Skip to content

Configuration Guide

Jump to bottom
包布丁 edited this page Feb 10, 2022 · 4 revisions

The flexible and composable YtFlow configuration system allows you to customize every single bit of how YtFlowApp VPN works. For an extensive description about plugins, parameters and YtFlow internals, please refer to YtFlowCore-Book (TBD). The instructions below serves as a quick guide to spin up a working YtFlow Profile.

Prerequisite

In this guide, we assume YtFlow (next, version 1.0.0.0) has been installed on your device, with System VPN Profile properly set up.

We also recommend understanding the JSON format if necessary, so that you won't get into trouble later when editing the parameters. See What is JSON. Take note that JSON is sensitive about trailing commas.

Create a Profile

For first-time set up, you are required to create a new profile. As of version 1.0.0.0, the only tunable option is outbound type, where you can choose among Shadowsocks (with or without HTTP obfs), Trojan and HTTP Proxy. Enter a profile name and click 'Save'.

Edit Protocol Details

Click 'Edit' beside the new profile. Based on the outbound type chosen, navigate to corresponding plugins to enter server information.

Shadowsocks

Go to ss-client with the default parameter:

{
  "method": "aes-128-gcm",
  "password": {
    "__byte_repr": "utf8",
    "data": "my_ss_password"
  },
  "tcp_next": "proxy-redir.tcp",
  "udp_next": "null.udp"
}
  • Replace aes-128-gcm with the desired cipher/method. Supported methods: plain/none/rc4/rc4-md5/aes-128-cfb/aes-192-cfb/aes-256-cfb/aes-128-ctr/aes-192-ctr/aes-256-ctr/camellia-128-cfb/camellia-192-cfb/camellia-256-cfb/aes-128-gcm/aes-256-gcm/chacha20-ietf/chacha20-ietf-poly1305/xchacha20-ietf-poly1305. Note that chacha20, chacha20-poly1305 and aes-192-gcm are not supported.
  • Replace my_ss_password with your Shadowsocks password in text format.
  • Click 'Save' when done.

HTTP obfs

If you need your Shadowsocks stream obfuscated by HTTP headers, here are the extra steps to achieve that.

  • Create a new plugin ss-obfs-client with type http-obfs-client.
  • Replace null with the following JSON object:
{
  "host": "my.obfs.host.com",
  "path": "/",
  "next": "proxy-redir.tcp"
}

where my.obfs.host.com and / are obfs parameters.

  • Click 'Save' when done.
  • Go to ss-client, replace proxy-redir.tcp with ss-obfs-client.
  • Click 'Save' when done.

Trojan

Go to trojan-client with the default parameter:

{
  "password": {
    "__byte_repr": "utf8",
    "data": "my_trojan_password"
  },
  "tls_next": "trojan-client-tls.tcp"
}
  • Replace my_trojan_password with your Trojan password in text format.
  • Click 'Save' when done.

Go to trojan-tls-client with the default parameter:

{
  "next": "proxy-redir.tcp",
  "skip_cert_check": false,
  "sni": "my.trojan.proxy.server.com"
}
  • Replace my.trojan.proxy.server.com with your Trojan host name.
  • Change false to true if your certificate is invalid or untrusted. In this case, you will risk MITM attack.
  • Click 'Save' when done.

HTTP Proxy

No protocol-specific plugin parameters need changing.

Edit Server Details

Go to proxy-redir with the default parameter:

{
  "dest": {
    "host": "my.proxy.server.com.",
    "port": 8388
  },
  "tcp_next": "phy-socket",
  "udp_next": "phy-socket"
}
  • Replace my.proxy.server.com. with the domain name or IP address of your server.
  • Replace 8388 with your service port.
  • Click 'Save' when done.

Conclusion

If all parameters are valid and correct, you should be able to connect to your proxy server with this profile. Refer to YtFlowCore-Book (TBD) for more tweaks. Join our Telegram group YtFlow α for help and troubleshooting.

Clone this wiki locally