系统环境

标题 版本 备注
系统版本 22.04.3 LTS (Jammy Jellyfish) -
内核版本 5.15.0-91-generic #101-Ubuntu SMP Tue Nov 14 13:30:08 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux -
Sing-box v1.8.12 -

Sing-box 简介

Sing-box 项目地址: https://github.com/SagerNet/sing-box
Sing-box 官方文档: https://sing-box.sagernet.org/zh/

Sing-box 是新一代的通用网络代理平台,基本上目前流行的协议都支持,支持基于规则的分流、支持TUN等,支持的平台也很全,有网络代理平台的“瑞士军刀”之称

Sing-box 安装

登陆服务器,执行安装命令 bash <(curl -fsSL https://sing-box.app/deb-install.sh) 进行安装:

1
bash <(curl -fsSL https://sing-box.app/deb-install.sh)

安装完成后,其自动在 /lib/systemd/system/ 目录下生成 sing-box 的启动脚本文件 sing-box.service,内容为:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[Unit]
Description=sing-box service
Documentation=https://sing-box.sagernet.org
After=network.target nss-lookup.target network-online.target

[Service]
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
ExecStart=/usr/bin/sing-box -D /var/lib/sing-box -C /etc/sing-box run
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
RestartSec=10s
LimitNOFILE=infinity

[Install]
WantedBy=multi-user.target

服务端配置

本案例采用 vmess 协议的 80 端口

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
{
    "inbounds": [
        {
            "type": "vmess",
            "listen": "::",
            "listen_port": 80,
            "users": [
                {
                    "uuid": "2974210b-8d09-440d-9b49-de59eb0810d8",
                    "alterId": 0
                }
            ],
            "transport": {
                "type": "ws",
                "path": "/",
                "max_early_data": 2048,
                "early_data_header_name": "Sec-WebSocket-Protocol"
            }
        }
    ],
    "outbounds": [
        {
            "type": "direct"
        }
    ]
}

本案例采用的是 hysteria2 配的

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
{
    "inbounds": [
        {
            "type": "hysteria2",
            "listen": "::",
            "listen_port": 443,
            "up_mbps": 100,
            "down_mbps": 20,
            "users": [
                {
                    "password": "chekir"
                }
            ],
            "tls": {
                "enabled": true,
                "alpn": [
                    "h3"
                ],
                "certificate_path": "/usr/local/ssl/full_chain.pem",
                "key_path": "/usr/local/ssl/private.key"
            }
        }
    ],
    "outbounds": [
        {
            "type": "direct"
        }
    ]
}

本案例采用的是 vless 配的

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
{
    "inbounds": [
        {
            "type": "vless",
            "listen": "::",
            "listen_port": 443,
            "users": [
                {
                    "uuid": "2974210b-8d09-440d-9b49-de59eb0810d8",
                    "flow": "xtls-rprx-vision"
                }
            ],
            "tls": {
                "enabled": true,
                "server_name": "singbox.tufau.com", 
                "reality": {
                    "enabled": true,
                    "handshake": {
                        "server": "singbox.tufau.com",
                        "server_port": 443
                    },
                    "certificate_path": "/usr/local/ssl/full_chain.pem",
                    "private_key": "/usr/local/ssl/private.key", 
                    "short_id": [
                        "b2c86d5449d237fa"
                    ]
                }
            }
        }
    ],
    "outbounds": [
        {
            "type": "direct"
        }
    ]
}

客户端配置

本案例采用 vmess 协议的 80 端口

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
{
    "log": {
      "level": "info",
      "timestamp": true
    },
    "dns": {
      "servers": [
        {
          "tag": "cloudflare",
          "address": "https://1.1.1.1/dns-query"
        },
        {
          "tag": "dnspod",
          "address": "https://1.12.12.12/dns-query",
          "detour": "direct"
        },
        {
          "tag": "block",
          "address": "rcode://success"
        }
      ],
      "rules": [
        {
          "geosite": "cn",
          "server": "dnspod"
        },
        {
          "geosite": "category-ads-all",
          "server": "block",
          "disable_cache": true
        }
      ]
    },
    "inbounds": [
      {
        "type": "tun",
        "tag": "tun-in",
        "interface_name": "utun",
        "inet4_address": "172.19.0.1/30",
        "auto_route": true,
        "strict_route": true,
        "stack": "gvisor",
        "sniff": true
      }
    ],
   "outbounds": [
     {
            "type": "vmess",
            "server": "45.32.41.150",
            "server_port": 80,
            "uuid": "2974210b-8d09-440d-9b49-de59eb0810d8",
            "security": "aes-128-gcm",
            "alter_id": 0,
            "packet_encoding": "packetaddr",
            "transport": {
                "type": "ws",
                "path": "/",
                "max_early_data": 2048,
                "early_data_header_name": "Sec-WebSocket-Protocol"
            }
      },
      {
        "type": "direct",
        "tag": "direct"
      },
      {
        "type": "block",
        "tag": "block"
      },
      {
        "type": "dns",
        "tag": "dns"
      }
    ],
    "route": {
      "rules": [
        {
          "protocol": "dns",
          "outbound": "dns"
        },
        {
          "geosite": "cn",
          "geoip": [
            "cn",
            "private"
          ],
          "outbound": "direct"
        },
        {
          "geosite": "category-ads-all",
          "outbound": "block"
        }
      ],
      "auto_detect_interface": true
    }
}

