Last active
October 13, 2023 19:59
-
-
Save phlinhng/a72e1f2e06c2cf99b37e97ce1d9557c4 to your computer and use it in GitHub Desktop.
Revisions
-
phlinhng revised this gist
May 12, 2020 . No changes.There are no files selected for viewing
-
techphl revised this gist
Apr 2, 2020 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -14,7 +14,7 @@ tls: 开 有web时,tls证书在web服务器上,v2Ray服务端不需要设定tls。 # 客户端连接测试 测试域名`test.mydomain.cc`(隐私处理,非真正域名),由cloudflare解析并关闭proxy,tls证书用cloudflare的回源证书(期限7天,测完就删),SSL/TLS encryption mode模式`Full (strict)`。用的客户端是Shadowrocket。分别用以下三种客户端设置测试两种服务端config,验证服务端应该怎么配置才正确。 ## 域名直连 ``` 地址: test.mydomain.cc -
Apr 2, 2020 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -11,7 +11,7 @@ tls: 开 混淆域名: web服务器域名 (一定要写!) 混淆路径: web服务器上反代到v2Ray的路径 ``` 有web时,tls证书在web服务器上,v2Ray服务端不需要设定tls。 # 客户端连接测试 测试域名`test.mydomain.cc`(隐私处理,非真正域名),由cloudflare解析并关闭proxy,tls证书用cloudflare的回源证书(期限7天,测完就删)。用的客户端是Shadowrocket。分别用以下三种客户端设置测试两种服务端config,验证服务端应该怎么配置才正确。 -
Apr 2, 2020 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -37,7 +37,7 @@ tls: 开 # 结论 1. ws+tls直连时,客户端的`混淆域名`加或不加都无所谓,服务端的`wsSettings`的`headers`也是加或不加都无所谓 2. ws+tls+cf节点连接时,服务端的`wsSettings`的`headers`加或不加都无所谓 3. ws+tls+cf节点连接时,客户端的`混淆域名`要和服务端`tlsSettings`中的`serverName`一致,否则cloudflare找不到你的服务器 # 延伸 -
Apr 2, 2020 . No changes.There are no files selected for viewing
-
Apr 2, 2020 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -14,7 +14,7 @@ tls: 开 有web时,tls证书在web服务器上,v2Ray不需要设定tls。 # 客户端连接测试 测试域名`test.mydomain.cc`(隐私处理,非真正域名),由cloudflare解析并关闭proxy,tls证书用cloudflare的回源证书(期限7天,测完就删)。用的客户端是Shadowrocket。分别用以下三种客户端设置测试两种服务端config,验证服务端应该怎么配置才正确。 ## 域名直连 ``` 地址: test.mydomain.cc -
Apr 2, 2020 . 1 changed file with 4 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -38,4 +38,7 @@ tls: 开 # 结论 1. ws+tls直连时,客户端的`混淆域名`加或不加都无所谓,服务端的`wsSettings`的`headers`也是加或不加都无所谓 2. ws+tls+cf节点连接时,服务端的`wsSettings`的`headers`也是加或不加都无所谓 3. ws+tls+cf节点连接时,客户端的`混淆域名`要和服务端`tlsSettings`中的`serverName`一致,否则cloudflare找不到你的服务器 # 延伸 可以另外注冊一个地址(cf节点分流地址),用智能dns (dnspod/dnsdun/dnsla)做三网分流到cloudflare不同节点,连接address填`cf节点分流地址`实现三网分流。三网分流细节详见<https://github.com/techphl/v2ray-agent/blob/master/optimize_V2Ray.md> (感谢原作者[mack-a](https://github.com/mack-a)) -
Apr 2, 2020 . 1 changed file with 0 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -5,8 +5,6 @@ ``` 地址: cloudflare.com (或1.1.1.1或任何cloudflare节点IP) 端口: web服务器的端口 (通常为443) tls: 开 不安全连接: 不允许 混淆: websocket -
