手动释放缓存

 

/proc是一个虚拟文件系统,我们可以通过对它的读写操作做为与kernel实体间进行通信的一种手段。也就是说可以通过修改/proc中的文件,来对当前kernel的行为做出调整。那么我们可以通过调整/proc/sys/vm/drop_caches来释放内存。操作如下:

cat /proc/sys/vm/drop_caches
0
首先,/proc/sys/vm/drop_caches的值,默认为0。

sync
手动执行sync命令(描述:sync 命令运行 sync 子例程。如果必须停止系统,则运行sync 命令以确保文件系统的完整性。sync 命令将所有未写的系统缓冲区写到磁盘中,包含已修改的 i-node、已延迟的块 I/O 和读写映射文件)

echo 3 > /proc/sys/vm/drop_caches
# cat /proc/sys/vm/drop_caches

3.
将/proc/sys/vm/drop_caches值设为3

# free -m
total used free shared buffers cached
Mem: 249 66 182 0 0 11
-/+ buffers/cache: 55 194
Swap: 511 0 511

再来运行free命令,会发现现在的used为66MB,free为182MB,buffers为0MB,cached为11MB。那么有效的释放了buffer和cache。

有关/proc/sys/vm/drop_caches的用法在下面进行了说明
/proc/sys/vm/drop_caches (since Linux 2.6.16)
Writing to this file causes the kernel to drop clean caches,dentries and inodes from memory, causing that memory to become free.
To free pagecache, use echo 1 > /proc/sys/vm/drop_caches;
to free dentries and inodes, use echo 2 > /proc/sys/vm/drop_caches;
to free pagecache, dentries and inodes, use echo 3 > /proc/sys/vm/drop_caches.
Because this is a non-destructive operation and dirty objects are not freeable, the user should run sync first.

三、我的意见
上述文章就长期以来很多用户对Linux内存管理方面的疑问,给出了一个比较“直观”的回复,我更觉得有点像是核心开发小组的妥协。对于是否需要使用这个值,或向用户提及这个值,我是有保留意见的:

  • man可以看到,这值从2.6.16以后的核心版本才提供,也就是老版的操作系统,如红旗DC 5.0、RHEL 4.x之前的版本都没有;
  • 若对于系统内存是否够用的观察,我还是原意去看swap的使用率和si/so两个值的大小;

用户常见的疑问是,为什么free这么小,是否关闭应用后内存没有释放?但实际上,我们都知道这是因为Linux对内存的管理与Windows不同,free小并不是说内存不够用了,应该看的是free的第二行最后一个值:-/+ buffers/cache: 58 191,这才是系统可用的内存大小。

实际项目中告诉我们,如果因为是应用有像内存泄露、溢出的问题,从swap的使用情况是可以比较快速可以判断的,但free上面反而比较难查看。相反,如果在这个时候,我们告诉用户,修改系统的一个值,“可以”释放内存,free就大了。用户会怎么想?不会觉得操作系统“有问题”吗?所以说,我觉得既然核心是可以快速清空buffer或cache,也不难做到(这从上面的操作中可以明显看到),但核心并没有这样做(默认值是0),我们就不应该随便去改变它。一般情况下,应用在系统上稳定运行了,free值也会保持在一个稳定值的,虽然看上去可能比较小。

当发生内存不足、应用获取不到可用内存、OOM错误等问题时,还是更应该去分析应用方面的原因,如用户量太大导致内存不足、发生应用内存溢出等情况,否则,清空buffer,强制腾出free的大小,可能只是把问题给暂时屏蔽了。

我觉得,排除内存不足的情况外,除非是在软件开发阶段,需要临时清掉buffer,以判断应用的内存使用情况;或应用已经不再提供支持,即使应用对内存的时候确实有问题,而且无法避免的情况下,才考虑定时清空buffer。(可惜,这样的应用通常都是运行在老的操作系统版本上,上面的操作也解决不了)。而生产环境下的服务器可以不考虑手工释放内存,这样会带来更多的问题。记住内存是拿来用的,不是拿来看的。不像windows。

