feat: sentry debug

2026-04-12 01:57:18 +10:00 · 2023-11-05 17:15:15 +08:00
258 changed files with 2866 additions and 5120 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -44,7 +44,12 @@ body:
    attributes:
      label: Version
      description: If you are using the original command line program, please provide the output of the `sing-box version` command.
-      render: shell
+      value: |-
+        <details>
+        ```console
+        # Replace this line with the output
+        ```
+        </details>
  - type: textarea
    attributes:
      label: Description
@@ -64,4 +69,9 @@ body:
        If you encounter a crash with the graphical client, please provide crash logs.
        For Apple platform clients, please check `Settings - View Service Log` for crash logs.
        For the Android client, please check the `/sdcard/Android/data/io.nekohasekai.sfa/files/stderr.log` file for crash logs.
-      render: shell
+      value: |-
+        <details>
+        ```console
+        # Replace this line with logs
+        ```
+        </details>
--- a/.github/ISSUE_TEMPLATE/bug_report_zh.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report_zh.yml
@@ -44,7 +44,12 @@ body:
    attributes:
      label: 版本
      description: 如果您使用原始命令行程序，请提供 `sing-box version` 命令的输出。
-      render: shell
+      value: |-
+        <details>
+        ```console
+        # 使用输出内容覆盖此行
+        ```
+        </details>
  - type: textarea
    attributes:
      label: 描述
@@ -64,18 +69,9 @@ body:
        如果您遭遇图形界面应用程序崩溃，请提供崩溃日志。
        对于 Apple 平台图形客户端程序，请检查 `Settings - View Service Log` 以导出崩溃日志。
        对于 Android 图形客户端程序，请检查 `/sdcard/Android/data/io.nekohasekai.sfa/files/stderr.log` 文件以导出崩溃日志。
-      render: shell
-  - type: checkboxes
-    attributes:
-      label: 完整性要求
-      description: 我保证我提供了完整的可以在本地重现该问题的服务器、客户端配置文件与流程，而不是一个脱敏的复杂客户端配置文件，否则该 issue 将被关闭。
-      options:
-        - label: 我保证
-          required: true
-  - type: checkboxes
-    attributes:
-      label: 负责性要求
-      description: 我保证我阅读了文档，了解所有我编写的配置文件项的含义，而不是大量堆砌看似有用的选项或默认值，否则该 issue 将被关闭。
-      options:
-        - label: 我保证
-          required: true
+      value: |-
+        <details>
+        ```console
+        # 使用日志内容覆盖此行
+        ```
+        </details>
--- a/.github/workflows/debug.yml
+++ b/.github/workflows/debug.yml
@@ -22,7 +22,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
        with:
          fetch-depth: 0
      - name: Get latest go version
@@ -30,7 +30,7 @@ jobs:
        run: |
          echo go_version=$(curl -s https://raw.githubusercontent.com/actions/go-versions/main/versions-manifest.json | grep -oE '"version": "[0-9]{1}.[0-9]{1,}(.[0-9]{1,})?"' | head -1 | cut -d':' -f2 | sed 's/ //g; s/"//g') >> $GITHUB_OUTPUT
      - name: Setup Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v4
        with:
          go-version: ${{ steps.version.outputs.go_version }}
      - name: Add cache to Go proxy
@@ -50,11 +50,11 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
        with:
          fetch-depth: 0
      - name: Setup Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v4
        with:
          go-version: 1.18.10
      - name: Cache go module
@@ -70,11 +70,11 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
        with:
          fetch-depth: 0
      - name: Setup Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v4
        with:
          go-version: 1.20.7
      - name: Cache go module
@@ -201,7 +201,7 @@ jobs:
      TAGS: with_clash_api,with_quic
    steps:
      - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
        with:
          fetch-depth: 0
      - name: Get latest go version
@@ -209,7 +209,7 @@ jobs:
        run: |
          echo go_version=$(curl -s https://raw.githubusercontent.com/actions/go-versions/main/versions-manifest.json | grep -oE '"version": "[0-9]{1}.[0-9]{1,}(.[0-9]{1,})?"' | head -1 | cut -d':' -f2 | sed 's/ //g; s/"//g') >> $GITHUB_OUTPUT
      - name: Setup Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v4
        with:
          go-version: ${{ steps.version.outputs.go_version }}
      - name: Build
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -9,7 +9,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
      - name: Setup Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Setup QEMU for Docker Buildx
@@ -39,8 +39,6 @@ jobs:
        with:
          platforms: linux/386,linux/amd64,linux/arm64,linux/s390x
          target: dist
-          build-args: |
-            BUILDKIT_CONTEXT_KEEP_GIT_DIR=1
          tags: |
            ${{ steps.tag.outputs.latest }}
            ${{ steps.tag.outputs.versioned }}
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -22,7 +22,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
        with:
          fetch-depth: 0
      - name: Get latest go version
@@ -30,7 +30,7 @@ jobs:
        run: |
          echo go_version=$(curl -s https://raw.githubusercontent.com/actions/go-versions/main/versions-manifest.json | grep -oE '"version": "[0-9]{1}.[0-9]{1,}(.[0-9]{1,})?"' | head -1 | cut -d':' -f2 | sed 's/ //g; s/"//g') >> $GITHUB_OUTPUT
      - name: Setup Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v4
        with:
          go-version: ${{ steps.version.outputs.go_version }}
      - name: golangci-lint
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -8,7 +8,7 @@ jobs:
  stale:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/stale@v9
+      - uses: actions/stale@v8
        with:
          stale-issue-message: 'This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days'
          days-before-stale: 60
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -19,12 +19,10 @@ builds:
      - with_ech
      - with_utls
      - with_reality_server
-      - with_acme
      - with_clash_api
    env:
      - CGO_ENABLED=0
    targets:
-      - linux_386
      - linux_amd64_v1
      - linux_amd64_v3
      - linux_arm64
@@ -57,12 +55,11 @@ builds:
      - with_ech
      - with_utls
      - with_reality_server
-      - with_acme
      - with_clash_api
    env:
      - CGO_ENABLED=0
-      - GOROOT=/nix/store/kg6i737jjqs923jcijnm003h68c1dghj-go-1.20.11/share/go
-    gobinary: /nix/store/kg6i737jjqs923jcijnm003h68c1dghj-go-1.20.11/bin/go
+      - GOROOT=/nix/store/5h8gjl89zx8qxgc572wa3k81zplv8v4z-go-1.20.10/share/go
+    gobinary: /nix/store/5h8gjl89zx8qxgc572wa3k81zplv8v4z-go-1.20.10/bin/go
    targets:
      - windows_amd64_v1
      - windows_386
@@ -86,8 +83,6 @@ builds:
      - with_wireguard
      - with_ech
      - with_utls
-      - with_reality_server
-      - with_acme
      - with_clash_api
    env:
      - CGO_ENABLED=1
@@ -158,7 +153,6 @@ nfpms:
    formats:
      - deb
      - rpm
-      - archlinux
    priority: extra
    contents:
      - src: release/config/config.json
--- a/12
+++ b/12
@@ -1,27 +1,23 @@
-FROM --platform=$BUILDPLATFORM golang:1.21-alpine AS builder
+FROM golang:1.21-alpine AS builder
 LABEL maintainer="nekohasekai <contact-git@sekai.icu>"
 COPY . /go/src/github.com/sagernet/sing-box
 WORKDIR /go/src/github.com/sagernet/sing-box
-ARG TARGETOS TARGETARCH
 ARG GOPROXY=""
 ENV GOPROXY ${GOPROXY}
 ENV CGO_ENABLED=0
-ENV GOOS=$TARGETOS
-ENV GOARCH=$TARGETARCH
 RUN set -ex \
    && apk add git build-base \
    && export COMMIT=$(git rev-parse --short HEAD) \
    && export VERSION=$(go run ./cmd/internal/read_tag) \
-    && go build -v -trimpath -tags \
-        "with_gvisor,with_quic,with_dhcp,with_wireguard,with_ech,with_utls,with_reality_server,with_acme,with_clash_api" \
+    && go build -v -trimpath -tags with_gvisor,with_quic,with_dhcp,with_wireguard,with_ech,with_utls,with_reality_server,with_clash_api,with_acme \
        -o /go/bin/sing-box \
        -ldflags "-X \"github.com/sagernet/sing-box/constant.Version=$VERSION\" -s -w -buildid=" \
        ./cmd/sing-box
-FROM --platform=$TARGETPLATFORM alpine AS dist
+FROM alpine AS dist
 LABEL maintainer="nekohasekai <contact-git@sekai.icu>"
 RUN set -ex \
    && apk upgrade \
    && apk add bash tzdata ca-certificates \
    && rm -rf /var/cache/apk/*
 COPY --from=builder /go/bin/sing-box /usr/local/bin/sing-box
-ENTRYPOINT ["sing-box"]
+ENTRYPOINT ["sing-box"]
--- a/25
+++ b/25
@@ -3,7 +3,7 @@ COMMIT = $(shell git rev-parse --short HEAD)
 TAGS_GO118 = with_gvisor,with_dhcp,with_wireguard,with_utls,with_reality_server,with_clash_api
 TAGS_GO120 = with_quic,with_ech
 TAGS ?= $(TAGS_GO118),$(TAGS_GO120)
-TAGS_TEST ?= with_gvisor,with_quic,with_wireguard,with_grpc,with_ech,with_utls,with_reality_server
+TAGS_TEST ?= with_gvisor,with_quic,with_wireguard,with_grpc,with_ech,with_utls,with_reality_server,with_shadowsocksr

 GOHOSTOS = $(shell go env GOHOSTOS)
 GOHOSTARCH = $(shell go env GOHOSTARCH)
@@ -14,7 +14,7 @@ MAIN_PARAMS = $(PARAMS) -tags $(TAGS)
 MAIN = ./cmd/sing-box
 PREFIX ?= $(shell go env GOPATH)

-.PHONY: test release docs
+.PHONY: test release

 build:
 	go build $(MAIN_PARAMS) $(MAIN)
@@ -61,7 +61,7 @@ proto_install:
 release:
 	go run ./cmd/internal/build goreleaser release --clean --skip-publish || exit 1
 	mkdir dist/release
-	mv dist/*.tar.gz dist/*.zip dist/*.deb dist/*.rpm dist/*.pkg.tar.zst dist/release
+	mv dist/*.tar.gz dist/*.zip dist/*.deb dist/*.rpm dist/release
 	ghr --replace --draft --prerelease -p 3 "v${VERSION}" dist/release
 	rm -r dist/release

@@ -73,21 +73,18 @@ update_android_version:
 	go run ./cmd/internal/update_android_version

 build_android:
-	cd ../sing-box-for-android && ./gradlew :app:assemblePlayRelease && ./gradlew --stop
+	cd ../sing-box-for-android && ./gradlew :app:assembleRelease && ./gradlew --stop

 upload_android:
 	mkdir -p dist/release_android
-	cp ../sing-box-for-android/app/build/outputs/apk/play/release/*.apk dist/release_android
+	cp ../sing-box-for-android/app/build/outputs/apk/release/*.apk dist/release_android
 	ghr --replace --draft --prerelease -p 3 "v${VERSION}" dist/release_android
 	rm -rf dist/release_android

 release_android: lib_android update_android_version build_android upload_android

 publish_android:
-	cd ../sing-box-for-android && ./gradlew :app:publishPlayReleaseBundle
-
-publish_android_appcenter:
-	cd ../sing-box-for-android && ./gradlew :app:appCenterAssembleAndUploadPlayRelease
+	cd ../sing-box-for-android && ./gradlew :app:appCenterAssembleAndUploadRelease

 build_ios:
 	cd ../sing-box-for-apple && \
@@ -152,8 +149,10 @@ update_apple_version:
 	go run ./cmd/internal/update_apple_version

 release_apple: lib_ios update_apple_version release_ios release_macos release_tvos release_macos_independent
+	rm -rf dist

 release_apple_beta: update_apple_version release_ios release_macos release_tvos
+	rm -rf dist

 test:
 	@go test -v ./... && \
@@ -182,14 +181,6 @@ lib_install:
 	go install -v github.com/sagernet/gomobile/cmd/gomobile@v0.0.0-20230915142329-c6740b6d2950
 	go install -v github.com/sagernet/gomobile/cmd/gobind@v0.0.0-20230915142329-c6740b6d2950

-docs:
-	mkdocs serve
-
-publish_docs:
-	mkdocs gh-deploy -m "Update" --force --ignore-version --no-history
-
-docs_install:
-	pip install --force-reinstall mkdocs-material=="9.*" mkdocs-static-i18n=="1.2.*"
 clean:
 	rm -rf bin dist sing-box
 	rm -f $(shell go env GOPATH)/sing-box
--- a/adapter/conn_router.go
+++ b/adapter/conn_router.go
@@ -1,104 +0,0 @@
-package adapter
-
-import (
-	"context"
-	"net"
-
-	"github.com/sagernet/sing/common/logger"
-	M "github.com/sagernet/sing/common/metadata"
-	N "github.com/sagernet/sing/common/network"
-)
-
-type ConnectionRouter interface {
-	RouteConnection(ctx context.Context, conn net.Conn, metadata InboundContext) error
-	RoutePacketConnection(ctx context.Context, conn N.PacketConn, metadata InboundContext) error
-}
-
-func NewRouteHandler(
-	metadata InboundContext,
-	router ConnectionRouter,
-	logger logger.ContextLogger,
-) UpstreamHandlerAdapter {
-	return &routeHandlerWrapper{
-		metadata: metadata,
-		router:   router,
-		logger:   logger,
-	}
-}
-
-func NewRouteContextHandler(
-	router ConnectionRouter,
-	logger logger.ContextLogger,
-) UpstreamHandlerAdapter {
-	return &routeContextHandlerWrapper{
-		router: router,
-		logger: logger,
-	}
-}
-
-var _ UpstreamHandlerAdapter = (*routeHandlerWrapper)(nil)
-
-type routeHandlerWrapper struct {
-	metadata InboundContext
-	router   ConnectionRouter
-	logger   logger.ContextLogger
-}
-
-func (w *routeHandlerWrapper) NewConnection(ctx context.Context, conn net.Conn, metadata M.Metadata) error {
-	myMetadata := w.metadata
-	if metadata.Source.IsValid() {
-		myMetadata.Source = metadata.Source
-	}
-	if metadata.Destination.IsValid() {
-		myMetadata.Destination = metadata.Destination
-	}
-	return w.router.RouteConnection(ctx, conn, myMetadata)
-}
-
-func (w *routeHandlerWrapper) NewPacketConnection(ctx context.Context, conn N.PacketConn, metadata M.Metadata) error {
-	myMetadata := w.metadata
-	if metadata.Source.IsValid() {
-		myMetadata.Source = metadata.Source
-	}
-	if metadata.Destination.IsValid() {
-		myMetadata.Destination = metadata.Destination
-	}
-	return w.router.RoutePacketConnection(ctx, conn, myMetadata)
-}
-
-func (w *routeHandlerWrapper) NewError(ctx context.Context, err error) {
-	w.logger.ErrorContext(ctx, err)
-}
-
-var _ UpstreamHandlerAdapter = (*routeContextHandlerWrapper)(nil)
-
-type routeContextHandlerWrapper struct {
-	router ConnectionRouter
-	logger logger.ContextLogger
-}
-
-func (w *routeContextHandlerWrapper) NewConnection(ctx context.Context, conn net.Conn, metadata M.Metadata) error {
-	myMetadata := ContextFrom(ctx)
-	if metadata.Source.IsValid() {
-		myMetadata.Source = metadata.Source
-	}
-	if metadata.Destination.IsValid() {
-		myMetadata.Destination = metadata.Destination
-	}
-	return w.router.RouteConnection(ctx, conn, *myMetadata)
-}
-
-func (w *routeContextHandlerWrapper) NewPacketConnection(ctx context.Context, conn N.PacketConn, metadata M.Metadata) error {
-	myMetadata := ContextFrom(ctx)
-	if metadata.Source.IsValid() {
-		myMetadata.Source = metadata.Source
-	}
-	if metadata.Destination.IsValid() {
-		myMetadata.Destination = metadata.Destination
-	}
-	return w.router.RoutePacketConnection(ctx, conn, *myMetadata)
-}
-
-func (w *routeContextHandlerWrapper) NewError(ctx context.Context, err error) {
-	w.logger.ErrorContext(ctx, err)
-}
--- a/adapter/experimental.go
+++ b/adapter/experimental.go
@@ -43,7 +43,7 @@ type OutboundGroup interface {

 type URLTestGroup interface {
 	OutboundGroup
-	URLTest(ctx context.Context) (map[string]uint16, error)
+	URLTest(ctx context.Context, url string) (map[string]uint16, error)
 }

 func OutboundTag(detour Outbound) string {
--- a/adapter/router.go
+++ b/adapter/router.go
@@ -2,12 +2,14 @@ package adapter

 import (
 	"context"
+	"net"
 	"net/netip"

 	"github.com/sagernet/sing-box/common/geoip"
 	"github.com/sagernet/sing-dns"
 	"github.com/sagernet/sing-tun"
 	"github.com/sagernet/sing/common/control"
+	N "github.com/sagernet/sing/common/network"
 	"github.com/sagernet/sing/service"

 	mdns "github.com/miekg/dns"
@@ -15,7 +17,6 @@ import (

 type Router interface {
 	Service
-	PostStarter

 	Outbounds() []Outbound
 	Outbound(tag string) (Outbound, bool)
@@ -23,7 +24,8 @@ type Router interface {

 	FakeIPStore() FakeIPStore

-	ConnectionRouter
+	RouteConnection(ctx context.Context, conn net.Conn, metadata InboundContext) error
+	RoutePacketConnection(ctx context.Context, conn N.PacketConn, metadata InboundContext) error

 	GeoIPReader() *geoip.Reader
 	LoadGeosite(code string) (Rule, error)
@@ -42,7 +44,6 @@ type Router interface {
 	NetworkMonitor() tun.NetworkUpdateMonitor
 	InterfaceMonitor() tun.DefaultInterfaceMonitor
 	PackageManager() tun.PackageManager
-	WIFIState() WIFIState
 	Rules() []Rule

 	ClashServer() ClashServer
@@ -80,8 +81,3 @@ type DNSRule interface {
 type InterfaceUpdateListener interface {
 	InterfaceUpdated()
 }
-
-type WIFIState struct {
-	SSID  string
-	BSSID string
-}
--- a/box.go
+++ b/box.go
@@ -41,7 +41,6 @@ type Options struct {
 	option.Options
 	Context           context.Context
 	PlatformInterface platform.Interface
-	PlatformLogWriter log.PlatformWriter
 }

 func New(options Options) (*Box, error) {
@@ -56,7 +55,7 @@ func New(options Options) (*Box, error) {
 	applyDebugOptions(common.PtrValueOrDefault(experimentalOptions.Debug))
 	var needClashAPI bool
 	var needV2RayAPI bool
-	if experimentalOptions.ClashAPI != nil || options.PlatformLogWriter != nil {
+	if experimentalOptions.ClashAPI != nil || options.PlatformInterface != nil {
 		needClashAPI = true
 	}
 	if experimentalOptions.V2RayAPI != nil && experimentalOptions.V2RayAPI.Listen != "" {
@@ -72,7 +71,7 @@ func New(options Options) (*Box, error) {
 		Observable:     needClashAPI,
 		DefaultWriter:  defaultLogWriter,
 		BaseTime:       createdAt,
-		PlatformWriter: options.PlatformLogWriter,
+		PlatformWriter: options.PlatformInterface,
 	})
 	if err != nil {
 		return nil, E.Cause(err, "create log factory")
@@ -258,7 +257,7 @@ func (s *Box) start() error {
 			return E.Cause(err, "initialize inbound/", in.Type(), "[", tag, "]")
 		}
 	}
-	return s.postStart()
+	return nil
 }

 func (s *Box) postStart() error {
@@ -269,17 +268,16 @@ func (s *Box) postStart() error {
 			return E.Cause(err, "start ", serviceName)
 		}
 	}
-	for _, outbound := range s.outbounds {
-		if lateOutbound, isLateOutbound := outbound.(adapter.PostStarter); isLateOutbound {
-			s.logger.Trace("post-starting outbound/", outbound.Tag())
-			err := lateOutbound.PostStart()
+	for serviceName, service := range s.outbounds {
+		if lateService, isLateService := service.(adapter.PostStarter); isLateService {
+			s.logger.Trace("post-starting ", service)
+			err := lateService.PostStart()
 			if err != nil {
-				return E.Cause(err, "post-start outbound/", outbound.Tag())
+				return E.Cause(err, "post-start ", serviceName)
 			}
 		}
 	}
-	s.logger.Trace("post-starting router")
-	return s.router.PostStart()
+	return nil
 }

 func (s *Box) Close() error {
--- a/cmd/internal/build/main.go
+++ b/cmd/internal/build/main.go
@@ -12,7 +12,7 @@ import (
 func main() {
 	build_shared.FindSDK()

-	if os.Getenv("GOPATH") == "" {
+	if os.Getenv("build.Default.GOPATH") == "" {
 		os.Setenv("GOPATH", build.Default.GOPATH)
 	}

--- a/cmd/internal/build_shared/tag.go
+++ b/cmd/internal/build_shared/tag.go
@@ -17,6 +17,9 @@ func ReadTag() (string, error) {
 	}
 	shortCommit, _ := shell.Exec("git", "rev-parse", "--short", "HEAD").ReadOutput()
 	version := badversion.Parse(currentTagRev[1:])
+	if version.PreReleaseIdentifier == "" {
+		version.Patch++
+	}
 	return version.String() + "-" + shortCommit, nil
 }

--- a/cmd/sing-box/main.go
+++ b/cmd/sing-box/main.go
@@ -1,6 +1,7 @@
 package main

 import (
+	"github.com/getsentry/sentry-go"
 	"os"
 	"time"

