介绍
书接上回,我们在继续解锁奈飞(二)-DNS篇-入门到进阶中,留下了两点思考
- dns解锁鸡会占用80、443端口,解锁鸡想用这两个端口怎么办?
- 港澳台的nat(动态)家宽,ip经常会变,没有80、443端口,如何用于解锁?
要解决这两个问题,就要用到我们今天提出方法了,修改*ray的配置文件实现域名分流。那这两个问题先按下不表,在上一篇教程中我们是通过dnsmasq实现奈飞所有域名使用解锁鸡dns解析的,其实有更简单的方法,我们可以通过对*ray配置文件的修改来实现。
原理
我们知道,不管是那哪种ray(现在应该就两种吧),它的配置文件的主体是inbounds、outbounds、routing。
- inbounds负责告诉*ray流量怎么进,哪种协议进
- outbounds负责告诉*ray流量怎么出,哪种协议出
- routing负责告诉*ray从从inbounds到outbounds的路怎么走
所以我们可以通过设置多个outbounds,编辑不同routing的规则告诉*ray不同的流量走不同的outbounds。
实操
一般情况下*ray的配置文件于/etc/xray/或者/etc/v2ray/,当然如果你是使用其他脚本安装的,那你需要自己去脚本的项目地址看下咯。
我们先来看一段原始的config.json
{
"log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "none"
},
"inbounds": [
{
"port": 62570,
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "fdc6e7f0-fceb-11eb-95c8-a25b020000ed",
"alterId": 0
}
]
},
"streamSettings": {
"network": "tcp",
"security": "none",
"tlsSettings": {},
"tcpSettings": {},
"kcpSettings": {},
"wsSettings": {},
"httpSettings": {},
"quicSettings": {},
"grpcSettings": {}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
},
{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
}
],
"routing": {
"rules": [
{
"type": "field",
"ip": ["geoip:private"],
"outboundTag": "blocked"
}
]
}
}
这段配置文件中,inbounds部分有一个vmess协议,outbounds部分一个freedom协议,一个blackhole协议,routing中一条规则,这条规则告诉*ray入口的IP地址符合geoip:private这个规则时,就走blocked协议,而由于*ray的规则默认走出口的第一条协议的,所以不符合这个routing规则所有其他IP都会直接走第一个freedom协议出去。
那我们现在来配合已经具备解锁能力的小鸡来修改配置文件
DNS分流
{
"log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "none"
},
"inbounds": [
{
"port": 62570,
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "fdc6e7f0-fceb-11eb-95c8-a25b020000ed",
"alterId": 0
}
]
},
"streamSettings": {
"network": "tcp",
"security": "none",
"tlsSettings": {},
"tcpSettings": {},
"kcpSettings": {},
"wsSettings": {},
"httpSettings": {},
"quicSettings": {},
"grpcSettings": {}
}
},
"sniffing": {
"enabled": true, //一定要开启 sniffing,V2Ray 才能识别 Netflix 的流量
"destOverride": ["http", "tls"]
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {"domainStrategy": "UseIP"} // 必须设定 domainStrategy 为 UseIP 以使用内置的DNS
}
],
"routing": {
"rules": [ ]
},
"dns": {
"servers": [
"8.8.8.8",
{
"address": "x.x.x.x", // DNS 解锁提供的 IP
"port": 53,
"domains": ["geosite:netflix"]
}
]
}
}
如此便能达到上一篇教程dnsmasq实现的功能了,而且也更为方便。
看到这里的小伙伴,对于
- dns解锁鸡会占用80、443端口,解锁鸡想用这两个端口怎么办?
- 港澳台的nat(动态)家宽,ip经常会变,没有80、443端口,如何用于解锁?
这两个问题,你是否有了解决问题的思路了呢?没错,我们可以直接修改outbounds,将解锁鸡的ss,socks5等等协议修改为我们的outbounds,再配合routing规则让奈飞的流量走这些协议出去,从而实现解锁。那如上那两个问题就迎刃而解了。直接看配置文件。
ss做outbounds
{
"log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "none"
},
"inbounds": [
{
"port": 62570,
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "fdc6e7f0-fceb-11eb-95c8-a25b020000ed",
"alterId": 0
}
]
},
"streamSettings": {
"network": "tcp",
"security": "none",
"tlsSettings": {},
"tcpSettings": {},
"kcpSettings": {},
"wsSettings": {},
"httpSettings": {},
"quicSettings": {},
"grpcSettings": {}
}
},
"sniffing": {
"enabled": true, //一定要开启 sniffing,V2Ray 才能识别 Netflix 的流量
"destOverride": ["http", "tls"]
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
},
{
"tag": "VPS1",
"protocol": "shadowsocks",
"settings": {
"servers": [
{
"address": "x.x.x.x", //解锁鸡IP
"method": "aes-256-gcm", //ss加密方式
"ota": false,
"password": "xxxxxx", //ss密码
"port": xxxx //ss监听端口
}
]
}
}
],
"routing": {
"rules": [
{
"type": "field",
"outboundTag": "VPS1",
"domain": ["geosite:netflix"] //如果你的小鸡油管送中谷歌跳验证码,还可以添加geosite:google","geosite:youtube",让油管谷歌流量也走解锁鸡
}
]
}
}
socks5做outbounds
{
"log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "none"
},
"inbounds": [
{
"port": 62570,
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "fdc6e7f0-fceb-11eb-95c8-a25b020000ed",
"alterId": 0
}
]
},
"streamSettings": {
"network": "tcp",
"security": "none",
"tlsSettings": {},
"tcpSettings": {},
"kcpSettings": {},
"wsSettings": {},
"httpSettings": {},
"quicSettings": {},
"grpcSettings": {}
}
},
"sniffing": {
"enabled": true, //一定要开启 sniffing,V2Ray 才能识别 Netflix 的流量
"destOverride": ["http", "tls"]
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
},
{
"tag": "VPS1",
"protocol": "socks",
"settings": {
"servers": [
{
"address": "x.x.x.x", //解锁鸡IP
"ota": false,
"port": xxxx, //sock5监听端口
"users": [
{
"user": "xxx", //socks5用户名
"pass": "xxx" //密码
}
]
}
]
}
}
],
"routing": {
"rules": [
{
"type": "field",
"outboundTag": "VPS1",
"domain": ["geosite:netflix"] //如果你的小鸡油管送中谷歌跳验证码,还可以添加geosite:google","geosite:youtube",让油管谷歌流量也走解锁鸡
}
]
}
}
当然我们除了使用ss,sock5协议做outbounds,*ray支持的任意一种协议都可以,而且如果我们的解锁小鸡国际互联良好,我们甚至可以直接让解锁小鸡接管所有流量,那我们在用的小鸡就变成中转鸡了,看到这里的小伙伴应该知道配置文件怎么写了吧,留给大家自己摸索。
