chika0801 / sing-box-examples Goto Github PK
View Code? Open in Web Editor NEWsing-box 配置示例
Home Page: https://github.com/SagerNet/sing-box
sing-box-examples's People
Contributors
Stargazers
Watchers
Forkers
essoojay rkygogo mhnhh123 liuyun1234 hsk077 firefighter001x yujun95 sumiort yangyangyang2017 i5g5vvv johnan0528 yzyz5840 fy-deng eamon-cai joseph-x debiansid usaxyh jovidong chuang2016 shuohui666 wokaotianshi123 shawokou123 yifeimfd agustyuzu rentry00 zcc135820 mingchhjj jinhuaitao bpllwu needhumanity modasi ikly360 hiweed ezmore wvyan signingup univerioiln233 molafir mrlq oozeryze rianjskis myprivateclonelibrary godot2d tstprox 13wenwen banyuner ldh1983 i1ve milan2zist tommytalk clk01 sendelbor mirrorsfork mkeco saseboshigure caoxg nonomal szkennminn sievelau chaeolus aag7xnnrgbzeyqc5wops dashucheng marryandjary asiv580 sdhz153 trancedj20230423 hosseinsalabati hosseinsalabatii qwer-search pt01524 bulice ddd4906 jiluotu duanlangtaosha zouchanggan mahakalaya ezxxy foyer6057 wzzlk josbu qvisl9 jmmes zjtgy11 ydl898898 paddy-w qxmao jireka tsirtv baby-233 forkpool yxzhoubing terutoki johnsmith8736 hiifeng toottk yuanwangokk laozi01 fzs209 bobo677 danxiaonuosing-box-examples's Issues
VLESS-XTLS-uTLS-REALITY 使用 sing-box 安装指南
客户端为WIN7 64位�[31mFATAL�[0m[0005] start service: initialize inbound/tun[tun-in]: listen tcp4
172.19.0.1:0: bind: The requested address is not valid in its context.
***无法自行解决啊!
这个可以远程DNS吗?不让他使用客户端的dns
Guide to Configuring Server-Side DNS Resolution for Sing-Box (VLESS-XTLS-uTLS-REALITY) to Avoid DNS Pollution Issues
I need help with a DNS resolution problem in sing-box (VLESS-XTLS-uTLS-REALITY). It relies on client-side DNS resolution, causing issues with accessing blocked sites due to DNS pollution. I've been using "Simple DnsCrypt" as a workaround, but I want to configure sing-box for server-side DNS resolution. Can you guide me on this?
非常感谢大佬!小白有个小问题请教
在大佬教程中,端口指定为16384,密码为chika,如果想修改,该如何操作?
谢谢大佬!
rules
请问tun模式里面的路由规则为什么要阻断443端口的udp流量
sing-box.service也可以用PM2替换
sudo pm2 start ./sing-box -n sing-box -- run -c sing-box.json
sudo pm2 save
sudo pm2 startup
singbox 反馈
.\sing run -c
INFO[0000] router: updated default interface 以太网 5, index 38
INFO[0000] inbound/socks[socks-in]: tcp server started at [::1]:
有多个以太网
已经调高以太网 5的跃迁点
但仍自动试别5
大佬readme 可以更新下ios 客户端,官方已经上架苹果商店了
[QUESTION] Only listen on ipv6
Hi! Thanks for the examples.
As the title says, In TUIC server config, how can I only listen on ipv6? with "listen": "::",, I can still connect to server with my ipv4 too and I want the server only be accessible via ipv6.
ios的sing-box没成功。
按sing-box-examples/VLESS-XTLS-uTLS-REALITY
/sing-box_for_iOS_config_client.json 这里的配置修改 uuid 和其他相关信息后丢进去sing-box ios版。一直出错:
(packet-tunnel) error: start service: open geoip database: invalid argument
请为sing-box添加NaiveProxy的例子
如果您能考虑这一请求,将不胜感激
Requests vless grpc reality client
add VLESS-gRPC-uTLS-REALITY client. i try to setup client transport grpc without servicename and won't work!
Nginx SNI diversion with sing-box reality
Hello, and thanks for your great examples. I recently tried to divert traffic to sing-box based on SNI but was unsuccessful, however the same thing works with xray without problem. I wanted to know your opinion on this.
SNI diversion works with other protocols in sing-box such as naive or trojan, but not reality.
