注册CloudFlare

搭建节点

  • 右上角切换语言,选择”Workers和Pages”
    2b 图片
  • 创建应用程序
    2b 图片
  • 创建Worker
    2b 图片
  • 名字随便,点击部署
    2b 图片
  • 点击编辑代码
    2b 图片
  • 复制下面的代码
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    240
    241
    242
    243
    244
    245
    246
    247
    248
    249
    250
    251
    252
    253
    254
    255
    256
    257
    258
    259
    260
    261
    262
    263
    264
    265
    266
    267
    268
    269
    270
    271
    272
    273
    274
    275
    276
    277
    278
    279
    280
    281
    282
    283
    284
    285
    286
    287
    288
    289
    290
    291
    292
    293
    294
    295
    296
    297
    298
    299
    300
    301
    302
    303
    304
    305
    306
    307
    308
    309
    310
    311
    312
    313
    314
    315
    316
    317
    318
    319
    320
    321
    322
    323
    324
    325
    326
    327
    328
    329
    330
    331
    332
    333
    334
    335
    336
    337
    338
    339
    340
    341
    342
    343
    344
    345
    346
    347
    348
    349
    350
    351
    352
    353
    354
    355
    356
    357
    358
    359
    360
    361
    362
    363
    364
    365
    366
    367
    368
    369
    370
    371
    372
    373
    374
    375
    376
    377
    378
    379
    380
    381
    382
    383
    384
    385
    386
    387
    388
    389
    390
    391
    392
    393
    394
    395
    396
    397
    398
    399
    400
    401
    402
    403
    404
    405
    406
    407
    408
    409
    410
    411
    412
    413
    414
    415
    416
    417
    418
    419
    420
    421
    422
    423
    424
    425
    426
    427
    428
    429
    430
    431
    432
    433
    434
    435
    436
    437
    438
    439
    440
    441
    442
    443
    444
    445
    446
    447
    448
    449
    450
    451
    452
    453
    454
    455
    456
    457
    458
    459
    460
    461
    462
    463
    464
    465
    466
    467
    468
    469
    470
    471
    472
    473
    474
    475
    476
    477
    478
    479
    480
    481
    482
    483
    484
    485
    486
    487
    488
    489
    490
    491
    492
    493
    494
    495
    496
    497
    498
    499
    500
    501
    502
    503
    504
    505
    506
    507
    508
    509
    510
    511
    512
    513
    514
    515
    516
    517
    518
    519
    520
    521
    522
    523
    524
    525
    526
    527
    528
    529
    530
    531
    532
    533
    534
    535
    536
    537
    538
    539
    540
    541
    542
    543
    544
    545
    546
    547
    548
    549
    550
    551
    552
    553
    554
    555
    556
    557
    558
    559
    560
    561
    562
    563
    564
    565
    566
    567
    568
    569
    570
    571
    572
    573
    574
    575
    576
    577
    578
    579
    580
    581
    582
    583
    584
    585
    586
    587
    588
    589
    590
    591
    592
    593
    594
    595
    596
    597
    598
    599
    600
    601
    602
    603
    604
    605
    606
    607
    608
    609
    610
    611
    612
    613
    614
    615
    616
    617
    618
    619
    620
    621
    622
    623
    624
    625
    626
    627
    628
    629
    630
    631
    632
    633
    634
    635
    636
    637
    638
    639
    640
    641
    642
    643
    644
    645
    646
    647
    648
    649
    650
    651
    652
    653
    654
    655
    656
    657
    658
    659
    660
    661
    662
    663
    664
    665
    666
    667
    668
    669
    670
    671
    672
    673
    674
    675
    676
    677
    678
    679
    680
    681
    682
    683
    684
    685
    686
    687
    688
    689
    690
    691
    692
    693
    694
    695
    696
    697
    698
    699
    700
    701
    702
    703
    704
    705
    706
    707
    708
    709
    710
    711
    712
    713
    714
    715
    716
    717
    718
    719
    720
    721
    722
    723
    724
    725
    726
    727
    728
    729
    730
    731
    732
    733
    734
    735
    736
    737
    738
    739
    740
    741
    742
    743
    744
    745
    746
    747
    748
    749
    750
    751
    752
    753
    754
    755
    756
    757
    758
    759
    760
    761
    762
    763
    764
    765
    766
    767
    768
    769
    770
    771
    772
    773
    774
    775
    776
    777
    778
    779
    780
    781
    782
    783
    784
    785
    786
    787
    788
    789
    790
    791
    792
    793
    794
    795
    796
    797
    798
    799
    800
    801
    802
    803
    804
    805
    806
    807
    808
    809
    810
    811
    812
    813
    814
    815
    816
    817
    818
    819
    820
    821
    822
    823
    824
    825
    826
    827
    828
    829
    830
    831
    832
    833
    834
    835
    836
    837
    838
    839
    840
    841
    842
    843
    844
    845
    846
    847
    848
    // <!--GAMFC-->version base on commit 43fad05dcdae3b723c53c226f8181fc5bd47223e, time is 2023-06-22 15:20:02 UTC<!--GAMFC-END-->.
    // @ts-ignore
    import { connect } from 'cloudflare:sockets';

