Update README.ENG.md url fix

Update vmess_ws_tls.json comment translate Update vmess_tcp_tls.json comment translate Update vless_ws_tls.json comment trnslate Update vless_tcp_xtls.json comment translate Update vless_tcp_tls.json comment translate Update trojan_tcp_tls.json comment translate Create README.ENG.md Update README.md add link README.ENG.md Update README.md add link README.ENG.md Create README.ENG.md Update README.md add link README.ENG.md Create README.ENG.md Update client.json comment transalate Update server.json comment translate Update README.md add english translate Update README.md add english link Create README.ENG.md Update Caddyfile comment translate Update client.json comment translate Update server.json comment translate Update README.md add link README.ENG.md Create RREADME.ENG.md Update config_client_tcp_tls.json translate comment Update config_client_ws_tls.json translate comment Update config_server.json comment translate Update README.md add link README.ENG.md Create README.ENG.md Update config_client.json comment translate Update config_server.json comment translate Update client.json translate comment Update server.json translate comment Update README.md add link README.ENG.md Create README.ENG.md Update server.json translate comment Update README.md add link README.ENG.md Update README.md Create README.ENG.md Co-authored-by: lk29 <12291632+lk29@users.noreply.github.com>
2024-11-23 09:01:28 +00:00 · 2023-04-05 20:57:50 -04:00 · 2023-04-05 20:57:50 -04:00 · d35c6f5aaa
parent 28052d756d
commit d35c6f5aaa
18 changed files with 482 additions and 4 deletions
--- a/ReverseProxy/README.ENG.md
+++ b/ReverseProxy/README.ENG.md
@ -0,0 +1,21 @@
+# reverse proxy
+# principle
+Xray Client <--- VMESS/SS ---> Xray Portal (requires public IP) <--- VMESS/SS ---> Xray Bridge
+# illustrate
+In the configuration, the internal network device uses `bridge.json`, the device with public network ip uses `portal.json`, and the device connected to the intranet through `portal` uses `client.json`.
+
+In practical applications, `VMESS-TCP, Shadowsocks-2022`, etc. can be used as the transmission protocols from Xray Client to Xray Portal, and from Xray Bridge to Xray Portal.
+
+## psk
+
+Shadowsocks 2022 uses a pre-shared key similar to WireGuard for the password.
+
+Use `openssl rand -base64 <length>` to generate a shadowsocks-rust compatible key, the length depends on the encryption method used.
+
+| encryption method | key length |
+|--------------------------------|-----:|
+| 2022-blake3-aes-128-gcm | 16 |
+| 2022-blake3-aes-256-gcm | 32 |
+| 2022-blake3-chacha20-poly1305 | 32 |
+
+In the Go implementation, 32-bit keys always work.
--- a/ReverseProxy/README.md
+++ b/ReverseProxy/README.md
@ -1,5 +1,8 @@
+[ENGLISH](README.ENG.md)
+
 # 反向代理
 # 原理
+
 Xray Client <--- VMESS/SS ---> Xray Portal(需要公网 IP) <--- VMESS/SS ---> Xray Bridge
 # 说明
 配置中，内网设备使用的配置为 `bridge.json`，有公网 ip 的设备使用 `portal.json`，通过`portal`连接到内网的设备使用`client.json`。
--- a/ReverseProxy/VLESS-TCP-XTLS-WS/README.ENG.md
+++ b/ReverseProxy/VLESS-TCP-XTLS-WS/README.ENG.md
@ -0,0 +1,20 @@
+# VLESS over TCP with XTLS + fallback & split
+
+Cooperate with fallback, use port 443 + XTLS + WS and route diversion to realize reverse proxy and enhance concealment.
+
+There are two client connection methods: VLESS over WS with TLS / VLESS over TCP with XTLS
+
+The portal setting defaults to the web server on port 80 (it can also be replaced with a database, FTP, etc.), refer to [VLESS-TCP-XTLS-WHATEVER](https://github.com/XTLS/Xray-examples/blob/main/VLESS-TCP-XTLS-WHATEVER/README.md)
+
+# additional configuration
+If your portal is outside the country, you can use routing splitting to achieve scientific Internet access + access to intranet devices at the same time.
+
+## Routing split
+According to the prompt in the configuration, in the `Portal` configuration, uncomment the first route:
+```
+// "ip": [
+// "geoip:private"
+// ],
+```
+
+At this time, when the traffic matches the `"external"` or `"externalws"` label, and the target ip of the access is a `private ip address`, the traffic will be forwarded to the bridge, and the rest of the traffic will go direct.
--- a/ReverseProxy/VLESS-TCP-XTLS-WS/README.md
+++ b/ReverseProxy/VLESS-TCP-XTLS-WS/README.md
@ -1,5 +1,7 @@
 # VLESS over TCP with XTLS + 回落 & 分流 

