From f6cca0809979d560a949da348dcffd468f156986 Mon Sep 17 00:00:00 2001 From: hmol233 <82594500+hmol233@users.noreply.github.com> Date: Fri, 16 Jul 2021 00:29:22 +0800 Subject: [PATCH] Fix json format close https://github.com/XTLS/Xray-docs-next/pull/83 Thanks: @Johnshall --- docs/document/level-0/ch07-xray-server.md | 118 ++++---- docs/document/level-0/ch08-xray-clients.md | 148 +++++----- docs/document/level-1/fallbacks-lv1.md | 286 +++++++++---------- docs/document/level-1/fallbacks-with-sni.md | 152 +++++----- docs/document/level-1/routing-lv1-part1.md | 176 ++++++------ docs/document/level-1/routing-lv1-part2.md | 297 +++++++++----------- 6 files changed, 581 insertions(+), 596 deletions(-) diff --git a/docs/document/level-0/ch07-xray-server.md b/docs/document/level-0/ch07-xray-server.md index f0138e8..5f8d2f8 100644 --- a/docs/document/level-0/ch07-xray-server.md +++ b/docs/document/level-0/ch07-xray-server.md @@ -201,7 +201,7 @@ 4. 将下面的文件全部复制进去,并将之前生成的`UUID`填入第 61 行 `"id": "",` 之中。(填好之后的样子是 `"id": "uuiduuid-uuid-uuid-uuid-uuiduuiduuid"` ),本文的这个配置文件中增加了我的各种啰嗦注解,以方便你理解每一个配置模块的功能是什么。 - ```json5 + ```json // REFERENCE: // https://github.com/XTLS/Xray-examples // https://xtls.github.io/config/ @@ -213,92 +213,92 @@ // └─ 5_outbounds 出站设置 - 流出 Xray 的流量往哪里去 { // 1\_日志设置 - log: { - loglevel: "warning", // 内容从少到多: "none", "error", "warning", "info", "debug" - access: "/home/vpsadmin/xray_log/access.log", // 访问记录 - error: "/home/vpsadmin/xray_log/error.log", // 错误记录 + "log": { + "loglevel": "warning", // 内容从少到多: "none", "error", "warning", "info", "debug" + "access": "/home/vpsadmin/xray_log/access.log", // 访问记录 + "error": "/home/vpsadmin/xray_log/error.log" // 错误记录 }, // 2_DNS 设置 - dns: { - servers: [ + "dns": { + "servers": [ "https+local://1.1.1.1/dns-query", // 首选 1.1.1.1 的 DoH 查询,牺牲速度但可防止 ISP 偷窥 - "localhost", - ], + "localhost" + ] }, // 3*分流设置 - routing: { - domainStrategy: "AsIs", - rules: [ + "routing": { + "domainStrategy": "AsIs", + "rules": [ // 3.1 防止服务器本地流转问题:如内网被攻击或滥用、错误的本地回环等 { - type: "field", - ip: [ - "geoip:private", // 分流条件:geoip 文件内,名为"private"的规则(本地) + "type": "field", + "ip": [ + "geoip:private" // 分流条件:geoip 文件内,名为"private"的规则(本地) ], - outboundTag: "block", // 分流策略:交给出站"block"处理(黑洞屏蔽) + "outboundTag": "block" // 分流策略:交给出站"block"处理(黑洞屏蔽) }, // 3.2 屏蔽广告 { - type: "field", - domain: [ - "geosite:category-ads-all", // 分流条件:geosite 文件内,名为"category-ads-all"的规则(各种广告域名) + "type": "field", + "domain": [ + "geosite:category-ads-all" // 分流条件:geosite 文件内,名为"category-ads-all"的规则(各种广告域名) ], - outboundTag: "block", // 分流策略:交给出站"block"处理(黑洞屏蔽) - }, - ], + "outboundTag": "block" // 分流策略:交给出站"block"处理(黑洞屏蔽) + } + ] }, // 4*入站设置 // 4.1 这里只写了一个最简单的 vless+xtls 的入站,因为这是 Xray 最强大的模式。如有其他需要,请根据模版自行添加。 - inbounds: [ + "inbounds": [ { - port: 443, - protocol: "vless", - settings: { - clients: [ + "port": 443, + "protocol": "vless", + "settings": { + "clients": [ { - id: "", // 填写你的 UUID - flow: "xtls-rprx-direct", - level: 0, - email: "vpsadmin@yourdomain.com", - }, + "id": "", // 填写你的 UUID + "flow": "xtls-rprx-direct", + "level": 0, + "email": "vpsadmin@yourdomain.com" + } ], - decryption: "none", - fallbacks: [ + "decryption": "none", + "fallbacks": [ { - dest: 80, // 默认回落到防探测的代理 - }, - ], + "dest": 80 // 默认回落到防探测的代理 + } + ] }, - streamSettings: { - network: "tcp", - security: "xtls", - xtlsSettings: { - allowInsecure: false, // 