github
/
Xray-docs-next
mirror of https://github.com/XTLS/Xray-docs-next
1
0
Fork 0
Code Issues Releases Wiki Activity

Update tproxy_ipv4_and_ipv6.md (#324) 

* Update tproxy_ipv4_and_ipv6.md

* Update tproxy_ipv4_and_ipv6.md

* Update tproxy_ipv4_and_ipv6.md
pull/326/head
SQLimit 2023-02-05 01:06:28 +08:00 committed by GitHub
parent 4c46b5774a
commit 385cd7c63e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 52 additions and 185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

237
docs/document/level-2/tproxy_ipv4_and_ipv6.md
View File

@ -29,17 +29,6 @@ title: TProxy 透明代理 (ipv4 and ipv6)
### 客户端配置
客户端配置可选则使用 fakedns也可以选择不使用 fakedns 配置,二选一
::: tip 透明代理中的 fakedns
在旁路由的透明代理中,使用`routeOnly` 配合 `domainSrategy``AsIs` 时,可最大程度降低访问延迟,详见文档[入站代理](https://xtls.github.io/config/inbound.html#sniffingobject)
:::
<Tabs title="客户端配置">
<Tab title="客户端使用 routeOnly">
```json
{
"log": {
@ -56,8 +45,7 @@ title: TProxy 透明代理 (ipv4 and ipv6)
},
"sniffing": {
"enabled": true,
"destOverride": ["http", "tls"],
"routeOnly": true
"destOverride": ["http", "tls", "quic"]
},
"streamSettings": {
"sockopt": {
@ -65,6 +53,18 @@ title: TProxy 透明代理 (ipv4 and ipv6)
"mark": 255
}
}
},
{
"port": 10808,
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": ["http", "tls", "quic"]
},
"settings": {
"auth": "noauth",
"udp": true
}
}
],
"outbounds": [
@ -97,131 +97,7 @@ title: TProxy 透明代理 (ipv4 and ipv6)
//注意使用 xtls-rprx-vision 流控此处需为 tlsSettings
"allowInsecure": false,
"serverName": "yourdomain.domain", //改为你自己的域名
"fingerprint": "chrome" //模拟TLS Client Hello指纹可选 chrome, firefox, safari, randomized, 具体参考 https://xtls.github.io/config/transport.html#tlsobject
}
}
},
{
"tag": "direct",
"protocol": "freedom",
"streamSettings": {
"sockopt": {
"mark": 255
}
}
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {
"response": {
"type": "http"
}
}
}
],
"routing": {
"domainMatcher": "mph",
"domainStrategy": "AsIs",
"rules": [
{
"type": "field",
"inboundTag": ["all-in"],
"port": 123,
"network": "udp",
"outboundTag": "direct"
},
{
"type": "field",
"domain": ["geosite:cn"],
"outboundTag": "direct"
},
{
"type": "field",
"domain": ["geosite:geolocation-!cn"],
"outboundTag": "proxy"
},
{
"type": "field",
"domain": ["geosite:category-ads-all"],
"outboundTag": "block"
},
{
"type": "field",
"protocol": ["bittorrent"],
"outboundTag": "direct"
},
{
"type": "field",
"ip": ["geoip:private"],
"outboundTag": "direct"
}
]
}
}
```
</Tab>
<Tab title="客户端不使用 routeOnly">
```json
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"tag": "all-in",
"port": 12345,
"protocol": "dokodemo-door",
"settings": {
"network": "tcp,udp",
"followRedirect": true
},
"sniffing": {
"enabled": true,
"destOverride": ["http", "tls"]
},
"streamSettings": {
"sockopt": {
"tproxy": "tproxy",
"mark": 255
}
}
}
],
"outbounds": [
{
//此为默认outbound路由(routing)模块若未匹配到任何规则,则默认走此 proxy 出口,如果你希望直连国内优先请将下面 direct 出口放到 outbound 第一,看不懂可忽略