无论你的真实物理内存有多少,他都要拿硬盘交换文件来读。这也就是windows为什么常常提示虚拟空间不足的原因,你们想想多无聊,在内存还有大部分的时候,拿出一部分硬盘空间来充当内存。硬盘怎么会快过内存,所以我们看linux,只要不用swap的交换空间,就不用担心自己的内存太少。如果常常swap用很多,可能你就要考虑加物理内存了,这也是linux看内存是否够用的标准哦。当然这仅代表我个人意见,也欢迎大家来交流讨论。

下面是一个内存释放的脚本,分享给大家:
# vim /root/satools/freemem.sh

将脚本添加到crond任务,定时执行。
# echo “*/30 * * * * root /root/satools/freemem.sh” >> /etc/crondtab

使用 InstantClick 加速网站访问速度

InstantClick是一个JavaScript库,可以显着加快您的网站速度,在大多数情况下可以有效地实现导航。

为什么使用InstantClick

  • 尽管现代互联网的带宽很大,但网站的速度并不快,这是因为加载网页的最大瓶颈就是延迟。

它是如何工作的

  • 今天的互联网架构延迟是不可避免的,所以 InstantClick 通过预加载你可能点击的链接来尽可能缩短所需要的时间。
  • 在访问者点击链接之前,他们将鼠标悬停在该链接上。在这两个事件之间,通常经过200毫秒到300毫秒(在这里自己测试)。InstantClick利用该时间来预加载页面,以便在您单击时页面已经存在。
  • 在移动设备上,预加载从“touchstart”开始,让300毫秒(Android)到450毫秒(iOS)预加载页面。

如何使用

  ······
  <!-- 引入 InstantClick -->
  <script src="instantclick.min.js" data-no-instant></script>
  <script data-no-instant>InstantClick.init();</script>
  <!-- 到这里结束 -->
  </body>
  </html>
  • 然后就可以开始体验超快的网站访问速度了。

以上就是使用 InstantClick 让网站访问更快的食用方法啦。

用 PHP实现的dns,LibDNS

DNS implementation in pure PHP.

LibDNS

DNS protocol implementation in pure PHP

Status

This library is currently undergoing a ground-up rewrite. The old codebase has been archive to the 2.x branch. The current master is version 3, a completely new API which is simpler and should be easier to work with, as well as improving performance and extensibility. V3 also includes much more complete list of IANA-registered record types, classes and other elements.

The v3 API has now largely stabilised and work on migrating to the new API is encouraged as soon as possible. It is unlikely there will be any more releases from the 2.x branch.

A migration guide will be produced in line with the first RC, but the code in the examples directory can be used to infer most of the required changes.

from https://github.com/DaveRandom/LibDNS

 

利用simple-dns解决dns污染问题

在mac机器上。

pip install twisted

git clone https://github.com/RicterZ/simple-dns simple-dns-by-ricterz

cd simple-dns-by-ricterz/simple-dns/

sudo python dns.py

项目地址:

https://github.com/RicterZ/simple-dns

(用不了多久)

-------

利用dnsproxy-by-zhengxinhn解决dns污染问题(这个不错)

git clone https://github.com/zhengxinhn/dnsproxy dnsproxy-by-zhengxinhn

cd dnsproxy-by-zhengxinhn

make

cd src

 

src目录里面生成了可执行文件dnsproxy

./dnsproxy -h

sudo ./dnsproxy -p 53 --remote-addr=8.8.8.8 --remote-port=53

会显示:

* runing at 53

* transport to 8.8.8.8:53,tcp

------------

 

利用dnsproxy-by-notzappy解决dns污染问题

 

git clone https://github.com/NotZappy/dnsproxy dnsproxy-by-NotZappy 

cd dnsproxy-by-NotZappy 

sudo python dnsproxy.py

会显示使用说明。

sudo python dnsproxy.py -p 53 --server=8.8.8.8

----------

利用dnsproxy-by-ccloli解决dns污染问题

Requirement

  • Node.js
    • v8.x: v8.10.0* or higher
    • v9.x: v9.1.0* or higher
    • v10.x or higher
npm install -g ccloli/DNSProxy

wget https://github.com/ccloli/DNSProxy/raw/master/config.sample.json

cat config.sample.json > dnsproxy-by-ccloli.json

修改dnsproxy-by-ccloli.json为如下内容:

// This is a sample of DNSProxy config file

// You can use this sample to create your config file

{

// DNSProxy server configuration

"settings": {

// should DNSProxy support TCP lookup from client?

"tcp": true,

// should DNSProxy support UDP lookup from client?

"udp": true,

// which IP to bind the DNSProxy server?

"host": "127.0.0.1",

// which port to listen the client request?

"port": 53,

// when to close upstream lookup if no data response?

"timeout": 5000 // ms

},

// available name server list

"servers": {

// set name server with a name

// you don't need to set name servers here

// but at least a `default` one is required

"default": {

// name server host

"host": "8.8.8.8",

// name server port

// if you emit port, it'll be `53`

"port": "53",

// name server protocol, `tcp`, `udp` or `tls`

// if you emit protocol, it'll be based on your request,

// if you request the server with UDP, then it'll be UDP,

// if you request the server with TCP, then it'll be TCP

"type": "tcp"

},

// another name server

// "tcp": {

// you can combine host and port as host

// "host": "127.0.0.1:53",

// don't set port again, or it'll overwrite the previous one

// "type": "tcp"

// },

"ipv6": {

// if you're using IPv6 server, quote IP address with []

// or it'll be parsed as combined host and port

"host": "[::1]:53"

},

// "tls": {

// DNS-over-TLS lookup is supported

// "host": "127.0.0.1",

// if you emit port, it'll be `853` for `tls`

// "port": "853",

// "type": "tls"

// },

// you can use a plain string instead of an object

// scheme is `<ip>[:<port = 53>][@<protocol>]`

"google-tcp": "8.8.8.8:443@tcp",

"google-ipv6": "[2001:4860:4860::8888]",

"cloudflare-tls": "1.1.1.1@tls",

// you can also use domain for TLS lookup,

// but please be aware that looking up the server IP is not

// controlled by DNSProxy but by libuv's operating system API,

// so the IP is probably not what you want (you know what I mean)

"quad9-tls": "dns.quad9.net@tls"

},

// extend rule parsers

// you can import some other parsers written by you or some other guy

// then you can use them in `rules`

// note if you're using Windows, use slash (/) or two backslashes (\\)

"extend-parsers": [

"path/to/parser.js",

"path\\to\\another\\parser.js",

// you can use vertical bar (|) after path to rename it, it's useful

// if you don't know its name or another parser uses the same name

// the original name of parser will be replaced by your new name

"path/to/renamed/parser.js|new-name",

// you can use `npm:` before path to import from a npm package

// you can use its original name to use the parser

// or use `npm:<package-name>` to use the parser

"npm:dnsproxy-npm-parser",

// you can also rename a npm package to overwrite its original name

// e.g. you can use either `npm:dnsproxy-npm-another-parser` or

// `another-parser` to use the parser

"npm:dnsproxy-npm-another-parser|another-parser"

],

// look up rules

// which rule defines first, which rule has a higher priority

// if no rule matches, it'll use the default one

"rules": [{

// rule input file

"file": "rules/common.txt",

// rule type

"type": "list",

// rule lookup server

// if you defined it at `servers`, you can use it he

"server": "tcp"

}, {

"file": "rules/extend.txt",

"type": "list",

// you can also define a custom name server here

"server": {

"host": "127.0.0.2",

"port": "53",

"type": "tcp"

}

}, {

// TODO: PAC file, thought it's a JavaScript file

"file": "rules/proxy.pac",

// TODO: support pac is coming soom

"type": "pac",

// also you can use a plain string

"server": "10.0.0.1"

}, {

// TODO: URL, support URL maybe coming soom

"url": "https://example.com/proxy.txt",

// TODO: support autoproxy is coming soom

"type": "autoproxy",

"server": "[::1]:5353@tcp"