正常使用应确保关闭 - minVersion: "1.2", // TLS 最低版本设置 - alpn: ["http/1.1"], - certificates: [ + "streamSettings": { + "network": "tcp", + "security": "xtls", + "xtlsSettings": { + "allowInsecure": false, // 正常使用应确保关闭 + "minVersion": "1.2", // TLS 最低版本设置 + "alpn": ["http/1.1"], + "certificates": [ { - certificateFile: "/home/vpsadmin/xray_cert/xray.crt", - keyFile: "/home/vpsadmin/xray_cert/xray.key", - }, - ], - }, - }, - }, + "certificateFile": "/home/vpsadmin/xray_cert/xray.crt", + "keyFile": "/home/vpsadmin/xray_cert/xray.key" + } + ] + } + } + } ], // 5*出站设置 - outbounds: [ + "outbounds": [ // 5.1 第一个出站是默认规则,freedom 就是对外直连(vps 已经是外网,所以直连) { - tag: "direct", - protocol: "freedom", + "tag": "direct", + "protocol": "freedom" }, // 5.2 屏蔽规则,blackhole 协议就是把流量导入到黑洞里(屏蔽) { - tag: "block", - protocol: "blackhole", - }, - ], + "tag": "block", + "protocol": "blackhole" + } + ] } ``` diff --git a/docs/document/level-0/ch08-xray-clients.md b/docs/document/level-0/ch08-xray-clients.md index d6b862a..b8a8899 100644 --- a/docs/document/level-0/ch08-xray-clients.md +++ b/docs/document/level-0/ch08-xray-clients.md @@ -99,7 +99,7 @@ - 请将 `serverName` 替换成你的真实域名 - 各个配置模块的说明我都已经(很啰嗦的)放在对应的配置点上了 - ```json5 + ```json // REFERENCE: // https://github.com/XTLS/Xray-examples // https://xtls.github.io/config/ @@ -114,135 +114,135 @@ { // 1_日志设置 // 注意,本例中我默认注释掉了日志文件,因为windows, macOS, Linux 需要写不同的路径,请自行配置 - log: { + "log": { // "access": "/home/local/xray_log/access.log", // 访问记录 // "error": "/home/local/xray_log/error.log", // 错误记录 - loglevel: "warning", // 内容从少到多: "none", "error", "warning", "info", "debug" + "loglevel": "warning" // 内容从少到多: "none", "error", "warning", "info", "debug" }, // 2_DNS设置 - dns: { - servers: [ + "dns": { + "servers": [ // 2.1 国外域名使用国外DNS查询 { - address: "1.1.1.1", - domains: ["geosite:geolocation-!cn"], + "address": "1.1.1.1", + "domains": ["geosite:geolocation-!cn"] }, // 2.2 国内域名使用国内DNS查询,并期待返回国内的IP,若不是国内IP则舍弃,用下一个查询 { - address: "223.5.5.5", - domains: ["geosite:cn"], - expectIPs: ["geoip:cn"], + "address": "223.5.5.5", + "domains": ["geosite:cn"], + "expectIPs": ["geoip:cn"] }, // 2.3 作为2.2的备份,对国内网站进行二次查询 { - address: "114.114.114.114", - domains: ["geosite:cn"], + "address": "114.114.114.114", + "domains": ["geosite:cn"] }, // 2.4 最后的备份,上面全部失败时,用本机DNS查询 - "localhost", - ], + "localhost" + ] }, // 3_分流设置 // 所谓分流,就是将符合否个条件的流量,用指定`tag`的出站协议去处理(对应配置的5.x内容) - routing: { - domainStrategy: "AsIs", - rules: [ + "routing": { + "domainStrategy": "AsIs", + "rules": [ // 3.1 广告域名屏蔽 { - type: "field", - domain: ["geosite:category-ads-all"], - outboundTag: "block", + "type": "field", + "domain": ["geosite:category-ads-all"], + "outboundTag": "block" }, // 3.2 国内域名直连 { - type: "field", - domain: ["geosite:cn"], - outboundTag: "direct", + "type": "field", + "domain": ["geosite:cn"], + "outboundTag": "direct" }, // 3.3 国内IP直连 { - type: "field", - ip: ["geoip:cn", "geoip:private"], - outboundTag: "direct", + "type": "field", + "ip": ["geoip:cn", "geoip:private"], + "outboundTag": "direct" }, // 3.4 国外域名代理 { - type: "field", - domain: ["geosite:geolocation-!cn"], - outboundTag: "proxy", - }, + "type": "field", + "domain": ["geosite:geolocation-!cn"], + "outboundTag": "proxy" + } // 3.5 默认规则 // 在Xray中,任何不符合上述路由规则的流量,都会默认使用【第一个outbound(5.1)】的设置,所以一定要把转发VPS的outbound放第一个 - ], + ] }, // 4_入站设置 - inbounds: [ + "inbounds": [ // 4.1 一般都默认使用socks5协议作本地转发 { - tag: "socks-in", - protocol: "socks", - listen: "127.0.0.1", // 这个是通过socks5协议做本地转发的地址 - port: 10800, // 这个是通过socks5协议做本地转发的端口 - settings: { - udp: true, - }, + "tag": "socks-in", + "protocol": "socks", + "listen": "127.0.0.1", // 这个是通过socks5协议做本地转发的地址 + "port": 10800, // 这个是通过socks5协议做本地转发的端口 + "settings": { + "udp": true + } }, // 4.2 有少数APP不兼容socks协议,需要用http协议做转发,则可以用下面的端口 { - tag: "http-in", - protocol: "http", - listen: "127.0.0.1", // 这个是通过http协议做本地转发的地址 - port: 10801, // 这个是通过http协议做本地转发的端口 - }, + "tag": "http-in", + "protocol": "http", + "listen": "127.0.0.1", // 这个是通过http协议做本地转发的地址 + "port": 10801 // 这个是通过http协议做本地转发的端口 + } ], // 5_出站设置 - outbounds: [ + "outbounds": [ // 5.1 默认转发VPS // 一定放在第一个,在routing 3.5 里面已经说明了,这等于是默认规则,所有不符合任何规则的流量都走这个 { - tag: "proxy", - protocol: "vless", - settings: { - vnext: [ + "tag": "proxy", + "protocol": "vless", + "settings": { + "vnext": [ { - address: "a-name.yourdomain.com", // 替换成你的真实域名 - port: 443, - users: [ + "address": "a-name.yourdomain.com", // 替换成你的真实域名 + "port": 443, + "users": [ { - id: "uuiduuid-uuid-uuid-uuid-uuiduuiduuid", // 和服务器端的一致 - flow: "xtls-rprx-direct", // Windows, macOS 同学保持这个不变 + "id": "uuiduuid-uuid-uuid-uuid-uuiduuiduuid", // 和服务器端的一致 + "flow": "xtls-rprx-direct", // Windows, macOS 同学保持这个不变 // "flow": "xtls-rprx-splice", // Linux和安卓同学请改成Splice性能更强 - encryption: "none", - level: 0, - }, - ], - }, - ], - }, - streamSettings: { - network: "tcp", - security: "xtls", - xtlsSettings: { - serverName: "a-name.yourdomain.com", // 替换成你的真实域名 - allowInsecure: false, // 禁止不安全证书 - }, + "encryption": "none", + "level": 0 + } + ] + } + ] }, + "streamSettings": { + "network": "tcp", + "security": "xtls", + "xtlsSettings": { + "serverName": "a-name.yourdomain.com", // 替换成你的真实域名 + "allowInsecure": false // 禁止不安全证书 + } + } }, // 5.2 用`freedom`协议直连出站,即当routing中指定'direct'流出时,调用这个协议做处理 { - tag: "direct", - protocol: "freedom", + "tag": "direct", + "protocol": "freedom" }, // 5.3 用`blackhole`协议屏蔽流量,即当routing中指定'block'时,调用这个协议做处理 { - tag: "block", - protocol: "blackhole", - }, - ], + "tag": "block", + "protocol": "blackhole" + } + ] } ``` diff --git a/docs/document/level-1/fallbacks-lv1.md b/docs/document/level-1/fallbacks-lv1.md index 7f4cda5..e7298be 100644 --- a/docs/document/level-1/fallbacks-lv1.md +++ b/docs/document/level-1/fallbacks-lv1.md @@ -6,27 +6,29 @@ 如果你用了《小小白白话文》中的[Xray 配置](../level-0/ch07-xray-server.md#_7-4-配置xray),并完成了[HTTP 自动跳转 HTTPS 优化](../level-0/ch07-xray-server.md#_7-8-服务器优化之二-开启http自动跳转https),那么你已经有了基于 `VLESS` 协议的简易回落: -```json5 -"inbounds": [ +```json +{ + "inbounds": [ { - "port": 443, - "protocol": "vless", - "settings": { - "clients": [ - ... - ], - "decryption": "none", - "fallbacks": [ - { - "dest": 8080 // 默认回落到防探测的代理 - } - ] - }, - "streamSettings": { - ... - } + "port": 443, + "protocol": "vless", + "settings": { + "clients": [ + // ... ... + ], + "decryption": "none", + "fallbacks": [ + { + "dest": 8080 // 默认回落到防探测的代理 + } + ] + }, + "streamSettings": { + // ... ... + } } -] + ] +} ``` 这一段配置用人话要怎么解释呢? @@ -133,55 +135,55 @@ ### 5.1 首先,我将服务器端配置的 443 监听段摘抄如下: -```json5 +```json { - port: 443, - protocol: "vless", - settings: { - clients: [ + "port": 443, + "protocol": "vless", + "settings": { + "clients": [ { - id: "", // 填写你的 UUID - flow: "xtls-rprx-direct", - level: 0, - email: "love@example.com", - }, + "id": "", // 填写你的 UUID + "flow": "xtls-rprx-direct", + "level": 