    // How to generate your own UUID:
    // [Windows] Press "Win + R", input cmd and run: Powershell -NoExit -Command "[guid]::NewGuid()"
    let userID = 'f74af6da-09b4-4c93-88f0-35683726feec';

    const proxyIPs = ['103.200.112.108']; // ['cdn-all.xn--b6gac.eu.org', 'cdn.xn--b6gac.eu.org', 'cdn-b100.xn--b6gac.eu.org', 'edgetunnel.anycast.eu.org', 'cdn.anycast.eu.org'];
    let proxyIP = proxyIPs[Math.floor(Math.random() * proxyIPs.length)];

    let dohURL = 'https://sky.rethinkdns.com/1:-Pf_____9_8A_AMAIgE8kMABVDDmKOHTAKg='; // https://cloudflare-dns.com/dns-query or https://dns.google/dns-query

    // v2board api environment variables
    let nodeId = ''; // 1

    let apiToken = ''; //abcdefghijklmnopqrstuvwxyz123456

    let apiHost = ''; // api.v2board.com

    if (!isValidUUID(userID)) {
    throw new Error('uuid is not valid');
    }

    export default {
    /**
    * @param {import("@cloudflare/workers-types").Request} request
    * @param {{UUID: string, PROXYIP: string, DNS_RESOLVER_URL: string, NODE_ID: int, API_HOST: string, API_TOKEN: string}} env
    * @param {import("@cloudflare/workers-types").ExecutionContext} ctx
    * @returns {Promise<Response>}
    */
    async fetch(request, env, ctx) {
    try {
    userID = env.UUID || userID;
    proxyIP = env.PROXYIP || proxyIP;
    dohURL = env.DNS_RESOLVER_URL || dohURL;
    nodeId = env.NODE_ID || nodeId;
    apiToken = env.API_TOKEN || apiToken;
    apiHost = env.API_HOST || apiHost;
    const upgradeHeader = request.headers.get('Upgrade');
    if (!upgradeHeader || upgradeHeader !== 'websocket') {
    const url = new URL(request.url);
    switch (url.pathname) {
    case '/cf':
    return new Response(JSON.stringify(request.cf, null, 4), {
    status: 200,
    headers: {
    "Content-Type": "application/json;charset=utf-8",
    },
    });
    case '/connect': // for test connect to cf socket
    const [hostname, port] = ['cloudflare.com', '80'];
    console.log(`Connecting to ${hostname}:${port}...`);

    try {
    const socket = await connect({
    hostname: hostname,
    port: parseInt(port, 10),
    });

    const writer = socket.writable.getWriter();

    try {
    await writer.write(new TextEncoder().encode('GET / HTTP/1.1\r\nHost: ' + hostname + '\r\n\r\n'));
    } catch (writeError) {
    writer.releaseLock();
    await socket.close();
    return new Response(writeError.message, { status: 500 });
    }

    writer.releaseLock();

    const reader = socket.readable.getReader();
    let value;

    try {
    const result = await reader.read();
    value = result.value;
    } catch (readError) {
    await reader.releaseLock();
    await socket.close();
    return new Response(readError.message, { status: 500 });
    }

    await reader.releaseLock();
    await socket.close();

    return new Response(new TextDecoder().decode(value), { status: 200 });
    } catch (connectError) {
    return new Response(connectError.message, { status: 500 });
    }
    case `/${userID}`: {
    const vlessConfig = getVLESSConfig(userID, request.headers.get('Host'));
    return new Response(`${vlessConfig}`, {
    status: 200,
    headers: {
    "Content-Type": "text/plain;charset=utf-8",
    }
    });
    }
    default:
    // return new Response('Not found', { status: 404 });
    // For any other path, reverse proxy to 'www.fmprc.gov.cn' and return the original response
    url.hostname = 'www.qq.com';
    url.protocol = 'https:';
    request = new Request(url, request);
    return await fetch(request);
    }
    } else {
    return await vlessOverWSHandler(request);
    }
    } catch (err) {
    /** @type {Error} */ let e = err;
    return new Response(e.toString());
    }
    },
    };




