diff --git a/docs/configuration/inbound/tun.md b/docs/configuration/inbound/tun.md index d00d813a..0cb08729 100644 --- a/docs/configuration/inbound/tun.md +++ b/docs/configuration/inbound/tun.md @@ -1,7 +1,11 @@ --- -icon: material/alert-decagram +icon: material/new-box --- +!!! quote "Changes in sing-box 1.12.0" + + :material-plus: [loopback_address](#loopback_address) + !!! quote "Changes in sing-box 1.11.0" :material-delete-alert: [gso](#gso) @@ -56,9 +60,12 @@ icon: material/alert-decagram "auto_route": true, "iproute2_table_index": 2022, "iproute2_rule_index": 9000, - "auto_redirect": false, + "auto_redirect": true, "auto_redirect_input_mark": "0x2023", "auto_redirect_output_mark": "0x2024", + "loopback_address": [ + "10.0.7.1" + ], "strict_route": true, "route_address": [ "0.0.0.0/1", @@ -66,7 +73,6 @@ icon: material/alert-decagram "::/1", "8000::/1" ], - "route_exclude_address": [ "192.168.0.0/16", "fc00::/7" @@ -117,7 +123,6 @@ icon: material/alert-decagram "match_domain": [] } }, - // Deprecated "gso": false, "inet4_address": [ @@ -140,8 +145,8 @@ icon: material/alert-decagram "inet6_route_exclude_address": [ "fc00::/7" ], - - ... // Listen Fields + ... + // Listen Fields } ``` @@ -273,6 +278,16 @@ Connection output mark used by `auto_redirect`. `0x2024` is used by default. +#### loopback_address + +!!! question "Since sing-box 1.12.0" + +Loopback addresses make TCP connections to the specified address connect to the source address. + +Setting option value to `10.0.7.1` achieves the same behavior as SideStore/StosVPN. + +When `auto_redirect` is enabled, the same behavior can be achieved for LAN devices (not just local) as a gateway. + #### strict_route Enforce strict routing rules when `auto_route` is enabled: diff --git a/docs/configuration/inbound/tun.zh.md b/docs/configuration/inbound/tun.zh.md index 391097eb..bddaeef5 100644 --- a/docs/configuration/inbound/tun.zh.md +++ b/docs/configuration/inbound/tun.zh.md @@ -1,7 +1,11 @@ --- -icon: material/alert-decagram +icon: material/new-box --- +!!! quote "sing-box 1.12.0 中的更改" + + :material-plus: [loopback_address](#loopback_address) + !!! quote "sing-box 1.11.0 中的更改" :material-delete-alert: [gso](#gso) @@ -56,9 +60,12 @@ icon: material/alert-decagram "auto_route": true, "iproute2_table_index": 2022, "iproute2_rule_index": 9000, - "auto_redirect": false, + "auto_redirect": true, "auto_redirect_input_mark": "0x2023", "auto_redirect_output_mark": "0x2024", + "loopback_address": [ + "10.0.7.1" + ], "strict_route": true, "route_address": [ "0.0.0.0/1", @@ -270,6 +277,16 @@ tun 接口的 IPv6 前缀。 默认使用 `0x2024`。 +#### loopback_address + +!!! question "自 sing-box 1.12.0 起" + +环回地址是用于使指向指定地址的 TCP 连接连接到来源地址的。 + +将选项值设置为 `10.0.7.1` 可实现与 SideStore/StosVPN 相同的行为。 + +当启用 `auto_redirect` 时,可以作为网关为局域网设备(而不仅仅是本地)实现相同的行为。 + #### strict_route 当启用 `auto_route` 时,强制执行严格的路由规则: diff --git a/go.mod b/go.mod index 6a94902c..792459a4 100644 --- a/go.mod +++ b/go.mod @@ -34,7 +34,7 @@ require ( github.com/sagernet/sing-shadowsocks v0.2.8 github.com/sagernet/sing-shadowsocks2 v0.2.1 github.com/sagernet/sing-shadowtls v0.2.1-0.20250503051639-fcd445d33c11 - github.com/sagernet/sing-tun v0.6.6-0.20250428031943-0686f8c4f210 + github.com/sagernet/sing-tun v0.6.6-0.20250610083027-da0a50057fb5 github.com/sagernet/sing-vmess v0.2.4-0.20250605032146-38cc72672c88 github.com/sagernet/smux v1.5.34-mod.2 github.com/sagernet/tailscale v1.80.3-mod.5 diff --git a/go.sum b/go.sum index f7dab672..7472835a 100644 --- a/go.sum +++ b/go.sum @@ -180,8 +180,8 @@ github.com/sagernet/sing-shadowsocks2 v0.2.1 h1:dWV9OXCeFPuYGHb6IRqlSptVnSzOelnq github.com/sagernet/sing-shadowsocks2 v0.2.1/go.mod h1:RnXS0lExcDAovvDeniJ4IKa2IuChrdipolPYWBv9hWQ= github.com/sagernet/sing-shadowtls v0.2.1-0.20250503051639-fcd445d33c11 h1:tK+75l64tm9WvEFrYRE1t0YxoFdWQqw/h7Uhzj0vJ+w= github.com/sagernet/sing-shadowtls v0.2.1-0.20250503051639-fcd445d33c11/go.mod h1:sWqKnGlMipCHaGsw1sTTlimyUpgzP4WP3pjhCsYt9oA= -github.com/sagernet/sing-tun v0.6.6-0.20250428031943-0686f8c4f210 h1:6H4BZaTqKI3YcDMyTV3E576LuJM4S4wY99xoq2T1ECw= -github.com/sagernet/sing-tun v0.6.6-0.20250428031943-0686f8c4f210/go.mod h1:fisFCbC4Vfb6HqQNcwPJi2CDK2bf0Xapyz3j3t4cnHE= +github.com/sagernet/sing-tun v0.6.6-0.20250610083027-da0a50057fb5 h1:zlcioVa11g8VLz5L0yPG7PbvQrw7mrxkDDdlMPEgqDk= +github.com/sagernet/sing-tun v0.6.6-0.20250610083027-da0a50057fb5/go.mod h1:fisFCbC4Vfb6HqQNcwPJi2CDK2bf0Xapyz3j3t4cnHE= github.com/sagernet/sing-vmess v0.2.4-0.20250605032146-38cc72672c88 h1:0pVm8sPOel+BoiCddW3pV3cKDKEaSioVTYDdTSKjyFI= github.com/sagernet/sing-vmess v0.2.4-0.20250605032146-38cc72672c88/go.mod h1:IL8Rr+EGwuqijszZkNrEFTQDKhilEpkqFqOlvdpS6/w= github.com/sagernet/smux v1.5.34-mod.2 h1:gkmBjIjlJ2zQKpLigOkFur5kBKdV6bNRoFu2WkltRQ4= diff --git a/option/tun.go b/option/tun.go index 9263dd16..89affb23 100644 --- a/option/tun.go +++ b/option/tun.go @@ -20,6 +20,7 @@ type TunInboundOptions struct { AutoRedirect bool `json:"auto_redirect,omitempty"` AutoRedirectInputMark FwMark `json:"auto_redirect_input_mark,omitempty"` AutoRedirectOutputMark FwMark `json:"auto_redirect_output_mark,omitempty"` + LoopbackAddress badoption.Listable[netip.Addr] `json:"loopback_address,omitempty"` StrictRoute bool `json:"strict_route,omitempty"` RouteAddress badoption.Listable[netip.Prefix] `json:"route_address,omitempty"` RouteAddressSet badoption.Listable[string] `json:"route_address_set,omitempty"` diff --git a/protocol/tun/inbound.go b/protocol/tun/inbound.go index 7c80ebba..36714abe 100644 --- a/protocol/tun/inbound.go +++ b/protocol/tun/inbound.go @@ -190,6 +190,8 @@ func NewInbound(ctx context.Context, router adapter.Router, logger log.ContextLo IPRoute2RuleIndex: ruleIndex, AutoRedirectInputMark: inputMark, AutoRedirectOutputMark: outputMark, + Inet4LoopbackAddress: common.Filter(options.LoopbackAddress, netip.Addr.Is4), + Inet6LoopbackAddress: common.Filter(options.LoopbackAddress, netip.Addr.Is6), StrictRoute: options.StrictRoute, IncludeInterface: options.IncludeInterface, ExcludeInterface: options.ExcludeInterface,