-
Notifications
You must be signed in to change notification settings - Fork 29
/
Copy pathshadowtls_v3_remote_handshake.yaml
60 lines (55 loc) · 1.71 KB
/
shadowtls_v3_remote_handshake.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# server example of a single server that serves both normal TLS and ShadowTLS
- address: 127.0.0.1:44300
transport: tcp
protocol:
type: tls
# specify different passwords and proxy protocols based on ShadowTLS SNI
shadowtls_targets:
example.com:
password: asdf123
handshake:
# connect to example.com:443 as the handshake server
address: example.com:443
# optionally, use a client proxy for the handshake server connection.
# specify multiple proxies to load balance.
client_proxies:
# direct connection
- protocol:
type: direct
# connect through socks
- address: 127.0.0.1:5555
protocol:
type: socks
username: internal-socks-user
password: internal-socks-pass
protocol:
type: socks
username: socks-user
password: socks-pass
google.com:
password: fdsa321
handshake:
# connect directly to google.com as the handshake server
address: google.com:443
# regular TLS targets
tls_targets:
# provide a regular HTTPS proxy
example2.com:
key: private_key.pem
cert: cert.pem
protocol:
type: http
username: https-user
password: https-password
# default TLS target, when no SNI is provided or no SNI from `targets` matches.
default_tls_target:
key: default_key.pem
cert: default_cert.pem
protocol:
type: socks
username: default-socks-user
password: default-socks-pass
rules:
- mask: 0.0.0.0/0
action: allow
client_proxy: direct