@@ -15,6 +16,7 @@ var (
 	configDirectories []string
 	workingDir        string
 	disableColor      bool
+	enableDebug       bool
 )

 var mainCommand = &cobra.Command{
@@ -27,12 +29,25 @@ func init() {
 	mainCommand.PersistentFlags().StringArrayVarP(&configDirectories, "config-directory", "C", nil, "set configuration directory path")
 	mainCommand.PersistentFlags().StringVarP(&workingDir, "directory", "D", "", "set working directory")
 	mainCommand.PersistentFlags().BoolVarP(&disableColor, "disable-color", "", false, "disable color output")
+	mainCommand.PersistentFlags().BoolVarP(&enableDebug, "debug", "", false, "enable sentry debug mode")
 }

 func main() {
 	if err := mainCommand.Execute(); err != nil {
 		log.Fatal(err)
 	}
+
+	if enableDebug {
+		err := sentry.Init(sentry.ClientOptions{
+			Dsn: "",
+		})
+
+		if err != nil {
+			log.Fatal("sentry.Init: %s", err)
+		}
+
+		defer sentry.Flush(2 * time.Second)
+	}
 }

 func preRun(cmd *cobra.Command, args []string) {
--- a/common/mux/client.go
+++ b/common/mux/client.go
@@ -1,42 +1,21 @@
 package mux

 import (
-	C "github.com/sagernet/sing-box/constant"
 	"github.com/sagernet/sing-box/option"
 	"github.com/sagernet/sing-mux"
-	E "github.com/sagernet/sing/common/exceptions"
-	"github.com/sagernet/sing/common/logger"
 	N "github.com/sagernet/sing/common/network"
 )

-type Client = mux.Client
-
-func NewClientWithOptions(dialer N.Dialer, logger logger.Logger, options option.OutboundMultiplexOptions) (*Client, error) {
+func NewClientWithOptions(dialer N.Dialer, options option.MultiplexOptions) (*Client, error) {
 	if !options.Enabled {
 		return nil, nil
 	}
-	var brutalOptions mux.BrutalOptions
-	if options.Brutal != nil && options.Brutal.Enabled {
-		brutalOptions = mux.BrutalOptions{
-			Enabled:    true,
-			SendBPS:    uint64(options.Brutal.UpMbps * C.MbpsToBps),
-			ReceiveBPS: uint64(options.Brutal.DownMbps * C.MbpsToBps),
-		}
-		if brutalOptions.SendBPS < mux.BrutalMinSpeedBPS {
-			return nil, E.New("brutal: invalid upload speed")
-		}
-		if brutalOptions.ReceiveBPS < mux.BrutalMinSpeedBPS {
-			return nil, E.New("brutal: invalid download speed")
-		}
-	}
 	return mux.NewClient(mux.Options{
 		Dialer:         dialer,
-		Logger:         logger,
 		Protocol:       options.Protocol,
 		MaxConnections: options.MaxConnections,
 		MinStreams:     options.MinStreams,
 		MaxStreams:     options.MaxStreams,
 		Padding:        options.Padding,
-		Brutal:         brutalOptions,
 	})
 }
--- a/common/mux/protocol.go
+++ b/common/mux/protocol.go
@@ -0,0 +1,14 @@
+package mux
+
+import (
+	"github.com/sagernet/sing-mux"
+)
+
+type (
+	Client = mux.Client
+)
+
+var (
+	Destination      = mux.Destination
+	HandleConnection = mux.HandleConnection
+)
--- a/common/mux/router.go
+++ b/common/mux/router.go
@@ -1,65 +0,0 @@
-package mux
-
-import (
-	"context"
-	"net"
-
-	"github.com/sagernet/sing-box/adapter"
-	C "github.com/sagernet/sing-box/constant"
-	"github.com/sagernet/sing-box/log"
-	"github.com/sagernet/sing-box/option"
-	"github.com/sagernet/sing-mux"
-	E "github.com/sagernet/sing/common/exceptions"
-	"github.com/sagernet/sing/common/logger"
-	N "github.com/sagernet/sing/common/network"
-)
-
-type Router struct {
-	router  adapter.ConnectionRouter
-	service *mux.Service
-}
-
-func NewRouterWithOptions(router adapter.ConnectionRouter, logger logger.ContextLogger, options option.InboundMultiplexOptions) (adapter.ConnectionRouter, error) {
-	if !options.Enabled {
-		return router, nil
-	}
-	var brutalOptions mux.BrutalOptions
-	if options.Brutal != nil && options.Brutal.Enabled {
-		brutalOptions = mux.BrutalOptions{
-			Enabled:    true,
-			SendBPS:    uint64(options.Brutal.UpMbps * C.MbpsToBps),
-			ReceiveBPS: uint64(options.Brutal.DownMbps * C.MbpsToBps),
-		}
-		if brutalOptions.SendBPS < mux.BrutalMinSpeedBPS {
-			return nil, E.New("brutal: invalid upload speed")
-		}
-		if brutalOptions.ReceiveBPS < mux.BrutalMinSpeedBPS {
-			return nil, E.New("brutal: invalid download speed")
-		}
-	}
-	service, err := mux.NewService(mux.ServiceOptions{
-		NewStreamContext: func(ctx context.Context, conn net.Conn) context.Context {
-			return log.ContextWithNewID(ctx)
-		},
-		Logger:  logger,
-		Handler: adapter.NewRouteContextHandler(router, logger),
-		Padding: options.Padding,
-		Brutal:  brutalOptions,
-	})
-	if err != nil {
-		return nil, err
-	}
-	return &Router{router, service}, nil
-}
-
-func (r *Router) RouteConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error {
-	if metadata.Destination == mux.Destination {
-		return r.service.NewConnection(adapter.WithContext(ctx, &metadata), conn, adapter.UpstreamMetadata(metadata))
-	} else {
-		return r.router.RouteConnection(ctx, conn, metadata)
-	}
-}
-
-func (r *Router) RoutePacketConnection(ctx context.Context, conn N.PacketConn, metadata adapter.InboundContext) error {
-	return r.router.RoutePacketConnection(ctx, conn, metadata)
-}
--- a/common/mux/v2ray_legacy.go
+++ b/common/mux/v2ray_legacy.go
@@ -1,32 +0,0 @@
-package mux
-
-import (
-	"context"
-	"net"
-
-	"github.com/sagernet/sing-box/adapter"
-	vmess "github.com/sagernet/sing-vmess"
-	"github.com/sagernet/sing/common/logger"
-	N "github.com/sagernet/sing/common/network"
-)
-
-type V2RayLegacyRouter struct {
-	router adapter.ConnectionRouter
-	logger logger.ContextLogger
-}
-
-func NewV2RayLegacyRouter(router adapter.ConnectionRouter, logger logger.ContextLogger) adapter.ConnectionRouter {
-	return &V2RayLegacyRouter{router, logger}
-}
-
-func (r *V2RayLegacyRouter) RouteConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error {
-	if metadata.Destination.Fqdn == vmess.MuxDestination.Fqdn {
-		r.logger.InfoContext(ctx, "inbound legacy multiplex connection")
-		return vmess.HandleMuxConnection(ctx, conn, adapter.NewRouteHandler(metadata, r.router, r.logger))
-	}
-	return r.router.RouteConnection(ctx, conn, metadata)
-}
-
-func (r *V2RayLegacyRouter) RoutePacketConnection(ctx context.Context, conn N.PacketConn, metadata adapter.InboundContext) error {
-	return r.router.RoutePacketConnection(ctx, conn, metadata)
-}
--- a/common/sniff/quic.go
+++ b/common/sniff/quic.go
@@ -182,52 +182,11 @@ func QUICClientHello(ctx context.Context, packet []byte) (*adapter.InboundContex
 			break
 		}
 		switch frameType {
-		case 0x00: // PADDING
+		case 0x0:
 			continue
-		case 0x01: // PING
+		case 0x1:
 			continue
-		case 0x02, 0x03: // ACK
-			_, err = qtls.ReadUvarint(decryptedReader) // Largest Acknowledged
-			if err != nil {
-				return nil, err
-			}
-			_, err = qtls.ReadUvarint(decryptedReader) // ACK Delay
-			if err != nil {
-				return nil, err
-			}
-			ackRangeCount, err := qtls.ReadUvarint(decryptedReader) // ACK Range Count
-			if err != nil {
-				return nil, err
-			}
-			_, err = qtls.ReadUvarint(decryptedReader) // First ACK Range
-			if err != nil {
-				return nil, err
-			}
-			for i := 0; i < int(ackRangeCount); i++ {
-				_, err = qtls.ReadUvarint(decryptedReader) // Gap
-				if err != nil {
-					return nil, err
-				}
-				_, err = qtls.ReadUvarint(decryptedReader) // ACK Range Length
-				if err != nil {
-					return nil, err
-				}
-			}
-			if frameType == 0x03 {
-				_, err = qtls.ReadUvarint(decryptedReader) // ECT0 Count
-				if err != nil {
-					return nil, err
-				}
-				_, err = qtls.ReadUvarint(decryptedReader) // ECT1 Count
-				if err != nil {
-					return nil, err
-				}
-				_, err = qtls.ReadUvarint(decryptedReader) // ECN-CE Count
-				if err != nil {
-					return nil, err
-				}
-			}
-		case 0x06: // CRYPTO
+		case 0x6:
 			var offset uint64
 			offset, err = qtls.ReadUvarint(decryptedReader)
 			if err != nil {
@@ -249,26 +208,8 @@ func QUICClientHello(ctx context.Context, packet []byte) (*adapter.InboundContex
 			if err != nil {
 				return nil, err
 			}
-		case 0x1c: // CONNECTION_CLOSE
-			_, err = qtls.ReadUvarint(decryptedReader) // Error Code
-			if err != nil {
-				return nil, err
-			}
-			_, err = qtls.ReadUvarint(decryptedReader) // Frame Type
-			if err != nil {
-				return nil, err
-			}
-			var length uint64
-			length, err = qtls.ReadUvarint(decryptedReader) // Reason Phrase Length
-			if err != nil {
-				return nil, err
-			}
-			_, err = decryptedReader.Seek(int64(length), io.SeekCurrent) // Reason Phrase
-			if err != nil {
-				return nil, err
-			}
 		default:
-			return nil, os.ErrInvalid
+			// ignore unknown frame type
 		}
 	}
 	tlsHdr := make([]byte, 5)
--- a/common/uot/router.go
+++ b/common/uot/router.go
@@ -1,53 +0,0 @@
-package uot
-
-import (
-	"context"
-	"net"
-	"net/netip"
-
-	"github.com/sagernet/sing-box/adapter"
-	E "github.com/sagernet/sing/common/exceptions"
-	"github.com/sagernet/sing/common/logger"
-	M "github.com/sagernet/sing/common/metadata"
-	N "github.com/sagernet/sing/common/network"
-	"github.com/sagernet/sing/common/uot"
-)
-
-var _ adapter.ConnectionRouter = (*Router)(nil)
-
-type Router struct {
-	router adapter.ConnectionRouter
-	logger logger.ContextLogger
-}
-
-func NewRouter(router adapter.ConnectionRouter, logger logger.ContextLogger) *Router {
-	return &Router{router, logger}
-}
-
-func (r *Router) RouteConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error {
-	switch metadata.Destination.Fqdn {
-	case uot.MagicAddress:
-		request, err := uot.ReadRequest(conn)
-		if err != nil {
-			return E.Cause(err, "read UoT request")
-		}
-		if request.IsConnect {
-			r.logger.InfoContext(ctx, "inbound UoT connect connection to ", request.Destination)
-		} else {
-			r.logger.InfoContext(ctx, "inbound UoT connection to ", request.Destination)
-		}
-		metadata.Domain = metadata.Destination.Fqdn
-		metadata.Destination = request.Destination
-		return r.router.RoutePacketConnection(ctx, uot.NewConn(conn, *request), metadata)
-	case uot.LegacyMagicAddress:
-		r.logger.InfoContext(ctx, "inbound legacy UoT connection")
-		metadata.Domain = metadata.Destination.Fqdn
-		metadata.Destination = M.Socksaddr{Addr: netip.IPv4Unspecified()}
-		return r.RoutePacketConnection(ctx, uot.NewConn(conn, uot.Request{}), metadata)
-	}
-	return r.router.RouteConnection(ctx, conn, metadata)
-}
-
-func (r *Router) RoutePacketConnection(ctx context.Context, conn N.PacketConn, metadata adapter.InboundContext) error {
-	return r.router.RoutePacketConnection(ctx, conn, metadata)
-}
--- a/constant/speed.go
+++ b/constant/speed.go
@@ -1,3 +0,0 @@
-package constant
-
-const MbpsToBps = 125000
--- a/constant/v2ray.go
+++ b/constant/v2ray.go
@@ -1,9 +1,8 @@
 package constant

