mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-22 16:41:30 +00:00
Update documentation
This commit is contained in:
parent
c4f4fd97d6
commit
3a442347a5
17
box.go
17
box.go
|
@ -168,16 +168,18 @@ func New(ctx context.Context, options option.Options) (*Box, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Box) Start() error {
|
func (s *Box) Start() error {
|
||||||
|
err := s.start()
|
||||||
|
if err != nil {
|
||||||
|
s.Close()
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *Box) start() error {
|
||||||
for i, out := range s.outbounds {
|
for i, out := range s.outbounds {
|
||||||
if starter, isStarter := out.(common.Starter); isStarter {
|
if starter, isStarter := out.(common.Starter); isStarter {
|
||||||
err := starter.Start()
|
err := starter.Start()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
for _, in := range s.inbounds {
|
|
||||||
common.Close(in)
|
|
||||||
}
|
|
||||||
for g := 0; g < i; g++ {
|
|
||||||
common.Close(s.outbounds[g])
|
|
||||||
}
|
|
||||||
var tag string
|
var tag string
|
||||||
if out.Tag() == "" {
|
if out.Tag() == "" {
|
||||||
tag = F.ToString(i)
|
tag = F.ToString(i)
|
||||||
|
@ -195,9 +197,6 @@ func (s *Box) Start() error {
|
||||||
for i, in := range s.inbounds {
|
for i, in := range s.inbounds {
|
||||||
err = in.Start()
|
err = in.Start()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
for g := 0; g < i; g++ {
|
|
||||||
s.inbounds[g].Close()
|
|
||||||
}
|
|
||||||
var tag string
|
var tag string
|
||||||
if in.Tag() == "" {
|
if in.Tag() == "" {
|
||||||
tag = F.ToString(i)
|
tag = F.ToString(i)
|
||||||
|
|
|
@ -1,3 +1,7 @@
|
||||||
|
#### 2022/08/22
|
||||||
|
|
||||||
|
* Add strategy setting for each [DNS server](/configuration/dns/server)
|
||||||
|
|
||||||
#### 2022/08/21
|
#### 2022/08/21
|
||||||
|
|
||||||
* Add [Tor outbound](/configuration/outbound/tor)
|
* Add [Tor outbound](/configuration/outbound/tor)
|
||||||
|
|
|
@ -33,6 +33,8 @@ Default domain strategy for resolving the domain names.
|
||||||
|
|
||||||
One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
|
One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
|
||||||
|
|
||||||
|
Take no effect if `server.strategy` is set.
|
||||||
|
|
||||||
#### disable_cache
|
#### disable_cache
|
||||||
|
|
||||||
Disable dns cache.
|
Disable dns cache.
|
||||||
|
|
|
@ -9,6 +9,7 @@
|
||||||
"address": "tls://dns.google",
|
"address": "tls://dns.google",
|
||||||
"address_resolver": "local",
|
"address_resolver": "local",
|
||||||
"address_strategy": "prefer_ipv4",
|
"address_strategy": "prefer_ipv4",
|
||||||
|
"strategy": "ipv4_only",
|
||||||
"detour": "direct"
|
"detour": "direct"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
@ -74,6 +75,14 @@ One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
|
||||||
|
|
||||||
`dns.strategy` will be used if empty.
|
`dns.strategy` will be used if empty.
|
||||||
|
|
||||||
|
#### strategy
|
||||||
|
|
||||||
|
Default domain strategy for resolving the domain names.
|
||||||
|
|
||||||
|
One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
|
||||||
|
|
||||||
|
Take no effect if override by other settings.
|
||||||
|
|
||||||
#### detour
|
#### detour
|
||||||
|
|
||||||
Tag of an outbound for connecting to the dns server.
|
Tag of an outbound for connecting to the dns server.
|
||||||
|
|
23
docs/faq.md
23
docs/faq.md
|
@ -1,23 +0,0 @@
|
||||||
# Frequently Asked Questions (FAQ)
|
|
||||||
|
|
||||||
## Design
|
|
||||||
|
|
||||||
#### Why does sing-box not have feature X?
|
|
||||||
|
|
||||||
Every program contains novel features and omits someone's favorite feature. sing-box is designed with an eye to the needs of performance, lightweight, usability, modularity, and code quality. Your favorite feature may be missing because it doesn't fit, because it compromises performance or design clarity, or because it's a bad idea.
|
|
||||||
|
|
||||||
If it bothers you that sing-box is missing feature X, please forgive us and investigate the features that sing-box does have. You might find that they compensate in interesting ways for the lack of X.
|
|
||||||
|
|
||||||
#### Fake IP
|
|
||||||
|
|
||||||
Fake IP (also called Fake DNS) is an invasive and imperfect DNS solution that breaks expected behavior, causes DNS leaks and makes many software unusable. It is recommended by some software that lacks DNS processing and caching, but sing-box does not need this.
|
|
||||||
|
|
||||||
#### Naive outbound
|
|
||||||
|
|
||||||
NaïveProxy's main function is chromium's network stack, and it makes no sense to implement only its transport protocol.
|
|
||||||
|
|
||||||
#### Protocol combinations
|
|
||||||
|
|
||||||
The "underlying transport" in v2ray-core is actually a combination of a number of proprietary protocols and uses the names of their upstream protocols, resulting in a great deal of Linguistic corruption.
|
|
||||||
|
|
||||||
For example, Trojan with v2ray's proprietary gRPC protocol, called Trojan gRPC by the v2ray community, is not actually a protocol and has no role outside of abusing CDNs.
