test: Singbox内核定期释放TCP会话列表内存

add sing mux config support

.github/ISSUE_TEMPLATE/bug-report.md

@@ -1,27 +1,25 @@
 ---
 name: "Bug 反馈"
-about: 创建一个报告以帮助我们修复并改进XrayR
+about: 创建一个报告以帮助我们修复并改进V2bX
 title: ''
-labels: awaiting reply, bug
+labels: 
 assignees: ''
 ---
 
 **描述该错误**
 简单地描述一下这个bug是什么
 
-**复现**
-复现该bug的步骤
 
-**环境和版本**
+
- - 系统 [例如：Debian 11]
+**复现**
- - 架构 [例如：AMD64]
+请自行复现，并贴出详细步骤操作过程
- - 面板 [例如：V2board]
+
- - 协议 [例如：vmess]
+
- - 版本 [例如：0.8.2.2]
- - 部署方式 [例如：一键脚本]
 
 **日志和错误**
-请使用`xrayr log`查看并添加日志，以帮助解释你的问题
+请使用`v2bx log`查看并添加日志，没有日志的issue不会得到答复并且会被直接关闭
+
+
 
 **额外的内容**
 在这里添加关于问题的任何其他内容

.github/ISSUE_TEMPLATE/feature-request.md

@@ -1,19 +0,0 @@
----
-name: "功能建议"
-about: 给XrayR提出建议，让我们做得更好
-title: ''
-labels: awaiting reply, feature-request
-assignees: ''
----
-
-**描述您想要的功能**
-
-清晰简洁的功能描述。
-
-**描述您考虑过的替代方案** 
-
-是否有任何替代方案可以解决这个问题？ 
-
-**附加上下文** 
-
-在此处添加有关功能请求的任何其他上下文或截图。

.github/workflows/Publish Docker image.yml

@@ -1,19 +1,13 @@
 name: Publish Docker image
+
 on:
   workflow_dispatch:
-  push:
+  release:
-    branches:
+    types: [published]
-      - dev_new
-    paths:
-      - "**/*.go"
-      - "go.mod"
-      - "go.sum"
-      - ".github/workflows/*.yml"
-    tags:
-      - 'v*'
   pull_request:
     branches:
       - 'dev_new'
+
 env:
   REGISTRY: ghcr.io
   IMAGE_NAME: ${{ github.repository_owner }}/v2bx
@@ -28,40 +22,51 @@ jobs:
           - linux/amd64
           - linux/arm64
     steps:
+      - name: Prepare
+        run: |
+          platform=${{ matrix.platform }}
+          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV  
+
       - name: Checkout
         uses: actions/checkout@v4
+      
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@v5
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
+
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Build and push by digest
         id: build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
-          context: .
           platforms: ${{ matrix.platform }}
           labels: ${{ steps.meta.outputs.labels }}
           outputs: type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=true
+
       - name: Export digest
         run: |
           mkdir -p /tmp/digests
           digest="${{ steps.build.outputs.digest }}"
-          touch "/tmp/digests/${digest#sha256:}"          
+          echo "${digest#sha256:}" > "/tmp/digests/${digest#sha256:}"
+  
       - name: Upload digest
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
-          name: digests
+          name: digests-${{ env.PLATFORM_PAIR }}
           path: /tmp/digests/*
           if-no-files-found: error
           retention-days: 1
@@ -72,31 +77,37 @@ jobs:
       - build
     steps:
       - name: Download digests
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
-          name: digests
           path: /tmp/digests
+          pattern: digests-*
+          merge-multiple: true
+     
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
+        
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@v5
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+          
       - name: Create manifest list and push
-        working-directory: /tmp/digests
         run: |
-          ls -al
+          cd /tmp/digests
-          echo docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+          tags=$(echo '${{ steps.meta.outputs.json }}' | jq -cr '.tags | map("-t " + .) | join(" ")')
-            $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) 
+          images=$(printf "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s " $(find . -type f -exec cat {} \;))
-          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+          echo "Creating manifest with tags: $tags"
-            $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
+          echo "Using images: $images"
+          docker buildx imagetools create $tags $images
+          
       - name: Inspect image
         run: |
-          docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}
+          docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}

.github/workflows/release.yml

@@ -10,14 +10,14 @@ on:
       - "**/*.go"
       - "go.mod"
       - "go.sum"
-      - ".github/workflows/*.yml"
+      - ".github/workflows/release.yml"
   pull_request:
     types: [opened, synchronize, reopened]
     paths:
       - "**/*.go"
       - "go.mod"
       - "go.sum"
-      - ".github/workflows/*.yml"
+      - ".github/workflows/release.yml"
   release:
     types: [published]
 
@@ -98,7 +98,7 @@ jobs:
       CGO_ENABLED: 0
     steps:
       - name: Checkout codebase
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Show workflow information
         id: get_filename
         run: |
@@ -107,9 +107,9 @@ jobs:
           echo "ASSET_NAME=$_NAME" >> $GITHUB_OUTPUT
           echo "ASSET_NAME=$_NAME" >> $GITHUB_ENV
       - name: Set up Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v5
         with:
-          go-version: '1.22.0'
+          go-version: '1.23.2'
 
       - name: Get project dependencies
         run: go mod download
@@ -125,13 +125,13 @@ jobs:
         run: |
           echo "version: $version"
           mkdir -p build_assets
-          go build -v -o build_assets/V2bX -tags "sing xray hysteria2 with_reality_server with_quic with_grpc with_utls with_wireguard with_acme" -trimpath -ldflags "-X 'github.com/InazumaV/V2bX/cmd.version=$version' -s -w -buildid="
+          go build -v -o build_assets/V2bX -tags "sing xray hysteria2 with_reality_server with_quic with_grpc with_utls with_wireguard with_acme with_gvisor" -trimpath -ldflags "-X 'github.com/InazumaV/V2bX/cmd.version=$version' -s -w -buildid="
 
       - name: Build Mips softfloat V2bX
         if: matrix.goarch == 'mips' || matrix.goarch == 'mipsle'
         run: |
           echo "version: $version"
-          GOMIPS=softfloat go build -v -o build_assets/V2bX_softfloat -tags "sing xray hysteria2 with_reality_server with_quic with_grpc with_utls with_wireguard with_acme" -trimpath -ldflags "-X 'github.com/InazumaV/V2bX/cmd.version=$version' -s -w -buildid="
+          GOMIPS=softfloat go build -v -o build_assets/V2bX_softfloat -tags "sing xray hysteria2 with_reality_server with_quic with_grpc with_utls with_wireguard with_acme with_gvisor" -trimpath -ldflags "-X 'github.com/InazumaV/V2bX/cmd.version=$version' -s -w -buildid="
       - name: Rename Windows V2bX
         if: matrix.goos == 'windows'
         run: |
@@ -167,7 +167,7 @@ jobs:
         run: |
           mv build_assets V2bX-$ASSET_NAME
       - name: Upload files to Artifacts
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: V2bX-${{ steps.get_filename.outputs.ASSET_NAME }}
           path: |

Dockerfile

@@ -1,10 +1,10 @@
 # Build go
-FROM golang:1.22.0-alpine AS builder
+FROM golang:1.24.1-alpine AS builder
 WORKDIR /app
 COPY . .
 ENV CGO_ENABLED=0
 RUN go mod download
-RUN go build -v -o V2bX -tags "sing xray hysteria2 with_reality_server with_quic with_grpc with_utls with_wireguard with_acme"
+RUN go build -v -o V2bX -tags "sing xray hysteria2 with_reality_server with_quic with_grpc with_utls with_wireguard with_acme with_gvisor"
 
 # Release
 FROM  alpine

README.md

@@ -1,16 +1,17 @@
 # V2bX
 
-[![](https://img.shields.io/badge/TgChat-%E4%BA%A4%E6%B5%81%E7%BE%A4-blue)](https://t.me/YuzukiProjects)
+[![](https://img.shields.io/badge/TgChat-UnOfficialV2Board%E4%BA%A4%E6%B5%81%E7%BE%A4-green)](https://t.me/unofficialV2board)
+[![](https://img.shields.io/badge/TgChat-YuzukiProjects%E4%BA%A4%E6%B5%81%E7%BE%A4-blue)](https://t.me/YuzukiProjects)
 
 A V2board node server based on multi core, modified from XrayR.  
 一个基于多种内核的V2board节点服务端，修改自XrayR，支持V2ay,Trojan,Shadowsocks协议。
 
-**注意： 本项目需要V2board版本 >= 1.7.0**
+**注意： 本项目需要搭配[修改版V2board](https://github.com/wyx2685/v2board)**
 
 ## 特点
 
 * 永久开源且免费。
-* 支持Vmess/Vless, Trojan， Shadowsocks, Hysteria多种协议。
+* 支持Vmess/Vless, Trojan， Shadowsocks, Hysteria1/2多种协议。
 * 支持Vless和XTLS等新特性。
 * 支持单实例对接多节点，无需重复启动。
 * 支持限制在线IP。
@@ -23,7 +24,7 @@ A V2board node server based on multi core, modified from XrayR.
 
 ## 功能介绍
 
-| 功能        | v2ray | trojan | shadowsocks | hysteria |
+| 功能        | v2ray | trojan | shadowsocks | hysteria1/2 |
 |-----------|-------|--------|-------------|----------|
 | 自动申请tls证书 | √     | √      | √           | √        |
 | 自动续签tls证书 | √     | √      | √           | √        |
@@ -32,7 +33,7 @@ A V2board node server based on multi core, modified from XrayR.
 | 自定义DNS    | √     | √      | √           | √        |
 | 在线IP数限制   | √     | √      | √           | √        |
 | 连接数限制     | √     | √      | √           | √         |
-| 跨节点IP数限制  |      |       |            |          |
+| 跨节点IP数限制  |√      |√       |√            |√          |
 | 按照用户限速    | √     | √      | √           | √         |
 | 动态限速(未测试) | √     | √      | √           | √         |
 
@@ -52,17 +53,17 @@ wget -N https://raw.githubusercontent.com/wyx2685/V2bX-script/master/install.sh
 
 ### 手动安装
 
-[手动安装教程（过时待更新）](https://yuzuki-1.gitbook.io/v2bx-doc/xrayr-xia-zai-he-an-zhuang/install/manual)
+[手动安装教程](https://v2bx.v-50.me/v2bx/v2bx-xia-zai-he-an-zhuang/install/manual)
 
 ## 构建
 ``` bash
-# 通过-tags选项指定要编译的内核， 可选 xray， sing
+# 通过-tags选项指定要编译的内核， 可选 xray， sing, hysteria2
-go build -o V2bX -ldflags '-s -w' -gcflags="all=-trimpath=${PWD}" -asmflags="all=-trimpath=${PWD} -tags "xray sing"
+go build -v -o ./V2bX -tags "xray sing hysteria2 with_reality_server with_quic with_grpc with_utls with_wireguard with_acme" -trimpath -ldflags "-s -w -buildid="
 ```
 
 ## 配置文件及详细使用教程
 
-[详细使用教程](https://yuzuki-1.gitbook.io/v2bx-doc/)
+[详细使用教程](https://v2bx.v-50.me/)
 
 ## 免责声明
 
@@ -82,4 +83,4 @@ go build -o V2bX -ldflags '-s -w' -gcflags="all=-trimpath=${PWD}" -asmflags="all
 
 ## Stars 增长记录
 
-[![Stargazers over time](https://starchart.cc/InazumaV/V2bX.svg)](https://starchart.cc/InazumaV/V2bX)
+[![Stargazers over time](https://starchart.cc/wyx2685/V2bX.svg)](https://starchart.cc/wyx2685/V2bX)

api/panel/node.go

@@ -2,7 +2,6 @@ package panel
 
 import (
 	"crypto/sha256"
-	"encoding/base64"
 	"encoding/hex"
 	"fmt"
 	"reflect"
@@ -10,7 +9,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/InazumaV/V2bX/common/crypt"
 	"github.com/goccy/go-json"
 )
 
@@ -111,10 +109,11 @@ type HysteriaNode struct {
 
 type Hysteria2Node struct {
 	CommonNode
-	UpMbps       int    `json:"up_mbps"`
+	Ignore_Client_Bandwidth bool   `json:"ignore_client_bandwidth"`
-	DownMbps     int    `json:"down_mbps"`
+	UpMbps                  int    `json:"up_mbps"`
-	ObfsType     string `json:"obfs"`
+	DownMbps                int    `json:"down_mbps"`
-	ObfsPassword string `json:"obfs-password"`
+	ObfsType                string `json:"obfs"`
+	ObfsPassword            string `json:"obfs-password"`
 }
 
 type RawDNS struct {
@@ -186,18 +185,6 @@ func (c *Client) GetNodeInfo() (node *NodeInfo, err error) {
 		cm = &rsp.CommonNode
 		node.VAllss = rsp
 		node.Security = node.VAllss.Tls
-		if len(rsp.NetworkSettings) > 0 {
-			err = json.Unmarshal(rsp.NetworkSettings, &rsp.RealityConfig)
-			if err != nil {
-				return nil, fmt.Errorf("decode reality config error: %s", err)
-			}
-		}
-		if node.Security == Reality {
-			if rsp.TlsSettings.PrivateKey == "" {
-				key := crypt.GenX25519Private([]byte("vless" + c.Token))
-				rsp.TlsSettings.PrivateKey = base64.RawURLEncoding.EncodeToString(key)
-			}
-		}
 	case "shadowsocks":
 		rsp := &ShadowsocksNode{}
 		err = json.Unmarshal(r.Body(), rsp)

api/panel/panel.go

@@ -24,7 +24,8 @@ type Client struct {
 	nodeEtag         string
 	userEtag         string
 	responseBodyHash string
-	LastReportOnline map[int]int
+	UserList         *UserListBody
+	AliveMap         *AliveMap
 }
 
 func New(c *conf.ApiConfig) (*Client, error) {
@@ -71,5 +72,7 @@ func New(c *conf.ApiConfig) (*Client, error) {
 		APIHost:  c.APIHost,
 		NodeType: c.NodeType,
 		NodeId:   c.NodeID,
+		UserList: &UserListBody{},
+		AliveMap: &AliveMap{},
 	}, nil
 }

api/panel/user.go

@@ -16,7 +16,6 @@ type UserInfo struct {
 	Uuid        string `json:"uuid"`
 	SpeedLimit  int    `json:"speed_limit"`
 	DeviceLimit int    `json:"device_limit"`
-	AliveIp     int    `json:"alive_ip"`
 }
 
 type UserListBody struct {
@@ -24,62 +23,60 @@ type UserListBody struct {
 	Users []UserInfo `json:"users"`
 }
 
-// GetUserList will pull user form sspanel
+type AliveMap struct {
-func (c *Client) GetUserList() (UserList []UserInfo, err error) {
+	Alive map[int]int `json:"alive"`
+}
+
+// GetUserList will pull user from v2board
+func (c *Client) GetUserList() ([]UserInfo, error) {
 	const path = "/api/v1/server/UniProxy/user"
 	r, err := c.client.R().
 		SetHeader("If-None-Match", c.userEtag).
 		ForceContentType("application/json").
 		Get(path)
+	if r == nil || r.RawResponse == nil {
+		return nil, fmt.Errorf("received nil response or raw response")
+	}
+	defer r.RawResponse.Body.Close()
+
+	if r.StatusCode() == 304 {
+		return nil, nil
+	}
+
 	if err = c.checkResponse(r, path, err); err != nil {
 		return nil, err
 	}
-
+	userlist := &UserListBody{}
-	if r != nil {
+	if err := json.Unmarshal(r.Body(), userlist); err != nil {
-		defer func() {
+		return nil, fmt.Errorf("unmarshal user list error: %w", err)
-			if r.RawBody() != nil {
-				r.RawBody().Close()
-			}
-		}()
-		if r.StatusCode() == 304 {
-			return nil, nil
-		}
-	} else {
-		return nil, fmt.Errorf("received nil response")
-	}
-	var userList *UserListBody
-	if err != nil {
-		return nil, fmt.Errorf("read body error: %s", err)
-	}
-	if err := json.Unmarshal(r.Body(), &userList); err != nil {
-		return nil, fmt.Errorf("unmarshal userlist error: %s", err)
 	}
 	c.userEtag = r.Header().Get("ETag")
+	return userlist.Users, nil
+}
 
-	var userinfos []UserInfo
+// GetUserAlive will fetch the alive_ip count for users
-	var deviceLimit, localDeviceLimit int = 0, 0
+func (c *Client) GetUserAlive() (map[int]int, error) {
-	for _, user := range userList.Users {
+	c.AliveMap = &AliveMap{}
-		// If there is still device available, add the user
+	const path = "/api/v1/server/UniProxy/alivelist"
-		if user.DeviceLimit > 0 && user.AliveIp > 0 {
+	r, err := c.client.R().
-			lastOnline := 0
+		ForceContentType("application/json").
-			if v, ok := c.LastReportOnline[user.Id]; ok {
+		Get(path)
-				lastOnline = v
+	if err != nil || r.StatusCode() >= 399 {
-			}
+		c.AliveMap.Alive = make(map[int]int)
-			// If there are any available device.
+		return c.AliveMap.Alive, nil
-			localDeviceLimit = user.DeviceLimit - user.AliveIp + lastOnline
+	}
-			if localDeviceLimit > 0 {
+	if r == nil || r.RawResponse == nil {
-				deviceLimit = localDeviceLimit
+		fmt.Printf("received nil response or raw response")
-			} else if lastOnline > 0 {
+		c.AliveMap.Alive = make(map[int]int)
-				deviceLimit = lastOnline
+		return c.AliveMap.Alive, nil
-			} else {
+	}
-				continue
+	defer r.RawResponse.Body.Close()
-			}
+	if err := json.Unmarshal(r.Body(), c.AliveMap); err != nil {
-		}
+		fmt.Printf("unmarshal user alive list error: %s", err)
-		user.DeviceLimit = deviceLimit
+		c.AliveMap.Alive = make(map[int]int)
-		userinfos = append(userinfos, user)
 	}
 
-	return userinfos, nil
+	return c.AliveMap.Alive, nil
 }
 
 type UserTraffic struct {
@@ -106,8 +103,7 @@ func (c *Client) ReportUserTraffic(userTraffic []UserTraffic) error {
 	return nil
 }
 
