ChenTanyi · May 10, 2024 20:56
diff --git a/config.json b/config.json
 {
  "log": {
    "loglevel": "warning"
  },
  "inbounds": [
    {
      "listen": "0.0.0.0",
      "port": 1080,
      "protocol": "socks",
      "settings": {
        "auth": "noauth",
        "timeout": 300,
        "udp": true
      }
    },
    {
      "protocol": "http",
      "port": 8087,
      "settings": {}
    },
    {
      "listen": "0.0.0.0",
      "port": 1081,
      "protocol": "socks",
      "settings": {
        "auth": "noauth",
        "timeout": 300,
        "udp": true
      },
      "tag": "global-in1"
    },
    {
      "protocol": "http",
      "port": 8088,
      "settings": {},
      "tag": "global-in2"
    }
  ],
  "outbounds": [
    {
      "protocol": "vless",
      "settings": {
        "vnext": [
          {
            "address": "$ADDR",
            "port": 443,
            "users": [
              {
                "id": "$UUID",
                "encryption": "none",
                "level": 0
              }
            ]
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path": "/$WSPATH"
        },
        "security": "tls"
      }
    },
    {
      "protocol": "vless",
      "tag": "global",
      "settings": {
        "vnext": [
          {
            "address": "$ADDR",
            "port": 443,
            "users": [
              {
                "id": "$UUID",
                "encryption": "none",
                "level": 0
              }
            ]
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path": "/$WSPATH"
        },
        "security": "tls"
      }
    },
    {
      "protocol": "freedom",
      "tag": "direct"
    },
    {
      "protocol": "blackhole",
      "tag": "block"
    },
    {
      "protocol": "dns",
      "tag": "dns"
    }
  ],
  "routing": {
    "domainStrategy": "IPIfNonMatch",
    "rules": [
      {
        "type": "field",
        "ip": ["8.8.8.8", "8.8.4.4", "1.1.1.1", "1.0.0.1"],
        "outboundTag": "direct"
      },
      {
        "type": "field",
        "inboundTag": ["global-in1", "global-in2"],
        "ip": ["geoip:private", "geoip:cn"],
        "outboundTag": "block"
      },
      {
        "type": "field",
        "ip": ["224.0.0.0/4"],
        "outboundTag": "block"
      },
      {
        "type": "field",
        "network": "udp",
        "port": 123,
        "outboundTag": "block"
      },
      {
        "type": "field",
        "network": "udp",
        "port": 53,
        "outboundTag": "dns"
      },
      {
        "type": "field",
        "inboundTag": [
          "global-in1",
          "global-in2"
        ],
        "outboundTag": "global"
      }
    ]
  },
  "dns": {
    "servers": [
      "8.8.8.8",
      "8.8.4.4",
      "1.1.1.1",
      "1.0.0.1",
      "localhost"
    ]
  }
 }
diff --git a/tun2socks_for_windows.py b/tun2socks_for_windows.py
 #!/usr/bin/env python3
 '''
    Simple way to enable tun2socks in windows, as all need run as admin, build a script to easy use
    Requirements:
        1. a socks5 proxy server in LAN, as LAN would be auto-added and not be affected by default route
        2. tun2socks.exe from https://github.com/xjasonlyu/tun2socks
        3. wintun.dll from https://www.wintun.net/
    Steps:
        1. Download all dependencies with this py into one folder
        2. Create a shortcut with "python tun2socks_for_windows.py" in this folder
        3. Right click the shortcut and edit the "Start in" in properties to the current folder. (It would always be set to the python folder)
        4. Right click the shortcut, run as admin
 '''
 import os
 import sys
 import time
 import signal
 import subprocess

 server = '192.168.1.100:1080' # change the server address if needed
 device = 'wintun'
 tunIp = '10.251.251.10/24'
 gateway = '10.251.251.1'

 def check_exist(word, command):
    while True:
        result = subprocess.run(command, stdout = subprocess.PIPE).stdout
        time.sleep(0.1)
        if word.encode('utf-8') in result:
            break
        print(f'finding {word} in "{command}"...')

 p = subprocess.Popen(f'tun2socks -device {device} -proxy socks5://{server}')
 check_exist(f'{device}', 'ipconfig')

 subprocess.run(f'netsh interface ip set address {device} static {tunIp} gateway={gateway}')
 check_exist(gateway, 'route print')
 time.sleep(5) # it seems route add would be failed right after the address set

 # # enable the following line if default route doesn't work
 # subprocess.run(f'route add 0.0.0.0/1 {gateway}')
 # subprocess.run(f'route add 128.0.0.0/1 {gateway}')

 while True:
    time.sleep(1)
diff --git a/tun2socks_for_windows_local.py b/tun2socks_for_windows_local.py
 #!/usr/bin/env python3
 '''
    Simple way to enable tun2socks in windows, as all need run as admin, build a script to easy use
    Requirements:
        1. a socks5 proxy server
        2. tun2socks.exe from https://github.com/xjasonlyu/tun2socks
        3. wintun.dll from https://www.wintun.net/
    Steps:
        1. Download all dependencies with this py into one folder
        2. Create a shortcut with "python tun2socks_for_windows.py" in this folder
        3. Right click the shortcut and edit the "Start in" in properties to the current folder. (It would always be set to the python folder)
        4. Right click the shortcut, run as admin
 '''
 import os
 import sys
 import time
 import signal
 import subprocess

 server = '127.0.0.1:1080' # change the server address if needed
 directs = ['8.8.8.8/32', '8.8.4.4/32', '1.1.1.1/32', '1.0.0.1/32',] # add ip not through tun, usually the server address to avoid loop
 defaultGateway = '192.168.1.1' # the default gateway, usually the router address

 device = 'wintun'
 tunIp = '10.251.251.10/24'
 gateway = '10.251.251.1'

 def check_exist(word, command):
    while True:
        result = subprocess.run(command, stdout = subprocess.PIPE).stdout
        time.sleep(0.1)
        if word.encode('utf-8') in result:
            break
        print(f'finding {word} in "{command}"...')

