使用 Cloudflare Workers 搭建免费科学上网节点
在当今互联网环境下,访问某些网站或服务可能会受到地域限制的困扰。为了绕过这些限制,许多人会选择搭建科学上网节点(即代理服务器)。然而,传统的代理服务器搭建成本较高且需要复杂的配置。幸运的是,借助Cloudflare Workers这一强大的Serverless平台,我们可以轻松搭建一个免费的科学上网节点。
什么是Cloudflare Workers?
Cloudflare Workers 是 Cloudflare 提供的一项基于边缘计算的 Serverless 平台。它允许开发者在 Cloudflare 的全球 CDN 网络上运行代码片段(称为“Workers”),以实现诸如内容分发、请求拦截、动态路由等功能。由于 Cloudflare 已经在全球部署了大量服务器,使用 Workers 可以轻松实现高性能和低延迟的应用。
Cloudflare 提供了一个免费层,允许开发者每月免费运行一定数量的 Worker 节点,这对于个人用户或小团队来说已经足够。
为什么选择Cloudflare Workers搭建科学上网节点?
- 全球覆盖:Cloudflare 的 CDN 网络遍布全球,这意味着你的代理服务器实际上会分布在全球各地,从而实现更快的访问速度。
- 免费且易于使用:Cloudflare 提供了免费层,适合个人用户或小项目使用。无需购买服务器或复杂的配置。
- 高可用性和性能:基于 Cloudflare 的边缘计算架构, Workers 可以处理大量的并发请求,并且具有很高的可靠性。
搭建科学上网节点的步骤
1. 注册Cloudflare账户
如果你还没有 Cloudflare 账户,首先需要注册一个。访问 Cloudflare 并按照提示完成注册。
2. 创建一个新的 Worker 应用
登录到 Cloudflare ,在左侧导航栏找到 Workers ,在点击 创建 。
在 创建应用程序 界面,点击 Hello world 创建应用。
应用名称可以随意,也可以默认,之后点击 部署 。
成功部署之后,点击 编辑代码 按钮。
3. 填写代码
将原有代码,替换为下方代码。(本代码出自甬哥侃侃侃,还请大家支持甬哥,star点起来。)
// <!--GAMFC-->version base on commit 43fad05dcdae3b723c53c226f8181fc5bd47223e, time is 2023-06-22 15:20:02 UTC<!--GAMFC-END-->.
// @ts-ignore
import { connect } from "cloudflare:sockets";
// How to generate your own UUID:
// [Windows] Press "Win + R", input cmd and run: Powershell -NoExit -Command "[guid]::NewGuid()"
let userID = "86c50e3a-5b87-49dd-bd20-03c7f2735e40";
const proxyIPs = ["ts.hpc.tw"];
const cn_hostnames = [''];
let CDNIP = '\u0077\u0077\u0077\u002e\u0076\u0069\u0073\u0061\u002e\u0063\u006f\u006d\u002e\u0073\u0067'
// http_ip
let IP1 = '\u0077\u0077\u0077\u002e\u0076\u0069\u0073\u0061\u002e\u0063\u006f\u006d'
let IP2 = '\u0063\u0069\u0073\u002e\u0076\u0069\u0073\u0061\u002e\u0063\u006f\u006d'
let IP3 = '\u0061\u0066\u0072\u0069\u0063\u0061\u002e\u0076\u0069\u0073\u0061\u002e\u0063\u006f\u006d'
let IP4 = '\u0077\u0077\u0077\u002e\u0076\u0069\u0073\u0061\u002e\u0063\u006f\u006d\u002e\u0073\u0067'
let IP5 = '\u0077\u0077\u0077\u002e\u0076\u0069\u0073\u0061\u0065\u0075\u0072\u006f\u0070\u0065\u002e\u0061\u0074'
let IP6 = '\u0077\u0077\u0077\u002e\u0076\u0069\u0073\u0061\u002e\u0063\u006f\u006d\u002e\u006d\u0074'
let IP7 = '\u0071\u0061\u002e\u0076\u0069\u0073\u0061\u006d\u0069\u0064\u0064\u006c\u0065\u0065\u0061\u0073\u0074\u002e\u0063\u006f\u006d'
// https_ip
let IP8 = '\u0075\u0073\u0061\u002e\u0076\u0069\u0073\u0061\u002e\u0063\u006f\u006d'
let IP9 = '\u006d\u0079\u0061\u006e\u006d\u0061\u0072\u002e\u0076\u0069\u0073\u0061\u002e\u0063\u006f\u006d'
let IP10 = '\u0077\u0077\u0077\u002e\u0076\u0069\u0073\u0061\u002e\u0063\u006f\u006d\u002e\u0074\u0077'
let IP11 = '\u0077\u0077\u0077\u002e\u0076\u0069\u0073\u0061\u0065\u0075\u0072\u006f\u0070\u0065\u002e\u0063\u0068'
let IP12 = '\u0077\u0077\u0077\u002e\u0076\u0069\u0073\u0061\u002e\u0063\u006f\u006d\u002e\u0062\u0072'
let IP13 = '\u0077\u0077\u0077\u002e\u0076\u0069\u0073\u0061\u0073\u006f\u0075\u0074\u0068\u0065\u0061\u0073\u0074\u0065\u0075\u0072\u006f\u0070\u0065\u002e\u0063\u006f\u006d'
// http_port
let PT1 = '80'
let PT2 = '8080'
let PT3 = '8880'
let PT4 = '2052'
let PT5 = '2082'
let PT6 = '2086'
let PT7 = '2095'
// https_port
let PT8 = '443'
let PT9 = '8443'
let PT10 = '2053'
let PT11 = '2083'
let PT12 = '2087'
let PT13 = '2096'
let proxyIP = proxyIPs[Math.floor(Math.random() * proxyIPs.length)];
let proxyPort = proxyIP.includes(':') ? proxyIP.split(':')[1] : '443';
const dohURL = "https://cloudflare-dns.com/dns-query";
if (!isValidUUID(userID)) {
throw new Error("uuid is not valid");
}
export default {
/**
* @param {any} request
* @param {{uuid: string, proxyip: string, cdnip: string, ip1: string, ip2: string, ip3: string, ip4: string, ip5: string, ip6: string, ip7: string, ip8: string, ip9: string, ip10: string, ip11: string, ip12: string, ip13: string, pt1: string, pt2: string, pt3: string, pt4: string, pt5: string, pt6: string, pt7: string, pt8: string, pt9: string, pt10: string, pt11: string, pt12: string, pt13: string}} env
* @param {any} ctx
* @returns {Promise<Response>}
*/
async fetch(request, env, ctx) {
try {
const { proxyip } = env;
userID = env.uuid || userID;
if (proxyip) {
if (proxyip.includes(']:')) {
let lastColonIndex = proxyip.lastIndexOf(':');
proxyPort = proxyip.slice(lastColonIndex + 1);
proxyIP = proxyip.slice(0, lastColonIndex);
} else if (!proxyip.includes(']:') && !proxyip.includes(']')) {
[proxyIP, proxyPort = '443'] = proxyip.split(':');
} else {
proxyPort = '443';
proxyIP = proxyip;
}
} else {
if (proxyIP.includes(']:')) {
let lastColonIndex = proxyIP.lastIndexOf(':');
proxyPort = proxyIP.slice(lastColonIndex + 1);
proxyIP = proxyIP.slice(0, lastColonIndex);
} else if (!proxyIP.includes(']:') && !proxyIP.includes(']')) {
[proxyIP, proxyPort = '443'] = proxyIP.split(':');
} else {
proxyPort = '443';
}
}
console.log('ProxyIP:', proxyIP);
console.log('ProxyPort:', proxyPort);
CDNIP = env.cdnip || CDNIP;
IP1 = env.ip1 || IP1;
IP2 = env.ip2 || IP2;
IP3 = env.ip3 || IP3;
IP4 = env.ip4 || IP4;
IP5 = env.ip5 || IP5;
IP6 = env.ip6 || IP6;
IP7 = env.ip7 || IP7;
IP8 = env.ip8 || IP8;
IP9 = env.ip9 || IP9;
IP10 = env.ip10 || IP10;
IP11 = env.ip11 || IP11;
IP12 = env.ip12 || IP12;
IP13 = env.ip13 || IP13;
PT1 = env.pt1 || PT1;
PT2 = env.pt2 || PT2;
PT3 = env.pt3 || PT3;
PT4 = env.pt4 || PT4;
PT5 = env.pt5 || PT5;
PT6 = env.pt6 || PT6;
PT7 = env.pt7 || PT7;
PT8 = env.pt8 || PT8;
PT9 = env.pt9 || PT9;
PT10 = env.pt10 || PT10;
PT11 = env.pt11 || PT11;
PT12 = env.pt12 || PT12;
PT13 = env.pt13 || PT13;
const upgradeHeader = request.headers.get("Upgrade");
const url = new URL(request.url);
if (!upgradeHeader || upgradeHeader !== "websocket") {
const url = new URL(request.url);
switch (url.pathname) {
case `/${userID}`: {
const \u0076\u006c\u0065\u0073\u0073Config = get\u0076\u006c\u0065\u0073\u0073Config(userID, request.headers.get("Host"));
return new Response(`${\u0076\u006c\u0065\u0073\u0073Config}`, {
status: 200,
headers: {
"Content-Type": "text/html;charset=utf-8",
},
});
}
case `/${userID}/ty`: {
const tyConfig = gettyConfig(userID, request.headers.get('Host'));
return new Response(`${tyConfig}`, {
status: 200,
headers: {
"Content-Type": "text/plain;charset=utf-8",
}
});
}
case `/${userID}/cl`: {
const clConfig = getclConfig(userID, request.headers.get('Host'));
return new Response(`${clConfig}`, {
status: 200,
headers: {
"Content-Type": "text/plain;charset=utf-8",
}
});
}
case `/${userID}/sb`: {
const sbConfig = getsbConfig(userID, request.headers.get('Host'));
return new Response(`${sbConfig}`, {
status: 200,
headers: {
"Content-Type": "application/json;charset=utf-8",
}
});
}
case `/${userID}/pty`: {
const ptyConfig = getptyConfig(userID, request.headers.get('Host'));
return new Response(`${ptyConfig}`, {
status: 200,
headers: {
"Content-Type": "text/plain;charset=utf-8",
}
});
}
case `/${userID}/pcl`: {
const pclConfig = getpclConfig(userID, request.headers.get('Host'));
return new Response(`${pclConfig}`, {
status: 200,
headers: {
"Content-Type": "text/plain;charset=utf-8",
}
});
}
case `/${userID}/psb`: {
const psbConfig = getpsbConfig(userID, request.headers.get('Host'));
return new Response(`${psbConfig}`, {
status: 200,
headers: {
"Content-Type": "application/json;charset=utf-8",
}
});
}
default:
// return new Response('Not found', { status: 404 });
// For any other path, reverse proxy to 'ramdom website' and return the original response, caching it in the process
if (cn_hostnames.includes('')) {
return new Response(JSON.stringify(request.cf, null, 4), {
status: 200,
headers: {
"Content-Type": "application/json;charset=utf-8",
},
});
}
const randomHostname = cn_hostnames[Math.floor(Math.random() * cn_hostnames.length)];
const newHeaders = new Headers(request.headers);
newHeaders.set("cf-connecting-ip", "1.2.3.4");
newHeaders.set("x-forwarded-for", "1.2.3.4");
newHeaders.set("x-real-ip", "1.2.3.4");
newHeaders.set("referer", "https://www.google.com/search?q=edtunnel");
// Use fetch to proxy the request to 15 different domains
const proxyUrl = "https://" + randomHostname + url.pathname + url.search;
let modifiedRequest = new Request(proxyUrl, {
method: request.method,
headers: newHeaders,
body: request.body,
redirect: "manual",
});
const proxyResponse = await fetch(modifiedRequest, { redirect: "manual" });
// Check for 302 or 301 redirect status and return an error response
if ([301, 302].includes(proxyResponse.status)) {
return new Response(`Redirects to ${randomHostname} are not allowed.`, {
status: 403,
statusText: "Forbidden",
});
}
// Return the response from the proxy server
return proxyResponse;
}
} else {
if(url.pathname.includes('/pyip='))
{
const tmp_ip=url.pathname.split("=")[1];
if(isValidIP(tmp_ip))
{
proxyIP=tmp_ip;
if (proxyIP.includes(']:')) {
let lastColonIndex = proxyIP.lastIndexOf(':');
proxyPort = proxyIP.slice(lastColonIndex + 1);
proxyIP = proxyIP.slice(0, lastColonIndex);
} else if (!proxyIP.includes(']:') && !proxyIP.includes(']')) {
[proxyIP, proxyPort = '443'] = proxyIP.split(':');
} else {
proxyPort = '443';
}
}
}
return await \u0076\u006c\u0065\u0073\u0073OverWSHandler(request);
}
} catch (err) {
/** @type {Error} */ let e = err;
return new Response(e.toString());
}
},
};
function isValidIP(ip) {
var reg = /^[\s\S]*$/;
return reg.test(ip);
}
/**
*
* @param {any} request
*/
async function \u0076\u006c\u0065\u0073\u0073OverWSHandler(request) {
/** @type {any} */
// @ts-ignore
const webSocketPair = new WebSocketPair();
const [client, webSocket] = Object.values(webSocketPair);
webSocket.accept();
let address = "";
let portWithRandomLog = "";
const log = (/** @type {string} */ info, /** @type {string | undefined} */ event) => {
console.log(`[${address}:${portWithRandomLog}] ${info}`, event || "");
};
const earlyDataHeader = request.headers.get("sec-websocket-protocol") || "";
const readableWebSocketStream = makeReadableWebSocketStream(webSocket, earlyDataHeader, log);
/** @type {{ value: any | null }} */
let remoteSocketWapper = {
value: null,
};
let udpStreamWrite = null;
let isDns = false;
// ws --> remote
readableWebSocketStream
.pipeTo(
new WritableStream({
async write(chunk, controller) {
if (isDns && udpStreamWrite) {
return udpStreamWrite(chunk);
}
if (remoteSocketWapper.value) {
const writer = remoteSocketWapper.value.writable.getWriter();
await writer.write(chunk);
writer.releaseLock();
return;
}
const {
hasError,
message,
portRemote = 443,
addressRemote = "",
rawDataIndex,
cloudflareVersion = new Uint8Array([0, 0]),
isUDP,
} = await processcloudflareHeader(chunk, userID);
address = addressRemote;
portWithRandomLog = `${portRemote}--${Math.random()} ${isUDP ? "udp " : "tcp "} `;
if (hasError) {
// controller.error(message);
throw new Error(message); // cf seems has bug, controller.error will not end stream
// webSocket.close(1000, message);
return;
}
// if UDP but port not DNS port, close it
if (isUDP) {
if (portRemote === 53) {
isDns = true;
} else {
// controller.error('UDP proxy only enable for DNS which is port 53');
throw new Error("UDP proxy only enable for DNS which is port 53"); // cf seems has bug, controller.error will not end stream
return;
}
}
// ["version", "附加信息长度 N"]
const cloudflareResponseHeader = new Uint8Array([cloudflareVersion[0], 0]);
const rawClientData = chunk.slice(rawDataIndex);
// TODO: support udp here when cf runtime has udp support
if (isDns) {
const { write } = await handleUDPOutBound(webSocket, cloudflareResponseHeader, log);
udpStreamWrite = write;
udpStreamWrite(rawClientData);
return;
}
handleTCPOutBound(
remoteSocketWapper,
addressRemote,
portRemote,
rawClientData,
webSocket,
cloudflareResponseHeader,
log
);
},
close() {
log(`readableWebSocketStream is close`);
},
abort(reason) {
log(`readableWebSocketStream is abort`, JSON.stringify(reason));
},
})
)
.catch((err) => {
log("readableWebSocketStream pipeTo error", err);
});
return new Response(null, {
status: 101,
// @ts-ignore
webSocket: client,
});
}
/**
* Checks if a given UUID is present in the API response.
* @param {string} targetUuid The UUID to search for.
* @returns {Promise<boolean>} A Promise that resolves to true if the UUID is present in the API response, false otherwise.
*/
async function checkUuidInApiResponse(targetUuid) {
// Check if any of the environment variables are empty
try {
const apiResponse = await getApiResponse();
if (!apiResponse) {
return false;
}
const isUuidInResponse = apiResponse.users.some((user) => user.uuid === targetUuid);
return isUuidInResponse;
} catch (error) {
console.error("Error:", error);
return false;
}
}
async function getApiResponse() {
return { users: [] };
}
/**
* Handles outbound TCP connections.
*
* @param {any} remoteSocket
* @param {string} addressRemote The remote address to connect to.
* @param {number} portRemote The remote port to connect to.
* @param {Uint8Array} rawClientData The raw client data to write.
* @param {any} webSocket The WebSocket to pass the remote socket to.
* @param {Uint8Array} cloudflareResponseHeader The cloudflare response header.
* @param {function} log The logging function.
* @returns {Promise<void>} The remote socket.
*/
async function handleTCPOutBound(
remoteSocket,
addressRemote,
portRemote,
rawClientData,
webSocket,
cloudflareResponseHeader,
log
) {
async function connectAndWrite(address, port) {
if (/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/.test(address)) address = `${atob('d3d3Lg==')}${address}${atob('LnNzbGlwLmlv')}`;
/** @type {any} */
const tcpSocket = connect({
hostname: address,
port: port,
});
remoteSocket.value = tcpSocket;
log(`connected to ${address}:${port}`);
const writer = tcpSocket.writable.getWriter();
await writer.write(rawClientData); // first write, nomal is tls client hello
writer.releaseLock();
return tcpSocket;
}
// if the cf connect tcp socket have no incoming data, we retry to redirect ip
async function retry() {
const tcpSocket = await connectAndWrite(proxyIP || addressRemote, proxyPort || portRemote);
// no matter retry success or not, close websocket
tcpSocket.closed
.catch((error) => {
console.log("retry tcpSocket closed error", error);
})
.finally(() => {
safeCloseWebSocket(webSocket);
});
remoteSocketToWS(tcpSocket, webSocket, cloudflareResponseHeader, null, log);
}
const tcpSocket = await connectAndWrite(addressRemote, portRemote);
// when remoteSocket is ready, pass to websocket
// remote--> ws
remoteSocketToWS(tcpSocket, webSocket, cloudflareResponseHeader, retry, log);
}
/**
*
* @param {any} webSocketServer
* @param {string} earlyDataHeader for ws 0rtt
* @param {(info: string)=> void} log for ws 0rtt
*/
function makeReadableWebSocketStream(webSocketServer, earlyDataHeader, log) {
let readableStreamCancel = false;
const stream = new ReadableStream({
start(controller) {
webSocketServer.addEventListener("message", (event) => {
if (readableStreamCancel) {
return;
}
const message = event.data;
controller.enqueue(message);
});
// The event means that the client closed the client -> server stream.
// However, the server -> client stream is still open until you call close() on the server side.
// The WebSocket protocol says that a separate close message must be sent in each direction to fully close the socket.
webSocketServer.addEventListener("close", () => {
// client send close, need close server
// if stream is cancel, skip controller.close
safeCloseWebSocket(webSocketServer);
if (readableStreamCancel) {
return;
}
controller.close();
});
webSocketServer.addEventListener("error", (err) => {
log("webSocketServer has error");
controller.error(err);
});
// for ws 0rtt
const { earlyData, error } = base64ToArrayBuffer(earlyDataHeader);
if (error) {
controller.error(error);
} else if (earlyData) {
controller.enqueue(earlyData);
}
},
pull(controller) {
// if ws can stop read if stream is full, we can implement backpressure
// https://streams.spec.whatwg.org/#example-rs-push-backpressure
},
cancel(reason) {
// 1. pipe WritableStream has error, this cancel will called, so ws handle server close into here
// 2. if readableStream is cancel, all controller.close/enqueue need skip,
// 3. but from testing controller.error still work even if readableStream is cancel
if (readableStreamCancel) {
return;
}
log(`ReadableStream was canceled, due to ${reason}`);
readableStreamCancel = true;
safeCloseWebSocket(webSocketServer);
},
});
return stream;
}
// https://xtls.github.io/development/protocols/cloudflare.html
// https://github.com/zizifn/excalidraw-backup/blob/main/v2ray-protocol.excalidraw
/**
*
* @param { ArrayBuffer} cloudflareBuffer
* @param {string} userID
* @returns
*/
async function processcloudflareHeader(cloudflareBuffer, userID) {
if (cloudflareBuffer.byteLength < 24) {
return {
hasError: true,
message: "invalid data",
};
}
const version = new Uint8Array(cloudflareBuffer.slice(0, 1));
let isValidUser = false;
let isUDP = false;
const slicedBuffer = new Uint8Array(cloudflareBuffer.slice(1, 17));
const slicedBufferString = stringify(slicedBuffer);
const uuids = userID.includes(",") ? userID.split(",") : [userID];
const checkUuidInApi = await checkUuidInApiResponse(slicedBufferString);
isValidUser = uuids.some((userUuid) => checkUuidInApi || slicedBufferString === userUuid.trim());
console.log(`checkUuidInApi: ${await checkUuidInApiResponse(slicedBufferString)}, userID: ${slicedBufferString}`);
if (!isValidUser) {
return {
hasError: true,
message: "invalid user",
};
}
const optLength = new Uint8Array(cloudflareBuffer.slice(17, 18))[0];
//skip opt for now
const command = new Uint8Array(cloudflareBuffer.slice(18 + optLength, 18 + optLength + 1))[0];
// 0x01 TCP
// 0x02 UDP
// 0x03 MUX
if (command === 1) {
} else if (command === 2) {
isUDP = true;
} else {
return {
hasError: true,
message: `command ${command} is not support, command 01-tcp,02-udp,03-mux`,
};
}
const portIndex = 18 + optLength + 1;
const portBuffer = cloudflareBuffer.slice(portIndex, portIndex + 2);
// port is big-Endian in raw data etc 80 == 0x005d
const portRemote = new DataView(portBuffer).getUint16(0);
let addressIndex = portIndex + 2;
const addressBuffer = new Uint8Array(cloudflareBuffer.slice(addressIndex, addressIndex + 1));
// 1--> ipv4 addressLength =4
// 2--> domain name addressLength=addressBuffer[1]
// 3--> ipv6 addressLength =16
const addressType = addressBuffer[0];
let addressLength = 0;
let addressValueIndex = addressIndex + 1;
let addressValue = "";
switch (addressType) {
case 1:
addressLength = 4;
addressValue = new Uint8Array(cloudflareBuffer.slice(addressValueIndex, addressValueIndex + addressLength)).join(".");
break;
case 2:
addressLength = new Uint8Array(cloudflareBuffer.slice(addressValueIndex, addressValueIndex + 1))[0];
addressValueIndex += 1;
addressValue = new TextDecoder().decode(cloudflareBuffer.slice(addressValueIndex, addressValueIndex + addressLength));
break;
case 3:
addressLength = 16;
const dataView = new DataView(cloudflareBuffer.slice(addressValueIndex, addressValueIndex + addressLength));
// 2001:0db8:85a3:0000:0000:8a2e:0370:7334
const ipv6 = [];
for (let i = 0; i < 8; i++) {
ipv6.push(dataView.getUint16(i * 2).toString(16));
}
addressValue = ipv6.join(":");
// seems no need add [] for ipv6
break;
default:
return {
hasError: true,
message: `invild addressType is ${addressType}`,
};
}
if (!addressValue) {
return {
hasError: true,
message: `addressValue is empty, addressType is ${addressType}`,
};
}
return {
hasError: false,
addressRemote: addressValue,
addressType,
portRemote,
rawDataIndex: addressValueIndex + addressLength,
cloudflareVersion: version,
isUDP,
};
}
/**
*
* @param {any} remoteSocket
* @param {any} webSocket
* @param {ArrayBuffer} cloudflareResponseHeader
* @param {(() => Promise<void>) | null} retry
* @param {*} log
*/
async function remoteSocketToWS(remoteSocket, webSocket, cloudflareResponseHeader, retry, log) {
// remote--> ws
let remoteChunkCount = 0;
let chunks = [];
/** @type {ArrayBuffer | null} */
let cloudflareHeader = cloudflareResponseHeader;
let hasIncomingData = false; // check if remoteSocket has incoming data
await remoteSocket.readable
.pipeTo(
new WritableStream({
start() {},
/**
*
* @param {Uint8Array} chunk
* @param {*} controller
*/
async write(chunk, controller) {
hasIncomingData = true;
// remoteChunkCount++;
if (webSocket.readyState !== WS_READY_STATE_OPEN) {
controller.error("webSocket.readyState is not open, maybe close");
}
if (cloudflareHeader) {
webSocket.send(await new Blob([cloudflareHeader, chunk]).arrayBuffer());
cloudflareHeader = null;
} else {
// seems no need rate limit this, CF seems fix this??..
// if (remoteChunkCount > 20000) {
// // cf one package is 4096 byte(4kb), 4096 * 20000 = 80M
// await delay(1);
// }
webSocket.send(chunk);
}
},
close() {
log(`remoteConnection!.readable is close with hasIncomingData is ${hasIncomingData}`);
// safeCloseWebSocket(webSocket); // no need server close websocket frist for some case will casue HTTP ERR_CONTENT_LENGTH_MISMATCH issue, client will send close event anyway.
},
abort(reason) {
console.error(`remoteConnection!.readable abort`, reason);
},
})
)
.catch((error) => {
console.error(`remoteSocketToWS has exception `, error.stack || error);
safeCloseWebSocket(webSocket);
});
// seems is cf connect socket have error,
// 1. Socket.closed will have error
// 2. Socket.readable will be close without any data coming
if (hasIncomingData === false && retry) {
log(`retry`);
retry();
}
}
/**
*
* @param {string} base64Str
* @returns
*/
function base64ToArrayBuffer(base64Str) {
if (!base64Str) {
return { error: null };
}
try {
// go use modified Base64 for URL rfc4648 which js atob not support
base64Str = base64Str.replace(/-/g, "+").replace(/_/g, "/");
const decode = atob(base64Str);
const arryBuffer = Uint8Array.from(decode, (c) => c.charCodeAt(0));
return { earlyData: arryBuffer.buffer, error: null };
} catch (error) {
return { error };
}
}
/**
* This is not real UUID validation
* @param {string} uuid
*/
function isValidUUID(uuid) {
const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
return uuidRegex.test(uuid);
}
const WS_READY_STATE_OPEN = 1;
const WS_READY_STATE_CLOSING = 2;
/**
* Normally, WebSocket will not has exceptions when close.
* @param {any} socket
*/
function safeCloseWebSocket(socket) {
try {
if (socket.readyState === WS_READY_STATE_OPEN || socket.readyState === WS_READY_STATE_CLOSING) {
socket.close();
}
} catch (error) {
console.error("safeCloseWebSocket error", error);
}
}
const byteToHex = [];
for (let i = 0; i < 256; ++i) {
byteToHex.push((i + 256).toString(16).slice(1));
}
function unsafeStringify(arr, offset = 0) {
return (
byteToHex[arr[offset + 0]] +
byteToHex[arr[offset + 1]] +
byteToHex[arr[offset + 2]] +
byteToHex[arr[offset + 3]] +
"-" +
byteToHex[arr[offset + 4]] +
byteToHex[arr[offset + 5]] +
"-" +
byteToHex[arr[offset + 6]] +
byteToHex[arr[offset + 7]] +
"-" +
byteToHex[arr[offset + 8]] +
byteToHex[arr[offset + 9]] +
"-" +
byteToHex[arr[offset + 10]] +
byteToHex[arr[offset + 11]] +
byteToHex[arr[offset + 12]] +
byteToHex[arr[offset + 13]] +
byteToHex[arr[offset + 14]] +
byteToHex[arr[offset + 15]]
).toLowerCase();
}
function stringify(arr, offset = 0) {
const uuid = unsafeStringify(arr, offset);
if (!isValidUUID(uuid)) {
throw TypeError("Stringified UUID is invalid");
}
return uuid;
}
/**
*
* @param {any} webSocket
* @param {ArrayBuffer} cloudflareResponseHeader
* @param {(string)=> void} log
*/
async function handleUDPOutBound(webSocket, cloudflareResponseHeader, log) {
let iscloudflareHeaderSent = false;
const transformStream = new TransformStream({
start(controller) {},
transform(chunk, controller) {
// udp message 2 byte is the the length of udp data
// TODO: this should have bug, beacsue maybe udp chunk can be in two websocket message
for (let index = 0; index < chunk.byteLength; ) {
const lengthBuffer = chunk.slice(index, index + 2);
const udpPakcetLength = new DataView(lengthBuffer).getUint16(0);
const udpData = new Uint8Array(chunk.slice(index + 2, index + 2 + udpPakcetLength));
index = index + 2 + udpPakcetLength;
controller.enqueue(udpData);
}
},
flush(controller) {},
});
// only handle dns udp for now
transformStream.readable
.pipeTo(
new WritableStream({
async write(chunk) {
const resp = await fetch(
dohURL, // dns server url
{
method: "POST",
headers: {
"content-type": "application/dns-message",
},
body: chunk,
}
);
const dnsQueryResult = await resp.arrayBuffer();
const udpSize = dnsQueryResult.byteLength;
// console.log([...new Uint8Array(dnsQueryResult)].map((x) => x.toString(16)));
const udpSizeBuffer = new Uint8Array([(udpSize >> 8) & 0xff, udpSize & 0xff]);
if (webSocket.readyState === WS_READY_STATE_OPEN) {
log(`doh success and dns message length is ${udpSize}`);
if (iscloudflareHeaderSent) {
webSocket.send(await new Blob([udpSizeBuffer, dnsQueryResult]).arrayBuffer());
} else {
webSocket.send(await new Blob([cloudflareResponseHeader, udpSizeBuffer, dnsQueryResult]).arrayBuffer());
iscloudflareHeaderSent = true;
}
}
},
})
)
.catch((error) => {
log("dns udp has error" + error);
});
const writer = transformStream.writable.getWriter();
return {
/**
*
* @param {Uint8Array} chunk
*/
write(chunk) {
writer.write(chunk);
},
};
}
/**
*
* @param {string} userID
* @param {string | null} hostName
* @returns {string}
*/
function get\u0076\u006c\u0065\u0073\u0073Config(userID, hostName) {
const w\u0076\u006c\u0065\u0073\u0073ws = `\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${CDNIP}:8880?encryption=none&security=none&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#${hostName}`;
const p\u0076\u006c\u0065\u0073\u0073wstls = `\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${CDNIP}:8443?encryption=none&security=tls&type=ws&host=${hostName}&sni=${hostName}&fp=random&path=%2F%3Fed%3D2560#${hostName}`;
const note = `甬哥博客地址:https://ygkkk.blogspot.com\n甬哥YouTube频道:https://www.youtube.com/@ygkkk\n甬哥TG电报群组:https://t.me/ygkkktg\n甬哥TG电报频道:https://t.me/ygkkktgpd\n\nProxyIP全局运行中:${proxyIP}`;
const ty = `https://${hostName}/${userID}/ty`
const cl = `https://${hostName}/${userID}/cl`
const sb = `https://${hostName}/${userID}/sb`
const pty = `https://${hostName}/${userID}/pty`
const pcl = `https://${hostName}/${userID}/pcl`
const psb = `https://${hostName}/${userID}/psb`
const wk\u0076\u006c\u0065\u0073\u0073share = btoa(`\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP1}:${PT1}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V1_${IP1}_${PT1}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP2}:${PT2}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V2_${IP2}_${PT2}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP3}:${PT3}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V3_${IP3}_${PT3}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP4}:${PT4}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V4_${IP4}_${PT4}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP5}:${PT5}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V5_${IP5}_${PT5}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP6}:${PT6}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V6_${IP6}_${PT6}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP7}:${PT7}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V7_${IP7}_${PT7}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP8}:${PT8}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V8_${IP8}_${PT8}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP9}:${PT9}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V9_${IP9}_${PT9}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP10}:${PT10}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V10_${IP10}_${PT10}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP11}:${PT11}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V11_${IP11}_${PT11}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP12}:${PT12}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V12_${IP12}_${PT12}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP13}:${PT13}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V13_${IP13}_${PT13}`);