-func (c *Client) ReportNodeOnlineUsers(data *map[int][]string, reportOnline *map[int]int) error {
+func (c *Client) ReportNodeOnlineUsers(data *map[int][]string) error {
-	c.LastReportOnline = *reportOnline
 	const path = "/api/v1/server/UniProxy/alive"
 	r, err := c.client.R().
 		SetBody(data).

common/counter/traffic.go

@@ -6,8 +6,7 @@ import (
 )
 
 type TrafficCounter struct {
-	counters map[string]*TrafficStorage
+	counters sync.Map
-	lock     sync.RWMutex
 }
 
 type TrafficStorage struct {
@@ -16,60 +15,52 @@ type TrafficStorage struct {
 }
 
 func NewTrafficCounter() *TrafficCounter {
-	return &TrafficCounter{
+	return &TrafficCounter{}
-		counters: map[string]*TrafficStorage{},
-	}
 }
 
 func (c *TrafficCounter) GetCounter(id string) *TrafficStorage {
-	c.lock.RLock()
+	if cts, ok := c.counters.Load(id); ok {
-	cts, ok := c.counters[id]
+		return cts.(*TrafficStorage)
-	c.lock.RUnlock()
-	if !ok {
-		cts = &TrafficStorage{}
-		c.counters[id] = cts
 	}
-	return cts
+	newStorage := &TrafficStorage{}
+	if cts, loaded := c.counters.LoadOrStore(id, newStorage); loaded {
+		return cts.(*TrafficStorage)
+	}
+	return newStorage
 }
 
 func (c *TrafficCounter) GetUpCount(id string) int64 {
-	c.lock.RLock()
+	if cts, ok := c.counters.Load(id); ok {
-	cts, ok := c.counters[id]
+		return cts.(*TrafficStorage).UpCounter.Load()
-	c.lock.RUnlock()
-	if ok {
-		return cts.UpCounter.Load()
 	}
 	return 0
 }
 
 func (c *TrafficCounter) GetDownCount(id string) int64 {
-	c.lock.RLock()
+	if cts, ok := c.counters.Load(id); ok {
-	cts, ok := c.counters[id]
+		return cts.(*TrafficStorage).DownCounter.Load()
-	c.lock.RUnlock()
-	if ok {
-		return cts.DownCounter.Load()
 	}
 	return 0
 }
 
 func (c *TrafficCounter) Len() int {
-	c.lock.RLock()
+	length := 0
-	defer c.lock.RUnlock()
+	c.counters.Range(func(_, _ interface{}) bool {
-	return len(c.counters)
+		length++
+		return true
+	})
+	return length
 }
 
 func (c *TrafficCounter) Reset(id string) {
-	c.lock.RLock()
+	if cts, ok := c.counters.Load(id); ok {
-	cts := c.GetCounter(id)
+		cts.(*TrafficStorage).UpCounter.Store(0)
-	c.lock.RUnlock()
+		cts.(*TrafficStorage).DownCounter.Store(0)
-	cts.UpCounter.Store(0)
+	}
-	cts.DownCounter.Store(0)
 }
 
 func (c *TrafficCounter) Delete(id string) {
-	c.lock.Lock()
+	c.counters.Delete(id)
-	delete(c.counters, id)
-	c.lock.Unlock()
 }
 
 func (c *TrafficCounter) Rx(id string, n int) {
@@ -81,11 +72,3 @@ func (c *TrafficCounter) Tx(id string, n int) {
 	cts := c.GetCounter(id)
 	cts.UpCounter.Add(int64(n))
 }
-
-func (c *TrafficCounter) IncConn(auth string) {
-	return
-}
-
-func (c *TrafficCounter) DecConn(auth string) {
-	return
-}

common/rate/conn.go

@@ -4,9 +4,6 @@ import (
 	"net"
 
 	"github.com/juju/ratelimit"
-	"github.com/sagernet/sing/common/buf"
-	M "github.com/sagernet/sing/common/metadata"
-	"github.com/sagernet/sing/common/network"
 )
 
 func NewConnRateLimiter(c net.Conn, l *ratelimit.Bucket) *Conn {
@@ -31,6 +28,7 @@ func (c *Conn) Write(b []byte) (n int, err error) {
 	return c.Conn.Write(b)
 }
 
+/*
 type PacketConnCounter struct {
 	network.PacketConn
 	limiter *ratelimit.Bucket
@@ -47,10 +45,11 @@ func (p *PacketConnCounter) ReadPacket(buff *buf.Buffer) (destination M.Socksadd
 	pLen := buff.Len()
 	destination, err = p.PacketConn.ReadPacket(buff)
 	p.limiter.Wait(int64(buff.Len() - pLen))
-	return
+	return destination, err
 }
 
 func (p *PacketConnCounter) WritePacket(buff *buf.Buffer, destination M.Socksaddr) (err error) {
 	p.limiter.Wait(int64(buff.Len()))
 	return p.PacketConn.WritePacket(buff, destination)
 }
+*/

conf/sing.go

@@ -5,11 +5,9 @@ import (
 )
 
 type SingConfig struct {
-	LogConfig       SingLogConfig `json:"Log"`
+	LogConfig    SingLogConfig `json:"Log"`
-	NtpConfig       SingNtpConfig `json:"NTP"`
+	NtpConfig    SingNtpConfig `json:"NTP"`
-	EnableConnClear bool          `json:"EnableConnClear"`
+	OriginalPath string        `json:"OriginalPath"`
-	DnsConfigPath   string        `json:"DnsConfigPath"`
-	OriginalPath    string        `json:"OriginalPath"`
 }
 
 type SingLogConfig struct {
@@ -34,13 +32,13 @@ func NewSingConfig() *SingConfig {
 }
 
 type SingOptions struct {
-	EnableProxyProtocol      bool                   `json:"EnableProxyProtocol"`
 	TCPFastOpen              bool                   `json:"EnableTFO"`
 	SniffEnabled             bool                   `json:"EnableSniff"`
+	SniffOverrideDestination bool                   `json:"SniffOverrideDestination"`
 	EnableDNS                bool                   `json:"EnableDNS"`
 	DomainStrategy           option.DomainStrategy  `json:"DomainStrategy"`
-	SniffOverrideDestination bool                   `json:"SniffOverrideDestination"`
 	FallBackConfigs          *FallBackConfigForSing `json:"FallBackConfigs"`
+	Multiplex                *MultiplexConfig       `json:"MultiplexConfig"`
 }
 
 type SingNtpConfig struct {
@@ -60,13 +58,25 @@ type FallBack struct {
 	ServerPort string `json:"ServerPort"`
 }
 
+type MultiplexConfig struct {
+	Enabled bool          `json:"Enable"`
+	Padding bool          `json:"Padding"`
+	Brutal  BrutalOptions `json:"Brutal"`
+}
+
+type BrutalOptions struct {
+	Enabled  bool `json:"Enable"`
+	UpMbps   int  `json:"UpMbps"`
+	DownMbps int  `json:"DownMbps"`
+}
+
 func NewSingOptions() *SingOptions {
 	return &SingOptions{
 		EnableDNS:                false,
-		EnableProxyProtocol:      false,
 		TCPFastOpen:              false,
 		SniffEnabled:             true,
 		SniffOverrideDestination: true,
 		FallBackConfigs:          &FallBackConfigForSing{},
+		Multiplex:                &MultiplexConfig{},
 	}
 }

core/hy2/config.go

@@ -13,11 +13,13 @@ import (
 
 	"github.com/InazumaV/V2bX/api/panel"
 	"github.com/InazumaV/V2bX/conf"
-	"github.com/apernet/hysteria/core/server"
+	"github.com/apernet/hysteria/core/v2/server"
-	"github.com/apernet/hysteria/extras/correctnet"
+	"github.com/apernet/hysteria/extras/v2/correctnet"
-	"github.com/apernet/hysteria/extras/masq"
+	"github.com/apernet/hysteria/extras/v2/masq"
-	"github.com/apernet/hysteria/extras/obfs"
+	"github.com/apernet/hysteria/extras/v2/obfs"
-	"github.com/apernet/hysteria/extras/outbounds"
+	"github.com/apernet/hysteria/extras/v2/outbounds"
+	"github.com/apernet/hysteria/extras/v2/sniff"
+	eUtils "github.com/apernet/hysteria/extras/v2/utils"
 	"go.uber.org/zap"
 )
 
@@ -161,6 +163,29 @@ func (n *Hysteria2node) getBandwidthConfig(info *panel.NodeInfo) *server.Bandwid
 	return band
 }
 
+func (n *Hysteria2node) getRequestHook(c *serverConfig) (server.RequestHook, error) {
+	if c.Sniff.Enable {
+		s := &sniff.Sniffer{
+			Timeout:       c.Sniff.Timeout,
+			RewriteDomain: c.Sniff.RewriteDomain,
+		}
+		if c.Sniff.TCPPorts != "" {
+			s.TCPPorts = eUtils.ParsePortUnion(c.Sniff.TCPPorts)
+			if s.TCPPorts == nil {
+				return nil, fmt.Errorf("sniff.tcpPorts: invalid port union")
+			}
+		}
+		if c.Sniff.UDPPorts != "" {
+			s.UDPPorts = eUtils.ParsePortUnion(c.Sniff.UDPPorts)
+			if s.UDPPorts == nil {
+				return nil, fmt.Errorf("sniff.udpPorts: invalid port union")
+			}
+		}
+		return s, nil
+	}
+	return nil, nil
+}
+
 func (n *Hysteria2node) getOutboundConfig(c *serverConfig) (server.Outbound, error) {
 	// Resolver, ACL, actual outbound are all implemented through the Outbound interface.
 	// Depending on the config, we build a chain like this:
@@ -284,15 +309,23 @@ func (n *Hysteria2node) getMasqHandler(tlsconfig *server.TLSConfig, conn net.Pac
 		}
 		u, err := url.Parse(c.Masquerade.Proxy.URL)
 		if err != nil {
-			return nil, fmt.Errorf(fmt.Sprintf("masquerade.proxy.url %s", err))
+			return nil, fmt.Errorf("masquerade.proxy.url %s", err)
 		}
 		handler = &httputil.ReverseProxy{
-			Rewrite: func(r *httputil.ProxyRequest) {
+			Director: func(req *http.Request) {
-				r.SetURL(u)
+				req.URL.Scheme = u.Scheme
-				// SetURL rewrites the Host header,
+				req.URL.Host = u.Host
-				// but we don't want that if rewriteHost is false
+
-				if !c.Masquerade.Proxy.RewriteHost {
+				if clientIP, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
-					r.Out.Host = r.In.Host
+					xff := req.Header.Get("X-Forwarded-For")
+					if xff != "" {
+						clientIP = xff + ", " + clientIP
+					}
+					req.Header.Set("X-Forwarded-For", clientIP)
+				}
+
+				if c.Masquerade.Proxy.RewriteHost {
+					req.Host = req.URL.Host
 				}
 			},
 			ErrorHandler: func(w http.ResponseWriter, r *http.Request, err error) {
@@ -334,7 +367,7 @@ func (n *Hysteria2node) getMasqHandler(tlsconfig *server.TLSConfig, conn net.Pac
 		s := masq.MasqTCPServer{
 			QUICPort:  extractPortFromAddr(conn.LocalAddr().String()),
 			HTTPSPort: extractPortFromAddr(c.Masquerade.ListenHTTPS),
-			Handler:   &masqHandlerLogWrapper{H: handler, QUIC: false},
+			Handler:   &masqHandlerLogWrapper{H: handler, QUIC: false, Logger: n.Logger},
 			TLSConfig: &tls.Config{
 				Certificates:   tlsconfig.Certificates,
 				GetCertificate: tlsconfig.GetCertificate,
@@ -360,6 +393,10 @@ func (n *Hysteria2node) getHyConfig(info *panel.NodeInfo, config *conf.Options,
 	if err != nil {
 		return nil, err
 	}
+	sniff, err := n.getRequestHook(c)
+	if err != nil {
+		return nil, err
+	}
 	Outbound, err := n.getOutboundConfig(c)
 	if err != nil {
 		return nil, err
@@ -372,9 +409,10 @@ func (n *Hysteria2node) getHyConfig(info *panel.NodeInfo, config *conf.Options,
 		TLSConfig:             *tls,
 		QUICConfig:            *quic,
 		Conn:                  conn,
+		RequestHook:           sniff,
 		Outbound:              Outbound,
 		BandwidthConfig:       *n.getBandwidthConfig(info),
-		IgnoreClientBandwidth: c.IgnoreClientBandwidth,
+		IgnoreClientBandwidth: info.Hysteria2.Ignore_Client_Bandwidth,
 		DisableUDP:            c.DisableUDP,
 		UDPIdleTimeout:        c.UDPIdleTimeout,
 		EventLogger:           n.EventLogger,

core/hy2/geoloader.go

@@ -7,8 +7,8 @@ import (
 	"os"
 	"time"
 
-	"github.com/apernet/hysteria/extras/outbounds/acl"
+	"github.com/apernet/hysteria/extras/v2/outbounds/acl"
-	"github.com/apernet/hysteria/extras/outbounds/acl/v2geo"
+	"github.com/apernet/hysteria/extras/v2/outbounds/acl/v2geo"
 	"go.uber.org/zap"
 )
 

core/hy2/hook.go

@@ -4,17 +4,46 @@ import (
 	"sync"
 
 	"github.com/InazumaV/V2bX/common/counter"
+	"github.com/InazumaV/V2bX/common/format"
+	"github.com/InazumaV/V2bX/limiter"
+	"github.com/apernet/hysteria/core/v2/server"
+	quic "github.com/apernet/quic-go"
+	"go.uber.org/zap"
 )
 
+var _ server.TrafficLogger = (*HookServer)(nil)
+
 type HookServer struct {
 	Tag     string
+	logger  *zap.Logger
 	Counter sync.Map
 }
 
+func (h *HookServer) TraceStream(stream quic.Stream, stats *server.StreamStats) {
+}
+
+func (h *HookServer) UntraceStream(stream quic.Stream) {
+}
+
 func (h *HookServer) LogTraffic(id string, tx, rx uint64) (ok bool) {
 	var c interface{}
 	var exists bool
 
+	limiterinfo, err := limiter.GetLimiter(h.Tag)
+	if err != nil {
+		h.logger.Error("Get limiter error", zap.String("tag", h.Tag), zap.Error(err))
+		return false
+	}
+
+	userLimit, ok := limiterinfo.UserLimitInfo.Load(format.UserTag(h.Tag, id))
+	if ok {
+		userlimitInfo := userLimit.(*limiter.UserLimitInfo)
+		if userlimitInfo.OverLimit {
+			userlimitInfo.OverLimit = false
+			return false
+		}
+	}
+
 	if c, exists = h.Counter.Load(h.Tag); !exists {
 		c = counter.NewTrafficCounter()
 		h.Counter.Store(h.Tag, c)

core/hy2/logger.go

@@ -5,6 +5,7 @@ import (
 	"net"
 	"strings"
 
+	"github.com/InazumaV/V2bX/common/format"
 	"github.com/InazumaV/V2bX/limiter"
 	"go.uber.org/zap"
 	"go.uber.org/zap/zapcore"
@@ -46,12 +47,18 @@ var logFormatMap = map[string]zapcore.EncoderConfig{
 }
 
 func (l *serverLogger) Connect(addr net.Addr, uuid string, tx uint64) {
-	limiter, err := limiter.GetLimiter(l.Tag)
+	limiterinfo, err := limiter.GetLimiter(l.Tag)
 	if err != nil {
 		l.logger.Panic("Get limiter error", zap.String("tag", l.Tag), zap.Error(err))
 	}
-	if _, r := limiter.CheckLimit(uuid, extractIPFromAddr(addr), addr.Network() == "tcp"); r {
+	if _, r := limiterinfo.CheckLimit(format.UserTag(l.Tag, uuid), extractIPFromAddr(addr), addr.Network() == "tcp", true); r {
-		l.logger.Warn("Need Reject", zap.String("addr", addr.String()), zap.String("uuid", uuid))
+		if userLimit, ok := limiterinfo.UserLimitInfo.Load(format.UserTag(l.Tag, uuid)); ok {
+			userLimit.(*limiter.UserLimitInfo).OverLimit = true
+		}
+	} else {
+		if userLimit, ok := limiterinfo.UserLimitInfo.Load(format.UserTag(l.Tag, uuid)); ok {
+			userLimit.(*limiter.UserLimitInfo).OverLimit = false
+		}
 	}
 	l.logger.Info("client connected", zap.String("addr", addr.String()), zap.String("uuid", uuid), zap.Uint64("tx", tx))
 }
@@ -61,12 +68,18 @@ func (l *serverLogger) Disconnect(addr net.Addr, uuid string, err error) {
 }
 
 func (l *serverLogger) TCPRequest(addr net.Addr, uuid, reqAddr string) {
-	limiter, err := limiter.GetLimiter(l.Tag)
+	limiterinfo, err := limiter.GetLimiter(l.Tag)
 	if err != nil {
 		l.logger.Panic("Get limiter error", zap.String("tag", l.Tag), zap.Error(err))
 	}
-	if _, r := limiter.CheckLimit(uuid, extractIPFromAddr(addr), addr.Network() == "tcp"); r {
+	if _, r := limiterinfo.CheckLimit(format.UserTag(l.Tag, uuid), extractIPFromAddr(addr), addr.Network() == "tcp", true); r {
-		l.logger.Warn("Need Reject", zap.String("addr", addr.String()), zap.String("uuid", uuid))
+		if userLimit, ok := limiterinfo.UserLimitInfo.Load(format.UserTag(l.Tag, uuid)); ok {
+			userLimit.(*limiter.UserLimitInfo).OverLimit = true
+		}
+	} else {
+		if userLimit, ok := limiterinfo.UserLimitInfo.Load(format.UserTag(l.Tag, uuid)); ok {
+			userLimit.(*limiter.UserLimitInfo).OverLimit = false
+		}
 	}
 	l.logger.Debug("TCP request", zap.String("addr", addr.String()), zap.String("uuid", uuid), zap.String("reqAddr", reqAddr))
 }
@@ -80,12 +93,18 @@ func (l *serverLogger) TCPError(addr net.Addr, uuid, reqAddr string, err error)
 }
 
