[ xray ] 优化clash节点的dns配置

2024-04-26 16:25:40 +08:00
parent 4c0c54eacc
commit 97cadb9b7a
7 changed files with 84 additions and 8 deletions
--- a/v2ray示例/98-subscribe-clash.yaml
+++ b/v2ray示例/98-subscribe-clash.yaml
@@ -53,7 +53,8 @@ dns:

 proxies:
  - {"type":"vmess","name":"us-central-free","ws-opts":{"path":"/vmess"},"server":"northflank.107421.xyz","port":443,"uuid":"de04add9-5c68-8bab-950c-08cd5320df18","alterId":0,"cipher":"auto","network":"ws","tls":true}
-  - {"type":"trojan","name":"LosAngels-BanH-Trojan","server":"89.208.251.209","port":443,"password":"V2ryStr0ngP0ss","udp":true,"skip-cert-verify":false,"sni":"xx.l4.cc.nn.107421.xyz","network":"tcp","ws-opts":{"headers":{"host":"xx.l4.cc.nn.107421.xyzh2,http/1.1"}}}
+
+  - {"type":"trojan","name":"LosAngels-BanH-Trojan","server":"89.208.251.209","port":29999,"password":"v2ryStr@ngPa.ss","udp":true,"skip-cert-verify":false,"sni":"xx.l4.cc.nn.107421.xyz","network":"tcp","ws-opts":{"headers":{"host":"xx.l4.cc.nn.107421.xyzh2,http/1.1"}}}
  - {"type":"trojan","name":"Seoul-Trojan","server":"140.238.14.103","port":443,"password":"V2ryStr0ngP0ss","udp":true,"skip-cert-verify":false,"sni":"xx.s4.cc.hh.107421.xyz","network":"tcp","ws-opts":{"headers":{"host":"xx.s4.cc.hh.107421.xyzh2,http/1.1"}}}
  - {"type":"trojan","name":"Osaka-Trojan","server":"140.238.14.103","port":19997,"password":"V2ryStr0ngP0ss","udp":true,"skip-cert-verify":false,"sni":"xx.s4.cc.hh.107421.xyz","network":"tcp","ws-opts":{"headers":{"host":"xx.s4.cc.hh.107421.xyzh2,http/1.1"}}}
  - {"type":"trojan","name":"Tokyo-Trojan","server":"140.238.14.103","port":19999,"password":"V2ryStr0ngP0ss","udp":true,"skip-cert-verify":false,"sni":"xx.s4.cc.hh.107421.xyz","network":"tcp","ws-opts":{"headers":{"host":"xx.s4.cc.hh.107421.xyzh2,http/1.1"}}}
@@ -62,6 +63,7 @@ proxies:
  - {"type":"trojan","name":"HongK-Tencent-Trojan","server":"43.154.83.213","port":443,"password":"V2ryStr0ngP0ss","udp":true,"skip-cert-verify":false,"sni":"xx.tc.hk.go.107421.xyz","network":"tcp"}
  - {"type":"vless","name":"Tencent-HK-11.24","server":"43.154.83.213","port":29999,"uuid":"fc903f5d-a007-482b-928c-570da9a851f9","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"xx.tc.hk.go.107421.xyz","tls":true,"udp":true}
  - {"type":"socks5","name":"onetools-35-71","server":"192.168.35.71","port":22888,"username":"zeaslity","password":"password","udp":true}
+  - {"type":"trojan","name":"LosAngels-BanH-Trojan-Back","server":"89.208.251.209","port":443,"password":"V2ryStr0ngP0ss","udp":true,"skip-cert-verify":false,"sni":"xx.l4.cc.nn.107421.xyz","network":"tcp","ws-opts":{"headers":{"host":"xx.l4.cc.nn.107421.xyzh2,http/1.1"}}}
  - {"type":"socks5","name":"Seoul-F-Shanghai-TC","server":"42.192.52.227","port":22888,"username":"zeaslity","password":"lovemm.23","udp":true}
 proxy-groups:
  - name: 🚀 节点选择
@@ -80,6 +82,7 @@ proxy-groups:
      - Tencent-HK-11.24
      - onetools-35-71
      - Seoul-F-Shanghai-TC
+      - LosAngels-BanH-Trojan-Back
  - name: ♻️ 自动选择
    type: url-test
    url: http://www.gstatic.com/generate_204
@@ -94,6 +97,7 @@ proxy-groups:
      - Tokyo-Trojan
      - Phoenix-Trojan
      - Seoul-arm64-01-Trojan
+      - LosAngels-BanH-Trojan-Back
      - Tencent-HK-11.24
      - Seoul-F-Shanghai-TC
  - name: 🌍 国外媒体
@@ -109,6 +113,7 @@ proxy-groups:
      - Tokyo-Trojan
      - Phoenix-Trojan
      - Seoul-arm64-01-Trojan
+      - LosAngels-BanH-Trojan-Back
      - HongK-Tencent-Trojan
      - Tencent-HK-11.24
  - name: 📲 电报信息
--- a/v2ray示例/99-subscribe-octopus-latest.txt
+++ b/v2ray示例/99-subscribe-octopus-latest.txt
@@ -1,8 +1,10 @@
 vmess://eyJ2IjoiMiIsInBzIjoidXMtY2VudGUtZnJlZSIsImFkZCI6Im5vcnRoZmxhbmsuMTA3NDIxLnh5eiIsInBvcnQiOjQ0MywiaWQiOiJkZTA0YWRkOS01YzY4LThiYWItOTUwYy0wOGNkNTMyMGRmMTgiLCJhaWQiOjAsInNjeSI6ImF1dG8iLCJuZXQiOiJ3cyIsInBhdGgiOiIvdm1lc3MiLCJ0bHMiOiJ0bHMifQ==
 trojan://V2ryStr0ngP0ss@140.238.14.103:443?type=tcp&sni=xx.s4.cc.hh.107421.xyz&allowInsecure=0&host=xx.s4.cc.hh.107421.xyzh2,http/1.1#Seoul-Trojan
+trojan://V2ryStr0ngP0ss@89.208.251.209:29999?security=tls&sni=xx.l4.cc.nn.107421.xyz&alpn=h2%2Chttp%2F1.1&fp=safari&type=tcp&headerType=none#LosAngels-BanH-Trojan
 trojan://V2ryStr0ngP0ss@140.238.14.103:19997?type=tcp&sni=xx.s4.cc.hh.107421.xyz&allowInsecure=0&host=xx.s4.cc.hh.107421.xyzh2,http/1.1#Osaka-Trojan
 trojan://V2ryStr0ngP0ss@140.238.14.103:19999?type=tcp&sni=xx.s4.cc.hh.107421.xyz&allowInsecure=0&host=xx.s4.cc.hh.107421.xyzh2,http/1.1#Tokyo-Trojan
 trojan://V2ryStr0ngP0ss@140.238.14.103:19998?type=tcp&sni=xx.s4.cc.hh.107421.xyz&allowInsecure=0&host=xx.s4.cc.hh.107421.xyzh2,http/1.1#Pheonix-Trojan
 trojan://V2ryStr0ngP0ss@146.56.147.12:30000?type=tcp&sni=xx.s0.yy.ac.107421.xyz&allowInsecure=0&host=xx.s0.yy.ac.107421.xyzh2,http/1.1#Seoul-arm64-01-Trojan
 trojan://V2ryStr0ngP0ss@43.154.83.213:443?type=tcp&sni=xx.tc.hk.go.107421.xyz&allowInsecure=0h2,http/1.1#Tencent-Hkong-Trojan
-vless://fc903f5d-a007-482b-928c-570da9a851f9@43.154.83.213:29999?security=reality&flow=xtls-rprx-vision&type=tcp&sni=xx.tc.hk.go.107421.xyz&fp=chrome&pbk=IBKk7cbbpnarU9sxJx84tXztytBFH2oCNfy7FlLVjDg&sid=ad570cbfab&encryption=none&headerType=none#Tencent-HK-11.24
+vless://fc903f5d-a007-482b-928c-570da9a851f9@43.154.83.213:29999?security=reality&flow=xtls-rprx-vision&type=tcp&sni=xx.tc.hk.go.107421.xyz&fp=chrome&pbk=IBKk7cbbpnarU9sxJx84tXztytBFH2oCNfy7FlLVjDg&sid=ad570cbfab&encryption=none&headerType=none#Tencent-HK-11.24
+trojan://V2ryStr0ngP0ss@89.208.251.209:443?security=tls&sni=xx.l4.cc.nn.107421.xyz&alpn=h2%2Chttp%2F1.1&fp=safari&type=tcp&headerType=none#LosAngels-BanH-Trojan-Back
--- a/v2ray示例/Xray-终级方案/搬瓦工-洛杉矶-实际使用的Xray配置.json
+++ b/v2ray示例/Xray-终级方案/搬瓦工-洛杉矶-实际使用的Xray配置.json
@@ -29,6 +29,34 @@
        }
      },
      "tag": "LosAngels-amd64-01"
+    },
+    {
+      "protocol": "trojan",
+      "listen": "0.0.0.0",
+      "port": 29999,
+      "settings": {
+        "clients": [
+          {
+            "password": "v2ryStr@ngPa.ss"
+          }
+        ]
+      },
+      "streamSettings": {
+        "network": "tcp",
+        "security": "tls",
+        "tlsSettings": {
+          "alpn": [
+            "h2",
+            "http/1.1"
+          ],
+          "certificates": [
+            {
+              "certificateFile": "/root/.acme.sh/xx.l4.cc.nn.107421.xyz_ecc/fullchain.cer",
+              "keyFile": "/root/.acme.sh/xx.l4.cc.nn.107421.xyz_ecc/xx.l4.cc.nn.107421.xyz.key"
+            }
+          ]
+        }
+      }
    }
  ],
  "outbounds": [
--- a/v2ray示例/firewalld防火墙规则/搬瓦工防火墙.txt
+++ b/v2ray示例/firewalld防火墙规则/搬瓦工防火墙.txt
@@ -11,9 +11,10 @@ firewall-cmd --permanent --add-port=80/tcp
 firewall-cmd --permanent --add-port=80/udp

 # 允许来自20000-30000的tcp udp端口
-sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source-port port-range="20000-30000" protocol="tcp" accept'
-sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source-port port-range="20000-30000" protocol="udp" accept'

+sudo firewall-cmd --zone=drop --add-port=20000-30000/tcp --permanent
+sudo firewall-cmd --zone=drop --add-port=20000-30000/udp --permanent
+sudo firewall-cmd --reload

 # 重新载入防火墙规则
 firewall-cmd --reload