欢迎光临
我们一直在努力

sing-box的一些配置示例

下面所有的配置都是用nginx做sni分流共用443端口的,并且全部启用了proxy_protocol。另外使用websocket传输方式的配置可以套cdn使用。

nginx配置:

stream {
        map $ssl_preread_server_name $singbox {
                trojan.example.com trojan;
                trojan-websocket.example.com trojan-websocket;
                vmess.example.com vmess;
                vmess-websocket.example.com vmess-websocket;
                naive.example.com naive;
        }
        upstream trojan {
                server 127.0.0.1:52000;
        }
        upstream trojan-websocket {
                server 127.0.0.1:52001;
        }
        upstream vmess {
                server 127.0.0.1:52002;
        }
        upstream vmess-websocket {
                server 127.0.0.1:52003;
        }
        upstream naive {
                server 127.0.0.1:52004;
        }
        server {
                listen 443      reuseport;
                listen [::]:443 reuseport;
                proxy_pass      $singbox;
                ssl_preread     on;
                proxy_protocol  on;
        }
}

trojan-tls-tcp-server.json:

{
  "log": {
    "level": "info"
  },
  "inbounds": [
    {
      "type": "trojan",
      "tag": "trojan-in",
      "listen": "127.0.0.1",
      "listen_port": 52000,
      "tcp_fast_open": true,
      "udp_fragment": true,
      "sniff": true,
      "sniff_override_destination": false,
      "udp_timeout": 300,
      "proxy_protocol": true,
      "proxy_protocol_accept_no_header": false,
      "users": [
        {
          "name": "imlala",
          "password": "password"
        }
      ],
      "tls": {
        "enabled": true,
        "server_name": "trojan.example.com",
        "alpn": [
          "http/1.1"
        ],
        "min_version": "1.2",
        "max_version": "1.3",
        "acme": {
          "domain": ["trojan.example.com"],
          "data_directory": "/usr/local/etc/sing-box",
          "default_server_name": "",
          "email": "[email protected]",
          "provider": "letsencrypt"
        } 
      }
    }
  ],
  "outbounds": [
    {
      "type": "direct",
      "tag": "direct"
    }
  ]
}

trojan-tls-tcp-client.json:

{
  "log": {
    "level": "info",
    "timestamp": true
  },
  "dns": {
    "servers": [
      {
        "tag": "cloudflare",
        "address": "https://1.1.1.1/dns-query"
      },
      {
        "tag": "china",
        "address": "local",
        "detour": "direct"
      }
    ],
    "rules": [
      {
        "domain": "trojan.example.com",
        "geosite": "cn",
        "server": "china"
      }
    ],
    "disable_cache": true,
    "disable_expire": true
  },
  "inbounds": [
    {
      "type": "mixed",
      "tag": "mixed-in",
      "listen": "::",
      "listen_port": 20080,
      "sniff": true,
      "set_system_proxy": false
    }
  ],
  "outbounds": [
    {
      "type": "trojan",
      "tag": "trojan-out",
      "server": "trojan.example.com",
      "server_port": 443,
      "password": "password",
      "tls": {
        "enabled": true,
        "disable_sni": false,
        "server_name": "trojan.example.com",
        "insecure": false,
        "alpn": [
          "http/1.1"
        ]
      },
      "multiplex": {
        "enabled": true,
        "protocol": "smux",
        "max_connections": 5,
        "min_streams": 4,
        "max_streams": 0
      },
      "connect_timeout": "5s",
      "tcp_fast_open": true,
      "udp_fragment": true
    },
    {
      "type": "direct",
      "tag": "direct"
    },
    {
      "type": "block",
      "tag": "block"
    }
  ],
  "route": {
    "rules": [
      {
        "geosite": "cn",
        "geoip": "cn",
        "outbound": "direct"
      },
      {
        "geosite": "category-ads-all",
        "outbound": "block"
      }
    ]
  }
}

trojan-tls-websocket-server.json:

{
  "log": {
    "level": "info"
  },
  "inbounds": [
    {
      "type": "trojan",
      "tag": "trojan-in",
      "listen": "127.0.0.1",
      "listen_port": 52001,
      "tcp_fast_open": true,
      "udp_fragment": true,
      "sniff": true,
      "sniff_override_destination": false,
      "udp_timeout": 300,
      "proxy_protocol": true,
      "proxy_protocol_accept_no_header": false,
      "users": [
        {
          "name": "imlala",
          "password": "password"
        }
      ],
      "tls": {
        "enabled": true,
        "server_name": "trojan-websocket.example.com",
        "alpn": [
          "http/1.1"
        ],
        "min_version": "1.2",
        "max_version": "1.3",
        "acme": {
          "domain": ["trojan-websocket.example.com"],
          "data_directory": "/usr/local/etc/sing-box",
          "default_server_name": "",
          "email": "[email protected]",
          "provider": "letsencrypt"
        } 
      },
      "transport": {
        "type": "ws",
        "path": "/debian",
        "max_early_data": 0,
        "early_data_header_name": "Sec-WebSocket-Protocol"
      }
    }
  ],
  "outbounds": [
    {
      "type": "direct",
      "tag": "direct"
    }
  ]
}

trojan-tls-websocket-client.json:

{
  "log": {
    "level": "info",
    "timestamp": true
  },
  "dns": {
    "servers": [
      {
        "tag": "cloudflare",
        "address": "https://1.1.1.1/dns-query"
      },
      {
        "tag": "china",
        "address": "local",
        "detour": "direct"
      }
    ],
    "rules": [
      {
        "domain": "trojan-websocket.example.com",
        "geosite": "cn",
        "server": "china"
      }
    ],
    "disable_cache": true,
    "disable_expire": true
  },
  "inbounds": [
    {
      "type": "mixed",
      "tag": "mixed-in",
      "listen": "::",
      "listen_port": 20080,
      "sniff": true,
      "set_system_proxy": false
    }
  ],
  "outbounds": [
    {
      "type": "trojan",
      "tag": "trojan-out",
      "server": "trojan-websocket.example.com",
      "server_port": 443,
      "password": "password",
      "tls": {
        "enabled": true,
        "disable_sni": false,
        "server_name": "trojan-websocket.example.com",
        "insecure": false,
        "alpn": [
          "http/1.1"
        ]
      },
      "multiplex": {
        "enabled": true,
        "protocol": "smux",
        "max_connections": 5,
        "min_streams": 4,
        "max_streams": 0
      },
      "transport": {
        "type": "ws",
        "path": "/debian",
        "max_early_data": 0,
        "early_data_header_name": "Sec-WebSocket-Protocol"
      },
      "connect_timeout": "5s",
      "tcp_fast_open": true,
      "udp_fragment": true
    },
    {
      "type": "direct",
      "tag": "direct"
    },
    {
      "type": "block",
      "tag": "block"
    }
  ],
  "route": {
    "rules": [
      {
        "geosite": "cn",
        "geoip": "cn",
        "outbound": "direct"
      },
      {
        "geosite": "category-ads-all",
        "outbound": "block"
      }
    ]
  }
}

vmess-tls-tcp-server.json:

{
  "log": {
    "level": "info"
  },
  "inbounds": [
    {
      "type": "vmess",
      "tag": "vmess-in",
      "listen": "127.0.0.1",
      "listen_port": 52002,
      "tcp_fast_open": true,
      "udp_fragment": true,
      "sniff": true,
      "sniff_override_destination": false,
      "proxy_protocol": true,
      "proxy_protocol_accept_no_header": false,
      "users": [
        {
          "name": "imlala",
          "uuid": "1577ac7c-bc02-44ce-b851-8da0516473da",
          "alterId": 0
        }
      ],
      "tls": {
        "enabled": true,
        "server_name": "vmess.example.com",
        "alpn": [
          "http/1.1"
        ],
        "min_version": "1.2",
        "max_version": "1.3",
        "acme": {
          "domain": ["vmess.example.com"],
          "data_directory": "/usr/local/etc/sing-box",
          "default_server_name": "",
          "email": "[email protected]",
          "provider": "letsencrypt" 
        }
      }
    }
  ],
  "outbounds": [
    {
      "type": "direct",
      "tag": "direct"
    }
  ]
}

vmess-tls-tcp-client.json:

{
  "log": {
    "level": "info",
    "timestamp": true
  },
  "dns": {
    "servers": [
      {
        "tag": "cloudflare",
        "address": "https://1.1.1.1/dns-query"
      },
      {
        "tag": "china",
        "address": "local",
        "detour": "direct"
      }
    ],
    "rules": [
      {
        "domain": "vmess.example.com",
        "geosite": "cn",
        "server": "china"
      }
    ],
    "disable_cache": true,
    "disable_expire": true
  },
  "inbounds": [
    {
      "type": "mixed",
      "tag": "mixed-in",
      "listen": "::",
      "listen_port": 20080,
      "sniff": true,
      "set_system_proxy": false
    }
  ],
  "outbounds": [
    {
      "type": "vmess",
      "tag": "vmess-out",
      "server": "vmess.example.com",
      "server_port": 443,
      "uuid": "1577ac7c-bc02-44ce-b851-8da0516473da",
      "security": "auto",
      "alter_id": 0,
      "global_padding": false,
      "authenticated_length": true,
      "tls": {
        "enabled": true,
        "disable_sni": false,
        "server_name": "vmess.example.com",
        "insecure": false,
        "alpn": [
          "http/1.1"
        ]
      },
      "multiplex": {
        "enabled": true,
        "protocol": "smux",
        "max_connections": 5,
        "min_streams": 4,
        "max_streams": 0
      },
      "connect_timeout": "5s",
      "tcp_fast_open": true,
      "udp_fragment": true
    },
    {
      "type": "direct",
      "tag": "direct"
    },
    {
      "type": "block",
      "tag": "block"
    }
  ],
  "route": {
    "rules": [
      {
        "geosite": "cn",
        "geoip": "cn",
        "outbound": "direct"
      },
      {
        "geosite": "category-ads-all",
        "outbound": "block"
      }
    ]
  }
}

vmess-tls-websocket-server.json:

