From 4a9836c0fd68c556182e86e2854aa623bc7d683c Mon Sep 17 00:00:00 2001 From: Haruue Date: Fri, 16 Aug 2024 14:09:57 +0800 Subject: [PATCH 1/2] add more notes for type selector ref: #32 --- docs/docs/advanced/Full-Client-Config.md | 6 ++++-- docs/docs/advanced/Full-Client-Config.zh.md | 6 ++++-- docs/docs/advanced/Full-Server-Config.md | 19 ++++++++++++------- docs/docs/advanced/Full-Server-Config.zh.md | 19 ++++++++++++------- 4 files changed, 32 insertions(+), 18 deletions(-) diff --git a/docs/docs/advanced/Full-Client-Config.md b/docs/docs/advanced/Full-Client-Config.md index a197833..606c8e7 100644 --- a/docs/docs/advanced/Full-Client-Config.md +++ b/docs/docs/advanced/Full-Client-Config.md @@ -64,12 +64,13 @@ The `transport` section is for customizing the underlying protocol used by the Q ```yaml transport: - type: udp + type: udp # (2)! udp: hopInterval: 30s # (1)! ``` 1. The port hopping interval. This is only relevant if you're using a port hopping address. See [Port Hopping](Port-Hopping.md) for more information. +2. Please read the instructions at the top of the page regarding the "type selector". ## Obfuscation @@ -79,12 +80,13 @@ By default, the Hysteria protocol mimics HTTP/3. If your network specifically bl ```yaml obfs: - type: salamander + type: salamander # (2)! salamander: password: cry_me_a_r1ver # (1)! ``` 1. Replace with a strong password of your choice. +2. Please read the instructions at the top of the page regarding the "type selector". ## QUIC parameters diff --git a/docs/docs/advanced/Full-Client-Config.zh.md b/docs/docs/advanced/Full-Client-Config.zh.md index 7ecc251..6080c1e 100644 --- a/docs/docs/advanced/Full-Client-Config.zh.md +++ b/docs/docs/advanced/Full-Client-Config.zh.md @@ -64,12 +64,13 @@ tls: ```yaml transport: - type: udp + type: udp # (2)! udp: hopInterval: 30s # (1)! ``` 1. 端口跳跃间隔。这只在使用多端口地址时才有效。更多信息请参见 [端口跳跃](Port-Hopping.md)。 +2. 传输类型。 请阅读页面最上方关于 "类型选择" 配置格式的说明。 ## 混淆 @@ -79,12 +80,13 @@ transport: ```yaml obfs: - type: salamander + type: salamander # (2)! salamander: password: cry_me_a_r1ver # (1)! ``` 1. 替换为你的混淆密码。 +2. 混淆类型。 请阅读页面最上方关于 "类型选择" 配置格式的说明。 ## QUIC 参数 diff --git a/docs/docs/advanced/Full-Server-Config.md b/docs/docs/advanced/Full-Server-Config.md index 283bfcc..020adcf 100644 --- a/docs/docs/advanced/Full-Server-Config.md +++ b/docs/docs/advanced/Full-Server-Config.md @@ -52,7 +52,7 @@ You can have either `tls` or `acme`, but not both. ca: zerossl # (1)! listenHost: 0.0.0.0 # (2)! dir: my_acme_dir # (3)! - type: http # (4)! + type: http | tls | dns # (4)! http: altPort: 8888 # (5)! tls: @@ -67,7 +67,7 @@ You can have either `tls` or `acme`, but not both. 1. CA to use. Can be `letsencrypt` or `zerossl`. 2. Listening address for ACME verification (no port). Defaults to listening on all available interfaces. 3. Directory to store ACME credentials. - 4. ACME challenge type. Can be `http`, `tls`, or `dns`. + 4. ACME challenge type. Please read the instructions at the top of the page regarding the "type selector". 5. Listening port for HTTP challenges. (Note: Changing to a port other than 80 requires port forwarding or HTTP reverse proxy, or the challenge will fail!) 6. Listening port for TLS-ALPN challenges. @@ -82,12 +82,13 @@ By default, the Hysteria protocol mimics HTTP/3. If your network specifically bl ```yaml obfs: - type: salamander + type: salamander # (2)! salamander: password: cry_me_a_r1ver # (1)! ``` 1. Replace with a strong password of your choice. +2. Please read the instructions at the top of the page regarding the "type selector". ## QUIC parameters @@ -218,7 +219,7 @@ udpIdleTimeout: 60s ```yaml auth: - type: password + type: password | userpass | http | command # (6)! password: your_password # (1)! userpass: # (2)! user1: pass1 @@ -235,6 +236,7 @@ auth: 3. The URL of the backend server that handles authentication. 4. Disable TLS verification for the backend server (only applies to HTTPS URLs). 