vmess+ws+tls+nginx分流
首先下载Xray的linux版本,解压编辑config.json
config.json{ "inbounds": [ { "port": 10008, "protocol": "vmess", "settings": { "clients": [ { "id": "....", "alterId": 64 } ], "decryption": "none" }, "streamSettings": { "network": "ws", "wsSettings": { "path": "/ashocndl" } } } ], "outbounds": [ { "protocol": "freedom" } ] }
提示
-c 可以指定config.json文件
{ "log": { "access": "", "error": "", "loglevel": "warning" }, "inbounds": [ { "tag": "socks", "port": 10808, "listen": "127.0.0.1", "protocol": "socks", "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ], "routeOnly": false }, "settings": { "auth": "noauth", "udp": true, "allowTransparent": false } }, { "tag": "http", "port": 10809, "listen": "127.0.0.1", "protocol": "http", "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ], "routeOnly": false }, "settings": { "auth": "noauth", "udp": true, "allowTransparent": false } } ], "outbounds": [ { "tag": "proxy", "protocol": "vmess", "settings": { "vnext": [ { "address": "domain.com", "port": 443, "users": [ { "id": "...........", "alterId": 64, "email": "........", "security": "auto" } ] } ] }, "streamSettings": { "network": "ws", "security": "tls", "tlsSettings": { "allowInsecure": false }, "wsSettings": { "path": "/ashocndl", "headers": {} } }, "mux": { "enabled": false, "concurrency": -1 } }, { "tag": "direct", "protocol": "freedom", "settings": {} }, { "tag": "block", "protocol": "blackhole", "settings": { "response": { "type": "http" } } } ], "dns": { "hosts": { "dns.google": "8.8.8.8", "proxy.example.com": "127.0.0.1" }, "servers": [ { "address": "223.5.5.5", "domains": [ "panyin.shop" ] }, { "address": "223.5.5.5", "domains": [ "geosite:cn", "geosite:geolocation-cn" ], "expectIPs": [ "geoip:cn" ] }, "1.1.1.1", "8.8.8.8", "https://dns.google/dns-query" ] }, "routing": { "domainStrategy": "AsIs", "rules": [ { "type": "field", "inboundTag": [ "api" ], "outboundTag": "api" }, { "type": "field", "port": "443", "network": "udp", "outboundTag": "block" }, { "type": "field", "port": "0-65535", "outboundTag": "proxy" } ] } }
#vmess的https加密(暂无) server { listen 443 ssl; server_name domain.com; ssl_certificate "/path/cert/fullchain.pem"; ssl_certificate_key "/path/cert/privkey.pem"; location /ashocndl { if ($http_upgrade != "websocket") { # WebSocket协商失败时返回404 return 404; } proxy_redirect off; proxy_pass http://127.0.0.1:10008; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; # Show real IP in v2ray access.log proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }
nginx还可以建立多个location实现流量分流
注
注意server_name domain.com指的是要放行的域名