sing-box 的高级用法,匹配进程名字分发流量
按域名分发流量存在很大的问题,比如:
- 我们使用的被 GFW 屏蔽的域名列表肯定不全
- 即使指定某域名如 zzyyx.com 走代理,但浏览器页面中很可能用到其他域名,这些域名可能不走代理,这就可能暴露本机真实 IP
打开 SingBox 的网页控制面板 http://127.0.0.1:9090 可以切换科学上网的模式:直连、规则、全局,但这种方式并非最佳:
- 手动切换有些麻烦
- 可切换的模式有限
- 不够灵活。比如,切换到全局,但是我们可能不希望有些流量走代理
在 singbox 的配置文件中加上按进程分发流量,这时,一个接近完美的上网世界呈现在我们眼前
我们上网时最常用的软件是浏览器,我们可能有三种需求:直连、普通的代理、Tor,我们可以用三个不同的浏览器满足各种需求:
- 一个浏览器的流量全部直连
- 一个浏览器的流量全部走自建代理或机场代理
- 一个浏览器的流量全部走 Tor
做法很简单:
- 下载三个进程名字不同的浏览器
- 在 singbox 的配置文件中定义流量分发规则
singbox rule_set 中加上如上规则:
{
"tag": "process_name-tor",
"type": "local",
"format": "source",
"path": "conf/process_name-tor.json"
},
{
"tag": "process_name-proxy",
"type": "local",
"format": "source",
"path": "conf/process_name-proxy.json"
},
{
"tag": "process_name-direct",
"type": "local",
"format": "source",
"path": "conf/process_name-direct.json"
}
以上是三个本机配置文件,和远程配置文件的区别是,本机配置文件你修改以后,启动 singbox 或者在网页控制面板重载配置文件,会立即应用新配置,而远程配置文件则未必
-
process_name-tor.json流量全部走 Tor 的进程名字,示例:{ "version": 1, "rules": [ { "process_name": [ "msedge.exe", "git.exe", "Dropbox.exe", "DropboxUpdate.exe", "YoutubeDownloader.exe" ] } ] } -
process_name-proxy.json流量全部走代理的进程名字{ "version": 1, "rules": [ { "process_name": [ "mullvadbrowser.exe", "Dropbox.exe", "DropboxUpdate.exe" ] } ] } -
process_name-direct.json流量全部走直连的进程名字{ "version": 1, "rules": [ { "process_name": [ "chrome.exe", "WeChat.exe", "TencentMeeting.exe" ] } ] }
以上面设置为例,运行相关代理软件后,这时,在浏览器中我们想要全局直连时就打开 Chrome 浏览器,想要全局代理就打开 Mullvad 浏览器,想要全局 Tor 时就打开 Edge 浏览器。你可以只打开一个浏览器,即使同时打开三个浏览器,三者也互不影响
上面举例的是 Windows 系统的进程名字,也就是 .exe 结尾的程序名
找到 Windows 进程名字的方法,按 Windows 键,输入软件快捷方式的名字如 mullvad,再在显示的快捷方式图标上右键,Open file location,继续类似操作,直到看到相关 .exe 文件名字
singbox config.json 完整配置文件
{
"log": {
"disabled": false,
"level": "debug",
"output": "box.log",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "dns_resolver-tx",
"address": "119.29.29.29",
"detour": "out-direct"
},
{
"tag": "dns-direct",
"address": "https://120.53.53.53/dns-query",
"address_resolver": "dns_resolver-tx",
"detour": "out-direct"
},
{
"tag": "dns-direct-tx",
"address": "https://120.53.53.53/dns-query",
"address_resolver": "dns_resolver-tx",
"detour": "out-direct"
},
{
"tag": "dns-direct-al",
"address": "https://223.5.5.5/dns-query",
"address_resolver": "dns_resolver-tx",
"detour": "out-direct"
},
{
"tag": "dns-proxy",
// https://coding.gs/2024/06/09/available-doh/
//"address": "https://doh.apad.pro/dns-query",
//CF
//"address": "https://162.159.36.1/dns-query",
//Open
"address": "https://208.67.222.222/dns-query",
// "IBM",
//"address": "https://149.112.112.112/dns-query",
"address_resolver": "dns_resolver-tx",
"detour": "out-proxy"
},
{
"tag": "dns-block",
"address": "rcode://refused"
}
],
"rules": [
{
"outbound": "any",
"server": "dns_resolver-tx"
},
{
"rule_set": "domain-fanqiang-server",
"server": "dns-proxy"
},
{
"clash_mode": "direct",
"server": "dns-direct"
},
{
