-
Notifications
You must be signed in to change notification settings - Fork 162
VpnHood Server Configuration
VpnHood Server can be a few configurations. The vpnHood server uses the default value for any item you remove. You can config the server by putting "appsettings.json" in the storage folder of the VpnHood server. The default location of the storage folder is:
- Linux > /opt/VpnHoodServer/storage
- Windows > C:\Program Files\VpnHood\VpnHoodServer\storage
The default value shown below will be used if there is no "appsettings.json" file.
appsettings.json
{
"RestAccessServer": null,
"FileAccessServer": {
"TcpEndPoints": [ "0.0.0.0:443", "[::]:443" ],
"SslCertificatesPassword": null,
"Tracking": {
"TrackClientIp": false,
"TrackLocalPort": false,
"TrackDestinationIp": false,
"TrackDestinationPort": false
},
"Session": {
"Timeout": "01:00:00",
"UdpTimeout": "00:01:00",
"TcpTimeout": "00:15:00",
"IcmpTimeout": "00:30:00",
"MaxDatagramChannelCount": 8,
"MaxUdpPortCount": 0,
"TcpBufferSize": 8192
},
"NetFilter": {
"ExcludeLocalNetwork": true,
"PacketCaptureIncludeIpRanges": ["0.0.0.0/0", "::/0"],
"PacketCaptureExcludeIpRanges": [],
"IncludeIpRanges": ["0.0.0.0/0", "::/0"],
"ExcludeIpRanges": []
},
},
"IsDiagnoseMode": false
}Use this to connect the VpnHood server to an enterprise Access Server. Please set it to null to use VpnHood's built-in simple file access server. A simple file access server is enough to run a server.
The TCP listening ports on your server. VpnHood server does not require any root or admin access, but listening to the TCP/IP port numbers below 1024 is special and regular users are not allowed to run on some servers.
VpnHood generated a random self-signed certificate as "default.pfx". If you changed it with a password-protected pfx, you need to specify its password here.
If true, the VpnHood server logs the client's IP and the session number.
If true, the VpnHood server logs every local port number opened to the outside world along with the session number.
If true, then the VpnHood server logs the redacted destination IP requested by the user.
If true, then the VpnHood server logs the destination port requested by the user.
VpnHood server closes idle sessions after this period in seconds.
VpnHood server's internal NAT closes UDP ports to the outside world after this period in seconds. It is the same as ordinary NAT.
VpnHood server closes idle TCP sessions after this period in seconds. Detecting dead TCP connections is challenging; VpnHood uses keep alive for TCP connections and closes the idle TCP connection only if the socket poll returns an error after this period.
It limits the maximum allowed TcpDatagram channel from a client. VpnHood server closes old TCP channels if a VpnHood client requests more. VpnHood client reads this value from the server and does not request more TcpDatagram channels suppressing the user config.
Note: This value does not affect when using UdpChannel. There is only one UdpChannel in UDP mode.
It limits the maximum concurrent UDP port from a client. Ordinary users merely need to open more than 100 simultaneous UDP ports unless they use torrent apps. The default is 0, which means unlimited.
The TCP buffer size for every TcpProxy request. Each TCP proxy uses two TCP connections. An ordinary user may request about 500 simultaneous TCP proxies in a session. VpnHood Server consumes much memory if many users connect to your server, especially if you increase this value, so the default value is highly recommended.
if true, the server's local network will be unreachable for clients.
It must be true to log some packet deep-level logging. It puts much overhead on your machine if you set it to true.