github/Xray-examples
1
0
Fork 0
mirror of https://github.com/XTLS/Xray-examples.git synced 2025-06-28 13:16:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

Switched to latest VISION flow - block private address access by default

Browse Source
This commit is contained in:
uzziel 2023-01-10 14:26:39 +03:30
parent 3de196c60e
commit 5f0b06b10f
1 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
All-in-One-fallbacks-Nginx/server.json
View File

@ -11,7 +11,8 @@
"clients": [ "clients": [
{ {
"id": "90e4903e-66a4-45f7-abda-fd5d5ed7f797", "id": "90e4903e-66a4-45f7-abda-fd5d5ed7f797",
"flow": "xtls-rprx-direct" //To enable XTLS Direct, this configuration must be added; otherwise, delete it. V2Ray has deleted the XTLS application since version v4.33.0. If you want to use this application, it is recommended to choose Xray. "flow": "xtls-rprx-vision"
// "flow": "xtls-rprx-direct"
} }
], ],
"decryption": "none", "decryption": "none",
@ -98,9 +99,11 @@
}, },
"streamSettings": { "streamSettings": {
"network": "tcp", "network": "tcp",
"security": "xtls", //If XTLS Direct is enabled, tls must be changed to xtls; otherwise, tls will be restored. // If XTLS Vision is enabled, "security" must be "tls"
"xtlsSettings": { // If XTLS Direct is enabled, "security" must be "xtls"
//If XTLS Direct is enabled, tlsSettings must be changed to xtlsSettings; otherwise, restore tlsSettings. "security": "tls",
// If XTLS Direct is enabled, "tlsSettings" should also be changed to "xtlsSettings"
"tlsSettings": {
"certificates": [ "certificates": [
{ {
"ocspStapling": 3600, //The Xray version is not less than v1.3.0 to support configuring the time interval between OCSP stapling update and certificate hot reload. Currently V2Ray does not support it. If you use V2Ray as the server, you must delete this configuration. "ocspStapling": 3600, //The Xray version is not less than v1.3.0 to support configuring the time interval between OCSP stapling update and certificate hot reload. Currently V2Ray does not support it. If you use V2Ray as the server, you must delete this configuration.
@ -594,11 +597,6 @@
"domainStrategy": "AsIs", "domainStrategy": "AsIs",
"settings": { "settings": {
"rules": [ "rules": [
// {
// "type": "field",
// "outboundTag": "blackhole",
// "ip": ["geoip:private"]
// },
// { // {
// // DNS Cache rule // // DNS Cache rule
// "type": "field", // "type": "field",
@ -606,6 +604,11 @@
// "network": "tcp,udp", // "network": "tcp,udp",
// "outboundTag": "DNS-Internal" // "outboundTag": "DNS-Internal"
// }, // },
{
"type": "field",
"outboundTag": "blackhole",
"ip": ["geoip:private"]
},
{ {
"type": "field", // Block BitTorrent protocol "type": "field", // Block BitTorrent protocol
"outboundTag": "blackhole", "outboundTag": "blackhole",