example:
tls://dns.google
quic://dns.adguard.comAll available DNS schemes:
tcp
tcp+local
udp
udp+local
tls
tls+local
https
https+local
quic
quic+local{
"dns": [
{
"address": "tls://1.0.0.1",
"concurrency": true
}
]
}{
"observatory": {
"enableConcurrency": true
}
}{
"routing": {
"rules": [
{
"type": "field",
"protocol": "dns",
"outbound": "dns-out"
}
]
}
}{
"dns": {
"disableExpire": true
}
}FakeDNS is a bad idea, and v2ray's current implementation
causes memory leaks, whether enabled or not.WireGuard outbound supports proxy ping requests.{
"outbounds": [
{
"protocol": "wireguard",
"settings": {
"address": "engage.cloudflareclient.com",
"localAddresses": [
"<ipv4 address>",
"<ipv6 address>"
],
"peerPublicKey": "<public key>",
"port": 2408,
"preSharedKey": "<psk>",
"privateKey": "<private key>",
"mtu": 1500,
"userLevel": 0
}
}
]
}{
"outbounds": [
{
"protocol": "ssh",
"settings": {
"address": "<your ip>",
"port": 22,
"user": "root",
"password": "<password or passphrase of private key>",
"privateKey": "<x509 private key>",
"publicKey": "<public key to verify server>",
"clientVersion": "SSH-2.0-OpenSSH_114514 (random if empty)",
"hostKeyAlgorithms": [
"ssh-ed25519",
"any u want"
],
"userLevel": 0
}
}
]
}{
"outbounds": [
{
"protocol": "shadowsocks",
"settings": {
...
},
"domainStrategy": "AsIs/UseIP/UseIPv[4/6]/PreferIPv[4/6]"
}
]
}{
"outbounds": [
{
"protocol": "shadowsocks",
"settings": {
"servers": [
{
"address": "127.0.0.1",
"port": 1234,
"method": "2022-blake3-aes-128-gcm",
"password": "<psk>"
}
]
}
}
]
}supported cipher list:
none
2022-blake3-aes-128-gcm
2022-blake3-aes-256-gcm
2022-blake3-chacha20-poly1305
aes-128-gcm
aes-192-gcm
aes-256-gcm
chacha20-ietf-poly1305
xchacha20-ietf-poly1305
rc4
rc4-md5
aes-128-ctr
aes-192-ctr
aes-256-ctr
aes-128-cfb
aes-192-cfb
aes-256-cfb
aes-128-cfb8
aes-192-cfb8
aes-256-cfb8
aes-128-ofb
aes-192-ofb
aes-256-ofb
bf-cfb
cast5-cfb
des-cfb
idea-cfb
rc2-cfb
seed-cfb
camellia-128-cfb
camellia-192-cfb
camellia-256-cfb
camellia-128-cfb8
camellia-192-cfb8
camellia-256-cfb8
salsa20
chacha20
chacha20-ietf
xchacha20{
"outbounds": [
{
"protocol": "shadowsocks",
"settings": {
...
"plugin": "path to plugin",
"pluginOpts": "args;args2",
"pluginArgs": [
"--arg1=true"
]
}
}
]
}{
"outbounds": [
{
"protocol": "shadowsocks",
"settings": {
...
"plugin": "v2ray-plugin",
"pluginOpts": "host=shadow.v2fly.org"
}
}
]
}high performance trojan outbound.
notice: only the origin trojan (tls) protocol is supported.
{
"outbounds": [
{
"protocol": "trojan_sing",
"settings": {
"address": "my.address",
"serverName": "my.domain",
"port": 443,
"password": "my password",
"insecure": false
}
}
]
}Allows the sniffed domain to be used for routing only,
without overriding the destination address.
This improves the routing accuracy of AsIs,
and provides the expected connection behavior of the client
(not resolving the domain name again on the server side){
"inbounds": [
{
...
"sniffing": {
"destOverride": [
"http",
"tls",
"quic"
],
"enabled": true,
"routeOnly": true
},
"tag": "socks"
}
]
}for protocols other than v*ess, no configuration is required.
{
"outbounds": [
{
"protocol": "v[m/l]ess",
"settings": {
"vnext": ...,
"packetEncoding": "[none/packet/xudp]"
// none: disabled
// packet: requires v2ray/v2ray-core v5.0.2+ or SagerNet/v2ray-core
// xudp: requires XTLS/Xray-core or SagerNet/v2ray-core
},
"mux": {
"enabled": true,
"packetEncoding": "[none/packet/xudp]"
// packetEncoding for mux
}
}
]
}{
"ping": {
"protocol": "<default/unprivileged>",
"gateway4": "<0.0.0.0>",
"gateway6": "<::>",
"disableIPv6": true
}
}protocol: udp connection with port 7.
XTLS protocol compatibility for vless and trojan
gRPC multi/raw mode
This repo relies on the following projects: