// @ts-ignore import { connect } from "cloudflare:sockets"; let userID = "86c50e3a-5b87-49dd-bd20-03c7f2735e40"; const proxyIPs = ["ts.hpc.tw","47.254.66.75","146.70.175.98","146.70.175.99","146.70.175.100","146.70.175.101","146.70.175.102","146.70.175.103","146.70.175.104","146.70.175.106","cdn-all.xn--b6gac.eu.org","cdn.xn--b6gac.eu.org"]; const cn_hostnames = ['']; let CDNIP = 'cdn-all.xijingping.link' // http_ip let IP1 = 'www.visa.com' let IP2 = 'cis.visa.com' let IP3 = 'africa.visa.com' let IP4 = 'www.visa.com.sg' let IP5 = 'www.visaeurope.at' let IP6 = 'www.visa.com.mt' let IP7 = 'qa.visamiddleeast.com' // https_ip let IP8 = 'usa.visa.com' let IP9 = 'malaysia.com' let IP10 = 'www.visa.co.jp' let IP11 = 'www.digitalocean.com' let IP12 = 'japan.com' let IP13 = 'cdn-b100.xn--b6gac.eu.org' // http_port let PT1 = '80' let PT2 = '8080' let PT3 = '8880' let PT4 = '2052' let PT5 = '2082' let PT6 = '2086' let PT7 = '2095' // https_port let PT8 = '443' let PT9 = '8443' let PT10 = '2053' let PT11 = '2083' let PT12 = '2087' let PT13 = '2096' let proxyIP = proxyIPs[Math.floor(Math.random() * proxyIPs.length)]; let proxyPort = proxyIP.includes(':') ? proxyIP.split(':')[1] : '443'; if (!isValidUUID(userID)) { throw new Error("uuid is not valid"); } export default { /** * @param {import("@cloudflare/workers-types").Request} request * @param {uuid: string, proxyip: string, cdnip: string, ip1: string, ip2: string, ip3: string, ip4: string, ip5: string, ip6: string, ip7: string, ip8: string, ip9: string, ip10: string, ip11: string, ip12: string, ip13: string, pt1: string, pt2: string, pt3: string, pt4: string, pt5: string, pt6: string, pt7: string, pt8: string, pt9: string, pt10: string, pt11: string, pt12: string, pt13: string} env * @param {import("@cloudflare/workers-types").ExecutionContext} ctx * @returns {Promise} */ async fetch(request, env, ctx) { try { const { proxyip } = env; userID = env.uuid || userID; if (proxyip) { if (proxyip.includes(']:')) { let lastColonIndex = proxyip.lastIndexOf(':'); proxyPort = proxyip.slice(lastColonIndex + 1); proxyIP = proxyip.slice(0, lastColonIndex); } else if (!proxyip.includes(']:') && !proxyip.includes(']')) { [proxyIP, proxyPort = '443'] = proxyip.split(':'); } else { proxyPort = '443'; proxyIP = proxyip; } } else { if (proxyIP.includes(']:')) { let lastColonIndex = proxyIP.lastIndexOf(':'); proxyPort = proxyIP.slice(lastColonIndex + 1); proxyIP = proxyIP.slice(0, lastColonIndex); } else if (!proxyIP.includes(']:') && !proxyIP.includes(']')) { [proxyIP, proxyPort = '443'] = proxyIP.split(':'); } else { proxyPort = '443'; } } console.log('ProxyIP:', proxyIP); console.log('ProxyPort:', proxyPort); CDNIP = env.cdnip || CDNIP; IP1 = env.ip1 || IP1; IP2 = env.ip2 || IP2; IP3 = env.ip3 || IP3; IP4 = env.ip4 || IP4; IP5 = env.ip5 || IP5; IP6 = env.ip6 || IP6; IP7 = env.ip7 || IP7; IP8 = env.ip8 || IP8; IP9 = env.ip9 || IP9; IP10 = env.ip10 || IP10; IP11 = env.ip11 || IP11; IP12 = env.ip12 || IP12; IP13 = env.ip13 || IP13; PT1 = env.pt1 || PT1; PT2 = env.pt2 || PT2; PT3 = env.pt3 || PT3; PT4 = env.pt4 || PT4; PT5 = env.pt5 || PT5; PT6 = env.pt6 || PT6; PT7 = env.pt7 || PT7; PT8 = env.pt8 || PT8; PT9 = env.pt9 || PT9; PT10 = env.pt10 || PT10; PT11 = env.pt11 || PT11; PT12 = env.pt12 || PT12; PT13 = env.pt13 || PT13; const upgradeHeader = request.headers.get("Upgrade"); const url = new URL(request.url); if (!upgradeHeader || upgradeHeader !