 for ip in directs:
    subprocess.run(f'route add {ip} {defaultGateway}')

 try:
    p = subprocess.Popen(f'tun2socks -device {device} -proxy socks5://{server}')
    check_exist(f'{device}', 'ipconfig')

    subprocess.run(f'netsh interface ip set address {device} static {tunIp} gateway={gateway}')
    check_exist(gateway, 'route print')
    time.sleep(5) # it seems route add would be failed right after the address set

    # # enable the following line if default route doesn't work
    # subprocess.run(f'route add 0.0.0.0/1 {gateway}')
    # subprocess.run(f'route add 128.0.0.0/1 {gateway}')

    while True:
        time.sleep(1)
 finally:
    for ip in directs:
        subprocess.run(f'route delete {ip}')
	{
	"log": {
	"loglevel": "warning"
	},
	"inbounds": [
	{
	"listen": "0.0.0.0",
	"port": 1080,
	"protocol": "socks",
	"settings": {
	"auth": "noauth",
	"timeout": 300,
	"udp": true
	}
	},
	{
	"protocol": "http",
	"port": 8087,
	"settings": {}
	},
	{
	"listen": "0.0.0.0",
	"port": 1081,
	"protocol": "socks",
	"settings": {
	"auth": "noauth",
	"timeout": 300,
	"udp": true
	},
	"tag": "global-in1"
	},
	{
	"protocol": "http",
	"port": 8088,
	"settings": {},
	"tag": "global-in2"
	}
	],
	"outbounds": [
	{
	"protocol": "vless",
	"settings": {
	"vnext": [
	{
	"address": "$ADDR",
	"port": 443,
	"users": [
	{
	"id": "$UUID",
	"encryption": "none",
	"level": 0
	}
	]
	}
	]
	},
	"streamSettings": {
	"network": "ws",
	"wsSettings": {
	"path": "/$WSPATH"
	},
	"security": "tls"
	}
	},
	{
	"protocol": "vless",
	"tag": "global",
	"settings": {
	"vnext": [
	{
	"address": "$ADDR",
	"port": 443,
	"users": [
	{
	"id": "$UUID",
	"encryption": "none",
	"level": 0
	}
	]
	}
	]
	},
	"streamSettings": {
	"network": "ws",
	"wsSettings": {
	"path": "/$WSPATH"
	},
	"security": "tls"
	}
	},
	{
	"protocol": "freedom",
	"tag": "direct"
	},
	{
	"protocol": "blackhole",
	"tag": "block"
	},
	{
	"protocol": "dns",
	"tag": "dns"
	}
	],
	"routing": {
	"domainStrategy": "IPIfNonMatch",
	"rules": [
	{
	"type": "field",
	"ip": ["8.8.8.8", "8.8.4.4", "1.1.1.1", "1.0.0.1"],
	"outboundTag": "direct"
	},
	{
	"type": "field",
	"inboundTag": ["global-in1", "global-in2"],
	"ip": ["geoip:private", "geoip:cn"],
	"outboundTag": "block"
	},
	{
	"type": "field",
	"ip": ["224.0.0.0/4"],
	"outboundTag": "block"
	},
	{
	"type": "field",
	"network": "udp",
	"port": 123,
	"outboundTag": "block"
	},
	{
	"type": "field",
	"network": "udp",
	"port": 53,
	"outboundTag": "dns"
	},
	{
	"type": "field",
	"inboundTag": [
	"global-in1",
	"global-in2"
	],
	"outboundTag": "global"
	}
	]
	},
	"dns": {
	"servers": [
	"8.8.8.8",
	"8.8.4.4",
	"1.1.1.1",
	"1.0.0.1",
	"localhost"
	]
	}
	}
	#!/usr/bin/env python3
	'''
	Simple way to enable tun2socks in windows, as all need run as admin, build a script to easy use
	Requirements:
	1. a socks5 proxy server in LAN, as LAN would be auto-added and not be affected by default route
	2. tun2socks.exe from https://github.com/xjasonlyu/tun2socks
	3. wintun.dll from https://www.wintun.net/
	Steps:
	1. Download all dependencies with this py into one folder
	2. Create a shortcut with "python tun2socks_for_windows.py" in this folder
	3. Right click the shortcut and edit the "Start in" in properties to the current folder. (It would always be set to the python folder)
	4. Right click the shortcut, run as admin
	'''
	import os
	import sys
	import time
	import signal
	import subprocess

	server = '192.168.1.100:1080' # change the server address if needed
	device = 'wintun'
	tunIp = '10.251.251.10/24'
	gateway = '10.251.251.1'

	def check_exist(word, command):
	while True:
	result = subprocess.run(command, stdout = subprocess.PIPE).stdout
	time.sleep(0.1)
	if word.encode('utf-8') in result:
	break
	print(f'finding {word} in "{command}"...')

	p = subprocess.Popen(f'tun2socks -device {device} -proxy socks5://{server}')
	check_exist(f'{device}', 'ipconfig')

	subprocess.run(f'netsh interface ip set address {device} static {tunIp} gateway={gateway}')
	check_exist(gateway, 'route print')
	time.sleep(5) # it seems route add would be failed right after the address set

	# # enable the following line if default route doesn't work
	# subprocess.run(f'route add 0.0.0.0/1 {gateway}')
	# subprocess.run(f'route add 128.0.0.0/1 {gateway}')

	while True:
	time.sleep(1)