google@sing-box在ubuntu体验
ShadowTLS 是 sing-box 支持的一种特殊的代理协议,它的主要目标是抗主动探测(Active Probing),通过伪装成 TLS 流量,欺骗防火墙并防止被识别或封锁。
env
- Ubuntu 24.04.2 LTS
- sing-box v1.11.0
offical
安装sing-box
- https://github.com/SagerNet/sing-box/releases/tag/v1.11.10
- https://sing-box.sagernet.org/zh/installation/package-manager/
1.下载sing-box
wget https://github.com/SagerNet/sing-box/releases/download/v1.0.4/sing-box_1.0.4_linux_amd64.deb
wget https://github.com/SagerNet/sing-box/releases/download/v1.11.10/sing-box_1.11.10_linux_amd64.deb
2.安装sing-box
dpkg -i sing-box_1.0.4_linux_amd64.deb
root@gaga:~/singbox# dpkg -i sing-box_1.11.10_linux_amd64.deb
Selecting previously unselected package sing-box.
(Reading database ... 128168 files and directories currently installed.)
Preparing to unpack sing-box_1.11.10_linux_amd64.deb ...
Unpacking sing-box (1.11.10) ...
Setting up sing-box (1.11.10) ...
s
3.查看安装包内容
dpkg -c sing-box_1.0.4_linux_amd64.deb
root@gaga:~/singbox# dpkg -c sing-box_1.11.10_linux_amd64.deb
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./etc/
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./etc/sing-box/
-rw-r--r-- 0/0 599 2025-05-05 04:07 ./etc/sing-box/config.json
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/bin/
-rwxr-xr-x 0/0 33624212 2025-05-05 04:07 ./usr/bin/sing-box
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/lib/
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/lib/systemd/
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/lib/systemd/system/
-rw-r--r-- 0/0 556 2025-05-05 04:07 ./usr/lib/systemd/system/sing-box.service
-rw-r--r-- 0/0 567 2025-05-05 04:07 ./usr/lib/systemd/system/[email protected]
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/share/
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/share/zsh/
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/share/zsh/site-functions/
-rw-r--r-- 0/0 7820 2025-05-05 04:07 ./usr/share/zsh/site-functions/_sing-box
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/share/fish/
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/share/fish/vendor_completions.d/
-rw-r--r-- 0/0 9877 2025-05-05 04:07 ./usr/share/fish/vendor_completions.d/sing-box.fish
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/share/bash-completion/
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/share/bash-completion/completions/
-rw-r--r-- 0/0 39391 2025-05-05 04:07 ./usr/share/bash-completion/completions/sing-box.bash
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/share/doc/
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/share/doc/sing-box/
-rw-r--r-- 0/0 143 2025-05-05 04:09 ./usr/share/doc/sing-box/changelog.gz
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/share/licenses/
drwxr-xr-x 0/0 0 2025-05-05 04:09 ./usr/share/licenses/sing-box/
-rw-r--r-- 0/0 791 2025-05-05 04:07 ./usr/share/licenses/sing-box/LICENSE
4.修改配置文件
vim /etc/sing-box/config.json
5.启动sing-box
systemctl start sing-box.servicesystemctl enable --now sing-box.service
6.查看sing-box状态
systemctl status sing-box.service
sing-box
root@gaga:~/singbox# sing-box -h
Usage:
sing-box [command]
Available Commands:
check Check configuration
completion Generate the autocompletion script for the specified shell
format Format configuration
generate Generate things
geoip GeoIP tools
geosite Geosite tools
help Help about any command
merge Merge configurations
rule-set Manage rule-sets
run Run service
tools Experimental tools
version Print current version of sing-box
Flags:
-c, --config stringArray set configuration file path
-C, --config-directory stringArray set configuration directory path
-D, --directory string set working directory
--disable-color disable color output
-h, --help help for sing-box
Use "sing-box [command] --help" for more information about a command.
sing-box服务端shadowtls配置
m1.socks/http代理模式
{
"inbounds": [
{
"type": "shadowtls",
"listen_port": 443,
"handshake": {
"server": "www.bing.com",
"server_port": 443
},
"detour": "shadowsocks-in"
},
{
"type": "shadowsocks",
"tag": "shadowsocks-in",
"listen": "127.0.0.1",
"method": "2022-blake3-aes-128-gcm",
"password": "8JCsPssfgS8tiRwiMlhARg=="
}
]
}
sing-box客户端shadowtls配置 config.json
./sing-box run
{
"inbounds": [
{
"type": "mixed",
"listen_port": 1080,
"sniff": true,
"set_system_proxy": true
}
],
"outbounds": [
{
"type": "shadowsocks",
"method": "2022-blake3-aes-128-gcm",
"password": "8JCsPssfgS8tiRwiMlhARg==",
"detour": "shadowtls-out",
"multiplex": {
"enabled": true,
"max_connections": 4,
"min_streams": 4
}
},
{
"type": "shadowtls",
"tag": "shadowtls-out",
"server": "填写服务器ip地址",
"server_port": 443,
"tls": {
"enabled": true,
"server_name": "www.bing.com"
}
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
}
],
"route": {
"rules": [
{
"geosite": "category-ads-all",
"outbound": "block"
},
{
"geosite": "cn",
"geoip": "cn",
"outbound": "direct"
}
]
}
}
m2.TUN模式
{
"dns": {
"servers": [
{
"tag": "google",
"address": "tls://8.8.8.8"
},
{
"tag": "local",
"address": "223.5.5.5",
"detour": "direct"
}
],
"rules": [
{
"geosite": "cn",
"server": "local"
}
],
"strategy": "ipv4_only"
},
"inbounds": [
{
"type": "tun",
"inet4_address": "172.19.0.1/30",
"auto_route": true,
"sniff": true
}
],
"outbounds": [
{
"type": "shadowsocks",
"method": "2022-blake3-aes-128-gcm",
"password": "8JCsPssfgS8tiRwiMlhARg==",
"detour": "shadowtls-out",
"multiplex": {
"enabled": true,
"max_connections": 4,
"min_streams": 4
}
},
{
"type": "shadowtls",
"tag": "shadowtls-out",
"server": "填写服务器ip地址",
"server_port": 443,
"tls": {
"enabled": true,
"server_name": "www.bing.com"
}
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
},
{
"type": "dns",
"tag": "dns-out"
}
],
"route": {
"rules": [
{
"protocol": "dns",
"outbound": "dns-out"
},
{
"geosite": "category-ads-all",
"outbound": "block"
},
{
"geosite": "cn",
"geoip": "cn",
"outbound": "direct"
}
],
"auto_detect_interface": true
}
}