}, {

// TODO: advance, advance is a custom rule

// you can specify any rules with any name server

"file": "rules/advance.json",

"type": "advance"

}, {

// use the parser defined in `extend-parser`

"file": "rules/foo.txt",

"type": "new-name"

}, {

// use the npm package defined in `extend-parser`

"file": "rules/bar.txt",

"type": "npm:dnsproxy-npm-another-parser",

"config": "some other fields required by custom parser"

}]

}

 

然后,运行:

dnsproxy -c dnsproxy-by-ccloli.json

项目地址:https://github.com/ccloli/DNSProxy

(不稳定)

---------

利用dnsproxy-by-Pythnist解决dns污染问题

 

git clone https://github.com/Pythnist/DNSProxy DNSProxy-by-Pythnist

cd DNSProxy-by-Pythnist

sudo python dnsproxy.py --host=127.0.0.1 --port=53 --server=8.8.8.8

项目地址:https://github.com/Pythnist/DNSProxy (不稳定)

 ---------

利用dnsproxy-by-qmphan解决dns污染问题 

git clone https://github.com/qmphan/dnsproxy dnsproxy-by-qmphan

cd dnsproxy-by-qmphan

sudo python dnsproxy.py --host=127.0.0.1 --port=53 --server=8.8.8.8

-----------

https://github.com/shuncox/smartdns 

 

git clone https://github.com/shuncox/smartdns smartdns -by-shuncox

cd smartdns -by-shuncox

sudo python smartdns.py

 -------------

https://github.com/parrotgeek1/ProxyDNS

(不稳定)

在mac机器上。

mkdir proxydns

cd proxydns

wget https://github.com/parrotgeek1/ProxyDNS/archive/master.zip

unzip proxydns-master.zip

cd proxydns-master

chmod 755 make.sh

./make.sh

(会在当前目录下,生成可执行文件proxydns)

sudo ./proxydns 208.67.222.222 443 53

会显示:

Started TCP thread
Started UDP thread

------------

在mac上。

git clone https://github.com/henix/shielddns shielddns-by-henix

cd shielddns-by-henix

nano config.rb

(config.rb的内容,见https://github.com/henix/shielddns页面)

sudo ruby shielddns.rb 0.0.0.0 53

项目地址:https://github.com/henix/shielddns

----------

git clone https://github.com/slene/dnsproxy dnsproxy-by-slene

cd dnsproxy-by-slene

go build (会在当前目录下,生成可执行文件dnsproxy-by-slene

./dnsproxy-by-slene -h

./dnsproxy-by-slene -local :53 -dns 8.8.8.8:53:tcp,8.8.4.4:53:tcp

------------

git clone https://github.com/vietor/dnsproxy dnsproxy-by-vietor

cd dnsproxy-by-vietor

make

cd src (在src目录下,生成了可执行文件dnsproxy)

./dnsproxy -h

./dnsproxy --port=53 --remote-addr=8.8.8.8 --remote-port=53 --remote-tcp

---------

利用cndns解决dns污染问题

在mac机器上。
git clone https://github.com/Nat-Lab/cndns  cndns-by-Nat-Lab
cd cndns-by-Nat-Lab
make
(在当前目录下,会生成可执行文件cndns)
sudo ./cndns -l 0.0.0.0 -p 53 -s 1.0.0.1 -m 15

它这个程序的思路有意思,“-m 15”的意思是只返回15毫秒或15毫秒以上的dns应答结果,这样就避免了dns污染。

看看能用多久。

实际使用例子:
sudo wg-quick up wg0
sudo networksetup -setdnsservers "Wi-Fi" 127.0.0.1
cd ~/cndns-by-Nat-Lab && sudo ./cndns -l 0.0.0.0 -p 53 -s 1.0.0.1 -m 15

项目地址:https://github.com/Nat-Lab/cndns 
-------------
 
在mac机器上。
git clone https://github.com/creac/dnsAgent dnsAgent-by-creac
cd dnsAgent-by-creac
sudo python dnsAgent.py
(此命令是运行在后台的。)
 
