sing-box/docs/configuration/outbound/wireguard.md

150 lines
2.4 KiB
Markdown
Raw Normal View History

!!! quote "Changes in sing-box 1.8.0"
:material-plus: [gso](#gso)
2022-08-17 15:19:10 +08:00
### Structure
```json
{
2022-08-31 13:21:29 +08:00
"type": "wireguard",
"tag": "wireguard-out",
"server": "127.0.0.1",
"server_port": 1080,
2022-09-09 15:40:35 +08:00
"system_interface": false,
"gso": false,
2022-09-09 15:40:35 +08:00
"interface_name": "wg0",
2022-08-31 13:21:29 +08:00
"local_address": [
"10.0.0.2/32"
],
"private_key": "YNXtAzepDqRv9H52osJVDQnznT5AM11eCK3ESpwSt04=",
"peers": [
{
"server": "127.0.0.1",
"server_port": 1080,
"public_key": "Z1XXLsKYkYxuiYjJIkRvtIKFepCYHTgON+GwPq7SOV4=",
"pre_shared_key": "31aIhAPwktDGpH4JDhA8GNvjFXEf/a6+UaQRyOAiyfM=",
"allowed_ips": [
"0.0.0.0/0"
],
"reserved": [0, 0, 0]
}
],
2022-08-31 13:21:29 +08:00
"peer_public_key": "Z1XXLsKYkYxuiYjJIkRvtIKFepCYHTgON+GwPq7SOV4=",
"pre_shared_key": "31aIhAPwktDGpH4JDhA8GNvjFXEf/a6+UaQRyOAiyfM=",
2022-10-29 18:00:05 +08:00
"reserved": [0, 0, 0],
"workers": 4,
2022-08-31 13:21:29 +08:00
"mtu": 1408,
"network": "tcp",
... // Dial Fields
2022-08-17 15:19:10 +08:00
}
```
2022-08-31 13:21:29 +08:00
### Fields
2022-08-17 15:19:10 +08:00
#### server
==Required if multi-peer disabled==
2022-08-17 15:19:10 +08:00
The server address.
#### server_port
==Required if multi-peer disabled==
2022-08-17 15:19:10 +08:00
The server port.
2022-09-09 15:40:35 +08:00
#### system_interface
Use system interface.
2022-09-09 15:40:35 +08:00
Requires privilege and cannot conflict with exists system interfaces.
2022-09-15 12:20:38 +08:00
Forced if gVisor not included in the build.
2022-09-09 15:40:35 +08:00
#### interface_name
Custom interface name for system interface.
#### gso
!!! question "Since sing-box 1.8.0"
!!! quote ""
Only supported on Linux.
Try to enable generic segmentation offload.
2022-09-09 15:40:35 +08:00
2022-08-17 15:19:10 +08:00
#### local_address
==Required==
2022-09-06 00:15:09 +08:00
List of IP (v4 or v6) address prefixes to be assigned to the interface.
2022-08-17 15:19:10 +08:00
#### private_key
==Required==
WireGuard requires base64-encoded public and private keys. These can be generated using the wg(8) utility:
```shell
wg genkey
echo "private key" || wg pubkey
```
#### peers
Multi-peer support.
If enabled, `server, server_port, peer_public_key, pre_shared_key` will be ignored.
#### peers.allowed_ips
WireGuard allowed IPs.
#### peers.reserved
WireGuard reserved field bytes.
`$outbound.reserved` will be used if empty.
2022-08-17 15:19:10 +08:00
#### peer_public_key
==Required if multi-peer disabled==
2022-08-17 15:19:10 +08:00
WireGuard peer public key.
#### pre_shared_key
WireGuard pre-shared key.
2022-10-29 18:00:05 +08:00
#### reserved
WireGuard reserved field bytes.
#### workers
WireGuard worker count.
CPU count is used by default.
2022-08-17 15:19:10 +08:00
#### mtu
WireGuard MTU.
1408 will be used if empty.
2022-08-17 15:19:10 +08:00
#### network
Enabled network
One of `tcp` `udp`.
Both is enabled by default.
### Dial Fields
2023-12-14 22:23:52 +08:00
See [Dial Fields](/configuration/shared/dial/) for details.