"clash_mode": "global",
"server": "dns-proxy"
},
{
"rule_set": ["domain-tor", "domain-proxy"],
"server": "dns-proxy"
},
{
"rule_set": "geosite-dustinwin-ads",
"server": "dns-block"
},
{
"rule_set": "process_name-direct",
"server": "dns-direct"
},
{
"rule_set": ["process_name-proxy", "process_name-tor"],
"server": "dns-proxy"
},
{
"rule_set":"geosite-gfw",
"server": "dns-proxy"
},
{
"rule_set": "geosite-ai",
"server": "dns-proxy"
},
{
"rule_set": [
"geosite-cn",
"geosite-geolocation-cn"
],
"server": "dns-direct"
}
],
"strategy": "ipv4_only",
"final": "dns-proxy"
},
"ntp": {
"enabled": true,
"server": "time.apple.com",
"server_port": 123,
"interval": "30m0s",
"detour": "out-direct"
},
"inbounds": [
{
"tag": "tun-in",
"type": "tun",
"interface_name": "ff3fffb78d",
"inet4_address": "172.19.0.1/30",
"mtu": 9000,
"stack": "mixed",
"auto_route": true,
"strict_route": true,
"sniff": true
},
{
"tag": "socks-in",
"type": "socks",
"listen": "::",
"listen_port": 5319
}
],
"outbounds": [
{
"tag": "out-dns",
"type": "dns"
},
{
"tag": "out-direct",
"type": "direct"
},
{
"tag": "out-block",
"type": "block"
},
{
"tag": "out-proxy",
"type": "selector",
"outbounds": ["proxy-overtls"],
"default": "proxy-overtls"
},
{
"type": "socks",
"tag": "proxy-overtls",
"server": "127.0.0.1",
"server_port": 765,
"network": "tcp",
"udp_over_tcp": {
"enabled": false
}
},
{
"tag": "out-tor",
"type": "selector",
"outbounds": ["proxy-tor"],
"default": "proxy-tor"
},
{
"tag": "proxy-tor",
"type": "socks",
"server": "127.0.0.1",
"server_port": 9050,
"network": "tcp",
"udp_over_tcp": {
"enabled": false
}
}
],
"route": {
"rules": [
{
"type": "logical",
"mode": "or",
"rules": [
{ "protocol": "dns" },
{ "port": 53 }
],
"outbound": "out-dns"
},
{
"rule_set": "domain-fanqiang-server",
"outbound": "out-direct"
},
{
"rule_set": "ip-direct",
"outbound": "out-direct"
},
{
"clash_mode": "direct",
"outbound": "out-direct"
},
{
"clash_mode": "global",
"outbound": "out-proxy"
},
{
"rule_set": "domain-proxy",
"outbound": "out-proxy"
},
{
"rule_set": "domain-tor",
"outbound": "out-tor"
},
{
"rule_set": "process_name-proxy",
"outbound": "out-proxy"
},
{
"rule_set": "process_name-tor",
"outbound": "out-tor"
},
{
"rule_set": "process_name-direct",
"outbound": "out-direct"
},
{
"rule_set": "geosite-ai",
"outbound": "out-proxy"
},
{
"rule_set": "geosite-gfw",
"outbound": "out-proxy"
},
{
"type": "logical",
"mode": "and",
"rules": [
{
"rule_set": "geosite-geolocation-!cn"
},
{
"rule_set": "geoip-cn",
"invert": true
}
],
"outbound": "out-proxy"
},
{
"protocol": "quic",
"outbound": "out-block"
},
{
"inbound": "socks-in",
"outbound": "out-proxy"
},
{
"rule_set": [
"geosite-cn",
"geosite-geolocation-cn",
"geoip-cn"
],
"outbound": "out-direct"
},
{
"ip_is_private": true,
"outbound": "out-direct"
}
],
"rule_set": [
{
"tag": "process_name-tor",
"type": "local",
"format": "source",
"path": "conf/process_name-tor.json"
