `ipinfo.my` response schema) | Set only when you deploy a compatible endpoint |\n| `FORCE_ACCESS_CONTROL_OFF` | `false` | Force disable access control (emergency recovery) | Temporary use only when token is lost |\n| `SHOWCASE_SITE_MODE` | `false` | Read-only showcase mode (blocks sensitive write operations) | Public demo sites only |\n\n### Advanced Tuning Variables (Optional)\n\n| Variable | Default | Description |\n| :-- | :-- | :-- |\n| `FLUSH_INTERVAL_MS` | `30000` | Buffer flush interval for collector writes |\n| `FLUSH_MAX_BUFFER_SIZE` | `5000` | Max buffer entries before early flush |\n| `REALTIME_MAX_MINUTES` | `180` | Realtime in-memory window size (minutes) |\n| `REALTIME_RANGE_END_TOLERANCE_MS` | `120000` | End-time tolerance for range queries |\n| `SURGE_POLICY_SYNC_INTERVAL_MS` | `600000` | Surge policy sync interval |\n| `DB_RANGE_QUERY_CACHE_TTL_MS` | `8000` | Range-query cache TTL |\n| `DB_HISTORICAL_QUERY_CACHE_TTL_MS` | `300000` | Historical-query cache TTL |\n| `DB_RANGE_QUERY_CACHE_MAX_ENTRIES` | `1024` | Max range-query cache entries |\n| `DB_RANGE_QUERY_CACHE_DISABLED` | empty | Set `1` to disable range-query cache |\n| `DEBUG_SURGE` | `false` | Enable Surge collector debug logs (`true`) |\n\n### API \u002F WS Resolution Priority\n\n1. API client base: `runtime-config.API_URL` → `NEXT_PUBLIC_API_URL` → same-origin `\u002Fapi`\n2. `\u002Fapi` server-side rewrite target: `API_URL` (default `http:\u002F\u002Flocalhost:3001`, applied in Next.js rewrites)\n3. WS URL: `runtime-config.WS_URL` → `NEXT_PUBLIC_WS_URL` → auto candidates (when `runtime-config.WS_PORT` is set, direct port is preferred; otherwise `\u002F_cm_ws` is tried first)\n4. WS port: `runtime-config.WS_PORT` (from `WS_EXTERNAL_PORT`) → `NEXT_PUBLIC_WS_PORT` → `3002`\n5. In normal deployments, `NEXT_PUBLIC_WS_URL` is usually unnecessary unless you use a custom WS path\u002Fdomain\n\n### Production Environment Baseline (Recommended)\n\n```env\nNODE_ENV=production\nDB_PATH=\u002Fapp\u002Fdata\u002Fstats.db\nCOOKIE_SECRET=\u003Cat least 32-byte random string>\n# Optional: default to local MMDB lookup\n# GEOIP_LOOKUP_PROVIDER=local\n# Keep false in normal operation\n# FORCE_ACCESS_CONTROL_OFF=false\n```\n\nUse `openssl rand -hex 32` to generate `COOKIE_SECRET`.\n\nAdditional recommendations:\n\n1. Mount persistent storage (for example `.\u002Fdata:\u002Fapp\u002Fdata`) to avoid data and secret loss.\n2. If using direct WS access and external WS port is not `3002`, set `WS_EXTERNAL_PORT` accordingly.\n3. If API port\u002Faddress changes in source deployment, update `API_URL` as well.\n4. For local MMDB lookup, mount `.\u002Fgeoip:\u002Fapp\u002Fdata\u002Fgeoip:ro` and switch source in `Settings -> Preferences -> IP Lookup Source`.\n5. MMDB files are large and are not bundled in the image. Download and place them in `.\u002Fgeoip` with fixed names:\n   `GeoLite2-City.mmdb`, `GeoLite2-ASN.mmdb` (required), and `GeoLite2-Country.mmdb` (optional).\n   Recommended source: \u003Chttps:\u002F\u002Fgithub.com\u002FP3TERX\u002FGeoLite.mmdb>.