Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sing box缺省配置中geoip:cn实质上不生效 #454

Closed
bash99 opened this issue Mar 20, 2023 · 5 comments
Closed

Sing box缺省配置中geoip:cn实质上不生效 #454

bash99 opened this issue Mar 20, 2023 · 5 comments
Labels
enhancement New feature or request question Further information is requested

Comments

@bash99
Copy link

bash99 commented Mar 20, 2023
edited
Loading

描述问题
使用sing-box核心时,访问某些冷门国内域名时,因其不在geosite:cn范围内没匹配直接访问。但是也没有按域名解析到ip,并匹配geoip:cn规则走bypass访问。
入站部分请加入 "domain_strategy": "prefer_ipv4" 即可生效。

预期行为:
走bypass路由访问

实际行为:
走了proxy访问

如何复现
增加一个自定义入站进行对比

        {
            "domain_strategy": "prefer_ipv4",
            "listen": "::",
            "listen_port": 3080,
            "type": "mixed"
        }

访问bbs.77bike.com,将代理分别设置为缺省的2080和3080进行对比。

日志
2080的日志

INFO[0836] [748105701] inbound/mixed[mixed-in]: inbound connection from 127.0.0.1:56603
INFO[0836] [748105701] inbound/mixed[mixed-in]: inbound connection to bbs.77bike.com:80
INFO[0836] [748105701] outbound/trojan[proxy]: outbound connection to bbs.77bike.com:80

3080的日志

INFO[0881] [3355049828] inbound/mixed[1]: inbound connection from [::1]:56632
INFO[0881] [3355049828] inbound/mixed[1]: inbound connection to bbs.77bike.com:80
INFO[0881] [3355049828] dns: lookup succeed for bbs.77bike.com: 61.147.105.218
INFO[0881] [3355049828] outbound/direct[bypass]: outbound connection to bbs.77bike.com:80

另外,缺省的remote dns选择https://8.8.8.8/dns-query有点慢(tls会话建立有点耗时),建议用 tcp://1.0.0.1

修正办法
用hook js可以解决,下面代码存储为 hook.nekobox.js,放在config目录下,并且配置中启用hook.js(我选了最后一个选项启用+std module,不知道和第二个启用有啥区别)

var globalAny = globalThis;
var my_hook = /** @class */ (function () {
    function my_hook() {
        this.nekoray = globalAny.nekoray;
    }
    my_hook.prototype.hook_core_config = function (config) {
        var json = JSON.parse(config);
        this.nekoray.log(json["inbounds"][0]["listen_port"]);
        json["inbounds"][0]["domain_strategy"] = "prefer_ipv4";
        return JSON.stringify(json);
    };
    my_hook.prototype.hook_vpn_config = function (config) {
        return config; // 返回输入,表示不修改
    };
    my_hook.prototype.hook_vpn_script = function (script) {
        return script;
    };
    my_hook.prototype.hook_import = function (content) {
        return content;
    };
    return my_hook;
}());
globalAny.hook = new my_hook;
@arm64v8a arm64v8a added the question Further information is requested label Mar 20, 2023
@arm64v8a

This comment was marked as outdated.

Sign in to view
@bash99
Copy link
Author

bash99 commented Mar 20, 2023

出站域名策略也可以在路由设置中设置

我尝试过Prefer IPv4等各类策略,都没有效果。

只有这个改inbound的配置有效果

@ghost

This comment was marked as off-topic.

Sign in to view
@arm64v8a arm64v8a added the enhancement New feature or request label Mar 22, 2023
@arm64v8a
Copy link
Contributor

2.20 出入站域名策略 已应用到 mixed-in

@MikoyChinese
Copy link

Same issue in Nekobox(version 2.25). The route rule is from default config of bypass local and china, and the default outbound is proxy.

If I visit a domain not in geosite:cn but ip in geoip:cn, it will go proxy but not bypass. And work fine only by adding domain_strategy value.

@xaoyao xaoyao mentioned this issue Apr 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bash99 @MikoyChinese @arm64v8a