sing-box/docs/changelog.md

2085 lines
53 KiB
Markdown
Raw Normal View History

---
icon: material/alert-decagram
---
2024-06-09 05:18:08 +00:00
### 1.9.3
* Fixes and improvements
2024-06-08 10:59:12 +00:00
### 1.9.2
* Fixes and improvements
2024-06-07 07:04:04 +00:00
### 1.9.1
* Fixes and improvements
2024-05-25 02:08:18 +00:00
### 1.9.0
* Fixes and improvements
Important changes since 1.8:
* `domain_suffix` behavior update **1**
* `process_path` format update on Windows **2**
* Add address filter DNS rule items **3**
* Add support for `client-subnet` DNS options **4**
* Add rejected DNS response cache support **5**
* Add `bypass_domain` and `search_domain` platform HTTP proxy options **6**
* Fix missing `rule_set_ipcidr_match_source` item in DNS rules **7**
* Handle Windows power events
* Always disable cache for fake-ip DNS transport if `dns.independent_cache` disabled
* Improve DNS truncate behavior
* Update Hysteria protocol
* Update quic-go to v0.43.1
* Update gVisor to 20240422.0
* Mitigating TunnelVision attacks **8**
**1**:
See [Migration](/migration/#domain_suffix-behavior-update).
**2**:
See [Migration](/migration/#process_path-format-update-on-windows).
**3**:
The new DNS feature allows you to more precisely bypass Chinese websites via **DNS leaks**. Do not use plain local DNS
if using this method.
See [Address Filter Fields](/configuration/dns/rule#address-filter-fields).
[Client example](/manual/proxy/client#traffic-bypass-usage-for-chinese-users) updated.
**4**:
See [DNS](/configuration/dns), [DNS Server](/configuration/dns/server) and [DNS Rules](/configuration/dns/rule).
Since this feature makes the scenario mentioned in `alpha.1` no longer leak DNS requests,
the [Client example](/manual/proxy/client#traffic-bypass-usage-for-chinese-users) has been updated.
**5**:
The new feature allows you to cache the check results of
[Address filter DNS rule items](/configuration/dns/rule/#address-filter-fields) until expiration.
**6**:
See [TUN](/configuration/inbound/tun) inbound.
**7**:
See [DNS Rule](/configuration/dns/rule/).
**8**:
See [TunnelVision](/manual/misc/tunnelvision).
2024-04-26 12:37:25 +00:00
#### 1.9.0-rc.22
* Fixes and improvements
#### 1.9.0-rc.20
* Prioritize `*_route_address` in linux auto-route
* Fix `*_route_address` in darwin auto-route
2024-05-18 08:51:06 +00:00
#### 1.8.14
* Fix hysteria2 panic
* Fixes and improvements
2024-04-26 12:37:25 +00:00
#### 1.9.0-rc.18
* Add custom prefix support in EDNS0 client subnet options
* Fix hysteria2 crash
* Fix `store_rdrc` corrupted
* Update quic-go to v0.43.1
* Fixes and improvements
#### 1.9.0-rc.16
* Mitigating TunnelVision attacks **1**
* Fixes and improvements
**1**:
See [TunnelVision](/manual/misc/tunnelvision).
#### 1.9.0-rc.15
* Fixes and improvements
2024-05-03 08:26:38 +00:00
#### 1.8.13
* Fix fake-ip mapping
* Fixes and improvements
2024-04-26 12:37:25 +00:00
#### 1.9.0-rc.14
* Fixes and improvements
#### 1.9.0-rc.13
* Update Hysteria protocol
* Update quic-go to v0.43.0
* Update gVisor to 20240422.0
* Fixes and improvements
2024-04-23 06:04:25 +00:00
#### 1.8.12
* Now we have official APT and DNF repositories **1**
* Fix packet MTU for QUIC protocols
* Fixes and improvements
**1**:
Including stable and beta versions, see https://sing-box.sagernet.org/installation/package-manager/
2024-04-26 12:37:25 +00:00
#### 1.9.0-rc.11
* Fixes and improvements
2024-03-29 04:52:42 +00:00
#### 1.8.11
* Fixes and improvements
2024-03-21 15:21:37 +00:00
#### 1.8.10
* Fixes and improvements
2024-04-26 12:37:25 +00:00
#### 1.9.0-beta.17
* Update `quic-go` to v0.42.0
* Fixes and improvements
#### 1.9.0-beta.16
* Fixes and improvements
_Our Testflight distribution has been temporarily blocked by Apple (possibly due to too many beta versions)
and you cannot join the test, install or update the sing-box beta app right now.
Please wait patiently for processing._
#### 1.9.0-beta.14
* Update gVisor to 20240212.0-65-g71212d503
* Fixes and improvements
2024-03-15 08:24:31 +00:00
#### 1.8.9
* Fixes and improvements
2024-03-02 06:30:23 +00:00
#### 1.8.8
* Fixes and improvements
2024-04-26 12:37:25 +00:00
#### 1.9.0-beta.7
* Fixes and improvements
#### 1.9.0-beta.6
* Fix address filter DNS rule items **1**
* Fix DNS outbound responding with wrong data
* Fixes and improvements
**1**:
Fixed an issue where address filter DNS rule was incorrectly rejected under certain circumstances.
If you have enabled `store_rdrc` to save results, consider clearing the cache file.
2024-02-26 14:56:04 +00:00
#### 1.8.7
* Fixes and improvements
2024-04-26 12:37:25 +00:00
#### 1.9.0-alpha.15
* Fixes and improvements
#### 1.9.0-alpha.14
* Improve DNS truncate behavior
* Fixes and improvements
#### 1.9.0-alpha.13
* Fixes and improvements
2024-02-16 07:06:59 +00:00
#### 1.8.6
* Fixes and improvements
2024-04-26 12:37:25 +00:00
#### 1.9.0-alpha.12
* Handle Windows power events
* Always disable cache for fake-ip DNS transport if `dns.independent_cache` disabled
* Fixes and improvements
#### 1.9.0-alpha.11
* Fix missing `rule_set_ipcidr_match_source` item in DNS rules **1**
* Fixes and improvements
**1**:
See [DNS Rule](/configuration/dns/rule/).
#### 1.9.0-alpha.10
* Add `bypass_domain` and `search_domain` platform HTTP proxy options **1**
* Fixes and improvements
**1**:
See [TUN](/configuration/inbound/tun) inbound.
#### 1.9.0-alpha.8
* Add rejected DNS response cache support **1**
* Fixes and improvements
**1**:
The new feature allows you to cache the check results of
[Address filter DNS rule items](/configuration/dns/rule/#address-filter-fields) until expiration.
#### 1.9.0-alpha.7
* Update gVisor to 20240206.0
* Fixes and improvements
#### 1.9.0-alpha.6
* Fixes and improvements
#### 1.9.0-alpha.3
* Update `quic-go` to v0.41.0
* Fixes and improvements
#### 1.9.0-alpha.2
* Add support for `client-subnet` DNS options **1**
* Fixes and improvements
**1**:
See [DNS](/configuration/dns), [DNS Server](/configuration/dns/server) and [DNS Rules](/configuration/dns/rule).
Since this feature makes the scenario mentioned in `alpha.1` no longer leak DNS requests,
the [Client example](/manual/proxy/client#traffic-bypass-usage-for-chinese-users) has been updated.
#### 1.9.0-alpha.1
* `domain_suffix` behavior update **1**
* `process_path` format update on Windows **2**
* Add address filter DNS rule items **3**
**1**:
See [Migration](/migration/#domain_suffix-behavior-update).
**2**:
See [Migration](/migration/#process_path-format-update-on-windows).
**3**:
The new DNS feature allows you to more precisely bypass Chinese websites via **DNS leaks**. Do not use plain local DNS
if using this method.
See [Address Filter Fields](/configuration/dns/rule#address-filter-fields).
[Client example](/manual/proxy/client#traffic-bypass-usage-for-chinese-users) updated.
2024-02-02 03:34:08 +00:00
#### 1.8.5
* Fixes and improvements
2024-01-20 08:36:26 +00:00
#### 1.8.4
* Fixes and improvements
2024-01-14 05:07:37 +00:00
#### 1.8.2
* Fixes and improvements
2024-01-07 08:47:14 +00:00
#### 1.8.1
* Fixes and improvements
2024-05-25 02:08:18 +00:00
### 1.8.0
2023-12-19 11:17:44 +00:00
* Fixes and improvements
Important changes since 1.7:
* Migrate cache file from Clash API to independent options **1**
* Introducing [Rule Set](/configuration/rule-set/) **2**
* Add `sing-box geoip`, `sing-box geosite` and `sing-box rule-set` commands **3**
* Allow nested logical rules **4**
* Independent `source_ip_is_private` and `ip_is_private` rules **5**
* Add context to JSON decode error message **6**
* Reject internal fake-ip queries **7**
* Add GSO support for TUN and WireGuard system interface **8**
* Add `idle_timeout` for URLTest outbound **9**
* Add simple loopback detect
* Optimize memory usage of idle connections
* Update uTLS to 1.5.4 **10**
* Update dependencies **11**
**1**:
See [Cache File](/configuration/experimental/cache-file/) and
[Migration](/migration/#migrate-cache-file-from-clash-api-to-independent-options).
