--rules-path support

2025-12-18 13:14:36 +03:00 · 2021-08-30 23:35:19 +10:00
parent 38164d1995
commit 2d03dc5df9
2 changed files with 40 additions and 28 deletions
--- a/README.md
+++ b/README.md
@@ -30,18 +30,6 @@ Please replace "amd64" with the arch match the current box accordingly. Other su
 ```shell
 $ docker run --rm samuelhbne/proxy-xray
 proxy-xray <connection-options>
-    -i|--stdin                         [Optional] Read config from stdin instead of auto generation
-    -d|--debug                         [Optional] Start in debug mode with verbose output
-    --dns <upstream-DNS-ip>            [Optional] Designated upstream DNS server IP, 1.1.1.1 will be applied by default
-    --dns-local <local-conf-file>      [Optional] Enable designated domain conf file. Like apple.china.conf
-    --dns-local-cn                     [Optional] Enable China related domains to be resolved in China
-    --domain-direct <domain-rule>      [Optional] Add a domain rule for direct routing, likegeosite:geosite:geolocation-cn
-    --domain-proxy  <domain-rule>      [Optional] Add a domain rule for proxy routing, like twitter.com or geosite:google-cn
-    --domain-block  <domain-rule>      [Optional] Add a domain rule for block routing, like geosite:category-ads-all
-    --ip-direct     <ip-rule>          [Optional] Add a ip-addr rule for direct routing, like 114.114.114.114/32 or geoip:cn
-    --ip-proxy      <ip-rule>          [Optional] Add a ip-addr rule for proxy routing, like 1.1.1.1/32 or geoip:netflix
-    --ip-block      <ip-rule>          [Optional] Add a ip-addr rule for block routing, like geoip:private
-    --cn-direct                        [Optional] Add routing rules to avoid domains and IPs located in China being proxied
    --ltx  <VLESS-TCP-XTLS option>     id@host:port
    --ltt  <VLESS-TCP-TLS option>      id@host:port
    --lttw <VLESS-TCP-TLS-WS option>   id@host:port:/webpath
@@ -50,6 +38,19 @@ proxy-xray <connection-options>
    --mttw <VMESS-TCP-TLS-WS option>   id@host:port:/webpath
    --ttt  <TROJAN-TCP-TLS option>     password@host:port
    --tttw <TROJAN-TCP-TLS-WS option>  password@host:port:/webpath
+    -d|--debug                         [Optional] Start in debug mode with verbose output
+    -i|--stdin                         [Optional] Read config from stdin instead of auto generation
+    --dns <upstream-DNS-ip>            [Optional] Designated upstream DNS server IP, 1.1.1.1 will be applied by default
+    --dns-local <local-conf-file>      [Optional] Enable designated domain conf file. Like apple.china.conf
+    --dns-local-cn                     [Optional] Enable China-accessible domains to be resolved in China
+    --domain-direct <domain-rule>      [Optional] Add a domain rule for direct routing, likegeosite:geosite:geolocation-cn
+    --domain-proxy  <domain-rule>      [Optional] Add a domain rule for proxy routing, like twitter.com or geosite:google-cn
+    --domain-block  <domain-rule>      [Optional] Add a domain rule for block routing, like geosite:category-ads-all
+    --ip-direct     <ip-rule>          [Optional] Add a ip-addr rule for direct routing, like 114.114.114.114/32 or geoip:cn
+    --ip-proxy      <ip-rule>          [Optional] Add a ip-addr rule for proxy routing, like 1.1.1.1/32 or geoip:netflix
+    --ip-block      <ip-rule>          [Optional] Add a ip-addr rule for block routing, like geoip:private
+    --cn-direct                        [Optional] Add routing rules to avoid domains and IPs located in China being proxied
+    --rules-path    <rules-dir-path>   [Optional] Folder path contents geoip.dat, geosite.dat and other rule files

 $ docker run --name proxy-xray -p 2080:1080 -p 2080:1080/udp -p 8223:8123 -p 65353:53/udp \
 -d samuelhbne/proxy-xray --ltx myid@mydomain.duckdns.org:443 --cn-direct --dns-local-cn
@@ -148,11 +149,17 @@ $ docker run --name proxy-xray -p 1080:1080 samuelhbne/proxy-xray \

 ### 4. Connect to TCP+TLS+Trojan server

-The following instruction connect to Xray server port 443 in TCP+TLS+Trojan mode with given password.
+The following instruction connect to Xray server port 443 in TCP+TLS+Trojan mode with given password; Update geosite and geoip rule dat files; All sites and IPs located in Iran will be connected directed.

