利用xtls-core分流web与xtls流量
总体结构
关键配置文件示例
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"port": 443,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "随便来个uuid(自己用生成器生成)",
"flow": "xtls-rprx-direct",
"level": 0,
"email": "随便来个邮箱"
}
],
"decryption": "none",
"fallbacks": [
{
"dest": 440,
"xver": 1,
"name": "域名"
},
{
"path": "/path",
"dest": 250,
"xver": 1
}
]
},
"streamSettings": {
"network": "tcp",
"security": "xtls",
"xtlsSettings": {
"alpn": [
"http/1.1"
],
"certificates": [
{
"certificateFile": "你的ssl证书(绝对路径).crt",
"keyFile": "你的ssl证书(绝对路径).key"
}
]
}
}
},
{
"port": 250,
"listen": "127.0.0.1",
"protocol": "vless",
"settings": {
"clients": [
{
"id": "随便来个uuid(自己用生成器生成,同上面一致)",
"level": 0,
"email": "随便来个邮箱"
}
],
"decryption":"none"
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/yourpath"
}
}
}
],
"outbounds": [
{
"protocol": "freedom"
}
]
}server {
listen 440 proxy_protocol;
server_name 域名;
root /var/www/html;
index index.html index.php;
location ~ .*\.php(\/.*)*$ {
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
include fastcgi.conf;
}
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php$1 last;
}
}
server {
listen 80;
return 301 https://$host$request_uri;
}说明
- 普通web流量
当外部流量访问时,如果是普通web流量,则通过xtls-core解密ssl后转发至440端口由nginx监听的440端口接收后处理,nginx不用做ssl配置,我在这里同时还用了php7.4。
- xtls流量
当外部流量访问时,如果是xtls流量,则由xtls-core自己处理,在示例中是转发至250端口。
- 上一篇: 没有了
- 下一篇: 如何将登云屐用的更加舒服