Qi Lin
0ea2a50264
Add option realitySettings.masterKeyLog
2024-01-11 10:57:04 -05:00
nobody
44bb83033f
Add sub-command "-dump" to "run". ( #2854 )
...
* Add MarshalToJson().
* Add cmd arg -dump for printing out merged multiple json configs.
---------
Co-authored-by: nobody <nobody@nowhere.mars>
2023-12-29 11:16:48 -05:00
Allo
006cf491e5
fix(conf): add Windows support for Unix Domain Socket in the fallback settings
2023-12-29 11:07:41 -05:00
Allo
b0bf0d7fd5
fix(conf): add Windows support for Unix Domain Socket
2023-12-24 15:48:25 -05:00
Hossin Asaadi
01c14a5994
add Round-Robin Strategy to balancer ( #2844 )
...
* add Round-Robin Strategy
* clean up
2023-12-24 15:29:10 -05:00
风扇滑翔翼
9becf02316
allow empty route type
...
default field
2023-12-24 15:00:23 -05:00
yuhan6665
6f092bd212
Add "masterKeyLog" in TLS config ( #2758 )
...
* Add "enableMasterKeyLog" in TLS config
Turn on the debug option for Wireshark to decrypt traffic
* Change to "masterKeyLog" to configure a path
2023-11-27 10:08:34 -05:00
hax0r31337
0ac7da2fc8
WireGuard Inbound (User-space WireGuard server) ( #2477 )
...
* feat: wireguard inbound
* feat(command): generate wireguard compatible keypair
* feat(wireguard): connection idle timeout
* fix(wireguard): close endpoint after connection closed
* fix(wireguard): resolve conflicts
* feat(wireguard): set cubic as default cc algorithm in gVisor TUN
* chore(wireguard): resolve conflict
* chore(wireguard): remove redurant code
* chore(wireguard): remove redurant code
* feat: rework server for gvisor tun
* feat: keep user-space tun as an option
* fix: exclude android from native tun build
* feat: auto kernel tun
* fix: build
* fix: regulate function name & fix test
2023-11-17 22:27:17 -05:00
yuhan6665
7523f7f440
统一 domainStrategy
行为. ( #2720 )
...
* 统一 `domainStrategy` 行为.
* Update proto
---------
Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com>
2023-11-12 16:37:02 -05:00
yuhan6665
d9fd3f8eb1
Freedom xdomain strategy ( #2719 )
...
* 统一 `domainStrategy` 行为.
* aliases NG.
* 化简.
* 调整.
* Let it crash.
* Update proto
---------
Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com>
2023-11-12 16:27:39 -05:00
yuhan6665
a109389efb
Wireguard resolve strategy ( #2717 )
...
* 增加 wireguard 出站选项 `resolveStrategy`.
* They become a part of you.
* 移除不必要的选项别名.
* aliases NG.
* 微调.
---------
Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com>
2023-11-12 15:52:09 -05:00
Ikko Eltociear Ashimine
1d89ae2847
Fix typo in xray.go
...
overide -> override
2023-11-06 17:54:40 -05:00
yuhan6665
4f05e0ac2b
Unify environment var readers
2023-10-29 15:16:57 -04:00
Hossin Asaadi
67c66faaed
Override outbounds in multi config files ( #2659 )
...
* fix override outbounds in multi config
* log outbounds override status
* fix prepend bug
* improve outbounds-prepend test
* fix prepend outbound
* fix outbounds-prepend test
2023-10-23 21:34:58 -04:00
hossinasaadi
71fee07175
fix inbounds-replaceall test
2023-10-22 22:45:38 -04:00
hossinasaadi
42d586df09
log inbound override status
2023-10-22 22:45:38 -04:00
hossinasaadi
4f8b73bb1f
fix override Inbounds in multi config
2023-10-22 22:45:38 -04:00
cty123
4f6042c69f
feat(dns): Support DNS queryStrategy config per NameServer.
2023-09-22 10:34:36 -04:00
yylt
c00e56c0da
Add tcpMptcp
to sockopt
( #2520 )
2023-09-07 17:32:27 +00:00
hax0r31337
f67167bb3b
refactor(deps): replace github.com/golang/protobuf with google.golang.org/protobuf
2023-08-10 10:43:27 -04:00
RPRX
f0f3b417f7
Refactor: Fragmentation
...
5f5ae37571
9122d0f056
2023-07-06 16:30:39 +00:00
RPRX
6d4194415d
Clean unnecessary code in Trojan
2023-07-06 15:18:05 +00:00
RPRX
4f8f49024b
Fix xray_test.go
2023-06-19 01:07:19 +00:00
RPRX
a9ed1a03aa
Fix dns_proxy_test.go
2023-06-19 00:51:03 +00:00
RPRX
253a422467
Fix "nonIPQuery"
2023-06-19 00:33:59 +00:00
RPRX
ee21763928
Run "go fmt ./..."
