CN-JS-HuiBai/SingboxForPanel
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

First Commmit

Browse Source
This commit is contained in:
CN-JS-HuiBai
2026-04-14 22:41:14 +08:00
commit 9f867b19da
1086 changed files with 147554 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
docs/configuration/outbound/anytls.md Normal file
View File

@@ -0,0 +1,66 @@
---
icon: material/new-box
---
!!! question "Since sing-box 1.12.0"
### Structure
```json
{
"type": "anytls",
"tag": "anytls-out",
"server": "127.0.0.1",
"server_port": 1080,
"password": "8JCsPssfgS8tiRwiMlhARg==",
"idle_session_check_interval": "30s",
"idle_session_timeout": "30s",
"min_idle_session": 5,
"tls": {},
... // Dial Fields
}
```
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
#### password
==Required==
The AnyTLS password.
#### idle_session_check_interval
Interval checking for idle sessions. Default: 30s.
#### idle_session_timeout
In the check, close sessions that have been idle for longer than this. Default: 30s.
#### min_idle_session
In the check, at least the first `n` idle sessions are kept open. Default value: `n`=0
#### tls
==Required==
TLS configuration, see [TLS](/configuration/shared/tls/#outbound).
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

66
docs/configuration/outbound/anytls.zh.md Normal file
View File

@@ -0,0 +1,66 @@
---
icon: material/new-box
---
!!! question "自 sing-box 1.12.0 起"
### 结构
```json
{
"type": "anytls",
"tag": "anytls-out",
"server": "127.0.0.1",
"server_port": 1080,
"password": "8JCsPssfgS8tiRwiMlhARg==",
"idle_session_check_interval": "30s",
"idle_session_timeout": "30s",
"min_idle_session": 5,
"tls": {},
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### password
==必填==
AnyTLS 密码。
#### idle_session_check_interval
检查空闲会话的时间间隔。默认值30秒。
#### idle_session_timeout
在检查中关闭闲置时间超过此值的会话。默认值30秒。
#### min_idle_session
在检查中,至少前 `n` 个空闲会话保持打开状态。默认值:`n`=0
#### tls
==必填==
TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#出站)。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

16
docs/configuration/outbound/block.md Normal file
View File

@@ -0,0 +1,16 @@
---
icon: material/delete-clock
---
### Structure
```json
{
"type": "block",
"tag": "block"
}
```
### Fields
No fields.

18
docs/configuration/outbound/block.zh.md Normal file
View File

@@ -0,0 +1,18 @@
---
icon: material/delete-clock
---
`block` 出站关闭所有传入请求。
### 结构
```json
{
"type": "block",
"tag": "block"
}
```
### 字段
无字段。

48
docs/configuration/outbound/direct.md Normal file
View File

@@ -0,0 +1,48 @@
---
icon: material/alert-decagram
---
!!! quote "Changes in sing-box 1.11.0"
:material-delete-clock: [override_address](#override_address)
:material-delete-clock: [override_port](#override_port)
`direct` outbound send requests directly.
### Structure
```json
{
"type": "direct",
"tag": "direct-out",
"override_address": "1.0.0.1",
"override_port": 53,
... // Dial Fields
}
```
### Fields
#### override_address
!!! failure "Deprecated in sing-box 1.11.0"
Destination override fields are deprecated in sing-box 1.11.0 and will be removed in sing-box 1.13.0, see [Migration](/migration/#migrate-destination-override-fields-to-route-options).
Override the connection destination address.
#### override_port
!!! failure "Deprecated in sing-box 1.11.0"
Destination override fields are deprecated in sing-box 1.11.0 and will be removed in sing-box 1.13.0, see [Migration](/migration/#migrate-destination-override-fields-to-route-options).
Override the connection destination port.
Protocol value can be `1` or `2`.
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

46
docs/configuration/outbound/direct.zh.md Normal file
View File

@@ -0,0 +1,46 @@
---
icon: material/alert-decagram
---
!!! quote "sing-box 1.11.0 中的更改"
:material-delete-clock: [override_address](#override_address)
:material-delete-clock: [override_port](#override_port)
`direct` 出站直接发送请求。
### 结构
```json
{
"type": "direct",
"tag": "direct-out",
"override_address": "1.0.0.1",
"override_port": 53,
... // 拨号字段
}
```
### 字段
#### override_address
!!! failure "已在 sing-box 1.11.0 废弃"
目标覆盖字段在 sing-box 1.11.0 中已废弃,并将在 sing-box 1.13.0 中被移除,参阅 [迁移指南](/zh/migration/#迁移-direct-出站中的目标地址覆盖字段到路由字段)。
覆盖连接目标地址。
#### override_port
!!! failure "已在 sing-box 1.11.0 废弃"
目标覆盖字段在 sing-box 1.11.0 中已废弃,并将在 sing-box 1.13.0 中被移除,参阅 [迁移指南](/zh/migration/#迁移-direct-出站中的目标地址覆盖字段到路由字段)。
覆盖连接目标端口。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

26
docs/configuration/outbound/dns.md Normal file
View File

@@ -0,0 +1,26 @@
---
icon: material/delete-clock
---
!!! failure "Deprecated in sing-box 1.11.0"
Legacy special outbounds are deprecated and will be removed in sing-box 1.13.0, check [Migration](/migration/#migrate-legacy-special-outbounds-to-rule-actions).
`dns` outbound is a internal DNS server.
### Structure
```json
{
"type": "dns",
"tag": "dns-out"
}
```
!!! note ""
There are no outbound connections by the DNS outbound, all requests are handled internally.
### Fields
No fields.

26
docs/configuration/outbound/dns.zh.md Normal file
View File

@@ -0,0 +1,26 @@
---
icon: material/delete-clock
---
!!! failure "已在 sing-box 1.11.0 废弃"
旧的特殊出站已被弃用,且将在 sing-box 1.13.0 中被移除, 参阅 [迁移指南](/zh/migration/#迁移旧的特殊出站到规则动作).
`dns` 出站是一个内部 DNS 服务器。
### 结构
```json
{
"type": "dns",
"tag": "dns-out"
}
```
!!! note ""
DNS 出站没有出站连接,所有请求均在内部处理。
### 字段
无字段。

58
docs/configuration/outbound/http.md Normal file
View File

@@ -0,0 +1,58 @@
`http` outbound is a HTTP CONNECT proxy client.
### Structure
```json
{
"type": "http",
"tag": "http-out",
"server": "127.0.0.1",
"server_port": 1080,
"username": "sekai",
"password": "admin",
"path": "",
"headers": {},
"tls": {},
... // Dial Fields
}
```
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
#### username
Basic authorization username.
#### password
Basic authorization password.
#### path
Path of HTTP request.
#### headers
Extra headers of HTTP request.
#### tls
TLS configuration, see [TLS](/configuration/shared/tls/#outbound).
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

58
docs/configuration/outbound/http.zh.md Normal file
View File

@@ -0,0 +1,58 @@
`http` 出站是一个 HTTP CONNECT 代理客户端
### 结构
```json
{
"type": "http",
"tag": "http-out",
"server": "127.0.0.1",
"server_port": 1080,
"username": "sekai",
"password": "admin",
"path": "",
"headers": {},
"tls": {},
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### username
Basic 认证用户名。
#### password
Basic 认证密码。
#### path
HTTP 请求路径。
#### headers
HTTP 请求的额外标头。
#### tls
TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#出站)。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

