利用Sing-box通用平台搭建服务
编辑
1716
2023-10-31
sing-box是一个通用的代理平台,可以利用其很好的搭建服务端,支持目前主流的代理协议,例如vless,trojan,shadowtls等
Ubuntu中安装sing-box
建议直接利用deb文件安装,这样可以直接安装成服务以及配置好初始配置
下载deb文件
$ wget https://github.com/SagerNet/sing-box/releases/download/v1.5.3/sing-box_1.5.3_linux_amd64.deb
1.5.3是目前最新的,可以Releases · SagerNet/sing-box (github.com)找到自己需要的版本。
安装deb文件
# dpkg -i sing-box_1.5.3_linux_amd64.deb
sing-box管理
- 配置文件位置:
/etc/sing-box/config.json - 查看sing-box状态:
# systemctl status sing-box - 启动sing-box服务:
# systemctl start sing-box - 停止sing-box服务:
# systemctl stop sing-box - 查看sing-box最后20条日志:
# journalctl -u sing-box -n 20
配置shadowTLS服务
以配置shadowTLS为例说下server和client端的配置,具体的配置可以查阅sing-box官方的WIKI查看开始 - sing-box (sagernet.org)
配置server端的inbounds
inbounds是一个数组,所以可以在其中添加各种代理的协议,同时共存,具体的协议规则可以查看上面的wiki
{
"type": "shadowtls",
"listen": "::",
"listen_port": 443,
"detour": "shadowsocks-in",
"version": 3,
"users": [
{
"password": ""
}
],
"handshake": {
"server": "",
"server_port": 443
},
"strict_mode": true
},
{
"type": "shadowsocks",
"tag": "shadowsocks-in",
"listen": "127.0.0.1",
"method": "2022-blake3-aes-128-gcm",
"password": ""
}
配置中的password字段可以用$ openssl rand -base64 16获得,server需要选择一个支持tls1.3版本的网站。
配置client端的outbounds
{
"type": "shadowsocks",
"tag": "ss"
"detour": "shadowtls-out",
"method": "2022-blake3-aes-128-gcm",
"password": ""
},
{
"type": "shadowtls",
"tag": "shadowtls-out",
"server": "",
"server_port": 443,
"version": 3,
"password": "",
"tls": {
"enabled": true,
"server_name": ""
}
}
password和上面的相同,server_name和上面的server相同,server字段为vps公网地址。
多种协议的配置文件示例
客户端配置文件示例
{
"dns": {
"rules": [
{
"clash_mode": "global",
"server": "remote"
},
{
"clash_mode": "direct",
"server": "local"
},
{
"outbound": [
"any"
],
"server": "local"
},
{
"geosite": "cn",
"server": "local"
}
],
"servers": [
{
"address": "https://1.1.1.1/dns-query",
"detour": "select",
"tag": "remote"
},
{
"address": "https://223.5.5.5/dns-query",
"detour": "direct",
"tag": "local"
}
],
"strategy": "ipv4_only"
},
"experimental": {
"clash_api": {
"external_controller": "127.0.0.1:9090",
"secret": "",
"store_selected": true
}
},
"inbounds": [
{
"auto_route": true,
"domain_strategy": "ipv4_only",
"endpoint_independent_nat": true,
"inet4_address": "172.19.0.1/30",
"mtu": 9000,
"sniff": true,
"sniff_override_destination": true,
"strict_route": true,
"type": "tun"
},
{
"domain_strategy": "ipv4_only",
"listen": "127.0.0.1",
"listen_port": 2333,
"sniff": true,
"sniff_override_destination": true,
"tag": "socks-in",
"type": "socks",
"users": []
},
{
"domain_strategy": "ipv4_only",
"listen": "127.0.0.1",
"listen_port": 2334,
"sniff": true,
"sniff_override_destination": true,
"tag": "mixed-in",
"type": "mixed",
"users": []
}
],
"log": {},
"outbounds": [
{
"default": "urltest",
"outbounds": [
"urltest",
"AZHK"
],
"tag": "select",
"type": "selector"
},
{
"flow": "xtls-rprx-vision",
"packet_encoding": "xudp",
"server": "xxxx",
"server_port": 6330,
"tag": "AZHK",
"tls": {
"enabled": true,
"reality": {
"enabled": true,
"public_key": "xxx",
"short_id": "0xxx"
},
"server_name": "www.microsoft.com",
"utls": {
"enabled": true,
"fingerprint": "chrome"
}
},
"type": "vless",
"uuid": "94a56686-cc9a-4583-b62axxxxx"
},
{
"tag": "direct",
"type": "direct"
},
{
"tag": "block",
"type": "block"
},
{
"tag": "dns-out",
"type": "dns"
},
{
"outbounds": [
"AZHK"
],
"tag": "urltest",
"type": "urltest"
},
{
"default": "direct",
"outbounds": [
"direct",
"urltest",
"all"
],
"tag": "mix",
"type": "selector"
},
{
"outbounds": [
"AZHK"
],
"tag": "all",
"type": "selector"
}
],
"route": {
"auto_detect_interface": true,
"geoip": {
"download_url": "https://cdn.jsdelivr.net/gh/SenLief/clash-geosite@release/geoip.db"
},
"geosite": {
"download_url": "https://cdn.jsdelivr.net/gh/SenLief/clash-geosite@release/geosite.db"
},
"rules": [
{
"domain_suffix": [
"argotunnel.com",
"ghproxy.com"
],
"outbound": "direct"
},
{
"geosite": "ads",
"outbound": "block"
},
{
"geosite": [
"spotify",
"microsoft-cn",
"apple-cn",
"google-cn",
"games-cn"
],
"outbound": "mix"
},
{
"geosite": [
"netflix",
"disney",
"max",
"primevideo",
"appletv",
"youtube",
"tiktok"
],
"outbound": "select"
},
{
"geosite": "openai",
"outbound": "select"
},
{
"outbound": "dns-out",
"protocol": "dns"
},
{
"clash_mode": "direct",
"outbound": "direct"
},
{
"clash_mode": "global",
"outbound": "select"
},
{
"geoip": [
"cn",
"private"
],
"outbound": "direct"
},
{
"geosite": "proxy",
"outbound": "select"
},
{
"geosite": "cn",
"outbound": "direct"
}
]
}
}
- 0
- 0
-
分享