搭建联通大王卡免流服务器

找一些免流的混淆

可以用此项目扫描，确保混淆指向了CDN
支持 TLSv1.3 与 H2，域名非跳转

这里随便找的微信公众号的图片CDN，mmbiz.qpic.cn，具体地址点此

创建Docker镜像

# set alpine as the base image of the Dockerfile
FROM alpine:latest
 
COPY xray geosite.dat geoip.dat /bin/
 
ENTRYPOINT ["/bin/xray"]

mkdir -p ~/app/dawang && cd ~/app/dawang && nano Dockerfile && nano docker-compose.yml
安装解压软件：sudo apt install unzip
下载免流的服务端：wget https://ghproxy.com/https://github.com/XTLS/Xray-core/releases/download/v1.8.1/Xray-linux-64.zip -O tmp.zip
unzip tmp.zip && rm tmp.zip && chmod +x xray
sudo docker build -t limour/dawang .
sudo docker run –rm -it limour/dawang -version

运行服务端

version: '3.3'
services:
    dawang:
        ports:
            - '8443:8443'
        restart: always
        volumes:
            - './config.json:/bin/config.json'
        image: limour/dawang
        command: ["run", "-c", "/bin/config.json"]

{
    "log": {
        "loglevel": "warning"
    },
    "routing": {
        "domainStrategy": "IPIfNonMatch",
        "rules": [
            {
                "type": "field",
                "ip": [
                    "geoip:private"
                ],
                "outboundTag": "direct"
            }
        ]
    },
    "inbounds": [
        {
            "listen": "0.0.0.0",
            "port": 8443,
            "protocol": "vless",
            "settings": {
                "clients": [
                    {
                        "id": "87da6f7b-6cf6-4497-a131-74975c340e6f", // 执行 xray uuid 生成，或 1-30 字节的字符串
                        "flow": "xtls-rprx-vision"
                    }
                ],
                "decryption": "none"
            },
            "streamSettings": {
                "network": "tcp",
                "security": "reality",
                "realitySettings": {
                    "show": false, // 若为 true，输出调试信息
                    "dest": "mmbiz.qpic.cn:443", // 目标网站最低标准：大王卡免流的网站，支持 TLSv1.3、X25519 与 H2，域名非跳转用（主域名可能被用于跳转到 www）
                    "xver": 0,
                    "serverNames": [ // 客户端可用的 serverName 列表，暂不支持 * 通配符
                        "mmbiz.qpic.cn"
                    ],
                    "privateKey": "6KbP1iI3BSQnp2VNejyV2bMP0OnieLcTRG1oyYZdHUU", // 执行 xray x25519 生成，填 "Private key" 的值
                    "shortIds": [ // 客户端可用的 shortId 列表，可用于区分不同的客户端
                        "6ba85179e30d4fc2" // 0 到 f，长度为 2 的倍数，长度上限为 16，可留空，或执行 openssl rand -hex 8 生成
                    ]
                }
            },
            "sniffing": {
                "enabled": true,
                "destOverride": [
                    "http",
                    "tls"
                ]
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "freedom",
            "tag": "direct"
        },
        {
            "protocol": "blackhole",
            "tag": "block"
        }
    ],
    "policy": {
        "levels": {
            "0": {
                "handshake": 2,
                "connIdle": 120
            }
        }
    }
}

./xray uuid 获得id
./xray x25519 获得公钥和私钥
nano docker-compose.yml && nano ./config.json
sudo docker-compose up -d
sudo docker-compose logs
访问8443端口，看看证书是不是对的

运行客户端

# set-executionpolicy remotesigned
# New-PSDrive HKCR Registry HKEY_CLASSES_ROOT
# Set-ItemProperty HKCR:\\Microsoft.PowerShellScript.1\\Shell '(Default)' 0
.\xray.exe run -c .\config.json

{
    "log": {
        "loglevel": "warning"
    },
    "routing": {
        "domainStrategy": "IPIfNonMatch",
        "rules": [
            {
                "type": "field",
                "domain": [
                    "geosite:private"
                ],
                "outboundTag": "direct"
            },
            {
                "type": "field",
                "ip": [
                    "geoip:private"
                ],
                "outboundTag": "direct"
            }
        ]
    },
    "inbounds": [
        {
            "listen": "127.0.0.1",
            "port": 20808,
            "protocol": "socks",
            "settings": {
                "udp": true
            },
            "sniffing": {
                "enabled": true,
                "destOverride": [
                    "http",
                    "tls"
                ]
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "vless",
            "settings": {
                "vnext": [
                    {
                        "address": "limour.top", // 服务端的域名或 IP
                        "port": 8443,
                        "users": [
                            {
                                "id": "87da6f7b-6cf6-4497-a131-74975c340e6f", // 与服务端一致
                                "encryption": "none",
                                "flow": "xtls-rprx-vision"
                            }
                        ]
                    }
                ]
            },
            "streamSettings": {
                "network": "tcp",
                "security": "reality",
                "realitySettings": {
                    "show": false, // 若为 true，输出调试信息
                    "fingerprint": "edge", // 使用 uTLS 库模拟客户端 TLS 指纹
                    "serverName": "mmbiz.qpic.cn", // 与服务端一致
                    "publicKey": "7TIcih8pfj4b7pzqF16OeXapNHjnZkjgzlI_WJ7tsDo", // 服务端执行 xray x25519 生成，私钥对应的公钥，填 "Public key" 的值
                    "shortId": "6ba85179e30d4fc2", // 与服务端一致
                    "spiderX": "/mmbiz_png/HO0Z9pUcnJnQiaiazrLwZw0ATUfKWynJcuXGZ9KOosGW2U3ibMMGGzyT33ABf0YMYyJSVhQbLk96N4BibmObbgAD9w/0?wx_fmt=png" // 爬虫初始路径与参数，建议每个客户端不同
                }
            },
            "tag": "proxy"
        },
        {
            "protocol": "freedom",
            "tag": "direct"
        },
        {
            "protocol": "blackhole",
            "tag": "block"
        }
    ]
}

下载测试用的客户端
在程序目录下创建config.json，内容如上
运行powershell脚本
访问测试网址，判断是否生效

开源

搭建联通大王卡免流服务器

https://occdn.limour.top/2701.html

Author

Limour

Posted on

April 23, 2023

Licensed under

搭建自己的GPT之vicuna Previous

【杂感】观《汪诘：在空中爆炸的星舰，为何赢得全程掌声？》有感 Next