Update documentation

This commit is contained in:
世界 2022-08-22 12:43:21 +08:00
parent c4f4fd97d6
commit 3a442347a5
No known key found for this signature in database
GPG key ID: CD109927C34A63C4
8 changed files with 109 additions and 33 deletions

17
box.go
View file

@ -168,16 +168,18 @@ func New(ctx context.Context, options option.Options) (*Box, error) {
} }
func (s *Box) Start() error { func (s *Box) Start() error {
err := s.start()
if err != nil {
s.Close()
}
return err
}
func (s *Box) start() error {
for i, out := range s.outbounds { for i, out := range s.outbounds {
if starter, isStarter := out.(common.Starter); isStarter { if starter, isStarter := out.(common.Starter); isStarter {
err := starter.Start() err := starter.Start()
if err != nil { if err != nil {
for _, in := range s.inbounds {
common.Close(in)
}
for g := 0; g < i; g++ {
common.Close(s.outbounds[g])
}
var tag string var tag string
if out.Tag() == "" { if out.Tag() == "" {
tag = F.ToString(i) tag = F.ToString(i)
@ -195,9 +197,6 @@ func (s *Box) Start() error {
for i, in := range s.inbounds { for i, in := range s.inbounds {
err = in.Start() err = in.Start()
if err != nil { if err != nil {
for g := 0; g < i; g++ {
s.inbounds[g].Close()
}
var tag string var tag string
if in.Tag() == "" { if in.Tag() == "" {
tag = F.ToString(i) tag = F.ToString(i)

View file

@ -1,3 +1,7 @@
#### 2022/08/22
* Add strategy setting for each [DNS server](/configuration/dns/server)
#### 2022/08/21 #### 2022/08/21
* Add [Tor outbound](/configuration/outbound/tor) * Add [Tor outbound](/configuration/outbound/tor)

View file

@ -33,6 +33,8 @@ Default domain strategy for resolving the domain names.
One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
Take no effect if `server.strategy` is set.
#### disable_cache #### disable_cache
Disable dns cache. Disable dns cache.

View file

@ -9,6 +9,7 @@
"address": "tls://dns.google", "address": "tls://dns.google",
"address_resolver": "local", "address_resolver": "local",
"address_strategy": "prefer_ipv4", "address_strategy": "prefer_ipv4",
"strategy": "ipv4_only",
"detour": "direct" "detour": "direct"
} }
] ]
@ -74,6 +75,14 @@ One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
`dns.strategy` will be used if empty. `dns.strategy` will be used if empty.
#### strategy
Default domain strategy for resolving the domain names.
One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
Take no effect if override by other settings.
#### detour #### detour
Tag of an outbound for connecting to the dns server. Tag of an outbound for connecting to the dns server.

View file

@ -1,23 +0,0 @@
# Frequently Asked Questions (FAQ)
## Design
#### Why does sing-box not have feature X?
Every program contains novel features and omits someone's favorite feature. sing-box is designed with an eye to the needs of performance, lightweight, usability, modularity, and code quality. Your favorite feature may be missing because it doesn't fit, because it compromises performance or design clarity, or because it's a bad idea.
If it bothers you that sing-box is missing feature X, please forgive us and investigate the features that sing-box does have. You might find that they compensate in interesting ways for the lack of X.
#### Fake IP
Fake IP (also called Fake DNS) is an invasive and imperfect DNS solution that breaks expected behavior, causes DNS leaks and makes many software unusable. It is recommended by some software that lacks DNS processing and caching, but sing-box does not need this.
#### Naive outbound
NaïveProxy's main function is chromium's network stack, and it makes no sense to implement only its transport protocol.
#### Protocol combinations
The "underlying transport" in v2ray-core is actually a combination of a number of proprietary protocols and uses the names of their upstream protocols, resulting in a great deal of Linguistic corruption.
For example, Trojan with v2ray's proprietary gRPC protocol, called Trojan gRPC by the v2ray community, is not actually a protocol and has no role outside of abusing CDNs.

64
docs/faq/index.md Normal file
View file

@ -0,0 +1,64 @@
# Frequently Asked Questions (FAQ)
## Design
#### Why does sing-box not have feature X?
Every program contains novel features and omits someone's favorite feature. sing-box is designed with an eye to the
needs of performance, lightweight, usability, modularity, and code quality. Your favorite feature may be missing because
it doesn't fit, because it compromises performance or design clarity, or because it's a bad idea.
If it bothers you that sing-box is missing feature X, please forgive us and investigate the features that sing-box does
have. You might find that they compensate in interesting ways for the lack of X.
#### Fake IP
Fake IP (also called Fake DNS) is an invasive and imperfect DNS solution that breaks expected behavior, causes DNS leaks
and makes many software unusable. It is recommended by some software that lacks DNS processing and caching, but sing-box
does not need this.
#### Naive outbound
NaïveProxy's main function is chromium's network stack, and it makes no sense to implement only its transport protocol.
#### Protocol combinations
The "underlying transport" in v2ray-core is actually a combination of a number of proprietary protocols and uses the
names of their upstream protocols, resulting in a great deal of Linguistic corruption.
For example, Trojan with v2ray's proprietary gRPC protocol, called Trojan gRPC by the v2ray community, is not actually a
protocol and has no role outside of abusing CDNs.
## Tun
#### What is tun?
tun is a virtual network device in unix systems, and in windows there is wintun developed by WireGuard as an
alternative. The tun module of sing-box includes traffic processing, automatic routing, and network device listening,
and is mainly used as a transparent proxy.
#### How is it different from system proxy?
System proxy usually only supports TCP and is not accepted by all applications, but tun can handle all traffic.
#### How is it different from traditional transparent proxy?
They are usually only supported under Linux and require manipulation of firewalls like iptables, while tun only modifies
the routing table.
The tproxy UDP is considered to have poor performance due to the need to create a new connection every write back in
v2ray and clash, but it is optimized in sing-box so you can still use it if needed.
#### How does it handle DNS?
In traditional transparent proxies, it is usually necessary to manually hijack port 53 to the DNS proxy server, while
tun is more flexible.
sing-box's `auto_route` will hijack all DNS requests except on [macOS and Android](./known-issues#dns).
You need to manually configure how to handle tun hijacked DNS traffic, see [Hijack DNS](/examples/dns-hijack).
#### Why I can't use it with other local proxies (e.g. via socks)?
Tun will hijack all traffic, including other proxy applications. In order to make tun work with other applications, you
need to create an inbound to proxy traffic from other applications or make them bypass the route.

19
docs/faq/known-issues.md Normal file
View file

@ -0,0 +1,19 @@
#### DNS
##### on macOS
`auto-route` cannot automatically hijack DNS requests sent to the LAN, so it's need to manually set DNS to servers on the public internet.
##### on Android
`auto-route` cannot automatically hijack DNS requests when Android's `Private DNS` is enabled.
#### System proxy
##### on Linux
Usually only browsers and GNOME applications accept GNOME proxy settings.
##### on Android
With the system proxy enabled, some applications will error out (usually from China).

View file

@ -81,7 +81,9 @@ nav:
- Shared: - Shared:
- TLS: configuration/shared/tls.md - TLS: configuration/shared/tls.md
- Multiplex: configuration/shared/multiplex.md - Multiplex: configuration/shared/multiplex.md
- FAQ: faq.md - FAQ:
- faq/index.md
- Known Issues: faq/known-issues.md
- Examples: - Examples:
- examples/index.md - examples/index.md
- Linux Server Installation: examples/linux-server-installation.md - Linux Server Installation: examples/linux-server-installation.md