 const (
-	V2RayTransportTypeHTTP        = "http"
-	V2RayTransportTypeWebsocket   = "ws"
-	V2RayTransportTypeQUIC        = "quic"
-	V2RayTransportTypeGRPC        = "grpc"
-	V2RayTransportTypeHTTPUpgrade = "httpupgrade"
+	V2RayTransportTypeHTTP      = "http"
+	V2RayTransportTypeWebsocket = "ws"
+	V2RayTransportTypeQUIC      = "quic"
+	V2RayTransportTypeGRPC      = "grpc"
 )
--- a/docs/changelog.md
+++ b/docs/changelog.md
@@ -1,204 +1,16 @@
---
-icon: material/alert-decagram
---
-
-# ChangeLog
-
-#### 1.7.6
-
-* Fixes and improvements
-
-#### 1.7.5
-
-* Fixes and improvements
-
-#### 1.7.4
-
-* Fixes and improvements
-
-_Due to the long waiting time, this version is no longer waiting for approval 
-by the Apple App Store, so updates to Apple Platforms will be delayed._
-
-#### 1.7.2
-
-* Fixes and improvements
-
-#### 1.7.1
-
-* Fixes and improvements
-
-#### 1.7.0
-
-* Fixes and improvements
-
-Important changes since 1.6:
-
-* Add [exclude route support](/configuration/inbound/tun/) for TUN inbound
-* Add `udp_disable_domain_unmapping` [inbound listen option](/configuration/shared/listen/) **1**
-* Add [HTTPUpgrade V2Ray transport](/configuration/shared/v2ray-transport#HTTPUpgrade) support **2**
-* Migrate multiplex and UoT server to inbound **3**
-* Add TCP Brutal support for multiplex **4**
-* Add `wifi_ssid` and `wifi_bssid` route and DNS rules **5**
-* Update quic-go to v0.40.0
-* Update gVisor to 20231113.0
-
-**1**:
-
-If enabled, for UDP proxy requests addressed to a domain,
-the original packet address will be sent in the response instead of the mapped domain.
-
-This option is used for compatibility with clients that
-do not support receiving UDP packets with domain addresses, such as Surge.
-
-**2**:
-
-Introduced in V2Ray 5.10.0.
-
-The new HTTPUpgrade transport has better performance than WebSocket and is better suited for CDN abuse.
-
-**3**:
-
-Starting in 1.7.0, multiplexing support is no longer enabled by default
-and needs to be turned on explicitly in inbound options.
-
-**4**
-
-Hysteria Brutal Congestion Control Algorithm in TCP. A kernel module needs to be installed on the Linux server,
-see [TCP Brutal](/configuration/shared/tcp-brutal/) for details.
-
-**5**:
-
-Only supported in graphical clients on Android and iOS.
-
-#### 1.7.0-rc.3
-
-* Fixes and improvements
-
-#### 1.6.7
-
-* macOS: Add button for uninstall SystemExtension in the standalone graphical client
-* Fix missing UDP user context on TUIC/Hysteria2 inbounds
-* Fixes and improvements
-
-#### 1.7.0-rc.2
-
-* Fix missing UDP user context on TUIC/Hysteria2 inbounds
-* macOS: Add button for uninstall SystemExtension in the standalone graphical client
-
-#### 1.6.6
-
-* Fixes and improvements
-
-#### 1.7.0-rc.1
-
-* Fixes and improvements
-
-#### 1.7.0-beta.5
-
-* Update gVisor to 20231113.0
-* Fixes and improvements
-
-#### 1.7.0-beta.4
-
-* Add `wifi_ssid` and `wifi_bssid` route and DNS rules **1**
-* Fixes and improvements
-
-**1**:
-
-Only supported in graphical clients on Android and iOS.
-
-#### 1.7.0-beta.3
-
-* Fix zero TTL was incorrectly reset
-* Fixes and improvements
-
-#### 1.6.5
-
-* Fix crash if TUIC inbound authentication failed
-* Fixes and improvements
-
-#### 1.7.0-beta.2
-
-* Fix crash if TUIC inbound authentication failed
-* Update quic-go to v0.40.0
-* Fixes and improvements
-
-#### 1.6.4
-
-* Fixes and improvements
-
-#### 1.7.0-beta.1
-
-* Fixes and improvements
-
-#### 1.6.3
-
-* iOS/Android: Fix profile auto update
-* Fixes and improvements
-
-#### 1.7.0-alpha.11
-
-* iOS/Android: Fix profile auto update
-* Fixes and improvements
-
-#### 1.7.0-alpha.10
-
-* Fix tcp-brutal not working with TLS
-* Fix Android client not closing in some cases
-* Fixes and improvements
-
-#### 1.6.2
-
-* Fixes and improvements
-
-#### 1.6.1
-
-* Our [Android client](/installation/clients/sfa/) is now available in the Google Play Store ▶️
-* Fixes and improvements
-
-#### 1.7.0-alpha.6
-
-* Fixes and improvements
-
-#### 1.7.0-alpha.4
-
-* Migrate multiplex and UoT server to inbound **1**
-* Add TCP Brutal support for multiplex **2**
-
-**1**:
-
-Starting in 1.7.0, multiplexing support is no longer enabled by default and needs to be turned on explicitly in inbound
-options.
-
-**2**
-
-Hysteria Brutal Congestion Control Algorithm in TCP. A kernel module needs to be installed on the Linux server,
-see [TCP Brutal](/configuration/shared/tcp-brutal/) for details.
-
-#### 1.7.0-alpha.3
-
-* Add [HTTPUpgrade V2Ray transport](/configuration/shared/v2ray-transport#HTTPUpgrade) support **1**
-* Fixes and improvements
-
-**1**:
-
-Introduced in V2Ray 5.10.0.
-
-The new HTTPUpgrade transport has better performance than WebSocket and is better suited for CDN abuse.
-
 #### 1.6.0

 * Fixes and improvements

 Important changes since 1.5:

-* Our [Apple tvOS client](/installation/clients/sft/) is now available in the App Store 🍎
+* Our [Apple tvOS client](/installation/clients/sft) is now available in the App Store 🍎
 * Update BBR congestion control for TUIC and Hysteria2 **1**
 * Update brutal congestion control for Hysteria2
 * Add `brutal_debug` option for Hysteria2
 * Update legacy Hysteria protocol **2**
 * Add TLS self sign key pair generate command
-* Remove [Deprecated Features](/deprecated/) by agreement
+* Remove [Deprecated Features](/deprecated) by agreement

 **1**:

@@ -210,23 +22,6 @@ This update is intended to address the multi-send defects of the old implementat
 Based on discussions with the original author, the brutal CC and QUIC protocol parameters of
 the old protocol (Hysteria 1) have been updated to be consistent with Hysteria 2

-#### 1.7.0-alpha.2
-
-* Fix bugs introduced in 1.7.0-alpha.1
-
-#### 1.7.0-alpha.1
-
-* Add [exclude route support](/configuration/inbound/tun/) for TUN inbound
-* Add `udp_disable_domain_unmapping` [inbound listen option](/configuration/shared/listen/) **1**
-* Fixes and improvements
-
-**1**:
-
-If enabled, for UDP proxy requests addressed to a domain,
-the original packet address will be sent in the response instead of the mapped domain.
-
-This option is used for compatibility with clients that
-do not support receiving UDP packets with domain addresses, such as Surge.

 #### 1.5.5

@@ -240,8 +35,8 @@ When `auto_route` is enabled and `strict_route` is disabled, the device can now

 **2**:

-Built using Go 1.20, the last version that will run on
-Windows 7, 8, Server 2008, Server 2012 and macOS 10.13 High Sierra, 10.14 Mojave.
+Built using Go 1.20, the last version that will run on Windows 7, 8, Server 2008, Server 2012 and macOS 10.13 High Sierra, 10.14 Mojave.
+

 #### 1.6.0-rc.4

@@ -254,8 +49,7 @@ Windows 7, 8, Server 2008, Server 2012 and macOS 10.13 High Sierra, 10.14 Mojave

 **1**:

-Built using Go 1.20, the last version that will run on
-Windows 7, 8, Server 2008, Server 2012 and macOS 10.13 High Sierra, 10.14 Mojave.
+Built using Go 1.20, the last version that will run on Windows 7, 8, Server 2008, Server 2012 and macOS 10.13 High Sierra, 10.14 Mojave.

 #### 1.6.0-beta.4

@@ -289,24 +83,6 @@ the old protocol (Hysteria 1) have been updated to be consistent with Hysteria 2
 * Update golang.org/x/net to v0.17.0
 * Fixes and improvements

-#### 1.6.0-beta.3
-
-* Update the legacy Hysteria protocol **1**
-* Fixes and improvements
-
-**1**
-
-Based on discussions with the original author, the brutal CC and QUIC protocol parameters of
-the old protocol (Hysteria 1) have been updated to be consistent with Hysteria 2
-
-#### 1.6.0-beta.2
-
-* Add TLS self sign key pair generate command
-* Update brutal congestion control for Hysteria2
-* Fix Clash cache crash on arm32 devices
-* Update golang.org/x/net to v0.17.0
-* Fixes and improvements
-
 #### 1.5.3

 * Fix compatibility with Android 14
@@ -335,7 +111,7 @@ introduce new issues.