I am also using reality with my own domain.
The reason for this is I have other services on the vps and i need nginx to listen on 443.
Here are configs
Nginx
user nobody nogroup;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
stream {
map $ssl_preread_server_name $backend_name {
xx.mydomain.com vless;
mydomain.com http2;
www.mydomain.com http2;
}
upstream vless {
server 127.0.0.1:10000;
}
upstream http2 {
server 127.0.0.1:20000;
}
server {
listen 443;
listen [::]:443;
ssl_preread on;
proxy_pass $backend_name;
proxy_protocol on;
}
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}
server {
listen 127.0.0.1:20000 ssl proxy_protocol;
http2 on;
set_real_ip_from 127.0.0.1;
real_ip_header proxy_protocol;
ssl_certificate ../fullchain.cer;
ssl_certificate_key ../mydomain.com.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers TLS13_AES_128_GCM_SHA256:TLS13_AES_256_GCM_SHA384:TLS13_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305;
ssl_ecdh_curve secp521r1:secp384r1:secp256r1:x25519;
location / {
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://127.0.0.1:30000; #some_backend
}
}
xray: This config works
{
"log": {
"loglevel": "warning",
"error": "/var/log/xray/error.log",
"access": "/var/log/xray/access.log"
},
"inbounds": [
{
"listen": "127.0.0.1",
"port": 10000,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "532f45bd-7229-425e-8831-97a463eba428",
"flow": "xtls-rprx-vision"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"security": "reality",
"realitySettings": {
"show": false,
"dest": 20000,
"xver": 2,
"serverNames": [
"xx.mydomain.com"
],
"privateKey": "...",
"shortIds": [
"123456789"
]
},
"tcpSettings": {
"acceptProxyProtocol": true
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
},
{
"tag": "blocked",
"protocol": "blackhole",
"settings": {}
}
]
}
sing-box: does not work
{
"log": {
"level": "info"
},
"inbounds": [
{
"type": "vless",
"tag": "vless-in",
"listen": "::",
"listen_port": 10000,
"proxy_protocol": true,
"sniff": true,
"sniff_override_destination": true,
"users": [
{
"uuid": "532f45bd-7229-425e-8831-97a463eba428",
"flow": "xtls-rprx-vision"
}
],
"tls": {
"enabled": true,
"server_name": "xx.mydomain.com",
"reality": {
"enabled": true,
"handshake": {
"server": "127.0.0.1",
"server_port": 20000
},
"private_key": "...",
"short_id": [
"123456789"
]
}
}
}
],
"outbounds": [
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
}
]
}
sing-box Logs
ERROR[0043] [3919413922 1ms] inbound/vless[vless-in]: process connection from IP_Address: REALITY: processed invalid connection
ERROR[0046] [709892396 0ms] inbound/vless[vless-in]: process connection from IP_Address: REALITY: processed invalid connection
ERROR[0048] [2314159538 0ms] inbound/vless[vless-in]: process connection from IP_Address: REALITY: processed invalid connection
ERROR[0049] [2780479593 0ms] inbound/vless[vless-in]: process connection from IP_Address: REALITY: processed invalid connection
ERROR[0049] [962535195 0ms] inbound/vless[vless-in]: process connection from IP_Address: REALITY: processed invalid connection
ERROR[0050] [3203139053 1ms] inbound/vless[vless-in]: process connection from IP_Address: REALITY: processed invalid connection
ERROR[0050] [1510738249 0ms] inbound/vless[vless-in]: process connection from IP_Address: REALITY: processed invalid connection
ERROR[0052] [2292211462 0ms] inbound/vless[vless-in]: process connection from IP_Address: REALITY: processed invalid connection
关于Tun配置文件的DNS配置区域的一些疑问
sing-box-examples/Tun/config_client_windows.json
Lines 34 to 52 in a1bc778
这部分最后兜底的是
dns_direct 假设没有命中 geosite:geolocation-!cn 的话会不会造成DNS泄露?使用
dns_direct 兜底应该是为了避免在 outbound.server 为域名时造成的DNS回环吧?
如果是的话我个人认为将 dns_direct 兜底换为:服务器域名单独加入DNS规则的 dns_direct ,使用 dns_proxy 兜底会更好点,防止DNS泄露的问题。
{
"geosite": [
"cn",
"private"
],
"domain": [ //1*
"server.domain"
],
"server": "dns_direct"
},
{
"outbound": [
"any"
],
"server": "dns_proxy"
}Where are the xray-core examples?