------------
 

利用sdns解决dns污染问题(这个用不了多久)

 
在mac机器上。首先安装go环境,然后,
cd $GOPATH
go get -u -v github.com/semihalev/sdns
(sdns就会出现在$GOBIN/里面)

sdns
(第一次运行它,会在当前目录下,生成sdns.toml文件)
nano sdns.toml
(把bind的值改为":53" ,把bind前面的#号去掉。
rootservers的值改为:
[
"8.8.8.8:53",
"8.8.4.4:53"

 
然后运行:
 
sudo sdns -config=sdns.toml
不要关闭此terminal.
 
实际使用例子:
sudo wg-quick up wg0 
sudo networksetup -setdnsservers "Wi-Fi" 127.0.0.1
sudo sdns -config=sdns.toml
 
项目地址:github.com/semihalev/sdns
--------------
 

利用DNS-reverse-proxy解决dns污染问题 (这个用不了多久)

 
在mac机器上。首先安装go环境。然后,
git clone https://github.com/StalkR/dns-reverse-proxy
cd dns-reverse-proxy

go build .
(在当前目录下,会生成可执行文件dns-reverse-proxy)

sudo ./dns-reverse-proxy -address :53 -default 8.8.8.8:53
 
实际使用例子:
sudo wg-quick up wg0 
 
sudo networksetup -setdnsservers "Wi-Fi" 127.0.0.1
cd ~/dns-reverse-proxy && sudo ./dns-reverse-proxy -address :53 -default 8.8.8.8:53
 
项目地址:https://github.com/StalkR/dns-reverse-proxy
-------------
 

利用udpxd解决dns污染问题

 
在本地机器mac上。
git clone https://github.com/TLINDEN/udpxd udpxd-by-TLINDEN
cd udpxd-by-TLINDEN
make
(会在当前目录,生成可执行文件udpxd)
sudo ./udpxd -l 127.0.0.1:53 -t 8.8.8.8:53

实际使用例子:
cd ~/gtun-by-ICKelin/bin/gtun && sudo ./gtun-darwin_amd64 -c gtun.conf
(详见https://briteming.blogspot.com/2019/09/vpn-gtun.html

sudo route add default 192.168.1.1 && sudo route delete default && 
sudo route add default 100.64.240.1 && sudo route add vps-ip 192.168.1.1

sudo networksetup -setdnsservers "Wi-Fi" 127.0.0.1

cd ~/udpxd-by-TLINDEN &&  sudo ./udpxd -l 127.0.0.1:53 -t 8.8.8.8:53
不要关闭此terminal.

项目地址:https://github.com/TLINDEN/udpxd
-------------
 

利用portfwd解决dns污染问题

 
在本地机器mac上。
git clone https://github.com/rssnsj/portfwd portfwd-by-rssnsj
cd  portfwd-by-rssnsj
cd src
make
(在当前目录,会生成可执行文件udpfwd)
sudo ./udpfwd 127.0.0.1:53 8.8.8.8:53

实际使用例子:
./exodus-vpn-bwg.sh
sudo networksetup -setdnsservers "Wi-Fi" 127.0.0.1
cd ~/portfwd-by-rssnsj/src && sudo ./udpfwd 127.0.0.1:53 8.8.8.8:53
不要关闭此terminal.

项目地址:https://github.com/rssnsj/portfwd
-------------

利用dns2tcp解决dns污染问题

 
在本地机器mac上。
brew install libuv

git clone https://github.com/zfl9/dns2tcp dns2tcp-by-zfl9
cd dns2tcp-by-zfl9
make
(在当前目录下,会生成可执行文件dns2tcp)
sudo ./dns2tcp -L"127.0.0.1#53" -R"8.8.8.8#53"
或者ctl+c ,
接着:
make install
(在/usr/local/bin/里面会生成dns2tcp)
sudo dns2tcp -L"127.0.0.1#53" -R"8.8.8.8#53"

使用例子:
运行全局代理程序mellow

 sudo networksetup -setdnsservers "Wi-Fi" 127.0.0.1

sudo dns2tcp -L"127.0.0.1#53" -R"8.8.8.8#53"

项目地址:https://github.com/zfl9/dns2tcp

DNSProxy by andreafabrizi

DNS Proxy

Forward DNS requests from the local interface to a remote resolver, through http proxy requests.

