diff --git a/VLESS-TLS-splitHttp-Nginx/client.json b/VLESS-TLS-splitHttp-Nginx/client.json new file mode 100644 index 0000000..0ac5acb --- /dev/null +++ b/VLESS-TLS-splitHttp-Nginx/client.json @@ -0,0 +1,62 @@ +{ + "log": { + "loglevel": "warning" + }, + "routing": { + "rules": [ + { + "ip": [ + "geoip:private" + ], + "outboundTag": "direct" + } + ] + }, + "inbounds": [ + { + "listen": "127.0.0.1", + "port": 10808, + "protocol": "socks" + }, + { + "listen": "127.0.0.1", + "port": 10809, + "protocol": "http" + } + ], + "outbounds": [ + { + "protocol": "vless", + "settings": { + "vnext": [ + { + "address": "", + "port": 443, + "users": [ + { + "id": "", + "encryption": "none" + } + ] + } + ] + }, + "streamSettings": { + "network": "splithttp", + "splithttpSettings": { + "path": "/split" + }, + "security": "tls", + "tlsSettings": { + "serverName": "" + } + }, + "tag": "proxy" + }, + { + "protocol": "freedom", + "tag": "direct" + } + ] + } + \ No newline at end of file diff --git a/VLESS-TLS-splitHttp-Nginx/nginx.conf b/VLESS-TLS-splitHttp-Nginx/nginx.conf new file mode 100644 index 0000000..eb574f0 --- /dev/null +++ b/VLESS-TLS-splitHttp-Nginx/nginx.conf @@ -0,0 +1,83 @@ +user www-data; +worker_processes auto; + +error_log /var/log/nginx/error.log notice; +pid /var/run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + log_format main '[$time_local] $proxy_protocol_addr "$http_referer" "$http_user_agent"'; + access_log /var/log/nginx/access.log main; + + map $http_upgrade $connection_upgrade { + default upgrade; + "" close; + } + + map $proxy_protocol_addr $proxy_forwarded_elem { + ~^[0-9.]+$ "for=$proxy_protocol_addr"; + ~^[0-9A-Fa-f:.]+$ "for=\"[$proxy_protocol_addr]\""; + default "for=unknown"; + } + + map $http_forwarded $proxy_add_forwarded { + "~^(,[ \\t]*)*([!#$%&'*+.^_`|~0-9A-Za-z-]+=([!#$%&'*+.^_`|~0-9A-Za-z-]+|\"([\\t \\x21\\x23-\\x5B\\x5D-\\x7E\\x80-\\xFF]|\\\\[\\t \\x21-\\x7E\\x80-\\xFF])*\"))?(;([!#$%&'*+.^_`|~0-9A-Za-z-]+=([!#$%&'*+.^_`|~0-9A-Za-z-]+|\"([\\t \\x21\\x23-\\x5B\\x5D-\\x7E\\x80-\\xFF]|\\\\[\\t \\x21-\\x7E\\x80-\\xFF])*\"))?)*([ \\t]*,([ \\t]*([!#$%&'*+.^_`|~0-9A-Za-z-]+=([!#$%&'*+.^_`|~0-9A-Za-z-]+|\"([\\t \\x21\\x23-\\x5B\\x5D-\\x7E\\x80-\\xFF]|\\\\[\\t \\x21-\\x7E\\x80-\\xFF])*\"))?(;([!#$%&'*+.^_`|~0-9A-Za-z-]+=([!#$%&'*+.^_`|~0-9A-Za-z-]+|\"([\\t \\x21\\x23-\\x5B\\x5D-\\x7E\\x80-\\xFF]|\\\\[\\t \\x21-\\x7E\\x80-\\xFF])*\"))?)*)?)*$" "$http_forwarded, $proxy_forwarded_elem"; + default "$proxy_forwarded_elem"; + } + + server { + + listen 443 http2 ssl; + listen [::]:443 http2 ssl; + + ssl_certificate /path/to/example.cer; + ssl_certificate_key /path/to/example.key; + + set_real_ip_from 127.0.0.1; + real_ip_header proxy_protocol; + + location / { + sub_filter $proxy_host $host; + sub_filter_once off; + + set $website www.lovelive-anime.jp; + proxy_pass https://$website; + resolver 1.1.1.1; + + proxy_redirect off; + #proxy_set_header Host $host; + + proxy_set_header Host $proxy_host; + + proxy_http_version 1.1; + proxy_cache_bypass $http_upgrade; + + proxy_ssl_server_name off; + + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_set_header X-Real-IP $proxy_protocol_addr; + proxy_set_header Forwarded $proxy_add_forwarded; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; + add_header X-Frame-Options "SAMEORIGIN"; + + + proxy_connect_timeout 60s; + proxy_send_timeout 60s; + proxy_read_timeout 60s; + } + + location /split { + proxy_pass http://127.0.0.1:1234; + proxy_http_version 1.1; + proxy_redirect off; + } + + } +} diff --git a/VLESS-TLS-splitHttp-Nginx/server.json b/VLESS-TLS-splitHttp-Nginx/server.json new file mode 100644 index 0000000..b68d4d1 --- /dev/null +++ b/VLESS-TLS-splitHttp-Nginx/server.json @@ -0,0 +1,54 @@ +{ + "log": { + "loglevel": "warning" + }, + "routing": { + "rules": [ + { + "port": "443", + "network": "udp", + "outboundTag": "block" + } + ] + }, + "inbounds": [ + { + "listen": "127.0.0.1", + "port": 1234, + "protocol": "vless", + "settings": { + "clients": [ + { + "id": "" + } + ], + "decryption": "none" + }, + "streamSettings": { + "network": "splithttp", + "splithttpSettings": { + "path": "/split" + } + }, + "sniffing": { + "enabled": true, + "destOverride": [ + "http", + "tls", + "quic" + ] + } + } + ], + "outbounds": [ + { + "protocol": "freedom", + "tag": "direct" + }, + { + "protocol": "blackhole", + "tag": "block" + } + ] + } + \ No newline at end of file