 func (l *serverLogger) UDPRequest(addr net.Addr, uuid string, sessionId uint32, reqAddr string) {
-	limiter, err := limiter.GetLimiter(l.Tag)
+	limiterinfo, err := limiter.GetLimiter(l.Tag)
 	if err != nil {
 		l.logger.Panic("Get limiter error", zap.String("tag", l.Tag), zap.Error(err))
 	}
-	if _, r := limiter.CheckLimit(uuid, extractIPFromAddr(addr), addr.Network() == "tcp"); r {
+	if _, r := limiterinfo.CheckLimit(format.UserTag(l.Tag, uuid), extractIPFromAddr(addr), addr.Network() == "tcp", true); r {
-		l.logger.Warn("Need Reject", zap.String("addr", addr.String()), zap.String("uuid", uuid))
+		if userLimit, ok := limiterinfo.UserLimitInfo.Load(format.UserTag(l.Tag, uuid)); ok {
+			userLimit.(*limiter.UserLimitInfo).OverLimit = true
+		}
+	} else {
+		if userLimit, ok := limiterinfo.UserLimitInfo.Load(format.UserTag(l.Tag, uuid)); ok {
+			userLimit.(*limiter.UserLimitInfo).OverLimit = false
+		}
 	}
 	l.logger.Debug("UDP request", zap.String("addr", addr.String()), zap.String("uuid", uuid), zap.Uint32("sessionId", sessionId), zap.String("reqAddr", reqAddr))
 }
@@ -101,11 +120,11 @@ func (l *serverLogger) UDPError(addr net.Addr, uuid string, sessionId uint32, er
 func initLogger(logLevel string, logFormat string) (*zap.Logger, error) {
 	level, ok := logLevelMap[strings.ToLower(logLevel)]
 	if !ok {
-		return nil, fmt.Errorf(fmt.Sprintf("unsupported log level: %s\n", logLevel))
+		return nil, fmt.Errorf("unsupported log level: %s", logLevel)
 	}
 	enc, ok := logFormatMap[strings.ToLower(logFormat)]
 	if !ok {
-		return nil, fmt.Errorf(fmt.Sprintf("unsupported log format: %s\n", logFormat))
+		return nil, fmt.Errorf("unsupported log format: %s", logFormat)
 	}
 	c := zap.Config{
 		Level:             zap.NewAtomicLevelAt(level),
@@ -118,7 +137,7 @@ func initLogger(logLevel string, logFormat string) (*zap.Logger, error) {
 	}
 	logger, err := c.Build()
 	if err != nil {
-		return nil, fmt.Errorf(fmt.Sprintf("failed to initialize logger: %s\n", err))
+		return nil, fmt.Errorf("failed to initialize logger: %s", err)
 	}
 	return logger, nil
 }

core/hy2/node.go

@@ -1,9 +1,11 @@
 package hy2
 
 import (
+	"strings"
+
 	"github.com/InazumaV/V2bX/api/panel"
 	"github.com/InazumaV/V2bX/conf"
-	"github.com/apernet/hysteria/core/server"
+	"github.com/apernet/hysteria/core/v2/server"
 	"github.com/spf13/viper"
 	"go.uber.org/zap"
 )
@@ -38,7 +40,8 @@ func (h *Hysteria2) AddNode(tag string, info *panel.NodeInfo, config *conf.Optio
 			logger: h.Logger,
 		},
 		TrafficLogger: &HookServer{
-			Tag: tag,
+			Tag:    tag,
+			logger: h.Logger,
 		},
 	}
 
@@ -55,7 +58,9 @@ func (h *Hysteria2) AddNode(tag string, info *panel.NodeInfo, config *conf.Optio
 	h.Hy2nodes[tag] = n
 	go func() {
 		if err := s.Serve(); err != nil {
-			h.Logger.Error("Server Error", zap.Error(err))
+			if !strings.Contains(err.Error(), "quic: server closed") {
+				h.Logger.Error("Server Error", zap.Error(err))
+			}
 		}
 	}()
 	return nil

core/hy2/serverConfig.go

@@ -6,7 +6,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/apernet/hysteria/extras/outbounds"
+	"github.com/apernet/hysteria/extras/v2/outbounds"
 )
 
 type serverConfig struct {
@@ -17,10 +17,12 @@ type serverConfig struct {
 	QUIC                  serverConfigQUIC            `mapstructure:"quic"`
 	Bandwidth             serverConfigBandwidth       `mapstructure:"bandwidth"`
 	IgnoreClientBandwidth bool                        `mapstructure:"ignoreClientBandwidth"`
+	SpeedTest             bool                        `mapstructure:"speedTest"`
 	DisableUDP            bool                        `mapstructure:"disableUDP"`
 	UDPIdleTimeout        time.Duration               `mapstructure:"udpIdleTimeout"`
 	Auth                  serverConfigAuth            `mapstructure:"auth"`
 	Resolver              serverConfigResolver        `mapstructure:"resolver"`
+	Sniff                 serverConfigSniff           `mapstructure:"sniff"`
 	ACL                   serverConfigACL             `mapstructure:"acl"`
 	Outbounds             []serverConfigOutboundEntry `mapstructure:"outbounds"`
 	TrafficStats          serverConfigTrafficStats    `mapstructure:"trafficStats"`
@@ -112,6 +114,14 @@ type serverConfigResolver struct {
 	HTTPS serverConfigResolverHTTPS `mapstructure:"https"`
 }
 
+type serverConfigSniff struct {
+	Enable        bool          `mapstructure:"enable"`
+	Timeout       time.Duration `mapstructure:"timeout"`
+	RewriteDomain bool          `mapstructure:"rewriteDomain"`
+	TCPPorts      string        `mapstructure:"tcpPorts"`
+	UDPPorts      string        `mapstructure:"udpPorts"`
+}
+
 type serverConfigACL struct {
 	File              string        `mapstructure:"file"`
 	Inline            []string      `mapstructure:"inline"`

core/hy2/user.go

@@ -7,7 +7,7 @@ import (
 	"github.com/InazumaV/V2bX/api/panel"
 	"github.com/InazumaV/V2bX/common/counter"
 	vCore "github.com/InazumaV/V2bX/core"
-	"github.com/apernet/hysteria/core/server"
+	"github.com/apernet/hysteria/core/v2/server"
 )
 
 var _ server.Authenticator = &V2bX{}
@@ -41,7 +41,7 @@ func (h *Hysteria2) AddUsers(p *vCore.AddUsersParams) (added int, err error) {
 	return len(p.Users), nil
 }
 
-func (h *Hysteria2) DelUsers(users []panel.UserInfo, tag string) error {
+func (h *Hysteria2) DelUsers(users []panel.UserInfo, tag string, _ *panel.NodeInfo) error {
 	var wg sync.WaitGroup
 	for _, user := range users {
 		wg.Add(1)

core/interface.go

@@ -18,7 +18,7 @@ type Core interface {
 	DelNode(tag string) error
 	AddUsers(p *AddUsersParams) (added int, err error)
 	GetUserTraffic(tag, uuid string, reset bool) (up int64, down int64)
-	DelUsers(users []panel.UserInfo, tag string) error
+	DelUsers(users []panel.UserInfo, tag string, info *panel.NodeInfo) error
 	Protocols() []string
 	Type() string
 }

core/selector.go

@@ -3,10 +3,11 @@ package core
 import (
 	"errors"
 	"fmt"
-	"github.com/hashicorp/go-multierror"
 	"strings"
 	"sync"
 
+	"github.com/hashicorp/go-multierror"
+
 	"github.com/InazumaV/V2bX/api/panel"
 	"github.com/InazumaV/V2bX/conf"
 )
@@ -135,12 +136,12 @@ func (s *Selector) GetUserTraffic(tag, uuid string, reset bool) (up int64, down
 	return t.(Core).GetUserTraffic(tag, uuid, reset)
 }
 
-func (s *Selector) DelUsers(users []panel.UserInfo, tag string) error {
+func (s *Selector) DelUsers(users []panel.UserInfo, tag string, info *panel.NodeInfo) error {
 	t, e := s.nodes.Load(tag)
 	if !e {
 		return errors.New("the node is not have")
 	}
-	return t.(Core).DelUsers(users, tag)
+	return t.(Core).DelUsers(users, tag, info)
 }
 
 func (s *Selector) Protocols() []string {

core/sing/dns.go

@@ -1,85 +0,0 @@
-package sing
-
-import (
-	"bytes"
-	"github.com/InazumaV/V2bX/api/panel"
-	"github.com/goccy/go-json"
-	log "github.com/sirupsen/logrus"
-	"os"
-	"strings"
-)
-
-func updateDNSConfig(node *panel.NodeInfo) (err error) {
-	dnsPath := os.Getenv("SING_DNS_PATH")
-	if len(node.RawDNS.DNSJson) != 0 {
-		var prettyJSON bytes.Buffer
-		if err := json.Indent(&prettyJSON, node.RawDNS.DNSJson, "", " "); err != nil {
-			return err
-		}
-		err = saveDnsConfig(prettyJSON.Bytes(), dnsPath)
-	} else if len(node.RawDNS.DNSMap) != 0 {
-		dnsConfig := DNSConfig{
-			Servers: []map[string]interface{}{
-				{
-					"tag":     "default",
-					"address": "https://8.8.8.8/dns-query",
-					"detour":  "direct",
-				},
-			},
-		}
-		for id, value := range node.RawDNS.DNSMap {
-			dnsConfig.Servers = append(dnsConfig.Servers,
-				map[string]interface{}{
-					"tag":              id,
-					"address":          value["address"],
-					"address_resolver": "default",
-					"detour":           "direct",
-				},
-			)
-			rule := map[string]interface{}{
-				"server":        id,
-				"disable_cache": true,
-			}
-			for _, ruleType := range []string{"domain_suffix", "domain_keyword", "domain_regex", "geosite"} {
-				var domains []string
-				for _, v := range value["domains"].([]string) {
-					split := strings.SplitN(v, ":", 2)
-					prefix := strings.ToLower(split[0])
-					if prefix == ruleType || (prefix == "domain" && ruleType == "domain_suffix") {
-						if len(split) > 1 {
-							domains = append(domains, split[1])
-						}
-						if len(domains) > 0 {
-							rule[ruleType] = domains
-						}
-					}
-				}
-			}
-			dnsConfig.Rules = append(dnsConfig.Rules, rule)
-		}
-		dnsConfigJSON, err := json.MarshalIndent(dnsConfig, "", "  ")
-		if err != nil {
-			log.WithField("err", err).Error("Error marshaling dnsConfig to JSON")
-			return err
-		}
-		err = saveDnsConfig(dnsConfigJSON, dnsPath)
-	}
-	return err
-}
-
-func saveDnsConfig(dns []byte, dnsPath string) (err error) {
-	currentData, err := os.ReadFile(dnsPath)
-	if err != nil {
-		log.WithField("err", err).Error("Failed to read SING_DNS_PATH")
-		return err
-	}
-	if !bytes.Equal(currentData, dns) {
-		if err = os.Truncate(dnsPath, 0); err != nil {
-			log.WithField("err", err).Error("Failed to clear SING DNS PATH file")
-		}
-		if err = os.WriteFile(dnsPath, dns, 0644); err != nil {
-			log.WithField("err", err).Error("Failed to write DNS to SING DNS PATH file")
-		}
-	}
-	return err
-}

core/sing/hook.go

@@ -2,14 +2,14 @@ package sing
 
 import (
 	"context"
-	"io"
+	"fmt"
 	"net"
 	"sync"
-
+	"time"
-	"github.com/sagernet/sing-box/common/urltest"
 
 	"github.com/InazumaV/V2bX/common/format"
 	"github.com/InazumaV/V2bX/common/rate"
+	"github.com/InazumaV/V2bX/common/task"
 
 	"github.com/InazumaV/V2bX/limiter"
 
@@ -19,204 +19,193 @@ import (
 	N "github.com/sagernet/sing/common/network"
 )
 
+var _ adapter.ConnectionTracker = (*HookServer)(nil)
+
+type ConnEntry struct {
+	Conn      net.Conn
+	Timestamp time.Time
+}
+
 type HookServer struct {
-	EnableConnClear bool
+	counter  sync.Map //map[string]*counter.TrafficCounter
-	counter         sync.Map
+	userconn sync.Map //map[string][]*ConnEntry
-	connClears      sync.Map
+	Cleanup  *task.Task
-}
-
-type ConnClear struct {
-	lock  sync.RWMutex
-	conns map[int]io.Closer
-}
-
-func (c *ConnClear) AddConn(cn io.Closer) (key int) {
-	c.lock.Lock()
-	defer c.lock.Unlock()
-	key = len(c.conns)
-	c.conns[key] = cn
-	return
-}
-
-func (c *ConnClear) DelConn(key int) {
-	c.lock.Lock()
-	defer c.lock.Unlock()
-	delete(c.conns, key)
-}
-
-func (c *ConnClear) ClearConn() {
-	c.lock.Lock()
-	defer c.lock.Unlock()
-	for _, c := range c.conns {
-		c.Close()
-	}
 }
 
 func (h *HookServer) ModeList() []string {
 	return nil
 }
 
-func NewHookServer(enableClear bool) *HookServer {
+func NewHookServer() *HookServer {
-	return &HookServer{
+	server := &HookServer{
-		EnableConnClear: enableClear,
+		counter:  sync.Map{},
-		counter:         sync.Map{},
+		userconn: sync.Map{},
-		connClears:      sync.Map{},
 	}
+	server.Cleanup = &task.Task{
+		Interval: 5 * time.Minute,
+		Execute:  server.CleanupOldConnections,
+	}
+	return server
 }
 
-func (h *HookServer) Start() error {
+func (h *HookServer) RoutedConnection(_ context.Context, conn net.Conn, m adapter.InboundContext, _ adapter.Rule, _ adapter.Outbound) net.Conn {
-	return nil
-}
-
-func (h *HookServer) Close() error {
-	return nil
-}
-
-func (h *HookServer) PreStart() error {
-	return nil
-}
-
-func (h *HookServer) RoutedConnection(_ context.Context, conn net.Conn, m adapter.InboundContext, _ adapter.Rule) (net.Conn, adapter.Tracker) {
-	t := &Tracker{}
 	l, err := limiter.GetLimiter(m.Inbound)
 	if err != nil {
 		log.Warn("get limiter for ", m.Inbound, " error: ", err)
-		return conn, t
+		return conn
-	}
-	if l.CheckDomainRule(m.Domain) {
-		conn.Close()
-		log.Error("[", m.Inbound, "] ",
-			"Limited ", m.User, " access to ", m.Domain, " by domain rule")
-		return conn, t
-	}
-	if l.CheckProtocolRule(m.Protocol) {
-		conn.Close()
-		log.Error("[", m.Inbound, "] ",
-			"Limited ", m.User, " use ", m.Domain, " by protocol rule")
-		return conn, t
 	}
+	taguuid := format.UserTag(m.Inbound, m.User)
 	ip := m.Source.Addr.String()
-	if b, r := l.CheckLimit(format.UserTag(m.Inbound, m.User), ip, true); r {
+	if b, r := l.CheckLimit(taguuid, ip, true, true); r {
 		conn.Close()
 		log.Error("[", m.Inbound, "] ", "Limited ", m.User, " by ip or conn")
-		return conn, t
+		return conn
 	} else if b != nil {
 		conn = rate.NewConnRateLimiter(conn, b)
 	}
-	t.AddLeave(func() {
+	if l != nil {
-		l.ConnLimiter.DelConnCount(m.User, ip)
+		destStr := m.Destination.AddrString()
-	})
+		protocol := m.Destination.Network()
-	if h.EnableConnClear {
+		if l.CheckDomainRule(destStr) {
-		var key int
+			log.Error(fmt.Sprintf(
-		cc := &ConnClear{
+				"User %s access domain %s reject by rule",
-			conns: map[int]io.Closer{
+				m.User,
-				0: conn,
+				destStr))
-			},
+			conn.Close()
+			return conn
 		}
-		if v, ok := h.connClears.LoadOrStore(m.Inbound+m.User, cc); ok {
+		if len(protocol) != 0 {
-			cc = v.(*ConnClear)
+			if l.CheckProtocolRule(protocol) {
-			key = cc.AddConn(conn)
+				log.Error(fmt.Sprintf(
+					"User %s access protocol %s reject by rule",
+					m.User,
+					protocol))
+				conn.Close()
+				return conn
+			}
 		}
-		t.AddLeave(func() {
-			cc.DelConn(key)
-		})
 	}
-	if c, ok := h.counter.Load(m.Inbound); ok {
+	var t *counter.TrafficCounter
-		return counter.NewConnCounter(conn, c.(*counter.TrafficCounter).GetCounter(m.User)), t
+	if c, ok := h.counter.Load(m.Inbound); !ok {
+		t = counter.NewTrafficCounter()
+		h.counter.Store(m.Inbound, t)
 	} else {
-		c := counter.NewTrafficCounter()
+		t = c.(*counter.TrafficCounter)
-		h.counter.Store(m.Inbound, c)
-		return counter.NewConnCounter(conn, c.GetCounter(m.User)), t
 	}
+
+	conn = counter.NewConnCounter(conn, t.GetCounter(m.User))
+	entry := &ConnEntry{
+		Conn:      conn,
+		Timestamp: time.Now(),
+	}
+	if conns, exist := h.userconn.Load(taguuid); exist {
+		if connList, ok := conns.([]*ConnEntry); ok {
+			h.userconn.Store(taguuid, append(connList, entry))
+		} else {
+			h.userconn.Delete(taguuid)
+			h.userconn.Store(taguuid, []*ConnEntry{entry})
+		}
+	} else {
+		h.userconn.Store(taguuid, []*ConnEntry{entry})
+	}
+
+	return conn
 }
 
