اینباندهای Xray
در این داکیومنت سعی میکنیم همه اینباندهای Xray را که میشه روی مرزبان استفاده کرد را لیست کنیم.
Reality
VLESS TCP REALITY
json
{
"tag": "VLESS TCP REALITY",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"tcpSettings": {},
"security": "reality",
"realitySettings": {
"show": false,
"dest": "google.com:443",
"xver": 0,
"serverNames": [
"example.com",
""
],
"privateKey": "read the notes down below",
"SpiderX": "/example",
"shortIds": [
"read the notes down below"
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS H2 REALITY
json
{
"tag": "VLESS H2 REALITY",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "h2",
"tcpSettings": {},
"security": "reality",
"realitySettings": {
"show": false,
"dest": "google.com:443",
"xver": 0,
"serverNames": [
"example.com",
""
],
"privateKey": "read the notes down below",
"SpiderX": "/example",
"shortIds": [
"read the notes down below"
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS GRPC REALITY
json
{
"tag": "VLESS GRPC REALITY",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "grpc",
"grpcSettings": {
"serviceName": "xyz"
},
"security": "reality",
"realitySettings": {
"show": false,
"dest": "google.com:443",
"xver": 0,
"serverNames": [
"example.com",
""
],
"privateKey": "read the notes down below",
"SpiderX": "/example",
"shortIds": [
"read the notes down below"
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}نکته
با وارد کردن دستور زیر privateKey دریافت کنید و آن را در اینباند ریلیتی خود قرار بدید.
نیازی به قرار دادن publicKey نیست چون بصورت خودکار جنریت خواهد شد.
bash
docker exec marzban-marzban-1 xray x25519نکته
با وارد کردن دستور زیر shortId دریافت کنید و آن را در اینباند ریلیتی خود قرار بدید.
قرار دادن ShortId و همچنین SpiderX در اینباند ریلیتی اختیاری است و نبودن آنها مشکلی ایجاد نخواهد کرد.
bash
openssl rand -hex 8VLESS TLS
VLESS HTTPUpgrade TLS
json
{
"tag": "VLESS HTTPUPGRADE TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "httpupgrade",
"httpupgradeSettings": {
"path": "/",
"host": ""
},
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS SplitHTTP TLS
json
{
"tag": "VLESS Splithttp TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"splithttpSettings": {
"host": "",
"path": "/",
"maxUploadSize": 1000000,
"maxConcurrentUploads": 10
},
"network": "splithttp",
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}
}VLESS WS TLS
json
{
"tag": "VLESS WS TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/"
},
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS GRPC TLS
json
{
"tag": "VLESS GRPC TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "grpc",
"grpcSettings": {
"serviceName": "vless"
},
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS TCP TLS
json
{
"tag": "VLESS TCP TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess TLS
VMess HTTPUpgrade TLS
json
{
"tag": "VMESS HTTPUPGRADE TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "httpupgrade",
"httpupgradeSettings": {
"path": "/",
"host": ""
},
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess SplitHTTP TLS
json
{
"tag": "VMESS Splithttp TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"splithttpSettings": {
"host": "",
"path": "/",
"maxUploadSize": 1000000,
"maxConcurrentUploads": 10
},
"network": "splithttp",
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}
}VMess WS TLS
json
{
"tag": "VMESS WS TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/"
},
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess GRPC TLS
json
{
"tag": "VMESS GRPC TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "grpc",
"grpcSettings": {
"serviceName": "vmess"
},
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess TCP TLS
json
{
"tag": "VMESS TCP TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}Trojan TLS
Trojan WS TLS Fake Certificate
json
{
"tag": "Trojan WS TLS Fake Certificate",