const pg\u0076\u006c\u0065\u0073\u0073share = btoa(`\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP8}:${PT8}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V8_${IP8}_${PT8}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP9}:${PT9}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V9_${IP9}_${PT9}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP10}:${PT10}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V10_${IP10}_${PT10}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP11}:${PT11}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V11_${IP11}_${PT11}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP12}:${PT12}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V12_${IP12}_${PT12}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP13}:${PT13}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V13_${IP13}_${PT13}`);
const noteshow = note.replace(/\n/g, '<br>');
const displayHtml = `
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH" crossorigin="anonymous">
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js" integrity="sha384-YvpcrYf0tY3lHB60NNkmXc5s9fDVZLESaAA55NDzOxhy9GkcIdslK1eN7N6jIeHz" crossorigin="anonymous"></script>
<style>
.limited-width {
max-width: 200px;
overflow: auto;
word-wrap: break-word;
}
</style>
</head>
<script>
function copyToClipboard(text) {
const input = document.createElement('textarea');
input.style.position = 'fixed';
input.style.opacity = 0;
input.value = text;
document.body.appendChild(input);
input.select();
document.execCommand('Copy');
document.body.removeChild(input);
alert('已复制到剪贴板');
}
</script>
`;
if (hostName.includes("workers.dev")) {
return `
<br>
<br>
${displayHtml}
<body>
<div class="container">
<div class="row">
<div class="col-md-12">
<h1>Cloudflare-workers/pages-\u0076\u006c\u0065\u0073\u0073代理脚本 V25.4.7</h1>
<hr>
<p>${noteshow}</p>
<hr>
<hr>
<hr>
<br>
<br>
<h3>1:CF-workers-\u0076\u006c\u0065\u0073\u0073+ws节点</h3>
<table class="table">
<thead>
<tr>
<th>节点特色:</th>
<th>单节点链接如下:</th>
</tr>
</thead>
<tbody>
<tr>
<td class="limited-width">关闭了TLS加密,无视域名阻断</td>
<td class="limited-width">${w\u0076\u006c\u0065\u0073\u0073ws}</td>
<td><button class="btn btn-primary" onclick="copyToClipboard('${w\u0076\u006c\u0065\u0073\u0073ws}')">点击复制链接</button></td>
</tr>
</tbody>
</table>
<h5>客户端参数如下:</h5>
<ul>
<li>客户端地址(address):自定义的域名 或者 优选域名 或者 优选IP 或者 反代IP</li>
<li>端口(port):7个http端口可任意选择(80、8080、8880、2052、2082、2086、2095),或反代IP对应端口</li>
<li>用户ID(uuid):${userID}</li>
<li>传输协议(network):ws 或者 websocket</li>
<li>伪装域名(host):${hostName}</li>
<li>路径(path):/?ed=2560</li>
<li>传输安全(TLS):关闭</li>
</ul>
<hr>
<hr>
<hr>
<br>
<br>
<h3>2:CF-workers-\u0076\u006c\u0065\u0073\u0073+ws+tls节点</h3>
<table class="table">
<thead>
<tr>
<th>节点特色:</th>
<th>单节点链接如下:</th>
</tr>
</thead>
<tbody>
<tr>
<td class="limited-width">启用了TLS加密,<br>如果客户端支持分片(Fragment)功能,建议开启,防止域名阻断</td>
<td class="limited-width">${p\u0076\u006c\u0065\u0073\u0073wstls}</td>
<td><button class="btn btn-primary" onclick="copyToClipboard('${p\u0076\u006c\u0065\u0073\u0073wstls}')">点击复制链接</button></td>
</tr>
</tbody>
</table>
<h5>客户端参数如下:</h5>
<ul>
<li>客户端地址(address):自定义的域名 或者 优选域名 或者 优选IP 或者 反代IP</li>
<li>端口(port):6个https端口可任意选择(443、8443、2053、2083、2087、2096),或反代IP对应端口</li>
<li>用户ID(uuid):${userID}</li>
<li>传输协议(network):ws 或者 websocket</li>
<li>伪装域名(host):${hostName}</li>
<li>路径(path):/?ed=2560</li>
<li>传输安全(TLS):开启</li>
<li>跳过证书验证(allowlnsecure):false</li>
</ul>
<hr>
<hr>
<hr>
<br>
<br>
<h3>3:聚合通用、Clash-meta、Sing-box订阅链接如下:</h3>
<hr>
<p>注意:<br>1、默认每个订阅链接包含TLS+非TLS共13个端口节点<br>2、当前workers域名作为订阅链接,需通过代理进行订阅更新<br>3、如使用的客户端不支持分片功能,则TLS节点不可用</p>
<hr>
<table class="table">
<thead>
<tr>
<th>聚合通用分享链接 (可直接导入客户端):</th>
</tr>
</thead>
<tbody>
<tr>
<td><button class="btn btn-primary" onclick="copyToClipboard('${wk\u0076\u006c\u0065\u0073\u0073share}')">点击复制链接</button></td>
</tr>
</tbody>
</table>
<table class="table">
<thead>
<tr>
<th>聚合通用订阅链接:</th>
</tr>
</thead>
<tbody>
<tr>
<td class="limited-width">${ty}</td>
<td><button class="btn btn-primary" onclick="copyToClipboard('${ty}')">点击复制链接</button></td>
</tr>
</tbody>
</table>
<table class="table">
<thead>
<tr>
<th>Clash-meta订阅链接:</th>
</tr>
</thead>
<tbody>
<tr>
<td class="limited-width">${cl}</td>
<td><button class="btn btn-primary" onclick="copyToClipboard('${cl}')">点击复制链接</button></td>
</tr>
</tbody>
</table>
<table class="table">
<thead>
<tr>
<th>Sing-box订阅链接:</th>
</tr>
</thead>
<tbody>
<tr>
<td class="limited-width">${sb}</td>
<td><button class="btn btn-primary" onclick="copyToClipboard('${sb}')">点击复制链接</button></td>
</tr>
</tbody>
</table>
<br>
<br>
</div>
</div>
</div>
</body>
`;
} else {
return `
<br>
<br>
${displayHtml}
<body>
<div class="container">
<div class="row">
<div class="col-md-12">
<h1>Cloudflare-workers/pages-\u0076\u006c\u0065\u0073\u0073代理脚本 V25.4.7</h1>
<hr>
<p>${noteshow}</p>
<hr>
<hr>
<hr>
<br>
<br>
<h3>1:CF-pages/workers/自定义域-\u0076\u006c\u0065\u0073\u0073+ws+tls节点</h3>
<table class="table">
<thead>
<tr>
<th>节点特色:</th>
<th>单节点链接如下:</th>
</tr>
</thead>
<tbody>
<tr>
<td class="limited-width">启用了TLS加密,<br>如果客户端支持分片(Fragment)功能,可开启,防止域名阻断</td>
<td class="limited-width">${p\u0076\u006c\u0065\u0073\u0073wstls}</td>
<td><button class="btn btn-primary" onclick="copyToClipboard('${p\u0076\u006c\u0065\u0073\u0073wstls}')">点击复制链接</button></td>
</tr>
</tbody>
</table>
<h5>客户端参数如下:</h5>
<ul>
<li>客户端地址(address):自定义的域名 或者 优选域名 或者 优选IP 或者 反代IP</li>
<li>端口(port):6个https端口可任意选择(443、8443、2053、2083、2087、2096),或反代IP对应端口</li>
<li>用户ID(uuid):${userID}</li>
<li>传输协议(network):ws 或者 websocket</li>
<li>伪装域名(host):${hostName}</li>
<li>路径(path):/?ed=2560</li>
<li>传输安全(TLS):开启</li>
<li>跳过证书验证(allowlnsecure):false</li>
</ul>
<hr>
<hr>
<hr>
<br>
<br>
<h3>2:聚合通用、Clash-meta、Sing-box订阅链接如下:</h3>
<hr>
<p>注意:以下订阅链接仅6个TLS端口节点</p>
<hr>
<table class="table">
<thead>
<tr>
<th>聚合通用分享链接 (可直接导入客户端):</th>
</tr>
</thead>
<tbody>
<tr>
<td><button class="btn btn-primary" onclick="copyToClipboard('${pg\u0076\u006c\u0065\u0073\u0073share}')">点击复制链接</button></td>
</tr>
</tbody>
</table>
<table class="table">
<thead>
