From 8bb941ea8a1591767b7c7fffa7a22d4c518990e9 Mon Sep 17 00:00:00 2001 From: Azadzadeh <> Date: Thu, 15 Dec 2022 17:01:34 +0000 Subject: [PATCH] docs: use themed shorthands for incompatibility notes and warnings --- docs/content/en/advance/aead.md | 4 +++- docs/content/en/advance/api.md | 4 +++- .../content/en/advance/customize-protocol-stack.md | 14 +++++++++++--- docs/content/en/advance/mux.md | 4 +++- docs/content/en/advance/nat.md | 4 +++- docs/content/en/advance/plugin.md | 14 +++++++++++--- docs/content/en/advance/router.md | 4 +++- docs/content/en/advance/websocket.md | 4 +++- docs/content/en/basic/full-config.md | 5 ++++- docs/content/en/developer/websocket.md | 5 ++++- 10 files changed, 48 insertions(+), 14 deletions(-) diff --git a/docs/content/en/advance/aead.md b/docs/content/en/advance/aead.md index 7d166780c..5e37b193c 100644 --- a/docs/content/en/advance/aead.md +++ b/docs/content/en/advance/aead.md @@ -4,7 +4,9 @@ draft: false weight: 8 --- -### Note that Trojan does not support this feature +{{% panel status="caution" title="Compatibility" %}} +Note that Trojan does not support this feature +{{% /panel %}} The Trojan protocol itself is not encrypted and its security relies on the underlying TLS. in general, TLS security is good and there is no need to encrypt Trojan traffic again. However, there are some scenarios where you may not be able to guarantee the security of a TLS tunnel. diff --git a/docs/content/en/advance/api.md b/docs/content/en/advance/api.md index 58b74a9b6..7740ebf56 100644 --- a/docs/content/en/advance/api.md +++ b/docs/content/en/advance/api.md @@ -4,7 +4,9 @@ draft: false weight: 10 --- -### Note that Trojan does not support this feature +{{% panel status="caution" title="Compatibility" %}} +Note that Trojan does not support this feature +{{% /panel %}} Trojan-Go provides a set of APIs using gRPC, which supports the following features. diff --git a/docs/content/en/advance/customize-protocol-stack.md b/docs/content/en/advance/customize-protocol-stack.md index 71166af8a..f2816476e 100644 --- a/docs/content/en/advance/customize-protocol-stack.md +++ b/docs/content/en/advance/customize-protocol-stack.md @@ -4,7 +4,9 @@ draft: false weight: 8 --- -### Note that Trojan does not support this feature +{{% panel status="caution" title="Compatibility" %}} +Note that Trojan does not support this feature +{{% /panel %}} Trojan-Go allows advanced users to customize the protocol stack. In custom mode, Trojan-Go will relinquish control of the protocol stack and allow users to manipulate the underlying protocol stack combinations. For example: @@ -18,11 +20,17 @@ Trojan-Go allows advanced users to customize the protocol stack. In custom mode, And so on. -**Do not try to use this feature if you don't know anything about networking. Incorrect configuration may cause Trojan-Go to not work properly, or cause performance and security issues. ** + +{{% panel status="warning" title="Caution" %}} +Do not try to use this feature if you don't know anything about networking. Incorrect configuration may cause Trojan-Go to not work properly, or cause performance and security issues. +{{% /panel %}} Trojan-Go abstracts all protocols into tunnels, each of which may provide a client, which is responsible for sending, a server, which is responsible for receiving, or both. The custom protocol stack is how the custom tunnels are stacked. -**Before proceeding with the configuration, please read the "Basic Introduction" section of the Developer's Guide to ensure that you understand how Trojan-Go works** +{{% panel status="notice" title="Prerequisite" %}} +Before proceeding with the configuration, please read the "Basic Introduction" section of the Developer's Guide to ensure that you understand how Trojan-Go works. +{{% /panel %}} + Here are the tunnels supported by Trojan-Go and their properties: diff --git a/docs/content/en/advance/mux.md b/docs/content/en/advance/mux.md index b68a8435e..4dcbd0553 100644 --- a/docs/content/en/advance/mux.md +++ b/docs/content/en/advance/mux.md @@ -4,7 +4,9 @@ draft: false weight: 1 --- -### Note that Trojan does not support this feature +{{% panel status="caution" title="Compatibility" %}} +Note that Trojan does not support this feature +{{% /panel %}} Trojan-Go supports the use of multiplexing to improve network concurrency performance. diff --git a/docs/content/en/advance/nat.md b/docs/content/en/advance/nat.md index 22ebbc349..3ad79710c 100644 --- a/docs/content/en/advance/nat.md +++ b/docs/content/en/advance/nat.md @@ -4,7 +4,9 @@ draft: false weight: 11 --- -### Note that Trojan does not fully support this feature (UDP) +{{% panel status="caution" title="Compatibility" %}} +Note