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "yourdomain.domain", //改为你自己的域名直接填写ipv4或ipv6地址也可以
"port": 443,
"users": [
{
"id": "uuid", //填写uuid可通过在终端中输入 xray uuid 生成此处也支持任意字符串https://xtls.github.io/config/inbounds/vless.html#clientobject
"encryption": "none",
"flow": "xtls-rprx-vision"
}
]
}
]
},
"streamSettings": {
"sockopt": {
"mark": 255
},
"network": "tcp",
"security": "tls", //注意使用 xtls-rprx-vision 流控此处需为 tls
"tlsSettings": {
//注意使用 xtls-rprx-vision 流控此处需为 tlsSettings
"allowInsecure": false,
"serverName": "yourdomain.domain", //改为你自己的域名
"fingerprint": "chrome" //模拟TLS Client Hello指纹可选 chrome, firefox, safari, randomized, 具体参考 https://xtls.github.io/config/transport.html#tlsobject
"fingerprint": "chrome" //此设置建议先看下Release, https://github.com/XTLS/Xray-core/releases/tag/v1.7.3
}
}
},
@ -257,47 +133,31 @@ title: TProxy 透明代理 (ipv4 and ipv6)
}
],
"dns": {
"hosts": {
"domain:googleapis.cn": "googleapis.com",
"dns.google": "8.8.8.8",
"你的VPS域名": "你的VSP IP" //如果 outbound 的 proxy 里 address 填的域名希望代理走ipv4这里 VPS IP 填VPS的ipv4, 希望代理走ipv6这里VPS IP 填VPS的ipv6outbound 的 proxy 里 address 填的 IP这行不用写。
},
"servers": [
"https://1.1.1.1/dns-query",
{
"address": "223.5.5.5",
"port": 53,
"domains": [
"geosite:cn",
"ntp.org",
"yourdomain.domain" //改为你自己的域名
]
"address": "119.29.29.29",
"domains": ["geosite:cn"],
"expectIPs": ["geoip:cn"]
},
{
"address": "114.114.114.114",
"port": 53,
"domains": [
"geosite:cn",
"ntp.org",
"yourdomain.domain" //改为你自己的域名
]
},
{
"address": "8.8.8.8",
"port": 53,
"domains": ["geosite:geolocation-!cn"]
},
{
"address": "1.1.1.1",
"port": 53,
"domains": ["geosite:geolocation-!cn"]
}
"https://dns.google/dns-query",
"223.5.5.5",
"localhost"
]
},
"routing": {
"domainMatcher": "mph",
"domainStrategy": "IPIfNotMatch",
"domainStrategy": "IPIfNonMatch",
"rules": [
{
"type": "field",
"inboundTag": ["all-in"],
"port": 53,
"network": "udp",
"outboundTag": "dns-out"
"domain": ["geosite:category-ads-all"],
"outboundTag": "block"
},
{
"type": "field",
@ -308,19 +168,16 @@ title: TProxy 透明代理 (ipv4 and ipv6)
},
{
"type": "field",
"ip": ["223.5.5.5", "114.114.114.114"],
"inboundTag": ["all-in"],
"port": 53,
"network": "udp",
"outboundTag": "dns-out"
},
{
"type": "field",
"ip": ["119.29.29.29", "223.5.5.5"],
"outboundTag": "direct"
},
{
"type": "field",
"ip": ["8.8.8.8", "1.1.1.1"],
"outboundTag": "proxy"
},
{
"type": "field",
"domain": ["geosite:category-ads-all"],
"outboundTag": "block"
},
{
"type": "field",
"protocol": ["bittorrent"],
@ -335,16 +192,26 @@ title: TProxy 透明代理 (ipv4 and ipv6)
"type": "field",
"domain": ["geosite:cn"],
"outboundTag": "direct"
},
{
"type": "field",
"ip": ["1.1.1.1", "8.8.8.8"],
"outboundTag": "proxy"
},
{
"type": "field",
"domain": [
"geosite:geolocation-!cn",
"domain:googleapis.cn",
"dns.google"
],
"outboundTag": "proxy"
}
]
}
}
```
</Tab>
</Tabs>
### 服务端配置
```json
@ -377,7 +244,7 @@ title: TProxy 透明代理 (ipv4 and ipv6)
"decryption": "none",
"fallbacks": [
{
"dest": 8080 //回落
"dest": 8080 //回落,需要 web 配合,参见白话文,不设置也行
}
]
},