{ "log": { "loglevel": "warning" }, "routing": { "domainStrategy": "IPIfNonMatch", "rules": [ { "type": "field", "ip": [ "geoip:cn" ], "outboundTag": "block" } ] }, "inbounds": [ { "listen": "0.0.0.0", // "0.0.0.0" 表示同时监听IPv4和IPv6 "port": 443, // 服务端监听的端口 "protocol": "vless", "settings": { "clients": [ { "id": "", // 用户ID,执行 xray uuid 生成,或 1-30 字节的字符串 "flow": "xtls-rprx-vision" } ], "decryption": "none", "fallbacks": [ { "dest": "8001", "xver": 1 }, { "alpn": "h2", "dest": "8002", "xver": 1 } ] }, "streamSettings": { "network": "tcp", "security": "tls", "tlsSettings": { "rejectUnknownSni": true, "minVersion": "1.2", "certificates": [ { "ocspStapling": 3600, "certificateFile": "/etc/ssl/private/fullchain.cer", // 证书文件,建议用fullchain(全SSL证书链),若只有网站证书,会出现v2rayN能使用,v2rayNG不能使用的情况,通常不区分扩展名 "keyFile": "/etc/ssl/private/private.key" // 私钥文件 } ] } }, "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] } } ], "outbounds": [ { "protocol": "freedom", "tag": "direct" }, { "protocol": "blackhole", "tag": "block" } ], "policy": { "levels": { "0": { "handshake": 2, // 连接建立时的握手时间限制,单位为秒,默认值为 4,建议与默认值不同 "connIdle": 120 // 连接空闲的时间限制,单位为秒,默认值为 300,建议与默认值不同 } } }