141
docs/configuration/outbound/hysteria.md Normal file
View File

@@ -0,0 +1,141 @@
---
icon: material/new-box
---
!!! quote "Changes in sing-box 1.12.0"
:material-plus: [server_ports](#server_ports)
:material-plus: [hop_interval](#hop_interval)
### Structure
```json
{
"type": "hysteria",
"tag": "hysteria-out",
"server": "127.0.0.1",
"server_port": 1080,
"server_ports": [
"2080:3000"
],
"hop_interval": "",
"up": "100 Mbps",
"up_mbps": 100,
"down": "100 Mbps",
"down_mbps": 100,
"obfs": "fuck me till the daylight",
"auth": "",
"auth_str": "password",
"recv_window_conn": 0,
"recv_window": 0,
"disable_mtu_discovery": false,
"network": "tcp",
"tls": {},
... // Dial Fields
}
```
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
#### server_ports
!!! question "Since sing-box 1.12.0"
Server port range list.
Conflicts with `server_port`.
#### hop_interval
!!! question "Since sing-box 1.12.0"
Port hopping interval.
`30s` is used by default.
#### up, down
==Required==
Format: `[Integer] [Unit]` e.g. `100 Mbps, 640 KBps, 2 Gbps`
Supported units (case sensitive, b = bits, B = bytes, 8b=1B):
bps (bits per second)
Bps (bytes per second)
Kbps (kilobits per second)
KBps (kilobytes per second)
Mbps (megabits per second)
MBps (megabytes per second)
Gbps (gigabits per second)
GBps (gigabytes per second)
Tbps (terabits per second)
TBps (terabytes per second)
#### up_mbps, down_mbps
==Required==
`up, down` in Mbps.
#### obfs
Obfuscated password.
#### auth
Authentication password, in base64.
#### auth_str
Authentication password.
#### recv_window_conn
The QUIC stream-level flow control window for receiving data.
`15728640 (15 MB/s)` will be used if empty.
#### recv_window
The QUIC connection-level flow control window for receiving data.
`67108864 (64 MB/s)` will be used if empty.
#### disable_mtu_discovery
Disables Path MTU Discovery (RFC 8899). Packets will then be at most 1252 (IPv4) / 1232 (IPv6) bytes in size.
Force enabled on for systems other than Linux and Windows (according to upstream).
#### network
Enabled network
One of `tcp` `udp`.
Both is enabled by default.
#### tls
==Required==
TLS configuration, see [TLS](/configuration/shared/tls/#outbound).
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