+[ENGLISH](README.ENG.md)
+
 配合回落，使用 443 端口 + XTLS + WS 和路由分流，实现反向代理，增强隐蔽性。

 客户端连接方式有 VLESS over WS with TLS / VLESS over TCP with XTLS 两种
--- a/Shadowsocks-2022/README.ENG.md
+++ b/Shadowsocks-2022/README.ENG.md
@ -0,0 +1,239 @@
+#Shadowsocks2022
+
+Server-side JSON
+
+```json
+{
+   "inbounds": [
+     {
+       "port": 1234,
+       "protocol": "shadowsocks",
+       "settings": {
+         "method": "2022-blake3-aes-128-gcm",
+         "password": "{{ psk }}",
+         "network": "tcp,udp"
+       }
+     }
+   ],
+   "outbounds": [
+     {
+       "protocol": "freedom"
+     }
+   ]
+}
+```
+
+Server-side JSON (multi-user)
+
+```json
+{
+   "inbounds": [
+     {
+       "port": 1234,
+       "protocol": "shadowsocks",
+       "settings": {
+         "method": "2022-blake3-aes-128-gcm",
+         "password": "{{ server psk }}",
+         "clients": [
+           {
+             "password": "{{ user psk }}",
+             "email": "my user"
+           }
+         ],
+         "network": "tcp,udp"
+       }
+     }
+   ],
+   "outbounds": [
+     {
+       "protocol": "freedom"
+     }
+   ]
+}
+```
+
+Server-side JSON (transit)
+
+```json
+{
+   "inbounds": [
+     {
+       "port": 1234,
+       "protocol": "shadowsocks",
+       "settings": {
+         "method": "2022-blake3-aes-128-gcm",
+         "password": "{{ relay psk }}",
+         "clients": [
+           {
+             "address": "server",
+             "port": 1234,
+             "password": "{{ server/user psk }}",
+             "email": "my server"
+           }
+         ],
+         "network": "tcp,udp"
+       }
+     }
+   ],
+   "outbounds": [
+     {
+       "protocol": "freedom"
+     }
+   ]
+}
+```
+
+Client JSON
+
+```json
+{
+   "inbounds": [
+     {
+       "port": 10801,
+       "protocol": "socks",
+       "settings": {
+         "udp": true
+       }
+     },
+     {
+       "port": 10802,
+       "protocol": "http"
+     }
+   ],
+   "outbounds": [
+     {
+       "protocol": "shadowsocks",
+       "settings": {
+         "servers": [
+           {
+             "address": "{{ host }}",
+             "port": 1234,
+             "method": "2022-blake3-aes-128-gcm",
+             "password": "{{ psk }}"
+           }
+         ]
+       }
+     }
+   ]
+}
+```
+
+Client JSON (UDP over TCP)
+
+```json
+{
+   "inbounds": [
+     {
+       "port": 10801,
+       "protocol": "socks",
+       "settings": {
+         "udp": true
+       }
+     },
+     {
+       "port": 10802,
+       "protocol": "http"
+     }
+   ],
+   "outbounds": [
+     {
+       "protocol": "shadowsocks",
+       "settings": {
+         "servers": [
+           {
+             "address": "{{ host }}",
+             "port": 1234,
+             "method": "2022-blake3-aes-128-gcm",
+             "password": "{{ psk }}",
+             "uot": true
+           }
+         ]
+       }
+     }
+   ]
+}
+```
+
+Client JSON (multi-user)
+
+```json
+{
+   "inbounds": [
+     {
+       "port": 10801,
+       "protocol": "socks",
+       "settings": {
+         "udp": true
+       }
+     },
+     {
+       "port": 10802,
+       "protocol": "http"
+     }
+   ],
+   "outbounds": [
+     {
+       "protocol": "shadowsocks",
+       "settings": {
+         "servers": [
+           {
+             "address": "{{ host }}",
+             "port": 1234,
+             "method": "2022-blake3-aes-128-gcm",
+             "password": "{{ server psk }}:{{ user psk }}"
+           }
+         ]
+       }
+     }
+   ]
+}
+```
+
+Client JSON (transit)
+
+```json
+{
+   "inbounds": [
+     {
+       "port": 10801,
+       "protocol": "socks",
+       "settings": {
+         "udp": true
+       }
+     },
+     {
+       "port": 10802,
+       "protocol": "http"
+     }
+   ],
+   "outbounds": [
+     {
+       "protocol": "shadowsocks",
+       "settings": {
+         "servers": [
+           {
+             "address": "{{ host }}",
+             "port": 1234,
+             "method": "2022-blake3-aes-128-gcm",
+             "password": "{{ relay psk }}:{{ user psk }}"
+           }
+         ]
+       }
+     }
+   ]
+}
+```
+
+## Password
+
+Shadowsocks 2022 uses a pre-shared key similar to WireGuard for the password.
+
+Use `openssl rand -base64 <length>` to generate a shadowsocks-rust compatible key, the length depends on the encryption method used.
+
+| encryption method | key length |
+|--------------------------------|-----:|
+| 2022-blake3-aes-128-gcm | 16 |
+| 2022-blake3-aes-256-gcm | 32 |
+| 2022-blake3-chacha20-poly1305 | 32 |
+
+In the Go implementation, 32-bit keys always work.
--- a/Shadowsocks-2022/README.md
+++ b/Shadowsocks-2022/README.md
@ -1,5 +1,7 @@
 # Shadowsocks 2022