-func (h *HookServer) RoutedPacketConnection(_ context.Context, conn N.PacketConn, m adapter.InboundContext, _ adapter.Rule) (N.PacketConn, adapter.Tracker) {
+func (h *HookServer) RoutedPacketConnection(_ context.Context, conn N.PacketConn, m adapter.InboundContext, _ adapter.Rule, _ adapter.Outbound) N.PacketConn {
-	t := &Tracker{}
 	l, err := limiter.GetLimiter(m.Inbound)
 	if err != nil {
 		log.Warn("get limiter for ", m.Inbound, " error: ", err)
-		return conn, t
+		return conn
-	}
-	if l.CheckDomainRule(m.Domain) {
-		conn.Close()
-		log.Error("[", m.Inbound, "] ",
-			"Limited ", m.User, " access to ", m.Domain, " by domain rule")
-		return conn, t
-	}
-	if l.CheckProtocolRule(m.Protocol) {
-		conn.Close()
-		log.Error("[", m.Inbound, "] ",
-			"Limited ", m.User, " use ", m.Domain, " by protocol rule")
-		return conn, t
 	}
 	ip := m.Source.Addr.String()
-	if b, r := l.CheckLimit(format.UserTag(m.Inbound, m.User), ip, true); r {
+	taguuid := format.UserTag(m.Inbound, m.User)
+	if b, r := l.CheckLimit(taguuid, ip, false, false); r {
 		conn.Close()
 		log.Error("[", m.Inbound, "] ", "Limited ", m.User, " by ip or conn")
-		return conn, t
+		return conn
 	} else if b != nil {
-		conn = rate.NewPacketConnCounter(conn, b)
+		//conn = rate.NewPacketConnCounter(conn, b)
 	}
-	if h.EnableConnClear {
+	if l != nil {
-		var key int
+		destStr := m.Destination.AddrString()
-		cc := &ConnClear{
+		protocol := m.Destination.Network()
-			conns: map[int]io.Closer{
+		if l.CheckDomainRule(destStr) {
-				0: conn,
+			log.Error(fmt.Sprintf(
-			},
+				"User %s access domain %s reject by rule",
+				m.User,
+				destStr))
+			conn.Close()
+			return conn
 		}
-		if v, ok := h.connClears.LoadOrStore(m.Inbound+m.User, cc); ok {
+		if len(protocol) != 0 {
-			cc = v.(*ConnClear)
+			if l.CheckProtocolRule(protocol) {
-			key = cc.AddConn(conn)
+				log.Error(fmt.Sprintf(
+					"User %s access protocol %s reject by rule",
+					m.User,
+					protocol))
+				conn.Close()
+				return conn
+			}
 		}
-		t.AddLeave(func() {
-			cc.DelConn(key)
-		})
 	}
-	if c, ok := h.counter.Load(m.Inbound); ok {
+	var t *counter.TrafficCounter
-		return counter.NewPacketConnCounter(conn, c.(*counter.TrafficCounter).GetCounter(m.User)), t
+	if c, ok := h.counter.Load(m.Inbound); !ok {
+		t = counter.NewTrafficCounter()
+		h.counter.Store(m.Inbound, t)
 	} else {
-		c := counter.NewTrafficCounter()
+		t = c.(*counter.TrafficCounter)
-		h.counter.Store(m.Inbound, c)
-		return counter.NewPacketConnCounter(conn, c.GetCounter(m.User)), t
 	}
+	conn = counter.NewPacketConnCounter(conn, t.GetCounter(m.User))
+	return conn
 }
 
-// not need
+func (h *HookServer) CloseConnections(tag string, uuids []string) error {
+	for _, uuid := range uuids {
+		taguuid := format.UserTag(tag, uuid)
+		v, ok := h.userconn.Load(taguuid)
+		if !ok {
+			continue
+		}
+		connList, ok := v.([]*ConnEntry)
+		if !ok {
+			h.userconn.Delete(taguuid)
+			continue
+		}
 
-func (h *HookServer) Mode() string {
+		for _, entry := range connList {
-	return ""
+			err := entry.Conn.Close()
-}
+			if err != nil {
-func (h *HookServer) StoreSelected() bool {
+				log.Error("close conn error: ", err)
-	return false
+			}
-}
+		}
-func (h *HookServer) CacheFile() adapter.CacheFile {
+		h.userconn.Delete(taguuid)
-	return nil
+	}
-}
-func (h *HookServer) HistoryStorage() *urltest.HistoryStorage {
 	return nil
 }
 
-func (h *HookServer) StoreFakeIP() bool {
+func (h *HookServer) CleanupOldConnections() error {
-	return false
+	expiredTime := time.Now().Add(-time.Minute * 30)
-}
+	h.userconn.Range(func(key, value interface{}) bool {
+		connList, ok := value.([]*ConnEntry)
+		if !ok {
+			h.userconn.Delete(key)
+			return true
+		}
 
-func (h *HookServer) ClearConn(inbound string, user string) {
+		var activeConns []*ConnEntry
-	if v, ok := h.connClears.Load(inbound + user); ok {
+		for _, entry := range connList {
-		v.(*ConnClear).ClearConn()
+			if entry.Timestamp.After(expiredTime) {
-		h.connClears.Delete(inbound + user)
+				activeConns = append(activeConns, entry)
-	}
+			}
-}
+		}
 
-type Tracker struct {
+		if len(activeConns) == 0 {
-	l []func()
+			h.userconn.Delete(key)
-}
+		} else {
-
+			h.userconn.Store(key, activeConns)
-func (t *Tracker) AddLeave(f func()) {
+		}
-	t.l = append(t.l, f)
+		return true
-}
+	})
-
+	return nil
-func (t *Tracker) Leave() {
-	for i := range t.l {
-		t.l[i]()
-	}
 }

core/sing/node.go

@@ -13,9 +13,9 @@ import (
 	"github.com/InazumaV/V2bX/api/panel"
 	"github.com/InazumaV/V2bX/conf"
 	"github.com/goccy/go-json"
-	"github.com/sagernet/sing-box/inbound"
 	"github.com/sagernet/sing-box/option"
 	F "github.com/sagernet/sing/common/format"
+	"github.com/sagernet/sing/common/json/badoption"
 )
 
 type HttpNetworkConfig struct {
@@ -40,6 +40,15 @@ type WsNetworkConfig struct {
 	Headers map[string]string `json:"headers"`
 }
 
+type GrpcNetworkConfig struct {
+	ServiceName string `json:"serviceName"`
+}
+
+type HttpupgradeNetworkConfig struct {
+	Path string `json:"path"`
+	Host string `json:"host"`
+}
+
 func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (option.Inbound, error) {
 	addr, err := netip.ParseAddr(c.ListenIP)
 	if err != nil {
@@ -50,16 +59,28 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 		domainStrategy = c.SingOptions.DomainStrategy
 	}
 	listen := option.ListenOptions{
-		Listen:        (*option.ListenAddress)(&addr),
+		Listen:      (*badoption.Addr)(&addr),
-		ListenPort:    uint16(info.Common.ServerPort),
+		ListenPort:  uint16(info.Common.ServerPort),
-		ProxyProtocol: c.SingOptions.EnableProxyProtocol,
+		TCPFastOpen: c.SingOptions.TCPFastOpen,
-		TCPFastOpen:   c.SingOptions.TCPFastOpen,
 		InboundOptions: option.InboundOptions{
 			SniffEnabled:             c.SingOptions.SniffEnabled,
 			SniffOverrideDestination: c.SingOptions.SniffOverrideDestination,
 			DomainStrategy:           domainStrategy,
 		},
 	}
+	var multiplex *option.InboundMultiplexOptions
+	if c.SingOptions.Multiplex != nil {
+		multiplexOption := option.InboundMultiplexOptions{
+			Enabled: c.SingOptions.Multiplex.Enabled,
+			Padding: c.SingOptions.Multiplex.Padding,
+			Brutal: &option.BrutalOptions{
+				Enabled:  c.SingOptions.Multiplex.Brutal.Enabled,
+				UpMbps:   c.SingOptions.Multiplex.Brutal.UpMbps,
+				DownMbps: c.SingOptions.Multiplex.Brutal.DownMbps,
+			},
+		}
+		multiplex = &multiplexOption
+	}
 	var tls option.InboundTLSOptions
 	switch info.Security {
 	case panel.Tls:
@@ -98,7 +119,7 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 					ServerPort: uint16(port),
 				},
 			},
-			MaxTimeDifference: option.Duration(mtd),
+			MaxTimeDifference: badoption.Duration(mtd),
 		}
 	}
 	in := option.Inbound{
@@ -141,7 +162,7 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 			var (
 				path    string
 				ed      int
-				headers map[string]option.Listable[string]
+				headers map[string]badoption.Listable[string]
 			)
 			if len(n.NetworkSettings) != 0 {
 				network := WsNetworkConfig{}
@@ -156,9 +177,9 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 				}
 				path = u.Path
 				ed, _ = strconv.Atoi(u.Query().Get("ed"))
-				headers = make(map[string]option.Listable[string], len(network.Headers))
+				headers = make(map[string]badoption.Listable[string], len(network.Headers))
 				for k, v := range network.Headers {
-					headers[k] = option.Listable[string]{
+					headers[k] = badoption.Listable[string]{
 						v,
 					}
 				}
@@ -170,30 +191,48 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 				Headers:             headers,
 			}
 		case "grpc":
+			network := GrpcNetworkConfig{}
 			if len(n.NetworkSettings) != 0 {
-				err := json.Unmarshal(n.NetworkSettings, &t.GRPCOptions)
+				err := json.Unmarshal(n.NetworkSettings, &network)
 				if err != nil {
 					return option.Inbound{}, fmt.Errorf("decode NetworkSettings error: %s", err)
 				}
 			}
+			t.GRPCOptions = option.V2RayGRPCOptions{
+				ServiceName: network.ServiceName,
+			}
+		case "httpupgrade":
+			network := HttpupgradeNetworkConfig{}
+			if len(n.NetworkSettings) != 0 {
+				err := json.Unmarshal(n.NetworkSettings, &network)
+				if err != nil {
+					return option.Inbound{}, fmt.Errorf("decode NetworkSettings error: %s", err)
+				}
+			}
+			t.HTTPUpgradeOptions = option.V2RayHTTPUpgradeOptions{
+				Path: network.Path,
+				Host: network.Host,
+			}
 		}
 		if info.Type == "vless" {
 			in.Type = "vless"
-			in.VLESSOptions = option.VLESSInboundOptions{
+			in.Options = &option.VLESSInboundOptions{
 				ListenOptions: listen,
 				InboundTLSOptionsContainer: option.InboundTLSOptionsContainer{
 					TLS: &tls,
 				},
 				Transport: &t,
+				Multiplex: multiplex,
 			}
 		} else {
 			in.Type = "vmess"
-			in.VMessOptions = option.VMessInboundOptions{
+			in.Options = &option.VMessInboundOptions{
 				ListenOptions: listen,
 				InboundTLSOptionsContainer: option.InboundTLSOptionsContainer{
 					TLS: &tls,
 				},
 				Transport: &t,
+				Multiplex: multiplex,
 			}
 		}
 	case "shadowsocks":
@@ -203,25 +242,27 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 		switch n.Cipher {
 		case "2022-blake3-aes-128-gcm":
 			keyLength = 16
-		case "2022-blake3-aes-256-gcm":
+		case "2022-blake3-aes-256-gcm", "2022-blake3-chacha20-poly1305":
 			keyLength = 32
 		default:
 			keyLength = 16
 		}
-		in.ShadowsocksOptions = option.ShadowsocksInboundOptions{
+		ssoption := &option.ShadowsocksInboundOptions{
 			ListenOptions: listen,
 			Method:        n.Cipher,
+			Multiplex:     multiplex,
 		}
 		p := make([]byte, keyLength)
 		_, _ = rand.Read(p)
 		randomPasswd := string(p)
 		if strings.Contains(n.Cipher, "2022") {
-			in.ShadowsocksOptions.Password = n.ServerKey
+			ssoption.Password = n.ServerKey
 			randomPasswd = base64.StdEncoding.EncodeToString([]byte(randomPasswd))
 		}
-		in.ShadowsocksOptions.Users = []option.ShadowsocksUser{{
+		ssoption.Users = []option.ShadowsocksUser{{
 			Password: randomPasswd,
 		}}
+		in.Options = ssoption
 	case "trojan":
 		n := info.Trojan
 		t := option.V2RayTransportOptions{
@@ -234,7 +275,7 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 			var (
 				path    string
 				ed      int
-				headers map[string]option.Listable[string]
+				headers map[string]badoption.Listable[string]
 			)
 			if len(n.NetworkSettings) != 0 {
 				network := WsNetworkConfig{}
@@ -249,9 +290,9 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 				}
 				path = u.Path
 				ed, _ = strconv.Atoi(u.Query().Get("ed"))
-				headers = make(map[string]option.Listable[string], len(network.Headers))
+				headers = make(map[string]badoption.Listable[string], len(network.Headers))
 				for k, v := range network.Headers {
-					headers[k] = option.Listable[string]{
+					headers[k] = badoption.Listable[string]{
 						v,
 					}
 				}
@@ -263,29 +304,34 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 				Headers:             headers,
 			}
 		case "grpc":
+			network := GrpcNetworkConfig{}
 			if len(n.NetworkSettings) != 0 {
-				err := json.Unmarshal(n.NetworkSettings, &t.GRPCOptions)
+				err := json.Unmarshal(n.NetworkSettings, &network)
 				if err != nil {
 					return option.Inbound{}, fmt.Errorf("decode NetworkSettings error: %s", err)
 				}
 			}
+			t.GRPCOptions = option.V2RayGRPCOptions{
+				ServiceName: network.ServiceName,
+			}
 		default:
 			t.Type = ""
 		}
 		in.Type = "trojan"
-		in.TrojanOptions = option.TrojanInboundOptions{
+		trojanoption := &option.TrojanInboundOptions{
 			ListenOptions: listen,
 			InboundTLSOptionsContainer: option.InboundTLSOptionsContainer{
 				TLS: &tls,
 			},
 			Transport: &t,
+			Multiplex: multiplex,
 		}
 		if c.SingOptions.FallBackConfigs != nil {
 			// fallback handling
 			fallback := c.SingOptions.FallBackConfigs.FallBack
 			fallbackPort, err := strconv.Atoi(fallback.ServerPort)
 			if err == nil {
-				in.TrojanOptions.Fallback = &option.ServerOptions{
+				trojanoption.Fallback = &option.ServerOptions{
 					Server:     fallback.Server,
 					ServerPort: uint16(fallbackPort),
 				}
@@ -293,12 +339,13 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 			fallbackForALPNMap := c.SingOptions.FallBackConfigs.FallBackForALPN
 			fallbackForALPN := make(map[string]*option.ServerOptions, len(fallbackForALPNMap))
 			if err := processFallback(c, fallbackForALPN); err == nil {
-				in.TrojanOptions.FallbackForALPN = fallbackForALPN
+				trojanoption.FallbackForALPN = fallbackForALPN
 			}
 		}
+		in.Options = trojanoption
 	case "hysteria":
 		in.Type = "hysteria"
-		in.HysteriaOptions = option.HysteriaInboundOptions{
+		in.Options = &option.HysteriaInboundOptions{
 			ListenOptions: listen,
 			UpMbps:        info.Hysteria.UpMbps,
 			DownMbps:      info.Hysteria.DownMbps,
@@ -321,11 +368,12 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 				Password: info.Hysteria2.ObfsType,
 			}
 		}
-		in.Hysteria2Options = option.Hysteria2InboundOptions{
+		in.Options = &option.Hysteria2InboundOptions{
-			ListenOptions: listen,
+			ListenOptions:         listen,
-			UpMbps:        info.Hysteria2.UpMbps,
+			UpMbps:                info.Hysteria2.UpMbps,
-			DownMbps:      info.Hysteria2.DownMbps,
+			DownMbps:              info.Hysteria2.DownMbps,
-			Obfs:          obfs,
+			IgnoreClientBandwidth: info.Hysteria2.Ignore_Client_Bandwidth,
+			Obfs:                  obfs,
 			InboundTLSOptionsContainer: option.InboundTLSOptionsContainer{
 				TLS: &tls,
 			},
@@ -335,32 +383,20 @@ func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (optio
 }
 
 func (b *Sing) AddNode(tag string, info *panel.NodeInfo, config *conf.Options) error {
-	err := updateDNSConfig(info)
-	if err != nil {
-		return fmt.Errorf("build dns error: %s", err)
-	}
 	c, err := getInboundOptions(tag, info, config)
 	if err != nil {
 		return err
 	}
-
+	in := b.box.Inbound()
-	in, err := inbound.New(
+	err = in.Create(
 		b.ctx,
 		b.box.Router(),
 		b.logFactory.NewLogger(F.ToString("inbound/", c.Type, "[", tag, "]")),
 		tag,
-		c,
+		c.Type,
-		nil,
+		c.Options,
 	)
-	if err != nil {
+
-		return fmt.Errorf("init inbound error： %s", err)
-	}
-	err = in.Start()
-	if err != nil {
-		return fmt.Errorf("start inbound error: %s", err)
-	}
-	b.inbounds[tag] = in
-	err = b.router.AddInbound(in)
 	if err != nil {
 		return fmt.Errorf("add inbound error: %s", err)
 	}
@@ -368,11 +404,8 @@ func (b *Sing) AddNode(tag string, info *panel.NodeInfo, config *conf.Options) e
 }
 
 func (b *Sing) DelNode(tag string) error {
-	err := b.inbounds[tag].Close()
+	in := b.box.Inbound()
-	if err != nil {
+	err := in.Remove(tag)
-		return fmt.Errorf("close inbound error: %s", err)
-	}
-	err = b.router.DelInbound(tag)
 	if err != nil {
 		return fmt.Errorf("delete inbound error: %s", err)
 	}

core/sing/sing.go

@@ -3,17 +3,17 @@ package sing
 import (
 	"context"
 	"fmt"
-	"io"
 	"os"
 
+	"github.com/sagernet/sing-box/include"
 	"github.com/sagernet/sing-box/log"
 