DNS Proxy

DNS proxy listens for incoming DNS requests on the local interface and resolves remote hosts using an external PHP script, through http proxy requests.

If you can’t use VPN, UDP tunnels or other methods to resolve external names in your LAN, DNS proxy is a good and simple solution.

The source code is hosted on GitHub

Get the code

git clone https://github.com/andreafabrizi/DNSProxy.git

Build

For debian/ubuntu users:
apt-get install libcurl4-openssl-dev

then

make

Usage

dnsp -l 127.0.0.1 -h 10.0.0.2 -r 8080 -s http://www.andreafabrizi.it/nslookup.php

In this case, DNS proxy listens on port 53 (bind on 127.0.0.1) and sends the requests to external script through the 10.0.0.2:8080 proxy.

IMPORTANT: Please, don’t use the script hosted on my server, it’s only for testing purpose. Instead host the nslookup.php script on your own server or use a free hosting services. Thanks!

 dnsp 0.5
 usage: dnsp -l [local_host] -h [proxy_host] -r [proxy_port] -s [lookup_script]

 OPTIONS:
      -v  	 Enable DEBUG mode
      -p		 Local port
      -l		 Local host
      -r		 Proxy port
      -h		 Proxy host
      -u		 Proxy username (optional)
      -k		 Proxy password (optional)
      -s		 Lookup script URL

Testing

To test if DNS proxy is working correctly, first run the program as following (replace the placeholders with the correct proxy IP and port!):

dnsp -l 127.0.0.1 -h x.x.x.x -r nnnn -s http://www.andreafabrizi.it/nslookup.php

then, try to resolve an hostname using the dig command:

dig www.google.com @127.0.0.1

The result must be something like this:

; <<>> DiG 9.8.1-P1 <<>> www.google.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29155
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com. 		IN	A

;; ANSWER SECTION:
www.google.com.		3600	IN	A	173.194.64.106

;; Query time: 325 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri May 17 11:52:08 2013
;; MSG SIZE  rcvd: 48

from https://www.andreafabrizi.it/2013/05/17/DNSProxy/
项目地址:https://github.com/andreafabrizi/DNSProxy

public-dns.info

This list of public and free DNS servers is checked continuously. Read how to change your DNS server settings .

IPv4/IPv6 Address Location Software / Version Checked at State Reliability Whois
125.31.58.114
n12531z58l114.static.ctmip.net.
 Macao   Valid valid 100 % Whois
123.16.13.12
static.vnpt.vn.
 Viet Nam, Hanoi   Valid valid 92 % Whois
118.193.31.114 Hong Kong 9.9.4-RedHat-9.9.4-61.el7_5.1 Valid valid 100 % Whois
104.37.214.18 United States 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 Valid valid DNSSEC 99 % Whois
77.105.216.207 Sweden, Vaxjo PowerDNS Recursor 4.0.4 Valid valid 100 % Whois
217.115.63.30
217-115-63-30.cust.bredband2.com.
 Sweden PowerDNS Recursor 4.1.9 (built Jan 21 2019 10:00:07 by root@a646cf76c9d3) Valid valid 92 % Whois
94.245.56.130
h94-245-56-130.cust.a3fiber.se.
 Sweden, Taeftea PowerDNS Recursor 4.1.12 (built Apr 2 2019 10:33:18 by root@58c9f6770f2f) Valid valid 100 % Whois
81.216.9.110
thor.ktv.nu.
 Sweden, Luleå   Valid valid 100 % Whois
46.246.65.198 Sweden, Stockholm PowerDNS Recursor 4.1.4 (built Oct 24 2018 15:00:58 by portage@frankfurt-ns02) Valid valid 100 % Whois
194.14.79.66
194-14-79-66.customers.aardnet.se.
 Sweden, Valbo   Valid valid DNSSEC 89 % Whois
5.150.233.72
h-233-72.A260.priv.bahnhof.se.
 Sweden, Karlskoga dnsmasq-2.39 Valid valid DNSSEC 99 % Whois
81.227.32.174
81-227-32-174-no2212.tbcn.telia.com.
 Sweden, Insjoen 9.11.3+5738 Valid valid DNSSEC 99 % Whois
185.231.103.69
xn--caffotograferna-dnb.se.
 Sweden not currently available Valid valid DNSSEC 100 % Whois
217.215.126.220
217-215-126-220-no2340.digitaltv.telia.com.
 Sweden dnsmasq-2.78-2-gb87ca73 Valid valid 61 % Whois
78.68.92.241
78-68-92-241-no2207.digitaltv.telia.com.
 Sweden, Gothenburg dnsmasq-2.45 Valid valid DNSSEC 100 % Whois

