Add inbound documentation

This commit is contained in:
世界 2022-07-08 18:10:39 +08:00
parent b44a1cd823
commit ddbdac7d97
No known key found for this signature in database
GPG Key ID: CD109927C34A63C4
11 changed files with 491 additions and 40 deletions

View File

@ -4,7 +4,7 @@ on:
branches:
- dev
paths:
- docs
- docs/**
- .github/workflows/mkdocs.yml
jobs:
deploy:

View File

@ -0,0 +1,82 @@
`direct` inbound is a tunnel server.
### Structure
```json
{
"inbounds": [
{
"type": "direct",
"tag": "direct-in",
"listen": "::",
"listen_port": 5353,
"tcp_fast_open": false,
"sniff": false,
"sniff_override_destination": false,
"domain_strategy": "prefer_ipv6",
"udp_timeout": 300,
"network": "udp",
"override_address": "1.0.0.1",
"override_port": 53
}
]
}
```
### Listen Fields
#### listen
Listen address.
#### listen_port
Listen port.
#### tcp_fast_open
Enable tcp fast open for listener.
#### sniff
Enable sniffing.
Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP.
This does not break zero copy, like splice.
#### sniff_override_destination
Override the connection destination address with the sniffed domain.
If the domain name is invalid (like tor), this will not work.
#### domain_strategy
One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
If set, the requested domain name will be resolved to IP before routing.
If `sniff_override_destination` is in effect, its value will be taken as a fallback.
#### udp_timeout
UDP NAT expiration time in seconds, default is 300 (5 minutes).
### Direct Fields
#### network
Listen network, one of `tcp` `udp`.
Both if empty.
#### override_address
Override the connection destination address.
#### override_port
Override the connection destination port.

View File

@ -0,0 +1,72 @@
`socks` inbound is a http server.
### Structure
```json
{
"inbounds": [
{
"type": "http",
"tag": "http-in",
"listen": "::",
"listen_port": 2080,
"tcp_fast_open": false,
"sniff": false,
"sniff_override_destination": false,
"domain_strategy": "prefer_ipv6",
"users": [
{
"username": "admin",
"password": "admin"
}
]
}
]
}
```
### Listen Fields
#### listen
Listen address.
#### listen_port
Listen port.
#### tcp_fast_open
Enable tcp fast open for listener.
#### sniff
Enable sniffing.
Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP.
This does not break zero copy, like splice.
#### sniff_override_destination
Override the connection destination address with the sniffed domain.
If the domain name is invalid (like tor), this will not work.
#### domain_strategy
One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
If set, the requested domain name will be resolved to IP before routing.
If `sniff_override_destination` is in effect, its value will be taken as a fallback.
### HTTP Fields
#### users
HTTP users.
No authentication required if empty.

View File

@ -5,9 +5,22 @@
"inbounds": [
{
"type": "",
"tag": "",
...
"tag": ""
}
]
}
```
```
### Fields
| Type | Format |
|---------------|------------------------------|
| `mixed` | [Mixed](./mixed) |
| `socks` | [Socks](./socks) |
| `http` | [HTTP](./http) |
| `direct` | [Direct](./direct) |
| `shadowsocks` | [Shadowsocks](./shadowsocks) |
#### tag
The tag of the inbound.

View File

@ -0,0 +1,72 @@
`mixed` inbound is a socks4, socks4a, socks5 and http server.
### Structure
```json
{
"inbounds": [
{
"type": "mixed",
"tag": "mixed-in",
"listen": "::",
"listen_port": 2080,
"tcp_fast_open": false,
"sniff": false,
"sniff_override_destination": false,
"domain_strategy": "prefer_ipv6",
"users": [
{
"username": "admin",
"password": "admin"
}
]
}
]
}
```
### Listen Fields
#### listen
Listen address.
#### listen_port
Listen port.
#### tcp_fast_open
Enable tcp fast open for listener.
#### sniff
Enable sniffing.
Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP.
This does not break zero copy, like splice.
#### sniff_override_destination
Override the connection destination address with the sniffed domain.
If the domain name is invalid (like tor), this will not work.
#### domain_strategy
One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
If set, the requested domain name will be resolved to IP before routing.
If `sniff_override_destination` is in effect, its value will be taken as a fallback.
### Mixed Fields
#### users
Socks and HTTP users.
No authentication required if empty.