\n\n> Advanced Agent details (install, config, release, compatibility) are maintained under `docs\u002Fagent\u002F*`.\n\n## 🗄️ ClickHouse (Optional)\n\nSQLite is Neko Master's default storage engine and works well for most users.\nConsider enabling ClickHouse if you need:\n\n- Very large datasets (hundreds of thousands of domain\u002FIP entries)\n- Fast aggregation queries over long time ranges (≥ 7 days)\n- Separation of historical stats from configuration\u002Fmetadata storage\n\n> ClickHouse is entirely optional. SQLite remains as the configuration and metadata store regardless of whether ClickHouse is enabled.\n\n### Architecture Overview\n\nWhen ClickHouse is enabled, the system enters **dual-write mode**:\n\n```\nBatchBuffer.flush()\n    │\n    ├──→ SQLite (config \u002F metadata, always written)\n    └──→ ClickHouse (stats traffic data, dual-write)\n           └── Buffer tables → SummingMergeTree async merge\n```\n\nRead source is controlled by `STATS_QUERY_SOURCE` (default: `sqlite`).\n\n### Enabling ClickHouse (Docker)\n\n#### Step 1: Start the ClickHouse container\n\nThe repository's built-in `docker-compose.yml` already includes a ClickHouse service, gated by\n`profiles: [clickhouse]` so it does not start by default. From the repository root, run:\n\n```bash\ndocker compose --profile clickhouse up -d\n```\n\n> ClickHouse data is persisted to `.\u002Fdata\u002Fclickhouse`, separate from the main app data directory.\n\nIf you use a **custom `docker-compose.yml`** (such as Scenario A\u002FB above), add the ClickHouse\nservice block manually:\n\n```yaml\nservices:\n  neko-master:\n    # ... your existing config ...\n    environment:\n      # append to existing environment section:\n      - CH_ENABLED=${CH_ENABLED:-0}\n      - CH_HOST=${CH_HOST:-clickhouse}\n      - CH_PORT=${CH_PORT:-8123}\n      - CH_DATABASE=${CH_DATABASE:-neko_master}\n      - CH_USER=${CH_USER:-neko}\n      - CH_PASSWORD=${CH_PASSWORD:-neko_master}\n      - CH_WRITE_ENABLED=${CH_WRITE_ENABLED:-0}\n      - STATS_QUERY_SOURCE=${STATS_QUERY_SOURCE:-sqlite}\n    networks:\n      - neko-master-network\n\n  clickhouse:\n    image: clickhouse\u002Fclickhouse-server:24.8\n    container_name: neko-master-clickhouse\n    restart: unless-stopped\n    profiles: [\"clickhouse\"]\n    ports:\n      - \"${CH_EXTERNAL_HTTP_PORT:-8123}:8123\"\n      - \"${CH_EXTERNAL_NATIVE_PORT:-9000}:9000\"\n    volumes:\n      - .\u002Fdata\u002Fclickhouse:\u002Fvar\u002Flib\u002Fclickhouse\n    environment:\n      - CLICKHOUSE_DB=${CH_DATABASE:-neko_master}\n      - CLICKHOUSE_USER=${CH_USER:-neko}\n      - CLICKHOUSE_PASSWORD=${CH_PASSWORD:-neko_master}\n      - CLICKHOUSE_DEFAULT_ACCESS_MANAGEMENT=1\n    networks:\n      - neko-master-network\n    healthcheck:\n      test: [\"CMD-SHELL\", \"wget -q --spider http:\u002F\u002F127.0.0.1:8123\u002Fping || exit 1\"]\n      interval: 30s\n      timeout: 10s\n      retries: 3\n      start_period: 40s\n\nnetworks:\n  neko-master-network:\n    driver: bridge\n```\n\n#### Step 2: Configure environment variables\n\nAdd to your `.env` (same