Linux安装Sing Box实现透明网关代理全家设备
必备:一台Linux服务器,推荐
Debian,下面为使用Debian演示
1、安装sing-box
bash <(curl -fsSL https://sing-box.app/deb-install.sh)
对于大陆服务器,需要替换镜像源下载 deb-install.sh
deb-install.sh
#!/bin/bash
set -e -o pipefail
ARCH_RAW=$(uname -m)
case "${ARCH_RAW}" in
'x86_64') ARCH='amd64';;
'x86' | 'i686' | 'i386') ARCH='386';;
'aarch64' | 'arm64') ARCH='arm64';;
'armv7l') ARCH='armv7';;
's390x') ARCH='s390x';;
*) echo "Unsupported architecture: ${ARCH_RAW}"; exit 1;;
esac
VERSION=$(curl -s https://api.github.com/repos/SagerNet/sing-box/releases/latest \
| grep tag_name \
| cut -d ":" -f2 \
| sed 's/\"//g;s/\,//g;s/\ //g;s/v//')
curl -Lo sing-box.deb "https://gh-proxy.com/https://github.com/SagerNet/sing-box/releases/download/v${VERSION}/sing-box_${VERSION}_linux_${ARCH}.deb"
sudo dpkg -i sing-box.deb
rm sing-box.deb
2、编写配置文件
这里使用了sing-box-subscribe更新订阅,更新配置文件
clone到本地 pip install -r requirements.txt
- 新增自定义配置文件模版,用官方的跳过此步
新建 config_template-c模版
cd config_template & nano config_template-c
config_template-c
{
"dns": {
"servers": [
{
"tag": "dns_proxy",
"address": "https://cloudflare-dns.com/dns-query",
"address_resolver": "dns_resolver",
"strategy": "ipv4_only",
"client_subnet": "1.0.1.0" ////替换为自己附近的IP,不建议自己的IP
},
{
"tag": "dns_direct",
"address": "https://doh.pub/dns-query",
"address_resolver": "dns_resolver",
"strategy": "ipv4_only",
"detour": "🎯 全球直连"
},
{
"tag": "dns_block",
"address": "rcode://name_error"
},
{
"tag": "dns_resolver",
"address": "119.29.29.29",
"strategy": "ipv4_only",
"detour": "🎯 全球直连"
}
],
"rules": [
{
"outbound": "any",
"server": "dns_resolver"
},
{
"query_type": "HTTPS",
"server": "dns_block"
},
{
"clash_mode": "direct",
"server": "dns_direct"
},
{
"clash_mode": "global",
"server": "dns_proxy"
},
{
"rule_set": "cnsite",
"server": "dns_direct"
},
{
"rule_set": [
"YouTube",
"OpenAI",
"TikTok",
"Google",
"geoip-telegram",
"geosite-telegram",
"geoip-twitter",
"geosite-proxy"
],
"server": "dns_proxy"
},
{
"type": "logical",
"mode": "and",
"rules": [
{
"rule_set": "geosite-geolocation-!cn",
"invert": true
},
{
"rule_set": "geoip-cn"
}
],
"server": "dns_proxy",
"client_subnet": "1.0.1.0" //替换为自己附近的IP,不建议自己的IP
}
],
"final": "dns_direct"
},
"inbounds": [
{
"type": "tun",
"inet4_address": "172.19.0.1/30",
"mtu": 9000,
"gso": true,
"auto_route": true,
"stack": "system",
"sniff": true,
"sniff_override_destination": false
}
],
"outbounds": [
{
"type": "selector",
"tag": "🚀 节点选择",
"outbounds": [
"auto",
"🎯 全球直连",
"{all}"
],
"default": "🎯 全球直连"
},
{
"type": "selector",
"tag": "🐟 漏网之鱼",
"outbounds": [
"🎯 全球直连",
"🚀 节点选择"
],
"default": "🎯 全球直连"
},
{
"type": "selector",
"tag": "🛑 广告拦截",
"outbounds": [
"block"
],
"default": "block"
},
{
"tag": "auto",
"type": "urltest",
"outbounds": [
"{all}"
],
"filter": [
{
"action": "exclude",
"keywords": [
"网站|地址|剩余|过期|时间|有效"
]
}
],
"url": "http://www.gstatic.com/generate_204",
"interval": "10m",
"tolerance": 50
},
{
"type": "direct",
"tag": "🎯 全球直连"
},
{
"type": "block",
"tag": "block"
},
{
"type": "dns",
"tag": "dns-out"
}
],
"route": {
"rules": [
{
"protocol": "dns",
"outbound": "dns-out"
},
{
"clash_mode": "direct",
"outbound": "🎯 全球直连"
},
{
"clash_mode": "global",
"outbound": "🚀 节点选择"
},
{
"protocol": "quic",
"outbound": "block"
},
{
"rule_set": "geosite-category-ads-all",
"outbound": "🛑 广告拦截"
},
{
"rule_set": [
"Bilibili",
"MicroSoft",
"Apple",
"cnsite",
"geoip-cn"
],
"outbound": "🎯 全球直连"
},
{
"rule_set": [
"YouTube",
"OpenAI",
"TikTok",
"Google",
"geoip-telegram",
"geosite-telegram",
"geoip-twitter",
"geosite-proxy"
],
"outbound": "🚀 节点选择"
},
{
"type": "logical",
"mode": "and",
"rules": [
{
"rule_set": "geosite-geolocation-!cn"
},
{
"rule_set": "geoip-cn",
"invert": true
}
],
"outbound": "🚀 节点选择"
},
{
"ip_is_private": true,
"outbound": "🎯 全球直连"
}
],
"rule_set": [
{
"tag": "geosite-category-ads-all",
