package handler import ( "context" "github.com/xtls/xray-core/app/proxyman/command" cnet "github.com/xtls/xray-core/common/net" "github.com/xtls/xray-core/common/protocol" "github.com/xtls/xray-core/common/serial" "github.com/xtls/xray-core/proxy/dns" "github.com/xtls/xray-core/proxy/dokodemo" "github.com/xtls/xray-core/proxy/http" "github.com/xtls/xray-core/proxy/loopback" "github.com/xtls/xray-core/proxy/shadowsocks" ss2022 "github.com/xtls/xray-core/proxy/shadowsocks_2022" "github.com/xtls/xray-core/proxy/socks" "github.com/xtls/xray-core/proxy/trojan" "github.com/xtls/xray-core/proxy/vless" vlessin "github.com/xtls/xray-core/proxy/vless/inbound" "github.com/xtls/xray-core/proxy/vmess" vmessin "github.com/xtls/xray-core/proxy/vmess/inbound" ) // 添加 VMess 入站示例。 func AddVMessInbound(ctx context.Context, client command.HandlerServiceClient, tag string, port uint32) error { inbound := inboundConfig( tag, receiverSettings(port, true), serial.ToTypedMessage(&vmessin.Config{ User: []*protocol.User{ { Level: 0, Email: "demo@vmess.local", Account: serial.ToTypedMessage(&vmess.Account{ Id: randomUUID(), SecuritySettings: &protocol.SecurityConfig{ Type: protocol.SecurityType_AUTO, }, }), }, }, Default: &vmessin.DefaultConfig{Level: 0}, }), ) _, err := client.AddInbound(ctx, &command.AddInboundRequest{Inbound: inbound}) return err } // 添加带 Vision 回落配置的 VLESS 入站。 func AddVLESSInbound(ctx context.Context, client command.HandlerServiceClient, tag string, port uint32) error { inbound := inboundConfig( tag, receiverSettings(port, true), serial.ToTypedMessage(&vlessin.Config{ Clients: []*protocol.User{ { Level: 1, Email: "client@vless.local", Account: serial.ToTypedMessage(&vless.Account{ Id: randomUUID(), Encryption: "none", }), }, }, Fallbacks: []*vlessin.Fallback{ { Name: "websocket", Alpn: "h2", Path: "/ws", Type: "http", Dest: "127.0.0.1:8080", Xver: 1, }, }, Decryption: "none", Padding: "enable", }), ) _, err := client.AddInbound(ctx, &command.AddInboundRequest{Inbound: inbound}) return err } // 添加带双用户和 ALPN 回落的 Trojan 入站。 func AddTrojanInbound(ctx context.Context, client command.HandlerServiceClient, tag string, port uint32) error { inbound := inboundConfig( tag, receiverSettings(port, true), serial.ToTypedMessage(&trojan.ServerConfig{ Users: []*protocol.User{ { Level: 0, Email: "alice@trojan.local", Account: serial.ToTypedMessage(&trojan.Account{ Password: randomUUID(), }), }, { Level: 0, Email: "bob@trojan.local", Account: serial.ToTypedMessage(&trojan.Account{ Password: randomUUID(), }), }, }, Fallbacks: []*trojan.Fallback{ { Name: "http", Alpn: "http/1.1", Dest: "127.0.0.1:8081", }, }, }), ) _, err := client.AddInbound(ctx, &command.AddInboundRequest{Inbound: inbound}) return err } // 添加支持 TCP/UDP 的 AEAD Shadowsocks 入站。 func AddShadowsocksInbound(ctx context.Context, client command.HandlerServiceClient, tag string, port uint32) error { inbound := inboundConfig( tag, receiverSettings(port, false), serial.ToTypedMessage(&shadowsocks.ServerConfig{ Users: []*protocol.User{ { Level: 0, Email: "ss@demo.local", Account: serial.ToTypedMessage(&shadowsocks.Account{ Password: "s3cret-pass", CipherType: shadowsocks.CipherType_AES_128_GCM, }), }, }, }), ) _, err := client.AddInbound(ctx, &command.AddInboundRequest{Inbound: inbound}) return err } // 添加 Shadowsocks 2022 入站,兼容单用户和多用户场景。 