Hi
Where are the xray-core examples ?
I want the sample files for Reality-steal-yourself. server.json and nginx.conf.
The newly updated tun configuration failed
Here is my configuration, help me
{
"log": {
"level": "trace",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "dns_Ley",
"address": "https://1.1.1.1/dns-query",
"address_resolver": "dns_resolver",
"strategy": "ipv4_only",
"detour": "Ley"
},
{
"tag": "dns_direct",
"address": "https://dns.alidns.com/dns-query",
"address_resolver": "dns_resolver",
"strategy": "ipv4_only",
"detour": "direct"
},
{
"tag": "dns_block",
"address": "rcode://success"
},
{
"tag": "dns_resolver",
"address": "223.5.5.5",
"detour": "direct"
}
],
"rules": [
{
"domain": "time.apple.com",
"server": "dns_resolver"
},
{
"geosite": "category-ads-all",
"server": "dns_block",
"disable_cache": true
},
{
"geosite": "geolocation-!cn",
"server": "dns_Ley"
},
{
"geosite": [
"cn",
"private"
],
"server": "dns_direct"
},
{
"outbound": "any",
"server": "dns_resolver"
}
]
},
"ntp": {
"enabled": true,
"interval": "30m0s",
"server": "time.apple.com",
"server_port": 123,
"detour": "direct"
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"mtu": 1400,
"inet4_address": "172.19.0.1/30",
"inet6_address": "fdfe:dcba:9876::1/126",
"auto_route": true,
"strict_route": true,
"include_package": [
"com.google.android.gms",
"com.google.android.gsf",
"com.android.vending",
"com.android.chrome",
"org.telegram.messenger"
],
"stack": "gvisor",
"sniff": true,
"sniff_override_destination": true
}
],
"outbounds": [
{
"type": "selector",
"tag": "Ley",
"outbounds": [
"LeyVN:80",
"LeySG:80",
"LeyVN:443",
"LeySG:443"
],
"default": "LeySG:443"
},
{
"type": "vless",
"tag": "LeyVN:80",
"server": "cloud.ley.vn",
"server_port": 80,
"uuid": "....",
"transport": {
"type": "http",
"path": "/Ley.VN",
"method": "GET",
"headers": {
"Host": "dl.kgvn.garenanow.com"
}
}
},
{
"type": "vless",
"tag": "LeySG:80",
"server": "cloud1.ley.vn",
"server_port": 80,
"uuid": "....",
"transport": {
"type": "http",
"path": "/Ley.VN",
"method": "GET",
"headers": {
"Host": "dl.kgvn.garenanow.com"
}
}
},
{
"type": "trojan",
"tag": "LeyVN:443",
"server": "cloud.ley.vn",
"server_port": 443,
"password": "....4",
"tls": {
"enabled": true,
"server_name": "dl.kgvn.garenanow.com",
"insecure": true
}
},
{
"type": "trojan",
"tag": "LeySG:443",
"server": "cloud1.ley.vn",
"server_port": 443,
"password": "....."
"tls": {
"enabled": true,
"server_name": "dl.kgvn.garenanow.com",
"insecure": true
}
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
},
{
"type": "dns",
"tag": "dns-out"
}
],
"route": {
"geoip": {
"download_url": "https://github.com/soffchen/sing-geoip/releases/latest/download/geoip.db"
},
"geosite": {
"download_url": "https://github.com/soffchen/sing-geosite/releases/latest/download/geosite.db"
},
"rules": [
{
"protocol": "dns",
"outbound": "dns-out"
},
{
"protocol": "quic",
"outbound": "block"
},
{
"geosite": "category-ads-all",
"outbound": "block"
},
{
"type": "logical",
"mode": "and",
"rules": [
{
"geosite": "geolocation-!cn"
},
{
"geoip": "cn",
"invert": true
}
],
"outbound": "Ley"
},
{
"type": "logical",
"mode": "and",
"rules": [
{
"geosite": "cn"
},
{
"geoip": "cn"
}
],
"outbound": "direct"
},
{
"geosite": "private",
"outbound": "direct"
},
{
"geoip": [
"cn",
"private"
],
"outbound": "direct"
}
],
"auto_detect_interface": true
}
}
wifi hotspot
i'm using tun mode
Can you give me an example configuration?
I want to configure LAN.
下载systemctl配置显示404
下载systemctl配置显示404了
chika大佬
大佬,能不能还跟以前的xray配置一样,在示例中把dns跟跟出入站规则啥的加上,最近受您的影响,也转到sing-box了,用的hy协议+vless.可惜弄不好这个DNS跟出入站规则方面,从xray开始一直以来都是抄的您的配置哈哈哈,太菜了我, 另外用sing-box使用hy跟vless协议,不用nginx反代吗,看您这都没有,哈哈哈,麻烦您了.
dns_proxy问题求教
"tag": "dns_proxy",
"address": "https://1.1.1.1/dns-query",
"address_resolver": "dns_direct",
"strategy": "ipv4_only", // 若服务端准备好了IPv6,可改为 prefer_ipv6
"detour": "proxy"
安卓客户端reality、vision连接没问题。tuic和hysteria连不上,显示dns_proxy loopback,将1.1.1.1改为自建dns服务器才连的上。
感觉dns_proxy没走代理,请问什么问题。
tun模式下naive的客户端该用哪种协议?
你好,感谢分享sing-box的各种配置。我有个问题请教一下:
tun模式下naive的客户端该用哪种协议?用“http”?
可以这样配置吗?
"outbounds": [
{
"type": "http",
"tag": "http-out",
"server": "sample.com",
"server_port": 443,
"username": "user",
"password": "passwd",
"path": "",
"headers": {},
"tls": {}
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
},
{
"type": "dns",
"tag": "dns-out"
}
],
Add tuic v5 client config for SFI
sing-box 1.4.0-beta.1
大佬牛掰 然后大佬可以再加个像xray那样二级代理住宅ip的配置不
基于您的example改造了一下,有问题请教…
SagerNet/sing-box#152
就跟我在⬆️这个issue里说的一样的问题,不知道您遇到了么?
感恩大佬
为什么server不用设dns?
例如我在vps 127.0.0.1设了doh DNS服务,client配置的dns是8.8.8.8。到服务端到底用的是127还是8.8?
dns使用下面的方式符合singbox内部逻辑么
这么问的原因:,,我不需要sing实现的解析器(,主要是之前就用了dnsproxy在127.0.0.1起了一个dns解析器。我只想让sing转发所有dns请求(。(多起一个解析器,浪费性能嘛)
{
"type": "dns",
"tag": "dns-out"
}
改成
{
"type": "dns",
"tag": "direct-out-dns",
"override_address": "127.0.0.1",
"override_port": 53,
"proxy_protocol": 0,
... // Dial Fields
}
之前客户端用clash、clash meta,服务端用sing,不知道dns这块 会不会 不兼容。
另,caddy分流
"layer4": {
"servers": {
"sni": {
"listen": [
":443"
],
"routes": [
{
"match": [
{
"tls": {
"sni": [
"your domain of naive"
]
}
}
],
"handle": [
{
"handler": "proxy",
"upstreams": [
{
"dial": [
"127.0.0.1:1111443"
]
}
]
}
]
},
{
"match": [
{
"tls": {
"sni": [
"www.lovelive-anime.jp"
]
}
}
],
"handle": [
{
"handler": "proxy",
"upstreams": [
{
"dial": [
"127.0.0.1:2222443"//your servers of shadowTLS
]
}
]
}
]
}
]
}
}
},
[教程]如何在windows下启动即运行,并且最小化
将sing-box加入path 或 在脚本内写上sing-box的完整路径
C:\Path\to\sing-box.exe run -c "Z:\path\to\sing-box\config.json" #无需在前面加上start /min打开开始菜单,运行 Windows工具 内的 任务计划程序 或 使用直接使用搜索功能打开 任务计划程序 。
可选导入,或者自己创建一个基本任务
导入
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo>
<Date>1970-01-01T00:00:00.0000000</Date>
<Author>KOINU</Author>
<URI>\Sing-box Tun</URI>
</RegistrationInfo>
<Triggers>
<BootTrigger>
<Enabled>true</Enabled>
</BootTrigger>
</Triggers>
<Principals>
<Principal id="Author">
<UserId>S-1-5-21-987654321-1234567890-987654321-1001</UserId> <!--换成自己的UserId,或者可以不管,这个是ChatGPT生成的-->
<LogonType>S4U</LogonType>
<RunLevel>HighestAvailable</RunLevel>
</Principal>
</Principals>
<Settings>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>true</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
<AllowHardTerminate>false</AllowHardTerminate>