directory as `docker-compose.yml`):\n\n```env\n# Enable ClickHouse connection\nCH_ENABLED=1\n\n# Enable dual-write\nCH_WRITE_ENABLED=1\n\n# Read source: sqlite (default) \u002F auto (smart routing) \u002F clickhouse (force)\nSTATS_QUERY_SOURCE=auto\n\n# ClickHouse connection (defaults match docker-compose.yml, no change needed)\nCH_HOST=clickhouse\nCH_PORT=8123\nCH_DATABASE=neko_master\nCH_USER=neko\nCH_PASSWORD=neko_master\n```\n\nRestart:\n\n```bash\ndocker compose --profile clickhouse up -d\n```\n\n### ClickHouse Environment Variables\n\n| Variable | Default | Description |\n| :-- | :-- | :-- |\n| `CH_ENABLED` | `0` | Enable ClickHouse connection (`1` to enable) |\n| `CH_WRITE_ENABLED` | `0` | Enable dual-write (requires `CH_ENABLED=1`) |\n| `CH_ONLY_MODE` | `0` | When CH is healthy, skip SQLite stats writes (CH-only mode) |\n| `CH_HOST` | `clickhouse` | ClickHouse host address |\n| `CH_PORT` | `8123` | ClickHouse HTTP port |\n| `CH_DATABASE` | `neko_master` | Database name |\n| `CH_USER` | `neko` | Username |\n| `CH_PASSWORD` | `neko_master` | Password |\n| `CH_SECURE` | `0` | Use HTTPS connection |\n| `CH_REQUIRED` | `0` | Refuse to start if CH is unavailable |\n| `CH_AUTO_CREATE_TABLES` | `1` | Auto-create tables on first start |\n| `CH_WRITE_MAX_PENDING_BATCHES` | `200` | Max pending write batches |\n| `CH_UNHEALTHY_THRESHOLD` | `5` | Consecutive failures before marking unhealthy (auto-fallback to SQLite) |\n| `STATS_QUERY_SOURCE` | `sqlite` | Read source: `sqlite` \u002F `auto` \u002F `clickhouse` |\n| `CH_COMPARE_ENABLED` | `0` | Enable SQLite ↔ ClickHouse consistency check |\n| `CH_EXTERNAL_HTTP_PORT` | `8123` | ClickHouse HTTP external port (Compose mapping) |\n| `CH_EXTERNAL_NATIVE_PORT` | `9000` | ClickHouse Native external port (Compose mapping) |\n\n> **Health & Fallback**: After `CH_UNHEALTHY_THRESHOLD` consecutive write failures, the system automatically marks ClickHouse as unhealthy and resumes SQLite writes—even when `CH_ONLY_MODE=1`. Once ClickHouse recovers, it is re-marked healthy and logged.\n\n### Migration Guide for Existing Users\n\n> Upgrading from a SQLite-only version? **Your data is safe.**\n> The SQLite file (`.\u002Fdata\u002Fstats.db`) is fully preserved. Here is the recommended gradual migration path:\n\n#### Phase 1: Dual-write (observation period, recommended starting point)\n\n```env\nCH_ENABLED=1\nCH_WRITE_ENABLED=1\nSTATS_QUERY_SOURCE=sqlite   # Keep reading from SQLite while CH accumulates data\n```\n\nStart and watch `[ClickHouse Writer]` logs to confirm successful writes.\n\n#### Phase 2: Switch read source\n\n```env\nSTATS_QUERY_SOURCE=auto        # Smart routing: recent data from CH, historical from SQLite\n# or\nSTATS_QUERY_SOURCE=clickhouse  # Force all reads to ClickHouse\n```\n\n#### Phase 3 (optional): Migrate historical data\n\nTo move historical SQLite stats into ClickHouse:\n\n```bash\n# Standard migration (truncate CH then re-import, with consistency check)\n.\u002Fscripts\u002Fch-migrate-docker.sh\n\n# Append mode (keep existing CH data, incremental import)\n.