本案例采用的是 hysteria2 配的

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
{
    "log": {
      "level": "info",
      "timestamp": true
    },
    "dns": {
      "servers": [
        {
          "tag": "cloudflare",
          "address": "https://1.1.1.1/dns-query"
        },
        {
          "tag": "dnspod",
          "address": "https://1.12.12.12/dns-query",
          "detour": "direct"
        },
        {
          "tag": "block",
          "address": "rcode://success"
        }
      ],
      "rules": [
        {
          "geosite": "cn",
          "server": "dnspod"
        },
        {
          "geosite": "category-ads-all",
          "server": "block",
          "disable_cache": true
        }
      ]
    },
    "inbounds": [
      {
        "type": "tun",
        "tag": "tun-in",
        "interface_name": "utun",
        "inet4_address": "172.19.0.1/30",
        "auto_route": true,
        "strict_route": true,
        "stack": "gvisor",
        "sniff": true
      }
    ],
   "outbounds": [
     {
        "type": "hysteria2",
        "server": "45.32.41.150", 
        "server_port": 443,
        "tag": "sing-box-hysteria2",
        "up_mbps": 20,
        "down_mbps": 100,
        "password": "chekir",
        "tls": {
          "enabled": true,
          "server_name": "singbox.tufau.com", 
          "insecure": false, 
          "alpn": [
            "h3"
          ]
        }
      },
      {
        "type": "direct",
        "tag": "direct"
      },
      {
        "type": "block",
        "tag": "block"
      },
      {
        "type": "dns",
        "tag": "dns"
      }
    ],
    "route": {
      "rules": [
        {
          "protocol": "dns",
          "outbound": "dns"
        },
        {
          "geosite": "cn",
          "geoip": [
            "cn",
            "private"
          ],
          "outbound": "direct"
        },
        {
          "geosite": "category-ads-all",
          "outbound": "block"
        }
      ],
      "auto_detect_interface": true
    }
}

本案例采用的是 vless 配的

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
{
  "log": {
    "level": "info",
    "timestamp": true
  },
  "dns": {
    "servers": [
      {
        "tag": "cloudflare",
        "address": "https://1.1.1.1/dns-query"
      },
      {
        "tag": "dnspod",
        "address": "https://1.12.12.12/dns-query",
        "detour": "direct"
      },
      {
        "tag": "block",
        "address": "rcode://success"
      }
    ],
    "rules": [
      {
        "geosite": "cn",
        "server": "dnspod"
      },
      {
        "geosite": "category-ads-all",
        "server": "block",
        "disable_cache": true
      }
    ]
  },
  "inbounds": [
    {
      "type": "tun",
      "tag": "tun-in",
      "interface_name": "utun",
      "inet4_address": "172.19.0.1/30",
      "auto_route": true,
      "strict_route": true,
      "stack": "gvisor",
      "sniff": true
    }
  ],
 "outbounds": [
    {
      "type": "vless",
      "server": "45.32.41.150",
      "server_port": 443,
      "uuid": "2974210b-8d09-440d-9b49-de59eb0810d8",
      "flow": "xtls-rprx-vision",
      "tls": {
          "enabled": true,
          "server_name": "singbox.tufau.com",
          "utls": {
              "enabled": true,
              "fingerprint": "chrome"
          }
      },
      "packet_encoding": "xudp"
    },
    {
      "type": "direct",
      "tag": "direct"
    },
    {
      "type": "block",
      "tag": "block"
    },
    {
      "type": "dns",
      "tag": "dns"
    }
  ],
  "route": {
    "rules": [
      {
        "protocol": "dns",
        "outbound": "dns"
      },
      {
        "geosite": "cn",
        "geoip": [
          "cn",
          "private"
        ],
        "outbound": "direct"
      },
      {
        "geosite": "category-ads-all",
        "outbound": "block"
      }
    ],
    "auto_detect_interface": true
  }
}

参考文档

sing-box安装配置Vless-vision、Vmess-ws、Hysteria、Tuic、Naiveproxy
sing-box 配置案例