+[ENGLISH](README.ENG.md)
+
 服务端 JSON

 ```json
--- a/Shadowsocks-AEAD/README.ENG.md
+++ b/Shadowsocks-AEAD/README.ENG.md
@ -0,0 +1,81 @@
+#Shadowsocks AEAD Quick Start
+
+Server-side JSON
+
+```json
+{
+     "inbounds": [
+         {
+             "port": 12345,
+             "protocol": "shadowsocks",
+             "settings": {
+                 "clients": [
+                     {
+                         "password": "example_user_1",
+                         "method": "aes-128-gcm"
+                     },
+                     {
+                         "password": "example_user_2",
+                         "method": "aes-256-gcm"
+                     },
+                     {
+                         "password": "example_user_3",
+                         "method": "chacha20-poly1305"
+                     }
+                 ],
+                 "network": "tcp,udp"
+             }
+         }
+     ],
+     "outbounds": [
+         {
+             "protocol": "freedom"
+         }
+     ]
+}
+```
+
+Client JSON
+
+```json
+{
+     "inbounds": [
+         {
+             "port": 10801,
+             "protocol": "socks",
+             "settings": {
+                 "udp": true
+             }
+         },
+         {
+             "port": 10802,
+             "protocol": "http"
+         }
+     ],
+     "outbounds": [
+         {
+             "protocol": "shadowsocks",
+             "settings": {
+                 "servers": [
+                     {
+                         "address": "",
+                         "port": 12345,
+                         "password": "example_user_1",
+                         "method": "aes-128-gcm"
+                     }
+                 ]
+             }
+         }
+     ]
+}
+```
+
+## What's happening
+
+No need for a graphical interface, just [**Xray-core**](https://github.com/XTLS/Xray-core) can quickly establish Shadowsocks AEAD encryption that supports Socks, HTTP proxy and **UDP FullCone** tunnel.
+
+Xray-core has perfect support for UDP, thanks to the refactoring of each inbound and outbound code. The inbound UDP of Socks can accept requests from any network port.
+
+As you can see, Xray-core also fully unleashes the potential of AEAD, **the server supports multiple users on a single port**, which is not implemented in any official version of Shadowsocks.
+
+So when you need Shadowsocks, you only need Xray-core to solve the problem: high performance, cross-platform, easy to compile, and more powerful functions out of the box.
--- a/Shadowsocks-AEAD/README.md
+++ b/Shadowsocks-AEAD/README.md
@ -1,5 +1,7 @@
 # Shadowsocks AEAD 快速上手

+[ENGLISH](README.ENG.md)
+
 服务端 JSON