**2**:
Rule set is independent collections of rules that can be compiled into binaries to improve performance.
Compared to legacy GeoIP and Geosite resources,
it can include more types of rules, load faster,
use less memory, and update automatically.
See [Route#rule_set](/configuration/route/#rule_set),
[Route Rule](/configuration/route/rule/),
[DNS Rule](/configuration/dns/rule/),
[Rule Set](/configuration/rule-set/),
[Source Format](/configuration/rule-set/source-format/) and
[Headless Rule](/configuration/rule-set/headless-rule/).
For GEO resources migration, see [Migrate GeoIP to rule sets](/migration/#migrate-geoip-to-rule-sets) and
[Migrate Geosite to rule sets](/migration/#migrate-geosite-to-rule-sets).
**3**:
New commands manage GeoIP, Geosite and rule set resources, and help you migrate GEO resources to rule sets.
**4**:
Logical rules in route rules, DNS rules, and the new headless rule now allow nesting of logical rules.
**5**:
The `private` GeoIP country never existed and was actually implemented inside V2Ray.
Since GeoIP was deprecated, we made this rule independent, see [Migration](/migration/#migrate-geoip-to-rule-sets).
**6**:
JSON parse errors will now include the current key path.
Only takes effect when compiled with Go 1.21+.
**7**:
All internal DNS queries now skip DNS rules with `server` type `fakeip`,
and the default DNS server can no longer be `fakeip`.
This change is intended to break incorrect usage and essentially requires no action.
**8**:
See [TUN](/configuration/inbound/tun/) inbound and [WireGuard](/configuration/outbound/wireguard/) outbound.
**9**:
When URLTest is idle for a certain period of time, the scheduled delay test will be paused.
**10**:
Added some new [fingerprints](/configuration/shared/tls#utls).
Also, starting with this release, uTLS requires at least Go 1.20.
**11**:
2024-03-02 06:30:23 +00:00
Updated `cloudflare-tls`, `gomobile`, `smux`, `tfo-go` and `wireguard-go` to latest, `quic-go` to `0.40.1` and `gvisor`
to `20231204.0`
2023-12-19 11:17:44 +00:00
#### 1.8.0-rc.11
* Fixes and improvements
2024-01-02 06:31:53 +00:00
#### 1.7.8
* Fixes and improvements
2023-12-19 11:17:44 +00:00
#### 1.8.0-rc.10
* Fixes and improvements
2023-12-29 10:00:19 +00:00
#### 1.7.7
* Fix V2Ray transport `path` validation behavior **1**
* Fixes and improvements
**1**:
See [V2Ray transport](/configuration/shared/v2ray-transport/).
2023-12-19 11:17:44 +00:00
#### 1.8.0-rc.7
* Fixes and improvements
#### 1.8.0-rc.3
* Fix V2Ray transport `path` validation behavior **1**
* Fixes and improvements
**1**:
See [V2Ray transport](/configuration/shared/v2ray-transport/).
2023-12-19 11:17:44 +00:00
#### 1.7.6
* Fixes and improvements
2023-12-19 11:17:44 +00:00
#### 1.8.0-rc.1
* Fixes and improvements
#### 1.8.0-beta.9
* Add simple loopback detect
* Fixes and improvements
2023-12-11 13:40:32 +00:00
#### 1.7.5
* Fixes and improvements
2023-12-19 11:17:44 +00:00
#### 1.8.0-alpha.17
* Add GSO support for TUN and WireGuard system interface **1**
* Update uTLS to 1.5.4 **2**
* Update dependencies **3**
* Fixes and improvements
**1**:
See [TUN](/configuration/inbound/tun/) inbound and [WireGuard](/configuration/outbound/wireguard/) outbound.
**2**:
Added some new [fingerprints](/configuration/shared/tls#utls).
Also, starting with this release, uTLS requires at least Go 1.20.
**3**:
Updated `cloudflare-tls`, `gomobile`, `smux`, `tfo-go` and `wireguard-go` to latest, and `gvisor` to `20231204.0`
This may break something, good luck!
2023-12-08 16:20:24 +00:00
#### 1.7.4
2023-12-07 14:40:18 +00:00
* Fixes and improvements
2023-12-19 11:17:44 +00:00
_Due to the long waiting time, this version is no longer waiting for approval
2023-12-07 14:40:18 +00:00
by the Apple App Store, so updates to Apple Platforms will be delayed._
2023-12-19 11:17:44 +00:00
#### 1.8.0-alpha.16
* Fixes and improvements
#### 1.8.0-alpha.15
* Some chaotic changes **1**
* Fixes and improvements
**1**:
Designed to optimize memory usage of idle connections, may take effect on the following protocols:
| Protocol | TCP | UDP |
|------------------------------------------------------|------------------|------------------|
| HTTP proxy server | :material-check: | / |
| SOCKS5 | :material-close: | :material-check: |
| Shadowsocks none/AEAD/AEAD2022 | :material-check: | :material-check: |
| Trojan | / | :material-check: |
| TUIC/Hysteria/Hysteria2 | :material-close: | :material-check: |
| Multiplex | :material-close: | :material-check: |
| Plain TLS (Trojan/VLESS without extra sub-protocols) | :material-check: | / |
| Other protocols | :material-close: | :material-close: |
At the same time, everything existing may be broken, please actively report problems with this version.
#### 1.8.0-alpha.13
* Fixes and improvements
#### 1.8.0-alpha.10
* Add `idle_timeout` for URLTest outbound **1**
* Fixes and improvements
**1**:
When URLTest is idle for a certain period of time, the scheduled delay test will be paused.
2023-12-02 09:57:39 +00:00
#### 1.7.2
* Fixes and improvements
2023-12-19 11:17:44 +00:00
#### 1.8.0-alpha.8
* Add context to JSON decode error message **1**
* Reject internal fake-ip queries **2**
* Fixes and improvements
**1**:
JSON parse errors will now include the current key path.
Only takes effect when compiled with Go 1.21+.
**2**:
All internal DNS queries now skip DNS rules with `server` type `fakeip`,
and the default DNS server can no longer be `fakeip`.
This change is intended to break incorrect usage and essentially requires no action.
#### 1.8.0-alpha.7
* Fixes and improvements
2023-12-01 06:10:52 +00:00
#### 1.7.1
* Fixes and improvements
2023-12-19 11:17:44 +00:00
#### 1.8.0-alpha.6
* Fix rule-set matching logic **1**
* Fixes and improvements
**1**:
Now the rules in the `rule_set` rule item can be logically considered to be merged into the rule using rule sets,
rather than completely following the AND logic.
#### 1.8.0-alpha.5
* Parallel rule-set initialization
* Independent `source_ip_is_private` and `ip_is_private` rules **1**
**1**:
The `private` GeoIP country never existed and was actually implemented inside V2Ray.
Since GeoIP was deprecated, we made this rule independent, see [Migration](/migration/#migrate-geoip-to-rule-sets).
#### 1.8.0-alpha.1
* Migrate cache file from Clash API to independent options **1**
* Introducing [Rule Set](/configuration/rule-set/) **2**
* Add `sing-box geoip`, `sing-box geosite` and `sing-box rule-set` commands **3**
* Allow nested logical rules **4**
**1**:
See [Cache File](/configuration/experimental/cache-file/) and
[Migration](/migration/#migrate-cache-file-from-clash-api-to-independent-options).
**2**:
Rule set is independent collections of rules that can be compiled into binaries to improve performance.
Compared to legacy GeoIP and Geosite resources,
it can include more types of rules, load faster,
use less memory, and update automatically.
See [Route#rule_set](/configuration/route/#rule_set),
[Route Rule](/configuration/route/rule/),
[DNS Rule](/configuration/dns/rule/),
[Rule Set](/configuration/rule-set/),
[Source Format](/configuration/rule-set/source-format/) and
[Headless Rule](/configuration/rule-set/headless-rule/).
For GEO resources migration, see [Migrate GeoIP to rule sets](/migration/#migrate-geoip-to-rule-sets) and
[Migrate Geosite to rule sets](/migration/#migrate-geosite-to-rule-sets).
**3**:
New commands manage GeoIP, Geosite and rule set resources, and help you migrate GEO resources to rule sets.
**4**:
Logical rules in route rules, DNS rules, and the new headless rule now allow nesting of logical rules.
2024-05-25 02:08:18 +00:00
### 1.7.0
2023-11-29 13:01:28 +00:00
* Fixes and improvements
Important changes since 1.6:
2023-12-14 14:23:52 +00:00
* Add [exclude route support](/configuration/inbound/tun/) for TUN inbound
* Add `udp_disable_domain_unmapping` [inbound listen option](/configuration/shared/listen/) **1**
2023-11-29 13:01:28 +00:00
* Add [HTTPUpgrade V2Ray transport](/configuration/shared/v2ray-transport#HTTPUpgrade) support **2**
* Migrate multiplex and UoT server to inbound **3**
* Add TCP Brutal support for multiplex **4**
* Add `wifi_ssid` and `wifi_bssid` route and DNS rules **5**
* Update quic-go to v0.40.0
* Update gVisor to 20231113.0
**1**:
If enabled, for UDP proxy requests addressed to a domain,
the original packet address will be sent in the response instead of the mapped domain.