{
  "log": {
    "level": "info"
  },
  "inbounds": [
    {
      "type": "vmess",
      "tag": "vmess-in",
      "listen": "127.0.0.1",
      "listen_port": 52003,
      "tcp_fast_open": true,
      "udp_fragment": true,
      "sniff": true,
      "sniff_override_destination": false,
      "proxy_protocol": true,
      "proxy_protocol_accept_no_header": false,
      "users": [
        {
          "name": "imlala",
          "uuid": "1577ac7c-bc02-44ce-b851-8da0516473da",
          "alterId": 0
        }
      ],
      "tls": {
        "enabled": true,
        "server_name": "vmess-websocket.example.com",
        "alpn": [
          "http/1.1"
        ],
        "min_version": "1.2",
        "max_version": "1.3",
        "acme": {
          "domain": ["vmess-websocket.example.com"],
          "data_directory": "/usr/local/etc/sing-box",
          "default_server_name": "",
          "email": "[email protected]",
          "provider": "letsencrypt" 
        }
      },
      "transport": {
        "type": "ws",
        "path": "/nixos",
        "max_early_data": 0,
        "early_data_header_name": "Sec-WebSocket-Protocol"
      }
    }
  ],
  "outbounds": [
    {
      "type": "direct",
      "tag": "direct"
    }
  ]
}

vmess-tls-websocket-client.json:

{
  "log": {
    "level": "info",
    "timestamp": true
  },
  "dns": {
    "servers": [
      {
        "tag": "cloudflare",
        "address": "https://1.1.1.1/dns-query"
      },
      {
        "tag": "china",
        "address": "local",
        "detour": "direct"
      }
    ],
    "rules": [
      {
        "domain": "vmess-websocket.example.com",
        "geosite": "cn",
        "server": "china"
      }
    ],
    "disable_cache": true,
    "disable_expire": true
  },
  "inbounds": [
    {
      "type": "mixed",
      "tag": "mixed-in",
      "listen": "::",
      "listen_port": 20080,
      "sniff": true,
      "set_system_proxy": false
    }
  ],
  "outbounds": [
    {
      "type": "vmess",
      "tag": "vmess-out",
      "server": "vmess-websocket.example.com",
      "server_port": 443,
      "uuid": "1577ac7c-bc02-44ce-b851-8da0516473da",
      "security": "auto",
      "alter_id": 0,
      "global_padding": false,
      "authenticated_length": true,
      "tls": {
        "enabled": true,
        "disable_sni": false,
        "server_name": "vmess-websocket.example.com",
        "insecure": false,
        "alpn": [
          "http/1.1"
        ]
      },
      "multiplex": {
        "enabled": true,
        "protocol": "smux",
        "max_connections": 5,
        "min_streams": 4,
        "max_streams": 0
      },
      "transport": {
      	"type": "ws",
      	"path": "/nixos",
      	"max_early_data": 0,
      	"early_data_header_name": "Sec-WebSocket-Protocol"
      },
      "connect_timeout": "5s",
      "tcp_fast_open": true,
      "udp_fragment": true
    },
    {
      "type": "direct",
      "tag": "direct"
    },
    {
      "type": "block",
      "tag": "block"
    }
  ],
  "route": {
    "rules": [
      {
        "geosite": "cn",
        "geoip": "cn",
        "outbound": "direct"
      },
      {
        "geosite": "category-ads-all",
        "outbound": "block"
      }
    ]
  }
}

naive-tls-tcp-server.json:

{
  "log": {
    "level": "info"
  },
  "inbounds": [
    {
      "type": "naive",
      "tag": "naive-in",
      "network": "tcp",
      "listen": "127.0.0.1",
      "listen_port": 52004,
      "tcp_fast_open": true,
      "sniff": true,
      "sniff_override_destination": false,
      "proxy_protocol": true,
      "proxy_protocol_accept_no_header": false,
      "users": [
        {
          "username": "imlala",
          "password": "password"
        }
      ],
      "tls": {
        "enabled": true,
        "server_name": "naive.example.com",
        "acme": {
          "domain": ["naive.example.com"],
          "data_directory": "/usr/local/etc/sing-box",
          "default_server_name": "",
          "email": "[email protected]",
          "provider": "letsencrypt"
        }
      }
    }
  ],
  "outbounds": [
    {
      "type": "direct",
      "tag": "direct"
    }
  ]
}

naive-tls-tcp-client.json:

{
  "listen": "socks://127.0.0.1:30080",
  "proxy": "https://imlala:[email protected]",
  "log": ""
}

注:

sing-box没有naive出站,客户端还是用:https://github.com/klzgrad/naiveproxy/releases/download/v105.0.5195.52-1/naiveproxy-v105.0.5195.52-1-win-x64.zip

套cdn的配置,cdn(cloudflare)这里需要这样设置:

赞(0)
未经允许不得转载:拆东墙 » sing-box的一些配置示例

评论 抢沙发

登录

找回密码

注册