 	"github.com/InazumaV/V2bX/conf"
 	vCore "github.com/InazumaV/V2bX/core"
-	"github.com/goccy/go-json"
 	box "github.com/sagernet/sing-box"
 	"github.com/sagernet/sing-box/adapter"
 	"github.com/sagernet/sing-box/option"
+	"github.com/sagernet/sing/common/json"
 )
 
 var _ vCore.Core = (*Sing)(nil)
@@ -29,7 +29,6 @@ type Sing struct {
 	hookServer *HookServer
 	router     adapter.Router
 	logFactory log.Factory
-	inbounds   map[string]adapter.Inbound
 }
 
 func init() {
@@ -37,13 +36,15 @@ func init() {
 }
 
 func New(c *conf.CoreConfig) (vCore.Core, error) {
+	ctx := context.Background()
+	ctx = box.Context(ctx, include.InboundRegistry(), include.OutboundRegistry(), include.EndpointRegistry(), include.DNSTransportRegistry())
 	options := option.Options{}
 	if len(c.SingConfig.OriginalPath) != 0 {
 		data, err := os.ReadFile(c.SingConfig.OriginalPath)
 		if err != nil {
 			return nil, fmt.Errorf("read original config error: %s", err)
 		}
-		err = json.Unmarshal(data, &options)
+		options, err = json.UnmarshalExtendedContext[option.Options](ctx, data)
 		if err != nil {
 			return nil, fmt.Errorf("unmarshal original config error: %s", err)
 		}
@@ -63,49 +64,26 @@ func New(c *conf.CoreConfig) (vCore.Core, error) {
 		},
 	}
 	os.Setenv("SING_DNS_PATH", "")
-	options.DNS = &option.DNSOptions{}
-	if c.SingConfig.DnsConfigPath != "" {
-		f, err := os.OpenFile(c.SingConfig.DnsConfigPath, os.O_RDWR|os.O_CREATE, 0755)
-		if err != nil {
-			return nil, fmt.Errorf("failed to open or create sing dns config file: %s", err)
-		}
-		defer f.Close()
-		data, err := io.ReadAll(f)
-		if err != nil {
-			log.Warn(fmt.Sprintf(
-				"Failed to read sing dns config from file '%v': %v. Using default DNS options",
-				f.Name(), err))
-			options.DNS = &option.DNSOptions{}
-		} else {
-			if err := json.Unmarshal(data, options.DNS); err != nil {
-				log.Warn(fmt.Sprintf(
-					"Failed to unmarshal sing dns config from file '%v': %v. Using default DNS options",
-					f.Name(), err))
-				options.DNS = &option.DNSOptions{}
-			}
-		}
-		os.Setenv("SING_DNS_PATH", c.SingConfig.DnsConfigPath)
-	}
 	b, err := box.New(box.Options{
-		Context: context.Background(),
+		Context: ctx,
 		Options: options,
 	})
 	if err != nil {
 		return nil, err
 	}
-	hs := NewHookServer(c.SingConfig.EnableConnClear)
+	hs := NewHookServer()
-	b.Router().SetClashServer(hs)
+	b.Router().SetTracker(hs)
 	return &Sing{
 		ctx:        b.Router().GetCtx(),
 		box:        b,
 		hookServer: hs,
 		router:     b.Router(),
 		logFactory: b.LogFactory(),
-		inbounds:   make(map[string]adapter.Inbound),
 	}, nil
 }
 
 func (b *Sing) Start() error {
+	b.hookServer.Cleanup.Start(false)
 	return b.box.Start()
 }
 

core/sing/user.go

@@ -7,33 +7,40 @@ import (
 	"github.com/InazumaV/V2bX/api/panel"
 	"github.com/InazumaV/V2bX/common/counter"
 	"github.com/InazumaV/V2bX/core"
-	"github.com/sagernet/sing-box/inbound"
 	"github.com/sagernet/sing-box/option"
+	"github.com/sagernet/sing-box/protocol/hysteria"
+	"github.com/sagernet/sing-box/protocol/hysteria2"
+	"github.com/sagernet/sing-box/protocol/shadowsocks"
+	"github.com/sagernet/sing-box/protocol/trojan"
+	"github.com/sagernet/sing-box/protocol/vless"
+	"github.com/sagernet/sing-box/protocol/vmess"
 )
 
 func (b *Sing) AddUsers(p *core.AddUsersParams) (added int, err error) {
+	in, found := b.box.Inbound().Get(p.Tag)
+	if !found {
+		return 0, errors.New("the inbound not found")
+	}
 	switch p.NodeInfo.Type {
-	case "vmess", "vless":
+	case "vless":
-		if p.NodeInfo.Type == "vless" {
+		us := make([]option.VLESSUser, len(p.Users))
-			us := make([]option.VLESSUser, len(p.Users))
+		for i := range p.Users {
-			for i := range p.Users {
+			us[i] = option.VLESSUser{
-				us[i] = option.VLESSUser{
+				Name: p.Users[i].Uuid,
-					Name: p.Users[i].Uuid,
+				Flow: p.VAllss.Flow,
-					Flow: p.VAllss.Flow,
+				UUID: p.Users[i].Uuid,
-					UUID: p.Users[i].Uuid,
-				}
 			}
-			err = b.inbounds[p.Tag].(*inbound.VLESS).AddUsers(us)
-		} else {
-			us := make([]option.VMessUser, len(p.Users))
-			for i := range p.Users {
-				us[i] = option.VMessUser{
-					Name: p.Users[i].Uuid,
-					UUID: p.Users[i].Uuid,
-				}
-			}
-			err = b.inbounds[p.Tag].(*inbound.VMess).AddUsers(us)
 		}
+		err = in.(*vless.Inbound).AddUsers(us)
+	case "vmess":
+		us := make([]option.VMessUser, len(p.Users))
+		for i := range p.Users {
+			us[i] = option.VMessUser{
+				Name: p.Users[i].Uuid,
+				UUID: p.Users[i].Uuid,
+			}
+		}
+		err = in.(*vmess.Inbound).AddUsers(us)
 	case "shadowsocks":
 		us := make([]option.ShadowsocksUser, len(p.Users))
 		for i := range p.Users {
@@ -49,7 +56,7 @@ func (b *Sing) AddUsers(p *core.AddUsersParams) (added int, err error) {
 				Password: password,
 			}
 		}
-		err = b.inbounds[p.Tag].(*inbound.ShadowsocksMulti).AddUsers(us)
+		err = in.(*shadowsocks.MultiInbound).AddUsers(us)
 	case "trojan":
 		us := make([]option.TrojanUser, len(p.Users))
 		for i := range p.Users {
@@ -58,7 +65,7 @@ func (b *Sing) AddUsers(p *core.AddUsersParams) (added int, err error) {
 				Password: p.Users[i].Uuid,
 			}
 		}
-		err = b.inbounds[p.Tag].(*inbound.Trojan).AddUsers(us)
+		err = in.(*trojan.Inbound).AddUsers(us)
 	case "hysteria":
 		us := make([]option.HysteriaUser, len(p.Users))
 		for i := range p.Users {
@@ -67,7 +74,7 @@ func (b *Sing) AddUsers(p *core.AddUsersParams) (added int, err error) {
 				AuthString: p.Users[i].Uuid,
 			}
 		}
-		err = b.inbounds[p.Tag].(*inbound.Hysteria).AddUsers(us)
+		err = in.(*hysteria.Inbound).AddUsers(us)
 	case "hysteria2":
 		us := make([]option.Hysteria2User, len(p.Users))
 		id := make([]int, len(p.Users))
@@ -78,7 +85,7 @@ func (b *Sing) AddUsers(p *core.AddUsersParams) (added int, err error) {
 			}
 			id[i] = p.Users[i].Id
 		}
-		err = b.inbounds[p.Tag].(*inbound.Hysteria2).AddUsers(us, id)
+		err = in.(*hysteria2.Inbound).AddUsers(us, id)
 	}
 	if err != nil {
 		return 0, err
@@ -103,34 +110,37 @@ type UserDeleter interface {
 	DelUsers(uuid []string) error
 }
 
-func (b *Sing) DelUsers(users []panel.UserInfo, tag string) error {
+func (b *Sing) DelUsers(users []panel.UserInfo, tag string, info *panel.NodeInfo) error {
 	var del UserDeleter
-	if i, ok := b.inbounds[tag]; ok {
+	if i, found := b.box.Inbound().Get(tag); found {
-		switch i.Type() {
+		switch info.Type {
 		case "vmess":
-			del = i.(*inbound.VMess)
+			del = i.(*vmess.Inbound)
 		case "vless":
-			del = i.(*inbound.VLESS)
+			del = i.(*vless.Inbound)
 		case "shadowsocks":
-			del = i.(*inbound.ShadowsocksMulti)
+			del = i.(*shadowsocks.MultiInbound)
 		case "trojan":
-			del = i.(*inbound.Trojan)
+			del = i.(*trojan.Inbound)
 		case "hysteria":
-			del = i.(*inbound.Hysteria)
+			del = i.(*hysteria.Inbound)
 		case "hysteria2":
-			del = i.(*inbound.Hysteria2)
+			del = i.(*hysteria2.Inbound)
 		}
 	} else {
 		return errors.New("the inbound not found")
 	}
 	uuids := make([]string, len(users))
 	for i := range users {
-		b.hookServer.ClearConn(tag, users[i].Uuid)
 		uuids[i] = users[i].Uuid
 	}
 	err := del.DelUsers(uuids)
 	if err != nil {
 		return err
 	}
+	err = b.hookServer.CloseConnections(tag, uuids)
+	if err != nil {
+		return err
+	}
 	return nil
 }

core/xray/app/dispatcher/config.pb.go

@@ -1,7 +1,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.31.0
+// 	protoc-gen-go v1.35.1
-// 	protoc        v4.23.4
+// 	protoc        v3.21.12
 // source: config.proto
 
 package dispatcher
@@ -28,11 +28,9 @@ type SessionConfig struct {
 
 func (x *SessionConfig) Reset() {
 	*x = SessionConfig{}
-	if protoimpl.UnsafeEnabled {
+	mi := &file_config_proto_msgTypes[0]
-		mi := &file_config_proto_msgTypes[0]
+	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+	ms.StoreMessageInfo(mi)
-		ms.StoreMessageInfo(mi)
-	}
 }
 
 func (x *SessionConfig) String() string {
@@ -43,7 +41,7 @@ func (*SessionConfig) ProtoMessage() {}
 
 func (x *SessionConfig) ProtoReflect() protoreflect.Message {
 	mi := &file_config_proto_msgTypes[0]
-	if protoimpl.UnsafeEnabled && x != nil {
+	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
@@ -68,11 +66,9 @@ type Config struct {
 
 func (x *Config) Reset() {
 	*x = Config{}
-	if protoimpl.UnsafeEnabled {
+	mi := &file_config_proto_msgTypes[1]
-		mi := &file_config_proto_msgTypes[1]
+	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+	ms.StoreMessageInfo(mi)
-		ms.StoreMessageInfo(mi)
-	}
 }
 
 func (x *Config) String() string {
@@ -83,7 +79,7 @@ func (*Config) ProtoMessage() {}
 
 func (x *Config) ProtoReflect() protoreflect.Message {
 	mi := &file_config_proto_msgTypes[1]
-	if protoimpl.UnsafeEnabled && x != nil {
+	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
@@ -140,7 +136,7 @@ func file_config_proto_rawDescGZIP() []byte {
 }
 
 var file_config_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
-var file_config_proto_goTypes = []interface{}{
+var file_config_proto_goTypes = []any{
 	(*SessionConfig)(nil), // 0: v2bx.core.app.dispatcher.SessionConfig
 	(*Config)(nil),        // 1: v2bx.core.app.dispatcher.Config
 }
@@ -158,32 +154,6 @@ func file_config_proto_init() {
 	if File_config_proto != nil {
 		return
 	}
-	if !protoimpl.UnsafeEnabled {
-		file_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*SessionConfig); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_config_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*Config); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-	}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
 		File: protoimpl.DescBuilder{

core/xray/app/dispatcher/default.go

@@ -5,6 +5,7 @@ package dispatcher
 import (
 	"context"
 	"fmt"
+	"regexp"
 	"strings"
 	"sync"
 	"time"
@@ -14,6 +15,7 @@ import (
 
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/buf"
+	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/log"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/protocol"
@@ -29,7 +31,7 @@ import (
 	"github.com/xtls/xray-core/transport/pipe"
 )
 
-var errSniffingTimeout = newError("timeout on sniffing")
+var errSniffingTimeout = errors.New("timeout on sniffing")
 
 type cachedReader struct {
 	sync.Mutex
@@ -43,8 +45,14 @@ func (r *cachedReader) Cache(b *buf.Buffer) {
 	if !mb.IsEmpty() {
 		r.cache, _ = buf.MergeMulti(r.cache, mb)
 	}
-	b.Clear()
+	cacheLen := r.cache.Len()
-	rawBytes := b.Extend(buf.Size)
+	if cacheLen <= b.Cap() {
+		b.Clear()
+	} else {
+		b.Release()
+		*b = *buf.NewWithSize(cacheLen)
+	}
+	rawBytes := b.Extend(cacheLen)
 	n := r.cache.Copy(rawBytes)
 	b.Resize(0, int32(n))
 	r.Unlock()
@@ -104,7 +112,7 @@ func init() {
 	common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
 		d := new(DefaultDispatcher)
 		if err := core.RequireFeatures(ctx, func(om outbound.Manager, router routing.Router, pm policy.Manager, sm stats.Manager, dc dns.Client) error {
-			core.RequireFeatures(ctx, func(fdns dns.FakeDNSEngine) {
+			core.OptionalFeatures(ctx, func(fdns dns.FakeDNSEngine) {
 				d.fdns = fdns
 			})
 			return d.Init(config.(*Config), om, router, pm, sm, dc)
@@ -165,24 +173,25 @@ func (d *DefaultDispatcher) getLink(ctx context.Context, network net.Network) (*
 	if user != nil && len(user.Email) > 0 {
 		limit, err = limiter.GetLimiter(sessionInbound.Tag)
 		if err != nil {
-			newError("get limiter ", sessionInbound.Tag, " error: ", err).AtError().WriteToLog()
+			errors.LogInfo(ctx, "get limiter ", sessionInbound.Tag, " error: ", err)
 			common.Close(outboundLink.Writer)
 			common.Close(inboundLink.Writer)
 			common.Interrupt(outboundLink.Reader)
 			common.Interrupt(inboundLink.Reader)
-			return nil, nil, nil, newError("get limiter ", sessionInbound.Tag, " error: ", err)
+			return nil, nil, nil, errors.New("get limiter ", sessionInbound.Tag, " error: ", err)
 		}
 		// Speed Limit and Device Limit
 		w, reject := limit.CheckLimit(user.Email,
 			sessionInbound.Source.Address.IP().String(),
-			network == net.Network_TCP)
+			network == net.Network_TCP,
+			sessionInbound.Source.Network == net.Network_TCP)
 		if reject {
-			newError("Limited ", user.Email, " by conn or ip").AtWarning().WriteToLog()
+			errors.LogInfo(ctx, "Limited ", user.Email, " by conn or ip")
 			common.Close(outboundLink.Writer)
 			common.Close(inboundLink.Writer)
 			common.Interrupt(outboundLink.Reader)
 			common.Interrupt(inboundLink.Reader)
-			return nil, nil, nil, newError("Limited ", user.Email, " by conn or ip")
+			return nil, nil, nil, errors.New("Limited ", user.Email, " by conn or ip")
 		}
 		if w != nil {
 			inboundLink.Writer = rate.NewRateLimitWriter(inboundLink.Writer, w)
@@ -218,8 +227,20 @@ func (d *DefaultDispatcher) shouldOverride(ctx context.Context, result SniffResu
 		return false
 	}
 	for _, d := range request.ExcludeForDomain {
-		if strings.ToLower(domain) == d {
+		if strings.HasPrefix(d, "regexp:") {
-			return false
+			pattern := d[7:]
+			re, err := regexp.Compile(pattern)
+			if err != nil {
+				errors.LogInfo(ctx, "Unable to compile regex")
+				continue
+			}
+			if re.MatchString(domain) {
+				return false
+			}
+		} else {
+			if strings.ToLower(domain) == d {
+				return false
+			}
 		}
 	}
 	protocolString := result.Protocol()
@@ -227,12 +248,12 @@ func (d *DefaultDispatcher) shouldOverride(ctx context.Context, result SniffResu
 		protocolString = resComp.ProtocolForDomainResult()
 	}
 	for _, p := range request.OverrideDestinationForProtocol {
-		if strings.HasPrefix(protocolString, p) || strings.HasPrefix(protocolString, p) {
+		if strings.HasPrefix(protocolString, p) || strings.HasPrefix(p, protocolString) {
 			return true
 		}
 		if fkr0, ok := d.fdns.(dns.FakeDNSEngineRev0); ok && protocolString != "bittorrent" && p == "fakedns" &&
 			destination.Address.Family().IsIP() && fkr0.IsIPInIPPool(destination.Address) {
-			newError("Using sniffer ", protocolString, " since the fake DNS missed").WriteToLog(session.ExportIDToError(ctx))
+			errors.LogInfo(ctx, "Using sniffer ", protocolString, " since the fake DNS missed")
 			return true
 		}
 		if resultSubset, ok := result.(SnifferIsProtoSubsetOf); ok {
@@ -282,7 +303,7 @@ func (d *DefaultDispatcher) Dispatch(ctx context.Context, destination net.Destin
 			}
 			if err == nil && d.shouldOverride(ctx, result, sniffingRequest, destination) {
 				domain := result.Domain()
-				newError("sniffed domain: ", domain).WriteToLog(session.ExportIDToError(ctx))
+				errors.LogInfo(ctx, "sniffed domain: ", domain)
 				destination.Address = net.ParseAddress(domain)
 				protocol := result.Protocol()
 				if resComp, ok := result.(SnifferResultComposite); ok {
@@ -307,7 +328,7 @@ func (d *DefaultDispatcher) Dispatch(ctx context.Context, destination net.Destin
 // DispatchLink implements routing.Dispatcher.
 func (d *DefaultDispatcher) DispatchLink(ctx context.Context, destination net.Destination, outbound *transport.Link) error {
 	if !destination.IsValid() {
-		return newError("Dispatcher: Invalid destination.")
+		return errors.New("Dispatcher: Invalid destination.")
 	}
 	outbounds := session.OutboundsFromContext(ctx)
 	if len(outbounds) == 0 {
@@ -336,7 +357,7 @@ func (d *DefaultDispatcher) DispatchLink(ctx context.Context, destination net.De
 		}
 		if err == nil && d.shouldOverride(ctx, result, sniffingRequest, destination) {
 			domain := result.Domain()
-			newError("sniffed domain: ", domain).WriteToLog(session.ExportIDToError(ctx))
+			errors.LogInfo(ctx, "sniffed domain: ", domain)
 			destination.Address = net.ParseAddress(domain)
 			protocol := result.Protocol()
 			if resComp, ok := result.(SnifferResultComposite); ok {
@@ -434,7 +455,7 @@ func (d *DefaultDispatcher) routedDispatch(ctx context.Context, link *transport.
 			var err error
 			l, err = limiter.GetLimiter(sessionInbound.Tag)
 			if err != nil {
-				newError("get limiter ", sessionInbound.Tag, " error: ", err).AtWarning().WriteToLog(session.ExportIDToError(ctx))
+				errors.LogError(ctx, "get limiter ", sessionInbound.Tag, " error: ", err)
 			}
 		}
 		if l != nil {
@@ -445,20 +466,20 @@ func (d *DefaultDispatcher) routedDispatch(ctx context.Context, link *transport.
 				destStr = destination.Address.IP().String()
 			}
 			if l.CheckDomainRule(destStr) {
-				newError(fmt.Sprintf(
+				errors.LogError(ctx, fmt.Sprintf(
 					"User %s access domain %s reject by rule",
 					sessionInbound.User.Email,
-					destStr)).AtWarning().WriteToLog(session.ExportIDToError(ctx))
+					destStr))
 				common.Close(link.Writer)
 				common.Interrupt(link.Reader)
 				return
 			}
 			if len(protocol) != 0 {
 				if l.CheckProtocolRule(protocol) {
-					newError(fmt.Sprintf(
+					errors.LogError(ctx, fmt.Sprintf(
 						"User %s access protocol %s reject by rule",
 						sessionInbound.User.Email,
-						protocol)).AtWarning().WriteToLog(session.ExportIDToError(ctx))
+						protocol))
 					common.Close(link.Writer)
 					common.Interrupt(link.Reader)
 					return
@@ -476,10 +497,10 @@ func (d *DefaultDispatcher) routedDispatch(ctx context.Context, link *transport.
 		ctx = session.SetForcedOutboundTagToContext(ctx, "")
 		if h := d.ohm.GetHandler(forcedOutboundTag); h != nil {
 			isPickRoute = 1
-			newError("taking platform initialized detour [", forcedOutboundTag, "] for [", destination, "]").WriteToLog(session.ExportIDToError(ctx))
+			errors.LogInfo(ctx, "taking platform initialized detour [", forcedOutboundTag, "] for [", destination, "]")
 			handler = h
 		} else {
-			newError("non existing tag for platform initialized detour: ", forcedOutboundTag).AtError().WriteToLog(session.ExportIDToError(ctx))
+			errors.LogError(ctx, "non existing tag for platform initialized detour: ", forcedOutboundTag)
 			common.Close(link.Writer)
 			common.Interrupt(link.Reader)
 			return
@@ -489,13 +510,13 @@ func (d *DefaultDispatcher) routedDispatch(ctx context.Context, link *transport.
 			outTag := route.GetOutboundTag()
 			if h := d.ohm.GetHandler(outTag); h != nil {
 				isPickRoute = 2
-				newError("taking detour [", outTag, "] for [", destination, "]").WriteToLog(session.ExportIDToError(ctx))
+				errors.LogInfo(ctx, "taking detour [", outTag, "] for [", destination, "]")
 				handler = h
 			} else {
-				newError("non existing outTag: ", outTag).AtWarning().WriteToLog(session.ExportIDToError(ctx))
+				errors.LogWarning(ctx, "non existing outTag: ", outTag)
 			}
 		} else {
-			newError("default route for ", destination).WriteToLog(session.ExportIDToError(ctx))
+			errors.LogInfo(ctx, "default route for ", destination)
 		}
 	}
 
