xray service - PANDA-1703/Wiki GitHub Wiki

Xray-client в терминале linux.

Install xray

I used: XTLS and easy-xray

Install & Upgrade Xray-core and geodata with User=nobody, but will NOT overwrite User in existing service files

bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install

Update geoip.dat and geosite.dat only

bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install-geodata

Download the file customgeo.dat from this repository and copy it to the folder /usr/local/share/xray.

Create our configuration config.json:

config.json 
{
  "dns": {
    "disableFallback": true,
    "servers": [
      {
        "address": "https://8.8.8.8/dns-query",
        "domains": [
          "domain:youtube.com",
          "domain:chat.openai.com",
          "domain:openai.com",
          "domain:googlevideo.com",
          "domain:ytimg.com",
          "domain:youtu.be",
          "domain:ggpht.com",
          "domain:youtubei.googleapis.com",
          "domain:yt4.ggpht.com",
          "domain:ytimg.l.google.com",
          "domain:nhacmp3youtube.com",
          "domain:googleusercontent.com",
          "domain:googleapis.com",
          "domain:gstatic.com"
        ],
        "queryStrategy": ""
      }
    ],
    "tag": "dns"
  },
  "inbounds": [
    {
      "listen": "0.0.0.0",
      "port": 2080,
      "protocol": "socks",
      "settings": {
        "udp": true
      },
      "sniffing": {
        "destOverride": [
          "http",
          "tls",
          "quic"
        ],
        "enabled": true
      },
      "tag": "socks-in"
    },
    {
      "listen": "0.0.0.0",
      "port": 2081,
      "protocol": "http",
      "sniffing": {
        "destOverride": [
          "http",
          "tls",
          "quic"
        ],
        "enabled": true
      },
      "tag": "http-in"
    }
  ],
  "log": {
    "loglevel": "warning"
  },
  "outbounds": [
    {
      "domainStrategy": "AsIs",
      "protocol": "vless",
      "settings": {
        "vnext": [
          {
            "address": "<ip-server>",
            "port": 443,
            "users": [
              {
                "encryption": "none",
                "flow": "xtls-rprx-vision",
                "id": "<your-id-server>"
              }
            ]
          }
        ]
      },
      "streamSettings": {
        "network": "tcp",
        "realitySettings": {
          "fingerprint": "chrome",
          "publicKey": "<your-publicKey-server>",
          "serverName": "www.google.com",
          "shortId": "<your-shortId-server>"
        },
        "security": "reality"
      },
      "tag": "proxy"
    },
    {
      "protocol": "freedom",
      "tag": "direct"
    },
    {
      "protocol": "blackhole",
      "tag": "block"
    }
  ],
  "policy": {
    "levels": {
      "1": {
        "connIdle": 30
      }
    },
    "system": {
      "statsOutboundDownlink": true,
      "statsOutboundUplink": true
    }
  },
  "routing": {
    "domainStrategy": "AsIs",
    "rules": [
      {
        "domain": [
          "domain:youtube.com",
          "domain:chat.openai.com",
          "domain:openai.com",
          "domain:googlevideo.com",
          "domain:ytimg.com",
          "domain:youtu.be",
          "domain:ggpht.com",
          "domain:youtubei.googleapis.com",
          "domain:yt4.ggpht.com",
          "domain:ytimg.l.google.com",
          "domain:nhacmp3youtube.com",
          "domain:googleusercontent.com",
          "domain:googleapis.com",
          "domain:gstatic.com"
        ],
        "outboundTag": "proxy",
        "type": "field"
      },
      {
        "outboundTag": "direct",
        "type": "field",
        "domain": [
          "geosite:category-ads-all",
          "geosite:category-porn"
        ]
      }
    ]
  },
  "stats": {}
}

and copy config

sudo cp config.json /usr/local/etc/xray/config.json

Finally, we launch the service

sudo systemctl start xray

Launch and use proxy

export http_proxy=http://127.0.0.1:2081
export https_proxy=http://127.0.0.1:2081
export ftp_proxy=http://127.0.0.1:2081
export socks_proxy=http://127.0.0.1:2080

Testing:

curl ipinfo.io

Use it as a proxy

If ufw is enabled

sudo ufw allow 2080/tcp
sudo ufw allow 2081/tcp

For iptables

sudo iptables -A INPUT -p tcp --dport 2080 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 2081 -j ACCEPT

and save iptables

sudo iptables-save > /etc/iptables/rules.v4

For SOCKS proxy:

export SOCKS_PROXY="socks5://<IP-adress>:2080"

For HTTP proxy:

export http_proxy="http://<IP-adress>:2081"
⚠️ **GitHub.com Fallback** ⚠️