+{% endblock %}
diff --git a/_layouts/website/layout.html b/_layouts/website/layout.html
index 4a370625a..e2daf4223 100644
--- a/_layouts/website/layout.html
+++ b/_layouts/website/layout.html
@@ -10,6 +10,11 @@
+ {% if config.language == "zh" %}
+
+ {% else %}
+
+ {% endif %}
{% endblock %}
{% block style %}
diff --git a/_layouts/website/page.html b/_layouts/website/page.html
index f60c8904c..84ca0057f 100644
--- a/_layouts/website/page.html
+++ b/_layouts/website/page.html
@@ -24,6 +24,9 @@
{% endif %}
{% endfor %}
+ {% if config.pluginsConfig['mermaid-gb3'] %}
+
+ {% endif %}
{% endblock %}
{% block body %}
@@ -59,18 +62,6 @@
{% endblock %}
- {% block book_navigation %}
- {% if page.previous and page.previous.path %}
-
-
-
- {% endif %}
- {% if page.next and page.next.path %}
-
-
-
- {% endif %}
- {% endblock %}
{% endblock %}
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
new file mode 100644
index 000000000..33791cb16
--- /dev/null
+++ b/azure-pipelines.yml
@@ -0,0 +1,19 @@
+jobs:
+- job: build_upload
+ timeoutInMinutes: 30
+
+ pool:
+ vmImage: 'ubuntu-16.04'
+
+ steps:
+ - checkout: self
+ clean: true
+ fetchDepth: 5
+ - script: |
+ ls -al
+ ./deploy.sh
+ env:
+ GITHUB_TOKEN: '$(github.token)'
+ workingDirectory: '$(Build.SourcesDirectory)'
+ displayName: 'Build'
+
diff --git a/cleanup.sh b/cleanup.sh
new file mode 100755
index 000000000..7c279aa5e
--- /dev/null
+++ b/cleanup.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+PROJECT=$1
+
+echo "Removing previous machines."
+gcloud compute instances list --project ${PROJECT} | grep TERMINATED \
+| awk '{printf "%s --zone %s\n", $1, $2}' \
+| while read LINE; do
+ gcloud --quiet compute instances delete ${LINE} --project ${PROJECT}
+done
diff --git a/crowdin.yml b/crowdin.yml
new file mode 100644
index 000000000..38198ec56
--- /dev/null
+++ b/crowdin.yml
@@ -0,0 +1,3 @@
+files:
+ - source: /en/**/*.md
+ translation: /%two_letters_code%/**/%original_file_name%
diff --git a/deploy.sh b/deploy.sh
index 0389c2f76..1d2ac55a8 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -1,40 +1,27 @@
#!/bin/bash
-set -x
-
-curl -sL https://deb.nodesource.com/setup_7.x | bash -
-apt-get update
-apt-get -y install jq git file nodejs build-essential
+curl -sL https://deb.nodesource.com/setup_10.x | sudo bash -
+sudo apt -y install jq git file nodejs build-essential
function build_dir {
DIR="$1"
pushd $DIR
rsync -rv ../_layouts/ ./_layouts/
rsync -rv ../resources/ ./resources/
- cp ../donor.md ./donor.md
gitbook init
gitbook install
gitbook build
popd
}
-function getattr() {
- curl -s -H "Metadata-Flavor: Google" http://metadata.google.internal/computeMetadata/v1/$2/attributes/$1
-}
-
-GITHUB_TOKEN=$(getattr "github_token" "project")
-
-git clone https://github.com/v2ray/manual.git
-cd manual
-
-curl -o "./resources/github-release.svg" "https://img.shields.io/github/release/v2ray/v2ray-core.svg"
-
-npm install gitbook-cli -g
+sudo npm install -g gitbook-cli
build_dir zh_cn
build_dir en
-build_dir eng_zh_cn
-build_dir eng_en
+build_dir ru
+build_dir ko
+build_dir fa
+build_dir vi
TARGET_DIR=_v2ray_com
@@ -44,10 +31,14 @@ rm -rf ${TARGET_DIR}/*
cp -r ./zh_cn/_book/* ${TARGET_DIR}/
mkdir ${TARGET_DIR}/en/
cp -r ./en/_book/* ${TARGET_DIR}/en/
-mkdir ${TARGET_DIR}/eng/
-cp -r ./eng_zh_cn/_book/* ${TARGET_DIR}/eng/
-mkdir ${TARGET_DIR}/eng_en/
-cp -r ./eng_en/_book/* ${TARGET_DIR}/eng_en/
+mkdir ${TARGET_DIR}/ru/
+cp -r ./ru/_book/* ${TARGET_DIR}/ru/
+mkdir ${TARGET_DIR}/ko/
+cp -r ./ko/_book/* ${TARGET_DIR}/ko/
+mkdir ${TARGET_DIR}/fa/
+cp -r ./fa/_book/* ${TARGET_DIR}/fa/
+mkdir ${TARGET_DIR}/vi/
+cp -r ./vi/_book/* ${TARGET_DIR}/vi/
cp -r ./_dev/* ${TARGET_DIR}/
cp CNAME ${TARGET_DIR}/
cp robots.txt ${TARGET_DIR}/
@@ -55,11 +46,9 @@ cp -r ./resources/* ${TARGET_DIR}/resources/
pushd ${TARGET_DIR}
git config user.name "V2Ray Auto Build"
-git config user.email "admin@v2ray.com"
+git config --local user.email "${{ github.actor }}@users.noreply.github.com"
git add -A
git commit -m 'update'
git push "https://${GITHUB_TOKEN}@github.com/v2ray/v2ray.github.io.git" master
popd
-
-shutdown -h now
diff --git a/donor.md b/donor.md
deleted file mode 100644
index 0e3b5de37..000000000
--- a/donor.md
+++ /dev/null
@@ -1,152 +0,0 @@
-Time | Name | Amount |Note
-:---------:|:-------------------------------|--------:|-----
-2018.04.19 | x\*\*\*\*w@gmail.com | $10 |
-2018.04.19 | 茄子 | $5 |
-2018.04.19 | ch\*\*\*\*\*\*\*\*\*73@gmail.com | $5 |
-2018.04.19 | 雷锋 | $2.68 | ETH 0.005
-2018.04.18 | 反审查小江 | $3 |
-2018.04.18 | li\*\*\*\*\*\*\*16@gmail.com | $2 |
-2018.04.18 | 嫩模爱好者 | $43.95 | OMG 3
-2018.04.17 | ti\*\*\*\*\*\*\*en@hotmail.com | $25 |
-2018.04.17 | hh | $10 |
-2018.04.17 | Anonymous | $8.12 | BTC 0.001
-2018.04.17 | no\*\*\*\*\*\*32@gmail.com | $5 |
-2018.04.17 | Anonymous | $5 |
-2018.04.09 | z\*\*\*\*\*\*\*\*7@163.com | $5 |
-2018.04.08 | 6\*\*\*\*\*\*\*\*1@qq.com | $50 |
-2018.04.05 | r\*\*\*\*\*\*\*n@gmail.com | $10 |
-2018.04.05 | ya\*\*\*\*\*\*ge@gmail.com | $10 |
-2018.03.29 | xi\*\*\*\*\*\*\*\*\*\*\*00@gmail.com | $10 |
-2018.03.23 | cs\*\*\*\*\*\*\*\*\*\*\*92@qq.com | $5 |
-2018.03.18 | w\*\*\*\*\*n@gmail.com | $5 |
-2018.03.16 | ya\*\*\*\*\*\*\*\*\*\*\*26@gmail.com | $2 |
-2018.03.15 | x\*\*\*\*\*g@163.com | $25 |
-2018.03.13 | si\*\*\*\*\*\*\*\*\*x | $30 |
-2018.03.10 | hy\*\*\*\*\*\*in@gmail.com | $5 |
-2018.03.09 | so\*\*\*\*\*\*\*\*\*aa@foxmail.com | $5 |
-2018.03.07 | de\*\*\*\*\*\*p@gmail.com | $10 |
-2018.03.06 | cs\*\*\*\*\*o2@gmail.com | $25 |
-2018.03.02 | z\*\*\*\*\*\*\*i@qq.com | $5 |
-2018.03.01 | bl\*\*\*\*\*gz@gmail.com | $25 |
-2018.02.27 | w\*\*\*\*\*\*\*y@gmail.com | $5 |
-2018.02.26 | 7\*\*\*\*\*\*\*2@qq.com | $5 |
-2018.02.25 | v\*\*\*\*\*\*o@outlook.com | $25 |
-2018.02.23 | ch\*\*\*\*\*\*nd@gmail.com | $5 |
-2018.02.23 | y\*\*\*\*\*\*\*y@gmail.com | $30 |
-2018.02.16 | o\*\*\*\*\*\*\*n@gmail.com | $10 |
-2018.02.14 | Anonymous | $5 |
-2018.02.12 | 27\*\*\*\*\*67@qq.com | $10 |
-2018.02.12 | k\*\*\*@\*\*\*\*.me | $5 |
-2018.02.12 | j\*\*\*\*\*@\*\*\*\*\*\*\*\*e.com | $25 |
-2018.02.07 | s\*\*\*\*o@qq.com | $5 |
-2018.02.04 | w\*\*\*\*d@protonmail.ch | $25 |
-2018.02.02 | up\*\*\*\*\*\*\*\*\*\*al@gmail.com | $10 |
-2018.02.01 | 22\*\*\*\*\*\*\*18@qq.com | $5 |
-2018.01.31 | w\*\*\*\*h@qq.com | $15 |
-2018.01.20 | li\*\*\*\*\*\*\*\*45@163.com | $5 |
-2018.01.06 | li\*\*\*\*\*\*\*\*ss@gmail.com | $10 |
-2018.01.06 | y\*\*\*\*\*0@outlook.com | $1 |
-2018.01.02 | Anonymous | $25 |
-2017 | Anonymous | |
- | b\*\*\*\*t@gmail.com | |
- | Anonymous | |
- | zh\*\*\*\*\*\*\*zb@outlook.com | |
- | Anonymous | |
- | o\*\*\*\*\*\*r@outlook.com | |
- | li\*\*\*\*\*\*\*\*ss@gmail.com | |
- | lp\*\*\*\*\*36@gmail.com | |
- | xa\*\*\*\*\*\*en@outlook.com | |
- | g\*\*\*\*\*u@protonmail.com | |
- | b\*\*\*\*\*\*g@protonmail.com | |
- | 25\*\*\*\*\*\*14@qq.com | |
- | v\*\*\*\*s@icloud.com | |
- | a\*\*\*\*\*\*1@gmail.com | |
- | Anonymous | |
- | li\*\*\*\*\*\*\*\*ss@gmail.com | |
- | wn\*\*\*\*\*\*\*or@gmail.com | |
- | zh\*\*\*\*\*\*\*\*\*\*\*\*\*\*ng@gmail.com | |
- | c\*\*\*\*\*l@gmail.com | |
- | ww\*\*\*\*\*\*\*\*\*tv@gmail.com | |
- | 3\*\*\*\*\*\*9@qq.com | |
- | 1\*\*\*\*\*\*\*\*1@163.com | |
- | de\*\*\*\*\*\*\*su@gmail.com | |
- | b\*\*\*\*\*\*n@outlook.com | |
- | bo\*\*\*\*\*\*\*\*se@gmail.com | |
- | xi\*\*\*\*\*\*\*\*\*ng@live.com | |
- | 5\*\*\*\*3@gmail.com | |
- | bl\*\*\*\*\*\*iu@gmail.com | |
- | s\*\*\*\*c@gmail.com | |
- | sp\*\*\*\*\*\*ck@hotmail.com | |
- | c\*\*\*\*i@live.com | |
- | l\*\*\*\*\*\*r@msn.cn | |
- | k\*\*\*\*\*\*e@gmail.com | |
- | m\*\*\*\*\*\*\*p@gmail.com | |
- | il\*\*\*\*\*dl@gmail.com | |
- | w\*\*\*\*\*\*8@msn.com | |
- | do\*\*\*\*\*xm@gmail.com | |
- | li\*\*\*\*\*\*\*\*ss@gmail.com | |
- | ti\*\*\*\*\*\*\*er@outlook.com | |
- | Ed\*\*\*\*\*\*on | |
- | Anonymous | |
- | Anonymous | |
- | Anonymous | |
- | w\*\*\*\*\*y@qq.com | |
- | 18\*\*\*\*\*\*\*02@139.com | |
- | cd\*\*\*\*\*\*\*\*\*\*05@gmail.com | |
- | le\*\*\*\*\*\*\*08@gmail.com | |
- | no\*\*\*\*\*32@gmail.com | |
- | do\*\*\*\*\*\*xu@hotmail.com | |
- | v\*\*\*\*1@qq.com | |
- | fi\*\*\*\*\*\*\*\*\*ai@gmail.com | |
- | hi\*\*\*\*\*\*\*\*\*08@gmail.com | |
- | Li\*\*\*\*\*\*\*en | |
- | c\*\*\*\*s@qq.com | |
- | a\*\*\*\*e@gmail.com | |
- | \*\*\*\*ond | |
- | Ors\*\*\*\*\*\*\*\*el | |
- | fi\*\*\*\*ng@outlook.com | |
- | xy\*\*\*\*\*ry@gmail.com | |
- | ya\*\*\*\*\*\*ge@gmail.com | |
- | v\*\*\*\*t@gmail.com | |
- | Anonymous | |
- | m\*\*\*\*b@gmail.com | |
- | mz\*\*\*\*\*ng@126.com | |
- | Anonymous | |
- | Anonymous | |
- | Anonymous | |
- | Anonymous | |
- | ye\*\*\*\*\*\*\*yo@gmail.com | |
- | wu\*\*\*\*in@hotmail.com | |
- | ya\*\*\*\*\*un@hotmail.com | |
- | Anonymous | |
- | ro\*\*\*\*\*\*\*an | |
- | ye\*\*\*\*\*\*\*yo@gmail.com | |
- | Mi\*\*\*\*\*\*\*ag | |
- | ya\*\*\*\*\*\*ge@gmail.com | |
- | Anonymous | |
-2016 | ca\*\*\*\*\*\*\*\*sh@163.com | |
- | Wi\*\*\*\*\*\*\*an | |
- | Ro\*\*\*\*\*\*\*an | |
- | Ors\*\*\*\*\*\*\*\*el | |
- | Anonymous | |
- | f\*\*\*\*\*\*e | |
- | dw\*\*\*un@gmail.com | |
- | Be\*\*\*N | |
- | Zi\*\*\*\*\*\*an | |
- | yo\*\*\*\*\*\*\*97@gmail.com | |
- | fd\*\*\*45 | |
- | hi\*\*\*i9@gmail.com | |
- | luo\*\*\*\*72@gmail.com | |
- | An\*\*\*\*\*Mu | |
- | Ch\*\*\* Q\*\*\* | |
- | xy\*\*\*\*y@gmail.com ||
- | Ke\*\*\*\*\*uo ||
- | ji\*\*\*\*\*\*\*\*98@gmail.com||
- | ge\*\*\*\*en@outlook.com | |
- | v\*\*\*\*\*\*ns@tutanota.com | |
- | Han\*\*\*ft | |
-2015 | zw\*\*\*\*\*oo | |
- | M\*\*莫 | |
- | Penn G\*\*\*\*\*\* | |
- | a\*\*\*\*\*u | |
- | s\*\*\*\*\*\*\*@gmail.com | |
diff --git a/en/README.md b/en/README.md
index 5ddc01801..bf682a829 100644
--- a/en/README.md
+++ b/en/README.md
@@ -1,36 +1,25 @@
-# Project V
+---
+refcn: index
+refen: index
+---
- [](https://www.v2ray.com/)
+# Project V
-Project V is a set of tools to help you build your own privacy network over internet.
+Project V is a set of tools to help you build your own private network over the internet. The core of Project V, named `V2Ray`, is responsible for network protocols and communications. It can work alone, or in combination with other tools.
-## Introduction
-
-Project is provides a single core with various GUI programs. The core, V2Ray, is for network connection, routing and data processing, while GUI programs are for user friendly experience.
-
-V2Ray's responsibility is transfer data from its client to specified server, based on user configuration. It runs as a commandline tool. It can be configured via JSON based configuration.
+This website is primarily a manual for V2Ray, with some additional information regarding the whole project.
## Features
-### Multiple proxy support
-
-V2Ray supports Socks, HTTP, Shadowsocks and VMess protocol.
-
-* One V2Ray process can use different protocols on different ports at the same time;
-* By combining different inbound and outbound proxies, one can change traffic format dynamically.
-
-### Multiple transport protocols
-
-All proxies above can be send/receive over TLS, TCP, mKCP and more transport protocols.
-
-### Flexible routing
-
-V2Ray has an internal router, which can be configured to proxy traffic, or send directly, or even block them.
-
-## Update this site
+* Multiple inbound/outbound proxies: one V2Ray instance supports in parallel multiple inbound and outbound protocols. Each protocol works independently.
+* Customizable routing: incoming traffic can be sent to different outbounds based on routing configuration. It is easy to route traffic by target region or domain.
+* Multiple protocols: V2Ray supports multiple protocols, including Socks, HTTP, Shadowsocks, VMess etc. Each protocol may have its own transport, such as TCP, mKCP, WebSocket etc.
+* Obfuscation: V2Ray has built in obfuscation to hide traffic in TLS, and can run in parallel with web servers.
+* Reverse proxy: General support of reverse proxy. Can be used to build tunnels to localhost.
+* Multiple platforms: V2Ray runs natively on Windows, Mac OS, Linux, etc. There is also third party support on mobile.
-This site is generated by GitBook, and host on GitHub. If you'd like to modify its content, please send pull request to [this repo](https://github.com/v2ray/manual).
+{% hint style='info' %}
-## License
+This site is generated by GitBook, and hosted on GitHub. If you'd like to modify its content, please send a pull request to [this repo](https://github.com/v2ray/manual).
-This website is licensed under a [Creative Commons Attribution 4.0 International License](https://creativecommons.org/licenses/by/4.0/).
+{% endhint %}
diff --git a/en/SUMMARY.md b/en/SUMMARY.md
index 578e54119..62ebc152a 100644
--- a/en/SUMMARY.md
+++ b/en/SUMMARY.md
@@ -1,23 +1,23 @@
# Summary
- [](https://www.v2ray.com/chapter_02/)
-
-* [Welcome to V2Ray](README.md)
+* [Project V](README.md)
* [Version History](welcome/versions.md)
* [Workflow](welcome/workflow.md)
* [Install](welcome/install.md)
+ * [Quick Start](welcome/start.md)
* [Commandline](welcome/command.md)
* [Donation](welcome/donate.md)
* [Support](welcome/help.md)
- * [Telegram](welcome/tg.md)
- * [Private Communication](welcome/pgp.md)
- * [License](welcome/license.md)
+ * [FAQ](welcome/faq.md)
+ * [Blog↪](https://steemit.com/@v2ray)
* [Configuration](configuration/README.md)
* [Overview](configuration/overview.md)
* [Protocols](configuration/protocols.md)
* [Blackhole](configuration/protocols/blackhole.md)
+ * [DNS](configuration/protocols/dns.md)
* [Dokodemo](configuration/protocols/dokodemo.md)
* [Freedom](configuration/protocols/freedom.md)
+ * [MTProto](configuration/protocols/mtproto.md)
* [HTTP](configuration/protocols/http.md)
* [Shadowsocks](configuration/protocols/shadowsocks.md)
* [SOCKS](configuration/protocols/socks.md)
@@ -28,15 +28,24 @@
* [Mux](configuration/mux.md)
* [API](configuration/api.md)
* [Statistics](configuration/stats.md)
+ * [Reverse](configuration/reverse.md)
* [Transport](configuration/transport.md)
* [TCP](configuration/transport/tcp.md)
* [mKCP](configuration/transport/mkcp.md)
* [WebSocket](configuration/transport/websocket.md)
* [HTTP/2](configuration/transport/h2.md)
+ * [DomainSocket](configuration/transport/domainsocket.md)
+ * [QUIC](configuration/transport/quic.md)
* [Env Variables](configuration/env.md)
-* [Clients](ui_client/README.md)
- * [Windows](ui_client/windows.md)
- * [OS X](ui_client/osx.md)
- * [iOS](ui_client/ios.md)
- * [Android](ui_client/android.md)
- * [Services](ui_client/service.md)
+* [Awesome V](awesome/tools.md)
+ * [With Ads](awesome/ads.md)
+* Development
+ * Milestone
+ * Guide
+ * Design
+ * Build
+ * [Tools](developer/tools.md)
+ * Protocols
+ * VMess
+ * mKCP
+ * Mux.Cool
diff --git a/en/awesome/ads.md b/en/awesome/ads.md
new file mode 100644
index 000000000..e7e0ac523
--- /dev/null
+++ b/en/awesome/ads.md
@@ -0,0 +1,72 @@
+---
+refcn: awesome/ads
+refen: awesome/ads
+---
+
+# Some Advertisement
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## Self Hosting
+
+> [Let's Encrypt](https://letsencrypt.org/)
+
+Free TLS certificates
+
+> [Vultr](https://www.vultr.com/?ref=7269307)
+
+VPS
+
+[2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+
+> [BlueHost](https://www.bluehost.com/track/v2ray/)
+
+VPS, web hosting
+
+> [ClouDNS](https://www.cloudns.net/aff/id/244749/)
+
+Domain registration, DNS, SSL certificate
+
+> [Bandwagon](https://bandwagonhost.com/aff.php?aff=44317)
+
+Well-known VPS provider. Low price for good product.
+
+## VPN
+
+> [BabyDriver](http://babydriver.me/)
+
+Supports V2Ray. Coupon code: bcb518
+
+> [喵帕斯](https://xn--i2ru8q2qg.com/)
+
+V2Ray support (beta)
+
+> [Lanan](https://xn--sjt174g.com/)
+
+V2Ray based VPN service. Coupon code: v2ray
+
+> [V2Net](http://v2net.org/)
+
+Customized V2Ray service. Promo code: v2ray.com
+
+## Cryptocurrency
+
+> [LocalBitcoins](https://localbitcoins.com/?ch=khtm)
+
+Trade Bitcoins offline
+
+> [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g)
+
+OTC market to trade BTC, ETH, BCH, USDT.
+
+> [Binance](https://www.binance.com/?ref=35382451)
+
+Trading market for crypto currencies.
+
+> [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp)
+
+Trading market for crypto currencies.
+
+> [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18)
+
+Online crypto currency wallet
\ No newline at end of file
diff --git a/en/awesome/tools.md b/en/awesome/tools.md
new file mode 100644
index 000000000..60e1db1b2
--- /dev/null
+++ b/en/awesome/tools.md
@@ -0,0 +1,94 @@
+---
+refcn: awesome/tools
+refen: awesome/tools
+---
+
+# Awesome V
+
+# Graphic Client
+
+> V2RayW
+
+Download: [Github](https://github.com/Cenmrev/V2RayW)
+
+> V2RayN
+
+Download: [Github](https://github.com/2dust/v2rayN)
+
+> Clash for Windows
+
+Download: [Github](https://github.com/Fndroid/clash_for_windows_pkg)
+
+> V2RayX
+
+Download: [Github](https://github.com/Cenmrev/V2RayX)
+
+> V2RayU
+
+Download: [Github](https://github.com/yanue/V2rayU)
+
+> ClashX
+
+Download: [Github](https://github.com/yichengchen/clashX)
+
+> Qv2ray
+
+Qv2ray is a cross-platform Qt frontend for V2ray written in C++, with subscription manager, outbound manager, netspeed chart and a easy-to-use route editor.
+
+Project Page: [https://github.com/Qv2ray/Qv2ray](https://github.com/Qv2ray/Qv2ray)
+
+> Mellow
+
+Mellow is a rule-based global transparent proxy client for Windows, macOS and Linux.
+
+Download: [Github](https://github.com/mellow-io/mellow)
+
+> Kitsunebi
+
+Kitsunebi is an iOS app based on V2Ray. It provides full functionality as V2Ray. It also supports importing and exporting V2Ray compatible JSON configuration.
+
+Download: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+> i2Ray
+
+i2Ray is another iOS app based on V2Ray with easy-to-use UI design.
+
+Download: [iTunes](https://itunes.apple.com/us/app/i2ray/id1445270056?mt=8)
+
+> Shadowrocket
+
+Shadowrocket is a generic VPN app. Is supports multiple protocols such as Shadowsocks, VMess, SSR etc.
+
+Download: [iTunes](https://itunes.apple.com/us/app/shadowrocket/id932747118?mt=8)
+
+> Pepi (was ShadowRay)
+
+Pepi is V2Ray compatible app. Is is able create VPN connections based on VMess protocol, and communicate with any V2Ray servers.
+
+Download: [iTunes](https://itunes.apple.com/us/app/pepi/id1283082051?mt=8)
+
+> Quantumult
+
+Download: [iTunes](https://itunes.apple.com/us/app/quantumult/id1252015438?mt=8)
+
+> BifrostV
+
+BifrostV is an Android app based on V2Ray core. It supports VMess, Shadowsocks, socks protocols.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv) | [APK Pure](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+> V2RayNG
+
+V2RayNG is an Android app based on V2Ray. It provides same feature set as V2Ray core.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.v2ray.ang) | [GitHub](https://github.com/2dust/v2rayNG)
+
+## Online services
+
+> [Configuration generator](https://htfy96.github.io/v2ray-config-gen/)
+
+Online configuration generator.
+
+> [UUID Generator](https://www.uuidgenerator.net/)
+
+UUID generator for VMess users.
diff --git a/en/book.json b/en/book.json
index ba98578b1..7a1b93fef 100644
--- a/en/book.json
+++ b/en/book.json
@@ -1,8 +1,34 @@
{
+ "language": "en",
"title": "Project V Official",
"plugins" : [
"-fontsettings",
-
- "anchors"
- ]
+ "-search",
+ "-lunr",
+ "-highlight",
+ "-sharing",
+
+ "mermaid-gb3",
+ "anchors",
+ "ga",
+ "prism",
+ "prism-themes",
+ "hints"
+ ],
+ "pluginsConfig": {
+ "ga": {
+ "token": "UA-73620536-1"
+ },
+ "prism": {
+ "css": [
+ "prism-themes/themes/prism-base16-ateliersulphurpool.light.css"
+ ],
+ "lang": {
+ "objc": "objectivec",
+ "shell": "bash",
+ "text": "textile",
+ "plain": "textile"
+ }
+ }
+ }
}
diff --git a/en/configuration/README.md b/en/configuration/README.md
index a5976fdf2..1563b42cf 100644
--- a/en/configuration/README.md
+++ b/en/configuration/README.md
@@ -1,8 +1,13 @@
+---
+refcn: chapter_02/index
+refen: configuration/index
+---
+
# Configuration
- [](https://www.v2ray.com/chapter_02/)
+V2Ray uses [protobuf](https://developers.google.com/protocol-buffers/)-based configuration. As protobuf format is less readable, V2Ray also supports configuration in JSON. Before V2Ray runs, it automatically converts JSON config into protobuf. That being said, other configuration formats may be introduced in the furture.
-V2Ray uses configuration file in JSON format. If you are familiar with JSON, you may skip this page.
+Here we introduce the JSON-based configuration.
JSON, or [JavaScript Object Notation](https://en.wikipedia.org/wiki/JSON), in short is objects in Javascript. One JSON file contains one and only one JSON object, beginning with "{" and ending with "}".
@@ -20,7 +25,52 @@ A JSON object contains a list of key value pairs. A key is a string, and a value
}
```
-Notice:
+{% hint style='info' %}
+
+V2Ray supports comments in JSON,annotated by "//" or "/\* \*/". In an editor that doesn't support comments, they may get displayed as errors, but comments actually work fine in V2Ray.
+
+{% endhint %}
+
+## JSON Data Types
+
+Here is a brief introduction of JSON data types. They will be referenced in the rest of docs.
+
+> `boolean`: true | false
+
+Boolean value, has to be either `true` or `false`, without quotation mark.
+
+> `number`
+
+Usually non-negative integers, without quotation mark.
+
+> `string`
+
+Sequence of characters, surrounded by quotation mark.
+
+> `array`: []
+
+Array of elements. The type of its elements is usually the same, e.g., `[string]` is an array of `string`s.
+
+> `object`: {}
+
+Object. It comes with a list of key value pairs.
+
+{% hint style='tip' %}
+
+A key value pair usually ends with a comma ",", but must not ends with a comma if it is the last element of the object.
+
+{% endhint %}
+
+## V2Ray Common Data Types
+
+> `map`: object \{string, string\}
+
+An object whose keys and values have fixed types.
+
+> `address`: string
+
+An IP or domain address in string form, such as `"8.8.8.8"` or `"www.v2ray.com"`
+
+> `address_port`: string
-1. A key value pair usually ends with a comma ",", but must not ends with a comma if it is the last element of the object.
-1. V2Ray supports comments in JSON, annotated by "//" or "/\* \*/".
+An `address` with port, such as `"8.8.8.8:53"` or `"www.v2ray.com:80"`. In some usages, the address part can be omitted, like `":443"`.
diff --git a/en/configuration/api.md b/en/configuration/api.md
index 7f2f0664a..112b06bfa 100644
--- a/en/configuration/api.md
+++ b/en/configuration/api.md
@@ -1,28 +1,36 @@
-# API
+---
+refcn: chapter_02/api
+refen: configuration/api
+---
- [](https://www.v2ray.com/chapter_02/api.html)
+# API
V2Ray provides some API for remote access. These APIs are based on [gRPC](https://grpc.io/).
When API is enabled, V2Ray creates an outbound proxy automatically, tagged as `tag`. User must [route](routing.md) all gRPC connections to this outbound.
-Configuration:
+## ApiObject
+
+`ApiObject` is used as `api` field in top level configuration.
```javascript
{
- "tag": "api",
- "services": [
- "HandlerService",
- "LoggerService",
- "StatsService"
- ]
+ "tag": "api",
+ "services": [
+ "HandlerService",
+ "LoggerService",
+ "StatsService"
+ ]
}
```
-Where:
+> `tag`: string
+
+The tag of the outbound proxy.
+
+> `services`: \[ string \]
-* `tag`: The tag of the outbound proxy.
-* `services`: List of enabled APIs.
+List of enabled APIs.
## Supported API list
diff --git a/en/configuration/dns.md b/en/configuration/dns.md
index 0dbefd7cc..9cc27341c 100644
--- a/en/configuration/dns.md
+++ b/en/configuration/dns.md
@@ -1,10 +1,23 @@
-# DNS
+---
+refcn: chapter_02/04_dns
+refen: configuration/dns
+---
- [](https://www.v2ray.com/chapter_02/04_dns.html)
+# DNS
V2Ray has an internal DNS server which provides DNS relay for other components.
-Configuration:
+{% hint style='info' %}
+
+Due to the complexity of DNS protocol, V2Ray for now only supports basic IP queries (A and AAAA). We recommend to use a professional DNS rely (such as [CoreDNS](https://coredns.io/)) for V2Ray.
+
+{% endhint %}
+
+The DNS queries relayed by this DNS service will also be dispatched based on routing settings. No extra configuration is required.
+
+## DnsObject
+
+`DnsObject` is used as `dns` field in top level configuration.
```javascript
{
@@ -12,30 +25,80 @@ Configuration:
"baidu.com": "127.0.0.1"
},
"servers": [
- "8.8.8.8",
- "8.8.4.4",
- "localhost"
- ]
+ {
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ]
+ },
+ "8.8.8.8",
+ "8.8.4.4",
+ "localhost"
+ ],
+ "clientIp": "1.2.3.4",
+ "tag": "dns_inbound"
}
```
-Where:
+> `hosts`: map{string: address}
-* `hosts`: A list of static IP addresses. Each entry has a domain name as key and IP address as value. If a DNS query targets one of the domains in this list, the corresponding IP will be returned immediately and DNS query will not be relayed.
-* `servers`: A list of DNS server addresses. If there are more than one servers, they will be queried from top down. Options for DNS address:
- * `"IP"`: An IP address whose port 53 is open for DNS query.
- * `"localhost"`: A special value that V2Ray will use DNS query from local machine.
+A list of static addresses, in the form of `domain:address`. Each entry has a domain name as key and IP or domain address as value. If a DNS query targets one of the domains in this list, the corresponding IP will be returned immediately and DNS query will not be relayed, or the corresponding domain address will be used for further DNS queries, instead of the previous one.
-To use the internal DNS service, you need to configure `domainStrategy` in [routing](routing.md).
+The format of domains is:
-The DNS queries relayed by this DNS service will also be dispatched based on routing settings. No extra configuration is required.
+* Plaintext: When the targeting domain is exactly the value, the rule takes effect. Example: rule `"v2ray.com"` matches `"v2ray.com"`, but not `"www.v2ray.com"`.
+* Regular expression: Begining with `"regexp:"`, the rest is a regular expression. When the regexp matches targeting domain, this rule takes effect. Example: rule `"regexp:\\.goo.*\\.com$"` matches `"www.google.com"` and `"fonts.googleapis.com"`, but not `"google.com"`.
+* Subdomain (recommended): Begining with `"domain:"` and the rest is a domain. When the targeting domain is exactly the value, or is a subdomain of the value, this rule takes effect. Example: rule `"domain:v2ray.com"` matches `"www.v2ray.com"`, `"v2ray.com"`, but not `"xv2ray.com"`.
+* Keyword: Begining with `"keyword:"` and the rest is a pattern. If this string matches any part of the targeting domain, this rule takes effet. Example: rule `"keyword:sina.com"` matches targeting domain `"sina.com"`, `"sina.com.cn"` and `"www.sina.com"`, but not `"sina.cn"`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](routing.md#pre-defined-domain-lists) for more detail.
+
+> `servers`: \[string | [ServerObject](#serverobject) | "localhost" \]
+
+List of DNS servers. Each server may be specified in three formats: IP address, [ServerObject](#serverobject), or `"localhost"`.
+
+When a server is an IP address, such as `"8.8.8.8"`, V2Ray queries DNS on UDP port 53 on this address.
+
+When a server is `"localhost"`, V2Ray queries local host for DNS.
+
+{% hint style='info' %}
+
+When `"localhost"` is used, out-going DNS traffic is not controlled by V2Ray. However, you may redirect DNS queries back to V2Ray with additional configuration.
-## Query strategy
+{% endhint %}
-DNS service will try to query both A and AAAA record in the same DNS message. As not all DNS servers support such query, V2Ray only sends A and AAAA query to the following DNS servers, and only send A queries to all other servers.
+> `clientIp`: string
-```text
-8.8.8.8
-8.8.4.4
-9.9.9.9
+IP address of current machine. If specified, V2Ray uses this IP as EDNS-Client-Subnet. This IP can't be a private address.
+
+> `tag`: string
+
+(V2Ray 4.13+) All traffic initiated from this DNS, except to localhost, will have this tag as inbound. It can be used for routing.
+
+### ServerObject
+
+```javascript
+{
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ],
+}
```
+
+> `address`: address
+
+Address of the DNS server. For now only UDP servers are supported.
+
+> `port`: number
+
+Port of the DNS server. Usually it is `53` or `5353`.
+
+> `domains`: \[string\]
+
+A list of domains. If the domain of enquire matches one of the list, this DNS server will be prioritized for DNS query for this domain.
+
+Domain name format is the same as in [routing](routing.md).
+
+When a DNS server has the domain in its domain list, the domain will be queried in this server first, and then other servers. Otherwise DNS queries are sent to DNS servers in the order they appear in the config file.
diff --git a/en/configuration/env.md b/en/configuration/env.md
index 8a369d541..73d13d23a 100644
--- a/en/configuration/env.md
+++ b/en/configuration/env.md
@@ -1,28 +1,46 @@
-# Environment Variables
+---
+refcn: chapter_02/env
+refen: configuration/env
+---
- [](https://www.v2ray.com/chapter_02/env.html)
+# Environment Variables
V2Ray reads the following environment variables.
-## Cache size per connection
+## Cache size per connection {#buffer-size}
* Name: `v2ray.ray.buffer.size` or `V2RAY_RAY_BUFFER_SIZE`
* Unit: MBytes
-* Default value: 10
+* Default value: 2 on x86, amd64, arm64 and s390x. This cache is disabled on other platforms.
* Special value: 0 for unlimited cache size
+**Deprecated. Use bufferSize in Policy.**
+
For each connection, when there is a difference in speed between inbound and outbound traffic, V2Ray will cache some data for larger throughput. This setting controls the size of the cache. The larger the cache, the better the performance.
-## Location of V2Ray asset
+## Location of V2Ray asset {#asset}
* Name: `v2ray.location.asset` or `V2RAY_LOCATION_ASSET`
* Default value: Same directory where v2ray is.
This variable specifies a directory where geoip.dat and geosite.dat files are.
-## Location of V2Ray config
+## Location of V2Ray config {#config}
* Name: `v2ray.location.config` or `V2RAY_LOCATION_CONFIG`
* Default value: Same directory where v2ray is.
This variable specifies a directory where config.json is.
+
+## Scatter Reading {#scatter-io}
+
+* Name: `v2ray.buf.readv` or `V2RAY_BUF_READV`
+* Default value: `auto`
+
+V2Ray 3.37 uses Scatter/Gather IO. This feature will use less memory when connection speed is over 100 MByte/s. Possible values are: `auto`, `enable` and `disable`.
+
+* `enable`: Enable scatter reading.
+* `disable`: Disable scatter reading.
+* `auto`: Only enable on Windows, MacOS, Linux when CPU is x86, AMD64 or s390x.
+
+When connection speed is less than 100 MByte/s, no matter whether this is enabled or not, there is no obvious difference in terms of memory usage.
diff --git a/en/configuration/mux.md b/en/configuration/mux.md
index 4575c61f5..f7e9cb4da 100644
--- a/en/configuration/mux.md
+++ b/en/configuration/mux.md
@@ -1,10 +1,15 @@
+---
+refcn: chapter_02/mux
+refen: configuration/mux
+---
+
# Multiplexing
- [](https://www.v2ray.com/chapter_02/mux.html)
+Multiplexing, or Mux, is to use one physical TCP connections for multiple virtual TCP connections.
-Multiplexing, or Mux, is to use one physical TCP connections for multiple virtual TCP connections. See [Mux.Cool](https://www.v2ray.com/eng/protocols/muxcool.html) for more implementation details.
+Mux is designed to reduce TCP handshake latency. It is NOT for high throughput. When used for downloading large files or speed measurement, Mux is usually slower than a normal TCP connection.
-Configuration:
+## MuxObject
```javascript
{
@@ -13,8 +18,10 @@ Configuration:
}
```
-Where:
+> `enabled`: true | false
+
+Whether or not to enable Mux on an outbound.
+
+> `concurrency`: number
-* `enabled`: Whether or not to enable Mux
-* `concurrency`: Max number of virtual connections that one physical connection can handle at a time. Max value `1024`, min value `1`, default `8`.
- * Usually you don't have to configure this value.
+Max number of multiplexed connections that one physical connection can handle at a time. Max value `1024`, min value `1`, default `8`.
diff --git a/en/configuration/overview.md b/en/configuration/overview.md
index d59936d28..3eba8ec47 100644
--- a/en/configuration/overview.md
+++ b/en/configuration/overview.md
@@ -1,9 +1,14 @@
-# Configuration Overview
+---
+refcn: chapter_02/01_overview
+refen: configuration/overview
+---
- [](https://www.v2ray.com/chapter_02/01_overview.html)
+# Configuration Overview
V2Ray shares a same structure of configuration between server side and client side shown as below. Server and client configurations are different in specific sections.
+Below is the top level structure of the configuration. Each section has its own format.
+
```javascript
{
"log": {},
@@ -12,28 +17,49 @@ V2Ray shares a same structure of configuration between server side and client si
"stats": {},
"routing": {},
"policy": {},
- "inbound": {},
- "outbound": {},
- "inboundDetour": [],
- "outboundDetour": [],
+ "inbounds": [],
+ "outbounds": [],
"transport": {}
}
```
-Where:
+> `log`: [LogObject](#logobject)
+
+Log configuration to control log outputs.
+
+> `api`: [ApiObject](api.md)
+
+RPC API to control the V2Ray instance. See [API configuration](api.md) for details.
+
+> `dns`: [DnsObject](dns.md)
+
+Configuration for internal DNS server's configurations. If this section is omitted, V2Ray will use your system-wide DNS configuration. For details, see [DNS Configurations](dns.md).
-* `log`: log configuration;
-* `api`: API configuration;
-* `dns`: DNS configuration;
-* `stats`: When specified, internal [Statistics](stats.md) is enabled;
-* `routing`: [Routing configuration](routing.md);
-* `inbound`: master inbound interface configuration;
-* `outbound`: master outbound interface configuration;
-* `inboundDetour`: extra inbound interfaces configurations;
-* `outboundDetour`: extra outbound interfaces configurations;
-* `transport`: low-level transport protocol's configurations.
+> `stats`: [StatsObject](stats.md)
-## Log configuration(log)
+When specified, internal [Statistics](stats.md) is enabled.
+
+> `policy`: [PolicyObject](policy.md)
+
+Configurations for permissions and other security strategies. For details, see [Local Policy](policy.md).
+
+> `routing`: [RoutingObject](routing.md)
+
+Configuration for internal [Routing](routing.md) strategy.
+
+> `inbounds`: \[ [InboundObject](#inboundobject) \]
+
+An array of [InboundObject](#inboundobject) as configuration for inbound proxies.
+
+> `outbounds`: \[ [OutboundObject](#outboundobject) \]
+
+An array of [OutboundObject](#outboundobject) as configuration for outbound proxies. The first outbound in the array is the main one. It is the default outbound in routing decision.
+
+> `transport`: [TransportObject](transport.md)
+
+Low-level transport protocol's configurations. For details, see [Protocol Transport Options](transport.md).
+
+## LogObject
```javascript
{
@@ -43,34 +69,29 @@ Where:
}
```
-Where:
+> `access`: string
-* `access`: Path of access log, available examples are:
- * A legal path of file, such as `"/tmp/v2ray/_access.log"`(Linux), or `"C:\\Temp\\v2ray\\_access.log"`(Windows);
- * Leave it empty to discard logs, and content will send out through `stdout`.
-* `error`: Path of error log, available examples are:
- * A legal path of file, such as `"/tmp/v2ray/_error.log"`(Linux), or `"C:\\Temp\\v2ray\\_error.log"`(Windows);
- * Leave it empty to discard logs, and content will send out through `stdout`.
-* `loglevel`: Level of log files, available values are`"debug"`、`"info"`、`"warning"`、`"error"`, and`"none"`;
- * Among all of these levels, `"debug"` leaves the most log, `"error"` leaves the least log.
- * `"none"` would discard all error logs.
- * Default value is `"warning"` if you leave it empty.
+Path to access log. If not empty, it must be a legal file path, such as `"/tmp/v2ray/_access.log"`(Linux), or `"C:\\Temp\\v2ray\\_access.log"`(Windows). If empty, V2Ray writes access log to `stdout`.
-## API Configuration
+> `error`: string
-RPC API to control the V2Ray instance. See [API configuration](api.md) for details.
+Path to error log. If not empty, it must be a legal file path. If empty, V2Ray writes error log to `stdout`.
-## DNS Configurations (dns)
+> `loglevel`: "debug" | "info" | "warning" | "error" | "none"
-Internal DNS server's configurations, if this section is omitted or empty, V2Ray will use your system-wide DNS configuration. For details, see [DNS Configurations](04_dns.md)
+Level of logs to be written. Different log levels indicate different content of logs. Default value is `"warning"`.
-## Local Policy {#policy}
+Log levels:
-Configurations for permissions and other security strategies. For details, see [Local Policy](policy.md).
+* `"debug"`: Information for developers only. Also includes all `"info"` logs.
+* `"info"`: Information for current state of V2Ray. Users don't have to take care of those. Also includes all `"warning"` logs.
+* `"warning"`: Something wrong with the environment, usually outside of V2Ray, e.g., network breakage. V2Ray still runs, but users may experience some breakages. Also includes all `"error"` logs.
+* `"error"`: Something severely wrong, that V2Ray can't run at all.
+* `"none"`: All logging are disabled.
-## Master Inbound Interface Configurations (inbound)
+## InboundObject
-Master inbound interface is used to receive data from clients, browsers, or other parent proxy servers, available protocols are listed at [Protocols](02_protocols.md).
+An InboundObject defines an inbound proxy. It handles incoming connections to V2Ray. Available proxies are [listed here](protocols.md).
```javascript
{
@@ -80,98 +101,105 @@ Master inbound interface is used to receive data from clients, browsers, or othe
"settings": {},
"streamSettings": {},
"tag": "inbound_tag_name",
- "domainOverride": ["http", "tls"]
+ "sniffing": {
+ "enabled": false,
+ "destOverride": ["http", "tls"]
+ },
+ "allocate": {
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+ },
}
```
-Where:
+> `port`: number | "env:variable" | string
+
+Port that the proxy is listening on. Acceptable formats are:
+
+* Integer: actual port number.
+* Environment variable: Beginning with `"env:"`, an env variable specifies the port in string format, such as `"env:PORT"`. V2Ray will decode the variable as string.
+* String: A numberic string value, such as `"1234"`, or a range of ports, such as `"5-10"` for 6 ports in total.
+
+The actual ports to open also depend on `allocate` setting. See below.
+
+> `listen`: address
+
+The address to be listened on. Default value is `"0.0.0.0"` for incoming connections on all network interfaces. Otherwise the value has to be the address of an existing network interface.
-* `port`: listening port.
-* `listen`: listening IP address, default value is `"0.0.0.0"`.
-* `protocol`: protocol name, all available values are listed at [Protocols](02_protocols.md).
-* `settings`: Protocol-specific settings, details are at protocols' detail pages.
-* `streamSettings`: see [Protocol Transport Options](05_transport.md).
-* `tag`: This inbound interface's tag, which should be unique among all inbound/outbound interfaces.
-* `domainOverride`: recognize specific protocols' packets and redirects its request targets.
- * Accepts an array of strings, default value is empty.
- * Available values are `"http"` and `"tls"`.
+> `protocol`: string
-## Master Outbound Interface Configurations (outbound)
+Name of the inbound protocol. See each individual for available values.
-Master outbound interface is used to send data to remote servers or next proxy server. Available protocols are listed at [Protocols](02_protocols.md).
+> `settings`: InboundConfigurationObject
+
+Protocol-specific settings. See `InboundConfigurationObject` defined in each protocol.
+
+> `streamSettings`: [StreamSettingsObject]
+
+See [Protocol Transport Options](transport.md) for detail.
+
+> `tag`: string
+
+The tag of the inbound proxy. It can be used for routing decisions. If not empty, it must be unique among all inbound proxies.
+
+> `sniffing`: [SniffingObject](#sniffingobject)
+
+Configuration for content sniffing.
+
+> `allocate`: [AllocateObject](#allocateobject)
+
+Configuration for port allocation.
+
+### SniffingObject
```javascript
{
- "sendThrough": "0.0.0.0",
- "protocol": "protocol_name",
- "settings": {},
- "tag": "this_outbound_tag_name",
- "streamSettings": {},
- "proxySettings": {
- "tag": "another_outbound_tag_name"
- },
- "mux": {}
+ "enabled": false,
+ "destOverride": ["http", "tls"]
}
```
-Where:
+> `enabled`: true | false
+
+Whether or not to enable content sniffing.
-* `sendThrough`: The network interface (IP) to send data, available when multiple IPs shown, default value is `"0.0.0.0"`.
-* `protocol`: protocol name, all available values are listed at [Protocols](02_protocols.md).
-* `settings`: Protocol-specific settings, details are at protocols' detail pages.
-* `tag`: This outbound interface's tag, which should be unique among all inbound/outbound interfaces.
-* `streamSettings`: see [Protocol Transport Options](05_transport.md).
-* `proxySettings`: Proxy for outbound connections. When this is set, `streamSettings` of this outbound will be omitted and disabled.
- * `tag`: When another outbound tag is specified, the data would be send via to the specified outbound.
-* `mux`: [Mux Configurations](mux.md).
+> `destOverride`: \["http" | "tls"\]
-## Extra Inbound Interfaces Configurations (inbound detour)
+An array of content type. If the content type of incoming traffic is specified in the list, the destination of the connection will be overwritten by sniffed value.
-This section is an array contains multiple extra inbound interfaces' configurations, each are using the structure like below:
+### AllocateObject
```javascript
{
- "protocol": "protocol_name",
- "port": "port_number",
- "tag": "this_inbound_tag_name",
- "listen": "127.0.0.1",
- "allocate": {
- "strategy": "always",
- "refresh": 5,
- "concurrency": 3
- },
- "settings": {},
- "streamSettings": {},
- "domainOverride": ["http", "tls"]
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
}
```
-Where:
+> `strategy`: "always" | "random"
+
+Strategy of port allocation. When it is set to `"always"`, all port in the `port` field will be allocated for listening. If `"random"` is set, V2Ray will listen on number of `concurrency` ports, and the list of ports are refereshed every `refresh` minutes.
+
+> `refresh`: number
+
+Number of minutes to refresh the ports of listening. Min value is `2`. This setting is only effective when `strategy` is set to `"random"`.
+
+> `concurrency`: number
-* `protocol`: protocol name, all available values are listed at [Protocols](02_protocols.md).
-* `port`: port number, could be a single number or range specified by a string, for example:`"5-10"` stands for port number 5 to 10.
-* `tag`: This inbound interface's tag, which should be unique among all inbound/outbound interfaces.
-* `listen`: listening IP address, default value is `"0.0.0.0"`.
-* `allocate`: Allocation options:
- * `strategy`: Allocation strategies, available values are `"always"` and `"random"`. For `"always"` option, all ports will be listening specified by `"port"` settings; for `"random"`, every certain minutes would choose certain ports among the port ranges, configured by `"refresh"`, `"port"`, and `"concurrency"`.
- * `refresh`: The interval refreshing random ports, with unit of minutes. Minimum value is `2`, recommended value is `5`. This setting will only take effect when `strategy = random`.
- * `concurrency`: Number of random ports. Minimum value is `1`, maximum value is a half of ports' range. Recommended value is `3`.
-* `settings`: Protocol-specific settings, details are at protocols' detail pages.
-* `streamSettings`: see [Protocol Transport Options](05_transport.md).
-* `domainOverride`: recognize specific protocols' packets and redirects its request targets.
- * Accepts an array of strings, default value is empty.
- * Available values are `"http"` and `"tls"`.
+Number of ports to listen. Min value is `1`. Max value is one third of entire port range.
-### Extra Outbound Interfaces Configurations (outbound detour)
+## OutboundObject
-This section is an array contains multiple extra outbound interfaces' configurations, each are using the structure like below:
+An OutboundObject defines an outbound proxy for handling out-going connections. Available protocols are listed [here](protocols.md).
```javascript
{
- "protocol": "protocol_name",
"sendThrough": "0.0.0.0",
- "tag": "this_outbound_tag_name",
+ "protocol": "protocol_name",
"settings": {},
+ "tag": "this_outbound_tag_name",
"streamSettings": {},
"proxySettings": {
"tag": "another_outbound_tag_name"
@@ -180,17 +208,42 @@ This section is an array contains multiple extra outbound interfaces' configurat
}
```
-Where:
+> `sendThrough`: address
+
+An IP address for sending traffic out. The default value, `"0.0.0.0"` is for randomly choosing an IP available on the host. Otherwise the value has to be an IP address from existing network interfaces.
+
+> `protocol`: string
+
+The protocol name of this outbound. See [Protocols](protocols.md) for all available values.
+
+> `settings`: OutboundConfigurationObject
+
+Protocol-specific settings. See `OutboundConfigurationObject` in each individual protocols.
+
+> `tag`: string
+
+The tag of this outbound. If not empty, it must be unique among all outbounds.
-* `protocol`: protocol name, all available values are listed at [Protocols](02_protocols.md).
-* `sendThrough`: The network interface (IP) to send data, available when multiple IPs shown, default value is `"0.0.0.0"`.
-* `tag`: Outbound tag name of the current interface, data would be sent via this interface if this outbound is selected in routing configurations or other outbound's `proxySettings`.
-* `settings`: Protocol-specific settings, details are at protocols' detail pages.
-* `streamSettings`: For details, see [Protocol Transport Options](05_transport.md).
-* `proxySettings`: Proxy for outbound connections. When this is set, `streamSettings` of this outbound will be omitted and disabled.
- * `tag`: When another outbound tag is specified, the data would be send via to the specified outbound.
-* `mux`: [Mux Configurations](mux.md).
+> `streamSettings`: [StreamSettingsObject](transport.md)
+
+Low-level transport settings. See [Protocol Transport Options](transport.md).
+
+> `proxySettings`: [ProxySettingsObject](#proxysettingsobject)
+
+Configuration for delegating traffic from this outbound to another. When this is set, `streamSettings` of this outbound will has no effect.
+
+> `mux`: [MuxObject](mux.md)
+
+See [Mux](mux.md) configuration for detail.
+
+### ProxySettingsObject
+
+```javascript
+{
+ "tag": "another-outbound-tag"
+}
+```
-## Protocol Transport Options (transport)
+> `tag`: string
-Help configure how V2Ray would connect with other servers and how using network connections. For details, see [Protocol Transport Options](05_transport.md).
+When `tag` is set to the tag of another outbound, the out-going traffic of current outbound will be delegated to the specified one.
diff --git a/en/configuration/policy.md b/en/configuration/policy.md
index cf1fd9a93..24f97b478 100644
--- a/en/configuration/policy.md
+++ b/en/configuration/policy.md
@@ -1,50 +1,127 @@
+---
+refcn: chapter_02/policy
+refen: configuration/policy
+---
+
# Local Policy
-Local policy is added in V2Ray 3.1.
+Local policy manages policy settings of current V2Ray instance, such as connection timeouts. The policys can be applied to each user level, or the whole system.
-Local policy manages settings of current V2Ray instance, such as connection timeouts. The policys can be applied to each user level, or the whole system.
+## PolicyObject
-Configuration:
+`PolicyObject` is used as `policy` field in top level configuration.
```javascript
{
- "levels": {
- "0": {
- "handshake": 4,
- "connIdle": 300,
- "uplinkOnly": 2,
- "downlinkOnly": 5,
- "statsUserUplink": false,
- "statsUserDownlink": false
- }
- },
- "system": {
- "statsInboundUplink": false,
- "statsInboundDownlink": false
+ "levels": {
+ "0": {
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false
}
+ },
+ "system": {
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+ }
}
```
-Where:
+> `level`: map{string: [LevelPolicyObject](#levelpolicyobject)}
+
+A list of key value pairs. Each key is a string of integer (restricted by JSON), such as `"0"`, `"1"`, etc. The numeric value is for a certain user level.
+
+{% hint style='info' %}
+
+User level can be set on each inbound and outbound proxy. V2Ray will apply different policies based on user level.
+
+{% endhint %}
+
+> `system`: [SystemPolicyObject](#systempolicyobject)
+
+System-wide policy
+
+### LevelPolicyObject
+
+```javascript
+{
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false,
+ "bufferSize": 10240
+}
+```
+
+> `handshake`: number
+
+Timeout for establishing a connection, in seconds. Default value `4`. At the handshake stage of an inbound proxy dealing with a new connection, say VMess reading request header, if it takes longer than `handshake` time, V2Ray aborts the connection.
+
+> `connIdle`: number
+
+Timeout for idle connections, in seconds. Default value `300`. If there is no data passed through the connection in `connIdle` time, V2Ray aborts the conneciton.
+
+> `uplinkOnly`: number
+
+Time for keeping connections open after the uplink of the connection is closed, in seconds. Default value `2`. After remote (server) closes the downlink of the connection, V2Ray aborts the connection after `uplinkOnly` times.
+
+> `downlinkOnly`: number
+
+Time for keeping connections open after the downlink of the connection is closed, in seconds. Default value `5`. After client (browser) closes the uplink of the connection, V2Ray aborts the connection after `downlinkOnly` time.
-* `level`: A list of key value pairs. Each key is a string of integer (restricted by JSON), such as `"0"`, `"1"`, etc. The numeric value is for a certain user level. Each value has the following attributes:
- * `handshake`: Timeout for establishing a connection, in seconds. Default value `4`.
- * `connIdle`: Timeout for idle connections, in seconds. Default value `300`.
- * `uplinkOnly`: Time for keeping connections open after the uplink of the connection is closed, in seconds. Default value `2`.
- * `downlinkOnly`: Time for keeping connections open after the downlink of the connection is closed, in seconds. Default value `5`.
- * `statsUserUplink`: When set to `true`, V2Ray enables stat counter to uplink traffic for all users in this level.
- * `statsUserDownlink`: When set to `true`, V2Ray enables stat counter to downlink traffic for all users in this level.
-* `system` (V2Ray 3.18+): System policy for V2Ray
- * `statsInboundUplink` (V2Ray 3.18+): When set to `true`, V2Ray enables stat counter for all uplink traffic in all inbound proxies.
- * `statsInboundDownlink` (V2Ray 3.18+): When set to `true`, V2Ray enables stat counter for all downlink traffic in all inbound proxies.
+{% hint style='tip' %}
+
+In a simple webpage browser scenario, it is safe to set `uplinkOnly` and `downlinkOnly` both to `0`, for better performance.
+
+{% endhint %}
+
+> `statsUserUplink`: true | false
+
+When set to `true`, V2Ray enables stat counter to uplink traffic for all users in this level.
+
+> `statsUserDownlink`: true | false
+
+When set to `true`, V2Ray enables stat counter to downlink traffic for all users in this level.
+
+> `bufferSize`: number
+
+Size of internal buffer per connection, in kilo-bytes. Default value is `10240`. When it is set to `0`, the internal buffer is disabled.
+
+Default value (V2Ray 4.4+):
+
+* `0` on ARM, MIPS and MIPSLE.
+* `4` on ARM64, MIPS64 and MIPS64LE.
+* `512` on other platforms.
+
+Default value (V2Ray 4.3-):
+
+* `16` on ARM, ARM64, MIPS, MIPS64, MIPSLE and MIPS64LE.
+* `2048` on other platforms.
+
+{% hint style='info' %}
+
+`bufferSize` overrides `v2ray.ray.buffer.size` settings in [env variables](env.md#cache-size-per-connection).
+
+{% endhint %}
+
+### SystemPolicyObject
+
+```javascript
+{
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+}
+```
-Some details when V2Ray handles connections:
+> `statsInboundUplink`: true | false
-1. At the handshake stage of an inbound proxy dealing with a new connection, say VMess reading request header, if it takes longer than `handshake` time, V2Ray aborts the connection.
-1. If there is no data passed through the connection in `connIdle` time, V2Ray aborts the conneciton.
-1. After client (browser) closes the uplink of the connection, V2Ray aborts the connection after `downlinkOnly` time.
-1. After remote (server) closes the downlink of the connection, V2Ray aborts the connection after `uplinkOnly` times.
+When set to `true`, V2Ray enables stat counter for all uplink traffic in all inbound proxies.
-## Tips
+> `statsInboundDownlink`: true | false
-* Each inbound and outbound connection can apply a user level. V2Ray applies corresponding policy based on user level.
+When set to `true`, V2Ray enables stat counter for all downlink traffic in all inbound proxies.
diff --git a/en/configuration/protocols.md b/en/configuration/protocols.md
index 6b3f1cfe9..92309375b 100644
--- a/en/configuration/protocols.md
+++ b/en/configuration/protocols.md
@@ -1,13 +1,17 @@
-# Protocols
+---
+refcn: chapter_02/02_protocols
+refen: configuration/protocols
+---
- [](https://www.v2ray.com/chapter_02/02_protocols.html)
+# Protocols
-V2Ray supports the following protocols:
+V2Ray supports the following protocols. Each protocol may be an inbound protocol, or an outbound protocol, or both.
* [Blackhole](protocols/blackhole.md)
* [Dokodemo-door](protocols/dokodemo.md)
* [Freedom](protocols/freedom.md)
* [HTTP](protocols/http.md)
+* [MTProto](protocols/mtproto.md)
* [Shadowsocks](protocols/shadowsocks.md)
* [Socks](protocols/socks.md)
* [VMess](protocols/vmess.md)
diff --git a/en/configuration/protocols/blackhole.md b/en/configuration/protocols/blackhole.md
index de86bcdbf..5d1328713 100644
--- a/en/configuration/protocols/blackhole.md
+++ b/en/configuration/protocols/blackhole.md
@@ -1,12 +1,16 @@
+---
+refcn: chapter_02/protocols/blackhole
+refen: configuration/protocols/blackhole
+---
+
# Blackhole
- [](https://www.v2ray.com/chapter_02/protocols/blackhole.html)
+* Name: `blackhole`
+* Type: Outbound
-Blackhole is a protocol for outbound connections. It blocks all connections with pre-defined responses. Combined with [Routing](../03_routing.md), this can be used for blocking access to some websites.
+Blackhole is a protocol for outbound connections. It blocks all connections with pre-defined responses. Combined with [Routing](../routing.md), this can be used for blocking access to some websites.
-* Name: blackhole
-* Type: Outbound
-* Configuration:
+## ConfigurationObject
```javascript
{
@@ -16,9 +20,21 @@ Blackhole is a protocol for outbound connections. It blocks all connections with
}
```
-Where:
+> `response`: [ResponseObject](#responseobject)
+
+Pre-defined response. Blockhole will send (if any) pre-defined data immediately for any connection passed to it and close the connection.
+
+### ResponseObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none" | "http"
+
+Type of the response, available options are:
-* `response`: Pre-defined response. Blockhole will send (if any) pre-defined data immediately for any connection passed to it and close the connection.
- * `type`: Type of the response, available options are:
- * `"none"`: Default value. Empty response.
- * `"http"`: A valid HTTP 403 response.
+* `"none"`: Default value. Empty response.
+* `"http"`: A valid HTTP 403 response.
diff --git a/en/configuration/protocols/dns.md b/en/configuration/protocols/dns.md
new file mode 100644
index 000000000..c67e504e5
--- /dev/null
+++ b/en/configuration/protocols/dns.md
@@ -0,0 +1,37 @@
+---
+refcn: chapter_02/protocols/dns
+refen: configuration/protocols/dns
+---
+
+# DNS
+
+* Name: `dns`
+* Type: Outbound
+
+DNS is an outbound proxy. It is mainly used for intercept and proxy DNS queries and responses. This outbound proxy can only accept DNS traffic, including both TCP and UDP based DNS queries. Other type of traffic will result in errors.
+
+When proxying DNS queries, DNS outbound will redirect IP queries (A and AAAA) to [internal DNS server](../dns.md). It will send other type of queries directly to its original destination.
+
+DNS outbound proxy is introduced in V2Ray 4.15.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "network": "tcp",
+ "address": "1.1.1.1",
+ "port": 53
+}
+```
+
+> `network`: "tcp" | "udp"
+
+(V2Ray 4.16+) Modify the transport protocol of the DNS traffic. The value may be either `"tcp"` or `"udp"`. If it is not specified, the original protocol remains unchanged.
+
+> `address`: address
+
+(V2Ray 4.16+) Modify the DNS server address in the request. If it is not specified, the original DNS server address remain unchanged.
+
+> `port`: number
+
+(V2Ray 4.16+) Modify the DNS server port in the request. If it is not specified, the original DNS server port remain unchanged.
diff --git a/en/configuration/protocols/dokodemo.md b/en/configuration/protocols/dokodemo.md
index 61eb4c25e..501c2d0d5 100644
--- a/en/configuration/protocols/dokodemo.md
+++ b/en/configuration/protocols/dokodemo.md
@@ -1,14 +1,18 @@
+---
+refcn: chapter_02/protocols/dokodemo
+refen: configuration/protocols/dokodemo
+---
+
# Dokodemo-door
- [](https://www.v2ray.com/chapter_02/protocols/dokodemo.html)
+* Name: `dokodemo-door`
+* Type: Inbound
-Dokodemo door is a protocol for inbound connections. It take any connections and passes them to the specified destination.
+Dokodemo-door is a protocol for inbound connections. It take any connections and passes them to the specified destination.
-Dokodemo door can also (if configured) work as a transparent proxy.
+Dokodemo-door can also (if configured) work as a transparent proxy.
-* Name: dokodemo-door
-* Type: Inbound
-* Configuration:
+## ConfigurationObject
```javascript
{
@@ -20,17 +24,25 @@ Dokodemo door can also (if configured) work as a transparent proxy.
}
```
-Where:
+> `address`: address
+
+Address of the destination server. May be an IPv4, IPv6 or a domain, in string form. When `followRedirect` (see below) is `true`, `address` can be empty.
+
+> `port`: number
+
+Port of the destination server.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+Type of acceptable network. If `"tcp"` is specified, all UDP traffic sent to this dokodemo-door will be discarded.
+
+> `followRedirect`: true | false
+
+When set to `true`, dokodemo-door will recognize destination from TProxy and use it as its destination. See `TProxy` in [transport](../transport.md) for detail.
+
+> `userLevel`: number
-* `address`: Address of the destination server. May be an IPv4, IPv6 or a domain, in string form.
- * when `followRedirect` (see below) is `true`, `address` can be empty.
-* `port`: Port of the destination server. Integer.
-* `network`: Type of network, either "tcp" or "udp".
-* `followRedirect`: When set to `true`, dokodemo-door will recognize destination from TProxy and use it as its destination.
- * Only works on Linux
- * Supports TCP/IPv4 connections
- * Supports UDP/IPv4 packets. Requires root (CAP\_NET\_ADMIN) permission
-* `userLevel`: User level. All connections share this level. See [Policy](../policy.md) for details.
+User level. All connections share this level. See [Policy](../policy.md) for details.
## Examples for transparent proxy
@@ -46,38 +58,38 @@ Add a dokodemo-door inbound as below.
Configure iptables as below.
-```plain
+```bash
# Create new chain
-root@Wrt:~# iptables -t nat -N V2RAY
-root@Wrt:~# iptables -t mangle -N V2RAY
-root@Wrt:~# iptables -t mangle -N V2RAY_MARK
+iptables -t nat -N V2RAY
+iptables -t mangle -N V2RAY
+iptables -t mangle -N V2RAY_MARK
# Ignore your V2Ray server's addresses
# It's very IMPORTANT, just be careful.
-root@Wrt:~# iptables -t nat -A V2RAY -d 123.123.123.123 -j RETURN
+iptables -t nat -A V2RAY -d 123.123.123.123 -j RETURN
# Ignore LANs and any other addresses you'd like to bypass the proxy
# See Wikipedia and RFC5735 for full list of reserved networks.
-root@Wrt:~# iptables -t nat -A V2RAY -d 0.0.0.0/8 -j RETURN
-root@Wrt:~# iptables -t nat -A V2RAY -d 10.0.0.0/8 -j RETURN
-root@Wrt:~# iptables -t nat -A V2RAY -d 127.0.0.0/8 -j RETURN
-root@Wrt:~# iptables -t nat -A V2RAY -d 169.254.0.0/16 -j RETURN
-root@Wrt:~# iptables -t nat -A V2RAY -d 172.16.0.0/12 -j RETURN
-root@Wrt:~# iptables -t nat -A V2RAY -d 192.168.0.0/16 -j RETURN
-root@Wrt:~# iptables -t nat -A V2RAY -d 224.0.0.0/4 -j RETURN
-root@Wrt:~# iptables -t nat -A V2RAY -d 240.0.0.0/4 -j RETURN
+iptables -t nat -A V2RAY -d 0.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 10.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 127.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 169.254.0.0/16 -j RETURN
+iptables -t nat -A V2RAY -d 172.16.0.0/12 -j RETURN
+iptables -t nat -A V2RAY -d 192.168.0.0/16 -j RETURN
+iptables -t nat -A V2RAY -d 224.0.0.0/4 -j RETURN
+iptables -t nat -A V2RAY -d 240.0.0.0/4 -j RETURN
# Anything else should be redirected to Dokodemo-door's local port
-root@Wrt:~# iptables -t nat -A V2RAY -p tcp -j REDIRECT --to-ports 12345
+iptables -t nat -A V2RAY -p tcp -j REDIRECT --to-ports 12345
# Add any UDP rules
-root@Wrt:~# ip route add local default dev lo table 100
-root@Wrt:~# ip rule add fwmark 1 lookup 100
-root@Wrt:~# iptables -t mangle -A V2RAY -p udp --dport 53 -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
-root@Wrt:~# iptables -t mangle -A V2RAY_MARK -p udp --dport 53 -j MARK --set-mark 1
+ip route add local default dev lo table 100
+ip rule add fwmark 1 lookup 100
+iptables -t mangle -A V2RAY -p udp --dport 53 -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
+iptables -t mangle -A V2RAY_MARK -p udp --dport 53 -j MARK --set-mark 1
# Apply the rules
-root@Wrt:~# iptables -t nat -A OUTPUT -p tcp -j V2RAY
-root@Wrt:~# iptables -t mangle -A PREROUTING -j V2RAY
-root@Wrt:~# iptables -t mangle -A OUTPUT -j V2RAY_MARK
+iptables -t nat -A OUTPUT -p tcp -j V2RAY
+iptables -t mangle -A PREROUTING -j V2RAY
+iptables -t mangle -A OUTPUT -j V2RAY_MARK
```
diff --git a/en/configuration/protocols/freedom.md b/en/configuration/protocols/freedom.md
index 70eb33132..60e1a124a 100644
--- a/en/configuration/protocols/freedom.md
+++ b/en/configuration/protocols/freedom.md
@@ -1,12 +1,16 @@
+---
+refcn: chapter_02/protocols/freedom
+refen: configuration/protocols/freedom
+---
+
# Freedom
- [](https://www.v2ray.com/chapter_02/protocols/freedom.html)
+* Name: `freedom`
+* Type: Outbound
-Freedom is a protocol for outbound connections. It passes all TCP or UDP connection to their destinations.
+Freedom is a protocol for outbound connections. It passes all TCP or UDP connection to their destinations. This outbound is used when you want to send traffic to its real destination.
-* Name: freedom
-* Type: Outbound
-* Configuration:
+## ConfigurationObject
```javascript
{
@@ -16,10 +20,26 @@ Freedom is a protocol for outbound connections. It passes all TCP or UDP connect
}
```
-Where:
+> `domainStrategy`: "AsIs" | "UseIP"
+
+Strategy for domain name resolution. Options are:
+
+* `"AsIs"`: Default value. Resolve domain name by system.
+* `"UseIP"`: Use [internal DNS](../dns.md) for domain name resolution.
+* `"UseIPv4"`: Use IPv4 address only, after resolved by internal DNS.
+* `"UseIPv6"`: Use IPv6 address only, after resolved by internal DNS.
+
+(V2Ray 4.6+) In `UseIP` mode, when `sendThrough` is specified in [OutboundObject](../overview.md#outboundobject), Freedom will automatically choose between IPv4 and IPv6 address for destination based on `sendThrough` settings.
+
+(V2Ray 4.7+) If `sendThrough` address conflicts with `"UseIPv4"` or `"UseIPv6"`, Freedom will fail to dial out-going connections.
+
+> `redirect`: address_port
+
+Redirect all connections to this address, in form like `"127.0.0.1:80"` or `":1234"`.
+
+* When address is empty, e.g. `":443"`, Freedom will use the original destination address.
+* When port is `0`, e.g. `"v2ray.com:0"`, Freedom will use the original port.
+
+> `userLevel`: number
-* `domainStrategy`: Strategy for domain name resolution. Options are:
- * `"AsIs"`: Default. Resolve domain name by system.
- * `"UseIP"`: Use [internal DNS](../04_dns.md) for domain name resolution.
-* `redirect`: Redirect all connections to this address, in form like `"127.0.0.1:80"` or `":1234"`.
-* `userLevel`: User level. All connections share this level.
+User level. All connections share this level.
diff --git a/en/configuration/protocols/http.md b/en/configuration/protocols/http.md
index 92a70c139..cc5ac3859 100644
--- a/en/configuration/protocols/http.md
+++ b/en/configuration/protocols/http.md
@@ -1,12 +1,16 @@
+---
+refcn: chapter_02/protocols/http
+refen: configuration/protocols/http
+---
+
# HTTP
- [](https://www.v2ray.com/chapter_02/protocols/http.html)
+* Name: `http`
+* Type: Inbound
-HTTP is a protocols for inbound connections. It is compatible with HTTP 1.1.
+HTTP is a protocol for inbound connections. It is compatible with HTTP/1.1.
-* Name: http
-* Type: Inbound
-* Configuration:
+## InboundConfigurationObject
```javascript
{
@@ -21,16 +25,40 @@ HTTP is a protocols for inbound connections. It is compatible with HTTP 1.1.
}
```
-Where:
+> `accounts`: \[[AccountObject](#accountobject)\]
+
+An array in which each entry is an account. It is empty by default. If not empty, HTTP Basic Authentication is required for incoming requests.
+
+> `allowTransparent`: true | false
+
+If set to `true`, all HTTP request sent to this inbound will be proxied, including non-proxy request.
+
+> `userLevel`: number
+
+User level. All connections share this level.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `user`: string
+
+Username for HTTP authentication.
-* `accounts`: An array in which each entry is an account. Username of the account is specified by `user`, and password specified by `pass`. Default empty.
- * If `accounts` is not empty, HTTP uses Basic Authentication for user verification.
-* `allowTransparent`: If set to `true`, all HTTP request sent to this inbound will be proxied, including non-proxy request.
-* `userLevel`: User level. All connections share this level.
+> `pass`: string
-## Tips
+password for HTTP authentication.
+
+{% hint style='info' %}
Use the following settings in Linux to use HTTP proxy in current session.
* `export http_proxy=http://127.0.0.1:8080/` (URL has to change according to your config)
* `export https_proxy=$http_proxy`
+
+{% endhint %}
\ No newline at end of file
diff --git a/en/configuration/protocols/mtproto.md b/en/configuration/protocols/mtproto.md
new file mode 100644
index 000000000..bbcb9e0e5
--- /dev/null
+++ b/en/configuration/protocols/mtproto.md
@@ -0,0 +1,103 @@
+---
+refcn: chapter_02/protocols/mtproto
+refen: configuration/protocols/mtproto
+---
+
+# MTProto
+
+* Name: `mtproto`
+* Type: Inbound / Outbound
+
+MTProto proxy is a special procol for Telegram. It consists of a pair of inbound and outboud proxies in V2Ray. They are usually used together for building a proxy for Telegram
+
+For now V2Ray only supports IPv4 address of Telegram server.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "users": [{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+ }]
+}
+```
+
+> `users`: \[[UserObject](#userobject)\]
+
+An array of users. For now only the first user is effective.
+
+### UserObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+}
+```
+
+> `email`: string
+
+User email. Used for tracking purposes. See [Stats](../stats.md).
+
+> `level`: number
+
+User level.
+
+> `secret`: string
+
+User secret. In Telegram, user secret must be 32 characters long, and only contains characters between `0` to `9`, and `a`to `f`.
+
+{% hint style='tip' %}
+
+You may use the following command to generate MTProto secret: `openssl rand -hex 16`
+
+{% endhint %}
+
+## Outbound configuration {#outbound}
+
+```javascript
+{
+}
+```
+
+## Sample {#sample}
+
+MTProto can only be used for Telegram traffic. You may need a routing rule to combine the corresponding inbound and outbound. Here is an incomplete sample.
+
+Inbound:
+
+```javascript
+{
+ "tag": "tg-in",
+ "port": 443,
+ "protocol": "mtproto",
+ "settings": {
+ "users": [{"secret": "b0cbcef5a486d9636472ac27f8e11a9d"}]
+ }
+}
+```
+
+Outbound:
+
+```javascript
+{
+ "tag": "tg-out",
+ "protocol": "mtproto",
+ "settings": {}
+}
+```
+
+Routing:
+
+```javascript
+{
+ "type": "field",
+ "inboundTag": ["tg-in"],
+ "outboundTag": "tg-out"
+}
+```
+
+The configure your Telegram app to connect to 443 port on this machine.
diff --git a/en/configuration/protocols/shadowsocks.md b/en/configuration/protocols/shadowsocks.md
index 7560592cd..c98a88703 100644
--- a/en/configuration/protocols/shadowsocks.md
+++ b/en/configuration/protocols/shadowsocks.md
@@ -1,6 +1,12 @@
+---
+refcn: chapter_02/protocols/shadowsocks
+refen: configuration/protocols/shadowsocks
+---
+
# Shadowsocks
- [](https://www.v2ray.com/chapter_02/protocols/shadowsocks.html)
+* Name: `shadowsocks`
+* Type: Inbound / Outbound
[Shadowsocks](https://www.shadowsocks.org/) protocol, for both inbound and outbound connections.
@@ -21,44 +27,48 @@ Compatibility with official version:
* Plugins:
* Support obfs through standalone mode.
-Info:
-
-* Name: shadowsocks
-* Type: Inbound / Outbound
-
-## Inbound proxy configuration
+## InboundConfigurationObject
```javascript
{
"email": "love@v2ray.com",
"method": "aes-128-cfb",
"password": "password",
- "udp": false,
"level": 0,
"ota": true,
"network": "tcp"
}
```
-其中:
+> `email`: string
-* `email`: Email address. Used for user identification.
-* `method`: Encryption method. No default value. Options are:
- * `"aes-256-cfb"`
- * `"aes-128-cfb"`
- * `"chacha20"`
- * `"chacha20-ietf"`
- * `"aes-256-gcm"`
- * `"aes-128-gcm"`
- * `"chacha20-poly1305"` or `"chacha20-ietf-poly1305"`
-* `password`: Password. Can be any string.
-* `udp` (Deprecated, use `network`): `true` or `false`, whether or not to enable UDP. Default to `false`.
-* `level`: User level. Default to `0`. See [Policy](../policy.md).
-* `ota`: `true` or `false`, whether or not to enable OTA. Default to auto mode.
- * When AEAD is used, `ota` has no effect.
-* `network` (V2Ray 3.16+): Type of network, either `"tcp"`, `"udp"`, or `"tcp,udp"`. Default to `"tcp"`.
+Email address. Used for user identification.
+
+> `method`: string
+
+Required. See [Encryption methods](#encryption-methods) for available values.
+
+> `password`: string
+
+Required. Password in Shadowsocks protocol. Can be any string.
+
+> `level`: number
+
+User level. Default to `0`. See [Policy](../policy.md).
+
+> `ota`: `true` | `false`
+
+Whether or not to force OTA. If `true` and the incoming connection doesn't enable OTA, V2Ray will reject this connection. Vice versa.
+
+If this field is not specified, V2Ray auto detects OTA settings from incoming connections.
+
+When AEAD encryption is used, `ota` has no effect.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
-## Outbound proxy configuration
+Type of supported networks. Default to `"tcp"`.
+
+## OutboundConfigurationObject
```javascript
{
@@ -76,7 +86,7 @@ Info:
}
```
-其中:
+Where:
* `email`: Email address. Used for user identification.
* `address`: Address of Shadowsocks server. Can be IPv4, IPv6 or domain.
@@ -93,3 +103,61 @@ Info:
* `ota`: Whether or not to use OTA.
* When AEAD is used, `ota` has no effect.
* `level`: User level.
+
+> `servers`: \[[ServerObject](#serverobject)\]
+
+An array of [ServerObject](#serverobject)s.
+
+### ServerObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "address": "127.0.0.1",
+ "port": 1234,
+ "method": "加密方式",
+ "password": "密码",
+ "ota": false,
+ "level": 0
+}
+```
+
+> `email`: string
+
+Email address. Used for user identification.
+
+> `address`: address
+
+Required. Shadowsocks server address. May be IPv4, IPv6 or domain address.
+
+> `port`: number
+
+Required. Shadowsocks server port.
+
+> `method`: string
+
+Required. See [Encryption methods](#encryption-methods) for available values.
+
+> `password`: string
+
+Required. Password in Shadowsocks protocol. Can be any string.
+
+> `ota`: true | false
+
+Whether or not to use OTA. Default value is `false`.
+
+When AEAD encryption is used, this field has no effect.
+
+> `level`: number
+
+User level.
+
+## Encryption methods
+
+* `"aes-256-cfb"`
+* `"aes-128-cfb"`
+* `"chacha20"`
+* `"chacha20-ietf"`
+* `"aes-256-gcm"`
+* `"aes-128-gcm"`
+* `"chacha20-poly1305"` or `"chacha20-ietf-poly1305"`
diff --git a/en/configuration/protocols/socks.md b/en/configuration/protocols/socks.md
index c7278e9b4..3b6a558ea 100644
--- a/en/configuration/protocols/socks.md
+++ b/en/configuration/protocols/socks.md
@@ -1,13 +1,20 @@
+---
+refcn: chapter_02/protocols/socks
+refen: configuration/protocols/socks
+---
+
# Socks
- [](https://www.v2ray.com/chapter_02/protocols/socks.html)
+* Name: `socks`
+* Type: Inbound / Outbound
Socks is an implementation of standard SOCKS protocol, compatible with [Socks 4](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol), Socks 4a and [Socks 5](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol).
-* Name: socks
-* Type: Inbound / Outbound
+Socks configuration consists of two parts, `InboundConfigurationObject` and `OutboundConfigurationObject`, for inbound and outbound respectively.
+
+## OutboundConfigurationObject
-## Outbound Proxy Configuration
+`OutboundConfigurationObject` is used as `settings` field in `OutboundObject` in top level configuration.
```javascript
{
@@ -25,22 +32,67 @@ Socks is an implementation of standard SOCKS protocol, compatible with [Socks 4]
}
```
-Where:
+> `servers`: \[ [ServerObject](#serverobject) \]
+
+An array of Socks servers.
+
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 1234,
+ "users": [
+ {
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+ }
+ ]
+}
+```
-* `servers`: Socks server list, in which each entry has:
- * `address`: Server address
- * `port`: Server port
- * `users`: List of user accounts:
- * `user`: Username
- * `pass`: Password
- * `level`: User level.
+> `address`: address
-Notice:
+Socks server address. May be IPv4, IPv6 or domain address.
-* When user list is not empty, socks will performance user authentication with remote server, using a random user.
-* Only supports SOCKS5 servers.
+{% hint style='info' %}
-## Inbound Proxy Configuration
+Only support Socks 5 servers.
+
+{% endhint %}
+
+> `port`: number
+
+Socks server port.
+
+> `users`: \[ [UserObject](#userobject) \]
+
+An array of users. Each element in the array is an user. If the list is not empty. Socks inbound will force user authentication. Otherwise, anonymous user is allowed.
+
+### UserObject
+
+```javascript
+{
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+}
+```
+
+> `user`: string
+
+Username as in Socks protocol
+
+> `pass`: string
+
+Password as in Socks protocol
+
+> `level`: number
+
+User level for tracking and policy purpose. Default value is `0`.
+
+## InboundConfigurationObject
```javascript
{
@@ -57,13 +109,39 @@ Notice:
}
```
-其中:
+> `auth`: "noauth" | "password"
+
+Socks autentication method. `"noauth"` is for anonymous authentication, and `"password"` for authentication with username and password. Default value is `"noauth"`.
+
+> `accounts`: \[ [AccountObject](#accountobject) \]
+
+An array of user accounts, for authenication purpose. Only take effect when `auth` is set to `"password"`.
+
+> `udp`: true | false
+
+Whether or not to enable UDP. Default value is `false`.
+
+> `ip`: address
+
+When UDP is enabled, V2Ray needs to know the IP address of current host. Default value is `"127.0.0.1"`. This must be set to the public IP address of the host, if you want to allow public UDP traffic.
+
+> `userLevel`: number
+
+User level. All incoming connections share this user level.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `user`: string
+
+Username as in Socks protocol
+
+> `pass`: string
-* `auth`: Socks authentication method. Default to `"noauth"`. Options are:
- * `"noauth"`: Anonymous.
- * `"password"`: User and password [RFC 1929](https://tools.ietf.org/html/rfc1929)
-* `accounts`: An array where each entry is contains `user` for username and `pass` for password. Default to empty.
- * Only works when `auth` is `"password"`
-* `udp`: `true` or `false` to enable UDP. Default to false.
-* `ip`: When UDP is enabled, this IP address receives UDP packets from client. Default to `"127.0.0.1"`.
-* `userLevel`: User level. All connections share this level.
+Password as in Socks protocol
diff --git a/en/configuration/protocols/vmess.md b/en/configuration/protocols/vmess.md
index a37079588..6d81694f5 100644
--- a/en/configuration/protocols/vmess.md
+++ b/en/configuration/protocols/vmess.md
@@ -1,11 +1,18 @@
+---
+refcn: chapter_02/protocols/vmess
+refen: configuration/protocols/vmess
+---
+
# VMess
+* Name: `vmess`
+* Type: Inbound / Outbound
+
[VMess](https://www.v2ray.com/eng/protocols/vmess.html) is a protocol for encrypted communications. It includes both inbound and outbound proxy.
-* Name: vmess
-* Type: Inbound / Outbound
+VMess depends on system time. Please ensure that your system time is in sync with UTC time. Timezone doesn't matter. One may install `ntp` service on Linux to automatically adjust system time.
-## Outbound Proxy Configuration
+## OutboundConfigurationObject
```javascript
{
@@ -16,8 +23,8 @@
"users": [
{
"id": "27848739-7e62-4138-9fd3-098a63964b6b",
- "alterId": 10,
- "security": "aes-128-cfb",
+ "alterId": 4,
+ "security": "auto",
"level": 0
}
]
@@ -26,23 +33,71 @@
}
```
-Where:
+> `vnext`: \[ [ServerObject](#serverobject) \]
-* `vnext`: An array, where each entry is a remote server
- * `address`: Server address, may be IPv4, IPv6 or domain name.
- * `port`: Server port
- * `users`: An array where each entry is an VMess user
- * `id`: User ID, in the form of a [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
- * `alterId`: Number of alternative IDs. The alternative IDs will be generated in a deterministic way. Default to 0. Maximum 65535. Recommend 32.
- * `level`: User level. See [Policy](../Policy.md) for more detail.
- * `security`: Encryption method. Options are:
- * `"aes-128-cfb"`
- * `"aes-128-gcm"`: Recommended for PC.
- * `"chacha20-poly1305"`: Recommended for mobile.
- * `"auto"`: Default value. Use `aes-128-gcm` on AMD64 and S390x, or `chacha20-poly1305` otherwise.
- * `"none"`: Traffic is not encrypted at all.
+An array, where each element presents a remote server
-## Inbound Proxy Configuration
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 37192,
+ "users": []
+}
+```
+
+> `address`: address
+
+Server address, may be IPv4, IPv6 or domain name.
+
+> `port`: number
+
+Server port
+
+> `users`: \[ [UserObject](#userobject) \]
+
+An array where each element is an VMess user
+
+### UserObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "alterId": 16,
+ "security": "auto",
+ "level": 0
+}
+```
+
+> `id`: string
+
+User ID, in the form of a [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
+
+> `alterId`: number
+
+Number of alternative IDs. The alternative IDs will be generated in a deterministic way. Default to 0. Maximum 65535. Recommend 4. Its value must be not larger than the one in corresponding Inbound.
+
+> `level`: number
+
+User level. See [Policy](../policy.md) for more detail.
+
+> `security`: "aes-128-gcm" | "chacha20-poly1305" | "auto" | "none"
+
+Method for encrypting payload. This setting is only available at outbound. The VMess inbound will automatically recognize this setting and decrypt payload accordingly. Options are:
+
+* `"aes-128-gcm"`: Recommended for PC.
+* `"chacha20-poly1305"`: Recommended for mobile.
+* `"auto"`: Default value. Use `aes-128-gcm` on AMD64, ARM64 and S390x, or `chacha20-poly1305` otherwise.
+* `"none"`: Traffic is not encrypted at all.
+
+{% hint style='info' %}
+
+Use `"auto"` wherever possible for better compatibility.
+
+{% endhint %}
+
+## InboundConfigurationObject
```javascript
{
@@ -50,13 +105,13 @@ Where:
{
"id": "27848739-7e62-4138-9fd3-098a63964b6b",
"level": 0,
- "alterId": 100,
+ "alterId": 4,
"email": "love@v2ray.com"
}
],
"default": {
"level": 0,
- "alterId": 32
+ "alterId": 4
},
"detour": {
"to": "tag_to_detour"
@@ -65,25 +120,77 @@ Where:
}
```
-其中:
-
-* `clients`: An array for valid user accounts. May be empty when used for dynamic port feature.
- * Each client contains:
- * `id`: User ID, in the form of [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
- * `level`:User level. See [Policy](../policy.md)
- * `alterId`: Number of alternative IDs. Same as in Inbound. Value must be the same as connecting clients.
- * `email`: Email address to identify users.
-* `detour`: Optional feature to suggest client to take a detour.
- * `to`: The tag of an inbound proxy. See [Overview](../02_protocols.md). If configured, VMess will suggest its client to use the detour for further connections.
-* `default`: Optional default client configuration. Usually used in detour proxy.
- * `level`: User level.
- * `alterId`: Number of alternative IDs. Default value 64.
-* `disableInsecureEncryption` (V2Ray 3.11+): Forbids client for using insecure encryption methods. When set to true, connections will be terminated immediately if the following encryption is used. Default value `false`.
- * `none`
- * `aes-128-cfb`
-
-## Tips
-
-* Always use encryption method `"auto"` to stay secure and compatible.
-* VMess depends on system time. Please ensure that your system time is in sync with UTC time. Timezone doesn't matter.
- * One may install `ntp` service on Linux to automatically adjust system time.
\ No newline at end of file
+> `clients`: \[ [ClientObject](#clientobject) \]
+
+An array for valid user accounts. May be empty when used for dynamic port feature.
+
+> `detour`: [DetourObject](#detourobject)
+
+Optional feature to suggest client to take a detour. If specified, this inbound will instruct the outbound to use another inbound.
+
+> `default`: [DefaultObject](#defaultobject)
+
+Optional default client configuration. Usually used with `detour`.
+
+> `disableInsecureEncryption`: true | false
+
+Forbids client for using insecure encryption methods. When set to `true`, connections will be terminated immediately if the following encryption is used. Default value `false`.
+
+* `none`
+* `aes-128-cfb`
+
+### ClientObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "level": 0,
+ "alterId": 4,
+ "email": "love@v2ray.com"
+}
+```
+
+> `id`: string
+
+User ID, in the form of [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
+
+> `level`: number
+
+User level. See [Policy](../policy.md) for its usage.
+
+> `alterId`: number
+
+Number of alternative IDs. Same as in Outbound.
+
+> `email`: string
+
+Email address for user identification.
+
+### DetourObject
+
+```javascript
+{
+ "to": "tag_to_detour"
+}
+```
+
+> `to`: string
+
+The tag of an inbound proxy. See [Overview](../protocols.md). If configured, VMess will suggest its client to use the detour for further connections.
+
+### DefaultObject
+
+```javascript
+{
+ "level": 0,
+ "alterId": 4
+}
+```
+
+> `level`: number
+
+User level.
+
+> `alterId`: number
+
+Number of alternative IDs. Default value 64. Recommend 4.
diff --git a/en/configuration/reverse.md b/en/configuration/reverse.md
new file mode 100644
index 000000000..e809e36ad
--- /dev/null
+++ b/en/configuration/reverse.md
@@ -0,0 +1,199 @@
+---
+refcn: chapter_02/reverse
+refen: configuration/reverse
+---
+
+# Reverse Proxy
+
+Reverse proxy is an optional feature in V2Ray. It redirects traffic from a server to a client. Thus is so called "Reverse" proxying.
+
+{% hint style='tip' %}
+
+Reverse proxy is available in V2Ray 4.0+. It is now in beta, and may be improved in near future.
+
+{% endhint %}
+
+Reverse proxy works in the following way:
+
+* Suppose there is a device A that runs a web server. Device A has no public IP address, and can't be accessed from internet. There is another device B, say a cloud server, which can be access from internet. We need to use B as portal, to redirect traffice to A.
+* Now we install a V2Ray on device A, named `bridge`. And then install a V2Ray on device B, named `portal`.
+* `bridge` will open connections to `portal`. Their target can be customized for routing purpose. `portal` will receive these connections, as well as connections from other uses in the internet. `portal` will "connect" these two kind of connections. Then the interent traffic will be tunneled to `bridge`.
+* After `bridge` receives traffic from internet through `portal`, it will send these traffic to the web server on localhost. You may configure routing for these traffic as well.
+* `bridge` will control load balance based of the amount of traffic.
+
+{% hint style='danger' %}
+
+Reverse proxy has already leveraged [Mux](mux.md). It is not necessary to configure Mux again on its outbound.
+
+{% endhint %}
+
+## ReverseObject
+
+`ReverseObject` is used as `reverse` field in top level configuration.
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }],
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+> `bridges`: \[[BridgeObject](bridgeobject)\]
+
+An array of `bridge`s. Each `bridge` is a [BridgeObject](bridgeobject).
+
+> `portals`: \[[PortalObject](portalobject)\]
+
+An array of `portal`s. Each `portal` is a [PortalObject](bridgeobject).
+
+### BridgeObject
+
+```javascript
+{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+}
+```
+
+> `tag`: string
+
+A tag. All traffic initiated by this `bridge` will have this tag. It can be used for [routing](routing.md), identified as `inboundTag`.
+
+> `domain`: string
+
+A domain. All connections initiated by `bridge` towards `portal` will use this domain as target. This domain is only used for communication between `bridge` and `portal`. It is not necessary to be actually registered.
+
+### PortalObject
+
+> `tag`: string
+
+A Tag. You need to redirect all traffic to this `portal`, by targeting `outboundTag` to this `tag`. The traffic includes the connections from `bridge`, as well as internet traffic.
+
+> `domain`: string
+
+A domain. When a connection targeting this domain, `portal` considers it is a connection from `bridge`, otherwise it is an internet connection.
+
+{% hint style='tip' %}
+
+Like other usages, a V2Ray instance can be used as a `bridge`, or a `portal`, or both as the same time.
+
+{% endhint %}
+
+## Example configuration
+
+`bridge` usually needs two outbounds. One for connecting `portal`, and another for connecting local web server.
+
+Reverse:
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+Outbound:
+
+```javascript
+{
+ "tag": "out"
+ "protocol": "freedom",
+ "settings": {
+ "redirect": "127.0.0.1:80" // Send traffic to local web server
+ }
+},
+{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "portal的IP地址",
+ "port": 1024,
+ "users": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }]
+ },
+ "tag": "interconn"
+}
+```
+
+Routing:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "domain": ["full:test.v2ray.com"],
+ "outboundTag": "interconn"
+ },{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "outboundTag": "out"
+ }]
+}
+```
+
+`portal` usually needs two inbounds. One for connections from `bridge`, and another for internet connections.
+
+Reverse:
+
+```javascript
+{
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com" // Must be the same as in bridge
+ }]
+}
+```
+
+Inbound:
+
+```javascript
+{
+ "tag": "external",
+ "port": 80, // Open port 80 for internet HTTP traffic
+ "protocol": "dokodemo-door",
+ "settings": {
+ "address": "127.0.0.1",
+ "port": 80,
+ "network": "tcp"
+ }
+},
+{
+ "port": 1024, // For bridge connections
+ "tag": "interconn",
+ "protocol": "vmess",
+ "settings": {
+ "clients": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }
+}
+```
+
+Routing:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["external"],
+ "outboundTag": "portal"
+ },{
+ "type": "field",
+ "inboundTag": ["interconn"],
+ "outboundTag": "portal"
+ }]
+}
+```
+
+{% hint style='tip' %}
+
+In practice, you may want to run `bridge` first and then `portal`.
+
+{% endhint %}
diff --git a/en/configuration/routing.md b/en/configuration/routing.md
index 5e15cb384..d569313f8 100644
--- a/en/configuration/routing.md
+++ b/en/configuration/routing.md
@@ -1,42 +1,43 @@
-# Routing
+---
+refcn: chapter_02/03_routing
+refen: configuration/routing
+---
- [](https://www.v2ray.com/chapter_02/03_routing.html)
+# Routing
V2Ray has an internal routing mechanism. It routes inbound connections to various outbound based on rules. A common scenario is to split traffic by country. V2Ray can detect target country (by Geo IP) of a connection, and sends then connection to corresponding outbound proxy.
-Configuration:
+## RoutingObject
+
+`RoutingObject` is used as `routing` in top level configuration.
```javascript
{
- "strategy": "rules",
- "settings": {
- "domainStrategy": "AsIs",
- "rules": [
- {
- "type": "field",
- "domain": [
- "baidu.com",
- "qq.com"
- ],
- "outboundTag": "direct"
- }
- ]
- }
+ "domainStrategy": "AsIs",
+ "rules": [],
+ "balancers": []
}
```
-Where:
+> `domainStrategy`: "AsIs" | "IPIfNonMatch" | "IPOnDemand"
+
+Domain resolution strategy. Choices are:
+
+* `"AsIs"`: Only use domain for routing. Default value.
+* `"IPIfNonMatch"`: When no rule matches current domain, V2Ray resolves it into IP addresses (A or AAAA records) and try all rules again.
+ * If a domain has multiple IP addresses, V2Ray tries all of them.
+ * The resolved IPs are only used for routing decisions, the traffic is still sent to original domain address.
+* `"IPOnDemand"`: As long as there is a IP-based rule, V2Ray resolves the domain into IP immediately.
+
+> `rules`: \[[RuleObject](#ruleobject)\]
+
+An array of rules. For each inbound connection, V2Ray tries these rules from top down one by one. If a rule takes effect, the connection will be routed to the `outboundTag` (or `balancerTag`, V2Ray 4.4+) of the rule.
+
+> `balancers`: \[ [BalancerObject](#balancerobject) \]
-* `strategy`: The only valid value for now is `"rules"`.
-* `domainStrategy`: Domain resolution strategy. Choices are:
- * `"AsIs"`: Only use domain for routing. Default value.
- * `"IPIfNonMatch"`: When no rule matches current domain, V2Ray resolves it into IP addresses (A or AAAA records) and try all rules again.
- * If a domain has multiple IP addresses, V2Ray tries all of them.
- * The resolved IPs are only used for routing decisions, the traffic is still sent to original domain address.
- * `"IPOnDemand"`: As long as there is a IP-based rule, V2Ray resolves the domain into IP immediately.
-* `rules`: An array of rules. For each inbound connection, V2Ray tries these rules from top down one by one. If a rule takes effect, the connection will be routed to the `outboundTag` of the rule.
+(V2Ray 4.4+) An array of load balancers. When a routing rule points to a load balancer, the balancer will select an outbound based on configuration. Then traffic will be sent to that outbound.
-Configuration for each rule:
+### RuleObject
```javascript
{
@@ -53,10 +54,10 @@ Configuration for each rule:
"fe80::/10",
"geoip:cn"
],
- "port": "0-100",
+ "port": "53,443,1000-2000",
"network": "tcp",
"source": [
- "10.0.0.1",
+ "10.0.0.1"
],
"user": [
"love@v2ray.com"
@@ -64,33 +65,130 @@ Configuration for each rule:
"inboundTag": [
"tag-vmess"
],
- "outboundTag": "direct"
+ "protocol":["http", "tls", "bittorrent"],
+ "attrs": "attrs[':method'] == 'GET'",
+ "outboundTag": "direct",
+ "balancerTag": "balancer"
}
```
-Where:
-
-* `type`: The only valid value for now is `"field"`.
-* `domain`: An array of domains. There are four formats:
- * Substring: If this string matches any part of the targeting domain, this rule takes effet. Example: rule `"sina.com"` matches targeting domain `"sina.com"`, `"sina.com.cn"` and `"www.sina.com"`, but not `"sina.cn"`.
- * Regular expression: Begining with `"regexp:"`, the rest is a regular expression. When the regexp matches targeting domain, this rule takes effect. Example: rule `"regexp:\\.goo.*\\.com$"` matches `"www.google.com"` and `"fonts.googleapis.com"`, but not `"google.com"`.
- * Subdomain: Begining with `"domain:"` and the rest is a domain. When the targeting domain is exactly the value, or is a subdomain of the value, this rule takes effect. Example: rule `"domain:v2ray.com"` matches `"www.v2ray.com"`, `"v2ray.com"`, but not `"xv2ray.com"`.
- * Common domains in China: Special value `"geosite:cn"` for a list of [common domains in China](https://www.v2ray.com/links/chinasites/).
-* `ip`: An array of IP ranges. When the targeting IP is in one of the ranges, this rule takes effect. There are three formats:
- * IP: such as `"127.0.0.1"`.
- * [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing): such as `"127.0.0.0/8"`.
- * GeoIP: such as `"geoip:cn"`. It begins with `geoip:` (lower case) and followed by two letter of country code.
- * Special value `"geoip:private"`: for all private addresses such as `127.0.0.1`.
-* `port`:Port range. Formats are:
- * `"a-b"`: Both `a` and `b` are positive integers and less than 65536. When the targeting port is in [`a`, `b`), this rule takes effect.
- * `a`: `a` is a positive integer, and less than 65536. When the targeting port is `a`, this rule takes effect.
-* `network`: Choices are `"tcp"`, `"udp"`, or `"tcp,udp"`. When the connection has in the chosen network, this rule take effect.
-* `source`: An array of IP ranges. Same format as `ip`. When the source IP of the connection is in the IP range, this rule takes effect.
-* `user`: An array of email address. When the inbound connection uses an user account of the email address, this rule takes effect. For now Shadowsocks and VMess support user with email.
-* `inboundTag`: An array of string as inbound proxy tags. When the connection comes from one of the specified inbound proxy, this rule takes effect.
-* `outboundTag` [Tag of the outbound](protocols.md) that the connection will be sent to, if this rule take effect.
-
-## Tips
-
-* When multiple attributes of the rule are specified, they must be satisfied together, in order to make the rule effective.
- * If you want to route connections by `domain` or `ip`, you probably need multiple rules, instead of one rule containing both `domain` and `ip`.
+{% hint style='info' %}
+
+When multiple fields are specified, these fields have to be all satisfied, in order to make the rule effective. If you need both `domain` and `ip` rules, it is highly likely you need put them into separate rules.
+
+{% endhint %}
+
+> `type`: "field"
+
+The only valid value for now is `"field"`.
+
+> `domain`: \[ string \]
+
+An array of domains. Available formats are:
+
+* Plaintext: If this string matches any part of the targeting domain, this rule takes effet. Example: rule `"sina.com"` matches targeting domain `"sina.com"`, `"sina.com.cn"` and `"www.sina.com"`, but not `"sina.cn"`.
+* Regular expression: Begining with `"regexp:"`, the rest is a regular expression. When the regexp matches targeting domain, this rule takes effect. Example: rule `"regexp:\\.goo.*\\.com$"` matches `"www.google.com"` and `"fonts.googleapis.com"`, but not `"google.com"`.
+* Subdomain (recommended): Begining with `"domain:"` and the rest is a domain. When the targeting domain is exactly the value, or is a subdomain of the value, this rule takes effect. Example: rule `"domain:v2ray.com"` matches `"www.v2ray.com"`, `"v2ray.com"`, but not `"xv2ray.com"`.
+* Full domain: Begining with `"full:"` and the rest is a domain. When the targeting domain is exactly the value, the rule takes effect. Example: rule `"domain:v2ray.com"` matches `"v2ray.com"`, but not `"www.v2ray.com"`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](#pre-defined-domain-lists) for more detail.
+* Domains from file: Such as `"ext:file:tag"`. The value must begin with `ext:` (lowercase), and followed by filename and tag. The file is placed in [resource directory](env.md#location-of-v2ray-asset), and has the same format of `geosite.dat`. The tag must exist in the file.
+
+> `ip`: \[string\]
+
+An array of IP ranges. When the targeting IP is in one of the ranges, this rule takes effect. Available formats:
+
+* IP: such as `"127.0.0.1"`.
+* [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing): such as `"127.0.0.0/8"`.
+* GeoIP: such as `"geoip:cn"`. It begins with `geoip:` (lower case) and followed by two letter of country code.
+ * Special value `"geoip:private"`: for all private addresses such as `127.0.0.1`.
+* IPs from file: Such as `"ext:file:tag"`. The value must begin with `ext:` (lowercase), and followed by filename and tag. The file is placed in [resource directory](env.md#location-of-v2ray-asset), and has the same format of `geoip.dat`. The tag must exist in the file.
+
+{% hint style='info' %}
+
+`"ext:geoip.dat:cn"` is equivalent to `"geoip:cn"`.
+
+{% endhint %}
+
+> `port`:number | string
+
+Port range. Formats are:
+
+* `"a-b"`: Both `a` and `b` are positive integers and less than 65536. When the targeting port is in [`a`, `b`), this rule takes effect.
+* `a`: `a` is a positive integer, and less than 65536. When the targeting port is `a`, this rule takes effect.
+* Mix of the two above, separated by ",". Such as `"53,443,1000-2000"`.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+When the connection has in the chosen network, this rule take effect.
+
+> `source`: \[string\]
+
+An array of IP ranges. Same format as `ip`. When the source IP of the connection is in the IP range, this rule takes effect.
+
+> `user`: \[string\]
+
+An array of email address. When the inbound connection uses an user account of the email address, this rule takes effect. For now Shadowsocks and VMess support user with email.
+
+> `inboundTag`: \[string\]
+
+An array of string as inbound proxy tags. When the connection comes from one of the specified inbound proxy, this rule takes effect.
+
+> `protocol`: \[ "http" | "tls" | "bittorrent" \]
+
+An array of string as protocol types. When the connection uses one of the protocols, this rule takes effect. To recognize the protocol of a connection, one must enable `sniffing` option in inbound proxy.
+
+> `attrs`: string
+
+(V2Ray 4.18+) A Starlark script, used for detecting traffic attributes. When this script returns true, this rule takes effect.
+
+[Starlark](https://github.com/bazelbuild/starlark) is a subset of Python. The script takes a global varible named `attrs`. It contains all attributes of the traffic.
+
+At the moment, only http inbound sets `attrs`.
+
+Examples:
+
+* Detect HTTP GET: `"attrs[':method'] == 'GET'"`
+* Detect HTTP Path: `"attrs[':path'].startswith('/test')"`
+* Detect Content Type: `"attrs['accept'].index('text/html') >= 0"`
+
+> `outboundTag` string
+
+[Tag of the outbound](protocols.md) that the connection will be sent to, if this rule take effect.
+
+> `balancerTag`: string
+
+Tag of an load balancer. Then this rule takes effect, V2Ray will use the balancer to select an outbound. Either `outboundTag` or `balancerTag` must be specified. When both are specified, `outboundTag` takes priority.
+
+### BalancerObject
+
+Configuration for a load balancer. When a load balancer takes effective, it selects one outbound from matching outbounds. This outbound will be used for send out-going traffic.
+
+```javascript
+{
+ "tag": "balancer",
+ "selector": []
+}
+```
+
+> `tag`: string
+
+Tag of this `BalancerObject`, to be matched from `balancerTag` in `RuleObject`.
+
+> `selector`: \[ string \]
+
+An array of strings. These strings are used to select outbounds with prefix matching. For example, with the following outbound tags: `[ "a", "ab", "c", "ba" ]`,selector `["a"]` matches `[ "a", "ab" ]`.
+
+When multiple outbounds are selected, load balancer for now picks one final outbound at random.
+
+## Pre-defined domain lists
+
+This is a domain lists maintained by [domain-list-community](https://github.com/v2ray/domain-list-community) project. It provides a file named `geosite.dat` for some predefined domain lists. Notably:
+
+* `category-ads`: Common ads domains.
+* `category-ads-all`: Common ads domains and ads providers' domains.
+* `cn`: Equivalent to an union of `geolocation-cn` and `tld-cn`.
+* `google`: All Google domains.
+* `facebook`: All Facebook domains.
+* `geolocation-cn`: Common domains that serve in China.
+* `geolocation-!cn`: Common domains that don't serve in China
+* `tld-cn`: All .cn and .中国 domains.
diff --git a/en/configuration/stats.md b/en/configuration/stats.md
index 4395678db..56239976a 100644
--- a/en/configuration/stats.md
+++ b/en/configuration/stats.md
@@ -1,23 +1,43 @@
-# Statistics
+---
+refcn: chapter_02/stats
+refen: configuration/stats
+---
- [](https://www.v2ray.com/chapter_02/stats.html)
+# Statistics
V2Ray provides some information about its internals.
-Configuration:
+## StatsObject
+
+`StatsObject` is used as `stats` field in top level configuration.
```javascript
{
}
```
+At the moment there is no parameter in stats settings. Stats is enabled automatically when the `StatsObject` is set in top level configuration. You need also enable the corresponding settings in [Policy](policy.md), in order to keep track of user or system stats.
+
All stats counters are listed below:
-* `user>>>[email]>>>traffic>>>uplink` (V2Ray 3.16+): Accumulated uplink traffic of specific user, in bytes.
-* `user>>>[email]>>>traffic>>>downlink` (V2Ray 3.16+): Accumulated downlink traffic of specific user, in bytes.
-* `inbound>>>[tag]>>>traffic>>>uplink` (V2Ray 3.18+): Accumulated uplink traffic of specific inbound, in bytes.
-* `inbound>>>[tag]>>>traffic>>>downlink` (V2Ray 3.18+): Accumulated downlink traffic of specific inbound, in bytes.
+## User Traffic
+
+If an user doesn't has email address set in protocol settings, the traffic stats will not be enabled.
+
+> `user>>>[email]>>>traffic>>>uplink`
+
+Accumulated uplink traffic of specific user, in bytes.
+
+> `user>>>[email]>>>traffic>>>downlink`
+
+Accumulated downlink traffic of specific user, in bytes.
+
+## Global Traffic
+
+> `inbound>>>[tag]>>>traffic>>>uplink`
+
+Accumulated uplink traffic of specific inbound, in bytes.
-## Tips
+> `inbound>>>[tag]>>>traffic>>>downlink`
-* If a user doesn't have a valid email address, the stats will not be enabled.
+Accumulated downlink traffic of specific inbound, in bytes.
diff --git a/en/configuration/transport.md b/en/configuration/transport.md
index 9590910ce..304cf8fd8 100644
--- a/en/configuration/transport.md
+++ b/en/configuration/transport.md
@@ -1,131 +1,300 @@
+---
+refcn: chapter_02/05_transport
+refen: configuration/transport
+---
+
# Transport Settings
- [](https://www.v2ray.com/chapter_02/transport.html)
+Transport is for how V2Ray sends and receives data from its peers. The responsibility of a transport is to reliably transfer data to a peer. Usually a connection has matching transports on both endpoints. For example, if a V2Ray outbound uses WebSocket as its transport, the inbound it talks to also has to use WebSocket, otherwise a connection can't be established.
-Transport settings is for how V2Ray sends and receives data from its peers. The settings devides into two parts: global settings and per proxy settings. Per-proxy settings specifies how each individual proxy handles its data, while global settings is for all proxies. Usually the inbound and outbound proxies between the connecting peer must have the same transport settings. When a proxy has no transport settings, the global settings applies.
+The transport settings devides into two parts: global settings and per proxy settings. Per-proxy settings specifies how each individual proxy handles its data, while global settings is for all proxies. Usually the inbound and outbound proxies between the connecting peer must have the same transport settings. When a proxy has no transport settings, the global settings applies.
-## Global Configuration
+## TransportObject
-Global settings is in the "transport" entry of V2Ray config.
+`TransportObject` is used as `transport` field in top level configuration.
```javascript
{
"tcpSettings": {},
"kcpSettings": {},
"wsSettings": {},
- "httpSettings": {}
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {}
}
```
-Where:
+> `tcpSettings`: TcpObject
+
+Settings for [TCP transport](transport/tcp.md).
+
+> `kcpSettings`: KcpObject
+
+Settings for [mKCP transport](transport/mkcp.md).
+
+> `wsSettings`: WebSocketObject
+
+Settings for [WebSocket transport](transport/websocket.md).
+
+> `httpSettings`: HttpObject
-* `tcpSettings`: Settings for [TCP transport](transport/tcp.md)。
-* `kcpSettings`: Settings for [mKCP transport](transport/mkcp.md)。
-* `wsSettings`: Settings for [WebSocket transport](transport/websocket.md)。
-* `httpSettings`: Settings for [HTTP/2 transport](transport/h2.md)。
+Settings for [HTTP/2 transport](transport/h2.md).
-## Per-proxy Configuration
+> `dsSettings`: DomainSocketObject
-Each inbound and outbound proxy may has its own transport settings. Each inbound, inboundDetour, outbound and outboundDetour entry may have a `streamSettings` for transport.
+Settings for [Domain Socket transport](transport/domainsocket.md).
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) Settings for [QUIC transport](transport/quic.md).
+
+## StreamSettingsObject
+
+Each inbound and outbound proxy may has its own transport settings, as specified in `streamSettings` field in top level configuration.
```javascript
{
"network": "tcp",
"security": "none",
- "tlsSettings": {
- "serverName": "v2ray.com",
- "alpn": ["http/1.1"],
- "allowInsecure": false,
- "certificates": [
- {
- "usage": "encipherment",
-
- "certificateFile": "/path/to/certificate.crt",
- "keyFile": "/path/to/key.key",
-
- "certificate": [
- "-----BEGIN CERTIFICATE-----",
- "MIICwDCCAaigAwIBAgIRAO16JMdESAuHidFYJAR/7kAwDQYJKoZIhvcNAQELBQAw",
- "ADAeFw0xODA0MTAxMzU1MTdaFw0xODA0MTAxNTU1MTdaMAAwggEiMA0GCSqGSIb3",
- "DQEBAQUAA4IBDwAwggEKAoIBAQCs2PX0fFSCjOemmdm9UbOvcLctF94Ox4BpSfJ+",
- "3lJHwZbvnOFuo56WhQJWrclKoImp/c9veL1J4Bbtam3sW3APkZVEK9UxRQ57HQuw",
- "OzhV0FD20/0YELou85TwnkTw5l9GVCXT02NG+pGlYsFrxesUHpojdl8tIcn113M5",
- "pypgDPVmPeeORRf7nseMC6GhvXYM4txJPyenohwegl8DZ6OE5FkSVR5wFQtAhbON",
- "OAkIVVmw002K2J6pitPuJGOka9PxcCVWhko/W+JCGapcC7O74palwBUuXE1iH+Jp",
- "noPjGp4qE2ognW3WH/sgQ+rvo20eXb9Um1steaYY8xlxgBsXAgMBAAGjNTAzMA4G",
- "A1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA",
- "MA0GCSqGSIb3DQEBCwUAA4IBAQBUd9sGKYemzwPnxtw/vzkV8Q32NILEMlPVqeJU",
- "7UxVgIODBV6A1b3tOUoktuhmgSSaQxjhYbFAVTD+LUglMUCxNbj56luBRlLLQWo+",
- "9BUhC/ow393tLmqKcB59qNcwbZER6XT5POYwcaKM75QVqhCJVHJNb1zSEE7Co7iO",
- "6wIan3lFyjBfYlBEz5vyRWQNIwKfdh5cK1yAu13xGENwmtlSTHiwbjBLXfk+0A/8",
- "r/2s+sCYUkGZHhj8xY7bJ1zg0FRalP5LrqY+r6BckT1QPDIQKYy615j1LpOtwZe/",
- "d4q7MD/dkzRDsch7t2cIjM/PYeMuzh87admSyL6hdtK0Nm/Q",
- "-----END CERTIFICATE-----"
- ],
- "key": [
- "-----BEGIN RSA PRIVATE KEY-----",
- "MIIEowIBAAKCAQEArNj19HxUgoznppnZvVGzr3C3LRfeDseAaUnyft5SR8GW75zh",
- "bqOeloUCVq3JSqCJqf3Pb3i9SeAW7Wpt7FtwD5GVRCvVMUUOex0LsDs4VdBQ9tP9",
- "GBC6LvOU8J5E8OZfRlQl09NjRvqRpWLBa8XrFB6aI3ZfLSHJ9ddzOacqYAz1Zj3n",
- "jkUX+57HjAuhob12DOLcST8np6IcHoJfA2ejhORZElUecBULQIWzjTgJCFVZsNNN",
- "itieqYrT7iRjpGvT8XAlVoZKP1viQhmqXAuzu+KWpcAVLlxNYh/iaZ6D4xqeKhNq",
- "IJ1t1h/7IEPq76NtHl2/VJtbLXmmGPMZcYAbFwIDAQABAoIBAFCgG4phfGIxK9Uw",
- "qrp+o9xQLYGhQnmOYb27OpwnRCYojSlT+mvLcqwvevnHsr9WxyA+PkZ3AYS2PLue",
- "C4xW0pzQgdn8wENtPOX8lHkuBocw1rNsCwDwvIguIuliSjI8o3CAy+xVDFgNhWap",
- "/CMzfQYziB7GlnrM6hH838iiy0dlv4I/HKk+3/YlSYQEvnFokTf7HxbDDmznkJTM",
- "aPKZ5qbnV+4AcQfcLYJ8QE0ViJ8dVZ7RLwIf7+SG0b0bqloti4+oQXqGtiESUwEW",
- "/Wzi7oyCbFJoPsFWp1P5+wD7jAGpAd9lPIwPahdr1wl6VwIx9W0XYjoZn71AEaw4",
- "bK4xUXECgYEA3g2o9WqyrhYSax3pGEdvV2qN0VQhw7Xe+jyy98CELOO2DNbB9QNJ",
- "8cSSU/PjkxQlgbOJc8DEprdMldN5xI/srlsbQWCj72wXxXnVnh991bI2clwt7oYi",
- "pcGZwzCrJyFL+QaZmYzLxkxYl1tCiiuqLm+EkjxCWKTX/kKEFb6rtnMCgYEAx0WR",
- "L8Uue3lXxhXRdBS5QRTBNklkSxtU+2yyXRpvFa7Qam+GghJs5RKfJ9lTvjfM/PxG",
- "3vhuBliWQOKQbm1ZGLbgGBM505EOP7DikUmH/kzKxIeRo4l64mioKdDwK/4CZtS7",
- "az0Lq3eS6bq11qL4mEdE6Gn/Y+sqB83GHZYju80CgYABFm4KbbBcW+1RKv9WSBtK",
- "gVIagV/89moWLa/uuLmtApyEqZSfn5mAHqdc0+f8c2/Pl9KHh50u99zfKv8AsHfH",
- "TtjuVAvZg10GcZdTQ/I41ruficYL0gpfZ3haVWWxNl+J47di4iapXPxeGWtVA+u8",
- "eH1cvgDRMFWCgE7nUFzE8wKBgGndUomfZtdgGrp4ouLZk6W4ogD2MpsYNSixkXyW",
- "64cIbV7uSvZVVZbJMtaXxb6bpIKOgBQ6xTEH5SMpenPAEgJoPVts816rhHdfwK5Q",
- "8zetklegckYAZtFbqmM0xjOI6bu5rqwFLWr1xo33jF0wDYPQ8RHMJkruB1FIB8V2",
- "GxvNAoGBAM4g2z8NTPMqX+8IBGkGgqmcYuRQxd3cs7LOSEjF9hPy1it2ZFe/yUKq",
- "ePa2E8osffK5LBkFzhyQb0WrGC9ijM9E6rv10gyuNjlwXdFJcdqVamxwPUBtxRJR",
- "cYTY2HRkJXDdtT0Bkc3josE6UUDvwMpO0CfAETQPto1tjNEDhQhT",
- "-----END RSA PRIVATE KEY-----"
- ]
- }
- ]
- },
+ "tlsSettings": {},
"tcpSettings": {},
"kcpSettings": {},
"wsSettings": {},
- "httpSettings": {}
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {},
+ "sockopt": {
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+ }
+}
+```
+
+> `network`: "tcp" | "kcp" | "ws" | "http" | "domainsocket" | "quic"
+
+Network type of the stream transport. Default value `"tcp"`.
+
+> `security`: "none" | "tls"
+
+Type of security. Choices are `"none"` (default) for no extra security, or `"tls"` for using [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security).
+
+> `tlsSettings`: [TLSObject](#tlsobject)
+
+TLS settings. TLS is provided by Golang. Support up to TLS 1.2. DTLS is not supported.
+
+> `tcpSettings`: [TcpObject](transport/tcp.md)
+
+TCP transport configuration for current proxy. Effective only when the proxy uses TCP transport. Configuration is the same as it is in global configuration.
+
+> `kcpSettings`: KcpObject
+
+mKCP transport configuration for current proxy. Effective only when the proxy uses mKCP transport. Configuration is the same as it is in global configuration.
+
+> `wsSettings`: WebSocketObject
+
+WebSocket transport configuration for current proxy. Effective only when the proxy uses WebSocket transport. Configuration is the same as it is in global configuration.
+
+> `httpSettings`: HttpObject
+
+HTTP/2 transport configuration for current proxy. Effective only when the proxy uses HTTP/2 transport. Configuration is the same as it is in global configuration.
+
+> `dsSettings`: DomainSocketObject
+
+Domain socket transport configuration for current proxy. Effective only when the proxy uses domain socket transport. Configuration is the same as it is in global configuration.
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) QUIC transport configuration for current proxy. Effective only when the proxy uses QUIC transport. Configuration is the same as it is in global configuration.
+
+> `sockopt`: SockoptObject
+
+Socket options for incoming and out-going connections.
+
+### TLSObject
+
+```javascript
+{
+ "serverName": "v2ray.com",
+ "allowInsecure": false,
+ "alpn": ["http/1.1"],
+ "certificates": [],
+ "disableSystemRoot": false
}
```
-Where:
-
-* `network`: Network type of the stream transport. Choices are `"tcp"`, `"kcp"`, `"ws"`, or `"http"`. Default value `"tcp"`.
-* `security`: Type of security. Choices are `"none"` (default) for no extra security, or `"tls"` for using [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security).
-* `tlsSettings`: TLS settings. TLS is provided by Golang. Support up to TLS 1.2. DTLS is not supported.
- * `serverName`: Server name (usually domain) used for TLS authentication.
- * `alpn` (V2Ray 3.18+): An array of strings, to specifiy the ALPN value in TLS handshake. Default value is `["http/1.1"]`.
- * `allowInsecure`: If `true`, V2Ray allowss insecure connection at TLS client.
- * `certificates`: List of TLS certificates. Each entry is one certificate.
- * `usage` (V2Ray 3.17+): Purpose of the certificate. Default value `"encipherment"`. Choices are:
- * `"encipherment"`: Certificate is used for TLS authentication and encryption.
- * `"verify"`: Certificate is used for validating TLS certificates from remote peer. In this case, the certificate has to be a CA certificate. For now, Windows is not supported.
- * `"issue"`: Certificate is used for issuing other certificates. In this case, the certificate has to be a CA certificate.
- * `certificateFile`: File path to the certificate. If the certificate is generated by OpenSSL, the path ends with ".crt".
- * `certificate` (V2Ray 3.17+): List of strings as content of the certificate. See the example above. Either `certificate` or `certificateFile` must not be empty.
- * `keyFile`: File path to the private key. If generated by OpenSSL, the file usually ends with ".key". Key file with password is not supported.
- * `key` (V2Ray 3.17+): List of strings as content of the private key. See the example above. Either `key` or `keyFile` must not be empty.
-* `tcpSettings`: TCP transport configuration for current proxy. Effective only when the proxy uses TCP transport. Configuration is the same as it is in global configuration.
-* `kcpSettings`: mKCP transport configuration for current proxy. Effective only when the proxy uses mKCP transport. Configuration is the same as it is in global configuration.
-* `wsSettings`: WebSocket transport configuration for current proxy. Effective only when the proxy uses WebSocket transport. Configuration is the same as it is in global configuration.
-* `httpSettings`: HTTP/2 transport configuration for current proxy. Effective only when the proxy uses HTTP/2 transport. Configuration is the same as it is in global configuration.
-
-## 小贴示
-
-* When `certificateFile` and `certificate` are both filled in. V2Ray uses `certificateFile`. Same for `keyFile` and `key`.
-* When there is a new client request, say for `serverName` = `"v2ray.com"`, V2Ray will find a certificate for `"v2ray.com"` first. If not found, V2Ray will try to issue a new certificate using any existing certificate whose `usage` is `"issue"` for `"v2ray.com"`. The new certificate expires in one hour, and will be added to certificate pool for later reuse.
-* When `usage` is `"verify"`, both `keyFile` and `key` can be empty.
-* Use `v2ctl cert -ca` command to generate a new CA certificate.
+> `serverName`: string
+
+Server name (usually domain) used for TLS authentication. Typically this is used when corressponding inbound/outbound uses IP for communication.
+
+When domain name is specified from inbound proxy, or get sniffed from the connection, it will be automatically used for connection. It is not necessary to set `serverName` in such case.
+
+> `alpn`: \[ string \]
+
+An array of strings, to specifiy the ALPN value in TLS handshake. Default value is `["http/1.1"]`.
+
+> `allowInsecure`: true | false
+
+If `true`, V2Ray allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates.
+
+> `allowInsecureCiphers`: true | false
+
+Whehter or not to allow insecure cipher suites. By default TLS only uses cipher suites from TLS 1.3 spec. Turn on this option to allow cipher suites with static RSA keys.
+
+> `disableSystemRoot`: true | false
+
+(V2Ray 4.18+) Whether or not to disable system root CAs for TLS handshake. Default value is `false`. If set to `true`, V2Ray will use only `certificates` for TLS handshake.
+
+> `certificates`: \[ [CertificateObject](#certificateobject) \]
+
+List of TLS certificates. Each entry is one certificate.
+
+### CertificateObject
+
+```javascript
+{
+ "usage": "encipherment",
+
+ "certificateFile": "/path/to/certificate.crt",
+ "keyFile": "/path/to/key.key",
+
+ "certificate": [
+ "-----BEGIN CERTIFICATE-----",
+ "MIICwDCCAaigAwIBAgIRAO16JMdESAuHidFYJAR/7kAwDQYJKoZIhvcNAQELBQAw",
+ "ADAeFw0xODA0MTAxMzU1MTdaFw0xODA0MTAxNTU1MTdaMAAwggEiMA0GCSqGSIb3",
+ "DQEBAQUAA4IBDwAwggEKAoIBAQCs2PX0fFSCjOemmdm9UbOvcLctF94Ox4BpSfJ+",
+ "3lJHwZbvnOFuo56WhQJWrclKoImp/c9veL1J4Bbtam3sW3APkZVEK9UxRQ57HQuw",
+ "OzhV0FD20/0YELou85TwnkTw5l9GVCXT02NG+pGlYsFrxesUHpojdl8tIcn113M5",
+ "pypgDPVmPeeORRf7nseMC6GhvXYM4txJPyenohwegl8DZ6OE5FkSVR5wFQtAhbON",
+ "OAkIVVmw002K2J6pitPuJGOka9PxcCVWhko/W+JCGapcC7O74palwBUuXE1iH+Jp",
+ "noPjGp4qE2ognW3WH/sgQ+rvo20eXb9Um1steaYY8xlxgBsXAgMBAAGjNTAzMA4G",
+ "A1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA",
+ "MA0GCSqGSIb3DQEBCwUAA4IBAQBUd9sGKYemzwPnxtw/vzkV8Q32NILEMlPVqeJU",
+ "7UxVgIODBV6A1b3tOUoktuhmgSSaQxjhYbFAVTD+LUglMUCxNbj56luBRlLLQWo+",
+ "9BUhC/ow393tLmqKcB59qNcwbZER6XT5POYwcaKM75QVqhCJVHJNb1zSEE7Co7iO",
+ "6wIan3lFyjBfYlBEz5vyRWQNIwKfdh5cK1yAu13xGENwmtlSTHiwbjBLXfk+0A/8",
+ "r/2s+sCYUkGZHhj8xY7bJ1zg0FRalP5LrqY+r6BckT1QPDIQKYy615j1LpOtwZe/",
+ "d4q7MD/dkzRDsch7t2cIjM/PYeMuzh87admSyL6hdtK0Nm/Q",
+ "-----END CERTIFICATE-----"
+ ],
+ "key": [
+ "-----BEGIN RSA PRIVATE KEY-----",
+ "MIIEowIBAAKCAQEArNj19HxUgoznppnZvVGzr3C3LRfeDseAaUnyft5SR8GW75zh",
+ "bqOeloUCVq3JSqCJqf3Pb3i9SeAW7Wpt7FtwD5GVRCvVMUUOex0LsDs4VdBQ9tP9",
+ "GBC6LvOU8J5E8OZfRlQl09NjRvqRpWLBa8XrFB6aI3ZfLSHJ9ddzOacqYAz1Zj3n",
+ "jkUX+57HjAuhob12DOLcST8np6IcHoJfA2ejhORZElUecBULQIWzjTgJCFVZsNNN",
+ "itieqYrT7iRjpGvT8XAlVoZKP1viQhmqXAuzu+KWpcAVLlxNYh/iaZ6D4xqeKhNq",
+ "IJ1t1h/7IEPq76NtHl2/VJtbLXmmGPMZcYAbFwIDAQABAoIBAFCgG4phfGIxK9Uw",
+ "qrp+o9xQLYGhQnmOYb27OpwnRCYojSlT+mvLcqwvevnHsr9WxyA+PkZ3AYS2PLue",
+ "C4xW0pzQgdn8wENtPOX8lHkuBocw1rNsCwDwvIguIuliSjI8o3CAy+xVDFgNhWap",
+ "/CMzfQYziB7GlnrM6hH838iiy0dlv4I/HKk+3/YlSYQEvnFokTf7HxbDDmznkJTM",
+ "aPKZ5qbnV+4AcQfcLYJ8QE0ViJ8dVZ7RLwIf7+SG0b0bqloti4+oQXqGtiESUwEW",
+ "/Wzi7oyCbFJoPsFWp1P5+wD7jAGpAd9lPIwPahdr1wl6VwIx9W0XYjoZn71AEaw4",
+ "bK4xUXECgYEA3g2o9WqyrhYSax3pGEdvV2qN0VQhw7Xe+jyy98CELOO2DNbB9QNJ",
+ "8cSSU/PjkxQlgbOJc8DEprdMldN5xI/srlsbQWCj72wXxXnVnh991bI2clwt7oYi",
+ "pcGZwzCrJyFL+QaZmYzLxkxYl1tCiiuqLm+EkjxCWKTX/kKEFb6rtnMCgYEAx0WR",
+ "L8Uue3lXxhXRdBS5QRTBNklkSxtU+2yyXRpvFa7Qam+GghJs5RKfJ9lTvjfM/PxG",
+ "3vhuBliWQOKQbm1ZGLbgGBM505EOP7DikUmH/kzKxIeRo4l64mioKdDwK/4CZtS7",
+ "az0Lq3eS6bq11qL4mEdE6Gn/Y+sqB83GHZYju80CgYABFm4KbbBcW+1RKv9WSBtK",
+ "gVIagV/89moWLa/uuLmtApyEqZSfn5mAHqdc0+f8c2/Pl9KHh50u99zfKv8AsHfH",
+ "TtjuVAvZg10GcZdTQ/I41ruficYL0gpfZ3haVWWxNl+J47di4iapXPxeGWtVA+u8",
+ "eH1cvgDRMFWCgE7nUFzE8wKBgGndUomfZtdgGrp4ouLZk6W4ogD2MpsYNSixkXyW",
+ "64cIbV7uSvZVVZbJMtaXxb6bpIKOgBQ6xTEH5SMpenPAEgJoPVts816rhHdfwK5Q",
+ "8zetklegckYAZtFbqmM0xjOI6bu5rqwFLWr1xo33jF0wDYPQ8RHMJkruB1FIB8V2",
+ "GxvNAoGBAM4g2z8NTPMqX+8IBGkGgqmcYuRQxd3cs7LOSEjF9hPy1it2ZFe/yUKq",
+ "ePa2E8osffK5LBkFzhyQb0WrGC9ijM9E6rv10gyuNjlwXdFJcdqVamxwPUBtxRJR",
+ "cYTY2HRkJXDdtT0Bkc3josE6UUDvwMpO0CfAETQPto1tjNEDhQhT",
+ "-----END RSA PRIVATE KEY-----"
+ ]
+}
+```
+
+> `usage`: "encipherment" | "verify" | "issue"
+
+Purpose of the certificate. Default value `"encipherment"`. Choices are:
+
+* `"encipherment"`: Certificate is used for TLS authentication and encryption.
+* `"verify"`: Certificate is used for validating TLS certificates from remote peer. In this case, the certificate has to be a CA certificate.
+* `"issue"`: Certificate is used for issuing other certificates. In this case, the certificate has to be a CA certificate.
+
+{% hint style='info' %}
+
+On Windows, you have to install your CA certificate to system, in order to verify cerificates issued from the CA.
+
+{% endhint %}
+
+{% hint style='info' %}
+
+When there is a new client request, say for `serverName` = `"v2ray.com"`, V2Ray will find a certificate for `"v2ray.com"` first. If not found, V2Ray will try to issue a new certificate using any existing certificate whose `usage` is `"issue"` for `"v2ray.com"`. The new certificate expires in one hour, and will be added to certificate pool for later reuse.
+
+{% endhint %}
+
+> `certificateFile`: string
+
+File path to the certificate. If the certificate is generated by OpenSSL, the path ends with ".crt".
+
+{% hint style='info' %}
+
+Use `v2ctl cert -ca` command to generate a new CA certificate.
+
+{% endhint %}
+
+> `certificate`: \[ string \]
+
+List of strings as content of the certificate. See the example above. Either `certificate` or `certificateFile` must not be empty.
+
+> `keyFile`: string
+
+File path to the private key. If generated by OpenSSL, the file usually ends with ".key". Key file with password is not supported.
+
+> `key`: \[ string \]
+
+List of strings as content of the private key. See the example above. Either `key` or `keyFile` must not be empty.
+
+When `certificateFile` and `certificate` are both filled in. V2Ray uses `certificateFile`. Same for `keyFile` and `key`.
+
+{% hint style='info' %}
+
+When `usage` is `"verify"`, both `keyFile` and `key` can be empty.
+
+{% endhint %}
+
+### SockoptObject
+
+```javascript
+{
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+}
+```
+
+> `mark`: number
+
+An integer. If non-zero, the value will be set to out-going connections via socket option SO_MARK. This mechanism only applies on Linux and requires CAP_NET_ADMIN permission.
+
+> `tcpFastOpen`: true | false
+
+Whether or not to enable [TCP Fast Open](https://en.wikipedia.org/wiki/TCP_Fast_Open). When set to `true`, V2Ray enables TFO for current connection. When set to `false`, V2Ray disables TFO. If this entry doesn't exist, V2Ray uses default settings from operating system.
+
+* Only apply on the following operating systems:
+ * Windows 10 (1604) or later
+ * Mac OS 10.11 / iOS 9 or later
+ * Linux 3.16 or later: Enabled by system default.
+* Applicable for both inbound and outbound connections.
+
+> `tproxy`: "redirect" | "tproxy" | "off"
+
+Whether or not to enable transparent proxy on Linux. Choices are:
+
+* `"off"`: Default value. Not enable TProxy at all.
+* `"redirect"`: Enable TProxy with Redirect mode. Supports TCP/IPv4 and UDP traffic.
+* `"tproxy"`: Enable TProxy with TProxy mode. Supports TCP and UDP traffic.
+
+Transparent proxy requires Root or CAP\_NET\_ADMIN permission.
+
+{% hint style='info' %}
+
+If `TProxy` is not set, and `allowRedirect` is set in [dokodemo-door](protocols/dokodemo.md), the value of `TProxy` will be set to `"redirect"` automatically.
+
+{% endhint %}
diff --git a/en/configuration/transport/domainsocket.md b/en/configuration/transport/domainsocket.md
new file mode 100644
index 000000000..eae42d832
--- /dev/null
+++ b/en/configuration/transport/domainsocket.md
@@ -0,0 +1,30 @@
+---
+refcn: chapter_02/transport/domainsocket
+refen: configuration/transport/domainsocket
+---
+
+# Domain Socket Transport
+
+Domain Socket uses standard Unix domain socket to transport data. Domain socket is system interal tranfer channel. It doesn't jam network buffer and may be a bit faster than trasnferring through local loopback network.
+
+Domain socket can only be used on platforms that supports Unix domain socket, such as macOS and Linux. It is not available on Windows.
+
+{% hint style='info' %}
+
+When domain socket is used, IP and port specified on the inbound/outbound proxy will be ignored. All traffic is tunneled through the domain socket.
+
+{% endhint %}
+
+## DomainSocketObject
+
+`DomainSocketObject` is used in `dsSettings` field in `TransportObject` and `StreamSettingsObject`.
+
+```javascript
+{
+ "path": "/path/to/ds/file"
+}
+```
+
+> `path`: string
+
+An valid absolute file path. Before running V2Ray, the file on this path must not exist.
diff --git a/en/configuration/transport/h2.md b/en/configuration/transport/h2.md
index 938ff985c..0719193b3 100644
--- a/en/configuration/transport/h2.md
+++ b/en/configuration/transport/h2.md
@@ -1,10 +1,17 @@
-# HTTP/2 Transport
+---
+refcn: chapter_02/transport/h2
+refen: configuration/transport/h2
+---
- [](https://www.v2ray.com/chapter_02/transport/h2.html)
+# HTTP/2 Transport
HTTP/2 transport is added in V2Ray 3.17. It is based on standard HTTP/2, and can be proxies through other HTTP server, such as Nginx.
-Configuration:
+Due to HTTP/2 recommandation, the corressponding inbound and outbound must enable TLS to use this transport.
+
+## HttpObject
+
+`DomainSocketObject` is used in `httpSettings` field in `TransportObject` and `StreamSettingsObject`.
```javascript
{
@@ -13,12 +20,10 @@ Configuration:
}
```
-Where:
+> `host`: \[ string \]
-* `host`: A string array. Each element is a domain. Client picks up a domain at random for each request. Server checks whether the domain in incoming request is in the list.
-* `path`: HTTP path. Client and server must have the same value.
+A string array. Each element is a domain. Client picks up a domain at random for each request. Server checks whether the domain in incoming request is in the list.
-## Tips
+> `path`: string
-* Both client and server must enable TLS for communication.
-* This transport is currently in beta. It may have many bugs. It may also be changed in the future.
+HTTP path. Client and server must have the same value.
diff --git a/en/configuration/transport/mkcp.md b/en/configuration/transport/mkcp.md
index 8e671a9aa..b35134996 100644
--- a/en/configuration/transport/mkcp.md
+++ b/en/configuration/transport/mkcp.md
@@ -1,8 +1,13 @@
-# mKCP 传输方式
+---
+refcn: chapter_02/transport/mkcp
+refen: configuration/transport/mkcp
+---
-mKCP 使用 UDP 来模拟 TCP 连接,请确定主机上的防火墙配置正确。
+# mKCP Transport
-配置:
+mKCP is a reliable stream transport. It is an UDP based protocol. mKCP sends more traffic for lower latency. To transfer the same amount of data, mKCP usually requires more throughput than TCP does.
+
+## KcpObject
```javascript
{
@@ -19,28 +24,65 @@ mKCP 使用 UDP 来模拟 TCP 连接,请确定主机上的防火墙配置正
}
```
-其中:
-
-* `mtu`: 最大传输单元(maximum transmission unit),请选择一个介于 `576` - `1460` 之间的值。默认值为 `1350`。
-* `tti`: 传输时间间隔(transmission time interval),单位毫秒(ms),mKCP 将以这个时间频率发送数据。请选译一个介于 `10` - `100` 之间的值。默认值为 `50`。
-* `uplinkCapacity`: 上行链路容量,即主机发出数据所用的最大带宽,单位 MB/s,默认值 `5`。
- * 注意是 Byte 而非 bit;
- * 可以设置为 `0`,表示一个非常小的带宽;
-* `downlinkCapacity`: 下行链路容量,即主机接收数据所用的最大带宽,单位 MB/s,默认值 `20`。
- * 注意是 Byte 而非 bit;
- * 可以设置为 `0`,表示一个非常小的带宽;
-* `congestion`: 是否启用拥塞控制,默认值为 `false`。
- * 开启拥塞控制之后,V2Ray 会自动监测网络质量,当丢包严重时,会自动降低吞吐量;当网络畅通时,也会适当增加吞吐量。
-* `readBufferSize`: 单个连接的读取缓冲区大小,单位是 MB。默认值为 `2`。
-* `writeBufferSize`: 单个连接的写入缓冲区大小,单位是 MB。默认值为 `2`。
-* `header`: 数据包头部伪装设置:
- * `type`: 伪装类型,可选的值有:
- * `"none"`: 默认值,不进行伪装,发送的数据是没有特征的数据包。
- * `"srtp"`: 伪装成 SRTP 数据包,会被识别为视频通话数据(如 FaceTime)。
- * `"utp"`: 伪装成 uTP 数据包,会被识别为 BT 下载数据。
- * `"wechat-video"`: 伪装成微信视频通话的数据包。
-
-## 配置建议
-
-* `uplinkCapacity` 和 `downlinkCapacity` 决定了 mKCP 的传输速度。以客户端发送数据为例,客户端的 `uplinkCapacity` 指定了发送数据的速度,而服务器端的 `downlinkCapacity` 指定了接收数据的速度。两者的值以较小的一个为准。推荐把 `downlinkCapacity` 设置为一个较大的值,比如 100,而 `uplinkCapacity` 设为实际的网络速度。当速度不够时,可以逐渐增加 `uplinkCapacity` 的值,直到带宽的两倍左右。
-* `readBufferSize` 和 `writeBufferSize` 指定了单个连接所使用的内存大小。在需要高速传输时,指定较大的 `readBufferSize` 和 `writeBufferSize` 会在一定程度上提高速度,但也会使用更多的内存。在网速不超过 20MB/s 时,默认值 1MB 可以满足需求;超过之后,可以适当增加 `readBufferSize` 和 `writeBufferSize` 的值,然后手动平衡速度和内存的关系。
+> `mtu`: number
+
+Maximum transmission unit. It indicates the maxium number bytes that an UDP packet can carry. Recommended value is between `576` and `1460`. Default value `1350`.