2023-06-18 09:46:57 -04:00
RPRX
667279af57
Add "nonIPQuery" to DNS outbound ("drop" by default)
...
And fixed a memory leak
And regenerated *.pb.go
2023-06-18 09:45:32 -04:00
rrouzbeh
9122d0f056
Add TLS Hello Fragmentation for freedom outbound ( #2131 )
...
* Replace TCP Segmentation with TLS Hello Fragmentation
* Update infra/conf/freedom.go
* Refine proxy/freedom/freedom.go
---------
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2023-06-18 09:27:55 -04:00
yuhan6665
9112cfd39c
Clean legacy vmess ( #2199 )
...
* Remove legacy Vmess
* validators
* protos
2023-06-12 10:32:25 -04:00
yuhan6665
bf4b1fab3c
Simplify http attrabute matching
...
In the past, we use Starlark script, it is over engineered and barely used.
By switching to simple key value string contains logic we can reduce core size about 0.7MB
2023-06-12 10:25:45 -04:00
yuhan6665
c9f517108c
Remove mtproto
2023-06-06 23:38:34 -04:00
sambali9
5f5ae37571
Added tcp fragmentation for freedom outbound ( #2021 )
...
* Added tcp fragmentation for freedom outbound
* Added TCP_NODELAY to outbound sockopt
* Changed fragment parameters to accept ranges and changed strategy to use length
* Changed packetNumber to packets, supporting range.
* Refactored the freedom fragment logic
* Refine Write()
---------
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2023-05-22 02:59:58 +00:00
xqzr
dd81ad5342
Add tcpMaxSeg
to sockopt
( #2002 )
2023-04-30 00:03:30 +00:00
yichya QC
90d915ea05
feat: add tcp_user_timeout
...
```json
{"streamSettings":{"sockopt": {"tcpUserTimeout": 10000}}}
```
run `gofmt -w -s .` as well
2023-04-22 20:41:43 -04:00
RPRX
06c9e50c52
Add "xudpProxyUDP443" to Mux config & XUDP rejects UDP/443 traffic by default (client side, excluding reverse proxy)
2023-04-14 22:51:18 +00:00
RPRX
24a2be43ef
Replace "only" with "xudpConcurrency" in Mux config
2023-04-10 10:36:07 +08:00
RPRX
29d7865d78
Refine "only" in Mux config
2023-04-10 10:15:16 +08:00
RPRX
be23d5d3b7
XUDP protocol: Add Global ID & UoT Migration
...
The first UoT protocol that supports UoT Migration
Thank @yuhan6665 for testing
2023-04-06 10:21:35 +00:00
RPRX
a0d06f3a97
Add env support to "address", "listen", etc.
...
Usage: `"address": "env:ADDR"`, `"listen": "env:AUDS"`...
Just like existing `"port": "env:PORT"`
2023-03-26 10:10:27 +00:00
Hirbod Behnam
6872be5cc3
Add user agent to gRPC ( #1790 )
2023-03-26 09:23:42 +03:30
世界
55efac7236
Reformat code
2023-03-17 13:17:08 +08:00
世界
f57ec13880
Update UoT protocol
2023-03-17 13:17:08 +08:00
xqzr
c3322294be
Add tcpWindowClamp
to sockopt
( #1757 )
...
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2023-03-09 13:51:16 +00:00
RPRX
c04c333afc
They become a part of you
2023-03-04 15:39:27 +00:00
yuhan6665
9e5bc07bf2
Legends never die ( #1725 )
2023-03-04 10:39:26 +00:00
RPRX
ccba465590
Add reserved to WireGuard config
...
Fixes https://github.com/XTLS/Xray-core/issues/1730
2023-03-02 16:55:42 +00:00
RPRX
55dc26f228
Add REALITY support to gRPC client and server
...
Now you are able to configure REALITY gRPC client and server
Duplicate of REALITY H2, perhaps, just for fun
2023-02-27 19:52:01 +00:00
sduoduo233
336b2daeb9
DNS Header for KCP ( #1672 )
...
* dns header
* fixed domain name encoding for dns header
---------
Co-authored-by: kerry <lvhaiyangkerry@gmail.com>
2023-02-24 12:06:24 -05:00
xqzr
c8b4580869
add V6Only
( #1677 )
...