@@ -508,7 +529,7 @@ func (d *DefaultDispatcher) routedDispatch(ctx context.Context, link *transport.
 	}
 
 	if handler == nil {
-		newError("default outbound handler not exist").WriteToLog(session.ExportIDToError(ctx))
+		errors.LogInfo(ctx, "default outbound handler not exist")
 		common.Close(link.Writer)
 		common.Interrupt(link.Reader)
 		return

core/xray/app/dispatcher/errors.generated.go

@@ -1,9 +0,0 @@
-package dispatcher
-
-import "github.com/xtls/xray-core/common/errors"
-
-type errPathObjHolder struct{}
-
-func newError(values ...interface{}) *errors.Error {
-	return errors.New(values...).WithPathObj(errPathObjHolder{})
-}

core/xray/app/dispatcher/fakednssniffer.go

@@ -5,6 +5,7 @@ import (
 	"strings"
 
 	"github.com/xtls/xray-core/common"
+	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/session"
 	"github.com/xtls/xray-core/core"
@@ -22,7 +23,7 @@ func newFakeDNSSniffer(ctx context.Context) (protocolSnifferWithMetadata, error)
 	}
 
 	if fakeDNSEngine == nil {
-		errNotInit := newError("FakeDNSEngine is not initialized, but such a sniffer is used").AtError()
+		errNotInit := errors.New("FakeDNSEngine is not initialized, but such a sniffer is used").AtError()
 		return protocolSnifferWithMetadata{}, errNotInit
 	}
 	return protocolSnifferWithMetadata{protocolSniffer: func(ctx context.Context, bytes []byte) (SniffResult, error) {
@@ -31,7 +32,7 @@ func newFakeDNSSniffer(ctx context.Context) (protocolSnifferWithMetadata, error)
 		if ob.Target.Network == net.Network_TCP || ob.Target.Network == net.Network_UDP {
 			domainFromFakeDNS := fakeDNSEngine.GetDomainFromFakeDNS(ob.Target.Address)
 			if domainFromFakeDNS != "" {
-				newError("fake dns got domain: ", domainFromFakeDNS, " for ip: ", ob.Target.Address.String()).WriteToLog(session.ExportIDToError(ctx))
+				errors.LogInfo(ctx, "fake dns got domain: ", domainFromFakeDNS, " for ip: ", ob.Target.Address.String())
 				return &fakeDNSSniffResult{domainName: domainFromFakeDNS}, nil
 			}
 		}
@@ -109,10 +110,10 @@ func newFakeDNSThenOthers(ctx context.Context, fakeDNSSniffer protocolSnifferWit
 					}
 					return nil, common.ErrNoClue
 				}
-				newError("ip address not in fake dns range, return as is").AtDebug().WriteToLog()
+				errors.LogDebug(ctx, "ip address not in fake dns range, return as is")
 				return nil, common.ErrNoClue
 			}
-			newError("fake dns sniffer did not set address in range option, assume false.").AtWarning().WriteToLog()
+			errors.LogWarning(ctx, "fake dns sniffer did not set address in range option, assume false.")
 			return nil, common.ErrNoClue
 		},
 		metadataSniffer: false,

core/xray/app/dispatcher/sniffer.go

@@ -4,6 +4,7 @@ import (
 	"context"
 
 	"github.com/xtls/xray-core/common"
+	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/protocol/bittorrent"
 	"github.com/xtls/xray-core/common/protocol/http"
@@ -34,7 +35,7 @@ type Sniffer struct {
 func NewSniffer(ctx context.Context) *Sniffer {
 	ret := &Sniffer{
 		sniffer: []protocolSnifferWithMetadata{
-			{func(c context.Context, b []byte) (SniffResult, error) { return http.SniffHTTP(b) }, false, net.Network_TCP},
+			{func(c context.Context, b []byte) (SniffResult, error) { return http.SniffHTTP(b, ctx) }, false, net.Network_TCP},
 			{func(c context.Context, b []byte) (SniffResult, error) { return tls.SniffTLS(b) }, false, net.Network_TCP},
 			{func(c context.Context, b []byte) (SniffResult, error) { return bittorrent.SniffBittorrent(b) }, false, net.Network_TCP},
 			{func(c context.Context, b []byte) (SniffResult, error) { return quic.SniffQUIC(b) }, false, net.Network_UDP},
@@ -52,7 +53,7 @@ func NewSniffer(ctx context.Context) *Sniffer {
 	return ret
 }
 
-var errUnknownContent = newError("unknown content")
+var errUnknownContent = errors.New("unknown content")
 
 func (s *Sniffer) Sniff(c context.Context, payload []byte, network net.Network) (SniffResult, error) {
 	var pendingSniffer []protocolSnifferWithMetadata

core/xray/distro/all/all.go

@@ -41,6 +41,7 @@ import (
 	_ "github.com/xtls/xray-core/proxy/http"
 	_ "github.com/xtls/xray-core/proxy/loopback"
 	_ "github.com/xtls/xray-core/proxy/shadowsocks"
+	_ "github.com/xtls/xray-core/proxy/shadowsocks_2022"
 	_ "github.com/xtls/xray-core/proxy/socks"
 	_ "github.com/xtls/xray-core/proxy/trojan"
 	_ "github.com/xtls/xray-core/proxy/vless/inbound"
@@ -51,13 +52,10 @@ import (
 	//_ "github.com/xtls/xray-core/proxy/wireguard"
 
 	// Transports
-	//_ "github.com/xtls/xray-core/transport/internet/domainsocket"
 	_ "github.com/xtls/xray-core/transport/internet/grpc"
-	_ "github.com/xtls/xray-core/transport/internet/http"
+	_ "github.com/xtls/xray-core/transport/internet/kcp"
-
-	//_ "github.com/xtls/xray-core/transport/internet/kcp"
-	//_ "github.com/xtls/xray-core/transport/internet/quic"
 	_ "github.com/xtls/xray-core/transport/internet/reality"
+	_ "github.com/xtls/xray-core/transport/internet/splithttp"
 	_ "github.com/xtls/xray-core/transport/internet/tcp"
 	_ "github.com/xtls/xray-core/transport/internet/tls"
 	_ "github.com/xtls/xray-core/transport/internet/udp"
@@ -70,5 +68,5 @@ import (
 	_ "github.com/xtls/xray-core/transport/internet/headers/tls"
 	_ "github.com/xtls/xray-core/transport/internet/headers/utp"
 	_ "github.com/xtls/xray-core/transport/internet/headers/wechat"
-	//_ "github.com/xtls/xray-core/transport/internet/headers/wireguard"
+	_ "github.com/xtls/xray-core/transport/internet/headers/wireguard"
 )

core/xray/inbound.go

@@ -26,8 +26,12 @@ func buildInbound(option *conf.Options, nodeInfo *panel.NodeInfo, tag string) (*
 		err = buildV2ray(option, nodeInfo, in)
 		network = nodeInfo.VAllss.Network
 	case "trojan":
-		err = buildTrojan(option, in)
+		err = buildTrojan(option, nodeInfo, in)
-		network = "tcp"
+		if nodeInfo.Trojan.Network != "" {
+			network = nodeInfo.Trojan.Network
+		} else {
+			network = "tcp"
+		}
 	case "shadowsocks":
 		err = buildShadowsocks(option, nodeInfo, in)
 		network = "tcp"
@@ -69,8 +73,13 @@ func buildInbound(option *conf.Options, nodeInfo *panel.NodeInfo, tag string) (*
 			in.StreamSetting.TCPSettings = tcpSetting
 		}
 	case "ws":
-		in.StreamSetting.WSSettings = &coreConf.WebSocketConfig{
+		if in.StreamSetting.WSSettings != nil {
-			AcceptProxyProtocol: option.XrayOptions.EnableProxyProtocol} //Enable proxy protocol
+			in.StreamSetting.WSSettings.AcceptProxyProtocol = option.XrayOptions.EnableProxyProtocol
+		} else {
+			in.StreamSetting.WSSettings = &coreConf.WebSocketConfig{
+				AcceptProxyProtocol: option.XrayOptions.EnableProxyProtocol,
+			} //Enable proxy protocol
+		}
 	default:
 		socketConfig := &coreConf.SocketConfig{
 			AcceptProxyProtocol: option.XrayOptions.EnableProxyProtocol,
@@ -131,6 +140,7 @@ func buildInbound(option *conf.Options, nodeInfo *panel.NodeInfo, tag string) (*
 			MaxTimeDiff:  uint64(mtd.Microseconds()),
 			ShortIds:     []string{v.TlsSettings.ShortId},
 		}
+	default:
 		break
 	}
 	in.Tag = tag
@@ -180,7 +190,7 @@ func buildV2ray(config *conf.Options, nodeInfo *panel.NodeInfo, inbound *coreCon
 		return nil
 	}
 
-	t := coreConf.TransportProtocol(nodeInfo.VAllss.Network)
+	t := coreConf.TransportProtocol(v.Network)
 	inbound.StreamSetting = &coreConf.StreamConfig{Network: &t}
 	switch v.Network {
 	case "tcp":
@@ -194,18 +204,29 @@ func buildV2ray(config *conf.Options, nodeInfo *panel.NodeInfo, inbound *coreCon
 			return fmt.Errorf("unmarshal ws settings error: %s", err)
 		}
 	case "grpc":
-		err := json.Unmarshal(v.NetworkSettings, &inbound.StreamSetting.GRPCConfig)
+		err := json.Unmarshal(v.NetworkSettings, &inbound.StreamSetting.GRPCSettings)
 		if err != nil {
 			return fmt.Errorf("unmarshal grpc settings error: %s", err)
 		}
+	case "httpupgrade":
+		err := json.Unmarshal(v.NetworkSettings, &inbound.StreamSetting.HTTPUPGRADESettings)
+		if err != nil {
+			return fmt.Errorf("unmarshal httpupgrade settings error: %s", err)
+		}
+	case "splithttp", "xhttp":
+		err := json.Unmarshal(v.NetworkSettings, &inbound.StreamSetting.SplitHTTPSettings)
+		if err != nil {
+			return fmt.Errorf("unmarshal xhttp settings error: %s", err)
+		}
 	default:
 		return errors.New("the network type is not vail")
 	}
 	return nil
 }
 
-func buildTrojan(config *conf.Options, inbound *coreConf.InboundDetourConfig) error {
+func buildTrojan(config *conf.Options, nodeInfo *panel.NodeInfo, inbound *coreConf.InboundDetourConfig) error {
 	inbound.Protocol = "trojan"
+	v := nodeInfo.Trojan
 	if config.XrayOptions.EnableFallback {
 		// Set fallback
 		fallbackConfigs, err := buildTrojanFallbacks(config.XrayOptions.FallBackConfigs)
@@ -223,8 +244,31 @@ func buildTrojan(config *conf.Options, inbound *coreConf.InboundDetourConfig) er
 		s := []byte("{}")
 		inbound.Settings = (*json.RawMessage)(&s)
 	}
-	t := coreConf.TransportProtocol("tcp")
+	network := v.Network
+	if network == "" {
+		network = "tcp"
+	}
+	t := coreConf.TransportProtocol(network)
 	inbound.StreamSetting = &coreConf.StreamConfig{Network: &t}
+	switch network {
+	case "tcp":
+		err := json.Unmarshal(v.NetworkSettings, &inbound.StreamSetting.TCPSettings)
+		if err != nil {
+			return fmt.Errorf("unmarshal tcp settings error: %s", err)
+		}
+	case "ws":
+		err := json.Unmarshal(v.NetworkSettings, &inbound.StreamSetting.WSSettings)
+		if err != nil {
+			return fmt.Errorf("unmarshal ws settings error: %s", err)
+		}
+	case "grpc":
+		err := json.Unmarshal(v.NetworkSettings, &inbound.StreamSetting.GRPCSettings)
+		if err != nil {
+			return fmt.Errorf("unmarshal grpc settings error: %s", err)
+		}
+	default:
+		return errors.New("the network type is not vail")
+	}
 	return nil
 }
 

core/xray/ss.go

@@ -38,9 +38,11 @@ func buildSSUser(tag string, userInfo *panel.UserInfo, cypher string, serverKey
 			keyLength = 16
 		case "2022-blake3-aes-256-gcm":
 			keyLength = 32
+		case "2022-blake3-chacha20-poly1305":
+			keyLength = 32
 		}
-		ssAccount := &shadowsocks_2022.User{
+		ssAccount := &shadowsocks_2022.Account{
-			Key: base64.StdEncoding.EncodeToString([]byte(userInfo.Uuid[:keyLength])),
+			Key:   base64.StdEncoding.EncodeToString([]byte(userInfo.Uuid[:keyLength])),
 		}
 		return &protocol.User{
 			Level:   0,

core/xray/user.go

@@ -27,7 +27,7 @@ func (c *Xray) GetUserManager(tag string) (proxy.UserManager, error) {
 	return userManager, nil
 }
 
