From 6fab7c0c83970a8bf1ee274a6f698606d87c31a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= Date: Thu, 9 Nov 2023 17:04:08 +0800 Subject: [PATCH] documentation: Bump version & Refactor docs --- docs/changelog.md | 56 ------------ docs/clients/android/index.md | 4 +- docs/clients/apple/index.md | 6 +- docs/manual/proxy-protocol/tuic.md | 2 +- docs/manual/proxy/client.md | 140 +---------------------------- docs/manual/proxy/tun.md | 66 ++++++++++++++ docs/support.md | 2 +- docs/support.zh.md | 2 +- 8 files changed, 75 insertions(+), 203 deletions(-) create mode 100644 docs/manual/proxy/tun.md diff --git a/docs/changelog.md b/docs/changelog.md index 94a71471..aa80e1fc 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -4,62 +4,6 @@ icon: material/alert-decagram # ChangeLog -#### 1.7.0 - -* Fixes and improvements - -Important changes since 1.6: - -* Add [exclude route support](/configuration/inbound/tun) for TUN inbound -* Add `udp_disable_domain_unmapping` [inbound listen option](/configuration/shared/listen) **1** -* Add [HTTPUpgrade V2Ray transport](/configuration/shared/v2ray-transport#HTTPUpgrade) support **2** -* Migrate multiplex and UoT server to inbound **3** -* Add TCP Brutal support for multiplex **4** -* Add `wifi_ssid` and `wifi_bssid` route and DNS rules **5** -* Update quic-go to v0.40.0 -* Update gVisor to 20231113.0 - -**1**: - -If enabled, for UDP proxy requests addressed to a domain, -the original packet address will be sent in the response instead of the mapped domain. - -This option is used for compatibility with clients that -do not support receiving UDP packets with domain addresses, such as Surge. - -**2**: - -Introduced in V2Ray 5.10.0. - -The new HTTPUpgrade transport has better performance than WebSocket and is better suited for CDN abuse. - -**3**: - -Starting in 1.7.0, multiplexing support is no longer enabled by default and needs to be turned on explicitly in inbound options. - -**4** - -Hysteria Brutal Congestion Control Algorithm in TCP. A kernel module needs to be installed on the Linux server, see [TCP Brutal](/configuration/shared/tcp-brutal) for details. - -**5**: - -Only supported in graphical clients on Android and iOS. - -#### 1.7.0-rc.3 - -* Fixes and improvements - -#### 1.6.7 - -* macOS: Add button for uninstall SystemExtension in the standalone graphical client -* Fix missing UDP user context on TUIC/Hysteria2 inbounds -* Fixes and improvements - -#### 1.7.0-rc.2 - -* Fix missing UDP user context on TUIC/Hysteria2 inbounds -* macOS: Add button for uninstall SystemExtension in the standalone graphical client - #### 1.6.6 * Fixes and improvements diff --git a/docs/clients/android/index.md b/docs/clients/android/index.md index cbd1d387..babef283 100644 --- a/docs/clients/android/index.md +++ b/docs/clients/android/index.md @@ -15,8 +15,8 @@ platform-specific function implementation, such as TUN transparent proxy impleme * [Play Store](https://play.google.com/store/apps/details?id=io.nekohasekai.sfa) * [Play Store (Beta)](https://play.google.com/apps/testing/io.nekohasekai.sfa) -* [GitHub Releases](https://github.com/SagerNet/sing-box/releases) +* [Github Releases](https://github.com/SagerNet/sing-box/releases) ## :material-source-repository: Source code -* [GitHub](https://github.com/SagerNet/sing-box-for-android) +* [Github](https://github.com/SagerNet/sing-box-for-android) diff --git a/docs/clients/apple/index.md b/docs/clients/apple/index.md index 36a4edd9..72cf5f46 100644 --- a/docs/clients/apple/index.md +++ b/docs/clients/apple/index.md @@ -14,7 +14,7 @@ platform-specific function implementation, such as TUN transparent proxy impleme ## :material-download: Download -* [App Store](https://apps.apple.com/us/app/sing-box/id6451272673) +* [AppStore](https://apps.apple.com/us/app/sing-box/id6451272673) * [TestFlight (Beta)](https://testflight.apple.com/join/AcqO44FH) ## :material-file-download: Download (macOS standalone version) @@ -25,8 +25,8 @@ platform-specific function implementation, such as TUN transparent proxy impleme brew install sfm ``` -* [GitHub Releases](https://github.com/SagerNet/sing-box/releases) +* [Github Releases](https://github.com/SagerNet/sing-box/releases) ## :material-source-repository: Source code -* [GitHub](https://github.com/SagerNet/sing-box-for-apple) +* [Github](https://github.com/SagerNet/sing-box-for-apple) diff --git a/docs/manual/proxy-protocol/tuic.md b/docs/manual/proxy-protocol/tuic.md index a2e01d88..632be317 100644 --- a/docs/manual/proxy-protocol/tuic.md +++ b/docs/manual/proxy-protocol/tuic.md @@ -12,7 +12,7 @@ A recently popular Chinese-made simple protocol based on QUIC, the selling point | Specification | Binary Characteristics | Active Detect Hiddenness | |-----------------------------------------------------------|------------------------|--------------------------| -| [GitHub](https://github.com/EAimTY/tuic/blob/dev/SPEC.md) | :material-alert: | :material-check: | +| [Github](https://github.com/EAimTY/tuic/blob/dev/SPEC.md) | :material-alert: | :material-check: | ## Password Generator diff --git a/docs/manual/proxy/client.md b/docs/manual/proxy/client.md