0, + "email": "love@example.com" + } ], - decryption: "none", - fallbacks: [ + "decryption": "none", + "fallbacks": [ { - dest: 1310, // 默认回落到 Xray 的 Trojan 协议 - xver: 1, + "dest": 1310, // 默认回落到 Xray 的 Trojan 协议 + "xver": 1 }, { - path: "/websocket", // 必须换成自定义的 PATH - dest: 1234, - xver: 1, + "path": "/websocket", // 必须换成自定义的 PATH + "dest": 1234, + "xver": 1 }, { - path: "/vmesstcp", // 必须换成自定义的 PATH - dest: 2345, - xver: 1, + "path": "/vmesstcp", // 必须换成自定义的 PATH + "dest": 2345, + "xver": 1 }, { - path: "/vmessws", // 必须换成自定义的 PATH - dest: 3456, - xver: 1, - }, - ], + "path": "/vmessws", // 必须换成自定义的 PATH + "dest": 3456, + "xver": 1 + } + ] }, - streamSettings: { - network: "tcp", - security: "xtls", - xtlsSettings: { - alpn: ["http/1.1"], - certificates: [ + "streamSettings": { + "network": "tcp", + "security": "xtls", + "xtlsSettings": { + "alpn": ["http/1.1"], + "certificates": [ { - certificateFile: "/path/to/fullchain.crt", // 换成你的证书,绝对路径 - keyFile: "/path/to/private.key", // 换成你的私钥,绝对路径 - }, - ], - }, - }, + "certificateFile": "/path/to/fullchain.crt", // 换成你的证书,绝对路径 + "keyFile": "/path/to/private.key" // 换成你的私钥,绝对路径 + } + ] + } + } } ``` @@ -228,32 +230,32 @@ 1. 后续处理回落至 `1310` 端口的流量,按照下面的配置验证、处理: - ```json5 + ```json { - port: 1310, - listen: "127.0.0.1", - protocol: "trojan", - settings: { - clients: [ + "port": 1310, + "listen": "127.0.0.1", + "protocol": "trojan", + "settings": { + "clients": [ { - password: "", // 填写你的密码 - level: 0, - email: "love@example.com", - }, + "password": "", // 填写你的密码 + "level": 0, + "email": "love@example.com" + } ], - fallbacks: [ + "fallbacks": [ { - dest: 80, // 或者回落到其它也防探测的代理 - }, - ], - }, - streamSettings: { - network: "tcp", - security: "none", - tcpSettings: { - acceptProxyProtocol: true, - }, + "dest": 80 // 或者回落到其它也防探测的代理 + } + ] }, + "streamSettings": { + "network": "tcp", + "security": "none", + "tcpSettings": { + "acceptProxyProtocol": true + } + } } ``` @@ -264,94 +266,94 @@ 2. 后续处理回落至 `1234` 端口的流量,仔细看!它其实是 `vless+ws`: - ```json5 + ```json { - port: 1234, - listen: "127.0.0.1", - protocol: "vless", - settings: { - clients: [ + "port": 1234, + "listen": "127.0.0.1", + "protocol": "vless", + "settings": { + "clients": [ { - id: "", // 填写你的 UUID - level: 0, - email: "love@example.com", - }, + "id": "", // 填写你的 UUID + "level": 0, + "email": "love@example.com" + } ], - decryption: "none", - }, - streamSettings: { - network: "ws", - security: "none", - wsSettings: { - acceptProxyProtocol: true, // 提醒:若你用 Nginx/Caddy 等反代 WS,需要删掉这行 - path: "/websocket", // 必须换成自定义的 PATH,需要和分流的一致 - }, + "decryption": "none" }, + "streamSettings": { + "network": "ws", + "security": "none", + "wsSettings": { + "acceptProxyProtocol": true, // 提醒:若你用 Nginx/Caddy 等反代 WS,需要删掉这行 + "path": "/websocket" // 必须换成自定义的 PATH,需要和分流的一致 + } + } } ``` 3. 后续处理回落至 `2345` 端口的流量,仔细看!它其实是 `vmess直连`: - ```json5 + ```json { - port: 2345, - listen: "127.0.0.1", - protocol: "vmess", - settings: { - clients: [ + "port": 2345, + "listen": "127.0.0.1", + "protocol": "vmess", + "settings": { + "clients": [ { - id: "", // 填写你的 UUID - level: 0, - email: "love@example.com", - }, - ], - }, - streamSettings: { - network: "tcp", - security: "none", - tcpSettings: { - acceptProxyProtocol: true, - header: { - type: "http", - request: { - path: [ - "/vmesstcp", // 必须换成自定义的 PATH,需要和分流的一致 - ], - }, - }, - }, + "id": "", // 填写你的 UUID + "level": 0, + "email": "love@example.com" + } + ] }, + "streamSettings": { + "network": "tcp", + "security": "none", + "tcpSettings": { + "acceptProxyProtocol": true, + "header": { + "type": "http", + "request": { + "path": [ + "/vmesstcp" // 必须换成自定义的 PATH,需要和分流的一致 + ] + } + } + } + } } ``` 4. 后续处理回落至 `3456` 端口的流量,再仔细看!它其实是是 `vmess+ws(+cdn)`。 ::: warning 说明 - 你没看错,这就是 v2fly 曾经的推荐组合之一,并可完整支持 `CDN`。现已加入完美回落套餐哦! + 你没看错,这就是 v2fly 曾经推荐的组合之一,并可完整支持 `CDN`。现已加入完美回落套餐哦! ::: - ```json5 + ```json { - port: 3456, - listen: "127.0.0.1", - protocol: "vmess", - settings: { - clients: [ + "port": 3456, + "listen": "127.0.0.1", + "protocol": "vmess", + "settings": { + "clients": [ { - id: "", // 填写你的 UUID - level: 0, - email: "love@example.com", - }, - ], - }, - streamSettings: { - network: "ws", - security: "none", - wsSettings: { - acceptProxyProtocol: true, // 提醒:若你用 Nginx/Caddy 等反代 WS,需要删掉这行 - path: "/vmessws", // 必须换成自定义的 PATH,需要和分流的一致 - }, + "id": "", // 填写你的 UUID + "level": 0, + "email": "love@example.com" + } + ] }, + "streamSettings": { + "network": "ws", + "security": "none", + "wsSettings": { + "acceptProxyProtocol": true, // 提醒:若你用 Nginx/Caddy 等反代 WS,需要删掉这行 + "path": "/vmessws" // 必须换成自定义的 PATH,需要和分流的一致 + } + } } ``` diff --git a/docs/document/level-1/fallbacks-with-sni.md b/docs/document/level-1/fallbacks-with-sni.md index 1e8866b..30d4cc8 100644 --- a/docs/document/level-1/fallbacks-with-sni.md +++ b/docs/document/level-1/fallbacks-with-sni.md @@ -74,91 +74,91 @@ acme.sh --install-cert -d example.com --fullchain-file /etc/ssl/xray/cert.pem -- ## Xray 配置 -```json5 +```json { - log: { - loglevel: "warning", + "log": { + "loglevel": "warning" }, - inbounds: [ + "inbounds": [ { - port: 443, - protocol: "vless", - settings: { - clients: [ + "port": 443, + "protocol": "vless", + "settings": { + "clients": [ { - id: "UUID", - flow: "xtls-rprx-direct", - }, + "id": "UUID", + "flow": "xtls-rprx-direct" + } ], - decryption: "none", - fallbacks: [ + "decryption": "none", + "fallbacks": [ { - name: "example.com", - path: "/vmessws", - dest: 5000, - xver: 1, + "name": "example.com", + "path": "/vmessws", + "dest": 5000, + "xver": 1 }, { - dest: 5001, - xver: 1, + "dest": 5001, + "xver": 1 }, { - alpn: "h2", - dest: 5002, - xver: 1, + "alpn": "h2", + "dest": 5002, + "xver": 1 }, { - name: "blog.example.com", - dest: 5003, - xver: 1, + "name": "blog.example.com", + "dest": 5003, + "xver": 1 }, { - name: "blog.example.com", - alpn: "h2", - dest: 5004, - xver: 1, - }, - ], + "name": "blog.example.com", + "alpn": "h2", + "dest": 5004, + "xver": 1 + } + ] }, - streamSettings: { - network: "tcp", - security: "xtls", - xtlsSettings: { - alpn: ["h2", "http/1.1"], - certificates: [ + "streamSettings": { + "network": "tcp", + "security": "xtls", + "xtlsSettings": { + "alpn": ["h2", "http/1.1"], + "certificates": [ { - certificateFile: "/etc/ssl/xray/cert.pem", - keyFile: "/etc/ssl/xray/privkey.key", - }, - ], - }, - }, + "certificateFile": "/etc/ssl/xray/cert.pem", + "keyFile": "/etc/ssl/xray/privkey.key" + } + ] + } + } }, { - listen: "127.0.0.1", - port: 5000, - protocol: "vmess", - settings: { - clients: [ + "listen": "127.0.0.1", + "port": 5000, + "protocol": "vmess", + "settings": { + "clients": [ { - id: "UUID", - }, - ], + "id": "UUID" + } + ] }, - streamSettings: { - network: "ws", - wsSettings: { - acceptProxyProtocol: true, - path: "/vmessws", - }, - }, - }, + "streamSettings": { + "network": "ws", + "wsSettings": { + "acceptProxyProtocol": true, + "path": "/vmessws" + } + } + } ], - outbounds: [ + "outbounds": [ { - protocol: "freedom", - }, - ], + "protocol": "freedom" + } + ] } ``` @@ -192,24 +192,26 @@ acme.sh --install-cert -d example.com --fullchain-file /etc/ssl/xray/cert.pem -- 如果使用 Caddy 就大可不必如此繁杂了,因为它**可以**在同一端口上同时监听 HTTP/1.1 和 h2c,配置改动如下: - ```json5 - "fallbacks": [ + ```json + { + "fallbacks": [ { - "name": "example.com", - "path": "/vmessws", - "dest": 5000, - "xver": 1 + "name": "example.com", + "path": "/vmessws", + "dest": 5000, + "xver": 1 }, { - "dest": 5001, - "xver": 1 + "dest": 5001, + "xver": 1 }, { - "name": "blog.example.com", - "dest": 5002, - "xver": 1 + "name": "blog.example.com", + "dest": 5002, + "xver": 1 } - ] + ] + } ``` ## Nginx 配置 diff --git a/docs/document/level-1/routing-lv1-part1.md b/docs/document/level-1/routing-lv1-part1.md index 3aa9acb..511af02 100644 --- a/docs/document/level-1/routing-lv1-part1.md +++ b/docs/document/level-1/routing-lv1-part1.md @@ -51,18 +51,20 @@ 下面的入站配置示例,用大白话说就是:数据按照 `socks` 协议,通过 `10808` 端口,从本机 `127.0.0.1` 流入`Xray`。同时,`Xray` 将这个入站用 `[tag]` 命名为 `inbound-10808`。 -```json5 -"inbounds": [ +```json +{ + "inbounds": [ { - "tag": "inbound-10808", - "protocol": "socks", - "listen": "127.0.0.1", - "port": 10808, - "settings": { - "udp": true - } + "tag": "inbound-10808", + "protocol": "socks", + "listen": "127.0.0.1", + "port": 10808, + "settings": { + "udp": true + } } -] + ] +} ``` **2.2 出站** @@ -73,36 +75,38 @@ 下面的出站配置示例,用大白话说就是:数据按照 `VLESS` 协议,以 `tcp + xtls (direct)` 的方式、及其他相关设置,把流量发送给对应的 VPS。同时,`Xray` 将这个出站用 `[tag]` 命名为 `proxy-out-vless`: -```json5 -"outbounds": [ +```json +{ + "outbounds": [ { - "tag": "proxy-out-vless", - "protocol": "vless", - "settings": { - "vnext": [ - { - "address": "a-name.yourdomain.com", - "port": 443, - "users": [ - { - "id": "uuiduuid-uuid-uuid-uuid-uuiduuiduuid", - "flow": "xtls-rprx-direct", - "encryption": "none", - "level": 0 - } - ] - } + "tag": "proxy-out-vless", + "protocol": "vless", + "settings": { + "vnext": [ + { + "address": "a-name.yourdomain.com", + "port": 443, + "users": [ + { + "id": "uuiduuid-uuid-uuid-uuid-uuiduuiduuid", + "flow": "xtls-rprx-direct", + "encryption": "none", + "level": 0 + } ] - }, - "streamSettings": { - "network": "tcp", - "security": "xtls", - "xtlsSettings": { - "serverName": "a-name.yourdomain.com" - } + } + ] + }, + "streamSettings": { + "network": "tcp", + "security": "xtls", + "xtlsSettings": { + "serverName": "a-name.yourdomain.com" } + } } -] + ] +} ``` ### 2.3 路由 @@ -113,18 +117,18 @@ 下面的路由配置示例,用大白话说就是:把所有通过 `[tag]="inbound-10808"` 入站流入 `Xray` 的流量,`100%` 全部流转导入 `[tag]="proxy-out-vless"` 的出站,没有任何分流或其他操作。 -```json5 -"routing": { +```json +{ + "routing": { "domainStrategy": "AsIs", "rules": [ - { - "type": "field", - "inboundTag": [ - "inbound-10808" - ], - "outboundTag": "proxy-out-vless" - } + { + "type": "field", + "inboundTag": ["inbound-10808"], + "outboundTag": "proxy-out-vless" + } ] + } } ``` @@ -201,21 +205,23 @@ 在上例的基础上,我们已经有了 `[proxy]` 的出站 `"proxy-out-vless"`,所以它保持不变。