142
docs/configuration/outbound/hysteria.zh.md Normal file
View File

@@ -0,0 +1,142 @@
---
icon: material/new-box
---
!!! quote "sing-box 1.12.0 中的更改"
:material-plus: [server_ports](#server_ports)
:material-plus: [hop_interval](#hop_interval)
### 结构
```json
{
"type": "hysteria",
"tag": "hysteria-out",
"server": "127.0.0.1",
"server_port": 1080,
"server_ports": [
"2080:3000"
],
"hop_interval": "",
"up": "100 Mbps",
"up_mbps": 100,
"down": "100 Mbps",
"down_mbps": 100,
"obfs": "fuck me till the daylight",
"auth": "",
"auth_str": "password",
"recv_window_conn": 0,
"recv_window": 0,
"disable_mtu_discovery": false,
"network": "tcp",
"tls": {},
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### server_ports
!!! question "自 sing-box 1.12.0 起"
服务器端口范围列表。
`server_port` 冲突。
#### hop_interval
!!! question "自 sing-box 1.12.0 起"
端口跳跃间隔。
默认使用 `30s`
#### up, down
==必填==
格式: `[Integer] [Unit]` 例如: `100 Mbps, 640 KBps, 2 Gbps`
支持的单位 (大小写敏感, b = bits, B = bytes, 8b=1B)
bps (bits per second)
Bps (bytes per second)
Kbps (kilobits per second)
KBps (kilobytes per second)
Mbps (megabits per second)
MBps (megabytes per second)
Gbps (gigabits per second)
GBps (gigabytes per second)
Tbps (terabits per second)
TBps (terabytes per second)
#### up_mbps, down_mbps
==必填==
以 Mbps 为单位的 `up, down`
#### obfs
混淆密码。
#### auth
base64 编码的认证密码。
#### auth_str
认证密码。
#### recv_window_conn
用于接收数据的 QUIC 流级流控制窗口。
默认 `15728640 (15 MB/s)`
#### recv_window
用于接收数据的 QUIC 连接级流控制窗口。
默认 `67108864 (64 MB/s)`
#### disable_mtu_discovery
禁用路径 MTU 发现 (RFC 8899)。 数据包的大小最多为 1252 (IPv4) / 1232 (IPv6) 字节。
强制为 Linux 和 Windows 以外的系统启用(根据上游)。
#### network
启用的网络协议。
`tcp``udp`
默认所有。
#### tls
==必填==
TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#出站)。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

141
docs/configuration/outbound/hysteria2.md Normal file
View File

@@ -0,0 +1,141 @@
!!! quote "Changes in sing-box 1.14.0"
:material-plus: [hop_interval_max](#hop_interval_max)
:material-plus: [bbr_profile](#bbr_profile)
!!! quote "Changes in sing-box 1.11.0"
:material-plus: [server_ports](#server_ports)
:material-plus: [hop_interval](#hop_interval)
### Structure
```json
{
"type": "hysteria2",
"tag": "hy2-out",
"server": "127.0.0.1",
"server_port": 1080,
"server_ports": [
"2080:3000"
],
"hop_interval": "",
"hop_interval_max": "",
"up_mbps": 100,
"down_mbps": 100,
"obfs": {
"type": "salamander",
"password": "cry_me_a_r1ver"
},
"password": "goofy_ahh_password",
"network": "tcp",
"tls": {},
"bbr_profile": "",
"brutal_debug": false,
... // Dial Fields
}
```
!!! note ""
You can ignore the JSON Array [] tag when the content is only one item
!!! warning "Difference from official Hysteria2"
The official Hysteria2 supports an authentication method called **userpass**,
which essentially uses a combination of `<username>:<password>` as the actual password,
while sing-box does not provide this alias.
If you are planning to use sing-box with the official program,
please note that you will need to fill the combination as the password.
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
Ignored if `server_ports` is set.
#### server_ports
!!! question "Since sing-box 1.11.0"
Server port range list.
Conflicts with `server_port`.
#### hop_interval
!!! question "Since sing-box 1.11.0"
Port hopping interval.
`30s` is used by default.
#### hop_interval_max
!!! question "Since sing-box 1.14.0"
Maximum port hopping interval, used for randomization.
If set, the actual hop interval will be randomly chosen between `hop_interval` and `hop_interval_max`.
#### up_mbps, down_mbps
Max bandwidth, in Mbps.
If empty, the BBR congestion control algorithm will be used instead of Hysteria CC.
#### obfs.type
QUIC traffic obfuscator type, only available with `salamander`.
Disabled if empty.
#### obfs.password
QUIC traffic obfuscator password.
#### password
Authentication password.
#### network
Enabled network
One of `tcp` `udp`.
Both is enabled by default.
#### tls
==Required==
TLS configuration, see [TLS](/configuration/shared/tls/#outbound).
#### bbr_profile
!!! question "Since sing-box 1.14.0"
BBR congestion control algorithm profile, one of `conservative` `standard` `aggressive`.
`standard` is used by default.
#### brutal_debug
Enable debug information logging for Hysteria Brutal CC.
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

139
docs/configuration/outbound/hysteria2.zh.md Normal file
View File

@@ -0,0 +1,139 @@
!!! quote "sing-box 1.14.0 中的更改"
:material-plus: [hop_interval_max](#hop_interval_max)
:material-plus: [bbr_profile](#bbr_profile)
!!! quote "sing-box 1.11.0 中的更改"
:material-plus: [server_ports](#server_ports)
:material-plus: [hop_interval](#hop_interval)
### 结构
```json
{
"type": "hysteria2",
"tag": "hy2-out",
"server": "127.0.0.1",
"server_port": 1080,
"server_ports": [
"2080:3000"
],
"hop_interval": "",
"hop_interval_max": "",
"up_mbps": 100,
"down_mbps": 100,
"obfs": {
"type": "salamander",
"password": "cry_me_a_r1ver"
},
"password": "goofy_ahh_password",
"network": "tcp",
"tls": {},
"bbr_profile": "",
"brutal_debug": false,
... // 拨号字段
}
```
!!! note ""
当内容只有一项时,可以忽略 JSON 数组 [] 标签
!!! warning "与官方 Hysteria2 的区别"
官方程序支持一种名为 **userpass** 的验证方式,
本质上是将用户名与密码的组合 `<username>:<password>` 作为实际上的密码,而 sing-box 不提供此别名。
要将 sing-box 与官方程序一起使用, 您需要填写该组合作为实际密码。
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
如果设置了 `server_ports`,则忽略此项。
#### server_ports
!!! question "自 sing-box 1.11.0 起"
服务器端口范围列表。
`server_port` 冲突。
#### hop_interval
!!! question "自 sing-box 1.11.0 起"
端口跳跃间隔。
默认使用 `30s`
#### hop_interval_max
!!! question "自 sing-box 1.14.0 起"
最大端口跳跃间隔,用于随机化。
如果设置,实际跳跃间隔将在 `hop_interval``hop_interval_max` 之间随机选择。
#### up_mbps, down_mbps
最大带宽。
如果为空,将使用 BBR 拥塞控制算法而不是 Hysteria CC。
#### obfs.type
QUIC 流量混淆器类型,仅可设为 `salamander`
如果为空则禁用。
#### obfs.password
QUIC 流量混淆器密码.
#### password
认证密码。
#### network
启用的网络协议。
`tcp``udp`
默认所有。
#### tls
==必填==
TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#出站)。
#### bbr_profile
!!! question "自 sing-box 1.14.0 起"
BBR 拥塞控制算法配置,可选 `conservative` `standard` `aggressive`
默认使用 `standard`
#### brutal_debug
启用 Hysteria Brutal CC 的调试信息日志记录。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

49
docs/configuration/outbound/index.md Normal file
View File

@@ -0,0 +1,49 @@
# Outbound
### Structure
```json
{
"outbounds": [
{
"type": "",
"tag": ""
}
]
}
```
### Fields
| Type | Format |
|----------------|--------------------------------|
| `direct` | [Direct](./direct/) |
| `block` | [Block](./block/) |
| `socks` | [SOCKS](./socks/) |
| `http` | [HTTP](./http/) |
| `shadowsocks` | [Shadowsocks](./shadowsocks/) |
| `vmess` | [VMess](./vmess/) |
| `trojan` | [Trojan](./trojan/) |
| `wireguard` | [Wireguard](./wireguard/) |
| `hysteria` | [Hysteria](./hysteria/) |
| `vless` | [VLESS](./vless/) |
| `shadowtls` | [ShadowTLS](./shadowtls/) |
| `tuic` | [TUIC](./tuic/) |
| `hysteria2` | [Hysteria2](./hysteria2/) |
| `anytls` | [AnyTLS](./anytls/) |
| `tor` | [Tor](./tor/) |
| `ssh` | [SSH](./ssh/) |
| `dns` | [DNS](./dns/) |
| `selector` | [Selector](./selector/) |
| `urltest` | [URLTest](./urltest/) |
| `naive` | [NaiveProxy](./naive/) |
#### tag
The tag of the outbound.
### Features
#### Outbounds that support IP connection
* `WireGuard`

49
docs/configuration/outbound/index.zh.md Normal file
View File

@@ -0,0 +1,49 @@
# 出站
### 结构
```json
{
"outbounds": [
{
"type": "",
"tag": ""
}
]
}
```
### 字段
| 类型 | 格式 |
|----------------|--------------------------------|
| `direct` | [Direct](./direct/) |
| `block` | [Block](./block/) |
| `socks` | [SOCKS](./socks/) |
| `http` | [HTTP](./http/) |
| `shadowsocks` | [Shadowsocks](./shadowsocks/) |
| `vmess` | [VMess](./vmess/) |
| `trojan` | [Trojan](./trojan/) |
| `wireguard` | [Wireguard](./wireguard/) |
| `hysteria` | [Hysteria](./hysteria/) |
| `vless` | [VLESS](./vless/) |
| `shadowtls` | [ShadowTLS](./shadowtls/) |
| `tuic` | [TUIC](./tuic/) |
| `hysteria2` | [Hysteria2](./hysteria2/) |
| `anytls` | [AnyTLS](./anytls/) |
| `tor` | [Tor](./tor/) |
| `ssh` | [SSH](./ssh/) |
| `dns` | [DNS](./dns/) |
| `selector` | [Selector](./selector/) |
| `urltest` | [URLTest](./urltest/) |
| `naive` | [NaiveProxy](./naive/) |
#### tag
出站的标签。
### 特性
#### 支持 IP 连接的出站
* `WireGuard`

116
docs/configuration/outbound/naive.md Normal file
View File

@@ -0,0 +1,116 @@
---
icon: material/new-box
---
!!! question "Since sing-box 1.13.0"
### Structure
```json
{
"type": "naive",
"tag": "naive-out",
"server": "127.0.0.1",
