github
/
Xray-examples
mirror of https://github.com/XTLS/Xray-examples
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge d00b801385 into d4e592b842

rnotlnglgq 2025-07-17 20:07:14 +08:00 committed by GitHub
parent d4e592b842 d00b801385
commit f42209da28
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
11 changed files with 313 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
VLESS-TCP-TLS-WS (recommended)/README.ENG.md → VLESS-TCP-TLS-WS/README.ENG.md
View File

@ -1,5 +1,11 @@
# VLESS over TCP with TLS + fallback & split to WebSocket (advanced configuration)
## Caution
**This configuration was tagged as recommended, however https://github.com/XTLS/Xray-core/issues/1750#issuecomment-1459469821 had mentioned its vulnerabilities and it should be tagged as <u>deprecated</u>.**
## Original Content
This is a superset of [Minimal Configuration](<../VLESS-TCP-TLS%20(minimal%20by%20rprx)>), using the powerful fallback and distribution features of VLESS, it realizes port 443 VLESS over TCP with TLS and Perfect coexistence of any WSS
This configuration is for reference. You can replace VLESS on WS with any other protocol such as VMess, and set more PATHs and protocol coexistence.

7
VLESS-TCP-TLS-WS (recommended)/README.md → VLESS-TCP-TLS-WS/README.md
View File

@ -1,4 +1,11 @@
# VLESS over TCP with TLS + 回落 & 分流 to WebSocket进阶配置
## 注意
**这个配置过去被标记为推荐,然而 https://github.com/XTLS/Xray-core/issues/1750#issuecomment-1459469821 提到其安全缺陷,且它应当列为<u>已废弃</u>。**
## 原文
[ENGLISH](README.ENG.md)
这里是 [最简配置](<../VLESS-TCP-TLS%20(minimal%20by%20rprx)>) 的超集,利用 VLESS 强大的回落分流特性,实现了 443 端口 VLESS over TCP with TLS 和任意 WSS 的完美共存

0
VLESS-TCP-TLS-WS (recommended)/config_client_tcp_tls.jsonc → VLESS-TCP-TLS-WS/config_client_tcp_tls.jsonc
View File

0
VLESS-TCP-TLS-WS (recommended)/config_client_ws_tls.jsonc → VLESS-TCP-TLS-WS/config_client_ws_tls.jsonc
View File

0
VLESS-TCP-TLS-WS (recommended)/config_server.jsonc → VLESS-TCP-TLS-WS/config_server.jsonc
View File

9
VLESS-XHTTP-Reality/minimal-steal_others/README.en.md Normal file
View File

@ -0,0 +1,9 @@
# VLESS-XHTTP-Reality-steal_others
[Reality](https://github.com/XTLS/REALITY) and [XHTTP](https://github.com/XTLS/Xray-core/discussions/4113) are two major techniques of Project X which are up-to-date. This example provides a minimal configuration, which can be used for new versions of Xray-core (and cannot be used for low versions, recommended >= [v25.3.6](https://github.com/XTLS/Xray-core/releases/tag/v25.3.6) ). There are also more complicated configurations provided by other community repositories.
#### Note
* Leave the fields blank as much as possible to ensure that users who have not configured their own will be responded to by xray-core with an error.
* Considering practicality, [domain name sniffing](https://xtls.github.io/config/inbound.html#sniffingobject) is enabled.
* The `"fingerprint"` field for Reality has a safe default value of `"chrome"` since version 24.12.18, so it is omitted in this example. Old versions of Xray-Core without a default value should not be able to recognize this configuration file (due to the `"target"` field), so it should be safe to omit it here.

12
VLESS-XHTTP-Reality/minimal-steal_others/README.md Normal file
View File

@ -0,0 +1,12 @@
# VLESS-XHTTP-Reality-steal_others
[Reality](https://github.com/XTLS/REALITY)与[XHTTP](https://github.com/XTLS/Xray-core/discussions/4113)是XTLS项目的两项主要且较新的技术。本示例配置提供一个极简配置其可在较新版本的Xray-core使用且无法在低版本使用建议版本不旧于[v25.3.6](https://github.com/XTLS/Xray-core/releases/tag/v25.3.6))。目前亦有社区成员在其他仓库提供更复杂的配置方案。
另外根据[一些经验](https://github.com/XTLS/Xray-core/issues/1027),对于中国大陆用户建议使用[禁回国流量的路由规则](server-block-cn.jsonc),以避免服务器向境内网站发起连接而被标记为代理。
#### 备注
* 待填字段尽可能留空了确保未自行配置的用户将被xray-core回应以报错。
* 考虑到实用性,开启了[域名嗅探](https://xtls.github.io/config/inbound.html#sniffingobject)。
* Reality设定的`"fingerprint"`字段自24.12.18版本已有安全的默认值`"chrome"`故不再标注。没有默认值的旧版Xray-core应该会因无法识别这个配置文件因target字段所以此处省略应该是安全的。

77
VLESS-XHTTP-Reality/minimal-steal_others/client-bypass-cn.jsonc Normal file
View File

@ -0,0 +1,77 @@
{
"routing": {
"rules": [
{
"ip": [
"geoip:private"
],
"outboundTag": "direct"
},
{
"type": "field",
"ip": [
"geoip:cn"
],
"outboundTag": "direct"
},
{
"type": "field",
"domain": [
"geosite:cn"
],
"outboundTag": "direct"
}
]
},
"inbounds": [
{
"listen": "127.0.0.1",
"port": 10808,
"protocol": "socks"
}
],
"outbounds": [
{
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "", // 服务端的域名或 IP
"port": 443, // 填入配置服务器入站时设定的监听端口
"users": [
{
"id": "", // 与服务端一致
"encryption": "none",
"flow": ""
}
]
}
]
},
"streamSettings": {
"network": "xhttp",
"xhttpSettings": {
"path": "/yourpath" // 与服务端一致
},
"security": "reality",
"realitySettings": {
"serverName": "", // 在服务端所设serverNames列表中选择一个填入
"publicKey": "", // 服务端执行 xray x25519 生成,私钥对应的公钥,填 "Public key" 的值
"shortId": "", // 服务端 shortIds 之一
"spiderX": "/somepath", // 爬虫初始路径与参数,建议每个客户端不同
"fingerprint": "chrome" // 使用 uTLS 库模拟客户端 TLS 指纹。,为强调而保留。
}
},
"tag": "proxy"
},
{
"protocol": "freedom",
"tag": "direct"
},
{
"protocol": "blackhole",
"tag": "block"
}
]
}

63
VLESS-XHTTP-Reality/minimal-steal_others/client.jsonc Normal file
View File

@ -0,0 +1,63 @@
{
"routing": {
"rules": [
{
"ip": [
"geoip:private"
],
"outboundTag": "direct"
}
]
},
"inbounds": [
{
"listen": "127.0.0.1",
"port": 10808,
"protocol": "socks"
}
],
"outbounds": [
{
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "", // 服务端的域名或 IP
"port": 443, // 填入配置服务器入站时设定的监听端口
"users": [
{
"id": "", // 与服务端一致
"encryption": "none",
"flow": ""
}
]
}
]
},
"streamSettings": {
"network": "xhttp",
"xhttpSettings": {
"path": "/yourpath" // 与服务端一致
},
"security": "reality",
"realitySettings": {
"serverName": "", // 在服务端所设serverNames列表中选择一个填入
"publicKey": "", // 服务端执行 xray x25519 生成,私钥对应的公钥,填 "Public key" 的值
"shortId": "", // 服务端 shortIds 之一
"spiderX": "/somepath", // 爬虫初始路径与参数,建议每个客户端不同
"fingerprint": "chrome" // 使用 uTLS 库模拟客户端 TLS 指纹。,为强调而保留。
}
},
"tag": "proxy"
},
{
"protocol": "freedom",
"tag": "direct"
},
{
"protocol": "blackhole",
"tag": "block"
}
]
}

79
VLESS-XHTTP-Reality/minimal-steal_others/server-block-cn.jsonc Normal file
View File

@ -0,0 +1,79 @@
{
"routing": {
"domainStrategy": "IPIfNonMatch",
"rules": [
{
"type": "field",
"ip": [
"geoip:cn"
],
"outboundTag": "block"
},
{
"type": "field",
"domain": [
"geosite:cn"
],
"outboundTag": "block"
}
]
},
"inbounds": [
{
"listen": "0.0.0.0",
"port": 443, // 可根据实际情况更换端口
"protocol": "vless",
"settings": {
"clients": [
{
"id": "", // 长度为 1-30 字节的任意字符串,或执行 xray uuid 生成
"flow": ""
}
],
"decryption": "none"
},
"streamSettings": {
"network": "xhttp",
"xhttpSettings": {
"path": "/yourpath" // 自行设定路径
},
"security": "reality",
"realitySettings": {
// 此target字段原名为dest从24.10.31版本开始开始使用新名称。
// 目标网站最低标准:国外网站,支持 TLSv1.3 与 H2域名非跳转用主域名可能被用于跳转到 www。详见 https://github.com/XTLS/REALITY
"target": "example.com:443",
"serverNames": [
// 客户端可用的 serverName 列表,暂不支持 * 通配符
// 执行 xray tls ping 目标网站网址,填 "Allowed domains" 的值
],
"privateKey": "", // 执行 xray x25519 生成,填 "Private key" 的值
"shortIds": [ // 客户端可用的 shortId 列表,可用于区分不同的客户端
// "", // 若有此项,客户端 shortId 可为空
"00", // 0 到 f长度为 2 的倍数,长度上限为 16
"01",
"02"
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}
],
"outbounds": [
{
"protocol": "freedom",
"tag": "direct"
},
{
"protocol": "blackhole",
"tag": "block"
}
]
}

60
VLESS-XHTTP-Reality/minimal-steal_others/server.jsonc Normal file
View File

@ -0,0 +1,60 @@
{
"inbounds": [
{
"listen": "0.0.0.0",
"port": 443, // 可根据实际情况更换端口
"protocol": "vless",
"settings": {
"clients": [
{
"id": "", // 长度为 1-30 字节的任意字符串,或执行 xray uuid 生成
"flow": ""
}
],
"decryption": "none"
},
"streamSettings": {
"network": "xhttp",
"xhttpSettings": {
"path": "/yourpath" // 自行设定路径
},
"security": "reality",
"realitySettings": {
// 此target字段原名为dest从24.10.31版本开始开始使用新名称。
// 目标网站最低标准:国外网站,支持 TLSv1.3 与 H2域名非跳转用主域名可能被用于跳转到 www。详见 https://github.com/XTLS/REALITY
"target": "example.com:443",
"serverNames": [
// 客户端可用的 serverName 列表,暂不支持 * 通配符
// 执行 xray tls ping 目标网站网址,填 "Allowed domains" 的值
],
"privateKey": "", // 执行 xray x25519 生成,填 "Private key" 的值
"shortIds": [ // 客户端可用的 shortId 列表,可用于区分不同的客户端
// "", // 若有此项,客户端 shortId 可为空
"00", // 0 到 f长度为 2 的倍数,长度上限为 16
"01",
"02"
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}
],
"outbounds": [
{
"protocol": "freedom",
"tag": "direct"
},
{
"protocol": "blackhole",
"tag": "block"
}
]
}