下面所有的配置都是用nginx做sni分流共用443端口的,并且全部启用了proxy_protocol。另外使用websocket传输方式的配置可以套cdn使用。
nginx配置:
stream { map $ssl_preread_server_name $singbox { trojan.example.com trojan; trojan-websocket.example.com trojan-websocket; vmess.example.com vmess; vmess-websocket.example.com vmess-websocket; naive.example.com naive; } upstream trojan { server 127.0.0.1:52000; } upstream trojan-websocket { server 127.0.0.1:52001; } upstream vmess { server 127.0.0.1:52002; } upstream vmess-websocket { server 127.0.0.1:52003; } upstream naive { server 127.0.0.1:52004; } server { listen 443 reuseport; listen [::]:443 reuseport; proxy_pass $singbox; ssl_preread on; proxy_protocol on; } }
trojan-tls-tcp-server.json:
{ "log": { "level": "info" }, "inbounds": [ { "type": "trojan", "tag": "trojan-in", "listen": "127.0.0.1", "listen_port": 52000, "tcp_fast_open": true, "udp_fragment": true, "sniff": true, "sniff_override_destination": false, "udp_timeout": 300, "proxy_protocol": true, "proxy_protocol_accept_no_header": false, "users": [ { "name": "imlala", "password": "password" } ], "tls": { "enabled": true, "server_name": "trojan.example.com", "alpn": [ "http/1.1" ], "min_version": "1.2", "max_version": "1.3", "acme": { "domain": ["trojan.example.com"], "data_directory": "/usr/local/etc/sing-box", "default_server_name": "", "email": "[email protected]", "provider": "letsencrypt" } } } ], "outbounds": [ { "type": "direct", "tag": "direct" } ] }
trojan-tls-tcp-client.json:
{ "log": { "level": "info", "timestamp": true }, "dns": { "servers": [ { "tag": "cloudflare", "address": "https://1.1.1.1/dns-query" }, { "tag": "china", "address": "local", "detour": "direct" } ], "rules": [ { "domain": "trojan.example.com", "geosite": "cn", "server": "china" } ], "disable_cache": true, "disable_expire": true }, "inbounds": [ { "type": "mixed", "tag": "mixed-in", "listen": "::", "listen_port": 20080, "sniff": true, "set_system_proxy": false } ], "outbounds": [ { "type": "trojan", "tag": "trojan-out", "server": "trojan.example.com", "server_port": 443, "password": "password", "tls": { "enabled": true, "disable_sni": false, "server_name": "trojan.example.com", "insecure": false, "alpn": [ "http/1.1" ] }, "multiplex": { "enabled": true, "protocol": "smux", "max_connections": 5, "min_streams": 4, "max_streams": 0 }, "connect_timeout": "5s", "tcp_fast_open": true, "udp_fragment": true }, { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" } ], "route": { "rules": [ { "geosite": "cn", "geoip": "cn", "outbound": "direct" }, { "geosite": "category-ads-all", "outbound": "block" } ] } }
trojan-tls-websocket-server.json:
{ "log": { "level": "info" }, "inbounds": [ { "type": "trojan", "tag": "trojan-in", "listen": "127.0.0.1", "listen_port": 52001, "tcp_fast_open": true, "udp_fragment": true, "sniff": true, "sniff_override_destination": false, "udp_timeout": 300, "proxy_protocol": true, "proxy_protocol_accept_no_header": false, "users": [ { "name": "imlala", "password": "password" } ], "tls": { "enabled": true, "server_name": "trojan-websocket.example.com", "alpn": [ "http/1.1" ], "min_version": "1.2", "max_version": "1.3", "acme": { "domain": ["trojan-websocket.example.com"], "data_directory": "/usr/local/etc/sing-box", "default_server_name": "", "email": "[email protected]", "provider": "letsencrypt" } }, "transport": { "type": "ws", "path": "/debian", "max_early_data": 0, "early_data_header_name": "Sec-WebSocket-Protocol" } } ], "outbounds": [ { "type": "direct", "tag": "direct" } ] }