Apr 2, 2020 . 1 changed file with 1 addition and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -20,14 +20,13 @@ tls: 开 ## 域名直连 ``` 地址: test.mydomain.cc 混淆域名: 混淆路径: /testws ``` ## 域名直连+混淆域名 ``` 地址: test.mydomain.cc 混淆域名: test.mydomain.cc 混淆路径: /testws ``` ## CF节点连接 -
Apr 2, 2020 . 1 changed file with 7 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -35,4 +35,10 @@ tls: 开 地址: cloudflare.com 混淆域名: test.mydomain.cc 混淆路径: /testws ``` 结果不管服务端有没有加header,以上设置都连得上。 # 结论 1. ws+tls直连时,客户端的`混淆域名`加或不加都无所谓,服务端的`wsSettings`的`headers`也是加或不加都无所谓 2. ws+tls+cf节点连接时,服务端的`wsSettings`的`headers`也是加或不加都无所谓 3. ws+tls+cf节点连接时,客户端的`混淆域名`要和服务端`tlsSettings`中的`serverName`一致,否则cloudflare找不到你的服务器 -
Apr 2, 2020 . 1 changed file with 4 additions and 22 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -16,39 +16,21 @@ tls: 开 有web时,tls证书在web服务器上,v2Ray不需要设定tls。 # 客户端连接测试 测试域名`test.mydomain.cc`(隐私处理,非真正域名),由cloudflare解析并关闭proxy。tls证书用cloudflare的回源证书(期限7天,测完就删)。用的客户端是Shadowrocket。分别用以下三种客户端设置测试两种服务端config,验证服务端应该怎么配置才正确。 ## 域名直连 ``` 地址: test.mydomain.cc 混淆: websocket 混淆域名: 混淆路径: /testws ``` ## 域名直连+混淆域名 ``` 地址: test.mydomain.cc 混淆域名: 混淆路径: /testws ``` ## CF节点连接 ``` 地址: cloudflare.com 混淆域名: test.mydomain.cc -
Apr 2, 2020 . 3 changed files with 10 additions and 45 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -16,76 +16,41 @@ tls: 开 有web时,tls证书在web服务器上,v2Ray不需要设定tls。 # 客户端连接测试 测试域名`test.mydomain.cc`(隐私处理,非真正域名),由cloudflare解析并关闭proxy。tls证书用cloudflare的回源证书(期限7天,测完就删)。用的客户端是Shadowrocket。 ## config-without-header.json 域名直连 ``` 地址: test.mydomain.cc 混淆: websocket 混淆域名: 混淆路径: /testws ``` ## config-without-header.json 域名直连+混淆域名 ``` 地址: test.mydomain.cc 混淆域名: 混淆路径: /testws ``` ## config-without-header.json CF节点连接 ``` 地址: cloudflare.com 混淆域名: test.mydomain.cc 混淆路径: /testws ``` ## config-with-header.json 域名直连 ``` 地址: test.mydomain.cc 混淆域名: 混淆路径: /testws ``` ## config-with-header.json 域名直连+混淆域名 ``` 地址: test.nthu.cc 混淆域名: test.mydomain.cc 混淆路径: /testws ``` ## config-without-header.json CF节点连接 ``` 地址: cloudflare.com 混淆域名: test.mydomain.cc 混淆路径: /testws ``` This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -14,7 +14,7 @@ "network": "ws", "security": "tls", "tlsSettings": { "serverName": "test.mydomain.cc", "allowInsecure": false, "certificates": [ { @@ -83,7 +83,7 @@ "wsSettings": { "path": "/testws", "headers": { "Host": "test.mydomain.cc" } } }, This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -14,7 +14,7 @@ "network": "ws", "security": "tls", "tlsSettings": { "serverName": "test.mydomain.cc", "allowInsecure": false, "certificates": [ { -
