CN-JS-HuiBai/SingboxForPanel
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add custom options for TUN auto-route and auto-redirect

Browse Source
This commit is contained in:
世界
2024-06-22 14:11:49 +08:00
parent 50f07b42f6
commit ff7d8c9ba8
4 changed files with 158 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
docs/configuration/inbound/tun.md
View File

@@ -13,7 +13,11 @@ icon: material/new-box
:material-plus: [route_exclude_address](#route_address)
:material-delete-clock: [inet4_route_exclude_address](#inet4_route_exclude_address)
:material-delete-clock: [inet6_route_exclude_address](#inet6_route_exclude_address)
:material-plus: [iproute2_table_index](#iproute2_table_index)
:material-plus: [iproute2_rule_index](#iproute2_table_index)
:material-plus: [auto_redirect](#auto_redirect)
:material-plus: [auto_redirect_input_mark](#auto_redirect_input_mark)
:material-plus: [auto_redirect_output_mark](#auto_redirect_output_mark)
:material-plus: [route_address_set](#route_address_set)
:material-plus: [route_exclude_address_set](#route_address_set)
@@ -53,8 +57,12 @@ icon: material/new-box
"mtu": 9000,
"gso": false,
"auto_route": true,
"strict_route": true,
"iproute2_table_index": 2022,
"iproute2_rule_index": 9000,
"auto_redirect": false,
"auto_redirect_input_mark": "0x2023",
"auto_redirect_output_mark": "0x2024",
"strict_route": true,
"route_address": [
"0.0.0.0/1",
"128.0.0.0/1",
@@ -129,8 +137,8 @@ icon: material/new-box
"match_domain": []
}
},
... // Listen Fields
...
// Listen Fields
}
```
@@ -180,7 +188,7 @@ The maximum transmission unit.
!!! quote ""
Only supported on Linux.
Only supported on Linux with `auto_route` enabled.
Enable generic segmentation offload.
@@ -196,24 +204,21 @@ Set the default route to the Tun.
By default, VPN takes precedence over tun. To make tun go through VPN, enable `route.override_android_vpn`.
#### strict_route
#### iproute2_table_index
Enforce strict routing rules when `auto_route` is enabled:
!!! question "Since sing-box 1.10.0"
*In Linux*:
Linux iproute2 table index generated by `auto_route`.
* Let unsupported network unreachable
* Make ICMP traffic route to tun instead of upstream interfaces
* Route all connections to tun
`2022` is used by default.
It prevents IP address leaks and makes DNS hijacking work on Android.
#### iproute2_rule_index
*In Windows*:
!!! question "Since sing-box 1.10.0"
* Add firewall rules to prevent DNS leak caused by
Windows' [ordinary multihomed DNS resolution behavior](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd197552%28v%3Dws.10%29)
Linux iproute2 rule start index generated by `auto_route`.
It may prevent some applications (such as VirtualBox) from working properly in certain situations.
`9000` is used by default.
#### auto_redirect
@@ -234,6 +239,41 @@ use [VPNHotspot](https://github.com/Mygod/VPNHotspot).
`auto_route` with `auto_redirect` now works as expected on routers **without intervention**.
#### auto_redirect_input_mark
!!! question "Since sing-box 1.10.0"
Connection input mark used by `route_address_set` and `route_exclude_address_set`.
`0x2023` is used by default.
#### auto_redirect_output_mark
!!! question "Since sing-box 1.10.0"
Connection output mark used by `route_address_set` and `route_exclude_address_set`.
`0x2024` is used by default.
#### strict_route
Enforce strict routing rules when `auto_route` is enabled:
*In Linux*:
* Let unsupported network unreachable
* Make ICMP traffic route to tun instead of upstream interfaces
* Route all connections to tun
It prevents IP address leaks and makes DNS hijacking work on Android.
*In Windows*:
* Add firewall rules to prevent DNS leak caused by
Windows' [ordinary multihomed DNS resolution behavior](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd197552%28v%3Dws.10%29)
It may prevent some applications (such as VirtualBox) from working properly in certain situations.
#### route_address
!!! question "Since sing-box 1.10.0"
@@ -244,7 +284,8 @@ Use custom routes instead of default when `auto_route` is enabled.
!!! failure "Deprecated in sing-box 1.10.0"
`inet4_route_address` is deprecated and will be removed in sing-box 1.11.0, please use [route_address](#route_address) instead.
`inet4_route_address` is deprecated and will be removed in sing-box 1.11.0, please use [route_address](#route_address)
instead.
Use custom routes instead of default when `auto_route` is enabled.
@@ -252,7 +293,8 @@ Use custom routes instead of default when `auto_route` is enabled.
!!! failure "Deprecated in sing-box 1.10.0"
`inet6_route_address` is deprecated and will be removed in sing-box 1.11.0, please use [route_address](#route_address) instead.
`inet6_route_address` is deprecated and will be removed in sing-box 1.11.0, please use [route_address](#route_address)
instead.
Use custom routes instead of default when `auto_route` is enabled.
@@ -266,7 +308,8 @@ Exclude custom routes when `auto_route` is enabled.
!!! failure "Deprecated in sing-box 1.10.0"
`inet4_route_exclude_address` is deprecated and will be removed in sing-box 1.11.0, please use [route_exclude_address](#route_exclude_address) instead.
`inet4_route_exclude_address` is deprecated and will be removed in sing-box 1.11.0, please
use [route_exclude_address](#route_exclude_address) instead.
Exclude custom routes when `auto_route` is enabled.
@@ -274,7 +317,8 @@ Exclude custom routes when `auto_route` is enabled.
!!! failure "Deprecated in sing-box 1.10.0"
`inet6_route_exclude_address` is deprecated and will be removed in sing-box 1.11.0, please use [route_exclude_address](#route_exclude_address) instead.
`inet6_route_exclude_address` is deprecated and will be removed in sing-box 1.11.0, please
use [route_exclude_address](#route_exclude_address) instead.
Exclude custom routes when `auto_route` is enabled.