显而易见,我们需要加入两个新的出站方式:`[block]` 和 `[direct]`,如下: -```json5 -"outbounds": [ +```json +{ + "outbounds": [ { - "tag": "proxy-out-vless", - ...... + "tag": "proxy-out-vless" + // ... ... }, { - "tag": "block", - "protocol": "blackhole" + "tag": "block", + "protocol": "blackhole" }, { - "tag": "direct-out", - "protocol": "freedom" + "tag": "direct-out", + "protocol": "freedom" } -] + ] +} ``` 上面的配置用大白话翻译如下: @@ -228,32 +234,28 @@ 接下来就是见证奇迹的时刻了,我们可以用【路由】的配置把这些连接起来! -```json5 -"routing": { +```json +{ + "routing": { "domainStrategy": "AsIs", "rules": [ - { - "type": "field", - "domain": [ - "geosite:category-ads-all" - ], - "outboundTag": "block" - }, - { - "type": "field", - "domain": [ - "geosite:cn" - ], - "outboundTag": "direct-out" - }, - { - "type": "field", - "domain": [ - "geosite:geolocation-!cn" - ], - "outboundTag": "proxy-out-vless" - } + { + "type": "field", + "domain": ["geosite:category-ads-all"], + "outboundTag": "block" + }, + { + "type": "field", + "domain": ["geosite:cn"], + "outboundTag": "direct-out" + }, + { + "type": "field", + "domain": ["geosite:geolocation-!cn"], + "outboundTag": "proxy-out-vless" + } ] + } } ``` @@ -362,21 +364,23 @@ 是不是,非常地简单? -```json5 -"outbounds": [ +```json +{ + "outbounds": [ { - "tag": "direct-out", - "protocol": "freedom" + "tag": "direct-out", + "protocol": "freedom" }, { - "tag": "proxy-out-vless", - ...... + "tag": "proxy-out-vless" + // ... ... }, { - "tag": "block", - "protocol": "blackhole" + "tag": "block", + "protocol": "blackhole" } -] + ] +} ``` 此时,路由规则其实变成了: diff --git a/docs/document/level-1/routing-lv1-part2.md b/docs/document/level-1/routing-lv1-part2.md index e1c6ee2..27c1fc2 100644 --- a/docs/document/level-1/routing-lv1-part2.md +++ b/docs/document/level-1/routing-lv1-part2.md @@ -50,35 +50,31 @@ 上述配置如下: -```json5 -"routing": { +```json +{ + "routing": { "domainStrategy": "AsIs", "rules": [ - // 指定子域名直连 - { - "type": "field", - "domain": [ - "full:direct.yourdomain.com" - ], - "outboundTag": "direct-out" - }, - // 指定子域名转发VPS - { - "type": "field", - "domain": [ - "full:proxy.yourdomain.com" - ], - "outboundTag": "proxy-out-vless" - }, - // 指定泛域名转发VPS - { - "type": "field", - "domain": [ - "yourdomain.com" - ], - "outboundTag": "proxy-out-vless" - } + // 指定子域名直连 + { + "type": "field", + "domain": ["full:direct.yourdomain.com"], + "outboundTag": "direct-out" + }, + // 指定子域名转发VPS + { + "type": "field", + "domain": ["full:proxy.yourdomain.com"], + "outboundTag": "proxy-out-vless" + }, + // 指定泛域名转发VPS + { + "type": "field", + "domain": ["yourdomain.com"], + "outboundTag": "proxy-out-vless" + } ] + } } ``` @@ -92,27 +88,25 @@ 上述配置如下: -```json5 -"routing": { +```json +{ + "routing": { "domainStrategy": "AsIs", "rules": [ - // 本机内部地址、局域网地址直连 - { - "type": "field", - "ip": [ - "geoip:private" - ], - "outboundTag": "direct-out" - }, - // 国内IP集直连 - { - "type": "field", - "ip": [ - "geoip:cn" - ], - "outboundTag": "direct-out" - } + // 本机内部地址、局域网地址直连 + { + "type": "field", + "ip": ["geoip:private"], + "outboundTag": "direct-out" + }, + // 国内IP集直连 + { + "type": "field", + "ip": ["geoip:cn"], + "outboundTag": "direct-out" + } ] + } } ``` @@ -125,27 +119,25 @@ 上述配置如下: -```json5 -"routing": { +```json +{ + "routing": { "domainStrategy": "AsIs", "rules": [ - // 指定IP地址直连 - { - "type": "field", - "ip": [ - "223.5.5.5" - ], - "outboundTag": "direct-out" - }, - // 指定IP地址转发VPS - { - "type": "field", - "ip": [ - "1.1.1.1" - ], - "outboundTag": "proxy-out-vless" - } + // 指定IP地址直连 + { + "type": "field", + "ip": ["223.5.5.5"], + "outboundTag": "direct-out" + }, + // 指定IP地址转发VPS + { + "type": "field", + "ip": ["1.1.1.1"], + "outboundTag": "proxy-out-vless" + } ] + } } ``` @@ -157,19 +149,19 @@ 你需要打开入站代理中的 `sniffing` 才能使用此种方式分流。 ::: -```json5 -"routing": { +```json +{ + "routing": { "domainStrategy": "AsIs", "rules": [ - // 指定 BT 协议直连 - { - "type": "field", - "protocol": [ - "bittorrent" - ], - "outboundTag": "direct-out" - } + // 指定 BT 协议直连 + { + "type": "field", + "protocol": ["bittorrent"], + "outboundTag": "direct-out" + } ] + } } ``` @@ -205,69 +197,58 @@ `[1-block] --> [2-direct] --> [3-proxy] --> [4-first-outbound]` ::: -```json5 -"routing": { +```json +{ + "routing": { "domainStrategy": "AsIs", "rules": [ - // [1-block 广告流量屏蔽] - // 1.1 广告域名集屏蔽 - { - "type": "field", - "domain": [ - "geosite:category-ads-all" - ], - "outboundTag": "block" - }, - // [2-direct 国内流量直连] - // 2.1 国内域名集、指定子域名直连 - { - "type": "field", - "domain": [ - "geosite:cn", - "full:direct.yourdomain.com" - ], - "outboundTag": "direct-out" - }, - // 2.2 本机内部地址+局域网、国内IP、指定IP直连 - { - "type": "field", - "ip": [ - "geoip:private", - "geoip:cn", - "223.5.5.5" - ], - "outboundTag": "direct-out" - }, - // 2.3 BT协议流量直连 - { - "type": "field", - "protocol": [ - "bittorrent" - ], - "outboundTag": "direct-out" - }, - // [3-proxy 国外流量转发VPS] - // 3.1 国外域名集、指定子域名、指定泛域名转发VPS - { - "type": "field", - "domain": [ - "geosite:geolocation-!cn", - "full:proxy.yourdomain.com", - "yourdomain.com" - ], - "outboundTag": "proxy-out-vless" - }, - // 3.2 指定IP转发VPS - { - "type": "field", - "ip": [ - "1.1.1.1" - ], - "outboundTag": "proxy-out-vless" - } - // [4-default-routing 第一条出站] - // 没有匹配到任何规则的流量,默认使用第一条出站处理 + // [1-block 广告流量屏蔽] + // 1.1 广告域名集屏蔽 + { + "type": "field", + "domain": ["geosite:category-ads-all"], + "outboundTag": "block" + }, + // [2-direct 国内流量直连] + // 2.1 国内域名集、指定子域名直连 + { + "type": "field", + "domain": ["geosite:cn", "full:direct.yourdomain.com"], + "outboundTag": "direct-out" + }, + // 2.2 本机内部地址+局域网、国内IP、指定IP直连 + { + "type": "field", + "ip": ["geoip:private", "geoip:cn", "223.5.5.5"], + "outboundTag": "direct-out" + }, + // 2.3 BT协议流量直连 + { + "type": "field", + "protocol": ["bittorrent"], + "outboundTag": "direct-out" + }, + // [3-proxy 国外流量转发VPS] + // 3.1 国外域名集、指定子域名、指定泛域名转发VPS + { + "type": "field", + "domain": [ + "geosite:geolocation-!cn", + "full:proxy.yourdomain.com", + "yourdomain.com" + ], + "outboundTag": "proxy-out-vless" + }, + // 3.2 指定IP转发VPS + { + "type": "field", + "ip": ["1.1.1.1"], + "outboundTag": "proxy-out-vless" + } + // [4-default-routing 第一条出站] + // 没有匹配到任何规则的流量,默认使用第一条出站处理 ] + } } ``` @@ -325,21 +306,19 @@ 为了实现上面的目标,他写出了以下路由规则: -```json5 -"routing": { +```json +{ + "routing": { "domainStrategy": "AsIs", "rules": [ - { - "type": "field", - "ip": [ - "223.5.5.5" - ], - "domain": [ - "full:direct.yourdomain.com" - ], - "outboundTag": "direct-out" - } + { + "type": "field", + "ip": ["223.5.5.5"], + "domain": ["full:direct.yourdomain.com"], + "outboundTag": "direct-out" + } ] + } } ``` @@ -357,25 +336,23 @@ 正确示范,自然就是将不同的匹配依据独立出来: -```json5 -"routing": { +```json +{ + "routing": { "domainStrategy": "AsIs", "rules": [ - { - "type": "field", - "ip": [ - "223.5.5.5" - ], - "outboundTag": "direct-out" - }, - { - "type": "field", - "domain": [ - "full:direct.yourdomain.com" - ], - "outboundTag": "direct-out" - } + { + "type": "field", + "ip": ["223.5.5.5"], + "outboundTag": "direct-out" + }, + { + "type": "field", + "domain": ["full:direct.yourdomain.com"], + "outboundTag": "direct-out" + } ] + } } ```