5. The path to the command that handles authentication. +6. Please read the instructions at the top of the page regarding the "type selector". ### HTTP authentication @@ -286,7 +288,7 @@ You can specify what resolver (DNS server) to use to resolve domain names in cli ```yaml resolver: - type: udp + type: udp | tcp | tls | https # (8)! tcp: addr: 8.8.8.8:53 # (1)! timeout: 4s # (2)! @@ -312,6 +314,7 @@ resolver: 5. The SNI to use for the TLS resolver. 6. Disable TLS verification for the TLS resolver. 7. The address of the HTTPS resolver. +8. Please read the instructions at the top of the page regarding the "type selector". If omitted, Hysteria will use the system's default resolver. @@ -405,7 +408,7 @@ Currently, Hysteria supports the following outbound types: ```yaml outbounds: - name: my_outbound_1 # (1)! - type: direct + type: direct # (7)! - name: my_outbound_2 type: socks5 socks5: @@ -425,6 +428,7 @@ outbounds: 4. Optional. The password for the SOCKS5 proxy, if authentication is required. 5. The URL of the HTTP/HTTPS proxy. (Can be `http://` or `https://`) 6. Optional. Whether to disable TLS verification. Applies to HTTPS proxies only. +7. Please read the instructions at the top of the page regarding the "type selector". ### Customizing `direct` outbound @@ -485,7 +489,7 @@ Currently, Hysteria provides the following masquerade modes: ```yaml masquerade: - type: proxy + type: file | proxy | string # (7)! file: dir: /www/masq # (1)! proxy: @@ -505,6 +509,7 @@ masquerade: 4. The string to return. 5. Optional. The headers to return. 6. Optional. The status code to return. 200 by default. +7. Please read the instructions at the top of the page regarding the "type selector". You can test your masquerade configuration by starting Chrome with a special flag (to force QUIC): diff --git a/docs/docs/advanced/Full-Server-Config.zh.md b/docs/docs/advanced/Full-Server-Config.zh.md index 71455e6..ec25c69 100644 --- a/docs/docs/advanced/Full-Server-Config.zh.md +++ b/docs/docs/advanced/Full-Server-Config.zh.md @@ -52,7 +52,7 @@ listen: :443 # (1)! ca: zerossl # (1)! listenHost: 0.0.0.0 # (2)! dir: my_acme_dir # (3)! - type: http # (4)! + type: http | tls | dns # (4)! http: altPort: 8888 # (5)! tls: @@ -67,7 +67,7 @@ listen: :443 # (1)! 1. 要使用的 CA。可以是 `letsencrypt` 或 `zerossl`。 2. 用于 ACME 服务器验证的监听地址(不含端口)。默认监听所有可用的地址。 3. 存储 ACME 账户密钥和证书的目录。 - 4. ACME 验证类型。可以是 `http`, `tls` 或 `dns`。 + 4. ACME 验证类型。 请阅读页面最上方关于 "类型选择" 配置格式的说明。 5. 用于 HTTP 挑战的监听端口。 (注意: 改为非 80 需要另行配置端口转发或者 HTTP 反向代理,否则证书会签署失败!) 6. 用于 TLS-ALPN 挑战的监听端口。 @@ -82,12 +82,13 @@ listen: :443 # (1)! ```yaml obfs: - type: salamander + type: salamander # (2)! salamander: password: cry_me_a_r1ver # (1)! ``` 1. 替换为你的混淆密码。 +2. 混淆类型。 请阅读页面最上方关于 "类型选择" 配置格式的说明。 ## QUIC 参数 @@ -218,7 +219,7 @@ udpIdleTimeout: 60s ```yaml auth: - type: password + type: password | userpass | http | command # (6)! password: your_password # (1)! userpass: # (2)! user1: pass1 @@ -235,6 +236,7 @@ auth: 3. 处理验证的后端 URL。 4. 禁用后端服务器的 TLS 验证(仅适用于 HTTPS)。 5. 处理验证的命令路径。 +6. 验证类型。 请阅读页面最上方关于 "类型选择" 配置格式的说明。 ### HTTP 验证 @@ -286,7 +288,7 @@ auth: ```yaml resolver: - type: udp + type: udp | tcp | tls | https # (8)! tcp: addr: 8.8.8.8:53 # (1)! timeout: 4s # (2)! @@ -312,6 +314,7 @@ resolver: 5. DNS over TLS 服务器的 SNI。 6. 禁用 TLS 证书验证。 7. DNS over HTTPS 服务器地址。 +8. 解析协议类型。 请阅读页面最上方关于 "类型选择" 配置格式的说明。 如果省略,Hysteria 将使用系统默认的 DNS 服务器。 @@ -405,7 +408,7 @@ ACL 是 Hysteria 服务端中一个非常强大的功能,可以用来自定义 ```yaml outbounds: - name: my_outbound_1 # (1)! - type: direct + type: direct # (7)! - name: my_outbound_2 type: socks5 socks5: @@ -425,6 +428,7 @@ outbounds: 4. 可选。SOCKS5 代理密码。 5. HTTP/HTTPS 代理 URL。(可以是 `http://` 或 `https://` 开头) 6. 可选。禁用 TLS 证书验证。仅适用于 HTTPS 代理。 +7. 请阅读页面最上方关于 "类型选择" 配置格式的说明。 ### 关于 `direct` 出站 @@ -485,7 +489,7 @@ Hysteria 抵抗审查的关键之一就是它能伪装成标准的 HTTP/3 流量 ```yaml masquerade: - type: proxy + type: file | proxy | string # (7)! file: dir: /www/masq # (1)! proxy: @@ -505,6 +509,7 @@ masquerade: 4. 要返回的字符串。 5. 可选。要返回的 HTTP 头列表。 6. 可选。要返回的 HTTP 状态码。默认为 200。 +7. 伪装类型。 请阅读页面最上方关于 "类型选择" 配置格式的说明。 