-func (c *Xray) DelUsers(users []panel.UserInfo, tag string) error {
+func (c *Xray) DelUsers(users []panel.UserInfo, tag string, _ *panel.NodeInfo) error {
 	userManager, err := c.GetUserManager(tag)
 	if err != nil {
 		return fmt.Errorf("get user manager error: %s", err)

example/config_full.json

@@ -28,9 +28,7 @@
       },
       "DnsConfigPath": "/etc/V2bX/dns.json",
       // SingBox源配置文件目录，用于引用标准SingBox配置文件
-      "OriginalPath": "/etc/V2bX/sing_origin.json",
+      "OriginalPath": "/etc/V2bX/sing_origin.json"
-      // 在删除用户时清理已建立的连接
-      "EnableConnClear": false,
     },
     {
       "Type": "sing",

go.mod

@@ -1,139 +1,162 @@
 module github.com/InazumaV/V2bX
 
-go 1.22
+go 1.24
 
-toolchain go1.22.0
+toolchain go1.24.0
 
 require (
-	github.com/apernet/hysteria/core v1.3.5-0.20240511211632-a3c4cfa4b5b2
+	github.com/apernet/hysteria/core/v2 v2.6.1
-	github.com/apernet/hysteria/extras v0.0.0-20240518025014-15e58468a72c
+	github.com/apernet/hysteria/extras/v2 v2.6.1
-	github.com/beevik/ntp v1.2.0
+	github.com/apernet/quic-go v0.49.1-0.20250204013113-43c72b1281a0
-	github.com/fsnotify/fsnotify v1.7.0
+	github.com/beevik/ntp v1.4.4-0.20240716062501-06ef196b89ec
-	github.com/go-acme/lego/v4 v4.13.2
+	github.com/fsnotify/fsnotify v1.8.0
-	github.com/go-resty/resty/v2 v2.7.0
+	github.com/go-acme/lego/v4 v4.21.1-0.20241220151055-ee7a9e4fa04f
-	github.com/goccy/go-json v0.10.2
+	github.com/go-resty/resty/v2 v2.16.2
-	github.com/hashicorp/go-multierror v1.1.1
+	github.com/goccy/go-json v0.10.4
+	github.com/hashicorp/go-multierror v1.1.2-0.20241119060415-613124da9385
 	github.com/juju/ratelimit v1.0.2
-	github.com/sagernet/sing v0.5.0-alpha.10
+	github.com/sagernet/sing v0.6.1-0.20250206032706-39a584083834
-	github.com/sagernet/sing-box v1.9.0
+	github.com/sagernet/sing-box v1.12.0
 	github.com/sirupsen/logrus v1.9.3
-	github.com/spf13/cobra v1.8.0
+	github.com/spf13/cobra v1.8.1
-	github.com/spf13/viper v1.15.0
+	github.com/spf13/viper v1.19.0
-	github.com/xtls/xray-core v1.8.14-0.20240610141749-ea02ae74edb7
+	github.com/xtls/xray-core v1.8.25-0.20250303153022-e15dff94b5bd
 	go.uber.org/zap v1.27.0
-	golang.org/x/crypto v0.24.0
+	golang.org/x/crypto v0.35.0
-	golang.org/x/sys v0.21.0
+	golang.org/x/sys v0.30.0
-	google.golang.org/protobuf v1.34.1
+	google.golang.org/protobuf v1.36.5
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1
 )
 
 require (
-	berty.tech/go-libtor v1.0.385 // indirect
+	cloud.google.com/go/auth v0.13.0 // indirect
-	cloud.google.com/go/compute v1.25.1 // indirect
+	cloud.google.com/go/auth/oauth2adapt v0.2.6 // indirect
-	cloud.google.com/go/compute/metadata v0.2.3 // indirect
+	cloud.google.com/go/compute/metadata v0.6.0 // indirect
 	github.com/AdamSLevy/jsonrpc2/v14 v14.1.0 // indirect
 	github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.1.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.2.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.1.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.3.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resourcegraph/armresourcegraph v0.9.0 // indirect
 	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
-	github.com/Azure/go-autorest/autorest v0.11.24 // indirect
+	github.com/Azure/go-autorest/autorest v0.11.29 // indirect
-	github.com/Azure/go-autorest/autorest/adal v0.9.18 // indirect
+	github.com/Azure/go-autorest/autorest/adal v0.9.22 // indirect
-	github.com/Azure/go-autorest/autorest/azure/auth v0.5.12 // indirect
+	github.com/Azure/go-autorest/autorest/azure/auth v0.5.13 // indirect
-	github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 // indirect
+	github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 // indirect
 	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
 	github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
 	github.com/Azure/go-autorest/logger v0.2.1 // indirect
 	github.com/Azure/go-autorest/tracing v0.6.0 // indirect
-	github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0 // indirect
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
 	github.com/OpenDNS/vegadns2client v0.0.0-20180418235048-a3fa4a771d87 // indirect
+	github.com/ajg/form v1.5.1 // indirect
 	github.com/akamai/AkamaiOPEN-edgegrid-golang v1.2.2 // indirect
-	github.com/aliyun/alibaba-cloud-sdk-go v1.61.1755 // indirect
+	github.com/aliyun/alibaba-cloud-sdk-go v1.63.72 // indirect
-	github.com/andres-erbsen/clock v0.0.0-20160526145045-9e14626cd129 // indirect
 	github.com/andybalholm/brotli v1.1.0 // indirect
-	github.com/apernet/quic-go v0.43.1-0.20240515053213-5e9e635fd9f0 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.32.7 // indirect
-	github.com/aws/aws-sdk-go v1.39.0 // indirect
+	github.com/aws/aws-sdk-go-v2/config v1.28.7 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.48 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.22 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.26 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.26 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/lightsail v1.42.8 // indirect
+	github.com/aws/aws-sdk-go-v2/service/route53 v1.46.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.24.8 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.33.3 // indirect
+	github.com/aws/smithy-go v1.22.1 // indirect
 	github.com/babolivier/go-doh-client v0.0.0-20201028162107-a76cff4cb8b6 // indirect
+	github.com/benbjohnson/clock v1.3.0 // indirect
 	github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
 	github.com/caddyserver/certmagic v0.20.0 // indirect
-	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
 	github.com/civo/civogo v0.3.11 // indirect
-	github.com/cloudflare/circl v1.3.8 // indirect
+	github.com/cloudflare/circl v1.6.0 // indirect
-	github.com/cloudflare/cloudflare-go v0.70.0 // indirect
+	github.com/cloudflare/cloudflare-go v0.112.0 // indirect
 	github.com/cpu/goacmedns v0.1.1 // indirect
 	github.com/cretz/bine v0.2.0 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/database64128/netx-go v0.0.0-20240905055117-62795b8b054a // indirect
-	github.com/deepmap/oapi-codegen v1.9.1 // indirect
+	github.com/database64128/tfo-go/v2 v2.2.2 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/dgryski/go-metro v0.0.0-20211217172704-adc40b04c140 // indirect
 	github.com/dimchansky/utfbom v1.1.1 // indirect
-	github.com/dnsimple/dnsimple-go v1.2.0 // indirect
+	github.com/dnsimple/dnsimple-go v1.7.0 // indirect
-	github.com/exoscale/egoscale v0.100.1 // indirect
+	github.com/exoscale/egoscale/v3 v3.1.7 // indirect
 	github.com/fatih/structs v1.1.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
-	github.com/francoispqt/gojay v1.2.13 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
-	github.com/gaukas/godicttls v0.0.4 // indirect
 	github.com/ghodss/yaml v1.0.1-0.20220118164431-d8423dcdf344 // indirect
-	github.com/go-chi/chi/v5 v5.0.12 // indirect
+	github.com/go-chi/chi/v5 v5.2.1 // indirect
+	github.com/go-chi/render v1.0.3 // indirect
 	github.com/go-errors/errors v1.0.1 // indirect
-	github.com/go-jose/go-jose/v3 v3.0.0 // indirect
+	github.com/go-jose/go-jose/v4 v4.0.4 // indirect
-	github.com/go-logr/logr v1.4.1 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-ole/go-ole v1.3.0 // indirect
+	github.com/go-playground/locales v0.14.1 // indirect
+	github.com/go-playground/universal-translator v0.18.1 // indirect
+	github.com/go-playground/validator/v10 v10.16.0 // indirect
 	github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
+	github.com/go-viper/mapstructure/v2 v2.2.1 // indirect
 	github.com/gobwas/httphead v0.1.0 // indirect
 	github.com/gobwas/pool v0.2.1 // indirect
-	github.com/gofrs/uuid/v5 v5.2.0 // indirect
+	github.com/gofrs/flock v0.12.1 // indirect
-	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
+	github.com/gofrs/uuid/v5 v5.3.0 // indirect
-	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
-	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
-	github.com/google/btree v1.1.2 // indirect
+	github.com/google/btree v1.1.3 // indirect
-	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/go-cmp v0.7.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/pprof v0.0.0-20240528025155-186aa0362fba // indirect
-	github.com/google/s2a-go v0.1.7 // indirect
+	github.com/google/s2a-go v0.1.8 // indirect
 	github.com/google/uuid v1.6.0 // indirect
-	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
-	github.com/googleapis/gax-go/v2 v2.12.2 // indirect
+	github.com/googleapis/gax-go/v2 v2.14.0 // indirect
-	github.com/gophercloud/gophercloud v1.0.0 // indirect
+	github.com/gophercloud/gophercloud v1.14.1 // indirect
-	github.com/gophercloud/utils v0.0.0-20210216074907-f6de111f2eae // indirect
+	github.com/gophercloud/utils v0.0.0-20231010081019-80377eca5d56 // indirect
-	github.com/gorilla/websocket v1.5.2 // indirect
+	github.com/gorilla/websocket v1.5.3 // indirect
-	github.com/hashicorp/errwrap v1.0.0 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.4 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
+	github.com/hashicorp/go-uuid v1.0.3 // indirect
 	github.com/hashicorp/golang-lru/v2 v2.0.5 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
-	github.com/hashicorp/yamux v0.1.1 // indirect
+	github.com/hashicorp/yamux v0.1.2 // indirect
+	github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.128 // indirect
 	github.com/iij/doapi v0.0.0-20190504054126-0bbf12d6d7df // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/infobloxopen/infoblox-go-client v1.1.1 // indirect
+	github.com/insomniacslk/dhcp v0.0.0-20250109001534-8abf58130905 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/josharian/native v1.1.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213 // indirect
-	github.com/klauspost/compress v1.17.8 // indirect
+	github.com/klauspost/compress v1.17.9 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.7 // indirect
 	github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b // indirect
-	github.com/kr/pretty v0.3.1 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/labbsr0x/bindman-dns-webhook v1.0.2 // indirect
 	github.com/labbsr0x/goh v1.0.1 // indirect
+	github.com/leodido/go-urn v1.2.4 // indirect
 	github.com/libdns/alidns v1.0.3 // indirect
 	github.com/libdns/cloudflare v0.1.1 // indirect
 	github.com/libdns/libdns v0.2.2 // indirect
-	github.com/linode/linodego v1.17.2 // indirect
+	github.com/linode/linodego v1.44.0 // indirect
-	github.com/liquidweb/go-lwApi v0.0.5 // indirect
 	github.com/liquidweb/liquidweb-cli v0.6.9 // indirect
-	github.com/liquidweb/liquidweb-go v1.6.3 // indirect
+	github.com/liquidweb/liquidweb-go v1.6.4 // indirect
 	github.com/logrusorgru/aurora v2.0.3+incompatible // indirect
 	github.com/magiconair/properties v1.8.7 // indirect
-	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/mattn/go-isatty v0.0.19 // indirect
 	github.com/mdlayher/netlink v1.7.2 // indirect
 	github.com/mdlayher/socket v0.4.1 // indirect
+	github.com/metacubex/tfo-go v0.0.0-20241231083714-66613d49c422 // indirect
 	github.com/mholt/acmez v1.2.0 // indirect
-	github.com/miekg/dns v1.1.59 // indirect
+	github.com/miekg/dns v1.1.63 // indirect
 	github.com/mimuret/golang-iij-dpf v0.9.1 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
@@ -141,114 +164,128 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04 // indirect
 	github.com/nrdcg/auroradns v1.1.0 // indirect
-	github.com/nrdcg/desec v0.7.0 // indirect
+	github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3 // indirect
+	github.com/nrdcg/desec v0.10.0 // indirect
 	github.com/nrdcg/dnspod-go v0.4.0 // indirect
-	github.com/nrdcg/freemyip v0.2.0 // indirect
+	github.com/nrdcg/freemyip v0.3.0 // indirect
-	github.com/nrdcg/goinwx v0.8.2 // indirect
+	github.com/nrdcg/goinwx v0.10.0 // indirect
+	github.com/nrdcg/mailinabox v0.2.0 // indirect
 	github.com/nrdcg/namesilo v0.2.1 // indirect
 	github.com/nrdcg/nodion v0.1.0 // indirect
-	github.com/nrdcg/porkbun v0.2.0 // indirect
+	github.com/nrdcg/porkbun v0.4.0 // indirect
 	github.com/nzdjb/go-metaname v1.0.0 // indirect
 	github.com/onsi/ginkgo/v2 v2.19.0 // indirect
-	github.com/ooni/go-libtor v1.1.8 // indirect
+	github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b // indirect
-	github.com/oracle/oci-go-sdk v24.3.0+incompatible // indirect
+	github.com/oracle/oci-go-sdk/v65 v65.81.1 // indirect
-	github.com/oschwald/maxminddb-golang v1.12.0 // indirect
+	github.com/ovh/go-ovh v1.6.0 // indirect
-	github.com/ovh/go-ovh v1.4.1 // indirect
 	github.com/patrickmn/go-cache v2.1.0+incompatible // indirect
-	github.com/pelletier/go-toml/v2 v2.0.6 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.2 // indirect
-	github.com/pires/go-proxyproto v0.7.0 // indirect
+	github.com/peterhellberg/link v1.2.0 // indirect
-	github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
+	github.com/pierrec/lz4/v4 v4.1.17 // indirect
+	github.com/pires/go-proxyproto v0.8.0 // indirect
+	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/pquerna/otp v1.4.0 // indirect
-	github.com/quic-go/qpack v0.4.0 // indirect
+	github.com/quic-go/qpack v0.5.1 // indirect
 	github.com/quic-go/qtls-go1-20 v0.4.1 // indirect
-	github.com/quic-go/quic-go v0.45.0 // indirect
+	github.com/quic-go/quic-go v0.50.0 // indirect
-	github.com/refraction-networking/utls v1.6.6 // indirect
+	github.com/refraction-networking/utls v1.6.7 // indirect
+	github.com/regfish/regfish-dnsapi-go v0.1.1 // indirect
 	github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 // indirect
-	github.com/sacloud/api-client-go v0.2.8 // indirect
+	github.com/sacloud/api-client-go v0.2.10 // indirect
-	github.com/sacloud/go-http v0.1.6 // indirect
+	github.com/sacloud/go-http v0.1.8 // indirect
-	github.com/sacloud/iaas-api-go v1.11.1 // indirect
+	github.com/sacloud/iaas-api-go v1.14.0 // indirect
-	github.com/sacloud/packages-go v0.0.9 // indirect
+	github.com/sacloud/packages-go v0.0.10 // indirect
 	github.com/sagernet/bbolt v0.0.0-20231014093535-ea5cb2fe9f0a // indirect
 	github.com/sagernet/cloudflare-tls v0.0.0-20231208171750-a4483c1b7cd1 // indirect
-	github.com/sagernet/gvisor v0.0.0-20240428053021-e691de28565f // indirect
+	github.com/sagernet/cors v1.2.1 // indirect
+	github.com/sagernet/fswatch v0.1.1 // indirect
+	github.com/sagernet/gvisor v0.0.0-20241123041152-536d05261cff // indirect
 	github.com/sagernet/netlink v0.0.0-20240612041022-b9a21c07ac6a // indirect
-	github.com/sagernet/nftables v0.3.0-beta.2 // indirect
+	github.com/sagernet/nftables v0.3.0-beta.4 // indirect
-	github.com/sagernet/quic-go v0.45.0-beta.2 // indirect
+	github.com/sagernet/quic-go v0.49.0-beta.1 // indirect
-	github.com/sagernet/sing-dns v0.3.0-beta.5 // indirect
+	github.com/sagernet/reality v0.0.0-20230406110435-ee17307e7691 // indirect
-	github.com/sagernet/sing-mux v0.2.0 // indirect
+	github.com/sagernet/sing-mux v0.3.1 // indirect
-	github.com/sagernet/sing-quic v0.2.0-beta.9 // indirect
+	github.com/sagernet/sing-quic v0.4.0 // indirect
-	github.com/sagernet/sing-shadowsocks v0.2.6 // indirect
+	github.com/sagernet/sing-shadowsocks v0.2.7 // indirect
 	github.com/sagernet/sing-shadowsocks2 v0.2.0 // indirect
-	github.com/sagernet/sing-shadowtls v0.1.4 // indirect
+	github.com/sagernet/sing-shadowtls v0.2.0 // indirect
-	github.com/sagernet/sing-tun v0.4.0-beta.9.0.20240612134350-d9e105f31ddc // indirect
+	github.com/sagernet/sing-tun v0.6.0 // indirect
-	github.com/sagernet/sing-vmess v0.1.8 // indirect
+	github.com/sagernet/sing-vmess v0.2.0 // indirect
 	github.com/sagernet/smux v0.0.0-20231208180855-7041f6ea79e7 // indirect
-	github.com/sagernet/tfo-go v0.0.0-20231209031829-7b5343ac1dc6 // indirect
+	github.com/sagernet/utls v1.6.7 // indirect
-	github.com/sagernet/utls v1.5.4 // indirect
+	github.com/sagernet/wireguard-go v0.0.1-beta.5 // indirect
-	github.com/sagernet/wireguard-go v0.0.0-20231215174105-89dec3b2f3e8 // indirect
 	github.com/sagernet/ws v0.0.0-20231204124109-acfe8907c854 // indirect
-	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.17 // indirect
+	github.com/sagikazarmark/locafero v0.4.0 // indirect
-	github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb // indirect
+	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
-	github.com/simplesurance/bunny-go v0.0.0-20221115111006-e11d9dc91f04 // indirect
+	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.30 // indirect
+	github.com/seiflotfy/cuckoofilter v0.0.0-20240715131351-a2f2c23f1771 // indirect
+	github.com/selectel/domains-go v1.1.0 // indirect
+	github.com/selectel/go-selvpcclient/v3 v3.2.1 // indirect
+	github.com/shopspring/decimal v1.3.1 // indirect
 	github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9 // indirect
-	github.com/softlayer/softlayer-go v1.1.2 // indirect
+	github.com/softlayer/softlayer-go v1.1.7 // indirect
 	github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e // indirect
-	github.com/spf13/afero v1.9.3 // indirect
+	github.com/sony/gobreaker v0.5.0 // indirect
-	github.com/spf13/cast v1.5.0 // indirect
+	github.com/sourcegraph/conc v0.3.0 // indirect
-	github.com/spf13/jwalterweatherman v1.1.0 // indirect
+	github.com/spf13/afero v1.11.0 // indirect
+	github.com/spf13/cast v1.6.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/stretchr/objx v0.5.2 // indirect
-	github.com/stretchr/testify v1.9.0 // indirect
+	github.com/stretchr/testify v1.10.0 // indirect
-	github.com/subosito/gotenv v1.4.2 // indirect
+	github.com/subosito/gotenv v1.6.0 // indirect
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.490 // indirect
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1065 // indirect
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.490 // indirect
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1065 // indirect
-	github.com/transip/gotransip/v6 v6.20.0 // indirect
+	github.com/tjfoc/gmsm v1.4.1 // indirect
+	github.com/transip/gotransip/v6 v6.26.0 // indirect
 	github.com/txthinking/runnergroup v0.0.0-20210608031112-152c7c4432bf // indirect
 	github.com/txthinking/socks5 v0.0.0-20230325130024-4230056ae301 // indirect
-	github.com/ultradns/ultradns-go-sdk v1.5.0-20230427130837-23c9b0c // indirect
+	github.com/u-root/uio v0.0.0-20230220225925-ffce2a382923 // indirect
+	github.com/ultradns/ultradns-go-sdk v1.8.0-20241010134910-243eeec // indirect
 	github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e // indirect
 	github.com/vinyldns/go-vinyldns v0.9.16 // indirect
-	github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 // indirect
+	github.com/vishvananda/netlink v1.3.0 // indirect
 	github.com/vishvananda/netns v0.0.4 // indirect
-	github.com/vultr/govultr/v2 v2.17.2 // indirect
+	github.com/volcengine/volc-sdk-golang v1.0.189 // indirect
-	github.com/xtls/reality v0.0.0-20240429224917-ecc4401070cc // indirect
+	github.com/vultr/govultr/v3 v3.9.1 // indirect
-	github.com/yandex-cloud/go-genproto v0.0.0-20220805142335-27b56ddae16f // indirect
+	github.com/wyx2685/sing-vmess v0.0.0-20250208043059-9bd6d628dc1c // indirect
-	github.com/yandex-cloud/go-sdk v0.0.0-20220805164847-cf028e604997 // indirect
+	github.com/xtls/reality v0.0.0-20240909153216-e26ae2305463 // indirect
+	github.com/yandex-cloud/go-genproto v0.0.0-20241220122821-aeb3b05efd1c // indirect
+	github.com/yandex-cloud/go-sdk v0.0.0-20241220131134-2393e243c134 // indirect
 	github.com/zeebo/blake3 v0.2.3 // indirect
-	go.opencensus.io v0.24.0 // indirect
+	go.mongodb.org/mongo-driver v1.12.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect
-	go.opentelemetry.io/otel v1.24.0 // indirect
+	go.opentelemetry.io/otel v1.32.0 // indirect
-	go.opentelemetry.io/otel/metric v1.24.0 // indirect
+	go.opentelemetry.io/otel/metric v1.32.0 // indirect
-	go.opentelemetry.io/otel/trace v1.24.0 // indirect
+	go.opentelemetry.io/otel/trace v1.32.0 // indirect
-	go.uber.org/mock v0.4.0 // indirect
+	go.uber.org/mock v0.5.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	go.uber.org/ratelimit v0.2.0 // indirect
+	go.uber.org/ratelimit v0.3.0 // indirect
 	go4.org/netipx v0.0.0-20231129151722-fdeea329fbba // indirect
-	golang.org/x/exp v0.0.0-20240604190554-fc45aab8b7f8 // indirect
+	golang.org/x/exp v0.0.0-20241210194714-1829a127f884 // indirect
-	golang.org/x/mod v0.18.0 // indirect
+	golang.org/x/mod v0.22.0 // indirect
-	golang.org/x/net v0.26.0 // indirect
+	golang.org/x/net v0.35.0 // indirect
-	golang.org/x/oauth2 v0.18.0 // indirect
+	golang.org/x/oauth2 v0.24.0 // indirect
-	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/sync v0.11.0 // indirect
-	golang.org/x/text v0.16.0 // indirect
+	golang.org/x/text v0.22.0 // indirect
-	golang.org/x/time v0.5.0 // indirect
+	golang.org/x/time v0.8.0 // indirect
-	golang.org/x/tools v0.22.0 // indirect
+	golang.org/x/tools v0.28.0 // indirect
 	golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
 	golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 // indirect
-	google.golang.org/api v0.169.0 // indirect
+	google.golang.org/api v0.214.0 // indirect
-	google.golang.org/appengine v1.6.8 // indirect
+	google.golang.org/genproto v0.0.0-20241021214115-324edc3d5d38 // indirect
-	google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20241202173237-19429a94021a // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240528184218-531527333157 // indirect
+	google.golang.org/grpc v1.70.0 // indirect
-	google.golang.org/grpc v1.64.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
-	gopkg.in/ns1/ns1-go.v2 v2.7.6 // indirect
+	gopkg.in/ns1/ns1-go.v2 v2.13.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	gvisor.dev/gvisor v0.0.0-20231202080848-1f7806d17489 // indirect
+	gvisor.dev/gvisor v0.0.0-20240320123526-dc6abceb7ff0 // indirect
-	lukechampine.com/blake3 v1.3.0 // indirect
+	lukechampine.com/blake3 v1.4.0 // indirect
 )
 
