荒岛
最近买了点DMM的片,想着随便搞个梯子就能看了吧,然后就买了台某日本VPS,结果发现这台VPS的IP不太行,能访问DMM但解不了DMM TV,播放的时候弹个这个玩意出来:
我也是醉了,不过好在这台VPS的线路很不错,所以我后面又特地花钱买了台落地鸡,这个落地鸡它真的名副其实,真就只能拿来落地,电信NTT日常BOOM。。然后我现在搭梯子清一色全部用的sing-box(以下简称sb),中转的方法是很多,工具也很多,但是想着我还真没有用过sb来中转,我就想折腾一下了,就有了下面的记录。。
我研究了一会儿,发现sb可以用多种方式来达到中转或者说解锁的目的,我分别记录一下。
准备工作
首先在两台VPS上面安装sb,我两台VPS都是Debian12,直接用官方的这个一键脚本就可以安装了:
bash <(curl -fsSL https://sing-box.app/deb-install.sh)
更多安装方式:https://sing-box.sagernet.org/installation/package-manager/
假设VPS1是中转鸡,VPS2是落地鸡。先在落地鸡上搭建一个节点:
nano /etc/sing-box/config.json
我的配置如下:
{
"log": {
"level": "info"
},
"dns": {
"servers": [
{
"address": "tls://8.8.8.8",
"strategy": "ipv4_only"
}
]
},
"inbounds": [
{
"type": "vless",
"tag": "vless-in",
"listen": "0.0.0.0",
"listen_port": 443,
"sniff": true,
"users": [
{
"name": "imlala",
"uuid": "87599169-0bc7-4fae-b730-f6d109db4614", // sing-box generate uuid
"flow": "xtls-rprx-vision"
}
],
"tls": {
"enabled": true,
"server_name": "www.python.org",
"reality": {
"enabled": true,
"handshake": {
"server": "www.python.org",
"server_port": 443
},
"private_key": "SKvL0iVINPOi5EtxRzx2qG4Nyy00CC0iPqqyPWut214", // sing-box generate reality-keypair
"short_id": [
"64d7038842bbc9cc" // sing-box generate rand --hex 8
]
}
}
}
],
"outbounds": [
{
"type": "direct"
},
{
"type": "dns",
"tag": "dns-out"
}
],
"route": {
"rules": [
{
"protocol": "dns",
"outbound": "dns-out"
}
]
}
}
启动:
systemctl enable --now sing-box
方式一:端口转发
端口转发就是所有流量都经过落地鸡,如果落地鸡的流量足够用,这种方式简单粗暴。
在中转鸡上编辑sb的配置文件:
nano /etc/sing-box/config.json
写入如下配置:
{
"log": {
"level": "info"
},
"inbounds": [
{
"type": "direct",
"tag": "direct-in",
"listen": "0.0.0.0",
"listen_port": 61000,
"override_address": "落地鸡的公网IP",
"override_port": 443
}
]
}
启动:
systemctl enable --now sing-box
客户端配置:
{
"log": {
"level": "info",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "google",
"address": "tls://dns.google",
"address_resolver": "resolver",
"strategy": "ipv4_only",
"detour": "fwd"
},
{
"tag": "tencent",
"address": "tls://dot.pub",
"address_resolver": "resolver",
"strategy": "ipv4_only",
"detour": "direct"
},
{
"tag": "resolver",
"address": "223.5.5.5",
"strategy": "ipv4_only",
"detour": "direct"
},
{
"tag": "deniend",
"address": "rcode://refused"
}
],
"rules": [
{
"outbound": "any",
"server": "tencent"
},
{
"rule_set": "geosite-geolocation-cn",
"server": "tencent"
}
],
"final": "google"
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"interface_name": "tun0",
"inet4_address": "172.16.0.1/30",
"auto_route": true,
"strict_route": true,
"stack": "mixed",
"sniff": true
}
],
"outbounds": [
{
"type": "vless",
"tag": "fwd",
"server": "中转鸡的公网IP",
"server_port": 61000,
"uuid": "87599169-0bc7-4fae-b730-f6d109db4614",
"flow": "xtls-rprx-vision",
"tls": {
"enabled": true,
"server_name": "www.python.org",
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "guBvyGCyqglGWWQ1bQ5vXXy78YlshWb0aYX6-uAwEDk",
"short_id": "64d7038842bbc9cc"
}
}
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
},
{
"type": "dns",
"tag": "dns"
}
],
"route": {
"rules": [
{
"protocol": "dns",
"outbound": "dns"
},
{
"ip_is_private": true,
"outbound": "direct"
},
{
"rule_set": [
"geoip-cn",
"geosite-geolocation-cn"
],
"outbound": "direct"
}
],
"rule_set": [
{
"type": "remote",
"tag": "geoip-cn",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geoip/rule-set/geoip-cn.srs",
"download_detour": "fwd",
"update_interval": "7d"
},
{
"type": "remote",
"tag": "geosite-geolocation-cn",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-geolocation-cn.srs",
"download_detour": "fwd",
"update_interval": "7d"
}
],
"final": "fwd",
"auto_detect_interface": true
}
}
方式二:二级代理(按规则进行分流)
这种方式其实就相当于是按规则进行分流,适用于落地鸡流量不够用的情况,或者你想精确控制流量的走向。
大概的步骤是:在中转鸡上搭一个节点,同时写好分流规则,客户端连接中转鸡的节点,只有命中规则的流量走落地鸡,其余的都走中转鸡。
在中转鸡上编辑sb的配置文件:
nano /etc/sing-box/config.json
写入如下配置:
{
"log": {
"level": "info"
},
"dns": {
"servers": [
{
"address": "tls://8.8.8.8",
"strategy": "ipv4_only"
}
]
},
"inbounds": [
{
"type": "vless",
"tag": "vless-in",
"listen": "0.0.0.0",
"listen_port": 443,
"sniff": true,
"users": [
{
"name": "imlala",
"uuid": "f6bb53c9-7afe-46a0-9fff-d770d2aec0f2",
"flow": "xtls-rprx-vision"
}
],
"tls": {
"enabled": true,
"server_name": "www.python.org",
"reality": {
"enabled": true,
"handshake": {
"server": "www.python.org",
"server_port": 443
},
"private_key": "OLXR9twjmwlhwyiiNwne9ghFJ0YyXHP4xYGUfo0wWUA",
"short_id": [
"00b9f5bf53744433"
]
}
}
}
],
"outbounds": [
{
"type": "direct",
"tag": "direct"
},
{
"type": "dns",
"tag": "dns-out"
},
{
"type": "vless",
"tag": "unlock-out",
"server": "落地鸡的公网IP",
"server_port": 443,
"uuid": "87599169-0bc7-4fae-b730-f6d109db4614",
"flow": "xtls-rprx-vision",
"tls": {
"enabled": true,
"server_name": "www.python.org",
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "guBvyGCyqglGWWQ1bQ5vXXy78YlshWb0aYX6-uAwEDk",
"short_id": "64d7038842bbc9cc"
}
}
}
],
"route": {
"rules": [
{
"protocol": "dns",
"outbound": "dns-out"
},
{
"rule_set": [
"geosite-dmm",
"geosite-dmm-porn",
"geosite-abema",
"geosite-reddit"
],
"outbound": "unlock-out"
}
],
"rule_set": [
{
"type": "remote",
"tag": "geosite-dmm",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-dmm.srs",
"download_detour": "direct",
"update_interval": "7d"
},
{
"type": "remote",
"tag": "geosite-dmm-porn",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-dmm-porn.srs",
"download_detour": "direct",
"update_interval": "7d"
},
{
"type": "remote",
"tag": "geosite-abema",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-abema.srs",
"download_detour": "direct",
"update_interval": "7d"
},
{
"type": "remote",
"tag": "geosite-reddit",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-reddit.srs",
"download_detour": "direct",
"update_interval": "7d"
}
]
}
}
启动:
systemctl enable --now sing-box
客户端配置:
{
"log": {
"level": "info",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "google",
"address": "tls://dns.google",
"address_resolver": "resolver",
"strategy": "ipv4_only",
"detour": "fwd"
},
{
"tag": "tencent",
"address": "tls://dot.pub",
"address_resolver": "resolver",
"strategy": "ipv4_only",
"detour": "direct"
},
{
"tag": "resolver",
"address": "223.5.5.5",
"strategy": "ipv4_only",
"detour": "direct"
},
{
"tag": "deniend",
"address": "rcode://refused"
}
],
"rules": [
{
"outbound": "any",
"server": "tencent"
},
{
"rule_set": "geosite-geolocation-cn",
"server": "tencent"
}
],
"final": "google"
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"interface_name": "tun0",
"inet4_address": "172.16.0.1/30",
"auto_route": true,
"strict_route": true,
"stack": "mixed",
"sniff": true
}
],
"outbounds": [
{
"type": "vless",
"tag": "fwd",
"server": "中转鸡的公网IP",
"server_port": 443,
"uuid": "f6bb53c9-7afe-46a0-9fff-d770d2aec0f2",
"flow": "xtls-rprx-vision",
"tls": {
"enabled": true,
"server_name": "www.python.org",
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "yD6TNRviqs_P3h6S7U12ObAGBd9NLgxY7rXfHP4g10U",
"short_id": "00b9f5bf53744433"
}
}
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
},
{
"type": "dns",
"tag": "dns"
}
],
"route": {
"rules": [
{
"protocol": "dns",
"outbound": "dns"
},
{
"ip_is_private": true,
"outbound": "direct"
},
{
"rule_set": [
"geoip-cn",
"geosite-geolocation-cn"
],
"outbound": "direct"
}
],
"rule_set": [
{
"type": "remote",
"tag": "geoip-cn",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geoip/rule-set/geoip-cn.srs",
"download_detour": "fwd",
"update_interval": "7d"
},
{
"type": "remote",
"tag": "geosite-geolocation-cn",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-geolocation-cn.srs",
"download_detour": "fwd",
"update_interval": "7d"
}
],
"final": "fwd",
"auto_detect_interface": true
}
}
方式三:链式代理
像端口转发、二级代理都需要在服务端进行配置,如果你没有这台服务器的控制权,自然就无法使用上述两种方式进行中转。
而链式代理不需要对服务端的配置进行修改,所以非常适合那些没有服务器访问权限的用户使用,比如你买了一个机场,但是机场肯定只会给你节点连接信息,不会把节点服务器的SSH登录信息也给你,但现在通过链式代理,你可以把自建的节点与机场的节点进行整合,这样就可以实现用机场来中转你的自建节点,反之亦然。
另外链式代理配置起来也相当简单,在sb中主要依靠detour这个字段。前提条件是中转鸡与落地鸡都同时搭建了一个节点。节点的配置可以参考本文上述的内容。
客户端配置:
{
"log": {
"level": "info",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "google",
"address": "tls://dns.google",
"address_resolver": "resolver",
"strategy": "ipv4_only",
"detour": "select"
},
{
"tag": "tencent",
"address": "tls://dot.pub",
"address_resolver": "resolver",
"strategy": "ipv4_only",
"detour": "direct"
},
{
"tag": "resolver",
"address": "223.5.5.5",
"strategy": "ipv4_only",
"detour": "direct"
},
{
"tag": "deniend",
"address": "rcode://refused"
}
],
"rules": [
{
"outbound": "any",
"server": "tencent"
},
{
"clash_mode": "direct",
"server": "tencent"
},
{
"clash_mode": "global",
"server": "google"
},
{
"rule_set": "geosite-geolocation-cn",
"server": "tencent"
}
],
"final": "google"
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"interface_name": "tun0",
"inet4_address": "172.16.0.1/30",
"auto_route": true,
"strict_route": true,
"stack": "mixed",
"sniff": true
}
],
"outbounds": [
{
"type": "selector",
"tag": "select",
"outbounds": [
"korean",
"us",
"fwd",
"unlock",
"auto"
],
"default": "us",
"interrupt_exist_connections": true
},
{
"type": "hysteria2",