 ```json
--- a/Trojan-gRPC-Caddy2／Nginx/README.ENG.md
+++ b/Trojan-gRPC-Caddy2／Nginx/README.ENG.md
@ -0,0 +1,35 @@
+# Trojan-gRPC-Caddy2/Nginx
+## Schematic (Caddy):
+Xray client <--- gRPC(TLS) ---> Caddy2 <--- gRPC(cleartext) ---> Xray server
+## Nginx:
+At the same time, you can also choose to use Nginx. A sample configuration snippet is as follows (partially from [@xqzr](https://github.com/xqzr)):
+```conf
+server {
+listen 443 ssl http2 so_keepalive=on;
+         listen [::]:443 ssl http2 so_keepalive=on;
+server_name example.com;
+
+index index.html;
+root /var/www/html;
+
+ssl_certificate /path/to/example.cer;
+ssl_certificate_key /path/to/example.key;
+ssl_protocols TLSv1.2 TLSv1.3;
+ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE -RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+
+client_header_timeout 52w;
+         keepalive_timeout 52w;
+# Fill in /your ServiceName after location
+location /your ServiceName {
+if ($content_type !~ "application/grpc") {
+return 404;
+}
+client_max_body_size 0;
+client_body_buffer_size 512k;
+grpc_set_header X-Real-IP $remote_addr;
+client_body_timeout 52w;
+grpc_read_timeout 52w;
+grpc_pass unix:/dev/shm/Xray-Trojan-gRPC.socket;
+}
+}
+```
--- a/Trojan-gRPC-Caddy2／Nginx/README.md
+++ b/Trojan-gRPC-Caddy2／Nginx/README.md
@ -1,4 +1,6 @@
 # Trojan-gRPC-Caddy2／Nginx
+[ENGLISH](README.ENG.md)
+
 ## 原理图 (Caddy) ：
 Xray client <--- gRPC(TLS) ---> Caddy2 <--- gRPC(cleartext) ---> Xray server
 ## Nginx：
--- a/VLESS-GRPC/README.ENG.md
+++ b/VLESS-GRPC/README.ENG.md
@ -0,0 +1,35 @@
+# VLESS-GRPC
+
+## Schematic (Caddy):
+Xray client <--- gRPC(TLS) ---> Caddy2 <--- gRPC(cleartext) ---> Xray server
+## Nginx:
+At the same time, you can also choose to use Nginx. A sample configuration snippet is as follows (partially from [@xqzr](https://github.com/xqzr)):
+```conf
+server {
+listen 443 ssl http2 so_keepalive=on;
+server_name example.com;
+
+index index.html;
+root /var/www/html;
+
+ssl_certificate /path/to/example.cer;
+ssl_certificate_key /path/to/example.key;
+ssl_protocols TLSv1.2 TLSv1.3;
+ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE -RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+
+client_header_timeout 52w;
+         keepalive_timeout 52w;
+# Fill in /your ServiceName after location
+location /your ServiceName {
+if ($content_type !~ "application/grpc") {
+return 404;
+}
+client_max_body_size 0;
+client_body_buffer_size 512k;
+grpc_set_header X-Real-IP $remote_addr;
+client_body_timeout 52w;
+grpc_read_timeout 52w;
+grpc_pass unix:/dev/shm/Xray-VLESS-gRPC.socket;
+}
+}
+```
--- a/VLESS-GRPC/README.md
+++ b/VLESS-GRPC/README.md
@ -1,4 +1,6 @@
 # VLESS-GRPC
+[ENGLISH](README.ENG.md)
+
 ## 原理图 (Caddy) ：
 Xray client <--- gRPC(TLS) ---> Caddy2 <--- gRPC(cleartext) ---> Xray server
 ## Nginx：
--- a/rprx)/README.ENG.md
+++ b/rprx)/README.ENG.md
@ -0,0 +1,18 @@
+# VLESS over TCP with TLS + fallback (simplest configuration)
+ 
+
+You need to have a domain name resolved to the server IP, and apply for a certificate, such as let's encrypt
+
+You also need an Nginx: (or any web server like Caddy)
+
+1. Use the package manager that comes with the system to install nginx. For details, please Google
+2. The default configuration of nginx is to listen to port 80, no need to modify
+3. Optional: Find and replace the index.html and other files that come with nginx
+4. Execute `systemctl enable nginx` to set up autostart
+5. Execute `systemctl start nginx` to start nginx
+
+If the server has a firewall enabled or the VPS has a security group, remember to allow ports TCP/80 and 443
+
+---
+
+Next, you can learn about [site building configuration](<../VLESS-TCP-TLS%20(maximal%20by%20rprx)>) (fall back to advanced usage), try [advanced configuration](<../VLESS- TCP-TLS-WS%20(recommended)>) (distribution to WebSocket)
--- a/rprx)/README.md
+++ b/rprx)/README.md
@ -1,4 +1,5 @@
 # VLESS over TCP with TLS + 回落（最简配置）
+[ENGLISH](README.ENG.md)