https://public-dns.info

v2ray的简单的服务器端的配置文件和客户端的配置文件

服务端的配置文件的内容:

{
"log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "warning"
},
"inbound": {
"port": 25536,
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "84dbb5b3-2a27-5c85-afef-e9e10401320d",
"level": 1,
"alterId": 100
}
]
}
},
"outbound": {
"protocol": "freedom",
"settings": {}
},
"inboundDetour": [],
"outboundDetour": [
{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
}
],
"routing": {
"strategy": "rules",
"settings": {
"rules": [
{
"type": "field",
"ip": [
"0.0.0.0/8",
"10.0.0.0/8",
"100.64.0.0/10",
"127.0.0.0/8",
"169.254.0.0/16",
"172.16.0.0/12",
"192.0.0.0/24",
"192.0.2.0/24",
"192.168.0.0/16",
"198.18.0.0/15",
"198.51.100.0/24",
"203.0.113.0/24",
"::1/128",
"fc00::/7",
"fe80::/10"
],
"outboundTag": "blocked"
}
]
}
}
}

 

客户端的配置文件的内容:

{
"log": {
"loglevel": "warning"
},
"inbound": {
"listen": "127.0.0.1",
"port": 2080,
"protocol": "socks",
"settings": {
"auth": "noauth",
"udp": true,
"ip": "127.0.0.1"
}
},
"outbound": {
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "your-vps-ip",
"port": 25536,
"users": [
{
"id": "84dbb5b3-2a27-5c85-afef-e9e10401320d",
"level": 1,
"alterId": 100
}
]
}
]
},
"mux": {
"enabled": true,
"concurrency": 8
}
},
"outboundDetour": [
{
"protocol": "freedom",
"settings": {},
"tag": "direct"
}
],
"routing": {
"strategy": "rules",
"settings": {
"rules": [
{
"type": "field",
"port": "54-79",
"outboundTag": "direct"
},
{
"type": "field",
"port": "81-442",
"outboundTag": "direct"
},
{
"type": "field",
"port": "444-65535",
"outboundTag": "direct"
},
{
"type": "field",
"domain": [
"gc.kis.scr.kaspersky-labs.com"
],
"outboundTag": "direct"
},
{
"type": "chinasites",
"outboundTag": "direct"
},
{
"type": "field",
"ip": [
"0.0.0.0/8",
"10.0.0.0/8",
"100.64.0.0/10",
"127.0.0.0/8",
"169.254.0.0/16",
"172.16.0.0/12",
"192.0.0.0/24",
"192.0.2.0/24",
"192.168.0.0/16",
"198.18.0.0/15",
"198.51.100.0/24",
"203.0.113.0/24",
"::1/128",
"fc00::/7",
"fe80::/10"
],
"outboundTag": "direct"
},
{
"type": "chinaip",
"outboundTag": "direct"
}
]
}
}
}

完全可以用来翻墙。

from https://intmainreturn0.com/v2ray-config-gen/