bughz/glider
1
0
Fork 0
mirror of https://github.com/nadoo/glider.git synced 2025-02-23 01:15:41 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
2f154678a9
glider/config/glider.conf.example
nadoo c71c95482a chore: update dependencies
2024-04-28 23:03:41 +08:00

298 lines
9.0 KiB
Plaintext
Raw Blame History

##########################################
# __ _ _ ___ ____ ___
# / /`_ | | | | | | \ | |_ | |_)
# \_\_/ |_|__ |_| |_|_/ |_|__ |_| \
#
# Glider is a forward proxy with multiple protocols support, and also a dns forwarding server with ipset management features(like dnsmasq).
#
# We can set up local listeners as proxy, and forward requests to internet via forwarders.
#
# |Forwarder ----------------->|
# Listener --> | | Internet
# |Forwarder --> Forwarder->...|
#
# -----------------------------------------------------------
#
# This is a sample configuration file for glider.
#
# Format is one option per line, legal options are the same
# as the options legal on the command line. See "glider -help" for details.
#
# Comment line starts with "#", values set in the format:
# KEY=VALUE
#
# -----------------------------------------------------------
# Verbose mode, print logs
verbose=True
# LISTENERS
# ---------
# Local listeners, we can set up multiple listeners on different port with
# different protocols.
# listen on 8443, serve as http/socks5 proxy on the same port.
# listen=:8443
listen=127.0.0.1:8443
# listen on 8448 as a ss server.
# listen=ss://AEAD_CHACHA20_POLY1305:pass@:8448
# listen on 8080 as a http proxy server.
# listen=http://:8080
# listen on 1080 as a socks5 proxy server.
# listen=socks5://:1080
# listen on 1234 as vless proxy server.
# listen=vless://uuid@:1234
# listen on 1234 as vless proxy server, fallback to 127.0.0.1:8080 http server when client auth failed.
# listen=vless://uuid@:1234?fallback=127.0.0.1:8080
# listen on 1081 as a linux transparent proxy server.
# listen=redir://:1081
# listen on 1082 as a linux transparent proxy server(tproxy).
# listen=tproxy://:1082
# http over tls (HTTPS proxy)
# listen=tls://:443?cert=crtFilePath&key=keyFilePath,http://
# ss over tls
# listen=tls://:443?cert=crtFilePath&key=keyFilePath,ss://AEAD_CHACHA20_POLY1305:pass@
# socks5 over unix domain socket
# listen=unix:///dev/shm/socket,socks5://
# socks5 over vm socket
# listen=vsock://:1234,socks5://
# socks5 over kcp
# listen=kcp://aes:key@127.0.0.1:8444?dataShards=10&parityShards=3&mode=fast,socks5://
# vless server
# listen=vless://UUID@:1234
# vless over tls server
# listen=tls://:1234?cert=/path/to/cert&key=/path/to/key,vless://UUID@?fallback=127.0.0.1:80
# vless over ws
# listen=ws://:1234/path?host=domain.com,vless://707f20ea-d4b8-4d1d-8e2e-2c86cb2ed97a@?fallback=127.0.0.1:80
# trojan server
# listen=trojan://PASSWORD@:1234?cert=/path/to/cert&key=/path/to/key&fallback=127.0.0.1
# trojanc server (trojan without tls)
# listen=trojanc://PASSWORD@:1234?fallback=127.0.0.1
# FORWARDERS
# ----------
# Forwarders, we can setup multiple forwarders.
# forward=SCHEME#OPTIONS
# FORWARDER OPTIONS
# priority: set the priority of that forwarder, default:0
# interface: set local interface or ip address used to connect remote server
# Socks5 proxy as forwarder
# forward=socks5://192.168.1.10:1080
# Socks5 proxy as forwarder with priority 100
# forward=socks5://192.168.1.10:1080#priority=100
# Socks5 proxy as forwarder with priority 100 and use `eth0` as source interface
# forward=socks5://192.168.1.10:1080#priority=100&interface=eth0
# Socks5 proxy as forwarder with priority 100 and use `192.168.1.100` as source ip
# forward=socks5://192.168.1.10:1080#priority=100&interface=192.168.1.100
# SS proxy as forwarder
# forward=ss://method:pass@1.1.1.1:8443
# SSR proxy as forwarder
# forward=ssr://method:pass@1.1.1.1:8443?protocol=auth_aes128_md5&protocol_param=xxx&obfs=tls1.2_ticket_auth&obfs_param=yyy