<StartWhenAvailable>false</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
<IdleSettings>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
<AllowStartOnDemand>true</AllowStartOnDemand>
<Enabled>true</Enabled>
<Hidden>false</Hidden>
<RunOnlyIfIdle>false</RunOnlyIfIdle>
<WakeToRun>false</WakeToRun>
<ExecutionTimeLimit>PT0S</ExecutionTimeLimit>
<Priority>7</Priority>
</Settings>
<Actions Context="Author">
<Exec>
<Command>Z:\path\to\your\run.bat</Command> <!--换成自己的脚本位置,或者直接把上面的脚本放在这里-->
</Exec>
</Actions>
</Task>
把这个xml文件保存,在 任务计划程序 中导入,导入成功之后会看见多了 Sing-box Tun,右键运行
自己创建
先随便创建一个基本计划,假设这里你把计划命名为了 sing-box Tun ,右键它点击属性
- 在安全选项中选择选择
不管用户是否登入都要运行,勾选不存储密码。只有访问计算机资源的权限,勾选使用最高权限运行。 - 创建一个触发器,在
开始任务的下拉栏内选择启动时。 - 创建一个操作,内容为你脚本的绝对路径,或者把脚本的内容放在这里
- 取消勾选
设置内如果任务运行时间超过以下时间,停止任务
保存,然后运行
之后应该就可以让sing-box在后台无窗口运行了
Update vless mux
大佬,请指导怎样把若干代理协议同时集中在一个服务端的config.json里。
sing-box给人以搭积木的感觉,但是怎样将不同代理协议,以不同端口的方式并存,对我来说有难度.
特别恳请大佬设计一下多代理同时共存的示例.
谢谢.
please add sing-box to vmess+ws+tsl+cdn server config file
please add sing-box to vmess+ws+tsl+cdn server config file.
i use NAT ipv6 vps install sing-box,
i think use vmess+ws+tsl and cloudflare CDN,
but not find all config file.
please give an example of a config file
关于sing-box官方文档的已知问题
看tun的示例文件是否有这个问题,看到开启了自动路由没有开启严格路由
DNS rules 的 outbound any 是否应该放在首项?
DNS rules 中有outbound这个配项,我感觉是用来指定某个outbound的Server Address解析时所用的DNS。也就是说:如果某个outbound的服务器地址不是IP的话,将先去DNS Rules匹配一下,得到DNS Server后再进行DNS解析。
以这个为例子,any 放在了最后
sing-box-examples/Tun/config_client_windows.json
Lines 60 to 62 in 5ec2b9e
如果前面Geosite中出现了代理服务器的域名地址:
sing-box-examples/Tun/config_client_windows.json
Lines 47 to 50 in 5ec2b9e
那么就会走dns_proxy,也就是回到代理服务器,再来一次DNS请求,造成死循环。
所以我提个不成熟的小建议:将 any 始终放在首项(当然指定某些tag走直连也是可行的)
求一个grpc example
大佬可以写一个grpc的example么,我根据您之前的ws+nginx改了一下无法成功啊…水平菜了菜了……
Converting xray DNS to sing-box DNS
Hello,
I use this config in xray to manage DNS.
{
"dns": {
"tag": "dns",
"hosts": {
"dns.cloudflare.com": [
"104.16.132.229",
"104.16.133.229",
"1.1.1.1",
"1.0.0.1"
],
"domain:youtube.com": [
"google.com"
]
},
"servers": [
"https://dns.cloudflare.com/dns-query",
"https://cloudflare-dns.com/dns-query"
]
}
}
The important part is I resolve some of domains myself by providing IPs or mapping 2 domains to each other which have same IPs.
I wonder how can I achieve this in sing-box?
https proxy with tls
example https proxy with cert and key
connected in client with sni
https://sing-box.sagernet.org/configuration/outbound/http/
https://sing-box.sagernet.org/configuration/shared/tls/#outbound
https://sing-box.sagernet.org/configuration/inbound/http/
https://sing-box.sagernet.org/configuration/shared/tls/#inbound
wireguard.md获取warp账号
获取的应该是免费账号吧?好像是有限速~
我想替换成电报群找到的收费key怎么操作
openwrt下插件 SSR PLUS 如何设置 TROJAN客户端
你好,大佬,
只能这些一个也不选,时断时好。
不何为何?
