{ // Run a websocket server over TLS (wss) on port 443. "url": "wss://0.0.0.0:443", // TLS configuration "cert": "cert.pem", "key": "keyfile.pem", "targets": [ // Serve shadowsocks at obfs path /ss, obfs host example.com { "matching_path": "/ss", "matching_headers": { "host": "example.com" }, "scheme": "shadowsocks", "cipher": "aes-256-gcm", "password": "hello", }, // Serve shadowsocks at obfs path /ss2, where requests are routed through a HTTPS proxy. // Any obfs host can be provided, since we do not specify it. { // Targets can also be specified using URL format, but note that the address is unused. "matching_path": "/ss2", "url": "shadowsocks://aes-256-gcm:hello@unused-address.com", "proxies": [ "https://username:password@1.2.3.4:8080" ] }, // Serve vmess at obfs path /vmess, obfs host 'hello.com', when the user-agent is 'secret-client-v1.0' { "matching_path": "/vmess", "matching_headers": { "host": "hello.com", "user-agent": "secret-client-v1.0" }, "url": "vmess://3f4c7cb7-54fa-4965-b4f7-255047554831:chacha20-poly1305@unused-address.com" } ] }