func AddShadowsocks2022Inbound(ctx context.Context, client command.HandlerServiceClient, tag string, port uint32) error { server := &ss2022.MultiUserServerConfig{ Method: "2022-blake3-aes-128-gcm", Key: "0123456789abcdef0123456789abcdef", Users: []*protocol.User{ { Level: 0, Email: "user1@ss2022.local", Account: serial.ToTypedMessage(&ss2022.Account{ Key: randomUUID(), }), }, { Level: 0, Email: "user2@ss2022.local", Account: serial.ToTypedMessage(&ss2022.Account{ Key: randomUUID(), }), }, }, } inbound := inboundConfig( tag, receiverSettings(port, false), serial.ToTypedMessage(server), ) _, err := client.AddInbound(ctx, &command.AddInboundRequest{Inbound: inbound}) return err } // 添加带账号密码认证的 SOCKS5 入站。 func AddSocksInbound(ctx context.Context, client command.HandlerServiceClient, tag string, port uint32) error { inbound := inboundConfig( tag, receiverSettings(port, false), serial.ToTypedMessage(&socks.ServerConfig{ AuthType: socks.AuthType_PASSWORD, Accounts: map[string]string{"demo": "passw0rd"}, UdpEnabled: true, UserLevel: 0, }), ) _, err := client.AddInbound(ctx, &command.AddInboundRequest{Inbound: inbound}) return err } // 添加带基础认证的 HTTP 入站。 func AddHTTPInbound(ctx context.Context, client command.HandlerServiceClient, tag string, port uint32) error { inbound := inboundConfig( tag, receiverSettings(port, false), serial.ToTypedMessage(&http.ServerConfig{ Accounts: map[string]string{"demo": "http-pass"}, AllowTransparent: true, UserLevel: 0, }), ) _, err := client.AddInbound(ctx, &command.AddInboundRequest{Inbound: inbound}) return err } // 添加 dokodemo-door 入站并转发到目标端口。 func AddDokodemoInbound(ctx context.Context, client command.HandlerServiceClient, tag string, port uint32, targetPort uint32) error { inbound := inboundConfig( tag, receiverSettings(port, false), serial.ToTypedMessage(&dokodemo.Config{ Address: cnetOrDomain("example.com"), Port: targetPort, Networks: []cnet.Network{cnet.Network_TCP, cnet.Network_UDP}, FollowRedirect: false, UserLevel: 0, }), ) _, err := client.AddInbound(ctx, &command.AddInboundRequest{Inbound: inbound}) return err } // 添加内置 DNS 入站。 func AddDNSInbound(ctx context.Context, client command.HandlerServiceClient, tag string, port uint32) error { inbound := inboundConfig( tag, receiverSettings(port, false), serial.ToTypedMessage(&dns.Config{ Server: &cnet.Endpoint{ Network: cnet.Network_UDP, Address: cnetOrDomain("1.1.1.1"), Port: 53, }, Non_IPQuery: "drop", BlockTypes: []int32{65, 28}, }), ) _, err := client.AddInbound(ctx, &command.AddInboundRequest{Inbound: inbound}) return err } // 添加 loopback 入站并绑定已有出站链路。 func AddLoopbackInbound(ctx context.Context, client command.HandlerServiceClient, tag string, port uint32, targetInbound string) error { inbound := inboundConfig( tag, receiverSettings(port, false), serial.ToTypedMessage(&loopback.Config{InboundTag: targetInbound}), ) _, err := client.AddInbound(ctx, &command.AddInboundRequest{Inbound: inbound}) return err }