Add documentation and example for linux tun

2024-11-22 08:31:30 +00:00 · 2022-07-10 16:41:38 +08:00 · 2022-07-10 16:41:38 +08:00 · b417bd5be4
parent 7f84191748
commit b417bd5be4
6 changed files with 162 additions and 4 deletions
--- a/docs/configuration/inbound/tun.md
+++ b/docs/configuration/inbound/tun.md
@ -0,0 +1,78 @@
+!!! error ""
+
+    Linux only
+
+### Structure
+
+```json
+{
+  "inbounds": [
+    {
+      "type": "tun",
+      "tag": "tun-in",
+      
+      "inet4_address": "172.19.0.1/30",
+      "inet6_address": "fdfe:dcba:9876::1/128",
+      "mtu": 1500,
+      "auto_route": true,
+      "hijack_dns": true,
+      
+      "sniff": true,
+      "sniff_override_destination": false,
+      "domain_strategy": "prefer_ipv4"
+    }
+  ]
+}
+```
+
+### Tun Fields
+
+#### inet4_address
+
+==Required==
+
+IPv4 prefix for the tun interface.
+
+#### inet6_address
+
+IPv6 prefix for the tun interface.
+
+#### mtu
+
+The maximum transmission unit.
+
+#### auto_route
+
+Set the default route to the Tun.
+
+!!! error ""
+
+    To avoid traffic loopback, set `route.auto_delect_interface` or `outbound.bind_interface`
+
+#### hijack_dns
+
+Hijack TCP/UDP DNS requests to the built-in DNS adapter.
+
+### Listen Fields
+
+#### sniff
+
+Enable sniffing.
+
+Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP.
+
+This does not break zero copy, like splice.
+
+#### sniff_override_destination
+
+Override the connection destination address with the sniffed domain.
+
+If the domain name is invalid (like tor), this will not work.
+
+#### domain_strategy
+
+One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
+
+If set, the requested domain name will be resolved to IP before routing.
+
+If `sniff_override_destination` is in effect, its value will be taken as a fallback.
--- a/docs/configuration/route/index.md
+++ b/docs/configuration/route/index.md
@ -6,7 +6,8 @@
    "geoip": {},
    "geosite": {},
    "rules": [],
-    "final": ""
+    "final": "",
+    "auto_detect_interface": false
  }
 }
 ```
@ -22,3 +23,13 @@
 #### final

 Default outbound tag. the first outbound will be used if empty.
+
+#### auto_detect_interface
+
+!!! error ""
+
+    Linux only
+
+Bind outbound connections to the default NIC by default to prevent routing loops under Tun.
+
+Takes no effect if `outbound.bind_interface` is set.
--- a/docs/examples/index.md
+++ b/docs/examples/index.md
@ -4,3 +4,4 @@ Configuration examples for sing-box.

 * [Shadowsocks Server](./ss-server)
 * [Shadowsocks Client](./ss-client)
+* [Shadowsocks Tun](./ss-tun)
--- a/docs/examples/ss-tun.md
+++ b/docs/examples/ss-tun.md
@ -0,0 +1,66 @@
+```json
+{
+  "dns": {
+    "servers": [
+      {
+        "tag": "google",
+        "address": "tls://8.8.8.8"
+      },
+      {
+        "tag": "local",
+        "address": "223.5.5.5",
+        "detour": "direct"
+      }
+    ],
+    "rules": [
+      {
+        "domain": "mydomain.com",
+        "geosite": "cn",
+        "server": "local"
+      }
+    ],
+    "strategy": "ipv4_only"
+  },
+  "inbounds": [
+    {
+      "type": "tun",
+      "inet4_address": "172.19.0.1/30",
+      "auto_route": true,
+      "hijack_dns": true,
+      "sniff": true
+    }
+  ],
+  "outbounds": [
+    {
+      "type": "shadowsocks",
+      "tag": "proxy",
+      "server": "mydomain.com",
+      "server_port": 8080,
+      "method": "2022-blake3-aes-128-gcm",
+      "password": "8JCsPssfgS8tiRwiMlhARg=="
+    },
+    {
+      "type": "direct",
+      "tag": "direct"
+    },
+    {
+      "type": "block",
+      "tag": "block"
+    }
+  ],
+  "route": {
+    "rules": [
+      {
+        "geosite": "category-ads-all",
+        "outbound": "block"
+      },
+      {
+        "geosite": "cn",
+        "geoip": "cn",
+        "outbound": "direct"
+      }
+    ],
+    "auto_detect_interface": true
+  }
+}
+```
--- a/mkdocs.yml
+++ b/mkdocs.yml
@ -40,6 +40,7 @@ nav:
          - DNS Rule: configuration/dns/rule.md
      - Inbound:
          - configuration/inbound/index.md
+          - Tun: configuration/inbound/tun.md
          - Direct: configuration/inbound/direct.md
          - Mixed: configuration/inbound/mixed.md
          - Socks: configuration/inbound/socks.md
@ -61,6 +62,7 @@ nav:
      - examples/index.md
      - Shadowsocks Server: examples/ss-server.md
      - Shadowsocks Client: examples/ss-client.md
+      - Shadowsocks Tun: examples/ss-tun.md
  - Benchmark: benchmark.md
 markdown_extensions:
  - pymdownx.inlinehilite
--- a/option/route.go
+++ b/option/route.go
@ -69,7 +69,7 @@ func (r *Rule) UnmarshalJSON(bytes []byte) error {
 	}
 	var v any
 	switch r.Type {
-	case "":
+	case "", C.RuleTypeDefault:
 		r.Type = C.RuleTypeDefault
 		v = &r.DefaultOptions
 	case C.RuleTypeLogical: