原版Openwrt部署Sing-Box
🚀 OpenWrt 部署 Sing-Box 全流程
SingBox,科学界鼎鼎有名。但一直没尝试,也没接触过,就知道很难,很麻烦。如今,原版Openwrt都部署了,为何不试试SingBox。
安装Sing-Box
安装是所有步骤里面最简单的。
命令安装
opkg update
opkg install sing-box
图形界面安装
- 进入 OpenWrt 的 LuCI → 系统 → 软件包
- 搜索
sing-box并安装即可
配置Sing-Box
vi /etc/sing-box/config.json
下面给出一个 完整示例配置,你可以直接复制,然后按需添加点信息、修改端口和用户名密码。
{
"dns": {
"servers": [
{"tag": "local", "type": "udp", "server": "223.5.5.5"},
{"tag": "public", "type": "https", "server": "dns.alidns.com", "domain_resolver": "local"},
{"tag": "foreign", "type": "https", "server": "8.8.8.8", "detour": "🚀 节点选择"},
{"tag": "fakeip", "type": "fakeip", "inet4_range": "198.18.0.0/15", "inet6_range": "fc00::/18"}
],
"rules": [
{"rule_set": ["geosite-adblock"], "action": "predefined", "rcode": "REFUSED"},
{"clash_mode": "direct", "server": "local"},
{"clash_mode": "global", "server": "fakeip"},
{"query_type": "HTTPS", "action": "reject"},
{"domain_suffix": ["services.googleapis.cn", "googleapis.cn", "xn--ngstr-lra8j.com"], "server": "foreign"},
{"rule_set": ["geosite-cn"], "server": "local"},
{"query_type": ["A", "AAAA"], "server": "fakeip", "rewrite_ttl": 1}
],
"final": "foreign",
"strategy": "ipv4_only",
"independent_cache": true,
"reverse_mapping": true
},
"outbounds": [
{"tag": "🚀 节点选择", "type": "selector", "outbounds": ["♻️ 自动选择", "🎯 全球直连", "KR", "Chatgpt", "韩国arm", "arm", "tw", "hk", "us GCP", "us"]},
{"tag": "♻️ 自动选择", "type": "urltest", "outbounds": ["KR2", "Chatgpt", "韩国arm", "arm", "tw", "hk", "us GCP", "us"], "interval": "10m", "tolerance": 100},
{"tag": "📞 Talkatone", "type": "selector", "outbounds": ["us GCP", "us"]},
{"tag": "💬 Chatgpt", "type": "selector", "outbounds": ["KR2", "Chatgpt"]},
{"tag": "GLOBAL", "type": "selector", "outbounds": ["🚀 节点选择", "♻️ 自动选择", "📞 Talkatone", "💬 Chatgpt", "🎯 全球直连"]},
{"tag": "🎯 全球直连", "type": "direct"}
],
"route": {
"rules": [
{"action": "sniff", "sniffer": ["http", "tls", "quic", "dns"]},
{"type": "logical", "mode": "or", "rules": [{"port": 53}, {"protocol": "dns"}], "action": "hijack-dns"},
{"ip_is_private": true, "outbound": "🎯 全球直连"},
{"clash_mode": "direct", "outbound": "🎯 全球直连"},
{"clash_mode": "global", "outbound": "GLOBAL"},
{"rule_set": "geosite-google", "outbound": "🚀 节点选择"},
{"rule_set": "geosite-!cn", "outbound": "🚀 节点选择"},
{"rule_set": "geosite-cn", "outbound": "🎯 全球直连"},
{"rule_set": "geosite-talkatone", "outbound": "📞 Talkatone"},
{"rule_set": "geosite-chat", "outbound": "💬 Chatgpt"},
{"rule_set": "geoip-cn", "outbound": "🎯 全球直连"}
],
"rule_set": [
{"tag": "geosite-adblock", "type": "remote", "format": "binary", "url": "https://gh-proxy.com/https://raw.githubusercontent.com/privacy-protection-tools/anti-ad.github.io/master/docs/anti-ad-sing-box.srs", "download_detour": "🎯 全球直连"},
{"tag": "geosite-chat", "type": "remote", "format": "binary", "url": "https://gh-proxy.com/https://raw.githubusercontent.com/CC342/list/main/category-ai-chat-!cn.srs", "download_detour": "🎯 全球直连"},
{"tag": "geosite-!cn", "type": "remote", "format": "binary", "url": "https://gh-proxy.com/https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/sing/geo/geosite/geolocation-!cn.srs", "download_detour": "🎯 全球直连"},
