From 344bf5d58fb7a8d3a575419bf17c77026ecf4350 Mon Sep 17 00:00:00 2001 From: yuhan6665 Date: Sat, 4 Nov 2023 18:57:28 +0000 Subject: [PATCH] deploy: XTLS/Xray-docs-next@5bdc5345e8212cfa6c860ffc8b9e7a6841566d46 --- 404.html | 6 +++--- about/news.html | 4 ++-- assets/js/{app.9a8d83e0.js => app.66687671.js} | 2 +- .../js/{runtime~app.bda536c8.js => runtime~app.0ab52007.js} | 2 +- assets/js/v-0e5d7b39.6dc84c75.js | 1 + assets/js/v-0e5d7b39.a997e4d6.js | 1 - config/api.html | 4 ++-- config/dns.html | 4 ++-- config/fakedns.html | 4 ++-- config/features/browser_dialer.html | 4 ++-- config/features/env.html | 4 ++-- config/features/fallback.html | 4 ++-- config/features/multiple.html | 4 ++-- config/features/xtls.html | 4 ++-- config/inbound.html | 4 ++-- config/inbounds/dokodemo.html | 4 ++-- config/inbounds/http.html | 4 ++-- config/inbounds/shadowsocks.html | 4 ++-- config/inbounds/socks.html | 4 ++-- config/inbounds/trojan.html | 4 ++-- config/inbounds/vless.html | 4 ++-- config/inbounds/vmess.html | 4 ++-- config/index.html | 4 ++-- config/log.html | 4 ++-- config/outbound.html | 4 ++-- config/outbounds/blackhole.html | 4 ++-- config/outbounds/dns.html | 4 ++-- config/outbounds/freedom.html | 4 ++-- config/outbounds/http.html | 4 ++-- config/outbounds/shadowsocks.html | 4 ++-- config/outbounds/socks.html | 4 ++-- config/outbounds/trojan.html | 4 ++-- config/outbounds/vless.html | 4 ++-- config/outbounds/vmess.html | 4 ++-- config/outbounds/wireguard.html | 4 ++-- config/policy.html | 4 ++-- config/reverse.html | 4 ++-- config/routing.html | 4 ++-- config/stats.html | 4 ++-- config/transport.html | 4 ++-- config/transports/domainsocket.html | 4 ++-- config/transports/grpc.html | 4 ++-- config/transports/h2.html | 4 ++-- config/transports/mkcp.html | 4 ++-- config/transports/quic.html | 4 ++-- config/transports/tcp.html | 4 ++-- config/transports/websocket.html | 4 ++-- development/index.html | 4 ++-- development/intro/compile.html | 4 ++-- development/intro/design.html | 4 ++-- development/intro/guide.html | 4 ++-- development/protocols/mkcp.html | 4 ++-- development/protocols/muxcool.html | 4 ++-- development/protocols/vless.html | 4 ++-- development/protocols/vmess.html | 4 ++-- document/command.html | 4 ++-- document/config.html | 4 ++-- document/document.html | 4 ++-- document/index.html | 4 ++-- document/install.html | 6 +++--- document/level-0/ch01-preface.html | 4 ++-- document/level-0/ch02-preparation.html | 4 ++-- document/level-0/ch03-ssh.html | 4 ++-- document/level-0/ch04-security.html | 4 ++-- document/level-0/ch05-webpage.html | 4 ++-- document/level-0/ch06-certificates.html | 4 ++-- document/level-0/ch07-xray-server.html | 4 ++-- document/level-0/ch08-xray-clients.html | 4 ++-- document/level-0/ch09-appendix.html | 4 ++-- document/level-0/index.html | 4 ++-- document/level-1/fallbacks-lv1.html | 4 ++-- document/level-1/fallbacks-with-sni.html | 4 ++-- document/level-1/index.html | 4 ++-- document/level-1/routing-lv1-part1.html | 4 ++-- document/level-1/routing-lv1-part2.html | 4 ++-- document/level-1/work.html | 4 ++-- document/level-2/index.html | 4 ++-- document/level-2/iptables_gid.html | 4 ++-- document/level-2/nginx_or_haproxy_tls_tunnel.html | 4 ++-- document/level-2/redirect.html | 4 ++-- document/level-2/tproxy.html | 4 ++-- document/level-2/tproxy_ipv4_and_ipv6.html | 4 ++-- document/level-2/traffic_stats.html | 4 ++-- document/level-2/transparent_proxy/transparent_proxy.html | 4 ++-- document/level-2/warp.html | 4 ++-- en/about/news.html | 4 ++-- en/config/api.html | 4 ++-- en/config/dns.html | 4 ++-- en/config/fakedns.html | 4 ++-- en/config/features/browser_dialer.html | 4 ++-- en/config/features/env.html | 4 ++-- en/config/features/fallback.html | 4 ++-- en/config/features/multiple.html | 4 ++-- en/config/features/xtls.html | 4 ++-- en/config/inbound.html | 4 ++-- en/config/inbounds/dokodemo.html | 4 ++-- en/config/inbounds/http.html | 4 ++-- en/config/inbounds/shadowsocks.html | 4 ++-- en/config/inbounds/socks.html | 4 ++-- en/config/inbounds/trojan.html | 4 ++-- en/config/inbounds/vless.html | 4 ++-- en/config/inbounds/vmess.html | 4 ++-- en/config/index.html | 4 ++-- en/config/log.html | 4 ++-- en/config/outbound.html | 4 ++-- en/config/outbounds/blackhole.html | 4 ++-- en/config/outbounds/dns.html | 4 ++-- en/config/outbounds/freedom.html | 4 ++-- en/config/outbounds/http.html | 4 ++-- en/config/outbounds/shadowsocks.html | 4 ++-- en/config/outbounds/socks.html | 4 ++-- en/config/outbounds/trojan.html | 4 ++-- en/config/outbounds/vless.html | 4 ++-- en/config/outbounds/vmess.html | 4 ++-- en/config/outbounds/wireguard.html | 4 ++-- en/config/policy.html | 4 ++-- en/config/reverse.html | 4 ++-- en/config/routing.html | 4 ++-- en/config/stats.html | 4 ++-- en/config/transport.html | 4 ++-- en/config/transports/domainsocket.html | 4 ++-- en/config/transports/grpc.html | 4 ++-- en/config/transports/h2.html | 4 ++-- en/config/transports/mkcp.html | 4 ++-- en/config/transports/quic.html | 4 ++-- en/config/transports/tcp.html | 4 ++-- en/config/transports/websocket.html | 4 ++-- en/development/index.html | 4 ++-- en/development/intro/compile.html | 4 ++-- en/development/intro/design.html | 4 ++-- en/development/intro/guide.html | 4 ++-- en/development/protocols/mkcp.html | 4 ++-- en/development/protocols/muxcool.html | 4 ++-- en/development/protocols/vless.html | 4 ++-- en/development/protocols/vmess.html | 4 ++-- en/document/command.html | 4 ++-- en/document/config.html | 4 ++-- en/document/document.html | 4 ++-- en/document/index.html | 4 ++-- en/document/install.html | 4 ++-- en/document/level-0/ch01-preface.html | 4 ++-- en/document/level-0/ch02-preparation.html | 4 ++-- en/document/level-0/ch03-ssh.html | 4 ++-- en/document/level-0/ch04-security.html | 4 ++-- en/document/level-0/ch05-webpage.html | 4 ++-- en/document/level-0/ch06-certificates.html | 4 ++-- en/document/level-0/ch07-xray-server.html | 4 ++-- en/document/level-0/ch08-xray-clients.html | 4 ++-- en/document/level-0/ch09-appendix.html | 4 ++-- en/document/level-0/index.html | 4 ++-- en/document/level-1/fallbacks-lv1.html | 4 ++-- en/document/level-1/fallbacks-with-sni.html | 4 ++-- en/document/level-1/index.html | 4 ++-- en/document/level-1/routing-lv1-part1.html | 4 ++-- en/document/level-1/routing-lv1-part2.html | 4 ++-- en/document/level-1/work.html | 4 ++-- en/document/level-2/index.html | 4 ++-- en/document/level-2/iptables_gid.html | 4 ++-- en/document/level-2/nginx_tls_tunnel.html | 4 ++-- en/document/level-2/redirect.html | 4 ++-- en/document/level-2/tproxy.html | 4 ++-- en/document/level-2/tproxy_ipv4_and_ipv6.html | 4 ++-- en/document/level-2/traffic_stats.html | 4 ++-- .../level-2/transparent_proxy/transparent_proxy.html | 4 ++-- en/document/level-2/warp.html | 4 ++-- en/index.html | 4 ++-- index.html | 4 ++-- 167 files changed, 331 insertions(+), 331 deletions(-) rename assets/js/{app.9a8d83e0.js => app.66687671.js} (99%) rename assets/js/{runtime~app.bda536c8.js => runtime~app.0ab52007.js} (99%) create mode 100644 assets/js/v-0e5d7b39.6dc84c75.js delete mode 100644 assets/js/v-0e5d7b39.a997e4d6.js diff --git a/404.html b/404.html index 7fc1d44220..f63cd61043 100644 --- a/404.html +++ b/404.html @@ -5,11 +5,11 @@ Project X - + -

404

There's nothing here.
Take me home
- +

404

Looks like we've got some broken links.
Take me home
+ diff --git a/about/news.html b/about/news.html index e0abf5780a..67d5763624 100644 --- a/about/news.html +++ b/about/news.html @@ -5,11 +5,11 @@ 大史记 | Project X - +

大史记

2021.4.6

  • VuePress Next.
  • With Dark Mode.

2021.4.4

  • 本文档迎来的新的首页。
  • 本文档迎来了暗黑模式。
  • 当然,暗黑模式还有各种各样的问题。具体的内容还需要慢慢调整。
  • 另:Telegram 群聊突破了 5000 人!还加入了 Anti-Spam 机器人!
  • 🎉🎉🎉

2021.4.1 v1.4.2open in new window

  • 不是愚人节玩笑,今天更新。
  • 加入 Browser Dialer,用与改变 TLS 指纹与行为。
  • 加入 uTLS,用与改变 TLS Client Hello 的指纹。
  • 顺便修复了一大堆奇妙的问题,具体的内容见更新日志。

2021.3.25

没错还在变。 -_-

2021.3.15

文档网站正在悄悄的进行着某些神秘的变化。。。,🙊🙊🙊

2021.3.14 v1.4.0open in new window

  • Happy Pi-Day!
  • 这次是个大更新:
    • 为链式代理引入了传输层支持。
    • 为 Dialer 引入了 Domain Strategy,解决奇妙的 DNS 问题。
    • 添加了 gRPC 传输方式,与更快一点的 Multi Mode。
    • 添加了 WebSocket Early-Data 功能,减少了 WebSocket 的延迟。
    • 添加了 FakeDNS。
    • 还修复了系列的问题,添加了各类功能,详情请见更新日志。
  • 还是 VuePress 比较爽啊(

2021.3.3 1.3.1open in new window

  • 这个版本使用了 Golang 1.16,正式原生支持 Apple Silicon。
  • 同时修复了一个会导致 Panic 的 bug。Holmium_认为这是在骗、在偷袭。
  • 修复了几个遗留问题。

2021.2.14 1.3.0open in new window

  • Happy 🐮 Year 🎉!
  • v1.3.0 通过非常巧妙的机制实现了 V 系协议全部 FullCone,同时保证了一定的兼容性。
  • OHHHHHHHHHHHH!

2021.01.31 1.2.4open in new window

  • 解决两个“连接至标准 Socks 服务端时可能出错”的历史遗留问题。
  • 似乎这个版本没有什么改变,但这只是暴风雨前的宁静。
  • (没错我就是先知)

    你个傻子,你拿的是 UNO 牌。

2021.01.25

  • 全互联网最好最详细的秘籍入门篇同学们练熟了吗? 🍉 老师开始连载秘籍第一层咯...
  • 英文版文档网站逐渐增加内容 ing, 感谢各位大佬的辛苦付出~!

2021.01.22 1.2.3open in new window

  • 对 SS 协议的支持变强了, 支持单端口多用户!
  • 对 trojan 协议的支持也变强了, trojan 的回落也解锁 SNI 分流的新姿势啦~!
  • (VLESS: 嘤嘤嘤)
  • UDP 奇奇怪怪的 BUG 被干掉了, 一个字, "稳定".
  • 嗅探可以排除你不想嗅探的域名, 可以开启一些新玩法.
  • 向发现问题->开 issue->自行测试->自行分析->自行找到问题->自行解决->然后给上下游提交 PR 的大佬 a @Bohan Yangopen in new window 致敬!
  • 其他美味小樱桃, 惯例更新品尝就对啦.

2021.01.19

  • 一些数字
    • 版本发布了 10   个 tag
    • 解决掉了 100  个 issue
    • 复刻了 300  个 fork
    • 点了 2000 个 star
    • 群 3000 个 人

2021.01.17

2021.01.15 1.2.2open in new window

  • 回落分流又解锁了奇怪的新姿势! 回落中可以根据 SNI 分流啦~!
  • 之前预告的 UUID 修改正式上线.(往下看往下看)
  • 日志现在看起来比上一次顺眼又更顺眼了一丢丢.
  • 远程 DOH 和其他的 DNS 模式一样学会了走路由分流.
  • 当然还有其他各种小糖果.(更新品尝就对了)
  • 啊, 还有, 世界上第一個 M1 上跑起 Xray 的男人是 Anthony TSE

2021.01.12

  • 将要到来的 UUID 修改, 支持自定义字符串和 UUID 之间的映射. 这意味着你将可以这样在配置文件中写 id 来对应用户.
    • 客户端写 "id": "我爱 🍉 老师 1314",
    • 服务端写 "id": "5783a3e7-e373-51cd-8642-c83782b807c5" (此 UUID 是 我爱🍉老师1314 的 UUID 映射)
  • 🍉 老师的小小白白话文大结局, 撒花.

2021.01.10 1.2.1open in new window

  • 大量的 UDP 相关修复, 甚至可以在育碧的土豆服务器上玩彩虹六号!
  • Google Voice 应该也可以正常使用 v2rayNG 拨打了.
  • 日志现在看起来更顺眼.

2021.01.07

  • 礼貌和尊重本应是社区不需要明说的准则之一。

2021.01.05

  • 文档网站正在悄悄的进行着某些神秘的变化。。。,🙊🙊🙊

2021.01.03

2021.01.01

【祝大家新年快乐,嗨皮牛耶!】🎆🎇🎆 1.2.0open in new window

🎁 在元旦的最后几分钟,v1.2.0 它来了,带着周五必更的惯例,带着各位贡献大佬的心血以及 @rprxx 的黑眼圈,不负众望的来了!

  • 圣诞礼物v1.1.5后的元旦礼物 🎁,游戏玩家大福利,全面 FullCone。
  • (UDP 还会继续增强!)
  • 如果你已经拆过圣诞礼物,这次还有比圣诞礼物更精美的包装和小糖果哦。(同样不用问,更新品尝就对了)
  • (不,下面不是广告,是里程碑。)
  • Xray 是有史以来第一个不受限制的多协议平台:只需 Xray 即可解决问题,无需借力其它实现。
    • 一人扛起了所有!支持各大主流协议!
    • 一骑绝尘的性能!
    • 日趋完善的功能!
    • 可怕的生命力与社区亲和力!
  • Xray 将继续保持前行! 因此 Xray 需要更多的英雄!!open in new window
  • PS:请品,请细品release notesopen in new window每一句。似乎有一个小秘密小彩蛋 (啊,有人敲门...我一会和你们说)

2020.12.29

透明代理的游戏玩家利好! Xray-core tproxy 入站, socks 出站 UDP FullCone 测试版, TG 群open in new window火热测试中

2020.12.25 1.1.5open in new window

圣诞节快乐!

  • 游戏玩家的圣诞礼物!你可以用 xray 爽快的打游戏啦!因为有了 SS/trojan UDP fullcone
  • 你可以用你喜欢的格式写配置文件了,比如 yaml,比如 toml...
  • (VLESS 的 UDP fullcone 和更多增强很快就到!)
  • 无须再担心证书验证被墙,OCSP stapling 已经上线!
  • kirin 带来了一大波 脚本更新.脚本在此open in new window
  • 还有更多美味小樱桃!(不用问,更新品尝就对了)

2020.12.24

因为某些不可描述的原因,Xray 的文档网站已在发布日前偷跑上线。 网址为:没错你正在看的就是open in new window

大家可以查阅各种内容也欢迎纠错/提出建议(可发往文档 github 仓库的 issue 区)

文档网站需要不断完善和增加内容,以及完善设计。 因此更欢迎大家一起为文档建设添砖加瓦。 文档的仓库open in new window

仓库的 readme 中有简略教程说明如何帮助 xray 改进文档网站. 欢迎大家查看,纠错,修改,增加心得。

2020.12.23

Xray-core Shadowsocks UDP FullCone 测试版, TG 群open in new window火热测试中

2020.12.21

  • Project X 群人数 2000+
  • 群消息(含游戏群) 日均破万

2020.12.18 1.1.4open in new window

  • 更低的启动内占用和内存使用优化
  • 随意定制的 TLS 提高你的 SSL 评级
  • 支持 XTLS 入站的 Splice 以及支持 trojan 的 XTLS
  • 还有在您路由器上使用的 Splice 最佳使用模式建议

2020.12.17

鉴于日益增长群人数和游戏需求, 开启了TG 游戏群open in new window

2020.12.15

安装脚本 dev 分支open in new window开启, 持续更新功能中.

2020.12.11 1.1.3open in new window

  • 完整版本的 REDIRECT 透明代理模式.
  • 软路由 splice 流控模式的优化建议.

2020.12.06 1.1.2open in new window

  • 流控增加 splice 模式, Linux 限定, 性能一骑绝尘.
  • 增强了 API 兼容

2020.12.04

增加 splice 模式

2020.11.27

  • Project X 的 GitHub 主仓库 Xray-core 已获 500+ stars
  • 登上了 GitHub Trending
  • Project X 群人数破千,频道订阅数 500+

2020.11.25 1.0.0open in new window

Xray 的第一个版本.

  • 基于 v2ray-core 修改而来,改动较大
  • 全面增强, 性能卓越, 完全兼容

2020.11.23

project X start

梦开始的时候

- + diff --git a/assets/js/app.9a8d83e0.js b/assets/js/app.66687671.js similarity index 99% rename from assets/js/app.9a8d83e0.js rename to assets/js/app.66687671.js index 07cf4692a2..6be2cc28c4 100644 --- a/assets/js/app.9a8d83e0.js +++ b/assets/js/app.66687671.js @@ -1 +1 @@ -"use strict";(self.webpackChunkXray_docs_next=self.webpackChunkXray_docs_next||[]).push([[2143],{31209:(e,l,t)=>{t.d(l,{g:()=>L});var n=t(2009),i=t(56971),d=t(61598),o=t(97621),c=t(66252);(0,c.dD)("data-v-fe22c7b8");const r=["id","aria-labelledby"];(0,c.Cn)();const a=(0,c.aZ)({props:{title:{type:String}},data(){return{tabID:this.title}},mounted(){this.tabID="tab-"+Math.random().toString(36).substring(2),this.$parent.$data.children.push({id:this.tabID,title:this.title})},computed:{labelID(){return this.tabID+"-label"}}});a.render=function(e,l,t,n,i,d){return(0,c.wg)(),(0,c.iD)("div",{class:"tab-pane fade",id:e.tabID,role:"tabpanel","aria-labelledby":e.labelID},[(0,c.WI)(e.$slots,"default",{},void 0,!0)],8,r)},a.__scopeId="data-v-fe22c7b8";const s=a;var h=t(3577);(0,c.dD)("data-v-15e75904");const u={class:"container"},v=["id"],g=["id","aria-controls","data-bs-target"],m=["id"];(0,c.Cn)();const b=(0,c.aZ)({props:{title:{type:String}},data:()=>({children:[]}),beforeMount(){this.children=[]},mounted(){this.$nextTick((async function(){const e=await t.e(5169).then(t.bind(t,85169));let l=document.getElementById(this.children[0].id+"-label");new e.Tab(l).show()}))},computed:{tag:function(){return"tabs-"+this.title},contentTag:function(){return"tabs-"+this.title+"-content"}}});b.render=function(e,l,t,n,i,d){return(0,c.wg)(),(0,c.iD)("div",u,[(0,c._)("nav",null,[(0,c._)("div",{id:e.tag,class:"nav nav-pills",role:"tablist"},[((0,c.wg)(!0),(0,c.iD)(c.HY,null,(0,c.Ko)(e.children,(e=>((0,c.wg)(),(0,c.iD)("button",{id:e.id+"-label","aria-controls":e.id,"data-bs-target":"#"+e.id,"aria-selected":"false",class:"nav-link","data-bs-toggle":"tab",role:"tab",type:"button"},(0,h.zw)(e.title),9,g)))),256))],8,v)]),(0,c._)("div",{id:e.contentTag,class:"tab-content"},[(0,c.WI)(e.$slots,"default",{},void 0,!0)],8,m)])},b.__scopeId="data-v-15e75904";const p=b,f=["innerHTML"];var x=t(2262),y=t(92650);const _=(0,c.aZ)({name:"Mermaid",props:{identifier:String,graph:String},setup(e){const l=(0,y.vs)(),n=(0,x.Vh)(e,"identifier"),i=(0,x.Vh)(e,"graph"),d=(0,x.qj)({innerHtml:""});return(0,c.bv)((()=>{(0,c.Y3)((async function(){const e=await t.e(6637).then(t.bind(t,76637));e.default.initialize({startOnLoad:!1,theme:l.value?"dark":"default"}),e.default.render(n.value,decodeURI(i.value)).then((({svg:e,bindFunctions:l})=>{d.innerHtml=e}))}))})),(0,c.YP)(l,(async()=>{const e=await t.e(6637).then(t.bind(t,76637));e.default.initialize({startOnLoad:!1,theme:l.value?"dark":"default"}),e.default.render(n.value,decodeURI(i.value)).then((({svg:e,bindFunctions:l})=>{d.innerHtml=e}))})),{tag:n,payload:d}}});_.render=function(e,l,t,n,i,d){return(0,c.wg)(),(0,c.iD)("div",{innerHTML:e.payload.innerHtml},null,8,f)};const C=_,j=(0,o.vW)((({app:e,router:l,siteData:t})=>{e.component("Tab",s),e.component("Tabs",p),e.component("Mermaid",C)}));var k=t(1843);const L=[n.Z,i.Z,d.Z,j,k.Z]},89947:(e,l,t)=>{t.d(l,{p:()=>n});const n=[t(73051).Z]},44611:(e,l,t)=>{t.d(l,{l:()=>o});var n=t(78866),i=t(81263),d=t(96243);const o=[n.Z,i.Z,d.Z]},94150:(e,l,t)=>{t.d(l,{Z:()=>i});var n=t(66252);const i={404:(0,n.RC)((()=>t.e(8491).then(t.bind(t,68491)))),Layout:(0,n.RC)((()=>t.e(7554).then(t.bind(t,47554))))}},6056:(e,l,t)=>{t.d(l,{b:()=>i});var n=t(66252);const i={"v-8daa1a0e":(0,n.RC)((()=>t.e(2509).then(t.bind(t,90618)))),"v-aad48c6a":(0,n.RC)((()=>t.e(8015).then(t.bind(t,95996)))),"v-ba934fd8":(0,n.RC)((()=>t.e(5605).then(t.bind(t,67841)))),"v-41ade9da":(0,n.RC)((()=>t.e(8028).then(t.bind(t,41752)))),"v-83dedd38":(0,n.RC)((()=>t.e(9549).then(t.bind(t,13929)))),"v-192a19b9":(0,n.RC)((()=>t.e(1888).then(t.bind(t,74648)))),"v-7f6279d8":(0,n.RC)((()=>t.e(569).then(t.bind(t,75896)))),"v-1d860c29":(0,n.RC)((()=>t.e(3994).then(t.bind(t,59458)))),"v-2367d756":(0,n.RC)((()=>t.e(1783).then(t.bind(t,6739)))),"v-4ebec35a":(0,n.RC)((()=>t.e(8286).then(t.bind(t,65034)))),"v-31b7756a":(0,n.RC)((()=>t.e(9218).then(t.bind(t,68154)))),"v-70677432":(0,n.RC)((()=>t.e(2015).then(t.bind(t,56332)))),"v-7e21d6ae":(0,n.RC)((()=>t.e(1835).then(t.bind(t,19574)))),"v-e3dfff38":(0,n.RC)((()=>t.e(5170).then(t.bind(t,60455)))),"v-f7496066":(0,n.RC)((()=>t.e(2504).then(t.bind(t,84413)))),"v-36b1a79b":(0,n.RC)((()=>t.e(7578).then(t.bind(t,27608)))),"v-09a64f89":(0,n.RC)((()=>t.e(7693).then(t.bind(t,59171)))),"v-2b1adf48":(0,n.RC)((()=>t.e(1992).then(t.bind(t,47740)))),"v-86ee963a":(0,n.RC)((()=>t.e(4457).then(t.bind(t,27813)))),"v-0e5d7b39":(0,n.RC)((()=>t.e(1605).then(t.bind(t,59045)))),"v-2d0a870d":(0,n.RC)((()=>t.e(3835).then(t.bind(t,29088)))),"v-0d714d87":(0,n.RC)((()=>t.e(3767).then(t.bind(t,1536)))),"v-0da7880a":(0,n.RC)((()=>t.e(322).then(t.bind(t,41889)))),"v-2aeb21f9":(0,n.RC)((()=>t.e(7625).then(t.bind(t,91460)))),"v-3acf20ea":(0,n.RC)((()=>t.e(8628).then(t.bind(t,66267)))),"v-792e28f8":(0,n.RC)((()=>t.e(9372).then(t.bind(t,46250)))),"v-b50d2334":(0,n.RC)((()=>t.e(1050).then(t.bind(t,61393)))),"v-593408b0":(0,n.RC)((()=>t.e(7371).then(t.bind(t,86339)))),"v-802a842a":(0,n.RC)((()=>t.e(2759).then(t.bind(t,42337)))),"v-29995cea":(0,n.RC)((()=>t.e(3127).then(t.bind(t,47954)))),"v-2a1b3d72":(0,n.RC)((()=>t.e(9193).then(t.bind(t,29890)))),"v-fb92e8aa":(0,n.RC)((()=>t.e(3651).then(t.bind(t,45723)))),"v-167afaac":(0,n.RC)((()=>t.e(3737).then(t.bind(t,60585)))),"v-749ad71a":(0,n.RC)((()=>t.e(1259).then(t.bind(t,25868)))),"v-6d39b970":(0,n.RC)((()=>t.e(1381).then(t.bind(t,11290)))),"v-d76e893a":(0,n.RC)((()=>t.e(8800).then(t.bind(t,57120)))),"v-c6b4b59e":(0,n.RC)((()=>t.e(373).then(t.bind(t,52211)))),"v-7b293e4a":(0,n.RC)((()=>t.e(6553).then(t.bind(t,72977)))),"v-15f5452a":(0,n.RC)((()=>t.e(8424).then(t.bind(t,87404)))),"v-5797bdb3":(0,n.RC)((()=>t.e(1067).then(t.bind(t,44937)))),"v-a60f016c":(0,n.RC)((()=>t.e(6550).then(t.bind(t,28777)))),"v-413cee4b":(0,n.RC)((()=>t.e(9691).then(t.bind(t,65760)))),"v-208ca3b9":(0,n.RC)((()=>t.e(2243).then(t.bind(t,56566)))),"v-775db7b1":(0,n.RC)((()=>t.e(5135).then(t.bind(t,92373)))),"v-2877542a":(0,n.RC)((()=>t.e(1393).then(t.bind(t,83821)))),"v-03a28284":(0,n.RC)((()=>t.e(7021).then(t.bind(t,23638)))),"v-3167b1dd":(0,n.RC)((()=>t.e(2017).then(t.bind(t,57645)))),"v-8f08dbec":(0,n.RC)((()=>t.e(5372).then(t.bind(t,73276)))),"v-33b1b709":(0,n.RC)((()=>t.e(3745).then(t.bind(t,66842)))),"v-1ff57bba":(0,n.RC)((()=>t.e(5890).then(t.bind(t,63074)))),"v-6a9e8054":(0,n.RC)((()=>t.e(3902).then(t.bind(t,32921)))),"v-95e3eaea":(0,n.RC)((()=>t.e(5650).then(t.bind(t,84826)))),"v-61e7eea6":(0,n.RC)((()=>t.e(152).then(t.bind(t,10942)))),"v-6e6c37e6":(0,n.RC)((()=>t.e(8334).then(t.bind(t,74673)))),"v-13168a21":(0,n.RC)((()=>t.e(59).then(t.bind(t,71002)))),"v-5c48c82b":(0,n.RC)((()=>t.e(224).then(t.bind(t,63784)))),"v-1ee591a8":(0,n.RC)((()=>t.e(1327).then(t.bind(t,64195)))),"v-3f09dcfa":(0,n.RC)((()=>t.e(9789).then(t.bind(t,37696)))),"v-fb444906":(0,n.RC)((()=>t.e(3468).then(t.bind(t,3798)))),"v-075f3ae5":(0,n.RC)((()=>t.e(8945).then(t.bind(t,2711)))),"v-726d0633":(0,n.RC)((()=>t.e(966).then(t.bind(t,70780)))),"v-430c6ab8":(0,n.RC)((()=>t.e(1232).then(t.bind(t,95158)))),"v-717c6376":(0,n.RC)((()=>t.e(9346).then(t.bind(t,51153)))),"v-278039be":(0,n.RC)((()=>t.e(7147).then(t.bind(t,7984)))),"v-a0c7f88e":(0,n.RC)((()=>t.e(7964).then(t.bind(t,28030)))),"v-86586ca2":(0,n.RC)((()=>t.e(8512).then(t.bind(t,15545)))),"v-3eb62514":(0,n.RC)((()=>t.e(8403).then(t.bind(t,64064)))),"v-3f09dcbc":(0,n.RC)((()=>t.e(8941).then(t.bind(t,21656)))),"v-b21a2a20":(0,n.RC)((()=>t.e(6515).then(t.bind(t,28205)))),"v-da623318":(0,n.RC)((()=>t.e(3430).then(t.bind(t,49168)))),"v-fdd722ac":(0,n.RC)((()=>t.e(6271).then(t.bind(t,4736)))),"v-fa6d716e":(0,n.RC)((()=>t.e(4473).then(t.bind(t,23795)))),"v-2f29e106":(0,n.RC)((()=>t.e(196).then(t.bind(t,85704)))),"v-3f09dc7e":(0,n.RC)((()=>t.e(1833).then(t.bind(t,69161)))),"v-1c17916e":(0,n.RC)((()=>t.e(6214).then(t.bind(t,54002)))),"v-a001cfa6":(0,n.RC)((()=>t.e(1941).then(t.bind(t,57945)))),"v-46333b48":(0,n.RC)((()=>t.e(3866).then(t.bind(t,26550)))),"v-338bc63e":(0,n.RC)((()=>t.e(8741).then(t.bind(t,47791)))),"v-d68f7d58":(0,n.RC)((()=>t.e(2946).then(t.bind(t,98762)))),"v-e533e2c6":(0,n.RC)((()=>t.e(6447).then(t.bind(t,61897)))),"v-1e465ab0":(0,n.RC)((()=>t.e(7858).then(t.bind(t,68772)))),"v-1080fb37":(0,n.RC)((()=>t.e(8529).then(t.bind(t,68123)))),"v-317fc580":(0,n.RC)((()=>t.e(9393).then(t.bind(t,19018)))),"v-45144c7f":(0,n.RC)((()=>t.e(8064).then(t.bind(t,46163)))),"v-23fbd2d0":(0,n.RC)((()=>t.e(6907).then(t.bind(t,97590)))),"v-2b7ec525":(0,n.RC)((()=>t.e(9046).then(t.bind(t,10388)))),"v-5ab92300":(0,n.RC)((()=>t.e(6971).then(t.bind(t,11424)))),"v-f91d64d6":(0,n.RC)((()=>t.e(683).then(t.bind(t,49750)))),"v-268cd669":(0,n.RC)((()=>t.e(8140).then(t.bind(t,30018)))),"v-4492d567":(0,n.RC)((()=>t.e(4732).then(t.bind(t,45002)))),"v-0d0e1e92":(0,n.RC)((()=>t.e(9027).then(t.bind(t,44260)))),"v-4bbe1d5a":(0,n.RC)((()=>t.e(4339).then(t.bind(t,36721)))),"v-16426d1a":(0,n.RC)((()=>t.e(3446).then(t.bind(t,28084)))),"v-5de780d0":(0,n.RC)((()=>t.e(8488).then(t.bind(t,95197)))),"v-f88d343e":(0,n.RC)((()=>t.e(2927).then(t.bind(t,4186)))),"v-38d56a07":(0,n.RC)((()=>t.e(9238).then(t.bind(t,56279)))),"v-4d046016":(0,n.RC)((()=>t.e(5073).then(t.bind(t,79777)))),"v-22b35270":(0,n.RC)((()=>t.e(7975).then(t.bind(t,21034)))),"v-30bd7c12":(0,n.RC)((()=>t.e(9492).then(t.bind(t,63393)))),"v-439608b6":(0,n.RC)((()=>t.e(404).then(t.bind(t,46638)))),"v-51a51d87":(0,n.RC)((()=>t.e(2385).then(t.bind(t,39020)))),"v-76b9a0f3":(0,n.RC)((()=>t.e(788).then(t.bind(t,6511)))),"v-565dbfc4":(0,n.RC)((()=>t.e(4376).then(t.bind(t,75022)))),"v-0fbd1336":(0,n.RC)((()=>t.e(5062).then(t.bind(t,52072)))),"v-a0627812":(0,n.RC)((()=>t.e(8750).then(t.bind(t,89758)))),"v-d190d938":(0,n.RC)((()=>t.e(4746).then(t.bind(t,45794)))),"v-72afc2d2":(0,n.RC)((()=>t.e(8551).then(t.bind(t,61741)))),"v-773d731c":(0,n.RC)((()=>t.e(3834).then(t.bind(t,27839)))),"v-f555fc02":(0,n.RC)((()=>t.e(8662).then(t.bind(t,54050)))),"v-e35196c2":(0,n.RC)((()=>t.e(9279).then(t.bind(t,38479)))),"v-29188644":(0,n.RC)((()=>t.e(4316).then(t.bind(t,89709)))),"v-255a6ebf":(0,n.RC)((()=>t.e(3091).then(t.bind(t,66388)))),"v-8cc24480":(0,n.RC)((()=>t.e(2475).then(t.bind(t,31593)))),"v-64e47ef4":(0,n.RC)((()=>t.e(9886).then(t.bind(t,36986)))),"v-e979b848":(0,n.RC)((()=>t.e(346).then(t.bind(t,35569)))),"v-617f0fcf":(0,n.RC)((()=>t.e(202).then(t.bind(t,30604)))),"v-3fc98845":(0,n.RC)((()=>t.e(5500).then(t.bind(t,50438)))),"v-63077cb6":(0,n.RC)((()=>t.e(9685).then(t.bind(t,65362)))),"v-516476d4":(0,n.RC)((()=>t.e(3778).then(t.bind(t,51358)))),"v-7d61a872":(0,n.RC)((()=>t.e(8813).then(t.bind(t,11049)))),"v-6e50feb6":(0,n.RC)((()=>t.e(6665).then(t.bind(t,57375)))),"v-02956db7":(0,n.RC)((()=>t.e(6018).then(t.bind(t,84462)))),"v-797f8d25":(0,n.RC)((()=>t.e(9820).then(t.bind(t,74514)))),"v-3eb3e9c6":(0,n.RC)((()=>t.e(3818).then(t.bind(t,50413)))),"v-2c6058d4":(0,n.RC)((()=>t.e(5531).then(t.bind(t,73351)))),"v-1c38292a":(0,n.RC)((()=>t.e(4507).then(t.bind(t,46848)))),"v-1a7f9d6e":(0,n.RC)((()=>t.e(7186).then(t.bind(t,94302)))),"v-79d41176":(0,n.RC)((()=>t.e(4023).then(t.bind(t,61423)))),"v-5254cbc6":(0,n.RC)((()=>t.e(8169).then(t.bind(t,91213)))),"v-9520f392":(0,n.RC)((()=>t.e(7322).then(t.bind(t,74921)))),"v-b7760e2c":(0,n.RC)((()=>t.e(6448).then(t.bind(t,87214)))),"v-fb774212":(0,n.RC)((()=>t.e(6416).then(t.bind(t,40937)))),"v-38c376c1":(0,n.RC)((()=>t.e(9115).then(t.bind(t,58316)))),"v-21bccd79":(0,n.RC)((()=>t.e(8444).then(t.bind(t,87300)))),"v-27001935":(0,n.RC)((()=>t.e(3907).then(t.bind(t,38687)))),"v-21b30c3f":(0,n.RC)((()=>t.e(6280).then(t.bind(t,69300)))),"v-94110980":(0,n.RC)((()=>t.e(6499).then(t.bind(t,57309)))),"v-789ba7ef":(0,n.RC)((()=>t.e(6765).then(t.bind(t,60900)))),"v-d3712ade":(0,n.RC)((()=>t.e(6940).then(t.bind(t,63194)))),"v-41f9c00e":(0,n.RC)((()=>t.e(735).then(t.bind(t,26973)))),"v-4c013f47":(0,n.RC)((()=>t.e(7e3).then(t.bind(t,20505)))),"v-a75683b8":(0,n.RC)((()=>t.e(4922).then(t.bind(t,97337)))),"v-f5341aec":(0,n.RC)((()=>t.e(944).then(t.bind(t,66241)))),"v-4458f72a":(0,n.RC)((()=>t.e(2887).then(t.bind(t,52396)))),"v-f1802e66":(0,n.RC)((()=>t.e(8284).then(t.bind(t,85294)))),"v-4ca6f1ca":(0,n.RC)((()=>t.e(3775).then(t.bind(t,4562)))),"v-b0030f00":(0,n.RC)((()=>t.e(5656).then(t.bind(t,12944)))),"v-789ba80e":(0,n.RC)((()=>t.e(2578).then(t.bind(t,92939)))),"v-103b3e5c":(0,n.RC)((()=>t.e(9324).then(t.bind(t,78696)))),"v-110dd688":(0,n.RC)((()=>t.e(3177).then(t.bind(t,3439)))),"v-c425a7d4":(0,n.RC)((()=>t.e(8282).then(t.bind(t,26587)))),"v-c0bbf696":(0,n.RC)((()=>t.e(2261).then(t.bind(t,45028)))),"v-5b6477cc":(0,n.RC)((()=>t.e(5745).then(t.bind(t,85950)))),"v-789ba82d":(0,n.RC)((()=>t.e(8225).then(t.bind(t,52730)))),"v-05ddc65d":(0,n.RC)((()=>t.e(1195).then(t.bind(t,34900)))),"v-1f3a890a":(0,n.RC)((()=>t.e(9915).then(t.bind(t,64639)))),"v-930ac920":(0,n.RC)((()=>t.e(1241).then(t.bind(t,20854)))),"v-c579975c":(0,n.RC)((()=>t.e(9139).then(t.bind(t,34074)))),"v-7efb7c68":(0,n.RC)((()=>t.e(2109).then(t.bind(t,84493)))),"v-12a33bee":(0,n.RC)((()=>t.e(2547).then(t.bind(t,79264)))),"v-7d2b8478":(0,n.RC)((()=>t.e(5151).then(t.bind(t,77376)))),"v-7689d7f3":(0,n.RC)((()=>t.e(1138).then(t.bind(t,39017)))),"v-3706649a":(0,n.RC)((()=>t.e(88).then(t.bind(t,3881))))}},59706:(e,l,t)=>{t.d(l,{T:()=>n});const n={"v-8daa1a0e":()=>t.e(2509).then(t.bind(t,76464)).then((({data:e})=>e)),"v-aad48c6a":()=>t.e(8015).then(t.bind(t,16770)).then((({data:e})=>e)),"v-ba934fd8":()=>t.e(5605).then(t.bind(t,35341)).then((({data:e})=>e)),"v-41ade9da":()=>t.e(8028).then(t.bind(t,39974)).then((({data:e})=>e)),"v-83dedd38":()=>t.e(9549).then(t.bind(t,26021)).then((({data:e})=>e)),"v-192a19b9":()=>t.e(1888).then(t.bind(t,16124)).then((({data:e})=>e)),"v-7f6279d8":()=>t.e(569).then(t.bind(t,50604)).then((({data:e})=>e)),"v-1d860c29":()=>t.e(3994).then(t.bind(t,803)).then((({data:e})=>e)),"v-2367d756":()=>t.e(1783).then(t.bind(t,82404)).then((({data:e})=>e)),"v-4ebec35a":()=>t.e(8286).then(t.bind(t,50788)).then((({data:e})=>e)),"v-31b7756a":()=>t.e(9218).then(t.bind(t,94696)).then((({data:e})=>e)),"v-70677432":()=>t.e(2015).then(t.bind(t,50630)).then((({data:e})=>e)),"v-7e21d6ae":()=>t.e(1835).then(t.bind(t,12655)).then((({data:e})=>e)),"v-e3dfff38":()=>t.e(5170).then(t.bind(t,72045)).then((({data:e})=>e)),"v-f7496066":()=>t.e(2504).then(t.bind(t,5621)).then((({data:e})=>e)),"v-36b1a79b":()=>t.e(7578).then(t.bind(t,38136)).then((({data:e})=>e)),"v-09a64f89":()=>t.e(7693).then(t.bind(t,32697)).then((({data:e})=>e)),"v-2b1adf48":()=>t.e(1992).then(t.bind(t,97916)).then((({data:e})=>e)),"v-86ee963a":()=>t.e(4457).then(t.bind(t,94010)).then((({data:e})=>e)),"v-0e5d7b39":()=>t.e(1605).then(t.bind(t,3910)).then((({data:e})=>e)),"v-2d0a870d":()=>t.e(3835).then(t.bind(t,32308)).then((({data:e})=>e)),"v-0d714d87":()=>t.e(3767).then(t.bind(t,69534)).then((({data:e})=>e)),"v-0da7880a":()=>t.e(322).then(t.bind(t,88169)).then((({data:e})=>e)),"v-2aeb21f9":()=>t.e(7625).then(t.bind(t,85531)).then((({data:e})=>e)),"v-3acf20ea":()=>t.e(8628).then(t.bind(t,11996)).then((({data:e})=>e)),"v-792e28f8":()=>t.e(9372).then(t.bind(t,68799)).then((({data:e})=>e)),"v-b50d2334":()=>t.e(1050).then(t.bind(t,3765)).then((({data:e})=>e)),"v-593408b0":()=>t.e(7371).then(t.bind(t,53293)).then((({data:e})=>e)),"v-802a842a":()=>t.e(2759).then(t.bind(t,9656)).then((({data:e})=>e)),"v-29995cea":()=>t.e(3127).then(t.bind(t,30401)).then((({data:e})=>e)),"v-2a1b3d72":()=>t.e(9193).then(t.bind(t,70910)).then((({data:e})=>e)),"v-fb92e8aa":()=>t.e(3651).then(t.bind(t,73319)).then((({data:e})=>e)),"v-167afaac":()=>t.e(3737).then(t.bind(t,63872)).then((({data:e})=>e)),"v-749ad71a":()=>t.e(1259).then(t.bind(t,2414)).then((({data:e})=>e)),"v-6d39b970":()=>t.e(1381).then(t.bind(t,50795)).then((({data:e})=>e)),"v-d76e893a":()=>t.e(8800).then(t.bind(t,82809)).then((({data:e})=>e)),"v-c6b4b59e":()=>t.e(373).then(t.bind(t,13659)).then((({data:e})=>e)),"v-7b293e4a":()=>t.e(6553).then(t.bind(t,16398)).then((({data:e})=>e)),"v-15f5452a":()=>t.e(8424).then(t.bind(t,55415)).then((({data:e})=>e)),"v-5797bdb3":()=>t.e(1067).then(t.bind(t,20771)).then((({data:e})=>e)),"v-a60f016c":()=>t.e(6550).then(t.bind(t,39472)).then((({data:e})=>e)),"v-413cee4b":()=>t.e(9691).then(t.bind(t,76177)).then((({data:e})=>e)),"v-208ca3b9":()=>t.e(2243).then(t.bind(t,68826)).then((({data:e})=>e)),"v-775db7b1":()=>t.e(5135).then(t.bind(t,95596)).then((({data:e})=>e)),"v-2877542a":()=>t.e(1393).then(t.bind(t,55749)).then((({data:e})=>e)),"v-03a28284":()=>t.e(7021).then(t.bind(t,99615)).then((({data:e})=>e)),"v-3167b1dd":()=>t.e(2017).then(t.bind(t,41855)).then((({data:e})=>e)),"v-8f08dbec":()=>t.e(5372).then(t.bind(t,58980)).then((({data:e})=>e)),"v-33b1b709":()=>t.e(3745).then(t.bind(t,61661)).then((({data:e})=>e)),"v-1ff57bba":()=>t.e(5890).then(t.bind(t,16075)).then((({data:e})=>e)),"v-6a9e8054":()=>t.e(3902).then(t.bind(t,14536)).then((({data:e})=>e)),"v-95e3eaea":()=>t.e(5650).then(t.bind(t,8048)).then((({data:e})=>e)),"v-61e7eea6":()=>t.e(152).then(t.bind(t,37777)).then((({data:e})=>e)),"v-6e6c37e6":()=>t.e(8334).then(t.bind(t,27474)).then((({data:e})=>e)),"v-13168a21":()=>t.e(59).then(t.bind(t,83358)).then((({data:e})=>e)),"v-5c48c82b":()=>t.e(224).then(t.bind(t,93766)).then((({data:e})=>e)),"v-1ee591a8":()=>t.e(1327).then(t.bind(t,52102)).then((({data:e})=>e)),"v-3f09dcfa":()=>t.e(9789).then(t.bind(t,30529)).then((({data:e})=>e)),"v-fb444906":()=>t.e(3468).then(t.bind(t,92488)).then((({data:e})=>e)),"v-075f3ae5":()=>t.e(8945).then(t.bind(t,22644)).then((({data:e})=>e)),"v-726d0633":()=>t.e(966).then(t.bind(t,83463)).then((({data:e})=>e)),"v-430c6ab8":()=>t.e(1232).then(t.bind(t,29713)).then((({data:e})=>e)),"v-717c6376":()=>t.e(9346).then(t.bind(t,19481)).then((({data:e})=>e)),"v-278039be":()=>t.e(7147).then(t.bind(t,32580)).then((({data:e})=>e)),"v-a0c7f88e":()=>t.e(7964).then(t.bind(t,80918)).then((({data:e})=>e)),"v-86586ca2":()=>t.e(8512).then(t.bind(t,97633)).then((({data:e})=>e)),"v-3eb62514":()=>t.e(8403).then(t.bind(t,13601)).then((({data:e})=>e)),"v-3f09dcbc":()=>t.e(8941).then(t.bind(t,83890)).then((({data:e})=>e)),"v-b21a2a20":()=>t.e(6515).then(t.bind(t,24366)).then((({data:e})=>e)),"v-da623318":()=>t.e(3430).then(t.bind(t,39587)).then((({data:e})=>e)),"v-fdd722ac":()=>t.e(6271).then(t.bind(t,99669)).then((({data:e})=>e)),"v-fa6d716e":()=>t.e(4473).then(t.bind(t,64930)).then((({data:e})=>e)),"v-2f29e106":()=>t.e(196).then(t.bind(t,67014)).then((({data:e})=>e)),"v-3f09dc7e":()=>t.e(1833).then(t.bind(t,24256)).then((({data:e})=>e)),"v-1c17916e":()=>t.e(6214).then(t.bind(t,78964)).then((({data:e})=>e)),"v-a001cfa6":()=>t.e(1941).then(t.bind(t,76939)).then((({data:e})=>e)),"v-46333b48":()=>t.e(3866).then(t.bind(t,41353)).then((({data:e})=>e)),"v-338bc63e":()=>t.e(8741).then(t.bind(t,32818)).then((({data:e})=>e)),"v-d68f7d58":()=>t.e(2946).then(t.bind(t,5017)).then((({data:e})=>e)),"v-e533e2c6":()=>t.e(6447).then(t.bind(t,1090)).then((({data:e})=>e)),"v-1e465ab0":()=>t.e(7858).then(t.bind(t,67457)).then((({data:e})=>e)),"v-1080fb37":()=>t.e(8529).then(t.bind(t,17887)).then((({data:e})=>e)),"v-317fc580":()=>t.e(9393).then(t.bind(t,31922)).then((({data:e})=>e)),"v-45144c7f":()=>t.e(8064).then(t.bind(t,98571)).then((({data:e})=>e)),"v-23fbd2d0":()=>t.e(6907).then(t.bind(t,4426)).then((({data:e})=>e)),"v-2b7ec525":()=>t.e(9046).then(t.bind(t,2975)).then((({data:e})=>e)),"v-5ab92300":()=>t.e(6971).then(t.bind(t,32861)).then((({data:e})=>e)),"v-f91d64d6":()=>t.e(683).then(t.bind(t,16693)).then((({data:e})=>e)),"v-268cd669":()=>t.e(8140).then(t.bind(t,9805)).then((({data:e})=>e)),"v-4492d567":()=>t.e(4732).then(t.bind(t,12612)).then((({data:e})=>e)),"v-0d0e1e92":()=>t.e(9027).then(t.bind(t,44206)).then((({data:e})=>e)),"v-4bbe1d5a":()=>t.e(4339).then(t.bind(t,6655)).then((({data:e})=>e)),"v-16426d1a":()=>t.e(3446).then(t.bind(t,23002)).then((({data:e})=>e)),"v-5de780d0":()=>t.e(8488).then(t.bind(t,75755)).then((({data:e})=>e)),"v-f88d343e":()=>t.e(2927).then(t.bind(t,73250)).then((({data:e})=>e)),"v-38d56a07":()=>t.e(9238).then(t.bind(t,10077)).then((({data:e})=>e)),"v-4d046016":()=>t.e(5073).then(t.bind(t,68758)).then((({data:e})=>e)),"v-22b35270":()=>t.e(7975).then(t.bind(t,44918)).then((({data:e})=>e)),"v-30bd7c12":()=>t.e(9492).then(t.bind(t,41044)).then((({data:e})=>e)),"v-439608b6":()=>t.e(404).then(t.bind(t,17572)).then((({data:e})=>e)),"v-51a51d87":()=>t.e(2385).then(t.bind(t,37148)).then((({data:e})=>e)),"v-76b9a0f3":()=>t.e(788).then(t.bind(t,70357)).then((({data:e})=>e)),"v-565dbfc4":()=>t.e(4376).then(t.bind(t,92207)).then((({data:e})=>e)),"v-0fbd1336":()=>t.e(5062).then(t.bind(t,60690)).then((({data:e})=>e)),"v-a0627812":()=>t.e(8750).then(t.bind(t,44832)).then((({data:e})=>e)),"v-d190d938":()=>t.e(4746).then(t.bind(t,74766)).then((({data:e})=>e)),"v-72afc2d2":()=>t.e(8551).then(t.bind(t,54457)).then((({data:e})=>e)),"v-773d731c":()=>t.e(3834).then(t.bind(t,91219)).then((({data:e})=>e)),"v-f555fc02":()=>t.e(8662).then(t.bind(t,73582)).then((({data:e})=>e)),"v-e35196c2":()=>t.e(9279).then(t.bind(t,38674)).then((({data:e})=>e)),"v-29188644":()=>t.e(4316).then(t.bind(t,34293)).then((({data:e})=>e)),"v-255a6ebf":()=>t.e(3091).then(t.bind(t,16431)).then((({data:e})=>e)),"v-8cc24480":()=>t.e(2475).then(t.bind(t,76115)).then((({data:e})=>e)),"v-64e47ef4":()=>t.e(9886).then(t.bind(t,36544)).then((({data:e})=>e)),"v-e979b848":()=>t.e(346).then(t.bind(t,27726)).then((({data:e})=>e)),"v-617f0fcf":()=>t.e(202).then(t.bind(t,10420)).then((({data:e})=>e)),"v-3fc98845":()=>t.e(5500).then(t.bind(t,2057)).then((({data:e})=>e)),"v-63077cb6":()=>t.e(9685).then(t.bind(t,60192)).then((({data:e})=>e)),"v-516476d4":()=>t.e(3778).then(t.bind(t,37322)).then((({data:e})=>e)),"v-7d61a872":()=>t.e(8813).then(t.bind(t,73872)).then((({data:e})=>e)),"v-6e50feb6":()=>t.e(6665).then(t.bind(t,62735)).then((({data:e})=>e)),"v-02956db7":()=>t.e(6018).then(t.bind(t,32849)).then((({data:e})=>e)),"v-797f8d25":()=>t.e(9820).then(t.bind(t,4754)).then((({data:e})=>e)),"v-3eb3e9c6":()=>t.e(3818).then(t.bind(t,31078)).then((({data:e})=>e)),"v-2c6058d4":()=>t.e(5531).then(t.bind(t,15399)).then((({data:e})=>e)),"v-1c38292a":()=>t.e(4507).then(t.bind(t,13312)).then((({data:e})=>e)),"v-1a7f9d6e":()=>t.e(7186).then(t.bind(t,56001)).then((({data:e})=>e)),"v-79d41176":()=>t.e(4023).then(t.bind(t,39431)).then((({data:e})=>e)),"v-5254cbc6":()=>t.e(8169).then(t.bind(t,52640)).then((({data:e})=>e)),"v-9520f392":()=>t.e(7322).then(t.bind(t,15212)).then((({data:e})=>e)),"v-b7760e2c":()=>t.e(6448).then(t.bind(t,64557)).then((({data:e})=>e)),"v-fb774212":()=>t.e(6416).then(t.bind(t,82423)).then((({data:e})=>e)),"v-38c376c1":()=>t.e(9115).then(t.bind(t,33200)).then((({data:e})=>e)),"v-21bccd79":()=>t.e(8444).then(t.bind(t,62726)).then((({data:e})=>e)),"v-27001935":()=>t.e(3907).then(t.bind(t,61193)).then((({data:e})=>e)),"v-21b30c3f":()=>t.e(6280).then(t.bind(t,69555)).then((({data:e})=>e)),"v-94110980":()=>t.e(6499).then(t.bind(t,38867)).then((({data:e})=>e)),"v-789ba7ef":()=>t.e(6765).then(t.bind(t,86662)).then((({data:e})=>e)),"v-d3712ade":()=>t.e(6940).then(t.bind(t,69442)).then((({data:e})=>e)),"v-41f9c00e":()=>t.e(735).then(t.bind(t,59995)).then((({data:e})=>e)),"v-4c013f47":()=>t.e(7e3).then(t.bind(t,56084)).then((({data:e})=>e)),"v-a75683b8":()=>t.e(4922).then(t.bind(t,73966)).then((({data:e})=>e)),"v-f5341aec":()=>t.e(944).then(t.bind(t,30462)).then((({data:e})=>e)),"v-4458f72a":()=>t.e(2887).then(t.bind(t,7202)).then((({data:e})=>e)),"v-f1802e66":()=>t.e(8284).then(t.bind(t,35815)).then((({data:e})=>e)),"v-4ca6f1ca":()=>t.e(3775).then(t.bind(t,8882)).then((({data:e})=>e)),"v-b0030f00":()=>t.e(5656).then(t.bind(t,32286)).then((({data:e})=>e)),"v-789ba80e":()=>t.e(2578).then(t.bind(t,88396)).then((({data:e})=>e)),"v-103b3e5c":()=>t.e(9324).then(t.bind(t,89515)).then((({data:e})=>e)),"v-110dd688":()=>t.e(3177).then(t.bind(t,46956)).then((({data:e})=>e)),"v-c425a7d4":()=>t.e(8282).then(t.bind(t,71389)).then((({data:e})=>e)),"v-c0bbf696":()=>t.e(2261).then(t.bind(t,38790)).then((({data:e})=>e)),"v-5b6477cc":()=>t.e(5745).then(t.bind(t,80515)).then((({data:e})=>e)),"v-789ba82d":()=>t.e(8225).then(t.bind(t,95833)).then((({data:e})=>e)),"v-05ddc65d":()=>t.e(1195).then(t.bind(t,4614)).then((({data:e})=>e)),"v-1f3a890a":()=>t.e(9915).then(t.bind(t,35364)).then((({data:e})=>e)),"v-930ac920":()=>t.e(1241).then(t.bind(t,51354)).then((({data:e})=>e)),"v-c579975c":()=>t.e(9139).then(t.bind(t,70632)).then((({data:e})=>e)),"v-7efb7c68":()=>t.e(2109).then(t.bind(t,28537)).then((({data:e})=>e)),"v-12a33bee":()=>t.e(2547).then(t.bind(t,63324)).then((({data:e})=>e)),"v-7d2b8478":()=>t.e(5151).then(t.bind(t,67017)).then((({data:e})=>e)),"v-7689d7f3":()=>t.e(1138).then(t.bind(t,99029)).then((({data:e})=>e)),"v-3706649a":()=>t.e(88).then(t.bind(t,21801)).then((({data:e})=>e))}},84634:(e,l,t)=>{t.d(l,{g:()=>i});var n=t(74802);const i=[["v-8daa1a0e","/","",["/index.html","/README.md"]],["v-aad48c6a","/about/news.html","大史记",["/about/news","/about/news.md"]],["v-ba934fd8","/config/","配置文件",["/config/index.html","/config/README.md"]],["v-41ade9da","/config/api.html","API 接口",["/config/api","/config/api.md"]],["v-83dedd38","/config/dns.html","内置 DNS 服务器",["/config/dns","/config/dns.md"]],["v-192a19b9","/config/fakedns.html","FakeDNS",["/config/fakedns","/config/fakedns.md"]],["v-7f6279d8","/config/inbound.html","入站代理",["/config/inbound","/config/inbound.md"]],["v-1d860c29","/config/log.html","日志配置",["/config/log","/config/log.md"]],["v-2367d756","/config/outbound.html","出站代理",["/config/outbound","/config/outbound.md"]],["v-4ebec35a","/config/policy.html","本地策略",["/config/policy","/config/policy.md"]],["v-31b7756a","/config/reverse.html","反向代理",["/config/reverse","/config/reverse.md"]],["v-70677432","/config/routing.html","路由",["/config/routing","/config/routing.md"]],["v-7e21d6ae","/config/stats.html","统计信息",["/config/stats","/config/stats.md"]],["v-e3dfff38","/config/transport.html","传输方式",["/config/transport","/config/transport.md"]],["v-f7496066","/development/","开发指南",["/development/index.html","/development/README.md"]],["v-36b1a79b","/document/","快速入门",["/document/index.html","/document/README.md"]],["v-09a64f89","/document/command.html","命令参数",["/document/command","/document/command.md"]],["v-2b1adf48","/document/config.html","配置运行",["/document/config","/document/config.md"]],["v-86ee963a","/document/document.html","为 Project X 的文档贡献",["/document/document","/document/document.md"]],["v-0e5d7b39","/document/install.html","下载安装",["/document/install","/document/install.md"]],["v-2d0a870d","/en/","",["/en/index.html","/en/README.md"]],["v-0d714d87","/config/features/browser_dialer.html","Browser Dialer",["/config/features/browser_dialer","/config/features/browser_dialer.md"]],["v-0da7880a","/config/features/env.html","环境变量",["/config/features/env","/config/features/env.md"]],["v-2aeb21f9","/config/features/fallback.html","Fallback 回落",["/config/features/fallback","/config/features/fallback.md"]],["v-3acf20ea","/config/features/multiple.html","多文件配置",["/config/features/multiple","/config/features/multiple.md"]],["v-792e28f8","/config/features/xtls.html","XTLS 深度剖析",["/config/features/xtls","/config/features/xtls.md"]],["v-b50d2334","/config/inbounds/dokodemo.html","Dokodemo-Door",["/config/inbounds/dokodemo","/config/inbounds/dokodemo.md"]],["v-593408b0","/config/inbounds/http.html","HTTP",["/config/inbounds/http","/config/inbounds/http.md"]],["v-802a842a","/config/inbounds/shadowsocks.html","Shadowsocks",["/config/inbounds/shadowsocks","/config/inbounds/shadowsocks.md"]],["v-29995cea","/config/inbounds/socks.html","Socks",["/config/inbounds/socks","/config/inbounds/socks.md"]],["v-2a1b3d72","/config/inbounds/trojan.html","Trojan",["/config/inbounds/trojan","/config/inbounds/trojan.md"]],["v-fb92e8aa","/config/inbounds/vless.html","VLESS",["/config/inbounds/vless","/config/inbounds/vless.md"]],["v-167afaac","/config/inbounds/vmess.html","VMess",["/config/inbounds/vmess","/config/inbounds/vmess.md"]],["v-749ad71a","/config/outbounds/blackhole.html","Blackhole",["/config/outbounds/blackhole","/config/outbounds/blackhole.md"]],["v-6d39b970","/config/outbounds/dns.html","DNS",["/config/outbounds/dns","/config/outbounds/dns.md"]],["v-d76e893a","/config/outbounds/freedom.html","Freedom",["/config/outbounds/freedom","/config/outbounds/freedom.md"]],["v-c6b4b59e","/config/outbounds/http.html","HTTP",["/config/outbounds/http","/config/outbounds/http.md"]],["v-7b293e4a","/config/outbounds/shadowsocks.html","Shadowsocks",["/config/outbounds/shadowsocks","/config/outbounds/shadowsocks.md"]],["v-15f5452a","/config/outbounds/socks.html","Socks",["/config/outbounds/socks","/config/outbounds/socks.md"]],["v-5797bdb3","/config/outbounds/trojan.html","Trojan",["/config/outbounds/trojan","/config/outbounds/trojan.md"]],["v-a60f016c","/config/outbounds/vless.html","VLESS",["/config/outbounds/vless","/config/outbounds/vless.md"]],["v-413cee4b","/config/outbounds/vmess.html","VMess",["/config/outbounds/vmess","/config/outbounds/vmess.md"]],["v-208ca3b9","/config/outbounds/wireguard.html","Wireguard",["/config/outbounds/wireguard","/config/outbounds/wireguard.md"]],["v-775db7b1","/config/transports/domainsocket.html","Domain Socket",["/config/transports/domainsocket","/config/transports/domainsocket.md"]],["v-2877542a","/config/transports/grpc.html","gRPC",["/config/transports/grpc","/config/transports/grpc.md"]],["v-03a28284","/config/transports/h2.html","HTTP/2",["/config/transports/h2","/config/transports/h2.md"]],["v-3167b1dd","/config/transports/mkcp.html","mKCP",["/config/transports/mkcp","/config/transports/mkcp.md"]],["v-8f08dbec","/config/transports/quic.html","QUIC",["/config/transports/quic","/config/transports/quic.md"]],["v-33b1b709","/config/transports/tcp.html","TCP",["/config/transports/tcp","/config/transports/tcp.md"]],["v-1ff57bba","/config/transports/websocket.html","WebSocket",["/config/transports/websocket","/config/transports/websocket.md"]],["v-6a9e8054","/development/intro/compile.html","编译文档",["/development/intro/compile","/development/intro/compile.md"]],["v-95e3eaea","/development/intro/design.html","设计目标",["/development/intro/design","/development/intro/design.md"]],["v-61e7eea6","/development/intro/guide.html","开发规范",["/development/intro/guide","/development/intro/guide.md"]],["v-6e6c37e6","/development/protocols/mkcp.html","mKCP 协议",["/development/protocols/mkcp","/development/protocols/mkcp.md"]],["v-13168a21","/development/protocols/muxcool.html","Mux.Cool 协议",["/development/protocols/muxcool","/development/protocols/muxcool.md"]],["v-5c48c82b","/development/protocols/vless.html","VLESS 协议",["/development/protocols/vless","/development/protocols/vless.md"]],["v-1ee591a8","/development/protocols/vmess.html","VMess 协议",["/development/protocols/vmess","/development/protocols/vmess.md"]],["v-3f09dcfa","/document/level-0/","小小白白话文",["/document/level-0/index.html","/document/level-0/README.md"]],["v-fb444906","/document/level-0/ch01-preface.html","【第 1 章】 小小白白话文",["/document/level-0/ch01-preface","/document/level-0/ch01-preface.md"]],["v-075f3ae5","/document/level-0/ch02-preparation.html","【第 2 章】原料准备篇",["/document/level-0/ch02-preparation","/document/level-0/ch02-preparation.md"]],["v-726d0633","/document/level-0/ch03-ssh.html","【第 3 章】远程登录篇",["/document/level-0/ch03-ssh","/document/level-0/ch03-ssh.md"]],["v-430c6ab8","/document/level-0/ch04-security.html","【第 4 章】安全防护篇",["/document/level-0/ch04-security","/document/level-0/ch04-security.md"]],["v-717c6376","/document/level-0/ch05-webpage.html","【第 5 章】网站建设篇",["/document/level-0/ch05-webpage","/document/level-0/ch05-webpage.md"]],["v-278039be","/document/level-0/ch06-certificates.html","【第 6 章】证书管理篇",["/document/level-0/ch06-certificates","/document/level-0/ch06-certificates.md"]],["v-a0c7f88e","/document/level-0/ch07-xray-server.html","【第 7 章】Xray 服务器篇",["/document/level-0/ch07-xray-server","/document/level-0/ch07-xray-server.md"]],["v-86586ca2","/document/level-0/ch08-xray-clients.html","【第 8 章】Xray 客户端篇",["/document/level-0/ch08-xray-clients","/document/level-0/ch08-xray-clients.md"]],["v-3eb62514","/document/level-0/ch09-appendix.html","【第 9 章】附录",["/document/level-0/ch09-appendix","/document/level-0/ch09-appendix.md"]],["v-3f09dcbc","/document/level-1/","入门技巧",["/document/level-1/index.html","/document/level-1/README.md"]],["v-b21a2a20","/document/level-1/fallbacks-lv1.html","回落 (fallbacks) 功能简析",["/document/level-1/fallbacks-lv1","/document/level-1/fallbacks-lv1.md"]],["v-da623318","/document/level-1/fallbacks-with-sni.html","SNI 回落",["/document/level-1/fallbacks-with-sni","/document/level-1/fallbacks-with-sni.md"]],["v-fdd722ac","/document/level-1/routing-lv1-part1.html","路由 (routing) 功能简析(上)",["/document/level-1/routing-lv1-part1","/document/level-1/routing-lv1-part1.md"]],["v-fa6d716e","/document/level-1/routing-lv1-part2.html","路由 (routing) 功能简析(下)",["/document/level-1/routing-lv1-part2","/document/level-1/routing-lv1-part2.md"]],["v-2f29e106","/document/level-1/work.html","Xray 的工作模式",["/document/level-1/work","/document/level-1/work.md"]],["v-3f09dc7e","/document/level-2/","进阶文档",["/document/level-2/index.html","/document/level-2/README.md"]],["v-1c17916e","/document/level-2/iptables_gid.html","GID 透明代理",["/document/level-2/iptables_gid","/document/level-2/iptables_gid.md"]],["v-a001cfa6","/document/level-2/nginx_or_haproxy_tls_tunnel.html","Nginx 或 Haproxy 搭建 TLS 隧道隐藏指纹",["/document/level-2/nginx_or_haproxy_tls_tunnel","/document/level-2/nginx_or_haproxy_tls_tunnel.md"]],["v-46333b48","/document/level-2/redirect.html","出站流量重定向",["/document/level-2/redirect","/document/level-2/redirect.md"]],["v-338bc63e","/document/level-2/tproxy.html","TProxy 透明代理",["/document/level-2/tproxy","/document/level-2/tproxy.md"]],["v-d68f7d58","/document/level-2/tproxy_ipv4_and_ipv6.html","TProxy 透明代理 (ipv4 and ipv6)",["/document/level-2/tproxy_ipv4_and_ipv6","/document/level-2/tproxy_ipv4_and_ipv6.md"]],["v-e533e2c6","/document/level-2/traffic_stats.html","流量统计",["/document/level-2/traffic_stats","/document/level-2/traffic_stats.md"]],["v-1e465ab0","/document/level-2/warp.html","通过 Cloudflare Warp 增强代理安全性",["/document/level-2/warp","/document/level-2/warp.md"]],["v-1080fb37","/en/about/news.html","大史记",["/en/about/news","/en/about/news.md"]],["v-317fc580","/en/config/","Configurations",["/en/config/index.html","/en/config/README.md"]],["v-45144c7f","/en/config/api.html","API Interface",["/en/config/api","/en/config/api.md"]],["v-23fbd2d0","/en/config/dns.html","Built-in DNS Server",["/en/config/dns","/en/config/dns.md"]],["v-2b7ec525","/en/config/fakedns.html","FakeDNS",["/en/config/fakedns","/en/config/fakedns.md"]],["v-5ab92300","/en/config/inbound.html","Inbound Proxy",["/en/config/inbound","/en/config/inbound.md"]],["v-f91d64d6","/en/config/log.html","Log Configuration",["/en/config/log","/en/config/log.md"]],["v-268cd669","/en/config/outbound.html","Outbound Proxies",["/en/config/outbound","/en/config/outbound.md"]],["v-4492d567","/en/config/policy.html","Local Policy",["/en/config/policy","/en/config/policy.md"]],["v-0d0e1e92","/en/config/reverse.html","Reverse Proxy",["/en/config/reverse","/en/config/reverse.md"]],["v-4bbe1d5a","/en/config/routing.html","Routing",["/en/config/routing","/en/config/routing.md"]],["v-16426d1a","/en/config/stats.html","Traffic Statistics",["/en/config/stats","/en/config/stats.md"]],["v-5de780d0","/en/config/transport.html","Transport Protocol",["/en/config/transport","/en/config/transport.md"]],["v-f88d343e","/en/development/","Development Guide",["/en/development/index.html","/en/development/README.md"]],["v-38d56a07","/en/document/","Quick Start",["/en/document/index.html","/en/document/README.md"]],["v-4d046016","/en/document/command.html","Command Parameters",["/en/document/command","/en/document/command.md"]],["v-22b35270","/en/document/config.html","Configure and Run",["/en/document/config","/en/document/config.md"]],["v-30bd7c12","/en/document/document.html","Contribute to Project X's Document",["/en/document/document","/en/document/document.md"]],["v-439608b6","/en/document/install.html","Download and Install",["/en/document/install","/en/document/install.md"]],["v-51a51d87","/document/level-2/transparent_proxy/transparent_proxy.html","透明代理入门",["/document/level-2/transparent_proxy/transparent_proxy","/document/level-2/transparent_proxy/transparent_proxy.md"]],["v-76b9a0f3","/en/config/features/browser_dialer.html","Browser Dialer",["/en/config/features/browser_dialer","/en/config/features/browser_dialer.md"]],["v-565dbfc4","/en/config/features/env.html","Environment Variables",["/en/config/features/env","/en/config/features/env.md"]],["v-0fbd1336","/en/config/features/fallback.html","Fallback",["/en/config/features/fallback","/en/config/features/fallback.md"]],["v-a0627812","/en/config/features/multiple.html","Multi-file configuration",["/en/config/features/multiple","/en/config/features/multiple.md"]],["v-d190d938","/en/config/features/xtls.html","Deep analysis of XTLS",["/en/config/features/xtls","/en/config/features/xtls.md"]],["v-72afc2d2","/en/config/inbounds/dokodemo.html","Dokodemo-Door",["/en/config/inbounds/dokodemo","/en/config/inbounds/dokodemo.md"]],["v-773d731c","/en/config/inbounds/http.html","HTTP",["/en/config/inbounds/http","/en/config/inbounds/http.md"]],["v-f555fc02","/en/config/inbounds/shadowsocks.html","Shadowsocks",["/en/config/inbounds/shadowsocks","/en/config/inbounds/shadowsocks.md"]],["v-e35196c2","/en/config/inbounds/socks.html","SOCKS",["/en/config/inbounds/socks","/en/config/inbounds/socks.md"]],["v-29188644","/en/config/inbounds/trojan.html","Trojan",["/en/config/inbounds/trojan","/en/config/inbounds/trojan.md"]],["v-255a6ebf","/en/config/inbounds/vless.html","VLESS",["/en/config/inbounds/vless","/en/config/inbounds/vless.md"]],["v-8cc24480","/en/config/inbounds/vmess.html","VMess",["/en/config/inbounds/vmess","/en/config/inbounds/vmess.md"]],["v-64e47ef4","/en/config/outbounds/blackhole.html","Blackhole",["/en/config/outbounds/blackhole","/en/config/outbounds/blackhole.md"]],["v-e979b848","/en/config/outbounds/dns.html","DNS",["/en/config/outbounds/dns","/en/config/outbounds/dns.md"]],["v-617f0fcf","/en/config/outbounds/freedom.html","Freedom",["/en/config/outbounds/freedom","/en/config/outbounds/freedom.md"]],["v-3fc98845","/en/config/outbounds/http.html","HTTP",["/en/config/outbounds/http","/en/config/outbounds/http.md"]],["v-63077cb6","/en/config/outbounds/shadowsocks.html","Shadowsocks",["/en/config/outbounds/shadowsocks","/en/config/outbounds/shadowsocks.md"]],["v-516476d4","/en/config/outbounds/socks.html","Socks",["/en/config/outbounds/socks","/en/config/outbounds/socks.md"]],["v-7d61a872","/en/config/outbounds/trojan.html","Trojan",["/en/config/outbounds/trojan","/en/config/outbounds/trojan.md"]],["v-6e50feb6","/en/config/outbounds/vless.html","VLESS",["/en/config/outbounds/vless","/en/config/outbounds/vless.md"]],["v-02956db7","/en/config/outbounds/vmess.html","VMess",["/en/config/outbounds/vmess","/en/config/outbounds/vmess.md"]],["v-797f8d25","/en/config/outbounds/wireguard.html","Wireguard",["/en/config/outbounds/wireguard","/en/config/outbounds/wireguard.md"]],["v-3eb3e9c6","/en/config/transports/domainsocket.html","Domain Socket",["/en/config/transports/domainsocket","/en/config/transports/domainsocket.md"]],["v-2c6058d4","/en/config/transports/grpc.html","gRPC",["/en/config/transports/grpc","/en/config/transports/grpc.md"]],["v-1c38292a","/en/config/transports/h2.html","HTTP/2",["/en/config/transports/h2","/en/config/transports/h2.md"]],["v-1a7f9d6e","/en/config/transports/mkcp.html","mKCP",["/en/config/transports/mkcp","/en/config/transports/mkcp.md"]],["v-79d41176","/en/config/transports/quic.html","QUIC",["/en/config/transports/quic","/en/config/transports/quic.md"]],["v-5254cbc6","/en/config/transports/tcp.html","TCP",["/en/config/transports/tcp","/en/config/transports/tcp.md"]],["v-9520f392","/en/config/transports/websocket.html","WebSocket",["/en/config/transports/websocket","/en/config/transports/websocket.md"]],["v-b7760e2c","/en/development/intro/compile.html","Compile the document",["/en/development/intro/compile","/en/development/intro/compile.md"]],["v-fb774212","/en/development/intro/design.html","Design Objectives",["/en/development/intro/design","/en/development/intro/design.md"]],["v-38c376c1","/en/development/intro/guide.html","Development Standards",["/en/development/intro/guide","/en/development/intro/guide.md"]],["v-21bccd79","/en/development/protocols/mkcp.html","mKCP Protocol",["/en/development/protocols/mkcp","/en/development/protocols/mkcp.md"]],["v-27001935","/en/development/protocols/muxcool.html","Mux.Cool Protocol",["/en/development/protocols/muxcool","/en/development/protocols/muxcool.md"]],["v-21b30c3f","/en/development/protocols/vless.html","VLESS Protocol",["/en/development/protocols/vless","/en/development/protocols/vless.md"]],["v-94110980","/en/development/protocols/vmess.html","VMess Protocol",["/en/development/protocols/vmess","/en/development/protocols/vmess.md"]],["v-789ba7ef","/en/document/level-0/","Plain and Simple Language",["/en/document/level-0/index.html","/en/document/level-0/README.md"]],["v-d3712ade","/en/document/level-0/ch01-preface.html","[Chapter 1] Simple and Plain Language",["/en/document/level-0/ch01-preface","/en/document/level-0/ch01-preface.md"]],["v-41f9c00e","/en/document/level-0/ch02-preparation.html","[Chapter 2] Preparation of Raw Materials",["/en/document/level-0/ch02-preparation","/en/document/level-0/ch02-preparation.md"]],["v-4c013f47","/en/document/level-0/ch03-ssh.html","[Chapter 3] Remote Login",["/en/document/level-0/ch03-ssh","/en/document/level-0/ch03-ssh.md"]],["v-a75683b8","/en/document/level-0/ch04-security.html","[Chapter 4] Security and Protection",["/en/document/level-0/ch04-security","/en/document/level-0/ch04-security.md"]],["v-f5341aec","/en/document/level-0/ch05-webpage.html","Chapter 5: Website Building",["/en/document/level-0/ch05-webpage","/en/document/level-0/ch05-webpage.md"]],["v-4458f72a","/en/document/level-0/ch06-certificates.html","[Chapter 6] Certificate Management",["/en/document/level-0/ch06-certificates","/en/document/level-0/ch06-certificates.md"]],["v-f1802e66","/en/document/level-0/ch07-xray-server.html","【第 7 章】Xray 服务器篇",["/en/document/level-0/ch07-xray-server","/en/document/level-0/ch07-xray-server.md"]],["v-4ca6f1ca","/en/document/level-0/ch08-xray-clients.html","【第 8 章】Xray 客户端篇",["/en/document/level-0/ch08-xray-clients","/en/document/level-0/ch08-xray-clients.md"]],["v-b0030f00","/en/document/level-0/ch09-appendix.html","【第 9 章】附录",["/en/document/level-0/ch09-appendix","/en/document/level-0/ch09-appendix.md"]],["v-789ba80e","/en/document/level-1/","Beginner's Tips",["/en/document/level-1/index.html","/en/document/level-1/README.md"]],["v-103b3e5c","/en/document/level-1/fallbacks-lv1.html","回落 (fallbacks) 功能简析",["/en/document/level-1/fallbacks-lv1","/en/document/level-1/fallbacks-lv1.md"]],["v-110dd688","/en/document/level-1/fallbacks-with-sni.html","SNI fallback",["/en/document/level-1/fallbacks-with-sni","/en/document/level-1/fallbacks-with-sni.md"]],["v-c425a7d4","/en/document/level-1/routing-lv1-part1.html","路由 (routing) 功能简析(上)",["/en/document/level-1/routing-lv1-part1","/en/document/level-1/routing-lv1-part1.md"]],["v-c0bbf696","/en/document/level-1/routing-lv1-part2.html","路由 (routing) 功能简析(下)",["/en/document/level-1/routing-lv1-part2","/en/document/level-1/routing-lv1-part2.md"]],["v-5b6477cc","/en/document/level-1/work.html","Xray 的工作模式",["/en/document/level-1/work","/en/document/level-1/work.md"]],["v-789ba82d","/en/document/level-2/","Advanced Documentation",["/en/document/level-2/index.html","/en/document/level-2/README.md"]],["v-05ddc65d","/en/document/level-2/iptables_gid.html","Transparent proxy via GID",["/en/document/level-2/iptables_gid","/en/document/level-2/iptables_gid.md"]],["v-1f3a890a","/en/document/level-2/nginx_tls_tunnel.html","Nginx_TLS隧道隐藏指纹",["/en/document/level-2/nginx_tls_tunnel","/en/document/level-2/nginx_tls_tunnel.md"]],["v-930ac920","/en/document/level-2/redirect.html","出站流量重定向",["/en/document/level-2/redirect","/en/document/level-2/redirect.md"]],["v-c579975c","/en/document/level-2/tproxy.html","TProxy 透明代理",["/en/document/level-2/tproxy","/en/document/level-2/tproxy.md"]],["v-7efb7c68","/en/document/level-2/tproxy_ipv4_and_ipv6.html","TProxy 透明代理 (ipv4 and ipv6)",["/en/document/level-2/tproxy_ipv4_and_ipv6","/en/document/level-2/tproxy_ipv4_and_ipv6.md"]],["v-12a33bee","/en/document/level-2/traffic_stats.html","流量统计",["/en/document/level-2/traffic_stats","/en/document/level-2/traffic_stats.md"]],["v-7d2b8478","/en/document/level-2/warp.html","Enhancing Proxy Security with Cloudflare Warp",["/en/document/level-2/warp","/en/document/level-2/warp.md"]],["v-7689d7f3","/en/document/level-2/transparent_proxy/transparent_proxy.html","透明代理入门",["/en/document/level-2/transparent_proxy/transparent_proxy","/en/document/level-2/transparent_proxy/transparent_proxy.md"]],["v-3706649a","/404.html","",["/404"]]].reduce(((e,[l,t,i,d])=>(e.push({name:l,path:t,component:n.Y,meta:{title:i}},...d.map((e=>({path:e,redirect:t})))),e)),[{name:"404",path:"/:catchAll(.*)",component:n.Y}])},85472:(e,l,t)=>{t.d(l,{D:()=>n});const n=[{title:"",headers:[{level:2,title:"XTLS ? Xray ? V2Ray ?",slug:"xtls-xray-v2ray",children:[{level:3,title:"我们是谁?",slug:"我们是谁",children:[]},{level:3,title:"帮助 Xray 变得更强",slug:"帮助-xray-变得更强",children:[]},{level:3,title:"Telegram",slug:"telegram",children:[]},{level:3,title:"致谢",slug:"致谢",children:[]},{level:3,title:"更多关于 project X",slug:"更多关于-project-x",children:[]},{level:3,title:"License",slug:"license",children:[]},{level:3,title:"Stargazers over time",slug:"stargazers-over-time",children:[]}]}],path:"/",pathLocale:"/",extraFields:[]},{title:"大史记",headers:[{level:2,title:"2021.4.6",slug:"_2021-4-6",children:[]},{level:2,title:"2021.4.4",slug:"_2021-4-4",children:[]},{level:2,title:"2021.4.1 v1.4.2",slug:"_2021-4-1-v1-4-2",children:[]},{level:2,title:"2021.3.25",slug:"_2021-3-25",children:[]},{level:2,title:"2021.3.15",slug:"_2021-3-15",children:[]},{level:2,title:"2021.3.14 v1.4.0",slug:"_2021-3-14-v1-4-0",children:[]},{level:2,title:"2021.3.3 1.3.1",slug:"_2021-3-3-1-3-1",children:[]},{level:2,title:"2021.2.14 1.3.0",slug:"_2021-2-14-1-3-0",children:[]},{level:2,title:"2021.01.31 1.2.4",slug:"_2021-01-31-1-2-4",children:[]},{level:2,title:"2021.01.25",slug:"_2021-01-25",children:[]},{level:2,title:"2021.01.22 1.2.3",slug:"_2021-01-22-1-2-3",children:[]},{level:2,title:"2021.01.19",slug:"_2021-01-19",children:[]},{level:2,title:"2021.01.17",slug:"_2021-01-17",children:[]},{level:2,title:"2021.01.15 1.2.2",slug:"_2021-01-15-1-2-2",children:[]},{level:2,title:"2021.01.12",slug:"_2021-01-12",children:[]},{level:2,title:"2021.01.10 1.2.1",slug:"_2021-01-10-1-2-1",children:[]},{level:2,title:"2021.01.07",slug:"_2021-01-07",children:[]},{level:2,title:"2021.01.05",slug:"_2021-01-05",children:[]},{level:2,title:"2021.01.03",slug:"_2021-01-03",children:[]},{level:2,title:"2021.01.01",slug:"_2021-01-01",children:[]},{level:2,title:"2020.12.29",slug:"_2020-12-29",children:[]},{level:2,title:"2020.12.25 1.1.5",slug:"_2020-12-25-1-1-5",children:[]},{level:2,title:"2020.12.24",slug:"_2020-12-24",children:[]},{level:2,title:"2020.12.23",slug:"_2020-12-23",children:[]},{level:2,title:"2020.12.21",slug:"_2020-12-21",children:[]},{level:2,title:"2020.12.18 1.1.4",slug:"_2020-12-18-1-1-4",children:[]},{level:2,title:"2020.12.17",slug:"_2020-12-17",children:[]},{level:2,title:"2020.12.15",slug:"_2020-12-15",children:[]},{level:2,title:"2020.12.11 1.1.3",slug:"_2020-12-11-1-1-3",children:[]},{level:2,title:"2020.12.06 1.1.2",slug:"_2020-12-06-1-1-2",children:[]},{level:2,title:"2020.12.04",slug:"_2020-12-04",children:[]},{level:2,title:"2020.11.27",slug:"_2020-11-27",children:[]},{level:2,title:"2020.11.25 1.0.0",slug:"_2020-11-25-1-0-0",children:[]},{level:2,title:"2020.11.23",slug:"_2020-11-23",children:[]}],path:"/about/news.html",pathLocale:"/",extraFields:[]},{title:"配置文件",headers:[{level:2,title:"概述",slug:"概述",children:[]},{level:2,title:"基础配置模块",slug:"基础配置模块",children:[]}],path:"/config/",pathLocale:"/",extraFields:[]},{title:"API 接口",headers:[{level:2,title:"ApiObject",slug:"apiobject",children:[]},{level:2,title:"相关配置",slug:"相关配置",children:[]},{level:2,title:"支持的 API 列表",slug:"支持的-api-列表",children:[{level:3,title:"HandlerService",slug:"handlerservice",children:[]},{level:3,title:"LoggerService",slug:"loggerservice",children:[]},{level:3,title:"StatsService",slug:"statsservice",children:[]},{level:3,title:"ReflectionService",slug:"reflectionservice",children:[]}]},{level:2,title:"API 调用示例",slug:"api-调用示例",children:[]}],path:"/config/api.html",pathLocale:"/",extraFields:[]},{title:"内置 DNS 服务器",headers:[{level:2,title:"DNS 服务器",slug:"dns-服务器",children:[]},{level:2,title:"DNS 处理流程",slug:"dns-处理流程",children:[]},{level:2,title:"DnsObject",slug:"dnsobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/dns.html",pathLocale:"/",extraFields:[]},{title:"FakeDNS",headers:[{level:2,title:"FakeDNSObject",slug:"fakednsobject",children:[{level:3,title:"如何使用?",slug:"如何使用",children:[]},{level:3,title:"与其它类型 DNS 搭配使用",slug:"与其它类型-dns-搭配使用",children:[]}]}],path:"/config/fakedns.html",pathLocale:"/",extraFields:[]},{title:"入站代理",headers:[{level:2,title:"InboundObject",slug:"inboundobject",children:[{level:3,title:"SniffingObject",slug:"sniffingobject",children:[]},{level:3,title:"AllocateObject",slug:"allocateobject",children:[]}]}],path:"/config/inbound.html",pathLocale:"/",extraFields:[]},{title:"日志配置",headers:[{level:2,title:"LogObject",slug:"logobject",children:[]}],path:"/config/log.html",pathLocale:"/",extraFields:[]},{title:"出站代理",headers:[{level:2,title:"OutboundObject",slug:"outboundobject",children:[{level:3,title:"ProxySettingsObject",slug:"proxysettingsobject",children:[]},{level:3,title:"MuxObject",slug:"muxobject",children:[]}]}],path:"/config/outbound.html",pathLocale:"/",extraFields:[]},{title:"本地策略",headers:[{level:2,title:"PolicyObject",slug:"policyobject",children:[{level:3,title:"LevelPolicyObject",slug:"levelpolicyobject",children:[]},{level:3,title:"SystemPolicyObject",slug:"systempolicyobject",children:[]}]}],path:"/config/policy.html",pathLocale:"/",extraFields:[]},{title:"反向代理",headers:[{level:2,title:"ReverseObject",slug:"reverseobject",children:[{level:3,title:"BridgeObject",slug:"bridgeobject",children:[]},{level:3,title:"PortalObject",slug:"portalobject",children:[]}]},{level:2,title:"完整配置样例",slug:"完整配置样例",children:[{level:3,title:"bridge 配置",slug:"bridge-配置",children:[]},{level:3,title:"portal 配置",slug:"portal-配置",children:[]}]}],path:"/config/reverse.html",pathLocale:"/",extraFields:[]},{title:"路由",headers:[{level:2,title:"RoutingObject",slug:"routingobject",children:[{level:3,title:"RuleObject",slug:"ruleobject",children:[]},{level:3,title:"BalancerObject",slug:"balancerobject",children:[]},{level:3,title:"预定义域名列表",slug:"预定义域名列表",children:[]}]}],path:"/config/routing.html",pathLocale:"/",extraFields:[]},{title:"统计信息",headers:[{level:2,title:"StatsObject",slug:"statsobject",children:[]},{level:2,title:"获取统计信息",slug:"获取统计信息",children:[]}],path:"/config/stats.html",pathLocale:"/",extraFields:[]},{title:"传输方式",headers:[{level:2,title:"TransportObject",slug:"transportobject",children:[]},{level:2,title:"StreamSettingsObject",slug:"streamsettingsobject",children:[{level:3,title:"TLSObject",slug:"tlsobject",children:[]},{level:3,title:"RealityObject",slug:"realityobject",children:[]},{level:3,title:"SockoptObject",slug:"sockoptobject",children:[]}]}],path:"/config/transport.html",pathLocale:"/",extraFields:[]},{title:"开发指南",headers:[{level:2,title:"编译文档",slug:"编译文档",children:[]},{level:2,title:"设计思路",slug:"设计思路",children:[]},{level:2,title:"开发规范",slug:"开发规范",children:[]},{level:2,title:"协议详解",slug:"协议详解",children:[{level:3,title:"VLESS 协议",slug:"vless-协议",children:[]},{level:3,title:"VMess 协议",slug:"vmess-协议",children:[]},{level:3,title:"Mux.Cool 协议",slug:"mux-cool-协议",children:[]},{level:3,title:"mKCP 协议",slug:"mkcp-协议",children:[]}]}],path:"/development/",pathLocale:"/",extraFields:[]},{title:"快速入门",headers:[{level:2,title:"下载安装",slug:"下载安装",children:[]},{level:2,title:"配置运行",slug:"配置运行",children:[]},{level:2,title:"命令参数",slug:"命令参数",children:[]},{level:2,title:"改进文档",slug:"改进文档",children:[]},{level:2,title:"小小白白话文",slug:"小小白白话文",children:[]},{level:2,title:"入门技巧",slug:"入门技巧",children:[]},{level:2,title:"进阶文档",slug:"进阶文档",children:[]}],path:"/document/",pathLocale:"/",extraFields:[]},{title:"命令参数",headers:[{level:2,title:"获取基本命令",slug:"获取基本命令",children:[{level:3,title:"xray run",slug:"xray-run",children:[]},{level:3,title:"xray version",slug:"xray-version",children:[]},{level:3,title:"xray api",slug:"xray-api",children:[]},{level:3,title:"xray tls",slug:"xray-tls",children:[]},{level:3,title:"xray uuid",slug:"xray-uuid",children:[]}]}],path:"/document/command.html",pathLocale:"/",extraFields:[]},{title:"配置运行",headers:[{level:2,title:"服务端配置",slug:"服务端配置",children:[]},{level:2,title:"客户端配置",slug:"客户端配置",children:[]},{level:2,title:"运行",slug:"运行",children:[]}],path:"/document/config.html",pathLocale:"/",extraFields:[]},{title:"为 Project X 的文档贡献",headers:[{level:2,title:"改进文档",slug:"改进文档",children:[]},{level:2,title:"发现问题?",slug:"发现问题",children:[]}],path:"/document/document.html",pathLocale:"/",extraFields:[]},{title:"下载安装",headers:[{level:2,title:"平台支持",slug:"平台支持",children:[]},{level:2,title:"下载 Xray",slug:"下载-xray",children:[]},{level:2,title:"验证安装包",slug:"验证安装包",children:[]},{level:2,title:"Windows 安装方式",slug:"windows-安装方式",children:[]},{level:2,title:"macOS 安装方式",slug:"macos-安装方式",children:[]},{level:2,title:"Linux 安装方式",slug:"linux-安装方式",children:[{level:3,title:"安装脚本",slug:"安装脚本",children:[]},{level:3,title:"Arch Linux",slug:"arch-linux",children:[]},{level:3,title:"Linuxbrew",slug:"linuxbrew",children:[]},{level:3,title:"Debian",slug:"debian",children:[]},{level:3,title:"Gentoo",slug:"gentoo",children:[]}]},{level:2,title:"Docker 安装方式",slug:"docker-安装方式",children:[{level:3,title:"Docker image 的文件结构",slug:"docker-image-的文件结构",children:[]}]}],path:"/document/install.html",pathLocale:"/",extraFields:[]},{title:"",headers:[{level:2,title:"XTLS? Xray? V2Ray?",slug:"xtls-xray-v2ray",children:[{level:3,title:"Who are we?",slug:"who-are-we",children:[]},{level:3,title:"Help Xray become stronger",slug:"help-xray-become-stronger",children:[]},{level:3,title:"Telegram",slug:"telegram",children:[]},{level:3,title:"Thanks",slug:"thanks",children:[]},{level:3,title:"More about project X",slug:"more-about-project-x",children:[]},{level:3,title:"License",slug:"license",children:[]},{level:3,title:"Stargazers over time",slug:"stargazers-over-time",children:[]}]}],path:"/en/",pathLocale:"/en/",extraFields:[]},{title:"Browser Dialer",headers:[{level:2,title:"Background",slug:"background",children:[]},{level:2,title:"Xray & JS",slug:"xray-js",children:[]},{level:2,title:"Early data",slug:"early-data",children:[]},{level:2,title:"Configuration",slug:"configuration",children:[]}],path:"/config/features/browser_dialer.html",pathLocale:"/",extraFields:[]},{title:"环境变量",headers:[{level:2,title:"资源文件路径",slug:"资源文件路径",children:[]},{level:2,title:"配置文件位置",slug:"配置文件位置",children:[]},{level:2,title:"多配置目录",slug:"多配置目录",children:[]}],path:"/config/features/env.html",pathLocale:"/",extraFields:[]},{title:"Fallback 回落",headers:[{level:2,title:"fallbacks 配置",slug:"fallbacks-配置",children:[{level:3,title:"FallbackObject",slug:"fallbackobject",children:[]},{level:3,title:"补充说明",slug:"补充说明",children:[]}]},{level:2,title:"Fallbacks 设计理论",slug:"fallbacks-设计理论",children:[]}],path:"/config/features/fallback.html",pathLocale:"/",extraFields:[]},{title:"多文件配置",headers:[{level:2,title:"多文件启动",slug:"多文件启动",children:[]},{level:2,title:"规则说明",slug:"规则说明",children:[{level:3,title:"普通对象({})",slug:"普通对象",children:[]},{level:3,title:"数组([])",slug:"数组",children:[]}]},{level:2,title:"推荐的多文件列表",slug:"推荐的多文件列表",children:[]}],path:"/config/features/multiple.html",pathLocale:"/",extraFields:[]},{title:"XTLS 深度剖析",headers:[],path:"/config/features/xtls.html",pathLocale:"/",extraFields:[]},{title:"Dokodemo-Door",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[]},{level:2,title:"透明代理配置样例",slug:"透明代理配置样例",children:[]}],path:"/config/inbounds/dokodemo.html",pathLocale:"/",extraFields:[]},{title:"HTTP",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"AccountObject",slug:"accountobject",children:[]}]}],path:"/config/inbounds/http.html",pathLocale:"/",extraFields:[]},{title:"Shadowsocks",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[]},{level:2,title:"ClientObject",slug:"clientobject",children:[]}],path:"/config/inbounds/shadowsocks.html",pathLocale:"/",extraFields:[]},{title:"Socks",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"AccountObject",slug:"accountobject",children:[]}]}],path:"/config/inbounds/socks.html",pathLocale:"/",extraFields:[]},{title:"Trojan",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]}]}],path:"/config/inbounds/trojan.html",pathLocale:"/",extraFields:[]},{title:"VLESS",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]}]}],path:"/config/inbounds/vless.html",pathLocale:"/",extraFields:[]},{title:"VMess",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]},{level:3,title:"DetourObject",slug:"detourobject",children:[]},{level:3,title:"DefaultObject",slug:"defaultobject",children:[]}]}],path:"/config/inbounds/vmess.html",pathLocale:"/",extraFields:[]},{title:"Blackhole",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ResponseObject",slug:"responseobject",children:[]}]}],path:"/config/outbounds/blackhole.html",pathLocale:"/",extraFields:[]},{title:"DNS",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[]},{level:2,title:"DNS 配置实例",slug:"dns-配置实例",children:[]}],path:"/config/outbounds/dns.html",pathLocale:"/",extraFields:[]},{title:"Freedom",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[]}],path:"/config/outbounds/freedom.html",pathLocale:"/",extraFields:[]},{title:"HTTP",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/outbounds/http.html",pathLocale:"/",extraFields:[]},{title:"Shadowsocks",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/outbounds/shadowsocks.html",pathLocale:"/",extraFields:[]},{title:"Socks",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/outbounds/socks.html",pathLocale:"/",extraFields:[]},{title:"Trojan",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/outbounds/trojan.html",pathLocale:"/",extraFields:[]},{title:"VLESS",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]},{level:3,title:"UserObject",slug:"userobject",children:[]}]}],path:"/config/outbounds/vless.html",pathLocale:"/",extraFields:[]},{title:"VMess",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/outbounds/vmess.html",pathLocale:"/",extraFields:[]},{title:"Wireguard",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"Peers",slug:"peers",children:[]}]}],path:"/config/outbounds/wireguard.html",pathLocale:"/",extraFields:[]},{title:"Domain Socket",headers:[{level:2,title:"DomainSocketObject",slug:"domainsocketobject",children:[]}],path:"/config/transports/domainsocket.html",pathLocale:"/",extraFields:[]},{title:"gRPC",headers:[{level:2,title:"GRPCObject",slug:"grpcobject",children:[]}],path:"/config/transports/grpc.html",pathLocale:"/",extraFields:[]},{title:"HTTP/2",headers:[{level:2,title:"HttpObject",slug:"httpobject",children:[]}],path:"/config/transports/h2.html",pathLocale:"/",extraFields:[]},{title:"mKCP",headers:[{level:2,title:"KcpObject",slug:"kcpobject",children:[{level:3,title:"HeaderObject",slug:"headerobject",children:[]}]},{level:2,title:"鸣谢",slug:"鸣谢",children:[]},{level:2,title:"对 KCP 协议的改进",slug:"对-kcp-协议的改进",children:[{level:3,title:"更小的协议头",slug:"更小的协议头",children:[]},{level:3,title:"确认包重传",slug:"确认包重传",children:[]},{level:3,title:"连接状态控制",slug:"连接状态控制",children:[]}]}],path:"/config/transports/mkcp.html",pathLocale:"/",extraFields:[]},{title:"QUIC",headers:[{level:2,title:"QuicObject",slug:"quicobject",children:[{level:3,title:"HeaderObject",slug:"headerobject",children:[]}]}],path:"/config/transports/quic.html",pathLocale:"/",extraFields:[]},{title:"TCP",headers:[{level:2,title:"TcpObject",slug:"tcpobject",children:[{level:3,title:"NoneHeaderObject",slug:"noneheaderobject",children:[]},{level:3,title:"HttpHeaderObject",slug:"httpheaderobject",children:[]}]}],path:"/config/transports/tcp.html",pathLocale:"/",extraFields:[]},{title:"WebSocket",headers:[{level:2,title:"WebSocketObject",slug:"websocketobject",children:[]},{level:2,title:"Browser Dialer",slug:"browser-dialer",children:[]}],path:"/config/transports/websocket.html",pathLocale:"/",extraFields:[]},{title:"编译文档",headers:[{level:2,title:"前序工作",slug:"前序工作",children:[]},{level:2,title:"拉取 Xray 源代码",slug:"拉取-xray-源代码",children:[]},{level:2,title:"构建二进制",slug:"构建二进制",children:[{level:3,title:"Windows(Powershell):",slug:"windows-powershell",children:[]},{level:3,title:"macOS, Linux:",slug:"macos-linux",children:[]}]},{level:2,title:"交叉编译:",slug:"交叉编译",children:[]},{level:2,title:"可复现构建:",slug:"可复现构建",children:[]}],path:"/development/intro/compile.html",pathLocale:"/",extraFields:[]},{title:"设计目标",headers:[{level:2,title:"架构",slug:"架构",children:[{level:3,title:"应用层",slug:"应用层",children:[]},{level:3,title:"代理层",slug:"代理层",children:[]},{level:3,title:"传输层",slug:"传输层",children:[]}]}],path:"/development/intro/design.html",pathLocale:"/",extraFields:[]},{title:"开发规范",headers:[{level:2,title:"基本",slug:"基本",children:[{level:3,title:"版本控制",slug:"版本控制",children:[]},{level:3,title:"分支(Branch)",slug:"分支-branch",children:[]},{level:3,title:"发布(Release)",slug:"发布-release",children:[]},{level:3,title:"引用其它项目",slug:"引用其它项目",children:[]}]},{level:2,title:"开发流程",slug:"开发流程",children:[{level:3,title:"写代码之前",slug:"写代码之前",children:[]},{level:3,title:"修改代码",slug:"修改代码",children:[]},{level:3,title:"Pull Request",slug:"pull-request",children:[]},{level:3,title:"对代码的修改",slug:"对代码的修改",children:[]}]},{level:2,title:"Xray 编码规范",slug:"xray-编码规范",children:[{level:3,title:"代码结构",slug:"代码结构",children:[]},{level:3,title:"编码规范",slug:"编码规范",children:[]}]}],path:"/development/intro/guide.html",pathLocale:"/",extraFields:[]},{title:"mKCP 协议",headers:[{level:2,title:"版本",slug:"版本",children:[]},{level:2,title:"依赖",slug:"依赖",children:[{level:3,title:"底层协议",slug:"底层协议",children:[]},{level:3,title:"函数",slug:"函数",children:[]}]},{level:2,title:"通讯过程",slug:"通讯过程",children:[]},{level:2,title:"数据格式",slug:"数据格式",children:[{level:3,title:"数据包",slug:"数据包",children:[]},{level:3,title:"数据片段",slug:"数据片段",children:[]},{level:3,title:"确认片段",slug:"确认片段",children:[]},{level:3,title:"心跳片段",slug:"心跳片段",children:[]}]}],path:"/development/protocols/mkcp.html",pathLocale:"/",extraFields:[]},{title:"Mux.Cool 协议",headers:[{level:2,title:"版本",slug:"版本",children:[]},{level:2,title:"依赖",slug:"依赖",children:[{level:3,title:"底层协议",slug:"底层协议",children:[]}]},{level:2,title:"通讯过程",slug:"通讯过程",children:[{level:3,title:"客户端行为",slug:"客户端行为",children:[]},{level:3,title:"服务器端行为",slug:"服务器端行为",children:[]}]},{level:2,title:"传输格式",slug:"传输格式",children:[{level:3,title:"帧格式",slug:"帧格式",children:[]},{level:3,title:"元数据",slug:"元数据",children:[]},{level:3,title:"新建子连接 (New)",slug:"新建子连接-new",children:[]},{level:3,title:"保持子连接 (Keep)",slug:"保持子连接-keep",children:[]},{level:3,title:"关闭子连接 (End)",slug:"关闭子连接-end",children:[]},{level:3,title:"保持连接 (KeepAlive)",slug:"保持连接-keepalive",children:[]}]},{level:2,title:"应用",slug:"应用",children:[]}],path:"/development/protocols/muxcool.html",pathLocale:"/",extraFields:[]},{title:"VLESS 协议",headers:[{level:2,title:"Request & Response",slug:"request-response",children:[]},{level:2,title:"ProtoBuf",slug:"protobuf",children:[]},{level:2,title:"Schedulers Flow",slug:"schedulers-flow",children:[]},{level:2,title:"Encryption",slug:"encryption",children:[]},{level:2,title:"UDP issues",slug:"udp-issues",children:[]},{level:2,title:"客户端开发指引",slug:"客户端开发指引",children:[]},{level:2,title:"VLESS 分享链接标准",slug:"vless-分享链接标准",children:[]}],path:"/development/protocols/vless.html",pathLocale:"/",extraFields:[]},{title:"VMess 协议",headers:[{level:2,title:"版本",slug:"版本",children:[]},{level:2,title:"依赖",slug:"依赖",children:[{level:3,title:"底层协议",slug:"底层协议",children:[]},{level:3,title:"用户 ID",slug:"用户-id",children:[]},{level:3,title:"函数",slug:"函数",children:[]}]},{level:2,title:"通讯过程",slug:"通讯过程",children:[]},{level:2,title:"客户端请求",slug:"客户端请求",children:[{level:3,title:"认证信息",slug:"认证信息",children:[]},{level:3,title:"指令部分",slug:"指令部分",children:[]},{level:3,title:"数据部分",slug:"数据部分",children:[]}]},{level:2,title:"服务器应答",slug:"服务器应答",children:[{level:3,title:"动态端口指令",slug:"动态端口指令",children:[]}]},{level:2,title:"注释",slug:"注释",children:[]}],path:"/development/protocols/vmess.html",pathLocale:"/",extraFields:[]},{title:"小小白白话文",headers:[],path:"/document/level-0/",pathLocale:"/",extraFields:[]},{title:"【第 1 章】 小小白白话文",headers:[{level:2,title:"1.1 这篇文档是写给谁的?",slug:"_1-1-这篇文档是写给谁的",children:[]},{level:2,title:"1.2 这篇文档不是写给谁的?",slug:"_1-2-这篇文档不是写给谁的",children:[]},{level:2,title:"1.3 郑重声明及其他声明",slug:"_1-3-郑重声明及其他声明",children:[]},{level:2,title:"1.4 为什么自建是个难题?",slug:"_1-4-为什么自建是个难题",children:[]},{level:2,title:"1.5 “用机场不就行了?”",slug:"_1-5-用机场不就行了",children:[]},{level:2,title:"1.6 那么你到底要不要自建呢?",slug:"_1-6-那么你到底要不要自建呢",children:[]},{level:2,title:"1.7 题外啰嗦几句",slug:"_1-7-题外啰嗦几句",children:[]},{level:2,title:"1.8 你的进度",slug:"_1-8-你的进度",children:[]}],path:"/document/level-0/ch01-preface.html",pathLocale:"/",extraFields:[]},{title:"【第 2 章】原料准备篇",headers:[{level:2,title:"2.1 获取一台 VPS",slug:"_2-1-获取一台-vps",children:[]},{level:2,title:"2.2 获取一个心仪的域名",slug:"_2-2-获取一个心仪的域名",children:[]},{level:2,title:"2.3 你本地电脑上需要安装的软件",slug:"_2-3-你本地电脑上需要安装的软件",children:[]},{level:2,title:"2.4 你的进度",slug:"_2-4-你的进度",children:[]}],path:"/document/level-0/ch02-preparation.html",pathLocale:"/",extraFields:[]},{title:"【第 3 章】远程登录篇",headers:[{level:2,title:"3.1 远程登录 VPS (PuTTY)",slug:"_3-1-远程登录-vps-putty",children:[]},{level:2,title:"3.2 成功登录 SSH!初识命令行界面!",slug:"_3-2-成功登录-ssh-初识命令行界面",children:[]},{level:2,title:"3.3 第一次更新 Linux 的软件!",slug:"_3-3-第一次更新-linux-的软件",children:[]},{level:2,title:"3.4 你的进度",slug:"_3-4-你的进度",children:[]}],path:"/document/level-0/ch03-ssh.html",pathLocale:"/",extraFields:[]},{title:"【第 4 章】安全防护篇",headers:[{level:2,title:"4.1 为什么要做安全防护",slug:"_4-1-为什么要做安全防护",children:[]},{level:2,title:"4.2 具体的风险到底是什么",slug:"_4-2-具体的风险到底是什么",children:[]},{level:2,title:"4.3 我们要做的安全防护有哪些",slug:"_4-3-我们要做的安全防护有哪些",children:[]},{level:2,title:"4.4 将 SSH 远程登录端口修改为非 22 端口",slug:"_4-4-将-ssh-远程登录端口修改为非-22-端口",children:[]},{level:2,title:"4.5 建立非 root 的新用户",slug:"_4-5-建立非-root-的新用户",children:[]},{level:2,title:"4.6 禁用 root 用户 SSH 远程登录",slug:"_4-6-禁用-root-用户-ssh-远程登录",children:[]},{level:2,title:"4.7 使用 RSA 密钥登录并禁用密码登录",slug:"_4-7-使用-rsa-密钥登录并禁用密码登录",children:[]},{level:2,title:"4.8 你的进度",slug:"_4-8-你的进度",children:[]}],path:"/document/level-0/ch04-security.html",pathLocale:"/",extraFields:[]},{title:"【第 5 章】网站建设篇",headers:[{level:2,title:"5.1 为什么要做一个网站?",slug:"_5-1-为什么要做一个网站",children:[]},{level:2,title:"5.2 登录 VPS、安装运行 Nginx",slug:"_5-2-登录-vps、安装运行-nginx",children:[]},{level:2,title:"5.3 创建一个最简单的网页",slug:"_5-3-创建一个最简单的网页",children:[]},{level:2,title:"5.4 常见错误的说明",slug:"_5-4-常见错误的说明",children:[]},{level:2,title:"5.5 你的进度",slug:"_5-5-你的进度",children:[]}],path:"/document/level-0/ch05-webpage.html",pathLocale:"/",extraFields:[]},{title:"【第 6 章】证书管理篇",headers:[{level:2,title:"6.1 申请 TLS 证书",slug:"_6-1-申请-tls-证书",children:[]},{level:2,title:"6.2 安装 acme.sh",slug:"_6-2-安装-acme-sh",children:[]},{level:2,title:"6.3 测试证书申请",slug:"_6-3-测试证书申请",children:[]},{level:2,title:"6.4 正式证书申请",slug:"_6-4-正式证书申请",children:[]},{level:2,title:"6.5 证书安装",slug:"_6-5-证书安装",children:[]},{level:2,title:"6.6 你的进度",slug:"_6-6-你的进度",children:[]}],path:"/document/level-0/ch06-certificates.html",pathLocale:"/",extraFields:[]},{title:"【第 7 章】Xray 服务器篇",headers:[{level:2,title:"7.1 博观而约取,厚积而薄发",slug:"_7-1-博观而约取-厚积而薄发",children:[]},{level:2,title:"7.2 安装 Xray",slug:"_7-2-安装-xray",children:[]},{level:2,title:"7.3 给 Xray 配置 TLS 证书",slug:"_7-3-给-xray-配置-tls-证书",children:[]},{level:2,title:"7.4 配置 Xray",slug:"_7-4-配置-xray",children:[]},{level:2,title:"7.5 启动 Xray 服务!!(并查看服务状态)",slug:"_7-5-启动-xray-服务-并查看服务状态",children:[]},{level:2,title:"7.6 回顾 systemd 进行基本的服务管理",slug:"_7-6-回顾-systemd-进行基本的服务管理",children:[]},{level:2,title:"7.7 服务器优化之一:开启 BBR",slug:"_7-7-服务器优化之一-开启-bbr",children:[]},{level:2,title:"7.8 服务器优化之二:开启 HTTP 自动跳转 HTTPS",slug:"_7-8-服务器优化之二-开启-http-自动跳转-https",children:[]},{level:2,title:"7.9 服务器优化之三:更丰富的回落",slug:"_7-9-服务器优化之三-更丰富的回落",children:[]},{level:2,title:"7.10 你的进度",slug:"_7-10-你的进度",children:[]},{level:2,title:"7.11 重要勘误",slug:"_7-11-重要勘误",children:[]}],path:"/document/level-0/ch07-xray-server.html",pathLocale:"/",extraFields:[]},{title:"【第 8 章】Xray 客户端篇",headers:[{level:2,title:"8.1 Xray 的工作原理简述",slug:"_8-1-xray-的工作原理简述",children:[]},{level:2,title:"8.2 客户端与服务器端正确连接",slug:"_8-2-客户端与服务器端正确连接",children:[]},{level:2,title:"8.3 附加题 1:在 PC 端手工配置 xray-core",slug:"_8-3-附加题-1-在-pc-端手工配置-xray-core",children:[]},{level:2,title:"8.4 附加题 2:在 PC 端手工运行 xray-core",slug:"_8-4-附加题-2-在-pc-端手工运行-xray-core",children:[]},{level:2,title:"8.5 附加题 3:在 PC 端开机自动运行 xray-core",slug:"_8-5-附加题-3-在-pc-端开机自动运行-xray-core",children:[]},{level:2,title:"8.6 圆满完成!",slug:"_8-6-圆满完成",children:[]},{level:2,title:"8.7 TO INFINITY AND BEYOND!",slug:"_8-7-to-infinity-and-beyond",children:[]}],path:"/document/level-0/ch08-xray-clients.html",pathLocale:"/",extraFields:[]},{title:"【第 9 章】附录",headers:[{level:2,title:"1. 小小白白 Linux 基础命令索引",slug:"_1-小小白白-linux-基础命令索引",children:[]},{level:2,title:"2. 小小白白 Linux 重要配置文件索引",slug:"_2-小小白白-linux-重要配置文件索引",children:[]},{level:2,title:"3. 小小白白 Xray 重要文件索引",slug:"_3-小小白白-xray-重要文件索引",children:[]}],path:"/document/level-0/ch09-appendix.html",pathLocale:"/",extraFields:[]},{title:"入门技巧",headers:[],path:"/document/level-1/",pathLocale:"/",extraFields:[]},{title:"回落 (fallbacks) 功能简析",headers:[{level:2,title:"1. 回顾《小小白白话文》中的回落",slug:"_1-回顾《小小白白话文》中的回落",children:[]},{level:2,title:"2. 重新认识回落 (WHAT, HOW v1)",slug:"_2-重新认识回落-what-how-v1",children:[]},{level:2,title:"3. 为什么要回落 (WHY v1)",slug:"_3-为什么要回落-why-v1",children:[]},{level:2,title:"4. 重新认识【回落の完全体】 (WHAT, WHY, HOW v2)",slug:"_4-重新认识【回落の完全体】-what-why-how-v2",children:[]},{level:2,title:"5. 多层回落示例及解读",slug:"_5-多层回落示例及解读",children:[{level:3,title:"5.1 首先,我将服务器端配置的 443 监听段摘抄如下:",slug:"_5-1-首先-我将服务器端配置的-443-监听段摘抄如下",children:[]},{level:3,title:"5.2 后续监听处理的配置段摘抄如下:",slug:"_5-2-后续监听处理的配置段摘抄如下",children:[]}]},{level:2,title:"6. 结语",slug:"_6-结语",children:[]},{level:2,title:"7. 附加题",slug:"_7-附加题",children:[]}],path:"/document/level-1/fallbacks-lv1.html",pathLocale:"/",extraFields:[]},{title:"SNI 回落",headers:[{level:2,title:"应用情景",slug:"应用情景",children:[]},{level:2,title:"SNI 简介",slug:"sni-简介",children:[]},{level:2,title:"思路",slug:"思路",children:[]},{level:2,title:"添加 DNS 记录",slug:"添加-dns-记录",children:[]},{level:2,title:"申请 TLS 证书",slug:"申请-tls-证书",children:[]},{level:2,title:"Xray 配置",slug:"xray-配置",children:[]},{level:2,title:"Nginx 配置",slug:"nginx-配置",children:[]},{level:2,title:"Caddy 配置",slug:"caddy-配置",children:[]},{level:2,title:"参考",slug:"参考",children:[]},{level:2,title:"引用",slug:"引用",children:[]}],path:"/document/level-1/fallbacks-with-sni.html",pathLocale:"/",extraFields:[]},{title:"路由 (routing) 功能简析(上)",headers:[{level:2,title:"1. 初识【路由】三兄弟",slug:"_1-初识【路由】三兄弟",children:[]},{level:2,title:"2. 基本功: “兄弟一条心”",slug:"_2-基本功-兄弟一条心",children:[{level:3,title:"2.1 入站",slug:"_2-1-入站",children:[]},{level:3,title:"2.3 路由",slug:"_2-3-路由",children:[]},{level:3,title:"2.4 路由配置项解析之一:流量筛选的依据",slug:"_2-4-路由配置项解析之一-流量筛选的依据",children:[]}]},{level:2,title:"3. 小试牛刀: “三分天下” 之 “域名分流”",slug:"_3-小试牛刀-三分天下-之-域名分流",children:[{level:3,title:"3.1 入站",slug:"_3-1-入站",children:[]},{level:3,title:"3.2 出站",slug:"_3-2-出站",children:[]},{level:3,title:"3.3 路由",slug:"_3-3-路由",children:[]},{level:3,title:"3.4 简析域名文件: geosite.dat",slug:"_3-4-简析域名文件-geosite-dat",children:[]},{level:3,title:"3.5 所以 geosite.dat 到底是什么?不是有个 GFWList 吗?",slug:"_3-5-所以-geosite-dat-到底是什么-不是有个-gfwlist-吗",children:[]},{level:3,title:"3.6 军师锦囊藏奇兵:一条隐藏的路由规则",slug:"_3-6-军师锦囊藏奇兵-一条隐藏的路由规则",children:[]},{level:3,title:"3.7 再看“三分天下”的大地图",slug:"_3-7-再看-三分天下-的大地图",children:[]}]},{level:2,title:"4. “三分天下” 之 “蜀魏争雄”",slug:"_4-三分天下-之-蜀魏争雄",children:[]},{level:2,title:"5. 攻城略池 - 多种路由匹配条件",slug:"_5-攻城略池-多种路由匹配条件",children:[]}],path:"/document/level-1/routing-lv1-part1.html",pathLocale:"/",extraFields:[]},{title:"路由 (routing) 功能简析(下)",headers:[{level:2,title:"5. 攻城略池 - 多种路由匹配条件",slug:"_5-攻城略池-多种路由匹配条件",children:[{level:3,title:"5.1 基于指定域名分流:[domain], [full] 等",slug:"_5-1-基于指定域名分流-domain-full-等",children:[]},{level:3,title:"5.2 基于 IP 文件分流:geoip.dat",slug:"_5-2-基于-ip-文件分流-geoip-dat",children:[]},{level:3,title:"5.3 基于指定 IP 地址分流",slug:"_5-3-基于指定-ip-地址分流",children:[]},{level:3,title:"5.4 基于协议类型分流:[protocol] 等",slug:"_5-4-基于协议类型分流-protocol-等",children:[]},{level:3,title:"5.5 基于更多条件的分流",slug:"_5-5-基于更多条件的分流",children:[]}]},{level:2,title:"6. “霸业初定”:路由规则整体回顾",slug:"_6-霸业初定-路由规则整体回顾",children:[]},{level:2,title:"7. 路由配置常见错误",slug:"_7-路由配置常见错误",children:[{level:3,title:"7.1 错误示范",slug:"_7-1-错误示范",children:[]},{level:3,title:"7.2 正确示范",slug:"_7-2-正确示范",children:[]}]},{level:2,title:"8. 明修栈道、暗渡陈仓",slug:"_8-明修栈道、暗渡陈仓",children:[{level:3,title:'8.1 域名策略: "AsIs"',slug:"_8-1-域名策略-asis",children:[]},{level:3,title:'8.2 域名策略: "IPIfNonMatch"',slug:"_8-2-域名策略-ipifnonmatch",children:[]},{level:3,title:'8.3 域名策略: "IPOnDemand"',slug:"_8-3-域名策略-ipondemand",children:[]}]},{level:2,title:"9. 思考题",slug:"_9-思考题",children:[]},{level:2,title:"10. 结语",slug:"_10-结语",children:[]},{level:2,title:"11. 尾注",slug:"_11-尾注",children:[]}],path:"/document/level-1/routing-lv1-part2.html",pathLocale:"/",extraFields:[]},{title:"Xray 的工作模式",headers:[{level:2,title:"单服务器模式",slug:"单服务器模式",children:[]},{level:2,title:"桥接模式",slug:"桥接模式",children:[]},{level:2,title:"工作原理",slug:"工作原理",children:[]}],path:"/document/level-1/work.html",pathLocale:"/",extraFields:[]},{title:"进阶文档",headers:[],path:"/document/level-2/",pathLocale:"/",extraFields:[]},{title:"GID 透明代理",headers:[{level:2,title:"思路",slug:"思路",children:[]},{level:2,title:"配置过程",slug:"配置过程",children:[{level:3,title:"1. 前期准备",slug:"_1-前期准备",children:[]},{level:3,title:"2. 添加用户(安卓用户请忽略)",slug:"_2-添加用户-安卓用户请忽略",children:[]},{level:3,title:"3. 配置运行 Xray,配置 iptables 规则",slug:"_3-配置运行-xray-配置-iptables-规则",children:[]}]},{level:2,title:"下面提供一个实现 tproxy 全局代理的完整配置过程",slug:"下面提供一个实现-tproxy-全局代理的完整配置过程",children:[{level:3,title:"1. 完成 前期准备 和 添加用户",slug:"_1-完成-前期准备-和-添加用户",children:[]},{level:3,title:"2. 准备 Xray 配置文件",slug:"_2-准备-xray-配置文件",children:[]},{level:3,title:"3. 配置最大文件打开数&运行 Xray 客户端",slug:"_3-配置最大文件打开数-运行-xray-客户端",children:[]},{level:3,title:"4. 设置 iptables 规则",slug:"_4-设置-iptables-规则",children:[]}]}],path:"/document/level-2/iptables_gid.html",pathLocale:"/",extraFields:[]},{title:"Nginx 或 Haproxy 搭建 TLS 隧道隐藏指纹",headers:[{level:2,title:"编译 nginx --with-stream",slug:"编译-nginx-with-stream",children:[]},{level:2,title:"配置 nginx",slug:"配置-nginx",children:[]},{level:2,title:"xray 配置",slug:"xray-配置",children:[]},{level:2,title:"客户端及服务端启动服务",slug:"客户端及服务端启动服务",children:[]},{level:2,title:"结束",slug:"结束",children:[]},{level:2,title:"HTTPS 隧道",slug:"https-隧道",children:[{level:3,title:"haproxy_client 配置 (运行前去掉注释)",slug:"haproxy-client-配置-运行前去掉注释",children:[]},{level:3,title:"haproxy_server 配置 (运行前去掉注释)",slug:"haproxy-server-配置-运行前去掉注释",children:[]},{level:3,title:"xray 配置",slug:"xray-配置-1",children:[]}]},{level:2,title:"WebSocket over HTTP/2",slug:"websocket-over-http-2",children:[{level:3,title:"haproxy_client 配置",slug:"haproxy-client-配置",children:[]},{level:3,title:"haproxy_server 配置",slug:"haproxy-server-配置",children:[]},{level:3,title:"xray 配置",slug:"xray-配置-2",children:[]}]},{level:2,title:"gRPC over HTTP/2",slug:"grpc-over-http-2",children:[{level:3,title:"haproxy_client 配置",slug:"haproxy-client-配置-1",children:[]},{level:3,title:"haproxy_server 配置",slug:"haproxy-server-配置-1",children:[]},{level:3,title:"xray 配置",slug:"xray-配置-3",children:[]},{level:3,title:"haproxy_client 配置",slug:"haproxy-client-配置-2",children:[]},{level:3,title:"haproxy_server 配置",slug:"haproxy-server-配置-2",children:[]},{level:3,title:"xray 配置",slug:"xray-配置-4",children:[]}]}],path:"/document/level-2/nginx_or_haproxy_tls_tunnel.html",pathLocale:"/",extraFields:[]},{title:"出站流量重定向",headers:[{level:2,title:"前言",slug:"前言",children:[]},{level:2,title:"1、安装代理或者 VPN 软件(例如 Wireguard、IPsec 等)",slug:"_1、安装代理或者-vpn-软件-例如-wireguard、ipsec-等",children:[]},{level:2,title:"2、编辑 VPN 配置文件(以 WireGuard 为例)",slug:"_2、编辑-vpn-配置文件-以-wireguard-为例",children:[]},{level:2,title:"3、启用 WireGuard 网络接口",slug:"_3、启用-wireguard-网络接口",children:[]},{level:2,title:"4、Xray-core 配置文件修改",slug:"_4、xray-core-配置文件修改",children:[]},{level:2,title:"5、系统设置配置",slug:"_5、系统设置配置",children:[]},{level:2,title:"6、完成 WireGuard 相关设置",slug:"_6、完成-wireguard-相关设置",children:[]},{level:2,title:"后记",slug:"后记",children:[]},{level:2,title:"感谢",slug:"感谢",children:[]}],path:"/document/level-2/redirect.html",pathLocale:"/",extraFields:[]},{title:"TProxy 透明代理",headers:[{level:2,title:"开始之前",slug:"开始之前",children:[]},{level:2,title:"Xray 配置",slug:"xray-配置",children:[]},{level:2,title:"策略路由配置",slug:"策略路由配置",children:[]},{level:2,title:"Netfilter 配置",slug:"netfilter-配置",children:[]},{level:2,title:"配置永久化与开机自启",slug:"配置永久化与开机自启",children:[]}],path:"/document/level-2/tproxy.html",pathLocale:"/",extraFields:[]},{title:"TProxy 透明代理 (ipv4 and ipv6)",headers:[{level:2,title:"Xray 配置",slug:"xray-配置",children:[{level:3,title:"客户端配置",slug:"客户端配置",children:[]},{level:3,title:"服务端配置",slug:"服务端配置",children:[]}]},{level:2,title:"Netfilter 配置",slug:"netfilter-配置",children:[{level:3,title:"首先设置策略路由",slug:"首先设置策略路由",children:[]},{level:3,title:"使用 iptables",slug:"使用-iptables",children:[]},{level:3,title:"使用 nftables",slug:"使用-nftables",children:[]},{level:3,title:"开机自动运行 Netfilter 配置",slug:"开机自动运行-netfilter-配置",children:[]}]},{level:2,title:"局域网设备上网设置",slug:"局域网设备上网设置",children:[{level:3,title:"方法一",slug:"方法一",children:[]},{level:3,title:"方法二",slug:"方法二",children:[]}]},{level:2,title:"Finally",slug:"finally",children:[]},{level:2,title:"写在最后",slug:"写在最后",children:[]}],path:"/document/level-2/tproxy_ipv4_and_ipv6.html",pathLocale:"/",extraFields:[]},{title:"流量统计",headers:[{level:2,title:"查看流量信息",slug:"查看流量信息",children:[]},{level:2,title:"流量信息的处理",slug:"流量信息的处理",children:[]}],path:"/document/level-2/traffic_stats.html",pathLocale:"/",extraFields:[]},{title:"通过 Cloudflare Warp 增强代理安全性",headers:[{level:2,title:"申请 Warp 账户",slug:"申请-warp-账户",children:[]},{level:2,title:"在服务端分流回国流量至 warp",slug:"在服务端分流回国流量至-warp",children:[]},{level:2,title:"客户端使用 warp 链式代理",slug:"客户端使用-warp-链式代理",children:[]}],path:"/document/level-2/warp.html",pathLocale:"/",extraFields:[]},{title:"大史记",headers:[{level:2,title:"2021.4.6",slug:"_2021-4-6",children:[]},{level:2,title:"2021.4.4",slug:"_2021-4-4",children:[]},{level:2,title:"2021.4.1 v1.4.2",slug:"_2021-4-1-v1-4-2",children:[]},{level:2,title:"2021.3.25",slug:"_2021-3-25",children:[]},{level:2,title:"2021.3.15",slug:"_2021-3-15",children:[]},{level:2,title:"2021.3.14 v1.4.0",slug:"_2021-3-14-v1-4-0",children:[]},{level:2,title:"2021.3.3 1.3.1",slug:"_2021-3-3-1-3-1",children:[]},{level:2,title:"2021.2.14 1.3.0",slug:"_2021-2-14-1-3-0",children:[]},{level:2,title:"2021.01.31 1.2.4",slug:"_2021-01-31-1-2-4",children:[]},{level:2,title:"2021.01.25",slug:"_2021-01-25",children:[]},{level:2,title:"2021.01.22 1.2.3",slug:"_2021-01-22-1-2-3",children:[]},{level:2,title:"2021.01.19",slug:"_2021-01-19",children:[]},{level:2,title:"2021.01.17",slug:"_2021-01-17",children:[]},{level:2,title:"2021.01.15 1.2.2",slug:"_2021-01-15-1-2-2",children:[]},{level:2,title:"2021.01.12",slug:"_2021-01-12",children:[]},{level:2,title:"2021.01.10 1.2.1",slug:"_2021-01-10-1-2-1",children:[]},{level:2,title:"2021.01.07",slug:"_2021-01-07",children:[]},{level:2,title:"2021.01.05",slug:"_2021-01-05",children:[]},{level:2,title:"2021.01.03",slug:"_2021-01-03",children:[]},{level:2,title:"2021.01.01",slug:"_2021-01-01",children:[]},{level:2,title:"2020.12.29",slug:"_2020-12-29",children:[]},{level:2,title:"2020.12.25 1.1.5",slug:"_2020-12-25-1-1-5",children:[]},{level:2,title:"2020.12.24",slug:"_2020-12-24",children:[]},{level:2,title:"2020.12.23",slug:"_2020-12-23",children:[]},{level:2,title:"2020.12.21",slug:"_2020-12-21",children:[]},{level:2,title:"2020.12.18 1.1.4",slug:"_2020-12-18-1-1-4",children:[]},{level:2,title:"2020.12.17",slug:"_2020-12-17",children:[]},{level:2,title:"2020.12.15",slug:"_2020-12-15",children:[]},{level:2,title:"2020.12.11 1.1.3",slug:"_2020-12-11-1-1-3",children:[]},{level:2,title:"2020.12.06 1.1.2",slug:"_2020-12-06-1-1-2",children:[]},{level:2,title:"2020.12.04",slug:"_2020-12-04",children:[]},{level:2,title:"2020.11.27",slug:"_2020-11-27",children:[]},{level:2,title:"2020.11.25 1.0.0",slug:"_2020-11-25-1-0-0",children:[]},{level:2,title:"2020.11.23",slug:"_2020-11-23",children:[]}],path:"/en/about/news.html",pathLocale:"/en/",extraFields:[]},{title:"Configurations",headers:[{level:2,title:"Overview",slug:"overview",children:[]},{level:2,title:"Basic Configuration Modules",slug:"basic-configuration-modules",children:[]}],path:"/en/config/",pathLocale:"/en/",extraFields:[]},{title:"API Interface",headers:[{level:2,title:"ApiObject",slug:"apiobject",children:[]},{level:2,title:"Related Configuration",slug:"related-configuration",children:[]},{level:2,title:"Supported API List",slug:"supported-api-list",children:[{level:3,title:"HandlerService",slug:"handlerservice",children:[]},{level:3,title:"LoggerService",slug:"loggerservice",children:[]},{level:3,title:"StatsService",slug:"statsservice",children:[]},{level:3,title:"ReflectionService",slug:"reflectionservice",children:[]}]},{level:2,title:"API Calling Example",slug:"api-calling-example",children:[]}],path:"/en/config/api.html",pathLocale:"/en/",extraFields:[]},{title:"Built-in DNS Server",headers:[{level:2,title:"DNS Server",slug:"dns-server",children:[]},{level:2,title:"DNS Processing Flow",slug:"dns-processing-flow",children:[]},{level:2,title:"DnsObject",slug:"dnsobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/dns.html",pathLocale:"/en/",extraFields:[]},{title:"FakeDNS",headers:[{level:2,title:"FakeDNSObject",slug:"fakednsobject",children:[{level:3,title:"How to use?",slug:"how-to-use",children:[]},{level:3,title:"Using with other types of DNS",slug:"using-with-other-types-of-dns",children:[]}]}],path:"/en/config/fakedns.html",pathLocale:"/en/",extraFields:[]},{title:"Inbound Proxy",headers:[{level:2,title:"InboundObject",slug:"inboundobject",children:[{level:3,title:"SniffingObject",slug:"sniffingobject",children:[]},{level:3,title:"AllocateObject",slug:"allocateobject",children:[]}]}],path:"/en/config/inbound.html",pathLocale:"/en/",extraFields:[]},{title:"Log Configuration",headers:[{level:2,title:"LogObject",slug:"logobject",children:[]}],path:"/en/config/log.html",pathLocale:"/en/",extraFields:[]},{title:"Outbound Proxies",headers:[{level:2,title:"OutboundObject",slug:"outboundobject",children:[{level:3,title:"ProxySettingsObject",slug:"proxysettingsobject",children:[]},{level:3,title:"MuxObject",slug:"muxobject",children:[]}]}],path:"/en/config/outbound.html",pathLocale:"/en/",extraFields:[]},{title:"Local Policy",headers:[{level:2,title:"PolicyObject",slug:"policyobject",children:[{level:3,title:"LevelPolicyObject",slug:"levelpolicyobject",children:[]},{level:3,title:"SystemPolicyObject",slug:"systempolicyobject",children:[]}]}],path:"/en/config/policy.html",pathLocale:"/en/",extraFields:[]},{title:"Reverse Proxy",headers:[{level:2,title:"ReverseObject",slug:"reverseobject",children:[{level:3,title:"BridgeObject",slug:"bridgeobject",children:[]},{level:3,title:"PortalObject",slug:"portalobject",children:[]}]},{level:2,title:"Complete Configuration Example",slug:"complete-configuration-example",children:[{level:3,title:"Bridge Configuration",slug:"bridge-configuration",children:[]},{level:3,title:"Portal Configuration",slug:"portal-configuration",children:[]}]}],path:"/en/config/reverse.html",pathLocale:"/en/",extraFields:[]},{title:"Routing",headers:[{level:2,title:"RoutingObject",slug:"routingobject",children:[{level:3,title:"RuleObject",slug:"ruleobject",children:[]},{level:3,title:"BalancerObject",slug:"balancerobject",children:[]},{level:3,title:"Predefined Domain Lists",slug:"predefined-domain-lists",children:[]}]}],path:"/en/config/routing.html",pathLocale:"/en/",extraFields:[]},{title:"Traffic Statistics",headers:[{level:2,title:"StatsObject",slug:"statsobject",children:[]},{level:2,title:"Retrieving Traffic Statistics",slug:"retrieving-traffic-statistics",children:[]}],path:"/en/config/stats.html",pathLocale:"/en/",extraFields:[]},{title:"Transport Protocol",headers:[{level:2,title:"TransportObject",slug:"transportobject",children:[]},{level:2,title:"StreamSettingsObject",slug:"streamsettingsobject",children:[{level:3,title:"TLSObject",slug:"tlsobject",children:[]},{level:3,title:"SockoptObject",slug:"sockoptobject",children:[]}]}],path:"/en/config/transport.html",pathLocale:"/en/",extraFields:[]},{title:"Development Guide",headers:[{level:2,title:"Compile Documentation",slug:"compile-documentation",children:[]},{level:2,title:"Design Concept",slug:"design-concept",children:[]},{level:2,title:"Development Standards",slug:"development-standards",children:[]},{level:2,title:"Protocol Details",slug:"protocol-details",children:[{level:3,title:"VLESS Protocol",slug:"vless-protocol",children:[]},{level:3,title:"VMess Protocol",slug:"vmess-protocol",children:[]},{level:3,title:"Mux.Cool Protocol",slug:"mux-cool-protocol",children:[]},{level:3,title:"mKCP Protocol",slug:"mkcp-protocol",children:[]}]}],path:"/en/development/",pathLocale:"/en/",extraFields:[]},{title:"Quick Start",headers:[{level:2,title:"Download and Install",slug:"download-and-install",children:[]},{level:2,title:"Configure and Run",slug:"configure-and-run",children:[]},{level:2,title:"Command Parameters",slug:"command-parameters",children:[]},{level:2,title:"Improve Documents",slug:"improve-documents",children:[]},{level:2,title:"Beginner Tutorial",slug:"beginner-tutorial",children:[]},{level:2,title:"Getting Started Tips",slug:"getting-started-tips",children:[]},{level:2,title:"Advanced Documentation",slug:"advanced-documentation",children:[]}],path:"/en/document/",pathLocale:"/en/",extraFields:[]},{title:"Command Parameters",headers:[{level:2,title:"Get Basic Commands",slug:"get-basic-commands",children:[{level:3,title:"xray run",slug:"xray-run",children:[]},{level:3,title:"xray version",slug:"xray-version",children:[]},{level:3,title:"xray api",slug:"xray-api",children:[]},{level:3,title:"xray tls",slug:"xray-tls",children:[]},{level:3,title:"xray uuid",slug:"xray-uuid",children:[]}]}],path:"/en/document/command.html",pathLocale:"/en/",extraFields:[]},{title:"Configure and Run",headers:[{level:2,title:"Server Configuration",slug:"server-configuration",children:[]},{level:2,title:"Client Configuration",slug:"client-configuration",children:[]},{level:2,title:"Run",slug:"run",children:[]}],path:"/en/document/config.html",pathLocale:"/en/",extraFields:[]},{title:"Contribute to Project X's Document",headers:[{level:2,title:"Improve Document",slug:"improve-document",children:[]},{level:2,title:"Found Problems?",slug:"found-problems",children:[]}],path:"/en/document/document.html",pathLocale:"/en/",extraFields:[]},{title:"Download and Install",headers:[{level:2,title:"Platform Support",slug:"platform-support",children:[]},{level:2,title:"Download Xray",slug:"download-xray",children:[]},{level:2,title:"Verify the Installation Package",slug:"verify-the-installation-package",children:[]},{level:2,title:"Install on Windows",slug:"install-on-windows",children:[]},{level:2,title:"Install on macOS",slug:"install-on-macos",children:[]},{level:2,title:"Install on Linux",slug:"install-on-linux",children:[{level:3,title:"Install Script",slug:"install-script",children:[]},{level:3,title:"Arch Linux",slug:"arch-linux",children:[]},{level:3,title:"Linuxbrew",slug:"linuxbrew",children:[]},{level:3,title:"Debian",slug:"debian",children:[]}]},{level:2,title:"Install via Docker",slug:"install-via-docker",children:[{level:3,title:"The File Structure of the Docker Image",slug:"the-file-structure-of-the-docker-image",children:[]}]}],path:"/en/document/install.html",pathLocale:"/en/",extraFields:[]},{title:"透明代理入门",headers:[{level:2,title:"什么是透明代理",slug:"什么是透明代理",children:[]},{level:2,title:"透明代理的实现",slug:"透明代理的实现",children:[{level:3,title:"tun2socks",slug:"tun2socks",children:[]},{level:3,title:"iptables/nftables",slug:"iptables-nftables",children:[]}]},{level:2,title:"iptables 实现透明代理原理",slug:"iptables-实现透明代理原理",children:[]},{level:2,title:"透明代理难在哪里",slug:"透明代理难在哪里",children:[]},{level:2,title:"从零开始一步步实现基于 iptables-tproxy 的透明代理",slug:"从零开始一步步实现基于-iptables-tproxy-的透明代理",children:[{level:3,title:"在开始之前,你需要有一定的基础知识:",slug:"在开始之前-你需要有一定的基础知识",children:[]},{level:3,title:"前期准备工作",slug:"前期准备工作",children:[]},{level:3,title:"首先,我们先试试做到第一阶段",slug:"首先-我们先试试做到第一阶段",children:[]},{level:3,title:"第二阶段",slug:"第二阶段",children:[]},{level:3,title:"第三阶段",slug:"第三阶段",children:[]},{level:3,title:"第四阶段",slug:"第四阶段",children:[]},{level:3,title:"代理 ipv6",slug:"代理-ipv6",children:[]}]}],path:"/document/level-2/transparent_proxy/transparent_proxy.html",pathLocale:"/",extraFields:[]},{title:"Browser