Proxy
Configuration for proxies, supporting the following protocols: Shadowsocks
, Trojan
, Hysteria2
, TUIC
, SOCKS5
, HTTP
, Vmess
, Vless
. All optional fields of type bool
default to false
.
Shadowsocks
-
name (string), Required
The proxy name, which must be unique globally.
-
method (string), Required
Encryption method.
AEAD-2022:
2022-blake3-aes-128-gcm
,2022-blake3-aes-256-gcm
,2022-blake3-chacha20-poly1305
AEAD:
chacha20-poly1305
,aes-256-gcm
,aes-128-gcm
Stream:
none
,table
,rc4
,rc4-md5
,aes-128-cfb
,aes-192-cfb
,aes-256-cfb
,aes-128-ctr
,aes-192-ctr
,aes-256-ctr
,bf-cfb
,camellia-128-cfb
,camellia-192-cfb
,camellia-256-cfb
,cast5-cfb
,des-cfb
,idea-cfb
,rc2-cfb
,seed-cfb
,salsa20
,chacha20
,chacha20-ietf
. -
password (string), Required
The password.
-
server (string), Required
The server address (IP or domain).
-
port (integer), Required
The server port.
-
tfo (bool), Optional
Whether to enable TCP Fast Open.
-
udp_relay (bool), Optional
Whether to enable UDP relay.
-
obfs (string), Optional
The obfuscation method. Possible values:
http
,tls
. -
obfs_host (string), Optional
The hostname used for obfuscation.
-
obfs_uri (string), Optional
The URI path used for obfuscation.
-
prev_hop (string), Optional
The name of the proxy or policy group used as the previous hop.
Example configuration:
shadowsocks:
name: "my-ss"
method: "aes-256-gcm"
password: "mypassword"
server: "1.2.3.4"
port: 8388
tfo: true
udp_relay: false
obfs: "http"
obfs_host: "example.com"
obfs_uri: "/path"
Trojan
-
name (string), Required
The proxy name, which must be unique globally.
-
server (string), Required
The server address (IP or domain).
-
port (integer), Required
The server port.
-
sni (string), Optional
The SNI (Server Name Indication) used for TLS.
-
password (string), Required
The password for the Trojan protocol.
-
tfo (bool), Optional
Whether to enable TCP Fast Open.
-
udp_relay (bool), Optional
Whether to enable UDP relay.
-
skip_tls_verify (bool), Optional
Whether to skip TLS certificate verification.
-
websocket (object), Optional
WebSocket configuration for Trojan:
-
path (string), Required
The WebSocket path.
-
host (string), Optional
The Host header for the WebSocket.
-
-
prev_hop (string), Optional
The name of the proxy or policy group used as the previous hop.
Example configuration:
trojan:
name: "my-trojan"
server: "trojan.example.com"
port: 443
sni: "trojan.example.com"
password: "trojanpass"
tfo: true
udp_relay: true
skip_tls_verify: true
websocket:
path: "/ws"
host: "trojan.example.com"
Hysteria2
-
name (string), Required
The proxy name, which must be unique globally.
-
server (string), Required
The server address (IP or domain).
-
port (integer), Required
The server port.
-
auth (string), Required
The password or token for Hysteria2 authentication.
-
sni (string), Optional
The SNI (Server Name Indication) used for TLS.
-
obfs (string), Optional
The obfuscation method. Possible values:
salamander
. -
obfs_password (string), Optional
The obfuscation password.
-
skip_tls_verify (bool), Optional
Whether to skip TLS certificate verification.
-
port_hopping (string), Optional
Port hopping configuration string. For example:
443,8000-9000
. -
port_hopping_interval (integer), Optional
The port hopping interval (in seconds).
-
prev_hop (string), Optional
The name of the proxy or policy group used as the previous hop.
Example configuration:
hysteria2:
name: "my-hysteria2"
server: "hysteria.example.com"
port: 443
auth: "my_auth_token"
sni: "hysteria.example.com"
obfs: "myobfs"
obfs_password: "myobfspass"
skip_tls_verify: true
port_hopping: "443-447"
port_hopping_interval: 60
TUIC
-
name (string), Required
The proxy name, which must be unique globally.
-
server (string), Required
The server address (IP or domain).
-
port (integer), Required
The server port.
-
uuid (string), Required
The UUID.
-
password (string), Required
The password.
-
udp_relay_mode (string), Optional
The UDP relay mode:
native
orquic
. -
alpn (array of string), Optional
The list of ALPN values for TLS.
-
sni (string), Optional
The SNI (Server Name Indication) used for TLS.