== "websocket") { // return new Response('Not found', { status: 404 }); // For any other path, reverse proxy to 'ramdom website' and return the original response, caching it in the process if (cn_hostnames.includes('')) { return new Response(JSON.stringify(request.cf, null, 4), { status: 200, headers: { "Content-Type": "application/json;charset=utf-8", }, }); } const randomHostname = cn_hostnames[Math.floor(Math.random() * cn_hostnames.length)]; const newHeaders = new Headers(request.headers); newHeaders.set("cf-connecting-ip", "1.2.3.4"); newHeaders.set("x-forwarded-for", "1.2.3.4"); newHeaders.set("x-real-ip", "1.2.3.4"); newHeaders.set("referer", "https://www.google.com/search?q=edtunnel"); // Use fetch to proxy the request to 15 different domains const proxyUrl = "https://" + randomHostname + url.pathname + url.search; let modifiedRequest = new Request(proxyUrl, { method: request.method, headers: newHeaders, body: request.body, redirect: "manual", }); const proxyResponse = await fetch(modifiedRequest, { redirect: "manual" }); // Check for 302 or 301 redirect status and return an error response if ([301, 302].includes(proxyResponse.status)) { return new Response(`Redirects to ${randomHostname} are not allowed.`, { status: 403, statusText: "Forbidden", }); } // Return the response from the proxy server return proxyResponse; } else { return await vlessOverWSHandler(request); } } catch (err) { /** @type {Error} */ let e = err; return new Response(e.toString()); } }, }; function isValidIP(ip) { var reg = /^[\s\S]*$/; return reg.test(ip); } /** * * @param {import("@cloudflare/workers-types").Request} request */ async function vlessOverWSHandler(request) { /** @type {import("@cloudflare/workers-types").WebSocket[]} */ // @ts-ignore const webSocketPair = new WebSocketPair(); const [client, webSocket] = Object.values(webSocketPair); webSocket.accept(); let address = ""; let portWithRandomLog = ""; const log = (/** @type {string} */ info, /** @type {string | undefined} */ event) => { console.log(`[${address}:${portWithRandomLog}] ${info}`, event || ""); }; const earlyDataHeader = request.headers.get("sec-websocket-protocol") || ""; const readableWebSocketStream = makeReadableWebSocketStream(webSocket, earlyDataHeader, log); /** @type {{ value: import("@cloudflare/workers-types").Socket | null}}*/ let remoteSocketWapper = { value: null, }; let udpStreamWrite = null; let isDns = false; // ws --> remote readableWebSocketStream .pipeTo( new WritableStream({ async write(chunk, controller) { if (isDns && udpStreamWrite) { return udpStreamWrite(chunk); } if (remoteSocketWapper.value) { const writer = remoteSocketWapper.value.writable.getWriter(); await writer.write(chunk); writer.releaseLock(); return; } const { hasError, message, portRemote = 443, addressRemote = "", rawDataIndex, vlessVersion = new Uint8Array([0, 0]), isUDP, } = await processVlessHeader(chunk, userID); address = addressRemote; portWithRandomLog = `${portRemote}--${Math.random()} ${isUDP ? "udp " : "tcp "} `; if (hasError) { // controller.error(message); throw new Error(message); // cf seems has bug, controller.error will not end stream // webSocket.close(1000, message); return; } // if UDP but port not DNS port, close it if (isUDP) { if (portRemote === 53) { isDns = true; } else { // controller.error('UDP proxy only enable for DNS which is port 53'); throw new Error("UDP proxy only enable for DNS which is port 53"); // cf seems has bug, controller.error will not end stream return; } } // ["version", "附加信息长度 N"] const vlessResponseHeader = new Uint8Array([vlessVersion[0], 0]); const rawClientData = chunk.slice(rawDataIndex); // TODO: support udp here when cf runtime has udp support if (isDns) { const { write } = await handleUDPOutBound(webSocket, vlessResponseHeader, log); udpStreamWrite = write; udpStreamWrite(rawClientData); return; } handleTCPOutBound( remoteSocketWapper, addressRemote, portRemote, rawClientData, webSocket, vlessResponseHeader, log ); }, close() { log(`readableWebSocketStream is close`); }, abort(reason) { log(`readableWebSocketStream is abort`, JSON.stringify(reason)); }, }) ) .catch((err) => { log("readableWebSocketStream pipeTo error", err); }); return new Response(null, { status: 101, // @ts-ignore webSocket: client, }); } /** * Checks if a given UUID is present in the API response. * @param {string} targetUuid The UUID to search for. * @returns {Promise} A Promise that resolves to true if the UUID is present in the API response, false otherwise. */ async function checkUuidInApiResponse(targetUuid) { // Check if any of the environment variables are empty try { const apiResponse = await getApiResponse(); if (!apiResponse) { return false; } const isUuidInResponse = apiResponse.users.some((user) => user.uuid === targetUuid); return isUuidInResponse; } catch (error) { console.error("Error:", error); return false; } } /** * Handles outbound TCP connections. * * @param {any} remoteSocket * @param {string} addressRemote The remote address to connect to. * @param {number} portRemote The remote port to connect to. * @param {Uint8Array} rawClientData The raw client data to write. * @param {import("@cloudflare/workers-types").WebSocket} webSocket The WebSocket to pass the remote socket to. * @param {Uint8Array} vlessResponseHeader The vless response header. * @param {function} log The logging function. * @returns {Promise} The remote socket. */ async function handleTCPOutBound( remoteSocket, addressRemote, portRemote, rawClientData, webSocket, vlessResponseHeader, log ) { async function connectAndWrite(address, port) { if (/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/.test(address)) address = `${atob('d3d3Lg==')}${address}${atob('LnNzbGlwLmlv')}`; /** @type {import("@cloudflare/workers-types").Socket} */ const tcpSocket = connect({ hostname: address, port: port, }); remoteSocket.value = tcpSocket; log(`connected to ${address}:${port}`); const writer = tcpSocket.writable.getWriter(); await writer.write(rawClientData); // first write, nomal is tls client hello writer.releaseLock(); return tcpSocket; } // if the cf connect tcp socket have no incoming data, we retry to redirect ip async function retry() { const tcpSocket = await connectAndWrite(proxyIP || addressRemote, proxyPort || portRemote); // no matter retry success or not, close websocket tcpSocket.closed .catch((error) => { console.log("retry tcpSocket closed error", error); }) .finally(() => { safeCloseWebSocket(webSocket); }); remoteSocketToWS(tcpSocket, webSocket, vlessResponseHeader, null, log); } const tcpSocket = await connectAndWrite(addressRemote, portRemote); // when remoteSocket is ready, pass to websocket // remote--> ws remoteSocketToWS(tcpSocket, webSocket, vlessResponseHeader, retry, log); } /** * * @param {import("@cloudflare/workers-types").WebSocket} webSocketServer * @param {string} earlyDataHeader for ws 0rtt * @param {(info: string)=> void} log for ws 0rtt */ function makeReadableWebSocketStream(webSocketServer, earlyDataHeader, log) { let readableStreamCancel = false; const stream = new ReadableStream({ start(controller) { webSocketServer.addEventListener("message", (event) => { if (readableStreamCancel) { return; } const message = event.data; controller.enqueue(message); }); // The event means that the client closed the client -> server stream. // However, the server -> client stream is still open until you call close() on the server side. // The WebSocket protocol says that a separate close message must be sent in each direction to fully close the socket. webSocketServer.addEventListener("close", () => { // client send close, need close server // if stream