Dialer",headers:[{level:2,title:"Background",slug:"background",children:[]},{level:2,title:"Xray & JS",slug:"xray-js",children:[]},{level:2,title:"Early data",slug:"early-data",children:[]},{level:2,title:"Configuration",slug:"configuration",children:[]}],path:"/en/config/features/browser_dialer.html",pathLocale:"/en/",extraFields:[]},{title:"Environment Variables",headers:[{level:2,title:"Xray Asset Location",slug:"xray-asset-location",children:[]},{level:2,title:"Configuration File Location",slug:"configuration-file-location",children:[]},{level:2,title:"Multiple Configuration Directories",slug:"multiple-configuration-directories",children:[]}],path:"/en/config/features/env.html",pathLocale:"/en/",extraFields:[]},{title:"Fallback",headers:[{level:2,title:"fallbacks configuration",slug:"fallbacks-configuration",children:[{level:3,title:"FallbackObject",slug:"fallbackobject",children:[]},{level:3,title:"Additional Information",slug:"additional-information",children:[]}]},{level:2,title:"Fallbacks design theory",slug:"fallbacks-design-theory",children:[]}],path:"/en/config/features/fallback.html",pathLocale:"/en/",extraFields:[]},{title:"Multi-file configuration",headers:[{level:2,title:"Multi-file startup",slug:"multi-file-startup",children:[]},{level:2,title:"Rule Explaination",slug:"rule-explaination",children:[{level:3,title:"Normal Objects({})",slug:"normal-objects",children:[]},{level:3,title:"Arrays([])",slug:"arrays",children:[]}]},{level:2,title:"Recommended Multi-file List",slug:"recommended-multi-file-list",children:[]}],path:"/en/config/features/multiple.html",pathLocale:"/en/",extraFields:[]},{title:"Deep analysis of XTLS",headers:[],path:"/en/config/features/xtls.html",pathLocale:"/en/",extraFields:[]},{title:"Dokodemo-Door",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[]},{level:2,title:"Transparent Proxy Configuration Example",slug:"transparent-proxy-configuration-example",children:[]}],path:"/en/config/inbounds/dokodemo.html",pathLocale:"/en/",extraFields:[]},{title:"HTTP",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"AccountObject",slug:"accountobject",children:[]}]}],path:"/en/config/inbounds/http.html",pathLocale:"/en/",extraFields:[]},{title:"Shadowsocks",headers:[{level:3,title:"Supported Encryption Methods",slug:"supported-encryption-methods",children:[]},{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[]},{level:2,title:"ClientObject",slug:"clientobject",children:[]}],path:"/en/config/inbounds/shadowsocks.html",pathLocale:"/en/",extraFields:[]},{title:"SOCKS",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"AccountObject",slug:"accountobject",children:[]}]}],path:"/en/config/inbounds/socks.html",pathLocale:"/en/",extraFields:[]},{title:"Trojan",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]}]}],path:"/en/config/inbounds/trojan.html",pathLocale:"/en/",extraFields:[]},{title:"VLESS",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]}]}],path:"/en/config/inbounds/vless.html",pathLocale:"/en/",extraFields:[]},{title:"VMess",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]},{level:3,title:"DetourObject",slug:"detourobject",children:[]},{level:3,title:"DefaultObject",slug:"defaultobject",children:[]}]}],path:"/en/config/inbounds/vmess.html",pathLocale:"/en/",extraFields:[]},{title:"Blackhole",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ResponseObject",slug:"responseobject",children:[]}]}],path:"/en/config/outbounds/blackhole.html",pathLocale:"/en/",extraFields:[]},{title:"DNS",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[]},{level:2,title:"DNS Configuration Example",slug:"dns-configuration-example",children:[]}],path:"/en/config/outbounds/dns.html",pathLocale:"/en/",extraFields:[]},{title:"Freedom",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[]}],path:"/en/config/outbounds/freedom.html",pathLocale:"/en/",extraFields:[]},{title:"HTTP",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/outbounds/http.html",pathLocale:"/en/",extraFields:[]},{title:"Shadowsocks",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/outbounds/shadowsocks.html",pathLocale:"/en/",extraFields:[]},{title:"Socks",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/outbounds/socks.html",pathLocale:"/en/",extraFields:[]},{title:"Trojan",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/outbounds/trojan.html",pathLocale:"/en/",extraFields:[]},{title:"VLESS",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]},{level:3,title:"UserObject",slug:"userobject",children:[]}]}],path:"/en/config/outbounds/vless.html",pathLocale:"/en/",extraFields:[]},{title:"VMess",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/outbounds/vmess.html",pathLocale:"/en/",extraFields:[]},{title:"Wireguard",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"Peers",slug:"peers",children:[]}]}],path:"/en/config/outbounds/wireguard.html",pathLocale:"/en/",extraFields:[]},{title:"Domain Socket",headers:[{level:2,title:"DomainSocketObject",slug:"domainsocketobject",children:[]}],path:"/en/config/transports/domainsocket.html",pathLocale:"/en/",extraFields:[]},{title:"gRPC",headers:[{level:2,title:"GRPCObject",slug:"grpcobject",children:[]}],path:"/en/config/transports/grpc.html",pathLocale:"/en/",extraFields:[]},{title:"HTTP/2",headers:[{level:2,title:"HttpObject",slug:"httpobject",children:[]}],path:"/en/config/transports/h2.html",pathLocale:"/en/",extraFields:[]},{title:"mKCP",headers:[{level:2,title:"KcpObject",slug:"kcpobject",children:[{level:3,title:"HeaderObject",slug:"headerobject",children:[]}]},{level:2,title:"Special Thanks",slug:"special-thanks",children:[]},{level:2,title:"Improvements to the KCP protocol",slug:"improvements-to-the-kcp-protocol",children:[{level:3,title:"smaller protocol header",slug:"smaller-protocol-header",children:[]},{level:3,title:"ACK packet retransmission",slug:"ack-packet-retransmission",children:[]},{level:3,title:"Connection state control",slug:"connection-state-control",children:[]}]}],path:"/en/config/transports/mkcp.html",pathLocale:"/en/",extraFields:[]},{title:"QUIC",headers:[{level:2,title:"QuicObject",slug:"quicobject",children:[{level:3,title:"HeaderObject",slug:"headerobject",children:[]}]}],path:"/en/config/transports/quic.html",pathLocale:"/en/",extraFields:[]},{title:"TCP",headers:[{level:2,title:"TcpObject",slug:"tcpobject",children:[{level:3,title:"NoneHeaderObject",slug:"noneheaderobject",children:[]},{level:3,title:"HttpHeaderObject",slug:"httpheaderobject",children:[]}]}],path:"/en/config/transports/tcp.html",pathLocale:"/en/",extraFields:[]},{title:"WebSocket",headers:[{level:2,title:"WebSocketObject",slug:"websocketobject",children:[]},{level:2,title:"Browser Dialer",slug:"browser-dialer",children:[]}],path:"/en/config/transports/websocket.html",pathLocale:"/en/",extraFields:[]},{title:"Compile the document",headers:[{level:2,title:"Preparatory Work",slug:"preparatory-work",children:[]},{level:2,title:"Pull Xray source code",slug:"pull-xray-source-code",children:[]},{level:2,title:"Build Binary",slug:"build-binary",children:[{level:3,title:"Windows(Powershell):",slug:"windows-powershell",children:[]},{level:3,title:"macOS, Linux:",slug:"macos-linux",children:[]}]},{level:2,title:"Cross compilation:",slug:"cross-compilation",children:[]},{level:2,title:"Reproducible Build:",slug:"reproducible-build",children:[]}],path:"/en/development/intro/compile.html",pathLocale:"/en/",extraFields:[]},{title:"Design Objectives",headers:[{level:2,title:"Architecture",slug:"architecture",children:[{level:3,title:"Application Layer",slug:"application-layer",children:[]},{level:3,title:"Proxy Layer",slug:"proxy-layer",children:[]},{level:3,title:"Transport Layer",slug:"transport-layer",children:[]}]}],path:"/en/development/intro/design.html",pathLocale:"/en/",extraFields:[]},{title:"Development Standards",headers:[{level:2,title:"Basic",slug:"basic",children:[{level:3,title:"Version Control",slug:"version-control",children:[]},{level:3,title:"Branch",slug:"branch",children:[]},{level:3,title:"Release",slug:"release",children:[]},{level:3,title:"Citing other projects",slug:"citing-other-projects",children:[]}]},{level:2,title:"Development Process",slug:"development-process",children:[{level:3,title:"Before Writing Code",slug:"before-writing-code",children:[]},{level:3,title:"Modify the code",slug:"modify-the-code",children:[]},{level:3,title:"Pull Request",slug:"pull-request",children:[]},{level:3,title:"Modifying Code",slug:"modifying-code",children:[]}]},{level:2,title:"Xray Coding Guidelines",slug:"xray-coding-guidelines",children:[{level:3,title:"Code Structure",slug:"code-structure",children:[]},{level:3,title:"Coding Standards",slug:"coding-standards",children:[]}]}],path:"/en/development/intro/guide.html",pathLocale:"/en/",extraFields:[]},{title:"mKCP Protocol",headers:[{level:2,title:"Version",slug:"version",children:[]},{level:2,title:"Dependencies",slug:"dependencies",children:[{level:3,title:"Underlying Protocol",slug:"underlying-protocol",children:[]},{level:3,title:"Functions",slug:"functions",children:[]}]},{level:2,title:"Communication Process",slug:"communication-process",children:[]},{level:2,title:"Data Format",slug:"data-format",children:[{level:3,title:"Data Packet",slug:"data-packet",children:[]},{level:3,title:"Data snippet",slug:"data-snippet",children:[]},{level:3,title:"Confirmation snippet",slug:"confirmation-snippet",children:[]},{level:3,title:"Heartbeat Fragments",slug:"heartbeat-fragments",children:[]}]}],path:"/en/development/protocols/mkcp.html",pathLocale:"/en/",extraFields:[]},{title:"Mux.Cool Protocol",headers:[{level:2,title:"Version",slug:"version",children:[]},{level:2,title:"Dependencies",slug:"dependencies",children:[{level:3,title:"Underlying Protocol",slug:"underlying-protocol",children:[]}]},{level:2,title:"Communication Process",slug:"communication-process",children:[{level:3,title:"Client behavior",slug:"client-behavior",children:[]},{level:3,title:"Server-side behavior",slug:"server-side-behavior",children:[]}]},{level:2,title:"Data Format",slug:"data-format",children:[{level:3,title:"Frame Format",slug:"frame-format",children:[]},{level:3,title:"Metadata",slug:"metadata",children:[]},{level:3,title:"New Sublink (New)",slug:"new-sublink-new",children:[]},{level:3,title:"Keep sub-connections",slug:"keep-sub-connections",children:[]},{level:3,title:"End",slug:"end",children:[]},{level:3,title:"KeepAlive",slug:"keepalive",children:[]}]},{level:2,title:"Application",slug:"application",children:[]}],path:"/en/development/protocols/muxcool.html",pathLocale:"/en/",extraFields:[]},{title:"VLESS Protocol",headers:[{level:2,title:"Request & Response",slug:"request-response",children:[]},{level:2,title:"ProtoBuf",slug:"protobuf",children:[]},{level:2,title:"Flow",slug:"flow",children:[{level:3,title:"Flow Control (Formerly Traffic Scheduler)",slug:"flow-control-formerly-traffic-scheduler",children:[]}]},{level:2,title:"Encryption",slug:"encryption",children:[]},{level:2,title:"UDP issues",slug:"udp-issues",children:[]},{level:2,title:"Client Development Guide",slug:"client-development-guide",children:[]},{level:2,title:"VLESS Sharing Link Standard",slug:"vless-sharing-link-standard",children:[]}],path:"/en/development/protocols/vless.html",pathLocale:"/en/",extraFields:[]},{title:"VMess Protocol",headers:[{level:2,title:"Version",slug:"version",children:[]},{level:2,title:"Dependencies",slug:"dependencies",children:[{level:3,title:"Underlying Protocol",slug:"underlying-protocol",children:[]},{level:3,title:"User ID",slug:"user-id",children:[]},{level:3,title:"Functions",slug:"functions",children:[]}]},{level:2,title:"Communication Process",slug:"communication-process",children:[]},{level:2,title:"Client Request",slug:"client-request",children:[{level:3,title:"Authentication Information",slug:"authentication-information",children:[]},{level:3,title:"Command Section",slug:"command-section",children:[]},{level:3,title:"Data Section",slug:"data-section",children:[]}]},{level:2,title:"Server Response",slug:"server-response",children:[{level:3,title:"Dynamic Port Instructions",slug:"dynamic-port-instructions",children:[]}]},{level:2,title:"Comment",slug:"comment",children:[]}],path:"/en/development/protocols/vmess.html",pathLocale:"/en/",extraFields:[]},{title:"Plain and Simple Language",headers:[],path:"/en/document/level-0/",pathLocale:"/en/",extraFields:[]},{title:"[Chapter 1] Simple and Plain Language",headers:[{level:2,title:"1.1 Who is this document written for?",slug:"_1-1-who-is-this-document-written-for",children:[]},{level:2,title:"1.2 Who is this document not written for?",slug:"_1-2-who-is-this-document-not-written-for",children:[]},{level:2,title:"1.3 Declaration and Other Statements",slug:"_1-3-declaration-and-other-statements",children:[]},{level:2,title:"1.4 Why is self-hosting a challenge?",slug:"_1-4-why-is-self-hosting-a-challenge",children:[]},{level:2,title:'1.5 "Why not just use the airport?"',slug:"_1-5-why-not-just-use-the-airport",children:[]},{level:2,title:"1.6 So should you build your own website?",slug:"_1-6-so-should-you-build-your-own-website",children:[]},{level:2,title:"1.7 Some digressions",slug:"_1-7-some-digressions",children:[]},{level:2,title:"1.8 Your Progress",slug:"_1-8-your-progress",children:[]}],path:"/en/document/level-0/ch01-preface.html",pathLocale:"/en/",extraFields:[]},{title:"[Chapter 2] Preparation of Raw Materials",headers:[{level:2,title:"2.1 Acquiring a VPS",slug:"_2-1-acquiring-a-vps",children:[]},{level:2,title:"2.2 Obtaining a Desired Domain Name",slug:"_2-2-obtaining-a-desired-domain-name",children:[]},{level:2,title:"2.3 Software you need to install on your local computer",slug:"_2-3-software-you-need-to-install-on-your-local-computer",children:[]},{level:2,title:"2.4 Your Progress",slug:"_2-4-your-progress",children:[]}],path:"/en/document/level-0/ch02-preparation.html",pathLocale:"/en/",extraFields:[]},{title:"[Chapter 3] Remote Login",headers:[{level:2,title:"3.1 Remote Login to VPS (PuTTY)",slug:"_3-1-remote-login-to-vps-putty",children:[]},{level:2,title:"3.2 Successfully Logging in SSH! Introduction to Command Line Interface!",slug:"_3-2-successfully-logging-in-ssh-introduction-to-command-line-interface",children:[]},{level:2,title:"3.3 Updating software on Linux for the first time!",slug:"_3-3-updating-software-on-linux-for-the-first-time",children:[]},{level:2,title:"3.4 Your Progress",slug:"_3-4-your-progress",children:[]}],path:"/en/document/level-0/ch03-ssh.html",pathLocale:"/en/",extraFields:[]},{title:"[Chapter 4] Security and Protection",headers:[{level:2,title:"4.1 Why Do We Need Security Protection?",slug:"_4-1-why-do-we-need-security-protection",children:[]},{level:2,title:"4.2 What are the specific risks",slug:"_4-2-what-are-the-specific-risks",children:[]},{level:2,title:"4.3 What security measures do we need to take",slug:"_4-3-what-security-measures-do-we-need-to-take",children:[]},{level:2,title:"4.4 Change the SSH Remote Login Port to a Non-22 Port",slug:"_4-4-change-the-ssh-remote-login-port-to-a-non-22-port",children:[]},{level:2,title:"4.5 Creating a New User Without Root Access",slug:"_4-5-creating-a-new-user-without-root-access",children:[]},{level:2,title:"4.6 Disabling SSH Remote Login for Root User",slug:"_4-6-disabling-ssh-remote-login-for-root-user",children:[]},{level:2,title:"4.7 Login with RSA Key and Disable Password Login",slug:"_4-7-login-with-rsa-key-and-disable-password-login",children:[]},{level:2,title:"4.8 Your Progress",slug:"_4-8-your-progress",children:[]}],path:"/en/document/level-0/ch04-security.html",pathLocale:"/en/",extraFields:[]},{title:"Chapter 5: Website Building",headers:[{level:2,title:"5.1 Why should you create a website?",slug:"_5-1-why-should-you-create-a-website",children:[]},{level:2,title:"5.2 Log in to VPS, install and run Nginx",slug:"_5-2-log-in-to-vps-install-and-run-nginx",children:[]},{level:2,title:"5.3 Create the simplest web page",slug:"_5-3-create-the-simplest-web-page",children:[]},{level:2,title:"5.4 Common error explanations",slug:"_5-4-common-error-explanations",children:[]},{level:2,title:"5.5 Your Progress",slug:"_5-5-your-progress",children:[]}],path:"/en/document/level-0/ch05-webpage.html",pathLocale:"/en/",extraFields:[]},{title:"[Chapter 6] Certificate Management",headers:[{level:2,title:"6.1 Applying for a TLS Certificate",slug:"_6-1-applying-for-a-tls-certificate",children:[]},{level:2,title:"6.2 Install acme.sh",slug:"_6-2-install-acme-sh",children:[]},{level:2,title:"6.3 Testing Certificate Application",slug:"_6-3-testing-certificate-application",children:[]},{level:2,title:"6.4 Application for Official Certification",slug:"_6-4-application-for-official-certification",children:[]},{level:2,title:"6.5 Certificate Installation",slug:"_6-5-certificate-installation",children:[]},{level:2,title:"6.6 Your Progress",slug:"_6-6-your-progress",children:[]}],path:"/en/document/level-0/ch06-certificates.html",pathLocale:"/en/",extraFields:[]},{title:"【第 7 章】Xray 服务器篇",headers:[{level:2,title:"7.1 博观而约取,厚积而薄发",slug:"_7-1-博观而约取-厚积而薄发",children:[]},{level:2,title:"7.2 安装 Xray",slug:"_7-2-安装-xray",children:[]},{level:2,title:"7.3 给 Xray 配置 TLS 证书",slug:"_7-3-给-xray-配置-tls-证书",children:[]},{level:2,title:"7.4 配置 Xray",slug:"_7-4-配置-xray",children:[]},{level:2,title:"7.5 启动 Xray 服务!!(并查看服务状态)",slug:"_7-5-启动-xray-服务-并查看服务状态",children:[]},{level:2,title:"7.6 回顾 systemd 进行基本的服务管理",slug:"_7-6-回顾-systemd-进行基本的服务管理",children:[]},{level:2,title:"7.7 服务器优化之一:开启 BBR",slug:"_7-7-服务器优化之一-开启-bbr",children:[]},{level:2,title:"7.8 服务器优化之二:开启 HTTP 自动跳转 HTTPS",slug:"_7-8-服务器优化之二-开启-http-自动跳转-https",children:[]},{level:2,title:"7.9 服务器优化之三:更丰富的回落",slug:"_7-9-服务器优化之三-更丰富的回落",children:[]},{level:2,title:"7.10 你的进度",slug:"_7-10-你的进度",children:[]},{level:2,title:"7.11 重要勘误",slug:"_7-11-重要勘误",children:[]}],path:"/en/document/level-0/ch07-xray-server.html",pathLocale:"/en/",extraFields:[]},{title:"【第 8 章】Xray 客户端篇",headers:[{level:2,title:"8.1 Xray 的工作原理简述",slug:"_8-1-xray-的工作原理简述",children:[]},{level:2,title:"8.2 客户端与服务器端正确连接",slug:"_8-2-客户端与服务器端正确连接",children:[]},{level:2,title:"8.3 附加题 1:在 PC 端手工配置 xray-core",slug:"_8-3-附加题-1-在-pc-端手工配置-xray-core",children:[]},{level:2,title:"8.4 附加题 2:在 PC 端手工运行 xray-core",slug:"_8-4-附加题-2-在-pc-端手工运行-xray-core",children:[]},{level:2,title:"8.5 附加题 3:在 PC 端开机自动运行 xray-core",slug:"_8-5-附加题-3-在-pc-端开机自动运行-xray-core",children:[]},{level:2,title:"8.6 圆满完成!",slug:"_8-6-圆满完成",children:[]},{level:2,title:"8.7 TO INFINITY AND BEYOND!",slug:"_8-7-to-infinity-and-beyond",children:[]}],path:"/en/document/level-0/ch08-xray-clients.html",pathLocale:"/en/",extraFields:[]},{title:"【第 9 章】附录",headers:[{level:2,title:"1. 小小白白 Linux 基础命令索引",slug:"_1-小小白白-linux-基础命令索引",children:[]},{level:2,title:"2. 小小白白 Linux 重要配置文件索引",slug:"_2-小小白白-linux-重要配置文件索引",children:[]},{level:2,title:"3. 小小白白 Xray 重要文件索引",slug:"_3-小小白白-xray-重要文件索引",children:[]}],path:"/en/document/level-0/ch09-appendix.html",pathLocale:"/en/",extraFields:[]},{title:"Beginner's Tips",headers:[],path:"/en/document/level-1/",pathLocale:"/en/",extraFields:[]},{title:"回落 (fallbacks) 功能简析",headers:[{level:2,title:"1. 回顾《小小白白话文》中的回落",slug:"_1-回顾《小小白白话文》中的回落",children:[]},{level:2,title:"2. 重新认识回落 (WHAT, HOW v1)",slug:"_2-重新认识回落-what-how-v1",children:[]},{level:2,title:"3. 为什么要回落 (WHY v1)",slug:"_3-为什么要回落-why-v1",children:[]},{level:2,title:"4. 重新认识【回落の完全体】 (WHAT, WHY, HOW v2)",slug:"_4-重新认识【回落の完全体】-what-why-how-v2",children:[]},{level:2,title:"5. 多层回落示例及解读",slug:"_5-多层回落示例及解读",children:[{level:3,title:"5.1 首先,我将服务器端配置的 443 监听段摘抄如下:",slug:"_5-1-首先-我将服务器端配置的-443-监听段摘抄如下",children:[]},{level:3,title:"5.2 后续监听处理的配置段摘抄如下:",slug:"_5-2-后续监听处理的配置段摘抄如下",children:[]}]},{level:2,title:"6. 结语",slug:"_6-结语",children:[]},{level:2,title:"7. 附加题",slug:"_7-附加题",children:[]}],path:"/en/document/level-1/fallbacks-lv1.html",pathLocale:"/en/",extraFields:[]},{title:"SNI fallback",headers:[{level:2,title:"Application Scenarios",slug:"application-scenarios",children:[]},{level:2,title:"Introduction to SNI",slug:"introduction-to-sni",children:[]},{level:2,title:"Idea",slug:"idea",children:[]},{level:2,title:"Adding DNS Records",slug:"adding-dns-records",children:[]},{level:2,title:"Applying for TLS Certificate",slug:"applying-for-tls-certificate",children:[]},{level:2,title:"Xray Configuration",slug:"xray-configuration",children:[]},{level:2,title:"Nginx Configuration",slug:"nginx-configuration",children:[]},{level:2,title:"Caddy Configuration",slug:"caddy-configuration",children:[]},{level:2,title:"Reference",slug:"reference",children:[]},{level:2,title:"Quotation",slug:"quotation",children:[]}],path:"/en/document/level-1/fallbacks-with-sni.html",pathLocale:"/en/",extraFields:[]},{title:"路由 (routing) 功能简析(上)",headers:[{level:2,title:"1. 初识【路由】三兄弟",slug:"_1-初识【路由】三兄弟",children:[]},{level:2,title:"2. 基本功: “兄弟一条心”",slug:"_2-基本功-兄弟一条心",children:[{level:3,title:"2.1 入站",slug:"_2-1-入站",children:[]},{level:3,title:"2.3 路由",slug:"_2-3-路由",children:[]},{level:3,title:"2.4 路由配置项解析之一:流量筛选的依据",slug:"_2-4-路由配置项解析之一-流量筛选的依据",children:[]}]},{level:2,title:"3. 小试牛刀: “三分天下” 之 “域名分流”",slug:"_3-小试牛刀-三分天下-之-域名分流",children:[{level:3,title:"3.1 入站",slug:"_3-1-入站",children:[]},{level:3,title:"3.2 出站",slug:"_3-2-出站",children:[]},{level:3,title:"3.3 路由",slug:"_3-3-路由",children:[]},{level:3,title:"3.4 简析域名文件: geosite.dat",slug:"_3-4-简析域名文件-geosite-dat",children:[]},{level:3,title:"3.5 所以 geosite.dat 到底是什么?不是有个 GFWList 吗?",slug:"_3-5-所以-geosite-dat-到底是什么-不是有个-gfwlist-吗",children:[]},{level:3,title:"3.6 军师锦囊藏奇兵:一条隐藏的路由规则",slug:"_3-6-军师锦囊藏奇兵-一条隐藏的路由规则",children:[]},{level:3,title:"3.7 再看“三分天下”的大地图",slug:"_3-7-再看-三分天下-的大地图",children:[]}]},{level:2,title:"4. “三分天下” 之 “蜀魏争雄”",slug:"_4-三分天下-之-蜀魏争雄",children:[]},{level:2,title:"5. 攻城略池 - 多种路由匹配条件",slug:"_5-攻城略池-多种路由匹配条件",children:[]}],path:"/en/document/level-1/routing-lv1-part1.html",pathLocale:"/en/",extraFields:[]},{title:"路由 (routing) 功能简析(下)",headers:[{level:2,title:"5. 攻城略池 - 多种路由匹配条件",slug:"_5-攻城略池-多种路由匹配条件",children:[{level:3,title:"5.1 基于指定域名分流:[domain], [full] 等",slug:"_5-1-基于指定域名分流-domain-full-等",children:[]},{level:3,title:"5.2 基于 IP 文件分流:geoip.dat",slug:"_5-2-基于-ip-文件分流-geoip-dat",children:[]},{level:3,title:"5.3 基于指定 IP 地址分流",slug:"_5-3-基于指定-ip-地址分流",children:[]},{level:3,title:"5.4 基于协议类型分流:[protocol] 等",slug:"_5-4-基于协议类型分流-protocol-等",children:[]},{level:3,title:"5.5 基于更多条件的分流",slug:"_5-5-基于更多条件的分流",children:[]}]},{level:2,title:"6. “霸业初定”:路由规则整体回顾",slug:"_6-霸业初定-路由规则整体回顾",children:[]},{level:2,title:"7. 路由配置常见错误",slug:"_7-路由配置常见错误",children:[{level:3,title:"7.1 错误示范",slug:"_7-1-错误示范",children:[]},{level:3,title:"7.2 正确示范",slug:"_7-2-正确示范",children:[]}]},{level:2,title:"8. 明修栈道、暗渡陈仓",slug:"_8-明修栈道、暗渡陈仓",children:[{level:3,title:'8.1 域名策略: "AsIs"',slug:"_8-1-域名策略-asis",children:[]},{level:3,title:'8.2 域名策略: "IPIfNonMatch"',slug:"_8-2-域名策略-ipifnonmatch",children:[]},{level:3,title:'8.3 域名策略: "IPOnDemand"',slug:"_8-3-域名策略-ipondemand",children:[]}]},{level:2,title:"9. 思考题",slug:"_9-思考题",children:[]},{level:2,title:"10. 结语",slug:"_10-结语",children:[]},{level:2,title:"11. 尾注",slug:"_11-尾注",children:[]}],path:"/en/document/level-1/routing-lv1-part2.html",pathLocale:"/en/",extraFields:[]},{title:"Xray 的工作模式",headers:[{level:2,title:"单服务器模式",slug:"单服务器模式",children:[]},{level:2,title:"桥接模式",slug:"桥接模式",children:[]},{level:2,title:"工作原理",slug:"工作原理",children:[]}],path:"/en/document/level-1/work.html",pathLocale:"/en/",extraFields:[]},{title:"Advanced Documentation",headers:[],path:"/en/document/level-2/",pathLocale:"/en/",extraFields:[]},{title:"Transparent proxy via GID",headers:[{level:2,title:"Ideas",slug:"ideas",children:[]},{level:2,title:"Configuration Procedure",slug:"configuration-procedure",children:[{level:3,title:"1. Preliminary preparation",slug:"_1-preliminary-preparation",children:[]},{level:3,title:"2. Add user (Android users please ignore this section)",slug:"_2-add-user-android-users-please-ignore-this-section",children:[]},{level:3,title:"3. Configure and run Xray, and configure iptables rules",slug:"_3-configure-and-run-xray-and-configure-iptables-rules",children:[]}]},{level:2,title:"Steps",slug:"steps",children:[{level:3,title:"1. Finish Preliminary preparation and Add user",slug:"_1-finish-preliminary-preparation-and-add-user",children:[]},{level:3,title:"2. Preparing Xray profiles",slug:"_2-preparing-xray-profiles",children:[]},{level:3,title:"3. Configuring the maximum number of open files and run the Xray client",slug:"_3-configuring-the-maximum-number-of-open-files-and-run-the-xray-client",children:[]},{level:3,title:"4. Setting up iptables rules",slug:"_4-setting-up-iptables-rules",children:[]}]}],path:"/en/document/level-2/iptables_gid.html",pathLocale:"/en/",extraFields:[]},{title:"Nginx_TLS隧道隐藏指纹",headers:[{level:2,title:"编译 nginx --with-stream",slug:"编译-nginx-with-stream",children:[]},{level:2,title:"配置 nginx",slug:"配置-nginx",children:[]},{level:2,title:"xray 配置",slug:"xray-配置",children:[]},{level:2,title:"客户端及服务端启动服务",slug:"客户端及服务端启动服务",children:[]},{level:2,title:"后记",slug:"后记",children:[]}],path:"/en/document/level-2/nginx_tls_tunnel.html",pathLocale:"/en/",extraFields:[]},{title:"出站流量重定向",headers:[{level:2,title:"前言",slug:"前言",children:[]},{level:2,title:"1、安装代理或者 VPN 软件(例如 Wireguard、IPsec 等)",slug:"_1、安装代理或者-vpn-软件-例如-wireguard、ipsec-等",children:[]},{level:2,title:"2、编辑 VPN 配置文件(以 WireGuard 为例)",slug:"_2、编辑-vpn-配置文件-以-wireguard-为例",children:[]},{level:2,title:"3、启用 WireGuard 网络接口",slug:"_3、启用-wireguard-网络接口",children:[]},{level:2,title:"4、Xray-core 配置文件修改",slug:"_4、xray-core-配置文件修改",children:[]},{level:2,title:"5、系统设置配置",slug:"_5、系统设置配置",children:[]},{level:2,title:"6、完成 WireGuard 相关设置",slug:"_6、完成-wireguard-相关设置",children:[]},{level:2,title:"后记",slug:"后记",children:[]},{level:2,title:"感谢",slug:"感谢",children:[]}],path:"/en/document/level-2/redirect.html",pathLocale:"/en/",extraFields:[]},{title:"TProxy 透明代理",headers:[{level:2,title:"开始之前",slug:"开始之前",children:[]},{level:2,title:"Xray 配置",slug:"xray-配置",children:[]},{level:2,title:"策略路由配置",slug:"策略路由配置",children:[]},{level:2,title:"Netfilter 配置",slug:"netfilter-配置",children:[]},{level:2,title:"配置永久化与开机自启",slug:"配置永久化与开机自启",children:[]}],path:"/en/document/level-2/tproxy.html",pathLocale:"/en/",extraFields:[]},{title:"TProxy 透明代理 (ipv4 and ipv6)",headers:[{level:2,title:"Xray 配置",slug:"xray-配置",children:[{level:3,title:"客户端配置",slug:"客户端配置",children:[]},{level:3,title:"服务端配置",slug:"服务端配置",children:[]}]},{level:2,title:"Netfilter 配置",slug:"netfilter-配置",children:[{level:3,title:"首先设置策略路由",slug:"首先设置策略路由",children:[]},{level:3,title:"使用 iptables",slug:"使用-iptables",children:[]},{level:3,title:"使用 nftables",slug:"使用-nftables",children:[]},{level:3,title:"开机自动运行 Netfilter 配置",slug:"开机自动运行-netfilter-配置",children:[]}]},{level:2,title:"局域网设备上网设置",slug:"局域网设备上网设置",children:[{level:3,title:"方法一",slug:"方法一",children:[]},{level:3,title:"方法二",slug:"方法二",children:[]}]},{level:2,title:"Finally",slug:"finally",children:[]},{level:2,title:"写在最后",slug:"写在最后",children:[]}],path:"/en/document/level-2/tproxy_ipv4_and_ipv6.html",pathLocale:"/en/",extraFields:[]},{title:"流量统计",headers:[{level:2,title:"查看流量信息",slug:"查看流量信息",children:[]},{level:2,title:"流量信息的处理",slug:"流量信息的处理",children:[]}],path:"/en/document/level-2/traffic_stats.html",pathLocale:"/en/",extraFields:[]},{title:"Enhancing Proxy Security with Cloudflare Warp",headers:[{level:2,title:"Applying for a Warp Account",slug:"applying-for-a-warp-account",children:[]},{level:2,title:"Diverting inbound traffic to warp on the server side",slug:"diverting-inbound-traffic-to-warp-on-the-server-side",children:[]},{level:2,title:"Using Warp Chain Proxy on the Client Side",slug:"using-warp-chain-proxy-on-the-client-side",children:[]}],path:"/en/document/level-2/warp.html",pathLocale:"/en/",extraFields:[]},{title:"透明代理入门",headers:[{level:2,title:"什么是透明代理",slug:"什么是透明代理",children:[]},{level:2,title:"透明代理的实现",slug:"透明代理的实现",children:[{level:3,title:"tun2socks",slug:"tun2socks",children:[]},{level:3,title:"iptables/nftables",slug:"iptables-nftables",children:[]}]},{level:2,title:"iptables 实现透明代理原理",slug:"iptables-实现透明代理原理",children:[]},{level:2,title:"透明代理难在哪里",slug:"透明代理难在哪里",children:[]},{level:2,title:"从零开始一步步实现基于 iptables-tproxy 的透明代理",slug:"从零开始一步步实现基于-iptables-tproxy-的透明代理",children:[{level:3,title:"在开始之前,你需要有一定的基础知识:",slug:"在开始之前-你需要有一定的基础知识",children:[]},{level:3,title:"前期准备工作",slug:"前期准备工作",children:[]},{level:3,title:"首先,我们先试试做到第一阶段",slug:"首先-我们先试试做到第一阶段",children:[]},{level:3,title:"第二阶段",slug:"第二阶段",children:[]},{level:3,title:"第三阶段",slug:"第三阶段",children:[]},{level:3,title:"第四阶段",slug:"第四阶段",children:[]},{level:3,title:"代理 ipv6",slug:"代理-ipv6",children:[]}]}],path:"/en/document/level-2/transparent_proxy/transparent_proxy.html",pathLocale:"/en/",extraFields:[]},{title:"",headers:[],path:"/404.html",pathLocale:"/",extraFields:[]}]},35220:(e,l,t)=>{t.d(l,{H:()=>n});const n={base:"/",lang:"en-US",title:"",description:"",head:[["link",{rel:"icon",href:"/logo.png"}]],locales:{"/":{lang:"zh-CN",title:"Project X",description:"Xray 官方文档"},"/en/":{lang:"en-US",title:"Project X",description:"Official document of Xray"}}}},72232:(e,l,t)=>{t.d(l,{f:()=>n});const n={smoothScroll:!0,repo:"xtls/xray-core",docsRepo:"xtls/Xray-docs-next",docsDir:"docs",docsBranch:"main",editLinks:!0,enableToggle:!0,locales:{"/":{repoLabel:"查看源码",editLinkText:"帮助我们改善此页面!",tip:"提示",warning:"注意",danger:"警告",lastUpdatedText:"最近更改",selectLanguageName:"简体中文",selectLanguageText:"多语言",selectLanguageAriaLabel:"多语言",sidebar:{"/config/":[{text:"特性详解",children:["/config/features/xtls.md","/config/features/fallback.md","/config/features/browser_dialer.md","/config/features/env.md","/config/features/multiple.md"]},{text:"基础配置",children:["/config/","/config/log.md","/config/api.md","/config/dns.md","/config/fakedns.md","/config/inbound.md","/config/outbound.md","/config/policy.md","/config/reverse.md","/config/routing.md","/config/stats.md","/config/transport.md"]},{text:"入站代理",children:["/config/inbounds/dokodemo.md","/config/inbounds/http.md","/config/inbounds/shadowsocks.md","/config/inbounds/socks.md","/config/inbounds/trojan.md","/config/inbounds/vless.md","/config/inbounds/vmess.md"]},{text:"出站代理",children:["/config/outbounds/blackhole.md","/config/outbounds/dns.md","/config/outbounds/freedom.md","/config/outbounds/http.md","/config/outbounds/shadowsocks.md","/config/outbounds/socks.md","/config/outbounds/trojan.md","/config/outbounds/vless.md","/config/outbounds/vmess.md","/config/outbounds/wireguard.md"]},{text:"底层传输",children:["/config/transports/grpc.md","/config/transports/h2.md","/config/transports/mkcp.md","/config/transports/quic.md","/config/transports/tcp.md","/config/transports/websocket.md"]}],"/document/":[{text:"快速入门文档",children:["/document/install.md","/document/config.md","/document/command.md","/document/document.md","/document/level-0","/document/level-1","/document/level-2"]}],"/document/level-0/":[{text:"小小白白话文",children:["/document/level-0/ch01-preface.md","/document/level-0/ch02-preparation.md","/document/level-0/ch03-ssh.md","/document/level-0/ch04-security.md","/document/level-0/ch05-webpage.md","/document/level-0/ch06-certificates.md","/document/level-0/ch07-xray-server.md","/document/level-0/ch08-xray-clients.md","/document/level-0/ch09-appendix.md"]}],"/document/level-1/":[{text:"入门技巧",children:["/document/level-1/fallbacks-lv1.md","/document/level-1/routing-lv1-part1.md","/document/level-1/routing-lv1-part2.md","/document/level-1/work.md","/document/level-1/fallbacks-with-sni.md"]}],"/document/level-2/":[{text:"进阶技巧",children:["/document/level-2/transparent_proxy/transparent_proxy.md","/document/level-2/tproxy.md","/document/level-2/tproxy_ipv4_and_ipv6.md","/document/level-2/nginx_or_haproxy_tls_tunnel.md","/document/level-2/iptables_gid.md","/document/level-2/redirect.md","/document/level-2/warp.md","/document/level-2/traffic_stats.md"]}],"/development/":[{text:"开发指南",children:["/development/intro/compile.md","/development/intro/design.md","/development/intro/guide.md",{text:"协议详解",children:["/development/protocols/vless.md","/development/protocols/vmess.md","/development/protocols/muxcool.md","/development/protocols/mkcp.md"]}]}]},navbar:[{text:"首页",link:"/"},{text:"大史记",link:"/about/news.md"},{text:"配置指南",link:"/config/"},{text:"开发指南",link:"/development/"},{text:"使用指南",link:"/document/"}]},"/en/":{repoLabel:"Source",editLinkText:"Help us improve this page on GitHub!",tip:"Tip",warning:"Warning",danger:"Danger",lastUpdatedText:"Last Updated",selectLanguageName:"English (WIP)",sidebar:{"/en/config/":[{text:"Xray Features",children:["/en/config/features/xtls.md","/en/config/features/fallback.md","/en/config/features/browser_dialer.md","/en/config/features/env.md","/en/config/features/multiple.md"]},{text:"Config Reference",children:["/en/config/","/en/config/log.md","/en/config/api.md","/en/config/dns.md","/en/config/fakedns.md","/en/config/inbound.md","/en/config/outbound.md","/en/config/policy.md","/en/config/reverse.md","/en/config/routing.md","/en/config/stats.md","/en/config/transport.md"]},{text:"Inbound Protocol",children:["/en/config/inbounds/dokodemo.md","/en/config/inbounds/http.md","/en/config/inbounds/shadowsocks.md","/en/config/inbounds/socks.md","/en/config/inbounds/trojan.md","/en/config/inbounds/vless.md","/en/config/inbounds/vmess.md"]},{text:"Outbound Protocol",children:["/en/config/outbounds/blackhole.md","/en/config/outbounds/dns.md","/en/config/outbounds/freedom.md","/en/config/outbounds/http.md","/en/config/outbounds/shadowsocks.md","/en/config/outbounds/socks.md","/en/config/outbounds/trojan.md","/en/config/outbounds/vless.md","/en/config/outbounds/vmess.md","/en/config/outbounds/wireguard.md"]},{text:"Stream Transport Protocol",children:["/en/config/transports/grpc.md","/en/config/transports/h2.md","/en/config/transports/mkcp.md","/en/config/transports/quic.md","/en/config/transports/tcp.md","/en/config/transports/websocket.md"]}],"/en/document/level-0/":[{text:"Beginner Tutorial",children:["/en/document/level-0/ch01-preface.md","/en/document/level-0/ch02-preparation.md","/en/document/level-0/ch03-ssh.md","/en/document/level-0/ch04-security.md","/en/document/level-0/ch05-webpage.md","/en/document/level-0/ch06-certificates.md","/en/document/level-0/ch07-xray-server.md","/en/document/level-0/ch08-xray-clients.md","/en/document/level-0/ch09-appendix.md"]}],"/en/document/level-1/":[{text:"Getting Started Tips",children:["/en/document/level-1/fallbacks-lv1.md","/en/document/level-1/routing-lv1-part1.md","/en/document/level-1/routing-lv1-part2.md","/en/document/level-1/work.md","/en/document/level-1/fallbacks-with-sni.md"]}],"/en/document/level-2/":[{text:"Advanced Documentation",children:["/en/document/level-2/transparent_proxy/transparent_proxy.md","/en/document/level-2/tproxy.md","/en/document/level-2/tproxy_ipv4_and_ipv6.md","/en/document/level-2/nginx_or_haproxy_tls_tunnel.md","/en/document/level-2/iptables_gid.md","/en/document/level-2/redirect.md","/en/document/level-2/warp.md","/en/document/level-2/traffic_stats.md"]}],"/en/development/":[{text:"Developer Guide",children:["/en/development/intro/compile.md","/en/development/intro/design.md","/en/development/intro/guide.md",{text:"Protocol Details",children:["/en/development/protocols/vless.md","/en/development/protocols/vmess.md","/en/development/protocols/muxcool.md","/en/development/protocols/mkcp.md"]}]}]},navbar:[{text:"Homepage",link:"/en"},{text:"Website History",link:"/en/about/news.md"},{text:"Config Reference",link:"/en/config/"},{text:"Developer Guide",link:"/en/development/"},{text:"Quick Start",link:"/en/document/"}]}},navbar:[],logo:null,darkMode:!0,selectLanguageText:"Languages",selectLanguageAriaLabel:"Select language",sidebar:"auto",sidebarDepth:2,editLink:!0,editLinkText:"Edit this page",lastUpdated:!0,lastUpdatedText:"Last Updated",contributors:!0,contributorsText:"Contributors",notFound:["There's nothing here.","How did we get here?","That's a Four-Oh-Four.","Looks like we've got some broken links."],backToHome:"Take me home",openInNewWindow:"open in new window",toggleDarkMode:"toggle dark mode",toggleSidebar:"toggle sidebar"}}},e=>{e.O(0,[7633,3469],(()=>(35698,e(e.s=35698)))),e.O()}]); \ No newline at end of file +"use strict";(self.webpackChunkXray_docs_next=self.webpackChunkXray_docs_next||[]).push([[2143],{31209:(e,l,t)=>{t.d(l,{g:()=>L});var n=t(2009),i=t(56971),d=t(61598),o=t(97621),c=t(66252);(0,c.dD)("data-v-fe22c7b8");const r=["id","aria-labelledby"];(0,c.Cn)();const a=(0,c.aZ)({props:{title:{type:String}},data(){return{tabID:this.title}},mounted(){this.tabID="tab-"+Math.random().toString(36).substring(2),this.$parent.$data.children.push({id:this.tabID,title:this.title})},computed:{labelID(){return this.tabID+"-label"}}});a.render=function(e,l,t,n,i,d){return(0,c.wg)(),(0,c.iD)("div",{class:"tab-pane fade",id:e.tabID,role:"tabpanel","aria-labelledby":e.labelID},[(0,c.WI)(e.$slots,"default",{},void 0,!0)],8,r)},a.__scopeId="data-v-fe22c7b8";const s=a;var h=t(3577);(0,c.dD)("data-v-15e75904");const u={class:"container"},v=["id"],g=["id","aria-controls","data-bs-target"],m=["id"];(0,c.Cn)();const b=(0,c.aZ)({props:{title:{type:String}},data:()=>({children:[]}),beforeMount(){this.children=[]},mounted(){this.$nextTick((async function(){const e=await t.e(5169).then(t.bind(t,85169));let l=document.getElementById(this.children[0].id+"-label");new e.Tab(l).show()}))},computed:{tag:function(){return"tabs-"+this.title},contentTag:function(){return"tabs-"+this.title+"-content"}}});b.render=function(e,l,t,n,i,d){return(0,c.wg)(),(0,c.iD)("div",u,[(0,c._)("nav",null,[(0,c._)("div",{id:e.tag,class:"nav nav-pills",role:"tablist"},[((0,c.wg)(!0),(0,c.iD)(c.HY,null,(0,c.Ko)(e.children,(e=>((0,c.wg)(),(0,c.iD)("button",{id:e.id+"-label","aria-controls":e.id,"data-bs-target":"#"+e.id,"aria-selected":"false",class:"nav-link","data-bs-toggle":"tab",role:"tab",type:"button"},(0,h.zw)(e.title),9,g)))),256))],8,v)]),(0,c._)("div",{id:e.contentTag,class:"tab-content"},[(0,c.WI)(e.$slots,"default",{},void 0,!0)],8,m)])},b.__scopeId="data-v-15e75904";const p=b,f=["innerHTML"];var x=t(2262),y=t(92650);const _=(0,c.aZ)({name:"Mermaid",props:{identifier:String,graph:String},setup(e){const l=(0,y.vs)(),n=(0,x.Vh)(e,"identifier"),i=(0,x.Vh)(e,"graph"),d=(0,x.qj)({innerHtml:""});return(0,c.bv)((()=>{(0,c.Y3)((async function(){const e=await t.e(6637).then(t.bind(t,76637));e.default.initialize({startOnLoad:!1,theme:l.value?"dark":"default"}),e.default.render(n.value,decodeURI(i.value)).then((({svg:e,bindFunctions:l})=>{d.innerHtml=e}))}))})),(0,c.YP)(l,(async()=>{const e=await t.e(6637).then(t.bind(t,76637));e.default.initialize({startOnLoad:!1,theme:l.value?"dark":"default"}),e.default.render(n.value,decodeURI(i.value)).then((({svg:e,bindFunctions:l})=>{d.innerHtml=e}))})),{tag:n,payload:d}}});_.render=function(e,l,t,n,i,d){return(0,c.wg)(),(0,c.iD)("div",{innerHTML:e.payload.innerHtml},null,8,f)};const C=_,j=(0,o.vW)((({app:e,router:l,siteData:t})=>{e.component("Tab",s),e.component("Tabs",p),e.component("Mermaid",C)}));var k=t(1843);const L=[n.Z,i.Z,d.Z,j,k.Z]},89947:(e,l,t)=>{t.d(l,{p:()=>n});const n=[t(73051).Z]},44611:(e,l,t)=>{t.d(l,{l:()=>o});var n=t(78866),i=t(81263),d=t(96243);const o=[n.Z,i.Z,d.Z]},94150:(e,l,t)=>{t.d(l,{Z:()=>i});var n=t(66252);const i={404:(0,n.RC)((()=>t.e(8491).then(t.bind(t,68491)))),Layout:(0,n.RC)((()=>t.e(7554).then(t.bind(t,47554))))}},6056:(e,l,t)=>{t.d(l,{b:()=>i});var n=t(66252);const i={"v-8daa1a0e":(0,n.RC)((()=>t.e(2509).then(t.bind(t,90618)))),"v-aad48c6a":(0,n.RC)((()=>t.e(8015).then(t.bind(t,95996)))),"v-ba934fd8":(0,n.RC)((()=>t.e(5605).then(t.bind(t,67841)))),"v-41ade9da":(0,n.RC)((()=>t.e(8028).then(t.bind(t,41752)))),"v-83dedd38":(0,n.RC)((()=>t.e(9549).then(t.bind(t,13929)))),"v-192a19b9":(0,n.RC)((()=>t.e(1888).then(t.bind(t,74648)))),"v-7f6279d8":(0,n.RC)((()=>t.e(569).then(t.bind(t,75896)))),"v-1d860c29":(0,n.RC)((()=>t.e(3994).then(t.bind(t,59458)))),"v-2367d756":(0,n.RC)((()=>t.e(1783).then(t.bind(t,6739)))),"v-4ebec35a":(0,n.RC)((()=>t.e(8286).then(t.bind(t,65034)))),"v-31b7756a":(0,n.RC)((()=>t.e(9218).then(t.bind(t,68154)))),"v-70677432":(0,n.RC)((()=>t.e(2015).then(t.bind(t,56332)))),"v-7e21d6ae":(0,n.RC)((()=>t.e(1835).then(t.bind(t,19574)))),"v-e3dfff38":(0,n.RC)((()=>t.e(5170).then(t.bind(t,60455)))),"v-f7496066":(0,n.RC)((()=>t.e(2504).then(t.bind(t,84413)))),"v-36b1a79b":(0,n.RC)((()=>t.e(7578).then(t.bind(t,27608)))),"v-09a64f89":(0,n.RC)((()=>t.e(7693).then(t.bind(t,59171)))),"v-2b1adf48":(0,n.RC)((()=>t.e(1992).then(t.bind(t,47740)))),"v-86ee963a":(0,n.RC)((()=>t.e(4457).then(t.bind(t,27813)))),"v-0e5d7b39":(0,n.RC)((()=>t.e(1605).then(t.bind(t,40786)))),"v-2d0a870d":(0,n.RC)((()=>t.e(3835).then(t.bind(t,29088)))),"v-0d714d87":(0,n.RC)((()=>t.e(3767).then(t.bind(t,1536)))),"v-0da7880a":(0,n.RC)((()=>t.e(322).then(t.bind(t,41889)))),"v-2aeb21f9":(0,n.RC)((()=>t.e(7625).then(t.bind(t,91460)))),"v-3acf20ea":(0,n.RC)((()=>t.e(8628).then(t.bind(t,66267)))),"v-792e28f8":(0,n.RC)((()=>t.e(9372).then(t.bind(t,46250)))),"v-b50d2334":(0,n.RC)((()=>t.e(1050).then(t.bind(t,61393)))),"v-593408b0":(0,n.RC)((()=>t.e(7371).then(t.bind(t,86339)))),"v-802a842a":(0,n.RC)((()=>t.e(2759).then(t.bind(t,42337)))),"v-29995cea":(0,n.RC)((()=>t.e(3127).then(t.bind(t,47954)))),"v-2a1b3d72":(0,n.RC)((()=>t.e(9193).then(t.bind(t,29890)))),"v-fb92e8aa":(0,n.RC)((()=>t.e(3651).then(t.bind(t,45723)))),"v-167afaac":(0,n.RC)((()=>t.e(3737).then(t.bind(t,60585)))),"v-749ad71a":(0,n.RC)((()=>t.e(1259).then(t.bind(t,25868)))),"v-6d39b970":(0,n.RC)((()=>t.e(1381).then(t.bind(t,11290)))),"v-d76e893a":(0,n.RC)((()=>t.e(8800).then(t.bind(t,57120)))),"v-c6b4b59e":(0,n.RC)((()=>t.e(373).then(t.bind(t,52211)))),"v-7b293e4a":(0,n.RC)((()=>t.e(6553).then(t.bind(t,72977)))),"v-15f5452a":(0,n.RC)((()=>t.e(8424).then(t.bind(t,87404)))),"v-5797bdb3":(0,n.RC)((()=>t.e(1067).then(t.bind(t,44937)))),"v-a60f016c":(0,n.RC)((()=>t.e(6550).then(t.bind(t,28777)))),"v-413cee4b":(0,n.RC)((()=>t.e(9691).then(t.bind(t,65760)))),"v-208ca3b9":(0,n.RC)((()=>t.e(2243).then(t.bind(t,56566)))),"v-775db7b1":(0,n.RC)((()=>t.e(5135).then(t.bind(t,92373)))),"v-2877542a":(0,n.RC)((()=>t.e(1393).then(t.bind(t,83821)))),"v-03a28284":(0,n.RC)((()=>t.e(7021).then(t.bind(t,23638)))),"v-3167b1dd":(0,n.RC)((()=>t.e(2017).then(t.bind(t,57645)))),"v-8f08dbec":(0,n.RC)((()=>t.e(5372).then(t.bind(t,73276)))),"v-33b1b709":(0,n.RC)((()=>t.e(3745).then(t.bind(t,66842)))),"v-1ff57bba":(0,n.RC)((()=>t.e(5890).then(t.bind(t,63074)))),"v-6a9e8054":(0,n.RC)((()=>t.e(3902).then(t.bind(t,32921)))),"v-95e3eaea":(0,n.RC)((()=>t.e(5650).then(t.bind(t,84826)))),"v-61e7eea6":(0,n.RC)((()=>t.e(152).then(t.bind(t,10942)))),"v-6e6c37e6":(0,n.RC)((()=>t.e(8334).then(t.bind(t,74673)))),"v-13168a21":(0,n.RC)((()=>t.e(59).then(t.bind(t,71002)))),"v-5c48c82b":(0,n.RC)((()=>t.e(224).then(t.bind(t,63784)))),"v-1ee591a8":(0,n.RC)((()=>t.e(1327).then(t.bind(t,64195)))),"v-3f09dcfa":(0,n.RC)((()=>t.e(9789).then(t.bind(t,37696)))),"v-fb444906":(0,n.RC)((()=>t.e(3468).then(t.bind(t,3798)))),"v-075f3ae5":(0,n.RC)((()=>t.e(8945).then(t.bind(t,2711)))),"v-726d0633":(0,n.RC)((()=>t.e(966).then(t.bind(t,70780)))),"v-430c6ab8":(0,n.RC)((()=>t.e(1232).then(t.bind(t,95158)))),"v-717c6376":(0,n.RC)((()=>t.e(9346).then(t.bind(t,51153)))),"v-278039be":(0,n.RC)((()=>t.e(7147).then(t.bind(t,7984)))),"v-a0c7f88e":(0,n.RC)((()=>t.e(7964).then(t.bind(t,28030)))),"v-86586ca2":(0,n.RC)((()=>t.e(8512).then(t.bind(t,15545)))),"v-3eb62514":(0,n.RC)((()=>t.e(8403).then(t.bind(t,64064)))),"v-3f09dcbc":(0,n.RC)((()=>t.e(8941).then(t.bind(t,21656)))),"v-b21a2a20":(0,n.RC)((()=>t.e(6515).then(t.bind(t,28205)))),"v-da623318":(0,n.RC)((()=>t.e(3430).then(t.bind(t,49168)))),"v-fdd722ac":(0,n.RC)((()=>t.e(6271).then(t.bind(t,4736)))),"v-fa6d716e":(0,n.RC)((()=>t.e(4473).then(t.bind(t,23795)))),"v-2f29e106":(0,n.RC)((()=>t.e(196).then(t.bind(t,85704)))),"v-3f09dc7e":(0,n.RC)((()=>t.e(1833).then(t.bind(t,69161)))),"v-1c17916e":(0,n.RC)((()=>t.e(6214).then(t.bind(t,54002)))),"v-a001cfa6":(0,n.RC)((()=>t.e(1941).then(t.bind(t,57945)))),"v-46333b48":(0,n.RC)((()=>t.e(3866).then(t.bind(t,26550)))),"v-338bc63e":(0,n.RC)((()=>t.e(8741).then(t.bind(t,47791)))),"v-d68f7d58":(0,n.RC)((()=>t.e(2946).then(t.bind(t,98762)))),"v-e533e2c6":(0,n.RC)((()=>t.e(6447).then(t.bind(t,61897)))),"v-1e465ab0":(0,n.RC)((()=>t.e(7858).then(t.bind(t,68772)))),"v-1080fb37":(0,n.RC)((()=>t.e(8529).then(t.bind(t,68123)))),"v-317fc580":(0,n.RC)((()=>t.e(9393).then(t.bind(t,19018)))),"v-45144c7f":(0,n.RC)((()=>t.e(8064).then(t.bind(t,46163)))),"v-23fbd2d0":(0,n.RC)((()=>t.e(6907).then(t.bind(t,97590)))),"v-2b7ec525":(0,n.RC)((()=>t.e(9046).then(t.bind(t,10388)))),"v-5ab92300":(0,n.RC)((()=>t.e(6971).then(t.bind(t,11424)))),"v-f91d64d6":(0,n.RC)((()=>t.e(683).then(t.bind(t,49750)))),"v-268cd669":(0,n.RC)((()=>t.e(8140).then(t.bind(t,30018)))),"v-4492d567":(0,n.RC)((()=>t.e(4732).then(t.bind(t,45002)))),"v-0d0e1e92":(0,n.RC)((()=>t.e(9027).then(t.bind(t,44260)))),"v-4bbe1d5a":(0,n.RC)((()=>t.e(4339).then(t.bind(t,36721)))),"v-16426d1a":(0,n.RC)((()=>t.e(3446).then(t.bind(t,28084)))),"v-5de780d0":(0,n.RC)((()=>t.e(8488).then(t.bind(t,95197)))),"v-f88d343e":(0,n.RC)((()=>t.e(2927).then(t.bind(t,4186)))),"v-38d56a07":(0,n.RC)((()=>t.e(9238).then(t.bind(t,56279)))),"v-4d046016":(0,n.RC)((()=>t.e(5073).then(t.bind(t,79777)))),"v-22b35270":(0,n.RC)((()=>t.e(7975).then(t.bind(t,21034)))),"v-30bd7c12":(0,n.RC)((()=>t.e(9492).then(t.bind(t,63393)))),"v-439608b6":(0,n.RC)((()=>t.e(404).then(t.bind(t,46638)))),"v-51a51d87":(0,n.RC)((()=>t.e(2385).then(t.bind(t,39020)))),"v-76b9a0f3":(0,n.RC)((()=>t.e(788).then(t.bind(t,6511)))),"v-565dbfc4":(0,n.RC)((()=>t.e(4376).then(t.bind(t,75022)))),"v-0fbd1336":(0,n.RC)((()=>t.e(5062).then(t.bind(t,52072)))),"v-a0627812":(0,n.RC)((()=>t.e(8750).then(t.bind(t,89758)))),"v-d190d938":(0,n.RC)((()=>t.e(4746).then(t.bind(t,45794)))),"v-72afc2d2":(0,n.RC)((()=>t.e(8551).then(t.bind(t,61741)))),"v-773d731c":(0,n.RC)((()=>t.e(3834).then(t.bind(t,27839)))),"v-f555fc02":(0,n.RC)((()=>t.e(8662).then(t.bind(t,54050)))),"v-e35196c2":(0,n.RC)((()=>t.e(9279).then(t.bind(t,38479)))),"v-29188644":(0,n.RC)((()=>t.e(4316).then(t.bind(t,89709)))),"v-255a6ebf":(0,n.RC)((()=>t.e(3091).then(t.bind(t,66388)))),"v-8cc24480":(0,n.RC)((()=>t.e(2475).then(t.bind(t,31593)))),"v-64e47ef4":(0,n.RC)((()=>t.e(9886).then(t.bind(t,36986)))),"v-e979b848":(0,n.RC)((()=>t.e(346).then(t.bind(t,35569)))),"v-617f0fcf":(0,n.RC)((()=>t.e(202).then(t.bind(t,30604)))),"v-3fc98845":(0,n.RC)((()=>t.e(5500).then(t.bind(t,50438)))),"v-63077cb6":(0,n.RC)((()=>t.e(9685).then(t.bind(t,65362)))),"v-516476d4":(0,n.RC)((()=>t.e(3778).then(t.bind(t,51358)))),"v-7d61a872":(0,n.RC)((()=>t.e(8813).then(t.bind(t,11049)))),"v-6e50feb6":(0,n.RC)((()=>t.e(6665).then(t.bind(t,57375)))),"v-02956db7":(0,n.RC)((()=>t.e(6018).then(t.bind(t,84462)))),"v-797f8d25":(0,n.RC)((()=>t.e(9820).then(t.bind(t,74514)))),"v-3eb3e9c6":(0,n.RC)((()=>t.e(3818).then(t.bind(t,50413)))),"v-2c6058d4":(0,n.RC)((()=>t.e(5531).then(t.bind(t,73351)))),"v-1c38292a":(0,n.RC)((()=>t.e(4507).then(t.bind(t,46848)))),"v-1a7f9d6e":(0,n.RC)((()=>t.e(7186).then(t.bind(t,94302)))),"v-79d41176":(0,n.RC)((()=>t.e(4023).then(t.bind(t,61423)))),"v-5254cbc6":(0,n.RC)((()=>t.e(8169).then(t.bind(t,91213)))),"v-9520f392":(0,n.RC)((()=>t.e(7322).then(t.bind(t,74921)))),"v-b7760e2c":(0,n.RC)((()=>t.e(6448).then(t.bind(t,87214)))),"v-fb774212":(0,n.RC)((()=>t.e(6416).then(t.bind(t,40937)))),"v-38c376c1":(0,n.RC)((()=>t.e(9115).then(t.bind(t,58316)))),"v-21bccd79":(0,n.RC)((()=>t.e(8444).then(t.bind(t,87300)))),"v-27001935":(0,n.RC)((()=>t.e(3907).then(t.bind(t,38687)))),"v-21b30c3f":(0,n.RC)((()=>t.e(6280).then(t.bind(t,69300)))),"v-94110980":(0,n.RC)((()=>t.e(6499).then(t.bind(t,57309)))),"v-789ba7ef":(0,n.RC)((()=>t.e(6765).then(t.bind(t,60900)))),"v-d3712ade":(0,n.RC)((()=>t.e(6940).then(t.bind(t,63194)))),"v-41f9c00e":(0,n.RC)((()=>t.e(735).then(t.bind(t,26973)))),"v-4c013f47":(0,n.RC)((()=>t.e(7e3).then(t.bind(t,20505)))),"v-a75683b8":(0,n.RC)((()=>t.e(4922).then(t.bind(t,97337)))),"v-f5341aec":(0,n.RC)((()=>t.e(944).then(t.bind(t,66241)))),"v-4458f72a":(0,n.RC)((()=>t.e(2887).then(t.bind(t,52396)))),"v-f1802e66":(0,n.RC)((()=>t.e(8284).then(t.bind(t,85294)))),"v-4ca6f1ca":(0,n.RC)((()=>t.e(3775).then(t.bind(t,4562)))),"v-b0030f00":(0,n.RC)((()=>t.e(5656).then(t.bind(t,12944)))),"v-789ba80e":(0,n.RC)((()=>t.e(2578).then(t.bind(t,92939)))),"v-103b3e5c":(0,n.RC)((()=>t.e(9324).then(t.bind(t,78696)))),"v-110dd688":(0,n.RC)((()=>t.e(3177).then(t.bind(t,3439)))),"v-c425a7d4":(0,n.RC)((()=>t.e(8282).then(t.bind(t,26587)))),"v-c0bbf696":(0,n.RC)((()=>t.e(2261).then(t.bind(t,45028)))),"v-5b6477cc":(0,n.RC)((()=>t.e(5745).then(t.bind(t,85950)))),"v-789ba82d":(0,n.RC)((()=>t.e(8225).then(t.bind(t,52730)))),"v-05ddc65d":(0,n.RC)((()=>t.e(1195).then(t.bind(t,34900)))),"v-1f3a890a":(0,n.RC)((()=>t.e(9915).then(t.bind(t,64639)))),"v-930ac920":(0,n.RC)((()=>t.e(1241).then(t.bind(t,20854)))),"v-c579975c":(0,n.RC)((()=>t.e(9139).then(t.bind(t,34074)))),"v-7efb7c68":(0,n.RC)((()=>t.e(2109).then(t.bind(t,84493)))),"v-12a33bee":(0,n.RC)((()=>t.e(2547).then(t.bind(t,79264)))),"v-7d2b8478":(0,n.RC)((()=>t.e(5151).then(t.bind(t,77376)))),"v-7689d7f3":(0,n.RC)((()=>t.e(1138).then(t.bind(t,39017)))),"v-3706649a":(0,n.RC)((()=>t.e(88).then(t.bind(t,3881))))}},59706:(e,l,t)=>{t.d(l,{T:()=>n});const n={"v-8daa1a0e":()=>t.e(2509).then(t.bind(t,76464)).then((({data:e})=>e)),"v-aad48c6a":()=>t.e(8015).then(t.bind(t,16770)).then((({data:e})=>e)),"v-ba934fd8":()=>t.e(5605).then(t.bind(t,35341)).then((({data:e})=>e)),"v-41ade9da":()=>t.e(8028).then(t.bind(t,39974)).then((({data:e})=>e)),"v-83dedd38":()=>t.e(9549).then(t.bind(t,26021)).then((({data:e})=>e)),"v-192a19b9":()=>t.e(1888).then(t.bind(t,16124)).then((({data:e})=>e)),"v-7f6279d8":()=>t.e(569).then(t.bind(t,50604)).then((({data:e})=>e)),"v-1d860c29":()=>t.e(3994).then(t.bind(t,803)).then((({data:e})=>e)),"v-2367d756":()=>t.e(1783).then(t.bind(t,82404)).then((({data:e})=>e)),"v-4ebec35a":()=>t.e(8286).then(t.bind(t,50788)).then((({data:e})=>e)),"v-31b7756a":()=>t.e(9218).then(t.bind(t,94696)).then((({data:e})=>e)),"v-70677432":()=>t.e(2015).then(t.bind(t,50630)).then((({data:e})=>e)),"v-7e21d6ae":()=>t.e(1835).then(t.bind(t,12655)).then((({data:e})=>e)),"v-e3dfff38":()=>t.e(5170).then(t.bind(t,72045)).then((({data:e})=>e)),"v-f7496066":()=>t.e(2504).then(t.bind(t,5621)).then((({data:e})=>e)),"v-36b1a79b":()=>t.e(7578).then(t.bind(t,38136)).then((({data:e})=>e)),"v-09a64f89":()=>t.e(7693).then(t.bind(t,32697)).then((({data:e})=>e)),"v-2b1adf48":()=>t.e(1992).then(t.bind(t,97916)).then((({data:e})=>e)),"v-86ee963a":()=>t.e(4457).then(t.bind(t,94010)).then((({data:e})=>e)),"v-0e5d7b39":()=>t.e(1605).then(t.bind(t,3910)).then((({data:e})=>e)),"v-2d0a870d":()=>t.e(3835).then(t.bind(t,32308)).then((({data:e})=>e)),"v-0d714d87":()=>t.e(3767).then(t.bind(t,69534)).then((({data:e})=>e)),"v-0da7880a":()=>t.e(322).then(t.bind(t,88169)).then((({data:e})=>e)),"v-2aeb21f9":()=>t.e(7625).then(t.bind(t,85531)).then((({data:e})=>e)),"v-3acf20ea":()=>t.e(8628).then(t.bind(t,11996)).then((({data:e})=>e)),"v-792e28f8":()=>t.e(9372).then(t.bind(t,68799)).then((({data:e})=>e)),"v-b50d2334":()=>t.e(1050).then(t.bind(t,3765)).then((({data:e})=>e)),"v-593408b0":()=>t.e(7371).then(t.bind(t,53293)).then((({data:e})=>e)),"v-802a842a":()=>t.e(2759).then(t.bind(t,9656)).then((({data:e})=>e)),"v-29995cea":()=>t.e(3127).then(t.bind(t,30401)).then((({data:e})=>e)),"v-2a1b3d72":()=>t.e(9193).then(t.bind(t,70910)).then((({data:e})=>e)),"v-fb92e8aa":()=>t.e(3651).then(t.bind(t,73319)).then((({data:e})=>e)),"v-167afaac":()=>t.e(3737).then(t.bind(t,63872)).then((({data:e})=>e)),"v-749ad71a":()=>t.e(1259).then(t.bind(t,2414)).then((({data:e})=>e)),"v-6d39b970":()=>t.e(1381).then(t.bind(t,50795)).then((({data:e})=>e)),"v-d76e893a":()=>t.e(8800).then(t.bind(t,82809)).then((({data:e})=>e)),"v-c6b4b59e":()=>t.e(373).then(t.bind(t,13659)).then((({data:e})=>e)),"v-7b293e4a":()=>t.e(6553).then(t.bind(t,16398)).then((({data:e})=>e)),"v-15f5452a":()=>t.e(8424).then(t.bind(t,55415)).then((({data:e})=>e)),"v-5797bdb3":()=>t.e(1067).then(t.bind(t,20771)).then((({data:e})=>e)),"v-a60f016c":()=>t.e(6550).then(t.bind(t,39472)).then((({data:e})=>e)),"v-413cee4b":()=>t.e(9691).then(t.bind(t,76177)).then((({data:e})=>e)),"v-208ca3b9":()=>t.e(2243).then(t.bind(t,68826)).then((({data:e})=>e)),"v-775db7b1":()=>t.e(5135).then(t.bind(t,95596)).then((({data:e})=>e)),"v-2877542a":()=>t.e(1393).then(t.bind(t,55749)).then((({data:e})=>e)),"v-03a28284":()=>t.e(7021).then(t.bind(t,99615)).then((({data:e})=>e)),"v-3167b1dd":()=>t.e(2017).then(t.bind(t,41855)).then((({data:e})=>e)),"v-8f08dbec":()=>t.e(5372).then(t.bind(t,58980)).then((({data:e})=>e)),"v-33b1b709":()=>t.e(3745).then(t.bind(t,61661)).then((({data:e})=>e)),"v-1ff57bba":()=>t.e(5890).then(t.bind(t,16075)).then((({data:e})=>e)),"v-6a9e8054":()=>t.e(3902).then(t.bind(t,14536)).then((({data:e})=>e)),"v-95e3eaea":()=>t.e(5650).then(t.bind(t,8048)).then((({data:e})=>e)),"v-61e7eea6":()=>t.e(152).then(t.bind(t,37777)).then((({data:e})=>e)),"v-6e6c37e6":()=>t.e(8334).then(t.bind(t,27474)).then((({data:e})=>e)),"v-13168a21":()=>t.e(59).then(t.bind(t,83358)).then((({data:e})=>e)),"v-5c48c82b":()=>t.e(224).then(t.bind(t,93766)).then((({data:e})=>e)),"v-1ee591a8":()=>t.e(1327).then(t.bind(t,52102)).then((({data:e})=>e)),"v-3f09dcfa":()=>t.e(9789).then(t.bind(t,30529)).then((({data:e})=>e)),"v-fb444906":()=>t.e(3468).then(t.bind(t,92488)).then((({data:e})=>e)),"v-075f3ae5":()=>t.e(8945).then(t.bind(t,22644)).then((({data:e})=>e)),"v-726d0633":()=>t.e(966).then(t.bind(t,83463)).then((({data:e})=>e)),"v-430c6ab8":()=>t.e(1232).then(t.bind(t,29713)).then((({data:e})=>e)),"v-717c6376":()=>t.e(9346).then(t.bind(t,19481)).then((({data:e})=>e)),"v-278039be":()=>t.e(7147).then(t.bind(t,32580)).then((({data:e})=>e)),"v-a0c7f88e":()=>t.e(7964).then(t.bind(t,80918)).then((({data:e})=>e)),"v-86586ca2":()=>t.e(8512).then(t.bind(t,97633)).then((({data:e})=>e)),"v-3eb62514":()=>t.e(8403).then(t.bind(t,13601)).then((({data:e})=>e)),"v-3f09dcbc":()=>t.e(8941).then(t.bind(t,83890)).then((({data:e})=>e)),"v-b21a2a20":()=>t.e(6515).then(t.bind(t,24366)).then((({data:e})=>e)),"v-da623318":()=>t.e(3430).then(t.bind(t,39587)).then((({data:e})=>e)),"v-fdd722ac":()=>t.e(6271).then(t.bind(t,99669)).then((({data:e})=>e)),"v-fa6d716e":()=>t.e(4473).then(t.bind(t,64930)).then((({data:e})=>e)),"v-2f29e106":()=>t.e(196).then(t.bind(t,67014)).then((({data:e})=>e)),"v-3f09dc7e":()=>t.e(1833).then(t.bind(t,24256)).then((({data:e})=>e)),"v-1c17916e":()=>t.e(6214).then(t.bind(t,78964)).then((({data:e})=>e)),"v-a001cfa6":()=>t.e(1941).then(t.bind(t,76939)).then((({data:e})=>e)),"v-46333b48":()=>t.e(3866).then(t.bind(t,41353)).then((({data:e})=>e)),"v-338bc63e":()=>t.e(8741).then(t.bind(t,32818)).then((({data:e})=>e)),"v-d68f7d58":()=>t.e(2946).then(t.bind(t,5017)).then((({data:e})=>e)),"v-e533e2c6":()=>t.e(6447).then(t.bind(t,1090)).then((({data:e})=>e)),"v-1e465ab0":()=>t.e(7858).then(t.bind(t,67457)).then((({data:e})=>e)),"v-1080fb37":()=>t.e(8529).then(t.bind(t,17887)).then((({data:e})=>e)),"v-317fc580":()=>t.e(9393).then(t.bind(t,31922)).then((({data:e})=>e)),"v-45144c7f":()=>t.e(8064).then(t.bind(t,98571)).then((({data:e})=>e)),"v-23fbd2d0":()=>t.e(6907).then(t.bind(t,4426)).then((({data:e})=>e)),"v-2b7ec525":()=>t.e(9046).then(t.bind(t,2975)).then((({data:e})=>e)),"v-5ab92300":()=>t.e(6971).then(t.bind(t,32861)).then((({data:e})=>e)),"v-f91d64d6":()=>t.e(683).then(t.bind(t,16693)).then((({data:e})=>e)),"v-268cd669":()=>t.e(8140).then(t.bind(t,9805)).then((({data:e})=>e)),"v-4492d567":()=>t.e(4732).then(t.bind(t,12612)).then((({data:e})=>e)),"v-0d0e1e92":()=>t.e(9027).then(t.bind(t,44206)).then((({data:e})=>e)),"v-4bbe1d5a":()=>t.e(4339).then(t.bind(t,6655)).then((({data:e})=>e)),"v-16426d1a":()=>t.e(3446).then(t.bind(t,23002)).then((({data:e})=>e)),"v-5de780d0":()=>t.e(8488).then(t.bind(t,75755)).then((({data:e})=>e)),"v-f88d343e":()=>t.e(2927).then(t.bind(t,73250)).then((({data:e})=>e)),"v-38d56a07":()=>t.e(9238).then(t.bind(t,10077)).then((({data:e})=>e)),"v-4d046016":()=>t.e(5073).then(t.bind(t,68758)).then((({data:e})=>e)),"v-22b35270":()=>t.e(7975).then(t.bind(t,44918)).then((({data:e})=>e)),"v-30bd7c12":()=>t.e(9492).then(t.bind(t,41044)).then((({data:e})=>e)),"v-439608b6":()=>t.e(404).then(t.bind(t,17572)).then((({data:e})=>e)),"v-51a51d87":()=>t.e(2385).then(t.bind(t,37148)).then((({data:e})=>e)),"v-76b9a0f3":()=>t.e(788).then(t.bind(t,70357)).then((({data:e})=>e)),"v-565dbfc4":()=>t.e(4376).then(t.bind(t,92207)).then((({data:e})=>e)),"v-0fbd1336":()=>t.e(5062).then(t.bind(t,60690)).then((({data:e})=>e)),"v-a0627812":()=>t.e(8750).then(t.bind(t,44832)).then((({data:e})=>e)),"v-d190d938":()=>t.e(4746).then(t.bind(t,74766)).then((({data:e})=>e)),"v-72afc2d2":()=>t.e(8551).then(t.bind(t,54457)).then((({data:e})=>e)),"v-773d731c":()=>t.e(3834).then(t.bind(t,91219)).then((({data:e})=>e)),"v-f555fc02":()=>t.e(8662).then(t.bind(t,73582)).then((({data:e})=>e)),"v-e35196c2":()=>t.e(9279).then(t.bind(t,38674)).then((({data:e})=>e)),"v-29188644":()=>t.e(4316).then(t.bind(t,34293)).then((({data:e})=>e)),"v-255a6ebf":()=>t.e(3091).then(t.bind(t,16431)).then((({data:e})=>e)),"v-8cc24480":()=>t.e(2475).then(t.bind(t,76115)).then((({data:e})=>e)),"v-64e47ef4":()=>t.e(9886).then(t.bind(t,36544)).then((({data:e})=>e)),"v-e979b848":()=>t.e(346).then(t.bind(t,27726)).then((({data:e})=>e)),"v-617f0fcf":()=>t.e(202).then(t.bind(t,10420)).then((({data:e})=>e)),"v-3fc98845":()=>t.e(5500).then(t.bind(t,2057)).then((({data:e})=>e)),"v-63077cb6":()=>t.e(9685).then(t.bind(t,60192)).then((({data:e})=>e)),"v-516476d4":()=>t.e(3778).then(t.bind(t,37322)).then((({data:e})=>e)),"v-7d61a872":()=>t.e(8813).then(t.bind(t,73872)).then((({data:e})=>e)),"v-6e50feb6":()=>t.e(6665).then(t.bind(t,62735)).then((({data:e})=>e)),"v-02956db7":()=>t.e(6018).then(t.bind(t,32849)).then((({data:e})=>e)),"v-797f8d25":()=>t.e(9820).then(t.bind(t,4754)).then((({data:e})=>e)),"v-3eb3e9c6":()=>t.e(3818).then(t.bind(t,31078)).then((({data:e})=>e)),"v-2c6058d4":()=>t.e(5531).then(t.bind(t,15399)).then((({data:e})=>e)),"v-1c38292a":()=>t.e(4507).then(t.bind(t,13312)).then((({data:e})=>e)),"v-1a7f9d6e":()=>t.e(7186).then(t.bind(t,56001)).then((({data:e})=>e)),"v-79d41176":()=>t.e(4023).then(t.bind(t,39431)).then((({data:e})=>e)),"v-5254cbc6":()=>t.e(8169).then(t.bind(t,52640)).then((({data:e})=>e)),"v-9520f392":()=>t.e(7322).then(t.bind(t,15212)).then((({data:e})=>e)),"v-b7760e2c":()=>t.e(6448).then(t.bind(t,64557)).then((({data:e})=>e)),"v-fb774212":()=>t.e(6416).then(t.bind(t,82423)).then((({data:e})=>e)),"v-38c376c1":()=>t.e(9115).then(t.bind(t,33200)).then((({data:e})=>e)),"v-21bccd79":()=>t.e(8444).then(t.bind(t,62726)).then((({data:e})=>e)),"v-27001935":()=>t.e(3907).then(t.bind(t,61193)).then((({data:e})=>e)),"v-21b30c3f":()=>t.e(6280).then(t.bind(t,69555)).then((({data:e})=>e)),"v-94110980":()=>t.e(6499).then(t.bind(t,38867)).then((({data:e})=>e)),"v-789ba7ef":()=>t.e(6765).then(t.bind(t,86662)).then((({data:e})=>e)),"v-d3712ade":()=>t.e(6940).then(t.bind(t,69442)).then((({data:e})=>e)),"v-41f9c00e":()=>t.e(735).then(t.bind(t,59995)).then((({data:e})=>e)),"v-4c013f47":()=>t.e(7e3).then(t.bind(t,56084)).then((({data:e})=>e)),"v-a75683b8":()=>t.e(4922).then(t.bind(t,73966)).then((({data:e})=>e)),"v-f5341aec":()=>t.e(944).then(t.bind(t,30462)).then((({data:e})=>e)),"v-4458f72a":()=>t.e(2887).then(t.bind(t,7202)).then((({data:e})=>e)),"v-f1802e66":()=>t.e(8284).then(t.bind(t,35815)).then((({data:e})=>e)),"v-4ca6f1ca":()=>t.e(3775).then(t.bind(t,8882)).then((({data:e})=>e)),"v-b0030f00":()=>t.e(5656).then(t.bind(t,32286)).then((({data:e})=>e)),"v-789ba80e":()=>t.e(2578).then(t.bind(t,88396)).then((({data:e})=>e)),"v-103b3e5c":()=>t.e(9324).then(t.bind(t,89515)).then((({data:e})=>e)),"v-110dd688":()=>t.e(3177).then(t.bind(t,46956)).then((({data:e})=>e)),"v-c425a7d4":()=>t.e(8282).then(t.bind(t,71389)).then((({data:e})=>e)),"v-c0bbf696":()=>t.e(2261).then(t.bind(t,38790)).then((({data:e})=>e)),"v-5b6477cc":()=>t.e(5745).then(t.bind(t,80515)).then((({data:e})=>e)),"v-789ba82d":()=>t.e(8225).then(t.bind(t,95833)).then((({data:e})=>e)),"v-05ddc65d":()=>t.e(1195).then(t.bind(t,4614)).then((({data:e})=>e)),"v-1f3a890a":()=>t.e(9915).then(t.bind(t,35364)).then((({data:e})=>e)),"v-930ac920":()=>t.e(1241).then(t.bind(t,51354)).then((({data:e})=>e)),"v-c579975c":()=>t.e(9139).then(t.bind(t,70632)).then((({data:e})=>e)),"v-7efb7c68":()=>t.e(2109).then(t.bind(t,28537)).then((({data:e})=>e)),"v-12a33bee":()=>t.e(2547).then(t.bind(t,63324)).then((({data:e})=>e)),"v-7d2b8478":()=>t.e(5151).then(t.bind(t,67017)).then((({data:e})=>e)),"v-7689d7f3":()=>t.e(1138).then(t.bind(t,99029)).then((({data:e})=>e)),"v-3706649a":()=>t.e(88).then(t.bind(t,21801)).then((({data:e})=>e))}},84634:(e,l,t)=>{t.d(l,{g:()=>i});var n=t(74802);const i=[["v-8daa1a0e","/","",["/index.html","/README.md"]],["v-aad48c6a","/about/news.html","大史记",["/about/news","/about/news.md"]],["v-ba934fd8","/config/","配置文件",["/config/index.html","/config/README.md"]],["v-41ade9da","/config/api.html","API 接口",["/config/api","/config/api.md"]],["v-83dedd38","/config/dns.html","内置 DNS 服务器",["/config/dns","/config/dns.md"]],["v-192a19b9","/config/fakedns.html","FakeDNS",["/config/fakedns","/config/fakedns.md"]],["v-7f6279d8","/config/inbound.html","入站代理",["/config/inbound","/config/inbound.md"]],["v-1d860c29","/config/log.html","日志配置",["/config/log","/config/log.md"]],["v-2367d756","/config/outbound.html","出站代理",["/config/outbound","/config/outbound.md"]],["v-4ebec35a","/config/policy.html","本地策略",["/config/policy","/config/policy.md"]],["v-31b7756a","/config/reverse.html","反向代理",["/config/reverse","/config/reverse.md"]],["v-70677432","/config/routing.html","路由",["/config/routing","/config/routing.md"]],["v-7e21d6ae","/config/stats.html","统计信息",["/config/stats","/config/stats.md"]],["v-e3dfff38","/config/transport.html","传输方式",["/config/transport","/config/transport.md"]],["v-f7496066","/development/","开发指南",["/development/index.html","/development/README.md"]],["v-36b1a79b","/document/","快速入门",["/document/index.html","/document/README.md"]],["v-09a64f89","/document/command.html","命令参数",["/document/command","/document/command.md"]],["v-2b1adf48","/document/config.html","配置运行",["/document/config","/document/config.md"]],["v-86ee963a","/document/document.html","为 Project X 的文档贡献",["/document/document","/document/document.md"]],["v-0e5d7b39","/document/install.html","下载安装",["/document/install","/document/install.md"]],["v-2d0a870d","/en/","",["/en/index.html","/en/README.md"]],["v-0d714d87","/config/features/browser_dialer.html","Browser Dialer",["/config/features/browser_dialer","/config/features/browser_dialer.md"]],["v-0da7880a","/config/features/env.html","环境变量",["/config/features/env","/config/features/env.md"]],["v-2aeb21f9","/config/features/fallback.html","Fallback 回落",["/config/features/fallback","/config/features/fallback.md"]],["v-3acf20ea","/config/features/multiple.html","多文件配置",["/config/features/multiple","/config/features/multiple.md"]],["v-792e28f8","/config/features/xtls.html","XTLS 深度剖析",["/config/features/xtls","/config/features/xtls.md"]],["v-b50d2334","/config/inbounds/dokodemo.html","Dokodemo-Door",["/config/inbounds/dokodemo","/config/inbounds/dokodemo.md"]],["v-593408b0","/config/inbounds/http.html","HTTP",["/config/inbounds/http","/config/inbounds/http.md"]],["v-802a842a","/config/inbounds/shadowsocks.html","Shadowsocks",["/config/inbounds/shadowsocks","/config/inbounds/shadowsocks.md"]],["v-29995cea","/config/inbounds/socks.html","Socks",["/config/inbounds/socks","/config/inbounds/socks.md"]],["v-2a1b3d72","/config/inbounds/trojan.html","Trojan",["/config/inbounds/trojan","/config/inbounds/trojan.md"]],["v-fb92e8aa","/config/inbounds/vless.html","VLESS",["/config/inbounds/vless","/config/inbounds/vless.md"]],["v-167afaac","/config/inbounds/vmess.html","VMess",["/config/inbounds/vmess","/config/inbounds/vmess.md"]],["v-749ad71a","/config/outbounds/blackhole.html","Blackhole",["/config/outbounds/blackhole","/config/outbounds/blackhole.md"]],["v-6d39b970","/config/outbounds/dns.html","DNS",["/config/outbounds/dns","/config/outbounds/dns.md"]],["v-d76e893a","/config/outbounds/freedom.html","Freedom",["/config/outbounds/freedom","/config/outbounds/freedom.md"]],["v-c6b4b59e","/config/outbounds/http.html","HTTP",["/config/outbounds/http","/config/outbounds/http.md"]],["v-7b293e4a","/config/outbounds/shadowsocks.html","Shadowsocks",["/config/outbounds/shadowsocks","/config/outbounds/shadowsocks.md"]],["v-15f5452a","/config/outbounds/socks.html","Socks",["/config/outbounds/socks","/config/outbounds/socks.md"]],["v-5797bdb3","/config/outbounds/trojan.html","Trojan",["/config/outbounds/trojan","/config/outbounds/trojan.md"]],["v-a60f016c","/config/outbounds/vless.html","VLESS",["/config/outbounds/vless","/config/outbounds/vless.md"]],["v-413cee4b","/config/outbounds/vmess.html","VMess",["/config/outbounds/vmess","/config/outbounds/vmess.md"]],["v-208ca3b9","/config/outbounds/wireguard.html","Wireguard",["/config/outbounds/wireguard","/config/outbounds/wireguard.md"]],["v-775db7b1","/config/transports/domainsocket.html","Domain Socket",["/config/transports/domainsocket","/config/transports/domainsocket.md"]],["v-2877542a","/config/transports/grpc.html","gRPC",["/config/transports/grpc","/config/transports/grpc.md"]],["v-03a28284","/config/transports/h2.html","HTTP/2",["/config/transports/h2","/config/transports/h2.md"]],["v-3167b1dd","/config/transports/mkcp.html","mKCP",["/config/transports/mkcp","/config/transports/mkcp.md"]],["v-8f08dbec","/config/transports/quic.html","QUIC",["/config/transports/quic","/config/transports/quic.md"]],["v-33b1b709","/config/transports/tcp.html","TCP",["/config/transports/tcp","/config/transports/tcp.md"]],["v-1ff57bba","/config/transports/websocket.html","WebSocket",["/config/transports/websocket","/config/transports/websocket.md"]],["v-6a9e8054","/development/intro/compile.html","编译文档",["/development/intro/compile","/development/intro/compile.md"]],["v-95e3eaea","/development/intro/design.html","设计目标",["/development/intro/design","/development/intro/design.md"]],["v-61e7eea6","/development/intro/guide.html","开发规范",["/development/intro/guide","/development/intro/guide.md"]],["v-6e6c37e6","/development/protocols/mkcp.html","mKCP 协议",["/development/protocols/mkcp","/development/protocols/mkcp.md"]],["v-13168a21","/development/protocols/muxcool.html","Mux.Cool 协议",["/development/protocols/muxcool","/development/protocols/muxcool.md"]],["v-5c48c82b","/development/protocols/vless.html","VLESS 协议",["/development/protocols/vless","/development/protocols/vless.md"]],["v-1ee591a8","/development/protocols/vmess.html","VMess 协议",["/development/protocols/vmess","/development/protocols/vmess.md"]],["v-3f09dcfa","/document/level-0/","小小白白话文",["/document/level-0/index.html","/document/level-0/README.md"]],["v-fb444906","/document/level-0/ch01-preface.html","【第 1 章】 小小白白话文",["/document/level-0/ch01-preface","/document/level-0/ch01-preface.md"]],["v-075f3ae5","/document/level-0/ch02-preparation.html","【第 2 章】原料准备篇",["/document/level-0/ch02-preparation","/document/level-0/ch02-preparation.md"]],["v-726d0633","/document/level-0/ch03-ssh.html","【第 3 章】远程登录篇",["/document/level-0/ch03-ssh","/document/level-0/ch03-ssh.md"]],["v-430c6ab8","/document/level-0/ch04-security.html","【第 4 章】安全防护篇",["/document/level-0/ch04-security","/document/level-0/ch04-security.md"]],["v-717c6376","/document/level-0/ch05-webpage.html","【第 5 章】网站建设篇",["/document/level-0/ch05-webpage","/document/level-0/ch05-webpage.md"]],["v-278039be","/document/level-0/ch06-certificates.html","【第 6 章】证书管理篇",["/document/level-0/ch06-certificates","/document/level-0/ch06-certificates.md"]],["v-a0c7f88e","/document/level-0/ch07-xray-server.html","【第 7 章】Xray 服务器篇",["/document/level-0/ch07-xray-server","/document/level-0/ch07-xray-server.md"]],["v-86586ca2","/document/level-0/ch08-xray-clients.html","【第 8 章】Xray 客户端篇",["/document/level-0/ch08-xray-clients","/document/level-0/ch08-xray-clients.md"]],["v-3eb62514","/document/level-0/ch09-appendix.html","【第 9 章】附录",["/document/level-0/ch09-appendix","/document/level-0/ch09-appendix.md"]],["v-3f09dcbc","/document/level-1/","入门技巧",["/document/level-1/index.html","/document/level-1/README.md"]],["v-b21a2a20","/document/level-1/fallbacks-lv1.html","回落 (fallbacks) 功能简析",["/document/level-1/fallbacks-lv1","/document/level-1/fallbacks-lv1.md"]],["v-da623318","/document/level-1/fallbacks-with-sni.html","SNI 回落",["/document/level-1/fallbacks-with-sni","/document/level-1/fallbacks-with-sni.md"]],["v-fdd722ac","/document/level-1/routing-lv1-part1.html","路由 (routing) 功能简析(上)",["/document/level-1/routing-lv1-part1","/document/level-1/routing-lv1-part1.md"]],["v-fa6d716e","/document/level-1/routing-lv1-part2.html","路由 (routing) 功能简析(下)",["/document/level-1/routing-lv1-part2","/document/level-1/routing-lv1-part2.md"]],["v-2f29e106","/document/level-1/work.html","Xray 的工作模式",["/document/level-1/work","/document/level-1/work.md"]],["v-3f09dc7e","/document/level-2/","进阶文档",["/document/level-2/index.html","/document/level-2/README.md"]],["v-1c17916e","/document/level-2/iptables_gid.html","GID 透明代理",["/document/level-2/iptables_gid","/document/level-2/iptables_gid.md"]],["v-a001cfa6","/document/level-2/nginx_or_haproxy_tls_tunnel.html","Nginx 或 Haproxy 搭建 TLS 隧道隐藏指纹",["/document/level-2/nginx_or_haproxy_tls_tunnel","/document/level-2/nginx_or_haproxy_tls_tunnel.md"]],["v-46333b48","/document/level-2/redirect.html","出站流量重定向",["/document/level-2/redirect","/document/level-2/redirect.md"]],["v-338bc63e","/document/level-2/tproxy.html","TProxy 透明代理",["/document/level-2/tproxy","/document/level-2/tproxy.md"]],["v-d68f7d58","/document/level-2/tproxy_ipv4_and_ipv6.html","TProxy 透明代理 (ipv4 and ipv6)",["/document/level-2/tproxy_ipv4_and_ipv6","/document/level-2/tproxy_ipv4_and_ipv6.md"]],["v-e533e2c6","/document/level-2/traffic_stats.html","流量统计",["/document/level-2/traffic_stats","/document/level-2/traffic_stats.md"]],["v-1e465ab0","/document/level-2/warp.html","通过 Cloudflare Warp 增强代理安全性",["/document/level-2/warp","/document/level-2/warp.md"]],["v-1080fb37","/en/about/news.html","大史记",["/en/about/news","/en/about/news.md"]],["v-317fc580","/en/config/","Configurations",["/en/config/index.html","/en/config/README.md"]],["v-45144c7f","/en/config/api.html","API Interface",["/en/config/api","/en/config/api.md"]],["v-23fbd2d0","/en/config/dns.html","Built-in DNS Server",["/en/config/dns","/en/config/dns.md"]],["v-2b7ec525","/en/config/fakedns.html","FakeDNS",["/en/config/fakedns","/en/config/fakedns.md"]],["v-5ab92300","/en/config/inbound.html","Inbound Proxy",["/en/config/inbound","/en/config/inbound.md"]],["v-f91d64d6","/en/config/log.html","Log Configuration",["/en/config/log","/en/config/log.md"]],["v-268cd669","/en/config/outbound.html","Outbound Proxies",["/en/config/outbound","/en/config/outbound.md"]],["v-4492d567","/en/config/policy.html","Local Policy",["/en/config/policy","/en/config/policy.md"]],["v-0d0e1e92","/en/config/reverse.html","Reverse Proxy",["/en/config/reverse","/en/config/reverse.md"]],["v-4bbe1d5a","/en/config/routing.html","Routing",["/en/config/routing","/en/config/routing.md"]],["v-16426d1a","/en/config/stats.html","Traffic Statistics",["/en/config/stats","/en/config/stats.md"]],["v-5de780d0","/en/config/transport.html","Transport Protocol",["/en/config/transport","/en/config/transport.md"]],["v-f88d343e","/en/development/","Development Guide",["/en/development/index.html","/en/development/README.md"]],["v-38d56a07","/en/document/","Quick Start",["/en/document/index.html","/en/document/README.md"]],["v-4d046016","/en/document/command.html","Command Parameters",["/en/document/command","/en/document/command.md"]],["v-22b35270","/en/document/config.html","Configure and Run",["/en/document/config","/en/document/config.md"]],["v-30bd7c12","/en/document/document.html","Contribute to Project X's Document",["/en/document/document","/en/document/document.md"]],["v-439608b6","/en/document/install.html","Download and Install",["/en/document/install","/en/document/install.md"]],["v-51a51d87","/document/level-2/transparent_proxy/transparent_proxy.html","透明代理入门",["/document/level-2/transparent_proxy/transparent_proxy","/document/level-2/transparent_proxy/transparent_proxy.md"]],["v-76b9a0f3","/en/config/features/browser_dialer.html","Browser Dialer",["/en/config/features/browser_dialer","/en/config/features/browser_dialer.md"]],["v-565dbfc4","/en/config/features/env.html","Environment Variables",["/en/config/features/env","/en/config/features/env.md"]],["v-0fbd1336","/en/config/features/fallback.html","Fallback",["/en/config/features/fallback","/en/config/features/fallback.md"]],["v-a0627812","/en/config/features/multiple.html","Multi-file configuration",["/en/config/features/multiple","/en/config/features/multiple.md"]],["v-d190d938","/en/config/features/xtls.html","Deep analysis of XTLS",["/en/config/features/xtls","/en/config/features/xtls.md"]],["v-72afc2d2","/en/config/inbounds/dokodemo.html","Dokodemo-Door",["/en/config/inbounds/dokodemo","/en/config/inbounds/dokodemo.md"]],["v-773d731c","/en/config/inbounds/http.html","HTTP",["/en/config/inbounds/http","/en/config/inbounds/http.md"]],["v-f555fc02","/en/config/inbounds/shadowsocks.html","Shadowsocks",["/en/config/inbounds/shadowsocks","/en/config/inbounds/shadowsocks.md"]],["v-e35196c2","/en/config/inbounds/socks.html","SOCKS",["/en/config/inbounds/socks","/en/config/inbounds/socks.md"]],["v-29188644","/en/config/inbounds/trojan.html","Trojan",["/en/config/inbounds/trojan","/en/config/inbounds/trojan.md"]],["v-255a6ebf","/en/config/inbounds/vless.html","VLESS",["/en/config/inbounds/vless","/en/config/inbounds/vless.md"]],["v-8cc24480","/en/config/inbounds/vmess.html","VMess",["/en/config/inbounds/vmess","/en/config/inbounds/vmess.md"]],["v-64e47ef4","/en/config/outbounds/blackhole.html","Blackhole",["/en/config/outbounds/blackhole","/en/config/outbounds/blackhole.md"]],["v-e979b848","/en/config/outbounds/dns.html","DNS",["/en/config/outbounds/dns","/en/config/outbounds/dns.md"]],["v-617f0fcf","/en/config/outbounds/freedom.html","Freedom",["/en/config/outbounds/freedom","/en/config/outbounds/freedom.md"]],["v-3fc98845","/en/config/outbounds/http.html","HTTP",["/en/config/outbounds/http","/en/config/outbounds/http.md"]],["v-63077cb6","/en/config/outbounds/shadowsocks.html","Shadowsocks",["/en/config/outbounds/shadowsocks","/en/config/outbounds/shadowsocks.md"]],["v-516476d4","/en/config/outbounds/socks.html","Socks",["/en/config/outbounds/socks","/en/config/outbounds/socks.md"]],["v-7d61a872","/en/config/outbounds/trojan.html","Trojan",["/en/config/outbounds/trojan","/en/config/outbounds/trojan.md"]],["v-6e50feb6","/en/config/outbounds/vless.html","VLESS",["/en/config/outbounds/vless","/en/config/outbounds/vless.md"]],["v-02956db7","/en/config/outbounds/vmess.html","VMess",["/en/config/outbounds/vmess","/en/config/outbounds/vmess.md"]],["v-797f8d25","/en/config/outbounds/wireguard.html","Wireguard",["/en/config/outbounds/wireguard","/en/config/outbounds/wireguard.md"]],["v-3eb3e9c6","/en/config/transports/domainsocket.html","Domain Socket",["/en/config/transports/domainsocket","/en/config/transports/domainsocket.md"]],["v-2c6058d4","/en/config/transports/grpc.html","gRPC",["/en/config/transports/grpc","/en/config/transports/grpc.md"]],["v-1c38292a","/en/config/transports/h2.html","HTTP/2",["/en/config/transports/h2","/en/config/transports/h2.md"]],["v-1a7f9d6e","/en/config/transports/mkcp.html","mKCP",["/en/config/transports/mkcp","/en/config/transports/mkcp.md"]],["v-79d41176","/en/config/transports/quic.html","QUIC",["/en/config/transports/quic","/en/config/transports/quic.md"]],["v-5254cbc6","/en/config/transports/tcp.html","TCP",["/en/config/transports/tcp","/en/config/transports/tcp.md"]],["v-9520f392","/en/config/transports/websocket.html","WebSocket",["/en/config/transports/websocket","/en/config/transports/websocket.md"]],["v-b7760e2c","/en/development/intro/compile.html","Compile the document",["/en/development/intro/compile","/en/development/intro/compile.md"]],["v-fb774212","/en/development/intro/design.html","Design Objectives",["/en/development/intro/design","/en/development/intro/design.md"]],["v-38c376c1","/en/development/intro/guide.html","Development Standards",["/en/development/intro/guide","/en/development/intro/guide.md"]],["v-21bccd79","/en/development/protocols/mkcp.html","mKCP Protocol",["/en/development/protocols/mkcp","/en/development/protocols/mkcp.md"]],["v-27001935","/en/development/protocols/muxcool.html","Mux.Cool Protocol",["/en/development/protocols/muxcool","/en/development/protocols/muxcool.md"]],["v-21b30c3f","/en/development/protocols/vless.html","VLESS Protocol",["/en/development/protocols/vless","/en/development/protocols/vless.md"]],["v-94110980","/en/development/protocols/vmess.html","VMess Protocol",["/en/development/protocols/vmess","/en/development/protocols/vmess.md"]],["v-789ba7ef","/en/document/level-0/","Plain and Simple Language",["/en/document/level-0/index.html","/en/document/level-0/README.md"]],["v-d3712ade","/en/document/level-0/ch01-preface.html","[Chapter 1] Simple and Plain Language",["/en/document/level-0/ch01-preface","/en/document/level-0/ch01-preface.md"]],["v-41f9c00e","/en/document/level-0/ch02-preparation.html","[Chapter 2] Preparation of Raw Materials",["/en/document/level-0/ch02-preparation","/en/document/level-0/ch02-preparation.md"]],["v-4c013f47","/en/document/level-0/ch03-ssh.html","[Chapter 3] Remote Login",["/en/document/level-0/ch03-ssh","/en/document/level-0/ch03-ssh.md"]],["v-a75683b8","/en/document/level-0/ch04-security.html","[Chapter 4] Security and Protection",["/en/document/level-0/ch04-security","/en/document/level-0/ch04-security.md"]],["v-f5341aec","/en/document/level-0/ch05-webpage.html","Chapter 5: Website Building",["/en/document/level-0/ch05-webpage","/en/document/level-0/ch05-webpage.md"]],["v-4458f72a","/en/document/level-0/ch06-certificates.html","[Chapter 6] Certificate Management",["/en/document/level-0/ch06-certificates","/en/document/level-0/ch06-certificates.md"]],["v-f1802e66","/en/document/level-0/ch07-xray-server.html","【第 7 章】Xray 服务器篇",["/en/document/level-0/ch07-xray-server","/en/document/level-0/ch07-xray-server.md"]],["v-4ca6f1ca","/en/document/level-0/ch08-xray-clients.html","【第 8 章】Xray 客户端篇",["/en/document/level-0/ch08-xray-clients","/en/document/level-0/ch08-xray-clients.md"]],["v-b0030f00","/en/document/level-0/ch09-appendix.html","【第 9 章】附录",["/en/document/level-0/ch09-appendix","/en/document/level-0/ch09-appendix.md"]],["v-789ba80e","/en/document/level-1/","Beginner's Tips",["/en/document/level-1/index.html","/en/document/level-1/README.md"]],["v-103b3e5c","/en/document/level-1/fallbacks-lv1.html","回落 (fallbacks) 功能简析",["/en/document/level-1/fallbacks-lv1","/en/document/level-1/fallbacks-lv1.md"]],["v-110dd688","/en/document/level-1/fallbacks-with-sni.html","SNI fallback",["/en/document/level-1/fallbacks-with-sni","/en/document/level-1/fallbacks-with-sni.md"]],["v-c425a7d4","/en/document/level-1/routing-lv1-part1.html","路由 (routing) 功能简析(上)",["/en/document/level-1/routing-lv1-part1","/en/document/level-1/routing-lv1-part1.md"]],["v-c0bbf696","/en/document/level-1/routing-lv1-part2.html","路由 (routing) 功能简析(下)",["/en/document/level-1/routing-lv1-part2","/en/document/level-1/routing-lv1-part2.md"]],["v-5b6477cc","/en/document/level-1/work.html","Xray 的工作模式",["/en/document/level-1/work","/en/document/level-1/work.md"]],["v-789ba82d","/en/document/level-2/","Advanced Documentation",["/en/document/level-2/index.html","/en/document/level-2/README.md"]],["v-05ddc65d","/en/document/level-2/iptables_gid.html","Transparent proxy via GID",["/en/document/level-2/iptables_gid","/en/document/level-2/iptables_gid.md"]],["v-1f3a890a","/en/document/level-2/nginx_tls_tunnel.html","Nginx_TLS隧道隐藏指纹",["/en/document/level-2/nginx_tls_tunnel","/en/document/level-2/nginx_tls_tunnel.md"]],["v-930ac920","/en/document/level-2/redirect.html","出站流量重定向",["/en/document/level-2/redirect","/en/document/level-2/redirect.md"]],["v-c579975c","/en/document/level-2/tproxy.html","TProxy 透明代理",["/en/document/level-2/tproxy","/en/document/level-2/tproxy.md"]],["v-7efb7c68","/en/document/level-2/tproxy_ipv4_and_ipv6.html","TProxy 透明代理 (ipv4 and ipv6)",["/en/document/level-2/tproxy_ipv4_and_ipv6","/en/document/level-2/tproxy_ipv4_and_ipv6.md"]],["v-12a33bee","/en/document/level-2/traffic_stats.html","流量统计",["/en/document/level-2/traffic_stats","/en/document/level-2/traffic_stats.md"]],["v-7d2b8478","/en/document/level-2/warp.html","Enhancing Proxy Security with Cloudflare Warp",["/en/document/level-2/warp","/en/document/level-2/warp.md"]],["v-7689d7f3","/en/document/level-2/transparent_proxy/transparent_proxy.html","透明代理入门",["/en/document/level-2/transparent_proxy/transparent_proxy","/en/document/level-2/transparent_proxy/transparent_proxy.md"]],["v-3706649a","/404.html","",["/404"]]].reduce(((e,[l,t,i,d])=>(e.push({name:l,path:t,component:n.Y,meta:{title:i}},...d.map((e=>({path:e,redirect:t})))),e)),[{name:"404",path:"/:catchAll(.