服务器的JSON配置参见您的样本,只改了密码+端口。
盼赐教!
感谢!
关于tun配置文件客户端dns部分
用大佬的tun客户端配置,有些域名dns解析有问题导致无法连接上,我想这个域名走系统dns解析,所以我在dns服务器部分新增一个系统解析的服务器,然后规则加上这个域名,大佬帮忙看下对不对,谢谢!
{
"dns": {
"server": [
{
"tag": "dns_local",
"address": "local",
"strategy": "ipv4_only",
"detour": "direct"
}
],
"rules": [
{
"domain_suffix": [
"域名.com"
]
}
"server": "dns_local"
]
}
}
wireguard.md
在inbond添加:domain strategy 好像性能好一点?从拖动yt播放条看。
could you add examples trojan websocket along with trojan tcp tls?
naive协议客户端如何配置?
服务器用的是caddy配置的naive,客户端怎么用singbox配置?
Why can it only be started once...and then it cannot be started again?
Why can it only be started once...and then it cannot be started again?
Windows 10
sing-box 1.4.6
可否增加Linux的Tun示例?
使用Linux作为旁路由网关,请给个Tun + Fake IP的示例,非常感谢!
请教大神,clash meta 配置怎么写哦,
安装教程 hy已经运行在两个小鸡上了,但是安卓的clash一直连不上,试着写了几个 都不行
Command to create ssl certificate. To install vmess ws and vless ws
As title. Can you provide instructions on how to install and configure an example for vless ws
关于安卓配置问题
大佬您好,我用的是shadow-tls协议,outbounds部分替换了您配置文件中velss部分,结果无法访问,会观察到日志ERROR[0031] dns:exchange failed for gmscompliance-pa.googleapis.com.IN A:context canceled这样的报错,配置文件如下,能否帮忙看看
{
"log": {
"level": "info",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "dns_proxy",
"address": "tcp://1.1.1.1",
"address_resolver": "dns_direct",
"strategy": "ipv4_only", // 若服务端准备好了IPv6,可改为 prefer_ipv6
"detour": "shadowtls-out"
},
{
"tag": "dns_direct",
"address": "https://223.5.5.5/dns-query",
"strategy": "ipv4_only", // 若客户端准备好了IPv6,可改为 prefer_ipv6
"detour": "direct"
},
{
"tag": "dns_block",
"address": "rcode://success"
}
],
"rules": [
{
"geosite": [
"category-ads-all"
],
"server": "dns_block",
"disable_cache": true
},
{
"geosite": [
"category-games@cn"
],
"server": "dns_direct"
},
{
"geosite": [
"geolocation-!cn"
],
"server": "dns_proxy"
},
{
"geosite": [
"cn",
"private"
],
"server": "dns_direct"
}
]
},
"route": {
"geoip": {
"download_url": "https://github.com/soffchen/sing-geoip/releases/latest/download/geoip.db"
},
"geosite": {
"download_url": "https://github.com/soffchen/sing-geosite/releases/latest/download/geosite.db"
},
"rules": [
{
"protocol": "dns",
"outbound": "dns-out"
},
{
"geosite": [
"category-ads-all"
],
"outbound": "block"
},
{
"type": "logical",
"mode": "and",
"rules": [
{
"geosite": [
"category-games@cn"
]
},
{
"geoip": [
"cn"
]
}
],
"outbound": "direct"
},
{
"geosite": [
"geolocation-!cn"
],
"outbound": "shadowtls-out"
},
{
"type": "logical",
"mode": "and",
"rules": [
{
"geosite": [
"cn"
]
},
{
"geoip": [
"cn"
]
}
],
"outbound": "direct"
},
{
"geosite": [
"private"
],
"outbound": "direct"
},
{
"geoip": [
"cn",
"private"
],
"outbound": "direct"
}
],
"auto_detect_interface": true
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"interface_name": "tun0",
"inet4_address": "172.19.0.1/30",
"inet6_address": "fdfe:dcba:9876::1/126",
"mtu": 9000,
"auto_route": true,
"strict_route": true,
"endpoint_independent_nat": false,
"stack": "gvisor",
"sniff": true,
"sniff_override_destination": false
}
],
"outbounds": [
{
"type": "shadowsocks",
"method": "chacha20-ietf-poly1305",
"password": "pawwsd",
"detour": "shadowtls-out",
"multiplex": {
"enabled": true,