This option is used for compatibility with clients that
do not support receiving UDP packets with domain addresses, such as Surge.
**2**:
Introduced in V2Ray 5.10.0.
The new HTTPUpgrade transport has better performance than WebSocket and is better suited for CDN abuse.
**3**:
2023-12-07 14:40:18 +00:00
Starting in 1.7.0, multiplexing support is no longer enabled by default
2023-12-19 11:17:44 +00:00
and needs to be turned on explicitly in inbound
options.
2023-11-29 13:01:28 +00:00
**4**
2023-12-07 14:40:18 +00:00
Hysteria Brutal Congestion Control Algorithm in TCP. A kernel module needs to be installed on the Linux server,
2023-12-14 14:23:52 +00:00
see [TCP Brutal](/configuration/shared/tcp-brutal/) for details.
2023-11-29 13:01:28 +00:00
**5**:
Only supported in graphical clients on Android and Apple platforms.
2023-11-29 13:01:28 +00:00
#### 1.7.0-rc.3
* Fixes and improvements
2023-11-24 12:01:34 +00:00
#### 1.6.7
* macOS: Add button for uninstall SystemExtension in the standalone graphical client
* Fix missing UDP user context on TUIC/Hysteria2 inbounds
* Fixes and improvements
#### 1.7.0-rc.2
* Fix missing UDP user context on TUIC/Hysteria2 inbounds
* macOS: Add button for uninstall SystemExtension in the standalone graphical client
2023-11-20 10:44:31 +00:00
#### 1.6.6
* Fixes and improvements
#### 1.7.0-rc.1
* Fixes and improvements
#### 1.7.0-beta.5
* Update gVisor to 20231113.0
* Fixes and improvements
#### 1.7.0-beta.4
* Add `wifi_ssid` and `wifi_bssid` route and DNS rules **1**
* Fixes and improvements
**1**:
Only supported in graphical clients on Android and Apple platforms.
#### 1.7.0-beta.3
* Fix zero TTL was incorrectly reset
* Fixes and improvements
2023-11-14 12:14:01 +00:00
#### 1.6.5
* Fix crash if TUIC inbound authentication failed
* Fixes and improvements
#### 1.7.0-beta.2
* Fix crash if TUIC inbound authentication failed
* Update quic-go to v0.40.0
* Fixes and improvements
2023-11-13 05:39:30 +00:00
#### 1.6.4
* Fixes and improvements
#### 1.7.0-beta.1
* Fixes and improvements
2023-11-09 07:56:45 +00:00
#### 1.6.3
* iOS/Android: Fix profile auto update
* Fixes and improvements
#### 1.7.0-alpha.11
* iOS/Android: Fix profile auto update
* Fixes and improvements
#### 1.7.0-alpha.10
* Fix tcp-brutal not working with TLS
* Fix Android client not closing in some cases
* Fixes and improvements
2023-11-06 12:02:00 +00:00
#### 1.6.2
* Fixes and improvements
2023-11-05 08:03:39 +00:00
#### 1.6.1
2023-12-14 14:23:52 +00:00
* Our [Android client](/installation/clients/sfa/) is now available in the Google Play Store ▶️
2023-11-05 08:03:39 +00:00
* Fixes and improvements
#### 1.7.0-alpha.6
* Fixes and improvements
#### 1.7.0-alpha.4
* Migrate multiplex and UoT server to inbound **1**
* Add TCP Brutal support for multiplex **2**
**1**:
2023-12-07 14:40:18 +00:00
Starting in 1.7.0, multiplexing support is no longer enabled by default and needs to be turned on explicitly in inbound
options.
**2**
2023-12-07 14:40:18 +00:00
Hysteria Brutal Congestion Control Algorithm in TCP. A kernel module needs to be installed on the Linux server,
2023-12-14 14:23:52 +00:00
see [TCP Brutal](/configuration/shared/tcp-brutal/) for details.
#### 1.7.0-alpha.3
* Add [HTTPUpgrade V2Ray transport](/configuration/shared/v2ray-transport#HTTPUpgrade) support **1**
* Fixes and improvements
**1**:
Introduced in V2Ray 5.10.0.
The new HTTPUpgrade transport has better performance than WebSocket and is better suited for CDN abuse.
2024-05-25 02:08:18 +00:00
### 1.6.0
2023-10-25 04:00:00 +00:00
* Fixes and improvements
Important changes since 1.5:
2023-12-14 14:23:52 +00:00
* Our [Apple tvOS client](/installation/clients/sft/) is now available in the App Store 🍎
2023-10-25 04:00:00 +00:00
* Update BBR congestion control for TUIC and Hysteria2 **1**
* Update brutal congestion control for Hysteria2
* Add `brutal_debug` option for Hysteria2
* Update legacy Hysteria protocol **2**
* Add TLS self sign key pair generate command
2023-12-14 14:23:52 +00:00
* Remove [Deprecated Features](/deprecated/) by agreement
2023-10-25 04:00:00 +00:00
**1**:
None of the existing Golang BBR congestion control implementations have been reviewed or unit tested.
This update is intended to address the multi-send defects of the old implementation and may introduce new issues.
**2**
Based on discussions with the original author, the brutal CC and QUIC protocol parameters of
the old protocol (Hysteria 1) have been updated to be consistent with Hysteria 2
#### 1.7.0-alpha.2
* Fix bugs introduced in 1.7.0-alpha.1
#### 1.7.0-alpha.1
2023-12-14 14:23:52 +00:00
* Add [exclude route support](/configuration/inbound/tun/) for TUN inbound
* Add `udp_disable_domain_unmapping` [inbound listen option](/configuration/shared/listen/) **1**
* Fixes and improvements
**1**:
If enabled, for UDP proxy requests addressed to a domain,
the original packet address will be sent in the response instead of the mapped domain.
This option is used for compatibility with clients that
do not support receiving UDP packets with domain addresses, such as Surge.
2023-10-25 04:00:00 +00:00
2023-10-25 04:00:00 +00:00
#### 1.5.5
* Fix IPv6 `auto_route` for Linux **1**
* Add legacy builds for old Windows and macOS systems **2**
* Fixes and improvements
**1**:
When `auto_route` is enabled and `strict_route` is disabled, the device can now be reached from external IPv6 addresses.
**2**:
2023-12-07 14:40:18 +00:00
Built using Go 1.20, the last version that will run on
2023-12-19 11:17:44 +00:00
Windows 7, 8, Server 2008, Server 2012 and macOS 10.13 High
Sierra, 10.14 Mojave.
2023-10-25 04:00:00 +00:00
#### 1.6.0-rc.4
* Fixes and improvements
#### 1.6.0-rc.1
* Add legacy builds for old Windows and macOS systems **1**
* Fixes and improvements
**1**:
2023-12-07 14:40:18 +00:00
Built using Go 1.20, the last version that will run on
2023-12-19 11:17:44 +00:00
Windows 7, 8, Server 2008, Server 2012 and macOS 10.13 High
Sierra, 10.14 Mojave.
2023-10-25 04:00:00 +00:00
#### 1.6.0-beta.4
* Fix IPv6 `auto_route` for Linux **1**
* Fixes and improvements
**1**:
When `auto_route` is enabled and `strict_route` is disabled, the device can now be reached from external IPv6 addresses.
2023-10-21 04:00:00 +00:00
#### 1.5.4
* Fix Clash cache crash on arm32 devices
* Fixes and improvements
2023-10-25 04:00:00 +00:00
#### 1.6.0-beta.3
* Update the legacy Hysteria protocol **1**
* Fixes and improvements
**1**
Based on discussions with the original author, the brutal CC and QUIC protocol parameters of
the old protocol (Hysteria 1) have been updated to be consistent with Hysteria 2
#### 1.6.0-beta.2
* Add TLS self sign key pair generate command
* Update brutal congestion control for Hysteria2
* Fix Clash cache crash on arm32 devices
* Update golang.org/x/net to v0.17.0
* Fixes and improvements
#### 1.6.0-beta.3
* Update the legacy Hysteria protocol **1**
* Fixes and improvements
**1**
2023-10-25 04:00:00 +00:00
Based on discussions with the original author, the brutal CC and QUIC protocol parameters of
the old protocol (Hysteria 1) have been updated to be consistent with Hysteria 2
#### 1.6.0-beta.2
* Add TLS self sign key pair generate command
* Update brutal congestion control for Hysteria2
* Fix Clash cache crash on arm32 devices
* Update golang.org/x/net to v0.17.0
* Fixes and improvements
2023-10-10 07:12:13 +00:00
#### 1.5.3
* Fix compatibility with Android 14
* Fixes and improvements
2023-10-25 04:00:00 +00:00
#### 1.6.0-beta.1
* Fixes and improvements
#### 1.6.0-alpha.5
* Fix compatibility with Android 14
* Update BBR congestion control for TUIC and Hysteria2 **1**
* Fixes and improvements
**1**:
None of the existing Golang BBR congestion control implementations have been reviewed or unit tested.