{"tag": "geosite-cn", "type": "remote", "format": "binary", "url": "https://gh-proxy.com/https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/sing/geo/geosite/cn.srs", "download_detour": "🎯 全球直连"},
{"tag": "geosite-talkatone", "type": "remote", "format": "binary", "url": "https://gh-proxy.com/https://raw.githubusercontent.com/CC342/list/main/talkatone.srs", "download_detour": "🎯 全球直连"},
{"tag": "geosite-google", "type": "remote", "format": "binary", "url": "https://gh-proxy.com/https://raw.githubusercontent.com/MetaCubeX/meta-rules-dat/sing/geo/geosite/google.srs", "download_detour": "🎯 全球直连"},
{"tag": "geoip-cn", "type": "remote", "format": "binary", "url": "https://gh-proxy.com/https://github.com/qljsyph/ruleset-icon/raw/refs/heads/main/sing-box/geoip/China-ASN-combined-ip.srs", "download_detour": "🎯 全球直连"}
],
"final": "🚀 节点选择",
"auto_detect_interface": true,
"default_domain_resolver": {"server": "public"}
},
"inbounds": [
{
"tag": "tun-in",
"type": "tun",
"address": [
"172.19.0.1/30",
"fdfe:dcba:9876::1/126"
],
"mtu": 9000,
"auto_route": true,
"auto_redirect": true,
"strict_route": true
},
{
"type": "socks",
"listen": "0.0.0.0",
"listen_port": 1080,
"users": [
{
"username": "xx",
"password": "xxxxxxxx"
}
]
},
{
"type": "http",
"listen": "0.0.0.0",
"listen_port": 1081,
"users": [
{
"username": "xx",
"password": "xxxxxxx"
}
]
}
],
"experimental": {
"cache_file": {
"enabled": true,
"path": "/etc/sing-box/cache.db",
"store_fakeip": true
},
"clash_api": {
"external_controller": "0.0.0.0:9099",
"external_ui": "/etc/sing-box/ui",
"external_ui_download_url": "https://gh-proxy.com/https://github.com/Zephyruso/zashboard/archive/refs/heads/gh-pages.zip",
"external_ui_download_detour": "🎯 全球直连",
"secret": "",
"default_mode": "rule"
}
},
"log": {
"disabled": false,
"level": "warn",
"timestamp": true
}
}
配置解释
-
DNS服务器:配置了四个
-- local:解析国内
-- public:加强DNS安全性
-- foreign:解析国外
-- fakeip:以fakeip出国 -
DNS路由规则:
-- DNS广告过滤
-- 直连走local
-- 全局走fakaip
-- 域名走foreign
-- 漏网走foregin -
出站:配置了6个组
-- 节点选择:手动选择
-- 自动选择:根据延迟,自动选择。前提是手动选择,选择了自动选择
-- Chatgpt:AI选择的节点
-- talkatone:专门给虚拟电话的节点,可惜已经登不上
-- Global:全局的节点选择
-- 全球直连:没的选,直接direct -
出站规则
-- hijack-dns劫持53端口
-- 把规则集对应到相应的组里。PS:google的规则集,是因为被广告误伤
-- adblock规则集不需要,已经放在DNS服务器过滤了 -
入站
-- tun口实现透明代理
-- http和socks代理,给docker使用 -
实验功能
-- zashboard面版,根据喜好更换。 -
日志
-- level一定要改成warn,不然容器load要爆。
验证配置文件
先检查配置文件是否有语法错误:
sing-box check -c /etc/sing-box/config.json
如果返回 configuration OK,就说明没问题。
启动 Sing-Box
/etc/init.d/sing-box start
开机自启:
/etc/init.d/sing-box enable
停止服务:
/etc/init.d/sing-box stop
访问面板
如果启用了Clash API + Zashboard面板,可以通过浏览器访问:
http://路由器IP:9099
默认没有密码(你可以在配置文件 secret 中设置)。
⚡ 到这里,OpenWrt上Sing-Box就部署成功了,并且可以用 tun透明代理、Socks/HTTP代理,配合Docker使用。
参考资料
- 七尺宇 - Youtube
PS:andriod版本配置
只需修改inbounds的模块,其他保持不变
-
inbounds
1、 删除tun模块里面
"auto_redirect": true, "strict_route": true
2、添加
"stack": "system"3、只保留tun模块,其他全删除
本文链接:
/archives/singbox
版权声明:
本站所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自
I-Meet!
喜欢就支持一下吧