"max_connections": 4,
"min_streams": 4
}
},
{
"type": "shadowtls",
"tag": "shadowtls-out",
"server": "199.199.199.199",
"server_port": 443,
"version": 3,
"password": "pawwsd",
"tls": {
"enabled": true,
"server_name": "aws.amazon.com",
"utls": {
"enabled": false,
"fingerprint": "chrome"
}
}
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
},
{
"type": "dns",
"tag": "dns-out"
}
]
}
这个配置有DNS泄露,和HY2的一样
Tuic Unable to connect
This is my configuration
{
"log": {
"level": "info",
"timestamp": true
},
"inbounds": [
{
"type": "tuic",
"listen": "test.ley.vn",
"listen_port": 443,
"users": [
{
"uuid": "2a1f8889-cd2b-4d7f-863e-b151eabdabc7",
"password": "88b0d030-9b09-4f4b-be9f-7bd8f3a42390"
}
],
"congestion_control": "bbr",
"tls": {
"enabled": true,
"alpn": [
"h3"
],
"certificate_path": "/root/fullchain.cer",
"key_path": "/root/Private.key"
}
}
],
"outbounds": [
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
}
]
}
{
"log": {
"disabled": true
},
"dns": {
"servers": [
{
"tag": "dns_proxy",
"address": "76.76.2.42",
"address_resolver": "dns_direct",
"strategy": "ipv4_only",
"detour": "proxy"
},
{
"tag": "dns_direct",
"address": "local",
"strategy": "ipv4_only",
"detour": "direct"
}
],
"rules": [
{
"outbound": "any",
"server": "dns_direct"
}
],
"strategy": "ipv4_only"
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"mtu": 9000,
"inet4_address": "172.19.0.1/30",
"auto_route": true,
"strict_route": true,
"stack": "gvisor",
"sniff": true
}
],
"outbounds": [
{
"type": "tuic",
"tag": "proxy",
"server": "test.ley.vn",
"server_port": 443,
"uuid": "2a1f8889-cd2b-4d7f-863e-b151eabdabc7",
"password": "88b0d030-9b09-4f4b-be9f-7bd8f3a42390",
"congestion_control": "bbr",
"tls": {
"enabled": true,
"server_name": "dl.kgvn.garenanow.com",
"alpn": "h3"
}
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
},
{
"type": "dns",
"tag": "dns-out"
}
],
"route": {
"rules": [
{
"protocol": "dns",
"outbound": "dns-out"
},
{
"network": "udp",
"port": [
443,
80
],
"outbound": "block"
}
],
"auto_detect_interface": true
},
"experimental": {
"clash_api": {
"external_controller": "127.0.0.1:9090",
"external_ui": "../files/yacd",
"cache_file": "../cache/clash.db"
}
}
}
小小的请求
老哥
一直在用您的example十分不错感恩!
想请教一下如何实现ipv4/v6的分流呢,您这里没有开讨论只好斗胆发issue了,如果您觉得…不太合适的话我就关了
实在是没查到,sing的example有点少,wiki页面也没扒明白……
不论您是否有空回答都十分感谢!
wireguard.md里面套warp的方法在更新sing-box正式版1.5.0之后失效~
之前用的pre分支内核都可以正常套,不知道为什么更新了正式版内核后warp就失效了
我试着改写客户端这样的CONFIG.JSON
{
"run_type": "client",
"local_addr": "127.0.0.1",
"local_port": 10808,
"remote_addr": "example.com",
"remote_port": 17386,
"password": [
"XXXXXX"
],
"log_level": 1,
"ssl": {
"verify": true,
"verify_hostname": true,
"cert": "",
"cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA",
"cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"sni": "",
"alpn": [
"h2",
"http/1.1"
],
"reuse_session": true,
"session_ticket": false,
"curves": ""
},
"tcp": {
"no_delay": true,
"keep_alive": true,
"reuse_port": false,
"fast_open": false,
"fast_open_qlen": 20
}
}
***您好,我试着改写客户端这样的CONFIG.JSON
在DEEPIN LINUX系统下 运行TROJAN客户端,显示找不到证书。
不知 "cert": "", 此处如何填写?
要从VPS上 下载证书到本地吗?
盼赐教。
感谢!!!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.