+
+> `tti`: number
+
+Transmission time interval, in milli-second. mKCP sends data in this interval. Recommended value is between `10` and `100`. Default value `50`.
+
+> `uplinkCapacity`: number
+
+Uplink bandwidth, in MB/s. The maximum bandwidth for the V2Ray instance to upload data to a remote one. Default value is `5`. Please note it is byte (in MB/s), not bit. One may use value `0` for a small bandwidth.
+
+> `downlinkCapacity`: number
+
+Downlink bandwidth, in MB/s. The maximum bandwidth for the V2Ray instance to download data. Default value is `20`. Please note it is byte (in MB/s), not bit. One may use value `0` for a small bandwidth.
+
+{% hint style='info' %}
+
+`uplinkCapacity` and `downlinkCapacity` determine the speed of mKCP. On client side, `uplinkCapacity` specifies the speed for client sending data to server. On sever side, `downlinkCapacity` specifies the speed of server receiving data. The minimum of this pair is effective in an actual connection.
+
+{% endhint %}
+
+> `congestion`: true | false
+
+Whether or not to enable congestion control. Default value is `false`. When congestion control is enabled, V2Ray will detect network quality. It will send less packets when packet loss is severe, or more data when network is not fully filled.
+
+> `readBufferSize`: number
+
+Read buffer size for a single connection, in MB. Default value is `2`.
+
+> `writeBufferSize`: number
+
+Write buffer size for a single connection, in MB. Default value is `2`.
+
+> `header`: [HeaderObject](#headerobject)
+
+Configuration for packet header obfuscation.
+
+### HeaderObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: string
+
+Type of obfuscation. Corresponding inbound and outbound proxy must have the same settings. Choices are:
+
+* `"none"`: Default value. No obfuscation is used.
+* `"srtp"`: Obfuscated as SRTP traffic. It may be recognized as video calls such as Facetime.
+* `"utp"`: Obfuscated as uTP traffic. It may be recognized as Bittorrent traffic.
+* `"wechat-video"`: Obfuscated to WeChat traffic.
+* `"dtls"`: Obfuscated as DTLS 1.2 packets.
+* `"wireguard"`: Obfuscated as WireGuard packets. (NOT true WireGuard protocol)
+
+## Credits {#credits}
+
+* @skywind3000 invented the original KCP protocol and implemented in C.
+* @xtaci re-implement KCP protocol in Go.
+* @xiaokangwang integrated KCP into V2Ray.
diff --git a/en/configuration/transport/quic.md b/en/configuration/transport/quic.md
new file mode 100644
index 000000000..6b70558d0
--- /dev/null
+++ b/en/configuration/transport/quic.md
@@ -0,0 +1,76 @@
+---
+refcn: chapter_02/transport/quic
+refen: configuration/transport/quic
+---
+
+# QUIC
+
+QUIC, or Quick UDP Internet Connection, is a multiplexing transport based on UDP, initially designed, implemented, and deployed by Google.
+
+QUIC has the following advantages:
+
+1. Reduced number of roundtrips in handshake phase. (1-RTT or 0-RTT)
+1. Multiplexing without head of line blocking as in TCP
+1. Connection migration, especially for clients. For example, connections don't break when device moves from Wi-Fi to 4G.
+
+QUIC is now an experiment in V2Ray. It implements IETF specification. As the spec is still being standardized, compatibility can't be guaranteed.
+
+## Update History
+
+V2Ray 4.7:
+
+* Initial version to support QUIC.
+* Default settings:
+ * 12 byte Connection ID
+ * Connection timeout in 30 seconds if no data traffic. (May have impact on some long HTTP connections)
+
+## QuicObject
+
+QUIC is used as `quicSettings` in transport settings. The configuration must be exactly the same between connecting peers.
+
+QUIC requires TLS. If TLS is not enabled in transport settings, V2Ray will automatically issue a TLS certificate for it. When QUIC transport is used, encryption in VMess can be turned off.
+
+```javascript
+{
+ "security": "none",
+ "key": "",
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `security`: "none" | "aes-128-gcm" | "chacha20-poly1305"
+
+Extra encryption over entire QUIC packet, include the frame head part. Default value is "none" for no encryption. After being encrypted, QUIC packets can't be sniff'ed.
+
+> `key`: string
+
+Key for the encryption above. Can be any string. Only effective when `security` is not `"none"`.
+
+> `header`: [HeaderObject](#headerobject)
+
+Configuration for packet header obfuscation.
+
+### HeaderObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: string
+
+Type of obfuscation. Corresponding inbound and outbound proxy must have the same settings. Choices are:
+
+* `"none"`: Default value. No obfuscation is used.
+* `"srtp"`: Obfuscated as SRTP traffic. It may be recognized as video calls such as Facetime.
+* `"utp"`: Obfuscated as uTP traffic. It may be recognized as Bittorrent traffic.
+* `"wechat-video"`: Obfuscated to WeChat traffic.
+* `"dtls"`: Obfuscated as DTLS 1.2 packets.
+* `"wireguard"`: Obfuscated as WireGuard packets. (NOT true WireGuard protocol)
+
+{% hint style='info' %}
+When neither encryption nor obfuscation is enabled, QUIC transport is compatible with other QUIC tools. However it is recommended to enable either or both for better undetectable communication.
+{% endhint %}
diff --git a/en/configuration/transport/tcp.md b/en/configuration/transport/tcp.md
index eedfc8389..180304e4d 100644
--- a/en/configuration/transport/tcp.md
+++ b/en/configuration/transport/tcp.md
@@ -1,8 +1,11 @@
-# TCP Transport
+---
+refcn: chapter_02/transport/tcp
+refen: configuration/transport/tcp
+---
- [](https://www.v2ray.com/chapter_02/transport/tcp.html)
+# TCP Transport
-Configuration:
+## TcpObject
```javascript
{
@@ -12,59 +15,116 @@ Configuration:
}
```
-Where:
+> `header`: NoneHeaderObject | HttpHeaderobject
+
+Header obfuscation. Default value is `NoneHeaderObject`.
+
+### NoneHeaderObject
+
+No header obfuscation.
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none"
-* `header`: Header obfuscation settings:
- * `type`: Type of obfuscation. Choices are:
- * `"none"`: Default. No obfuscation at all.
- * `"http"`: HTTP obfuscation. See below.
+Disable header obfuscation.
-## HTTP obfuscation
+### HttpHeaderObject
-HTTP obfuscation must be configured (and matching) for the inbound and outbound of the connecting peers.
+HTTP header obfuscation. The configuration must be the same between connecting inbound and outbound.
```javascript
{
"type": "http",
- "request": {
- "version": "1.1",
- "method": "GET",
- "path": ["/"],
- "headers": {
- "Host": ["www.baidu.com", "www.bing.com"],
- "User-Agent": [
- "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36",
- "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
- ],
- "Accept-Encoding": ["gzip, deflate"],
- "Connection": ["keep-alive"],
- "Pragma": "no-cache"
- }
- },
- "response": {
- "version": "1.1",
- "status": "200",
- "reason": "OK",
- "headers": {
- "Content-Type": ["application/octet-stream", "video/mpeg"],
- "Transfer-Encoding": ["chunked"],
- "Connection": ["keep-alive"],
- "Pragma": "no-cache"
- }
+ "request": {},
+ "response": {}
+}
+```
+
+> `type`: "http"
+
+Enable HTTP header obfuscation.
+
+> `request`: [HTTPRequestObject](#httprequestobject)
+
+HTTP request template.
+
+> `response`: [HTTPResponseObject](#httpresponseobject)
+
+HTTP response template.
+
+### HTTPRequestObject
+
+```javascript
+{
+ "version": "1.1",
+ "method": "GET",
+ "path": ["/"],
+ "headers": {
+ "Host": ["www.baidu.com", "www.bing.com"],
+ "User-Agent": [
+ "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36",
+ "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
+ ],
+ "Accept-Encoding": ["gzip, deflate"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
}
}
```
-其中:
-
-* `type`: same `type` entry as in `tcpSettings`.
-* `request`: HTTP request settings:
- * `version`: HTTP version, default value `"1.1"`
- * `method`: HTTP method, default value `"GET"`。
- * `path`: Path. A string array. Default value is `["/"]`. When there are multiple values, value is picked up randomly for each request.
- * `headers`: HTTP headers. It is a key value pair. Each key is key of the HTTP header, and value is the value of the HTTP header. When multiple values are set, the effetive value is picked up randomly for each request. Default settings is same as the example above.
-* `response`: HTTP response.
- * `version`: HTTP version. Default value is `"1.1"`.
- * `status`: HTTP status. Default value is `"200"`.
- * `reason`: HTTP status text. Default value is `"OK"`.
- * `headers`: HTTP header. Same as request headers, but for response.
+> `version`: string
+
+HTTP version. Default value is `"1.1"`.
+
+> `method`: string
+
+HTTP method. Default value is `"GET"`。
+
+> `path`: \[ string \]
+
+HTTP path. An array is string. The path will be chosen randomly for every connection.
+
+> `headers`: map{string, \[ string \] }
+
+HTTP header. The key of each entry is the key of HTTP header. The value of each entry is a list of strings. The actual HTTP header value will be chosen randomly from the list for each connection. Default value is the values in the example above.
+
+In a connection, all keys in the specified map will be set to the HTTP header.
+
+### HTTPResponseObject
+
+```javascript
+{
+ "version": "1.1",
+ "status": "200",
+ "reason": "OK",
+ "headers": {
+ "Content-Type": ["application/octet-stream", "video/mpeg"],
+ "Transfer-Encoding": ["chunked"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
+ }
+}
+```
+
+> `version`: string
+
+HTTP version. Default value is `"1.1"`.
+
+> `status`: string
+
+HTTP status. Default value is `"200"`
+
+> `reason`: string
+
+HTTP status message. Default value is `"OK"`.
+
+> `headers`: map{string, string}
+
+HTTP header. The key of each entry is the key of HTTP header. The value of each entry is a list of strings. The actual HTTP header value will be chosen randomly from the list for each connection. Default value is the values in the example above.
+
+In a connection, all keys in the specified map will be set to the HTTP header.
diff --git a/en/configuration/transport/websocket.md b/en/configuration/transport/websocket.md
index 45e75041c..778d69015 100644
--- a/en/configuration/transport/websocket.md
+++ b/en/configuration/transport/websocket.md
@@ -1,25 +1,35 @@
-# WebSocket
+---
+refcn: chapter_02/transport/websocket
+refen: configuration/transport/websocket
+---
- [](https://www.v2ray.com/chapter_02/transport/websocket.html)
+# WebSocket
Use standard WebSocket to transport data. Websocket connections can be proxied by HTTP server such as Nginx.
-Configuration:
+## WebSocketObject
+
+`WebSocketObject` is used as `wsSettings` in `TransportObject` or `StreamSettingsObject`.
+
+{% hint style='info' %}
+
+Websocket recognizes HTTP header X-Forwarded-For, and uses it as inbound source address.
+
+{% endhint %}
```javascript
{
- "path": "",
+ "path": "/",
"headers": {
"Host": "v2ray.com"
}
}
```
-Where:
+> `path`: string
-* `path`: Path used for WebSocket. Default to root, as `""`。
-* `headers`: Custom HTTP header. An array where each entry is a key value pair in string, for header and value in HTTP header. Default is empty.
+Path used for WebSocket. Default to root, as `"/"`.
-## Notice
+> `headers`: map{string, string}
-* Since V2Ray 3.4, Websocket recognizes X-Forwarded-For header and use it as source address of the traffic.
+Custom HTTP header. An array where each entry is a key value pair in string, for header and value in HTTP header. Default is empty.
diff --git a/en/developer/tools.md b/en/developer/tools.md
new file mode 100644
index 000000000..4795af520
--- /dev/null
+++ b/en/developer/tools.md
@@ -0,0 +1,14 @@
+# Tools
+
+## Third Party SDK
+
+* C#: [v2ray-dotnet-sdk](https://github.com/techotaku/v2ray-dotnet-sdk)
+
+## Automation
+
+V2Ray uses the following automation tools for build and releases.
+
+* [Bazel](https://bazel.build/): Build & package.
+* [Azure DevOps](https://dev.azure.com/): Automated releases.
+* [Google Cloud](https://cloud.google.com/): Automated releases.
+* [CloudFlare](https://cloudflare.com/): Official site and domain.
diff --git a/en/resources/direct.png b/en/resources/direct.png
deleted file mode 100644
index 14c42bb93..000000000
Binary files a/en/resources/direct.png and /dev/null differ
diff --git a/en/resources/direct.svg b/en/resources/direct.svg
deleted file mode 100644
index f1f72cc11..000000000
--- a/en/resources/direct.svg
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-
-
diff --git a/en/resources/relay.png b/en/resources/relay.png
deleted file mode 100644
index 619ee5cb2..000000000
Binary files a/en/resources/relay.png and /dev/null differ
diff --git a/en/resources/relay.svg b/en/resources/relay.svg
deleted file mode 100644
index fc2e898a4..000000000
--- a/en/resources/relay.svg
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-
-
diff --git a/en/styles/website.css b/en/styles/website.css
index 89fe1f8a0..d8d13000a 100644
--- a/en/styles/website.css
+++ b/en/styles/website.css
@@ -1,18 +1,35 @@
-.book {
- font-family:
- -apple-system, BlinkMacSystemFont,
- "Segoe UI", "Roboto", "Oxygen",
- "Ubuntu", "Cantarell", "Fira Sans",
- "Droid Sans", "Helvetica Neue", sans-serif;
- font-weight: 400;
+.book-summary {
+ font-family: "Helvetica Neue", "Open Sans", sans-serif;
+ font-size: 14px;
}
-.markdown-section * {
- font-size: 16px;
+.book-header .btn {
+ padding: 0 5px;
+}
+
+.markdown-section {
+ font-family: "Helvetica Neue", "Open Sans", sans-serif;
+ font-weight: 400;
+ font-size: 14px;
}
-.markdown-section code {
- font-family: "Source Code Pro", Inconsolata, Consolas, "Droid Sans Mono", "Courier New", monospace;
+.markdown-section pre>code {
+ font-family: "Source Code Pro", monospace;
font-weight: 400;
font-size: 14px;
}
+
+.markdown-section code:not([class]) {
+ white-space: nowrap;
+ padding: 0;
+}
+
+.markdown-section blockquote {
+ margin: 0;
+ margin-bottom: .85em;
+ padding: 0 15px;
+ border-left: 4px solid #64b5f6;
+ border-top: 1px solid #64b5f6;
+ color: #000000;
+ margin-top: 10px;
+}
diff --git a/en/ui_client/service.md b/en/ui_client/service.md
deleted file mode 100644
index 49a732cf0..000000000
--- a/en/ui_client/service.md
+++ /dev/null
@@ -1,21 +0,0 @@
-# Online services
-
- [](https://www.v2ray.com/ui_client/service.html)
-
-## V2Ray related
-
-* [Configuration generator](https://htfy96.github.io/v2ray-config-gen/)
-* [UUID Generator](https://www.uuidgenerator.net/)
-
-## Domains
-
-* [Let's Encrypt](https://letsencrypt.org/): Free TLS certificates
-
-## VPS
-
-* [Vultr](https://www.vultr.com/?ref=7269307)
-
-## Cryptocurrency
-
-* [LocalBitcoins](https://localbitcoins.com/?ch=khtm): Trade Bitcoins offline
-* [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g): Trade BTC, ETH, BCH, USDT offline.
diff --git a/en/welcome/command.md b/en/welcome/command.md
index da6de70b5..a8a0a83cd 100644
--- a/en/welcome/command.md
+++ b/en/welcome/command.md
@@ -1,6 +1,9 @@
-# Commandline
+---
+refcn: chapter_00/command
+refen: welcome/command
+---
- [](https://www.v2ray.com/chapter_00/command.html)
+# Commandline
## V2Ray
@@ -10,46 +13,138 @@ V2Ray has the following commandline parameters:
v2ray [-version] [-test] [-config=config.json] [-format=json]
```
-Where:
+> `-version`
+
+Print the version of V2Ray only, and then exit.
+
+> `-test`
+
+Test configuration, output any errors and then exit.
+
+> `-config`
+
+URI of the configuration. Avilable formats are:
+
+* Path to the local config file. May be a relative path or absolute path.
+* `"stdin:"`: Indicates V2Ray to read configuration from standard input. Caller must close stdin after writing out configuration.
+* Value begins with `http://` or `https://` (lowercase): V2Ray tries to load configuration from the remote address.
+
+> `-format`
+
+Configuration format. Choices are:
+
+* `json`: JSON format.
+* `pb` or `protobuf`: Protobuf format.
+
+{% hint style='info' %}
+
+When `-config` is not specified, V2Ray first tries to load configuration from `config.json` under working directory, then from the directory specified by [environment variable](../configuration/env.md) `v2ray.location.asset`.
-* `-version`: Print the version of V2Ray only, and then exit.
-* `-test`: Test configuration, output any errors and then exit.
-* `-config`: URI of the configuration.
- * When its value is `stdin:`, V2Ray reads configuration from standard input. Caller must close stdin after writing out configuration.
- * (3.17+) When its value begins with `http://` or `https://` (lowercase), V2Ray tries to load configuration from the remote address.
- * When not set, V2Ray first tries to load configuration from `config.json` under working directory, then from the directory specified by environment variable `v2ray.location.asset`.
-* `-format`: Configuration format. Choices are:
- * `json`: JSON format.
- * `pb` or `protobuf`: Protobuf format.
+{% endhint %}
## V2Ctl
-V2Ctl has the following commandline parameters:
+V2Ctl is a collection of commandline tools. It runs in the following way:
-```shell
+```bash
v2ctl
```
-Available commands are listed below. Each command has its own options.
+> `command`
-### Verify
+Subcommand. Available values are below:
-`v2ctl verify [--sig=/path/to/sigfile] /file/to/verify`
+* `api`: Invoke remote control commands in V2Ray instances.
+* `config`: Convert configuration from JSON format to protobuf.
+* `cert`: Generate TLS certificates.
+* `fetch`: Fetch remove resources.
+* `tlsping`: (V2Ray 4.17+) Test TLS handshake.
+* `verify`: Verify the signature of V2Ray releases.
+* `uuid`: Generate UUID.
-To verify the signature of a V2Ray binary.
+### V2Ctl Api
-Options:
+`v2ctl api [--server=127.0.0.1:8080] `
-* `sig`:Path to signature file. Default value is the ".sig" file to the path to be verified.
-* First argument: the file to be verified.
+Invoke remote control commands in V2Ray instances. Example:
-### Config
+`v2ctl api --server=127.0.0.1:8080 LoggerService.RestartLogger ''`
+
+### V2Ctl Config
`v2ctl config`
-No options. This command reads configuration in JSON format from stdin, and then write corresponding configuration in Protobuf format to stdout.
+No option for this command. It reads JSON configuration from stdin, and print out corresponding Protobuf to stdout, if succeeds.
+
+### V2Ctl Cert
+
+`v2ctl cert [--ca] [--domain=v2ray.com] [--expire=240h] [--name="V2Ray Inc"] [--org="V2Ray Inc] [--json] [--file=v2ray]`
+
+Generates a TLS certificate based on options.
+
+> `--ca`
+
+If specified, the certificate will be a CA certificate.
+
+> `--domain`
+
+Alternative Names in the certificate. This option can be used multiple times for multiple domains. For example: `--domain=v2ray.com --domain=v2ray.cool`.
+
+> `--expire`
+
+Expire date of the certificate. Value is a [Golang duration](https://golang.org/pkg/time/#ParseDuration).
+
+> `--name`
+
+Command Name in the certificate.
+
+> `--org`
+
+Orgnization in the certificate.
+
+> `--json`
+
+If specified, the certificate will be printed to stdout in the JSON format that is used in V2Ray.
+
+> `--file`
+
+Prints the certificate into files. When `--file=a`, two files named `a_cert.pem` and `a_key.pem` will be generated.
+
+### V2Ctl Fetch
+
+`v2ctl fetch `
+
+Fetch remove resources and print to stdout. Only HTTP and HTTPS URL are supported.
+
+### V2Ctl TlsPing
+
+`v2ctl tlsping --ip=[ip]`
+
+Test TLS handlshake with specific domain.
+
+> domain
+
+Target domain for the TLS handshake.
+
+> --ip
+
+The IP address of the domain. If not specifed, V2Ctl resolves it through system DNS.
+
+### V2Ctl Verify
+
+`v2ctl verify [--sig=/path/to/sigfile] `
+
+To verify the signature of a V2Ray binary.
+
+> `--sig`
+
+Path to signature file. Default value is the ".sig" file to the path to be verified.
+
+> `filepath`
+
+The file to be verified.
-### UUID
+### V2Ctl UUID
`v2ctl uuid`
diff --git a/en/welcome/donate.md b/en/welcome/donate.md
index 15444e914..474b55ef0 100644
--- a/en/welcome/donate.md
+++ b/en/welcome/donate.md
@@ -1,62 +1,77 @@
+---
+refcn: chapter_00/02_donate
+refen: welcome/donate
+---
+
# Donation
- [](https://www.v2ray.com/chapter_00/02_donate.html)
+V2Ray is a nonprofit project. The source code and its release binary can be used freely (mainly) under MIT licence. If you like this project, you may buy us a cup of coffee.
+
+Your donation has no direct connection to Project V's development and service. Our development will not be influenced by your donation. However, we will send a thank-you email for every donor. If you wish not to receive such email, please leave a note in your donation.
+
+For any donation worth more than $50, you may choose one of the following:
+
+* Your name or your company log shown on our front page for one month.
+* Modify our codebase as you wish. Restrictions: No user facing functionlity changes; no documentation changes. Your change will stay for a month.
+
+## The Usual Way {#usual-way}
+
+> Paypal
+
+You may donate through [internal Paypal transfer](https://www.paypal.me/ProjectV2Ray/25) or [credit card](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&amount=25¤cy_code=usd&hosted_button_id=4TU3UKYANT2WY)
+
+Please kindly note that Paypal charges high service fee. Any donation less than 1 USD is meaningless.
+
+> Patreon
+
+[Patreon](https://www.patreon.com/v2ray) is a platform for regular donations. You may use Patreon if you want to donate frequently.
+
+> Giftcard
+
+For now we only receive giftcard for Amazon US. You may purchase it [at Amazon.com](https://www.amazon.com/Amazon-eGift-Card-Birthday-Balloons/dp/B01FIS88SY) and then send to `love@v2ray.com`.
+
+## Cryptocurrency {#crypto}
+
+Cryptocurrency is a more reliable way for international transactions. Crypto-wallet is usually anonymous and your donation is not traceable.
+
+Due to the anonymity natural of cryptocurrenty, please send us an email before your donation, if you want to receive the thank-you email.
+
+> Bitcoin
+
+Address: `3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM`
+
+View stats or QR-Code [at BlockChain](https://www.blockchain.com/btc/address/3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM)
-Project V is a nonprofit project. The source code and program can be used freely under MIT licence. If you like this project, you may buy us a cup of coffee.
+> Bitcoin Cash
-Notes:
+Address: `15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97`
-* The usage of donations will not be published.
-* Your donation has no direct connection to Project V's development and service.
-* All donations are listed below with sensitive information masked out. If you wish to be listed in other ways, please mention it when making the donation.
-* Thank you for loving Project V.
+View stats or QR-Code [at BlockChain](https://explorer.bitcoin.com/bch/address/15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97)
-## The Usual Way
+> Ethereum
-Amount: USD
+Address: `0x112ee71189704fe04cabed4aa045f4461c8c8696`
-\* Donations that less than 1 USD may be refunded due to high service fees, and will not be listed in the sponsor list below.
+View stats or QR-Code [at BlockChain](https://www.blockchain.com/eth/address/0x112ee71189704fe04cabed4aa045f4461c8c8696). You may also send the following ERC20 tokens to this address: OMG, REP, GNT, DGD
-
+Address: `LVdeH2HkCgGRs8ZEpan7fkAEEPbiJ4McoR`
-Donate via:
+> Monero
-
+Address: `48kA4NyLRCWQvB7U2A77G66Z25uWbyzmoZSYjxJfrMR1J4dRFW6fWFLDn3wirAqP8ySnR4rnvoXWxfkNFhrK5ZxY1WyBqKg`
-## Cryptocurrency
+> Ripple
-* Bitcoin: [15dQnC9yvX6JJXaFkP9MiRYvJS3FvsqvKW](https://blockchain.info/address/15dQnC9yvX6JJXaFkP9MiRYvJS3FvsqvKW)
-* Bitcoin Case: [1NNRgpWYD8UX1bkcokCEoD6HHpaw98onxa](https://blockdozer.com/insight/address/1NNRgpWYD8UX1bkcokCEoD6HHpaw98onxa)
-* Ethereum: [0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e](https://etherscan.io/address/0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e)
-* Litecoin: [LVdeH2HkCgGRs8ZEpan7fkAEEPbiJ4McoR](https://insight.litecore.io/address/LVdeH2HkCgGRs8ZEpan7fkAEEPbiJ4McoR)
-* Monero: 48kA4NyLRCWQvB7U2A77G66Z25uWbyzmoZSYjxJfrMR1J4dRFW6fWFLDn3wirAqP8ySnR4rnvoXWxfkNFhrK5ZxY1WyBqKg
-* EOS: [0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e](https://etherscan.io/token/EOS?a=0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e)
-* OMG: [0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e](https://etherscan.io/token/OmiseGo?a=0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e)
+Address: `r439fPk8DzCf4nSxkpfodEuE2cG4KVZQHq`
-## Thank you for your donation
+Tag not required
-The list is updated on average once every week. Please be patient to see your name.
+> Other
-{% include "../donor.md" %}
+Please send us an email at `love@v2ray.com` if you want to donate other kind of coins.
diff --git a/en/welcome/faq.md b/en/welcome/faq.md
index a339d2a6c..6c75b771d 100644
--- a/en/welcome/faq.md
+++ b/en/welcome/faq.md
@@ -1,18 +1,67 @@
-# 常见问题
+---
+refcn: chapter_00/faq
+refen: welcome/faq
+---
-## 制作 V2Ray 的目的是什么?
+# Frequently Asked Questions (FAQ)
-对于已公开的合法信息,人民有自由获取的权利。同时,人民也有言论自由的权利。
+## V2Ray Usage
-## 是否反对管制?
+### How to upgrade V2Ray
-不反对管制。事实上任何事物都需要管制,以减少大众的生活成本,比如奶粉。但监管需要有法可依、有据可循。民众都认可的监管方式也是合理的,可接受的。
+* Download latest package, or
+* Re-run installation script (Linux only)
-## V2Ray 由谁主导开发?
+### V2Ray Crashes
-我们是一群爱好自由的人们。由于政策压力,我们倾向于保持匿名,尽可能地不透露任何身份信息。
+* If you are using Linux with systemd, you can see panic log using command `journalctl -u v2ray`.
+* In general you can run command `v2ray -config= -test` to see error information.
-## V2Ray 是免费的吗?
+### Backward Compatibility
-核心代码以及官方客户端将永久免费,之后会考虑提供收费的附加服务。
+* For configuration file (e.g., JSON), backward compatibility applies to at least one major releases. For example, V2Ray 4.x supports config files from V2Ray 3.x.
+* For Protobuf based communication protocols, such as [Api](../configuration/api.md), backward compatibility applies to at least one major releases.
+* For binary based commnunication protocols, such as Shadowsocks and VMess, it is always backward compatible when server version is not older than clients. When client version is newer, backward compatibility applies to at least 12 minor releases.
+## V2Ray Errors
+
+### Socks: Unknown Socks version: 67
+
+Possible causes
+
+* You are using socks inbound in V2Ray, but your browser is configured to use HTTP proxy.
+
+Solution
+
+* Add a HTTP inbound in V2Ray, and then update your browser proxy settings to use this proxy.
+
+## License of this project
+
+Project V uses the following license.
+
+### V2Ray
+
+Source code and official releases are licensed under MIT license, including the source code and releases in the following repository.
+
+* [v2ray/v2ray-core](https://www.github.com/v2ray/v2ray-core/)
+* [v2ray/ext](https://www.github.com/v2ray/ext)
+
+### V2Ray.Com
+
+Official website, [v2ray.com](https://www.v2ray.com/), is licensed under [Creative Commons Attribution 4.0 International License](https://creativecommons.org/licenses/by/4.0/).
+
+* Including all visible text and pictures on the website.
+* Including Project V logo.
+* Including all source code that is used for generating the website, i.e., [v2ray/manual](https://www.github.com/v2ray/manual).
+
+### Screenshot and other files {#screenshots}
+
+All third party files listed below belong to their creator. Whoever creates the file owns the file.
+
+* Including all screenshots of Project V.
+* Including all configuration files that are used to run Project V.
+* Including all logs generated by Project V during runtime.
+
+### Other content {#other}
+
+All content that are not mentioned above will be licensed case by case.
diff --git a/en/welcome/help.md b/en/welcome/help.md
index 1b53aa3a3..4a303febe 100644
--- a/en/welcome/help.md
+++ b/en/welcome/help.md
@@ -1,17 +1,117 @@
-# Support
+---
+refcn: chapter_00/help
+refen: welcome/help
+---
- [](https://www.v2ray.com/chapter_00/help.html)
+# Support
-Please read the following guidelines for better discussion quality and quicker solution.
+Project V provides multiple methods for communications.
-## Language
+{% hint style='info' %}
Project V team supports Chinese and English. Please choose either one that you are familiar with for questions.
-## Ways to get support
+{% endhint %}
+
+## Github issues
+
+We uses several repositories for different type of discussions.
+
+* [Code issues](https://github.com/v2ray/v2ray-core/issues)
+ * Only used for coding questions, such as bug.
+* [Roadmap](https://github.com/v2ray/planning/issues)
+* [General discussion](https://github.com/v2ray/discussion/issues)
+
+## Telegram
+
+Project V provides the following groups for different type of discussions.
+
+* [Usage](https://t.me/v2fly_chat)
+ * Only for Project V related topics.
+* [Others](https://t.me/joinchat/DNcazUIYaH80uVfeS716jg)
+ * For other topics.
+
+Topics in these groups are mainly in Chinese. Feel free to setup groups in your own language and let us know.
+
+{% hint style='danger' %}
+
+All discussion groups forbid the following topics: adult content, politics, hate speeches. Senders of these topics will be banned immedietely.
+
+{% endhint %}
+
+Please also follow [Project V Announcement](https://t.me/v2fly) for news.
+
+## Twitter
+
+[ProjectV2Ray](https://twitter.com/projectv2ray) for regular communications.
+
+## Email
+
+Please send a message to one of the address below, if you'd like to talk to V2Ray team privately.
+
+`love@v2ray.com`: Main email address for communication. Checked every day.
+
+`v2ray@protonmail.com`: A [ProtonMail](https://protonmail.com/) mailbox which employs end to end encryption. It is difficult to use, and only being checked occasionally.
+
+{% hint style='info' %}
+
+Sadly due to high workload, it is not promised that every email gets replied. Sorry for the inconvenience. For general questions, please use discussion groups above for quick response.
+
+{% endhint %}
+
+You may get PGP public key by searching `love@v2ray.com`, or use the public key below.
+
+```text
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: GPGTools - https://gpgtools.org
-1. [V2Ray Usage](https://github.com/v2ray/v2ray-core/issues)
-1. [V2Ray Development](https://github.com/v2ray/planning)
-1. [Telegram Discussion](tg.md)
-1. [Twitter](https://twitter.com/projectv2ray)
-1. [Private Contact](pgp.md)
+mQINBFaPeDABEADAbh3mk58UbKKWndztFKchtTRzU2xFWWRHTdYaNv7Eoo06wrxu
+3eglp0vn+16DIfru4H62TQMS/XSvxib90c4c1tQ4FndVSzv896/IplLKzdrtgn85
+c9eEX4V5b/tKKUmyrG593A/oDdsrpwaIgbNJdzbfqh7WLYESAevRkFJmBZMgfObs
+0pVO/dX6TqS8iV/ARDPbPAzuLosTWXkrRi2+JQmEOKePLsdypRMV9bcgymDA8N6w
+EyGzHyZ2I4wAALtjHXipWFYSZ/4ZK9q9H8G0XV/pk9Y4OFLPGR7T3VCtMwVMhGZk
+CgtcwGOUoE68a/bb9P4FowONnM7tqjM5ef30qNbwe8dMY5DvThffEqQ70LnNc9sj
+OpJF6njxV9ktjjLa3imAB5AStfwX1mBTkQTwnlqAU4pVFcMD6/z+kRFTZGP9nbcY
+cxu5Fg1VVBHHbpgWS39uiwzIBSWVfZj2iHOPcJd9SCZW5xvClcVb1KsU9UD+D88m
+uWBp3TUmxf0f53Uo7Flka1a7MyAEhfcorYsaRioqtPxTZ1z7oYbPLRqLbwmln/YV
+va8XIINQ0hI5phz9kly76ksUqYSz1DRe924/1BwLMs1VzeayB81tOctYd3I7I0aF
+5bF+RLWk0mvYgDBhw/be03PMn17OAkmR6IKNsFcowByNiNaVCLqoE8YVqQARAQAB
+tCFWaWN0b3JpYSBSYXltb25kIDxsb3ZlQHYycmF5LmNvbT6JAj0EEwEKACcFAlaP
+eDACGwMFCQeGH4AFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQV4XalIxIroqu
+ORAAoZNV6LVaDIxjJgH7BFh0oDNEa7Qac+INxkqd62cAmN3vAEF0PlwUhcz80twY
+WvSPMwiLg85wdg/TzM8Ps8umWT6d9rhpkWnlZWyRFYJBpxn6vOpg0OHsgZpJ2+IM
+iREmjK4sYFvuJjGi9e/BT0Mh2+ObcJejwd/+w5vhKb5seva+hw9Fyq569Y2+KMWG
+1M29n3c7NZ6+abYuynxjGdHKOzaTUEGfjrGLZqROD7gb+xtXhBjqKr6jnYlZBAo5
+iEAgnnzbiuDoa6Au+PosB2XZQ+rkecu/3AvmTYZ3wcEJt3FC4Gf9jY2A16ypmArm
+ak2cmLAlz9CIXllFHjqvAHF68UCx2ptxzG3MoWhDFqws09zKSpwLcLdiAWbw//MM
+otzeekx3+b+fjMUa4Eyjg5CvBN0wv2IbEjti744b3HWXW9yOIDrsTrMd8iixfjAe
+3rt9egqTJkLlE8e57Rqnd3E8GpM6LWx8uYXo1aSFxayjJvf+Rvb4VzDA0DHElD2Q
+dRVXJ/mhd14RHDc2QtERcF69GZZ79GFLcTMcXXBlQMDsY0vwBJ56Gi/IGImz9JpT
+swSlU05VSdosMcr01niYoA9BEQjm9Smgd/1b+8qZEAIfvad+SabIRiDacOpN3xSh
+SZzLzIkPukbEp+5hzXt7x22w9M+D6W0Oo22hS8zfV1ZavUa5Ag0EVo94MAEQANoc
+tlwqgv2T372ucpnalh6js8Y/0KkpaevFK6pguZMP6frLX1J05mt+YRUp2UADeqGt
+kuGEiXFZ5cr+smngF0l0HbRkflnILV7wd1WJJmQnvtAbfJfO+tovawUhQH19dLkB
+8KMULcgs0Hrf7QLwus6zs9q0ASu/KkDuQj9gruwWfxk4W5MOQZohk0JcJAZAaBy/
+ojKxz/91YjP3JEEzZuLqLiOz4RK38UBi96u5NEkqrmwCe6SAtpCHsa0dpj6LYZ1y
+1ITmYSUnRwgol/UTRNySkZ2PozX6YFXrdZYtuWir0VClw50tFFkIOCaoT3Q5FpCO
+SSS8smLjT9AAr8U3OZNTfNCQtFSNo8FUBYhXmMgskRC7oeV+t6LJ3rdJxgdaFcA+
+GWL4srMedqxmbmW+8CYGIImmurjTy+C9zAtH88NFMYDnG312IIo9Cse3LnYl7eO/
+KBd3YNvCL096Yqd4B/31fFy74/HaGEfNH7jwLvaY4moRdTff4kBERj7u39UE/jG/
+b4NXmnezUZ55qkYQahoPkUIMzF0tn5bOIh1DOg55Wu/ZYe7DQJVE9L6te6KTxALy
+ycD4WtQaP58SZpxHhGzEjEicPsPE1PpyRoW+Dl8lL+ppMbCl9zAV++BjkNeL5xZN
+dsCtx/jbh+44X9VtK3G+2sdfdC6TqRbW/lELc8P7ABEBAAGJAiUEGAEKAA8FAlaP
+eDACGwwFCQeGH4AACgkQV4XalIxIrorw8RAAg4L9/s8eg90qhslfPjWzvMyi7RvV
+9erHwMB1utxjFDHKknTds2CvnS5JzjpjiT4BT8ICD9cetSP3d7WRNT/XmveeJXjB
+TCxmswrT4H451qsGsCg9eiKIV2is/GolHLnKAvEHICRGsFeCRSB2rNkgWSQ/YJIt
+6vLP1SvwTNY/Y8tyChSbCDaUpvmn4sYf6Qop1Svmn299+22ZVUBp20szsNw233SJ
+IZL0WxSdrMqTdVsZ70m6VEOjOSa15yLryZrwN9U7qbpe2MmuygI90TVGQK4nLZG+
+2XH2YVtBNTl9ZiFdpwq8d7+eMGcStKYQcdy6IZDd3cOeb2sTMUG31HJS3efTmSrT
+tZpOz8TDeNjami78zR5qcW1VmGYbxlZHEhQnpG3U4qWRUZsy5TOYIXKHqCNc3rYH
+iixcKE3UcyHBF7XjdKgpKtsgZfKoDXFz3XATJEeW80GEG05GVMoD9Yvf96Q7lvC6
+U83vL8mHNjuG60KvBk7A9grYaVFioqRvbTdPf41G+tJpYKrHSJXPGglxHnzvBfiD
+WWJIBRTyaCCglZLZ/a1sCsT1DciDWQoqqH7DuK2YvMXG3IDaOfoKAE/uW31azT0B
+X7R92mxQ+gCZgePwG4gOE/xAqHZh84VzdWZJ4cehPgHa/z/enqbQbiQAwTXld4Wt
+PeRpd1GUXXeoGCw=
+=To5T
+-----END PGP PUBLIC KEY BLOCK-----
+```
diff --git a/en/welcome/install.md b/en/welcome/install.md
index cf347940c..aa1bc5adb 100644
--- a/en/welcome/install.md
+++ b/en/welcome/install.md
@@ -1,44 +1,46 @@
-# Download & Install
+---
+refcn: chapter_00/install
+refen: welcome/install
+---
- [](https://www.v2ray.com/chapter_00/install.html)
+# Download & Install
-## Platform
+## Platform {#platform}
V2Ray is available on the following platforms:
-* Windows Vista and later (x86 / amd64)
-* Mac OS X 10.7 and later (amd64)
+* Windows 7 and later (x86 / amd64)
+* Mac OS X 10.10 Yosemite and later (amd64)
* Linux 2.6.23 and later (x86 / amd64 / arm / arm64 / mips64 / mips)
* Including but not limited to Debian 7 / 8, Ubuntu 12.04 / 14.04 and later, CentOS 6 / 7, Arch Linux
* FreeBSD (x86 / amd64)
* OpenBSD (x86 / amd64)
+* Dragonfly BSD (amd64)
-## Hardware requirement
-
-At least 32MB free memory.
-
-## Download
+## Download {#download}
Pre-built packages can be found here:
1. Github Release: [github.com/v2ray/v2ray-core](https://github.com/v2ray/v2ray-core/releases)
-1. IPFS: [/ipns/QmdtMuAhEUPFX9NQiGhRj2zhS1oEA76SXNDnZRHqivjMwR](https://ipfs.io/ipns/QmdtMuAhEUPFX9NQiGhRj2zhS1oEA76SXNDnZRHqivjMwR)
-1. IPFS Re-dist: [https://v2ray.com/download](https://v2ray.com/download)
+1. Redistribution: [github.com/v2ray/dist](https://github.com/v2ray/dist)
+1. Homebrew: [github.com/v2ray/homebrew-v2ray](https://github.com/v2ray/homebrew-v2ray)
+1. Arch Linux: [packages/community/x86_64/v2ray/](https://www.archlinux.org/packages/community/x86_64/v2ray/)
+1. Snapcraft: [snapcraft.io/v2ray-core](https://snapcraft.io/v2ray-core)
All packages are in ZIP format. Download and unzip corresponding packages to your system.
-## Verify
+## Verify {#verify}
There are 2 ways to verify packages.
-1. Metadata.txt in release page contains SHA1 hash for all packages.
+1. Each `.zip` file has a corresponding `.dgst` file for SHA digests.
1. The GPG signature file for executables (v2ray / v2ray.exe) can be found in v2ray.sig (or v2ray.exe.sig) in the same package. Public key is [in the repository](https://raw.githubusercontent.com/v2ray/v2ray-core/master/release/verify/official_release.asc).
-## Install on Windows or Mac OS
+## Install on Windows or Mac OS {#install-windows}
Run v2ray / v2ray.exe after unzip the packages.
-## Install on Linux
+## Install on Linux {#install-linux}
We provide a script to install on Linux. This script detects previous installed v2ray and then upgrade or install a new one accordingly. If there is a previous version, the config file in /etc/v2ray will not be overwritten during upgrade.
@@ -46,8 +48,8 @@ The following command assumes root permission.
Run the following command to install V2Ray. If yum or apt is available, the script will install unzip and daemon / systemd. They are required to run V2Ray as a service. You need to install them manually if your Linux system doesn't support yum or apt.
-```shell
-bash <(curl -L -s https://install.direct/go.sh)
+```bash
+curl -Ls https://install.direct/go.sh | sudo bash
```
The script installs the following files.
@@ -71,7 +73,7 @@ After installation, we will need to:
1. Run `service v2ray start` command to start V2Ray.
1. Optionally run `service v2ray start|stop|status|reload|restart|force-reload` to control V2Ray service.
-### go.sh
+### go.sh {#gosh}
go.sh supports the following parameters.
@@ -85,11 +87,11 @@ Examples:
* Use SOCKS proxy 127.0.0.1:1080 to install the latest package: ```./go.sh -p socks5://127.0.0.1:1080```
* Install v1.13 from local file:```./go.sh --version v1.13 --local /path/to/v2ray.zip```
-## Docker
+## Docker {#docker}
V2Ray provides 2 docker images:
-* [v2ray/official](https://hub.docker.com/r/v2ray/official/) [](https://microbadger.com/images/v2ray/official): Contains official releases.
-* [v2ray/dev](https://hub.docker.com/r/v2ray/dev/) [](https://microbadger.com/images/v2ray/dev): Contains latest code.
+* [v2ray/official](https://hub.docker.com/r/v2ray/official/): Contains official releases.
+* [v2ray/dev](https://hub.docker.com/r/v2ray/dev/): Contains latest code.
The 2 images has the same structure as the Linux installation.
diff --git a/en/welcome/start.md b/en/welcome/start.md
new file mode 100644
index 000000000..d43ec0b49
--- /dev/null
+++ b/en/welcome/start.md
@@ -0,0 +1,78 @@
+---
+refcn: chapter_00/start
+refen: welcome/start
+---
+
+# Quick Start
+
+You need to configure V2Ray after installing it. Here is a quick configuration for a demo run. Please see [configuration overview](../configuration/overview.md) for more advanced setup.
+
+## Client {#client}
+
+On your PC (or mobile), run V2Ray with the following configuration.
+
+```javascript
+{
+ "inbounds": [{
+ "port": 1080, // Port of socks5 proxy. Point your browser to use this port.
+ "listen": "127.0.0.1",
+ "protocol": "socks",
+ "settings": {
+ "udp": true
+ }
+ }],
+ "outbounds": [{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "server", // Address of your V2Ray server. May be IP or domain address.
+ "port": 10086, // Port of your V2Ray server.
+ "users": [{ "id": "b831381d-6324-4d53-ad4f-8cda48b30811" }]
+ }]
+ }
+ },{
+ "protocol": "freedom",
+ "tag": "direct",
+ "settings": {}
+ }],
+ "routing": {
+ "domainStrategy": "IPOnDemand",
+ "rules": [{
+ "type": "field",
+ "ip": ["geoip:private"],
+ "outboundTag": "direct"
+ }]
+ }
+}
+```
+
+Please modify the IP address of your V2Ray server as mentioned above. After that, the V2Ray process on your PC will proxy all traffic to V2Ray server except intranet traffic.
+
+## Server {#server}
+
+You need another computer to run V2Ray as a server. Usually this computer is located outside firewall. Here is a sample configuration.
+
+```javascript
+{
+ "inbounds": [{
+ "port": 10086, // Port of the server. Must be the same as above.
+ "protocol": "vmess",
+ "settings": {
+ "clients": [{ "id": "b831381d-6324-4d53-ad4f-8cda48b30811" }]
+ }
+ }],
+ "outbounds": [{
+ "protocol": "freedom",
+ "settings": {}
+ }]
+}
+```
+
+Please make sure the `id` field is the same between client and server.
+
+## Running {#running}
+
+* On Windows and macOS, configuration file is located in the same directory as V2Ray binary. You may run `v2ray` or `v2ray.exe` without additional parameters.
+* On Linux, configuration file is usually located at `/etc/v2ray/config.json`. Run `v2ray --config=/etc/v2ray/config.json` in foreground or use other tools such as systemd to run V2Ray as background process.
+
+See [Overview](../configuration/overview.md) for more detail of the configuration.
diff --git a/en/welcome/tg.md b/en/welcome/tg.md
deleted file mode 100644
index 0674377f6..000000000
--- a/en/welcome/tg.md
+++ /dev/null
@@ -1,39 +0,0 @@
-# Telegram Group
-
- [](https://www.v2ray.com/chapter_00/tg.html)
-
-Project V provides the following groups for different type of discussions.
-
-1. [Development](https://t.me/joinchat/DNcazUMxm77Jt0LQuwiGAQ): Discussion over Project V's development and future plans.
-1. [Usage](https://telegram.me/projectv2ray): For Project V usages.
-1. [Others](https://t.me/joinchat/DNcazUIYaH80uVfeS716jg): Other topics.
-
-Please also follow [Project V Announcement](https://t.me/v2msg) for news.
-
-## Rules
-
-Allowed/banned topics are listed as below.
-
- / | Dev | Usage | Other
--------:|:-------:|:----:|:----:
-Project V development|✔|✔|✔
-Algorithm | ✔|✔|✔
-Computer network|✔|✔|✔
-Censorship avoidance|✔|✔|✔
-V2Ray usage|✘|✔|✔
-V2Ray deployment|✘|✔|✔
-Related software|✘|✔|✔
-Nonsense pictures|✘✘|✘✘|✔
-Politics|✘|✘|✔
-Chit-chat|✘|✘|✔
-Advertisement|✘✘|✘✘|✘✘
-18+|✘✘✘|✘✘✘|✘✘✘
-Hate speech|✘✘✘|✘✘✘|✘✘✘
-Identity theft|✘✘✘✘|✘✘✘✘|✘✘✘✘
-
-### Procedure for violations
-
-1. All ✘ content will be delete immediately after notice.
-1. Senders for all ✘✘ content will be banned for a week.
-1. Senders for all ✘✘✘ content will be banned for a month.
-1. Sender for all ✘✘✘✘ content will be banned for good.
diff --git a/en/welcome/versions.md b/en/welcome/versions.md
index ac8fba614..d7cac5970 100644
--- a/en/welcome/versions.md
+++ b/en/welcome/versions.md
@@ -1,6 +1,164 @@
+---
+refcn: chapter_00/01_versions
+refen: welcome/versions
+---
+
# Version History
- [](https://www.v2ray.com/chapter_00/01_versions.html)
+This page lists regular releases with feature updates. If a Github release doesn't appear here, it usually only contains bug fixes.
+
+## 2019.03.01 v4.18
+
+* Port list in routing rules now supports mixed format.
+* Updated `geosite` information in routing, and description for static hosts in DNS.
+* Option to not use system root CAs for TLS handshake.
+* New routing rule for traffic attributes.
+
+## 2019.02.22 v4.17
+
+* New sub-command `tlsping` in V2Ctl.
+
+## 2019.02.15 v4.16
+
+For end users:
+
+* DNS outbound proxy now supports to modify DNS server info.
+
+For developers:
+
+* 'ext' repository is now deprecated. [#1541](https://github.com/v2ray/v2ray-core/issues/1541)
+
+## 2019.02.08 v4.15
+
+* DNS outbound proxy.
+
+## 2019.02.01 v4.14
+
+* Static DNS mapping now supports domain to domain mapping.
+
+## 2019.01.18 v4.13
+
+* Quic lib updated. It is not compatible with previous versions.
+* DNS now have `tag` settings.
+
+## 2019.01.11 v4.11
+
+For developers:
+
+* New method: [core.DialUDP](https://github.com/v2ray/v2ray-core/blob/b52725cf659e0f7a38fed2eb36a5a792843bd54f/functions.go#L65)
+* [internet.DialSystem](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/dialer.go#L66) now uses [internet.ListenSystemPacket](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/tcp_hub.go#L65) to establish UDP connections.
+
+## 2018.12.07 v4.8
+
+For end users:
+
+* Bug fixes
+
+For developers:
+
+* New [API doc](https://github.com/v2ray/v2ray-core/blob/master/annotations.go#L13)
+* New method: [internet.RegisterListenerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_listener.go#L63)
+* New method: [internet.RegisterDialerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_dialer.go#L105)
+
+## 2018.11.30 v4.7
+
+* Freedom now supports for dialing IPv4 or IPv6 address only.
+* New QUIC transport.
+
+## 2018.11.23 v4.6
+
+* Freedom now can automatically choose between IPv4 and IPv6 destination address, based on `SendThrough` settings.
+
+## 2018.11.16 v4.4
+
+* Load balancer rules in routing.
+* Memory usage gets optimized.
+
+## 2018.11.05 v4.1
+
+* JSON configuration format changes. Old format is still suported.
+* Performance on GeoIP matching is improved.
+
+## 2018.11.02 v4.0
+
+* Reverse proxy.
+* Release packages for ppc64 and ppc64le.
+
+## 2018.10.12 v3.47
+
+* Migrate to a new continuous delivery pipeline
+
+## 2018.09.28 v3.44
+
+* Dokodemo-door now supports TProxy in Linux.
+
+## 2018.09.21 v3.43
+
+* DNS now supports on-demand queries by domain.
+
+## 2018.09.14 v3.40
+
+* New socket options in transport configuration. It can be used to setup VPNs.
+* New TCP Fast Open option in transport configuration.
+
+## 2018.09.03 v3.38
+
+* mKCP has a new WireGuard header.
+* Fix softfloat binaries in mips/mips64.
+
+## 2018.08.31 v3.37
+
+* Performance of reading network connection in optilized. See [Environment Variables](../configuration/env.md)。
+* VMess uses AES-128-GCM by default on ARM64.
+* Built by Go 1.11.
+
+## 2018.08.24 v3.36
+
+* Great performance improvement on subdomain matching (`domain:`) in routing.
+* Full domain matching is now supported in routing.
+
+## 2018.08.07 v3.34
+
+* Better memory management on most devices.
+
+## 2018.07.27 v3.32
+
+* BitTorrent traffic can now be sniff'ed.
+* New `protocol` option in routing rules for protocol-based routing.
+* New `geosite:speedtest` option in routing rules to match all public servers of speedtest.net.
+
+## 2018.07.20 v3.31
+
+* New [Domain Socket transport](../configuration/transport/domainsocket.md) (Thanks to @xiaokangwang).
+
+## 2018.07.13 v3.30
+
+* Fix an issue that may cause broken connections in mKCP.
+* Thanks to [our friends](https://crowdin.com/project/v2ray) who speak Russian. Now our documents are in [Russian](https://www.v2ray.com/ru/).
+
+## 2018.07.06 v3.29
+
+* New inbound and outbound for MTProto proxy.
+
+## 2018.06.29 v3.27
+
+* DNS now supports EDNS client subnet.
+* DNS static host now supports sub-domain matching.
+
+## 2018.06.15 v3.26
+
+* Add Dragonfly BSD release.
+
+## 2018.06.01 v3.24
+
+* Internal buffer size (per connection) can now be configured in JSON configuration.
+* mKCP now supports DTLS 1.2 header.
+* TLS transport now only support cipher suites in TLS 1.3 spec.
+
+## 2018.05.25 v3.23
+
+* In JSON configuration, port can now be specified from env variables.
+* JSON config now supports to load domains and IPs from specified files.
## 2018.04.20 v3.19
diff --git a/en/welcome/workflow.md b/en/welcome/workflow.md
index b89ef898f..ae01df85d 100644
--- a/en/welcome/workflow.md
+++ b/en/welcome/workflow.md
@@ -1,12 +1,22 @@
-# Workflow
+---
+refcn: chapter_00/workflow
+refen: welcome/workflow
+---
- [](https://www.v2ray.com/chapter_00/workflow.html)
+# Workflow
## Single Server
Same as other proxies, you need a proxy server which runs V2Ray. Then you can connect to internet through that server from you PC, mobile or other devices.
-
+```mermaid
+graph LR;
+A(PC) -.- B(Firewall);
+B -.-> C(Blocked Website);
+A --> D(V2Ray/VPS);
+D --> C;
+A --> E(Normal Website);
+```
V2Ray supports connections from multiple devices at the same time, with optionally different protocols. In the mean time, the local routing mechanism can smartly proxy necessary connections only.
@@ -14,13 +24,31 @@ V2Ray supports connections from multiple devices at the same time, with optional
In the case you don't want configuration V2Ray on each of your devices, you may setup a server within the firewall, and then all traffic go through that server. The server does routing itself.
-
+```mermaid
+graph LR;
+A(PC) -.-> B(Firewall);
+B -.-> C(Blocked Website);
+A --> D(VPS 1);
+D --> E(VPS 2);
+E --> C;
+D --> F(Normal Website);
+```
## Internal
The internal of V2Ray looks like below. It supports multiple inbound proxies, and multiple outbounds. Each of them are independent from others.
-
+```mermaid
+graph LR;
+A1(inbound) --> D(Dispatcher / Router / DNS);
+A2(inbound) --> D;
+A3(inbound) --> D;
+A4(inbound) --> D;
+D --> B1(outbound);
+D --> B2(outbound);
+D --> B3(outbound);
+D --> B4(outbound);
+```
Notes:
diff --git a/eng_en/intro/compile.md b/eng_en/intro/compile.md
index 19d9db12a..614fc3607 100644
--- a/eng_en/intro/compile.md
+++ b/eng_en/intro/compile.md
@@ -11,10 +11,8 @@
3. `export PATH=$PATH:/usr/local/go/bin`
4. `export GOPATH=$HOME/work`
3. 下载 V2Ray 源文件:`go get -u v2ray.com/core/...`
-4. 下载 V2Ray 扩展包:`go get -u v2ray.com/ext/...`
-5. 生成编译脚本:`go install v2ray.com/ext/tools/build/vbuild`
-6. 编译 V2Ray:`$GOPATH/bin/vbuild`
-7. V2Ray 程序及配置文件会被放在 `$GOPATH/bin/v2ray-XXX` 文件夹下(XXX 视平台不同而不同)
+4. `go build -o $GOPATH/bin/v2ray v2ray.com/core/main`
+5. `go build -o $GOPATH/bin/v2ctl v2ray.com/core/infra/control/main`
## Arch Linux
@@ -22,9 +20,8 @@
2. 安装 golang:`sudo pacman -S go`
1. `export GOPATH=$HOME/work`
3. `go get -u v2ray.com/core/...`
-4. `go get -u v2ray.com/ext/...`
-5. `go install v2ray.com/ext/tools/build/vbuild`
-6. `$GOPATH/bin/vbuild`
+4. `go build -o $GOPATH/bin/v2ray v2ray.com/core/main`
+5. `go build -o $GOPATH/bin/v2ctl v2ray.com/core/infra/control/main`
## Debian / Ubuntu
diff --git a/eng_en/intro/design.md b/eng_en/intro/design.md
index 693af0df9..a2c988afe 100644
--- a/eng_en/intro/design.md
+++ b/eng_en/intro/design.md
@@ -19,20 +19,20 @@
重要模块列表:
-* Dispatcher: 用于把传入代理所接收到的数据,传送给传出代理;
+* Dispatcher: 用于把入站代理所接收到的数据,传送给出站代理;
* Router: 内置路由,详见[路由配置](https://www.v2ray.com/en/configuration/routing.html);
* DNS: 内置的 DNS 缓存;
-* Proxy Manager: 传入代理的管理器;
+* Proxy Manager: 入站代理的管理器;
## 代理层
-代理层分为两部分:传入代理(Inbound Proxy)和传出代理(Outbound Proxy)。两部分相互独立,传入代理不依赖于某个特定的传出代理,反之亦然。所有已实现的[协议列表](https://www.v2ray.com/en/configuration/protocols.html)一览。
+代理层分为两部分:入站代理(Inbound Proxy)和出站代理(Outbound Proxy)。两部分相互独立,入站代理不依赖于某个特定的出站代理,反之亦然。所有已实现的[协议列表](https://www.v2ray.com/en/configuration/protocols.html)一览。
-### 传入代理
+### 入站代理
* 实现 [proxy.Inbound](https://github.com/v2ray/v2ray-core/blob/master/proxy/proxy.go#L14) 接口;
-### 传出代理
+### 出站代理
* 实现 [proxy.Outbound](https://github.com/v2ray/v2ray-core/blob/master/proxy/proxy.go#L21) 接口;
diff --git a/eng_en/protocols/vmess.md b/eng_en/protocols/vmess.md
index 8370d12c5..e299f773c 100644
--- a/eng_en/protocols/vmess.md
+++ b/eng_en/protocols/vmess.md
@@ -62,11 +62,11 @@ Authentication credential is a 16-byte long Hash value. It can be generated usin
The command is encrypted using AES-128-CFB.
-* Key: MD5(User ID + 'c48619fe-8f02-49e0-b9e9-edf763e17e21')
+* Key: MD5(User ID + []byte('c48619fe-8f02-49e0-b9e9-edf763e17e21'))
* IV: MD5(X + X + X + X), X = []byte(The time when authentication credential is generated) (8 Bytes, Big Endian)
| 1 Byte | 16 Bytes | 16 Bytes | 1 Byte | 1 Byte | 4 Bits | 4 Bits | 1 Byte | 1 Byte | 2 Bytes | 1 Byte | N Byte | P Byte | 4 Bytes |
-|---------|----------|---------|--------|--------|--------|--------|--------|--------|--------|--------|
+|---------|----------|---------|--------|--------|--------|--------|--------|--------|--------|--------|--------|--------|--------|
| Version | Encryption IV | Encryption Key | Response Auth V | Options | Margin P | Encrypt Method | Reserved | Command | Port | Address Type | Address | Random Value | Checksum F |
Details about Options: (While something = 1, means it is enabled)
diff --git a/eng_zh_cn/README.md b/eng_zh_cn/README.md
deleted file mode 100644
index 357327fca..000000000
--- a/eng_zh_cn/README.md
+++ /dev/null
@@ -1,5 +0,0 @@
-# Project V 开发
-
- [](https://www.v2ray.com/eng_en/)
-
-本站点主要介绍 Project V 开发的相关信息。
\ No newline at end of file
diff --git a/eng_zh_cn/SUMMARY.md b/eng_zh_cn/SUMMARY.md
deleted file mode 100644
index 8e65c5964..000000000
--- a/eng_zh_cn/SUMMARY.md
+++ /dev/null
@@ -1,12 +0,0 @@
-# Summary
-
-* [代码入门](intro/README.md)
- * [加入组织](intro/org.md)
- * [开发计划](intro/roadmap.md)
- * [开发指引](intro/guide.md)
- * [核心设计](intro/design.md)
- * [编译源文件](intro/compile.md)
-* 协议细节
- * [VMess 协议](protocols/vmess.md)
- * [mKCP 协议](protocols/mkcp.md)
- * [Mux.Cool](protocols/muxcool.md)
diff --git a/eng_zh_cn/book.json b/eng_zh_cn/book.json
deleted file mode 100644
index 9f6e7e198..000000000
--- a/eng_zh_cn/book.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
- "language": "zh",
- "title": "Project V 开发人员参考",
- "plugins" : [
- "-fontsettings",
-
- "anchors"
- ]
-}
diff --git a/eng_zh_cn/intro/3party.md b/eng_zh_cn/intro/3party.md
deleted file mode 100644
index f3c976f33..000000000
--- a/eng_zh_cn/intro/3party.md
+++ /dev/null
@@ -1,19 +0,0 @@
-# 第三方组件
-
-Project V 欢迎所有个人或组织开发兼容 Project V 的软件。兼容 Project V 的软件须遵循以下协议:
-
-## 第三方开发者的权利和义务
-
-1. 开发者拥有所开发软件的全部版权。
-1. 开发者拥有所开发软件的所有盈利,同时也须独立承担开发过程中所有的开销和风险。
-1. 开发者可以在软件中使用 “V2Ray” 和 “Project V” 一词、[Project V 图标](http://www.v2ray.com/resources/v2ray_1024.png)和其它 Project V 相关的用语。
-1. 开发者可以自由地使用 V2Ray 的核心代码。
-1. 开发者有义务向公众宣传 Project V 项目。
-1. 开发者有义务向 Project V 官方汇报使用过程中的问题。
-1. 开发者有义务在其软件或介绍中提到 Project V 项目和 [Project V 官网](https://www.v2ray.com/)链接。
-
-## Project V 官方的权利和义务
-
-1. Project V 官方有义务向开发者提供技术支持。
-1. Project V 官方有义务向开发者提供资金支持。在开发者接受的情况下,资金将以不定期捐赠的方式进行。
-1. Project V 官方保留向任何侵权行为追责的权利。
diff --git a/eng_zh_cn/intro/README.md b/eng_zh_cn/intro/README.md
deleted file mode 100644
index 093510f2d..000000000
--- a/eng_zh_cn/intro/README.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# 代码细节
-
-本章节介绍了开发相关的内容。
\ No newline at end of file
diff --git a/eng_zh_cn/intro/compile.md b/eng_zh_cn/intro/compile.md
deleted file mode 100644
index 19d9db12a..000000000
--- a/eng_zh_cn/intro/compile.md
+++ /dev/null
@@ -1,33 +0,0 @@
-# 编译源文件
-
-大概流程,请根据实际情况修改
-
-1. 安装 Git: `sudo apt-get install git -y`
-2. 安装 golang:
- 1. 下载安装文件:
- 1. 64位:`curl -o go_latest.tar.gz -L https://storage.googleapis.com/golang/go1.9.4.linux-amd64.tar.gz`
- 2. 32位:`curl -o go_latest.tar.gz -L https://storage.googleapis.com/golang/go1.9.4.linux-386.tar.gz`
- 2. `sudo tar -C /usr/local -xzf go_latest.tar.gz`
- 3. `export PATH=$PATH:/usr/local/go/bin`
- 4. `export GOPATH=$HOME/work`
-3. 下载 V2Ray 源文件:`go get -u v2ray.com/core/...`
-4. 下载 V2Ray 扩展包:`go get -u v2ray.com/ext/...`
-5. 生成编译脚本:`go install v2ray.com/ext/tools/build/vbuild`
-6. 编译 V2Ray:`$GOPATH/bin/vbuild`
-7. V2Ray 程序及配置文件会被放在 `$GOPATH/bin/v2ray-XXX` 文件夹下(XXX 视平台不同而不同)
-
-## Arch Linux
-
-1. 安装 Git: `sudo pacman -S git`
-2. 安装 golang:`sudo pacman -S go`
- 1. `export GOPATH=$HOME/work`
-3. `go get -u v2ray.com/core/...`
-4. `go get -u v2ray.com/ext/...`
-5. `go install v2ray.com/ext/tools/build/vbuild`
-6. `$GOPATH/bin/vbuild`
-
-## Debian / Ubuntu
-
-`bash <(curl -s https://raw.githubusercontent.com/v2ray/v2ray-core/master/release/install.sh)`
-
-此脚本会自动安装 git 和 golang 1.9 (如果系统上没有的话,并且需要 root 权限),然后把 v2ray 编译到 $GOPATH/bin/v2ray,新装的 golang 会把 GOPATH 设定到 /v2ray。
diff --git a/eng_zh_cn/intro/org.md b/eng_zh_cn/intro/org.md
deleted file mode 100644
index 9de0096f4..000000000
--- a/eng_zh_cn/intro/org.md
+++ /dev/null
@@ -1,22 +0,0 @@
-# V2Ray 项目组
-
-## 团队优势
-
-V2Ray 项目组欢迎所有人为代理工具添砖加瓦,并提供以下服务帮助开发人员解决软件开发过程中的一些隐私顾虑。
-
-* 私有代码仓库:用于私有代码的开发,但又不想暴露支付方式。
-* 私有编译环境:完全封闭的编译环境,可以安全地使用私有内容,如 GPG 私钥。
-
-## 加入方式
-
-只要你的 Github 帐号已有一些合理的代码,或已向 V2Ray 项目提交过 PR,都可以申请加入。
-
-### 申请方式
-
-向 love@v2ray.com 发送邮件,注明你的 Github 帐号。
-
-## 权限及义务
-
-* 项目组的所有成员都自动获得 push 和创建 repo 的权限。
-* 除了几个核心的 branch 外,所有成员可以自由地提交代码。
-* 项目组成员有义务汇报任何可能威胁到项目安全的行为。
diff --git a/es/README.md b/es/README.md
new file mode 100644
index 000000000..539eb2112
--- /dev/null
+++ b/es/README.md
@@ -0,0 +1,25 @@
+---
+refcn: index
+refen: index
+---
+
+# Project V
+
+Project V is a set of tools to help you build your own privacy network over internet. The core of Project V, named `V2Ray`, is responsible for network protocols and communications. It can work alone, as well as combine with other tools.
+
+This website is mainly a manual for V2Ray, with some additional information regarding the whole project.
+
+## Features
+
+* Multiple inbound/outbound proxies: one V2Ray instance supports in parallel multiple inbound and outbound protocols. Each protocol works independently.
+* Customizable routing: incoming traffic can be sent to different outbounds based on routing configuration. It is easy to route traffic by target region or domain.
+* Multiple protocols: V2Ray supports multiple protocols, including Socks, HTTP, Shadowsocks, VMess etc. Each protocol may have its own transport, such as TCP, mKCP, WebSocket etc.
+* Obfuscation: V2Ray has built in obfuscation to hide traffic in TLS, and can run in parallel with web servers.
+* Reverse proxy: General support of reverse proxy. Can be used to build tunnels to localhost.
+* Multiple platforms: V2Ray runs natively on Windows, Mac OS, Linux, etc. There is also third party support on mobile.
+
+{% hint style='info' %}
+
+This site is generated by GitBook, and host on GitHub. If you'd like to modify its content, please send pull request to [this repo](https://github.com/v2ray/manual).
+
+{% endhint %}
\ No newline at end of file
diff --git a/es/SUMMARY.md b/es/SUMMARY.md
new file mode 100644
index 000000000..678b15566
--- /dev/null
+++ b/es/SUMMARY.md
@@ -0,0 +1,51 @@
+# Summary
+
+* [Project V](README.md)
+ * [Version History](welcome/versions.md)
+ * [Workflow](welcome/workflow.md)
+ * [Install](welcome/install.md)
+ * [Quick Start](welcome/start.md)
+ * [Commandline](welcome/command.md)
+ * [Donation](welcome/donate.md)
+ * [Support](welcome/help.md)
+ * [FAQ](welcome/faq.md)
+ * [Blog↪](https://steemit.com/@v2ray)
+* [Configuration](configuration/README.md)
+ * [Overview](configuration/overview.md)
+ * [Protocols](configuration/protocols.md)
+ * [Blackhole](configuration/protocols/blackhole.md)
+ * [DNS](configuration/protocols/dns.md)
+ * [Dokodemo](configuration/protocols/dokodemo.md)
+ * [Freedom](configuration/protocols/freedom.md)
+ * [MTProto](configuration/protocols/mtproto.md)
+ * [HTTP](configuration/protocols/http.md)
+ * [Shadowsocks](configuration/protocols/shadowsocks.md)
+ * [SOCKS](configuration/protocols/socks.md)
+ * [VMess](configuration/protocols/vmess.md)
+ * [Policy](configuration/policy.md)
+ * [Routing](configuration/routing.md)
+ * [DNS](configuration/dns.md)
+ * [Mux](configuration/mux.md)
+ * [API](configuration/api.md)
+ * [Statistics](configuration/stats.md)
+ * [Reverse](configuration/reverse.md)
+ * [Transport](configuration/transport.md)
+ * [TCP](configuration/transport/tcp.md)
+ * [mKCP](configuration/transport/mkcp.md)
+ * [WebSocket](configuration/transport/websocket.md)
+ * [HTTP/2](configuration/transport/h2.md)
+ * [DomainSocket](configuration/transport/domainsocket.md)
+ * [QUIC](configuration/transport/quic.md)
+ * [Env Variables](configuration/env.md)
+* [Awesome V](awesome/tools.md)
+ * [With Ads](awesome/ads.md)
+* Development
+ * Milestone
+ * Guide
+ * Design
+ * Build
+ * [Tools](developer/tools.md)
+ * Protocols
+ * VMess
+ * mKCP
+ * Mux.Cool
\ No newline at end of file
diff --git a/es/awesome/ads.md b/es/awesome/ads.md
new file mode 100644
index 000000000..e7e0ac523
--- /dev/null
+++ b/es/awesome/ads.md
@@ -0,0 +1,72 @@
+---
+refcn: awesome/ads
+refen: awesome/ads
+---
+
+# Some Advertisement
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## Self Hosting
+
+> [Let's Encrypt](https://letsencrypt.org/)
+
+Free TLS certificates
+
+> [Vultr](https://www.vultr.com/?ref=7269307)
+
+VPS
+
+[2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+
+> [BlueHost](https://www.bluehost.com/track/v2ray/)
+
+VPS, web hosting
+
+> [ClouDNS](https://www.cloudns.net/aff/id/244749/)
+
+Domain registration, DNS, SSL certificate
+
+> [Bandwagon](https://bandwagonhost.com/aff.php?aff=44317)
+
+Well-known VPS provider. Low price for good product.
+
+## VPN
+
+> [BabyDriver](http://babydriver.me/)
+
+Supports V2Ray. Coupon code: bcb518
+
+> [喵帕斯](https://xn--i2ru8q2qg.com/)
+
+V2Ray support (beta)
+
+> [Lanan](https://xn--sjt174g.com/)
+
+V2Ray based VPN service. Coupon code: v2ray
+
+> [V2Net](http://v2net.org/)
+
+Customized V2Ray service. Promo code: v2ray.com
+
+## Cryptocurrency
+
+> [LocalBitcoins](https://localbitcoins.com/?ch=khtm)
+
+Trade Bitcoins offline
+
+> [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g)
+
+OTC market to trade BTC, ETH, BCH, USDT.
+
+> [Binance](https://www.binance.com/?ref=35382451)
+
+Trading market for crypto currencies.
+
+> [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp)
+
+Trading market for crypto currencies.
+
+> [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18)
+
+Online crypto currency wallet
\ No newline at end of file
diff --git a/es/awesome/tools.md b/es/awesome/tools.md
new file mode 100644
index 000000000..d9216b892
--- /dev/null
+++ b/es/awesome/tools.md
@@ -0,0 +1,96 @@
+---
+refcn: awesome/tools
+refen: awesome/tools
+---
+
+# Awesome V
+
+# Graphic Client
+
+> V2RayW
+
+Download: [Github](https://github.com/Cenmrev/V2RayW)
+
+> V2RayN
+
+Download: [Github](https://github.com/2dust/v2rayN)
+
+> Clash for Windows
+
+Download: [Github](https://github.com/Fndroid/clash_for_windows_pkg)
+
+> V2RayX
+
+Download: [Github](https://github.com/Cenmrev/V2RayX)
+
+> V2RayU
+
+Download: [Github](https://github.com/yanue/V2rayU)
+
+> ClashX
+
+Download: [Github](https://github.com/yichengchen/clashX)
+
+> Qv2ray
+
+Qv2ray: v2ray Cross-Platform GUI written in Qt, supports multi-language, connection edit and auto-check updates
+
+Download: [GitHub](https://github.com/qv2ray/Qv2ray)
+
+Website:
+
+> Mellow
+
+Mellow is a rule-based global transparent proxy client for Windows, macOS and Linux.
+
+Download: [Github](https://github.com/mellow-io/mellow)
+
+> Kitsunebi
+
+Kitsunebi is an iOS app based on V2Ray. It provides full functionality as V2Ray. It also supports importing and exporting V2Ray compatible JSON configuration.
+
+Download: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+> i2Ray
+
+i2Ray is another iOS app based on V2Ray with easy-to-use UI design.
+
+Download: [iTunes](https://itunes.apple.com/us/app/i2ray/id1445270056?mt=8)
+
+> Shadowrocket
+
+Shadowrocket is a generic VPN app. Is supports multiple protocols such as Shadowsocks, VMess, SSR etc.
+
+Download: [iTunes](https://itunes.apple.com/us/app/shadowrocket/id932747118?mt=8)
+
+> Pepi (was ShadowRay)
+
+Pepi is V2Ray compatible app. Is is able create VPN connections based on VMess protocol, and communicate with any V2Ray servers.
+
+Download: [iTunes](https://itunes.apple.com/us/app/pepi/id1283082051?mt=8)
+
+> Quantumult
+
+Download: [iTunes](https://itunes.apple.com/us/app/quantumult/id1252015438?mt=8)
+
+> BifrostV
+
+BifrostV is an Android app based on V2Ray core. It supports VMess, Shadowsocks, socks protocols.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv) | [APK Pure](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+> V2RayNG
+
+V2RayNG is an Android app based on V2Ray. It provides same feature set as V2Ray core.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.v2ray.ang) | [GitHub](https://github.com/2dust/v2rayNG)
+
+## Online services
+
+> [Configuration generator](https://htfy96.github.io/v2ray-config-gen/)
+
+Online configuration generator.
+
+> [UUID Generator](https://www.uuidgenerator.net/)
+
+UUID generator for VMess users.
diff --git a/es/configuration/README.md b/es/configuration/README.md
new file mode 100644
index 000000000..2acc42e40
--- /dev/null
+++ b/es/configuration/README.md
@@ -0,0 +1,76 @@
+---
+refcn: chapter_02/index
+refen: configuration/index
+---
+
+# Configuration
+
+V2Ray uses [protobuf](https://developers.google.com/protocol-buffers/)-based configuration. As protobuf format is less readable, V2Ray also supports configuration in JSON. Before V2Ray runs, it automatically converts JSON config into protobuf. That being said, other configuration formats may be introduced in the furture.
+
+Here we introduce the JSON-based configuration.
+
+JSON, or [JavaScript Object Notation](https://en.wikipedia.org/wiki/JSON), in short is objects in Javascript. One JSON file contains one and only one JSON object, beginning with "{" and ending with "}".
+
+A JSON object contains a list of key value pairs. A key is a string, and a value may be various of types, such as string, number, boolean, array or another object. A typical object is like below:
+
+```javascript
+{
+ "stringValue": "This is a string.",
+ "numberValue": 42,
+ "boolValue": true,
+ "arrayValue": ["this", "is", "a", "string", "array"],
+ "objectValue": {
+ "another": "object"
+ }
+}
+```
+
+{% hint style='info' %}
+
+V2Ray supports comments in JSON,annotated by "//" or "/\* \*/". In an editor that doesn't support comments, they may get displayed as errors, but comments actually work fine in V2Ray.
+
+{% endhint %}
+
+## JSON Data Types
+
+Here is a brief introduction of JSON data types. They will be referenced in the rest of docs.
+
+> `boolean`: true | false
+
+Boolean value, has to be either `true` or `false`, without quotation mark.
+
+> `number`
+
+Usually non-negative integers, without quotation mark.
+
+> `string`
+
+Sequence of characters, surrounded by quotation mark.
+
+> `array`: []
+
+Array of elements. The type of its elements is usually the same, e.g., `[string]` is an array of `string`s.
+
+> `object`: {}
+
+Object. It comes with a list of key value pairs.
+
+{% hint style='tip' %}
+
+A key value pair usually ends with a comma ",", but must not ends with a comma if it is the last element of the object.
+
+{% endhint %}
+
+## V2Ray Common Data Types
+
+> `map`: object \{string, string\}
+
+An object whose keys and values have fixed types.
+
+> `address`: string
+
+An IP or domain address in string form, such as `"8.8.8.8"` or `"www.v2ray.com"`
+
+> `address_port`: string
+
+An `address` with port, such as `"8.8.8.8:53"` or `"www.v2ray.com:80"`. In some usages, the address part can be omitted, like `":443"`.
\ No newline at end of file
diff --git a/es/configuration/api.md b/es/configuration/api.md
new file mode 100644
index 000000000..7fd05a7fd
--- /dev/null
+++ b/es/configuration/api.md
@@ -0,0 +1,52 @@
+---
+refcn: chapter_02/api
+refen: configuration/api
+---
+
+# API
+
+V2Ray provides some API for remote access. These APIs are based on [gRPC](https://grpc.io/).
+
+When API is enabled, V2Ray creates an outbound proxy automatically, tagged as `tag`. User must [route](routing.md) all gRPC connections to this outbound.
+
+## ApiObject
+
+`ApiObject` is used as `api` field in top level configuration.
+
+```javascript
+{
+ "tag": "api",
+ "services": [
+ "HandlerService",
+ "LoggerService",
+ "StatsService"
+ ]
+}
+```
+
+> `tag`: string
+
+The tag of the outbound proxy.
+
+> `services`: \[ string \]
+
+List of enabled APIs.
+
+## Supported API list
+
+### HandlerService
+
+API for manipulating inbound and outbound proxies. The following functionalities are provided:
+
+* Add a new inbound/outbound proxy.
+* Remove an existing inbound/outbound proxy.
+* Add a new user to an inbound proxy (VMess only).
+* Remove an existing user from an inbound proxy (VMess only).
+
+### LoggerService
+
+To restart internal logger. Can work with logrotate for operating log files.
+
+### StatsService
+
+Support for internal [Statistics](stats.md).
\ No newline at end of file
diff --git a/es/configuration/dns.md b/es/configuration/dns.md
new file mode 100644
index 000000000..61f4800ab
--- /dev/null
+++ b/es/configuration/dns.md
@@ -0,0 +1,104 @@
+---
+refcn: chapter_02/04_dns
+refen: configuration/dns
+---
+
+# DNS
+
+V2Ray has an internal DNS server which provides DNS relay for other components.
+
+{% hint style='info' %}
+
+Due to the complexity of DNS protocol, V2Ray for now only supports basic IP queries (A and AAAA). We recommend to use a professional DNS rely (such as [CoreDNS](https://coredns.io/)) for V2Ray.
+
+{% endhint %}
+
+The DNS queries relayed by this DNS service will also be dispatched based on routing settings. No extra configuration is required.
+
+## DnsObject
+
+`DnsObject` is used as `dns` field in top level configuration.
+
+```javascript
+{
+ "hosts": {
+ "baidu.com": "127.0.0.1"
+ },
+ "servers": [
+ {
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ]
+ },
+ "8.8.8.8",
+ "8.8.4.4",
+ "localhost"
+ ],
+ "clientIp": "1.2.3.4",
+ "tag": "dns_inbound"
+}
+```
+
+> `hosts`: map{string: address}
+
+A list of static addresses, in the form of `domain:address`. Each entry has a domain name as key and IP or domain address as value. If a DNS query targets one of the domains in this list, the corresponding IP will be returned immediately and DNS query will not be relayed, or the corresponding domain address will be used for further DNS queries, instead of the previous one.
+
+The format of domains is:
+
+* Plaintext: When the targeting domain is exactly the value, the rule takes effect. Example: rule `"v2ray.com"` matches `"v2ray.com"`, but not `"www.v2ray.com"`.
+* Regular expression: Begining with `"regexp:"`, the rest is a regular expression. When the regexp matches targeting domain, this rule takes effect. Example: rule `"regexp:\\.goo.*\\.com$"` matches `"www.google.com"` and `"fonts.googleapis.com"`, but not `"google.com"`.
+* Subdomain (recommended): Begining with `"domain:"` and the rest is a domain. When the targeting domain is exactly the value, or is a subdomain of the value, this rule takes effect. Example: rule `"domain:v2ray.com"` matches `"www.v2ray.com"`, `"v2ray.com"`, but not `"xv2ray.com"`.
+* Keyword: Begining with `"keyword:"` and the rest is a pattern. If this string matches any part of the targeting domain, this rule takes effet. Example: rule `"keyword:sina.com"` matches targeting domain `"sina.com"`, `"sina.com.cn"` and `"www.sina.com"`, but not `"sina.cn"`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](routing.md#pre-defined-domain-lists) for more detail.
+
+> `servers`: \[string | [ServerObject](#serverobject) | "localhost" \]
+
+List of DNS servers. Each server may be specified in three formats: IP address, [ServerObject](#serverobject), or `"localhost"`.
+
+When a server is an IP address, such as `"8.8.8.8"`, V2Ray queries DNS on UDP port 53 on this address.
+
+When a server is `"localhost"`, V2Ray queries local host for DNS.
+
+{% hint style='info' %}
+
+When `"localhost"` is used, out-going DNS traffic is not controlled by V2Ray. However, you may redirect DNS queries back to V2Ray with additional configuration.
+
+{% endhint %}
+
+> `clientIp`: string
+
+IP address of current machine. If specified, V2Ray uses this IP as EDNS-Client-Subnet. This IP can't be a private address.
+
+> `tag`: string
+
+(V2Ray 4.13+) All traffic initiated from this DNS, except to localhost, will have this tag as inbound. It can be used for routing.
+
+### ServerObject
+
+```javascript
+{
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ],
+}
+```
+
+> `address`: address
+
+Address of the DNS server. For now only UDP servers are supported.
+
+> `port`: number
+
+Port of the DNS server. Usually it is `53` or `5353`.
+
+> `domains`: \[string\]
+
+A list of domains. If the domain of enquire matches one of the list, this DNS server will be prioritized for DNS query for this domain.
+
+Domain name format is the same as in [routing](routing.md).
+
+When a DNS server has the domain in its domain list, the domain will be queried in this server first, and then other servers. Otherwise DNS queries are sent to DNS servers in the order they appear in the config file.
\ No newline at end of file
diff --git a/es/configuration/env.md b/es/configuration/env.md
new file mode 100644
index 000000000..281a72d86
--- /dev/null
+++ b/es/configuration/env.md
@@ -0,0 +1,46 @@
+---
+refcn: chapter_02/env
+refen: configuration/env
+---
+
+# Environment Variables
+
+V2Ray reads the following environment variables.
+
+## Cache size per connection {#buffer-size}
+
+* Name: `v2ray.ray.buffer.size` or `V2RAY_RAY_BUFFER_SIZE`
+* Unit: MBytes
+* Default value: 2 on x86, amd64, arm64 and s390x. This cache is disabled on other platforms.
+* Special value: 0 for unlimited cache size
+
+**Deprecated. Use bufferSize in Policy.**
+
+For each connection, when there is a difference in speed between inbound and outbound traffic, V2Ray will cache some data for larger throughput. This setting controls the size of the cache. The larger the cache, the better the performance.
+
+## Location of V2Ray asset {#asset}
+
+* Name: `v2ray.location.asset` or `V2RAY_LOCATION_ASSET`
+* Default value: Same directory where v2ray is.
+
+This variable specifies a directory where geoip.dat and geosite.dat files are.
+
+## Location of V2Ray config {#config}
+
+* Name: `v2ray.location.config` or `V2RAY_LOCATION_CONFIG`
+* Default value: Same directory where v2ray is.
+
+This variable specifies a directory where config.json is.
+
+## Scatter Reading {#scatter-io}
+
+* Name: `v2ray.buf.readv` or `V2RAY_BUF_READV`
+* Default value: `auto`
+
+V2Ray 3.37 uses Scatter/Gather IO. This feature will use less memory when connection speed is over 100 MByte/s. Possible values are: `auto`, `enable` and `disable`.
+
+* `enable`: Enable scatter reading.
+* `disable`: Disable scatter reading.
+* `auto`: Only enable on Windows, MacOS, Linux when CPU is x86, AMD64 or s390x.
+
+When connection speed is less than 100 MByte/s, no matter whether this is enabled or not, there is no obvious difference in terms of memory usage.
\ No newline at end of file
diff --git a/es/configuration/mux.md b/es/configuration/mux.md
new file mode 100644
index 000000000..8387383ec
--- /dev/null
+++ b/es/configuration/mux.md
@@ -0,0 +1,27 @@
+---
+refcn: chapter_02/mux
+refen: configuration/mux
+---
+
+# Multiplexing
+
+Multiplexing, or Mux, is to use one physical TCP connections for multiple virtual TCP connections.
+
+Mux is designed to reduce TCP handshake latency. It is NOT for high throughput. When used for downloading large files or speed measurement, Mux is usually slower than a normal TCP connection.
+
+## MuxObject
+
+```javascript
+{
+ "enabled": false,
+ "concurrency": 8
+}
+```
+
+> `enabled`: true | false
+
+Whether or not to enable Mux on an outbound.
+
+> `concurrency`: number
+
+Max number of multiplexed connections that one physical connection can handle at a time. Max value `1024`, min value `1`, default `8`.
\ No newline at end of file
diff --git a/es/configuration/overview.md b/es/configuration/overview.md
new file mode 100644
index 000000000..75eb68d10
--- /dev/null
+++ b/es/configuration/overview.md
@@ -0,0 +1,249 @@
+---
+refcn: chapter_02/01_overview
+refen: configuration/overview
+---
+
+# Configuration Overview
+
+V2Ray shares a same structure of configuration between server side and client side shown as below. Server and client configurations are different in specific sections.
+
+Below is the top level structure of the configuration. Each section has its own format.
+
+```javascript
+{
+ "log": {},
+ "api": {},
+ "dns": {},
+ "stats": {},
+ "routing": {},
+ "policy": {},
+ "inbounds": [],
+ "outbounds": [],
+ "transport": {}
+}
+```
+
+> `log`: [LogObject](#logobject)
+
+Log configuration to control log outputs.
+
+> `api`: [ApiObject](api.md)
+
+RPC API to control the V2Ray instance. See [API configuration](api.md) for details.
+
+> `dns`: [DnsObject](dns.md)
+
+Configuration for internal DNS server's configurations. If this section is omitted, V2Ray will use your system-wide DNS configuration. For details, see [DNS Configurations](dns.md).
+
+> `stats`: [StatsObject](stats.md)
+
+When specified, internal [Statistics](stats.md) is enabled.
+
+> `policy`: [PolicyObject](policy.md)
+
+Configurations for permissions and other security strategies. For details, see [Local Policy](policy.md).
+
+> `routing`: [RoutingObject](routing.md)
+
+Configuration for internal [Routing](routing.md) strategy.
+
+> `inbounds`: \[ [InboundObject](#inboundobject) \]
+
+An array of [InboundObject](#inboundobject) as configuration for inbound proxies.
+
+> `outbounds`: \[ [OutboundObject](#outboundobject) \]
+
+An array of [OutboundObject](#outboundobject) as configuration for outbound proxies. The first outbound in the array is the main one. It is the default outbound in routing decision.
+
+> `transport`: [TransportObject](transport.md)
+
+Low-level transport protocol's configurations. For details, see [Protocol Transport Options](transport.md).
+
+## LogObject
+
+```javascript
+{
+ "access": "/path/to/file",
+ "error": "/path/to/file",
+ "loglevel": "warning"
+}
+```
+
+> `access`: string
+
+Path to access log. If not empty, it must be a legal file path, such as `"/tmp/v2ray/_access.log"`(Linux), or `"C:\\Temp\\v2ray\\_access.log"`(Windows). If empty, V2Ray writes access log to `stdout`.
+
+> `error`: string
+
+Path to error log. If not empty, it must be a legal file path. If empty, V2Ray writes error log to `stdout`.
+
+> `loglevel`: "debug" | "info" | "warning" | "error" | "none"
+
+Level of logs to be written. Different log levels indicate different content of logs. Default value is `"warning"`.
+
+Log levels:
+
+* `"debug"`: Information for developers only. Also includes all `"info"` logs.
+* `"info"`: Information for current state of V2Ray. Users don't have to take care of those. Also includes all `"warning"` logs.
+* `"warning"`: Something wrong with the environment, usually outside of V2Ray, e.g., network breakage. V2Ray still runs, but users may experience some breakages. Also includes all `"error"` logs.
+* `"error"`: Something severely wrong, that V2Ray can't run at all.
+* `"none"`: All logging are disabled.
+
+## InboundObject
+
+An InboundObject defines an inbound proxy. It handles incoming connections to V2Ray. Available proxies are [listed here](protocols.md).
+
+```javascript
+{
+ "port": 1080,
+ "listen": "127.0.0.1",
+ "protocol": "protocol_name",
+ "settings": {},
+ "streamSettings": {},
+ "tag": "inbound_tag_name",
+ "sniffing": {
+ "enabled": false,
+ "destOverride": ["http", "tls"]
+ },
+ "allocate": {
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+ },
+}
+```
+
+> `port`: number | "env:variable" | string
+
+Port that the proxy is listening on. Acceptable formats are:
+
+* Integer: actual port number.
+* Environment variable: Beginning with `"env:"`, an env variable specifies the port in string format, such as `"env:PORT"`. V2Ray will decode the variable as string.
+* String: A numberic string value, such as `"1234"`, or a range of ports, such as `"5-10"` for 6 ports in total.
+
+The actual ports to open also depend on `allocate` setting. See below.
+
+> `listen`: address
+
+The address to be listened on. Default value is `"0.0.0.0"` for incoming connections on all network interfaces. Otherwise the value has to be the address of an existing network interface.
+
+> `protocol`: string
+
+Name of the inbound protocol. See each individual for available values.
+
+> `settings`: InboundConfigurationObject
+
+Protocol-specific settings. See `InboundConfigurationObject` defined in each protocol.
+
+> `streamSettings`: [StreamSettingsObject]
+
+See [Protocol Transport Options](transport.md) for detail.
+
+> `tag`: string
+
+The tag of the inbound proxy. It can be used for routing decisions. If not empty, it must be unique among all inbound proxies.
+
+> `sniffing`: [SniffingObject](#sniffingobject)
+
+Configuration for content sniffing.
+
+> `allocate`: [AllocateObject](#allocateobject)
+
+Configuration for port allocation.
+
+### SniffingObject
+
+```javascript
+{
+ "enabled": false,
+ "destOverride": ["http", "tls"]
+}
+```
+
+> `enabled`: true | false
+
+Whether or not to enable content sniffing.
+
+> `destOverride`: \["http" | "tls"\]
+
+An array of content type. If the content type of incoming traffic is specified in the list, the destination of the connection will be overwritten by sniffed value.
+
+### AllocateObject
+
+```javascript
+{
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+}
+```
+
+> `strategy`: "always" | "random"
+
+Strategy of port allocation. When it is set to `"always"`, all port in the `port` field will be allocated for listening. If `"random"` is set, V2Ray will listen on number of `concurrency` ports, and the list of ports are refereshed every `refresh` minutes.
+
+> `refresh`: number
+
+Number of minutes to refresh the ports of listening. Min value is `2`. This setting is only effective when `strategy` is set to `"random"`.
+
+> `concurrency`: number
+
+Number of ports to listen. Min value is `1`. Max value is one third of entire port range.
+
+## OutboundObject
+
+An OutboundObject defines an outbound proxy for handling out-going connections. Available protocols are listed [here](protocols.md).
+
+```javascript
+{
+ "sendThrough": "0.0.0.0",
+ "protocol": "protocol_name",
+ "settings": {},
+ "tag": "this_outbound_tag_name",
+ "streamSettings": {},
+ "proxySettings": {
+ "tag": "another_outbound_tag_name"
+ },
+ "mux": {}
+}
+```
+
+> `sendThrough`: address
+
+An IP address for sending traffic out. The default value, `"0.0.0.0"` is for randomly choosing an IP available on the host. Otherwise the value has to be an IP address from existing network interfaces.
+
+> `protocol`: string
+
+The protocol name of this outbound. See [Protocols](protocols.md) for all available values.
+
+> `settings`: OutboundConfigurationObject
+
+Protocol-specific settings. See `OutboundConfigurationObject` in each individual protocols.
+
+> `tag`: string
+
+The tag of this outbound. If not empty, it must be unique among all outbounds.
+
+> `streamSettings`: [StreamSettingsObject](transport.md)
+
+Low-level transport settings. See [Protocol Transport Options](transport.md).
+
+> `proxySettings`: [ProxySettingsObject](#proxysettingsobject)
+
+Configuration for delegating traffic from this outbound to another. When this is set, `streamSettings` of this outbound will has no effect.
+
+> `mux`: [MuxObject](mux.md)
+
+See [Mux](mux.md) configuration for detail.
+
+### ProxySettingsObject
+
+```javascript
+{
+ "tag": "another-outbound-tag"
+}
+```
+
+> `tag`: string
+
+When `tag` is set to the tag of another outbound, the out-going traffic of current outbound will be delegated to the specified one.
\ No newline at end of file
diff --git a/es/configuration/policy.md b/es/configuration/policy.md
new file mode 100644
index 000000000..81591bb1d
--- /dev/null
+++ b/es/configuration/policy.md
@@ -0,0 +1,127 @@
+---
+refcn: chapter_02/policy
+refen: configuration/policy
+---
+
+# Local Policy
+
+Local policy manages policy settings of current V2Ray instance, such as connection timeouts. The policys can be applied to each user level, or the whole system.
+
+## PolicyObject
+
+`PolicyObject` is used as `policy` field in top level configuration.
+
+```javascript
+{
+ "levels": {
+ "0": {
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false
+ }
+ },
+ "system": {
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+ }
+}
+```
+
+> `level`: map{string: [LevelPolicyObject](#levelpolicyobject)}
+
+A list of key value pairs. Each key is a string of integer (restricted by JSON), such as `"0"`, `"1"`, etc. The numeric value is for a certain user level.
+
+{% hint style='info' %}
+
+User level can be set on each inbound and outbound proxy. V2Ray will apply different policies based on user level.
+
+{% endhint %}
+
+> `system`: [SystemPolicyObject](#systempolicyobject)
+
+System-wide policy
+
+### LevelPolicyObject
+
+```javascript
+{
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false,
+ "bufferSize": 10240
+}
+```
+
+> `handshake`: number
+
+Timeout for establishing a connection, in seconds. Default value `4`. At the handshake stage of an inbound proxy dealing with a new connection, say VMess reading request header, if it takes longer than `handshake` time, V2Ray aborts the connection.
+
+> `connIdle`: number
+
+Timeout for idle connections, in seconds. Default value `300`. If there is no data passed through the connection in `connIdle` time, V2Ray aborts the conneciton.
+
+> `uplinkOnly`: number
+
+Time for keeping connections open after the uplink of the connection is closed, in seconds. Default value `2`. After remote (server) closes the downlink of the connection, V2Ray aborts the connection after `uplinkOnly` times.
+
+> `downlinkOnly`: number
+
+Time for keeping connections open after the downlink of the connection is closed, in seconds. Default value `5`. After client (browser) closes the uplink of the connection, V2Ray aborts the connection after `downlinkOnly` time.
+
+{% hint style='tip' %}
+
+In a simple webpage browser scenario, it is safe to set `uplinkOnly` and `downlinkOnly` both to `0`, for better performance.
+
+{% endhint %}
+
+> `statsUserUplink`: true | false
+
+When set to `true`, V2Ray enables stat counter to uplink traffic for all users in this level.
+
+> `statsUserDownlink`: true | false
+
+When set to `true`, V2Ray enables stat counter to downlink traffic for all users in this level.
+
+> `bufferSize`: number
+
+Size of internal buffer per connection, in kilo-bytes. Default value is `10240`. When it is set to `0`, the internal buffer is disabled.
+
+Default value (V2Ray 4.4+):
+
+* `0` on ARM, MIPS and MIPSLE.
+* `4` on ARM64, MIPS64 and MIPS64LE.
+* `512` on other platforms.
+
+Default value (V2Ray 4.3-):
+
+* `16` on ARM, ARM64, MIPS, MIPS64, MIPSLE and MIPS64LE.
+* `2048` on other platforms.
+
+{% hint style='info' %}
+
+`bufferSize` overrides `v2ray.ray.buffer.size` settings in [env variables](env.md#cache-size-per-connection).
+
+{% endhint %}
+
+### SystemPolicyObject
+
+```javascript
+{
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+}
+```
+
+> `statsInboundUplink`: true | false
+
+When set to `true`, V2Ray enables stat counter for all uplink traffic in all inbound proxies.
+
+> `statsInboundDownlink`: true | false
+
+When set to `true`, V2Ray enables stat counter for all downlink traffic in all inbound proxies.
\ No newline at end of file
diff --git a/es/configuration/protocols.md b/es/configuration/protocols.md
new file mode 100644
index 000000000..4cf08f6eb
--- /dev/null
+++ b/es/configuration/protocols.md
@@ -0,0 +1,17 @@
+---
+refcn: chapter_02/02_protocols
+refen: configuration/protocols
+---
+
+# Protocols
+
+V2Ray supports the following protocols. Each protocol may be an inbound protocol, or an outbound protocol, or both.
+
+* [Blackhole](protocols/blackhole.md)
+* [Dokodemo-door](protocols/dokodemo.md)
+* [Freedom](protocols/freedom.md)
+* [HTTP](protocols/http.md)
+* [MTProto](protocols/mtproto.md)
+* [Shadowsocks](protocols/shadowsocks.md)
+* [Socks](protocols/socks.md)
+* [VMess](protocols/vmess.md)
\ No newline at end of file
diff --git a/es/configuration/protocols/blackhole.md b/es/configuration/protocols/blackhole.md
new file mode 100644
index 000000000..917898da5
--- /dev/null
+++ b/es/configuration/protocols/blackhole.md
@@ -0,0 +1,40 @@
+---
+refcn: chapter_02/protocols/blackhole
+refen: configuration/protocols/blackhole
+---
+
+# Blackhole
+
+* Name: `blackhole`
+* Type: Outbound
+
+Blackhole is a protocol for outbound connections. It blocks all connections with pre-defined responses. Combined with [Routing](../routing.md), this can be used for blocking access to some websites.
+
+## ConfigurationObject
+
+```javascript
+{
+ "response": {
+ "type": "none"
+ }
+}
+```
+
+> `response`: [ResponseObject](#responseobject)
+
+Pre-defined response. Blockhole will send (if any) pre-defined data immediately for any connection passed to it and close the connection.
+
+### ResponseObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none" | "http"
+
+Type of the response, available options are:
+
+* `"none"`: Default value. Empty response.
+* `"http"`: A valid HTTP 403 response.
\ No newline at end of file
diff --git a/es/configuration/protocols/dns.md b/es/configuration/protocols/dns.md
new file mode 100644
index 000000000..bd4793d46
--- /dev/null
+++ b/es/configuration/protocols/dns.md
@@ -0,0 +1,37 @@
+---
+refcn: chapter_02/protocols/dns
+refen: configuration/protocols/dns
+---
+
+# DNS
+
+* Name: `dns`
+* Type: Outbound
+
+DNS is an outbound proxy. It is mainly used for intercept and proxy DNS queries and responses. This outbound proxy can only accept DNS traffic, including both TCP and UDP based DNS queries. Other type of traffic will result in errors.
+
+When proxying DNS queries, DNS outbound will redirect IP queries (A and AAAA) to [internal DNS server](../dns.md). It will send other type of queries directly to its original destination.
+
+DNS outbound proxy is introduced in V2Ray 4.15.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "network": "tcp",
+ "address": "1.1.1.1",
+ "port": 53
+}
+```
+
+> `network`: "tcp" | "udp"
+
+(V2Ray 4.16+) Modify the transport protocol of the DNS traffic. The value may be either `"tcp"` or `"udp"`. If it is not specified, the original protocol remains unchanged.
+
+> `address`: address
+
+(V2Ray 4.16+) Modify the DNS server address in the request. If it is not specified, the original DNS server address remain unchanged.
+
+> `port`: number
+
+(V2Ray 4.16+) Modify the DNS server port in the request. If it is not specified, the original DNS server port remain unchanged.
\ No newline at end of file
diff --git a/es/configuration/protocols/dokodemo.md b/es/configuration/protocols/dokodemo.md
new file mode 100644
index 000000000..6857dd046
--- /dev/null
+++ b/es/configuration/protocols/dokodemo.md
@@ -0,0 +1,96 @@
+* * *
+
+refcn: chapter_02/protocols/dokodemo refen: configuration/protocols/dokodemo
+
+* * *
+
+# Dokodemo-door
+
+* Name: `dokodemo-door`
+* Type: Inbound
+
+Dokodemo-door is a protocol for inbound connections. It take any connections and passes them to the specified destination.
+
+Dokodemo-door can also (if configured) work as a transparent proxy.
+
+## ConfigurationObject
+
+```javascript
+{
+ "address": "8.8.8.8",
+ "port": 53,
+ "network": "tcp",
+ "followRedirect": false,
+ "userLevel": 0
+}
+```
+
+> `address`: address
+
+Address of the destination server. May be an IPv4, IPv6 or a domain, in string form. When `followRedirect` (see below) is `true`, `address` can be empty.
+
+> `port`: number
+
+Port of the destination server.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+Type of acceptable network. If `"tcp"` is specified, all UDP traffic sent to this dokodemo-door will be discarded.
+
+> `followRedirect`: true | false
+
+When set to `true`, dokodemo-door will recognize destination from TProxy and use it as its destination. See `TProxy` in [transport](../transport.md) for detail.
+
+> `userLevel`: number
+
+User level. All connections share this level. See [Policy](../policy.md) for details.
+
+## Examples for transparent proxy
+
+Add a dokodemo-door inbound as below.
+
+```javascript
+{
+ "network": "tcp,udp",
+ "timeout": 30,
+ "followRedirect": true
+}
+```
+
+Configure iptables as below.
+
+```bash
+# Create new chain
+iptables -t nat -N V2RAY
+iptables -t mangle -N V2RAY
+iptables -t mangle -N V2RAY_MARK
+
+# Ignore your V2Ray server's addresses
+# It's very IMPORTANT, just be careful.
+iptables -t nat -A V2RAY -d 123.123.123.123 -j RETURN
+
+# Ignore LANs and any other addresses you'd like to bypass the proxy
+# See Wikipedia and RFC5735 for full list of reserved networks.
+iptables -t nat -A V2RAY -d 0.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 10.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 127.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 169.254.0.0/16 -j RETURN
+iptables -t nat -A V2RAY -d 172.16.0.0/12 -j RETURN
+iptables -t nat -A V2RAY -d 192.168.0.0/16 -j RETURN
+iptables -t nat -A V2RAY -d 224.0.0.0/4 -j RETURN
+iptables -t nat -A V2RAY -d 240.0.0.0/4 -j RETURN
+
+# Anything else should be redirected to Dokodemo-door's local port
+iptables -t nat -A V2RAY -p tcp -j REDIRECT --to-ports 12345
+
+# Add any UDP rules
+ip route add local default dev lo table 100
+ip rule add fwmark 1 lookup 100
+iptables -t mangle -A V2RAY -p udp --dport 53 -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
+iptables -t mangle -A V2RAY_MARK -p udp --dport 53 -j MARK --set-mark 1
+
+# Apply the rules
+iptables -t nat -A OUTPUT -p tcp -j V2RAY
+iptables -t mangle -A PREROUTING -j V2RAY
+iptables -t mangle -A OUTPUT -j V2RAY_MARK
+```
\ No newline at end of file
diff --git a/es/configuration/protocols/freedom.md b/es/configuration/protocols/freedom.md
new file mode 100644
index 000000000..3f11060bb
--- /dev/null
+++ b/es/configuration/protocols/freedom.md
@@ -0,0 +1,45 @@
+---
+refcn: chapter_02/protocols/freedom
+refen: configuration/protocols/freedom
+---
+
+# Freedom
+
+* Name: `freedom`
+* Type: Outbound
+
+Freedom is a protocol for outbound connections. It passes all TCP or UDP connection to their destinations. This outbound is used when you want to send traffic to its real destination.
+
+## ConfigurationObject
+
+```javascript
+{
+ "domainStrategy": "AsIs",
+ "redirect": "127.0.0.1:3366",
+ "userLevel": 0
+}
+```
+
+> `domainStrategy`: "AsIs" | "UseIP"
+
+Strategy for domain name resolution. Options are:
+
+* `"AsIs"`: Default value. Resolve domain name by system.
+* `"UseIP"`: Use [internal DNS](../dns.md) for domain name resolution.
+* `"UseIPv4"`: Use IPv4 address only, after resolved by internal DNS.
+* `"UseIPv6"`: Use IPv6 address only, after resolved by internal DNS.
+
+(V2Ray 4.6+) In `UseIP` mode, when `sendThrough` is specified in [OutboundObject](../overview.md#outboundobject), Freedom will automatically choose between IPv4 and IPv6 address for destination based on `sendThrough` settings.
+
+(V2Ray 4.7+) If `sendThrough` address conflicts with `"UseIPv4"` or `"UseIPv6"`, Freedom will fail to dial out-going connections.
+
+> `redirect`: address_port
+
+Redirect all connections to this address, in form like `"127.0.0.1:80"` or `":1234"`.
+
+* When address is empty, e.g. `":443"`, Freedom will use the original destination address.
+* When port is `0`, e.g. `"v2ray.com:0"`, Freedom will use the original port.
+
+> `userLevel`: number
+
+User level. All connections share this level.
\ No newline at end of file
diff --git a/es/configuration/protocols/http.md b/es/configuration/protocols/http.md
new file mode 100644
index 000000000..cc5ac3859
--- /dev/null
+++ b/es/configuration/protocols/http.md
@@ -0,0 +1,64 @@
+---
+refcn: chapter_02/protocols/http
+refen: configuration/protocols/http
+---
+
+# HTTP
+
+* Name: `http`
+* Type: Inbound
+
+HTTP is a protocol for inbound connections. It is compatible with HTTP/1.1.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "accounts": [
+ {
+ "user": "my-username",
+ "pass": "my-password"
+ }
+ ],
+ "allowTransparent": false,
+ "userLevel": 0
+}
+```
+
+> `accounts`: \[[AccountObject](#accountobject)\]
+
+An array in which each entry is an account. It is empty by default. If not empty, HTTP Basic Authentication is required for incoming requests.
+
+> `allowTransparent`: true | false
+
+If set to `true`, all HTTP request sent to this inbound will be proxied, including non-proxy request.
+
+> `userLevel`: number
+
+User level. All connections share this level.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `user`: string
+
+Username for HTTP authentication.
+
+> `pass`: string
+
+password for HTTP authentication.
+
+{% hint style='info' %}
+
+Use the following settings in Linux to use HTTP proxy in current session.
+
+* `export http_proxy=http://127.0.0.1:8080/` (URL has to change according to your config)
+* `export https_proxy=$http_proxy`
+
+{% endhint %}
\ No newline at end of file
diff --git a/es/configuration/protocols/mtproto.md b/es/configuration/protocols/mtproto.md
new file mode 100644
index 000000000..447eb2601
--- /dev/null
+++ b/es/configuration/protocols/mtproto.md
@@ -0,0 +1,103 @@
+---
+refcn: chapter_02/protocols/mtproto
+refen: configuration/protocols/mtproto
+---
+
+# MTProto
+
+* Name: `mtproto`
+* Type: Inbound / Outbound
+
+MTProto proxy is a special procol for Telegram. It consists of a pair of inbound and outboud proxies in V2Ray. They are usually used together for building a proxy for Telegram
+
+For now V2Ray only supports IPv4 address of Telegram server.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "users": [{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+ }]
+}
+```
+
+> `users`: \[[UserObject](#userobject)\]
+
+An array of users. For now only the first user is effective.
+
+### UserObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+}
+```
+
+> `email`: string
+
+User email. Used for tracking purposes. See [Stats](../stats.md).
+
+> `level`: number
+
+User level.
+
+> `secret`: string
+
+User secret. In Telegram, user secret must be 32 characters long, and only contains characters between `0` to `9`, and `a`to `f`.
+
+{% hint style='tip' %}
+
+You may use the following command to generate MTProto secret: `openssl rand -hex 16`
+
+{% endhint %}
+
+## Outbound configuration {#outbound}
+
+```javascript
+{
+}
+```
+
+## Sample {#sample}
+
+MTProto can only be used for Telegram traffic. You may need a routing rule to combine the corresponding inbound and outbound. Here is an incomplete sample.
+
+Inbound:
+
+```javascript
+{
+ "tag": "tg-in",
+ "port": 443,
+ "protocol": "mtproto",
+ "settings": {
+ "users": [{"secret": "b0cbcef5a486d9636472ac27f8e11a9d"}]
+ }
+}
+```
+
+Outbound:
+
+```javascript
+{
+ "tag": "tg-out",
+ "protocol": "mtproto",
+ "settings": {}
+}
+```
+
+Routing:
+
+```javascript
+{
+ "type": "field",
+ "inboundTag": ["tg-in"],
+ "outboundTag": "tg-out"
+}
+```
+
+The configure your Telegram app to connect to 443 port on this machine.
\ No newline at end of file
diff --git a/es/configuration/protocols/shadowsocks.md b/es/configuration/protocols/shadowsocks.md
new file mode 100644
index 000000000..e9cf2002c
--- /dev/null
+++ b/es/configuration/protocols/shadowsocks.md
@@ -0,0 +1,163 @@
+---
+refcn: chapter_02/protocols/shadowsocks
+refen: configuration/protocols/shadowsocks
+---
+
+# Shadowsocks
+
+* Name: `shadowsocks`
+* Type: Inbound / Outbound
+
+[Shadowsocks](https://www.shadowsocks.org/) protocol, for both inbound and outbound connections.
+
+Compatibility with official version:
+
+* Supports both TCP and UDP connections, where UDP can be optional turned off.
+* Supports [OTA](https://web.archive.org/web/20161221022225/https://shadowsocks.org/en/spec/one-time-auth.html);
+ * Client may choose to turn on or off.
+ * Server may choose to enable, disable or auto.
+* Encryption methods ([AEAD](https://shadowsocks.org/en/spec/AEAD-Ciphers.html) ciphers added in V2Ray 3.0):
+ * aes-256-cfb
+ * aes-128-cfb
+ * chacha20
+ * chacha20-ietf
+ * aes-256-gcm
+ * aes-128-gcm
+ * chacha20-poly1305 a.k.a. chacha20-ietf-poly1305
+* Plugins:
+ * Support obfs through standalone mode.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "method": "aes-128-cfb",
+ "password": "password",
+ "level": 0,
+ "ota": true,
+ "network": "tcp"
+}
+```
+
+> `email`: string
+
+Email address. Used for user identification.
+
+> `method`: string
+
+Required. See [Encryption methods](#encryption-methods) for available values.
+
+> `password`: string
+
+Required. Password in Shadowsocks protocol. Can be any string.
+
+> `level`: number
+
+User level. Default to `0`. See [Policy](../policy.md).
+
+> `ota`: `true` | `false`
+
+Whether or not to force OTA. If `true` and the incoming connection doesn't enable OTA, V2Ray will reject this connection. Vice versa.
+
+If this field is not specified, V2Ray auto detects OTA settings from incoming connections.
+
+When AEAD encryption is used, `ota` has no effect.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+Type of supported networks. Default to `"tcp"`.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "servers": [
+ {
+ "email": "love@v2ray.com",
+ "address": "127.0.0.1",
+ "port": 1234,
+ "method": "method",
+ "password": "password",
+ "ota": false,
+ "level": 0
+ }
+ ]
+}
+```
+
+Where:
+
+* `email`: Email address. Used for user identification.
+* `address`: Address of Shadowsocks server. Can be IPv4, IPv6 or domain.
+* `port`: Port of Shadowsocks server.
+* `method`: Encryption method. No default value. Options are:
+ * `"aes-256-cfb"`
+ * `"aes-128-cfb"`
+ * `"chacha20"`
+ * `"chacha20-ietf"`
+ * `"aes-256-gcm"`
+ * `"aes-128-gcm"`
+ * `"chacha20-poly1305"` or `"chacha20-ietf-poly1305"`
+* `password`: Password. Can be any string.
+* `ota`: Whether or not to use OTA.
+ * When AEAD is used, `ota` has no effect.
+* `level`: User level.
+
+> `servers`: \[[ServerObject](#serverobject)\]
+
+An array of [ServerObject](#serverobject)s.
+
+### ServerObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "address": "127.0.0.1",
+ "port": 1234,
+ "method": "加密方式",
+ "password": "密码",
+ "ota": false,
+ "level": 0
+}
+```
+
+> `email`: string
+
+Email address. Used for user identification.
+
+> `address`: address
+
+Required. Shadowsocks server address. May be IPv4, IPv6 or domain address.
+
+> `port`: number
+
+Required. Shadowsocks server port.
+
+> `method`: string
+
+Required. See [Encryption methods](#encryption-methods) for available values.
+
+> `password`: string
+
+Required. Password in Shadowsocks protocol. Can be any string.
+
+> `ota`: true | false
+
+Whether or not to use OTA. Default value is `false`.
+
+When AEAD encryption is used, this field has no effect.
+
+> `level`: number
+
+User level.
+
+## Encryption methods
+
+* `"aes-256-cfb"`
+* `"aes-128-cfb"`
+* `"chacha20"`
+* `"chacha20-ietf"`
+* `"aes-256-gcm"`
+* `"aes-128-gcm"`
+* `"chacha20-poly1305"` or `"chacha20-ietf-poly1305"`
\ No newline at end of file
diff --git a/es/configuration/protocols/socks.md b/es/configuration/protocols/socks.md
new file mode 100644
index 000000000..b8df3ea84
--- /dev/null
+++ b/es/configuration/protocols/socks.md
@@ -0,0 +1,147 @@
+---
+refcn: chapter_02/protocols/socks
+refen: configuration/protocols/socks
+---
+
+# Socks
+
+* Name: `socks`
+* Type: Inbound / Outbound
+
+Socks is an implementation of standard SOCKS protocol, compatible with [Socks 4](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol), Socks 4a and [Socks 5](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol).
+
+Socks configuration consists of two parts, `InboundConfigurationObject` and `OutboundConfigurationObject`, for inbound and outbound respectively.
+
+## OutboundConfigurationObject
+
+`OutboundConfigurationObject` is used as `settings` field in `OutboundObject` in top level configuration.
+
+```javascript
+{
+ "servers": [{
+ "address": "127.0.0.1",
+ "port": 1234,
+ "users": [
+ {
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+ }
+ ]
+ }]
+}
+```
+
+> `servers`: \[ [ServerObject](#serverobject) \]
+
+An array of Socks servers.
+
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 1234,
+ "users": [
+ {
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+ }
+ ]
+}
+```
+
+> `address`: address
+
+Socks server address. May be IPv4, IPv6 or domain address.
+
+{% hint style='info' %}
+
+Only support Socks 5 servers.
+
+{% endhint %}
+
+> `port`: number
+
+Socks server port.
+
+> `users`: \[ [UserObject](#userobject) \]
+
+An array of users. Each element in the array is an user. If the list is not empty. Socks inbound will force user authentication. Otherwise, anonymous user is allowed.
+
+### UserObject
+
+```javascript
+{
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+}
+```
+
+> `user`: string
+
+Username as in Socks protocol
+
+> `pass`: string
+
+Password as in Socks protocol
+
+> `level`: number
+
+User level for tracking and policy purpose. Default value is `0`.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "auth": "noauth",
+ "accounts": [
+ {
+ "user": "my-username",
+ "pass": "my-password"
+ }
+ ],
+ "udp": false,
+ "ip": "127.0.0.1",
+ "userLevel": 0
+}
+```
+
+> `auth`: "noauth" | "password"
+
+Socks autentication method. `"noauth"` is for anonymous authentication, and `"password"` for authentication with username and password. Default value is `"noauth"`.
+
+> `accounts`: \[ [AccountObject](#accountobject) \]
+
+An array of user accounts, for authenication purpose. Only take effect when `auth` is set to `"password"`.
+
+> `udp`: true | false
+
+Whether or not to enable UDP. Default value is `false`.
+
+> `ip`: address
+
+When UDP is enabled, V2Ray needs to know the IP address of current host. Default value is `"127.0.0.1"`. This must be set to the public IP address of the host, if you want to allow public UDP traffic.
+
+> `userLevel`: number
+
+User level. All incoming connections share this user level.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `user`: string
+
+Username as in Socks protocol
+
+> `pass`: string
+
+Password as in Socks protocol
\ No newline at end of file
diff --git a/es/configuration/protocols/vmess.md b/es/configuration/protocols/vmess.md
new file mode 100644
index 000000000..3d7642e4f
--- /dev/null
+++ b/es/configuration/protocols/vmess.md
@@ -0,0 +1,196 @@
+---
+refcn: chapter_02/protocols/vmess
+refen: configuration/protocols/vmess
+---
+
+# VMess
+
+* Name: `vmess`
+* Type: Inbound / Outbound
+
+[VMess](https://www.v2ray.com/eng/protocols/vmess.html) is a protocol for encrypted communications. It includes both inbound and outbound proxy.
+
+VMess depends on system time. Please ensure that your system time is in sync with UTC time. Timezone doesn't matter. One may install `ntp` service on Linux to automatically adjust system time.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "vnext": [
+ {
+ "address": "127.0.0.1",
+ "port": 37192,
+ "users": [
+ {
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "alterId": 4,
+ "security": "auto",
+ "level": 0
+ }
+ ]
+ }
+ ]
+}
+```
+
+> `vnext`: \[ [ServerObject](#serverobject) \]
+
+An array, where each element presents a remote server
+
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 37192,
+ "users": []
+}
+```
+
+> `address`: address
+
+Server address, may be IPv4, IPv6 or domain name.
+
+> `port`: number
+
+Server port
+
+> `users`: \[ [UserObject](#userobject) \]
+
+An array where each element is an VMess user
+
+### UserObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "alterId": 16,
+ "security": "auto",
+ "level": 0
+}
+```
+
+> `id`: string
+
+User ID, in the form of a [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
+
+> `alterId`: number
+
+Number of alternative IDs. The alternative IDs will be generated in a deterministic way. Default to 0. Maximum 65535. Recommend 4. Its value must be not larger than the one in corresponding Inbound.
+
+> `level`: number
+
+User level. See [Policy](../policy.md) for more detail.
+
+> `security`: "aes-128-gcm" | "chacha20-poly1305" | "auto" | "none"
+
+Method for encrypting payload. This setting is only available at outbound. The VMess inbound will automatically recognize this setting and decrypt payload accordingly. Options are:
+
+* `"aes-128-gcm"`: Recommended for PC.
+* `"chacha20-poly1305"`: Recommended for mobile.
+* `"auto"`: Default value. Use `aes-128-gcm` on AMD64, ARM64 and S390x, or `chacha20-poly1305` otherwise.
+* `"none"`: Traffic is not encrypted at all.
+
+{% hint style='info' %}
+
+Use `"auto"` wherever possible for better compatibility.
+
+{% endhint %}
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "clients": [
+ {
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "level": 0,
+ "alterId": 4,
+ "email": "love@v2ray.com"
+ }
+ ],
+ "default": {
+ "level": 0,
+ "alterId": 4
+ },
+ "detour": {
+ "to": "tag_to_detour"
+ },
+ "disableInsecureEncryption": false
+}
+```
+
+> `clients`: \[ [ClientObject](#clientobject) \]
+
+An array for valid user accounts. May be empty when used for dynamic port feature.
+
+> `detour`: [DetourObject](#detourobject)
+
+Optional feature to suggest client to take a detour. If specified, this inbound will instruct the outbound to use another inbound.
+
+> `default`: [DefaultObject](#defaultobject)
+
+Optional default client configuration. Usually used with `detour`.
+
+> `disableInsecureEncryption`: true | false
+
+Forbids client for using insecure encryption methods. When set to `true`, connections will be terminated immediately if the following encryption is used. Default value `false`.
+
+* `none`
+* `aes-128-cfb`
+
+### ClientObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "level": 0,
+ "alterId": 4,
+ "email": "love@v2ray.com"
+}
+```
+
+> `id`: string
+
+User ID, in the form of [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
+
+> `level`: number
+
+User level. See [Policy](../policy.md) for its usage.
+
+> `alterId`: number
+
+Number of alternative IDs. Same as in Outbound.
+
+> `email`: string
+
+Email address for user identification.
+
+### DetourObject
+
+```javascript
+{
+ "to": "tag_to_detour"
+}
+```
+
+> `to`: string
+
+The tag of an inbound proxy. See [Overview](../protocols.md). If configured, VMess will suggest its client to use the detour for further connections.
+
+### DefaultObject
+
+```javascript
+{
+ "level": 0,
+ "alterId": 4
+}
+```
+
+> `level`: number
+
+User level.
+
+> `alterId`: number
+
+Number of alternative IDs. Default value 64. Recommend 4.
\ No newline at end of file
diff --git a/es/configuration/reverse.md b/es/configuration/reverse.md
new file mode 100644
index 000000000..8b1d41082
--- /dev/null
+++ b/es/configuration/reverse.md
@@ -0,0 +1,199 @@
+---
+refcn: chapter_02/reverse
+refen: configuration/reverse
+---
+
+# Reverse Proxy
+
+Reverse proxy is an optional feature in V2Ray. It redirects traffic from a server to a client. Thus is so called "Reverse" proxying.
+
+{% hint style='tip' %}
+
+Reverse proxy is available in V2Ray 4.0+. It is now in beta, and may be improved in near future.
+
+{% endhint %}
+
+Reverse proxy works in the following way:
+
+* Suppose there is a device A that runs a web server. Device A has no public IP address, and can't be accessed from internet. There is another device B, say a cloud server, which can be access from internet. We need to use B as portal, to redirect traffice to A.
+* Now we install a V2Ray on device A, named `bridge`. And then install a V2Ray on device B, named `portal`.
+* `bridge` will open connections to `portal`. Their target can be customized for routing purpose. `portal` will receive these connections, as well as connections from other uses in the internet. `portal` will "connect" these two kind of connections. Then the interent traffic will be tunneled to `bridge`.
+* After `bridge` receives traffic from internet through `portal`, it will send these traffic to the web server on localhost. You may configure routing for these traffic as well.
+* `bridge` will control load balance based of the amount of traffic.
+
+{% hint style='danger' %}
+
+Reverse proxy has already leveraged [Mux](mux.md). It is not necessary to configure Mux again on its outbound.
+
+{% endhint %}
+
+## ReverseObject
+
+`ReverseObject` is used as `reverse` field in top level configuration.
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }],
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+> `bridges`: \[[BridgeObject](bridgeobject)\]
+
+An array of `bridge`s. Each `bridge` is a [BridgeObject](bridgeobject).
+
+> `portals`: \[[PortalObject](portalobject)\]
+
+An array of `portal`s. Each `portal` is a [PortalObject](bridgeobject).
+
+### BridgeObject
+
+```javascript
+{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+}
+```
+
+> `tag`: string
+
+A tag. All traffic initiated by this `bridge` will have this tag. It can be used for [routing](routing.md), identified as `inboundTag`.
+
+> `domain`: string
+
+A domain. All connections initiated by `bridge` towards `portal` will use this domain as target. This domain is only used for communication between `bridge` and `portal`. It is not necessary to be actually registered.
+
+### PortalObject
+
+> `tag`: string
+
+A Tag. You need to redirect all traffic to this `portal`, by targeting `outboundTag` to this `tag`. The traffic includes the connections from `bridge`, as well as internet traffic.
+
+> `domain`: string
+
+A domain. When a connection targeting this domain, `portal` considers it is a connection from `bridge`, otherwise it is an internet connection.
+
+{% hint style='tip' %}
+
+Like other usages, a V2Ray instance can be used as a `bridge`, or a `portal`, or both as the same time.
+
+{% endhint %}
+
+## Example configuration
+
+`bridge` usually needs two outbounds. One for connecting `portal`, and another for connecting local web server.
+
+Reverse:
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+Outbound:
+
+```javascript
+{
+ "tag": "out"
+ "protocol": "freedom",
+ "settings": {
+ "redirect": "127.0.0.1:80" // Send traffic to local web server
+ }
+},
+{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "portal的IP地址",
+ "port": 1024,
+ "users": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }]
+ },
+ "tag": "interconn"
+}
+```
+
+Routing:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "domain": ["full:test.v2ray.com"],
+ "outboundTag": "interconn"
+ },{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "outboundTag": "out"
+ }]
+}
+```
+
+`portal` usually needs two inbounds. One for connections from `bridge`, and another for internet connections.
+
+Reverse:
+
+```javascript
+{
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com" // Must be the same as in bridge
+ }]
+}
+```
+
+Inbound:
+
+```javascript
+{
+ "tag": "external",
+ "port": 80, // Open port 80 for internet HTTP traffic
+ "protocol": "dokodemo-door",
+ "settings": {
+ "address": "127.0.0.1",
+ "port": 80,
+ "network": "tcp"
+ }
+},
+{
+ "port": 1024, // For bridge connections
+ "tag": "interconn",
+ "protocol": "vmess",
+ "settings": {
+ "clients": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }
+}
+```
+
+Routing:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["external"],
+ "outboundTag": "portal"
+ },{
+ "type": "field",
+ "inboundTag": ["interconn"],
+ "outboundTag": "portal"
+ }]
+}
+```
+
+{% hint style='tip' %}
+
+In practice, you may want to run `bridge` first and then `portal`.
+
+{% endhint %}
\ No newline at end of file
diff --git a/es/configuration/routing.md b/es/configuration/routing.md
new file mode 100644
index 000000000..3390aa0fb
--- /dev/null
+++ b/es/configuration/routing.md
@@ -0,0 +1,194 @@
+---
+refcn: chapter_02/03_routing
+refen: configuration/routing
+---
+
+# Routing
+
+V2Ray has an internal routing mechanism. It routes inbound connections to various outbound based on rules. A common scenario is to split traffic by country. V2Ray can detect target country (by Geo IP) of a connection, and sends then connection to corresponding outbound proxy.
+
+## RoutingObject
+
+`RoutingObject` is used as `routing` in top level configuration.
+
+```javascript
+{
+ "domainStrategy": "AsIs",
+ "rules": [],
+ "balancers": []
+}
+```
+
+> `domainStrategy`: "AsIs" | "IPIfNonMatch" | "IPOnDemand"
+
+Domain resolution strategy. Choices are:
+
+* `"AsIs"`: Only use domain for routing. Default value.
+* `"IPIfNonMatch"`: When no rule matches current domain, V2Ray resolves it into IP addresses (A or AAAA records) and try all rules again.
+ * If a domain has multiple IP addresses, V2Ray tries all of them.
+ * The resolved IPs are only used for routing decisions, the traffic is still sent to original domain address.
+* `"IPOnDemand"`: As long as there is a IP-based rule, V2Ray resolves the domain into IP immediately.
+
+> `rules`: \[[RuleObject](#ruleobject)\]
+
+An array of rules. For each inbound connection, V2Ray tries these rules from top down one by one. If a rule takes effect, the connection will be routed to the `outboundTag` (or `balancerTag`, V2Ray 4.4+) of the rule.
+
+> `balancers`: \[ [BalancerObject](#balancerobject) \]
+
+(V2Ray 4.4+) An array of load balancers. When a routing rule points to a load balancer, the balancer will select an outbound based on configuration. Then traffic will be sent to that outbound.
+
+### RuleObject
+
+```javascript
+{
+ "type": "field",
+ "domain": [
+ "baidu.com",
+ "qq.com",
+ "geosite:cn"
+ ],
+ "ip": [
+ "0.0.0.0/8",
+ "10.0.0.0/8",
+ "fc00::/7",
+ "fe80::/10",
+ "geoip:cn"
+ ],
+ "port": "53,443,1000-2000",
+ "network": "tcp",
+ "source": [
+ "10.0.0.1"
+ ],
+ "user": [
+ "love@v2ray.com"
+ ],
+ "inboundTag": [
+ "tag-vmess"
+ ],
+ "protocol":["http", "tls", "bittorrent"],
+ "attrs": "attrs[':method'] == 'GET'",
+ "outboundTag": "direct",
+ "balancerTag": "balancer"
+}
+```
+
+{% hint style='info' %}
+
+When multiple fields are specified, these fields have to be all satisfied, in order to make the rule effective. If you need both `domain` and `ip` rules, it is highly likely you need put them into separate rules.
+
+{% endhint %}
+
+> `type`: "field"
+
+The only valid value for now is `"field"`.
+
+> `domain`: \[ string \]
+
+An array of domains. Available formats are:
+
+* Plaintext: If this string matches any part of the targeting domain, this rule takes effet. Example: rule `"sina.com"` matches targeting domain `"sina.com"`, `"sina.com.cn"` and `"www.sina.com"`, but not `"sina.cn"`.
+* Regular expression: Begining with `"regexp:"`, the rest is a regular expression. When the regexp matches targeting domain, this rule takes effect. Example: rule `"regexp:\\.goo.*\\.com$"` matches `"www.google.com"` and `"fonts.googleapis.com"`, but not `"google.com"`.
+* Subdomain (recommended): Begining with `"domain:"` and the rest is a domain. When the targeting domain is exactly the value, or is a subdomain of the value, this rule takes effect. Example: rule `"domain:v2ray.com"` matches `"www.v2ray.com"`, `"v2ray.com"`, but not `"xv2ray.com"`.
+* Full domain: Begining with `"full:"` and the rest is a domain. When the targeting domain is exactly the value, the rule takes effect. Example: rule `"domain:v2ray.com"` matches `"v2ray.com"`, but not `"www.v2ray.com"`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](#pre-defined-domain-lists) for more detail.
+* Domains from file: Such as `"ext:file:tag"`. The value must begin with `ext:` (lowercase), and followed by filename and tag. The file is placed in [resource directory](env.md#location-of-v2ray-asset), and has the same format of `geosite.dat`. The tag must exist in the file.
+
+> `ip`: \[string\]
+
+An array of IP ranges. When the targeting IP is in one of the ranges, this rule takes effect. Available formats:
+
+* IP: such as `"127.0.0.1"`.
+* [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing): such as `"127.0.0.0/8"`.
+* GeoIP: such as `"geoip:cn"`. It begins with `geoip:` (lower case) and followed by two letter of country code.
+ * Special value `"geoip:private"`: for all private addresses such as `127.0.0.1`.
+* IPs from file: Such as `"ext:file:tag"`. The value must begin with `ext:` (lowercase), and followed by filename and tag. The file is placed in [resource directory](env.md#location-of-v2ray-asset), and has the same format of `geoip.dat`. The tag must exist in the file.
+
+{% hint style='info' %}
+
+`"ext:geoip.dat:cn"` is equivalent to `"geoip:cn"`.
+
+{% endhint %}
+
+> `port`:number | string
+
+Port range. Formats are:
+
+* `"a-b"`: Both `a` and `b` are positive integers and less than 65536. When the targeting port is in [`a`, `b`), this rule takes effect.
+* `a`: `a` is a positive integer, and less than 65536. When the targeting port is `a`, this rule takes effect.
+* Mix of the two above, separated by ",". Such as `"53,443,1000-2000"`.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+When the connection has in the chosen network, this rule take effect.
+
+> `source`: \[string\]
+
+An array of IP ranges. Same format as `ip`. When the source IP of the connection is in the IP range, this rule takes effect.
+
+> `user`: \[string\]
+
+An array of email address. When the inbound connection uses an user account of the email address, this rule takes effect. For now Shadowsocks and VMess support user with email.
+
+> `inboundTag`: \[string\]
+
+An array of string as inbound proxy tags. When the connection comes from one of the specified inbound proxy, this rule takes effect.
+
+> `protocol`: \[ "http" | "tls" | "bittorrent" \]
+
+An array of string as protocol types. When the connection uses one of the protocols, this rule takes effect. To recognize the protocol of a connection, one must enable `sniffing` option in inbound proxy.
+
+> `attrs`: string
+
+(V2Ray 4.18+) A Starlark script, used for detecting traffic attributes. When this script returns true, this rule takes effect.
+
+[Starlark](https://github.com/bazelbuild/starlark) is a subset of Python. The script takes a global varible named `attrs`. It contains all attributes of the traffic.
+
+At the moment, only http inbound sets `attrs`.
+
+Examples:
+
+* Detect HTTP GET: `"attrs[':method'] == 'GET'"`
+* Detect HTTP Path: `"attrs[':path'].startswith('/test')"`
+* Detect Content Type: `"attrs['accept'].index('text/html') >= 0"`
+
+> `outboundTag` string
+
+[Tag of the outbound](protocols.md) that the connection will be sent to, if this rule take effect.
+
+> `balancerTag`: string
+
+Tag of an load balancer. Then this rule takes effect, V2Ray will use the balancer to select an outbound. Either `outboundTag` or `balancerTag` must be specified. When both are specified, `outboundTag` takes priority.
+
+### BalancerObject
+
+Configuration for a load balancer. When a load balancer takes effective, it selects one outbound from matching outbounds. This outbound will be used for send out-going traffic.
+
+```javascript
+{
+ "tag": "balancer",
+ "selector": []
+}
+```
+
+> `tag`: string
+
+Tag of this `BalancerObject`, to be matched from `balancerTag` in `RuleObject`.
+
+> `selector`: \[ string \]
+
+An array of strings. These strings are used to select outbounds with prefix matching. For example, with the following outbound tags: `[ "a", "ab", "c", "ba" ]`,selector `["a"]` matches `[ "a", "ab" ]`.
+
+When multiple outbounds are selected, load balancer for now picks one final outbound at random.
+
+## Pre-defined domain lists
+
+This is a domain lists maintained by [domain-list-community](https://github.com/v2ray/domain-list-community) project. It provides a file named `geosite.dat` for some predefined domain lists. Notably:
+
+* `category-ads`: Common ads domains.
+* `category-ads-all`: Common ads domains and ads providers' domains.
+* `cn`: Equivalent to an union of `geolocation-cn` and `tld-cn`.
+* `google`: All Google domains.
+* `facebook`: All Facebook domains.
+* `geolocation-cn`: Common domains that serve in China.
+* `geolocation-!cn`: Common domains that don't serve in China
+* `tld-cn`: All .cn and .中国 domains.
\ No newline at end of file
diff --git a/es/configuration/stats.md b/es/configuration/stats.md
new file mode 100644
index 000000000..a0d0f513b
--- /dev/null
+++ b/es/configuration/stats.md
@@ -0,0 +1,43 @@
+---
+refcn: chapter_02/stats
+refen: configuration/stats
+---
+
+# Statistics
+
+V2Ray provides some information about its internals.
+
+## StatsObject
+
+`StatsObject` is used as `stats` field in top level configuration.
+
+```javascript
+{
+}
+```
+
+At the moment there is no parameter in stats settings. Stats is enabled automatically when the `StatsObject` is set in top level configuration. You need also enable the corresponding settings in [Policy](policy.md), in order to keep track of user or system stats.
+
+All stats counters are listed below:
+
+## User Traffic
+
+If an user doesn't has email address set in protocol settings, the traffic stats will not be enabled.
+
+> `user>>>[email]>>>traffic>>>uplink`
+
+Accumulated uplink traffic of specific user, in bytes.
+
+> `user>>>[email]>>>traffic>>>downlink`
+
+Accumulated downlink traffic of specific user, in bytes.
+
+## Global Traffic
+
+> `inbound>>>[tag]>>>traffic>>>uplink`
+
+Accumulated uplink traffic of specific inbound, in bytes.
+
+> `inbound>>>[tag]>>>traffic>>>downlink`
+
+Accumulated downlink traffic of specific inbound, in bytes.
\ No newline at end of file
diff --git a/es/configuration/transport.md b/es/configuration/transport.md
new file mode 100644
index 000000000..71da4b53a
--- /dev/null
+++ b/es/configuration/transport.md
@@ -0,0 +1,300 @@
+---
+refcn: chapter_02/05_transport
+refen: configuration/transport
+---
+
+# Transport Settings
+
+Transport is for how V2Ray sends and receives data from its peers. The responsibility of a transport is to reliably transfer data to a peer. Usually a connection has matching transports on both endpoints. For example, if a V2Ray outbound uses WebSocket as its transport, the inbound it talks to also has to use WebSocket, otherwise a connection can't be established.
+
+The transport settings devides into two parts: global settings and per proxy settings. Per-proxy settings specifies how each individual proxy handles its data, while global settings is for all proxies. Usually the inbound and outbound proxies between the connecting peer must have the same transport settings. When a proxy has no transport settings, the global settings applies.
+
+## TransportObject
+
+`TransportObject` is used as `transport` field in top level configuration.
+
+```javascript
+{
+ "tcpSettings": {},
+ "kcpSettings": {},
+ "wsSettings": {},
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {}
+}
+```
+
+> `tcpSettings`: TcpObject
+
+Settings for [TCP transport](transport/tcp.md).
+
+> `kcpSettings`: KcpObject
+
+Settings for [mKCP transport](transport/mkcp.md).
+
+> `wsSettings`: WebSocketObject
+
+Settings for [WebSocket transport](transport/websocket.md).
+
+> `httpSettings`: HttpObject
+
+Settings for [HTTP/2 transport](transport/h2.md).
+
+> `dsSettings`: DomainSocketObject
+
+Settings for [Domain Socket transport](transport/domainsocket.md).
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) Settings for [QUIC transport](transport/quic.md).
+
+## StreamSettingsObject
+
+Each inbound and outbound proxy may has its own transport settings, as specified in `streamSettings` field in top level configuration.
+
+```javascript
+{
+ "network": "tcp",
+ "security": "none",
+ "tlsSettings": {},
+ "tcpSettings": {},
+ "kcpSettings": {},
+ "wsSettings": {},
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {},
+ "sockopt": {
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+ }
+}
+```
+
+> `network`: "tcp" | "kcp" | "ws" | "http" | "domainsocket" | "quic"
+
+Network type of the stream transport. Default value `"tcp"`.
+
+> `security`: "none" | "tls"
+
+Type of security. Choices are `"none"` (default) for no extra security, or `"tls"` for using [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security).
+
+> `tlsSettings`: [TLSObject](#tlsobject)
+
+TLS settings. TLS is provided by Golang. Support up to TLS 1.2. DTLS is not supported.
+
+> `tcpSettings`: [TcpObject](transport/tcp.md)
+
+TCP transport configuration for current proxy. Effective only when the proxy uses TCP transport. Configuration is the same as it is in global configuration.
+
+> `kcpSettings`: KcpObject
+
+mKCP transport configuration for current proxy. Effective only when the proxy uses mKCP transport. Configuration is the same as it is in global configuration.
+
+> `wsSettings`: WebSocketObject
+
+WebSocket transport configuration for current proxy. Effective only when the proxy uses WebSocket transport. Configuration is the same as it is in global configuration.
+
+> `httpSettings`: HttpObject
+
+HTTP/2 transport configuration for current proxy. Effective only when the proxy uses HTTP/2 transport. Configuration is the same as it is in global configuration.
+
+> `dsSettings`: DomainSocketObject
+
+Domain socket transport configuration for current proxy. Effective only when the proxy uses domain socket transport. Configuration is the same as it is in global configuration.
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) QUIC transport configuration for current proxy. Effective only when the proxy uses QUIC transport. Configuration is the same as it is in global configuration.
+
+> `sockopt`: SockoptObject
+
+Socket options for incoming and out-going connections.
+
+### TLSObject
+
+```javascript
+{
+ "serverName": "v2ray.com",
+ "allowInsecure": false,
+ "alpn": ["http/1.1"],
+ "certificates": [],
+ "disableSystemRoot": false
+}
+```
+
+> `serverName`: string
+
+Server name (usually domain) used for TLS authentication. Typically this is used when corressponding inbound/outbound uses IP for communication.
+
+When domain name is specified from inbound proxy, or get sniffed from the connection, it will be automatically used for connection. It is not necessary to set `serverName` in such case.
+
+> `alpn`: \[ string \]
+
+An array of strings, to specifiy the ALPN value in TLS handshake. Default value is `["http/1.1"]`.
+
+> `allowInsecure`: true | false
+
+If `true`, V2Ray allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates.
+
+> `allowInsecureCiphers`: true | false
+
+Whehter or not to allow insecure cipher suites. By default TLS only uses cipher suites from TLS 1.3 spec. Turn on this option to allow cipher suites with static RSA keys.
+
+> `disableSystemRoot`: true | false
+
+(V2Ray 4.18+) Whether or not to disable system root CAs for TLS handshake. Default value is `false`. If set to `true`, V2Ray will use only `certificates` for TLS handshake.
+
+> `certificates`: \[ [CertificateObject](#certificateobject) \]
+
+List of TLS certificates. Each entry is one certificate.
+
+### CertificateObject
+
+```javascript
+{
+ "usage": "encipherment",
+
+ "certificateFile": "/path/to/certificate.crt",
+ "keyFile": "/path/to/key.key",
+
+ "certificate": [
+ "-----BEGIN CERTIFICATE-----",
+ "MIICwDCCAaigAwIBAgIRAO16JMdESAuHidFYJAR/7kAwDQYJKoZIhvcNAQELBQAw",
+ "ADAeFw0xODA0MTAxMzU1MTdaFw0xODA0MTAxNTU1MTdaMAAwggEiMA0GCSqGSIb3",
+ "DQEBAQUAA4IBDwAwggEKAoIBAQCs2PX0fFSCjOemmdm9UbOvcLctF94Ox4BpSfJ+",
+ "3lJHwZbvnOFuo56WhQJWrclKoImp/c9veL1J4Bbtam3sW3APkZVEK9UxRQ57HQuw",
+ "OzhV0FD20/0YELou85TwnkTw5l9GVCXT02NG+pGlYsFrxesUHpojdl8tIcn113M5",
+ "pypgDPVmPeeORRf7nseMC6GhvXYM4txJPyenohwegl8DZ6OE5FkSVR5wFQtAhbON",
+ "OAkIVVmw002K2J6pitPuJGOka9PxcCVWhko/W+JCGapcC7O74palwBUuXE1iH+Jp",
+ "noPjGp4qE2ognW3WH/sgQ+rvo20eXb9Um1steaYY8xlxgBsXAgMBAAGjNTAzMA4G",
+ "A1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA",
+ "MA0GCSqGSIb3DQEBCwUAA4IBAQBUd9sGKYemzwPnxtw/vzkV8Q32NILEMlPVqeJU",
+ "7UxVgIODBV6A1b3tOUoktuhmgSSaQxjhYbFAVTD+LUglMUCxNbj56luBRlLLQWo+",
+ "9BUhC/ow393tLmqKcB59qNcwbZER6XT5POYwcaKM75QVqhCJVHJNb1zSEE7Co7iO",
+ "6wIan3lFyjBfYlBEz5vyRWQNIwKfdh5cK1yAu13xGENwmtlSTHiwbjBLXfk+0A/8",
+ "r/2s+sCYUkGZHhj8xY7bJ1zg0FRalP5LrqY+r6BckT1QPDIQKYy615j1LpOtwZe/",
+ "d4q7MD/dkzRDsch7t2cIjM/PYeMuzh87admSyL6hdtK0Nm/Q",
+ "-----END CERTIFICATE-----"
+ ],
+ "key": [
+ "-----BEGIN RSA PRIVATE KEY-----",
+ "MIIEowIBAAKCAQEArNj19HxUgoznppnZvVGzr3C3LRfeDseAaUnyft5SR8GW75zh",
+ "bqOeloUCVq3JSqCJqf3Pb3i9SeAW7Wpt7FtwD5GVRCvVMUUOex0LsDs4VdBQ9tP9",
+ "GBC6LvOU8J5E8OZfRlQl09NjRvqRpWLBa8XrFB6aI3ZfLSHJ9ddzOacqYAz1Zj3n",
+ "jkUX+57HjAuhob12DOLcST8np6IcHoJfA2ejhORZElUecBULQIWzjTgJCFVZsNNN",
+ "itieqYrT7iRjpGvT8XAlVoZKP1viQhmqXAuzu+KWpcAVLlxNYh/iaZ6D4xqeKhNq",
+ "IJ1t1h/7IEPq76NtHl2/VJtbLXmmGPMZcYAbFwIDAQABAoIBAFCgG4phfGIxK9Uw",
+ "qrp+o9xQLYGhQnmOYb27OpwnRCYojSlT+mvLcqwvevnHsr9WxyA+PkZ3AYS2PLue",
+ "C4xW0pzQgdn8wENtPOX8lHkuBocw1rNsCwDwvIguIuliSjI8o3CAy+xVDFgNhWap",
+ "/CMzfQYziB7GlnrM6hH838iiy0dlv4I/HKk+3/YlSYQEvnFokTf7HxbDDmznkJTM",
+ "aPKZ5qbnV+4AcQfcLYJ8QE0ViJ8dVZ7RLwIf7+SG0b0bqloti4+oQXqGtiESUwEW",
+ "/Wzi7oyCbFJoPsFWp1P5+wD7jAGpAd9lPIwPahdr1wl6VwIx9W0XYjoZn71AEaw4",
+ "bK4xUXECgYEA3g2o9WqyrhYSax3pGEdvV2qN0VQhw7Xe+jyy98CELOO2DNbB9QNJ",
+ "8cSSU/PjkxQlgbOJc8DEprdMldN5xI/srlsbQWCj72wXxXnVnh991bI2clwt7oYi",
+ "pcGZwzCrJyFL+QaZmYzLxkxYl1tCiiuqLm+EkjxCWKTX/kKEFb6rtnMCgYEAx0WR",
+ "L8Uue3lXxhXRdBS5QRTBNklkSxtU+2yyXRpvFa7Qam+GghJs5RKfJ9lTvjfM/PxG",
+ "3vhuBliWQOKQbm1ZGLbgGBM505EOP7DikUmH/kzKxIeRo4l64mioKdDwK/4CZtS7",
+ "az0Lq3eS6bq11qL4mEdE6Gn/Y+sqB83GHZYju80CgYABFm4KbbBcW+1RKv9WSBtK",
+ "gVIagV/89moWLa/uuLmtApyEqZSfn5mAHqdc0+f8c2/Pl9KHh50u99zfKv8AsHfH",
+ "TtjuVAvZg10GcZdTQ/I41ruficYL0gpfZ3haVWWxNl+J47di4iapXPxeGWtVA+u8",
+ "eH1cvgDRMFWCgE7nUFzE8wKBgGndUomfZtdgGrp4ouLZk6W4ogD2MpsYNSixkXyW",
+ "64cIbV7uSvZVVZbJMtaXxb6bpIKOgBQ6xTEH5SMpenPAEgJoPVts816rhHdfwK5Q",
+ "8zetklegckYAZtFbqmM0xjOI6bu5rqwFLWr1xo33jF0wDYPQ8RHMJkruB1FIB8V2",
+ "GxvNAoGBAM4g2z8NTPMqX+8IBGkGgqmcYuRQxd3cs7LOSEjF9hPy1it2ZFe/yUKq",
+ "ePa2E8osffK5LBkFzhyQb0WrGC9ijM9E6rv10gyuNjlwXdFJcdqVamxwPUBtxRJR",
+ "cYTY2HRkJXDdtT0Bkc3josE6UUDvwMpO0CfAETQPto1tjNEDhQhT",
+ "-----END RSA PRIVATE KEY-----"
+ ]
+}
+```
+
+> `usage`: "encipherment" | "verify" | "issue"
+
+Purpose of the certificate. Default value `"encipherment"`. Choices are:
+
+* `"encipherment"`: Certificate is used for TLS authentication and encryption.
+* `"verify"`: Certificate is used for validating TLS certificates from remote peer. In this case, the certificate has to be a CA certificate.
+* `"issue"`: Certificate is used for issuing other certificates. In this case, the certificate has to be a CA certificate.
+
+{% hint style='info' %}
+
+On Windows, you have to install your CA certificate to system, in order to verify cerificates issued from the CA.
+
+{% endhint %}
+
+{% hint style='info' %}
+
+When there is a new client request, say for `serverName` = `"v2ray.com"`, V2Ray will find a certificate for `"v2ray.com"` first. If not found, V2Ray will try to issue a new certificate using any existing certificate whose `usage` is `"issue"` for `"v2ray.com"`. The new certificate expires in one hour, and will be added to certificate pool for later reuse.
+
+{% endhint %}
+
+> `certificateFile`: string
+
+File path to the certificate. If the certificate is generated by OpenSSL, the path ends with ".crt".
+
+{% hint style='info' %}
+
+Use `v2ctl cert -ca` command to generate a new CA certificate.
+
+{% endhint %}
+
+> `certificate`: \[ string \]
+
+List of strings as content of the certificate. See the example above. Either `certificate` or `certificateFile` must not be empty.
+
+> `keyFile`: string
+
+File path to the private key. If generated by OpenSSL, the file usually ends with ".key". Key file with password is not supported.
+
+> `key`: \[ string \]
+
+List of strings as content of the private key. See the example above. Either `key` or `keyFile` must not be empty.
+
+When `certificateFile` and `certificate` are both filled in. V2Ray uses `certificateFile`. Same for `keyFile` and `key`.
+
+{% hint style='info' %}
+
+When `usage` is `"verify"`, both `keyFile` and `key` can be empty.
+
+{% endhint %}
+
+### SockoptObject
+
+```javascript
+{
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+}
+```
+
+> `mark`: number
+
+An integer. If non-zero, the value will be set to out-going connections via socket option SO_MARK. This mechanism only applies on Linux and requires CAP_NET_ADMIN permission.
+
+> `tcpFastOpen`: true | false
+
+Whether or not to enable [TCP Fast Open](https://en.wikipedia.org/wiki/TCP_Fast_Open). When set to `true`, V2Ray enables TFO for current connection. When set to `false`, V2Ray disables TFO. If this entry doesn't exist, V2Ray uses default settings from operating system.
+
+* Only apply on the following operating systems:
+ * Windows 10 (1604) or later
+ * Mac OS 10.11 / iOS 9 or later
+ * Linux 3.16 or later: Enabled by system default.
+* Applicable for both inbound and outbound connections.
+
+> `tproxy`: "redirect" | "tproxy" | "off"
+
+Whether or not to enable transparent proxy on Linux. Choices are:
+
+* `"off"`: Default value. Not enable TProxy at all.
+* `"redirect"`: Enable TProxy with Redirect mode. Supports TCP/IPv4 and UDP traffic.
+* `"tproxy"`: Enable TProxy with TProxy mode. Supports TCP and UDP traffic.
+
+Transparent proxy requires Root or CAP\_NET\_ADMIN permission.
+
+{% hint style='info' %}
+
+If `TProxy` is not set, and `allowRedirect` is set in [dokodemo-door](protocols/dokodemo.md), the value of `TProxy` will be set to `"redirect"` automatically.
+
+{% endhint %}
\ No newline at end of file
diff --git a/es/configuration/transport/domainsocket.md b/es/configuration/transport/domainsocket.md
new file mode 100644
index 000000000..678bf3dc8
--- /dev/null
+++ b/es/configuration/transport/domainsocket.md
@@ -0,0 +1,30 @@
+---
+refcn: chapter_02/transport/domainsocket
+refen: configuration/transport/domainsocket
+---
+
+# Domain Socket Transport
+
+Domain Socket uses standard Unix domain socket to transport data. Domain socket is system interal tranfer channel. It doesn't jam network buffer and may be a bit faster than trasnferring through local loopback network.
+
+Domain socket can only be used on platforms that supports Unix domain socket, such as macOS and Linux. It is not available on Windows.
+
+{% hint style='info' %}
+
+When domain socket is used, IP and port specified on the inbound/outbound proxy will be ignored. All traffic is tunneled through the domain socket.
+
+{% endhint %}
+
+## DomainSocketObject
+
+`DomainSocketObject` is used in `dsSettings` field in `TransportObject` and `StreamSettingsObject`.
+
+```javascript
+{
+ "path": "/path/to/ds/file"
+}
+```
+
+> `path`: string
+
+An valid absolute file path. Before running V2Ray, the file on this path must not exist.
\ No newline at end of file
diff --git a/es/configuration/transport/h2.md b/es/configuration/transport/h2.md
new file mode 100644
index 000000000..f54835654
--- /dev/null
+++ b/es/configuration/transport/h2.md
@@ -0,0 +1,29 @@
+---
+refcn: chapter_02/transport/h2
+refen: configuration/transport/h2
+---
+
+# HTTP/2 Transport
+
+HTTP/2 transport is added in V2Ray 3.17. It is based on standard HTTP/2, and can be proxies through other HTTP server, such as Nginx.
+
+Due to HTTP/2 recommandation, the corressponding inbound and outbound must enable TLS to use this transport.
+
+## HttpObject
+
+`DomainSocketObject` is used in `httpSettings` field in `TransportObject` and `StreamSettingsObject`.
+
+```javascript
+{
+ "host": ["v2ray.com"],
+ "path": "/random/path"
+}
+```
+
+> `host`: \[ string \]
+
+A string array. Each element is a domain. Client picks up a domain at random for each request. Server checks whether the domain in incoming request is in the list.
+
+> `path`: string
+
+HTTP path. Client and server must have the same value.
\ No newline at end of file
diff --git a/es/configuration/transport/mkcp.md b/es/configuration/transport/mkcp.md
new file mode 100644
index 000000000..c6baee003
--- /dev/null
+++ b/es/configuration/transport/mkcp.md
@@ -0,0 +1,88 @@
+---
+refcn: chapter_02/transport/mkcp
+refen: configuration/transport/mkcp
+---
+
+# mKCP Transport
+
+mKCP is a reliable stream transport. It is an UDP based protocol. mKCP sends more traffic for lower latency. To transfer the same amount of data, mKCP usually requires more throughput than TCP does.
+
+## KcpObject
+
+```javascript
+{
+ "mtu": 1350,
+ "tti": 20,
+ "uplinkCapacity": 5,
+ "downlinkCapacity": 20,
+ "congestion": false,
+ "readBufferSize": 1,
+ "writeBufferSize": 1,
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `mtu`: number
+
+Maximum transmission unit. It indicates the maxium number bytes that an UDP packet can carry. Recommended value is between `576` and `1460`. Default value `1350`.
+
+> `tti`: number
+
+Transmission time interval, in milli-second. mKCP sends data in this interval. Recommended value is between `10` and `100`. Default value `50`.
+
+> `uplinkCapacity`: number
+
+Uplink bandwidth, in MB/s. The maximum bandwidth for the V2Ray instance to upload data to a remote one. Default value is `5`. Please note it is byte (in MB/s), not bit. One may use value `0` for a small bandwidth.
+
+> `downlinkCapacity`: number
+
+Downlink bandwidth, in MB/s. The maximum bandwidth for the V2Ray instance to download data. Default value is `20`. Please note it is byte (in MB/s), not bit. One may use value `0` for a small bandwidth.
+
+{% hint style='info' %}
+
+`uplinkCapacity` and `downlinkCapacity` determine the speed of mKCP. On client side, `uplinkCapacity` specifies the speed for client sending data to server. On sever side, `downlinkCapacity` specifies the speed of server receiving data. The minimum of this pair is effective in an actual connection.
+
+{% endhint %}
+
+> `congestion`: true | false
+
+Whether or not to enable congestion control. Default value is `false`. When congestion control is enabled, V2Ray will detect network quality. It will send less packets when packet loss is severe, or more data when network is not fully filled.
+
+> `readBufferSize`: number
+
+Read buffer size for a single connection, in MB. Default value is `2`.
+
+> `writeBufferSize`: number
+
+Write buffer size for a single connection, in MB. Default value is `2`.
+
+> `header`: [HeaderObject](#headerobject)
+
+Configuration for packet header obfuscation.
+
+### HeaderObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: string
+
+Type of obfuscation. Corresponding inbound and outbound proxy must have the same settings. Choices are:
+
+* `"none"`: Default value. No obfuscation is used.
+* `"srtp"`: Obfuscated as SRTP traffic. It may be recognized as video calls such as Facetime.
+* `"utp"`: Obfuscated as uTP traffic. It may be recognized as Bittorrent traffic.
+* `"wechat-video"`: Obfuscated to WeChat traffic.
+* `"dtls"`: Obfuscated as DTLS 1.2 packets.
+* `"wireguard"`: Obfuscated as WireGuard packets. (NOT true WireGuard protocol)
+
+## Credits {#credits}
+
+* @skywind3000 invented the original KCP protocol and implemented in C.
+* @xtaci re-implement KCP protocol in Go.
+* @xiaokangwang integrated KCP into V2Ray.
\ No newline at end of file
diff --git a/es/configuration/transport/quic.md b/es/configuration/transport/quic.md
new file mode 100644
index 000000000..aee7406a0
--- /dev/null
+++ b/es/configuration/transport/quic.md
@@ -0,0 +1,74 @@
+---
+refcn: chapter_02/transport/quic
+refen: configuration/transport/quic
+---
+
+# QUIC
+
+QUIC, or Quick UDP Internet Connection, is a multiplexing transport based on UDP, initially designed, implemented, and deployed by Google.
+
+QUIC has the following advantages:
+
+1. Reduced number of roundtrips in handshake phase. (1-RTT or 0-RTT)
+2. Multiplexing without head of line blocking as in TCP
+3. Connection migration, especially for clients. For example, connections don't break when device moves from Wi-Fi to 4G.
+
+QUIC is now an experiment in V2Ray. It implements IETF specification. As the spec is still being standardized, compatibility can't be guaranteed.
+
+## Update History
+
+V2Ray 4.7:
+
+* Initial version to support QUIC.
+* Default settings:
+ * 12 byte Connection ID
+ * Connection timeout in 30 seconds if no data traffic. (May have impact on some long HTTP connections)
+
+## QuicObject
+
+QUIC is used as `quicSettings` in transport settings. The configuration must be exactly the same between connecting peers.
+
+QUIC requires TLS. If TLS is not enabled in transport settings, V2Ray will automatically issue a TLS certificate for it. When QUIC transport is used, encryption in VMess can be turned off.
+
+```javascript
+{
+ "security": "none",
+ "key": "",
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `security`: "none" | "aes-128-gcm" | "chacha20-poly1305"
+
+Extra encryption over entire QUIC packet, include the frame head part. Default value is "none" for no encryption. After being encrypted, QUIC packets can't be sniff'ed.
+
+> `key`: string
+
+Key for the encryption above. Can be any string. Only effective when `security` is not `"none"`.
+
+> `header`: [HeaderObject](#headerobject)
+
+Configuration for packet header obfuscation.
+
+### HeaderObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: string
+
+Type of obfuscation. Corresponding inbound and outbound proxy must have the same settings. Choices are:
+
+* `"none"`: Default value. No obfuscation is used.
+* `"srtp"`: Obfuscated as SRTP traffic. It may be recognized as video calls such as Facetime.
+* `"utp"`: Obfuscated as uTP traffic. It may be recognized as Bittorrent traffic.
+* `"wechat-video"`: Obfuscated to WeChat traffic.
+* `"dtls"`: Obfuscated as DTLS 1.2 packets.
+* `"wireguard"`: Obfuscated as WireGuard packets. (NOT true WireGuard protocol)
+
+{% hint style='info' %} When neither encryption nor obfuscation is enabled, QUIC transport is compatible with other QUIC tools. However it is recommended to enable either or both for better undetectable communication. {% endhint %}
\ No newline at end of file
diff --git a/es/configuration/transport/tcp.md b/es/configuration/transport/tcp.md
new file mode 100644
index 000000000..7f9971f2b
--- /dev/null
+++ b/es/configuration/transport/tcp.md
@@ -0,0 +1,130 @@
+---
+refcn: chapter_02/transport/tcp
+refen: configuration/transport/tcp
+---
+
+# TCP Transport
+
+## TcpObject
+
+```javascript
+{
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `header`: NoneHeaderObject | HttpHeaderobject
+
+Header obfuscation. Default value is `NoneHeaderObject`.
+
+### NoneHeaderObject
+
+No header obfuscation.
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none"
+
+Disable header obfuscation.
+
+### HttpHeaderObject
+
+HTTP header obfuscation. The configuration must be the same between connecting inbound and outbound.
+
+```javascript
+{
+ "type": "http",
+ "request": {},
+ "response": {}
+}
+```
+
+> `type`: "http"
+
+Enable HTTP header obfuscation.
+
+> `request`: [HTTPRequestObject](#httprequestobject)
+
+HTTP request template.
+
+> `response`: [HTTPResponseObject](#httpresponseobject)
+
+HTTP response template.
+
+### HTTPRequestObject
+
+```javascript
+{
+ "version": "1.1",
+ "method": "GET",
+ "path": ["/"],
+ "headers": {
+ "Host": ["www.baidu.com", "www.bing.com"],
+ "User-Agent": [
+ "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36",
+ "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
+ ],
+ "Accept-Encoding": ["gzip, deflate"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
+ }
+}
+```
+
+> `version`: string
+
+HTTP version. Default value is `"1.1"`.
+
+> `method`: string
+
+HTTP method. Default value is `"GET"`。
+
+> `path`: \[ string \]
+
+HTTP path. An array is string. The path will be chosen randomly for every connection.
+
+> `headers`: map{string, \[ string \] }
+
+HTTP header. The key of each entry is the key of HTTP header. The value of each entry is a list of strings. The actual HTTP header value will be chosen randomly from the list for each connection. Default value is the values in the example above.
+
+In a connection, all keys in the specified map will be set to the HTTP header.
+
+### HTTPResponseObject
+
+```javascript
+{
+ "version": "1.1",
+ "status": "200",
+ "reason": "OK",
+ "headers": {
+ "Content-Type": ["application/octet-stream", "video/mpeg"],
+ "Transfer-Encoding": ["chunked"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
+ }
+}
+```
+
+> `version`: string
+
+HTTP version. Default value is `"1.1"`.
+
+> `status`: string
+
+HTTP status. Default value is `"200"`
+
+> `reason`: string
+
+HTTP status message. Default value is `"OK"`.
+
+> `headers`: map{string, string}
+
+HTTP header. The key of each entry is the key of HTTP header. The value of each entry is a list of strings. The actual HTTP header value will be chosen randomly from the list for each connection. Default value is the values in the example above.
+
+In a connection, all keys in the specified map will be set to the HTTP header.
\ No newline at end of file
diff --git a/es/configuration/transport/websocket.md b/es/configuration/transport/websocket.md
new file mode 100644
index 000000000..85c6b4250
--- /dev/null
+++ b/es/configuration/transport/websocket.md
@@ -0,0 +1,35 @@
+---
+refcn: chapter_02/transport/websocket
+refen: configuration/transport/websocket
+---
+
+# WebSocket
+
+Use standard WebSocket to transport data. Websocket connections can be proxied by HTTP server such as Nginx.
+
+## WebSocketObject
+
+`WebSocketObject` is used as `wsSettings` in `TransportObject` or `StreamSettingsObject`.
+
+{% hint style='info' %}
+
+Websocket recognizes HTTP header X-Forwarded-For, and uses it as inbound source address.
+
+{% endhint %}
+
+```javascript
+{
+ "path": "/",
+ "headers": {
+ "Host": "v2ray.com"
+ }
+}
+```
+
+> `path`: string
+
+Path used for WebSocket. Default to root, as `"/"`.
+
+> `headers`: map{string, string}
+
+Custom HTTP header. An array where each entry is a key value pair in string, for header and value in HTTP header. Default is empty.
\ No newline at end of file
diff --git a/es/developer/tools.md b/es/developer/tools.md
new file mode 100644
index 000000000..09d258f8e
--- /dev/null
+++ b/es/developer/tools.md
@@ -0,0 +1,14 @@
+# Tools
+
+## Third Party SDK
+
+* C#: [v2ray-dotnet-sdk](https://github.com/techotaku/v2ray-dotnet-sdk)
+
+## Automation
+
+V2Ray uses the following automation tools for build and releases.
+
+* [Bazel](https://bazel.build/): Build & package.
+* [Azure DevOps](https://dev.azure.com/): Automated releases.
+* [Google Cloud](https://cloud.google.com/): Automated releases.
+* [CloudFlare](https://cloudflare.com/): Official site and domain.
\ No newline at end of file
diff --git a/en/ui_client/README.md b/es/ui_client/README.md
similarity index 60%
rename from en/ui_client/README.md
rename to es/ui_client/README.md
index 66c1813a2..38b1aa827 100644
--- a/en/ui_client/README.md
+++ b/es/ui_client/README.md
@@ -1,11 +1,13 @@
+---
+refcn: ui_client/index
+refen: ui_client/index
+---
# Project V Clients
- [](https://www.v2ray.com/ui_client/)
-
Besides the core V2ray, Project V includes various of GUI clients in many platforms. Please see the following list for your favor.
* [Windows](windows.md)
* [Mac OS X](osx.md)
* [iOS](ios.md)
* [Android](android.md)
-* [Online services](ui_client/service.md)
+* [Online services](ui_client/service.md)
\ No newline at end of file
diff --git a/en/ui_client/android.md b/es/ui_client/android.md
similarity index 80%
rename from en/ui_client/android.md
rename to es/ui_client/android.md
index bf04d5712..98a107dc8 100644
--- a/en/ui_client/android.md
+++ b/es/ui_client/android.md
@@ -1,6 +1,15 @@
-# Android
+---
+refcn: ui_client/android
+refen: ui_client/android
+---
+# Android Client
- [](https://www.v2ray.com/ui_client/android.html)
+## BifrostV
+
+BifrostV is an Android app based on V2Ray core. It supports VMess, Shadowsocks, socks protocols.
+
+* Download: [Play Store](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv)
+* Download: [APK Pure](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
## V2RayNG
@@ -16,16 +25,10 @@ V2RayNG is an Android app based on V2Ray. It provides same feature set as V2Ray
## Actinium
-* Download: [Play Store](https://play.google.com/store/apps/details?id=com.v2ray.actinium)
+* Download: Play Store (Unavailable)
* Source: [Github](https://github.com/V2Ray-Android/Actinium)
-## BifrostV
-
-BifrostV is an Android app based on V2Ray core. It supports VMess, Shadowsocks, socks protocols.
-
-* Download: [Play Store](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv)
-
-## Other tools
+## Other tools {#other}
### JuiceSSH
@@ -45,4 +48,4 @@ SSH client
Encrypted discussion.
* Website: [telegram.org](https://telegram.org/)
-* Download: [Play Store](https://play.google.com/store/apps/details?id=org.telegram.messenger)
+* Download: [Play Store](https://play.google.com/store/apps/details?id=org.telegram.messenger)
\ No newline at end of file
diff --git a/en/ui_client/ios.md b/es/ui_client/ios.md
similarity index 62%
rename from en/ui_client/ios.md
rename to es/ui_client/ios.md
index 5bcc67ffc..3d7b70af4 100644
--- a/en/ui_client/ios.md
+++ b/es/ui_client/ios.md
@@ -1,12 +1,20 @@
-# iOS 客户端
-
- [](https://www.v2ray.com/ui_client/ios.html)
+---
+refcn: ui_client/ios
+refen: ui_client/ios
+---
+# iOS Client
## Kitsunebi
Kitsunebi is an iOS app based on V2Ray. It provides full functionality as V2Ray. It also supports importing and exporting V2Ray compatible JSON configuration.
-* Download: [iTunes](https://www.v2ray.com/itunes/us/kitsunebi/id1275446921/)
+* Download: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+## Kitsunebi Lite
+
+Light version of Kitsunebi.
+
+* Download: [iTunes](https://www.v2ray.com/itunes/us/kitsunebi-lite/id1387913765/)
## Shadowrocket
@@ -14,13 +22,17 @@ Shadowrocket is a generic VPN app. Is supports multiple protocols such as Shadow
* Download: [iTunes](https://www.v2ray.com/itunes/us/shadowrocket/id932747118/)
-## Pepi (was ShadowRay)
+## Pepi (was ShadowRay) {#pepi}
Pepi is V2Ray compatible app. Is is able create VPN connections based on VMess protocol, and communicate with any V2Ray servers.
* Download: [iTunes](https://www.v2ray.com/itunes/us/pepi/id1283082051/)
-## Other tools
+## Quantumult
+
+* Download: [iTunes](https://www.v2ray.com/itunes/us/quantumult/id1252015438/)
+
+## Other tools {#other}
### HyperApp
@@ -41,3 +53,10 @@ Encrypted discussion.
* Website: [telegram.org](https://telegram.org/)
* Download: [iTunes](https://www.v2ray.com/itunes/us/telegram-messenger/id686449807/)
+
+### ProtonMail
+
+Encrypted email.
+
+* Website: [protonmail.com](https://protonmail.com/)
+* Download: [iTunes](https://www.v2ray.com/itunes/us/protonmail-encrypted-email/id979659905/)
\ No newline at end of file
diff --git a/en/ui_client/osx.md b/es/ui_client/osx.md
similarity index 74%
rename from en/ui_client/osx.md
rename to es/ui_client/osx.md
index fadc0cfdc..2c128c575 100644
--- a/en/ui_client/osx.md
+++ b/es/ui_client/osx.md
@@ -1,12 +1,18 @@
+---
+refcn: ui_client/osx
+refen: ui_client/osx
+---
# Mac OS X
- [](https://www.v2ray.com/ui_client/osx.html)
-
## V2RayX
* Download: [Github](https://github.com/Cenmrev/V2RayX)
-## Other tools
+## V2RayU
+
+* Download: [Github](https://github.com/yanue/V2rayU)
+
+## Other tools {#other}
### Visual Studio Code
@@ -23,4 +29,4 @@ Encrypted discussion.
### Microsoft Remote Desktop Connection Client
-* Download: [Mac App Store](https://www.v2ray.com/itunesm/us/microsoft-remote-desktop/id715768417/)
+* Download: [Mac App Store](https://www.v2ray.com/itunesm/us/microsoft-remote-desktop/id715768417/)
\ No newline at end of file
diff --git a/es/ui_client/service.md b/es/ui_client/service.md
new file mode 100644
index 000000000..fd19550a7
--- /dev/null
+++ b/es/ui_client/service.md
@@ -0,0 +1,40 @@
+---
+refcn: ui_client/service
+refen: ui_client/service
+---
+# Online services
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## V2Ray related
+
+* [Configuration generator](https://htfy96.github.io/v2ray-config-gen/)
+* [UUID Generator](https://www.uuidgenerator.net/)
+
+## VPN
+
+* [BabyDriver](http://babydriver.me/): Supports V2Ray. Coupon code: bcb518
+* [喵帕斯](https://xn--i2ru8q2qg.com/): V2Ray support (beta)
+* [Lanan](https://xn--sjt174g.com/): V2Ray based VPN service. Coupon code: v2ray
+* [多数派](https://dspi.io/aff.php?aff=7): New V2Ray based VPN service.
+* [V2rayPro](https://myv2.us/): VPN service based on V2Ray. Coupon code: v2ray.com
+* [V2Net](http://v2net.org/): Customized V2Ray service. Promo code: v2ray.com
+
+## Hosting
+
+* [Let's Encrypt](https://letsencrypt.org/): Free TLS certificates
+* [Vultr](https://www.vultr.com/?ref=7269307): VPS
+ * [2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+* [BlueHost](https://www.bluehost.com/track/v2ray/): VPS, web hosting
+* [ClouDNS](https://www.cloudns.net/aff/id/244749/): Domain registration, DNS, SSL certificate
+
+## Cryptocurrency
+
+* [LocalBitcoins](https://localbitcoins.com/?ch=khtm): Trade Bitcoins offline
+* [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g): OTC market to trade BTC, ETH, BCH, USDT.
+* [Binance](https://www.binance.com/?ref=35382451): Trading market for crypto currencies.
+* [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp): Trading market for crypto currencies.
+* [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18): Online crypto currency wallet
+* [PrimeDice](https://primedice.com/?c=default): Dice game with bitcoin.
+* [OneHash](https://www.onehash.com/?ap=56d52158f7e04b169ec54d): Bet sport games with Bitcoin, including World Cup 2018.
+* [Bitsler](https://www.bitsler.com/?ref=VictoriaR): Casino games with Bitcoin.
\ No newline at end of file
diff --git a/en/ui_client/windows.md b/es/ui_client/windows.md
similarity index 66%
rename from en/ui_client/windows.md
rename to es/ui_client/windows.md
index bccf923af..cba433f18 100644
--- a/en/ui_client/windows.md
+++ b/es/ui_client/windows.md
@@ -1,7 +1,9 @@
+---
+refcn: ui_client/windows
+refen: ui_client/windows
+---
# Windows
- [](https://www.v2ray.com/ui_client/windows.html)
-
## V2RayW
* Download: [Github](https://github.com/Cenmrev/V2RayW)
@@ -10,7 +12,11 @@
* Download: [Github](https://github.com/2dust/v2rayN)
-## Other tools
+## V2RayS
+
+* Download: [Github](https://github.com/Shinlor/V2RayS)
+
+## Other tools {#other}
### PuTTY
@@ -28,4 +34,4 @@ Source code editor from Microsoft.
Encrypted discussion.
-* Website: [telegram.org](https://telegram.org/)
+* Website: [telegram.org](https://telegram.org/)
\ No newline at end of file
diff --git a/es/welcome/command.md b/es/welcome/command.md
new file mode 100644
index 000000000..2bc16c630
--- /dev/null
+++ b/es/welcome/command.md
@@ -0,0 +1,151 @@
+---
+refcn: chapter_00/command
+refen: welcome/command
+---
+
+# Commandline
+
+## V2Ray
+
+V2Ray has the following commandline parameters:
+
+```shell
+v2ray [-version] [-test] [-config=config.json] [-format=json]
+```
+
+> `-version`
+
+Print the version of V2Ray only, and then exit.
+
+> `-test`
+
+Test configuration, output any errors and then exit.
+
+> `-config`
+
+URI of the configuration. Avilable formats are:
+
+* Path to the local config file. May be a relative path or absolute path.
+* `"stdin:"`: Indicates V2Ray to read configuration from standard input. Caller must close stdin after writing out configuration.
+* Value begins with `http://` or `https://` (lowercase): V2Ray tries to load configuration from the remote address.
+
+> `-format`
+
+Configuration format. Choices are:
+
+* `json`: JSON format.
+* `pb` or `protobuf`: Protobuf format.
+
+{% hint style='info' %}
+
+When `-config` is not specified, V2Ray first tries to load configuration from `config.json` under working directory, then from the directory specified by [environment variable](../configuration/env.md) `v2ray.location.asset`.
+
+{% endhint %}
+
+## V2Ctl
+
+V2Ctl is a collection of commandline tools. It runs in the following way:
+
+```bash
+v2ctl
+```
+
+> `command`
+
+Subcommand. Available values are below:
+
+* `api`: Invoke remote control commands in V2Ray instances.
+* `config`: Convert configuration from JSON format to protobuf.
+* `cert`: Generate TLS certificates.
+* `fetch`: Fetch remove resources.
+* `tlsping`: (V2Ray 4.17+) Test TLS handshake.
+* `verify`: Verify the signature of V2Ray releases.
+* `uuid`: Generate UUID.
+
+### V2Ctl Api
+
+`v2ctl api [--server=127.0.0.1:8080] `
+
+Invoke remote control commands in V2Ray instances. Example:
+
+`v2ctl api --server=127.0.0.1:8080 LoggerService.RestartLogger ''`
+
+### V2Ctl Config
+
+`v2ctl config`
+
+No option for this command. It reads JSON configuration from stdin, and print out corresponding Protobuf to stdout, if succeeds.
+
+### V2Ctl Cert
+
+`v2ctl cert [--ca] [--domain=v2ray.com] [--expire=240h] [--name="V2Ray Inc"] [--org="V2Ray Inc] [--json] [--file=v2ray]`
+
+Generates a TLS certificate based on options.
+
+> `--ca`
+
+If specified, the certificate will be a CA certificate.
+
+> `--domain`
+
+Alternative Names in the certificate. This option can be used multiple times for multiple domains. For example: `--domain=v2ray.com --domain=v2ray.cool`.
+
+> `--expire`
+
+Expire date of the certificate. Value is a [Golang duration](https://golang.org/pkg/time/#ParseDuration).
+
+> `--name`
+
+Command Name in the certificate.
+
+> `--org`
+
+Orgnization in the certificate.
+
+> `--json`
+
+If specified, the certificate will be printed to stdout in the JSON format that is used in V2Ray.
+
+> `--file`
+
+Prints the certificate into files. When `--file=a`, two files named `a_cert.pem` and `a_key.pem` will be generated.
+
+### V2Ctl Fetch
+
+`v2ctl fetch `
+
+Fetch remove resources and print to stdout. Only HTTP and HTTPS URL are supported.
+
+### V2Ctl TlsPing
+
+`v2ctl tlsping --ip=[ip]`
+
+Test TLS handlshake with specific domain.
+
+> domain
+
+Target domain for the TLS handshake.
+
+> --ip
+
+The IP address of the domain. If not specifed, V2Ctl resolves it through system DNS.
+
+### V2Ctl Verify
+
+`v2ctl verify [--sig=/path/to/sigfile] `
+
+To verify the signature of a V2Ray binary.
+
+> `--sig`
+
+Path to signature file. Default value is the ".sig" file to the path to be verified.
+
+> `filepath`
+
+The file to be verified.
+
+### V2Ctl UUID
+
+`v2ctl uuid`
+
+No options. This command prints a random UUID.
\ No newline at end of file
diff --git a/es/welcome/donate.md b/es/welcome/donate.md
new file mode 100644
index 000000000..70fea3b66
--- /dev/null
+++ b/es/welcome/donate.md
@@ -0,0 +1,77 @@
+---
+refcn: chapter_00/02_donate
+refen: welcome/donate
+---
+
+# Donation
+
+V2Ray is a nonprofit project. The source code and its release binary can be used freely (mainly) under MIT licence. If you like this project, you may buy us a cup of coffee.
+
+Your donation has no direct connection to Project V's development and service. Our development will not be influenced by your donation. However, we will send a thank-you email for every donor. If you wish not to receive such email, please leave a note in your donation.
+
+For any donation worth more than $50, you may choose one of the following:
+
+* Your name or your company log shown on our front page for one month.
+* Modify our codebase as you wish. Restrictions: No user facing functionlity changes; no documentation changes. Your change will stay for a month.
+
+## The Usual Way {#usual-way}
+
+> Paypal
+
+You may donate through [internal Paypal transfer](https://www.paypal.me/ProjectV2Ray/25) or [credit card](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&amount=25¤cy_code=usd&hosted_button_id=4TU3UKYANT2WY)
+
+Please kindly note that Paypal charges high service fee. Any donation less than 1 USD is meaningless.
+
+> Patreon
+
+[Patreon](https://www.patreon.com/v2ray) is a platform for regular donations. You may use Patreon if you want to donate frequently.
+
+> Giftcard
+
+For now we only receive giftcard for Amazon US. You may purchase it [at Amazon.com](https://www.amazon.com/Amazon-eGift-Card-Birthday-Balloons/dp/B01FIS88SY) and then send to `love@v2ray.com`.
+
+## Cryptocurrency {#crypto}
+
+Cryptocurrency is a more reliable way for international transactions. Crypto-wallet is usually anonymous and your donation is not traceable.
+
+Due to the anonymity natural of cryptocurrenty, please send us an email before your donation, if you want to receive the thank-you email.
+
+> Bitcoin
+
+Address: `3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM`
+
+View stats or QR-Code [at BlockChain](https://www.blockchain.com/btc/address/3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM)
+
+> Bitcoin Cash
+
+Address: `15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97`
+
+View stats or QR-Code [at BlockChain](https://explorer.bitcoin.com/bch/address/15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97)
+
+> Ethereum
+
+Address: `0x112ee71189704fe04cabed4aa045f4461c8c8696`
+
+View stats or QR-Code [at BlockChain](https://www.blockchain.com/eth/address/0x112ee71189704fe04cabed4aa045f4461c8c8696). You may also send the following ERC20 tokens to this address: OMG, REP, GNT, DGD
+
+> EOS
+
+Address: `EOS8Civdok4CBN3jCpsaGQijzesjKof1eyaRFuBU5mLMtWVkLsy8a`
+
+> Litecoin
+
+Address: `LVdeH2HkCgGRs8ZEpan7fkAEEPbiJ4McoR`
+
+> Monero
+
+Address: `48kA4NyLRCWQvB7U2A77G66Z25uWbyzmoZSYjxJfrMR1J4dRFW6fWFLDn3wirAqP8ySnR4rnvoXWxfkNFhrK5ZxY1WyBqKg`
+
+> Ripple
+
+Address: `r439fPk8DzCf4nSxkpfodEuE2cG4KVZQHq`
+
+Tag not required
+
+> Other
+
+Please send us an email at `love@v2ray.com` if you want to donate other kind of coins.
\ No newline at end of file
diff --git a/es/welcome/faq.md b/es/welcome/faq.md
new file mode 100644
index 000000000..74177393a
--- /dev/null
+++ b/es/welcome/faq.md
@@ -0,0 +1,67 @@
+---
+refcn: chapter_00/faq
+refen: welcome/faq
+---
+
+# Frequently Asked Questions (FAQ)
+
+## V2Ray Usage
+
+### How to upgrade V2Ray
+
+* Download latest package, or
+* Re-run installation script (Linux only)
+
+### V2Ray Crashes
+
+* If you are using Linux with systemd, you can see panic log using command `journalctl -u v2ray`.
+* In general you can run command `v2ray -config= -test` to see error information.
+
+### Backward Compatibility
+
+* For configuration file (e.g., JSON), backward compatibility applies to at least one major releases. For example, V2Ray 4.x supports config files from V2Ray 3.x.
+* For Protobuf based communication protocols, such as [Api](../configuration/api.md), backward compatibility applies to at least one major releases.
+* For binary based commnunication protocols, such as Shadowsocks and VMess, it is always backward compatible when server version is not older than clients. When client version is newer, backward compatibility applies to at least 12 minor releases.
+
+## V2Ray Errors
+
+### Socks: Unknown Socks version: 67
+
+Possible causes
+
+* You are using socks inbound in V2Ray, but your browser is configured to use HTTP proxy.
+
+Solution
+
+* Add a HTTP inbound in V2Ray, and then update your browser proxy settings to use this proxy.
+
+## License of this project
+
+Project V uses the following license.
+
+### V2Ray
+
+Source code and official releases are licensed under MIT license, including the source code and releases in the following repository.
+
+* [v2ray/v2ray-core](https://www.github.com/v2ray/v2ray-core/)
+* [v2ray/ext](https://www.github.com/v2ray/ext)
+
+### V2Ray.Com
+
+Official website, [v2ray.com](https://www.v2ray.com/), is licensed under [Creative Commons Attribution 4.0 International License](https://creativecommons.org/licenses/by/4.0/).
+
+* Including all visible text and pictures on the website.
+* Including Project V logo.
+* Including all source code that is used for generating the website, i.e., [v2ray/manual](https://www.github.com/v2ray/manual).
+
+### Screenshot and other files {#screenshots}
+
+All third party files listed below belong to their creator. Whoever creates the file owns the file.
+
+* Including all screenshots of Project V.
+* Including all configuration files that are used to run Project V.
+* Including all logs generated by Project V during runtime.
+
+### Other content {#other}
+
+All content that are not mentioned above will be licensed case by case.
\ No newline at end of file
diff --git a/es/welcome/help.md b/es/welcome/help.md
new file mode 100644
index 000000000..ded973091
--- /dev/null
+++ b/es/welcome/help.md
@@ -0,0 +1,117 @@
+---
+refcn: chapter_00/help
+refen: welcome/help
+---
+
+# Support
+
+Project V provides multiple methods for communications.
+
+{% hint style='info' %}
+
+Project V team supports Chinese and English. Please choose either one that you are familiar with for questions.
+
+{% endhint %}
+
+## Github issues
+
+We uses several repositories for different type of discussions.
+
+* [Code issues](https://github.com/v2ray/v2ray-core/issues)
+ * Only used for coding questions, such as bug.
+* [Roadmap](https://github.com/v2ray/planning/issues)
+* [General discussion](https://github.com/v2ray/discussion/issues)
+
+## Telegram
+
+Project V provides the following groups for different type of discussions.
+
+* [Usage](https://t.me/v2fly_chat)
+ * Only for Project V related topics.
+* [Others](https://t.me/joinchat/DNcazUIYaH80uVfeS716jg)
+ * For other topics.
+
+Topics in these groups are mainly in Chinese. Feel free to setup groups in your own language and let us know.
+
+{% hint style='danger' %}
+
+All discussion groups forbid the following topics: adult content, politics, hate speeches. Senders of these topics will be banned immedietely.
+
+{% endhint %}
+
+Please also follow [Project V Announcement](https://t.me/v2fly) for news.
+
+## Twitter
+
+[ProjectV2Ray](https://twitter.com/projectv2ray) for regular communications.
+
+## Email
+
+Please send a message to one of the address below, if you'd like to talk to V2Ray team privately.
+
+`love@v2ray.com`: Main email address for communication. Checked every day.
+
+`v2ray@protonmail.com`: A [ProtonMail](https://protonmail.com/) mailbox which employs end to end encryption. It is difficult to use, and only being checked occasionally.
+
+{% hint style='info' %}
+
+Sadly due to high workload, it is not promised that every email gets replied. Sorry for the inconvenience. For general questions, please use discussion groups above for quick response.
+
+{% endhint %}
+
+You may get PGP public key by searching `love@v2ray.com`, or use the public key below.
+
+```text
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: GPGTools - https://gpgtools.org
+
+mQINBFaPeDABEADAbh3mk58UbKKWndztFKchtTRzU2xFWWRHTdYaNv7Eoo06wrxu
+3eglp0vn+16DIfru4H62TQMS/XSvxib90c4c1tQ4FndVSzv896/IplLKzdrtgn85
+c9eEX4V5b/tKKUmyrG593A/oDdsrpwaIgbNJdzbfqh7WLYESAevRkFJmBZMgfObs
+0pVO/dX6TqS8iV/ARDPbPAzuLosTWXkrRi2+JQmEOKePLsdypRMV9bcgymDA8N6w
+EyGzHyZ2I4wAALtjHXipWFYSZ/4ZK9q9H8G0XV/pk9Y4OFLPGR7T3VCtMwVMhGZk
+CgtcwGOUoE68a/bb9P4FowONnM7tqjM5ef30qNbwe8dMY5DvThffEqQ70LnNc9sj
+OpJF6njxV9ktjjLa3imAB5AStfwX1mBTkQTwnlqAU4pVFcMD6/z+kRFTZGP9nbcY
+cxu5Fg1VVBHHbpgWS39uiwzIBSWVfZj2iHOPcJd9SCZW5xvClcVb1KsU9UD+D88m
+uWBp3TUmxf0f53Uo7Flka1a7MyAEhfcorYsaRioqtPxTZ1z7oYbPLRqLbwmln/YV
+va8XIINQ0hI5phz9kly76ksUqYSz1DRe924/1BwLMs1VzeayB81tOctYd3I7I0aF
+5bF+RLWk0mvYgDBhw/be03PMn17OAkmR6IKNsFcowByNiNaVCLqoE8YVqQARAQAB
+tCFWaWN0b3JpYSBSYXltb25kIDxsb3ZlQHYycmF5LmNvbT6JAj0EEwEKACcFAlaP
+eDACGwMFCQeGH4AFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQV4XalIxIroqu
+ORAAoZNV6LVaDIxjJgH7BFh0oDNEa7Qac+INxkqd62cAmN3vAEF0PlwUhcz80twY
+WvSPMwiLg85wdg/TzM8Ps8umWT6d9rhpkWnlZWyRFYJBpxn6vOpg0OHsgZpJ2+IM
+iREmjK4sYFvuJjGi9e/BT0Mh2+ObcJejwd/+w5vhKb5seva+hw9Fyq569Y2+KMWG
+1M29n3c7NZ6+abYuynxjGdHKOzaTUEGfjrGLZqROD7gb+xtXhBjqKr6jnYlZBAo5
+iEAgnnzbiuDoa6Au+PosB2XZQ+rkecu/3AvmTYZ3wcEJt3FC4Gf9jY2A16ypmArm
+ak2cmLAlz9CIXllFHjqvAHF68UCx2ptxzG3MoWhDFqws09zKSpwLcLdiAWbw//MM
+otzeekx3+b+fjMUa4Eyjg5CvBN0wv2IbEjti744b3HWXW9yOIDrsTrMd8iixfjAe
+3rt9egqTJkLlE8e57Rqnd3E8GpM6LWx8uYXo1aSFxayjJvf+Rvb4VzDA0DHElD2Q
+dRVXJ/mhd14RHDc2QtERcF69GZZ79GFLcTMcXXBlQMDsY0vwBJ56Gi/IGImz9JpT
+swSlU05VSdosMcr01niYoA9BEQjm9Smgd/1b+8qZEAIfvad+SabIRiDacOpN3xSh
+SZzLzIkPukbEp+5hzXt7x22w9M+D6W0Oo22hS8zfV1ZavUa5Ag0EVo94MAEQANoc
+tlwqgv2T372ucpnalh6js8Y/0KkpaevFK6pguZMP6frLX1J05mt+YRUp2UADeqGt
+kuGEiXFZ5cr+smngF0l0HbRkflnILV7wd1WJJmQnvtAbfJfO+tovawUhQH19dLkB
+8KMULcgs0Hrf7QLwus6zs9q0ASu/KkDuQj9gruwWfxk4W5MOQZohk0JcJAZAaBy/
+ojKxz/91YjP3JEEzZuLqLiOz4RK38UBi96u5NEkqrmwCe6SAtpCHsa0dpj6LYZ1y
+1ITmYSUnRwgol/UTRNySkZ2PozX6YFXrdZYtuWir0VClw50tFFkIOCaoT3Q5FpCO
+SSS8smLjT9AAr8U3OZNTfNCQtFSNo8FUBYhXmMgskRC7oeV+t6LJ3rdJxgdaFcA+
+GWL4srMedqxmbmW+8CYGIImmurjTy+C9zAtH88NFMYDnG312IIo9Cse3LnYl7eO/
+KBd3YNvCL096Yqd4B/31fFy74/HaGEfNH7jwLvaY4moRdTff4kBERj7u39UE/jG/
+b4NXmnezUZ55qkYQahoPkUIMzF0tn5bOIh1DOg55Wu/ZYe7DQJVE9L6te6KTxALy
+ycD4WtQaP58SZpxHhGzEjEicPsPE1PpyRoW+Dl8lL+ppMbCl9zAV++BjkNeL5xZN
+dsCtx/jbh+44X9VtK3G+2sdfdC6TqRbW/lELc8P7ABEBAAGJAiUEGAEKAA8FAlaP
+eDACGwwFCQeGH4AACgkQV4XalIxIrorw8RAAg4L9/s8eg90qhslfPjWzvMyi7RvV
+9erHwMB1utxjFDHKknTds2CvnS5JzjpjiT4BT8ICD9cetSP3d7WRNT/XmveeJXjB
+TCxmswrT4H451qsGsCg9eiKIV2is/GolHLnKAvEHICRGsFeCRSB2rNkgWSQ/YJIt
+6vLP1SvwTNY/Y8tyChSbCDaUpvmn4sYf6Qop1Svmn299+22ZVUBp20szsNw233SJ
+IZL0WxSdrMqTdVsZ70m6VEOjOSa15yLryZrwN9U7qbpe2MmuygI90TVGQK4nLZG+
+2XH2YVtBNTl9ZiFdpwq8d7+eMGcStKYQcdy6IZDd3cOeb2sTMUG31HJS3efTmSrT
+tZpOz8TDeNjami78zR5qcW1VmGYbxlZHEhQnpG3U4qWRUZsy5TOYIXKHqCNc3rYH
+iixcKE3UcyHBF7XjdKgpKtsgZfKoDXFz3XATJEeW80GEG05GVMoD9Yvf96Q7lvC6
+U83vL8mHNjuG60KvBk7A9grYaVFioqRvbTdPf41G+tJpYKrHSJXPGglxHnzvBfiD
+WWJIBRTyaCCglZLZ/a1sCsT1DciDWQoqqH7DuK2YvMXG3IDaOfoKAE/uW31azT0B
+X7R92mxQ+gCZgePwG4gOE/xAqHZh84VzdWZJ4cehPgHa/z/enqbQbiQAwTXld4Wt
+PeRpd1GUXXeoGCw=
+=To5T
+-----END PGP PUBLIC KEY BLOCK-----
+```
\ No newline at end of file
diff --git a/es/welcome/install.md b/es/welcome/install.md
new file mode 100644
index 000000000..5dc3db174
--- /dev/null
+++ b/es/welcome/install.md
@@ -0,0 +1,97 @@
+---
+refcn: chapter_00/install
+refen: welcome/install
+---
+
+# Download & Install
+
+## Platform {#platform}
+
+V2Ray is available on the following platforms:
+
+* Windows 7 and later (x86 / amd64)
+* Mac OS X 10.10 Yosemite and later (amd64)
+* Linux 2.6.23 and later (x86 / amd64 / arm / arm64 / mips64 / mips)
+ * Including but not limited to Debian 7 / 8, Ubuntu 12.04 / 14.04 and later, CentOS 6 / 7, Arch Linux
+* FreeBSD (x86 / amd64)
+* OpenBSD (x86 / amd64)
+* Dragonfly BSD (amd64)
+
+## Download {#download}
+
+Pre-built packages can be found here:
+
+1. Github Release: [github.com/v2ray/v2ray-core](https://github.com/v2ray/v2ray-core/releases)
+2. Redistribution: [github.com/v2ray/dist](https://github.com/v2ray/dist)
+3. Homebrew: [github.com/v2ray/homebrew-v2ray](https://github.com/v2ray/homebrew-v2ray)
+4. Arch Linux: [packages/community/x86_64/v2ray/](https://www.archlinux.org/packages/community/x86_64/v2ray/)
+5. Snapcraft: [snapcraft.io/v2ray-core](https://snapcraft.io/v2ray-core)
+
+All packages are in ZIP format. Download and unzip corresponding packages to your system.
+
+## Verify {#verify}
+
+There are 2 ways to verify packages.
+
+1. Each `.zip` file has a corresponding `.dgst` file for SHA digests.
+2. The GPG signature file for executables (v2ray / v2ray.exe) can be found in v2ray.sig (or v2ray.exe.sig) in the same package. Public key is [in the repository](https://raw.githubusercontent.com/v2ray/v2ray-core/master/release/verify/official_release.asc).
+
+## Install on Windows or Mac OS {#install-windows}
+
+Run v2ray / v2ray.exe after unzip the packages.
+
+## Install on Linux {#install-linux}
+
+We provide a script to install on Linux. This script detects previous installed v2ray and then upgrade or install a new one accordingly. If there is a previous version, the config file in /etc/v2ray will not be overwritten during upgrade.
+
+The following command assumes root permission.
+
+Run the following command to install V2Ray. If yum or apt is available, the script will install unzip and daemon / systemd. They are required to run V2Ray as a service. You need to install them manually if your Linux system doesn't support yum or apt.
+
+```bash
+curl -Ls https://install.direct/go.sh | sudo bash
+```
+
+The script installs the following files.
+
+* `/usr/bin/v2ray/v2ray`: V2Ray executable
+* `/usr/bin/v2ray/v2ctl`: Utility
+* `/etc/v2ray/config.json`: Config file
+* `/usr/bin/v2ray/geoip.dat`: IP data file
+* `/usr/bin/v2ray/geosite.dat`: domain data file
+
+This script also configures V2Ray to run as service, if systemd is available.
+
+Configurations are at the following places.
+
+* `/etc/systemd/system/v2ray.service`: Systemd
+* `/etc/init.d/v2ray`: SysV
+
+After installation, we will need to:
+
+1. Update `/etc/v2ray/config.json` file for your own scenario.
+2. Run `service v2ray start` command to start V2Ray.
+3. Optionally run `service v2ray start|stop|status|reload|restart|force-reload` to control V2Ray service.
+
+### go.sh {#gosh}
+
+go.sh supports the following parameters.
+
+* `-p` or `--proxy`: Use a proxy to download V2Ray packages. Same as curl format, such as `"socks5://127.0.0.1:1080"` or `"http://127.0.0.1:3128"`.
+* `-f` or `--force`: Force installation. The script will assume V2Ray was not installed at all.
+* `--version`: The version to be installed, such as `"v1.13"`. Default value is the latest stable release.
+* `--local`: Use a local package for installation.
+
+Examples:
+
+* Use SOCKS proxy 127.0.0.1:1080 to install the latest package: ```./go.sh -p socks5://127.0.0.1:1080```
+* Install v1.13 from local file:```./go.sh --version v1.13 --local /path/to/v2ray.zip```
+
+## Docker {#docker}
+
+V2Ray provides 2 docker images:
+
+* [v2ray/official](https://hub.docker.com/r/v2ray/official/): Contains official releases.
+* [v2ray/dev](https://hub.docker.com/r/v2ray/dev/): Contains latest code.
+
+The 2 images has the same structure as the Linux installation.
\ No newline at end of file
diff --git a/en/welcome/license.md b/es/welcome/license.md
similarity index 86%
rename from en/welcome/license.md
rename to es/welcome/license.md
index 05fd72e83..f2565e458 100644
--- a/en/welcome/license.md
+++ b/es/welcome/license.md
@@ -1,7 +1,9 @@
+---
+refcn: chapter_00/license
+refen: welcome/license
+---
# License
- [](https://www.v2ray.com/chapter_00/license.html)
-
Project V uses the following license.
## V2Ray
@@ -19,7 +21,7 @@ Official website, [v2ray.com](https://www.v2ray.com/), is licensed under [Creati
* Including Project V logo.
* Including all source code that is used for generating the website, i.e., [v2ray/manual](https://www.github.com/v2ray/manual).
-## Screenshot and other files
+## Screenshot and other files {#screenshots}
All third party files listed below belong to their creator. Whoever creates the file owns the file.
@@ -27,6 +29,6 @@ All third party files listed below belong to their creator. Whoever creates the
* Including all configuration files that are used to run Project V.
* Including all logs generated by Project V during runtime.
-## Other content
+## Other content {#other}
-All content that are not mentioned above will be licensed case by case.
+All content that are not mentioned above will be licensed case by case.
\ No newline at end of file
diff --git a/en/welcome/pgp.md b/es/welcome/pgp.md
similarity index 96%
rename from en/welcome/pgp.md
rename to es/welcome/pgp.md
index 2128ca0c3..556727bb0 100644
--- a/en/welcome/pgp.md
+++ b/es/welcome/pgp.md
@@ -1,11 +1,13 @@
+---
+refcn: chapter_00/pgp
+refen: welcome/pgp
+---
# Private Communication
- [](.https://www.v2ray.com/chapter_00/pgp.html)
-
Please send a message to one of the address below, if you'd like to talk to V2Ray team privately.
1. `love@v2ray.com`
-1. `v2ray@protonmail.com`
+2. `v2ray@protonmail.com`
\#1 is based on Gmail. If you concern the privacy of email content, please consider using the PGP public key below.
@@ -66,4 +68,4 @@ X7R92mxQ+gCZgePwG4gOE/xAqHZh84VzdWZJ4cehPgHa/z/enqbQbiQAwTXld4Wt
PeRpd1GUXXeoGCw=
=To5T
-----END PGP PUBLIC KEY BLOCK-----
-```
+```
\ No newline at end of file
diff --git a/es/welcome/start.md b/es/welcome/start.md
new file mode 100644
index 000000000..f50ec18b1
--- /dev/null
+++ b/es/welcome/start.md
@@ -0,0 +1,78 @@
+---
+refcn: chapter_00/start
+refen: welcome/start
+---
+
+# Quick Start
+
+You need to configure V2Ray after installing it. Here is a quick configuration for a demo run. Please see [configuration overview](../configuration/overview.md) for more advanced setup.
+
+## Client {#client}
+
+On your PC (or mobile), run V2Ray with the following configuration.
+
+```javascript
+{
+ "inbounds": [{
+ "port": 1080, // Port of socks5 proxy. Point your browser to use this port.
+ "listen": "127.0.0.1",
+ "protocol": "socks",
+ "settings": {
+ "udp": true
+ }
+ }],
+ "outbounds": [{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "server", // Address of your V2Ray server. May be IP or domain address.
+ "port": 10086, // Port of your V2Ray server.
+ "users": [{ "id": "b831381d-6324-4d53-ad4f-8cda48b30811" }]
+ }]
+ }
+ },{
+ "protocol": "freedom",
+ "tag": "direct",
+ "settings": {}
+ }],
+ "routing": {
+ "domainStrategy": "IPOnDemand",
+ "rules": [{
+ "type": "field",
+ "ip": ["geoip:private"],
+ "outboundTag": "direct"
+ }]
+ }
+}
+```
+
+Please modify the IP address of your V2Ray server as mentioned above. After that, the V2Ray process on your PC will proxy all traffic to V2Ray server except intranet traffic.
+
+## Server {#server}
+
+You need another computer to run V2Ray as a server. Usually this computer is located outside firewall. Here is a sample configuration.
+
+```javascript
+{
+ "inbounds": [{
+ "port": 10086, // Port of the server. Must be the same as above.
+ "protocol": "vmess",
+ "settings": {
+ "clients": [{ "id": "b831381d-6324-4d53-ad4f-8cda48b30811" }]
+ }
+ }],
+ "outbounds": [{
+ "protocol": "freedom",
+ "settings": {}
+ }]
+}
+```
+
+Please make sure the `id` field is the same between client and server.
+
+## Running {#running}
+
+* On Windows and macOS, configuration file is located in the same directory as V2Ray binary. You may run `v2ray` or `v2ray.exe` without additional parameters.
+* On Linux, configuration file is usually located at `/etc/v2ray/config.json`. Run `v2ray --config=/etc/v2ray/config.json` in foreground or use other tools such as systemd to run V2Ray as background process.
+
+See [Overview](../configuration/overview.md) for more detail of the configuration.
\ No newline at end of file
diff --git a/es/welcome/tg.md b/es/welcome/tg.md
new file mode 100644
index 000000000..dd33846f9
--- /dev/null
+++ b/es/welcome/tg.md
@@ -0,0 +1,40 @@
+---
+refcn: chapter_00/tg
+refen: welcome/tg
+---
+# Telegram Group
+
+Project V provides the following groups for different type of discussions.
+
+1. [Usage](https://t.me/v2fly_chat): For Project V usages.
+2. [Others](https://t.me/joinchat/DNcazUIYaH80uVfeS716jg): Other topics.
+
+Please also follow [Project V Announcement](https://t.me/v2fly) for news.
+
+## Rules
+
+Allowed/banned topics are listed as below.
+
+| / | Usage | Other |
+| ---------------------:|:--------------------------------:|:--------------------------------:|
+| Project V development | ✔ | ✔ |
+| Algorithm | ✔ | ✔ |
+| Computer network | ✔ | ✔ |
+| Censorship avoidance | ✔ | ✔ |
+| V2Ray usage | ✔ | ✔ |
+| V2Ray deployment | ✔ | ✔ |
+| Related software | ✔ | ✔ |
+| Nonsense pictures | ✘✘ | ✔ |
+| Politics | ✘ | ✔ |
+| Chit-chat | ✘ | ✔ |
+| Advertisement | ✘✘ | ✘✘ |
+| 18+ | ✘✘✘ | ✘✘✘ |
+| Hate speech | ✘✘✘ | ✘✘✘ |
+| Identity theft | ✘✘✘✘ | ✘✘✘✘ |
+
+### Procedure for violations
+
+1. All ✘ content will be delete immediately after notice.
+2. Senders for all ✘✘ content will be banned for a week.
+3. Senders for all ✘✘✘ content will be banned for a month.
+4. Sender for all ✘✘✘✘ content will be banned for good.
\ No newline at end of file
diff --git a/es/welcome/versions.md b/es/welcome/versions.md
new file mode 100644
index 000000000..d724c017a
--- /dev/null
+++ b/es/welcome/versions.md
@@ -0,0 +1,487 @@
+---
+refcn: chapter_00/01_versions
+refen: welcome/versions
+---
+
+# Version History
+
+This page lists regular releases with feature updates. If a Github release doesn't appear here, it usually only contains bug fixes.
+
+## 2019.03.01 v4.18
+
+* Port list in routing rules now supports mixed format.
+* Updated `geosite` information in routing, and description for static hosts in DNS.
+* Option to not use system root CAs for TLS handshake.
+* New routing rule for traffic attributes.
+
+## 2019.02.22 v4.17
+
+* New sub-command `tlsping` in V2Ctl.
+
+## 2019.02.15 v4.16
+
+For end users:
+
+* DNS outbound proxy now supports to modify DNS server info.
+
+For developers:
+
+* 'ext' repository is now deprecated. [#1541](https://github.com/v2ray/v2ray-core/issues/1541)
+
+## 2019.02.08 v4.15
+
+* DNS outbound proxy.
+
+## 2019.02.01 v4.14
+
+* Static DNS mapping now supports domain to domain mapping.
+
+## 2019.01.18 v4.13
+
+* Quic lib updated. It is not compatible with previous versions.
+* DNS now have `tag` settings.
+
+## 2019.01.11 v4.11
+
+For developers:
+
+* New method: [core.DialUDP](https://github.com/v2ray/v2ray-core/blob/b52725cf659e0f7a38fed2eb36a5a792843bd54f/functions.go#L65)
+* [internet.DialSystem](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/dialer.go#L66) now uses [internet.ListenSystemPacket](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/tcp_hub.go#L65) to establish UDP connections.
+
+## 2018.12.07 v4.8
+
+For end users:
+
+* Bug fixes
+
+For developers:
+
+* New [API doc](https://github.com/v2ray/v2ray-core/blob/master/annotations.go#L13)
+* New method: [internet.RegisterListenerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_listener.go#L63)
+* New method: [internet.RegisterDialerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_dialer.go#L105)
+
+## 2018.11.30 v4.7
+
+* Freedom now supports for dialing IPv4 or IPv6 address only.
+* New QUIC transport.
+
+## 2018.11.23 v4.6
+
+* Freedom now can automatically choose between IPv4 and IPv6 destination address, based on `SendThrough` settings.
+
+## 2018.11.16 v4.4
+
+* Load balancer rules in routing.
+* Memory usage gets optimized.
+
+## 2018.11.05 v4.1
+
+* JSON configuration format changes. Old format is still suported.
+* Performance on GeoIP matching is improved.
+
+## 2018.11.02 v4.0
+
+* Reverse proxy.
+* Release packages for ppc64 and ppc64le.
+
+## 2018.10.12 v3.47
+
+* Migrate to a new continuous delivery pipeline
+
+## 2018.09.28 v3.44
+
+* Dokodemo-door now supports TProxy in Linux.
+
+## 2018.09.21 v3.43
+
+* DNS now supports on-demand queries by domain.
+
+## 2018.09.14 v3.40
+
+* New socket options in transport configuration. It can be used to setup VPNs.
+* New TCP Fast Open option in transport configuration.
+
+## 2018.09.03 v3.38
+
+* mKCP has a new WireGuard header.
+* Fix softfloat binaries in mips/mips64.
+
+## 2018.08.31 v3.37
+
+* Performance of reading network connection in optilized. See [Environment Variables](../configuration/env.md)。
+* VMess uses AES-128-GCM by default on ARM64.
+* Built by Go 1.11.
+
+## 2018.08.24 v3.36
+
+* Great performance improvement on subdomain matching (`domain:`) in routing.
+* Full domain matching is now supported in routing.
+
+## 2018.08.07 v3.34
+
+* Better memory management on most devices.
+
+## 2018.07.27 v3.32
+
+* BitTorrent traffic can now be sniff'ed.
+* New `protocol` option in routing rules for protocol-based routing.
+* New `geosite:speedtest` option in routing rules to match all public servers of speedtest.net.
+
+## 2018.07.20 v3.31
+
+* New [Domain Socket transport](../configuration/transport/domainsocket.md) (Thanks to @xiaokangwang).
+
+## 2018.07.13 v3.30
+
+* Fix an issue that may cause broken connections in mKCP.
+* Thanks to [our friends](https://crowdin.com/project/v2ray) who speak Russian. Now our documents are in [Russian](https://www.v2ray.com/ru/).
+
+## 2018.07.06 v3.29
+
+* New inbound and outbound for MTProto proxy.
+
+## 2018.06.29 v3.27
+
+* DNS now supports EDNS client subnet.
+* DNS static host now supports sub-domain matching.
+
+## 2018.06.15 v3.26
+
+* Add Dragonfly BSD release.
+
+## 2018.06.01 v3.24
+
+* Internal buffer size (per connection) can now be configured in JSON configuration.
+* mKCP now supports DTLS 1.2 header.
+* TLS transport now only support cipher suites in TLS 1.3 spec.
+
+## 2018.05.25 v3.23
+
+* In JSON configuration, port can now be specified from env variables.
+* JSON config now supports to load domains and IPs from specified files.
+
+## 2018.04.20 v3.19
+
+* Traffic stats for inbound proxies.
+
+## 2018.04.13 v3.17
+
+* V2Ray can load config file from HTTP(s).
+* TLS in V2Ray can issue new certificates by provided CA certificates for domains in incoming requests.
+* [HTTP/2](../configuration/transport/h2.md) transport.
+
+## 2018.04.06 v3.16
+
+* [Statistics](../configuration/stats.md).
+* Shadowsocks inbound now can be configured to only listen on UDP. Strongly recommend to not listen on both TCP and UDP on the same port.
+
+## 2018.03.02 v3.11
+
+* A new settings is introduced in VMess inbound, to forbid client using insecure encryption methods.
+* Offers ARMv7 release.
+* Offers MIPS release that doesn't require FPU.
+
+## 2018.02.23 v3.10
+
+* Log entries now contain session ID to distinguish proxy sessions.
+* Bug fixes.
+
+## 2018.02.15 v3.9
+
+* Happy New Year!
+* Bug fixes.
+
+## 2018.02.09 v3.7
+
+* Developer preview: [Remote API](../configuration/api.md)。
+* Bug fixes.
+
+## 2017.12.29 v3.5
+
+* Geoip now supports private network address under name "private".
+
+## 2017.12.22 v3.4
+
+* Websocket nows uses value of X-Forwarded-For header as source address.
+* Support s390x CPU architecture.
+
+## 2017.12.08 v3.1
+
+* Support policy.
+* Config file location can be specified via environment variable.
+
+## 2017.12.01 v3.0
+
+* Support Shadowsocks AEAD
+
+## 2017.11.18 v2.50
+
+* `v2ray` now tried to use `v2ctl` for configuration parsing. Please make sure these 2 files are in the same directory.
+* New `IPOnDemand` strategy in routing.
+
+## 2017.11.10 v2.47
+
+* `geosite` data is now in `geosite.dat` file.
+* Bug fixes.
+
+## 2017.11.03 v2.46
+
+* Router now supports `geosite:cn`, equivalent to existing `chinasites`, but more flexible.
+* Router now supports `geoip`.
+ * File `geoip.dat` is added to release packages. This file contains all `geoip` information and has to stay in the same directory of `v2ray` program. Due to delayed update of installation script, you may have to copy the file manually.
+* Program `v2ctl` is added to release packages. You may run `v2ctl verify /path/to/v2ray` to verify the signature of `v2ray` program.
+
+## 2017.10.27 v2.44
+
+* HTTP now supports Basic Authentication.
+* Some bugs are fixed.
+
+## 2017.10.06 v2.40
+
+* Fix an issue that causes memory leak.
+
+## 2017.09.29 v2.39
+
+* Inbound proxies now close connections more quickly when remote server closes them.
+* Default connection timeout changes to 5 minutes.
+
+## 2017.05.12 v2.27
+
+* New domain mode in router.
+
+## 2017.05.05 v2.26
+
+* Stability fixes.
+
+## 2017.04.28 v2.25
+
+* Simple sniffing on HTTP and TLS traffic for the actual domain on request.
+
+## 2017.04.21 v2.24
+
+* Stabilize Mux.
+* Improves memory efficiency.
+
+## 2017.04.15 v2.23
+
+* Performance improvement in Mux.
+* Max number of connections can be configured in Mux now.
+* Performance improvement in HTTP inbound.
+* connectionReuse setting is removed in favor of Mux.
+
+## 2017.04.08 v2.22
+
+* Mux.Cool protocol.
+
+## 2017.02.25 v2.20
+
+* GPG signature is added to download package.
+* New binary wv2ray.exe is added to Windows package, which runs as a background application.
+
+## 2017.02.18 v2.19
+
+* A new mechanism for anti reply attack is now enforced on server side.
+ * No impact to existing clients.
+* Upgrade of VMess AES-128-GCM / Chacha20-Poly1305 / None encryption methods.
+ * Please upgrade client and server at once.
+ * AES-128-CFB is not affected.
+* Built with Golang 1.8. Add 32-bit MIPS support.
+
+## 2017.02.11 v2.18
+
+* Cleanup WebSocket code.
+* Remove allowPassive option. Now passive connections are always allowed.
+* Bug fixes
+
+## 2017.02.04 v2.17
+
+* Bug fixes.
+
+## 2017.01.28 v2.16
+
+* New 'redirect' option in freedom. It can be used to adapt tools like Shadowsocks Obfs.
+* Performance improvement in VMess non-encryption mode. Not compatible with previous versions.
+* Happy New Year!
+
+## 2017.01.16 v2.15
+
+* All proxies can use mKCP and WebSocket now.
+
+## 2017.01.09 v2.14
+
+* Socks 5 outbound.
+* Bug fixes.
+
+## 2017.01.02 v2.13
+
+* Bug fixes.
+
+## 2016.12.26 v2.12
+
+* Bug fixes.
+
+## 2016.12.19 v2.11
+
+* JSON config file now supports comment.
+
+## 2016.12.12 v2.10
+
+* VMess now supports AES-GCM and ChaCha20-Poly1305 encryption methods.
+
+## 2016.12.05 v2.9
+
+* Fix compatibility with Alpine Linux.
+
+## 2016.11.28 v2.8
+
+* Shadowsocks server now accepts OTA settings.
+* Bug fixes.
+
+## 2016.11.21 v2.7
+
+* Main inbound and outbound connection handler can be tagged now.
+* Bug fixes.
+
+## 2016.11.14 v2.6
+
+* Data sent by one outbound can be proxied to another outbound.
+* Routing can be based on inbound tag.
+
+## 2016.11.07 v2.5
+
+* New Shadowsocks outbound;
+* New TCP header: HTTP;
+
+## 2016.10.24 v2.4
+
+* TCP / mKCP / WebSocket can be configured per inbound / outbound;
+* Routing can be done on source IP;
+
+## 2016.10.17 v2.3
+
+* Introduce new Protobuf-based configuration;
+* OpenBSD binaries;
+* Small fixes;
+
+## 2016.09.19 v2.2
+
+* New transport: WebSocket (Thanks to [@xiaokangwang](https://github.com/xiaokangwang));
+
+## 2016.09.19 v2.1
+
+* mKCP performance improvement;
+
+## 2016.08.20 v2.0
+
+* One year;
+
+## 2016.08.15 v1.24
+
+* New mKCP header: utp;
+* New option in inbound connection config "allowPassive" to allow passive connection;
+
+## 2016.08.08 v1.23
+
+* Optimize mKCP packet format. This version of mKCP is NOT compatible with previous ones;
+* mKCP can now be configured to disguise as video data.
+
+## 2016.08.01 v1.22
+
+* Fix a memory leak in mKCP;
+* Add FreeBSD release;
+
+## 2016.07.25 v1.21
+
+* High performance Chacha20 (Thanks to aead@);
+* Bug fixes;
+
+## 2016.07.18 v1.20
+
+* New KCP options: readBufferSize and writeBufferSize;
+* Bug fixes;
+
+## 2016.07.11 v1.19
+
+* Enable TLS option for all proxies;
+* Fix a performance issue in KCP;
+* Fix an issue in KCP that could cause EOF response;
+
+## 2016.07.04 v1.18
+
+* Fix a "too many open files" issue in KCP;
+* KCP now uses fewer CPU;
+* Other bug fixes;
+
+## 2016.06.19 v1.17
+
+* KCP now is integrated into V2Ray. (Special thanks to [xiaokangwang](https://github.com/xiaokangwang), [xtaci](https://github.com/xtaci) and [skywind3000](https://github.com/skywind3000))
+* Minor bug fixes
+
+## 2016.06.12 v1.16
+
+* TCP connection reuse is now enabled by default;
+* Dokodemo-door is able to recognize TCP connection redirected by iptables;
+* Blackhole is able to send back HTTP forbidden data;
+
+## 2016.06.05 v1.15
+
+* Optionally reuse TCP connection for better performance;
+* Allow listening on a specific IP address;
+* Allow sending data through a specific IP address;
+* Fix an issue in HTTP proxy that may exhaust memory;
+
+## 2016.05.29 v1.14
+
+* Fix a panic issue in http proxy;
+* More functionalies in install script;
+* Static route in DNS;
+* Official server address change;
+
+## 2016.05.16 v1.13
+
+* Internal DNS server, to provide better routing results combined with chinasites and chinaip;
+* Fix an issue in UDP relay;
+
+## 2016.05.01 v1.12.1
+
+* Fix a bug in VMess.
+
+## 2016.05.01 v1.12
+
+* Second try to fix the memory usage issue;
+* Improve Shadowsocks performance;
+* New option "none" in loglevel;
+
+## 2016.04.18 v1.11
+
+* Try to fix the memory usage issue.
+
+## 2016.03.07 v1.10
+
+* Fix an performance issue when dynamic ports refreshes.
+
+## 2016.02.29 v1.9.1
+
+* Fix Shadowsocks one-time authentication (OTA) issue.
+
+## 2016.02.29 v1.9
+
+* Support for Shadowsocks ChaCha20 encryption;
+* Add more direct connection sites to the default configuration file;
+* Dynamic ports now automatically create an account.
+
+## 2016.02.22 v1.8
+
+* Update installation script install-release.sh (thanks, @netcookies):
+ * You can now automatically stop the V2Ray process and update automatically after the completion of V2Ray;
+ * The install-release.sh accepts the --proxy argument and V2Ray specified proxy download;
+* Use Go 1.6 compiler to improve the performance of AES encryption;
+* Minor fixes;
+* Update the official server IP (please re-download the installation package to get the latest configuration).
+
+## 2016.02.08 v1.7
+
+* UDP relay performance improved;
+* Shadowsocks security improved;
+* Minor fixes;
+* Happy new year!
\ No newline at end of file
diff --git a/es/welcome/workflow.md b/es/welcome/workflow.md
new file mode 100644
index 000000000..5d43b982e
--- /dev/null
+++ b/es/welcome/workflow.md
@@ -0,0 +1,60 @@
+---
+refcn: chapter_00/workflow
+refen: welcome/workflow
+---
+
+# Workflow
+
+## Single Server
+
+Same as other proxies, you need a proxy server which runs V2Ray. Then you can connect to internet through that server from you PC, mobile or other devices.
+
+```mermaid
+graph LR;
+A(PC) -.- B(Firewall);
+B -.-> C(Blocked Website);
+A --> D(V2Ray/VPS);
+D --> C;
+A --> E(Normal Website);
+```
+
+V2Ray supports connections from multiple devices at the same time, with optionally different protocols. In the mean time, the local routing mechanism can smartly proxy necessary connections only.
+
+## Server Bridge
+
+In the case you don't want configuration V2Ray on each of your devices, you may setup a server within the firewall, and then all traffic go through that server. The server does routing itself.
+
+```mermaid
+graph LR;
+A(PC) -.-> B(Firewall);
+B -.-> C(Blocked Website);
+A --> D(VPS 1);
+D --> E(VPS 2);
+E --> C;
+D --> F(Normal Website);
+```
+
+## Internal
+
+The internal of V2Ray looks like below. It supports multiple inbound proxies, and multiple outbounds. Each of them are independent from others.
+
+```mermaid
+graph LR;
+A1(inbound) --> D(Dispatcher / Router / DNS);
+A2(inbound) --> D;
+A3(inbound) --> D;
+A4(inbound) --> D;
+D --> B1(outbound);
+D --> B2(outbound);
+D --> B3(outbound);
+D --> B4(outbound);
+```
+
+Notes:
+
+* You have to configure at least one inbound and one outbound to make V2Ray work properly.
+* The inbound proxy communicates with client software such as browser.
+* The outbound proxy communicates with remote server, such as Apache for a website.
+* The dispatcher is responsible for choosing a outbound for a given connection, based on configurable rules.
+
+Detailed configuration can be found [here](../configuration/overview.md).
\ No newline at end of file
diff --git a/fa/README.md b/fa/README.md
new file mode 100644
index 000000000..7789b882e
--- /dev/null
+++ b/fa/README.md
@@ -0,0 +1,25 @@
+---
+refcn: index
+refen: index
+---
+
+# Project V
+
+پروژه V مجموعه ای از ابزارهایی است که به شما کمک می کند شبکه خصوصی خود را بر روی اینترنت ایجاد کنید. هسته پروژه V، به نام `V2Ray`، مسئول پروتکل های شبکه و ارتباطات است. این می تواند به تنهایی کار کند و همچنین با ابزارهای دیگر ترکیب شود.
+
+این وب سایت عمدتا یک کتابچه راهنمای کاربر برای V2Ray است، با برخی اطلاعات اضافی در مورد کل پروژه.
+
+## امکانات
+
+* چند پروکسی ورودی / خروجی: یک نمونه V2Ray به طور موازی پروتکل های ورودی و خروجی چندگانه موازی است. هر پروتکل مستقل عمل می کند.
+* مسیریابی قابل برنامه ریزی: ترافیک ورودی می تواند به خروجی های مختلف بر اساس پیکربندی مسیریابی ارسال شود. مسیر ترافیکی را در منطقه یا دامنه هدف آسان است.
+* پروتکل های چندگانه: V2Ray از چندین پروتکل پشتیبانی می کند، از جمله Socks، HTTP، Shadowsocks، VMess و غیره. هر پروتکل ممکن است حمل و نقل خاص خود را داشته باشد، مانند TCP، mKCP، WebSocket و غیره.
+* Obfuscation: V2Ray در ترافیک برای مخفی کردن ترافیک در TLS ساخته شده است و می تواند به صورت موازی با سرورهای وب اجرا شود.
+* معکوس پروکسی: پشتیبانی عمومی پروکسی معکوس. می توان برای ساخت تونل ها به localhost استفاده کرد.
+* سیستم عامل های چندگانه: V2Ray بطور اولیه بر روی ویندوز، سیستم عامل مک، لینوکس و غیره اجرا می شود. پشتیبانی از شخص ثالث در تلفن همراه نیز وجود دارد.
+
+{% hint style='info' %}
+
+This site is generated by GitBook, and host on GitHub. If you'd like to modify its content, please send pull request to [this repo](https://github.com/v2ray/manual).
+
+{% endhint %}
\ No newline at end of file
diff --git a/fa/SUMMARY.md b/fa/SUMMARY.md
new file mode 100644
index 000000000..9058fcfef
--- /dev/null
+++ b/fa/SUMMARY.md
@@ -0,0 +1,51 @@
+# Summary
+
+* [Project V](README.md)
+ * [تاریخچه نسخه](welcome/versions.md)
+ * [گردش کار](welcome/workflow.md)
+ * [نصب](welcome/install.md)
+ * [شروع سریع](welcome/start.md)
+ * [خط فرمان](welcome/command.md)
+ * [کمک مالی](welcome/donate.md)
+ * [حمایت کردن](welcome/help.md)
+ * [سوالات متداول](welcome/faq.md)
+ * [وبلاگ↪](https://steemit.com/@v2ray)
+* [پیکربندی](configuration/README.md)
+ * [بررسی اجمالی](configuration/overview.md)
+ * [پروتکل ها](configuration/protocols.md)
+ * [Blackhole](configuration/protocols/blackhole.md)
+ * [DNS](configuration/protocols/dns.md)
+ * [Dokodemo](configuration/protocols/dokodemo.md)
+ * [Freedom](configuration/protocols/freedom.md)
+ * [MTProto](configuration/protocols/mtproto.md)
+ * [HTTP](configuration/protocols/http.md)
+ * [Shadowsocks](configuration/protocols/shadowsocks.md)
+ * [SOCKS](configuration/protocols/socks.md)
+ * [VMess](configuration/protocols/vmess.md)
+ * [سیاست](configuration/policy.md)
+ * [مسیریابی](configuration/routing.md)
+ * [DNS](configuration/dns.md)
+ * [mux](configuration/mux.md)
+ * [API](configuration/api.md)
+ * [آمار](configuration/stats.md)
+ * [معکوس](configuration/reverse.md)
+ * [حمل و نقل](configuration/transport.md)
+ * [TCP](configuration/transport/tcp.md)
+ * [mKCP](configuration/transport/mkcp.md)
+ * [WebSocket](configuration/transport/websocket.md)
+ * [HTTP/2](configuration/transport/h2.md)
+ * [DomainSocket](configuration/transport/domainsocket.md)
+ * [QUIC](configuration/transport/quic.md)
+ * [متغیرهای Env](configuration/env.md)
+* [Awesome V](awesome/tools.md)
+ * [With Ads](awesome/ads.md)
+* Development
+ * Milestone
+ * Guide
+ * Design
+ * Build
+ * [Tools](developer/tools.md)
+ * Protocols
+ * VMess
+ * mKCP
+ * Mux.Cool
\ No newline at end of file
diff --git a/fa/awesome/ads.md b/fa/awesome/ads.md
new file mode 100644
index 000000000..e7e0ac523
--- /dev/null
+++ b/fa/awesome/ads.md
@@ -0,0 +1,72 @@
+---
+refcn: awesome/ads
+refen: awesome/ads
+---
+
+# Some Advertisement
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## Self Hosting
+
+> [Let's Encrypt](https://letsencrypt.org/)
+
+Free TLS certificates
+
+> [Vultr](https://www.vultr.com/?ref=7269307)
+
+VPS
+
+[2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+
+> [BlueHost](https://www.bluehost.com/track/v2ray/)
+
+VPS, web hosting
+
+> [ClouDNS](https://www.cloudns.net/aff/id/244749/)
+
+Domain registration, DNS, SSL certificate
+
+> [Bandwagon](https://bandwagonhost.com/aff.php?aff=44317)
+
+Well-known VPS provider. Low price for good product.
+
+## VPN
+
+> [BabyDriver](http://babydriver.me/)
+
+Supports V2Ray. Coupon code: bcb518
+
+> [喵帕斯](https://xn--i2ru8q2qg.com/)
+
+V2Ray support (beta)
+
+> [Lanan](https://xn--sjt174g.com/)
+
+V2Ray based VPN service. Coupon code: v2ray
+
+> [V2Net](http://v2net.org/)
+
+Customized V2Ray service. Promo code: v2ray.com
+
+## Cryptocurrency
+
+> [LocalBitcoins](https://localbitcoins.com/?ch=khtm)
+
+Trade Bitcoins offline
+
+> [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g)
+
+OTC market to trade BTC, ETH, BCH, USDT.
+
+> [Binance](https://www.binance.com/?ref=35382451)
+
+Trading market for crypto currencies.
+
+> [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp)
+
+Trading market for crypto currencies.
+
+> [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18)
+
+Online crypto currency wallet
\ No newline at end of file
diff --git a/fa/awesome/tools.md b/fa/awesome/tools.md
new file mode 100644
index 000000000..d9216b892
--- /dev/null
+++ b/fa/awesome/tools.md
@@ -0,0 +1,96 @@
+---
+refcn: awesome/tools
+refen: awesome/tools
+---
+
+# Awesome V
+
+# Graphic Client
+
+> V2RayW
+
+Download: [Github](https://github.com/Cenmrev/V2RayW)
+
+> V2RayN
+
+Download: [Github](https://github.com/2dust/v2rayN)
+
+> Clash for Windows
+
+Download: [Github](https://github.com/Fndroid/clash_for_windows_pkg)
+
+> V2RayX
+
+Download: [Github](https://github.com/Cenmrev/V2RayX)
+
+> V2RayU
+
+Download: [Github](https://github.com/yanue/V2rayU)
+
+> ClashX
+
+Download: [Github](https://github.com/yichengchen/clashX)
+
+> Qv2ray
+
+Qv2ray: v2ray Cross-Platform GUI written in Qt, supports multi-language, connection edit and auto-check updates
+
+Download: [GitHub](https://github.com/qv2ray/Qv2ray)
+
+Website:
+
+> Mellow
+
+Mellow is a rule-based global transparent proxy client for Windows, macOS and Linux.
+
+Download: [Github](https://github.com/mellow-io/mellow)
+
+> Kitsunebi
+
+Kitsunebi is an iOS app based on V2Ray. It provides full functionality as V2Ray. It also supports importing and exporting V2Ray compatible JSON configuration.
+
+Download: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+> i2Ray
+
+i2Ray is another iOS app based on V2Ray with easy-to-use UI design.
+
+Download: [iTunes](https://itunes.apple.com/us/app/i2ray/id1445270056?mt=8)
+
+> Shadowrocket
+
+Shadowrocket is a generic VPN app. Is supports multiple protocols such as Shadowsocks, VMess, SSR etc.
+
+Download: [iTunes](https://itunes.apple.com/us/app/shadowrocket/id932747118?mt=8)
+
+> Pepi (was ShadowRay)
+
+Pepi is V2Ray compatible app. Is is able create VPN connections based on VMess protocol, and communicate with any V2Ray servers.
+
+Download: [iTunes](https://itunes.apple.com/us/app/pepi/id1283082051?mt=8)
+
+> Quantumult
+
+Download: [iTunes](https://itunes.apple.com/us/app/quantumult/id1252015438?mt=8)
+
+> BifrostV
+
+BifrostV is an Android app based on V2Ray core. It supports VMess, Shadowsocks, socks protocols.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv) | [APK Pure](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+> V2RayNG
+
+V2RayNG is an Android app based on V2Ray. It provides same feature set as V2Ray core.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.v2ray.ang) | [GitHub](https://github.com/2dust/v2rayNG)
+
+## Online services
+
+> [Configuration generator](https://htfy96.github.io/v2ray-config-gen/)
+
+Online configuration generator.
+
+> [UUID Generator](https://www.uuidgenerator.net/)
+
+UUID generator for VMess users.
diff --git a/fa/book.json b/fa/book.json
new file mode 100644
index 000000000..bca42626c
--- /dev/null
+++ b/fa/book.json
@@ -0,0 +1,35 @@
+{
+ "language": "fa",
+ "direction": "rtl",
+ "title": "Project V",
+ "plugins" : [
+ "-fontsettings",
+ "-search",
+ "-lunr",
+ "-highlight",
+ "-sharing",
+
+ "mermaid-gb3",
+ "anchors",
+ "ga",
+ "prism",
+ "prism-themes",
+ "hints"
+ ],
+ "pluginsConfig": {
+ "ga": {
+ "token": "UA-73620536-1"
+ },
+ "prism": {
+ "css": [
+ "prism-themes/themes/prism-base16-ateliersulphurpool.light.css"
+ ],
+ "lang": {
+ "objc": "objectivec",
+ "shell": "bash",
+ "text": "textile",
+ "plain": "textile"
+ }
+ }
+ }
+}
diff --git a/fa/configuration/README.md b/fa/configuration/README.md
new file mode 100644
index 000000000..0f7083d75
--- /dev/null
+++ b/fa/configuration/README.md
@@ -0,0 +1,76 @@
+---
+refcn: chapter_02/index
+refen: configuration/index
+---
+
+# پیکربندی
+
+V2Ray با استفاده از [پروتوبف پیکربندی مبتنی بر](https://developers.google.com/protocol-buffers/). به عنوان فرمت protobuf کمتر قابل خواندن است، V2Ray همچنین از پیکربندی در JSON پشتیبانی می کند. قبل از اجرای V2Ray، به طور خودکار پیکربندی JSON را به protobuf تبدیل می کند. این گفته می شود، دیگر فرمت های پیکربندی ممکن است در furture معرفی شود.
+
+در اینجا ما پیکربندی مبتنی بر JSON را معرفی می کنیم.
+
+JSON، یا [نشانگر جاوا اسکریپت](https://en.wikipedia.org/wiki/JSON)، به طور خلاصه، اشیا در Javascript هستند. یک فایل JSON حاوی یک و تنها یک شیء JSON است، شروع از "{" و پایان دادن با "}".
+
+یک شی JSON حاوی لیستی از جفت های کلیدی مهم است. یک کلید یک رشته است و مقدار ممکن است انواع مختلفی از قبیل رشته، عدد، رشته ای، آرایه یا یک شی دیگر باشد. یک شیء معمولی زیر است:
+
+```javascript
+{
+ "stringValue": "This is a string.",
+ "numberValue": 42,
+ "boolValue": true,
+ "arrayValue": ["this", "is", "a", "string", "array"],
+ "objectValue": {
+ "another": "object"
+ }
+}
+```
+
+{% hint style='info' %}
+
+V2Ray از نظرات در JSON پشتیبانی می کند، حاوی "یا" یا "/ \ * \ * /" حاشیه نویسی شده است. در یک ویرایشگر که نظرات را پشتیبانی نمی کند، ممکن است به عنوان اشتباه نمایش داده شود، اما نظرات واقعا در V2Ray کار می کنند.
+
+{% endhint %}
+
+## انواع داده JSON
+
+در اینجا یک معرفی مختصر از انواع داده JSON است. آنها در بقیه اسناد ارجاع خواهند شد.
+
+> `boolean`: true | نادرست
+
+مقدار boolean باید `درست باشد` یا `false`بدون علامت نقل قول.
+
+> `عدد`
+
+عدد صحيح غیر منفی، بدون علامت نقل قول.
+
+> `رشته`
+
+دنباله ای از شخصیت ها، توسط علامت نقل قول احاطه شده است.
+
+> `آرایه`: []
+
+آرایه ای از عناصر نوع عناصر آن معمولا یکسان است، مثلا `[string]` آرایه ای از `رشته`.
+
+> `شی`: {}
+
+هدف - شی. با لیستی از جفت های ارزش کلیدی همراه می شود.
+
+{% hint style='tip' %}
+
+یک جفت ارزش کلیدی معمولا با کاما "،" به پایان می رسد، اما نباید با کاما به پایان برسد، اگر آخرین عنصر از شی است.
+
+{% endhint %}
+
+## انواع داده های مشترک V2Ray
+
+> `نقشه`: object \ {string، string \}
+
+یک شی که کلید ها و مقادیر نوع ثابت دارند.
+
+> `آدرس`: رشته
+
+یک آدرس IP یا دامنه در شکل رشته، مانند `"8.8.8.8"` یا `"www.v2ray.com"`
+
+> `آدرس_پورت`: رشته
+
+`آدرس` با پورت، مانند `"8.8.8.8:53"` یا `"www.v2ray.com:80"`. در برخی از استفاده ها، بخش آدرس می تواند حذف شود، مانند `": 443"`.
\ No newline at end of file
diff --git a/fa/configuration/api.md b/fa/configuration/api.md
new file mode 100644
index 000000000..cd3350f52
--- /dev/null
+++ b/fa/configuration/api.md
@@ -0,0 +1,52 @@
+---
+refcn: chapter_02/api
+refen: configuration/api
+---
+
+# API
+
+V2Ray برخی از API ها را برای دسترسی از راه دور فراهم می کند. این API ها بر اساس [gRPC](https://grpc.io/).
+
+هنگامی که API فعال می شود، V2Ray یک پروکسی خروجی را به صورت خودکار ایجاد می کند، برچسب `به عنوان برچسب`نشان می دهد. کاربر باید [مسیر](routing.md) تمام اتصالات gRPC را به این خروجی.
+
+## ApiObject
+
+`ApiObject` به عنوان `api` فیلد در پیکربندی سطح بالا استفاده می شود.
+
+```javascript
+{
+ "tag": "api",
+ "services": [
+ "HandlerService",
+ "LoggerService",
+ "StatsService"
+ ]
+}
+```
+
+> `برچسب`: رشته
+
+برچسب پروکسی خروجی
+
+> `خدمات`: \ [رشته \]
+
+فهرست API های فعال شده.
+
+## لیست API پشتیبانی شده
+
+### HandlerService
+
+API برای مدیریت پروکسی های ورودی و خروجی ویژگی های زیر ارائه شده است:
+
+* یک پروکسی جدید ورودی / خروجی اضافه کنید
+* پروکسی ورودی / خروجی موجود را حذف کنید.
+* یک کاربر جدید را به پروکسی ورودی اضافه کنید (تنها VMessage).
+* یک کاربر موجود را از یک پروکسی ورودی حذف کنید (فقط VMess).
+
+### LoggerService
+
+برای راه اندازی مجدد logger داخلی می توانید با logrotate برای فایل های ورودی کار کنید.
+
+### StatsService
+
+پشتیبانی از داخلی [آمار](stats.md).
\ No newline at end of file
diff --git a/fa/configuration/dns.md b/fa/configuration/dns.md
new file mode 100644
index 000000000..f994ab65d
--- /dev/null
+++ b/fa/configuration/dns.md
@@ -0,0 +1,104 @@
+---
+refcn: chapter_02/04_dns
+refen: configuration/dns
+---
+
+# DNS
+
+V2Ray دارای یک سرور DNS داخلی است که رله DNS را برای اجزای دیگر فراهم می کند.
+
+{% hint style='info' %}
+
+با توجه به پیچیدگی پروتکل DNS، V2Ray در حال حاضر تنها از درخواستهای IP اصلی (A و AAAA) پشتیبانی می کند. توصیه می کنیم از DNS حرفه ای (مانند [CoreDNS](https://coredns.io/)) برای V2Ray استفاده کنید.
+
+{% endhint %}
+
+پرسش های DNS که توسط این سرویس DNS رله می شود نیز براساس تنظیمات مسیریابی ارسال می شود. هیچ پیکربندی اضافی لازم نیست.
+
+## DnsObject
+
+`DnsObject` به عنوان `dns` فیلد در پیکربندی سطح بالا استفاده می شود.
+
+```javascript
+{
+ "hosts": {
+ "baidu.com": "127.0.0.1"
+ },
+ "servers": [
+ {
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ]
+ },
+ "8.8.8.8",
+ "8.8.4.4",
+ "localhost"
+ ],
+ "clientIp": "1.2.3.4",
+ "tag": "dns_inbound"
+}
+```
+
+> `hosts`: map{string: address}
+
+A list of static addresses, in the form of `domain:address`. Each entry has a domain name as key and IP or domain address as value. If a DNS query targets one of the domains in this list, the corresponding IP will be returned immediately and DNS query will not be relayed, or the corresponding domain address will be used for further DNS queries, instead of the previous one.
+
+The format of domains is:
+
+* Plaintext: When the targeting domain is exactly the value, the rule takes effect. Example: rule `"v2ray.com"` matches `"v2ray.com"`, but not `"www.v2ray.com"`.
+* Regular expression: Begining with `"regexp:"`, the rest is a regular expression. When the regexp matches targeting domain, this rule takes effect. Example: rule `"regexp:\\.goo.*\\.com$"` matches `"www.google.com"` and `"fonts.googleapis.com"`, but not `"google.com"`.
+* Subdomain (recommended): Begining with `"domain:"` and the rest is a domain. When the targeting domain is exactly the value, or is a subdomain of the value, this rule takes effect. Example: rule `"domain:v2ray.com"` matches `"www.v2ray.com"`, `"v2ray.com"`, but not `"xv2ray.com"`.
+* Keyword: Begining with `"keyword:"` and the rest is a pattern. If this string matches any part of the targeting domain, this rule takes effet. Example: rule `"keyword:sina.com"` matches targeting domain `"sina.com"`, `"sina.com.cn"` and `"www.sina.com"`, but not `"sina.cn"`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](routing.md#pre-defined-domain-lists) for more detail.
+
+> `سرور`: \ [رشته | [ServerObject](#serverobject) | "localhost" \]
+
+فهرست سرورهای DNS. هر سرور ممکن است در سه فرمت مشخص شود: آدرس IP، [ServerObject](#serverobject)یا `"localhost"`.
+
+هنگامی که یک سرور یک آدرس IP است، مانند `"8.8.8.8"`، V2Ray در DNS UDP روی 53 آدرس در این آدرس نمایش داده می شود.
+
+هنگامی که یک سرور `"localhost"`، V2Ray میزبان محلی DNS را نمایش می دهد.
+
+{% hint style='info' %}
+
+هنگامی که `"localhost"` استفاده می شود، ترافیک در حال انجام DNS توسط V2Ray کنترل نمی شود. با این وجود، شما می توانید پرس و جوهای DNS را با تنظیمات اضافی به V2Ray هدایت کنید.
+
+{% endhint %}
+
+> `clientIp`: string
+
+آدرس آی پی دستگاه فعلی. اگر مشخص شود، V2Ray از این IP به عنوان EDNS-Client-Subnet استفاده می کند. این IP نمی تواند یک آدرس خصوصی باشد.
+
+> `tag`: string
+
+(V2Ray 4.13+) All traffic initiated from this DNS, except to localhost, will have this tag as inbound. It can be used for routing.
+
+### ServerObject
+
+```javascript
+{
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ],
+}
+```
+
+> `address`: address
+
+Address of the DNS server. For now only UDP servers are supported.
+
+> `port`: number
+
+Port of the DNS server. Usually it is `53` or `5353`.
+
+> `domains`: \[string\]
+
+A list of domains. If the domain of enquire matches one of the list, this DNS server will be prioritized for DNS query for this domain.
+
+Domain name format is the same as in [routing](routing.md).
+
+When a DNS server has the domain in its domain list, the domain will be queried in this server first, and then other servers. Otherwise DNS queries are sent to DNS servers in the order they appear in the config file.
\ No newline at end of file
diff --git a/fa/configuration/env.md b/fa/configuration/env.md
new file mode 100644
index 000000000..b26c8b3ce
--- /dev/null
+++ b/fa/configuration/env.md
@@ -0,0 +1,46 @@
+---
+refcn: chapter_02/env
+refen: configuration/env
+---
+
+# متغیرهای محیطی
+
+V2Ray متغیرهای محیط زیر را می خواند.
+
+## اندازه کش در هر اتصال {#buffer-size}
+
+* نام: `v2ray.ray.buffer.size` یا `V2RAY_RAY_BUFFER_SIZE`
+* واحد: MBytes
+* مقدار پیش فرض: 2 در x86، amd64، arm64 و s390x. این حافظه پنهان در سایر سیستم عاملها غیرفعال است.
+* مقدار ویژه: 0 برای اندازه حافظه پنهان نامحدود
+
+**Deprecated. Use bufferSize in Policy.**
+
+For each connection, when there is a difference in speed between inbound and outbound traffic, V2Ray will cache some data for larger throughput. This setting controls the size of the cache. The larger the cache, the better the performance.
+
+## محل دارایی V2Ray {#asset}
+
+* نام: `v2ray.location.asset` یا `V2RAY_LOCATION_ASSET`
+* مقدار پیش فرض: همان پوشه ای است که v2ray است.
+
+This variable specifies a directory where geoip.dat and geosite.dat files are.
+
+## محل پیکربندی V2Ray {#config}
+
+* نام: `v2ray.location.config` یا `V2RAY_LOCATION_CONFIG`
+* مقدار پیش فرض: همان پوشه ای است که v2ray است.
+
+This variable specifies a directory where config.json is.
+
+## پراکندگی خواندن {#scatter-io}
+
+* نام: `v2ray.buf.readv` یا `V2RAY_BUF_READV`
+* مقدار پیش فرض: `خودکار`
+
+V2Ray 3.37 uses Scatter/Gather IO. This feature will use less memory when connection speed is over 100 MByte/s. Possible values are: `auto`, `enable` and `disable`.
+
+* `فعال کردن`: فعال کردن خواندن پراکنده
+* `غیر فعال کردن`: غیر فعال کردن خواندن پراکنده.
+* `خودکار`: در ویندوز، MacOS، لینوکس فعال می شود، زمانی که پردازنده x86، AMD64 یا s390x است.
+
+When connection speed is less than 100 MByte/s, no matter whether this is enabled or not, there is no obvious difference in terms of memory usage.
\ No newline at end of file
diff --git a/fa/configuration/mux.md b/fa/configuration/mux.md
new file mode 100644
index 000000000..b5149444e
--- /dev/null
+++ b/fa/configuration/mux.md
@@ -0,0 +1,27 @@
+---
+refcn: chapter_02/mux
+refen: configuration/mux
+---
+
+# چندگانه شدن
+
+Multiplexing، یا Mux، استفاده از یک اتصال TCP فیزیکی برای چندین اتصال TCP مجازی است.
+
+Mux برای کاهش زمان تاخیر دستکاری TCP طراحی شده است. این برای توان بالا نیست هنگامی که برای دانلود فایل های بزرگ یا اندازه گیری سرعت استفاده می شود، Mux معمولا از اتصال معمولی TCP کندتر است.
+
+## MuxObject
+
+```javascript
+{
+ "enabled": false,
+ "concurrency": 8
+}
+```
+
+> `فعال`: true | نادرست
+
+آیا Mux را در خروجی فعال کنید یا خیر
+
+> `هم زمان`: شماره
+
+حداکثر تعداد اتصالات چندگانه که یک اتصال فیزیکی در یک زمان می تواند اداره کند. حداکثر مقدار `1024`، دقیقه ارزش `1`، به طور پیش فرض `8`.
\ No newline at end of file
diff --git a/fa/configuration/overview.md b/fa/configuration/overview.md
new file mode 100644
index 000000000..e1e9a963a
--- /dev/null
+++ b/fa/configuration/overview.md
@@ -0,0 +1,249 @@
+---
+refcn: chapter_02/01_overview
+refen: configuration/overview
+---
+
+# بررسی پیکربندی
+
+V2Ray همان ساختار پیکربندی را بین طرف سرور و سمت سرویس گیرنده نشان می دهد که در زیر نشان داده شده است. تنظیمات سرور و مشتری در بخش های مختلف متفاوت هستند.
+
+در زیر ساختار سطح بالای پیکربندی است. هر بخش فرمت خاص خود را دارد.
+
+```javascript
+{
+ "log": {},
+ "api": {},
+ "dns": {},
+ "stats": {},
+ "routing": {},
+ "policy": {},
+ "inbounds": [],
+ "outbounds": [],
+ "transport": {}
+}
+```
+
+> `log`: [LogObject](#logobject)
+
+ورودی پیکربندی برای کنترل خروجی های ورودی.
+
+> `api`: [ApiObject](api.md)
+
+API RPC برای کنترل نمونه V2Ray. مشاهده [API پیکربندی](api.md) برای جزئیات بیشتر.
+
+> `dns`: [DnsObject](dns.md)
+
+پیکربندی برای تنظیمات داخلی DNS سرور. اگر این قسمت حذف شود، V2Ray از پیکربندی DNS سیستم شما استفاده خواهد کرد. برای جزئیات، [تنظیمات DNS](dns.md).
+
+> `آمار`: [StatsObject](stats.md)
+
+هنگامی که مشخص شده، داخلی [آمار](stats.md) را فعال کنید.
+
+> `سیاست`: [PolicyObject](policy.md)
+
+تنظیمات برای مجوزها و دیگر راهبردهای امنیتی. برای جزئیات بیشتر، به [سیاست محلی](policy.md).
+
+> `مسیریابی`: [RoutingObject](routing.md)
+
+پیکربندی برای داخلی [مسیریابی](routing.md) استراتژی.
+
+> `inbounds`: \ [ [InboundObject](#inboundobject)\]
+
+آرایه ای از [InboundObject](#inboundobject) به عنوان پیکربندی برای پروکسی های ورودی.
+
+> `خروجی`: \ [ [OutboundObject](#outboundobject)\]
+
+آرایه ای از [OutboundObject](#outboundobject) به عنوان پیکربندی برای پروکسی های خروجی. اولین خروجی در آرایه یکی از اصلیترین آنهاست. این پیش فرض خروجی در تصمیم مسیریابی است.
+
+> `حمل و نقل`: [TransportObject](transport.md)
+
+پیکربندی پروتکل حمل و نقل پایین. برای جزئیات، [پروتکل گزینه های حمل و نقل](transport.md).
+
+## LogObject
+
+```javascript
+{
+ "access": "/path/to/file",
+ "error": "/path/to/file",
+ "loglevel": "warning"
+}
+```
+
+> `دسترسی به`: رشته
+
+مسیر ورود به سیستم اگر خالی نیست، باید یک مسیر فایل قانونی باشد مانند `"/tmp/v2ray/_access.log"`(لینوکس)، یا `"C: \\ Temp \\ v2ray \\ _ access.log"`(ویندوز ) اگر خالی باشد، V2Ray ورود به سیستم را به `stdout`می نویسد.
+
+> `خطا`: رشته
+
+مسیر ورود به خطا اگر خالی نباشد، باید مسیر فایل قانونی باشد. اگر خالی باشد، V2Ray log log را به `stdout`می نویسد.
+
+> `loglevel`: "debug" | "اطلاعات" | "هشدار" | "خطا" | "هیچ یک"
+
+سطح سیاهههای مربوط به نوشته شده است سطوح ورودی مختلف نشان دهنده محتوای مختلف سیاهههای مربوط است. مقدار پیش فرض `"هشدار"`.
+
+سطوح ورودی:
+
+* `"debug"`: اطلاعات فقط برای توسعه دهندگان. همچنین شامل همه `"اطلاعات"` سیاهههای مربوط.
+* `"info"`: اطلاعات برای وضعیت فعلی V2Ray. کاربران مجبور نیستند از آن ها مراقبت کنند. همچنین شامل همه `"هشدار"` سیاهههای مربوط.
+* `"هشدار"`: چیزی با محیط زیست اشتباه است، معمولا خارج از V2Ray، به عنوان مثال، شکستن شبکه. V2Ray همچنان اجرا می شود، اما کاربران ممکن است برخی از شکست ها را تجربه کنند. همچنین شامل همه `"خطا"` سیاهههای مربوط.
+* `"خطا"`: چیزی شدیدا اشتباه است، که V2Ray نمی تواند اجرا شود.
+* `"none"`: همه ورود به سیستم غیر فعال هستند.
+
+## InboundObject
+
+InboundObject یک پروکسی ورودی را تعریف می کند. این ارتباطات ورودی به V2Ray را مدیریت می کند. پراکسی های موجود [در اینجا لیست شده است](protocols.md).
+
+```javascript
+{
+ "port": 1080,
+ "listen": "127.0.0.1",
+ "protocol": "protocol_name",
+ "settings": {},
+ "streamSettings": {},
+ "tag": "inbound_tag_name",
+ "sniffing": {
+ "enabled": false,
+ "destOverride": ["http", "tls"]
+ },
+ "allocate": {
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+ },
+}
+```
+
+> `پورت`: شماره | "env: متغیر" | رشته
+
+پورت که پروکسی در حال گوش دادن است فرمت های پذیرفته شده عبارتند از:
+
+* صحیح: شماره پورت واقعی.
+* متغیر محیطی: شروع با `"env:"`، متغیر env پورت فرمت رشته را مشخص می کند، مانند `"env: PORT"`. V2Ray متغیر را به عنوان رشته رمزگشایی می کند.
+* String: یک مقدار رشته عدد، مانند `"1234"`، یا طیف وسیعی از پورتها، مانند `"5-10"` برای 6 پورت در مجموع.
+
+پورت های واقعی برای باز کردن نیز بستگی به `تخصیص` تنظیمات. زیر را ببینید
+
+> `گوش دادن`: آدرس
+
+آدرس برای گوش دادن به مقدار پیش فرض `"0.0.0.0"` برای اتصالات ورودی در تمام رابط های شبکه است. در غیر این صورت، ارزش باید آدرس یک رابط شبکه موجود باشد.
+
+> `پروتکل`: رشته
+
+نام پروتکل ورودی هر فردی را برای مقادیر موجود مشاهده کنید.
+
+> `تنظیمات`: InboundConfigurationObject
+
+تنظیمات خاص پروتکل `InboundConfigurationObject` در هر پروتکل تعریف کنید.
+
+> `streamSettings`: [StreamSettingsObject]
+
+مشاهده [پروتکل گزینه های حمل و نقل](transport.md) برای جزئیات.
+
+> `برچسب`: رشته
+
+برچسب پروکسی ورودی این می تواند برای تصمیم گیری مسیریابی استفاده شود. اگر خالی نباشد، باید در میان تمام پروکسی های ورودی منحصر به فرد باشد.
+
+> `sniffing`: [SniffingObject](#sniffingobject)
+
+پیکربندی محتویات محتوا
+
+> `تخصیص`: [AllocateObject](#allocateobject)
+
+پیکربندی برای تخصیص پورت
+
+### SniffingObject
+
+```javascript
+{
+ "enabled": false,
+ "destOverride": ["http", "tls"]
+}
+```
+
+> `فعال`: true | نادرست
+
+آیا محتوا را مجذوب میکنید یا نه
+
+> `destOverride`: \ ["http" | "TLS" \]
+
+آرایه ای از نوع محتوا. اگر نوع محتوا از ترافیک ورودی در لیست مشخص شده باشد، مقصد اتصال با مقدار sniffed رونویسی خواهد شد.
+
+### AllocateObject
+
+```javascript
+{
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+}
+```
+
+> `استراتژی`: "همیشه" | "تصادفی"
+
+استراتژی تخصیص پورت هنگامی که آن را به `"همیشه"`، تمام پورت در قسمت `پورت` برای شنیدن اختصاص داده می شود. اگر `«تصادفی»` تنظیم شده باشد، V2Ray بر تعداد `همزمان` پورت گوش می دهد و لیست پورت ها هر `بازخوانی` دقیقه رد می شود.
+
+> `تازه کردن`: شماره
+
+تعداد دقیقه برای تازه کردن بنادر گوش دادن. مقدار حداقل `2`. این تنظیم تنها زمانی موثر است که `استراتژی` به `"تصادفی"`.
+
+> `هم زمان`: شماره
+
+تعداد پورت ها برای گوش دادن مقدار حداقل `1`. حداکثر مقدار یک سوم کل محدوده بندر است.
+
+## OutboundObject
+
+OutboundObject یک پروکسی خروجی را برای مدیریت اتصالات خروجی تعریف می کند. پروتکل های موجود ذکر شده [در اینجا](protocols.md).
+
+```javascript
+{
+ "sendThrough": "0.0.0.0",
+ "protocol": "protocol_name",
+ "settings": {},
+ "tag": "this_outbound_tag_name",
+ "streamSettings": {},
+ "proxySettings": {
+ "tag": "another_outbound_tag_name"
+ },
+ "mux": {}
+}
+```
+
+> `طریق`: آدرس
+
+آدرس آی پی برای ارسال ترافیک. مقدار پیش فرض، `"0.0.0.0"` برای انتخاب تصادفی یک IP موجود در میزبان است. در غیر این صورت، ارزش باید یک آدرس IP از رابط های شبکه موجود باشد.
+
+> `پروتکل`: رشته
+
+نام پروتکل این خروجی مشاهده [پروتکل](protocols.md) برای تمام مقادیر موجود.
+
+> `تنظیمات`: OutboundConfigurationObject
+
+تنظیمات خاص پروتکل مشاهده `OutboundConfigurationObject` در هر پروتکل های فردی است.
+
+> `برچسب`: رشته
+
+برچسب این خروجی اگر خالی نباشد، باید در میان تمام خروجی ها منحصر به فرد باشد.
+
+> `streamSettings`: [StreamSettingsObject](transport.md)
+
+تنظیمات حمل و نقل در سطح پایین. [گزینه های پروتکل حمل و نقل را مشاهده کنید.](transport.md).
+
+> `proxySettings`: [ProxySettingsObject](#proxysettingsobject)
+
+پیکربندی برای نمایندگی ترافیک از این خروجی به دیگری. هنگامی که این تنظیم می شود، `جریان تنظیمات` این خروجی بی تاثیر خواهد بود.
+
+> `mux`: [MuxObject](mux.md)
+
+مشاهده کنید [Mux](mux.md) پیکربندی برای جزئیات.
+
+### ProxySettingsObject
+
+```javascript
+{
+ "tag": "another-outbound-tag"
+}
+```
+
+> `برچسب`: رشته
+
+وقتی `برچسب` به تگ خروجی دیگر تنظیم می شود، ترافیک خروجی خروجی فعلی به یک مشخص شده منتقل می شود.
\ No newline at end of file
diff --git a/fa/configuration/policy.md b/fa/configuration/policy.md
new file mode 100644
index 000000000..6543e87c6
--- /dev/null
+++ b/fa/configuration/policy.md
@@ -0,0 +1,127 @@
+---
+refcn: chapter_02/policy
+refen: configuration/policy
+---
+
+# سیاست محلی
+
+خط مشی محلی سیاست تنظیمات فعلی V2Ray را مدیریت می کند، مانند وقفه اتصال. پلیس میتواند به هر سطح کاربری یا کل سیستم اعمال شود.
+
+## PolicyObject
+
+`PolicyObject` به عنوان `فیلد` سیاست در پیکربندی سطح بالا استفاده می شود.
+
+```javascript
+{
+ "levels": {
+ "0": {
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false
+ }
+ },
+ "system": {
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+ }
+}
+```
+
+> `level`: map{string: [LevelPolicyObject](#levelpolicyobject)}
+
+A list of key value pairs. Each key is a string of integer (restricted by JSON), such as `"0"`, `"1"`, etc. The numeric value is for a certain user level.
+
+{% hint style='info' %}
+
+User level can be set on each inbound and outbound proxy. V2Ray will apply different policies based on user level.
+
+{% endhint %}
+
+> `system`: [SystemPolicyObject](#systempolicyobject)
+
+System-wide policy
+
+### LevelPolicyObject
+
+```javascript
+{
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false,
+ "bufferSize": 10240
+}
+```
+
+> `handshake`: number
+
+Timeout for establishing a connection, in seconds. Default value `4`. At the handshake stage of an inbound proxy dealing with a new connection, say VMess reading request header, if it takes longer than `handshake` time, V2Ray aborts the connection.
+
+> `connIdle`: number
+
+Timeout for idle connections, in seconds. Default value `300`. If there is no data passed through the connection in `connIdle` time, V2Ray aborts the conneciton.
+
+> `uplinkOnly`: number
+
+Time for keeping connections open after the uplink of the connection is closed, in seconds. Default value `2`. After remote (server) closes the downlink of the connection, V2Ray aborts the connection after `uplinkOnly` times.
+
+> `downlinkOnly`: number
+
+Time for keeping connections open after the downlink of the connection is closed, in seconds. Default value `5`. After client (browser) closes the uplink of the connection, V2Ray aborts the connection after `downlinkOnly` time.
+
+{% hint style='tip' %}
+
+In a simple webpage browser scenario, it is safe to set `uplinkOnly` and `downlinkOnly` both to `0`, for better performance.
+
+{% endhint %}
+
+> `statsUserUplink`: true | false
+
+When set to `true`, V2Ray enables stat counter to uplink traffic for all users in this level.
+
+> `statsUserDownlink`: true | false
+
+When set to `true`, V2Ray enables stat counter to downlink traffic for all users in this level.
+
+> `bufferSize`: number
+
+Size of internal buffer per connection, in kilo-bytes. Default value is `10240`. When it is set to `0`, the internal buffer is disabled.
+
+Default value (V2Ray 4.4+):
+
+* `0` on ARM, MIPS and MIPSLE.
+* `4` on ARM64, MIPS64 and MIPS64LE.
+* `512` on other platforms.
+
+Default value (V2Ray 4.3-):
+
+* `16` on ARM, ARM64, MIPS, MIPS64, MIPSLE and MIPS64LE.
+* `2048` on other platforms.
+
+{% hint style='info' %}
+
+`bufferSize` overrides `v2ray.ray.buffer.size` settings in [env variables](env.md#cache-size-per-connection).
+
+{% endhint %}
+
+### SystemPolicyObject
+
+```javascript
+{
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+}
+```
+
+> `statsInboundUplink`: true | false
+
+When set to `true`, V2Ray enables stat counter for all uplink traffic in all inbound proxies.
+
+> `statsInboundDownlink`: true | false
+
+When set to `true`, V2Ray enables stat counter for all downlink traffic in all inbound proxies.
\ No newline at end of file
diff --git a/fa/configuration/protocols.md b/fa/configuration/protocols.md
new file mode 100644
index 000000000..f29f3ea1d
--- /dev/null
+++ b/fa/configuration/protocols.md
@@ -0,0 +1,17 @@
+---
+refcn: chapter_02/02_protocols
+refen: configuration/protocols
+---
+
+# پروتکل ها
+
+V2Ray از پروتکل های زیر پشتیبانی می کند. هر پروتکل ممکن است یک پروتکل ورودی یا یک پروتکل خروجی یا هر دو باشد.
+
+* [سیاه چاله](protocols/blackhole.md)
+* [Dokodemo درب](protocols/dokodemo.md)
+* [آزادی](protocols/freedom.md)
+* [HTTP](protocols/http.md)
+* [MTProto](protocols/mtproto.md)
+* [Shadowsocks](protocols/shadowsocks.md)
+* [Socks](protocols/socks.md)
+* [VMess](protocols/vmess.md)
\ No newline at end of file
diff --git a/fa/configuration/protocols/blackhole.md b/fa/configuration/protocols/blackhole.md
new file mode 100644
index 000000000..5c0a5aee2
--- /dev/null
+++ b/fa/configuration/protocols/blackhole.md
@@ -0,0 +1,40 @@
+---
+refcn: chapter_02/protocols/blackhole
+refen: configuration/protocols/blackhole
+---
+
+# Blackhole
+
+* نام: `blackhole`
+* نوع: خروجی
+
+Blackhole یک پروتکل برای ارتباطات خروجی است. این همه اتصالات با پاسخ های از پیش تعیین شده را مسدود می کند. همراه با [مسیریابی](../routing.md)، این می تواند برای جلوگیری از دسترسی به برخی از وب سایت ها استفاده شود.
+
+## ConfigurationObject
+
+```javascript
+{
+ "response": {
+ "type": "none"
+ }
+}
+```
+
+> `response`: [ResponseObject](#responseobject)
+
+پاسخ از پیش تعیین شده Blockhole بلافاصله برای هر ارتباطی که به آن انتقال داده می شود (اگر داده شده است) داده شود و اتصال را متوقف کند.
+
+### ResponseObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none" | "http"
+
+نوع پاسخ، گزینه های موجود عبارتند از:
+
+* `"none"`: مقدار پیش فرض. پاسخ خالی
+* `"http"`: پاسخ معتبر HTTP 403.
\ No newline at end of file
diff --git a/fa/configuration/protocols/dns.md b/fa/configuration/protocols/dns.md
new file mode 100644
index 000000000..bd4793d46
--- /dev/null
+++ b/fa/configuration/protocols/dns.md
@@ -0,0 +1,37 @@
+---
+refcn: chapter_02/protocols/dns
+refen: configuration/protocols/dns
+---
+
+# DNS
+
+* Name: `dns`
+* Type: Outbound
+
+DNS is an outbound proxy. It is mainly used for intercept and proxy DNS queries and responses. This outbound proxy can only accept DNS traffic, including both TCP and UDP based DNS queries. Other type of traffic will result in errors.
+
+When proxying DNS queries, DNS outbound will redirect IP queries (A and AAAA) to [internal DNS server](../dns.md). It will send other type of queries directly to its original destination.
+
+DNS outbound proxy is introduced in V2Ray 4.15.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "network": "tcp",
+ "address": "1.1.1.1",
+ "port": 53
+}
+```
+
+> `network`: "tcp" | "udp"
+
+(V2Ray 4.16+) Modify the transport protocol of the DNS traffic. The value may be either `"tcp"` or `"udp"`. If it is not specified, the original protocol remains unchanged.
+
+> `address`: address
+
+(V2Ray 4.16+) Modify the DNS server address in the request. If it is not specified, the original DNS server address remain unchanged.
+
+> `port`: number
+
+(V2Ray 4.16+) Modify the DNS server port in the request. If it is not specified, the original DNS server port remain unchanged.
\ No newline at end of file
diff --git a/fa/configuration/protocols/dokodemo.md b/fa/configuration/protocols/dokodemo.md
new file mode 100644
index 000000000..c304ef3c0
--- /dev/null
+++ b/fa/configuration/protocols/dokodemo.md
@@ -0,0 +1,96 @@
+* * *
+
+refcn: chapter_02/protocols/dokodemo refen: configuration/protocols/dokodemo
+
+* * *
+
+# Dokodemo-door
+
+* نام: `dokodemo-door`
+* نوع: ورودی
+
+Dokodemo درب یک پروتکل برای اتصالات ورودی است. هر ارتباطی را می گیرید و آنها را به مقصد مشخص شده منتقل می کنید.
+
+Dokodemo درب همچنین (اگر پیکربندی شده) به عنوان یک پروکسی شفاف کار می کند.
+
+## ConfigurationObject
+
+```javascript
+{
+ "address": "8.8.8.8",
+ "port": 53,
+ "network": "tcp",
+ "followRedirect": false,
+ "userLevel": 0
+}
+```
+
+> `address`: address
+
+آدرس سرور مقصد ممکن است یک IPv4، IPv6 یا یک دامنه در فرم رشته باشد. هنگامی که `followRedirect` (زیر را ببینید) `true`، `آدرس` می تواند خالی باشد.
+
+> `port`: number
+
+پورت سرور مقصد
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+نوع شبکه قابل قبول اگر `"tcp"` مشخص شود، تمام ترافیک UDP فرستاده شده به این door doko-door حذف خواهد شد.
+
+> `followRedirect`: true | false
+
+هنگامی که به `true`تنظیم می شود، dokodemo-door مقصد را از TProxy تشخیص می دهد و از آن به عنوان مقصد استفاده می کند. `TProxy` در [حمل و نقل](../transport.md) برای جزئیات مشاهده کنید.
+
+> `userLevel`: number
+
+سطح کاربر همه اتصالات این سطح را به اشتراک میگذارند. برای جزئیات بیشتر به [سیاست](../policy.md) مراجعه کنید.
+
+## نمونه هایی برای پروکسی شفاف
+
+ورودی dokodemo door را به صورت زیر وارد کنید.
+
+```javascript
+{
+ "network": "tcp,udp",
+ "timeout": 30,
+ "followRedirect": true
+}
+```
+
+پیکربندی iptables را به صورت زیر انجام دهید.
+
+```bash
+# ایجاد زنجیره ای جدید
+iptables -t nat -N V2RAY
+iptables -t انسداد -N V2RAY
+iptables -t انحنا -N V2RAY_MARK
+
+# آدرس سرور شما V2Ray را نادیده بگیرید
+# بسیار مهم است، فقط مراقب باشید.
+iptables -t nat -a V2RAY -d 123.123.123.123 -j بازگردانی
+
+# نادیده گرفتن LAN ها و هر آدرس دیگری که می خواهید از پروکسی دور بشوید
+# برای مشاهده لیست کامل شبکه های رزرو شده به ویکیپدیا و RFC5735 مراجعه کنید.
+iptables -t nat -A V2RAY -d 0.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 10.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 127.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 169.254.0.0/16 -j RETURN
+iptables -t nat -a V2RAY -d 172.16.0.0/12 -j RETURN
+iptables -t nat -a V2RAY -d 192.168 .0.0 / 16 -j RETURN
+iptables -t nat -A V2RAY -d 224.0.0.0/4 -j RETURN
+iptables -t nat -A V2RAY -d 240.0.0.0/4 -j RETURN
+
+# هر چیز دیگری باید هدایت شود به پورت محلی Dokodemo درب
+iptables -t nat -A V2RAY -p tcp -j REDIRECT -to-ports 12345
+
+# اضافه کردن هر قاعده UDP
+مسیر IP اضافه کردن محلی محلی به طور پیش فرض lo loo 100
+قانون آی پی اضافه کردن 1 جستجو 100
+iptables -t mangle -A V2RAY -p udp -dport 53 -j TPROXY -on-port 12345 -tproxy-mark 0x01 / 0x01
+iptables -t mangle -A V2RAY_MARK -p udp --dport 53 -j MARK -set-mark 1
+
+# قوانین را اعمال می کند
+iptables -t nat -A OUTPUT -p tcp -j V2RAY
+iptables -t انسداد -A PREROUTING -j V2RAY
+iptables -t انسداد -A OUTPUT -j V2RAY_MARK
+```
\ No newline at end of file
diff --git a/fa/configuration/protocols/freedom.md b/fa/configuration/protocols/freedom.md
new file mode 100644
index 000000000..a928a3290
--- /dev/null
+++ b/fa/configuration/protocols/freedom.md
@@ -0,0 +1,45 @@
+---
+refcn: chapter_02/protocols/freedom
+refen: configuration/protocols/freedom
+---
+
+# Freedom
+
+* نام: `آزادی`45.77.33.69
+* نوع: خروجی
+
+آزادی یک پروتکل برای ارتباطات خروجی است این تمام اتصال TCP یا UDP را به مقصد خود منتقل می کند. این خروجی زمانی استفاده می شود که می خواهید ترافیک را به مقصد واقعی خود ارسال کنید.
+
+## ConfigurationObject
+
+```javascript
+{
+ "domainStrategy": "AsIs",
+ "redirect": "127.0.0.1:3366",
+ "userLevel": 0
+}
+```
+
+> `domainStrategy`: "AsIs" | "UseIP"
+
+استراتژی برای حل و فصل نام دامنه. گزینه ها عبارتند از:
+
+* `"AsIs"`: مقدار پیش فرض. تعیین نام دامنه توسط سیستم
+* `"UseIP"`: استفاده از [DNS داخلی](../dns.md) برای وضوح نام دامنه.
+* `"UseIPv4"`: Use IPv4 address only, after resolved by internal DNS.
+* `"UseIPv6"`: Use IPv6 address only, after resolved by internal DNS.
+
+(V2Ray 4.6+) In `UseIP` mode, when `sendThrough` is specified in [OutboundObject](../overview.md#outboundobject), Freedom will automatically choose between IPv4 and IPv6 address for destination based on `sendThrough` settings.
+
+(V2Ray 4.7+) If `sendThrough` address conflicts with `"UseIPv4"` or `"UseIPv6"`, Freedom will fail to dial out-going connections.
+
+> `redirect`: address_port
+
+Redirect all connections to this address, in form like `"127.0.0.1:80"` or `":1234"`.
+
+* وقتی آدرس خالی است، به عنوان مثال `": 443"`، Freedom از آدرس اصلی اصلی استفاده می کند.
+* هنگامی که پورت `0`، به عنوان مثال `"v2ray.com:0"`، آزادی را به پورت اصلی استفاده کنید.
+
+> `userLevel`: number
+
+User level. All connections share this level.
\ No newline at end of file
diff --git a/fa/configuration/protocols/http.md b/fa/configuration/protocols/http.md
new file mode 100644
index 000000000..25addc697
--- /dev/null
+++ b/fa/configuration/protocols/http.md
@@ -0,0 +1,64 @@
+---
+refcn: chapter_02/protocols/http
+refen: configuration/protocols/http
+---
+
+# HTTP
+
+* نام: `http`
+* نوع: ورودی
+
+HTTP یک پروتکل برای اتصالات ورودی است. این سازگار با HTTP / 1.1 است.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "accounts": [
+ {
+ "user": "my-username",
+ "pass": "my-password"
+ }
+ ],
+ "allowTransparent": false,
+ "userLevel": 0
+}
+```
+
+> `accounts`: \[[AccountObject](#accountobject)\]
+
+آرایه ای که هر ورودی یک حساب است. به طور پیش فرض خالی است. اگر خالی نباشد، HTTP Basic Authentication برای درخواست های ورودی مورد نیاز است.
+
+> `allowTransparent`: true | false
+
+اگر به `true`تنظیم شده باشد، تمام درخواست HTTP برای این ورودی ارسال خواهد شد پروکسی، از جمله درخواست غیر پروکسی.
+
+> `userLevel`: number
+
+سطح کاربر همه اتصالات این سطح را به اشتراک میگذارند.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `user`: string
+
+نام کاربری برای تأیید هویت HTTP
+
+> `pass`: string
+
+رمز عبور برای احراز هویت HTTP.
+
+{% hint style='info' %}
+
+از تنظیمات زیر در لینوکس برای استفاده از پروکسی HTTP در جلسه فعلی استفاده کنید.
+
+* `صادرات http_proxy = HTTP: //127.0.0.1: 8080/` (URL است با توجه به پیکربندی خود را برای تغییر)
+* `صادرات https_proxy =$http_proxy`
+
+{% endhint %}
\ No newline at end of file
diff --git a/fa/configuration/protocols/mtproto.md b/fa/configuration/protocols/mtproto.md
new file mode 100644
index 000000000..ab9214905
--- /dev/null
+++ b/fa/configuration/protocols/mtproto.md
@@ -0,0 +1,103 @@
+---
+refcn: chapter_02/protocols/mtproto
+refen: configuration/protocols/mtproto
+---
+
+# MTProto
+
+* نام: `mtproto`
+* نوع: ورودی / خروجی
+
+پروکسی MTProto ویژه ویژه برای Telegram است. این شامل یک جفت پروکسی های ورودی و خروجی در V2Ray است. آنها معمولا برای ساخت یک پروکسی برای Telegram استفاده می شوند
+
+در حال حاضر V2Ray تنها آدرس IPv4 سرور Telegram را پشتیبانی می کند.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "users": [{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+ }]
+}
+```
+
+> `کاربر`: \ [[UserObject](#userobject)\]
+
+آرایه ای از کاربران. در حال حاضر فقط اولین کاربر موثر است.
+
+### UserObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+}
+```
+
+> `ایمیل`: رشته
+
+ایمیل کاربر مورد استفاده برای اهداف ردیابی دیدن [آمار](../stats.md).
+
+> `سطح`: شماره
+
+سطح کاربر
+
+> `مخفی`: رشته
+
+مخفی کاربر در Telegram، رمزعبور باید 32 حرف طول داشته باشد و فقط شامل صفات بین `0` تا `9`و `A`تا `ف`باشد.
+
+{% hint style='tip' %}
+
+شما می توانید از دستور زیر برای ایجاد مخفی MTProto استفاده کنید: `openssl rand -hex 16`
+
+{% endhint %}
+
+## پیکربندی خروجی {#outbound}
+
+```javascript
+{
+}
+```
+
+## نمونه {#sample}
+
+MTProto تنها می تواند برای ترافیک Telegram استفاده شود. شما ممکن است نیاز به یک قانون مسیریابی برای ترکیب ورودی و خروجی مربوطه داشته باشید. در اینجا یک نمونه ناقص است.
+
+ورودی:
+
+```javascript
+{
+ "tag": "tg-in",
+ "port": 443,
+ "protocol": "mtproto",
+ "settings": {
+ "users": [{"secret": "b0cbcef5a486d9636472ac27f8e11a9d"}]
+ }
+}
+```
+
+خروجی:
+
+```javascript
+{
+ "tag": "tg-out",
+ "protocol": "mtproto",
+ "settings": {}
+}
+```
+
+مسیریابی:
+
+```javascript
+{
+ "type": "field",
+ "inboundTag": ["tg-in"],
+ "outboundTag": "tg-out"
+}
+```
+
+برنامه Telegram خود را برای اتصال به port 443 در این دستگاه پیکربندی کنید.
\ No newline at end of file
diff --git a/fa/configuration/protocols/shadowsocks.md b/fa/configuration/protocols/shadowsocks.md
new file mode 100644
index 000000000..9236baa0d
--- /dev/null
+++ b/fa/configuration/protocols/shadowsocks.md
@@ -0,0 +1,163 @@
+---
+refcn: chapter_02/protocols/shadowsocks
+refen: configuration/protocols/shadowsocks
+---
+
+# Shadowsocks
+
+* Name: `shadowsocks`
+* نوع: ورودی / خروجی
+
+[Shadowsocks](https://www.shadowsocks.org/) پروتکل، برای هر دو اتصالات ورودی و خروجی.
+
+سازگاری با نسخه رسمی:
+
+* پشتیبانی از هر دو اتصال TCP و UDP، جایی که UDP می تواند اختیاری خاموش شود.
+* پشتیبانی می کند [OTA](https://web.archive.org/web/20161221022225/https://shadowsocks.org/en/spec/one-time-auth.html)؛
+ * مشتری ممکن است انتخاب کند که روشن یا خاموش شود.
+ * سرور ممکن است فعال، غیرفعال یا خودکار را انتخاب کند.
+* روش های رمزنگاری ([AEAD](https://shadowsocks.org/en/spec/AEAD-Ciphers.html) رمزهای اضافه شده در V2Ray 3.0):
+ * aes-256-cfb
+ * aes-128-cfb
+ * chacha20
+ * chacha20-ietf
+ * aes-256-gcm
+ * aes-128-gcm
+ * chacha20-poly1305 aka chacha20-ietf-poly1305
+* پلاگینها:
+ * پشتیبانی obfs از طریق حالت مستقل.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "method": "aes-128-cfb",
+ "password": "password",
+ "level": 0,
+ "ota": true,
+ "network": "tcp"
+}
+```
+
+> `ایمیل`: رشته
+
+آدرس ایمیل. برای شناسایی کاربر استفاده می شود.
+
+> `روش`: رشته
+
+ضروری. مراجعه کنید به [روش رمزگذاری](#encryption-methods) برای مقادیر موجود.
+
+> `رمز عبور`: رشته
+
+ضروری. رمز عبور در پروتکل Shadowsocks. می تواند هر رشته باشد
+
+> `سطح`: شماره
+
+سطح کاربر پیش فرض به `0`. [سیاست](../policy.md).
+
+> `ota`: `true` | `غلط`
+
+آیا OTA مجبور است یا نه اگر `true` و اتصال ورودی OTA را فعال نکنند، V2Ray این اتصال را رد می کند. برعکس
+
+اگر این فیلد مشخص نشده باشد، V2Ray خودکار تنظیمات OTA را از اتصالات ورودی تشخیص می دهد.
+
+هنگامی که استفاده از رمزنگاری AEAD استفاده می شود `ota` تاثیری ندارد.
+
+> `شبکه`: "tcp" | "udp" | "tcp، udp"
+
+نوع شبکه های پشتیبانی شده پیش فرض به `"tcp"`.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "servers": [
+ {
+ "email": "love@v2ray.com",
+ "address": "127.0.0.1",
+ "port": 1234,
+ "method": "method",
+ "password": "password",
+ "ota": false,
+ "level": 0
+ }
+ ]
+}
+```
+
+جایی که:
+
+* `ایمیل`: آدرس ایمیل. برای شناسایی کاربر استفاده می شود.
+* `آدرس`: آدرس سرور Shadowsocks. می تواند IPv4، IPv6 یا دامنه باشد.
+* `پورت`: Port of Shadowsocks server.
+* `روش`: روش رمزگذاری مقدار پیش فرض ندارد گزینه ها عبارتند از:
+ * `"aes-256-cfb"`
+ * `"aes-128-cfb"`
+ * `"chacha20"`
+ * `"chacha20-ietf"`
+ * `"aes-256-gcm"`
+ * `"aes-128-gcm"`
+ * `"chacha20-poly1305"` یا `"chacha20-ietf-poly1305"`
+* `رمز عبور`: رمز عبور. می تواند هر رشته باشد
+* `ota`: استفاده یا عدم استفاده از OTA.
+ * وقتی AEAD استفاده می شود، `ota` تاثیری ندارد.
+* `سطح`: سطح کاربر.
+
+> `سرور`: \ [[ServerObject](#serverobject)\]
+
+آرایه ای از [ServerObject](#serverobject)ثانیه.
+
+### ServerObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "address": "127.0.0.1",
+ "port": 1234,
+ "method": "加密方式",
+ "password": "密码",
+ "ota": false,
+ "level": 0
+}
+```
+
+> `ایمیل`: رشته
+
+آدرس ایمیل. برای شناسایی کاربر استفاده می شود.
+
+> `آدرس`: آدرس
+
+ضروری. آدرس سرور Shadowsocks. ممکن است IPv4، IPv6 یا آدرس دامنه باشد.
+
+> `پورت`: شماره
+
+ضروری. پورت سرور Shadowsocks.
+
+> `روش`: رشته
+
+ضروری. مراجعه کنید به [روش رمزگذاری](#encryption-methods) برای مقادیر موجود.
+
+> `رمز عبور`: رشته
+
+ضروری. رمز عبور در پروتکل Shadowsocks. می تواند هر رشته باشد
+
+> `ota`: true | نادرست
+
+استفاده یا عدم استفاده از OTA مقدار پیش فرض است `کاذب`.
+
+وقتی رمزگذاری AEAD استفاده می شود، این فیلد تاثیری ندارد.
+
+> `سطح`: شماره
+
+سطح کاربر
+
+## روش های رمزگذاری
+
+* `"aes-256-cfb"`
+* `"aes-128-cfb"`
+* `"chacha20"`
+* `"chacha20-ietf"`
+* `"aes-256-gcm"`
+* `"aes-128-gcm"`
+* `"chacha20-poly1305"` یا `"chacha20-ietf-poly1305"`
\ No newline at end of file
diff --git a/fa/configuration/protocols/socks.md b/fa/configuration/protocols/socks.md
new file mode 100644
index 000000000..a523cbcd4
--- /dev/null
+++ b/fa/configuration/protocols/socks.md
@@ -0,0 +1,147 @@
+---
+refcn: chapter_02/protocols/socks
+refen: configuration/protocols/socks
+---
+
+# Socks
+
+* نام: `جوراب`
+* نوع: ورودی / خروجی
+
+جوراب اجرای یک پروتکل SOCKS استاندارد است، سازگار با [Socks 4](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol)، Socks 4a و [Socks 5](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol).
+
+Socks configuration consists of two parts, `InboundConfigurationObject` and `OutboundConfigurationObject`, for inbound and outbound respectively.
+
+## OutboundConfigurationObject
+
+`OutboundConfigurationObject` is used as `settings` field in `OutboundObject` in top level configuration.
+
+```javascript
+{
+ "servers": [{
+ "address": "127.0.0.1",
+ "port": 1234,
+ "users": [
+ {
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+ }
+ ]
+ }]
+}
+```
+
+> `servers`: \[ [ServerObject](#serverobject) \]
+
+An array of Socks servers.
+
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 1234,
+ "users": [
+ {
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+ }
+ ]
+}
+```
+
+> `address`: address
+
+Socks server address. May be IPv4, IPv6 or domain address.
+
+{% hint style='info' %}
+
+Only support Socks 5 servers.
+
+{% endhint %}
+
+> `port`: number
+
+Socks server port.
+
+> `users`: \[ [UserObject](#userobject) \]
+
+An array of users. Each element in the array is an user. If the list is not empty. Socks inbound will force user authentication. Otherwise, anonymous user is allowed.
+
+### UserObject
+
+```javascript
+{
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+}
+```
+
+> `user`: string
+
+Username as in Socks protocol
+
+> `pass`: string
+
+Password as in Socks protocol
+
+> `level`: number
+
+User level for tracking and policy purpose. Default value is `0`.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "auth": "noauth",
+ "accounts": [
+ {
+ "user": "my-username",
+ "pass": "my-password"
+ }
+ ],
+ "udp": false,
+ "ip": "127.0.0.1",
+ "userLevel": 0
+}
+```
+
+> `auth`: "noauth" | "password"
+
+Socks autentication method. `"noauth"` is for anonymous authentication, and `"password"` for authentication with username and password. Default value is `"noauth"`.
+
+> `accounts`: \[ [AccountObject](#accountobject) \]
+
+An array of user accounts, for authenication purpose. Only take effect when `auth` is set to `"password"`.
+
+> `udp`: true | false
+
+Whether or not to enable UDP. Default value is `false`.
+
+> `ip`: address
+
+When UDP is enabled, V2Ray needs to know the IP address of current host. Default value is `"127.0.0.1"`. This must be set to the public IP address of the host, if you want to allow public UDP traffic.
+
+> `userLevel`: number
+
+User level. All incoming connections share this user level.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `user`: string
+
+Username as in Socks protocol
+
+> `pass`: string
+
+Password as in Socks protocol
\ No newline at end of file
diff --git a/fa/configuration/protocols/vmess.md b/fa/configuration/protocols/vmess.md
new file mode 100644
index 000000000..285e99790
--- /dev/null
+++ b/fa/configuration/protocols/vmess.md
@@ -0,0 +1,196 @@
+---
+refcn: chapter_02/protocols/vmess
+refen: configuration/protocols/vmess
+---
+
+# VMess
+
+* Name: `shadowsocks`
+* Type: Inbound / Outbound
+
+[VMess](https://www.v2ray.com/eng/protocols/vmess.html) یک پروتکل برای ارتباطات رمز شده است. این شامل پروکسی ورودی و خروجی است.
+
+VMess به زمان سیستم بستگی دارد. لطفا اطمینان حاصل کنید که زمان سیستم شما همگام با زمان UTC است. منطقه زمانی مهم نیست ممکن است یک سرویس `ntp` در لینوکس برای تنظیم زمان سیستم به طور خودکار نصب شود.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "vnext": [
+ {
+ "address": "127.0.0.1",
+ "port": 37192,
+ "users": [
+ {
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "alterId": 4,
+ "security": "auto",
+ "level": 0
+ }
+ ]
+ }
+ ]
+}
+```
+
+> `vnext`: \ [ [ServerObject](#serverobject)]
+
+یک آرایه، که هر عنصر یک سرور از راه دور را ارائه می دهد
+
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 37192,
+ "users": []
+}
+```
+
+> `آدرس`: آدرس
+
+آدرس سرور، ممکن است IPv4، IPv6 یا نام دامنه باشد.
+
+> `پورت`: شماره
+
+پورت سرور
+
+> `کاربر`: \ [ [UserObject](#userobject)\]
+
+آرایه ای که هر عنصر یک کاربر VMess است
+
+### UserObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "alterId": 16,
+ "security": "auto",
+ "level": 0
+}
+```
+
+> `id`: رشته
+
+شناسه کاربر، به شکل یک UUID U [](https://en.wikipedia.org/wiki/Universally_unique_identifier).
+
+> `alterId`: شماره
+
+Number of alternative IDs. The alternative IDs will be generated in a deterministic way. Default to 0. Maximum 65535. Recommend 4. Its value must be not larger than the one in corresponding Inbound.
+
+> `سطح`: شماره
+
+سطح کاربر برای کسب اطلاعات بیشتر به [سیاست](../policy.md) مراجعه کنید.
+
+> `امنیت`: "aes-128-gcm" | "chacha20-poly1305" | "خودکار" | "هیچ یک"
+
+روش رمزگذاری بار. این تنظیم فقط در خارج از دسترس است. ورودی VMess به طور خودکار این تنظیم را تشخیص داده و سپس مقدار رمزگشایی را رمزگشایی می کند. گزینه ها عبارتند از:
+
+* `"aes-128-gcm"`: توصیه شده برای کامپیوتر.
+* `"chacha20-poly1305"`: توصیه شده برای موبایل.
+* `"auto"`: مقدار پیش فرض. استفاده از `aes-128-gcm` در AMD64، ARM64 و S390x یا `chacha20-poly1305` در غیر این صورت.
+* `"none"`: ترافیک در همه رمزگذاری نشده است.
+
+{% hint style='info' %}
+
+از سازگاری بهتر برای استفاده از `"خودکار"` استفاده کنید.
+
+{% endhint %}
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "clients": [
+ {
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "level": 0,
+ "alterId": 4,
+ "email": "love@v2ray.com"
+ }
+ ],
+ "default": {
+ "level": 0,
+ "alterId": 4
+ },
+ "detour": {
+ "to": "tag_to_detour"
+ },
+ "disableInsecureEncryption": false
+}
+```
+
+> `مشتری`: \ [ [ClientObject](#clientobject)\]
+
+یک آرایه برای حساب کاربری معتبر. ممکن است هنگام استفاده از ویژگی پورت پویا خالی باشد.
+
+> `تور`: [DetourObject](#detourobject)
+
+ویژگی اختیاری برای نشان دادن مشتری برای دور زدن. اگر مشخص شود، این ورودی، خروجی را برای استفاده از ورودی دیگر هدایت می کند.
+
+> `طور پیش فرض`: [DefaultObject](#defaultobject)
+
+پیکربندی مشتری پیش فرض اختیاری معمولا با `دور`.
+
+> `disableInsecureEncryption`: true | نادرست
+
+مشتری را برای استفاده از روش های رمزنگاری ناامن ممنوع می کند. هنگامی که به `true`، اتصالات بلافاصله فسخ خواهند شد اگر رمزگذاری زیر استفاده شود. مقدار پیش فرض `false`.
+
+* `هیچ یک`
+* `aes-128-cfb`
+
+### ClientObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "level": 0,
+ "alterId": 4,
+ "email": "love@v2ray.com"
+}
+```
+
+> `id`: رشته
+
+شناسه کاربر، به شکل [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
+
+> `سطح`: شماره
+
+سطح کاربر برای استفاده از آن [سیاست](../policy.md) ببینید.
+
+> `alterId`: شماره
+
+تعداد شناسه های جایگزین همانطور که در خارج از کشور است.
+
+> `ایمیل`: رشته
+
+آدرس ایمیل برای شناسایی کاربر
+
+### DetourObject
+
+```javascript
+{
+ "to": "tag_to_detour"
+}
+```
+
+> `تا`: رشته
+
+برچسب یک پروکسی ورودی مشاهده [بررسی](../protocols.md). در صورت پیکربندی، VMess مشتری خود را پیشنهاد می دهد که از اتصال برای ارتباطات بیشتر استفاده کند.
+
+### DefaultObject
+
+```javascript
+{
+ "level": 0,
+ "alterId": 4
+}
+```
+
+> `سطح`: شماره
+
+سطح کاربر
+
+> `alterId`: شماره
+
+Number of alternative IDs. Default value 64. Recommend 4.
\ No newline at end of file
diff --git a/fa/configuration/reverse.md b/fa/configuration/reverse.md
new file mode 100644
index 000000000..1bcc9f045
--- /dev/null
+++ b/fa/configuration/reverse.md
@@ -0,0 +1,199 @@
+---
+refcn: chapter_02/reverse
+refen: configuration/reverse
+---
+
+# معکوس پروکسی
+
+معکوس پروکسی یک ویژگی اختیاری در V2Ray است. این ترافیک را از یک سرور به یک مشتری منتقل می کند. بنابراین پروکسی معکوس معکوس است.
+
+{% hint style='tip' %}
+
+معکوس پروکسی در V2Ray 4.0+ در دسترس است. این در حال حاضر در بتا است و ممکن است در آینده نزدیک بهبود یابد.
+
+{% endhint %}
+
+معکوس پروکسی به روش زیر عمل می کند:
+
+* فرض کنید یک دستگاه A است که یک سرور وب را اجرا می کند. دستگاه A هیچ آدرس IP عمومی ندارد و نمی تواند از طریق اینترنت دسترسی پیدا کند. یک دستگاه دیگر B وجود دارد، می گوید یک سرور ابر، که می تواند از اینترنت دسترسی داشته باشد. ما نیاز به استفاده از B به عنوان پورتال، جهت هدایت تراکنش به A
+* حالا ما V2Ray را بر روی دستگاه A نصب می کنیم که `پل`. و سپس V2Ray را بر روی دستگاه B نصب کنید، به نام `پورت`.
+* `پل` اتصال به `پورتال`را باز می کند. هدف خود را می توان برای مقصد مسیریابی سفارشی. `پورتال` ، این اتصالات، و همچنین اتصالات از دیگر کاربردهای اینترنتی را دریافت خواهد کرد. `پورتال` این دو نوع اتصالات را "اتصال" می کند. سپس ترافیک داخلی به `پل`تونل می شود.
+* پس از `پل` ترافیک از اینترنت را از طریق `پورت`دریافت می کند، این ترافیک را به سرور وب در localhost ارسال می کند. شما همچنین می توانید مسیریابی را برای این ترافیک نیز پیکربندی کنید.
+* `پل` توازن بار را براساس میزان ترافیک کنترل می کند.
+
+{% hint style='danger' %}
+
+معکوس پروکسی در حال حاضر قدرت [Mux](mux.md). لازم نیست دوباره Mux را روی خروجی آن پیکربندی کنید.
+
+{% endhint %}
+
+## ReverseObject
+
+`ReverseObject` به عنوان `معکوس` فیلد در پیکربندی سطح بالا استفاده می شود.
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }],
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+> `پل`: \ [[BridgeObject](bridgeobject)]
+
+آرایه ای از `پل`ثانیه. هر `پل` است [BridgeObject](bridgeobject).
+
+> `پورتال`: \ [[PortalObject](portalobject)]
+
+آرایه ای از `پورتال`ثانیه. هر `پورتال` است [PortalObject](bridgeobject).
+
+### BridgeObject
+
+```javascript
+{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+}
+```
+
+> `برچسب`: رشته
+
+تگ تمام ترافیک آغاز شده توسط این `پل` این برچسب را دارند. این می تواند برای مسیر [](routing.md)، که به عنوان `inboundTag`.
+
+> `دامنه`: رشته
+
+دامنه تمام اتصالات آغاز شده توسط `پل` به سمت `پورتال` از این دامنه به عنوان هدف استفاده می کنند. این دامنه فقط برای ارتباط بین `پل` و `پورتال`. لازم نیست در واقع ثبت نام شود.
+
+### PortalObject
+
+> `برچسب`: رشته
+
+یک برچسب شما نیاز به تغییر مسیر تمام ترافیک به این `پورتال`، با هدف قرار دادن `outboundTag` این `تگ`. ترافیک شامل اتصالات از `پل`و همچنین ترافیک اینترنتی است.
+
+> `دامنه`: رشته
+
+دامنه هنگامی که یک ارتباط با هدف قرار دادن این دامنه، `پورتال` ، این ارتباط از `پل`، در غیر این صورت اتصال به اینترنت است.
+
+{% hint style='tip' %}
+
+مانند دیگر کاربرد، یک نمونه V2Ray می تواند به عنوان استفاده `پل`، و یا یک `پورتال`، یا هر دو به عنوان همان زمان.
+
+{% endhint %}
+
+## پیکربندی مثال
+
+`پل` معمولا نیاز به دو خروجی دارد. یکی برای اتصال `پورتال`و دیگری برای اتصال سرور محلی محلی.
+
+معکوس:
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+خروجی:
+
+```javascript
+{
+ "tag": "out"
+ "protocol": "freedom",
+ "settings": {
+ "redirect": "127.0.0.1:80" // Send traffic to local web server
+ }
+},
+{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "portal的IP地址",
+ "port": 1024,
+ "users": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }]
+ },
+ "tag": "interconn"
+}
+```
+
+مسیریابی:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "domain": ["full:test.v2ray.com"],
+ "outboundTag": "interconn"
+ },{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "outboundTag": "out"
+ }]
+}
+```
+
+`پورتال` معمولا نیاز به دو inbounds دارد. یکی برای اتصالات از `پل`و دیگری برای اتصال به اینترنت.
+
+معکوس:
+
+```javascript
+{
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com" // Must be the same as in bridge
+ }]
+}
+```
+
+Inbound:
+
+```javascript
+{
+ "tag": "external",
+ "port": 80, // Open port 80 for internet HTTP traffic
+ "protocol": "dokodemo-door",
+ "settings": {
+ "address": "127.0.0.1",
+ "port": 80,
+ "network": "tcp"
+ }
+},
+{
+ "port": 1024, // For bridge connections
+ "tag": "interconn",
+ "protocol": "vmess",
+ "settings": {
+ "clients": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }
+}
+```
+
+Routing:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["external"],
+ "outboundTag": "portal"
+ },{
+ "type": "field",
+ "inboundTag": ["interconn"],
+ "outboundTag": "portal"
+ }]
+}
+```
+
+{% hint style='tip' %}
+
+در عمل، شما ممکن است بخواهید اول `پل` و سپس `پورت`.
+
+{% endhint %}
\ No newline at end of file
diff --git a/fa/configuration/routing.md b/fa/configuration/routing.md
new file mode 100644
index 000000000..575c4b12b
--- /dev/null
+++ b/fa/configuration/routing.md
@@ -0,0 +1,194 @@
+---
+refcn: chapter_02/03_routing
+refen: configuration/routing
+---
+
+# مسیریابی
+
+V2Ray دارای مکانیزم مسیریابی داخلی است. این ارتباطات ورودی به خروجی های مختلف را براساس قوانین انجام می دهد. یک سناریو معمول این است که تقسیم ترافیک به وسیله کشور انجام شود. V2Ray می تواند کشور مقصد (توسط Geo IP) یک اتصال را شناسایی کند و سپس اتصال به پروکسی خروجی مربوطه را ارسال کند.
+
+## RoutingObject
+
+`RoutingObject` به عنوان `مسیریابی` در پیکربندی سطح بالا استفاده می شود.
+
+```javascript
+{
+ "domainStrategy": "AsIs",
+ "rules": [],
+ "balancers": []
+}
+```
+
+> `domainStrategy`: "AsIs" | "IPIfNonMatch" | "IPOnDemand"
+
+استراتژی قطعنامه دامنه انتخاب ها عبارتند از:
+
+* `"AsIs"`: فقط از دامنه برای مسیریابی استفاده کنید. مقدار پیش فرض.
+* `"IPIfNonMatch"`: زمانی که هیچ قاعده ای با دامنه فعلی منطبق نیست، V2Ray آن را به آدرس های IP (A یا AAAA) رفع می کند و دوباره تمام قوانین را امتحان می کند.
+ * اگر یک دامنه دارای چندین آدرس IP باشد، V2Ray تمام آنها را انجام می دهد.
+ * IP های حل شده تنها برای تصمیم گیری مسیریابی استفاده می شوند، ترافیک هنوز به آدرس دامنه اصلی ارسال می شود.
+* `"IPOnDemand"`: تا زمانی که یک قانون مبتنی بر IP وجود دارد، V2Ray بلافاصله دامنه را به IP حل خواهد کرد.
+
+> `قوانین`: \ [[RuleObject](#ruleobject)\]
+
+An array of rules. For each inbound connection, V2Ray tries these rules from top down one by one. If a rule takes effect, the connection will be routed to the `outboundTag` (or `balancerTag`, V2Ray 4.4+) of the rule.
+
+> `balancers`: \[ [BalancerObject](#balancerobject) \]
+
+(V2Ray 4.4+) An array of load balancers. When a routing rule points to a load balancer, the balancer will select an outbound based on configuration. Then traffic will be sent to that outbound.
+
+### RuleObject
+
+```javascript
+{
+ "type": "field",
+ "domain": [
+ "baidu.com",
+ "qq.com",
+ "geosite:cn"
+ ],
+ "ip": [
+ "0.0.0.0/8",
+ "10.0.0.0/8",
+ "fc00::/7",
+ "fe80::/10",
+ "geoip:cn"
+ ],
+ "port": "53,443,1000-2000",
+ "network": "tcp",
+ "source": [
+ "10.0.0.1"
+ ],
+ "user": [
+ "love@v2ray.com"
+ ],
+ "inboundTag": [
+ "tag-vmess"
+ ],
+ "protocol":["http", "tls", "bittorrent"],
+ "attrs": "attrs[':method'] == 'GET'",
+ "outboundTag": "direct",
+ "balancerTag": "balancer"
+}
+```
+
+{% hint style='info' %}
+
+When multiple fields are specified, these fields have to be all satisfied, in order to make the rule effective. If you need both `domain` and `ip` rules, it is highly likely you need put them into separate rules.
+
+{% endhint %}
+
+> `type`: "field"
+
+The only valid value for now is `"field"`.
+
+> `domain`: \[ string \]
+
+An array of domains. Available formats are:
+
+* متن ساده: اگر این رشته با هر بخش از دامنه هدفمندی منطبق باشد، این قانون به عهده می گیرد. مثال: rule `"sina.com"` مطابقت دامنه `"sina.com"`، `"sina.com.cn"` و `"www.sina.com"`، اما نه `"sina.cn"`.
+* عبارت منظم: شروع با `"regexp:"`، بقیه یک عبارت منظم است. هنگامی که Regexp با هدف دامنه مطابقت می کند، این قانون به اجرا در می آید. مثال: rule `"regexp: \\. goo. * \\. com $"` برابر `"www.google.com"` و `"fonts.googleapis.com"`، اما نه `"google.com"`.
+* Subdomain (توصیه می شود): شروع با `"domain:"` و بقیه یک دامنه است. هنگامی که دامنه هدفمند دقیقا همان مقدار است یا یک زیر دامنه از مقدار است، این قانون در حال اجرا است. مثال: قانون `"دامنه: v2ray.com"` مسابقه `"www.v2ray.com"`، `"v2ray.com"`، اما نه `"xv2ray.com"`.
+* دامنه کامل: شروع با `"full:"` و بقیه یک دامنه است. هنگامی که دامنه هدفمند دقیقا همان ارزش است، این قانون اثر می گذارد. مثال: قانون `"دامنه: v2ray.com"` مطابق با `"v2ray.com"`، اما نه `"www.v2ray.com"`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](#pre-defined-domain-lists) for more detail.
+* Domains from file: Such as `"ext:file:tag"`. The value must begin with `ext:` (lowercase), and followed by filename and tag. The file is placed in [resource directory](env.md#location-of-v2ray-asset), and has the same format of `geosite.dat`. The tag must exist in the file.
+
+> `ip`: \[string\]
+
+An array of IP ranges. When the targeting IP is in one of the ranges, this rule takes effect. Available formats:
+
+* IP: مانند `"127.0.0.1"`.
+* [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing): مانند `"127.0.0.0/8"`.
+* GeoIP: مانند `"geoip: cn"`. با شروع می شود `geoip:` (حروف کوچک) و دو حرف از کد کشور را دنبال می کند.
+ * مقدار ویژه `"geoip: خصوصی"`: برای تمام آدرس های خصوصی مانند `127.0.0.1`.
+* IP ها از فایل: مانند `"ext: file: tag"`. مقدار باید با `ext:` (کوچک) شروع شود و با نام فایل و تگ همراه است. فایل در قرار داده شده [دایرکتوری منبع](env.md#location-of-v2ray-asset)، و همان فرمت از `geoip.dat`. برچسب باید در فایل موجود باشد.
+
+{% hint style='info' %}
+
+`"ext:geoip.dat:cn"` is equivalent to `"geoip:cn"`.
+
+{% endhint %}
+
+> `port`:number | string
+
+Port range. Formats are:
+
+* `"a-b"`: Both `a` and `b` are positive integers and less than 65536. When the targeting port is in [`a`, `b`), this rule takes effect.
+* `a`: `a` is a positive integer, and less than 65536. When the targeting port is `a`, this rule takes effect.
+* Mix of the two above, separated by ",". Such as `"53,443,1000-2000"`.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+When the connection has in the chosen network, this rule take effect.
+
+> `source`: \[string\]
+
+An array of IP ranges. Same format as `ip`. When the source IP of the connection is in the IP range, this rule takes effect.
+
+> `user`: \[string\]
+
+An array of email address. When the inbound connection uses an user account of the email address, this rule takes effect. For now Shadowsocks and VMess support user with email.
+
+> `inboundTag`: \[string\]
+
+An array of string as inbound proxy tags. When the connection comes from one of the specified inbound proxy, this rule takes effect.
+
+> `protocol`: \[ "http" | "tls" | "bittorrent" \]
+
+An array of string as protocol types. When the connection uses one of the protocols, this rule takes effect. To recognize the protocol of a connection, one must enable `sniffing` option in inbound proxy.
+
+> `attrs`: string
+
+(V2Ray 4.18+) A Starlark script, used for detecting traffic attributes. When this script returns true, this rule takes effect.
+
+[Starlark](https://github.com/bazelbuild/starlark) is a subset of Python. The script takes a global varible named `attrs`. It contains all attributes of the traffic.
+
+At the moment, only http inbound sets `attrs`.
+
+Examples:
+
+* Detect HTTP GET: `"attrs[':method'] == 'GET'"`
+* Detect HTTP Path: `"attrs[':path'].startswith('/test')"`
+* Detect Content Type: `"attrs['accept'].index('text/html') >= 0"`
+
+> `outboundTag` string
+
+[Tag of the outbound](protocols.md) that the connection will be sent to, if this rule take effect.
+
+> `balancerTag`: string
+
+Tag of an load balancer. Then this rule takes effect, V2Ray will use the balancer to select an outbound. Either `outboundTag` or `balancerTag` must be specified. When both are specified, `outboundTag` takes priority.
+
+### BalancerObject
+
+Configuration for a load balancer. When a load balancer takes effective, it selects one outbound from matching outbounds. This outbound will be used for send out-going traffic.
+
+```javascript
+{
+ "tag": "balancer",
+ "selector": []
+}
+```
+
+> `tag`: string
+
+Tag of this `BalancerObject`, to be matched from `balancerTag` in `RuleObject`.
+
+> `selector`: \[ string \]
+
+An array of strings. These strings are used to select outbounds with prefix matching. For example, with the following outbound tags: `[ "a", "ab", "c", "ba" ]`,selector `["a"]` matches `[ "a", "ab" ]`.
+
+When multiple outbounds are selected, load balancer for now picks one final outbound at random.
+
+## Pre-defined domain lists
+
+This is a domain lists maintained by [domain-list-community](https://github.com/v2ray/domain-list-community) project. It provides a file named `geosite.dat` for some predefined domain lists. Notably:
+
+* `category-ads`: Common ads domains.
+* `category-ads-all`: Common ads domains and ads providers' domains.
+* `cn`: Equivalent to an union of `geolocation-cn` and `tld-cn`.
+* `google`: All Google domains.
+* `facebook`: All Facebook domains.
+* `geolocation-cn`: Common domains that serve in China.
+* `geolocation-!cn`: Common domains that don't serve in China
+* `tld-cn`: All .cn and .中国 domains.
\ No newline at end of file
diff --git a/fa/configuration/stats.md b/fa/configuration/stats.md
new file mode 100644
index 000000000..0f1045fc2
--- /dev/null
+++ b/fa/configuration/stats.md
@@ -0,0 +1,43 @@
+---
+refcn: chapter_02/stats
+refen: configuration/stats
+---
+
+# آمار
+
+V2Ray برخی از اطلاعات مربوط به درون آن را فراهم می کند.
+
+## StatsObject
+
+`StatsObject` به عنوان `آمار` فیلد در پیکربندی سطح بالا استفاده می شود.
+
+```javascript
+{
+}
+```
+
+در حال حاضر هیچ پارامتری در تنظیمات آمار وجود ندارد. آمار در صورت فعال بودن `StatsObject` در پیکربندی سطح بالا فعال می شود. شما همچنین باید تنظیمات متناظر را در [خط مشی](policy.md)فعال کنید تا بتوانید از کاربر یا آمار سیستم پیگیری کنید.
+
+کلیه آمار شمارنده در زیر ذکر شده است:
+
+## ترافیک کاربر
+
+اگر کاربر آدرس ایمیل را در تنظیمات پروتکل تنظیم نکند، آمار ترافیک فعال نخواهد شد.
+
+> `کاربر>>>[email]>>>ترافیک>>>uplink`
+
+ترافیک uplink مرتبط با کاربر خاص در بایت.
+
+> `کاربر>>>[email]>>>ترافیک>>>downlink`
+
+ترافیک downlink پیوسته از کاربر خاص، در بایت.
+
+## ترافیک جهانی
+
+> `ورودی>>>[tag]>>>ترافیک>>>uplink`
+
+ترافیک uplink متصل شده از ورودی خاص، در بایت.
+
+> `ورودی>>>[tag]>>>ترافیک>>>downlink`
+
+ترافیک downlink پیوسته از ورودی خاص، در بایت.
\ No newline at end of file
diff --git a/fa/configuration/transport.md b/fa/configuration/transport.md
new file mode 100644
index 000000000..adba66c18
--- /dev/null
+++ b/fa/configuration/transport.md
@@ -0,0 +1,300 @@
+---
+refcn: chapter_02/05_transport
+refen: configuration/transport
+---
+
+# تنظیمات حمل و نقل
+
+حمل و نقل این است که چگونه V2Ray ارسال و دریافت داده ها از همتایان خود را. The responsibility of a transport is to reliably transfer data to a peer. معمولا یک ارتباط با ترانسپورت در هر دو نقطه انتهایی دارد. به عنوان مثال، اگر یک خروجی V2Ray با استفاده از WebSocket به عنوان حمل و نقل آن، ورودی آن صحبت می کند، همچنین باید از WebSocket استفاده کند، در غیر این صورت یک اتصال نمی تواند برقرار شود.
+
+تنظیمات حمل و نقل به دو قسمت تقسیم می شود: تنظیمات جهانی و تنظیمات پراکسی. تنظیمات هر پروکسی مشخص می کند که چگونه هر یک از پروکسی ها اطلاعات خود را مدیریت می کند، در حالی که تنظیمات جهانی برای همه پروکسی ها است. معمولا پروکسی های ورودی و خروجی بین همتراز اتصال باید تنظیمات حمل و نقل مشابه داشته باشند. هنگامی که یک پروکسی هیچ تنظیمات حمل و نقل ندارد، تنظیمات جهانی اعمال می شود.
+
+## TransportObject
+
+`TransportObject` به عنوان `انتقال` فیلد در پیکربندی سطح بالا استفاده می شود.
+
+```javascript
+{
+ "tcpSettings": {},
+ "kcpSettings": {},
+ "wsSettings": {},
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {}
+}
+```
+
+> `tcpSettings`: TcpObject
+
+تنظیمات [TCP transport](transport/tcp.md).
+
+> `kcpSettings`: KcpObject
+
+تنظیمات حمل و نقل [mKCP](transport/mkcp.md).
+
+> `wsSettings`: WebSocketObject
+
+تنظیمات برای [حمل و نقل WebSocket](transport/websocket.md).
+
+> `httpSettings`: HttpObject
+
+تنظیمات [HTTP / 2 حمل و نقل](transport/h2.md).
+
+> `dsSettings`: DomainSocketObject
+
+تنظیمات برای [Domain Socket Transport](transport/domainsocket.md).
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) Settings for [QUIC transport](transport/quic.md).
+
+## StreamSettingsObject
+
+Each inbound and outbound proxy may has its own transport settings, as specified in `streamSettings` field in top level configuration.
+
+```javascript
+{
+ "network": "tcp",
+ "security": "none",
+ "tlsSettings": {},
+ "tcpSettings": {},
+ "kcpSettings": {},
+ "wsSettings": {},
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {},
+ "sockopt": {
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+ }
+}
+```
+
+> `network`: "tcp" | "kcp" | "ws" | "http" | "domainsocket" | "quic"
+
+Network type of the stream transport. Default value `"tcp"`.
+
+> `security`: "none" | "tls"
+
+Type of security. Choices are `"none"` (default) for no extra security, or `"tls"` for using [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security).
+
+> `tlsSettings`: [TLSObject](#tlsobject)
+
+TLS settings. TLS is provided by Golang. Support up to TLS 1.2. DTLS is not supported.
+
+> `tcpSettings`: [TcpObject](transport/tcp.md)
+
+TCP transport configuration for current proxy. Effective only when the proxy uses TCP transport. Configuration is the same as it is in global configuration.
+
+> `kcpSettings`: KcpObject
+
+mKCP transport configuration for current proxy. Effective only when the proxy uses mKCP transport. Configuration is the same as it is in global configuration.
+
+> `wsSettings`: WebSocketObject
+
+WebSocket transport configuration for current proxy. Effective only when the proxy uses WebSocket transport. Configuration is the same as it is in global configuration.
+
+> `httpSettings`: HttpObject
+
+HTTP/2 transport configuration for current proxy. Effective only when the proxy uses HTTP/2 transport. Configuration is the same as it is in global configuration.
+
+> `dsSettings`: DomainSocketObject
+
+Domain socket transport configuration for current proxy. Effective only when the proxy uses domain socket transport. Configuration is the same as it is in global configuration.
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) QUIC transport configuration for current proxy. Effective only when the proxy uses QUIC transport. Configuration is the same as it is in global configuration.
+
+> `sockopt`: SockoptObject
+
+Socket options for incoming and out-going connections.
+
+### TLSObject
+
+```javascript
+{
+ "serverName": "v2ray.com",
+ "allowInsecure": false,
+ "alpn": ["http/1.1"],
+ "certificates": [],
+ "disableSystemRoot": false
+}
+```
+
+> `serverName`: string
+
+Server name (usually domain) used for TLS authentication. Typically this is used when corressponding inbound/outbound uses IP for communication.
+
+When domain name is specified from inbound proxy, or get sniffed from the connection, it will be automatically used for connection. It is not necessary to set `serverName` in such case.
+
+> `alpn`: \[ string \]
+
+An array of strings, to specifiy the ALPN value in TLS handshake. Default value is `["http/1.1"]`.
+
+> `allowInsecure`: true | false
+
+If `true`, V2Ray allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates.
+
+> `allowInsecureCiphers`: true | false
+
+Whehter or not to allow insecure cipher suites. By default TLS only uses cipher suites from TLS 1.3 spec. Turn on this option to allow cipher suites with static RSA keys.
+
+> `disableSystemRoot`: true | false
+
+(V2Ray 4.18+) Whether or not to disable system root CAs for TLS handshake. Default value is `false`. If set to `true`, V2Ray will use only `certificates` for TLS handshake.
+
+> `certificates`: \[ [CertificateObject](#certificateobject) \]
+
+List of TLS certificates. Each entry is one certificate.
+
+### CertificateObject
+
+```javascript
+{
+ "usage": "encipherment",
+
+ "certificateFile": "/path/to/certificate.crt",
+ "keyFile": "/path/to/key.key",
+
+ "certificate": [
+ "-----BEGIN CERTIFICATE-----",
+ "MIICwDCCAaigAwIBAgIRAO16JMdESAuHidFYJAR/7kAwDQYJKoZIhvcNAQELBQAw",
+ "ADAeFw0xODA0MTAxMzU1MTdaFw0xODA0MTAxNTU1MTdaMAAwggEiMA0GCSqGSIb3",
+ "DQEBAQUAA4IBDwAwggEKAoIBAQCs2PX0fFSCjOemmdm9UbOvcLctF94Ox4BpSfJ+",
+ "3lJHwZbvnOFuo56WhQJWrclKoImp/c9veL1J4Bbtam3sW3APkZVEK9UxRQ57HQuw",
+ "OzhV0FD20/0YELou85TwnkTw5l9GVCXT02NG+pGlYsFrxesUHpojdl8tIcn113M5",
+ "pypgDPVmPeeORRf7nseMC6GhvXYM4txJPyenohwegl8DZ6OE5FkSVR5wFQtAhbON",
+ "OAkIVVmw002K2J6pitPuJGOka9PxcCVWhko/W+JCGapcC7O74palwBUuXE1iH+Jp",
+ "noPjGp4qE2ognW3WH/sgQ+rvo20eXb9Um1steaYY8xlxgBsXAgMBAAGjNTAzMA4G",
+ "A1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA",
+ "MA0GCSqGSIb3DQEBCwUAA4IBAQBUd9sGKYemzwPnxtw/vzkV8Q32NILEMlPVqeJU",
+ "7UxVgIODBV6A1b3tOUoktuhmgSSaQxjhYbFAVTD+LUglMUCxNbj56luBRlLLQWo+",
+ "9BUhC/ow393tLmqKcB59qNcwbZER6XT5POYwcaKM75QVqhCJVHJNb1zSEE7Co7iO",
+ "6wIan3lFyjBfYlBEz5vyRWQNIwKfdh5cK1yAu13xGENwmtlSTHiwbjBLXfk+0A/8",
+ "r/2s+sCYUkGZHhj8xY7bJ1zg0FRalP5LrqY+r6BckT1QPDIQKYy615j1LpOtwZe/",
+ "d4q7MD/dkzRDsch7t2cIjM/PYeMuzh87admSyL6hdtK0Nm/Q",
+ "-----END CERTIFICATE-----"
+ ],
+ "key": [
+ "-----BEGIN RSA PRIVATE KEY-----",
+ "MIIEowIBAAKCAQEArNj19HxUgoznppnZvVGzr3C3LRfeDseAaUnyft5SR8GW75zh",
+ "bqOeloUCVq3JSqCJqf3Pb3i9SeAW7Wpt7FtwD5GVRCvVMUUOex0LsDs4VdBQ9tP9",
+ "GBC6LvOU8J5E8OZfRlQl09NjRvqRpWLBa8XrFB6aI3ZfLSHJ9ddzOacqYAz1Zj3n",
+ "jkUX+57HjAuhob12DOLcST8np6IcHoJfA2ejhORZElUecBULQIWzjTgJCFVZsNNN",
+ "itieqYrT7iRjpGvT8XAlVoZKP1viQhmqXAuzu+KWpcAVLlxNYh/iaZ6D4xqeKhNq",
+ "IJ1t1h/7IEPq76NtHl2/VJtbLXmmGPMZcYAbFwIDAQABAoIBAFCgG4phfGIxK9Uw",
+ "qrp+o9xQLYGhQnmOYb27OpwnRCYojSlT+mvLcqwvevnHsr9WxyA+PkZ3AYS2PLue",
+ "C4xW0pzQgdn8wENtPOX8lHkuBocw1rNsCwDwvIguIuliSjI8o3CAy+xVDFgNhWap",
+ "/CMzfQYziB7GlnrM6hH838iiy0dlv4I/HKk+3/YlSYQEvnFokTf7HxbDDmznkJTM",
+ "aPKZ5qbnV+4AcQfcLYJ8QE0ViJ8dVZ7RLwIf7+SG0b0bqloti4+oQXqGtiESUwEW",
+ "/Wzi7oyCbFJoPsFWp1P5+wD7jAGpAd9lPIwPahdr1wl6VwIx9W0XYjoZn71AEaw4",
+ "bK4xUXECgYEA3g2o9WqyrhYSax3pGEdvV2qN0VQhw7Xe+jyy98CELOO2DNbB9QNJ",
+ "8cSSU/PjkxQlgbOJc8DEprdMldN5xI/srlsbQWCj72wXxXnVnh991bI2clwt7oYi",
+ "pcGZwzCrJyFL+QaZmYzLxkxYl1tCiiuqLm+EkjxCWKTX/kKEFb6rtnMCgYEAx0WR",
+ "L8Uue3lXxhXRdBS5QRTBNklkSxtU+2yyXRpvFa7Qam+GghJs5RKfJ9lTvjfM/PxG",
+ "3vhuBliWQOKQbm1ZGLbgGBM505EOP7DikUmH/kzKxIeRo4l64mioKdDwK/4CZtS7",
+ "az0Lq3eS6bq11qL4mEdE6Gn/Y+sqB83GHZYju80CgYABFm4KbbBcW+1RKv9WSBtK",
+ "gVIagV/89moWLa/uuLmtApyEqZSfn5mAHqdc0+f8c2/Pl9KHh50u99zfKv8AsHfH",
+ "TtjuVAvZg10GcZdTQ/I41ruficYL0gpfZ3haVWWxNl+J47di4iapXPxeGWtVA+u8",
+ "eH1cvgDRMFWCgE7nUFzE8wKBgGndUomfZtdgGrp4ouLZk6W4ogD2MpsYNSixkXyW",
+ "64cIbV7uSvZVVZbJMtaXxb6bpIKOgBQ6xTEH5SMpenPAEgJoPVts816rhHdfwK5Q",
+ "8zetklegckYAZtFbqmM0xjOI6bu5rqwFLWr1xo33jF0wDYPQ8RHMJkruB1FIB8V2",
+ "GxvNAoGBAM4g2z8NTPMqX+8IBGkGgqmcYuRQxd3cs7LOSEjF9hPy1it2ZFe/yUKq",
+ "ePa2E8osffK5LBkFzhyQb0WrGC9ijM9E6rv10gyuNjlwXdFJcdqVamxwPUBtxRJR",
+ "cYTY2HRkJXDdtT0Bkc3josE6UUDvwMpO0CfAETQPto1tjNEDhQhT",
+ "-----END RSA PRIVATE KEY-----"
+ ]
+}
+```
+
+> `usage`: "encipherment" | "verify" | "issue"
+
+Purpose of the certificate. Default value `"encipherment"`. Choices are:
+
+* `"رمزگذاری"`: گواهی برای احراز هویت و رمزگذاری TLS استفاده می شود.
+* `"verify"`: گواهی برای اعتبار سنجی گواهی TLS از همکار راه دور استفاده می شود. در این مورد گواهی باید یک گواهینامه CA باشد.
+* `"issue"`: گواهی برای صدور گواهی های دیگر استفاده می شود. در این مورد گواهی باید یک گواهینامه CA باشد.
+
+{% hint style='info' %}
+
+On Windows, you have to install your CA certificate to system, in order to verify cerificates issued from the CA.
+
+{% endhint %}
+
+{% hint style='info' %}
+
+When there is a new client request, say for `serverName` = `"v2ray.com"`, V2Ray will find a certificate for `"v2ray.com"` first. If not found, V2Ray will try to issue a new certificate using any existing certificate whose `usage` is `"issue"` for `"v2ray.com"`. The new certificate expires in one hour, and will be added to certificate pool for later reuse.
+
+{% endhint %}
+
+> `certificateFile`: string
+
+File path to the certificate. If the certificate is generated by OpenSSL, the path ends with ".crt".
+
+{% hint style='info' %}
+
+Use `v2ctl cert -ca` command to generate a new CA certificate.
+
+{% endhint %}
+
+> `certificate`: \[ string \]
+
+List of strings as content of the certificate. See the example above. Either `certificate` or `certificateFile` must not be empty.
+
+> `keyFile`: string
+
+File path to the private key. If generated by OpenSSL, the file usually ends with ".key". Key file with password is not supported.
+
+> `key`: \[ string \]
+
+List of strings as content of the private key. See the example above. Either `key` or `keyFile` must not be empty.
+
+When `certificateFile` and `certificate` are both filled in. V2Ray uses `certificateFile`. Same for `keyFile` and `key`.
+
+{% hint style='info' %}
+
+When `usage` is `"verify"`, both `keyFile` and `key` can be empty.
+
+{% endhint %}
+
+### SockoptObject
+
+```javascript
+{
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+}
+```
+
+> `mark`: number
+
+An integer. If non-zero, the value will be set to out-going connections via socket option SO_MARK. This mechanism only applies on Linux and requires CAP_NET_ADMIN permission.
+
+> `tcpFastOpen`: true | false
+
+Whether or not to enable [TCP Fast Open](https://en.wikipedia.org/wiki/TCP_Fast_Open). When set to `true`, V2Ray enables TFO for current connection. When set to `false`, V2Ray disables TFO. If this entry doesn't exist, V2Ray uses default settings from operating system.
+
+* فقط در سیستم عامل های زیر اعمال می شود:
+ * ویندوز 10 (1604) یا بعدا
+ * سیستم عامل مک 10.11 / iOS 9 یا بالاتر
+ * لینوکس 3.16 یا بالاتر: به طور پیش فرض توسط سیستم فعال شده است.
+* قابل اجرا برای اتصالات ورودی و خروجی.
+
+> `tproxy`: "redirect" | "tproxy" | "off"
+
+Whether or not to enable transparent proxy on Linux. Choices are:
+
+* `"خاموش"`: مقدار پیش فرض. TProxy را فعال نکنید.
+* `"redirect"`: فعال کردن TProxy با حالت Redirect پشتیبانی از ترافیک TCP / IPv4 و UDP.
+* `"tproxy"`: TProxy را با حالت TProxy فعال کنید. پشتیبانی از ترافیک TCP و UDP.
+
+Transparent proxy requires Root or CAP\_NET\_ADMIN permission.
+
+{% hint style='info' %}
+
+If `TProxy` is not set, and `allowRedirect` is set in [dokodemo-door](protocols/dokodemo.md), the value of `TProxy` will be set to `"redirect"` automatically.
+
+{% endhint %}
\ No newline at end of file
diff --git a/fa/configuration/transport/domainsocket.md b/fa/configuration/transport/domainsocket.md
new file mode 100644
index 000000000..304105c8f
--- /dev/null
+++ b/fa/configuration/transport/domainsocket.md
@@ -0,0 +1,30 @@
+---
+refcn: chapter_02/transport/domainsocket
+refen: configuration/transport/domainsocket
+---
+
+# سوکت دامنه حمل و نقل
+
+سوکت دامنه از سوکت دامنه یونیکس استاندارد برای انتقال اطلاعات استفاده می کند. سوکت دامنه کانال tranfer سیستم تعاملی است. این بافر شبکه را مسدود نمیکند و ممکن است کمی سریعتر از ترافون کردن از طریق شبکه loopback محلی باشد.
+
+سوکت دامنه تنها می تواند در سیستم عامل هایی که سوکت دامنه یونیکس را پشتیبانی می کنند، مانند macOS و لینوکس استفاده شود. این در ویندوز موجود نیست
+
+{% hint style='info' %}
+
+هنگام استفاده از سوکت دامنه، IP و پورت مشخص شده در پروکسی ورودی / خروجی نادیده گرفته خواهند شد. تمام ترافیک از طریق سوکت دامنه تونل شده است.
+
+{% endhint %}
+
+## DomainSocketObject
+
+`DomainSocketObject` در `dsSettings` فیلد در `TransportObject` و `StreamSettingsObject`.
+
+```javascript
+{
+ "path": "/path/to/ds/file"
+}
+```
+
+> `مسیر`: رشته
+
+یک مسیر فایل کامل معتبر قبل از اجرای V2Ray، فایل در این مسیر نباید وجود داشته باشد.
\ No newline at end of file
diff --git a/fa/configuration/transport/h2.md b/fa/configuration/transport/h2.md
new file mode 100644
index 000000000..c318fd811
--- /dev/null
+++ b/fa/configuration/transport/h2.md
@@ -0,0 +1,29 @@
+---
+refcn: chapter_02/transport/h2
+refen: configuration/transport/h2
+---
+
+# HTTP / 2 حمل و نقل
+
+حمل و نقل HTTP / 2 در V2Ray 3.17 اضافه شده است. این بر اساس استاندارد HTTP / 2 است و می تواند از طریق دیگر سرور HTTP، مانند Nginx، پروکسی باشد.
+
+با توجه به recommandation HTTP / 2، ورودی و خروجی های پاسخ دهنده باید TLS را برای استفاده از این حمل و نقل فعال کنند.
+
+## HttpObject
+
+`DomainSocketObject` در `فیلد httpSettings` در `TransportObject` و `StreamSettingsObject`.
+
+```javascript
+{
+ "host": ["v2ray.com"],
+ "path": "/random/path"
+}
+```
+
+> `میزبان`: \ [رشته \]
+
+یک آرایه رشته ای هر عنصر یک دامنه است. مشتری برای هر درخواست یک دامنه را به طور تصادفی می برد. سرور بررسی می کند که آیا دامنه در درخواست ورودی در لیست است.
+
+> `مسیر`: رشته
+
+مسیر HTTP مشتری و سرور باید همان مقدار داشته باشند.
\ No newline at end of file
diff --git a/fa/configuration/transport/mkcp.md b/fa/configuration/transport/mkcp.md
new file mode 100644
index 000000000..79d45d1b2
--- /dev/null
+++ b/fa/configuration/transport/mkcp.md
@@ -0,0 +1,88 @@
+---
+refcn: chapter_02/transport/mkcp
+refen: configuration/transport/mkcp
+---
+
+# mKCP حمل و نقل
+
+mKCP حمل و نقل قابل اعتماد است. این یک پروتکل UDP است. mKCP ترافیک بیشتری برای زمان تاخیر پایین می فرستد. برای انتقال همان مقدار داده ها، mKCP معمولا نیاز به توان بیشتر از TCP دارد.
+
+## KcpObject
+
+```javascript
+{
+ "mtu": 1350,
+ "tti": 20,
+ "uplinkCapacity": 5,
+ "downlinkCapacity": 20,
+ "congestion": false,
+ "readBufferSize": 1,
+ "writeBufferSize": 1,
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `mtu`: شماره
+
+واحد انتقال حداکثر این نشان می دهد که بایت تعداد حداکثر که یک بسته UDP می تواند حمل کند. مقدار توصیه شده بین `576` و `1460`. مقدار پیش فرض `1350`.
+
+> `tti`: شماره
+
+فاصله زمانی انتقال، در میلی ثانیه. mKCP داده ها را در این فاصله ارسال می کند. مقدار توصیه شده بین `10` و `100`. مقدار پیش فرض `50`.
+
+> `uplinkCapacity`: number
+
+پهنای باند بالا، در MB / ثانیه. حداکثر پهنای باند برای نمونه V2Ray برای بارگذاری داده ها به یک از راه دور. مقدار پیش فرض `5`. لطفا توجه داشته باشید که این بایت (در MB / s) است نه کمی. ممکن است ارزش استفاده کنید `0` برای پهنای باند کوچک است.
+
+> `downlinkCapacity`: number
+
+پهنای باند Downlink، در MB / s. حداکثر پهنای باند برای نمونه V2Ray برای دانلود داده ها. مقدار پیش فرض `20`. لطفا توجه داشته باشید که این بایت (در MB / s) است نه کمی. ممکن است ارزش استفاده کنید `0` برای پهنای باند کوچک است.
+
+{% hint style='info' %}
+
+`uplinkCapacity` و `downlinkCapacity` سرعت mKCP را تعیین می کند. در سمت مشتری، `uplinkCapacity` سرعت برای ارسال مشتری به سرور را مشخص می کند. در سمت راست، `downlinkCapacity` سرعت سرور دریافت اطلاعات را مشخص می کند. حداقل این جفت در یک اتصال واقعی موثر است.
+
+{% endhint %}
+
+> `تراکم`: واقعی | نادرست
+
+این که آیا کنترل احتمالی را فعال کنید یا نه. مقدار پیش فرض است `کاذب`. وقتی کنترل احتمالی فعال می شود، V2Ray کیفیت شبکه را تشخیص می دهد. بسته های کمتری هنگام ارسال بسته های سخت افزاری ارسال می شوند، و یا داده های بیشتر هنگامی که شبکه به طور کامل پر نمی شود.
+
+> `readBufferSize`: شماره
+
+اندازه حافظه برای یک اتصال فقط در MB خوانده شده است. مقدار پیش فرض `2`.
+
+> `writeBufferSize`: number
+
+اندازه حافظه برای یک اتصال واحد را در MB بنویسید. مقدار پیش فرض `2`.
+
+> `header`: [HeaderObject](#headerobject)
+
+پیکربندی برای سوء استفاده از هدر بسته.
+
+### HeaderObject
+
+```javascript
+{
+ "نوع": "هیچ"
+}
+```
+
+> `نوع`: رشته
+
+نوع مبهم بودن پروکسی ورودی و خروجی باید تنظیمات مشابه داشته باشد. انتخاب ها عبارتند از:
+
+* `"none"`: مقدار پیش فرض. بدون سوء استفاده مورد استفاده قرار می گیرد.
+* `"srtp"`: به عنوان ترافیک SRTP تسخیر شده است. ممکن است به عنوان تماس های ویدئویی مانند Facetime شناخته شود.
+* `"utp"`: Obfuscated به عنوان ترافیک uTP. ممکن است به عنوان ترافیک Bittorrent شناخته شود.
+* `"wechat-video"`: مسدود شده به ترافیک WeChat.
+* `"dtls"`: به عنوان DTLS 1.2 بسته شده است.
+* `"wireguard"`: Obfuscated به عنوان WireGuard بسته. (پروتکل WireGuard درست نیست)
+
+## وام {#credits}
+
+* @ skywind3000 پروتکل اصلی KCP را اختراع کرد و در C اجرا شد
+* @ xtaci دوباره پیاده سازی پروتکل KCP در برو.
+* @ xiaokangwang یکپارچه KCP را به V2Ray.
\ No newline at end of file
diff --git a/fa/configuration/transport/quic.md b/fa/configuration/transport/quic.md
new file mode 100644
index 000000000..aee7406a0
--- /dev/null
+++ b/fa/configuration/transport/quic.md
@@ -0,0 +1,74 @@
+---
+refcn: chapter_02/transport/quic
+refen: configuration/transport/quic
+---
+
+# QUIC
+
+QUIC, or Quick UDP Internet Connection, is a multiplexing transport based on UDP, initially designed, implemented, and deployed by Google.
+
+QUIC has the following advantages:
+
+1. Reduced number of roundtrips in handshake phase. (1-RTT or 0-RTT)
+2. Multiplexing without head of line blocking as in TCP
+3. Connection migration, especially for clients. For example, connections don't break when device moves from Wi-Fi to 4G.
+
+QUIC is now an experiment in V2Ray. It implements IETF specification. As the spec is still being standardized, compatibility can't be guaranteed.
+
+## Update History
+
+V2Ray 4.7:
+
+* Initial version to support QUIC.
+* Default settings:
+ * 12 byte Connection ID
+ * Connection timeout in 30 seconds if no data traffic. (May have impact on some long HTTP connections)
+
+## QuicObject
+
+QUIC is used as `quicSettings` in transport settings. The configuration must be exactly the same between connecting peers.
+
+QUIC requires TLS. If TLS is not enabled in transport settings, V2Ray will automatically issue a TLS certificate for it. When QUIC transport is used, encryption in VMess can be turned off.
+
+```javascript
+{
+ "security": "none",
+ "key": "",
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `security`: "none" | "aes-128-gcm" | "chacha20-poly1305"
+
+Extra encryption over entire QUIC packet, include the frame head part. Default value is "none" for no encryption. After being encrypted, QUIC packets can't be sniff'ed.
+
+> `key`: string
+
+Key for the encryption above. Can be any string. Only effective when `security` is not `"none"`.
+
+> `header`: [HeaderObject](#headerobject)
+
+Configuration for packet header obfuscation.
+
+### HeaderObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: string
+
+Type of obfuscation. Corresponding inbound and outbound proxy must have the same settings. Choices are:
+
+* `"none"`: Default value. No obfuscation is used.
+* `"srtp"`: Obfuscated as SRTP traffic. It may be recognized as video calls such as Facetime.
+* `"utp"`: Obfuscated as uTP traffic. It may be recognized as Bittorrent traffic.
+* `"wechat-video"`: Obfuscated to WeChat traffic.
+* `"dtls"`: Obfuscated as DTLS 1.2 packets.
+* `"wireguard"`: Obfuscated as WireGuard packets. (NOT true WireGuard protocol)
+
+{% hint style='info' %} When neither encryption nor obfuscation is enabled, QUIC transport is compatible with other QUIC tools. However it is recommended to enable either or both for better undetectable communication. {% endhint %}
\ No newline at end of file
diff --git a/fa/configuration/transport/tcp.md b/fa/configuration/transport/tcp.md
new file mode 100644
index 000000000..d32e49a62
--- /dev/null
+++ b/fa/configuration/transport/tcp.md
@@ -0,0 +1,130 @@
+---
+refcn: chapter_02/transport/tcp
+refen: configuration/transport/tcp
+---
+
+# TCP حمل و نقل
+
+## TcpObject
+
+```javascript
+{
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `header`: NoneHeaderObject | HttpHeaderobject
+
+Header obfuscation. Default value is `NoneHeaderObject`.
+
+### NoneHeaderObject
+
+No header obfuscation.
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none"
+
+Disable header obfuscation.
+
+### HttpHeaderObject
+
+HTTP header obfuscation. The configuration must be the same between connecting inbound and outbound.
+
+```javascript
+{
+ "type": "http",
+ "request": {},
+ "response": {}
+}
+```
+
+> `type`: "http"
+
+Enable HTTP header obfuscation.
+
+> `request`: [HTTPRequestObject](#httprequestobject)
+
+HTTP request template.
+
+> `response`: [HTTPResponseObject](#httpresponseobject)
+
+HTTP response template.
+
+### HTTPRequestObject
+
+```javascript
+{
+ "version": "1.1",
+ "method": "GET",
+ "path": ["/"],
+ "headers": {
+ "Host": ["www.baidu.com", "www.bing.com"],
+ "User-Agent": [
+ "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36",
+ "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
+ ],
+ "Accept-Encoding": ["gzip, deflate"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
+ }
+}
+```
+
+> `version`: string
+
+HTTP version. Default value is `"1.1"`.
+
+> `method`: string
+
+HTTP method. Default value is `"GET"`。
+
+> `path`: \[ string \]
+
+HTTP path. An array is string. The path will be chosen randomly for every connection.
+
+> `headers`: map{string, \[ string \] }
+
+HTTP header. The key of each entry is the key of HTTP header. The value of each entry is a list of strings. The actual HTTP header value will be chosen randomly from the list for each connection. Default value is the values in the example above.
+
+In a connection, all keys in the specified map will be set to the HTTP header.
+
+### HTTPResponseObject
+
+```javascript
+{
+ "version": "1.1",
+ "status": "200",
+ "reason": "OK",
+ "headers": {
+ "Content-Type": ["application/octet-stream", "video/mpeg"],
+ "Transfer-Encoding": ["chunked"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
+ }
+}
+```
+
+> `version`: string
+
+HTTP version. Default value is `"1.1"`.
+
+> `status`: string
+
+HTTP status. Default value is `"200"`
+
+> `reason`: string
+
+HTTP status message. Default value is `"OK"`.
+
+> `headers`: map{string, string}
+
+HTTP header. The key of each entry is the key of HTTP header. The value of each entry is a list of strings. The actual HTTP header value will be chosen randomly from the list for each connection. Default value is the values in the example above.
+
+In a connection, all keys in the specified map will be set to the HTTP header.
\ No newline at end of file
diff --git a/fa/configuration/transport/websocket.md b/fa/configuration/transport/websocket.md
new file mode 100644
index 000000000..5aaebc1f9
--- /dev/null
+++ b/fa/configuration/transport/websocket.md
@@ -0,0 +1,35 @@
+---
+refcn: chapter_02/transport/websocket
+refen: configuration/transport/websocket
+---
+
+# وبسایت
+
+از WebSocket استاندارد برای انتقال اطلاعات استفاده کنید. اتصالات Websocket می تواند توسط HTTP سرور مانند Nginx پروکسی.
+
+## WebSocketObject
+
+`WebSocketObject` به عنوان `wsSettings` در `TransportObject` یا `StreamSettingsObject`.
+
+{% hint style='info' %}
+
+Websocket HTTP header X-Forwarded-For را شناسایی می کند و از آن به عنوان آدرس منبع ورودی استفاده می کند.
+
+{% endhint %}
+
+```javascript
+{
+ "مسیر": "/"،
+ "هدر": {
+ "میزبان": "v2ray.com"
+ }
+}
+```
+
+> `مسیر`: رشته
+
+مسیر مورد استفاده برای WebSocket. پیش فرض برای ریشه، به عنوان `"/"`.
+
+> `هدر`: نقشه{string, string}
+
+هدر سفارشی HTTP آرایه ای که هر ورودی یک جفت ارزش کلیدی در رشته است، برای هدر و مقدار در هدر HTTP. پیش فرض خالی است
\ No newline at end of file
diff --git a/fa/developer/tools.md b/fa/developer/tools.md
new file mode 100644
index 000000000..09d258f8e
--- /dev/null
+++ b/fa/developer/tools.md
@@ -0,0 +1,14 @@
+# Tools
+
+## Third Party SDK
+
+* C#: [v2ray-dotnet-sdk](https://github.com/techotaku/v2ray-dotnet-sdk)
+
+## Automation
+
+V2Ray uses the following automation tools for build and releases.
+
+* [Bazel](https://bazel.build/): Build & package.
+* [Azure DevOps](https://dev.azure.com/): Automated releases.
+* [Google Cloud](https://cloud.google.com/): Automated releases.
+* [CloudFlare](https://cloudflare.com/): Official site and domain.
\ No newline at end of file
diff --git a/fa/styles/website.css b/fa/styles/website.css
new file mode 100644
index 000000000..49ac09d57
--- /dev/null
+++ b/fa/styles/website.css
@@ -0,0 +1,40 @@
+.book-summary {
+ font-family: "Noto Sans CJK SC", "PingFang SC", "Microsoft Yahei", "Hiragino Sans GB", sans-serif;
+ font-size: 14px;
+}
+
+.book-header .btn {
+ padding: 0 5px;
+}
+
+.markdown-section {
+ font-family: "Noto Sans CJK SC", "PingFang SC", "Microsoft Yahei", "Hiragino Sans GB", sans-serif;
+ font-weight: 400;
+ font-size: 14px;
+ direction: rtl;
+}
+
+.markdown-section pre>code {
+ font-family: "Source Code Pro", monospace;
+ font-weight: 400;
+ font-size: 14px;
+}
+
+.markdown-section code:not([class]) {
+ white-space: nowrap;
+ padding: 0;
+}
+
+.markdown-section blockquote {
+ margin: 0;
+ margin-bottom: .85em;
+ padding: 0 15px;
+ border-left: 4px solid #64b5f6;
+ border-top: 1px solid #64b5f6;
+ color: #000000;
+ margin-top: 10px;
+}
+
+code {
+ direction: ltr !important;
+}
\ No newline at end of file
diff --git a/fa/ui_client/README.md b/fa/ui_client/README.md
new file mode 100644
index 000000000..00c5b9d7c
--- /dev/null
+++ b/fa/ui_client/README.md
@@ -0,0 +1,13 @@
+---
+refcn: ui_client/index
+refen: ui_client/index
+---
+# مشتریان پروژه V
+
+علاوه بر هسته V2ray، پروژه V شامل انواع مختلفی از مشتریان GUI در بسیاری از سیستم عامل ها می باشد. لطفا لیست زیر را برای نفع خود ببینید.
+
+* [پنجره ها](windows.md)
+* [Mac OS X](osx.md)
+* [در iOS](ios.md)
+* [اندروید](android.md)
+* [خدمات آنلاین](ui_client/service.md)
\ No newline at end of file
diff --git a/fa/ui_client/android.md b/fa/ui_client/android.md
new file mode 100644
index 000000000..8a156b1e4
--- /dev/null
+++ b/fa/ui_client/android.md
@@ -0,0 +1,51 @@
+---
+refcn: ui_client/android
+refen: ui_client/android
+---
+# مشتری Android
+
+## BifrostV
+
+BifrostV یک برنامه آندروید بر اساس هسته V2Ray است. از VMess، Shadowsocks، پروتکل های جوراب پشتیبانی می کند.
+
+* دانلود: [فروشگاه بازی](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv)
+* دانلود: [APK خالص](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+## V2RayNG
+
+V2RayNG نرم افزار آندروید بر اساس V2Ray است. این ویژگی همان ویژگی را به عنوان هسته V2Ray فراهم می کند.
+
+* دانلود: [فروشگاه بازی](https://play.google.com/store/apps/details?id=com.v2ray.ang)
+* منبع: [GitHub](https://github.com/2dust/v2rayNG)
+
+## V2Ray برو
+
+* دانلود: [فروشگاه بازی](https://play.google.com/store/apps/details?id=org.kkdev.v2raygo)
+* منبع: [Github](https://github.com/xiaokangwang/V2RayGO)
+
+## اکتینیم
+
+* دانلود: بازی فروشگاه (در دسترس نیست)
+* منبع: [Github](https://github.com/V2Ray-Android/Actinium)
+
+## ابزارهای دیگر {#other}
+
+### JuiceSSH
+
+مشتری SSH
+
+* دانلود: [فروشگاه بازی](https://play.google.com/store/apps/details?id=com.sonelli.juicessh)
+* وب سایت: [JuiceSSH.com](https://juicessh.com/)
+
+### ترموس
+
+مشتری SSH
+
+* دانلود: [فروشگاه بازی](https://play.google.com/store/apps/details?id=com.server.auditor.ssh.client)
+
+### تلگرام
+
+بحث رمزگذاری شده
+
+* وب سایت: [telegram.org](https://telegram.org/)
+* دانلود: [فروشگاه بازی](https://play.google.com/store/apps/details?id=org.telegram.messenger)
\ No newline at end of file
diff --git a/fa/ui_client/ios.md b/fa/ui_client/ios.md
new file mode 100644
index 000000000..78a0bcfd7
--- /dev/null
+++ b/fa/ui_client/ios.md
@@ -0,0 +1,62 @@
+---
+refcn: ui_client/ios
+refen: ui_client/ios
+---
+# مشتری iOS
+
+## Kitsunebi
+
+Kitsunebi یک برنامه iOS مبتنی بر V2Ray است. این قابلیت کامل به عنوان V2Ray را فراهم می کند. همچنین از وارد کردن و صادرات پیکربندی JSON سازگار با V2Ray پشتیبانی می کند.
+
+* Download: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+## Kitsunebi Lite
+
+نسخه سبک Kitsunebi.
+
+* دانلود: [iTunes](https://www.v2ray.com/itunes/us/kitsunebi-lite/id1387913765/)
+
+## Shadowrocket
+
+Shadowrocket یک برنامه VPN عمومی است. پشتیبانی از چندین پروتکل مانند Shadowsocks، VMess، SSR و غیره
+
+* دانلود: [iTunes](https://www.v2ray.com/itunes/us/shadowrocket/id932747118/)
+
+## Pepi (ShadowRay بود) {#pepi}
+
+Pepi برنامه V2Ray سازگار است. آیا قادر است اتصال VPN را بر اساس پروتکل VMess برقرار کند و با هر سرور V2Ray ارتباط برقرار کند.
+
+* دانلود: [iTunes](https://www.v2ray.com/itunes/us/pepi/id1283082051/)
+
+## کوانتومی
+
+* دانلود: [iTunes](https://www.v2ray.com/itunes/us/quantumult/id1252015438/)
+
+## ابزارهای دیگر {#other}
+
+### HyperApp
+
+یک ابزار برای ساخت سرور با docker.
+
+* دانلود: [iTunes](https://www.v2ray.com/itunes/us/hyperapp/id1179750280/)
+* وب سایت: [HyperApp.fun](https://www.hyperapp.fun/)
+
+### ترموس
+
+مشتری SSH
+
+* دانلود: [iTunes](https://www.v2ray.com/itunes/us/termius/id549039908/)
+
+### تلگرام
+
+بحث رمزگذاری شده
+
+* وب سایت: [telegram.org](https://telegram.org/)
+* دانلود: [iTunes](https://www.v2ray.com/itunes/us/telegram-messenger/id686449807/)
+
+### ProtonMail
+
+ایمیل رمزگذاری شده
+
+* وب سایت: [protonmail.com](https://protonmail.com/)
+* دانلود: [iTunes](https://www.v2ray.com/itunes/us/protonmail-encrypted-email/id979659905/)
\ No newline at end of file
diff --git a/fa/ui_client/osx.md b/fa/ui_client/osx.md
new file mode 100644
index 000000000..ec8b0bd64
--- /dev/null
+++ b/fa/ui_client/osx.md
@@ -0,0 +1,32 @@
+---
+refcn: ui_client/osx
+refen: ui_client/osx
+---
+# Mac OS X
+
+## V2RayX
+
+* دانلود: [Github](https://github.com/Cenmrev/V2RayX)
+
+## V2RayU
+
+* Download: [Github](https://github.com/yanue/V2rayU)
+
+## Other tools {#other}
+
+### ویژوال استودیو کد
+
+ویرایشگر کد منبع از مایکروسافت.
+
+* Website: [code.visualstudio.com](https://code.visualstudio.com/)
+
+### تلگرام
+
+بحث رمزگذاری شده
+
+* Website: [telegram.org](https://telegram.org/)
+* Download: [Mac App Store](https://www.v2ray.com/itunesm/us/telegram-desktop/id946399090/)
+
+### مشتری Microsoft Remote Desktop Connection
+
+* Download: [Mac App Store](https://www.v2ray.com/itunesm/us/microsoft-remote-desktop/id715768417/)
\ No newline at end of file
diff --git a/fa/ui_client/service.md b/fa/ui_client/service.md
new file mode 100644
index 000000000..94ba0d331
--- /dev/null
+++ b/fa/ui_client/service.md
@@ -0,0 +1,40 @@
+---
+refcn: ui_client/service
+refen: ui_client/service
+---
+# خدمات آنلاین
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## V2Ray مرتبط است
+
+* [ژنراتور پیکربندی](https://htfy96.github.io/v2ray-config-gen/)
+* [ژنراتور UUID](https://www.uuidgenerator.net/)
+
+## VPN
+
+* [BabyDriver](http://babydriver.me/): پشتیبانی از V2Ray. کد کوپن: bcb518
+* [喵 帕斯](https://xn--i2ru8q2qg.com/): حمایت V2Ray (بتا)
+* [Lanan](https://xn--sjt174g.com/): سرویس VPN مبتنی بر V2Ray. کد کوپن: v2ray
+* [多数 派](https://dspi.io/aff.php?aff=7): سرویس VPN جدید مبتنی بر V2Ray.
+* [V2rayPro](https://myv2.us/): VPN service based on V2Ray. Coupon code: v2ray.com
+* [V2Net](http://v2net.org/): Customized V2Ray service. Promo code: v2ray.com
+
+## Hosting
+
+* [بیایید رمزگذاری](https://letsencrypt.org/): گواهینامه TLS رایگان
+* [Vultr](https://www.vultr.com/?ref=7269307): VPS
+ * [2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+* [BlueHost](https://www.bluehost.com/track/v2ray/): VPS, web hosting
+* [ClouDNS](https://www.cloudns.net/aff/id/244749/): Domain registration, DNS, SSL certificate
+
+## Cryptocurrency
+
+* [LocalBitcoins](https://localbitcoins.com/?ch=khtm): Trade Bitcoins offline
+* [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g): OTC market to trade BTC, ETH, BCH, USDT.
+* [Binance](https://www.binance.com/?ref=35382451): Trading market for crypto currencies.
+* [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp): Trading market for crypto currencies.
+* [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18): Online crypto currency wallet
+* [PrimeDice](https://primedice.com/?c=default): Dice game with bitcoin.
+* [OneHash](https://www.onehash.com/?ap=56d52158f7e04b169ec54d): Bet sport games with Bitcoin, including World Cup 2018.
+* [Bitsler](https://www.bitsler.com/?ref=VictoriaR): Casino games with Bitcoin.
\ No newline at end of file
diff --git a/fa/ui_client/windows.md b/fa/ui_client/windows.md
new file mode 100644
index 000000000..11b55e4d3
--- /dev/null
+++ b/fa/ui_client/windows.md
@@ -0,0 +1,37 @@
+---
+refcn: ui_client/windows
+refen: ui_client/windows
+---
+# پنجره ها
+
+## V2RayW
+
+* دانلود: [Github](https://github.com/Cenmrev/V2RayW)
+
+## V2RayN
+
+* دانلود: [Github](https://github.com/2dust/v2rayN)
+
+## V2RayS
+
+* دانلود: [Github](https://github.com/Shinlor/V2RayS)
+
+## ابزارهای دیگر {#other}
+
+### پوتای
+
+مشتری SSH
+
+* وب سایت: [بطری](http://www.putty.org/)
+
+### ویژوال استودیو کد
+
+ویرایشگر کد منبع از مایکروسافت.
+
+* وب سایت: [code.visualstudio.com](https://code.visualstudio.com/)
+
+### تلگرام
+
+بحث رمزگذاری شده
+
+* وب سایت: [telegram.org](https://telegram.org/)
\ No newline at end of file
diff --git a/fa/welcome/command.md b/fa/welcome/command.md
new file mode 100644
index 000000000..18c5c219e
--- /dev/null
+++ b/fa/welcome/command.md
@@ -0,0 +1,151 @@
+---
+refcn: chapter_00/command
+refen: welcome/command
+---
+
+# خط فرمان
+
+## V2Ray
+
+V2Ray دارای پارامترهای خط فرمان زیر است:
+
+```shell
+v2ray [-version] [-test] [-config=config.json] [-format=json]
+```
+
+> `-version`
+
+Print the version of V2Ray only, and then exit.
+
+> `-test`
+
+Test configuration, output any errors and then exit.
+
+> `-config`
+
+URI of the configuration. Avilable formats are:
+
+* Path to the local config file. May be a relative path or absolute path.
+* `"stdin:"`: Indicates V2Ray to read configuration from standard input. Caller must close stdin after writing out configuration.
+* Value begins with `http://` or `https://` (lowercase): V2Ray tries to load configuration from the remote address.
+
+> `-format`
+
+Configuration format. Choices are:
+
+* `json`: JSON format.
+* `pb` or `protobuf`: Protobuf format.
+
+{% hint style='info' %}
+
+When `-config` is not specified, V2Ray first tries to load configuration from `config.json` under working directory, then from the directory specified by [environment variable](../configuration/env.md) `v2ray.location.asset`.
+
+{% endhint %}
+
+## V2Ctl
+
+V2Ctl is a collection of commandline tools. It runs in the following way:
+
+```bash
+v2ctl
+```
+
+> `command`
+
+Subcommand. Available values are below:
+
+* `api`: Invoke remote control commands in V2Ray instances.
+* `config`: Convert configuration from JSON format to protobuf.
+* `cert`: Generate TLS certificates.
+* `fetch`: Fetch remove resources.
+* `tlsping`: (V2Ray 4.17+) Test TLS handshake.
+* `verify`: Verify the signature of V2Ray releases.
+* `uuid`: Generate UUID.
+
+### V2Ctl Api
+
+`v2ctl api [--server=127.0.0.1:8080] `
+
+Invoke remote control commands in V2Ray instances. Example:
+
+`v2ctl api --server=127.0.0.1:8080 LoggerService.RestartLogger ''`
+
+### V2Ctl Config
+
+`v2ctl config`
+
+No option for this command. It reads JSON configuration from stdin, and print out corresponding Protobuf to stdout, if succeeds.
+
+### V2Ctl Cert
+
+`v2ctl cert [--ca] [--domain=v2ray.com] [--expire=240h] [--name="V2Ray Inc"] [--org="V2Ray Inc] [--json] [--file=v2ray]`
+
+Generates a TLS certificate based on options.
+
+> `--ca`
+
+If specified, the certificate will be a CA certificate.
+
+> `--domain`
+
+Alternative Names in the certificate. This option can be used multiple times for multiple domains. For example: `--domain=v2ray.com --domain=v2ray.cool`.
+
+> `--expire`
+
+Expire date of the certificate. Value is a [Golang duration](https://golang.org/pkg/time/#ParseDuration).
+
+> `--name`
+
+Command Name in the certificate.
+
+> `--org`
+
+Orgnization in the certificate.
+
+> `--json`
+
+If specified, the certificate will be printed to stdout in the JSON format that is used in V2Ray.
+
+> `--file`
+
+Prints the certificate into files. When `--file=a`, two files named `a_cert.pem` and `a_key.pem` will be generated.
+
+### V2Ctl Fetch
+
+`v2ctl fetch `
+
+Fetch remove resources and print to stdout. Only HTTP and HTTPS URL are supported.
+
+### V2Ctl TlsPing
+
+`v2ctl tlsping --ip=[ip]`
+
+Test TLS handlshake with specific domain.
+
+> domain
+
+Target domain for the TLS handshake.
+
+> --ip
+
+The IP address of the domain. If not specifed, V2Ctl resolves it through system DNS.
+
+### V2Ctl Verify
+
+`v2ctl verify [--sig=/path/to/sigfile] `
+
+To verify the signature of a V2Ray binary.
+
+> `--sig`
+
+Path to signature file. Default value is the ".sig" file to the path to be verified.
+
+> `filepath`
+
+The file to be verified.
+
+### V2Ctl UUID
+
+`v2ctl uuid`
+
+No options. This command prints a random UUID.
\ No newline at end of file
diff --git a/fa/welcome/donate.md b/fa/welcome/donate.md
new file mode 100644
index 000000000..8407539e8
--- /dev/null
+++ b/fa/welcome/donate.md
@@ -0,0 +1,77 @@
+---
+refcn: chapter_00/02_donate
+refen: welcome/donate
+---
+
+# کمک مالی
+
+V2Ray is a nonprofit project. The source code and its release binary can be used freely (mainly) under MIT licence. If you like this project, you may buy us a cup of coffee.
+
+Your donation has no direct connection to Project V's development and service. Our development will not be influenced by your donation. However, we will send a thank-you email for every donor. If you wish not to receive such email, please leave a note in your donation.
+
+For any donation worth more than $50, you may choose one of the following:
+
+* Your name or your company log shown on our front page for one month.
+* Modify our codebase as you wish. Restrictions: No user facing functionlity changes; no documentation changes. Your change will stay for a month.
+
+## راه معمول {#usual-way}
+
+> Paypal
+
+You may donate through [internal Paypal transfer](https://www.paypal.me/ProjectV2Ray/25) or [credit card](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&amount=25¤cy_code=usd&hosted_button_id=4TU3UKYANT2WY)
+
+Please kindly note that Paypal charges high service fee. Any donation less than 1 USD is meaningless.
+
+> Patreon
+
+[Patreon](https://www.patreon.com/v2ray) is a platform for regular donations. You may use Patreon if you want to donate frequently.
+
+> Giftcard
+
+For now we only receive giftcard for Amazon US. You may purchase it [at Amazon.com](https://www.amazon.com/Amazon-eGift-Card-Birthday-Balloons/dp/B01FIS88SY) and then send to `love@v2ray.com`.
+
+## Cryptocurrency {#crypto}
+
+Cryptocurrency is a more reliable way for international transactions. Crypto-wallet is usually anonymous and your donation is not traceable.
+
+Due to the anonymity natural of cryptocurrenty, please send us an email before your donation, if you want to receive the thank-you email.
+
+> Bitcoin
+
+Address: `3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM`
+
+View stats or QR-Code [at BlockChain](https://www.blockchain.com/btc/address/3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM)
+
+> Bitcoin Cash
+
+Address: `15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97`
+
+View stats or QR-Code [at BlockChain](https://explorer.bitcoin.com/bch/address/15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97)
+
+> Ethereum
+
+Address: `0x112ee71189704fe04cabed4aa045f4461c8c8696`
+
+View stats or QR-Code [at BlockChain](https://www.blockchain.com/eth/address/0x112ee71189704fe04cabed4aa045f4461c8c8696). You may also send the following ERC20 tokens to this address: OMG, REP, GNT, DGD
+
+> EOS
+
+Address: `EOS8Civdok4CBN3jCpsaGQijzesjKof1eyaRFuBU5mLMtWVkLsy8a`
+
+> Litecoin
+
+Address: `LVdeH2HkCgGRs8ZEpan7fkAEEPbiJ4McoR`
+
+> Monero
+
+Address: `48kA4NyLRCWQvB7U2A77G66Z25uWbyzmoZSYjxJfrMR1J4dRFW6fWFLDn3wirAqP8ySnR4rnvoXWxfkNFhrK5ZxY1WyBqKg`
+
+> Ripple
+
+Address: `r439fPk8DzCf4nSxkpfodEuE2cG4KVZQHq`
+
+Tag not required
+
+> Other
+
+Please send us an email at `love@v2ray.com` if you want to donate other kind of coins.
\ No newline at end of file
diff --git a/fa/welcome/faq.md b/fa/welcome/faq.md
new file mode 100644
index 000000000..b89379e88
--- /dev/null
+++ b/fa/welcome/faq.md
@@ -0,0 +1,67 @@
+---
+refcn: chapter_00/faq
+refen: welcome/faq
+---
+
+# سوالات متداول (FAQ)
+
+## استفاده از V2Ray
+
+### نحوه ارتقاء V2Ray
+
+* آخرین بسته را دانلود کنید یا
+* اجرای مجدد اسکریپت نصب (فقط لینوکس)
+
+### سقوط V2Ray
+
+* اگر از لینوکس با systemd استفاده می کنید، می توانید با استفاده از دستور `journalctl -u v2ray`.
+* به طور کلی شما می توانید دستور `v2ray -config = -test` را اجرا کنید تا اطلاعات خطا ببینید.
+
+### Backward Compatibility
+
+* For configuration file (e.g., JSON), backward compatibility applies to at least one major releases. For example, V2Ray 4.x supports config files from V2Ray 3.x.
+* For Protobuf based communication protocols, such as [Api](../configuration/api.md), backward compatibility applies to at least one major releases.
+* For binary based commnunication protocols, such as Shadowsocks and VMess, it is always backward compatible when server version is not older than clients. When client version is newer, backward compatibility applies to at least 12 minor releases.
+
+## خطاهای V2Ray
+
+### Socks: Unknown Socks version: 67
+
+علل احتمالی
+
+* You are using socks inbound in V2Ray, but your browser is configured to use HTTP proxy.
+
+راه حل
+
+* Add a HTTP inbound in V2Ray, and then update your browser proxy settings to use this proxy.
+
+## مجوز این پروژه
+
+پروژه V از مجوز زیر استفاده می کند.
+
+### V2Ray
+
+کد منبع و انتشار رسمی تحت مجوز MIT، از جمله کد منبع و انتشار در مخزن زیر مجوز.
+
+* [v2ray/v2ray-core](https://www.github.com/v2ray/v2ray-core/)
+* [v2ray/ext](https://www.github.com/v2ray/ext)
+
+### V2Ray.Com
+
+وب سایت رسمی، [v2ray.com](https://www.v2ray.com/)، تحت [Creative Commons Attribution 4.0 مجوز بین المللی](https://creativecommons.org/licenses/by/4.0/)مجاز است.
+
+* Including all visible text and pictures on the website.
+* Including Project V logo.
+* Including all source code that is used for generating the website, i.e., [v2ray/manual](https://www.github.com/v2ray/manual).
+
+### Screenshot and other files {#screenshots}
+
+تمام پرونده های شخص ثالث ذکر شده در زیر به خالق آنها تعلق دارند. هر شخصی که فایل را ایجاد می کند فایل دارد
+
+* Including all screenshots of Project V.
+* Including all configuration files that are used to run Project V.
+* Including all logs generated by Project V during runtime.
+
+### Other content {#other}
+
+تمام محتویاتی که در بالا ذکر نشده اند، به صورت مورد صدور مجوز خواهند بود.
\ No newline at end of file
diff --git a/fa/welcome/help.md b/fa/welcome/help.md
new file mode 100644
index 000000000..15ec36bd5
--- /dev/null
+++ b/fa/welcome/help.md
@@ -0,0 +1,117 @@
+---
+refcn: chapter_00/help
+refen: welcome/help
+---
+
+# حمایت کردن
+
+پروژه V چندین روش برای ارتباطات فراهم می کند.
+
+{% hint style='info' %}
+
+تیم پروژه V از چینی و انگلیسی پشتیبانی می کند. لطفا یکی را انتخاب کنید که با سوالات آشنا هستید.
+
+{% endhint %}
+
+## مسائل Github
+
+ما از چندین مخزن برای انواع مختلف بحث استفاده می کنیم.
+
+* [مسائل کد](https://github.com/v2ray/v2ray-core/issues)
+ * فقط برای برنامه نویسی سوالات مانند اشکال استفاده می شود.
+* [نقشه راه](https://github.com/v2ray/planning/issues)
+* [بحث عمومی](https://github.com/v2ray/discussion/issues)
+
+## تلگرام
+
+پروژه V گروه های زیر را برای انواع مختلف بحث ها فراهم می کند.
+
+* [استفاده](https://t.me/v2fly_chat)
+ * فقط برای موضوعات مرتبط با پروژه V.
+* [دیگران](https://t.me/joinchat/DNcazUIYaH80uVfeS716jg)
+ * برای موضوعات دیگر
+
+مباحث در این گروه ها به طور عمده در چینی هستند. گروه های نصب را به زبان خودتان آزاد کنید و به ما اطلاع دهید.
+
+{% hint style='danger' %}
+
+همه گروه های بحث، موضوعات زیر را ممنوع می کنند: محتوای بالغ، سیاست، سخنان نفرت. فرستندگان این موضوعات به طور مستقیم ممنوع می شوند.
+
+{% endhint %}
+
+لطفا دنبال [پروژه V اطلاعیه](https://t.me/v2fly) برای اخبار.
+
+## توییتر
+
+[ProjectV2Ray](https://twitter.com/projectv2ray) برای ارتباطات منظم.
+
+## پست الکترونیک
+
+لطفا یک پیام را به یکی از آدرس زیر ارسال کنید، اگر دوست دارید با تیم خصوصی V2Ray صحبت کنید.
+
+`love@v2ray.com`: آدرس ایمیل اصلی برای ارتباطات. هر روز بررسی می شود
+
+`v2ray@protonmail.com`: A [ProtonMail](https://protonmail.com/) صندوق پستی که پایان دادن به پایان دادن به رمزگذاری است. استفاده از آن دشوار است، و گاهی اوقات بررسی می شود.
+
+{% hint style='info' %}
+
+متاسفانه به دلیل حجم بالای کار، وعده داده شده که هر ایمیل پاسخ داده شود. متاسفم برای ناراحتی برای سوالات کلی، لطفا برای پاسخ سریع از گروههای بحث شده در بالا استفاده کنید.
+
+{% endhint %}
+
+شما ممکن است کلید عمومی PGP را با جستجوی `love@v2ray.com`یا کلید عمومی در زیر استفاده کنید.
+
+```text
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: GPGTools - https://gpgtools.org
+
+mQINBFaPeDABEADAbh3mk58UbKKWndztFKchtTRzU2xFWWRHTdYaNv7Eoo06wrxu
+3eglp0vn+16DIfru4H62TQMS/XSvxib90c4c1tQ4FndVSzv896/IplLKzdrtgn85
+c9eEX4V5b/tKKUmyrG593A/oDdsrpwaIgbNJdzbfqh7WLYESAevRkFJmBZMgfObs
+0pVO/dX6TqS8iV/ARDPbPAzuLosTWXkrRi2+JQmEOKePLsdypRMV9bcgymDA8N6w
+EyGzHyZ2I4wAALtjHXipWFYSZ/4ZK9q9H8G0XV/pk9Y4OFLPGR7T3VCtMwVMhGZk
+CgtcwGOUoE68a/bb9P4FowONnM7tqjM5ef30qNbwe8dMY5DvThffEqQ70LnNc9sj
+OpJF6njxV9ktjjLa3imAB5AStfwX1mBTkQTwnlqAU4pVFcMD6/z+kRFTZGP9nbcY
+cxu5Fg1VVBHHbpgWS39uiwzIBSWVfZj2iHOPcJd9SCZW5xvClcVb1KsU9UD+D88m
+uWBp3TUmxf0f53Uo7Flka1a7MyAEhfcorYsaRioqtPxTZ1z7oYbPLRqLbwmln/YV
+va8XIINQ0hI5phz9kly76ksUqYSz1DRe924/1BwLMs1VzeayB81tOctYd3I7I0aF
+5bF+RLWk0mvYgDBhw/be03PMn17OAkmR6IKNsFcowByNiNaVCLqoE8YVqQARAQAB
+tCFWaWN0b3JpYSBSYXltb25kIDxsb3ZlQHYycmF5LmNvbT6JAj0EEwEKACcFAlaP
+eDACGwMFCQeGH4AFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQV4XalIxIroqu
+ORAAoZNV6LVaDIxjJgH7BFh0oDNEa7Qac+INxkqd62cAmN3vAEF0PlwUhcz80twY
+WvSPMwiLg85wdg/TzM8Ps8umWT6d9rhpkWnlZWyRFYJBpxn6vOpg0OHsgZpJ2+IM
+iREmjK4sYFvuJjGi9e/BT0Mh2+ObcJejwd/+w5vhKb5seva+hw9Fyq569Y2+KMWG
+1M29n3c7NZ6+abYuynxjGdHKOzaTUEGfjrGLZqROD7gb+xtXhBjqKr6jnYlZBAo5
+iEAgnnzbiuDoa6Au+PosB2XZQ+rkecu/3AvmTYZ3wcEJt3FC4Gf9jY2A16ypmArm
+ak2cmLAlz9CIXllFHjqvAHF68UCx2ptxzG3MoWhDFqws09zKSpwLcLdiAWbw//MM
+otzeekx3+b+fjMUa4Eyjg5CvBN0wv2IbEjti744b3HWXW9yOIDrsTrMd8iixfjAe
+3rt9egqTJkLlE8e57Rqnd3E8GpM6LWx8uYXo1aSFxayjJvf+Rvb4VzDA0DHElD2Q
+dRVXJ/mhd14RHDc2QtERcF69GZZ79GFLcTMcXXBlQMDsY0vwBJ56Gi/IGImz9JpT
+swSlU05VSdosMcr01niYoA9BEQjm9Smgd/1b+8qZEAIfvad+SabIRiDacOpN3xSh
+SZzLzIkPukbEp+5hzXt7x22w9M+D6W0Oo22hS8zfV1ZavUa5Ag0EVo94MAEQANoc
+tlwqgv2T372ucpnalh6js8Y/0KkpaevFK6pguZMP6frLX1J05mt+YRUp2UADeqGt
+kuGEiXFZ5cr+smngF0l0HbRkflnILV7wd1WJJmQnvtAbfJfO+tovawUhQH19dLkB
+8KMULcgs0Hrf7QLwus6zs9q0ASu/KkDuQj9gruwWfxk4W5MOQZohk0JcJAZAaBy/
+ojKxz/91YjP3JEEzZuLqLiOz4RK38UBi96u5NEkqrmwCe6SAtpCHsa0dpj6LYZ1y
+1ITmYSUnRwgol/UTRNySkZ2PozX6YFXrdZYtuWir0VClw50tFFkIOCaoT3Q5FpCO
+SSS8smLjT9AAr8U3OZNTfNCQtFSNo8FUBYhXmMgskRC7oeV+t6LJ3rdJxgdaFcA+
+GWL4srMedqxmbmW+8CYGIImmurjTy+C9zAtH88NFMYDnG312IIo9Cse3LnYl7eO/
+KBd3YNvCL096Yqd4B/31fFy74/HaGEfNH7jwLvaY4moRdTff4kBERj7u39UE/jG/
+b4NXmnezUZ55qkYQahoPkUIMzF0tn5bOIh1DOg55Wu/ZYe7DQJVE9L6te6KTxALy
+ycD4WtQaP58SZpxHhGzEjEicPsPE1PpyRoW+Dl8lL+ppMbCl9zAV++BjkNeL5xZN
+dsCtx/jbh+44X9VtK3G+2sdfdC6TqRbW/lELc8P7ABEBAAGJAiUEGAEKAA8FAlaP
+eDACGwwFCQeGH4AACgkQV4XalIxIrorw8RAAg4L9/s8eg90qhslfPjWzvMyi7RvV
+9erHwMB1utxjFDHKknTds2CvnS5JzjpjiT4BT8ICD9cetSP3d7WRNT/XmveeJXjB
+TCxmswrT4H451qsGsCg9eiKIV2is/GolHLnKAvEHICRGsFeCRSB2rNkgWSQ/YJIt
+6vLP1SvwTNY/Y8tyChSbCDaUpvmn4sYf6Qop1Svmn299+22ZVUBp20szsNw233SJ
+IZL0WxSdrMqTdVsZ70m6VEOjOSa15yLryZrwN9U7qbpe2MmuygI90TVGQK4nLZG+
+2XH2YVtBNTl9ZiFdpwq8d7+eMGcStKYQcdy6IZDd3cOeb2sTMUG31HJS3efTmSrT
+tZpOz8TDeNjami78zR5qcW1VmGYbxlZHEhQnpG3U4qWRUZsy5TOYIXKHqCNc3rYH
+iixcKE3UcyHBF7XjdKgpKtsgZfKoDXFz3XATJEeW80GEG05GVMoD9Yvf96Q7lvC6
+U83vL8mHNjuG60KvBk7A9grYaVFioqRvbTdPf41G+tJpYKrHSJXPGglxHnzvBfiD
+WWJIBRTyaCCglZLZ/a1sCsT1DciDWQoqqH7DuK2YvMXG3IDaOfoKAE/uW31azT0B
+X7R92mxQ+gCZgePwG4gOE/xAqHZh84VzdWZJ4cehPgHa/z/enqbQbiQAwTXld4Wt
+PeRpd1GUXXeoGCw=
+=To5T
+-----END PGP PUBLIC KEY BLOCK-----
+```
\ No newline at end of file
diff --git a/fa/welcome/install.md b/fa/welcome/install.md
new file mode 100644
index 000000000..6a1a10ba7
--- /dev/null
+++ b/fa/welcome/install.md
@@ -0,0 +1,97 @@
+---
+refcn: chapter_00/install
+refen: welcome/install
+---
+
+# دانلود & نصب
+
+## سکو {#platform}
+
+V2Ray در سیستم عامل های زیر موجود است:
+
+* ویندوز 7 و بعد (x86 / amd64)
+* Mac OS X 10.10 Yosemite و بعد (amd64)
+* لینوکس 2.6.23 و بعد (x86 / amd64 / arm / arm64 / mips64 / mips)
+ * شامل اما نه محدود به Debian 7/8، اوبونتو 12.04 / 14.04 و بعدا، CentOS 6/7، Arch Linux
+* FreeBSD (x86 / amd64)
+* OpenBSD (x86 / amd64)
+* سنجاقک BSD (amd64)
+
+## دانلود {#download}
+
+بسته های پیش ساخته شده را می توان در اینجا پیدا کرد:
+
+1. Github انتشار: [github.com/v2ray/v2ray-core](https://github.com/v2ray/v2ray-core/releases)
+2. Redistribution: [github.com/v2ray/dist](https://github.com/v2ray/dist)
+3. Homebrew: [github.com/v2ray/homebrew-v2ray](https://github.com/v2ray/homebrew-v2ray)
+4. آرچ لینوکس: [بسته / جامعه / x86_64 / v2ray /](https://www.archlinux.org/packages/community/x86_64/v2ray/)
+5. Snapcraft: [snapcraft.io/v2ray-core](https://snapcraft.io/v2ray-core)
+
+همه بسته ها در قالب ZIP هستند. بسته های مربوطه را به سیستم خود دانلود و باز کنید.
+
+## تأیید {#verify}
+
+2 روش برای بررسی بسته ها وجود دارد.
+
+1. هر فایل `.zip` فایل مربوطه `.dgst` برای هضم SHA دارد.
+2. فایل امضای GPG برای اجرا (v2ray / v2ray.exe) را می توان در v2ray.sig (یا v2ray.exe.sig) در همان بسته پیدا کرد. کلید عمومی [در مخزن](https://raw.githubusercontent.com/v2ray/v2ray-core/master/release/verify/official_release.asc).
+
+## نصب در ویندوز یا سیستم عامل مک {#install-windows}
+
+پس از پاک کردن بسته ها، v2ray / v2ray.exe را اجرا کنید.
+
+## لینوکس را نصب کنید {#install-linux}
+
+ما یک اسکریپت برای نصب در لینوکس ارائه می دهیم. این اسکریپت v2ray نصب شده قبلی را تشخیص داده و سپس بروز رسانی یا نصب جدیدی را بر عهده دارد. اگر یک نسخه قبلی وجود دارد، فایل پیکربندی در / etc / v2ray در هنگام ارتقاء مجددا نویسی نخواهد شد.
+
+دستور زیر اجازه دسترسی به ریشه را می دهد.
+
+برای نصب V2Ray دستور زیر را اجرا کنید. اگر yum یا apt در دسترس باشد، اسکریپت unzip و daemon / systemd را نصب خواهد کرد. آنها نیاز به اجرای V2Ray به عنوان یک سرویس دارند. اگر سیستم لینوکس شما yum یا apt را پشتیبانی نمی کند، باید آنها را به صورت دستی نصب کنید.
+
+```bash
+curl -Ls https://install.direct/go.sh | sudo bash
+```
+
+اسکریپت فایل های زیر را نصب می کند.
+
+* `/ usr / bin / v2ray / v2ray`: V2Ray executable
+* `/ usr / bin / v2ray / v2ctl`: Utility
+* `/etc/v2ray/config.json`: فایل پیکربندی
+* `/usr/bin/v2ray/geoip.dat`: فایل داده های IP
+* `/usr/bin/v2ray/geosite.dat`: فایل داده دامنه
+
+این اسکریپت همچنین V2Ray را به عنوان سرویس اجرا می کند، اگر systemd در دسترس باشد.
+
+تنظیمات در مکان های زیر قرار دارند.
+
+* `/etc/systemd/system/v2ray.service`: Systemd
+* `/etc/init.d/v2ray`: SysV
+
+پس از نصب، ما باید:
+
+1. به روز رسانی `/etc/v2ray/config.json` فایل برای سناریوی خودتان.
+2. اجرا `سرویس v2ray شروع` دستور برای شروع V2Ray.
+3. اختیاری `سرویس v2ray start | stop | status | reload | restart | force-reload` برای کنترل سرویس V2Ray.
+
+### برو {#gosh}
+
+go.sh از پارامترهای زیر پشتیبانی می کند.
+
+* `-p` یا `پروکسی`: از پروکسی برای دانلود بسته های V2Ray استفاده کنید. همان فرمت Curl مانند `"socks5: //127.0.0.1: 1080"` یا `"http://127.0.0.1:3128"`.
+* `-f` یا `--force`: نیروی نصب. اسکریپت فرض می کند V2Ray در همه نصب نشده است.
+* `- نسخه`: نسخه نصب شده، مانند `"v1.13"`. مقدار پیش فرض آخرین نسخه پایدار است.
+* `محلی`: از یک بسته محلی برای نصب استفاده کنید.
+
+مثال ها:
+
+* برای نصب آخرین بسته از SOCKS proxy 127.0.0.1:1080 استفاده کنید: ```./go.sh -p socks5://127.0.0.1:1080```
+* نصب فایل v1.13 از فایل محلی:```./go.sh --version v1.13 --local /path/to/v2ray.zip```
+
+## داكر {#docker}
+
+V2Ray تصاویر 2 بارانداز را فراهم می کند:
+
+* [v2ray / official](https://hub.docker.com/r/v2ray/official/): شامل نسخه های رسمی است.
+* [v2ray / dev](https://hub.docker.com/r/v2ray/dev/): دارای آخرین کد است.
+
+2 تصویر دارای ساختار مشابهی با نصب لینوکس است.
\ No newline at end of file
diff --git a/fa/welcome/license.md b/fa/welcome/license.md
new file mode 100644
index 000000000..f2565e458
--- /dev/null
+++ b/fa/welcome/license.md
@@ -0,0 +1,34 @@
+---
+refcn: chapter_00/license
+refen: welcome/license
+---
+# License
+
+Project V uses the following license.
+
+## V2Ray
+
+Source code and official releases are licensed under MIT license, including the source code and releases in the following repository.
+
+* [v2ray/v2ray-core](https://www.github.com/v2ray/v2ray-core/)
+* [v2ray/ext](https://www.github.com/v2ray/ext)
+
+## V2Ray.Com
+
+Official website, [v2ray.com](https://www.v2ray.com/), is licensed under [Creative Commons Attribution 4.0 International License](https://creativecommons.org/licenses/by/4.0/).
+
+* Including all visible text and pictures on the website.
+* Including Project V logo.
+* Including all source code that is used for generating the website, i.e., [v2ray/manual](https://www.github.com/v2ray/manual).
+
+## Screenshot and other files {#screenshots}
+
+All third party files listed below belong to their creator. Whoever creates the file owns the file.
+
+* Including all screenshots of Project V.
+* Including all configuration files that are used to run Project V.
+* Including all logs generated by Project V during runtime.
+
+## Other content {#other}
+
+All content that are not mentioned above will be licensed case by case.
\ No newline at end of file
diff --git a/zh_cn/chapter_00/pgp.md b/fa/welcome/pgp.md
similarity index 82%
rename from zh_cn/chapter_00/pgp.md
rename to fa/welcome/pgp.md
index 0d2325b16..556727bb0 100644
--- a/zh_cn/chapter_00/pgp.md
+++ b/fa/welcome/pgp.md
@@ -1,19 +1,21 @@
-# 私下联系
+---
+refcn: chapter_00/pgp
+refen: welcome/pgp
+---
+# Private Communication
- [](https://www.v2ray.com/en/welcome/pgp.html)
-
-如果你想和 V2Ray 的开发人员私下讨论一些问题,可以通过下列的邮箱联系。
+Please send a message to one of the address below, if you'd like to talk to V2Ray team privately.
1. `love@v2ray.com`
-1. `v2ray@protonmail.com`
+2. `v2ray@protonmail.com`
-\#1 基于 Gmail,如果你对通讯安全有顾虑,可以使用下面的 PGP 公钥对通讯内容加密,以防被其他人窃取。
+\#1 is based on Gmail. If you concern the privacy of email content, please consider using the PGP public key below.
-\#2 所用的 ProtonMail 是端对端加密的,安全性足够好。
+\#2 is based on ProtonMail which employs end to end encryption already.
-由于工作繁忙,不能保证每封邮件都回复,请见谅。对于 V2Ray 的使用问题,可以发到[讨论组](help.md),以得到更快速的社区响应。
+Sadly due to high workload, it is not promised that every email gets replied. Sorry for the inconvenience. For questions regarding the usage of V2Ray, please [discuss it with our community](../get_started/issue.md) for quick response.
-```plain
+```text
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: GPGTools - https://gpgtools.org
@@ -66,4 +68,4 @@ X7R92mxQ+gCZgePwG4gOE/xAqHZh84VzdWZJ4cehPgHa/z/enqbQbiQAwTXld4Wt
PeRpd1GUXXeoGCw=
=To5T
-----END PGP PUBLIC KEY BLOCK-----
-```
+```
\ No newline at end of file
diff --git a/fa/welcome/start.md b/fa/welcome/start.md
new file mode 100644
index 000000000..df3d7336c
--- /dev/null
+++ b/fa/welcome/start.md
@@ -0,0 +1,78 @@
+---
+refcn: chapter_00/start
+refen: welcome/start
+---
+
+# شروع سریع
+
+شما باید V2Ray را پس از نصب آن پیکربندی کنید. در اینجا یک پیکربندی سریع برای اجرا نسخه ی نمایشی است. لطفا برای تنظیمات پیشرفته تر [پیکربندی](../configuration/overview.md) ببینید.
+
+## مشتری {#client}
+
+در کامپیوتر شما (یا موبایل)، V2Ray را با تنظیمات زیر اجرا کنید.
+
+```javascript
+{
+ "inbounds": [{
+ "port": 1080, // Port of socks5 proxy. مرورگر خود را برای استفاده از این پورت بنویسید
+ "listen": "127.0.0.1",
+ "protocol": "socks",
+ "settings": {
+ "udp": true
+ }
+ }],
+ "outbounds": [{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "server", // Address of your V2Ray server. ممکن است نشانی IP یا آدرس دامنه باشد.
+ "port": 10086, // Port of your V2Ray server.
+ "users": [{ "id": "b831381d-6324-4d53-ad4f-8cda48b30811" }]
+ }]
+ }
+ },{
+ "protocol": "freedom",
+ "tag": "direct",
+ "settings": {}
+ }],
+ "routing": {
+ "domainStrategy": "IPOnDemand",
+ "rules": [{
+ "type": "field",
+ "ip": ["geoip:private"],
+ "outboundTag": "direct"
+ }]
+ }
+}
+```
+
+لطفا آدرس آی پی سرور V2Ray خود را همانطور که در بالا ذکر شد تغییر دهید. پس از آن، فرآیند V2Ray در رایانه شما تمام ترافیک سرور V2Ray را به جز ترافیک داخل شبکه پروکسی می کند.
+
+## سرور {#server}
+
+شما برای اجرای V2Ray به عنوان یک سرور نیاز به یک رایانه دیگر دارید. معمولا این کامپیوتر در خارج از فایروال قرار دارد. در اینجا یک پیکربندی نمونه است.
+
+```javascript
+{
+ "inbounds": [{
+ "پورت": 10086، // پورت سرور. باید همانند بالا باشد.
+ "پروتکل": "vmess"،
+ "تنظیمات": {
+ "مشتری": [{"id": "b831381d-6324-4d53-ad4f-8cda48b30811"}]
+ }
+ }]،
+ خروجی: [ {
+ "پروتکل": "آزادی"،
+ "تنظیمات": {}
+ }]
+}
+```
+
+لطفا مطمئن شوید که فیلد `id` بین مشتری و سرور یکسان است.
+
+## در حال اجرا {#running}
+
+* در ویندوز و macOS، فایل پیکربندی در دایرکتوری مشابه VineRay باینری قرار دارد. شما ممکن است `v2ray` یا `v2ray.exe` بدون پارامترهای دیگر اجرا کنید.
+* در لینوکس، فایل پیکربندی معمولا در `/etc/v2ray/config.json`واقع شده است. اجرا `v2ray --config = / etc / v2ray / config.json` در پیش زمینه و یا از ابزارهای دیگر مانند systemd برای اجرای V2Ray به عنوان فرایند پس زمینه استفاده کنید.
+
+برای جزئیات بیشتر از پیکربندی، [بررسی](../configuration/overview.md) مشاهده کنید.
\ No newline at end of file
diff --git a/fa/welcome/tg.md b/fa/welcome/tg.md
new file mode 100644
index 000000000..dd33846f9
--- /dev/null
+++ b/fa/welcome/tg.md
@@ -0,0 +1,40 @@
+---
+refcn: chapter_00/tg
+refen: welcome/tg
+---
+# Telegram Group
+
+Project V provides the following groups for different type of discussions.
+
+1. [Usage](https://t.me/v2fly_chat): For Project V usages.
+2. [Others](https://t.me/joinchat/DNcazUIYaH80uVfeS716jg): Other topics.
+
+Please also follow [Project V Announcement](https://t.me/v2fly) for news.
+
+## Rules
+
+Allowed/banned topics are listed as below.
+
+| / | Usage | Other |
+| ---------------------:|:--------------------------------:|:--------------------------------:|
+| Project V development | ✔ | ✔ |
+| Algorithm | ✔ | ✔ |
+| Computer network | ✔ | ✔ |
+| Censorship avoidance | ✔ | ✔ |
+| V2Ray usage | ✔ | ✔ |
+| V2Ray deployment | ✔ | ✔ |
+| Related software | ✔ | ✔ |
+| Nonsense pictures | ✘✘ | ✔ |
+| Politics | ✘ | ✔ |
+| Chit-chat | ✘ | ✔ |
+| Advertisement | ✘✘ | ✘✘ |
+| 18+ | ✘✘✘ | ✘✘✘ |
+| Hate speech | ✘✘✘ | ✘✘✘ |
+| Identity theft | ✘✘✘✘ | ✘✘✘✘ |
+
+### Procedure for violations
+
+1. All ✘ content will be delete immediately after notice.
+2. Senders for all ✘✘ content will be banned for a week.
+3. Senders for all ✘✘✘ content will be banned for a month.
+4. Sender for all ✘✘✘✘ content will be banned for good.
\ No newline at end of file
diff --git a/fa/welcome/versions.md b/fa/welcome/versions.md
new file mode 100644
index 000000000..ba990caa6
--- /dev/null
+++ b/fa/welcome/versions.md
@@ -0,0 +1,487 @@
+---
+refcn: chapter_00/01_versions
+refen: welcome/versions
+---
+
+# تاریخچه نسخه
+
+This page lists regular releases with feature updates. If a Github release doesn't appear here, it usually only contains bug fixes.
+
+## 2019.03.01 v4.18
+
+* Port list in routing rules now supports mixed format.
+* Updated `geosite` information in routing, and description for static hosts in DNS.
+* Option to not use system root CAs for TLS handshake.
+* New routing rule for traffic attributes.
+
+## 2019.02.22 v4.17
+
+* New sub-command `tlsping` in V2Ctl.
+
+## 2019.02.15 v4.16
+
+For end users:
+
+* DNS outbound proxy now supports to modify DNS server info.
+
+For developers:
+
+* 'ext' repository is now deprecated. [#1541](https://github.com/v2ray/v2ray-core/issues/1541)
+
+## 2019.02.08 v4.15
+
+* DNS outbound proxy.
+
+## 2019.02.01 v4.14
+
+* Static DNS mapping now supports domain to domain mapping.
+
+## 2019.01.18 v4.13
+
+* Quic lib updated. It is not compatible with previous versions.
+* DNS now have `tag` settings.
+
+## 2019.01.11 v4.11
+
+For developers:
+
+* New method: [core.DialUDP](https://github.com/v2ray/v2ray-core/blob/b52725cf659e0f7a38fed2eb36a5a792843bd54f/functions.go#L65)
+* [internet.DialSystem](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/dialer.go#L66) now uses [internet.ListenSystemPacket](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/tcp_hub.go#L65) to establish UDP connections.
+
+## 2018.12.07 v4.8
+
+For end users:
+
+* Bug fixes
+
+For developers:
+
+* New [API doc](https://github.com/v2ray/v2ray-core/blob/master/annotations.go#L13)
+* New method: [internet.RegisterListenerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_listener.go#L63)
+* New method: [internet.RegisterDialerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_dialer.go#L105)
+
+## 2018.11.30 v4.7
+
+* Freedom now supports for dialing IPv4 or IPv6 address only.
+* New QUIC transport.
+
+## 2018.11.23 v4.6
+
+* Freedom now can automatically choose between IPv4 and IPv6 destination address, based on `SendThrough` settings.
+
+## 2018.11.16 v4.4
+
+* Load balancer rules in routing.
+* Memory usage gets optimized.
+
+## 2018.11.05 v4.1
+
+* JSON configuration format changes. Old format is still suported.
+* Performance on GeoIP matching is improved.
+
+## 2018.11.02 v4.0
+
+* Reverse proxy.
+* Release packages for ppc64 and ppc64le.
+
+## 2018.10.12 v3.47
+
+* Migrate to a new continuous delivery pipeline
+
+## 2018.09.28 v3.44
+
+* Dokodemo-door now supports TProxy in Linux.
+
+## 2018.09.21 v3.43
+
+* DNS now supports on-demand queries by domain.
+
+## 2018.09.14 v3.40
+
+* New socket options in transport configuration. It can be used to setup VPNs.
+* New TCP Fast Open option in transport configuration.
+
+## 2018.09.03 v3.38
+
+* mKCP has a new WireGuard header.
+* Fix softfloat binaries in mips/mips64.
+
+## 2018.08.31 v3.37
+
+* Performance of reading network connection in optilized. See [Environment Variables](../configuration/env.md)。
+* VMess uses AES-128-GCM by default on ARM64.
+* Built by Go 1.11.
+
+## 2018.08.24 v3.36
+
+* Great performance improvement on subdomain matching (`domain:`) in routing.
+* Full domain matching is now supported in routing.
+
+## 2018.08.07 v3.34
+
+* Better memory management on most devices.
+
+## 2018.07.27 v3.32
+
+* BitTorrent traffic can now be sniff'ed.
+* New `protocol` option in routing rules for protocol-based routing.
+* New `geosite:speedtest` option in routing rules to match all public servers of speedtest.net.
+
+## 2018.07.20 v3.31
+
+* New [Domain Socket transport](../configuration/transport/domainsocket.md) (Thanks to @xiaokangwang).
+
+## 2018.07.13 v3.30
+
+* Fix an issue that may cause broken connections in mKCP.
+* Thanks to [our friends](https://crowdin.com/project/v2ray) who speak Russian. Now our documents are in [Russian](https://www.v2ray.com/ru/).
+
+## 2018.07.06 v3.29
+
+* New inbound and outbound for MTProto proxy.
+
+## 2018.06.29 v3.27
+
+* DNS now supports EDNS client subnet.
+* DNS static host now supports sub-domain matching.
+
+## 2018.06.15 v3.26
+
+* Add Dragonfly BSD release.
+
+## 2018.06.01 v3.24
+
+* Internal buffer size (per connection) can now be configured in JSON configuration.
+* mKCP now supports DTLS 1.2 header.
+* TLS transport now only support cipher suites in TLS 1.3 spec.
+
+## 2018.05.25 v3.23
+
+* In JSON configuration, port can now be specified from env variables.
+* JSON config now supports to load domains and IPs from specified files.
+
+## 2018.04.20 v3.19
+
+* Traffic stats for inbound proxies.
+
+## 2018.04.13 v3.17
+
+* V2Ray can load config file from HTTP(s).
+* TLS in V2Ray can issue new certificates by provided CA certificates for domains in incoming requests.
+* [HTTP/2](../configuration/transport/h2.md) transport.
+
+## 2018.04.06 v3.16
+
+* [Statistics](../configuration/stats.md).
+* Shadowsocks inbound now can be configured to only listen on UDP. Strongly recommend to not listen on both TCP and UDP on the same port.
+
+## 2018.03.02 v3.11
+
+* A new settings is introduced in VMess inbound, to forbid client using insecure encryption methods.
+* Offers ARMv7 release.
+* Offers MIPS release that doesn't require FPU.
+
+## 2018.02.23 v3.10
+
+* Log entries now contain session ID to distinguish proxy sessions.
+* Bug fixes.
+
+## 2018.02.15 v3.9
+
+* Happy New Year!
+* Bug fixes.
+
+## 2018.02.09 v3.7
+
+* Developer preview: [Remote API](../configuration/api.md)。
+* Bug fixes.
+
+## 2017.12.29 v3.5
+
+* Geoip now supports private network address under name "private".
+
+## 2017.12.22 v3.4
+
+* Websocket nows uses value of X-Forwarded-For header as source address.
+* Support s390x CPU architecture.
+
+## 2017.12.08 v3.1
+
+* Support policy.
+* Config file location can be specified via environment variable.
+
+## 2017.12.01 v3.0
+
+* Support Shadowsocks AEAD
+
+## 2017.11.18 v2.50
+
+* `v2ray` now tried to use `v2ctl` for configuration parsing. Please make sure these 2 files are in the same directory.
+* New `IPOnDemand` strategy in routing.
+
+## 2017.11.10 v2.47
+
+* `geosite` data is now in `geosite.dat` file.
+* Bug fixes.
+
+## 2017.11.03 v2.46
+
+* Router now supports `geosite:cn`, equivalent to existing `chinasites`, but more flexible.
+* Router now supports `geoip`.
+ * File `geoip.dat` is added to release packages. This file contains all `geoip` information and has to stay in the same directory of `v2ray` program. Due to delayed update of installation script, you may have to copy the file manually.
+* Program `v2ctl` is added to release packages. You may run `v2ctl verify /path/to/v2ray` to verify the signature of `v2ray` program.
+
+## 2017.10.27 v2.44
+
+* HTTP now supports Basic Authentication.
+* Some bugs are fixed.
+
+## 2017.10.06 v2.40
+
+* Fix an issue that causes memory leak.
+
+## 2017.09.29 v2.39
+
+* Inbound proxies now close connections more quickly when remote server closes them.
+* Default connection timeout changes to 5 minutes.
+
+## 2017.05.12 v2.27
+
+* New domain mode in router.
+
+## 2017.05.05 v2.26
+
+* Stability fixes.
+
+## 2017.04.28 v2.25
+
+* Simple sniffing on HTTP and TLS traffic for the actual domain on request.
+
+## 2017.04.21 v2.24
+
+* Stabilize Mux.
+* Improves memory efficiency.
+
+## 2017.04.15 v2.23
+
+* Performance improvement in Mux.
+* Max number of connections can be configured in Mux now.
+* Performance improvement in HTTP inbound.
+* connectionReuse setting is removed in favor of Mux.
+
+## 2017.04.08 v2.22
+
+* Mux.Cool protocol.
+
+## 2017.02.25 v2.20
+
+* GPG signature is added to download package.
+* New binary wv2ray.exe is added to Windows package, which runs as a background application.
+
+## 2017.02.18 v2.19
+
+* A new mechanism for anti reply attack is now enforced on server side.
+ * No impact to existing clients.
+* Upgrade of VMess AES-128-GCM / Chacha20-Poly1305 / None encryption methods.
+ * Please upgrade client and server at once.
+ * AES-128-CFB is not affected.
+* Built with Golang 1.8. Add 32-bit MIPS support.
+
+## 2017.02.11 v2.18
+
+* Cleanup WebSocket code.
+* Remove allowPassive option. Now passive connections are always allowed.
+* Bug fixes
+
+## 2017.02.04 v2.17
+
+* Bug fixes.
+
+## 2017.01.28 v2.16
+
+* New 'redirect' option in freedom. It can be used to adapt tools like Shadowsocks Obfs.
+* Performance improvement in VMess non-encryption mode. Not compatible with previous versions.
+* Happy New Year!
+
+## 2017.01.16 v2.15
+
+* All proxies can use mKCP and WebSocket now.
+
+## 2017.01.09 v2.14
+
+* Socks 5 outbound.
+* Bug fixes.
+
+## 2017.01.02 v2.13
+
+* Bug fixes.
+
+## 2016.12.26 v2.12
+
+* Bug fixes.
+
+## 2016.12.19 v2.11
+
+* JSON config file now supports comment.
+
+## 2016.12.12 v2.10
+
+* VMess now supports AES-GCM and ChaCha20-Poly1305 encryption methods.
+
+## 2016.12.05 v2.9
+
+* Fix compatibility with Alpine Linux.
+
+## 2016.11.28 v2.8
+
+* Shadowsocks server now accepts OTA settings.
+* Bug fixes.
+
+## 2016.11.21 v2.7
+
+* Main inbound and outbound connection handler can be tagged now.
+* Bug fixes.
+
+## 2016.11.14 v2.6
+
+* Data sent by one outbound can be proxied to another outbound.
+* Routing can be based on inbound tag.
+
+## 2016.11.07 v2.5
+
+* New Shadowsocks outbound;
+* New TCP header: HTTP;
+
+## 2016.10.24 v2.4
+
+* TCP / mKCP / WebSocket can be configured per inbound / outbound;
+* Routing can be done on source IP;
+
+## 2016.10.17 v2.3
+
+* Introduce new Protobuf-based configuration;
+* OpenBSD binaries;
+* Small fixes;
+
+## 2016.09.19 v2.2
+
+* New transport: WebSocket (Thanks to [@xiaokangwang](https://github.com/xiaokangwang));
+
+## 2016.09.19 v2.1
+
+* mKCP performance improvement;
+
+## 2016.08.20 v2.0
+
+* One year;
+
+## 2016.08.15 v1.24
+
+* New mKCP header: utp;
+* New option in inbound connection config "allowPassive" to allow passive connection;
+
+## 2016.08.08 v1.23
+
+* Optimize mKCP packet format. This version of mKCP is NOT compatible with previous ones;
+* mKCP can now be configured to disguise as video data.
+
+## 2016.08.01 v1.22
+
+* Fix a memory leak in mKCP;
+* Add FreeBSD release;
+
+## 2016.07.25 v1.21
+
+* High performance Chacha20 (Thanks to aead@);
+* Bug fixes;
+
+## 2016.07.18 v1.20
+
+* New KCP options: readBufferSize and writeBufferSize;
+* Bug fixes;
+
+## 2016.07.11 v1.19
+
+* Enable TLS option for all proxies;
+* Fix a performance issue in KCP;
+* Fix an issue in KCP that could cause EOF response;
+
+## 2016.07.04 v1.18
+
+* Fix a "too many open files" issue in KCP;
+* KCP now uses fewer CPU;
+* Other bug fixes;
+
+## 2016.06.19 v1.17
+
+* KCP now is integrated into V2Ray. (Special thanks to [xiaokangwang](https://github.com/xiaokangwang), [xtaci](https://github.com/xtaci) and [skywind3000](https://github.com/skywind3000))
+* Minor bug fixes
+
+## 2016.06.12 v1.16
+
+* TCP connection reuse is now enabled by default;
+* Dokodemo-door is able to recognize TCP connection redirected by iptables;
+* Blackhole is able to send back HTTP forbidden data;
+
+## 2016.06.05 v1.15
+
+* Optionally reuse TCP connection for better performance;
+* Allow listening on a specific IP address;
+* Allow sending data through a specific IP address;
+* Fix an issue in HTTP proxy that may exhaust memory;
+
+## 2016.05.29 v1.14
+
+* Fix a panic issue in http proxy;
+* More functionalies in install script;
+* Static route in DNS;
+* Official server address change;
+
+## 2016.05.16 v1.13
+
+* Internal DNS server, to provide better routing results combined with chinasites and chinaip;
+* Fix an issue in UDP relay;
+
+## 2016.05.01 v1.12.1
+
+* Fix a bug in VMess.
+
+## 2016.05.01 v1.12
+
+* Second try to fix the memory usage issue;
+* Improve Shadowsocks performance;
+* New option "none" in loglevel;
+
+## 2016.04.18 v1.11
+
+* Try to fix the memory usage issue.
+
+## 2016.03.07 v1.10
+
+* Fix an performance issue when dynamic ports refreshes.
+
+## 2016.02.29 v1.9.1
+
+* Fix Shadowsocks one-time authentication (OTA) issue.
+
+## 2016.02.29 v1.9
+
+* Support for Shadowsocks ChaCha20 encryption;
+* Add more direct connection sites to the default configuration file;
+* Dynamic ports now automatically create an account.
+
+## 2016.02.22 v1.8
+
+* Update installation script install-release.sh (thanks, @netcookies):
+ * You can now automatically stop the V2Ray process and update automatically after the completion of V2Ray;
+ * The install-release.sh accepts the --proxy argument and V2Ray specified proxy download;
+* Use Go 1.6 compiler to improve the performance of AES encryption;
+* Minor fixes;
+* Update the official server IP (please re-download the installation package to get the latest configuration).
+
+## 2016.02.08 v1.7
+
+* UDP relay performance improved;
+* Shadowsocks security improved;
+* Minor fixes;
+* Happy new year!
\ No newline at end of file
diff --git a/fa/welcome/workflow.md b/fa/welcome/workflow.md
new file mode 100644
index 000000000..131a801f1
--- /dev/null
+++ b/fa/welcome/workflow.md
@@ -0,0 +1,60 @@
+---
+refcn: chapter_00/workflow
+refen: welcome/workflow
+---
+
+# گردش کار
+
+## تنها سرور
+
+همانند سایر پروکسی ها، شما نیاز به یک پروکسی سرور دارید که V2Ray را اجرا می کند. سپس شما می توانید از طریق آن سرور از طریق کامپیوتر، تلفن همراه یا سایر دستگاه های خود به اینترنت متصل شوید.
+
+```mermaid
+graph LR;
+A(PC) -.- B(Firewall);
+B -.-> C(Blocked Website);
+A --> D(V2Ray/VPS);
+D --> C;
+A --> E(Normal Website);
+```
+
+V2Ray supports connections from multiple devices at the same time, with optionally different protocols. In the mean time, the local routing mechanism can smartly proxy necessary connections only.
+
+## پل سرور
+
+In the case you don't want configuration V2Ray on each of your devices, you may setup a server within the firewall, and then all traffic go through that server. The server does routing itself.
+
+```mermaid
+graph LR;
+A(PC) -.-> B(Firewall);
+B -.-> C(Blocked Website);
+A --> D(VPS 1);
+D --> E(VPS 2);
+E --> C;
+D --> F(Normal Website);
+```
+
+## داخلی
+
+The internal of V2Ray looks like below. It supports multiple inbound proxies, and multiple outbounds. Each of them are independent from others.
+
+```mermaid
+graph LR;
+A1(inbound) --> D(Dispatcher / Router / DNS);
+A2(inbound) --> D;
+A3(inbound) --> D;
+A4(inbound) --> D;
+D --> B1(outbound);
+D --> B2(outbound);
+D --> B3(outbound);
+D --> B4(outbound);
+```
+
+Notes:
+
+* شما باید حداقل یک ورودی و یک خروجی را پیکربندی کنید تا V2Ray به درستی کار کند.
+* پروکسی ورودی با نرم افزار کلاینت مانند مرورگر ارتباط برقرار می کند.
+* پروکسی خروجی ارتباط با سرور از راه دور، مانند آپاچی برای وب سایت.
+* توزیع کننده مسئول انتخاب یک خروجی برای یک اتصال داده شده بر اساس قوانین قابل تنظیم است.
+
+Detailed configuration can be found [here](../configuration/overview.md).
\ No newline at end of file
diff --git a/ko/README.md b/ko/README.md
new file mode 100644
index 000000000..f04b84c00
--- /dev/null
+++ b/ko/README.md
@@ -0,0 +1,25 @@
+---
+refcn: index
+refen: index
+---
+
+# Project V
+
+Project V는 인터넷을 통해 자신 만의 개인 정보 네트워크를 구축 할 수 있도록 도와주는 일련의 도구입니다. `V2Ray`이라는 Project V의 핵심은 네트워크 프로토콜과 통신을 담당합니다. 혼자서 작업 할 수있을뿐만 아니라 다른 도구와 결합 할 수도 있습니다.
+
+이 웹 사이트는 주로 전체 프로젝트와 관련된 몇 가지 추가 정보와 함께 V2Ray의 설명서입니다.
+
+## 풍모
+
+* 다중 인바운드 / 아웃 바운드 프록시 : 하나의 V2Ray 인스턴스는 여러 개의 인바운드 및 아웃 바운드 프로토콜을 병렬로 지원합니다. 각 프로토콜은 독립적으로 작동합니다.
+* 맞춤형 라우팅 : 라우팅 구성에 따라 수신 트래픽을 여러 아웃 바운드로 보낼 수 있습니다. 대상 지역 또는 도메인별로 트래픽을 라우팅하기 쉽습니다.
+* 다중 프로토콜 : V2Ray는 Socks, HTTP, Shadowsock, VMess 등 여러 프로토콜을 지원합니다. 각 프로토콜에는 TCP, mKCP, WebSocket 등과 같은 자체 전송이있을 수 있습니다.
+* 난독 화 : V2Ray는 TLS에서 트래픽을 숨기기 위해 난독 화 기능을 내장하고 있으며 웹 서버와 병렬로 실행할 수 있습니다.
+* 역방향 프록시 : 역방향 프록시의 일반적인 지원. localhost에 터널을 빌드하는 데 사용할 수 있습니다.
+* 여러 플랫폼 : Windows, Mac OS, Linux 등에서 V2Ray가 기본적으로 실행됩니다. 또한 모바일에서 타사 지원도 있습니다.
+
+{% hint style='info' %}
+
+This site is generated by GitBook, and host on GitHub. If you'd like to modify its content, please send pull request to [this repo](https://github.com/v2ray/manual).
+
+{% endhint %}
\ No newline at end of file
diff --git a/ko/SUMMARY.md b/ko/SUMMARY.md
new file mode 100644
index 000000000..b1ed4c1e8
--- /dev/null
+++ b/ko/SUMMARY.md
@@ -0,0 +1,51 @@
+# Summary
+
+* [Project V](README.md)
+ * [버전 기록](welcome/versions.md)
+ * [워크 플로](welcome/workflow.md)
+ * [설치](welcome/install.md)
+ * [빠른 시작](welcome/start.md)
+ * [명령 행](welcome/command.md)
+ * [기부](welcome/donate.md)
+ * [지원하다](welcome/help.md)
+ * [자주하는 질문](welcome/faq.md)
+ * [블로그↪](https://steemit.com/@v2ray)
+* [구성](configuration/README.md)
+ * [개요](configuration/overview.md)
+ * [프로토콜](configuration/protocols.md)
+ * [블랙홀](configuration/protocols/blackhole.md)
+ * [DNS](configuration/protocols/dns.md)
+ * [Dokodemo](configuration/protocols/dokodemo.md)
+ * [Freedom](configuration/protocols/freedom.md)
+ * [MTProto](configuration/protocols/mtproto.md)
+ * [HTTP](configuration/protocols/http.md)
+ * [Shadowsocks](configuration/protocols/shadowsocks.md)
+ * [SOCKS](configuration/protocols/socks.md)
+ * [VMess](configuration/protocols/vmess.md)
+ * [정책](configuration/policy.md)
+ * [라우팅](configuration/routing.md)
+ * [DNS](configuration/dns.md)
+ * [다중 화기](configuration/mux.md)
+ * [API](configuration/api.md)
+ * [통계](configuration/stats.md)
+ * [역](configuration/reverse.md)
+ * [수송](configuration/transport.md)
+ * [TCP](configuration/transport/tcp.md)
+ * [mKCP](configuration/transport/mkcp.md)
+ * [웹 소켓](configuration/transport/websocket.md)
+ * [HTTP / 2](configuration/transport/h2.md)
+ * [DomainSocket](configuration/transport/domainsocket.md)
+ * [QUIC](configuration/transport/quic.md)
+ * [Env 변수](configuration/env.md)
+* [Awesome V](awesome/tools.md)
+ * [With Ads](awesome/ads.md)
+* Development
+ * Milestone
+ * Guide
+ * Design
+ * Build
+ * [Tools](developer/tools.md)
+ * Protocols
+ * VMess
+ * mKCP
+ * Mux.Cool
\ No newline at end of file
diff --git a/ko/awesome/ads.md b/ko/awesome/ads.md
new file mode 100644
index 000000000..e7e0ac523
--- /dev/null
+++ b/ko/awesome/ads.md
@@ -0,0 +1,72 @@
+---
+refcn: awesome/ads
+refen: awesome/ads
+---
+
+# Some Advertisement
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## Self Hosting
+
+> [Let's Encrypt](https://letsencrypt.org/)
+
+Free TLS certificates
+
+> [Vultr](https://www.vultr.com/?ref=7269307)
+
+VPS
+
+[2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+
+> [BlueHost](https://www.bluehost.com/track/v2ray/)
+
+VPS, web hosting
+
+> [ClouDNS](https://www.cloudns.net/aff/id/244749/)
+
+Domain registration, DNS, SSL certificate
+
+> [Bandwagon](https://bandwagonhost.com/aff.php?aff=44317)
+
+Well-known VPS provider. Low price for good product.
+
+## VPN
+
+> [BabyDriver](http://babydriver.me/)
+
+Supports V2Ray. Coupon code: bcb518
+
+> [喵帕斯](https://xn--i2ru8q2qg.com/)
+
+V2Ray support (beta)
+
+> [Lanan](https://xn--sjt174g.com/)
+
+V2Ray based VPN service. Coupon code: v2ray
+
+> [V2Net](http://v2net.org/)
+
+Customized V2Ray service. Promo code: v2ray.com
+
+## Cryptocurrency
+
+> [LocalBitcoins](https://localbitcoins.com/?ch=khtm)
+
+Trade Bitcoins offline
+
+> [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g)
+
+OTC market to trade BTC, ETH, BCH, USDT.
+
+> [Binance](https://www.binance.com/?ref=35382451)
+
+Trading market for crypto currencies.
+
+> [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp)
+
+Trading market for crypto currencies.
+
+> [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18)
+
+Online crypto currency wallet
\ No newline at end of file
diff --git a/ko/awesome/tools.md b/ko/awesome/tools.md
new file mode 100644
index 000000000..d9216b892
--- /dev/null
+++ b/ko/awesome/tools.md
@@ -0,0 +1,96 @@
+---
+refcn: awesome/tools
+refen: awesome/tools
+---
+
+# Awesome V
+
+# Graphic Client
+
+> V2RayW
+
+Download: [Github](https://github.com/Cenmrev/V2RayW)
+
+> V2RayN
+
+Download: [Github](https://github.com/2dust/v2rayN)
+
+> Clash for Windows
+
+Download: [Github](https://github.com/Fndroid/clash_for_windows_pkg)
+
+> V2RayX
+
+Download: [Github](https://github.com/Cenmrev/V2RayX)
+
+> V2RayU
+
+Download: [Github](https://github.com/yanue/V2rayU)
+
+> ClashX
+
+Download: [Github](https://github.com/yichengchen/clashX)
+
+> Qv2ray
+
+Qv2ray: v2ray Cross-Platform GUI written in Qt, supports multi-language, connection edit and auto-check updates
+
+Download: [GitHub](https://github.com/qv2ray/Qv2ray)
+
+Website:
+
+> Mellow
+
+Mellow is a rule-based global transparent proxy client for Windows, macOS and Linux.
+
+Download: [Github](https://github.com/mellow-io/mellow)
+
+> Kitsunebi
+
+Kitsunebi is an iOS app based on V2Ray. It provides full functionality as V2Ray. It also supports importing and exporting V2Ray compatible JSON configuration.
+
+Download: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+> i2Ray
+
+i2Ray is another iOS app based on V2Ray with easy-to-use UI design.
+
+Download: [iTunes](https://itunes.apple.com/us/app/i2ray/id1445270056?mt=8)
+
+> Shadowrocket
+
+Shadowrocket is a generic VPN app. Is supports multiple protocols such as Shadowsocks, VMess, SSR etc.
+
+Download: [iTunes](https://itunes.apple.com/us/app/shadowrocket/id932747118?mt=8)
+
+> Pepi (was ShadowRay)
+
+Pepi is V2Ray compatible app. Is is able create VPN connections based on VMess protocol, and communicate with any V2Ray servers.
+
+Download: [iTunes](https://itunes.apple.com/us/app/pepi/id1283082051?mt=8)
+
+> Quantumult
+
+Download: [iTunes](https://itunes.apple.com/us/app/quantumult/id1252015438?mt=8)
+
+> BifrostV
+
+BifrostV is an Android app based on V2Ray core. It supports VMess, Shadowsocks, socks protocols.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv) | [APK Pure](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+> V2RayNG
+
+V2RayNG is an Android app based on V2Ray. It provides same feature set as V2Ray core.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.v2ray.ang) | [GitHub](https://github.com/2dust/v2rayNG)
+
+## Online services
+
+> [Configuration generator](https://htfy96.github.io/v2ray-config-gen/)
+
+Online configuration generator.
+
+> [UUID Generator](https://www.uuidgenerator.net/)
+
+UUID generator for VMess users.
diff --git a/ko/book.json b/ko/book.json
new file mode 100644
index 000000000..ecc30459e
--- /dev/null
+++ b/ko/book.json
@@ -0,0 +1,34 @@
+{
+ "language": "ko",
+ "title": "Project V",
+ "plugins" : [
+ "-fontsettings",
+ "-search",
+ "-lunr",
+ "-highlight",
+ "-sharing",
+
+ "mermaid-gb3",
+ "anchors",
+ "ga",
+ "prism",
+ "prism-themes",
+ "hints"
+ ],
+ "pluginsConfig": {
+ "ga": {
+ "token": "UA-73620536-1"
+ },
+ "prism": {
+ "css": [
+ "prism-themes/themes/prism-base16-ateliersulphurpool.light.css"
+ ],
+ "lang": {
+ "objc": "objectivec",
+ "shell": "bash",
+ "text": "textile",
+ "plain": "textile"
+ }
+ }
+ }
+}
diff --git a/ko/configuration/README.md b/ko/configuration/README.md
new file mode 100644
index 000000000..f0354d765
--- /dev/null
+++ b/ko/configuration/README.md
@@ -0,0 +1,76 @@
+---
+refcn: chapter_02/index
+refen: configuration/index
+---
+
+# 구성
+
+V2Ray는 [protobuf](https://developers.google.com/protocol-buffers/)기반 구성을 사용합니다. protobuf 형식은 읽기 쉽지 않기 때문에 V2Ray는 JSON에서 구성을 지원합니다. V2Ray가 실행되기 전에 JSON 구성이 자동으로 protobuf로 변환됩니다. 즉, 다른 구성 형식이 도입 될 수 있습니다.
+
+여기에서는 JSON 기반 구성을 소개합니다.
+
+JSON 또는 [자바 스크립트 객체 표기법](https://en.wikipedia.org/wiki/JSON)은 자바 스크립트의 객체입니다. 하나의 JSON 파일에는 "{"로 시작하고 "}"로 끝나는 단 하나의 JSON 객체 만 들어 있습니다.
+
+JSON 객체는 키 값 쌍의 목록을 포함합니다. 키는 문자열이며 값은 문자열, 숫자, 부울, 배열 또는 다른 객체와 같은 다양한 유형이 될 수 있습니다. 일반적인 객체는 아래와 같습니다.
+
+```javascript
+{
+ "stringValue": "This is a string.",
+ "numberValue": 42,
+ "boolValue": true,
+ "arrayValue": ["this", "is", "a", "string", "array"],
+ "objectValue": {
+ "another": "object"
+ }
+}
+```
+
+{% hint style='info' %}
+
+V2Ray supports comments in JSON,annotated by "//" or "/\* \*/". In an editor that doesn't support comments, they may get displayed as errors, but comments actually work fine in V2Ray.
+
+{% endhint %}
+
+## JSON 데이터 유형
+
+Here is a brief introduction of JSON data types. They will be referenced in the rest of docs.
+
+> `부울`: true | 그릇된
+
+Boolean value, has to be either `true` or `false`, without quotation mark.
+
+> `번호`
+
+Usually non-negative integers, without quotation mark.
+
+> `끈`
+
+Sequence of characters, surrounded by quotation mark.
+
+> `배열`: []
+
+Array of elements. The type of its elements is usually the same, e.g., `[string]` is an array of `string`s.
+
+> `object`: {}
+
+Object. It comes with a list of key value pairs.
+
+{% hint style='tip' %}
+
+A key value pair usually ends with a comma ",", but must not ends with a comma if it is the last element of the object.
+
+{% endhint %}
+
+## V2Ray 일반 데이터 형식
+
+> `map`: object \{string, string\}
+
+An object whose keys and values have fixed types.
+
+> `주소`: 문자열
+
+An IP or domain address in string form, such as `"8.8.8.8"` or `"www.v2ray.com"`
+
+> `_ 포트`: 문자열
+
+An `address` with port, such as `"8.8.8.8:53"` or `"www.v2ray.com:80"`. In some usages, the address part can be omitted, like `":443"`.
\ No newline at end of file
diff --git a/ko/configuration/api.md b/ko/configuration/api.md
new file mode 100644
index 000000000..84c880d7a
--- /dev/null
+++ b/ko/configuration/api.md
@@ -0,0 +1,52 @@
+---
+refcn: chapter_02/api
+refen: configuration/api
+---
+
+# API
+
+V2Ray는 원격 액세스를위한 몇 가지 API를 제공합니다. 이 API는 [gRPC](https://grpc.io/)기반으로합니다.
+
+API가 활성화되면 V2Ray는 아웃 바운드 프록시를 자동으로 생성하고 `태그`로 태그를 지정합니다. 사용자는 [](routing.md) 모든 gRPC 연결을이 아웃 바운드로 라우트해야합니다.
+
+## ApiObject
+
+`ApiObject` 은 최상위 레벨 구성에서 `api` 필드로 사용됩니다.
+
+```javascript
+{
+ "tag": "api",
+ "services": [
+ "HandlerService",
+ "LoggerService",
+ "StatsService"
+ ]
+}
+```
+
+> `태그`: 문자열
+
+아웃 바운드 프록시의 태그입니다.
+
+> `서비스`: \ [string \]
+
+사용 가능한 API 목록입니다.
+
+## 지원되는 API 목록
+
+### HandlerService
+
+인바운드 및 아웃 바운드 프록시를 조작하기위한 API 다음과 같은 기능이 제공됩니다.
+
+* 새로운 인바운드 / 아웃 바운드 프록시를 추가하십시오.
+* 기존의 인바운드 / 아웃 바운드 프록시를 제거합니다.
+* 인바운드 프록시에 새 사용자를 추가합니다 (VMess 전용).
+* 인바운드 프록시에서 기존 사용자를 제거합니다 (VMess 전용).
+
+### LoggerService
+
+내부 로거를 다시 시작합니다. 로그 파일을 작동하기위한 logrotate로 작업 할 수 있습니다.
+
+### StatsService
+
+내부 [통계 지원](stats.md).
\ No newline at end of file
diff --git a/ko/configuration/dns.md b/ko/configuration/dns.md
new file mode 100644
index 000000000..65afe4911
--- /dev/null
+++ b/ko/configuration/dns.md
@@ -0,0 +1,104 @@
+---
+refcn: chapter_02/04_dns
+refen: configuration/dns
+---
+
+# DNS
+
+V2Ray에는 다른 구성 요소에 대한 DNS 릴레이를 제공하는 내부 DNS 서버가 있습니다.
+
+{% hint style='info' %}
+
+Due to the complexity of DNS protocol, V2Ray for now only supports basic IP queries (A and AAAA). We recommend to use a professional DNS rely (such as [CoreDNS](https://coredns.io/)) for V2Ray.
+
+{% endhint %}
+
+The DNS queries relayed by this DNS service will also be dispatched based on routing settings. No extra configuration is required.
+
+## DnsObject
+
+`DnsObject` is used as `dns` field in top level configuration.
+
+```javascript
+{
+ "hosts": {
+ "baidu.com": "127.0.0.1"
+ },
+ "servers": [
+ {
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ]
+ },
+ "8.8.8.8",
+ "8.8.4.4",
+ "localhost"
+ ],
+ "clientIp": "1.2.3.4",
+ "tag": "dns_inbound"
+}
+```
+
+> `hosts`: map{string: address}
+
+A list of static addresses, in the form of `domain:address`. Each entry has a domain name as key and IP or domain address as value. If a DNS query targets one of the domains in this list, the corresponding IP will be returned immediately and DNS query will not be relayed, or the corresponding domain address will be used for further DNS queries, instead of the previous one.