This update is intended to fix a memory leak flaw in the new implementation introduced in 1.6.0-alpha.1 and may
introduce new issues.
#### 1.6.0-alpha.4
* Add `brutal_debug` option for Hysteria2
* Fixes and improvements
2023-10-06 09:10:53 +00:00
#### 1.5.2
2023-12-14 14:23:52 +00:00
* Our [Apple tvOS client](/installation/clients/sft/) is now available in the App Store 🍎
2023-10-06 09:10:53 +00:00
* Fixes and improvements
2023-10-25 04:00:00 +00:00
#### 1.6.0-alpha.3
* Fixes and improvements
#### 1.6.0-alpha.2
* Fixes and improvements
2023-09-30 15:03:07 +00:00
#### 1.5.1
* Fixes and improvements
2023-10-25 04:00:00 +00:00
#### 1.6.0-alpha.1
* Update BBR congestion control for TUIC and Hysteria2 **1**
* Update quic-go to v0.39.0
* Update gVisor to 20230814.0
2023-12-14 14:23:52 +00:00
* Remove [Deprecated Features](/deprecated/) by agreement
2023-10-25 04:00:00 +00:00
* Fixes and improvements
**1**:
None of the existing Golang BBR congestion control implementations have been reviewed or unit tested.
This update is intended to address the multi-send defects of the old implementation and may introduce new issues.
2024-05-25 02:08:18 +00:00
### 1.5.0
2023-09-28 08:02:54 +00:00
* Fixes and improvements
Important changes since 1.4:
2023-12-14 14:23:52 +00:00
* Add TLS [ECH server](/configuration/shared/tls/) support
2023-09-28 08:02:54 +00:00
* Improve TLS TCH client configuration
* Add TLS ECH key pair generator **1**
* Add TLS ECH support for QUIC based protocols **2**
* Add KDE support for the `set_system_proxy` option in HTTP inbound
* Add Hysteria2 protocol support **3**
* Add `interrupt_exist_connections` option for `Selector` and `URLTest` outbounds **4**
* Add DNS01 challenge support for ACME TLS certificate issuer **5**
* Add `merge` command **6**
2023-12-14 14:23:52 +00:00
* Mark [Deprecated Features](/deprecated/)
2023-09-28 08:02:54 +00:00
**1**:
Command: `sing-box generate ech-keypair <plain_server_name> [--pq-signature-schemes-enabled]`
**2**:
All inbounds and outbounds are supported, including `Naiveproxy`, `Hysteria[/2]`, `TUIC` and `V2ray QUIC transport`.
**3**:
2023-12-14 14:23:52 +00:00
See [Hysteria2 inbound](/configuration/inbound/hysteria2/) and [Hysteria2 outbound](/configuration/outbound/hysteria2/)
2023-09-28 08:02:54 +00:00
For protocol description, please refer to [https://v2.hysteria.network](https://v2.hysteria.network)
**4**:
Interrupt existing connections when the selected outbound has changed.
Only inbound connections are affected by this setting, internal connections will always be interrupted.
**5**:
Only `Alibaba Cloud DNS` and `Cloudflare` are supported, see [ACME Fields](/configuration/shared/tls#acme-fields)
2023-12-14 14:23:52 +00:00
and [DNS01 Challenge Fields](/configuration/shared/dns01_challenge/).
2023-09-28 08:02:54 +00:00
**6**:
This command also parses path resources that appear in the configuration file and replaces them with embedded
configuration, such as TLS certificates or SSH private keys.
2023-09-27 05:18:03 +00:00
#### 1.5.0-rc.6
* Fixes and improvements
#### 1.4.6
* Fixes and improvements
2023-09-25 10:03:53 +00:00
#### 1.5.0-rc.5
* Fixed an improper authentication vulnerability in the SOCKS5 inbound
* Fixes and improvements
**Security Advisory**
This update fixes an improper authentication vulnerability in the sing-box SOCKS inbound. This vulnerability allows an
attacker to craft special requests to bypass user authentication. All users exposing SOCKS servers with user
authentication in an insecure environment are advised to update immediately.
此更新修复了 sing-box SOCKS 入站中的一个不正确身份验证漏洞。 该漏洞允许攻击者制作特殊请求来绕过用户身份验证。建议所有将使用用户认证的
SOCKS 服务器暴露在不安全环境下的用户立更新。
#### 1.4.5
* Fixed an improper authentication vulnerability in the SOCKS5 inbound
* Fixes and improvements
**Security Advisory**
This update fixes an improper authentication vulnerability in the sing-box SOCKS inbound. This vulnerability allows an
attacker to craft special requests to bypass user authentication. All users exposing SOCKS servers with user
authentication in an insecure environment are advised to update immediately.
此更新修复了 sing-box SOCKS 入站中的一个不正确身份验证漏洞。 该漏洞允许攻击者制作特殊请求来绕过用户身份验证。建议所有将使用用户认证的
SOCKS 服务器暴露在不安全环境下的用户立更新。
2023-09-23 12:32:29 +00:00
#### 1.5.0-rc.3
2023-09-20 06:14:47 +00:00
* Fixes and improvements
2023-09-19 11:59:29 +00:00
#### 1.5.0-beta.12
* Add `merge` command **1**
* Fixes and improvements
**1**:
This command also parses path resources that appear in the configuration file and replaces them with embedded
configuration, such as TLS certificates or SSH private keys.
```
2023-09-23 12:32:29 +00:00
Merge configurations
2023-09-19 11:59:29 +00:00
Usage:
sing-box merge [output] [flags]
Flags:
-h, --help help for merge
Global Flags:
-c, --config stringArray set configuration file path
-C, --config-directory stringArray set configuration directory path
-D, --directory string set working directory
--disable-color disable color output
```
2023-09-16 15:45:40 +00:00
#### 1.5.0-beta.11
* Add DNS01 challenge support for ACME TLS certificate issuer **1**
* Fixes and improvements
**1**:
Only `Alibaba Cloud DNS` and `Cloudflare` are supported,
see [ACME Fields](/configuration/shared/tls#acme-fields)
2023-12-14 14:23:52 +00:00
and [DNS01 Challenge Fields](/configuration/shared/dns01_challenge/).
2023-09-16 15:45:40 +00:00
#### 1.5.0-beta.10
* Add `interrupt_exist_connections` option for `Selector` and `URLTest` outbounds **1**
* Fixes and improvements
**1**:
Interrupt existing connections when the selected outbound has changed.
Only inbound connections are affected by this setting, internal connections will always be interrupted.
#### 1.4.3
* Fixes and improvements
2023-09-09 14:46:20 +00:00
#### 1.5.0-beta.8
* Fixes and improvements
#### 1.4.2
* Fixes and improvements
#### 1.5.0-beta.6
* Fix compatibility issues with official Hysteria2 server and client
* Fixes and improvements
2023-12-14 14:23:52 +00:00
* Mark [deprecated features](/deprecated/)
2023-09-09 14:46:20 +00:00
#### 1.5.0-beta.3
* Fixes and improvements
* Updated Hysteria2 documentation **1**
**1**:
Added notes indicating compatibility issues with the official
Hysteria2 server and client when using `fastOpen=false` or UDP MTU >= 1200.
#### 1.5.0-beta.2
* Add hysteria2 protocol support **1**
* Fixes and improvements
**1**:
2023-12-14 14:23:52 +00:00
See [Hysteria2 inbound](/configuration/inbound/hysteria2/) and [Hysteria2 outbound](/configuration/outbound/hysteria2/)
2023-09-09 14:46:20 +00:00
For protocol description, please refer to [https://v2.hysteria.network](https://v2.hysteria.network)
#### 1.5.0-beta.1
2023-12-14 14:23:52 +00:00
* Add TLS [ECH server](/configuration/shared/tls/) support
2023-09-09 14:46:20 +00:00
* Improve TLS TCH client configuration
* Add TLS ECH key pair generator **1**
* Add TLS ECH support for QUIC based protocols **2**
* Add KDE support for the `set_system_proxy` option in HTTP inbound
**1**:
2023-09-28 08:02:54 +00:00
Command: `sing-box generate ech-keypair <plain_server_name> [--pq-signature-schemes-enabled]`
2023-09-09 14:46:20 +00:00
**2**:
All inbounds and outbounds are supported, including `Naiveproxy`, `Hysteria`, `TUIC` and `V2ray QUIC transport`.