"server_port": 443,
"username": "sekai",
"password": "password",
"insecure_concurrency": 0,
"extra_headers": {},
"udp_over_tcp": false | {},
"quic": false,
"quic_congestion_control": "",
"tls": {},
... // Dial Fields
}
```
!!! warning "Platform Support"
NaiveProxy outbound is only available on Apple platforms, Android, Windows and certain Linux builds.
**Official Release Build Variants:**
| Build Variant | Platforms | Description |
|---------------|-----------|-------------|
| (no suffix) | Linux amd64/arm64 | purego build, `libcronet.so` included |
| `-glibc` | Linux 386/amd64/arm/arm64/mipsle/mips64le/riscv64/loong64 | CGO build, dynamically linked with glibc, requires glibc >= 2.31 (loong64: >= 2.36) |
| `-musl` | Linux 386/amd64/arm/arm64/mipsle/riscv64/loong64 | CGO build, statically linked with musl |
| (no suffix) | Windows amd64/arm64 | purego build, `libcronet.dll` included |
For Linux, choose the glibc or musl variant based on your distribution's libc type.
**Runtime Requirements:**
- **Linux purego**: `libcronet.so` must be in the same directory as the sing-box binary or in system library path
- **Windows**: `libcronet.dll` must be in the same directory as `sing-box.exe` or in a directory listed in `PATH`
For self-built binaries, see [Build from source](/installation/build-from-source/#with_naive_outbound).
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
#### username
Authentication username.
#### password
Authentication password.
#### insecure_concurrency
Number of concurrent tunnel connections. Multiple connections make the tunneling easier to detect through traffic analysis, which defeats the purpose of NaiveProxy's design to resist traffic analysis.
#### extra_headers
Extra headers to send in HTTP requests.
#### udp_over_tcp
UDP over TCP protocol settings.
See [UDP Over TCP](/configuration/shared/udp-over-tcp/) for details.
#### quic
Use QUIC instead of HTTP/2.
#### quic_congestion_control
QUIC congestion control algorithm.
| Algorithm | Description |
|-----------|-------------|
| `bbr` | BBR |
| `bbr2` | BBRv2 |
| `cubic` | CUBIC |
| `reno` | New Reno |
`bbr` is used by default (the default of QUICHE, used by Chromium which NaiveProxy is based on).
#### tls
==Required==
TLS configuration, see [TLS](/configuration/shared/tls/#outbound).
Only `server_name`, `certificate`, `certificate_path` and `ech` are supported.
Self-signed certificates change traffic behavior significantly, which defeats the purpose of NaiveProxy's design to resist traffic analysis, and should not be used in production.
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

116
docs/configuration/outbound/naive.zh.md Normal file
View File

@@ -0,0 +1,116 @@
---
icon: material/new-box
---
!!! question "自 sing-box 1.13.0 起"
### 结构
```json
{
"type": "naive",
"tag": "naive-out",
"server": "127.0.0.1",
"server_port": 443,
"username": "sekai",
"password": "password",
"insecure_concurrency": 0,
"extra_headers": {},
"udp_over_tcp": false | {},
"quic": false,
"quic_congestion_control": "",
"tls": {},
... // 拨号字段
}
```
!!! warning "平台支持"
NaiveProxy 出站仅在 Apple 平台、Android、Windows 和特定 Linux 构建上可用。
**官方发布版本区别:**
| 构建变体 | 平台 | 说明 |
|---|---|---|
| (无后缀) | Linux amd64/arm64 | purego 构建,包含 `libcronet.so` |
| `-glibc` | Linux 386/amd64/arm/arm64/mipsle/mips64le/riscv64/loong64 | CGO 构建,动态链接 glibc要求 glibc >= 2.31loong64: >= 2.36 |
| `-musl` | Linux 386/amd64/arm/arm64/mipsle/riscv64/loong64 | CGO 构建,静态链接 musl |
| (无后缀) | Windows amd64/arm64 | purego 构建,包含 `libcronet.dll` |
对于 Linux请根据发行版的 libc 类型选择 glibc 或 musl 变体。
**运行时要求:**
- **Linux purego**`libcronet.so` 必须位于 sing-box 二进制文件相同目录或系统库路径中
- **Windows**`libcronet.dll` 必须位于 `sing-box.exe` 相同目录或 `PATH` 中的任意目录
自行构建请参阅 [从源代码构建](/zh/installation/build-from-source/#with_naive_outbound)。
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### username
认证用户名。
#### password
认证密码。
#### insecure_concurrency
并发隧道连接数。多连接使隧道更容易被流量分析检测,违背 NaiveProxy 抵抗流量分析的设计目的。
#### extra_headers
HTTP 请求中发送的额外头部。
#### udp_over_tcp
UDP over TCP 配置。
参阅 [UDP Over TCP](/zh/configuration/shared/udp-over-tcp/)。
#### quic
使用 QUIC 代替 HTTP/2。
#### quic_congestion_control
QUIC 拥塞控制算法。
| 算法 | 描述 |
|------|------|
| `bbr` | BBR |
| `bbr2` | BBRv2 |
| `cubic` | CUBIC |
| `reno` | New Reno |
默认使用 `bbr`NaiveProxy 基于的 Chromium 使用的 QUICHE 的默认值)。
#### tls
==必填==
TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#出站)。
只有 `server_name``certificate``certificate_path``ech` 是被支持的。
自签名证书会显著改变流量行为,违背了 NaiveProxy 旨在抵抗流量分析的设计初衷,不应该在生产环境中使用。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

38
docs/configuration/outbound/selector.md Normal file
View File

@@ -0,0 +1,38 @@
### Structure
```json
{
"type": "selector",
"tag": "select",
"outbounds": [
"proxy-a",
"proxy-b",
"proxy-c"
],
"default": "proxy-c",
"interrupt_exist_connections": false
}
```
!!! quote ""
The selector can only be controlled through the [Clash API](/configuration/experimental#clash-api-fields) currently.
### Fields
#### outbounds
==Required==
List of outbound tags to select.
#### default
The default outbound tag. The first outbound will be used if empty.
#### interrupt_exist_connections
Interrupt existing connections when the selected outbound has changed.
Only inbound connections are affected by this setting, internal connections will always be interrupted.

38
docs/configuration/outbound/selector.zh.md Normal file
View File

@@ -0,0 +1,38 @@
### 结构
```json
{
"type": "selector",
"tag": "select",
"outbounds": [
"proxy-a",
"proxy-b",
"proxy-c"
],
"default": "proxy-c",
"interrupt_exist_connections": false
}
```
!!! quote ""
选择器目前只能通过 [Clash API](/zh/configuration/experimental/clash-api/) 来控制。
### 字段
#### outbounds
==必填==
用于选择的出站标签列表。
#### default
默认的出站标签。默认使用第一个出站。
#### interrupt_exist_connections
当选定的出站发生更改时,中断现有连接。
仅入站连接受此设置影响,内部连接将始终被中断。

102
docs/configuration/outbound/shadowsocks.md Normal file
View File

@@ -0,0 +1,102 @@
### Structure
```json
{
"type": "shadowsocks",
"tag": "ss-out",
"server": "127.0.0.1",
"server_port": 1080,
"method": "2022-blake3-aes-128-gcm",
"password": "8JCsPssfgS8tiRwiMlhARg==",
"plugin": "",
"plugin_opts": "",
"network": "udp",
"udp_over_tcp": false | {},
"multiplex": {},
... // Dial Fields
}
```
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
#### method
==Required==
Encryption methods:
* `2022-blake3-aes-128-gcm`
* `2022-blake3-aes-256-gcm`
* `2022-blake3-chacha20-poly1305`
* `none`
* `aes-128-gcm`
* `aes-192-gcm`
* `aes-256-gcm`
* `chacha20-ietf-poly1305`
* `xchacha20-ietf-poly1305`
Legacy encryption methods:
* `aes-128-ctr`
* `aes-192-ctr`
* `aes-256-ctr`
* `aes-128-cfb`
* `aes-192-cfb`
* `aes-256-cfb`
* `rc4-md5`
* `chacha20-ietf`
* `xchacha20`
#### password
==Required==
The shadowsocks password.
#### plugin
Shadowsocks SIP003 plugin, implemented in internal.
Only `obfs-local` and `v2ray-plugin` are supported.
#### plugin_opts
Shadowsocks SIP003 plugin options.
#### network
Enabled network
One of `tcp` `udp`.
Both is enabled by default.
#### udp_over_tcp
UDP over TCP configuration.
See [UDP Over TCP](/configuration/shared/udp-over-tcp/) for details.
Conflict with `multiplex`.
#### multiplex
See [Multiplex](/configuration/shared/multiplex#outbound) for details.
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

102
docs/configuration/outbound/shadowsocks.zh.md Normal file
View File

@@ -0,0 +1,102 @@
### 结构
```json
{
"type": "shadowsocks",
"tag": "ss-out",
"server": "127.0.0.1",
"server_port": 1080,
"method": "2022-blake3-aes-128-gcm",
"password": "8JCsPssfgS8tiRwiMlhARg==",
"plugin": "",
"plugin_opts": "",
"network": "udp",
"udp_over_tcp": false | {},
"multiplex": {},
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### method
==必填==
加密方法:
* `2022-blake3-aes-128-gcm`
* `2022-blake3-aes-256-gcm`
* `2022-blake3-chacha20-poly1305`
* `none`
* `aes-128-gcm`
* `aes-192-gcm`
* `aes-256-gcm`
* `chacha20-ietf-poly1305`
* `xchacha20-ietf-poly1305`
旧加密方法:
* `aes-128-ctr`
* `aes-192-ctr`
* `aes-256-ctr`
* `aes-128-cfb`
* `aes-192-cfb`
* `aes-256-cfb`
* `rc4-md5`
* `chacha20-ietf`
* `xchacha20`
#### password
==必填==
Shadowsocks 密码。
#### plugin
Shadowsocks SIP003 插件,由内部实现。
仅支持 `obfs-local``v2ray-plugin`
#### plugin_opts
Shadowsocks SIP003 插件参数。
#### network
启用的网络协议
`tcp``udp`
默认所有。
#### udp_over_tcp
UDP over TCP 配置。
参阅 [UDP Over TCP](/zh/configuration/shared/udp-over-tcp/)。
`multiplex` 冲突。
#### multiplex
参阅 [多路复用](/zh/configuration/shared/multiplex#出站)。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

