From 67c7e9fd86bd542e9318fbc933b7995e81348f72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= Date: Wed, 31 Aug 2022 12:50:26 +0800 Subject: [PATCH] Refactor inbound documetation --- docs/configuration/inbound/direct.md | 79 +++---------- docs/configuration/inbound/direct.zh.md | 76 ++---------- docs/configuration/inbound/http.md | 80 +++---------- docs/configuration/inbound/http.zh.md | 84 +++----------- docs/configuration/inbound/hysteria.md | 84 ++++---------- docs/configuration/inbound/hysteria.zh.md | 84 ++++---------- docs/configuration/inbound/index.md | 28 ++--- docs/configuration/inbound/index.zh.md | 28 ++--- docs/configuration/inbound/mixed.md | 82 +++---------- docs/configuration/inbound/mixed.zh.md | 82 +++---------- docs/configuration/inbound/naive.md | 82 +++---------- docs/configuration/inbound/naive.zh.md | 82 +++---------- docs/configuration/inbound/redirect.md | 48 +------- docs/configuration/inbound/redirect.zh.md | 49 +------- docs/configuration/inbound/shadowsocks.md | 67 ++++------- docs/configuration/inbound/shadowsocks.zh.md | 115 +++++-------------- docs/configuration/inbound/socks.md | 74 +++--------- docs/configuration/inbound/socks.zh.md | 76 +++--------- docs/configuration/inbound/tproxy.md | 65 ++--------- docs/configuration/inbound/tproxy.zh.md | 65 ++--------- docs/configuration/inbound/trojan.md | 100 +++++----------- docs/configuration/inbound/trojan.zh.md | 100 +++++----------- docs/configuration/inbound/tun.md | 99 ++++++---------- docs/configuration/inbound/tun.zh.md | 97 ++++++---------- docs/configuration/inbound/vmess.md | 82 +++---------- docs/configuration/inbound/vmess.zh.md | 82 +++---------- docs/configuration/shared/dial.md | 69 +++++++++++ docs/configuration/shared/dial.zh.md | 66 +++++++++++ docs/configuration/shared/listen.md | 73 ++++++++++++ docs/configuration/shared/listen.zh.md | 72 ++++++++++++ mkdocs.yml | 4 + outbound/wireguard.go | 2 +- 32 files changed, 754 insertions(+), 1522 deletions(-) create mode 100644 docs/configuration/shared/dial.md create mode 100644 docs/configuration/shared/dial.zh.md create mode 100644 docs/configuration/shared/listen.md create mode 100644 docs/configuration/shared/listen.zh.md diff --git a/docs/configuration/inbound/direct.md b/docs/configuration/inbound/direct.md index 26bf558f..706c6775 100644 --- a/docs/configuration/inbound/direct.md +++ b/docs/configuration/inbound/direct.md @@ -4,29 +4,22 @@ ```json { - "inbounds": [ - { - "type": "direct", - "tag": "direct-in", - - "listen": "::", - "listen_port": 5353, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "udp_timeout": 300, - "proxy_protocol": false, + "type": "direct", + "tag": "direct-in", + + ... // Listen Fields - "network": "udp", - "override_address": "1.0.0.1", - "override_port": 53 - } - ] + "network": "udp", + "override_address": "1.0.0.1", + "override_port": 53 } ``` -### Direct Fields +### Listen Fields + +See [Listen Fields](/configuration/shared/listen) for details. + +### Fields #### network @@ -40,50 +33,4 @@ Override the connection destination address. #### override_port -Override the connection destination port. - -### Listen Fields - -#### listen - -==Required== - -Listen address. - -#### listen_port - -==Required== - -Listen port. - -#### tcp_fast_open - -Enable tcp fast open for listener. - -#### sniff - -Enable sniffing. - -See [Protocol Sniff](/configuration/route/sniff/) for details. - -#### sniff_override_destination - -Override the connection destination address with the sniffed domain. - -If the domain name is invalid (like tor), this will not work. - -#### domain_strategy - -One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. - -If set, the requested domain name will be resolved to IP before routing. - -If `sniff_override_destination` is in effect, its value will be taken as a fallback. - -#### udp_timeout - -UDP NAT expiration time in seconds, default is 300 (5 minutes). - -#### proxy_protocol - -Parse [Proxy Protocol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) in the connection header. \ No newline at end of file +Override the connection destination port. \ No newline at end of file diff --git a/docs/configuration/inbound/direct.zh.md b/docs/configuration/inbound/direct.zh.md index 57e02984..a3861a53 100644 --- a/docs/configuration/inbound/direct.zh.md +++ b/docs/configuration/inbound/direct.zh.md @@ -4,29 +4,22 @@ ```json { - "inbounds": [ - { - "type": "direct", - "tag": "direct-in", + "type": "direct", + "tag": "direct-in", - "listen": "::", - "listen_port": 5353, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "udp_timeout": 300, - - "network": "udp", - "proxy_protocol": false, - "override_address": "1.0.0.1", - "override_port": 53 - } - ] + ... // 监听字段 + + "network": "udp", + "override_address": "1.0.0.1", + "override_port": 53 } ``` -### Direct 字段 +### 监听字段 + +参阅 [监听字段](/zh/configuration/shared/listen/)。 + +### 字段 #### network @@ -42,48 +35,3 @@ 覆盖连接目标端口。 -### 监听字段 - -#### listen - -==必填== - -监听地址。 - -#### listen_port - -==必填== - -监听端口。 - -#### tcp_fast_open - -为监听器启用 TCP 快速打开。 - -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/) - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 - -#### udp_timeout - -UDP NAT 过期时间,以秒为单位,默认为 300(5 分钟)。 - -#### proxy_protocol - -解析连接头中的 [代理协议](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)。 diff --git a/docs/configuration/inbound/http.md b/docs/configuration/inbound/http.md index f84453bc..9b1c66fd 100644 --- a/docs/configuration/inbound/http.md +++ b/docs/configuration/inbound/http.md @@ -2,33 +2,27 @@ ```json { - "inbounds": [ + "type": "http", + "tag": "http-in", + + ... // Listen Fields + + "users": [ { - "type": "http", - "tag": "http-in", - - "listen": "::", - "listen_port": 2080, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, - - "users": [ - { - "username": "admin", - "password": "admin" - } - ], - "tls": {}, - "set_system_proxy": false + "username": "admin", + "password": "admin" } - ] + ], + "tls": {}, + "set_system_proxy": false } ``` -### HTTP Fields +### Listen Fields + +See [Listen Fields](/configuration/shared/listen) for details. + +### Fields #### tls @@ -47,45 +41,3 @@ No authentication required if empty. Only supported on Linux, Android, Windows, and macOS. Automatically set system proxy configuration when start and clean up when stop. - -### Listen Fields - -#### listen - -==Required== - -Listen address. - -#### listen_port - -==Required== - -Listen port. - -#### tcp_fast_open - -Enable tcp fast open for listener. - -#### sniff - -Enable sniffing. - -See [Protocol Sniff](/configuration/route/sniff/) for details. - -#### sniff_override_destination - -Override the connection destination address with the sniffed domain. - -If the domain name is invalid (like tor), this will not work. - -#### domain_strategy - -One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. - -If set, the requested domain name will be resolved to IP before routing. - -If `sniff_override_destination` is in effect, its value will be taken as a fallback. - -#### proxy_protocol - -Parse [Proxy Protocol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) in the connection header. \ No newline at end of file diff --git a/docs/configuration/inbound/http.zh.md b/docs/configuration/inbound/http.zh.md index 5200c43f..7e976091 100644 --- a/docs/configuration/inbound/http.zh.md +++ b/docs/configuration/inbound/http.zh.md @@ -2,33 +2,27 @@ ```json { - "inbounds": [ + "type": "http", + "tag": "http-in", + + ... // 监听字段 + + "users": [ { - "type": "http", - "tag": "http-in", - - "listen": "::", - "listen_port": 2080, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, - - "users": [ - { - "username": "admin", - "password": "admin" - } - ], - "tls": {}, - "set_system_proxy": false + "username": "admin", + "password": "admin" } - ] + ], + "tls": {}, + "set_system_proxy": false } ``` -### HTTP 字段 +### 监听字段 + +参阅 [监听字段](/zh/configuration/shared/listen/)。 + +### 字段 #### tls @@ -38,7 +32,7 @@ TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#inbound)。 HTTP 用户 -默认不需要验证。 +如果为空则不需要验证。 #### set_system_proxy @@ -46,46 +40,4 @@ HTTP 用户 仅支持 Linux、Android、Windows 和 macOS。 -启动时自动设置系统代理,停止时自动清理。 - -### 监听字段 - -#### listen - -==必填== - -监听地址。 - -#### listen_port - -==必填== - -监听端口。 - -#### tcp_fast_open - -为监听器启用 TCP 快速打开。 - -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/) - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 - -#### proxy_protocol - -解析连接头中的 [代理协议](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)。 +启动时自动设置系统代理,停止时自动清理。 \ No newline at end of file diff --git a/docs/configuration/inbound/hysteria.md b/docs/configuration/inbound/hysteria.md index 85295e24..358e1298 100644 --- a/docs/configuration/inbound/hysteria.md +++ b/docs/configuration/inbound/hysteria.md @@ -2,31 +2,23 @@ ```json { - "inbounds": [ - { - "type": "hysteria", - "tag": "hysteria-in", - - "listen": "::", - "listen_port": 443, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - - "up": "100 Mbps", - "up_mbps": 100, - "down": "100 Mbps", - "down_mbps": 100, - "obfs": "fuck me till the daylight", - "auth": "", - "auth_str": "password", - "recv_window_conn": 0, - "recv_window_client": 0, - "max_conn_client": 0, - "disable_mtu_discovery": false, - "tls": {} - } - ] + "type": "hysteria", + "tag": "hysteria-in", + + ... // Listen Fields + + "up": "100 Mbps", + "up_mbps": 100, + "down": "100 Mbps", + "down_mbps": 100, + "obfs": "fuck me till the daylight", + "auth": "", + "auth_str": "password", + "recv_window_conn": 0, + "recv_window_client": 0, + "max_conn_client": 0, + "disable_mtu_discovery": false, + "tls": {} } ``` @@ -34,7 +26,11 @@ QUIC, which is required by hysteria is not included by default, see [Installation](/#installation). -### Hysteria Fields +### Listen Fields + +See [Listen Fields](/configuration/shared/listen) for details. + +### Fields #### up, down @@ -101,38 +97,4 @@ Force enabled on for systems other than Linux and Windows (according to upstream ==Required== -TLS configuration, see [TLS](/configuration/shared/tls/#inbound). - -### Listen Fields - -#### listen - -==Required== - -Listen address. - -#### listen_port - -==Required== - -Listen port. - -#### sniff - -Enable sniffing. - -See [Protocol Sniff](/configuration/route/sniff/) for details. - -#### sniff_override_destination - -Override the connection destination address with the sniffed domain. - -If the domain name is invalid (like tor), this will not work. - -#### domain_strategy - -One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. - -If set, the requested domain name will be resolved to IP before routing. - -If `sniff_override_destination` is in effect, its value will be taken as a fallback. +TLS configuration, see [TLS](/configuration/shared/tls/#inbound). \ No newline at end of file diff --git a/docs/configuration/inbound/hysteria.zh.md b/docs/configuration/inbound/hysteria.zh.md index 25ea0d6a..f47cd96b 100644 --- a/docs/configuration/inbound/hysteria.zh.md +++ b/docs/configuration/inbound/hysteria.zh.md @@ -2,31 +2,23 @@ ```json { - "inbounds": [ - { - "type": "hysteria", - "tag": "hysteria-in", - - "listen": "::", - "listen_port": 443, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - - "up": "100 Mbps", - "up_mbps": 100, - "down": "100 Mbps", - "down_mbps": 100, - "obfs": "fuck me till the daylight", - "auth": "", - "auth_str": "password", - "recv_window_conn": 0, - "recv_window_client": 0, - "max_conn_client": 0, - "disable_mtu_discovery": false, - "tls": {} - } - ] + "type": "hysteria", + "tag": "hysteria-in", + + ... // 监听字段 + + "up": "100 Mbps", + "up_mbps": 100, + "down": "100 Mbps", + "down_mbps": 100, + "obfs": "fuck me till the daylight", + "auth": "", + "auth_str": "password", + "recv_window_conn": 0, + "recv_window_client": 0, + "max_conn_client": 0, + "disable_mtu_discovery": false, + "tls": {} } ``` @@ -34,7 +26,11 @@ 默认安装不包含被 Hysteria 依赖的 QUIC,参阅 [安装](/zh/#_2)。 -### Hysteria 字段 +### 监听字段 + +参阅 [监听字段](/zh/configuration/shared/listen/)。 + +### 字段 #### up, down @@ -101,38 +97,4 @@ base64 编码的认证密码。 ==必填== -TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#inbound)。 - -### 监听字段 - -#### listen - -==必填== - -监听地址。 - -#### listen_port - -==必填== - -监听端口。 - -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/)。 - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 \ No newline at end of file +TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#inbound)。 \ No newline at end of file diff --git a/docs/configuration/inbound/index.md b/docs/configuration/inbound/index.md index 0475ba58..5b680bec 100644 --- a/docs/configuration/inbound/index.md +++ b/docs/configuration/inbound/index.md @@ -15,20 +15,20 @@ ### Fields -| Type | Format | -|---------------|------------------------------| -| `direct` | [Direct](./direct) | -| `mixed` | [Mixed](./mixed) | -| `socks` | [SOCKS](./socks) | -| `http` | [HTTP](./http) | -| `shadowsocks` | [Shadowsocks](./shadowsocks) | -| `vmess` | [VMess](./vmess) | -| `trojan` | [Trojan](./trojan) | -| `naive` | [Naive](./naive) | -| `hysteria` | [Hysteria](./hysteria) | -| `tun` | [Tun](./tun) | -| `redirect` | [Redirect](./redirect) | -| `tproxy` | [TProxy](./tproxy) | +| Type | Format | Injectable | +|---------------|------------------------------|------------| +| `direct` | [Direct](./direct) | X | +| `mixed` | [Mixed](./mixed) | TCP | +| `socks` | [SOCKS](./socks) | TCP | +| `http` | [HTTP](./http) | TCP | +| `shadowsocks` | [Shadowsocks](./shadowsocks) | TCP | +| `vmess` | [VMess](./vmess) | TCP | +| `trojan` | [Trojan](./trojan) | TCP | +| `naive` | [Naive](./naive) | X | +| `hysteria` | [Hysteria](./hysteria) | X | +| `tun` | [Tun](./tun) | X | +| `redirect` | [Redirect](./redirect) | X | +| `tproxy` | [TProxy](./tproxy) | X | #### tag diff --git a/docs/configuration/inbound/index.zh.md b/docs/configuration/inbound/index.zh.md index d19d033f..e32be645 100644 --- a/docs/configuration/inbound/index.zh.md +++ b/docs/configuration/inbound/index.zh.md @@ -15,20 +15,20 @@ ### 字段 -| 类型 | 格式 | -|---------------|------------------------------| -| `direct` | [Direct](./direct) | -| `mixed` | [Mixed](./mixed) | -| `socks` | [SOCKS](./socks) | -| `http` | [HTTP](./http) | -| `shadowsocks` | [Shadowsocks](./shadowsocks) | -| `vmess` | [VMess](./vmess) | -| `trojan` | [Trojan](./trojan) | -| `naive` | [Naive](./naive) | -| `hysteria` | [Hysteria](./hysteria) | -| `tun` | [Tun](./tun) | -| `redirect` | [Redirect](./redirect) | -| `tproxy` | [TProxy](./tproxy) | +| 类型 | 格式 | 注入支持 | +|---------------|------------------------------|------| +| `direct` | [Direct](./direct) | X | +| `mixed` | [Mixed](./mixed) | TCP | +| `socks` | [SOCKS](./socks) | TCP | +| `http` | [HTTP](./http) | TCP | +| `shadowsocks` | [Shadowsocks](./shadowsocks) | TCP | +| `vmess` | [VMess](./vmess) | TCP | +| `trojan` | [Trojan](./trojan) | TCP | +| `naive` | [Naive](./naive) | X | +| `hysteria` | [Hysteria](./hysteria) | X | +| `tun` | [Tun](./tun) | X | +| `redirect` | [Redirect](./redirect) | X | +| `tproxy` | [TProxy](./tproxy) | X | #### tag diff --git a/docs/configuration/inbound/mixed.md b/docs/configuration/inbound/mixed.md index 9e788011..ea6eabf6 100644 --- a/docs/configuration/inbound/mixed.md +++ b/docs/configuration/inbound/mixed.md @@ -4,32 +4,26 @@ ```json { - "inbounds": [ + "type": "mixed", + "tag": "mixed-in", + + ... // Listen Fields + + "users": [ { - "type": "mixed", - "tag": "mixed-in", - - "listen": "::", - "listen_port": 2080, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, - - "users": [ - { - "username": "admin", - "password": "admin" - } - ], - "set_system_proxy": false + "username": "admin", + "password": "admin" } - ] + ], + "set_system_proxy": false } ``` -### Mixed Fields +### Listen Fields + +See [Listen Fields](/configuration/shared/listen) for details. + +### Fields #### users @@ -39,52 +33,6 @@ No authentication required if empty. #### set_system_proxy -!!! error "" - - Only supported on Linux, Android, Windows, and macOS. - -Automatically set system proxy configuration when start and clean up when stop. - -### Listen Fields - -#### listen - -==Required== - -Listen address. - -#### listen_port - -==Required== - -Listen port. - -#### tcp_fast_open - -Enable tcp fast open for listener. - -#### sniff - -Enable sniffing. - -See [Protocol Sniff](/configuration/route/sniff/) for details. - -#### sniff_override_destination - -Override the connection destination address with the sniffed domain. - -If the domain name is invalid (like tor), this will not work. - -#### domain_strategy - -One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. - -If set, the requested domain name will be resolved to IP before routing. - -If `sniff_override_destination` is in effect, its value will be taken as a fallback. - -#### set_system_proxy - !!! error "" Only supported on Linux, Android, Windows, and macOS. diff --git a/docs/configuration/inbound/mixed.zh.md b/docs/configuration/inbound/mixed.zh.md index eda8315c..8af8fea4 100644 --- a/docs/configuration/inbound/mixed.zh.md +++ b/docs/configuration/inbound/mixed.zh.md @@ -4,38 +4,32 @@ ```json { - "inbounds": [ + "type": "mixed", + "tag": "mixed-in", + + ... // 监听字段 + + "users": [ { - "type": "mixed", - "tag": "mixed-in", - - "listen": "::", - "listen_port": 2080, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, - - "users": [ - { - "username": "admin", - "password": "admin" - } - ], - "set_system_proxy": false + "username": "admin", + "password": "admin" } - ] + ], + "set_system_proxy": false } ``` -### Mixed 字段 +### 监听字段 + +参阅 [监听字段](/zh/configuration/shared/listen/)。 + +### 字段 #### users SOCKS 和 HTTP 用户 -默认不需要验证。 +如果为空则不需要验证。 #### set_system_proxy @@ -43,46 +37,4 @@ SOCKS 和 HTTP 用户 仅支持 Linux、Android、Windows 和 macOS。 -启动时自动设置系统代理,停止时自动清理。 - -### 监听字段 - -#### listen - -==必填== - -监听地址。 - -#### listen_port - -==必填== - -监听端口。 - -#### tcp_fast_open - -为监听器启用 TCP 快速打开。 - -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/)。 - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 - -#### proxy_protocol - -解析连接头中的 [代理协议](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)。 +启动时自动设置系统代理,停止时自动清理。 \ No newline at end of file diff --git a/docs/configuration/inbound/naive.md b/docs/configuration/inbound/naive.md index 1448692c..35ad1096 100644 --- a/docs/configuration/inbound/naive.md +++ b/docs/configuration/inbound/naive.md @@ -2,29 +2,19 @@ ```json { - "inbounds": [ + "type": "naive", + "tag": "naive-in", + "network": "udp", + + ... // Listen Fields + + "users": [ { - "type": "naive", - "tag": "naive-in", - - "listen": "::", - "listen_port": 443, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, - - "network": "udp", - "users": [ - { - "username": "sekai", - "password": "password" - } - ], - "tls": {} + "username": "sekai", + "password": "password" } - ] + ], + "tls": {} } ``` @@ -32,7 +22,11 @@ HTTP3 transport is not included by default, see [Installation](/#installation). -### Naive Fields +### Listen Fields + +See [Listen Fields](/configuration/shared/listen) for details. + +### Fields #### network @@ -48,46 +42,4 @@ Naive users. #### tls -TLS configuration, see [TLS](/configuration/shared/tls/#inbound). - -### Listen Fields - -#### listen - -==Required== - -Listen address. - -#### listen_port - -==Required== - -Listen port. - -#### tcp_fast_open - -Enable tcp fast open for listener. - -#### sniff - -Enable sniffing. - -See [Protocol Sniff](/configuration/route/sniff/) for details. - -#### sniff_override_destination - -Override