*)",component:n.Y}])},85472:(e,l,t)=>{t.d(l,{D:()=>n});const n=[{title:"",headers:[{level:2,title:"XTLS ? Xray ? V2Ray ?",slug:"xtls-xray-v2ray",children:[{level:3,title:"我们是谁?",slug:"我们是谁",children:[]},{level:3,title:"帮助 Xray 变得更强",slug:"帮助-xray-变得更强",children:[]},{level:3,title:"Telegram",slug:"telegram",children:[]},{level:3,title:"致谢",slug:"致谢",children:[]},{level:3,title:"更多关于 project X",slug:"更多关于-project-x",children:[]},{level:3,title:"License",slug:"license",children:[]},{level:3,title:"Stargazers over time",slug:"stargazers-over-time",children:[]}]}],path:"/",pathLocale:"/",extraFields:[]},{title:"大史记",headers:[{level:2,title:"2021.4.6",slug:"_2021-4-6",children:[]},{level:2,title:"2021.4.4",slug:"_2021-4-4",children:[]},{level:2,title:"2021.4.1 v1.4.2",slug:"_2021-4-1-v1-4-2",children:[]},{level:2,title:"2021.3.25",slug:"_2021-3-25",children:[]},{level:2,title:"2021.3.15",slug:"_2021-3-15",children:[]},{level:2,title:"2021.3.14 v1.4.0",slug:"_2021-3-14-v1-4-0",children:[]},{level:2,title:"2021.3.3 1.3.1",slug:"_2021-3-3-1-3-1",children:[]},{level:2,title:"2021.2.14 1.3.0",slug:"_2021-2-14-1-3-0",children:[]},{level:2,title:"2021.01.31 1.2.4",slug:"_2021-01-31-1-2-4",children:[]},{level:2,title:"2021.01.25",slug:"_2021-01-25",children:[]},{level:2,title:"2021.01.22 1.2.3",slug:"_2021-01-22-1-2-3",children:[]},{level:2,title:"2021.01.19",slug:"_2021-01-19",children:[]},{level:2,title:"2021.01.17",slug:"_2021-01-17",children:[]},{level:2,title:"2021.01.15 1.2.2",slug:"_2021-01-15-1-2-2",children:[]},{level:2,title:"2021.01.12",slug:"_2021-01-12",children:[]},{level:2,title:"2021.01.10 1.2.1",slug:"_2021-01-10-1-2-1",children:[]},{level:2,title:"2021.01.07",slug:"_2021-01-07",children:[]},{level:2,title:"2021.01.05",slug:"_2021-01-05",children:[]},{level:2,title:"2021.01.03",slug:"_2021-01-03",children:[]},{level:2,title:"2021.01.01",slug:"_2021-01-01",children:[]},{level:2,title:"2020.12.29",slug:"_2020-12-29",children:[]},{level:2,title:"2020.12.25 1.1.5",slug:"_2020-12-25-1-1-5",children:[]},{level:2,title:"2020.12.24",slug:"_2020-12-24",children:[]},{level:2,title:"2020.12.23",slug:"_2020-12-23",children:[]},{level:2,title:"2020.12.21",slug:"_2020-12-21",children:[]},{level:2,title:"2020.12.18 1.1.4",slug:"_2020-12-18-1-1-4",children:[]},{level:2,title:"2020.12.17",slug:"_2020-12-17",children:[]},{level:2,title:"2020.12.15",slug:"_2020-12-15",children:[]},{level:2,title:"2020.12.11 1.1.3",slug:"_2020-12-11-1-1-3",children:[]},{level:2,title:"2020.12.06 1.1.2",slug:"_2020-12-06-1-1-2",children:[]},{level:2,title:"2020.12.04",slug:"_2020-12-04",children:[]},{level:2,title:"2020.11.27",slug:"_2020-11-27",children:[]},{level:2,title:"2020.11.25 1.0.0",slug:"_2020-11-25-1-0-0",children:[]},{level:2,title:"2020.11.23",slug:"_2020-11-23",children:[]}],path:"/about/news.html",pathLocale:"/",extraFields:[]},{title:"配置文件",headers:[{level:2,title:"概述",slug:"概述",children:[]},{level:2,title:"基础配置模块",slug:"基础配置模块",children:[]}],path:"/config/",pathLocale:"/",extraFields:[]},{title:"API 接口",headers:[{level:2,title:"ApiObject",slug:"apiobject",children:[]},{level:2,title:"相关配置",slug:"相关配置",children:[]},{level:2,title:"支持的 API 列表",slug:"支持的-api-列表",children:[{level:3,title:"HandlerService",slug:"handlerservice",children:[]},{level:3,title:"LoggerService",slug:"loggerservice",children:[]},{level:3,title:"StatsService",slug:"statsservice",children:[]},{level:3,title:"ReflectionService",slug:"reflectionservice",children:[]}]},{level:2,title:"API 调用示例",slug:"api-调用示例",children:[]}],path:"/config/api.html",pathLocale:"/",extraFields:[]},{title:"内置 DNS 服务器",headers:[{level:2,title:"DNS 服务器",slug:"dns-服务器",children:[]},{level:2,title:"DNS 处理流程",slug:"dns-处理流程",children:[]},{level:2,title:"DnsObject",slug:"dnsobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/dns.html",pathLocale:"/",extraFields:[]},{title:"FakeDNS",headers:[{level:2,title:"FakeDNSObject",slug:"fakednsobject",children:[{level:3,title:"如何使用?",slug:"如何使用",children:[]},{level:3,title:"与其它类型 DNS 搭配使用",slug:"与其它类型-dns-搭配使用",children:[]}]}],path:"/config/fakedns.html",pathLocale:"/",extraFields:[]},{title:"入站代理",headers:[{level:2,title:"InboundObject",slug:"inboundobject",children:[{level:3,title:"SniffingObject",slug:"sniffingobject",children:[]},{level:3,title:"AllocateObject",slug:"allocateobject",children:[]}]}],path:"/config/inbound.html",pathLocale:"/",extraFields:[]},{title:"日志配置",headers:[{level:2,title:"LogObject",slug:"logobject",children:[]}],path:"/config/log.html",pathLocale:"/",extraFields:[]},{title:"出站代理",headers:[{level:2,title:"OutboundObject",slug:"outboundobject",children:[{level:3,title:"ProxySettingsObject",slug:"proxysettingsobject",children:[]},{level:3,title:"MuxObject",slug:"muxobject",children:[]}]}],path:"/config/outbound.html",pathLocale:"/",extraFields:[]},{title:"本地策略",headers:[{level:2,title:"PolicyObject",slug:"policyobject",children:[{level:3,title:"LevelPolicyObject",slug:"levelpolicyobject",children:[]},{level:3,title:"SystemPolicyObject",slug:"systempolicyobject",children:[]}]}],path:"/config/policy.html",pathLocale:"/",extraFields:[]},{title:"反向代理",headers:[{level:2,title:"ReverseObject",slug:"reverseobject",children:[{level:3,title:"BridgeObject",slug:"bridgeobject",children:[]},{level:3,title:"PortalObject",slug:"portalobject",children:[]}]},{level:2,title:"完整配置样例",slug:"完整配置样例",children:[{level:3,title:"bridge 配置",slug:"bridge-配置",children:[]},{level:3,title:"portal 配置",slug:"portal-配置",children:[]}]}],path:"/config/reverse.html",pathLocale:"/",extraFields:[]},{title:"路由",headers:[{level:2,title:"RoutingObject",slug:"routingobject",children:[{level:3,title:"RuleObject",slug:"ruleobject",children:[]},{level:3,title:"BalancerObject",slug:"balancerobject",children:[]},{level:3,title:"预定义域名列表",slug:"预定义域名列表",children:[]}]}],path:"/config/routing.html",pathLocale:"/",extraFields:[]},{title:"统计信息",headers:[{level:2,title:"StatsObject",slug:"statsobject",children:[]},{level:2,title:"获取统计信息",slug:"获取统计信息",children:[]}],path:"/config/stats.html",pathLocale:"/",extraFields:[]},{title:"传输方式",headers:[{level:2,title:"TransportObject",slug:"transportobject",children:[]},{level:2,title:"StreamSettingsObject",slug:"streamsettingsobject",children:[{level:3,title:"TLSObject",slug:"tlsobject",children:[]},{level:3,title:"RealityObject",slug:"realityobject",children:[]},{level:3,title:"SockoptObject",slug:"sockoptobject",children:[]}]}],path:"/config/transport.html",pathLocale:"/",extraFields:[]},{title:"开发指南",headers:[{level:2,title:"编译文档",slug:"编译文档",children:[]},{level:2,title:"设计思路",slug:"设计思路",children:[]},{level:2,title:"开发规范",slug:"开发规范",children:[]},{level:2,title:"协议详解",slug:"协议详解",children:[{level:3,title:"VLESS 协议",slug:"vless-协议",children:[]},{level:3,title:"VMess 协议",slug:"vmess-协议",children:[]},{level:3,title:"Mux.Cool 协议",slug:"mux-cool-协议",children:[]},{level:3,title:"mKCP 协议",slug:"mkcp-协议",children:[]}]}],path:"/development/",pathLocale:"/",extraFields:[]},{title:"快速入门",headers:[{level:2,title:"下载安装",slug:"下载安装",children:[]},{level:2,title:"配置运行",slug:"配置运行",children:[]},{level:2,title:"命令参数",slug:"命令参数",children:[]},{level:2,title:"改进文档",slug:"改进文档",children:[]},{level:2,title:"小小白白话文",slug:"小小白白话文",children:[]},{level:2,title:"入门技巧",slug:"入门技巧",children:[]},{level:2,title:"进阶文档",slug:"进阶文档",children:[]}],path:"/document/",pathLocale:"/",extraFields:[]},{title:"命令参数",headers:[{level:2,title:"获取基本命令",slug:"获取基本命令",children:[{level:3,title:"xray run",slug:"xray-run",children:[]},{level:3,title:"xray version",slug:"xray-version",children:[]},{level:3,title:"xray api",slug:"xray-api",children:[]},{level:3,title:"xray tls",slug:"xray-tls",children:[]},{level:3,title:"xray uuid",slug:"xray-uuid",children:[]}]}],path:"/document/command.html",pathLocale:"/",extraFields:[]},{title:"配置运行",headers:[{level:2,title:"服务端配置",slug:"服务端配置",children:[]},{level:2,title:"客户端配置",slug:"客户端配置",children:[]},{level:2,title:"运行",slug:"运行",children:[]}],path:"/document/config.html",pathLocale:"/",extraFields:[]},{title:"为 Project X 的文档贡献",headers:[{level:2,title:"改进文档",slug:"改进文档",children:[]},{level:2,title:"发现问题?",slug:"发现问题",children:[]}],path:"/document/document.html",pathLocale:"/",extraFields:[]},{title:"下载安装",headers:[{level:2,title:"平台支持",slug:"平台支持",children:[]},{level:2,title:"下载 Xray",slug:"下载-xray",children:[]},{level:2,title:"验证安装包",slug:"验证安装包",children:[]},{level:2,title:"Windows 安装方式",slug:"windows-安装方式",children:[]},{level:2,title:"macOS 安装方式",slug:"macos-安装方式",children:[]},{level:2,title:"Linux 安装方式",slug:"linux-安装方式",children:[{level:3,title:"安装脚本",slug:"安装脚本",children:[]},{level:3,title:"Arch Linux",slug:"arch-linux",children:[]},{level:3,title:"Linuxbrew",slug:"linuxbrew",children:[]},{level:3,title:"Debian",slug:"debian",children:[]},{level:3,title:"Gentoo",slug:"gentoo",children:[]}]},{level:2,title:"Docker 安装方式",slug:"docker-安装方式",children:[{level:3,title:"Docker image 的文件结构",slug:"docker-image-的文件结构",children:[]}]}],path:"/document/install.html",pathLocale:"/",extraFields:[]},{title:"",headers:[{level:2,title:"XTLS? Xray? V2Ray?",slug:"xtls-xray-v2ray",children:[{level:3,title:"Who are we?",slug:"who-are-we",children:[]},{level:3,title:"Help Xray become stronger",slug:"help-xray-become-stronger",children:[]},{level:3,title:"Telegram",slug:"telegram",children:[]},{level:3,title:"Thanks",slug:"thanks",children:[]},{level:3,title:"More about project X",slug:"more-about-project-x",children:[]},{level:3,title:"License",slug:"license",children:[]},{level:3,title:"Stargazers over time",slug:"stargazers-over-time",children:[]}]}],path:"/en/",pathLocale:"/en/",extraFields:[]},{title:"Browser Dialer",headers:[{level:2,title:"Background",slug:"background",children:[]},{level:2,title:"Xray & JS",slug:"xray-js",children:[]},{level:2,title:"Early data",slug:"early-data",children:[]},{level:2,title:"Configuration",slug:"configuration",children:[]}],path:"/config/features/browser_dialer.html",pathLocale:"/",extraFields:[]},{title:"环境变量",headers:[{level:2,title:"资源文件路径",slug:"资源文件路径",children:[]},{level:2,title:"配置文件位置",slug:"配置文件位置",children:[]},{level:2,title:"多配置目录",slug:"多配置目录",children:[]}],path:"/config/features/env.html",pathLocale:"/",extraFields:[]},{title:"Fallback 回落",headers:[{level:2,title:"fallbacks 配置",slug:"fallbacks-配置",children:[{level:3,title:"FallbackObject",slug:"fallbackobject",children:[]},{level:3,title:"补充说明",slug:"补充说明",children:[]}]},{level:2,title:"Fallbacks 设计理论",slug:"fallbacks-设计理论",children:[]}],path:"/config/features/fallback.html",pathLocale:"/",extraFields:[]},{title:"多文件配置",headers:[{level:2,title:"多文件启动",slug:"多文件启动",children:[]},{level:2,title:"规则说明",slug:"规则说明",children:[{level:3,title:"普通对象({})",slug:"普通对象",children:[]},{level:3,title:"数组([])",slug:"数组",children:[]}]},{level:2,title:"推荐的多文件列表",slug:"推荐的多文件列表",children:[]}],path:"/config/features/multiple.html",pathLocale:"/",extraFields:[]},{title:"XTLS 深度剖析",headers:[],path:"/config/features/xtls.html",pathLocale:"/",extraFields:[]},{title:"Dokodemo-Door",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[]},{level:2,title:"透明代理配置样例",slug:"透明代理配置样例",children:[]}],path:"/config/inbounds/dokodemo.html",pathLocale:"/",extraFields:[]},{title:"HTTP",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"AccountObject",slug:"accountobject",children:[]}]}],path:"/config/inbounds/http.html",pathLocale:"/",extraFields:[]},{title:"Shadowsocks",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[]},{level:2,title:"ClientObject",slug:"clientobject",children:[]}],path:"/config/inbounds/shadowsocks.html",pathLocale:"/",extraFields:[]},{title:"Socks",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"AccountObject",slug:"accountobject",children:[]}]}],path:"/config/inbounds/socks.html",pathLocale:"/",extraFields:[]},{title:"Trojan",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]}]}],path:"/config/inbounds/trojan.html",pathLocale:"/",extraFields:[]},{title:"VLESS",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]}]}],path:"/config/inbounds/vless.html",pathLocale:"/",extraFields:[]},{title:"VMess",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]},{level:3,title:"DetourObject",slug:"detourobject",children:[]},{level:3,title:"DefaultObject",slug:"defaultobject",children:[]}]}],path:"/config/inbounds/vmess.html",pathLocale:"/",extraFields:[]},{title:"Blackhole",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ResponseObject",slug:"responseobject",children:[]}]}],path:"/config/outbounds/blackhole.html",pathLocale:"/",extraFields:[]},{title:"DNS",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[]},{level:2,title:"DNS 配置实例",slug:"dns-配置实例",children:[]}],path:"/config/outbounds/dns.html",pathLocale:"/",extraFields:[]},{title:"Freedom",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[]}],path:"/config/outbounds/freedom.html",pathLocale:"/",extraFields:[]},{title:"HTTP",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/outbounds/http.html",pathLocale:"/",extraFields:[]},{title:"Shadowsocks",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/outbounds/shadowsocks.html",pathLocale:"/",extraFields:[]},{title:"Socks",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/outbounds/socks.html",pathLocale:"/",extraFields:[]},{title:"Trojan",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/outbounds/trojan.html",pathLocale:"/",extraFields:[]},{title:"VLESS",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]},{level:3,title:"UserObject",slug:"userobject",children:[]}]}],path:"/config/outbounds/vless.html",pathLocale:"/",extraFields:[]},{title:"VMess",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/config/outbounds/vmess.html",pathLocale:"/",extraFields:[]},{title:"Wireguard",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"Peers",slug:"peers",children:[]}]}],path:"/config/outbounds/wireguard.html",pathLocale:"/",extraFields:[]},{title:"Domain Socket",headers:[{level:2,title:"DomainSocketObject",slug:"domainsocketobject",children:[]}],path:"/config/transports/domainsocket.html",pathLocale:"/",extraFields:[]},{title:"gRPC",headers:[{level:2,title:"GRPCObject",slug:"grpcobject",children:[]}],path:"/config/transports/grpc.html",pathLocale:"/",extraFields:[]},{title:"HTTP/2",headers:[{level:2,title:"HttpObject",slug:"httpobject",children:[]}],path:"/config/transports/h2.html",pathLocale:"/",extraFields:[]},{title:"mKCP",headers:[{level:2,title:"KcpObject",slug:"kcpobject",children:[{level:3,title:"HeaderObject",slug:"headerobject",children:[]}]},{level:2,title:"鸣谢",slug:"鸣谢",children:[]},{level:2,title:"对 KCP 协议的改进",slug:"对-kcp-协议的改进",children:[{level:3,title:"更小的协议头",slug:"更小的协议头",children:[]},{level:3,title:"确认包重传",slug:"确认包重传",children:[]},{level:3,title:"连接状态控制",slug:"连接状态控制",children:[]}]}],path:"/config/transports/mkcp.html",pathLocale:"/",extraFields:[]},{title:"QUIC",headers:[{level:2,title:"QuicObject",slug:"quicobject",children:[{level:3,title:"HeaderObject",slug:"headerobject",children:[]}]}],path:"/config/transports/quic.html",pathLocale:"/",extraFields:[]},{title:"TCP",headers:[{level:2,title:"TcpObject",slug:"tcpobject",children:[{level:3,title:"NoneHeaderObject",slug:"noneheaderobject",children:[]},{level:3,title:"HttpHeaderObject",slug:"httpheaderobject",children:[]}]}],path:"/config/transports/tcp.html",pathLocale:"/",extraFields:[]},{title:"WebSocket",headers:[{level:2,title:"WebSocketObject",slug:"websocketobject",children:[]},{level:2,title:"Browser Dialer",slug:"browser-dialer",children:[]}],path:"/config/transports/websocket.html",pathLocale:"/",extraFields:[]},{title:"编译文档",headers:[{level:2,title:"前序工作",slug:"前序工作",children:[]},{level:2,title:"拉取 Xray 源代码",slug:"拉取-xray-源代码",children:[]},{level:2,title:"构建二进制",slug:"构建二进制",children:[{level:3,title:"Windows(Powershell):",slug:"windows-powershell",children:[]},{level:3,title:"macOS, Linux:",slug:"macos-linux",children:[]}]},{level:2,title:"交叉编译:",slug:"交叉编译",children:[]},{level:2,title:"可复现构建:",slug:"可复现构建",children:[]}],path:"/development/intro/compile.html",pathLocale:"/",extraFields:[]},{title:"设计目标",headers:[{level:2,title:"架构",slug:"架构",children:[{level:3,title:"应用层",slug:"应用层",children:[]},{level:3,title:"代理层",slug:"代理层",children:[]},{level:3,title:"传输层",slug:"传输层",children:[]}]}],path:"/development/intro/design.html",pathLocale:"/",extraFields:[]},{title:"开发规范",headers:[{level:2,title:"基本",slug:"基本",children:[{level:3,title:"版本控制",slug:"版本控制",children:[]},{level:3,title:"分支(Branch)",slug:"分支-branch",children:[]},{level:3,title:"发布(Release)",slug:"发布-release",children:[]},{level:3,title:"引用其它项目",slug:"引用其它项目",children:[]}]},{level:2,title:"开发流程",slug:"开发流程",children:[{level:3,title:"写代码之前",slug:"写代码之前",children:[]},{level:3,title:"修改代码",slug:"修改代码",children:[]},{level:3,title:"Pull Request",slug:"pull-request",children:[]},{level:3,title:"对代码的修改",slug:"对代码的修改",children:[]}]},{level:2,title:"Xray 编码规范",slug:"xray-编码规范",children:[{level:3,title:"代码结构",slug:"代码结构",children:[]},{level:3,title:"编码规范",slug:"编码规范",children:[]}]}],path:"/development/intro/guide.html",pathLocale:"/",extraFields:[]},{title:"mKCP 协议",headers:[{level:2,title:"版本",slug:"版本",children:[]},{level:2,title:"依赖",slug:"依赖",children:[{level:3,title:"底层协议",slug:"底层协议",children:[]},{level:3,title:"函数",slug:"函数",children:[]}]},{level:2,title:"通讯过程",slug:"通讯过程",children:[]},{level:2,title:"数据格式",slug:"数据格式",children:[{level:3,title:"数据包",slug:"数据包",children:[]},{level:3,title:"数据片段",slug:"数据片段",children:[]},{level:3,title:"确认片段",slug:"确认片段",children:[]},{level:3,title:"心跳片段",slug:"心跳片段",children:[]}]}],path:"/development/protocols/mkcp.html",pathLocale:"/",extraFields:[]},{title:"Mux.Cool 协议",headers:[{level:2,title:"版本",slug:"版本",children:[]},{level:2,title:"依赖",slug:"依赖",children:[{level:3,title:"底层协议",slug:"底层协议",children:[]}]},{level:2,title:"通讯过程",slug:"通讯过程",children:[{level:3,title:"客户端行为",slug:"客户端行为",children:[]},{level:3,title:"服务器端行为",slug:"服务器端行为",children:[]}]},{level:2,title:"传输格式",slug:"传输格式",children:[{level:3,title:"帧格式",slug:"帧格式",children:[]},{level:3,title:"元数据",slug:"元数据",children:[]},{level:3,title:"新建子连接 (New)",slug:"新建子连接-new",children:[]},{level:3,title:"保持子连接 (Keep)",slug:"保持子连接-keep",children:[]},{level:3,title:"关闭子连接 (End)",slug:"关闭子连接-end",children:[]},{level:3,title:"保持连接 (KeepAlive)",slug:"保持连接-keepalive",children:[]}]},{level:2,title:"应用",slug:"应用",children:[]}],path:"/development/protocols/muxcool.html",pathLocale:"/",extraFields:[]},{title:"VLESS 协议",headers:[{level:2,title:"Request & Response",slug:"request-response",children:[]},{level:2,title:"ProtoBuf",slug:"protobuf",children:[]},{level:2,title:"Schedulers Flow",slug:"schedulers-flow",children:[]},{level:2,title:"Encryption",slug:"encryption",children:[]},{level:2,title:"UDP issues",slug:"udp-issues",children:[]},{level:2,title:"客户端开发指引",slug:"客户端开发指引",children:[]},{level:2,title:"VLESS 分享链接标准",slug:"vless-分享链接标准",children:[]}],path:"/development/protocols/vless.html",pathLocale:"/",extraFields:[]},{title:"VMess 协议",headers:[{level:2,title:"版本",slug:"版本",children:[]},{level:2,title:"依赖",slug:"依赖",children:[{level:3,title:"底层协议",slug:"底层协议",children:[]},{level:3,title:"用户 ID",slug:"用户-id",children:[]},{level:3,title:"函数",slug:"函数",children:[]}]},{level:2,title:"通讯过程",slug:"通讯过程",children:[]},{level:2,title:"客户端请求",slug:"客户端请求",children:[{level:3,title:"认证信息",slug:"认证信息",children:[]},{level:3,title:"指令部分",slug:"指令部分",children:[]},{level:3,title:"数据部分",slug:"数据部分",children:[]}]},{level:2,title:"服务器应答",slug:"服务器应答",children:[{level:3,title:"动态端口指令",slug:"动态端口指令",children:[]}]},{level:2,title:"注释",slug:"注释",children:[]}],path:"/development/protocols/vmess.html",pathLocale:"/",extraFields:[]},{title:"小小白白话文",headers:[],path:"/document/level-0/",pathLocale:"/",extraFields:[]},{title:"【第 1 章】 小小白白话文",headers:[{level:2,title:"1.1 这篇文档是写给谁的?",slug:"_1-1-这篇文档是写给谁的",children:[]},{level:2,title:"1.2 这篇文档不是写给谁的?",slug:"_1-2-这篇文档不是写给谁的",children:[]},{level:2,title:"1.3 郑重声明及其他声明",slug:"_1-3-郑重声明及其他声明",children:[]},{level:2,title:"1.4 为什么自建是个难题?",slug:"_1-4-为什么自建是个难题",children:[]},{level:2,title:"1.5 “用机场不就行了?”",slug:"_1-5-用机场不就行了",children:[]},{level:2,title:"1.6 那么你到底要不要自建呢?",slug:"_1-6-那么你到底要不要自建呢",children:[]},{level:2,title:"1.7 题外啰嗦几句",slug:"_1-7-题外啰嗦几句",children:[]},{level:2,title:"1.8 你的进度",slug:"_1-8-你的进度",children:[]}],path:"/document/level-0/ch01-preface.html",pathLocale:"/",extraFields:[]},{title:"【第 2 章】原料准备篇",headers:[{level:2,title:"2.1 获取一台 VPS",slug:"_2-1-获取一台-vps",children:[]},{level:2,title:"2.2 获取一个心仪的域名",slug:"_2-2-获取一个心仪的域名",children:[]},{level:2,title:"2.3 你本地电脑上需要安装的软件",slug:"_2-3-你本地电脑上需要安装的软件",children:[]},{level:2,title:"2.4 你的进度",slug:"_2-4-你的进度",children:[]}],path:"/document/level-0/ch02-preparation.html",pathLocale:"/",extraFields:[]},{title:"【第 3 章】远程登录篇",headers:[{level:2,title:"3.1 远程登录 VPS (PuTTY)",slug:"_3-1-远程登录-vps-putty",children:[]},{level:2,title:"3.2 成功登录 SSH!初识命令行界面!",slug:"_3-2-成功登录-ssh-初识命令行界面",children:[]},{level:2,title:"3.3 第一次更新 Linux 的软件!",slug:"_3-3-第一次更新-linux-的软件",children:[]},{level:2,title:"3.4 你的进度",slug:"_3-4-你的进度",children:[]}],path:"/document/level-0/ch03-ssh.html",pathLocale:"/",extraFields:[]},{title:"【第 4 章】安全防护篇",headers:[{level:2,title:"4.1 为什么要做安全防护",slug:"_4-1-为什么要做安全防护",children:[]},{level:2,title:"4.2 具体的风险到底是什么",slug:"_4-2-具体的风险到底是什么",children:[]},{level:2,title:"4.3 我们要做的安全防护有哪些",slug:"_4-3-我们要做的安全防护有哪些",children:[]},{level:2,title:"4.4 将 SSH 远程登录端口修改为非 22 端口",slug:"_4-4-将-ssh-远程登录端口修改为非-22-端口",children:[]},{level:2,title:"4.5 建立非 root 的新用户",slug:"_4-5-建立非-root-的新用户",children:[]},{level:2,title:"4.6 禁用 root 用户 SSH 远程登录",slug:"_4-6-禁用-root-用户-ssh-远程登录",children:[]},{level:2,title:"4.7 使用 RSA 密钥登录并禁用密码登录",slug:"_4-7-使用-rsa-密钥登录并禁用密码登录",children:[]},{level:2,title:"4.8 你的进度",slug:"_4-8-你的进度",children:[]}],path:"/document/level-0/ch04-security.html",pathLocale:"/",extraFields:[]},{title:"【第 5 章】网站建设篇",headers:[{level:2,title:"5.1 为什么要做一个网站?",slug:"_5-1-为什么要做一个网站",children:[]},{level:2,title:"5.2 登录 VPS、安装运行 Nginx",slug:"_5-2-登录-vps、安装运行-nginx",children:[]},{level:2,title:"5.3 创建一个最简单的网页",slug:"_5-3-创建一个最简单的网页",children:[]},{level:2,title:"5.4 常见错误的说明",slug:"_5-4-常见错误的说明",children:[]},{level:2,title:"5.5 你的进度",slug:"_5-5-你的进度",children:[]}],path:"/document/level-0/ch05-webpage.html",pathLocale:"/",extraFields:[]},{title:"【第 6 章】证书管理篇",headers:[{level:2,title:"6.1 申请 TLS 证书",slug:"_6-1-申请-tls-证书",children:[]},{level:2,title:"6.2 安装 acme.sh",slug:"_6-2-安装-acme-sh",children:[]},{level:2,title:"6.3 测试证书申请",slug:"_6-3-测试证书申请",children:[]},{level:2,title:"6.4 正式证书申请",slug:"_6-4-正式证书申请",children:[]},{level:2,title:"6.5 证书安装",slug:"_6-5-证书安装",children:[]},{level:2,title:"6.6 你的进度",slug:"_6-6-你的进度",children:[]}],path:"/document/level-0/ch06-certificates.html",pathLocale:"/",extraFields:[]},{title:"【第 7 章】Xray 服务器篇",headers:[{level:2,title:"7.1 博观而约取,厚积而薄发",slug:"_7-1-博观而约取-厚积而薄发",children:[]},{level:2,title:"7.2 安装 Xray",slug:"_7-2-安装-xray",children:[]},{level:2,title:"7.3 给 Xray 配置 TLS 证书",slug:"_7-3-给-xray-配置-tls-证书",children:[]},{level:2,title:"7.4 配置 Xray",slug:"_7-4-配置-xray",children:[]},{level:2,title:"7.5 启动 Xray 服务!!(并查看服务状态)",slug:"_7-5-启动-xray-服务-并查看服务状态",children:[]},{level:2,title:"7.6 回顾 systemd 进行基本的服务管理",slug:"_7-6-回顾-systemd-进行基本的服务管理",children:[]},{level:2,title:"7.7 服务器优化之一:开启 BBR",slug:"_7-7-服务器优化之一-开启-bbr",children:[]},{level:2,title:"7.8 服务器优化之二:开启 HTTP 自动跳转 HTTPS",slug:"_7-8-服务器优化之二-开启-http-自动跳转-https",children:[]},{level:2,title:"7.9 服务器优化之三:更丰富的回落",slug:"_7-9-服务器优化之三-更丰富的回落",children:[]},{level:2,title:"7.10 你的进度",slug:"_7-10-你的进度",children:[]},{level:2,title:"7.11 重要勘误",slug:"_7-11-重要勘误",children:[]}],path:"/document/level-0/ch07-xray-server.html",pathLocale:"/",extraFields:[]},{title:"【第 8 章】Xray 客户端篇",headers:[{level:2,title:"8.1 Xray 的工作原理简述",slug:"_8-1-xray-的工作原理简述",children:[]},{level:2,title:"8.2 客户端与服务器端正确连接",slug:"_8-2-客户端与服务器端正确连接",children:[]},{level:2,title:"8.3 附加题 1:在 PC 端手工配置 xray-core",slug:"_8-3-附加题-1-在-pc-端手工配置-xray-core",children:[]},{level:2,title:"8.4 附加题 2:在 PC 端手工运行 xray-core",slug:"_8-4-附加题-2-在-pc-端手工运行-xray-core",children:[]},{level:2,title:"8.5 附加题 3:在 PC 端开机自动运行 xray-core",slug:"_8-5-附加题-3-在-pc-端开机自动运行-xray-core",children:[]},{level:2,title:"8.6 圆满完成!",slug:"_8-6-圆满完成",children:[]},{level:2,title:"8.7 TO INFINITY AND BEYOND!",slug:"_8-7-to-infinity-and-beyond",children:[]}],path:"/document/level-0/ch08-xray-clients.html",pathLocale:"/",extraFields:[]},{title:"【第 9 章】附录",headers:[{level:2,title:"1. 小小白白 Linux 基础命令索引",slug:"_1-小小白白-linux-基础命令索引",children:[]},{level:2,title:"2. 小小白白 Linux 重要配置文件索引",slug:"_2-小小白白-linux-重要配置文件索引",children:[]},{level:2,title:"3. 小小白白 Xray 重要文件索引",slug:"_3-小小白白-xray-重要文件索引",children:[]}],path:"/document/level-0/ch09-appendix.html",pathLocale:"/",extraFields:[]},{title:"入门技巧",headers:[],path:"/document/level-1/",pathLocale:"/",extraFields:[]},{title:"回落 (fallbacks) 功能简析",headers:[{level:2,title:"1. 回顾《小小白白话文》中的回落",slug:"_1-回顾《小小白白话文》中的回落",children:[]},{level:2,title:"2. 重新认识回落 (WHAT, HOW v1)",slug:"_2-重新认识回落-what-how-v1",children:[]},{level:2,title:"3. 为什么要回落 (WHY v1)",slug:"_3-为什么要回落-why-v1",children:[]},{level:2,title:"4. 重新认识【回落の完全体】 (WHAT, WHY, HOW v2)",slug:"_4-重新认识【回落の完全体】-what-why-how-v2",children:[]},{level:2,title:"5. 多层回落示例及解读",slug:"_5-多层回落示例及解读",children:[{level:3,title:"5.1 首先,我将服务器端配置的 443 监听段摘抄如下:",slug:"_5-1-首先-我将服务器端配置的-443-监听段摘抄如下",children:[]},{level:3,title:"5.2 后续监听处理的配置段摘抄如下:",slug:"_5-2-后续监听处理的配置段摘抄如下",children:[]}]},{level:2,title:"6. 结语",slug:"_6-结语",children:[]},{level:2,title:"7. 附加题",slug:"_7-附加题",children:[]}],path:"/document/level-1/fallbacks-lv1.html",pathLocale:"/",extraFields:[]},{title:"SNI 回落",headers:[{level:2,title:"应用情景",slug:"应用情景",children:[]},{level:2,title:"SNI 简介",slug:"sni-简介",children:[]},{level:2,title:"思路",slug:"思路",children:[]},{level:2,title:"添加 DNS 记录",slug:"添加-dns-记录",children:[]},{level:2,title:"申请 TLS 证书",slug:"申请-tls-证书",children:[]},{level:2,title:"Xray 配置",slug:"xray-配置",children:[]},{level:2,title:"Nginx 配置",slug:"nginx-配置",children:[]},{level:2,title:"Caddy 配置",slug:"caddy-配置",children:[]},{level:2,title:"参考",slug:"参考",children:[]},{level:2,title:"引用",slug:"引用",children:[]}],path:"/document/level-1/fallbacks-with-sni.html",pathLocale:"/",extraFields:[]},{title:"路由 (routing) 功能简析(上)",headers:[{level:2,title:"1. 初识【路由】三兄弟",slug:"_1-初识【路由】三兄弟",children:[]},{level:2,title:"2. 基本功: “兄弟一条心”",slug:"_2-基本功-兄弟一条心",children:[{level:3,title:"2.1 入站",slug:"_2-1-入站",children:[]},{level:3,title:"2.3 路由",slug:"_2-3-路由",children:[]},{level:3,title:"2.4 路由配置项解析之一:流量筛选的依据",slug:"_2-4-路由配置项解析之一-流量筛选的依据",children:[]}]},{level:2,title:"3. 小试牛刀: “三分天下” 之 “域名分流”",slug:"_3-小试牛刀-三分天下-之-域名分流",children:[{level:3,title:"3.1 入站",slug:"_3-1-入站",children:[]},{level:3,title:"3.2 出站",slug:"_3-2-出站",children:[]},{level:3,title:"3.3 路由",slug:"_3-3-路由",children:[]},{level:3,title:"3.4 简析域名文件: geosite.dat",slug:"_3-4-简析域名文件-geosite-dat",children:[]},{level:3,title:"3.5 所以 geosite.dat 到底是什么?不是有个 GFWList 吗?",slug:"_3-5-所以-geosite-dat-到底是什么-不是有个-gfwlist-吗",children:[]},{level:3,title:"3.6 军师锦囊藏奇兵:一条隐藏的路由规则",slug:"_3-6-军师锦囊藏奇兵-一条隐藏的路由规则",children:[]},{level:3,title:"3.7 再看“三分天下”的大地图",slug:"_3-7-再看-三分天下-的大地图",children:[]}]},{level:2,title:"4. “三分天下” 之 “蜀魏争雄”",slug:"_4-三分天下-之-蜀魏争雄",children:[]},{level:2,title:"5. 攻城略池 - 多种路由匹配条件",slug:"_5-攻城略池-多种路由匹配条件",children:[]}],path:"/document/level-1/routing-lv1-part1.html",pathLocale:"/",extraFields:[]},{title:"路由 (routing) 功能简析(下)",headers:[{level:2,title:"5. 攻城略池 - 多种路由匹配条件",slug:"_5-攻城略池-多种路由匹配条件",children:[{level:3,title:"5.1 基于指定域名分流:[domain], [full] 等",slug:"_5-1-基于指定域名分流-domain-full-等",children:[]},{level:3,title:"5.2 基于 IP 文件分流:geoip.dat",slug:"_5-2-基于-ip-文件分流-geoip-dat",children:[]},{level:3,title:"5.3 基于指定 IP 地址分流",slug:"_5-3-基于指定-ip-地址分流",children:[]},{level:3,title:"5.4 基于协议类型分流:[protocol] 等",slug:"_5-4-基于协议类型分流-protocol-等",children:[]},{level:3,title:"5.5 基于更多条件的分流",slug:"_5-5-基于更多条件的分流",children:[]}]},{level:2,title:"6. “霸业初定”:路由规则整体回顾",slug:"_6-霸业初定-路由规则整体回顾",children:[]},{level:2,title:"7. 路由配置常见错误",slug:"_7-路由配置常见错误",children:[{level:3,title:"7.1 错误示范",slug:"_7-1-错误示范",children:[]},{level:3,title:"7.2 正确示范",slug:"_7-2-正确示范",children:[]}]},{level:2,title:"8. 明修栈道、暗渡陈仓",slug:"_8-明修栈道、暗渡陈仓",children:[{level:3,title:'8.1 域名策略: "AsIs"',slug:"_8-1-域名策略-asis",children:[]},{level:3,title:'8.2 域名策略: "IPIfNonMatch"',slug:"_8-2-域名策略-ipifnonmatch",children:[]},{level:3,title:'8.3 域名策略: "IPOnDemand"',slug:"_8-3-域名策略-ipondemand",children:[]}]},{level:2,title:"9. 思考题",slug:"_9-思考题",children:[]},{level:2,title:"10. 结语",slug:"_10-结语",children:[]},{level:2,title:"11. 尾注",slug:"_11-尾注",children:[]}],path:"/document/level-1/routing-lv1-part2.html",pathLocale:"/",extraFields:[]},{title:"Xray 的工作模式",headers:[{level:2,title:"单服务器模式",slug:"单服务器模式",children:[]},{level:2,title:"桥接模式",slug:"桥接模式",children:[]},{level:2,title:"工作原理",slug:"工作原理",children:[]}],path:"/document/level-1/work.html",pathLocale:"/",extraFields:[]},{title:"进阶文档",headers:[],path:"/document/level-2/",pathLocale:"/",extraFields:[]},{title:"GID 透明代理",headers:[{level:2,title:"思路",slug:"思路",children:[]},{level:2,title:"配置过程",slug:"配置过程",children:[{level:3,title:"1. 前期准备",slug:"_1-前期准备",children:[]},{level:3,title:"2. 添加用户(安卓用户请忽略)",slug:"_2-添加用户-安卓用户请忽略",children:[]},{level:3,title:"3. 配置运行 Xray,配置 iptables 规则",slug:"_3-配置运行-xray-配置-iptables-规则",children:[]}]},{level:2,title:"下面提供一个实现 tproxy 全局代理的完整配置过程",slug:"下面提供一个实现-tproxy-全局代理的完整配置过程",children:[{level:3,title:"1. 完成 前期准备 和 添加用户",slug:"_1-完成-前期准备-和-添加用户",children:[]},{level:3,title:"2. 准备 Xray 配置文件",slug:"_2-准备-xray-配置文件",children:[]},{level:3,title:"3. 配置最大文件打开数&运行 Xray 客户端",slug:"_3-配置最大文件打开数-运行-xray-客户端",children:[]},{level:3,title:"4. 设置 iptables 规则",slug:"_4-设置-iptables-规则",children:[]}]}],path:"/document/level-2/iptables_gid.html",pathLocale:"/",extraFields:[]},{title:"Nginx 或 Haproxy 搭建 TLS 隧道隐藏指纹",headers:[{level:2,title:"编译 nginx --with-stream",slug:"编译-nginx-with-stream",children:[]},{level:2,title:"配置 nginx",slug:"配置-nginx",children:[]},{level:2,title:"xray 配置",slug:"xray-配置",children:[]},{level:2,title:"客户端及服务端启动服务",slug:"客户端及服务端启动服务",children:[]},{level:2,title:"结束",slug:"结束",children:[]},{level:2,title:"HTTPS 隧道",slug:"https-隧道",children:[{level:3,title:"haproxy_client 配置 (运行前去掉注释)",slug:"haproxy-client-配置-运行前去掉注释",children:[]},{level:3,title:"haproxy_server 配置 (运行前去掉注释)",slug:"haproxy-server-配置-运行前去掉注释",children:[]},{level:3,title:"xray 配置",slug:"xray-配置-1",children:[]}]},{level:2,title:"WebSocket over HTTP/2",slug:"websocket-over-http-2",children:[{level:3,title:"haproxy_client 配置",slug:"haproxy-client-配置",children:[]},{level:3,title:"haproxy_server 配置",slug:"haproxy-server-配置",children:[]},{level:3,title:"xray 配置",slug:"xray-配置-2",children:[]}]},{level:2,title:"gRPC over HTTP/2",slug:"grpc-over-http-2",children:[{level:3,title:"haproxy_client 配置",slug:"haproxy-client-配置-1",children:[]},{level:3,title:"haproxy_server 配置",slug:"haproxy-server-配置-1",children:[]},{level:3,title:"xray 配置",slug:"xray-配置-3",children:[]},{level:3,title:"haproxy_client 配置",slug:"haproxy-client-配置-2",children:[]},{level:3,title:"haproxy_server 配置",slug:"haproxy-server-配置-2",children:[]},{level:3,title:"xray 配置",slug:"xray-配置-4",children:[]}]}],path:"/document/level-2/nginx_or_haproxy_tls_tunnel.html",pathLocale:"/",extraFields:[]},{title:"出站流量重定向",headers:[{level:2,title:"前言",slug:"前言",children:[]},{level:2,title:"1、安装代理或者 VPN 软件(例如 Wireguard、IPsec 等)",slug:"_1、安装代理或者-vpn-软件-例如-wireguard、ipsec-等",children:[]},{level:2,title:"2、编辑 VPN 配置文件(以 WireGuard 为例)",slug:"_2、编辑-vpn-配置文件-以-wireguard-为例",children:[]},{level:2,title:"3、启用 WireGuard 网络接口",slug:"_3、启用-wireguard-网络接口",children:[]},{level:2,title:"4、Xray-core 配置文件修改",slug:"_4、xray-core-配置文件修改",children:[]},{level:2,title:"5、系统设置配置",slug:"_5、系统设置配置",children:[]},{level:2,title:"6、完成 WireGuard 相关设置",slug:"_6、完成-wireguard-相关设置",children:[]},{level:2,title:"后记",slug:"后记",children:[]},{level:2,title:"感谢",slug:"感谢",children:[]}],path:"/document/level-2/redirect.html",pathLocale:"/",extraFields:[]},{title:"TProxy 透明代理",headers:[{level:2,title:"开始之前",slug:"开始之前",children:[]},{level:2,title:"Xray 配置",slug:"xray-配置",children:[]},{level:2,title:"策略路由配置",slug:"策略路由配置",children:[]},{level:2,title:"Netfilter 配置",slug:"netfilter-配置",children:[]},{level:2,title:"配置永久化与开机自启",slug:"配置永久化与开机自启",children:[]}],path:"/document/level-2/tproxy.html",pathLocale:"/",extraFields:[]},{title:"TProxy 透明代理 (ipv4 and ipv6)",headers:[{level:2,title:"Xray 配置",slug:"xray-配置",children:[{level:3,title:"客户端配置",slug:"客户端配置",children:[]},{level:3,title:"服务端配置",slug:"服务端配置",children:[]}]},{level:2,title:"Netfilter 配置",slug:"netfilter-配置",children:[{level:3,title:"首先设置策略路由",slug:"首先设置策略路由",children:[]},{level:3,title:"使用 iptables",slug:"使用-iptables",children:[]},{level:3,title:"使用 nftables",slug:"使用-nftables",children:[]},{level:3,title:"开机自动运行 Netfilter 配置",slug:"开机自动运行-netfilter-配置",children:[]}]},{level:2,title:"局域网设备上网设置",slug:"局域网设备上网设置",children:[{level:3,title:"方法一",slug:"方法一",children:[]},{level:3,title:"方法二",slug:"方法二",children:[]}]},{level:2,title:"Finally",slug:"finally",children:[]},{level:2,title:"写在最后",slug:"写在最后",children:[]}],path:"/document/level-2/tproxy_ipv4_and_ipv6.html",pathLocale:"/",extraFields:[]},{title:"流量统计",headers:[{level:2,title:"查看流量信息",slug:"查看流量信息",children:[]},{level:2,title:"流量信息的处理",slug:"流量信息的处理",children:[]}],path:"/document/level-2/traffic_stats.html",pathLocale:"/",extraFields:[]},{title:"通过 Cloudflare Warp 增强代理安全性",headers:[{level:2,title:"申请 Warp 账户",slug:"申请-warp-账户",children:[]},{level:2,title:"在服务端分流回国流量至 warp",slug:"在服务端分流回国流量至-warp",children:[]},{level:2,title:"客户端使用 warp 链式代理",slug:"客户端使用-warp-链式代理",children:[]}],path:"/document/level-2/warp.html",pathLocale:"/",extraFields:[]},{title:"大史记",headers:[{level:2,title:"2021.4.6",slug:"_2021-4-6",children:[]},{level:2,title:"2021.4.4",slug:"_2021-4-4",children:[]},{level:2,title:"2021.4.1 v1.4.2",slug:"_2021-4-1-v1-4-2",children:[]},{level:2,title:"2021.3.25",slug:"_2021-3-25",children:[]},{level:2,title:"2021.3.15",slug:"_2021-3-15",children:[]},{level:2,title:"2021.3.14 v1.4.0",slug:"_2021-3-14-v1-4-0",children:[]},{level:2,title:"2021.3.3 1.3.1",slug:"_2021-3-3-1-3-1",children:[]},{level:2,title:"2021.2.14 1.3.0",slug:"_2021-2-14-1-3-0",children:[]},{level:2,title:"2021.01.31 1.2.4",slug:"_2021-01-31-1-2-4",children:[]},{level:2,title:"2021.01.25",slug:"_2021-01-25",children:[]},{level:2,title:"2021.01.22 1.2.3",slug:"_2021-01-22-1-2-3",children:[]},{level:2,title:"2021.01.19",slug:"_2021-01-19",children:[]},{level:2,title:"2021.01.17",slug:"_2021-01-17",children:[]},{level:2,title:"2021.01.15 1.2.2",slug:"_2021-01-15-1-2-2",children:[]},{level:2,title:"2021.01.12",slug:"_2021-01-12",children:[]},{level:2,title:"2021.01.10 1.2.1",slug:"_2021-01-10-1-2-1",children:[]},{level:2,title:"2021.01.07",slug:"_2021-01-07",children:[]},{level:2,title:"2021.01.05",slug:"_2021-01-05",children:[]},{level:2,title:"2021.01.03",slug:"_2021-01-03",children:[]},{level:2,title:"2021.01.01",slug:"_2021-01-01",children:[]},{level:2,title:"2020.12.29",slug:"_2020-12-29",children:[]},{level:2,title:"2020.12.25 1.1.5",slug:"_2020-12-25-1-1-5",children:[]},{level:2,title:"2020.12.24",slug:"_2020-12-24",children:[]},{level:2,title:"2020.12.23",slug:"_2020-12-23",children:[]},{level:2,title:"2020.12.21",slug:"_2020-12-21",children:[]},{level:2,title:"2020.12.18 1.1.4",slug:"_2020-12-18-1-1-4",children:[]},{level:2,title:"2020.12.17",slug:"_2020-12-17",children:[]},{level:2,title:"2020.12.15",slug:"_2020-12-15",children:[]},{level:2,title:"2020.12.11 1.1.3",slug:"_2020-12-11-1-1-3",children:[]},{level:2,title:"2020.12.06 1.1.2",slug:"_2020-12-06-1-1-2",children:[]},{level:2,title:"2020.12.04",slug:"_2020-12-04",children:[]},{level:2,title:"2020.11.27",slug:"_2020-11-27",children:[]},{level:2,title:"2020.11.25 1.0.0",slug:"_2020-11-25-1-0-0",children:[]},{level:2,title:"2020.11.23",slug:"_2020-11-23",children:[]}],path:"/en/about/news.html",pathLocale:"/en/",extraFields:[]},{title:"Configurations",headers:[{level:2,title:"Overview",slug:"overview",children:[]},{level:2,title:"Basic Configuration Modules",slug:"basic-configuration-modules",children:[]}],path:"/en/config/",pathLocale:"/en/",extraFields:[]},{title:"API Interface",headers:[{level:2,title:"ApiObject",slug:"apiobject",children:[]},{level:2,title:"Related Configuration",slug:"related-configuration",children:[]},{level:2,title:"Supported API List",slug:"supported-api-list",children:[{level:3,title:"HandlerService",slug:"handlerservice",children:[]},{level:3,title:"LoggerService",slug:"loggerservice",children:[]},{level:3,title:"StatsService",slug:"statsservice",children:[]},{level:3,title:"ReflectionService",slug:"reflectionservice",children:[]}]},{level:2,title:"API Calling Example",slug:"api-calling-example",children:[]}],path:"/en/config/api.html",pathLocale:"/en/",extraFields:[]},{title:"Built-in DNS Server",headers:[{level:2,title:"DNS Server",slug:"dns-server",children:[]},{level:2,title:"DNS Processing Flow",slug:"dns-processing-flow",children:[]},{level:2,title:"DnsObject",slug:"dnsobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/dns.html",pathLocale:"/en/",extraFields:[]},{title:"FakeDNS",headers:[{level:2,title:"FakeDNSObject",slug:"fakednsobject",children:[{level:3,title:"How to use?",slug:"how-to-use",children:[]},{level:3,title:"Using with other types of DNS",slug:"using-with-other-types-of-dns",children:[]}]}],path:"/en/config/fakedns.html",pathLocale:"/en/",extraFields:[]},{title:"Inbound Proxy",headers:[{level:2,title:"InboundObject",slug:"inboundobject",children:[{level:3,title:"SniffingObject",slug:"sniffingobject",children:[]},{level:3,title:"AllocateObject",slug:"allocateobject",children:[]}]}],path:"/en/config/inbound.html",pathLocale:"/en/",extraFields:[]},{title:"Log Configuration",headers:[{level:2,title:"LogObject",slug:"logobject",children:[]}],path:"/en/config/log.html",pathLocale:"/en/",extraFields:[]},{title:"Outbound Proxies",headers:[{level:2,title:"OutboundObject",slug:"outboundobject",children:[{level:3,title:"ProxySettingsObject",slug:"proxysettingsobject",children:[]},{level:3,title:"MuxObject",slug:"muxobject",children:[]}]}],path:"/en/config/outbound.html",pathLocale:"/en/",extraFields:[]},{title:"Local Policy",headers:[{level:2,title:"PolicyObject",slug:"policyobject",children:[{level:3,title:"LevelPolicyObject",slug:"levelpolicyobject",children:[]},{level:3,title:"SystemPolicyObject",slug:"systempolicyobject",children:[]}]}],path:"/en/config/policy.html",pathLocale:"/en/",extraFields:[]},{title:"Reverse Proxy",headers:[{level:2,title:"ReverseObject",slug:"reverseobject",children:[{level:3,title:"BridgeObject",slug:"bridgeobject",children:[]},{level:3,title:"PortalObject",slug:"portalobject",children:[]}]},{level:2,title:"Complete Configuration Example",slug:"complete-configuration-example",children:[{level:3,title:"Bridge Configuration",slug:"bridge-configuration",children:[]},{level:3,title:"Portal Configuration",slug:"portal-configuration",children:[]}]}],path:"/en/config/reverse.html",pathLocale:"/en/",extraFields:[]},{title:"Routing",headers:[{level:2,title:"RoutingObject",slug:"routingobject",children:[{level:3,title:"RuleObject",slug:"ruleobject",children:[]},{level:3,title:"BalancerObject",slug:"balancerobject",children:[]},{level:3,title:"Predefined Domain Lists",slug:"predefined-domain-lists",children:[]}]}],path:"/en/config/routing.html",pathLocale:"/en/",extraFields:[]},{title:"Traffic Statistics",headers:[{level:2,title:"StatsObject",slug:"statsobject",children:[]},{level:2,title:"Retrieving Traffic Statistics",slug:"retrieving-traffic-statistics",children:[]}],path:"/en/config/stats.html",pathLocale:"/en/",extraFields:[]},{title:"Transport Protocol",headers:[{level:2,title:"TransportObject",slug:"transportobject",children:[]},{level:2,title:"StreamSettingsObject",slug:"streamsettingsobject",children:[{level:3,title:"TLSObject",slug:"tlsobject",children:[]},{level:3,title:"SockoptObject",slug:"sockoptobject",children:[]}]}],path:"/en/config/transport.html",pathLocale:"/en/",extraFields:[]},{title:"Development Guide",headers:[{level:2,title:"Compile Documentation",slug:"compile-documentation",children:[]},{level:2,title:"Design Concept",slug:"design-concept",children:[]},{level:2,title:"Development Standards",slug:"development-standards",children:[]},{level:2,title:"Protocol Details",slug:"protocol-details",children:[{level:3,title:"VLESS Protocol",slug:"vless-protocol",children:[]},{level:3,title:"VMess Protocol",slug:"vmess-protocol",children:[]},{level:3,title:"Mux.Cool Protocol",slug:"mux-cool-protocol",children:[]},{level:3,title:"mKCP Protocol",slug:"mkcp-protocol",children:[]}]}],path:"/en/development/",pathLocale:"/en/",extraFields:[]},{title:"Quick Start",headers:[{level:2,title:"Download and Install",slug:"download-and-install",children:[]},{level:2,title:"Configure and Run",slug:"configure-and-run",children:[]},{level:2,title:"Command Parameters",slug:"command-parameters",children:[]},{level:2,title:"Improve Documents",slug:"improve-documents",children:[]},{level:2,title:"Beginner Tutorial",slug:"beginner-tutorial",children:[]},{level:2,title:"Getting Started Tips",slug:"getting-started-tips",children:[]},{level:2,title:"Advanced Documentation",slug:"advanced-documentation",children:[]}],path:"/en/document/",pathLocale:"/en/",extraFields:[]},{title:"Command Parameters",headers:[{level:2,title:"Get Basic Commands",slug:"get-basic-commands",children:[{level:3,title:"xray run",slug:"xray-run",children:[]},{level:3,title:"xray version",slug:"xray-version",children:[]},{level:3,title:"xray api",slug:"xray-api",children:[]},{level:3,title:"xray tls",slug:"xray-tls",children:[]},{level:3,title:"xray uuid",slug:"xray-uuid",children:[]}]}],path:"/en/document/command.html",pathLocale:"/en/",extraFields:[]},{title:"Configure and Run",headers:[{level:2,title:"Server Configuration",slug:"server-configuration",children:[]},{level:2,title:"Client Configuration",slug:"client-configuration",children:[]},{level:2,title:"Run",slug:"run",children:[]}],path:"/en/document/config.html",pathLocale:"/en/",extraFields:[]},{title:"Contribute to Project X's Document",headers:[{level:2,title:"Improve Document",slug:"improve-document",children:[]},{level:2,title:"Found Problems?",slug:"found-problems",children:[]}],path:"/en/document/document.html",pathLocale:"/en/",extraFields:[]},{title:"Download and Install",headers:[{level:2,title:"Platform Support",slug:"platform-support",children:[]},{level:2,title:"Download Xray",slug:"download-xray",children:[]},{level:2,title:"Verify the Installation Package",slug:"verify-the-installation-package",children:[]},{level:2,title:"Install on Windows",slug:"install-on-windows",children:[]},{level:2,title:"Install on macOS",slug:"install-on-macos",children:[]},{level:2,title:"Install on Linux",slug:"install-on-linux",children:[{level:3,title:"Install Script",slug:"install-script",children:[]},{level:3,title:"Arch Linux",slug:"arch-linux",children:[]},{level:3,title:"Linuxbrew",slug:"linuxbrew",children:[]},{level:3,title:"Debian",slug:"debian",children:[]}]},{level:2,title:"Install via Docker",slug:"install-via-docker",children:[{level:3,title:"The File Structure of the Docker Image",slug:"the-file-structure-of-the-docker-image",children:[]}]}],path:"/en/document/install.html",pathLocale:"/en/",extraFields:[]},{title:"透明代理入门",headers:[{level:2,title:"什么是透明代理",slug:"什么是透明代理",children:[]},{level:2,title:"透明代理的实现",slug:"透明代理的实现",children:[{level:3,title:"tun2socks",slug:"tun2socks",children:[]},{level:3,title:"iptables/nftables",slug:"iptables-nftables",children:[]}]},{level:2,title:"iptables 实现透明代理原理",slug:"iptables-实现透明代理原理",children:[]},{level:2,title:"透明代理难在哪里",slug:"透明代理难在哪里",children:[]},{level:2,title:"从零开始一步步实现基于 iptables-tproxy 的透明代理",slug:"从零开始一步步实现基于-iptables-tproxy-的透明代理",children:[{level:3,title:"在开始之前,你需要有一定的基础知识:",slug:"在开始之前-你需要有一定的基础知识",children:[]},{level:3,title:"前期准备工作",slug:"前期准备工作",children:[]},{level:3,title:"首先,我们先试试做到第一阶段",slug:"首先-我们先试试做到第一阶段",children:[]},{level:3,title:"第二阶段",slug:"第二阶段",children:[]},{level:3,title:"第三阶段",slug:"第三阶段",children:[]},{level:3,title:"第四阶段",slug:"第四阶段",children:[]},{level:3,title:"代理 ipv6",slug:"代理-ipv6",children:[]}]}],path:"/document/level-2/transparent_proxy/transparent_proxy.html",pathLocale:"/",extraFields:[]},{title:"Browser Dialer",headers:[{level:2,title:"Background",slug:"background",children:[]},{level:2,title:"Xray & JS",slug:"xray-js",children:[]},{level:2,title:"Early data",slug:"early-data",children:[]},{level:2,title:"Configuration",slug:"configuration",children:[]}],path:"/en/config/features/browser_dialer.html",pathLocale:"/en/",extraFields:[]},{title:"Environment Variables",headers:[{level:2,title:"Xray Asset Location",slug:"xray-asset-location",children:[]},{level:2,title:"Configuration File Location",slug:"configuration-file-location",children:[]},{level:2,title:"Multiple Configuration Directories",slug:"multiple-configuration-directories",children:[]}],path:"/en/config/features/env.html",pathLocale:"/en/",extraFields:[]},{title:"Fallback",headers:[{level:2,title:"fallbacks configuration",slug:"fallbacks-configuration",children:[{level:3,title:"FallbackObject",slug:"fallbackobject",children:[]},{level:3,title:"Additional Information",slug:"additional-information",children:[]}]},{level:2,title:"Fallbacks design theory",slug:"fallbacks-design-theory",children:[]}],path:"/en/config/features/fallback.html",pathLocale:"/en/",extraFields:[]},{title:"Multi-file configuration",headers:[{level:2,title:"Multi-file startup",slug:"multi-file-startup",children:[]},{level:2,title:"Rule Explaination",slug:"rule-explaination",children:[{level:3,title:"Normal Objects({})",slug:"normal-objects",children:[]},{level:3,title:"Arrays([])",slug:"arrays",children:[]}]},{level:2,title:"Recommended Multi-file List",slug:"recommended-multi-file-list",children:[]}],path:"/en/config/features/multiple.html",pathLocale:"/en/",extraFields:[]},{title:"Deep analysis of XTLS",headers:[],path:"/en/config/features/xtls.html",pathLocale:"/en/",extraFields:[]},{title:"Dokodemo-Door",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[]},{level:2,title:"Transparent Proxy Configuration Example",slug:"transparent-proxy-configuration-example",children:[]}],path:"/en/config/inbounds/dokodemo.html",pathLocale:"/en/",extraFields:[]},{title:"HTTP",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"AccountObject",slug:"accountobject",children:[]}]}],path:"/en/config/inbounds/http.html",pathLocale:"/en/",extraFields:[]},{title:"Shadowsocks",headers:[{level:3,title:"Supported Encryption Methods",slug:"supported-encryption-methods",children:[]},{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[]},{level:2,title:"ClientObject",slug:"clientobject",children:[]}],path:"/en/config/inbounds/shadowsocks.html",pathLocale:"/en/",extraFields:[]},{title:"SOCKS",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"AccountObject",slug:"accountobject",children:[]}]}],path:"/en/config/inbounds/socks.html",pathLocale:"/en/",extraFields:[]},{title:"Trojan",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]}]}],path:"/en/config/inbounds/trojan.html",pathLocale:"/en/",extraFields:[]},{title:"VLESS",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]}]}],path:"/en/config/inbounds/vless.html",pathLocale:"/en/",extraFields:[]},{title:"VMess",headers:[{level:2,title:"InboundConfigurationObject",slug:"inboundconfigurationobject",children:[{level:3,title:"ClientObject",slug:"clientobject",children:[]},{level:3,title:"DetourObject",slug:"detourobject",children:[]},{level:3,title:"DefaultObject",slug:"defaultobject",children:[]}]}],path:"/en/config/inbounds/vmess.html",pathLocale:"/en/",extraFields:[]},{title:"Blackhole",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ResponseObject",slug:"responseobject",children:[]}]}],path:"/en/config/outbounds/blackhole.html",pathLocale:"/en/",extraFields:[]},{title:"DNS",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[]},{level:2,title:"DNS Configuration Example",slug:"dns-configuration-example",children:[]}],path:"/en/config/outbounds/dns.html",pathLocale:"/en/",extraFields:[]},{title:"Freedom",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[]}],path:"/en/config/outbounds/freedom.html",pathLocale:"/en/",extraFields:[]},{title:"HTTP",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/outbounds/http.html",pathLocale:"/en/",extraFields:[]},{title:"Shadowsocks",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/outbounds/shadowsocks.html",pathLocale:"/en/",extraFields:[]},{title:"Socks",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/outbounds/socks.html",pathLocale:"/en/",extraFields:[]},{title:"Trojan",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/outbounds/trojan.html",pathLocale:"/en/",extraFields:[]},{title:"VLESS",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]},{level:3,title:"UserObject",slug:"userobject",children:[]}]}],path:"/en/config/outbounds/vless.html",pathLocale:"/en/",extraFields:[]},{title:"VMess",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"ServerObject",slug:"serverobject",children:[]}]}],path:"/en/config/outbounds/vmess.html",pathLocale:"/en/",extraFields:[]},{title:"Wireguard",headers:[{level:2,title:"OutboundConfigurationObject",slug:"outboundconfigurationobject",children:[{level:3,title:"Peers",slug:"peers",children:[]}]}],path:"/en/config/outbounds/wireguard.html",pathLocale:"/en/",extraFields:[]},{title:"Domain Socket",headers:[{level:2,title:"DomainSocketObject",slug:"domainsocketobject",children:[]}],path:"/en/config/transports/domainsocket.html",pathLocale:"/en/",extraFields:[]},{title:"gRPC",headers:[{level:2,title:"GRPCObject",slug:"grpcobject",children:[]}],path:"/en/config/transports/grpc.html",pathLocale:"/en/",extraFields:[]},{title:"HTTP/2",headers:[{level:2,title:"HttpObject",slug:"httpobject",children:[]}],path:"/en/config/transports/h2.html",pathLocale:"/en/",extraFields:[]},{title:"mKCP",headers:[{level:2,title:"KcpObject",slug:"kcpobject",children:[{level:3,title:"HeaderObject",slug:"headerobject",children:[]}]},{level:2,title:"Special Thanks",slug:"special-thanks",children:[]},{level:2,title:"Improvements to the KCP protocol",slug:"improvements-to-the-kcp-protocol",children:[{level:3,title:"smaller protocol header",slug:"smaller-protocol-header",children:[]},{level:3,title:"ACK packet retransmission",slug:"ack-packet-retransmission",children:[]},{level:3,title:"Connection state control",slug:"connection-state-control",children:[]}]}],path:"/en/config/transports/mkcp.html",pathLocale:"/en/",extraFields:[]},{title:"QUIC",headers:[{level:2,title:"QuicObject",slug:"quicobject",children:[{level:3,title:"HeaderObject",slug:"headerobject",children:[]}]}],path:"/en/config/transports/quic.html",pathLocale:"/en/",extraFields:[]},{title:"TCP",headers:[{level:2,title:"TcpObject",slug:"tcpobject",children:[{level:3,title:"NoneHeaderObject",slug:"noneheaderobject",children:[]},{level:3,title:"HttpHeaderObject",slug:"httpheaderobject",children:[]}]}],path:"/en/config/transports/tcp.html",pathLocale:"/en/",extraFields:[]},{title:"WebSocket",headers:[{level:2,title:"WebSocketObject",slug:"websocketobject",children:[]},{level:2,title:"Browser Dialer",slug:"browser-dialer",children:[]}],path:"/en/config/transports/websocket.html",pathLocale:"/en/",extraFields:[]},{title:"Compile the document",headers:[{level:2,title:"Preparatory Work",slug:"preparatory-work",children:[]},{level:2,title:"Pull Xray source code",slug:"pull-xray-source-code",children:[]},{level:2,title:"Build Binary",slug:"build-binary",children:[{level:3,title:"Windows(Powershell):",slug:"windows-powershell",children:[]},{level:3,title:"macOS, Linux:",slug:"macos-linux",children:[]}]},{level:2,title:"Cross compilation:",slug:"cross-compilation",children:[]},{level:2,title:"Reproducible Build:",slug:"reproducible-build",children:[]}],path:"/en/development/intro/compile.html",pathLocale:"/en/",extraFields:[]},{title:"Design Objectives",headers:[{level:2,title:"Architecture",slug:"architecture",children:[{level:3,title:"Application Layer",slug:"application-layer",children:[]},{level:3,title:"Proxy Layer",slug:"proxy-layer",children:[]},{level:3,title:"Transport Layer",slug:"transport-layer",children:[]}]}],path:"/en/development/intro/design.html",pathLocale:"/en/",extraFields:[]},{title:"Development Standards",headers:[{level:2,title:"Basic",slug:"basic",children:[{level:3,title:"Version Control",slug:"version-control",children:[]},{level:3,title:"Branch",slug:"branch",children:[]},{level:3,title:"Release",slug:"release",children:[]},{level:3,title:"Citing other projects",slug:"citing-other-projects",children:[]}]},{level:2,title:"Development Process",slug:"development-process",children:[{level:3,title:"Before Writing Code",slug:"before-writing-code",children:[]},{level:3,title:"Modify the code",slug:"modify-the-code",children:[]},{level:3,title:"Pull Request",slug:"pull-request",children:[]},{level:3,title:"Modifying Code",slug:"modifying-code",children:[]}]},{level:2,title:"Xray Coding Guidelines",slug:"xray-coding-guidelines",children:[{level:3,title:"Code Structure",slug:"code-structure",children:[]},{level:3,title:"Coding Standards",slug:"coding-standards",children:[]}]}],path:"/en/development/intro/guide.html",pathLocale:"/en/",extraFields:[]},{title:"mKCP Protocol",headers:[{level:2,title:"Version",slug:"version",children:[]},{level:2,title:"Dependencies",slug:"dependencies",children:[{level:3,title:"Underlying Protocol",slug:"underlying-protocol",children:[]},{level:3,title:"Functions",slug:"functions",children:[]}]},{level:2,title:"Communication Process",slug:"communication-process",children:[]},{level:2,title:"Data Format",slug:"data-format",children:[{level:3,title:"Data Packet",slug:"data-packet",children:[]},{level:3,title:"Data snippet",slug:"data-snippet",children:[]},{level:3,title:"Confirmation snippet",slug:"confirmation-snippet",children:[]},{level:3,title:"Heartbeat Fragments",slug:"heartbeat-fragments",children:[]}]}],path:"/en/development/protocols/mkcp.html",pathLocale:"/en/",extraFields:[]},{title:"Mux.Cool Protocol",headers:[{level:2,title:"Version",slug:"version",children:[]},{level:2,title:"Dependencies",slug:"dependencies",children:[{level:3,title:"Underlying Protocol",slug:"underlying-protocol",children:[]}]},{level:2,title:"Communication Process",slug:"communication-process",children:[{level:3,title:"Client behavior",slug:"client-behavior",children:[]},{level:3,title:"Server-side behavior",slug:"server-side-behavior",children:[]}]},{level:2,title:"Data Format",slug:"data-format",children:[{level:3,title:"Frame Format",slug:"frame-format",children:[]},{level:3,title:"Metadata",slug:"metadata",children:[]},{level:3,title:"New Sublink (New)",slug:"new-sublink-new",children:[]},{level:3,title:"Keep sub-connections",slug:"keep-sub-connections",children:[]},{level:3,title:"End",slug:"end",children:[]},{level:3,title:"KeepAlive",slug:"keepalive",children:[]}]},{level:2,title:"Application",slug:"application",children:[]}],path:"/en/development/protocols/muxcool.html",pathLocale:"/en/",extraFields:[]},{title:"VLESS Protocol",headers:[{level:2,title:"Request & Response",slug:"request-response",children:[]},{level:2,title:"ProtoBuf",slug:"protobuf",children:[]},{level:2,title:"Flow",slug:"flow",children:[{level:3,title:"Flow Control (Formerly Traffic Scheduler)",slug:"flow-control-formerly-traffic-scheduler",children:[]}]},{level:2,title:"Encryption",slug:"encryption",children:[]},{level:2,title:"UDP issues",slug:"udp-issues",children:[]},{level:2,title:"Client Development Guide",slug:"client-development-guide",children:[]},{level:2,title:"VLESS Sharing Link Standard",slug:"vless-sharing-link-standard",children:[]}],path:"/en/development/protocols/vless.html",pathLocale:"/en/",extraFields:[]},{title:"VMess Protocol",headers:[{level:2,title:"Version",slug:"version",children:[]},{level:2,title:"Dependencies",slug:"dependencies",children:[{level:3,title:"Underlying Protocol",slug:"underlying-protocol",children:[]},{level:3,title:"User ID",slug:"user-id",children:[]},{level:3,title:"Functions",slug:"functions",children:[]}]},{level:2,title:"Communication Process",slug:"communication-process",children:[]},{level:2,title:"Client Request",slug:"client-request",children:[{level:3,title:"Authentication Information",slug:"authentication-information",children:[]},{level:3,title:"Command Section",slug:"command-section",children:[]},{level:3,title:"Data Section",slug:"data-section",children:[]}]},{level:2,title:"Server Response",slug:"server-response",children:[{level:3,title:"Dynamic Port Instructions",slug:"dynamic-port-instructions",children:[]}]},{level:2,title:"Comment",slug:"comment",children:[]}],path:"/en/development/protocols/vmess.html",pathLocale:"/en/",extraFields:[]},{title:"Plain and Simple Language",headers:[],path:"/en/document/level-0/",pathLocale:"/en/",extraFields:[]},{title:"[Chapter 1] Simple and Plain Language",headers:[{level:2,title:"1.1 Who is this document written for?",slug:"_1-1-who-is-this-document-written-for",children:[]},{level:2,title:"1.2 Who is this document not written for?",slug:"_1-2-who-is-this-document-not-written-for",children:[]},{level:2,title:"1.3 Declaration and Other Statements",slug:"_1-3-declaration-and-other-statements",children:[]},{level:2,title:"1.4 Why is self-hosting a challenge?",slug:"_1-4-why-is-self-hosting-a-challenge",children:[]},{level:2,title:'1.5 "Why not just use the airport?"',slug:"_1-5-why-not-just-use-the-airport",children:[]},{level:2,title:"1.6 So should you build your own website?",slug:"_1-6-so-should-you-build-your-own-website",children:[]},{level:2,title:"1.7 Some digressions",slug:"_1-7-some-digressions",children:[]},{level:2,title:"1.8 Your Progress",slug:"_1-8-your-progress",children:[]}],path:"/en/document/level-0/ch01-preface.html",pathLocale:"/en/",extraFields:[]},{title:"[Chapter 2] Preparation of Raw Materials",headers:[{level:2,title:"2.1 Acquiring a VPS",slug:"_2-1-acquiring-a-vps",children:[]},{level:2,title:"2.2 Obtaining a Desired Domain Name",slug:"_2-2-obtaining-a-desired-domain-name",children:[]},{level:2,title:"2.3 Software you need to install on your local computer",slug:"_2-3-software-you-need-to-install-on-your-local-computer",children:[]},{level:2,title:"2.4 Your Progress",slug:"_2-4-your-progress",children:[]}],path:"/en/document/level-0/ch02-preparation.html",pathLocale:"/en/",extraFields:[]},{title:"[Chapter 3] Remote Login",headers:[{level:2,title:"3.1 Remote Login to VPS (PuTTY)",slug:"_3-1-remote-login-to-vps-putty",children:[]},{level:2,title:"3.2 Successfully Logging in SSH! Introduction to Command Line Interface!",slug:"_3-2-successfully-logging-in-ssh-introduction-to-command-line-interface",children:[]},{level:2,title:"3.3 Updating software on Linux for the first time!",slug:"_3-3-updating-software-on-linux-for-the-first-time",children:[]},{level:2,title:"3.4 Your Progress",slug:"_3-4-your-progress",children:[]}],path:"/en/document/level-0/ch03-ssh.html",pathLocale:"/en/",extraFields:[]},{title:"[Chapter 4] Security and Protection",headers:[{level:2,title:"4.1 Why Do We Need Security Protection?",slug:"_4-1-why-do-we-need-security-protection",children:[]},{level:2,title:"4.2 What are the specific risks",slug:"_4-2-what-are-the-specific-risks",children:[]},{level:2,title:"4.3 What security measures do we need to take",slug:"_4-3-what-security-measures-do-we-need-to-take",children:[]},{level:2,title:"4.4 Change the SSH Remote Login Port to a Non-22 Port",slug:"_4-4-change-the-ssh-remote-login-port-to-a-non-22-port",children:[]},{level:2,title:"4.5 Creating a New User Without Root Access",slug:"_4-5-creating-a-new-user-without-root-access",children:[]},{level:2,title:"4.6 Disabling SSH Remote Login for Root User",slug:"_4-6-disabling-ssh-remote-login-for-root-user",children:[]},{level:2,title:"4.7 Login with RSA Key and Disable Password Login",slug:"_4-7-login-with-rsa-key-and-disable-password-login",children:[]},{level:2,title:"4.8 Your Progress",slug:"_4-8-your-progress",children:[]}],path:"/en/document/level-0/ch04-security.html",pathLocale:"/en/",extraFields:[]},{title:"Chapter 5: Website Building",headers:[{level:2,title:"5.1 Why should you create a website?",slug:"_5-1-why-should-you-create-a-website",children:[]},{level:2,title:"5.2 Log in to VPS, install and run Nginx",slug:"_5-2-log-in-to-vps-install-and-run-nginx",children:[]},{level:2,title:"5.3 Create the simplest web page",slug:"_5-3-create-the-simplest-web-page",children:[]},{level:2,title:"5.4 Common error explanations",slug:"_5-4-common-error-explanations",children:[]},{level:2,title:"5.5 Your Progress",slug:"_5-5-your-progress",children:[]}],path:"/en/document/level-0/ch05-webpage.html",pathLocale:"/en/",extraFields:[]},{title:"[Chapter 6] Certificate Management",headers:[{level:2,title:"6.1 Applying for a TLS Certificate",slug:"_6-1-applying-for-a-tls-certificate",children:[]},{level:2,title:"6.2 Install acme.sh",slug:"_6-2-install-acme-sh",children:[]},{level:2,title:"6.3 Testing Certificate Application",slug:"_6-3-testing-certificate-application",children:[]},{level:2,title:"6.4 Application for Official Certification",slug:"_6-4-application-for-official-certification",children:[]},{level:2,title:"6.5 Certificate Installation",slug:"_6-5-certificate-installation",children:[]},{level:2,title:"6.6 Your Progress",slug:"_6-6-your-progress",children:[]}],path:"/en/document/level-0/ch06-certificates.html",pathLocale:"/en/",extraFields:[]},{title:"【第 7 章】Xray 服务器篇",headers:[{level:2,title:"7.1 博观而约取,厚积而薄发",slug:"_7-1-博观而约取-厚积而薄发",children:[]},{level:2,title:"7.2 安装 Xray",slug:"_7-2-安装-xray",children:[]},{level:2,title:"7.3 给 Xray 配置 TLS 证书",slug:"_7-3-给-xray-配置-tls-证书",children:[]},{level:2,title:"7.4 配置 Xray",slug:"_7-4-配置-xray",children:[]},{level:2,title:"7.5 启动 Xray 服务!!(并查看服务状态)",slug:"_7-5-启动-xray-服务-并查看服务状态",children:[]},{level:2,title:"7.6 回顾 systemd 进行基本的服务管理",slug:"_7-6-回顾-systemd-进行基本的服务管理",children:[]},{level:2,title:"7.7 服务器优化之一:开启 BBR",slug:"_7-7-服务器优化之一-开启-bbr",children:[]},{level:2,title:"7.8 服务器优化之二:开启 HTTP 自动跳转 HTTPS",slug:"_7-8-服务器优化之二-开启-http-自动跳转-https",children:[]},{level:2,title:"7.9 服务器优化之三:更丰富的回落",slug:"_7-9-服务器优化之三-更丰富的回落",children:[]},{level:2,title:"7.10 你的进度",slug:"_7-10-你的进度",children:[]},{level:2,title:"7.11 重要勘误",slug:"_7-11-重要勘误",children:[]}],path:"/en/document/level-0/ch07-xray-server.html",pathLocale:"/en/",extraFields:[]},{title:"【第 8 章】Xray 客户端篇",headers:[{level:2,title:"8.1 Xray 的工作原理简述",slug:"_8-1-xray-的工作原理简述",children:[]},{level:2,title:"8.2 客户端与服务器端正确连接",slug:"_8-2-客户端与服务器端正确连接",children:[]},{level:2,title:"8.3 附加题 1:在 PC 端手工配置 xray-core",slug:"_8-3-附加题-1-在-pc-端手工配置-xray-core",children:[]},{level:2,title:"8.4 附加题 2:在 PC 端手工运行 xray-core",slug:"_8-4-附加题-2-在-pc-端手工运行-xray-core",children:[]},{level:2,title:"8.5 附加题 3:在 PC 端开机自动运行 xray-core",slug:"_8-5-附加题-3-在-pc-端开机自动运行-xray-core",children:[]},{level:2,title:"8.6 圆满完成!",slug:"_8-6-圆满完成",children:[]},{level:2,title:"8.7 TO INFINITY AND BEYOND!",slug:"_8-7-to-infinity-and-beyond",children:[]}],path:"/en/document/level-0/ch08-xray-clients.html",pathLocale:"/en/",extraFields:[]},{title:"【第 9 章】附录",headers:[{level:2,title:"1. 小小白白 Linux 基础命令索引",slug:"_1-小小白白-linux-基础命令索引",children:[]},{level:2,title:"2. 小小白白 Linux 重要配置文件索引",slug:"_2-小小白白-linux-重要配置文件索引",children:[]},{level:2,title:"3. 小小白白 Xray 重要文件索引",slug:"_3-小小白白-xray-重要文件索引",children:[]}],path:"/en/document/level-0/ch09-appendix.html",pathLocale:"/en/",extraFields:[]},{title:"Beginner's Tips",headers:[],path:"/en/document/level-1/",pathLocale:"/en/",extraFields:[]},{title:"回落 (fallbacks) 功能简析",headers:[{level:2,title:"1. 回顾《小小白白话文》中的回落",slug:"_1-回顾《小小白白话文》中的回落",children:[]},{level:2,title:"2. 重新认识回落 (WHAT, HOW v1)",slug:"_2-重新认识回落-what-how-v1",children:[]},{level:2,title:"3. 为什么要回落 (WHY v1)",slug:"_3-为什么要回落-why-v1",children:[]},{level:2,title:"4. 重新认识【回落の完全体】 (WHAT, WHY, HOW v2)",slug:"_4-重新认识【回落の完全体】-what-why-how-v2",children:[]},{level:2,title:"5. 多层回落示例及解读",slug:"_5-多层回落示例及解读",children:[{level:3,title:"5.1 首先,我将服务器端配置的 443 监听段摘抄如下:",slug:"_5-1-首先-我将服务器端配置的-443-监听段摘抄如下",children:[]},{level:3,title:"5.2 后续监听处理的配置段摘抄如下:",slug:"_5-2-后续监听处理的配置段摘抄如下",children:[]}]},{level:2,title:"6. 结语",slug:"_6-结语",children:[]},{level:2,title:"7. 附加题",slug:"_7-附加题",children:[]}],path:"/en/document/level-1/fallbacks-lv1.html",pathLocale:"/en/",extraFields:[]},{title:"SNI fallback",headers:[{level:2,title:"Application Scenarios",slug:"application-scenarios",children:[]},{level:2,title:"Introduction to SNI",slug:"introduction-to-sni",children:[]},{level:2,title:"Idea",slug:"idea",children:[]},{level:2,title:"Adding DNS Records",slug:"adding-dns-records",children:[]},{level:2,title:"Applying for TLS Certificate",slug:"applying-for-tls-certificate",children:[]},{level:2,title:"Xray Configuration",slug:"xray-configuration",children:[]},{level:2,title:"Nginx Configuration",slug:"nginx-configuration",children:[]},{level:2,title:"Caddy Configuration",slug:"caddy-configuration",children:[]},{level:2,title:"Reference",slug:"reference",children:[]},{level:2,title:"Quotation",slug:"quotation",children:[]}],path:"/en/document/level-1/fallbacks-with-sni.html",pathLocale:"/en/",extraFields:[]},{title:"路由 (routing) 功能简析(上)",headers:[{level:2,title:"1. 初识【路由】三兄弟",slug:"_1-初识【路由】三兄弟",children:[]},{level:2,title:"2. 基本功: “兄弟一条心”",slug:"_2-基本功-兄弟一条心",children:[{level:3,title:"2.1 入站",slug:"_2-1-入站",children:[]},{level:3,title:"2.3 路由",slug:"_2-3-路由",children:[]},{level:3,title:"2.4 路由配置项解析之一:流量筛选的依据",slug:"_2-4-路由配置项解析之一-流量筛选的依据",children:[]}]},{level:2,title:"3. 小试牛刀: “三分天下” 之 “域名分流”",slug:"_3-小试牛刀-三分天下-之-域名分流",children:[{level:3,title:"3.1 入站",slug:"_3-1-入站",children:[]},{level:3,title:"3.2 出站",slug:"_3-2-出站",children:[]},{level:3,title:"3.3 路由",slug:"_3-3-路由",children:[]},{level:3,title:"3.4 简析域名文件: geosite.dat",slug:"_3-4-简析域名文件-geosite-dat",children:[]},{level:3,title:"3.5 所以 geosite.dat 到底是什么?不是有个 GFWList 吗?",slug:"_3-5-所以-geosite-dat-到底是什么-不是有个-gfwlist-吗",children:[]},{level:3,title:"3.6 军师锦囊藏奇兵:一条隐藏的路由规则",slug:"_3-6-军师锦囊藏奇兵-一条隐藏的路由规则",children:[]},{level:3,title:"3.7 再看“三分天下”的大地图",slug:"_3-7-再看-三分天下-的大地图",children:[]}]},{level:2,title:"4. “三分天下” 之 “蜀魏争雄”",slug:"_4-三分天下-之-蜀魏争雄",children:[]},{level:2,title:"5. 攻城略池 - 多种路由匹配条件",slug:"_5-攻城略池-多种路由匹配条件",children:[]}],path:"/en/document/level-1/routing-lv1-part1.html",pathLocale:"/en/",extraFields:[]},{title:"路由 (routing) 功能简析(下)",headers:[{level:2,title:"5. 攻城略池 - 多种路由匹配条件",slug:"_5-攻城略池-多种路由匹配条件",children:[{level:3,title:"5.1 基于指定域名分流:[domain], [full] 等",slug:"_5-1-基于指定域名分流-domain-full-等",children:[]},{level:3,title:"5.2 基于 IP 文件分流:geoip.dat",slug:"_5-2-基于-ip-文件分流-geoip-dat",children:[]},{level:3,title:"5.3 基于指定 IP 地址分流",slug:"_5-3-基于指定-ip-地址分流",children:[]},{level:3,title:"5.4 基于协议类型分流:[protocol] 等",slug:"_5-4-基于协议类型分流-protocol-等",children:[]},{level:3,title:"5.5 基于更多条件的分流",slug:"_5-5-基于更多条件的分流",children:[]}]},{level:2,title:"6. “霸业初定”:路由规则整体回顾",slug:"_6-霸业初定-路由规则整体回顾",children:[]},{level:2,title:"7. 路由配置常见错误",slug:"_7-路由配置常见错误",children:[{level:3,title:"7.1 错误示范",slug:"_7-1-错误示范",children:[]},{level:3,title:"7.2 正确示范",slug:"_7-2-正确示范",children:[]}]},{level:2,title:"8. 明修栈道、暗渡陈仓",slug:"_8-明修栈道、暗渡陈仓",children:[{level:3,title:'8.1 域名策略: "AsIs"',slug:"_8-1-域名策略-asis",children:[]},{level:3,title:'8.2 域名策略: "IPIfNonMatch"',slug:"_8-2-域名策略-ipifnonmatch",children:[]},{level:3,title:'8.3 域名策略: "IPOnDemand"',slug:"_8-3-域名策略-ipondemand",children:[]}]},{level:2,title:"9. 思考题",slug:"_9-思考题",children:[]},{level:2,title:"10. 结语",slug:"_10-结语",children:[]},{level:2,title:"11. 尾注",slug:"_11-尾注",children:[]}],path:"/en/document/level-1/routing-lv1-part2.html",pathLocale:"/en/",extraFields:[]},{title:"Xray 的工作模式",headers:[{level:2,title:"单服务器模式",slug:"单服务器模式",children:[]},{level:2,title:"桥接模式",slug:"桥接模式",children:[]},{level:2,title:"工作原理",slug:"工作原理",children:[]}],path:"/en/document/level-1/work.html",pathLocale:"/en/",extraFields:[]},{title:"Advanced Documentation",headers:[],path:"/en/document/level-2/",pathLocale:"/en/",extraFields:[]},{title:"Transparent proxy via GID",headers:[{level:2,title:"Ideas",slug:"ideas",children:[]},{level:2,title:"Configuration Procedure",slug:"configuration-procedure",children:[{level:3,title:"1. Preliminary preparation",slug:"_1-preliminary-preparation",children:[]},{level:3,title:"2. Add user (Android users please ignore this section)",slug:"_2-add-user-android-users-please-ignore-this-section",children:[]},{level:3,title:"3. Configure and run Xray, and configure iptables rules",slug:"_3-configure-and-run-xray-and-configure-iptables-rules",children:[]}]},{level:2,title:"Steps",slug:"steps",children:[{level:3,title:"1. Finish Preliminary preparation and Add user",slug:"_1-finish-preliminary-preparation-and-add-user",children:[]},{level:3,title:"2. Preparing Xray profiles",slug:"_2-preparing-xray-profiles",children:[]},{level:3,title:"3. Configuring the maximum number of open files and run the Xray client",slug:"_3-configuring-the-maximum-number-of-open-files-and-run-the-xray-client",children:[]},{level:3,title:"4. Setting up iptables rules",slug:"_4-setting-up-iptables-rules",children:[]}]}],path:"/en/document/level-2/iptables_gid.html",pathLocale:"/en/",extraFields:[]},{title:"Nginx_TLS隧道隐藏指纹",headers:[{level:2,title:"编译 nginx --with-stream",slug:"编译-nginx-with-stream",children:[]},{level:2,title:"配置 nginx",slug:"配置-nginx",children:[]},{level:2,title:"xray 配置",slug:"xray-配置",children:[]},{level:2,title:"客户端及服务端启动服务",slug:"客户端及服务端启动服务",children:[]},{level:2,title:"后记",slug:"后记",children:[]}],path:"/en/document/level-2/nginx_tls_tunnel.html",pathLocale:"/en/",extraFields:[]},{title:"出站流量重定向",headers:[{level:2,title:"前言",slug:"前言",children:[]},{level:2,title:"1、安装代理或者 VPN 软件(例如 Wireguard、IPsec 等)",slug:"_1、安装代理或者-vpn-软件-例如-wireguard、ipsec-等",children:[]},{level:2,title:"2、编辑 VPN 配置文件(以 WireGuard 为例)",slug:"_2、编辑-vpn-配置文件-以-wireguard-为例",children:[]},{level:2,title:"3、启用 WireGuard 网络接口",slug:"_3、启用-wireguard-网络接口",children:[]},{level:2,title:"4、Xray-core 配置文件修改",slug:"_4、xray-core-配置文件修改",children:[]},{level:2,title:"5、系统设置配置",slug:"_5、系统设置配置",children:[]},{level:2,title:"6、完成 WireGuard 相关设置",slug:"_6、完成-wireguard-相关设置",children:[]},{level:2,title:"后记",slug:"后记",children:[]},{level:2,title:"感谢",slug:"感谢",children:[]}],path:"/en/document/level-2/redirect.html",pathLocale:"/en/",extraFields:[]},{title:"TProxy 透明代理",headers:[{level:2,title:"开始之前",slug:"开始之前",children:[]},{level:2,title:"Xray 配置",slug:"xray-配置",children:[]},{level:2,title:"策略路由配置",slug:"策略路由配置",children:[]},{level:2,title:"Netfilter 配置",slug:"netfilter-配置",children:[]},{level:2,title:"配置永久化与开机自启",slug:"配置永久化与开机自启",children:[]}],path:"/en/document/level-2/tproxy.html",pathLocale:"/en/",extraFields:[]},{title:"TProxy 透明代理 (ipv4 and ipv6)",headers:[{level:2,title:"Xray 配置",slug:"xray-配置",children:[{level:3,title:"客户端配置",slug:"客户端配置",children:[]},{level:3,title:"服务端配置",slug:"服务端配置",children:[]}]},{level:2,title:"Netfilter 配置",slug:"netfilter-配置",children:[{level:3,title:"首先设置策略路由",slug:"首先设置策略路由",children:[]},{level:3,title:"使用 iptables",slug:"使用-iptables",children:[]},{level:3,title:"使用 nftables",slug:"使用-nftables",children:[]},{level:3,title:"开机自动运行 Netfilter 配置",slug:"开机自动运行-netfilter-配置",children:[]}]},{level:2,title:"局域网设备上网设置",slug:"局域网设备上网设置",children:[{level:3,title:"方法一",slug:"方法一",children:[]},{level:3,title:"方法二",slug:"方法二",children:[]}]},{level:2,title:"Finally",slug:"finally",children:[]},{level:2,title:"写在最后",slug:"写在最后",children:[]}],path:"/en/document/level-2/tproxy_ipv4_and_ipv6.html",pathLocale:"/en/",extraFields:[]},{title:"流量统计",headers:[{level:2,title:"查看流量信息",slug:"查看流量信息",children:[]},{level:2,title:"流量信息的处理",slug:"流量信息的处理",children:[]}],path:"/en/document/level-2/traffic_stats.html",pathLocale:"/en/",extraFields:[]},{title:"Enhancing Proxy Security with Cloudflare Warp",headers:[{level:2,title:"Applying for a Warp Account",slug:"applying-for-a-warp-account",children:[]},{level:2,title:"Diverting inbound traffic to warp on the server side",slug:"diverting-inbound-traffic-to-warp-on-the-server-side",children:[]},{level:2,title:"Using Warp Chain Proxy on the Client Side",slug:"using-warp-chain-proxy-on-the-client-side",children:[]}],path:"/en/document/level-2/warp.html",pathLocale:"/en/",extraFields:[]},{title:"透明代理入门",headers:[{level:2,title:"什么是透明代理",slug:"什么是透明代理",children:[]},{level:2,title:"透明代理的实现",slug:"透明代理的实现",children:[{level:3,title:"tun2socks",slug:"tun2socks",children:[]},{level:3,title:"iptables/nftables",slug:"iptables-nftables",children:[]}]},{level:2,title:"iptables 实现透明代理原理",slug:"iptables-实现透明代理原理",children:[]},{level:2,title:"透明代理难在哪里",slug:"透明代理难在哪里",children:[]},{level:2,title:"从零开始一步步实现基于 iptables-tproxy 的透明代理",slug:"从零开始一步步实现基于-iptables-tproxy-的透明代理",children:[{level:3,title:"在开始之前,你需要有一定的基础知识:",slug:"在开始之前-你需要有一定的基础知识",children:[]},{level:3,title:"前期准备工作",slug:"前期准备工作",children:[]},{level:3,title:"首先,我们先试试做到第一阶段",slug:"首先-我们先试试做到第一阶段",children:[]},{level:3,title:"第二阶段",slug:"第二阶段",children:[]},{level:3,title:"第三阶段",slug:"第三阶段",children:[]},{level:3,title:"第四阶段",slug:"第四阶段",children:[]},{level:3,title:"代理 ipv6",slug:"代理-ipv6",children:[]}]}],path:"/en/document/level-2/transparent_proxy/transparent_proxy.html",pathLocale:"/en/",extraFields:[]},{title:"",headers:[],path:"/404.html",pathLocale:"/",extraFields:[]}]},35220:(e,l,t)=>{t.d(l,{H:()=>n});const n={base:"/",lang:"en-US",title:"",description:"",head:[["link",{rel:"icon",href:"/logo.png"}]],locales:{"/":{lang:"zh-CN",title:"Project X",description:"Xray 官方文档"},"/en/":{lang:"en-US",title:"Project X",description:"Official document of Xray"}}}},72232:(e,l,t)=>{t.d(l,{f:()=>n});const n={smoothScroll:!0,repo:"xtls/xray-core",docsRepo:"xtls/Xray-docs-next",docsDir:"docs",docsBranch:"main",editLinks:!0,enableToggle:!0,locales:{"/":{repoLabel:"查看源码",editLinkText:"帮助我们改善此页面!",tip:"提示",warning:"注意",danger:"警告",lastUpdatedText:"最近更改",selectLanguageName:"简体中文",selectLanguageText:"多语言",selectLanguageAriaLabel:"多语言",sidebar:{"/config/":[{text:"特性详解",children:["/config/features/xtls.md","/config/features/fallback.md","/config/features/browser_dialer.md","/config/features/env.md","/config/features/multiple.md"]},{text:"基础配置",children:["/config/","/config/log.md","/config/api.md","/config/dns.md","/config/fakedns.md","/config/inbound.md","/config/outbound.md","/config/policy.md","/config/reverse.md","/config/routing.md","/config/stats.md","/config/transport.md"]},{text:"入站代理",children:["/config/inbounds/dokodemo.md","/config/inbounds/http.md","/config/inbounds/shadowsocks.md","/config/inbounds/socks.md","/config/inbounds/trojan.md","/config/inbounds/vless.md","/config/inbounds/vmess.md"]},{text:"出站代理",children:["/config/outbounds/blackhole.md","/config/outbounds/dns.md","/config/outbounds/freedom.md","/config/outbounds/http.md","/config/outbounds/shadowsocks.md","/config/outbounds/socks.md","/config/outbounds/trojan.md","/config/outbounds/vless.md","/config/outbounds/vmess.md","/config/outbounds/wireguard.md"]},{text:"底层传输",children:["/config/transports/grpc.md","/config/transports/h2.md","/config/transports/mkcp.md","/config/transports/quic.md","/config/transports/tcp.md","/config/transports/websocket.md"]}],"/document/":[{text:"快速入门文档",children:["/document/install.md","/document/config.md","/document/command.md","/document/document.md","/document/level-0","/document/level-1","/document/level-2"]}],"/document/level-0/":[{text:"小小白白话文",children:["/document/level-0/ch01-preface.md","/document/level-0/ch02-preparation.md","/document/level-0/ch03-ssh.md","/document/level-0/ch04-security.md","/document/level-0/ch05-webpage.md","/document/level-0/ch06-certificates.md","/document/level-0/ch07-xray-server.md","/document/level-0/ch08-xray-clients.md","/document/level-0/ch09-appendix.md"]}],"/document/level-1/":[{text:"入门技巧",children:["/document/level-1/fallbacks-lv1.md","/document/level-1/routing-lv1-part1.md","/document/level-1/routing-lv1-part2.md","/document/level-1/work.md","/document/level-1/fallbacks-with-sni.md"]}],"/document/level-2/":[{text:"进阶技巧",children:["/document/level-2/transparent_proxy/transparent_proxy.md","/document/level-2/tproxy.md","/document/level-2/tproxy_ipv4_and_ipv6.md","/document/level-2/nginx_or_haproxy_tls_tunnel.md","/document/level-2/iptables_gid.md","/document/level-2/redirect.md","/document/level-2/warp.md","/document/level-2/traffic_stats.md"]}],"/development/":[{text:"开发指南",children:["/development/intro/compile.md","/development/intro/design.md","/development/intro/guide.md",{text:"协议详解",children:["/development/protocols/vless.md","/development/protocols/vmess.md","/development/protocols/muxcool.md","/development/protocols/mkcp.md"]}]}]},navbar:[{text:"首页",link:"/"},{text:"大史记",link:"/about/news.md"},{text:"配置指南",link:"/config/"},{text:"开发指南",link:"/development/"},{text:"使用指南",link:"/document/"}]},"/en/":{repoLabel:"Source",editLinkText:"Help us improve this page on GitHub!",tip:"Tip",warning:"Warning",danger:"Danger",lastUpdatedText:"Last Updated",selectLanguageName:"English (WIP)",sidebar:{"/en/config/":[{text:"Xray Features",children:["/en/config/features/xtls.md","/en/config/features/fallback.md","/en/config/features/browser_dialer.md","/en/config/features/env.md","/en/config/features/multiple.md"]},{text:"Config Reference",children:["/en/config/","/en/config/log.md","/en/config/api.md","/en/config/dns.md","/en/config/fakedns.md","/en/config/inbound.md","/en/config/outbound.md","/en/config/policy.md","/en/config/reverse.md","/en/config/routing.md","/en/config/stats.md","/en/config/transport.md"]},{text:"Inbound Protocol",children:["/en/config/inbounds/dokodemo.md","/en/config/inbounds/http.md","/en/config/inbounds/shadowsocks.md","/en/config/inbounds/socks.md","/en/config/inbounds/trojan.md","/en/config/inbounds/vless.md","/en/config/inbounds/vmess.md"]},{text:"Outbound Protocol",children:["/en/config/outbounds/blackhole.md","/en/config/outbounds/dns.md","/en/config/outbounds/freedom.md","/en/config/outbounds/http.md","/en/config/outbounds/shadowsocks.md","/en/config/outbounds/socks.md","/en/config/outbounds/trojan.md","/en/config/outbounds/vless.md","/en/config/outbounds/vmess.md","/en/config/outbounds/wireguard.md"]},{text:"Stream Transport Protocol",children:["/en/config/transports/grpc.md","/en/config/transports/h2.md","/en/config/transports/mkcp.md","/en/config/transports/quic.md","/en/config/transports/tcp.md","/en/config/transports/websocket.md"]}],"/en/document/level-0/":[{text:"Beginner Tutorial",children:["/en/document/level-0/ch01-preface.md","/en/document/level-0/ch02-preparation.md","/en/document/level-0/ch03-ssh.md","/en/document/level-0/ch04-security.md","/en/document/level-0/ch05-webpage.md","/en/document/level-0/ch06-certificates.md","/en/document/level-0/ch07-xray-server.md","/en/document/level-0/ch08-xray-clients.md","/en/document/level-0/ch09-appendix.md"]}],"/en/document/level-1/":[{text:"Getting Started Tips",children:["/en/document/level-1/fallbacks-lv1.md","/en/document/level-1/routing-lv1-part1.md","/en/document/level-1/routing-lv1-part2.md","/en/document/level-1/work.md","/en/document/level-1/fallbacks-with-sni.md"]}],"/en/document/level-2/":[{text:"Advanced Documentation",children:["/en/document/level-2/transparent_proxy/transparent_proxy.md","/en/document/level-2/tproxy.md","/en/document/level-2/tproxy_ipv4_and_ipv6.md","/en/document/level-2/nginx_or_haproxy_tls_tunnel.md","/en/document/level-2/iptables_gid.md","/en/document/level-2/redirect.md","/en/document/level-2/warp.md","/en/document/level-2/traffic_stats.md"]}],"/en/development/":[{text:"Developer Guide",children:["/en/development/intro/compile.md","/en/development/intro/design.md","/en/development/intro/guide.md",{text:"Protocol Details",children:["/en/development/protocols/vless.md","/en/development/protocols/vmess.md","/en/development/protocols/muxcool.md","/en/development/protocols/mkcp.md"]}]}]},navbar:[{text:"Homepage",link:"/en"},{text:"Website History",link:"/en/about/news.md"},{text:"Config Reference",link:"/en/config/"},{text:"Developer Guide",link:"/en/development/"},{text:"Quick Start",link:"/en/document/"}]}},navbar:[],logo:null,darkMode:!0,selectLanguageText:"Languages",selectLanguageAriaLabel:"Select language",sidebar:"auto",sidebarDepth:2,editLink:!0,editLinkText:"Edit this page",lastUpdated:!0,lastUpdatedText:"Last Updated",contributors:!0,contributorsText:"Contributors",notFound:["There's nothing here.","How did we get here?","That's a Four-Oh-Four.","Looks like we've got some broken links."],backToHome:"Take me home",openInNewWindow:"open in new window",toggleDarkMode:"toggle dark mode",toggleSidebar:"toggle sidebar"}}},e=>{e.O(0,[7633,3469],(()=>(35698,e(e.s=35698)))),e.O()}]); \ No newline at end of file diff --git a/assets/js/runtime~app.bda536c8.js b/assets/js/runtime~app.0ab52007.js similarity index 99% rename from assets/js/runtime~app.bda536c8.js rename to assets/js/runtime~app.0ab52007.js index cb8b58b180..d0b52fdbe1 100644 --- a/assets/js/runtime~app.bda536c8.js +++ b/assets/js/runtime~app.0ab52007.js @@ -1 +1 @@ -(()=>{"use strict";var e,a,d,c={},v={};function b(e){var a=v[e];if(void 0!==a)return a.exports;var d=v[e]={exports:{}};return c[e].call(d.exports,d,d.exports,b),d.exports}b.m=c,e=[],b.O=(a,d,c,v)=>{if(!d){var f=1/0;for(n=0;n=v)&&Object.keys(b.O).every((e=>b.O[e](d[t])))?d.splice(t--,1):(r=!1,v0&&e[n-1][2]>v;n--)e[n]=e[n-1];e[n]=[d,c,v]},b.d=(e,a)=>{for(var d in a)b.o(a,d)&&!b.o(e,d)&&Object.defineProperty(e,d,{enumerable:!0,get:a[d]})},b.f={},b.e=e=>Promise.all(Object.keys(b.f).reduce(((a,d)=>(b.f[d](e,a),a)),[])),b.u=e=>"assets/js/"+({59:"v-13168a21",88:"v-3706649a",152:"v-61e7eea6",196:"v-2f29e106",202:"v-617f0fcf",224:"v-5c48c82b",322:"v-0da7880a",346:"v-e979b848",373:"v-c6b4b59e",404:"v-439608b6",569:"v-7f6279d8",683:"v-f91d64d6",735:"v-41f9c00e",788:"v-76b9a0f3",944:"v-f5341aec",966:"v-726d0633",1050:"v-b50d2334",1067:"v-5797bdb3",1138:"v-7689d7f3",1195:"v-05ddc65d",1232:"v-430c6ab8",1241:"v-930ac920",1259:"v-749ad71a",1327:"v-1ee591a8",1381:"v-6d39b970",1393:"v-2877542a",1605:"v-0e5d7b39",1783:"v-2367d756",1833:"v-3f09dc7e",1835:"v-7e21d6ae",1888:"v-192a19b9",1941:"v-a001cfa6",1992:"v-2b1adf48",2015:"v-70677432",2017:"v-3167b1dd",2109:"v-7efb7c68",2243:"v-208ca3b9",2261:"v-c0bbf696",2385:"v-51a51d87",2475:"v-8cc24480",2504:"v-f7496066",2509:"v-8daa1a0e",2547:"v-12a33bee",2578:"v-789ba80e",2759:"v-802a842a",2887:"v-4458f72a",2927:"v-f88d343e",2946:"v-d68f7d58",3091:"v-255a6ebf",3127:"v-29995cea",3177:"v-110dd688",3430:"v-da623318",3446:"v-16426d1a",3468:"v-fb444906",3651:"v-fb92e8aa",3737:"v-167afaac",3745:"v-33b1b709",3767:"v-0d714d87",3775:"v-4ca6f1ca",3778:"v-516476d4",3818:"v-3eb3e9c6",3834:"v-773d731c",3835:"v-2d0a870d",3866:"v-46333b48",3902:"v-6a9e8054",3907:"v-27001935",3994:"v-1d860c29",4023:"v-79d41176",4316:"v-29188644",4339:"v-4bbe1d5a",4376:"v-565dbfc4",4457:"v-86ee963a",4473:"v-fa6d716e",4507:"v-1c38292a",4732:"v-4492d567",4746:"v-d190d938",4922:"v-a75683b8",5062:"v-0fbd1336",5073:"v-4d046016",5135:"v-775db7b1",5151:"v-7d2b8478",5170:"v-e3dfff38",5372:"v-8f08dbec",5500:"v-3fc98845",5531:"v-2c6058d4",5605:"v-ba934fd8",5650:"v-95e3eaea",5656:"v-b0030f00",5745:"v-5b6477cc",5890:"v-1ff57bba",6018:"v-02956db7",6214:"v-1c17916e",6271:"v-fdd722ac",6280:"v-21b30c3f",6416:"v-fb774212",6447:"v-e533e2c6",6448:"v-b7760e2c",6499:"v-94110980",6515:"v-b21a2a20",6550:"v-a60f016c",6553:"v-7b293e4a",6665:"v-6e50feb6",6765:"v-789ba7ef",6907:"v-23fbd2d0",6940:"v-d3712ade",6971:"v-5ab92300",7e3:"v-4c013f47",7021:"v-03a28284",7147:"v-278039be",7186:"v-1a7f9d6e",7322:"v-9520f392",7371:"v-593408b0",7578:"v-36b1a79b",7625:"v-2aeb21f9",7693:"v-09a64f89",7858:"v-1e465ab0",7964:"v-a0c7f88e",7975:"v-22b35270",8015:"v-aad48c6a",8028:"v-41ade9da",8064:"v-45144c7f",8140:"v-268cd669",8169:"v-5254cbc6",8225:"v-789ba82d",8282:"v-c425a7d4",8284:"v-f1802e66",8286:"v-4ebec35a",8334:"v-6e6c37e6",8403:"v-3eb62514",8424:"v-15f5452a",8444:"v-21bccd79",8488:"v-5de780d0",8512:"v-86586ca2",8529:"v-1080fb37",8551:"v-72afc2d2",8628:"v-3acf20ea",8662:"v-f555fc02",8741:"v-338bc63e",8750:"v-a0627812",8800:"v-d76e893a",8813:"v-7d61a872",8941:"v-3f09dcbc",8945:"v-075f3ae5",9027:"v-0d0e1e92",9046:"v-2b7ec525",9115:"v-38c376c1",9139:"v-c579975c",9193:"v-2a1b3d72",9218:"v-31b7756a",9238:"v-38d56a07",9279:"v-e35196c2",9324:"v-103b3e5c",9346:"v-717c6376",9372:"v-792e28f8",9393:"v-317fc580",9492:"v-30bd7c12",9549:"v-83dedd38",9685:"v-63077cb6",9691:"v-413cee4b",9789:"v-3f09dcfa",9820:"v-797f8d25",9886:"v-64e47ef4",9915:"v-1f3a890a"}[e]||e)+"."+{59:"7de28a1c",88:"b1cdb0d5",152:"c59ccd26",196:"a6d9aecc",202:"114f7c85",224:"f57ce8ad",322:"309e1a23",346:"d0c9eaff",360:"b61d0db3",373:"4cf2db6b",404:"6db0b3ba",569:"f98661ed",683:"d09a4ca0",735:"b2b23b56",762:"d4c11846",788:"4f53ab38",944:"d4b8a4ad",966:"02d2cbce",1050:"403d53f1",1067:"69e80155",1138:"442f21be",1195:"0573e49d",1232:"eca93439",1241:"09405743",1259:"6b154f8b",1327:"cad85ddd",1381:"bed9c2e1",1393:"98b47489",1605:"a997e4d6",1688:"add8ab54",1783:"ec57eb4e",1833:"d2136118",1835:"3d220453",1888:"fe947817",1941:"055621b2",1992:"493a22d4",2015:"02946697",2017:"aafca19a",2027:"51e15973",2109:"eb13762f",2127:"e2660127",2243:"684ecf88",2244:"4e3371f0",2261:"7aaa75ee",2385:"a05e2624",2475:"80a67613",2504:"8db8e3e9",2509:"ff3ae5dc",2547:"0a1ea57a",2578:"8431376d",2690:"13b02214",2759:"9cb4b968",2887:"84b683d2",2927:"95495425",2946:"5511c740",3091:"dac16046",3127:"6c54e476",3177:"d9e40176",3430:"f130141c",3446:"7d834ce9",3468:"018983d7",3506:"996d535c",3601:"23775d79",3651:"ce15df01",3737:"5ca3833c",3745:"1c2b3301",3767:"75657241",3771:"a7f69d9c",3775:"49ee3088",3778:"c3212283",3818:"6aaae747",3834:"963d2a26",3835:"3904bf48",3866:"28a57792",3902:"a7f90aba",3907:"17c7e0e6",3994:"32ecc051",4023:"ef4779cc",4316:"7d545f95",4339:"43dafbe0",4376:"d7ec89e9",4457:"6d296fec",4473:"779130b8",4507:"632e3a07",4732:"608404b1",4746:"a0c52460",4842:"6475eaf5",4922:"174fff25",5062:"2ee78ec2",5073:"2b48b5c1",5135:"990c1854",5151:"dec68563",5169:"5a599be0",5170:"97486974",5254:"93e54f98",5372:"2a6e19db",5500:"7c5160b3",5531:"dc358c21",5605:"914d9baf",5650:"e597337e",5656:"dbb67e94",5745:"51da579c",5890:"939d1682",6018:"47d31a7e",6046:"3e042245",6214:"e9f0c8a2",6254:"b5737f7a",6271:"a366df7b",6280:"b1c8b018",6284:"be51c3f5",6416:"80c9bd93",6447:"bb8c3a12",6448:"8d4d66f5",6499:"74934351",6515:"385633a4",6550:"4f3d3270",6553:"4d84425d",6637:"79b3ddc6",6665:"6351d11a",6715:"de6e3c04",6765:"d0ef516d",6907:"bb77b05e",6940:"c6c40d02",6971:"83bcb83c",7e3:"d22df217",7021:"c29837cc",7111:"ff580f0b",7147:"b028355d",7186:"0c9a813a",7322:"822d02af",7371:"623aa536",7407:"2d278670",7554:"3bb1f107",7578:"2d9dda9a",7625:"888f68b1",7693:"0a750ea6",7707:"edf51089",7740:"fc07a7f4",7807:"ccad61f3",7858:"bd118600",7964:"f170ea21",7975:"48f12c43",8015:"ad14868b",8028:"3eeda83b",8064:"7e3a75c0",8140:"3c229a98",8169:"62e3a2c0",8189:"e1453d69",8225:"fd02a3c4",8282:"02eea8fa",8284:"a4719b9a",8286:"386a7a8e",8334:"72e10134",8365:"391bcded",8371:"3fb7e2be",8403:"b503a327",8424:"6000f3c8",8444:"2a40686c",8488:"22af6967",8491:"5c0e6024",8512:"ec35ed7f",8529:"a453115e",8551:"cebcc930",8628:"e8899ef4",8653:"9a467791",8662:"3e54f28e",8687:"93dc6fcc",8741:"4ae84b24",8750:"049dc2b9",8800:"bd4bc71a",8813:"374f9ab1",8941:"b6cb0055",8945:"02886898",9027:"e9632a44",9046:"80af15d7",9115:"98277fd3",9139:"d1dcad90",9193:"e53a615a",9218:"e180265b",9238:"8e9c4e7f",9279:"44b92c1a",9324:"c15d48ad",9346:"50ca4d25",9372:"380b1ac7",9393:"75b18a7d",9469:"7cf8eb86",9492:"cb9eff15",9549:"8f68e555",9685:"77e150c2",9691:"aa0d3ed6",9789:"caa53068",9816:"24ff0543",9820:"8f2a77f7",9886:"a86d3906",9915:"549b673b"}[e]+".js",b.miniCssF=e=>"assets/css/styles.f4ef6178.css",b.o=(e,a)=>Object.prototype.hasOwnProperty.call(e,a),a={},d="Xray-docs-next:",b.l=(e,c,v,f)=>{if(a[e])a[e].push(c);else{var r,t;if(void 0!==v)for(var o=document.getElementsByTagName("script"),n=0;n{r.onerror=r.onload=null,clearTimeout(l);var v=a[e];if(delete a[e],r.parentNode&&r.parentNode.removeChild(r),v&&v.forEach((e=>e(c))),d)return d(c)},l=setTimeout(i.bind(null,void 0,{type:"timeout",target:r}),12e4);r.onerror=i.bind(null,r.onerror),r.onload=i.bind(null,r.onload),t&&document.head.appendChild(r)}},b.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},b.p="/",(()=>{var e={523:0,7633:0};b.f.j=(a,d)=>{var c=b.o(e,a)?e[a]:void 0;if(0!==c)if(c)d.push(c[2]);else if(/^(52|763)3$/.test(a))e[a]=0;else{var v=new Promise(((d,v)=>c=e[a]=[d,v]));d.push(c[2]=v);var f=b.p+b.u(a),r=new Error;b.l(f,(d=>{if(b.o(e,a)&&(0!==(c=e[a])&&(e[a]=void 0),c)){var v=d&&("load"===d.type?"missing":d.type),f=d&&d.target&&d.target.src;r.message="Loading chunk "+a+" failed.\n("+v+": "+f+")",r.name="ChunkLoadError",r.type=v,r.request=f,c[1](r)}}),"chunk-"+a,a)}},b.O.j=a=>0===e[a];var a=(a,d)=>{var c,v,[f,r,t]=d,o=0;if(f.some((a=>0!==e[a]))){for(c in r)b.o(r,c)&&(b.m[c]=r[c]);if(t)var n=t(b)}for(a&&a(d);o{"use strict";var e,a,d,c={},v={};function b(e){var a=v[e];if(void 0!==a)return a.exports;var d=v[e]={exports:{}};return c[e].call(d.exports,d,d.exports,b),d.exports}b.m=c,e=[],b.O=(a,d,c,v)=>{if(!d){var f=1/0;for(n=0;n=v)&&Object.keys(b.O).every((e=>b.O[e](d[t])))?d.splice(t--,1):(r=!1,v0&&e[n-1][2]>v;n--)e[n]=e[n-1];e[n]=[d,c,v]},b.d=(e,a)=>{for(var d in a)b.o(a,d)&&!b.o(e,d)&&Object.defineProperty(e,d,{enumerable:!0,get:a[d]})},b.f={},b.e=e=>Promise.all(Object.keys(b.f).reduce(((a,d)=>(b.f[d](e,a),a)),[])),b.u=e=>"assets/js/"+({59:"v-13168a21",88:"v-3706649a",152:"v-61e7eea6",196:"v-2f29e106",202:"v-617f0fcf",224:"v-5c48c82b",322:"v-0da7880a",346:"v-e979b848",373:"v-c6b4b59e",404:"v-439608b6",569:"v-7f6279d8",683:"v-f91d64d6",735:"v-41f9c00e",788:"v-76b9a0f3",944:"v-f5341aec",966:"v-726d0633",1050:"v-b50d2334",1067:"v-5797bdb3",1138:"v-7689d7f3",1195:"v-05ddc65d",1232:"v-430c6ab8",1241:"v-930ac920",1259:"v-749ad71a",1327:"v-1ee591a8",1381:"v-6d39b970",1393:"v-2877542a",1605:"v-0e5d7b39",1783:"v-2367d756",1833:"v-3f09dc7e",1835:"v-7e21d6ae",1888:"v-192a19b9",1941:"v-a001cfa6",1992:"v-2b1adf48",2015:"v-70677432",2017:"v-3167b1dd",2109:"v-7efb7c68",2243:"v-208ca3b9",2261:"v-c0bbf696",2385:"v-51a51d87",2475:"v-8cc24480",2504:"v-f7496066",2509:"v-8daa1a0e",2547:"v-12a33bee",2578:"v-789ba80e",2759:"v-802a842a",2887:"v-4458f72a",2927:"v-f88d343e",2946:"v-d68f7d58",3091:"v-255a6ebf",3127:"v-29995cea",3177:"v-110dd688",3430:"v-da623318",3446:"v-16426d1a",3468:"v-fb444906",3651:"v-fb92e8aa",3737:"v-167afaac",3745:"v-33b1b709",3767:"v-0d714d87",3775:"v-4ca6f1ca",3778:"v-516476d4",3818:"v-3eb3e9c6",3834:"v-773d731c",3835:"v-2d0a870d",3866:"v-46333b48",3902:"v-6a9e8054",3907:"v-27001935",3994:"v-1d860c29",4023:"v-79d41176",4316:"v-29188644",4339:"v-4bbe1d5a",4376:"v-565dbfc4",4457:"v-86ee963a",4473:"v-fa6d716e",4507:"v-1c38292a",4732:"v-4492d567",4746:"v-d190d938",4922:"v-a75683b8",5062:"v-0fbd1336",5073:"v-4d046016",5135:"v-775db7b1",5151:"v-7d2b8478",5170:"v-e3dfff38",5372:"v-8f08dbec",5500:"v-3fc98845",5531:"v-2c6058d4",5605:"v-ba934fd8",5650:"v-95e3eaea",5656:"v-b0030f00",5745:"v-5b6477cc",5890:"v-1ff57bba",6018:"v-02956db7",6214:"v-1c17916e",6271:"v-fdd722ac",6280:"v-21b30c3f",6416:"v-fb774212",6447:"v-e533e2c6",6448:"v-b7760e2c",6499:"v-94110980",6515:"v-b21a2a20",6550:"v-a60f016c",6553:"v-7b293e4a",6665:"v-6e50feb6",6765:"v-789ba7ef",6907:"v-23fbd2d0",6940:"v-d3712ade",6971:"v-5ab92300",7e3:"v-4c013f47",7021:"v-03a28284",7147:"v-278039be",7186:"v-1a7f9d6e",7322:"v-9520f392",7371:"v-593408b0",7578:"v-36b1a79b",7625:"v-2aeb21f9",7693:"v-09a64f89",7858:"v-1e465ab0",7964:"v-a0c7f88e",7975:"v-22b35270",8015:"v-aad48c6a",8028:"v-41ade9da",8064:"v-45144c7f",8140:"v-268cd669",8169:"v-5254cbc6",8225:"v-789ba82d",8282:"v-c425a7d4",8284:"v-f1802e66",8286:"v-4ebec35a",8334:"v-6e6c37e6",8403:"v-3eb62514",8424:"v-15f5452a",8444:"v-21bccd79",8488:"v-5de780d0",8512:"v-86586ca2",8529:"v-1080fb37",8551:"v-72afc2d2",8628:"v-3acf20ea",8662:"v-f555fc02",8741:"v-338bc63e",8750:"v-a0627812",8800:"v-d76e893a",8813:"v-7d61a872",8941:"v-3f09dcbc",8945:"v-075f3ae5",9027:"v-0d0e1e92",9046:"v-2b7ec525",9115:"v-38c376c1",9139:"v-c579975c",9193:"v-2a1b3d72",9218:"v-31b7756a",9238:"v-38d56a07",9279:"v-e35196c2",9324:"v-103b3e5c",9346:"v-717c6376",9372:"v-792e28f8",9393:"v-317fc580",9492:"v-30bd7c12",9549:"v-83dedd38",9685:"v-63077cb6",9691:"v-413cee4b",9789:"v-3f09dcfa",9820:"v-797f8d25",9886:"v-64e47ef4",9915:"v-1f3a890a"}[e]||e)+"."+{59:"7de28a1c",88:"b1cdb0d5",152:"c59ccd26",196:"a6d9aecc",202:"114f7c85",224:"f57ce8ad",322:"309e1a23",346:"d0c9eaff",360:"b61d0db3",373:"4cf2db6b",404:"6db0b3ba",569:"f98661ed",683:"d09a4ca0",735:"b2b23b56",762:"d4c11846",788:"4f53ab38",944:"d4b8a4ad",966:"02d2cbce",1050:"403d53f1",1067:"69e80155",1138:"442f21be",1195:"0573e49d",1232:"eca93439",1241:"09405743",1259:"6b154f8b",1327:"cad85ddd",1381:"bed9c2e1",1393:"98b47489",1605:"6dc84c75",1688:"add8ab54",1783:"ec57eb4e",1833:"d2136118",1835:"3d220453",1888:"fe947817",1941:"055621b2",1992:"493a22d4",2015:"02946697",2017:"aafca19a",2027:"51e15973",2109:"eb13762f",2127:"e2660127",2243:"684ecf88",2244:"4e3371f0",2261:"7aaa75ee",2385:"a05e2624",2475:"80a67613",2504:"8db8e3e9",2509:"ff3ae5dc",2547:"0a1ea57a",2578:"8431376d",2690:"13b02214",2759:"9cb4b968",2887:"84b683d2",2927:"95495425",2946:"5511c740",3091:"dac16046",3127:"6c54e476",3177:"d9e40176",3430:"f130141c",3446:"7d834ce9",3468:"018983d7",3506:"996d535c",3601:"23775d79",3651:"ce15df01",3737:"5ca3833c",3745:"1c2b3301",3767:"75657241",3771:"a7f69d9c",3775:"49ee3088",3778:"c3212283",3818:"6aaae747",3834:"963d2a26",3835:"3904bf48",3866:"28a57792",3902:"a7f90aba",3907:"17c7e0e6",3994:"32ecc051",4023:"ef4779cc",4316:"7d545f95",4339:"43dafbe0",4376:"d7ec89e9",4457:"6d296fec",4473:"779130b8",4507:"632e3a07",4732:"608404b1",4746:"a0c52460",4842:"6475eaf5",4922:"174fff25",5062:"2ee78ec2",5073:"2b48b5c1",5135:"990c1854",5151:"dec68563",5169:"5a599be0",5170:"97486974",5254:"93e54f98",5372:"2a6e19db",5500:"7c5160b3",5531:"dc358c21",5605:"914d9baf",5650:"e597337e",5656:"dbb67e94",5745:"51da579c",5890:"939d1682",6018:"47d31a7e",6046:"3e042245",6214:"e9f0c8a2",6254:"b5737f7a",6271:"a366df7b",6280:"b1c8b018",6284:"be51c3f5",6416:"80c9bd93",6447:"bb8c3a12",6448:"8d4d66f5",6499:"74934351",6515:"385633a4",6550:"4f3d3270",6553:"4d84425d",6637:"79b3ddc6",6665:"6351d11a",6715:"de6e3c04",6765:"d0ef516d",6907:"bb77b05e",6940:"c6c40d02",6971:"83bcb83c",7e3:"d22df217",7021:"c29837cc",7111:"ff580f0b",7147:"b028355d",7186:"0c9a813a",7322:"822d02af",7371:"623aa536",7407:"2d278670",7554:"3bb1f107",7578:"2d9dda9a",7625:"888f68b1",7693:"0a750ea6",7707:"edf51089",7740:"fc07a7f4",7807:"ccad61f3",7858:"bd118600",7964:"f170ea21",7975:"48f12c43",8015:"ad14868b",8028:"3eeda83b",8064:"7e3a75c0",8140:"3c229a98",8169:"62e3a2c0",8189:"e1453d69",8225:"fd02a3c4",8282:"02eea8fa",8284:"a4719b9a",8286:"386a7a8e",8334:"72e10134",8365:"391bcded",8371:"3fb7e2be",8403:"b503a327",8424:"6000f3c8",8444:"2a40686c",8488:"22af6967",8491:"5c0e6024",8512:"ec35ed7f",8529:"a453115e",8551:"cebcc930",8628:"e8899ef4",8653:"9a467791",8662:"3e54f28e",8687:"93dc6fcc",8741:"4ae84b24",8750:"049dc2b9",8800:"bd4bc71a",8813:"374f9ab1",8941:"b6cb0055",8945:"02886898",9027:"e9632a44",9046:"80af15d7",9115:"98277fd3",9139:"d1dcad90",9193:"e53a615a",9218:"e180265b",9238:"8e9c4e7f",9279:"44b92c1a",9324:"c15d48ad",9346:"50ca4d25",9372:"380b1ac7",9393:"75b18a7d",9469:"7cf8eb86",9492:"cb9eff15",9549:"8f68e555",9685:"77e150c2",9691:"aa0d3ed6",9789:"caa53068",9816:"24ff0543",9820:"8f2a77f7",9886:"a86d3906",9915:"549b673b"}[e]+".js",b.miniCssF=e=>"assets/css/styles.f4ef6178.css",b.o=(e,a)=>Object.prototype.hasOwnProperty.call(e,a),a={},d="Xray-docs-next:",b.l=(e,c,v,f)=>{if(a[e])a[e].push(c);else{var r,t;if(void 0!==v)for(var o=document.getElementsByTagName("script"),n=0;n{r.onerror=r.onload=null,clearTimeout(l);var v=a[e];if(delete a[e],r.parentNode&&r.parentNode.removeChild(r),v&&v.forEach((e=>e(c))),d)return d(c)},l=setTimeout(i.bind(null,void 0,{type:"timeout",target:r}),12e4);r.onerror=i.bind(null,r.onerror),r.onload=i.bind(null,r.onload),t&&document.head.appendChild(r)}},b.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},b.p="/",(()=>{var e={523:0,7633:0};b.f.j=(a,d)=>{var c=b.o(e,a)?e[a]:void 0;if(0!==c)if(c)d.push(c[2]);else if(/^(52|763)3$/.test(a))e[a]=0;else{var v=new Promise(((d,v)=>c=e[a]=[d,v]));d.push(c[2]=v);var f=b.p+b.u(a),r=new Error;b.l(f,(d=>{if(b.o(e,a)&&(0!==(c=e[a])&&(e[a]=void 0),c)){var v=d&&("load"===d.type?"missing":d.type),f=d&&d.target&&d.target.src;r.message="Loading chunk "+a+" failed.\n("+v+": "+f+")",r.name="ChunkLoadError",r.type=v,r.request=f,c[1](r)}}),"chunk-"+a,a)}},b.O.j=a=>0===e[a];var a=(a,d)=>{var c,v,[f,r,t]=d,o=0;if(f.some((a=>0!==e[a]))){for(c in r)b.o(r,c)&&(b.m[c]=r[c]);if(t)var n=t(b)}for(a&&a(d);o{l.r(r),l.d(r,{data:()=>a});const a={key:"v-0e5d7b39",path:"/document/install.html",title:"下载安装",lang:"zh-CN",frontmatter:{},excerpt:"",headers:[{level:2,title:"平台支持",slug:"平台支持",children:[]},{level:2,title:"下载 Xray",slug:"下载-xray",children:[]},{level:2,title:"验证安装包",slug:"验证安装包",children:[]},{level:2,title:"Windows 安装方式",slug:"windows-安装方式",children:[]},{level:2,title:"macOS 安装方式",slug:"macos-安装方式",children:[]},{level:2,title:"Linux 安装方式",slug:"linux-安装方式",children:[{level:3,title:"安装脚本",slug:"安装脚本",children:[]},{level:3,title:"Arch Linux",slug:"arch-linux",children:[]},{level:3,title:"Linuxbrew",slug:"linuxbrew",children:[]},{level:3,title:"Debian",slug:"debian",children:[]},{level:3,title:"Gentoo",slug:"gentoo",children:[]}]},{level:2,title:"Docker 安装方式",slug:"docker-安装方式",children:[{level:3,title:"Docker image 的文件结构",slug:"docker-image-的文件结构",children:[]}]}],filePathRelative:"document/install.md",git:{updatedTime:1699098917e3,contributors:[{name:"JimhHan",email:"50871214+JimhHan@users.noreply.github.com",commits:3},{name:"JuanCC",email:"72336775+JuanCldCmt@users.noreply.github.com",commits:1},{name:"Kobe Arthur Scofield",email:"kobearthurxc@outlook.com",commits:1},{name:"rootmelo92118",email:"32770959+rootmelo92118@users.noreply.github.com",commits:1},{name:"yuhan6665",email:"1588741+yuhan6665@users.noreply.github.com",commits:1},{name:"zyzh0",email:"18255331+zyzh2002@users.noreply.github.com",commits:1},{name:"秋のかえで",email:"autmaple@protonmail.com",commits:1}]}}},40786:(e,r,l)=>{l.r(r),l.d(r,{default:()=>Vr});var a=l(66252);const n=(0,a.uE)('

