Closed us254 closed 1 year ago
chika0801
commented
1 year ago You need to provide, your client-side configuration, server-side configuration.
Tell me if your client is for example using windows system? Do you use the TUN mode of sing-box? Tell me how you use it, so I can help you analyze how to modify the configuration file.
us254
commented
1 year ago I use "sing-box.exe" in Windows Command Prompt (CMD) without TUN mode. While Telegram functions properly, Chrome is unable to access blocked sites. The sing-box logs indicate client-side DNS resolution for blocked websites. For instance, when I enter "youtube.com" in the browser, sing-box resolves it to a private IP (10.10.34.35) instead of the actual YouTube IP. When I ran the command ping youtube.com -4 -S 1.0.0.1 locally, it resulted in a failed transmission and returned a private IP for youtube.com.
server config
{
"log": {
"level": "info",
"timestamp": true
},
"route": {
"rules": [
{
"network": "udp",
"port": [
443
],
"outbound": "block"
}
]
},
"inbounds": [
{
"type": "vless",
"tag": "vless-in",
"listen": "::",
"listen_port": 443,
"sniff": false,
"sniff_override_destination": false,
"users": [
{
"uuid": "chika",
"flow": "xtls-rprx-vision"
}
],
"tls": {
"enabled": true,
"server_name": "www.lovelive-anime.jp",
"reality": {
"enabled": true,
"handshake": {
"server": "www.lovelive-anime.jp",
"server_port": 443
},
"private_key": "2KZ4uouMKgI8nR-LDJNP1_MHisCJOmKGj9jUjZLncVU",
"short_id": [
"6ba85179e30d4fc2"
]
}
}
}
],
"outbounds": [
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
}
]
}client config
{
"log": {
"level": "info",
"timestamp": true
},
"route": {
"rules": [
{
"geosite": [
"cn",
"private"
],
"outbound": "direct"
},
{
"geoip": [
"cn",
"private"
],
"outbound": "direct"
}
]
},
"inbounds": [
{
"type": "mixed",
"tag": "mixed-in",
"listen": "::",
"listen_port": 10000,
"domain_strategy": "ipv4_only",
"set_system_proxy": false
}
],
"outbounds": [
{
"type": "vless",
"tag": "proxy",
"server": "",
"server_port": 443,
"uuid": "chika",
"flow": "xtls-rprx-vision",
"tls": {
"enabled": true,
"server_name": "www.lovelive-anime.jp",
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "Z84J2IelR9ch3k8VtlVhhs5ycBUlXA7wHBWcBrjqnAw",
"short_id": "6ba85179e30d4fc2"
}
},
"packet_encoding": "xudp"
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
}
]
}I looked at your configuration file, where you have a client configuration file. After you use it, sing-box listens on a port on your local machine, port 10000.
I'm on windows and if I use telegram, I'm going to put 127.0.0.1 10000 in telegram's proxy settings.
If I am using it on chrome, assuming you don't have the system proxy parameters for windows. chrome I use the SwitchyOmega plugin and set a proxy such as type http 127.0.0.1 10000. at this point the web page will open normally in chrome.
So I don't understand what you're saying about the incorrect IP returned by typing www.youtube.com into your browser how you are importing the request to port 10000 on your local machine.
The DNS module is not written in the client configuration, it uses your system's default DNS.
You need to add something about your situation so I can help you analyze it.
us254
commented
1 year ago The issue with the client configuration was due to the "domain strategy" parameter being set as "ipv4_only" in the inbound section. However, removing its value completely resolved the problem, allowing successful connection for browsers and Telegram.
chika0801
commented
1 year ago Because the configuration is made to be used in mainland China, you can troubleshoot errors by minimizing the configuration to suit your needs.
I need help with a DNS resolution problem in sing-box (VLESS-XTLS-uTLS-REALITY). It relies on client-side DNS resolution, causing issues with accessing blocked sites due to DNS pollution. I've been using "Simple DnsCrypt" as a workaround, but I want to configure sing-box for server-side DNS resolution. Can you guide me on this?