the connection destination address with the sniffed domain. - -If the domain name is invalid (like tor), this will not work. - -#### domain_strategy - -One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. - -If set, the requested domain name will be resolved to IP before routing. - -If `sniff_override_destination` is in effect, its value will be taken as a fallback. - -#### proxy_protocol - -Parse [Proxy Protocol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) in the connection header. \ No newline at end of file +TLS configuration, see [TLS](/configuration/shared/tls/#inbound). \ No newline at end of file diff --git a/docs/configuration/inbound/naive.zh.md b/docs/configuration/inbound/naive.zh.md index 2da3007e..083d6429 100644 --- a/docs/configuration/inbound/naive.zh.md +++ b/docs/configuration/inbound/naive.zh.md @@ -2,29 +2,19 @@ ```json { - "inbounds": [ - { - "type": "naive", - "tag": "naive-in", - - "listen": "::", - "listen_port": 443, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, + "type": "naive", + "tag": "naive-in", + "network": "udp", - "network": "udp", - "users": [ - { - "username": "sekai", - "password": "password" - } - ], - "tls": {} + ... // 监听字段 + + "users": [ + { + "username": "sekai", + "password": "password" } - ] + ], + "tls": {} } ``` @@ -32,7 +22,11 @@ 默认安装不包含 HTTP3 传输层, 参阅 [安装](/zh/#_2)。 -### Naive 字段 +### 监听字段 + +参阅 [监听字段](/zh/configuration/shared/listen/)。 + +### 字段 #### network @@ -48,46 +42,4 @@ Naive 用户。 #### tls -TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#inbound)。 - -### 监听字段 - -#### listen - -==必填== - -监听地址。 - -#### listen_port - -==必填== - -监听端口。 - -#### tcp_fast_open - -为监听器启用 TCP 快速打开。 - -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/)。 - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 - -#### proxy_protocol - -解析连接头中的 [代理协议](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)。 +TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#inbound)。 \ No newline at end of file diff --git a/docs/configuration/inbound/redirect.md b/docs/configuration/inbound/redirect.md index c5a695bf..952945f2 100644 --- a/docs/configuration/inbound/redirect.md +++ b/docs/configuration/inbound/redirect.md @@ -2,51 +2,13 @@ ```json { - "inbounds": [ - { - "type": "redirect", - "tag": "redirect-in", - - "listen": "::", - "listen_port": 5353, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6" - } - ] + "type": "redirect", + "tag": "redirect-in", + + ... // Listen Fields } ``` ### Listen Fields -#### listen - -==Required== - -Listen address. - -#### listen_port - -==Required== - -Listen port. - -#### sniff - -Enable sniffing. - -See [Protocol Sniff](/configuration/route/sniff/) for details. - -#### sniff_override_destination - -Override the connection destination address with the sniffed domain. - -If the domain name is invalid (like tor), this will not work. - -#### domain_strategy - -One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. - -If set, the requested domain name will be resolved to IP before routing. - -If `sniff_override_destination` is in effect, its value will be taken as a fallback. \ No newline at end of file +See [Listen Fields](/configuration/shared/listen) for details. diff --git a/docs/configuration/inbound/redirect.zh.md b/docs/configuration/inbound/redirect.zh.md index 96d4ab3f..7fed86ee 100644 --- a/docs/configuration/inbound/redirect.zh.md +++ b/docs/configuration/inbound/redirect.zh.md @@ -2,51 +2,12 @@ ```json { - "inbounds": [ - { - "type": "redirect", - "tag": "redirect-in", - - "listen": "::", - "listen_port": 5353, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6" - } - ] + "type": "redirect", + "tag": "redirect-in", + + ... // 监听字段 } ``` - ### 监听字段 -#### listen - -==必填== - -监听地址。 - -#### listen_port - -==必填== - -监听端口。 - -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/)。 - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 \ No newline at end of file +参阅 [监听字段](/zh/configuration/shared/listen/)。 diff --git a/docs/configuration/inbound/shadowsocks.md b/docs/configuration/inbound/shadowsocks.md index cf67f277..f915e452 100644 --- a/docs/configuration/inbound/shadowsocks.md +++ b/docs/configuration/inbound/shadowsocks.md @@ -2,25 +2,13 @@ ```json { - "inbounds": [ - { - "type": "shadowsocks", - "tag": "ss-in", - - "listen": "::", - "listen_port": 5353, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "udp_timeout": 300, - "network": "udp", - "proxy_protocol": false, - - "method": "2022-blake3-aes-128-gcm", - "password": "8JCsPssfgS8tiRwiMlhARg==" - } - ] + "type": "shadowsocks", + "tag": "ss-in", + + ... // Listen Fields + + "method": "2022-blake3-aes-128-gcm", + "password": "8JCsPssfgS8tiRwiMlhARg==" } ``` @@ -28,17 +16,12 @@ ```json { - "inbounds": [ + "method": "2022-blake3-aes-128-gcm", + "password": "8JCsPssfgS8tiRwiMlhARg==", + "users": [ { - "type": "shadowsocks", - "method": "2022-blake3-aes-128-gcm", - "password": "8JCsPssfgS8tiRwiMlhARg==", - "users": [ - { - "name": "sekai", - "password": "PCD2Z4o12bKUoFa3cC97Hw==" - } - ] + "name": "sekai", + "password": "PCD2Z4o12bKUoFa3cC97Hw==" } ] } @@ -48,25 +31,25 @@ ```json { - "inbounds": [ + "type": "shadowsocks", + "method": "2022-blake3-aes-128-gcm", + "password": "8JCsPssfgS8tiRwiMlhARg==", + "destinations": [ { - "type": "shadowsocks", - "method": "2022-blake3-aes-128-gcm", - "password": "8JCsPssfgS8tiRwiMlhARg==", - "destinations": [ - { - "name": "test", - "server": "example.com", - "server_port": 8080, - "password": "PCD2Z4o12bKUoFa3cC97Hw==" - } - ] + "name": "test", + "server": "example.com", + "server_port": 8080, + "password": "PCD2Z4o12bKUoFa3cC97Hw==" } ] } ``` -### Shadowsocks Fields +### Listen Fields + +See [Listen Fields](/configuration/shared/listen) for details. + +### Fields #### network diff --git a/docs/configuration/inbound/shadowsocks.zh.md b/docs/configuration/inbound/shadowsocks.zh.md index 0e5ff607..1c26510c 100644 --- a/docs/configuration/inbound/shadowsocks.zh.md +++ b/docs/configuration/inbound/shadowsocks.zh.md @@ -2,25 +2,13 @@ ```json { - "inbounds": [ - { - "type": "shadowsocks", - "tag": "ss-in", - - "listen": "::", - "listen_port": 5353, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "udp_timeout": 300, - "network": "udp", - "proxy_protocol": false, - - "method": "2022-blake3-aes-128-gcm", - "password": "8JCsPssfgS8tiRwiMlhARg==" - } - ] + "type": "shadowsocks", + "tag": "ss-in", + + ... // 监听字段 + + "method": "2022-blake3-aes-128-gcm", + "password": "8JCsPssfgS8tiRwiMlhARg==" } ``` @@ -28,17 +16,12 @@ ```json { - "inbounds": [ + "method": "2022-blake3-aes-128-gcm", + "password": "8JCsPssfgS8tiRwiMlhARg==", + "users": [ { - "type": "shadowsocks", - "method": "2022-blake3-aes-128-gcm", - "password": "8JCsPssfgS8tiRwiMlhARg==", - "users": [ - { - "name": "sekai", - "password": "PCD2Z4o12bKUoFa3cC97Hw==" - } - ] + "name": "sekai", + "password": "PCD2Z4o12bKUoFa3cC97Hw==" } ] } @@ -48,25 +31,25 @@ ```json { - "inbounds": [ + "type": "shadowsocks", + "method": "2022-blake3-aes-128-gcm", + "password": "8JCsPssfgS8tiRwiMlhARg==", + "destinations": [ { - "type": "shadowsocks", - "method": "2022-blake3-aes-128-gcm", - "password": "8JCsPssfgS8tiRwiMlhARg==", - "destinations": [ - { - "name": "test", - "server": "example.com", - "server_port": 8080, - "password": "PCD2Z4o12bKUoFa3cC97Hw==" - } - ] + "name": "test", + "server": "example.com", + "server_port": 8080, + "password": "PCD2Z4o12bKUoFa3cC97Hw==" } ] } ``` -### Shadowsocks 字段 +### Listen Fields + +See [Listen Fields](/configuration/shared/listen) for details. + +### 字段 #### network @@ -98,50 +81,4 @@ |---------------|-------------------------------| | none | / | | 2022 methods | `openssl rand -base64 <密钥长度>` | -| other methods | 任意字符串 | - -### 监听字段 - -#### listen - -==必填== - -监听地址。 - -#### listen_port - -==必填== - -监听端口。 - -#### tcp_fast_open - -为监听器启用 TCP 快速打开。 - -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/)。 - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 - -#### udp_timeout - -UDP NAT 过期时间,以秒为单位,默认为 300(5 分钟)。 - -#### proxy_protocol - -解析连接头中的 [代理协议](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)。 +| other methods | 任意字符串 | \ No newline at end of file diff --git a/docs/configuration/inbound/socks.md b/docs/configuration/inbound/socks.md index 459209f9..59f7d96f 100644 --- a/docs/configuration/inbound/socks.md +++ b/docs/configuration/inbound/socks.md @@ -4,76 +4,28 @@ ```json { - "inbounds": [ - { - "type": "socks", - "tag": "socks-in", - - "listen": "::", - "listen_port": 2080, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, + "type": "socks", + "tag": "socks-in", - "users": [ - { - "username": "admin", - "password": "admin" - } - ] + ... // Listen Fields + + "users": [ + { + "username": "admin", + "password": "admin" } ] } ``` -### SOCKS Fields +### Listen Fields + +See [Listen Fields](/configuration/shared/listen) for details. + +### Fields #### users SOCKS users. No authentication required if empty. - -### Listen Fields - -#### listen - -==Required== - -Listen address. - -#### listen_port - -==Required== - -Listen port. - -#### tcp_fast_open - -Enable tcp fast open for listener. - -#### sniff - -Enable sniffing. - -See [Protocol Sniff](/configuration/route/sniff/) for details. - -#### sniff_override_destination - -Override the connection destination address with the sniffed domain. - -If the domain name is invalid (like tor), this will not work. - -#### domain_strategy - -One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. - -If set, the requested domain name will be resolved to IP before routing. - -If `sniff_override_destination` is in effect, its value will be taken as a fallback. - -#### proxy_protocol - -Parse [Proxy Protocol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) in the connection header. diff --git a/docs/configuration/inbound/socks.zh.md b/docs/configuration/inbound/socks.zh.md index f3a65124..90314526 100644 --- a/docs/configuration/inbound/socks.zh.md +++ b/docs/configuration/inbound/socks.zh.md @@ -4,76 +4,28 @@ ```json { - "inbounds": [ - { - "type": "socks", - "tag": "socks-in", - - "listen": "::", - "listen_port": 2080, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, + "type": "socks", + "tag": "socks-in", - "users": [ - { - "username": "admin", - "password": "admin" - } - ] + ... // 监听字段 + + "users": [ + { + "username": "admin", + "password": "admin" } ] } ``` -### SOCKS 字段 +### 监听字段 + +参阅 [监听字段](/zh/configuration/shared/listen/)。 + +### 字段 #### users SOCKS 用户 -默认不需要验证。 - -### Listen Fields - -#### listen - -==必填== - -监听地址。 - -#### listen_port - -==必填== - -监听端口。 - -#### tcp_fast_open - -为监听器启用 TCP 快速打开。 - -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/)。 - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 - -#### proxy_protocol - -解析连接头中的 [代理协议](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)。 \ No newline at end of file +如果为空则不需要验证。 diff --git a/docs/configuration/inbound/tproxy.md b/docs/configuration/inbound/tproxy.md index 2ce672d6..5e1db83f 100644 --- a/docs/configuration/inbound/tproxy.md +++ b/docs/configuration/inbound/tproxy.md @@ -2,66 +2,23 @@ ```json { - "inbounds": [ - { - "type": "tproxy", - "tag": "tproxy-in", - - "listen": "::", - "listen_port": 5353, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "udp_timeout": 300, - - "network": "udp" - } - ] + "type": "tproxy", + "tag": "tproxy-in", + + ... // Listen Fields + + "network": "udp" } ``` -### TProxy Fields +### Listen Fields + +See [Listen Fields](/configuration/shared/listen) for details. + +### Fields #### network Listen network, one of `tcp` `udp`. Both if empty. - -### Listen Fields - -#### listen - -==Required== - -Listen address. - -#### listen_port - -==Required== - -Listen port. - -#### sniff - -Enable sniffing. - -See [Protocol Sniff](/configuration/route/sniff/) for details. - -#### sniff_override_destination - -Override the connection destination address with the sniffed domain. - -If the domain name is invalid (like tor), this will not work. - -#### domain_strategy - -One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. - -If set, the requested domain name will be resolved to IP before routing. - -If `sniff_override_destination` is in effect, its value will be taken as a fallback. - -#### udp_timeout - -UDP NAT expiration time in seconds, default is 300 (5 minutes). diff --git a/docs/configuration/inbound/tproxy.zh.md b/docs/configuration/inbound/tproxy.zh.md index 63d83291..42526377 100644 --- a/docs/configuration/inbound/tproxy.zh.md +++ b/docs/configuration/inbound/tproxy.zh.md @@ -2,66 +2,23 @@ ```json { - "inbounds": [ - { - "type": "tproxy", - "tag": "tproxy-in", - - "listen": "::", - "listen_port": 5353, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "udp_timeout": 300, - - "network": "udp" - } - ] + "type": "tproxy", + "tag": "tproxy-in", + + ... // 监听字段 + + "network": "udp" } ``` -### TProxy 字段 +### 监听字段 + +参阅 [监听字段](/zh/configuration/shared/listen/)。 + +### 字段 #### network 监听的网络协议,`tcp` `udp` 之一。 默认所有。 - -### 监听字段 - -#### listen - -==必填== - -监听地址。 - -#### listen_port - -==必填== - -监听端口。 - -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/)。 - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 - -#### udp_timeout - -UDP NAT 过期时间,以秒为单位,默认为 300(5 分钟)。 \ No newline at end of file diff --git a/docs/configuration/inbound/trojan.md b/docs/configuration/inbound/trojan.md index 5b864c66..cdaf8f50 100644 --- a/docs/configuration/inbound/trojan.md +++ b/docs/configuration/inbound/trojan.md @@ -2,43 +2,37 @@ ```json { - "inbounds": [ - { - "type": "trojan", - "tag": "trojan-in", - - "listen": "::", - "listen_port": 2080, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, + "type": "trojan", + "tag": "trojan-in", - "users": [ - { - "name": "sekai", - "password": "8JCsPssfgS8tiRwiMlhARg==" - } - ], - "tls": {}, - "fallback": { - "server": "127.0.0.1", - "server_port": 8080 - }, - "fallback_for_alpn": { - "http/1.1": { - "server": "127.0.0.1", - "server_port": 8081 - } - }, - "transport": {} + ... // Listen Fields + + "users": [ + { + "name": "sekai", + "password": "8JCsPssfgS8tiRwiMlhARg==" } - ] + ], + "tls": {}, + "fallback": { + "server": "127.0.0.1", + "server_port": 8080 + }, + "fallback_for_alpn": { + "http/1.1": { + "server": "127.0.0.1", + "server_port": 8081 + } + }, + "transport": {} } ``` -### Trojan Fields +### Listen Fields + +See [Listen Fields](/configuration/shared/listen) for details. + +### Fields #### users @@ -67,45 +61,3 @@ If not empty, TLS fallback requests with ALPN not in this table will be rejected #### transport V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport). - -### Listen Fields - -#### listen - -==Required== - -Listen address. - -#### listen_port - -==Required== - -Listen port. - -#### tcp_fast_open - -Enable tcp fast open for listener. - -#### sniff - -Enable sniffing. - -See [Protocol Sniff](/configuration/route/sniff/) for details. - -#### sniff_override_destination - -Override the connection destination address with the sniffed domain. - -If the domain name is invalid (like tor), this will not work. - -#### domain_strategy - -One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. - -If set, the requested domain name will be resolved to IP before routing. - -If `sniff_override_destination` is in effect, its value will be taken as a fallback. - -#### proxy_protocol - -Parse [Proxy Protocol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) in the connection header. \ No newline at end of file diff --git a/docs/configuration/inbound/trojan.zh.md b/docs/configuration/inbound/trojan.zh.md index 392645ad..6cc8c475 100644 --- a/docs/configuration/inbound/trojan.zh.md +++ b/docs/configuration/inbound/trojan.zh.md @@ -2,41 +2,37 @@ ```json { - "inbounds": [ + "type": "trojan", + "tag": "trojan-in", + + ... // 监听字段 + + "users": [ { - "type": "trojan", - "tag": "trojan-in", - "listen": "::", - "listen_port": 2080, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, - "users": [ - { - "name": "sekai", - "password": "8JCsPssfgS8tiRwiMlhARg==" - } - ], - "tls": {}, - "fallback": { - "server": "127.0.0.1", - "server_port": 8080 - }, - "fallback_for_alpn": { - "http/1.1": { - "server": "127.0.0.1", - "server_port": 8081 - } - }, - "transport": {} + "name": "sekai", + "password": "8JCsPssfgS8tiRwiMlhARg==" } - ] + ], + "tls": {}, + "fallback": { + "server": "127.0.0.1", + "server_port": 8080 + }, + "fallback_for_alpn": { + "http/1.1": { + "server": "127.0.0.1", + "server_port": 8081 + } + }, + "transport": {} } ``` -### Trojan 字段 +### 监听字段 + +参阅 [监听字段](/zh/configuration/shared/listen/)。 + +### 字段 #### users @@ -66,46 +62,4 @@ TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#inbound)。 #### transport -V2Ray 传输配置,参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport)。 - -### 监听字段 - -#### listen - -==必填== - -监听地址。 - -#### listen_port - -==必填== - -监听端口。 - -#### tcp_fast_open - -为监听器启用 TCP 快速打开。 - -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/)。 - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 - -#### proxy_protocol - -解析连接头中的 [代理协议](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)。 +V2Ray 传输配置,参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport)。 \ No newline at end of file diff --git a/docs/configuration/inbound/tun.md b/docs/configuration/inbound/tun.md index 64bf5e3b..8d7666f7 100644 --- a/docs/configuration/inbound/tun.md +++ b/docs/configuration/inbound/tun.md @@ -6,48 +6,41 @@ ```json { - "inbounds": [ - { - "type": "tun", - "tag": "tun-in", - "interface_name": "tun0", - "inet4_address": "172.19.0.1/30", - "inet6_address": "fdfe:dcba:9876::1/128", - "mtu": 1500, - "auto_route": true, - "strict_route": true, - "endpoint_independent_nat": false, - "udp_timeout": 300, - "stack": "gvisor", - "include_uid": [ - 0 - ], - "include_uid_range": [ - [ - "1000-99999" - ] - ], - "exclude_uid": [ - 1000 - ], - "exclude_uid_range": [ - "1000-99999" - ], - "include_android_user": [ - 0, - 10 - ], - "include_package": [ - "com.android.chrome" - ], - "exclude_package": [ - "com.android.captiveportallogin" - ], - "sniff": true, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv4" - } - ] + "type": "tun", + "tag": "tun-in", + + "interface_name": "tun0", + "inet4_address": "172.19.0.1/30", + "inet6_address": "fdfe:dcba:9876::1/128", + "mtu": 1500, + "auto_route": true, + "strict_route": true, + "endpoint_independent_nat": false, + "stack": "gvisor", + "include_uid": [ + 0 + ], + "include_uid_range": [ + "1000-99999" + ], + "exclude_uid": [ + 1000 + ], + "exclude_uid_range": [ + "1000-99999" + ], + "include_android_user": [ + 0, + 10 + ], + "include_package": [ + "com.android.chrome" + ], + "exclude_package": [ + "com.android.captiveportallogin" + ], + + ... // Listen Fields } ``` @@ -59,7 +52,7 @@ If tun is running in non-privileged mode, addresses and MTU will not be configured automatically, please make sure the settings are accurate. -### Tun Fields +### Fields #### interface_name @@ -163,22 +156,4 @@ Exclude android packages in route. ### Listen Fields -#### sniff - -Enable sniffing. - -See [Protocol Sniff](/configuration/route/sniff/) for details. - -#### sniff_override_destination - -Override the connection destination address with the sniffed domain. - -If the domain name is invalid (like tor), this will not work. - -#### domain_strategy - -One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. - -If set, the requested domain name will be resolved to IP before routing. - -If `sniff_override_destination` is in