Skip to main content

Proxy

Configuration for proxies, supporting the following protocols: Shadowsocks, Trojan, Hysteria2, TUIC, SOCKS5, HTTP, Vmess, Vless. All optional fields of type bool default to false.

Shadowsocks

  • name (string), Required

    The proxy name, which must be unique globally.

  • method (string), Required

    Encryption method.

    AEAD-2022: 2022-blake3-aes-128-gcm, 2022-blake3-aes-256-gcm, 2022-blake3-chacha20-poly1305

    AEAD: chacha20-poly1305, aes-256-gcm, aes-128-gcm

    Stream: none, table, rc4, rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, cast5-cfb, des-cfb, idea-cfb, rc2-cfb, seed-cfb, salsa20, chacha20, chacha20-ietf.

  • password (string), Required

    The password.

  • server (string), Required

    The server address (IP or domain).

  • port (integer), Required

    The server port.

  • tfo (bool), Optional

    Whether to enable TCP Fast Open.

  • udp_relay (bool), Optional

    Whether to enable UDP relay.

  • obfs (string), Optional

    The obfuscation method. Possible values: http, tls.

  • obfs_host (string), Optional

    The hostname used for obfuscation.

  • obfs_uri (string), Optional

    The URI path used for obfuscation.

  • prev_hop (string), Optional

    The name of the proxy or policy group used as the previous hop.

Example configuration:

shadowsocks:
  name: "my-ss"
  method: "aes-256-gcm"
  password: "mypassword"
  server: "1.2.3.4"
  port: 8388
  tfo: true
  udp_relay: false
  obfs: "http"
  obfs_host: "example.com"
  obfs_uri: "/path"

Trojan

  • name (string), Required

    The proxy name, which must be unique globally.

  • server (string), Required

    The server address (IP or domain).

  • port (integer), Required

    The server port.

  • sni (string), Optional

    The SNI (Server Name Indication) used for TLS.

  • password (string), Required

    The password for the Trojan protocol.

  • tfo (bool), Optional

    Whether to enable TCP Fast Open.

  • udp_relay (bool), Optional

    Whether to enable UDP relay.

  • skip_tls_verify (bool), Optional

    Whether to skip TLS certificate verification.

  • websocket (object), Optional

    WebSocket configuration for Trojan:

    • path (string), Required

      The WebSocket path.

    • host (string), Optional

      The Host header for the WebSocket.

  • prev_hop (string), Optional

    The name of the proxy or policy group used as the previous hop.

Example configuration:

trojan:
  name: "my-trojan"
  server: "trojan.example.com"
  port: 443
  sni: "trojan.example.com"
  password: "trojanpass"
  tfo: true
  udp_relay: true
  skip_tls_verify: true
  websocket:
    path: "/ws"
    host: "trojan.example.com"

Hysteria2

  • name (string), Required

    The proxy name, which must be unique globally.

  • server (string), Required

    The server address (IP or domain).

  • port (integer), Required

    The server port.

  • auth (string), Required

    The password or token for Hysteria2 authentication.

  • sni (string), Optional

    The SNI (Server Name Indication) used for TLS.

  • obfs (string), Optional

    The obfuscation method. Possible values: salamander.

  • obfs_password (string), Optional

    The obfuscation password.

  • skip_tls_verify (bool), Optional

    Whether to skip TLS certificate verification.

  • port_hopping (string), Optional

    Port hopping configuration string. For example: 443,8000-9000.

  • port_hopping_interval (integer), Optional

    The port hopping interval (in seconds).

  • prev_hop (string), Optional

    The name of the proxy or policy group used as the previous hop.

Example configuration:

hysteria2:
  name: "my-hysteria2"
  server: "hysteria.example.com"
  port: 443
  auth: "my_auth_token"
  sni: "hysteria.example.com"
  obfs: "myobfs"
  obfs_password: "myobfspass"
  skip_tls_verify: true
  port_hopping: "443-447"
  port_hopping_interval: 60

TUIC

  • name (string), Required

    The proxy name, which must be unique globally.

  • server (string), Required

    The server address (IP or domain).

  • port (integer), Required

    The server port.

  • uuid (string), Required

    The UUID.

  • password (string), Required

    The password.

  • udp_relay_mode (string), Optional

    The UDP relay mode: native or quic.

  • alpn (array of string), Optional

    The list of ALPN values for TLS.

  • sni (string), Optional

    The SNI (Server Name Indication) used for TLS.

  • skip_tls_verify (bool), Optional

    Whether to skip TLS certificate verification.

  • port_hopping (string), Optional

    Port hopping configuration string. For example: 443,8000-9000.

  • port_hopping_interval (integer), Optional

    The port hopping interval (in seconds).