下载安装

平台支持

Xray 在以下平台中可用:

  • Windows 7 及之后版本(x86 / amd64 / arm32 / arm64);
  • macOS 10.10 Yosemite 及之后版本(amd64 / arm64);
  • Linux 2.6.23 及之后版本(x86 / amd64 / arm / arm64 / mips64 / mips / ppc64 / s390x / riscv64);
    • 包括但不限于 Debian 7 / 8、Ubuntu 12.04 / 14.04 及后续版本、CentOS 7 / 8、Arch Linux 等;
  • FreeBSD (x86 / amd64);
  • OpenBSD (x86 / amd64);
  • Dragonfly BSD (amd64);

下载 Xray

',5),t=(0,a.Uk)("预编译的二进制 ZIP 格式压缩包可在 "),o={href:"https://github.com/xtls/Xray-core/releases",target:"_blank",rel:"noopener noreferrer"},i=(0,a.Uk)("Github Releases"),h=(0,a.Uk)(" 中找到。"),u=(0,a._)("p",null,"下载对应平台的压缩包,解压后即可使用。",-1),s=(0,a._)("h2",{id:"验证安装包",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#验证安装包","aria-hidden":"true"},"#"),(0,a.Uk)(" 验证安装包")],-1),c=(0,a._)("p",null,"Xray 提供两种验证方式:",-1),_=(0,a._)("li",null,"ZIP 压缩包的 SHA1 / SHA256 摘要",-1),d=(0,a.Uk)("可复现构建:请参照 "),m=(0,a.Uk)("编译 Xray"),k=(0,a._)("h2",{id:"windows-安装方式",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#windows-安装方式","aria-hidden":"true"},"#"),(0,a.Uk)(" Windows 安装方式")],-1),p=(0,a.Uk)("在 "),b={href:"https://github.com/xtls/Xray-core/releases",target:"_blank",rel:"noopener noreferrer"},g=(0,a.Uk)("Github Releases"),f=(0,a.Uk)(" 下载适用于 Windows 平台的 ZIP 压缩包,解压后可得到可执行文件 "),y=(0,a._)("code",null,"xray.exe",-1),U=(0,a.Uk)(" ,然后"),x=(0,a._)("a",{href:"./command"},"通过命令行带参数运行",-1),W=(0,a.Uk)(" 即可"),w=(0,a.Uk)("通过 "),v={href:"https://scoop.sh",target:"_blank",rel:"noopener noreferrer"},X=(0,a.Uk)("Scoop"),S=(0,a.Uk)(" 包管理器安装:Xray 已经被添加到 "),A={href:"https://github.com/Qv2ray/mochi",target:"_blank",rel:"noopener noreferrer"},C=(0,a.Uk)("Mochi"),D=(0,a.Uk)("。"),N=(0,a._)("h2",{id:"macos-安装方式",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#macos-安装方式","aria-hidden":"true"},"#"),(0,a.Uk)(" macOS 安装方式")],-1),O=(0,a.Uk)("在 "),L={href:"https://github.com/xtls/Xray-core/releases",target:"_blank",rel:"noopener noreferrer"},R=(0,a.Uk)("Github Releases"),P=(0,a.Uk)(" 下载适用于 macOS 平台的 ZIP 压缩包,解压后可得到可执行文件 "),H=(0,a._)("code",null,"xray",-1),M=(0,a.Uk)(" ,然后"),z=(0,a.Uk)("通过命令行带参数运行"),G=(0,a.Uk)(" 即可"),I=(0,a.Uk)("通过 "),F={href:"https://brew.sh",target:"_blank",rel:"noopener noreferrer"},J=(0,a.Uk)("Homebrew"),Q=(0,a.Uk)(" 包管理器安装:"),K=(0,a._)("code",null,"brew install xray",-1),j={href:"https://github.com/N4FA/homebrew-xray",target:"_blank",rel:"noopener noreferrer"},B=(0,a.Uk)("homebrew-xray"),T=(0,a.Uk)(" 感谢"),Z={href:"https://github.com/N4FA",target:"_blank",rel:"noopener noreferrer"},E=(0,a.Uk)("@N4FA"),V=(0,a._)("h2",{id:"linux-安装方式",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#linux-安装方式","aria-hidden":"true"},"#"),(0,a.Uk)(" Linux 安装方式")],-1),Y=(0,a._)("h3",{id:"安装脚本",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#安装脚本","aria-hidden":"true"},"#"),(0,a.Uk)(" 安装脚本")],-1),q=(0,a._)("p",null,"Linux Script",-1),$={href:"https://github.com/XTLS/Xray-install",target:"_blank",rel:"noopener noreferrer"},ee=(0,a.Uk)("Xray-install"),re=(0,a._)("p",null,"One Click",-1),le={href:"https://github.com/kirin10000/Xray-script",target:"_blank",rel:"noopener noreferrer"},ae=(0,a.Uk)("Xray-script"),ne={href:"https://github.com/proxysu/ProxySU",target:"_blank",rel:"noopener noreferrer"},te=(0,a.Uk)("ProxySU"),oe={href:"https://github.com/reeceyng/v2ray-agent",target:"_blank",rel:"noopener noreferrer"},ie=(0,a.Uk)("v2ray-agent"),he=(0,a.Uk)(" 感谢"),ue={href:"https://github.com/mack-a",target:"_blank",rel:"noopener noreferrer"},se=(0,a.Uk)("@mack-a"),ce=(0,a.Uk)(),_e={href:"https://github.com/reeceyng",target:"_blank",rel:"noopener noreferrer"},de=(0,a.Uk)("@Reece"),me={href:"https://github.com/jiuqi9997/Xray-yes",target:"_blank",rel:"noopener noreferrer"},ke=(0,a.Uk)("Xray-yes"),pe={href:"https://github.com/wulabing/Xray_onekey",target:"_blank",rel:"noopener noreferrer"},be=(0,a.Uk)("Xray-onekey"),ge=(0,a._)("p",null,"Magisk",-1),fe={href:"https://github.com/CerteKim/Xray4Magisk",target:"_blank",rel:"noopener noreferrer"},ye=(0,a.Uk)("Xray4Magisk"),Ue={href:"https://github.com/E7KMbb/Xray_For_Magisk",target:"_blank",rel:"noopener noreferrer"},xe=(0,a.Uk)("Xray_For_Magisk"),We=(0,a._)("h3",{id:"arch-linux",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#arch-linux","aria-hidden":"true"},"#"),(0,a.Uk)(" Arch Linux")],-1),we=(0,a._)("h4",{id:"arch-user-repository",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#arch-user-repository","aria-hidden":"true"},"#"),(0,a.Uk)(" Arch User Repository")],-1),ve=(0,a.Uk)("需要使用 "),Xe={href:"https://wiki.archlinux.org/index.php/AUR_helpers",target:"_blank",rel:"noopener noreferrer"},Se=(0,a.Uk)("AUR helpers"),Ae=(0,a.Uk)(",以 "),Ce={href:"https://github.com/Jguer/yay",target:"_blank",rel:"noopener noreferrer"},De=(0,a.Uk)("yay"),Ne=(0,a.Uk)(" 为例,可通过 "),Oe=(0,a._)("code",null,"yay -S xray",-1),Le=(0,a.Uk)(" 安装。"),Re=(0,a._)("h4",{id:"arch-linux-cn",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#arch-linux-cn","aria-hidden":"true"},"#"),(0,a.Uk)(" Arch Linux CN")],-1),Pe=(0,a.Uk)("首先添加 "),He={href:"https://www.archlinuxcn.org/archlinux-cn-repo-and-mirror/",target:"_blank",rel:"noopener noreferrer"},Me=(0,a.Uk)("Arch Linux CN 仓库"),ze=(0,a.Uk)(",然后在 root 用户下使用 "),Ge=(0,a._)("code",null,"pacman -S xray",-1),Ie=(0,a.Uk)(" 安装。"),Fe=(0,a._)("h3",{id:"linuxbrew",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#linuxbrew","aria-hidden":"true"},"#"),(0,a.Uk)(" Linuxbrew")],-1),Je=(0,a._)("p",null,[(0,a.Uk)("Linuxbrew 包管理器的使用方式与 Homebrew 一致:"),(0,a._)("code",null,"brew install xray")],-1),Qe={id:"debian",tabindex:"-1"},Ke=(0,a._)("a",{class:"header-anchor",href:"#debian","aria-hidden":"true"},"#",-1),je=(0,a.Uk)(" Debian "),Be=(0,a._)("h3",{id:"gentoo",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#gentoo","aria-hidden":"true"},"#"),(0,a.Uk)(" Gentoo")],-1),Te=(0,a._)("p",null,"目前有三个第三方 Overlay 提供 Portage 安装脚本:",-1),Ze={href:"https://github.com/gentoo-mirror/touchfish-os/tree/master/net-proxy/Xray",target:"_blank",rel:"noopener noreferrer"},Ee=(0,a.Uk)("CHN-beta/touchfish-os"),Ve=(0,a.Uk)(": 个人维护,适用于 systemD 系统"),Ye={href:"https://github.com/microcai/gentoo-zh",target:"_blank",rel:"noopener noreferrer"},qe=(0,a.Uk)("Gentoo-zh"),$e=(0,a.Uk)(": 社区维护,适用于 systemD 系统"),er={href:"https://github.com/JuanCldCmt/Xray-Overlay",target:"_blank",rel:"noopener noreferrer"},rr=(0,a.Uk)("JuanCldCmt/Xray-Overlay"),lr=(0,a.Uk)(":个人维护,适用于 openRC 系统,同时使用 xray 用户组运行以提高安全性"),ar=(0,a._)("p",null,"使用 layman 或 eselect-repository 添加 Overlay 至本地,然后即可安装。",-1),nr=(0,a._)("h2",{id:"docker-安装方式",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#docker-安装方式","aria-hidden":"true"},"#"),(0,a.Uk)(" Docker 安装方式")],-1),tr={href:"https://hub.docker.com/r/teddysun/xray",target:"_blank",rel:"noopener noreferrer"},or=(0,a.Uk)("teddysun/xray"),ir=(0,a.uE)('

Docker image 的文件结构

  • /etc/xray/config.json:配置文件
  • /usr/bin/xray:Xray 主程序
  • /usr/share/xray/geoip.dat:IP 数据文件
  • /usr/share/xray/geosite.dat:域名数据文件

图形化客户端

',3),hr=(0,a.Uk)("OpenWrt "),ur={href:"https://github.com/xiaorouji/openwrt-passwall",target:"_blank",rel:"noopener noreferrer"},sr=(0,a.Uk)("PassWall"),cr={href:"https://github.com/jerrykuku/luci-app-vssr",target:"_blank",rel:"noopener noreferrer"},_r=(0,a.Uk)("Hello World"),dr={href:"https://github.com/fw876/helloworld",target:"_blank",rel:"noopener noreferrer"},mr=(0,a.Uk)("ShadowSocksR Plus+"),kr={href:"https://github.com/yichya/luci-app-xray",target:"_blank",rel:"noopener noreferrer"},pr=(0,a.Uk)("luci-app-xray"),br=(0,a.Uk)(" ("),gr={href:"https://github.com/yichya/openwrt-xray",target:"_blank",rel:"noopener noreferrer"},fr=(0,a.Uk)("openwrt-xray"),yr=(0,a.Uk)(")"),Ur=(0,a.Uk)("Windows "),xr={href:"https://github.com/2dust/v2rayN",target:"_blank",rel:"noopener noreferrer"},Wr=(0,a.Uk)("v2rayN"),wr={href:"https://github.com/Qv2ray/Qv2ray",target:"_blank",rel:"noopener noreferrer"},vr=(0,a.Uk)("Qv2ray"),Xr=(0,a.Uk)(" (该项目已冻结存档)"),Sr={href:"https://github.com/NetchX/Netch",target:"_blank",rel:"noopener noreferrer"},Ar=(0,a.Uk)("Netch (NetFilter & TUN/TAP)"),Cr=(0,a.Uk)(" (该项目已冻结存档)"),Dr=(0,a.Uk)("Android "),Nr={href:"https://github.com/2dust/v2rayNG",target:"_blank",rel:"noopener noreferrer"},Or=(0,a.Uk)("v2rayNG"),Lr={href:"https://github.com/rurirei/Kitsunebi/tree/release_xtls",target:"_blank",rel:"noopener noreferrer"},Rr=(0,a.Uk)("Kitsunebi"),Pr=(0,a.Uk)("iOS / macOS(使用 ARM 芯片) "),Hr={href:"https://apps.apple.com/app/shadowrocket/id932747118",target:"_blank",rel:"noopener noreferrer"},Mr=(0,a.Uk)("Shadowrocket"),zr={href:"https://apps.apple.com/app/stash/id1596063349",target:"_blank",rel:"noopener noreferrer"},Gr=(0,a.Uk)("Stash"),Ir=(0,a.Uk)("macOS(X86 芯片 / ARM 芯片) "),Fr={href:"https://github.com/Qv2ray/Qv2ray",target:"_blank",rel:"noopener noreferrer"},Jr=(0,a.Uk)("Qv2ray"),Qr=(0,a.Uk)(" (该项目已冻结存档)"),Kr={href:"https://github.com/tzmax/V2RayXS",target:"_blank",rel:"noopener noreferrer"},jr=(0,a.Uk)("V2RayXS"),Br=(0,a._)("h1",{id:"uuid-生成器",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#uuid-生成器","aria-hidden":"true"},"#"),(0,a.Uk)(" UUID 生成器")],-1),Tr=(0,a.Uk)("第三方的 UUID 生成器 "),Zr={href:"https://www.uuidgenerator.net",target:"_blank",rel:"noopener noreferrer"},Er=(0,a.Uk)("uuidgenerator.net"),Vr={render:function(e,r){const l=(0,a.up)("OutboundLink"),Vr=(0,a.up)("RouterLink"),Yr=(0,a.up)("Badge");return(0,a.wg)(),(0,a.iD)(a.HY,null,[n,(0,a._)("p",null,[t,(0,a._)("a",o,[i,(0,a.Wm)(l)]),h]),u,s,c,(0,a._)("ul",null,[_,(0,a._)("li",null,[d,(0,a.Wm)(Vr,{to:"/development/intro/compile.html"},{default:(0,a.w5)((()=>[m])),_:1})])]),k,(0,a._)("ul",null,[(0,a._)("li",null,[p,(0,a._)("a",b,[g,(0,a.Wm)(l)]),f,y,U,x,W]),(0,a._)("li",null,[w,(0,a._)("a",v,[X,(0,a.Wm)(l)]),S,(0,a._)("a",A,[C,(0,a.Wm)(l)]),D])]),N,(0,a._)("ul",null,[(0,a._)("li",null,[O,(0,a._)("a",L,[R,(0,a.Wm)(l)]),P,H,M,(0,a.Wm)(Vr,{to:"/document/command.html"},{default:(0,a.w5)((()=>[z])),_:1}),G]),(0,a._)("li",null,[I,(0,a._)("a",F,[J,(0,a.Wm)(l)]),Q,K]),(0,a._)("li",null,[(0,a._)("a",j,[B,(0,a.Wm)(l)]),T,(0,a._)("a",Z,[E,(0,a.Wm)(l)])])]),V,Y,(0,a._)("ul",null,[(0,a._)("li",null,[q,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",$,[ee,(0,a.Wm)(l)])])])])]),(0,a._)("ul",null,[(0,a._)("li",null,[re,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",le,[ae,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",ne,[te,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",oe,[ie,(0,a.Wm)(l)]),he,(0,a._)("a",ue,[se,(0,a.Wm)(l)]),ce,(0,a._)("a",_e,[de,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",me,[ke,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",pe,[be,(0,a.Wm)(l)])])])]),(0,a._)("li",null,[ge,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",fe,[ye,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",Ue,[xe,(0,a.Wm)(l)])])])])]),We,we,(0,a._)("p",null,[ve,(0,a._)("a",Xe,[Se,(0,a.Wm)(l)]),Ae,(0,a._)("a",Ce,[De,(0,a.Wm)(l)]),Ne,Oe,Le]),Re,(0,a._)("p",null,[Pe,(0,a._)("a",He,[Me,(0,a.Wm)(l)]),ze,Ge,Ie]),Fe,Je,(0,a._)("h3",Qe,[Ke,je,(0,a.Wm)(Yr,{text:"WIP",type:"warning"})]),Be,Te,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",Ze,[Ee,(0,a.Wm)(l)]),Ve]),(0,a._)("li",null,[(0,a._)("a",Ye,[qe,(0,a.Wm)(l)]),$e]),(0,a._)("li",null,[(0,a._)("a",er,[rr,(0,a.Wm)(l)]),lr])]),ar,nr,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",tr,[or,(0,a.Wm)(l)])])]),ir,(0,a._)("ul",null,[(0,a._)("li",null,[hr,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",ur,[sr,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",cr,[_r,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",dr,[mr,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",kr,[pr,(0,a.Wm)(l)]),br,(0,a._)("a",gr,[fr,(0,a.Wm)(l)]),yr])])]),(0,a._)("li",null,[Ur,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",xr,[Wr,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",wr,[vr,(0,a.Wm)(l)]),Xr]),(0,a._)("li",null,[(0,a._)("a",Sr,[Ar,(0,a.Wm)(l)]),Cr])])]),(0,a._)("li",null,[Dr,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",Nr,[Or,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",Lr,[Rr,(0,a.Wm)(l)])])])]),(0,a._)("li",null,[Pr,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",Hr,[Mr,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",zr,[Gr,(0,a.Wm)(l)])])])]),(0,a._)("li",null,[Ir,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",Fr,[Jr,(0,a.Wm)(l)]),Qr]),(0,a._)("li",null,[(0,a._)("a",Kr,[jr,(0,a.Wm)(l)])])])])]),Br,(0,a._)("p",null,[Tr,(0,a._)("a",Zr,[Er,(0,a.Wm)(l)])])],64)}}}}]); \ No newline at end of file diff --git a/assets/js/v-0e5d7b39.a997e4d6.js b/assets/js/v-0e5d7b39.a997e4d6.js deleted file mode 100644 index 848325c287..0000000000 --- a/assets/js/v-0e5d7b39.a997e4d6.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkXray_docs_next=self.webpackChunkXray_docs_next||[]).push([[1605],{3910:(e,r,l)=>{l.r(r),l.d(r,{data:()=>a});const a={key:"v-0e5d7b39",path:"/document/install.html",title:"下载安装",lang:"zh-CN",frontmatter:{},excerpt:"",headers:[{level:2,title:"平台支持",slug:"平台支持",children:[]},{level:2,title:"下载 Xray",slug:"下载-xray",children:[]},{level:2,title:"验证安装包",slug:"验证安装包",children:[]},{level:2,title:"Windows 安装方式",slug:"windows-安装方式",children:[]},{level:2,title:"macOS 安装方式",slug:"macos-安装方式",children:[]},{level:2,title:"Linux 安装方式",slug:"linux-安装方式",children:[{level:3,title:"安装脚本",slug:"安装脚本",children:[]},{level:3,title:"Arch Linux",slug:"arch-linux",children:[]},{level:3,title:"Linuxbrew",slug:"linuxbrew",children:[]},{level:3,title:"Debian",slug:"debian",children:[]},{level:3,title:"Gentoo",slug:"gentoo",children:[]}]},{level:2,title:"Docker 安装方式",slug:"docker-安装方式",children:[{level:3,title:"Docker image 的文件结构",slug:"docker-image-的文件结构",children:[]}]}],filePathRelative:"document/install.md",git:{updatedTime:1671858407e3,contributors:[{name:"JimhHan",email:"50871214+JimhHan@users.noreply.github.com",commits:3},{name:"JuanCC",email:"72336775+JuanCldCmt@users.noreply.github.com",commits:1},{name:"Kobe Arthur Scofield",email:"kobearthurxc@outlook.com",commits:1},{name:"rootmelo92118",email:"32770959+rootmelo92118@users.noreply.github.com",commits:1},{name:"yuhan6665",email:"1588741+yuhan6665@users.noreply.github.com",commits:1},{name:"秋のかえで",email:"autmaple@protonmail.com",commits:1}]}}},59045:(e,r,l)=>{l.r(r),l.d(r,{default:()=>Vr});var a=l(66252);const n=(0,a.uE)('

下载安装

平台支持

Xray 在以下平台中可用:

  • Windows 7 及之后版本(x86 / amd64 / arm32 / arm64);
  • macOS 10.10 Yosemite 及之后版本(amd64 / arm64);
  • Linux 2.6.23 及之后版本(x86 / amd64 / arm / arm64 / mips64 / mips / ppc64 / s390x / riscv64);
    • 包括但不限于 Debian 7 / 8、Ubuntu 12.04 / 14.04 及后续版本、CentOS 7 / 8、Arch Linux 等;
  • FreeBSD (x86 / amd64);
  • OpenBSD (x86 / amd64);
  • Dragonfly BSD (amd64);

下载 Xray

',5),t=(0,a.Uk)("预编译的二进制 ZIP 格式压缩包可在 "),o={href:"https://github.com/xtls/Xray-core/releases",target:"_blank",rel:"noopener noreferrer"},i=(0,a.Uk)("Github Releases"),h=(0,a.Uk)(" 中找到。"),u=(0,a._)("p",null,"下载对应平台的压缩包,解压后即可使用。",-1),s=(0,a._)("h2",{id:"验证安装包",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#验证安装包","aria-hidden":"true"},"#"),(0,a.Uk)(" 验证安装包")],-1),c=(0,a._)("p",null,"Xray 提供两种验证方式:",-1),_=(0,a._)("li",null,"ZIP 压缩包的 SHA1 / SHA256 摘要",-1),d=(0,a.Uk)("可复现构建:请参照 "),m=(0,a.Uk)("编译 Xray"),k=(0,a._)("h2",{id:"windows-安装方式",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#windows-安装方式","aria-hidden":"true"},"#"),(0,a.Uk)(" Windows 安装方式")],-1),p=(0,a.Uk)("在 "),b={href:"https://github.com/xtls/Xray-core/releases",target:"_blank",rel:"noopener noreferrer"},g=(0,a.Uk)("Github Releases"),f=(0,a.Uk)(" 下载适用于 Windows 平台的 ZIP 压缩包,解压后可得到可执行文件 "),y=(0,a._)("code",null,"xray.exe",-1),U=(0,a.Uk)(" ,然后"),x=(0,a._)("a",{href:"./command"},"通过命令行带参数运行",-1),W=(0,a.Uk)(" 即可"),w=(0,a.Uk)("通过 "),v={href:"https://scoop.sh",target:"_blank",rel:"noopener noreferrer"},X=(0,a.Uk)("Scoop"),S=(0,a.Uk)(" 包管理器安装:Xray 已经被添加到 "),A={href:"https://github.com/Qv2ray/mochi",target:"_blank",rel:"noopener noreferrer"},C=(0,a.Uk)("Mochi"),D=(0,a.Uk)("。"),N=(0,a._)("h2",{id:"macos-安装方式",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#macos-安装方式","aria-hidden":"true"},"#"),(0,a.Uk)(" macOS 安装方式")],-1),O=(0,a.Uk)("在 "),L={href:"https://github.com/xtls/Xray-core/releases",target:"_blank",rel:"noopener noreferrer"},R=(0,a.Uk)("Github Releases"),P=(0,a.Uk)(" 下载适用于 macOS 平台的 ZIP 压缩包,解压后可得到可执行文件 "),H=(0,a._)("code",null,"xray",-1),M=(0,a.Uk)(" ,然后"),G=(0,a.Uk)("通过命令行带参数运行"),I=(0,a.Uk)(" 即可"),F=(0,a.Uk)("通过 "),J={href:"https://brew.sh",target:"_blank",rel:"noopener noreferrer"},Q=(0,a.Uk)("Homebrew"),K=(0,a.Uk)(" 包管理器安装:"),j=(0,a._)("code",null,"brew install xray",-1),z={href:"https://github.com/N4FA/homebrew-xray",target:"_blank",rel:"noopener noreferrer"},B=(0,a.Uk)("homebrew-xray"),T=(0,a.Uk)(" 感谢"),Z={href:"https://github.com/N4FA",target:"_blank",rel:"noopener noreferrer"},E=(0,a.Uk)("@N4FA"),V=(0,a._)("h2",{id:"linux-安装方式",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#linux-安装方式","aria-hidden":"true"},"#"),(0,a.Uk)(" Linux 安装方式")],-1),Y=(0,a._)("h3",{id:"安装脚本",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#安装脚本","aria-hidden":"true"},"#"),(0,a.Uk)(" 安装脚本")],-1),q=(0,a._)("p",null,"Linux Script",-1),$={href:"https://github.com/XTLS/Xray-install",target:"_blank",rel:"noopener noreferrer"},ee=(0,a.Uk)("Xray-install"),re=(0,a._)("p",null,"One Click",-1),le={href:"https://github.com/kirin10000/Xray-script",target:"_blank",rel:"noopener noreferrer"},ae=(0,a.Uk)("Xray-script"),ne={href:"https://github.com/proxysu/ProxySU",target:"_blank",rel:"noopener noreferrer"},te=(0,a.Uk)("ProxySU"),oe={href:"https://github.com/reeceyng/v2ray-agent",target:"_blank",rel:"noopener noreferrer"},ie=(0,a.Uk)("v2ray-agent"),he=(0,a.Uk)(" 感谢"),ue={href:"https://github.com/mack-a",target:"_blank",rel:"noopener noreferrer"},se=(0,a.Uk)("@mack-a"),ce=(0,a.Uk)(),_e={href:"https://github.com/reeceyng",target:"_blank",rel:"noopener noreferrer"},de=(0,a.Uk)("@Reece"),me={href:"https://github.com/jiuqi9997/Xray-yes",target:"_blank",rel:"noopener noreferrer"},ke=(0,a.Uk)("Xray-yes"),pe={href:"https://github.com/wulabing/Xray_onekey",target:"_blank",rel:"noopener noreferrer"},be=(0,a.Uk)("Xray-onekey"),ge=(0,a._)("p",null,"Magisk",-1),fe={href:"https://github.com/CerteKim/Xray4Magisk",target:"_blank",rel:"noopener noreferrer"},ye=(0,a.Uk)("Xray4Magisk"),Ue={href:"https://github.com/E7KMbb/Xray_For_Magisk",target:"_blank",rel:"noopener noreferrer"},xe=(0,a.Uk)("Xray_For_Magisk"),We=(0,a._)("h3",{id:"arch-linux",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#arch-linux","aria-hidden":"true"},"#"),(0,a.Uk)(" Arch Linux")],-1),we=(0,a._)("h4",{id:"arch-user-repository",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#arch-user-repository","aria-hidden":"true"},"#"),(0,a.Uk)(" Arch User Repository")],-1),ve=(0,a.Uk)("需要使用 "),Xe={href:"https://wiki.archlinux.org/index.php/AUR_helpers",target:"_blank",rel:"noopener noreferrer"},Se=(0,a.Uk)("AUR helpers"),Ae=(0,a.Uk)(",以 "),Ce={href:"https://github.com/Jguer/yay",target:"_blank",rel:"noopener noreferrer"},De=(0,a.Uk)("yay"),Ne=(0,a.Uk)(" 为例,可通过 "),Oe=(0,a._)("code",null,"yay -S xray",-1),Le=(0,a.Uk)(" 安装。"),Re=(0,a._)("h4",{id:"arch-linux-cn",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#arch-linux-cn","aria-hidden":"true"},"#"),(0,a.Uk)(" Arch Linux CN")],-1),Pe=(0,a.Uk)("首先添加 "),He={href:"https://www.archlinuxcn.org/archlinux-cn-repo-and-mirror/",target:"_blank",rel:"noopener noreferrer"},Me=(0,a.Uk)("Arch Linux CN 仓库"),Ge=(0,a.Uk)(",然后在 root 用户下使用 "),Ie=(0,a._)("code",null,"pacman -S xray",-1),Fe=(0,a.Uk)(" 安装。"),Je=(0,a._)("h3",{id:"linuxbrew",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#linuxbrew","aria-hidden":"true"},"#"),(0,a.Uk)(" Linuxbrew")],-1),Qe=(0,a._)("p",null,[(0,a.Uk)("Linuxbrew 包管理器的使用方式与 Homebrew 一致:"),(0,a._)("code",null,"brew install xray")],-1),Ke={id:"debian",tabindex:"-1"},je=(0,a._)("a",{class:"header-anchor",href:"#debian","aria-hidden":"true"},"#",-1),ze=(0,a.Uk)(" Debian "),Be=(0,a._)("h3",{id:"gentoo",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#gentoo","aria-hidden":"true"},"#"),(0,a.Uk)(" Gentoo")],-1),Te=(0,a._)("p",null,"目前有三个第三方 Overlay 提供 Portage 安装脚本:",-1),Ze={href:"https://github.com/gentoo-mirror/touchfish-os/tree/master/net-proxy/Xray",target:"_blank",rel:"noopener noreferrer"},Ee=(0,a.Uk)("CHN-beta/touchfish-os"),Ve=(0,a.Uk)(": 个人维护,适用于 systemD 系统"),Ye={href:"https://github.com/microcai/gentoo-zh",target:"_blank",rel:"noopener noreferrer"},qe=(0,a.Uk)("Gentoo-zh"),$e=(0,a.Uk)(": 社区维护,适用于 systemD 系统"),er={href:"https://github.com/JuanCldCmt/Xray-Overlay",target:"_blank",rel:"noopener noreferrer"},rr=(0,a.Uk)("JuanCldCmt/Xray-Overlay"),lr=(0,a.Uk)(":个人维护,适用于 openRC 系统,同时使用 xray 用户组运行以提高安全性"),ar=(0,a._)("p",null,"使用 layman 或 eselect-repository 添加 Overlay 至本地,然后即可安装。",-1),nr=(0,a._)("h2",{id:"docker-安装方式",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#docker-安装方式","aria-hidden":"true"},"#"),(0,a.Uk)(" Docker 安装方式")],-1),tr={href:"https://hub.docker.com/r/teddysun/xray",target:"_blank",rel:"noopener noreferrer"},or=(0,a.Uk)("teddysun/xray"),ir=(0,a.uE)('

Docker image 的文件结构

  • /etc/xray/config.json:配置文件
  • /usr/bin/xray:Xray 主程序
  • /usr/local/share/xray/geoip.dat:IP 数据文件
  • /usr/local/share/xray/geosite.dat:域名数据文件

图形化客户端

',3),hr=(0,a.Uk)("OpenWrt "),ur={href:"https://github.com/xiaorouji/openwrt-passwall",target:"_blank",rel:"noopener noreferrer"},sr=(0,a.Uk)("PassWall"),cr={href:"https://github.com/jerrykuku/luci-app-vssr",target:"_blank",rel:"noopener noreferrer"},_r=(0,a.Uk)("Hello World"),dr={href:"https://github.com/fw876/helloworld",target:"_blank",rel:"noopener noreferrer"},mr=(0,a.Uk)("ShadowSocksR Plus+"),kr={href:"https://github.com/yichya/luci-app-xray",target:"_blank",rel:"noopener noreferrer"},pr=(0,a.Uk)("luci-app-xray"),br=(0,a.Uk)(" ("),gr={href:"https://github.com/yichya/openwrt-xray",target:"_blank",rel:"noopener noreferrer"},fr=(0,a.Uk)("openwrt-xray"),yr=(0,a.Uk)(")"),Ur=(0,a.Uk)("Windows "),xr={href:"https://github.com/2dust/v2rayN",target:"_blank",rel:"noopener noreferrer"},Wr=(0,a.Uk)("v2rayN"),wr={href:"https://github.com/Qv2ray/Qv2ray",target:"_blank",rel:"noopener noreferrer"},vr=(0,a.Uk)("Qv2ray"),Xr=(0,a.Uk)(" (该项目已冻结存档)"),Sr={href:"https://github.com/NetchX/Netch",target:"_blank",rel:"noopener noreferrer"},Ar=(0,a.Uk)("Netch (NetFilter & TUN/TAP)"),Cr=(0,a.Uk)(" (该项目已冻结存档)"),Dr=(0,a.Uk)("Android "),Nr={href:"https://github.com/2dust/v2rayNG",target:"_blank",rel:"noopener noreferrer"},Or=(0,a.Uk)("v2rayNG"),Lr={href:"https://github.com/rurirei/Kitsunebi/tree/release_xtls",target:"_blank",rel:"noopener noreferrer"},Rr=(0,a.Uk)("Kitsunebi"),Pr=(0,a.Uk)("iOS / macOS(使用 ARM 芯片) "),Hr={href:"https://apps.apple.com/app/shadowrocket/id932747118",target:"_blank",rel:"noopener noreferrer"},Mr=(0,a.Uk)("Shadowrocket"),Gr={href:"https://apps.apple.com/app/stash/id1596063349",target:"_blank",rel:"noopener noreferrer"},Ir=(0,a.Uk)("Stash"),Fr=(0,a.Uk)("macOS(X86 芯片 / ARM 芯片) "),Jr={href:"https://github.com/Qv2ray/Qv2ray",target:"_blank",rel:"noopener noreferrer"},Qr=(0,a.Uk)("Qv2ray"),Kr=(0,a.Uk)(" (该项目已冻结存档)"),jr={href:"https://github.com/tzmax/V2RayXS",target:"_blank",rel:"noopener noreferrer"},zr=(0,a.Uk)("V2RayXS"),Br=(0,a._)("h1",{id:"uuid-生成器",tabindex:"-1"},[(0,a._)("a",{class:"header-anchor",href:"#uuid-生成器","aria-hidden":"true"},"#"),(0,a.Uk)(" UUID 生成器")],-1),Tr=(0,a.Uk)("第三方的 UUID 生成器 "),Zr={href:"https://www.uuidgenerator.net",target:"_blank",rel:"noopener noreferrer"},Er=(0,a.Uk)("uuidgenerator.net"),Vr={render:function(e,r){const l=(0,a.up)("OutboundLink"),Vr=(0,a.up)("RouterLink"),Yr=(0,a.up)("Badge");return(0,a.wg)(),(0,a.iD)(a.HY,null,[n,(0,a._)("p",null,[t,(0,a._)("a",o,[i,(0,a.Wm)(l)]),h]),u,s,c,(0,a._)("ul",null,[_,(0,a._)("li",null,[d,(0,a.Wm)(Vr,{to:"/development/intro/compile.html"},{default:(0,a.w5)((()=>[m])),_:1})])]),k,(0,a._)("ul",null,[(0,a._)("li",null,[p,(0,a._)("a",b,[g,(0,a.Wm)(l)]),f,y,U,x,W]),(0,a._)("li",null,[w,(0,a._)("a",v,[X,(0,a.Wm)(l)]),S,(0,a._)("a",A,[C,(0,a.Wm)(l)]),D])]),N,(0,a._)("ul",null,[(0,a._)("li",null,[O,(0,a._)("a",L,[R,(0,a.Wm)(l)]),P,H,M,(0,a.Wm)(Vr,{to:"/document/command.html"},{default:(0,a.w5)((()=>[G])),_:1}),I]),(0,a._)("li",null,[F,(0,a._)("a",J,[Q,(0,a.Wm)(l)]),K,j]),(0,a._)("li",null,[(0,a._)("a",z,[B,(0,a.Wm)(l)]),T,(0,a._)("a",Z,[E,(0,a.Wm)(l)])])]),V,Y,(0,a._)("ul",null,[(0,a._)("li",null,[q,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",$,[ee,(0,a.Wm)(l)])])])])]),(0,a._)("ul",null,[(0,a._)("li",null,[re,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",le,[ae,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",ne,[te,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",oe,[ie,(0,a.Wm)(l)]),he,(0,a._)("a",ue,[se,(0,a.Wm)(l)]),ce,(0,a._)("a",_e,[de,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",me,[ke,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",pe,[be,(0,a.Wm)(l)])])])]),(0,a._)("li",null,[ge,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",fe,[ye,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",Ue,[xe,(0,a.Wm)(l)])])])])]),We,we,(0,a._)("p",null,[ve,(0,a._)("a",Xe,[Se,(0,a.Wm)(l)]),Ae,(0,a._)("a",Ce,[De,(0,a.Wm)(l)]),Ne,Oe,Le]),Re,(0,a._)("p",null,[Pe,(0,a._)("a",He,[Me,(0,a.Wm)(l)]),Ge,Ie,Fe]),Je,Qe,(0,a._)("h3",Ke,[je,ze,(0,a.Wm)(Yr,{text:"WIP",type:"warning"})]),Be,Te,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",Ze,[Ee,(0,a.Wm)(l)]),Ve]),(0,a._)("li",null,[(0,a._)("a",Ye,[qe,(0,a.Wm)(l)]),$e]),(0,a._)("li",null,[(0,a._)("a",er,[rr,(0,a.Wm)(l)]),lr])]),ar,nr,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",tr,[or,(0,a.Wm)(l)])])]),ir,(0,a._)("ul",null,[(0,a._)("li",null,[hr,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",ur,[sr,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",cr,[_r,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",dr,[mr,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",kr,[pr,(0,a.Wm)(l)]),br,(0,a._)("a",gr,[fr,(0,a.Wm)(l)]),yr])])]),(0,a._)("li",null,[Ur,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",xr,[Wr,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",wr,[vr,(0,a.Wm)(l)]),Xr]),(0,a._)("li",null,[(0,a._)("a",Sr,[Ar,(0,a.Wm)(l)]),Cr])])]),(0,a._)("li",null,[Dr,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",Nr,[Or,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",Lr,[Rr,(0,a.Wm)(l)])])])]),(0,a._)("li",null,[Pr,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",Hr,[Mr,(0,a.Wm)(l)])]),(0,a._)("li",null,[(0,a._)("a",Gr,[Ir,(0,a.Wm)(l)])])])]),(0,a._)("li",null,[Fr,(0,a._)("ul",null,[(0,a._)("li",null,[(0,a._)("a",Jr,[Qr,(0,a.Wm)(l)]),Kr]),(0,a._)("li",null,[(0,a._)("a",jr,[zr,(0,a.Wm)(l)])])])])]),Br,(0,a._)("p",null,[Tr,(0,a._)("a",Zr,[Er,(0,a.Wm)(l)])])],64)}}}}]); \ No newline at end of file diff --git a/config/api.html b/config/api.html index 22c6a8b6ed..f9c75224f6 100644 --- a/config/api.html +++ b/config/api.html @@ -5,7 +5,7 @@ API 接口 | Project X - + @@ -44,6 +44,6 @@ xray.app.proxyman.command.HandlerService xray.app.stats.command.StatsService
1
2
3
4
5
6

API 调用示例

Xray-API-documentsopen in new window @crossfw

- + diff --git a/config/dns.html b/config/dns.html index 81ef256d1f..7c2db11a49 100644 --- a/config/dns.html +++ b/config/dns.html @@ -5,7 +5,7 @@ 内置 DNS 服务器 | Project X - + @@ -45,6 +45,6 @@ "clientIP": "1.2.3.4" }
1
2
3
4
5
6
7
8

address: address

一个 DNS 服务器列表,支持的类型有两种:DNS 地址(字符串形式)和 ServerObject 。

当值为 "localhost" 时,表示使用本机预设的 DNS 配置。

当它的值是一个 DNS "IP" 地址时,如 "8.8.8.8",Xray 会使用此地址的指定 UDP 端口进行 DNS 查询。该查询遵循路由规则。默认使用 53 端口。

当值是 "tcp://host" 的形式,如 "tcp://8.8.8.8",Xray 会使用 DNS over TCP 进行查询。该查询遵循路由规则。默认使用 53 端口。

当值是 "tcp+local://host" 的形式,如 "tcp+local://8.8.8.8",Xray 会使用 TCP 本地模式 (TCPL) 进行查询。即 DNS 请求不会经过路由组件,直接通过 Freedom outbound 对外请求,以降低耗时。不指定端口时,默认使用 53 端口。

当值是 "https://host:port/dns-query" 的形式,如 "https://dns.google/dns-query",Xray 会使用 DNS over HTTPS (RFC8484, 简称 DOH) 进行查询。有些服务商拥有 IP 别名的证书,可以直接写 IP 形式,比如 https://1.1.1.1/dns-query。也可使用非标准端口和路径,如 "https://a.b.c.d:8443/my-dns-query"

当值是 "https+local://host:port/dns-query" 的形式,如 "https+local://dns.google/dns-query",Xray 会使用 DOH 本地模式 (DOHL) 进行查询,即 DOH 请求不会经过路由组件,直接通过 Freedom outbound 对外请求,以降低耗时。一般适合在服务端使用。也可使用非标端口和路径。

当值是 "quic+local://host:port" 的形式,如 "quic+local://dns.adguard.com",Xray 会使用 DOQ 本地模式 (DOQL) 进行查询,即 DNS 请求不会经过路由组件,直接通过 Freedom outbound 对外请求。该方式需要 DNS 服务器支持 DNS over QUIC。默认使用 784 端口进行查询,可以使用非标端口。

当值是 fakedns 时,将使用 FakeDNS 功能进行查询。

port: number

DNS 服务器端口,如 53。此项缺省时默认为 53。当使用 DOH、DOHL、DOQL 模式时该项无效,非标端口应在 URL 中指定。

domains: [string]

一个域名列表,此列表包含的域名,将优先使用此服务器进行查询。域名格式和 路由配置 中相同。

expectIPs:[string]

一个 IP 范围列表,格式和 路由配置 中相同。

当配置此项时,Xray DNS 会对返回的 IP 的进行校验,只返回包含 expectIPs 列表中的地址。

如果未配置此项,会原样返回 IP 地址。

skipFallback: true | false

true,在进行 DNS fallback 查询时将跳过此服务器, 默认为 false,即不跳过。

- + diff --git a/config/fakedns.html b/config/fakedns.html index 46e9417321..2aba113191 100644 --- a/config/fakedns.html +++ b/config/fakedns.html @@ -5,7 +5,7 @@ FakeDNS | Project X - + @@ -111,6 +111,6 @@ ] }
1
2
3
4
5
6
7
8
9
- + diff --git a/config/features/browser_dialer.html b/config/features/browser_dialer.html index 8c66dbdce8..507bcbc252 100644 --- a/config/features/browser_dialer.html +++ b/config/features/browser_dialer.html @@ -5,11 +5,11 @@ Browser Dialer | Project X - +

Browser Dialer

BETA v1.4.1+

Background

基于 一年前的想法open in new window ,利用原生 JS 实现了简洁的 WSS Browser Dialer,达到了真实浏览器的 TLS 指纹、行为特征。

不过 WSS 仍存在 ALPN 明显的问题,所以下一步是浏览器转发 HTTP/2,QUIC

Xray & JS

创造了一个非常简单、巧妙的通信机制:

  • Xray 监听地址端口 A,作为 HTTP 服务,浏览器访问 A,加载网页中的 JS。
  • JS 主动向 A 建立 WebSocket 连接,成功后,Xray 将连接发给 channel。
  • 需要建立连接时,Xray 从 channel 接收一个可用的连接,并发送目标 URL 和可选的 early data。
  • JS 成功连接到目标后告知 Xray,并继续用这个 conn 全双工双向转发数据,连接关闭行为同步。
  • 连接使用后就会被关闭,但 JS 会确保始终有新空闲连接可用。

Early data

根据浏览器的需求,对 early data 机制进行了如下调整:

  • 服务端响应头会带有请求的 Sec-WebSocket-Protocol,这也初步混淆了 WSS 握手响应的长度特征。
  • 用于浏览器的 early data 编码是 base64.RawURLEncoding 而不是 StdEncoding,服务端做了兼容。
  • 此外,由于 Xray-core#375open in new window 推荐 ?ed=2048,这个 PR 顺便将服务端一处 MaxHeaderBytes 扩至了 4096。 (虽然好像不改也没问题)

Configuration v1.4.1

这是一个探索的过程,目前两边都是 Xray-core v1.4.1 时的配置方式:

  • 准备一份可用的 WSS 配置,注意 address 必须填域名,若需要指定 IP,请配置 DNS 或系统 hosts。
  • 若浏览器的流量也会经过 Xray-core,务必将这个域名设为直连,否则会造成流量回环。
  • 设置环境变量指定要监听的地址端口,比如 XRAY_BROWSER_DIALER = 127.0.0.1:8080
  • 先运行 Xray-core,再用任意浏览器访问上面指定的地址端口,还可以 F12ConsoleNetwork
  • 浏览器会限制 WebSocket 连接数,所以建议开启 Mux.Cool
- + diff --git a/config/features/env.html b/config/features/env.html index 08f0de0e4b..34c28c48b5 100644 --- a/config/features/env.html +++ b/config/features/env.html @@ -5,7 +5,7 @@ 环境变量 | Project X - + @@ -13,6 +13,6 @@ /usr/local/share/xray /usr/share/xray
1
2
3

配置文件位置

  • 名称:xray.location.configXRAY_LOCATION_CONFIG
  • 默认值:和 Xray 文件同路径。

这个环境变量指定了一个文件夹位置,这个文件夹应当包含 config.json 文件。

多配置目录

  • 名称:xray.location.confdirXRAY_LOCATION_CONFDIR
  • 默认值:""

这个目录内的 .json 文件会按文件名顺序读取,作为多配置选项。

- + diff --git a/config/features/fallback.html b/config/features/fallback.html index b5363634f1..0a57bd028b 100644 --- a/config/features/fallback.html +++ b/config/features/fallback.html @@ -5,7 +5,7 @@ Fallback 回落 | Project X - + @@ -22,6 +22,6 @@ "xver": 0 }
1
2
3
4
5
6
7

fallbacks 是一个数组,这里是其中一个子元素的配置说明。

fallbacks 项是可选的,只能用于 TCP+TLS 传输组合

  • 该项有子元素时,Inbound TLS 需设置 "alpn":["http/1.1"]。**

通常,你需要先设置一组 alpnpath 均省略或为空的默认回落,然后再按需配置其它分流。

VLESS 会把 TLS 解密后首包长度 < 18 或协议版本无效、身份认证失败的流量转发到 dest 指定的地址。

其它传输组合必须删掉 fallbacks 项或所有子元素,此时也不会开启 Fallback,VLESS 会等待读够所需长度,协议版本无效或身份认证失败时,将直接断开连接。

name: string

尝试匹配 TLS SNI(Server Name Indication),空为任意,默认为 ""

alpn: string

尝试匹配 TLS ALPN 协商结果,空为任意,默认为 ""

有需要时,VLESS 才会尝试读取 TLS ALPN 协商结果,若成功,输出 info realAlpn = 到日志。 用途:解决了 Nginx 的 h2c 服务不能同时兼容 http/1.1 的问题,Nginx 需要写两行 listen,分别用于 1.1 和 h2c。 注意:fallbacks alpn 存在 "h2" 时,Inbound TLS 需设置 "alpn":["h2","http/1.1"],以支持 h2 访问。

提示

Fallback 内设置的 alpn 是匹配实际协商出的 ALPN,而 Inbound TLS 设置的 alpn 是握手时可选的 ALPN 列表,两者含义不同。

path: string

尝试匹配首包 HTTP PATH,空为任意,默认为空,非空则必须以 / 开头,不支持 h2c。

智能:有需要时,VLESS 才会尝试看一眼 PATH(不超过 55 个字节;最快算法,并不完整解析 HTTP),若成功,输出 INFO 日志 realPath =。 用途:分流其它 inbound 的 WebSocket 流量或 HTTP 伪装流量,没有多余处理、纯粹转发流量,理论性能比 Nginx 更强。

注意:fallbacks 所在入站本身必须是 TCP+TLS,这是分流至其它 WS 入站用的,被分流的入站则无需配置 TLS。

dest: string | number

决定 TLS 解密后 TCP 流量的去向,目前支持两类地址:(该项必填,否则无法启动)

  1. TCP,格式为 "addr:port",其中 addr 支持 IPv4、域名、IPv6,若填写域名,也将直接发起 TCP 连接(而不走内置的 DNS)。
  2. Unix domain socket,格式为绝对路径,形如 "/dev/shm/domain.socket",可在开头加 @ 代表 abstractopen in new window@@ 则代表带 padding 的 abstract。

若只填 port,数字或字符串均可,形如 80"80",通常指向一个明文 http 服务(addr 会被补为 "127.0.0.1")。

xver: number

发送 PROXY protocolopen in new window,专用于传递请求的真实来源 IP 和端口,填版本 1 或 2,默认为 0,即不发送。若有需要建议填 1。

目前填 1 或 2,功能完全相同,只是结构不同,且前者可打印,后者为二进制。Xray 的 TCP 和 WS 入站均已支持接收 PROXY protocol。

注意

若你正在 配置 Nginx 接收 PROXY protocolopen in new window,除了设置 proxy_protocol 外,还需设置 set_real_ip_from,否则可能会出问题。

补充说明

  • 将匹配到最精确的子元素,与子元素的排列顺序无关。若配置了几个 alpn 和 path 均相同的子元素,则会以最后的为准。
  • 回落分流均是解密后 TCP 层的转发,而不是 HTTP 层,只在必要时检查首包 PATH。
  • 您可以查看更多的关于 Fallbacks 的使用技巧和心得

Fallbacks 设计理论 WIP

- + diff --git a/config/features/multiple.html b/config/features/multiple.html index 62c92492e3..7c48b0971b 100644 --- a/config/features/multiple.html +++ b/config/features/multiple.html @@ -5,7 +5,7 @@ 多文件配置 | Project X - + @@ -84,6 +84,6 @@ 0 directories, 10 files
1
2
3
4
5
6
7
8
9
10
11
12
13
- + diff --git a/config/features/xtls.html b/config/features/xtls.html index 3eacb3d352..4687f9a153 100644 --- a/config/features/xtls.html +++ b/config/features/xtls.html @@ -5,11 +5,11 @@ XTLS 深度剖析 | Project X - + - + diff --git a/config/inbound.html b/config/inbound.html index 0c5b2085a2..2ebf588c97 100644 --- a/config/inbound.html +++ b/config/inbound.html @@ -5,7 +5,7 @@ 入站代理 | Project X - + @@ -43,6 +43,6 @@ "concurrency": 3 }
1
2
3
4
5

strategy: "always" | "random"

端口分配策略。

  • "always" 表示总是分配所有已指定的端口,port 中指定了多少个端口,Xray 就会监听这些端口。
  • "random" 表示随机开放端口,每隔 refresh 分钟在 port 范围中随机选取 concurrency 个端口来监听。

refresh: number

随机端口刷新间隔,单位为分钟。最小值为 2,建议值为 5。这个属性仅当 strategy 设置为 "random" 时有效。

concurrency: number

随机端口数量。最小值为 1,最大值为 port 范围的三分之一。建议值为 3

- + diff --git a/config/inbounds/dokodemo.html b/config/inbounds/dokodemo.html index 7bf1c50bf0..64b7870722 100644 --- a/config/inbounds/dokodemo.html +++ b/config/inbounds/dokodemo.html @@ -5,7 +5,7 @@ Dokodemo-Door | Project X - + @@ -18,6 +18,6 @@ "userLevel": 0 }
1
2
3
4
5
6
7
8

address: address

将流量转发到此地址。可以是一个 IP 地址,形如 "1.2.3.4",或者一个域名,形如 "xray.com"。字符串类型。

followRedirect(见下文)为 true 时,address 可为空。

port: number

将流量转发到目标地址的指定端口,范围 [1, 65535],数值类型。必填参数。

network: "tcp" | "udp" | "tcp,udp"

可接收的网络协议类型。比如当指定为 "tcp" 时,仅会接收 TCP 流量。默认值为 "tcp"

timeout: number

连接空闲的时间限制。单位为秒。默认值为 300。处理一个连接时,如果在 timeout 时间内,没有任何数据被传输,则中断该连接。

followRedirect: true | false

当值为 true 时,dokodemo-door 会识别出由 iptables 转发而来的数据,并转发到相应的目标地址。

可参考 传输配置 中的 tproxy 设置。

userLevel: number

用户等级,连接会使用这个用户等级对应的 本地策略

userLevel 的值, 对应 policylevel 的值. 如不指定, 默认为 0。

透明代理配置样例

此部分请参考透明代理(TProxy)配置教程

- + diff --git a/config/inbounds/http.html b/config/inbounds/http.html index 309a69eeaa..f2cc605c2d 100644 --- a/config/inbounds/http.html +++ b/config/inbounds/http.html @@ -5,7 +5,7 @@ HTTP | Project X - + @@ -25,6 +25,6 @@ "pass": "my-password" }
1
2
3
4

user: string

用户名,字符串类型。必填。

pass: string

密码,字符串类型。必填。

- + diff --git a/config/inbounds/shadowsocks.html b/config/inbounds/shadowsocks.html index 3f2a67662b..ac984a9f20 100644 --- a/config/inbounds/shadowsocks.html +++ b/config/inbounds/shadowsocks.html @@ -5,7 +5,7 @@ Shadowsocks | Project X - + @@ -25,6 +25,6 @@ "email": "love@xray.com" }
1
2
3
4
5
6

method: string

必填。

password: string

必填。

  • Shadowsocks 2022

使用与 WireGuard 类似的预共享密钥作为密码。

使用 openssl rand -base64 <长度> 以生成与 shadowsocks-rust 兼容的密钥,长度取决于所使用的加密方法。

加密方法密钥长度
2022-blake3-aes-128-gcm16
2022-blake3-aes-256-gcm32
2022-blake3-chacha20-poly130532

在 Go 实现中,32 位密钥始终工作。

  • 其他加密方法

任意字符串。 不限制密码长度,但短密码会更可能被破解,建议使用 16 字符或更长的密码。

level: number

用户等级,连接会使用这个用户等级对应的 本地策略

level 的值, 对应 policylevel 的值。 如不指定, 默认为 0。

email: string

用户邮箱,用于区分不同用户的流量(日志、统计)。

- + diff --git a/config/inbounds/socks.html b/config/inbounds/socks.html index 3623895663..8f80ae298a 100644 --- a/config/inbounds/socks.html +++ b/config/inbounds/socks.html @@ -5,7 +5,7 @@ Socks | Project X - + @@ -26,6 +26,6 @@ "pass": "my-password" }
1
2
3
4

user: string

用户名,字符串类型。必填。

pass: string

密码,字符串类型。必填。

- + diff --git a/config/inbounds/trojan.html b/config/inbounds/trojan.html index 35cd74c764..943bf73cfd 100644 --- a/config/inbounds/trojan.html +++ b/config/inbounds/trojan.html @@ -5,7 +5,7 @@ Trojan | Project X - + @@ -29,6 +29,6 @@ "level": 0 }
1
2
3
4
5

password: string

必填,任意字符串。

email: string

邮件地址,可选,用于标识用户

警告

如果存在多个 ClientObject, 请注意 email 不可以重复。

level: number

用户等级,连接会使用这个用户等级对应的 本地策略

userLevel 的值, 对应 policylevel 的值。 如不指定, 默认为 0。

- + diff --git a/config/inbounds/vless.html b/config/inbounds/vless.html index df907170c7..7adf7105e4 100644 --- a/config/inbounds/vless.html +++ b/config/inbounds/vless.html @@ -5,7 +5,7 @@ VLESS | Project X - + @@ -32,6 +32,6 @@ "flow": "xtls-rprx-vision" }
1
2
3
4
5
6

id: string

VLESS 的用户 ID,可以是任意小于 30 字节的字符串, 也可以是一个合法的 UUID. 自定义字符串和其映射的 UUID 是等价的, 这意味着你将可以这样在配置文件中写 id 来标识同一用户,即

  • "id": "我爱🍉老师1314",
  • 或写 "id": "5783a3e7-e373-51cd-8642-c83782b807c5" (此 UUID 是 我爱🍉老师1314 的 UUID 映射)

其映射标准在 VLESS UUID 映射标准:将自定义字符串映射为一个 UUIDv5open in new window

你可以使用命令 xray uuid -i "自定义字符串" 生成自定义字符串所映射的的 UUID。

也可以使用命令 xray uuid 生成随机的 UUID.

level: number

用户等级,连接会使用这个用户等级对应的 本地策略

level 的值, 对应 policylevel 的值。 如不指定, 默认为 0。

email: string

用户邮箱,用于区分不同用户的流量(会体现在日志、统计中)。

flow: string

流控模式,用于选择 XTLS 的算法。

目前入站协议中有以下流控模式可选:

  • flow,空字符或者 none:使用普通 TLS 代理
  • xtls-rprx-vision:使用新 XTLS 模式 包含内层握手随机填充

此外,目前 XTLS 仅支持 TCP、mKCP、DomainSocket 这三种传输方式。

- + diff --git a/config/inbounds/vmess.html b/config/inbounds/vmess.html index b069138b43..594591a025 100644 --- a/config/inbounds/vmess.html +++ b/config/inbounds/vmess.html @@ -5,7 +5,7 @@ VMess | Project X - + @@ -36,6 +36,6 @@ "level": 0 }
1
2
3

level: number

用户等级,连接会使用这个用户等级对应的 本地策略

level 的值, 对应 policylevel 的值。 如不指定, 默认为 0。

- + diff --git a/config/index.html b/config/index.html index cbaeaca0b3..5481070de0 100644 --- a/config/index.html +++ b/config/index.html @@ -5,7 +5,7 @@ 配置文件 | Project X - + @@ -23,6 +23,6 @@ "fakedns": {} }
1
2
3
4
5
6
7
8
9
10
11
12
13

注意

如果你刚接触 Xray, 您可以先点击查看快速入门中的配置运行, 学习最基本的配置方式, 然后查看本章节内容以掌握所有 Xray 的配置方式。

基础配置模块

log:LogObject

日志配置,控制 Xray 输出日志的方式.

api:ApiObject

提供了一些 API 接口供远程调用。

dns: DnsObject

内置的 DNS 服务器. 如果没有配置此项,则使用系统的 DNS 设置。

routing: RoutingObject

路由功能。可以设置规则分流数据从不同的 outbound 发出.

policy: PolicyObject

本地策略,可以设置不同的用户等级和对应的策略设置。

inbounds: [ InboundObject ]

一个数组,每个元素是一个入站连接配置。

outbounds: [ OutboundObject ]

一个数组,每个元素是一个出站连接配置。

transport: TransportObject

用于配置 Xray 其它服务器建立和使用网络连接的方式。

stats: StatsObject

用于配置流量数据的统计。

reverse: ReverseObject

反向代理。可以把服务器端的流量向客户端转发,即逆向流量转发。

fakedns: FakeDnsObject

FakeDNS 配置。可配合透明代理使用,以获取实际域名。

- + diff --git a/config/log.html b/config/log.html index 831e67fbf3..dc77dee029 100644 --- a/config/log.html +++ b/config/log.html @@ -5,7 +5,7 @@ 日志配置 | Project X - + @@ -18,6 +18,6 @@ } }
1
2
3
4
5
6
7
8

access: string

访问日志的文件地址,其值是一个合法的文件地址,如"/var/log/Xray/access.log"(Linux)或者"C:\\Temp\\Xray\\_access.log"(Windows)。当此项不指定或为空值时,表示将日志输出至 stdout。

  • 特殊值none,即关闭 access log。

error: string

错误日志的文件地址,其值是一个合法的文件地址,如"/var/log/Xray/error.log"(Linux)或者"C:\\Temp\\Xray\\_error.log"(Windows)。当此项不指定或为空值时,表示将日志输出至 stdout。

  • 特殊值none,即关闭 error log。

loglevel: "debug" | "info" | "warning" | "error" | "none"

error 日志的级别, 指示 error 日志需要记录的信息. 默认值为 "warning"

  • "debug":调试程序时用到的输出信息。同时包含所有 "info" 内容。
  • "info":运行时的状态信息等,不影响正常使用。同时包含所有 "warning" 内容。
  • "warning":发生了一些并不影响正常运行的问题时输出的信息,但有可能影响用户的体验。同时包含所有 "error" 内容。
  • "error":Xray 遇到了无法正常运行的问题,需要立即解决。
  • "none":不记录任何内容。

dnsLog: bool

是否启用 DNS 查询日志,例如:DOH//doh.server got answer: domain.com -> [ip1, ip2] 2.333ms

- + diff --git a/config/outbound.html b/config/outbound.html index df56a15ad9..9b85c45437 100644 --- a/config/outbound.html +++ b/config/outbound.html @@ -5,7 +5,7 @@ 出站代理 | Project X - + @@ -34,6 +34,6 @@ "xudpProxyUDP443": "reject" }
1
2
3
4
5
6

enabled: true | false

是否启用 Mux 转发请求,默认值 false

concurrency: number

最大并发连接数。最小值 1,最大值 1024。省略或者填 0 时都等于 8

这个数值表示了一个 TCP 连接上最多承载的子连接数量。比如设置 concurrency=8 时,当客户端发出了 8 个 TCP 请求,Xray 只会发出一条实际的 TCP 连接,客户端的 8 个请求全部由这个 TCP 连接传输。

提示

填负数时,如 -1,不使用 Mux 模块承载 TCP 流量。

xudpConcurrency: number

使用新 XUDP 聚合隧道(也就是另一条 Mux 连接)代理 UDP 流量,填写最大并发子 UoT 数量。最小值 1,最大值 1024。 省略或者填 0 时,将与 TCP 流量走同一条路,也就是传统的行为。

提示

填负数时,如 -1,不使用 Mux 模块承载 UDP 流量。将使用代理协议原本的 UDP 传输方式。例如 Shadowsocks 会使用原生 UDP,VLESS 会使用 UoT。

xudpProxyUDP443: string

控制 Mux 对于被代理的 UDP/443(QUIC)流量的处理方式:

  • 默认 reject 拒绝流量(一般浏览器会自动回落到 TCP HTTP2)
  • allow 允许走 Mux 连接。
  • skip 时,不使用 Mux 模块承载 UDP 443 流量。将使用代理协议原本的 UDP 传输方式。例如 Shadowsocks 会使用原生 UDP,VLESS 会使用 UoT。
- + diff --git a/config/outbounds/blackhole.html b/config/outbounds/blackhole.html index 01e4aa2a2c..ce5c29fadd 100644 --- a/config/outbounds/blackhole.html +++ b/config/outbounds/blackhole.html @@ -5,7 +5,7 @@ Blackhole | Project X - + @@ -18,6 +18,6 @@ "type": "none" }
1
2
3

type: "http" | "none"

type"none"(默认值)时,Blackhole 将直接关闭连接。

type"http" 时,Blackhole 会发回一个简单的 HTTP 403 数据包,然后关闭连接。

- + diff --git a/config/outbounds/dns.html b/config/outbounds/dns.html index dde1c3b28f..6a06e3616a 100644 --- a/config/outbounds/dns.html +++ b/config/outbounds/dns.html @@ -5,7 +5,7 @@ DNS | Project X - + @@ -16,6 +16,6 @@ "nonIPQuery": "drop" }
1
2
3
4
5
6

network: "tcp" | "udp"

修改 DNS 流量的传输层协议,可选的值有 "tcp""udp"。当不指定时,保持来源的传输方式不变。

address: address

修改 DNS 服务器地址。当不指定时,保持来源中指定的地址不变。

port: number

修改 DNS 服务器端口。当不指定时,保持来源中指定的端口不变。

nonIPQuery: string

控制非 IP 查询(非 A 和 AAAA),"drop" 丢弃或者 "skip" 不由内置 DNS 服务器处理,将转发给目标。默认为 "drop"

DNS 配置实例 WIP

- + diff --git a/config/outbounds/freedom.html b/config/outbounds/freedom.html index 7dbd8fed96..a58983a554 100644 --- a/config/outbounds/freedom.html +++ b/config/outbounds/freedom.html @@ -5,7 +5,7 @@ Freedom | Project X - + @@ -20,6 +20,6 @@ } }
1
2
3
4
5
6
7
8
9
10

domainStrategy: "AsIs" | "UseIP" | "UseIPv4" | "UseIPv6"

在目标地址为域名时, 配置相应的值, Freedom 的行为模式如下:

  • "AsIs": Freedom 通过系统 DNS 服务器解析获取 IP, 向此域名发出连接.
  • "UseIP""UseIPv4""UseIPv6": Xray 使用 内置 DNS 服务器 解析获取 IP, 向此域名发出连接. 默认值为 "AsIs"

TIP 1

当使用 "UseIP" 模式,并且 出站连接配置 中指定了 sendThrough 时,Freedom 会根据 sendThrough 的值自动判断所需的 IP 类型,IPv4 或 IPv6。

TIP 2

当使用 "UseIPv4""UseIPv6" 模式时,Freedom 会只使用对应的 IPv4 或 IPv6 地址。当 sendThrough 指定了不匹配的本地地址时,将导致连接失败。

redirect: address_port

Freedom 会强制将所有数据发送到指定地址(而不是 inbound 指定的地址)。

其值为一个字符串,样例:"127.0.0.1:80"":1234"

当地址不指定时,如 ":443",Freedom 不会修改原先的目标地址。 当端口为 0 时,如 "xray.com: 0",Freedom 不会修改原先的端口。

userLevel: number

用户等级,连接会使用这个用户等级对应的 本地策略

userLevel 的值, 对应 policylevel 的值。 如不指定, 默认为 0。

fragment: map

一些键值对配置项,用于控制发出的 TCP 分片,在某些情况下可以欺骗审查系统,比如绕过 SNI 黑名单。

"packets":支持两种分片方式 "1-3" 是 TCP 的流切片,应用于客户端第 1 至第 3 次写数据。"tlshello" 是 TLS 握手包切片。

"length":分片包长 (byte)

"interval":分片间隔(ms)

- + diff --git a/config/outbounds/http.html b/config/outbounds/http.html index 7608b5be0d..2726d03d98 100644 --- a/config/outbounds/http.html +++ b/config/outbounds/http.html @@ -5,7 +5,7 @@ HTTP | Project X - + @@ -42,6 +42,6 @@ "pass": "my-password" }
1
2
3
4

user: string

用户名,字符串类型。必填。

pass: string

密码,字符串类型。必填。

- + diff --git a/config/outbounds/shadowsocks.html b/config/outbounds/shadowsocks.html index f4c543f830..f95312ce8a 100644 --- a/config/outbounds/shadowsocks.html +++ b/config/outbounds/shadowsocks.html @@ -5,7 +5,7 @@ Shadowsocks | Project X - + @@ -34,6 +34,6 @@ "level": 0 }
1
2
3
4
5
6
7
8
9
10

email: string

邮件地址,可选,用于标识用户

address: address

Shadowsocks 服务端地址,支持 IPv4、IPv6 和域名。必填。

port: number

Shadowsocks 服务端端口。必填。

method: string

必填。

password: string

必填。

uot: bool

启用udp over tcp

UoTVersion: number

UDP over TCP 的实现版本。

当前可选值:1, 2

  • Shadowsocks 2022

使用与 WireGuard 类似的预共享密钥作为密码。

使用 openssl rand -base64 <长度> 以生成与 shadowsocks-rust 兼容的密钥,长度取决于所使用的加密方法。

加密方法密钥长度
2022-blake3-aes-128-gcm16
2022-blake3-aes-256-gcm32
2022-blake3-chacha20-poly130532

在 Go 实现中,32 位密钥始终工作。

  • 其他加密方法

任意字符串。不限制密码长度,但短密码会更可能被破解,建议使用 16 字符或更长的密码。

level: number

用户等级,连接会使用这个用户等级对应的 本地策略

level 的值, 对应 policylevel 的值。 如不指定, 默认为 0。

- + diff --git a/config/outbounds/socks.html b/config/outbounds/socks.html index 934ce808ba..27fb8ea45f 100644 --- a/config/outbounds/socks.html +++ b/config/outbounds/socks.html @@ -5,7 +5,7 @@ Socks | Project X - + @@ -41,6 +41,6 @@ "level": 0 }
1
2
3
4
5

user: string

用户名,字符串类型。必填。

pass: string

密码,字符串类型。必填。

level: number

用户等级,连接会使用这个用户等级对应的 本地策略

userLevel 的值, 对应 policylevel 的值。 如不指定, 默认为 0。

- + diff --git a/config/outbounds/trojan.html b/config/outbounds/trojan.html index 3b3984d3d8..414eea9a11 100644 --- a/config/outbounds/trojan.html +++ b/config/outbounds/trojan.html @@ -5,7 +5,7 @@ Trojan | Project X - + @@ -28,6 +28,6 @@ "level": 0 }
1
2
3
4
5
6
7

address: address

服务端地址,支持 IPv4、IPv6 和域名。必填。

port: number

服务端端口,通常与服务端监听的端口相同。

password: string

密码. 必填,任意字符串。

email: string

邮件地址,可选,用于标识用户

level: number

用户等级,连接会使用这个用户等级对应的 本地策略

level 的值, 对应 policylevel 的值。 如不指定, 默认为 0。

- + diff --git a/config/outbounds/vless.html b/config/outbounds/vless.html index c29819a532..020da5ac2a 100644 --- a/config/outbounds/vless.html +++ b/config/outbounds/vless.html @@ -5,7 +5,7 @@ VLESS | Project X - + @@ -44,6 +44,6 @@ "level": 0 }
1
2
3
4
5
6

id: string

VLESS 的用户 ID,可以是任意小于 30 字节的字符串, 也可以是一个合法的 UUID. 自定义字符串和其映射的 UUID 是等价的, 这意味着你将可以这样在配置文件中写 id 来标识同一用户,即

  • "id": "我爱🍉老师1314",
  • 或写 "id": "5783a3e7-e373-51cd-8642-c83782b807c5" (此 UUID 是 我爱🍉老师1314 的 UUID 映射)

其映射标准在 VLESS UUID 映射标准:将自定义字符串映射为一个 UUIDv5open in new window

你可以使用命令 xray uuid -i "自定义字符串" 生成自定义字符串所映射的的 UUID,也可以使用命令 xray uuid 生成随机的 UUID。

encryption: "none"

需要填 "none",不能留空。

该要求是为了提醒使用者没有加密,也为了以后出加密方式时,防止使用者填错属性名或填错位置导致裸奔。

若未正确设置 encryption 的值,使用 Xray 或 -test 时会收到错误信息。

flow: string

流控模式,用于选择 XTLS 的算法。

目前出站协议中有以下流控模式可选:

  • flow,空字符或者 none:使用普通 TLS 代理
  • xtls-rprx-vision:使用新 XTLS 模式 包含内层握手随机填充 支持 uTLS 模拟客户端指纹
  • xtls-rprx-vision-udp443:同 xtls-rprx-vision, 但是放行了目标为 443 端口的 UDP 流量

此外,目前 XTLS 仅支持 TCP、mKCP、DomainSocket 这三种传输方式。

关于 xtls-rprx-*-udp443 流控模式

启用了 Xray-core 的 XTLS 时,通往 UDP 443 端口的流量默认会被拦截(一般情况下为 QUIC),这样应用就不会使用 QUIC 而会使用 TLS,XTLS 才会真正生效。实际上,QUIC 本身也不适合被代理,因为 QUIC 自带了 TCP 的功能,它作为 UDP 流量在通过 VLESS 协议传输时,底层协议为 TCP,就相当于两层 TCP 了。

若不需要拦截,请在客户端填写 xtls-rprx-*-udp443,服务端不变。

关于 Splice 模式

Splice 是 Linux Kernel 提供的函数,系统内核直接转发 TCP,不再经过 Xray 的内存,大大减少了数据拷贝、CPU 上下文切换的次数。

Splice 模式的的使用限制:

  • Linux 环境
  • 入站协议为 Dokodemo doorSocksHTTP 等纯净的 TCP 连接, 或其它使用了 XTLS 的入站协议
  • 出站协议为 VLESS + XTLS
  • 需要注意的是,使用 mKCP 协议时不会使用 Splice(是的,虽然没有报错,但实际上根本没用到)

此外,使用 Splice 时网速显示会滞后,这是特性,不是 bug。

使用 Vision 模式 如果满足上述条件 会自动启用 Splice

level: number

用户等级,连接会使用这个用户等级对应的 本地策略

level 的值, 对应 policylevel 的值。 如不指定, 默认为 0。

- + diff --git a/config/outbounds/vmess.html b/config/outbounds/vmess.html index bf5d09c64d..7c2503d254 100644 --- a/config/outbounds/vmess.html +++ b/config/outbounds/vmess.html @@ -5,7 +5,7 @@ VMess | Project X - + @@ -35,6 +35,6 @@ "level": 0 }
1
2
3
4
5

id:string

Vmess 的用户 ID,可以是任意小于 30 字节的字符串, 也可以是一个合法的 UUID.

