search

chika0801 / sing-box-examples

sing-box 配置示例
https://github.com/SagerNet/sing-box
1.76k stars 292 forks source link

基于您的example改造了一下,有问题请教… #3

Closed jh0072110 closed 1 year ago

jh0072110 commented 1 year ago

https://github.com/SagerNet/sing-box/issues/152 就跟我在⬆️这个issue里说的一样的问题,不知道您遇到了么? 感恩大佬

chika0801 commented 1 year ago

"domain_strategy": "ipv4_only",

要删了这个,开它意思是,如果你从路由器(设传过来的是IP了),或者你是电脑上用v2rayN到VPS的请求是域名

请求到VPS这,是IP的请求被域名嗅探还原成域名,是域名的请求,还是域名。因为上面的参数,在进路由模块前,用你VPS的系统DNS,把域名解析成了IP。

再进路由模块,因为进来的都是IP了,所以只能匹配禁止CNIP的规则 ,你转发到VPS2的规则是基于域名的。2者不能都兼得。

所以你把 "domain_strategy": "ipv4_only", 删了就好了,

{ "geoip": "cn", "outbound": "block" },

这个也可以删了。

jh0072110 commented 1 year ago

您别着急关issue啊…… 我完全按照您: https://github.com/chika0801/sing-box-install/blob/main/netflix_unlock_transit_vps1.json 写了outbound,还是不行…… 老实说之前就是严格按照您的example写了连不太上,后来看到sing更新了外加我有俩机器block了cn ip才mix了一下,这个问题从我尝试学习sing时候就一直困扰着我咳咳咳咳 image

chika0801 commented 1 year ago

你把 中转机 和落地机 配置一起发来看看了?

jh0072110 commented 1 year ago

OK大佬: 现在vps1的config: { "inbounds": [ { "type": "vmess", "listen": "::", "listen_port": 333, "users": [ { "name": "xxx", "uuid": "xxx", "alterId": 0 } ], "sniff": true, "sniff_override_destination": true, "tls": { "enabled": true, "server_name": "vps1.com", "alpn": [ "h2" ], "certificate_path": "/xx/xx.crt", "key_path": "/xx/xx.key" }, "transport": { "type": "grpc", "service_name": "ForOwnUsedOnly" } } ], "outbounds": [ { "type": "direct", "tag": "direct" }, { "type": "shadowsocks", "tag": "Unlock", "server": "vps2ip",
"server_port": 12345, "method": "aes-128-gcm", "password": "password" } ], "route": { "geosite": { "path": "geosite.db", "download_url": "https://github.com/1715173329/sing-geosite/releases/latest/download/geosite.db" }, "rules": [ { "domain_keyword": [ "ip.sb" ], "geosite": [ "netflix" ], "outbound": "Unlock" } ] } } vps2的config: { "inbounds": [ {

不重要的某vmess部分

    },
    {
        "type": "shadowsocks",
        "listen": "::",
        "listen_port": 12345,
        "method": "aes-128-gcm",
        "password": "password"
    }
],
"outbounds": [
    {
        "type": "direct",
        "tag": "direct"
    },
    {
        "type": "block",
        "tag": "block"
    }
],
"route": {
    "geoip": {
        "path": "geoip.db",
        "download_url": "https://github.com/1715173329/sing-geoip/releases/latest/download/geoip.db"
    },
    "rules": [
        {
            "geoip": "cn",
            "outbound": "block"
        }
    ]
}

}

chika0801 commented 1 year ago

查看了2个配置文件,没有发现问题,我在中转机配置里加了个ip.sb,比如你现在电脑连上VPS1的节点(看你开的是vmess grpc tls)。你去访问ip.sb看下得到IP是什么,有是不是VPS2的IP。 你VPS2这机没安装防火墙吧?

VPS1 中转机 ```console { "inbounds":[ { "type":"vmess", "listen":"::", "listen_port":333, "users":[ { "name":"xxx", "uuid":"xxx", "alterId":0 } ], "sniff":true, "sniff_override_destination":true, "tls":{ "enabled":true, "server_name":"vps1.com", "alpn":[ "h2" ], "certificate_path":"/xx/xx.crt", "key_path":"/xx/xx.key" }, "transport":{ "type":"grpc", "service_name":"ForOwnUsedOnly" } } ], "outbounds":[ { "type":"direct", "tag":"direct" }, { "type":"shadowsocks", "tag":"Unlock", "server":"vps2ip", "server_port":12345, "method":"aes-128-gcm", "password":"password" } ], "route":{ "geosite":{ "path":"geosite.db", "download_url":"https://github.com/1715173329/sing-geosite/releases/latest/download/geosite.db" }, "rules":[ { "domain_keyword":[ "ip.sb" ], "geosite":[ "netflix" ], "outbound":"Unlock" } ] } } ```
VPS2落地机 ```console { "inbounds":[ { "type":"shadowsocks", "listen":"::", "listen_port":12345, "method":"aes-128-gcm", "password":"password" } ], "outbounds":[ { "type":"direct", "tag":"direct" }, { "type":"block", "tag":"block" } ], "route":{ "geoip":{ "path":"geoip.db", "download_url":"https://github.com/1715173329/sing-geoip/releases/latest/download/geoip.db" }, "rules":[ { "geoip":"cn", "outbound":"block" } ] } } ```
jh0072110 commented 1 year ago

额,可能得稍等一下了大佬,Gigs家的vps1号机好像正在被爆破中…等他康复了我给您回复…… PS:vps2没有防火墙 PS2:它不是完全连不到,他就是…几乎连不到…偶然还是能连一下来着 PS3:我怎么有一种是sing-box的bug的感觉……

chika0801 commented 1 year ago

PS2:它不是完全连不到,他就是…几乎连不到…偶然还是能连一下来着

你意思是你觉得你的VPS1 开的ss 到VPS2 时通时不通?

你可以把VPS1的配置改为下面的,意思是VPS1把全部转到VPS2。这样来测试1到2之间互相到底通不通。

点击查看详细步骤 ```console { "inbounds":[ { "type":"vmess", "listen":"::", "listen_port":333, "users":[ { "name":"xxx", "uuid":"xxx", "alterId":0 } ], "sniff":true, "sniff_override_destination":true, "tls":{ "enabled":true, "server_name":"vps1.com", "alpn":[ "h2" ], "certificate_path":"/xx/xx.crt", "key_path":"/xx/xx.key" }, "transport":{ "type":"grpc", "service_name":"ForOwnUsedOnly" } } ], "outbounds":[ { "type":"shadowsocks", "tag":"Unlock", "server":"vps2ip", "server_port":12345, "method":"aes-128-gcm", "password":"password" } ] } ```
jh0072110 commented 1 year ago

PS2:它不是完全连不到,他就是…几乎连不到…偶然还是能连一下来着

你意思是你觉得你的VPS1 开的ss 到VPS2 时通时不通?

你可以把VPS1的配置改为下面的,意思是VPS1把全部转到VPS2。这样来测试1到2之间互相到底通不通。

点击查看详细步骤

v1老先生还在被爆破失联中… 其实不需要…因为之前用xray时候完全没问题(说是之前吧…也就是一两天前,因为sing的这个问题解决不清我就切回xray了,今儿不信邪又试了试sing)… 所以…如果不是config写的不合适(我看着挺合适来着…)我估摸着真是sing的问题了……

jh0072110 commented 1 year ago

算了,我感觉是sing的问题,把这个需要分流的换回xray了……