is cancel, skip controller.close safeCloseWebSocket(webSocketServer); if (readableStreamCancel) { return; } controller.close(); }); webSocketServer.addEventListener("error", (err) => { log("webSocketServer has error"); controller.error(err); }); // for ws 0rtt const { earlyData, error } = base64ToArrayBuffer(earlyDataHeader); if (error) { controller.error(error); } else if (earlyData) { controller.enqueue(earlyData); } }, pull(controller) { // if ws can stop read if stream is full, we can implement backpressure // https://streams.spec.whatwg.org/#example-rs-push-backpressure }, cancel(reason) { // 1. pipe WritableStream has error, this cancel will called, so ws handle server close into here // 2. if readableStream is cancel, all controller.close/enqueue need skip, // 3. but from testing controller.error still work even if readableStream is cancel if (readableStreamCancel) { return; } log(`ReadableStream was canceled, due to ${reason}`); readableStreamCancel = true; safeCloseWebSocket(webSocketServer); }, }); return stream; } // https://xtls.github.io/development/protocols/vless.html // https://github.com/zizifn/excalidraw-backup/blob/main/v2ray-protocol.excalidraw /** * * @param { ArrayBuffer} vlessBuffer * @param {string} userID * @returns */ async function processVlessHeader(vlessBuffer, userID) { if (vlessBuffer.byteLength < 24) { return { hasError: true, message: "invalid data", }; } const version = new Uint8Array(vlessBuffer.slice(0, 1)); let isValidUser = false; let isUDP = false; const slicedBuffer = new Uint8Array(vlessBuffer.slice(1, 17)); const slicedBufferString = stringify(slicedBuffer); const uuids = userID.includes(",") ? userID.split(",") : [userID]; const checkUuidInApi = await checkUuidInApiResponse(slicedBufferString); isValidUser = uuids.some((userUuid) => checkUuidInApi || slicedBufferString === userUuid.trim()); console.log(`checkUuidInApi: ${await checkUuidInApiResponse(slicedBufferString)}, userID: ${slicedBufferString}`); if (!isValidUser) { return { hasError: true, message: "invalid user", }; } const optLength = new Uint8Array(vlessBuffer.slice(17, 18))[0]; //skip opt for now const command = new Uint8Array(vlessBuffer.slice(18 + optLength, 18 + optLength + 1))[0]; // 0x01 TCP // 0x02 UDP // 0x03 MUX if (command === 1) { } else if (command === 2) { isUDP = true; } else { return { hasError: true, message: `command ${command} is not support, command 01-tcp,02-udp,03-mux`, }; } const portIndex = 18 + optLength + 1; const portBuffer = vlessBuffer.slice(portIndex, portIndex + 2); // port is big-Endian in raw data etc 80 == 0x005d const portRemote = new DataView(portBuffer).getUint16(0); let addressIndex = portIndex + 2; const addressBuffer = new Uint8Array(vlessBuffer.slice(addressIndex, addressIndex + 1)); // 1--> ipv4 addressLength =4 // 2--> domain name addressLength=addressBuffer[1] // 3--> ipv6 addressLength =16 const addressType = addressBuffer[0]; let addressLength = 0; let addressValueIndex = addressIndex + 1; let addressValue = ""; switch (addressType) { case 1: addressLength = 4; addressValue = new Uint8Array(vlessBuffer.slice(addressValueIndex, addressValueIndex + addressLength)).join("."); break; case 2: addressLength = new Uint8Array(vlessBuffer.slice(addressValueIndex, addressValueIndex + 1))[0]; addressValueIndex += 1; addressValue = new TextDecoder().decode(vlessBuffer.slice(addressValueIndex, addressValueIndex + addressLength)); break; case 3: addressLength = 16; const dataView = new DataView(vlessBuffer.slice(addressValueIndex, addressValueIndex + addressLength)); // 2001:0db8:85a3:0000:0000:8a2e:0370:7334 const ipv6 = []; for (let i = 0; i < 8; i++) { ipv6.push(dataView.getUint16(i * 