Naive
Since sing-box 1.13.0
Structure
{
"type": "naive",
"tag": "naive-out",
"server": "127.0.0.1",
"server_port": 443,
"username": "sekai",
"password": "password",
"insecure_concurrency": 0,
"extra_headers": {},
"udp_over_tcp": false | {},
"quic": false,
"quic_congestion_control": "",
"tls": {},
... // Dial Fields
}
Platform Support
NaiveProxy outbound is only available on Apple platforms, Android, Windows and certain Linux builds.
Official Release Build Variants:
| Build Variant | Platforms | Description |
|---|---|---|
| (default) | Linux amd64/arm64 | purego build with libcronet.so included |
-glibc |
Linux 386/amd64/arm/arm64 | CGO build dynamically linked with glibc, requires glibc >= 2.31 |
-musl |
Linux 386/amd64/arm/arm64 | CGO build statically linked with musl, no system requirements |
| (default) | Windows amd64/arm64 | purego build with libcronet.dll included |
Runtime Requirements:
- Linux purego:
libcronet.somust be in the same directory as the sing-box binary or in system library path - Windows:
libcronet.dllmust be in the same directory assing-box.exeor in a directory listed inPATH
For self-built binaries, see Build from source.
Fields
server
Required
The server address.
server_port
Required
The server port.
username
Authentication username.
password
Authentication password.
insecure_concurrency
Number of concurrent tunnel connections. Multiple connections make the tunneling easier to detect through traffic analysis, which defeats the purpose of NaiveProxy's design to resist traffic analysis.
extra_headers
Extra headers to send in HTTP requests.
udp_over_tcp
UDP over TCP protocol settings.
See UDP Over TCP for details.
quic
Use QUIC instead of HTTP/2.
quic_congestion_control
QUIC congestion control algorithm.
| Algorithm | Description |
|---|---|
bbr |
BBR |
bbr2 |
BBRv2 |
cubic |
CUBIC |
reno |
New Reno |
bbr is used by default (the default of QUICHE, used by Chromium which NaiveProxy is based on).
tls
Required
TLS configuration, see TLS.
Only server_name, certificate, certificate_path and ech are supported.
Self-signed certificates change traffic behavior significantly, which defeats the purpose of NaiveProxy's design to resist traffic analysis, and should not be used in production.
Dial Fields
See Dial Fields for details.