"listen": "0.0.0.0",
"port": 2083,
"protocol": "trojan",
"settings": {
"clients": []
},
"streamSettings": {
"network": "ws",
"security": "tls",
"tlsSettings": {
"certificates": [
{
"certificate": [
"-----BEGIN CERTIFICATE-----",
"MIIBvTCCAWOgAwIBAgIRAIY9Lzn0T3VFedUnT9idYkEwCgYIKoZIzj0EAwIwJjER",
"MA8GA1UEChMIWHJheSBJbmMxETAPBgNVBAMTCFhyYXkgSW5jMB4XDTIzMDUyMTA4",
"NDUxMVoXDTMzMDMyOTA5NDUxMVowJjERMA8GA1UEChMIWHJheSBJbmMxETAPBgNV",
"BAMTCFhyYXkgSW5jMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGAmB8CILK7Q1",
"FG47g5VXg/oX3EFQqlW8B0aZAftYpHGLm4hEYVA4MasoGSxRuborhGu3lDvlt0cZ",
"aQTLvO/IK6NyMHAwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMB",
"MAwGA1UdEwEB/wQCMAAwOwYDVR0RBDQwMoILZ3N0YXRpYy5jb22CDSouZ3N0YXRp",
"Yy5jb22CFCoubWV0cmljLmdzdGF0aWMuY29tMAoGCCqGSM49BAMCA0gAMEUCIQC1",
"XMIz1XwJrcu3BSZQFlNteutyepHrIttrtsfdd05YsQIgAtCg53wGUSSOYGL8921d",
"KuUcpBWSPkvH6y3Ak+YsTMg=",
"-----END CERTIFICATE-----"
],
"key": [
"-----BEGIN RSA PRIVATE KEY-----",
"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg7ptMDsNFiL7iB5N5",
"gemkQUHIWvgIet+GiY7x7qB13V6hRANCAAQYCYHwIgsrtDUUbjuDlVeD+hfcQVCq",
"VbwHRpkB+1ikcYubiERhUDgxqygZLFG5uiuEa7eUO+W3RxlpBMu878gr",
"-----END RSA PRIVATE KEY-----"
]
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
}Trojan WS TLS
json
{
"tag": "TROJAN WS TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "trojan",
"settings": {
"clients": []
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/"
},
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}Trojan GRPC TLS
json
{
"tag": "TROJAN GRPC TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "trojan",
"settings": {
"clients": []
},
"streamSettings": {
"network": "grpc",
"grpcSettings": {
"serviceName": "trojan"
},
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}Trojan TCP TLS
json
{
"tag": "TROJAN TCP TLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "trojan",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}Fallback TLS
Fallback TLS
json
{
"tag": "TROJAN FALLBACK TLS",
"port": 443,
"protocol": "trojan",
"settings": {
"clients": [],
"decryption": "none",
"fallbacks": [
{
"path": "/lw",
"dest": "@vless-ws",
"xver": 2
},
{
"path": "/mw",
"dest": "@vmess-ws",
"xver": 2
},
{
"path": "/tw",
"dest": "@trojan-ws",
"xver": 2
},
{
"path": "/lt",
"dest": "@vless-tcp",
"xver": 2
},
{
"path": "/mt",
"dest": "@vmess-tcp",
"xver": 2
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"serverName": "SERVER_NAME",
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/key.pem"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"alpn": [
"h2",
"http/1.1"
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
},
{
"tag": "VLESS TCP TLS Header",
"listen": "@vless-tcp",
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"security": "none",
"tcpSettings": {
"acceptProxyProtocol": true,
"header": {
"type": "http",
"request": {
"path": [
"/lt"
]
}
}
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
},
{
"tag": "VMESS TCP TLS Header",
"listen": "@vmess-tcp",
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "tcp",
"security": "none",
"tcpSettings": {
"acceptProxyProtocol": true,
"header": {
"type": "http",
"request": {
"path": [
"/mt"
]
}
}
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
},
{
"tag": "VLESS WS TLS",
"listen": "@vless-ws",
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/lw"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
},
{
"tag": "VMESS WS TLS",
"listen": "@vmess-ws",
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/mw"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
},
{
"tag": "TROJAN WS TLS",
"listen": "@trojan-ws",
"protocol": "trojan",
"settings": {
"clients": []
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/tw"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS NoTLS
VLESS HTTPUpgrade NoTLS
json
{
"tag": "VLESS HTTPUPGRADE NoTLS",
