github/Xray-examples
1
0
Fork 0
mirror of https://github.com/XTLS/Xray-examples.git synced 2025-04-21 19:29:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: github:11609f587fe0327dc01a6f519277dccd0b10b566
Branches Tags
github:main
github:Del-`path`-on-Xray
..
compare: github:5ae00c5bb2750d6ba6d9cac6a4ca8e9bfa73db4c
Branches Tags
github:main
github:Del-`path`-on-Xray

No commits in common. "11609f587fe0327dc01a6f519277dccd0b10b566" and "5ae00c5bb2750d6ba6d9cac6a4ca8e9bfa73db4c" have entirely different histories.
11609f587f ... 5ae00c5bb2

9 changed files with 43 additions and 81 deletions
Show Stats Expand all files Collapse all files

8
Trojan-TCP-XTLS/config_client.json
View File

@ -29,10 +29,10 @@
"settings": { "settings": {
"servers": [ "servers": [
{ {
"address": "example.com", // your domain name or server IP "address": "example.com", // IP
"flow": "xtls-rprx-direct", // Linux or android can be changed to "xtls-rprx-splice" "flow": "xtls-rprx-direct", // Linux "xtls-rprx-splice"
"port": 443, "port": 443,
"password": "your_password" // your password "password": "your_password" //
} }
] ]
}, },
@ -40,7 +40,7 @@
"network": "tcp", "network": "tcp",
"security": "xtls", "security": "xtls",
"xtlsSettings": { "xtlsSettings": {
"serverName": "example.com" // your domain name "serverName": "example.com" //
} }
} }
} }

10
Trojan-TCP-XTLS/config_server.json
View File

@ -9,7 +9,7 @@
"settings": { "settings": {
"clients": [ "clients": [
{ {
"password":"your_password", // password "password":"your_password", //
"flow": "xtls-rprx-direct" "flow": "xtls-rprx-direct"
} }
], ],
@ -35,12 +35,12 @@
], ],
"certificates": [ "certificates": [
{ {
"certificateFile": "/path/to/cert", // Certificate file absolute directory "certificateFile": "/path/to/cert", //
"keyFile": "/path/to/key", // Key file absolute directory "keyFile": "/path/to/key", //
"ocspStapling": 3600 // Verification cycle 3600 Second "ocspStapling": 3600 // 3600
} }
], ],
"minVersion": "1.2" // If it is an ecc certificate, use TLSv1.2 at least. If you don't know the certificate type or it is not an ecc certificate, delete this line "minVersion": "1.2" // ecc使 TLSv1.2 ecc
} }
} }
} }

16
VLESS-TCP-XTLS-Vision/README.ENG.md
View File

@ -1,16 +0,0 @@
:+1:**XTLS Vision [Introduction](https://github.com/XTLS/Xray-core/discussions/1295)**
**Usage Reminder:**
:exclamation: Compared with the usage base of XTLS Vision, there are almost no reports of Vision being blocked with **correct configuration**. **Correct configuration** refers to:
1. The server uses a reasonable port and prohibits traffic returning to China
2. Only configure XTLS Vision, not compatible with ordinary TLS proxy
3. Fall back to the web page, do not fall back/distribute to other proxy agreements
4. Client enables uTLS (fingerprint) [#1](https://github.com/XTLS/Xray-core/issues/1544#issuecomment-1399194727)
First of all, if you really don't want to be blocked, **please choose a clean IP** first, and build and use XTLS Vision according to **correct configuration**.
**However, even if you do this, there is no guarantee that you will not be blocked** 100%. Since the end of last year, many people's unknown traffic has been blocked in seconds, and TLS in TLS traffic has been blocked every other day. XTLS Vision is not unknown traffic, and fully handles TLS in TLS features, so far it seems to be effective. **But this does not mean that XTLS Vision can be 100% unblocked. It is very, very important to realize this, and don't make a fuss if you are accidentally blocked**.
**Because besides the agreement itself, there are many angles that can block you**. Taking IP as an example, you can't guarantee that the IP is really clean, you can't avoid being affected by neighbors, and you can't avoid the entire IP segment being pulled out of the list. It is also possible that GFWs in certain regions have unique standards. For example, if a certain IP has only a few people accessing it, but it can run so much traffic, it will be blocked. **If your XTLS Vision is blocked, but there is no large-scale blocked report like TLS at the end of last year, I sincerely suggest that you change the port, change the IP, and change the service provider to try again**. [#2](https://github.com/XTLS/Xray-core/issues/1544#issuecomment-1402118517)

