2gW94/proxy-xray
1
0
Fork 0
mirror of https://github.com/samuelhbne/proxy-xray.git synced 2025-12-17 04:34:37 +03:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Add --dns-local and --dns-local-cn support. Rename --china-direct to --cn-direct

Browse Source
This commit is contained in:
Samuel Huang
2021-08-30 14:05:43 +10:00
parent c6c6c91205
commit 397620a5c4
5 changed files with 55 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
Dockerfile.amd64
View File

@@ -8,6 +8,7 @@ RUN cd /tmp; wget -c -t3 -T30 https://github.com/Loyalsoldier/v2ray-rules-dat/re
RUN cd /tmp; wget -c -t3 -T30 https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/apple.china.conf
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/google.china.conf
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/bogus-nxdomain.china.conf
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/accelerated-domains.china.conf
@@ -23,19 +24,18 @@ COPY --from=builder /go/src/XTLS/Xray-core/xray /usr/local/bin/
COPY --from=builder /tmp/geosite.dat /usr/local/bin/
COPY --from=builder /tmp/geoip.dat /usr/local/bin/
RUN mkdir -p /etc/dnsmasq-china.d
RUN mkdir -p /etc/dnsmasq.disable
COPY --from=builder /tmp/apple.china.conf /etc/dnsmasq-china.d/
COPY --from=builder /tmp/bogus-nxdomain.china.conf /etc/dnsmasq-china.d/
COPY --from=builder /tmp/accelerated-domains.china.conf /etc/dnsmasq-china.d/
COPY --from=builder /tmp/apple.china.conf /etc/dnsmasq.disable/
COPY --from=builder /tmp/google.china.conf /etc/dnsmasq.disable/
COPY --from=builder /tmp/bogus-nxdomain.china.conf /etc/dnsmasq.disable/
COPY --from=builder /tmp/accelerated-domains.china.conf /etc/dnsmasq.disable/
RUN apk update && apk add bash openssl curl jq moreutils \
bind-tools whois dnsmasq ca-certificates proxychains-ng npm
whois dnsmasq ca-certificates proxychains-ng npm
RUN npm config set unsafe-perm true
RUN npm install -g qrcode-terminal
RUN echo -e "no-resolv\nserver=127.0.0.1#5353" >/etc/dnsmasq.d/upstream.conf
RUN sed -i "s/^socks4.*/socks5\t127.0.0.1 1080/g" /etc/proxychains/proxychains.conf
ADD proxy-ltx.sh /proxy-ltx.sh

14
Dockerfile.arm
View File

@@ -8,6 +8,7 @@ RUN cd /tmp; wget -c -t3 -T30 https://github.com/Loyalsoldier/v2ray-rules-dat/re
RUN cd /tmp; wget -c -t3 -T30 https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/apple.china.conf
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/google.china.conf
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/bogus-nxdomain.china.conf
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/accelerated-domains.china.conf
@@ -23,19 +24,18 @@ COPY --from=builder /go/src/XTLS/Xray-core/xray /usr/local/bin/
COPY --from=builder /tmp/geosite.dat /usr/local/bin/
COPY --from=builder /tmp/geoip.dat /usr/local/bin/
RUN mkdir -p /etc/dnsmasq-china.d
RUN mkdir -p /etc/dnsmasq.disable
COPY --from=builder /tmp/apple.china.conf /etc/dnsmasq-china.d/
COPY --from=builder /tmp/bogus-nxdomain.china.conf /etc/dnsmasq-china.d/
COPY --from=builder /tmp/accelerated-domains.china.conf /etc/dnsmasq-china.d/
COPY --from=builder /tmp/apple.china.conf /etc/dnsmasq.disable/
COPY --from=builder /tmp/google.china.conf /etc/dnsmasq.disable/
COPY --from=builder /tmp/bogus-nxdomain.china.conf /etc/dnsmasq.disable/
COPY --from=builder /tmp/accelerated-domains.china.conf /etc/dnsmasq.disable/
RUN apk update && apk add bash openssl curl jq moreutils \
bind-tools whois dnsmasq ca-certificates proxychains-ng npm
whois dnsmasq ca-certificates proxychains-ng npm
RUN npm config set unsafe-perm true
RUN npm install -g qrcode-terminal
RUN echo -e "no-resolv\nserver=127.0.0.1#5353" >/etc/dnsmasq.d/upstream.conf
RUN sed -i "s/^socks4.*/socks5\t127.0.0.1 1080/g" /etc/proxychains/proxychains.conf
ADD proxy-ltx.sh /proxy-ltx.sh

14
Dockerfile.arm64
View File

@@ -8,6 +8,7 @@ RUN cd /tmp; wget -c -t3 -T30 https://github.com/Loyalsoldier/v2ray-rules-dat/re
RUN cd /tmp; wget -c -t3 -T30 https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/apple.china.conf
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/google.china.conf
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/bogus-nxdomain.china.conf
RUN cd /tmp; wget -c -t3 -T30 https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/accelerated-domains.china.conf
@@ -23,19 +24,18 @@ COPY --from=builder /go/src/XTLS/Xray-core/xray /usr/local/bin/
COPY --from=builder /tmp/geosite.dat /usr/local/bin/
COPY --from=builder /tmp/geoip.dat /usr/local/bin/
RUN mkdir -p /etc/dnsmasq-china.d
RUN mkdir -p /etc/dnsmasq.disable
COPY --from=builder /tmp/apple.china.conf /etc/dnsmasq-china.d/
COPY --from=builder /tmp/bogus-nxdomain.china.conf /etc/dnsmasq-china.d/
COPY --from=builder /tmp/accelerated-domains.china.conf /etc/dnsmasq-china.d/
COPY --from=builder /tmp/apple.china.conf /etc/dnsmasq.disable/
COPY --from=builder /tmp/google.china.conf /etc/dnsmasq.disable/
COPY --from=builder /tmp/bogus-nxdomain.china.conf /etc/dnsmasq.disable/
COPY --from=builder /tmp/accelerated-domains.china.conf /etc/dnsmasq.disable/
RUN apk update && apk add bash openssl curl jq moreutils \
bind-tools whois dnsmasq ca-certificates proxychains-ng npm
whois dnsmasq ca-certificates proxychains-ng npm
RUN npm config set unsafe-perm true
RUN npm install -g qrcode-terminal
RUN echo -e "no-resolv\nserver=127.0.0.1#5353" >/etc/dnsmasq.d/upstream.conf
RUN sed -i "s/^socks4.*/socks5\t127.0.0.1 1080/g" /etc/proxychains/proxychains.conf
ADD proxy-ltx.sh /proxy-ltx.sh

12
README.md
View File

@@ -32,14 +32,16 @@ $ docker run --rm samuelhbne/proxy-xray
proxy-xray <connection-options>
-i|--stdin [Optional] Read config from stdin instead of auto generation
-d|--debug [Optional] Start in debug mode with verbose output
--dns <upstream-DNS-ip> [Optional] Designated upstream DNS server ip, 1.1.1.1 will be applied by default
--china-direct [Optional] Add routing rules to avoid domain and ip located in China being proxied
--dns <upstream-DNS-ip> [Optional] Designated upstream DNS server IP, 1.1.1.1 will be applied by default
--dns-local <local-conf-file> [Optional] Enable designated domain conf file. Like apple.china.conf
--dns-local-cn [Optional] Enable China related domains to be resolved in China
--domain-direct <domain-rule> [Optional] Add a domain rule for direct routing, likegeosite:geosite:geolocation-cn
--domain-proxy <domain-rule> [Optional] Add a domain rule for proxy routing, like twitter.com or geosite:google-cn
--domain-block <domain-rule> [Optional] Add a domain rule for block routing, like geosite:category-ads-all
--ip-direct <ip-rule> [Optional] Add a ip-addr rule for direct routing, like 114.114.114.114/32 or geoip:cn
--ip-proxy <ip-rule> [Optional] Add a ip-addr rule for proxy routing, like 1.1.1.1/32 or geoip:netflix
--ip-block <ip-rule> [Optional] Add a ip-addr rule for block routing, like geoip:private
--cn-direct [Optional] Add routing rules to avoid domains and IPs located in China being proxied
--ltx <VLESS-TCP-XTLS option> id@host:port
--ltt <VLESS-TCP-TLS option> id@host:port
--lttw <VLESS-TCP-TLS-WS option> id@host:port:/webpath
@@ -50,7 +52,7 @@ proxy-xray <connection-options>
--tttw <TROJAN-TCP-TLS-WS option> password@host:port:/webpath
$ docker run --name proxy-xray -p 2080:1080 -p 2080:1080/udp -p 8223:8123 -p 65353:53/udp \
-d samuelhbne/proxy-xray --ltx myid@mydomain.duckdns.org:443 --china-direct
-d samuelhbne/proxy-xray --ltx myid@mydomain.duckdns.org:443 --cn-direct
...
```
@@ -64,7 +66,7 @@ $ docker run --name proxy-xray -p 2080:1080 -p 2080:1080/udp -p 8223:8123 -p 653
### NOTE4
Name query for sites outside China like twitter.com will be always forwarded to designated DNS like 1.1.1.1 to avoid the contaminated result. Name query for sites inside China like apple.com.cn will be forwarded to local DNS servers in China to avoid cross region slow access when "--china-direct" options applied. Or dnsmasq will act as a forwarder only cache server otherwise.
Name query for sites outside China like twitter.com will be always forwarded to designated DNS like 1.1.1.1 to avoid the contaminated result. Name query for sites inside China like apple.com.cn will be forwarded to local DNS servers in China to avoid cross region slow access when "--cn-direct" options applied. Or dnsmasq will act as a forwarder only cache server otherwise.
## How to verify if proxy tunnel is working properly
@@ -122,7 +124,7 @@ The following instruction connect to Xray server port 443 in Vless+TCP+XTLS mode
```shell
$ docker run --name proxy-xray -p 1080:1080 -p 1080:1080/udp -d samuelhbne/proxy-xray \
--ltx myid@mydomain.duckdns.org:443 --china-direct
--ltx myid@mydomain.duckdns.org:443 --cn-direct
```
### 2. Connect to Vless+TCP+TLS+Websocket server

36
run.sh
View File

@@ -8,14 +8,16 @@ usage() {
echo "proxy-xray <connection-options>"
echo " -i|--stdin [Optional] Read config from stdin instead of auto generation"
echo " -d|--debug [Optional] Start in debug mode with verbose output"
