Closed hswmartin closed 5 months ago
发下配置文件了
发下配置文件了
root@VM57994:/etc/v2ray-agent/xray/conf# cat 02_VLESS_TCP_inbounds.json
{
"inbounds": [
{
"port": 443,
"protocol": "vless",
"tag": "VLESSTCP",
"settings": {
"clients": [
{
"id": "1d9cd818-e4a7-4966-8074-d77a2a1c4d26",
"flow": "xtls-rprx-vision",
"email": "1d9cd818-VLESS_TCP/TLS_Vision"
}
],
"decryption": "none",
"fallbacks": [
{
"dest": 31300,
"xver": 0
},
{
"alpn": "h2",
"dest": 31302,
"xver": 0
},
{
"path": "/jaktws",
"dest": 31297,
"xver": 1
}
]
},
"add": "example.com",
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"minVersion": "1.2",
"alpn": [
"http/1.1",
"h2"
],
"certificates": [
{
"certificateFile": "/etc/v2ray-agent/tls/example.com.crt",
"keyFile": "/etc/v2ray-agent/tls/example.com.key",
"ocspStapling": 3600,
"usage": "encipherment"
}
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
}
]
}
root@VM57994:/etc/v2ray-agent/xray/conf# cat 07_VLESS_vision_reality_inbounds.json
{
"inbounds": [
{
"port": 443,
"protocol": "vless",
"tag": "VLESSReality",
"settings": {
"clients": [
{
"id": "1d9cd818-e4a7-4966-8074-d77a2a1c4d26",
"email": "1d9cd818-vless_reality_vision",
"flow": "xtls-rprx-vision"
}
],
"decryption": "none",
"fallbacks": [
{
"dest": "31305",
"xver": 1
}
]
},
"streamSettings": {
"network": "tcp",
"security": "reality",
"realitySettings": {
"show": false,
"dest": "example.com:443",
"xver": 0,
"serverNames": [
"example.com"
],
"privateKey": "AOpPJLKmbh1Tbl9sNmIAZf1GuKFiRnxQ1nVJiupVQ0U",
"publicKey": "dxVRRuKKLtpluTOvSN2PzZzN7HLJ9mGEffwZZxuCqSU",
"maxTimeDiff": 70000,
"shortIds": [
""
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
}
]
}
就是上面这两个inbound都生效了,全是监听的443
应该只生效一个,你找台vps手动用安xray,粘贴它生成的配置看看
应该只生效一个,你找台vps手动用安xray,粘贴它生成的配置看看
已经在另一台vps上做了测试,确实两个都生效,我还换了端口测的,这样配置一下,11032这端口三种协议 tls vision,ws,reality全能通
[
{
"listen": "0.0.0.0",
"port": 11032,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "0603da6b-7e60-41a7-b373-5596fe0d4b06",
"flow": "xtls-rprx-vision"
}
],
"decryption": "none",
"fallbacks": [
{
"path": "/txnxws",
"dest": 31297,
"xver": 1
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"rejectUnknownSni": false,
"minVersion": "1.2",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/home/container/ssl/cf.pem",
"keyFile": "/home/container/ssl/cf.key"
}
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
},
{
"listen": "0.0.0.0",
"port": 11032,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "0603da6b-7e60-41a7-b373-5596fe0d4b06",
"flow": "xtls-rprx-vision"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"security": "reality",
"realitySettings": {
"show": false,
"dest": "dl.google.com:443",
"xver": 0,
"serverNames": [
"dl.google.com"
],
"privateKey": "UKJX9lZR0ghHbyBveWQgAVTe7c_siDhS2lbXqaRWqFo",
"minClientVer": "",
"maxClientVer": "",
"maxTimeDiff": 0,
"shortIds": [
"11",
"888888"
]
}
}
},
{
"port": 31297,
"listen": "127.0.0.1",
"protocol": "vless",
"tag": "VLESSWS",
"settings": {
"clients": [
{
"id": "b8148b15-2f5d-4693-aa73-8e52ac48ad2a",
"email": "b8148b15-VLESS_WS"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/txnxws"
},
"tlsSettings": {
"rejectUnknownSni": false,
"minVersion": "1.1"
}
}
}
]
补充信息:操作系统 debian11/amd64, xray 1.8.4, 成功后netstat -lnp, 可以看到同一端口有两个 xray的tcp监听:
一看到v2ray-agent,我就知道是mack-a 的脚本,其实他的脚本,在xray.service里,有修改过。他的脚本配置文件都是分开的,同时监听443,不代表你可以两种不同的协议同时使用,你可以试试在电脑上A协议,手机上B协议,能否同时使用?
实测确实是能同时使用的,上面的配置文件你可以试一下,我也是觉得比较神奇,一个端口被两个协议同时监听了,还都可以用。
Reality是传输层安全协议, VLESS是应用层协议, Vision是VLESS的流控. 这里每一个都建立在前者上.
你想问的其实是为什么Reality和标准TLS能共存, 因为Reality就是修改过的TLS. 具体怎么实现见源代码.
以我这种超级小白,看来,通常xray只会读取一个config.json,当然可以通过修改语法,让xray读取多个json文件(官方文档里有,我记得看过)。这么做,就跟一台vps有x个网站就有x个conf,每一个conf都可以监听443,都可以访问,本质上,其实还是nginx监听443,换汤不换药而已。提问者的测试,具体操作我不清楚,所以我不做评论了。
我看有的脚本自动配置两个inbound同时监听443,也可以用。为什么reality和tls vision现在可以同时监听443端口,这是怎么做到的。而且看到netstat里面有两个443被监听了,好奇这是怎么做到的?
share模式绑定的端口,是可以被二次以share模式绑定的。
你的问题和这个 https://github.com/XTLS/Xray-core/issues/2606 应该是一样的。
你的配置文件是多配置文件,你把那些放站写到1个配置启动,肯定会报端口冲突。
我看有的脚本自动配置两个inbound同时监听443,也可以用。为什么reality和tls vision现在可以同时监听443端口,这是怎么做到的。而且看到netstat里面有两个443被监听了,好奇这是怎么做到的?
share模式绑定的端口,是可以被二次以share模式绑定的。
我认为这个答案可能是对的
我看有的脚本自动配置两个inbound同时监听443,也可以用。为什么reality和tls vision现在可以同时监听443端口,这是怎么做到的。而且看到netstat里面有两个443被监听了,好奇这是怎么做到的?