Replies: 2 comments 4 replies
-
|
个人没用过 trojan-go,发言权有限,但是需要注意的是:回落是指 Xray 使用相应证书把流量做了TLS解密后,再转发到某处。看起来这里 trojan-go 以为流量是未经解密的,所以出了问题。个人不清楚 trojan-go 是否接受明文流量,不过您应该了解。 |
Beta Was this translation helpful? Give feedback.
-
|
我把trojan-go客户端配置抄到xray客户端配置中,如1楼配置有 SNI 指定。这样发到xray服务端,xray服务端读到 SNI 应该不能解密数据,再把数据转发给Trojan-go也许能成功。 |
Beta Was this translation helpful? Give feedback.
-
|
即便指定了 SNI,依然是先解密再按规则转发的。不论如何,除去潜在的不给证书故意让 Xray 无法解密之类的奇怪技巧(我没试过),回落转出去的一定是解密过的。 |
Beta Was this translation helpful? Give feedback.
-
|
其实我没太明白让它们共存的意义,因为毕竟 Xray 有 Trojan 协议,当然也是我不了解 trojan-go 的特性,可能说了外行话。
|
Beta Was this translation helpful? Give feedback.
-
|
感谢回复,不行我就先暂停,先用vless+xtls 非高峰时速度挺快,到时候再试试你说的 |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
找了其他资料,有篇是用Nginx放前置 走 L4 转发,再转发给内部其他代理。相对比较麻烦。
刚用xray,目前测试 vless+tcp+xtls to freedom 正常。
看文档xray自己有一个trojan的。但是我想用 xray 监听443 Trojan-go 监听其他端口,
实现:
browser -- Trojan-go -- xray client -- xray server -- Trojan-go -- www.google.com
或
browser -- xray client (加 trojan配置) -- xray server -- Trojan-go -- www.google.com
能否实现?调了半天没成功。数据是回落到Trojan-go了
Trojan-go错误:failed to perform tls handshake with
失败配置
Client.json
{ "log": { "loglevel": "warning" }, "inbounds": [ { "tag":"in-vless", "port": 8066, "listen": "127.0.0.1", "protocol": "socks", "settings": {"udp": true} }, { "tag":"in-Trojan-go", "port": 8055, "listen": "127.0.0.1", "protocol": "socks", "settings": {"udp": true} } ], "outbounds": [ { "tag":"out-vless", "protocol": "vless", "settings": { "vnext": [ { "address": "服务器ip", "port": 443, "users": [ { "id": "uuid", "encryption": "none" } ] } ] }, // "mux": {"enabled": true} "streamSettings": { "network": "tcp", "security": "xtls", "xtlsSettings": { "serverName": "域名" } } }, { "tag": "direct", "protocol": "freedom" }, { "tag": "blocked", "protocol": "blackhole" }, { "tag":"out-Trojan-go", "protocol": "trojan", "settings": { "servers": [ { "address": "服务器ip", "port": 443, "password": "密码" } ] }, "streamSettings": { "network": "tcp", "security": "tls", "tlsSettings": { "serverName": "Trojan-go域名" } } } ], "routing":{ "domainStrategy":"IPOnDemand", "rules":[ { "type":"field", "inboundTag":["in-Trojan-go"], "outboundTag":"out-Trojan-go" }, { "type":"field", "inboundTag":["in-vless"], "ip":["geoip:private"], "outboundTag":"direct" }, { "type":"field", "inboundTag":["in-vless"], "ip":["geoip:cn"], "outboundTag":"direct" } ] } }Server.json
{ "log": {"loglevel": "warning"}, "inbounds": [ { "tag": "in_vless", "port": 443, "protocol": "vless", "settings": { "clients": [ { "id": "uuid" } ], "decryption": "none", "fallbacks": [ { "dest": 80// 默认 }, { "name": "Trojan-go域名", "dest": 40001, // Trojan-go的监听端口,回落到 Trojan-go 协议 "xver": 1 } ] }, "streamSettings": { "network": "tcp", "security": "tls", "tlsSettings": { "alpn": [ "h2", "http/1.1" ], "certificates": [ { "certificateFile": "./caddy/xxxx", "keyFile": "./caddy/xxxx" } ] } } } ], "outbounds": [ { "tag": "out_freedom", "protocol": "freedom" } ] }Beta Was this translation helpful? Give feedback.
All reactions