\u002Fscripts\u002Fch-migrate-docker.sh --append\n\n# Specific time window\n.\u002Fscripts\u002Fch-migrate-docker.sh --from 2026-02-01T00:00:00Z --to 2026-02-20T00:00:00Z\n```\n\n#### Phase 4 (optional): CH-only mode\n\nOnce ClickHouse is running stably, stop SQLite stats writes:\n\n```env\nCH_ONLY_MODE=1\n```\n\n> Even with `CH_ONLY_MODE=1`, if ClickHouse becomes unhealthy the system automatically falls back to SQLite writes—no data loss.\n\n### Reverting to SQLite-only\n\nYou can always roll back completely:\n\n```env\nCH_ENABLED=0\nCH_WRITE_ENABLED=0\nCH_ONLY_MODE=0\nSTATS_QUERY_SOURCE=sqlite\n```\n\nRestart and everything returns to pure SQLite mode. Historical data remains intact.\n\n---\n\n## 🌐 Reverse Proxy & Tunnel\n\nRecommended approach: keep Web and WS under the same domain, with path routing:\n`\u002F` → `3000`, `\u002F_cm_ws` → `3002`.\n\n### Nginx Standard Example\n\n```nginx\nserver {\n  listen 443 ssl http2;\n  server_name neko.example.com;\n\n  location \u002F {\n    proxy_pass http:\u002F\u002F\u003Cneko-master-host>:3000;\n    proxy_http_version 1.1;\n    proxy_set_header Host $host;\n    proxy_set_header X-Real-IP $remote_addr;\n    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n    proxy_set_header X-Forwarded-Proto $scheme;\n  }\n\n  location ^~ \u002F_cm_ws {\n    proxy_pass http:\u002F\u002F\u003Cneko-master-host>:3002;\n    proxy_http_version 1.1;\n    proxy_set_header Upgrade $http_upgrade;\n    proxy_set_header Connection \"upgrade\";\n    proxy_set_header Host $host;\n    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n    proxy_set_header X-Forwarded-Proto $scheme;\n    proxy_read_timeout 86400;\n    proxy_send_timeout 86400;\n    proxy_buffering off;\n  }\n}\n```\n\nOptional env override:\n\n```env\n# Not required by default (already \u002F_cm_ws)\n# NEXT_PUBLIC_WS_URL=\u002Fcustom_ws\n```\n\n### Cloudflare Tunnel Standard Example\n\n`~\u002F.cloudflared\u002Fconfig.yml`:\n\n```yaml\ntunnel: \u003Cyour-tunnel-name-or-id>\ncredentials-file: \u002Fpath\u002Fto\u002F\u003Ccredentials>.json\n\ningress:\n  - hostname: neko.example.com\n    path: \u002F_cm_ws*\n    service: http:\u002F\u002Flocalhost:3002\n  - hostname: neko.example.com\n    path: \u002F*\n    service: http:\u002F\u002Flocalhost:3000\n  - service: http_status:404\n```\n\nRun:\n\n```bash\ncloudflared tunnel --config ~\u002F.cloudflared\u002Fconfig.yml run \u003Cyour-tunnel-name-or-id>\n```\n\nFor Zero Trust dashboard-managed routes (token mode), configure the same two routes and keep `\u002F_cm_ws*` above `\u002F*`.\n\n### Key Notes\n\n1. Do not use `ws` (without leading slash) as WS path; it can overmatch and cause `\u002F_next\u002Fstatic\u002F...` → `426 Upgrade Required`\n2. WS route must be above catch-all `\u002F*`\n3. `NEXT_PUBLIC_WS_URL` is optional by default; if customized, restart frontend\u002Fcontainer after changes\n4. Mapping only `3000` still works, but falls back to HTTP polling (~5s), with less real-time responsiveness\n5. `beacon.min.js` failures (Cloudflare analytics script) are typically unrelated to app API\u002FWS data flow\n6. No extra `\u002Fapi` reverse-proxy rule is required in most setups; frontend uses same-origin `\u002Fapi` and app handles internal forwarding to `3001`\n\n> Note: `\u002F_next\u002Fstatic\u002F... 426 Upgrade Required` is common in **misconfigured reverse proxy \u002F tunnel** setups; it is uncommon in direct local access without a proxy.