    /**
    *
    * @param {import("@cloudflare/workers-types").Request} request
    */
    async function vlessOverWSHandler(request) {

    /** @type {import("@cloudflare/workers-types").WebSocket[]} */
    // @ts-ignore
    const webSocketPair = new WebSocketPair();
    const [client, webSocket] = Object.values(webSocketPair);

    webSocket.accept();

    let address = '';
    let portWithRandomLog = '';
    const log = (/** @type {string} */ info, /** @type {string | undefined} */ event) => {
    console.log(`[${address}:${portWithRandomLog}] ${info}`, event || '');
    };
    const earlyDataHeader = request.headers.get('sec-websocket-protocol') || '';

    const readableWebSocketStream = makeReadableWebSocketStream(webSocket, earlyDataHeader, log);

    /** @type {{ value: import("@cloudflare/workers-types").Socket | null}}*/
    let remoteSocketWapper = {
    value: null,
    };
    let udpStreamWrite = null;
    let isDns = false;

    // ws --> remote
    readableWebSocketStream.pipeTo(new WritableStream({
    async write(chunk, controller) {
    if (isDns && udpStreamWrite) {
    return udpStreamWrite(chunk);
    }
    if (remoteSocketWapper.value) {
    const writer = remoteSocketWapper.value.writable.getWriter()
    await writer.write(chunk);
    writer.releaseLock();
    return;
    }

    const {
    hasError,
    message,
    portRemote = [443, 8443, 2053, 2083, 2087, 2096, 80, 8080, 8880, 2052, 2082, 2086, 2095],
    addressRemote = '',
    rawDataIndex,
    vlessVersion = new Uint8Array([0, 0]),
    isUDP,
    } = await processVlessHeader(chunk, userID);
    address = addressRemote;
    portWithRandomLog = `${portRemote}--${Math.random()} ${isUDP ? 'udp ' : 'tcp '
    } `;
    if (hasError) {
    // controller.error(message);
    throw new Error(message); // cf seems has bug, controller.error will not end stream
    // webSocket.close(1000, message);
    return;
    }
    // if UDP but port not DNS port, close it
    if (isUDP) {
    if (portRemote === 53) {
    isDns = true;
    } else {
    // controller.error('UDP proxy only enable for DNS which is port 53');
    throw new Error('UDP proxy only enable for DNS which is port 53'); // cf seems has bug, controller.error will not end stream
    return;
    }
    }
    // ["version", "附加信息长度 N"]
    const vlessResponseHeader = new Uint8Array([vlessVersion[0], 0]);
    const rawClientData = chunk.slice(rawDataIndex);

    // TODO: support udp here when cf runtime has udp support
    if (isDns) {
    const { write } = await handleUDPOutBound(webSocket, vlessResponseHeader, log);
    udpStreamWrite = write;
    udpStreamWrite(rawClientData);
    return;
    }
    handleTCPOutBound(remoteSocketWapper, addressRemote, portRemote, rawClientData, webSocket, vlessResponseHeader, log);
    },
    close() {
    log(`readableWebSocketStream is close`);
    },
    abort(reason) {
    log(`readableWebSocketStream is abort`, JSON.stringify(reason));
    },
    })).catch((err) => {
    log('readableWebSocketStream pipeTo error', err);
    });

    return new Response(null, {
    status: 101,
    // @ts-ignore
    webSocket: client,
    });
    }

    let apiResponseCache = null;
    let cacheTimeout = null;

    /**
    * Fetches the API response from the server and caches it for future use.
    * @returns {Promise<object|null>} A Promise that resolves to the API response object or null if there was an error.
    */
    async function fetchApiResponse() {
    const requestOptions = {
    method: 'GET',
    redirect: 'follow'
    };

    try {
    const response = await fetch(`https://${apiHost}/api/v1/server/UniProxy/user?node_id=${nodeId}&node_type=v2ray&token=${apiToken}`, requestOptions);

    if (!response.ok) {
    console.error('Error: Network response was not ok');
    return null;
    }
    const apiResponse = await response.json();
    apiResponseCache = apiResponse;

    // Refresh the cache every 5 minutes (300000 milliseconds)
    if (cacheTimeout) {
    clearTimeout(cacheTimeout);
    }
    cacheTimeout = setTimeout(() => fetchApiResponse(), 300000);

    return apiResponse;
    } catch (error) {
    console.error('Error:', error);
    return null;
    }
    }