"listen": "0.0.0.0",
"port": 2095,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "httpupgrade",
"httpupgradeSettings": {
"path": "/",
"host": ""
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS SplitHTTP NoTLS
json
{
"tag": "VLESS SplitHTTP NoTLS",
"listen": "0.0.0.0",
"port": 8080,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "splithttp",
"splithttpSettings": {
"host": "",
"path": "/",
"maxUploadSize": 1000000,
"maxConcurrentUploads": 10
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS KCP NoTLS
json
{
"tag": "VLESS KCP NoTLS",
"listen": "0.0.0.0",
"port": 8080,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "kcp",
"kcpSettings": {
"mtu": 1350,
"tti": 20,
"uplinkCapacity": 5,
"downlinkCapacity": 20,
"congestion": false,
"readBufferSize": 2,
"writeBufferSize": 2,
"headers": {
"Host": [
""
]
},
"seed": "TED"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS WS NoTLS
json
{
"tag": "VLESS WS NOTLS",
"listen": "0.0.0.0",
"port": 8080,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/"
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS GRPC NoTLS
json
{
"tag": "VLESS GRPC NOTLS",
"listen": "0.0.0.0",
"port": 8080,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "grpc",
"grpcSettings": {
"serviceName": "vless"
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS TCP NoTLS
json
{
"tag": "VLESS TCP NOTLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": []
},
"streamSettings": {
"network": "tcp",
"tcpSettings": {
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess NoTLS
VMess HTTPUpgrade NoTLS
json
{
"tag": "VMESS HTTPUPGRADE NoTLS",
"listen": "0.0.0.0",
"port": 2095,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "httpupgrade",
"httpupgradeSettings": {
"path": "/",
"host": ""
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess SplitHTTP NoTLS
json
{
"tag": "VMESS SplitHTTP NoTLS",
"listen": "0.0.0.0",
"port": 8080,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "splithttp",
"splithttpSettings": {
"host": "",
"path": "/",
"maxUploadSize": 1000000,
"maxConcurrentUploads": 10
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess KCP NoTLS
json
{
"tag": "VMESS KCP NoTLS",
"listen": "0.0.0.0",
"port": 8080,
"protocol": "vmess",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "kcp",
"kcpSettings": {
"mtu": 1350,
"tti": 20,
"uplinkCapacity": 5,
"downlinkCapacity": 20,
"congestion": false,
"readBufferSize": 2,
"writeBufferSize": 2,
"headers": {
"Host": [
""
]
},
"seed": "TED"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess WS NoTLS
json
{
"tag": "VMESS WS NOTLS",
"listen": "0.0.0.0",
"port": 8080,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/"
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess GRPC NoTLS
json
{
"tag": "VMESS GRPC NOTLS",
"listen": "0.0.0.0",
"port": 8080,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "grpc",
"grpcSettings": {
"serviceName": "vmess"
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess TCP NoTLS
json
{
"tag": "VMESS TCP NOTLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "tcp",
"tcpSettings": {
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}Trojan NoTLS
Trojan WS NoTLS
json
{
"tag": "TROJAN WS NOTLS",
"listen": "0.0.0.0",
"port": 8080,
"protocol": "trojan",
"settings": {
"clients": []
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/"
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}Trojan GRPC NoTLS
json
{
"tag": "TROJAN GRPC NOTLS",
"listen": "0.0.0.0",
"port": 8080,
"protocol": "trojan",
"settings": {
"clients": []
},
"streamSettings": {
"network": "grpc",
"grpcSettings": {
"serviceName": "trojan"
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}Trojan TCP NoTLS
json
{
"tag": "TROJAN TCP NOTLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "trojan",
"settings": {
"clients": []
},
"streamSettings": {