 #### 1.5.2

-* Our [Apple tvOS client](/installation/clients/sft/) is now available in the App Store 🍎
+* Our [Apple tvOS client](/installation/clients/sft) is now available in the App Store 🍎
 * Fixes and improvements

 #### 1.6.0-alpha.3
@@ -355,7 +131,7 @@ introduce new issues.
 * Update BBR congestion control for TUIC and Hysteria2 **1**
 * Update quic-go to v0.39.0
 * Update gVisor to 20230814.0
-* Remove [Deprecated Features](/deprecated/) by agreement
+* Remove [Deprecated Features](/deprecated) by agreement
 * Fixes and improvements

 **1**:
@@ -369,7 +145,7 @@ This update is intended to address the multi-send defects of the old implementat

 Important changes since 1.4:

-* Add TLS [ECH server](/configuration/shared/tls/) support
+* Add TLS [ECH server](/configuration/shared/tls) support
 * Improve TLS TCH client configuration
 * Add TLS ECH key pair generator **1**
 * Add TLS ECH support for QUIC based protocols **2**
@@ -378,7 +154,7 @@ Important changes since 1.4:
 * Add `interrupt_exist_connections` option for `Selector` and `URLTest` outbounds **4**
 * Add DNS01 challenge support for ACME TLS certificate issuer **5**
 * Add `merge` command **6**
-* Mark [Deprecated Features](/deprecated/)
+* Mark [Deprecated Features](/deprecated)

 **1**:

@@ -390,7 +166,7 @@ All inbounds and outbounds are supported, including `Naiveproxy`, `Hysteria[/2]`

 **3**:

-See [Hysteria2 inbound](/configuration/inbound/hysteria2/) and [Hysteria2 outbound](/configuration/outbound/hysteria2/)
+See [Hysteria2 inbound](/configuration/inbound/hysteria2) and [Hysteria2 outbound](/configuration/outbound/hysteria2)

 For protocol description, please refer to [https://v2.hysteria.network](https://v2.hysteria.network)

@@ -403,7 +179,7 @@ Only inbound connections are affected by this setting, internal connections will
 **5**:

 Only `Alibaba Cloud DNS` and `Cloudflare` are supported, see [ACME Fields](/configuration/shared/tls#acme-fields)
-and [DNS01 Challenge Fields](/configuration/shared/dns01_challenge/).
+and [DNS01 Challenge Fields](/configuration/shared/dns01_challenge).

 **6**:

@@ -485,7 +261,7 @@ Global Flags:

 Only `Alibaba Cloud DNS` and `Cloudflare` are supported,
 see [ACME Fields](/configuration/shared/tls#acme-fields)
-and [DNS01 Challenge Fields](/configuration/shared/dns01_challenge/).
+and [DNS01 Challenge Fields](/configuration/shared/dns01_challenge).

 #### 1.5.0-beta.10

@@ -514,7 +290,7 @@ Only inbound connections are affected by this setting, internal connections will

 * Fix compatibility issues with official Hysteria2 server and client
 * Fixes and improvements
-* Mark [deprecated features](/deprecated/)
+* Mark [deprecated features](/deprecated)

 #### 1.5.0-beta.3

@@ -533,13 +309,13 @@ Hysteria2 server and client when using `fastOpen=false` or UDP MTU >= 1200.

 **1**:

-See [Hysteria2 inbound](/configuration/inbound/hysteria2/) and [Hysteria2 outbound](/configuration/outbound/hysteria2/)
+See [Hysteria2 inbound](/configuration/inbound/hysteria2) and [Hysteria2 outbound](/configuration/outbound/hysteria2)

 For protocol description, please refer to [https://v2.hysteria.network](https://v2.hysteria.network)

 #### 1.5.0-beta.1

-* Add TLS [ECH server](/configuration/shared/tls/) support
+* Add TLS [ECH server](/configuration/shared/tls) support
 * Improve TLS TCH client configuration
 * Add TLS ECH key pair generator **1**
 * Add TLS ECH support for QUIC based protocols **2**
@@ -572,12 +348,12 @@ Important changes since 1.3:

 *1*:

-See [TUIC inbound](/configuration/inbound/tuic/)
-and [TUIC outbound](/configuration/outbound/tuic/)
+See [TUIC inbound](/configuration/inbound/tuic)
+and [TUIC outbound](/configuration/outbound/tuic)

 **2**:

-This is the TUIC port of the [UDP over TCP protocol](/configuration/shared/udp-over-tcp/), designed to provide a QUIC
+This is the TUIC port of the [UDP over TCP protocol](/configuration/shared/udp-over-tcp), designed to provide a QUIC
 stream based UDP relay mode that TUIC does not provide. Since it is an add-on protocol, you will need to use sing-box or
 another program compatible with the protocol as a server.

@@ -608,7 +384,7 @@ Requires sing-box to be compiled with Go 1.21.

 **1**:

-This is the TUIC port of the [UDP over TCP protocol](/configuration/shared/udp-over-tcp/), designed to provide a QUIC
+This is the TUIC port of the [UDP over TCP protocol](/configuration/shared/udp-over-tcp), designed to provide a QUIC
 stream based UDP relay mode that TUIC does not provide. Since it is an add-on protocol, you will need to use sing-box or
 another program compatible with the protocol as a server.

@@ -646,8 +422,8 @@ Requires sing-box to be compiled with Go 1.21.

 *1*:

-See [TUIC inbound](/configuration/inbound/tuic/)
-and [TUIC outbound](/configuration/outbound/tuic/)
+See [TUIC inbound](/configuration/inbound/tuic)
+and [TUIC outbound](/configuration/outbound/tuic)

 #### 1.3.6

@@ -656,7 +432,7 @@ and [TUIC outbound](/configuration/outbound/tuic/)
 #### 1.3.5

 * Fixes and improvements
-* Introducing our [Apple tvOS](/installation/clients/sft/) client applications **1**
+* Introducing our [Apple tvOS](/installation/clients/sft) client applications **1**
 * Add per app proxy and app installed/updated trigger support for Android client
 * Add profile sharing support for Android/iOS/macOS clients

@@ -683,7 +459,7 @@ downloaded through TestFlight.

 #### 1.3.1-beta.3

-* Introducing our [new iOS](/installation/clients/sfi/) and [macOS](/installation/clients/sfm/) client applications **1**
+* Introducing our [new iOS](/installation/clients/sfi) and [macOS](/installation/clients/sfm) client applications **1**
 * Fixes and improvements

 **1**:
@@ -704,7 +480,7 @@ The old testflight link and app are no longer valid.

 Important changes since 1.2:

-* Add [FakeIP](/configuration/dns/fakeip/) support **1**
+* Add [FakeIP](/configuration/dns/fakeip) support **1**
 * Improve multiplex **2**
 * Add [DNS reverse mapping](/configuration/dns#reverse_mapping) support
 * Add `rewrite_ttl` DNS rule action
@@ -731,11 +507,11 @@ Important changes since 1.2:

 *1*:

-See [FAQ](/faq/fakeip/) for more information.
+See [FAQ](/faq/fakeip) for more information.

 *2*:

-Added new `h2mux` multiplex protocol and `padding` multiplex option, see [Multiplex](/configuration/shared/multiplex/).
+Added new `h2mux` multiplex protocol and `padding` multiplex option, see [Multiplex](/configuration/shared/multiplex).

 #### 1.3-rc2

@@ -797,7 +573,7 @@ Improved performance and reduced memory usage.

 *1*:

-Added new `h2mux` multiplex protocol and `padding` multiplex option, see [Multiplex](/configuration/shared/multiplex/).
+Added new `h2mux` multiplex protocol and `padding` multiplex option, see [Multiplex](/configuration/shared/multiplex).

 #### 1.2.6

@@ -849,25 +625,25 @@ This is an incompatible update for XUDP in VLESS if vision flow is enabled.
 #### 1.3-beta1

 * Add [DNS reverse mapping](/configuration/dns#reverse_mapping) support
-* Add [L3 routing](/configuration/route/ip-rule/) support **1**
+* Add [L3 routing](/configuration/route/ip-rule) support **1**
 * Add `rewrite_ttl` DNS rule action
-* Add [FakeIP](/configuration/dns/fakeip/) support **2**
+* Add [FakeIP](/configuration/dns/fakeip) support **2**
 * Add `store_fakeip` Clash API option
 * Add multi-peer support for [WireGuard](/configuration/outbound/wireguard#peers) outbound
 * Add loopback detect

 *1*:

-It can currently be used to [route connections directly to WireGuard](/examples/wireguard-direct/) or block connections
+It can currently be used to [route connections directly to WireGuard](/examples/wireguard-direct) or block connections
 at the IP layer.

 *2*:

-See [FAQ](/faq/fakeip/) for more information.
+See [FAQ](/faq/fakeip) for more information.

 #### 1.2.3

-* Introducing our [new Android client application](/installation/clients/sfa/)
+* Introducing our [new Android client application](/installation/clients/sfa)
 * Improve UDP domain destination NAT
 * Update reality protocol
 * Fix TTL calculation for DNS response
@@ -896,16 +672,16 @@ to `domain` rule.

 Important changes since 1.1:

-* Introducing our [new iOS client application](/installation/clients/sfi/)
-* Introducing [UDP over TCP protocol version 2](/configuration/shared/udp-over-tcp/)
+* Introducing our [new iOS client application](/installation/clients/sfi)
+* Introducing [UDP over TCP protocol version 2](/configuration/shared/udp-over-tcp)
 * Add [platform options](/configuration/inbound/tun#platform) for tun inbound
 * Add [ShadowTLS protocol v3](https://github.com/ihciah/shadow-tls/blob/master/docs/protocol-v3-en.md)
-* Add [VLESS server](/configuration/inbound/vless/) and [vision](/configuration/outbound/vless#flow) support
-* Add [reality TLS](/configuration/shared/tls/) support
-* Add [NTP service](/configuration/ntp/)
-* Add [DHCP DNS server](/configuration/dns/server/) support
-* Add SSH [host key validation](/configuration/outbound/ssh/) support
-* Add [query_type](/configuration/dns/rule/) DNS rule item
+* Add [VLESS server](/configuration/inbound/vless) and [vision](/configuration/outbound/vless#flow) support
+* Add [reality TLS](/configuration/shared/tls) support
+* Add [NTP service](/configuration/ntp)
+* Add [DHCP DNS server](/configuration/dns/server) support
+* Add SSH [host key validation](/configuration/outbound/ssh) support
+* Add [query_type](/configuration/dns/rule) DNS rule item
 * Add fallback support for v2ray transport
 * Add custom TLS server support for http based v2ray transports
 * Add health check support for http-based v2ray transports
@@ -936,7 +712,7 @@ name.

 #### 1.2-beta9

-* Introducing the [UDP over TCP protocol version 2](/configuration/shared/udp-over-tcp/)
+* Introducing the [UDP over TCP protocol version 2](/configuration/shared/udp-over-tcp)
 * Add health check support for http-based v2ray transports
 * Remove length limit on short_id for reality TLS config
 * Fix bugs and update dependencies
@@ -953,7 +729,7 @@ name.

 #### 1.2-beta6

-* Introducing our [new iOS client application](/installation/clients/sfi/)
+* Introducing our [new iOS client application](/installation/clients/sfi)
 * Add [platform options](/configuration/inbound/tun#platform) for tun inbound
 * Add custom TLS server support for http based v2ray transports
 * Add generate commands
@@ -966,8 +742,8 @@ name.

 #### 1.2-beta5

-* Add [VLESS server](/configuration/inbound/vless/) and [vision](/configuration/outbound/vless#flow) support
-* Add [reality TLS](/configuration/shared/tls/) support
+* Add [VLESS server](/configuration/inbound/vless) and [vision](/configuration/outbound/vless#flow) support
+* Add [reality TLS](/configuration/shared/tls) support
 * Fix match private address

 #### 1.1.6
@@ -982,7 +758,7 @@ name.

 #### 1.2-beta4

-* Add [NTP service](/configuration/ntp/)
+* Add [NTP service](/configuration/ntp)
 * Add Add multiple server names and multi-user support for shadowtls
 * Add strict mode support for shadowtls v3
 * Add uTLS support for shadowtls v3
@@ -1002,9 +778,9 @@ name.

