github.com/inazumav/sing-box@v0.0.0-20230926072359-ab51429a14f1/docs/configuration/route/rule.md (about) 1 ### Structure 2 3 ```json 4 { 5 "route": { 6 "rules": [ 7 { 8 "inbound": [ 9 "mixed-in" 10 ], 11 "ip_version": 6, 12 "network": [ 13 "tcp" 14 ], 15 "auth_user": [ 16 "usera", 17 "userb" 18 ], 19 "protocol": [ 20 "tls", 21 "http", 22 "quic" 23 ], 24 "domain": [ 25 "test.com" 26 ], 27 "domain_suffix": [ 28 ".cn" 29 ], 30 "domain_keyword": [ 31 "test" 32 ], 33 "domain_regex": [ 34 "^stun\\..+" 35 ], 36 "geosite": [ 37 "cn" 38 ], 39 "source_geoip": [ 40 "private" 41 ], 42 "geoip": [ 43 "cn" 44 ], 45 "source_ip_cidr": [ 46 "10.0.0.0/24", 47 "192.168.0.1" 48 ], 49 "ip_cidr": [ 50 "10.0.0.0/24", 51 "192.168.0.1" 52 ], 53 "source_port": [ 54 12345 55 ], 56 "source_port_range": [ 57 "1000:2000", 58 ":3000", 59 "4000:" 60 ], 61 "port": [ 62 80, 63 443 64 ], 65 "port_range": [ 66 "1000:2000", 67 ":3000", 68 "4000:" 69 ], 70 "process_name": [ 71 "curl" 72 ], 73 "process_path": [ 74 "/usr/bin/curl" 75 ], 76 "package_name": [ 77 "com.termux" 78 ], 79 "user": [ 80 "sekai" 81 ], 82 "user_id": [ 83 1000 84 ], 85 "clash_mode": "direct", 86 "invert": false, 87 "outbound": "direct" 88 }, 89 { 90 "type": "logical", 91 "mode": "and", 92 "rules": [], 93 "invert": false, 94 "outbound": "direct" 95 } 96 ] 97 } 98 } 99 100 ``` 101 102 !!! note "" 103 104 You can ignore the JSON Array [] tag when the content is only one item 105 106 ### Default Fields 107 108 !!! note "" 109 110 The default rule uses the following matching logic: 111 (`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite` || `geoip` || `ip_cidr`) && 112 (`port` || `port_range`) && 113 (`source_geoip` || `source_ip_cidr`) && 114 (`source_port` || `source_port_range`) && 115 `other fields` 116 117 #### inbound 118 119 Tags of [Inbound](/configuration/inbound). 120 121 #### ip_version 122 123 4 or 6. 124 125 Not limited if empty. 126 127 #### auth_user 128 129 Username, see each inbound for details. 130 131 #### protocol 132 133 Sniffed protocol, see [Sniff](/configuration/route/sniff/) for details. 134 135 #### network 136 137 `tcp` or `udp`. 138 139 #### domain 140 141 Match full domain. 142 143 #### domain_suffix 144 145 Match domain suffix. 146 147 #### domain_keyword 148 149 Match domain using keyword. 150 151 #### domain_regex 152 153 Match domain using regular expression. 154 155 #### geosite 156 157 Match geosite. 158 159 #### source_geoip 160 161 Match source geoip. 162 163 #### geoip 164 165 Match geoip. 166 167 #### source_ip_cidr 168 169 Match source ip cidr. 170 171 #### ip_cidr 172 173 Match ip cidr. 174 175 #### source_port 176 177 Match source port. 178 179 #### source_port_range 180 181 Match source port range. 182 183 #### port 184 185 Match port. 186 187 #### port_range 188 189 Match port range. 190 191 #### process_name 192 193 !!! error "" 194 195 Only supported on Linux, Windows, and macOS. 196 197 Match process name. 198 199 #### process_path 200 201 !!! error "" 202 203 Only supported on Linux, Windows, and macOS. 204 205 Match process path. 206 207 #### package_name 208 209 Match android package name. 210 211 #### user 212 213 !!! error "" 214 215 Only supported on Linux. 216 217 Match user name. 218 219 #### user_id 220 221 !!! error "" 222 223 Only supported on Linux. 224 225 Match user id. 226 227 #### clash_mode 228 229 Match Clash mode. 230 231 #### invert 232 233 Invert match result. 234 235 #### outbound 236 237 ==Required== 238 239 Tag of the target outbound. 240 241 ### Logical Fields 242 243 #### type 244 245 `logical` 246 247 #### mode 248 249 ==Required== 250 251 `and` or `or` 252 253 #### rules 254 255 ==Required== 256 257 Included default rules.