2
VLESS-TCP-XTLS-Vision/README.md
View File

@ -1,7 +1,5 @@
:+1:**XTLS Vision [简介](https://github.com/XTLS/Xray-core/discussions/1295)** :+1:**XTLS Vision [简介](https://github.com/XTLS/Xray-core/discussions/1295)**
[ENGLISH](README.ENG.md)
**使用提醒:** **使用提醒:**
:exclamation:相对于 XTLS Vision 的使用基数,目前几乎没有收到 **配置正确** 的 Vision 被封端口的报告,**配置正确** 指的是: :exclamation:相对于 XTLS Vision 的使用基数,目前几乎没有收到 **配置正确** 的 Vision 被封端口的报告,**配置正确** 指的是:

18
VLESS-TCP-XTLS-Vision/config_client.json
View File

@ -25,8 +25,8 @@
}, },
"inbounds": [ "inbounds": [
{ {
"listen": "127.0.0.1", // Fill in 0.0.0.0 to allow connections from LAN "listen": "127.0.0.1", // 0.0.0.0
"port": 10808, // local socks listening port "port": 10808, // v2rayN socks
"protocol": "socks", "protocol": "socks",
"settings": { "settings": {
"udp": true "udp": true
@ -40,8 +40,8 @@
} }
}, },
{ {
"listen": "127.0.0.1", // Fill in "0.0.0.0" to allow connections from LAN "listen": "127.0.0.1", // "0.0.0.0"
"port": 10809, // Local http listening port "port": 10809, // v2rayN http
"protocol": "http", "protocol": "http",
"sniffing": { "sniffing": {
"enabled": true, "enabled": true,
@ -58,11 +58,11 @@
"settings": { "settings": {
"vnext": [ "vnext": [
{ {
"address": "", // Address, domain name or IP of the server "address": "", // IP
"port": 443, // Port, consistent with the server "port": 443, //
"users": [ "users": [
{ {
"id": "", // User ID, consistent with the server "id": "", // ID
"encryption": "none", "encryption": "none",
"flow": "xtls-rprx-vision" "flow": "xtls-rprx-vision"
} }
@ -74,9 +74,9 @@
"network": "tcp", "network": "tcp",
"security": "tls", "security": "tls",
"tlsSettings": { "tlsSettings": {
"serverName": "", // SNI, if "address" is filled with the domain name of the server, it can be left blank. If "address" is filled with the IP of the server, fill in the domain name contained in the certificate of the server here "serverName": "", // SNI"address""address"IP
"allowInsecure": false, "allowInsecure": false,
"fingerprint": "chrome" // Used to configure the fingerprint of the specified TLS Client Hello, Xray will simulate the TLS fingerprint through the uTLS library, or generate it randomly "fingerprint": "chrome" // TLS Client Hello Xray uTLS TLS
} }
}, },
"tag": "proxy" "tag": "proxy"