 #### 1.2-beta1

-* Add [DHCP DNS server](/configuration/dns/server/) support
-* Add SSH [host key validation](/configuration/outbound/ssh/) support
-* Add [query_type](/configuration/dns/rule/) DNS rule item
+* Add [DHCP DNS server](/configuration/dns/server) support
+* Add SSH [host key validation](/configuration/outbound/ssh) support
+* Add [query_type](/configuration/dns/rule) DNS rule item
 * Add v2ray [user stats](/configuration/experimental#statsusers) api
 * Add new clash DNS query api
 * Improve vmess request
@@ -1233,7 +1009,7 @@ and [ShadowTLS outbound](/configuration/outbound/shadowtls#version)

 #### 1.1-beta6

-* Add [URLTest outbound](/configuration/outbound/urltest/)
+* Add [URLTest outbound](/configuration/outbound/urltest)
 * Fix bugs in 1.1-beta5

 #### 1.1-beta5
@@ -1265,8 +1041,8 @@ The default tun stack is changed to system.
 #### 1.1-beta4

 * Add internal simple-obfs and v2ray-plugin [Shadowsocks plugins](/configuration/outbound/shadowsocks#plugin)
-* Add [ShadowsocksR outbound](/configuration/outbound/shadowsocksr/)
-* Add [VLESS outbound and XUDP](/configuration/outbound/vless/)
+* Add [ShadowsocksR outbound](/configuration/outbound/shadowsocksr)
+* Add [VLESS outbound and XUDP](/configuration/outbound/vless)
 * Skip wait for hysteria tcp handshake response
 * Fix socks4 client
 * Fix hysteria inbound
@@ -1293,7 +1069,7 @@ The default tun stack is changed to system.
 *1*:

 Switching modes using the Clash API, and `store-selected` are now supported,
-see [Experimental](/configuration/experimental/).
+see [Experimental](/configuration/experimental).

 *2*:

@@ -1374,15 +1150,15 @@ and [Listen Fields](/configuration/shared/listen#udp_fragment).
 * Fix write trojan udp
 * Fix DNS routing
 * Add attribute support for geosite
-* Update documentation for [Dial Fields](/configuration/shared/dial/)
+* Update documentation for [Dial Fields](/configuration/shared/dial)

 #### 1.0-beta3

 * Add [chained inbound](/configuration/shared/listen#detour) support
 * Add process_path rule item
 * Add macOS redirect support
-* Add ShadowTLS [Inbound](/configuration/inbound/shadowtls/), [Outbound](/configuration/outbound/shadowtls/)
-  and [Examples](/examples/shadowtls/)
+* Add ShadowTLS [Inbound](/configuration/inbound/shadowtls), [Outbound](/configuration/outbound/shadowtls)
+  and [Examples](/examples/shadowtls)
 * Fix search android package in non-owner users
 * Fix socksaddr type condition
 * Fix smux session status
@@ -1426,7 +1202,7 @@ and [Listen Fields](/configuration/shared/listen#udp_fragment).

 ##### 2022/08/23

-* Add [V2Ray Transport](/configuration/shared/v2ray-transport/) support for VMess and Trojan
+* Add [V2Ray Transport](/configuration/shared/v2ray-transport) support for VMess and Trojan
 * Allow plain http request in Naive inbound (It can now be used with nginx)
 * Add proxy protocol support
 * Free memory after start
@@ -1435,13 +1211,13 @@ and [Listen Fields](/configuration/shared/listen#udp_fragment).

 ##### 2022/08/22

-* Add strategy setting for each [DNS server](/configuration/dns/server/)
+* Add strategy setting for each [DNS server](/configuration/dns/server)
 * Add bind address to outbound options

 ##### 2022/08/21

-* Add [Tor outbound](/configuration/outbound/tor/)
-* Add [SSH outbound](/configuration/outbound/ssh/)
+* Add [Tor outbound](/configuration/outbound/tor)
+* Add [SSH outbound](/configuration/outbound/ssh)

 ##### 2022/08/20

@@ -1455,8 +1231,8 @@ and [Listen Fields](/configuration/shared/listen#udp_fragment).

 ##### 2022/08/19

-* Add Hysteria [Inbound](/configuration/inbound/hysteria/) and [Outbund](/configuration/outbound/hysteria/)
-* Add [ACME TLS certificate issuer](/configuration/shared/tls/)
+* Add Hysteria [Inbound](/configuration/inbound/hysteria) and [Outbund](/configuration/outbound/hysteria)
+* Add [ACME TLS certificate issuer](/configuration/shared/tls)
 * Allow read config from stdin (-c stdin)
 * Update gVisor to 20220815.0

@@ -1474,11 +1250,11 @@ and [Listen Fields](/configuration/shared/listen#udp_fragment).
 ##### 2022/08/16

 * Add ip_version (route/dns) rule item
-* Add [WireGuard](/configuration/outbound/wireguard/) outbound
+* Add [WireGuard](/configuration/outbound/wireguard) outbound

 ##### 2022/08/15

-* Add uid, android user and package rules support in [Tun](/configuration/inbound/tun/) routing.
+* Add uid, android user and package rules support in [Tun](/configuration/inbound/tun) routing.

 ##### 2022/08/13

@@ -1487,15 +1263,15 @@ and [Listen Fields](/configuration/shared/listen#udp_fragment).
 ##### 2022/08/12

 * Performance improvements
-* Add UoT option for [SOCKS](/configuration/outbound/socks/) outbound
+* Add UoT option for [SOCKS](/configuration/outbound/socks) outbound

 ##### 2022/08/11

-* Add UoT option for [Shadowsocks](/configuration/outbound/shadowsocks/) outbound, UoT support for all inbounds
+* Add UoT option for [Shadowsocks](/configuration/outbound/shadowsocks) outbound, UoT support for all inbounds

 ##### 2022/08/10

-* Add full-featured [Naive](/configuration/inbound/naive/) inbound
+* Add full-featured [Naive](/configuration/inbound/naive) inbound
 * Fix default dns server option [#9] by iKirby