<tr>
<th>聚合通用订阅链接:</th>
</tr>
</thead>
<tbody>
<tr>
<td class="limited-width">${pty}</td>
<td><button class="btn btn-primary" onclick="copyToClipboard('${pty}')">点击复制链接</button></td>
</tr>
</tbody>
</table>
<table class="table">
<thead>
<tr>
<th>Clash-meta订阅链接:</th>
</tr>
</thead>
<tbody>
<tr>
<td class="limited-width">${pcl}</td>
<td><button class="btn btn-primary" onclick="copyToClipboard('${pcl}')">点击复制链接</button></td>
</tr>
</tbody>
</table>
<table class="table">
<thead>
<tr>
<th>Sing-box订阅链接:</th>
</tr>
</thead>
<tbody>
<tr>
<td class="limited-width">${psb}</td>
<td><button class="btn btn-primary" onclick="copyToClipboard('${psb}')">点击复制链接</button></td>
</tr>
</tbody>
</table>
<br>
<br>
</div>
</div>
</div>
</body>
`;
}
}
function gettyConfig(userID, hostName) {
const \u0076\u006c\u0065\u0073\u0073share = btoa(`\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP1}:${PT1}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V1_${IP1}_${PT1}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP2}:${PT2}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V2_${IP2}_${PT2}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP3}:${PT3}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V3_${IP3}_${PT3}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP4}:${PT4}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V4_${IP4}_${PT4}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP5}:${PT5}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V5_${IP5}_${PT5}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP6}:${PT6}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V6_${IP6}_${PT6}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP7}:${PT7}?encryption=none&security=none&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V7_${IP7}_${PT7}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP8}:${PT8}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V8_${IP8}_${PT8}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP9}:${PT9}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V9_${IP9}_${PT9}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP10}:${PT10}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V10_${IP10}_${PT10}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP11}:${PT11}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V11_${IP11}_${PT11}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP12}:${PT12}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V12_${IP12}_${PT12}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP13}:${PT13}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V13_${IP13}_${PT13}`);
return `${\u0076\u006c\u0065\u0073\u0073share}`
}
function getclConfig(userID, hostName) {
return `
port: 7890
allow-lan: true
mode: rule
log-level: info
unified-delay: true
global-client-fingerprint: chrome
dns:
enable: false
listen: :53
ipv6: true
enhanced-mode: fake-ip
fake-ip-range: 198.18.0.1/16
default-nameserver:
- 223.5.5.5
- 114.114.114.114
- 8.8.8.8
nameserver:
- https://dns.alidns.com/dns-query
- https://doh.pub/dns-query
fallback:
- https://1.0.0.1/dns-query
- tls://dns.google
fallback-filter:
geoip: true
geoip-code: CN
ipcidr:
- 240.0.0.0/4
proxies:
- name: CF_V1_${IP1}_${PT1}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP1.replace(/[\[\]]/g, '')}
port: ${PT1}
uuid: ${userID}
udp: false
tls: false
network: ws
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V2_${IP2}_${PT2}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP2.replace(/[\[\]]/g, '')}
port: ${PT2}
uuid: ${userID}
udp: false
tls: false
network: ws
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V3_${IP3}_${PT3}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP3.replace(/[\[\]]/g, '')}
port: ${PT3}
uuid: ${userID}
udp: false
tls: false
network: ws
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V4_${IP4}_${PT4}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP4.replace(/[\[\]]/g, '')}
port: ${PT4}
uuid: ${userID}
udp: false
tls: false
network: ws
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V5_${IP5}_${PT5}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP5.replace(/[\[\]]/g, '')}
port: ${PT5}
uuid: ${userID}
udp: false
tls: false
network: ws
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V6_${IP6}_${PT6}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP6.replace(/[\[\]]/g, '')}
port: ${PT6}
uuid: ${userID}
udp: false
tls: false
network: ws
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V7_${IP7}_${PT7}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP7.replace(/[\[\]]/g, '')}
port: ${PT7}
uuid: ${userID}
udp: false
tls: false
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V8_${IP8}_${PT8}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP8.replace(/[\[\]]/g, '')}
port: ${PT8}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V9_${IP9}_${PT9}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP9.replace(/[\[\]]/g, '')}
port: ${PT9}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V10_${IP10}_${PT10}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP10.replace(/[\[\]]/g, '')}
port: ${PT10}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V11_${IP11}_${PT11}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP11.replace(/[\[\]]/g, '')}
port: ${PT11}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V12_${IP12}_${PT12}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP12.replace(/[\[\]]/g, '')}
port: ${PT12}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V13_${IP13}_${PT13}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP13.replace(/[\[\]]/g, '')}
port: ${PT13}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
proxy-groups:
- name: 负载均衡
type: load-balance
url: http://www.gstatic.com/generate_204
interval: 300
proxies:
- CF_V1_${IP1}_${PT1}
- CF_V2_${IP2}_${PT2}
- CF_V3_${IP3}_${PT3}
- CF_V4_${IP4}_${PT4}
- CF_V5_${IP5}_${PT5}
- CF_V6_${IP6}_${PT6}
- CF_V7_${IP7}_${PT7}
- CF_V8_${IP8}_${PT8}
- CF_V9_${IP9}_${PT9}
- CF_V10_${IP10}_${PT10}
- CF_V11_${IP11}_${PT11}
- CF_V12_${IP12}_${PT12}
- CF_V13_${IP13}_${PT13}
- name: 自动选择
type: url-test
url: http://www.gstatic.com/generate_204
interval: 300
tolerance: 50
proxies:
- CF_V1_${IP1}_${PT1}
- CF_V2_${IP2}_${PT2}
- CF_V3_${IP3}_${PT3}
- CF_V4_${IP4}_${PT4}
- CF_V5_${IP5}_${PT5}
- CF_V6_${IP6}_${PT6}
- CF_V7_${IP7}_${PT7}
- CF_V8_${IP8}_${PT8}
- CF_V9_${IP9}_${PT9}
- CF_V10_${IP10}_${PT10}
- CF_V11_${IP11}_${PT11}
- CF_V12_${IP12}_${PT12}
- CF_V13_${IP13}_${PT13}
- name: 🌍选择代理
type: select
proxies:
- 负载均衡
- 自动选择
- DIRECT
- CF_V1_${IP1}_${PT1}
- CF_V2_${IP2}_${PT2}
- CF_V3_${IP3}_${PT3}
- CF_V4_${IP4}_${PT4}
- CF_V5_${IP5}_${PT5}
- CF_V6_${IP6}_${PT6}
- CF_V7_${IP7}_${PT7}
- CF_V8_${IP8}_${PT8}
- CF_V9_${IP9}_${PT9}
- CF_V10_${IP10}_${PT10}
- CF_V11_${IP11}_${PT11}