* add `V6Only`
* add `V6Only`
2023-02-24 11:54:40 -05:00
Yue Yin
03b8c094de
Support SPKI Fingerprint Pinning
...
Support SPKI Fingerprint Pinning for TLSObject
2023-02-24 11:47:00 -05:00
RPRX
9d3de59d3f
Check "serverNames" and "shortIds" (client side)
...
Prevents https://github.com/XTLS/Xray-core/issues/1675
2023-02-21 13:43:13 +00:00
RPRX
c7358a32f5
Allow empty "spiderX" (client side)
2023-02-17 21:07:27 +08:00
RPRX
e1cd1fd33e
Allow empty "shortId" (client side)
2023-02-17 12:39:18 +00:00
RPRX
4d2e2b24d3
THE NEXT FUTURE becomes THE REALITY NOW
...
Thank @yuhan6665 for testing
2023-02-15 16:07:12 +00:00
RPRX
fa7300e910
Add warning on using old version of XTLS
...
And checks param `fingerprint` also
2023-02-03 23:29:46 +08:00
RPRX
dc72cf2c78
Refine fingerprints
...
Fixes https://github.com/XTLS/Xray-core/issues/1577
2023-02-01 12:58:17 +00:00
aeeq
620eb63c1b
Add sockopt interface setting for binding outbound to a particular device like "eth0" ( #1494 )
...
* Update sockopt_linux.go
add Interface Name
* Update config.pb.go
add Interface Name
* Update transport_internet.go
add Interface Name
* Update config.pb.go
* update config.proto add interface
* Update config.pb.go
2023-01-09 09:45:30 -05:00
RPRX
ff5ce767df
Revert "add file soft link path resolve support ( #1482 )" ( #1495 )
...
This reverts commit eaf401eda9
.
2023-01-07 15:11:23 +00:00
Nanyu
eaf401eda9
add file soft link path resolve support ( #1482 )
...
* add file soft link path resolve
* add configuration file soft link path resolve support
2023-01-03 10:52:11 -05:00
yuhan6665
c4fbdf1b78
Run core/format.go
2022-12-25 19:47:53 -05:00
PMExtra
c9b6fc0104
Add custom header support for HTTP proxy
2022-12-18 21:48:23 -05:00
yuhan6665
2e30093ffd
Enforce specific none flow for xtls vision
...
In the past, when user open xtls vision on the server side, plain vless+tls can connect.
Pure tls is known to have certain tls in tls characters.
Now server need to specify "xtls-rprx-vision,none" for it be able usable on the same port.
2022-12-04 23:15:36 -05:00
nanoda0523
e18b52a5df
Implement WireGuard protocol as outbound (client) ( #1344 )
...
* implement WireGuard protocol for Outbound
* upload license
* fix build for openbsd & dragonfly os
* updated wireguard-go
* fix up
* switch to another wireguard fork
* fix
* switch to upstream
* open connection through internet.Dialer (#1 )
* use internet.Dialer
* maybe better code
* fix
* real fix
Co-authored-by: nanoda0523 <nanoda0523@users.noreply.github.com>
* fix bugs & add ability to recover during connection reset on UDP over TCP parent protocols
* improve performance
improve performance
* dns lookup endpoint && remove unused code
* interface address fallback
* better code && add config test case
Co-authored-by: nanoda0523 <nanoda0523@users.noreply.github.com>
2022-11-21 20:05:54 -05:00
yuhan6665
5e695327b1
Add XTLS RPRX's Vision ( #1235 )
...
* Add XTLS RPRX's Vision
* Add helpful warning when security is wrong
* Add XTLS padding (draft)
* Fix number of packet to filter
* Xtls padding version 1.0 and unpadding logic
2022-10-29 00:51:59 -04:00
xqzr
8cf23f1947
add tcpcongestion
( #1234 )
...
* add `tcpcongestion`
* Update sockopt_linux.go
* Update config.pb.go
* Update transport_internet.go
* Update config.pb.go
* Update transport_internet.go
* Update config.proto
2022-10-10 13:13:50 -04:00
yuhan6665
debd2e3ba8
Remove compatibility code
...
The minimum support go version is already 1.18
2022-09-16 20:39:07 -04:00
Mocking
4140bcd11a
Enhancement of "redirect" function, adding support for MacOS
...
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
"inbounds": [
{
"listen": "127.0.0.1",
"port": 1122,
"protocol": "dokodemo-door",
"tag": "dokodemo",
"settings": {
"network": "tcp",
"followRedirect": true,
"userLevel": 0
},
"streamSettings": {
"sockopt": {
"tproxy": "Redirect"
}
}
}
]
还原#1189 提交
2022-08-22 10:33:58 -04:00
S-Mocking
59602db02d
Add "tproxy" option ( #1189 )
...
