85 lines
2.8 KiB
JSON
85 lines
2.8 KiB
JSON
{
|
|
"log": {
|
|
"loglevel": "warning"
|
|
},
|
|
"routing": {
|
|
"domainStrategy": "IPIfNonMatch",
|
|
"rules": [
|
|
{
|
|
"type": "field",
|
|
"ip": [
|
|
"geoip:cn"
|
|
],
|
|
"outboundTag": "block"
|
|
}
|
|
]
|
|
},
|
|
"inbounds": [
|
|
{
|
|
"listen": "0.0.0.0", // "0.0.0.0" Indicates listening to both IPv4 and IPv6
|
|
"port": 443, // The port on which the server listens
|
|
"protocol": "vless",
|
|
"settings": {
|
|
"clients": [
|
|
{
|
|
"id": "", // User ID, perform xray uuid generation, or a string of 1-30 bytes
|
|
"flow": "xtls-rprx-vision"
|
|
}
|
|
],
|
|
"decryption": "none",
|
|
"fallbacks": [
|
|
{
|
|
"dest": "8001",
|
|
"xver": 1
|
|
},
|
|
{
|
|
"alpn": "h2",
|
|
"dest": "8002",
|
|
"xver": 1
|
|
}
|
|
]
|
|
},
|
|
"streamSettings": {
|
|
"network": "tcp",
|
|
"security": "tls",
|
|
"tlsSettings": {
|
|
"rejectUnknownSni": true,
|
|
"minVersion": "1.2",
|
|
"certificates": [
|
|
{
|
|
"ocspStapling": 3600,
|
|
"certificateFile": "/etc/ssl/private/fullchain.cer", // For the certificate file, it is recommended to use fullchain (full SSL certificate chain). If there is only a website certificate, v2rayN can be used but v2rayNG cannot be used. Usually, the extension is not distinguished
|
|
"keyFile": "/etc/ssl/private/private.key" // private key file
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"sniffing": {
|
|
"enabled": true,
|
|
"destOverride": [
|
|
"http",
|
|
"tls"
|
|
]
|
|
}
|
|
}
|
|
],
|
|
"outbounds": [
|
|
{
|
|
"protocol": "freedom",
|
|
"tag": "direct"
|
|
},
|
|
{
|
|
"protocol": "blackhole",
|
|
"tag": "block"
|
|
}
|
|
],
|
|
"policy": {
|
|
"levels": {
|
|
"0": {
|
|
"handshake": 2, // The handshake time limit when the connection is established, in seconds, the default value is 4, it is recommended to be different from the default value
|
|
"connIdle": 120 // Connection idle time limit in seconds, the default value is 300, it is recommended to be different from the default value
|
|
}
|
|
}
|
|
}
|
|
}
|