2023-08-31 06:03:52 +00:00
#### 1.4.1
* Fixes and improvements
2024-05-25 02:08:18 +00:00
### 1.4.0
2023-08-26 12:47:19 +00:00
* Fix bugs and update dependencies
Important changes since 1.3:
* Add TUIC support **1**
* Add `udp_over_stream` option for TUIC client **2**
* Add MultiPath TCP support **3**
* Add `include_interface` and `exclude_interface` options for tun inbound
* Pause recurring tasks when no network or device idle
* Improve Android and Apple platform clients
*1*:
2023-12-14 14:23:52 +00:00
See [TUIC inbound](/configuration/inbound/tuic/)
and [TUIC outbound](/configuration/outbound/tuic/)
2023-08-26 12:47:19 +00:00
**2**:
2023-12-14 14:23:52 +00:00
This is the TUIC port of the [UDP over TCP protocol](/configuration/shared/udp-over-tcp/), designed to provide a QUIC
2023-08-26 12:47:19 +00:00
stream based UDP relay mode that TUIC does not provide. Since it is an add-on protocol, you will need to use sing-box or
another program compatible with the protocol as a server.
This mode has no positive effect in a proper UDP proxy scenario and should only be applied to relay streaming UDP
traffic (basically QUIC streams).
*3*:
Requires sing-box to be compiled with Go 1.21.
2023-08-25 12:33:16 +00:00
#### 1.4.0-rc.3
* Fixes and improvements
#### 1.4.0-rc.2
* Fixes and improvements
2023-08-21 10:24:31 +00:00
#### 1.4.0-rc.1
* Fix TUIC UDP
2023-08-20 06:15:11 +00:00
#### 1.4.0-beta.6
* Add `udp_over_stream` option for TUIC client **1**
* Add `include_interface` and `exclude_interface` options for tun inbound
* Fixes and improvements
**1**:
2023-12-14 14:23:52 +00:00
This is the TUIC port of the [UDP over TCP protocol](/configuration/shared/udp-over-tcp/), designed to provide a QUIC
2023-08-20 06:15:11 +00:00
stream based UDP relay mode that TUIC does not provide. Since it is an add-on protocol, you will need to use sing-box or
another program compatible with the protocol as a server.
This mode has no positive effect in a proper UDP proxy scenario and should only be applied to relay streaming UDP
traffic (basically QUIC streams).
#### 1.4.0-beta.5
* Fixes and improvements
#### 1.4.0-beta.4
* Graphical clients: Persistence group expansion state
* Fixes and improvements
#### 1.4.0-beta.3
* Fixes and improvements
#### 1.4.0-beta.2
* Add MultiPath TCP support **1**
* Drop QUIC support for Go 1.18 and 1.19 due to upstream changes
* Fixes and improvements
*1*:
Requires sing-box to be compiled with Go 1.21.
#### 1.4.0-beta.1
* Add TUIC support **1**
* Pause recurring tasks when no network or device idle
* Fixes and improvements
*1*:
2023-12-14 14:23:52 +00:00
See [TUIC inbound](/configuration/inbound/tuic/)
and [TUIC outbound](/configuration/outbound/tuic/)
2023-08-20 06:15:11 +00:00
2023-08-05 13:36:46 +00:00
#### 1.3.6
* Fixes and improvements
2023-07-31 01:41:42 +00:00
#### 1.3.5
* Fixes and improvements
2023-12-14 14:23:52 +00:00
* Introducing our [Apple tvOS](/installation/clients/sft/) client applications **1**
2023-07-31 01:41:42 +00:00
* Add per app proxy and app installed/updated trigger support for Android client
* Add profile sharing support for Android/iOS/macOS clients
**1**:
2023-08-20 06:15:11 +00:00
Due to the requirement of tvOS 17, the app cannot be submitted to the App Store for the time being, and can only be
downloaded through TestFlight.
2023-07-31 01:41:42 +00:00
2023-07-25 00:29:27 +00:00
#### 1.3.4
* Fixes and improvements
2023-08-20 06:15:11 +00:00
* We're now on the [App Store](https://apps.apple.com/us/app/sing-box/id6451272673), always free! It should be noted
that due to stricter and slower review, the release of Store versions will be delayed.
* We've made a standalone version of the macOS client (the original Application Extension relies on App Store
distribution), which you can download as SFM-version-universal.zip in the release artifacts.
2023-07-25 00:29:27 +00:00
2023-07-24 08:53:10 +00:00
#### 1.3.3
* Fixes and improvements
2023-07-19 06:45:35 +00:00
#### 1.3.1-rc.1
* Fix bugs and update dependencies
2023-07-11 07:45:26 +00:00
#### 1.3.1-beta.3
2023-12-19 11:17:44 +00:00
* Introducing our [new iOS](/installation/clients/sfi/) and [macOS](/installation/clients/sfm/) client applications **1
**
2023-07-11 07:45:26 +00:00
* Fixes and improvements
**1**:
The old testflight link and app are no longer valid.
2023-07-08 23:54:08 +00:00
#### 1.3.1-beta.2
* Fix bugs and update dependencies
2023-07-07 06:23:45 +00:00
#### 1.3.1-beta.1
* Fixes and improvements
2024-05-25 02:08:18 +00:00
### 1.3.0
2023-06-26 11:38:47 +00:00
* Fix bugs and update dependencies
Important changes since 1.2:
2023-12-14 14:23:52 +00:00
* Add [FakeIP](/configuration/dns/fakeip/) support **1**
2023-06-26 11:38:47 +00:00
* Improve multiplex **2**
* Add [DNS reverse mapping](/configuration/dns#reverse_mapping) support
* Add `rewrite_ttl` DNS rule action
* Add `store_fakeip` Clash API option
* Add multi-peer support for [WireGuard](/configuration/outbound/wireguard#peers) outbound
* Add loopback detect
* Add Clash.Meta API compatibility for Clash API
* Download Yacd-meta by default if the specified Clash `external_ui` directory is empty
* Add path and headers option for HTTP outbound
* Perform URLTest recheck after network changes
* Fix `system` tun stack for ios
* Fix network monitor for android/ios
* Update VLESS and XUDP protocol
* Make splice work with traffic statistics systems like Clash API
* Significantly reduces memory usage of idle connections
* Improve DNS caching
* Add `independent_cache` [option](/configuration/dns#independent_cache) for DNS
* Reimplemented shadowsocks client
* Add multiplex support for VLESS outbound
* Automatically add Windows firewall rules in order for the system tun stack to work
* Fix TLS 1.2 support for shadow-tls client
* Add `cache_id` [option](/configuration/experimental#cache_id) for Clash cache file
* Fix `local` DNS transport for Android
*1*:
2023-12-14 14:23:52 +00:00
See [FAQ](/faq/fakeip/) for more information.
2023-06-26 11:38:47 +00:00
*2*:
2023-12-14 14:23:52 +00:00
Added new `h2mux` multiplex protocol and `padding` multiplex option, see [Multiplex](/configuration/shared/multiplex/).
2023-06-26 11:38:47 +00:00
2023-06-19 05:31:38 +00:00
#### 1.3-rc2
* Fix `local` DNS transport for Android
* Fix bugs and update dependencies
2023-06-17 04:21:18 +00:00
#### 1.3-rc1
* Fix bugs and update dependencies
2023-06-14 08:28:44 +00:00
#### 1.3-beta14
* Fixes and improvements
2023-06-07 13:10:01 +00:00
#### 1.3-beta13
2023-05-19 07:47:10 +00:00
2023-06-07 13:10:01 +00:00
* Fix resolving fakeip domains **1**
* Deprecate L3 routing
2023-05-19 07:47:10 +00:00
* Fix bugs and update dependencies
2023-06-07 13:10:01 +00:00
**1**:
If the destination address of the connection is obtained from fakeip, dns rules with server type fakeip will be skipped.
#### 1.3-beta12
* Automatically add Windows firewall rules in order for the system tun stack to work
* Fix TLS 1.2 support for shadow-tls client
* Add `cache_id` [option](/configuration/experimental#cache_id) for Clash cache file
* Fixes and improvements
#### 1.3-beta11
* Fix bugs and update dependencies
#### 1.3-beta10
* Improve direct copy **1**
* Improve DNS caching
* Add `independent_cache` [option](/configuration/dns#independent_cache) for DNS
* Reimplemented shadowsocks client **2**
* Add multiplex support for VLESS outbound
* Set TCP keepalive for WireGuard gVisor TCP connections
* Fixes and improvements
**1**:
* Make splice work with traffic statistics systems like Clash API
* Significantly reduces memory usage of idle connections
**2**:
Improved performance and reduced memory usage.
#### 1.3-beta9
* Improve multiplex **1**
* Fixes and improvements
*1*:
2023-12-14 14:23:52 +00:00
Added new `h2mux` multiplex protocol and `padding` multiplex option, see [Multiplex](/configuration/shared/multiplex/).
2023-06-07 13:10:01 +00:00
2023-04-21 09:51:23 +00:00
#### 1.2.6
2023-04-16 08:16:03 +00:00
2023-04-21 09:51:23 +00:00
* Fix bugs and update dependencies
2023-04-16 08:16:03 +00:00
2023-06-07 13:10:01 +00:00
#### 1.3-beta8
* Fix `system` tun stack for ios
* Fix network monitor for android/ios
* Update VLESS and XUDP protocol **1**
* Fixes and improvements
*1:
This is an incompatible update for XUDP in VLESS if vision flow is enabled.