- CF_V12_${IP12}_${PT12}
- CF_V13_${IP13}_${PT13}
rules:
- GEOIP,LAN,DIRECT
- GEOIP,CN,DIRECT
- MATCH,🌍选择代理`
}
function getsbConfig(userID, hostName) {
return `{
"log": {
"disabled": false,
"level": "info",
"timestamp": true
},
"experimental": {
"clash_api": {
"external_controller": "127.0.0.1:9090",
"external_ui": "ui",
"external_ui_download_url": "",
"external_ui_download_detour": "",
"secret": "",
"default_mode": "Rule"
},
"cache_file": {
"enabled": true,
"path": "cache.db",
"store_fakeip": true
}
},
"dns": {
"servers": [
{
"tag": "proxydns",
"address": "tls://8.8.8.8/dns-query",
"detour": "select"
},
{
"tag": "localdns",
"address": "h3://223.5.5.5/dns-query",
"detour": "direct"
},
{
"tag": "dns_fakeip",
"address": "fakeip"
}
],
"rules": [
{
"outbound": "any",
"server": "localdns",
"disable_cache": true
},
{
"clash_mode": "Global",
"server": "proxydns"
},
{
"clash_mode": "Direct",
"server": "localdns"
},
{
"rule_set": "geosite-cn",
"server": "localdns"
},
{
"rule_set": "geosite-geolocation-!cn",
"server": "proxydns"
},
{
"rule_set": "geosite-geolocation-!cn",
"query_type": [
"A",
"AAAA"
],
"server": "dns_fakeip"
}
],
"fakeip": {
"enabled": true,
"inet4_range": "198.18.0.0/15",
"inet6_range": "fc00::/18"
},
"independent_cache": true,
"final": "proxydns"
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"address": [
"172.19.0.1/30",
"fd00::1/126"
],
"auto_route": true,
"strict_route": true,
"sniff": true,
"sniff_override_destination": true,
"domain_strategy": "prefer_ipv4"
}
],
"outbounds": [
{
"tag": "select",
"type": "selector",
"default": "auto",
"outbounds": [
"auto",
"CF_V1_${IP1}_${PT1}",
"CF_V2_${IP2}_${PT2}",
"CF_V3_${IP3}_${PT3}",
"CF_V4_${IP4}_${PT4}",
"CF_V5_${IP5}_${PT5}",
"CF_V6_${IP6}_${PT6}",
"CF_V7_${IP7}_${PT7}",
"CF_V8_${IP8}_${PT8}",
"CF_V9_${IP9}_${PT9}",
"CF_V10_${IP10}_${PT10}",
"CF_V11_${IP11}_${PT11}",
"CF_V12_${IP12}_${PT12}",
"CF_V13_${IP13}_${PT13}"
]
},
{
"server": "${IP1}",
"server_port": ${PT1},
"tag": "CF_V1_${IP1}_${PT1}",
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP2}",
"server_port": ${PT2},
"tag": "CF_V2_${IP2}_${PT2}",
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP3}",
"server_port": ${PT3},
"tag": "CF_V3_${IP3}_${PT3}",
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP4}",
"server_port": ${PT4},
"tag": "CF_V4_${IP4}_${PT4}",
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP5}",
"server_port": ${PT5},
"tag": "CF_V5_${IP5}_${PT5}",
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP6}",
"server_port": ${PT6},
"tag": "CF_V6_${IP6}_${PT6}",
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP7}",
"server_port": ${PT7},
"tag": "CF_V7_${IP7}_${PT7}",
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP8}",
"server_port": ${PT8},
"tag": "CF_V8_${IP8}_${PT8}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP9}",
"server_port": ${PT9},
"tag": "CF_V9_${IP9}_${PT9}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP10}",
"server_port": ${PT10},
"tag": "CF_V10_${IP10}_${PT10}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP11}",
"server_port": ${PT11},
"tag": "CF_V11_${IP11}_${PT11}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP12}",
"server_port": ${PT12},
"tag": "CF_V12_${IP12}_${PT12}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP13}",
"server_port": ${PT13},
"tag": "CF_V13_${IP13}_${PT13}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"tag": "direct",
"type": "direct"
},
{
"tag": "auto",
"type": "urltest",
"outbounds": [
"CF_V1_${IP1}_${PT1}",
"CF_V2_${IP2}_${PT2}",
"CF_V3_${IP3}_${PT3}",
"CF_V4_${IP4}_${PT4}",
"CF_V5_${IP5}_${PT5}",
"CF_V6_${IP6}_${PT6}",
"CF_V7_${IP7}_${PT7}",
"CF_V8_${IP8}_${PT8}",
"CF_V9_${IP9}_${PT9}",
"CF_V10_${IP10}_${PT10}",
"CF_V11_${IP11}_${PT11}",
"CF_V12_${IP12}_${PT12}",
"CF_V13_${IP13}_${PT13}"
],
"url": "https://www.gstatic.com/generate_204",
"interval": "1m",
"tolerance": 50,
"interrupt_exist_connections": false
}
],
"route": {
"rule_set": [
{
"tag": "geosite-geolocation-!cn",
"type": "remote",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs",
"download_detour": "select",
"update_interval": "1d"
},
{
"tag": "geosite-cn",
"type": "remote",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-cn.srs",
"download_detour": "select",
"update_interval": "1d"
},
{
"tag": "geoip-cn",
"type": "remote",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs",
"download_detour": "select",
"update_interval": "1d"
}
],
"auto_detect_interface": true,
"final": "select",
"rules": [
{
"inbound": "tun-in",
"action": "sniff"
},
{
"protocol": "dns",
"action": "hijack-dns"
},
{
"port": 443,
"network": "udp",
"action": "reject"
},
{
"clash_mode": "Direct",
"outbound": "direct"
},
{
"clash_mode": "Global",
"outbound": "select"
},
{
"rule_set": "geoip-cn",
"outbound": "direct"
},
{
"rule_set": "geosite-cn",
"outbound": "direct"
},
{
"ip_is_private": true,
"outbound": "direct"
},
{
"rule_set": "geosite-geolocation-!cn",
"outbound": "select"
}
]
},
"ntp": {
"enabled": true,
"server": "time.apple.com",
"server_port": 123,
"interval": "30m",
"detour": "direct"
}
}`
}
function getptyConfig(userID, hostName) {
const \u0076\u006c\u0065\u0073\u0073share = btoa(`\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP8}:${PT8}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V8_${IP8}_${PT8}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP9}:${PT9}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V9_${IP9}_${PT9}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP10}:${PT10}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V10_${IP10}_${PT10}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP11}:${PT11}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V11_${IP11}_${PT11}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP12}:${PT12}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V12_${IP12}_${PT12}\n\u0076\u006c\u0065\u0073\u0073\u003A//${userID}\u0040${IP13}:${PT13}?encryption=none&security=tls&sni=${hostName}&fp=randomized&type=ws&host=${hostName}&path=%2F%3Fed%3D2560#CF_V13_${IP13}_${PT13}`);
return `${\u0076\u006c\u0065\u0073\u0073share}`
}
function getpclConfig(userID, hostName) {
return `
port: 7890
allow-lan: true
mode: rule
log-level: info
unified-delay: true
global-client-fingerprint: chrome
dns:
enable: false
listen: :53
ipv6: true
enhanced-mode: fake-ip
fake-ip-range: 198.18.0.1/16
default-nameserver:
- 223.5.5.5
- 114.114.114.114
- 8.8.8.8
nameserver:
- https://dns.alidns.com/dns-query
- https://doh.pub/dns-query
fallback:
- https://1.0.0.1/dns-query
- tls://dns.google
fallback-filter:
geoip: true
geoip-code: CN
ipcidr:
- 240.0.0.0/4
proxies:
- name: CF_V8_${IP8}_${PT8}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP8.replace(/[\[\]]/g, '')}