    /**
    * Returns the cached API response if it exists, otherwise fetches the API response from the server and caches it for future use.
    * @returns {Promise<object|null>} A Promise that resolves to the cached API response object or the fetched API response object, or null if there was an error.
    */
    async function getApiResponse() {
    if (!apiResponseCache) {
    return await fetchApiResponse();
    }
    return apiResponseCache;
    }

    /**
    * Checks if a given UUID is present in the API response.
    * @param {string} targetUuid The UUID to search for.
    * @returns {Promise<boolean>} A Promise that resolves to true if the UUID is present in the API response, false otherwise.
    */
    async function checkUuidInApiResponse(targetUuid) {
    // Check if any of the environment variables are empty
    if (!nodeId || !apiToken || !apiHost) {
    return false;
    }

    try {
    const apiResponse = await getApiResponse();
    if (!apiResponse) {
    return false;
    }
    const isUuidInResponse = apiResponse.users.some(user => user.uuid === targetUuid);
    return isUuidInResponse;
    } catch (error) {
    console.error('Error:', error);
    return false;
    }
    }

    // Usage example:
    // const targetUuid = "65590e04-a94c-4c59-a1f2-571bce925aad";
    // checkUuidInApiResponse(targetUuid).then(result => console.log(result));

    /**
    * Handles outbound TCP connections.
    *
    * @param {any} remoteSocket
    * @param {string} addressRemote The remote address to connect to.
    * @param {number} portRemote The remote port to connect to.
    * @param {Uint8Array} rawClientData The raw client data to write.
    * @param {import("@cloudflare/workers-types").WebSocket} webSocket The WebSocket to pass the remote socket to.
    * @param {Uint8Array} vlessResponseHeader The VLESS response header.
    * @param {function} log The logging function.
    * @returns {Promise<void>} The remote socket.
    */
    async function handleTCPOutBound(remoteSocket, addressRemote, portRemote, rawClientData, webSocket, vlessResponseHeader, log,) {
    async function connectAndWrite(address, port) {
    /** @type {import("@cloudflare/workers-types").Socket} */
    const tcpSocket = connect({
    hostname: address,
    port: port,
    });
    remoteSocket.value = tcpSocket;
    log(`connected to ${address}:${port}`);
    const writer = tcpSocket.writable.getWriter();
    await writer.write(rawClientData); // first write, nomal is tls client hello
    writer.releaseLock();
    return tcpSocket;
    }

    // if the cf connect tcp socket have no incoming data, we retry to redirect ip
    async function retry() {
    const tcpSocket = await connectAndWrite(proxyIP || addressRemote, portRemote)
    // no matter retry success or not, close websocket
    tcpSocket.closed.catch(error => {
    console.log('retry tcpSocket closed error', error);
    }).finally(() => {
    safeCloseWebSocket(webSocket);
    })
    remoteSocketToWS(tcpSocket, webSocket, vlessResponseHeader, null, log);
    }

    const tcpSocket = await connectAndWrite(addressRemote, portRemote);

    // when remoteSocket is ready, pass to websocket
    // remote--> ws
    remoteSocketToWS(tcpSocket, webSocket, vlessResponseHeader, retry, log);
    }

    /**
    *
    * @param {import("@cloudflare/workers-types").WebSocket} webSocketServer
    * @param {string} earlyDataHeader for ws 0rtt
    * @param {(info: string)=> void} log for ws 0rtt
    */
    function makeReadableWebSocketStream(webSocketServer, earlyDataHeader, log) {
    let readableStreamCancel = false;
    const stream = new ReadableStream({
    start(controller) {
    webSocketServer.addEventListener('message', (event) => {
    if (readableStreamCancel) {
    return;
    }
    const message = event.data;
    controller.enqueue(message);
    });