 ##### 2022/08/09
--- a/docs/clients/android/features.md
+++ b/docs/clients/android/features.md
@@ -1,64 +0,0 @@
-# :material-decagram: Features
-
-#### UI options
-
-* Display realtime network speed in the notification
-
-#### Service
-
-SFA allows you to run sing-box through ForegroundService or VpnService (when TUN is required).
-
-#### TUN
-
-SFA provides an unprivileged TUN implementation through Android VpnService.
-
-| TUN inbound option            | Available        | Note               |
-|-------------------------------|------------------|--------------------|
-| `interface_name`              | :material-close: | Managed by Android |
-| `inet4_address`               | :material-check: | /                  |
-| `inet6_address`               | :material-check: | /                  |
-| `mtu`                         | :material-check: | /                  |
-| `auto_route`                  | :material-check: | /                  |
-| `strict_route`                | :material-close: | Not implemented    |
-| `inet4_route_address`         | :material-check: | /                  |
-| `inet6_route_address`         | :material-check: | /                  |
-| `inet4_route_exclude_address` | :material-check: | /                  |
-| `inet6_route_exclude_address` | :material-check: | /                  |
-| `endpoint_independent_nat`    | :material-check: | /                  |
-| `stack`                       | :material-check: | /                  |
-| `include_interface`           | :material-close: | No permission      |
-| `exclude_interface`           | :material-close: | No permission      |
-| `include_uid`                 | :material-close: | No permission      |
-| `exclude_uid`                 | :material-close: | No permission      |
-| `include_android_user`        | :material-close: | No permission      |
-| `include_package`             | :material-check: | /                  |
-| `exclude_package`             | :material-check: | /                  |
-| `platform`                    | :material-check: | /                  |
-
-| Route/DNS rule option | Available        | Note                              |
-|-----------------------|------------------|-----------------------------------|
-| `process_name`        | :material-close: | No permission                     |
-| `process_path`        | :material-close: | No permission                     |
-| `package_name`        | :material-check: | /                                 |
-| `user`                | :material-close: | Use `package_name` instead        |
-| `user_id`             | :material-close: | Use `package_name` instead        |
-| `wifi_ssid`           | :material-check: | Fine location permission required |
-| `wifi_bssid`          | :material-check: | Fine location permission required |
-
-### Override
-
-Overrides profile configuration items with platform-specific values.
-
-#### Per-app proxy
-
-SFA allows you to select a list of Android apps that require proxying or bypassing in the graphical interface to
-override the `include_package` and `exclude_package` configuration items.
-
-In particular, the selector also provides the “China apps” scanning feature, providing Chinese users with an excellent
-experience to bypass apps that do not require a proxy. Specifically, by scanning China application or SDK
-characteristics through dex class path and other means, there will be almost no missed reports.
-
-### Chore
-
-* The working directory is located at `/sdcard/Android/data/io.nekohasekai.sfa/files` (External files directory)
-* Crash logs is located in `$working_directory/stderr.log`
--- a/docs/clients/android/index.md
+++ b/docs/clients/android/index.md
@@ -1,22 +0,0 @@
---
-icon: material/android
---
-
-# sing-box for Android
-
-SFA allows users to manage and run local or remote sing-box configuration files, and provides
-platform-specific function implementation, such as TUN transparent proxy implementation.
-
-## :material-graph: Requirements
-
-* Android 5.0+
-
-## :material-download: Download
-
-* [Play Store](https://play.google.com/store/apps/details?id=io.nekohasekai.sfa)
-* [Play Store (Beta)](https://play.google.com/apps/testing/io.nekohasekai.sfa)
-* [GitHub Releases](https://github.com/SagerNet/sing-box/releases)
-
-## :material-source-repository: Source code
-
-* [GitHub](https://github.com/SagerNet/sing-box-for-android)
--- a/docs/clients/apple/features.md
+++ b/docs/clients/apple/features.md
@@ -1,52 +0,0 @@
-# :material-decagram: Features
-
-#### UI options
-
-* Always On
-* Include All Networks (Proxy traffic for LAN and cellular services)
-* (Apple tvOS) Import profile from iPhone/iPad
-
-#### Service
-
-SFI/SFM/SFT allows you to run sing-box through NetworkExtension with Application Extension or System Extension.
-
-#### TUN
-
-SFI/SFM/SFT provides an unprivileged TUN implementation through NetworkExtension.
-
-| TUN inbound option            | Available | Note              |
-|-------------------------------|-----------|-------------------|
-| `interface_name`              | ✖️        | Managed by Darwin |
-| `inet4_address`               | ✔️        | /                 |
-| `inet6_address`               | ✔️        | /                 |
-| `mtu`                         | ✔️        | /                 |
-| `auto_route`                  | ✔️        | /                 |
-| `strict_route`                | ✖️        | Not implemented   |
-| `inet4_route_address`         | ✔️        | /                 |
-| `inet6_route_address`         | ✔️        | /                 |
-| `inet4_route_exclude_address` | ✔️        | /                 |
-| `inet6_route_exclude_address` | ✔️        | /                 |
-| `endpoint_independent_nat`    | ✔️        | /                 |
-| `stack`                       | ✔️        | /                 |
-| `include_interface`           | ✖️        | Not implemented   |
-| `exclude_interface`           | ✖️        | Not implemented   |
-| `include_uid`                 | ✖️        | Not implemented   |
-| `exclude_uid`                 | ✖️        | Not implemented   |
-| `include_android_user`        | ✖️        | Not implemented   |
-| `include_package`             | ✖️        | Not implemented   |
-| `exclude_package`             | ✖️        | Not implemented   |
-| `platform`                    | ✔️        | /                 |
-
-| Route/DNS rule option | Available        | Note                  |
-|-----------------------|------------------|-----------------------|
-| `process_name`        | :material-close: | No permission         |
-| `process_path`        | :material-close: | No permission         |
-| `package_name`        | :material-close: | /                     |
-| `user`                | :material-close: | No permission         |
-| `user_id`             | :material-close: | No permission         |
-| `wifi_ssid`           | :material-alert: | Only supported on iOS |
-| `wifi_bssid`          | :material-alert: | Only supported on iOS |
-
-### Chore
-
-* Crash logs is located in `Settings` -> `View Service Log`
--- a/docs/clients/apple/index.md
+++ b/docs/clients/apple/index.md
@@ -1,32 +0,0 @@
---
-icon: material/apple
---
-
-# sing-box for Apple platforms
-
-SFI/SFM/SFT allows users to manage and run local or remote sing-box configuration files, and provides
-platform-specific function implementation, such as TUN transparent proxy implementation.
-
-## :material-graph: Requirements
-
-* iOS 15.0+ / macOS 13.0+ / Apple tvOS 17.0+
-* An Apple account outside of mainland China
-
-## :material-download: Download
-
-* [App Store](https://apps.apple.com/us/app/sing-box/id6451272673)
-* [TestFlight (Beta)](https://testflight.apple.com/join/AcqO44FH)
-
-## :material-file-download: Download (macOS standalone version)
-
-* [Homebrew Cask](https://formulae.brew.sh/cask/sfm)
-
-```bash
-brew install sfm
-```
-
-* [GitHub Releases](https://github.com/SagerNet/sing-box/releases)
-
-## :material-source-repository: Source code
-
-* [GitHub](https://github.com/SagerNet/sing-box-for-apple)
--- a/docs/clients/general.md
+++ b/docs/clients/general.md
@@ -1,63 +0,0 @@
---
-icon: material/pencil-ruler
---
-
-# General
-
-Describes and explains the functions implemented uniformly by sing-box graphical clients.
-
-### Profile
-
-Profile describes a sing-box configuration file and its state.
-
-#### Local
-
-* Local Profile represents a local sing-box configuration with minimal state
-* The graphical client must provide an editor to modify configuration content
-
-#### iCloud (on iOS and macOS)
-
-* iCloud Profile represents a remote sing-box configuration with iCloud as the update source
-* The configuration file is stored in the sing-box folder under iCloud
-* The graphical client must provide an editor to modify configuration content
-
-#### Remote
-
-* Remote Profile represents a remote sing-box configuration with a URL as the update source.
-* The graphical client should provide a configuration content viewer
-* The graphical client must implement automatic profile update (default interval is 60 minutes) and HTTP Basic
-  authorization.
-
-At the same time, the graphical client must provide support for importing remote profiles
-through a specific URL Scheme. The URL is defined as follows:
-
-```
-sing-box://import-remote-profile?url=urlEncodedURL#urlEncodedName
-```
-
-### Dashboard
-
-While the sing-box service is running, the graphical client should provide a Dashboard interface to manage the service.
-
-#### Status
-
-Dashboard should display status information such as memory, connection, and traffic.
-
-#### Mode
-
-Dashboard should provide a Mode selector for switching when the configuration uses at least two `clash_mode` values.
-
-#### Groups
-
-When the configuration includes group outbounds (specifically, Selector or URLTest),
-the dashboard should provide a Group selector for status display or switching.
-
-### Chore
-
-#### Core
-
-Graphical clients should provide a Core region:
-
-* Display the current sing-box version
-* Provides a button to clean the working directory
-* Provides a memory limiter switch
--- a/docs/clients/index.md
+++ b/docs/clients/index.md
@@ -1,13 +0,0 @@
-# :material-cellphone-link: Graphical Clients
-
-Maintained by Project S to provide a unified experience and platform-specific functionality.
-
-| Platform                              | Client                                   |
-|---------------------------------------|------------------------------------------|
-| :material-android: Android            | [sing-box for Android](./android/)       |
-| :material-apple: iOS/macOS/Apple tvOS | [sing-box for Apple platforms](./apple/) |
-| :material-laptop: Desktop             | Working in progress                      |
-
-Some third-party projects that claim to use sing-box or use sing-box as a selling point are not listed here. The core
-motivation of the maintainers of such projects is to acquire more users, and even though they provide friendly VPN
-client features, the code is usually of poor quality and contains ads.
--- a/docs/clients/index.zh.md
+++ b/docs/clients/index.zh.md
@@ -1,12 +0,0 @@
-# :material-cellphone-link: 图形界面客户端
-
-由 Project S 维护，提供统一的体验与平台特定的功能。
-
-| 平台                                    | 客户端                                     |
-|---------------------------------------|-----------------------------------------|
-| :material-android: Android            | [sing-box for Android](./android/)       |
-| :material-apple: iOS/macOS/Apple tvOS | [sing-box for Apple platforms](./apple/) |
-| :material-laptop: Desktop             | 施工中                                     |
-
-此处没有列出一些声称使用或以 sing-box 为卖点的第三方项目。此类项目维护者的动机是获得更多用户，即使它们提供友好的商业
-VPN 客户端功能， 但代码质量很差且包含广告。
--- a/docs/clients/privacy.md
+++ b/docs/clients/privacy.md
@@ -1,8 +0,0 @@
---
-icon: material/security
---
-
-# Privacy policy
-
-sing-box and official graphics clients do not collect or share personal data,
-and the data generated by the software is always on your device.
--- a/docs/configuration/dns/index.md
+++ b/docs/configuration/dns/index.md
@@ -23,9 +23,9 @@

 | Key      | Format                         |
 |----------|--------------------------------|
-| `server` | List of [DNS Server](./server/) |
-| `rules`  | List of [DNS Rule](./rule/)     |
-| `fakeip` | [FakeIP](./fakeip/)             |
+| `server` | List of [DNS Server](./server) |
+| `rules`  | List of [DNS Rule](./rule)     |
+| `fakeip` | [FakeIP](./fakeip)             |

 #### final

@@ -62,4 +62,4 @@ problematic in environments such as macOS, where DNS is proxied and cached by th

 #### fakeip

-[FakeIP](./fakeip/) settings.
+[FakeIP](./fakeip) settings.
--- a/docs/configuration/dns/index.zh.md
+++ b/docs/configuration/dns/index.zh.md
@@ -21,10 +21,10 @@

 ### 字段

-| 键        | 格式                      |
-|----------|-------------------------|
-| `server` | 一组 [DNS 服务器](./server/) |
-| `rules`  | 一组 [DNS 规则](./rule/)    |
+| 键        | 格式                     |
+|----------|------------------------|
+| `server` | 一组 [DNS 服务器](./server) |
+| `rules`  | 一组 [DNS 规则](./rule)    |

 #### final

@@ -60,4 +60,4 @@

 #### fakeip

-[FakeIP](./fakeip/) 设置。
+[FakeIP](./fakeip) 设置。
--- a/docs/configuration/dns/rule.md
+++ b/docs/configuration/dns/rule.md
@@ -79,12 +79,6 @@
          1000
        ],
        "clash_mode": "direct",
-        "wifi_ssid": [
-          "My WIFI"
-        ],
-        "wifi_bssid": [
-          "00:00:00:00:00:00"
-        ],
        "invert": false,
        "outbound": [
          "direct"
@@ -124,7 +118,7 @@

 #### inbound

-Tags of [Inbound](/configuration/inbound/).
+Tags of [Inbound](/configuration/inbound).

 #### ip_version

@@ -194,7 +188,7 @@ Match port range.

 #### process_name

-!!! quote ""
+!!! error ""

    Only supported on Linux, Windows, and macOS.

@@ -202,7 +196,7 @@ Match process name.

 #### process_path

-!!! quote ""
+!!! error ""

    Only supported on Linux, Windows, and macOS.

@@ -214,7 +208,7 @@ Match android package name.

 #### user

-!!! quote ""
+!!! error ""

    Only supported on Linux.

@@ -222,7 +216,7 @@ Match user name.

 #### user_id

-!!! quote ""
+!!! error ""

    Only supported on Linux.

@@ -232,24 +226,6 @@ Match user id.

 Match Clash mode.

-#### wifi_ssid
-
-<!-- md:version 1.7.0-beta.4 -->
-
-!!! quote ""
-
-    Only supported in graphical clients on Android and iOS.
-
-Match WiFi SSID.
-
-#### wifi_bssid
-
-!!! quote ""
-
-    Only supported in graphical clients on Android and iOS.
-
-Match WiFi BSSID.
-
 #### invert

 Invert match result.
--- a/docs/configuration/dns/rule.zh.md
+++ b/docs/configuration/dns/rule.zh.md
@@ -78,12 +78,6 @@
          1000
        ],
        "clash_mode": "direct",
-        "wifi_ssid": [
-          "My WIFI"
-        ],
-        "wifi_bssid": [
-          "00:00:00:00:00:00"
-        ],
        "invert": false,
        "outbound": [
          "direct"
@@ -121,7 +115,7 @@

 #### inbound

-[入站](/zh/configuration/inbound/) 标签.
+[入站](/zh/configuration/inbound) 标签.

 #### ip_version

@@ -191,7 +185,7 @@ DNS 查询类型。值可以为整数或者类型名称字符串。

 #### process_name

-!!! quote ""
+!!! error ""

    仅支持 Linux、Windows 和 macOS.

@@ -199,7 +193,7 @@ DNS 查询类型。值可以为整数或者类型名称字符串。

 #### process_path

-!!! quote ""
+!!! error ""

    仅支持 Linux、Windows 和 macOS.

@@ -211,7 +205,7 @@ DNS 查询类型。值可以为整数或者类型名称字符串。

 #### user

-!!! quote ""
+!!! error ""

    仅支持 Linux。

@@ -219,7 +213,7 @@ DNS 查询类型。值可以为整数或者类型名称字符串。

 #### user_id

-!!! quote ""
+!!! error ""

    仅支持 Linux。

@@ -229,22 +223,6 @@ DNS 查询类型。值可以为整数或者类型名称字符串。

 匹配 Clash 模式。

-#### wifi_ssid
-
-!!! quote ""
-
-    仅在 Android 与 iOS 的图形客户端中支持。
-
-匹配 WiFi SSID。
-
-#### wifi_bssid
-
-!!! quote ""
-
-    仅在 Android 与 iOS 的图形客户端中支持。
-
-匹配 WiFi BSSID。
-
 #### invert

 反选匹配结果。
--- a/docs/configuration/dns/server.md
+++ b/docs/configuration/dns/server.md
@@ -30,18 +30,18 @@ The tag of the dns server.

 The address of the dns server.