* Add "tproxy" option
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
"inbounds": [
{
"listen": "127.0.0.1",
"port": 1122,
"protocol": "dokodemo-door",
"tag": "dokodemo",
"settings": {
"network": "tcp",
"followRedirect": true,
"userLevel": 0
},
"streamSettings": {
"sockopt": {
"tproxy": "pf"
}
}
}
]
* Add "tproxy" option
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
"inbounds": [
{
"listen": "127.0.0.1",
"port": 1122,
"protocol": "dokodemo-door",
"tag": "dokodemo",
"settings": {
"network": "tcp",
"followRedirect": true,
"userLevel": 0
},
"streamSettings": {
"sockopt": {
"tproxy": "pf"
}
}
}
]
* Add "tproxy" option
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
"inbounds": [
{
"listen": "127.0.0.1",
"port": 1122,
"protocol": "dokodemo-door",
"tag": "dokodemo",
"settings": {
"network": "tcp",
"followRedirect": true,
"userLevel": 0
},
"streamSettings": {
"sockopt": {
"tproxy": "pf"
}
}
}
]
Co-authored-by: Mocking <fanhaiwang0817@gmail.com>
2022-08-20 09:02:18 -04:00
yuhan6665
b67314796f
Add shadowsocks 2022 relay config
2022-08-09 10:37:21 -04:00
yuhan6665
340234166b
Add TCPKeepAliveIdle in Sockopt option ( #1166 )
...
* Add TCP keep alive idle setting
* Add TCP keep alive idle setting: auto generated
* Add TCP keep alive support in Linux
* Add TCP keep alive support in MacOS, FreeBSD
* Add TCP keep alive support in Windows
* fix bug introduced in adding tcp keep alive adjustment
* embed macOS const to avoid platform inconsistency
* embed macOS const to avoid platform inconsistency(again)
* add TCP Keep Alive support in config
* use sys/unix instead of syscall
Suggestion from:
https://github.com/v2fly/v2ray-core/pull/1395#issuecomment-974761647
* use sys/unix instead of syscall
Suggestion from:
https://github.com/v2fly/v2ray-core/pull/1395#issuecomment-974761647
* Separate TcpKeepAliveIdle and TcpKeepAliveInterval check logic
* Disable tcp keepAlive when TcpKeepAliveIdle < 0 and TcpKeepAliveInterval <= 0
Co-authored-by: xqzr <34030394+xqzr@users.noreply.github.com>
Co-authored-by: ValdikSS <iam@valdikss.org.ru>
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: xqzr <34030394+xqzr@users.noreply.github.com>
2022-07-31 09:55:40 -04:00
yuhan6665
9480bc0379
Fix ss2022 user stat for single user
2022-07-02 11:27:26 -04:00
世界
c3505632fd
Add udp over tcp support for shadowsocks-2022
2022-06-01 11:49:02 +08:00
世界
f1d753f069
Fix build in legacy golang version
2022-05-31 15:55:38 +08:00
世界
79f3057687
Migrate shadowsocks-2022 to protocol library
2022-05-26 07:35:17 +08:00
世界
cf7e675c45
Add shadowsocks 2022 multi-user inbound
2022-05-24 07:37:14 +08:00
世界
b6391cbbe1
Fix shadowsocks config
2022-05-24 07:01:47 +08:00
世界
3b77e26fa7
Merge shadowsocks 2022 config
2022-05-23 22:18:33 +08:00
世界
087f0d1240
Add shadowsocks-2022 inbound/outbound ( #1061 )
2022-05-22 23:55:48 -04:00
yuhan6665
3f64f3206c
Quic sniffer ( #1074 )
...
* Add quic sniffer
* Fix quic sniffer
* Add uTP sniffer
* rename buf pool membership status to unmanaged
* rename buf type adaptor into FromBytes
Co-authored-by: 世界 <i@sekai.icu>
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2022-05-22 23:48:10 -04:00
世界
f046feb9ca
Reformat code
2022-05-18 15:29:01 +08:00
yichya QC
2f86c7c795
fix: read port from environment variable
2022-04-26 10:27:42 -04:00
yuhan6665
b413066012
Fakedns fix xUDP destination override ( #1011 )
...
* Fix UDP destination override
* Fix code style
* Fix fakedns object init
Do type convertion at runtime in case if user don't use fakedns in config.
Since dispatcher now depend on fakedns object, move the injection order of
fakedns to top (As a temporary solution)
* Amend logic for handing fakedns client
A map is used by server side when client turn on fakedns
Client will send domain address in the buffer.UDP.Address, server record all possible target IP addrs.