+
+The format of domains is:
+
+* Plaintext: When the targeting domain is exactly the value, the rule takes effect. Example: rule `"v2ray.com"` matches `"v2ray.com"`, but not `"www.v2ray.com"`.
+* Regular expression: Begining with `"regexp:"`, the rest is a regular expression. When the regexp matches targeting domain, this rule takes effect. Example: rule `"regexp:\\.goo.*\\.com$"` matches `"www.google.com"` and `"fonts.googleapis.com"`, but not `"google.com"`.
+* Subdomain (recommended): Begining with `"domain:"` and the rest is a domain. When the targeting domain is exactly the value, or is a subdomain of the value, this rule takes effect. Example: rule `"domain:v2ray.com"` matches `"www.v2ray.com"`, `"v2ray.com"`, but not `"xv2ray.com"`.
+* Keyword: Begining with `"keyword:"` and the rest is a pattern. If this string matches any part of the targeting domain, this rule takes effet. Example: rule `"keyword:sina.com"` matches targeting domain `"sina.com"`, `"sina.com.cn"` and `"www.sina.com"`, but not `"sina.cn"`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](routing.md#pre-defined-domain-lists) for more detail.
+
+> `서버`: \ [string | [ServerObject](#serverobject) | "localhost"\]
+
+List of DNS servers. Each server may be specified in three formats: IP address, [ServerObject](#serverobject), or `"localhost"`.
+
+When a server is an IP address, such as `"8.8.8.8"`, V2Ray queries DNS on UDP port 53 on this address.
+
+When a server is `"localhost"`, V2Ray queries local host for DNS.
+
+{% hint style='info' %}
+
+When `"localhost"` is used, out-going DNS traffic is not controlled by V2Ray. However, you may redirect DNS queries back to V2Ray with additional configuration.
+
+{% endhint %}
+
+> `clientIp`: string
+
+IP address of current machine. If specified, V2Ray uses this IP as EDNS-Client-Subnet. This IP can't be a private address.
+
+> `tag`: string
+
+(V2Ray 4.13+) All traffic initiated from this DNS, except to localhost, will have this tag as inbound. It can be used for routing.
+
+### ServerObject
+
+```javascript
+{
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ],
+}
+```
+
+> `address`: address
+
+Address of the DNS server. For now only UDP servers are supported.
+
+> `port`: number
+
+Port of the DNS server. Usually it is `53` or `5353`.
+
+> `domains`: \[string\]
+
+A list of domains. If the domain of enquire matches one of the list, this DNS server will be prioritized for DNS query for this domain.
+
+Domain name format is the same as in [routing](routing.md).
+
+When a DNS server has the domain in its domain list, the domain will be queried in this server first, and then other servers. Otherwise DNS queries are sent to DNS servers in the order they appear in the config file.
\ No newline at end of file
diff --git a/ko/configuration/env.md b/ko/configuration/env.md
new file mode 100644
index 000000000..f2a928992
--- /dev/null
+++ b/ko/configuration/env.md
@@ -0,0 +1,46 @@
+---
+refcn: chapter_02/env
+refen: configuration/env
+---
+
+# 환경 변수
+
+V2Ray는 다음 환경 변수를 읽습니다.
+
+## 연결 당 캐시 크기 {#buffer-size}
+
+* 이름 : `v2ray.ray.buffer.size` 또는 `V2RAY_RAY_BUFFER_SIZE`
+* 단위 : MB
+* 기본값 : x86, amd64, arm64 및 s390x에서는 2입니다. 다른 플랫폼에서는이 캐시를 사용할 수 없습니다.
+* 특별 값 : 무제한 캐시 크기의 경우 0
+
+**Deprecated. Use bufferSize in Policy.**
+
+For each connection, when there is a difference in speed between inbound and outbound traffic, V2Ray will cache some data for larger throughput. This setting controls the size of the cache. The larger the cache, the better the performance.
+
+## V2Ray 자산의 위치 {#asset}
+
+* 이름 : `v2ray.location.asset` 또는 `V2RAY_LOCATION_ASSET`
+* 기본값 : v2ray가있는 디렉토리와 동일합니다.
+
+This variable specifies a directory where geoip.dat and geosite.dat files are.
+
+## V2Ray 구성의 위치 {#config}
+
+* 이름 : `v2ray.location.config` 또는 `V2RAY_LOCATION_CONFIG`
+* 기본값 : v2ray가있는 디렉토리와 동일합니다.
+
+This variable specifies a directory where config.json is.
+
+## 분산 형 읽기 {#scatter-io}
+
+* 이름 : `v2ray.buf.readv` 또는 `V2RAY_BUF_READV`
+* 기본값 : `자동`
+
+V2Ray 3.37 uses Scatter/Gather IO. This feature will use less memory when connection speed is over 100 MByte/s. Possible values are: `auto`, `enable` and `disable`.
+
+* `활성화`: 분산 읽기 활성화.
+* `해제`: 분산 읽기를 비활성화합니다.
+* `자동`: CPU가 x86, AMD64 또는 s390x 일 때 Windows, MacOS, Linux에서만 활성화됩니다.
+
+When connection speed is less than 100 MByte/s, no matter whether this is enabled or not, there is no obvious difference in terms of memory usage.
\ No newline at end of file
diff --git a/ko/configuration/mux.md b/ko/configuration/mux.md
new file mode 100644
index 000000000..6b639e1cc
--- /dev/null
+++ b/ko/configuration/mux.md
@@ -0,0 +1,27 @@
+---
+refcn: chapter_02/mux
+refen: configuration/mux
+---
+
+# 멀티플렉싱
+
+멀티플렉싱 또는 멀티플렉싱은 다중 가상 TCP 연결에 하나의 물리적 TCP 연결을 사용하는 것입니다.
+
+Mux는 TCP 핸드 셰이크 대기 시간을 줄 이도록 설계되었습니다. 그것은 높은 처리량을위한 것이 아닙니다. 대용량 파일을 다운로드하거나 속도 측정에 사용할 때 Mux는 일반적으로 일반 TCP 연결보다 느립니다.
+
+## MuxObject
+
+```javascript
+{
+ "enabled": false,
+ "concurrency": 8
+}
+```
+
+> `활성화 됨`: true | 그릇된
+
+아웃 바운드에서 Mux를 사용할지 여부.
+
+> `동시성`: 숫자
+
+한 번에 하나의 물리적 연결이 처리 할 수있는 다중화 된 연결의 최대 수입니다. 최대 값 `1024`, 최소값 `1`, 기본값 `8`.
\ No newline at end of file
diff --git a/ko/configuration/overview.md b/ko/configuration/overview.md
new file mode 100644
index 000000000..4d0afd58c
--- /dev/null
+++ b/ko/configuration/overview.md
@@ -0,0 +1,249 @@
+---
+refcn: chapter_02/01_overview
+refen: configuration/overview
+---
+
+# 구성 개요
+
+V2Ray는 아래와 같이 서버 측과 클라이언트 측의 구성이 동일합니다. 서버 및 클라이언트 구성은 특정 섹션에서 다릅니다.
+
+아래는 구성의 최상위 레벨 구조입니다. 각 섹션에는 자체 형식이 있습니다.
+
+```javascript
+{
+ "log": {},
+ "api": {},
+ "dns": {},
+ "stats": {},
+ "routing": {},
+ "policy": {},
+ "inbounds": [],
+ "outbounds": [],
+ "transport": {}
+}
+```
+
+> `로그`: [LogObject](#logobject)
+
+로그 출력을 제어하기위한 로그 구성.
+
+> `api`: [ApiObject](api.md)
+
+V2Ray 인스턴스를 제어하는 RPC API 자세한 내용은 [API 구성](api.md) 을 참조하십시오.
+
+> `dns`: [DnsObject](dns.md)
+
+내부 DNS 서버 구성을위한 구성. 이 섹션을 생략하면 V2Ray는 시스템 전체의 DNS 구성을 사용합니다. 자세한 내용은 [DNS 구성을 참조하십시오.](dns.md).
+
+> `stats`: [StatsObject](stats.md)
+
+지정되면 내부 [통계](stats.md) 이 사용됩니다.
+
+> `정책`: [PolicyObject](policy.md)
+
+사용 권한 및 기타 보안 전략을위한 구성. 자세한 내용은 [로컬 정책](policy.md)참조하십시오.
+
+> `라우팅`: [RoutingObject](routing.md)
+
+내부 [라우팅](routing.md) 전략을위한 구성.
+
+> `인바운드`: \ [ [인바운드 개체](#inboundobject)\]
+
+인바운드 프록시의 구성으로 [InboundObject](#inboundobject) 배열입니다.
+
+> `아웃 바운드`: \ [ [아웃 바운드 개체](#outboundobject)\]
+
+아웃 바운드 프록시의 구성으로서 [OutboundObject](#outboundobject) 배열입니다. 배열의 첫 번째 아웃 바운드가 주요 아웃 바운드입니다. 라우팅 결정시 기본 아웃 바운드입니다.
+
+> `전송`: [전송 객체](transport.md)
+
+낮은 수준의 전송 프로토콜 구성 자세한 내용은 [프로토콜 전송 옵션](transport.md)참조하십시오.
+
+## LogObject
+
+```javascript
+{
+ "access": "/path/to/file",
+ "error": "/path/to/file",
+ "loglevel": "warning"
+}
+```
+
+> `액세스`: 문자열
+
+로그에 액세스하는 경로입니다. 비어 있지 않은 경우, 법적 파일 경로 여야합니다 같은 `"/tmp/v2ray/_access.log"`(리눅스), 또는 `개의 "C : \\ 온도 \\ v2ray \\ _ access.log의"`(윈도우 ). 비어있는 경우 V2Ray는 액세스 로그를 `표준 출력`씁니다.
+
+> `오류`: 문자열
+
+오류 로그의 경로. 비어 있지 않은 경우 합법적 인 파일 경로 여야합니다. 비어있는 경우 V2Ray는 오류 로그를 `표준 출력`씁니다.
+
+> `loglevel`: "디버그"| "정보"| "경고"| "오류"| "없음"
+
+기록 할 로그의 레벨. 다른 로그 레벨은 로그의 다른 내용을 나타냅니다. 기본값은 `"경고"`.
+
+로그 수준 :
+
+* `"debug"`: 개발자 전용 정보. 또한 `"info"` 로그를 모두 포함합니다.
+* `"정보"`: V2Ray의 현재 상태에 대한 정보. 사용자는 이러한 문제를 처리 할 필요가 없습니다. 또한 `"경고"` 로그를 모두 포함합니다.
+* `"경고"`: 환경에 문제가 있습니다. 일반적으로 V2Ray 외부에 있습니다 (예 : 네트워크 손상). V2Ray는 계속 실행되지만 사용자가 일부 손상을 입을 수 있습니다. 또한 모든 포함 `"오류"` 로그.
+* `"오류"`: 뭔가 잘못되었습니다. V2Ray가 전혀 실행되지 않습니다.
+* `"none"`: 모든 로깅을 사용할 수 없습니다.
+
+## 인바운드 객체
+
+InboundObject는 인바운드 프록시를 정의합니다. V2Ray 로의 수신 연결을 처리합니다. 사용 가능한 프록시는 여기에 나열된 [입니다.](protocols.md).
+
+```javascript
+{
+ "port": 1080,
+ "listen": "127.0.0.1",
+ "protocol": "protocol_name",
+ "settings": {},
+ "streamSettings": {},
+ "tag": "inbound_tag_name",
+ "sniffing": {
+ "enabled": false,
+ "destOverride": ["http", "tls"]
+ },
+ "allocate": {
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+ },
+}
+```
+
+> `포트`: 번호 | "env : 변수"| 끈
+
+프록시가 수신 대기하는 포트입니다. 사용할 수있는 형식은 다음과 같습니다.
+
+* 정수 : 실제 포트 번호.
+* 환경 변수를 시작으로 `"ENV는"`, ENV 변수는 문자열 형식의 포트와 같은 지정 `: "PORT ENV를"`. V2Ray는 변수를 문자열로 디코딩합니다.
+* 문자열 : `"1234"`과 같은 숫자 문자열 값 또는 총 6 개의 포트에 대해 `"5-10"` 과 같은 포트 범위.
+
+열려는 실제 포트도 `할당` 설정에 따라 다릅니다. 아래를 참조하십시오.
+
+> `듣기`: 주소
+
+들릴 주소. 기본값은 `"0.0.0.0"` 모든 네트워크 인터페이스에서 들어오는 연결합니다. 그렇지 않으면 값은 기존 네트워크 인터페이스의 주소 여야합니다.
+
+> `프로토콜`: 문자열
+
+인바운드 프로토콜의 이름. 사용 가능한 값은 각 개인을 참조하십시오.
+
+> `설정`: InboundConfigurationObject
+
+프로토콜 별 설정. 각 프로토콜에 정의 된 `InboundConfigurationObject` 참조하십시오.
+
+> `streamSettings`: [StreamSettingsObject]
+
+세부 사항은 [프로토콜 전송 옵션](transport.md) 을 참조하십시오.
+
+> `태그`: 문자열
+
+인바운드 프록시의 태그. 라우팅 결정에 사용될 수 있습니다. 비어 있지 않으면 모든 인바운드 프록시 중에서 고유해야합니다.
+
+> `스니핑`: [스니핑 객체](#sniffingobject)
+
+콘텐츠 스니핑을위한 구성.
+
+> `할당`: [AllocateObject](#allocateobject)
+
+포트 할당을위한 구성.
+
+### SniffingObject
+
+```javascript
+{
+ "enabled": false,
+ "destOverride": ["http", "tls"]
+}
+```
+
+> `활성화 됨`: true | 그릇된
+
+콘텐츠 스니핑을 사용할지 여부.
+
+> `destOverride`: \ [ "http"| "tls"\]
+
+내용 유형의 배열입니다. 들어오는 트래픽의 컨텐트 유형이 목록에 지정되어 있으면 연결 대상이 스니핑 된 값으로 덮어 쓰여집니다.
+
+### AllocateObject
+
+```javascript
+{
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+}
+```
+
+> `전략`: "항상"| "무작위"
+
+포트 할당 전략. `"항상"`로 설정되면 `포트` 필드의 모든 포트가 청취에 할당됩니다. `"임의"` 이 설정된 경우 V2Ray는 `동시성` 포트를 수신하고 `새로 고침` 분마다 포트 목록이 다시 채워집니다.
+
+> `새로 고침`: 번호
+
+청취 포트를 새로 고치는 시간 (분)입니다. 최소값은 `2`입니다. 이 설정은 `전략` 이 `"임의"`설정된 경우에만 유효합니다.
+
+> `동시성`: 숫자
+
+수신 대기 포트 수입니다. 최소값은 `1`입니다. 최대 값은 전체 포트 범위의 1/3입니다.
+
+## 아웃 바운드 개체
+
+OutboundObject는 나가는 연결을 처리하기위한 아웃 바운드 프록시를 정의합니다. 사용 가능한 프로토콜이 나열됩니다 [여기](protocols.md).
+
+```javascript
+{
+ "sendThrough": "0.0.0.0",
+ "protocol": "protocol_name",
+ "settings": {},
+ "tag": "this_outbound_tag_name",
+ "streamSettings": {},
+ "proxySettings": {
+ "tag": "another_outbound_tag_name"
+ },
+ "mux": {}
+}
+```
+
+> `sendThrough`: 주소
+
+트래픽을 보내는 IP 주소입니다. 기본값 " `"0.0.0.0 "` 은 호스트에서 사용 가능한 IP를 무작위로 선택하기위한 것입니다. 그렇지 않으면 값은 기존 네트워크 인터페이스의 IP 주소 여야합니다.
+
+> `프로토콜`: 문자열
+
+이 아웃 바운드의 프로토콜 이름입니다. 사용 가능한 모든 값에 대해서는 [프로토콜](protocols.md) 을 참조하십시오.
+
+> `설정`: OutboundConfigurationObject
+
+프로토콜 별 설정. 각 개별 프로토콜에서 `OutboundConfigurationObject` 을 참조하십시오.
+
+> `태그`: 문자열
+
+이 아웃 바운드의 태그입니다. 비어 있지 않으면 모든 아웃 바운드 중에서 고유해야합니다.
+
+> `streamSettings`: [StreamSettingsObject](transport.md)
+
+낮은 수준의 전송 설정. [프로토콜 전송 옵션](transport.md)참조하십시오.
+
+> `proxySettings`: [ProxySettingsObject](#proxysettingsobject)
+
+이 아웃 바운드에서 다른 아웃 바운드로 트래픽을 위임하기위한 구성입니다. 이 값을 설정하면이 아웃 바운드의 `streamSettings` 이 적용되지 않습니다.
+
+> `mux`: [MuxObject](mux.md)
+
+세부 사항은 [Mux](mux.md) 구성을 참조하십시오.
+
+### ProxySettingsObject
+
+```javascript
+{
+ "tag": "another-outbound-tag"
+}
+```
+
+> `태그`: 문자열
+
+`태그` 이 다른 아웃 바운드의 태그로 설정되면 현재 아웃 바운드의 나가는 트래픽이 지정된 아웃 바운드 트래픽으로 위임됩니다.
\ No newline at end of file
diff --git a/ko/configuration/policy.md b/ko/configuration/policy.md
new file mode 100644
index 000000000..ac1238994
--- /dev/null
+++ b/ko/configuration/policy.md
@@ -0,0 +1,127 @@
+---
+refcn: chapter_02/policy
+refen: configuration/policy
+---
+
+# 지역 정책
+
+로컬 정책은 현재의 V2Ray 인스턴스의 정책 설정 (예 : 연결 시간 초과)을 관리합니다. 정책은 각 사용자 수준 또는 전체 시스템에 적용 할 수 있습니다.
+
+## PolicyObject
+
+`PolicyObject` 은 최상위 레벨 구성에서 `policy` 필드로 사용됩니다.
+
+```javascript
+{
+ "levels": {
+ "0": {
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false
+ }
+ },
+ "system": {
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+ }
+}
+```
+
+> `level`: map{string: [LevelPolicyObject](#levelpolicyobject)}
+
+A list of key value pairs. Each key is a string of integer (restricted by JSON), such as `"0"`, `"1"`, etc. The numeric value is for a certain user level.
+
+{% hint style='info' %}
+
+User level can be set on each inbound and outbound proxy. V2Ray will apply different policies based on user level.
+
+{% endhint %}
+
+> `system`: [SystemPolicyObject](#systempolicyobject)
+
+System-wide policy
+
+### LevelPolicyObject
+
+```javascript
+{
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false,
+ "bufferSize": 10240
+}
+```
+
+> `handshake`: number
+
+Timeout for establishing a connection, in seconds. Default value `4`. At the handshake stage of an inbound proxy dealing with a new connection, say VMess reading request header, if it takes longer than `handshake` time, V2Ray aborts the connection.
+
+> `connIdle`: number
+
+Timeout for idle connections, in seconds. Default value `300`. If there is no data passed through the connection in `connIdle` time, V2Ray aborts the conneciton.
+
+> `uplinkOnly`: number
+
+Time for keeping connections open after the uplink of the connection is closed, in seconds. Default value `2`. After remote (server) closes the downlink of the connection, V2Ray aborts the connection after `uplinkOnly` times.
+
+> `downlinkOnly`: number
+
+Time for keeping connections open after the downlink of the connection is closed, in seconds. Default value `5`. After client (browser) closes the uplink of the connection, V2Ray aborts the connection after `downlinkOnly` time.
+
+{% hint style='tip' %}
+
+In a simple webpage browser scenario, it is safe to set `uplinkOnly` and `downlinkOnly` both to `0`, for better performance.
+
+{% endhint %}
+
+> `statsUserUplink`: true | false
+
+When set to `true`, V2Ray enables stat counter to uplink traffic for all users in this level.
+
+> `statsUserDownlink`: true | false
+
+When set to `true`, V2Ray enables stat counter to downlink traffic for all users in this level.
+
+> `bufferSize`: number
+
+Size of internal buffer per connection, in kilo-bytes. Default value is `10240`. When it is set to `0`, the internal buffer is disabled.
+
+Default value (V2Ray 4.4+):
+
+* `0` on ARM, MIPS and MIPSLE.
+* `4` on ARM64, MIPS64 and MIPS64LE.
+* `512` on other platforms.
+
+Default value (V2Ray 4.3-):
+
+* `16` on ARM, ARM64, MIPS, MIPS64, MIPSLE and MIPS64LE.
+* `2048` on other platforms.
+
+{% hint style='info' %}
+
+`bufferSize` overrides `v2ray.ray.buffer.size` settings in [env variables](env.md#cache-size-per-connection).
+
+{% endhint %}
+
+### SystemPolicyObject
+
+```javascript
+{
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+}
+```
+
+> `statsInboundUplink`: true | false
+
+When set to `true`, V2Ray enables stat counter for all uplink traffic in all inbound proxies.
+
+> `statsInboundDownlink`: true | false
+
+When set to `true`, V2Ray enables stat counter for all downlink traffic in all inbound proxies.
\ No newline at end of file
diff --git a/ko/configuration/protocols.md b/ko/configuration/protocols.md
new file mode 100644
index 000000000..5db8ec6e3
--- /dev/null
+++ b/ko/configuration/protocols.md
@@ -0,0 +1,17 @@
+---
+refcn: chapter_02/02_protocols
+refen: configuration/protocols
+---
+
+# 프로토콜
+
+V2Ray는 다음 프로토콜을 지원합니다. 각 프로토콜은 인바운드 프로토콜이거나 아웃 바운드 프로토콜이거나 둘 다일 수 있습니다.
+
+* [블랙홀](protocols/blackhole.md)
+* [도코 데모 문](protocols/dokodemo.md)
+* [자유](protocols/freedom.md)
+* [HTTP](protocols/http.md)
+* [MTProto](protocols/mtproto.md)
+* [Shadowsocks](protocols/shadowsocks.md)
+* [Socks](protocols/socks.md)
+* [VMess](protocols/vmess.md)
\ No newline at end of file
diff --git a/ko/configuration/protocols/blackhole.md b/ko/configuration/protocols/blackhole.md
new file mode 100644
index 000000000..56c0f2e11
--- /dev/null
+++ b/ko/configuration/protocols/blackhole.md
@@ -0,0 +1,40 @@
+---
+refcn: chapter_02/protocols/blackhole
+refen: configuration/protocols/blackhole
+---
+
+# Blackhole
+
+* 이름: `blackhole`
+* 유형 : 아웃 바운드
+
+블랙홀은 아웃 바운드 연결을위한 프로토콜입니다. 사전 정의 된 응답으로 모든 연결을 차단합니다. [Routing](../routing.md)과 결합하여 일부 웹 사이트에 대한 액세스를 차단하는 데 사용할 수 있습니다.
+
+## ConfigurationObject
+
+```javascript
+{
+ "response": {
+ "type": "none"
+ }
+}
+```
+
+> `response`: [ResponseObject](#responseobject)
+
+사전 정의 된 응답. Blockhole은 전달 된 연결에 대해 즉시 미리 정의 된 데이터를 보내고 연결을 종료합니다.
+
+### ResponseObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none" | "http"
+
+응답의 유형, 사용 가능한 옵션은 다음과 같습니다.
+
+* `"없음"`: 기본값. 빈 응답.
+* `"http"`: 유효한 HTTP 403 응답입니다.
\ No newline at end of file
diff --git a/ko/configuration/protocols/dns.md b/ko/configuration/protocols/dns.md
new file mode 100644
index 000000000..bd4793d46
--- /dev/null
+++ b/ko/configuration/protocols/dns.md
@@ -0,0 +1,37 @@
+---
+refcn: chapter_02/protocols/dns
+refen: configuration/protocols/dns
+---
+
+# DNS
+
+* Name: `dns`
+* Type: Outbound
+
+DNS is an outbound proxy. It is mainly used for intercept and proxy DNS queries and responses. This outbound proxy can only accept DNS traffic, including both TCP and UDP based DNS queries. Other type of traffic will result in errors.
+
+When proxying DNS queries, DNS outbound will redirect IP queries (A and AAAA) to [internal DNS server](../dns.md). It will send other type of queries directly to its original destination.
+
+DNS outbound proxy is introduced in V2Ray 4.15.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "network": "tcp",
+ "address": "1.1.1.1",
+ "port": 53
+}
+```
+
+> `network`: "tcp" | "udp"
+
+(V2Ray 4.16+) Modify the transport protocol of the DNS traffic. The value may be either `"tcp"` or `"udp"`. If it is not specified, the original protocol remains unchanged.
+
+> `address`: address
+
+(V2Ray 4.16+) Modify the DNS server address in the request. If it is not specified, the original DNS server address remain unchanged.
+
+> `port`: number
+
+(V2Ray 4.16+) Modify the DNS server port in the request. If it is not specified, the original DNS server port remain unchanged.
\ No newline at end of file
diff --git a/ko/configuration/protocols/dokodemo.md b/ko/configuration/protocols/dokodemo.md
new file mode 100644
index 000000000..9cd7df79c
--- /dev/null
+++ b/ko/configuration/protocols/dokodemo.md
@@ -0,0 +1,96 @@
+* * *
+
+refcn: chapter_02/protocols/dokodemo refen: configuration/protocols/dokodemo
+
+* * *
+
+# Dokodemo-door
+
+* 이름 : `dokodemo-door`
+* 유형 : 인바운드
+
+Dokodemo-door는 인바운드 연결을위한 프로토콜입니다. 모든 연결을 취하여 지정된 대상으로 전달합니다.
+
+Dokodemo-door는 (구성된 경우) 투명한 프록시로 작동 할 수도 있습니다.
+
+## ConfigurationObject
+
+```javascript
+{
+ "address": "8.8.8.8",
+ "port": 53,
+ "network": "tcp",
+ "followRedirect": false,
+ "userLevel": 0
+}
+```
+
+> `address`: address
+
+대상 서버의 주소. 문자열 형식의 IPv4, IPv6 또는 도메인 일 수 있습니다. `followRedirect` (아래 참조)이 `이면 true`, `address` 는 비어있을 수 있습니다.
+
+> `port`: number
+
+대상 서버의 포트입니다.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+수용 할 수있는 네트워크 유형. `"tcp"` 이 지정되면이 dokodemo-door로 전송 된 모든 UDP 트래픽이 삭제됩니다.
+
+> `followRedirect`: true | false
+
+`설정하면`, dokodemo-door는 TProxy의 대상을 인식하여 대상으로 사용합니다. 자세한 내용은 [전송](../transport.md) `TProxy` 을 참조하십시오.
+
+> `userLevel`: number
+
+사용자 수준. 모든 연결은이 수준을 공유합니다. 자세한 내용은 [정책](../policy.md) 을 참조하십시오.
+
+## 투명한 프록시의 예
+
+다음과 같이 dokodemo-door를 인바운드에 추가하십시오.
+
+```javascript
+{
+ "network": "tcp,udp",
+ "timeout": 30,
+ "followRedirect": true
+}
+```
+
+iptables를 아래와 같이 설정하십시오.
+
+```bash
+# 새 체인 만들기
+iptables -t nat -N V2RAY
+iptables -t mangle -N V2RAY
+iptables -t mangle -N V2RAY_MARK
+
+# V2Ray 서버의 주소를 무시하십시오.
+# 매우 중요합니다. 단지주의해야합니다.
+iptables -t nat -A V2RAY -d 123.123.123.123 -j RETURN
+
+# LAN을 무시하고 프록시를 사용하지 않으려는 다른 주소
+# 예약 된 네트워크의 전체 목록은 Wikipedia 및 RFC5735를 참조하십시오.
+iptables -t nat -A V2RAY -d 0.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 10.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 127.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 169.254.0.0/16 -j RETURN
+iptables -t nat -A V2RAY -d 172.16.0.0/12 -j RETURN
+iptables -t nat -A V2RAY -d 192.168 .0.0 / 16 -j RETURN
+iptables -t nat -A V2RAY -d 224.0.0.0/4 -j RETURN
+iptables -t nat -A V2RAY -d 240.0.0.0/4 -j RETURN
+
+# 다른 모든 것은 리디렉션되어야합니다. Dokodemo-door의 로컬 포트
+iptables -t nat -A V2RAY -p tcp -j REDIRECT --to 포트 12345
+
+# UDP 규칙 추가
+ip route add 로컬 기본 dev lo 테이블 100
+ip rule add fwmark 1 lookup 100
+iptables -t mangle -A V2RAY -p udp --dport 53 -j TPROXY - 포트 12345 --tproxy-mark 0x01 / 0x01
+iptables -t mangle -A V2RAY_MARK -p udp --dport 53 -j MARK --set-mark 1
+
+# 규칙 적용
+iptables -t nat -A 출력 --p tcp -j V2RAY
+iptables -t mangle -A PREROUTING -j V2RAY
+iptables -t mangle -A OUTPUT -j V2RAY_MARK
+```
\ No newline at end of file
diff --git a/ko/configuration/protocols/freedom.md b/ko/configuration/protocols/freedom.md
new file mode 100644
index 000000000..6201e203d
--- /dev/null
+++ b/ko/configuration/protocols/freedom.md
@@ -0,0 +1,45 @@
+---
+refcn: chapter_02/protocols/freedom
+refen: configuration/protocols/freedom
+---
+
+# Freedom
+
+* 이름 : `자유`
+* 유형 : 아웃 바운드
+
+Freedom은 아웃 바운드 연결을위한 프로토콜입니다. 모든 TCP 또는 UDP 연결을 목적지로 전달합니다. 이 아웃 바운드는 실제 대상으로 트래픽을 보내려는 경우에 사용됩니다.
+
+## ConfigurationObject
+
+```javascript
+{
+ "domainStrategy": "AsIs",
+ "redirect": "127.0.0.1:3366",
+ "userLevel": 0
+}
+```
+
+> `domainStrategy`: "AsIs" | "UseIP"
+
+도메인 이름 분석을위한 전략. 옵션은 다음과 같습니다.
+
+* `"AsIs"`: 기본값. 시스템별로 도메인 이름을 확인하십시오.
+* `"UseIP"`: 도메인 이름 확인을 위해 [내부 DNS](../dns.md) 을 사용하십시오.
+* `"UseIPv4"`: Use IPv4 address only, after resolved by internal DNS.
+* `"UseIPv6"`: Use IPv6 address only, after resolved by internal DNS.
+
+(V2Ray 4.6+) In `UseIP` mode, when `sendThrough` is specified in [OutboundObject](../overview.md#outboundobject), Freedom will automatically choose between IPv4 and IPv6 address for destination based on `sendThrough` settings.
+
+(V2Ray 4.7+) If `sendThrough` address conflicts with `"UseIPv4"` or `"UseIPv6"`, Freedom will fail to dial out-going connections.
+
+> `리디렉션`: address_port
+
+Redirect all connections to this address, in form like `"127.0.0.1:80"` or `":1234"`.
+
+* 주소가 비어 있으면 (예 : `": 443"`, Freedom은 원래 대상 주소를 사용합니다.
+* 포트 인 경우 `0`, 예를 들어 `"v2ray.com:0"`, 자유는 원래 포트를 사용합니다.
+
+> `userLevel`: number
+
+User level. All connections share this level.
\ No newline at end of file
diff --git a/ko/configuration/protocols/http.md b/ko/configuration/protocols/http.md
new file mode 100644
index 000000000..f23f241fc
--- /dev/null
+++ b/ko/configuration/protocols/http.md
@@ -0,0 +1,64 @@
+---
+refcn: chapter_02/protocols/http
+refen: configuration/protocols/http
+---
+
+# HTTP
+
+* 이름: `blackhole`
+* 유형: 인바운드
+
+HTTP is a protocol for inbound connections. It is compatible with HTTP/1.1.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "accounts": [
+ {
+ "user": "my-username",
+ "pass": "my-password"
+ }
+ ],
+ "allowTransparent": false,
+ "userLevel": 0
+}
+```
+
+> `계정`: \ [[AccountObject](#accountobject)\]
+
+각 항목이 계정 인 배열입니다. 기본적으로 비어 있습니다. 비어 있지 않으면 수신 요청에 HTTP 기본 인증이 필요합니다.
+
+> `allowTransparent`: true | 그릇된
+
+`설정하면 true이고`이면이 프록시에 대한 모든 HTTP 요청이 프록시가 아닌 요청을 포함하여 프록시됩니다.
+
+> `userLevel`: number
+
+사용자 수준. 모든 연결은이 수준을 공유합니다.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `사용자`: 문자열
+
+HTTP 인증을위한 사용자 이름.
+
+> `패스`: 문자열
+
+hTTP 인증을위한 암호.
+
+{% hint style='info' %}
+
+Use the following settings in Linux to use HTTP proxy in current session.
+
+* `내보내기 http_proxy = http: //127.0.0.1: 8080 /` (URL은 설정에 따라 변경해야 함)
+* `https_proxy =$http_proxy내 보냅니다.`
+
+{% endhint %}
\ No newline at end of file
diff --git a/ko/configuration/protocols/mtproto.md b/ko/configuration/protocols/mtproto.md
new file mode 100644
index 000000000..5889989f0
--- /dev/null
+++ b/ko/configuration/protocols/mtproto.md
@@ -0,0 +1,103 @@
+---
+refcn: chapter_02/protocols/mtproto
+refen: configuration/protocols/mtproto
+---
+
+# MTProto
+
+* Name: `mtproto`
+* Type: Inbound / Outbound
+
+MTProto proxy is a special procol for Telegram. It consists of a pair of inbound and outboud proxies in V2Ray. They are usually used together for building a proxy for Telegram
+
+For now V2Ray only supports IPv4 address of Telegram server.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "users": [{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+ }]
+}
+```
+
+> `명의 사용자`: \ [[UserObject](#userobject)\]
+
+사용자 배열. 현재로서는 첫 번째 사용자 만 효과적입니다.
+
+### UserObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+}
+```
+
+> `이메일`: 문자열
+
+사용자 이메일. 추적 목적으로 사용됩니다. [통계보기](../stats.md).
+
+> `레벨`: 숫자
+
+사용자 수준.
+
+> `비밀`: 문자열
+
+사용자 비밀. 텔레 그램에서 사용자 비밀은 32 자이어야하며 `0` 에서 `9`사이의 문자와 `a`에서 `f`사이의 문자 만 포함해야합니다.
+
+{% hint style='tip' %}
+
+You may use the following command to generate MTProto secret: `openssl rand -hex 16`
+
+{% endhint %}
+
+## Outbound configuration {#outbound}
+
+```javascript
+{
+}
+```
+
+## Sample {#sample}
+
+MTProto can only be used for Telegram traffic. You may need a routing rule to combine the corresponding inbound and outbound. Here is an incomplete sample.
+
+Inbound:
+
+```javascript
+{
+ "tag": "tg-in",
+ "port": 443,
+ "protocol": "mtproto",
+ "settings": {
+ "users": [{"secret": "b0cbcef5a486d9636472ac27f8e11a9d"}]
+ }
+}
+```
+
+Outbound:
+
+```javascript
+{
+ "tag": "tg-out",
+ "protocol": "mtproto",
+ "settings": {}
+}
+```
+
+Routing:
+
+```javascript
+{
+ "type": "field",
+ "inboundTag": ["tg-in"],
+ "outboundTag": "tg-out"
+}
+```
+
+The configure your Telegram app to connect to 443 port on this machine.
\ No newline at end of file
diff --git a/ko/configuration/protocols/shadowsocks.md b/ko/configuration/protocols/shadowsocks.md
new file mode 100644
index 000000000..efdc04eb5
--- /dev/null
+++ b/ko/configuration/protocols/shadowsocks.md
@@ -0,0 +1,163 @@
+---
+refcn: chapter_02/protocols/shadowsocks
+refen: configuration/protocols/shadowsocks
+---
+
+# Shadowsocks
+
+* Name: `shadowsocks`
+* Type: Inbound / Outbound
+
+[Shadowsocks](https://www.shadowsocks.org/) protocol, for both inbound and outbound connections.
+
+Compatibility with official version:
+
+* Supports both TCP and UDP connections, where UDP can be optional turned off.
+* Supports [OTA](https://web.archive.org/web/20161221022225/https://shadowsocks.org/en/spec/one-time-auth.html);
+ * Client may choose to turn on or off.
+ * Server may choose to enable, disable or auto.
+* Encryption methods ([AEAD](https://shadowsocks.org/en/spec/AEAD-Ciphers.html) ciphers added in V2Ray 3.0):
+ * aes-256-cfb
+ * 에이스 -128-cfb
+ * 차차 20
+ * 차차 20-ietf
+ * 에이스 -256-gcm
+ * 에이스 -128-gcm
+ * chacha20-poly1305 a.k.a. chacha20-ietf-poly1305
+* Plugins:
+ * Support obfs through standalone mode.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "method": "aes-128-cfb",
+ "password": "password",
+ "level": 0,
+ "ota": true,
+ "network": "tcp"
+}
+```
+
+> `이메일`: 문자열
+
+Email address. Used for user identification.
+
+> `방법`: 문자열
+
+Required. See [Encryption methods](#encryption-methods) for available values.
+
+> `패스워드`: string
+
+Required. Password in Shadowsocks protocol. Can be any string.
+
+> `레벨`: 숫자
+
+User level. Default to `0`. See [Policy](../policy.md).
+
+> `오타`: `참` | `거짓`
+
+Whether or not to force OTA. If `true` and the incoming connection doesn't enable OTA, V2Ray will reject this connection. Vice versa.
+
+If this field is not specified, V2Ray auto detects OTA settings from incoming connections.
+
+When AEAD encryption is used, `ota` has no effect.
+
+> `네트워크`: "tcp"| "udp"| "tcp, udp"
+
+지원되는 네트워크의 유형. `"tcp"로 기본값`.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "servers": [
+ {
+ "email": "love@v2ray.com",
+ "address": "127.0.0.1",
+ "port": 1234,
+ "method": "method",
+ "password": "password",
+ "ota": false,
+ "level": 0
+ }
+ ]
+}
+```
+
+어디에:
+
+* `이메일`: 이메일 주소. 사용자 식별에 사용됩니다.
+* `주소`: Shadowsocks 서버의 주소. IPv4, IPv6 또는 도메인이 될 수 있습니다.
+* `포트`: Shadowsock 서버의 포트입니다.
+* `방법`: 암호화 방법. 기본값이 없습니다. 옵션은 다음과 같습니다.
+ * `"aes-256-cfb"`
+ * `"aes-128-cfb"`
+ * `"차차 20"`
+ * `"chacha20-ietf"`
+ * `"aes-256-gcm"`
+ * `"aes-128-gcm"`
+ * `"chacha20-poly1305"` 또는 `"chacha20-ietf-poly1305"`
+* `암호`: 암호. 임의의 문자열이 될 수 있습니다.
+* `오타`: OTA 사용 여부.
+ * AEAD를 사용하면 `오타` 효과가 없습니다.
+* `수준`: 사용자 수준입니다.
+
+> `서버`: \ [[ServerObject](#serverobject)\]
+
+An array of [ServerObject](#serverobject)s.
+
+### ServerObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "address": "127.0.0.1",
+ "port": 1234,
+ "method": "加密方式",
+ "password": "密码",
+ "ota": false,
+ "level": 0
+}
+```
+
+> `이메일`: 문자열
+
+Email address. Used for user identification.
+
+> `주소`: 주소
+
+필수 사항. Shadowsocks 서버 주소. IPv4, IPv6 또는 도메인 주소 일 수 있습니다.
+
+> `포트`: 번호
+
+필수 사항. Shadowsocks 서버 포트.
+
+> `방법`: 문자열
+
+필수 사항. 사용 가능한 값은 [암호화 방법](#encryption-methods) 을 참조하십시오.
+
+> `패스워드`: string
+
+필수 사항. Shadowsocks 프로토콜의 암호. 임의의 문자열이 될 수 있습니다.
+
+> `오타`: 참 | 그릇된
+
+OTA 사용 여부. 기본값은 `입니다. false`.
+
+AEAD 암호화가 사용되면이 필드는 아무 효과가 없습니다.
+
+> `레벨`: 숫자
+
+사용자 수준.
+
+## 암호화 방법
+
+* `"aes-256-cfb"`
+* `"aes-128-cfb"`
+* `"차차 20"`
+* `"chacha20-ietf"`
+* `"aes-256-gcm"`
+* `"aes-128-gcm"`
+* `"chacha20-poly1305"` 또는 `"chacha20-ietf-poly1305"`
\ No newline at end of file
diff --git a/ko/configuration/protocols/socks.md b/ko/configuration/protocols/socks.md
new file mode 100644
index 000000000..7d9b7137d
--- /dev/null
+++ b/ko/configuration/protocols/socks.md
@@ -0,0 +1,147 @@
+---
+refcn: chapter_02/protocols/socks
+refen: configuration/protocols/socks
+---
+
+# Socks
+
+* 이름 : `양말`
+* 유형 : 인바운드 / 아웃 바운드
+
+양말 호환 표준 SOCKS 프로토콜의 구현이며, [양말 4](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol), 양말 4a 및도 [양말 5](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol).
+
+Socks configuration consists of two parts, `InboundConfigurationObject` and `OutboundConfigurationObject`, for inbound and outbound respectively.
+
+## OutboundConfigurationObject
+
+`OutboundConfigurationObject` is used as `settings` field in `OutboundObject` in top level configuration.
+
+```javascript
+{
+ "servers": [{
+ "address": "127.0.0.1",
+ "port": 1234,
+ "users": [
+ {
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+ }
+ ]
+ }]
+}
+```
+
+> `servers`: \[ [ServerObject](#serverobject) \]
+
+An array of Socks servers.
+
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 1234,
+ "users": [
+ {
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+ }
+ ]
+}
+```
+
+> `address`: address
+
+Socks server address. May be IPv4, IPv6 or domain address.
+
+{% hint style='info' %}
+
+Only support Socks 5 servers.
+
+{% endhint %}
+
+> `port`: number
+
+Socks server port.
+
+> `users`: \[ [UserObject](#userobject) \]
+
+An array of users. Each element in the array is an user. If the list is not empty. Socks inbound will force user authentication. Otherwise, anonymous user is allowed.
+
+### UserObject
+
+```javascript
+{
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+}
+```
+
+> `user`: string
+
+Username as in Socks protocol
+
+> `pass`: string
+
+Password as in Socks protocol
+
+> `level`: number
+
+User level for tracking and policy purpose. Default value is `0`.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "auth": "noauth",
+ "accounts": [
+ {
+ "user": "my-username",
+ "pass": "my-password"
+ }
+ ],
+ "udp": false,
+ "ip": "127.0.0.1",
+ "userLevel": 0
+}
+```
+
+> `auth`: "noauth" | "password"
+
+Socks autentication method. `"noauth"` is for anonymous authentication, and `"password"` for authentication with username and password. Default value is `"noauth"`.
+
+> `accounts`: \[ [AccountObject](#accountobject) \]
+
+An array of user accounts, for authenication purpose. Only take effect when `auth` is set to `"password"`.
+
+> `udp`: true | false
+
+Whether or not to enable UDP. Default value is `false`.
+
+> `ip`: address
+
+When UDP is enabled, V2Ray needs to know the IP address of current host. Default value is `"127.0.0.1"`. This must be set to the public IP address of the host, if you want to allow public UDP traffic.
+
+> `userLevel`: number
+
+User level. All incoming connections share this user level.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `user`: string
+
+Username as in Socks protocol
+
+> `pass`: string
+
+Password as in Socks protocol
\ No newline at end of file
diff --git a/ko/configuration/protocols/vmess.md b/ko/configuration/protocols/vmess.md
new file mode 100644
index 000000000..4aa142f20
--- /dev/null
+++ b/ko/configuration/protocols/vmess.md
@@ -0,0 +1,196 @@
+---
+refcn: chapter_02/protocols/vmess
+refen: configuration/protocols/vmess
+---
+
+# VMess
+
+* 이름 : `vmess`
+* 유형 : 인바운드 / 아웃 바운드
+
+[VMess](https://www.v2ray.com/eng/protocols/vmess.html) 은 암호화 된 통신을위한 프로토콜입니다. 여기에는 인바운드 및 아웃 바운드 프록시가 모두 포함됩니다.
+
+VMess는 시스템 시간에 의존합니다. 시스템 시간이 UTC 시간과 일치하는지 확인하십시오. 시간대는 중요하지 않습니다. 시스템 시간을 자동으로 조정하기 위해 Linux에 `ntp` 서비스를 설치할 수 있습니다.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "vnext": [
+ {
+ "address": "127.0.0.1",
+ "port": 37192,
+ "users": [
+ {
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "alterId": 4,
+ "security": "auto",
+ "level": 0
+ }
+ ]
+ }
+ ]
+}
+```
+
+> `vnext`: \ [ [ServerObject](#serverobject)\]
+
+각 요소가 원격 서버를 제공하는 배열
+
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 37192,
+ "users": []
+}
+```
+
+> `주소`: 주소
+
+서버 주소는 IPv4, IPv6 또는 도메인 이름 일 수 있습니다.
+
+> `포트`: 번호
+
+서버 포트
+
+> `명의 사용자`: \ [ [UserObject](#userobject)\]
+
+각 요소가 VMess 사용자 인 배열
+
+### UserObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "alterId": 16,
+ "security": "auto",
+ "level": 0
+}
+```
+
+> `id`: 문자열
+
+사용자 ID,의 형태로 [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
+
+> `alterId`: 숫자
+
+Number of alternative IDs. The alternative IDs will be generated in a deterministic way. Default to 0. Maximum 65535. Recommend 4. Its value must be not larger than the one in corresponding Inbound.
+
+> `레벨`: 숫자
+
+사용자 수준. 자세한 내용은 [정책](../policy.md) 을 참조하십시오.
+
+> `보안`: "aes-128-gcm"| "chacha20-poly1305"| "자동"| "없음"
+
+페이로드를 암호화하는 방법. 이 설정은 아웃 바운드에서만 사용할 수 있습니다. VMess 인바운드는 자동으로이 설정을 인식하고 이에 따라 페이로드를 해독합니다. 옵션은 다음과 같습니다.
+
+* `"aes-128-gcm"`: PC의 경우 권장됩니다.
+* `"chacha20-poly1305"`: 모바일 용으로 권장됩니다.
+* `"auto"`: 기본값. 사용 `AES-128-GCM` AMD64, ARM64 및 s390x가, 또는에 `chacha20-poly1305` 그렇지.
+* `"없음"`: 트래픽이 전혀 암호화되지 않습니다.
+
+{% hint style='info' %}
+
+Use `"auto"` wherever possible for better compatibility.
+
+{% endhint %}
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "clients": [
+ {
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "level": 0,
+ "alterId": 4,
+ "email": "love@v2ray.com"
+ }
+ ],
+ "default": {
+ "level": 0,
+ "alterId": 4
+ },
+ "detour": {
+ "to": "tag_to_detour"
+ },
+ "disableInsecureEncryption": false
+}
+```
+
+> `클라이언트`: \ [ [ClientObject](#clientobject)\]
+
+An array for valid user accounts. May be empty when used for dynamic port feature.
+
+> `detour`: [DetourObject](#detourobject)
+
+Optional feature to suggest client to take a detour. If specified, this inbound will instruct the outbound to use another inbound.
+
+> `기본값`: [DefaultObject](#defaultobject)
+
+Optional default client configuration. Usually used with `detour`.
+
+> `disableInsecureEncryption`: true | 그릇된
+
+Forbids client for using insecure encryption methods. When set to `true`, connections will be terminated immediately if the following encryption is used. Default value `false`.
+
+* `없음`
+* `에이스 -128-cfb`
+
+### ClientObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "level": 0,
+ "alterId": 4,
+ "email": "love@v2ray.com"
+}
+```
+
+> `id`: 문자열
+
+User ID, in the form of [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
+
+> `레벨`: 숫자
+
+User level. See [Policy](../policy.md) for its usage.
+
+> `alterId`: 숫자
+
+Number of alternative IDs. Same as in Outbound.
+
+> `이메일`: 문자열
+
+Email address for user identification.
+
+### DetourObject
+
+```javascript
+{
+ "to": "tag_to_detour"
+}
+```
+
+> `~`: 문자열
+
+The tag of an inbound proxy. See [Overview](../protocols.md). If configured, VMess will suggest its client to use the detour for further connections.
+
+### DefaultObject
+
+```javascript
+{
+ "level": 0,
+ "alterId": 4
+}
+```
+
+> `레벨`: 숫자
+
+User level.
+
+> `alterId`: 숫자
+
+Number of alternative IDs. Default value 64. Recommend 4.
\ No newline at end of file
diff --git a/ko/configuration/reverse.md b/ko/configuration/reverse.md
new file mode 100644
index 000000000..666481b5f
--- /dev/null
+++ b/ko/configuration/reverse.md
@@ -0,0 +1,199 @@
+---
+refcn: chapter_02/reverse
+refen: configuration/reverse
+---
+
+# 역방향 프록시
+
+역방향 프록시는 V2Ray의 선택적 기능입니다. 서버에서 클라이언트로 트래픽을 리디렉션합니다. 따라서 "역방향"프록 싱이라고합니다.
+
+{% hint style='tip' %}
+
+Reverse proxy is available in V2Ray 4.0+. It is now in beta, and may be improved in near future.
+
+{% endhint %}
+
+Reverse proxy works in the following way:
+
+* 웹 서버를 실행하는 장치 A가 있다고 가정합니다. 장치 A에는 공용 IP 주소가 없으므로 인터넷에서 액세스 할 수 없습니다. 인터넷에서 액세스 할 수있는 클라우드 서버라고하는 또 다른 장치 B가 있습니다. 우리는 B를 포털로 사용하여 traffice를 A로 리디렉션해야합니다.
+* 이제 우리는 `bridge`이라는 이름의 장치 A에 V2Ray를 설치합니다. 그런 다음 장치 `포털`이라는 V2Ray를 설치합니다.
+* `브리지` 은 `포털`연결을 엽니 다. 대상은 라우팅 용도로 사용자 정의 할 수 있습니다. `포털` 은 인터넷에서 다른 용도의 연결은 물론이 연결을받습니다. `포털` 은이 두 종류의 연결을 "연결"합니다. 그러면 interent 트래픽은 `bridge`로 터널링됩니다.
+* `브릿지` 이 `포털`통해 인터넷 트래픽을 수신하면 localhost의 웹 서버에 이러한 트래픽을 보냅니다. 이러한 트래픽에 대한 라우팅을 구성 할 수도 있습니다.
+* `브릿지` 은 트래픽 양에 따라로드 밸런스를 제어합니다.
+
+{% hint style='danger' %}
+
+Reverse proxy has already leveraged [Mux](mux.md). It is not necessary to configure Mux again on its outbound.
+
+{% endhint %}
+
+## 역 객체
+
+`ReverseObject` is used as `reverse` field in top level configuration.
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }],
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+> `브릿지`: \ [[BridgeObject](bridgeobject)\]
+
+An array of `bridge`s. Each `bridge` is a [BridgeObject](bridgeobject).
+
+> `포털`: \ [[PortalObject](portalobject)\]
+
+An array of `portal`s. Each `portal` is a [PortalObject](bridgeobject).
+
+### BridgeObject
+
+```javascript
+{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+}
+```
+
+> `태그`: 문자열
+
+A tag. All traffic initiated by this `bridge` will have this tag. It can be used for [routing](routing.md), identified as `inboundTag`.
+
+> `도메인`: 문자열
+
+A domain. All connections initiated by `bridge` towards `portal` will use this domain as target. This domain is only used for communication between `bridge` and `portal`. It is not necessary to be actually registered.
+
+### PortalObject
+
+> `태그`: 문자열
+
+A Tag. You need to redirect all traffic to this `portal`, by targeting `outboundTag` to this `tag`. The traffic includes the connections from `bridge`, as well as internet traffic.
+
+> `도메인`: 문자열
+
+A domain. When a connection targeting this domain, `portal` considers it is a connection from `bridge`, otherwise it is an internet connection.
+
+{% hint style='tip' %}
+
+Like other usages, a V2Ray instance can be used as a `bridge`, or a `portal`, or both as the same time.
+
+{% endhint %}
+
+## 구성 예
+
+`bridge` usually needs two outbounds. One for connecting `portal`, and another for connecting local web server.
+
+Reverse:
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+Outbound:
+
+```javascript
+{
+ "tag": "out"
+ "protocol": "freedom",
+ "settings": {
+ "redirect": "127.0.0.1:80" // Send traffic to local web server
+ }
+},
+{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "portal的IP地址",
+ "port": 1024,
+ "users": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }]
+ },
+ "tag": "interconn"
+}
+```
+
+Routing:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "domain": ["full:test.v2ray.com"],
+ "outboundTag": "interconn"
+ },{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "outboundTag": "out"
+ }]
+}
+```
+
+`portal` usually needs two inbounds. One for connections from `bridge`, and another for internet connections.
+
+Reverse:
+
+```javascript
+{
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com" // Must be the same as in bridge
+ }]
+}
+```
+
+Inbound:
+
+```javascript
+{
+ "tag": "external",
+ "port": 80, // Open port 80 for internet HTTP traffic
+ "protocol": "dokodemo-door",
+ "settings": {
+ "address": "127.0.0.1",
+ "port": 80,
+ "network": "tcp"
+ }
+},
+{
+ "port": 1024, // For bridge connections
+ "tag": "interconn",
+ "protocol": "vmess",
+ "settings": {
+ "clients": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }
+}
+```
+
+Routing:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["external"],
+ "outboundTag": "portal"
+ },{
+ "type": "field",
+ "inboundTag": ["interconn"],
+ "outboundTag": "portal"
+ }]
+}
+```
+
+{% hint style='tip' %}
+
+In practice, you may want to run `bridge` first and then `portal`.
+
+{% endhint %}
\ No newline at end of file
diff --git a/ko/configuration/routing.md b/ko/configuration/routing.md
new file mode 100644
index 000000000..d542d6ce0
--- /dev/null
+++ b/ko/configuration/routing.md
@@ -0,0 +1,194 @@
+---
+refcn: chapter_02/03_routing
+refen: configuration/routing
+---
+
+# 라우팅
+
+V2Ray는 내부 라우팅 메커니즘을 가지고 있습니다. 규칙에 따라 인바운드 연결을 다양한 아웃 바운드로 라우팅합니다. 일반적인 시나리오는 국가별로 트래픽을 분할하는 것입니다. V2Ray는 연결의 대상 국가 (Geo IP 기준)를 감지하고 해당 아웃 바운드 프록시에 연결을 보냅니다.
+
+## RoutingObject
+
+`RoutingObject` 은 최상위 레벨 구성에서 `라우팅` 으로 사용됩니다.
+
+```javascript
+{
+ "domainStrategy": "AsIs",
+ "rules": [],
+ "balancers": []
+}
+```
+
+> `domainStrategy`: "AsIs"| "IPIfNonMatch"| "IPOnDemand"
+
+도메인 분석 전략. 선택 사항은 다음과 같습니다.
+
+* `"AsIs"`: 라우팅에만 도메인을 사용하십시오. 기본값.
+* `"IPIfNonMatch"`: 현재 도메인과 일치하는 규칙이 없으면 V2Ray가이를 IP 주소 (A 또는 AAAA 레코드)로 확인하고 모든 규칙을 다시 시도합니다.
+ * 도메인에 여러 IP 주소가있는 경우 V2Ray는 모든 IP 주소를 시도합니다.
+ * 해결 된 IP는 라우팅 결정에만 사용되며 트래픽은 여전히 원래 도메인 주소로 전송됩니다.
+* `"IPOnDemand"`: IP 기반 규칙이있는 한 V2Ray는 도메인을 즉시 IP로 해석합니다.
+
+> `규칙`: \ [[RuleObject](#ruleobject)\]
+
+An array of rules. For each inbound connection, V2Ray tries these rules from top down one by one. If a rule takes effect, the connection will be routed to the `outboundTag` (or `balancerTag`, V2Ray 4.4+) of the rule.
+
+> `balancers`: \[ [BalancerObject](#balancerobject) \]
+
+(V2Ray 4.4+) An array of load balancers. When a routing rule points to a load balancer, the balancer will select an outbound based on configuration. Then traffic will be sent to that outbound.
+
+### RuleObject
+
+```javascript
+{
+ "type": "field",
+ "domain": [
+ "baidu.com",
+ "qq.com",
+ "geosite:cn"
+ ],
+ "ip": [
+ "0.0.0.0/8",
+ "10.0.0.0/8",
+ "fc00::/7",
+ "fe80::/10",
+ "geoip:cn"
+ ],
+ "port": "53,443,1000-2000",
+ "network": "tcp",
+ "source": [
+ "10.0.0.1"
+ ],
+ "user": [
+ "love@v2ray.com"
+ ],
+ "inboundTag": [
+ "tag-vmess"
+ ],
+ "protocol":["http", "tls", "bittorrent"],
+ "attrs": "attrs[':method'] == 'GET'",
+ "outboundTag": "direct",
+ "balancerTag": "balancer"
+}
+```
+
+{% hint style='info' %}
+
+When multiple fields are specified, these fields have to be all satisfied, in order to make the rule effective. If you need both `domain` and `ip` rules, it is highly likely you need put them into separate rules.
+
+{% endhint %}
+
+> `type`: "field"
+
+The only valid value for now is `"field"`.
+
+> `domain`: \[ string \]
+
+An array of domains. Available formats are:
+
+* 일반 텍스트 :이 문자열이 타겟팅 도메인의 일부와 일치하는 경우이 규칙은 효력을 갖습니다. 예 : 규칙 `"sina.com"` 은 도메인 `"sina.com"`, `"sina.com.cn"` 및 `"www.sina.com"`타겟팅하지만 `"sina.cn은 타겟팅하지 않습니다.`.
+* 정규 표현식 : `"regexp :"`, 나머지는 정규 표현식입니다. 정규 표현식이 타겟팅 도메인과 일치하면이 규칙이 적용됩니다. 예 : 규칙 `"regexp : \\. goo. * \\. com $"` 은 `"www.google.com"` 및 `"fonts.googleapis.com"`와 일치하지만 `"google.com"`과 일치하지 않습니다. .
+* 하위 도메인 (권장) : `"도메인 :"` 로 시작하고 나머지는 도메인입니다. 타겟팅 도메인이 정확히 값이거나 값의 하위 도메인 인 경우이 규칙이 적용됩니다. 예 : 규칙 `"도메인 : v2ray.com"` 은 `"www.v2ray.com"`, `"v2ray.com"`와 일치하지만 `"xv2ray.com"은 일치하지 않습니다.`.
+* 전체 도메인 : `"전체 :"` 나머지는 도메인입니다. 타겟팅 도메인이 정확히 값일 경우 규칙이 적용됩니다. 예 : 규칙 `"도메인 : v2ray.com"` 은 `"v2ray.com"`과 일치하지만 `"www.v2ray.com"과 일치하지 않습니다.`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](#pre-defined-domain-lists) for more detail.
+* Domains from file: Such as `"ext:file:tag"`. The value must begin with `ext:` (lowercase), and followed by filename and tag. The file is placed in [resource directory](env.md#location-of-v2ray-asset), and has the same format of `geosite.dat`. The tag must exist in the file.
+
+> `ip`: \[string\]
+
+An array of IP ranges. When the targeting IP is in one of the ranges, this rule takes effect. Available formats:
+
+* IP : 예 : `"127.0.0.1"`.
+* [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing):과 같은 `"127.0.0.0/8"`.
+* GeoIP : `"geoip : cn"`. 그것은으로 시작된다. `geoip :` (소문자)를 입력하고 2 자의 국가 코드를 입력하십시오.
+ * 특별 값 `"geoip : 비공개"`: `와 같은 모든 비공개 주소 127.0.0.1`.
+* 파일에서 IP : `"ext : file : tag"`. 값은 `ext :` (소문자)로 시작해야하며 그 다음에 파일 이름과 태그가 와야합니다. 파일은 [리소스 디렉토리](env.md#location-of-v2ray-asset)에 저장되며 `geoip.dat와 같은 형식을가집니다.`. 태그는 파일에 존재해야합니다.
+
+{% hint style='info' %}
+
+`"ext:geoip.dat:cn"` is equivalent to `"geoip:cn"`.
+
+{% endhint %}
+
+> `port`:number | string
+
+Port range. Formats are:
+
+* `"a-b"`: Both `a` and `b` are positive integers and less than 65536. When the targeting port is in [`a`, `b`), this rule takes effect.
+* `a`: `a` is a positive integer, and less than 65536. When the targeting port is `a`, this rule takes effect.
+* Mix of the two above, separated by ",". Such as `"53,443,1000-2000"`.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+When the connection has in the chosen network, this rule take effect.
+
+> `source`: \[string\]
+
+An array of IP ranges. Same format as `ip`. When the source IP of the connection is in the IP range, this rule takes effect.
+
+> `user`: \[string\]
+
+An array of email address. When the inbound connection uses an user account of the email address, this rule takes effect. For now Shadowsocks and VMess support user with email.
+
+> `inboundTag`: \[string\]
+
+An array of string as inbound proxy tags. When the connection comes from one of the specified inbound proxy, this rule takes effect.
+
+> `protocol`: \[ "http" | "tls" | "bittorrent" \]
+
+An array of string as protocol types. When the connection uses one of the protocols, this rule takes effect. To recognize the protocol of a connection, one must enable `sniffing` option in inbound proxy.
+
+> `attrs`: string
+
+(V2Ray 4.18+) A Starlark script, used for detecting traffic attributes. When this script returns true, this rule takes effect.
+
+[Starlark](https://github.com/bazelbuild/starlark) is a subset of Python. The script takes a global varible named `attrs`. It contains all attributes of the traffic.
+
+At the moment, only http inbound sets `attrs`.
+
+Examples:
+
+* Detect HTTP GET: `"attrs[':method'] == 'GET'"`
+* Detect HTTP Path: `"attrs[':path'].startswith('/test')"`
+* Detect Content Type: `"attrs['accept'].index('text/html') >= 0"`
+
+> `outboundTag` string
+
+[Tag of the outbound](protocols.md) that the connection will be sent to, if this rule take effect.
+
+> `balancerTag`: string
+
+Tag of an load balancer. Then this rule takes effect, V2Ray will use the balancer to select an outbound. Either `outboundTag` or `balancerTag` must be specified. When both are specified, `outboundTag` takes priority.
+
+### BalancerObject
+
+Configuration for a load balancer. When a load balancer takes effective, it selects one outbound from matching outbounds. This outbound will be used for send out-going traffic.
+
+```javascript
+{
+ "tag": "balancer",
+ "selector": []
+}
+```
+
+> `tag`: string
+
+Tag of this `BalancerObject`, to be matched from `balancerTag` in `RuleObject`.
+
+> `selector`: \[ string \]
+
+An array of strings. These strings are used to select outbounds with prefix matching. For example, with the following outbound tags: `[ "a", "ab", "c", "ba" ]`,selector `["a"]` matches `[ "a", "ab" ]`.
+
+When multiple outbounds are selected, load balancer for now picks one final outbound at random.
+
+## Pre-defined domain lists
+
+This is a domain lists maintained by [domain-list-community](https://github.com/v2ray/domain-list-community) project. It provides a file named `geosite.dat` for some predefined domain lists. Notably:
+
+* `category-ads`: Common ads domains.
+* `category-ads-all`: Common ads domains and ads providers' domains.
+* `cn`: Equivalent to an union of `geolocation-cn` and `tld-cn`.
+* `google`: All Google domains.
+* `facebook`: All Facebook domains.
+* `geolocation-cn`: Common domains that serve in China.
+* `geolocation-!cn`: Common domains that don't serve in China
+* `tld-cn`: All .cn and .中国 domains.
\ No newline at end of file
diff --git a/ko/configuration/stats.md b/ko/configuration/stats.md
new file mode 100644
index 000000000..9168501fb
--- /dev/null
+++ b/ko/configuration/stats.md
@@ -0,0 +1,43 @@
+---
+refcn: chapter_02/stats
+refen: configuration/stats
+---
+
+# 통계
+
+V2Ray는 내부 정보를 제공합니다.
+
+## StatsObject
+
+`StatsObject` 은 최상위 레벨 구성에서 `stats` 필드로 사용됩니다.
+
+```javascript
+{
+}
+```
+
+At the moment there is no parameter in stats settings. Stats is enabled automatically when the `StatsObject` is set in top level configuration. You need also enable the corresponding settings in [Policy](policy.md), in order to keep track of user or system stats.
+
+All stats counters are listed below:
+
+## User Traffic
+
+If an user doesn't has email address set in protocol settings, the traffic stats will not be enabled.
+
+> `user>>>[email]>>>traffic>>>uplink`
+
+Accumulated uplink traffic of specific user, in bytes.
+
+> `user>>>[email]>>>traffic>>>downlink`
+
+Accumulated downlink traffic of specific user, in bytes.
+
+## Global Traffic
+
+> `inbound>>>[tag]>>>traffic>>>uplink`
+
+Accumulated uplink traffic of specific inbound, in bytes.
+
+> `inbound>>>[tag]>>>traffic>>>downlink`
+
+Accumulated downlink traffic of specific inbound, in bytes.
\ No newline at end of file
diff --git a/ko/configuration/transport.md b/ko/configuration/transport.md
new file mode 100644
index 000000000..ee7cc2f56
--- /dev/null
+++ b/ko/configuration/transport.md
@@ -0,0 +1,300 @@
+---
+refcn: chapter_02/05_transport
+refen: configuration/transport
+---
+
+# 전송 설정
+
+전송은 V2Ray가 동료들과 데이터를주고받는 방법입니다. The responsibility of a transport is to reliably transfer data to a peer. 일반적으로 연결에는 양쪽 끝점에서 일치하는 전송이 있습니다. 예를 들어 V2Ray 아웃 바운드가 전송으로 WebSocket을 사용하는 경우 인바운드는 WebSocket을 사용해야하며, 그렇지 않으면 연결을 설정할 수 없습니다.
+
+전송 설정은 전역 설정과 프록시 설정의 두 부분으로 나뉩니다. 프록시 별 설정은 각 프록시가 데이터를 처리하는 방법을 지정하고 전역 설정은 모든 프록시를 지정합니다. 일반적으로 연결 피어 간의 인바운드 및 아웃 바운드 프록시는 동일한 전송 설정을 가져야합니다. 프록시에 전송 설정이 없으면 전역 설정이 적용됩니다.
+
+## TransportObject
+
+`TransportObject` 은 최상위 레벨 구성에서 `전송` 필드로 사용됩니다.
+
+```javascript
+{
+ "tcpSettings": {},
+ "kcpSettings": {},
+ "wsSettings": {},
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {}
+}
+```
+
+> `tcpSettings`: TcpObject
+
+[TCP 전송 설정](transport/tcp.md).
+
+> `kcpSettings`: KcpObject
+
+[mKCP 전송 설정](transport/mkcp.md).
+
+> `wsSettings`: WebSocketObject
+
+[WebSocket 전송 설정](transport/websocket.md).
+
+> `httpSettings`: HttpObject
+
+[HTTP / 2 전송 설정](transport/h2.md).
+
+> `dsSettings`: DomainSocketObject
+
+[도메인 소켓 전송 설정](transport/domainsocket.md).
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) Settings for [QUIC transport](transport/quic.md).
+
+## StreamSettingsObject
+
+Each inbound and outbound proxy may has its own transport settings, as specified in `streamSettings` field in top level configuration.
+
+```javascript
+{
+ "network": "tcp",
+ "security": "none",
+ "tlsSettings": {},
+ "tcpSettings": {},
+ "kcpSettings": {},
+ "wsSettings": {},
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {},
+ "sockopt": {
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+ }
+}
+```
+
+> `network`: "tcp" | "kcp" | "ws" | "http" | "domainsocket" | "quic"
+
+Network type of the stream transport. Default value `"tcp"`.
+
+> `security`: "none" | "tls"
+
+Type of security. Choices are `"none"` (default) for no extra security, or `"tls"` for using [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security).
+
+> `tlsSettings`: [TLSObject](#tlsobject)
+
+TLS settings. TLS is provided by Golang. Support up to TLS 1.2. DTLS is not supported.
+
+> `tcpSettings`: [TcpObject](transport/tcp.md)
+
+TCP transport configuration for current proxy. Effective only when the proxy uses TCP transport. Configuration is the same as it is in global configuration.
+
+> `kcpSettings`: KcpObject
+
+mKCP transport configuration for current proxy. Effective only when the proxy uses mKCP transport. Configuration is the same as it is in global configuration.
+
+> `wsSettings`: WebSocketObject
+
+WebSocket transport configuration for current proxy. Effective only when the proxy uses WebSocket transport. Configuration is the same as it is in global configuration.
+
+> `httpSettings`: HttpObject
+
+HTTP/2 transport configuration for current proxy. Effective only when the proxy uses HTTP/2 transport. Configuration is the same as it is in global configuration.
+
+> `dsSettings`: DomainSocketObject
+
+Domain socket transport configuration for current proxy. Effective only when the proxy uses domain socket transport. Configuration is the same as it is in global configuration.
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) QUIC transport configuration for current proxy. Effective only when the proxy uses QUIC transport. Configuration is the same as it is in global configuration.
+
+> `sockopt`: SockoptObject
+
+Socket options for incoming and out-going connections.
+
+### TLSObject
+
+```javascript
+{
+ "serverName": "v2ray.com",
+ "allowInsecure": false,
+ "alpn": ["http/1.1"],
+ "certificates": [],
+ "disableSystemRoot": false
+}
+```
+
+> `serverName`: string
+
+Server name (usually domain) used for TLS authentication. Typically this is used when corressponding inbound/outbound uses IP for communication.
+
+When domain name is specified from inbound proxy, or get sniffed from the connection, it will be automatically used for connection. It is not necessary to set `serverName` in such case.
+
+> `alpn`: \[ string \]
+
+An array of strings, to specifiy the ALPN value in TLS handshake. Default value is `["http/1.1"]`.
+
+> `allowInsecure`: true | false
+
+If `true`, V2Ray allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates.
+
+> `allowInsecureCiphers`: true | false
+
+Whehter or not to allow insecure cipher suites. By default TLS only uses cipher suites from TLS 1.3 spec. Turn on this option to allow cipher suites with static RSA keys.
+
+> `disableSystemRoot`: true | false
+
+(V2Ray 4.18+) Whether or not to disable system root CAs for TLS handshake. Default value is `false`. If set to `true`, V2Ray will use only `certificates` for TLS handshake.
+
+> `certificates`: \[ [CertificateObject](#certificateobject) \]
+
+List of TLS certificates. Each entry is one certificate.
+
+### CertificateObject
+
+```javascript
+{
+ "usage": "encipherment",
+
+ "certificateFile": "/path/to/certificate.crt",
+ "keyFile": "/path/to/key.key",
+
+ "certificate": [
+ "-----BEGIN CERTIFICATE-----",
+ "MIICwDCCAaigAwIBAgIRAO16JMdESAuHidFYJAR/7kAwDQYJKoZIhvcNAQELBQAw",
+ "ADAeFw0xODA0MTAxMzU1MTdaFw0xODA0MTAxNTU1MTdaMAAwggEiMA0GCSqGSIb3",
+ "DQEBAQUAA4IBDwAwggEKAoIBAQCs2PX0fFSCjOemmdm9UbOvcLctF94Ox4BpSfJ+",
+ "3lJHwZbvnOFuo56WhQJWrclKoImp/c9veL1J4Bbtam3sW3APkZVEK9UxRQ57HQuw",
+ "OzhV0FD20/0YELou85TwnkTw5l9GVCXT02NG+pGlYsFrxesUHpojdl8tIcn113M5",
+ "pypgDPVmPeeORRf7nseMC6GhvXYM4txJPyenohwegl8DZ6OE5FkSVR5wFQtAhbON",
+ "OAkIVVmw002K2J6pitPuJGOka9PxcCVWhko/W+JCGapcC7O74palwBUuXE1iH+Jp",
+ "noPjGp4qE2ognW3WH/sgQ+rvo20eXb9Um1steaYY8xlxgBsXAgMBAAGjNTAzMA4G",
+ "A1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA",
+ "MA0GCSqGSIb3DQEBCwUAA4IBAQBUd9sGKYemzwPnxtw/vzkV8Q32NILEMlPVqeJU",
+ "7UxVgIODBV6A1b3tOUoktuhmgSSaQxjhYbFAVTD+LUglMUCxNbj56luBRlLLQWo+",
+ "9BUhC/ow393tLmqKcB59qNcwbZER6XT5POYwcaKM75QVqhCJVHJNb1zSEE7Co7iO",
+ "6wIan3lFyjBfYlBEz5vyRWQNIwKfdh5cK1yAu13xGENwmtlSTHiwbjBLXfk+0A/8",
+ "r/2s+sCYUkGZHhj8xY7bJ1zg0FRalP5LrqY+r6BckT1QPDIQKYy615j1LpOtwZe/",
+ "d4q7MD/dkzRDsch7t2cIjM/PYeMuzh87admSyL6hdtK0Nm/Q",
+ "-----END CERTIFICATE-----"
+ ],
+ "key": [
+ "-----BEGIN RSA PRIVATE KEY-----",
+ "MIIEowIBAAKCAQEArNj19HxUgoznppnZvVGzr3C3LRfeDseAaUnyft5SR8GW75zh",
+ "bqOeloUCVq3JSqCJqf3Pb3i9SeAW7Wpt7FtwD5GVRCvVMUUOex0LsDs4VdBQ9tP9",
+ "GBC6LvOU8J5E8OZfRlQl09NjRvqRpWLBa8XrFB6aI3ZfLSHJ9ddzOacqYAz1Zj3n",
+ "jkUX+57HjAuhob12DOLcST8np6IcHoJfA2ejhORZElUecBULQIWzjTgJCFVZsNNN",
+ "itieqYrT7iRjpGvT8XAlVoZKP1viQhmqXAuzu+KWpcAVLlxNYh/iaZ6D4xqeKhNq",
+ "IJ1t1h/7IEPq76NtHl2/VJtbLXmmGPMZcYAbFwIDAQABAoIBAFCgG4phfGIxK9Uw",
+ "qrp+o9xQLYGhQnmOYb27OpwnRCYojSlT+mvLcqwvevnHsr9WxyA+PkZ3AYS2PLue",
+ "C4xW0pzQgdn8wENtPOX8lHkuBocw1rNsCwDwvIguIuliSjI8o3CAy+xVDFgNhWap",
+ "/CMzfQYziB7GlnrM6hH838iiy0dlv4I/HKk+3/YlSYQEvnFokTf7HxbDDmznkJTM",
+ "aPKZ5qbnV+4AcQfcLYJ8QE0ViJ8dVZ7RLwIf7+SG0b0bqloti4+oQXqGtiESUwEW",
+ "/Wzi7oyCbFJoPsFWp1P5+wD7jAGpAd9lPIwPahdr1wl6VwIx9W0XYjoZn71AEaw4",
+ "bK4xUXECgYEA3g2o9WqyrhYSax3pGEdvV2qN0VQhw7Xe+jyy98CELOO2DNbB9QNJ",
+ "8cSSU/PjkxQlgbOJc8DEprdMldN5xI/srlsbQWCj72wXxXnVnh991bI2clwt7oYi",
+ "pcGZwzCrJyFL+QaZmYzLxkxYl1tCiiuqLm+EkjxCWKTX/kKEFb6rtnMCgYEAx0WR",
+ "L8Uue3lXxhXRdBS5QRTBNklkSxtU+2yyXRpvFa7Qam+GghJs5RKfJ9lTvjfM/PxG",
+ "3vhuBliWQOKQbm1ZGLbgGBM505EOP7DikUmH/kzKxIeRo4l64mioKdDwK/4CZtS7",
+ "az0Lq3eS6bq11qL4mEdE6Gn/Y+sqB83GHZYju80CgYABFm4KbbBcW+1RKv9WSBtK",
+ "gVIagV/89moWLa/uuLmtApyEqZSfn5mAHqdc0+f8c2/Pl9KHh50u99zfKv8AsHfH",
+ "TtjuVAvZg10GcZdTQ/I41ruficYL0gpfZ3haVWWxNl+J47di4iapXPxeGWtVA+u8",
+ "eH1cvgDRMFWCgE7nUFzE8wKBgGndUomfZtdgGrp4ouLZk6W4ogD2MpsYNSixkXyW",
+ "64cIbV7uSvZVVZbJMtaXxb6bpIKOgBQ6xTEH5SMpenPAEgJoPVts816rhHdfwK5Q",
+ "8zetklegckYAZtFbqmM0xjOI6bu5rqwFLWr1xo33jF0wDYPQ8RHMJkruB1FIB8V2",
+ "GxvNAoGBAM4g2z8NTPMqX+8IBGkGgqmcYuRQxd3cs7LOSEjF9hPy1it2ZFe/yUKq",
+ "ePa2E8osffK5LBkFzhyQb0WrGC9ijM9E6rv10gyuNjlwXdFJcdqVamxwPUBtxRJR",
+ "cYTY2HRkJXDdtT0Bkc3josE6UUDvwMpO0CfAETQPto1tjNEDhQhT",
+ "-----END RSA PRIVATE KEY-----"
+ ]
+}
+```
+
+> `usage`: "encipherment" | "verify" | "issue"
+
+Purpose of the certificate. Default value `"encipherment"`. Choices are:
+
+* `"암호화"`: 인증서는 TLS 인증 및 암호화에 사용됩니다.
+* `"verify"`: 인증서는 원격 피어에서 TLS 인증서의 유효성을 검사하는 데 사용됩니다. 이 경우 인증서는 CA 인증서 여야합니다.
+* `"issue"`: 인증서는 다른 인증서를 발행하는 데 사용됩니다. 이 경우 인증서는 CA 인증서 여야합니다.
+
+{% hint style='info' %}
+
+On Windows, you have to install your CA certificate to system, in order to verify cerificates issued from the CA.
+
+{% endhint %}
+
+{% hint style='info' %}
+
+When there is a new client request, say for `serverName` = `"v2ray.com"`, V2Ray will find a certificate for `"v2ray.com"` first. If not found, V2Ray will try to issue a new certificate using any existing certificate whose `usage` is `"issue"` for `"v2ray.com"`. The new certificate expires in one hour, and will be added to certificate pool for later reuse.
+
+{% endhint %}
+
+> `certificateFile`: string
+
+File path to the certificate. If the certificate is generated by OpenSSL, the path ends with ".crt".
+
+{% hint style='info' %}
+
+Use `v2ctl cert -ca` command to generate a new CA certificate.
+
+{% endhint %}
+
+> `certificate`: \[ string \]
+
+List of strings as content of the certificate. See the example above. Either `certificate` or `certificateFile` must not be empty.
+
+> `keyFile`: string
+
+File path to the private key. If generated by OpenSSL, the file usually ends with ".key". Key file with password is not supported.
+
+> `key`: \[ string \]
+
+List of strings as content of the private key. See the example above. Either `key` or `keyFile` must not be empty.
+
+When `certificateFile` and `certificate` are both filled in. V2Ray uses `certificateFile`. Same for `keyFile` and `key`.
+
+{% hint style='info' %}
+
+When `usage` is `"verify"`, both `keyFile` and `key` can be empty.
+
+{% endhint %}
+
+### SockoptObject
+
+```javascript
+{
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+}
+```
+
+> `mark`: number
+
+An integer. If non-zero, the value will be set to out-going connections via socket option SO_MARK. This mechanism only applies on Linux and requires CAP_NET_ADMIN permission.
+
+> `tcpFastOpen`: true | false
+
+Whether or not to enable [TCP Fast Open](https://en.wikipedia.org/wiki/TCP_Fast_Open). When set to `true`, V2Ray enables TFO for current connection. When set to `false`, V2Ray disables TFO. If this entry doesn't exist, V2Ray uses default settings from operating system.
+
+* 다음 운영 체제에만 적용 :
+ * Windows 10 (1604) 이상
+ * Mac OS 10.11 / iOS 9 이상
+ * Linux 3.16 이상 : 시스템 기본값에 의해 사용 가능합니다.
+* 인바운드 및 아웃 바운드 연결에 모두 적용 가능합니다.
+
+> `tproxy`: "redirect" | "tproxy" | "off"
+
+Whether or not to enable transparent proxy on Linux. Choices are:
+
+* `"off"`: 기본값. TProxy를 전혀 사용하지 마십시오.
+* `"redirect"`: 리디렉션 모드로 TProxy를 사용합니다. TCP / IPv4 및 UDP 트래픽을 지원합니다.
+* `"tproxy"`: TProxy 모드로 TProxy를 활성화합니다. TCP 및 UDP 트래픽을 지원합니다.
+
+Transparent proxy requires Root or CAP\_NET\_ADMIN permission.
+
+{% hint style='info' %}
+
+If `TProxy` is not set, and `allowRedirect` is set in [dokodemo-door](protocols/dokodemo.md), the value of `TProxy` will be set to `"redirect"` automatically.
+
+{% endhint %}
\ No newline at end of file
diff --git a/ko/configuration/transport/domainsocket.md b/ko/configuration/transport/domainsocket.md
new file mode 100644
index 000000000..2286feeb8
--- /dev/null
+++ b/ko/configuration/transport/domainsocket.md
@@ -0,0 +1,30 @@
+---
+refcn: chapter_02/transport/domainsocket
+refen: configuration/transport/domainsocket
+---
+
+# 도메인 소켓 전송
+
+Domain Socket은 표준 Unix 도메인 소켓을 사용하여 데이터를 전송합니다. 도메인 소켓은 시스템 interal tranfer 채널입니다. 네트워크 버퍼에 용지 걸림이 발생하지 않으며 로컬 루프백 네트워크를 통해 전송하는 것보다 약간 더 빠를 수도 있습니다.
+
+도메인 소켓은 macOS 및 Linux와 같이 Unix 도메인 소켓을 지원하는 플랫폼에서만 사용할 수 있습니다. Windows에서는 사용할 수 없습니다.
+
+{% hint style='info' %}
+
+When domain socket is used, IP and port specified on the inbound/outbound proxy will be ignored. All traffic is tunneled through the domain socket.
+
+{% endhint %}
+
+## DomainSocketObject
+
+`DomainSocketObject` is used in `dsSettings` field in `TransportObject` and `StreamSettingsObject`.
+
+```javascript
+{
+ "path": "/path/to/ds/file"
+}
+```
+
+> `경로`: 문자열
+
+An valid absolute file path. Before running V2Ray, the file on this path must not exist.
\ No newline at end of file
diff --git a/ko/configuration/transport/h2.md b/ko/configuration/transport/h2.md
new file mode 100644
index 000000000..596e1ff27
--- /dev/null
+++ b/ko/configuration/transport/h2.md
@@ -0,0 +1,29 @@
+---
+refcn: chapter_02/transport/h2
+refen: configuration/transport/h2
+---
+
+# HTTP / 2 전송
+
+HTTP / 2 전송이 V2Ray 3.17에 추가되었습니다. 표준 HTTP / 2를 기반으로하며 Nginx와 같은 다른 HTTP 서버를 통해 프록시가 될 수 있습니다.
+
+HTTP / 2 권장으로 인해 해당 인바운드 및 아웃 바운드가 TLS에서이 전송을 사용할 수 있도록 설정해야합니다.
+
+## HttpObject
+
+`DomainSocketObject` 에서 사용되는 `httpSettings` 필드를 `TransportObject` 및 `StreamSettingsObject`.
+
+```javascript
+{
+ "host": ["v2ray.com"],
+ "path": "/random/path"
+}
+```
+
+> `호스트`: \ [string \]
+
+문자열 배열입니다. 각 요소는 도메인입니다. 클라이언트는 각 요청마다 임의로 도메인을 선택합니다. 서버는 들어오는 요청의 도메인이 목록에 있는지 확인합니다.
+
+> `경로`: 문자열
+
+HTTP 경로. 클라이언트와 서버는 동일한 값을 가져야합니다.
\ No newline at end of file
diff --git a/ko/configuration/transport/mkcp.md b/ko/configuration/transport/mkcp.md
new file mode 100644
index 000000000..93716a709
--- /dev/null
+++ b/ko/configuration/transport/mkcp.md
@@ -0,0 +1,88 @@
+---
+refcn: chapter_02/transport/mkcp
+refen: configuration/transport/mkcp
+---
+
+# mKCP 전송
+
+mKCP는 안정적인 스트림 전송입니다. UDP 기반 프로토콜입니다. mKCP는 더 낮은 대기 시간을 위해 더 많은 트래픽을 전송합니다. 동일한 양의 데이터를 전송하려면 일반적으로 mKCP가 TCP보다 많은 처리량이 필요합니다.
+
+## KcpObject
+
+```javascript
+{
+ "mtu": 1350,
+ "tti": 20,
+ "uplinkCapacity": 5,
+ "downlinkCapacity": 20,
+ "congestion": false,
+ "readBufferSize": 1,
+ "writeBufferSize": 1,
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `mtu`: number
+
+최대 전송 단위. UDP 패킷이 전송할 수있는 최대 수 바이트 수를 나타냅니다. 권장 값은 `576` 에서 `1460`입니다. 기본값 `1350`.
+
+> `tti`: 숫자
+
+전송 시간 간격 (밀리 초). mKCP는이 간격으로 데이터를 보냅니다. 권장 값은 `10` ~ `100`입니다. 기본값 `50`.
+
+> `업 링크 용량`: 번호
+
+업 링크 대역폭 (MB / s). V2Ray 인스턴스가 원격지로 데이터를 업로드하기위한 최대 대역폭. 기본값은 `5`입니다. 비트가 아니라 바이트 (MB / s)임을주의하십시오. 작은 대역폭을 위해 값 `0` 을 사용할 수 있습니다.
+
+> `downlinkCapacity`: 숫자
+
+다운 링크 대역폭 (MB / s). V2Ray 인스턴스가 데이터를 다운로드 할 수있는 최대 대역폭. 기본값은 `20`입니다. 비트가 아니라 바이트 (MB / s)임을주의하십시오. 작은 대역폭을 위해 값 `0` 을 사용할 수 있습니다.
+
+{% hint style='info' %}
+
+`uplinkCapacity` and `downlinkCapacity` determine the speed of mKCP. On client side, `uplinkCapacity` specifies the speed for client sending data to server. On sever side, `downlinkCapacity` specifies the speed of server receiving data. The minimum of this pair is effective in an actual connection.
+
+{% endhint %}
+
+> `혼잡`: 참 | 그릇된
+
+Whether or not to enable congestion control. Default value is `false`. When congestion control is enabled, V2Ray will detect network quality. It will send less packets when packet loss is severe, or more data when network is not fully filled.
+
+> `readBufferSize`: 숫자
+
+Read buffer size for a single connection, in MB. Default value is `2`.
+
+> `writeBufferSize`: 숫자
+
+Write buffer size for a single connection, in MB. Default value is `2`.
+
+> `header`: [HeaderObject](#headerobject)
+
+Configuration for packet header obfuscation.
+
+### HeaderObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `유형`: 문자열
+
+Type of obfuscation. Corresponding inbound and outbound proxy must have the same settings. Choices are:
+
+* `"없음"`: 기본값. 난독 화는 사용되지 않습니다.
+* `"srtp"`: SRTP 트래픽으로 난독 화됩니다. Facetime과 같은 화상 통화로 인식 될 수 있습니다.
+* `"utp"`: uTP 트래픽으로 난독 화. Bittorrent 트래픽으로 인식 될 수 있습니다.
+* `"wechat-video"`: WeChat 트래픽으로 난독 화됩니다.
+* `"dtls"`: DTLS 1.2 패킷으로 난독 화.
+* `"wireguard"`: WireGuard 패킷으로 난독 화. (사실 WireGuard 프로토콜이 아닙니다)
+
+## 크레딧 {#credits}
+
+* @ skywind3000은 원래의 KCP 프로토콜을 발명하고 C로 구현했습니다.
+* @xtaci는 Go에서 KCP 프로토콜을 다시 구현합니다.
+* @xiaokangwang은 KCP를 V2Ray에 통합했습니다.
\ No newline at end of file
diff --git a/ko/configuration/transport/quic.md b/ko/configuration/transport/quic.md
new file mode 100644
index 000000000..aee7406a0
--- /dev/null
+++ b/ko/configuration/transport/quic.md
@@ -0,0 +1,74 @@
+---
+refcn: chapter_02/transport/quic
+refen: configuration/transport/quic
+---
+
+# QUIC
+
+QUIC, or Quick UDP Internet Connection, is a multiplexing transport based on UDP, initially designed, implemented, and deployed by Google.
+
+QUIC has the following advantages:
+
+1. Reduced number of roundtrips in handshake phase. (1-RTT or 0-RTT)
+2. Multiplexing without head of line blocking as in TCP
+3. Connection migration, especially for clients. For example, connections don't break when device moves from Wi-Fi to 4G.
+
+QUIC is now an experiment in V2Ray. It implements IETF specification. As the spec is still being standardized, compatibility can't be guaranteed.
+
+## Update History
+
+V2Ray 4.7:
+
+* Initial version to support QUIC.
+* Default settings:
+ * 12 byte Connection ID
+ * Connection timeout in 30 seconds if no data traffic. (May have impact on some long HTTP connections)
+
+## QuicObject
+
+QUIC is used as `quicSettings` in transport settings. The configuration must be exactly the same between connecting peers.
+
+QUIC requires TLS. If TLS is not enabled in transport settings, V2Ray will automatically issue a TLS certificate for it. When QUIC transport is used, encryption in VMess can be turned off.
+
+```javascript
+{
+ "security": "none",
+ "key": "",
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `security`: "none" | "aes-128-gcm" | "chacha20-poly1305"
+
+Extra encryption over entire QUIC packet, include the frame head part. Default value is "none" for no encryption. After being encrypted, QUIC packets can't be sniff'ed.
+
+> `key`: string
+
+Key for the encryption above. Can be any string. Only effective when `security` is not `"none"`.
+
+> `header`: [HeaderObject](#headerobject)
+
+Configuration for packet header obfuscation.
+
+### HeaderObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: string
+
+Type of obfuscation. Corresponding inbound and outbound proxy must have the same settings. Choices are:
+
+* `"none"`: Default value. No obfuscation is used.
+* `"srtp"`: Obfuscated as SRTP traffic. It may be recognized as video calls such as Facetime.
+* `"utp"`: Obfuscated as uTP traffic. It may be recognized as Bittorrent traffic.
+* `"wechat-video"`: Obfuscated to WeChat traffic.
+* `"dtls"`: Obfuscated as DTLS 1.2 packets.
+* `"wireguard"`: Obfuscated as WireGuard packets. (NOT true WireGuard protocol)
+
+{% hint style='info' %} When neither encryption nor obfuscation is enabled, QUIC transport is compatible with other QUIC tools. However it is recommended to enable either or both for better undetectable communication. {% endhint %}
\ No newline at end of file
diff --git a/ko/configuration/transport/tcp.md b/ko/configuration/transport/tcp.md
new file mode 100644
index 000000000..d504d05de
--- /dev/null
+++ b/ko/configuration/transport/tcp.md
@@ -0,0 +1,130 @@
+---
+refcn: chapter_02/transport/tcp
+refen: configuration/transport/tcp
+---
+
+# TCP 전송
+
+## TcpObject
+
+```javascript
+{
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `header`: NoneHeaderObject | HttpHeaderobject
+
+Header obfuscation. Default value is `NoneHeaderObject`.
+
+### NoneHeaderObject
+
+No header obfuscation.
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none"
+
+Disable header obfuscation.
+
+### HttpHeaderObject
+
+HTTP header obfuscation. The configuration must be the same between connecting inbound and outbound.
+
+```javascript
+{
+ "type": "http",
+ "request": {},
+ "response": {}
+}
+```
+
+> `type`: "http"
+
+Enable HTTP header obfuscation.
+
+> `request`: [HTTPRequestObject](#httprequestobject)
+
+HTTP request template.
+
+> `response`: [HTTPResponseObject](#httpresponseobject)
+
+HTTP response template.
+
+### HTTPRequestObject
+
+```javascript
+{
+ "version": "1.1",
+ "method": "GET",
+ "path": ["/"],
+ "headers": {
+ "Host": ["www.baidu.com", "www.bing.com"],
+ "User-Agent": [
+ "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36",
+ "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
+ ],
+ "Accept-Encoding": ["gzip, deflate"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
+ }
+}
+```
+
+> `version`: string
+
+HTTP version. Default value is `"1.1"`.
+
+> `method`: string
+
+HTTP method. Default value is `"GET"`。
+
+> `path`: \[ string \]
+
+HTTP path. An array is string. The path will be chosen randomly for every connection.
+
+> `headers`: map{string, \[ string \] }
+
+HTTP header. The key of each entry is the key of HTTP header. The value of each entry is a list of strings. The actual HTTP header value will be chosen randomly from the list for each connection. Default value is the values in the example above.
+
+In a connection, all keys in the specified map will be set to the HTTP header.
+
+### HTTPResponseObject
+
+```javascript
+{
+ "version": "1.1",
+ "status": "200",
+ "reason": "OK",
+ "headers": {
+ "Content-Type": ["application/octet-stream", "video/mpeg"],
+ "Transfer-Encoding": ["chunked"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
+ }
+}
+```
+
+> `version`: string
+
+HTTP version. Default value is `"1.1"`.
+
+> `status`: string
+
+HTTP status. Default value is `"200"`
+
+> `reason`: string
+
+HTTP status message. Default value is `"OK"`.
+
+> `headers`: map{string, string}
+
+HTTP header. The key of each entry is the key of HTTP header. The value of each entry is a list of strings. The actual HTTP header value will be chosen randomly from the list for each connection. Default value is the values in the example above.
+
+In a connection, all keys in the specified map will be set to the HTTP header.
\ No newline at end of file
diff --git a/ko/configuration/transport/websocket.md b/ko/configuration/transport/websocket.md
new file mode 100644
index 000000000..a598b8af2
--- /dev/null
+++ b/ko/configuration/transport/websocket.md
@@ -0,0 +1,35 @@
+---
+refcn: chapter_02/transport/websocket
+refen: configuration/transport/websocket
+---
+
+# 웹 소켓
+
+표준 WebSocket을 사용하여 데이터를 전송하십시오. Websocket 연결은 Nginx와 같은 HTTP 서버에 의해 프록시 될 수 있습니다.
+
+## WebSocketObject
+
+`WebSocketObject` 로 사용되는 `wsSettings` 에서 `TransportObject` 또는 `StreamSettingsObject`.
+
+{% hint style='info' %}
+
+Websocket recognizes HTTP header X-Forwarded-For, and uses it as inbound source address.
+
+{% endhint %}
+
+```javascript
+{
+ "path": "/",
+ "headers": {
+ "Host": "v2ray.com"
+ }
+}
+```
+
+> `경로`: 문자열
+
+Path used for WebSocket. Default to root, as `"/"`.
+
+> `headers`: map{string, string}
+
+Custom HTTP header. An array where each entry is a key value pair in string, for header and value in HTTP header. Default is empty.
\ No newline at end of file
diff --git a/ko/developer/tools.md b/ko/developer/tools.md
new file mode 100644
index 000000000..09d258f8e
--- /dev/null
+++ b/ko/developer/tools.md
@@ -0,0 +1,14 @@
+# Tools
+
+## Third Party SDK
+
+* C#: [v2ray-dotnet-sdk](https://github.com/techotaku/v2ray-dotnet-sdk)
+
+## Automation
+
+V2Ray uses the following automation tools for build and releases.
+
+* [Bazel](https://bazel.build/): Build & package.
+* [Azure DevOps](https://dev.azure.com/): Automated releases.
+* [Google Cloud](https://cloud.google.com/): Automated releases.
+* [CloudFlare](https://cloudflare.com/): Official site and domain.
\ No newline at end of file
diff --git a/ko/styles/website.css b/ko/styles/website.css
new file mode 100644
index 000000000..b76737a80
--- /dev/null
+++ b/ko/styles/website.css
@@ -0,0 +1,35 @@
+.book-summary {
+ font-family: "Noto Sans CJK SC", "PingFang SC", "Microsoft Yahei", "Hiragino Sans GB", sans-serif;
+ font-size: 14px;
+}
+
+.book-header .btn {
+ padding: 0 5px;
+}
+
+.markdown-section {
+ font-family: "Noto Sans CJK SC", "PingFang SC", "Microsoft Yahei", "Hiragino Sans GB", sans-serif;
+ font-weight: 400;
+ font-size: 14px;
+}
+
+.markdown-section pre>code {
+ font-family: "Source Code Pro", monospace;
+ font-weight: 400;
+ font-size: 14px;
+}
+
+.markdown-section code:not([class]) {
+ white-space: nowrap;
+ padding: 0;
+}
+
+.markdown-section blockquote {
+ margin: 0;
+ margin-bottom: .85em;
+ padding: 0 15px;
+ border-left: 4px solid #64b5f6;
+ border-top: 1px solid #64b5f6;
+ color: #000000;
+ margin-top: 10px;
+}
diff --git a/ko/ui_client/README.md b/ko/ui_client/README.md
new file mode 100644
index 000000000..1393aa324
--- /dev/null
+++ b/ko/ui_client/README.md
@@ -0,0 +1,13 @@
+---
+refcn: ui_client/index
+refen: ui_client/index
+---
+# 프로젝트 V 클라이언트
+
+핵심 V2ray 외에, Project V는 많은 플랫폼에 다양한 GUI 클라이언트를 포함합니다. 다음 목록을 참조하십시오.
+
+* [Windows](windows.md)
+* [맥 OS X](osx.md)
+* [iOS](ios.md)
+* [기계적 인조 인간](android.md)
+* [온라인 서비스](ui_client/service.md)
\ No newline at end of file
diff --git a/ko/ui_client/android.md b/ko/ui_client/android.md
new file mode 100644
index 000000000..d3118bbf3
--- /dev/null
+++ b/ko/ui_client/android.md
@@ -0,0 +1,51 @@
+---
+refcn: ui_client/android
+refen: ui_client/android
+---
+# Android 클라이언트
+
+## BifrostV
+
+BifrostV는 V2Ray 코어 기반의 Android 앱입니다. VMess, Shadowsocks, socks 프로토콜을 지원합니다.
+
+* 다운로드 : [Play 스토어](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv)
+* 다운로드 : [APK Pure](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+## V2RayNG
+
+V2RayNG는 V2Ray를 기반으로하는 Android 앱입니다. V2Ray 코어와 동일한 기능 세트를 제공합니다.
+
+* 다운로드 : [Play 스토어](https://play.google.com/store/apps/details?id=com.v2ray.ang)
+* 출처 : [GitHub](https://github.com/2dust/v2rayNG)
+
+## V2Ray Go
+
+* 다운로드 : [Play 스토어](https://play.google.com/store/apps/details?id=org.kkdev.v2raygo)
+* 출처 : [Github](https://github.com/xiaokangwang/V2RayGO)
+
+## 악티늄
+
+* 다운로드 : Play 스토어 (사용할 수 없음)
+* 출처 : [Github](https://github.com/V2Ray-Android/Actinium)
+
+## 기타 도구 {#other}
+
+### 주스
+
+SSH 클라이언트.
+
+* 다운로드 : [Play 스토어](https://play.google.com/store/apps/details?id=com.sonelli.juicessh)
+* 웹 사이트 : [JuiceSSH.com](https://juicessh.com/)
+
+### Termius
+
+SSH 클라이언트
+
+* 다운로드 : [Play 스토어](https://play.google.com/store/apps/details?id=com.server.auditor.ssh.client)
+
+### 전보
+
+암호화 된 토론.
+
+* 웹 사이트 : [telegram.org](https://telegram.org/)
+* 다운로드 : [Play 스토어](https://play.google.com/store/apps/details?id=org.telegram.messenger)
\ No newline at end of file
diff --git a/ko/ui_client/ios.md b/ko/ui_client/ios.md
new file mode 100644
index 000000000..63b475ae8
--- /dev/null
+++ b/ko/ui_client/ios.md
@@ -0,0 +1,62 @@
+---
+refcn: ui_client/ios
+refen: ui_client/ios
+---
+# iOS 고객
+
+## 키츠 네비
+
+Kitsunebi는 V2Ray를 기반으로하는 iOS 앱입니다. V2Ray와 같은 모든 기능을 제공합니다. V2Ray 호환 JSON 구성 가져 오기 및 내보내기도 지원합니다.
+
+* Download: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+## 키츠 네비 라이트
+
+Kitsunebi의 가벼운 버전.
+
+* 다운로드 : [iTunes](https://www.v2ray.com/itunes/us/kitsunebi-lite/id1387913765/)
+
+## 그림자 격자
+
+Shadowrocket은 일반적인 VPN 응용 프로그램입니다. Is는 Shadowsocks, VMess, SSR 등과 같은 여러 프로토콜을 지원합니다.
+
+* 다운로드 : [iTunes](https://www.v2ray.com/itunes/us/shadowrocket/id932747118/)
+
+## Pepi (ShadowRay) {#pepi}
+
+Pepi는 V2Ray 호환 응용 프로그램입니다. VMess 프로토콜을 기반으로 VPN 연결을 생성하고 모든 V2Ray 서버와 통신 할 수 있습니다.
+
+* 다운로드 : [iTunes](https://www.v2ray.com/itunes/us/pepi/id1283082051/)
+
+## Quantumult
+
+* 다운로드 : [iTunes](https://www.v2ray.com/itunes/us/quantumult/id1252015438/)
+
+## 기타 도구 {#other}
+
+### HyperApp
+
+도커로 서버를 구축하는 유틸리티.
+
+* 다운로드 : [iTunes](https://www.v2ray.com/itunes/us/hyperapp/id1179750280/)
+* 웹 사이트 : [HyperApp.fun](https://www.hyperapp.fun/)
+
+### Termius
+
+SSH 클라이언트.
+
+* 다운로드 : [iTunes](https://www.v2ray.com/itunes/us/termius/id549039908/)
+
+### 전보
+
+암호화 된 토론.
+
+* 웹 사이트 : [telegram.org](https://telegram.org/)
+* 다운로드 : [iTunes](https://www.v2ray.com/itunes/us/telegram-messenger/id686449807/)
+
+### 프로톤 메일
+
+암호화 된 이메일.
+
+* 웹 사이트 : [protonmail.com](https://protonmail.com/)
+* 다운로드 : [iTunes](https://www.v2ray.com/itunes/us/protonmail-encrypted-email/id979659905/)
\ No newline at end of file
diff --git a/ko/ui_client/osx.md b/ko/ui_client/osx.md
new file mode 100644
index 000000000..999b88e73
--- /dev/null
+++ b/ko/ui_client/osx.md
@@ -0,0 +1,32 @@
+---
+refcn: ui_client/osx
+refen: ui_client/osx
+---
+# 맥 OS X
+
+## V2RayX
+
+* 다운로드 : [Github](https://github.com/Cenmrev/V2RayX)
+
+## V2RayU
+
+* Download: [Github](https://github.com/yanue/V2rayU)
+
+## Other tools {#other}
+
+### Visual Studio 코드
+
+Microsoft의 소스 코드 편집기.
+
+* Website: [code.visualstudio.com](https://code.visualstudio.com/)
+
+### 전보
+
+암호화 된 토론.
+
+* Website: [telegram.org](https://telegram.org/)
+* Download: [Mac App Store](https://www.v2ray.com/itunesm/us/telegram-desktop/id946399090/)
+
+### Microsoft 원격 데스크톱 연결 클라이언트
+
+* Download: [Mac App Store](https://www.v2ray.com/itunesm/us/microsoft-remote-desktop/id715768417/)
\ No newline at end of file
diff --git a/ko/ui_client/service.md b/ko/ui_client/service.md
new file mode 100644
index 000000000..461bdb9b7
--- /dev/null
+++ b/ko/ui_client/service.md
@@ -0,0 +1,40 @@
+---
+refcn: ui_client/service
+refen: ui_client/service
+---
+# 온라인 서비스
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## V2Ray 관련
+
+* [구성 생성기](https://htfy96.github.io/v2ray-config-gen/)
+* [UUID 생성기](https://www.uuidgenerator.net/)
+
+## VPN
+
+* [BabyDriver](http://babydriver.me/): V2Ray를 지원합니다. 쿠폰 코드 : bcb518
+* [喵 帕斯](https://xn--i2ru8q2qg.com/): V2Ray 지원 (베타)
+* [Lanan](https://xn--sjt174g.com/): V2Ray 기반 VPN 서비스. 쿠폰 코드 : v2ray
+* [다수 派](https://dspi.io/aff.php?aff=7): 새로운 V2Ray 기반 VPN 서비스.
+* [V2rayPro](https://myv2.us/): VPN service based on V2Ray. Coupon code: v2ray.com
+* [V2Net](http://v2net.org/): Customized V2Ray service. Promo code: v2ray.com
+
+## Hosting
+
+* [암호화하자](https://letsencrypt.org/): 무료 TLS 인증서
+* [Vultr](https://www.vultr.com/?ref=7269307): VPS
+ * [2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+* [BlueHost](https://www.bluehost.com/track/v2ray/): VPS, web hosting
+* [ClouDNS](https://www.cloudns.net/aff/id/244749/): Domain registration, DNS, SSL certificate
+
+## Cryptocurrency
+
+* [LocalBitcoins](https://localbitcoins.com/?ch=khtm): Trade Bitcoins offline
+* [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g): OTC market to trade BTC, ETH, BCH, USDT.
+* [Binance](https://www.binance.com/?ref=35382451): Trading market for crypto currencies.
+* [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp): Trading market for crypto currencies.
+* [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18): Online crypto currency wallet
+* [PrimeDice](https://primedice.com/?c=default): Dice game with bitcoin.
+* [OneHash](https://www.onehash.com/?ap=56d52158f7e04b169ec54d): Bet sport games with Bitcoin, including World Cup 2018.
+* [Bitsler](https://www.bitsler.com/?ref=VictoriaR): Casino games with Bitcoin.
\ No newline at end of file
diff --git a/ko/ui_client/windows.md b/ko/ui_client/windows.md
new file mode 100644
index 000000000..5df5347c2
--- /dev/null
+++ b/ko/ui_client/windows.md
@@ -0,0 +1,37 @@
+---
+refcn: ui_client/windows
+refen: ui_client/windows
+---
+# Windows
+
+## V2RayW
+
+* 다운로드 : [Github](https://github.com/Cenmrev/V2RayW)
+
+## V2RayN
+
+* 다운로드 : [Github](https://github.com/2dust/v2rayN)
+
+## V2RayS
+
+* 다운로드 : [Github](https://github.com/Shinlor/V2RayS)
+
+## 기타 도구 {#other}
+
+### 퍼티
+
+SSH 클라이언트.
+
+* 웹 사이트 : [putty.org](http://www.putty.org/)
+
+### Visual Studio 코드
+
+Microsoft의 소스 코드 편집기.
+
+* 웹 사이트 : [code.visualstudio.com](https://code.visualstudio.com/)
+
+### 전보
+
+암호화 된 토론.
+
+* 웹 사이트 : [telegram.org](https://telegram.org/)
\ No newline at end of file
diff --git a/ko/welcome/command.md b/ko/welcome/command.md
new file mode 100644
index 000000000..17401a679
--- /dev/null
+++ b/ko/welcome/command.md
@@ -0,0 +1,151 @@
+---
+refcn: chapter_00/command
+refen: welcome/command
+---
+
+# 명령 행
+
+## V2 레이
+
+V2Ray에는 다음과 같은 명령 줄 매개 변수가 있습니다.
+
+```shell
+v2ray [-version] [-test] [-config=config.json] [-format=json]
+```
+
+> `-version`
+
+Print the version of V2Ray only, and then exit.
+
+> `-test`
+
+Test configuration, output any errors and then exit.
+
+> `-config`
+
+URI of the configuration. Avilable formats are:
+
+* Path to the local config file. May be a relative path or absolute path.
+* `"stdin:"`: Indicates V2Ray to read configuration from standard input. Caller must close stdin after writing out configuration.
+* Value begins with `http://` or `https://` (lowercase): V2Ray tries to load configuration from the remote address.
+
+> `-format`
+
+Configuration format. Choices are:
+
+* `json`: JSON format.
+* `pb` or `protobuf`: Protobuf format.
+
+{% hint style='info' %}
+
+When `-config` is not specified, V2Ray first tries to load configuration from `config.json` under working directory, then from the directory specified by [environment variable](../configuration/env.md) `v2ray.location.asset`.
+
+{% endhint %}
+
+## V2Ctl
+
+V2Ctl is a collection of commandline tools. It runs in the following way:
+
+```bash
+v2ctl
+```
+
+> `command`
+
+Subcommand. Available values are below:
+
+* `api`: Invoke remote control commands in V2Ray instances.
+* `config`: Convert configuration from JSON format to protobuf.
+* `cert`: Generate TLS certificates.
+* `fetch`: Fetch remove resources.
+* `tlsping`: (V2Ray 4.17+) Test TLS handshake.
+* `verify`: Verify the signature of V2Ray releases.
+* `uuid`: Generate UUID.
+
+### V2Ctl Api
+
+`v2ctl api [--server=127.0.0.1:8080] `
+
+Invoke remote control commands in V2Ray instances. Example:
+
+`v2ctl api --server=127.0.0.1:8080 LoggerService.RestartLogger ''`
+
+### V2Ctl Config
+
+`v2ctl config`
+
+No option for this command. It reads JSON configuration from stdin, and print out corresponding Protobuf to stdout, if succeeds.
+
+### V2Ctl Cert
+
+`v2ctl cert [--ca] [--domain=v2ray.com] [--expire=240h] [--name="V2Ray Inc"] [--org="V2Ray Inc] [--json] [--file=v2ray]`
+
+Generates a TLS certificate based on options.
+
+> `--ca`
+
+If specified, the certificate will be a CA certificate.
+
+> `--domain`
+
+Alternative Names in the certificate. This option can be used multiple times for multiple domains. For example: `--domain=v2ray.com --domain=v2ray.cool`.
+
+> `--expire`
+
+Expire date of the certificate. Value is a [Golang duration](https://golang.org/pkg/time/#ParseDuration).
+
+> `--name`
+
+Command Name in the certificate.
+
+> `--org`
+
+Orgnization in the certificate.
+
+> `--json`
+
+If specified, the certificate will be printed to stdout in the JSON format that is used in V2Ray.
+
+> `--file`
+
+Prints the certificate into files. When `--file=a`, two files named `a_cert.pem` and `a_key.pem` will be generated.
+
+### V2Ctl Fetch
+
+`v2ctl fetch `
+
+Fetch remove resources and print to stdout. Only HTTP and HTTPS URL are supported.
+
+### V2Ctl TlsPing
+
+`v2ctl tlsping --ip=[ip]`
+
+Test TLS handlshake with specific domain.
+
+> domain
+
+Target domain for the TLS handshake.
+
+> --ip
+
+The IP address of the domain. If not specifed, V2Ctl resolves it through system DNS.
+
+### V2Ctl Verify
+
+`v2ctl verify [--sig=/path/to/sigfile] `
+
+To verify the signature of a V2Ray binary.
+
+> `--sig`
+
+Path to signature file. Default value is the ".sig" file to the path to be verified.
+
+> `filepath`
+
+The file to be verified.
+
+### V2Ctl UUID
+
+`v2ctl uuid`
+
+No options. This command prints a random UUID.
\ No newline at end of file
diff --git a/ko/welcome/donate.md b/ko/welcome/donate.md
new file mode 100644
index 000000000..9a3083ee4
--- /dev/null
+++ b/ko/welcome/donate.md
@@ -0,0 +1,77 @@
+---
+refcn: chapter_00/02_donate
+refen: welcome/donate
+---
+
+# 기부
+
+V2Ray is a nonprofit project. The source code and its release binary can be used freely (mainly) under MIT licence. If you like this project, you may buy us a cup of coffee.
+
+Your donation has no direct connection to Project V's development and service. Our development will not be influenced by your donation. However, we will send a thank-you email for every donor. If you wish not to receive such email, please leave a note in your donation.
+
+For any donation worth more than $50, you may choose one of the following:
+
+* Your name or your company log shown on our front page for one month.
+* Modify our codebase as you wish. Restrictions: No user facing functionlity changes; no documentation changes. Your change will stay for a month.
+
+## 평범한 길 {#usual-way}
+
+> Paypal
+
+You may donate through [internal Paypal transfer](https://www.paypal.me/ProjectV2Ray/25) or [credit card](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&amount=25¤cy_code=usd&hosted_button_id=4TU3UKYANT2WY)
+
+Please kindly note that Paypal charges high service fee. Any donation less than 1 USD is meaningless.
+
+> Patreon
+
+[Patreon](https://www.patreon.com/v2ray) is a platform for regular donations. You may use Patreon if you want to donate frequently.
+
+> Giftcard
+
+For now we only receive giftcard for Amazon US. You may purchase it [at Amazon.com](https://www.amazon.com/Amazon-eGift-Card-Birthday-Balloons/dp/B01FIS88SY) and then send to `love@v2ray.com`.
+
+## 암호 해독 성 {#crypto}
+
+Cryptocurrency is a more reliable way for international transactions. Crypto-wallet is usually anonymous and your donation is not traceable.
+
+Due to the anonymity natural of cryptocurrenty, please send us an email before your donation, if you want to receive the thank-you email.
+
+> Bitcoin
+
+Address: `3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM`
+
+View stats or QR-Code [at BlockChain](https://www.blockchain.com/btc/address/3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM)
+
+> Bitcoin Cash
+
+Address: `15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97`
+
+View stats or QR-Code [at BlockChain](https://explorer.bitcoin.com/bch/address/15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97)
+
+> Ethereum
+
+Address: `0x112ee71189704fe04cabed4aa045f4461c8c8696`
+
+View stats or QR-Code [at BlockChain](https://www.blockchain.com/eth/address/0x112ee71189704fe04cabed4aa045f4461c8c8696). You may also send the following ERC20 tokens to this address: OMG, REP, GNT, DGD
+
+> EOS
+
+Address: `EOS8Civdok4CBN3jCpsaGQijzesjKof1eyaRFuBU5mLMtWVkLsy8a`
+
+> Litecoin
+
+Address: `LVdeH2HkCgGRs8ZEpan7fkAEEPbiJ4McoR`
+
+> Monero
+
+Address: `48kA4NyLRCWQvB7U2A77G66Z25uWbyzmoZSYjxJfrMR1J4dRFW6fWFLDn3wirAqP8ySnR4rnvoXWxfkNFhrK5ZxY1WyBqKg`
+
+> Ripple
+
+Address: `r439fPk8DzCf4nSxkpfodEuE2cG4KVZQHq`
+
+Tag not required
+
+> Other
+
+Please send us an email at `love@v2ray.com` if you want to donate other kind of coins.
\ No newline at end of file
diff --git a/ko/welcome/faq.md b/ko/welcome/faq.md
new file mode 100644
index 000000000..bc3a72000
--- /dev/null
+++ b/ko/welcome/faq.md
@@ -0,0 +1,67 @@
+---
+refcn: chapter_00/faq
+refen: welcome/faq
+---
+
+# 자주 묻는 질문 (FAQ)
+
+## V2Ray 사용
+
+### V2Ray를 업그레이드하는 방법
+
+* 최신 패키지 다운로드 또는
+* 설치 스크립트 다시 실행 (Linux 전용)
+
+### V2Ray 충돌
+
+* Linux를 systemd와 함께 사용하는 경우 명령 `journalctl -u v2ray`사용하여 패닉 로그를 볼 수 있습니다.
+* 일반적으로 명령 `v2ray -config = -test` 를 실행하여 오류 정보를 볼 수 있습니다.
+
+### Backward Compatibility
+
+* For configuration file (e.g., JSON), backward compatibility applies to at least one major releases. For example, V2Ray 4.x supports config files from V2Ray 3.x.
+* For Protobuf based communication protocols, such as [Api](../configuration/api.md), backward compatibility applies to at least one major releases.
+* For binary based commnunication protocols, such as Shadowsocks and VMess, it is always backward compatible when server version is not older than clients. When client version is newer, backward compatibility applies to at least 12 minor releases.
+
+## V2Ray 오류
+
+### Socks: Unknown Socks version: 67
+
+가능한 원인들
+
+* You are using socks inbound in V2Ray, but your browser is configured to use HTTP proxy.
+
+해결책
+
+* Add a HTTP inbound in V2Ray, and then update your browser proxy settings to use this proxy.
+
+## 이 프로젝트의 라이센스
+
+프로젝트 V는 다음 라이센스를 사용합니다.
+
+### V2Ray
+
+소스 코드와 공식 릴리스는 다음 저장소의 소스 코드와 릴리스를 포함하여 MIT 라이센스에 따라 라이센스가 부여됩니다.
+
+* [v2ray/v2ray-core](https://www.github.com/v2ray/v2ray-core/)
+* [v2ray/ext](https://www.github.com/v2ray/ext)
+
+### V2Ray.Com
+
+공식 웹 사이트, [v2ray.com](https://www.v2ray.com/)은 [Creative Commons Attribution 4.0 International License](https://creativecommons.org/licenses/by/4.0/)의거하여 사용이 허가되었습니다.
+
+* Including all visible text and pictures on the website.
+* Including Project V logo.
+* Including all source code that is used for generating the website, i.e., [v2ray/manual](https://www.github.com/v2ray/manual).
+
+### Screenshot and other files {#screenshots}
+
+아래에 나열된 모든 제 3 자 파일은 작성자의 것입니다. 파일을 만든 사람은 파일을 소유합니다.
+
+* Including all screenshots of Project V.
+* Including all configuration files that are used to run Project V.
+* Including all logs generated by Project V during runtime.
+
+### Other content {#other}
+
+위에 언급되지 않은 모든 컨텐츠는 케이스별로 라이센스가 부여됩니다.
\ No newline at end of file
diff --git a/ko/welcome/help.md b/ko/welcome/help.md
new file mode 100644
index 000000000..e13e3f489
--- /dev/null
+++ b/ko/welcome/help.md
@@ -0,0 +1,117 @@
+---
+refcn: chapter_00/help
+refen: welcome/help
+---
+
+# 지원하다
+
+프로젝트 V는 여러 가지 통신 방법을 제공합니다.
+
+{% hint style='info' %}
+
+Project V team supports Chinese and English. Please choose either one that you are familiar with for questions.
+
+{% endhint %}
+
+## 기생 문제
+
+We uses several repositories for different type of discussions.
+
+* [코드 문제](https://github.com/v2ray/v2ray-core/issues)
+ * 버그 같은 코딩 질문에만 사용됩니다.
+* [로드맵](https://github.com/v2ray/planning/issues)
+* [일반적인 토론](https://github.com/v2ray/discussion/issues)
+
+## 전보
+
+Project V provides the following groups for different type of discussions.
+
+* [용법](https://t.me/v2fly_chat)
+ * Project V 관련 주제에만 해당됩니다.
+* [기타](https://t.me/joinchat/DNcazUIYaH80uVfeS716jg)
+ * 다른 주제들.
+
+Topics in these groups are mainly in Chinese. Feel free to setup groups in your own language and let us know.
+
+{% hint style='danger' %}
+
+All discussion groups forbid the following topics: adult content, politics, hate speeches. Senders of these topics will be banned immedietely.
+
+{% endhint %}
+
+Please also follow [Project V Announcement](https://t.me/v2fly) for news.
+
+## 지저귀다
+
+[ProjectV2Ray](https://twitter.com/projectv2ray) for regular communications.
+
+## 이메일
+
+Please send a message to one of the address below, if you'd like to talk to V2Ray team privately.
+
+`love@v2ray.com`: Main email address for communication. Checked every day.
+
+`v2ray@protonmail.com`: A [ProtonMail](https://protonmail.com/) mailbox which employs end to end encryption. It is difficult to use, and only being checked occasionally.
+
+{% hint style='info' %}
+
+Sadly due to high workload, it is not promised that every email gets replied. Sorry for the inconvenience. For general questions, please use discussion groups above for quick response.
+
+{% endhint %}
+
+You may get PGP public key by searching `love@v2ray.com`, or use the public key below.
+
+```text
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: GPGTools - https://gpgtools.org
+
+mQINBFaPeDABEADAbh3mk58UbKKWndztFKchtTRzU2xFWWRHTdYaNv7Eoo06wrxu
+3eglp0vn+16DIfru4H62TQMS/XSvxib90c4c1tQ4FndVSzv896/IplLKzdrtgn85
+c9eEX4V5b/tKKUmyrG593A/oDdsrpwaIgbNJdzbfqh7WLYESAevRkFJmBZMgfObs
+0pVO/dX6TqS8iV/ARDPbPAzuLosTWXkrRi2+JQmEOKePLsdypRMV9bcgymDA8N6w
+EyGzHyZ2I4wAALtjHXipWFYSZ/4ZK9q9H8G0XV/pk9Y4OFLPGR7T3VCtMwVMhGZk
+CgtcwGOUoE68a/bb9P4FowONnM7tqjM5ef30qNbwe8dMY5DvThffEqQ70LnNc9sj
+OpJF6njxV9ktjjLa3imAB5AStfwX1mBTkQTwnlqAU4pVFcMD6/z+kRFTZGP9nbcY
+cxu5Fg1VVBHHbpgWS39uiwzIBSWVfZj2iHOPcJd9SCZW5xvClcVb1KsU9UD+D88m
+uWBp3TUmxf0f53Uo7Flka1a7MyAEhfcorYsaRioqtPxTZ1z7oYbPLRqLbwmln/YV
+va8XIINQ0hI5phz9kly76ksUqYSz1DRe924/1BwLMs1VzeayB81tOctYd3I7I0aF
+5bF+RLWk0mvYgDBhw/be03PMn17OAkmR6IKNsFcowByNiNaVCLqoE8YVqQARAQAB
+tCFWaWN0b3JpYSBSYXltb25kIDxsb3ZlQHYycmF5LmNvbT6JAj0EEwEKACcFAlaP
+eDACGwMFCQeGH4AFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQV4XalIxIroqu
+ORAAoZNV6LVaDIxjJgH7BFh0oDNEa7Qac+INxkqd62cAmN3vAEF0PlwUhcz80twY
+WvSPMwiLg85wdg/TzM8Ps8umWT6d9rhpkWnlZWyRFYJBpxn6vOpg0OHsgZpJ2+IM
+iREmjK4sYFvuJjGi9e/BT0Mh2+ObcJejwd/+w5vhKb5seva+hw9Fyq569Y2+KMWG
+1M29n3c7NZ6+abYuynxjGdHKOzaTUEGfjrGLZqROD7gb+xtXhBjqKr6jnYlZBAo5
+iEAgnnzbiuDoa6Au+PosB2XZQ+rkecu/3AvmTYZ3wcEJt3FC4Gf9jY2A16ypmArm
+ak2cmLAlz9CIXllFHjqvAHF68UCx2ptxzG3MoWhDFqws09zKSpwLcLdiAWbw//MM
+otzeekx3+b+fjMUa4Eyjg5CvBN0wv2IbEjti744b3HWXW9yOIDrsTrMd8iixfjAe
+3rt9egqTJkLlE8e57Rqnd3E8GpM6LWx8uYXo1aSFxayjJvf+Rvb4VzDA0DHElD2Q
+dRVXJ/mhd14RHDc2QtERcF69GZZ79GFLcTMcXXBlQMDsY0vwBJ56Gi/IGImz9JpT
+swSlU05VSdosMcr01niYoA9BEQjm9Smgd/1b+8qZEAIfvad+SabIRiDacOpN3xSh
+SZzLzIkPukbEp+5hzXt7x22w9M+D6W0Oo22hS8zfV1ZavUa5Ag0EVo94MAEQANoc
+tlwqgv2T372ucpnalh6js8Y/0KkpaevFK6pguZMP6frLX1J05mt+YRUp2UADeqGt
+kuGEiXFZ5cr+smngF0l0HbRkflnILV7wd1WJJmQnvtAbfJfO+tovawUhQH19dLkB
+8KMULcgs0Hrf7QLwus6zs9q0ASu/KkDuQj9gruwWfxk4W5MOQZohk0JcJAZAaBy/
+ojKxz/91YjP3JEEzZuLqLiOz4RK38UBi96u5NEkqrmwCe6SAtpCHsa0dpj6LYZ1y
+1ITmYSUnRwgol/UTRNySkZ2PozX6YFXrdZYtuWir0VClw50tFFkIOCaoT3Q5FpCO
+SSS8smLjT9AAr8U3OZNTfNCQtFSNo8FUBYhXmMgskRC7oeV+t6LJ3rdJxgdaFcA+
+GWL4srMedqxmbmW+8CYGIImmurjTy+C9zAtH88NFMYDnG312IIo9Cse3LnYl7eO/
+KBd3YNvCL096Yqd4B/31fFy74/HaGEfNH7jwLvaY4moRdTff4kBERj7u39UE/jG/
+b4NXmnezUZ55qkYQahoPkUIMzF0tn5bOIh1DOg55Wu/ZYe7DQJVE9L6te6KTxALy
+ycD4WtQaP58SZpxHhGzEjEicPsPE1PpyRoW+Dl8lL+ppMbCl9zAV++BjkNeL5xZN
+dsCtx/jbh+44X9VtK3G+2sdfdC6TqRbW/lELc8P7ABEBAAGJAiUEGAEKAA8FAlaP
+eDACGwwFCQeGH4AACgkQV4XalIxIrorw8RAAg4L9/s8eg90qhslfPjWzvMyi7RvV
+9erHwMB1utxjFDHKknTds2CvnS5JzjpjiT4BT8ICD9cetSP3d7WRNT/XmveeJXjB
+TCxmswrT4H451qsGsCg9eiKIV2is/GolHLnKAvEHICRGsFeCRSB2rNkgWSQ/YJIt
+6vLP1SvwTNY/Y8tyChSbCDaUpvmn4sYf6Qop1Svmn299+22ZVUBp20szsNw233SJ
+IZL0WxSdrMqTdVsZ70m6VEOjOSa15yLryZrwN9U7qbpe2MmuygI90TVGQK4nLZG+
+2XH2YVtBNTl9ZiFdpwq8d7+eMGcStKYQcdy6IZDd3cOeb2sTMUG31HJS3efTmSrT
+tZpOz8TDeNjami78zR5qcW1VmGYbxlZHEhQnpG3U4qWRUZsy5TOYIXKHqCNc3rYH
+iixcKE3UcyHBF7XjdKgpKtsgZfKoDXFz3XATJEeW80GEG05GVMoD9Yvf96Q7lvC6
+U83vL8mHNjuG60KvBk7A9grYaVFioqRvbTdPf41G+tJpYKrHSJXPGglxHnzvBfiD
+WWJIBRTyaCCglZLZ/a1sCsT1DciDWQoqqH7DuK2YvMXG3IDaOfoKAE/uW31azT0B
+X7R92mxQ+gCZgePwG4gOE/xAqHZh84VzdWZJ4cehPgHa/z/enqbQbiQAwTXld4Wt
+PeRpd1GUXXeoGCw=
+=To5T
+-----END PGP PUBLIC KEY BLOCK-----
+```
\ No newline at end of file
diff --git a/ko/welcome/install.md b/ko/welcome/install.md
new file mode 100644
index 000000000..52a3de07b
--- /dev/null
+++ b/ko/welcome/install.md
@@ -0,0 +1,97 @@
+---
+refcn: chapter_00/install
+refen: welcome/install
+---
+
+# 다운로드 & 설치
+
+## 플랫폼 {#platform}
+
+V2Ray는 다음 플랫폼에서 사용할 수 있습니다.
+
+* Windows 7 이상 (x86 / amd64)
+* Mac OS X 10.10 요세미티 이상 (amd64)
+* Linux 2.6.23 이상 (x86 / amd64 / arm / arm64 / mips64 / mips)
+ * 데비안 7 / 8, 우분투 12.04 / 14.04 이상, CentOS 6 / 7, 아치 리눅스
+* FreeBSD (x86 / amd64)
+* OpenBSD (x86 / amd64)
+* 잠자리 BSD (amd64)
+
+## 다운로드 {#download}
+
+사전 제작 된 패키지는 다음에서 찾을 수 있습니다.
+
+1. Github 출시 : [github.com/v2ray/v2ray-core](https://github.com/v2ray/v2ray-core/releases)
+2. Redistribution: [github.com/v2ray/dist](https://github.com/v2ray/dist)
+3. 자작 : [github.com/v2ray/homebrew-v2ray](https://github.com/v2ray/homebrew-v2ray)
+4. 아치 리눅스 : [패키지 / 커뮤니티 / x86_64 / v2ray /](https://www.archlinux.org/packages/community/x86_64/v2ray/)
+5. 스냅 크래프트 : [snapcraft.io/v2ray-core](https://snapcraft.io/v2ray-core)
+
+모든 패키지는 ZIP 형식입니다. 해당 패키지를 다운로드하여 시스템에 압축을 풉니 다.
+
+## 확인 {#verify}
+
+패키지를 검증하는 2 가지 방법이 있습니다.
+
+1. 각각 `.ZIP` 파일은 대응 갖는 `.dgst` SHA 다이제스트위한 파일.
+2. 실행 파일 (v2ray / v2ray.exe)에 대한 GPG 서명 파일은 동일한 패키지의 v2ray.sig (또는 v2ray.exe.sig)에서 찾을 수 있습니다. 공개 키는 저장소에서 입니다.
+
+ ## Windows 또는 Mac OS에 설치 {#install-windows}
+
+ 패키지 압축을 푼 후 v2ray / v2ray.exe를 실행하십시오.
+
+ ## Linux에 설치 {#install-linux}
+
+ 우리는 리눅스에 설치하기위한 스크립트를 제공합니다. 이 스크립트는 이전에 설치된 v2ray를 감지하고 그에 따라 새 버전을 업그레이드 또는 설치합니다. 이전 버전이있는 경우 업그레이드 중에 / etc / v2ray에있는 구성 파일을 덮어 쓰지 않습니다.
+
+ 다음 명령은 루트 권한을 가정합니다.
+
+ 다음 명령을 실행하여 V2Ray를 설치하십시오. yum 또는 apt를 사용할 수 있으면 스크립트는 unzip 및 daemon / systemd를 설치합니다. V2Ray를 서비스로 실행해야합니다. Linux 시스템이 yum이나 apt를 지원하지 않으면 수동으로 설치해야합니다.
+
+ ```bash
+ curl -Ls https://install.direct/go.sh | sudo bash
+ ```
+
+ 스크립트는 다음 파일을 설치합니다.
+
+ * `/ usr / bin / v2ray / v2ray`: V2Ray 실행 파일
+ * `/ usr / bin / v2ray / v2ctl`: 유틸리티
+ * `/etc/v2ray/config.json`: 설정 파일
+ * `/usr/bin/v2ray/geoip.dat`: IP 데이터 파일
+ * `/usr/bin/v2ray/geosite.dat`: 도메인 데이터 파일
+
+ 이 스크립트는 systemd를 사용할 수있는 경우 V2Ray가 서비스로 실행되도록 구성합니다.
+
+ 구성은 다음 위치에 있습니다.
+
+ * `/etc/systemd/system/v2ray.service`: Systemd
+ * `/etc/init.d/v2ray`: SysV
+
+ 설치 후 다음 작업을 수행해야합니다.
+
+ 1. 자신 만의 시나리오를 위해 `/etc/v2ray/config.json` 파일을 업데이트하십시오.
+ 2. `service v2ray start` 명령을 실행하여 V2Ray를 시작합니다.
+ 3. V2Ray 서비스를 제어하려면 선택적으로 `서비스 v2ray start | stop | status | reload | restart | force-reload` 을 실행하십시오.
+
+ ### go.sh {#gosh}
+
+ go.sh는 다음 매개 변수를 지원합니다.
+
+ * `-p` 또는 `--proxy`: 프록시를 사용하여 V2Ray 패키지를 다운로드하십시오. 컬 포맷과 동일 같은 `"SOCKS5 : //127.0.0.1 1080"` 또는 `"http://127.0.0.1:3128"`.
+ * `-f` 또는 `- 강제`: 강제 설치. 스크립트는 V2Ray가 전혀 설치되지 않았다고 가정합니다.
+ * `- 버전`: `"v1.13"과 같이 설치할 버전`. 기본값은 최신 안정 릴리스입니다.
+ * `로컬`: 설치에 로컬 패키지를 사용하십시오.
+
+ 예 :
+
+ * SOCKS 프록시 127.0.0.1:1080을 사용하여 최신 패키지를 설치하십시오. ```./go.sh -p socks5://127.0.0.1:1080```
+ * 로컬 파일에서 v1.13 설치 :```./go.sh --version v1.13 --local /path/to/v2ray.zip```
+
+ ## 도커 {#docker}
+
+ V2Ray는 2 개의 도커 이미지를 제공합니다.
+
+ * [v2ray / official](https://hub.docker.com/r/v2ray/official/): 공식 릴리스가 포함되어 있습니다.
+ * [v2ray / dev](https://hub.docker.com/r/v2ray/dev/): 최신 코드가 들어 있습니다.
+
+ 2 개의 이미지는 Linux 설치와 동일한 구조를가집니다.
\ No newline at end of file
diff --git a/ko/welcome/start.md b/ko/welcome/start.md
new file mode 100644
index 000000000..fe3ee2a86
--- /dev/null
+++ b/ko/welcome/start.md
@@ -0,0 +1,78 @@
+---
+refcn: chapter_00/start
+refen: welcome/start
+---
+
+# 빠른 시작
+
+V2Ray를 설치 한 후에 구성해야합니다. 다음은 데모 실행을위한 빠른 구성입니다. 고급 설정은 [구성 개요](../configuration/overview.md) 을 참조하십시오.
+
+## 고객 {#client}
+
+PC (또는 모바일)에서 다음 구성으로 V2Ray를 실행하십시오.
+
+```javascript
+{
+ "inbounds": [{
+ "port": 1080, // Port of socks5 proxy. 이 포트를 사용하도록 브라우저를 지정하십시오.
+ "listen": "127.0.0.1",
+ "protocol": "socks",
+ "settings": {
+ "udp": true
+ }
+ }],
+ "outbounds": [{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "server", // Address of your V2Ray server. IP 또는 도메인 주소 일 수 있습니다.
+ "port": 10086, // Port of your V2Ray server.
+ "users": [{ "id": "b831381d-6324-4d53-ad4f-8cda48b30811" }]
+ }]
+ }
+ },{
+ "protocol": "freedom",
+ "tag": "direct",
+ "settings": {}
+ }],
+ "routing": {
+ "domainStrategy": "IPOnDemand",
+ "rules": [{
+ "type": "field",
+ "ip": ["geoip:private"],
+ "outboundTag": "direct"
+ }]
+ }
+}
+```
+
+위에서 언급 한 것처럼 V2Ray 서버의 IP 주소를 수정하십시오. 그런 다음 PC의 V2Ray 프로세스는 인트라넷 트래픽을 제외한 V2Ray 서버에 대한 모든 트래픽을 프록시합니다.
+
+## 섬기는 사람 {#server}
+
+V2Ray를 서버로 실행하려면 다른 컴퓨터가 필요합니다. 일반적으로이 컴퓨터는 방화벽 외부에 있습니다. 다음은 샘플 구성입니다.
+
+```javascript
+{
+ "inbounds": [{
+ "port": 10086, // Port of the server. 위와 같아야합니다.
+ "protocol": "vmess",
+ "settings": {
+ "clients": [{ "id": "b831381d-6324-4d53-ad4f-8cda48b30811" }]
+ }
+ }],
+ "outbounds": [{
+ "protocol": "freedom",
+ "settings": {}
+ }]
+}
+```
+
+`id` 필드가 클라이언트와 서버간에 동일해야합니다.
+
+## 달리는 {#running}
+
+* Windows 및 macOS에서 구성 파일은 V2Ray 바이너리와 동일한 디렉토리에 있습니다. 추가 매개 변수없이 `v2ray` 또는 `v2ray.exe` 을 실행할 수 있습니다.
+* Linux에서 구성 파일은 일반적으로 `/etc/v2ray/config.json`있습니다. 실행 `v2ray --config =은 / etc / v2ray / config.json` 전경 또는 배경 프로세스로 V2Ray를 실행하는 systemd와 같은 다른 도구를 사용합니다.
+
+구성에 대한 자세한 내용은 [개요](../configuration/overview.md) 을 참조하십시오.
\ No newline at end of file
diff --git a/ko/welcome/versions.md b/ko/welcome/versions.md
new file mode 100644
index 000000000..03e6d91b3
--- /dev/null
+++ b/ko/welcome/versions.md
@@ -0,0 +1,487 @@
+---
+refcn: chapter_00/01_versions
+refen: welcome/versions
+---
+
+# 버전 기록
+
+This page lists regular releases with feature updates. If a Github release doesn't appear here, it usually only contains bug fixes.
+
+## 2019.03.01 v4.18
+
+* Port list in routing rules now supports mixed format.
+* Updated `geosite` information in routing, and description for static hosts in DNS.
+* Option to not use system root CAs for TLS handshake.
+* New routing rule for traffic attributes.
+
+## 2019.02.22 v4.17
+
+* New sub-command `tlsping` in V2Ctl.
+
+## 2019.02.15 v4.16
+
+For end users:
+
+* DNS outbound proxy now supports to modify DNS server info.
+
+For developers:
+
+* 'ext' repository is now deprecated. [#1541](https://github.com/v2ray/v2ray-core/issues/1541)
+
+## 2019.02.08 v4.15
+
+* DNS outbound proxy.
+
+## 2019.02.01 v4.14
+
+* Static DNS mapping now supports domain to domain mapping.
+
+## 2019.01.18 v4.13
+
+* Quic lib updated. It is not compatible with previous versions.
+* DNS now have `tag` settings.
+
+## 2019.01.11 v4.11
+
+For developers:
+
+* New method: [core.DialUDP](https://github.com/v2ray/v2ray-core/blob/b52725cf659e0f7a38fed2eb36a5a792843bd54f/functions.go#L65)
+* [internet.DialSystem](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/dialer.go#L66) now uses [internet.ListenSystemPacket](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/tcp_hub.go#L65) to establish UDP connections.
+
+## 2018.12.07 v4.8
+
+For end users:
+
+* Bug fixes
+
+For developers:
+
+* New [API doc](https://github.com/v2ray/v2ray-core/blob/master/annotations.go#L13)
+* New method: [internet.RegisterListenerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_listener.go#L63)
+* New method: [internet.RegisterDialerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_dialer.go#L105)
+
+## 2018.11.30 v4.7
+
+* Freedom now supports for dialing IPv4 or IPv6 address only.
+* New QUIC transport.
+
+## 2018.11.23 v4.6
+
+* Freedom now can automatically choose between IPv4 and IPv6 destination address, based on `SendThrough` settings.
+
+## 2018.11.16 v4.4
+
+* Load balancer rules in routing.
+* Memory usage gets optimized.
+
+## 2018.11.05 v4.1
+
+* JSON configuration format changes. Old format is still suported.
+* Performance on GeoIP matching is improved.
+
+## 2018.11.02 v4.0
+
+* Reverse proxy.
+* Release packages for ppc64 and ppc64le.
+
+## 2018.10.12 v3.47
+
+* Migrate to a new continuous delivery pipeline
+
+## 2018.09.28 v3.44
+
+* Dokodemo-door now supports TProxy in Linux.
+
+## 2018.09.21 v3.43
+
+* DNS now supports on-demand queries by domain.
+
+## 2018.09.14 v3.40
+
+* New socket options in transport configuration. It can be used to setup VPNs.
+* New TCP Fast Open option in transport configuration.
+
+## 2018.09.03 v3.38
+
+* mKCP has a new WireGuard header.
+* Fix softfloat binaries in mips/mips64.
+
+## 2018.08.31 v3.37
+
+* Performance of reading network connection in optilized. See [Environment Variables](../configuration/env.md)。
+* VMess uses AES-128-GCM by default on ARM64.
+* Built by Go 1.11.
+
+## 2018.08.24 v3.36
+
+* Great performance improvement on subdomain matching (`domain:`) in routing.
+* Full domain matching is now supported in routing.
+
+## 2018.08.07 v3.34
+
+* Better memory management on most devices.
+
+## 2018.07.27 v3.32
+
+* BitTorrent traffic can now be sniff'ed.
+* New `protocol` option in routing rules for protocol-based routing.
+* New `geosite:speedtest` option in routing rules to match all public servers of speedtest.net.
+
+## 2018.07.20 v3.31
+
+* New [Domain Socket transport](../configuration/transport/domainsocket.md) (Thanks to @xiaokangwang).