#### 1.3-beta7
* Add `path` and `headers` options for HTTP outbound
* Add multi-user support for Shadowsocks legacy AEAD inbound
* Fixes and improvements
#### 1.2.4
* Fixes and improvements
#### 1.3-beta6
* Fix WireGuard reconnect
* Perform URLTest recheck after network changes
* Fix bugs and update dependencies
#### 1.3-beta5
* Add Clash.Meta API compatibility for Clash API
* Download Yacd-meta by default if the specified Clash `external_ui` directory is empty
* Add path and headers option for HTTP outbound
* Fixes and improvements
#### 1.3-beta4
* Fix bugs
#### 1.3-beta2
* Download clash-dashboard if the specified Clash `external_ui` directory is empty
* Fix bugs and update dependencies
#### 1.3-beta1
* Add [DNS reverse mapping](/configuration/dns#reverse_mapping) support
2023-12-14 14:23:52 +00:00
* Add [L3 routing](/configuration/route/ip-rule/) support **1**
2023-06-07 13:10:01 +00:00
* Add `rewrite_ttl` DNS rule action
2023-12-14 14:23:52 +00:00
* Add [FakeIP](/configuration/dns/fakeip/) support **2**
2023-06-07 13:10:01 +00:00
* Add `store_fakeip` Clash API option
* Add multi-peer support for [WireGuard](/configuration/outbound/wireguard#peers) outbound
* Add loopback detect
*1*:
2023-12-14 14:23:52 +00:00
It can currently be used to [route connections directly to WireGuard](/examples/wireguard-direct/) or block connections
2023-06-07 13:10:01 +00:00
at the IP layer.
*2*:
2023-12-14 14:23:52 +00:00
See [FAQ](/faq/fakeip/) for more information.
2023-06-07 13:10:01 +00:00
2023-04-07 11:17:36 +00:00
#### 1.2.3
2023-12-14 14:23:52 +00:00
* Introducing our [new Android client application](/installation/clients/sfa/)
2023-04-07 11:17:36 +00:00
* Improve UDP domain destination NAT
* Update reality protocol
* Fix TTL calculation for DNS response
* Fix v2ray HTTP transport compatibility
* Fix bugs and update dependencies
2023-03-31 08:29:08 +00:00
#### 1.2.2
* Accept `any` outbound in dns rule **1**
* Fix bugs and update dependencies
*1*:
2023-04-07 11:17:36 +00:00
Now you can use the `any` outbound rule to match server address queries instead of filling in all server domains
to `domain` rule.
2023-03-31 08:29:08 +00:00
2023-03-27 00:20:10 +00:00
#### 1.2.1
* Fix missing default host in v2ray http transport`s request
* Flush DNS cache for macOS when tun start/close
* Fix tun's DNS hijacking compatibility with systemd-resolved
2024-05-25 02:08:18 +00:00
### 1.2.0
2023-03-24 00:04:36 +00:00
* Fix bugs and update dependencies
Important changes since 1.1:
2023-12-14 14:23:52 +00:00
* Introducing our [new iOS client application](/installation/clients/sfi/)
* Introducing [UDP over TCP protocol version 2](/configuration/shared/udp-over-tcp/)
2023-03-24 00:04:36 +00:00
* Add [platform options](/configuration/inbound/tun#platform) for tun inbound
* Add [ShadowTLS protocol v3](https://github.com/ihciah/shadow-tls/blob/master/docs/protocol-v3-en.md)
2023-12-14 14:23:52 +00:00
* Add [VLESS server](/configuration/inbound/vless/) and [vision](/configuration/outbound/vless#flow) support
* Add [reality TLS](/configuration/shared/tls/) support
* Add [NTP service](/configuration/ntp/)
* Add [DHCP DNS server](/configuration/dns/server/) support
* Add SSH [host key validation](/configuration/outbound/ssh/) support
* Add [query_type](/configuration/dns/rule/) DNS rule item
2023-03-24 00:04:36 +00:00
* Add fallback support for v2ray transport
* Add custom TLS server support for http based v2ray transports
* Add health check support for http-based v2ray transports
* Add multiple configuration support
2023-03-22 23:54:24 +00:00
#### 1.2-rc1
* Fix bugs and update dependencies
2023-03-20 09:32:59 +00:00
#### 1.2-beta10
* Add multiple configuration support **1**
* Fix bugs and update dependencies
*1*:
2023-03-22 23:54:24 +00:00
Now you can pass the parameter `--config` or `-c` multiple times, or use the new parameter `--config-directory` or `-C`
to load all configuration files in a directory.
2023-03-20 09:32:59 +00:00
2023-03-22 23:54:24 +00:00
Loaded configuration files are sorted by name. If you want to control the merge order, add a numeric prefix to the file
name.
2023-03-20 09:32:59 +00:00
2023-03-17 07:40:41 +00:00
#### 1.1.7
* Improve the stability of the VMESS server
* Fix `auto_detect_interface` incorrectly identifying the default interface on Windows
* Fix bugs and update dependencies
2023-03-17 05:00:09 +00:00
#### 1.2-beta9
2023-12-14 14:23:52 +00:00
* Introducing the [UDP over TCP protocol version 2](/configuration/shared/udp-over-tcp/)
2023-03-17 05:00:09 +00:00
* Add health check support for http-based v2ray transports
* Remove length limit on short_id for reality TLS config
* Fix bugs and update dependencies
2023-03-09 15:16:38 +00:00
#### 1.2-beta8
* Update reality and uTLS libraries
* Fix `auto_detect_interface` incorrectly identifying the default interface on Windows
2023-03-08 06:51:52 +00:00
#### 1.2-beta7
* Fix the compatibility issue between VLESS's vision sub-protocol and the Xray-core client
* Improve the stability of the VMESS server
2023-03-05 13:48:36 +00:00
#### 1.2-beta6
2023-12-14 14:23:52 +00:00
* Introducing our [new iOS client application](/installation/clients/sfi/)
2023-03-05 13:48:36 +00:00
* Add [platform options](/configuration/inbound/tun#platform) for tun inbound
* Add custom TLS server support for http based v2ray transports
* Add generate commands
* Enable XUDP by default in VLESS
* Update reality server
* Update vision protocol
* Fixed [user flow in vless server](/configuration/inbound/vless#usersflow)
* Bug fixes
* Update dependencies
2023-02-25 08:23:51 +00:00
#### 1.2-beta5
2023-12-14 14:23:52 +00:00
* Add [VLESS server](/configuration/inbound/vless/) and [vision](/configuration/outbound/vless#flow) support
* Add [reality TLS](/configuration/shared/tls/) support
2023-02-25 08:23:51 +00:00
* Fix match private address
2023-02-22 03:24:51 +00:00
#### 1.1.6
* Improve vmess request
* Fix ipv6 redirect on Linux
* Fix match geoip private
* Fix parse hysteria UDP message
* Fix socks connect response
* Disable vmess header protection if transport enabled
* Update QUIC v2 version number and initial salt
2023-02-21 12:20:17 +00:00
#### 1.2-beta4
2023-12-14 14:23:52 +00:00
* Add [NTP service](/configuration/ntp/)
2023-02-21 12:20:17 +00:00
* Add Add multiple server names and multi-user support for shadowtls
* Add strict mode support for shadowtls v3
2023-02-21 13:18:43 +00:00
* Add uTLS support for shadowtls v3
2023-02-21 12:20:17 +00:00
2023-02-19 09:44:43 +00:00
#### 1.2-beta3
* Update QUIC v2 version number and initial salt
* Fix shadowtls v3 implementation
2023-02-18 07:02:27 +00:00
#### 1.2-beta2
* Add [ShadowTLS protocol v3](https://github.com/ihciah/shadow-tls/blob/master/docs/protocol-v3-en.md)
* Add fallback support for v2ray transport
* Fix parse hysteria UDP message
* Fix socks connect response
* Disable vmess header protection if transport enabled
2023-02-08 09:18:18 +00:00
#### 1.2-beta1
2023-12-14 14:23:52 +00:00
* Add [DHCP DNS server](/configuration/dns/server/) support
* Add SSH [host key validation](/configuration/outbound/ssh/) support
* Add [query_type](/configuration/dns/rule/) DNS rule item
2023-02-08 09:18:18 +00:00
* Add v2ray [user stats](/configuration/experimental#statsusers) api
* Add new clash DNS query api
* Improve vmess request
* Fix ipv6 redirect on Linux
* Fix match geoip private
2023-02-02 08:11:29 +00:00
#### 1.1.5
* Add Go 1.20 support
* Fix inbound default DF value
* Fix auth_user route for naive inbound
* Fix gRPC lite header
* Ignore domain case in route rules
2023-01-14 08:01:07 +00:00
#### 1.1.4
* Fix DNS log
* Fix write to h2 conn after closed
* Fix create UDP DNS transport from plain IPv6 address
2023-01-03 02:53:38 +00:00
#### 1.1.2
* Fix http proxy auth
* Fix user from stream packet conn
* Fix DNS response TTL
* Fix override packet conn
* Skip override system proxy bypass list
* Improve DNS log
2022-12-11 06:40:03 +00:00
#### 1.1.1
* Fix acme config
* Fix vmess packet conn
* Suppress quic-go set DF error
2022-12-03 05:31:25 +00:00
#### 1.1
* Fix close clash cache
Important changes since 1.0:
* Add support for use with android VPNService
* Add tun support for WireGuard outbound
* Add system tun stack
* Add comment filter for config
* Add option for allow optional proxy protocol header
* Add Clash mode and persistence support
* Add TLS ECH and uTLS support for outbound TLS options
* Add internal simple-obfs and v2ray-plugin
* Add ShadowsocksR outbound
* Add VLESS outbound and XUDP
* Skip wait for hysteria tcp handshake response
* Add v2ray mux support for all inbound
2023-03-17 05:00:09 +00:00
* Add XUDP support for VMess
2022-12-03 05:31:25 +00:00
* Improve websocket writer
* Refine tproxy write back
* Fix DNS leak caused by
Windows' ordinary multihomed DNS resolution behavior
* Add sniff_timeout listen option
* Add custom route support for tun
* Add option for custom wireguard reserved bytes
* Split bind_address into ipv4 and ipv6
* Add ShadowTLS v1 and v2 support
2022-11-28 04:52:12 +00:00
#### 1.1-rc1
* Fix TLS config for h2 server
* Fix crash when input bad method in shadowsocks multi-user inbound
* Fix listen UDP
* Fix check invalid packet on macOS
2022-11-25 14:49:30 +00:00
#### 1.1-beta18
2022-11-26 03:06:57 +00:00
* Enhance defense against active probe for shadowtls server **1**
2022-11-25 14:49:30 +00:00
**1**:
The `fallback_after` option has been removed.
