CN-JS-HuiBai/SingboxForPanel
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

First Commmit

Browse Source
This commit is contained in:
CN-JS-HuiBai
2026-04-14 22:41:14 +08:00
commit 9f867b19da
1086 changed files with 147554 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

212
docs/manual/proxy-protocol/hysteria2.md Normal file
View File

@@ -0,0 +1,212 @@
---
icon: material/lightning-bolt
---
# Hysteria 2
Hysteria 2 is a simple, Chinese-made protocol based on QUIC.
The selling point is Brutal, a congestion control algorithm that
tries to achieve a user-defined bandwidth despite packet loss.
!!! warning
Even though GFW rarely blocks UDP-based proxies, such protocols actually have far more obvious characteristics than TCP based proxies.
| Specification | Resists passive detection | Resists active probes |
|---------------------------------------------------------------------------|---------------------------|-----------------------|
| [hysteria.network](https://v2.hysteria.network/docs/developers/Protocol/) | :material-alert: | :material-check: |
## :material-text-box-check: Password Generator
| Generate Password | Action |
|----------------------------|-----------------------------------------------------------------|
| <code id="password"><code> | <button class="md-button" onclick="generate()">Refresh</button> |
<script>
function generate() {
const array = new Uint8Array(16);
window.crypto.getRandomValues(array);
document.getElementById("password").textContent = btoa(String.fromCharCode.apply(null, array));
}
generate();
</script>
## :material-alert: Difference from official Hysteria
The official program supports an authentication method called **userpass**,
which essentially uses a combination of `<username>:<password>` as the actual password,
while sing-box does not provide this alias.
To use sing-box with the official program, you need to fill in that combination as the actual password.
## :material-server: Server Example
!!! info ""
Replace `up_mbps` and `down_mbps` values with the actual bandwidth of your server.
=== ":material-harddisk: With local certificate"
```json
{
"inbounds": [
{
"type": "hysteria2",
"listen": "::",
"listen_port": 8080,
"up_mbps": 100,
"down_mbps": 100,
"users": [
{
"name": "sekai",
"password": "<password>"
}
],
"tls": {
"enabled": true,
"server_name": "example.org",
"key_path": "/path/to/key.pem",
"certificate_path": "/path/to/certificate.pem"
}
}
]
}
```
=== ":material-auto-fix: With ACME"
```json
{
"inbounds": [
{
"type": "hysteria2",
"listen": "::",
"listen_port": 8080,
"up_mbps": 100,
"down_mbps": 100,
"users": [
{
"name": "sekai",
"password": "<password>"
}
],
"tls": {
"enabled": true,
"server_name": "example.org",
"acme": {
"domain": "example.org",
"email": "admin@example.org"
}
}
}
]
}
```
=== ":material-cloud: With ACME and Cloudflare API"
```json
{
"inbounds": [
{
"type": "hysteria2",
"listen": "::",
"listen_port": 8080,
"up_mbps": 100,
"down_mbps": 100,
"users": [
{
"name": "sekai",
"password": "<password>"
}
],
"tls": {
"enabled": true,
"server_name": "example.org",
"acme": {
"domain": "example.org",
"email": "admin@example.org",
"dns01_challenge": {
"provider": "cloudflare",
"api_token": "my_token"
}
}
}
}
]
}
```
## :material-cellphone-link: Client Example
!!! info ""
Replace `up_mbps` and `down_mbps` values with the actual bandwidth of your client.
=== ":material-web-check: With valid certificate"
```json
{
"outbounds": [
{
"type": "hysteria2",
"server": "127.0.0.1",
"server_port": 8080,
"up_mbps": 100,
"down_mbps": 100,
"password": "<password>",
"tls": {
"enabled": true,
"server_name": "example.org"
}
}
]
}
```
=== ":material-check: With self-sign certificate"
!!! info "Tip"
Use `sing-box merge` command to merge configuration and certificate into one file.
```json
{
"outbounds": [
{
"type": "hysteria2",
"server": "127.0.0.1",
"server_port": 8080,
"up_mbps": 100,
"down_mbps": 100,
"password": "<password>",
"tls": {
"enabled": true,
"server_name": "example.org",
"certificate_path": "/path/to/certificate.pem"
}
}
]
}
```
=== ":material-alert: Ignore certificate verification"
```json
{
"outbounds": [
{
"type": "hysteria2",
"server": "127.0.0.1",
"server_port": 8080,
"up_mbps": 100,
"down_mbps": 100,
"password": "<password>",
"tls": {
"enabled": true,
"server_name": "example.org",
"insecure": true
}
}
]
}
```

