| 本帖最后由 MikuP 于 2022-5-9 01:18 编辑
前言:网上有许多搭建v2b和sspanle的教程,这里就不在重复,现在主要讲解如何对接XrayR后端
什么是XrayR?
前情提要
因为v2b过于简单,这里就拿ssp如何对接来做示范,以下节点为vm+ws+tls或Trojan+xtls
1.在管理页面添加节点,在节点地址这个栏目写上 IP或域名;任意端口;AlterlID;ws;tls;path=/“v-2-r-a-y”|server=服务器指向域名|host=服务器指向域名,不过填写时推荐填写域名,日后好方便换ip,因为ssp会自动将域名解析成ip
2.添加好后记下节点ip,写配置文件时有用,同时到节点端的etc/XrayR/config.yml里去对照面板配置去修改节点端配置文件,这里提供一个例子
Log:
Level: none # Log level: none, error, warning, info, debug
AccessPath: # /etc/XrayR/access.Log
ErrorPath: # /etc/XrayR/error.log
DnsConfigPath: # /etc/XrayR/dns.json # Path to dns config, check https://xtls.github.io/config/base/dns/ for help
RouteConfigPath: # /etc/XrayR/route.json # Path to route config, check https://xtls.github.io/config/base/route/ for help
OutboundConfigPath: # /etc/XrayR/custom_outbound.json # Path to custom outbound config, check https://xtls.github.io/config/base/outbound/ for help
ConnetionConfig:
Handshake: 4 # Handshake time limit, Second
ConnIdle: 30 # Connection idle time limit, Second
UplinkOnly: 2 # Time limit when the connection downstream is closed, Second
DownlinkOnly: 4 # Time limit when the connection is closed after the uplink is closed, Second
BufferSize: 64 # The internal cache size of each connection, kB
Nodes:
–
PanelType: "SSpanel" # Panel type: SSpanel, V2board, PMpanel, Proxypanel
ApiConfig:
DisableCustomConfig: true
ApiHost: "你的网址"
ApiKey: "你的密钥" #参考面板网页根目录里的config文件里的apikey
NodeID: 面板提供的节点ID
NodeType: V2ray # Node type: V2ray, Trojan, Shadowsocks, Shadowsocks-Plugin
Timeout: 30 # Timeout for the api request
EnableVless: false # Enable Vless for V2ray Type
EnableXTLS: false # Enable XTLS for V2ray and Trojan
SpeedLimit: 0 # Mbps, Local settings will replace remote settings, 0 means disable
DeviceLimit: 0 # Local settings will replace remote settings, 0 means disable
RuleListPath: # /etc/XrayR/rulelist Path to local rulelist file
ControllerConfig:
ListenIP: 0.0.0.0 # IP address you want to listen
SendIP: 0.0.0.0 # IP address you want to send pacakage
UpdatePeriodic: 60 # Time to update the nodeinfo, how many sec.
EnableDNS: false # Use custom DNS config, Please ensure that you set the dns.json well
DNSType: AsIs # AsIs, UseIP, UseIPv4, UseIPv6, DNS strategy
DisableUploadTraffic: false # Disable Upload Traffic to the panel
DisableGetRule: false # Disable Get Rule from the panel
DisableIVCheck: false # Disable the anti-reply protection for Shadowsocks
DisableSniffing: false # Disable domain sniffing
EnableProxyProtocol: false # Only works for WebSocket and TCP
EnableFallback: false # Only support for Trojan and Vless
FallBackConfigs: # Support multiple fallbacks
–
SNI: # TLS SNI(Server Name Indication), Empty for any
Path: # HTTP PATH, Empty for any
Dest: 80 # Required, Destination of fallback, check https://xtls.github.io/config/fallback/ for details.
ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for dsable
CertConfig:
CertMode: http # Option about how to get certificate: none, file, http, dns. Choose "none" will forcedly disable the tls config.