"network": "tcp",
"tcpSettings": {
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}Fallback NoTLS
Fallback NoTLS
json
{
"tag": "TROJAN FALLBACK NoTLS",
"port": 8080,
"protocol": "trojan",
"settings": {
"clients": [],
"decryption": "none",
"fallbacks": [
{
"path": "/vl",
"dest": "@vless-ws",
"xver": 2
},
{
"path": "/vm",
"dest": "@vmess-ws",
"xver": 2
}
]
},
"streamSettings": {
"network": "tcp",
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
},
{
"tag": "VLESS WS NoTLS",
"listen": "@vless-ws",
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/vless"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
},
{
"tag": "VMESS WS NoTLS",
"listen": "@vmess-ws",
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/vmess"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS Header
VLESS TCP Header NoTLS
json
{
"tag": "VLESS TCP Header NoTLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"tcpSettings": {
"header": {
"type": "http",
"request": {
"method": "GET",
"path": [
"/"
],
"headers": {
"Host": [
"cloudflare.com"
]
}
},
"response": {}
}
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VLESS WS Header NoTLS
json
{
"tag": "VLESS WS Header NoTLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": [],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/",
"headers": {
"Host": "cloudflare.com"
}
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess Header
VMess TCP Header NoTLS
json
{
"tag": "VMESS TCP Header NoTLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "tcp",
"tcpSettings": {
"header": {
"type": "http",
"request": {
"method": "GET",
"path": [
"/"
],
"headers": {
"Host": [
"cloudflare.com"
]
}
},
"response": {}
}
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}VMess WS Header NoTLS
json
{
"tag": "VMESS WS Header NoTLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "vmess",
"settings": {
"clients": []
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/",
"headers": {
"Host": "cloudflare.com"
}
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}Trojan Header
Trojan TCP Header NoTLS
json
{
"tag": "TROJAN TCP Header NoTLS",
"listen": "0.0.0.0",
"port": 443,
"protocol": "trojan",
"settings": {
"clients": []
},
"streamSettings": {
"network": "tcp",
"tcpSettings": {
"header": {
"type": "http",
"request": {
"method": "GET",
"path": [
"/"
],
"headers": {
"Host": [
"cloudflare.com"
]
}
},
"response": {}
}
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}Trojan WS Header NoTLS
json
{
"tag": "TROJAN WS Header NoTLs",
"listen": "0.0.0.0",
"port": 443,
"protocol": "trojan",
"settings": {
"clients": []
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/",
"headers": {
"Host": "cloudflare.com"
}
},
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
}
}Shadowsocks
Shadowsocks TCP
json
{
"tag": "Shadowsocks TCP",
"listen": "0.0.0.0",
"port": 1080,
"protocol": "shadowsocks",
"settings": {
"clients": [],
"network": "tcp,udp"
}
}نکتهها
نکته اول
اگر از کلودفلر سرتیفیکیت دریافت کردید بخش ocspStapling را از اینباند خود حذف کنید.
نکته دوم
اگر از Fallback استفاده میکنید، لازم هست تا اول تگ اینباند فالبک خود را در .env ست کنید.
env
# XRAY_FALLBACKS_INBOUND_TAG = "INBOUND_X"این قسمت را در .env پیدا کنید و با پاک کردن # اول آن، از حالت کامنت آن را خارج کنید و سپس مقدار INBOUND_X را مطابق با تگ اینباند فالبک خود قرار دهید و در نهایت برای اعمال تغییرات، مرزبان را با دستور زیر ریستارت کنید.
bash
marzban restartنکته سوم
اگر قصد استفاده از 2 یا چند دامین و یا ساب دامین را دارید میتوانید مثل نمونه زیر چندین سرتیفیکت را داخل اینباند قرار بدید.
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/domain1.com/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/domain1.com/key.pem"
},
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/marzban/certs/domain2.com/fullchain.pem",
"keyFile": "/var/lib/marzban/certs/domain2.com/key.pem"
}
],