    // The event means that the client closed the client -> server stream.
    // However, the server -> client stream is still open until you call close() on the server side.
    // The WebSocket protocol says that a separate close message must be sent in each direction to fully close the socket.
    webSocketServer.addEventListener('close', () => {
    // client send close, need close server
    // if stream is cancel, skip controller.close
    safeCloseWebSocket(webSocketServer);
    if (readableStreamCancel) {
    return;
    }
    controller.close();
    }
    );
    webSocketServer.addEventListener('error', (err) => {
    log('webSocketServer has error');
    controller.error(err);
    }
    );
    // for ws 0rtt
    const { earlyData, error } = base64ToArrayBuffer(earlyDataHeader);
    if (error) {
    controller.error(error);
    } else if (earlyData) {
    controller.enqueue(earlyData);
    }
    },

    pull(controller) {
    // if ws can stop read if stream is full, we can implement backpressure
    // https://streams.spec.whatwg.org/#example-rs-push-backpressure
    },
    cancel(reason) {
    // 1. pipe WritableStream has error, this cancel will called, so ws handle server close into here
    // 2. if readableStream is cancel, all controller.close/enqueue need skip,
    // 3. but from testing controller.error still work even if readableStream is cancel
    if (readableStreamCancel) {
    return;
    }
    log(`ReadableStream was canceled, due to ${reason}`)
    readableStreamCancel = true;
    safeCloseWebSocket(webSocketServer);
    }
    });

    return stream;

    }

    // https://xtls.github.io/development/protocols/vless.html
    // https://github.com/zizifn/excalidraw-backup/blob/main/v2ray-protocol.excalidraw

    /**
    *
    * @param { ArrayBuffer} vlessBuffer
    * @param {string} userID
    * @returns
    */
    async function processVlessHeader(
    vlessBuffer,
    userID
    ) {
    if (vlessBuffer.byteLength < 24) {
    return {
    hasError: true,
    message: 'invalid data',
    };
    }
    const version = new Uint8Array(vlessBuffer.slice(0, 1));
    let isValidUser = false;
    let isUDP = false;
    const slicedBuffer = new Uint8Array(vlessBuffer.slice(1, 17));
    const slicedBufferString = stringify(slicedBuffer);

    const uuids = userID.includes(',') ? userID.split(",") : [userID];

    const checkUuidInApi = await checkUuidInApiResponse(slicedBufferString);
    isValidUser = uuids.some(userUuid => checkUuidInApi || slicedBufferString === userUuid.trim());

    console.log(`checkUuidInApi: ${await checkUuidInApiResponse(slicedBufferString)}, userID: ${slicedBufferString}`);

    if (!isValidUser) {
    return {
    hasError: true,
    message: 'invalid user',
    };
    }

    const optLength = new Uint8Array(vlessBuffer.slice(17, 18))[0];
    //skip opt for now

    const command = new Uint8Array(
    vlessBuffer.slice(18 + optLength, 18 + optLength + 1)
    )[0];

    // 0x01 TCP
    // 0x02 UDP
    // 0x03 MUX
    if (command === 1) {
    } else if (command === 2) {
    isUDP = true;
    } else {
    return {
    hasError: true,
    message: `command ${command} is not support, command 01-tcp,02-udp,03-mux`,
    };
    }
    const portIndex = 18 + optLength + 1;
    const portBuffer = vlessBuffer.slice(portIndex, portIndex + 2);
    // port is big-Endian in raw data etc 80 == 0x005d
    const portRemote = new DataView(portBuffer).getUint16(0);

    let addressIndex = portIndex + 2;
    const addressBuffer = new Uint8Array(
    vlessBuffer.slice(addressIndex, addressIndex + 1)
    );

    // 1--> ipv4 addressLength =4
    // 2--> domain name addressLength=addressBuffer[1]
    // 3--> ipv6 addressLength =16
    const addressType = addressBuffer[0];
    let addressLength = 0;
    let addressValueIndex = addressIndex + 1;
    let addressValue = '';
    switch (addressType) {
    case 1:
    addressLength = 4;
    addressValue = new Uint8Array(
    vlessBuffer.slice(addressValueIndex, addressValueIndex + addressLength)
    ).join('.');
    break;
    case 2:
    addressLength = new Uint8Array(
    vlessBuffer.slice(addressValueIndex, addressValueIndex + 1)
    )[0];
    addressValueIndex += 1;
    addressValue = new TextDecoder().decode(
    vlessBuffer.slice(addressValueIndex, addressValueIndex + addressLength)
    );
    break;
    case 3:
    addressLength = 16;
    const dataView = new DataView(
    vlessBuffer.slice(addressValueIndex, addressValueIndex + addressLength)
    );
    // 2001:0db8:85a3:0000:0000:8a2e:0370:7334
    const ipv6 = [];
    for (let i = 0; i < 8; i++) {
    ipv6.push(dataView.getUint16(i * 2).toString(16));
    }
    addressValue = ipv6.join(':');
    // seems no need add [] for ipv6
    break;
    default:
    return {
    hasError: true,
    message: `invild addressType is ${addressType}`,
    };
    }
    if (!addressValue) {
    return {
    hasError: true,
    message: `addressValue is empty, addressType is ${addressType}`,
    };
    }

    return {
    hasError: false,
    addressRemote: addressValue,
    addressType,
    portRemote,
    rawDataIndex: addressValueIndex + addressLength,
    vlessVersion: version,
    isUDP,
    };
    }