View File

@ -0,0 +1,136 @@
`shadowsocks` inbound is a shadowsocks server.
### Structure
```json
{
"inbounds": [
{
"type": "shadowsocks",
"tag": "ss-in",
"listen": "::",
"listen_port": 5353,
"tcp_fast_open": false,
"sniff": false,
"sniff_override_destination": false,
"domain_strategy": "prefer_ipv6",
"udp_timeout": 300,
"network": "udp",
"method": "2022-blake3-aes-128-gcm",
"password": "8JCsPssfgS8tiRwiMlhARg=="
}
]
}
```
### Listen Fields
#### listen
Listen address.
#### listen_port
Listen port.
#### tcp_fast_open
Enable tcp fast open for listener.
#### sniff
Enable sniffing.
Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP.
This does not break zero copy, like splice.
#### sniff_override_destination
Override the connection destination address with the sniffed domain.
If the domain name is invalid (like tor), this will not work.
#### domain_strategy
One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
If set, the requested domain name will be resolved to IP before routing.
If `sniff_override_destination` is in effect, its value will be taken as a fallback.
#### udp_timeout
UDP NAT expiration time in seconds, default is 300 (5 minutes).
### Shadowsocks Fields
#### network
Listen network, one of `tcp` `udp`.
Both if empty.
#### method
| Method | Key Length |
|-------------------------------|------------|
| 2022-blake3-aes-128-gcm | 16 |
| 2022-blake3-aes-256-gcm | 32 |
| 2022-blake3-chacha20-poly1305 | 32 |
| none | / |
| aes-128-gcm | / |
| aes-192-gcm | / |
| aes-256-gcm | / |
| chacha20-ietf-poly1305 | / |
| xchacha20-ietf-poly1305 | / |
#### password
| Method | Password Format |
|---------------|-------------------------------------|
| none | / |
| 2022 methods | `openssl rand -base64 <Key Length>` |
| other methods | any string |
### Multi-User Structure
```json
{
"inbounds": [
{
"method": "2022-blake3-aes-128-gcm",
"password": "8JCsPssfgS8tiRwiMlhARg==",
"users": [
{
"name": "sekai",
"password": "PCD2Z4o12bKUoFa3cC97Hw=="
}
]
}
]
}
```
### Relay Structure
```json
{
"inbounds": [
{
"method": "2022-blake3-aes-128-gcm",
"password": "8JCsPssfgS8tiRwiMlhARg==",
"destinations": [
{
"name": "test",
"server": "example.com",
"server_port": 8080,
"password": "PCD2Z4o12bKUoFa3cC97Hw=="
}
]
}
]
}
```

View File

@ -0,0 +1,72 @@
`socks` inbound is a socks4, socks4a, socks5 server.
### Structure
```json
{
"inbounds": [
{
"type": "socks",
"tag": "socks-in",
"listen": "::",
"listen_port": 2080,
"tcp_fast_open": false,
"sniff": false,
"sniff_override_destination": false,
"domain_strategy": "prefer_ipv6",
"users": [
{
"username": "admin",
"password": "admin"
}
]
}
]
}
```
### Listen Fields
#### listen
Listen address.
#### listen_port
Listen port.
#### tcp_fast_open
Enable tcp fast open for listener.
#### sniff
Enable sniffing.
Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP.
This does not break zero copy, like splice.
#### sniff_override_destination
Override the connection destination address with the sniffed domain.
If the domain name is invalid (like tor), this will not work.
#### domain_strategy
One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`.
If set, the requested domain name will be resolved to IP before routing.
If `sniff_override_destination` is in effect, its value will be taken as a fallback.
### Socks Fields
#### users
Socks users.
No authentication required if empty.

View File

@ -2,4 +2,37 @@
Welcome to the wiki page for the sing-box project.
The universal proxy platform.
The universal proxy platform.
## Installation
sing-box requires Golang 1.18 or a higher version.
```bash
$ go install github.com/sagernet/sing-box@latest
```
The binary is built under $GOPATH/bin
```bash
$ sing-box version
```
## License
```
Copyright (C) 2022 by nekohasekai <contact-sagernet@sekai.icu>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
```

View File

@ -1,13 +0,0 @@
# Installation
sing-box requires Golang 1.18 or a higher version.
```bash
$ go install github.com/sagernet/sing-box@latest
```
The binary is built under $GOPATH/bin
```bash
$ sing-box version
```

View File

@ -1,18 +0,0 @@
# License
```
Copyright (C) 2022 by nekohasekai <contact-sagernet@sekai.icu>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
```

View File

@ -28,10 +28,7 @@ theme:
- navigation.sections
- header.autohide
nav:
- Getting Started:
- index.md
- Installation: installation.md
- License: license.md
- Getting Started: index.md
- Configuration:
- configuration/index.md
- Log: configuration/log.md
@ -41,6 +38,11 @@ nav:
- DNS Rule: configuration/dns/rule.md
- Inbound:
- configuration/inbound/index.md
- Mixed: configuration/inbound/mixed.md
- Socks: configuration/inbound/socks.md
- HTTP: configuration/inbound/http.md
- Direct: configuration/inbound/direct.md
- Shadowsocks: configuration/inbound/shadowsocks.md
markdown_extensions:
- pymdownx.highlight:
anchor_linenums: true