"tag": "korean",
"server": "hidden",
"server_port": 8080,
"up_mbps": 30,
"down_mbps": 300,
"password": "hidden",
"tls": {
"enabled": true,
"server_name": "hidden"
}
},
{
"type": "vless",
"tag": "us",
"server": "hidden",
"server_port": 443,
"uuid": "hidden",
"flow": "xtls-rprx-vision",
"tls": {
"enabled": true,
"server_name": "www.python.org",
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "hidden",
"short_id": "hidden"
}
}
},
{
"type": "vless",
"tag": "fwd",
"server": "中转鸡的公网IP",
"server_port": 443,
"uuid": "f6bb53c9-7afe-46a0-9fff-d770d2aec0f2",
"flow": "xtls-rprx-vision",
"tls": {
"enabled": true,
"server_name": "www.python.org",
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "yD6TNRviqs_P3h6S7U12ObAGBd9NLgxY7rXfHP4g10U",
"short_id": "00b9f5bf53744433"
}
}
},
{
"type": "vless",
"tag": "unlock",
"server": "落地鸡的公网IP",
"server_port": 443,
"uuid": "87599169-0bc7-4fae-b730-f6d109db4614",
"flow": "xtls-rprx-vision",
"tls": {
"enabled": true,
"server_name": "www.python.org",
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "guBvyGCyqglGWWQ1bQ5vXXy78YlshWb0aYX6-uAwEDk",
"short_id": "64d7038842bbc9cc"
}
},
"detour": "fwd"
},
{
"type": "urltest",
"tag": "auto",
"outbounds": [
"korean",
"us",
"fwd",
"unlock"
],
"url": "https://www.gstatic.com/generate_204",
"interval": "10m",
"interrupt_exist_connections": true
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
},
{
"type": "dns",
"tag": "dns"
}
],
"route": {
"rules": [
{
"protocol": "dns",
"outbound": "dns"
},
{
"ip_is_private": true,
"outbound": "direct"
},
{
"clash_mode": "direct",
"outbound": "direct"
},
{
"clash_mode": "global",
"outbound": "select"
},
{
"rule_set": [
"geoip-cn",
"geosite-geolocation-cn"
],
"outbound": "direct"
}
],
"rule_set": [
{
"type": "remote",
"tag": "geoip-cn",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geoip/rule-set/geoip-cn.srs",
"download_detour": "select",
"update_interval": "7d"
},
{
"type": "remote",
"tag": "geosite-geolocation-cn",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-geolocation-cn.srs",
"download_detour": "select",
"update_interval": "7d"
}
],
"final": "select",
"auto_detect_interface": true
},
"experimental": {
"cache_file": {
"enabled": true
},
"clash_api": {
"external_controller": "127.0.0.1:9090",
"external_ui": "ui",
"external_ui_download_url": "https://github.com/MetaCubeX/Yacd-meta/archive/gh-pages.zip",
"external_ui_download_detour": "select",
"default_mode": "rule"
}
}
}
在上面的这个配置中,tag为fwd的是中转鸡,tag为unlock的是落地鸡,我在tag为unlock的落地鸡配置了一个detour,指定上游出站为fwd。这样配置之后,在yacd的webui上选择tag为unlock的节点即可。
另外提一嘴,如果只是单纯的想解锁某些东西,还有一个DNS分流,也可以使用sb来实现。这里先不介绍了。。。
我只能说有点让我上头的是,今天我又测了下这个中转鸡,它竟然又能解DMM TV了,它真的,我哭死,我折腾了半天就是为了让它能够解锁,结果它现在自己能解了!
哥,你早说,我这有解锁DMM的机器的啊。
不知就问,版主那家的日本VPS和那家的落地鸡?
链式代理怎么试都不行,不加detour都正常,加了以后落地鸡就不通了。。。
中转的是你自建的节点还是机场的,有些机场的节点不行被限制了。。
自建的两个节点,都是香港的。
感谢博主!
请教下,有1个机场,还有1个买的socks5类型的住宅IP(给了IP+账号密码),怎样使用singbox进行链式代理呢?服务端无任何权限的
大佬,请教一下,这个sing-box直接端口转发的性能和其他的,比如realm、gost相比,有没有差距?
请教,这个怎么写?“如果只是单纯的想解锁某些东西,还有一个DNS分流,也可以使用sb来实现”谢谢大佬