"type": "remote",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/category-ads-all.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "cnsite",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/cn.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "geosite-telegram",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/telegram.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "geoip-telegram",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geoip/telegram.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "geosite-proxy",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo-lite/geosite/proxy.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "YouTube",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/youtube.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "TikTok",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/tiktok.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "Bilibili",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/bilibili.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "OpenAI",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/openai.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "MicroSoft",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/microsoft.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "Google",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geoip/google.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "Apple",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/apple.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "geoip-cn",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geoip/cn.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "geosite-geolocation-!cn",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/geolocation-!cn.srs",
"download_detour": "🎯 全球直连"
},
{
"type": "remote",
"tag": "geoip-twitter",
"format": "binary",
"url": "https://gh-proxy.com/https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geoip/twitter.srs",
"download_detour": "🎯 全球直连"
}
],
"final": "🐟 漏网之鱼",
"find_process": true,
"auto_detect_interface": true
},
"log": {
"level": "warn",
"timestamp": true
},
"experimental": {
"clash_api": {
"external_controller": ":9090",
"external_ui": "ui",
"secret": "",
"external_ui_download_url": "https://gh-proxy.com/https://github.com/MetaCubeX/metacubexd/archive/refs/heads/gh-pages.zip",
"external_ui_download_detour": "🎯 全球直连",
"default_mode": "rule"
},
"cache_file": {
"enabled": true
}
}
}
- 编辑
providers.json把url替换为自己的订阅链接,其他不用动
providers.json
{
"subscribes":[
{
"url": "替换为自己的订阅链接🔗",
"tag": "airport1_tag", //You can keep the default without modification
"enabled": true, //Enable conversion of this link
"emoji": 1, //Add flag emoji
"subgroup": "",
"prefix": "", //Do not add node name prefix
"ex-node-name": "网站|流量|过期", //Filter nodes containing keywords
"User-Agent":"clashmeta" //Set browser UA
},
{
"url": "https://5gtocdocao.com/api/v1/client/subscribe?token=xx",
"tag": "airport2_tag", //You can keep the default without modification
"enabled": false, //Disable conversion of this link
"emoji": 0, //Do not add flag emoji
"subgroup": "named", //Name the subscription link
"prefix": "❤️node_name prefix - ", //Add node name prefix
"User-Agent":"clashmeta" //Set browser UA
}
],
"auto_set_outbounds_dns":{
"proxy": "",
"direct": ""
},
"save_config_path": "./config.json",
"auto_backup": false,
"exclude_protocol": "ssr", //Not parsing ssr nodes!!!
"config_template": "", //Customize the correct web page json configuration template link
"Only-nodes": false //Output the complete sing-box configuration
}
python main.py 选择模版后自动生成 config.json
将 config.json复制到/etc/sing-box
systemctl restart sing-box 不出意外,启动成功,访问ip:9090打开web UI
journalctl -u sing-box --output cat -f 查看日志,排查错误
3、自动更新订阅
新建autoupdate.sh
autoupdate.sh
#!/bin/bash
SubscribeDir=/opt/sing-box-subscribe
SingBoxDir=/etc/sing-box
echo "update subscribe"
cd $SubscribeDir
#如果启用python venv环境,取消注释
# source venv/bin/activate
# 根据模版序号自行修改
python3 main.py --template_index=0
if [ $? -eq 0 ]; then
echo "update subscribe successfully. To update config.json"
cp $SubscribeDir/config.json $SingBoxDir/config.json
else
echo "update config.json failed. Exiting."
exit 1
fi
if [ $? -eq 0 ]; then
echo "update config.json successfully. To restart sing-box"
systemctl restart sing-box
else
echo "restart sing-box failed. Exiting."
exit 1
fi
chmod +x autoupdate.sh
crontab -e添加定时任务
33 3 * * * /to/path/autoupdate.sh
本机如果成功上网后,接下来就是当网关,让其他设备可以访问,不需要此部分可以不看
4、设置网关,使其他机器访问
-
本机IP设为静态地址
-
主路由DHCP服务设置网关指向该设备IP,
dns设置为公共dns,119.29.29.29 -
主路由重启,开始愉快上网吧
具体可参考这篇
5、可能用到的命令
| Operation | Command |
|---|---|
| Enable | sudo systemctl enable sing-box |
| Disable | sudo systemctl disable sing-box |
| Start | sudo systemctl start sing-box |
| Stop | sudo systemctl stop sing-box |
| Kill | sudo systemctl kill sing-box |
| Restart | sudo systemctl restart sing-box |
| Logs | sudo journalctl -u sing-box --output cat -e |
| New Logs | sudo journalctl -u sing-box --output cat -f |