56
docs/configuration/outbound/shadowtls.md Normal file
View File

@@ -0,0 +1,56 @@
### Structure
```json
{
"type": "shadowtls",
"tag": "st-out",
"server": "127.0.0.1",
"server_port": 1080,
"version": 3,
"password": "fuck me till the daylight",
"tls": {},
... // Dial Fields
}
```
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
#### version
ShadowTLS protocol version.
| Value | Protocol Version |
|---------------|-----------------------------------------------------------------------------------------|
| `1` (default) | [ShadowTLS v1](https://github.com/ihciah/shadow-tls/blob/master/docs/protocol-en.md#v1) |
| `2` | [ShadowTLS v2](https://github.com/ihciah/shadow-tls/blob/master/docs/protocol-en.md#v2) |
| `3` | [ShadowTLS v3](https://github.com/ihciah/shadow-tls/blob/master/docs/protocol-v3-en.md) |
#### password
Set password.
Only available in the ShadowTLS v2/v3 protocol.
#### tls
==Required==
TLS configuration, see [TLS](/configuration/shared/tls/#outbound).
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

56
docs/configuration/outbound/shadowtls.zh.md Normal file
View File

@@ -0,0 +1,56 @@
### 结构
```json
{
"type": "shadowtls",
"tag": "st-out",
"server": "127.0.0.1",
"server_port": 1080,
"version": 3,
"password": "fuck me till the daylight",
"tls": {},
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### version
ShadowTLS 协议版本。
| 值 | 协议版本 |
|---------------|-----------------------------------------------------------------------------------------|
| `1` (default) | [ShadowTLS v1](https://github.com/ihciah/shadow-tls/blob/master/docs/protocol-en.md#v1) |
| `2` | [ShadowTLS v2](https://github.com/ihciah/shadow-tls/blob/master/docs/protocol-en.md#v2) |
| `3` | [ShadowTLS v3](https://github.com/ihciah/shadow-tls/blob/master/docs/protocol-v3-en.md) |
#### password
设置密码。
仅在 ShadowTLS v2/v3 协议中可用。
#### tls
==必填==
TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#出站)。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

66
docs/configuration/outbound/socks.md Normal file
View File

@@ -0,0 +1,66 @@
`socks` outbound is a socks4/socks4a/socks5 client.
### Structure
```json
{
"type": "socks",
"tag": "socks-out",
"server": "127.0.0.1",
"server_port": 1080,
"version": "5",
"username": "sekai",
"password": "admin",
"network": "udp",
"udp_over_tcp": false | {},
... // Dial Fields
}
```
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
#### version
The SOCKS version, one of `4` `4a` `5`.
SOCKS5 used by default.
#### username
SOCKS username.
#### password
SOCKS5 password.
#### network
Enabled network
One of `tcp` `udp`.
Both is enabled by default.
#### udp_over_tcp
UDP over TCP protocol settings.
See [UDP Over TCP](/configuration/shared/udp-over-tcp/) for details.
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

66
docs/configuration/outbound/socks.zh.md Normal file
View File

@@ -0,0 +1,66 @@
`socks` 出站是 socks4/socks4a/socks5 客户端
### 结构
```json
{
"type": "socks",
"tag": "socks-out",
"server": "127.0.0.1",
"server_port": 1080,
"version": "5",
"username": "sekai",
"password": "admin",
"network": "udp",
"udp_over_tcp": false | {},
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### version
SOCKS 版本, 可为 `4` `4a` `5`.
默认使用 SOCKS5。
#### username
SOCKS 用户名。
#### password
SOCKS5 密码。
#### network
启用的网络协议
`tcp``udp`
默认所有。
#### udp_over_tcp
UDP over TCP 配置。
参阅 [UDP Over TCP](/zh/configuration/shared/udp-over-tcp/)。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

71
docs/configuration/outbound/ssh.md Normal file
View File

@@ -0,0 +1,71 @@
### Structure
```json
{
"type": "ssh",
"tag": "ssh-out",
"server": "127.0.0.1",
"server_port": 22,
"user": "root",
"password": "admin",
"private_key": "",
"private_key_path": "$HOME/.ssh/id_rsa",
"private_key_passphrase": "",
"host_key": [
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdH..."
],
"host_key_algorithms": [],
"client_version": "SSH-2.0-OpenSSH_7.4p1",
... // Dial Fields
}
```
### Fields
#### server
==Required==
Server address.
#### server_port
Server port. 22 will be used if empty.
#### user
SSH user, root will be used if empty.
#### password
Password.
#### private_key
Private key.
#### private_key_path
Private key path.
#### private_key_passphrase
Private key passphrase.
#### host_key
Host key. Accept any if empty.
#### host_key_algorithms
Host key algorithms.
#### client_version
Client version. Random version will be used if empty.
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

