sing-box安装配置Vless-vision、Vmess-ws、Hysteria、Tuic、Naiveproxy
- 获取链接
- 电子邮件
- 其他应用
本教程测试环境:ubuntu 22.04 X64
sing-box 是新一代的通用网络代理平台,基本上目前流行的协议都支持,支持基于规则的分流、支持TUN等,支持的平台也很全,有网络代理平台的“瑞士军刀”之称,文档在这里。
sing-box更新迭代速度很快,新旧版本的配置不一定互相兼容,官方配置参考这里 。
本博文通过sing-box安装目前流行的四种协议Vless-vision、Vmess-ws、Hysteria V2、Tuic V5、Naiveproxy到一个配置文件之中,且只需一个子域名及其证书。
申请证书,参考这里 1.4点或这里第5点,本博文所用域名six.mydomain.com,证书目录/root/cert
1、安装sing-box服务器端,参考这里
SSH登录服务器,运行以下脚本
bash <(curl -fsSL https://sing-box.app/deb-install.sh)安装完成后,二进制文件/usr/bin/sing-box ,配置文件/etc/sing-box/config.json
2、编辑服务器端配置文件
vi /etc/sing-box/config.json写入以下内容,将域名、证书地址、uuid、ws路径、密码、端口等换成自己的
{
"log": {
"disabled": false,
"level": "info",
"timestamp": true
},
"inbounds": [
{
"type": "vless",
"sniff": true,
"sniff_override_destination": true,
"tag": "vless-sb",
"listen": "::",
"listen_port": 16589,
"users": [
{
"uuid": "f8b8c801-3894-45a2-b1f6-d26a04189a70",
"flow": "xtls-rprx-vision"
}
],
"tls": {
"enabled": true,
"certificate_path": "/root/cert/cert.crt",
"key_path": "/root/cert/private.key"
}
},
{
"type": "vmess",
"sniff": true,
"sniff_override_destination": true,
"tag": "vmess-sb",
"listen": "::",
"listen_port": 2095,
"users": [
{
"uuid": "f8b8c801-3894-45a2-b1f6-d26a04189a70",
"alterId": 0
}
],
"transport": {
"type": "ws",
"path": "xyzabc"
},
"tls":{
"enabled": true,
"server_name": "six.mydomain.com",
"min_version": "1.2",
"max_version": "1.3",
"certificate_path": "/root/cert/cert.crt",
"key_path": "/root/cert/private.key"
}
},
{
"type": "hysteria2",
"sniff": true,
"sniff_override_destination": true,
"tag": "hy2-sb",
"listen": "::",
"listen_port": 58378,
"users": [
{
"password": "f8b8c801-3894-45a2-b1f6-d26a04189a70"
}
],
"up_mbps": 100,
"down_mbps": 20,
"tls": {
"enabled": true,
"alpn": [
"h3"
],
"min_version":"1.2",
"max_version":"1.3",
"certificate_path": "/root/cert/cert.crt",
"key_path": "/root/cert/private.key"
}
},
{
"type":"tuic",
"sniff": true,
"sniff_override_destination": true,
"tag": "tuic5-sb",
"listen": "::",
"listen_port": 16680,
"users": [
{
"uuid": "f8b8c801-3894-45a2-b1f6-d26a04189a70",
"password": "f8b8c801-3894-45a2-b1f6-d26a04189a70"
}
],
"congestion_control": "bbr",
"tls":{
"enabled": true,
"alpn": [
"h3"
],
"certificate_path": "/root/cert/cert.crt",
"key_path": "/root/cert/private.key"
}
}
],
"outbounds": [
{
"type":"direct"
}
]
}测试配置文件
/usr/bin/sing-box check -c /etc/sing-box/config.json设置开机启动并运行sing-box
systemctl enable --now sing-box查看日志
sudo journalctl -u sing-box --output cat -e实时日志
sudo journalctl -u sing-box --output cat -f记得防火墙放行相关端口 如16589
ufw allow 165893、编辑客户端配置文件
{
"log": {
"disabled": false,
"level": "info",
"timestamp": true
},
"experimental": {
"clash_api": {
"external_controller": "127.0.0.1:9080",
"external_ui": "ui",
"external_ui_download_url": "",
"external_ui_download_detour": "",
"secret": "123456",
"default_mode": "Rule"
},
"cache_file": {
"enabled": true,
"path": "cache.db",
"store_fakeip": true
}
},
"dns": {
"servers": [
{
"tag": "proxydns",
"address": "https://8.8.8.8/dns-query",
"detour": "select"
},
{
"tag": "localdns",
"address": "h3://223.5.5.5/dns-query",
"detour": "direct"
},
{
"address": "rcode://refused",
"tag": "block"
},
{
"tag": "dns_fakeip",
"address": "fakeip"
}
],
"rules": [
{
"outbound": "any",
"server": "localdns",
"disable_cache": true
},
{
"clash_mode": "Global",
"server": "proxydns"
},
{
"clash_mode": "Direct",
"server": "localdns"
},
{
"rule_set": "geosite-cn",
"server": "localdns"
},
{
"rule_set": "geosite-geolocation-!cn",
"server": "proxydns"
},
{
"rule_set": "geosite-geolocation-!cn",
"query_type": [
"A",
"AAAA"
],
"server": "dns_fakeip"
}
],
"fakeip": {
"enabled": true,
"inet4_range": "198.18.0.0/15",
"inet6_range": "fc00::/18"
},
"independent_cache": true,
"final": "proxydns"
},
"inbounds": [
{
"type": "tun",
"inet4_address": "172.19.0.1/30",
"inet6_address": "fdfe:dcba:9876::1/126",
"auto_route": true,
"strict_route": true,
"sniff": true
}
],
"outbounds": [
{
"tag": "select",
"type": "selector",
"default": "auto",
"outbounds": [
"auto",
"vless-sb",
"vmess-sb",
"hy2-sb",
"tuic5-sb"
]
},
{
"type": "vless",
"tag": "vless-sb",
"server": "six.mydomain.com",
"server_port": 16589,
"uuid": "f8b8c801-3894-45a2-b1f6-d26a04189a70",
"flow": "xtls-rprx-vision",
"tls": {
"enabled": true,
"server_name": "six.mydomain.com",
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
}
},
{
"type": "vmess",
"tag": "vmess-sb",
"server": "six.mydomain.com",
"server_port": 2095,
"security": "auto",
"uuid": "f8b8c801-3894-45a2-b1f6-d26a04189a70",
"tls": {
"enabled": true,
"server_name": "six.mydomain.com",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"transport": {
"headers": {
"Host": [
"six.mydomain.com"
]
},
"path": "xyzabc",
"type": "ws"
}
},
{
"type": "hysteria2",
"tag": "hy2-sb",
"server": "six.mydomain.com",
"server_port": 58378,
"password": "f8b8c801-3894-45a2-b1f6-d26a04189a70",
"tls": {
"enabled": true,
"server_name": "six.mydomain.com",
"insecure": true,
"alpn": [
"h3"
]
}
},
{
"type":"tuic",
"tag": "tuic5-sb",
"server": "six.mydomain.com",
"server_port": 16680,
"uuid": "f8b8c801-3894-45a2-b1f6-d26a04189a70",
"password": "f8b8c801-3894-45a2-b1f6-d26a04189a70",
"congestion_control": "bbr",
"udp_relay_mode": "native",
"udp_over_stream": false,
"zero_rtt_handshake": false,
"heartbeat": "10s",
"tls":{
"enabled": true,
"server_name": "six.mydomain.com",
"insecure": true,
"alpn": [
"h3"
]
}
},
{
"tag": "direct",
"type": "direct"
},
{
"tag": "block",
"type": "block"
},
{
"tag": "dns-out",
"type": "dns"
},
{
"tag": "auto",
"type": "urltest",
"outbounds": [
"vless-sb",
"vmess-sb",
"hy2-sb",
"tuic5-sb"
],
"url": "https://cp.cloudflare.com/generate_204",
"interval": "1m",
"tolerance": 50,
"interrupt_exist_connections": false
}
],
"route": {
"rule_set": [
{
"tag": "geosite-geolocation-!cn",
"type": "remote",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs",
"download_detour": "select",
"update_interval": "1d"
},
{
"tag": "geosite-cn",
"type": "remote",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-cn.srs",
"download_detour": "select",
"update_interval": "1d"
},
{
"tag": "geoip-cn",
"type": "remote",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs",
"download_detour": "select",
"update_interval": "1d"
}
],
"auto_detect_interface": true,
"final": "select",
"rules": [
{
"outbound": "dns-out",
"protocol": "dns"
},
{
"clash_mode": "Direct",
"outbound": "direct"
},
{
"clash_mode": "Global",
"outbound": "select"
},
{
"rule_set": "geoip-cn",
"outbound": "direct"
},
{
"rule_set": "geosite-cn",
"outbound": "direct"
},
{
"ip_is_private": true,
"outbound": "direct"
},
{
"rule_set": "geosite-geolocation-!cn",
"outbound": "select"
}
]
},
"ntp": {
"enabled": true,
"server": "time.apple.com",
"server_port": 123,
"interval": "30m",
"detour": "direct"
}
}注意域名、证书地址、uuid、ws路径、密码、端口等与服务端一致
说明: 1、此配置文件通用于sing-box官方android、ios、windows、linux客户端
3、此配置文件使用的是tun模式(需要管理员权限),如不想使用tun,将配置文件中的inbounds字段修改成以下内容即可,然后搭配 Proxy SwitchyOmega 使用
"inbounds": [
{
"type": "mixed",
"listen": "::",
"listen_port": 1089
}
]4、支持sing-box的图形客户端
官方的sing-box图形客户端还在开发中,但nekoray 可支持sing-box配置的单个节点配置文件,如vless-vision可以如下配置
5、关于Naiveproxy的配置,sing-box仅服务器端支持naive(入站),客户端不支持naive(出站),在服务器端配置文件中的inbounds字段加入以下naive节点即可
{
"type": "naive",
"sniff": true,
"sniff_override_destination": true,
"tag": "naive-sb",
"listen": "::",
"listen_port": 6989,
"users": [
{
"username": "sing",
"password": "f8b8c801-3894-45a2-b1f6-d26a04189a70"
}
],
"tls": {
"enabled": true,
"certificate_path": "/root/sing-box/cert.crt",
"key_path": "/root/sing-box/private.key"
}
}
在支持naiveproxy的客户端中如nekoray中配置
- 获取链接
- 电子邮件
- 其他应用
评论
发表评论