-//github.com/apernet/hysteria/core v1.3.5-0.20240201034858-bb99579bb92c => /root/hysteria/core
+//replace github.com/sagernet/sing-box v1.12.0 => /root/sing-box_mod
-replace github.com/sagernet/sing-box v1.9.0 => github.com/wyx2685/sing-box_mod v0.0.8
+
+replace github.com/sagernet/sing-box v1.12.0 => github.com/wyx2685/sing-box_mod v1.12.0-alpha.4.0.20250208043349-10516a449eb5

limiter/limiter.go

@@ -3,6 +3,7 @@ package limiter
 import (
 	"errors"
 	"regexp"
+	"strings"
 	"sync"
 	"time"
 
@@ -20,13 +21,13 @@ var limiter map[string]*Limiter
 func Init() {
 	limiter = map[string]*Limiter{}
 	c := task.Periodic{
-		Interval: time.Minute * 2,
+		Interval: time.Minute * 3,
 		Execute:  ClearOnlineIP,
 	}
 	go func() {
 		log.WithField("Type", "Limiter").
 			Debug("ClearOnlineIP started")
-		time.Sleep(time.Minute * 2)
+		time.Sleep(time.Minute * 3)
 		_ = c.Start()
 	}()
 }
@@ -36,10 +37,12 @@ type Limiter struct {
 	ProtocolRules []string
 	SpeedLimit    int
 	UserOnlineIP  *sync.Map      // Key: Name, value: {Key: Ip, value: Uid}
-	UUIDtoUID     map[string]int // Key: UUID, value: UID
+	OldUserOnline *sync.Map      // Key: Ip, value: Uid
+	UUIDtoUID     map[string]int // Key: UUID, value: Uid
 	UserLimitInfo *sync.Map      // Key: Uid value: UserLimitInfo
 	ConnLimiter   *ConnLimiter   // Key: Uid value: ConnLimiter
 	SpeedLimiter  *sync.Map      // key: Uid, value: *ratelimit.Bucket
+	AliveList     map[int]int    // Key: Uid, value: alive_ip
 }
 
 type UserLimitInfo struct {
@@ -48,15 +51,18 @@ type UserLimitInfo struct {
 	DeviceLimit       int
 	DynamicSpeedLimit int
 	ExpireTime        int64
+	OverLimit         bool
 }
 
-func AddLimiter(tag string, l *conf.LimitConfig, users []panel.UserInfo) *Limiter {
+func AddLimiter(tag string, l *conf.LimitConfig, users []panel.UserInfo, aliveList map[int]int) *Limiter {
 	info := &Limiter{
 		SpeedLimit:    l.SpeedLimit,
 		UserOnlineIP:  new(sync.Map),
 		UserLimitInfo: new(sync.Map),
 		ConnLimiter:   NewConnLimiter(l.ConnLimit, l.IPLimit, l.EnableRealtime),
 		SpeedLimiter:  new(sync.Map),
+		AliveList:     aliveList,
+		OldUserOnline: new(sync.Map),
 	}
 	uuidmap := make(map[string]int)
 	for i := range users {
@@ -69,6 +75,7 @@ func AddLimiter(tag string, l *conf.LimitConfig, users []panel.UserInfo) *Limite
 		if users[i].DeviceLimit != 0 {
 			userLimit.DeviceLimit = users[i].DeviceLimit
 		}
+		userLimit.OverLimit = false
 		info.UserLimitInfo.Store(format.UserTag(tag, users[i].Uuid), userLimit)
 	}
 	info.UUIDtoUID = uuidmap
@@ -97,7 +104,9 @@ func DeleteLimiter(tag string) {
 func (l *Limiter) UpdateUser(tag string, added []panel.UserInfo, deleted []panel.UserInfo) {
 	for i := range deleted {
 		l.UserLimitInfo.Delete(format.UserTag(tag, deleted[i].Uuid))
+		l.UserOnlineIP.Delete(format.UserTag(tag, deleted[i].Uuid))
 		delete(l.UUIDtoUID, deleted[i].Uuid)
+		delete(l.AliveList, deleted[i].Id)
 	}
 	for i := range added {
 		userLimit := &UserLimitInfo{
@@ -110,6 +119,7 @@ func (l *Limiter) UpdateUser(tag string, added []panel.UserInfo, deleted []panel
 		if added[i].DeviceLimit != 0 {
 			userLimit.DeviceLimit = added[i].DeviceLimit
 		}
+		userLimit.OverLimit = false
 		l.UserLimitInfo.Store(format.UserTag(tag, added[i].Uuid), userLimit)
 		l.UUIDtoUID[added[i].Uuid] = added[i].Id
 	}
@@ -126,7 +136,10 @@ func (l *Limiter) UpdateDynamicSpeedLimit(tag, uuid string, limit int, expire ti
 	return nil
 }
 
-func (l *Limiter) CheckLimit(taguuid string, ip string, isTcp bool) (Bucket *ratelimit.Bucket, Reject bool) {
+func (l *Limiter) CheckLimit(taguuid string, ip string, isTcp bool, noSSUDP bool) (Bucket *ratelimit.Bucket, Reject bool) {
+	// check if ipv4 mapped ipv6
+	ip = strings.TrimPrefix(ip, "::ffff:")
+
 	// ip and conn limiter
 	if l.ConnLimiter.AddConnCount(taguuid, ip, isTcp) {
 		return nil, true
@@ -151,24 +164,36 @@ func (l *Limiter) CheckLimit(taguuid string, ip string, isTcp bool) (Bucket *rat
 		} else {
 			userLimit = determineSpeedLimit(u.SpeedLimit, u.DynamicSpeedLimit)
 		}
+	} else {
+		return nil, true
 	}
-
+	if noSSUDP {
-	// Store online user for device limit
+		// Store online user for device limit
-	ipMap := new(sync.Map)
+		ipMap := new(sync.Map)
-	ipMap.Store(ip, uid)
+		ipMap.Store(ip, uid)
-	// If any device is online
+		aliveIp := l.AliveList[uid]
-	if v, ok := l.UserOnlineIP.LoadOrStore(taguuid, ipMap); ok {
+		// If any device is online
-		ipMap := v.(*sync.Map)
+		if v, ok := l.UserOnlineIP.LoadOrStore(taguuid, ipMap); ok {
-		// If this is a new ip
+			ipMap := v.(*sync.Map)
-		if _, ok := ipMap.LoadOrStore(ip, uid); !ok {
+			// If this is a new ip
-			counter := 0
+			if _, ok := ipMap.LoadOrStore(ip, uid); !ok {
-			ipMap.Range(func(key, value interface{}) bool {
+				if deviceLimit > 0 {
-				counter++
+					if deviceLimit <= aliveIp {
-				return true
+						ipMap.Delete(ip)
-			})
+						return nil, true
-			if counter > deviceLimit && deviceLimit > 0 {
+					}
-				ipMap.Delete(ip)
+				}
-				return nil, true
+			}
+		} else if v, ok := l.OldUserOnline.Load(ip); ok {
+			if v.(int) == uid {
+				l.OldUserOnline.Delete(ip)
+			}
+		} else {
+			if deviceLimit > 0 {
+				if deviceLimit <= aliveIp {
+					l.UserOnlineIP.Delete(taguuid)
+					return nil, true
+				}
 			}
 		}
 	}
@@ -189,17 +214,17 @@ func (l *Limiter) CheckLimit(taguuid string, ip string, isTcp bool) (Bucket *rat
 
 func (l *Limiter) GetOnlineDevice() (*[]panel.OnlineUser, error) {
 	var onlineUser []panel.OnlineUser
-
 	l.UserOnlineIP.Range(func(key, value interface{}) bool {
-		email := key.(string)
+		taguuid := key.(string)
 		ipMap := value.(*sync.Map)
 		ipMap.Range(func(key, value interface{}) bool {
 			uid := value.(int)
 			ip := key.(string)
+			l.OldUserOnline.Store(ip, uid)
 			onlineUser = append(onlineUser, panel.OnlineUser{UID: uid, IP: ip})
 			return true
 		})
-		l.UserOnlineIP.Delete(email) // Reset online device
+		l.UserOnlineIP.Delete(taguuid) // Reset online device
 		return true
 	})
 
@@ -210,23 +235,3 @@ type UserIpList struct {
 	Uid    int      `json:"Uid"`
 	IpList []string `json:"Ips"`
 }
-
-func determineDeviceLimit(nodeLimit, userLimit int) (limit int) {
-	if nodeLimit == 0 || userLimit == 0 {
-		if nodeLimit > userLimit {
-			return nodeLimit
-		} else if nodeLimit < userLimit {
-			return userLimit
-		} else {
-			return 0
-		}
-	} else {
-		if nodeLimit > userLimit {
-			return userLimit
-		} else if nodeLimit < userLimit {
-			return nodeLimit
-		} else {
-			return nodeLimit
-		}
-	}
-}

main.go

@@ -1,16 +1,9 @@
 package main
 
 import (
-	//"net/http"
-	//_ "net/http/pprof"
-
 	"github.com/InazumaV/V2bX/cmd"
 )
 
 func main() {
-	//内存泄漏排查
-	//go func() {
-	//	http.ListenAndServe("127.0.0.1:6060", nil)
-	//}()
 	cmd.Run()
 }

node/controller.go

@@ -19,6 +19,7 @@ type Controller struct {
 	limiter                   *limiter.Limiter
 	traffic                   map[string]int64
 	userList                  []panel.UserInfo
+	aliveMap                  map[int]int
 	info                      *panel.NodeInfo
 	nodeInfoMonitorPeriodic   *task.Task
 	userReportPeriodic        *task.Task
@@ -54,6 +55,10 @@ func (c *Controller) Start() error {
 	if len(c.userList) == 0 {
 		return errors.New("add users error: not have any user")
 	}
+	c.aliveMap, err = c.apiClient.GetUserAlive()
+	if err != nil {
+		return fmt.Errorf("failed to get user alive list: %s", err)
+	}
 	if len(c.Options.Name) == 0 {
 		c.tag = c.buildNodeTag(node)
 	} else {
@@ -61,7 +66,7 @@ func (c *Controller) Start() error {
 	}
 
 	// add limiter
-	l := limiter.AddLimiter(c.tag, &c.LimitConfig, c.userList)
+	l := limiter.AddLimiter(c.tag, &c.LimitConfig, c.userList, c.aliveMap)
 	// add rule limiter
 	if err = l.UpdateRule(&node.Rules); err != nil {
 		return fmt.Errorf("update rule error: %s", err)

node/task.go

@@ -68,6 +68,15 @@ func (c *Controller) nodeInfoMonitor() (err error) {
 		}).Error("Get user list failed")
 		return nil
 	}
+	// get user alive
+	newA, err := c.apiClient.GetUserAlive()
+	if err != nil {
+		log.WithFields(log.Fields{
+			"tag": c.tag,
+			"err": err,
+		}).Error("Get alive list failed")
+		return nil
+	}
 	if newN != nil {
 		c.info = newN
 		// nodeInfo changed
@@ -92,9 +101,13 @@ func (c *Controller) nodeInfoMonitor() (err error) {
 			// Remove Old limiter
 			limiter.DeleteLimiter(c.tag)
 			// Add new Limiter
-			l := limiter.AddLimiter(c.tag, &c.LimitConfig, c.userList)
+			l := limiter.AddLimiter(c.tag, &c.LimitConfig, c.userList, newA)
 			c.limiter = l
 		}
+		// update alive list
+		if newA != nil {
+			c.limiter.AliveList = newA
+		}
 		// Update rule
 		err = c.limiter.UpdateRule(&newN.Rules)
 		if err != nil {
@@ -154,7 +167,10 @@ func (c *Controller) nodeInfoMonitor() (err error) {
 		// exit
 		return nil
 	}
-
+	// update alive list
+	if newA != nil {
+		c.limiter.AliveList = newA
+	}
 	// node no changed, check users
 	if len(newU) == 0 {
 		return nil
@@ -162,7 +178,7 @@ func (c *Controller) nodeInfoMonitor() (err error) {
 	deleted, added := compareUserList(c.userList, newU)
 	if len(deleted) > 0 {
 		// have deleted users
-		err = c.server.DelUsers(deleted, c.tag)
+		err = c.server.DelUsers(deleted, c.tag, c.info)
 		if err != nil {
 			log.WithFields(log.Fields{
 				"tag": c.tag,

node/user.go

@@ -1,7 +1,6 @@
 package node
 
 import (
-	"fmt"
 	"strconv"
 
 	"github.com/InazumaV/V2bX/api/panel"
@@ -15,11 +14,7 @@ func (c *Controller) reportUserTrafficTask() (err error) {
 		up, down := c.server.GetUserTraffic(c.tag, c.userList[i].Uuid, true)
 		if up > 0 || down > 0 {
 			if c.LimitConfig.EnableDynamicSpeedLimit {
-				if _, ok := c.traffic[c.userList[i].Uuid]; ok {
+				c.traffic[c.userList[i].Uuid] += up + down
-					c.traffic[c.userList[i].Uuid] += up + down
-				} else {
-					c.traffic[c.userList[i].Uuid] = up + down
-				}
 			}
 			userTraffic = append(userTraffic, panel.UserTraffic{
 				UID:      (c.userList)[i].Id,
@@ -56,18 +51,12 @@ func (c *Controller) reportUserTrafficTask() (err error) {
 				result = append(result, online)
 			}
 		}
-		reportOnline := make(map[int]int)
 		data := make(map[int][]string)
 		for _, onlineuser := range result {
 			// json structure: { UID1:["ip1","ip2"],UID2:["ip3","ip4"] }
-			data[onlineuser.UID] = append(data[onlineuser.UID], fmt.Sprintf("%s_%d", onlineuser.IP, c.info.Id))
+			data[onlineuser.UID] = append(data[onlineuser.UID], onlineuser.IP)
-			if _, ok := reportOnline[onlineuser.UID]; ok {
-				reportOnline[onlineuser.UID]++
-			} else {
-				reportOnline[onlineuser.UID] = 1
-			}
 		}
-		if err = c.apiClient.ReportNodeOnlineUsers(&data, &reportOnline); err != nil {
+		if err = c.apiClient.ReportNodeOnlineUsers(&data); err != nil {
 			log.WithFields(log.Fields{
 				"tag": c.tag,
 				"err": err,