2022-11-21 13:12:11 +00:00
#### 1.1-beta17
* Fix shadowtls server **1**
*1*:
2022-11-25 14:49:30 +00:00
Added [fallback_after](/configuration/inbound/shadowtls#fallback_after) option.
2022-11-21 13:12:11 +00:00
2022-11-21 06:57:22 +00:00
#### 1.0.7
* Add support for new x/h2 deadline
* Fix copy pipe
* Fix decrypt xplus packet
* Fix macOS Ventura process name match
* Fix smux keepalive
* Fix vmess request buffer
* Fix h2c transport
* Fix tor geoip
* Fix udp connect for mux client
* Fix default dns transport strategy
2022-11-15 12:29:33 +00:00
#### 1.1-beta16
* Improve shadowtls server
* Fix default dns transport strategy
* Update uTLS to v1.2.0
2022-11-09 03:49:01 +00:00
#### 1.1-beta15
* Add support for new x/h2 deadline
* Fix udp connect for mux client
* Fix dns buffer
* Fix quic dns retry
2022-11-15 12:29:33 +00:00
* Fix create TLS config
2022-11-09 03:49:01 +00:00
* Fix websocket alpn
* Fix tor geoip
2022-11-09 03:40:36 +00:00
#### 1.1-beta14
* Add multi-user support for hysteria inbound **1**
* Add custom tls client support for std grpc
* Fix smux keep alive
* Fix vmess request buffer
* Fix default local DNS server behavior
* Fix h2c transport
*1*:
The `auth` and `auth_str` fields have been replaced by the `users` field.
2022-11-03 04:07:16 +00:00
#### 1.1-beta13
* Add custom worker count option for WireGuard outbound
2022-11-03 04:07:16 +00:00
* Split bind_address into ipv4 and ipv6
* Move WFP manipulation to strict route
2022-11-03 04:07:16 +00:00
* Fix WireGuard outbound panic when close
* Fix macOS Ventura process name match
2022-11-08 05:31:55 +00:00
* Fix QUIC connection migration by @HyNetwork
* Fix handling QUIC client SNI by @HyNetwork
2022-11-03 04:07:16 +00:00
2022-10-31 05:56:51 +00:00
#### 1.1-beta12
* Fix uTLS config
* Update quic-go to v0.30.0
* Update cloudflare-tls to go1.18.7
2022-10-25 13:26:28 +00:00
#### 1.1-beta11
2022-10-29 10:00:05 +00:00
* Add option for custom wireguard reserved bytes
2022-10-25 13:26:28 +00:00
* Fix shadowtls v2
* Fix h3 dns transport
* Fix copy pipe
2022-10-29 10:00:05 +00:00
* Fix decrypt xplus packet
* Fix v2ray api
* Suppress no network error
* Improve local dns transport
2022-10-25 13:26:28 +00:00
2022-10-19 02:43:59 +00:00
#### 1.1-beta10
* Add [sniff_timeout](/configuration/shared/listen#sniff_timeout) listen option
* Add [custom route](/configuration/inbound/tun#inet4_route_address) support for tun **1**
* Fix interface monitor
* Fix websocket headroom
* Fix uTLS handshake
* Fix ssh outbound
* Fix sniff fragmented quic client hello
* Fix DF for hysteria
* Fix naive overflow
* Check destination before udp connect
* Update uTLS to v1.1.5
* Update tfo-go to v2.0.2
* Update fsnotify to v1.6.0
* Update grpc to v1.50.1
*1*:
The `strict_route` on windows is removed.
#### 1.0.6
* Fix ssh outbound
* Fix sniff fragmented quic client hello
* Fix naive overflow
* Check destination before udp connect
2022-10-01 03:48:46 +00:00
#### 1.1-beta9
2022-10-06 14:51:51 +00:00
* Fix windows route **1**
* Add [v2ray statistics api](/configuration/experimental#v2ray-api-fields)
* Add ShadowTLS v2 support **2**
* Fixes and improvements
2022-10-01 03:48:46 +00:00
**1**:
* Fix DNS leak caused by
Windows' [ordinary multihomed DNS resolution behavior](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd197552%28v%3Dws.10%29)
* Flush Windows DNS cache when start/close
2022-10-06 14:51:51 +00:00
**2**:
See [ShadowTLS inbound](/configuration/inbound/shadowtls#version)
and [ShadowTLS outbound](/configuration/outbound/shadowtls#version)
2022-10-06 14:51:51 +00:00
2022-09-25 08:23:30 +00:00
#### 1.1-beta8
* Fix leaks on close
* Improve websocket writer
* Refine tproxy write back
* Refine 4in6 processing
* Fix shadowsocks plugins
* Fix missing source address from transport connection
* Fix fqdn socks5 outbound connection
* Fix read source address from grpc-go
#### 1.0.5
* Fix missing source address from transport connection
* Fix fqdn socks5 outbound connection
* Fix read source address from grpc-go
2022-09-23 02:30:07 +00:00
#### 1.1-beta7
* Add v2ray mux and XUDP support for VMess inbound
* Add XUDP support for VMess outbound
* Disable DF on direct outbound by default
* Fix bugs in 1.1-beta6
2022-09-16 07:48:31 +00:00
#### 1.1-beta6
2023-12-14 14:23:52 +00:00
* Add [URLTest outbound](/configuration/outbound/urltest/)
2022-09-16 07:48:31 +00:00
* Fix bugs in 1.1-beta5
2022-09-15 05:25:51 +00:00
#### 1.1-beta5
* Print tags in version command
* Redirect clash hello to external ui
* Move shadowsocksr implementation to clash
* Make gVisor optional **1**
* Refactor to miekg/dns
* Refactor bind control
* Fix build on go1.18
* Fix clash store-selected
* Fix close grpc conn
* Fix port rule match logic
* Fix clash api proxy type
*1*:
The build tag `no_gvisor` is replaced by `with_gvisor`.
The default tun stack is changed to system.
#### 1.0.4
* Fix close grpc conn
* Fix port rule match logic
* Fix clash api proxy type
2022-09-13 03:24:33 +00:00
#### 1.1-beta4
* Add internal simple-obfs and v2ray-plugin [Shadowsocks plugins](/configuration/outbound/shadowsocks#plugin)
2023-12-14 14:23:52 +00:00
* Add [ShadowsocksR outbound](/configuration/outbound/shadowsocksr/)
* Add [VLESS outbound and XUDP](/configuration/outbound/vless/)
2022-09-13 03:24:33 +00:00
* Skip wait for hysteria tcp handshake response
* Fix socks4 client
* Fix hysteria inbound
* Fix concurrent write
#### 1.0.3
* Fix socks4 client
* Fix hysteria inbound
* Fix concurrent write
2022-09-11 02:57:51 +00:00
#### 1.1-beta3
* Fix using custom TLS client in http2 client
* Fix bugs in 1.1-beta2
2022-09-10 14:42:20 +00:00
#### 1.1-beta2
* Add Clash mode and persistence support **1**
* Add TLS ECH and uTLS support for outbound TLS options **2**
* Fix socks4 request
* Fix processing empty dns result
*1*:
Switching modes using the Clash API, and `store-selected` are now supported,
2023-12-14 14:23:52 +00:00
see [Experimental](/configuration/experimental/).