Apr 2, 2020 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Apr 2, 2020 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Apr 2, 2020 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,98 @@ { "port": 443, "listen": "0.0.0.0", "protocol": "vmess", "settings": { "clients": [ { "id": "e653e187-eef4-42f5-e84a-bab520983d01", "alterId": 64 } ] }, "streamSettings": { "network": "ws", "security": "tls", "tlsSettings": { "serverName": "test.nthu.cc", "allowInsecure": false, "certificates": [ { "certificate": [ "-----BEGIN CERTIFICATE-----", "MIIEmjCCA4KgAwIBAgIUEwFbc/UEZuR1EuQtuJuKqHjxWTgwDQYJKoZIhvcNAQEL", "BQAwgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQw", "MgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9y", "aXR5MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlh", "MB4XDTIwMDQwMjA5MDIwMFoXDTIwMDQwOTA5MDIwMFowYjEZMBcGA1UEChMQQ2xv", "dWRGbGFyZSwgSW5jLjEdMBsGA1UECxMUQ2xvdWRGbGFyZSBPcmlnaW4gQ0ExJjAk", "BgNVBAMTHUNsb3VkRmxhcmUgT3JpZ2luIENlcnRpZmljYXRlMIIBIjANBgkqhkiG", "9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+Z4RDa4hP1k/XH7xEV5AjbYFZMUVDJi12WQ", "h8pyVEWqnXrusJfaoqPWspdnCEhE0yF/YPVuSVFicLt/BGhQFAMKADMH/xr1HaZ1", "xGFtJkvdy4qv7SRLU85uhUbrrvjsteX03Odjcz5brkvKq9Gm9IOu1R+oc3DXSQAM", "bVfjJt742gPtC42gE2Uv/vMf31UwCVNQgwtXSJwK7A4xGqnZvwWArVWn2FEgpqda", "vPcUHARYxeD5UVTXmaTUXhW+UUE+WD9tP6TRiWFlR8VfZzjtgf8uT3qvRQvkVWqJ", "ya0Ujeiwq8aaLiEkYjTQc/fCQH5NFnNNkBiJ4dM6MmJEcrEB8QIDAQABo4IBHDCC", "ARgwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD", "ATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRA0ag+TlTBfigBpjtWE+FDoGbkKTAf", "BgNVHSMEGDAWgBQk6FNXXXw0QIep65TbuuEWePwppDBABggrBgEFBQcBAQQ0MDIw", "MAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLmNsb3VkZmxhcmUuY29tL29yaWdpbl9j", "YTAdBgNVHREEFjAUggkqLm50aHUuY2OCB250aHUuY2MwOAYDVR0fBDEwLzAtoCug", "KYYnaHR0cDovL2NybC5jbG91ZGZsYXJlLmNvbS9vcmlnaW5fY2EuY3JsMA0GCSqG", "SIb3DQEBCwUAA4IBAQCo/jsMQzIPt6BMBNgE9WwmZ7pGqdgx5cUIuPPR+TGkVLtU", "sGBh6Nzjy7b24UVTZgazUqxIS9ph518aK0+x2lCME8oh154q5UC/QzERdiI1UxaR", "lDP6rK3YqKj2wetSpgiMDbKwY6f+sg7rtK8QX0k1C4NZWO5GwTeHZr1myKvWgu34", "Th5b3FS0r2l8wSCxbpA9wpDF3k37wDBnPGsFjgqrIny0Kpgl19o4uYyncqDNnQ0S", "8ymqZ4QUb3+hRxEEYeTL3Qu6YDKy8eKmULcn1TPE1ITymP7ViRHl2203ThEedap/", "RFBunMfbiIIcPWesOdzOSf3UPlgMMC7MjZrjJJNn", "-----END CERTIFICATE-----" ], "key": [ "-----BEGIN PRIVATE