这是一个创建于 332 天前的主题,其中的信息可能已经有所发展或是发生改变。
配置是跟着不良林大佬的基础上修改的,但是我用闲置的 mac 启动 sing box ,本机可以正常连外网,但是局域网设备的网关&dns 指向 mac ip 都不行。
应该不是 mac 的防火墙原因,mac 上防火墙都是全关状态,alst 的网盘还是可以正常访问的
折腾几天各种换配置都不行,希望大佬可以指点下
{ "log": { "disabled": false, "level": "info", "timestamp": true }, "dns": { "servers": [ { "tag": "default-dns", "address": "223.5.5.5", "detour": "direct-out" }, { "tag": "system-dns", "address": "local", "detour": "direct-out" }, { "tag": "block-dns", "address": "rcode://name_error" }, { "tag": "google", "address": "https://dns.google/dns-query", "address_resolver": "default-dns", "address_strategy": "ipv4_only", "strategy": "ipv4_only", "client_subnet": "59.36.166.66" } ], "rules": [ { "outbound": "any", "server": "default-dns" }, { "query_type": "HTTPS", "server": "block-dns" }, { "clash_mode": "direct", "server": "default-dns" }, { "clash_mode": "global", "server": "google" }, { "rule_set": "cnsite", "server": "default-dns" } ], "strategy": "ipv4_only", "disable_cache": false, "disable_expire": false, "independent_cache": false, "final": "google" }, "inbounds": [ { "type": "tun", "address": "172.19.0.1/30", "auto_route": true, "strict_route": false, "sniff": true, "sniff_override_destination": true } ], "outbounds": [ { "type": "direct", "tag": "direct-out" }, { "type": "block", "tag": "block-out" }, { "type": "dns", "tag": "dns-out" }, { "type": "urltest", "tag": "自动选择", "outbounds": [ "美国" ] }, { "type": "selector", "tag": "手动选择", "outbounds": [ "direct-out", "block-out", "自动选择", "美国" ], "default": "自动选择" }, { "type": "selector", "tag": "GLOBAL", "outbounds": [ "direct-out", "手动选择", "自动选择", "美国" ], "default": "手动选择" }, { "type": "vless", "tag": "美国" } ], "route": { "rules": [ { "protocol": "dns", "outbound": "dns-out" }, { "protocol": "quic", "outbound": "block-out" }, { "clash_mode": "direct", "outbound": "direct-out" }, { "clash_mode": "global", "outbound": "GLOBAL" }, { "rule_set": [ "cnip", "cnsite" ], "outbound": "direct-out" } ], "rule_set": [ { "type": "remote", "tag": "cnip", "format": "binary", "url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo-lite/geoip/cn.srs", "download_detour": "direct-out" }, { "type": "remote", "tag": "cnsite", "format": "binary", "url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo-lite/geosite/cn.srs", "download_detour": "direct-out" } ], "auto_detect_interface": true, "final": "手动选择" }, "experimental": { "clash_api": { "external_controller": "0.0.0.0:9090", "external_ui_download_url": "https://github.com/MetaCubeX/metacubexd/archive/refs/heads/gh-pages.zip", "external_ui_download_detour": "手动选择", "default_mode": "rule" } } }  | 1 lpt0 332 天前 via Android mac 是软路由? |
 | 2 guangnan OP @lpt0 就是闲置的一个旧 mac 当旁路由,想翻墙的设备就把网关和 dns 指向 mac 这个 ip 之前用 clash 都没啥问题,换成 sing box 就不可以了 |
| 3 lpt0 332 天前 参考一下我的,尤其是 inbound 部分 https://raw.githubusercontent.com/Laputa0/archrouter/refs/heads/main/debian_sysroot/etc/sing-box/ config.json.with-dns.bak |
| 4 lpt0 332 天前 route rules 部分似乎没有处理 private ip 走直连 |
 | 5 leehaoze98 332 天前 配置看着没啥毛病,如果是走的无线网,mac 上没开启 IP 动态伪装,很可能是包从主路由发出去的时候没做 NAT ,可以去主路由上用 tcpdump 抓一下发出去的包看看 |
 | 6 zfabl 332 天前 inbounds tun 加上"auto_redirect": true |
 | 7 Laoz666 332 天前 mac 有个互联网共享 开开 |
 | 8 Ipsum 331 天前 via Android nat 做了吗? ipforward 做了吗? |
 | 9 leon2023 330 天前 我也折腾了一段时间,始终有些问题,放弃了,感觉还是 v2 或者 clash 稳定 |
 | 10 owt5008137 327 天前 via Android 不太了解 mac ,但是 linux 要当路由是要加载转发相关的内核模块且 sysctl 开启 ip_forward 的。不然默认是不允许转发子网数据包的 |
Select Language