trojan-tls-websocket-client.json:
{ "log": { "level": "info", "timestamp": true }, "dns": { "servers": [ { "tag": "cloudflare", "address": "https://1.1.1.1/dns-query" }, { "tag": "china", "address": "local", "detour": "direct" } ], "rules": [ { "domain": "trojan-websocket.example.com", "geosite": "cn", "server": "china" } ], "disable_cache": true, "disable_expire": true }, "inbounds": [ { "type": "mixed", "tag": "mixed-in", "listen": "::", "listen_port": 20080, "sniff": true, "set_system_proxy": false } ], "outbounds": [ { "type": "trojan", "tag": "trojan-out", "server": "trojan-websocket.example.com", "server_port": 443, "password": "password", "tls": { "enabled": true, "disable_sni": false, "server_name": "trojan-websocket.example.com", "insecure": false, "alpn": [ "http/1.1" ] }, "multiplex": { "enabled": true, "protocol": "smux", "max_connections": 5, "min_streams": 4, "max_streams": 0 }, "transport": { "type": "ws", "path": "/debian", "max_early_data": 0, "early_data_header_name": "Sec-WebSocket-Protocol" }, "connect_timeout": "5s", "tcp_fast_open": true, "udp_fragment": true }, { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" } ], "route": { "rules": [ { "geosite": "cn", "geoip": "cn", "outbound": "direct" }, { "geosite": "category-ads-all", "outbound": "block" } ] } }
vmess-tls-tcp-server.json:
{ "log": { "level": "info" }, "inbounds": [ { "type": "vmess", "tag": "vmess-in", "listen": "127.0.0.1", "listen_port": 52002, "tcp_fast_open": true, "udp_fragment": true, "sniff": true, "sniff_override_destination": false, "proxy_protocol": true, "proxy_protocol_accept_no_header": false, "users": [ { "name": "imlala", "uuid": "1577ac7c-bc02-44ce-b851-8da0516473da", "alterId": 0 } ], "tls": { "enabled": true, "server_name": "vmess.example.com", "alpn": [ "http/1.1" ], "min_version": "1.2", "max_version": "1.3", "acme": { "domain": ["vmess.example.com"], "data_directory": "/usr/local/etc/sing-box", "default_server_name": "", "email": "[email protected]", "provider": "letsencrypt" } } } ], "outbounds": [ { "type": "direct", "tag": "direct" } ] }
vmess-tls-tcp-client.json:
{ "log": { "level": "info", "timestamp": true }, "dns": { "servers": [ { "tag": "cloudflare", "address": "https://1.1.1.1/dns-query" }, { "tag": "china", "address": "local", "detour": "direct" } ], "rules": [ { "domain": "vmess.example.com", "geosite": "cn", "server": "china" } ], "disable_cache": true, "disable_expire": true }, "inbounds": [ { "type": "mixed", "tag": "mixed-in", "listen": "::", "listen_port": 20080, "sniff": true, "set_system_proxy": false } ], "outbounds": [ { "type": "vmess", "tag": "vmess-out", "server": "vmess.example.com", "server_port": 443, "uuid": "1577ac7c-bc02-44ce-b851-8da0516473da", "security": "auto", "alter_id": 0, "global_padding": false, "authenticated_length": true, "tls": { "enabled": true, "disable_sni": false, "server_name": "vmess.example.com", "insecure": false, "alpn": [ "http/1.1" ] }, "multiplex": { "enabled": true, "protocol": "smux", "max_connections": 5, "min_streams": 4, "max_streams": 0 }, "connect_timeout": "5s", "tcp_fast_open": true, "udp_fragment": true }, { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" } ], "route": { "rules": [ { "geosite": "cn", "geoip": "cn", "outbound": "direct" }, { "geosite": "category-ads-all", "outbound": "block" } ] } }