71
docs/configuration/outbound/ssh.zh.md Normal file
View File

@@ -0,0 +1,71 @@
### 结构
```json
{
"type": "ssh",
"tag": "ssh-out",
"server": "127.0.0.1",
"server_port": 22,
"user": "root",
"password": "admin",
"private_key": "",
"private_key_path": "$HOME/.ssh/id_rsa",
"private_key_passphrase": "",
"host_key": [
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdH..."
],
"host_key_algorithms": [],
"client_version": "SSH-2.0-OpenSSH_7.4p1",
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
服务器端口,默认使用 22。
#### user
SSH 用户, 默认使用 root。
#### password
密码。
#### private_key
密钥。
#### private_key_path
密钥路径。
#### private_key_passphrase
密钥密码。
#### host_key
主机密钥,留空接受所有。
#### host_key_algorithms
主机密钥算法。
#### client_version
客户端版本,默认使用随机值。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

51
docs/configuration/outbound/tor.md Normal file
View File

@@ -0,0 +1,51 @@
### Structure
```json
{
"type": "tor",
"tag": "tor-out",
"executable_path": "/usr/bin/tor",
"extra_args": [],
"data_directory": "$HOME/.cache/tor",
"torrc": {
"ClientOnly": 1
},
... // Dial Fields
}
```
!!! info ""
Embedded Tor is not included by default, see [Installation](/installation/build-from-source/#build-tags).
### Fields
#### executable_path
The path to the Tor executable.
Embedded Tor will be ignored if set.
#### extra_args
List of extra arguments passed to the Tor instance when started.
#### data_directory
==Recommended==
The data directory of Tor.
Each start will be very slow if not specified.
#### torrc
Map of torrc options.
See [tor(1)](https://linux.die.net/man/1/tor) for details.
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

51
docs/configuration/outbound/tor.zh.md Normal file
View File

@@ -0,0 +1,51 @@
### 结构
```json
{
"type": "tor",
"tag": "tor-out",
"executable_path": "/usr/bin/tor",
"extra_args": [],
"data_directory": "$HOME/.cache/tor",
"torrc": {
"ClientOnly": 1
},
... // 拨号字段
}
```
!!! info ""
默认安装不包含嵌入式 Tor, 参阅 [安装](/zh/installation/build-from-source/#构建标记)。
### 字段
#### executable_path
Tor 可执行文件路径
如果设置,将覆盖嵌入式 Tor。
#### extra_args
启动 Tor 时传递的附加参数列表。
#### data_directory
==推荐==
Tor 的数据目录。
如未设置,每次启动都需要长时间。
#### torrc
torrc 参数表。
参阅 [tor(1)](https://linux.die.net/man/1/tor)。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

62
docs/configuration/outbound/trojan.md Normal file
View File

@@ -0,0 +1,62 @@
### Structure
```json
{
"type": "trojan",
"tag": "trojan-out",
"server": "127.0.0.1",
"server_port": 1080,
"password": "8JCsPssfgS8tiRwiMlhARg==",
"network": "tcp",
"tls": {},
"multiplex": {},
"transport": {},
... // Dial Fields
}
```
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
#### password
==Required==
The Trojan password.
#### network
Enabled network
One of `tcp` `udp`.
Both is enabled by default.
#### tls
TLS configuration, see [TLS](/configuration/shared/tls/#outbound).
#### multiplex
See [Multiplex](/configuration/shared/multiplex#outbound) for details.
#### transport
V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport/).
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

62
docs/configuration/outbound/trojan.zh.md Normal file
View File

@@ -0,0 +1,62 @@
### 结构
```json
{
"type": "trojan",
"tag": "trojan-out",
"server": "127.0.0.1",
"server_port": 1080,
"password": "8JCsPssfgS8tiRwiMlhARg==",
"network": "tcp",
"tls": {},
"multiplex": {},
"transport": {},
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### password
==必填==
Trojan 密码。
#### network
启用的网络协议。
`tcp``udp`
默认所有。
#### tls
TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#出站)。
#### multiplex
参阅 [多路复用](/zh/configuration/shared/multiplex#出站)。
#### transport
V2Ray 传输配置,参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport/)。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

96
docs/configuration/outbound/tuic.md Normal file
View File

@@ -0,0 +1,96 @@
### Structure
```json
{
"type": "tuic",
"tag": "tuic-out",
"server": "127.0.0.1",
"server_port": 1080,
"uuid": "2DD61D93-75D8-4DA4-AC0E-6AECE7EAC365",
"password": "hello",
"congestion_control": "cubic",
"udp_relay_mode": "native",
"udp_over_stream": false,
"zero_rtt_handshake": false,
"heartbeat": "10s",
"network": "tcp",
"tls": {},
... // Dial Fields
}
```
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
#### uuid
==Required==
TUIC user uuid
#### password
TUIC user password
#### congestion_control
QUIC congestion control algorithm
One of: `cubic`, `new_reno`, `bbr`
`cubic` is used by default.
#### udp_relay_mode
UDP packet relay mode
| Mode | Description |
|:-------|:-------------------------------------------------------------------------|
| native | native UDP characteristics |
| quic | lossless UDP relay using QUIC streams, additional overhead is introduced |
`native` is used by default.
Conflict with `udp_over_stream`.
#### udp_over_stream
This is the TUIC port of the [UDP over TCP protocol](/configuration/shared/udp-over-tcp/), designed to provide a QUIC
stream based UDP relay mode that TUIC does not provide. Since it is an add-on protocol, you will need to use sing-box or
another program compatible with the protocol as a server.
This mode has no positive effect in a proper UDP proxy scenario and should only be applied to relay streaming UDP
traffic (basically QUIC streams).
Conflict with `udp_relay_mode`.
#### network
Enabled network
One of `tcp` `udp`.
Both is enabled by default.
#### tls
==Required==
TLS configuration, see [TLS](/configuration/shared/tls/#outbound).
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

