荒岛
reality是最近新出的一个协议,目前还没有正式发布,不过现在可以通过编译开发版本的xray来体验。
安装需要用到的软件包:
apt -y update apt -y install curl git build-essential libssl-dev libevent-dev zlib1g-dev gcc-mingw-w64 nginx
安装golang:
curl -L https://go.dev/dl/go1.20.1.linux-amd64.tar.gz -o go1.20.1.linux-amd64.tar.gz tar -C /usr/local -xzf go1.20.1.linux-amd64.tar.gz echo 'export PATH=$PATH:/usr/local/go/bin' > /etc/profile.d/golang.sh source /etc/profile.d/golang.sh
克隆xray的源码:
git clone https://github.com/XTLS/Xray-core.git cd Xray-core
编译linux平台的二进制文件:
go build -o xray -trimpath -ldflags "-s -w -buildid=" ./main
编译windows平台的二进制文件:
env GOOS=windows GOARCH=amd64 CGO_ENABLED=1 CC=x86_64-w64-mingw32-gcc \ go build -o xray.exe -trimpath -ldflags "-s -w -buildid=" ./main
复制编译好的文件:
cp xray /usr/local/bin/
新建sing-box需要用到的目录:
mkdir -p /usr/local/etc/xray
新建systemd服务:
systemctl edit --full --force xray.service
写入如下配置:
[Unit] Description=xray-core service Documentation=https://github.com/XTLS/Xray-core After=network.target nss-lookup.target [Service] CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE ExecStart=/usr/local/bin/xray run -c /usr/local/etc/xray/config.json Restart=on-failure RestartPreventExitStatus=23 LimitNOFILE=infinity [Install] WantedBy=multi-user.target
新建xray的配置文件:
nano /usr/local/etc/xray/config.json
写入如下配置:
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"listen": "127.0.0.1",
"port": 52001,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "1bd974eb-3206-48dd-9c6c-42246e356492",
"flow": "xtls-rprx-vision"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"tcpSettings": {
"acceptProxyProtocol": true
},
"security": "reality",
"realitySettings": {
"show": false,
"dest": "www.cloudflare.com:443",
"xver": 0,
"serverNames": [
"www.cloudflare.com"
],
"privateKey": "GFZ26GRlhDVIdwtv81JwmV-3F7Qqyhl-dsH_IzXIEpE",
"shortIds": [
""
]
}
}
}
],
"outbounds": [
{
"protocol": "freedom"
}
]
}
注意事项:
1、uuid执行如下命令生成:
xray uuid
2、privateKey执行如下命令生成:
xray x25519
回显类似于:
Private key: GFZ26GRlhDVIdwtv81JwmV-3F7Qqyhl-dsH_IzXIEpE Public key: 9lb8zUnMkgy-khsg0cwQxKv83u8Pr0JOkv8G0HxxYRk
3、我配置里面用的网站是cloudflare,你也可以换成别的,但是目标网站有一个最低标准:国外网站,支持TLSv1.3与HTTP2。
4、尽量找与你VPS服务器延迟低的网站,因为需要和目标站TLS握手,如果目标站与你VPS服务器的延迟太高,会影响速度。
启动xray并设置开机自启:
systemctl enable --now xray
确保服务正常运行,注意这里的版本号还是显示的1.7.5,这个可以忽略掉,因为源码里面的版本号还没来得及改:
接下来编辑nginx的主配置文件:
nano /etc/nginx/nginx.conf
写入如下配置,用于sni分流,注意这里启用了proxy_protocol:
stream {
map $ssl_preread_server_name $backend {
www.cloudflare.com reality;
}
upstream reality {
server 127.0.0.1:52001;
}
server {
listen 443 reuseport;
listen [::]:443 reuseport;
proxy_pass $backend;
ssl_preread on;
proxy_protocol on;
}
}
重载nginx使配置生效:
systemctl reload nginx
至此,服务端的配置就全部完成了。
将之前编译好的windows平台的文件下载到你的电脑上,然后将下面的客户端配置保存为config.json文件:
{
"inbounds": [
{
"port": 30080,
"protocol": "socks",
"settings": {
"auth": "noauth",
"udp": true
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "1.2.3.4", // 你的VPS服务器IP
"port": 443,
"users": [
{
"id": "1bd974eb-3206-48dd-9c6c-42246e356492",
"flow": "xtls-rprx-vision",
"encryption": "none"
}
]
}
]
},
"streamSettings": {
"network": "tcp",
"security": "reality",
"realitySettings": {
"show": false,
"fingerprint": "chrome",
"serverName": "www.cloudflare.com",
"publicKey": "9lb8zUnMkgy-khsg0cwQxKv83u8Pr0JOkv8G0HxxYRk",
"shortId": "",
"spiderX": ""
}
}
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {}
},
{
"tag": "direct",
"protocol": "freedom",
"settings": {}
}
],
"routing": {
"domainStrategy": "IPOnDemand",
"rules": [
{
"type": "field",
"outboundTag": "block",
"domain": ["geosite:category-ads-all"]
},
{
"type": "field",
"outboundTag": "direct",
"domain": ["geosite:cn"]
},
{
"type": "field",
"outboundTag": "direct",
"ip": [
"geoip:cn",
"geoip:private"
]
}
]
}
}
启动客户端:
./xray run -c config.json
也可以看看:https://github.com/XTLS/REALITY
大佬,能不能寫一篇Xray tcp xtls-vision reality如何多服務443的教程啊,並且加回落(客戶端不打ip)。「偷」別人證書總覺得⋯
试了一下,速度还行,但是发现了一个问题:reality过不了vmess透明代理,总是显示非法连接,之前的tls和xtls好像都没问题。
加了 listen [::]:443 reuseport; 这个后特别慢,
V2RAYN里的地址填了域名,且配置了IPV6在域名上.
右键测速,比只留第一行监听IPV4要慢许多
大佬 Windows 客户端报错 信息如下 该如何解决
Xray 1.8.1 (Xray, Penetrates Everything.) Custom (go1.20.1 windows/amd64)
A unified platform for anti-censorship.
2023/04/24 13:40:23 [Info] infra/conf/serial: Reading config: config.json
Failed to start: main: failed to load config files: [config.json] > infra/conf: invalid field rule > infra/conf: failed to parse domain rule: geosite:category-ads-all > infra/conf: failed to load geosite: CATEGORY-ADS-ALL > infra/conf: failed to load file: geosite.dat > infra/conf: failed to open file: geosite.dat > open D:\xray\racknerd\geosite.dat: The system cannot find the file specified.
自己解决了 多谢大佬的教程~
如何解决的,能借鉴一下吗,栓q