vmess-tls-websocket-server.json:
{ "log": { "level": "info" }, "inbounds": [ { "type": "vmess", "tag": "vmess-in", "listen": "127.0.0.1", "listen_port": 52003, "tcp_fast_open": true, "udp_fragment": true, "sniff": true, "sniff_override_destination": false, "proxy_protocol": true, "proxy_protocol_accept_no_header": false, "users": [ { "name": "imlala", "uuid": "1577ac7c-bc02-44ce-b851-8da0516473da", "alterId": 0 } ], "tls": { "enabled": true, "server_name": "vmess-websocket.example.com", "alpn": [ "http/1.1" ], "min_version": "1.2", "max_version": "1.3", "acme": { "domain": ["vmess-websocket.example.com"], "data_directory": "/usr/local/etc/sing-box", "default_server_name": "", "email": "[email protected]", "provider": "letsencrypt" } }, "transport": { "type": "ws", "path": "/nixos", "max_early_data": 0, "early_data_header_name": "Sec-WebSocket-Protocol" } } ], "outbounds": [ { "type": "direct", "tag": "direct" } ] }
vmess-tls-websocket-client.json:
{ "log": { "level": "info", "timestamp": true }, "dns": { "servers": [ { "tag": "cloudflare", "address": "https://1.1.1.1/dns-query" }, { "tag": "china", "address": "local", "detour": "direct" } ], "rules": [ { "domain": "vmess-websocket.example.com", "geosite": "cn", "server": "china" } ], "disable_cache": true, "disable_expire": true }, "inbounds": [ { "type": "mixed", "tag": "mixed-in", "listen": "::", "listen_port": 20080, "sniff": true, "set_system_proxy": false } ], "outbounds": [ { "type": "vmess", "tag": "vmess-out", "server": "vmess-websocket.example.com", "server_port": 443, "uuid": "1577ac7c-bc02-44ce-b851-8da0516473da", "security": "auto", "alter_id": 0, "global_padding": false, "authenticated_length": true, "tls": { "enabled": true, "disable_sni": false, "server_name": "vmess-websocket.example.com", "insecure": false, "alpn": [ "http/1.1" ] }, "multiplex": { "enabled": true, "protocol": "smux", "max_connections": 5, "min_streams": 4, "max_streams": 0 }, "transport": { "type": "ws", "path": "/nixos", "max_early_data": 0, "early_data_header_name": "Sec-WebSocket-Protocol" }, "connect_timeout": "5s", "tcp_fast_open": true, "udp_fragment": true }, { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" } ], "route": { "rules": [ { "geosite": "cn", "geoip": "cn", "outbound": "direct" }, { "geosite": "category-ads-all", "outbound": "block" } ] } }
naive-tls-tcp-server.json:
{ "log": { "level": "info" }, "inbounds": [ { "type": "naive", "tag": "naive-in", "network": "tcp", "listen": "127.0.0.1", "listen_port": 52004, "tcp_fast_open": true, "sniff": true, "sniff_override_destination": false, "proxy_protocol": true, "proxy_protocol_accept_no_header": false, "users": [ { "username": "imlala", "password": "password" } ], "tls": { "enabled": true, "server_name": "naive.example.com", "acme": { "domain": ["naive.example.com"], "data_directory": "/usr/local/etc/sing-box", "default_server_name": "", "email": "[email protected]", "provider": "letsencrypt" } } } ], "outbounds": [ { "type": "direct", "tag": "direct" } ] }
naive-tls-tcp-client.json:
{ "listen": "socks://127.0.0.1:30080", "proxy": "https://imlala:[email protected]", "log": "" }
注:
sing-box没有naive出站,客户端还是用:https://github.com/klzgrad/naiveproxy/releases/download/v105.0.5195.52-1/naiveproxy-v105.0.5195.52-1-win-x64.zip
套cdn的配置,cdn(cloudflare)这里需要这样设置:
最新评论
5211314
能不能教我 一点不会