KEY-----", "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDj5nhENriE/WT9", "cfvERXkCNtgVkxRUMmLXZZCHynJURaqdeu6wl9qio9ayl2cISETTIX9g9W5JUWJw", "u38EaFAUAwoAMwf/GvUdpnXEYW0mS93Liq/tJEtTzm6FRuuu+Oy15fTc52NzPluu", "S8qr0ab0g67VH6hzcNdJAAxtV+Mm3vjaA+0LjaATZS/+8x/fVTAJU1CDC1dInArs", "DjEaqdm/BYCtVafYUSCmp1q89xQcBFjF4PlRVNeZpNReFb5RQT5YP20/pNGJYWVH", "xV9nOO2B/y5Peq9FC+RVaonJrRSN6LCrxpouISRiNNBz98JAfk0Wc02QGInh0zoy", "YkRysQHxAgMBAAECggEACgnsEJ5+c0aRgm6DwhSzV2B2FUE00IlQUZ+k2wO/vyw7", "GekWhuCG3h+BxL0m6eD7vcxzHCDDhRGY2Ka8Whku3yrLxSV6UTJCoNXlHcuS2hsr", "v8cHUoFaRhdI8Vr7OmphoZjpt9SuIfSZvOw+wbcgTRNYigUfz5ylXGRW/SFgHU/4", "w0tl4tc/g7f3VWTj2Pe0lJrT5JWbq869VuCRlUS7uX1fgbf68vDDcdt1Sbn+Buvf", "CbYOjeIZpr/7CZvBwrHsc4jt6FZhXqMvjB2QNTWoK/8xDnnSj/47S+NW6FhpMAwn", "RW0j273Mo4xc1KSS1PUHhvp/QcMwHo3iQCxXHofElwKBgQD/TtyEu1JVb33HSovo", "E5aqi4vDFrCb0HlTsGyoNFf7CZ7Er081ooKdI+2mv3JtQCZmn8mJqoii26Ri3pwQ", "yPhAf79Ir8q1lWe+bYKn3t7n4g7tYAU3Hqj1e07Ku1XQGT+2gS0Gb8sxk9YgBAJo", "5JWA1nvZ3qlbJlqVt2Zqd+BsrwKBgQDkhJedNCco21CfE7Z11s8/c8CP00uXB6el", "hDUsVXNCDZVZmGpi/ntnEE8oZNzk2k8xIf05D3vUqFZzZYpRExSGeS6IvrUzWQjB", "S+CjsFP80TJb1Z6r/7YaP96iqZp7ln1/Gmi/yGqTqunDOM8SXoIUelCcrxMOW6Oc", "GGFJ2+9jXwKBgCDeESuRRf8ztDiU00AUTYA1KM/7us7EXuo0OzjITE9IJMVjYEoi", "WrhKKM0ftmZ0LL1ncrWjW6XDqv0DdYn/pV4AVCrSXsFTs6BjTr+3xHCLvKo4g1Ne", "QhggQLt+tIRuy7H+HULH35vJUXabrYe9bbXBZv5cWOcgH+dITgoE1sKHAoGBALY0", "nqsC7YJfNG5SinZ0+7StN8m2ARyARwTrYHZj/82YBRB2PcWHAaAQ2fzsR1DWXLRh", "VIXNub+7JYtHWD0CyKfcMeVoohQ6FogBVzFNI/p+VvfwYV7lOi695GewcfO+73uL", "9B+OzqPFcDRvtHQCFRf82w/DbJ9TJCYPLmt0yPBjAoGADYBvQoIo9VKQ2GakhRx2", "z9nfBOvKR9nIwdbjQuZV17DSlw2fustveAne5+e88GKrqnLEB9GiNQ6BuGY+9Uld", "AFvk/7D53BUBdKxJsr9pf8VHLGA+XKSvDkuOiS3Kpu/NylPqNWsqQNExMkS9d2Bs", "GL7q0Clg86Wdu3bKgVi2rYo=", "-----END PRIVATE KEY-----" ] } ] }, "wsSettings": { "path": "/testws", "headers": { "Host": "test.nthu.cc" } } }, "tag": "", "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] } } This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,96 @@ { "port": 443, "listen": "0.0.0.0", "protocol": "vmess", "settings": { "clients": [ { "id": "e653e187-eef4-42f5-e84a-bab520983d01", "alterId": 64 } ] }, "streamSettings": { "network": "ws", "security": "tls", "tlsSettings": { "serverName": "test.nthu.cc", "allowInsecure": false, "certificates": [ { "certificate": [ "-----BEGIN