effect, its value will be taken as a fallback. \ No newline at end of file +See [Listen Fields](/configuration/shared/listen) for details. diff --git a/docs/configuration/inbound/tun.zh.md b/docs/configuration/inbound/tun.zh.md index e1257195..b85b3450 100644 --- a/docs/configuration/inbound/tun.zh.md +++ b/docs/configuration/inbound/tun.zh.md @@ -6,48 +6,41 @@ ```json { - "inbounds": [ - { - "type": "tun", - "tag": "tun-in", - "interface_name": "tun0", - "inet4_address": "172.19.0.1/30", - "inet6_address": "fdfe:dcba:9876::1/128", - "mtu": 1500, - "auto_route": true, - "strict_route": true, - "endpoint_independent_nat": false, - "udp_timeout": 300, - "stack": "gvisor", - "include_uid": [ - 0 - ], - "include_uid_range": [ - [ - "1000-99999" - ] - ], - "exclude_uid": [ - 1000 - ], - "exclude_uid_range": [ - "1000-99999" - ], - "include_android_user": [ - 0, - 10 - ], - "include_package": [ - "com.android.chrome" - ], - "exclude_package": [ - "com.android.captiveportallogin" - ], - "sniff": true, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv4" - } - ] + "type": "tun", + "tag": "tun-in", + + "interface_name": "tun0", + "inet4_address": "172.19.0.1/30", + "inet6_address": "fdfe:dcba:9876::1/128", + "mtu": 1500, + "auto_route": true, + "strict_route": true, + "endpoint_independent_nat": false, + "stack": "gvisor", + "include_uid": [ + 0 + ], + "include_uid_range": [ + "1000-99999" + ], + "exclude_uid": [ + 1000 + ], + "exclude_uid_range": [ + "1000-99999" + ], + "include_android_user": [ + 0, + 10 + ], + "include_package": [ + "com.android.chrome" + ], + "exclude_package": [ + "com.android.captiveportallogin" + ], + + ... // 监听字段 } ``` @@ -162,22 +155,4 @@ TCP/IP 栈。 ### 监听字段 -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/)。 - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 +参阅 [监听字段](/zh/configuration/shared/listen/)。 \ No newline at end of file diff --git a/docs/configuration/inbound/vmess.md b/docs/configuration/inbound/vmess.md index 3a185502..2439d6e1 100644 --- a/docs/configuration/inbound/vmess.md +++ b/docs/configuration/inbound/vmess.md @@ -2,34 +2,28 @@ ```json { - "inbounds": [ - { - "type": "vmess", - "tag": "vmess-in", - - "listen": "::", - "listen_port": 2080, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, + "type": "vmess", + "tag": "vmess-in", - "users": [ - { - "name": "sekai", - "uuid": "bf000d23-0752-40b4-affe-68f7707a9661", - "alterId": 0 - } - ], - "tls": {}, - "transport": {} + ... // Listen Fields + + "users": [ + { + "name": "sekai", + "uuid": "bf000d23-0752-40b4-affe-68f7707a9661", + "alterId": 0 } - ] + ], + "tls": {}, + "transport": {} } ``` -### VMess Fields +### Listen Fields + +See [Listen Fields](/configuration/shared/listen) for details. + +### Fields #### users @@ -53,45 +47,3 @@ TLS configuration, see [TLS](/configuration/shared/tls/#inbound). #### transport V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport). - -### Listen Fields - -#### listen - -==Required== - -Listen address. - -#### listen_port - -==Required== - -Listen port. - -#### tcp_fast_open - -Enable tcp fast open for listener. - -#### sniff - -Enable sniffing. - -See [Protocol Sniff](/configuration/route/sniff/) for details. - -#### sniff_override_destination - -Override the connection destination address with the sniffed domain. - -If the domain name is invalid (like tor), this will not work. - -#### domain_strategy - -One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. - -If set, the requested domain name will be resolved to IP before routing. - -If `sniff_override_destination` is in effect, its value will be taken as a fallback. - -#### proxy_protocol - -Parse [Proxy Protocol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) in the connection header. \ No newline at end of file diff --git a/docs/configuration/inbound/vmess.zh.md b/docs/configuration/inbound/vmess.zh.md index 3509b08f..ae90145b 100644 --- a/docs/configuration/inbound/vmess.zh.md +++ b/docs/configuration/inbound/vmess.zh.md @@ -2,34 +2,28 @@ ```json { - "inbounds": [ - { - "type": "vmess", - "tag": "vmess-in", - - "listen": "::", - "listen_port": 2080, - "tcp_fast_open": false, - "sniff": false, - "sniff_override_destination": false, - "domain_strategy": "prefer_ipv6", - "proxy_protocol": false, + "type": "vmess", + "tag": "vmess-in", - "users": [ - { - "name": "sekai", - "uuid": "bf000d23-0752-40b4-affe-68f7707a9661", - "alterId": 0 - } - ], - "tls": {}, - "transport": {} + ... // 监听字段 + + "users": [ + { + "name": "sekai", + "uuid": "bf000d23-0752-40b4-affe-68f7707a9661", + "alterId": 0 } - ] + ], + "tls": {}, + "transport": {} } ``` -### VMess 字段 +### 监听字段 + +参阅 [监听字段](/zh/configuration/shared/listen/)。 + +### 字段 #### users @@ -53,45 +47,3 @@ TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#inbound)。 #### transport V2Ray 传输配置,参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport)。 - -### 监听字段 - -#### listen - -==必填== - -监听地址。 - -#### listen_port - -==必填== - -监听端口。 - -#### tcp_fast_open - -为监听器启用 TCP 快速打开。 - -#### sniff - -启用协议探测。 - -参阅 [协议探测](/zh/configuration/route/sniff/)。 - -#### sniff_override_destination - -用探测出的域名覆盖连接目标地址。 - -如果域名无效(如 Tor),将不生效。 - -#### domain_strategy - -可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 - -如果设置,请求的域名将在路由之前解析为 IP。 - -如果 `sniff_override_destination` 生效,它的值将作为后备。 - -#### proxy_protocol - -解析连接头中的 [代理协议](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)。 diff --git a/docs/configuration/shared/dial.md b/docs/configuration/shared/dial.md new file mode 100644 index 00000000..020cb39f --- /dev/null +++ b/docs/configuration/shared/dial.md @@ -0,0 +1,69 @@ +### Structure + +```json +{ + "detour": "upstream-out", + "bind_interface": "en0", + "bind_address": "0.0.0.0", + "routing_mark": 1234, + "reuse_addr": false, + "connect_timeout": "5s", + "tcp_fast_open": false, + "domain_strategy": "prefer_ipv6", + "fallback_delay": "300ms" +} +``` + +### Fields + +#### detour + +The tag of the upstream outbound. + +Other dial fields will be ignored when enabled. + +#### bind_interface + +The network interface to bind to. + +#### bind_address + +The address to bind to. + +#### routing_mark + +!!! error "" + + Only supported on Linux. + +Set netfilter routing mark. + +#### reuse_addr + +Reuse listener address. + +#### connect_timeout + +Connect timeout, in golang's Duration format. + +A duration string is a possibly signed sequence of +decimal numbers, each with optional fraction and a unit suffix, +such as "300ms", "-1.5h" or "2h45m". +Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + +#### domain_strategy + +One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. + +If set, the requested domain name will be resolved to IP before connect. + +`dns.strategy` will be used if empty. + +#### fallback_delay + +The length of time to wait before spawning a RFC 6555 Fast Fallback connection. +That is, is the amount of time to wait for IPv6 to succeed before assuming +that IPv6 is misconfigured and falling back to IPv4 if `prefer_ipv4` is set. +If zero, a default delay of 300ms is used. + +Only take effect when `domain_strategy` is `prefer_ipv4` or `prefer_ipv6`. \ No newline at end of file diff --git a/docs/configuration/shared/dial.zh.md b/docs/configuration/shared/dial.zh.md new file mode 100644 index 00000000..b150164c --- /dev/null +++ b/docs/configuration/shared/dial.zh.md @@ -0,0 +1,66 @@ +### 结构 + +```json +{ + "detour": "upstream-out", + "bind_interface": "en0", + "bind_address": "0.0.0.0", + "routing_mark": 1234, + "reuse_addr": false, + "connect_timeout": "5s", + "tcp_fast_open": false, + "domain_strategy": "prefer_ipv6", + "fallback_delay": "300ms" +} +``` + +### 字段 + +#### detour + +上游出站的标签。 + +启用时,其他拨号字段将被忽略。 + +#### bind_interface + +要绑定到的网络接口。 + +#### bind_address + +要绑定的地址。 + +#### routing_mark + +!!! error "" + + 仅支持 Linux。 + +设置 netfilter 路由标记。 + +#### reuse_addr + +重用监听地址。 + +#### connect_timeout + +连接超时,采用 golang 的 Duration 格式。 + +持续时间字符串是一个可能有符号的序列十进制数,每个都有可选的分数和单位后缀, 例如 "300ms"、"-1.5h" 或 "2h45m"。 +有效时间单位为 "ns"、"us"(或 "µs")、"ms"、"s"、"m"、"h"。 + +#### domain_strategy + +可选值:`prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 + +如果设置,域名将在请求发出之前解析为 IP。 + +默认使用 `dns.strategy`。 + +#### fallback_delay + +在生成 RFC 6555 快速回退连接之前等待的时间长度。 +也就是说,是在假设之前等待 IPv6 成功的时间量如果设置了 "prefer_ipv4",则 IPv6 配置错误并回退到 IPv4。 +如果为零,则使用 300 毫秒的默认延迟。 + +仅当 `domain_strategy` 为 `prefer_ipv4` 或 `prefer_ipv6` 时生效。 diff --git a/docs/configuration/shared/listen.md b/docs/configuration/shared/listen.md new file mode 100644 index 00000000..67ac75f8 --- /dev/null +++ b/docs/configuration/shared/listen.md @@ -0,0 +1,73 @@ +### Structure + +```json +{ + "listen": "::", + "listen_port": 5353, + "tcp_fast_open": false, + "sniff": false, + "sniff_override_destination": false, + "domain_strategy": "prefer_ipv6", + "udp_timeout": 300, + "proxy_protocol": false, + "detour": "another-in" +} +``` + +### Fields + +| Field | Available Context | +|------------------|-------------------------------------------------------------------| +| `listen` | Needs to listen on TCP or UDP. | +| `listen_port` | Needs to listen on TCP or UDP. | +| `tcp_fast_open` | Needs to listen on TCP. | +| `udp_timeout` | Needs to assemble UDP connections, currently Tun and Shadowsocks. | +| `proxy_protocol` | Needs to listen on TCP. | + +#### listen + +==Required== + +Listen address. + +#### listen_port + +Listen port. + +#### tcp_fast_open + +Enable tcp fast open for listener. + +#### sniff + +Enable sniffing. + +See [Protocol Sniff](/configuration/route/sniff/) for details. + +#### sniff_override_destination + +Override the connection destination address with the sniffed domain. + +If the domain name is invalid (like tor), this will not work. + +#### domain_strategy + +One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. + +If set, the requested domain name will be resolved to IP before routing. + +If `sniff_override_destination` is in effect, its value will be taken as a fallback. + +#### udp_timeout + +UDP NAT expiration time in seconds, default is 300 (5 minutes). + +#### proxy_protocol + +Parse [Proxy Protocol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) in the connection header. + +#### detour + +If set, connections will be forwarded to the specified inbound. + +Requires target inbound support, see [Injectable](/configuration/inbound/#fields). \ No newline at end of file diff --git a/docs/configuration/shared/listen.zh.md b/docs/configuration/shared/listen.zh.md new file mode 100644 index 00000000..bf8a9638 --- /dev/null +++ b/docs/configuration/shared/listen.zh.md @@ -0,0 +1,72 @@ +### 结构 + +```json +{ + "listen": "::", + "listen_port": 5353, + "tcp_fast_open": false, + "sniff": false, + "sniff_override_destination": false, + "domain_strategy": "prefer_ipv6", + "udp_timeout": 300, + "detour": "another-in" +} +``` + +| 字段 | 可用上下文 | +|------------------|-------------------------------------| +| `listen` | 需要监听 TCP 或 UDP。 | +| `listen_port` | 需要监听 TCP 或 UDP。 | +| `tcp_fast_open` | 需要监听 TCP。 | +| `udp_timeout` | 需要组装 UDP 连接, 当前为 Tun 和 Shadowsocks。 | +| `proxy_protocol` | 需要监听 TCP。 | + +### 字段 + +#### listen + +==必填== + +监听地址。 + +#### listen_port + +监听端口。 + +#### tcp_fast_open + +为监听器启用 TCP 快速打开。 + +#### sniff + +启用协议探测。 + +参阅 [协议探测](/zh/configuration/route/sniff/) + +#### sniff_override_destination + +用探测出的域名覆盖连接目标地址。 + +如果域名无效(如 Tor),将不生效。 + +#### domain_strategy + +可选值: `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`。 + +如果设置,请求的域名将在路由之前解析为 IP。 + +如果 `sniff_override_destination` 生效,它的值将作为后备。 + +#### udp_timeout + +UDP NAT 过期时间,以秒为单位,默认为 300(5 分钟)。 + +#### proxy_protocol + +解析连接头中的 [代理协议](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)。 + +#### detour + +如果设置,连接将被转发到指定的入站。 + +需要目标入站支持,参阅 [注入支持](/zh/configuration/inbound/#_3)。 \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index f51b298d..2195dd6f 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -52,6 +52,8 @@ nav: - Experimental: - configuration/experimental/index.md - Shared: + - Inbound Listen Fields: configuration/shared/listen.md + - Outbound Dial Fields: configuration/shared/dial.md - TLS: configuration/shared/tls.md - Multiplex: configuration/shared/multiplex.md - V2Ray Transport: configuration/shared/v2ray-transport.md @@ -150,6 +152,8 @@ plugins: Protocol Sniff: 协议探测 Experimental: 实验性 Shared: 通用 + Inbound Listen Fields: 入站监听字段 + Outbound Dial Fields: 出站拨号字段 Multiplex: 多路复用 V2Ray Transport: V2Ray 传输层 Inbound: 入站 diff --git a/outbound/wireguard.go b/outbound/wireguard.go index a49137ce..b8fca843 100644 --- a/outbound/wireguard.go +++ b/outbound/wireguard.go @@ -223,7 +223,7 @@ func (w *WireGuard) ListenPacket(ctx context.Context, destination M.Socksaddr) ( } func (w *WireGuard) NewConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error { - return NewEarlyConnection(ctx, w, conn, metadata) + return NewConnection(ctx, w, conn, metadata) } func (w *WireGuard) NewPacketConnection(ctx context.Context, conn N.PacketConn, metadata adapter.InboundContext) error {