mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-29 20:11:28 +00:00
136 lines
2.5 KiB
Markdown
136 lines
2.5 KiB
Markdown
|
### Structure
|
||
|
|
||
|
```json
|
||
|
{
|
||
|
"outbounds": [
|
||
|
{
|
||
|
"type": "wireguard",
|
||
|
"tag": "wireguard-out",
|
||
|
|
||
|
"server": "127.0.0.1",
|
||
|
"server_port": 1080,
|
||
|
"local_address": [
|
||
|
"10.0.0.1",
|
||
|
"10.0.0.2/32"
|
||
|
],
|
||
|
"private_key": "YNXtAzepDqRv9H52osJVDQnznT5AM11eCK3ESpwSt04=",
|
||
|
"peer_public_key": "Z1XXLsKYkYxuiYjJIkRvtIKFepCYHTgON+GwPq7SOV4=",
|
||
|
"pre_shared_key": "31aIhAPwktDGpH4JDhA8GNvjFXEf/a6+UaQRyOAiyfM=",
|
||
|
"mtu": 1408,
|
||
|
"network": "tcp",
|
||
|
|
||
|
"detour": "upstream-out",
|
||
|
"bind_interface": "en0",
|
||
|
"routing_mark": 1234,
|
||
|
"reuse_addr": false,
|
||
|
"connect_timeout": "5s",
|
||
|
"tcp_fast_open": false,
|
||
|
"domain_strategy": "prefer_ipv6",
|
||
|
"fallback_delay": "300ms"
|
||
|
}
|
||
|
]
|
||
|
}
|
||
|
```
|
||
|
|
||
|
### WireGuard Fields
|
||
|
|
||
|
#### server
|
||
|
|
||
|
==Required==
|
||
|
|
||
|
The server address.
|
||
|
|
||
|
#### server_port
|
||
|
|
||
|
==Required==
|
||
|
|
||
|
The server port.
|
||
|
|
||
|
#### local_address
|
||
|
|
||
|
==Required==
|
||
|
|
||
|
List of IP (v4 or v6) addresses (optionally with CIDR masks) to be assigned to the interface.
|
||
|
|
||
|
#### private_key
|
||
|
|
||
|
==Required==
|
||
|
|
||
|
WireGuard requires base64-encoded public and private keys. These can be generated using the wg(8) utility:
|
||
|
|
||
|
```shell
|
||
|
wg genkey
|
||
|
echo "private key" || wg pubkey
|
||
|
```
|
||
|
|
||
|
#### peer_public_key
|
||
|
|
||
|
==Required==
|
||
|
|
||
|
WireGuard peer public key.
|
||
|
|
||
|
#### pre_shared_key
|
||
|
|
||
|
WireGuard pre-shared key.
|
||
|
|
||
|
#### mtu
|
||
|
|
||
|
WireGuard MTU. 1408 will be used if empty.
|
||
|
|
||
|
#### network
|
||
|
|
||
|
Enabled network
|
||
|
|
||
|
One of `tcp` `udp`.
|
||
|
|
||
|
Both is enabled by default.
|
||
|
|
||
|
### Dial Fields
|
||
|
|
||
|
#### detour
|
||
|
|
||
|
The tag of the upstream outbound.
|
||
|
|
||
|
Other dial fields will be ignored when enabled.
|
||
|
|
||
|
#### bind_interface
|
||
|
|
||
|
The network interface to bind to.
|
||
|
|
||
|
#### routing_mark
|
||
|
|
||
|
!!! error ""
|
||
|
|
||
|
Linux only
|
||
|
|
||
|
The iptables routing mark.
|
||
|
|
||
|
#### reuse_addr
|
||
|
|
||
|
Reuse listener address.
|
||
|
|
||
|
#### connect_timeout
|
||
|
|
||
|
Connect timeout, in golang's Duration format.
|
||
|
|
||
|
A duration string is a possibly signed sequence of
|
||
|
decimal numbers, each with optional fraction and a unit suffix,
|
||
|
such as "300ms", "-1.5h" or "2h45m".
|
||
|
Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
|
||
|
|
||
|
#### domain_strategy
|
||
|
|
||
|
One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
|
||
|
|
||
|
If set, the server domain name will be resolved to IP before connecting.
|
||
|
|
||
|
`dns.strategy` will be used if empty.
|
||
|
|
||
|
#### fallback_delay
|
||
|
|
||
|
The length of time to wait before spawning a RFC 6555 Fast Fallback connection.
|
||
|
That is, is the amount of time to wait for IPv6 to succeed before assuming
|
||
|
that IPv6 is misconfigured and falling back to IPv4 if `prefer_ipv4` is set.
|
||
|
If zero, a default delay of 300ms is used.
|
||
|
|
||
|
Only take effect when `domain_strategy` is `prefer_ipv4` or `prefer_ipv6`.
|