 ```shell
-$ docker run --name proxy-xray -p 1080:1080 -d samuelhbne/proxy-xray \
--ttt trojan_pass@mydomain.duckdns.org:8443
+$ mkdir -p /tmp/rules
+$ cd /tmp/rules
+$ wget -c -t3 -T30 https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat
+$ wget -c -t3 -T30 https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
+$ wget -c -t3 -T30 https://github.com/SamadiPour/iran-hosted-domains/releases/download/202108210015/iran.dat
+$ docker run --name proxy-xray -p 1080:1080 -v /tmp/rules:/opt/rules -d samuelhbne/proxy-xray \
+--ttt trojan_pass@mydomain.duckdns.org:8443 \
+--rules-path /opt/rules --domain-direct ext:iran.dat:ir --ip-direct geoip:ir
 ```

 ### 5. Start proxy-xray container in debug mode for for connection issue diagnosis
--- a/run.sh
+++ b/run.sh
@@ -6,18 +6,6 @@ XCONF=/tmp/proxy-xray.json

 usage() {
    echo "proxy-xray <connection-options>"
-    echo "    -i|--stdin                         [Optional] Read config from stdin instead of auto generation"
-    echo "    -d|--debug                         [Optional] Start in debug mode with verbose output"
-    echo "    --dns <upstream-DNS-ip>            [Optional] Designated upstream DNS server IP, 1.1.1.1 will be applied by default"
-    echo "    --dns-local <local-conf-file>      [Optional] Enable designated domain conf file. Like apple.china.conf"
-    echo "    --dns-local-cn                     [Optional] Enable China related domains to be resolved in China"
-    echo "    --domain-direct <domain-rule>      [Optional] Add a domain rule for direct routing, likegeosite:geosite:geolocation-cn"
-    echo "    --domain-proxy  <domain-rule>      [Optional] Add a domain rule for proxy routing, like twitter.com or geosite:google-cn"
-    echo "    --domain-block  <domain-rule>      [Optional] Add a domain rule for block routing, like geosite:category-ads-all"
-    echo "    --ip-direct     <ip-rule>          [Optional] Add a ip-addr rule for direct routing, like 114.114.114.114/32 or geoip:cn"
-    echo "    --ip-proxy      <ip-rule>          [Optional] Add a ip-addr rule for proxy routing, like 1.1.1.1/32 or geoip:netflix"
-    echo "    --ip-block      <ip-rule>          [Optional] Add a ip-addr rule for block routing, like geoip:private"
-    echo "    --cn-direct                        [Optional] Add routing rules to avoid domains and IPs located in China being proxied"
    echo "    --ltx  <VLESS-TCP-XTLS option>     id@host:port"
    echo "    --ltt  <VLESS-TCP-TLS option>      id@host:port"
    echo "    --lttw <VLESS-TCP-TLS-WS option>   id@host:port:/webpath"
@@ -28,12 +16,25 @@ usage() {
    echo "    --tttw <TROJAN-TCP-TLS-WS option>  password@host:port:/webpath"
 #   echo "    --ssa  <Shadowsocks-AEAD option>   password:method@host:port"
 #   echo "    --sst  <Shadowsocks-TCP option>    password:method@host:port"
+    echo "    -d|--debug                         [Optional] Start in debug mode with verbose output"
+    echo "    -i|--stdin                         [Optional] Read config from stdin instead of auto generation"
+    echo "    --dns <upstream-DNS-ip>            [Optional] Designated upstream DNS server IP, 1.1.1.1 will be applied by default"
+    echo "    --dns-local <local-conf-file>      [Optional] Enable designated domain conf file. Like apple.china.conf"
+    echo "    --dns-local-cn                     [Optional] Enable China-accessible domains to be resolved in China"
+    echo "    --domain-direct <domain-rule>      [Optional] Add a domain rule for direct routing, likegeosite:geosite:geolocation-cn"
+    echo "    --domain-proxy  <domain-rule>      [Optional] Add a domain rule for proxy routing, like twitter.com or geosite:google-cn"
+    echo "    --domain-block  <domain-rule>      [Optional] Add a domain rule for block routing, like geosite:category-ads-all"
+    echo "    --ip-direct     <ip-rule>          [Optional] Add a ip-addr rule for direct routing, like 114.114.114.114/32 or geoip:cn"
+    echo "    --ip-proxy      <ip-rule>          [Optional] Add a ip-addr rule for proxy routing, like 1.1.1.1/32 or geoip:netflix"
+    echo "    --ip-block      <ip-rule>          [Optional] Add a ip-addr rule for block routing, like geoip:private"
+    echo "    --cn-direct                        [Optional] Add routing rules to avoid domains and IPs located in China being proxied"
+    echo "    --rules-path    <rules-dir-path>   [Optional] Folder path contents geoip.dat, geosite.dat and other rule files"
 }


 Jrules='{"rules":[]}'

-TEMP=`getopt -o di --long ltx:,ltt:,lttw:,lttg:,mtt:,mttw:,ttt:,tttw:,ssa:,sst:,dns:,dns-local:,dns-local-cn,domain-direct:,domain-proxy:,domain-block:,ip-direct:,ip-proxy:,ip-block:,cn-direct,stdin,debug -n "$0" -- $@`
+TEMP=`getopt -o di --long ltx:,ltt:,lttw:,lttg:,mtt:,mttw:,ttt:,tttw:,ssa:,sst:,stdin,debug,dns:,dns-local:,dns-local-cn,domain-direct:,domain-proxy:,domain-block:,ip-direct:,ip-proxy:,ip-block:,cn-direct,rules-path: -n "$0" -- $@`
 if [ $? != 0 ] ; then usage; exit 1 ; fi
 eval set -- "$TEMP"
 while true ; do
@@ -107,6 +108,10 @@ while true ; do
            '.rules += [{"type":"field", "outboundTag":"block", "ip":[$blkip]}]'`
            shift 2
            ;;
+        --rules-path)
+            export XRAY_LOCATION_ASSET=$2
+            shift 2
+            ;;
        -i|--stdin)
            STDINCONF=1
            XRAY=1