服务端 #
singbox安装 #
Debian
sudo apt update -y
sudo apt upgrade -y
sudo curl -fsSL https://sing-box.app/gpg.key -o /etc/apt/keyrings/sagernet.asc
sudo chmod a+r /etc/apt/keyrings/sagernet.asc
echo "deb [arch=`dpkg --print-architecture` signed-by=/etc/apt/keyrings/sagernet.asc] https://deb.sagernet.org/ * *" | \
sudo tee /etc/apt/sources.list.d/sagernet.list > /dev/null
sudo apt update
sudo apt install sing-box=1.10.1 #安装1.10.1版本
开启bbr和tcp-brutal #
bbr #
vi /etc/sysctl.conf
添加下面代码
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr
net.ipv6.tcp_congestion_control=bbr
tcp-brutal #
bash <(curl -fsSL https://tcp.hy2.sh/)
服务端 #
vi /etc/sing-box/config.json
{
"log": {
"disabled": false,
"level": "info",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "local",
"address": "local",
"strategy": "ipv4_only",
"detour": "direct"
},
{
"tag": "netflix",
"address": "103.148.72.249", #netflixDNS劫持
"strategy": "ipv4_only",
"detour": "direct"
}
],
"rules": [
{
"ip_version": 4,
"outbound": "any",
"server": "local"
},
{
"rule_set": [
"geosite-netflix"
],
"server": "netflix"
}
],
"final": "local",
"strategy": "ipv4_only",
"disable_cache": false,
"disable_expire": false,
"independent_cache": false
},
"inbounds": [
{
"type": "shadowsocks",
"tag": "ss-in",
"listen": "::",
"listen_port": 2222,
"tcp_fast_open": true,
"tcp_multi_path": true,
"network": "tcp",
"method": "2022-blake3-aes-128-gcm",
"password": "",
"sniff": true,
"sniff_override_destination": true,
"multiplex": {
"enabled": true,
"padding": false,
"brutal": {
"enabled": true,
"up_mbps": 100,
"down_mbps": 100
}
}
},
{
"type": "vless",
"tag": "vless-in",
"listen": "::",
"listen_port": 6128,
"tcp_fast_open": true,
"tcp_multi_path": true,
"sniff": true,
"sniff_override_destination": false,
"multiplex": {
"enabled": true,
"padding": false,
"brutal": {
"enabled": false,
"up_mbps": 100,
"down_mbps": 100
}
},
"users": [
{
"uuid": "",
"flow": "xtls-rprx-vision"
}
],
"tls": {
"enabled": true,
"server_name": "",
"reality": {
"enabled": true,
"handshake": {
"server": "",
"server_port": 443
},
"private_key": "",
"short_id": [
""
]
}
}
}
],
"outbounds": [
{
"type": "direct",
"tag": "direct",
"tcp_fast_open": true,
"tcp_multi_path": true
},
{
"type": "block",
"tag": "block"
},
{
"type": "socks", #分流二级代理的节点,例如socks协议
"tag": "kr",
"server": "",
"server_port": 14900,
"version": "5",
"username": "",
"password": ""
}
],
"route": {
"rule_set": [
{
"tag": "geosite-openai",
"type": "remote",
"format": "binary",
"url": "https://github.com/SagerNet/sing-geosite/raw/rule-set/geosite-openai.srs",
"download_detour": "direct"
},
{
"tag": "geosite-claude",
"type": "remote",
"format": "binary",
"url": "https://github.com/SagerNet/sing-geosite/raw/refs/heads/rule-set/geosite-anthropic.srs",
"download_detour": "direct"
},
{
"tag": "geosite-netflix",
"type": "remote",
"format": "binary",
"url": "https://github.com/SagerNet/sing-geosite/raw/refs/heads/rule-set/geosite-netflix.srs",
"download_detour": "direct"
}
],
"rules": [
{
"protocol": [
"bittorrent",
"quic"
],
"outbound": "block"
},
{
"rule_set": [
"geosite-claude",
"geosite-openai"
],
"outbound": "kr"
},
{
"inbound": [
"ss-in",
"vless-in"
],
"outbound": "direct"
}
]
}
}
重启生效
reboot
启动服务端 #
| 行动 | 命令 |
|---|---|
| 启用 | sudo systemctl enable sing-box |
| 禁用 | sudo systemctl disable sing-box |
| 启动 | sudo systemctl start sing-box |
| 停止 | sudo systemctl stop sing-box |
| 强行停止 | sudo systemctl kill sing-box |
| 重新启动 | sudo systemctl restart sing-box |
| 查看日志 | sudo journalctl -u sing-box --output cat -e |
| 实时日志 | sudo journalctl -u sing-box --output cat -f |
客户端 #
安卓 #
{
"log": {
"level": "error",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "dns_proxy",
"address": "https://1.1.1.1/dns-query",
"address_resolver": "dns_resolver",
"address_strategy": "ipv4_only",
"strategy": "ipv4_only",
"detour": "vless-out",
"client_subnet": "59.70.60.20"
},
{
"tag": "dns_resolver",
"address": "local",
"detour": "direct",
"strategy": "ipv4_only"
}
],
"rules": [
{
"outbound": "any",
"server": "dns_resolver"
},
{
"rule_set": "geosite-cn",
"server": "dns_resolver"
}
],
"final": "dns_proxy",
"strategy": "ipv4_only"
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"mtu": 1400,
"auto_route": true,
"strict_route": true,
"stack": "gvisor",
"sniff": true,
"inet4_address": "172.16.0.1/30",