+
+## 2018.07.13 v3.30
+
+* Fix an issue that may cause broken connections in mKCP.
+* Thanks to [our friends](https://crowdin.com/project/v2ray) who speak Russian. Now our documents are in [Russian](https://www.v2ray.com/ru/).
+
+## 2018.07.06 v3.29
+
+* New inbound and outbound for MTProto proxy.
+
+## 2018.06.29 v3.27
+
+* DNS now supports EDNS client subnet.
+* DNS static host now supports sub-domain matching.
+
+## 2018.06.15 v3.26
+
+* Add Dragonfly BSD release.
+
+## 2018.06.01 v3.24
+
+* Internal buffer size (per connection) can now be configured in JSON configuration.
+* mKCP now supports DTLS 1.2 header.
+* TLS transport now only support cipher suites in TLS 1.3 spec.
+
+## 2018.05.25 v3.23
+
+* In JSON configuration, port can now be specified from env variables.
+* JSON config now supports to load domains and IPs from specified files.
+
+## 2018.04.20 v3.19
+
+* Traffic stats for inbound proxies.
+
+## 2018.04.13 v3.17
+
+* V2Ray can load config file from HTTP(s).
+* TLS in V2Ray can issue new certificates by provided CA certificates for domains in incoming requests.
+* [HTTP/2](../configuration/transport/h2.md) transport.
+
+## 2018.04.06 v3.16
+
+* [Statistics](../configuration/stats.md).
+* Shadowsocks inbound now can be configured to only listen on UDP. Strongly recommend to not listen on both TCP and UDP on the same port.
+
+## 2018.03.02 v3.11
+
+* A new settings is introduced in VMess inbound, to forbid client using insecure encryption methods.
+* Offers ARMv7 release.
+* Offers MIPS release that doesn't require FPU.
+
+## 2018.02.23 v3.10
+
+* Log entries now contain session ID to distinguish proxy sessions.
+* Bug fixes.
+
+## 2018.02.15 v3.9
+
+* Happy New Year!
+* Bug fixes.
+
+## 2018.02.09 v3.7
+
+* Developer preview: [Remote API](../configuration/api.md)。
+* Bug fixes.
+
+## 2017.12.29 v3.5
+
+* Geoip now supports private network address under name "private".
+
+## 2017.12.22 v3.4
+
+* Websocket nows uses value of X-Forwarded-For header as source address.
+* Support s390x CPU architecture.
+
+## 2017.12.08 v3.1
+
+* Support policy.
+* Config file location can be specified via environment variable.
+
+## 2017.12.01 v3.0
+
+* Support Shadowsocks AEAD
+
+## 2017.11.18 v2.50
+
+* `v2ray` now tried to use `v2ctl` for configuration parsing. Please make sure these 2 files are in the same directory.
+* New `IPOnDemand` strategy in routing.
+
+## 2017.11.10 v2.47
+
+* `geosite` data is now in `geosite.dat` file.
+* Bug fixes.
+
+## 2017.11.03 v2.46
+
+* Router now supports `geosite:cn`, equivalent to existing `chinasites`, but more flexible.
+* Router now supports `geoip`.
+ * File `geoip.dat` is added to release packages. This file contains all `geoip` information and has to stay in the same directory of `v2ray` program. Due to delayed update of installation script, you may have to copy the file manually.
+* Program `v2ctl` is added to release packages. You may run `v2ctl verify /path/to/v2ray` to verify the signature of `v2ray` program.
+
+## 2017.10.27 v2.44
+
+* HTTP now supports Basic Authentication.
+* Some bugs are fixed.
+
+## 2017.10.06 v2.40
+
+* Fix an issue that causes memory leak.
+
+## 2017.09.29 v2.39
+
+* Inbound proxies now close connections more quickly when remote server closes them.
+* Default connection timeout changes to 5 minutes.
+
+## 2017.05.12 v2.27
+
+* New domain mode in router.
+
+## 2017.05.05 v2.26
+
+* Stability fixes.
+
+## 2017.04.28 v2.25
+
+* Simple sniffing on HTTP and TLS traffic for the actual domain on request.
+
+## 2017.04.21 v2.24
+
+* Stabilize Mux.
+* Improves memory efficiency.
+
+## 2017.04.15 v2.23
+
+* Performance improvement in Mux.
+* Max number of connections can be configured in Mux now.
+* Performance improvement in HTTP inbound.
+* connectionReuse setting is removed in favor of Mux.
+
+## 2017.04.08 v2.22
+
+* Mux.Cool protocol.
+
+## 2017.02.25 v2.20
+
+* GPG signature is added to download package.
+* New binary wv2ray.exe is added to Windows package, which runs as a background application.
+
+## 2017.02.18 v2.19
+
+* A new mechanism for anti reply attack is now enforced on server side.
+ * No impact to existing clients.
+* Upgrade of VMess AES-128-GCM / Chacha20-Poly1305 / None encryption methods.
+ * Please upgrade client and server at once.
+ * AES-128-CFB is not affected.
+* Built with Golang 1.8. Add 32-bit MIPS support.
+
+## 2017.02.11 v2.18
+
+* Cleanup WebSocket code.
+* Remove allowPassive option. Now passive connections are always allowed.
+* Bug fixes
+
+## 2017.02.04 v2.17
+
+* Bug fixes.
+
+## 2017.01.28 v2.16
+
+* New 'redirect' option in freedom. It can be used to adapt tools like Shadowsocks Obfs.
+* Performance improvement in VMess non-encryption mode. Not compatible with previous versions.
+* Happy New Year!
+
+## 2017.01.16 v2.15
+
+* All proxies can use mKCP and WebSocket now.
+
+## 2017.01.09 v2.14
+
+* Socks 5 outbound.
+* Bug fixes.
+
+## 2017.01.02 v2.13
+
+* Bug fixes.
+
+## 2016.12.26 v2.12
+
+* Bug fixes.
+
+## 2016.12.19 v2.11
+
+* JSON config file now supports comment.
+
+## 2016.12.12 v2.10
+
+* VMess now supports AES-GCM and ChaCha20-Poly1305 encryption methods.
+
+## 2016.12.05 v2.9
+
+* Fix compatibility with Alpine Linux.
+
+## 2016.11.28 v2.8
+
+* Shadowsocks server now accepts OTA settings.
+* Bug fixes.
+
+## 2016.11.21 v2.7
+
+* Main inbound and outbound connection handler can be tagged now.
+* Bug fixes.
+
+## 2016.11.14 v2.6
+
+* Data sent by one outbound can be proxied to another outbound.
+* Routing can be based on inbound tag.
+
+## 2016.11.07 v2.5
+
+* New Shadowsocks outbound;
+* New TCP header: HTTP;
+
+## 2016.10.24 v2.4
+
+* TCP / mKCP / WebSocket can be configured per inbound / outbound;
+* Routing can be done on source IP;
+
+## 2016.10.17 v2.3
+
+* Introduce new Protobuf-based configuration;
+* OpenBSD binaries;
+* Small fixes;
+
+## 2016.09.19 v2.2
+
+* New transport: WebSocket (Thanks to [@xiaokangwang](https://github.com/xiaokangwang));
+
+## 2016.09.19 v2.1
+
+* mKCP performance improvement;
+
+## 2016.08.20 v2.0
+
+* One year;
+
+## 2016.08.15 v1.24
+
+* New mKCP header: utp;
+* New option in inbound connection config "allowPassive" to allow passive connection;
+
+## 2016.08.08 v1.23
+
+* Optimize mKCP packet format. This version of mKCP is NOT compatible with previous ones;
+* mKCP can now be configured to disguise as video data.
+
+## 2016.08.01 v1.22
+
+* Fix a memory leak in mKCP;
+* Add FreeBSD release;
+
+## 2016.07.25 v1.21
+
+* High performance Chacha20 (Thanks to aead@);
+* Bug fixes;
+
+## 2016.07.18 v1.20
+
+* New KCP options: readBufferSize and writeBufferSize;
+* Bug fixes;
+
+## 2016.07.11 v1.19
+
+* Enable TLS option for all proxies;
+* Fix a performance issue in KCP;
+* Fix an issue in KCP that could cause EOF response;
+
+## 2016.07.04 v1.18
+
+* Fix a "too many open files" issue in KCP;
+* KCP now uses fewer CPU;
+* Other bug fixes;
+
+## 2016.06.19 v1.17
+
+* KCP now is integrated into V2Ray. (Special thanks to [xiaokangwang](https://github.com/xiaokangwang), [xtaci](https://github.com/xtaci) and [skywind3000](https://github.com/skywind3000))
+* Minor bug fixes
+
+## 2016.06.12 v1.16
+
+* TCP connection reuse is now enabled by default;
+* Dokodemo-door is able to recognize TCP connection redirected by iptables;
+* Blackhole is able to send back HTTP forbidden data;
+
+## 2016.06.05 v1.15
+
+* Optionally reuse TCP connection for better performance;
+* Allow listening on a specific IP address;
+* Allow sending data through a specific IP address;
+* Fix an issue in HTTP proxy that may exhaust memory;
+
+## 2016.05.29 v1.14
+
+* Fix a panic issue in http proxy;
+* More functionalies in install script;
+* Static route in DNS;
+* Official server address change;
+
+## 2016.05.16 v1.13
+
+* Internal DNS server, to provide better routing results combined with chinasites and chinaip;
+* Fix an issue in UDP relay;
+
+## 2016.05.01 v1.12.1
+
+* Fix a bug in VMess.
+
+## 2016.05.01 v1.12
+
+* Second try to fix the memory usage issue;
+* Improve Shadowsocks performance;
+* New option "none" in loglevel;
+
+## 2016.04.18 v1.11
+
+* Try to fix the memory usage issue.
+
+## 2016.03.07 v1.10
+
+* Fix an performance issue when dynamic ports refreshes.
+
+## 2016.02.29 v1.9.1
+
+* Fix Shadowsocks one-time authentication (OTA) issue.
+
+## 2016.02.29 v1.9
+
+* Support for Shadowsocks ChaCha20 encryption;
+* Add more direct connection sites to the default configuration file;
+* Dynamic ports now automatically create an account.
+
+## 2016.02.22 v1.8
+
+* Update installation script install-release.sh (thanks, @netcookies):
+ * You can now automatically stop the V2Ray process and update automatically after the completion of V2Ray;
+ * The install-release.sh accepts the --proxy argument and V2Ray specified proxy download;
+* Use Go 1.6 compiler to improve the performance of AES encryption;
+* Minor fixes;
+* Update the official server IP (please re-download the installation package to get the latest configuration).
+
+## 2016.02.08 v1.7
+
+* UDP relay performance improved;
+* Shadowsocks security improved;
+* Minor fixes;
+* Happy new year!
\ No newline at end of file
diff --git a/ko/welcome/workflow.md b/ko/welcome/workflow.md
new file mode 100644
index 000000000..6bc319004
--- /dev/null
+++ b/ko/welcome/workflow.md
@@ -0,0 +1,60 @@
+---
+refcn: chapter_00/workflow
+refen: welcome/workflow
+---
+
+# 워크 플로
+
+## 단일 서버
+
+다른 프록시와 마찬가지로 V2Ray를 실행하는 프록시 서버가 필요합니다. 그런 다음 PC, 모바일 또는 기타 장치에서 해당 서버를 통해 인터넷에 연결할 수 있습니다.
+
+```mermaid
+graph LR;
+A(PC) -.- B(Firewall);
+B -.-> C(Blocked Website);
+A --> D(V2Ray/VPS);
+D --> C;
+A --> E(Normal Website);
+```
+
+V2Ray supports connections from multiple devices at the same time, with optionally different protocols. In the mean time, the local routing mechanism can smartly proxy necessary connections only.
+
+## 서버 브리지
+
+In the case you don't want configuration V2Ray on each of your devices, you may setup a server within the firewall, and then all traffic go through that server. The server does routing itself.
+
+```mermaid
+graph LR;
+A(PC) -.-> B(Firewall);
+B -.-> C(Blocked Website);
+A --> D(VPS 1);
+D --> E(VPS 2);
+E --> C;
+D --> F(Normal Website);
+```
+
+## 내부의
+
+The internal of V2Ray looks like below. It supports multiple inbound proxies, and multiple outbounds. Each of them are independent from others.
+
+```mermaid
+graph LR;
+A1(inbound) --> D(Dispatcher / Router / DNS);
+A2(inbound) --> D;
+A3(inbound) --> D;
+A4(inbound) --> D;
+D --> B1(outbound);
+D --> B2(outbound);
+D --> B3(outbound);
+D --> B4(outbound);
+```
+
+Notes:
+
+* V2Ray를 제대로 작동 시키려면 적어도 하나의 인바운드 및 하나의 아웃 바운드를 구성해야합니다.
+* 인바운드 프록시는 브라우저와 같은 클라이언트 소프트웨어와 통신합니다.
+* 아웃 바운드 프록시는 웹 사이트의 Apache와 같은 원격 서버와 통신합니다.
+* 디스패처는 구성 가능한 규칙을 기반으로 특정 연결에 대한 아웃 바운드를 선택합니다.
+
+Detailed configuration can be found [here](../configuration/overview.md).
\ No newline at end of file
diff --git a/release.sh b/release.sh
deleted file mode 100755
index d6b78dcf6..000000000
--- a/release.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-
-PROJECT=$1
-
-echo "Removing previous machines."
-gcloud compute instances list --project ${PROJECT} | grep TERMINATED \
-| awk '{printf "%s --zone %s\n", $1, $2}' \
-| while read LINE; do
- yes Y | gcloud compute instances delete ${LINE} --project ${PROJECT}
-done
-
-echo "Launching build machine."
-DIR="$(dirname "$0")"
-RAND="$(openssl rand -hex 5)"
-ZONES=("us-central1-b" "us-central1-c" "europe-west1-d" "us-east1-d")
-
-for zone in "${ZONES[@]}"; do
-gcloud compute instances create "v2raycom-${RAND}" \
- --machine-type=n1-highcpu-2 \
- --metadata-from-file=startup-script=${DIR}/deploy.sh \
- --zone=${zone} \
- --project ${PROJECT}
-if [ $? -eq 0 ]; then
- exit 0
-fi
-done
\ No newline at end of file
diff --git a/resources/android.svg b/resources/android.svg
new file mode 100644
index 000000000..15a4935d8
--- /dev/null
+++ b/resources/android.svg
@@ -0,0 +1,14 @@
+
+
+
diff --git a/resources/apple.svg b/resources/apple.svg
new file mode 100644
index 000000000..7f5ea4628
--- /dev/null
+++ b/resources/apple.svg
@@ -0,0 +1,8 @@
+
+
diff --git a/resources/btsync.svg b/resources/btsync.svg
deleted file mode 100644
index a65aca3ce..000000000
--- a/resources/btsync.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/chinese.svg b/resources/chinese.svg
deleted file mode 100644
index 07687d447..000000000
--- a/resources/chinese.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/chinesec.svg b/resources/chinesec.svg
deleted file mode 100644
index 723b7e889..000000000
--- a/resources/chinesec.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/dns_flowchart.svg b/resources/dns_flowchart.svg
new file mode 100644
index 000000000..c4d7c45e4
--- /dev/null
+++ b/resources/dns_flowchart.svg
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/resources/email.svg b/resources/email.svg
deleted file mode 100644
index c4c642dd2..000000000
--- a/resources/email.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/english.svg b/resources/english.svg
deleted file mode 100644
index b9c40864a..000000000
--- a/resources/english.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/englishc.svg b/resources/englishc.svg
deleted file mode 100644
index d7622e4ef..000000000
--- a/resources/englishc.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/flag_cn.svg b/resources/flag_cn.svg
new file mode 100644
index 000000000..366174dee
--- /dev/null
+++ b/resources/flag_cn.svg
@@ -0,0 +1,11 @@
+
diff --git a/resources/flag_de.svg b/resources/flag_de.svg
new file mode 100644
index 000000000..a42f05959
--- /dev/null
+++ b/resources/flag_de.svg
@@ -0,0 +1,6 @@
+
diff --git a/resources/flag_en.svg b/resources/flag_en.svg
new file mode 100644
index 000000000..fdf187475
--- /dev/null
+++ b/resources/flag_en.svg
@@ -0,0 +1,25 @@
+
diff --git a/resources/flag_fa.svg b/resources/flag_fa.svg
new file mode 100644
index 000000000..d60a8120c
--- /dev/null
+++ b/resources/flag_fa.svg
@@ -0,0 +1,32 @@
+
+
\ No newline at end of file
diff --git a/resources/flag_ko.svg b/resources/flag_ko.svg
new file mode 100644
index 000000000..18e339ba4
--- /dev/null
+++ b/resources/flag_ko.svg
@@ -0,0 +1,12 @@
+
+
diff --git a/resources/flag_ru.svg b/resources/flag_ru.svg
new file mode 100644
index 000000000..d5533ed90
--- /dev/null
+++ b/resources/flag_ru.svg
@@ -0,0 +1,5 @@
+
diff --git a/resources/flag_vi.svg b/resources/flag_vi.svg
new file mode 100644
index 000000000..36fb2bf82
--- /dev/null
+++ b/resources/flag_vi.svg
@@ -0,0 +1,5 @@
+
+
diff --git a/resources/github-release.svg b/resources/github-release.svg
deleted file mode 100644
index ef5423a0b..000000000
--- a/resources/github-release.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/gitter.svg b/resources/gitter.svg
deleted file mode 100644
index 6e05597d0..000000000
--- a/resources/gitter.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/gplus.svg b/resources/gplus.svg
deleted file mode 100644
index 590dfffa0..000000000
--- a/resources/gplus.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/internal.svg b/resources/internal.svg
deleted file mode 100644
index f3b2fdc9e..000000000
--- a/resources/internal.svg
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-
-
diff --git a/resources/ios.svg b/resources/ios.svg
new file mode 100644
index 000000000..4db66c778
--- /dev/null
+++ b/resources/ios.svg
@@ -0,0 +1,28 @@
+
+
diff --git a/resources/ipfs.svg b/resources/ipfs.svg
deleted file mode 100644
index b2fb412f6..000000000
--- a/resources/ipfs.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/linux.svg b/resources/linux.svg
new file mode 100644
index 000000000..a255a847f
--- /dev/null
+++ b/resources/linux.svg
@@ -0,0 +1,450 @@
+
+
+
\ No newline at end of file
diff --git a/resources/pgp.svg b/resources/pgp.svg
deleted file mode 100644
index caee2f9cd..000000000
--- a/resources/pgp.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/telegram.svg b/resources/telegram.svg
deleted file mode 100644
index f492cc03f..000000000
--- a/resources/telegram.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/translate.png b/resources/translate.png
new file mode 100644
index 000000000..acbeff895
Binary files /dev/null and b/resources/translate.png differ
diff --git a/resources/twitter.svg b/resources/twitter.svg
deleted file mode 100644
index d94b68df8..000000000
--- a/resources/twitter.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/resources/win.svg b/resources/win.svg
new file mode 100644
index 000000000..b3aa9b1c5
--- /dev/null
+++ b/resources/win.svg
@@ -0,0 +1,9 @@
+
+
diff --git a/ru/README.md b/ru/README.md
new file mode 100644
index 000000000..bc38edd12
--- /dev/null
+++ b/ru/README.md
@@ -0,0 +1,25 @@
+---
+refcn: index
+refen: index
+---
+
+# Проект V
+
+Проект V - это набор инструментов, которые помогут вам создать собственную сеть конфиденциальности через Интернет. Ядро проекта V с именем `V2Ray`отвечает за сетевые протоколы и коммуникации. Он может работать самостоятельно, а также сочетаться с другими инструментами.
+
+Этот веб-сайт является главным образом пособием для V2Ray с дополнительной информацией по всему проекту.
+
+## Характеристики
+
+* Несколько входящих / исходящих прокси: один экземпляр V2Ray поддерживает параллельные множественные входящие и исходящие протоколы. Каждый протокол работает независимо.
+* Настраиваемая маршрутизация: входящий трафик может быть отправлен на различные исходящие из-за конфигурации маршрутизации. Легко маршрутизировать трафик по целевому региону или домену.
+* Несколько протоколов: V2Ray поддерживает несколько протоколов, включая Socks, HTTP, Shadowsocks, VMess и т. Д. Каждый протокол может иметь собственный транспорт, такой как TCP, mKCP, WebSocket и т. Д.
+* Obfuscation: V2Ray встроена в обфускацию, чтобы скрыть трафик в TLS и может работать параллельно с веб-серверами.
+* Обратный прокси: общая поддержка обратного прокси. Может использоваться для создания туннелей на localhost.
+* Несколько платформ: V2Ray запускается изначально на Windows, Mac OS, Linux и т. Д. Существует также сторонняя поддержка на мобильных устройствах.
+
+{% hint style='info' %}
+
+Этот сайт генерируется GitBook и хостится через GitHub. Если вы хотите изменить его содержимое, отправьте pull-запрос в [этот репозиторий](https://github.com/v2ray/manual).
+
+{% endhint %}
\ No newline at end of file
diff --git a/ru/SUMMARY.md b/ru/SUMMARY.md
new file mode 100644
index 000000000..d68cd9f26
--- /dev/null
+++ b/ru/SUMMARY.md
@@ -0,0 +1,51 @@
+# Краткое описание
+
+* [Project V](README.md)
+ * [История версий](welcome/versions.md)
+ * [Принцип работы](welcome/workflow.md)
+ * [Установка](welcome/install.md)
+ * [Быстрый старт](welcome/start.md)
+ * [Командная строка](welcome/command.md)
+ * [Пожертвование](welcome/donate.md)
+ * [Поддержка](welcome/help.md)
+ * [ЧаВо](welcome/faq.md)
+ * [↪ Блог](https://steemit.com/@v2ray)
+* [Настройка](configuration/README.md)
+ * [Обзор](configuration/overview.md)
+ * [Протоколы](configuration/protocols.md)
+ * [Blackhole](configuration/protocols/blackhole.md)
+ * [DNS](configuration/protocols/dns.md)
+ * [Dokodemo](configuration/protocols/dokodemo.md)
+ * [Freedom](configuration/protocols/freedom.md)
+ * [MTProto](configuration/protocols/mtproto.md)
+ * [HTTP](configuration/protocols/http.md)
+ * [Shadowsocks](configuration/protocols/shadowsocks.md)
+ * [SOCKS](configuration/protocols/socks.md)
+ * [VMess](configuration/protocols/vmess.md)
+ * [Правила](configuration/policy.md)
+ * [Маршрутизация](configuration/routing.md)
+ * [DNS](configuration/dns.md)
+ * [Мультиплексирование](configuration/mux.md)
+ * [API](configuration/api.md)
+ * [Статистика](configuration/stats.md)
+ * [Обратный прокси](configuration/reverse.md)
+ * [Доставка](configuration/transport.md)
+ * [TCP](configuration/transport/tcp.md)
+ * [mKCP](configuration/transport/mkcp.md)
+ * [WebSocket](configuration/transport/websocket.md)
+ * [HTTP/2](configuration/transport/h2.md)
+ * [DomainSocket](configuration/transport/domainsocket.md)
+ * [QUIC](configuration/transport/quic.md)
+ * [Переменные](configuration/env.md)
+* [Awesome V](awesome/tools.md)
+ * [With Ads](awesome/ads.md)
+* Разработка
+ * Milestone
+ * Guide
+ * Design
+ * Сборка приложения
+ * [Инструменты](developer/tools.md)
+ * Протоколы
+ * VMess
+ * mKCP
+ * Mux.Cool
\ No newline at end of file
diff --git a/ru/awesome/ads.md b/ru/awesome/ads.md
new file mode 100644
index 000000000..e7e0ac523
--- /dev/null
+++ b/ru/awesome/ads.md
@@ -0,0 +1,72 @@
+---
+refcn: awesome/ads
+refen: awesome/ads
+---
+
+# Some Advertisement
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## Self Hosting
+
+> [Let's Encrypt](https://letsencrypt.org/)
+
+Free TLS certificates
+
+> [Vultr](https://www.vultr.com/?ref=7269307)
+
+VPS
+
+[2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+
+> [BlueHost](https://www.bluehost.com/track/v2ray/)
+
+VPS, web hosting
+
+> [ClouDNS](https://www.cloudns.net/aff/id/244749/)
+
+Domain registration, DNS, SSL certificate
+
+> [Bandwagon](https://bandwagonhost.com/aff.php?aff=44317)
+
+Well-known VPS provider. Low price for good product.
+
+## VPN
+
+> [BabyDriver](http://babydriver.me/)
+
+Supports V2Ray. Coupon code: bcb518
+
+> [喵帕斯](https://xn--i2ru8q2qg.com/)
+
+V2Ray support (beta)
+
+> [Lanan](https://xn--sjt174g.com/)
+
+V2Ray based VPN service. Coupon code: v2ray
+
+> [V2Net](http://v2net.org/)
+
+Customized V2Ray service. Promo code: v2ray.com
+
+## Cryptocurrency
+
+> [LocalBitcoins](https://localbitcoins.com/?ch=khtm)
+
+Trade Bitcoins offline
+
+> [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g)
+
+OTC market to trade BTC, ETH, BCH, USDT.
+
+> [Binance](https://www.binance.com/?ref=35382451)
+
+Trading market for crypto currencies.
+
+> [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp)
+
+Trading market for crypto currencies.
+
+> [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18)
+
+Online crypto currency wallet
\ No newline at end of file
diff --git a/ru/awesome/tools.md b/ru/awesome/tools.md
new file mode 100644
index 000000000..7ffcd75f2
--- /dev/null
+++ b/ru/awesome/tools.md
@@ -0,0 +1,96 @@
+---
+refcn: awesome/tools
+refen: awesome/tools
+---
+
+# Awesome V
+
+# Graphic Client
+
+> V2RayW
+
+Download: [Github](https://github.com/Cenmrev/V2RayW)
+
+> V2RayN
+
+Download: [Github](https://github.com/2dust/v2rayN)
+
+> Clash for Windows
+
+Download: [Github](https://github.com/Fndroid/clash_for_windows_pkg)
+
+> V2RayX
+
+Download: [Github](https://github.com/Cenmrev/V2RayX)
+
+> V2RayU
+
+Download: [Github](https://github.com/yanue/V2rayU)
+
+> ClashX
+
+Download: [Github](https://github.com/yichengchen/clashX)
+
+> Qv2ray
+
+Qv2ray: v2ray Cross-Platform GUI written in Qt, supports multi-language, connection edit and auto-check updates
+
+Download: [GitHub](https://github.com/qv2ray/Qv2ray)
+
+Website:
+
+> Mellow
+
+Mellow is a rule-based global transparent proxy client for Windows, macOS and Linux.
+
+Download: [Github](https://github.com/mellow-io/mellow)
+
+> Kitsunebi
+
+Kitsunebi is an iOS app based on V2Ray. It provides full functionality as V2Ray. It also supports importing and exporting V2Ray compatible JSON configuration.
+
+Download: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+> i2Ray
+
+i2Ray is another iOS app based on V2Ray with easy-to-use UI design.
+
+Download: [iTunes](https://itunes.apple.com/us/app/i2ray/id1445270056?mt=8)
+
+> Shadowrocket
+
+Shadowrocket is a generic VPN app. Is supports multiple protocols such as Shadowsocks, VMess, SSR etc.
+
+Download: [iTunes](https://itunes.apple.com/us/app/shadowrocket/id932747118?mt=8)
+
+> Pepi (was ShadowRay)
+
+Pepi is V2Ray compatible app. Is is able create VPN connections based on VMess protocol, and communicate with any V2Ray servers.
+
+Download: [iTunes](https://itunes.apple.com/us/app/pepi/id1283082051?mt=8)
+
+> Quantumult
+
+Download: [iTunes](https://itunes.apple.com/us/app/quantumult/id1252015438?mt=8)
+
+> BifrostV
+
+BifrostV is an Android app based on V2Ray core. It supports VMess, Shadowsocks, socks protocols.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv) | [APK Pure](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+> V2RayNG
+
+V2RayNG is an Android app based on V2Ray. It provides same feature set as V2Ray core.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.v2ray.ang) | [GitHub](https://github.com/2dust/v2rayNG)
+
+## Online services
+
+> [Configuration generator](https://htfy96.github.io/v2ray-config-gen/)
+
+Online configuration generator.
+
+> [UUID Generator](https://www.uuidgenerator.net/)
+
+UUID generator for VMess users.
diff --git a/ru/book.json b/ru/book.json
new file mode 100644
index 000000000..d254e3f4e
--- /dev/null
+++ b/ru/book.json
@@ -0,0 +1,34 @@
+{
+ "language": "ru",
+ "title": "Project V Official",
+ "plugins" : [
+ "-fontsettings",
+ "-search",
+ "-lunr",
+ "-highlight",
+ "-sharing",
+
+ "mermaid-gb3",
+ "anchors",
+ "ga",
+ "prism",
+ "prism-themes",
+ "hints"
+ ],
+ "pluginsConfig": {
+ "ga": {
+ "token": "UA-73620536-1"
+ },
+ "prism": {
+ "css": [
+ "prism-themes/themes/prism-base16-ateliersulphurpool.light.css"
+ ],
+ "lang": {
+ "objc": "objectivec",
+ "shell": "bash",
+ "text": "textile",
+ "plain": "textile"
+ }
+ }
+ }
+}
diff --git a/ru/configuration/README.md b/ru/configuration/README.md
new file mode 100644
index 000000000..7fdd4f734
--- /dev/null
+++ b/ru/configuration/README.md
@@ -0,0 +1,76 @@
+---
+refcn: chapter_02/index
+refen: configuration/index
+---
+
+# Настройка
+
+V2Ray использует конфиг на основе [protobuf](https://developers.google.com/protocol-buffers/). Поскольку формат protobuf слабо читабелен, V2Ray также поддерживает настройку в JSON. Перед запуском, V2Ray автоматически преобразует конфигурацию JSON в protobuf. В дальнейшем могут быть введены другие форматы конфигурации.
+
+Здесь мы приводим конфигурацию на основе JSON.
+
+JSON или [JavaScript Object Notation](https://en.wikipedia.org/wiki/JSON) - способ представления объектов в Javascript. Один JSON-файл содержит один и только один JSON-объект, начинающийся с «{» и завершающийся «}».
+
+JSON-объект содержит список пар ключ-значение. Ключ - это строка, а значение может быть строкой, числом, логическим значением, массивом или другим объектом. Типичный объект выглядит следующим образом:
+
+```javascript
+{
+ "stringValue": "This is a string.",
+ "numberValue": 42,
+ "boolValue": true,
+ "arrayValue": ["this", "is", "a", "string", "array"],
+ "objectValue": {
+ "another": "object"
+ }
+}
+```
+
+{% hint style='info' %}
+
+V2Ray supports comments in JSON,annotated by "//" or "/\* \*/". In an editor that doesn't support comments, they may get displayed as errors, but comments actually work fine in V2Ray.
+
+{% endhint %}
+
+## Типы данных JSON
+
+Here is a brief introduction of JSON data types. They will be referenced in the rest of docs.
+
+> `boolean`: true | false
+
+Boolean value, has to be either `true` or `false`, without quotation mark.
+
+> `number`
+
+Usually non-negative integers, without quotation mark.
+
+> `string`
+
+Sequence of characters, surrounded by quotation mark.
+
+> `array`: []
+
+Array of elements. The type of its elements is usually the same, e.g., `[string]` is an array of `string`s.
+
+> `object`: {}
+
+Object. It comes with a list of key value pairs.
+
+{% hint style='tip' %}
+
+A key value pair usually ends with a comma ",", but must not ends with a comma if it is the last element of the object.
+
+{% endhint %}
+
+## V2Ray Common Data Types
+
+> `map`: object \{string, string\}
+
+An object whose keys and values have fixed types.
+
+> `address`: string
+
+An IP or domain address in string form, such as `"8.8.8.8"` or `"www.v2ray.com"`
+
+> `address_port`: string
+
+An `address` with port, such as `"8.8.8.8:53"` or `"www.v2ray.com:80"`. In some usages, the address part can be omitted, like `":443"`.
\ No newline at end of file
diff --git a/ru/configuration/api.md b/ru/configuration/api.md
new file mode 100644
index 000000000..6f757b1b9
--- /dev/null
+++ b/ru/configuration/api.md
@@ -0,0 +1,52 @@
+---
+refcn: chapter_02/api
+refen: configuration/api
+---
+
+# API
+
+V2Ray предоставляет API для удаленного доступа. Эти API основаны на [gRPC](https://grpc.io/).
+
+Когда API включено, V2Ray автоматически создает исходящий прокси, помеченный через `tag`. Пользователь должен [маршрутизировать](routing.md) все соединения gRPC в этот прокси.
+
+## ApiObject
+
+`ApiObject` используется как поле `api` на верхнем уровне конфигурации.
+
+```javascript
+{
+ "tag": "api",
+ "services": [
+ "HandlerService",
+ "LoggerService",
+ "StatsService"
+ ]
+}
+```
+
+> `tag`: string
+
+Метка исходящего прокси.
+
+> `services`: \[ string \]
+
+Список включенных API.
+
+## Список поддерживаемых API
+
+### HandlerService
+
+API для управления входящими и исходящими прокси. Доступны следующие функции:
+
+* Добавление нового входящего/исходящего прокси.
+* Удаление существующего входящего/исходящего прокси.
+* Добавление нового пользователя входящего прокси (только для VMess).
+* Удаление существующего пользователя входящего прокси (только для VMess).
+
+### LoggerService
+
+Перезапуск внутреннего логгера. Может работать с logrotate для оперирования файлами журнала.
+
+### StatsService
+
+Поддержка [внутренней статистики](stats.md).
\ No newline at end of file
diff --git a/ru/configuration/dns.md b/ru/configuration/dns.md
new file mode 100644
index 000000000..460b7390c
--- /dev/null
+++ b/ru/configuration/dns.md
@@ -0,0 +1,104 @@
+---
+refcn: chapter_02/04_dns
+refen: configuration/dns
+---
+
+# DNS
+
+V2Ray имеет внутренний DNS-сервер, используемый другими компонентами.
+
+{% hint style='info' %}
+
+Due to the complexity of DNS protocol, V2Ray for now only supports basic IP queries (A and AAAA). We recommend to use a professional DNS rely (such as [CoreDNS](https://coredns.io/)) for V2Ray.
+
+{% endhint %}
+
+The DNS queries relayed by this DNS service will also be dispatched based on routing settings. No extra configuration is required.
+
+## DnsObject
+
+`DnsObject` is used as `dns` field in top level configuration.
+
+```javascript
+{
+ "hosts": {
+ "baidu.com": "127.0.0.1"
+ },
+ "servers": [
+ {
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ]
+ },
+ "8.8.8.8",
+ "8.8.4.4",
+ "localhost"
+ ],
+ "clientIp": "1.2.3.4",
+ "tag": "dns_inbound"
+}
+```
+
+> `hosts`: map{string: address}
+
+A list of static addresses, in the form of `domain:address`. Each entry has a domain name as key and IP or domain address as value. If a DNS query targets one of the domains in this list, the corresponding IP will be returned immediately and DNS query will not be relayed, or the corresponding domain address will be used for further DNS queries, instead of the previous one.
+
+The format of domains is:
+
+* Plaintext: When the targeting domain is exactly the value, the rule takes effect. Example: rule `"v2ray.com"` matches `"v2ray.com"`, but not `"www.v2ray.com"`.
+* Regular expression: Begining with `"regexp:"`, the rest is a regular expression. When the regexp matches targeting domain, this rule takes effect. Example: rule `"regexp:\\.goo.*\\.com$"` matches `"www.google.com"` and `"fonts.googleapis.com"`, but not `"google.com"`.
+* Subdomain (recommended): Begining with `"domain:"` and the rest is a domain. When the targeting domain is exactly the value, or is a subdomain of the value, this rule takes effect. Example: rule `"domain:v2ray.com"` matches `"www.v2ray.com"`, `"v2ray.com"`, but not `"xv2ray.com"`.
+* Keyword: Begining with `"keyword:"` and the rest is a pattern. If this string matches any part of the targeting domain, this rule takes effet. Example: rule `"keyword:sina.com"` matches targeting domain `"sina.com"`, `"sina.com.cn"` and `"www.sina.com"`, but not `"sina.cn"`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](routing.md#pre-defined-domain-lists) for more detail.
+
+> `servers`: \[string | [ServerObject](#serverobject) | "localhost" \]
+
+List of DNS servers. Each server may be specified in three formats: IP address, [ServerObject](#serverobject), or `"localhost"`.
+
+When a server is an IP address, such as `"8.8.8.8"`, V2Ray queries DNS on UDP port 53 on this address.
+
+When a server is `"localhost"`, V2Ray queries local host for DNS.
+
+{% hint style='info' %}
+
+When `"localhost"` is used, out-going DNS traffic is not controlled by V2Ray. However, you may redirect DNS queries back to V2Ray with additional configuration.
+
+{% endhint %}
+
+> `clientIp`: string
+
+IP address of current machine. If specified, V2Ray uses this IP as EDNS-Client-Subnet. This IP can't be a private address.
+
+> `tag`: string
+
+(V2Ray 4.13+) All traffic initiated from this DNS, except to localhost, will have this tag as inbound. It can be used for routing.
+
+### ServerObject
+
+```javascript
+{
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ],
+}
+```
+
+> `address`: address
+
+Address of the DNS server. For now only UDP servers are supported.
+
+> `port`: number
+
+Port of the DNS server. Usually it is `53` or `5353`.
+
+> `domains`: \[string\]
+
+A list of domains. If the domain of enquire matches one of the list, this DNS server will be prioritized for DNS query for this domain.
+
+Domain name format is the same as in [routing](routing.md).
+
+When a DNS server has the domain in its domain list, the domain will be queried in this server first, and then other servers. Otherwise DNS queries are sent to DNS servers in the order they appear in the config file.
\ No newline at end of file
diff --git a/ru/configuration/env.md b/ru/configuration/env.md
new file mode 100644
index 000000000..f0de54895
--- /dev/null
+++ b/ru/configuration/env.md
@@ -0,0 +1,46 @@
+---
+refcn: chapter_02/env
+refen: configuration/env
+---
+
+# Переменные окружения
+
+V2Ray считывает следующие переменные среды.
+
+## Размер кеша на соединение {#buffer-size}
+
+* Имя: `v2ray.ray.buffer.size` или `V2RAY_RAY_BUFFER_SIZE`
+* Единицы: МБ
+* Значение по умолчанию: 2 на x86, amd64, arm64 и s390x. Этот кэш отключен на других платформах.
+* Диапазон: от 0 до бесконечности
+
+**Устарело. Используйте bufferSize в Локальной политике.**
+
+Для каждого соединения, у которого есть разница в скорости между входящим и исходящим трафиком, V2Ray будет кэшировать некоторые данные для большей пропускной способности. Этот параметр управляет размером кэша. Чем больше кеш, тем лучше производительность.
+
+## Расположение данных V2Ray {#asset}
+
+* Имя: `v2ray.location.asset` или `V2RAY_LOCATION_ASSET`
+* Значение по умолчанию: директория, где находится v2ray.
+
+Эта переменная указывает каталог, в котором находятся файлы geoip.dat и geosite.dat.
+
+## Расположение конфигурации V2Ray {#config}
+
+* Имя: `v2ray.location.config` или `V2RAY_LOCATION_CONFIG`
+* Значение по умолчанию: директория, где находится v2ray.
+
+Эта переменная указывает каталог, в котором находится config.json.
+
+## Рассеянное чтение (Scatter reading) {#scatter-io}
+
+* Имя: `v2ray.buf.readv` или `V2RAY_BUF_READV`
+* Значение по умолчанию: `auto`
+
+V2Ray 3.37 использует Scatter/Gather IO. Эта функция будет использовать меньше памяти, если скорость соединения превышает 100 МБайт/с. Возможные значения `auto`, `enable` и `disable`.
+
+* `enable`: Включить рассеянное чтение.
+* `disable`: Выключить рассеянное чтение.
+* `auto`: Включить рассеянное чтение только на Windows, MacOS, Linux с ЦП x86, AMD64 или s390x.
+
+Когда скорость соединения меньше 100 Мбайт/с, независимо от того, включена опция или нет, явной разницы в использовании памяти не наблюдается.
\ No newline at end of file
diff --git a/ru/configuration/mux.md b/ru/configuration/mux.md
new file mode 100644
index 000000000..90695db92
--- /dev/null
+++ b/ru/configuration/mux.md
@@ -0,0 +1,27 @@
+---
+refcn: chapter_02/mux
+refen: configuration/mux
+---
+
+# Мультиплексирование
+
+Мультиплексирование или Mux - это использование одного физического TCP-соединения для нескольких виртуальных TCP-соединений.
+
+Мультиплексирование предназначено для уменьшения задержек при установлении соединения (handshake) TCP. Это НЕ повышает пропускную способность. При загрузке больших файлов или измерении скорости, Mux обычно медленнее, чем обычное TCP-подключение.
+
+## MuxObject
+
+```javascript
+{
+ "enabled": false,
+ "concurrency": 8
+}
+```
+
+> `enabled`: true | false
+
+Включать или нет Mux для исходящих соединений.
+
+> `concurrency`: number
+
+Максимальное количество мультиплексированных соединений, которые может одновременно обрабатывать одно физическое соединение. Максимум: `1024`, минимум: `1`, по умолчанию: `8`.
\ No newline at end of file
diff --git a/ru/configuration/overview.md b/ru/configuration/overview.md
new file mode 100644
index 000000000..30858523b
--- /dev/null
+++ b/ru/configuration/overview.md
@@ -0,0 +1,249 @@
+---
+refcn: chapter_02/01_overview
+refen: configuration/overview
+---
+
+# Обзор настроек
+
+V2Ray имеет одинаковую структуру (см. ниже) файлов с настройками как на сервере, так и на клиенте. В отдельных секциях настройки сервера и клиента отличаются.
+
+Ниже представлена структура верхнего уровня конфигурации. Каждый раздел имеет свой собственный формат.
+
+```javascript
+{
+ "log": {},
+ "api": {},
+ "dns": {},
+ "stats": {},
+ "routing": {},
+ "policy": {},
+ "inbounds": [],
+ "outbounds": [],
+ "transport": {}
+}
+```
+
+> `log`: [LogObject](#logobject)
+
+Log configuration to control log outputs.
+
+> `api`: [ApiObject](api.md)
+
+RPC API to control the V2Ray instance. See [API configuration](api.md) for details.
+
+> `dns`: [DnsObject](dns.md)
+
+Configuration for internal DNS server's configurations. If this section is omitted, V2Ray will use your system-wide DNS configuration. For details, see [DNS Configurations](dns.md).
+
+> `stats`: [StatsObject](stats.md)
+
+When specified, internal [Statistics](stats.md) is enabled.
+
+> `policy`: [PolicyObject](policy.md)
+
+Configurations for permissions and other security strategies. For details, see [Local Policy](policy.md).
+
+> `routing`: [RoutingObject](routing.md)
+
+Configuration for internal [Routing](routing.md) strategy.
+
+> `inbounds`: \[ [InboundObject](#inboundobject) \]
+
+An array of [InboundObject](#inboundobject) as configuration for inbound proxies.
+
+> `outbounds`: \[ [OutboundObject](#outboundobject) \]
+
+An array of [OutboundObject](#outboundobject) as configuration for outbound proxies. The first outbound in the array is the main one. It is the default outbound in routing decision.
+
+> `transport`: [TransportObject](transport.md)
+
+Low-level transport protocol's configurations. For details, see [Protocol Transport Options](transport.md).
+
+## LogObject
+
+```javascript
+{
+ "access": "/path/to/file",
+ "error": "/path/to/file",
+ "loglevel": "warning"
+}
+```
+
+> `access`: string
+
+Path to access log. If not empty, it must be a legal file path, such as `"/tmp/v2ray/_access.log"`(Linux), or `"C:\\Temp\\v2ray\\_access.log"`(Windows). If empty, V2Ray writes access log to `stdout`.
+
+> `error`: string
+
+Path to error log. If not empty, it must be a legal file path. If empty, V2Ray writes error log to `stdout`.
+
+> `loglevel`: "debug" | "info" | "warning" | "error" | "none"
+
+Level of logs to be written. Different log levels indicate different content of logs. Default value is `"warning"`.
+
+Уровни журналирования:
+
+* `"debug"`: Information for developers only. Also includes all `"info"` logs.
+* `"info"`: Information for current state of V2Ray. Users don't have to take care of those. Also includes all `"warning"` logs.
+* `"warning"`: Something wrong with the environment, usually outside of V2Ray, e.g., network breakage. V2Ray still runs, but users may experience some breakages. Also includes all `"error"` logs.
+* `"error"`: Something severely wrong, that V2Ray can't run at all.
+* `"none"`: All logging are disabled.
+
+## InboundObject
+
+An InboundObject defines an inbound proxy. It handles incoming connections to V2Ray. Available proxies are [listed here](protocols.md).
+
+```javascript
+{
+ "port": 1080,
+ "listen": "127.0.0.1",
+ "protocol": "protocol_name",
+ "settings": {},
+ "streamSettings": {},
+ "tag": "inbound_tag_name",
+ "sniffing": {
+ "enabled": false,
+ "destOverride": ["http", "tls"]
+ },
+ "allocate": {
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+ },
+}
+```
+
+> `port`: number | "env:variable" | string
+
+Port that the proxy is listening on. Acceptable formats are:
+
+* Integer: actual port number.
+* Environment variable: Beginning with `"env:"`, an env variable specifies the port in string format, such as `"env:PORT"`. V2Ray will decode the variable as string.
+* String: A numberic string value, such as `"1234"`, or a range of ports, such as `"5-10"` for 6 ports in total.
+
+The actual ports to open also depend on `allocate` setting. See below.
+
+> `listen`: address
+
+The address to be listened on. Default value is `"0.0.0.0"` for incoming connections on all network interfaces. Otherwise the value has to be the address of an existing network interface.
+
+> `protocol`: string
+
+Name of the inbound protocol. See each individual for available values.
+
+> `settings`: InboundConfigurationObject
+
+Protocol-specific settings. See `InboundConfigurationObject` defined in each protocol.
+
+> `streamSettings`: [StreamSettingsObject]
+
+See [Protocol Transport Options](transport.md) for detail.
+
+> `tag`: string
+
+The tag of the inbound proxy. It can be used for routing decisions. If not empty, it must be unique among all inbound proxies.
+
+> `sniffing`: [SniffingObject](#sniffingobject)
+
+Configuration for content sniffing.
+
+> `allocate`: [AllocateObject](#allocateobject)
+
+Configuration for port allocation.
+
+### SniffingObject
+
+```javascript
+{
+ "enabled": false,
+ "destOverride": ["http", "tls"]
+}
+```
+
+> `enabled`: true | false
+
+Whether or not to enable content sniffing.
+
+> `destOverride`: \["http" | "tls"\]
+
+An array of content type. If the content type of incoming traffic is specified in the list, the destination of the connection will be overwritten by sniffed value.
+
+### AllocateObject
+
+```javascript
+{
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+}
+```
+
+> `strategy`: "always" | "random"
+
+Strategy of port allocation. When it is set to `"always"`, all port in the `port` field will be allocated for listening. If `"random"` is set, V2Ray will listen on number of `concurrency` ports, and the list of ports are refereshed every `refresh` minutes.
+
+> `refresh`: number
+
+Number of minutes to refresh the ports of listening. Min value is `2`. This setting is only effective when `strategy` is set to `"random"`.
+
+> `concurrency`: number
+
+Number of ports to listen. Min value is `1`. Max value is one third of entire port range.
+
+## OutboundObject
+
+An OutboundObject defines an outbound proxy for handling out-going connections. Available protocols are listed [here](protocols.md).
+
+```javascript
+{
+ "sendThrough": "0.0.0.0",
+ "protocol": "protocol_name",
+ "settings": {},
+ "tag": "this_outbound_tag_name",
+ "streamSettings": {},
+ "proxySettings": {
+ "tag": "another_outbound_tag_name"
+ },
+ "mux": {}
+}
+```
+
+> `sendThrough`: address
+
+An IP address for sending traffic out. The default value, `"0.0.0.0"` is for randomly choosing an IP available on the host. Otherwise the value has to be an IP address from existing network interfaces.
+
+> `protocol`: string
+
+The protocol name of this outbound. See [Protocols](protocols.md) for all available values.
+
+> `settings`: OutboundConfigurationObject
+
+Protocol-specific settings. See `OutboundConfigurationObject` in each individual protocols.
+
+> `tag`: string
+
+The tag of this outbound. If not empty, it must be unique among all outbounds.
+
+> `streamSettings`: [StreamSettingsObject](transport.md)
+
+Low-level transport settings. See [Protocol Transport Options](transport.md).
+
+> `proxySettings`: [ProxySettingsObject](#proxysettingsobject)
+
+Configuration for delegating traffic from this outbound to another. When this is set, `streamSettings` of this outbound will has no effect.
+
+> `mux`: [MuxObject](mux.md)
+
+See [Mux](mux.md) configuration for detail.
+
+### ProxySettingsObject
+
+```javascript
+{
+ "tag": "another-outbound-tag"
+}
+```
+
+> `tag`: string
+
+When `tag` is set to the tag of another outbound, the out-going traffic of current outbound will be delegated to the specified one.
\ No newline at end of file
diff --git a/ru/configuration/policy.md b/ru/configuration/policy.md
new file mode 100644
index 000000000..61c3ea899
--- /dev/null
+++ b/ru/configuration/policy.md
@@ -0,0 +1,127 @@
+---
+refcn: chapter_02/policy
+refen: configuration/policy
+---
+
+# Локальная политика
+
+Local policy manages policy settings of current V2Ray instance, such as connection timeouts. The policys can be applied to each user level, or the whole system.
+
+## PolicyObject
+
+`PolicyObject` is used as `policy` field in top level configuration.
+
+```javascript
+{
+ "levels": {
+ "0": {
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false
+ }
+ },
+ "system": {
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+ }
+}
+```
+
+> `level`: map{string: [LevelPolicyObject](#levelpolicyobject)}
+
+A list of key value pairs. Each key is a string of integer (restricted by JSON), such as `"0"`, `"1"`, etc. The numeric value is for a certain user level.
+
+{% hint style='info' %}
+
+User level can be set on each inbound and outbound proxy. V2Ray will apply different policies based on user level.
+
+{% endhint %}
+
+> `system`: [SystemPolicyObject](#systempolicyobject)
+
+System-wide policy
+
+### LevelPolicyObject
+
+```javascript
+{
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false,
+ "bufferSize": 10240
+}
+```
+
+> `handshake`: number
+
+Timeout for establishing a connection, in seconds. Default value `4`. At the handshake stage of an inbound proxy dealing with a new connection, say VMess reading request header, if it takes longer than `handshake` time, V2Ray aborts the connection.
+
+> `connIdle`: number
+
+Timeout for idle connections, in seconds. Default value `300`. If there is no data passed through the connection in `connIdle` time, V2Ray aborts the conneciton.
+
+> `uplinkOnly`: number
+
+Time for keeping connections open after the uplink of the connection is closed, in seconds. Default value `2`. After remote (server) closes the downlink of the connection, V2Ray aborts the connection after `uplinkOnly` times.
+
+> `downlinkOnly`: number
+
+Time for keeping connections open after the downlink of the connection is closed, in seconds. Default value `5`. After client (browser) closes the uplink of the connection, V2Ray aborts the connection after `downlinkOnly` time.
+
+{% hint style='tip' %}
+
+In a simple webpage browser scenario, it is safe to set `uplinkOnly` and `downlinkOnly` both to `0`, for better performance.
+
+{% endhint %}
+
+> `statsUserUplink`: true | false
+
+When set to `true`, V2Ray enables stat counter to uplink traffic for all users in this level.
+
+> `statsUserDownlink`: true | false
+
+When set to `true`, V2Ray enables stat counter to downlink traffic for all users in this level.
+
+> `bufferSize`: number
+
+Size of internal buffer per connection, in kilo-bytes. Default value is `10240`. When it is set to `0`, the internal buffer is disabled.
+
+Default value (V2Ray 4.4+):
+
+* `0` on ARM, MIPS and MIPSLE.
+* `4` on ARM64, MIPS64 and MIPS64LE.
+* `512` on other platforms.
+
+Default value (V2Ray 4.3-):
+
+* `16` on ARM, ARM64, MIPS, MIPS64, MIPSLE and MIPS64LE.
+* `2048` on other platforms.
+
+{% hint style='info' %}
+
+`bufferSize` overrides `v2ray.ray.buffer.size` settings in [env variables](env.md#cache-size-per-connection).
+
+{% endhint %}
+
+### SystemPolicyObject
+
+```javascript
+{
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+}
+```
+
+> `statsInboundUplink`: true | false
+
+When set to `true`, V2Ray enables stat counter for all uplink traffic in all inbound proxies.
+
+> `statsInboundDownlink`: true | false
+
+When set to `true`, V2Ray enables stat counter for all downlink traffic in all inbound proxies.
\ No newline at end of file
diff --git a/ru/configuration/protocols.md b/ru/configuration/protocols.md
new file mode 100644
index 000000000..11ef56eed
--- /dev/null
+++ b/ru/configuration/protocols.md
@@ -0,0 +1,17 @@
+---
+refcn: chapter_02/02_protocols
+refen: configuration/protocols
+---
+
+# Протоколы
+
+V2Ray поддерживает следующие протоколы (каждый может быть входящим и/или исходящим):
+
+* [Blackhole](protocols/blackhole.md)
+* [Dokodemo](protocols/dokodemo.md)
+* [Freedom](protocols/freedom.md)
+* [HTTP](protocols/http.md)
+* [MTProto](protocols/mtproto.md)
+* [Shadowsocks](protocols/shadowsocks.md)
+* [Socks](protocols/socks.md)
+* [VMess](protocols/vmess.md)
\ No newline at end of file
diff --git a/ru/configuration/protocols/blackhole.md b/ru/configuration/protocols/blackhole.md
new file mode 100644
index 000000000..6c5bfcf66
--- /dev/null
+++ b/ru/configuration/protocols/blackhole.md
@@ -0,0 +1,40 @@
+---
+refcn: chapter_02/protocols/blackhole
+refen: configuration/protocols/blackhole
+---
+
+# Backhole
+
+* Название: `blackhole`
+* Тип: исходящий
+
+Backhole - это протокол для исходящих соединений. Он блокирует все соединения предопределёнными ответами. В сочетании с [Маршрутизацией](../routing.md), он может быть использован для блокировки доступа к определённым веб-сайтам.
+
+## ConfigurationObject
+
+```javascript
+{
+ "response": {
+ "type": "none"
+ }
+}
+```
+
+> `response`: [ResponseObject](#responseobject)
+
+Если задан, Backhole немедленно отправит его в ответ на запрос и закроет соединение.
+
+### ResponseObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none" | "http"
+
+Тип ответа, доступные параметры:
+
+* `"none"`: Значение по умолчанию. Пустой ответ.
+* ` "HTTP" `: Ответ кодом состояния HTTP 403 Forbidden.
\ No newline at end of file
diff --git a/ru/configuration/protocols/dns.md b/ru/configuration/protocols/dns.md
new file mode 100644
index 000000000..6d5c80bdc
--- /dev/null
+++ b/ru/configuration/protocols/dns.md
@@ -0,0 +1,37 @@
+---
+refcn: chapter_02/protocols/dns
+refen: configuration/protocols/dns
+---
+
+# DNS
+
+* Название: `dns`
+* Тип: исходящий
+
+DNS is an outbound proxy. Он используется в основном для перехвата и проксирования DNS запросов и ответов. Этот прокси пропускает только DNS-запросы по TCP и UDP. Другой тип трафика приведет к ошибкам.
+
+При проксировании DNS-запросов исходящий DNS перенаправляет запросы IP (A и AAAA) на [внутренний DNS-сервер](../dns.md). It will send other type of queries directly to its original destination.
+
+Исходящий прокси DNS добавлен в V2Ray 4.15.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "network": "tcp",
+ "address": "1.1.1.1",
+ "port": 53
+}
+```
+
+> `network`: "tcp" | "udp"
+
+(V2Ray 4.16+) Транспортный протокол DNS трафика. Значение может быть `"tcp"` или `"udp"`. Если не указано, то исходный протокол остается неизменным.
+
+> `address`: адрес
+
+(V2Ray 4.16+) Адрес DNS-сервера в запросе. Если не указано, то адрес сервера не изменяется.
+
+> `port`: number
+
+(V2Ray 4.16+) Порт DNS-сервера в запросе. Если не указано, то порт сервера не изменяется.
\ No newline at end of file
diff --git a/ru/configuration/protocols/dokodemo.md b/ru/configuration/protocols/dokodemo.md
new file mode 100644
index 000000000..56d10ee89
--- /dev/null
+++ b/ru/configuration/protocols/dokodemo.md
@@ -0,0 +1,97 @@
+* * *
+
+refcn: chapter_02/protocols/dokodemo refen: configuration/protocols/dokodemo
+
+* * *
+
+# Dokodemo-door
+
+* Название: `dokodemo-door`
+* Тип: входящий
+
+Dokodemo-door - это протокол для входящих соединений. Он принимает любые соединения и передает их в указанное место назначения.
+
+Dokodemo-door также может работать (если настроен) как transparent proxy.
+
+## ConfigurationObject
+
+```javascript
+{
+ "address": "8.8.8.8",
+ "port": 53,
+ "network": "tcp",
+ "followRedirect": false,
+ "userLevel": 0
+}
+```
+
+> `address`: address
+
+Адрес определенного сервера. Строка, значением которой может быть IPv4, IPv6 или доменное имя. Если `followRedirect` (см. ниже) `true`, `address` может быть пустым.
+
+> `port`: number
+
+Порт сервера назначения.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+Тип принимаемых соединений. Если выбран ` "tcp" `, весь UDP-трафик, отправленный на это dokodemo-соединение, будет отброшен.
+
+> `followRedirect`: true | false
+
+Если установлено значение ` true `, dokodemo-door распознает назначение от TProxy и использует его в качестве адресата. См. `TProxy` в [Настройках доставки](../transport.md) для деталей.
+
+> `userLevel`: number
+
+Уровень пользователя. Все подключения проходят через этот уровень. Подробности: [Правила](../policy.md).
+
+## Примеры для transparent proxy
+
+Добавьте inbound-соединение dokodemo-door, как показано ниже.
+
+```javascript
+{
+ "network": "tcp,udp",
+ "timeout": 30,
+ "followRedirect": true
+}
+```
+
+Настройте iptables, как показано ниже.
+
+```bash
+# Создаём новую цепь
+iptables -t nat -N V2RAY
+iptables -t mangle -N V2RAY
+iptables -t mangle -N V2RAY_MARK
+
+# Игнорируем адреса серверов V2Ray
+# Это ОЧЕНЬ ВАЖНО, будьте внимательны.
+iptables -t nat -A V2RAY -d 123.123.123.123 -j RETURN
+
+# Игнорируем адреса локальной сети и любые другие адреса,
+# которые не требуется пропускать через прокси-сервер
+# См. Википедию и RFC5735 для полного списка зарезервированных сетей.
+iptables -t nat -A V2RAY -d 0.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 10.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 127.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY -d 169.254.0.0/16 -j RETURN
+iptables -t nat -A V2RAY -d 172.16.0.0/12 -j RETURN
+iptables -t nat -A V2RAY -d 192.168.0.0/16 -j RETURN
+iptables -t nat -A V2RAY -d 224.0.0.0/4 -j RETURN
+iptables -t nat -A V2RAY -d 240.0.0.0/4 -j RETURN
+
+# Всё остальное перенаправляем на локальный порт Dokodemo-door
+iptables -t nat -A V2RAY -p tcp -j REDIRECT --to-ports 12345
+
+# Добавляем правила для UDP
+ip route add local default dev lo table 100
+ip rule add fwmark 1 lookup 100
+iptables -t mangle -A V2RAY -p udp --dport 53 -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
+iptables -t mangle -A V2RAY_MARK -p udp --dport 53 -j MARK --set-mark 1
+
+# Применяем правила
+iptables -t nat -A OUTPUT -p tcp -j V2RAY
+iptables -t mangle -A PREROUTING -j V2RAY
+iptables -t mangle -A OUTPUT -j V2RAY_MARK
+```
\ No newline at end of file
diff --git a/ru/configuration/protocols/freedom.md b/ru/configuration/protocols/freedom.md
new file mode 100644
index 000000000..57476d37d
--- /dev/null
+++ b/ru/configuration/protocols/freedom.md
@@ -0,0 +1,45 @@
+---
+refcn: chapter_02/protocols/freedom
+refen: configuration/protocols/freedom
+---
+
+# Freedom
+
+* Название: `freedom`
+* Тип: исходящий
+
+Freedom is a protocol for outbound connections. It passes all TCP or UDP connection to their destinations. This outbound is used when you want to send traffic to its real destination.
+
+## ConfigurationObject
+
+```javascript
+{
+ "domainStrategy": "AsIs",
+ "redirect": "127.0.0.1:3366",
+ "userLevel": 0
+}
+```
+
+> `domainStrategy`: "AsIs" | "UseIP"
+
+Стратегия разрешения доменных имен. Возможные варианты:
+
+* `"AsIs"`: Значение по умолчанию. Доменные имена разрешаются системой.
+* ` "UseIP" `: Используйте [ внутренний DNS ](../dns.md) для получения доменных имен.
+* `"UseIPv4"`: Use IPv4 address only, after resolved by internal DNS.
+* `"UseIPv6"`: Use IPv6 address only, after resolved by internal DNS.
+
+(V2Ray 4.6+) In `UseIP` mode, when `sendThrough` is specified in [OutboundObject](../overview.md#outboundobject), Freedom will automatically choose between IPv4 and IPv6 address for destination based on `sendThrough` settings.
+
+(V2Ray 4.7+) If `sendThrough` address conflicts with `"UseIPv4"` or `"UseIPv6"`, Freedom will fail to dial out-going connections.
+
+> `redirect`: address_port
+
+Перенаправление всех соединений на указанный адрес вида `"127.0.0.1:80"` или `":1234"`.
+
+* Если адрес не указан, например `":443"`, Freedom будет использовать исходный адрес назначения.
+* Если указан порт `0`, например `"v2ray.com:0"`, Freedom будет использовать исходный порт.
+
+> `userLevel`: number
+
+Пользовательский уровень. Все подключения имеют этот уровень.
\ No newline at end of file
diff --git a/ru/configuration/protocols/http.md b/ru/configuration/protocols/http.md
new file mode 100644
index 000000000..3c9928b37
--- /dev/null
+++ b/ru/configuration/protocols/http.md
@@ -0,0 +1,64 @@
+---
+refcn: chapter_02/protocols/http
+refen: configuration/protocols/http
+---
+
+# HTTP
+
+* Название: `http`
+* Тип: входящий
+
+HTTP - это протокол для входящих соединений. Он совместим с HTTP 1.1.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "accounts": [
+ {
+ "user": "my-username",
+ "pass": "my-password"
+ }
+ ],
+ "allowTransparent": false,
+ "userLevel": 0
+}
+```
+
+> `accounts`: \[[AccountObject](#accountobject)\]
+
+Массив, в котором каждая запись является учетной записью. По умолчанию — пуст. Если в массиве есть элементы, для входящих запросов потребуется HTTP Basic Authentication.
+
+> `allowTransparent`: true | false
+
+Если установлено значение `true`, все полученные HTTP-запросы, будут проксированы, включая запрос без прокси.
+
+> `userLevel`: number
+
+Пользовательский уровень. Все подключения имеют этот уровень.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `user`: string
+
+Имя пользователя для аутентификации по HTTP.
+
+> `pass`: string
+
+Пароль для аутентификации по HTTP.
+
+{% hint style='info' %}
+
+Используйте следующие настройки в Linux для использования прокси-сервера HTTP в текущем сеансе.
+
+* `export http_proxy=http://127.0.0.1:8080/` (Адрес должен быть изменён на требуемый)
+* `export https_proxy=$http_proxy`
+
+{% endhint %}
\ No newline at end of file
diff --git a/ru/configuration/protocols/mtproto.md b/ru/configuration/protocols/mtproto.md
new file mode 100644
index 000000000..64affa56d
--- /dev/null
+++ b/ru/configuration/protocols/mtproto.md
@@ -0,0 +1,103 @@
+---
+refcn: chapter_02/protocols/mtproto
+refen: configuration/protocols/mtproto
+---
+
+# MTProto
+
+* Название: `mtproto`
+* Тип: входящий / исходящий
+
+MTProto proxy - специальный прокол для Telegram. Он состоит из пары входящих и исходящих прокси в V2Ray. Они обычно используются вместе для создания прокси для Telegram.
+
+На данный момент V2Ray поддерживает только IPv4 адрес сервера Telegram.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "users": [{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+ }]
+}
+```
+
+> `users`: \[[UserObject](#userobject)\]
+
+Массив пользователей. Пока обрабатывается только первый пользователь.
+
+### UserObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+}
+```
+
+> `email`: string
+
+Электронная почта пользователя. Используется для сбора статистики. См. [Статистика](../stats.md).
+
+> `level`: number
+
+Уровень пользователя.
+
+> `secret`: string
+
+Секрет пользователя. В Telegram секрет пользователя должен быть длиной 32 символа и содержать только символы от `0` до `9`, и от `a` до `f`.
+
+{% hint style='tip' %}
+
+Используйте для генерации секрета MTProto эту команду: `openssl rand -hex 16`
+
+{% endhint %}
+
+## Конфигурация исходящего соединения {#outbound}
+
+```javascript
+{
+}
+```
+
+## Пример {#sample}
+
+MTProto может использоваться только для трафика Telegram. Для объединения соответствующего входящего и исходящего может потребоваться правило маршрутизации. Вот неполный образец.
+
+Входящее соединение:
+
+```javascript
+{
+ "tag": "tg-in",
+ "port": 443,
+ "protocol": "mtproto",
+ "settings": {
+ "users": [{"secret": "b0cbcef5a486d9636472ac27f8e11a9d"}]
+ }
+}
+```
+
+Исходящее соединение:
+
+```javascript
+{
+ "tag": "tg-out",
+ "protocol": "mtproto",
+ "settings": {}
+}
+```
+
+Маршрутизация:
+
+```javascript
+{
+ "type": "field",
+ "inboundTag": ["tg-in"],
+ "outboundTag": "tg-out"
+}
+```
+
+Настройте приложение Telegram для подключения к 443 порту на этом устройстве.
\ No newline at end of file
diff --git a/ru/configuration/protocols/shadowsocks.md b/ru/configuration/protocols/shadowsocks.md
new file mode 100644
index 000000000..1fd10791f
--- /dev/null
+++ b/ru/configuration/protocols/shadowsocks.md
@@ -0,0 +1,163 @@
+---
+refcn: chapter_02/protocols/shadowsocks
+refen: configuration/protocols/shadowsocks
+---
+
+# Shadowsocks
+
+* Name: `shadowsocks`
+* Тип: входящий / исходящий
+
+Протокол [Shadowsocks](https://www.shadowsocks.org/) поддерживает входящие и исходящие соединения.
+
+Совместим с официальной версией:
+
+* Поддерживает как TCP, так и UDP соединения. UDP может быть отключен.
+* Поддерживает [OTA](https://web.archive.org/web/20161221022225/https://shadowsocks.org/en/spec/one-time-auth.html)
+ * Клиент может отключать и включать поддержку при необходимости.
+ * Сервер может принудительно включить, отключить поддержку или использовать конфигурация клиента.
+* Методы шифрования ([AEAD](https://shadowsocks.org/en/spec/AEAD-Ciphers.html) шифры, добавленные в V2Ray 3.0):
+ * aes-256-cfb
+ * aes-128-cfb
+ * chacha20
+ * chacha20-ietf
+ * aes-256-gcm
+ * aes-128-gcm
+ * chacha20-poly1305 a.k.a. chacha20-ietf-poly1305
+* Плагины:
+ * Поддержка obfs через автономный режим.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "method": "aes-128-cfb",
+ "password": "password",
+ "level": 0,
+ "ota": true,
+ "network": "tcp"
+}
+```
+
+> `email`: string
+
+Адрес электронной почты. Используется для идентификации пользователя.
+
+> `method`: string
+
+Required. See [Encryption methods](#encryption-methods) for available values.
+
+> `password`: string
+
+Required. Password in Shadowsocks protocol. Can be any string.
+
+> `level`: number
+
+Пользовательский уровень. По умолчанию `0`. См. [Локальная политика](../policy.md).
+
+> `ota`: `true` | `false`
+
+Whether or not to force OTA. If `true` and the incoming connection doesn't enable OTA, V2Ray will reject this connection. Vice versa.
+
+If this field is not specified, V2Ray auto detects OTA settings from incoming connections.
+
+Когда используется шифрование AEAD, значение `ota` не используется.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+Проксируемые протоколы. По умолчанию `"tcp"`.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "servers": [
+ {
+ "email": "love@v2ray.com",
+ "address": "127.0.0.1",
+ "port": 1234,
+ "method": "method",
+ "password": "password",
+ "ota": false,
+ "level": 0
+ }
+ ]
+}
+```
+
+Где:
+
+* `email`: Адрес электронной почты. Используется для идентификации пользователя.
+* `address`: Адрес сервера Shadowsocks. Может быть IPv4, IPv6 или доменом.
+* `port`: Порт используемый Shadowsocks сервером.
+* `method`: Метод шифрования. Значение по умолчанию отсутствует. Возможные варианты:
+ * `"aes-256-cfb"`
+ * `"aes-128-cfb"`
+ * `"chacha20"`
+ * `"chacha20-ietf"`
+ * `"aes-256-gcm"`
+ * `"aes-128-gcm"`
+ * `"chacha20-poly1305"` или `"chacha20-ietf-poly1305"`
+* `password`: Пароль. Может быть любой строкой.
+* `ota`: Использовать или не использовать OTA.
+ * Когда используется AEAD, значение ` ota ` не используется.
+* ` userLevel `: Пользовательский уровень.
+
+> `servers`: \[[ServerObject](#serverobject)\]
+
+An array of [ServerObject](#serverobject)s.
+
+### ServerObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "address": "127.0.0.1",
+ "port": 1234,
+ "method": "加密方式",
+ "password": "密码",
+ "ota": false,
+ "level": 0
+}
+```
+
+> `email`: string
+
+Адрес электронной почты. Используется для идентификации пользователя.
+
+> `address`: address
+
+Required. Shadowsocks server address. May be IPv4, IPv6 or domain address.
+
+> `port`: number
+
+Required. Shadowsocks server port.
+
+> `method`: string
+
+Required. See [Encryption methods](#encryption-methods) for available values.
+
+> `password`: string
+
+Required. Password in Shadowsocks protocol. Can be any string.
+
+> `ota`: true | false
+
+Whether or not to use OTA. Default value is `false`.
+
+Если используется шифрование AEAD, это поле не используется.
+
+> `level`: number
+
+Уровень пользователя.
+
+## Методы шифрования
+
+* `"aes-256-cfb"`
+* `"aes-128-cfb"`
+* `"chacha20"`
+* `"chacha20-ietf"`
+* `"aes-256-gcm"`
+* `"aes-128-gcm"`
+* `"chacha20-poly1305"` или `"chacha20-ietf-poly1305"`
\ No newline at end of file
diff --git a/ru/configuration/protocols/socks.md b/ru/configuration/protocols/socks.md
new file mode 100644
index 000000000..800cd70a8
--- /dev/null
+++ b/ru/configuration/protocols/socks.md
@@ -0,0 +1,147 @@
+---
+refcn: chapter_02/protocols/socks
+refen: configuration/protocols/socks
+---
+
+# Socks
+
+* Название: `socks`
+* Тип: входящий / исходящий
+
+Socks - это реализация стандартного протокола SOCKS, совместимого с [ Socks 4 ](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol), Socks 4а и [ Socks 5 ](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol).
+
+Socks configuration consists of two parts, `InboundConfigurationObject` and `OutboundConfigurationObject`, for inbound and outbound respectively.
+
+## OutboundConfigurationObject
+
+`OutboundConfigurationObject` is used as `settings` field in `OutboundObject` in top level configuration.
+
+```javascript
+{
+ "servers": [{
+ "address": "127.0.0.1",
+ "port": 1234,
+ "users": [
+ {
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+ }
+ ]
+ }]
+}
+```
+
+> `servers`: \[ [ServerObject](#serverobject) \]
+
+Массив Socks-серверов.
+
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 1234,
+ "users": [
+ {
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+ }
+ ]
+}
+```
+
+> `address`: address
+
+Адрес сервера. Может быть адресом IPv4, IPv6 или доменным именем.
+
+{% hint style='info' %}
+
+Поддерживаются только Socks 5 сервера.
+
+{% endhint %}
+
+> `port`: number
+
+Порт Socks-сервера.
+
+> `users`: \[ [UserObject](#userobject) \]
+
+An array of users. Each element in the array is an user. If the list is not empty. Socks inbound will force user authentication. Otherwise, anonymous user is allowed.
+
+### UserObject
+
+```javascript
+{
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+}
+```
+
+> `user`: string
+
+Username as in Socks protocol
+
+> `pass`: string
+
+Password as in Socks protocol
+
+> `level`: number
+
+User level for tracking and policy purpose. Default value is `0`.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "auth": "noauth",
+ "accounts": [
+ {
+ "user": "my-username",
+ "pass": "my-password"
+ }
+ ],
+ "udp": false,
+ "ip": "127.0.0.1",
+ "userLevel": 0
+}
+```
+
+> `auth`: "noauth" | "password"
+
+Socks autentication method. `"noauth"` is for anonymous authentication, and `"password"` for authentication with username and password. Default value is `"noauth"`.
+
+> `accounts`: \[ [AccountObject](#accountobject) \]
+
+An array of user accounts, for authenication purpose. Only take effect when `auth` is set to `"password"`.
+
+> `udp`: true | false
+
+Whether or not to enable UDP. Default value is `false`.
+
+> `ip`: address
+
+When UDP is enabled, V2Ray needs to know the IP address of current host. Default value is `"127.0.0.1"`. This must be set to the public IP address of the host, if you want to allow public UDP traffic.
+
+> `userLevel`: number
+
+User level. All incoming connections share this user level.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `user`: string
+
+Username as in Socks protocol
+
+> `pass`: string
+
+Password as in Socks protocol
\ No newline at end of file
diff --git a/ru/configuration/protocols/vmess.md b/ru/configuration/protocols/vmess.md
new file mode 100644
index 000000000..79566ec03
--- /dev/null
+++ b/ru/configuration/protocols/vmess.md
@@ -0,0 +1,196 @@
+---
+refcn: chapter_02/protocols/vmess
+refen: configuration/protocols/vmess
+---
+
+# VMess
+
+* Название: `vmess`
+* Тип: входящий / исходящий
+
+[VMess](https://www.v2ray.com/eng/protocols/vmess.html) это протокол для шифрованной передачи информации. Он включает в себя входящий и исходящий прокси.
+
+VMess зависит от системного времени. Убедитесь, что ваше системное время синхронизировано с временем UTC. Часовой пояс не имеет значения. Можно установить ` ntp ` службы на Linux для автоматической синхронизации системного времени.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "vnext": [
+ {
+ "address": "127.0.0.1",
+ "port": 37192,
+ "users": [
+ {
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "alterId": 4,
+ "security": "auto",
+ "level": 0
+ }
+ ]
+ }
+ ]
+}
+```
+
+> `vnext`: \[ [ServerObject](#serverobject) \]
+
+An array, where each element presents a remote server
+
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 37192,
+ "users": []
+}
+```
+
+> `address`: address
+
+Server address, may be IPv4, IPv6 or domain name.
+
+> `port`: number
+
+Server port
+
+> `users`: \[ [UserObject](#userobject) \]
+
+An array where each element is an VMess user
+
+### UserObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "alterId": 16,
+ "security": "auto",
+ "level": 0
+}
+```
+
+> `id`: string
+
+Идентификатор пользователя в формате [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
+
+> `alterId`: number
+
+Number of alternative IDs. The alternative IDs will be generated in a deterministic way. Default to 0. Maximum 65535. Recommend 4. Its value must be not larger than the one in corresponding Inbound.
+
+> `level`: number
+
+User level. See [Policy](../policy.md) for more detail.
+
+> `security`: "aes-128-gcm" | "chacha20-poly1305" | "auto" | "none"
+
+Method for encrypting payload. This setting is only available at outbound. The VMess inbound will automatically recognize this setting and decrypt payload accordingly. Options are:
+
+* `"aes-128-gcm"`: Рекомендуется для ПК.
+* `"chacha20-poly1305"`: Рекомендуется для мобильных устройств.
+* `"auto"`: Значение по умолчанию. Используйте `aes-128-gcm` на AMD64, ARM64 и S390x, или `chacha20-poly1305` в остальных случаях.
+* ` "none" `: Не использовать шифрование.
+
+{% hint style='info' %}
+
+Используйте `"auto"` где это возможно, для лучшей совместимости.
+
+{% endhint %}
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "clients": [
+ {
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "level": 0,
+ "alterId": 4,
+ "email": "love@v2ray.com"
+ }
+ ],
+ "default": {
+ "level": 0,
+ "alterId": 4
+ },
+ "detour": {
+ "to": "tag_to_detour"
+ },
+ "disableInsecureEncryption": false
+}
+```
+
+> `clients`: \[ [ClientObject](#clientobject) \]
+
+Массив для действительных учетных записей пользователей. Может быть пустым при использовании функции динамического порта.
+
+> `detour`: [DetourObject](#detourobject)
+
+Optional feature to suggest client to take a detour. If specified, this inbound will instruct the outbound to use another inbound.
+
+> `default`: [DefaultObject](#defaultobject)
+
+Optional default client configuration. Usually used with `detour`.
+
+> `disableInsecureEncryption`: true | false
+
+Запретить клиенту использовать небезопасные методы шифрования. Если установлено значение `true`, соединения будут немедленно разорваны, если будут использоваться следующие методы шифрования. Значение по умолчанию: `false`.
+
+* `none`
+* `aes-128-cfb`
+
+### ClientObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "level": 0,
+ "alterId": 4,
+ "email": "love@v2ray.com"
+}
+```
+
+> `id`: string
+
+Идентификатор пользователя в формате [UUID](https://ru.wikipedia.org/wiki/UUID).
+
+> `level`: number
+
+User level. See [Policy](../policy.md) for its usage.
+
+> `alterId`: number
+
+Число альтернативных идентификаторов. То же, что и в Исходящем соединении (см выше).
+
+> `email`: string
+
+Email address for user identification.
+
+### DetourObject
+
+```javascript
+{
+ "to": "tag_to_detour"
+}
+```
+
+> `to`: string
+
+The tag of an inbound proxy. See [Overview](../protocols.md). If configured, VMess will suggest its client to use the detour for further connections.
+
+### DefaultObject
+
+```javascript
+{
+ "level": 0,
+ "alterId": 4
+}
+```
+
+> `level`: number
+
+Уровень пользователя.
+
+> `alterId`: number
+
+Number of alternative IDs. Default value 64. Recommend 4.
\ No newline at end of file
diff --git a/ru/configuration/reverse.md b/ru/configuration/reverse.md
new file mode 100644
index 000000000..8b1d41082
--- /dev/null
+++ b/ru/configuration/reverse.md
@@ -0,0 +1,199 @@
+---
+refcn: chapter_02/reverse
+refen: configuration/reverse
+---
+
+# Reverse Proxy
+
+Reverse proxy is an optional feature in V2Ray. It redirects traffic from a server to a client. Thus is so called "Reverse" proxying.
+
+{% hint style='tip' %}
+
+Reverse proxy is available in V2Ray 4.0+. It is now in beta, and may be improved in near future.
+
+{% endhint %}
+
+Reverse proxy works in the following way:
+
+* Suppose there is a device A that runs a web server. Device A has no public IP address, and can't be accessed from internet. There is another device B, say a cloud server, which can be access from internet. We need to use B as portal, to redirect traffice to A.
+* Now we install a V2Ray on device A, named `bridge`. And then install a V2Ray on device B, named `portal`.
+* `bridge` will open connections to `portal`. Their target can be customized for routing purpose. `portal` will receive these connections, as well as connections from other uses in the internet. `portal` will "connect" these two kind of connections. Then the interent traffic will be tunneled to `bridge`.
+* After `bridge` receives traffic from internet through `portal`, it will send these traffic to the web server on localhost. You may configure routing for these traffic as well.
+* `bridge` will control load balance based of the amount of traffic.
+
+{% hint style='danger' %}
+
+Reverse proxy has already leveraged [Mux](mux.md). It is not necessary to configure Mux again on its outbound.
+
+{% endhint %}
+
+## ReverseObject
+
+`ReverseObject` is used as `reverse` field in top level configuration.
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }],
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+> `bridges`: \[[BridgeObject](bridgeobject)\]
+
+An array of `bridge`s. Each `bridge` is a [BridgeObject](bridgeobject).
+
+> `portals`: \[[PortalObject](portalobject)\]
+
+An array of `portal`s. Each `portal` is a [PortalObject](bridgeobject).
+
+### BridgeObject
+
+```javascript
+{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+}
+```
+
+> `tag`: string
+
+A tag. All traffic initiated by this `bridge` will have this tag. It can be used for [routing](routing.md), identified as `inboundTag`.
+
+> `domain`: string
+
+A domain. All connections initiated by `bridge` towards `portal` will use this domain as target. This domain is only used for communication between `bridge` and `portal`. It is not necessary to be actually registered.
+
+### PortalObject
+
+> `tag`: string
+
+A Tag. You need to redirect all traffic to this `portal`, by targeting `outboundTag` to this `tag`. The traffic includes the connections from `bridge`, as well as internet traffic.
+
+> `domain`: string
+
+A domain. When a connection targeting this domain, `portal` considers it is a connection from `bridge`, otherwise it is an internet connection.
+
+{% hint style='tip' %}
+
+Like other usages, a V2Ray instance can be used as a `bridge`, or a `portal`, or both as the same time.
+
+{% endhint %}
+
+## Example configuration
+
+`bridge` usually needs two outbounds. One for connecting `portal`, and another for connecting local web server.
+
+Reverse:
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+Outbound:
+
+```javascript
+{
+ "tag": "out"
+ "protocol": "freedom",
+ "settings": {
+ "redirect": "127.0.0.1:80" // Send traffic to local web server
+ }
+},
+{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "portal的IP地址",
+ "port": 1024,
+ "users": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }]
+ },
+ "tag": "interconn"
+}
+```
+
+Routing:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "domain": ["full:test.v2ray.com"],
+ "outboundTag": "interconn"
+ },{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "outboundTag": "out"
+ }]
+}
+```
+
+`portal` usually needs two inbounds. One for connections from `bridge`, and another for internet connections.
+
+Reverse:
+
+```javascript
+{
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com" // Must be the same as in bridge
+ }]
+}
+```
+
+Inbound:
+
+```javascript
+{
+ "tag": "external",
+ "port": 80, // Open port 80 for internet HTTP traffic
+ "protocol": "dokodemo-door",
+ "settings": {
+ "address": "127.0.0.1",
+ "port": 80,
+ "network": "tcp"
+ }
+},
+{
+ "port": 1024, // For bridge connections
+ "tag": "interconn",
+ "protocol": "vmess",
+ "settings": {
+ "clients": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }
+}
+```
+
+Routing:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["external"],
+ "outboundTag": "portal"
+ },{
+ "type": "field",
+ "inboundTag": ["interconn"],
+ "outboundTag": "portal"
+ }]
+}
+```
+
+{% hint style='tip' %}
+
+In practice, you may want to run `bridge` first and then `portal`.
+
+{% endhint %}
\ No newline at end of file
diff --git a/ru/configuration/routing.md b/ru/configuration/routing.md
new file mode 100644
index 000000000..2543e70d6
--- /dev/null
+++ b/ru/configuration/routing.md
@@ -0,0 +1,194 @@
+---
+refcn: chapter_02/03_routing
+refen: configuration/routing
+---
+
+# Маршрутизация
+
+V2Ray has an internal routing mechanism. It routes inbound connections to various outbound based on rules. A common scenario is to split traffic by country. V2Ray can detect target country (by Geo IP) of a connection, and sends then connection to corresponding outbound proxy.
+
+## RoutingObject
+
+`RoutingObject` is used as `routing` in top level configuration.
+
+```javascript
+{
+ "domainStrategy": "AsIs",
+ "rules": [],
+ "balancers": []
+}
+```
+
+> `domainStrategy`: "AsIs" | "IPIfNonMatch" | "IPOnDemand"
+
+Domain resolution strategy. Choices are:
+
+* `"AsIs"`: Only use domain for routing. Default value.
+* `"IPIfNonMatch"`: When no rule matches current domain, V2Ray resolves it into IP addresses (A or AAAA records) and try all rules again.
+ * If a domain has multiple IP addresses, V2Ray tries all of them.
+ * The resolved IPs are only used for routing decisions, the traffic is still sent to original domain address.
+* `"IPOnDemand"`: As long as there is a IP-based rule, V2Ray resolves the domain into IP immediately.
+
+> `rules`: \[[RuleObject](#ruleobject)\]
+
+An array of rules. For each inbound connection, V2Ray tries these rules from top down one by one. If a rule takes effect, the connection will be routed to the `outboundTag` (or `balancerTag`, V2Ray 4.4+) of the rule.
+
+> `balancers`: \[ [BalancerObject](#balancerobject) \]
+
+(V2Ray 4.4+) An array of load balancers. When a routing rule points to a load balancer, the balancer will select an outbound based on configuration. Then traffic will be sent to that outbound.
+
+### RuleObject
+
+```javascript
+{
+ "type": "field",
+ "domain": [
+ "baidu.com",
+ "qq.com",
+ "geosite:cn"
+ ],
+ "ip": [
+ "0.0.0.0/8",
+ "10.0.0.0/8",
+ "fc00::/7",
+ "fe80::/10",
+ "geoip:cn"
+ ],
+ "port": "53,443,1000-2000",
+ "network": "tcp",
+ "source": [
+ "10.0.0.1"
+ ],
+ "user": [
+ "love@v2ray.com"
+ ],
+ "inboundTag": [
+ "tag-vmess"
+ ],
+ "protocol":["http", "tls", "bittorrent"],
+ "attrs": "attrs[':method'] == 'GET'",
+ "outboundTag": "direct",
+ "balancerTag": "balancer"
+}
+```
+
+{% hint style='info' %}
+
+When multiple fields are specified, these fields have to be all satisfied, in order to make the rule effective. If you need both `domain` and `ip` rules, it is highly likely you need put them into separate rules.
+
+{% endhint %}
+
+> `type`: "field"
+
+The only valid value for now is `"field"`.
+
+> `domain`: \[ string \]
+
+An array of domains. Available formats are:
+
+* Plaintext: If this string matches any part of the targeting domain, this rule takes effet. Example: rule `"sina.com"` matches targeting domain `"sina.com"`, `"sina.com.cn"` and `"www.sina.com"`, but not `"sina.cn"`.
+* Regular expression: Begining with `"regexp:"`, the rest is a regular expression. When the regexp matches targeting domain, this rule takes effect. Example: rule `"regexp:\\.goo.*\\.com$"` matches `"www.google.com"` and `"fonts.googleapis.com"`, but not `"google.com"`.
+* Subdomain (recommended): Begining with `"domain:"` and the rest is a domain. When the targeting domain is exactly the value, or is a subdomain of the value, this rule takes effect. Example: rule `"domain:v2ray.com"` matches `"www.v2ray.com"`, `"v2ray.com"`, but not `"xv2ray.com"`.
+* Full domain: Begining with `"full:"` and the rest is a domain. When the targeting domain is exactly the value, the rule takes effect. Example: rule `"domain:v2ray.com"` matches `"v2ray.com"`, but not `"www.v2ray.com"`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](#pre-defined-domain-lists) for more detail.
+* Domains from file: Such as `"ext:file:tag"`. The value must begin with `ext:` (lowercase), and followed by filename and tag. The file is placed in [resource directory](env.md#location-of-v2ray-asset), and has the same format of `geosite.dat`. The tag must exist in the file.
+
+> `ip`: \[string\]
+
+An array of IP ranges. When the targeting IP is in one of the ranges, this rule takes effect. Available formats:
+
+* IP: such as `"127.0.0.1"`.
+* [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing): such as `"127.0.0.0/8"`.
+* GeoIP: such as `"geoip:cn"`. It begins with `geoip:` (lower case) and followed by two letter of country code.
+ * Special value `"geoip:private"`: for all private addresses such as `127.0.0.1`.
+* IPs from file: Such as `"ext:file:tag"`. The value must begin with `ext:` (lowercase), and followed by filename and tag. The file is placed in [resource directory](env.md#location-of-v2ray-asset), and has the same format of `geoip.dat`. The tag must exist in the file.
+
+{% hint style='info' %}
+
+`"ext:geoip.dat:cn"` is equivalent to `"geoip:cn"`.
+
+{% endhint %}
+
+> `port`:number | string
+
+Port range. Formats are:
+
+* `"a-b"`: Both `a` and `b` are positive integers and less than 65536. When the targeting port is in [`a`, `b`), this rule takes effect.
+* `a`: `a` is a positive integer, and less than 65536. When the targeting port is `a`, this rule takes effect.
+* Mix of the two above, separated by ",". Such as `"53,443,1000-2000"`.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+When the connection has in the chosen network, this rule take effect.
+
+> `source`: \[string\]
+
+An array of IP ranges. Same format as `ip`. When the source IP of the connection is in the IP range, this rule takes effect.
+
+> `user`: \[string\]
+
+An array of email address. When the inbound connection uses an user account of the email address, this rule takes effect. For now Shadowsocks and VMess support user with email.
+
+> `inboundTag`: \[string\]
+
+An array of string as inbound proxy tags. When the connection comes from one of the specified inbound proxy, this rule takes effect.
+
+> `protocol`: \[ "http" | "tls" | "bittorrent" \]
+
+An array of string as protocol types. When the connection uses one of the protocols, this rule takes effect. To recognize the protocol of a connection, one must enable `sniffing` option in inbound proxy.
+
+> `attrs`: string
+
+(V2Ray 4.18+) A Starlark script, used for detecting traffic attributes. When this script returns true, this rule takes effect.
+
+[Starlark](https://github.com/bazelbuild/starlark) is a subset of Python. The script takes a global varible named `attrs`. It contains all attributes of the traffic.
+
+At the moment, only http inbound sets `attrs`.
+
+Examples:
+
+* Detect HTTP GET: `"attrs[':method'] == 'GET'"`
+* Detect HTTP Path: `"attrs[':path'].startswith('/test')"`
+* Detect Content Type: `"attrs['accept'].index('text/html') >= 0"`
+
+> `outboundTag` string
+
+[Tag of the outbound](protocols.md) that the connection will be sent to, if this rule take effect.
+
+> `balancerTag`: string
+
+Tag of an load balancer. Then this rule takes effect, V2Ray will use the balancer to select an outbound. Either `outboundTag` or `balancerTag` must be specified. When both are specified, `outboundTag` takes priority.
+
+### BalancerObject
+
+Configuration for a load balancer. When a load balancer takes effective, it selects one outbound from matching outbounds. This outbound will be used for send out-going traffic.
+
+```javascript
+{
+ "tag": "balancer",
+ "selector": []
+}
+```
+
+> `tag`: string
+
+Tag of this `BalancerObject`, to be matched from `balancerTag` in `RuleObject`.
+
+> `selector`: \[ string \]
+
+An array of strings. These strings are used to select outbounds with prefix matching. For example, with the following outbound tags: `[ "a", "ab", "c", "ba" ]`,selector `["a"]` matches `[ "a", "ab" ]`.
+
+When multiple outbounds are selected, load balancer for now picks one final outbound at random.
+
+## Pre-defined domain lists
+
+This is a domain lists maintained by [domain-list-community](https://github.com/v2ray/domain-list-community) project. It provides a file named `geosite.dat` for some predefined domain lists. Notably:
+
+* `category-ads`: Common ads domains.
+* `category-ads-all`: Common ads domains and ads providers' domains.
+* `cn`: Equivalent to an union of `geolocation-cn` and `tld-cn`.
+* `google`: All Google domains.
+* `facebook`: All Facebook domains.
+* `geolocation-cn`: Common domains that serve in China.
+* `geolocation-!cn`: Common domains that don't serve in China
+* `tld-cn`: All .cn and .中国 domains.
\ No newline at end of file
diff --git a/ru/configuration/stats.md b/ru/configuration/stats.md
new file mode 100644
index 000000000..13c925e41
--- /dev/null
+++ b/ru/configuration/stats.md
@@ -0,0 +1,43 @@
+---
+refcn: chapter_02/stats
+refen: configuration/stats
+---
+
+# Статистика
+
+V2Ray предоставляет информацию о своём состоянии.
+
+## StatsObject
+
+`StatsObject` используется как поле `stats` на верхнем уровне конфигурации.
+
+```javascript
+{
+}
+```
+
+На данный момент в настройках статистики нет параметров. Статистика включается автоматически, когда `StatsObject` установлен в конфигурации верхнего уровня. Вам также необходимо включить соответствующие настройки в [Policy](policy.md), чтобы отслеживать статистику пользователя или системы.
+
+Все счетчики статистики перечислены ниже:
+
+## Пользовательский трафик
+
+Если у пользователя не указан адрес электронной почты в настройках протокола, статистика трафика не будет включена.
+
+> `user>>>[email]>>>traffic>>>uplink`
+
+Выходной трафик отдельного пользователя, в байтах.
+
+> `user>>>[email]>>>traffic>>>downlink`
+
+Входной трафик отдельного пользователя, в байтах.
+
+## Глобальный трафик
+
+> `inbound>>>[tag]>>>traffic>>>uplink`
+
+Выходной трафик отдельного соединения, в байтах.
+
+> `inbound>>>[tag]>>>traffic>>>downlink`
+
+Входной трафик отдельного соединения, в байтах.
\ No newline at end of file
diff --git a/ru/configuration/transport.md b/ru/configuration/transport.md
new file mode 100644
index 000000000..526bd35f0
--- /dev/null
+++ b/ru/configuration/transport.md
@@ -0,0 +1,300 @@
+---
+refcn: chapter_02/05_transport
+refen: configuration/transport
+---
+
+# Параметры транспорта
+
+Transport is for how V2Ray sends and receives data from its peers. The responsibility of a transport is to reliably transfer data to a peer. Usually a connection has matching transports on both endpoints. For example, if a V2Ray outbound uses WebSocket as its transport, the inbound it talks to also has to use WebSocket, otherwise a connection can't be established.
+
+The transport settings devides into two parts: global settings and per proxy settings. Per-proxy settings specifies how each individual proxy handles its data, while global settings is for all proxies. Usually the inbound and outbound proxies between the connecting peer must have the same transport settings. When a proxy has no transport settings, the global settings applies.
+
+## TransportObject
+
+`TransportObject` is used as `transport` field in top level configuration.
+
+```javascript
+{
+ "tcpSettings": {},
+ "kcpSettings": {},
+ "wsSettings": {},
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {}
+}
+```
+
+> `tcpSettings`: TcpObject
+
+Settings for [TCP transport](transport/tcp.md).
+
+> `kcpSettings`: KcpObject
+
+Settings for [mKCP transport](transport/mkcp.md).
+
+> `wsSettings`: WebSocketObject
+
+Settings for [WebSocket transport](transport/websocket.md).
+
+> `httpSettings`: HttpObject
+
+Settings for [HTTP/2 transport](transport/h2.md).
+
+> `dsSettings`: DomainSocketObject
+
+Settings for [Domain Socket transport](transport/domainsocket.md).
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) Settings for [QUIC transport](transport/quic.md).
+
+## StreamSettingsObject
+
+Each inbound and outbound proxy may has its own transport settings, as specified in `streamSettings` field in top level configuration.
+
+```javascript
+{
+ "network": "tcp",
+ "security": "none",
+ "tlsSettings": {},
+ "tcpSettings": {},
+ "kcpSettings": {},
+ "wsSettings": {},
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {},
+ "sockopt": {
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+ }
+}
+```
+
+> `network`: "tcp" | "kcp" | "ws" | "http" | "domainsocket" | "quic"
+
+Network type of the stream transport. Default value `"tcp"`.
+
+> `security`: "none" | "tls"
+
+Type of security. Choices are `"none"` (default) for no extra security, or `"tls"` for using [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security).
+
+> `tlsSettings`: [TLSObject](#tlsobject)
+
+TLS settings. TLS is provided by Golang. Support up to TLS 1.2. DTLS is not supported.
+
+> `tcpSettings`: [TcpObject](transport/tcp.md)
+
+TCP transport configuration for current proxy. Effective only when the proxy uses TCP transport. Configuration is the same as it is in global configuration.
+
+> `kcpSettings`: KcpObject
+
+mKCP transport configuration for current proxy. Effective only when the proxy uses mKCP transport. Configuration is the same as it is in global configuration.
+
+> `wsSettings`: WebSocketObject
+
+WebSocket transport configuration for current proxy. Effective only when the proxy uses WebSocket transport. Configuration is the same as it is in global configuration.
+
+> `httpSettings`: HttpObject
+
+HTTP/2 transport configuration for current proxy. Effective only when the proxy uses HTTP/2 transport. Configuration is the same as it is in global configuration.
+
+> `dsSettings`: DomainSocketObject
+
+Domain socket transport configuration for current proxy. Effective only when the proxy uses domain socket transport. Configuration is the same as it is in global configuration.
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) QUIC transport configuration for current proxy. Effective only when the proxy uses QUIC transport. Configuration is the same as it is in global configuration.
+
+> `sockopt`: SockoptObject
+
+Socket options for incoming and out-going connections.
+
+### TLSObject
+
+```javascript
+{
+ "serverName": "v2ray.com",
+ "allowInsecure": false,
+ "alpn": ["http/1.1"],
+ "certificates": [],
+ "disableSystemRoot": false
+}
+```
+
+> `serverName`: string
+
+Server name (usually domain) used for TLS authentication. Typically this is used when corressponding inbound/outbound uses IP for communication.
+
+When domain name is specified from inbound proxy, or get sniffed from the connection, it will be automatically used for connection. It is not necessary to set `serverName` in such case.
+
+> `alpn`: \[ string \]
+
+An array of strings, to specifiy the ALPN value in TLS handshake. Default value is `["http/1.1"]`.
+
+> `allowInsecure`: true | false
+
+If `true`, V2Ray allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates.
+
+> `allowInsecureCiphers`: true | false
+
+Whehter or not to allow insecure cipher suites. By default TLS only uses cipher suites from TLS 1.3 spec. Turn on this option to allow cipher suites with static RSA keys.
+
+> `disableSystemRoot`: true | false
+
+(V2Ray 4.18+) Whether or not to disable system root CAs for TLS handshake. Default value is `false`. If set to `true`, V2Ray will use only `certificates` for TLS handshake.
+
+> `certificates`: \[ [CertificateObject](#certificateobject) \]
+
+List of TLS certificates. Each entry is one certificate.
+
+### CertificateObject
+
+```javascript
+{
+ "usage": "encipherment",
+
+ "certificateFile": "/path/to/certificate.crt",
+ "keyFile": "/path/to/key.key",
+
+ "certificate": [
+ "-----BEGIN CERTIFICATE-----",
+ "MIICwDCCAaigAwIBAgIRAO16JMdESAuHidFYJAR/7kAwDQYJKoZIhvcNAQELBQAw",
+ "ADAeFw0xODA0MTAxMzU1MTdaFw0xODA0MTAxNTU1MTdaMAAwggEiMA0GCSqGSIb3",
+ "DQEBAQUAA4IBDwAwggEKAoIBAQCs2PX0fFSCjOemmdm9UbOvcLctF94Ox4BpSfJ+",
+ "3lJHwZbvnOFuo56WhQJWrclKoImp/c9veL1J4Bbtam3sW3APkZVEK9UxRQ57HQuw",
+ "OzhV0FD20/0YELou85TwnkTw5l9GVCXT02NG+pGlYsFrxesUHpojdl8tIcn113M5",
+ "pypgDPVmPeeORRf7nseMC6GhvXYM4txJPyenohwegl8DZ6OE5FkSVR5wFQtAhbON",
+ "OAkIVVmw002K2J6pitPuJGOka9PxcCVWhko/W+JCGapcC7O74palwBUuXE1iH+Jp",
+ "noPjGp4qE2ognW3WH/sgQ+rvo20eXb9Um1steaYY8xlxgBsXAgMBAAGjNTAzMA4G",
+ "A1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA",
+ "MA0GCSqGSIb3DQEBCwUAA4IBAQBUd9sGKYemzwPnxtw/vzkV8Q32NILEMlPVqeJU",
+ "7UxVgIODBV6A1b3tOUoktuhmgSSaQxjhYbFAVTD+LUglMUCxNbj56luBRlLLQWo+",
+ "9BUhC/ow393tLmqKcB59qNcwbZER6XT5POYwcaKM75QVqhCJVHJNb1zSEE7Co7iO",
+ "6wIan3lFyjBfYlBEz5vyRWQNIwKfdh5cK1yAu13xGENwmtlSTHiwbjBLXfk+0A/8",
+ "r/2s+sCYUkGZHhj8xY7bJ1zg0FRalP5LrqY+r6BckT1QPDIQKYy615j1LpOtwZe/",
+ "d4q7MD/dkzRDsch7t2cIjM/PYeMuzh87admSyL6hdtK0Nm/Q",
+ "-----END CERTIFICATE-----"
+ ],
+ "key": [
+ "-----BEGIN RSA PRIVATE KEY-----",
+ "MIIEowIBAAKCAQEArNj19HxUgoznppnZvVGzr3C3LRfeDseAaUnyft5SR8GW75zh",
+ "bqOeloUCVq3JSqCJqf3Pb3i9SeAW7Wpt7FtwD5GVRCvVMUUOex0LsDs4VdBQ9tP9",
+ "GBC6LvOU8J5E8OZfRlQl09NjRvqRpWLBa8XrFB6aI3ZfLSHJ9ddzOacqYAz1Zj3n",
+ "jkUX+57HjAuhob12DOLcST8np6IcHoJfA2ejhORZElUecBULQIWzjTgJCFVZsNNN",
+ "itieqYrT7iRjpGvT8XAlVoZKP1viQhmqXAuzu+KWpcAVLlxNYh/iaZ6D4xqeKhNq",
+ "IJ1t1h/7IEPq76NtHl2/VJtbLXmmGPMZcYAbFwIDAQABAoIBAFCgG4phfGIxK9Uw",
+ "qrp+o9xQLYGhQnmOYb27OpwnRCYojSlT+mvLcqwvevnHsr9WxyA+PkZ3AYS2PLue",
+ "C4xW0pzQgdn8wENtPOX8lHkuBocw1rNsCwDwvIguIuliSjI8o3CAy+xVDFgNhWap",
+ "/CMzfQYziB7GlnrM6hH838iiy0dlv4I/HKk+3/YlSYQEvnFokTf7HxbDDmznkJTM",
+ "aPKZ5qbnV+4AcQfcLYJ8QE0ViJ8dVZ7RLwIf7+SG0b0bqloti4+oQXqGtiESUwEW",
+ "/Wzi7oyCbFJoPsFWp1P5+wD7jAGpAd9lPIwPahdr1wl6VwIx9W0XYjoZn71AEaw4",
+ "bK4xUXECgYEA3g2o9WqyrhYSax3pGEdvV2qN0VQhw7Xe+jyy98CELOO2DNbB9QNJ",
+ "8cSSU/PjkxQlgbOJc8DEprdMldN5xI/srlsbQWCj72wXxXnVnh991bI2clwt7oYi",
+ "pcGZwzCrJyFL+QaZmYzLxkxYl1tCiiuqLm+EkjxCWKTX/kKEFb6rtnMCgYEAx0WR",
+ "L8Uue3lXxhXRdBS5QRTBNklkSxtU+2yyXRpvFa7Qam+GghJs5RKfJ9lTvjfM/PxG",
+ "3vhuBliWQOKQbm1ZGLbgGBM505EOP7DikUmH/kzKxIeRo4l64mioKdDwK/4CZtS7",
+ "az0Lq3eS6bq11qL4mEdE6Gn/Y+sqB83GHZYju80CgYABFm4KbbBcW+1RKv9WSBtK",
+ "gVIagV/89moWLa/uuLmtApyEqZSfn5mAHqdc0+f8c2/Pl9KHh50u99zfKv8AsHfH",
+ "TtjuVAvZg10GcZdTQ/I41ruficYL0gpfZ3haVWWxNl+J47di4iapXPxeGWtVA+u8",
+ "eH1cvgDRMFWCgE7nUFzE8wKBgGndUomfZtdgGrp4ouLZk6W4ogD2MpsYNSixkXyW",
+ "64cIbV7uSvZVVZbJMtaXxb6bpIKOgBQ6xTEH5SMpenPAEgJoPVts816rhHdfwK5Q",
+ "8zetklegckYAZtFbqmM0xjOI6bu5rqwFLWr1xo33jF0wDYPQ8RHMJkruB1FIB8V2",
+ "GxvNAoGBAM4g2z8NTPMqX+8IBGkGgqmcYuRQxd3cs7LOSEjF9hPy1it2ZFe/yUKq",
+ "ePa2E8osffK5LBkFzhyQb0WrGC9ijM9E6rv10gyuNjlwXdFJcdqVamxwPUBtxRJR",
+ "cYTY2HRkJXDdtT0Bkc3josE6UUDvwMpO0CfAETQPto1tjNEDhQhT",
+ "-----END RSA PRIVATE KEY-----"
+ ]
+}
+```
+
+> `usage`: "encipherment" | "verify" | "issue"
+
+Purpose of the certificate. Default value `"encipherment"`. Choices are:
+
+* `"encipherment"`: Certificate is used for TLS authentication and encryption.
+* `"verify"`: Certificate is used for validating TLS certificates from remote peer. In this case, the certificate has to be a CA certificate.
+* `"issue"`: Certificate is used for issuing other certificates. In this case, the certificate has to be a CA certificate.
+
+{% hint style='info' %}
+
+On Windows, you have to install your CA certificate to system, in order to verify cerificates issued from the CA.
+
+{% endhint %}
+
+{% hint style='info' %}
+
+When there is a new client request, say for `serverName` = `"v2ray.com"`, V2Ray will find a certificate for `"v2ray.com"` first. If not found, V2Ray will try to issue a new certificate using any existing certificate whose `usage` is `"issue"` for `"v2ray.com"`. The new certificate expires in one hour, and will be added to certificate pool for later reuse.
+
+{% endhint %}
+
+> `certificateFile`: string
+
+File path to the certificate. If the certificate is generated by OpenSSL, the path ends with ".crt".
+
+{% hint style='info' %}
+
+Use `v2ctl cert -ca` command to generate a new CA certificate.
+
+{% endhint %}
+
+> `certificate`: \[ string \]
+
+List of strings as content of the certificate. See the example above. Either `certificate` or `certificateFile` must not be empty.
+
+> `keyFile`: string
+
+File path to the private key. If generated by OpenSSL, the file usually ends with ".key". Key file with password is not supported.
+
+> `key`: \[ string \]
+
+List of strings as content of the private key. See the example above. Either `key` or `keyFile` must not be empty.
+
+When `certificateFile` and `certificate` are both filled in. V2Ray uses `certificateFile`. Same for `keyFile` and `key`.
+
+{% hint style='info' %}
+
+When `usage` is `"verify"`, both `keyFile` and `key` can be empty.
+
+{% endhint %}
+
+### SockoptObject
+
+```javascript
+{
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+}
+```
+
+> `mark`: number
+
+An integer. If non-zero, the value will be set to out-going connections via socket option SO_MARK. This mechanism only applies on Linux and requires CAP_NET_ADMIN permission.
+
+> `tcpFastOpen`: true | false
+
+Whether or not to enable [TCP Fast Open](https://en.wikipedia.org/wiki/TCP_Fast_Open). When set to `true`, V2Ray enables TFO for current connection. When set to `false`, V2Ray disables TFO. If this entry doesn't exist, V2Ray uses default settings from operating system.
+
+* Only apply on the following operating systems:
+ * Windows 10 (1604) or later
+ * Mac OS 10.11 / iOS 9 or later
+ * Linux 3.16 or later: Enabled by system default.
+* Applicable for both inbound and outbound connections.
+
+> `tproxy`: "redirect" | "tproxy" | "off"
+
+Whether or not to enable transparent proxy on Linux. Choices are:
+
+* `"off"`: Default value. Not enable TProxy at all.
+* `"redirect"`: Enable TProxy with Redirect mode. Supports TCP/IPv4 and UDP traffic.
+* `"tproxy"`: Enable TProxy with TProxy mode. Supports TCP and UDP traffic.
+
+Transparent proxy requires Root or CAP\_NET\_ADMIN permission.
+
+{% hint style='info' %}
+
+If `TProxy` is not set, and `allowRedirect` is set in [dokodemo-door](protocols/dokodemo.md), the value of `TProxy` will be set to `"redirect"` automatically.
+
+{% endhint %}
\ No newline at end of file
diff --git a/ru/configuration/transport/domainsocket.md b/ru/configuration/transport/domainsocket.md
new file mode 100644
index 000000000..2f3830dae
--- /dev/null
+++ b/ru/configuration/transport/domainsocket.md
@@ -0,0 +1,30 @@
+---
+refcn: chapter_02/transport/domainsocket
+refen: configuration/transport/domainsocket
+---
+
+# Доставка через сокет домена
+
+Сокет домена использует стандартный сокет домена Unix для доставки данных. Сокет домена - это внутрисистемный канал передачи данных. Он не создаёт задержек в сетевом буфере и может быть немного быстрее, чем передача через локальную петлю (loopback).
+
+Сокет домена может использоваться только на платформах, которые его поддерживают: Unix, macOS и Linux. ОС Windows не поддерживается.
+
+{% hint style='info' %}
+
+Когда используется сокет домена, IP и порт, указанные во входящем/исходящем прокси, будут проигнорированы. Весь трафик туннелируется через сокет домена.
+
+{% endhint %}
+
+## DomainSocketObject
+
+`DomainSocketObject` используется в поле `dsSettings` в `TransportObject` и `StreamSettingsObject`.
+
+```javascript
+{
+ "path": "/path/to/ds/file"
+}
+```
+
+> `path`: string
+
+Реальный абсолютный путь к файлу. Перед запуском V2Ray указанный файл не должен существовать.
\ No newline at end of file
diff --git a/ru/configuration/transport/h2.md b/ru/configuration/transport/h2.md
new file mode 100644
index 000000000..2b8c1587a
--- /dev/null
+++ b/ru/configuration/transport/h2.md
@@ -0,0 +1,29 @@
+---
+refcn: chapter_02/transport/h2
+refen: configuration/transport/h2
+---
+
+# Доставка через HTTP/2
+
+Доставка через HTTP/2 добавлена в V2Ray 3.17. Оно основано на стандарте HTTP/2 и может быть проксировано через другие HTTP сервера, например Nginx.
+
+В соответствии с рекомендациями HTTP/2, входящие и исходящие соединения должны использовать TLS.
+
+## HttpObject
+
+`DomainSocketObject` используется в поле `httpSettings` в `TransportObject` и `StreamSettingsObject`.
+
+```javascript
+{
+ "host": ["v2ray.com"],
+ "path": "/random/path"
+}
+```
+
+> `host`: \[ string \]
+
+Массив строк. Каждый элемент - домен. Клиент выбирает домен произвольно для каждого запроса. Сервер проверяет, находится ли запрашиваемый домен в списке.
+
+> `path`: string
+
+Путь HTTP. Клиент и сервер должны иметь одинаковые значения.
\ No newline at end of file
diff --git a/ru/configuration/transport/mkcp.md b/ru/configuration/transport/mkcp.md
new file mode 100644
index 000000000..dd44af485
--- /dev/null
+++ b/ru/configuration/transport/mkcp.md
@@ -0,0 +1,88 @@
+---
+refcn: chapter_02/transport/mkcp
+refen: configuration/transport/mkcp
+---
+
+# Доставка через mKCP
+
+mKCP is a reliable stream transport. It is an UDP based protocol. mKCP sends more traffic for lower latency. To transfer the same amount of data, mKCP usually requires more throughput than TCP does.
+
+## KcpObject
+
+```javascript
+{
+ "mtu": 1350,
+ "tti": 20,
+ "uplinkCapacity": 5,
+ "downlinkCapacity": 20,
+ "congestion": false,
+ "readBufferSize": 1,
+ "writeBufferSize": 1,
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `mtu`: number
+
+Maximum transmission unit. It indicates the maxium number bytes that an UDP packet can carry. Recommended value is between `576` and `1460`. Default value `1350`.
+
+> `tti`: number
+
+Transmission time interval, in milli-second. mKCP sends data in this interval. Recommended value is between `10` and `100`. Default value `50`.
+
+> `uplinkCapacity`: number
+
+Uplink bandwidth, in MB/s. The maximum bandwidth for the V2Ray instance to upload data to a remote one. Default value is `5`. Please note it is byte (in MB/s), not bit. One may use value `0` for a small bandwidth.
+
+> `downlinkCapacity`: number
+
+Downlink bandwidth, in MB/s. The maximum bandwidth for the V2Ray instance to download data. Default value is `20`. Please note it is byte (in MB/s), not bit. One may use value `0` for a small bandwidth.
+
+{% hint style='info' %}
+
+`uplinkCapacity` and `downlinkCapacity` determine the speed of mKCP. On client side, `uplinkCapacity` specifies the speed for client sending data to server. On sever side, `downlinkCapacity` specifies the speed of server receiving data. The minimum of this pair is effective in an actual connection.
+
+{% endhint %}
+
+> `congestion`: true | false
+
+Whether or not to enable congestion control. Default value is `false`. When congestion control is enabled, V2Ray will detect network quality. It will send less packets when packet loss is severe, or more data when network is not fully filled.
+
+> `readBufferSize`: number
+
+Read buffer size for a single connection, in MB. Default value is `2`.
+
+> `writeBufferSize`: number
+
+Write buffer size for a single connection, in MB. Default value is `2`.
+
+> `header`: [HeaderObject](#headerobject)
+
+Configuration for packet header obfuscation.
+
+### HeaderObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: string
+
+Type of obfuscation. Corresponding inbound and outbound proxy must have the same settings. Choices are:
+
+* `"none"`: Default value. No obfuscation is used.
+* `"srtp"`: Obfuscated as SRTP traffic. It may be recognized as video calls such as Facetime.
+* `"utp"`: Obfuscated as uTP traffic. It may be recognized as Bittorrent traffic.
+* `"wechat-video"`: Obfuscated to WeChat traffic.
+* `"dtls"`: Obfuscated as DTLS 1.2 packets.
+* `"wireguard"`: Obfuscated as WireGuard packets. (NOT true WireGuard protocol)
+
+## Благодарности {#credits}
+
+* @skywind3000 invented the original KCP protocol and implemented in C.
+* @xtaci re-implement KCP protocol in Go.
+* @xiaokangwang integrated KCP into V2Ray.
\ No newline at end of file
diff --git a/ru/configuration/transport/quic.md b/ru/configuration/transport/quic.md
new file mode 100644
index 000000000..aee7406a0
--- /dev/null
+++ b/ru/configuration/transport/quic.md
@@ -0,0 +1,74 @@
+---
+refcn: chapter_02/transport/quic
+refen: configuration/transport/quic
+---
+
+# QUIC
+
+QUIC, or Quick UDP Internet Connection, is a multiplexing transport based on UDP, initially designed, implemented, and deployed by Google.
+
+QUIC has the following advantages:
+
+1. Reduced number of roundtrips in handshake phase. (1-RTT or 0-RTT)
+2. Multiplexing without head of line blocking as in TCP
+3. Connection migration, especially for clients. For example, connections don't break when device moves from Wi-Fi to 4G.
+
+QUIC is now an experiment in V2Ray. It implements IETF specification. As the spec is still being standardized, compatibility can't be guaranteed.
+
+## Update History
+
+V2Ray 4.7:
+
+* Initial version to support QUIC.
+* Default settings:
+ * 12 byte Connection ID
+ * Connection timeout in 30 seconds if no data traffic. (May have impact on some long HTTP connections)
+
+## QuicObject
+
+QUIC is used as `quicSettings` in transport settings. The configuration must be exactly the same between connecting peers.
+
+QUIC requires TLS. If TLS is not enabled in transport settings, V2Ray will automatically issue a TLS certificate for it. When QUIC transport is used, encryption in VMess can be turned off.
+
+```javascript
+{
+ "security": "none",
+ "key": "",
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `security`: "none" | "aes-128-gcm" | "chacha20-poly1305"
+
+Extra encryption over entire QUIC packet, include the frame head part. Default value is "none" for no encryption. After being encrypted, QUIC packets can't be sniff'ed.
+
+> `key`: string
+
+Key for the encryption above. Can be any string. Only effective when `security` is not `"none"`.
+
+> `header`: [HeaderObject](#headerobject)
+
+Configuration for packet header obfuscation.
+
+### HeaderObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: string
+
+Type of obfuscation. Corresponding inbound and outbound proxy must have the same settings. Choices are:
+
+* `"none"`: Default value. No obfuscation is used.
+* `"srtp"`: Obfuscated as SRTP traffic. It may be recognized as video calls such as Facetime.
+* `"utp"`: Obfuscated as uTP traffic. It may be recognized as Bittorrent traffic.
+* `"wechat-video"`: Obfuscated to WeChat traffic.
+* `"dtls"`: Obfuscated as DTLS 1.2 packets.
+* `"wireguard"`: Obfuscated as WireGuard packets. (NOT true WireGuard protocol)
+
+{% hint style='info' %} When neither encryption nor obfuscation is enabled, QUIC transport is compatible with other QUIC tools. However it is recommended to enable either or both for better undetectable communication. {% endhint %}
\ No newline at end of file
diff --git a/ru/configuration/transport/tcp.md b/ru/configuration/transport/tcp.md
new file mode 100644
index 000000000..26f158572
--- /dev/null
+++ b/ru/configuration/transport/tcp.md
@@ -0,0 +1,130 @@
+---
+refcn: chapter_02/transport/tcp
+refen: configuration/transport/tcp
+---
+
+# Доставка через TCP
+
+## TcpObject
+
+```javascript
+{
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `header`: NoneHeaderObject | HttpHeaderobject
+
+Header obfuscation. Default value is `NoneHeaderObject`.
+
+### NoneHeaderObject
+
+No header obfuscation.
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none"
+
+Disable header obfuscation.
+
+### HttpHeaderObject
+
+HTTP header obfuscation. The configuration must be the same between connecting inbound and outbound.
+
+```javascript
+{
+ "type": "http",
+ "request": {},
+ "response": {}
+}
+```
+
+> `type`: "http"
+
+Enable HTTP header obfuscation.
+
+> `request`: [HTTPRequestObject](#httprequestobject)
+
+HTTP request template.
+
+> `response`: [HTTPResponseObject](#httpresponseobject)
+
+HTTP response template.
+
+### HTTPRequestObject
+
+```javascript
+{
+ "version": "1.1",
+ "method": "GET",
+ "path": ["/"],
+ "headers": {
+ "Host": ["www.baidu.com", "www.bing.com"],
+ "User-Agent": [
+ "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36",
+ "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
+ ],
+ "Accept-Encoding": ["gzip, deflate"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
+ }
+}
+```
+
+> `version`: string
+
+HTTP version. Default value is `"1.1"`.
+
+> `method`: string
+
+HTTP method. Default value is `"GET"`。
+
+> `path`: \[ string \]
+
+HTTP path. An array is string. The path will be chosen randomly for every connection.
+
+> `headers`: map{string, \[ string \] }
+
+HTTP header. The key of each entry is the key of HTTP header. The value of each entry is a list of strings. The actual HTTP header value will be chosen randomly from the list for each connection. Default value is the values in the example above.
+
+In a connection, all keys in the specified map will be set to the HTTP header.
+
+### HTTPResponseObject
+
+```javascript
+{
+ "version": "1.1",
+ "status": "200",
+ "reason": "OK",
+ "headers": {
+ "Content-Type": ["application/octet-stream", "video/mpeg"],
+ "Transfer-Encoding": ["chunked"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
+ }
+}
+```
+
+> `version`: string
+
+HTTP version. Default value is `"1.1"`.
+
+> `status`: string
+
+HTTP status. Default value is `"200"`
+
+> `reason`: string
+
+HTTP status message. Default value is `"OK"`.
+
+> `headers`: map{string, string}
+
+HTTP header. The key of each entry is the key of HTTP header. The value of each entry is a list of strings. The actual HTTP header value will be chosen randomly from the list for each connection. Default value is the values in the example above.
+
+In a connection, all keys in the specified map will be set to the HTTP header.
\ No newline at end of file
diff --git a/ru/configuration/transport/websocket.md b/ru/configuration/transport/websocket.md
new file mode 100644
index 000000000..ef9d50a67
--- /dev/null
+++ b/ru/configuration/transport/websocket.md
@@ -0,0 +1,35 @@
+---
+refcn: chapter_02/transport/websocket
+refen: configuration/transport/websocket
+---
+
+# WebSocket
+
+Использует стандартный WebSocket для передачи данных. Соединения Websocket могут быть проксифицированы HTTP-сервером, например Nginx.
+
+## WebSocketObject
+
+`WebSocketObject` используется как `wsSettings` в `TransportObject` и `StreamSettingsObject`.
+
+{% hint style='info' %}
+
+Websocket распознает HTTP-заголовок X-Forwarded-For и использует его в качестве адреса входящего источника.
+
+{% endhint %}
+
+```javascript
+{
+ "path": "/",
+ "headers": {
+ "Host": "v2ray.com"
+ }
+}
+```
+
+> `path`: string
+
+Путь, используемый для WebSocket. По умолчанию корень домена `"/"`.
+
+> `headers`: map{string, string}
+
+Пользовательский HTTP-заголовок. Это массив, в котором каждая запись представляет собой пару ключевых значений в строке, для заголовка и значения в заголовке HTTP. По умолчанию пуст.
\ No newline at end of file
diff --git a/ru/developer/tools.md b/ru/developer/tools.md
new file mode 100644
index 000000000..cb074fa8c
--- /dev/null
+++ b/ru/developer/tools.md
@@ -0,0 +1,14 @@
+# Инструменты
+
+## Сторонние SDK
+
+* C#: [v2ray-dotnet-sdk](https://github.com/techotaku/v2ray-dotnet-sdk)
+
+## Автоматизация
+
+V2Ray использует следующие инструменты автоматизации для сборки и выпуска.
+
+* [Bazel](https://bazel.build/): Сборка и опакечивание.
+* [Azure DevOps](https://dev.azure.com/): Автоматизированные релизы.
+* [Google Cloud](https://cloud.google.com/): Автоматизированные релизы.
+* [CloudFlare](https://cloudflare.com/): Официальный сайт и домен.
\ No newline at end of file
diff --git a/ru/styles/website.css b/ru/styles/website.css
new file mode 100644
index 000000000..d8d13000a
--- /dev/null
+++ b/ru/styles/website.css
@@ -0,0 +1,35 @@
+.book-summary {
+ font-family: "Helvetica Neue", "Open Sans", sans-serif;
+ font-size: 14px;
+}
+
+.book-header .btn {
+ padding: 0 5px;
+}
+
+.markdown-section {
+ font-family: "Helvetica Neue", "Open Sans", sans-serif;
+ font-weight: 400;
+ font-size: 14px;
+}
+
+.markdown-section pre>code {
+ font-family: "Source Code Pro", monospace;
+ font-weight: 400;
+ font-size: 14px;
+}
+
+.markdown-section code:not([class]) {
+ white-space: nowrap;
+ padding: 0;
+}
+
+.markdown-section blockquote {
+ margin: 0;
+ margin-bottom: .85em;
+ padding: 0 15px;
+ border-left: 4px solid #64b5f6;
+ border-top: 1px solid #64b5f6;
+ color: #000000;
+ margin-top: 10px;
+}
diff --git a/ru/ui_client/README.md b/ru/ui_client/README.md
new file mode 100644
index 000000000..3dd65f157
--- /dev/null
+++ b/ru/ui_client/README.md
@@ -0,0 +1,13 @@
+---
+refcn: ui_client/index
+refen: ui_client/index
+---
+# Клиенты Project V
+
+Кроме ядра V2ray, Project V включает в себя различные графические клиенты на многих платформах. Обратите внимание на список ниже, в подкатегориях много полезного.
+
+* [Windows](windows.md)
+* [Mac OS X](osx.md)
+* [iOS](ios.md)
+* [Android](android.md)
+* [Онлайн сервисы](ui_client/service.md)
\ No newline at end of file
diff --git a/ru/ui_client/android.md b/ru/ui_client/android.md
new file mode 100644
index 000000000..55ee8cdb8
--- /dev/null
+++ b/ru/ui_client/android.md
@@ -0,0 +1,51 @@
+---
+refcn: ui_client/android
+refen: ui_client/android
+---
+# Клиенты Android
+
+## BifrostV
+
+BifrostV - приложение для Android, основанное на ядре V2Ray. Поддерживает протоколы VMess, Shadowsocks, socks.
+
+* Загрузить: [Play Store](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv)
+* Загрузить: [APK Pure](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+## V2RayNG
+
+V2RayNG - приложение для Android, основанное на V2Ray. Оно обеспечивает тот же набор функций, что и ядро V2Ray.
+
+* Загрузить: [Play Store](https://play.google.com/store/apps/details?id=com.v2ray.ang)
+* Исходный код: [GitHub](https://github.com/2dust/v2rayNG)
+
+## V2Ray Go
+
+* Загрузить: [Play Store](https://play.google.com/store/apps/details?id=org.kkdev.v2raygo)
+* Исходный код: [GitHub](https://github.com/xiaokangwang/V2RayGO)
+
+## Actinium
+
+* Загрузить: Play Store (недоступно)
+* Исходный код: [GitHub](https://github.com/V2Ray-Android/Actinium)
+
+## Другие инструменты {#other}
+
+### JuiceSSH
+
+Клиент SSH.
+
+* Загрузить: [Play Store](https://play.google.com/store/apps/details?id=com.sonelli.juicessh)
+* Веб-сайт: [JuiceSSH.com](https://juicessh.com/)
+
+### Termius
+
+Клиент SSH
+
+* Загрузить: [Play Store](https://play.google.com/store/apps/details?id=com.server.auditor.ssh.client)
+
+### Telegram
+
+Зашифрованное общение.
+
+* Веб-сайт: [telegram.org](https://telegram.org/)
+* Загрузить: [Play Store](https://play.google.com/store/apps/details?id=org.telegram.messenger)
\ No newline at end of file
diff --git a/ru/ui_client/ios.md b/ru/ui_client/ios.md
new file mode 100644
index 000000000..b13d68b33
--- /dev/null
+++ b/ru/ui_client/ios.md
@@ -0,0 +1,62 @@
+---
+refcn: ui_client/ios
+refen: ui_client/ios
+---
+# Клиенты iOS
+
+## Kitsunebi
+
+Kitsunebi - приложение для iOS, основанное на V2Ray. Обеспечивает полную функциональность V2Ray. Присутствует импорт и экспорт настроек в JSON, совместимом с V2Ray.
+
+* Загрузить: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+## Kitsunebi Lite
+
+Облегченная версия Kitsunebi.
+
+* Загрузить: [iTunes](https://www.v2ray.com/itunes/us/kitsunebi-lite/id1387913765/)
+
+## Shadowrocket
+
+Shadowrocket - универсальный VPN. Поддерживает разнообразные протоколы: Shadowsocks, VMess, SSR и другие.
+
+* Загрузить: [iTunes](https://www.v2ray.com/itunes/us/shadowrocket/id932747118/)
+
+## Pepi (ранее ShadowRay) {#pepi}
+
+Pepi - приложение, совместимое с V2Ray. Может создавать VPN-соединения на основе протокола VMess и обмениваться данными с любыми серверами V2Ray.
+
+* Загрузить: [iTunes](https://www.v2ray.com/itunes/us/pepi/id1283082051/)
+
+## Quantumult
+
+* Загрузить: [iTunes](https://www.v2ray.com/itunes/us/quantumult/id1252015438/)
+
+## Другие инструменты {#other}
+
+### HyperApp
+
+Утилита для создания серверов при помощи Docker.
+
+* Загрузить: [iTunes](https://www.v2ray.com/itunes/us/hyperapp/id1179750280/)
+* Веб-сайт: [HyperApp.fun](https://www.hyperapp.fun/)
+
+### Termius
+
+Клиент SSH.
+
+* Загрузить: [iTunes](https://www.v2ray.com/itunes/us/termius/id549039908/)
+
+### Telegram
+
+Зашифрованное общение.
+
+* Веб-сайт: [telegram.org](https://telegram.org/)
+* Загрузить: [iTunes](https://www.v2ray.com/itunes/us/telegram-messenger/id686449807/)
+
+### ProtonMail
+
+Зашифрованная почта.
+
+* Веб-сайт: [protonmail.com](https://protonmail.com/)
+* Загрузить: [iTunes](https://www.v2ray.com/itunes/us/protonmail-encrypted-email/id979659905/)
\ No newline at end of file
diff --git a/ru/ui_client/osx.md b/ru/ui_client/osx.md
new file mode 100644
index 000000000..2ed698bb1
--- /dev/null
+++ b/ru/ui_client/osx.md
@@ -0,0 +1,32 @@
+---
+refcn: ui_client/osx
+refen: ui_client/osx
+---
+# Mac OS X
+
+## V2RayX
+
+* Загрузить: [GitHub](https://github.com/Cenmrev/V2RayX)
+
+## V2RayU
+
+* Загрузить: [GitHub](https://github.com/yanue/V2rayU)
+
+## Другие инструменты {#other}
+
+### Visual Studio Code
+
+Редактор исходного кода от Microsoft.
+
+* Веб-сайт: [code.visualstudio.com](https://code.visualstudio.com/)
+
+### Telegram
+
+Зашифрованное общение.
+
+* Веб-сайт: [telegram.org](https://telegram.org/)
+* Загрузить: [Mac App Store](https://www.v2ray.com/itunesm/us/telegram-desktop/id946399090/)
+
+### Клиент подключения к удаленному рабочему столу от Microsoft
+
+* Загрузить: [Mac App Store](https://www.v2ray.com/itunesm/us/microsoft-remote-desktop/id715768417/)
\ No newline at end of file
diff --git a/ru/ui_client/service.md b/ru/ui_client/service.md
new file mode 100644
index 000000000..7866e783a
--- /dev/null
+++ b/ru/ui_client/service.md
@@ -0,0 +1,40 @@
+---
+refcn: ui_client/service
+refen: ui_client/service
+---
+# Онлайн сервисы
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## Связанные с V2Ray
+
+* [Генератор конфигурации](https://htfy96.github.io/v2ray-config-gen/)
+* [Генератор UUID](https://www.uuidgenerator.net/)
+
+## VPN
+
+* [BabyDriver](http://babydriver.me/): Поддерживает V2Ray. Скидочный код: bcb518
+* [喵帕斯](https://xn--i2ru8q2qg.com/): Поддерживает V2Ray (на стадии внедрения)
+* [Lanan](https://xn--sjt174g.com/): Сервис VPN, основанный на V2Ray. Скидочный код: v2ray
+* [多数派](https://dspi.io/aff.php?aff=7): Новый сервис VPN, основанный на V2Ray.
+* [V2rayPro](https://myv2.us/): VPN service based on V2Ray. Coupon code: v2ray.com
+* [V2Net](http://v2net.org/): Customized V2Ray service. Promo code: v2ray.com
+
+## Хостинг
+
+* [Let's Encrypt](https://letsencrypt.org/): Бесплатные TLS-сертификаты
+* [Vultr](https://www.vultr.com/?ref=7269307): VPS
+ * [2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+* [BlueHost](https://www.bluehost.com/track/v2ray/): VPS, веб-хостинг
+* [ClouDNS](https://www.cloudns.net/aff/id/244749/): Регистрация доменов, DNS, сертификаты SSL
+
+## Криптовалюта
+
+* [LocalBitcoins](https://localbitcoins.com/?ch=khtm): Торговля биткоинами в оффлайн
+* [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g): Внебиржевой рынок для торговли BTC, ETH, BCH, USDT.
+* [Binance](https://www.binance.com/?ref=35382451): Торговая площадка для криптовалют.
+* [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp): Торговая площадка для криптовалют.
+* [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18): Онлайн-кошелек с криптовалютой.
+* [PrimeDice](https://primedice.com/?c=default): Игра в кости на биткоины.
+* [OneHash](https://www.onehash.com/?ap=56d52158f7e04b169ec54d): Ставки на спорт, Bitcoin, Чемпионат мира 2018.
+* [Bitsler](https://www.bitsler.com/?ref=VictoriaR): Игры в казино на биткоины.
\ No newline at end of file
diff --git a/ru/ui_client/windows.md b/ru/ui_client/windows.md
new file mode 100644
index 000000000..568e25d32
--- /dev/null
+++ b/ru/ui_client/windows.md
@@ -0,0 +1,37 @@
+---
+refcn: ui_client/windows
+refen: ui_client/windows
+---
+# Windows
+
+## V2RayW
+
+* Загрузить: [GitHub](https://github.com/Cenmrev/V2RayW)
+
+## V2RayN
+
+* Загрузить: [GitHub](https://github.com/2dust/v2rayN)
+
+## V2RayS
+
+* Загрузить: [GitHub](https://github.com/Shinlor/V2RayS)
+
+## Другие инструменты {#other}
+
+### PuTTY
+
+Клиент SSH.
+
+* Веб-сайт: [putty.org](http://www.putty.org/)
+
+### Visual Studio Code
+
+Редактор исходного кода от Microsoft.
+
+* Веб-сайт: [code.visualstudio.com](https://code.visualstudio.com/)
+
+### Telegram
+
+Зашифрованное общение.
+
+* Веб-сайт: [telegram.org](https://telegram.org/)
\ No newline at end of file
diff --git a/ru/welcome/command.md b/ru/welcome/command.md
new file mode 100644
index 000000000..9332ecce7
--- /dev/null
+++ b/ru/welcome/command.md
@@ -0,0 +1,151 @@
+---
+refcn: chapter_00/command
+refen: welcome/command
+---
+
+# Командная строка
+
+## V2Ray
+
+V2Ray имеет следующие параметры командной строки:
+
+```shell
+v2ray [-version] [-test] [-config=config.json] [-format=json]
+```
+
+> `-version`
+
+Вывести версию V2Ray, затем завершить работу.
+
+> `-test`
+
+Считать и проверить настройки, вывести найденные ошибки, затем завершить работу.
+
+> `-config`
+
+URI файла с настройками. Возможные варианты:
+
+* Путь к локальному файлу с настройками. Может быть как относительным, так и абсолютным.
+* `"stdin:"`: Указывает V2Ray считать настройки через стандартный поток ввода. Вызывающая программа должна закрыть stdin после вывода настроек.
+* Начинающиеся с `http://` или `https://` (в нижнем регистре): V2Ray пытается загрузить настройки с указанного адреса.
+
+> `-format`
+
+Формат файла с настройками. Возможные варианты:
+
+* `json`: формат JSON.
+* `pb` или `protobuf`: формат Protobuf.
+
+{% hint style='info' %}
+
+Если значение `-config` не задано, V2Ray сначала пытается загрузить конфигурацию из `config.json` из рабочего каталога, а затем из каталога, заданного [переменной среды](../configuration/env.md) `v2ray.location.asset`.
+
+{% endhint %}
+
+## V2Ctl
+
+V2Ctl — это набор инструментов командной строки. Он работает следующим образом:
+
+```bash
+v2ctl
+```
+
+> `command`
+
+Доступные значения:
+
+* `api`: Удалённое управление работающим V2Ray.
+* `config`: Преобразовать конфигурацию из формата JSON в protobuf.
+* `cert`: Генерировать сертификаты TLS.
+* `fetch`: Загрузка удалённого конента.
+* `tlsping`: (V2Ray 4.17+) Проверить усановление соединения (handshake) TLS.
+* `verify`: Проверить подпись релиза V2Ray.
+* `uuid`: Генерировать UUID.
+
+### V2Ctl Api
+
+`v2ctl api [--server=127.0.0.1:8080] `
+
+Удалённое управление запущеными серверами V2Ray. Пример:
+
+`v2ctl api --server=127.0.0.1:8080 LoggerService.RestartLogger ''`
+
+### V2Ctl Config
+
+`v2ctl config`
+
+Команда без параметров. Принимает конфигурацию в JSON из stdin, преобразует её в Protobuf и выводит в stdout.
+
+### V2Ctl Cert
+
+`v2ctl cert [--ca] [--domain=v2ray.com] [--expire=240h] [--name="V2Ray Inc"] [--org="V2Ray Inc] [--json] [--file=v2ray]`
+
+Генерирует сертификат TLS на основе параметров.
+
+> `--ca`
+
+Если указано, сертификат будет сертификатом CA.
+
+> `--domain`
+
+Alternative Names in the certificate. This option can be used multiple times for multiple domains. For example: `--domain=v2ray.com --domain=v2ray.cool`.
+
+> `--expire`
+
+Expire date of the certificate. Value is a [Golang duration](https://golang.org/pkg/time/#ParseDuration).
+
+> `--name`
+
+Command Name in the certificate.
+
+> `--org`
+
+Orgnization in the certificate.
+
+> `--json`
+
+If specified, the certificate will be printed to stdout in the JSON format that is used in V2Ray.
+
+> `--file`
+
+Prints the certificate into files. When `--file=a`, two files named `a_cert.pem` and `a_key.pem` will be generated.
+
+### V2Ctl Fetch
+
+`v2ctl fetch `
+
+Fetch remove resources and print to stdout. Only HTTP and HTTPS URL are supported.
+
+### V2Ctl TlsPing
+
+`v2ctl tlsping --ip=[ip]`
+
+Test TLS handlshake with specific domain.
+
+> domain
+
+Target domain for the TLS handshake.
+
+> --ip
+
+The IP address of the domain. If not specifed, V2Ctl resolves it through system DNS.
+
+### V2Ctl Verify
+
+`v2ctl verify [--sig=/path/to/sigfile] `
+
+To verify the signature of a V2Ray binary.
+
+> `--sig`
+
+Path to signature file. Default value is the ".sig" file to the path to be verified.
+
+> `filepath`
+
+The file to be verified.
+
+### V2Ctl UUID
+
+`v2ctl uuid`
+
+No options. This command prints a random UUID.
\ No newline at end of file
diff --git a/ru/welcome/donate.md b/ru/welcome/donate.md
new file mode 100644
index 000000000..dbc2e05a8
--- /dev/null
+++ b/ru/welcome/donate.md
@@ -0,0 +1,77 @@
+---
+refcn: chapter_00/02_donate
+refen: welcome/donate
+---
+
+# Пожертвование
+
+V2Ray - некоммерческий проект. Исходный код и программа могут свободно (в основном) использоваться по лицензии MIT. Если вам нравится этот проект, подарите нам чашечку кофе.
+
+Ваше пожертвование не имеет прямой связи с разработкой и обслуживанием Project V. Our development will not be influenced by your donation. Тем не менее, мы отправим благодарственное письмо каждому донору. Если вы не хотите получать такое письмо, оставьте записку в своем пожертвовании.
+
+При жертвований более $50 предусмотрены такие плюшки:
+
+* Ваше имя или название компании висит на главной странице целый месяц.
+* Измените наш код как хотите. Ограничения: не трогать касающуюся пользователя функциональность; никаких изменений в документации. Правки останутся в коде на месяц.
+
+## Обычный способ {#usual-way}
+
+> Paypal
+
+Вы можете сделать пожертвование через [внутренний перевод Paypal](https://www.paypal.me/ProjectV2Ray/25) или [кредитной картой](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&amount=25¤cy_code=usd&hosted_button_id=4TU3UKYANT2WY)
+
+Пожалуйста, обратите внимание, что Paypal берёт высокую комиссию за обслуживание. Пожертвование менее 1 USD не имеет смысла.
+
+> Patreon
+
+[Patreon](https://www.patreon.com/v2ray) - это платформа для регулярных пожертвований. Вы можете использовать Patreon, если хотите часто делать пожертвования на постоянной основе.
+
+> Подарочная карта
+
+Сейчас мы можем принять подарочные карты только от Amazon US. Вы можете купить их на [Amazon.com](https://www.amazon.com/Amazon-eGift-Card-Birthday-Balloons/dp/B01FIS88SY) и отправить на `love@v2ray.com`.