    /**
    *
    * @param {import("@cloudflare/workers-types").Socket} remoteSocket
    * @param {import("@cloudflare/workers-types").WebSocket} webSocket
    * @param {ArrayBuffer} vlessResponseHeader
    * @param {(() => Promise<void>) | null} retry
    * @param {*} log
    */
    async function remoteSocketToWS(remoteSocket, webSocket, vlessResponseHeader, retry, log) {
    // remote--> ws
    let remoteChunkCount = 0;
    let chunks = [];
    /** @type {ArrayBuffer | null} */
    let vlessHeader = vlessResponseHeader;
    let hasIncomingData = false; // check if remoteSocket has incoming data
    await remoteSocket.readable
    .pipeTo(
    new WritableStream({
    start() {
    },
    /**
    *
    * @param {Uint8Array} chunk
    * @param {*} controller
    */
    async write(chunk, controller) {
    hasIncomingData = true;
    // remoteChunkCount++;
    if (webSocket.readyState !== WS_READY_STATE_OPEN) {
    controller.error(
    'webSocket.readyState is not open, maybe close'
    );
    }
    if (vlessHeader) {
    webSocket.send(await new Blob([vlessHeader, chunk]).arrayBuffer());
    vlessHeader = null;
    } else {
    // seems no need rate limit this, CF seems fix this??..
    // if (remoteChunkCount > 20000) {
    // // cf one package is 4096 byte(4kb), 4096 * 20000 = 80M
    // await delay(1);
    // }
    webSocket.send(chunk);
    }
    },
    close() {
    log(`remoteConnection!.readable is close with hasIncomingData is ${hasIncomingData}`);
    // safeCloseWebSocket(webSocket); // no need server close websocket frist for some case will casue HTTP ERR_CONTENT_LENGTH_MISMATCH issue, client will send close event anyway.
    },
    abort(reason) {
    console.error(`remoteConnection!.readable abort`, reason);
    },
    })
    )
    .catch((error) => {
    console.error(
    `remoteSocketToWS has exception `,
    error.stack || error
    );
    safeCloseWebSocket(webSocket);
    });

    // seems is cf connect socket have error,
    // 1. Socket.closed will have error
    // 2. Socket.readable will be close without any data coming
    if (hasIncomingData === false && retry) {
    log(`retry`)
    retry();
    }
    }

    /**
    *
    * @param {string} base64Str
    * @returns
    */
    function base64ToArrayBuffer(base64Str) {
    if (!base64Str) {
    return { error: null };
    }
    try {
    // go use modified Base64 for URL rfc4648 which js atob not support
    base64Str = base64Str.replace(/-/g, '+').replace(/_/g, '/');
    const decode = atob(base64Str);
    const arryBuffer = Uint8Array.from(decode, (c) => c.charCodeAt(0));
    return { earlyData: arryBuffer.buffer, error: null };
    } catch (error) {
    return { error };
    }
    }

    /**
    * This is not real UUID validation
    * @param {string} uuid
    */
    function isValidUUID(uuid) {
    const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
    return uuidRegex.test(uuid);
    }

    const WS_READY_STATE_OPEN = 1;
    const WS_READY_STATE_CLOSING = 2;
    /**
    * Normally, WebSocket will not has exceptions when close.
    * @param {import("@cloudflare/workers-types").WebSocket} socket
    */
    function safeCloseWebSocket(socket) {
    try {
    if (socket.readyState === WS_READY_STATE_OPEN || socket.readyState === WS_READY_STATE_CLOSING) {
    socket.close();
    }
    } catch (error) {
    console.error('safeCloseWebSocket error', error);
    }
    }

    const byteToHex = [];
    for (let i = 0; i < 256; ++i) {
    byteToHex.push((i + 256).toString(16).slice(1));
    }
    function unsafeStringify(arr, offset = 0) {
    return (byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + "-" + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + "-" + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + "-" + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + "-" + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]]).toLowerCase();
    }
    function stringify(arr, offset = 0) {
    const uuid = unsafeStringify(arr, offset);
    if (!isValidUUID(uuid)) {
    throw TypeError("Stringified UUID is invalid");
    }
    return uuid;
    }