"inet6_address": "fd00::1/126"
}
],
"outbounds": [
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
},
{
"type": "dns",
"tag": "dns-out"
},
{
"type": "shadowsocks",
"tag": "ss-out",
"tcp_fast_open": true,
"tcp_multi_path": true,
"server": "2001:250:4807:2534:20e",
"server_port": 2222,
"method": "2022-blake3-aes-128-gcm",
"password": "68yXEwgvSjAUqLcrTA=="
},
{
"type": "vless",
"tag": "vless-out",
"routing_mark": 100,
"server": "156.26.11.82",
"server_port": 233,
"uuid": "5eb545d7-c25b-4e2c-b48a-66ef0c64ed07",
"flow": "xtls-rprx-vision",
"packet_encoding": "xudp",
"tls": {
"enabled": true,
"server_name": "www.henau.edu.cn",
"insecure": true,
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "sqNkNGBhIBploUcf9-aCzh51ETaKrYOS6b0Wz0gQE",
"short_id": "4cae74ba0ee703cc"
}
},
"tcp_fast_open": true,
"tcp_multi_path": true
}
],
"route": {
"rules": [
{
"protocol": "dns",
"outbound": "dns-out"
},
{
"protocol": [
"bittorrent",
"quic"
],
"outbound": "block"
},
{
"rule_set": [
"geoip-cn",
"geosite-cn"
],
"outbound": "direct"
},
{
"ip_is_private": true,
"outbound": "vless-out"
}
],
"rule_set": [
{
"type": "remote",
"tag": "geoip-cn",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/refs/heads/sing/geo-lite/geoip/cn.srs",
"download_detour": "vless-out"
},
{
"type": "remote",
"tag": "geosite-cn",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/refs/heads/sing/geo-lite/geosite/cn.srs",
"download_detour": "vless-out"
}
],
"final": "vless-out",
"auto_detect_interface": true
},
"experimental": {
"cache_file": {
"enabled": true,
"path": "cache.db"
}
}
}
windows #
{
"log": {
"disabled": true,
"level": "info",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "default-dns",
"address": "223.5.5.5",
"detour": "direct-out"
},
{
"tag": "system-dns",
"address": "local",
"detour": "direct-out"
},
{
"tag": "block-dns",
"address": "rcode://name_error"
},
{
"tag": "cfg-google-dns",
"address": "https://dns.google/dns-query",
"address_resolver": "default-dns",
"address_strategy": "ipv4_only",
"strategy": "ipv4_only",
"detour": "vless-out",
"client_subnet": "59.70.63.26"
}
],
"rules": [
{
"ip_version": 4,
"outbound": "any",
"server": "default-dns"
},
{
"rule_set": [
"cfg-cnsite-rule"
],
"server": "default-dns"
}
],
"strategy": "ipv4_only",
"disable_cache": false,
"disable_expire": false,
"independent_cache": false,
"final": "cfg-google-dns"
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"inet4_address": "172.19.0.1/30",
"mtu": 9000,
"gso": true,
"auto_route": true,
"stack": "system",
"sniff": true,
"sniff_override_destination": false
}
],
"outbounds": [
{
"type": "direct",
"tag": "direct-out",
"routing_mark": 100
},
{
"type": "block",
"tag": "block-out"
},
{
"type": "dns",
"tag": "dns-out"
},
{
"type": "shadowsocks",
"tag": "ss-out",
"routing_mark": 100,
"server": "16.26.171.82",
"server_port": 23233,
"password": "Ji6vV7BCVQZ7ExzoA==",
"method": "2022-blake3-aes-128-gcm",
"multiplex": {
"enabled": false,
"protocol": "h2mux",
"max_connections": 1,
"min_streams": 4,
"padding": false,
"brutal": {
"enabled": false,
"up_mbps": 100,
"down_mbps": 100
}
},
"tcp_fast_open": true,
"tcp_multi_path": true
},
{
"type": "vless",
"tag": "vless-out",
"routing_mark": 100,
"server": "156.26.11.82",
"server_port": 233,
"uuid": "5eb545d7-c25b-4e2c-b48a-66ef0c64ed07",
"flow": "xtls-rprx-vision",
"packet_encoding": "xudp",
"tls": {
"enabled": true,
"server_name": "www.henau.edu.cn",
"insecure": true,
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "sqNkNGBhIBploUcf9-aCzh51ETaKrYOS6b0Wz0gQE",
"short_id": "4cae74ba0ee703cc"
}
},
"tcp_fast_open": true,
"tcp_multi_path": true
}
],
"route": {
"rules": [
{
"protocol": "dns",
"outbound": "dns-out"
},
{
"protocol": [
"bittorrent",
"quic"
],
"outbound": "block-out"
},
{
"rule_set": [
"cfg-cnip-rule",
"cfg-cnsite-rule"
],
"outbound": "direct-out"
}
],
"rule_set": [
{
"type": "remote",
"tag": "cfg-cnip-rule",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/refs/heads/sing/geo-lite/geoip/cn.srs",
"download_detour": "vless-out"
},
{
"type": "remote",
"tag": "cfg-cnsite-rule",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/refs/heads/sing/geo-lite/geosite/cn.srs",
"download_detour": "vless-out"
}
],
"auto_detect_interface": true,
"final": "vless-out"
},
"experimental": {
"cache_file": {
"enabled": true
}
}
}