感谢O大佬的天书秘籍和一对一地指导,让我用上了sing-box tun,我现在记录一下过程

全新ubuntu23.10安装

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
apt update
apt upgrade -y 
apt -y install curl git build-essential libssl-dev libevent-dev zlib1g-dev gcc-mingw-w64

curl -L https://go.dev/dl/go1.20.10.linux-amd64.tar.gz -o go1.20.10.linux-amd64.tar.gz
tar -C /usr/local -xzf go1.20.10.linux-amd64.tar.gz
echo 'export PATH=$PATH:/usr/local/go/bin' > /etc/profile.d/golang.sh
source /etc/profile.d/golang.sh

go install -v -tags with_quic,with_grpc,with_dhcp,with_wireguard,with_shadowsocksr,with_ech,with_utls,with_reality_server,with_clash_api,with_gvisor,with_v2ray_api,with_lwip,with_acme github.com/sagernet/sing-box/cmd/sing-box@latest

cp $(go env GOPATH)/bin/sing-box /usr/local/bin/
mkdir -p /usr/local/etc/sing-box

nano /etc/systemd/system/sing-box.service

粘贴下面代码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[Unit]
Description=sing-box service
Documentation=https://sing-box.sagernet.org
After=network.target nss-lookup.target

[Service]
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
ExecStart=/usr/local/bin/sing-box run -c /usr/local/etc/sing-box/config.json
Restart=on-failure
RestartSec=1800s
LimitNOFILE=infinity

[Install]
WantedBy=multi-user.target
nano /usr/local/etc/sing-box/config.json

这里复制黏贴json(粘贴下面json代码)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
  {
    "log": {
   "disabled": false,
   "level": "info",
   "output": "usr/local/etc/sing-box/sing-box.log",
   "timestamp": true
   },
     "dns": {
     "servers": [
    {
      "tag": "mosdns",
      "address": "udp://192.168.66.210:53",  #66.210是mosdns,换自己的。
      "strategy": "ipv4_only",
      "detour": "direct"
    },
    {
      "tag": "block",
      "address": "rcode://success"
    }
  ],
      "strategy": "prefer_ipv4",
      "disable_cache": false,
      "disable_expire": false
  },
  "inbounds": [
    {
      "type": "mixed",
      "listen": "::",
      "listen_port": 10000
    },
    {
      "type": "direct",
      "tag": "dns-in",
      "network": "udp",
      "listen": "::",
      "listen_port": 53
    },
      {
      "type": "tun",
      "interface_name": "utun",
      "inet4_address": "172.19.0.1/30",
      "auto_route": true,
      "strict_route": true,
      "stack": "system",
      "mtu": 9000,
      "sniff": true,
      "sniff_timeout": "300ms",
      "udp_timeout": 300
   }  
  ],
  "outbounds": [
      {
          "type": "vless",
   "tag": "proxy",
          "server": "X.X.X.X",    #reality协议,换自己服务器IP
          "server_port": X.X.X.X,      #服务器端口
          "uuid": "X.X.X.X",          #填uuid
          "flow": "xtls-rprx-vision",
          "tls": {
              "enabled": true,
              "server_name": "X.X.X.X",      #填偷的网址
              "utls": {
                  "enabled": true,
                  "fingerprint": "chrome"
              },
              "reality": {
                  "enabled": true,
                  "public_key": "X.X.X.X",     #填public_key
                  "short_id": "X.X.X.X"          #short_id
              }
          },
          "packet_encoding": "xudp"
      },
         {
          "type": "direct",
          "tag": "direct"
      },
      {
          "type": "block",
          "tag": "block"
      },
      {
          "type": "dns",
          "tag": "mosdns"
      }
  ],
  "route": {
   "geoip": {
      "path": "root/geoip.db",
      "download_url": "https://github.com/SagerNet/sing-geoip/releases/latest/download/geoip.db",
      "download_detour": "proxy"
      },
"geosite": {
      "path": "root/geosite.db",
      "download_url": "https://github.com/SagerNet/sing-geosite/releases/latest/download/geosite.db",
      "download_detour": "proxy"
      },
      "rules": [
      {
      "inbound": "dns-in",
      "outbound": "mosdns"
      },
      {
      "protocol": "dns",
      "outbound": "mosdns"
      },
      {
      "network": "udp",
      "port": 443,
      "outbound": "block"
      },		
      {
      "geosite": "cn",
      "geoip": [
        "private",
        "cn"
      ],
      "outbound": "direct"
      },
      {
      "geosite": "category-ads-all",
      "outbound": "block"
      }
  ],
      "final": "proxy",
      "auto_detect_interface": true
  },
  "experimental": {
  "clash_api": {
  "external_controller": "0.0.0.0:9090",
  "store_selected": true
     }
   }
  }

运行sing-box

1
2
systemctl enable --now sing-box
systemctl status sing-box
sudo nano /etc/sysctl.conf( 优先改动下面这个)

1
2
net.ipv4.ip_forward=1
sysctl --system

最后关于面板 : docker里面安装 :

docker run -d --restart always -p 6800:80 --name metacubexd ghcr.io/metacubex/metacubexd

问题汇总:
运行systemctl enable –now sing-box卡住
解决办法:
先ctrl+c结束当前进程,运行nano /etc/systemd/resolved.conf,倒数第四行,# 去了, yes 改成 NO,变成 DNSStubListener=no 保存退出。
然后运行sudo systemctl reload-or-restart systemd-resolved,然后运行systemctl restart sing-box,再运行systemctl status sing-box。这时发现已经通了。