-
skip_tls_verify (bool), Optional
Whether to skip TLS certificate verification.
-
port_hopping (string), Optional
Port hopping configuration string. For example:
443,8000-9000
. -
port_hopping_interval (integer), Optional
The port hopping interval (in seconds).
-
prev_hop (string), Optional
The name of the proxy or policy group used as the previous hop.
Example configuration:
tuic:
name: "my-tuic"
server: "tuic.example.com"
port: 443
uuid: "22222222-2222-2222-2222-222222222222"
password: "tuicpass"
udp_relay_mode: "native"
alpn:
- "h2"
- "http/1.1"
sni: "tuic.example.com"
skip_tls_verify: true
port_hopping: "443,445,447"
port_hopping_interval: 30
SOCKS5
-
name (string), Required
The proxy name, which must be unique globally.
-
server (string), Required
The server address (IP or domain).
-
port (integer), Required
The server port.
-
username (string), Optional
The username.
-
password (string), Optional
The password.
-
tfo (bool), Optional
Whether to enable TCP Fast Open.
-
udp_relay (bool), Optional
Whether to enable UDP relay.
-
prev_hop (string), Optional
The name of the proxy or policy group used as the previous hop.
Example configuration:
socks5:
name: "my-socks5"
server: "1.2.3.4"
port: 1080
username: "user"
password: "pass"
tfo: false
udp_relay: true
HTTP
-
name (string), Required
The proxy name, which must be unique globally.
-
server (string), Required
The server address (IP or domain).
-
port (integer), Required
The server port.
-
username (string), Optional
The username for the HTTP proxy.
-
password (string), Optional
The password for the HTTP proxy.
-
tfo (bool), Optional
Whether to enable TCP Fast Open.
-
prev_hop (string), Optional
The name of the proxy or policy group used as the previous hop.
Example configuration:
http:
name: "my-http"
server: "5.6.7.8"
port: 8080
username: "user"
password: "pass"
tfo: false
Vmess
-
name (string), Required
The proxy name, which must be unique globally.
-
server (string), Required
The server address (IP or domain).
-
port (integer), Required
The server port.
-
user_id (string), Required
The Vmess user ID (UUID).
-
security (string), Required
The encryption method. Possible values:
auto
,aes-128-gcm
,chacha20-poly1305
,none
,zero
. -
legacy (bool), Optional
Whether to use the legacy Vmess format.
-
tfo (bool), Optional
Whether to enable TCP Fast Open.
-
udp_relay (bool), Optional
Whether to enable UDP relay.
-
transport (object), Optional
The transport configuration. See Vmess Transport below.
-
prev_hop (string), Optional
The name of the proxy or policy group used as the previous hop.
Example configuration:
vmess:
name: "my-vmess"
server: "vmess.example.com"
port: 443
user_id: "00000000-0000-0000-0000-000000000000"
security: "auto"
legacy: false
tfo: true
udp_relay: true
transport:
ws:
path: "/myws"
headers:
Host: "vmess.example.com"
Vless
-
name (string), Required
The proxy name, which must be unique globally.
-
server (string), Required
The server address (IP or domain).
-
port (integer), Required
The server port.
-
user_id (string), Required
The Vless user ID (UUID).
-
tfo (bool), Optional
Whether to enable TCP Fast Open.
-
udp_relay (bool), Optional
Whether to enable UDP relay.
-
transport (object), Optional
The transport configuration. See Vmess Transport below.
-
prev_hop (string), Optional
The name of the proxy or policy group used as the previous hop.
Example configuration:
vless:
name: "my-vless"
server: "vless.example.com"
port: 443
user_id: "11111111-1111-1111-1111-111111111111"
tfo: true
udp_relay: false
transport:
wss:
path: "/vlessws"
sni: "vless.example.com"
headers:
Custom-Header: "MyValue"
Vmess Transport
Used in the transport
field of Vmess or Vless proxies. Possible values and example configurations are as follows:
-
HTTP 1
transport:
http1:
method: "GET"
path: "/"
headers:
User-Agent: "curl/7.77.0"
Accept: "*/*" -
HTTP 2
transport:
http2:
method: "GET"
path: "/"
headers:
User-Agent: "curl/7.77.0"
Accept: "*/*"
skip_tls_verify: true -
Tls
transport:
tls:
sni: "my-sni.example.com"
skip_tls_verify: true -
Wss
transport:
wss:
path: "/websocket"
headers:
Host: "myhost.example.com"
sni: "my-sni.example.com"
skip_tls_verify: false -
Ws
transport:
ws:
path: "/ws"
headers:
Host: "myhost.example.com"