sing-box是一个通用的代理平台,可以利用其很好的搭建服务端,支持目前主流的代理协议,例如vless,trojan,shadowtls等

Ubuntu中安装sing-box

建议直接利用deb文件安装,这样可以直接安装成服务以及配置好初始配置

下载deb文件

$ wget https://github.com/SagerNet/sing-box/releases/download/v1.5.3/sing-box_1.5.3_linux_amd64.deb
1.5.3是目前最新的,可以Releases · SagerNet/sing-box (github.com)找到自己需要的版本。

安装deb文件

# dpkg -i sing-box_1.5.3_linux_amd64.deb

sing-box管理

  1. 配置文件位置:/etc/sing-box/config.json
  2. 查看sing-box状态:# systemctl status sing-box
  3. 启动sing-box服务:# systemctl start sing-box
  4. 停止sing-box服务:# systemctl stop sing-box
  5. 查看sing-box最后20条日志:# journalctl -u sing-box -n 20

配置shadowTLS服务

以配置shadowTLS为例说下serverclient端的配置,具体的配置可以查阅sing-box官方的WIKI查看开始 - sing-box (sagernet.org)

配置server端的inbounds

inbounds是一个数组,所以可以在其中添加各种代理的协议,同时共存,具体的协议规则可以查看上面的wiki

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
{
            "type": "shadowtls",
            "listen": "::",
            "listen_port": 443,
            "detour": "shadowsocks-in",
            "version": 3,
            "users": [
                {
                    "password": ""
                }
            ],
            "handshake": {
                "server": "",
                "server_port": 443
            },
            "strict_mode": true
        },
        {
            "type": "shadowsocks",
            "tag": "shadowsocks-in",
            "listen": "127.0.0.1",
            "method": "2022-blake3-aes-128-gcm",
            "password": ""
        }

配置中的password字段可以用$ openssl rand -base64 16获得,server需要选择一个支持tls1.3版本的网站。

配置client端的outbounds

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
	"type": "shadowsocks",
	"tag": "ss"
	"detour": "shadowtls-out",
	"method": "2022-blake3-aes-128-gcm",
	"password": ""
},
{
	"type": "shadowtls",
	"tag": "shadowtls-out",
	"server": "",
	"server_port": 443,
	"version": 3,
	"password": "",
	"tls": {
		"enabled": true,
		"server_name": ""
	}
}

password和上面的相同,server_name和上面的server相同,server字段为vps公网地址。

多种协议的配置文件示例

官网wiki
Github配置示例

客户端配置文件示例

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
{
    "dns": {
        "rules": [
            {
                "clash_mode": "global",
                "server": "remote"
            },
            {
                "clash_mode": "direct",
                "server": "local"
            },
            {
                "outbound": [
                    "any"
                ],
                "server": "local"
            },
            {
                "geosite": "cn",
                "server": "local"
            }
        ],
        "servers": [
            {
                "address": "https://1.1.1.1/dns-query",
                "detour": "select",
                "tag": "remote"
            },
            {
                "address": "https://223.5.5.5/dns-query",
                "detour": "direct",
                "tag": "local"
            }
        ],
        "strategy": "ipv4_only"
    },
    "experimental": {
        "clash_api": {
            "external_controller": "127.0.0.1:9090",
            "secret": "",
            "store_selected": true
        }
    },
    "inbounds": [
        {
            "auto_route": true,
            "domain_strategy": "ipv4_only",
            "endpoint_independent_nat": true,
            "inet4_address": "172.19.0.1/30",
            "mtu": 9000,
            "sniff": true,
            "sniff_override_destination": true,
            "strict_route": true,
            "type": "tun"
        },
        {
            "domain_strategy": "ipv4_only",
            "listen": "127.0.0.1",
            "listen_port": 2333,
            "sniff": true,
            "sniff_override_destination": true,
            "tag": "socks-in",
            "type": "socks",
            "users": []
        },
        {
            "domain_strategy": "ipv4_only",
            "listen": "127.0.0.1",
            "listen_port": 2334,
            "sniff": true,
            "sniff_override_destination": true,
            "tag": "mixed-in",
            "type": "mixed",
            "users": []
        }
    ],
    "log": {},
    "outbounds": [
        {
            "default": "urltest",
            "outbounds": [
                "urltest",
                "AZHK"
            ],
            "tag": "select",
            "type": "selector"
        },
        {
            "flow": "xtls-rprx-vision",
            "packet_encoding": "xudp",
            "server": "xxxx",
            "server_port": 6330,
            "tag": "AZHK",
            "tls": {
                "enabled": true,
                "reality": {
                    "enabled": true,
                    "public_key": "xxx",
                    "short_id": "0xxx"
                },
                "server_name": "www.microsoft.com",
                "utls": {
                    "enabled": true,
                    "fingerprint": "chrome"
                }
            },
            "type": "vless",
            "uuid": "94a56686-cc9a-4583-b62axxxxx"
        },
        {
            "tag": "direct",
            "type": "direct"
        },
        {
            "tag": "block",
            "type": "block"
        },
        {
            "tag": "dns-out",
            "type": "dns"
        },
        {
            "outbounds": [
                "AZHK"
            ],
            "tag": "urltest",
            "type": "urltest"
        },
        {
            "default": "direct",
            "outbounds": [
                "direct",
                "urltest",
                "all"
            ],
            "tag": "mix",
            "type": "selector"
        },
        {
            "outbounds": [
                "AZHK"
            ],
            "tag": "all",
            "type": "selector"
        }
    ],
    "route": {
        "auto_detect_interface": true,
        "geoip": {
            "download_url": "https://cdn.jsdelivr.net/gh/SenLief/clash-geosite@release/geoip.db"
        },
        "geosite": {
            "download_url": "https://cdn.jsdelivr.net/gh/SenLief/clash-geosite@release/geosite.db"
        },
        "rules": [
            {
                "domain_suffix": [
                    "argotunnel.com",
                    "ghproxy.com"
                ],
                "outbound": "direct"
            },
            {
                "geosite": "ads",
                "outbound": "block"
            },
            {
                "geosite": [
                    "spotify",
                    "microsoft-cn",
                    "apple-cn",
                    "google-cn",
                    "games-cn"
                ],
                "outbound": "mix"
            },
            {
                "geosite": [
                    "netflix",
                    "disney",
                    "max",
                    "primevideo",
                    "appletv",
                    "youtube",
                    "tiktok"
                ],
                "outbound": "select"
            },
            {
                "geosite": "openai",
                "outbound": "select"
            },
            {
                "outbound": "dns-out",
                "protocol": "dns"
            },
            {
                "clash_mode": "direct",
                "outbound": "direct"
            },
            {
                "clash_mode": "global",
                "outbound": "select"
            },
            {
                "geoip": [
                    "cn",
                    "private"
                ],
                "outbound": "direct"
            },
            {
                "geosite": "proxy",
                "outbound": "select"
            },
            {
                "geosite": "cn",
                "outbound": "direct"
            }
        ]
    }
}