104
docs/configuration/outbound/tuic.zh.md Normal file
View File

@@ -0,0 +1,104 @@
### 结构
```json
{
"type": "tuic",
"tag": "tuic-out",
"server": "127.0.0.1",
"server_port": 1080,
"uuid": "2DD61D93-75D8-4DA4-AC0E-6AECE7EAC365",
"password": "hello",
"congestion_control": "cubic",
"udp_relay_mode": "native",
"udp_over_stream": false,
"zero_rtt_handshake": false,
"heartbeat": "10s",
"network": "tcp",
"tls": {},
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### uuid
==必填==
TUIC 用户 UUID
#### password
TUIC 用户密码
#### congestion_control
QUIC 拥塞控制算法
可选值: `cubic`, `new_reno`, `bbr`
默认使用 `cubic`
#### udp_relay_mode
UDP 包中继模式
| 模式 | 描述 |
|--------|------------------------------|
| native | 原生 UDP |
| quic | 使用 QUIC 流的无损 UDP 中继,引入了额外的开销 |
`udp_over_stream` 冲突。
#### udp_over_stream
这是 TUIC 的 [UDP over TCP 协议](/zh/configuration/shared/udp-over-tcp/) 移植, 旨在提供 TUIC 不提供的 基于 QUIC 流的 UDP 中继模式。 由于它是一个附加协议,因此您需要使用 sing-box 或其他兼容的程序作为服务器。
此模式在正确的 UDP 代理场景中没有任何积极作用,仅适用于中继流式 UDP 流量(基本上是 QUIC 流)。
`udp_relay_mode` 冲突。
#### zero_rtt_handshake
在客户端启用 0-RTT QUIC 连接握手
这对性能影响不大,因为协议是完全复用的
!!! warning ""
强烈建议禁用此功能,因为它容易受到重放攻击。
请参阅 [Attack of the clones](https://blog.cloudflare.com/even-faster-connection-establishment-with-quic-0-rtt-resumption/#attack-of-the-clones)
#### heartbeat
发送心跳包以保持连接存活的时间间隔
#### network
启用的网络协议。
`tcp``udp`
默认所有。
#### tls
==必填==
TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#出站)。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

49
docs/configuration/outbound/urltest.md Normal file
View File

@@ -0,0 +1,49 @@
### Structure
```json
{
"type": "urltest",
"tag": "auto",
"outbounds": [
"proxy-a",
"proxy-b",
"proxy-c"
],
"url": "",
"interval": "",
"tolerance": 0,
"idle_timeout": "",
"interrupt_exist_connections": false
}
```
### Fields
#### outbounds
==Required==
List of outbound tags to test.
#### url
The URL to test. `https://www.gstatic.com/generate_204` will be used if empty.
#### interval
The test interval. `3m` will be used if empty.
#### tolerance
The test tolerance in milliseconds. `50` will be used if empty.
#### idle_timeout
The idle timeout. `30m` will be used if empty.
#### interrupt_exist_connections
Interrupt existing connections when the selected outbound has changed.
Only inbound connections are affected by this setting, internal connections will always be interrupted.

49
docs/configuration/outbound/urltest.zh.md Normal file
View File

@@ -0,0 +1,49 @@
### 结构
```json
{
"type": "urltest",
"tag": "auto",
"outbounds": [
"proxy-a",
"proxy-b",
"proxy-c"
],
"url": "",
"interval": "",
"tolerance": 50,
"idle_timeout": "",
"interrupt_exist_connections": false
}
```
### 字段
#### outbounds
==必填==
用于测试的出站标签列表。
#### url
用于测试的链接。默认使用 `https://www.gstatic.com/generate_204`
#### interval
测试间隔。 默认使用 `3m`
#### tolerance
以毫秒为单位的测试容差。 默认使用 `50`
#### idle_timeout
空闲超时。默认使用 `30m`
#### interrupt_exist_connections
当选定的出站发生更改时,中断现有连接。
仅入站连接受此设置影响,内部连接将始终被中断。

82
docs/configuration/outbound/vless.md Normal file
View File

@@ -0,0 +1,82 @@
### Structure
```json
{
"type": "vless",
"tag": "vless-out",
"server": "127.0.0.1",
"server_port": 1080,
"uuid": "bf000d23-0752-40b4-affe-68f7707a9661",
"flow": "xtls-rprx-vision",
"network": "tcp",
"tls": {},
"packet_encoding": "",
"multiplex": {},
"transport": {},
... // Dial Fields
}
```
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
#### uuid
==Required==
VLESS user id.
#### flow
VLESS Sub-protocol.
Available values:
* `xtls-rprx-vision`
#### network
Enabled network
One of `tcp` `udp`.
Both is enabled by default.
#### tls
TLS configuration, see [TLS](/configuration/shared/tls/#outbound).
#### packet_encoding
UDP packet encoding, xudp is used by default.
| Encoding | Description |
|------------|-----------------------|
| (none) | Disabled |
| packetaddr | Supported by v2ray 5+ |
| xudp | Supported by xray |
#### multiplex
See [Multiplex](/configuration/shared/multiplex#outbound) for details.
#### transport
V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport/).
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

82
docs/configuration/outbound/vless.zh.md Normal file
View File

@@ -0,0 +1,82 @@
### 结构
```json
{
"type": "vless",
"tag": "vless-out",
"server": "127.0.0.1",
"server_port": 1080,
"uuid": "bf000d23-0752-40b4-affe-68f7707a9661",
"flow": "xtls-rprx-vision",
"network": "tcp",
"tls": {},
"packet_encoding": "",
"multiplex": {},
"transport": {},
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### uuid
==必填==
VLESS 用户 ID。
#### flow
VLESS 子协议。
可用值:
* `xtls-rprx-vision`
#### network
启用的网络协议。
`tcp``udp`
默认所有。
#### tls
TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#出站)。
#### packet_encoding
UDP 包编码,默认使用 xudp。
| 编码 | 描述 |
|------------|---------------|
| (空) | 禁用 |
| packetaddr | 由 v2ray 5+ 支持 |
| xudp | 由 xray 支持 |
#### multiplex
参阅 [多路复用](/zh/configuration/shared/multiplex#出站)。
#### transport
V2Ray 传输配置,参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport/)。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

107
docs/configuration/outbound/vmess.md Normal file
View File

@@ -0,0 +1,107 @@
### Structure
```json
{
"type": "vmess",
"tag": "vmess-out",
"server": "127.0.0.1",
"server_port": 1080,
"uuid": "bf000d23-0752-40b4-affe-68f7707a9661",
"security": "auto",
"alter_id": 0,
"global_padding": false,
"authenticated_length": true,
"network": "tcp",
"tls": {},
"packet_encoding": "",
"transport": {},
"multiplex": {},
... // Dial Fields
}
```
### Fields
#### server
==Required==
The server address.
#### server_port
==Required==
The server port.
#### uuid
==Required==
The VMess user id.
#### security
Encryption methods:
* `auto`
* `none`
* `zero`
* `aes-128-gcm`
* `chacha20-poly1305`
Legacy encryption methods:
* `aes-128-ctr`
#### alter_id
| Alter ID | Description |
|----------|---------------------|
| 0 | Use AEAD protocol |
| 1 | Use legacy protocol |
| > 1 | Unused, same as 1 |
#### global_padding
Protocol parameter. Will waste traffic randomly if enabled (enabled by default in v2ray and cannot be disabled).
#### authenticated_length
Protocol parameter. Enable length block encryption.
#### network
Enabled network
One of `tcp` `udp`.
Both is enabled by default.
#### tls
TLS configuration, see [TLS](/configuration/shared/tls/#outbound).
#### packet_encoding
UDP packet encoding.
| Encoding | Description |
|------------|-----------------------|
| (none) | Disabled |
| packetaddr | Supported by v2ray 5+ |
| xudp | Supported by xray |
#### multiplex
See [Multiplex](/configuration/shared/multiplex#outbound) for details.
#### transport
V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport/).
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