CertDomain: "解析的域名" # Domain to cert
CertFile: # Provided if the CertMode is file
KeyFile:
Provider: cloudflare # DNS cert provider, Get the full support list here: https://go-acme.github.io/lego/dns/
Email: 你的邮箱
DNSEnv: # DNS ENV option used by DNS provider
A: aaa
同时也支持单机器多节点对接,通常这会用来对接这个节点的中转,在上一个节点配置中加入即可,注意要按照格式,第一排需要空两格
–
PanelType: "SSpanel" # Panel type: SSpanel, V2board, PMpanel, Proxypanel
ApiConfig:
DisableCustomConfig: true
ApiHost: "你的网址"
ApiKey: "你的密钥"
NodeID: 面板提供的节点ID
NodeType: V2ray # Node type: V2ray, Trojan, Shadowsocks, Shadowsocks-Plugin
Timeout: 30 # Timeout for the api request
EnableVless: false # Enable Vless for V2ray Type
EnableXTLS: false # Enable XTLS for V2ray and Trojan
SpeedLimit: 0 # Mbps, Local settings will replace remote settings, 0 means disable
DeviceLimit: 0 # Local settings will replace remote settings, 0 means disable
RuleListPath: # /etc/XrayR/rulelist Path to local rulelist file
ControllerConfig:
ListenIP: 0.0.0.0 # IP address you want to listen
SendIP: 0.0.0.0 # IP address you want to send pacakage
UpdatePeriodic: 60 # Time to update the nodeinfo, how many sec.
EnableDNS: false # Use custom DNS config, Please ensure that you set the dns.json well
DNSType: AsIs # AsIs, UseIP, UseIPv4, UseIPv6, DNS strategy
DisableUploadTraffic: false # Disable Upload Traffic to the panel
DisableGetRule: false # Disable Get Rule from the panel
DisableIVCheck: false # Disable the anti-reply protection for Shadowsocks
DisableSniffing: false # Disable domain sniffing
EnableProxyProtocol: false # Only works for WebSocket and TCP
EnableFallback: false # Only support for Trojan and Vless
FallBackConfigs: # Support multiple fallbacks
–
SNI: # TLS SNI(Server Name Indication), Empty for any
Path: # HTTP PATH, Empty for any
Dest: 80 # Required, Destination of fallback, check https://xtls.github.io/config/fallback/ for details.
ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for dsable
CertConfig:
CertMode: http # Option about how to get certificate: none, file, http, dns. Choose "none" will forcedly disable the tls config.
CertDomain: "解析的域名" # Domain to cert
CertFile: # Provided if the CertMode is file
KeyFile:
Provider: cloudflare # DNS cert provider, Get the full support list here: https://go-acme.github.io/lego/dns/
Email: 你的邮箱
DNSEnv: # DNS ENV option used by DNS provider
A: aaa
3.重启XrayR,成功对接
注:如果需要更换成Trojan+xtls,在节点端运行两行命令即可,如果需要该回去就把两边的内容对调即可
sed -i ‘s/NodeType: V2ray/NodeType: Trojan/g’ /etc/XrayR/config.yml
sed -i ‘s/EnableXTLS: false/EnableXTLS: true/g’ /etc/XrayR/config.yml
xrayr restart
更改域名:
sed -i ‘s/CertDomain: "原域名"/CertDomain: "新域名"/g’ /etc/XrayR/config.yml
ssp必备审计,屏蔽矿池:
(.*.||)(zetpool|minerall|crazypool|kryptex|cruxpool|k1pool|fpmirror|flexpool|c3pool|multipools|sigmapool|2miners|minergate|comining|give-me-coins|hiveon|arsmine|baikalmine|solopool|litecoinpool|mining-dutch|clona|viabtc|maxhash|coinminerz|miningcore|uupool|minexmr|pandaminer|f2pool|sparkpool|poolin|slushpool|marathondh|pool.btc|sigmapoo|hashcity|solo-etc|nanopool|51szzc|666pool|91pool|atticpool|anomp|aapool|antpool|ash-shanghai.globalpool|asia.zcoin.miningpoolhub|blackpool|blockmasters|btchd|bitminter|bitcoin|bhdpool|bginpoolbaimin|bi-chi|bohemianpool|bixin|bwpool|btcguild|batpool|bw|btcc|btc|bitfury|bitclubnetwork|beepool|coinhive|chainpool|connectbtc|cybtc|canoepool|cryptograben|cryptonotepool|coinotron|dashcoinpool|dxpool|dwarfpool|dpool|dmpools|everstake|epool|ethpool|ethfans|easy2mine|ethermine|extremepool|firepool|fir|fkpool|flypool|f3pool|gridcash|gath3r|grin-pool|grinmint|gbminers|get.bi-chi|globalpool|give-me-ltc|honeyminer|honestmining|hashquark|hashrabbit|hummerpool|hdpool|h-pool|hashvault|hpool|huobipool|haopool).(com|cn|net|org|io|im|cc|pro|top|one|co|info|club|fr|tw|hk|eu|me|uk)
还需要强调的是,部署事一定要确保节点指定端口与80端口的开放,同时建议提前放行全部端口并删防火墙
|
嘟嘟社区