2022-09-10 14:42:20 +00:00
*2*:
ECH (Encrypted Client Hello) is a TLS extension that allows a client to encrypt the first part of its ClientHello
message, see [TLS#ECH](/configuration/shared/tls#ech).
uTLS is a fork of "crypto/tls", which provides ClientHello fingerprinting resistance,
see [TLS#uTLS](/configuration/shared/tls#utls).
#### 1.0.2
* Fix socks4 request
* Fix processing empty dns result
2022-09-09 07:40:35 +00:00
#### 1.1-beta1
* Add support for use with android VPNService **1**
* Add tun support for WireGuard outbound **2**
* Add system tun stack **3**
* Add comment filter for config **4**
* Add option for allow optional proxy protocol header
* Add half close for smux
* Set UDP DF by default **5**
* Set default tun mtu to 9000
* Update gVisor to 20220905.0
*1*:
In previous versions, Android VPN would not work with tun enabled.
The usage of tun over VPN and VPN over tun is now supported, see [Tun Inbound](/configuration/inbound/tun#auto_route).
*2*:
In previous releases, WireGuard outbound support was backed by the lower performance gVisor virtual interface.
It achieves the same performance as wireguard-go by providing automatic system interface support.
*3*:
It does not depend on gVisor and has better performance in some cases.
It is less compatible and may not be available in some environments.
*4*:
Annotated json configuration files are now supported.
*5*:
UDP fragmentation is now blocked by default.
Including shadowsocks-libev, shadowsocks-rust and quic-go all disable segmentation by default.
See [Dial Fields](/configuration/shared/dial#udp_fragment)
and [Listen Fields](/configuration/shared/listen#udp_fragment).
2022-09-09 06:43:42 +00:00
#### 1.0.1
* Fix match 4in6 address in ip_cidr
* Fix clash api log level format error
* Fix clash api unknown proxy type
2022-09-07 15:10:12 +00:00
#### 1.0
* Fix wireguard reconnect
* Fix naive inbound
* Fix json format error message
* Fix processing vmess termination signal
* Fix hysteria stream error
* Fix listener close when proxyproto failed
2022-09-04 05:13:54 +00:00
#### 1.0-rc1
* Fix write log timestamp
* Fix write zero
* Fix dial parallel in direct outbound
* Fix write trojan udp
* Fix DNS routing
* Add attribute support for geosite
2023-12-14 14:23:52 +00:00
* Update documentation for [Dial Fields](/configuration/shared/dial/)
2022-09-04 05:13:54 +00:00
2022-08-31 06:33:52 +00:00
#### 1.0-beta3
* Add [chained inbound](/configuration/shared/listen#detour) support
* Add process_path rule item
* Add macOS redirect support
2023-12-14 14:23:52 +00:00
* Add ShadowTLS [Inbound](/configuration/inbound/shadowtls/), [Outbound](/configuration/outbound/shadowtls/)
and [Examples](/examples/shadowtls/)
2022-08-31 06:33:52 +00:00
* Fix search android package in non-owner users
* Fix socksaddr type condition
* Fix smux session status
* Refactor inbound and outbound documentation
* Minor fixes
2022-08-27 13:32:20 +00:00
#### 1.0-beta2
* Add strict_route option for [Tun inbound](/configuration/inbound/tun#strict_route)
* Add packetaddr support for [VMess outbound](/configuration/outbound/vmess#packet_addr)
* Add better performing alternative gRPC implementation
2022-08-28 03:27:51 +00:00
* Add [docker image](https://github.com/SagerNet/sing-box/pkgs/container/sing-box)
2022-08-27 13:32:20 +00:00
* Fix sniff override destination
2022-08-26 08:33:12 +00:00
#### 1.0-beta1
* Initial release
##### 2022/08/26
2022-08-26 04:30:31 +00:00
* Fix ipv6 route on linux
2022-08-26 08:33:12 +00:00
* Fix read DNS message
2022-08-26 04:30:31 +00:00
2022-08-26 08:33:12 +00:00
##### 2022/08/25
2022-08-25 14:49:23 +00:00
* Let vmess use zero instead of auto if TLS enabled
* Add trojan fallback for ALPN
* Improve ip_cidr rule
* Fix format bind_address
* Fix http proxy with compressed response
* Fix route connections
2022-08-26 08:33:12 +00:00
##### 2022/08/24
2022-08-25 02:01:50 +00:00
* Fix naive padding
* Fix unix search path
* Fix close non-duplex connections
* Add ACME EAB support
* Fix early close on windows and catch any
* Initial zh-CN document translation
2022-08-26 08:33:12 +00:00
##### 2022/08/23
2022-08-23 15:15:56 +00:00
2023-12-14 14:23:52 +00:00
* Add [V2Ray Transport](/configuration/shared/v2ray-transport/) support for VMess and Trojan
2022-08-23 15:15:56 +00:00
* Allow plain http request in Naive inbound (It can now be used with nginx)
* Add proxy protocol support
* Free memory after start
* Parse X-Forward-For in HTTP requests
* Handle SIGHUP signal
2022-08-26 08:33:12 +00:00
##### 2022/08/22
2022-08-22 04:43:21 +00:00
2023-12-14 14:23:52 +00:00
* Add strategy setting for each [DNS server](/configuration/dns/server/)
2022-08-22 06:28:23 +00:00
* Add bind address to outbound options
2022-08-22 04:43:21 +00:00
2022-08-26 08:33:12 +00:00
##### 2022/08/21
2022-08-20 16:59:49 +00:00
2023-12-14 14:23:52 +00:00
* Add [Tor outbound](/configuration/outbound/tor/)
* Add [SSH outbound](/configuration/outbound/ssh/)
2022-08-20 16:59:49 +00:00
2022-08-26 08:33:12 +00:00
##### 2022/08/20
2022-08-20 12:54:20 +00:00
* Attempt to unwrap ip-in-fqdn socksaddr
* Fix read packages in android 12
* Fix route on some android devices
* Improve linux process searcher
* Fix write socks5 username password auth request
* Skip bind connection with private destination to interface
2022-08-20 13:14:51 +00:00
* Add [Trojan connection fallback](/configuration/inbound/trojan#fallback)
2022-08-20 12:54:20 +00:00
2022-08-26 08:33:12 +00:00
##### 2022/08/19
2022-08-19 11:02:32 +00:00
2023-12-14 14:23:52 +00:00
* Add Hysteria [Inbound](/configuration/inbound/hysteria/) and [Outbund](/configuration/outbound/hysteria/)
* Add [ACME TLS certificate issuer](/configuration/shared/tls/)
2022-08-19 11:02:32 +00:00
* Allow read config from stdin (-c stdin)
* Update gVisor to 20220815.0
2022-08-26 08:33:12 +00:00
##### 2022/08/18
2022-08-19 11:02:32 +00:00
* Fix find process with lwip stack
* Fix crash on shadowsocks server
* Fix crash on darwin tun
* Fix write log to file
2022-08-26 08:33:12 +00:00
##### 2022/08/17
2022-08-19 11:02:32 +00:00
* Improve async dns transports
2022-08-26 08:33:12 +00:00
##### 2022/08/16
2022-08-17 07:19:10 +00:00
* Add ip_version (route/dns) rule item
2023-12-14 14:23:52 +00:00
* Add [WireGuard](/configuration/outbound/wireguard/) outbound
2022-08-17 07:19:10 +00:00
2022-08-26 08:33:12 +00:00
##### 2022/08/15
2023-12-14 14:23:52 +00:00
* Add uid, android user and package rules support in [Tun](/configuration/inbound/tun/) routing.
2022-08-26 08:33:12 +00:00
##### 2022/08/13
* Fix dns concurrent write
2022-08-26 08:33:12 +00:00
##### 2022/08/12
2022-08-12 09:55:52 +00:00
* Performance improvements
2023-12-14 14:23:52 +00:00
* Add UoT option for [SOCKS](/configuration/outbound/socks/) outbound
2022-08-12 09:55:52 +00:00
2022-08-26 08:33:12 +00:00
##### 2022/08/11
2022-08-11 02:36:28 +00:00
2023-12-14 14:23:52 +00:00
* Add UoT option for [Shadowsocks](/configuration/outbound/shadowsocks/) outbound, UoT support for all inbounds
2022-08-11 02:36:28 +00:00
2022-08-26 08:33:12 +00:00
##### 2022/08/10
2022-08-10 13:17:02 +00:00
2023-12-14 14:23:52 +00:00
* Add full-featured [Naive](/configuration/inbound/naive/) inbound
2022-08-10 13:17:02 +00:00
* Fix default dns server option [#9] by iKirby
2022-08-26 08:33:12 +00:00
##### 2022/08/09
2022-08-08 12:57:50 +00:00
2022-08-10 13:17:02 +00:00
No changelog before.
2022-08-31 06:33:52 +00:00
[#9]: https://github.com/SagerNet/sing-box/pull/9