  • prev_hop (string), Optional

    The name of the proxy or policy group used as the previous hop.

Example configuration:

tuic:
  name: "my-tuic"
  server: "tuic.example.com"
  port: 443
  uuid: "22222222-2222-2222-2222-222222222222"
  password: "tuicpass"
  udp_relay_mode: "native"
  alpn:
  - "h2"
  - "http/1.1"
  sni: "tuic.example.com"
  skip_tls_verify: true
  port_hopping: "443,445,447"
  port_hopping_interval: 30

SOCKS5

  • name (string), Required

    The proxy name, which must be unique globally.

  • server (string), Required

    The server address (IP or domain).

  • port (integer), Required

    The server port.

  • username (string), Optional

    The username.

  • password (string), Optional

    The password.

  • tfo (bool), Optional

    Whether to enable TCP Fast Open.

  • udp_relay (bool), Optional

    Whether to enable UDP relay.

  • prev_hop (string), Optional

    The name of the proxy or policy group used as the previous hop.

Example configuration:

socks5:
  name: "my-socks5"
  server: "1.2.3.4"
  port: 1080
  username: "user"
  password: "pass"
  tfo: false
  udp_relay: true

HTTP

  • name (string), Required

    The proxy name, which must be unique globally.

  • server (string), Required

    The server address (IP or domain).

  • port (integer), Required

    The server port.

  • username (string), Optional

    The username for the HTTP proxy.

  • password (string), Optional

    The password for the HTTP proxy.

  • tfo (bool), Optional

    Whether to enable TCP Fast Open.

  • prev_hop (string), Optional

    The name of the proxy or policy group used as the previous hop.

Example configuration:

http:
  name: "my-http"
  server: "5.6.7.8"
  port: 8080
  username: "user"
  password: "pass"
  tfo: false

Vmess

  • name (string), Required

    The proxy name, which must be unique globally.

  • server (string), Required

    The server address (IP or domain).

  • port (integer), Required

    The server port.

  • user_id (string), Required

    The Vmess user ID (UUID).

  • security (string), Required

    The encryption method. Possible values: auto, aes-128-gcm, chacha20-poly1305, none, zero.

  • legacy (bool), Optional

    Whether to use the legacy Vmess format.

  • tfo (bool), Optional

    Whether to enable TCP Fast Open.

  • udp_relay (bool), Optional

    Whether to enable UDP relay.

  • transport (object), Optional

    The transport configuration. See Vmess Transport below.

  • prev_hop (string), Optional

    The name of the proxy or policy group used as the previous hop.

Example configuration:

vmess:
  name: "my-vmess"
  server: "vmess.example.com"
  port: 443
  user_id: "00000000-0000-0000-0000-000000000000"
  security: "auto"
  legacy: false
  tfo: true
  udp_relay: true
  transport:
    ws:
      path: "/myws"
      headers:
        Host: "vmess.example.com"

Vless

  • name (string), Required

    The proxy name, which must be unique globally.

  • server (string), Required

    The server address (IP or domain).

  • port (integer), Required

    The server port.

  • user_id (string), Required

    The Vless user ID (UUID).

  • tfo (bool), Optional

    Whether to enable TCP Fast Open.

  • udp_relay (bool), Optional

    Whether to enable UDP relay.

  • transport (object), Optional

    The transport configuration. See Vmess Transport below.

  • prev_hop (string), Optional

    The name of the proxy or policy group used as the previous hop.

Example configuration:

vless:
  name: "my-vless"
  server: "vless.example.com"
  port: 443
  user_id: "11111111-1111-1111-1111-111111111111"
  tfo: true
  udp_relay: false
  transport:
    wss:
      path: "/vlessws"
      sni: "vless.example.com"
      headers:
        Custom-Header: "MyValue"

Vmess Transport

Used in the transport field of Vmess or Vless proxies. Possible values and example configurations are as follows:

  1. HTTP 1

    transport:
      http1:
        method: "GET"
        path: "/"
        headers:
          User-Agent: "curl/7.77.0"
          Accept: "*/*"

  2. HTTP 2

    transport:
      http2:
        method: "GET"
        path: "/"
        headers:
          User-Agent: "curl/7.77.0"
          Accept: "*/*"
        skip_tls_verify: true

  3. Tls

    transport:
      tls:
        sni: "my-sni.example.com"
        skip_tls_verify: true

  4. Wss

    transport:
      wss:
        path: "/websocket"
        headers:
          Host: "myhost.example.com"
        sni: "my-sni.example.com"
        skip_tls_verify: false

  5. Ws

    transport:
      ws:
        path: "/ws"
        headers:
          Host: "myhost.example.com"