github.com/sagernet/sing-box@v1.2.7/docs/configuration/route/rule.md (about) 1 ### Structure 2 3 ```json 4 { 5 "route": { 6 "rules": [ 7 { 8 "inbound": [ 9 "mixed-in" 10 ], 11 "ip_version": 6, 12 "network": "tcp", 13 "auth_user": [ 14 "usera", 15 "userb" 16 ], 17 "protocol": [ 18 "tls", 19 "http", 20 "quic" 21 ], 22 "domain": [ 23 "test.com" 24 ], 25 "domain_suffix": [ 26 ".cn" 27 ], 28 "domain_keyword": [ 29 "test" 30 ], 31 "domain_regex": [ 32 "^stun\\..+" 33 ], 34 "geosite": [ 35 "cn" 36 ], 37 "source_geoip": [ 38 "private" 39 ], 40 "geoip": [ 41 "cn" 42 ], 43 "source_ip_cidr": [ 44 "10.0.0.0/24", 45 "192.168.0.1" 46 ], 47 "ip_cidr": [ 48 "10.0.0.0/24", 49 "192.168.0.1" 50 ], 51 "source_port": [ 52 12345 53 ], 54 "source_port_range": [ 55 "1000:2000", 56 ":3000", 57 "4000:" 58 ], 59 "port": [ 60 80, 61 443 62 ], 63 "port_range": [ 64 "1000:2000", 65 ":3000", 66 "4000:" 67 ], 68 "process_name": [ 69 "curl" 70 ], 71 "process_path": [ 72 "/usr/bin/curl" 73 ], 74 "package_name": [ 75 "com.termux" 76 ], 77 "user": [ 78 "sekai" 79 ], 80 "user_id": [ 81 1000 82 ], 83 "clash_mode": "direct", 84 "invert": false, 85 "outbound": "direct" 86 }, 87 { 88 "type": "logical", 89 "mode": "and", 90 "rules": [], 91 "invert": false, 92 "outbound": "direct" 93 } 94 ] 95 } 96 } 97 98 ``` 99 100 !!! note "" 101 102 You can ignore the JSON Array [] tag when the content is only one item 103 104 ### Default Fields 105 106 !!! note "" 107 108 The default rule uses the following matching logic: 109 (`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite` || `geoip` || `ip_cidr`) && 110 (`port` || `port_range`) && 111 (`source_geoip` || `source_ip_cidr`) && 112 (`source_port` || `source_port_range`) && 113 `other fields` 114 115 #### inbound 116 117 Tags of [Inbound](/configuration/inbound). 118 119 #### ip_version 120 121 4 or 6. 122 123 Not limited if empty. 124 125 #### auth_user 126 127 Username, see each inbound for details. 128 129 #### protocol 130 131 Sniffed protocol, see [Sniff](/configuration/route/sniff/) for details. 132 133 #### network 134 135 `tcp` or `udp`. 136 137 #### domain 138 139 Match full domain. 140 141 #### domain_suffix 142 143 Match domain suffix. 144 145 #### domain_keyword 146 147 Match domain using keyword. 148 149 #### domain_regex 150 151 Match domain using regular expression. 152 153 #### geosite 154 155 Match geosite. 156 157 #### source_geoip 158 159 Match source geoip. 160 161 #### geoip 162 163 Match geoip. 164 165 #### source_ip_cidr 166 167 Match source ip cidr. 168 169 #### ip_cidr 170 171 Match ip cidr. 172 173 #### source_port 174 175 Match source port. 176 177 #### source_port_range 178 179 Match source port range. 180 181 #### port 182 183 Match port. 184 185 #### port_range 186 187 Match port range. 188 189 #### process_name 190 191 !!! error "" 192 193 Only supported on Linux, Windows, and macOS. 194 195 Match process name. 196 197 #### process_path 198 199 !!! error "" 200 201 Only supported on Linux, Windows, and macOS. 202 203 Match process path. 204 205 #### package_name 206 207 Match android package name. 208 209 #### user 210 211 !!! error "" 212 213 Only supported on Linux. 214 215 Match user name. 216 217 #### user_id 218 219 !!! error "" 220 221 Only supported on Linux. 222 223 Match user id. 224 225 #### clash_mode 226 227 Match Clash mode. 228 229 #### invert 230 231 Invert match result. 232 233 #### outbound 234 235 ==Required== 236 237 Tag of the target outbound. 238 239 ### Logical Fields 240 241 #### type 242 243 `logical` 244 245 #### mode 246 247 `and` or `or` 248 249 #### rules 250 251 Included default rules. 252 253 #### invert 254 255 Invert match result. 256 257 #### outbound 258 259 ==Required== 260 261 Tag of the target outbound.