|
|
64
docs/faq/index.md
Normal file
64
docs/faq/index.md
Normal file
|
@ -0,0 +1,64 @@
|
||||||
|
# Frequently Asked Questions (FAQ)
|
||||||
|
|
||||||
|
## Design
|
||||||
|
|
||||||
|
#### Why does sing-box not have feature X?
|
||||||
|
|
||||||
|
Every program contains novel features and omits someone's favorite feature. sing-box is designed with an eye to the
|
||||||
|
needs of performance, lightweight, usability, modularity, and code quality. Your favorite feature may be missing because
|
||||||
|
it doesn't fit, because it compromises performance or design clarity, or because it's a bad idea.
|
||||||
|
|
||||||
|
If it bothers you that sing-box is missing feature X, please forgive us and investigate the features that sing-box does
|
||||||
|
have. You might find that they compensate in interesting ways for the lack of X.
|
||||||
|
|
||||||
|
#### Fake IP
|
||||||
|
|
||||||
|
Fake IP (also called Fake DNS) is an invasive and imperfect DNS solution that breaks expected behavior, causes DNS leaks
|
||||||
|
and makes many software unusable. It is recommended by some software that lacks DNS processing and caching, but sing-box
|
||||||
|
does not need this.
|
||||||
|
|
||||||
|
#### Naive outbound
|
||||||
|
|
||||||
|
NaïveProxy's main function is chromium's network stack, and it makes no sense to implement only its transport protocol.
|
||||||
|
|
||||||
|
#### Protocol combinations
|
||||||
|
|
||||||
|
The "underlying transport" in v2ray-core is actually a combination of a number of proprietary protocols and uses the
|
||||||
|
names of their upstream protocols, resulting in a great deal of Linguistic corruption.
|
||||||
|
|
||||||
|
For example, Trojan with v2ray's proprietary gRPC protocol, called Trojan gRPC by the v2ray community, is not actually a
|
||||||
|
protocol and has no role outside of abusing CDNs.
|
||||||
|
|
||||||
|
## Tun
|
||||||
|
|
||||||
|
#### What is tun?
|
||||||
|
|
||||||
|
tun is a virtual network device in unix systems, and in windows there is wintun developed by WireGuard as an
|
||||||
|
alternative. The tun module of sing-box includes traffic processing, automatic routing, and network device listening,
|
||||||
|
and is mainly used as a transparent proxy.
|
||||||
|
|
||||||
|
#### How is it different from system proxy?
|
||||||
|
|
||||||
|
System proxy usually only supports TCP and is not accepted by all applications, but tun can handle all traffic.
|
||||||
|
|
||||||
|
#### How is it different from traditional transparent proxy?
|
||||||
|
|
||||||
|
They are usually only supported under Linux and require manipulation of firewalls like iptables, while tun only modifies
|
||||||
|
the routing table.
|
||||||
|
|
||||||
|
The tproxy UDP is considered to have poor performance due to the need to create a new connection every write back in
|
||||||
|
v2ray and clash, but it is optimized in sing-box so you can still use it if needed.
|
||||||
|
|
||||||
|
#### How does it handle DNS?
|
||||||
|
|
||||||
|
In traditional transparent proxies, it is usually necessary to manually hijack port 53 to the DNS proxy server, while
|
||||||
|
tun is more flexible.
|
||||||
|
|
||||||
|
sing-box's `auto_route` will hijack all DNS requests except on [macOS and Android](./known-issues#dns).
|
||||||
|
|
||||||
|
You need to manually configure how to handle tun hijacked DNS traffic, see [Hijack DNS](/examples/dns-hijack).
|
||||||
|
|
||||||
|
#### Why I can't use it with other local proxies (e.g. via socks)?
|
||||||
|
|
||||||
|
Tun will hijack all traffic, including other proxy applications. In order to make tun work with other applications, you
|
||||||
|
need to create an inbound to proxy traffic from other applications or make them bypass the route.
|
19
docs/faq/known-issues.md
Normal file
19
docs/faq/known-issues.md
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
#### DNS
|
||||||
|
|
||||||
|
##### on macOS
|
||||||
|
|
||||||
|
`auto-route` cannot automatically hijack DNS requests sent to the LAN, so it's need to manually set DNS to servers on the public internet.
|
||||||
|
|
||||||
|
##### on Android
|
||||||
|
|
||||||
|
`auto-route` cannot automatically hijack DNS requests when Android's `Private DNS` is enabled.
|
||||||
|
|
||||||
|
#### System proxy
|
||||||
|
|
||||||
|
##### on Linux
|
||||||
|
|
||||||
|
Usually only browsers and GNOME applications accept GNOME proxy settings.
|
||||||
|
|
||||||
|
##### on Android
|
||||||
|
|
||||||
|
With the system proxy enabled, some applications will error out (usually from China).
|
|
@ -81,7 +81,9 @@ nav:
|
||||||
- Shared:
|
- Shared:
|
||||||
- TLS: configuration/shared/tls.md
|
- TLS: configuration/shared/tls.md
|
||||||
- Multiplex: configuration/shared/multiplex.md
|
- Multiplex: configuration/shared/multiplex.md
|
||||||
- FAQ: faq.md
|
- FAQ:
|
||||||
|
- faq/index.md
|
||||||
|
- Known Issues: faq/known-issues.md
|
||||||
- Examples:
|
- Examples:
|
||||||
- examples/index.md
|
- examples/index.md
|
||||||
- Linux Server Installation: examples/linux-server-installation.md
|
- Linux Server Installation: examples/linux-server-installation.md
|
||||||
|
|
Loading…
Reference in a new issue