入口分流
# 说明
v2ray流量分流
# 配置文件
- 实现一个接口访问所有,限制一个接口只能访问内部网络
{
"inbounds": [
{
"port": <PORT>,
"listen": "127.0.0.1",
"protocol": "vmess",
"tag": "main-in",
"settings": {
"clients": [
{
"id": <ID>,
"alterId": 0
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": <PATH>
}
}
},
{
"port": <PORT>,
"listen": "127.0.0.1",
"protocol": "vmess",
"tag": "local-service-in",
"settings": {
"clients": [
{
"id": <ID>,
"alterId": 0
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": <PATH>
}
}
}
],
"outbounds": [
{
"tag": "main-out",
"protocol": "freedom",
"settings": {}
},
{
"tag": "local-service-out",
"sendThrough": <本地虚拟IP>,
"protocol": "freedom",
"settings": {}
}
],
"routing": {
"rules": [
{
"type": "field",
"inboundTag": "local-service-in",
"outboundTag": "local-service-out"
},
{
"type": "field",
"inboundTag": "main-in",
"outboundTag": "main-out"
}
]
}
}
- 白名单模式,放行部分ip个域名
{
"inbounds": [
{
"port": <PORT>,
"listen": "127.0.0.1",
"protocol": "vmess",
"tag": "local-service-in",
"settings": {
"clients": [
{
"id": <ID>,
"alterId": 0
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": <PATH>
}
}
}
],
"outbounds": [
{
"tag": "local-service-out",
"protocol": "freedom",
"settings": {}
},
{
"protocol": "blackhole",
"tag": "Reject",
"settings": {}
}
],
"routing": {
"rules": [
{
"type": "field",
"ip":["1.1.1.2/32"],
"inboundTag": "local-service-in",
"outboundTag": "local-service-out"
},
{
"type": "field",
"domain":["domain:www.gstatic.com"],
"inboundTag": "local-service-in",
"outboundTag": "local-service-out"
},
{
"type": "field",
"outboundTag": "Reject",
"network": "tcp,udp",
"inboundTag": "local-service-in"
}
]
}
}
# caddy配置推荐
拒绝所有链接,只允许ws访问
<域名> {
tls {
protocols tls1.2 tls1.3
ciphers TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
curves x25519
}
@v2ray_websocket {
path <PATH>
header Connection Upgrade
header Upgrade websocket
}
reverse_proxy @v2ray_websocket localhost:<PORT>
@root {
path /
}
abort @root
}
上次更新: 2025/03/22, 03:52:10