CERTIFICATE-----", "MIIEmjCCA4KgAwIBAgIUEwFbc/UEZuR1EuQtuJuKqHjxWTgwDQYJKoZIhvcNAQEL", "BQAwgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQw", "MgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9y", "aXR5MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlh", "MB4XDTIwMDQwMjA5MDIwMFoXDTIwMDQwOTA5MDIwMFowYjEZMBcGA1UEChMQQ2xv", "dWRGbGFyZSwgSW5jLjEdMBsGA1UECxMUQ2xvdWRGbGFyZSBPcmlnaW4gQ0ExJjAk", "BgNVBAMTHUNsb3VkRmxhcmUgT3JpZ2luIENlcnRpZmljYXRlMIIBIjANBgkqhkiG", "9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+Z4RDa4hP1k/XH7xEV5AjbYFZMUVDJi12WQ", "h8pyVEWqnXrusJfaoqPWspdnCEhE0yF/YPVuSVFicLt/BGhQFAMKADMH/xr1HaZ1", "xGFtJkvdy4qv7SRLU85uhUbrrvjsteX03Odjcz5brkvKq9Gm9IOu1R+oc3DXSQAM", "bVfjJt742gPtC42gE2Uv/vMf31UwCVNQgwtXSJwK7A4xGqnZvwWArVWn2FEgpqda", "vPcUHARYxeD5UVTXmaTUXhW+UUE+WD9tP6TRiWFlR8VfZzjtgf8uT3qvRQvkVWqJ", "ya0Ujeiwq8aaLiEkYjTQc/fCQH5NFnNNkBiJ4dM6MmJEcrEB8QIDAQABo4IBHDCC", "ARgwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD", "ATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRA0ag+TlTBfigBpjtWE+FDoGbkKTAf", "BgNVHSMEGDAWgBQk6FNXXXw0QIep65TbuuEWePwppDBABggrBgEFBQcBAQQ0MDIw", "MAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLmNsb3VkZmxhcmUuY29tL29yaWdpbl9j", "YTAdBgNVHREEFjAUggkqLm50aHUuY2OCB250aHUuY2MwOAYDVR0fBDEwLzAtoCug", "KYYnaHR0cDovL2NybC5jbG91ZGZsYXJlLmNvbS9vcmlnaW5fY2EuY3JsMA0GCSqG", "SIb3DQEBCwUAA4IBAQCo/jsMQzIPt6BMBNgE9WwmZ7pGqdgx5cUIuPPR+TGkVLtU", "sGBh6Nzjy7b24UVTZgazUqxIS9ph518aK0+x2lCME8oh154q5UC/QzERdiI1UxaR", "lDP6rK3YqKj2wetSpgiMDbKwY6f+sg7rtK8QX0k1C4NZWO5GwTeHZr1myKvWgu34", "Th5b3FS0r2l8wSCxbpA9wpDF3k37wDBnPGsFjgqrIny0Kpgl19o4uYyncqDNnQ0S", "8ymqZ4QUb3+hRxEEYeTL3Qu6YDKy8eKmULcn1TPE1ITymP7ViRHl2203ThEedap/", "RFBunMfbiIIcPWesOdzOSf3UPlgMMC7MjZrjJJNn", "-----END CERTIFICATE-----" ], "key": [ "-----BEGIN PRIVATE KEY-----", "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDj5nhENriE/WT9", "cfvERXkCNtgVkxRUMmLXZZCHynJURaqdeu6wl9qio9ayl2cISETTIX9g9W5JUWJw", "u38EaFAUAwoAMwf/GvUdpnXEYW0mS93Liq/tJEtTzm6FRuuu+Oy15fTc52NzPluu", "S8qr0ab0g67VH6hzcNdJAAxtV+Mm3vjaA+0LjaATZS/+8x/fVTAJU1CDC1dInArs", "DjEaqdm/BYCtVafYUSCmp1q89xQcBFjF4PlRVNeZpNReFb5RQT5YP20/pNGJYWVH", "xV9nOO2B/y5Peq9FC+RVaonJrRSN6LCrxpouISRiNNBz98JAfk0Wc02QGInh0zoy", "YkRysQHxAgMBAAECggEACgnsEJ5+c0aRgm6DwhSzV2B2FUE00IlQUZ+k2wO/vyw7", "GekWhuCG3h+BxL0m6eD7vcxzHCDDhRGY2Ka8Whku3yrLxSV6UTJCoNXlHcuS2hsr", "v8cHUoFaRhdI8Vr7OmphoZjpt9SuIfSZvOw+wbcgTRNYigUfz5ylXGRW/SFgHU/4", "w0tl4tc/g7f3VWTj2Pe0lJrT5JWbq869VuCRlUS7uX1fgbf68vDDcdt1Sbn+Buvf", "CbYOjeIZpr/7CZvBwrHsc4jt6FZhXqMvjB2QNTWoK/8xDnnSj/47S+NW6FhpMAwn", "RW0j273Mo4xc1KSS1PUHhvp/QcMwHo3iQCxXHofElwKBgQD/TtyEu1JVb33HSovo", "E5aqi4vDFrCb0HlTsGyoNFf7CZ7Er081ooKdI+2mv3JtQCZmn8mJqoii26Ri3pwQ", "yPhAf79Ir8q1lWe+bYKn3t7n4g7tYAU3Hqj1e07Ku1XQGT+2gS0Gb8sxk9YgBAJo", "5JWA1nvZ3qlbJlqVt2Zqd+BsrwKBgQDkhJedNCco21CfE7Z11s8/c8CP00uXB6el", "hDUsVXNCDZVZmGpi/ntnEE8oZNzk2k8xIf05D3vUqFZzZYpRExSGeS6IvrUzWQjB", "S+CjsFP80TJb1Z6r/7YaP96iqZp7ln1/Gmi/yGqTqunDOM8SXoIUelCcrxMOW6Oc", "GGFJ2+9jXwKBgCDeESuRRf8ztDiU00AUTYA1KM/7us7EXuo0OzjITE9IJMVjYEoi", "WrhKKM0ftmZ0LL1ncrWjW6XDqv0DdYn/pV4AVCrSXsFTs6BjTr+3xHCLvKo4g1Ne", "QhggQLt+tIRuy7H+HULH35vJUXabrYe9bbXBZv5cWOcgH+dITgoE1sKHAoGBALY0", "nqsC7YJfNG5SinZ0+7StN8m2ARyARwTrYHZj/82YBRB2PcWHAaAQ2fzsR1DWXLRh", "VIXNub+7JYtHWD0CyKfcMeVoohQ6FogBVzFNI/p+VvfwYV7lOi695GewcfO+73uL", "9B+OzqPFcDRvtHQCFRf82w/DbJ9TJCYPLmt0yPBjAoGADYBvQoIo9VKQ2GakhRx2", "z9nfBOvKR9nIwdbjQuZV17DSlw2fustveAne5+e88GKrqnLEB9GiNQ6BuGY+9Uld", "AFvk/7D53BUBdKxJsr9pf8VHLGA+XKSvDkuOiS3Kpu/NylPqNWsqQNExMkS9d2Bs", "GL7q0Clg86Wdu3bKgVi2rYo=", "-----END PRIVATE KEY-----" ] } ] }, "wsSettings": { "path": "/testws", "headers": {} } }, "tag": "", "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] } } This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,91 @@ # 动机 在v2ray+ws+tls+web的情况下,不管cloudflare dns有没有开启云朵(proxy),都可以透过address填cf节点ip,ws头部host填域名的方式连接上v2Ray服务器。写这篇的目的是想测试在没有web的情况下使用同一招,让同一个域名既能直连也能通过cdn中转。 # 有web时的连接方法 ``` 地址: cloudflare.com (或1.1.1.1或任何cloudflare节点IP) 端口: web服务器的端口 (通常为443) UUID: 照常 aid: 照常 tls: 开 不安全连接: 不允许 混淆: websocket 混淆域名: web服务器域名 (一定要写!) 混淆路径: web服务器上反代到v2Ray的路径 ``` 有web时,tls证书在web服务器上,v2Ray不需要设定tls。 # 客户端连接测试 测试域名`test.nthu.cc`,由cloudflare解析并关闭proxy。tls证书用cloudflare的回源证书(期限7天,测完就删)。用的客户端是Shadowrocket ## config-without-header.json 域名直连 ``` 地址: test.nthu.cc 端口: 443 UUID: e653e187-eef4-42f5-e84a-bab520983d01 aid: 64 tls: 开 不安全连接: 不允许 混淆: websocket 混淆域名: 混淆路径: /testws ``` ## config-without-header.json 域名直连+混淆域名 ``` 地址: test.nthu.cc 端口: 443 UUID: e653e187-eef4-42f5-e84a-bab520983d01 aid: 64 tls: 开 不安全连接: 不允许 混淆: websocket 混淆域名: 混淆路径: /testws ``` ## config-without-header.json CF节点连接 ``` 地址: cloudflare.com 端口: 443 UUID: e653e187-eef4-42f5-e84a-bab520983d01 aid: 443 tls: 开 不安全连接: 不允许 混淆: websocket 混淆域名: test.nthu.cc 混淆路径: /testws ``` ## config-with-header.json 域名直连 ``` 地址: test.nthu.cc 端口: 443 UUID: 照常 aid: 照常 tls: 开 不安全连接: 不允许 混淆: websocket 混淆域名: 混淆路径: /testws ``` ## config-with-header.json 域名直连+混淆域名 ``` 地址: test.nthu.cc 端口: 443 UUID: 照常 aid: 照常 tls: 开 不安全连接: 不允许 混淆: websocket 混淆域名: test.nthu.cc 混淆路径: /testws ``` ## config-without-header.json CF节点连接 ``` 地址: cloudflare.com 端口: 443 UUID: 照常 aid: 照常 tls: 开 不安全连接: 不允许 混淆: websocket 混淆域名: test.nthu.cc 混淆路径: /testws ```
techphl
revised
this gist