 你需要有一个解析到服务器 IP 的域名，并且申请了证书，比如 let's encrypt

--- a/(recommended)/README.ENG.md
+++ b/(recommended)/README.ENG.md
@ -0,0 +1,13 @@
+# VLESS over TCP with TLS + fallback & split to WebSocket (advanced configuration)
+
+This is a superset of [Minimal Configuration](<../VLESS-TCP-TLS%20(minimal%20by%20rprx)>), using the powerful fallback and distribution features of VLESS, it realizes port 443 VLESS over TCP with TLS and Perfect coexistence of any WSS
+
+This configuration is for reference. You can replace VLESS on WS with any other protocol such as VMess, and set more PATHs and protocol coexistence.
+
+After deployment, you can connect to the server through VLESS over TCP with TLS and any WebSocket with TLS at the same time, the latter of which can be through CDN
+
+According to the actual measurement, the performance of VLESS fallback shunt WS is stronger than that of Nginx reverse generation WS. The traditional VMess + WSS solution can be completely migrated without loss of compatibility.
+
+---
+
+Next, you can try [Ultimate Configuration](../VLESS-TCP-XTLS-WHATEVER): switch to XTLS to achieve ultimate performance, and offload to VMess over TCP, and more fallback and offload suggestions, not only Xray
--- a/(recommended)/README.md
+++ b/(recommended)/README.md
@ -1,4 +1,5 @@
 # VLESS over TCP with TLS + 回落 & 分流 to WebSocket（进阶配置）
+[ENGLISH](README.ENG.md)

 这里是 [最简配置](<../VLESS-TCP-TLS%20(minimal%20by%20rprx)>) 的超集，利用 VLESS 强大的回落分流特性，实现了 443 端口 VLESS over TCP with TLS 和任意 WSS 的完美共存

--- a/VLESS-TCP/README.md
+++ b/VLESS-TCP/README.md
@ -1 +1,2 @@
 # （目前）请勿使用此配置过墙，记得套 TLS
+# (currently) do not use this configuration to go through the wall, remember to set TLS