When target replies, server will restore the domain and send back to client.
Co-authored-by: hmol233 <82594500+hmol233@users.noreply.github.com>
2022-04-23 19:24:46 -04:00
yichya
35eb165f63
feat: metrics including pprof, expvars
2022-03-29 00:01:14 -04:00
hmol233
63da3a5481
grpc: add initial_windows_size option
2021-12-19 21:14:14 -05:00
xqzr
c8e2a99e68
fix unsupported cipher method: xChaCha20-IETF-Poly1305
2021-12-16 18:57:06 -05:00
yuhan6665
e93da4bd02
Fix some tests and format code ( #830 )
...
* Increase some tls test timeout
* Fix TestUserValidator
* Change all tests to VMessAEAD
Old VMess MD5 tests will be rejected and fail in 2022
* Chore: auto format code
2021-12-14 19:28:47 -05:00
lucifer9
d6ae4e9ba2
Make it easier to configure multiple listening ports
2021-11-17 23:13:15 -05:00
Zhu Sheng Li
28b17b529d
Add concurrency option for outbound observation
...
Add `enableConcurrency` option, false by default.
If it's set as `true`, start probing outbounds concurrently in every
circle of observation. Wait `probeInterval` between observation circles.
2021-10-26 13:09:03 +08:00
yuhan6665
abb8ba8b0e
Observatory related fixes ( #788 )
...
* fix:observatory not supported by multi-json
* Fix: observatory starts with empty config & fails to close (#957 )
* Update strategy_leastping.go (#1019 )
* add custom probe URL support for observatory
* add custom probe interval for observer
* apply coding style
* Fix: observatory log & JSON config(#1211 )
Co-authored-by: ihotte <ihotte@yeah.net>
* Change default probe url from api.v2fly.org to www.google.com
* Cherry-pick missing code from branch 'dev-advloadblancer-2'
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
Co-authored-by: fanyiguan <52657276+fanyiguang@users.noreply.github.com>
Co-authored-by: ihotte <3087168217@qq.com>
Co-authored-by: ihotte <ihotte@yeah.net>
2021-10-26 13:00:31 +08:00
Shelikhoo
ff35118af5
VMess AEAD based packet length
...
(cherry picked from commit 08221600082a79376bdc262f2ffec1a3129ae98d)
2021-10-22 18:34:57 +08:00
世界
707efd6d12
Add loopback outound
2021-10-22 17:58:37 +08:00
世界
5c366db847
Add observatory / latestPing balancing strategy
...
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-22 17:16:20 +08:00
世界
77d0419aca
Add socks4/4a support
2021-10-22 13:27:31 +08:00
maskedeken
238bd5d050
Add xchacha20-ietf-poly1305 for Shadowsocks
2021-10-22 13:24:29 +08:00
Loyalsoldier
3fe61ed4a2
Feat: add reverse match for GeoIP
...
(cherry picked from commit 3a50affa0a7316a9ad249f1b2b2996cb88948551)
2021-10-22 13:06:57 +08:00
yuhan6665
acb81ebe3d
Verify peer cert function for better man in the middle prevention ( #746 )
...
* verify peer cert function for better man in the middle prevention
* publish cert chain hash generation algorithm
* added calculation of certificate hash as separate command and tlsping, use base64 to represent fingerprint to align with jsonPb
* apply coding style
* added test case for pinned certificates
* refactored cert pin
* pinned cert test
* added json loading of the PinnedPeerCertificateChainSha256
* removed tool to prepare for v5
* Add server cert pinning for Xtls
Change command "xray tls certChainHash" to xray style
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-22 12:38:40 +08:00
yuhan6665
45dc97e2b6
Use shadowsocket's bloomring for shadowsocket's replay protection ( #764 )
...
* use shadowsocket's bloomring for shadowsocket's replay protection
* added shadowsockets iv check for tcp socket
* Rename to shadowsockets iv check
* shadowsocks iv check config file
* iv check should proceed after decryption
* use shadowsocket's bloomring for shadowsocket's replay protection
* Chore: format code (#842 )
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-10-22 12:38:40 +08:00
yuhan6665
3bf3d96472
Fix: JSON tag case ( #1212 ) ( #778 )
...
JSON unmarshal is case insensitive in Golang
Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-10-22 12:38:40 +08:00
世界
a3023e43ef
Add routeOnly sniffing option
2021-10-22 11:57:23 +08:00
yuhan6665
6b6974c804
Fakedns improvements ( #731 )
...
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: sixg0000d <sixg0000d@gmail.com>
Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-10-20 13:15:49 +08:00