自定义字符串和其映射的 UUID 是等价的, 这意味着你将可以这样在配置文件中写 id 来标识同一用户,即

  • "id": "我爱🍉老师1314",
  • 或写 "id": "5783a3e7-e373-51cd-8642-c83782b807c5" (此 UUID 是 我爱🍉老师1314 的 UUID 映射)

其映射标准在 VLESS UUID 映射标准:将自定义字符串映射为一个 UUIDv5open in new window

你可以使用命令 xray uuid -i "自定义字符串" 生成自定义字符串所映射的的 UUID, 也可以使用命令 xray uuid 生成随机的 UUID。

level: number

用户等级,连接会使用这个用户等级对应的 本地策略

level 的值, 对应 policylevel 的值。 如不指定, 默认为 0。

security: "aes-128-gcm" | "chacha20-poly1305" | "auto" | "none" | "zero"

加密方式,客户端将使用配置的加密方式发送数据,服务器端自动识别,无需配置。

  • "aes-128-gcm":推荐在 PC 上使用
  • "chacha20-poly1305":推荐在手机端使用
  • "auto":默认值,自动选择(运行框架为 AMD64、ARM64 或 s390x 时为 aes-128-gcm 加密方式,其他情况则为 Chacha20-Poly1305 加密方式)
  • "none":不加密
  • "zero":不加密,也不进行消息认证 (v1.4.0+)

提示

推荐使用"auto"加密方式,这样可以永久保证安全性和兼容性。

"none" 伪加密方式会计算并验证数据包的校验数据,由于认证算法没有硬件支持,在部分平台可能速度比有硬件加速的 "aes-128-gcm" 还慢。

"zero" 伪加密方式不会加密消息也不会计算数据的校验数据,因此理论上速度会高于其他任何加密方式。实际速度可能受到其他因素影响。

不推荐在未开启 TLS 加密并强制校验证书的情况下使用 "none" "zero" 伪加密方式。 如果使用 CDN 或其他会解密 TLS 的中转平台或网络环境建立连接,不建议使用 "none" "zero" 伪加密方式。

无论使用哪种加密方式, VMess 的包头都会受到加密和认证的保护。

- + diff --git a/config/outbounds/wireguard.html b/config/outbounds/wireguard.html index 6b38f5da3c..09ad193da6 100644 --- a/config/outbounds/wireguard.html +++ b/config/outbounds/wireguard.html @@ -5,7 +5,7 @@ Wireguard | Project X - + @@ -35,6 +35,6 @@ "allowedIPs": ["0.0.0.0/0"] // optional, default ["0.0.0.0/0", "::/0"] }
1
2
3
4
5
6
7

endpoint: address

服务器地址, 必填

提示

使用 url:端口号 格式,形如 engage.cloudflareclient.com:2408

publicKey: string

服务器公钥,用于验证, 必填

preSharedKey: string

额外的对称加密密钥

keepAlive: int

心跳包时间间隔,单位为秒,默认为 0 表示无心跳

allowedIPs: string array

Wireguard 仅允许特定源 IP 的流量

- + diff --git a/config/policy.html b/config/policy.html index 1d631ab5cf..23f31fa16a 100644 --- a/config/policy.html +++ b/config/policy.html @@ -5,7 +5,7 @@ 本地策略 | Project X - + @@ -46,6 +46,6 @@ "statsOutboundDownlink": false }
1
2
3
4
5
6

statsInboundUplink: true | false

当值为 true 时,开启所有入站代理的上行流量统计。

statsInboundDownlink: true | false

当值为 true 时,开启所有入站代理的下行流量统计。

statsOutboundUplink: true | false

当值为 true 时,开启所有出站代理的上行流量统计。

statsOutboundDownlink: true | false

当值为 true 时,开启所有出站代理的下行流量统计。

- + diff --git a/config/reverse.html b/config/reverse.html index 6035b3ff83..77aac48256 100644 --- a/config/reverse.html +++ b/config/reverse.html @@ -5,7 +5,7 @@ 反向代理 | Project X - + @@ -125,6 +125,6 @@ ] }
1
2
3
4
5
6
7
8
9
10
11
12
13
14
- + diff --git a/config/routing.html b/config/routing.html index 91571be69a..018adfbe84 100644 --- a/config/routing.html +++ b/config/routing.html @@ -5,7 +5,7 @@ 路由 | Project X - + @@ -38,6 +38,6 @@ "selector": [] }
1
2
3
4

tag: string

此负载均衡器的标识,用于匹配 RuleObject 中的 balancerTag

selector: [ string ]

一个字符串数组,其中每一个字符串将用于和 outbound 标识的前缀匹配。在以下几个 outbound 标识中:[ "a", "ab", "c", "ba" ]"selector": ["a"] 将匹配到 [ "a", "ab" ]

如果匹配到多个 outbound,负载均衡器目前会从中随机选出一个作为最终的 outbound。

预定义域名列表

此列表预置于每一个 Xray 的安装包中,文件名为 geosite.dat。这个文件包含了一些常见的域名,使用方式:geosite:filename,如 geosite:google 表示对文件内符合 google 内包含的域名,进行路由筛选或 DNS 筛选。

常见的域名有:

  • category-ads:包含了常见的广告域名。
  • category-ads-all:包含了常见的广告域名,以及广告提供商的域名。
  • cn:相当于 geolocation-cntld-cn 的合集。
  • apple:包含了 Apple 旗下绝大部分域名。
  • google:包含了 Google 旗下绝大部分域名。
  • microsoft:包含了 Microsoft 旗下绝大部分域名。
  • facebook:包含了 Facebook 旗下绝大部分域名。
  • twitter:包含了 Twitter 旗下绝大部分域名。
  • telegram:包含了 Telegram 旗下绝大部分域名。
  • geolocation-cn:包含了常见的大陆站点域名。
  • geolocation-!cn:包含了常见的非大陆站点域名,同时包含了 tld-!cn
  • tld-cn:包含了 CNNIC 管理的用于中国大陆的顶级域名,如以 .cn.中国 结尾的域名。
  • tld-!cn:包含了非中国大陆使用的顶级域名,如以 .hk(香港)、.tw(台湾)、.jp(日本)、.sg(新加坡)、.us(美国).ca(加拿大)等结尾的域名。

你也可以在这里查看完整的域名列表 Domain list communityopen in new window

- + diff --git a/config/stats.html b/config/stats.html index 6b3c2686c7..56cede8053 100644 --- a/config/stats.html +++ b/config/stats.html @@ -5,7 +5,7 @@ 统计信息 | Project X - + @@ -13,6 +13,6 @@ "stats": {} }
1
2
3

目前统计信息不需要任何参数,只要 StatsObject 项存在,内部的统计即会开启。

开启了统计以后, 只需在 Policy 中开启对应的项,就可以统计对应的数据。

获取统计信息

可以用 xray api 的相关命令获取统计信息.

目前已有的统计信息如下:

  • 用户数据

    • user>>>[email]>>>traffic>>>uplink

      特定用户的上行流量,单位字节。

    • user>>>[email]>>>traffic>>>downlink

      特定用户的下行流量,单位字节。

提示

如果对应用户没有指定 Email,则不会开启统计。

  • 全局数据

    • inbound>>>[tag]>>>traffic>>>uplink

      特定 inbound 的上行流量,单位字节。

    • inbound>>>[tag]>>>traffic>>>downlink

      特定 inbound 的下行流量,单位字节。

    • outbound>>>[tag]>>>traffic>>>uplink

      特定 outbound 的上行流量,单位字节。

    • outbound>>>[tag]>>>traffic>>>downlink

      特定 outbound 的下行流量,单位字节。

- + diff --git a/config/transport.html b/config/transport.html index 09be9852a2..f28097d4f6 100644 --- a/config/transport.html +++ b/config/transport.html @@ -5,7 +5,7 @@ 传输方式 | Project X - + @@ -142,6 +142,6 @@ "interface": "wg0" }
1
2
3
4
5
6
7
8
9
10
11
12
13
14

mark: number

一个整数。当其值非零时,在 outbound 连接上以此数值标记 SO_MARK。

  • 仅适用于 Linux 系统。
  • 需要 CAP_NET_ADMIN 权限。

tcpMaxSeg: number

用于设置 TCP 数据包的最大传输单元。

tcpFastOpen: true | false | number

是否启用 TCP Fast Openopen in new window

当其值为 true正整数时,启用 TFO;当其值为 false负数时,强制关闭 TFO;当此项不存在或为 0 时,使用系统默认设置。 可用于 inbound/outbound。

  • 仅在以下版本(或更新版本)的操作系统中可用:

    • Windows 10 (1607)
    • Mac OS 10.11 / iOS 9
    • Linux 3.16:需要通过内核参数 net.ipv4.tcp_fastopen 进行设定,此参数是一个 bitmap,0x1 代表客户端允许启用,0x2 代表服务器允许启用;默认值为 0x1,如果服务器要启用 TFO,请把此内核参数值设为 0x3
    • FreeBSD 10.3 (Server) / 12.0 (Client):需要把内核参数 net.inet.tcp.fastopen.server_enabled 以及 net.inet.tcp.fastopen.client_enabled 设为 1
  • 对于 Inbound,此处所设定的正整数代表 待处理的 TFO 连接请求数上限open in new window注意并非所有操作系统都支持在此设定

    • Linux / FreeBSD:此处的设定的正整数值代表上限,可接受的最大值为 2147483647,为 true 时将取 256;注意在 Linux,net.core.somaxconn 会限制此值的上限,如果超过了 somaxconn,请同时提高 somaxconn
    • Mac OS:此处为 true正整数时,仅代表启用 TFO,上限需要通过内核参数 net.inet.tcp.fastopen_backlog 单独设定。
    • Windows:此处为 true正整数时,仅代表启用 TFO。
  • 对于 Outbound,设定为 true正整数在任何操作系统都仅表示启用 TFO。

tproxy: "redirect" | "tproxy" | "off"

是否开启透明代理(仅适用于 Linux)。

  • "redirect":使用 Redirect 模式的透明代理。支持所有基于 IPv4/6 的 TCP 和 UDP 连接。
  • "tproxy":使用 TProxy 模式的透明代理。支持所有基于 IPv4/6 的 TCP 和 UDP 连接。
  • "off":关闭透明代理。

透明代理需要 Root 或 CAP\_NET\_ADMIN 权限。

警告

Dokodemo-door 中指定了 followRedirecttrue,且 Sockopt 设置中的tproxy 为空时,Sockopt 设置中的tproxy 的值会被设为 "redirect"

domainStrategy: "AsIs" | "UseIP" | "UseIPv4" | "UseIPv6"

在之前的版本中,当 Xray 尝试使用域名建立系统连接时,域名的解析由系统完成,不受 Xray 控制。这导致了在 非标准 Linux 环境中无法解析域名open in new window 等问题。为此,Xray 1.3.1 为 Sockopt 引入了 Freedom 中的 domainStrategy,解决了此问题。

在目标地址为域名时, 配置相应的值, SystemDialer 的行为模式如下:

  • "AsIs": 通过系统 DNS 服务器解析获取 IP, 向此域名发出连接。
  • "UseIP""UseIPv4""UseIPv6": 使用内置 DNS 服务器解析获取 IP 后, 直接向此 IP 发出连接。

默认值为 "AsIs"

警告

启用了此功能后,不当的配置可能会导致死循环。

一句话版本:连接到服务器,需要等待 DNS 查询结果;完成 DNS 查询,需要连接到服务器。

Tony: 先有鸡还是先有蛋?

详细解释:

  1. 触发条件:代理服务器(proxy.com)。内置 DNS 服务器,非 Local 模式。
  2. Xray 尝试向 proxy.com 建立 TCP 连接 ,通过内置 DNS 服务器查询 proxy.com。
  3. 内置 DNS 服务器向 dns.com 建立连接,并发送查询,以获取 proxy.com 的 IP。
  4. 不当的 的路由规则,导致 proxy.com 代理了步骤 3 中发出的查询。
  5. Xray 尝试向 proxy.com 建立另一个 TCP 连接。
  6. 在建立连接前,通过内置 DNS 服务器查询 proxy.com。
  7. 内置 DNS 服务器复用步骤 3 中的连接,发出查询。
  8. 问题出现。步骤 3 中连接的建立,需要等待步骤 7 中的查询结果;步骤 7 完成查询,需要等待步骤 3 中的连接完全建立。
  9. Good Game!

解决方案:

  • 改内置 DNS 服务器的分流。
  • 用 Hosts。
  • 如果你还是不知道解决方案,就别用这个功能了。

因此,不建议 经验不足的用户擅自使用此功能。

dialerProxy: ""

一个出站代理的标识。当值不为空时,将使用指定的 outbound 发出连接。 此选项可用于支持底层传输方式的链式转发。

警告

此选项与 ProxySettingsObject.Tag 不兼容

acceptProxyProtocol: true | false

仅用于 inbound,指示是否接收 PROXY protocol。

PROXY protocolopen in new window 专用于传递请求的真实来源 IP 和端口,若你不了解它,请先忽略该项

常见的反代软件(如 HAProxy、Nginx)都可以配置发送它,VLESS fallbacks xver 也可以发送它。

填写 true 时,最底层 TCP 连接建立后,请求方必须先发送 PROXY protocol v1 或 v2,否则连接会被关闭。

tcpKeepAliveInterval: number

TCP 保持活跃的数据包发送间隔,单位为秒。该设置仅适用于 Linux 下。

它是连接不正常(未收到 ack)时候的心跳包。

不配置此项或配置为 0 表示使用 Go 默认值。

提示

填负数时,如 -1,不启用 TCP 保持活跃。

tcpKeepAliveIdle: number

TCP 空闲时间阈值,单位为秒。当 TCP 连接空闲时间达到这个阈值时,将开始发送 Keep-Alive 探测包。

它是连接正常时候的心跳包。

不配置此项或配置为 0 表示使用 Go 默认值。

提示

填负数时,如 -1,不启用 TCP 保持活跃。

tcpUserTimeout: number

单位为毫秒。

tcpcongestion: ""

TCP 拥塞控制算法。仅支持 Linux。 不配置此项表示使用系统默认值。

常见的算法

  • bbr(推荐)
  • cubic
  • reno

提示

执行命令 sysctl net.ipv4.tcp_congestion_control 获取系统默认值。

interface: ""

指定绑定出口网卡名称 仅支持 linux。

最近更改: 2023/8/19 19:28:56
Contributors: JimhHan, Jim Han, yuhan6665, xqzr, tdjnodj, Binbin Qian, Daniel Ding, Kobe Arthur Scofield, KoriIku, Winston2084, chika0801, flowerinsnow, lxsq, pvqogw, 风扇滑翔翼
- + diff --git a/config/transports/domainsocket.html b/config/transports/domainsocket.html index e0fc3c5ae1..953757e6c5 100644 --- a/config/transports/domainsocket.html +++ b/config/transports/domainsocket.html @@ -5,7 +5,7 @@ Domain Socket | Project X - + @@ -15,6 +15,6 @@ "padding": false }
1
2
3
4
5

path: string

一个合法的文件路径。

警告

在运行 Xray 之前,这个文件必须不存在。

abstract: true | false

是否为 abstract domain socket,默认值 false

padding: true | false

abstract domain socket 是否带 padding,默认值 false

- + diff --git a/config/transports/grpc.html b/config/transports/grpc.html index 090fad74f5..9623b6b1f5 100644 --- a/config/transports/grpc.html +++ b/config/transports/grpc.html @@ -5,7 +5,7 @@ gRPC | Project X - + @@ -19,6 +19,6 @@ "initial_windows_size": 0 }
1
2
3
4
5
6
7
8
9

serviceName: string

一个字符串,指定服务名称,类似于 HTTP/2 中的 Path。 客户端会使用此名称进行通信,服务端会验证服务名称是否匹配。

user_agent: string

提示

只需出站客户端)配置。

设置 gRPC 的用户代理,可能能防止某些 CDN 阻止 gRPC 流量。

multiMode: true | false BETA

true 启用 multiMode,默认值为: false

这是一个 实验性 选项,可能不会被长期保留,也不保证跨版本兼容。此模式在 测试环境中 能够带来约 20% 的性能提升,实际效果因传输速率不同而不同。

提示

只需出站客户端)配置。

idle_timeout: number

单位秒,当这段时间内没有数据传输时,将会进行健康检查。如果此值设置为 10 以下,将会使用 10,即最小值。

提示

如果没有使用 Caddy 或 Nginx 等反向代理工具(通常不会),设为 60 以下,服务端可能发送意外的 h2 GOAWAY 帧以关闭现有连接。

健康检查默认不启用

提示

只需出站客户端)配置。

提示

可能会解决一些“断流”问题。

health_check_timeout: number

单位秒,健康检查的超时时间。如果在这段时间内没有完成健康检查,且仍然没有数据传输时,即认为健康检查失败。默认值为 20

提示

只需出站客户端)配置。

permit_without_stream: true | false

true 允许在没有子连接时进行健康检查。默认值为 false

提示

只需出站客户端)配置。

initial_windows_size: number

h2 Stream 初始窗口大小。当值小于等于 0 时,此功能不生效。当值大于 65535 时,动态窗口机制(Dynamic Window)会被禁用。默认值为 0,即不生效。

提示

只需出站客户端)配置。

提示

通过 Cloudflare CDN 时,可将值设为 65536 及以上,即禁用动态窗口机制(Dynamic Window),可防止 Cloudflare CDN 发送意外的 h2 GOAWAY 帧以关闭现有连接。

- + diff --git a/config/transports/h2.html b/config/transports/h2.html index 2b6be70c36..f53d0fcaf0 100644 --- a/config/transports/h2.html +++ b/config/transports/h2.html @@ -5,7 +5,7 @@ HTTP/2 | Project X - + @@ -20,6 +20,6 @@ } }
1
2
3
4
5
6
7
8
9
10

host: [string]

一个字符串数组,每一个元素是一个域名。

客户端会随机从列表中选出一个域名进行通信,服务器会验证域名是否在列表中。

path: string

HTTP 路径,由 / 开头, 客户端和服务器必须一致。

默认值为 "/"

read_idle_timeout: number

单位秒,当这段时间内没有接收到数据时,将会进行健康检查。

健康检查默认不启用

提示

只需出站客户端)配置。

提示

可能会解决一些“断流”问题。

health_check_timeout: number

单位秒,健康检查的超时时间。如果在这段时间内没有完成健康检查,即认为健康检查失败。默认值为 15

提示

只需出站客户端)配置。

method: string

HTTP 方法。默认值为 "PUT"

设置时应参照此处open in new window列出值。

headers: map{ string: [string] }

自定义 HTTP 头,一个键值对,每个键表示一个 HTTP 头名称,对应值为一个数组。

- + diff --git a/config/transports/mkcp.html b/config/transports/mkcp.html index 5d03d1a59e..f72864672b 100644 --- a/config/transports/mkcp.html +++ b/config/transports/mkcp.html @@ -5,7 +5,7 @@ mKCP | Project X - + @@ -26,6 +26,6 @@ "type": "none" }
1
2
3

type: string

伪装类型,可选的值有:

  • "none":默认值,不进行伪装,发送的数据是没有特征的数据包。
  • "srtp":伪装成 SRTP 数据包,会被识别为视频通话数据(如 FaceTime)。
  • "utp":伪装成 uTP 数据包,会被识别为 BT 下载数据。
  • "wechat-video":伪装成微信视频通话的数据包。
  • "dtls":伪装成 DTLS 1.2 数据包。
  • "wireguard":伪装成 WireGuard 数据包。(并不是真正的 WireGuard 协议)

鸣谢

对 KCP 协议的改进

更小的协议头

原生 KCP 协议使用了 24 字节的固定头部,而 mKCP 修改为数据包 18 字节,确认(ACK)包 16 字节。更小的头部有助于躲避特征检查,并加快传输速度。

另外,原生 KCP 的单个确认包只能确认一个数据包已收到,也就是说当 KCP 需要确认 100 个数据已收到时,它会发出 24 * 100 = 2400 字节的数据。其中包含了大量重复的头部数据,造成带宽的浪费。mKCP 会对多个确认包进行压缩,100 个确认包只需要 16 + 2 + 100 * 4 = 418 字节,相当于原生的六分之一。

确认包重传

原生 KCP 协议的确认(ACK)包只发送一次,如果确认包丢失,则一定会导致数据重传,造成不必要的带宽浪费。而 mKCP 会以一定的频率重发确认包,直到发送方确认为止。单个确认包的大小为 22 字节,相比起数据包的 1000 字节以上,重传确认包的代价要小得多。

连接状态控制

mKCP 可以有效地开启和关闭连接。当远程主机主动关闭连接时,连接会在两秒钟之内释放;当远程主机断线时,连接会在最多 30 秒内释放。

原生 KCP 不支持这个场景。

- + diff --git a/config/transports/quic.html b/config/transports/quic.html index 8545c07e20..30ba25bd6b 100644 --- a/config/transports/quic.html +++ b/config/transports/quic.html @@ -5,7 +5,7 @@ QUIC | Project X - + @@ -20,6 +20,6 @@ "type": "none" }
1
2
3

type: string

伪装类型,可选的值有:

  • "none":默认值,不进行伪装,发送的数据是没有特征的数据包。
  • "srtp":伪装成 SRTP 数据包,会被识别为视频通话数据(如 FaceTime)。
  • "utp":伪装成 uTP 数据包,会被识别为 BT 下载数据。
  • "wechat-video":伪装成微信视频通话的数据包。
  • "dtls":伪装成 DTLS 1.2 数据包。
  • "wireguard":伪装成 WireGuard 数据包。(并不是真正的 WireGuard 协议)

提示

当加密和伪装都不启用时,数据包即为原始的 QUIC 数据包,可以与其它的 QUIC 工具对接。 为了避免被探测,建议加密或伪装至少开启一项。

- + diff --git a/config/transports/tcp.html b/config/transports/tcp.html index 74e26cd1db..3333ae3dde 100644 --- a/config/transports/tcp.html +++ b/config/transports/tcp.html @@ -5,7 +5,7 @@ TCP | Project X - + @@ -50,6 +50,6 @@ } }
1
2
3
4
5
6
7
8
9
10
11

version: string

HTTP 版本,默认值为 "1.1"

status: string

HTTP 状态,默认值为 "200"

reason: string

HTTP 状态说明,默认值为 "OK"

headers: map {string, [ string ]}

HTTP 头,一个键值对,每个键表示一个 HTTP 头的名称,对应的值是一个数组。

每次请求会附上所有的键,并随机选择一个对应的值。默认值见上方示例。

- + diff --git a/config/transports/websocket.html b/config/transports/websocket.html index 887225014d..32cf5ceda2 100644 --- a/config/transports/websocket.html +++ b/config/transports/websocket.html @@ -5,7 +5,7 @@ WebSocket | Project X - + @@ -17,6 +17,6 @@ } }
1
2
3
4
5
6
7

acceptProxyProtocol: true | false

仅用于 inbound,指示是否接收 PROXY protocol。

PROXY protocolopen in new window 专用于传递请求的真实来源 IP 和端口,若你不了解它,请先忽略该项

常见的反代软件(如 HAProxy、Nginx)都可以配置发送它,VLESS fallbacks xver 也可以发送它。

填写 true 时,最底层 TCP 连接建立后,请求方必须先发送 PROXY protocol v1 或 v2,否则连接会被关闭。

path: string

WebSocket 所使用的 HTTP 协议路径,默认值为 "/"

如果路径中包含 ed 参数,将会启用 Early Data 以降低延迟,其值为首包长度阈值。如果首包长度超过此值,就不会启用 Early Data。建议的值为 2048。

注意

Early Data 使用 Sec-WebSocket-Protocol 头承载数据。如果你遇到兼容性问题,可以尝试调低阈值。

headers: map {string: string}

自定义 HTTP 头,一个键值对,每个键表示一个 HTTP 头的名称,对应的值是字符串。

默认值为空。

Browser Dialer

使用浏览器处理 TLS,详见 Browser Dialer

- + diff --git a/development/index.html b/development/index.html index 7c9d869f1a..a3470dece7 100644 --- a/development/index.html +++ b/development/index.html @@ -5,11 +5,11 @@ 开发指南 | Project X - +

开发指南

编译文档

Xray 支持各种平台, 您可以在多种平台上自行进行交叉编译。

请点击编译文档以查看具体编译相关内容。

设计思路

Xray 内核提供了一个平台,在其之上可以进二次开发。

这个章节阐述了 Xray 的设计目标和架构。

请点击设计思路以了解 Xray 的设计目标和架构。

开发规范

这个章节阐述了获取代码,进行开发,提交 PR 的流程中需要遵循的准则, 以及相关的编码规范。

请点击开发规范查看 Xray 开发中应遵循的准则。

协议详解

Xray 用到了很多种协议, 您可以通过各种途径获得协议的详细描述。

VLESS 协议

VLESS 是一个无状态的轻量传输协议,可以作为 Xray 客户端和服务器之间的桥梁。

VMess 协议

VMess 是一个加密传输协议,可以作为 Xray 客户端和服务器之间的桥梁。

Mux.Cool 协议

Mux.Cool 协议是一个多路复用传输协议,用于在一条已建立的数据流中传输多个各自独立的数据流。

mKCP 协议

mKCP 是流式传输协议,由 KCP 协议open in new window修改而来,可以按顺序传输任意的数据流。

- + diff --git a/development/intro/compile.html b/development/intro/compile.html index 85814b165b..ddefe6ec3e 100644 --- a/development/intro/compile.html +++ b/development/intro/compile.html @@ -5,7 +5,7 @@ 编译文档 | Project X - + @@ -21,6 +21,6 @@ go build -o xray -trimpath -ldflags "-s -w -buildid=" ./main
1
2
3
4
5

上传到服务器后,记得在服务器终端内执行 chmod +x xray

提示

执行 go tool dist list 查看所有支持的系统与架构。

可复现构建:

按照上述步骤,能够编译与 Release 中完全相同的二进制文件。

注意

请先确认您使用的 Golang 版本与编译 Release 的一致。

- + diff --git a/development/intro/design.html b/development/intro/design.html index b11353590a..bd7904af71 100644 --- a/development/intro/design.html +++ b/development/intro/design.html @@ -5,11 +5,11 @@ 设计目标 | Project X - +

设计目标

  • Xray 内核提供了一个平台,支持必要的网络代理功能,在其之上可以进二次开发,以提供更好的用户体验;
  • 以跨平台为首要原则,以减少二次开发的成本;

架构

Architecture

内核分为三层:应用层、代理层和传输层。

每一层内包含数个模块,模块间互相独立,同类型的模块可无缝替换。

应用层

应用层包含一些代理层中常用的功能,这些功能被抽象出来,以便在不同的代理模块中复用。

应用层的模块应为纯软件实现,与硬件或平台相关的技术无关。

重要模块列表:

  • Dispatcher: 用于把入站代理所接收到的数据,传送给出站代理;
  • Router: 路由模块,详见 路由配置
  • DNS: 内置的 DNS 服务器模块;
  • Proxy Manager: 代理管理器;

代理层

代理层分为两部分:入站代理(Inbound Proxy)和出站代理(Outbound Proxy)。

两部分相互独立,入站代理不依赖于某个特定的出站代理,反之亦然。

入站代理

出站代理

传输层

传输层提供一些网络数据传输相关的工具模块。

- + diff --git a/development/intro/guide.html b/development/intro/guide.html index b59d11d112..ca2a710bfd 100644 --- a/development/intro/guide.html +++ b/development/intro/guide.html @@ -5,7 +5,7 @@ 开发规范 | Project X - + @@ -21,6 +21,6 @@ │ ├── vmess ├── transport // 传输模块
1
2
3
4
5
6
7
8
9
10
11

编码规范

基本与 Golang 官方所推荐做法一致,有一些例外。写在这里以方便大家熟悉 Golang。

命名

  • 文件和目录名尽量使用单个英文单词,比如 hello.go;
    • 如果实在没办法,则目录使用连接线/文件名使用下划线连接两个(或多个单词),比如 hello-world/hello_again.go;
    • 测试代码使用 _test.go 结尾;
  • 类型使用 Pascal 命名法,比如 ConnectionHandler;
    • 对缩写不强制小写,即 HTML 不必写成 Html;
  • 公开成员变量也使用 Pascal 命名法;
  • 私有成员变量使用 小驼峰式命名法open in new window ,如 privateAttribute
  • 为了方便重构,方法建议全部使用 Pascal 命名法;
    • 完全私有的类型放入 internal

内容组织

  • 一个文件包含一个主要类型,及其相关的私有函数等;
  • 测试相关的文件,如 Mock 等工具类,放入 testing 子目录。
- + diff --git a/development/protocols/mkcp.html b/development/protocols/mkcp.html index 1ebd567591..21dc61e382 100644 --- a/development/protocols/mkcp.html +++ b/development/protocols/mkcp.html @@ -5,11 +5,11 @@ mKCP 协议 | Project X - +

mKCP 协议

mKCP 是流式传输协议,由 KCP 协议open in new window 修改而来,可以按顺序传输任意的数据流。

版本

mKCP 没有版本号,不保证版本之间兼容性。

依赖

底层协议

mKCP 是一个基于 UDP 的协议,所有通讯使用 UDP 传输。

函数

  • fnv: FNV-1aopen in new window 哈希函数
    • 输入参数为任意长度的字符串;
    • 输入出一个 32 位无符号整数;

通讯过程

  1. mKCP 将数据流拆成若干个数据包进行发送。一个数据流有一个唯一标识,用以区分不同的数据流。数据流中的每一个数据包都携带了同样的标识。
  2. mKCP 没有握手过程,当收到一个数据包时,根据其携带的数据流的标识来判断是否为新的通话,或是正在进行中的通话。
  3. 每一个数据包中包含若干个片段(Segment),片段分为三类:数据(Data)、确认(ACK)、心跳(Ping)。每个片段需要单独处理。

数据格式

数据包

4 字节2 字节L 字节
认证信息 A数据长度 L片段部分

其中:

  • 认证信息 A = fnv(片段部分),big endian;
  • 片段部分可能包含多个片段;

数据片段

2 字节1 字节1 字节4 字节4 字节4 字节2 字节Len 字节
标识 Conv指令 Cmd选项 Opt时间戳 Ts序列号 Sn未确认序列号 Una长度 Len数据

其中:

  • 标识 Conv: mKCP 数据流的标识
  • 指令 Cmd: 常量 0x01
  • 选项 Opt: 可选的值有:
    • 0x00: 空选项
    • 0x01: 对方已发出所有数据
  • 时间戳 Ts: 当前片段从远端发送出来时的时间,big endian
  • 序列号 Sn: 该数据片段时数据流中的位置,起始片段的序列号为 0,之后每个新片段按顺序加 1
  • 未确认序列号 Una: 远端主机正在发送的,且尚未收到确认的最小的 Sn

确认片段

2 字节1 字节1 字节4 字节4 字节4 字节2 字节Len * 4 字节
标识 Conv指令 Cmd选项 Opt窗口 Wnd下一接收序列号 Sn时间戳 Ts长度 Len已收到的序列号

其中:

  • 标识 Conv: mKCP 数据流的标识
  • 指令 Cmd: 常量 0x00
  • 选项 Opt: 同上
  • 窗口 Wnd: 远端主机可以接收的最大序列号
  • 下一接收序列号 Sn: 远端主机未收到的数据片段中的最小序列号
  • 时间戳 Ts: 远端主机最新收到的数据片段的时间戳,可用于计算延迟
  • 已收到的序列号: 每个 4 字节,表示此序列号的数据已经确认收到

注释:

  • 远程主机期待收到序列号 [Sn, Wnd) 范围内的数据

心跳片段

2 字节1 字节1 字节4 字节4 字节4 字节
标识 Conv指令 Cmd选项 Opt未确认序列号 Una下一接收序列号 Sn延迟 Rto

其中:

  • 标识 Conv: mKCP 数据流的标识
  • 指令 Cmd: 可选的值有
    • 0x02: 远端主机强行终止会话
    • 0x03: 正常心跳
  • 选项 Opt: 同上
  • 未确认序列号 Una: 同数据片段的 Una
  • 下一接收序列号 Sn: 同确认片段的 Sn
  • 延迟 Rto: 远端主机自己计算出的延迟
- + diff --git a/development/protocols/muxcool.html b/development/protocols/muxcool.html index c8379bff06..ffb191773f 100644 --- a/development/protocols/muxcool.html +++ b/development/protocols/muxcool.html @@ -5,11 +5,11 @@ Mux.Cool 协议 | Project X - +

Mux.Cool 协议

Mux.Cool 协议是一个多路复用传输协议,用于在一条已建立的数据流中传输多个各自独立的数据流。

版本

当前版本是 1 Beta。

依赖

底层协议

Mux.Cool 必须运行在一个已建立的可靠数据流之上。

通讯过程

一个 Mux.Cool 连接中可传输若干个子连接,每个子连接有一个独立的 ID 和状态。传输过程由帧(Frame)组成,每一帧用于传输一个特定的子连接的数据。

客户端行为

当有连接需求时并且没有现有可用的连接时,客户端向服务器发起一个新连接,以下称为“主连接”。

  1. 一个主连接可用于发送若干个子连接。客户端可自主决定主连接可承载的子连接数量。
  2. 对于一个新的子连接,客户端必须发送状态New以通知服务器建立子连接,然后使用状态Keep来传送数据。
  3. 当子连接结束时,客户端发送End状态来通知服务器关闭子连接。
  4. 客户端可自行决定何时关闭主连接,但必须确定服务器也同时保持连接。
  5. 客户端可使用 KeepAlive 状态来避免服务器关闭主连接。

服务器端行为

当服务器端接收到新的子连接时,服务器应当按正常的连接来处理。

  1. 当收到状态End时,服务器端可以关闭对目标地址的上行连接。
  2. 在服务器的响应中,必须使用与请求相同的 ID 来传输子连接的数据。
  3. 服务器不能使用New状态。
  4. 服务器可使用 KeepAlive 状态来避免客户端关闭主连接。

传输格式

Mux.Cool 使用对称传输格式,即客户端和服务器发送和接收相同格式的数据。

帧格式

2 字节L 字节X 字节
元数据长度 L元数据额外数据

元数据

元数据有若干种类型。所有类型的元数据都包含 ID 和 Opt 两项,其含义为:

  • ID: 子连接的唯一标识
  • Opt:
    • D(0x01): 有额外数据

当选项 Opt(D) 开启时,额外数据格式如下:

2 字节X-2 字节
长度 X-2数据

新建子连接 (New)

2 字节1 字节1 字节1 字节2 字节1 字节A 字节8 字节
ID0x01选项 Opt网络类型 N端口地址类型 T地址 AGlobal ID (XUDP)

其中:

  • 网络类型 N:
    • 0x01:TCP,表示当前子连接的流量应当以 TCP 的方式发送至目标。
    • 0x02:UDP,表示当前子连接的流量应当以 UDP 的方式发送至目标。
  • 地址类型 T:
    • 0x01:IPv4
    • 0x02:域名
    • 0x03:IPv6
  • 地址 A:
    • 当 T = 0x01 时,A 为 4 字节 IPv4 地址;
    • 当 T = 0x02 时,A 为 1 字节长度(L) + L 字节域名;
    • 当 T = 0x03 时,A 为 16 字节 IPv6 地址;
  • Global ID (XUDP):
    • 客户端计算出 UDP 来源二元组的全局独特 ID,服务端用以确保当 XUDP 断线重连时,仍使用同一个端口与目标通信。

在新建子连接时,若 Opt(D) 开启,则这一帧所带的数据需要被发往目标主机。

保持子连接 (Keep)

TCP

2 字节1 字节1 字节
ID0x02选项 Opt

UDP

2 字节1 字节1 字节1 字节2 字节1 字节A 字节
ID0x02选项 Opt网络类型 N端口地址类型 T地址 A

在保持子连接时,若 Opt(D) 开启,则这一帧所带的数据需要被发往目标主机。 XUDP 在 Opt(D) 之后加 UDP 地址,格式同新建子连接,但没有 Global ID。

关闭子连接 (End)

2 字节1 字节1 字节
ID0x03选项 Opt

在保持子连接时,若 Opt(D) 开启,则这一帧所带的数据需要被发往目标主机。

保持连接 (KeepAlive)

2 字节1 字节1 字节
ID0x04选项 Opt

在保持连接时:

  • 若 Opt(D) 开启,则这一帧所带的数据必须被丢弃。
  • ID 可为随机值。

应用

Mux.Cool 协议与底层协议无关,理论上可以使用任何可靠的流式连接来传输 Mux.Cool 的协议数据。

在目标导向的协议如 Shadowsocks 和 VMess 协议中,连接建立时必须包含一个指定的地址。 为了保持兼容性,Mux.Cool 协议指定地址为“v1.mux.cool”。即当主连接的目标地址与之匹配时,则进行 Mux.Cool 方式的转发,否则按传统方式进行转发。(注:这是一个程序内的标记,VMess 和 VLESS 并不会在数据包中发送“v1.mux.cool”地址)

- + diff --git a/development/protocols/vless.html b/development/protocols/vless.html index 602cf62ee2..1da891d08f 100644 --- a/development/protocols/vless.html +++ b/development/protocols/vless.html @@ -5,11 +5,11 @@ VLESS 协议 | Project X - +

VLESS 协议

VLESS 是一个无状态的轻量传输协议,可以作为 Xray 客户端和服务器之间的桥梁。

Request & Response

1 字节16 字节1 字节M 字节1 字节2 字节1 字节S 字节X 字节
协议版本等价 UUID附加信息长度 M附加信息 ProtoBuf指令端口地址类型地址请求数据
1 字节1 字节N 字节Y 字节
协议版本,与请求的一致附加信息长度 N附加信息 ProtoBuf响应数据

VLESS 早在第二个测试版 ALPHA 2 时就已经是上述结构了(BETA 是第五个测试版):

“响应认证”被替换为“协议版本”并移至最前,使 VLESS 可以升级换代,同时消除了生成伪随机数的开销。混淆相关结构被替换为附加信息(ProtoBuf)并前移,赋予协议本身可扩展性,相关开销也极小(gogo/protobufopen in new window),若无附加信息则无相关开销。

我一直觉得“响应认证”不是必要的,ALPHA 时为了提升生成随机数的性能,还用 math/rand 替换 crypto/rand,而现在都不需要了。

“协议版本”不仅能起到“响应认证”的作用,还赋予了 VLESS 无痛升级协议结构的能力,带来无限的可能性。 “协议版本”在测试版本中均为 0,正式版本中为 1,以后若有不兼容的协议结构变更则应升级版本。

VLESS 服务端的设计是 switch version,即同时支持所有 VLESS 版本。若需要升级协议版本(可能到不了这一步),推荐的做法是服务端提前一个月支持,一个月后再改客户端。VMess 请求也有协议版本,但它的认证信息在外面,指令部分则高度耦合且有固定加密,导致里面的协议版本毫无意义,服务端也没有进行判断,响应则没有协议版本。Trojan 的协议结构中没有协议版本。

接下来是 UUID,我本来觉得 16 字节有点长,曾经考虑过缩短它,但后来看到 Trojan 用了 56 个可打印字符(56 字节),就彻底打消了这个念头。服务端每次都要验证 UUID,所以性能也很重要:VLESS 的 Validator 经历了多次重构/升级,相较于 VMess,它十分简洁且耗资源很少,可以同时支持非常多的用户,性能也十分强悍,验证速度极快(sync.Map)。API 动态增删用户则更高效顺滑。 https://github.com/XTLS/Xray-core/issues/158

引入 ProtoBuf 是一个创举,等下会详细讲解。“指令”到“地址”的结构目前与 VMess 完全相同,同样支持 Mux。

总体上,ALPHA 2 到 BETA 主要是:结构进化、清理整合、性能提升、更加完善。这些都是一点一滴的,详见 VLESS Changesopen in new window

ProtoBuf

似乎只有 VLESS 可选内嵌 ProtoBuf,它是一种数据交换格式,信息被紧密编码成二进制,TLV 结构(Tag Length Value)。

起因是我看到一篇文章称 SS 有一些缺点,如没有设计错误回报机制,客户端没办法根据不同的错误采取进一步的动作。 (但我并不认同所有错误都要回报,不然防不了主动探测。下一个测试版中,服务器可以返回一串自定义信息。) 于是想到一个可扩展的结构是很重要的,未来它也可以承载如动态端口指令。不止响应,请求也需要类似的结构。 本来打算自己设计 TLV,接着发觉 ProtoBuf 就是此结构、现成的轮子,完全适合用来做这件事,各语言支持等也不错。

目前“附加信息”只有 Scheduler 和 SchedulerV,它们是 MessName 和 MessSeed 的替代者,当你不需要它们时,“附加信息长度”为 0,也就不会有 ProtoBuf 序列化/反序列化的开销。其实我更愿意称这个过程为“拼接”,因为 pb 实际原理上也只是这么做而已,相关开销极小。拼接后的 bytes 十分紧凑,和 ALPHA 的方案相差无几,有兴趣的可以分别输出并对比。

为了指示对附加信息(Addons,也可以理解成插件,以后可以有很多个插件)的不同支持程度,下个测试版会在“附加信息长度”前新增“附加信息版本”。256 - 1 = 255 字节是够用且合理的(65535 就太多了,还可能有人恶意填充),现有的只用了十分之一,以后也不会同时有那么多附加信息,且大多数情况下是完全没有附加信息的。真不够用的话,可以升级 VLESS 版本。

为了减少逻辑判断等开销,暂定 Addons 不使用多级结构。一个月前出现过“可变协议格式”的想法,pb 是可以做到打乱顺序,但没必要,因为现代加密的设计不会让旁观者看出两次传输的头部相同。

下面介绍 Schedulers 和 Encryption 的构想,它们都是可选的,一个应对流量时序特征问题,一个应对密码学上的问题。

Schedulers Flow

中文名暂称:流量调度器(2020-09-03 更新:中文名确定为“流控”),指令由 ProtoBuf 承载,控制的是数据部分。

我之前发现,VMess 原有的 shake “元数据混淆”在 TLS 上完全不会带来有意义的改变,只会降低性能,所以 VLESS 弃用了它。并且,“混淆”这个表述容易被误解成伪装,也弃用了。顺便一提,我一直是不看好伪装的:做不到完全一样,那不就是强特征吗?做得到完全一样,那为什么不直接用伪装目标?我一开始用的是 SSR,后来发现它只是表面伪装骗运营商,就再也没用过了。

那么,“流量调度器”要解决什么问题?它影响的是宏观流量时序特征,而不是微观特征,后者是加密要解决的事情。流量时序特征可以是协议带来的,比如 Socks5 over TLS 时的 Socks5 握手 ,TLS 上不同的这种特征对于监测者来说就是不同的协议,此时无限 Schedulers 就相当于无限协议(重新分配每次发送的数据量大小等)。流量时序特征也可以是行为带来的,比如访问 Google 首页时加载了多少文件、顺序、每个文件的大小,多套一层加密并不能有效掩盖这些信息。

Schedulers 没必要像下面的 Encryption 一样整个套在外面,因为头部的一丁点数据相对于后面的数据量来说太微不足道了。

BETA 2 预计推出两个初级的 Scheduler:Zstd 压缩、数据量动态扩充。进阶操作才是从宏观层面来控制、分配,暂时咕咕。

Encryption

与 VMess 的高度耦合不同,VLESS 的服务端、客户端不久后可以提前约定好加密方式,仅在外面套一层加密。这有点类似于使用 TLS,不影响承载的任何数据,也可以理解成底层就是从 TLS 换成预设约定加密。相对于高度耦合,这种方式更合理且灵活:一种加密方式出了安全性问题,直接扔掉并换用其它的就行了,十分方便。VLESS 服务端还会允许不同的加密方式共存。

对比 VMess,VLESS 相当于把 security 换成 encryption,把 disableInsecureEncryption 换成 decryption,就解决了所有问题。目前 encryption 和 decryption 只接受 "none" 且不能留空(即使以后有连接安全性检查),详见 VLESS 配置文档open in new window。encryption 并不需要往外移一级,一是因为无法复用很多代码,二是因为会影响控制粒度,看未来的应用就明白了。

加密支持两类形式,一类是加密完全独立,需要额外密码,适合私用,另一类是结合已有的 UUID 来加密,适合公用。 (若用第一类加密形式,且密码是以某种形式公开的,比如多人共用,那么中间人攻击就不远了) 重新设计的动态端口可能会随加密同时推出,指令由 ProtoBuf 承载,具体实现和 VMess 的动态端口也会有很多不同。

套现成加密是件很简单的事情,也就多一层 writer & reader。BETA 3 预计支持 SS 的 aes-128-gcm 和 chacha20-ietf-poly1305: 客户端的 encryption 可以填 “auto: ss_aes-128-gcm_0_123456, ss_chacha20-ietf-poly1305_0_987654”,auto 会选择最适合当前机器的,0 代表测试版,最后的是密码。服务端的 decryption 也是类似填法,收到请求时会逐一尝试解密。

并不是所有组合都需逐一尝试:VMess 的加密分为三段,第一段是认证信息,结合了 UUID、alterId、时间因素,第二段是指令部分,以固定算法加密,指令中含有数据部分使用的加密算法,第三段才是重要的数据部分。可以看出,VMess 的加解密方式实际上是多对一(服务端适配),而不仅是结合 UUID。但仅是结合 UUID 来加密也是件相对麻烦的事情,短时间内不会出,鉴于我们现在有 VMessAEAD 可用,也并不着急。若 VLESS 推出了结合 UUID 的加密方式,相当于重构了整个 VMess。

UDP issues

XUDP:VLESS & VMess & Mux UDP FullCone NATopen in new window

客户端开发指引

  1. VLESS 协议本身还会有不兼容升级,但客户端配置文件参数基本上是只增不减的。iOS 客户端的协议实现则需紧跟升级。
  2. 视觉标准:UI 标识请统一用 VLESS,而不是 VLess / Vless / vless,配置文件不受影响,代码内则顺其自然。
  3. encryption 应做成输入框而不是选择框,新配置的默认值应为 none,若用户置空则应代填 none

VLESS 分享链接标准

感谢 a @DuckSoftopen in new window 的提案!

详情请见 VMessAEAD / VLESS 分享链接标准提案open in new window

- + diff --git a/development/protocols/vmess.html b/development/protocols/vmess.html index 23f2a48234..e1a3d650e2 100644 --- a/development/protocols/vmess.html +++ b/development/protocols/vmess.html @@ -5,11 +5,11 @@ VMess 协议 | Project X - +

VMess 协议

VMess 是一个加密传输协议,可以作为 Xray 客户端和服务器之间的桥梁。

版本

当前版本号为 1。

依赖

底层协议

VMess 是一个基于 TCP 的协议,所有数据使用 TCP 传输。

用户 ID

ID 等价于 UUIDopen in new window,是一个 16 字节长的随机数,它的作用相当于一个令牌(Token)。 一个 ID 形如:de305d54-75b4-431b-adb2-eb6b9e546014,几乎完全随机,可以使用任何的 UUID 生成器来生成,比如这个open in new window

用户 ID 可在配置文件中指定。

函数

通讯过程

VMess 是一个无状态协议,即客户端和服务器之间不需要握手即可直接传输数据,每一次数据传输对之前和之后的其它数据传输没有影响。

VMess 的客户端发起一次请求,服务器判断该请求是否来自一个合法的客户端。如验证通过,则转发该请求,并把获得的响应发回给客户端。

VMess 使用非对称格式,即客户端发出的请求和服务器端的响应使用了不同的格式。

客户端请求

16 字节X 字节余下部分
认证信息指令部分数据部分

认证信息

认证信息是一个 16 字节的哈希(hash)值,它的计算方式如下:

  • H = MD5
  • K = 用户 ID (16 字节)
  • M = UTC 时间,精确到秒,取值为当前时间的前后 30 秒随机值(8 字节, Big Endian)
  • Hash = HMAC(H, K, M)

指令部分

指令部分经过 AES-128-CFB 加密:

  • Key:MD5(用户 ID + []byte('c48619fe-8f02-49e0-b9e9-edf763e17e21'))
  • IV:MD5(X + X + X + X),X = []byte(认证信息生成的时间) (8 字节, Big Endian)
1 字节16 字节16 字节1 字节1 字节4 位4 位1 字节1 字节2 字节1 字节N 字节P 字节4 字节
版本号 Ver数据加密 IV数据加密 Key响应认证 V选项 Opt余量 P加密方式 Sec保留指令 Cmd端口 Port地址类型 T地址 A随机值校验 F

选项 Opt 细节:(当某一位为 1 时,表示该选项启用)

01234567
XXXXXMRS

其中:

  • 版本号 Ver:始终为 1;
  • 数据加密 IV:随机值;
  • 数据加密 Key:随机值;
  • 响应认证 V:随机值;
  • 选项 Opt:
    • S (0x01):标准格式的数据流(建议开启);
    • R (0x02):客户端期待重用 TCP 连接(Xray 2.23+ 弃用);
      • 只有当 S 开启时,这一项才有效;
    • M (0x04):开启元数据混淆(建议开启);
      • 只有当 S 开启时,这一项才有效;
      • 当其项开启时,客户端和服务器端需要分别构造两个 Shake 实例,分别为 RequestMask = Shake(请求数据 IV), ResponseMask = Shake(响应数据 IV)。
    • X:保留
  • 余量 P:在校验值之前加入 P 字节的随机值;
  • 加密方式:指定数据部分的加密方式,可选的值有:
    • 0x00:AES-128-CFB;
    • 0x01:不加密;
    • 0x02:AES-128-GCM;
    • 0x03:ChaCha20-Poly1305;
  • 指令 Cmd:
    • 0x01:TCP 数据;
    • 0x02:UDP 数据;
  • 端口 Port:Big Endian 格式的整型端口号;
  • 地址类型 T:
    • 0x01:IPv4
    • 0x02:域名
    • 0x03:IPv6
  • 地址 A:
    • 当 T = 0x01 时,A 为 4 字节 IPv4 地址;
    • 当 T = 0x02 时,A 为 1 字节长度(L) + L 字节域名;
    • 当 T = 0x03 时,A 为 16 字节 IPv6 地址;
  • 校验 F:指令部分除 F 外所有内容的 FNV1a hash;

数据部分

当 Opt(S) 开启时,数据部分使用此格式。实际的请求数据被分割为若干个小块,每个小块的格式如下。服务器校验完所有的小块之后,再按基本格式的方式进行转发。

2 字节L 字节
长度 L数据包

其中:

  • 长度 L:Big Endian 格式的整型,最大值为 2^14;
    • 当 Opt(M) 开启时,L 的值 = 真实值 xor Mask。Mask = (RequestMask.NextByte() << 8) + RequestMask.NextByte();
  • 数据包:由指定的加密方式加密过的数据包;

在传输结束之前,数据包中必须有实际数据,即除了长度和认证数据之外的数据。当传输结束时,客户端必须发送一个空的数据包,即 L = 0(不加密) 或认证数据长度(有加密),来表示传输结束。

按加密方式不同,数据包的格式如下:

  • 不加密:
    • L 字节:实际数据;
  • AES-128-CFB:整个数据部分使用 AES-128-CFB 加密
    • 4 字节:实际数据的 FNV1a hash;
    • L - 4 字节:实际数据;
  • AES-128-GCM:Key 为指令部分的 Key,IV = count (2 字节) + IV (10 字节)。count 从 0 开始递增,每个数据包加 1;IV 为 指令部分 IV 的第 3 至第 12 字节。
    • L - 16 字节:实际数据;
    • 16 字节:GCM 认证信息
  • ChaCha20-Poly1305:Key = MD5(指令部分 Key) + MD5(MD5(指令部分 Key)),IV = count (2 字节) + IV (10 字节)。count 从 0 开始递增,每个数据包加 1;IV 为 指令部分 IV 的第 3 至第 12 字节。
    • L - 16 字节:实际数据;
    • 16 字节:Poly1305 认证信息

服务器应答

应答头部数据使用 AES-128-CFB 加密,IV 为 MD5(数据加密 IV),Key 为 MD5(数据加密 Key)。实际应答数据视加密设置不同而不同。

1 字节1 字节1 字节1 字节M 字节余下部分
响应认证 V选项 Opt指令 Cmd指令长度 M指令内容实际应答数据

其中:

  • 响应认证 V:必须和客户端请求中的响应认证 V 一致;
  • 选项 Opt:
    • 0x01:服务器端准备重用 TCP 连接(Xray 2.23+ 弃用);
  • 指令 Cmd:
    • 0x01:动态端口指令
  • 实际应答数据:
    • 如果请求中的 Opt(S) 开启,则使用标准格式,否则使用基本格式。
    • 格式均和请求数据相同。
      • 当 Opt(M) 开启时,长度 L 的值 = 真实值 xor Mask。Mask = (ResponseMask.NextByte() << 8) + ResponseMask.NextByte();

动态端口指令

1 字节2 字节16 字节2 字节1 字节1 字节
保留端口 Port用户 IDAlterID用户等级有效时间 T

其中:

  • 端口 Port:Big Endian 格式的整型端口号;
  • 有效时间 T:分钟数;

客户端在收到动态端口指令时,服务器已开放新的端口用于通信,这时客户端可以将数据发往新的端口。在 T 分钟之后,这个端口将失效,客户端必须重新使用主端口进行通信。

注释

  • 为确保向前兼容性,所有保留字段的值必须为 0。
- + diff --git a/document/command.html b/document/command.html index 89153af60c..1cd3345a08 100644 --- a/document/command.html +++ b/document/command.html @@ -5,7 +5,7 @@ 命令参数 | Project X - + @@ -53,6 +53,6 @@ certChainHash Calculate TLS certificates hash.
1
2
3

xray uuid

生成 UUID。

使用方法:

xray uuid [-i "example"]
 
1

提示

-config 没有指定时,Xray 将先后尝试从以下路径加载 config.json :

  • 工作目录(Working Directory)
  • 环境变量Xray.location.asset 所指定的路径
- + diff --git a/document/config.html b/document/config.html index 3bc5f6d138..b582253032 100644 --- a/document/config.html +++ b/document/config.html @@ -5,7 +5,7 @@ 配置运行 | Project X - + @@ -74,6 +74,6 @@ } }
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44

上述配置唯一要更改的地方是你的服务器 IP,配置中已注明。上述配置会把除局域网(比如访问路由器)以外的所有流量转发至你的服务器。

运行

  • 在 Windows 和 macOS 中,配置文件通常是 Xray 同目录下的 config.json 文件。
    • 直接运行 XrayXray.exe 即可。
  • 在 Linux 中,配置文件通常位于 /etc/xray//usr/local/etc/xray/ 目录下。
    • 运行 xray run -c /etc/xray/config.json
    • 或使用 systemd 等工具将 Xray 作为服务在后台运行。

更多详细的说明可以参考 配置文档小小白话文

- + diff --git a/document/document.html b/document/document.html index d6c66f70a0..93f50de221 100644 --- a/document/document.html +++ b/document/document.html @@ -5,7 +5,7 @@ 为 Project X 的文档贡献 | Project X - + @@ -13,6 +13,6 @@
1
  1. 基于 main 分支创建新的分支, 如:
git checkout -b your-branch
 
1
  1. 在新分支上做修改。

    注:推荐 中文文案排版指北open in new window

  2. 修改完成后,请使用 Prettieropen in new window 格式化您的更改。

    注:存在格式问题的 PR,将有可能被拒绝。

  3. 提交修改,并推送到您的仓库中

git push -u origin your-branch
 
1
  1. 打开 GitHub, 点击 'Pull request' 向 project X 文档仓库open in new window 提交 PR。

  2. 请在 PR 的标题和正文中,概述此次 PR 新增/修改的内容等;

  3. 等待回应, 如果 PR 被 merge, 您做的修改将直接呈现在 Project X 文档网站open in new window

发现问题?

如果您发现文档出错,可以改进文档或提交一个 Issue。

- + diff --git a/document/index.html b/document/index.html index 5215201847..3d110c2c73 100644 --- a/document/index.html +++ b/document/index.html @@ -5,11 +5,11 @@ 快速入门 | Project X - +

快速入门

这个章节将告诉您如何用最简单的方式获得 Xray,并且开始使用 Xray。

下载安装

Xray 支持各种平台,并且您可以从多种渠道和方式获得 Xray 的各种版本。

请点击 如何下载安装 Xray 以获取 Xray

配置运行

下载并安装 Xray 后,只需对他进行配置即可使用。

请点击 如何配置运行 Xray 以学习最简单的配置方式。

命令参数

Xray 有多种命令和参数可用,因此变得灵活和强大。

请点击 Xray 的命令参数 查看 Xray 的更多命令和参数用法。

改进文档

如果你有兴趣,请点击 使用文档 帮助我们改进文档,或者点击页面下方的 帮助我们改善此页面!

我们十分感谢每一位 Contributor 作出的贡献!是你们让 Project X 变得更加强大!

小小白白话文

给予新手指导的使用心得

请点击 小小白白话文 以进行查看。

入门技巧

具备了基础之后,你就可以通过 入门技巧 来探索更多的使用方式了。

进阶文档

给予进阶用户指导的使用技巧

点击 进阶文档 以进行查看

感谢

非常感谢大家无私分享使用技巧和心得, 使得 Xray 日益强大。

- + diff --git a/document/install.html b/document/install.html index 5033846a57..500327ed74 100644 --- a/document/install.html +++ b/document/install.html @@ -5,11 +5,11 @@ 下载安装 | Project X - + -

下载安装

平台支持

Xray 在以下平台中可用:

  • Windows 7 及之后版本(x86 / amd64 / arm32 / arm64);
  • macOS 10.10 Yosemite 及之后版本(amd64 / arm64);
  • Linux 2.6.23 及之后版本(x86 / amd64 / arm / arm64 / mips64 / mips / ppc64 / s390x / riscv64);
    • 包括但不限于 Debian 7 / 8、Ubuntu 12.04 / 14.04 及后续版本、CentOS 7 / 8、Arch Linux 等;
  • FreeBSD (x86 / amd64);
  • OpenBSD (x86 / amd64);
  • Dragonfly BSD (amd64);

下载 Xray

预编译的二进制 ZIP 格式压缩包可在 Github Releasesopen in new window 中找到。

下载对应平台的压缩包,解压后即可使用。

验证安装包

Xray 提供两种验证方式:

  • ZIP 压缩包的 SHA1 / SHA256 摘要
  • 可复现构建:请参照 编译 Xray

Windows 安装方式

macOS 安装方式

Linux 安装方式

安装脚本

Arch Linux

Arch User Repository

需要使用 AUR helpersopen in new window,以 yayopen in new window 为例,可通过 yay -S xray 安装。

Arch Linux CN

首先添加 Arch Linux CN 仓库open in new window,然后在 root 用户下使用 pacman -S xray 安装。

Linuxbrew

Linuxbrew 包管理器的使用方式与 Homebrew 一致:brew install xray

Debian WIP

Gentoo

目前有三个第三方 Overlay 提供 Portage 安装脚本:

使用 layman 或 eselect-repository 添加 Overlay 至本地,然后即可安装。

Docker 安装方式

Docker image 的文件结构

  • /etc/xray/config.json:配置文件
  • /usr/bin/xray:Xray 主程序
  • /usr/local/share/xray/geoip.dat:IP 数据文件
  • /usr/local/share/xray/geosite.dat:域名数据文件

图形化客户端

UUID 生成器

第三方的 UUID 生成器 uuidgenerator.netopen in new window

- +

下载安装

平台支持

Xray 在以下平台中可用:

  • Windows 7 及之后版本(x86 / amd64 / arm32 / arm64);
  • macOS 10.10 Yosemite 及之后版本(amd64 / arm64);
  • Linux 2.6.23 及之后版本(x86 / amd64 / arm / arm64 / mips64 / mips / ppc64 / s390x / riscv64);
    • 包括但不限于 Debian 7 / 8、Ubuntu 12.04 / 14.04 及后续版本、CentOS 7 / 8、Arch Linux 等;
  • FreeBSD (x86 / amd64);
  • OpenBSD (x86 / amd64);
  • Dragonfly BSD (amd64);

下载 Xray

预编译的二进制 ZIP 格式压缩包可在 Github Releasesopen in new window 中找到。

下载对应平台的压缩包,解压后即可使用。

验证安装包

Xray 提供两种验证方式:

  • ZIP 压缩包的 SHA1 / SHA256 摘要
  • 可复现构建:请参照 编译 Xray

Windows 安装方式

macOS 安装方式

Linux 安装方式

安装脚本

Arch Linux

Arch User Repository

需要使用 AUR helpersopen in new window,以 yayopen in new window 为例,可通过 yay -S xray 安装。

Arch Linux CN

首先添加 Arch Linux CN 仓库open in new window,然后在 root 用户下使用 pacman -S xray 安装。

Linuxbrew

Linuxbrew 包管理器的使用方式与 Homebrew 一致:brew install xray

Debian WIP

Gentoo

目前有三个第三方 Overlay 提供 Portage 安装脚本:

使用 layman 或 eselect-repository 添加 Overlay 至本地,然后即可安装。

Docker 安装方式

Docker image 的文件结构

  • /etc/xray/config.json:配置文件
  • /usr/bin/xray:Xray 主程序
  • /usr/share/xray/geoip.dat:IP 数据文件
  • /usr/share/xray/geosite.dat:域名数据文件

图形化客户端

UUID 生成器

第三方的 UUID 生成器 uuidgenerator.netopen in new window

+ diff --git a/document/level-0/ch01-preface.html b/document/level-0/ch01-preface.html index 0d17229266..57b058d560 100644 --- a/document/level-0/ch01-preface.html +++ b/document/level-0/ch01-preface.html @@ -5,11 +5,11 @@ 【第 1 章】 小小白白话文 | Project X - +

【第 1 章】 小小白白话文

1.1 这篇文档是写给谁的?

一句话:写给 ① 零基础 ② 希望学习自建 VPS 的新人。

1.2 这篇文档不是写给谁的?

包括但不限于:各路大神大能、懒得自己折腾的小白、已经会折腾的高手、确定要用机场的土豪、确定要用一键脚本的逍遥派...... 总之只要有技术基础、或不愿不想自建的同学,您直接关闭本文即可,因为这篇文章大概是入不了您的法眼的,更可能会让您生一肚子闲气,那多划不来。

1.3 郑重声明及其他声明

郑重声明:

鄙人技术奇菜无比,故本文必然挂一漏万破绽百出。您若发现问题还请温柔提醒,莫要人参公鸡。

免责声明:

本文内容请您自行判断是否可信可靠可用,若您根据本文内容建立和使用 VPS 服务器时出了任何问题和不良结果,鄙人概不负责。

啰嗦声明:

基于本文【零基础用户】的目标受众,许多内容会尽力详尽说明,所以语言偏啰嗦,请做好心理准备。

1.4 为什么自建是个难题?

要回答这个问题,就需要稍微多说一点背景信息了。

一、科学上网这件事

科学上网这件事情,说来已经发展了近二十年(震惊!!!.jpg)。最初,自己稍微动动手即可(改改 host、连一下 ssh)、后来需要找一个网页代理,再后来需要写一个私有协议(比如 Shadowsocks)等等。

随着 GFW 技术这十几年来不断的迭代升级,若要完成【自己动手科学上网】这个目标,需要做的事情已经包括但不限于:

  • 了解 Linux 系统基本命令
  • 了解网络传输协议
  • 有技术和经济能力完成 VPS 购买及管理
  • 有技术和经济能力完成域名购买及管理
  • 有技术能力完成 TLS 证书申请 等等。

这就让【自建 VPS 科学上网】这个曾经简单的行为逐渐变成了令新人望而生畏的挑战。

二、零基础用户的无奈

零基础的非技术用户,如果完成上面这一连串的操作,势必要学习大量的知识,但稍微搜索之后,新人只怕会更加迷茫:大量的信息散布在互联网的各个角落:博客、问答网站、群组、论坛、GitHub、Telegram、YouTube 等等等等)。这些信息纷乱复杂、水平良莠不齐、甚至可能互相矛盾。基本上就是不把新人彻底弄晕誓不罢休。

面对这些杂乱无章的信息,新人突然就从【信息匮乏】变成了【信息过剩】。若是几番连蒙带猜的折腾以失败告终(大概率如此)的话,他的积极性势必大受挫折。在这个过程中,若他又恰好去了一些不太友好的地方去求助,恐怕还要雪上加霜的被嘲讽一番:“这么菜,用机场不就行了,瞎折腾什么啊!”、“先去学会 Linux 再回来问吧”。

这时候,大概也只有一声“呵呵”可以表达心情了。

1.5 “用机场不就行了?”

首先,我想反问一下那些冷嘲热讽的人:“用机场”真的就是万灵药吗?

其次,我认为“不懂”和“不想懂”是有本质区别的。态度恶劣的巨婴伸手党自然惹人厌烦,但真心自学却不得要领的人不该受到无端的白眼和歧视,也正是这种对新人不加区分的恶劣社区氛围促使我写下本文。那么闲话少说,我们来看看机场的优势与劣势究竟如何:

一、“机场“的优势

所谓“机场”,就是“线路提供商”。他负责完成 1.4 提到的那一串技术操作和管理,用户则付费获得使用权。所以,它的优点至少有:

  1. 用户操作简单:扫码操作、一键添加规则等
  2. 线路选择多:可解锁不同国家、地区的网络服务;比如 iplc 等专线服务、游戏加速服务等
  3. 接入节点多:所以抵抗节点封锁的能力强一些,封了一个就换下一个

二、“机场”的风险

“方便”这枚硬币的另一面就是“风险”,基于“机场”的技术特点和市场情况,它的风险至少有:

  1. “机场”可完全获得用户信息:用户在网上的所有痕迹,都【必然】经过且【非常可能】长期存储在其服务器上,这些记录无法受到任何具备法律效力的用户隐私协议的约束(窥视、记录你的一举一动
  2. “机场”缺乏市场管理:不可避免存在着以欺诈为目标的恶意商家(主动跑路
  3. “机场”面临监管压力:大机场相对有保障的同时,也无法避免树大招风。2020 年间,已经有几个大机场停运、跑路的事件发生,用户的正常使用受到严重干扰(被动跑路
  4. “机场”技术水平难以确定:线路质量良莠不齐,挂羊头卖狗肉的现象屡见不鲜(速度慢、掉线多、连不上

1.6 那么你到底要不要自建呢?

现在,你已经看到了机场的优势和风险,要用什么,就请各位充分思考并自行决定。毕竟,最适合你的方案才是最好的方案。

It's Your Choice!

  1. 如果决定使用机场的话,现在,你可以关闭本文了。

  2. 如果你决定自建,那就请继续阅读后面的章节吧!!

总之,本文的目标就是成为零基础用户的知识起点,提供对每一步充分的讲解和演示,清清楚楚(甚至婆婆妈妈、絮絮叨叨、啰啰嗦嗦)的协助新人完成【从输入第一条命令开始,完成 VPS 服务器部署,并成功在客户端完成科学上网】的全程。并在这个过程中帮助新人逐步接触和熟悉 Linux 的基础操作,为之后的进一步自学打下基础。

1.7 题外啰嗦几句

  1. 墙外的信息泥沙俱下,请务必学会理性、独立的思辨,不要随意站队,不要轻信猎奇的信息。

  2. 衷心希望大家获得更顺畅的网络后,可以获取更新鲜的知识、更丰富的娱乐、接触更美好的世界、结交更多志同道合的朋友,但不要成为任何有不可告人目的之人的替罪羊。

  3. 你的互联网身份依然是你的身份,绝对的匿名化是极为困难的,所以请务必遵守你个人所在地区和 IP 所在地区的相关法律法规。无论何时,自我保护都是最基本的底线。

1.8 你的进度

⬛⬜⬜⬜⬜⬜⬜⬜ 12.5%

- + diff --git a/document/level-0/ch02-preparation.html b/document/level-0/ch02-preparation.html index d1a9caef0b..1c6ffa3329 100644 --- a/document/level-0/ch02-preparation.html +++ b/document/level-0/ch02-preparation.html @@ -5,11 +5,11 @@ 【第 2 章】原料准备篇 | Project X - +

【第 2 章】原料准备篇

这一章比较特殊,因为涉及到金钱交易行为,本文基于项目的中立立场,不做具体的推荐。我能做的,是告诉你需要准备哪些东西。

2.1 获取一台 VPS

你需要获取一台健康的、IP 没有被墙的 VPS,并在管理后台做下面这些基础准备:

  1. 在 VPS 的后台安装 Debian 10 64bit 系统
  2. 小本本记下 VPS 的 IP 地址(本文会用 "100.200.300.400" 来表示)

    提示

    这是一个故意写错的非法 IP,请替换成你的真实 IP)

  3. 小本本记下 VPS 的 SSH 远程登陆端口(Port)
  4. 小本本记下 SSH 远程登录的用户名和密码

购买 VPS 是一个比较复杂的事情,建议先去学习一下相关知识,选择适合自己的经济能力和线路需求的即可。另外可以选择薅一些国际大厂的羊毛(比如甲骨文和谷歌提供的永久免费或限时免费的套餐)。总之,务必量力而行。

说明

关于选择 Debian 10 作为操作系统,这里稍微多说一句:不管你在网上听说了什么,不管哪个大神告诉你 XXX 版的 Linux 更好、XXX 版的 Linux 更牛,这些 Linux 的派系之争跟现在的你半毛钱关系也没有!使用 Debian 10 足以让你的 VPS 服务器在安全、稳健运行的同时得到足够的优化(如 cloud 专用内核、及时的 bbr 支持等)。等你对 Linux 熟悉之后,再回头去尝试其他的 Linux 发行版也不迟。

2.2 获取一个心仪的域名

你需要获取一个域名、并在 DNS 设置中添加一条 A 记录,指向你 VPS 的 IP 地址

  1. 请选择靠谱的国际域名服务商。选择一些常见的域名后缀就行,注意不要用 .cn 后缀。
  2. 在 DNS 设置中,添加一条指向你 VPS 的 IP 地址的 A 记录(A 记录的名字可以随便起,本文会用 "a-name" 来表示。完整的域名则会用 "二级域名.你的域名.com" 或者 "a-name.yourdomain.com" 来表示)。效果如下图:

添加A记录

提示

不是一个真实可用的网址,请替换成你的真实网址

2.3 你本地电脑上需要安装的软件

  1. SSH 远程登录工具

  2. 远程文件拷贝工具

  3. 靠谱的文本编辑器

2.4 你的进度

如果上面的原材料你都准备好了的话,你已经拿到了开启新世界大门的钥匙。那还等什么,让我们快点进入下一章,走进这扇门吧!

⬛⬛⬜⬜⬜⬜⬜⬜ 25%

- + diff --git a/document/level-0/ch03-ssh.html b/document/level-0/ch03-ssh.html index b961953198..fe1059b59e 100644 --- a/document/level-0/ch03-ssh.html +++ b/document/level-0/ch03-ssh.html @@ -5,13 +5,13 @@ 【第 3 章】远程登录篇 | Project X - +

【第 3 章】远程登录篇

3.1 远程登录 VPS (PuTTY)

首先,鉴于零基础人群中 Windows 的用户基数最大,所以本文以 Windows 为例进行展示。

其次,虽然 Windows 10 之后的 PowerShell 和 WSL 也可以达到很好的 SSH 操作体验。但是因为并非所有版本的 Windows 都有最新的组件,故本文还是以老牌的 PuTTY 为例,进行 SSH 远程登录的操作详解。(使用其他工具的话、在 SSH 登陆之后的操作都是一样的)

下面就跟我一步步操作吧。

  1. 进入 PuTTY 的官网open in new window,选择适合你操作系统的版本下载。(本文以 64 位版本为例)

    下载PuTTY

  2. 安装运行后,将会看到 PuTTY 的主界面。现在请拿出你上一章记东西的小本本,在下图的对应位置填入你 VPS 的IP 地址(VPS IP)端口(VPS PORT)。为了方便以后使用时不用重复输入,我们可以保存会话 (Saved Sessions),未来使用时只要按 Load 即可一键载入设置。

    设置PuTTY

  3. 我建议将 Connection 中的 keepalive 设置为 60 秒,防止你一段时间没有操作之后 SSH 自动断线。另外务必再次保存设置。

    防止频繁断线

注意

对 PuTTY 的任何设置更新都要再次手动保存 Session,不然关闭后就会丢失

  1. 点击 Open 就会进入 SSH 连接窗口,对应下图输入用户名与密码,与你的 VPS 远程主机建立连接。(本文假设默认用户名是 root,另外,在 Linux 系统输入密码的时候,是不会出现 ****** 这种提示符的,这样可以避免密码长度泄漏,不是你的键盘坏掉了哦!)

    SSH远程登录

3.2 成功登录 SSH!初识命令行界面!

  1. 如果你的信息都填写正确,你将会看到类似下图的界面,说明已登录成功:

    初次登录VPS

    这个界面,就等于远程服务器的【桌面】,但它没有你熟悉的图标和鼠标,没有绚丽的色彩,有的只是简单文字,这就是【命令行界面】- Command Line Interface,或者缩写为 CLI

    接下来的所有操作,都需要你像电影里的黑客一样,在这个命令行界面中完成。也许你会觉得陌生,但请相信我,使用命令行既不可怕,也不神秘。说到底,它只不过是把你习惯的鼠标操作变成了文字指令而已,你说一句,它做一句

  2. 现在,你可以稍微观察并熟悉一下命令行环境,这个界面其实已经告诉了你一些有用的信息了,比如系统内核版本(比如图内是 4.19.37-5)、上次登录时间及 IP 等。当然根据 VPS 的不同,你看到的界面可能会略有不同。

  3. 请注意命令行最下面一行,闪动的光标左边,有一串字符。图中显示的是root@vps-server:~#,这一串要怎么理解呢?很简单:

    • 现在的用户是 root
    • root 所在的服务器是 vps-server
    • root 现在所在的文件夹是 ~
    • # 之后是你可以输入命令的地方

    前两个很直观,无需多说。第三个是关于 Linux 的文件夹系统,现在也不需要过于深入,你只需要知道,"~"就是【当前用户的大本营】。第四个,提示符#,你也不用管,只需要知道,未来文章中会写一些需要你输入的命令,都会以 "#" 或者 "$" 开头,提示你后面是你输入命令的地方。(所以你复制命令的时候,只需要复制后面的内容,不要复制提示符)

3.3 第一次更新 Linux 的软件!

  1. 正如你的手机,无论安卓还是 iPhone,为了 APP 及时更新(获取安全补丁和新功能),都会时不时从应用商店获得更新信息,并且提示你有多少个 APP 可更新。Linux 系统也有逻辑十分类似的更新机制。所以只要你会更新手机 APP,就能学会更新 Linux 软件!

  2. Linux 下,每个 APP 都叫做一个“包” (package)。管理 APP 的程序自然就叫做“包管理器”(Package Manager)。你可以通过它安装、更新、卸载各种软件、甚至更新 Linux 系统本身。Linux 下的包管理器非常强大,此处按下不表,现在你只需要知道 Debian 系统的包管理器叫做 apt 即可。接下来,我们就先使用 apt 做一次软件的全面更新,让你熟悉它的基本操作。

  3. 小小白白 Linux 基础命令:

    编号命令名称命令说明
    cmd-01apt update查询软件更新
    cmd-02apt upgrade执行软件更新
  4. 现在请输入第一条命令,获取更新信息

    apt update
     
    1
  5. 然后请输入第二条命令,并在询问是否继续安装 (Y/n) 时输入 y 并回车确认,开始安装

    apt upgrade
     
    1
  6. 完整流程演示如下:

    初次软件更新流程演示

3.4 你的进度

恭喜你又迈出了坚实的一步! 现在,你已经可以通过 SSH 来登录你的远程服务器了!那登录进去之后,除了升级软件之外,应该再做点什么呢?敬请进入下一章一探究竟吧!

⬛⬛⬛⬜⬜⬜⬜⬜ 37.5%

- + diff --git a/document/level-0/ch04-security.html b/document/level-0/ch04-security.html index 925a5ea4f3..87c1104be6 100644 --- a/document/level-0/ch04-security.html +++ b/document/level-0/ch04-security.html @@ -5,7 +5,7 @@ 【第 4 章】安全防护篇 | Project X - + @@ -20,6 +20,6 @@
1
  • 修改 SSH 配置。这个我们已经用了很多次,但现在我们已经从无所不能的root变成了普通用户vpsadmin,此时的我们是没有权限直接编辑 SSH 配置的。这时候就需要使用sudo命令了:

    sudo nano /etc/ssh/sshd_config
     
    1
  • 找到(ctrl+w) PasswordAuthentication 改成 no

  • 找到(ctrl+w) PubkeyAuthentication 改成 yes,然后保存(ctrl+o)退出(ctrl+x)

  • 重启 SSH 服务。(啰嗦君:别忘了现在需要使用sudo来获得权限)

    sudo systemctl restart ssh
     
    1
  • 完整流程如下:

    SSH开启密钥验证并禁用密码验证

  • VPS 端已经设置好了公钥,现在要给 PuTTY 指定私钥位置供登录时使用(啰嗦君:别忘了保存 Session)

    PuTTY指定私钥位置

  • 至此,【密钥登录】已成功开启、【密码验证】已成功关闭、并且还给 PuTTY 保存了默认的登录用户名和私钥。未来使用 PuTTY 登录时,载入VPS-SERVER配置后,点击Open就可以一键登录了。

    如果你给私钥设置了密码保护,登录时当然还需要输入这个密码才能使用密钥,如下图:

    输入私钥密码

  • 别忘了给WinSCP也做对应的密钥设置,否则之后想要传输文件时就无法登录了:

    WinSCP指定私钥位置

  • 注意

    任何需要借助 SSH 进行登录的软件都需要密钥验证了,软件过多,无法逐一展示,请根据你的需要自行设置好哦

    4.8 你的进度

    到这里为止,你的 VPS 已经完成了【端口】、【用户名】、【密码】这三要素的基本安全保障,虽然远称不上固若金汤,但一般的恶意脚本应该已经无法对你造成伤害了!

    现在我们终于有了一个安全的系统基础,下一章,我们就可以开始逐步安装配置 Xray 需要的基础设施了!(什么基础设施呢?一个网页,一张证书)

    ⬛⬛⬛⬛⬜⬜⬜⬜ 50%

    - + diff --git a/document/level-0/ch05-webpage.html b/document/level-0/ch05-webpage.html index 0d32845d02..1bc8efd1e3 100644 --- a/document/level-0/ch05-webpage.html +++ b/document/level-0/ch05-webpage.html @@ -5,7 +5,7 @@ 【第 5 章】网站建设篇 | Project X - + @@ -56,6 +56,6 @@ }
    1
    2
    3
    4
    5
    6

    特别注意!

    如我在【第 3 步】中的提示所说,请务必确保 /home/vpsadmin/www/webpage 改成你的实际文件路径。

  • nginx 重新载入配置使其生效

    sudo systemctl reload nginx
     
    1
  • 完整的设置流程如下:

    网页设置演示

  • 此时如果你访问 http://二级域名.你的域名.com,你看到这样的页面则说明成功:

    http网页成功

  • 5.4 常见错误的说明

    首先,如果你一路按照文章的说明来操作,并且足够细心,那肯定不会出错。所以,我并不打算修改本文的写法。

    那为什么依然有很多同学卡在了这一步,网页怎么也打不开呢?基本上就是两个字:粗心。因为这里配置可能出现的问题只有两种,原因也只有两个。

    一、两种问题:

    • nginx.conf 里面的 /home/vpsadmin/www/webpage 这一条,与你的实际文件路径不符,nginx 找不到文件
    • 路径正确,但 nginx 无权读取

    二、两个原因:

    • 使用了【非 root 用户】,但仍然直接拷贝文中的命令不加修改。(这基本就等于抄答案时把同学的名字一起抄过去了)
    • 坚持使用【 root 用户】

    碰到错误的同学,就回过头仔细看一下【5.3】中【第 3 步】和【第 5-2 步】的说明吧。

    注意

    本文前期已经用了大量篇幅说明了使用【非 root 用户】对安全的重要性,全文也是基于此而写。所以,因使用【 root 用户】而导致的问题并不在本文的设计范围里。

    但我相信,坚持使用【 root 用户】的同学应该是有主见、动手能力强、或者有一定 Linux 基础的同学。问题的症结我已经全部说明了,我相信你一定可以自行解决。

    5.5 你的进度

    至此,Xray 的第一个基础设施【网页】已经就位,我们马上就进入第二个基础设施【证书】吧!

    ⬛⬛⬛⬛⬛⬜⬜⬜ 62.5%

    - + diff --git a/document/level-0/ch06-certificates.html b/document/level-0/ch06-certificates.html index 8743b84d03..d3f16fefdd 100644 --- a/document/level-0/ch06-certificates.html +++ b/document/level-0/ch06-certificates.html @@ -5,7 +5,7 @@ 【第 6 章】证书管理篇 | Project X - + @@ -117,6 +117,6 @@ [Mon 14 Feb 2022 03:00:25 PM CST] Installing key to: /etc/xray/cert/cert.key [Mon 14 Feb 2022 03:00:25 PM CST] Installing full chain to: /etc/xray/cert/fullchain.crt
    1
    2
    3
    4

    6.6 你的进度

    至此,Xray 所需要的两个基础设施终于全部就位!千呼万唤始出来的 Xray 马上就要揭开面纱,我们终于要进入最激动人心章节啦!

    ⬛⬛⬛⬛⬛⬛⬜⬜ 75%

    - + diff --git a/document/level-0/ch07-xray-server.html b/document/level-0/ch07-xray-server.html index ac70ac3f5c..2529db1583 100644 --- a/document/level-0/ch07-xray-server.html +++ b/document/level-0/ch07-xray-server.html @@ -5,7 +5,7 @@ 【第 7 章】Xray 服务器篇 | Project X - + @@ -169,6 +169,6 @@
    1
    1. 修改 Xray 的回落设置,将回落从 80 端口改为 8080 端口。(找到 "dest": 80, 并改成 "dest": 8080
    sudo nano /usr/local/etc/xray/config.json
     
    1
    1. 重启 Xray 服务,即完成了设置
    sudo systemctl restart xray
     
    1
    1. 完整流程演示如下:

    http自动跳转https

    1. 当你输入 http://a-name.yourdomain.com的时候,它应该已经会自动跳转 https 了

    http自动跳转https生效

    7.9 服务器优化之三:更丰富的回落

    如果你需要更丰富的回落功能,可以参考 《回落 (fallbacks) 功能简析》

    7.10 你的进度

    恭喜!!到这一步,你已经拥有了可以正常科学上网的服务器、同时也有了可以防止主动探测攻击的伪装网站。接下来,只要给你的客户端装上合适的软件,就可以享受顺畅的网络了!

    ⬛⬛⬛⬛⬛⬛⬛⬜ 87.5%

    7.11 重要勘误

    1. 初版中Xray配置文件config.json文件夹位置错误。若你已经根据之前的位置进行了操作,Xray会无法正确启动。故勘误说明于此,请自查,造成不便十分抱歉!
    • 正确位置:/usr/local/etc/xray/config.json
    • 错误位置:/usr/local/etc/config.json

    受影响章节:

    • 7.4 配置Xray - 3. 使用nano创建Xray的配置文件
    • 7.8 服务器优化之二 - 6. 修改Xray的回落设置
    1. 初版中修改Nginx配置文件nginx.conf时内容错误(网页文件夹位置错误),若你已经根据之前的位置进行了操作,Nginx会无法找到正确的网站。请自查,造成不便十分抱歉!
    • 正确文件夹位置:root /home/vpsadmin/www/webpage;
    • 错误文件夹位置:root /var/www/website/html

    受影响章节:

    • 7.8 服务器优化之二 - 4. 在与 80 端口同级的位置增加一个本地端口监听来提供网页展示
    - + diff --git a/document/level-0/ch08-xray-clients.html b/document/level-0/ch08-xray-clients.html index dd0052d001..1e6f327b52 100644 --- a/document/level-0/ch08-xray-clients.html +++ b/document/level-0/ch08-xray-clients.html @@ -5,7 +5,7 @@ 【第 8 章】Xray 客户端篇 | Project X - + @@ -162,6 +162,6 @@
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150

    8.4 附加题 2:在 PC 端手工运行 xray-core

    写好了配置文件该,要怎么让 xray-core 运行起来呢?双击好像并没有反应啊?

    首先,你要找到电脑上的【命令行界面】。

    1. Linux 桌面、macOS 系统的同学肯定已经比较熟悉了,搜索 Console 或者 Terminal 就可以
    2. Windows 就可以搜索使用 Cmd 或者 Powershell 等程序(WSL 的同学你坐下,你的 Console 当然也可以)

    其次,我们要做的事情是【让 xray 找到并读取配置文件 config.json,然后运行】,所以:

    1. 在 Windows 下,假设你的 Xray 程序位置是 C:\Xray-windows-64\xray.exe,配置文件位置是C:\Xray-windows-64\config.json,那么正确的启动命令就是:

      C:\Xray-windows-64\xray.exe -c C:\Xray-windows-64\config.json
       
      1

      说明

      这里的 -c 就是指定配置文件路径的参数,告诉 xray 去后面的位置找配置文件

    2. 相似的,在 Linux 和 macOS 下,假设你的 Xray 程序位置是 /usr/local/bin/xray,配置文件位置是/usr/local/etc/xray/config.json,那么正确的启动命令就是

      /usr/local/bin/xray -c /usr/local/etc/xray/config.json
       
      1

      说明

      每个系统都有系统路径变量,所以写 Xray 程序时不一定要写绝对路径。但是写了肯定没错,所以我就如此演示了。

    8.5 附加题 3:在 PC 端开机自动运行 xray-core

    如果你真的尝试了手动运行 xray-core,你一定会发现这个方式还有点小问题:

    1. 每次运行 Xray 都要出现一个黑乎乎的窗口,很丑
    2. 不能开机自动运行,每次都要手工输入,十分不方便

    我可以肯定的告诉你:完全可以解决。但是具体的解决方式,就当作课外作业留给大家吧!(友情提示,文档站的问答区有线索哦)

    8.6 圆满完成!

    我相信,有耐心看到这里的同学,都是兼具好奇心和行动力的学习派!我现在要郑重的恭喜你,因为到了这里,你已经完完整整的【从第一条命令开始,完成了 VPS 服务器部署,并成功的在客户端配置使用 Xray】了!这毫无疑问是一个巨大的胜利!

    我相信,你现在一定对Linux不再恐惧,对Xray不再陌生了吧!

    至此,小小白白话文圆满结束!

    ⬛⬛⬛⬛⬛⬛⬛⬛ 100%

    8.7 TO INFINITY AND BEYOND!

    但现在你看到的,远远不是 Xray 的全貌。

    Xray是一个强大而丰富的网络工具集合,平台化的提供了众多模块,可以像瑞士军刀一样,通过灵活的配置组合解决各种不同的问题。而本文,仅仅蜻蜓点水的用了最简单最直观的配置来做基础演示

    如果你觉得现在已经完全够用了,那就好好的享受它给你带来的信息自由。但如果你的好奇心依然不能停歇,那就去继续挖掘它无限的可能性吧!

    需要更多信息,可以到这里寻找:

    1. xtls.github.ioopen in new window - 官方文档站
    2. 官方 Telegram 群组open in new window - 活跃而友善的官方讨论社区

    TO INFINITY AND BEYOND!