    /**
    *
    * @param {import("@cloudflare/workers-types").WebSocket} webSocket
    * @param {ArrayBuffer} vlessResponseHeader
    * @param {(string)=> void} log
    */
    async function handleUDPOutBound(webSocket, vlessResponseHeader, log) {

    let isVlessHeaderSent = false;
    const transformStream = new TransformStream({
    start(controller) {

    },
    transform(chunk, controller) {
    // udp message 2 byte is the the length of udp data
    // TODO: this should have bug, beacsue maybe udp chunk can be in two websocket message
    for (let index = 0; index < chunk.byteLength;) {
    const lengthBuffer = chunk.slice(index, index + 2);
    const udpPakcetLength = new DataView(lengthBuffer).getUint16(0);
    const udpData = new Uint8Array(
    chunk.slice(index + 2, index + 2 + udpPakcetLength)
    );
    index = index + 2 + udpPakcetLength;
    controller.enqueue(udpData);
    }
    },
    flush(controller) {
    }
    });

    // only handle dns udp for now
    transformStream.readable.pipeTo(new WritableStream({
    async write(chunk) {
    const resp = await fetch(dohURL, // dns server url
    {
    method: 'POST',
    headers: {
    'content-type': 'application/dns-message',
    },
    body: chunk,
    })
    const dnsQueryResult = await resp.arrayBuffer();
    const udpSize = dnsQueryResult.byteLength;
    // console.log([...new Uint8Array(dnsQueryResult)].map((x) => x.toString(16)));
    const udpSizeBuffer = new Uint8Array([(udpSize >> 8) & 0xff, udpSize & 0xff]);
    if (webSocket.readyState === WS_READY_STATE_OPEN) {
    log(`doh success and dns message length is ${udpSize}`);
    if (isVlessHeaderSent) {
    webSocket.send(await new Blob([udpSizeBuffer, dnsQueryResult]).arrayBuffer());
    } else {
    webSocket.send(await new Blob([vlessResponseHeader, udpSizeBuffer, dnsQueryResult]).arrayBuffer());
    isVlessHeaderSent = true;
    }
    }
    }
    })).catch((error) => {
    log('dns udp has error' + error)
    });

    const writer = transformStream.writable.getWriter();

    return {
    /**
    *
    * @param {Uint8Array} chunk
    */
    write(chunk) {
    writer.write(chunk);
    }
    };
    }

    /**
    *
    * @param {string} userID
    * @param {string | null} hostName
    * @returns {string}
    */
    function getVLESSConfig(userID, hostName) {
    const wvlessws = `vless://${userID}@skk.moe:8880?encryption=none&security=none&type=ws&host=${hostName}&path=%2F%3Fed%3D2048#${hostName}`;
    const pvlesswstls = `vless://${userID}@skk.moe:8443?encryption=none&security=tls&type=ws&host=${hostName}&sni=${hostName}&fp=random&path=%2F%3Fed%3D2048#${hostName}`;

    if (hostName.includes('pages.dev')) {
    return `
    ==========================配置详解==============================

    ################################################################
    CF-pages-vless+ws+tls节点,分享链接如下:

    ${pvlesswstls}

    ---------------------------------------------------------------
    注意:如果 ${hostName} 在本地网络打不开(中国移动用户注意)
    客户端选项的伪装域名(host)必须改为你在CF解析完成的自定义域名
    ---------------------------------------------------------------
    客户端必要文明参数如下:
    客户端地址(address):自定义的域名 或者 优选域名 或者 优选IP
    端口(port):6个https端口可任意选择(443、8443、2053、2083、2087、2096)
    用户ID(uuid):${userID}
    传输协议(network):ws 或者 websocket
    伪装域名(host):${hostName}
    路径(path):/?ed=2048
    传输安全(TLS):开启
    跳过证书验证(allowlnsecure):false
    ################################################################
    `;

    } else if (hostName.includes('workers.dev')) {
    return `
    ==========================配置详解==============================

    ################################################################
    一、CF-workers-vless+ws节点,分享链接如下:

    ${wvlessws}

    ---------------------------------------------------------------
    注意:当前节点无需使用CF解析完成的域名,客户端选项的TLS选项必须关闭
    ---------------------------------------------------------------
    客户端必要文明参数如下:
    客户端地址(address):自定义的域名 或者 优选域名 或者 优选IP
    端口(port):7个http端口可任意选择(80、8080、8880、2052、2082、2086、2095)
    用户ID(uuid):${userID}
    传输协议(network):ws 或者 websocket
    伪装域名(host):${hostName}
    路径(path):/?ed=2048
    ################################################################