# ssh forwarder
# forward=ssh://user[:pass]@host:port[?key=keypath&timeout=SECONDS]
# forward=ssh://root:pass@host:port
# forward=ssh://root@host:port?key=/path/to/keyfile
# forward=ssh://root@host:port?key=/path/to/keyfile&timeout=5
# http proxy as forwarder
# forward=http://1.1.1.1:8080
# trojan as forwarder
# forward=trojan://PASSWORD@1.1.1.1:8080[?serverName=SERVERNAME][&skipVerify=true]
# trojanc as forwarder
# forward=trojanc://PASSWORD@1.1.1.1:8080
# vless forwarder
# forward=vless://5a146038-0b56-4e95-b1dc-5c6f5a32cd98@1.1.1.1:443
# vmess with aead auth
# forward=vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98@1.1.1.1:443
# vmess with md5 auth (by setting alterID)
# forward=vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98@1.1.1.1:443?alterID=2
# vmess over tls
# forward=tls://server.com:443,vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98
# vmess over websocket
# forward=ws://1.1.1.1:80/path?host=server.com,vmess://chacha20-poly1305:5a146038-0b56-4e95-b1dc-5c6f5a32cd98@
# vmess over ws over tls
# forward=tls://server.com:443,ws://,vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98
# forward=tls://server.com:443,ws://@/path,vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98
# ss over tls
# forward=tls://server.com:443,ss://AEAD_CHACHA20_POLY1305:pass@
# ss over kcp
# forward=kcp://aes:key@127.0.0.1:8444?dataShards=10&parityShards=3&mode=fast,ss://AEAD_CHACHA20_POLY1305:pass@
# ss with simple-obfs
# forward=simple-obfs://1.1.1.1:443?type=tls&host=apple.com,ss://AEAD_CHACHA20_POLY1305:pass@
# socks5 over unix domain socket
# forward=unix:///dev/shm/socket,socks5://
# FORWARDER CHAIN
# ---------------
# We can setup a forward chain using 1 forward option,
# use comma to separate different upstream forward proxies.
#forward=http://1.1.1.1:8080,socks5://2.2.2.2:1080
# FORWARDE STRATEGY
# -----------------
# If we set up multiple forwarders, we can use them in our own strategy.
# Round Robin mode: rr
# High Availability mode: ha
# Latency based High Availability mode: lha
# Destination Hashing mode: dh
strategy=rr
# FORWARDER SETTINGS
# ------------------
# We can set some parameters for forwarders.
# forwarder will be set to disabled on how many failures counted(both dial and relay).
maxfailures=3
# timeout for create a connection(seconds)
# dialtimeout=3
# timeout for relay data from proxy server and client(seconds)
# DO NOT change it if you don't know what will happen.
# relaytimeout=0
# FORWARDERS CHECK
# ----------------
# We can check whether a forwarder is available.
# Forwarder health check:
# check=tcp[://HOST:PORT]: tcp port connect check
# check=http://HOST[:PORT][/URI][#expect=REGEX_MATCH_IN_RESP_LINE]
# check=https://HOST[:PORT][/URI][#expect=REGEX_MATCH_IN_RESP_LINE]
# e.g. check=https://www.netflix.com/title/81215567#expect=301|404
# check=file://SCRIPT_PATH: run a check script, healthy when exitcode=0, environment variables: FORWARDER_ADDR,FORWARDER_URL
# check=disable: disable health check
check=http://www.msftconnecttest.com/connecttest.txt#expect=200
# check interval(seconds)
checkinterval=30
# timeout to set a forwarder to be disabled(seconds)
checktimeout=10
# switch forwarder only when new_latency < old_latency - tolerance, used in lha mode
checktolerance=100
# use the average latency of the latest N checks
checklatencysamples=10
# check disabled fowarders only
checkdisabledonly=false
# DNS FORWARDING SERVER
# ----------------
# we can specify different upstream dns server in rule file for different destinations.
# Setup a dns forwarding server
# dns=:53
# global remote dns server (you can specify different dns server in rule file)
dnsserver=8.8.8.8:53
dnsserver=1.1.1.1:53
# By default, when glider received udp dns request and there's no forwarder specified,
# it will use udp to query upstream dns servers, otherwise, use tcp;
# you can set dnsalwaystcp=true to always use tcp no matter there is a forwarder or not.
# dnsalwaystcp=false
# timeout value used in multiple dnsservers switch(seconds)
dnstimeout=3
# maximum TTL value for entries in the CACHE(seconds)
dnsmaxttl=1800
# minimum TTL value for entries in the CACHE(seconds)
dnsminttl=0
# size of CACHE
dnscachesize=4096
# show query log of dns cache
dnscachelog=True
# disable AAAA queries
# dnsnoaaaa=True
# custom records
dnsrecord=www.example.com/1.2.3.4
dnsrecord=www.example.com/2606:2800:220:1:248:1893:25c8:1946
# SERVICES
# service=dhcpd,INTERFACE,START_IP,END_IP,LEASE_MINUTES[,MAC=IP,MAC=IP...]
# service=dhcpd-failover,INTERFACE,START_IP,END_IP,LEASE_MINUTES[,MAC=IP,MAC=IP...]
# e.g.:
# service=dhcpd,eth1,192.168.1.100,192.168.1.199,720
# service=dhcpd,eth2,192.168.2.100,192.168.2.199,720,fc:23:34:9e:25:01=192.168.2.101,fc:23:34:9e:25:02=192.168.2.102
# INTERFACE SPECIFIC
# ------------------
# Specify global outbound ip/interface.
#
# interface=""
# interface="192.168.1.100"
# interface="eth0"
#
# Specify interface for a forwarder:
# forward=socks5://192.168.1.10:1080#priority=100&interface=eth0
# forward=socks5://192.168.1.10:1080#priority=100&interface=192.168.1.100
# RULE FILES
# ----------
# Specify additional forward rules.
#
# specify rules folder, so all *.rule files under this folder will be parsed as rule file
# rules-dir=rules.d
#
# specify a rule file
#rulefile=office.rule
#rulefile=home.rule
# INCLUDE CONFIG FILES
# ----------
#include=dnsrecord.inc.conf
#include=more.conf
# ENVIRONMENT VARIABLES
# ----------
# use {$ENV_VAR_NAME} in VALUE to get the Environment Variable value.
# forward=socks5://{$USER_NAME}:{$USER_PASS}@:1080
Reference in New Issue View Git Blame Copy Permalink