that Trojan does not fully support this feature (UDP) +{{% /panel %}} Trojan-Go supports transparent TCP/UDP proxies based on tproxy. diff --git a/docs/content/en/advance/plugin.md b/docs/content/en/advance/plugin.md index 025f3c709..49f50b456 100644 --- a/docs/content/en/advance/plugin.md +++ b/docs/content/en/advance/plugin.md @@ -4,7 +4,10 @@ draft: false weight: 7 --- -### Note that Trojan does not support this feature +{{% panel status="caution" title="Compatibility" %}} +Note that Trojan does not support this feature +{{% /panel %}} + Trojan-Go supports a pluggable transport layer. In principle, Trojan-Go can use any software that has TCP tunneling capabilities as a transport layer, such as v2ray, shadowsocks, kcp, etc. Also, Trojan-Go is compatible with Shadowsocks' SIP003 plugin standard, such as GoQuiet, v2ray-plugin, etc. You can also use Tor's transport layer plugins, such as obfs4, meek, etc. @@ -18,9 +21,14 @@ We recommend that you design your own protocols and develop your own plugins**. For example, you can use the SIP003-compliant v2ray-plugin, an example of which is shown below: -**This configuration uses websocket to transmit unencrypted trojan protocol in clear text, which is a security risk. This configuration is for demonstration purposes only. ** +{{% panel status="warning" title="Caution" %}} +This configuration uses websocket to transmit unencrypted trojan protocol in clear text, which is a security risk. This configuration is for demonstration purposes only. +{{% /panel %}} + +{{% panel status="danger" title="Warning" %}} +Do not use this configuration to penetrate GFW under any circumstances. +{{% /panel %}} -**Do not use this configuration to penetrate GFW under any circumstances.** Server-side configuration. diff --git a/docs/content/en/advance/router.md b/docs/content/en/advance/router.md index c39ff5ccc..ce047dd53 100644 --- a/docs/content/en/advance/router.md +++ b/docs/content/en/advance/router.md @@ -4,7 +4,9 @@ draft: false weight: 3 --- -### Note that Trojan does not support this feature +{{% panel status="caution" title="Compatibility" %}} +Note that Trojan does not support this feature +{{% /panel %}} Trojan-Go's built-in routing module can help you implement domestic direct connections, i.e., the client can connect directly to domestic websites without going through a proxy. diff --git a/docs/content/en/advance/websocket.md b/docs/content/en/advance/websocket.md index 348abb815..5c0bb364b 100644 --- a/docs/content/en/advance/websocket.md +++ b/docs/content/en/advance/websocket.md @@ -4,7 +4,9 @@ draft: false weight: 2 --- -### Note that Trojan does not support this feature +{{% panel status="caution" title="Compatibility" %}} +Note that Trojan does not support this feature +{{% /panel %}} Trojan-Go supports using TLS+Websocket to host the Trojan protocol, making it possible to relay traffic using CDNs. diff --git a/docs/content/en/basic/full-config.md b/docs/content/en/basic/full-config.md index 14f3eb5bf..3c1505fae 100644 --- a/docs/content/en/basic/full-config.md +++ b/docs/content/en/basic/full-config.md @@ -361,4 +361,7 @@ trojan-go provides an API based on gRPC to support server-side and client-side m - ```client_cert``` If client authentication is enabled, fill in the list of certified client certificates here. -Warning:**Do not expose API services without TLS bi-directional authentication directly to the Internet, otherwise it may lead to various security problems.** + +{{% panel status="warning" title="Warning" %}} +Do not expose API services without TLS bi-directional authentication directly to the Internet, otherwise it may lead to various security problems. +{{% /panel %}} diff --git a/docs/content/en/developer/websocket.md b/docs/content/en/developer/websocket.md index 8ccc73f80..f838425b6 100644 --- a/docs/content/en/developer/websocket.md +++ b/docs/content/en/developer/websocket.md @@ -6,7 +6,10 @@ weight: 40 Since HTTPS is transparent to the CDN when using CDN transit, the CDN can review the content of the Websocket transfer. The Trojan protocol itself is transmitted in clear text, so to ensure security, a layer of Shadowsocks AEAD encryption layer can be added to obfuscate traffic characteristics and ensure security. -**If you are using a CDN provided by an operator in China, please make sure to turn on AEAD encryption** + +{{% panel status="warning" title="Caution" %}} +If you are using a CDN provided by an operator in China, please make sure to turn on AEAD encryption. +{{% /panel %}} When AEAD encryption is enabled, traffic carried by Websocket will be encrypted by Shadowsocks AEAD, see Shadowsocks white paper for the specific format of the header.