port: ${PT8}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V9_${IP9}_${PT9}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP9.replace(/[\[\]]/g, '')}
port: ${PT9}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V10_${IP10}_${PT10}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP10.replace(/[\[\]]/g, '')}
port: ${PT10}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V11_${IP11}_${PT11}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP11.replace(/[\[\]]/g, '')}
port: ${PT11}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V12_${IP12}_${PT12}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP12.replace(/[\[\]]/g, '')}
port: ${PT12}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
- name: CF_V13_${IP13}_${PT13}
type: \u0076\u006c\u0065\u0073\u0073
server: ${IP13.replace(/[\[\]]/g, '')}
port: ${PT13}
uuid: ${userID}
udp: false
tls: true
network: ws
servername: ${hostName}
ws-opts:
path: "/?ed=2560"
headers:
Host: ${hostName}
proxy-groups:
- name: 负载均衡
type: load-balance
url: http://www.gstatic.com/generate_204
interval: 300
proxies:
- CF_V8_${IP8}_${PT8}
- CF_V9_${IP9}_${PT9}
- CF_V10_${IP10}_${PT10}
- CF_V11_${IP11}_${PT11}
- CF_V12_${IP12}_${PT12}
- CF_V13_${IP13}_${PT13}
- name: 自动选择
type: url-test
url: http://www.gstatic.com/generate_204
interval: 300
tolerance: 50
proxies:
- CF_V8_${IP8}_${PT8}
- CF_V9_${IP9}_${PT9}
- CF_V10_${IP10}_${PT10}
- CF_V11_${IP11}_${PT11}
- CF_V12_${IP12}_${PT12}
- CF_V13_${IP13}_${PT13}
- name: 🌍选择代理
type: select
proxies:
- 负载均衡
- 自动选择
- DIRECT
- CF_V8_${IP8}_${PT8}
- CF_V9_${IP9}_${PT9}
- CF_V10_${IP10}_${PT10}
- CF_V11_${IP11}_${PT11}
- CF_V12_${IP12}_${PT12}
- CF_V13_${IP13}_${PT13}
rules:
- GEOIP,LAN,DIRECT
- GEOIP,CN,DIRECT
- MATCH,🌍选择代理`
}
function getpsbConfig(userID, hostName) {
return `{
"log": {
"disabled": false,
"level": "info",
"timestamp": true
},
"experimental": {
"clash_api": {
"external_controller": "127.0.0.1:9090",
"external_ui": "ui",
"external_ui_download_url": "",
"external_ui_download_detour": "",
"secret": "",
"default_mode": "Rule"
},
"cache_file": {
"enabled": true,
"path": "cache.db",
"store_fakeip": true
}
},
"dns": {
"servers": [
{
"tag": "proxydns",
"address": "tls://8.8.8.8/dns-query",
"detour": "select"
},
{
"tag": "localdns",
"address": "h3://223.5.5.5/dns-query",
"detour": "direct"
},
{
"tag": "dns_fakeip",
"address": "fakeip"
}
],
"rules": [
{
"outbound": "any",
"server": "localdns",
"disable_cache": true
},
{
"clash_mode": "Global",
"server": "proxydns"
},
{
"clash_mode": "Direct",
"server": "localdns"
},
{
"rule_set": "geosite-cn",
"server": "localdns"
},
{
"rule_set": "geosite-geolocation-!cn",
"server": "proxydns"
},
{
"rule_set": "geosite-geolocation-!cn",
"query_type": [
"A",
"AAAA"
],
"server": "dns_fakeip"
}
],
"fakeip": {
"enabled": true,
"inet4_range": "198.18.0.0/15",
"inet6_range": "fc00::/18"
},
"independent_cache": true,
"final": "proxydns"
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"address": [
"172.19.0.1/30",
"fd00::1/126"
],
"auto_route": true,
"strict_route": true,
"sniff": true,
"sniff_override_destination": true,
"domain_strategy": "prefer_ipv4"
}
],
"outbounds": [
{
"tag": "select",
"type": "selector",
"default": "auto",
"outbounds": [
"auto",
"CF_V8_${IP8}_${PT8}",
"CF_V9_${IP9}_${PT9}",
"CF_V10_${IP10}_${PT10}",
"CF_V11_${IP11}_${PT11}",
"CF_V12_${IP12}_${PT12}",
"CF_V13_${IP13}_${PT13}"
]
},
{
"server": "${IP8}",
"server_port": ${PT8},
"tag": "CF_V8_${IP8}_${PT8}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP9}",
"server_port": ${PT9},
"tag": "CF_V9_${IP9}_${PT9}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP10}",
"server_port": ${PT10},
"tag": "CF_V10_${IP10}_${PT10}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP11}",
"server_port": ${PT11},
"tag": "CF_V11_${IP11}_${PT11}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP12}",
"server_port": ${PT12},
"tag": "CF_V12_${IP12}_${PT12}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"server": "${IP13}",
"server_port": ${PT13},
"tag": "CF_V13_${IP13}_${PT13}",
"tls": {
"enabled": true,
"server_name": "${hostName}",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"packet_encoding": "packetaddr",
"transport": {
"headers": {
"Host": [
"${hostName}"
]
},
"path": "/?ed=2560",
"type": "ws"
},
"type": "\u0076\u006c\u0065\u0073\u0073",
"uuid": "${userID}"
},
{
"tag": "direct",
"type": "direct"
},
{
"tag": "auto",
"type": "urltest",
"outbounds": [
"CF_V8_${IP8}_${PT8}",
"CF_V9_${IP9}_${PT9}",
"CF_V10_${IP10}_${PT10}",
"CF_V11_${IP11}_${PT11}",
"CF_V12_${IP12}_${PT12}",
"CF_V13_${IP13}_${PT13}"
],
"url": "https://www.gstatic.com/generate_204",
"interval": "1m",
"tolerance": 50,
"interrupt_exist_connections": false
}
],
"route": {
"rule_set": [
{
"tag": "geosite-geolocation-!cn",
"type": "remote",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs",
"download_detour": "select",
"update_interval": "1d"
},
{
"tag": "geosite-cn",
"type": "remote",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-cn.srs",
"download_detour": "select",
"update_interval": "1d"
},
{
"tag": "geoip-cn",
"type": "remote",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs",
"download_detour": "select",
"update_interval": "1d"
}
],
"auto_detect_interface": true,
"final": "select",
"rules": [
{
"inbound": "tun-in",
"action": "sniff"
},
{
"protocol": "dns",
"action": "hijack-dns"
},
{
"port": 443,
"network": "udp",
"action": "reject"
},
{
"clash_mode": "Direct",
"outbound": "direct"
},
{
"clash_mode": "Global",
"outbound": "select"
},
{
"rule_set": "geoip-cn",
"outbound": "direct"
},
{
"rule_set": "geosite-cn",
"outbound": "direct"
},
{
"ip_is_private": true,
"outbound": "direct"
},
{
"rule_set": "geosite-geolocation-!cn",
"outbound": "select"
}
]
},
"ntp": {
"enabled": true,
"server": "time.apple.com",
"server_port": 123,
"interval": "30m",
"detour": "direct"
}
}`;
}
这里有一处需要自行修改的地方,那就是脚本第7行 userID 。
let userID = "修改为自己的userID";
最后点击 部署 。
4. 手搓节点
打开 V2rayN ,添加一条vless节点。
别名:随意。
地址:填写一个优选IP,嫌麻烦可以从下边的IP在选一个顺眼的。
端口:填写80系或者443系的端口,共计13个。
用户ID:填写 Cloudflare Workers 里的 UserID 。
传输协议:改为 ws 。
伪装域名:填写 Cloudflare 分配的域名。
如果你要开启 TLS,那就要填写443系的端口。
端口:改为443系的端口。
传输层安全:tls 。
SNI:和伪装域名填写一致。
跳过证书验证:选择 false 。
其他与80系端口节点的配置保持一致。
CF官方优选80系端口:80、8080、8880、2052、2082、2086、2095
CF官方优选443系端口:443、2053、2083、2087、2096、8443
在甬哥的项目里还贴心的为懒人列出了“永远不死的IP”
104.16.0.0
104.17.0.0
104.18.0.0
104.19.0.0
104.20.0.0
104.21.0.0
104.22.0.0
104.24.0.0
104.25.0.0
104.26.0.0
104.27.0.0
172.66.0.0
172.67.0.0
162.159.0.0
2606:4700:: 需IPV6环境
总结
通过 Cloudflare Workers 搭建科学上网节点是一个高效且低成本的选择。借助其全球 CDN 网络和边缘计算能力,你可以轻松实现高性能的代理服务。不过,在使用过程中需要遵守相关法律法规。如果你对 Cloudflare Workers 更感兴趣,可以参考 Cloudflare Workers 文档 进行深入学习。
- 感谢你赐予我前进的力量
-
微信 
支付宝
赞赏者名单
因为你们的支持让我意识到写文章的价值🙏
本文是原创文章,采用 CC BY-NC-ND 4.0 协议,完整转载请注明来自 初九の小破站
阅读建议
评论
隐私政策
你无需删除空行,直接评论以获取最佳展示效果