    ################################################################

    查看CF-workers-vless+ws+tls节点配置信息,请在浏览器地址栏输入:自定义域名/UUID

    ################################################################
    `;
    } else {
    return `
    ==========================配置详解==============================

    =====使用自定义域名查看配置,请确认使用的是workers还是pages=====

    ################################################################
    一、CF-workers-vless+ws节点,分享链接如下:

    ${wvlessws}

    ---------------------------------------------------------------
    注意:当前节点无需使用CF解析完成的域名,客户端选项的TLS选项必须关闭
    ---------------------------------------------------------------
    客户端必要文明参数如下:
    客户端地址(address):自定义的域名 或者 优选域名 或者 优选IP
    端口(port):7个http端口可任意选择(80、8080、8880、2052、2082、2086、2095)
    用户ID(uuid):${userID}
    传输协议(network):ws 或者 websocket
    伪装域名(host):${hostName}
    路径(path):/?ed=2048
    ################################################################

    ################################################################
    二、CF-workers-vless+ws+tls 或者 CF-pages-vless+ws+tls节点,分享链接如下:

    ${pvlesswstls}

    ---------------------------------------------------------------
    注意:客户端选项的伪装域名(host)必须改为你在CF解析完成的自定义域名
    ---------------------------------------------------------------
    客户端必要文明参数如下:
    客户端地址(address):自定义的域名 或者 优选域名 或者 优选IP
    端口(port):6个https端口可任意选择(443、8443、2053、2083、2087、2096)
    用户ID(uuid):${userID}
    传输协议(network):ws 或者 websocket
    伪装域名(host):${hostName}
    路径(path):/?ed=2048
    传输安全(TLS):开启
    跳过证书验证(allowlnsecure):false
    ################################################################
    `;
    }
    }
  • 替换掉原来的内容
    2b 图片
  • 生成uuid:https://1024tools.com/uuid
    随便复制一条
    2b 图片
  • 替换掉原来的uuid(保存下来,后面还要用),点击保存并部署
    2b 图片
  • 返回
    2b 图片
  • 点击预览(可能需要需要科学上网)
    2b 图片
  • 在地址栏后面加上/你的uuid
    2b 图片
  • 这个就是节点的配置信息,这个页面先不要关,等会要用到
    2b 图片

下载优选工具

  • PC端
    • 下载:https://wwrk.lanzouj.com/ic9T916h1tmh
    • 解压后,打开批处理启动iptest.bat文件(关掉你的科学上网工具)
      2b 图片
    • 根据提示进行操作,注意,因为你的workers没有绑定域名,请一定要禁用TLS
      2b 图片
    • 等待测速完成,打开ip.csv,分别为IP 端口 延迟 地区 速度(一般选择第一项即可)
      2b 图片
  • 安卓端
    • 下载:https://wwrk.lanzouj.com/iynsy17ddsdg
      密码:6n1v
    • 首次使用先执行升级代码
      1
      pkg upgrade
    • 升级完成后执行下面的代码
      1
      curl -sSL https://gitlab.com/rwkgyg/CFwarp/raw/main/point/cfip.sh -o cfip.sh && chmod +x cfip.sh && bash cfip.sh
    • 先清理一下以下载的文件
    • 再根据提示进行相关操作,因为没有绑定域名,所以一定要选择关闭tls的端口
    • 选择测速
    • 等待优选结束,选择你想要的ip,接着去v2配置IP和端口即可

      配置v2rayN

  • 下载:https://wwrk.lanzouj.com/iLgmZ1b5re9i
    密码:bejm
  • 解压后打开,添加vless节点(里面有两个我自己搭建的节点,你可以直接使用,把ip和端口换一下就行,先回去之前的页面,把vless:那一行复制一下)
    2b 图片
  • 编辑节点
    2b 图片
  • 修改地址为优选的IP,端口为你选的端口,确定
    2b 图片
  • 测试真连接,有延迟就代表可以用了
    2b 图片
  • 模式设为自动配置系统代理和绕过大陆即可
    2b 图片
  • 右击节点,选择分享,有一个二维码和vless链接,可以用手机v2rayng扫描二维码来添加节点
    2b 图片

    安卓使用v2rayng

  • 打开后点击右上角加号,扫描二维码添加节点即可
  • 点击左上角三条杠,点击设置,在VPN设置里面“启用本地DNS”和“启动虚拟DNS”打开,下面路由设置里,预定义规则改为“绕过大陆地址而后代理”