    不算后记的后记

    希望我陪你走过的这一段小小的旅程,可以成为你网络生活中的一份小小助力。

    这篇文章里的工具和信息难免会一点点的陈旧过时,但你一定会逐渐成长为大佬。未来的某个时间,若你能偶尔想起这篇教程、想起我写下本文的初衷,那我衷心希望你能够薪火相传、把最新的知识分享给后来人,让这一份小小的助力在社区里坚定的传递下去。

    这是个大雪封山乌云密布的世界,人们孤独的走在各自的路上试图寻找阳光,如果大家偶尔交汇时不能守望相助互相鼓励,那最终剩下的,恐怕只有【千山鸟飞绝 万径人踪灭】的凄凉了吧。

    - + diff --git a/document/level-0/ch09-appendix.html b/document/level-0/ch09-appendix.html index 3e8e0f2245..1c30fd43fa 100644 --- a/document/level-0/ch09-appendix.html +++ b/document/level-0/ch09-appendix.html @@ -5,11 +5,11 @@ 【第 9 章】附录 | Project X - +

    【第 9 章】附录

    1. 小小白白 Linux 基础命令索引

    编号命令名称命令说明出现篇章
    cmd-01apt update查询软件更新《远程登录篇》
    cmd-02apt upgrade执行软件更新《远程登录篇》
    cmd-03nano文本编辑器《安全防护篇》
    cmd-04systemctl restart重启某个服务《安全防护篇》
    cmd-05adduser给系统新增用户《安全防护篇》
    cmd-06apt install安装某个软件《安全防护篇》
    cmd-07visudo修改 sudo 权限设置专用编辑器《安全防护篇》
    cmd-08sudoroot权限运行某个命令《安全防护篇》
    cmd-09chmod修改目标文件/文件夹的权限《安全防护篇》
    cmd-10mkdir新建文件夹《网站建设篇》
    cmd-11systemctl reload重新加载某个服务《网站建设篇》
    cmd-12wget访问(或下载)某个网页文件《证书管理篇》
    cmd-13acme.shacme.sh 证书管理相关的命令《证书管理篇》
    cmd-14rm删除命令《Xray 服务器篇》
    cmd-15crontab -e编辑当前用户的定时任务《Xray 服务器篇》
    cmd-16touch建立空白文件《Xray 服务器篇》
    cmd-17systemctlsystemd基本服务管理命令《Xray 服务器篇》
    cmd-18reboot重启 Linux 系统《Xray 服务器篇》

    2. 小小白白 Linux 重要配置文件索引

    编号配置文件位置文件说明出现篇章
    conf-01/etc/ssh/sshd_configSSH 远程登录程序设置《远程登录篇》
    conf-02/etc/nginx/nginx.confNginx 程序设置《网站建设篇》
    conf-03/etc/apt/sources.listapt 软件源列表《Xray 服务器篇》
    conf-04/etc/apt/sources.list.d/vpsadmin.list用户自定义软件源列表列表《Xray 服务器篇》
    conf-05crontab -e当前用户的定时任务《Xray 服务器篇》
    conf-06/etc/sysctl.conf手动设置 kernel 参数《Xray 服务器篇》
    conf-07/etc/sysctl.d/vpsadmin.conf用户自定义 kernel 参数配置文件《Xray 服务器篇》

    3. 小小白白 Xray 重要文件索引

    编号配置文件位置文件说明出现篇章
    xray-01/usr/local/etc/xray/config.jsonXray 程序设置《Xray 服务器篇》
    xray-02/home/vpsadmin/xray_cert/xray.certTLS 证书《Xray 服务器篇》
    xray-03/home/vpsadmin/xray_cert/xray.keyTLS 私钥《Xray 服务器篇》
    xray-04/home/vpsadmin/xray_log/access.logXray 访问日志《Xray 服务器篇》
    xray-05/home/vpsadmin/xray_log/error.logXray 错误日志《Xray 服务器篇》
    - + diff --git a/document/level-0/index.html b/document/level-0/index.html index 0ad9274c48..ca11c41268 100644 --- a/document/level-0/index.html +++ b/document/level-0/index.html @@ -5,11 +5,11 @@ 小小白白话文 | Project X - + - + diff --git a/document/level-1/fallbacks-lv1.html b/document/level-1/fallbacks-lv1.html index d37dac8b8e..190c4f09f5 100644 --- a/document/level-1/fallbacks-lv1.html +++ b/document/level-1/fallbacks-lv1.html @@ -5,7 +5,7 @@ 回落 (fallbacks) 功能简析 | Project X - + @@ -181,6 +181,6 @@ } }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
  • 至此,我们就能够完整的画出模板的回落路线了:

  • 6. 结语

    至此,Xray 的【回落】功能就介绍完了。希望本文能够对你理解 Xray 的强大有所帮助。

    7. 附加题

    我再无耻的留一个附加题:本文详解的 VLESS-TCP-XTLS-WHATEVERopen in new window 模板?是否有可以优化的地方?

    提示:HTTP 自动跳转 HTTPS

    - + diff --git a/document/level-1/fallbacks-with-sni.html b/document/level-1/fallbacks-with-sni.html index c457db415b..fae80307d8 100644 --- a/document/level-1/fallbacks-with-sni.html +++ b/document/level-1/fallbacks-with-sni.html @@ -5,7 +5,7 @@ SNI 回落 | Project X - + @@ -191,6 +191,6 @@ redir https://{host}{uri} permanent }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36

    参考

    1. 服务器名称指示 - 维基百科,自由的百科全书open in new window
    2. Home · acmesh-official/acme.sh Wikiopen in new window
    3. HTTP/2 - 维基百科,自由的百科全书open in new window

    引用


    1. 常见问题 - Let's Encrypt - 免费的 SSL/TLS 证书open in new window ↩︎

    2. Proxy Protocol - HAProxy Technologiesopen in new window ↩︎

    3. proxy protocol 介绍及 nginx 配置 - 简书open in new window ↩︎

    4. v2fly-github-io/vless.md at master · rprx/v2fly-github-ioopen in new window ↩︎

    - + diff --git a/document/level-1/index.html b/document/level-1/index.html index 63d968a9b1..e5d5979b7b 100644 --- a/document/level-1/index.html +++ b/document/level-1/index.html @@ -5,11 +5,11 @@ 入门技巧 | Project X - + - + diff --git a/document/level-1/routing-lv1-part1.html b/document/level-1/routing-lv1-part1.html index 8cefce6ac9..5de62fdabe 100644 --- a/document/level-1/routing-lv1-part1.html +++ b/document/level-1/routing-lv1-part1.html @@ -5,7 +5,7 @@ 路由 (routing) 功能简析(上) | Project X - + @@ -122,6 +122,6 @@ ] }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16

    此时,路由规则其实变成了:

    这就是路由功能的灵活之处了,你可以自由的改变它的顺序来实现不同的设计。

    至此,我们已经解释完了 【如何利用 geosite.dat 文件,通过路由规则,根据【域名】来分流网络流量】。

    5. 攻城略池 - 多种路由匹配条件

    请确保你已经读懂了上面的内容,因为这样,你就已经理解了【路由】功能的工作逻辑。有了这个基础,我们就可以继续分析【路由】功能更多更详细的配置方式和匹配条件了。

    等你看完后面的内容,就完全可以自由的定制属于自己的路由规则啦!还等什么,让我们一起进入 《路由 (routing) 功能简析(下)》 吧!

    - + diff --git a/document/level-1/routing-lv1-part2.html b/document/level-1/routing-lv1-part2.html index e1ecc89b50..ddfb4d9f36 100644 --- a/document/level-1/routing-lv1-part2.html +++ b/document/level-1/routing-lv1-part2.html @@ -5,7 +5,7 @@ 路由 (routing) 功能简析(下) | Project X - + @@ -168,6 +168,6 @@ } }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17

    其实,第 6 点已经是我整理过的规则了,原则就是【相同的匹配依据可以合并,不同的匹配依据保持独立】。

    8. 明修栈道、暗渡陈仓

    [domain] 转化 [ip] 的密道:domainStrategy

    我们在 5.4 中提交了多种流量判断的【依据】,其中一种是域名 [domain]、一种是 [IP]

    如果你初步了解过 DNS 的运作过程,就会知道,我们对一个域名 [domain] 发起访问请求时,其实需要先向 DNS 发起请求来解析域名 [domain] 对应的 [IP],在得到 [IP] 后再向它发起实际请求。

    所以,面对入站的一次域名请求,Xray 其实有两次机会去判断它的类型。那么,究竟是否要用这两次机会呢?这就是由 domainStrategy 这个配置来决定的。它有三个选项:

    • AsIs
    • IPIfNonMatch
    • IPOnDemand

    按么我们逐个来解释一下:

    8.1 域名策略: "AsIs"

    就是 "As Domain Is",也就是说 【域名什么样,就什么样,不多折腾】。

    简单粗暴理解就是说【仅用 [domain] 来匹配】。

    提示

    AsIs 的实际意义为 【如原先所示,不加修改】,🍉 老师这里描述的不是很恰当。

    这个方式的处理都在 Xray 内部完成,没有与外界的数据往来,所以速度最快。它的兜底策略也很清晰:即前面所说的、无法匹配的域名自动转入第一条出站处理。所以,对于常规使用路由功能这最推荐的策略。

    8.2 域名策略: "IPIfNonMatch"

    就是 "lookup IP if (there's) no matching rule",也就是说【如果其他所有规则都匹配不上,那就转化成 IP 去匹配 IP 规则】。

    简单粗暴理解就是说【先把访问目标和其他所有类型规则匹配,如果匹配不上,那就通过 DNS 查询转化成 IP,再从头和所有规则匹配一次】。

    该策略下没有命中任何规则的这一部分域名,会需要再经历 DNS 查询过程、以及第二轮规则匹配的过程,其耗时会多于 AsIs 策略,所以并不是首选推荐的策略。

    8.3 域名策略: "IPOnDemand"

    这里其实说 Demand IP 更准确些,也就是说【当匹配时碰到任何基于 IP 的规则,将域名立即解析为 IP 进行匹配】。

    简单粗暴理解就是说【只要路由规则中有 IP 类规则,那么所有基于域名 [domain] 的请求都要解析成 [IP] 然后去匹配 [IP] 类规则】。

    它要对所有首次域名访问进行 DNS 解析,所以首次查询比较耗时。虽然由于 XrayDNS 缓存机制的存在,后续对相同域名的访问速度会重回巅峰,但总体来说也不是首选推荐的策略。

    啰嗦君

    domainStrategy 仅对域名生效,不要搞混了哦~

    9. 思考题

    迄今为止,我们都是在【单入站】和【单出站】的基础上,讲解【路由】内部的各种配置逻辑。

    但是,如你所知,Xray 本身是支持多端口,多协议的。那么,如果我问你:

    1. 我希望 VLESS 协议将我日常的网页浏览和 APP 流量转发给美国的大流量服务器
    2. 我希望 trojan 协议将我的所有 Netflix 流量转发给日本的服务器解锁各种二次元
    3. 我希望 shadowsocks 协议将我所有的游戏流量转发给香港的服务器达到最低的延迟
    4. 我希望有一个独立的端口,能够把 telegram 的流量全都转发给 VPS
    5. 我希望有一个独立的端口,能够把 bittorrent 下载流量全都转发给欧洲大盘鸡
    6. 我希望......

    这些想法,是否能通过【路由】功能配置实现呢?

    答案当然是 【完全可以】 啦! 但是这些对于 level-1 来说已经超纲了,就留给各位自由的探索吧!

    10. 结语

    至此,Xray 的【路由】功能就介绍完了。希望本文能够对你理解 Xray 的灵活有所帮助。

    11. 尾注

    • 现在你可以重新阅读一遍 路由,看看是否有更加深刻的理解。
    • 🍉🍉🍉🍉🍉 😄
    - + diff --git a/document/level-1/work.html b/document/level-1/work.html index 7cabf0b2cb..a9c52a086e 100644 --- a/document/level-1/work.html +++ b/document/level-1/work.html @@ -5,11 +5,11 @@ Xray 的工作模式 | Project X - +

    Xray 的工作模式

    单服务器模式

    与其它的网络代理工具一样,你需要一台配置了 Xray 的服务器,然后在自己的设备上安装并配置 Xray 客户端,然后即可流畅地访问互联网。

    一个 Xray 服务器可同时支持多台设备使用不同的代理协议访问。同时,经过合理的配置,Xray 可以识别并区分需要代理以及不需要代理的流量,直连的流量不需要绕路。

    桥接模式

    如果你不想在每一台设备上都配置路由,你也可以设置一台中转服务器,用于接收客户端发来的所有流量,然后在服务器中进行转发判断。

    工作原理

    在配置 Xray 之前,不妨先来看一下 Xray 的工作原理,以下是单个 Xray 进程的内部结构示意图。多个 Xray 之间相互独立,互不影响。

    • 需要配置至少一个入站连接(Inbound)和一个出站连接(Outbound)才可以正常工作。
      • 入站连接负责与客户端(如浏览器)通信:
        • 入站连接通常可以配置用户认证,如 ID 和密码等;
        • 入站连接收到数据之后,会交给分发器(Dispatcher)进行分发;
      • 出站连接负责将数据发给服务器,如另一台主机上的 Xray。
    • 当有多个出站连接时,可以配置路由(Routing)来指定某一类流量由某一个出站连接发出。
      • 路由会在必要时查询 DNS 以获取更多信息来进行判断。
    - + diff --git a/document/level-2/index.html b/document/level-2/index.html index f1dfff6200..04cab7c954 100644 --- a/document/level-2/index.html +++ b/document/level-2/index.html @@ -5,11 +5,11 @@ 进阶文档 | Project X - +

    进阶文档

    这个章节包含进阶级的 Xray 使用心得分享, 如果您已经熟悉 Xray, 那么这里的经验可以让您更加发挥 Xray 的威力

    透明代理入门 by a @kirinopen in new window

    透明代理的入门篇章。

    透明代理(TProxy)配置教程 by a @BioniCosmosopen in new window

    基于 Xray 的透明代理(TProxy)配置完整教程。

    TProxy 透明代理(ipv4 and ipv6)配置教程 by a @SQLimitopen in new window

    基于 Xray 的 TProxy 透明代理(ipv4 and ipv6)配置教程

    Nginx 或 Haproxy 搭建 TLS 隧道隐藏指纹 by a @SQLimitopen in new window

    双端使用 Nginx 或 Haproxy 搭建 TLS 隧道隐藏指纹

    [透明代理]通过 gid 规避 Xray 流量 by a @kirinopen in new window

    在 iptables/nftables 实现的透明代理中,一种新的规避 Xray 流量的方式。

    通过 Xray 将特定的流量指向特定出口,实现全局路由“分流” by a @Zzz3mopen in new window

    将 Xray 玩出花:基于 fwmark 或 sendThrough 方式实现“分流”。

    通过 Cloudflare Warp 增强代理安全性 by a @yuhan6665open in new window

    Xray v1.6.5 新增 WireGuard 出站的使用介绍。

    Xray 流量统计 by a @yuhan6665open in new window

    适配 Xray 的流量统计和脚本。

    - + diff --git a/document/level-2/iptables_gid.html b/document/level-2/iptables_gid.html index 3c57698d4d..68e984b55b 100644 --- a/document/level-2/iptables_gid.html +++ b/document/level-2/iptables_gid.html @@ -5,7 +5,7 @@ GID 透明代理 | Project X - + @@ -107,6 +107,6 @@ ip6tables -t mangle -A OUTPUT -p tcp -j XRAY6_MASK ip6tables -t mangle -A OUTPUT -p udp -j XRAY6_MASK
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    - + diff --git a/document/level-2/nginx_or_haproxy_tls_tunnel.html b/document/level-2/nginx_or_haproxy_tls_tunnel.html index dbd9bccb81..37a3996af9 100644 --- a/document/level-2/nginx_or_haproxy_tls_tunnel.html +++ b/document/level-2/nginx_or_haproxy_tls_tunnel.html @@ -5,7 +5,7 @@ Nginx 或 Haproxy 搭建 TLS 隧道隐藏指纹 | Project X - + @@ -529,6 +529,6 @@ backend web server web /dev/shm/h1h2c.sock
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47

    xray 配置

    简单的 gRPC 配置,无需 TLS,配置见文档,配置的 serviceName 可用于分流。

    - + diff --git a/document/level-2/redirect.html b/document/level-2/redirect.html index 4eff0d12be..0384bdd325 100644 --- a/document/level-2/redirect.html +++ b/document/level-2/redirect.html @@ -5,7 +5,7 @@ 出站流量重定向 | Project X - + @@ -221,6 +221,6 @@
    1

    开机自启

    systemctl enable wg-quick@wg0
     systemctl start wg-quick@wg0
     
    1
    2

    验证 IPv4/IPv6

    自行验证 Google 搜索 myip

    后记

    本文本意是可以避免的多余的流量浪费,将路由和分流的功能交给 Xray 处理。避免了维护路由表的繁琐工作。顺便技术提升 UP。

    感谢

    @Xray-core @V2ray-core @WireGuard @p3terx @w @Hiram @Luminous @Ln @JackChou

    - + diff --git a/document/level-2/tproxy.html b/document/level-2/tproxy.html index 39a74c844e..9b9b3060a6 100644 --- a/document/level-2/tproxy.html +++ b/document/level-2/tproxy.html @@ -5,7 +5,7 @@ TProxy 透明代理 | Project X - + @@ -262,6 +262,6 @@ [Install] WantedBy=multi-user.target
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    - + diff --git a/document/level-2/tproxy_ipv4_and_ipv6.html b/document/level-2/tproxy_ipv4_and_ipv6.html index c78e4b2be4..0c9228eeca 100644 --- a/document/level-2/tproxy_ipv4_and_ipv6.html +++ b/document/level-2/tproxy_ipv4_and_ipv6.html @@ -5,7 +5,7 @@ TProxy 透明代理 (ipv4 and ipv6) | Project X - + @@ -410,6 +410,6 @@ [Install] WantedBy=multi-user.target
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    1. 最后执行 systemctl enable tproxyrules 命令。

    tproxyrules.service

    注意其中主路由器 IP 地址,根据实际修改

    ExecStartPre=/bin/sh -c 'until ping -c1 192.168.31.1; do sleep 1; done;' 命令为确保获得 IP 地址后再执行命令,否则会诡异报错,其中 IP 地址为主路由器地址,根据实际修改。

    注意

    如果通过 dhcpcd 等设置了静态 IP 及网关,则上述相关 ip route add/del 设置需删除

    局域网设备上网设置

    此处假定旁路由 ipv4, ipv6 地址分别为192.168.31.100, fd00:6868:6868::8866, 旁路由的 ipv4, ipv6 地址可由命令ip add获得。

    方法一

    局域网设备上网有两种方式,第一种就是在使用设备上进行静态 IP 的配置,将网关指向旁路由 IP。注意绝大部分手机仅支持手动配置 ipv4 网关,不支持手动配置 ipv6 网关,除非 root 后进行相关设置。

    以 windows 设备为例,可以先开启 DHCP 记录自动分配的 IP 以参考,然后手写静态配置。

    DNS 设置

    此配置劫持 DNS 流量,DNS 可以随便写

    建议设置为旁路由 IP,防止 DNS 泄露

    image image

    方法二

    局域网设备上网的第二种方式,是在路由器上进行网关设置,这种方法对于连接到此路由器的设备无需做任何设置即可科学上网,但注意有些路由器不支持 ipv6 的网关设置,有 ipv6 需求的设备仍需在所需设备上单独手动配置 ipv6 相关设置参考方法一。

    image

    Finally

    按照以上方法设置后设备即可双栈访问,进入测试网站比如 https://ipv6-test.com/ 可以看到如下结果 (需要代理此网站才能看到如下结果)

    image

    写在最后

    如今 ipv6 并未完全普及,我们日常访问的流量 99%仍为 ipv4 流量;很多 VPS 商家虽然提供 ipv6 地址,但线路优化非常垃圾,甚至处于不可用状态,为何要加入 ipV6 的设置?

    可以看到目前 ipv6 处于很尴尬的境地,各种设备对于 ipv6 的支持很烂,但是都在逐步完善,同时 Windows 系统对于 ipv6 的优先级也在提高,很多浏览器也会优先进行 ipv6 的解析以及访问,很多网站也开始默认使用 ipv6 进行访问(比如 Netflix, 如果没有配置 ipv6, 浏览器打开 Netflix 会显示 Not Available 是因为没有代理 Netflix 的 ipv6 请求,当然可以选择禁用 Windows 的 ipv6,但支持 ipv6 的 pt 站就无法使用)

    这种情况下 ipv4 无法完全胜任网络冲浪的需求,即使是那 1%的流量,遇到了也会让人头疼不已。

    而可以预见 ipv6 也会逐步与 ipv4 分庭抗礼,所以有必要加入 ipv6 的设置。

    - + diff --git a/document/level-2/traffic_stats.html b/document/level-2/traffic_stats.html index 815f2ccaf8..cbb8c7ae7e 100644 --- a/document/level-2/traffic_stats.html +++ b/document/level-2/traffic_stats.html @@ -5,7 +5,7 @@ 流量统计 | Project X - + @@ -101,6 +101,6 @@ print_sum "$DATA" "user" echo "-----------------------------"
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    - + diff --git a/document/level-2/transparent_proxy/transparent_proxy.html b/document/level-2/transparent_proxy/transparent_proxy.html index ad869e913d..12177c49bb 100644 --- a/document/level-2/transparent_proxy/transparent_proxy.html +++ b/document/level-2/transparent_proxy/transparent_proxy.html @@ -5,7 +5,7 @@ 透明代理入门 | Project X - + @@ -92,6 +92,6 @@ iptables -t mangle -A OUTPUT -p tcp -j XRAY_MASK iptables -t mangle -A OUTPUT -p udp -j XRAY_MASK
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23

    但是这么配置有个缺点,如果使用 CDN 或者 VPS 很多的话,就不好写规则了。

    1. 通过 mark 规避

    三个白话文教程都是使用这种方法规避,自行参考,这里不再赘述。

    1. 通过 gid 规避(推荐)

    参考 [透明代理]通过 gid 规避 Xray 流量

    这样就完成了第三阶段的代理,也就是平时说的全局代理。但是记得把网关的 DNS 服务器设置为国外的 DNS 服务器,否则可能依然返回被污染的结果。

    第四阶段

    其实,并不是所有人都需要实现第四阶段。全局代理对于大部分情况已经适用。

    特别是对于旁路由而言。需要代理时,将网关调成旁路由的 IP,不需要代理时,将网关换回主路由 IP。

    至于第四阶段的具体实现,那三篇白话文教程讲的都是。在理解了上面的内容后,再去看那三篇白话文教程,就比较容易理解了。

    代理 ipv6

    上面的规则只对 ipv4 生效,如果还想要代理 ipv6 请求,则使用 ip6tables 命令,用法与 iptables 基本相同。参考 [透明代理]通过 gid 规避 Xray 流量#4-设置 iptables 规则

    iptables 透明代理的其它注意事项

    1. 如果作为代理的网关作为主路由,要在PREROUTING链规则中加一条iptables -t mangle -A XRAY ! -s 网关LAN_IP地址段 -j RETURN,即在第一阶段使用、第二阶段被删除的指令。如果不写,WAN 口中同网段的其它人可以将网关填写成你的 WAN_IP,从而蹭你的透明代理用,还可能带来一定的危险性。

    2. 新 V2Ray 白话文指南-透明代理(TPROXY)#设置网关open in new window 中的第三条说:手动配置 PC 的网络,将默认网关指向树莓派的地址即 192.168.1.22。此时 PC 应当能正常上网(由于还没设置代理,“正常”是指可以上国内的网站)。实际上,Ubuntu、CentOS、debian 等系统就算开启了 IP 转发,PC 也不能正常上网,这是正常的。事实上只有 OpenWRT 能做到文中所描述的那样,据 @BioniCosmosopen in new window 点拨,这是由于一般的 Linux 系统没有 Masquery 规则。

    3. too many open files 问题open in new window ,解决方法见 [透明代理]通过 gid 规避 Xray 流量-配置最大文件大开数&运行 Xray 客户端

    4. 关于开启 ip_forward,待补充...

    5. 避免已有连接的包二次通过 TPROXY ,待补充...

    6. 主路由、单臂路由与旁路由,待补充...

    - + diff --git a/document/level-2/warp.html b/document/level-2/warp.html index e52fe54948..caa01bf483 100644 --- a/document/level-2/warp.html +++ b/document/level-2/warp.html @@ -5,7 +5,7 @@ 通过 Cloudflare Warp 增强代理安全性 | Project X - + @@ -92,6 +92,6 @@ ] }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    - + diff --git a/en/about/news.html b/en/about/news.html index 148afa568d..0aa6fde524 100644 --- a/en/about/news.html +++ b/en/about/news.html @@ -5,11 +5,11 @@ 大史记 | Project X - +

    大史记

    2021.4.6

    • VuePress Next.
    • With Dark Mode.

    2021.4.4

    • 本文档迎来的新的首页。
    • 本文档迎来了暗黑模式。
    • 当然,暗黑模式还有各种各样的问题。具体的内容还需要慢慢调整。
    • 另:Telegram 群聊突破了 5000 人!还加入了 Anti-Spam 机器人!
    • 🎉🎉🎉

    2021.4.1 v1.4.2open in new window

    • 不是愚人节玩笑,今天更新。
    • 加入 Browser Dialer,用与改变 TLS 指纹与行为。
    • 加入 uTLS,用与改变 TLS Client Hello 的指纹。
    • 顺便修复了一大堆奇妙的问题,具体的内容见更新日志。

    2021.3.25

    没错还在变。 -_-

    2021.3.15

    文档网站正在悄悄的进行着某些神秘的变化。。。,🙊🙊🙊

    2021.3.14 v1.4.0open in new window

    • Happy Pi-Day!
    • 这次是个大更新:
      • 为链式代理引入了传输层支持。
      • 为 Dialer 引入了 Domain Strategy,解决奇妙的 DNS 问题。
      • 添加了 gRPC 传输方式,与更快一点的 Multi Mode。
      • 添加了 WebSocket Early-Data 功能,减少了 WebSocket 的延迟。
      • 添加了 FakeDNS。
      • 还修复了系列的问题,添加了各类功能,详情请见更新日志。
    • 还是 VuePress 比较爽啊(

    2021.3.3 1.3.1open in new window

    • 这个版本使用了 Golang 1.16,正式原生支持 Apple Silicon。
    • 同时修复了一个会导致 Panic 的 bug。Holmium_认为这是在骗、在偷袭。
    • 修复了几个遗留问题。

    2021.2.14 1.3.0open in new window

    • Happy 🐮 Year 🎉!
    • v1.3.0 通过非常巧妙的机制实现了 V 系协议全部 FullCone,同时保证了一定的兼容性。
    • OHHHHHHHHHHHH!

    2021.01.31 1.2.4open in new window

    • 解决两个“连接至标准 Socks 服务端时可能出错”的历史遗留问题。
    • 似乎这个版本没有什么改变,但这只是暴风雨前的宁静。
    • (没错我就是先知)

      你个傻子,你拿的是 UNO 牌。

    2021.01.25

    • 全互联网最好最详细的秘籍入门篇同学们练熟了吗? 🍉 老师开始连载秘籍第一层咯...
    • 英文版文档网站逐渐增加内容 ing, 感谢各位大佬的辛苦付出~!

    2021.01.22 1.2.3open in new window

    • 对 SS 协议的支持变强了, 支持单端口多用户!
    • 对 trojan 协议的支持也变强了, trojan 的回落也解锁 SNI 分流的新姿势啦~!
    • (VLESS: 嘤嘤嘤)
    • UDP 奇奇怪怪的 BUG 被干掉了, 一个字, "稳定".
    • 嗅探可以排除你不想嗅探的域名, 可以开启一些新玩法.
    • 向发现问题->开 issue->自行测试->自行分析->自行找到问题->自行解决->然后给上下游提交 PR 的大佬 a @Bohan Yangopen in new window 致敬!
    • 其他美味小樱桃, 惯例更新品尝就对啦.

    2021.01.19

    • 一些数字
      • 版本发布了 10   个 tag
      • 解决掉了 100  个 issue
      • 复刻了 300  个 fork
      • 点了 2000 个 star
      • 群 3000 个 人

    2021.01.17

    2021.01.15 1.2.2open in new window

    • 回落分流又解锁了奇怪的新姿势! 回落中可以根据 SNI 分流啦~!
    • 之前预告的 UUID 修改正式上线.(往下看往下看)
    • 日志现在看起来比上一次顺眼又更顺眼了一丢丢.
    • 远程 DOH 和其他的 DNS 模式一样学会了走路由分流.
    • 当然还有其他各种小糖果.(更新品尝就对了)
    • 啊, 还有, 世界上第一個 M1 上跑起 Xray 的男人是 Anthony TSE

    2021.01.12

    • 将要到来的 UUID 修改, 支持自定义字符串和 UUID 之间的映射. 这意味着你将可以这样在配置文件中写 id 来对应用户.
      • 客户端写 "id": "我爱 🍉 老师 1314",
      • 服务端写 "id": "5783a3e7-e373-51cd-8642-c83782b807c5" (此 UUID 是 我爱🍉老师1314 的 UUID 映射)
    • 🍉 老师的小小白白话文大结局, 撒花.

    2021.01.10 1.2.1open in new window

    • 大量的 UDP 相关修复, 甚至可以在育碧的土豆服务器上玩彩虹六号!
    • Google Voice 应该也可以正常使用 v2rayNG 拨打了.
    • 日志现在看起来更顺眼.

    2021.01.07

    • 礼貌和尊重本应是社区不需要明说的准则之一。

    2021.01.05

    • 文档网站正在悄悄的进行着某些神秘的变化。。。,🙊🙊🙊

    2021.01.03

    2021.01.01

    【祝大家新年快乐,嗨皮牛耶!】🎆🎇🎆 1.2.0open in new window

    🎁 在元旦的最后几分钟,v1.2.0 它来了,带着周五必更的惯例,带着各位贡献大佬的心血以及 @rprxx 的黑眼圈,不负众望的来了!

    • 圣诞礼物v1.1.5后的元旦礼物 🎁,游戏玩家大福利,全面 FullCone。
    • (UDP 还会继续增强!)
    • 如果你已经拆过圣诞礼物,这次还有比圣诞礼物更精美的包装和小糖果哦。(同样不用问,更新品尝就对了)
    • (不,下面不是广告,是里程碑。)
    • Xray 是有史以来第一个不受限制的多协议平台:只需 Xray 即可解决问题,无需借力其它实现。
      • 一人扛起了所有!支持各大主流协议!
      • 一骑绝尘的性能!
      • 日趋完善的功能!
      • 可怕的生命力与社区亲和力!
    • Xray 将继续保持前行! 因此 Xray 需要更多的英雄!!open in new window
    • PS:请品,请细品release notesopen in new window每一句。似乎有一个小秘密小彩蛋 (啊,有人敲门...我一会和你们说)

    2020.12.29

    透明代理的游戏玩家利好! Xray-core tproxy 入站, socks 出站 UDP FullCone 测试版, TG 群open in new window火热测试中

    2020.12.25 1.1.5open in new window

    圣诞节快乐!

    • 游戏玩家的圣诞礼物!你可以用 xray 爽快的打游戏啦!因为有了 SS/trojan UDP fullcone
    • 你可以用你喜欢的格式写配置文件了,比如 yaml,比如 toml...
    • (VLESS 的 UDP fullcone 和更多增强很快就到!)
    • 无须再担心证书验证被墙,OCSP stapling 已经上线!
    • kirin 带来了一大波 脚本更新.脚本在此open in new window
    • 还有更多美味小樱桃!(不用问,更新品尝就对了)

    2020.12.24

    因为某些不可描述的原因,Xray 的文档网站已在发布日前偷跑上线。 网址为:没错你正在看的就是open in new window

    大家可以查阅各种内容也欢迎纠错/提出建议(可发往文档 github 仓库的 issue 区)

    文档网站需要不断完善和增加内容,以及完善设计。 因此更欢迎大家一起为文档建设添砖加瓦。 文档的仓库open in new window

    仓库的 readme 中有简略教程说明如何帮助 xray 改进文档网站. 欢迎大家查看,纠错,修改,增加心得。

    2020.12.23

    Xray-core Shadowsocks UDP FullCone 测试版, TG 群open in new window火热测试中

    2020.12.21

    • Project X 群人数 2000+
    • 群消息(含游戏群) 日均破万

    2020.12.18 1.1.4open in new window

    • 更低的启动内占用和内存使用优化
    • 随意定制的 TLS 提高你的 SSL 评级
    • 支持 XTLS 入站的 Splice 以及支持 trojan 的 XTLS
    • 还有在您路由器上使用的 Splice 最佳使用模式建议

    2020.12.17

    鉴于日益增长群人数和游戏需求, 开启了TG 游戏群open in new window

    2020.12.15

    安装脚本 dev 分支open in new window开启, 持续更新功能中.

    2020.12.11 1.1.3open in new window

    • 完整版本的 REDIRECT 透明代理模式.
    • 软路由 splice 流控模式的优化建议.

    2020.12.06 1.1.2open in new window

    • 流控增加 splice 模式, Linux 限定, 性能一骑绝尘.
    • 增强了 API 兼容

    2020.12.04

    增加 splice 模式

    2020.11.27

    • Project X 的 GitHub 主仓库 Xray-core 已获 500+ stars
    • 登上了 GitHub Trending
    • Project X 群人数破千,频道订阅数 500+

    2020.11.25 1.0.0open in new window

    Xray 的第一个版本.

    • 基于 v2ray-core 修改而来,改动较大
    • 全面增强, 性能卓越, 完全兼容

    2020.11.23

    project X start

    梦开始的时候

    - + diff --git a/en/config/api.html b/en/config/api.html index 8ae599f00b..db4c5dd1ec 100644 --- a/en/config/api.html +++ b/en/config/api.html @@ -5,7 +5,7 @@ API Interface | Project X - + @@ -44,6 +44,6 @@ xray.app.proxyman.command.HandlerService xray.app.stats.command.StatsService
    1
    2
    3
    4
    5
    6

    API Calling Example

    Xray-API-documentsopen in new window @crossfw

    - + diff --git a/en/config/dns.html b/en/config/dns.html index c8d912f48f..1642b5ee37 100644 --- a/en/config/dns.html +++ b/en/config/dns.html @@ -5,7 +5,7 @@ Built-in DNS Server | Project X - + @@ -45,6 +45,6 @@ "clientIP": "1.2.3.4" }
    1
    2
    3
    4
    5
    6
    7
    8

    address: address

    A list of DNS servers, which can be either DNS addresses (in string form) or ServerObjects.

    When the value is "localhost", it means using the local DNS configuration.

    When the value is a DNS "IP" address, such as "8.8.8.8", Xray will use the specified UDP port of this address for DNS queries. The query follows routing rules. By default, port 53 is used.

    When the value is in the form of "tcp://host", such as "tcp://8.8.8.8", Xray will use DNS over TCP for the query. The query follows routing rules. By default, port 53 is used.

    When the value is in the form of "tcp+local://host", such as "tcp+local://8.8.8.8", Xray will use TCP local mode (TCPL) for the query. That is, the DNS request will not go through the routing component and will be sent directly through the Freedom outbound to reduce latency. When no port is specified, port 53 is used by default.

    When the value is in the form of "https://host:port/dns-query", such as "https://dns.google/dns-query", Xray will use DNS over HTTPS (RFC8484, abbreviated as DOH) for the query. Some service providers have IP alias certificates, which can be directly written in IP form, such as https://1.1.1.1/dns-query. Non-standard ports and paths can also be used, such as "https://a.b.c.d:8443/my-dns-query".

    When the value is in the form of "https+local://host:port/dns-query", such as "https+local://dns.google/dns-query", Xray will use DOH local mode (DOHL) for the query, which means that the DOH request will not go through the routing component and will be sent directly through the Freedom outbound to reduce latency. This is generally suitable for server-side use. Non-standard ports and paths can also be used.

    When the value is in the form of "quic+local://host:port", such as "quic+local://dns.adguard.com", Xray will use DOQ local mode (DOQL) for the query, which means that the DNS request will not go through the routing component and will be sent directly through the Freedom outbound. This method requires DNS server support for DNS over QUIC. By default, port 784 is used for the query, and non-standard ports can be used.

    When the value is fakedns, FakeDNS functionality will be used for the query.

    port: number

    The port number of the DNS server, such as 53. If not specified, the default is 53. This item is not applicable when using DOH, DOHL, or DOQL modes, and non-standard ports should be specified in the URL.

    domains: [string]

    A list of domain names. The domain names in this list will be queried using this server first. The format of domain names is the same as in routing configuration.

    expectIPs: [string]

    A list of IP ranges in the same format as in routing configuration.

    When this item is configured, Xray DNS will verify the returned IP addresses and only return addresses that are included in the expectIPs list.

    If this item is not configured, the IP address will be returned as is.

    skipFallback: true | false

    true means to skip this server when performing DNS fallback queries, and the default is false, which means not to skip.

    - + diff --git a/en/config/fakedns.html b/en/config/fakedns.html index f9a53271f1..1415531533 100644 --- a/en/config/fakedns.html +++ b/en/config/fakedns.html @@ -5,7 +5,7 @@ FakeDNS | Project X - + @@ -111,6 +111,6 @@ ] }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    - + diff --git a/en/config/features/browser_dialer.html b/en/config/features/browser_dialer.html index 0e9ed83615..22ef2a2e79 100644 --- a/en/config/features/browser_dialer.html +++ b/en/config/features/browser_dialer.html @@ -5,11 +5,11 @@ Browser Dialer | Project X - +

    Browser Dialer

    BETA v1.4.1+

    Background

    Based on an idea from 2020open in new window, a concise WSS Browser Dialer has been implemented using native JS, achieving true browser TLS fingerprints and behavioral characteristics. However, WSS still has significant issues with ALPN, so the next step is to forward HTTP/2 and QUIC through the browser."

    Xray & JS

    A very simple and clever communication mechanism has been created:

    • Xray listens on address port A as an HTTP service, and the browser accesses A to load the JS in the webpage.
    • The JS actively establishes a WebSocket connection to A. After a successful connection, Xray sends the connection to the channel.
    • When a connection needs to be established, Xray receives an available connection from the channel and sends the target URL and optional early data.
    • Once the JS successfully connects to the target, it informs Xray and continues to use this conn to bi-directionally forward data. Connection closing behavior is synchronized.
    • After the connection is used, it will be closed, but the JS ensures that there is always a new idle connection available."

    Early data

    According to the browser's needs, the early data mechanism has been adjusted as follows:

    • The server response header will contain the requested Sec-WebSocket-Protocol, which also initially obfuscates the length characteristic of the WSS handshake response.
    • The encoding used for early data for browsers is base64.RawURLEncoding instead of StdEncoding, and the server has made it compatible.
    • In addition, due to Xray-core#375open in new window recommendations for ?ed=2048, this PR also increased server MaxHeaderBytes by 4096. (Although it seems like it would work without modification.)

    Configuration v1.4.1

    This is an exploratory process, and the configuration method used when both sides are Xray-core v1.4.1 is as follows:

    • Prepare a usable WSS configuration, making sure to fill in the domain name for the address. If you need to specify an IP address, configure DNS or system hosts.
    • If browser traffic will also pass through Xray-core, be sure to set this domain name as a direct connection, otherwise it will cause traffic looping.
    • Set the environment variable to specify the address port to listen on, such as XRAY_BROWSER_DIALER = 127.0.0.1:8080.
    • First run Xray-core, then use any browser to access the specified address port, and you can also check Console and Network with F12.
    • The browser will limit the number of WebSocket connections, so it is recommended to enable Mux.Cool.
    - + diff --git a/en/config/features/env.html b/en/config/features/env.html index 39064f3477..6ad82653ba 100644 --- a/en/config/features/env.html +++ b/en/config/features/env.html @@ -5,7 +5,7 @@ Environment Variables | Project X - + @@ -13,6 +13,6 @@ /usr/local/share/xray /usr/share/xray
    1
    2
    3

    Configuration File Location

    • Name:xray.location.config or XRAY_LOCATION_CONFIG
    • Default value: Same path as the Xray file.

    This environment variable specifies a folder location that should contain the config.json file.

    Multiple Configuration Directories

    • Name:xray.location.confdir or XRAY_LOCATION_CONFDIR
    • Default value:""

    The .json files in this directory will be read in alphabetical order by filename and used as options for multiple configurations.

    - + diff --git a/en/config/features/fallback.html b/en/config/features/fallback.html index 12db5a4070..d1c70d8e10 100644 --- a/en/config/features/fallback.html +++ b/en/config/features/fallback.html @@ -5,7 +5,7 @@ Fallback | Project X - + @@ -22,6 +22,6 @@ "xver": 0 }
    1
    2
    3
    4
    5
    6
    7

    The fallbacks object is optional and can only be used for the TCP+TLS transport combination.

    • When fallbacks configure with any child elements,"alpn":["http/1.1"] needs to be configured in Inbound TLS.

    Usually, you need to set up a default fallback with both alpn and path omitted or empty, and then configure other routing rules as needed.

    VLESS will forward traffic with TLS decrypted first packet length <18, invalid protocol version, or failed authentication to the address specified by dest.

    For other transport combinations, you must remove the fallbacks object or all its child elements. At this point, no fallbacks will be enabled, and VLESS will wait until it reads enough data. If the protocol version is invalid or authentication fails, the connection will be terminated directly.

    name: string

    Attempt to match the TLS SNI (Server Name Indication), where an empty value matches any SNI. The default value is "", which means empty value.

    alpn: string

    Attempt to match the result of TLS ALPN negotiation, where an empty value matches any ALPN result. The default value is "" , which means empty value.

    VLESS will read the TLS ALPN negotiation result only when necessary. If successful, it will output realAlpn = info to the log. Purpose: To solve the problem of Nginx's inability to simultaneously support http/1.1 and h2c services. Nginx needs to write two lines of listen, one for 1.1 and one for h2c. Note: When "h2" is included in fallbacks alpn, the Inbound TLS needs to be set as "alpn":["h2","http/1.1"] to support h2 access.

    Tip

    The alpn set in the Fallback is used to match the actual negotiated ALPN, while the alpn set in the Inbound TLS represents the list of optional ALPNs during the handshake. These two have different meanings.

    path: string

    Attempt to match the first packet HTTP PATH, where an empty value matches any PATH and a default value is empty. If non-empty, it must start with /, and h2c is not supported.

    Smart: VLESS will only attempt to check the PATH (no more than 55 bytes; the fastest algorithm that does not fully parse HTTP) when necessary. If successful, it will output realPath = in the INFO log. Purpose: To route other inbound WebSocket traffic or HTTP disguised traffic, without additional processing, purely forwarding traffic, and theoretically better performance than Nginx.

    Note: The inbound where fallbacks is located must be TCP+TLS. This is for routing to other WebSocket inbound, while the inbound being routed doesn't need to configure TLS.

    dest: string | number

    Determines the destination of decrypted TLS TCP traffic, which currently supports two types of addresses: (this field is required, otherwise it cannot be started)

    1. TCP, in the format of "addr:port", where addr supports IPv4, domain names, and IPv6. If a domain name is entered, a direct TCP connection will be made (rather than using the built-in DNS resolver).
    2. Unix domain socket, in the format of an absolute path, such as "/dev/shm/domain.socket", which can be prefixed with @ to represent abstractopen in new window, and @@ to represent padded abstract.

    If only the port is specified, both numbers and strings are accepted, such as 80 or "80". This usually points to a plaintext HTTP service (and the addr will be filled in as "127.0.0.1").

    xver: number

    Sends the PROXY protocolopen in new window protocol, which is used to transmit the real source IP and port of the request. The version can be set to 1 or 2, with a default value of 0, which means no PROXY protocol is sent. Version 1 is recommended if needed.

    Currently, versions 1 and 2 have the same functionality but different structures, where version 1 is printable while version 2 is binary. Xray's TCP and WebSocket inbound already support receiving the PROXY protocol.

    Warning

    If you are configuring Nginx to receive the PROXY protocolopen in new window, you need to not only set proxy_protocol, but also set_real_ip_from to avoid potential issues.

    Additional Information

    • Matches the most precise sub-element, regardless of the order of arrangement of the sub-elements. If several sub-elements have the same alpn and path configurations, the last one specified will be used.
    • Fallback routing is performed at the decrypted TCP layer rather than the HTTP layer, and the first packet PATH is only checked when necessary.
    • You can learn more about tips and experiences in using Fallbacks by visiting

    Fallbacks design theory WIP

    - + diff --git a/en/config/features/multiple.html b/en/config/features/multiple.html index 7c3940c18b..52aa760a0e 100644 --- a/en/config/features/multiple.html +++ b/en/config/features/multiple.html @@ -5,7 +5,7 @@ Multi-file configuration | Project X - + @@ -84,6 +84,6 @@ 0 directories, 10 files
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    - + diff --git a/en/config/features/xtls.html b/en/config/features/xtls.html index ccd6b85d60..66bd0fc563 100644 --- a/en/config/features/xtls.html +++ b/en/config/features/xtls.html @@ -5,11 +5,11 @@ Deep analysis of XTLS | Project X - + - + diff --git a/en/config/inbound.html b/en/config/inbound.html index 5cd3c4039e..a9f0b723ed 100644 --- a/en/config/inbound.html +++ b/en/config/inbound.html @@ -5,7 +5,7 @@ Inbound Proxy | Project X - + @@ -43,6 +43,6 @@ "concurrency": 3 }
    1
    2
    3
    4
    5

    strategy: "always" | "random"

    The port allocation strategy.

    • "always" means all specified ports in port will be allocated, and Xray will listen on these ports.
    • "random" means ports will be randomly selected from the port range every refresh minutes, and concurrency ports will be listened on.

    refresh: number

    The interval for refreshing randomly allocated ports in minutes. The minimum value is 2, and it is recommended to set to 5. This property is only effective when strategy is set to "random".

    concurrency: number

    The number of randomly allocated ports. The minimum value is 1, and the maximum value is one-third of the port range. It is recommended to set to 3.

    - + diff --git a/en/config/inbounds/dokodemo.html b/en/config/inbounds/dokodemo.html index 530f25050c..c67af6ea86 100644 --- a/en/config/inbounds/dokodemo.html +++ b/en/config/inbounds/dokodemo.html @@ -5,7 +5,7 @@ Dokodemo-Door | Project X - + @@ -18,6 +18,6 @@ "userLevel": 0 }
    1
    2
    3
    4
    5
    6
    7
    8

    address: address

    The address to forward the traffic to. It can be an IP address like "1.2.3.4" or a domain name like "xray.com". It is a string type.

    When followRedirect (see below) is set to true, address can be empty.

    port: number

    The specified port on the destination address to forward the traffic to. It should be in the range 1,655351,65535. It is a numeric value and is a required parameter.

    network: "tcp" | "udp" | "tcp,udp"

    The supported network protocol type. For example, when specified as "tcp", it will only receive TCP traffic. The default value is "tcp".

    timeout: number

    The idle timeout in seconds. The default value is 300. When handling a connection, if no data is transmitted within the timeout period, the connection will be terminated.

    followRedirect: true | false

    When set to true, dokodemo-door will recognize data forwarded by iptables and forward it to the corresponding destination address.

    Refer to the tproxy setting in the Transport Configuration for more information.

    userLevel: number

    The user level that the connection will use to determine the corresponding Local Policy.

    The value of userLevel corresponds to the value of level in the policy. If not specified, the default value is 0.

    Transparent Proxy Configuration Example

    Please refer to the Transparent Proxy (TProxy) Configuration Tutorial for this section.

    - + diff --git a/en/config/inbounds/http.html b/en/config/inbounds/http.html index 5d8c560527..eb398d50aa 100644 --- a/en/config/inbounds/http.html +++ b/en/config/inbounds/http.html @@ -5,7 +5,7 @@ HTTP | Project X - + @@ -25,6 +25,6 @@ "pass": "my-password" }
    1
    2
    3
    4

    user: string

    The username. It is a string and is required.

    pass: string

    The password. It is a string and is required.

    - + diff --git a/en/config/inbounds/shadowsocks.html b/en/config/inbounds/shadowsocks.html index 42ff2450a9..8da70cd698 100644 --- a/en/config/inbounds/shadowsocks.html +++ b/en/config/inbounds/shadowsocks.html @@ -5,7 +5,7 @@ Shadowsocks | Project X - + @@ -28,6 +28,6 @@
    1
    2
    3
    4
    5
    6

    method: string, any of the supported methods

    Required.

    password: string

    Required. For Shadowsocks 2022 a pre-shared base64 random key similar to WireGuard's keys should be used as the password. The command

    openssl rand -base64 <length>
     
    1

    could used to generate a key. The length of the required key for shadowsocks-rust implementation depends on the encryption method:

    Encryption MethodKey Length
    2022-blake3-aes-128-gcm16
    2022-blake3-aes-256-gcm32
    2022-blake3-chacha20-poly130532

    In the go-shadowsocks implementation written in Golang, a 32-byte key always works.

    For any other encryption method any string could be used. There is no limitation on the password length, but shorter passwords are more susceptible to cracking. It is recommended to use a random-generated password of 16 characters or longer. The following example generates 40-characters length password:

    sudo strings /dev/urandom | grep -o '[[:alnum:]]' | head -n 40 | tr -d '\n'; echo
     
    1

    level: number

    The user level that the connection will use to determine the corresponding Local Policy.

    The value of level corresponds to the value of level in the policy. If not specified, the default value is 0.

    email: string

    The user's email, used to differentiate traffic from different users for logs or statistics.

    - + diff --git a/en/config/inbounds/socks.html b/en/config/inbounds/socks.html index c47a71faad..b3d976e425 100644 --- a/en/config/inbounds/socks.html +++ b/en/config/inbounds/socks.html @@ -5,7 +5,7 @@ SOCKS | Project X - + @@ -26,6 +26,6 @@ "pass": "my-password" }
    1
    2
    3
    4

    user: string

    The username as a string. Required.

    pass: string

    The password as a string. Required.

    - + diff --git a/en/config/inbounds/trojan.html b/en/config/inbounds/trojan.html index dbf1812de1..8dc990dc27 100644 --- a/en/config/inbounds/trojan.html +++ b/en/config/inbounds/trojan.html @@ -5,7 +5,7 @@ Trojan | Project X - + @@ -29,6 +29,6 @@ "level": 0 }
    1
    2
    3
    4
    5

    password: string

    Required. Any string.

    email: string

    Email address. Optional. Used to identify the user.

    Danger

    If there are multiple ClientObjects, please make sure that the email addresses are not duplicated.

    level: number

    The user level that the connection will use to determine the corresponding Local Policy.

    The value of level corresponds to the value of level in the policy. If not specified, the default value is 0.

    - + diff --git a/en/config/inbounds/vless.html b/en/config/inbounds/vless.html index 21d8fbecd5..cb31ad47a7 100644 --- a/en/config/inbounds/vless.html +++ b/en/config/inbounds/vless.html @@ -5,7 +5,7 @@ VLESS | Project X - + @@ -32,6 +32,6 @@ "flow": "xtls-rprx-vision" }
    1
    2
    3
    4
    5
    6

    id: string

    The user ID for VLESS. It can be any string less than 30 bytes or a valid UUID. Custom strings and their corresponding UUIDs are equivalent, which means you can use either of the following in the configuration file to identify the same user:

    • "id": "我爱🍉老师1314"
    • "id": "5783a3e7-e373-51cd-8642-c83782b807c5" (This UUID is the mapping of the string "我爱 🍉 老师 1314")

    The mapping standard is described in the VLESS UUID Mapping Standard: Mapping a Custom String to a UUIDv5open in new window.

    You can use the command xray uuid -i "custom string" to generate the UUID corresponding to a custom string.

    You can also use the command xray uuid to generate a random UUID.

    level: number

    The user level that the connection will use to determine the corresponding Local Policy.

    The value of level corresponds to the value of level in the policy. If not specified, the default value is 0.

    email: string

    User email address used to differentiate traffic from different users (reflected in logs and statistics).

    flow: string

    Flow control mode used to select the XTLS algorithm.

    Currently, the following flow control modes are available for inbound protocols:

    • No flow, empty string, or none: Use regular TLS proxy.
    • xtls-rprx-vision: Use the new XTLS mode, including inner-handshake random padding.

    Additionally, XTLS currently only supports TCP, mKCP, and DomainSocket as transport methods.

    - + diff --git a/en/config/inbounds/vmess.html b/en/config/inbounds/vmess.html index 0de0614389..973086e80a 100644 --- a/en/config/inbounds/vmess.html +++ b/en/config/inbounds/vmess.html @@ -5,7 +5,7 @@ VMess | Project X - + @@ -36,6 +36,6 @@ "level": 0 }
    1
    2
    3

    level: number

    The user level that the connection will use to determine the corresponding Local Policy.

    The value of level corresponds to the value of level in the policy. If not specified, the default value is 0.

    - + diff --git a/en/config/index.html b/en/config/index.html index 18e69d0790..207a97dafe 100644 --- a/en/config/index.html +++ b/en/config/index.html @@ -5,7 +5,7 @@ Configurations | Project X - + @@ -23,6 +23,6 @@ "fakedns": {} }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13

    Warning

    If you are new to Xray, you can first click to view configuration and running in the Quick Start guide, to learn the most basic configuration method, and then refer to the contents of this section to master all the configuration methods of Xray.

    Basic Configuration Modules

    log:LogObject

    Log configuration, which controls the way Xray outputs logs.

    api:ApiObject

    Provides some API interfaces for remote calls.

    dns: DnsObject

    Built-in DNS server. If this item is not configured, the system's DNS settings will be used.

    routing: RoutingObject

    Routing function. You can set rules to route data to different outbounds.

    policy: PolicyObject

    Local policy, which can set different user levels and corresponding policy settings.

    inbounds: [ InboundObject ]

    An array, with each element being an inbound connection configuration.

    outbounds: [ OutboundObject ]

    An array, with each element being an outbound connection configuration.

    transport: TransportObject

    Used to configure the way Xray establishes and uses network connections with other servers.

    stats: StatsObject

    Used to configure traffic data statistics.

    reverse: ReverseObject

    Reverse proxy. You can forward server-side traffic to the client, that is, reverse traffic forwarding.

    fakedns: FakeDnsObject

    FakeDNS configuration. It can be used with transparent proxy to obtain the actual domain name.

    - + diff --git a/en/config/log.html b/en/config/log.html index 6013620c87..578e309161 100644 --- a/en/config/log.html +++ b/en/config/log.html @@ -5,7 +5,7 @@ Log Configuration | Project X - + @@ -18,6 +18,6 @@ } }
    1
    2
    3
    4
    5
    6
    7
    8

    access: string

    The file path for the access log. The value is a valid file path, such as "/var/log/Xray/access.log" (Linux) or "C:\\Temp\\Xray\\_access.log" (Windows). When this item is not specified or is an empty value, the log is output to stdout.

    • The special value none disables access logs.

    error: string

    The file path for the error log. The value is a valid file path, such as "/var/log/Xray/error.log" (Linux) or "C:\\Temp\\Xray\\_error.log" (Windows). When this item is not specified or is an empty value, the log is output to stdout.

    • The special value none disables error logs.

    loglevel: "debug" | "info" | "warning" | "error" | "none"

    The log level for error logs, indicating the information that needs to be recorded. The default value is "warning".

    • "debug": Output information used for debugging the program. Includes all "info" content.
    • "info": Runtime status information, etc., which does not affect normal use. Includes all "warning" content.
    • "warning": Information output when there are some problems that do not affect normal operation but may affect user experience. Includes all "error" content.
    • "error": Xray encountered a problem that cannot be run normally and needs to be resolved immediately.
    • "none": Do not record any content.

    dnsLog: bool

    Whether to enable DNS query logs, for example: DOH//doh.server got answer: domain.com -> [ip1, ip2] 2.333ms.

    - + diff --git a/en/config/outbound.html b/en/config/outbound.html index c209e79cbe..607b292657 100644 --- a/en/config/outbound.html +++ b/en/config/outbound.html @@ -5,7 +5,7 @@ Outbound Proxies | Project X - + @@ -32,6 +32,6 @@ "concurrency": 8 }
    1
    2
    3
    4

    enabled: true | false

    Whether to enable Mux forwarding requests, default is false.

    concurrency: number

    Maximum concurrent connections. Minimum value is 1, maximum value is 1024, default is 8.

    This value represents the maximum number of Mux connections that can be carried on a TCP connection. For example, when concurrency=8 is set, if the client sends 8 TCP requests, Xray will only send one actual TCP connection, and all 8 requests from the client will be transmitted through this TCP connection.

    Tip

    When filling in a negative number, such as -1, the mux module is not loaded.

    - + diff --git a/en/config/outbounds/blackhole.html b/en/config/outbounds/blackhole.html index a488fbd47c..ef6023e6b9 100644 --- a/en/config/outbounds/blackhole.html +++ b/en/config/outbounds/blackhole.html @@ -5,7 +5,7 @@ Blackhole | Project X - + @@ -18,6 +18,6 @@ "type": "none" }
    1
    2
    3

    type: "http" | "none"

    When type is set to "none" (default value), the blackhole will simply close the connection.

    When type is set to "http", the blackhole will send a simple HTTP 403 packet as the response and then close the connection.

    - + diff --git a/en/config/outbounds/dns.html b/en/config/outbounds/dns.html index ec645615ca..c5fe4380ef 100644 --- a/en/config/outbounds/dns.html +++ b/en/config/outbounds/dns.html @@ -5,7 +5,7 @@ DNS | Project X - + @@ -16,6 +16,6 @@ "nonIPQuery": "drop" }
    1
    2
    3
    4
    5
    6

    network: "tcp" | "udp"

    Modifies the transport layer protocol for DNS traffic. The possible values are "tcp" and "udp". When not specified, the original transport method will be retained.

    address: address

    Modifies the DNS server address. When not specified, the original address specified in the source will be retained.

    port: number

    Modifies the DNS server port. When not specified, the original port specified in the source will be retained.

    nonIPQuery: string

    Control non IP queries (neither A or AAAA), "drop" this request or "skip" processing in DNS module,the request will be forwarded to target. By default is "drop".

    DNS Configuration Example WIP

    - + diff --git a/en/config/outbounds/freedom.html b/en/config/outbounds/freedom.html index d825930901..38f203987c 100644 --- a/en/config/outbounds/freedom.html +++ b/en/config/outbounds/freedom.html @@ -5,7 +5,7 @@ Freedom | Project X - + @@ -20,6 +20,6 @@ } }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10

    domainStrategy: "AsIs" | "UseIP" | "UseIPv4" | "UseIPv6"

    When the destination address is a domain name, configure the corresponding value for Freedom's behavior:

    • "AsIs": Freedom resolves the domain name using the system DNS server and connects to it.
    • "UseIP", "UseIPv4", and "UseIPv6": Xray resolves the domain name using the built-in DNS server and connects to it. The default value is "AsIs".

    TIP 1

    When using the "UseIP" mode and the sendThrough field is specified in the outbound connection configuration, Freedom will automatically determine the required IP type, IPv4 or IPv6, based on the value of sendThrough.

    TIP 2

    When using the "UseIPv4" or "UseIPv6" mode, Freedom will only use the corresponding IPv4 or IPv6 address. If sendThrough specifies a mismatched local address, the connection will fail.

    redirect: address_port

    Freedom will force all data to be sent to the specified address (instead of the address specified in the inbound).

    It is a string value, for example: "127.0.0.1:80", ":1234".

    When the address is not specified, such as ":443", Freedom will not modify the original destination address. When the port is 0, such as "xray.com:0", Freedom will not modify the original port.

    userLevel: number

    User level. The connection will use the corresponding local policy for this user level.

    The value of userLevel corresponds to the value of level in the policy. If not specified, the default value is 0.

    fragment: map

    A key-value map used to control TCP fragmentation,under some circumstances it can cheat the censor syetem, like bypass a SNI blacklist.

    "packets":support two different methods. "1-3" is for segmentation at TCP layer, applying to the beginning 1 to 3 data writes by the client. "tlshello" is for TLS client hello packet fragmentation.

    "length": length to make the cut

    "interval": time between fragments(ms)

    - + diff --git a/en/config/outbounds/http.html b/en/config/outbounds/http.html index 512d22286a..10afb65bfc 100644 --- a/en/config/outbounds/http.html +++ b/en/config/outbounds/http.html @@ -5,7 +5,7 @@ HTTP | Project X - + @@ -38,6 +38,6 @@ "pass": "my-password" }
    1
    2
    3
    4

    user: string

    The username. Required.

    pass: string

    The password. Required.

    - + diff --git a/en/config/outbounds/shadowsocks.html b/en/config/outbounds/shadowsocks.html index 3bcd84eef9..d8e50dbdf0 100644 --- a/en/config/outbounds/shadowsocks.html +++ b/en/config/outbounds/shadowsocks.html @@ -5,7 +5,7 @@ Shadowsocks | Project X - + @@ -32,6 +32,6 @@ "level": 0 }
    1
    2
    3
    4
    5
    6
    7
    8
    9

    email: string

    Email address (optional) used to identify the user.

    address: address

    The address of the Shadowsocks server, supporting IPv4, IPv6, and domain names. Required.

    port: number

    The port of the Shadowsocks server. Required.

    method: string

    Encryption method. Required.

    password: string

    Password. Required.

    uot: bool

    When enabled, UDP over TCP (UOT) will be used.

    • Shadowsocks 2022

    Use a pre-shared key (PSK) similar to WireGuard as the password.

    To generate a compatible key with shadowsocks-rust, use openssl rand -base64 <length>, where the length depends on the encryption method used.

    Encryption MethodKey Length
    2022-blake3-aes-128-gcm16
    2022-blake3-aes-256-gcm32
    2022-blake3-chacha20-poly130532

    In the Go implementation, a 32-byte key always works.

    • Other encryption methods

    Any string can be used as a password. There is no limit on the password length, but shorter passwords are more susceptible to cracking. It is recommended to use a password of 16 characters or longer.

    level: number

    User level. Connections will use the corresponding local policy associated with this user level.

    The level value corresponds to the level value in the policy. If not specified, the default value is 0.

    - + diff --git a/en/config/outbounds/socks.html b/en/config/outbounds/socks.html index d1eb7b8c25..5908b771df 100644 --- a/en/config/outbounds/socks.html +++ b/en/config/outbounds/socks.html @@ -5,7 +5,7 @@ Socks | Project X - + @@ -41,6 +41,6 @@ "level": 0 }
    1
    2
    3
    4
    5

    user: string

    The username. Required.

    pass: string

    The password. Required.

    level: number

    The user level. Connections will use the corresponding local policy associated with this user level.

    The level value corresponds to the level value in the policy. If not specified, the default value is 0.

    - + diff --git a/en/config/outbounds/trojan.html b/en/config/outbounds/trojan.html index f3f72a6059..0d5219c35e 100644 --- a/en/config/outbounds/trojan.html +++ b/en/config/outbounds/trojan.html @@ -5,7 +5,7 @@ Trojan | Project X - + @@ -28,6 +28,6 @@ "level": 0 }
    1
    2
    3
    4
    5
    6
    7

    address: address

    The server address, which can be an IPv4, IPv6, or domain name. Required.

    port: number

    The server port, usually the same port that the server is listening on.

    password: string

    The password for authentication. Required. It can be any string.

    email: string

    The email address, optional, used to identify the user.

    level: number

    The user level. Connections will use the corresponding local policy associated with this user level.

    The level value corresponds to the level value in the policy. If not specified, the default value is 0.

    - + diff --git a/en/config/outbounds/vless.html b/en/config/outbounds/vless.html index 9faa0f8de9..a0208ee136 100644 --- a/en/config/outbounds/vless.html +++ b/en/config/outbounds/vless.html @@ -5,7 +5,7 @@ VLESS | Project X - + @@ -44,6 +44,6 @@ "level": 0 }
    1
    2
    3
    4
    5
    6

    id: string

    The user ID of VLESS, which can be any string less than 30 bytes, or a valid UUID. Custom strings and their mapped UUIDs are equivalent, which means you can write an id in the configuration file to identify the same user, i.e.

    • Write "id": "I love 🍉 teacher 1314",
    • Or write "id": "5783a3e7-e373-51cd-8642-c83782b807c5" (this UUID is the UUID mapping of I love 🍉 teacher 1314)

    The mapping standard is in VLESS UUID mapping standard: mapping custom strings to a UUIDv5open in new window

    You can use the command xray uuid -i "custom string" to generate the UUID mapped by the custom string, or use the command xray uuid to generate a random UUID.

    encryption: "none"

    Need to fill in "none", cannot be left empty.

    This requirement is to remind users that there is no encryption and to prevent users from filling in the wrong attribute name or location, causing exposure when encryption methods come out in the future.

    If the value of encryption is not set correctly, an error message will be received when using Xray or -test.

    flow: string

    Flow control mode, used to select the XTLS algorithm.

    Currently, there are the following flow control modes available in the outbound protocol:

    • No flow, empty character or none: using regular TLS proxy
    • xtls-rprx-vision: using the new XTLS mode includes inner handshake random padding supports uTLS client fingerprint simulation
    • xtls-rprx-vision-udp443: same as xtls-rprx-vision, but allows UDP traffic with a destination of port 443

    In addition, currently, XTLS only supports TCP, mKCP, and DomainSocket transport modes.

    About xtls-rprx-*-udp443 flow control mode

    When using Xray-core's XTLS, traffic to UDP port 443 is blocked by default (generally for QUIC), so the application will use TLS instead of QUIC, and XTLS will take effect. In fact, QUIC itself is not suitable for proxying because it has its own TCP functionality. When it is transmitted as UDP traffic through the VLESS protocol, the underlying protocol is TCP, which is equivalent to two layers of TCP.

    If you do not need to block it, please fill in xtls-rprx-*-udp443 on the client side and do not change the server side.

    About Splice mode

    Splice is a function provided by the Linux Kernel. The system kernel directly forwards TCP without going through Xray's memory, greatly reducing the number of data copies and CPU context switches.

    The usage restrictions of Splice mode are:

    • Linux environment
    • Inbound protocols are Dokodemo door, Socks, HTTP, etc., pure TCP connections, or other inbound protocols that use XTLS
    • Outbound protocol is VLESS + XTLS
    • It is worth noting that when using the mKCP protocol, Splice will not be used (yes, although there is no error, it is not used at all)

    In addition, when using Splice, the speed display will lag behind, which is a feature, not a bug.

    Using Vision mode will automatically enable Splice if the above conditions are met.

    level: number

    User level, the connection will use the local policy corresponding to this user level.

    The value of level corresponds to the value of level in policy. If not specified, the default is 0.

    - + diff --git a/en/config/outbounds/vmess.html b/en/config/outbounds/vmess.html index 007a62ce36..5fbf167398 100644 --- a/en/config/outbounds/vmess.html +++ b/en/config/outbounds/vmess.html @@ -5,7 +5,7 @@ VMess | Project X - + @@ -35,6 +35,6 @@ "level": 0 }
    1
    2
    3
    4
    5

    id: string

    The user ID for VMess, which can be any string less than 30 bytes or a valid UUID.

    Custom strings and their corresponding UUIDs are equivalent. This means that you can use either a custom string or its corresponding UUID to identify the same user in the configuration file. For example:

    • Write "id": "我爱🍉老师1314",
    • Or write "id": "5783a3e7-e373-51cd-8642-c83782b807c5" (this UUID is the mapping of the custom string "我爱 🍉 老师 1314")

    The mapping standard is described in the VLESS UUID Mapping Standard: Mapping a Custom String to a UUIDv5open in new window.

    You can use the command xray uuid -i "custom string" to generate the UUID corresponding to a custom string, or use the command xray uuid to generate a random UUID.

    level: number

    The user level. Connections will use the corresponding local policy associated with this user level.

    The level value corresponds to the level value in the policy. If not specified, the default value is 0.

    security: "aes-128-gcm" | "chacha20-poly1305" | "auto" | "none" | "zero"

    The encryption method. The client will use the configured encryption method to send data, and the server will automatically recognize it without the need for configuration.

    • "aes-128-gcm": Recommended for use on PCs.
    • "chacha20-poly1305": Recommended for use on mobile devices.
    • "auto": Default value. Automatically selects the encryption method (uses aes-128-gcm when running on AMD64, ARM64, or s390x architecture, and Chacha20-Poly1305 in other cases).
    • "none": No encryption.
    • "zero": No encryption and no message authentication (v1.4.0+).

    Tip

    It is recommended to use the "auto" encryption method as it ensures long-term security and compatibility.

    The "none" pseudo-encryption method calculates and verifies the packet's checksum. However, due to the lack of hardware support for the authentication algorithm, it may be slower than the hardware-accelerated "aes-128-gcm" on some platforms.

    The "zero" pseudo-encryption method neither encrypts the message nor calculates the checksum, theoretically providing higher speed than any other encryption method. The actual speed may be influenced by other factors.

    It is not recommended to use the "none" or "zero" pseudo-encryption methods without enabling TLS encryption and forcibly verifying certificates. If you use a CDN or other intermediate platforms or network environments that decrypt TLS connections, it is not recommended to use the "none" or "zero" pseudo-encryption methods.

    Regardless of the encryption method used, the VMess packet header is protected by encryption and authentication.

    - + diff --git a/en/config/outbounds/wireguard.html b/en/config/outbounds/wireguard.html index 14ff412d79..21314109e4 100644 --- a/en/config/outbounds/wireguard.html +++ b/en/config/outbounds/wireguard.html @@ -5,7 +5,7 @@ Wireguard | Project X - + @@ -34,6 +34,6 @@ "allowedIPs": ["0.0.0.0/0"] // optional, default ["0.0.0.0/0", "::/0"] }
    1
    2
    3
    4
    5
    6
    7

    endpoint: address

    The server address. Required.

    Tip

    Use the format url:port, for example, engage.cloudflareclient.com:2408.

    publicKey: string

    The server's public key used for verification. Required.

    preSharedKey: string

    An additional symmetric encryption key.

    keepAlive: int

    The interval of keep-alive packets in seconds. The default is 0, which means no keep-alive.

    allowedIPs: string array

    Only allow traffic from specific source IP addresses in Wireguard.

    - + diff --git a/en/config/policy.html b/en/config/policy.html index 31bfa37250..4266afa2e0 100644 --- a/en/config/policy.html +++ b/en/config/policy.html @@ -5,7 +5,7 @@ Local Policy | Project X - + @@ -46,6 +46,6 @@ "statsOutboundDownlink": false }
    1
    2
    3
    4
    5
    6

    statsInboundUplink: true | false

    When set to true, enables upstream traffic statistics for all inbound proxies.

    statsInboundDownlink: true | false

    When set to true, enables downstream traffic statistics for all inbound proxies.

    statsOutboundUplink: true | false

    When set to true, enables upstream traffic statistics for all outbound proxies.

    statsOutboundDownlink: true | false

    When set to true, enables downstream traffic statistics for all outbound proxies.

    - + diff --git a/en/config/reverse.html b/en/config/reverse.html index 48b7003dc5..2196967532 100644 --- a/en/config/reverse.html +++ b/en/config/reverse.html @@ -5,7 +5,7 @@ Reverse Proxy | Project X - + @@ -125,6 +125,6 @@ ] }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    - + diff --git a/en/config/routing.html b/en/config/routing.html index 60bfcbb138..ac4373005d 100644 --- a/en/config/routing.html +++ b/en/config/routing.html @@ -5,7 +5,7 @@ Routing | Project X - + @@ -38,6 +38,6 @@ "selector": [] }
    1
    2
    3
    4

    tag: string

    The identifier of this load balancer, used to match balancerTag in RuleObject.

    selector: [ string ]

    An array of strings, each of which will be used to match the prefix of the outbound identifier. For example, in the following outbound identifiers: [ "a", "ab", "c", "ba" ], "selector": ["a"] will match [ "a", "ab" ].

    If multiple outbounds are matched, the load balancer currently selects one randomly as the final outbound.

    Predefined Domain Lists

    This list is included in every Xray installation package, and the file name is geosite.dat. This file contains some common domain names, which can be used as geosite:filename to perform routing or DNS filtering for domain names that match those in the file.

    Common domain lists include:

    • category-ads: Contains common advertising domain names.
    • category-ads-all: Contains common advertising domain names and advertising provider domain names.
    • cn: Equivalent to the combination of geolocation-cn and tld-cn.
    • apple: Contains most of the domain names under Apple.
    • google: Contains most of the domain names under Google.
    • microsoft: Contains most of the domain names under Microsoft.
    • facebook: Contains most of the domain names under Facebook.
    • twitter: Contains most of the domain names under Twitter.
    • telegram: Contains most of the domain names under Telegram.
    • geolocation-cn: Contains common domain names of mainland Chinese websites.
    • geolocation-!cn: Contains common domain names of non-mainland Chinese websites, as well as tld-!cn.
    • tld-cn: Contains top-level domain names managed by CNNIC for mainland China, such as domain names ending in .cn and .中国.
    • tld-!cn: Contains top-level domain names used outside mainland China, such as domain names ending in .hk (Hong Kong), .tw (Taiwan), .jp (Japan), .sg (Singapore), .us (United States), and .ca (Canada).

    You can also find the complete list of domain names here: Domain list communityopen in new window.

    - + diff --git a/en/config/stats.html b/en/config/stats.html index 44b19ebb06..ec5debd5cd 100644 --- a/en/config/stats.html +++ b/en/config/stats.html @@ -5,7 +5,7 @@ Traffic Statistics | Project X - + @@ -13,6 +13,6 @@ "stats": {} }
    1
    2
    3

    Currently, no parameters are required for traffic statistics, and internal statistics will be enabled as long as the StatsObject item exists.

    After statistics are enabled, you only need to enable the corresponding items in the Policy to collect the corresponding data.

    Retrieving Traffic Statistics

    You can use the xray api command to retrieve traffic statistics.

    The current traffic statistics are as follows:

    • User Data

      • user>>>[email]>>>traffic>>>uplink

        The uplink traffic of a specific user, in bytes.

      • user>>>[email]>>>traffic>>>downlink

        The downlink traffic of a specific user, in bytes.

    Tip

    If the corresponding user does not have an email specified, statistics will not be enabled.

    • Global Data

      • inbound>>>[tag]>>>traffic>>>uplink

        The uplink traffic of a specific inbound, in bytes.

      • inbound>>>[tag]>>>traffic>>>downlink

        The downlink traffic of a specific inbound, in bytes.

      • outbound>>>[tag]>>>traffic>>>uplink

        The uplink traffic of a specific outbound, in bytes.

      • outbound>>>[tag]>>>traffic>>>downlink

        The downlink traffic of a specific outbound, in bytes.

    - + diff --git a/en/config/transport.html b/en/config/transport.html index 9de9cee3c5..a82bede416 100644 --- a/en/config/transport.html +++ b/en/config/transport.html @@ -5,7 +5,7 @@ Transport Protocol | Project X - + @@ -122,6 +122,6 @@ "interface": "wg0" }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11

    mark: number

    An integer value. When its value is non-zero, SO_MARK is marked with this value on the outbound connection.

    • Only applicable to Linux systems.
    • Requires CAP_NET_ADMIN permission.

    tcpFastOpen: true | false | number

    Specifies whether TCP Fast Openopen in new window is enabled.

    When its value is true or a positive integer, TFO is enabled; when its value is false or a negative integer, TFO is forced to be disabled; when this item does not exist or is 0, the system default setting is used. It can be used for inbound/outbound connections.

    • Only available in the following (or later) versions of operating systems:
      • Windows 10 (1607)
      • Mac OS 10.11 / iOS 9
      • Linux 3.16: It needs to be set through the kernel parameter net.ipv4.tcp_fastopen, which is a bitmap. 0x1 represents the client allows enabling it, and 0x2 represents the server allows enabling it. The default value is 0x1. If the server wants to enable TFO, set this kernel parameter value to 0x3.
      • FreeBSD 10.3 (Server) / 12.0 (Client): The kernel parameters net.inet.tcp.fastopen.server_enabled and net.inet.tcp.fastopen.client_enabled need to be set to 1.
    • For inbound, the positive integer set here represents the maximum number of TFO connection requests to be processed, note that not all operating systems support this setting:
      • Linux/FreeBSD: The positive integer value set here represents the upper limit, and the maximum acceptable value is 2147483647. If it is set to true, it will take 256. Note that in Linux, net.core.somaxconn will limit the upper limit of this value. If it exceeds somaxconn, please also increase somaxconn.
      • Mac OS: When it is true or a positive integer, it only represents enabling TFO, and the upper limit needs to be set separately through the kernel parameter net.inet.tcp.fastopen_backlog.
      • Windows: When it is true or a positive integer, it only represents enabling TFO.
    • For outbound, setting it to true or a positive integer only represents enabling TFO on any operating system.

    tproxy: "redirect" | "tproxy" | "off"

    Specifies whether to enable transparent proxy (only applicable to Linux).

    • "redirect": Use the transparent proxy in Redirect mode. It supports all TCP and UDP connections based on IPv4/6.
    • "tproxy": Use the transparent proxy in TProxy mode. It supports all TCP and UDP connections based on IPv4/6.
    • "off": Turn off transparent proxy.

    Transparent proxy requires Root or CAP\_NET\_ADMIN permission.

    Danger

    When followRedirect is set to true in Dokodemo-door, and tproxy in the Sockopt settings is empty, the value of tproxy in the Sockopt settings will be set to "redirect".

    domainStrategy: "AsIs" | "UseIP" | "UseIPv4" | "UseIPv6"

    In previous versions, when Xray attempted to establish a system connection using a domain name, the resolution of the domain name was completed by the system and not controlled by Xray. This led to issues such as the inability to resolve domain names in non-standard Linux environments. To solve this problem, Xray 1.3.1 introduced Freedom's domainStrategy into Sockopt.

    When the target address is a domain name, the corresponding value is configured, and the behavior of SystemDialer is as follows:

    • "AsIs": Resolve the IP address using the system DNS server and connect to the domain name.
    • "UseIP", "UseIPv4", and "UseIPv6": Resolve the IP address using the built-in DNS server and connect to the IP address directly.

    The default value is "AsIs".

    Danger

    Improper configuration may cause infinite loops when this feature is enabled.

    In short, connecting to the server requires waiting for the DNS query result, and completing the DNS query requires connecting to the server.

    Tony: Which came first, the chicken or the egg?

    Explanation:

    1. Trigger condition: proxy server (proxy.com). Built-in DNS server, non-local mode.
    2. Before Xray attempts to establish a TCP connection to proxy.com, it queries proxy.com using the built-in DNS server.
    3. The built-in DNS server establishes a connection to dns.com and sends a query to obtain the IP address of proxy.com.
    4. Improper routing rules cause proxy.com to proxy the query sent in step 3.
    5. Xray attempts to establish another TCP connection to proxy.com.
    6. Before establishing the connection, Xray queries proxy.com using the built-in DNS server.
    7. The built-in DNS server reuses the connection established in step 3 to send a query.
    8. A problem arises. The establishment of the connection in step 3 requires waiting for the query result in step 7, and the completion of the query in step 7 requires waiting for the connection in step 3 to be fully established.
    9. Good game!

    Solution:

    • Adjust the split of internal DNS servers.
    • Use Hosts file.
    • If you still don't know the solution, then don't use this feature.

    Therefore, it is not recommended for inexperienced users to use this feature.

    dialerProxy: ""

    An identifier for an outbound proxy. When the value is not empty, the specified outbound will be used to establish the connection. This option can be used to support chain forwarding of underlying transport protocols.

    Danger

    This option is incompatible with ProxySettingsObject.Tag

    acceptProxyProtocol: true | false

    Only used for inbound, indicates whether to accept the PROXY protocol.

    PROXY protocolopen in new window is used to pass the true source IP and port of a request. If you are not familiar with it, please ignore this option first.

    Common reverse proxy software (such as HAProxy, Nginx) can be configured to send it, and VLESS fallbacks xver can also send it.

    When set to true, after the lowest-level TCP connection is established, the requesting party must first send PROXY protocol v1 or v2, otherwise the connection will be closed.

    tcpKeepAliveInterval: number

    Interval between TCP keep-alive packets, in seconds. This setting only applies to Linux.

    Not configuring this item or configuring it as 0 means using the default value of Go.

    Tip

    When filling in a negative number, such as -1, TCP keep-alive is not enabled.

    tcpcongestion: ""

    TCP congestion control algorithm. Only supported by Linux. Not configuring this item means using the system default value.

    Tip

    Common algorithms

    • bbr (recommended)
    • cubic
    • reno

    Tip

    Execute the command sysctl net.ipv4.tcp_congestion_control to get the system default value.

    interface: ""

    Specifies the name of the bound outbound network interface. Only supported by Linux,Darwin(MacOS,iOS).

    - + diff --git a/en/config/transports/domainsocket.html b/en/config/transports/domainsocket.html index ea897fed00..42100e1e77 100644 --- a/en/config/transports/domainsocket.html +++ b/en/config/transports/domainsocket.html @@ -5,7 +5,7 @@ Domain Socket | Project X - + @@ -15,6 +15,6 @@ "padding": false }
    1
    2
    3
    4
    5

    path: string

    A valid file path.

    Danger

    This file must not exist before running Xray.

    abstract: true | false

    Whether it is an abstract domain socket, with a default value of false.

    padding: true | false

    Whether the abstract domain socket has padding, with a default value of false.

    - + diff --git a/en/config/transports/grpc.html b/en/config/transports/grpc.html index cf852690c6..dea088d9ba 100644 --- a/en/config/transports/grpc.html +++ b/en/config/transports/grpc.html @@ -5,7 +5,7 @@ gRPC | Project X - + @@ -18,6 +18,6 @@ "initial_windows_size": 0 }
    1
    2
    3
    4
    5
    6
    7
    8

    serviceName: string

    A string that specifies the service name, similar to the path in HTTP/2.

    The client will use this name for communication, and the server will verify whether the service name matches.

    multiMode: true | false BETA

    true enables multiMode, with a default value of false.

    This is an experimental option that may not be retained for the long term, and cross-version compatibility is not guaranteed. This mode can bring about a performance improvement of around 20% in test environments, but actual effects may vary depending on the transmission rate.

    Tip

    Only need to be configured in outbound (client).

    idle_timeout: number

    The health check is performed when no data transmission occurs for a certain period of time, measured in seconds. If this value is set to less than 10, 10 will be used as the minimum value.

    Tip

    If you are not using reverse proxy tools such as Caddy or Nginx (which is usually the case), if this value is set to less than 60, the server may send "unexpected h2 GOAWAY" frames to close existing connections.

    By default, the health check is not enabled.

    Tip

    Only need to be configured in outbound (client).

    Tip

    Enabling health checks may help solve some "connection drop" issues.

    health_check_timeout: number

    The timeout for the health check, measured in seconds. If the health check is not completed within this time period, it is considered to have failed. The default value is 20

    Tip

    Only need to be configured in outbound (client).

    permit_without_stream: true | false

    true allows health checks to be performed when there are no sub-connections. The default value is false.

    Tip

    Only need to be configured in outbound (client).

    initial_windows_size: number

    The initial window size of the h2 stream. When the value is less than or equal to 0, this feature does not take effect. When the value is greater than 65535, the Dynamic Window mechanism will be disabled. The default value is 0, which means it is not effective.

    Tip

    Only need to be configured in outbound (client).

    Tip

    When using Cloudflare CDN, set the value to 35536 or higher to disable the Dynamic Window mechanism and prevent Cloudflare CDN from sending "unexpected h2 GOAWAY" frames to close existing connections.

    - + diff --git a/en/config/transports/h2.html b/en/config/transports/h2.html index 690cf3863e..90340fc41b 100644 --- a/en/config/transports/h2.html +++ b/en/config/transports/h2.html @@ -5,7 +5,7 @@ HTTP/2 | Project X - + @@ -20,6 +20,6 @@ } }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10

    host: [string]

    A string array, where each element is a domain name.

    The client will randomly select a domain name from the list for communication, and the server will verify whether the domain name is in the list.

    path: string

    The HTTP path starts with / and must be the same value between the client and server.

    The default value is /

    read_idle_timeout: number

    The connection health check is performed when no data has been received for a certain period of time, measured in seconds.

    By default, the health check is disabled.

    Tip

    Only need to be configured in outbound (client).

    Tip

    Enabling health checks may help solve some "connection drop" issues.

    health_check_timeout: number

    The timeout for the health check, measured in seconds. If the health check is not completed within this time period, it is considered to have failed. The default value is 15

    Tip

    Only need to be configured in outbound (client).

    method: string

    HTTP request method. The default value is PUT

    Please refer this thisopen in new window when configure.

    headers: map{ string: [string] }

    Custom HTTP headers, defined as key-value pairs. Each key represents an HTTP header name and its corresponding value is an array.

    - + diff --git a/en/config/transports/mkcp.html b/en/config/transports/mkcp.html index dc2b07b705..ce1473630d 100644 --- a/en/config/transports/mkcp.html +++ b/en/config/transports/mkcp.html @@ -5,7 +5,7 @@ mKCP | Project X - + @@ -26,6 +26,6 @@ "type": "none" }
    1
    2
    3

    type: string

    Type of obfuscation. Corresponding inbound and outbound must have the same value. Choices are:

    • "none":Default value. No obfuscation is used.
    • "srtp":Obfuscated as SRTP traffic. It may be recognized as video calls such as Facetime.
    • "utp":Obfuscated as uTP traffic. It may be recognized as Bittorrent traffic.
    • "wechat-video":Obfuscated to WeChat traffic.
    • "dtls":Obfuscated as DTLS 1.2 packets.
    • "wireguard":Obfuscated as WireGuard packets. (NOT true WireGuard protocol)

    Special Thanks

    Improvements to the KCP protocol

    smaller protocol header

    The original KCP protocol uses a fixed header of 24 bytes, while mKCP modifies it to 18 bytes for data packets and 16 bytes for acknowledgement (ACK) packets. A smaller header helps evade feature detection and speeds up transmission.

    In addition, the original KCP can only confirm that one packet has been received with a single ACK packet. This means that when KCP needs to confirm that 100 packets have been received, it will send out 2400 bytes of data (24 x 100), including a large amount of repeated header information that wastes bandwidth. mKCP compresses multiple ACK packets, so 100 ACK packets only require 418 bytes (16 + 2 + 100 x 4), which is equivalent to one-sixth of the original KCP.

    ACK packet retransmission

    In the original KCP protocol, an ACK packet is only sent once. If an ACK packet is lost, it will cause unnecessary bandwidth waste due to data retransmission. In contrast, mKCP retransmits ACK packets at a certain frequency until they are confirmed by the sender. The size of a single ACK packet is 22 bytes, much smaller than the data packets which are over 1000 bytes. Therefore, the cost of retransmitting ACK packets is much lower.

    Connection state control

    mKCP can effectively initiate and close connections. When the remote host initiates disconnection, the connection will be released within two seconds. When the remote host lost connection, the connection will be released within a maximum of 30 seconds.

    The original KCP does not support this scenario.

    - + diff --git a/en/config/transports/quic.html b/en/config/transports/quic.html index 012b939179..d85e16ead0 100644 --- a/en/config/transports/quic.html +++ b/en/config/transports/quic.html @@ -5,7 +5,7 @@ QUIC | Project X - + @@ -20,6 +20,6 @@ "type": "none" }
    1
    2
    3

    type: string

    Type of obfuscation. Corresponding inbound and outbound proxy must have the same settings. Choices are:

    • "none": Default value. No obfuscation is used.
    • "srtp": Obfuscated as SRTP traffic. It may be recognized as video calls such as Facetime.
    • "utp": Obfuscated as uTP traffic. It may be recognized as Bittorrent traffic.
    • "wechat-video": Obfuscated to WeChat traffic.
    • "dtls": Obfuscated as DTLS 1.2 packets.
    • "wireguard": Obfuscated as WireGuard packets. (NOT true WireGuard protocol)

    Tip

    When neither encryption nor obfuscation is enabled, QUIC transport is compatible with other QUIC tools. However it is recommended to enable either or both for better undetectable communication.

    - + diff --git a/en/config/transports/tcp.html b/en/config/transports/tcp.html index e3ca46575f..f8bbc66769 100644 --- a/en/config/transports/tcp.html +++ b/en/config/transports/tcp.html @@ -5,7 +5,7 @@ TCP | Project X - + @@ -50,6 +50,6 @@ } }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11

    version: string

    HTTP version, default is "1.1"

    status: string

    HTTP status, default is "200"

    reason: string

    HTTP status description, default value is "OK"

    headers: map {string, [ string ]}

    HTTP header, a key-value pair, each key represents the name of an HTTP header, and the corresponding value is an array.

    Each request will include all the keys and randomly select a corresponding value. Please refer to the default values shown in the example above.

    - + diff --git a/en/config/transports/websocket.html b/en/config/transports/websocket.html index 99b4b5ab61..7badb62b94 100644 --- a/en/config/transports/websocket.html +++ b/en/config/transports/websocket.html @@ -5,7 +5,7 @@ WebSocket | Project X - + @@ -20,6 +20,6 @@ "path": "/aabbcc?ed=2048" //added ed parameter
    1
    2
    3

    Warning

    Early Data uses the Sec-WebSocket-Protocol header to carry data. If you encounter compatibility issues, try lowering the threshold.

    headers: map {string: string}

    Custom HTTP headers, a key-value pair, where each key represents the name of an HTTP header, and the corresponding value is a string.

    The default value is empty.

    Browser Dialer

    Use the browser to handle TLS, see Browser Dialer

    - + diff --git a/en/development/index.html b/en/development/index.html index f1b3f65aca..eb41f46808 100644 --- a/en/development/index.html +++ b/en/development/index.html @@ -5,11 +5,11 @@ Development Guide | Project X - +

    Development Guide

    Compile Documentation

    Xray supports multiple platforms, and you can perform cross-compilation on various platforms by yourself.

    Please click Compile Documentation to view specific compile-related content.

    Design Concept

    Xray kernel provides a platform for secondary development.

    This section explains the design goals and architecture of Xray.

    Please click Design Principles to learn about the design goals and architecture of Xray.

    Development Standards

    This section outlines the guidelines to follow when obtaining code, developing, submitting PRs, as well as the relevant coding standards.

    Please click Development Specification to view the guidelines that should be followed during Xray development.

    Protocol Details

    Xray uses many protocols, and you can obtain a detailed description of each protocol through various means.

    VLESS Protocol

    VLESS is a stateless lightweight transport protocol that can serve as a bridge between Xray clients and servers.

    VMess Protocol

    VMess is an encrypted transport protocol that can act as a bridge between Xray clients and servers.

    Mux.Cool Protocol

    Mux.Cool protocol is a multiplexing transport protocol used to transmit multiple independent data streams within an established data stream.

    mKCP Protocol

    mKCP is a stream transmission protocol modified from the KCP protocolopen in new window that can transmit arbitrary data streams in order.

    - + diff --git a/en/development/intro/compile.html b/en/development/intro/compile.html index 295aeccc8d..2a24e508dc 100644 --- a/en/development/intro/compile.html +++ b/en/development/intro/compile.html @@ -5,7 +5,7 @@ Compile the document | Project X - + @@ -19,6 +19,6 @@ $env:GOOS="linux" $env:GOARCH="amd64"
    1
    2
    3

    go build -o xray -trimpath -ldflags "-s -w -buildid=" ./main```

    After uploading to the server, remember to execute chmod +x xray in the server terminal.