107
docs/configuration/outbound/vmess.zh.md Normal file
View File

@@ -0,0 +1,107 @@
### 结构
```json
{
"type": "vmess",
"tag": "vmess-out",
"server": "127.0.0.1",
"server_port": 1080,
"uuid": "bf000d23-0752-40b4-affe-68f7707a9661",
"security": "auto",
"alter_id": 0,
"global_padding": false,
"authenticated_length": true,
"network": "tcp",
"tls": {},
"packet_encoding": "",
"multiplex": {},
"transport": {},
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### uuid
==必填==
VMess 用户 ID。
#### security
加密方法:
* `auto`
* `none`
* `zero`
* `aes-128-gcm`
* `chacha20-poly1305`
旧加密方法:
* `aes-128-ctr`
#### alter_id
| Alter ID | 描述 |
|----------|------------|
| 0 | 禁用旧协议 |
| 1 | 启用旧协议 |
| > 1 | 未使用, 行为同 1 |
#### global_padding
协议参数。 如果启用会随机浪费流量(在 v2ray 中默认启用并且无法禁用)。
#### authenticated_length
协议参数。启用长度块加密。
#### network
启用的网络协议。
`tcp``udp`
默认所有。
#### tls
TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#出站)。
#### packet_encoding
UDP 包编码。
| 编码 | 描述 |
|------------|---------------|
| (空) | 禁用 |
| packetaddr | 由 v2ray 5+ 支持 |
| xudp | 由 xray 支持 |
#### multiplex
参阅 [多路复用](/zh/configuration/shared/multiplex#出站)。
#### transport
V2Ray 传输配置,参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport/)。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。

168
docs/configuration/outbound/wireguard.md Normal file
View File

@@ -0,0 +1,168 @@
---
icon: material/delete-clock
---
!!! failure "Deprecated in sing-box 1.11.0"
WireGuard outbound is deprecated and will be removed in sing-box 1.13.0, check [Migration](/migration/#migrate-wireguard-outbound-to-endpoint).
!!! quote "Changes in sing-box 1.11.0"
:material-delete-alert: [gso](#gso)
!!! quote "Changes in sing-box 1.8.0"
:material-plus: [gso](#gso)
### Structure
```json
{
"type": "wireguard",
"tag": "wireguard-out",
"server": "127.0.0.1",
"server_port": 1080,
"system_interface": false,
"interface_name": "wg0",
"local_address": [
"10.0.0.1/32"
],
"private_key": "YNXtAzepDqRv9H52osJVDQnznT5AM11eCK3ESpwSt04=",
"peers": [
{
"server": "127.0.0.1",
"server_port": 1080,
"public_key": "Z1XXLsKYkYxuiYjJIkRvtIKFepCYHTgON+GwPq7SOV4=",
"pre_shared_key": "31aIhAPwktDGpH4JDhA8GNvjFXEf/a6+UaQRyOAiyfM=",
"allowed_ips": [
"0.0.0.0/0"
],
"reserved": [0, 0, 0]
}
],
"peer_public_key": "Z1XXLsKYkYxuiYjJIkRvtIKFepCYHTgON+GwPq7SOV4=",
"pre_shared_key": "31aIhAPwktDGpH4JDhA8GNvjFXEf/a6+UaQRyOAiyfM=",
"reserved": [0, 0, 0],
"workers": 4,
"mtu": 1408,
"network": "tcp",
// Deprecated
"gso": false,
... // Dial Fields
}
```
### Fields
#### server
==Required if multi-peer disabled==
The server address.
#### server_port
==Required if multi-peer disabled==
The server port.
#### system_interface
Use system interface.
Requires privilege and cannot conflict with exists system interfaces.
Forced if gVisor not included in the build.
#### interface_name
Custom interface name for system interface.
#### gso
!!! failure "Deprecated in sing-box 1.11.0"
GSO will be automatically enabled when available since sing-box 1.11.0.
!!! question "Since sing-box 1.8.0"
!!! quote ""
Only supported on Linux.
Try to enable generic segmentation offload.
#### local_address
==Required==
List of IP (v4 or v6) address prefixes to be assigned to the interface.
#### private_key
==Required==
WireGuard requires base64-encoded public and private keys. These can be generated using the wg(8) utility:
```shell
wg genkey
echo "private key" || wg pubkey
```
#### peers
Multi-peer support.
If enabled, `server, server_port, peer_public_key, pre_shared_key` will be ignored.
#### peers.allowed_ips
WireGuard allowed IPs.
#### peers.reserved
WireGuard reserved field bytes.
`$outbound.reserved` will be used if empty.
#### peer_public_key
==Required if multi-peer disabled==
WireGuard peer public key.
#### pre_shared_key
WireGuard pre-shared key.
#### reserved
WireGuard reserved field bytes.
#### workers
WireGuard worker count.
CPU count is used by default.
#### mtu
WireGuard MTU.
1408 will be used if empty.
#### network
Enabled network
One of `tcp` `udp`.
Both is enabled by default.
### Dial Fields
See [Dial Fields](/configuration/shared/dial/) for details.

142
docs/configuration/outbound/wireguard.zh.md Normal file
View File

@@ -0,0 +1,142 @@
---
icon: material/delete-clock
---
!!! failure "已在 sing-box 1.11.0 废弃"
WireGuard 出站已被弃用,且将在 sing-box 1.13.0 中被移除,参阅 [迁移指南](/zh/migration/#迁移-wireguard-出站到端点)。
!!! quote "sing-box 1.11.0 中的更改"
:material-delete-alert: [gso](#gso)
!!! quote "sing-box 1.8.0 中的更改"
:material-plus: [gso](#gso)
### 结构
```json
{
"type": "wireguard",
"tag": "wireguard-out",
"server": "127.0.0.1",
"server_port": 1080,
"system_interface": false,
"interface_name": "wg0",
"local_address": [
"10.0.0.1/32"
],
"private_key": "YNXtAzepDqRv9H52osJVDQnznT5AM11eCK3ESpwSt04=",
"peer_public_key": "Z1XXLsKYkYxuiYjJIkRvtIKFepCYHTgON+GwPq7SOV4=",
"pre_shared_key": "31aIhAPwktDGpH4JDhA8GNvjFXEf/a6+UaQRyOAiyfM=",
"reserved": [0, 0, 0],
"workers": 4,
"mtu": 1408,
"network": "tcp",
// 废弃的
"gso": false,
... // 拨号字段
}
```
### 字段
#### server
==必填==
服务器地址。
#### server_port
==必填==
服务器端口。
#### system_interface
使用系统设备。
需要特权且不能与已有系统接口冲突。
如果 gVisor 未包含在构建中,则强制执行。
#### interface_name
为系统接口自定义设备名称。
#### gso
!!! failure "已在 sing-box 1.11.0 废弃"
自 sing-box 1.11.0 起GSO 将可用时自动启用。
!!! question "自 sing-box 1.8.0 起"
!!! quote ""
仅支持 Linux。
尝试启用通用分段卸载。
#### local_address
==必填==
接口的 IPv4/IPv6 地址或地址段的列表。
要分配给接口的 IPv4 或 v6地址段列表。
#### private_key
==必填==
WireGuard 需要 base64 编码的公钥和私钥。 这些可以使用 wg(8) 实用程序生成:
```shell
wg genkey
echo "private key" || wg pubkey
```
#### peer_public_key
==必填==
WireGuard 对等公钥。
#### pre_shared_key
WireGuard 预共享密钥。
#### reserved
WireGuard 保留字段字节。
#### workers
WireGuard worker 数量。
默认使用 CPU 数量。
#### mtu
WireGuard MTU。
默认使用 1408。
#### network
启用的网络协议
`tcp``udp`
默认所有。
### 拨号字段
参阅 [拨号字段](/zh/configuration/shared/dial/)。