可以通过特定参数启动 Chrome 以强制使用 QUIC,测试你的伪装配置: From 6f0f812d81fa7a321bbf168f0b9243bb9e5bbed9 Mon Sep 17 00:00:00 2001 From: Haruue Date: Fri, 16 Aug 2024 14:24:04 +0800 Subject: [PATCH 2/2] fix en --- docs/docs/advanced/Full-Client-Config.md | 4 ++-- docs/docs/advanced/Full-Server-Config.md | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/docs/advanced/Full-Client-Config.md b/docs/docs/advanced/Full-Client-Config.md index 606c8e7..2654eb0 100644 --- a/docs/docs/advanced/Full-Client-Config.md +++ b/docs/docs/advanced/Full-Client-Config.md @@ -70,7 +70,7 @@ transport: ``` 1. The port hopping interval. This is only relevant if you're using a port hopping address. See [Port Hopping](Port-Hopping.md) for more information. -2. Please read the instructions at the top of the page regarding the "type selector". +2. Please read the instructions regarding the "type selector" at the top of this page. ## Obfuscation @@ -86,7 +86,7 @@ obfs: ``` 1. Replace with a strong password of your choice. -2. Please read the instructions at the top of the page regarding the "type selector". +2. Please read the instructions regarding the "type selector" at the top of this page. ## QUIC parameters diff --git a/docs/docs/advanced/Full-Server-Config.md b/docs/docs/advanced/Full-Server-Config.md index 020adcf..514d7c0 100644 --- a/docs/docs/advanced/Full-Server-Config.md +++ b/docs/docs/advanced/Full-Server-Config.md @@ -67,7 +67,7 @@ You can have either `tls` or `acme`, but not both. 1. CA to use. Can be `letsencrypt` or `zerossl`. 2. Listening address for ACME verification (no port). Defaults to listening on all available interfaces. 3. Directory to store ACME credentials. - 4. ACME challenge type. Please read the instructions at the top of the page regarding the "type selector". + 4. ACME challenge type. Please read the instructions regarding the "type selector" at the top of this page. 5. Listening port for HTTP challenges. (Note: Changing to a port other than 80 requires port forwarding or HTTP reverse proxy, or the challenge will fail!) 6. Listening port for TLS-ALPN challenges. @@ -88,7 +88,7 @@ obfs: ``` 1. Replace with a strong password of your choice. -2. Please read the instructions at the top of the page regarding the "type selector". +2. Please read the instructions regarding the "type selector" at the top of this page. ## QUIC parameters @@ -236,7 +236,7 @@ auth: 3. The URL of the backend server that handles authentication. 4. Disable TLS verification for the backend server (only applies to HTTPS URLs). 5. The path to the command that handles authentication. -6. Please read the instructions at the top of the page regarding the "type selector". +6. Please read the instructions regarding the "type selector" at the top of this page. ### HTTP authentication @@ -314,7 +314,7 @@ resolver: 5. The SNI to use for the TLS resolver. 6. Disable TLS verification for the TLS resolver. 7. The address of the HTTPS resolver. -8. Please read the instructions at the top of the page regarding the "type selector". +8. Please read the instructions regarding the "type selector" at the top of this page. If omitted, Hysteria will use the system's default resolver. @@ -428,7 +428,7 @@ outbounds: 4. Optional. The password for the SOCKS5 proxy, if authentication is required. 5. The URL of the HTTP/HTTPS proxy. (Can be `http://` or `https://`) 6. Optional. Whether to disable TLS verification. Applies to HTTPS proxies only. -7. Please read the instructions at the top of the page regarding the "type selector". +7. Please read the instructions regarding the "type selector" at the top of this page. ### Customizing `direct` outbound @@ -509,7 +509,7 @@ masquerade: 4. The string to return. 5. Optional. The headers to return. 6. Optional. The status code to return. 200 by default. -7. Please read the instructions at the top of the page regarding the "type selector". +7. Please read the instructions regarding the "type selector" at the top of this page. You can test your masquerade configuration by starting Chrome with a special flag (to force QUIC):