sing-box/docs/configuration/inbound/socks.md

socks inbound is a socks4, socks4a, socks5 server.

Structure

{
  "inbounds": [
    {
      "type": "socks",
      "tag": "socks-in",
      
      "listen": "::",
      "listen_port": 2080,
      "tcp_fast_open": false,
      "sniff": false,
      "sniff_override_destination": false,
      "domain_strategy": "prefer_ipv6",
      
      "users": [
        {
          "username": "admin",
          "password": "admin"
        }
      ]
    }
  ]
}

Listen Fields

listen

Listen address.

listen_port

Listen port.

tcp_fast_open

Enable tcp fast open for listener.

sniff

Enable sniffing.

Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP.

This does not break zero copy, like splice.

sniff_override_destination

Override the connection destination address with the sniffed domain.

If the domain name is invalid (like tor), this will not work.

domain_strategy

One of prefer_ipv4 prefer_ipv6 ipv4_only ipv6_only.

If set, the requested domain name will be resolved to IP before routing.

If sniff_override_destination is in effect, its value will be taken as a fallback.

Socks Fields

users

Socks users.

No authentication required if empty.