| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 |
- {
- "log": {
- "loglevel": "warning"
- },
- "routing": {
- "domainStrategy": "IPIfNonMatch",
- "rules": [
- {
- "type": "field",
- "ip": [
- "geoip:cn"
- ],
- "outboundTag": "block"
- }
- ]
- },
- "inbounds": [
- {
- "listen": "0.0.0.0", // "0.0.0.0" Indicates listening to both IPv4 and IPv6
- "port": 443, // The port on which the server listens
- "protocol": "vless",
- "settings": {
- "clients": [
- {
- "id": "", // User ID, perform xray uuid generation, or a string of 1-30 bytes
- "flow": "xtls-rprx-vision"
- }
- ],
- "decryption": "none",
- "fallbacks": [
- {
- "dest": "8001",
- "xver": 1
- },
- {
- "alpn": "h2",
- "dest": "8002",
- "xver": 1
- }
- ]
- },
- "streamSettings": {
- "network": "tcp",
- "security": "tls",
- "tlsSettings": {
- "rejectUnknownSni": true,
- "minVersion": "1.2",
- "certificates": [
- {
- "ocspStapling": 3600,
- "certificateFile": "/etc/ssl/private/fullchain.cer", // For the certificate file, it is recommended to use fullchain (full SSL certificate chain). If there is only a website certificate, v2rayN can be used but v2rayNG cannot be used. Usually, the extension is not distinguished
- "keyFile": "/etc/ssl/private/private.key" // private key file
- }
- ]
- }
- },
- "sniffing": {
- "enabled": true,
- "destOverride": [
- "http",
- "tls"
- ]
- }
- }
- ],
- "outbounds": [
- {
- "protocol": "freedom",
- "tag": "direct"
- },
- {
- "protocol": "blackhole",
- "tag": "block"
- }
- ],
- "policy": {
- "levels": {
- "0": {
- "handshake": 2, // The handshake time limit when the connection is established, in seconds, the default value is 4, it is recommended to be different from the default value
- "connIdle": 120 // Connection idle time limit in seconds, the default value is 300, it is recommended to be different from the default value
- }
- }
- }
- }
|