\n\n### Multi-Architecture Support\n\nDocker images support both `linux\u002Famd64` and `linux\u002Farm64`.\n\n### Data Persistence\n\nData is stored in `\u002Fapp\u002Fdata` inside the container. Mount it to host to prevent data loss:\n\n```yaml\nvolumes:\n  - .\u002Fdata:\u002Fapp\u002Fdata\n```\n\n### Update to Latest\n\n```bash\n# Pull the latest image and restart\ndocker compose pull\ndocker compose up -d\n```\n\n## 🔐 Authentication & Security\n\nNeko Master supports access authentication to protect dashboard data.\n\n### Production Security Baseline\n\n1. Set a fixed `COOKIE_SECRET` (otherwise sessions may be invalidated after restart).\n2. Do not keep `FORCE_ACCESS_CONTROL_OFF=true` enabled in normal operation.\n3. Use `SHOWCASE_SITE_MODE=true` only for public demo environments (write operations are restricted).\n\nExample:\n\n```env\nCOOKIE_SECRET=\u003Cat least 32-byte random string>\n# FORCE_ACCESS_CONTROL_OFF=false\n# SHOWCASE_SITE_MODE=false\n```\n\n### Enable \u002F Disable Authentication\n\n1. Open dashboard and click \"Settings\" in the lower-left sidebar.\n2. Go to the \"Security\" tab.\n3. Enable\u002Fdisable access control and set your token.\n\n### Forgot Token (Emergency Reset)\n\nIf you forgot the token, temporarily set `FORCE_ACCESS_CONTROL_OFF=true` to enter emergency mode.\n\n#### Docker Compose\n\n1. Add to `docker-compose.yml`:\n\n   ```yaml\n   environment:\n     - FORCE_ACCESS_CONTROL_OFF=true\n   ```\n\n2. Restart:\n\n   ```bash\n   docker compose up -d\n   ```\n\n3. Open dashboard and reset token in \"Settings -> Security\".\n4. Remove this env var immediately after reset, then restart again.\n\n#### Docker CLI\n\n1. Stop and remove container:\n\n   ```bash\n   docker stop neko-master\n   docker rm neko-master\n   ```\n\n2. Re-run with emergency flag:\n\n   ```bash\n   docker run -d \\\n     --name neko-master \\\n     -p 3000:3000 \\\n     -v $(pwd)\u002Fdata:\u002Fapp\u002Fdata \\\n     -e FORCE_ACCESS_CONTROL_OFF=true \\\n     foru17\u002Fneko-master:latest\n   ```\n\n3. Reset token, then remove this flag and restart normally.\n\n\n## ❓ FAQ\n\n### Q: Can I run normally with only `3000:3000` exposed?\n\n**A:** Yes. Core features still work.\nIf WS is not routed, the app automatically falls back to HTTP polling.\nFor full realtime experience, route `\u002F_cm_ws` to `3002`.\n\n### Q: Port conflict or inaccessible after port changes?\n\n**A:** Create\u002Fupdate `.env` (same directory as `docker-compose.yml`):\n\n```env\nWEB_EXTERNAL_PORT=8080\nAPI_EXTERNAL_PORT=8081\nWS_EXTERNAL_PORT=8082\n```\n\nThen restart:\n\n```bash\ndocker compose down\ndocker compose up -d\n```\n\n### Q: Why does login\u002Fsession disappear after restart?\n\n**A:** Usually because `COOKIE_SECRET` is not fixed or data directory is not persisted.\n\n1. Set a fixed `COOKIE_SECRET`\n2. Mount `.\u002Fdata:\u002Fapp\u002Fdata`\n\n### Q: Which files are required for local MMDB lookup?\n\n**A:** Create `.\u002Fgeoip` in your project directory (same level as `docker-compose.yml` is recommended), then place:\n\n1. `GeoLite2-City.mmdb` (required)\n2. `GeoLite2-ASN.mmdb` (required)\n3. `GeoLite2-Country.mmdb` (optional)\n\nRecommended source: \u003Chttps:\u002F\u002Fgithub.com\u002FP3TERX\u002FGeoLite.mmdb>.\nInside the container, the fixed lookup path is `\u002Fapp\u002Fdata\u002Fgeoip`, so keep:\n`.\u002Fgeoip:\u002Fapp\u002Fdata\u002Fgeoip:ro`. To update later, just replace files in host `.\u002Fgeoip`.\n\n### Q: Failed to connect OpenClash \u002F gateway?\n\n**A:** Check:\n\n1. External control is enabled on gateway side\n2. Host\u002Fport is correct\n3. Token\u002FSecret is correct (if configured)\n4. Container network can reach gateway\n\n### Q: How to backup and restore data?\n\n**A:** Backup first:\n\n```bash\ncp -r .\u002Fdata .\u002Fdata-backup-$(date +%Y%m%d)\n```\n\nRestore:\n\n```bash\ndocker compose down\ncp -r .\u002Fdata-backup-YYYYMMDD\u002F. .\u002Fdata\u002F\ndocker compose up -d\n```\n\n## 🏗️ Architecture Guide\n\nIf you want to quickly understand the system design depth, read in this order:\n\n1. **System Architecture Diagram**: end-to-end layering and module responsibilities → [docs\u002Farchitecture.en.md](.\u002Fdocs\u002Farchitecture.en.md)\n2. **Data Flow**: Clash \u002F Surge collection pipelines and aggregation\n3. **Data Model & Storage**: SQLite schema, ClickHouse Buffer tables, retention policy\n4. **Realtime Channel Design**: `RealtimeStore` merge strategy and WS push\n5. **ClickHouse Module**: dual-write architecture, health fallback, read routing\n\nFull documentation index: [docs\u002FREADME.md](.\u002Fdocs\u002FREADME.md)\n\n> This documentation covers the core design of collection, aggregation, caching, realtime push, and multi-backend management.\n\n## 🤝 Feedback & Issues\n\nThis project uses GitHub Issue Templates (Bug \u002F Feature \u002F Support).\n\nPlease include at least:\n\n1. Deployment method (Compose \u002F Docker Run \u002F Source)\n2. Version info (image tag or commit)\n3. Key env vars (masked, e.g. `COOKIE_SECRET=***`)\n4. Reproduction steps and expected vs actual behavior\n5. Key logs (`docker logs`, browser console, network errors)\n\n## 📁 Project Structure\n\n```\nneko-master\u002F\n├── docker-compose.yml      # Docker Compose config\n├── Dockerfile              # Docker image build\n├── setup.sh                # One-click setup script\n├── docker-start.sh         # Docker container startup script\n├── start.sh                # Source code dev startup script\n├── docs\u002F                   # Documentation (see docs\u002FREADME.md)\n│   ├── README.md           # Documentation index (English default)\n│   ├── README.zh.md        # Documentation index (Chinese)\n│   ├── README.en.md        # Documentation index (English mirror)\n│   ├── architecture.md     # System architecture (Chinese)\n│   ├── architecture.en.md  # System architecture (English)\n│   ├── release-checklist.md\n│   ├── agent\u002F              # Agent docs (bilingual)\n│   │   ├── overview.md \u002F overview.en.md\n│   │   ├── quick-start.md \u002F quick-start.en.md\n│   │   ├── install.md \u002F install.en.md\n│   │   ├── config.md \u002F config.en.md\n│   │   ├── release.md \u002F release.en.md\n│   │   └── troubleshooting.md \u002F troubleshooting.en.md\n│   ├── research\u002F           # Research reports\n│   └── dev\u002F                # Internal development docs\n├── assets\u002F                 # Screenshots and icons\n├── apps\u002F\n│   ├── collector\u002F          # Data collection service (Node.js + WebSocket)\n│   ├── agent\u002F              # Agent daemon (Go)\n│   └── web\u002F                # Next.js frontend app\n└── packages\u002F\n    └── shared\u002F             # Shared types and utilities\n```\n\n## 🛠️ Tech Stack\n\n- **Frontend**: [Next.js 16](https:\u002F\u002Fnextjs.org\u002F) + [React 19](https:\u002F\u002Freact.dev\u002F) + [TypeScript](https:\u002F\u002Fwww.typescriptlang.org\u002F)\n- **Styling**: [Tailwind CSS](https:\u002F\u002Ftailwindcss.com\u002F) + [shadcn\u002Fui](https:\u002F\u002Fui.shadcn.com\u002F)\n- **Charts**: [Recharts](https:\u002F\u002Frecharts.org\u002F)\n- **i18n**: [next-intl](https:\u002F\u002Fnext-intl-docs.vercel.app\u002F)\n- **Backend**: [Node.js](https:\u002F\u002Fnodejs.org\u002F) + [Fastify](https:\u002F\u002Fwww.fastify.io\u002F) + WebSocket\n- **Database**: [SQLite](https:\u002F\u002Fwww.sqlite.org\u002F) ([better-sqlite3](https:\u002F\u002Fgithub.com\u002FWiseLibs\u002Fbetter-sqlite3)) + [ClickHouse](https:\u002F\u002Fclickhouse.com\u002F) (optional)\n- **Build**: [pnpm](https:\u002F\u002Fpnpm.io\u002F) + [Turborepo](https:\u002F\u002Fturbo.build\u002F)\n\n## 🤝 Contributing\n\nContributions are welcome!\n\n- 🐛 [Submit Bug](https:\u002F\u002Fgithub.com\u002Fforu17\u002Fneko-master\u002Fissues\u002Fnew)\n- 💡 [Request Feature](https:\u002F\u002Fgithub.com\u002Fforu17\u002Fneko-master\u002Fissues\u002Fnew)\n- 🔧 [Contribute Code](https:\u002F\u002Fgithub.com\u002Fforu17\u002Fneko-master\u002Fpulls)\n\n## 📄 License\n\n[MIT](LICENSE) © [foru17](https:\u002F\u002Fgithub.com\u002Fforu17)\n\n---\n\n## ⭐ Star History\n\n[![Star History Chart](https:\u002F\u002Fapi.star-history.com\u002Fsvg?repos=foru17\u002Fneko-master&type=date&legend=top-left)](https:\u002F\u002Fwww.star-history.com\u002F#foru17\u002Fneko-master&type=date&legend=top-left)\n\n---\n\n\u003Cp align=\"center\">\n  \u003Csub>Made with ❤️ by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fforu17\">@foru17\u003C\u002Fa>\u003C\u002Fsub>\u003Cbr>\n  \u003Csub>If this project helps you, please consider giving it a ⭐\u003C\u002Fsub>\n\u003C\u002Fp>\n","Neko Master 是一个现代化且优雅的网络流量可视化和分析仪表板。该项目采用 TypeScript 开发，具备实时监控、流量审计及多网关支持等核心功能，能够帮助用户清晰地查看网络流量状况。它适用于需要对本地网关环境下的网络流量进行管理和优化的场景，如个人或企业网络管理。通过直观的数据展示界面，用户可以更有效地识别和解决网络问题。",2,"2026-06-11 03:51:28","high_star"]