},
{
"tag": "process_name-proxy",
"type": "local",
"format": "source",
"path": "conf/process_name-proxy.json"
},
{
"tag": "process_name-direct",
"type": "local",
"format": "source",
"path": "conf/process_name-direct.json"
},
{
"tag": "domain-fanqiang-server",
"type": "local",
"format": "source",
"path": "conf/domain-fanqiang-server.json"
},
{
"tag": "domain-tor",
"type": "local",
"format": "source",
"path": "conf/domain-tor.json"
},
{
"tag": "domain-proxy",
"type": "local",
"format": "source",
"path": "conf/domain-proxy.json"
},
{
"tag": "ip-direct",
"type": "local",
"format": "source",
"path": "conf/ip-direct.json"
},
{
"tag": "geoip-cn",
"type": "remote",
"format": "binary",
"url": "https://ghp.ci/https://github.com/SagerNet/sing-geoip/raw/refs/heads/rule-set/geoip-cn.srs",
"update_interval": "10d",
"download_detour": "out-direct"
},
{
"tag": "geosite-geolocation-cn",
"type": "remote",
"format": "binary",
"url": "https://ghp.ci/https://github.com/SagerNet/sing-geosite/raw/refs/heads/rule-set/geosite-geolocation-cn.srs",
"update_interval": "10d",
"download_detour": "out-direct"
},
{
"tag": "geosite-geolocation-!cn",
"type": "remote",
"format": "binary",
"url": "https://ghp.ci/https://github.com/SagerNet/sing-geosite/raw/refs/heads/rule-set/geosite-geolocation-!cn.srs",
"update_interval": "10d",
"download_detour": "out-direct"
},
{
"tag": "geosite-gfw",
"type": "remote",
"format": "binary",
"url": "https://ghp.ci/https://github.com/Toperlock/sing-box-geosite/raw/refs/heads/main/rule/gfw.srs",
"update_interval": "10d",
"download_detour": "out-direct"
},
{
"tag": "geosite-cn",
"type": "remote",
"format": "binary",
"url": "https://ghp.ci/https://github.com/SagerNet/sing-geosite/raw/refs/heads/rule-set/geosite-cn.srs",
"update_interval": "10d",
"download_detour": "out-direct"
},
{
"tag": "geosite-ai",
"type": "remote",
"format": "binary",
"url": "https://ghp.ci/https://github.com/DustinWin/ruleset_geodata/raw/refs/heads/sing-box-ruleset-compatible/ai.srs",
"update_interval": "10d",
"download_detour": "out-direct"
},
{
"tag": "geosite-dustinwin-ads",
"type": "remote",
"format": "binary",
"url": "https://ghp.ci/https://github.com/DustinWin/ruleset_geodata/raw/refs/heads/sing-box-ruleset-compatible/ads.srs",
"update_interval": "10d",
"download_detour": "out-direct"
}
],
"final": "out-proxy",
"find_process": true,
"auto_detect_interface": true
},
"experimental": {
"cache_file": {
"enabled": true,
"path": "zz_/cache.db",
"store_rdrc": true
},
"clash_api": {
"external_controller": "127.0.0.1:9090",
"external_ui": "ui",
"external_ui_download_url": "https://ghp.ci/https://github.com/MetaCubeX/Yacd-meta/archive/gh-pages.zip",
"external_ui_download_detour": "out-direct",
"default_mode": "rule"
}
}
}
相关内容
- overtls 搭配 sing-box 科学上网的方法
- overtls + sing-box,分享一个比较完美的 sing-box 配置
- Tor 命令行 + singbox + overtls 实现匿名科学上网
2024-12-23