2).toString(16)); } addressValue = ipv6.join(":"); // seems no need add [] for ipv6 break; default: return { hasError: true, message: `invild addressType is ${addressType}`, }; } if (!addressValue) { return { hasError: true, message: `addressValue is empty, addressType is ${addressType}`, }; } return { hasError: false, addressRemote: addressValue, addressType, portRemote, rawDataIndex: addressValueIndex + addressLength, vlessVersion: version, isUDP, }; } /** * * @param {import("@cloudflare/workers-types").Socket} remoteSocket * @param {import("@cloudflare/workers-types").WebSocket} webSocket * @param {ArrayBuffer} vlessResponseHeader * @param {(() => Promise) | null} retry * @param {*} log */ async function remoteSocketToWS(remoteSocket, webSocket, vlessResponseHeader, retry, log) { // remote--> ws let remoteChunkCount = 0; let chunks = []; /** @type {ArrayBuffer | null} */ let vlessHeader = vlessResponseHeader; let hasIncomingData = false; // check if remoteSocket has incoming data await remoteSocket.readable .pipeTo( new WritableStream({ start() {}, /** * * @param {Uint8Array} chunk * @param {*} controller */ async write(chunk, controller) { hasIncomingData = true; // remoteChunkCount++; if (webSocket.readyState !== WS_READY_STATE_OPEN) { controller.error("webSocket.readyState is not open, maybe close"); } if (vlessHeader) { webSocket.send(await new Blob([vlessHeader, chunk]).arrayBuffer()); vlessHeader = null; } else { // seems no need rate limit this, CF seems fix this??.. // if (remoteChunkCount > 20000) { // // cf one package is 4096 byte(4kb), 4096 * 20000 = 80M // await delay(1); // } webSocket.send(chunk); } }, close() { log(`remoteConnection!.readable is close with hasIncomingData is ${hasIncomingData}`); // safeCloseWebSocket(webSocket); // no need server close websocket frist for some case will casue HTTP ERR_CONTENT_LENGTH_MISMATCH issue, client will send close event anyway. }, abort(reason) { console.error(`remoteConnection!.readable abort`, reason); }, }) ) .catch((error) => { console.error(`remoteSocketToWS has exception `, error.stack || error); safeCloseWebSocket(webSocket); }); // seems is cf connect socket have error, // 1. Socket.closed will have error // 2. Socket.readable will be close without any data coming if (hasIncomingData === false && retry) { log(`retry`); retry(); } } /** * * @param {string} base64Str * @returns */ function base64ToArrayBuffer(base64Str) { if (!base64Str) { return { error: null }; } try { // go use modified Base64 for URL rfc4648 which js atob not support base64Str = base64Str.replace(/-/g, "+").replace(/_/g, "/"); const decode = atob(base64Str); const arryBuffer = Uint8Array.from(decode, (c) => c.charCodeAt(0)); return { earlyData: arryBuffer.buffer, error: null }; } catch (error) { return { error }; } } /** * This is not real UUID validation * @param {string} uuid */ function isValidUUID(uuid) { const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i; return uuidRegex.test(uuid); } const WS_READY_STATE_OPEN = 1; const WS_READY_STATE_CLOSING = 2; /** * Normally, WebSocket will not has exceptions when close. * @param {import("@cloudflare/workers-types").WebSocket} socket */ function safeCloseWebSocket(socket) { try { if (socket.readyState === WS_READY_STATE_OPEN || socket.readyState === WS_READY_STATE_CLOSING) { socket.close(); } } catch (error) { console.error("safeCloseWebSocket error", error); } } const byteToHex = []; for (let i = 0; i < 256; ++i) { byteToHex.push((i + 256).toString(16).slice(1)); } function unsafeStringify(arr, offset = 0) { return ( byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + "-" + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + "-" + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + "-" + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + "-" + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]] ).toLowerCase(); } function stringify(arr, offset = 0) { const uuid = unsafeStringify(arr, offset); if (!isValidUUID(uuid)) { throw TypeError("Stringified UUID is invalid"); } return uuid; } /** * * @param {import("@cloudflare/workers-types").WebSocket} webSocket * @param {ArrayBuffer} vlessResponseHeader * @param {(string)=> void} log */ async function handleUDPOutBound(webSocket, vlessResponseHeader, log) { let isVlessHeaderSent = false; const transformStream = new TransformStream({ start(controller) {}, transform(chunk, controller) { // udp message 2 byte is the the length of udp data // TODO: this should have bug, beacsue maybe udp chunk can be in two websocket message for (let index = 0; index < chunk.byteLength; ) { const lengthBuffer = chunk.slice(index, index + 2); const udpPakcetLength = new DataView(lengthBuffer).getUint16(0); const udpData = new Uint8Array(chunk.slice(index + 2, index + 2 + udpPakcetLength)); index = index + 2 + udpPakcetLength; controller.enqueue(udpData); } }, flush(controller) {}, }); // only handle dns udp for now transformStream.readable .pipeTo( new WritableStream({ async write(chunk) { const resp = await fetch( dohURL, // dns server url { method: "POST", headers: { "content-type": "application/dns-message", }, body: chunk, } ); const dnsQueryResult = await resp.arrayBuffer(); const udpSize = dnsQueryResult.byteLength; // console.log([...new Uint8Array(dnsQueryResult)].map((x) => x.toString(16))); const udpSizeBuffer = new Uint8Array([(udpSize >> 8) & 0xff, udpSize & 0xff]); if (webSocket.readyState === WS_READY_STATE_OPEN) { log(`doh success and dns message length is ${udpSize}`); if (isVlessHeaderSent) { webSocket.send(await new Blob([udpSizeBuffer, dnsQueryResult]).arrayBuffer()); } else { webSocket.send(await new Blob([vlessResponseHeader, udpSizeBuffer, dnsQueryResult]).arrayBuffer()); isVlessHeaderSent = true; } } }, }) ) .catch((error) => { log("dns udp has error" + error); }); const writer = transformStream.writable.getWriter(); return { /** * * @param {Uint8Array} chunk */ write(chunk) { writer.write(chunk); }, }; } function gettyConfig(userID, hostName) { const vlessshare = btoa(`vless://${userID}@${IP1}:${PT1}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V1_${IP1}_${PT1}\nvless://${userID}@${IP2}:${PT2}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V2_${IP2}_${PT2}\nvless://${userID}@${IP3}:${PT3}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V3_${IP3}_${PT3}\nvless://${userID}@${IP4}:${PT4}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V4_${IP4}_${PT4}\nvless://${userID}@${IP5}:${PT5}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V5_${IP5}_${PT5}\nvless://${userID}@${IP6}:${PT6}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V6_${IP6}_${PT6}\nvless://${userID}@${IP7}:${PT7}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V7_${IP7}_${PT7}\nvless://${userID}@${IP8}:${PT8}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V8_${IP8}_${PT8}\nvless://${userID}@${IP9}:${PT9}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V9_${IP9}_${PT9}\nvless://${userID}@${IP10}:${PT10}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V10_${IP10}_${PT10}\nvless://${userID}@${IP11}:${PT11}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V11_${IP11}_${PT11}\nvless://${userID}@${IP12}:${PT12}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V12_${IP12}_${PT12}\nvless://${userID}@${IP13}:${PT13}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V13_${IP13}_${PT13}`); return `${vlessshare}` } function getclConfig(userID, hostName) { return ` proxies: - name: CF_V1_${IP1}_${PT1} type: vless server: ${IP1} port: ${PT1} uuid: ${userID} udp: false tls: false network: ws ws-opts: path: "/worker34" headers: Host: ${hostName} - name: CF_V2_${IP2}_${PT2} type: vless server: ${IP2} port: ${PT2} uuid: ${userID} udp: false tls: false network: ws ws-opts: path: "/worker3" headers: Host: ${hostName} - name: CF_V3_${IP3}_${PT3} type: vless server: ${IP3} port: ${PT3} uuid: ${userID} udp: false tls: false network: ws ws-opts: path: "/wosa" headers: Host: ${hostName} - name: CF_V4_${IP4}_${PT4} type: vless server: ${IP4} port: ${PT4} uuid: ${userID} udp: false tls: false network: ws ws-opts: path: "/finance" headers: Host: ${hostName} - name: CF_V5_${IP5}_${PT5} type: vless server: ${IP5} port: ${PT5} uuid: ${userID} udp: false tls: false network: ws ws-opts: path: "/finance" headers: Host: ${hostName} - name: CF_V6_${IP6}_${PT6} type: vless server: ${IP6} port: ${PT6} uuid: ${userID} udp: false tls: false network: ws ws-opts: path: "/city" headers: Host: ${hostName} - name: CF_V7_${IP7}_${PT7} type: vless server: ${IP7} port: ${PT7} uuid: ${userID} udp: false tls: false network: ws servername: ${hostName} ws-opts: path: "/city" headers: Host: ${hostName} - name: CF_V8_${IP8}_${PT8} type: vless server: ${IP8} port: ${PT8} uuid: ${userID} udp: false tls: true network: ws servername: ${hostName} ws-opts: path: "/cccc" headers: Host: ${hostName} - name: CF_V9_${IP9}_${PT9} type: vless server: ${IP9} port: ${PT9} uuid: ${userID} udp: false tls: true network: ws servername: ${hostName} ws-opts: path: "/thank_you" headers: Host: ${hostName} - name: CF_V10_${IP10}_${PT10} type: vless server: ${IP10} port: ${PT10} uuid: ${userID} udp: false tls: true network: ws servername: ${hostName} ws-opts: path: "/weather" headers: Host: ${hostName} - name: CF_V11_${IP11}_${PT11} type: vless server: ${IP11} port: ${PT11} uuid: ${userID} udp: false tls: true network: ws servername: ${hostName} ws-opts: path: "/weather" headers: Host: ${hostName} - name: CF_V12_${IP12}_${PT12} type: vless server: ${IP12} port: ${PT12} uuid: ${userID} udp: false tls: true network: ws servername: ${hostName} ws-opts: path: "/weather" headers: Host: ${hostName} - name: CF_V13_${IP13}_${PT13} type: vless server: ${IP13} port: ${PT13} uuid: ${userID} udp: false tls: true network: ws servername: ${hostName} ws-opts: path: "/weather" headers: Host: ${hostName} proxy-groups: - name: 负载均衡 type: load-balance url: http://www.gstatic.com/generate_204 interval: 300 proxies: - CF_V1_${IP1}_${PT1} - CF_V2_${IP2}_${PT2} - CF_V3_${IP3}_${PT3} - CF_V4_${IP4}_${PT4} - CF_V5_${IP5}_${PT5} - CF_V6_${IP6}_${PT6} - CF_V7_${IP7}_${PT7} - CF_V8_${IP8}_${PT8} - CF_V9_${IP9}_${PT9} - CF_V10_${IP10}_${PT10} - CF_V11_${IP11}_${PT11} - CF_V12_${IP12}_${PT12} - CF_V13_${IP13}_${PT13} - name: 自动选择 type: url-test url: http://www.gstatic.com/generate_204 interval: 300 tolerance: 50 proxies: - CF_V1_${IP1}_${PT1} - CF_V2_${IP2}_${PT2} - CF_V3_${IP3}_${PT3} - CF_V4_${IP4}_${PT4} - CF_V5_${IP5}_${PT5} - CF_V6_${IP6}_${PT6} - CF_V7_${IP7}_${PT7} - CF_V8_${IP8}_${PT8} - CF_V9_${IP9}_${PT9} - CF_V10_${IP10}_${PT10} - CF_V11_${IP11}_${PT11} - CF_V12_${IP12}_${PT12} - CF_V13_${IP13}_${PT13} - name: 🌍选择代理 type: select proxies: - 负载均衡 - 自动选择 - DIRECT - CF_V1_${IP1}_${PT1} - CF_V2_${IP2}_${PT2} - CF_V3_${IP3}_${PT3} - CF_V4_${IP4}_${PT4} - CF_V5_${IP5}_${PT5} - CF_V6_${IP6}_${PT6} - CF_V7_${IP7}_${PT7} - CF_V8_${IP8}_${PT8} - CF_V9_${IP9}_${PT9} - CF_V10_${IP10}_${PT10} - CF_V11_${IP11}_${PT11} - CF_V12_${IP12}_${PT12} - CF_V13_${IP13}_${PT13} rules: - GEOIP,LAN,DIRECT - GEOIP,CN,DIRECT - MATCH,🌍选择代理` }