Code Monkey home page Code Monkey logo

Comments (8)

RPRX avatar RPRX commented on May 13, 2024

fallbacks 第二个子元素的 dest 应改为 15462

(我不了解 adguard)

from v2ray-core.

linxuankent avatar linxuankent commented on May 13, 2024

fallbacks第二个子元素的dest应替换15462

(我不了解adguard)
我的vmess配置
{
"log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "warning"
},
"dns": {
"servers": [
"localhost"
],
"tag": "dns_inbound"
},
"stats": {},
"routing": {
"domainStrategy": "AsIs",
"rules": [{
"type": "field",
"ip": [
"geoip:private"
],
"outboundTag": "blocked"
},
{
"type": "field",
"inboundTag": [
"tg-in"
],
"outboundTag": "tg-out"
}
]
},
"policy": {},
"reverse": {

},
"inbounds": [{
        "port": 15315,
        "protocol": "vmess",
        "settings": {
            "clients": [{
                "id": "",
                "alterId": 64
            }],
            "detour": {
                "to": "dynamicPort"
            }

        },
        "streamSettings": {
            "network": "tcp",
            "security": "tls",
            "tlsSettings": {
                "certificates": [{
                    "certificateFile": "/usr/local/etc/v2ray/v2ray.crt",
                    "keyFile": "/usr/local/etc/v2ray/v2ray.key"
                }]
            }
        }

    },
    {
        "protocol": "vmess",
        "port": "3000-5000",
        "tag": "dynamicPort",
        "settings": {
            "default": {
                "alterId": 64
            }
        },
        "allocate": {
            "strategy": "random",
            "concurrency": 10,
            "refresh": 3
        },
        "streamSettings": {
            "network": "tcp",
            "security": "tls",
            "tlsSettings": {
                "certificates": [{
                    "certificateFile": "/usr/local/etc/v2ray/v2ray.crt",
                    "keyFile": "/usr/local/etc/v2ray/v2ray.key"
                }]
            }
        }
    },

    {
        "port": 35152,
        "protocol": "mtproto",
        "settings": {
            "users": [{
                "email": "[email protected]",
                "level": 0,
                "secret": "4514dd37619afb6ff89123216d679065"
            }]
        },
        "tag": "tg-in",
        "streamSettings": {},
        "listen": "0.0.0.0"
    }

],
"outbounds": [{
        "protocol": "freedom",
        "settings": {
            "domainStrategy": "UseIP"
        },
        "tag": "direct"
    },
    {
        "tag": "blocked",
        "protocol": "blackhole",
        "settings": {}
    },
    {
        "tag": "tg-out",
        "protocol": "mtproto",
        "settings": {}
    }

],

"transport": {}

}
用netstat -tlnp|grep 443命令查询就不会出现443端口占用的情况,vless由于inbounds指定了443,查询就是443已经被占用,是不是应该考虑用nginx来解决。

from v2ray-core.

RPRX avatar RPRX commented on May 13, 2024

没有明白你想实现什么。。。以及意义

from v2ray-core.

ruisiji avatar ruisiji commented on May 13, 2024

我的理解是这样的:

他有三个域名: proxy.com, webserver1.com, webserver2.com

proxy.com 用来做代理的服务端连接地址,另外两个是 web 服务器。

按我目前理解的情况是 VLESS 里填写的是 proxy.com 的证书,这样他的两个 web server 就不知道怎么访问了。

当这三个域名的TLS证书并非同一个的时候,怎么使用 HTTPS 来访问这三个域名呢?

另外关于这个配置里的fallbacks我有个疑问: https://github.com/v2fly/v2ray-examples/blob/master/VLESS-TCP-XTLS-WHATEVER/config_server.json#L19-L38

                "fallbacks": [
                    {
                        "dest": 80 // 也可以回落到其它防探测的代理
                    },
                    {
                        "path": "/websocket", // 必须换成自定义的 PATH
                        "dest": 1234,
                        "xver": 1
                    },
                    {
                        "path": "/vmesstcp", // 必须换成自定义的 PATH
                        "dest": 2345,
                        "xver": 1
                    },
                    {
                        "path": "/vmessws", // 必须换成自定义的 PATH
                        "dest": 3456,
                        "xver": 1
                    }
                ]

关于 vmess over tls 很好理解,前面放一个 nginx,当 host:port/path 是 vmess over tls时直接转发给 v2ray,否则转发给其他东西。因为Nginx可以为不同域名配置不同证书,所以很容易做到。

而 VLESS 的情况下,TLS证书是在 VLESS 里配置的,那么当流量是非 VLESS 流量时,怎样根据域名来向后转流量呢?

from v2ray-core.

RPRX avatar RPRX commented on May 13, 2024

@ruisiji

目前还不支持 SNI 分流,如果有这个需求,建议用 Nginx stream 来做。

from v2ray-core.

linxuankent avatar linxuankent commented on May 13, 2024

我的理解是这样的:

他有三个域名:proxy.com,webserver1.com,webserver2.com

proxy.com用于做代理的服务端连接地址,另外两个是web服务器。

按我目前理解的情况是VLESS里填写的是proxy.com的证书,这样他的两个网络服务器就不知道怎么访问了。

当这三个域名的TLS证书并非同一个的时候,怎么使用HTTPS来访问这三个域名呢?

另外关于这个配置里的fallbacks我有个疑问:https : //github.com/v2fly/v2ray-examples/blob/master/VLESS-TCP-XTLS-WHATEVER/config_server.json#L19-L38

                "fallbacks": [
                    {
                        "dest": 80 // 也可以回落到其它防探测的代理
                    },
                    {
                        "path": "/websocket", // 必须换成自定义的 PATH
                        "dest": 1234,
                        "xver": 1
                    },
                    {
                        "path": "/vmesstcp", // 必须换成自定义的 PATH
                        "dest": 2345,
                        "xver": 1
                    },
                    {
                        "path": "/vmessws", // 必须换成自定义的 PATH
                        "dest": 3456,
                        "xver": 1
                    }
                ]

关于vmess over tls很好理解,前面放一个nginx,当host:port / path是vmess over tls时直接转发给v2ray,否则转发给其他东西。因为Nginx可以为不同域名配置不同证书,所以很容易做到。

而 VLESS 的情况下,TLS证书是在 VLESS 里配置的,那么当流量是非 VLESS 流量时,怎样根据域名来向后转流量呢?

对是这样的

from v2ray-core.

wcg928 avatar wcg928 commented on May 13, 2024

https://www.youtube.com/watch?v=t4RvS8lBtJI&t=33s 这里有共享教程

from v2ray-core.

kiddin9 avatar kiddin9 commented on May 13, 2024

https://lhy.life/20200816-vless/

from v2ray-core.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.