    Tip

    Execute go tool dist list to view all supported systems and architectures.

    Reproducible Build:

    Following the above steps, it is possible to compile and release an identical binary file as the one in Release.

    Warning

    Please confirm that you are using the same Golang version as the one used to compile the release.

    - + diff --git a/en/development/intro/design.html b/en/development/intro/design.html index 83ae76b61a..0fb5b1738c 100644 --- a/en/development/intro/design.html +++ b/en/development/intro/design.html @@ -5,11 +5,11 @@ Design Objectives | Project X - +

    Design Objectives

    • Xray Kernel provides a platform that supports essential network proxy functions and can be developed upon to provide a better user experience.
    • Cross-platform is the primary principle to reduce the cost of secondary development.

    Architecture

    Architecture

    The kernel is divided into three layers: the application layer, the proxy layer, and the transport layer.

    Each layer contains several modules, which are independent of each other. Modules of the same type can be seamlessly replaced.

    Application Layer

    The application layer contains some commonly used functions in proxy layers, which are abstracted for reuse in different proxy modules.

    The modules at the application layer should be implemented purely in software and should not be dependent on hardware or platform-related technologies.

    List of Important Modules:

    • Dispatcher: Used to transfer data received by the inbound agent to the outbound agent;
    • Router: Routing module, see Routing Configuration for details;
    • DNS: Built-in DNS server module;
    • Proxy Manager: Proxy manager;

    Proxy Layer

    The proxy layer is divided into two parts: Inbound Proxy and Outbound Proxy.

    The two parts are independent of each other, where the inbound proxy does not rely on a specific outbound proxy, and vice versa.

    Inbound Proxy

    Outbound Proxy

    Transport Layer

    The transport layer provides a set of tools and modules related to network data transmission.

    - + diff --git a/en/development/intro/guide.html b/en/development/intro/guide.html index edaf8e8c39..3db9fc95c9 100644 --- a/en/development/intro/guide.html +++ b/en/development/intro/guide.html @@ -5,7 +5,7 @@ Development Standards | Project X - + @@ -21,6 +21,6 @@ │ ├── vmess ├── transport // Transport module
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11

    Coding Standards

    Basic practices are consistent with the recommendations of the official Golang, with a few exceptions. Written here to help everyone familiarize themselves with Golang.

    Naming

    • Use a single English word for file and directory names, such as hello.go;
      • If not possible, use a hyphen for directories / underscore for files to connect two (or more) words, such as hello-world/hello_again.go;
      • Use _test.go to name test code files;
    • Use PascalCase for types, such as ConnectionHandler;
      • Do not force lowercase for abbreviations, i.e. HTML does not need to be written as Html;
    • Use PascalCase for public member variables;
    • Use camelCase for private member variables, such as privateAttribute;
    • For easy refactoring, it is recommended to use PascalCase for all methods;
      • Place completely private types in internal.

    Content Organization

    • A file contains a main type and its related private functions;
    • Testing-related files, such as Mock tools, should be placed in the testing subdirectory.
    - + diff --git a/en/development/protocols/mkcp.html b/en/development/protocols/mkcp.html index 75b131f9dc..4ab304bb5f 100644 --- a/en/development/protocols/mkcp.html +++ b/en/development/protocols/mkcp.html @@ -5,11 +5,11 @@ mKCP Protocol | Project X - +

    mKCP Protocol

    mKCP is a stream transfer protocol, modified from the KCP protocolopen in new window, which can transmit any data stream in order.

    Version

    mKCP has no version number and does not guarantee compatibility between versions.

    Dependencies

    Underlying Protocol

    mKCP is a protocol based on UDP, and all communication uses UDP transmission.

    Functions

    • fnv: FNV-1aopen in new window hash function
      • Takes a string of arbitrary length as input parameter;
      • Outputs a 32-bit unsigned integer.

    Communication Process

    1. mKCP splits data streams into several data packets for transmission. Each data stream has a unique identifier to distinguish it from other data streams. Each data packet in the data stream carries the same identifier.
    2. mKCP does not have a handshake process. When receiving a data packet, it determines whether it is a new call or an ongoing call based on the identifier of the data stream it carries.
    3. Each data packet contains several segments (Segment), which are divided into three types: data (Data), acknowledgment (ACK), and heartbeat (Ping). Each segment needs to be processed separately.

    Data Format

    Data Packet

    4 Bytes2 BytesL Bytes
    Auth AData Len LFragment

    as which:

    • Authentication information A = fnv(fragment), big endian;
    • The fragment may contain multiple sections.

    Data snippet

    2 bytes1 byte1 byte4 bytes4 bytes4 bytes2 bytesLen bytes
    Conv flagCmd flagOpt flagTimestampSequenceUnacknowledgedLen flagData

    as which:

    • Identifier Conv: Identifier for mKCP data stream
    • Command Cmd: Constant 0x01
    • Option Opt: Optional values include:
      • 0x00: Empty option
      • 0x01: Opposite party has sent all data
    • Timestamp Ts: Time when the current segment was sent from the remote end, big endian
    • Sequence Number Sn: The position of the data segment in the data stream, the sequence number of the starting segment is 0, and each new segment is sequentially added by 1
    • Unacknowledged Sequence Number Una: The minimum Sn that the remote host is sending and has not yet received confirmation.

    Confirmation snippet

    2 bytes1 byte1 byte4 bytes4 bytes4 bytes2 bytesLen * 4 bytes
    Conv IDCmdOptWndNext Seq NumberTimestampLengthReceived Seq Number

    as which:

    • Identifier Conv: Identifier of the mKCP data stream
    • Command Cmd: Constant 0x00
    • Option Opt: Same as above
    • Window Wnd: The maximum sequence number that the remote host can receive
    • Next receive sequence number Sn: The smallest sequence number of the data segment that the remote host has not received
    • Timestamp Ts: The timestamp of the latest received data segment by the remote host, which can be used to calculate the delay
    • Received sequence numbers: Each 4 bytes, indicating that the data of this sequence number has been confirmed received.

    as which:

    • The remote host expects to receive data within the serial number [Sn, Wnd) range.

    Heartbeat Fragments

    2 Bytes1 Byte1 Byte4 Bytes4 Bytes4 Bytes
    Conv IDCmdOptUnacknowledged Seq NoNext Receive Seq NoRto

    as which:

    • Identifier Conv: Identifier for the mKCP data stream
    • Command Cmd: Optional values include:
      • 0x02: Remote host forcibly terminates the session
      • 0x03: Normal heartbeat
    • Option Opt: Same as above
    • Unacknowledged sequence number Una: Same as the Una of the data fragment
    • Next receive sequence number Sn: Same as the Sn of the acknowledgement fragment
    • Delay Rto: Delay calculated by the remote host itself
    - + diff --git a/en/development/protocols/muxcool.html b/en/development/protocols/muxcool.html index 08b8d920cb..52056cb6a2 100644 --- a/en/development/protocols/muxcool.html +++ b/en/development/protocols/muxcool.html @@ -5,11 +5,11 @@ Mux.Cool Protocol | Project X - +

    Mux.Cool Protocol

    Mux.Cool protocol is a multiplexing transport protocol that is used to transmit multiple independent data streams within an established data stream.

    Version

    The current version is 1 Beta.

    Dependencies

    Underlying Protocol

    Mux.Cool must run on top of a reliable established data stream.

    Communication Process

    Within a Mux.Cool connection, multiple sub-connections can be transmitted, each with a unique ID and status. The transmission process consists of frames, with each frame used to transmit data for a specific sub-connection.

    Client behavior

    When there is a need for a connection and there are no existing available connections, the client initiates a new connection to the server, referred to as the "main connection".

    1. One main connection can be used to send several sub-connections. The client can decide independently how many sub-connections the main connection can handle.
    2. For a new sub-connection, the client must send the New status to notify the server to establish the sub-connection, and then use the Keep status to transmit data.
    3. When the sub-connection ends, the client sends the End status to notify the server to close the sub-connection.
    4. The client can decide when to close the main connection, but must ensure that the server also maintains the connection.
    5. The client can use the KeepAlive status to prevent the server from closing the main connection.

    Server-side behavior

    When a new sub-connection is received on the server side, the server should handle it as a normal connection.

    1. When the status "End" is received, the server can close the upstream connection to the target address.
    2. The same ID used in the request must be used to transfer sub-connection data in the server response.
    3. The server cannot use the "New" status.
    4. The server can use the KeepAlive status to avoid the client closing the main connection.

    Data Format

    Mux.Cool uses symmetric transmission format, where the client and server send and receive data in the same format.

    Frame Format

    2 BytesL BytesX Bytes
    Metadata Length LMetadataAdditional Data

    Metadata

    There are several types of metadata. All types of metadata contain two items, ID and Opt, with the following meanings:

    • ID: Unique identifier of the sub-connection
      • For general MUX sub-connections, the ID is accumulated starting from 1
      • For XUDP, the ID is always 0
    • Opt:
      • D(0x01): Additional data is available

    When option Opt(D) is enabled, the additional data format is as follows:

    2 BytesX-2 Bytes
    Length X-2Data
    2 Bytes1 Byte1 Byte1 Byte2 Bytes1 ByteA Bytes
    ID0x01OptionNetwork NPortType TAddress

    where:

    • Network type N:
      • 0x01: TCP, indicating that the traffic of the current sub-connection should be sent to the destination in the way of TCP.
      • 0x02: UDP, indicating that the traffic of the current sub-connection should be sent to the destination in the way of UDP.
    • Address type T:
      • 0x01: IPv4
      • 0x02: Domain name
      • 0x03: IPv6
    • Address A:
      • When T = 0x01, A is a 4-byte IPv4 address;
      • When T = 0x02, A is a 1-byte length (L) + L-byte domain name;
      • When T = 0x03, A is a 16-byte IPv6 address;

    If Opt(D) is enabled when creating a sub-connection, the data carried by this frame needs to be sent to the target host.

    Keep sub-connections

    2 Bytes1 Byte1 Byte
    ID0x02Option

    If Opt(D) is enabled while maintaining sub-connections, the data carried by this frame needs to be sent to the target host. XUDP adds the UDP address after Opt(D), and the format is the same as creating a new sub-connection.

    End

    2 Bytes1 Byte1 Byte
    ID0x03Option

    If Opt(D) is enabled while maintaining sub-connections, the data carried by this frame needs to be sent to the target host.

    KeepAlive

    2 Bytes1 Byte1 Byte
    ID0x04Option Opt

    While staying connected:

    • If Opt(D) is enabled, the data carried by this frame must be discarded.
    • ID can be a random value.

    Application

    The Mux.Cool protocol is agnostic to the underlying protocol and can theoretically use any reliable streaming connection to transmit Mux.Cool protocol data.

    In target-oriented protocols such as Shadowsocks and VMess, a specified address must be included when establishing a connection. To maintain compatibility, the Mux.Cool protocol specifies the address as "v1.mux.cool". When the target address of the main connection matches this address, the Mux.Cool forwarding method is used. Otherwise, forwarding is done in the traditional way. (Note: This is an internal tag in the program, and VMess and VLESS do not send the "v1.mux.cool" address in data packets.)

    - + diff --git a/en/development/protocols/vless.html b/en/development/protocols/vless.html index 513f3e6d6e..942d8eb812 100644 --- a/en/development/protocols/vless.html +++ b/en/development/protocols/vless.html @@ -5,11 +5,11 @@ VLESS Protocol | Project X - +

    VLESS Protocol

    VLESS is a stateless lightweight transmission protocol that can be used as a bridge between Xray clients and servers.

    Request & Response

    1 byte16 bytes1 byteM bytes1 byte2 bytes1 byteS bytesX bytes
    Protocol VersionEquivalent UUIDAdditional Information Length MAdditional Information ProtoBufInstructionPortAddress TypeAddressRequest Data
    1 Byte1 ByteN BytesY Bytes
    Protocol Version, consistent with the requestLength of additional information NAdditional information in ProtoBufResponse data

    VLESS had the aforementioned structure as early as the second alpha test version (ALPHA 2), with BETA being the fifth test version.

    "Response authentication" has been replaced with "Protocol version" and moved to the front, allowing VLESS to upgrade and eliminate the overhead of generating pseudo-random numbers. The obfuscation-related structure has been replaced with "Additional information" (ProtoBuf) and moved forward, giving the protocol itself scalability, with minimal overhead (gogo/protobufopen in new window). If there is no additional information, there is no relevant overhead.

    I always thought that "response authentication" was not necessary, and ALPHA replaced crypto/rand with math/rand in order to improve the performance of random number generation, which is no longer needed.

    The "Protocol Version" not only serves as "Response Authentication", but also gives VLESS the ability to upgrade the protocol structure seamlessly, bringing infinite possibilities. The "Protocol Version" is 0 in the test version and 1 in the official version. If there are any incompatible protocol structural changes in the future, the version should be upgraded.

    The design of VLESS server is switch version, which supports all VLESS versions at the same time. If you need to upgrade the protocol version (which may not happen), it is recommended that the server support it one month in advance, and then change the client after one month. VMess requests also have protocol versions, but their authentication information is outside, and the instruction part is highly coupled and has fixed encryption, which makes the protocol version meaningless inside. The server does not judge it, and the response does not have a protocol version. Trojan's protocol structure does not have a protocol version.

    The following is a UUID. I used to think that 16 bytes were a bit long and considered shortening it. However, I later saw that Trojan used 56 printable characters (56 bytes), which completely dispelled this idea. The server needs to verify the UUID every time, so performance is also very important: VLESS's Validator has undergone multiple refactoring/upgrades. Compared with VMess, it is very concise and consumes very few resources. It can support a large number of users at the same time, and its performance is also very strong. The verification speed is extremely fast (sync.Map). API dynamically adds and deletes users, making it more efficient and smooth. https://github.com/XTLS/Xray-core/issues/158

    Introducing ProtoBuf is an innovation, which will be explained in detail later. The structure from "instruction" to "address" is currently identical to VMess and also supports Mux.

    Overall, ALPHA 2 to BETA mainly includes: structural evolution, cleaning and integration, performance improvement, and more completeness. All of these are incremental improvements, please refer to VLESS Changesopen in new window for details.

    ProtoBuf

    It seems that only VLESS supports embedding ProtoBuf, which is a data exchange format that encodes information tightly into binary TLV (Tag Length Value) structures.

    The reason is that I saw an article that said that SS has some drawbacks, such as the lack of a design error reporting mechanism, and the client cannot take further action based on different errors. (But I don't agree that all errors should be reported, otherwise it can't prevent active probing. In the next beta version, the server can return a custom string of information.) So I think a scalable structure is important, and in the future, it can also carry dynamic port instructions. Not only the response, but the request also needs a similar structure. I originally planned to design TLV by myself, but then I found that ProtoBuf is the structure, ready-made, and it is completely suitable for this purpose, and the support for various languages is also good.

    Currently, "Additional Information" only has Scheduler and SchedulerV, which are substitutes for MessName and MessSeed. When you don't need them, the "Additional Information Length" is 0, so there is no ProtoBuf serialization/deserialization overhead. Actually, I prefer to call this process "concatenation" because that's all pb does in principle, and the related overhead is minimal. The concatenated bytes are very compact, similar to ALPHA's solution, and those who are interested can output and compare them separately.

    To indicate different levels of support for additional information (Addons, which can be understood as plugins and can have many plugins in the future), the next beta version will add "Addon Version" before "Addon Length". 256-1 = 255 bytes is enough and reasonable (65535 is too much and there may be malicious padding), and only one-tenth of the existing space is used. In the future, there will not be so many addons at the same time, and most of the time there will be no addons at all. If it is not enough, you can upgrade to a newer version of VLESS.

    To reduce logical judgment and other expenses, it is temporarily decided that Addons will not use a multi-level structure. A month ago, there was an idea of "variable protocol format". PB can shuffle the order, but it is not necessary because the design of modern encryption will not allow bystanders to see that the headers of the two transmissions are the same.

    Below is an introduction to the concepts of Schedulers and Encryption, both of which are optional. One is designed to address issues related to traffic timing, while the other is designed to address cryptographic issues.

    Flow

    Flow Control (Formerly Traffic Scheduler)

    The Flow Control command is carried by ProtoBuf and manages the data section.

    I previously discovered that VMess's original "metadata obfuscation" feature didn't provide any meaningful changes in TLS but only decreased performance. Consequently, VLESS has abandoned this feature. Moreover, the term "obfuscation" is often misinterpreted as camouflage, so it has been discarded.

    As for camouflage, if it can't be an exact match, wouldn't it be a noticeable characteristic? If it could be an exact match, why not use the intended target for camouflage directly? Initially, I used SSR but found it only provided superficial disguises, fooling operators. Thus, I stopped using it.

    Purpose of Flow Control

    Flow Control influences macro traffic temporal characteristics rather than micro characteristics addressed by encryption. Traffic temporal characteristics can be:

    1. Protocol-based, e.g., Socks5 handshake when using Socks5 over TLS. Different traits on TLS are considered different protocols for monitors. Infinite schedulers equate to infinite protocols (reallocating data sent each time).
    2. Behavior-based, e.g., loading files, their order, and size when accessing Google's homepage. Adding another encryption layer cannot effectively conceal this information.

    Schedulers don't require wrapping like encryption since the header data's tiny amount is negligible compared to the remaining data.

    BETA 2 is anticipated to introduce two basic schedulers: Zstd compression and dynamic data expansion. Advanced operations will control and distribute at a macro level, but for now, these remain under development.

    Encryption

    Unlike VMess, which is highly coupled, VLESS allows the server and client to pre-agree on an encryption method, which is only encrypted with an outer layer. This is somewhat similar to using TLS, which does not affect any of the data carried, and can be understood as replacing TLS with pre-agreed encryption at the bottom. Compared with high coupling, this approach is more reasonable and flexible: if there is a security issue with one encryption method, it can be discarded and another one can be used directly, which is very convenient. The VLESS server also allows for different encryption methods to coexist.

    Compared with VMess, VLESS replaces security with encryption and disableInsecureEncryption with decryption, which solves all the problems. Currently, encryption and decryption only accept "none" and cannot be left blank (even if there are connection security checks in the future), as detailed in the VLESS configuration document. Encryption does not need to be moved out one level, firstly because it cannot reuse a lot of code, and secondly because it will affect the control granularity, which will be understood by looking at future applications.

    Encryption supports two types of forms. One type is completely independent and requires an additional password, suitable for private use. The other type combines with the existing UUID for encryption, which is suitable for public use.

    (If the first type of encryption is used and the password is publicly available in some form, such as multiple people sharing it, then a man-in-the-middle attack is not far away.)

    A redesigned dynamic port may be released simultaneously with encryption, and the command is carried by ProtoBuf. The specific implementation and the dynamic port of VMess will also have many differences.

    It is very easy to cash out encrypted currency, which adds an extra layer of writer & reader. BETA 3 is expected to support SS's aes-128-gcm and chacha20-ietf-poly1305:

    The encryption on the client-side can be filled with "auto: ss_aes-128-gcm_0_123456, ss_chacha20-ietf-poly1305_0_987654". Auto will choose the most suitable one for the current machine, 0 represents the beta version, and the last one is the password. The decryption on the server-side is also filled in a similar way, and each decryption attempt will be made when the request is received.

    Not all combinations need to be tried one by one: VMess encryption is divided into three parts. The first part is the authentication information, which combines UUID, alterId, and time factors. The second part is the instruction part, which is encrypted using a fixed algorithm. The instruction contains the encryption algorithm used in the data part. The third part is the important data part. It can be seen that the VMess encryption and decryption method is actually many-to-one (adapted by the server), not just combining UUID. However, it is also a relatively difficult thing to encrypt only by combining UUID. It will not be available in a short time. Considering that we now have VMessAEAD available, there is no need to rush. If VLESS introduces an encryption method that combines UUID, it is equivalent to reconstructing the entire VMess.

    UDP issues

    XUDP: VLESS & VMess & Mux UDP FullCone NATopen in new window

    Client Development Guide

    1. The VLESS protocol itself may have incompatible upgrades, but the parameters in the client configuration file are basically only increased and not decreased. The protocol implementation of the iOS client needs to keep up with the upgrade.
    2. Visual standard: Please use VLESS as the UI identifier uniformly, instead of VLess / Vless / vless. The configuration file is not affected, and the code should follow naturally.
    3. Encryption should be made into an input box instead of a selection box. The default value of the new configuration should be none, and if the user leaves it blank, it should be filled in with none.

    Thank you to @DuckSoftopen in new window for the proposal!

    Please see VMessAEAD/VLESS Sharing Link Standard Proposalopen in new window for more details.

    - + diff --git a/en/development/protocols/vmess.html b/en/development/protocols/vmess.html index 14b5405582..5b60605522 100644 --- a/en/development/protocols/vmess.html +++ b/en/development/protocols/vmess.html @@ -5,11 +5,11 @@ VMess Protocol | Project X - +

    VMess Protocol

    VMess is an encrypted transmission protocol that can serve as a bridge between the Xray client and server.

    Version

    The current version number is 1.

    Dependencies

    Underlying Protocol

    VMess is a TCP-based protocol where all data is transmitted over TCP.

    User ID

    An ID is equivalent to a UUIDopen in new window, which is a 16-byte long random number. Its function is similar to a token. An ID looks like: de305d54-75b4-431b-adb2-eb6b9e546014, it is almost entirely random and can be generated using any UUID generator, such as this oneopen in new window.

    User ID can be specified in the configuration file.

    Functions

    Communication Process

    VMess is a stateless protocol, which means that data can be transmitted directly between the client and the server without the need for a handshake. Each data transmission has no impact on other data transmissions before or after it.

    When a VMess client initiates a request, the server checks whether the request comes from a legitimate client. If the validation passes, the server forwards the request and sends the obtained response back to the client.

    VMess uses an asymmetric format, meaning that the requests sent by the client and the responses from the server use different formats.

    Client Request

    16 BytesX BytesRemaining
    Authentication InformationInstruction PartData Part

    Authentication Information

    The authentication information is a 16-byte hash (hash) value, which is calculated as follows:

    • H = MD5
    • K = User ID (16 bytes)
    • M = UTC time accurate to seconds, with a random value of ±30 seconds from the current time (8 bytes, Big Endian)
    • Hash = HMAC(H, K, M)

    Command Section

    The instruction part is encrypted using AES-128-CFB.

    • Key: MD5(user ID + []byte('c48619fe-8f02-49e0-b9e9-edf763e17e21'))
    • IV: MD5(X + X + X + X), X = []byte(time generated by authentication information) (8 bytes, Big Endian)
    1 Byte16 Bytes16 Bytes1 Byte1 Byte4 bits4 bits1 Byte1 Byte2 Bytes1 ByteN BytesP Bytes4 Bytes
    VersionData Encryption IVData Encryption KeyResponse Authentication ValueOptionsReservedEncryption MethodReservedCommandPortAddress TypeAddressRandom ValueChecksum

    Options Opt Details: (When a bit is 1, it means the option is enabled)

    01234567
    XXXXXMRS

    of which:

    • Version Number Ver: Always 1;
    • Data Encryption IV: Random value;
    • Data Encryption Key: Random value;
    • Response Authentication V: Random value;
    • Option Opt:
      • S (0x01): Standard format data stream (recommended);
      • R (0x02): Client expects to reuse TCP connection (deprecated in Xray 2.23+);
        • This item only takes effect when S is enabled;
      • M (0x04): Enable metadata obfuscation (recommended);
        • This item only takes effect when S is enabled;
        • When this item is enabled, the client and server need to construct two Shake instances respectively, RequestMask = Shake (request data IV), ResponseMask = Shake (response data IV).
      • X: Reserved
    • Redundancy P: Random value added before checksum value;
    • Encryption Method: Specify the encryption method for the data part, and the optional values are:
      • 0x00: AES-128-CFB;
      • 0x01: No encryption;
      • 0x02: AES-128-GCM;
      • 0x03: ChaCha20-Poly1305;
    • Instruction Cmd:
      • 0x01: TCP data;
      • 0x02: UDP data;
    • Port Port: Integer port number in Big Endian format;
    • Address Type T:
      • 0x01: IPv4
      • 0x02: Domain name
      • 0x03: IPv6
    • Address A:
      • When T = 0x01, A is a 4-byte IPv4 address;
      • When T = 0x02, A is a 1-byte length (L) + L-byte domain name;
      • When T = 0x03, A is a 16-byte IPv6 address;
    • Check F: FNV1a hash of all content in the instruction except F.

    Data Section

    When Opt(S) is enabled, this format is used for the data section. The actual request data is divided into several small chunks, and each chunk has the following format. After the server verifies all the small chunks, it will be forwarded in the basic format.

    2 BytesL Bytes
    Length LData Packet

    in which:

    • Length L: A big-endian integer with a maximum value of 2^14.
      • When Opt(M) is enabled, the value of L is equal to the true value xor Mask. Mask = (RequestMask.NextByte() << 8) + RequestMask.NextByte();
    • Packet: A data packet encrypted by the specified encryption method.

    Before the transmission is completed, the data packet must contain actual data, in addition to the length and authentication data. When the transmission is complete, the client must send an empty data packet, that is, L = 0 (unencrypted) or the length of the authentication data (encrypted), to indicate the end of the transmission.

    The packets are formatted as follows, depending on the encryption method:

    • Unencrypted:   - L bytes: actual data;
    • AES-128-CFB: The entire data section is encrypted using AES-128-CFB.   - 4 bytes: FNV1a hash of actual data;   - L - 4 bytes: actual data;
    • AES-128-GCM: Key is the Key of the instruction section, IV = count (2 bytes) + IV (10 bytes). count starts at 0 and increases by 1 for each packet; IV is the 3rd to 12th byte of the instruction section IV.   - L - 16 bytes: actual data;   - 16 bytes: GCM authentication information
    • ChaCha20-Poly1305: Key = MD5 (instruction part Key) + MD5 (MD5 (instruction part Key)), IV = count (2 bytes) + IV (10 bytes). count starts at 0 and increases by 1 for each packet; IV is the 3rd to 12th byte of the instruction section IV.   - L - 16 bytes: actual data;   - 16 bytes: Poly1305 authentication information

    Server Response

    The header data is encrypted using AES-128-CFB encryption. The IV is MD5 of the data encryption IV, and the Key is MD5 of the data encryption Key. The actual response data varies depending on the encryption settings.

    1 Byte1 Byte1 Byte1 ByteM BytesRemaining Part
    Response Authentication VOption OptCommand CmdCommand Length MCommand ContentActual Response Data

    in which:

    • Response Authentication V: must match the response authentication V in the client request.
    • Option Opt:
      • 0x01: server prepares to reuse TCP connections (deprecated in Xray 2.23+).
    • Command Cmd:
      • 0x01: dynamic port command.
    • Actual response data:
      • If Opt(S) in the request is enabled, the standard format is used. Otherwise, the basic format is used.
      • Both formats are identical to the request data.
        • When Opt(M) is enabled, the value of length L is equal to the true value XOR Mask. Mask = (ResponseMask.NextByte() << 8) + ResponseMask.NextByte().

    Dynamic Port Instructions

    1 Byte2 Bytes16 Bytes2 Bytes1 Byte1 Byte
    ReservedPortUser IDAlterIDUser levelValidity period T

    in which:

    • Port: Integer port number in Big Endian format
    • T: Number of minutes as integer value.

    When the client receives a dynamic port command, the server opens a new port for communication. The client can then send data to the new port. After T minutes, the port will expire, and the client must use the main port to communicate again.

    Comment

    • To ensure forward compatibility, the values of all reserved fields must be 0.
    - + diff --git a/en/document/command.html b/en/document/command.html index 585d791451..e82ec423ca 100644 --- a/en/document/command.html +++ b/en/document/command.html @@ -5,7 +5,7 @@ Command Parameters | Project X - + @@ -52,6 +52,6 @@ ping Ping the domain with TLS handshake
    1
    2

    xray uuid

    Generated UUID.

    Usage:

    xray uuid
     
    1

    Tip

    When -config is not specified, Xray will try to load config.json from the following paths:

    - + diff --git a/en/document/config.html b/en/document/config.html index 88ec297aaa..8a227af3a1 100644 --- a/en/document/config.html +++ b/en/document/config.html @@ -5,7 +5,7 @@ Configure and Run | Project X - + @@ -74,6 +74,6 @@ } }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44

    The only thing you need to modify in the above configuration is your server's IP address, which is indicated in the configuration. This configuration will redirect all traffic to your server, except for traffic on the local area network (such as the access router).

    Run

    • On Windows and macOS, the configuration files are usually named config.json.
      • To start Xray, simply run Xray or Xray.exe.
    • On Linux, the configuration files are usually located in /etc/xray/ or /usr/local/etc/xray/.
      • To start Xray, run the command xray run -c /etc/xray/config.json.
      • Alternatively, you can use a tool like systemd to run Xray as a background service.

    For more detailed instructions, please refer to the Configuration Document and Layman's Terms.

    - + diff --git a/en/document/document.html b/en/document/document.html index 2c8b596513..7e56459085 100644 --- a/en/document/document.html +++ b/en/document/document.html @@ -5,7 +5,7 @@ Contribute to Project X's Document | Project X - + @@ -13,6 +13,6 @@
    1
    1. Create a new branch based on the main branch, such as:
    git checkout -b your-branch
     
    1
    1. Make changes on the new branch.

    2. After modification, please use Prettieropen in new windowFormat your changes.

      Note: Pull requests with formatting issues may be rejected.

    3. Submit the changes and push them to your repository

    git push -u origin your-branch
     
    1
    1. Open GitHub, click 'Pull request' to submit a pull request to Project X Documentopen in new window.

    2. Please outline the new/modified content of this pull request in the title and body of the pull request;

    3. Waiting for a response, if the pull request is merged, your changes will be directly displayed on Project X Document Websiteopen in new window.

    Found Problems?

    If you find an error in the document, you can improve the documentation or submit an issue.

    - + diff --git a/en/document/index.html b/en/document/index.html index 5d04501b3f..dac66b7e1d 100644 --- a/en/document/index.html +++ b/en/document/index.html @@ -5,11 +5,11 @@ Quick Start | Project X - +

    Quick Start

    This chapter will tell you how to get Xray in the easiest way and start using Xray.

    Download and Install

    Xray supports various platforms, and you can get various versions of Xray from various sources and methods.

    Please click How to Download and Install Xray to get Xray

    Configure and Run

    After downloading and installing Xray, you need to configure it.

    Please click How to Configure and Run Xray to learn the easiest way to configure Xray.

    Command Parameters

    Xray has a variety of commands and parameters available, making it flexible and powerful.

    Please click Command Parameters for Xray to view more commands and parameters usages.

    Improve Documents

    If you're interested, please click Documents to help us improve the documents, or click theHelp us improve this page!

    We are very grateful to every Contributor for their contribution! You guys make Project X even stronger!

    Beginner Tutorial

    A easy tutorial for beginner.

    Please click 小小白白话文 to view it.

    Getting Started Tips

    After you have the basics, you can explore more ways to use them through Getting Started Tips.

    Advanced Documentation

    Tips for advanced user guidance

    Click on Advanced Documentation to view it

    Appreciations

    Thank you very much for your selfless sharing of usage skills and experience, which makes Xray more and more powerful.

    - + diff --git a/en/document/install.html b/en/document/install.html index d76c5a9f39..cb5e153d6a 100644 --- a/en/document/install.html +++ b/en/document/install.html @@ -5,11 +5,11 @@ Download and Install | Project X - +

    Download and Install

    Platform Support

    • Xray is available on the following platforms:
      • Windows 7 and later (x86 / amd64 / arm32 / arm64);
      • macOS 10.10 Yosemite and later (amd64 / arm64);
      • Linux 2.6.23 and later (x86 / amd64 / arm / arm64 / mips64 / mips / ppc64 / s390x / riscv64);
        • Including but not limited to Debian 7 / 8, Ubuntu 12.04 / 14.04 and subsequent versions, CentOS 7 / 8, Arch Linux, etc.;
      • FreeBSD (x86 / amd64);
      • OpenBSD (x86 / amd64);
      • Dragonfly BSD (amd64);

    Download Xray

    Precompiled binaries in ZIP format are available at GitHub Releasesopen in new window found in.

    Download the compressed package of the corresponding platform, and use it after decompression.

    Verify the Installation Package

    Xray provides two verification methods:

    Install on Windows

    Install on macOS

    Install on Linux

    Install Script

    Arch Linux

    Arch User Repository

    Need to use AUR helpersopen in new window, yayopen in new window as an example, it can be installed via yay -S xray.

    Arch Linux CN

    First add Arch Linux CNopen in new window repository, and then use the root user pacman -S xrayto install.

    Linuxbrew

    The Linuxbrew package manager is used in the same way as Homebrew: brew install xray

    Debian WIP

    Install via Docker

    The File Structure of the Docker Image

    • /etc/xray/config.json: configuration file
    • /usr/bin/xray: Xray main program
    • /usr/local/share/xray/geoip.dat: IP data file
    • /usr/local/share/xray/geosite.dat: domain name data file

    GUI Client

    UUID Generator

    Third-party UUID generator uuidgenerator.netopen in new window

    - + diff --git a/en/document/level-0/ch01-preface.html b/en/document/level-0/ch01-preface.html index 6847e59f8c..856c3e278a 100644 --- a/en/document/level-0/ch01-preface.html +++ b/en/document/level-0/ch01-preface.html @@ -5,11 +5,11 @@ [Chapter 1] Simple and Plain Language | Project X - +

    [Chapter 1] Simple and Plain Language

    1.1 Who is this document written for?

    One sentence: Written for newbies who are (1) absolute beginners and (2) interested in learning how to build their own VPS.

    1.2 Who is this document not written for?

    Including but not limited to: experts and professionals, beginners who are too lazy to tinker on their own, advanced users who already know how to tinker, wealthy users who insist on using airport services, and those who prefer using one-click scripts. In short, if you have a technical background or don't want to build it yourself, you can close this article directly, because this article may not be suitable for you and may even make you upset.

    1.3 Declaration and Other Statements

    Declaration:

    My technical skills are extremely limited, so this article is inevitably full of errors and flaws. If you find any problems, please kindly point them out and don't be too harsh on me.

    Disclaimer:

    Please judge the reliability and usability of the content of this article by yourself. If you encounter any problems or negative results when establishing and using a VPS server based on the content of this article, I am not responsible for it.

    Verbose statement:

    Considering the target audience of this article, which is "users with zero experience", many details will be explained in great detail, so the language may be verbose. Please be mentally prepared for this.

    1.4 Why is self-hosting a challenge?

    To answer this question, we need to provide a little more background information.

    1. On the matter of accessing the internet through scientific means

    The act of accessing the internet using scientific methods has been around for almost 20 years (shocking!!!.jpg). Initially, one could do it with a little effort (changing the host file, using SSH), then one had to find a web proxy, and later, one had to develop a private protocol (such as Shadowsocks) and so on.

    With the continuous iteration and upgrade of GFW technology over the past decade, to achieve the goal of [building your own scientific Internet access], the things that need to be done include but are not limited to:

    • Understand basic Linux commands
    • Understand network transmission protocols
    • Have the technical and financial ability to purchase and manage a VPS
    • Have the technical and financial ability to purchase and manage a domain name
    • Have the technical ability to apply for a TLS certificate, and so on.

    This has turned the once simple act of [setting up a self-built VPS for accessing the internet in a secure and unrestricted manner] into a daunting challenge that intimidates newcomers.

    1. Helplessness of Zero-based Users

    For non-technical users with zero foundation, if they complete the above series of operations, they will inevitably need to learn a lot of knowledge. However, after a little searching, newbies are likely to become even more confused: a large amount of information is scattered in various corners of the Internet: blogs, Q&A sites, groups, forums, GitHub, Telegram, YouTube, and so on. These pieces of information are chaotic and complex, with varying levels of quality, and may even contradict each other. Basically, they won't stop until they completely confuse the newcomer.

    Faced with such chaotic information, newcomers suddenly shift from [information scarcity] to [information overload]. If they fail after several attempts of groping and guessing (which is highly probable), their enthusiasm is bound to be greatly frustrated. In this process, if they happen to seek help in some unfriendly places, they may be ridiculed even more: "You're so inexperienced, just use the airport, why bother messing around!" "Go learn Linux first before coming back to ask."

    At this moment, probably only an "hehe" can express the mood.

    1.5 "Why not just use the airport?"

    First of all, I would like to respond to those who ridicule and criticize by asking a question: Is using the airport really a panacea?

    Secondly, I believe that there is a fundamental difference between "not understanding" and "not wanting to understand". The bad attitude of some people who just want handouts is naturally annoying, but those who sincerely want to learn but don't know how should not be subject to unjustified contempt and discrimination. It is precisely this kind of bad community atmosphere that does not distinguish between newcomers that prompted me to write this article. So without further ado, let's take a look at the advantages and disadvantages of the airport:

    1. 稳定性高:机场节点数量多,分布广泛,避免了单点故障的风险,保证了整个网络的稳定性。
    2. 速度快:机场的节点通常采用高速服务器和优化的网络架构,网络速度较快,能够满足用户的高速上网需求。
    3. 安全性高:机场通常会采用严格的安全措施,如流量加密、防火墙等,保护用户数据的安全性。
    4. 稳定性高:机场通常采用专业的运维团队进行管理和维护,保证了服务的稳定性和可靠性。
    5. 服务质量高:机场通常会提供完善的客户服务,及时解决用户的问题和反馈,提升用户的满意度。

    The so-called "airport" refers to the "line provider". They are responsible for completing the technical operations and management mentioned in section 1.4, while users pay for the right to use the service. Therefore, its advantages include at least:

    1. Simple User Operation: Scan code operation, one-click rule addition, etc.
    2. Multiple Line Options: Can unlock network services in different countries and regions, such as iplc dedicated line services, game acceleration services, etc.
    3. Multiple Access Nodes: Therefore, it has a stronger ability to resist node blocking, if one is blocked, just switch to another one.
    • Risks of "Airport"

    "The other side of the coin of 'convenience' is 'risk'. Based on the technical characteristics and market conditions of the 'airport', its risks include at least:"

    1. "Airport" can fully obtain user information: All the traces left by users online will inevitably and very likely be stored on their servers for a long time. These records cannot be restricted by any legally binding user privacy agreement. ("Snooping and recording your every move")
    2. "Airport" lacks market management: There are inevitably malicious merchants who target fraud. ("Actively run away")
    3. "Airport" faces regulatory pressure: While large airports are relatively secure, they cannot avoid attracting attention. In 2020, several large airports experienced shutdowns and runaways, seriously disrupting users' normal usage. ("Passively run away")
    4. "Airport" technical level is difficult to determine: The quality of the line varies greatly, and the phenomenon of falsely advertising quality services is common. ("Slow speed, frequent disconnections, unable to connect")

    1.6 So should you build your own website?

    Now that you have seen the advantages and risks of the airport, please think carefully and make your own decision on what to use. After all, the best plan is the one that suits you best.

    It's Your Choice!

    1. If you decide to use the airport, you can close this article now.

    2. If you decide to build it yourself, please continue reading the following chapters!

    In short, the goal of this article is to serve as a starting point for users with zero experience, providing thorough explanations and demonstrations for each step, even if it may seem overly detailed or repetitive. The aim is to assist beginners in completing the entire process of deploying a VPS server from the first command input to successfully accessing the internet via the client, and gradually introducing them to basic Linux operations, laying a foundation for further self-learning.

    1.7 Some digressions

    1. There is a wealth of information outside of the wall, so please learn to think rationally and independently. Don't take sides easily and don't believe in sensational information.

    2. We sincerely hope that with a smoother internet, everyone can access fresher knowledge, richer entertainment, experience a better world, and make more like-minded friends, but do not become a scapegoat for anyone with ulterior motives.

    3. Your internet identity is still your identity, and achieving absolute anonymity is extremely difficult. Therefore, please be sure to comply with the relevant laws and regulations in your personal location and the location of your IP address. Self-protection is always the most basic bottom line.

    1.8 Your Progress

    ⬛⬜⬜⬜⬜⬜⬜⬜ 12.5%

    - + diff --git a/en/document/level-0/ch02-preparation.html b/en/document/level-0/ch02-preparation.html index 2dfbc25641..fb1f759835 100644 --- a/en/document/level-0/ch02-preparation.html +++ b/en/document/level-0/ch02-preparation.html @@ -5,11 +5,11 @@ [Chapter 2] Preparation of Raw Materials | Project X - +

    [Chapter 2] Preparation of Raw Materials

    This chapter is rather special because it involves monetary transactions. This article takes a neutral stance on the project and does not make specific recommendations. What I can do is to tell you what you need to prepare.

    2.1 Acquiring a VPS

    You need to obtain a healthy VPS with an unblocked IP, and perform the following basic preparations in the management console:

    1. Install Debian 10 64-bit system in the backend of VPS.
    2. Write down the IP address of VPS in a notebook (this article will use "100.200.300.400" as an example, which is an intentionally incorrect and illegal IP address. Please replace it with your real IP address).
    3. Write down the SSH remote login port of VPS in a notebook.
    4. Write down the username and password for SSH remote login in a notebook.

    Buying a VPS is a relatively complex matter. It is recommended to first learn the relevant knowledge and choose one that suits your own economic ability and line requirements. In addition, you can choose to take advantage of some benefits offered by international giants (such as permanent free or limited-time free packages offered by Oracle and Google). In any case, you must act within your means.

    Explanation

    Regarding the choice of Debian 10 as the operating system, let me elaborate a bit: No matter what you have heard online, no matter which guru has told you that XXX version of Linux is better or XXX version of Linux is more powerful, these sectarian disputes have nothing to do with you right now! Using Debian 10 is enough to optimize your VPS server for security, stability, and performance (such as using cloud-optimized kernel, timely support of BBR, etc.). After you become familiar with Linux, you can try other Linux distributions.

    2.2 Obtaining a Desired Domain Name

    You need to obtain a domain name and add an A record in the DNS settings, pointing to the IP address of your VPS.

    1. Please choose a reliable international domain name service provider. Choose some common domain name suffixes, and make sure not to use the .cn suffix.
    2. In the DNS settings, add an A record pointing to the IP address of your VPS (the name of the A record can be anything, and in this article, it will be represented by "a-name"). The complete domain name will be represented by "subdomain.yourdomain.com" or "a-name.yourdomain.com". The effect is as shown in the picture below:

    Add A Record

    Tip

    This is not a real usable website. Please replace it with your real website URL.

    2.3 Software you need to install on your local computer

    1. SSH remote login tool
    1. Remote file copying tool
    1. Reliable text editor

    2.4 Your Progress

    If you have all the raw materials ready as mentioned above, you have already obtained the key to unlocking the door to a new world. So, what are you waiting for? Let's quickly move on to the next chapter and step through this door!

    ⬛⬛⬜⬜⬜⬜⬜⬜ 25%

    - + diff --git a/en/document/level-0/ch03-ssh.html b/en/document/level-0/ch03-ssh.html index 6fa130a06b..9669d4ddb9 100644 --- a/en/document/level-0/ch03-ssh.html +++ b/en/document/level-0/ch03-ssh.html @@ -5,13 +5,13 @@ [Chapter 3] Remote Login | Project X - +

    [Chapter 3] Remote Login

    3.1 Remote Login to VPS (PuTTY)

    First of all, considering that the user base of Windows is the largest among the zero-based population, this article uses Windows as an example for demonstration.

    Secondly, although PowerShell and WSL after Windows 10 can also achieve a good SSH operation experience, not all versions of Windows have the latest components. Therefore, this article uses the classic PuTTY as an example to provide a detailed explanation of SSH remote login operation. (If you use other tools, the operations after the SSH login are the same.)

    Follow me step by step and let's start the operation.

    1. Go to the official websiteopen in new window of PuTTY and download the version that suits your operating system (this article uses the 64-bit version as an example).

    Download PuTTY

    1. After installation and running, you will see the main interface of PuTTY. Now please take out your notebook from the previous chapter where you wrote down the IP address (VPS IP) and port (VPS PORT) of your VPS in the corresponding positions of the following figure. In order to save time and avoid repeatedly entering these details in the future, we can save the session (Saved Sessions), and simply load it in the future with one click.

    PuTTY Settings

    1. I suggest setting keepalive to 60 seconds in the Connection to prevent SSH from automatically disconnecting after a period of inactivity. Be sure to save the settings again.

    Prevent frequent disconnection

    Attention

    Any update to the PuTTY configuration needs to be manually saved to the session again. Otherwise, it will be lost after closing.

    1. Click on Open to enter the SSH connection window, then enter the username and password corresponding to the following figure to establish a connection with your VPS remote host. (This article assumes that the default username is root. Also, when entering a password in the Linux system, there will be no prompt like ******, which can avoid password length leakage. It's not that your keyboard is broken!)

    SSH Remote Login

    3.2 Successfully Logging in SSH! Introduction to Command Line Interface!

    1. If you have filled in your information correctly, you will see a similar interface as the picture below, indicating that you have successfully logged in:

    Logging in to VPS for the first time

    This interface is equivalent to the "desktop" of a remote server, but it does not have familiar icons and a mouse, nor does it have colorful graphics. Instead, all you see is simple text. This is the "Command Line Interface" - shortened as CLI.

    All the following operations require you to act like a hacker in a movie and complete them in this command-line interface. Maybe you will feel unfamiliar, but please believe me, using the command-line interface is neither scary nor mysterious. In the end, it just turns your familiar mouse operations into textual commands, you say it, it does it.

    1. Now, you can observe and familiarize yourself with the command line environment a little bit. This interface has actually provided you with some useful information, such as the system kernel version (e.g. 4.19.37-5 in the picture), last login time and IP address. Of course, depending on the VPS, the interface you see may be slightly different.

    2. Please pay attention to the line at the bottom of the command line, to the left of the flashing cursor, there is a string of characters. The one shown in the figure is root@vps-server:~#. How to understand this string? It's very simple:

    • The current user is root
    • The server where root is located is vps-server
    • The current directory where root is located is ~
    • After # is the place where you can input commands.

    The first two are pretty straightforward, no need to explain further. The third one is about the folder system in Linux. You don't need to go too deep into it for now. Just know that "~" represents the home directory of the current user. As for the fourth one, the prompt symbol "#", you don't need to worry about it either. Just know that in future articles, there will be some commands that you need to input, and they will be preceded by "#" or "$" to indicate where you should input the command. (So when you copy the command, just copy the content after the prompt symbol and don't copy the prompt symbol itself.)

    3.3 Updating software on Linux for the first time!

    1. Just like your phone, whether it's Android or iPhone, in order to keep your apps up-to-date (to get security patches and new features), you will occasionally receive update notifications from the app store, telling you how many apps need to be updated. Linux systems also have a similar update mechanism that works logically. So as long as you know how to update phone apps, you can learn how to update Linux software!

    2. In Linux, each application is called a "package". The program that manages the applications is naturally called a "package manager". You can use it to install, update, and uninstall various software, and even update the Linux system itself. Package managers in Linux are very powerful, but we won't go into details here. For now, you only need to know that the package manager for the Debian system is called apt. Next, we will first use apt to do a comprehensive update of the software to familiarize you with its basic operations.

    3. Tiny White Linux Basic Commands:

    NumberCommand NameCommand Description
    cmd-01apt updateQuery software updates
    cmd-02apt upgradePerform software updates
    1. Now, please enter the first command to get update information.
    apt update
     
    1

    This is a command used in a Linux terminal to update the package list from the repositories configured on the system.

    1. Then enter the second command, and when asked if you want to continue installing (Y/n), type y and press enter to confirm and start the installation.
    apt upgrade
     
    1

    This is a command in the shell terminal to upgrade the installed packages on a Debian or Ubuntu Linux system.

    1. The complete demonstration of the process is as follows:

    Demonstration of the software update process for the first time

    3.4 Your Progress

    Congratulations on taking another solid step! Now, you can log in to your remote server via SSH! After logging in, besides upgrading the software, what else should you do? Please enter the next chapter to find out!

    ⬛⬛⬛⬜⬜⬜⬜⬜ 37.5%

    - + diff --git a/en/document/level-0/ch04-security.html b/en/document/level-0/ch04-security.html index 9d1ffa8520..aec744190f 100644 --- a/en/document/level-0/ch04-security.html +++ b/en/document/level-0/ch04-security.html @@ -5,7 +5,7 @@ [Chapter 4] Security and Protection | Project X - + @@ -20,6 +20,6 @@
    1

    This is a command in shell script to change the permissions of the authorized_keys file to 600 for the current user's SSH directory (~/.ssh/).

    1. Modify SSH configuration. We have used this many times, but now that we have changed from the almighty root to the ordinary user vpsadmin, we do not have the permission to edit SSH configuration directly. At this time, we need to use the sudo command:
    sudo nano /etc/ssh/sshd_config
     
    1

    (This is a command in the shell/terminal to open the sshd_config file located in the /etc/ssh/ directory with the sudo privilege using the nano text editor.)

    1. Find (ctrl+w) PasswordAuthentication and change it to no.

    2. Find (ctrl+w) PubkeyAuthentication, change it to yes, then save (ctrl+o) and exit (ctrl+x).

    3. Restart the SSH service. (Note: Don't forget to use sudo to gain permission.)

    sudo systemctl restart ssh
     
    1

    This is a command in the shell terminal to restart the SSH service with root privileges using the systemctl command.

    1. The complete process is as follows:

    Enable SSH key verification and disable password verification

    1. The public key has been set up on the VPS end. Now we need to specify the private key location for PuTTY to use when logging in. (Reminder: Don't forget to save the session.)

    Specify private key location in PuTTY

    1. Now, the [Key-based login] has been successfully enabled, [Password authentication] has been successfully disabled, and the default login username and private key have been saved for PuTTY. In the future, when using PuTTY to log in, simply load the VPS-SERVER configuration, click Open, and you can log in with just one click.

    If you have set a password for your private key, you need to enter this password to use the key when logging in, as shown in the following figure:

    Enter Private Key Password

    1. Don't forget to set the corresponding key for WinSCP, otherwise you won't be able to log in when you want to transfer files later.

    WinSCP Specify Private Key Location

    Warning

    Any software that requires SSH login needs key verification. As there are too many software, it is impossible to show them one by one. Please set it up according to your needs.

    4.8 Your Progress

    Up to this point, your VPS has completed the basic security measures of [port], [username], and [password]. Although it is not completely impregnable, most malicious scripts should no longer be able to harm you.

    Now that we finally have a secure system foundation, in the next chapter, we can start step by step to install and configure the infrastructure that Xray needs! (What infrastructure? A web page, a certificate)

    ⬛⬛⬛⬛⬜⬜⬜⬜ 50%

    - + diff --git a/en/document/level-0/ch05-webpage.html b/en/document/level-0/ch05-webpage.html index a71cef150f..186dda0daa 100644 --- a/en/document/level-0/ch05-webpage.html +++ b/en/document/level-0/ch05-webpage.html @@ -5,7 +5,7 @@ Chapter 5: Website Building | Project X - + @@ -56,6 +56,6 @@ }
    1
    2
    3
    4
    5
    6

    Be extra careful!

    As mentioned in Step 3 of section 5.3, make sure to change /home/vpsadmin/www/webpage to your actual file path.

  • Make nginx reload the configuration to take effect.

    sudo systemctl reload nginx
     
    1
  • The complete setup process is as follows:

    Web page settings demonstration

  • Now, if you visit http://subdomain.your_domain.com, you should see this page, indicating success:

    http web page success

  • 5.4 Common error explanations

    First of all, if you follow the instructions in the article step by step and are careful enough, you will definitely not encounter any errors. So, I don't intend to change how this article is written.

    Then why do some students still get stuck at this step, and the web page just won't open? There are basically two words: carelessness. Because there are only two possible issues with the configuration here, and there are only two reasons for them.

    I. Two types of issues:

    • In nginx.conf, the /home/vpsadmin/www/webpage does not match the actual file path; nginx cannot find the file
    • The path is correct, but nginx doesn't have permission to access it

    II. Two reasons:

    • Use a non-root user but still directly copy the commands in the text without modification. (This is basically like copying the name of another student when copying answers)
    • Insist on using a root user

    If you encounter any errors, please carefully review the explanations in Steps 3 and 5-2 of Section 5.3.

    Warning

    In the early stages of this article, a lot of space has been devoted to explaining the importance of using a non-root user for security, and the entire article is written based on this premise. So, issues caused by using a root user are not within the scope of this article.

    But I believe that students who persist in using the root user should have their own opinions, strong hands-on ability, or have a certain foundation in Linux. I have already explained the crux of the problem, and I believe you can solve it on your own.

    5.5 Your Progress

    So far, Xray's first infrastructure [webpage] has been established. Let's now move on to the second infrastructure [certificate]!

    ⬛⬛⬛⬛⬛⬜⬜⬜ 62.5%

    - + diff --git a/en/document/level-0/ch06-certificates.html b/en/document/level-0/ch06-certificates.html index 94bb808fad..1ece809e3b 100644 --- a/en/document/level-0/ch06-certificates.html +++ b/en/document/level-0/ch06-certificates.html @@ -5,7 +5,7 @@ [Chapter 6] Certificate Management | Project X - + @@ -120,6 +120,6 @@ [Mon 14 Feb 2022 03:00:25 PM CST] Installing key to: /etc/xray/cert/cert.key [Mon 14 Feb 2022 03:00:25 PM CST] Installing full chain to: /etc/xray/cert/fullchain.crt
    1
    2
    3
    4

    (Note: This is a shell command for installing a SSL certificate using acme.sh. The command is specifying the domain, file paths for the certificate, private key, and full chain, as well as indicating that an ECC certificate should be used.)

    6.6 Your Progress

    At this point, the two basic infrastructures required by Xray are finally in place! Xray, which has been eagerly awaited, is about to be revealed, and we are finally about to enter the most exciting chapter!

    ⬛⬛⬛⬛⬛⬛⬜⬜ 75%

    - + diff --git a/en/document/level-0/ch07-xray-server.html b/en/document/level-0/ch07-xray-server.html index 8ac5e02581..d438394904 100644 --- a/en/document/level-0/ch07-xray-server.html +++ b/en/document/level-0/ch07-xray-server.html @@ -5,7 +5,7 @@ 【第 7 章】Xray 服务器篇 | Project X - + @@ -169,6 +169,6 @@
    1
    1. 修改 Xray 的回落设置,将回落从 80 端口改为 8080 端口。(找到 "dest": 80, 并改成 "dest": 8080
    sudo nano /usr/local/etc/xray/config.json
     
    1
    1. 重启 Xray 服务,即完成了设置
    sudo systemctl restart xray
     
    1
    1. 完整流程演示如下:

    http自动跳转https

    1. 当你输入 http://a-name.yourdomain.com的时候,它应该已经会自动跳转 https 了

    http自动跳转https生效

    7.9 服务器优化之三:更丰富的回落

    如果你需要更丰富的回落功能,可以参考 《回落 (fallbacks) 功能简析》

    7.10 你的进度

    恭喜!!到这一步,你已经拥有了可以正常科学上网的服务器、同时也有了可以防止主动探测攻击的伪装网站。接下来,只要给你的客户端装上合适的软件,就可以享受顺畅的网络了!

    ⬛⬛⬛⬛⬛⬛⬛⬜ 87.5%

    7.11 重要勘误

    1. 初版中Xray配置文件config.json文件夹位置错误。若你已经根据之前的位置进行了操作,Xray会无法正确启动。故勘误说明于此,请自查,造成不便十分抱歉!
    • 正确位置:/usr/local/etc/xray/config.json
    • 错误位置:/usr/local/etc/config.json

    受影响章节:

    • 7.4 配置Xray - 3. 使用nano创建Xray的配置文件
    • 7.8 服务器优化之二 - 6. 修改Xray的回落设置
    1. 初版中修改Nginx配置文件nginx.conf时内容错误(网页文件夹位置错误),若你已经根据之前的位置进行了操作,Nginx会无法找到正确的网站。请自查,造成不便十分抱歉!
    • 正确文件夹位置:root /home/vpsadmin/www/webpage;
    • 错误文件夹位置:root /var/www/website/html

    受影响章节:

    • 7.8 服务器优化之二 - 4. 在与 80 端口同级的位置增加一个本地端口监听来提供网页展示
    - + diff --git a/en/document/level-0/ch08-xray-clients.html b/en/document/level-0/ch08-xray-clients.html index b2db1c25ef..52666388f8 100644 --- a/en/document/level-0/ch08-xray-clients.html +++ b/en/document/level-0/ch08-xray-clients.html @@ -5,7 +5,7 @@ 【第 8 章】Xray 客户端篇 | Project X - + @@ -162,6 +162,6 @@
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150

    8.4 附加题 2:在 PC 端手工运行 xray-core

    写好了配置文件该,要怎么让 xray-core 运行起来呢?双击好像并没有反应啊?

    首先,你要找到电脑上的【命令行界面】。

    1. Linux 桌面、macOS 系统的同学肯定已经比较熟悉了,搜索 Console 或者 Terminal 就可以
    2. Windows 就可以搜索使用 Cmd 或者 Powershell 等程序(WSL 的同学你坐下,你的 Console 当然也可以)

    其次,我们要做的事情是【让 xray 找到并读取配置文件 config.json,然后运行】,所以:

    1. 在 Windows 下,假设你的 Xray 程序位置是 C:\Xray-windows-64\xray.exe,配置文件位置是C:\Xray-windows-64\config.json,那么正确的启动命令就是:

      C:\Xray-windows-64\xray.exe -c C:\Xray-windows-64\config.json
       
      1

      说明

      这里的 -c 就是指定配置文件路径的参数,告诉 xray 去后面的位置找配置文件

    2. 相似的,在 Linux 和 macOS 下,假设你的 Xray 程序位置是 /usr/local/bin/xray,配置文件位置是/usr/local/etc/xray/config.json,那么正确的启动命令就是

      /usr/local/bin/xray -c /usr/local/etc/xray/config.json
       
      1

      说明

      每个系统都有系统路径变量,所以写 Xray 程序时不一定要写绝对路径。但是写了肯定没错,所以我就如此演示了。

    8.5 附加题 3:在 PC 端开机自动运行 xray-core

    如果你真的尝试了手动运行 xray-core,你一定会发现这个方式还有点小问题:

    1. 每次运行 Xray 都要出现一个黑乎乎的窗口,很丑
    2. 不能开机自动运行,每次都要手工输入,十分不方便

    我可以肯定的告诉你:完全可以解决。但是具体的解决方式,就当作课外作业留给大家吧!(友情提示,文档站的问答区有线索哦)

    8.6 圆满完成!

    我相信,有耐心看到这里的同学,都是兼具好奇心和行动力的学习派!我现在要郑重的恭喜你,因为到了这里,你已经完完整整的【从第一条命令开始,完成了 VPS 服务器部署,并成功的在客户端配置使用 Xray】了!这毫无疑问是一个巨大的胜利!

    我相信,你现在一定对Linux不再恐惧,对Xray不再陌生了吧!

    至此,小小白白话文圆满结束!

    ⬛⬛⬛⬛⬛⬛⬛⬛ 100%

    8.7 TO INFINITY AND BEYOND!

    但现在你看到的,远远不是 Xray 的全貌。

    Xray是一个强大而丰富的网络工具集合,平台化的提供了众多模块,可以像瑞士军刀一样,通过灵活的配置组合解决各种不同的问题。而本文,仅仅蜻蜓点水的用了最简单最直观的配置来做基础演示

    如果你觉得现在已经完全够用了,那就好好的享受它给你带来的信息自由。但如果你的好奇心依然不能停歇,那就去继续挖掘它无限的可能性吧!

    需要更多信息,可以到这里寻找:

    1. xtls.github.ioopen in new window - 官方文档站
    2. 官方 Telegram 群组open in new window - 活跃而友善的官方讨论社区

    TO INFINITY AND BEYOND!

    不算后记的后记

    希望我陪你走过的这一段小小的旅程,可以成为你网络生活中的一份小小助力。

    这篇文章里的工具和信息难免会一点点的陈旧过时,但你一定会逐渐成长为大佬。未来的某个时间,若你能偶尔想起这篇教程、想起我写下本文的初衷,那我衷心希望你能够薪火相传、把最新的知识分享给后来人,让这一份小小的助力在社区里坚定的传递下去。

    这是个大雪封山乌云密布的世界,人们孤独的走在各自的路上试图寻找阳光,如果大家偶尔交汇时不能守望相助互相鼓励,那最终剩下的,恐怕只有【千山鸟飞绝 万径人踪灭】的凄凉了吧。

    - + diff --git a/en/document/level-0/ch09-appendix.html b/en/document/level-0/ch09-appendix.html index 9281198425..0cdc0bd32c 100644 --- a/en/document/level-0/ch09-appendix.html +++ b/en/document/level-0/ch09-appendix.html @@ -5,11 +5,11 @@ 【第 9 章】附录 | Project X - +

    【第 9 章】附录

    1. 小小白白 Linux 基础命令索引

    编号命令名称命令说明出现篇章
    cmd-01apt update查询软件更新《远程登录篇》
    cmd-02apt upgrade执行软件更新《远程登录篇》
    cmd-03nano文本编辑器《安全防护篇》
    cmd-04systemctl restart重启某个服务《安全防护篇》
    cmd-05adduser给系统新增用户《安全防护篇》
    cmd-06apt install安装某个软件《安全防护篇》
    cmd-07visudo修改 sudo 权限设置专用编辑器《安全防护篇》
    cmd-08sudoroot权限运行某个命令《安全防护篇》
    cmd-09chmod修改目标文件/文件夹的权限《安全防护篇》
    cmd-10mkdir新建文件夹《网站建设篇》
    cmd-11systemctl reload重新加载某个服务《网站建设篇》
    cmd-12wget访问(或下载)某个网页文件《证书管理篇》
    cmd-13acme.shacme.sh 证书管理相关的命令《证书管理篇》
    cmd-14rm删除命令《Xray 服务器篇》
    cmd-15crontab -e编辑当前用户的定时任务《Xray 服务器篇》
    cmd-16touch建立空白文件《Xray 服务器篇》
    cmd-17systemctlsystemd基本服务管理命令《Xray 服务器篇》
    cmd-18reboot重启 Linux 系统《Xray 服务器篇》

    2. 小小白白 Linux 重要配置文件索引

    编号配置文件位置文件说明出现篇章
    conf-01/etc/ssh/sshd_configSSH 远程登录程序设置《远程登录篇》
    conf-02/etc/nginx/nginx.confNginx 程序设置《网站建设篇》
    conf-03/etc/apt/sources.listapt 软件源列表《Xray 服务器篇》
    conf-04/etc/apt/sources.list.d/vpsadmin.list用户自定义软件源列表列表《Xray 服务器篇》
    conf-05crontab -e当前用户的定时任务《Xray 服务器篇》
    conf-06/etc/sysctl.conf手动设置 kernel 参数《Xray 服务器篇》
    conf-07/etc/sysctl.d/vpsadmin.conf用户自定义 kernel 参数配置文件《Xray 服务器篇》

    3. 小小白白 Xray 重要文件索引

    编号配置文件位置文件说明出现篇章
    xray-01/usr/local/etc/xray/config.jsonXray 程序设置《Xray 服务器篇》
    xray-02/home/vpsadmin/xray_cert/xray.certTLS 证书《Xray 服务器篇》
    xray-03/home/vpsadmin/xray_cert/xray.keyTLS 私钥《Xray 服务器篇》
    xray-04/home/vpsadmin/xray_log/access.logXray 访问日志《Xray 服务器篇》
    xray-05/home/vpsadmin/xray_log/error.logXray 错误日志《Xray 服务器篇》
    - + diff --git a/en/document/level-0/index.html b/en/document/level-0/index.html index 59f783f672..d270594f9e 100644 --- a/en/document/level-0/index.html +++ b/en/document/level-0/index.html @@ -5,11 +5,11 @@ Plain and Simple Language | Project X - +

    Plain and Simple Language

    This chapter is a basic lesson of [Starting from Scratch]. New students, please watch and learn carefully.

    Tip

    Made with ❤️ by @ricuhkaenopen in new window

    【Chapter 1】 Preface: Rambling - Airport or Self-built? That is the question.

    Chapter 2: Preparation of Raw Materials - Tools must be sharpened before they can be used proficiently.

    Chapter 3: Remote Login - A bridge connecting the north and south, turning a natural obstacle into a thoroughfare.

    【Chapter 4】Security Protection - If you don't pay attention to security, you will shed tears for your loved ones.

    [【Chapter 5】Website Construction] - Show Your Beauty (Link to webpage.md file)

    Chapter 6: Certificate Management - Only those who obtain certificates are considered legitimate.

    Chapter 7: Xray Server - Finally, waited for you.

    Chapter 8: Xray Client - A New Beginning.

    [Chapter 9] Appendix - All the exam points are here.

    - + diff --git a/en/document/level-1/fallbacks-lv1.html b/en/document/level-1/fallbacks-lv1.html index e0aa078598..74a3f7cf06 100644 --- a/en/document/level-1/fallbacks-lv1.html +++ b/en/document/level-1/fallbacks-lv1.html @@ -5,7 +5,7 @@ 回落 (fallbacks) 功能简析 | Project X - + @@ -181,6 +181,6 @@ } }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
  • 至此,我们就能够完整的画出模板的回落路线了:

  • 6. 结语

    至此,Xray 的【回落】功能就介绍完了。希望本文能够对你理解 Xray 的强大有所帮助。

    7. 附加题

    我再无耻的留一个附加题:本文详解的 VLESS-TCP-XTLS-WHATEVERopen in new window 模板?是否有可以优化的地方?

    提示:HTTP 自动跳转 HTTPS

    - + diff --git a/en/document/level-1/fallbacks-with-sni.html b/en/document/level-1/fallbacks-with-sni.html index f1183d2818..e9f1bb9a9c 100644 --- a/en/document/level-1/fallbacks-with-sni.html +++ b/en/document/level-1/fallbacks-with-sni.html @@ -5,7 +5,7 @@ SNI fallback | Project X - + @@ -192,6 +192,6 @@ redir https://{host}{uri} permanent }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36

    Reference

    1. Server Name Indication - Wikipedia, the free encyclopediaopen in new window
    2. Home · acmesh-official/acme.sh Wikiopen in new window
    3. HTTP/2 - Wikipedia, the free encyclopediaopen in new window

    Quotation


    1. Proxy Protocol - HAProxy Technologiesopen in new window ↩︎

    2. Introduction to Proxy Protocol and Nginx Configuration - Jianshuopen in new window ↩︎

    3. v2fly-github-io/vless.md at master · rprx/v2fly-github-ioopen in new window ↩︎

    - + diff --git a/en/document/level-1/index.html b/en/document/level-1/index.html index 01ab1de276..4c34f9f1fa 100644 --- a/en/document/level-1/index.html +++ b/en/document/level-1/index.html @@ -5,11 +5,11 @@ Beginner's Tips | Project X - + - + diff --git a/en/document/level-1/routing-lv1-part1.html b/en/document/level-1/routing-lv1-part1.html index 2b12fb39dc..add63b2f16 100644 --- a/en/document/level-1/routing-lv1-part1.html +++ b/en/document/level-1/routing-lv1-part1.html @@ -5,7 +5,7 @@ 路由 (routing) 功能简析(上) | Project X - + @@ -122,6 +122,6 @@ ] }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16

    此时,路由规则其实变成了:

    这就是路由功能的灵活之处了,你可以自由的改变它的顺序来实现不同的设计。

    至此,我们已经解释完了 【如何利用 geosite.dat 文件,通过路由规则,根据【域名】来分流网络流量】。

    5. 攻城略池 - 多种路由匹配条件

    请确保你已经读懂了上面的内容,因为这样,你就已经理解了【路由】功能的工作逻辑。有了这个基础,我们就可以继续分析【路由】功能更多更详细的配置方式和匹配条件了。

    等你看完后面的内容,就完全可以自由的定制属于自己的路由规则啦!还等什么,让我们一起进入 《路由 (routing) 功能简析(下)》 吧!

    - + diff --git a/en/document/level-1/routing-lv1-part2.html b/en/document/level-1/routing-lv1-part2.html index 8c0fe600ed..962dba6167 100644 --- a/en/document/level-1/routing-lv1-part2.html +++ b/en/document/level-1/routing-lv1-part2.html @@ -5,7 +5,7 @@ 路由 (routing) 功能简析(下) | Project X - + @@ -168,6 +168,6 @@ } }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17

    其实,第 6 点已经是我整理过的规则了,原则就是【相同的匹配依据可以合并,不同的匹配依据保持独立】。

    8. 明修栈道、暗渡陈仓

    [domain] 转化 [ip] 的密道:domainStrategy

    我们在 5.4 中提交了多种流量判断的【依据】,其中一种是域名 [domain]、一种是 [IP]

    如果你初步了解过 DNS 的运作过程,就会知道,我们对一个域名 [domain] 发起访问请求时,其实需要先向 DNS 发起请求来解析域名 [domain] 对应的 [IP],在得到 [IP] 后再向它发起实际请求。

    所以,面对入站的一次域名请求,Xray 其实有两次机会去判断它的类型。那么,究竟是否要用这两次机会呢?这就是由 domainStrategy 这个配置来决定的。它有三个选项:

    • AsIs
    • IPIfNonMatch
    • IPOnDemand

    按么我们逐个来解释一下:

    8.1 域名策略: "AsIs"

    就是 "As Domain Is",也就是说 【域名什么样,就什么样,不多折腾】。

    简单粗暴理解就是说【仅用 [domain] 来匹配】。

    Tip

    AsIs 的实际意义为 【如原先所示,不加修改】,🍉 老师这里描述的不是很恰当。

    这个方式的处理都在 Xray 内部完成,没有与外界的数据往来,所以速度最快。它的兜底策略也很清晰:即前面所说的、无法匹配的域名自动转入第一条出站处理。所以,对于常规使用路由功能这最推荐的策略。

    8.2 域名策略: "IPIfNonMatch"

    就是 "lookup IP if (there's) no matching rule",也就是说【如果其他所有规则都匹配不上,那就转化成 IP 去匹配 IP 规则】。

    简单粗暴理解就是说【先把访问目标和其他所有类型规则匹配,如果匹配不上,那就通过 DNS 查询转化成 IP,再从头和所有规则匹配一次】。

    该策略下没有命中任何规则的这一部分域名,会需要再经历 DNS 查询过程、以及第二轮规则匹配的过程,其耗时会多于 AsIs 策略,所以并不是首选推荐的策略。

    8.3 域名策略: "IPOnDemand"

    这里其实说 Demand IP 更准确些,也就是说【当匹配时碰到任何基于 IP 的规则,将域名立即解析为 IP 进行匹配】。

    简单粗暴理解就是说【只要路由规则中有 IP 类规则,那么所有基于域名 [domain] 的请求都要解析成 [IP] 然后去匹配 [IP] 类规则】。

    它要对所有首次域名访问进行 DNS 解析,所以首次查询比较耗时。虽然由于 XrayDNS 缓存机制的存在,后续对相同域名的访问速度会重回巅峰,但总体来说也不是首选推荐的策略。

    啰嗦君

    domainStrategy 仅对域名生效,不要搞混了哦~

    9. 思考题

    迄今为止,我们都是在【单入站】和【单出站】的基础上,讲解【路由】内部的各种配置逻辑。

    但是,如你所知,Xray 本身是支持多端口,多协议的。那么,如果我问你:

    1. 我希望 VLESS 协议将我日常的网页浏览和 APP 流量转发给美国的大流量服务器
    2. 我希望 trojan 协议将我的所有 Netflix 流量转发给日本的服务器解锁各种二次元
    3. 我希望 shadowsocks 协议将我所有的游戏流量转发给香港的服务器达到最低的延迟
    4. 我希望有一个独立的端口,能够把 telegram 的流量全都转发给 VPS
    5. 我希望有一个独立的端口,能够把 bittorrent 下载流量全都转发给欧洲大盘鸡
    6. 我希望......

    这些想法,是否能通过【路由】功能配置实现呢?

    答案当然是 【完全可以】 啦! 但是这些对于 level-1 来说已经超纲了,就留给各位自由的探索吧!

    10. 结语

    至此,Xray 的【路由】功能就介绍完了。希望本文能够对你理解 Xray 的灵活有所帮助。

    11. 尾注

    • 现在你可以重新阅读一遍 路由,看看是否有更加深刻的理解。
    • 🍉🍉🍉🍉🍉 😄
    - + diff --git a/en/document/level-1/work.html b/en/document/level-1/work.html index b6e3fd4572..ec3449bcdd 100644 --- a/en/document/level-1/work.html +++ b/en/document/level-1/work.html @@ -5,11 +5,11 @@ Xray 的工作模式 | Project X - +

    Xray 的工作模式

    单服务器模式

    与其它的网络代理工具一样,你需要一台配置了 Xray 的服务器,然后在自己的设备上安装并配置 Xray 客户端,然后即可流畅地访问互联网。

    一个 Xray 服务器可同时支持多台设备使用不同的代理协议访问。同时,经过合理的配置,Xray 可以识别并区分需要代理以及不需要代理的流量,直连的流量不需要绕路。

    桥接模式

    如果你不想在每一台设备上都配置路由,你也可以设置一台中转服务器,用于接收客户端发来的所有流量,然后在服务器中进行转发判断。

    工作原理

    在配置 Xray 之前,不妨先来看一下 Xray 的工作原理,以下是单个 Xray 进程的内部结构示意图。多个 Xray 之间相互独立,互不影响。

    • 需要配置至少一个入站连接(Inbound)和一个出站连接(Outbound)才可以正常工作。
      • 入站连接负责与客户端(如浏览器)通信:
        • 入站连接通常可以配置用户认证,如 ID 和密码等;
        • 入站连接收到数据之后,会交给分发器(Dispatcher)进行分发;
      • 出站连接负责将数据发给服务器,如另一台主机上的 Xray。
    • 当有多个出站连接时,可以配置路由(Routing)来指定某一类流量由某一个出站连接发出。
      • 路由会在必要时查询 DNS 以获取更多信息来进行判断。
    - + diff --git a/en/document/level-2/index.html b/en/document/level-2/index.html index a6bfb5ba66..31a0ab377b 100644 --- a/en/document/level-2/index.html +++ b/en/document/level-2/index.html @@ -5,11 +5,11 @@ Advanced Documentation | Project X - +

    Advanced Documentation

    This chapter contains experience sharing of using Xray at an advanced level. If you are already familiar with Xray, the experience shared here can help you unleash the full power of Xray.

    Beginner's Guide to Transparent Proxies by a @kirinopen in new window

    An Introduction to Transparent Proxies.

    TProxy Configuration Tutorial by a @BioniCosmosopen in new window

    Complete tutorial on configuring transparent proxy (TProxy) based on Xray.

    TProxy Transparent Proxy (IPv4 and IPv6) Configuration Tutorial by a @SQLimitopen in new window

    Xray-based TProxy Transparent Proxy (IPv4 and IPv6) Configuration Tutorial

    Nginx_TLS Tunnel Hidden Fingerprint by a @SQLimitopen in new window

    Use Nginx_TLS tunnel on both ends to hide the fingerprint.

    [Transparent Proxy] Avoiding Xray Traffic Through gid by a @kirinopen in new window

    A new way of bypassing Xray traffic in transparent proxy implemented by iptables/nftables.

    Redirect Specific Traffic to Specific Gateway using Xray to Achieve Global Routing "Load Balancing" by a @Zzz3mopen in new window

    Play Xray to the fullest: Implement "load balancing" based on fwmark or sendThrough.

    Enhancing Proxy Security with Cloudflare Warp by a @yuhan6665open in new window

    Introduction to using WireGuard for outbound traffic added in Xray v1.6.5.

    Xray Traffic Statistics by a @yuhan6665open in new window

    Adapt traffic statistics and scripts compatible with Xray.

    - + diff --git a/en/document/level-2/iptables_gid.html b/en/document/level-2/iptables_gid.html index b572fd060d..49392d3905 100644 --- a/en/document/level-2/iptables_gid.html +++ b/en/document/level-2/iptables_gid.html @@ -5,7 +5,7 @@ Transparent proxy via GID | Project X - + @@ -94,6 +94,6 @@ ip6tables -t mangle -A XRAY6_MASK -j MARK --set-mark 1 ip6tables -t mangle -A OUTPUT -m owner ! --gid-owner 23333 ! -p icmp -j XRAY6_MASK
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    - + diff --git a/en/document/level-2/nginx_tls_tunnel.html b/en/document/level-2/nginx_tls_tunnel.html index 6ac1a7effd..a94fa191cc 100644 --- a/en/document/level-2/nginx_tls_tunnel.html +++ b/en/document/level-2/nginx_tls_tunnel.html @@ -5,7 +5,7 @@ Nginx_TLS隧道隐藏指纹 | Project X - + @@ -216,6 +216,6 @@
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134

    如果使用透明代理需要在 iptables 或 ip6tables 配置中加入

    iptables -t mangle -A XRAY_MASK -d VSP_IPv4/32 -j RETURN
     ip6tables -t mangle -A XRAY6_MASK -d VPS_IPv6/128 -j RETURN
     
    1
    2

    客户端及服务端启动服务

    systemctl restart xray

    systemctl restart nginx

    后记

    客户端应该也是可以通过 domain socket 连接提高性能,但由于 xray outbound 不支持 ds 出站,想了半天没什么好的实现方法。如果 vnext 里支持 ds 就好了 (没有别的意思)。

    从客户端 nginx 开始应该可以选择 http2 grpc ws 等传输方式。

    - + diff --git a/en/document/level-2/redirect.html b/en/document/level-2/redirect.html index f614d9b7b5..e938ba9cfe 100644 --- a/en/document/level-2/redirect.html +++ b/en/document/level-2/redirect.html @@ -5,7 +5,7 @@ 出站流量重定向 | Project X - + @@ -221,6 +221,6 @@
    1

    开机自启

    systemctl enable wg-quick@wg0
     systemctl start wg-quick@wg0
     
    1
    2

    验证 IPv4/IPv6

    自行验证 Google 搜索 myip

    后记

    本文本意是可以避免的多余的流量浪费,将路由和分流的功能交给 Xray 处理。避免了维护路由表的繁琐工作。顺便技术提升 UP。

    感谢

    @Xray-core @V2ray-core @WireGuard @p3terx @w @Hiram @Luminous @Ln @JackChou

    - + diff --git a/en/document/level-2/tproxy.html b/en/document/level-2/tproxy.html index f602d3c901..fca0bacfb9 100644 --- a/en/document/level-2/tproxy.html +++ b/en/document/level-2/tproxy.html @@ -5,7 +5,7 @@ TProxy 透明代理 | Project X - + @@ -262,6 +262,6 @@ [Install] WantedBy=multi-user.target
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    - + diff --git a/en/document/level-2/tproxy_ipv4_and_ipv6.html b/en/document/level-2/tproxy_ipv4_and_ipv6.html index 2df278d24d..ba4eb01a2f 100644 --- a/en/document/level-2/tproxy_ipv4_and_ipv6.html +++ b/en/document/level-2/tproxy_ipv4_and_ipv6.html @@ -5,7 +5,7 @@ TProxy 透明代理 (ipv4 and ipv6) | Project X - + @@ -411,6 +411,6 @@ [Install] WantedBy=multi-user.target
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    1. 最后执行 systemctl enable tproxyrules 命令。

    tproxyrules.service

    注意其中主路由器 IP 地址,根据实际修改

    ExecStartPre=/bin/sh -c 'until ping -c1 192.168.31.1; do sleep 1; done;' 命令为确保获得 IP 地址后再执行命令,否则会诡异报错,其中 IP 地址为主路由器地址,根据实际修改。

    注意

    如果通过 dhcpcd 等设置了静态 IP 及网关,则上述相关 ip route add/del 设置需删除

    局域网设备上网设置

    此处假定旁路由 ipv4, ipv6 地址分别为192.168.31.100, fd00:6868:6868::8866, 旁路由的 ipv4, ipv6 地址可由命令ip add获得。

    方法一

    局域网设备上网有两种方式,第一种就是在使用设备上进行静态 IP 的配置,将网关指向旁路由 IP。注意绝大部分手机仅支持手动配置 ipv4 网关,不支持手动配置 ipv6 网关,除非 root 后进行相关设置。

    以 windows 设备为例,可以先开启 DHCP 记录自动分配的 IP 以参考,然后手写静态配置。

    DNS 设置

    此配置劫持 DNS 流量,DNS 可以随便写

    image image

    方法二

    局域网设备上网的第二种方式,是在路由器上进行网关设置,这种方法对于连接到此路由器的设备无需做任何设置即可科学上网,但注意有些路由器不支持 ipv6 的网关设置,有 ipv6 需求的设备仍需在所需设备上单独手动配置 ipv6 相关设置参考方法一。

    image

    Finally

    按照以上方法设置后设备即可双栈访问,进入测试网站比如 https://ipv6-test.com/ 可以看到如下结果 (需要代理此网站才能看到如下结果)

    image

    写在最后

    如今 ipv6 并未完全普及,我们日常访问的流量 99%仍为 ipv4 流量;很多 VPS 商家虽然提供 ipv6 地址,但线路优化非常垃圾,甚至处于不可用状态,为何要加入 ipV6 的设置?

    可以看到目前 ipv6 处于很尴尬的境地,各种设备对于 ipv6 的支持很烂,但是都在逐步完善,同时 Windows 系统对于 ipv6 的优先级也在提高,很多浏览器也会优先进行 ipv6 的解析以及访问,很多网站也开始默认使用 ipv6 进行访问(比如 Netflix, 如果没有配置 ipv6, 浏览器打开 Netflix 会显示 Not Available 是因为没有代理 Netflix 的 ipv6 请求,当然可以选择禁用 Windows 的 ipv6,但支持 ipv6 的 pt 站就无法使用)

    这种情况下 ipv4 无法完全胜任网络冲浪的需求,即使是那 1%的流量,遇到了也会让人头疼不已。

    而可以预见 ipv6 也会逐步与 ipv4 分庭抗礼,所以有必要加入 ipv6 的设置。

    - + diff --git a/en/document/level-2/traffic_stats.html b/en/document/level-2/traffic_stats.html index 55e2464ed8..bf78a9f8fc 100644 --- a/en/document/level-2/traffic_stats.html +++ b/en/document/level-2/traffic_stats.html @@ -5,7 +5,7 @@ 流量统计 | Project X - + @@ -101,6 +101,6 @@ print_sum "$DATA" "user" echo "-----------------------------"
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    - + diff --git a/en/document/level-2/transparent_proxy/transparent_proxy.html b/en/document/level-2/transparent_proxy/transparent_proxy.html index ffaae2807f..206aca8e33 100644 --- a/en/document/level-2/transparent_proxy/transparent_proxy.html +++ b/en/document/level-2/transparent_proxy/transparent_proxy.html @@ -5,7 +5,7 @@ 透明代理入门 | Project X - + @@ -88,6 +88,6 @@ iptables -t mangle -A OUTPUT -p tcp -j XRAY_MASK iptables -t mangle -A OUTPUT -p udp -j XRAY_MASK
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23

    但是这么配置有个缺点,如果使用 CDN 或者 VPS 很多的话,就不好写规则了。

    1. 通过 mark 规避

    三个白话文教程都是使用这种方法规避,自行参考,这里不再赘述。

    1. 通过 gid 规避(推荐)

    参考 [透明代理]通过 gid 规避 Xray 流量

    这样就完成了第三阶段的代理,也就是平时说的全局代理。但是记得把网关的 DNS 服务器设置为国外的 DNS 服务器,否则可能依然返回被污染的结果。

    第四阶段

    其实,并不是所有人都需要实现第四阶段。全局代理对于大部分情况已经适用。

    特别是对于旁路由而言。需要代理时,将网关调成旁路由的 IP,不需要代理时,将网关换回主路由 IP。

    至于第四阶段的具体实现,那三篇白话文教程讲的都是。在理解了上面的内容后,再去看那三篇白话文教程,就比较容易理解了。

    代理 ipv6

    上面的规则只对 ipv4 生效,如果还想要代理 ipv6 请求,则使用 ip6tables 命令,用法与 iptables 基本相同。参考 [透明代理]通过 gid 规避 Xray 流量#4-设置 iptables 规则

    iptables 透明代理的其它注意事项

    1. 如果作为代理的网关作为主路由,要在PREROUTING链规则中加一条iptables -t mangle -A XRAY ! -s 网关LAN_IP地址段 -j RETURN,即在第一阶段使用、第二阶段被删除的指令。如果不写,WAN 口中同网段的其它人可以将网关填写成你的 WAN_IP,从而蹭你的透明代理用,还可能带来一定的危险性。

    2. 新 V2Ray 白话文指南-透明代理(TPROXY)#设置网关open in new window 中的第三条说:手动配置 PC 的网络,将默认网关指向树莓派的地址即 192.168.1.22。此时 PC 应当能正常上网(由于还没设置代理,“正常”是指可以上国内的网站)。实际上,Ubuntu、CentOS、debian 等系统就算开启了 IP 转发,PC 也不能正常上网,这是正常的。事实上只有 OpenWRT 能做到文中所描述的那样,据 @BioniCosmosopen in new window 点拨,这是由于一般的 Linux 系统没有 Masquery 规则。

    3. too many open files 问题open in new window ,解决方法见 [透明代理]通过 gid 规避 Xray 流量-配置最大文件大开数&运行 Xray 客户端

    4. 关于开启 ip_forward,待补充...

    5. 避免已有连接的包二次通过 TPROXY ,待补充...

    6. 主路由、单臂路由与旁路由,待补充...

    - + diff --git a/en/document/level-2/warp.html b/en/document/level-2/warp.html index 0c77b5dd1c..b5b6f4de59 100644 --- a/en/document/level-2/warp.html +++ b/en/document/level-2/warp.html @@ -5,7 +5,7 @@ Enhancing Proxy Security with Cloudflare Warp | Project X - + @@ -92,6 +92,6 @@ ] }
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    - + diff --git a/en/index.html b/en/index.html index 551debeb46..d993919cb9 100644 --- a/en/index.html +++ b/en/index.html @@ -5,7 +5,7 @@ Project X - + @@ -15,6 +15,6 @@

    Full compatibility

    Fully compatible with v2ray-core configuration files and API calls

    Affinity

    Active community discussions and contributions, MPL 2.0 open source license

    XTLS? Xray? V2Ray?

    XTLS are brilliant ideas for TLS we study, while Xray is the best practice we maintain.

    • Xray-core is a superset of v2ray-core, with better overall performance and enhancements such as XTLS, and it'scompletelycompatible with v2ray-core functionality and configuration.
      • Only one executable file, including ctl functionality, run is the default command
      • Configuration iscompletelycompatible, environment variables and API calls need to be changed to start with XRAY_
      • Exposed raw protocol's ReadV on all platforms
      • Provides complete VLESS & Trojan XTLS support, both with ReadV
      • Provides multiple XTLS flow control modes, unrivaled performance!

    "Configuration compatible, overall better"

    Who are we?

    It doesn't matter who we are. What matters is that we will keep riding and never look back.

    Help Xray become stronger

    Welcome to help Xray become stronger!

    Telegram

    Thanks

    • Thanks to everyone for their support!
    • Thanks to all kinds of scripts, Docker images, client support... Thanks to all the big guys who helped improve the ecosystem!
    • Thanks to friends who have contributed to the Xray website and documentation.
    • Thanks to friends who have made meaningful suggestions and comments.
    • Thanks to every friend in the Telegram group who helps others.

    More about project X

    • If you would like to learn more about project X's history and growth, please click here

    License

    Mozilla Public License Version 2.0open in new window

    Stargazers over time

    Stargazers over timeopen in new window

    - + diff --git a/index.html b/index.html index 0de32409bb..0626b73371 100644 --- a/index.html +++ b/index.html @@ -5,7 +5,7 @@ Project X - + @@ -15,6 +15,6 @@

    完整兼容

    完整兼容 v2ray-core 配置文件与 API 调用

    亲和力

    活跃的社区讨论及贡献,MPL 2.0 开源许可协议

    XTLS ? Xray ? V2Ray ?

    XTLS are brilliant ideas for TLS we study, while Xray is the best practice we maintain.

    • Xray-core 是 v2ray-core 的超集,含更好的整体性能和 XTLS 等一系列增强,且完全兼容 v2ray-core 的功能及配置。
      • 只有一个可执行文件,含 ctl 的功能,run 为默认指令
      • 配置上完全兼容,环境变量和 API 对应要改为以 XRAY_ 开头
      • 全平台开放了裸协议的 ReadV
      • 提供完整的 VLESS & Trojan XTLS 支持,均有 ReadV
      • 提供了 XTLS 多种流控模式, 性能一骑绝尘!

    “配置兼容,整体更好”

    我们是谁?

    It doesn't matter who we are. What matters is that we will keep riding and never look back.

    帮助 Xray 变得更强

    欢迎帮助 Xray 变得更强!

    Telegram

    致谢

    • 感谢所有人的支持!
    • 感谢各类脚本、Docker 镜像、客户端支持...感谢所有帮忙完善生态的大佬们!
    • 感谢为 Xray 网站和文档添砖加瓦的朋友们.
    • 感谢提出有意义的建议和意见的朋友们.
    • 感谢 Telegram 群每一位帮助群友的朋友.

    更多关于 project X

    • 如果你想知道更多关于 project X 的足迹与成长, 请点击这里

    License

    Mozilla Public License Version 2.0open in new window

    Stargazers over time

    Stargazers over timeopen in new window

    - +