如题,是在 Mac 上用 Gui For SingBox 配置的,对应版本如下:
- MacOS:15.4
- Gui For SingBox:1.9.5
- singbox 内核:1.11.7
开启之后可以访问 https://google.com 以及 https://docker.com
但是无法访问 https://hub.docker.com 以及 https://youtube.com
通过 curl 发现会返回一个错误的证书
curl -vv https://hub.docker.com
* Host hub.docker.com:443 was resolved.
* IPv6: (none)
* IPv4: 157.240.12.5
* Trying 157.240.12.5:443...
* Connected to hub.docker.com (157.240.12.5) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/ssl/cert.pem
* CApath: none
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256 / [blank] / UNDEF
* ALPN: server accepted h2
* Server certificate:
* subject: C=US; ST=California; L=Menlo Park; O=Meta Platforms, Inc.; CN=*.atlassolutions.com
* start date: Jan 24 00:00:00 2025 GMT
* expire date: Apr 24 23:59:59 2025 GMT
* subjectAltName does not match host name hub.docker.com
* SSL: no alternative certificate subject name matches target host name 'hub.docker.com'
* Closing connection
curl: (60) SSL: no alternative certificate subject name matches target host name 'hub.docker.com'
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
对应的 singbox 配置如下,隐藏了节点的配置
{
"log": {
"disabled": false,
"level": "info",
"output": "",
"timestamp": false
},
"experimental": {
"clash_api": {
"external_controller": "127.0.0.1:20123",
"external_ui": "",
"external_ui_download_url": "",
"external_ui_download_detour": "🎯 Direct",
"secret": "ID_r4fgwjn7",
"default_mode": "rule",
"access_control_allow_origin": [
"*"
],
"access_control_allow_private_network": false
},
"cache_file": {
"enabled": true,
"path": "cache.db",
"cache_id": "",
"store_fakeip": true,
"store_rdrc": true,
"rdrc_timeout": "7d"
}
},
"inbounds": [
{
"type": "mixed",
"tag": "mixed-in",
"listen": "127.0.0.1",
"listen_port": 20122,
"tcp_fast_open": false,
"tcp_multi_path": false,
"udp_fragment": false
}
],
"outbounds": ["节点信息..."],
"route": {
"rules": [
{
"action": "route",
"rule_set": [
"Youtube",
"Docker"
],
"outbound": "🚀 Select"
},
{
"action": "route",
"rule_set": [
"Bilibili"
],
"outbound": "🎯 Direct"
},
{
"action": "hijack-dns",
"protocol": "dns"
},
{
"action": "route",
"clash_mode": "direct",
"outbound": "🎯 Direct"
},
{
"action": "route",
"clash_mode": "global",
"outbound": "GLOBAL"
},
{
"action": "reject",
"protocol": "quic"
},
{
"action": "reject",
"rule_set": [
"Category-Ads"
]
},
{
"action": "route",
"rule_set": [
"GeoSite-Private"
],
"outbound": "🎯 Direct"
},
{
"action": "route",
"rule_set": [
"GeoSite-CN"
],
"outbound": "🎯 Direct"
},
{
"action": "route",
"rule_set": [
"GeoIP-Private"
],
"outbound": "🎯 Direct"
},
{
"action": "route",
"rule_set": [
"GeoIP-CN"
],
"outbound": "🎯 Direct"
},
{
"action": "route",
"rule_set": [
"GeoLocation-!CN"
],
"outbound": "🚀 Select"
}
],
"rule_set": [
{
"tag": "Youtube",
"type": "remote",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/youtube.srs",
"format": "binary",
"download_detour": "🚀 Select"
},
{
"tag": "Docker",
"type": "remote",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/refs/heads/sing/geo/geosite/docker.srs",
"format": "binary",
"download_detour": "🚀 Select"
},
{
"tag": "Bilibili",
"type": "remote",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/refs/heads/sing/geo-lite/geosite/bilibili.srs",
"format": "binary",
"download_detour": "🚀 Select"
},
{
"tag": "Category-Ads",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-ads-all.srs",
"format": "binary",
"download_detour": "🎯 Direct"
},
{
"tag": "GeoIP-Private",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/private.srs",
"format": "binary",
"download_detour": "🎯 Direct"
},
{
"tag": "GeoSite-Private",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/private.srs",
"format": "binary",
"download_detour": "🎯 Direct"
},
{
"tag": "GeoIP-CN",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs",
"format": "binary",
"download_detour": "🎯 Direct"
},
{
"tag": "GeoSite-CN",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/cn.srs",
"format": "binary",
"download_detour": "🎯 Direct"
},
{
"tag": "GeoLocation-!CN",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs",
"format": "binary",
"download_detour": "🎯 Direct"
}
],
"auto_detect_interface": true,
"final": "🐟 Fallback"
},
"dns": {
"servers": [
{
"tag": "FakeIp",
"address": "fakeip"
},
{
"tag": "Local-DNS",
"address": "https://223.5.5.5:443/dns-query",
"address_resolver": "Local-DNS-Resolver",
"detour": "🎯 Direct"
},
{
"tag": "Local-DNS-Resolver",
"address": "udp://223.5.5.5:53",
"detour": "🎯 Direct"
},
{
"tag": "Remote-DNS",
"address": "tls://8.8.8.8:853",
"address_resolver": "Remote-DNS-Resolver",
"detour": "🚀 Select"
},
{
"tag": "Remote-DNS-Resolver",
"address": "udp://8.8.8.8:53",
"detour": "🚀 Select"
}
],
"rules": [
{
"action": "route",
"server": "Local-DNS",
"outbound": "any"
},
{
"action": "route",
"rule_set": [
"GeoLocation-!CN"
],
"server": "Remote-DNS"
},
{
"action": "route",
"rule_set": [
"GeoSite-CN"
],
"server": "Local-DNS"
}
],
"disable_cache": false,
"disable_expire": false,
"independent_cache": false,
"final": "Remote-DNS",
"fakeip": {
"enabled": true
}
}
}
2 条回复 • 2025-04-17 16:27:45 +08:00
 |
1
clhlc 10 天前
inbound 是 mix ,命令行使用 curl 需要加上代理;建议 inbound 使用 tun 模式
|
 |
2
airycanon OP @clhlc 感谢回复,不好意思,这个是我刚刚手动配置的,忘记打开了,打开之后仍然不行,打开 tun 之后的配置:
``` "inbounds": [ { "type": "mixed", "tag": "mixed-in", "listen": "127.0.0.1", "listen_port": 20122, "tcp_fast_open": false, "tcp_multi_path": false, "udp_fragment": false }, { "type": "tun", "tag": "tun-in", "interface_name": "", "address": [ "172.18.0.1/30", "fdfe:dcba:9876::1/126" ], "mtu": 9000, "auto_route": true, "strict_route": true, "route_address": [ "0.0.0.0/1", "128.0.0.0/1", "::/1", "8000::/1" ], "endpoint_independent_nat": false, "stack": "mixed" } ] ```gment": false }, { "type": "tun", "tag": "tun-in", "interface_name": "", "address": [ "172.18.0.1/30", "fdfe:dcba:9876::1/126" ], "mtu": 9000, "auto_route": true, "strict_route": true, "route_address": [ "0.0.0.0/1", "128.0.0.0/1", "::/1", "8000::/1" ], "endpoint_independent_nat": false, "stack": "mixed" } ] ``` |
Select Language