洋芋笔记
Home » 分享 » hy2配置信息

hy2配置信息

服务器配置文件

完整服务端配置官方文档
https://v2.hysteria.network/zh/docs/advanced/Full-Server-Config/

cat << EOF > /etc/hysteria/config.yaml
listen: :443 #监听端口

#使用CA证书
#acme:
#  domains:
#    - a.com #你的域名,需要先解析到服务器ip
#  email: [email protected]

#使用自签证书
#tls:
#  cert: /etc/hysteria/server.crt
#  key: /etc/hysteria/server.key

auth:
  type: password
  password: 123456 #设置认证密码
  
masquerade:
  type: proxy
  proxy:
    url: https://bing.com #伪装网址
    rewriteHost: true
  listenHTTPS: :443 #添加tcp伪装,就可以直接通过浏览器打开
  #本地静态网页模式
  #type: file
  #file:
    #dir: /etc/hysteria/web #静态网页路径

#由于客户端连接入站的方式(如 TUN 模式)及配置等因素,Hysteria 有时无法获取到域名形式的目标地址,只能拿到解析后的 IP。
sniff:
  enable: true 
  timeout: 2s 
  rewriteDomain: false #是否重写已经是域名的请求。如果启用,对于目标地址已经是域名的请求,仍会进行嗅探。
  tcpPorts: all #80,443,8000-9000TCP 端口列表。只有这些端口的 TCP 请求会被嗅探。
  udpPorts: all

outbounds:
  - name: 64
    type: direct
    direct:
      mode: 64
#mode: auto是默认值。64是ipv6优先

acl:
  inline: 
    - 64(all)
EOF

outbounds配置信息参考:https://v2.hysteria.network/zh/docs/advanced/Full-Server-Config/#direct

客户端配置文件

server: ip:443
auth: 123456

bandwidth:
  up: 20 mbps
  down: 100 mbps
  
tls:
  sni: a.com
  insecure: false #使用自签时需要改成true

socks5:
  listen: 127.0.0.1:1080
http:
  listen: 127.0.0.1:8080

sing-box配置文件(Android/IOS)

{
  "dns": {
    "servers": [
      {
        "tag": "google-dns",
        "address": "https://8.8.8.8/dns-query",
        "detour": "proxy",
        "client_subnet": "1.0.1.0"
      },
      {
        "tag": "local",
        "address": "223.5.5.5",
        "detour": "direct"
      },
      {
        "tag": "dns-udp",
        "address": "8.8.8.8",
        "detour": "proxy"
      },
      {
        "tag": "block",
        "address": "rcode://success"
      }
    ],
    "rules": [
      {
        "outbound": "any",
        "server": "local"
      },
      {
        "domain_suffix": [
          "googleapis.cn"
        ],
        "server": "dns-udp"
      },
      {
        "rule_set": "geosite-cn",
        "server": "local"
      }
    ],
    "strategy": "ipv4_only",
    "final": "google-dns"
  },
  "inbounds": [
    {
      "type": "tun",
      "inet4_address": "172.19.0.1/30",
      "auto_route": true,
      "strict_route": false,
      "sniff": true,
      "sniff_override_destination": false
    }
  ],
  "outbounds": [
{
      "type": "hysteria2",
      "tag": "proxy",
      "server": "ip",
      "server_port": 443,
      "up_mbps": 20,
      "down_mbps": 100,
      "password": "123456",
      "tls": {
        "enabled": true,
        "server_name": "a.com",
        "insecure": false
      }
    },
    {
      "type": "direct",
      "tag": "direct"
    },
    {
      "type": "block",
      "tag": "block"
    },
    {
      "type": "dns",
      "tag": "dns-out"
    }
  ],
  "route": {
    "rules": [
      {
        "protocol": "dns",
        "outbound": "dns-out"
      },
           {
        "network": [
          "udp"
        ],
        "outbound": "block",
        "port": [
          443,
          2053,
          2083,
          2087,
          2096,
          8443
        ]
      },
            {
        "domain_suffix": [
          "googleapis.cn"
        ],
        "outbound": "proxy"
      },
      {
        "rule_set": [
          "geosite-cn",
          "geoip-cn",
          "geoip-private"
        ],
        "outbound": "direct"
      }
    ],
        "rule_set": [
  {
        "tag": "geosite-cn",
        "type": "remote",
        "format": "binary",
        "url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-cn.srs",
        "download_detour": "proxy"
      },
{
        "tag": "geoip-cn",
        "type": "remote",
        "format": "binary",
        "url": "https://cdn.jsdelivr.net/gh/Loyalsoldier/geoip@release/srs/cn.srs",
        "download_detour": "proxy"
      },
{
        "tag": "geoip-private",
        "type": "remote",
        "format": "binary",
        "url": "https://cdn.jsdelivr.net/gh/Loyalsoldier/geoip@release/srs/private.srs",
        "download_detour": "proxy"
      }
    ],
    "auto_detect_interface": true
  },
"experimental": {
    "cache_file": {
      "enabled": true
    }
  }
}