+
+## Криптовалюта {#crypto}
+
+Криптовалюта является более надежным способом международных транзакций. Крипто-кошелек обычно является анонимным, и ваше пожертвование не отслеживаемо.
+
+Из-за анонимности, присущей криптовалюте, пожалуйста, отправьте нам электронное письмо до вашего пожертвования, если вы хотите получить благодарственное письмо в ответ.
+
+> Bitcoin
+
+Адрес: `3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM`
+
+Статистика и QR-код на [BlockChain](https://www.blockchain.com/btc/address/3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM)
+
+> Bitcoin Cash
+
+Адрес: `15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97`
+
+Статистика и QR-код на [BlockChain](https://explorer.bitcoin.com/bch/address/15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97)
+
+> Ethereum
+
+Адрес: `0x112ee71189704fe04cabed4aa045f4461c8c8696`
+
+Статистика и QR-код на [BlockChain](https://www.blockchain.com/eth/address/0x112ee71189704fe04cabed4aa045f4461c8c8696). А ещё туда можно отправить токены, поддерживающие ERC20: OMG, REP, GNT, и DGD
+
+> EOS
+
+Адрес: `EOS8Civdok4CBN3jCpsaGQijzesjKof1eyaRFuBU5mLMtWVkLsy8a`
+
+> Litecoin
+
+Адрес: `LVdeH2HkCgGRs8ZEpan7fkAEEPbiJ4McoR`
+
+> Monero
+
+Адрес: `48kA4NyLRCWQvB7U2A77G66Z25uWbyzmoZSYjxJfrMR1J4dRFW6fWFLDn3wirAqP8ySnR4rnvoXWxfkNFhrK5ZxY1WyBqKg`
+
+> Ripple
+
+Адрес: `r439fPk8DzCf4nSxkpfodEuE2cG4KVZQHq`
+
+Тэг не обязателен
+
+> Другое
+
+Если вы хотите пожертвовать нам другую валюту, отправьте нам электронное письмо по адресу `love@v2ray.com`.
\ No newline at end of file
diff --git a/ru/welcome/faq.md b/ru/welcome/faq.md
new file mode 100644
index 000000000..2d8cfc822
--- /dev/null
+++ b/ru/welcome/faq.md
@@ -0,0 +1,67 @@
+---
+refcn: chapter_00/faq
+refen: welcome/faq
+---
+
+# Часто задаваемые вопросы (ЧаВо)
+
+## Использование V2Ray
+
+### Как обновить V2Ray
+
+* Загрузите последний пакет, либо
+* Запустите ещё раз скрипт установки (для Linux)
+
+### Сбои V2Ray
+
+* Если вы используете Linux с systemd, вы можете посмотреть в журнал с ошибками, используя команду `journalctl -u v2ray`.
+* В общем случае вы можете запустить команду `v2ray -config = -test` чтобы увидеть информацию об ошибке.
+
+### Обратная совместимость
+
+* Конфигурационные файлы (например, JSON), обратно совместимы как минимум с последним крупным релизом. Так, V2Ray 4.x поддерживает конфигурационные файлы от V2Ray 3.x.
+* Протоколы на Protobuf, такие как [Api](../configuration/api.md), также обратно совместимы как минимум с последним релизом.
+* Бинарные протоколы, такие как Shadowsocks и VMess, всегда обратно совместимы, если версия сервера не старше клиентской. Если клиентская версия новее, обратная совместимость есть миниум с 12 минорными релизами.
+
+## Ошибки V2Ray
+
+### Socks: Unknown Socks version: 67
+
+Возможная причина
+
+* Вы настроили в V2Ray socks, но браузер пытается использовать его как HTTP-прокси.
+
+Решение
+
+* Добавьте в V2Ray HTTP как протокол для входящих соединений, затем в браузере обновите настройки прокси-сервера.
+
+## Лицензия этого проекта
+
+Project V использует следующую лицензию.
+
+### V2Ray
+
+Исходный код и официальные релизы распространяются под лицензией MIT, включая данные в следующих репозиториях.
+
+* [v2ray/v2ray-core](https://www.github.com/v2ray/v2ray-core/)
+* [v2ray/ext](https://www.github.com/v2ray/ext)
+
+### V2Ray.Com
+
+Официальный веб-сайт, [v2ray.com](https://www.v2ray.com/), лицензируется на условиях [Creative Commons Attribution 4.0 International License](https://creativecommons.org/licenses/by/4.0/).
+
+* Включая все видимые тексты и изображения на веб-сайте.
+* В том числе логотип Project V.
+* Включая весь исходный код, который используется для создания веб-сайта, а именно, [v2ray/manual](https://www.github.com/v2ray/manual).
+
+### Скриншоты и другие файлы {#screenshots}
+
+Все файлы третьих лиц, перечисленные ниже, принадлежат их создателям. Файлы принадлежат тем, кто их создал.
+
+* Включая все скриншоты Project V.
+* Включая все файлы конфигурации, которые используются для запуска Project V.
+* Включая все логи, созданные Project V во время выполнения.
+
+### Другой контент {#other}
+
+Все не упомянутые выше материалы лицензируются индивидуально.
\ No newline at end of file
diff --git a/ru/welcome/help.md b/ru/welcome/help.md
new file mode 100644
index 000000000..17b6dee95
--- /dev/null
+++ b/ru/welcome/help.md
@@ -0,0 +1,117 @@
+---
+refcn: chapter_00/help
+refen: welcome/help
+---
+
+# Поддержка
+
+С сообществом Project V можно связаться разными способами.
+
+{% hint style='info' %}
+
+Команда Project V знает китайский и английский. Пожалуйста, выбирайте из них при задавании вопросов.
+
+{% endhint %}
+
+## Github issues
+
+Мы используем несколько репозиториев для различных дискуссий.
+
+* [Code issues](https://github.com/v2ray/v2ray-core/issues)
+ * Только для кода (ошибки, уязвимости).
+* [Дорожная карта](https://github.com/v2ray/planning/issues)
+* [Общее обсуждение](https://github.com/v2ray/discussion/issues)
+
+## Telegram
+
+Project V предоставляет следующие группы для разных типов обсуждений.
+
+* [Использование](https://t.me/v2fly_chat)
+ * Только для связанных с Project V тем.
+* [Прочие](https://t.me/joinchat/DNcazUIYaH80uVfeS716jg)
+ * Для всех остальных тем.
+
+Темы в этих группах в основном на китайском. Если вы создадите ещё одну группу на родном языке, дайте нам знать.
+
+{% hint style='danger' %}
+
+Во всех группах запрещены: взрослый контент, политика, разжигание ненависти. Нарушителей будут карать баном.
+
+{% endhint %}
+
+Также обратите внимание на [канал с объявлениями от Project V](https://t.me/v2fly).
+
+## Twitter
+
+[ProjectV2Ray](https://twitter.com/projectv2ray) для длительного общения.
+
+## E-mail
+
+Если вы хотите поговорить с командой V2Ray тет-а-тет, напишите на один из адресов ниже.
+
+`love@v2ray.com`: Основной адрес для связи. Проверяется каждый день.
+
+`v2ray@protonmail.com`: Ящик на [ProtonMail](https://protonmail.com/) с оконечным шифрованием. Проверяем реже из-за сложностей использования.
+
+{% hint style='info' %}
+
+Мы очень загружены, так что не обещаем ответить на все письма. А общие вопросы лучше отправить в группы выше: другие пользователи, скорее всего, ответят быстрее.
+
+{% endhint %}
+
+Вы можете получить открытый ключ PGP, поискав `love@v2ray.com`. Ну или использовать приложенный ниже открытый ключ.
+
+```text
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: GPGTools - https://gpgtools.org
+
+mQINBFaPeDABEADAbh3mk58UbKKWndztFKchtTRzU2xFWWRHTdYaNv7Eoo06wrxu
+3eglp0vn+16DIfru4H62TQMS/XSvxib90c4c1tQ4FndVSzv896/IplLKzdrtgn85
+c9eEX4V5b/tKKUmyrG593A/oDdsrpwaIgbNJdzbfqh7WLYESAevRkFJmBZMgfObs
+0pVO/dX6TqS8iV/ARDPbPAzuLosTWXkrRi2+JQmEOKePLsdypRMV9bcgymDA8N6w
+EyGzHyZ2I4wAALtjHXipWFYSZ/4ZK9q9H8G0XV/pk9Y4OFLPGR7T3VCtMwVMhGZk
+CgtcwGOUoE68a/bb9P4FowONnM7tqjM5ef30qNbwe8dMY5DvThffEqQ70LnNc9sj
+OpJF6njxV9ktjjLa3imAB5AStfwX1mBTkQTwnlqAU4pVFcMD6/z+kRFTZGP9nbcY
+cxu5Fg1VVBHHbpgWS39uiwzIBSWVfZj2iHOPcJd9SCZW5xvClcVb1KsU9UD+D88m
+uWBp3TUmxf0f53Uo7Flka1a7MyAEhfcorYsaRioqtPxTZ1z7oYbPLRqLbwmln/YV
+va8XIINQ0hI5phz9kly76ksUqYSz1DRe924/1BwLMs1VzeayB81tOctYd3I7I0aF
+5bF+RLWk0mvYgDBhw/be03PMn17OAkmR6IKNsFcowByNiNaVCLqoE8YVqQARAQAB
+tCFWaWN0b3JpYSBSYXltb25kIDxsb3ZlQHYycmF5LmNvbT6JAj0EEwEKACcFAlaP
+eDACGwMFCQeGH4AFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQV4XalIxIroqu
+ORAAoZNV6LVaDIxjJgH7BFh0oDNEa7Qac+INxkqd62cAmN3vAEF0PlwUhcz80twY
+WvSPMwiLg85wdg/TzM8Ps8umWT6d9rhpkWnlZWyRFYJBpxn6vOpg0OHsgZpJ2+IM
+iREmjK4sYFvuJjGi9e/BT0Mh2+ObcJejwd/+w5vhKb5seva+hw9Fyq569Y2+KMWG
+1M29n3c7NZ6+abYuynxjGdHKOzaTUEGfjrGLZqROD7gb+xtXhBjqKr6jnYlZBAo5
+iEAgnnzbiuDoa6Au+PosB2XZQ+rkecu/3AvmTYZ3wcEJt3FC4Gf9jY2A16ypmArm
+ak2cmLAlz9CIXllFHjqvAHF68UCx2ptxzG3MoWhDFqws09zKSpwLcLdiAWbw//MM
+otzeekx3+b+fjMUa4Eyjg5CvBN0wv2IbEjti744b3HWXW9yOIDrsTrMd8iixfjAe
+3rt9egqTJkLlE8e57Rqnd3E8GpM6LWx8uYXo1aSFxayjJvf+Rvb4VzDA0DHElD2Q
+dRVXJ/mhd14RHDc2QtERcF69GZZ79GFLcTMcXXBlQMDsY0vwBJ56Gi/IGImz9JpT
+swSlU05VSdosMcr01niYoA9BEQjm9Smgd/1b+8qZEAIfvad+SabIRiDacOpN3xSh
+SZzLzIkPukbEp+5hzXt7x22w9M+D6W0Oo22hS8zfV1ZavUa5Ag0EVo94MAEQANoc
+tlwqgv2T372ucpnalh6js8Y/0KkpaevFK6pguZMP6frLX1J05mt+YRUp2UADeqGt
+kuGEiXFZ5cr+smngF0l0HbRkflnILV7wd1WJJmQnvtAbfJfO+tovawUhQH19dLkB
+8KMULcgs0Hrf7QLwus6zs9q0ASu/KkDuQj9gruwWfxk4W5MOQZohk0JcJAZAaBy/
+ojKxz/91YjP3JEEzZuLqLiOz4RK38UBi96u5NEkqrmwCe6SAtpCHsa0dpj6LYZ1y
+1ITmYSUnRwgol/UTRNySkZ2PozX6YFXrdZYtuWir0VClw50tFFkIOCaoT3Q5FpCO
+SSS8smLjT9AAr8U3OZNTfNCQtFSNo8FUBYhXmMgskRC7oeV+t6LJ3rdJxgdaFcA+
+GWL4srMedqxmbmW+8CYGIImmurjTy+C9zAtH88NFMYDnG312IIo9Cse3LnYl7eO/
+KBd3YNvCL096Yqd4B/31fFy74/HaGEfNH7jwLvaY4moRdTff4kBERj7u39UE/jG/
+b4NXmnezUZ55qkYQahoPkUIMzF0tn5bOIh1DOg55Wu/ZYe7DQJVE9L6te6KTxALy
+ycD4WtQaP58SZpxHhGzEjEicPsPE1PpyRoW+Dl8lL+ppMbCl9zAV++BjkNeL5xZN
+dsCtx/jbh+44X9VtK3G+2sdfdC6TqRbW/lELc8P7ABEBAAGJAiUEGAEKAA8FAlaP
+eDACGwwFCQeGH4AACgkQV4XalIxIrorw8RAAg4L9/s8eg90qhslfPjWzvMyi7RvV
+9erHwMB1utxjFDHKknTds2CvnS5JzjpjiT4BT8ICD9cetSP3d7WRNT/XmveeJXjB
+TCxmswrT4H451qsGsCg9eiKIV2is/GolHLnKAvEHICRGsFeCRSB2rNkgWSQ/YJIt
+6vLP1SvwTNY/Y8tyChSbCDaUpvmn4sYf6Qop1Svmn299+22ZVUBp20szsNw233SJ
+IZL0WxSdrMqTdVsZ70m6VEOjOSa15yLryZrwN9U7qbpe2MmuygI90TVGQK4nLZG+
+2XH2YVtBNTl9ZiFdpwq8d7+eMGcStKYQcdy6IZDd3cOeb2sTMUG31HJS3efTmSrT
+tZpOz8TDeNjami78zR5qcW1VmGYbxlZHEhQnpG3U4qWRUZsy5TOYIXKHqCNc3rYH
+iixcKE3UcyHBF7XjdKgpKtsgZfKoDXFz3XATJEeW80GEG05GVMoD9Yvf96Q7lvC6
+U83vL8mHNjuG60KvBk7A9grYaVFioqRvbTdPf41G+tJpYKrHSJXPGglxHnzvBfiD
+WWJIBRTyaCCglZLZ/a1sCsT1DciDWQoqqH7DuK2YvMXG3IDaOfoKAE/uW31azT0B
+X7R92mxQ+gCZgePwG4gOE/xAqHZh84VzdWZJ4cehPgHa/z/enqbQbiQAwTXld4Wt
+PeRpd1GUXXeoGCw=
+=To5T
+-----END PGP PUBLIC KEY BLOCK-----
+```
\ No newline at end of file
diff --git a/ru/welcome/install.md b/ru/welcome/install.md
new file mode 100644
index 000000000..6576b35af
--- /dev/null
+++ b/ru/welcome/install.md
@@ -0,0 +1,97 @@
+---
+refcn: chapter_00/install
+refen: welcome/install
+---
+
+# Загрузка и установка
+
+## Платформа {#platform}
+
+V2Ray доступен на следующих платформах:
+
+* Windows 7 и более поздние версии (x86 / amd64)
+* Mac OS X 10.10 Yosemite и более поздние версии (amd64)
+* Linux 2.6.23 и более поздние версии (x86 / amd64 / arm / arm64 / mips64 / mips)
+ * Включая, но не ограничиваясь, Debian 7/8, Ubuntu 12.04 / 14.04 и более поздние версии, CentOS 6/7, Arch Linux
+* FreeBSD (x86 / amd64)
+* OpenBSD (x86 / amd64)
+* Dragonfly BSD (amd64)
+
+## Загрузка {#download}
+
+Готовые пакеты можно найти здесь:
+
+1. Github Release: [github.com/v2ray/v2ray-core](https://github.com/v2ray/v2ray-core/releases)
+2. Зеркало: [github.com/v2ray/dist](https://github.com/v2ray/dist)
+3. Homebrew: [github.com/v2ray/homebrew-v2ray](https://github.com/v2ray/homebrew-v2ray)
+4. Arch Linux: [packages/community/x86_64/v2ray/](https://www.archlinux.org/packages/community/x86_64/v2ray/)
+5. Snapcraft: [snapcraft.io/v2ray-core](https://snapcraft.io/v2ray-core)
+
+Все пакеты находятся в формате ZIP. Загрузите и распакуйте подходящие пакеты в свою систему.
+
+## Verify {#verify}
+
+Существует два способа проверки пакетов.
+
+1. Каждый `.zip`-файл имеет одноименный `.dgst`-файл с контрольной суммой SHA.
+2. Файл подписи GPG для исполняемых файлов (v2ray / v2ray.exe) можно найти в файле v2ray.sig (или v2ray.exe.sig) в том же пакете. Открытый ключ находится [в хранилище](https://raw.githubusercontent.com/v2ray/v2ray-core/master/release/verify/official_release.asc).
+
+## Установка в Windows и Mac OS {#install-windows}
+
+Запустите v2ray / v2ray.exe после распаковки пакетов.
+
+## Установка в Linux {#install-linux}
+
+Мы предоставляем сценарий для установки в Linux. Этот сценарий обнаруживает предыдущую инсталляцию v2ray и затем обновляет старую или устанавливает новую. Если предыдущая версия обнаруживается, конфигурационный файл в /etc/v2ray не будет перезаписан во время обновления.
+
+Следующая команда требует прав суперпользователя.
+
+Выполните следующую команду для установки V2Ray. Если yum или apt доступны, скрипт установит unzip и daemon / systemd. Они необходимы для запуска V2Ray в качестве службы. Вам необходимо установить их вручную, если ваша система Linux не поддерживает yum или apt.
+
+```bash
+curl -Ls https://install.direct/go.sh | sudo bash
+```
+
+Этот сценарий устанавливает следующие файлы.
+
+* `/usr/bin/v2ray/v2ray`: Исполняемый файл V2Ray
+* `/usr/bin/v2ray/v2ctl`: Утилита управления
+* `/etc/v2ray/config.json`: Файл с настройками
+* `/usr/bin/v2ray/geoip.dat`: Файл с данными об IP
+* `/usr/bin/v2ray/geosite.dat`: Файл с данными о доменах
+
+Этот сценарий также настраивает V2Ray для запуска в качестве службы, если systemd доступен.
+
+Конфигурации находятся в следующих местах.
+
+* `/etc/systemd/system/v2ray.service`: Systemd
+* `/etc/init.d/v2ray`: SysV
+
+После установки необходимо:
+
+1. Изменить файл `/etc/v2ray/config.json` так, как вам необходимо.
+2. Выполнить команду `service v2ray start` для запуска V2Ray.
+3. Опционально выполнить `service v2ray start|stop|status|reload|restart|force-reload` для управления службой V2Ray.
+
+### go.sh {#gosh}
+
+go.sh поддерживает следующие параметры.
+
+* `-p` или `--proxy`: Использовать прокси для загрузки пакетов V2Ray. Формат такой же, как и у curl. Например, `"socks5://127.0.0.1:1080"` или `"http://127.0.0.1:3128"`.
+* `-f` или `--force`: Принудительная установка. Сценарий предполагает, что V2Ray не был установлен вообще.
+* `--version`: Версия, которая должна быть установлена, например `"v1.13"`. Значение по умолчанию - это последняя стабильная версия.
+* `--local`: Использовать локальный пакет для установки.
+
+Примеры:
+
+* Использовать SOCKS-прокси 127.0.0.1:1080 для установки последнего пакета: ```./go.sh -p socks5://127.0.0.1:1080```
+* Установить v1.13 из локального файла:```./go.sh --version v1.13 --local /path/to/v2ray.zip```
+
+## Docker {#docker}
+
+V2Ray предоставляет два типа докер-контейнеров:
+
+* [v2ray/official](https://hub.docker.com/r/v2ray/official/): Официальные релизы.
+* [v2ray/dev](https://hub.docker.com/r/v2ray/dev/): Свежайший код (в разработке).
+
+Контейнеры имеют ту же структуру, что и установленный Linux.
\ No newline at end of file
diff --git a/ru/welcome/license.md b/ru/welcome/license.md
new file mode 100644
index 000000000..2c75f95ac
--- /dev/null
+++ b/ru/welcome/license.md
@@ -0,0 +1,34 @@
+---
+refcn: chapter_00/license
+refen: welcome/license
+---
+# Лицензия
+
+Project V использует следующую лицензию.
+
+## V2Ray
+
+Исходный код и официальные релизы распространяются под лицензией MIT, включая данные в следующих репозиториях.
+
+* [v2ray/v2ray-core](https://www.github.com/v2ray/v2ray-core/)
+* [v2ray/ext](https://www.github.com/v2ray/ext)
+
+## V2Ray.Com
+
+Официальный веб-сайт, [v2ray.com](https://www.v2ray.com/), лицензируется на условиях [Creative Commons Attribution 4.0 International License](https://creativecommons.org/licenses/by/4.0/).
+
+* Включая все видимые тексты и изображения на веб-сайте.
+* В том числе логотип Project V.
+* Включая весь исходный код, который используется для создания веб-сайта, а именно, [v2ray/manual](https://www.github.com/v2ray/manual).
+
+## Скриншоты и другие файлы {#screenshots}
+
+Все файлы третьих лиц, перечисленные ниже, принадлежат их создателям. Файлы принадлежат тем, кто их создал.
+
+* Включая все скриншоты Project V.
+* Включая все файлы конфигурации, которые используются для запуска Project V.
+* Включая все логи, созданные Project V во время выполнения.
+
+## Другой контент {#other}
+
+Все не упомянутые выше материалы лицензируются индивидуально.
\ No newline at end of file
diff --git a/ru/welcome/pgp.md b/ru/welcome/pgp.md
new file mode 100644
index 000000000..e3bbf8aed
--- /dev/null
+++ b/ru/welcome/pgp.md
@@ -0,0 +1,71 @@
+---
+refcn: chapter_00/pgp
+refen: welcome/pgp
+---
+# Приватное сообщение
+
+Отправьте сообщение на один из адресов ниже, если вы хотите приватно поговорить с командой V2Ray.
+
+1. `love@v2ray.com`
+2. `v2ray@protonmail.com`
+
+\#1 is based on Gmail. If you concern the privacy of email content, please consider using the PGP public key below.
+
+\#2 основан на ProtonMail, который использует сквозное шифрование.
+
+К сожалению из-за высокой рабочей нагрузки, не обещаем, что на каждое письмо будет дан ответ. Извините за неудобства. Для быстрого ответа на вопросы, связанные с использованием V2Ray, пожалуйста, обратитесь к нашему [сообществу](../get_started/issue.md).
+
+```text
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: GPGTools - https://gpgtools.org
+
+mQINBFaPeDABEADAbh3mk58UbKKWndztFKchtTRzU2xFWWRHTdYaNv7Eoo06wrxu
+3eglp0vn+16DIfru4H62TQMS/XSvxib90c4c1tQ4FndVSzv896/IplLKzdrtgn85
+c9eEX4V5b/tKKUmyrG593A/oDdsrpwaIgbNJdzbfqh7WLYESAevRkFJmBZMgfObs
+0pVO/dX6TqS8iV/ARDPbPAzuLosTWXkrRi2+JQmEOKePLsdypRMV9bcgymDA8N6w
+EyGzHyZ2I4wAALtjHXipWFYSZ/4ZK9q9H8G0XV/pk9Y4OFLPGR7T3VCtMwVMhGZk
+CgtcwGOUoE68a/bb9P4FowONnM7tqjM5ef30qNbwe8dMY5DvThffEqQ70LnNc9sj
+OpJF6njxV9ktjjLa3imAB5AStfwX1mBTkQTwnlqAU4pVFcMD6/z+kRFTZGP9nbcY
+cxu5Fg1VVBHHbpgWS39uiwzIBSWVfZj2iHOPcJd9SCZW5xvClcVb1KsU9UD+D88m
+uWBp3TUmxf0f53Uo7Flka1a7MyAEhfcorYsaRioqtPxTZ1z7oYbPLRqLbwmln/YV
+va8XIINQ0hI5phz9kly76ksUqYSz1DRe924/1BwLMs1VzeayB81tOctYd3I7I0aF
+5bF+RLWk0mvYgDBhw/be03PMn17OAkmR6IKNsFcowByNiNaVCLqoE8YVqQARAQAB
+tCFWaWN0b3JpYSBSYXltb25kIDxsb3ZlQHYycmF5LmNvbT6JAj0EEwEKACcFAlaP
+eDACGwMFCQeGH4AFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQV4XalIxIroqu
+ORAAoZNV6LVaDIxjJgH7BFh0oDNEa7Qac+INxkqd62cAmN3vAEF0PlwUhcz80twY
+WvSPMwiLg85wdg/TzM8Ps8umWT6d9rhpkWnlZWyRFYJBpxn6vOpg0OHsgZpJ2+IM
+iREmjK4sYFvuJjGi9e/BT0Mh2+ObcJejwd/+w5vhKb5seva+hw9Fyq569Y2+KMWG
+1M29n3c7NZ6+abYuynxjGdHKOzaTUEGfjrGLZqROD7gb+xtXhBjqKr6jnYlZBAo5
+iEAgnnzbiuDoa6Au+PosB2XZQ+rkecu/3AvmTYZ3wcEJt3FC4Gf9jY2A16ypmArm
+ak2cmLAlz9CIXllFHjqvAHF68UCx2ptxzG3MoWhDFqws09zKSpwLcLdiAWbw//MM
+otzeekx3+b+fjMUa4Eyjg5CvBN0wv2IbEjti744b3HWXW9yOIDrsTrMd8iixfjAe
+3rt9egqTJkLlE8e57Rqnd3E8GpM6LWx8uYXo1aSFxayjJvf+Rvb4VzDA0DHElD2Q
+dRVXJ/mhd14RHDc2QtERcF69GZZ79GFLcTMcXXBlQMDsY0vwBJ56Gi/IGImz9JpT
+swSlU05VSdosMcr01niYoA9BEQjm9Smgd/1b+8qZEAIfvad+SabIRiDacOpN3xSh
+SZzLzIkPukbEp+5hzXt7x22w9M+D6W0Oo22hS8zfV1ZavUa5Ag0EVo94MAEQANoc
+tlwqgv2T372ucpnalh6js8Y/0KkpaevFK6pguZMP6frLX1J05mt+YRUp2UADeqGt
+kuGEiXFZ5cr+smngF0l0HbRkflnILV7wd1WJJmQnvtAbfJfO+tovawUhQH19dLkB
+8KMULcgs0Hrf7QLwus6zs9q0ASu/KkDuQj9gruwWfxk4W5MOQZohk0JcJAZAaBy/
+ojKxz/91YjP3JEEzZuLqLiOz4RK38UBi96u5NEkqrmwCe6SAtpCHsa0dpj6LYZ1y
+1ITmYSUnRwgol/UTRNySkZ2PozX6YFXrdZYtuWir0VClw50tFFkIOCaoT3Q5FpCO
+SSS8smLjT9AAr8U3OZNTfNCQtFSNo8FUBYhXmMgskRC7oeV+t6LJ3rdJxgdaFcA+
+GWL4srMedqxmbmW+8CYGIImmurjTy+C9zAtH88NFMYDnG312IIo9Cse3LnYl7eO/
+KBd3YNvCL096Yqd4B/31fFy74/HaGEfNH7jwLvaY4moRdTff4kBERj7u39UE/jG/
+b4NXmnezUZ55qkYQahoPkUIMzF0tn5bOIh1DOg55Wu/ZYe7DQJVE9L6te6KTxALy
+ycD4WtQaP58SZpxHhGzEjEicPsPE1PpyRoW+Dl8lL+ppMbCl9zAV++BjkNeL5xZN
+dsCtx/jbh+44X9VtK3G+2sdfdC6TqRbW/lELc8P7ABEBAAGJAiUEGAEKAA8FAlaP
+eDACGwwFCQeGH4AACgkQV4XalIxIrorw8RAAg4L9/s8eg90qhslfPjWzvMyi7RvV
+9erHwMB1utxjFDHKknTds2CvnS5JzjpjiT4BT8ICD9cetSP3d7WRNT/XmveeJXjB
+TCxmswrT4H451qsGsCg9eiKIV2is/GolHLnKAvEHICRGsFeCRSB2rNkgWSQ/YJIt
+6vLP1SvwTNY/Y8tyChSbCDaUpvmn4sYf6Qop1Svmn299+22ZVUBp20szsNw233SJ
+IZL0WxSdrMqTdVsZ70m6VEOjOSa15yLryZrwN9U7qbpe2MmuygI90TVGQK4nLZG+
+2XH2YVtBNTl9ZiFdpwq8d7+eMGcStKYQcdy6IZDd3cOeb2sTMUG31HJS3efTmSrT
+tZpOz8TDeNjami78zR5qcW1VmGYbxlZHEhQnpG3U4qWRUZsy5TOYIXKHqCNc3rYH
+iixcKE3UcyHBF7XjdKgpKtsgZfKoDXFz3XATJEeW80GEG05GVMoD9Yvf96Q7lvC6
+U83vL8mHNjuG60KvBk7A9grYaVFioqRvbTdPf41G+tJpYKrHSJXPGglxHnzvBfiD
+WWJIBRTyaCCglZLZ/a1sCsT1DciDWQoqqH7DuK2YvMXG3IDaOfoKAE/uW31azT0B
+X7R92mxQ+gCZgePwG4gOE/xAqHZh84VzdWZJ4cehPgHa/z/enqbQbiQAwTXld4Wt
+PeRpd1GUXXeoGCw=
+=To5T
+-----END PGP PUBLIC KEY BLOCK-----
+```
\ No newline at end of file
diff --git a/ru/welcome/start.md b/ru/welcome/start.md
new file mode 100644
index 000000000..0081b8f51
--- /dev/null
+++ b/ru/welcome/start.md
@@ -0,0 +1,78 @@
+---
+refcn: chapter_00/start
+refen: welcome/start
+---
+
+# Быстрый старт
+
+Вам необходимо настроить V2Ray после его установки. Вот быстрая конфигурация для демонстрационного запуска. Детально настройки рассматриваются в [Обзоре настроек](../configuration/overview.md).
+
+## Клиент {#client}
+
+Запустите V2Ray со следующей конфигурацией на вашем ПК (или мобильном).
+
+```javascript
+{
+ "inbounds": [{
+ "port": 1080, // Port of socks5 proxy. Настройте браузер на использование этого порта.
+ "listen": "127.0.0.1",
+ "protocol": "socks",
+ "settings": {
+ "udp": true
+ }
+ }],
+ "outbounds": [{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "server", // Address of your V2Ray server. Может быть IP или доменным именем.
+ "port": 10086, // Порт сервера V2Ray.
+ "users": [{ "id": "b831381d-6324-4d53-ad4f-8cda48b30811" }]
+ }]
+ }
+ },{
+ "protocol": "freedom",
+ "tag": "direct",
+ "settings": {}
+ }],
+ "routing": {
+ "domainStrategy": "IPOnDemand",
+ "rules": [{
+ "type": "field",
+ "ip": ["geoip:private"],
+ "outboundTag": "direct"
+ }]
+ }
+}
+```
+
+Измените IP-адрес своего сервера V2Ray, как указано выше в комментариях. После этого начнёт V2Ray проксировать весь трафик с вашего ПК на сервер V2Ray, за исключением внутрисетевого трафика.
+
+## Сервер {#server}
+
+Вам нужен еще один компьютер для запуска V2Ray в качестве сервера. Обычно этот компьютер находится за пределами файрвола (локального или глобального). Вот пример конфигурации.
+
+```javascript
+{
+ "inbounds": [{
+ "port": 10086, // Port of the server. Должен быть таким же, как упомянутый выше.
+ "protocol": "vmess",
+ "settings": {
+ "clients": [{ "id": "b831381d-6324-4d53-ad4f-8cda48b30811" }]
+ }
+ }],
+ "outbounds": [{
+ "protocol": "freedom",
+ "settings": {}
+ }]
+}
+```
+
+Убедитесь, что поле `id` одинаково на клиенте и сервере.
+
+## Запуск {#running}
+
+* В Windows и macOS файл конфигурации находится в том же каталоге, что и исполнимый файл V2Ray. Вы можете запустить `v2ray` или `v2ray.exe` без дополнительных параметров.
+* На Linux файл конфигурации обычно находится в `/etc/v2ray/config.json`. Выполните `v2ray --config=/etc/v2ray/config.json` в консоли или используйте другие инструменты, типа systemd, для запуска V2Ray в качестве фонового процесса.
+
+Детально настройки рассматриваются в [Обзоре настроек](../configuration/overview.md).
\ No newline at end of file
diff --git a/ru/welcome/tg.md b/ru/welcome/tg.md
new file mode 100644
index 000000000..b928ebcd7
--- /dev/null
+++ b/ru/welcome/tg.md
@@ -0,0 +1,40 @@
+---
+refcn: chapter_00/tg
+refen: welcome/tg
+---
+# Группа в Telegram
+
+Project V предоставляет следующие группы для разных типов обсуждений.
+
+1. [Использование](https://t.me/v2fly_chat): Использование Project V.
+2. [Другое](https://t.me/joinchat/DNcazUIYaH80uVfeS716jg): Другие темы.
+
+Также обратите внимание на [канал с объявлениями от Project V](https://t.me/v2fly).
+
+## Правила
+
+Разрешенные/запрещенные темы перечислены ниже.
+
+| / | Использование | Другое |
+| --------------------:|:--------------------------------:|:--------------------------------:|
+| Разработка Project V | ✔ | ✔ |
+| Алгоритмы | ✔ | ✔ |
+| Сети компьютеров | ✔ | ✔ |
+| Обход цензуры | ✔ | ✔ |
+| Использование V2Ray | ✔ | ✔ |
+| Развертывание V2Ray | ✔ | ✔ |
+| Связанное ПО | ✔ | ✔ |
+| Картинки с мемами | ✘✘ | ✔ |
+| Политика | ✘ | ✔ |
+| Болтовня | ✘ | ✔ |
+| Реклама | ✘✘ | ✘✘ |
+| 18+ | ✘✘✘ | ✘✘✘ |
+| Лучи ненависти | ✘✘✘ | ✘✘✘ |
+| Кража личных данных | ✘✘✘✘ | ✘✘✘✘ |
+
+### Кара за нарушения
+
+1. ✘ немедленное удаление сразу же после уведомления.
+2. ✘✘ - постер улетает в бан на неделю.
+3. ✘✘✘ - постер улетает в бан на месяц.
+4. ✘✘✘✘ - постер улетает в бан навечно.
\ No newline at end of file
diff --git a/ru/welcome/versions.md b/ru/welcome/versions.md
new file mode 100644
index 000000000..e211d0560
--- /dev/null
+++ b/ru/welcome/versions.md
@@ -0,0 +1,487 @@
+---
+refcn: chapter_00/01_versions
+refen: welcome/versions
+---
+
+# История версий
+
+На этой странице перечислены регулярные выпуски с обновлениями функций. Если релиз Github здесь не указан, он обычно содержит только исправления ошибок.
+
+## 2019.03.01 v4.18
+
+* Port list in routing rules now supports mixed format.
+* Updated `geosite` information in routing, and description for static hosts in DNS.
+* Option to not use system root CAs for TLS handshake.
+* New routing rule for traffic attributes.
+
+## 2019.02.22 v4.17
+
+* New sub-command `tlsping` in V2Ctl.
+
+## 2019.02.15 v4.16
+
+For end users:
+
+* DNS outbound proxy now supports to modify DNS server info.
+
+For developers:
+
+* 'ext' repository is now deprecated. [#1541](https://github.com/v2ray/v2ray-core/issues/1541)
+
+## 2019.02.08 v4.15
+
+* DNS outbound proxy.
+
+## 2019.02.01 v4.14
+
+* Static DNS mapping now supports domain to domain mapping.
+
+## 2019.01.18 v4.13
+
+* Quic lib updated. It is not compatible with previous versions.
+* DNS now have `tag` settings.
+
+## 2019.01.11 v4.11
+
+Для разработчиков:
+
+* New method: [core.DialUDP](https://github.com/v2ray/v2ray-core/blob/b52725cf659e0f7a38fed2eb36a5a792843bd54f/functions.go#L65)
+* [internet.DialSystem](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/dialer.go#L66) now uses [internet.ListenSystemPacket](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/tcp_hub.go#L65) to establish UDP connections.
+
+## 2018.12.07 v4.8
+
+For end users:
+
+* Bug fixes
+
+For developers:
+
+* New [API doc](https://github.com/v2ray/v2ray-core/blob/master/annotations.go#L13)
+* New method: [internet.RegisterListenerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_listener.go#L63)
+* New method: [internet.RegisterDialerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_dialer.go#L105)
+
+## 2018.11.30 v4.7
+
+* Freedom now supports for dialing IPv4 or IPv6 address only.
+* New QUIC transport.
+
+## 2018.11.23 v4.6
+
+* Freedom now can automatically choose between IPv4 and IPv6 destination address, based on `SendThrough` settings.
+
+## 2018.11.16 v4.4
+
+* Load balancer rules in routing.
+* Memory usage gets optimized.
+
+## 2018.11.05 v4.1
+
+* JSON configuration format changes. Old format is still suported.
+* Performance on GeoIP matching is improved.
+
+## 2018.11.02 v4.0
+
+* Reverse proxy.
+* Release packages for ppc64 and ppc64le.
+
+## 2018.10.12 v3.47
+
+* Migrate to a new continuous delivery pipeline
+
+## 2018.09.28 v3.44
+
+* Dokodemo-door now supports TProxy in Linux.
+
+## 2018.09.21 v3.43
+
+* DNS now supports on-demand queries by domain.
+
+## 2018.09.14 v3.40
+
+* New socket options in transport configuration. It can be used to setup VPNs.
+* New TCP Fast Open option in transport configuration.
+
+## 2018.09.03 v3.38
+
+* mKCP has a new WireGuard header.
+* Fix softfloat binaries in mips/mips64.
+
+## 2018.08.31 v3.37
+
+* Performance of reading network connection in optilized. See [Environment Variables](../configuration/env.md)。
+* VMess uses AES-128-GCM by default on ARM64.
+* Built by Go 1.11.
+
+## 2018.08.24 v3.36
+
+* Great performance improvement on subdomain matching (`domain:`) in routing.
+* Full domain matching is now supported in routing.
+
+## 2018.08.07 v3.34
+
+* Better memory management on most devices.
+
+## 2018.07.27 v3.32
+
+* BitTorrent traffic can now be sniff'ed.
+* New `protocol` option in routing rules for protocol-based routing.
+* New `geosite:speedtest` option in routing rules to match all public servers of speedtest.net.
+
+## 2018.07.20 v3.31
+
+* New [Domain Socket transport](../configuration/transport/domainsocket.md) (Thanks to @xiaokangwang).
+
+## 2018.07.13 v3.30
+
+* Fix an issue that may cause broken connections in mKCP.
+* Thanks to [our friends](https://crowdin.com/project/v2ray) who speak Russian. Now our documents are in [Russian](https://www.v2ray.com/ru/).
+
+## 2018.07.06 v3.29
+
+* New inbound and outbound for MTProto proxy.
+
+## 2018.06.29 v3.27
+
+* DNS now supports EDNS client subnet.
+* DNS static host now supports sub-domain matching.
+
+## 2018.06.15 v3.26
+
+* Add Dragonfly BSD release.
+
+## 2018.06.01 v3.24
+
+* Internal buffer size (per connection) can now be configured in JSON configuration.
+* mKCP now supports DTLS 1.2 header.
+* TLS transport now only support cipher suites in TLS 1.3 spec.
+
+## 2018.05.25 v3.23
+
+* In JSON configuration, port can now be specified from env variables.
+* JSON config now supports to load domains and IPs from specified files.
+
+## 2018.04.20 v3.19
+
+* Traffic stats for inbound proxies.
+
+## 2018.04.13 v3.17
+
+* V2Ray can load config file from HTTP(s).
+* TLS in V2Ray can issue new certificates by provided CA certificates for domains in incoming requests.
+* [HTTP/2](../configuration/transport/h2.md) transport.
+
+## 2018.04.06 v3.16
+
+* [Statistics](../configuration/stats.md).
+* Shadowsocks inbound now can be configured to only listen on UDP. Strongly recommend to not listen on both TCP and UDP on the same port.
+
+## 2018.03.02 v3.11
+
+* A new settings is introduced in VMess inbound, to forbid client using insecure encryption methods.
+* Offers ARMv7 release.
+* Offers MIPS release that doesn't require FPU.
+
+## 2018.02.23 v3.10
+
+* Log entries now contain session ID to distinguish proxy sessions.
+* Bug fixes.
+
+## 2018.02.15 v3.9
+
+* Happy New Year!
+* Bug fixes.
+
+## 2018.02.09 v3.7
+
+* Developer preview: [Remote API](../configuration/api.md)。
+* Bug fixes.
+
+## 2017.12.29 v3.5
+
+* Geoip now supports private network address under name "private".
+
+## 2017.12.22 v3.4
+
+* Websocket nows uses value of X-Forwarded-For header as source address.
+* Support s390x CPU architecture.
+
+## 2017.12.08 v3.1
+
+* Support policy.
+* Config file location can be specified via environment variable.
+
+## 2017.12.01 v3.0
+
+* Support Shadowsocks AEAD
+
+## 2017.11.18 v2.50
+
+* `v2ray` now tried to use `v2ctl` for configuration parsing. Please make sure these 2 files are in the same directory.
+* New `IPOnDemand` strategy in routing.
+
+## 2017.11.10 v2.47
+
+* `geosite` data is now in `geosite.dat` file.
+* Bug fixes.
+
+## 2017.11.03 v2.46
+
+* Router now supports `geosite:cn`, equivalent to existing `chinasites`, but more flexible.
+* Router now supports `geoip`.
+ * File `geoip.dat` is added to release packages. This file contains all `geoip` information and has to stay in the same directory of `v2ray` program. Due to delayed update of installation script, you may have to copy the file manually.
+* Program `v2ctl` is added to release packages. You may run `v2ctl verify /path/to/v2ray` to verify the signature of `v2ray` program.
+
+## 2017.10.27 v2.44
+
+* HTTP now supports Basic Authentication.
+* Some bugs are fixed.
+
+## 2017.10.06 v2.40
+
+* Fix an issue that causes memory leak.
+
+## 2017.09.29 v2.39
+
+* Inbound proxies now close connections more quickly when remote server closes them.
+* Default connection timeout changes to 5 minutes.
+
+## 2017.05.12 v2.27
+
+* New domain mode in router.
+
+## 2017.05.05 v2.26
+
+* Stability fixes.
+
+## 2017.04.28 v2.25
+
+* Simple sniffing on HTTP and TLS traffic for the actual domain on request.
+
+## 2017.04.21 v2.24
+
+* Stabilize Mux.
+* Improves memory efficiency.
+
+## 2017.04.15 v2.23
+
+* Performance improvement in Mux.
+* Max number of connections can be configured in Mux now.
+* Performance improvement in HTTP inbound.
+* connectionReuse setting is removed in favor of Mux.
+
+## 2017.04.08 v2.22
+
+* Mux.Cool protocol.
+
+## 2017.02.25 v2.20
+
+* GPG signature is added to download package.
+* New binary wv2ray.exe is added to Windows package, which runs as a background application.
+
+## 2017.02.18 v2.19
+
+* A new mechanism for anti reply attack is now enforced on server side.
+ * No impact to existing clients.
+* Upgrade of VMess AES-128-GCM / Chacha20-Poly1305 / None encryption methods.
+ * Please upgrade client and server at once.
+ * AES-128-CFB is not affected.
+* Built with Golang 1.8. Add 32-bit MIPS support.
+
+## 2017.02.11 v2.18
+
+* Cleanup WebSocket code.
+* Remove allowPassive option. Now passive connections are always allowed.
+* Bug fixes
+
+## 2017.02.04 v2.17
+
+* Bug fixes.
+
+## 2017.01.28 v2.16
+
+* New 'redirect' option in freedom. It can be used to adapt tools like Shadowsocks Obfs.
+* Performance improvement in VMess non-encryption mode. Not compatible with previous versions.
+* Happy New Year!
+
+## 2017.01.16 v2.15
+
+* All proxies can use mKCP and WebSocket now.
+
+## 2017.01.09 v2.14
+
+* Socks 5 outbound.
+* Bug fixes.
+
+## 2017.01.02 v2.13
+
+* Bug fixes.
+
+## 2016.12.26 v2.12
+
+* Bug fixes.
+
+## 2016.12.19 v2.11
+
+* JSON config file now supports comment.
+
+## 2016.12.12 v2.10
+
+* VMess now supports AES-GCM and ChaCha20-Poly1305 encryption methods.
+
+## 2016.12.05 v2.9
+
+* Fix compatibility with Alpine Linux.
+
+## 2016.11.28 v2.8
+
+* Shadowsocks server now accepts OTA settings.
+* Bug fixes.
+
+## 2016.11.21 v2.7
+
+* Main inbound and outbound connection handler can be tagged now.
+* Bug fixes.
+
+## 2016.11.14 v2.6
+
+* Data sent by one outbound can be proxied to another outbound.
+* Routing can be based on inbound tag.
+
+## 2016.11.07 v2.5
+
+* New Shadowsocks outbound;
+* New TCP header: HTTP;
+
+## 2016.10.24 v2.4
+
+* TCP / mKCP / WebSocket can be configured per inbound / outbound;
+* Routing can be done on source IP;
+
+## 2016.10.17 v2.3
+
+* Introduce new Protobuf-based configuration;
+* OpenBSD binaries;
+* Small fixes;
+
+## 2016.09.19 v2.2
+
+* New transport: WebSocket (Thanks to [@xiaokangwang](https://github.com/xiaokangwang));
+
+## 2016.09.19 v2.1
+
+* mKCP performance improvement;
+
+## 2016.08.20 v2.0
+
+* One year;
+
+## 2016.08.15 v1.24
+
+* New mKCP header: utp;
+* New option in inbound connection config "allowPassive" to allow passive connection;
+
+## 2016.08.08 v1.23
+
+* Optimize mKCP packet format. This version of mKCP is NOT compatible with previous ones;
+* mKCP can now be configured to disguise as video data.
+
+## 2016.08.01 v1.22
+
+* Fix a memory leak in mKCP;
+* Add FreeBSD release;
+
+## 2016.07.25 v1.21
+
+* High performance Chacha20 (Thanks to aead@);
+* Bug fixes;
+
+## 2016.07.18 v1.20
+
+* New KCP options: readBufferSize and writeBufferSize;
+* Bug fixes;
+
+## 2016.07.11 v1.19
+
+* Enable TLS option for all proxies;
+* Fix a performance issue in KCP;
+* Fix an issue in KCP that could cause EOF response;
+
+## 2016.07.04 v1.18
+
+* Fix a "too many open files" issue in KCP;
+* KCP now uses fewer CPU;
+* Other bug fixes;
+
+## 2016.06.19 v1.17
+
+* KCP now is integrated into V2Ray. (Special thanks to [xiaokangwang](https://github.com/xiaokangwang), [xtaci](https://github.com/xtaci) and [skywind3000](https://github.com/skywind3000))
+* Minor bug fixes
+
+## 2016.06.12 v1.16
+
+* TCP connection reuse is now enabled by default;
+* Dokodemo-door is able to recognize TCP connection redirected by iptables;
+* Blackhole is able to send back HTTP forbidden data;
+
+## 2016.06.05 v1.15
+
+* Optionally reuse TCP connection for better performance;
+* Allow listening on a specific IP address;
+* Allow sending data through a specific IP address;
+* Fix an issue in HTTP proxy that may exhaust memory;
+
+## 2016.05.29 v1.14
+
+* Fix a panic issue in http proxy;
+* More functionalies in install script;
+* Static route in DNS;
+* Official server address change;
+
+## 2016.05.16 v1.13
+
+* Internal DNS server, to provide better routing results combined with chinasites and chinaip;
+* Fix an issue in UDP relay;
+
+## 2016.05.01 v1.12.1
+
+* Fix a bug in VMess.
+
+## 2016.05.01 v1.12
+
+* Second try to fix the memory usage issue;
+* Improve Shadowsocks performance;
+* New option "none" in loglevel;
+
+## 2016.04.18 v1.11
+
+* Try to fix the memory usage issue.
+
+## 2016.03.07 v1.10
+
+* Fix an performance issue when dynamic ports refreshes.
+
+## 2016.02.29 v1.9.1
+
+* Fix Shadowsocks one-time authentication (OTA) issue.
+
+## 2016.02.29 v1.9
+
+* Support for Shadowsocks ChaCha20 encryption;
+* Add more direct connection sites to the default configuration file;
+* Dynamic ports now automatically create an account.
+
+## 2016.02.22 v1.8
+
+* Update installation script install-release.sh (thanks, @netcookies):
+ * You can now automatically stop the V2Ray process and update automatically after the completion of V2Ray;
+ * The install-release.sh accepts the --proxy argument and V2Ray specified proxy download;
+* Use Go 1.6 compiler to improve the performance of AES encryption;
+* Minor fixes;
+* Update the official server IP (please re-download the installation package to get the latest configuration).
+
+## 2016.02.08 v1.7
+
+* UDP relay performance improved;
+* Shadowsocks security improved;
+* Minor fixes;
+* Happy new year!
\ No newline at end of file
diff --git a/ru/welcome/workflow.md b/ru/welcome/workflow.md
new file mode 100644
index 000000000..bf45b5442
--- /dev/null
+++ b/ru/welcome/workflow.md
@@ -0,0 +1,60 @@
+---
+refcn: chapter_00/workflow
+refen: welcome/workflow
+---
+
+# Принцип работы
+
+## Одиночный сервер
+
+Как и в случае с другими прокси, вам нужен прокси-сервер, с запущенным V2Ray. Вы можете подключаться к Интернету через этот сервер с ПК, мобильных и других устройств.
+
+```mermaid
+graph LR;
+A(ПК) -.- B(Файрвол);
+B -.-> C(Заблокированный сайт);
+A --> D(V2Ray/VPS);
+D --> C;
+A --> E(Обычный сайт);
+```
+
+V2Ray поддерживает соединения с нескольких устройств с различными протоколами одновременно. В то же время механизм локальной маршрутизации может грамотно проксировать только необходимые соединения.
+
+## Мост из серверов
+
+Если вам не хочется настраивать V2Ray на каждом устройстве, вы можете настроить сервер до файрвола, весь трафик будет проходить через этот сервер. Сервер сам будет маршрутизировать соединения.
+
+```mermaid
+graph LR;
+A(ПК) -.-> B(Файрвол);
+B -.-> C(Заблокированный сайт);
+A --> D(VPS 1);
+D --> E(VPS 2);
+E --> C;
+D --> F(Обычный сайт);
+```
+
+## Внутреннее устройство
+
+Изнутри V2Ray выглядит как показано ниже. Он поддерживает несколько входящих прокси-соединений и несколько исходящих. Каждое из них независимо от других.
+
+```mermaid
+graph LR;
+A1(вход) --> D(Распределитель / Маршрутизатор / DNS);
+A2(вход) --> D;
+A3(вход) --> D;
+A4(вход) --> D;
+D --> B1(выход);
+D --> B2(выход);
+D --> B3(выход);
+D --> B4(выход);
+```
+
+Замечания:
+
+* Вы должны настроить как минимум одно входящее и одно исходящее соединение, чтобы заставить V2Ray работать.
+* Прокси на входе взаимодействует с клиентским программным обеспечением, например, браузером.
+* Прокси на выходе взаимодействует с удаленным сервером, например Apache, на котором крутится сайт.
+* Диспетчер выбирает исходящее соединение для запроса на основе настраиваемых правил.
+
+Детально настройки рассматриваются [здесь](../configuration/overview.md).
\ No newline at end of file
diff --git a/vi/README.md b/vi/README.md
new file mode 100644
index 000000000..b80a71f2e
--- /dev/null
+++ b/vi/README.md
@@ -0,0 +1,25 @@
+---
+refcn: index
+refen: index
+---
+
+# Project V
+
+Project V là một tập hợp các công cụ giúp bạn xây dựng mạng riêng tư qua internet. Cốt lõi của Project V, có tên là `V2Ray`, chịu trách nhiệm về các giao thức mạng và truyền thông. Nó có thể làm việc một mình, cũng như kết hợp với các công cụ khác.
+
+Trang web này chủ yếu là một hướng dẫn cho V2Ray, với một số thông tin bổ sung liên quan đến toàn bộ dự án.
+
+## Tính năng, đặc điểm
+
+* Nhiều proxy gửi đến / đi: một cá thể V2Ray hỗ trợ song song nhiều giao thức trong và ngoài. Mỗi giao thức hoạt động độc lập.
+* Định tuyến tùy chỉnh: lưu lượng truy cập đến có thể được gửi đến các giới hạn khác nhau dựa trên cấu hình định tuyến. Thật dễ dàng để định tuyến lưu lượng truy cập theo vùng hoặc miền mục tiêu.
+* Nhiều giao thức: V2Ray hỗ trợ nhiều giao thức, bao gồm Socks, HTTP, Shadowsocks, VMess, vv Mỗi giao thức có thể có giao vận riêng của nó, chẳng hạn như TCP, mKCP, WebSocket, v.v.
+* Obfuscation: V2Ray đã xây dựng trong obfuscation để ẩn lưu lượng truy cập trong TLS, và có thể chạy song song với các máy chủ web.
+* Reverse proxy: Hỗ trợ chung proxy ngược. Có thể được sử dụng để xây dựng đường hầm cho localhost.
+* Nhiều nền tảng: V2Ray chạy nguyên bản trên Windows, Mac OS, Linux, v.v. Ngoài ra còn có hỗ trợ của bên thứ ba trên thiết bị di động.
+
+{% hint style='info' %}
+
+This site is generated by GitBook, and host on GitHub. If you'd like to modify its content, please send pull request to [this repo](https://github.com/v2ray/manual).
+
+{% endhint %}
\ No newline at end of file
diff --git a/vi/SUMMARY.md b/vi/SUMMARY.md
new file mode 100644
index 000000000..86e30c817
--- /dev/null
+++ b/vi/SUMMARY.md
@@ -0,0 +1,51 @@
+# Summary
+
+* [Project V](README.md)
+ * [Lịch sử phiên bản](welcome/versions.md)
+ * [Quy trình làm việc](welcome/workflow.md)
+ * [cài đặt, dựng lên](welcome/install.md)
+ * [Bắt đầu nhanh](welcome/start.md)
+ * [Dòng lệnh](welcome/command.md)
+ * [Quyên góp](welcome/donate.md)
+ * [Ủng hộ](welcome/help.md)
+ * [Câu hỏi thường gặp](welcome/faq.md)
+ * [Blog↪](https://steemit.com/@v2ray)
+* [Cấu hình](configuration/README.md)
+ * [Tổng quan](configuration/overview.md)
+ * [Giao thức](configuration/protocols.md)
+ * [Blackhole](configuration/protocols/blackhole.md)
+ * [DNS](configuration/protocols/dns.md)
+ * [Dokodemo](configuration/protocols/dokodemo.md)
+ * [Freedom](configuration/protocols/freedom.md)
+ * [MTProto](configuration/protocols/mtproto.md)
+ * [HTTP](configuration/protocols/http.md)
+ * [Shadowsocks](configuration/protocols/shadowsocks.md)
+ * [SOCKS](configuration/protocols/socks.md)
+ * [VMess](configuration/protocols/vmess.md)
+ * [Chính sách](configuration/policy.md)
+ * [định tuyến](configuration/routing.md)
+ * [DNS](configuration/dns.md)
+ * [Mux](configuration/mux.md)
+ * [API](configuration/api.md)
+ * [Số liệu thống kê](configuration/stats.md)
+ * [Đảo ngược](configuration/reverse.md)
+ * [Vận chuyển](configuration/transport.md)
+ * [TCP](configuration/transport/tcp.md)
+ * [mKCP](configuration/transport/mkcp.md)
+ * [WebSocket](configuration/transport/websocket.md)
+ * [HTTP/2](configuration/transport/h2.md)
+ * [DomainSocket](configuration/transport/domainsocket.md)
+ * [QUIC](configuration/transport/quic.md)
+ * [Biến Env](configuration/env.md)
+* [Awesome V](awesome/tools.md)
+ * [With Ads](awesome/ads.md)
+* Development
+ * Milestone
+ * Guide
+ * Design
+ * Build
+ * [Tools](developer/tools.md)
+ * Protocols
+ * VMess
+ * mKCP
+ * Mux.Cool
\ No newline at end of file
diff --git a/vi/awesome/ads.md b/vi/awesome/ads.md
new file mode 100644
index 000000000..e7e0ac523
--- /dev/null
+++ b/vi/awesome/ads.md
@@ -0,0 +1,72 @@
+---
+refcn: awesome/ads
+refen: awesome/ads
+---
+
+# Some Advertisement
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## Self Hosting
+
+> [Let's Encrypt](https://letsencrypt.org/)
+
+Free TLS certificates
+
+> [Vultr](https://www.vultr.com/?ref=7269307)
+
+VPS
+
+[2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+
+> [BlueHost](https://www.bluehost.com/track/v2ray/)
+
+VPS, web hosting
+
+> [ClouDNS](https://www.cloudns.net/aff/id/244749/)
+
+Domain registration, DNS, SSL certificate
+
+> [Bandwagon](https://bandwagonhost.com/aff.php?aff=44317)
+
+Well-known VPS provider. Low price for good product.
+
+## VPN
+
+> [BabyDriver](http://babydriver.me/)
+
+Supports V2Ray. Coupon code: bcb518
+
+> [喵帕斯](https://xn--i2ru8q2qg.com/)
+
+V2Ray support (beta)
+
+> [Lanan](https://xn--sjt174g.com/)
+
+V2Ray based VPN service. Coupon code: v2ray
+
+> [V2Net](http://v2net.org/)
+
+Customized V2Ray service. Promo code: v2ray.com
+
+## Cryptocurrency
+
+> [LocalBitcoins](https://localbitcoins.com/?ch=khtm)
+
+Trade Bitcoins offline
+
+> [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g)
+
+OTC market to trade BTC, ETH, BCH, USDT.
+
+> [Binance](https://www.binance.com/?ref=35382451)
+
+Trading market for crypto currencies.
+
+> [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp)
+
+Trading market for crypto currencies.
+
+> [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18)
+
+Online crypto currency wallet
\ No newline at end of file
diff --git a/vi/awesome/tools.md b/vi/awesome/tools.md
new file mode 100644
index 000000000..606aeaaf8
--- /dev/null
+++ b/vi/awesome/tools.md
@@ -0,0 +1,96 @@
+---
+refcn: awesome/tools
+refen: awesome/tools
+---
+
+# Awesome V
+
+# Graphic Client
+
+> V2RayW
+
+Download: [Github](https://github.com/Cenmrev/V2RayW)
+
+> V2RayN
+
+Download: [Github](https://github.com/2dust/v2rayN)
+
+> Clash for Windows
+
+Download: [Github](https://github.com/Fndroid/clash_for_windows_pkg)
+
+> V2RayX
+
+Download: [Github](https://github.com/Cenmrev/V2RayX)
+
+> V2RayU
+
+Download: [Github](https://github.com/yanue/V2rayU)
+
+> ClashX
+
+Download: [Github](https://github.com/yichengchen/clashX)
+
+> Qv2ray
+
+Qv2ray: v2ray Cross-Platform GUI written in Qt, supports multi-language, connection edit and auto-check updates
+
+Download: [GitHub](https://github.com/Qv2ray/Qv2ray)
+
+Website:
+
+> Mellow
+
+Mellow is a rule-based global transparent proxy client for Windows, macOS and Linux.
+
+Download: [Github](https://github.com/mellow-io/mellow)
+
+> Kitsunebi
+
+Kitsunebi is an iOS app based on V2Ray. It provides full functionality as V2Ray. It also supports importing and exporting V2Ray compatible JSON configuration.
+
+Download: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+> i2Ray
+
+i2Ray is another iOS app based on V2Ray with easy-to-use UI design.
+
+Download: [iTunes](https://itunes.apple.com/us/app/i2ray/id1445270056?mt=8)
+
+> Shadowrocket
+
+Shadowrocket is a generic VPN app. Is supports multiple protocols such as Shadowsocks, VMess, SSR etc.
+
+Download: [iTunes](https://itunes.apple.com/us/app/shadowrocket/id932747118?mt=8)
+
+> Pepi (was ShadowRay)
+
+Pepi is V2Ray compatible app. Is is able create VPN connections based on VMess protocol, and communicate with any V2Ray servers.
+
+Download: [iTunes](https://itunes.apple.com/us/app/pepi/id1283082051?mt=8)
+
+> Quantumult
+
+Download: [iTunes](https://itunes.apple.com/us/app/quantumult/id1252015438?mt=8)
+
+> BifrostV
+
+BifrostV is an Android app based on V2Ray core. It supports VMess, Shadowsocks, socks protocols.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv) | [APK Pure](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+> V2RayNG
+
+V2RayNG is an Android app based on V2Ray. It provides same feature set as V2Ray core.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.v2ray.ang) | [GitHub](https://github.com/2dust/v2rayNG)
+
+## Online services
+
+> [Configuration generator](https://htfy96.github.io/v2ray-config-gen/)
+
+Online configuration generator.
+
+> [UUID Generator](https://www.uuidgenerator.net/)
+
+UUID generator for VMess users.
diff --git a/vi/book.json b/vi/book.json
new file mode 100644
index 000000000..97aa2dafd
--- /dev/null
+++ b/vi/book.json
@@ -0,0 +1,34 @@
+{
+ "language": "vi",
+ "title": "Project V Official",
+ "plugins" : [
+ "-fontsettings",
+ "-search",
+ "-lunr",
+ "-highlight",
+ "-sharing",
+
+ "mermaid-gb3",
+ "anchors",
+ "ga",
+ "prism",
+ "prism-themes",
+ "hints"
+ ],
+ "pluginsConfig": {
+ "ga": {
+ "token": "UA-73620536-1"
+ },
+ "prism": {
+ "css": [
+ "prism-themes/themes/prism-base16-ateliersulphurpool.light.css"
+ ],
+ "lang": {
+ "objc": "objectivec",
+ "shell": "bash",
+ "text": "textile",
+ "plain": "textile"
+ }
+ }
+ }
+}
diff --git a/vi/configuration/README.md b/vi/configuration/README.md
new file mode 100644
index 000000000..7e8bf6c52
--- /dev/null
+++ b/vi/configuration/README.md
@@ -0,0 +1,76 @@
+---
+refcn: chapter_02/index
+refen: configuration/index
+---
+
+# Cấu hình
+
+V2Ray sử dụng [cấu hình dựa trên protobuf](https://developers.google.com/protocol-buffers/). Vì định dạng protobuf ít có thể đọc được, V2Ray cũng hỗ trợ cấu hình trong JSON. Trước khi V2Ray chạy, nó sẽ tự động chuyển đổi cấu hình JSON thành protobuf. Điều đó đang được nói, các định dạng cấu hình khác có thể được giới thiệu trong furture.
+
+Ở đây chúng tôi giới thiệu cấu hình dựa trên JSON.
+
+JSON, hoặc [Ký hiệu đối tượng JavaScript](https://en.wikipedia.org/wiki/JSON), viết tắt là các đối tượng trong Javascript. Một tệp JSON chứa một và chỉ một đối tượng JSON, bắt đầu bằng "{" và kết thúc bằng "}".
+
+Một đối tượng JSON chứa một danh sách các cặp giá trị khóa. Khóa là một chuỗi và giá trị có thể khác nhau về các loại, chẳng hạn như chuỗi, số, boolean, mảng hoặc đối tượng khác. Một đối tượng điển hình như sau:
+
+```javascript
+{
+ "stringValue": "This is a string.",
+ "numberValue": 42,
+ "boolValue": true,
+ "arrayValue": ["this", "is", "a", "string", "array"],
+ "objectValue": {
+ "another": "object"
+ }
+}
+```
+
+{% hint style='info' %}
+
+V2Ray hỗ trợ các chú thích trong JSON , được chú thích bởi "//" hoặc "/ \ * \ * /". Trong trình chỉnh sửa không hỗ trợ nhận xét, chúng có thể được hiển thị dưới dạng lỗi, nhưng nhận xét thực sự hoạt động tốt trong V2Ray.
+
+{% endhint %}
+
+## Các kiểu dữ liệu JSON
+
+Đây là một giới thiệu ngắn gọn về các kiểu dữ liệu JSON. Chúng sẽ được tham chiếu trong phần còn lại của tài liệu.
+
+> `boolean`: true | false
+
+Giá trị logic, phải là `true` hoặc `false`, không có dấu ngoặc kép.
+
+> `con số`
+
+Thông thường các số nguyên không âm, không có dấu ngoặc kép.
+
+> `chuỗi`
+
+Chuỗi ký tự, được bao quanh bởi dấu ngoặc kép.
+
+> `array`: []
+
+Mảng các yếu tố. Loại phần tử của nó thường giống nhau, ví dụ, `[string]` là một mảng gồm `chuỗi`s.
+
+> `object`: {}
+
+Vật. Nó đi kèm với một danh sách các cặp giá trị quan trọng.
+
+{% hint style='tip' %}
+
+Cặp giá trị khóa thường kết thúc bằng dấu phẩy ",", nhưng không được kết thúc bằng dấu phẩy nếu đó là phần tử cuối cùng của đối tượng.
+
+{% endhint %}
+
+## Các kiểu dữ liệu chung V2Ray
+
+> `map`: object \{string, string\}
+
+Một đối tượng có khóa và giá trị có các loại cố định.
+
+> `address`: string
+
+Địa chỉ IP hoặc tên miền ở dạng chuỗi, chẳng hạn như `"8.8.8.8"` hoặc `"www.v2ray.com"`
+
+> `address_port`: string
+
+Một `địa chỉ` với cổng, chẳng hạn như `"8.8.8.8:53"` hoặc `"www.v2ray.com:80"`. Trong một số tập quán, phần địa chỉ có thể được bỏ qua, như `": 443"`.
\ No newline at end of file
diff --git a/vi/configuration/api.md b/vi/configuration/api.md
new file mode 100644
index 000000000..7546428bc
--- /dev/null
+++ b/vi/configuration/api.md
@@ -0,0 +1,52 @@
+---
+refcn: chapter_02/api
+refen: configuration/api
+---
+
+# API
+
+V2Ray cung cấp một số API để truy cập từ xa. Các API này dựa trên [gRPC](https://grpc.io/).
+
+Khi API được bật, V2Ray sẽ tự động tạo proxy đi, được gắn thẻ là `thẻ`. Người dùng phải [định tuyến](routing.md) tất cả các kết nối gRPC cho kết nối này.
+
+## ApiObject
+
+`ApiObject` được sử dụng làm trường `api` trong cấu hình cấp cao nhất.
+
+```javascript
+{
+ "tag": "api",
+ "services": [
+ "HandlerService",
+ "LoggerService",
+ "StatsService"
+ ]
+}
+```
+
+> `tag`: string
+
+Thẻ của proxy gửi đi.
+
+> `services`: \[ string \]
+
+Danh sách các API được bật.
+
+## Danh sách API được hỗ trợ
+
+### HandlerService
+
+API để thao tác proxy trong và ngoài. Các chức năng sau đây được cung cấp:
+
+* Thêm proxy vào / ra mới.
+* Xóa proxy hiện tại / thư đi.
+* Thêm người dùng mới vào proxy đến (chỉ dành cho VMess).
+* Xóa người dùng hiện tại khỏi proxy gửi đến (chỉ VMess).
+
+### LoggerService
+
+Để khởi động lại trình ghi nhật ký nội bộ. Có thể làm việc với logrotate cho các tệp log hoạt động.
+
+### StatsService
+
+Hỗ trợ nội bộ [Thống kê](stats.md).
\ No newline at end of file
diff --git a/vi/configuration/dns.md b/vi/configuration/dns.md
new file mode 100644
index 000000000..ce3f58273
--- /dev/null
+++ b/vi/configuration/dns.md
@@ -0,0 +1,104 @@
+---
+refcn: chapter_02/04_dns
+refen: configuration/dns
+---
+
+# DNS
+
+V2Ray có một máy chủ DNS nội bộ cung cấp chuyển tiếp DNS cho các thành phần khác.
+
+{% hint style='info' %}
+
+Do sự phức tạp của giao thức DNS, V2Ray hiện chỉ hỗ trợ các truy vấn IP cơ bản (A và AAAA). Chúng tôi khuyên bạn nên sử dụng một DNS chuyên nghiệp dựa (chẳng hạn như [CoreDNS](https://coredns.io/)) cho V2Ray.
+
+{% endhint %}
+
+Các truy vấn DNS được chuyển tiếp bởi dịch vụ DNS này cũng sẽ được gửi đi dựa trên các thiết lập định tuyến. Không cần cấu hình thêm.
+
+## DnsObject
+
+`DnsObject` được sử dụng làm trường `dns` trong cấu hình mức cao nhất.
+
+```javascript
+{
+ "hosts": {
+ "baidu.com": "127.0.0.1"
+ },
+ "servers": [
+ {
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ]
+ },
+ "8.8.8.8",
+ "8.8.4.4",
+ "localhost"
+ ],
+ "clientIp": "1.2.3.4",
+ "tag": "dns_inbound"
+}
+```
+
+> `hosts`: map{string: address}
+
+A list of static addresses, in the form of `domain:address`. Each entry has a domain name as key and IP or domain address as value. If a DNS query targets one of the domains in this list, the corresponding IP will be returned immediately and DNS query will not be relayed, or the corresponding domain address will be used for further DNS queries, instead of the previous one.
+
+The format of domains is:
+
+* Plaintext: When the targeting domain is exactly the value, the rule takes effect. Example: rule `"v2ray.com"` matches `"v2ray.com"`, but not `"www.v2ray.com"`.
+* Regular expression: Begining with `"regexp:"`, the rest is a regular expression. When the regexp matches targeting domain, this rule takes effect. Example: rule `"regexp:\\.goo.*\\.com$"` matches `"www.google.com"` and `"fonts.googleapis.com"`, but not `"google.com"`.
+* Subdomain (recommended): Begining with `"domain:"` and the rest is a domain. When the targeting domain is exactly the value, or is a subdomain of the value, this rule takes effect. Example: rule `"domain:v2ray.com"` matches `"www.v2ray.com"`, `"v2ray.com"`, but not `"xv2ray.com"`.
+* Keyword: Begining with `"keyword:"` and the rest is a pattern. If this string matches any part of the targeting domain, this rule takes effet. Example: rule `"keyword:sina.com"` matches targeting domain `"sina.com"`, `"sina.com.cn"` and `"www.sina.com"`, but not `"sina.cn"`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](routing.md#pre-defined-domain-lists) for more detail.
+
+> `servers`: \[string | [ServerObject](#serverobject) | "localhost" \]
+
+Danh sách các máy chủ DNS. Mỗi máy chủ có thể được chỉ định theo ba định dạng: địa chỉ IP, [ServerObject](#serverobject)hoặc `"localhost"`.
+
+Khi máy chủ là địa chỉ IP, chẳng hạn như `"8.8.8.8"`, V2Ray sẽ truy vấn DNS trên cổng UDP 53 trên địa chỉ này.
+
+Khi máy chủ là `"localhost"`, V2Ray sẽ truy vấn máy chủ cục bộ cho DNS.
+
+{% hint style='info' %}
+
+Khi `"localhost"` được sử dụng, lưu lượng truy cập DNS không được kiểm soát bởi V2Ray. Tuy nhiên, bạn có thể chuyển hướng truy vấn DNS trở lại V2Ray với cấu hình bổ sung.
+
+{% endhint %}
+
+> `clientIp`: string
+
+Địa chỉ IP của máy hiện tại. Nếu được chỉ định, V2Ray sử dụng IP này làm EDNS-Client-Subnet. Địa chỉ IP này không thể là địa chỉ riêng tư.
+
+> `tag`: string
+
+(V2Ray 4.13+) All traffic initiated from this DNS, except to localhost, will have this tag as inbound. It can be used for routing.
+
+### ServerObject
+
+```javascript
+{
+ "address": "1.2.3.4",
+ "port": 5353,
+ "domains": [
+ "domain:v2ray.com"
+ ],
+}
+```
+
+> `address`: address
+
+Address of the DNS server. For now only UDP servers are supported.
+
+> `port`: number
+
+Port of the DNS server. Usually it is `53` or `5353`.
+
+> `domains`: \[string\]
+
+A list of domains. If the domain of enquire matches one of the list, this DNS server will be prioritized for DNS query for this domain.
+
+Domain name format is the same as in [routing](routing.md).
+
+When a DNS server has the domain in its domain list, the domain will be queried in this server first, and then other servers. Otherwise DNS queries are sent to DNS servers in the order they appear in the config file.
\ No newline at end of file
diff --git a/vi/configuration/env.md b/vi/configuration/env.md
new file mode 100644
index 000000000..5881f7b91
--- /dev/null
+++ b/vi/configuration/env.md
@@ -0,0 +1,46 @@
+---
+refcn: chapter_02/env
+refen: configuration/env
+---
+
+# Biến môi trường
+
+V2Ray đọc các biến môi trường sau đây.
+
+## Kích thước bộ nhớ cache cho mỗi kết nối {#buffer-size}
+
+* Tên: `v2ray.ray.buffer.size` hoặc `V2RAY_RAY_BUFFER_SIZE`
+* Đơn vị: MBytes
+* Giá trị mặc định: 2 trên x86, amd64, arm64 và s390x. Bộ nhớ cache này bị tắt trên các nền tảng khác.
+* Giá trị đặc biệt: 0 cho kích thước bộ nhớ cache không giới hạn
+
+**Deprecated. Use bufferSize in Policy.**
+
+For each connection, when there is a difference in speed between inbound and outbound traffic, V2Ray will cache some data for larger throughput. This setting controls the size of the cache. The larger the cache, the better the performance.
+
+## Vị trí của tài sản V2Ray {#asset}
+
+* Tên: `v2ray.location.asset` hoặc `V2RAY_LOCATION_ASSET`
+* Giá trị mặc định: Cùng thư mục nơi v2ray là.
+
+This variable specifies a directory where geoip.dat and geosite.dat files are.
+
+## Vị trí của cấu hình V2Ray {#config}
+
+* Tên: `v2ray.location.config` hoặc `V2RAY_LOCATION_CONFIG`
+* Giá trị mặc định: Cùng thư mục nơi v2ray là.
+
+This variable specifies a directory where config.json is.
+
+## Đọc phân tán {#scatter-io}
+
+* Tên: `v2ray.buf.readv` hoặc `V2RAY_BUF_READV`
+* Giá trị mặc định: `auto`
+
+V2Ray 3.37 uses Scatter/Gather IO. This feature will use less memory when connection speed is over 100 MByte/s. Possible values are: `auto`, `enable` and `disable`.
+
+* `bật`: Bật đọc phân tán.
+* `tắt`: Tắt đọc phân tán.
+* `auto`: Chỉ kích hoạt trên Windows, MacOS, Linux khi CPU là x86, AMD64 hoặc s390x.
+
+When connection speed is less than 100 MByte/s, no matter whether this is enabled or not, there is no obvious difference in terms of memory usage.
\ No newline at end of file
diff --git a/vi/configuration/mux.md b/vi/configuration/mux.md
new file mode 100644
index 000000000..8c2beaaf3
--- /dev/null
+++ b/vi/configuration/mux.md
@@ -0,0 +1,27 @@
+---
+refcn: chapter_02/mux
+refen: configuration/mux
+---
+
+# Ghép kênh
+
+Ghép kênh, hoặc Mux, là sử dụng một kết nối TCP vật lý cho nhiều kết nối TCP ảo.
+
+Mux được thiết kế để giảm độ trễ bắt tay TCP. Nó KHÔNG phải cho thông lượng cao. Khi được sử dụng để tải xuống các tệp lớn hoặc đo tốc độ, Mux thường chậm hơn kết nối TCP thông thường.
+
+## MuxObject
+
+```javascript
+{
+ "enabled": false,
+ "concurrency": 8
+}
+```
+
+> `enabled`: true | false
+
+Có hay không kích hoạt Mux trên đường đi.
+
+> `concurrency`: number
+
+Số lượng kết nối ghép kênh tối đa mà một kết nối vật lý có thể xử lý tại một thời điểm. Giá trị lớn nhất `1024`, giá trị nhỏ nhất `1`, mặc định `8`.
\ No newline at end of file
diff --git a/vi/configuration/overview.md b/vi/configuration/overview.md
new file mode 100644
index 000000000..5ede22727
--- /dev/null
+++ b/vi/configuration/overview.md
@@ -0,0 +1,249 @@
+---
+refcn: chapter_02/01_overview
+refen: configuration/overview
+---
+
+# Tổng quan về cấu hình
+
+V2Ray chia sẻ cùng một cấu trúc cấu hình giữa phía máy chủ và phía máy khách được hiển thị như bên dưới. Cấu hình máy chủ và máy khách khác nhau trong các phần cụ thể.
+
+Dưới đây là cấu trúc cấp cao nhất của cấu hình. Mỗi phần có định dạng riêng.
+
+```javascript
+{
+ "log": {},
+ "api": {},
+ "dns": {},
+ "stats": {},
+ "routing": {},
+ "policy": {},
+ "inbounds": [],
+ "outbounds": [],
+ "transport": {}
+}
+```
+
+> `log`: [LogObject](#logobject)
+
+Đăng nhập cấu hình để kiểm soát đầu ra nhật ký.
+
+> `api`: [ApiObject](api.md)
+
+API RPC để điều khiển phiên bản V2Ray. Xem [cấu hình API](api.md) để biết chi tiết.
+
+> `dns`: [DnsObject](dns.md)
+
+Cấu hình cho cấu hình máy chủ DNS nội bộ. Nếu phần này bị bỏ qua, V2Ray sẽ sử dụng cấu hình DNS toàn hệ thống của bạn. Để biết chi tiết, xem [Cấu hình DNS](dns.md).
+
+> `stats`: [StatsObject](stats.md)
+
+Khi được chỉ định, nội bộ [Thống kê](stats.md) được bật.
+
+> `policy`: [PolicyObject](policy.md)
+
+Cấu hình cho quyền và các chiến lược bảo mật khác. Để biết chi tiết, xem [Chính sách địa phương](policy.md).
+
+> `routing`: [RoutingObject](routing.md)
+
+Cấu hình cho nội bộ [Định tuyến](routing.md) chiến lược.
+
+> `inbounds`: \[ [InboundObject](#inboundobject) \]
+
+Một mảng [InboundObject](#inboundobject) làm cấu hình cho proxy gửi đến.
+
+> `outbounds`: \[ [OutboundObject](#outboundobject) \]
+
+Một mảng [OutboundObject](#outboundobject) làm cấu hình cho các proxy gửi đi. Chuyến đi đầu tiên trong mảng là mảng chính. Đây là định tuyến mặc định trong định tuyến định tuyến.
+
+> `transport`: [TransportObject](transport.md)
+
+Cấu hình giao thức vận tải cấp thấp. Để biết chi tiết, xem [Giao thức Tùy chọn Giao vận](transport.md).
+
+## LogObject
+
+```javascript
+{
+ "access": "/path/to/file",
+ "error": "/path/to/file",
+ "loglevel": "warning"
+}
+```
+
+> `access`: string
+
+Đường dẫn để truy cập nhật ký. Nếu không trống, nó phải là một đường dẫn tập tin hợp pháp, chẳng hạn như `"/tmp/v2ray/_access.log"`(Linux) hoặc `"C: \\ Temp \\ v2ray \\ _ access.log"`(Windows ). Nếu trống, V2Ray ghi nhật ký truy cập vào `stdout`.
+
+> `error`: string
+
+Đường dẫn đến nhật ký lỗi. Nếu không trống, nó phải là một đường dẫn tập tin hợp pháp. Nếu trống, V2Ray ghi nhật ký lỗi tới `stdout`.
+
+> `loglevel`: "debug" | "info" | "warning" | "error" | "none"
+
+Mức nhật ký được ghi. Các cấp nhật ký khác nhau cho biết nội dung nhật ký khác nhau. Giá trị mặc định là `"cảnh báo"`.
+
+Mức nhật ký:
+
+* `"debug"`: Thông tin dành cho nhà phát triển. Cũng bao gồm tất cả `"thông tin"` bản ghi.
+* `"thông tin"`: Thông tin về trạng thái hiện tại của V2Ray. Người dùng không phải chăm sóc những người đó. Cũng bao gồm tất cả `"cảnh báo"` bản ghi.
+* `"cảnh báo"`: Đã xảy ra sự cố với môi trường, thường nằm ngoài V2Ray, ví dụ: mạng bị vỡ. V2Ray vẫn chạy nhưng người dùng có thể gặp phải một số sự cố. Cũng bao gồm tất cả `"lỗi"` bản ghi.
+* `"lỗi"`: Đã xảy ra sự cố nghiêm trọng, V2Ray không thể chạy được.
+* `"none"`: Tất cả ghi nhật ký đều bị tắt.
+
+## InboundObject
+
+Một InboundObject định nghĩa một proxy gửi đến. Nó xử lý các kết nối đến V2Ray. Proxy có sẵn được [liệt kê ở đây](protocols.md).
+
+```javascript
+{
+ "port": 1080,
+ "listen": "127.0.0.1",
+ "protocol": "protocol_name",
+ "settings": {},
+ "streamSettings": {},
+ "tag": "inbound_tag_name",
+ "sniffing": {
+ "enabled": false,
+ "destOverride": ["http", "tls"]
+ },
+ "allocate": {
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+ },
+}
+```
+
+> `port`: number | "env:variable" | string
+
+Cổng mà proxy đang nghe. Các định dạng có thể chấp nhận là:
+
+* Số nguyên: số cổng thực tế.
+* Biến môi trường: Bắt đầu bằng `"env:"`, biến env chỉ định cổng ở định dạng chuỗi, chẳng hạn như `"env: PORT"`. V2Ray sẽ giải mã biến thành chuỗi.
+* Chuỗi: Giá trị chuỗi số, chẳng hạn như `"1234"`hoặc một loạt các cổng, chẳng hạn như `"5-10"` cho tổng số 6 cổng.
+
+Các cổng thực tế để mở cũng phụ thuộc vào `phân bổ` thiết lập. Xem bên dưới.
+
+> `listen`: address
+
+Địa chỉ cần nghe. Giá trị mặc định là `"0.0.0.0"` cho các kết nối đến trên tất cả các giao diện mạng. Nếu không, giá trị phải là địa chỉ của giao diện mạng hiện có.
+
+> `protocol`: string
+
+Tên của giao thức gửi đến. Xem từng cá nhân để biết các giá trị có sẵn.
+
+> `settings`: InboundConfigurationObject
+
+Cài đặt giao thức cụ thể. Xem `InboundConfigurationObject` được định nghĩa trong mỗi giao thức.
+
+> `streamSettings`: [StreamSettingsObject]
+
+Xem [Giao thức Giao thức Tùy chọn](transport.md) để biết chi tiết.
+
+> `tag`: string
+
+Thẻ của proxy đến. Nó có thể được sử dụng cho các quyết định định tuyến. Nếu không trống, nó phải là duy nhất trong số tất cả các proxy gửi đến.
+
+> `sniffing`: [SniffingObject](#sniffingobject)
+
+Cấu hình cho nội dung đánh hơi.
+
+> `allocate`: [AllocateObject](#allocateobject)
+
+Cấu hình cho cổng phân bổ.
+
+### SniffingObject
+
+```javascript
+{
+ "enabled": false,
+ "destOverride": ["http", "tls"]
+}
+```
+
+> `enabled`: true | false
+
+Có hay không kích hoạt nội dung đánh hơi.
+
+> `destOverride`: \["http" | "tls"\]
+
+Một loại nội dung. Nếu loại nội dung của lưu lượng truy cập đến được chỉ định trong danh sách, đích của kết nối sẽ bị ghi đè bởi giá trị bị đánh hơi.
+
+### AllocateObject
+
+```javascript
+{
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+}
+```
+
+> `strategy`: "always" | "random"
+
+Chiến lược phân bổ cảng. Khi nó được đặt thành `"luôn luôn"`, tất cả cổng trong trường `cổng` sẽ được cấp phát để nghe. Nếu `"ngẫu nhiên"` được thiết lập, V2Ray sẽ nghe số `đồng thời` cổng và danh sách các cổng được giới thiệu sau mỗi `làm mới` phút.
+
+> `refresh`: number
+
+Số phút để làm mới các cổng nghe. Giá trị nhỏ nhất là `2`. Cài đặt này chỉ hiệu quả khi `chiến lược` được đặt thành `"ngẫu nhiên"`.
+
+> `concurrency`: number
+
+Số cổng để nghe. Giá trị nhỏ nhất là `1`. Giá trị tối đa là một phần ba toàn bộ phạm vi cổng.
+
+## OutboundObject
+
+An OutboundObject định nghĩa proxy gửi đi để xử lý các kết nối đang diễn ra. Các giao thức có sẵn được liệt kê [tại đây](protocols.md).
+
+```javascript
+{
+ "sendThrough": "0.0.0.0",
+ "protocol": "protocol_name",
+ "settings": {},
+ "tag": "this_outbound_tag_name",
+ "streamSettings": {},
+ "proxySettings": {
+ "tag": "another_outbound_tag_name"
+ },
+ "mux": {}
+}
+```
+
+> `sendThrough`: address
+
+Địa chỉ IP để gửi lưu lượng truy cập. Giá trị mặc định, `"0.0.0.0"` là để chọn ngẫu nhiên một IP có sẵn trên máy chủ. Nếu không, giá trị phải là một địa chỉ IP từ các giao diện mạng hiện có.
+
+> `protocol`: string
+
+Tên giao thức của outbound này. Xem [Giao thức](protocols.md) cho tất cả các giá trị có sẵn.
+
+> `settings`: OutboundConfigurationObject
+
+Cài đặt giao thức cụ thể. Xem `OutboundConfigurationObject` trong mỗi giao thức riêng lẻ.
+
+> `tag`: string
+
+Thẻ của lối ra này. Nếu không trống, nó phải là duy nhất trong số tất cả các giới hạn.
+
+> `streamSettings`: [StreamSettingsObject](transport.md)
+
+Cài đặt vận chuyển ở mức độ thấp. Xem [Giao thức Giao thức Tùy chọn](transport.md).
+
+> `proxySettings`: [ProxySettingsObject](#proxysettingsobject)
+
+Cấu hình cho ủy quyền lưu lượng truy cập từ này đi khác. Khi điều này được thiết lập, `streamSettings` của outbound này sẽ không có hiệu lực.
+
+> `mux`: [MuxObject](mux.md)
+
+Xem cấu hình [Mux](mux.md) để biết chi tiết.
+
+### ProxySettingsObject
+
+```javascript
+{
+ "tag": "another-outbound-tag"
+}
+```
+
+> `tag`: string
+
+Khi `thẻ` được đặt thành thẻ của một kênh khác, lưu lượng truy cập ra ngoài hiện tại sẽ được chuyển đến thẻ được chỉ định.
\ No newline at end of file
diff --git a/vi/configuration/policy.md b/vi/configuration/policy.md
new file mode 100644
index 000000000..de5df3f03
--- /dev/null
+++ b/vi/configuration/policy.md
@@ -0,0 +1,127 @@
+---
+refcn: chapter_02/policy
+refen: configuration/policy
+---
+
+# Chính sách địa phương
+
+Chính sách cục bộ quản lý cài đặt chính sách của phiên bản V2Ray hiện tại, chẳng hạn như thời gian chờ kết nối. Các policys có thể được áp dụng cho mỗi cấp độ người dùng, hoặc toàn bộ hệ thống.
+
+## PolicyObject
+
+`PolicyObject` được sử dụng làm trường `chính sách` trong cấu hình cấp cao nhất.
+
+```javascript
+{
+ "levels": {
+ "0": {
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false
+ }
+ },
+ "system": {
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+ }
+}
+```
+
+> `level`: map{string: [LevelPolicyObject](#levelpolicyobject)}
+
+Một danh sách các cặp giá trị khóa. Mỗi khóa là một chuỗi số nguyên (bị giới hạn bởi JSON), chẳng hạn như `"0"`, `"1"`, v.v. Giá trị số cho một cấp độ người dùng nhất định.
+
+{% hint style='info' %}
+
+Mức người dùng có thể được đặt trên mỗi proxy gửi đến và đi. V2Ray sẽ áp dụng các chính sách khác nhau dựa trên cấp độ người dùng.
+
+{% endhint %}
+
+> `system`: [SystemPolicyObject](#systempolicyobject)
+
+Chính sách toàn hệ thống
+
+### LevelPolicyObject
+
+```javascript
+{
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false,
+ "bufferSize": 10240
+}
+```
+
+> `handshake`: number
+
+Thời gian chờ để thiết lập kết nối, tính bằng giây. Giá trị mặc định `4`. Ở giai đoạn bắt tay của một proxy gửi đến đối phó với một kết nối mới, hãy nói tiêu đề yêu cầu đọc VMess, nếu nó mất nhiều hơn `bắt tay` lần, V2Ray sẽ hủy kết nối.
+
+> `connIdle`: number
+
+Hết thời gian chờ kết nối không hoạt động, tính bằng giây. Giá trị mặc định `300`. Nếu không có dữ liệu nào được truyền qua kết nối trong `connIdle` , V2Ray sẽ hủy kết nối.
+
+> `uplinkOnly`: number
+
+Thời gian để giữ các kết nối mở sau khi đường lên của kết nối được đóng lại, tính bằng giây. Giá trị mặc định `2`. Sau khi remote (server) đóng đường xuống của kết nối, V2Ray sẽ hủy kết nối sau `uplinkOnly` lần.
+
+> `downlinkOnly`: number
+
+Thời gian để giữ các kết nối mở sau khi đường xuống của kết nối bị đóng, tính bằng giây. Giá trị mặc định `5`. Sau khi máy khách (trình duyệt) đóng đường lên của kết nối, V2Ray hủy bỏ kết nối sau `downlinkChỉ` lần.
+
+{% hint style='tip' %}
+
+Trong một kịch bản trình duyệt trang web đơn giản, nó là an toàn để thiết lập `uplinkOnly` và `downlinkOnly` cả đến `0`, cho hiệu suất tốt hơn.
+
+{% endhint %}
+
+> `statsUserUplink`: true | false
+
+Khi được đặt thành `true`, V2Ray cho phép bộ đếm stat để lưu lượng truy cập đường lên cho tất cả người dùng ở cấp này.
+
+> `statsUserDownlink`: true | false
+
+Khi được đặt thành `true`, V2Ray cho phép bộ đếm stat truy cập đường xuống cho tất cả người dùng ở cấp này.
+
+> `bufferSize`: number
+
+Kích thước của bộ đệm trong mỗi kết nối, tính bằng kilo-byte. Giá trị mặc định là `10240`. Khi nó được đặt thành `0`, bộ đệm bên trong bị tắt.
+
+Default value (V2Ray 4.4+):
+
+* `0` on ARM, MIPS and MIPSLE.
+* `4` on ARM64, MIPS64 and MIPS64LE.
+* `512` on other platforms.
+
+Default value (V2Ray 4.3-):
+
+* `16` on ARM, ARM64, MIPS, MIPS64, MIPSLE and MIPS64LE.
+* `2048` on other platforms.
+
+{% hint style='info' %}
+
+`bufferSize` overrides `v2ray.ray.buffer.size` settings in [env variables](env.md#cache-size-per-connection).
+
+{% endhint %}
+
+### SystemPolicyObject
+
+```javascript
+{
+ "statsInboundUplink": false,
+ "statsInboundDownlink": false
+}
+```
+
+> `statsInboundUplink`: true | false
+
+When set to `true`, V2Ray enables stat counter for all uplink traffic in all inbound proxies.
+
+> `statsInboundDownlink`: true | false
+
+When set to `true`, V2Ray enables stat counter for all downlink traffic in all inbound proxies.
\ No newline at end of file
diff --git a/vi/configuration/protocols.md b/vi/configuration/protocols.md
new file mode 100644
index 000000000..99daa210d
--- /dev/null
+++ b/vi/configuration/protocols.md
@@ -0,0 +1,17 @@
+---
+refcn: chapter_02/02_protocols
+refen: configuration/protocols
+---
+
+# Giao thức
+
+V2Ray hỗ trợ các giao thức sau. Mỗi giao thức có thể là giao thức gửi đến hoặc giao thức gửi đi hoặc cả hai.
+
+* [Hố đen](protocols/blackhole.md)
+* [Cửa Dokodemo](protocols/dokodemo.md)
+* [Sự tự do](protocols/freedom.md)
+* [HTTP](protocols/http.md)
+* [MTProto](protocols/mtproto.md)
+* [Shadowsocks](protocols/shadowsocks.md)
+* [Socks](protocols/socks.md)
+* [VMess](protocols/vmess.md)
\ No newline at end of file
diff --git a/vi/configuration/protocols/blackhole.md b/vi/configuration/protocols/blackhole.md
new file mode 100644
index 000000000..4d6812036
--- /dev/null
+++ b/vi/configuration/protocols/blackhole.md
@@ -0,0 +1,40 @@
+---
+refcn: chapter_02/protocols/blackhole
+refen: configuration/protocols/blackhole
+---
+
+# Blackhole
+
+* Tên: `blackhole`
+* Loại: Đi
+
+Blackhole là một giao thức cho các kết nối gửi đi. Nó chặn tất cả các kết nối với các câu trả lời được xác định trước. Kết hợp với [Định tuyến](../routing.md), điều này có thể được sử dụng để chặn truy cập vào một số trang web.
+
+## ConfigurationObject
+
+```javascript
+{
+ "response": {
+ "type": "none"
+ }
+}
+```
+
+> `response`: [ResponseObject](#responseobject)
+
+Phản hồi được xác định trước. Blockhole sẽ gửi (nếu có) dữ liệu được xác định trước ngay lập tức cho bất kỳ kết nối nào được truyền tới nó và đóng kết nối.
+
+### ResponseObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none" | "http"
+
+Loại phản hồi, các tùy chọn có sẵn là:
+
+* `"none"`: Giá trị mặc định. Phản hồi trống.
+* `"http"`: Đáp ứng HTTP 403 hợp lệ.
\ No newline at end of file
diff --git a/vi/configuration/protocols/dns.md b/vi/configuration/protocols/dns.md
new file mode 100644
index 000000000..bd4793d46
--- /dev/null
+++ b/vi/configuration/protocols/dns.md
@@ -0,0 +1,37 @@
+---
+refcn: chapter_02/protocols/dns
+refen: configuration/protocols/dns
+---
+
+# DNS
+
+* Name: `dns`
+* Type: Outbound
+
+DNS is an outbound proxy. It is mainly used for intercept and proxy DNS queries and responses. This outbound proxy can only accept DNS traffic, including both TCP and UDP based DNS queries. Other type of traffic will result in errors.
+
+When proxying DNS queries, DNS outbound will redirect IP queries (A and AAAA) to [internal DNS server](../dns.md). It will send other type of queries directly to its original destination.
+
+DNS outbound proxy is introduced in V2Ray 4.15.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "network": "tcp",
+ "address": "1.1.1.1",
+ "port": 53
+}
+```
+
+> `network`: "tcp" | "udp"
+
+(V2Ray 4.16+) Modify the transport protocol of the DNS traffic. The value may be either `"tcp"` or `"udp"`. If it is not specified, the original protocol remains unchanged.
+
+> `address`: address
+
+(V2Ray 4.16+) Modify the DNS server address in the request. If it is not specified, the original DNS server address remain unchanged.
+
+> `port`: number
+
+(V2Ray 4.16+) Modify the DNS server port in the request. If it is not specified, the original DNS server port remain unchanged.
\ No newline at end of file
diff --git a/vi/configuration/protocols/dokodemo.md b/vi/configuration/protocols/dokodemo.md
new file mode 100644
index 000000000..128fcc97f
--- /dev/null
+++ b/vi/configuration/protocols/dokodemo.md
@@ -0,0 +1,96 @@
+* * *
+
+refcn: chapter_02/protocols/dokodemo refen: configuration/protocols/dokodemo
+
+* * *
+
+# Dokodemo-door
+
+* Tên: `dokodemo-cửa`
+* Loại: Inbound
+
+Cửa Dokodemo là giao thức cho các kết nối gửi đến. Nó lấy bất kỳ kết nối nào và chuyển chúng đến đích đã chỉ định.
+
+Cửa Dokodemo cũng có thể (nếu được cấu hình) hoạt động như một proxy trong suốt.
+
+## ConfigurationObject
+
+```javascript
+{
+ "address": "8.8.8.8",
+ "port": 53,
+ "network": "tcp",
+ "followRedirect": false,
+ "userLevel": 0
+}
+```
+
+> `address`: address
+
+Địa chỉ của máy chủ đích. Có thể là IPv4, IPv6 hoặc tên miền, dưới dạng chuỗi. Khi `followRedirect` (xem bên dưới) là `true`, `address` có thể rỗng.
+
+> `port`: number
+
+Cổng của máy chủ đích.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+Loại mạng được chấp nhận. Nếu `"tcp"` được chỉ định, tất cả lưu lượng UDP được gửi tới cửa sổ dokodemo này sẽ bị hủy.
+
+> `followRedirect`: true | false
+
+Khi đặt thành `true`, dokodemo-door sẽ nhận ra đích từ TProxy và sử dụng nó làm đích đến của nó. Xem `TProxy` trong [phương tiện giao thông](../transport.md) để xem chi tiết.
+
+> `userLevel`: number
+
+Cấp người dùng. Tất cả các kết nối đều chia sẻ cấp độ này. Xem [Chính sách](../policy.md) để biết chi tiết.
+
+## Ví dụ về proxy trong suốt
+
+Thêm một cửa dokodemo vào trong như dưới đây.
+
+```javascript
+{
+ "network": "tcp,udp",
+ "timeout": 30,
+ "followRedirect": true
+}
+```
+
+Cấu hình iptables như dưới đây.
+
+```bash
+# Tạo chuỗi mới
+iptables -t nat -N V2RAY
+iptables -t mangle -N V2RAY
+iptables -t mangle -N V2RAY_MARK
+
+# Bỏ qua địa chỉ máy chủ V2Ray của bạn
+# Nó rất QUAN TRỌNG, hãy cẩn thận.
+iptables -t nat -A V2RAY -d 123.123.123.123 -j TRỞ LẠI
+
+# Bỏ qua mạng LAN và bất kỳ địa chỉ nào khác mà bạn muốn bỏ qua proxy
+# Xem Wikipedia và RFC5735 để có danh sách đầy đủ các mạng được bảo lưu.
+iptables -t nat -A V2RAY -d 0.0.0.0/8 -j TRỞ LẠI
+iptables -t nat -A V2RAY -d 10.0.0.0/8 -j TRỞ LẠI
+iptables -t nat -A V2RAY-127.0.0.0/8 -j RETURN
+iptables -t nat -A V2RAY-169.254.0.0/16 -j TRỞ LẠI
+iptables -t nat -A V2RAY-172.16.0.0/12 -j TRỞ LẠI
+iptables -t nat -A V2RAY-192.168 .0.0 / 16 -j RETURN
+iptables -t nat -A V2RAY-224.0.0.0/4 -j TRẢ LẠI
+iptables -t nat -A V2RAY-240.0.0.0/4 -j TRẢ LẠI
+
+# Mọi thứ khác cần được chuyển hướng đến cổng địa phương của cửa Dokodemo
+iptables -t nat -A V2RAY -p tcp -j ĐỔI MỚI - sang-cổng 12345
+
+# Thêm bất kỳ quy tắc UDP nào
+tuyến IP thêm địa chỉ mặc định dev lo table 100
+ip rule add fwmark 1 tra cứu 100
+iptables -t mangle -A V2RAY -p udp --dữ 53 -j TPROXY --on-port 12345 --tinxy-mark 0x01 / 0x01
+iptables -t mangle -A V2RAY_MARK -p udp --dẫn 53 -j MARK --set-mark 1
+
+# Áp dụng các quy tắc
+iptables -t nat -Một OUTPUT -p tcp -j V2RAY
+iptables -t mangle -A PREROUTING -j V2RAY
+iptables -t mangle -A OUTPUT -j V2RAY_MARK
+```
\ No newline at end of file
diff --git a/vi/configuration/protocols/freedom.md b/vi/configuration/protocols/freedom.md
new file mode 100644
index 000000000..135002be9
--- /dev/null
+++ b/vi/configuration/protocols/freedom.md
@@ -0,0 +1,45 @@
+---
+refcn: chapter_02/protocols/freedom
+refen: configuration/protocols/freedom
+---
+
+# Freedom
+
+* Tên: `tự do`
+* Loại: Đi
+
+Tự do là một giao thức cho các kết nối gửi đi. Nó chuyển tất cả kết nối TCP hoặc UDP đến đích của họ. Điều này gửi đi được sử dụng khi bạn muốn gửi lưu lượng truy cập đến đích thực của nó.
+
+## ConfigurationObject
+
+```javascript
+{
+ "domainStrategy": "AsIs",
+ "redirect": "127.0.0.1:3366",
+ "userLevel": 0
+}
+```
+
+> `domainStrategy`: "AsIs" | "UseIP"
+
+Chiến lược phân giải tên miền. Các tùy chọn là:
+
+* `"AsIs"`: Giá trị mặc định. Giải quyết tên miền theo hệ thống.
+* `"UseIP"`: Sử dụng [DNS nội bộ](../dns.md) cho độ phân giải tên miền.
+* `"UseIPv4"`: Use IPv4 address only, after resolved by internal DNS.
+* `"UseIPv6"`: Use IPv6 address only, after resolved by internal DNS.
+
+(V2Ray 4.6+) In `UseIP` mode, when `sendThrough` is specified in [OutboundObject](../overview.md#outboundobject), Freedom will automatically choose between IPv4 and IPv6 address for destination based on `sendThrough` settings.
+
+(V2Ray 4.7+) If `sendThrough` address conflicts with `"UseIPv4"` or `"UseIPv6"`, Freedom will fail to dial out-going connections.
+
+> `redirect`: address_port
+
+Redirect all connections to this address, in form like `"127.0.0.1:80"` or `":1234"`.
+
+* Khi địa chỉ trống, ví dụ: `": 443"`, Tự do sẽ sử dụng địa chỉ đích ban đầu.
+* Khi cổng là `0`, ví dụ `"v2ray.com:0"`, Tự do sẽ sử dụng cổng gốc.
+
+> `userLevel`: number
+
+User level. All connections share this level.
\ No newline at end of file
diff --git a/vi/configuration/protocols/http.md b/vi/configuration/protocols/http.md
new file mode 100644
index 000000000..a8baac54e
--- /dev/null
+++ b/vi/configuration/protocols/http.md
@@ -0,0 +1,64 @@
+---
+refcn: chapter_02/protocols/http
+refen: configuration/protocols/http
+---
+
+# HTTP
+
+* Tên: `http`
+* Loại: Inbound
+
+HTTP là giao thức cho các kết nối gửi đến. Nó tương thích với HTTP / 1.1.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "accounts": [
+ {
+ "user": "my-username",
+ "pass": "my-password"
+ }
+ ],
+ "allowTransparent": false,
+ "userLevel": 0
+}
+```
+
+> `accounts`: \[[AccountObject](#accountobject)\]
+
+Một mảng trong đó mỗi mục là một tài khoản. Nó được để trống theo mặc định. Nếu không trống, Xác thực HTTP cơ bản là bắt buộc đối với các yêu cầu gửi đến.
+
+> `allowTransparent`: true | false
+
+Nếu được đặt thành `true`, tất cả yêu cầu HTTP được gửi đến thư đến này sẽ được proxy, bao gồm cả yêu cầu không phải proxy.
+
+> `userLevel`: number
+
+Cấp người dùng. Tất cả các kết nối đều chia sẻ cấp độ này.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `user`: string
+
+Tên người dùng để xác thực HTTP.
+
+> `pass`: string
+
+mật khẩu để xác thực HTTP.
+
+{% hint style='info' %}
+
+Sử dụng các cài đặt sau trong Linux để sử dụng proxy HTTP trong phiên hiện tại.
+
+* `xuất khẩu http_proxy = http: //127.0.0.1: 8080/` (URL có thể thay đổi theo cấu hình của bạn)
+* `xuất https_proxy =$http_proxy`
+
+{% endhint %}
\ No newline at end of file
diff --git a/vi/configuration/protocols/mtproto.md b/vi/configuration/protocols/mtproto.md
new file mode 100644
index 000000000..ecf7b6c89
--- /dev/null
+++ b/vi/configuration/protocols/mtproto.md
@@ -0,0 +1,103 @@
+---
+refcn: chapter_02/protocols/mtproto
+refen: configuration/protocols/mtproto
+---
+
+# MTProto
+
+* Tên: `mtproto`
+* Loại: Inbound / Outbound
+
+Proxy MTProto là một procol đặc biệt cho Telegram. Nó bao gồm một cặp proxy gửi đến và outboud trong V2Ray. Chúng thường được sử dụng cùng nhau để xây dựng một proxy cho Telegram
+
+Hiện tại V2Ray chỉ hỗ trợ địa chỉ IPv4 của máy chủ Telegram.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "users": [{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+ }]
+}
+```
+
+> `users`: \[[UserObject](#userobject)\]
+
+Một mảng người dùng. Hiện tại chỉ người dùng đầu tiên mới có hiệu quả.
+
+### UserObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "level": 0,
+ "secret": "b0cbcef5a486d9636472ac27f8e11a9d"
+}
+```
+
+> `email`: string
+
+Email người dùng. Được sử dụng cho mục đích theo dõi. Xem [Thống kê](../stats.md).
+
+> `level`: number
+
+Cấp người dùng.
+
+> `secret`: string
+
+Bí mật của người dùng. Trong Telegram, sử dụng bí mật phải dài 32 ký tự, và chỉ chứa các ký tự giữa `0` để `9`, và `một`để `f`.
+
+{% hint style='tip' %}
+
+Bạn có thể sử dụng lệnh sau để tạo bí mật MTProto: `openssl rand -hex 16`
+
+{% endhint %}
+
+## Cấu hình đi {#outbound}
+
+```javascript
+{
+}
+```
+
+## Mẫu vật {#sample}
+
+MTProto chỉ có thể được sử dụng cho giao thông Telegram. Bạn có thể cần một quy tắc định tuyến để kết hợp tương ứng trong và ngoài. Đây là một mẫu không đầy đủ.
+
+Trong nước:
+
+```javascript
+{
+ "tag": "tg-in",
+ "port": 443,
+ "protocol": "mtproto",
+ "settings": {
+ "users": [{"secret": "b0cbcef5a486d9636472ac27f8e11a9d"}]
+ }
+}
+```
+
+Outbound:
+
+```javascript
+{
+ "tag": "tg-out",
+ "protocol": "mtproto",
+ "settings": {}
+}
+```
+
+Định tuyến:
+
+```javascript
+{
+ "type": "field",
+ "inboundTag": ["tg-in"],
+ "outboundTag": "tg-out"
+}
+```
+
+Định cấu hình ứng dụng Telegram của bạn để kết nối với cổng 443 trên máy này.
\ No newline at end of file
diff --git a/vi/configuration/protocols/shadowsocks.md b/vi/configuration/protocols/shadowsocks.md
new file mode 100644
index 000000000..7bad2b7b6
--- /dev/null
+++ b/vi/configuration/protocols/shadowsocks.md
@@ -0,0 +1,163 @@
+---
+refcn: chapter_02/protocols/shadowsocks
+refen: configuration/protocols/shadowsocks
+---
+
+# Shadowsocks
+
+* Tên: `bóng`
+* Loại: Inbound / Outbound
+
+[Giao thức Shadowsocks](https://www.shadowsocks.org/) , cho cả kết nối trong và ngoài.
+
+Khả năng tương thích với phiên bản chính thức:
+
+* Hỗ trợ cả kết nối TCP và UDP, trong đó UDP có thể được tắt tùy chọn.
+* Hỗ trợ [OTA](https://web.archive.org/web/20161221022225/https://shadowsocks.org/en/spec/one-time-auth.html);
+ * Khách hàng có thể chọn bật hoặc tắt.
+ * Máy chủ có thể chọn bật, tắt hoặc tự động.
+* Phương thức mã hóa ([AEAD](https://shadowsocks.org/en/spec/AEAD-Ciphers.html) mật mã được thêm vào trong V2Ray 3.0):
+ * aes-256-cfb
+ * aes-128-cfb
+ * chacha20
+ * chacha20-ietf
+ * aes-256-gcm
+ * aes-128-gcm
+ * chacha20-poly1305 aka chacha20-ietf-poly1305
+* Bổ sung:
+ * Hỗ trợ obfs thông qua chế độ độc lập.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "method": "aes-128-cfb",
+ "password": "password",
+ "level": 0,
+ "ota": true,
+ "network": "tcp"
+}
+```
+
+> `email`: string
+
+Địa chỉ email. Được sử dụng để nhận dạng người dùng.
+
+> `method`: string
+
+Cần thiết. Xem [Phương thức mã hóa](#encryption-methods) để biết các giá trị có sẵn.
+
+> `password`: string
+
+Cần thiết. Mật khẩu trong giao thức Shadowsocks. Có thể là bất kỳ chuỗi nào.
+
+> `level`: number
+
+Cấp người dùng. Mặc định là `0`. Xem [Chính sách](../policy.md).
+
+> `ota`: `true` | `false`
+
+Có hay không ép buộc OTA. Nếu `true` và kết nối đến không bật OTA, V2Ray sẽ từ chối kết nối này. Ngược lại.
+
+Nếu trường này không được chỉ định, V2Ray sẽ tự động phát hiện cài đặt OTA từ các kết nối đến.
+
+Khi mã hóa AEAD được sử dụng, `ota` không có hiệu lực.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+Loại mạng được hỗ trợ. Mặc định là `"tcp"`.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "servers": [
+ {
+ "email": "love@v2ray.com",
+ "address": "127.0.0.1",
+ "port": 1234,
+ "method": "method",
+ "password": "password",
+ "ota": false,
+ "level": 0
+ }
+ ]
+}
+```
+
+Ở đâu:
+
+* `email`: Địa chỉ email. Được sử dụng để nhận dạng người dùng.
+* `địa chỉ`: Địa chỉ của máy chủ Shadowsocks. Có thể là IPv4, IPv6 hoặc tên miền.
+* `cổng`: Cổng của máy chủ Shadowsocks.
+* `phương pháp`: Phương thức mã hóa. Không có giá trị mặc định. Các tùy chọn là:
+ * `"aes-256-cfb"`
+ * `"aes-128-cfb"`
+ * `"chacha20"`
+ * `"chacha20-ietf"`
+ * `"aes-256-gcm"`
+ * `"aes-128-gcm"`
+ * `"chacha20-poly1305"` hoặc `"chacha20-ietf-poly1305"`
+* `mật khẩu`: Mật khẩu. Có thể là bất kỳ chuỗi nào.
+* `ota`: Có hay không sử dụng OTA.
+ * Khi sử dụng AEAD, `ota` không có hiệu lực.
+* `cấp độ`: Cấp độ người dùng.
+
+> `servers`: \[[ServerObject](#serverobject)\]
+
+Một mảng [ServerObject](#serverobject)s.
+
+### ServerObject
+
+```javascript
+{
+ "email": "love@v2ray.com",
+ "address": "127.0.0.1",
+ "port": 1234,
+ "method": "加密方式",
+ "password": "密码",
+ "ota": false,
+ "level": 0
+}
+```
+
+> `email`: string
+
+Địa chỉ email. Được sử dụng để nhận dạng người dùng.
+
+> `address`: address
+
+Cần thiết. Địa chỉ máy chủ Shadowsocks. Có thể là IPv4, IPv6 hoặc địa chỉ miền.
+
+> `port`: number
+
+Cần thiết. Cổng máy chủ Shadowsocks.
+
+> `method`: string
+
+Cần thiết. Xem [Phương thức mã hóa](#encryption-methods) để biết các giá trị có sẵn.
+
+> `password`: string
+
+Cần thiết. Mật khẩu trong giao thức Shadowsocks. Có thể là bất kỳ chuỗi nào.
+
+> `ota`: true | false
+
+Có hay không sử dụng OTA. Giá trị mặc định là `false`.
+
+Khi sử dụng mã hóa AEAD, trường này không có hiệu lực.
+
+> `level`: number
+
+Cấp người dùng.
+
+## Phương thức mã hóa
+
+* `"aes-256-cfb"`
+* `"aes-128-cfb"`
+* `"chacha20"`
+* `"chacha20-ietf"`
+* `"aes-256-gcm"`
+* `"aes-128-gcm"`
+* `"chacha20-poly1305"` hoặc `"chacha20-ietf-poly1305"`
\ No newline at end of file
diff --git a/vi/configuration/protocols/socks.md b/vi/configuration/protocols/socks.md
new file mode 100644
index 000000000..84f020bc1
--- /dev/null
+++ b/vi/configuration/protocols/socks.md
@@ -0,0 +1,147 @@
+---
+refcn: chapter_02/protocols/socks
+refen: configuration/protocols/socks
+---
+
+# Socks
+
+* Tên: `vớ`
+* Loại: Inbound / Outbound
+
+Socks là một thực hiện giao thức SOCKS chuẩn, tương thích với [Socks 4](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol), Socks 4a và [Socks 5](http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol).
+
+Cấu hình Socks bao gồm hai phần, `InboundConfigurationObject` và `OutboundConfigurationObject`, cho tương ứng trong và ngoài.
+
+## OutboundConfigurationObject
+
+`OutboundConfigurationObject` được sử dụng làm trường `cài đặt` trong `OutboundObject` trong cấu hình mức cao nhất.
+
+```javascript
+{
+ "servers": [{
+ "address": "127.0.0.1",
+ "port": 1234,
+ "users": [
+ {
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+ }
+ ]
+ }]
+}
+```
+
+> `servers`: \[ [ServerObject](#serverobject) \]
+
+Một loạt các máy chủ Socks.
+
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 1234,
+ "users": [
+ {
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+ }
+ ]
+}
+```
+
+> `address`: address
+
+Vớ địa chỉ máy chủ. Có thể là IPv4, IPv6 hoặc địa chỉ miền.
+
+{% hint style='info' %}
+
+Chỉ hỗ trợ Socks 5 servers.
+
+{% endhint %}
+
+> `port`: number
+
+Vớ cổng máy chủ.
+
+> `users`: \[ [UserObject](#userobject) \]
+
+Một mảng người dùng. Mỗi phần tử trong mảng là một người dùng. Nếu danh sách không trống. Socks inbound sẽ buộc người dùng xác thực. Nếu không, người dùng ẩn danh được cho phép.
+
+### UserObject
+
+```javascript
+{
+ "user": "test user",
+ "pass": "test pass",
+ "level": 0
+}
+```
+
+> `user`: string
+
+Tên người dùng như trong giao thức Socks
+
+> `pass`: string
+
+Mật khẩu như trong giao thức Socks
+
+> `level`: number
+
+Cấp người dùng cho mục đích theo dõi và chính sách. Giá trị mặc định là `0`.
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "auth": "noauth",
+ "accounts": [
+ {
+ "user": "my-username",
+ "pass": "my-password"
+ }
+ ],
+ "udp": false,
+ "ip": "127.0.0.1",
+ "userLevel": 0
+}
+```
+
+> `auth`: "noauth" | "password"
+
+Vớ phương pháp xác thực. `"noauth"` dành cho xác thực ẩn danh và `"mật khẩu"` để xác thực bằng tên người dùng và mật khẩu. Giá trị mặc định là `"noauth"`.
+
+> `accounts`: \[ [AccountObject](#accountobject) \]
+
+Một loạt tài khoản người dùng, cho mục đích tự động. Chỉ có hiệu lực khi `auth` được đặt thành `"password"`.
+
+> `udp`: true | false
+
+Có hay không kích hoạt UDP. Giá trị mặc định là `false`.
+
+> `ip`: address
+
+Khi UDP được bật, V2Ray cần biết địa chỉ IP của máy chủ hiện tại. Giá trị mặc định là `"127.0.0.1"`. Điều này phải được đặt thành địa chỉ IP công khai của máy chủ lưu trữ, nếu bạn muốn cho phép lưu lượng truy cập UDP công khai.
+
+> `userLevel`: number
+
+Cấp người dùng. Tất cả các kết nối đến đều chia sẻ cấp độ người dùng này.
+
+### AccountObject
+
+```javascript
+{
+ "user": "my-username",
+ "pass": "my-password"
+}
+```
+
+> `user`: string
+
+Tên người dùng như trong giao thức Socks
+
+> `pass`: string
+
+Mật khẩu như trong giao thức Socks
\ No newline at end of file
diff --git a/vi/configuration/protocols/vmess.md b/vi/configuration/protocols/vmess.md
new file mode 100644
index 000000000..65497238d
--- /dev/null
+++ b/vi/configuration/protocols/vmess.md
@@ -0,0 +1,196 @@
+---
+refcn: chapter_02/protocols/vmess
+refen: configuration/protocols/vmess
+---
+
+# VMess
+
+* Tên: `vmess`
+* Loại: Inbound / Outbound
+
+[VMess](https://www.v2ray.com/eng/protocols/vmess.html) là một giao thức cho truyền thông được mã hóa. Nó bao gồm cả proxy trong và ngoài.
+
+VMess phụ thuộc vào thời gian hệ thống. Hãy đảm bảo rằng thời gian hệ thống của bạn được đồng bộ với thời gian UTC. Múi giờ không quan trọng. Người ta có thể cài đặt dịch vụ `ntp` trên Linux để tự động điều chỉnh thời gian hệ thống.
+
+## OutboundConfigurationObject
+
+```javascript
+{
+ "vnext": [
+ {
+ "address": "127.0.0.1",
+ "port": 37192,
+ "users": [
+ {
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "alterId": 4,
+ "security": "auto",
+ "level": 0
+ }
+ ]
+ }
+ ]
+}
+```
+
+> `vnext`: \[ [ServerObject](#serverobject) \]
+
+Một mảng, trong đó mỗi phần tử trình bày một máy chủ từ xa
+
+### ServerObject
+
+```javascript
+{
+ "address": "127.0.0.1",
+ "port": 37192,
+ "users": []
+}
+```
+
+> `address`: address
+
+Địa chỉ máy chủ, có thể là IPv4, IPv6 hoặc tên miền.
+
+> `port`: number
+
+Cổng máy chủ
+
+> `users`: \[ [UserObject](#userobject) \]
+
+Một mảng trong đó mỗi phần tử là một người dùng VMess
+
+### UserObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "alterId": 16,
+ "security": "auto",
+ "level": 0
+}
+```
+
+> `id`: string
+
+ID người dùng, ở dạng [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
+
+> `alterId`: number
+
+Number of alternative IDs. The alternative IDs will be generated in a deterministic way. Default to 0. Maximum 65535. Recommend 4. Its value must be not larger than the one in corresponding Inbound.
+
+> `level`: number
+
+Cấp người dùng. Xem [Chính sách](../policy.md) để biết thêm chi tiết.
+
+> `security`: "aes-128-gcm" | "chacha20-poly1305" | "auto" | "none"
+
+Phương pháp mã hóa tải trọng. Cài đặt này chỉ khả dụng ở bên ngoài. VMess inbound sẽ tự động nhận ra thiết lập này và giải mã payload cho phù hợp. Các tùy chọn là:
+
+* `"aes-128-gcm"`: Được khuyến nghị cho PC.
+* `"chacha20-poly1305"`: Được đề xuất cho thiết bị di động.
+* `"auto"`: Giá trị mặc định. Sử dụng `aes-128-gcm` trên AMD64, ARM64 và S390x hoặc `chacha20-poly1305` nếu không.
+* `"none"`: Giao thông không được mã hóa.
+
+{% hint style='info' %}
+
+Sử dụng `"auto"` bất cứ nơi nào có thể để tương thích tốt hơn.
+
+{% endhint %}
+
+## InboundConfigurationObject
+
+```javascript
+{
+ "clients": [
+ {
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "level": 0,
+ "alterId": 4,
+ "email": "love@v2ray.com"
+ }
+ ],
+ "default": {
+ "level": 0,
+ "alterId": 4
+ },
+ "detour": {
+ "to": "tag_to_detour"
+ },
+ "disableInsecureEncryption": false
+}
+```
+
+> `clients`: \[ [ClientObject](#clientobject) \]
+
+Một mảng cho các tài khoản người dùng hợp lệ. Có thể trống khi được sử dụng cho tính năng cổng động.
+
+> `detour`: [DetourObject](#detourobject)
+
+Tính năng tùy chọn để đề xuất khách hàng sử dụng đường vòng. Nếu được chỉ định, nội dung này sẽ hướng dẫn bên ngoài sử dụng một thư đến khác.
+
+> `default`: [DefaultObject](#defaultobject)
+
+Cấu hình máy khách mặc định tùy chọn. Thường được sử dụng với `đường vòng`.
+
+> `disableInsecureEncryption`: true | false
+
+Ngăn cấm khách hàng sử dụng các phương thức mã hóa không an toàn. Khi được đặt thành `true`, các kết nối sẽ bị chấm dứt ngay lập tức nếu sử dụng mã hóa sau. Giá trị mặc định `sai`.
+
+* `không ai`
+* `aes-128-cfb`
+
+### ClientObject
+
+```javascript
+{
+ "id": "27848739-7e62-4138-9fd3-098a63964b6b",
+ "level": 0,
+ "alterId": 4,
+ "email": "love@v2ray.com"
+}
+```
+
+> `id`: string
+
+ID người dùng, ở dạng [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier).
+
+> `level`: number
+
+Cấp người dùng. Xem [Chính sách](../policy.md) để biết cách sử dụng.
+
+> `alterId`: number
+
+Số ID thay thế. Giống như trong Outbound.
+
+> `email`: string
+
+Địa chỉ email để nhận dạng người dùng.
+
+### DetourObject
+
+```javascript
+{
+ "to": "tag_to_detour"
+}
+```
+
+> `to`: string
+
+Thẻ của proxy đến. Xem [Tổng quan](../protocols.md). Nếu được cấu hình, VMess sẽ đề xuất ứng dụng khách của nó để sử dụng đường vòng cho các kết nối khác.
+
+### DefaultObject
+
+```javascript
+{
+ "level": 0,
+ "alterId": 4
+}
+```
+
+> `level`: number
+
+Cấp người dùng.
+
+> `alterId`: number
+
+Number of alternative IDs. Default value 64. Recommend 4.
\ No newline at end of file
diff --git a/vi/configuration/reverse.md b/vi/configuration/reverse.md
new file mode 100644
index 000000000..fb7259e55
--- /dev/null
+++ b/vi/configuration/reverse.md
@@ -0,0 +1,199 @@
+---
+refcn: chapter_02/reverse
+refen: configuration/reverse
+---
+
+# Proxy ngược
+
+Proxy ngược là một tính năng tùy chọn trong V2Ray. Nó chuyển hướng lưu lượng truy cập từ máy chủ đến máy khách. Vì vậy, được gọi là "Reverse" proxy.
+
+{% hint style='tip' %}
+
+Proxy ngược có sẵn trong V2Ray 4.0+. Nó hiện đang trong giai đoạn thử nghiệm và có thể được cải thiện trong tương lai gần.
+
+{% endhint %}
+
+Proxy ngược hoạt động theo cách sau:
+
+* Giả sử có một thiết bị A chạy một máy chủ web. Thiết bị A không có địa chỉ IP công khai và không thể truy cập được từ internet. Có một thiết bị B khác, nói một máy chủ đám mây, có thể truy cập từ internet. Chúng ta cần sử dụng B làm cổng thông tin, để chuyển hướng traffice sang A.
+* Bây giờ chúng tôi cài đặt V2Ray trên thiết bị A, có tên là `bridge`. Và sau đó cài đặt V2Ray trên thiết bị B, có tên là `cổng`.
+* `cầu` sẽ mở các kết nối tới `cổng`. Mục tiêu của họ có thể được tùy chỉnh cho mục đích định tuyến. `cổng` sẽ nhận các kết nối này, cũng như các kết nối từ các ứng dụng khác trên internet. `cổng` sẽ "kết nối" hai loại kết nối này. Sau đó, giao thông interent sẽ được tunneled `cầu`.
+* Sau khi `cầu` nhận lưu lượng truy cập từ internet thông qua `cổng`, nó sẽ gửi lưu lượng truy cập đến máy chủ web trên máy chủ cục bộ. Bạn cũng có thể định cấu hình định tuyến cho các lưu lượng truy cập này.
+* `cầu` sẽ kiểm soát cân bằng tải dựa trên lượng lưu lượng truy cập.
+
+{% hint style='danger' %}
+
+Proxy ngược đã tận dụng [Mux](mux.md). Nó không phải là cần thiết để cấu hình Mux một lần nữa trên đường đi của nó.
+
+{% endhint %}
+
+## ReverseObject
+
+`ReverseObject` được sử dụng làm `ngược` trong cấu hình mức cao nhất.
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }],
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+> `bridges`: \[[BridgeObject](bridgeobject)\]
+
+Một mảng `cầu`s. Mỗi `cầu` là [BridgeObject](bridgeobject).
+
+> `portals`: \[[PortalObject](portalobject)\]
+
+Một mảng `cổng`s. Mỗi cổng `` là [PortalObject](bridgeobject).
+
+### BridgeObject
+
+```javascript
+{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+}
+```
+
+> `tag`: string
+
+Một thẻ. Tất cả lưu lượng khởi xướng của thành viên này `cầu` sẽ có thẻ này. Nó có thể được sử dụng cho [định tuyến](routing.md), được xác định là `inboundTag`.
+
+> `domain`: string
+
+Tên miền. Tất cả các kết nối được khởi tạo bởi `cầu` hướng tới `cổng` sẽ sử dụng tên miền này làm mục tiêu. Tên miền này chỉ được sử dụng để liên lạc giữa `cầu` và `cổng`. Nó không phải là cần thiết để được thực sự đăng ký.
+
+### PortalObject
+
+> `tag`: string
+
+Thẻ. Bạn cần phải chuyển hướng tất cả lưu lượng truy cập đến cổng thông tin `này`, bằng cách nhắm mục tiêu `outboundTag` đến thẻ `này`. Lưu lượng truy cập bao gồm các kết nối từ `cầu`, cũng như lưu lượng truy cập internet.
+
+> `domain`: string
+
+Tên miền. Khi một kết nối nhắm mục tiêu tên miền này, `cổng` xem xét nó là một kết nối từ `cầu`, nếu không nó là một kết nối internet.
+
+{% hint style='tip' %}
+
+Giống như tập quán khác, một trường hợp V2Ray có thể được sử dụng như một `cầu`hoặc `cổng`, hoặc cả hai như cùng một lúc.
+
+{% endhint %}
+
+## Cấu hình ví dụ
+
+`cầu` thường cần hai outbounds. Một để kết nối `cổng`và một cho kết nối máy chủ web cục bộ.
+
+Đảo ngược:
+
+```javascript
+{
+ "bridges": [{
+ "tag": "bridge",
+ "domain": "test.v2ray.com"
+ }]
+}
+```
+
+Outbound:
+
+```javascript
+{
+ "tag": "out"
+ "protocol": "freedom",
+ "settings": {
+ "redirect": "127.0.0.1:80" // Send traffic to local web server
+ }
+},
+{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "portal的IP地址",
+ "port": 1024,
+ "users": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }]
+ },
+ "tag": "interconn"
+}
+```
+
+Định tuyến:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "domain": ["full:test.v2ray.com"],
+ "outboundTag": "interconn"
+ },{
+ "type": "field",
+ "inboundTag": ["bridge"],
+ "outboundTag": "out"
+ }]
+}
+```
+
+`cổng thông tin` thường cần hai giới hạn. Một cho các kết nối từ `cầu`và một cho kết nối internet.
+
+Đảo ngược:
+
+```javascript
+{
+ "portals": [{
+ "tag": "portal",
+ "domain": "test.v2ray.com" // Must be the same as in bridge
+ }]
+}
+```
+
+Trong nước:
+
+```javascript
+{
+ "tag": "external",
+ "port": 80, // Open port 80 for internet HTTP traffic
+ "protocol": "dokodemo-door",
+ "settings": {
+ "address": "127.0.0.1",
+ "port": 80,
+ "network": "tcp"
+ }
+},
+{
+ "port": 1024, // For bridge connections
+ "tag": "interconn",
+ "protocol": "vmess",
+ "settings": {
+ "clients": [{"id": "27848739-7e62-4138-9fd3-098a63964b6b"}]
+ }
+}
+```
+
+Định tuyến:
+
+```javascript
+"routing": {
+ "rules": [{
+ "type": "field",
+ "inboundTag": ["external"],
+ "outboundTag": "portal"
+ },{
+ "type": "field",
+ "inboundTag": ["interconn"],
+ "outboundTag": "portal"
+ }]
+}
+```
+
+{% hint style='tip' %}
+
+Trong thực tế, bạn có thể muốn chạy `cầu` đầu tiên và sau đó là `cổng`.
+
+{% endhint %}
\ No newline at end of file
diff --git a/vi/configuration/routing.md b/vi/configuration/routing.md
new file mode 100644
index 000000000..78865df52
--- /dev/null
+++ b/vi/configuration/routing.md
@@ -0,0 +1,194 @@
+---
+refcn: chapter_02/03_routing
+refen: configuration/routing
+---
+
+# định tuyến
+
+V2Ray có cơ chế định tuyến nội bộ. Nó định tuyến các kết nối gửi đến nhiều hướng đi khác nhau dựa trên các quy tắc. Một tình huống phổ biến là chia lưu lượng truy cập theo quốc gia. V2Ray có thể phát hiện quốc gia mục tiêu (theo địa lý IP) của một kết nối và sau đó gửi kết nối tới proxy đi tương ứng.
+
+## RoutingObject
+
+`RoutingObject` is used as `routing` in top level configuration.
+
+```javascript
+{
+ "domainStrategy": "AsIs",
+ "rules": [],
+ "balancers": []
+}
+```
+
+> `domainStrategy`: "AsIs" | "IPIfNonMatch" | "IPOnDemand"
+
+Chiến lược phân giải miền. Lựa chọn là:
+
+* `"AsIs"`: Chỉ sử dụng miền để định tuyến. Giá trị mặc định.
+* `"IPIfNonMatch"`: Khi không có quy tắc nào khớp với miền hiện tại, V2Ray sẽ giải quyết nó thành địa chỉ IP (bản ghi A hoặc AAAA) và thử lại tất cả các quy tắc.
+ * Nếu một miền có nhiều địa chỉ IP, V2Ray sẽ thử tất cả các địa chỉ đó.
+ * Các IP được giải quyết chỉ được sử dụng cho các quyết định định tuyến, lưu lượng truy cập vẫn được gửi đến địa chỉ tên miền ban đầu.
+* `"IPOnDemand"`: Miễn là có quy tắc dựa trên IP, V2Ray sẽ giải quyết miền đó thành IP ngay lập tức.
+
+> `rules`: \[[RuleObject](#ruleobject)\]
+
+An array of rules. For each inbound connection, V2Ray tries these rules from top down one by one. If a rule takes effect, the connection will be routed to the `outboundTag` (or `balancerTag`, V2Ray 4.4+) of the rule.
+
+> `balancers`: \[ [BalancerObject](#balancerobject) \]
+
+(V2Ray 4.4+) An array of load balancers. When a routing rule points to a load balancer, the balancer will select an outbound based on configuration. Then traffic will be sent to that outbound.
+
+### RuleObject
+
+```javascript
+{
+ "type": "field",
+ "domain": [
+ "baidu.com",
+ "qq.com",
+ "geosite:cn"
+ ],
+ "ip": [
+ "0.0.0.0/8",
+ "10.0.0.0/8",
+ "fc00::/7",
+ "fe80::/10",
+ "geoip:cn"
+ ],
+ "port": "53,443,1000-2000",
+ "network": "tcp",
+ "source": [
+ "10.0.0.1"
+ ],
+ "user": [
+ "love@v2ray.com"
+ ],
+ "inboundTag": [
+ "tag-vmess"
+ ],
+ "protocol":["http", "tls", "bittorrent"],
+ "attrs": "attrs[':method'] == 'GET'",
+ "outboundTag": "direct",
+ "balancerTag": "balancer"
+}
+```
+
+{% hint style='info' %}
+
+When multiple fields are specified, these fields have to be all satisfied, in order to make the rule effective. If you need both `domain` and `ip` rules, it is highly likely you need put them into separate rules.
+
+{% endhint %}
+
+> `type`: "field"
+
+The only valid value for now is `"field"`.
+
+> `domain`: \[ string \]
+
+An array of domains. Available formats are:
+
+* Plaintext: Nếu chuỗi này khớp với bất kỳ phần nào của miền nhắm mục tiêu, quy tắc này sẽ có hiệu lực. Ví dụ: quy tắc `"sina.com"` phù hợp với nhắm mục tiêu tên miền `"sina.com"`, `"sina.com.cn"` và `"www.sina.com"`, nhưng không phải `"sina.cn"`.
+* Cụm từ thông dụng: Bắt đầu bằng `"regexp:"`, phần còn lại là cụm từ thông dụng. Khi regexp khớp với miền nhắm mục tiêu, quy tắc này có hiệu lực. Ví dụ: quy tắc `"regexp: \\. Goo. * \\. Com $"` khớp với `"www.google.com"` và `"fonts.googleapis.com"`, nhưng không phải `"google.com"`.
+* Tên miền phụ (được khuyến nghị): Bắt đầu bằng `"tên miền:"` và phần còn lại là tên miền. Khi tên miền nhắm mục tiêu chính xác là giá trị hoặc là tên miền phụ của giá trị, quy tắc này có hiệu lực. Ví dụ: quy tắc `"tên miền: v2ray.com"` khớp với `"www.v2ray.com"`, `"v2ray.com"`, nhưng không phải `"xv2ray.com"`.
+* Tên miền đầy đủ: Bắt đầu bằng `"đầy đủ:"` và phần còn lại là tên miền. Khi tên miền nhắm mục tiêu chính xác là giá trị, quy tắc sẽ có hiệu lực. Ví dụ: quy tắc `"tên miền: v2ray.com"` khớp với `"v2ray.com"`, nhưng không phải `"www.v2ray.com"`.
+* Pre-defined domain list: Begining with `"geosite:"` and the rest is a name, such as `geosite:google` or `geosite:cn`. See [Pre-defined domain list](#pre-defined-domain-lists) for more detail.
+* Domains from file: Such as `"ext:file:tag"`. The value must begin with `ext:` (lowercase), and followed by filename and tag. The file is placed in [resource directory](env.md#location-of-v2ray-asset), and has the same format of `geosite.dat`. The tag must exist in the file.
+
+> `ip`: \[string\]
+
+An array of IP ranges. When the targeting IP is in one of the ranges, this rule takes effect. Available formats:
+
+* IP: chẳng hạn như `"127.0.0.1"`.
+* [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing): chẳng hạn như `"127.0.0.0/8"`.
+* GeoIP: chẳng hạn như `"geoip: cn"`. Nó bắt đầu với `geoip:` (chữ thường) và theo sau là hai chữ cái của mã quốc gia.
+ * Giá trị đặc biệt `"geoip: private"`: cho tất cả các địa chỉ riêng như `127.0.0.1`.
+* IP từ tệp: Chẳng hạn như `"ext: file: tag"`. Giá trị phải bắt đầu bằng `ext:` (chữ thường) và tiếp theo là tên tệp và thẻ. Tệp được đặt trong [thư mục tài nguyên](env.md#location-of-v2ray-asset)và có cùng định dạng `geoip.dat`. Thẻ phải tồn tại trong tệp.
+
+{% hint style='info' %}
+
+`"ext:geoip.dat:cn"` is equivalent to `"geoip:cn"`.
+
+{% endhint %}
+
+> `port`:number | string
+
+Port range. Formats are:
+
+* `"a-b"`: Both `a` and `b` are positive integers and less than 65536. When the targeting port is in [`a`, `b`), this rule takes effect.
+* `a`: `a` is a positive integer, and less than 65536. When the targeting port is `a`, this rule takes effect.
+* Mix of the two above, separated by ",". Such as `"53,443,1000-2000"`.
+
+> `network`: "tcp" | "udp" | "tcp,udp"
+
+When the connection has in the chosen network, this rule take effect.
+
+> `source`: \[string\]
+
+An array of IP ranges. Same format as `ip`. When the source IP of the connection is in the IP range, this rule takes effect.
+
+> `user`: \[string\]
+
+An array of email address. When the inbound connection uses an user account of the email address, this rule takes effect. For now Shadowsocks and VMess support user with email.
+
+> `inboundTag`: \[string\]
+
+An array of string as inbound proxy tags. When the connection comes from one of the specified inbound proxy, this rule takes effect.
+
+> `protocol`: \[ "http" | "tls" | "bittorrent" \]
+
+An array of string as protocol types. When the connection uses one of the protocols, this rule takes effect. To recognize the protocol of a connection, one must enable `sniffing` option in inbound proxy.
+
+> `attrs`: string
+
+(V2Ray 4.18+) A Starlark script, used for detecting traffic attributes. When this script returns true, this rule takes effect.
+
+[Starlark](https://github.com/bazelbuild/starlark) is a subset of Python. The script takes a global varible named `attrs`. It contains all attributes of the traffic.
+
+At the moment, only http inbound sets `attrs`.
+
+Examples:
+
+* Detect HTTP GET: `"attrs[':method'] == 'GET'"`
+* Detect HTTP Path: `"attrs[':path'].startswith('/test')"`
+* Detect Content Type: `"attrs['accept'].index('text/html') >= 0"`
+
+> `outboundTag` string
+
+[Tag of the outbound](protocols.md) that the connection will be sent to, if this rule take effect.
+
+> `balancerTag`: string
+
+Tag of an load balancer. Then this rule takes effect, V2Ray will use the balancer to select an outbound. Either `outboundTag` or `balancerTag` must be specified. When both are specified, `outboundTag` takes priority.
+
+### BalancerObject
+
+Configuration for a load balancer. When a load balancer takes effective, it selects one outbound from matching outbounds. This outbound will be used for send out-going traffic.
+
+```javascript
+{
+ "tag": "balancer",
+ "selector": []
+}
+```
+
+> `tag`: string
+
+Tag of this `BalancerObject`, to be matched from `balancerTag` in `RuleObject`.
+
+> `selector`: \[ string \]
+
+An array of strings. These strings are used to select outbounds with prefix matching. For example, with the following outbound tags: `[ "a", "ab", "c", "ba" ]`,selector `["a"]` matches `[ "a", "ab" ]`.
+
+When multiple outbounds are selected, load balancer for now picks one final outbound at random.
+
+## Pre-defined domain lists
+
+This is a domain lists maintained by [domain-list-community](https://github.com/v2ray/domain-list-community) project. It provides a file named `geosite.dat` for some predefined domain lists. Notably:
+
+* `category-ads`: Common ads domains.
+* `category-ads-all`: Common ads domains and ads providers' domains.
+* `cn`: Equivalent to an union of `geolocation-cn` and `tld-cn`.
+* `google`: All Google domains.
+* `facebook`: All Facebook domains.
+* `geolocation-cn`: Common domains that serve in China.
+* `geolocation-!cn`: Common domains that don't serve in China
+* `tld-cn`: All .cn and .中国 domains.
\ No newline at end of file
diff --git a/vi/configuration/stats.md b/vi/configuration/stats.md
new file mode 100644
index 000000000..602661da0
--- /dev/null
+++ b/vi/configuration/stats.md
@@ -0,0 +1,43 @@
+---
+refcn: chapter_02/stats
+refen: configuration/stats
+---
+
+# Số liệu thống kê
+
+V2Ray cung cấp một số thông tin về nội bộ của nó.
+
+## StatsObject
+
+`StatsObject` được sử dụng như `số liệu thống kê` trường trong cấu hình cấp cao nhất.
+
+```javascript
+{
+}
+```
+
+Tại thời điểm này không có tham số trong cài đặt thống kê. Số liệu thống kê được bật tự động khi `StatsObject` được đặt ở cấu hình cấp cao nhất. Bạn cũng cần bật cài đặt tương ứng trong [Chính sách](policy.md), để theo dõi số liệu thống kê người dùng hoặc hệ thống.
+
+Tất cả các số liệu thống kê quầy được liệt kê dưới đây:
+
+## Lưu lượng người dùng
+
+Nếu người dùng không có địa chỉ email được đặt trong cài đặt giao thức, thống kê lưu lượng truy cập sẽ không được bật.
+
+> `người dùng>>>[email]>>>giao thông>>>uplink`
+
+Lưu lượng truy cập uplink tích lũy của người dùng cụ thể, tính theo byte.
+
+> `người dùng>>>[email]>>>lưu lượng truy cập>>>đường xuống`
+
+Lưu lượng truy cập đường xuống tích lũy của người dùng cụ thể, tính theo byte.
+
+## Lưu lượng truy cập toàn cầu
+
+> `trong nước>>>[tag]>>>giao thông>>>uplink`
+
+Lưu lượng truy cập uplink tích lũy cụ thể trong nước, tính theo byte.
+
+> `gửi đến>>>[tag]>>>lưu lượng truy cập>>>đường xuống`
+
+Lưu lượng truy cập đường xuống được tích lũy của cụ thể trong nước, tính theo byte.
\ No newline at end of file
diff --git a/vi/configuration/transport.md b/vi/configuration/transport.md
new file mode 100644
index 000000000..fc14553ed
--- /dev/null
+++ b/vi/configuration/transport.md
@@ -0,0 +1,300 @@
+---
+refcn: chapter_02/05_transport
+refen: configuration/transport
+---
+
+# Cài đặt Giao thông
+
+Giao thông vận tải là cách V2Ray gửi và nhận dữ liệu từ các đồng nghiệp của nó. The responsibility of a transport is to reliably transfer data to a peer. Thông thường một kết nối có các kết nối phù hợp trên cả hai điểm cuối. Ví dụ, nếu một V2Ray outbound sử dụng WebSocket như là vận chuyển của nó, thì nó nói đến cũng phải sử dụng WebSocket, nếu không kết nối không thể được thiết lập.
+
+Cài đặt vận chuyển chia thành hai phần: cài đặt chung và mỗi cài đặt proxy. Cài đặt từng proxy xác định cách mỗi proxy riêng xử lý dữ liệu của nó, trong khi cài đặt chung cho tất cả proxy. Thông thường, các proxy gửi đến và gửi đi giữa peer peer phải có cùng các thiết lập truyền tải. Khi proxy không có cài đặt truyền tải, cài đặt chung sẽ được áp dụng.
+
+## TransportObject
+
+`TransportObject` được sử dụng làm `vận tải` trong cấu hình mức cao nhất.
+
+```javascript
+{
+ "tcpSettings": {},
+ "kcpSettings": {},
+ "wsSettings": {},
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {}
+}
+```
+
+> `tcpSettings`: TcpObject
+
+Cài đặt cho [TCP vận chuyển](transport/tcp.md).
+
+> `kcpSettings`: KcpObject
+
+Cài đặt cho [vận chuyển mKCP](transport/mkcp.md).
+
+> `wsSettings`: WebSocketObject
+
+Cài đặt cho [vận chuyển WebSocket](transport/websocket.md).
+
+> `httpSettings`: HttpObject
+
+Cài đặt cho [HTTP / 2](transport/h2.md).
+
+> `dsSettings`: DomainSocketObject
+
+Cài đặt cho [vận chuyển Socket miền](transport/domainsocket.md).
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) Settings for [QUIC transport](transport/quic.md).
+
+## StreamSettingsObject
+
+Each inbound and outbound proxy may has its own transport settings, as specified in `streamSettings` field in top level configuration.
+
+```javascript
+{
+ "network": "tcp",
+ "security": "none",
+ "tlsSettings": {},
+ "tcpSettings": {},
+ "kcpSettings": {},
+ "wsSettings": {},
+ "httpSettings": {},
+ "dsSettings": {},
+ "quicSettings": {},
+ "sockopt": {
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+ }
+}
+```
+
+> `network`: "tcp" | "kcp" | "ws" | "http" | "domainsocket" | "quic"
+
+Network type of the stream transport. Default value `"tcp"`.
+
+> `security`: "none" | "tls"
+
+Type of security. Choices are `"none"` (default) for no extra security, or `"tls"` for using [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security).
+
+> `tlsSettings`: [TLSObject](#tlsobject)
+
+TLS settings. TLS is provided by Golang. Support up to TLS 1.2. DTLS is not supported.
+
+> `tcpSettings`: [TcpObject](transport/tcp.md)
+
+TCP transport configuration for current proxy. Effective only when the proxy uses TCP transport. Configuration is the same as it is in global configuration.
+
+> `kcpSettings`: KcpObject
+
+mKCP transport configuration for current proxy. Effective only when the proxy uses mKCP transport. Configuration is the same as it is in global configuration.
+
+> `wsSettings`: WebSocketObject
+
+WebSocket transport configuration for current proxy. Effective only when the proxy uses WebSocket transport. Configuration is the same as it is in global configuration.
+
+> `httpSettings`: HttpObject
+
+HTTP/2 transport configuration for current proxy. Effective only when the proxy uses HTTP/2 transport. Configuration is the same as it is in global configuration.
+
+> `dsSettings`: DomainSocketObject
+
+Domain socket transport configuration for current proxy. Effective only when the proxy uses domain socket transport. Configuration is the same as it is in global configuration.
+
+> `quicSettings`: QUICObject
+
+(V2Ray 4.7+) QUIC transport configuration for current proxy. Effective only when the proxy uses QUIC transport. Configuration is the same as it is in global configuration.
+
+> `sockopt`: SockoptObject
+
+Socket options for incoming and out-going connections.
+
+### TLSObject
+
+```javascript
+{
+ "serverName": "v2ray.com",
+ "allowInsecure": false,
+ "alpn": ["http/1.1"],
+ "certificates": [],
+ "disableSystemRoot": false
+}
+```
+
+> `serverName`: string
+
+Server name (usually domain) used for TLS authentication. Typically this is used when corressponding inbound/outbound uses IP for communication.
+
+When domain name is specified from inbound proxy, or get sniffed from the connection, it will be automatically used for connection. It is not necessary to set `serverName` in such case.
+
+> `alpn`: \[ string \]
+
+An array of strings, to specifiy the ALPN value in TLS handshake. Default value is `["http/1.1"]`.
+
+> `allowInsecure`: true | false
+
+If `true`, V2Ray allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates.
+
+> `allowInsecureCiphers`: true | false
+
+Whehter or not to allow insecure cipher suites. By default TLS only uses cipher suites from TLS 1.3 spec. Turn on this option to allow cipher suites with static RSA keys.
+
+> `disableSystemRoot`: true | false
+
+(V2Ray 4.18+) Whether or not to disable system root CAs for TLS handshake. Default value is `false`. If set to `true`, V2Ray will use only `certificates` for TLS handshake.
+
+> `certificates`: \[ [CertificateObject](#certificateobject) \]
+
+List of TLS certificates. Each entry is one certificate.
+
+### CertificateObject
+
+```javascript
+{
+ "usage": "encipherment",
+
+ "certificateFile": "/path/to/certificate.crt",
+ "keyFile": "/path/to/key.key",
+
+ "certificate": [
+ "-----BEGIN CERTIFICATE-----",
+ "MIICwDCCAaigAwIBAgIRAO16JMdESAuHidFYJAR/7kAwDQYJKoZIhvcNAQELBQAw",
+ "ADAeFw0xODA0MTAxMzU1MTdaFw0xODA0MTAxNTU1MTdaMAAwggEiMA0GCSqGSIb3",
+ "DQEBAQUAA4IBDwAwggEKAoIBAQCs2PX0fFSCjOemmdm9UbOvcLctF94Ox4BpSfJ+",
+ "3lJHwZbvnOFuo56WhQJWrclKoImp/c9veL1J4Bbtam3sW3APkZVEK9UxRQ57HQuw",
+ "OzhV0FD20/0YELou85TwnkTw5l9GVCXT02NG+pGlYsFrxesUHpojdl8tIcn113M5",
+ "pypgDPVmPeeORRf7nseMC6GhvXYM4txJPyenohwegl8DZ6OE5FkSVR5wFQtAhbON",
+ "OAkIVVmw002K2J6pitPuJGOka9PxcCVWhko/W+JCGapcC7O74palwBUuXE1iH+Jp",
+ "noPjGp4qE2ognW3WH/sgQ+rvo20eXb9Um1steaYY8xlxgBsXAgMBAAGjNTAzMA4G",
+ "A1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA",
+ "MA0GCSqGSIb3DQEBCwUAA4IBAQBUd9sGKYemzwPnxtw/vzkV8Q32NILEMlPVqeJU",
+ "7UxVgIODBV6A1b3tOUoktuhmgSSaQxjhYbFAVTD+LUglMUCxNbj56luBRlLLQWo+",
+ "9BUhC/ow393tLmqKcB59qNcwbZER6XT5POYwcaKM75QVqhCJVHJNb1zSEE7Co7iO",
+ "6wIan3lFyjBfYlBEz5vyRWQNIwKfdh5cK1yAu13xGENwmtlSTHiwbjBLXfk+0A/8",
+ "r/2s+sCYUkGZHhj8xY7bJ1zg0FRalP5LrqY+r6BckT1QPDIQKYy615j1LpOtwZe/",
+ "d4q7MD/dkzRDsch7t2cIjM/PYeMuzh87admSyL6hdtK0Nm/Q",
+ "-----END CERTIFICATE-----"
+ ],
+ "key": [
+ "-----BEGIN RSA PRIVATE KEY-----",
+ "MIIEowIBAAKCAQEArNj19HxUgoznppnZvVGzr3C3LRfeDseAaUnyft5SR8GW75zh",
+ "bqOeloUCVq3JSqCJqf3Pb3i9SeAW7Wpt7FtwD5GVRCvVMUUOex0LsDs4VdBQ9tP9",
+ "GBC6LvOU8J5E8OZfRlQl09NjRvqRpWLBa8XrFB6aI3ZfLSHJ9ddzOacqYAz1Zj3n",
+ "jkUX+57HjAuhob12DOLcST8np6IcHoJfA2ejhORZElUecBULQIWzjTgJCFVZsNNN",
+ "itieqYrT7iRjpGvT8XAlVoZKP1viQhmqXAuzu+KWpcAVLlxNYh/iaZ6D4xqeKhNq",
+ "IJ1t1h/7IEPq76NtHl2/VJtbLXmmGPMZcYAbFwIDAQABAoIBAFCgG4phfGIxK9Uw",
+ "qrp+o9xQLYGhQnmOYb27OpwnRCYojSlT+mvLcqwvevnHsr9WxyA+PkZ3AYS2PLue",
+ "C4xW0pzQgdn8wENtPOX8lHkuBocw1rNsCwDwvIguIuliSjI8o3CAy+xVDFgNhWap",
+ "/CMzfQYziB7GlnrM6hH838iiy0dlv4I/HKk+3/YlSYQEvnFokTf7HxbDDmznkJTM",
+ "aPKZ5qbnV+4AcQfcLYJ8QE0ViJ8dVZ7RLwIf7+SG0b0bqloti4+oQXqGtiESUwEW",
+ "/Wzi7oyCbFJoPsFWp1P5+wD7jAGpAd9lPIwPahdr1wl6VwIx9W0XYjoZn71AEaw4",
+ "bK4xUXECgYEA3g2o9WqyrhYSax3pGEdvV2qN0VQhw7Xe+jyy98CELOO2DNbB9QNJ",
+ "8cSSU/PjkxQlgbOJc8DEprdMldN5xI/srlsbQWCj72wXxXnVnh991bI2clwt7oYi",
+ "pcGZwzCrJyFL+QaZmYzLxkxYl1tCiiuqLm+EkjxCWKTX/kKEFb6rtnMCgYEAx0WR",
+ "L8Uue3lXxhXRdBS5QRTBNklkSxtU+2yyXRpvFa7Qam+GghJs5RKfJ9lTvjfM/PxG",
+ "3vhuBliWQOKQbm1ZGLbgGBM505EOP7DikUmH/kzKxIeRo4l64mioKdDwK/4CZtS7",
+ "az0Lq3eS6bq11qL4mEdE6Gn/Y+sqB83GHZYju80CgYABFm4KbbBcW+1RKv9WSBtK",
+ "gVIagV/89moWLa/uuLmtApyEqZSfn5mAHqdc0+f8c2/Pl9KHh50u99zfKv8AsHfH",
+ "TtjuVAvZg10GcZdTQ/I41ruficYL0gpfZ3haVWWxNl+J47di4iapXPxeGWtVA+u8",
+ "eH1cvgDRMFWCgE7nUFzE8wKBgGndUomfZtdgGrp4ouLZk6W4ogD2MpsYNSixkXyW",
+ "64cIbV7uSvZVVZbJMtaXxb6bpIKOgBQ6xTEH5SMpenPAEgJoPVts816rhHdfwK5Q",
+ "8zetklegckYAZtFbqmM0xjOI6bu5rqwFLWr1xo33jF0wDYPQ8RHMJkruB1FIB8V2",
+ "GxvNAoGBAM4g2z8NTPMqX+8IBGkGgqmcYuRQxd3cs7LOSEjF9hPy1it2ZFe/yUKq",
+ "ePa2E8osffK5LBkFzhyQb0WrGC9ijM9E6rv10gyuNjlwXdFJcdqVamxwPUBtxRJR",
+ "cYTY2HRkJXDdtT0Bkc3josE6UUDvwMpO0CfAETQPto1tjNEDhQhT",
+ "-----END RSA PRIVATE KEY-----"
+ ]
+}
+```
+
+> `usage`: "encipherment" | "verify" | "issue"
+
+Purpose of the certificate. Default value `"encipherment"`. Choices are:
+
+* `"encipherment"`: Chứng chỉ được sử dụng để xác thực và mã hóa TLS.
+* `"verify"`: Chứng chỉ được sử dụng để xác thực chứng chỉ TLS từ đồng đẳng từ xa. Trong trường hợp này, chứng chỉ phải là chứng chỉ CA.
+* `"issue"`: Chứng chỉ được sử dụng để phát hành các chứng chỉ khác. Trong trường hợp này, chứng chỉ phải là chứng chỉ CA.
+
+{% hint style='info' %}
+
+On Windows, you have to install your CA certificate to system, in order to verify cerificates issued from the CA.
+
+{% endhint %}
+
+{% hint style='info' %}
+
+When there is a new client request, say for `serverName` = `"v2ray.com"`, V2Ray will find a certificate for `"v2ray.com"` first. If not found, V2Ray will try to issue a new certificate using any existing certificate whose `usage` is `"issue"` for `"v2ray.com"`. The new certificate expires in one hour, and will be added to certificate pool for later reuse.
+
+{% endhint %}
+
+> `certificateFile`: string
+
+File path to the certificate. If the certificate is generated by OpenSSL, the path ends with ".crt".
+
+{% hint style='info' %}
+
+Use `v2ctl cert -ca` command to generate a new CA certificate.
+
+{% endhint %}
+
+> `certificate`: \[ string \]
+
+List of strings as content of the certificate. See the example above. Either `certificate` or `certificateFile` must not be empty.
+
+> `keyFile`: string
+
+File path to the private key. If generated by OpenSSL, the file usually ends with ".key". Key file with password is not supported.
+
+> `key`: \[ string \]
+
+List of strings as content of the private key. See the example above. Either `key` or `keyFile` must not be empty.
+
+When `certificateFile` and `certificate` are both filled in. V2Ray uses `certificateFile`. Same for `keyFile` and `key`.
+
+{% hint style='info' %}
+
+When `usage` is `"verify"`, both `keyFile` and `key` can be empty.
+
+{% endhint %}
+
+### SockoptObject
+
+```javascript
+{
+ "mark": 0,
+ "tcpFastOpen": false,
+ "tproxy": "off"
+}
+```
+
+> `mark`: number
+
+An integer. If non-zero, the value will be set to out-going connections via socket option SO_MARK. This mechanism only applies on Linux and requires CAP_NET_ADMIN permission.
+
+> `tcpFastOpen`: true | false
+
+Whether or not to enable [TCP Fast Open](https://en.wikipedia.org/wiki/TCP_Fast_Open). When set to `true`, V2Ray enables TFO for current connection. When set to `false`, V2Ray disables TFO. If this entry doesn't exist, V2Ray uses default settings from operating system.
+
+* Chỉ áp dụng trên các hệ điều hành sau:
+ * Windows 10 (1604) trở lên
+ * Mac OS 10.11 / iOS 9 trở lên
+ * Linux 3.16 trở lên: Được bật theo mặc định hệ thống.
+* Áp dụng cho cả kết nối trong và ngoài nước.
+
+> `tproxy`: "redirect" | "tproxy" | "off"
+
+Whether or not to enable transparent proxy on Linux. Choices are:
+
+* `"off"`: Giá trị mặc định. Không kích hoạt TProxy.
+* `"chuyển hướng"`: Bật TProxy với chế độ Chuyển hướng. Hỗ trợ lưu lượng TCP / IPv4 và UDP.
+* `"tproxy"`: Bật TProxy với chế độ TProxy. Hỗ trợ lưu lượng TCP và UDP.
+
+Transparent proxy requires Root or CAP\_NET\_ADMIN permission.
+
+{% hint style='info' %}
+
+If `TProxy` is not set, and `allowRedirect` is set in [dokodemo-door](protocols/dokodemo.md), the value of `TProxy` will be set to `"redirect"` automatically.
+
+{% endhint %}
\ No newline at end of file
diff --git a/vi/configuration/transport/domainsocket.md b/vi/configuration/transport/domainsocket.md
new file mode 100644
index 000000000..7604658ac
--- /dev/null
+++ b/vi/configuration/transport/domainsocket.md
@@ -0,0 +1,30 @@
+---
+refcn: chapter_02/transport/domainsocket
+refen: configuration/transport/domainsocket
+---
+
+# Domain Socket Transport
+
+Domain Socket sử dụng ổ cắm miền Unix chuẩn để truyền tải dữ liệu. Ổ cắm tên miền là kênh chuyển tiếp giữa các hệ thống. Nó không gây nhiễu bộ đệm mạng và có thể nhanh hơn một chút so với trasnferring thông qua mạng loopback cục bộ.
+
+Ổ cắm miền chỉ có thể được sử dụng trên các nền tảng hỗ trợ ổ cắm miền Unix, chẳng hạn như macOS và Linux. Nó không có sẵn trên Windows.
+
+{% hint style='info' %}
+
+Khi ổ cắm miền được sử dụng, IP và cổng được chỉ định trên proxy đến / đi sẽ bị bỏ qua. Tất cả lưu lượng truy cập đều được tunnel qua socket miền.
+
+{% endhint %}
+
+## DomainSocketObject
+
+`DomainSocketObject` được sử dụng trong `dsSettings` trường trong `TransportObject` và `StreamSettingsObject`.
+
+```javascript
+{
+ "path": "/path/to/ds/file"
+}
+```
+
+> `path`: string
+
+Đường dẫn tệp tuyệt đối hợp lệ. Trước khi chạy V2Ray, tệp trên đường dẫn này không được tồn tại.
\ No newline at end of file
diff --git a/vi/configuration/transport/h2.md b/vi/configuration/transport/h2.md
new file mode 100644
index 000000000..7e101092b
--- /dev/null
+++ b/vi/configuration/transport/h2.md
@@ -0,0 +1,29 @@
+---
+refcn: chapter_02/transport/h2
+refen: configuration/transport/h2
+---
+
+# Giao thức HTTP / 2
+
+Giao thức HTTP / 2 được thêm vào trong V2Ray 3.17. Nó dựa trên HTTP / 2 tiêu chuẩn và có thể là proxy thông qua máy chủ HTTP khác, chẳng hạn như Nginx.
+
+Do đề xuất HTTP / 2, việc truyền vào trong và ra ngoài phải cho phép TLS sử dụng phương tiện này.
+
+## HttpObject
+
+`DomainSocketObject` được sử dụng trong `httpSettings` trong `TransportObject` và `StreamSettingsObject`.
+
+```javascript
+{
+ "host": ["v2ray.com"],
+ "path": "/random/path"
+}
+```
+
+> `host`: \[ string \]
+
+Một mảng chuỗi. Mỗi phần tử là một miền. Khách hàng chọn ngẫu nhiên tên miền cho mỗi yêu cầu. Máy chủ kiểm tra xem tên miền trong yêu cầu đến có nằm trong danh sách hay không.
+
+> `path`: string
+
+Đường dẫn HTTP. Máy khách và máy chủ phải có cùng giá trị.
\ No newline at end of file
diff --git a/vi/configuration/transport/mkcp.md b/vi/configuration/transport/mkcp.md
new file mode 100644
index 000000000..05dfa87b1
--- /dev/null
+++ b/vi/configuration/transport/mkcp.md
@@ -0,0 +1,88 @@
+---
+refcn: chapter_02/transport/mkcp
+refen: configuration/transport/mkcp
+---
+
+# mKCP Transport
+
+mKCP là một phương tiện giao thông đáng tin cậy. Nó là một giao thức dựa trên UDP. mKCP gửi nhiều lưu lượng truy cập hơn cho độ trễ thấp hơn. Để chuyển cùng một lượng dữ liệu, mKCP thường đòi hỏi nhiều thông lượng hơn TCP.
+
+## KcpObject
+
+```javascript
+{
+ "mtu": 1350,
+ "tti": 20,
+ "uplinkCapacity": 5,
+ "downlinkCapacity": 20,
+ "congestion": false,
+ "readBufferSize": 1,
+ "writeBufferSize": 1,
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `mtu`: number
+
+Đơn vị truyền tối đa. Nó chỉ ra số byte tối đa mà gói UDP có thể mang theo. Giá trị được đề xuất nằm trong khoảng từ `576` đến `1460`. Giá trị mặc định `1350`.
+
+> `tti`: number
+
+Khoảng thời gian truyền, tính bằng mili giây. mKCP gửi dữ liệu trong khoảng thời gian này. Giá trị được đề xuất nằm trong khoảng từ `10` đến `100`. Giá trị mặc định `50`.
+
+> `uplinkCapacity`: number
+
+Băng thông Uplink, tính bằng MB / s. Băng thông tối đa cho phiên bản V2Ray để tải dữ liệu lên một thiết bị từ xa. Giá trị mặc định là `5`. Xin lưu ý rằng nó là byte (tính bằng MB / s), không phải bit. Người ta có thể sử dụng giá trị `0` cho một băng thông nhỏ.
+
+> `downlinkCapacity`: number
+
+Băng thông đường xuống, tính bằng MB / s. Băng thông tối đa cho phiên bản V2Ray để tải xuống dữ liệu. Giá trị mặc định là `20`. Xin lưu ý rằng nó là byte (tính bằng MB / s), không phải bit. Người ta có thể sử dụng giá trị `0` cho một băng thông nhỏ.
+
+{% hint style='info' %}
+
+`uplinkCapacity` và `downlinkCapacity` xác định tốc độ của mKCP. Ở phía máy khách, `uplinkCapacity` chỉ định tốc độ cho máy khách gửi dữ liệu đến máy chủ. Ở phía máy chủ, `downlinkCapacity` chỉ định tốc độ nhận dữ liệu của máy chủ. Tối thiểu của cặp này có hiệu quả trong một kết nối thực tế.
+
+{% endhint %}
+
+> `congestion`: true | false
+
+Có hay không để cho phép kiểm soát tắc nghẽn. Giá trị mặc định là `false`. Khi điều khiển tắc nghẽn được bật, V2Ray sẽ phát hiện chất lượng mạng. Nó sẽ gửi các gói ít hơn khi mất gói dữ liệu nghiêm trọng, hoặc nhiều dữ liệu hơn khi mạng không được điền đầy đủ.
+
+> `readBufferSize`: number
+
+Đọc kích thước bộ đệm cho một kết nối duy nhất, tính bằng MB. Giá trị mặc định là `2`.
+
+> `writeBufferSize`: number
+
+Ghi kích thước bộ đệm cho một kết nối duy nhất, tính bằng MB. Giá trị mặc định là `2`.
+
+> `header`: [HeaderObject](#headerobject)
+
+Cấu hình cho obfuscation tiêu đề gói.
+
+### HeaderObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: string
+
+Loại obfuscation. Proxy tương ứng vào và ra phải có cùng cài đặt. Lựa chọn là:
+
+* `"none"`: Giá trị mặc định. Không có obfuscation được sử dụng.
+* `"srtp"`: Làm xáo trộn lưu lượng truy cập SRTP. Nó có thể được công nhận là cuộc gọi video như FaceTime.
+* `"utp"`: Làm xáo trộn lưu lượng truy cập uTP. Nó có thể được công nhận là lưu lượng truy cập Bittorrent.
+* `"wechat-video"`: Làm xáo trộn lưu lượng truy cập WeChat.
+* `"dtls"`: Obfuscated dưới dạng gói tin 1.2.
+* `"wireguard"`: Làm xáo trộn các gói WireGuard. (KHÔNG đúng giao thức WireGuard)
+
+## Tín dụng {#credits}
+
+* @ skywind3000 đã phát minh ra giao thức KCP gốc và được triển khai trong C.
+* @xtaci tái triển khai giao thức KCP trong Go.
+* @xiaokangwang tích hợp KCP vào V2Ray.
\ No newline at end of file
diff --git a/vi/configuration/transport/quic.md b/vi/configuration/transport/quic.md
new file mode 100644
index 000000000..aee7406a0
--- /dev/null
+++ b/vi/configuration/transport/quic.md
@@ -0,0 +1,74 @@
+---
+refcn: chapter_02/transport/quic
+refen: configuration/transport/quic
+---
+
+# QUIC
+
+QUIC, or Quick UDP Internet Connection, is a multiplexing transport based on UDP, initially designed, implemented, and deployed by Google.
+
+QUIC has the following advantages:
+
+1. Reduced number of roundtrips in handshake phase. (1-RTT or 0-RTT)
+2. Multiplexing without head of line blocking as in TCP
+3. Connection migration, especially for clients. For example, connections don't break when device moves from Wi-Fi to 4G.
+
+QUIC is now an experiment in V2Ray. It implements IETF specification. As the spec is still being standardized, compatibility can't be guaranteed.
+
+## Update History
+
+V2Ray 4.7:
+
+* Initial version to support QUIC.
+* Default settings:
+ * 12 byte Connection ID
+ * Connection timeout in 30 seconds if no data traffic. (May have impact on some long HTTP connections)
+
+## QuicObject
+
+QUIC is used as `quicSettings` in transport settings. The configuration must be exactly the same between connecting peers.
+
+QUIC requires TLS. If TLS is not enabled in transport settings, V2Ray will automatically issue a TLS certificate for it. When QUIC transport is used, encryption in VMess can be turned off.
+
+```javascript
+{
+ "security": "none",
+ "key": "",
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `security`: "none" | "aes-128-gcm" | "chacha20-poly1305"
+
+Extra encryption over entire QUIC packet, include the frame head part. Default value is "none" for no encryption. After being encrypted, QUIC packets can't be sniff'ed.
+
+> `key`: string
+
+Key for the encryption above. Can be any string. Only effective when `security` is not `"none"`.
+
+> `header`: [HeaderObject](#headerobject)
+
+Configuration for packet header obfuscation.
+
+### HeaderObject
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: string
+
+Type of obfuscation. Corresponding inbound and outbound proxy must have the same settings. Choices are:
+
+* `"none"`: Default value. No obfuscation is used.
+* `"srtp"`: Obfuscated as SRTP traffic. It may be recognized as video calls such as Facetime.
+* `"utp"`: Obfuscated as uTP traffic. It may be recognized as Bittorrent traffic.
+* `"wechat-video"`: Obfuscated to WeChat traffic.
+* `"dtls"`: Obfuscated as DTLS 1.2 packets.
+* `"wireguard"`: Obfuscated as WireGuard packets. (NOT true WireGuard protocol)
+
+{% hint style='info' %} When neither encryption nor obfuscation is enabled, QUIC transport is compatible with other QUIC tools. However it is recommended to enable either or both for better undetectable communication. {% endhint %}
\ No newline at end of file
diff --git a/vi/configuration/transport/tcp.md b/vi/configuration/transport/tcp.md
new file mode 100644
index 000000000..a56ebd960
--- /dev/null
+++ b/vi/configuration/transport/tcp.md
@@ -0,0 +1,130 @@
+---
+refcn: chapter_02/transport/tcp
+refen: configuration/transport/tcp
+---
+
+# TCP Transport
+
+## TcpObject
+
+```javascript
+{
+ "header": {
+ "type": "none"
+ }
+}
+```
+
+> `header`: NoneHeaderObject | HttpHeaderobject
+
+Tiêu đề obfuscation. Giá trị mặc định là `NoneHeaderObject`.
+
+### NoneHeaderObject
+
+Không có tiêu đề obfuscation.
+
+```javascript
+{
+ "type": "none"
+}
+```
+
+> `type`: "none"
+
+Vô hiệu hóa tiêu đề obfuscation.
+
+### HttpHeaderObject
+
+Tiêu đề HTTP obfuscation. Cấu hình phải giống nhau giữa kết nối trong và ngoài.
+
+```javascript
+{
+ "type": "http",
+ "request": {},
+ "response": {}
+}
+```
+
+> `type`: "http"
+
+Bật tính năng obfuscation của tiêu đề HTTP.
+
+> `request`: [HTTPRequestObject](#httprequestobject)
+
+Mẫu yêu cầu HTTP.
+
+> `response`: [HTTPResponseObject](#httpresponseobject)
+
+Mẫu phản hồi HTTP.
+
+### HTTPRequestObject
+
+```javascript
+{
+ "version": "1.1",
+ "method": "GET",
+ "path": ["/"],
+ "headers": {
+ "Host": ["www.baidu.com", "www.bing.com"],
+ "User-Agent": [
+ "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36",
+ "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
+ ],
+ "Accept-Encoding": ["gzip, deflate"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
+ }
+}
+```
+
+> `version`: string
+
+Phiên bản HTTP. Giá trị mặc định là `"1.1"`.
+
+> `method`: string
+
+Phương thức HTTP. Giá trị mặc định là `"NHẬN"`。
+
+> `path`: \[ string \]
+
+Đường dẫn HTTP. Một mảng là chuỗi. Đường dẫn sẽ được chọn ngẫu nhiên cho mọi kết nối.
+
+> `headers`: map{string, \[ string \] }
+
+Tiêu đề HTTP. Chìa khóa của mỗi mục nhập là khóa của tiêu đề HTTP. Giá trị của mỗi mục là một danh sách các chuỗi. Giá trị tiêu đề HTTP thực tế sẽ được chọn ngẫu nhiên từ danh sách cho mỗi kết nối. Giá trị mặc định là các giá trị trong ví dụ trên.
+
+Trong kết nối, tất cả các khóa trong bản đồ được chỉ định sẽ được đặt thành tiêu đề HTTP.
+
+### HTTPResponseObject
+
+```javascript
+{
+ "version": "1.1",
+ "status": "200",
+ "reason": "OK",
+ "headers": {
+ "Content-Type": ["application/octet-stream", "video/mpeg"],
+ "Transfer-Encoding": ["chunked"],
+ "Connection": ["keep-alive"],
+ "Pragma": "no-cache"
+ }
+}
+```
+
+> `version`: string
+
+Phiên bản HTTP. Giá trị mặc định là `"1.1"`.
+
+> `status`: string
+
+Trạng thái HTTP. Giá trị mặc định là `"200"`
+
+> `reason`: string
+
+Thông báo trạng thái HTTP. Giá trị mặc định là `"OK"`.
+
+> `headers`: map{string, string}
+
+Tiêu đề HTTP. Chìa khóa của mỗi mục nhập là khóa của tiêu đề HTTP. Giá trị của mỗi mục là một danh sách các chuỗi. Giá trị tiêu đề HTTP thực tế sẽ được chọn ngẫu nhiên từ danh sách cho mỗi kết nối. Giá trị mặc định là các giá trị trong ví dụ trên.
+
+Trong kết nối, tất cả các khóa trong bản đồ được chỉ định sẽ được đặt thành tiêu đề HTTP.
\ No newline at end of file
diff --git a/vi/configuration/transport/websocket.md b/vi/configuration/transport/websocket.md
new file mode 100644
index 000000000..6aa939527
--- /dev/null
+++ b/vi/configuration/transport/websocket.md
@@ -0,0 +1,35 @@
+---
+refcn: chapter_02/transport/websocket
+refen: configuration/transport/websocket
+---
+
+# WebSocket
+
+Sử dụng WebSocket chuẩn để truyền tải dữ liệu. Các kết nối Websocket có thể được proxy của Nginx ủy nhiệm.
+
+## WebSocketObject
+
+`WebSocketObject` được sử dụng như `wsSettings` trong `TransportObject` hoặc `StreamSettingsObject`.
+
+{% hint style='info' %}
+
+Websocket nhận ra tiêu đề HTTP X-Forwarded-For và sử dụng nó như là địa chỉ nguồn trong nước.
+
+{% endhint %}
+
+```javascript
+{
+ "path": "/",
+ "headers": {
+ "Host": "v2ray.com"
+ }
+}
+```
+
+> `path`: string
+
+Đường dẫn được sử dụng cho WebSocket. Mặc định là root, là `"/"`.
+
+> `headers`: map{string, string}
+
+Tiêu đề HTTP tùy chỉnh. Một mảng trong đó mỗi mục nhập là một cặp giá trị khóa trong chuỗi, cho tiêu đề và giá trị trong tiêu đề HTTP. Mặc định trống.
\ No newline at end of file
diff --git a/vi/developer/tools.md b/vi/developer/tools.md
new file mode 100644
index 000000000..09d258f8e
--- /dev/null
+++ b/vi/developer/tools.md
@@ -0,0 +1,14 @@
+# Tools
+
+## Third Party SDK
+
+* C#: [v2ray-dotnet-sdk](https://github.com/techotaku/v2ray-dotnet-sdk)
+
+## Automation
+
+V2Ray uses the following automation tools for build and releases.
+
+* [Bazel](https://bazel.build/): Build & package.
+* [Azure DevOps](https://dev.azure.com/): Automated releases.
+* [Google Cloud](https://cloud.google.com/): Automated releases.
+* [CloudFlare](https://cloudflare.com/): Official site and domain.
\ No newline at end of file
diff --git a/vi/styles/website.css b/vi/styles/website.css
new file mode 100644
index 000000000..d8d13000a
--- /dev/null
+++ b/vi/styles/website.css
@@ -0,0 +1,35 @@
+.book-summary {
+ font-family: "Helvetica Neue", "Open Sans", sans-serif;
+ font-size: 14px;
+}
+
+.book-header .btn {
+ padding: 0 5px;
+}
+
+.markdown-section {
+ font-family: "Helvetica Neue", "Open Sans", sans-serif;
+ font-weight: 400;
+ font-size: 14px;
+}
+
+.markdown-section pre>code {
+ font-family: "Source Code Pro", monospace;
+ font-weight: 400;
+ font-size: 14px;
+}
+
+.markdown-section code:not([class]) {
+ white-space: nowrap;
+ padding: 0;
+}
+
+.markdown-section blockquote {
+ margin: 0;
+ margin-bottom: .85em;
+ padding: 0 15px;
+ border-left: 4px solid #64b5f6;
+ border-top: 1px solid #64b5f6;
+ color: #000000;
+ margin-top: 10px;
+}
diff --git a/vi/ui_client/README.md b/vi/ui_client/README.md
new file mode 100644
index 000000000..36ac6b5df
--- /dev/null
+++ b/vi/ui_client/README.md
@@ -0,0 +1,13 @@
+---
+refcn: ui_client/index
+refen: ui_client/index
+---
+# Project V Clients
+
+Bên cạnh V2ray lõi, Project V bao gồm nhiều ứng dụng khách GUI khác nhau trên nhiều nền tảng. Vui lòng xem danh sách sau đây để ủng hộ bạn.
+
+* [các cửa sổ](windows.md)
+* [Mac OS X](osx.md)
+* [iOS](ios.md)
+* [Android](android.md)
+* [Dịch vụ trực tuyến](ui_client/service.md)
\ No newline at end of file
diff --git a/vi/ui_client/android.md b/vi/ui_client/android.md
new file mode 100644
index 000000000..73b5b2170
--- /dev/null
+++ b/vi/ui_client/android.md
@@ -0,0 +1,51 @@
+---
+refcn: ui_client/android
+refen: ui_client/android
+---
+# Ứng dụng khách Android
+
+## BifrostV
+
+BifrostV là một ứng dụng Android dựa trên lõi V2Ray. Nó hỗ trợ VMess, Shadowsocks, giao thức vớ.
+
+* Tải xuống: [Cửa hàng Play](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv)
+* Tải xuống: [APK thuần túy](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+## V2RayNG
+
+V2RayNG là một ứng dụng Android dựa trên V2Ray. Nó cung cấp cùng một tính năng được đặt làm lõi V2Ray.
+
+* Tải xuống: [Cửa hàng Play](https://play.google.com/store/apps/details?id=com.v2ray.ang)
+* Nguồn: [GitHub](https://github.com/2dust/v2rayNG)
+
+## V2Ray Go
+
+* Tải xuống: [Cửa hàng Play](https://play.google.com/store/apps/details?id=org.kkdev.v2raygo)
+* Nguồn: [Github](https://github.com/xiaokangwang/V2RayGO)
+
+## Actinium
+
+* Tải xuống: Cửa hàng Play (Không khả dụng)
+* Nguồn: [Github](https://github.com/V2Ray-Android/Actinium)
+
+## Các công cụ khác {#other}
+
+### JuiceSSH
+
+SSH client.
+
+* Tải xuống: [Cửa hàng Play](https://play.google.com/store/apps/details?id=com.sonelli.juicessh)
+* Trang web: [JuiceSSH.com](https://juicessh.com/)
+
+### Termius
+
+Ứng dụng SSH
+
+* Tải xuống: [Cửa hàng Play](https://play.google.com/store/apps/details?id=com.server.auditor.ssh.client)
+
+### Telegram
+
+Thảo luận được mã hóa.
+
+* Trang web: [telegram.org](https://telegram.org/)
+* Tải xuống: [Cửa hàng Play](https://play.google.com/store/apps/details?id=org.telegram.messenger)
\ No newline at end of file
diff --git a/vi/ui_client/ios.md b/vi/ui_client/ios.md
new file mode 100644
index 000000000..5d89b73f1
--- /dev/null
+++ b/vi/ui_client/ios.md
@@ -0,0 +1,62 @@
+---
+refcn: ui_client/ios
+refen: ui_client/ios
+---
+# Ứng dụng khách iOS
+
+## Kitsunebi
+
+Kitsunebi là một ứng dụng iOS dựa trên V2Ray. Nó cung cấp đầy đủ chức năng như V2Ray. Nó cũng hỗ trợ nhập và xuất cấu hình JSON tương thích V2Ray.
+
+* Download: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+## Kitsunebi Lite
+
+Phiên bản nhẹ của Kitsunebi.
+
+* Tải xuống: [iTunes](https://www.v2ray.com/itunes/us/kitsunebi-lite/id1387913765/)
+
+## Shadowrocket
+
+Shadowrocket là một ứng dụng VPN chung. Hỗ trợ nhiều giao thức như Shadowsocks, VMess, SSR, v.v.
+
+* Tải xuống: [iTunes](https://www.v2ray.com/itunes/us/shadowrocket/id932747118/)
+
+## Pepi (là ShadowRay) {#pepi}
+
+Pepi là ứng dụng tương thích V2Ray. Có thể tạo các kết nối VPN dựa trên giao thức VMess và giao tiếp với bất kỳ máy chủ V2Ray nào.
+
+* Tải xuống: [iTunes](https://www.v2ray.com/itunes/us/pepi/id1283082051/)
+
+## Quantumult
+
+* Tải xuống: [iTunes](https://www.v2ray.com/itunes/us/quantumult/id1252015438/)
+
+## Các công cụ khác {#other}
+
+### HyperApp
+
+Một tiện ích để xây dựng các máy chủ với docker.
+
+* Tải xuống: [iTunes](https://www.v2ray.com/itunes/us/hyperapp/id1179750280/)
+* Trang web: [HyperApp.fun](https://www.hyperapp.fun/)
+
+### Termius
+
+SSH client.
+
+* Tải xuống: [iTunes](https://www.v2ray.com/itunes/us/termius/id549039908/)
+
+### Telegram
+
+Thảo luận được mã hóa.
+
+* Trang web: [telegram.org](https://telegram.org/)
+* Tải xuống: [iTunes](https://www.v2ray.com/itunes/us/telegram-messenger/id686449807/)
+
+### ProtonMail
+
+Email được mã hóa.
+
+* Trang web: [protonmail.com](https://protonmail.com/)
+* Tải xuống: [iTunes](https://www.v2ray.com/itunes/us/protonmail-encrypted-email/id979659905/)
\ No newline at end of file
diff --git a/vi/ui_client/osx.md b/vi/ui_client/osx.md
new file mode 100644
index 000000000..b2d77bbbf
--- /dev/null
+++ b/vi/ui_client/osx.md
@@ -0,0 +1,32 @@
+---
+refcn: ui_client/osx
+refen: ui_client/osx
+---
+# Mac OS X
+
+## V2RayX
+
+* Tải xuống: [Github](https://github.com/Cenmrev/V2RayX)
+
+## V2RayU
+
+* Download: [Github](https://github.com/yanue/V2rayU)
+
+## Other tools {#other}
+
+### Visual Studio Code
+
+Trình chỉnh sửa mã nguồn từ Microsoft.
+
+* Website: [code.visualstudio.com](https://code.visualstudio.com/)
+
+### Telegram
+
+Thảo luận được mã hóa.
+
+* Website: [telegram.org](https://telegram.org/)
+* Download: [Mac App Store](https://www.v2ray.com/itunesm/us/telegram-desktop/id946399090/)
+
+### Ứng dụng khách Microsoft Remote Desktop Connection
+
+* Download: [Mac App Store](https://www.v2ray.com/itunesm/us/microsoft-remote-desktop/id715768417/)
\ No newline at end of file
diff --git a/vi/ui_client/service.md b/vi/ui_client/service.md
new file mode 100644
index 000000000..98c669e7a
--- /dev/null
+++ b/vi/ui_client/service.md
@@ -0,0 +1,40 @@
+---
+refcn: ui_client/service
+refen: ui_client/service
+---
+# Dịch vụ trực tuyến
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## V2Ray có liên quan
+
+* [Trình tạo cấu hình](https://htfy96.github.io/v2ray-config-gen/)
+* [Máy phát điện UUID](https://www.uuidgenerator.net/)
+
+## VPN
+
+* [BabyDriver](http://babydriver.me/): Hỗ trợ V2Ray. Mã phiếu giảm giá: bcb518
+* [喵 帕斯](https://xn--i2ru8q2qg.com/): Hỗ trợ V2Ray (beta)
+* [Lanan](https://xn--sjt174g.com/): V2Ray dựa trên dịch vụ VPN. Mã phiếu giảm giá: v2ray
+* [多数 派](https://dspi.io/aff.php?aff=7): Dịch vụ VPN dựa trên V2Ray mới.
+* [V2rayPro](https://myv2.us/): VPN service based on V2Ray. Coupon code: v2ray.com
+* [V2Net](http://v2net.org/): Customized V2Ray service. Promo code: v2ray.com
+
+## Hosting
+
+* [Hãy mã hóa](https://letsencrypt.org/): Chứng chỉ TLS miễn phí
+* [Vultr](https://www.vultr.com/?ref=7269307): VPS
+ * [2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+* [BlueHost](https://www.bluehost.com/track/v2ray/): VPS, web hosting
+* [ClouDNS](https://www.cloudns.net/aff/id/244749/): Domain registration, DNS, SSL certificate
+
+## Cryptocurrency
+
+* [LocalBitcoins](https://localbitcoins.com/?ch=khtm): Trade Bitcoins offline
+* [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g): OTC market to trade BTC, ETH, BCH, USDT.
+* [Binance](https://www.binance.com/?ref=35382451): Trading market for crypto currencies.
+* [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp): Trading market for crypto currencies.
+* [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18): Online crypto currency wallet
+* [PrimeDice](https://primedice.com/?c=default): Dice game with bitcoin.
+* [OneHash](https://www.onehash.com/?ap=56d52158f7e04b169ec54d): Bet sport games with Bitcoin, including World Cup 2018.
+* [Bitsler](https://www.bitsler.com/?ref=VictoriaR): Casino games with Bitcoin.
\ No newline at end of file
diff --git a/vi/ui_client/windows.md b/vi/ui_client/windows.md
new file mode 100644
index 000000000..43342bd04
--- /dev/null
+++ b/vi/ui_client/windows.md
@@ -0,0 +1,37 @@
+---
+refcn: ui_client/windows
+refen: ui_client/windows
+---
+# các cửa sổ
+
+## V2RayW
+
+* Tải xuống: [Github](https://github.com/Cenmrev/V2RayW)
+
+## V2RayN
+
+* Tải xuống: [Github](https://github.com/2dust/v2rayN)
+
+## V2RayS
+
+* Tải xuống: [Github](https://github.com/Shinlor/V2RayS)
+
+## Các công cụ khác {#other}
+
+### PuTTY
+
+SSH client.
+
+* Trang web: [putty.org](http://www.putty.org/)
+
+### Visual Studio Code
+
+Trình chỉnh sửa mã nguồn từ Microsoft.
+
+* Trang web: [code.visualstudio.com](https://code.visualstudio.com/)
+
+### Telegram
+
+Thảo luận được mã hóa.
+
+* Trang web: [telegram.org](https://telegram.org/)
\ No newline at end of file
diff --git a/vi/welcome/command.md b/vi/welcome/command.md
new file mode 100644
index 000000000..2b8d816b3
--- /dev/null
+++ b/vi/welcome/command.md
@@ -0,0 +1,151 @@
+---
+refcn: chapter_00/command
+refen: welcome/command
+---
+
+# Dòng lệnh
+
+## V2Ray
+
+V2Ray có các tham số dòng lệnh sau:
+
+```shell
+v2ray [-version] [-test] [-config=config.json] [-format=json]
+```
+
+> `-phiên bản`
+
+Chỉ in phiên bản V2Ray và sau đó thoát.
+
+> `-kiểm tra`
+
+Kiểm tra cấu hình, xuất ra bất kỳ lỗi nào và sau đó thoát ra.
+
+> `-config`
+
+URI của cấu hình. Định dạng Avilable là:
+
+* Đường dẫn đến tệp cấu hình cục bộ. Có thể là đường dẫn tương đối hoặc đường dẫn tuyệt đối.
+* `"stdin:"`: Cho biết V2Ray để đọc cấu hình từ đầu vào tiêu chuẩn. Người gọi phải đóng stdin sau khi viết cấu hình.
+* Giá trị bắt đầu bằng `http: //` hoặc `https: //` (chữ thường): V2Ray cố tải cấu hình từ địa chỉ từ xa.
+
+> `-định dạng`
+
+Định dạng cấu hình. Lựa chọn là:
+
+* `json`: Định dạng JSON.
+* `pb` hoặc `protobuf`: Định dạng Protobuf.
+
+{% hint style='info' %}
+
+Khi `-config` không được chỉ định, V2Ray đầu tiên cố gắng tải cấu hình từ `config.json` trong thư mục làm việc, sau đó từ thư mục được chỉ định bởi [biến môi trường](../configuration/env.md) `v2ray.location.asset`.
+
+{% endhint %}
+
+## V2Ctl
+
+V2Ctl is a collection of commandline tools. It runs in the following way:
+
+```bash
+v2ctl
+```
+
+> `command`
+
+Subcommand. Available values are below:
+
+* `api`: Invoke remote control commands in V2Ray instances.
+* `config`: Convert configuration from JSON format to protobuf.
+* `cert`: Generate TLS certificates.
+* `fetch`: Fetch remove resources.
+* `tlsping`: (V2Ray 4.17+) Test TLS handshake.
+* `verify`: Verify the signature of V2Ray releases.
+* `uuid`: Generate UUID.
+
+### V2Ctl Api
+
+`v2ctl api [--server=127.0.0.1:8080] `
+
+Invoke remote control commands in V2Ray instances. Example:
+
+`v2ctl api --server=127.0.0.1:8080 LoggerService.RestartLogger ''`
+
+### V2Ctl Config
+
+`v2ctl config`
+
+No option for this command. It reads JSON configuration from stdin, and print out corresponding Protobuf to stdout, if succeeds.
+
+### V2Ctl Cert
+
+`v2ctl cert [--ca] [--domain=v2ray.com] [--expire=240h] [--name="V2Ray Inc"] [--org="V2Ray Inc] [--json] [--file=v2ray]`
+
+Generates a TLS certificate based on options.
+
+> `--ca`
+
+If specified, the certificate will be a CA certificate.
+
+> `--domain`
+
+Alternative Names in the certificate. This option can be used multiple times for multiple domains. For example: `--domain=v2ray.com --domain=v2ray.cool`.
+
+> `--expire`
+
+Expire date of the certificate. Value is a [Golang duration](https://golang.org/pkg/time/#ParseDuration).
+
+> `--name`
+
+Command Name in the certificate.
+
+> `--org`
+
+Orgnization in the certificate.
+
+> `--json`
+
+If specified, the certificate will be printed to stdout in the JSON format that is used in V2Ray.
+
+> `--file`
+
+Prints the certificate into files. When `--file=a`, two files named `a_cert.pem` and `a_key.pem` will be generated.
+
+### V2Ctl Fetch
+
+`v2ctl fetch `
+
+Fetch remove resources and print to stdout. Only HTTP and HTTPS URL are supported.
+
+### V2Ctl TlsPing
+
+`v2ctl tlsping --ip=[ip]`
+
+Test TLS handlshake with specific domain.
+
+> domain
+
+Target domain for the TLS handshake.
+
+> --ip
+
+The IP address of the domain. If not specifed, V2Ctl resolves it through system DNS.
+
+### V2Ctl Verify
+
+`v2ctl verify [--sig=/path/to/sigfile] `
+
+To verify the signature of a V2Ray binary.
+
+> `--sig`
+
+Path to signature file. Default value is the ".sig" file to the path to be verified.
+
+> `filepath`
+
+The file to be verified.
+
+### V2Ctl UUID
+
+`v2ctl uuid`
+
+No options. This command prints a random UUID.
\ No newline at end of file
diff --git a/vi/welcome/donate.md b/vi/welcome/donate.md
new file mode 100644
index 000000000..53afd255d
--- /dev/null
+++ b/vi/welcome/donate.md
@@ -0,0 +1,77 @@
+---
+refcn: chapter_00/02_donate
+refen: welcome/donate
+---
+
+# Quyên góp
+
+V2Ray is a nonprofit project. The source code and its release binary can be used freely (mainly) under MIT licence. If you like this project, you may buy us a cup of coffee.
+
+Your donation has no direct connection to Project V's development and service. Our development will not be influenced by your donation. However, we will send a thank-you email for every donor. If you wish not to receive such email, please leave a note in your donation.
+
+For any donation worth more than $50, you may choose one of the following:
+
+* Your name or your company log shown on our front page for one month.
+* Modify our codebase as you wish. Restrictions: No user facing functionlity changes; no documentation changes. Your change will stay for a month.
+
+## Cách thông thường {#usual-way}
+
+> Paypal
+
+You may donate through [internal Paypal transfer](https://www.paypal.me/ProjectV2Ray/25) or [credit card](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&amount=25¤cy_code=usd&hosted_button_id=4TU3UKYANT2WY)
+
+Please kindly note that Paypal charges high service fee. Any donation less than 1 USD is meaningless.
+
+> Patreon
+
+[Patreon](https://www.patreon.com/v2ray) is a platform for regular donations. You may use Patreon if you want to donate frequently.
+
+> Giftcard
+
+For now we only receive giftcard for Amazon US. You may purchase it [at Amazon.com](https://www.amazon.com/Amazon-eGift-Card-Birthday-Balloons/dp/B01FIS88SY) and then send to `love@v2ray.com`.
+
+## Tiền điện tử {#crypto}
+
+Cryptocurrency is a more reliable way for international transactions. Crypto-wallet is usually anonymous and your donation is not traceable.
+
+Due to the anonymity natural of cryptocurrenty, please send us an email before your donation, if you want to receive the thank-you email.
+
+> Bitcoin
+
+Address: `3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM`
+
+View stats or QR-Code [at BlockChain](https://www.blockchain.com/btc/address/3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM)
+
+> Bitcoin Cash
+
+Address: `15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97`
+
+View stats or QR-Code [at BlockChain](https://explorer.bitcoin.com/bch/address/15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97)
+
+> Ethereum
+
+Address: `0x112ee71189704fe04cabed4aa045f4461c8c8696`
+
+View stats or QR-Code [at BlockChain](https://www.blockchain.com/eth/address/0x112ee71189704fe04cabed4aa045f4461c8c8696). You may also send the following ERC20 tokens to this address: OMG, REP, GNT, DGD
+
+> EOS
+
+Address: `EOS8Civdok4CBN3jCpsaGQijzesjKof1eyaRFuBU5mLMtWVkLsy8a`
+
+> Litecoin
+
+Address: `LVdeH2HkCgGRs8ZEpan7fkAEEPbiJ4McoR`
+
+> Monero
+
+Address: `48kA4NyLRCWQvB7U2A77G66Z25uWbyzmoZSYjxJfrMR1J4dRFW6fWFLDn3wirAqP8ySnR4rnvoXWxfkNFhrK5ZxY1WyBqKg`
+
+> Ripple
+
+Address: `r439fPk8DzCf4nSxkpfodEuE2cG4KVZQHq`
+
+Tag not required
+
+> Other
+
+Please send us an email at `love@v2ray.com` if you want to donate other kind of coins.
\ No newline at end of file
diff --git a/vi/welcome/faq.md b/vi/welcome/faq.md
new file mode 100644
index 000000000..12b8f85ba
--- /dev/null
+++ b/vi/welcome/faq.md
@@ -0,0 +1,67 @@
+---
+refcn: chapter_00/faq
+refen: welcome/faq
+---
+
+# Câu hỏi thường gặp (FAQ)
+
+## Sử dụng V2Ray
+
+### Cách nâng cấp V2Ray
+
+* Tải xuống gói mới nhất hoặc
+* Chạy lại tập lệnh cài đặt (chỉ dành cho Linux)
+
+### Lỗi V2Ray
+
+* Nếu bạn đang sử dụng Linux với systemd, bạn có thể xem nhật ký hoảng loạn bằng lệnh `journalctl -u v2ray`.
+* Nói chung bạn có thể chạy lệnh `v2ray -config = -test` để xem thông tin lỗi.
+
+### Backward Compatibility
+
+* For configuration file (e.g., JSON), backward compatibility applies to at least one major releases. For example, V2Ray 4.x supports config files from V2Ray 3.x.
+* For Protobuf based communication protocols, such as [Api](../configuration/api.md), backward compatibility applies to at least one major releases.
+* For binary based commnunication protocols, such as Shadowsocks and VMess, it is always backward compatible when server version is not older than clients. When client version is newer, backward compatibility applies to at least 12 minor releases.
+
+## Lỗi V2Ray
+
+### Socks: Unknown Socks version: 67
+
+Nguyên nhân có thể
+
+* You are using socks inbound in V2Ray, but your browser is configured to use HTTP proxy.
+
+Dung dịch
+
+* Add a HTTP inbound in V2Ray, and then update your browser proxy settings to use this proxy.
+
+## Giấy phép của dự án này
+
+Project V sử dụng giấy phép sau.
+
+### V2Ray
+
+Mã nguồn và các bản phát hành chính thức được cấp phép theo giấy phép MIT, bao gồm mã nguồn và các bản phát hành trong kho lưu trữ sau.
+
+* [v2ray/v2ray-core](https://www.github.com/v2ray/v2ray-core/)
+* [v2ray/ext](https://www.github.com/v2ray/ext)
+
+### V2Ray.Com
+
+Trang web chính thức, [v2ray.com](https://www.v2ray.com/), được cấp phép theo [Giấy phép Creative Commons Ghi công 4.0 Quốc tế](https://creativecommons.org/licenses/by/4.0/).
+
+* Including all visible text and pictures on the website.
+* Including Project V logo.
+* Including all source code that is used for generating the website, i.e., [v2ray/manual](https://www.github.com/v2ray/manual).
+
+### Screenshot and other files {#screenshots}
+
+Tất cả các tệp của bên thứ ba được liệt kê bên dưới đều thuộc về người tạo của họ. Bất kỳ ai tạo tệp đều sở hữu tệp.
+
+* Including all screenshots of Project V.
+* Including all configuration files that are used to run Project V.
+* Including all logs generated by Project V during runtime.
+
+### Other content {#other}
+
+Tất cả nội dung không được đề cập ở trên sẽ được cấp phép theo từng trường hợp.
\ No newline at end of file
diff --git a/vi/welcome/help.md b/vi/welcome/help.md
new file mode 100644
index 000000000..eaf857d2d
--- /dev/null
+++ b/vi/welcome/help.md
@@ -0,0 +1,117 @@
+---
+refcn: chapter_00/help
+refen: welcome/help
+---
+
+# Ủng hộ
+
+Project V cung cấp nhiều phương thức cho truyền thông.
+
+{% hint style='info' %}
+
+Nhóm dự án V hỗ trợ tiếng Trung và tiếng Anh. Vui lòng chọn một trong hai câu hỏi bạn quen thuộc.
+
+{% endhint %}
+
+## Vấn đề Github
+
+Chúng tôi sử dụng một số kho lưu trữ cho các loại thảo luận khác nhau.
+
+* [Các vấn đề về mã](https://github.com/v2ray/v2ray-core/issues)
+ * Chỉ được sử dụng cho các câu hỏi mã hóa, chẳng hạn như lỗi.
+* [Lộ trình](https://github.com/v2ray/planning/issues)
+* [Thảo luận chung](https://github.com/v2ray/discussion/issues)
+
+## Telegram
+
+Dự án V cung cấp các nhóm sau cho các loại thảo luận khác nhau.
+
+* [Sử dụng](https://t.me/v2fly_chat)
+ * Chỉ dành cho các chủ đề liên quan đến Project V.
+* [Khác](https://t.me/joinchat/DNcazUIYaH80uVfeS716jg)
+ * Đối với các chủ đề khác.
+
+Các chủ đề trong các nhóm này chủ yếu là tiếng Trung. Vui lòng thiết lập các nhóm bằng ngôn ngữ của riêng bạn và cho chúng tôi biết.
+
+{% hint style='danger' %}
+
+Tất cả các nhóm thảo luận đều cấm các chủ đề sau: nội dung người lớn, chính trị, ngôn từ kích động thù địch. Người gửi các chủ đề này sẽ bị cấm hoàn toàn.
+
+{% endhint %}
+
+Ngoài ra, hãy làm theo [Thông báo dự án V](https://t.me/v2fly) để biết tin tức.
+
+## Twitter
+
+[ProjectV2Ray](https://twitter.com/projectv2ray) để liên lạc thường xuyên.
+
+## E-mail
+
+Vui lòng gửi thư đến một trong những địa chỉ dưới đây, nếu bạn muốn nói chuyện riêng với nhóm V2Ray.
+
+`love@v2ray.com`: Địa chỉ email chính để liên lạc. Kiểm tra hàng ngày.
+
+`v2ray@protonmail.com`: Hộp thư [ProtonMail](https://protonmail.com/) sử dụng mã hóa kết thúc đến cuối. Rất khó sử dụng và chỉ thỉnh thoảng được kiểm tra.
+
+{% hint style='info' %}
+
+Đáng buồn là do khối lượng công việc cao, nó không phải là hứa rằng mỗi email được trả lời. Xin lỗi vì sự bất tiện. Đối với các câu hỏi chung, vui lòng sử dụng các nhóm thảo luận ở trên để phản hồi nhanh.
+
+{% endhint %}
+
+Bạn có thể nhận khóa công khai PGP bằng cách tìm kiếm `love@v2ray.com`hoặc sử dụng khóa công khai bên dưới.
+
+```text
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: GPGTools - https://gpgtools.org
+
+mQINBFaPeDABEADAbh3mk58UbKKWndztFKchtTRzU2xFWWRHTdYaNv7Eoo06wrxu
+3eglp0vn+16DIfru4H62TQMS/XSvxib90c4c1tQ4FndVSzv896/IplLKzdrtgn85
+c9eEX4V5b/tKKUmyrG593A/oDdsrpwaIgbNJdzbfqh7WLYESAevRkFJmBZMgfObs
+0pVO/dX6TqS8iV/ARDPbPAzuLosTWXkrRi2+JQmEOKePLsdypRMV9bcgymDA8N6w
+EyGzHyZ2I4wAALtjHXipWFYSZ/4ZK9q9H8G0XV/pk9Y4OFLPGR7T3VCtMwVMhGZk
+CgtcwGOUoE68a/bb9P4FowONnM7tqjM5ef30qNbwe8dMY5DvThffEqQ70LnNc9sj
+OpJF6njxV9ktjjLa3imAB5AStfwX1mBTkQTwnlqAU4pVFcMD6/z+kRFTZGP9nbcY
+cxu5Fg1VVBHHbpgWS39uiwzIBSWVfZj2iHOPcJd9SCZW5xvClcVb1KsU9UD+D88m
+uWBp3TUmxf0f53Uo7Flka1a7MyAEhfcorYsaRioqtPxTZ1z7oYbPLRqLbwmln/YV
+va8XIINQ0hI5phz9kly76ksUqYSz1DRe924/1BwLMs1VzeayB81tOctYd3I7I0aF
+5bF+RLWk0mvYgDBhw/be03PMn17OAkmR6IKNsFcowByNiNaVCLqoE8YVqQARAQAB
+tCFWaWN0b3JpYSBSYXltb25kIDxsb3ZlQHYycmF5LmNvbT6JAj0EEwEKACcFAlaP
+eDACGwMFCQeGH4AFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQV4XalIxIroqu
+ORAAoZNV6LVaDIxjJgH7BFh0oDNEa7Qac+INxkqd62cAmN3vAEF0PlwUhcz80twY
+WvSPMwiLg85wdg/TzM8Ps8umWT6d9rhpkWnlZWyRFYJBpxn6vOpg0OHsgZpJ2+IM
+iREmjK4sYFvuJjGi9e/BT0Mh2+ObcJejwd/+w5vhKb5seva+hw9Fyq569Y2+KMWG
+1M29n3c7NZ6+abYuynxjGdHKOzaTUEGfjrGLZqROD7gb+xtXhBjqKr6jnYlZBAo5
+iEAgnnzbiuDoa6Au+PosB2XZQ+rkecu/3AvmTYZ3wcEJt3FC4Gf9jY2A16ypmArm
+ak2cmLAlz9CIXllFHjqvAHF68UCx2ptxzG3MoWhDFqws09zKSpwLcLdiAWbw//MM
+otzeekx3+b+fjMUa4Eyjg5CvBN0wv2IbEjti744b3HWXW9yOIDrsTrMd8iixfjAe
+3rt9egqTJkLlE8e57Rqnd3E8GpM6LWx8uYXo1aSFxayjJvf+Rvb4VzDA0DHElD2Q
+dRVXJ/mhd14RHDc2QtERcF69GZZ79GFLcTMcXXBlQMDsY0vwBJ56Gi/IGImz9JpT
+swSlU05VSdosMcr01niYoA9BEQjm9Smgd/1b+8qZEAIfvad+SabIRiDacOpN3xSh
+SZzLzIkPukbEp+5hzXt7x22w9M+D6W0Oo22hS8zfV1ZavUa5Ag0EVo94MAEQANoc
+tlwqgv2T372ucpnalh6js8Y/0KkpaevFK6pguZMP6frLX1J05mt+YRUp2UADeqGt
+kuGEiXFZ5cr+smngF0l0HbRkflnILV7wd1WJJmQnvtAbfJfO+tovawUhQH19dLkB
+8KMULcgs0Hrf7QLwus6zs9q0ASu/KkDuQj9gruwWfxk4W5MOQZohk0JcJAZAaBy/
+ojKxz/91YjP3JEEzZuLqLiOz4RK38UBi96u5NEkqrmwCe6SAtpCHsa0dpj6LYZ1y
+1ITmYSUnRwgol/UTRNySkZ2PozX6YFXrdZYtuWir0VClw50tFFkIOCaoT3Q5FpCO
+SSS8smLjT9AAr8U3OZNTfNCQtFSNo8FUBYhXmMgskRC7oeV+t6LJ3rdJxgdaFcA+
+GWL4srMedqxmbmW+8CYGIImmurjTy+C9zAtH88NFMYDnG312IIo9Cse3LnYl7eO/
+KBd3YNvCL096Yqd4B/31fFy74/HaGEfNH7jwLvaY4moRdTff4kBERj7u39UE/jG/
+b4NXmnezUZ55qkYQahoPkUIMzF0tn5bOIh1DOg55Wu/ZYe7DQJVE9L6te6KTxALy
+ycD4WtQaP58SZpxHhGzEjEicPsPE1PpyRoW+Dl8lL+ppMbCl9zAV++BjkNeL5xZN
+dsCtx/jbh+44X9VtK3G+2sdfdC6TqRbW/lELc8P7ABEBAAGJAiUEGAEKAA8FAlaP
+eDACGwwFCQeGH4AACgkQV4XalIxIrorw8RAAg4L9/s8eg90qhslfPjWzvMyi7RvV
+9erHwMB1utxjFDHKknTds2CvnS5JzjpjiT4BT8ICD9cetSP3d7WRNT/XmveeJXjB
+TCxmswrT4H451qsGsCg9eiKIV2is/GolHLnKAvEHICRGsFeCRSB2rNkgWSQ/YJIt
+6vLP1SvwTNY/Y8tyChSbCDaUpvmn4sYf6Qop1Svmn299+22ZVUBp20szsNw233SJ
+IZL0WxSdrMqTdVsZ70m6VEOjOSa15yLryZrwN9U7qbpe2MmuygI90TVGQK4nLZG+
+2XH2YVtBNTl9ZiFdpwq8d7+eMGcStKYQcdy6IZDd3cOeb2sTMUG31HJS3efTmSrT
+tZpOz8TDeNjami78zR5qcW1VmGYbxlZHEhQnpG3U4qWRUZsy5TOYIXKHqCNc3rYH
+iixcKE3UcyHBF7XjdKgpKtsgZfKoDXFz3XATJEeW80GEG05GVMoD9Yvf96Q7lvC6
+U83vL8mHNjuG60KvBk7A9grYaVFioqRvbTdPf41G+tJpYKrHSJXPGglxHnzvBfiD
+WWJIBRTyaCCglZLZ/a1sCsT1DciDWQoqqH7DuK2YvMXG3IDaOfoKAE/uW31azT0B
+X7R92mxQ+gCZgePwG4gOE/xAqHZh84VzdWZJ4cehPgHa/z/enqbQbiQAwTXld4Wt
+PeRpd1GUXXeoGCw=
+=To5T
+-----END PGP PUBLIC KEY BLOCK-----
+```
\ No newline at end of file
diff --git a/vi/welcome/install.md b/vi/welcome/install.md
new file mode 100644
index 000000000..302aa7bbf
--- /dev/null
+++ b/vi/welcome/install.md
@@ -0,0 +1,97 @@
+---
+refcn: chapter_00/install
+refen: welcome/install
+---
+
+# Tải xuống & Cài đặt
+
+## Nền tảng {#platform}
+
+V2Ray có sẵn trên các nền tảng sau:
+
+* Windows 7 trở lên (x86 / amd64)
+* Mac OS X 10.10 Yosemite trở lên (amd64)
+* Linux phiên bản 2.6.23 trở lên (x86 / amd64 / arm / arm64 / mips64 / mips)
+ * Bao gồm nhưng không giới hạn ở Debian 7/8, Ubuntu 12.04 / 14.04 trở lên, CentOS 6/7, Arch Linux
+* FreeBSD (x86 / amd64)
+* OpenBSD (x86 / amd64)
+* Dragonfly BSD (amd64)
+
+## Tải về {#download}
+
+Bạn có thể tìm thấy các gói dựng sẵn tại đây:
+
+1. Phát hành Github: [github.com/v2ray/v2ray-core](https://github.com/v2ray/v2ray-core/releases)
+2. Redistribution: [github.com/v2ray/dist](https://github.com/v2ray/dist)
+3. Homebrew: [github.com/v2ray/homebrew-v2ray](https://github.com/v2ray/homebrew-v2ray)
+4. Arch Linux: [gói / cộng đồng / x86_64 / v2ray /](https://www.archlinux.org/packages/community/x86_64/v2ray/)
+5. Snapcraft: [snapcraft.io/v2ray-core](https://snapcraft.io/v2ray-core)
+
+Tất cả các gói đều ở định dạng ZIP. Tải xuống và giải nén các gói tương ứng vào hệ thống của bạn.
+
+## Kiểm chứng {#verify}
+
+Có 2 cách để xác minh gói.
+
+1. Mỗi tệp `.zip` có tệp `.dgst` tương ứng với các tệp SHA.
+2. Tập tin chữ ký GPG cho các tập tin thực thi (v2ray / v2ray.exe) có thể được tìm thấy trong v2ray.sig (hoặc v2ray.exe.sig) trong cùng một gói. Khóa công khai là [trong kho lưu trữ](https://raw.githubusercontent.com/v2ray/v2ray-core/master/release/verify/official_release.asc).
+
+## Cài đặt trên Windows hoặc Mac OS {#install-windows}
+
+Chạy v2ray / v2ray.exe sau khi giải nén các gói.
+
+## Cài đặt trên Linux {#install-linux}
+
+Chúng tôi cung cấp một kịch bản để cài đặt trên Linux. Kịch bản này phát hiện v2ray đã cài đặt trước đó và sau đó nâng cấp hoặc cài đặt một phiên bản mới cho phù hợp. Nếu có phiên bản trước, tệp cấu hình trong / etc / v2ray sẽ không bị ghi đè trong khi nâng cấp.
+
+Lệnh sau giả định quyền root.
+
+Chạy lệnh sau để cài đặt V2Ray. Nếu yum hoặc apt có sẵn, tập lệnh sẽ cài đặt giải nén và daemon / systemd. Họ được yêu cầu chạy V2Ray như một dịch vụ. Bạn cần cài đặt chúng theo cách thủ công nếu hệ thống Linux của bạn không hỗ trợ yum hoặc apt.
+
+```bash
+curl -Ls https://install.direct/go.sh | sudo bash
+```
+
+Tập lệnh cài đặt các tệp sau.
+
+* `/ usr / bin / v2ray / v2ray`: V2Ray thực thi
+* `/ usr / bin / v2ray / v2ctl`: Tiện ích
+* `/etc/v2ray/config.json`: Tập tin cấu hình
+* `/usr/bin/v2ray/geoip.dat`: Tệp dữ liệu IP
+* `/usr/bin/v2ray/geosite.dat`: tệp dữ liệu miền
+
+Tập lệnh này cũng cấu hình V2Ray để chạy dưới dạng dịch vụ, nếu systemd có sẵn.
+
+Cấu hình ở các vị trí sau.
+
+* `/etc/systemd/system/v2ray.service`: Systemd
+* `/etc/init.d/v2ray`: SysV
+
+Sau khi cài đặt, chúng tôi sẽ cần:
+
+1. Cập nhật tập tin `/etc/v2ray/config.json` cho kịch bản của riêng bạn.
+2. Chạy lệnh `dịch vụ v2ray bắt đầu` để bắt đầu V2Ray.
+3. Tùy chọn chạy `dịch vụ v2ray start | stop | status | reload | restart | force-reload` để điều khiển dịch vụ V2Ray.
+
+### go.sh {#gosh}
+
+go.sh hỗ trợ các tham số sau.
+
+* `-p` hoặc `--proxy`: Sử dụng proxy để tải xuống gói V2Ray. Giống như định dạng curl, chẳng hạn như `"socks5: //127.0.0.1: 1080"` hoặc `"http://127.0.0.1:3128"`.
+* `-f` hoặc `- force`: Bắt buộc cài đặt. Kịch bản sẽ giả định V2Ray chưa được cài đặt.
+* `phiên bản`: Phiên bản sẽ được cài đặt, chẳng hạn như `"v1.13"`. Giá trị mặc định là bản phát hành ổn định mới nhất.
+* `--local`: Sử dụng gói địa phương để cài đặt.
+
+Ví dụ:
+
+* Sử dụng SOCKS proxy 127.0.0.1:1080 để cài đặt gói mới nhất: ```./go.sh -p socks5://127.0.0.1:1080```
+* Cài đặt v1.13 từ tệp cục bộ:```./go.sh --version v1.13 --local /path/to/v2ray.zip```
+
+## Docker {#docker}
+
+V2Ray cung cấp 2 hình ảnh docker:
+
+* [v2ray / official](https://hub.docker.com/r/v2ray/official/): Chứa phiên bản chính thức.
+* [v2ray / dev](https://hub.docker.com/r/v2ray/dev/): Chứa mã mới nhất.
+
+2 hình ảnh có cấu trúc giống như cài đặt Linux.
\ No newline at end of file
diff --git a/vi/welcome/start.md b/vi/welcome/start.md
new file mode 100644
index 000000000..2eddd1173
--- /dev/null
+++ b/vi/welcome/start.md
@@ -0,0 +1,78 @@
+---
+refcn: chapter_00/start
+refen: welcome/start
+---
+
+# Bắt đầu nhanh
+
+Bạn cần phải cấu hình V2Ray sau khi cài đặt nó. Đây là một cấu hình nhanh cho chạy thử. Vui lòng xem [tổng quan về cấu hình](../configuration/overview.md) để có thêm thiết lập nâng cao.
+
+## Khách hàng {#client}
+
+Trên PC của bạn (hoặc di động), chạy V2Ray với cấu hình sau.
+
+```javascript
+{
+ "inbounds": [{
+ "port": 1080, // Port of socks5 proxy. Trỏ trình duyệt của bạn để sử dụng cổng này.
+ "listen": "127.0.0.1",
+ "protocol": "socks",
+ "settings": {
+ "udp": true
+ }
+ }],
+ "outbounds": [{
+ "protocol": "vmess",
+ "settings": {
+ "vnext": [{
+ "address": "server", // Address of your V2Ray server. Có thể là địa chỉ IP hoặc tên miền.
+ "port": 10086, // Port of your V2Ray server.
+ "users": [{ "id": "b831381d-6324-4d53-ad4f-8cda48b30811" }]
+ }]
+ }
+ },{
+ "protocol": "freedom",
+ "tag": "direct",
+ "settings": {}
+ }],
+ "routing": {
+ "domainStrategy": "IPOnDemand",
+ "rules": [{
+ "type": "field",
+ "ip": ["geoip:private"],
+ "outboundTag": "direct"
+ }]
+ }
+}
+```
+
+Vui lòng sửa đổi địa chỉ IP của máy chủ V2Ray của bạn như đã đề cập ở trên. Sau đó, quá trình V2Ray trên máy tính của bạn sẽ ủy quyền tất cả lưu lượng truy cập đến máy chủ V2Ray ngoại trừ lưu lượng truy cập mạng nội bộ.
+
+## Máy chủ {#server}
+
+Bạn cần một máy tính khác để chạy V2Ray làm máy chủ. Thông thường máy tính này nằm bên ngoài tường lửa. Đây là một cấu hình mẫu.
+
+```javascript
+{
+ "inbounds": [{
+ "port": 10086, // Port of the server. Phải giống như trên.
+ "protocol": "vmess",
+ "settings": {
+ "clients": [{ "id": "b831381d-6324-4d53-ad4f-8cda48b30811" }]
+ }
+ }],
+ "outbounds": [{
+ "protocol": "freedom",
+ "settings": {}
+ }]
+}
+```
+
+Vui lòng đảm bảo rằng trường `id` giống nhau giữa máy khách và máy chủ.
+
+## Đang chạy {#running}
+
+* Trên Windows và macOS, tệp cấu hình nằm trong cùng thư mục với nhị phân V2Ray. Bạn có thể chạy `v2ray` hoặc `v2ray.exe` mà không cần tham số bổ sung.
+* Trên Linux, tệp cấu hình thường nằm ở `/etc/v2ray/config.json`. Chạy `v2ray --config = / etc / v2ray / config.json` trong nền trước hoặc sử dụng các công cụ khác như systemd để chạy V2Ray làm quá trình nền.
+
+Xem [Tổng quan](../configuration/overview.md) để biết thêm chi tiết về cấu hình.
\ No newline at end of file
diff --git a/vi/welcome/versions.md b/vi/welcome/versions.md
new file mode 100644
index 000000000..12e54d7e5
--- /dev/null
+++ b/vi/welcome/versions.md
@@ -0,0 +1,487 @@
+---
+refcn: chapter_00/01_versions
+refen: welcome/versions
+---
+
+# Lịch sử phiên bản
+
+This page lists regular releases with feature updates. If a Github release doesn't appear here, it usually only contains bug fixes.
+
+## 2019.03.01 v4.18
+
+* Port list in routing rules now supports mixed format.
+* Updated `geosite` information in routing, and description for static hosts in DNS.
+* Option to not use system root CAs for TLS handshake.
+* New routing rule for traffic attributes.
+
+## 2019.02.22 v4.17
+
+* New sub-command `tlsping` in V2Ctl.
+
+## 2019.02.15 v4.16
+
+For end users:
+
+* DNS outbound proxy now supports to modify DNS server info.
+
+For developers:
+
+* 'ext' repository is now deprecated. [#1541](https://github.com/v2ray/v2ray-core/issues/1541)
+
+## 2019.02.08 v4.15
+
+* DNS outbound proxy.
+
+## 2019.02.01 v4.14
+
+* Static DNS mapping now supports domain to domain mapping.
+
+## 2019.01.18 v4.13
+
+* Quic lib updated. It is not compatible with previous versions.
+* DNS now have `tag` settings.
+
+## 2019.01.11 v4.11
+
+For developers:
+
+* New method: [core.DialUDP](https://github.com/v2ray/v2ray-core/blob/b52725cf659e0f7a38fed2eb36a5a792843bd54f/functions.go#L65)
+* [internet.DialSystem](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/dialer.go#L66) now uses [internet.ListenSystemPacket](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/tcp_hub.go#L65) to establish UDP connections.
+
+## 2018.12.07 v4.8
+
+For end users:
+
+* Bug fixes
+
+For developers:
+
+* New [API doc](https://github.com/v2ray/v2ray-core/blob/master/annotations.go#L13)
+* New method: [internet.RegisterListenerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_listener.go#L63)
+* New method: [internet.RegisterDialerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_dialer.go#L105)
+
+## 2018.11.30 v4.7
+
+* Freedom now supports for dialing IPv4 or IPv6 address only.
+* New QUIC transport.
+
+## 2018.11.23 v4.6
+
+* Freedom now can automatically choose between IPv4 and IPv6 destination address, based on `SendThrough` settings.
+
+## 2018.11.16 v4.4
+
+* Load balancer rules in routing.
+* Memory usage gets optimized.
+
+## 2018.11.05 v4.1
+
+* JSON configuration format changes. Old format is still suported.
+* Performance on GeoIP matching is improved.
+
+## 2018.11.02 v4.0
+
+* Reverse proxy.
+* Release packages for ppc64 and ppc64le.
+
+## 2018.10.12 v3.47
+
+* Migrate to a new continuous delivery pipeline
+
+## 2018.09.28 v3.44
+
+* Dokodemo-door now supports TProxy in Linux.
+
+## 2018.09.21 v3.43
+
+* DNS now supports on-demand queries by domain.
+
+## 2018.09.14 v3.40
+
+* New socket options in transport configuration. It can be used to setup VPNs.
+* New TCP Fast Open option in transport configuration.
+
+## 2018.09.03 v3.38
+
+* mKCP has a new WireGuard header.
+* Fix softfloat binaries in mips/mips64.
+
+## 2018.08.31 v3.37
+
+* Performance of reading network connection in optilized. See [Environment Variables](../configuration/env.md)。
+* VMess uses AES-128-GCM by default on ARM64.
+* Built by Go 1.11.
+
+## 2018.08.24 v3.36
+
+* Great performance improvement on subdomain matching (`domain:`) in routing.
+* Full domain matching is now supported in routing.
+
+## 2018.08.07 v3.34
+
+* Better memory management on most devices.
+
+## 2018.07.27 v3.32
+
+* BitTorrent traffic can now be sniff'ed.
+* New `protocol` option in routing rules for protocol-based routing.
+* New `geosite:speedtest` option in routing rules to match all public servers of speedtest.net.
+
+## 2018.07.20 v3.31
+
+* New [Domain Socket transport](../configuration/transport/domainsocket.md) (Thanks to @xiaokangwang).
+
+## 2018.07.13 v3.30
+
+* Fix an issue that may cause broken connections in mKCP.
+* Thanks to [our friends](https://crowdin.com/project/v2ray) who speak Russian. Now our documents are in [Russian](https://www.v2ray.com/ru/).
+
+## 2018.07.06 v3.29
+
+* New inbound and outbound for MTProto proxy.
+
+## 2018.06.29 v3.27
+
+* DNS now supports EDNS client subnet.
+* DNS static host now supports sub-domain matching.
+
+## 2018.06.15 v3.26
+
+* Add Dragonfly BSD release.
+
+## 2018.06.01 v3.24
+
+* Internal buffer size (per connection) can now be configured in JSON configuration.
+* mKCP now supports DTLS 1.2 header.
+* TLS transport now only support cipher suites in TLS 1.3 spec.
+
+## 2018.05.25 v3.23
+
+* In JSON configuration, port can now be specified from env variables.
+* JSON config now supports to load domains and IPs from specified files.
+
+## 2018.04.20 v3.19
+
+* Traffic stats for inbound proxies.
+
+## 2018.04.13 v3.17
+
+* V2Ray can load config file from HTTP(s).
+* TLS in V2Ray can issue new certificates by provided CA certificates for domains in incoming requests.
+* [HTTP/2](../configuration/transport/h2.md) transport.
+
+## 2018.04.06 v3.16
+
+* [Statistics](../configuration/stats.md).
+* Shadowsocks inbound now can be configured to only listen on UDP. Strongly recommend to not listen on both TCP and UDP on the same port.
+
+## 2018.03.02 v3.11
+
+* A new settings is introduced in VMess inbound, to forbid client using insecure encryption methods.
+* Offers ARMv7 release.
+* Offers MIPS release that doesn't require FPU.
+
+## 2018.02.23 v3.10
+
+* Log entries now contain session ID to distinguish proxy sessions.
+* Bug fixes.
+
+## 2018.02.15 v3.9
+
+* Happy New Year!
+* Bug fixes.
+
+## 2018.02.09 v3.7
+
+* Developer preview: [Remote API](../configuration/api.md)。
+* Bug fixes.
+
+## 2017.12.29 v3.5
+
+* Geoip now supports private network address under name "private".
+
+## 2017.12.22 v3.4
+
+* Websocket nows uses value of X-Forwarded-For header as source address.
+* Support s390x CPU architecture.
+
+## 2017.12.08 v3.1
+
+* Support policy.
+* Config file location can be specified via environment variable.
+
+## 2017.12.01 v3.0
+
+* Support Shadowsocks AEAD
+
+## 2017.11.18 v2.50
+
+* `v2ray` now tried to use `v2ctl` for configuration parsing. Please make sure these 2 files are in the same directory.
+* New `IPOnDemand` strategy in routing.
+
+## 2017.11.10 v2.47
+
+* `geosite` data is now in `geosite.dat` file.
+* Bug fixes.
+
+## 2017.11.03 v2.46
+
+* Router now supports `geosite:cn`, equivalent to existing `chinasites`, but more flexible.
+* Router now supports `geoip`.
+ * File `geoip.dat` is added to release packages. This file contains all `geoip` information and has to stay in the same directory of `v2ray` program. Due to delayed update of installation script, you may have to copy the file manually.
+* Program `v2ctl` is added to release packages. You may run `v2ctl verify /path/to/v2ray` to verify the signature of `v2ray` program.
+
+## 2017.10.27 v2.44
+
+* HTTP now supports Basic Authentication.
+* Some bugs are fixed.
+
+## 2017.10.06 v2.40
+
+* Fix an issue that causes memory leak.
+
+## 2017.09.29 v2.39
+
+* Inbound proxies now close connections more quickly when remote server closes them.
+* Default connection timeout changes to 5 minutes.
+
+## 2017.05.12 v2.27
+
+* New domain mode in router.
+
+## 2017.05.05 v2.26
+
+* Stability fixes.
+
+## 2017.04.28 v2.25
+
+* Simple sniffing on HTTP and TLS traffic for the actual domain on request.
+
+## 2017.04.21 v2.24
+
+* Stabilize Mux.
+* Improves memory efficiency.
+
+## 2017.04.15 v2.23
+
+* Performance improvement in Mux.
+* Max number of connections can be configured in Mux now.
+* Performance improvement in HTTP inbound.
+* connectionReuse setting is removed in favor of Mux.
+
+## 2017.04.08 v2.22
+
+* Mux.Cool protocol.
+
+## 2017.02.25 v2.20
+
+* GPG signature is added to download package.
+* New binary wv2ray.exe is added to Windows package, which runs as a background application.
+
+## 2017.02.18 v2.19
+
+* A new mechanism for anti reply attack is now enforced on server side.
+ * No impact to existing clients.
+* Upgrade of VMess AES-128-GCM / Chacha20-Poly1305 / None encryption methods.
+ * Please upgrade client and server at once.
+ * AES-128-CFB is not affected.
+* Built with Golang 1.8. Add 32-bit MIPS support.
+
+## 2017.02.11 v2.18
+
+* Cleanup WebSocket code.
+* Remove allowPassive option. Now passive connections are always allowed.
+* Bug fixes
+
+## 2017.02.04 v2.17
+
+* Bug fixes.
+
+## 2017.01.28 v2.16
+
+* New 'redirect' option in freedom. It can be used to adapt tools like Shadowsocks Obfs.
+* Performance improvement in VMess non-encryption mode. Not compatible with previous versions.
+* Happy New Year!
+
+## 2017.01.16 v2.15
+
+* All proxies can use mKCP and WebSocket now.
+
+## 2017.01.09 v2.14
+
+* Socks 5 outbound.
+* Bug fixes.
+
+## 2017.01.02 v2.13
+
+* Bug fixes.
+
+## 2016.12.26 v2.12
+
+* Bug fixes.
+
+## 2016.12.19 v2.11
+
+* JSON config file now supports comment.
+
+## 2016.12.12 v2.10
+
+* VMess now supports AES-GCM and ChaCha20-Poly1305 encryption methods.
+
+## 2016.12.05 v2.9
+
+* Fix compatibility with Alpine Linux.
+
+## 2016.11.28 v2.8
+
+* Shadowsocks server now accepts OTA settings.
+* Bug fixes.
+
+## 2016.11.21 v2.7
+
+* Main inbound and outbound connection handler can be tagged now.
+* Bug fixes.
+
+## 2016.11.14 v2.6
+
+* Data sent by one outbound can be proxied to another outbound.
+* Routing can be based on inbound tag.
+
+## 2016.11.07 v2.5
+
+* New Shadowsocks outbound;
+* New TCP header: HTTP;
+
+## 2016.10.24 v2.4
+
+* TCP / mKCP / WebSocket can be configured per inbound / outbound;
+* Routing can be done on source IP;
+
+## 2016.10.17 v2.3
+
+* Introduce new Protobuf-based configuration;
+* OpenBSD binaries;
+* Small fixes;
+
+## 2016.09.19 v2.2
+
+* New transport: WebSocket (Thanks to [@xiaokangwang](https://github.com/xiaokangwang));
+
+## 2016.09.19 v2.1
+
+* mKCP performance improvement;
+
+## 2016.08.20 v2.0
+
+* One year;
+
+## 2016.08.15 v1.24
+
+* New mKCP header: utp;
+* New option in inbound connection config "allowPassive" to allow passive connection;
+
+## 2016.08.08 v1.23
+
+* Optimize mKCP packet format. This version of mKCP is NOT compatible with previous ones;
+* mKCP can now be configured to disguise as video data.
+
+## 2016.08.01 v1.22
+
+* Fix a memory leak in mKCP;
+* Add FreeBSD release;
+
+## 2016.07.25 v1.21
+
+* High performance Chacha20 (Thanks to aead@);
+* Bug fixes;
+
+## 2016.07.18 v1.20
+
+* New KCP options: readBufferSize and writeBufferSize;
+* Bug fixes;
+
+## 2016.07.11 v1.19
+
+* Enable TLS option for all proxies;
+* Fix a performance issue in KCP;
+* Fix an issue in KCP that could cause EOF response;
+
+## 2016.07.04 v1.18
+
+* Fix a "too many open files" issue in KCP;
+* KCP now uses fewer CPU;
+* Other bug fixes;
+
+## 2016.06.19 v1.17
+
+* KCP now is integrated into V2Ray. (Special thanks to [xiaokangwang](https://github.com/xiaokangwang), [xtaci](https://github.com/xtaci) and [skywind3000](https://github.com/skywind3000))
+* Minor bug fixes
+
+## 2016.06.12 v1.16
+
+* TCP connection reuse is now enabled by default;
+* Dokodemo-door is able to recognize TCP connection redirected by iptables;
+* Blackhole is able to send back HTTP forbidden data;
+
+## 2016.06.05 v1.15
+
+* Optionally reuse TCP connection for better performance;
+* Allow listening on a specific IP address;
+* Allow sending data through a specific IP address;
+* Fix an issue in HTTP proxy that may exhaust memory;
+
+## 2016.05.29 v1.14
+
+* Fix a panic issue in http proxy;
+* More functionalies in install script;
+* Static route in DNS;
+* Official server address change;
+
+## 2016.05.16 v1.13
+
+* Internal DNS server, to provide better routing results combined with chinasites and chinaip;
+* Fix an issue in UDP relay;
+
+## 2016.05.01 v1.12.1
+
+* Fix a bug in VMess.
+
+## 2016.05.01 v1.12
+
+* Second try to fix the memory usage issue;
+* Improve Shadowsocks performance;
+* New option "none" in loglevel;
+
+## 2016.04.18 v1.11
+
+* Try to fix the memory usage issue.
+
+## 2016.03.07 v1.10
+
+* Fix an performance issue when dynamic ports refreshes.
+
+## 2016.02.29 v1.9.1
+
+* Fix Shadowsocks one-time authentication (OTA) issue.
+
+## 2016.02.29 v1.9
+
+* Support for Shadowsocks ChaCha20 encryption;
+* Add more direct connection sites to the default configuration file;
+* Dynamic ports now automatically create an account.
+
+## 2016.02.22 v1.8
+
+* Update installation script install-release.sh (thanks, @netcookies):
+ * You can now automatically stop the V2Ray process and update automatically after the completion of V2Ray;
+ * The install-release.sh accepts the --proxy argument and V2Ray specified proxy download;
+* Use Go 1.6 compiler to improve the performance of AES encryption;
+* Minor fixes;
+* Update the official server IP (please re-download the installation package to get the latest configuration).
+
+## 2016.02.08 v1.7
+
+* UDP relay performance improved;
+* Shadowsocks security improved;
+* Minor fixes;
+* Happy new year!
\ No newline at end of file
diff --git a/vi/welcome/workflow.md b/vi/welcome/workflow.md
new file mode 100644
index 000000000..fa3bc9010
--- /dev/null
+++ b/vi/welcome/workflow.md
@@ -0,0 +1,60 @@
+---
+refcn: chapter_00/workflow
+refen: welcome/workflow
+---
+
+# Quy trình làm việc
+
+## Máy chủ đơn
+
+Giống như các proxy khác, bạn cần một máy chủ proxy chạy V2Ray. Sau đó, bạn có thể kết nối với internet thông qua máy chủ đó từ máy tính, thiết bị di động hoặc các thiết bị khác.
+
+```mermaid
+graph LR;
+A(PC) -.- B(Firewall);
+B -.-> C(Blocked Website);
+A --> D(V2Ray/VPS);
+D --> C;
+A --> E(Normal Website);
+```
+
+V2Ray supports connections from multiple devices at the same time, with optionally different protocols. In the mean time, the local routing mechanism can smartly proxy necessary connections only.
+
+## Server Bridge
+
+In the case you don't want configuration V2Ray on each of your devices, you may setup a server within the firewall, and then all traffic go through that server. The server does routing itself.
+
+```mermaid
+graph LR;
+A(PC) -.-> B(Firewall);
+B -.-> C(Blocked Website);
+A --> D(VPS 1);
+D --> E(VPS 2);
+E --> C;
+D --> F(Normal Website);
+```
+
+## Nội bộ
+
+The internal of V2Ray looks like below. It supports multiple inbound proxies, and multiple outbounds. Each of them are independent from others.
+
+```mermaid
+graph LR;
+A1(inbound) --> D(Dispatcher / Router / DNS);
+A2(inbound) --> D;
+A3(inbound) --> D;
+A4(inbound) --> D;
+D --> B1(outbound);
+D --> B2(outbound);
+D --> B3(outbound);
+D --> B4(outbound);
+```
+
+Notes:
+
+* Bạn phải định cấu hình ít nhất một lượt vào và ra ngoài để làm cho V2Ray hoạt động chính xác.
+* Proxy gửi đến giao tiếp với phần mềm ứng dụng khách như trình duyệt.
+* Proxy đi giao tiếp với máy chủ từ xa, chẳng hạn như Apache cho một trang web.
+* Điều phối viên chịu trách nhiệm chọn một đường đi cho một kết nối nhất định, dựa trên các quy tắc có thể cấu hình được.
+
+Detailed configuration can be found [here](../configuration/overview.md).
\ No newline at end of file
diff --git a/zh_cn/README.md b/zh_cn/README.md
index 2745f008d..5a0ff0b7f 100644
--- a/zh_cn/README.md
+++ b/zh_cn/README.md
@@ -1,38 +1,24 @@
-# Project V
+---
+refcn: index
+refen: index
+---
- [](https://www.v2ray.com/en/)
+# Project V
-Project V 包含一系列工具,帮助你打造专属的定制网络体系。
+Project V 是一个工具集合,它可以帮助你打造专属的基础通信网络。Project V 的核心工具称为`V2Ray`,其主要负责网络协议和功能的实现,与其它 Project V 通信。V2Ray 可以单独运行,也可以和其它工具配合,以提供简便的操作流程。
-## 简单介绍
-
-Project V 提供了单一的内核和多种界面操作方式。内核(V2Ray)用于实际的网络交互、路由等针对网络数据的处理,而外围的用户界面程序提供了方便直接的操作流程。
-
-V2Ray 的主要作用是根据用户的配置,对于传入的网络连接进行一定处理,然后发往指定的服务器。它是一个命令行程序,可以接受一个 JSON 格式的配置文件。
-
-本站点主要介绍 V2Ray 本身的工作方式。其它相关程序的介绍由在左侧下方的链接进入。
+本站点主要包含了 V2Ray 的使用手册,以及其它 Project V 相关工具的介绍与链接。
## 主要特性
-### 多协议支持
-
-V2Ray 原生支持 Socks、HTTP、Shadowsocks、VMess 等协议。
-
-* 在一个进程中可以配置不同的端口使用不同的协议进行通讯。
-* 通过不同的传入和传出协议组合,灵活转换通讯格式。
-
-### 可变传输载体
-
-上述协议均可使用 TLS、TCP、mKCP、WebSocket 等传输方式进行传输。
-
-### 灵活的路由
-
-通过内置的路由功能,V2Ray 可以灵活地实现选择性转发、直连或是阻止部分连接。
-
-## 更新本站点
-
-本站点由 GitBook 生成,托管于 GitHub。如需修改本站的内容,请向[这个 Repo](https://github.com/v2ray/manual) 提交 Pull Request。
+* 多入口多出口: 一个 V2Ray 进程可并发支持多个入站和出站协议,每个协议可独立工作。
+* 可定制化路由: 入站流量可按配置由不同的出口发出。轻松实现按区域或按域名分流,以达到最优的网络性能。
+* 多协议支持: V2Ray 可同时开启多个协议支持,包括 Socks、HTTP、Shadowsocks、VMess 等。每个协议可单独设置传输载体,比如 TCP、mKCP、WebSocket 等。
+* 隐蔽性: V2Ray 的节点可以伪装成正常的网站(HTTPS),将其流量与正常的网页流量混淆,以避开第三方干扰。
+* 反向代理: 通用的反向代理支持,可实现内网穿透功能。
+* 多平台支持: 原生支持所有常见平台,如 Windows、Mac OS、Linux,并已有第三方支持移动平台。
-## 版权声明
+{% hint style='info' %}
+本站点由 GitBook2 生成,托管于 GitHub。如需修改本站的内容,请向[这个 Repo](https://github.com/v2ray/manual) 提交 Pull Request。
-本站点所有内容基于[知识共享署名 4.0 国际许可协议](https://creativecommons.org/licenses/by/4.0/deed.zh)进行许可。
+{% endhint %}
diff --git a/zh_cn/SUMMARY.md b/zh_cn/SUMMARY.md
index 7635edda8..860d40c5e 100644
--- a/zh_cn/SUMMARY.md
+++ b/zh_cn/SUMMARY.md
@@ -7,21 +7,21 @@
* [新手上路](chapter_00/start.md)
* [命令行参数](chapter_00/command.md)
* [捐助支持](chapter_00/02_donate.md)
- * [贡献你的 CPU](chapter_00/cpu.md)
* [寻求帮助](chapter_00/help.md)
- * [Telegram](chapter_00/tg.md)
- * [私下联系](chapter_00/pgp.md)
* [常见问题](chapter_00/faq.md)
- * [项目授权](chapter_00/license.md)
* [博客↪](https://steemit.com/@v2ray)
* [白话文教程↪](https://toutyrater.github.io/)
+ * [新白话文教程(社区版)↪](https://guide.v2fly.org/)
* [配置文件](chapter_02/README.md)
* [文件格式](chapter_02/01_overview.md)
+ * [多文件配置](chapter_02/multiple_config.md)
* [协议列表](chapter_02/02_protocols.md)
* [Blackhole](chapter_02/protocols/blackhole.md)
+ * [DNS](chapter_02/protocols/dns.md)
* [Dokodemo](chapter_02/protocols/dokodemo.md)
* [Freedom](chapter_02/protocols/freedom.md)
* [HTTP](chapter_02/protocols/http.md)
+ * [MTProto](chapter_02/protocols/mtproto.md)
* [Shadowsocks](chapter_02/protocols/shadowsocks.md)
* [SOCKS](chapter_02/protocols/socks.md)
* [VMess](chapter_02/protocols/vmess.md)
@@ -31,22 +31,24 @@
* [Mux 配置](chapter_02/mux.md)
* [API 配置](chapter_02/api.md)
* [统计信息](chapter_02/stats.md)
+ * [反向代理](chapter_02/reverse.md)
* [传输配置](chapter_02/05_transport.md)
* [TCP](chapter_02/transport/tcp.md)
* [mKCP](chapter_02/transport/mkcp.md)
* [WebSocket](chapter_02/transport/websocket.md)
* [HTTP/2](chapter_02/transport/h2.md)
+ * [DomainSocket](chapter_02/transport/domainsocket.md)
+ * [QUIC](chapter_02/transport/quic.md)
* [环境变量](chapter_02/env.md)
-* [客户端与服务](ui_client/README.md)
- * [Windows](ui_client/windows.md)
- * [OS X](ui_client/osx.md)
- * [iOS](ui_client/ios.md)
- * [Android](ui_client/android.md)
- * [在线服务](ui_client/service.md)
-* [进阶使用](chapter_03/README.md)
- * [动态端口](chapter_03/00_dynport.md)
- * [Effective V2Ray](chapter_03/01_effective.md)
- * [mKCP](chapter_03/kcp.md)
- * [传出代理](chapter_03/outboundproxy.md)
- * [速度测试](chapter_03/speed.md)
-* [开发人员手册↪](https://www.v2ray.com/eng/index.html)
+* [神一样的工具们](awesome/tools.md)
+ * [以及广告](awesome/ads.md)
+* [开发人员手册](developer/README.md)
+ * [开发计划](developer/intro/roadmap.md)
+ * [开发指引](developer/intro/guide.md)
+ * [核心设计](developer/intro/design.md)
+ * [配置开发环境](developer/intro/compile.md)
+ * [开发工具](developer/intro/tools.md)
+ * 协议细节
+ * [VMess 协议](developer/protocols/vmess.md)
+ * [mKCP 协议](developer/protocols/mkcp.md)
+ * [Mux.Cool](developer/protocols/muxcool.md)
diff --git a/zh_cn/awesome/ads.md b/zh_cn/awesome/ads.md
new file mode 100644
index 000000000..c97b84413
--- /dev/null
+++ b/zh_cn/awesome/ads.md
@@ -0,0 +1,74 @@
+---
+refcn: awesome/ads
+refen: awesome/ads
+---
+
+# 一些推广
+
+以下服务均由第三方提供,和 Project V 没有利益关系,但它们可能会帮助你更好地使用 Project V。
+
+## 自建代理 {#hosting}
+
+> [Let's Encrypt](https://letsencrypt.org/)
+
+Let's Encrypt是一个于2015年三季度推出的数字证书认证机构,旨在以自动化流程消除手动创建和安装证书的复杂流程,并推广使万维网服务器的加密连接无所不在,为安全网站提供免费的SSL/TLS证书。
+
+> [Vultr](https://www.vultr.com/?ref=7269307)
+
+Vultr 是一家提供日本、美国、欧洲等多个国家和地区机房的 VPS 主机商,价格低至 2.5 美元/月。Vultr 根据VPS使用小时来计费,使用多长时间就算多长时间,计费对应的款,并且支持支付宝(Alipay)付费。
+
+> [BlueHost](https://www.bluehost.com/track/v2ray/)
+
+BlueHost作为美国的老牌主机商,在国内也是非常受欢迎的美国主机之一。以稳定性强。速度快著称,在站长中的口碑和流行度也是非常之高。BlueHost主机商为了开拓国内市场,自2014年就推出了中文站,而且也极大的丰富了主机产品,可以满足大多数站长的建站需求。
+
+> [ClouDNS](https://www.cloudns.net/aff/id/244749/)
+
+ClouDNS成立于2010年,公司位于保加利亚,提供免费和收费的 DNS 托管服务。
+
+> [Bandwagon](https://bandwagonhost.com/aff.php?aff=44317)
+
+老牌 VPS 销售商,价格低廉,性价比高。
+
+## VPN
+
+> [BabyDriver](http://babydriver.me/)
+
+支持 V2Ray 的 VPN 服务。优惠码:bcb518
+
+> [喵帕斯](https://xn--i2ru8q2qg.com/)
+
+V2Ray 小范围内测中。
+
+> [蓝岸](https://xn--sjt174g.com/)
+
+基于 V2Ray 的网络加速服务。优惠码:v2ray
+
+> [V2Net](http://v2net.org/)
+
+提供專屬客戶端的V2Ray服務。9折促銷代碼: v2ray.com
+
+> [NicoNode](https://niconode.co/)
+
+支持 V2Ray 的网络加速改善服务。专属促销代码:V2RAYNOW
+
+## 数字货币 {#crypto}
+
+> [LocalBitcoins](https://localbitcoins.com/?ch=khtm)
+
+线下交易比特币
+
+> [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g)
+
+CoinCola 是香港场外交易平台,支持简体中文界面,买卖方几乎都是国人。网页和APP均操作流畅。订单使用支付宝、网银、微信支付,像淘宝购物一样买卖比特币。现支持BTC、ETH、BCH、USDT等货币。
+
+> [币安](https://www.binance.com/?ref=35382451)
+
+数字货币交易所
+
+> [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp)
+
+数字货币交易所
+
+> [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18)
+
+在线数字货币钱包
\ No newline at end of file
diff --git a/zh_cn/awesome/tools.md b/zh_cn/awesome/tools.md
new file mode 100644
index 000000000..48ac63d4a
--- /dev/null
+++ b/zh_cn/awesome/tools.md
@@ -0,0 +1,104 @@
+---
+refcn: awesome/tools
+refen: awesome/tools
+---
+
+# 神一样的工具们
+
+## 图形客户端 {#windows}
+
+> V2RayW
+
+V2RayW 是一个基于 V2Ray 内核的 Windows 客户端。用户可以通过界面生成配置文件,并且可以手动更新 V2Ray 内核。下载:[GitHub](https://github.com/Cenmrev/V2RayW)
+
+> V2RayN
+
+V2RayN 是一个基于 V2Ray 内核的 Windows 客户端。下载:[GitHub](https://github.com/2dust/v2rayN)
+
+> Clash for Windows
+
+下载:[GitHub](https://github.com/Fndroid/clash_for_windows_pkg)
+
+> V2RayX
+
+V2RayX 是一个基于 V2Ray 内核的 Mac OS X 客户端。用户可以通过界面生成配置文件,并且可以手动更新 V2Ray 内核。V2RayX 还可以配置系统代理。下载:[Github](https://github.com/Cenmrev/V2RayX)
+
+> V2RayU
+
+V2rayU,基于v2ray核心的mac版客户端,界面友好,使用swift4.2编写,支持vmess,shadowsocks,socks5等服务协议,支持订阅, 支持二维码,剪贴板导入,手动配置,二维码分享等。下载:[GitHub](https://github.com/yanue/V2rayU)
+
+> ClashX
+
+下载:[GitHub](https://github.com/yichengchen/clashX)
+
+> Qv2ray
+
+Qv2ray:使用 Qt 和 C++ 编写的 V2ray 图形客户端,包含订阅管理,vmess SS socks 编辑器,网速图表和一个易于使用的路由编辑器。
+
+项目地址:[https://github.com/Qv2ray/Qv2ray](https://github.com/Qv2ray/Qv2ray)
+
+> Mellow
+
+Mellow 是一个基于规则的全局透明代理工具,可以运行在 Windows、macOS 和 Linux 上,也可以配置成路由器透明代理或代理网关,支持 SOCKS、HTTP、Shadowsocks、VMess 等多种代理协议。
+
+Download: [Github](https://github.com/mellow-io/mellow)
+
+> Kitsunebi
+
+Kitsunebi 是一个基于 V2Ray 核心的移动平台应用 (iOS, Android)。它可以创建基于 VMess 或者 Shadowsocks 的 VPN 连接。Kitsunebi 支持导入和导出与 V2Ray 兼容的 JSON 配置。
+
+由于使用 V2Ray 核心,Kitsunebi 几乎支持 V2Ray 的所有功能,比如 Mux 和 mKCP。
+
+下载:[iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8) | [Play Store](https://play.google.com/store/apps/details?id=fun.kitsunebi.kitsunebi4android&hl=en_US)
+
+> i2Ray
+
+i2Ray 是另一款基于 V2Ray 核心的iOS应用。界面简洁易用,适合新手用户使用。同时兼容Shadowrocket和Quantumult格式的规则导入。
+
+下载:[iTunes](https://itunes.apple.com/us/app/i2ray/id1445270056?mt=8)
+
+> Shadowrocket
+
+Shadowrocket 是一个通用的 iOS VPN 应用,它支持众多协议,如 Shadowsocks、VMess、SSR 等。
+
+下载:[iTunes](https://itunes.apple.com/us/app/shadowrocket/id932747118?mt=8)
+
+> Pepi(原名ShadowRay)
+
+Pepi 是一个兼容 V2Ray 的 iOS 应用,它可以创建基于 VMess 的 VPN 连接,并与 V2Ray 服务器通信。
+
+下载:[iTunes](https://itunes.apple.com/us/app/pepi/id1283082051?mt=8)
+
+> Quantumult
+
+下载:[iTunes](https://itunes.apple.com/us/app/quantumult/id1252015438?mt=8)
+
+> BifrostV
+
+BifrostV 是一个基于 V2Ray 内核的 Android 应用,它支持 VMess、Shadowsocks、Socks 协议。
+
+下载:[Play Store](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv) | [APK Pure](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+> V2RayNG
+
+V2RayNG 是一个基于 V2Ray 内核的 Android 应用,它可以创建基于 VMess 的 VPN 连接。
+
+下载:[Play Store](https://play.google.com/store/apps/details?id=com.v2ray.ang) | [GitHub](https://github.com/2dust/v2rayNG)
+
+## 在线工具/资源 {#online}
+
+> VeekXT V2Ray配置生成
+
+支持 4.x 版本的配置文件生成器 [veekxt.com](https://www.veekxt.com/utils/v2ray_gen)
+
+> V2Ray 配置生成器
+
+静态 V2Ray 配置文件生成页面 [GitHub](https://github.com/htfy96/v2ray-config-gen)
+
+> UUID Generator
+
+VMess User ID 生成工具 [uuidgenerator.net](https://www.uuidgenerator.net)
+
+> vTemplate 项目仓库
+
+一个 V2Ray 配置文件模板收集仓库 [GitHub](https://github.com/KiriKira/vTemplate)
diff --git a/zh_cn/book.json b/zh_cn/book.json
index f070371d7..655bc2d22 100644
--- a/zh_cn/book.json
+++ b/zh_cn/book.json
@@ -3,7 +3,32 @@
"title": "Project V 官方网站",
"plugins" : [
"-fontsettings",
-
- "anchors"
- ]
+ "-search",
+ "-lunr",
+ "-highlight",
+ "-sharing",
+
+ "mermaid-gb3",
+ "anchors",
+ "ga",
+ "prism",
+ "prism-themes",
+ "hints"
+ ],
+ "pluginsConfig": {
+ "ga": {
+ "token": "UA-73620536-1"
+ },
+ "prism": {
+ "css": [
+ "prism-themes/themes/prism-base16-ateliersulphurpool.light.css"
+ ],
+ "lang": {
+ "objc": "objectivec",
+ "shell": "bash",
+ "text": "textile",
+ "plain": "textile"
+ }
+ }
+ }
}
diff --git a/zh_cn/chapter_00/01_versions.md b/zh_cn/chapter_00/01_versions.md
index 1a8f9438e..194393d16 100644
--- a/zh_cn/chapter_00/01_versions.md
+++ b/zh_cn/chapter_00/01_versions.md
@@ -1,10 +1,191 @@
+---
+refcn: chapter_00/01_versions
+refen: welcome/versions
+---
+
# 更新日志
- [](https://www.v2ray.com/en/welcome/versions.html)
+本页列出了常规版本的功能升级记录,未列出的版本通常为 bug 修复。
+
+## 2019.07.12 v4.20.0
+
+* 支持H2C(HTTP2不强制TLS)
+* 日志使用none级别时禁用所有显示
+* 修复Bazel 0.26+兼容
+* 一些代码优化
+
+## 2019.06.03 v4.19.1
+
+* 路由支持自定义文件
+* 安装脚本支持小版本检测
+* 一些代码优化
+
+## 2019.05.18 v4.18.2
+
+* 修复Windows下配置文件过大读取错误
+
+## 2019.04.15 v4.18.1
+
+ * 支持TLS1.3
+ * 修复错误域名导致的崩溃
+ * 修改GoCache目录的强制要求
+
+## 2019.03.01 v4.18
+
+* 路由中的端口列表新增了混合格式。
+* 更新了路由中`geosite`的说明,和 DNS 服务器中静态域名列表的说明。
+* TLS 配置中添加了禁用系统 CA 的选项。
+* 路由中添加了流量属性检测,可用于检测 URL。
+
+## 2019.02.22 v4.17
+
+* V2Ctl 中新增了 `tlsping` 工具。
+
+## 2019.02.15 v4.16
+
+使用相关:
+
+* DNS 传出代理支持修改目标 DNS 服务器的设定。
+
+开发相关:
+
+* 'ext' 仓库已完全迁移到 'core'。[#1541](https://github.com/v2ray/v2ray-core/issues/1541)
+
+## 2019.02.08 v4.15
+
+* DNS 传出代理。
+
+## 2019.02.01 v4.14
+
+* DNS 支持了静态域名到域名的匹配。
+
+## 2019.01.18 v4.13
+
+* 更新了 Quic 库,与之前的版本不兼容。
+* DNS 配置中新增了`tag`选项。
+
+## 2019.01.11 v4.11
+
+开发相关:
+
+* 新增了 [core.DialUDP](https://github.com/v2ray/v2ray-core/blob/b52725cf659e0f7a38fed2eb36a5a792843bd54f/functions.go#L65)
+* [internet.DialSystem](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/dialer.go#L66) 现在会调用 [internet.ListenSystemPacket](https://github.com/v2ray/v2ray-core/blob/a1b552f9487d2687228dd1d89003087331f62eab/transport/internet/tcp_hub.go#L65) 去建立 UDP 连接。
+
+## 2018.12.07 v4.8
+
+使用相关:
+
+* Bug 修复
+
+开发相关:
+
+* 新增了 [API 文档](https://github.com/v2ray/v2ray-core/blob/master/annotations.go#L13)
+* 新增了 [internet.RegisterListenerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_listener.go#L63) 方法
+* 新增了 [internet.RegisterDialerController](https://github.com/v2ray/v2ray-core/blob/v4.8.0/transport/internet/system_dialer.go#L105) 方法
+
+## 2018.11.30 v4.7
+
+* Freedom 中新增了 UseIPv4 和 UseIPv6 模式。
+* 传输方式新增了 QUIC。
+
+## 2018.11.23 v4.6
+
+* Freedom 的`"UseIP"`模式会根据出站所用的 IP 地址自动使用 IPv4 或 IPv6 目标地址。
+
+## 2018.11.16 v4.4
+
+* 路由中新增了负载均衡配置。
+* 优化了内存使用效率。
+
+## 2018.11.05 v4.1
+
+* 配置文件格式简化。主要是传入传出代理和路由部分。旧版格式仍然可用,但推荐尽快升级到最新格式。
+* 优化了 GeoIP 的性能,减少了内存占用,提升了匹配效率。
+
+## 2018.11.02 v4.0
+
+* 反向代理
+* 新增了 ppc64 和 ppc64le 预编译包。
+
+## 2018.10.12 v3.47
+
+* 升级了自动构建工具
+
+## 2018.09.28 v3.44
+
+* Dokodemo-door 现已支持 Linux 的 TProxy。
+
+## 2018.09.21 v3.43
+
+* DNS 查询支持了按域名选择服务器的功能。
+
+## 2018.09.14 v3.40
+
+* 传输配置中新增了连接选项,可用于配置 VPN。
+* 传输配置中新增了 TCP Fast Open 选项。
+
+## 2018.09.03 v3.38
+
+* mKCP 中新增了 WireGuard 伪装。
+* 修复了 mips/mips64 中 softfloat 版本的编译问题。
+
+## 2018.08.31 v3.37
+
+* 优化了读取网络连接时的性能,见[环境变量](../chapter_02/env.md)。
+* VMess 在 ARM64 平台上将默认使用 AES-128-GCM 作为加密方式。
+* 使用 Go 1.11 编译。
+
+## 2018.08.24 v3.36
+
+* 大幅提升了路由中子域名(`domain:`)匹配的效率。
+* 路由中支持了完整域名匹配。
+
+## 2018.08.07 v3.34
+
+* 在大多数设备上有了更精确的内存控制
+
+## 2018.07.27 v3.32
+
+* 现在可以探测 BitTorrent 流量了。
+* 路由配置中新增了`protocol`选项用于按流量类型进行路由选择。
+* 路由配置中新增了`geosite:speedtest`用于适配所有的 Speedtest.net 公用服务器。
+
+## 2018.07.20 v3.31
+
+* 新增了 [Domain Socket 传输方式](../chapter_02/transport/domainsocket.md) (感谢 @xiaokangwang)。
+
+## 2018.07.13 v3.30
+
+* 解决了一个可能会导致 mKCP 断流的问题。
+* 感谢来自俄罗斯的朋友,我们现在有[俄语文档](https://www.v2ray.com/ru/)了。
+
+## 2018.07.06 v3.29
+
+* 新增了 MTProto 代理协议。
+
+## 2018.06.29 v3.27
+
+* DNS 支持了 EDNS client subnet。
+* DNS 的静态 IP 匹配现在支持子域名了。
+
+## 2018.06.15 v3.26
+
+* 新增了 Dragonfly BSD 的预编译版本。
+
+## 2018.06.01 v3.24
+
+* JSON 配置中新增了用户级别的缓存控制选项。
+* mKCP 新增了 DTLS 伪装。
+* TLS 现在默认只使用 TLS 1.3 推荐的加密套件。
+
+## 2018.05.25 v3.23
+
+* JSON 配置文件中,端口支持从环境变量加载。
+* JSON 配置文件支持从指定文件加载 IP 和域名。
## 2018.04.20 v3.19
-* 传入代理的流量统计。
+* 入站代理的流量统计。
## 2018.04.13 v3.17
@@ -15,7 +196,7 @@
## 2018.04.06 v3.16
* [统计信息](../chapter_02/stats.md)。开启方式略麻烦,请仔细看文档。
-* Shadowsocks 传入协议现在可以只监听 UDP 端口而不监听 TCP 了。强烈建议不在同一端口上同时监听 TCP 和 UDP。
+* Shadowsocks 入站协议现在可以只监听 UDP 端口而不监听 TCP 了。强烈建议不在同一端口上同时监听 TCP 和 UDP。
## 2018.03.02 v3.11
@@ -84,7 +265,7 @@
## 2017.09.29 v2.39
-* 当远程服务器关闭连接时,传入代理现在会尽快断开与客户端的连接。
+* 当远程服务器关闭连接时,入站代理现在会尽快断开与客户端的连接。
* 默认连接超时时间更改为 5 分钟。
## 2017.05.12 v2.27
@@ -147,11 +328,11 @@
## 2017.01.16 v2.15
-* mKCP 和 WebSocket 现已适用于所有的传出(传入)协议。
+* mKCP 和 WebSocket 现已适用于所有的出站(入站)协议。
## 2017.01.09 v2.14
-* Socks 5 传出协议。
+* Socks 5 出站协议。
* mKCP 新增微信视频通话伪装。
## 2017.01.02 v2.13
@@ -181,22 +362,22 @@
## 2016.11.21 v2.7
-* 现在可以给主传入传出连接设置标识了;
+* 现在可以给主入站出站连接设置标识了;
* 一些小修小补;
## 2016.11.14 v2.6
-* 可将一个传出协议发出的数据转发至另一传出协议;
-* 路由可根据传入协议的标识来进行判断了;
+* 可将一个出站协议发出的数据转发至另一出站协议;
+* 路由可根据入站协议的标识来进行判断了;
## 2016.11.07 v2.5
-* 新增 Shadowsocks 传出协议;
+* 新增 Shadowsocks 出站协议;
* 新增 TCP 连接中的 HTTP 头部伪装;
## 2016.10.24 v2.4
-* 每个传入传出协议可以配置各自的 TCP / mKCP / WebSocket 设置了;
+* 每个入站出站协议可以配置各自的 TCP / mKCP / WebSocket 设置了;
* 路由现可以跟据来源 IP 进行转发;
## 2016.10.17 v2.3
@@ -220,7 +401,7 @@
## 2016.08.15 v1.24
* mKCP 新增了 BT 数据包伪装。
-* 传入连接现在可以设置 allowPassive 来允许被动连接,如 IMAP。
+* 入站连接现在可以设置 allowPassive 来允许被动连接,如 IMAP。
## 2016.08.08 v1.23
diff --git a/zh_cn/chapter_00/02_donate.md b/zh_cn/chapter_00/02_donate.md
index efdcf615b..923264506 100644
--- a/zh_cn/chapter_00/02_donate.md
+++ b/zh_cn/chapter_00/02_donate.md
@@ -1,90 +1,77 @@
+---
+refcn: chapter_00/02_donate
+refen: welcome/donate
+---
+
# 资助 V2Ray 发展
- [](https://www.v2ray.com/en/welcome/donate.html)
-
-Project V 是一个非营利项目,它的所有代码均公开,软件可以自由使用,不受限制。如果您喜爱本项目,可以通过下面的方式请作者喝一杯咖啡。
-
-一些说明:
-
-* 所有捐款的用途将不被公开;
-* 您的捐款是对 Project V 的无偿贡献,和 Project V 提供的技术和服务没有直接关联;
-* 您捐赠的款项会在本页下方列出,敏感信息已做处理,如果您希望已其它的方式公布,请在捐赠时留言;
-* 感谢您对 Project V 的热爱。
-
-## 传统方式
-
-捐赠金额:美元
-
-\* 由于平台的关系,小于 1 美元的捐赠可能会全部用于支付手续费而变得没有意义,对于这类捐赠会直接发起退款,且不会列在捐款人列表中。
-
-
-
-
-支付方式:
-
-
-
-## 极客方式
-
-* 比特币 (BTC): [15dQnC9yvX6JJXaFkP9MiRYvJS3FvsqvKW](https://blockchain.info/address/15dQnC9yvX6JJXaFkP9MiRYvJS3FvsqvKW)
-* 比特现金 (BCH): [1NNRgpWYD8UX1bkcokCEoD6HHpaw98onxa](https://blockdozer.com/insight/address/1NNRgpWYD8UX1bkcokCEoD6HHpaw98onxa)
-* 以太坊 (ETH): [0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e](https://etherscan.io/address/0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e)
-* 莱特币 (LTC): [LVdeH2HkCgGRs8ZEpan7fkAEEPbiJ4McoR](https://insight.litecore.io/address/LVdeH2HkCgGRs8ZEpan7fkAEEPbiJ4McoR)
-* 门罗币 (XMR): 48kA4NyLRCWQvB7U2A77G66Z25uWbyzmoZSYjxJfrMR1J4dRFW6fWFLDn3wirAqP8ySnR4rnvoXWxfkNFhrK5ZxY1WyBqKg
-* EOS: [0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e](https://etherscan.io/token/EOS?a=0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e)
-* 嫩模币 (OMG): [0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e](https://etherscan.io/token/OmiseGo?a=0x196b695ce3b44c4bd16fe43981bcc908a6a09c2e)
-* [贡献你的 CPU](cpu.md)
-
-## 感谢您的帮助
-
-以下列表大约一周更新一次,如您已经捐款,请耐心等待。
-
-{% include "../donor.md" %}
+V2Ray 是一个非营利项目,它的所有代码均公开,软件可以自由使用,不受限制。如果您喜爱本项目,可以通过下面的方式请作者喝一杯咖啡。
+
+您的捐款是对 Project V 的无偿贡献,和 Project V 提供的技术和服务没有直接关联。对于每一份捐款,我们都会以邮件的方式确认。如果你不希望收到我们的邮件,请在捐款时留言注明。
+
+对于单次捐赠的价值超过 $50,您可以从如下选项中指定一项:
+
+* 为期一个月的首页广告 (您的名字,或 Logo);
+* 按您的喜好修改我们的代码。限制:不可影响用户使用,不可影响文档。您的修改将保留一个月。
+
+## 传统方式 {#usual-way}
+
+> Paypal
+
+可以通过 [Paypal 内部转帐](https://www.paypal.me/ProjectV2Ray/25) 或者[信用卡](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&amount=25¤cy_code=usd&hosted_button_id=4TU3UKYANT2WY)的方式捐赠。
+
+由于 Paypal 收取非常高的手续费,小于 1 美元的捐赠会变得没有意义。
+
+> Patreon
+
+[Patreon](https://www.patreon.com/v2ray) 是一个定期投食的平台,即每月捐赠固定金额。一旦设定完毕,每个月都会收到我们的小礼物哦。
+
+> 礼品卡
+
+目前只支持美亚礼品卡,可在 [Amazon](https://www.amazon.com/Amazon-eGift-Card-Birthday-Balloons/dp/B01FIS88SY) 或者[淘宝](https://s.taobao.com/search?q=%E7%BE%8E%E4%BA%9A%E7%A4%BC%E5%93%81%E5%8D%A1)购买。请寄送至`love@v2ray.com`。
+
+## 极客方式 {#crypto}
+
+相比起传统方式,加密货币更适合跨境支付。加密货币通常都是匿名持有,其交易也很难被跟踪。
+
+由于加密货币天生的匿名特性,如果有必要的话,请事先联系项目组表明捐赠者的身份。
+
+> 比特币 Bitcoin
+
+地址: `3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM`
+
+点此[链接](https://www.blockchain.com/btc/address/3GctrB7R5sMhJ73N4AKo56Bdf9RE3RJsuM)显示二维码
+
+> 比特现金 Bitcoin Cash
+
+地址: `15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97`
+
+点此[链接](https://explorer.bitcoin.com/bch/address/15oATKUq5mEfuzasPnsJ58TjJU5SvDJK97)显示二维码
+
+> 以太坊 Ethereum
+
+地址: `0x112ee71189704fe04cabed4aa045f4461c8c8696`
+
+点此[链接](https://www.blockchain.com/eth/address/0x112ee71189704fe04cabed4aa045f4461c8c8696)显示二维码。你也可以通过这个地址发送这些货币:OMG、REP、GNT、DGD
+
+> EOS
+
+地址: `EOS8Civdok4CBN3jCpsaGQijzesjKof1eyaRFuBU5mLMtWVkLsy8a`
+
+> 莱特币 Litecoin
+
+地址: `LVdeH2HkCgGRs8ZEpan7fkAEEPbiJ4McoR`
+
+> 门罗币 Monero
+
+地址: `48kA4NyLRCWQvB7U2A77G66Z25uWbyzmoZSYjxJfrMR1J4dRFW6fWFLDn3wirAqP8ySnR4rnvoXWxfkNFhrK5ZxY1WyBqKg`
+
+> 瑞波币 Ripple
+
+地址: `r439fPk8DzCf4nSxkpfodEuE2cG4KVZQHq`
+
+不需要 Tag
+
+> 其它
+
+如果你想捐赠其它的加密货币,请联系我们: `love@v2ray.com`。
diff --git a/zh_cn/chapter_00/command.md b/zh_cn/chapter_00/command.md
index 5514c3e9d..c12137e80 100644
--- a/zh_cn/chapter_00/command.md
+++ b/zh_cn/chapter_00/command.md
@@ -1,50 +1,153 @@
-# 命令行参数
+---
+refcn: chapter_00/command
+refen: welcome/command
+---
- [](https://www.v2ray.com/en/welcome/command.html)
+# 命令行参数
## V2Ray
V2Ray 的程序文件的命令行参数如下:
-```shell
+```bash
v2ray [-version] [-test] [-config=config.json] [-format=json]
```
-其中:
+> `-version`
+
+只输出当前版本然后退出,不运行 V2Ray 主程序。
+
+> `-test`
+
+测试配置文件有效性,如果有问题则输出错误信息,不运行 V2Ray 主程序。
+
+> `-config`
+
+配置文件路径,可选的形式如下:
+
+* 本地路径,可以是一个绝对路径,或者相对路径。
+* `"stdin:"`: 表示将从标准输入读取配置文件内容,调用者必须在输入完毕后关闭标准输入流。
+* 以`http://`或`https://`(均为小写)开头: V2Ray 将尝试从这个远程地址加载配置文件。
+
+> `-format`
+
+配置文件格式,可选的值有:
+
+* `json`: JSON 格式;
+* `pb` 或 `protobuf`: Protobuf 格式;
+
+{% hint style='info' %}
+当`-config`没有指定时,V2Ray 将先后尝试从以下路径加载`config.json`:
+
+* 工作目录(Working Directory)
+* [环境变量](../chapter_02/env.md)中`v2ray.location.asset`所指定的路径
-* `-version`: 只输出当前版本然后退出,不运行 V2Ray 主程序。
-* `-test`: 测试配置文件有效性,如果有问题则输出错误信息,不运行 V2Ray 主程序。
-* `-config`:
- * 配置文件的路径;
- * 当值为`stdin:`时,将从标准输入读取配置文件内容,调用者必须在输入完毕后关闭标准输入流。
- * (3.17+) 当其值以`http://`或`https://`(均为小写)开头时,V2Ray 将尝试从这个远程地址加载配置文件。
- * 当值为空时,V2Ray 将先后尝试从当前路径(Working Directory)和环境变量`v2ray.location.asset`所指定的路径中加载配置文件。
-* `-format`: 配置文件格式,可选的值有:
- * `json`: JSON 格式;
- * `pb` 或 `protobuf`: Protobuf 格式;
+{% endhint %}
## V2Ctl
-V2Ctl 命令行参数如下:
+V2Ctl 是一个集合,它有若干个子命令组成。全局的命令行形式如下:
-```shell
+```bash
v2ctl
```
-Command 包括:
+> `command`
-* `verify [--sig=/path/to/sigfile] /file/to/verify`: 验证文件是否由 Project V 官方签名。
+子命令,有以下选项:
+
+* `api`: 调用 V2Ray 进程的远程控制指令。
* `config`: 从标准输入读取 JSON 格式的配置,然后从标准输出打印 Protobuf 格式的配置。
+* `cert`: 生成 TLS 证书。
+* `fetch`: 抓取远程文件。
+* `tlsping`: (V2Ray 4.17+) 尝试进行 TLS 握手。
+* `verify`: 验证文件是否由 Project V 官方签名。
* `uuid`: 输出一个随机的 UUID。
-### Verify
+### V2Ctl Api
+
+`v2ctl api [--server=127.0.0.1:8080] `
+
+调用 V2Ray 进程的远程控制指令。示例:
+
+`v2ctl api --server=127.0.0.1:8080 LoggerService.RestartLogger ''`
+
+### V2Ctl Config
+
+`v2ctl config`
+
+此命令没有参数。它从标准输入读取 JSON 格式的配置,然后从标准输出打印 Protobuf 格式的配置。
+
+### V2Ctl Cert
+
+`v2ctl cert [--ca] [--domain=v2ray.com] [--expire=240h] [--name="V2Ray Inc"] [--org="V2Ray Inc] [--json] [--file=v2ray]`
+
+生成一个 TLS 证书。
+
+> `--ca`
+
+如果指定此选项,将会生成一个 CA 证书。
+
+> `--domain`
-`v2ctl verify [--sig=/path/to/sigfile] /file/to/verify`
+证书的 Alternative Name 项。该参数可以多次使用,来指定多个域名。比如`--domain=v2ray.com --domain=v2ray.cool`。
+
+> `--expire`
+
+证书有效期。格式为 Golang 的[时间长度](https://golang.org/pkg/time/#ParseDuration)。
+
+> `--name`
+
+证书的 Command Name 项。
+
+> `--org`
+
+证书的 Orgnization 项。
+
+> `--json`
+
+将生成的证书以 V2Ray 支持的 JSON 格式输出到标准输出。默认开启。
+
+> `--file`
+
+将证书以 PEM 格式输出到文件。当指定 `--file=a` 时,将生成 `a_cert.pem` 和 `a_key.pem` 两个文件。
+
+### V2Ctl Fetch
+
+`v2ctl fetch `
+
+抓取指定的 URL 的内容并输出,只支持 HTTP 和 HTTPS。
+
+### V2Ctl TlsPing
+
+`v2ctl tlsping --ip=[ip]`
+
+向指定的域名发起 TLS 握手。
+
+> domain
+
+目标域名
+
+> --ip
+
+此域名的 IP 地址。如果未指定此参数,V2Ctl 将使用系统的 DNS 进行域名解析。
+
+### V2Ctl Verify
+
+`v2ctl verify [--sig=/path/to/sigfile] `
此命令用于验证一个文件是否由 Project V 官方签名。
-参数:
+> `--sig`
+
+签名文件路径,默认值为待验证文件加入'.sig'后缀。
+
+> `filepath`
+
+待验证文件路径。
+
+### V2Ctl UUID
-* `sig`:签名文件路径,默认值为待验证文件加入'.sig'后缀。
-* `/file/to/verify`:待验证文件路径。
+`v2ctl uuid`
+此命令没有参数。每次运行都会输出一个新的 UUID。
diff --git a/zh_cn/chapter_00/cpu.md b/zh_cn/chapter_00/cpu.md
deleted file mode 100644
index daf019f2d..000000000
--- a/zh_cn/chapter_00/cpu.md
+++ /dev/null
@@ -1,42 +0,0 @@
-# 贡献你的 CPU
-
-如果你有闲置的 CPU 或 GPU 资源,不妨把这个页面开着,并点击下面的“Start Mining”开始挖矿。
-
-所有挖矿所得会发送给 Project V 项目组。如果 AdBlock 之类的插件尝试阻止的话,请务必开放权限。非常感谢。
-
-默认情况下脚本会占用 100% CPU,你可以调节下面的 Speed 来减少 CPU 占用。
-
-
-
+
+
+ 
+
+
+ 
+
+
+ 
+
+
+ 
+
+
+ 
+
+
+ 
+
+ {% endif %}
+
-Project V is a set of tools to help you build your own privacy network over internet.
+Project V is a set of tools to help you build your own private network over the internet. The core of Project V, named `V2Ray`, is responsible for network protocols and communications. It can work alone, or in combination with other tools.
-## Introduction
-
-Project is provides a single core with various GUI programs. The core, V2Ray, is for network connection, routing and data processing, while GUI programs are for user friendly experience.
-
-V2Ray's responsibility is transfer data from its client to specified server, based on user configuration. It runs as a commandline tool. It can be configured via JSON based configuration.
+This website is primarily a manual for V2Ray, with some additional information regarding the whole project.
## Features
-### Multiple proxy support
-
-V2Ray supports Socks, HTTP, Shadowsocks and VMess protocol.
-
-* One V2Ray process can use different protocols on different ports at the same time;
-* By combining different inbound and outbound proxies, one can change traffic format dynamically.
-
-### Multiple transport protocols
-
-All proxies above can be send/receive over TLS, TCP, mKCP and more transport protocols.
-
-### Flexible routing
-
-V2Ray has an internal router, which can be configured to proxy traffic, or send directly, or even block them.
-
-## Update this site
+* Multiple inbound/outbound proxies: one V2Ray instance supports in parallel multiple inbound and outbound protocols. Each protocol works independently.
+* Customizable routing: incoming traffic can be sent to different outbounds based on routing configuration. It is easy to route traffic by target region or domain.
+* Multiple protocols: V2Ray supports multiple protocols, including Socks, HTTP, Shadowsocks, VMess etc. Each protocol may have its own transport, such as TCP, mKCP, WebSocket etc.
+* Obfuscation: V2Ray has built in obfuscation to hide traffic in TLS, and can run in parallel with web servers.
+* Reverse proxy: General support of reverse proxy. Can be used to build tunnels to localhost.
+* Multiple platforms: V2Ray runs natively on Windows, Mac OS, Linux, etc. There is also third party support on mobile.
-This site is generated by GitBook, and host on GitHub. If you'd like to modify its content, please send pull request to [this repo](https://github.com/v2ray/manual).
+{% hint style='info' %}
-## License
+This site is generated by GitBook, and hosted on GitHub. If you'd like to modify its content, please send a pull request to [this repo](https://github.com/v2ray/manual).
-This website is licensed under a [Creative Commons Attribution 4.0 International License](https://creativecommons.org/licenses/by/4.0/).
+{% endhint %}
diff --git a/en/SUMMARY.md b/en/SUMMARY.md
index 578e54119..62ebc152a 100644
--- a/en/SUMMARY.md
+++ b/en/SUMMARY.md
@@ -1,23 +1,23 @@
# Summary
- [](https://www.v2ray.com/chapter_02/)
-
-* [Welcome to V2Ray](README.md)
+* [Project V](README.md)
* [Version History](welcome/versions.md)
* [Workflow](welcome/workflow.md)
* [Install](welcome/install.md)
+ * [Quick Start](welcome/start.md)
* [Commandline](welcome/command.md)
* [Donation](welcome/donate.md)
* [Support](welcome/help.md)
- * [Telegram](welcome/tg.md)
- * [Private Communication](welcome/pgp.md)
- * [License](welcome/license.md)
+ * [FAQ](welcome/faq.md)
+ * [Blog↪](https://steemit.com/@v2ray)
* [Configuration](configuration/README.md)
* [Overview](configuration/overview.md)
* [Protocols](configuration/protocols.md)
* [Blackhole](configuration/protocols/blackhole.md)
+ * [DNS](configuration/protocols/dns.md)
* [Dokodemo](configuration/protocols/dokodemo.md)
* [Freedom](configuration/protocols/freedom.md)
+ * [MTProto](configuration/protocols/mtproto.md)
* [HTTP](configuration/protocols/http.md)
* [Shadowsocks](configuration/protocols/shadowsocks.md)
* [SOCKS](configuration/protocols/socks.md)
@@ -28,15 +28,24 @@
* [Mux](configuration/mux.md)
* [API](configuration/api.md)
* [Statistics](configuration/stats.md)
+ * [Reverse](configuration/reverse.md)
* [Transport](configuration/transport.md)
* [TCP](configuration/transport/tcp.md)
* [mKCP](configuration/transport/mkcp.md)
* [WebSocket](configuration/transport/websocket.md)
* [HTTP/2](configuration/transport/h2.md)
+ * [DomainSocket](configuration/transport/domainsocket.md)
+ * [QUIC](configuration/transport/quic.md)
* [Env Variables](configuration/env.md)
-* [Clients](ui_client/README.md)
- * [Windows](ui_client/windows.md)
- * [OS X](ui_client/osx.md)
- * [iOS](ui_client/ios.md)
- * [Android](ui_client/android.md)
- * [Services](ui_client/service.md)
+* [Awesome V](awesome/tools.md)
+ * [With Ads](awesome/ads.md)
+* Development
+ * Milestone
+ * Guide
+ * Design
+ * Build
+ * [Tools](developer/tools.md)
+ * Protocols
+ * VMess
+ * mKCP
+ * Mux.Cool
diff --git a/en/awesome/ads.md b/en/awesome/ads.md
new file mode 100644
index 000000000..e7e0ac523
--- /dev/null
+++ b/en/awesome/ads.md
@@ -0,0 +1,72 @@
+---
+refcn: awesome/ads
+refen: awesome/ads
+---
+
+# Some Advertisement
+
+The following online services may help you better use Project V. These services are provided by third party. They are not directly releated to Project V.
+
+## Self Hosting
+
+> [Let's Encrypt](https://letsencrypt.org/)
+
+Free TLS certificates
+
+> [Vultr](https://www.vultr.com/?ref=7269307)
+
+VPS
+
+[2019 limited promotion, $50 free credit](https://www.vultr.com/?ref=7783021-4F)
+
+> [BlueHost](https://www.bluehost.com/track/v2ray/)
+
+VPS, web hosting
+
+> [ClouDNS](https://www.cloudns.net/aff/id/244749/)
+
+Domain registration, DNS, SSL certificate
+
+> [Bandwagon](https://bandwagonhost.com/aff.php?aff=44317)
+
+Well-known VPS provider. Low price for good product.
+
+## VPN
+
+> [BabyDriver](http://babydriver.me/)
+
+Supports V2Ray. Coupon code: bcb518
+
+> [喵帕斯](https://xn--i2ru8q2qg.com/)
+
+V2Ray support (beta)
+
+> [Lanan](https://xn--sjt174g.com/)
+
+V2Ray based VPN service. Coupon code: v2ray
+
+> [V2Net](http://v2net.org/)
+
+Customized V2Ray service. Promo code: v2ray.com
+
+## Cryptocurrency
+
+> [LocalBitcoins](https://localbitcoins.com/?ch=khtm)
+
+Trade Bitcoins offline
+
+> [CoinCola](https://www.coincola.com/mobile/signup?ref=QAcvfy2g)
+
+OTC market to trade BTC, ETH, BCH, USDT.
+
+> [Binance](https://www.binance.com/?ref=35382451)
+
+Trading market for crypto currencies.
+
+> [Coinex](https://www.coinex.com/account/signup?refer_code=r3fmp)
+
+Trading market for crypto currencies.
+
+> [CoinPayment](https://www.coinpayments.net/index.php?ref=abc5f542afed6b37b4b3d7fb83242d18)
+
+Online crypto currency wallet
\ No newline at end of file
diff --git a/en/awesome/tools.md b/en/awesome/tools.md
new file mode 100644
index 000000000..60e1db1b2
--- /dev/null
+++ b/en/awesome/tools.md
@@ -0,0 +1,94 @@
+---
+refcn: awesome/tools
+refen: awesome/tools
+---
+
+# Awesome V
+
+# Graphic Client
+
+> V2RayW 
+
+Download: [Github](https://github.com/Cenmrev/V2RayW)
+
+> V2RayN 
+
+Download: [Github](https://github.com/Cenmrev/V2RayX)
+
+> V2RayU 
+
+Qv2ray is a cross-platform Qt frontend for V2ray written in C++, with subscription manager, outbound manager, netspeed chart and a easy-to-use route editor.
+
+Project Page: [https://github.com/Qv2ray/Qv2ray](https://github.com/Qv2ray/Qv2ray)
+
+> Mellow 
+
+Kitsunebi is an iOS app based on V2Ray. It provides full functionality as V2Ray. It also supports importing and exporting V2Ray compatible JSON configuration.
+
+Download: [iTunes](https://itunes.apple.com/us/app/kitsunebi-proxy-utility/id1446584073?mt=8)
+
+> i2Ray 
+
+BifrostV is an Android app based on V2Ray core. It supports VMess, Shadowsocks, socks protocols.
+
+Download: [Play Store](https://play.google.com/store/apps/details?id=com.github.dawndiy.bifrostv) | [APK Pure](https://apkpure.com/bifrostv/com.github.dawndiy.bifrostv)
+
+> V2RayNG