{"inbound": "socks-in","action": "sniff"} 规则 sniff 不生效

[SimonTLS]

操作系统

Windows

系统版本

Windows 11 LTSC

安装类型

sing-box 原始命令行程序

如果您使用图形客户端程序，请提供该程序版本。

No response

版本

sing-box version 1.11.0-alpha.13

Environment: go1.23.3 windows/amd64
Tags: with_gvisor,with_quic,with_dhcp,with_wireguard,with_ech,with_utls,with_reality_server,with_acme,with_clash_api
Revision: c0e48f865eccdf93a82cfe4627a5eba0b6fac6e9
CGO: disabled

描述

socks inbound，以下 sniff action 不生效，使用 {"action": "sniff"} 则生效

            {
                "inbound": "socks-in",
                "action": "sniff"
            }

重现方式

curl https://one.one.one.one --proxy socks5://127.0.0.1:11223

{
    "log": {
        "level": "debug",
        "timestamp": true
    },
    "dns": {
        "servers": [
            {
                "tag": "local",
                "address": "udp://223.5.5.5",
                "detour": "direct"
            }
        ],
        "strategy": "ipv4_only"
    },
    "inbounds": [
        {
            "type": "socks",
            "tag": "socks-in",
            "listen": "127.0.0.1",
            "listen_port": 11223
        }
    ],
    "outbounds": [
        {
            "type": "direct",
            "tag": "direct"
        }
    ],
    "route": {
        "rules": [
            {
                "inbound": "socks-in",
                "action": "sniff"
            },
            {
                "domain_suffix": "one.one.one.one",
                "action": "reject",
                "method": "default"
            },
            {
                "ip_cidr": [
                    "1.1.1.1/32",
                    "1.0.0.1/32"
                ],
                "outbound": "direct"
            }
        ]
    }
}

日志

以上配置出现问题的日志：
sing-box run
+0800 2024-11-12 19:23:16 INFO network: updated default interface 以太网, index 13
+0800 2024-11-12 19:23:16 INFO inbound/socks[socks-in]: tcp server started at 127.0.0.1:11223
+0800 2024-11-12 19:23:16 INFO sing-box started (0.33s)
+0800 2024-11-12 19:23:22 INFO [2389313898 0ms] inbound/socks[socks-in]: inbound connection from 127.0.0.1:9446
+0800 2024-11-12 19:23:22 INFO [2389313898 8ms] inbound/socks[socks-in]: inbound connection to 1.1.1.1:443
+0800 2024-11-12 19:23:22 DEBUG [2389313898 8ms] router: match[2] ip_cidr=[1.1.1.1/32 1.0.0.1/32] => route(direct)
+0800 2024-11-12 19:23:22 INFO [2389313898 8ms] outbound/direct[direct]: outbound connection to 1.1.1.1:443

改用 {"action": "sniff"} 的正常日志
sing-box run
+0800 2024-11-12 19:25:03 INFO network: updated default interface 以太网, index 13
+0800 2024-11-12 19:25:03 INFO inbound/socks[socks-in]: tcp server started at 127.0.0.1:11223
+0800 2024-11-12 19:25:03 INFO sing-box started (0.33s)
+0800 2024-11-12 19:25:05 INFO [1139783085 0ms] inbound/socks[socks-in]: inbound connection from 127.0.0.1:9850
+0800 2024-11-12 19:25:05 INFO [1139783085 14ms] inbound/socks[socks-in]: inbound connection to 1.1.1.1:443
+0800 2024-11-12 19:25:05 DEBUG [1139783085 14ms] router: match[0] => sniff
+0800 2024-11-12 19:25:05 DEBUG [1139783085 15ms] router: sniffed protocol: tls, domain: one.one.one.one
+0800 2024-11-12 19:25:05 DEBUG [1139783085 15ms] router: match[1] domain_suffix=one.one.one.one => reject

支持我们

• [ ] 我已经 赞助

完整性要求

• [X] 我保证阅读了文档，了解所有我编写的配置文件项的含义，而不是大量堆砌看似有用的选项或默认值。
• [X] 我保证提供了可以在本地重现该问题的服务器、客户端配置文件与流程，而不是一个脱敏的复杂客户端配置文件。
• [X] 我保证提供了可用于重现我报告的错误的最简配置，而不是依赖远程服务器、TUN、图形界面客户端或者其他闭源软件。
• [X] 我保证提供了完整的配置文件与日志，而不是出于对自身智力的自信而仅提供了部分认为有用的部分。