14
VLESS-TCP-XTLS-Vision/config_server.json
View File

@ -16,13 +16,13 @@
}, },
"inbounds": [ "inbounds": [
{ {
"listen": "0.0.0.0", // "0.0.0.0" Indicates listening to both IPv4 and IPv6 "listen": "0.0.0.0", // "0.0.0.0" IPv4IPv6
"port": 443, // The port on which the server listens "port": 443, //
"protocol": "vless", "protocol": "vless",
"settings": { "settings": {
"clients": [ "clients": [
{ {
"id": "", // User ID, perform xray uuid generation, or a string of 1-30 bytes "id": "", // ID xray uuid 1-30
"flow": "xtls-rprx-vision" "flow": "xtls-rprx-vision"
} }
], ],
@ -48,8 +48,8 @@
"certificates": [ "certificates": [
{ {
"ocspStapling": 3600, "ocspStapling": 3600,
"certificateFile": "/etc/ssl/private/fullchain.cer", // For the certificate file, it is recommended to use fullchain (full SSL certificate chain). If there is only a website certificate, v2rayN can be used but v2rayNG cannot be used. Usually, the extension is not distinguished "certificateFile": "/etc/ssl/private/fullchain.cer", // fullchainSSLv2rayN使v2rayNG使
"keyFile": "/etc/ssl/private/private.key" // private key file "keyFile": "/etc/ssl/private/private.key" //
} }
] ]
} }
@ -76,8 +76,8 @@
"policy": { "policy": {
"levels": { "levels": {
"0": { "0": {
"handshake": 2, // The handshake time limit when the connection is established, in seconds, the default value is 4, it is recommended to be different from the default value "handshake": 2, // 4
"connIdle": 120 // Connection idle time limit in seconds, the default value is 300, it is recommended to be different from the default value "connIdle": 120 // 300
} }
} }
} }

18
VLESS-TCP-XTLS-WHATEVER/README.ENG.md
View File

@ -1,18 +0,0 @@
# VLESS over TCP with XTLS + fallback & split to WHATEVER (ultimate configuration)
This is a superset of [Advanced Configuration](<../VLESS-TCP-TLS-WS%20(recommended)>), using the powerful fallback and shunt features of VLESS, it realizes as many protocols and configurations as possible on port 443. Perfect coexistence, including [XTLS Direct Mode](https://github.com/rprx/v2fly-github-io/blob/master/docs/config/protocols/vless.md#xtls-%E9%BB%91%E7 %A7%91%E6%8A%80)
The client can connect to the server through the following methods at the same time, and WS can pass through the CDN
1. VLESS over TCP with XTLS, several times the performance, the preferred method
2. VLESS over TCP with TLS
3. VLESS over WS with TLS
4. VMess over TCP with TLS, not recommended
5. VMess over WS with TLS
6. Trojan over TCP with TLS
---
Here it is set to fall back to the Trojan protocol of Xray by default, and then continue to fall back to the web server on port 80 (it can also be replaced with a database, FTP, etc.)
You can also configure fallback to Caddy's forwardproxy and other proxies that are also anti-detection, and shunt to any proxy that supports WebSocket, no problem

2
VLESS-TCP-XTLS-WHATEVER/README.md
View File

@ -1,7 +1,5 @@
# VLESS over TCP with XTLS + 回落 & 分流 to WHATEVER终极配置 # VLESS over TCP with XTLS + 回落 & 分流 to WHATEVER终极配置
[ENGLISH](README.ENG.md)
这里是 [进阶配置](<../VLESS-TCP-TLS-WS%20(recommended)>) 的超集,利用 VLESS 强大的回落分流特性,实现了 443 端口尽可能多的协议、配置的完美共存,包括 [XTLS Direct Mode](https://github.com/rprx/v2fly-github-io/blob/master/docs/config/protocols/vless.md#xtls-%E9%BB%91%E7%A7%91%E6%8A%80) 这里是 [进阶配置](<../VLESS-TCP-TLS-WS%20(recommended)>) 的超集,利用 VLESS 强大的回落分流特性,实现了 443 端口尽可能多的协议、配置的完美共存,包括 [XTLS Direct Mode](https://github.com/rprx/v2fly-github-io/blob/master/docs/config/protocols/vless.md#xtls-%E9%BB%91%E7%A7%91%E6%8A%80)
客户端可以同时通过下列方式连接到服务器,其中 WS 都可以通过 CDN 客户端可以同时通过下列方式连接到服务器,其中 WS 都可以通过 CDN

36
VLESS-TCP-XTLS-WHATEVER/config_server.json
View File

@ -9,7 +9,7 @@
"settings": { "settings": {
"clients": [ "clients": [
{ {
"id": "", // fill in your UUID "id": "", // UUID
"flow": "xtls-rprx-direct", "flow": "xtls-rprx-direct",
"level": 0, "level": 0,
"email": "love@example.com" "email": "love@example.com"
@ -18,21 +18,21 @@
"decryption": "none", "decryption": "none",
"fallbacks": [ "fallbacks": [
{ {
"dest": 1310, // Fall back to Xray's Trojan protocol by default "dest": 1310, // Xray Trojan
"xver": 1 "xver": 1
}, },
{ {
"path": "/websocket", // Must be replaced with a custom PATH "path": "/websocket", // PATH
"dest": 1234, "dest": 1234,
"xver": 1 "xver": 1
}, },
{ {
"path": "/vmesstcp", // Must be replaced with a custom PATH "path": "/vmesstcp", // PATH
"dest": 2345, "dest": 2345,
"xver": 1 "xver": 1
}, },
{ {
"path": "/vmessws", // Must be replaced with a custom PATH "path": "/vmessws", // PATH
"dest": 3456, "dest": 3456,
"xver": 1 "xver": 1
} }
@ -47,8 +47,8 @@
], ],
"certificates": [ "certificates": [
{ {
"certificateFile": "/path/to/fullchain.crt", // Replace with your certificate, absolute path "certificateFile": "/path/to/fullchain.crt", //
"keyFile": "/path/to/private.key" // Replace it with your private key, absolute path "keyFile": "/path/to/private.key" //
} }
] ]
} }
@ -61,14 +61,14 @@
"settings": { "settings": {
"clients": [ "clients": [
{ {
"password": "", // fill in your password "password": "", //
"level": 0, "level": 0,
"email": "love@example.com" "email": "love@example.com"
} }
], ],
"fallbacks": [ "fallbacks": [
{ {
"dest": 80 // or fall back to other proxies that are also probing-proof "dest": 80 //
} }
] ]
}, },
@ -87,7 +87,7 @@
"settings": { "settings": {
"clients": [ "clients": [
{ {
"id": "", // fill in your UUID "id": "", // UUID
"level": 0, "level": 0,
"email": "love@example.com" "email": "love@example.com"
} }
@ -98,8 +98,8 @@
"network": "ws", "network": "ws",
"security": "none", "security": "none",
"wsSettings": { "wsSettings": {
"acceptProxyProtocol": true, // Reminder: If you use Nginx/Caddy to reverse generation WS, you need to delete this line "acceptProxyProtocol": true, // Nginx/Caddy WS
"path": "/websocket" // It must be replaced with a custom PATH, which needs to be consistent with the shunt "path": "/websocket" // PATH
} }
} }
}, },
@ -110,7 +110,7 @@
"settings": { "settings": {
"clients": [ "clients": [
{ {
"id": "", // fill in your UUID "id": "", // UUID
"level": 0, "level": 0,
"email": "love@example.com" "email": "love@example.com"
} }
@ -125,7 +125,7 @@
"type": "http", "type": "http",
"request": { "request": {
"path": [ "path": [
"/vmesstcp" // It must be replaced with a custom PATH, which needs to be consistent with the shunt "/vmesstcp" // PATH
] ]
} }
} }
@ -139,7 +139,7 @@
"settings": { "settings": {
"clients": [ "clients": [
{ {
"id": "", // fill in your UUID "id": "", // UUID
"level": 0, "level": 0,
"email": "love@example.com" "email": "love@example.com"
} }
@ -149,8 +149,8 @@
"network": "ws", "network": "ws",
"security": "none", "security": "none",
"wsSettings": { "wsSettings": {
"acceptProxyProtocol": true, // Reminder: If you use Nginx/Caddy to reverse generation WS, you need to delete this line "acceptProxyProtocol": true, // Nginx/Caddy WS
"path": "/vmessws" // It must be replaced with a custom PATH, which needs to be consistent with the shunt "path": "/vmessws" // PATH
} }
} }
} }
@ -160,4 +160,4 @@
"protocol": "freedom" "protocol": "freedom"
} }
] ]
} }