echo " --dns <upstream-DNS-ip> [Optional] Designated upstream DNS server ip, 1.1.1.1 will be applied by default"
echo " --china-direct [Optional] Add routing rules to avoid domain and ip located in China being proxied"
echo " --dns <upstream-DNS-ip> [Optional] Designated upstream DNS server IP, 1.1.1.1 will be applied by default"
echo " --dns-local <local-conf-file> [Optional] Enable designated domain conf file. Like apple.china.conf"
echo " --dns-local-cn [Optional] Enable China related domains to be resolved in China"
echo " --domain-direct <domain-rule> [Optional] Add a domain rule for direct routing, likegeosite:geosite:geolocation-cn"
echo " --domain-proxy <domain-rule> [Optional] Add a domain rule for proxy routing, like twitter.com or geosite:google-cn"
echo " --domain-block <domain-rule> [Optional] Add a domain rule for block routing, like geosite:category-ads-all"
echo " --ip-direct <ip-rule> [Optional] Add a ip-addr rule for direct routing, like 114.114.114.114/32 or geoip:cn"
echo " --ip-proxy <ip-rule> [Optional] Add a ip-addr rule for proxy routing, like 1.1.1.1/32 or geoip:netflix"
echo " --ip-block <ip-rule> [Optional] Add a ip-addr rule for block routing, like geoip:private"
echo " --cn-direct [Optional] Add routing rules to avoid domains and IPs located in China being proxied"
echo " --ltx <VLESS-TCP-XTLS option> id@host:port"
echo " --ltt <VLESS-TCP-TLS option> id@host:port"
echo " --lttw <VLESS-TCP-TLS-WS option> id@host:port:/webpath"
@@ -31,7 +33,7 @@ usage() {
Jrules='{"rules":[]}'
TEMP=`getopt -o di --long ltx:,ltt:,lttw:,lttg:,mtt:,mttw:,ttt:,tttw:,ssa:,sst:,dns:,domain-direct:,domain-proxy:,domain-block:,ip-direct:,ip-proxy:,ip-block:,china-direct,stdin,debug -n "$0" -- $@`
TEMP=`getopt -o di --long ltx:,ltt:,lttw:,lttg:,mtt:,mttw:,ttt:,tttw:,ssa:,sst:,dns:,dns-local:,dns-local-cn,domain-direct:,domain-proxy:,domain-block:,ip-direct:,ip-proxy:,ip-block:,cn-direct,stdin,debug -n "$0" -- $@`
if [ $? != 0 ] ; then usage; exit 1 ; fi
eval set -- "$TEMP"
while true ; do
@@ -51,14 +53,28 @@ while true ; do
DNS=$2
shift 2
;;
--china-direct)
--dns-local)
DNSLOCAL+=$2
shift 2
;;
--dns-local-cn)
DNSLOCAL+="apple.china.conf"
DNSLOCAL+="google.china.conf"
DNSLOCAL+="bogus-nxdomain.china.conf"
DNSLOCAL+="accelerated-domains.china.conf"
shift 1
;;
--cn-direct)
Jrules=`echo "${Jrules}" | jq --arg igndomain "geosite:apple-cn" \
'.rules += [{"type":"field", "outboundTag":"direct", "domain":[$igndomain]}]'`
Jrules=`echo "${Jrules}" | jq --arg igndomain "geosite:google-cn" \
'.rules += [{"type":"field", "outboundTag":"direct", "domain":[$igndomain]}]'`
Jrules=`echo "${Jrules}" | jq --arg igndomain "geosite:geolocation-cn" \
'.rules += [{"type":"field", "outboundTag":"direct", "domain":[$igndomain]}]'`
Jrules=`echo "${Jrules}" | jq --arg igndomain "geosite:cn" \
'.rules += [{"type":"field", "outboundTag":"direct", "domain":[$igndomain]}]'`
Jrules=`echo "${Jrules}" | jq --arg ignip "geoip:cn" \
'.rules += [{"type":"field", "outboundTag":"direct", "ip":[$ignip]}]'`
IGCHINA=1
shift 1
;;
--domain-direct)
@@ -116,11 +132,13 @@ if [ "${XRAY}" != "1" ]; then
exit 1
fi
if [ "${IGCHINA}" = "1" ]; then
cp -a /etc/dnsmasq-china.d/*.china.conf /etc/dnsmasq.d/
else
rm -rf /etc/dnsmasq.d/*.china.conf
if [ -n "${DNSLOCAL}" ]; then
for dnslocal in "${DNSLOCAL}"
do
cp -a /etc/dnsmasq.disable/${dnslocal} /etc/dnsmasq.d/
done
fi
echo -e "no-resolv\nserver=127.0.0.1#5353" >/etc/dnsmasq.d/upstream.conf
/usr/sbin/dnsmasq
if [ -z "${DNS}" ]; then