Open fodhelper opened 3 months ago
Hello can you send us your quic inbound config too
send you inbound and correct type of config output
xray quic server and client config :
"streamSettings": {
"network": "quic",
"quicSettings": {
"security": "chacha20-poly1305",
"key": "abcdefg123",
"header": {
"type": "dtls"
}
},
"security": "none"
}
https://xtls.github.io/en/config/transports/quic.html
QUIC requires TLS to be enabled and if it is not enabled in the Transport Protocol, Xray will issue a self-signed certificate for TLS communication.
tls must be disabled in xray client config (for xray based client apps only- others can't work without tls enabled) but if enabled, allowInsecure must be true too (except when tls certificate is not self signed)
there is a tip in xtls blog :
When neither encryption nor obfuscation is enabled, QUIC transport is compatible with other QUIC tools. However it is recommended to enable either or both for better undetectable communication.
so sing-box and v2fly based client apps support xray's quic config but only if additional encryption and obfuscation type is none (tested it myself and works with a valid tls cert or self sign cert + allowInsecure)
Can you send some json sample for each type ? I want to fix it tonight
Hello @M03ED
{
"tag": "quic-sample-01",
"listen": "0.0.0.0",
"port": 8010,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "quic",
"quicSettings": {
"security": "none",
"key": "",
"header": {
"type": "none"
}
},
"security": "tls",
"tlsSettings": {
"certificates": [
{
"certificate": [
"-----BEGIN CERTIFICATE-----",
"MIIBfzCCASWgAwIBAgIQRl8qtWEIRJKVlKA3zc/zgDAKBggqhkjOPQQDAjAmMREw",
"DwYDVQQKEwhYcmF5IEluYzERMA8GA1UEAxMIWHJheSBJbmMwHhcNMjQwNDI1MTkw",
"NDQ0WhcNMjQwNzI0MjAwNDQ0WjAmMREwDwYDVQQKEwhYcmF5IEluYzERMA8GA1UE",
"AxMIWHJheSBJbmMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ8TfwbliCYpYQa",
"FJpzsav/imgXfmLh7/wyLmbVe8ih50nMsGPzcCAH7gYANf36ryZggz5cpvcuh+YX",
"JG9ucfDcozUwMzAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw",
"DAYDVR0TAQH/BAIwADAKBggqhkjOPQQDAgNIADBFAiEAjf+fBprRN6NtoxTlsfZt",
"U+c7CsutFaBqpjC2qD5mOv8CIFzmn/7+Y+hg0RLlttV+LNPcr4q1dTDttpQhDgua",
"rTK8",
"-----END CERTIFICATE-----"
],
"key": [
"-----BEGIN RSA PRIVATE KEY-----",
"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgfSvb6qARZLme3GYs",
"GloEd5lHBpaerVfDizUG8gw+DmGhRANCAAQ8TfwbliCYpYQaFJpzsav/imgXfmLh",
"7/wyLmbVe8ih50nMsGPzcCAH7gYANf36ryZggz5cpvcuh+YXJG9ucfDc",
"-----END RSA PRIVATE KEY-----"
]
}
]
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
}
},
{
"tag": "quic-sample-02",
"listen": "0.0.0.0",
"port": 8011,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "quic",
"quicSettings": {
"security": "chacha20-poly1305",
"key": "mysecretkey123",
"header": {
"type": "dtls"
}
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
}
Sample 1 is supported by Sing-Box client (Enable allow-insecure or use a valid cert)
Sample 2 is Xray Exclusive because the additional encryption and obfuscation is not supported by other clients
test new pr
Hello quic config of v2rayNG custom config is not correct so it will prevent v2rayNG from updating subscription (raises error on server) sing-box does not support xray-core's quic, and currently having enabled quic config on hosts will prevent sing-box from updating subscription, marzban must do not send quic config to sing-box https://sing-box.sagernet.org/configuration/shared/v2ray-transport/#quic it's not supported by clash or clash.meta too, marzban must do not send quic config to clash or clash.meta
sing box and clash and clash meta does not support mKCP too- i didn't check if marzban sends them to this clients too or not
marzban error while trying to update v2rayNG sub :