外部流量入口
此处port=10001 可以切换成其他端口
然后所有这类流量先通过 dokodemo-door 通通传入38001
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| {
"inbounds": [
{
"listen": "0.0.0.0",
"port": 10001,
"protocol": "dokodemo-door",
"settings": {
"address": "127.0.0.1",
"port": 38001,
"network": "tcp",
"followRedirect": false
}
}
]
}
|
分流
此处fallbacks描述分流规则
- 默认回落流量到31296,一般无法解析的流量会分发给nginx,以隐藏xray的响应特征
- 满足TLS ALPN协商的走到31302
- 尝试匹配首包 HTTP PATH(installpathws or installpathws2),成功走到31297 | 31299
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
| {
"inbounds": [
{
"port": 38001,
"fallbacks": [
{
"dest": 31296,
"xver": 1
},
{
"alpn": "h2",
"dest": 31302,
"xver": 0
},
{
"path": "/installpathws",
"dest": 31297,
"xver": 1
},
{
"path": "/installpathws2",
"dest": 31299,
"xver": 1
}
]
}
...
]
}
|
响应端口
示例为vless
streamSettings.wsSettings.path 对应 分流回落的fallbacks.path
inbounds.listen 对应输入端口
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
| {
"inbounds": [
{
"port": 31297,
"listen": "127.0.0.1",
"protocol": "vless",
"tag": "VLESSWS",
"settings": {
"clients": [
{
"id": "uuid-idxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"email": "username_xxxx-VLESS_WS"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/installpathws"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
}
]
}
|
reference