125
docs/manual/proxy-protocol/shadowsocks.md Normal file
View File

@@ -0,0 +1,125 @@
---
icon: material/send
---
# Shadowsocks
Shadowsocks is the most well-known Chinese-made proxy protocol.
It exists in multiple versions, but only AEAD 2022 ciphers
over TCP with multiplexing is recommended.
| Ciphers | Specification | Cryptographically sound | Resists passive detection | Resists active probes |
|----------------|------------------------------------------------------------|-------------------------|---------------------------|-----------------------|
| Stream Ciphers | [shadowsocks.org](https://shadowsocks.org/doc/stream.html) | :material-alert: | :material-alert: | :material-alert: |
| AEAD | [shadowsocks.org](https://shadowsocks.org/doc/aead.html) | :material-check: | :material-alert: | :material-alert: |
| AEAD 2022 | [shadowsocks.org](https://shadowsocks.org/doc/sip022.html) | :material-check: | :material-check: | :material-help: |
(We strongly recommend using multiplexing to send UDP traffic over TCP, because
doing otherwise is vulnerable to passive detection.)
## :material-text-box-check: Password Generator
| For `2022-blake3-aes-128-gcm` cipher | For other ciphers | Action |
|--------------------------------------|-------------------------------|-----------------------------------------------------------------|
| <code id="password_16"><code> | <code id="password_32"><code> | <button class="md-button" onclick="generate()">Refresh</button> |
<script>
function generatePassword(element, length) {
const array = new Uint8Array(length);
window.crypto.getRandomValues(array);
document.getElementById(element).textContent = btoa(String.fromCharCode.apply(null, array));
}
function generate() {
generatePassword("password_16", 16);
generatePassword("password_32", 32);
}
generate();
</script>
## :material-server: Server Example
=== ":material-account: Single-user"
```json
{
"inbounds": [
{
"type": "shadowsocks",
"listen": "::",
"listen_port": 8080,
"network": "tcp",
"method": "2022-blake3-aes-128-gcm",
"password": "<password>",
"multiplex": {
"enabled": true
}
}
]
}
```
=== ":material-account-multiple: Multi-user"
```json
{
"inbounds": [
{
"type": "shadowsocks",
"listen": "::",
"listen_port": 8080,
"network": "tcp",
"method": "2022-blake3-aes-128-gcm",
"password": "<server_password>",
"users": [
{
"name": "sekai",
"password": "<user_password>"
}
],
"multiplex": {
"enabled": true
}
}
]
}
```
## :material-cellphone-link: Client Example
=== ":material-account: Single-user"
```json
{
"outbounds": [
{
"type": "shadowsocks",
"server": "127.0.0.1",
"server_port": 8080,
"method": "2022-blake3-aes-128-gcm",
"password": "<pasword>",
"multiplex": {
"enabled": true
}
}
]
}
```
=== ":material-account-multiple: Multi-user"
```json
{
"outbounds": [
{
"type": "shadowsocks",
"server": "127.0.0.1",
"server_port": 8080,
"method": "2022-blake3-aes-128-gcm",
"password": "<server_pasword>:<user_password>",
"multiplex": {
"enabled": true
}
}
]
}
```

200
docs/manual/proxy-protocol/trojan.md Normal file
View File

@@ -0,0 +1,200 @@
---
icon: material/horse
---
# Trojan
Trojan is the most commonly used TLS proxy made in China. It can be used in various combinations.
| Protocol and implementation combination | Specification | Resists passive detection | Resists active probes |
|-----------------------------------------|----------------------------------------------------------------------|---------------------------|-----------------------|
| Origin / trojan-gfw | [trojan-gfw.github.io](https://trojan-gfw.github.io/trojan/protocol) | :material-check: | :material-check: |
| Basic Go implementation | / | :material-alert: | :material-check: |
| with privates transport by V2Ray | No formal definition | :material-alert: | :material-alert: |
| with uTLS enabled | No formal definition | :material-help: | :material-check: |
## :material-text-box-check: Password Generator
| Generate Password | Action |
|----------------------------|-----------------------------------------------------------------|
| <code id="password"><code> | <button class="md-button" onclick="generate()">Refresh</button> |
<script>
function generate() {
const array = new Uint8Array(16);
window.crypto.getRandomValues(array);
document.getElementById("password").textContent = btoa(String.fromCharCode.apply(null, array));
}
generate();
</script>
## :material-server: Server Example
=== ":material-harddisk: With local certificate"
```json
{
"inbounds": [
{
"type": "trojan",
"listen": "::",
"listen_port": 8080,
"users": [
{
"name": "example",
"password": "password"
}
],
"tls": {
"enabled": true,
"server_name": "example.org",
"key_path": "/path/to/key.pem",
"certificate_path": "/path/to/certificate.pem"
},
"multiplex": {
"enabled": true
}
}
]
}
```
=== ":material-auto-fix: With ACME"
```json
{
"inbounds": [
{
"type": "trojan",
"listen": "::",
"listen_port": 8080,
"users": [
{
"name": "example",
"password": "password"
}
],
"tls": {
"enabled": true,
"server_name": "example.org",
"acme": {
"domain": "example.org",
"email": "admin@example.org"
}
},
"multiplex": {
"enabled": true
}
}
]
}
```
=== ":material-cloud: With ACME and Cloudflare API"
```json
{
"inbounds": [
{
"type": "trojan",
"listen": "::",
"listen_port": 8080,
"users": [
{
"name": "example",
"password": "password"
}
],
"tls": {
"enabled": true,
"server_name": "example.org",
"acme": {
"domain": "example.org",
"email": "admin@example.org",
"dns01_challenge": {
"provider": "cloudflare",
"api_token": "my_token"
}
}
},
"multiplex": {
"enabled": true
}
}
]
}
```
## :material-cellphone-link: Client Example
=== ":material-web-check: With valid certificate"
```json
{
"outbounds": [
{
"type": "trojan",
"server": "127.0.0.1",
"server_port": 8080,
"password": "password",
"tls": {
"enabled": true,
"server_name": "example.org"
},
"multiplex": {
"enabled": true
}
}
]
}
```
=== ":material-check: With self-sign certificate"
!!! info "Tip"
Use `sing-box merge` command to merge configuration and certificate into one file.
```json
{
"outbounds": [
{
"type": "trojan",
"server": "127.0.0.1",
"server_port": 8080,
"password": "password",
"tls": {
"enabled": true,
"server_name": "example.org",
"certificate_path": "/path/to/certificate.pem"
},
"multiplex": {
"enabled": true
}
}
]
}
```
=== ":material-alert: Ignore certificate verification"
```json
{
"outbounds": [
{
"type": "trojan",
"server": "127.0.0.1",
"server_port": 8080,
"password": "password",
"tls": {
"enabled": true,
"server_name": "example.org",
"insecure": true
},
"multiplex": {
"enabled": true
}
}
]
}
```