index 60db02de..675c2af0 100644 --- a/docs/manual/proxy/client.md +++ b/docs/manual/proxy/client.md @@ -70,7 +70,7 @@ flowchart TB assemble --> conn[TCP and UDP connections] conn --> router[sing-box Router] router --> direct[Direct outbound] - router --> proxy[Proxy outbounds] + router --> proxy[Proxy outbounds] router -- DNS hijack --> dns_out[DNS outbound] dns_out --> dns_router[DNS router] dns_router --> router @@ -284,142 +284,4 @@ flowchart TB "auto_detect_interface": true } } - ``` - -### Traffic bypass usage for Chinese users - -=== ":material-dns: DNS rules" - - !!! info - - DNS rules are optional if FakeIP is used. - - ```json - { - "dns": { - "servers": [ - { - "tag": "google", - "address": "tls://8.8.8.8" - }, - { - "tag": "local", - "address": "223.5.5.5", - "detour": "direct" - } - ], - "rules": [ - { - "outbound": "any", - "server": "local" - }, - { - "clash_mode": "Direct", - "server": "local" - }, - { - "clash_mode": "Global", - "server": "google" - }, - { - "type": "logical", - "mode": "and", - "rules": [ - { - "geosite": "geolocation-!cn", - "invert": true - }, - { - "geosite": [ - "cn", - "category-companies@cn" - ], - } - ], - "server": "local" - } - ] - } - } - ``` - -=== ":material-router-network: Route rules" - - ```json - { - "outbounds": [ - { - "type": "direct", - "tag": "direct" - }, - { - "type": "block", - "tag": "block" - } - ], - "route": { - "rules": [ - { - "type": "logical", - "mode": "or", - "rules": [ - { - "protocol": "dns" - }, - { - "port": 53 - } - ], - "outbound": "dns" - }, - { - "geoip": "private", - "outbound": "direct" - }, - { - "clash_mode": "Direct", - "outbound": "direct" - }, - { - "clash_mode": "Global", - "outbound": "default" - }, - { - "type": "logical", - "mode": "or", - "rules": [ - { - "port": 853 - }, - { - "network": "udp", - "port": 443 - }, - { - "protocol": "stun" - } - ], - "outbound": "block" - }, - { - "type": "logical", - "mode": "and", - "rules": [ - { - "geosite": "geolocation-!cn", - "invert": true - }, - { - "geosite": [ - "cn", - "category-companies@cn" - ], - "geoip": "cn" - } - ], - "outbound": "direct" - } - ] - } - } ``` \ No newline at end of file diff --git a/docs/manual/proxy/tun.md b/docs/manual/proxy/tun.md new file mode 100644 index 00000000..65cfb1cf --- /dev/null +++ b/docs/manual/proxy/tun.md @@ -0,0 +1,66 @@ +# :material-expansion-card: TUN + +## :material-text-box: Definition + +Refers to TUNnel, a virtual network device supported by the kernel. +It’s also used in sing-box to denote the extensive functionality surrounding TUN inbound: +including traffic assembly, automatic routing, and network and default interface monitoring. + +The following flow chart describes the minimal TUN-based transparent proxy process in sing-box: + +``` mermaid +flowchart LR + subgraph inbound [Inbound] + direction TB + packet[IP Packet] + packet --> windows[Windows / macOS] + packet --> linux[Linux] + tun[TUN interface] + windows -. route .-> tun + linux -. iproute2 route/rule .-> tun + tun --> gvisor[gVisor TUN stack] + tun --> system[system TUN stack] + assemble([L3 to L4 assemble]) + gvisor --> assemble + system --> assemble + assemble --> conn[TCP and UDP connections] + conn --> router[sing-box Router] + end + + subgraph outbound [Outbound] + direction TB + direct[Direct outbound] + proxy[Proxy outbounds] + direct --> adi([auto detect interface]) + proxy --> adi + adi --> default[Default network interface in the system] + default --> destination[Destination server] + default --> proxy_server[Proxy server] + proxy_server --> destination + end + + inbound --> outbound +``` + +## :material-help-box: How to + +A basic TUN-based transparent proxy configuration file includes: an TUN inbound, `route.auto_detect_interface`, like: + +```json +{ + "inbounds": [ + { + "type": "tun", + "inet4_address": "172.19.0.1/30", + "inet6_address": "fdfe:dcba:9876::1/126", + "auto_route": true, + "strict_route": true + } + ], + "route": { + "auto_detect_interface": true + } +} +``` + +TODO: finish this wiki \ No newline at end of file diff --git a/docs/support.md b/docs/support.md index 9ddb4ecf..ec5aaecc 100644 --- a/docs/support.md +++ b/docs/support.md @@ -7,7 +7,7 @@ icon: material/forum | Channel | Link | |:------------------------------|:--------------------------------------------| | Community | https://community.sagernet.org | -| GitHub Issues | https://github.com/SagerNet/sing-box/issues | +| Github Issues | https://github.com/SagerNet/sing-box/issues | | Telegram notification channel | https://t.me/yapnc | | Telegram user group | https://t.me/yapug | | Email | contact@sagernet.org | diff --git a/docs/support.zh.md b/docs/support.zh.md index eb07ea82..11e04218 100644 --- a/docs/support.zh.md +++ b/docs/support.zh.md @@ -7,7 +7,7 @@ icon: material/forum | 通道 | 链接 | |:--------------|:--------------------------------------------| | 社区 | https://community.sagernet.org | -| GitHub Issues | https://github.com/SagerNet/sing-box/issues | +| Github Issues | https://github.com/SagerNet/sing-box/issues | | Telegram 通知频道 | https://t.me/yapnc | | Telegram 用户组 | https://t.me/yapug | | 邮件 | contact@sagernet.org |