-| Protocol                             | Format                        |
-|--------------------------------------|-------------------------------|
-| `System`                             | `local`                       |
-| `TCP`                                | `tcp://1.0.0.1`               |
-| `UDP`                                | `8.8.8.8` `udp://8.8.4.4`     |
-| `TLS`                                | `tls://dns.google`            |
-| `HTTPS`                              | `https://1.1.1.1/dns-query`   |
-| `QUIC`                               | `quic://dns.adguard.com`      |
-| `HTTP3`                              | `h3://8.8.8.8/dns-query`      |
-| `RCode`                              | `rcode://refused`             |
-| `DHCP`                               | `dhcp://auto` or `dhcp://en0` |
-| [FakeIP](/configuration/dns/fakeip/) | `fakeip`                      |
+| Protocol                            | Format                        |
+|-------------------------------------|-------------------------------|
+| `System`                            | `local`                       |
+| `TCP`                               | `tcp://1.0.0.1`               |
+| `UDP`                               | `8.8.8.8` `udp://8.8.4.4`     |
+| `TLS`                               | `tls://dns.google`            |
+| `HTTPS`                             | `https://1.1.1.1/dns-query`   |
+| `QUIC`                              | `quic://dns.adguard.com`      |
+| `HTTP3`                             | `h3://8.8.8.8/dns-query`      |
+| `RCode`                             | `rcode://refused`             |
+| `DHCP`                              | `dhcp://auto` or `dhcp://en0` |
+| [FakeIP](/configuration/dns/fakeip) | `fakeip`                      |

 !!! warning ""

@@ -49,7 +49,7 @@ The address of the dns server.

 !!! warning ""

-    QUIC and HTTP3 transport is not included by default, see [Installation](./#installation).
+    QUIC and HTTP3 transport is not included by default, see [Installation](/#installation).

 !!! info ""

@@ -57,7 +57,7 @@ The address of the dns server.

 !!! warning ""

-    DHCP transport is not included by default, see [Installation](./#installation).
+    DHCP transport is not included by default, see [Installation](/#installation).

 | RCode             | Description           | 
 |-------------------|-----------------------|
--- a/docs/configuration/dns/server.zh.md
+++ b/docs/configuration/dns/server.zh.md
@@ -30,18 +30,18 @@ DNS 服务器的标签。

 DNS 服务器的地址。

-| 协议                                   | 格式                           |
-|--------------------------------------|------------------------------|
-| `System`                             | `local`                      |
-| `TCP`                                | `tcp://1.0.0.1`              |
-| `UDP`                                | `8.8.8.8` `udp://8.8.4.4`    |
-| `TLS`                                | `tls://dns.google`           |
-| `HTTPS`                              | `https://1.1.1.1/dns-query`  |
-| `QUIC`                               | `quic://dns.adguard.com`     |
-| `HTTP3`                              | `h3://8.8.8.8/dns-query`     |
-| `RCode`                              | `rcode://refused`            |
-| `DHCP`                               | `dhcp://auto` 或 `dhcp://en0` |
-| [FakeIP](/configuration/dns/fakeip/) | `fakeip`                     |
+| 协议                                  | 格式                           |
+|-------------------------------------|------------------------------|
+| `System`                            | `local`                      |
+| `TCP`                               | `tcp://1.0.0.1`              |
+| `UDP`                               | `8.8.8.8` `udp://8.8.4.4`    |
+| `TLS`                               | `tls://dns.google`           |
+| `HTTPS`                             | `https://1.1.1.1/dns-query`  |
+| `QUIC`                              | `quic://dns.adguard.com`     |
+| `HTTP3`                             | `h3://8.8.8.8/dns-query`     |
+| `RCode`                             | `rcode://refused`            |
+| `DHCP`                              | `dhcp://auto` 或 `dhcp://en0` |
+| [FakeIP](/configuration/dns/fakeip) | `fakeip`                     |

 !!! warning ""

--- a/docs/configuration/experimental/index.md
+++ b/docs/configuration/experimental/index.md
@@ -44,9 +44,9 @@

 ### Clash API Fields

-!!! quote ""
+!!! error ""

-    Clash API is not included by default, see [Installation](./#installation).
+    Clash API is not included by default, see [Installation](/#installation).

 #### external_controller

@@ -110,9 +110,9 @@ If not empty, `store_selected` will use a separate store keyed by it.

 ### V2Ray API Fields

-!!! quote ""
+!!! error ""

-    V2Ray API is not included by default, see [Installation](./#installation).
+    V2Ray API is not included by default, see [Installation](/#installation).

 #### listen

--- a/docs/configuration/experimental/index.zh.md
+++ b/docs/configuration/experimental/index.zh.md
@@ -44,7 +44,7 @@

 ### Clash API 字段

-!!! quote ""
+!!! error ""

    默认安装不包含 Clash API，参阅 [安装](/zh/#_2)。

@@ -108,7 +108,7 @@ Clash 中的默认模式，默认使用 `Rule`。

 ### V2Ray API 字段

-!!! quote ""
+!!! error ""

    默认安装不包含 V2Ray API，参阅 [安装](/zh/#_2)。

--- a/docs/configuration/inbound/direct.md
+++ b/docs/configuration/inbound/direct.md
@@ -17,7 +17,7 @@

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

--- a/docs/configuration/inbound/http.md
+++ b/docs/configuration/inbound/http.md
@@ -20,7 +20,7 @@

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

@@ -36,7 +36,7 @@ No authentication required if empty.

 #### set_system_proxy

-!!! quote ""
+!!! error ""

    Only supported on Linux, Android, Windows, and macOS.

--- a/docs/configuration/inbound/http.zh.md
+++ b/docs/configuration/inbound/http.zh.md
@@ -36,7 +36,7 @@ HTTP 用户

 #### set_system_proxy

-!!! quote ""
+!!! error ""

    仅支持 Linux、Android、Windows 和 macOS。

--- a/docs/configuration/inbound/hysteria.md
+++ b/docs/configuration/inbound/hysteria.md
@@ -31,11 +31,11 @@

 !!! warning ""

-    QUIC, which is required by hysteria is not included by default, see [Installation](./#installation).
+    QUIC, which is required by hysteria is not included by default, see [Installation](/#installation).

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

--- a/docs/configuration/inbound/hysteria2.md
+++ b/docs/configuration/inbound/hysteria2.md
@@ -4,8 +4,8 @@
 {
  "type": "hysteria2",
  "tag": "hy2-in",
-  ...
-  // Listen Fields
+  
+  ... // Listen Fields

  "up_mbps": 100,
  "down_mbps": 100,
@@ -28,18 +28,11 @@

 !!! warning ""

-    QUIC, which is required by Hysteria2 is not included by default, see [Installation](./#installation).
-
-!!! warning "Difference from official Hysteria2"
-
-    The official program supports an authentication method called **userpass**,
-    which essentially uses a combination of `<username>:<password>` as the actual password,
-    while sing-box does not provide this alias.
-    To use sing-box with the official program, you need to fill in that combination as the actual password.
+    QUIC, which is required by Hysteria2 is not included by default, see [Installation](/#installation).

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

--- a/docs/configuration/inbound/hysteria2.zh.md
+++ b/docs/configuration/inbound/hysteria2.zh.md
@@ -4,8 +4,8 @@
 {
  "type": "hysteria2",
  "tag": "hy2-in",
-  ...
-  // 监听字段
+  
+  ... // 监听字段

  "up_mbps": 100,
  "down_mbps": 100,
@@ -30,12 +30,6 @@

    默认安装不包含被 Hysteria2 依赖的 QUIC，参阅 [安装](/zh/#_2)。

-!!! warning "与官方 Hysteria2 的区别"
-
-    官方程序支持一种名为 **userpass** 的验证方式，
-    本质上上是将用户名与密码的组合 `<username>:<password>` 作为实际上的密码，而 sing-box 不提供此别名。
-    要将 sing-box 与官方程序一起使用， 您需要填写该组合作为实际密码。
-
 ### 监听字段

 参阅 [监听字段](/zh/configuration/shared/listen/)。
@@ -68,7 +62,7 @@ Hysteria 用户

 #### ignore_client_bandwidth

-命令客户端使用 BBR 拥塞控制算法而不是 Hysteria CC。
+命令客户端使用 BBR 流量控制算法而不是 Hysteria CC。

 与 `up_mbps` 和 `down_mbps` 冲突。

--- a/docs/configuration/inbound/index.md
+++ b/docs/configuration/inbound/index.md
@@ -15,24 +15,24 @@

 ### Fields

-| Type          | Format                        | Injectable |
-|---------------|-------------------------------|------------|
-| `direct`      | [Direct](./direct/)           | X          |
-| `mixed`       | [Mixed](./mixed/)             | TCP        |
-| `socks`       | [SOCKS](./socks/)             | TCP        |
-| `http`        | [HTTP](./http/)               | TCP        |
-| `shadowsocks` | [Shadowsocks](./shadowsocks/) | TCP        |
-| `vmess`       | [VMess](./vmess/)             | TCP        |
-| `trojan`      | [Trojan](./trojan/)           | TCP        |
-| `naive`       | [Naive](./naive/)             | X          |
-| `hysteria`    | [Hysteria](./hysteria/)       | X          |
-| `shadowtls`   | [ShadowTLS](./shadowtls/)     | TCP        |
-| `tuic`        | [TUIC](./tuic/)               | X          |
-| `hysteria2`   | [Hysteria2](./hysteria2/)     | X          |
-| `vless`       | [VLESS](./vless/)             | TCP        |
-| `tun`         | [Tun](./tun/)                 | X          |
-| `redirect`    | [Redirect](./redirect/)       | X          |
-| `tproxy`      | [TProxy](./tproxy/)           | X          |
+| Type          | Format                       | Injectable |
+|---------------|------------------------------|------------|
+| `direct`      | [Direct](./direct)           | X          |
+| `mixed`       | [Mixed](./mixed)             | TCP        |
+| `socks`       | [SOCKS](./socks)             | TCP        |
+| `http`        | [HTTP](./http)               | TCP        |
+| `shadowsocks` | [Shadowsocks](./shadowsocks) | TCP        |
+| `vmess`       | [VMess](./vmess)             | TCP        |
+| `trojan`      | [Trojan](./trojan)           | TCP        |
+| `naive`       | [Naive](./naive)             | X          |
+| `hysteria`    | [Hysteria](./hysteria)       | X          |
+| `shadowtls`   | [ShadowTLS](./shadowtls)     | TCP        |
+| `tuic`        | [TUIC](./tuic)               | X          |
+| `hysteria2`   | [Hysteria2](./hysteria2)     | X          |
+| `vless`       | [VLESS](./vless)             | TCP        |
+| `tun`         | [Tun](./tun)                 | X          |
+| `redirect`    | [Redirect](./redirect)       | X          |
+| `tproxy`      | [TProxy](./tproxy)           | X          |

 #### tag

--- a/docs/configuration/inbound/index.zh.md
+++ b/docs/configuration/inbound/index.zh.md
@@ -17,22 +17,22 @@

 | 类型            | 格式                           | 注入支持 |
 |---------------|------------------------------|------|
-| `direct`      | [Direct](./direct/)           | X    |
-| `mixed`       | [Mixed](./mixed/)             | TCP  |
-| `socks`       | [SOCKS](./socks/)             | TCP  |
-| `http`        | [HTTP](./http/)               | TCP  |
-| `shadowsocks` | [Shadowsocks](./shadowsocks/) | TCP  |
-| `vmess`       | [VMess](./vmess/)             | TCP  |
-| `trojan`      | [Trojan](./trojan/)           | TCP  |
-| `naive`       | [Naive](./naive/)             | X    |
-| `hysteria`    | [Hysteria](./hysteria/)       | X    |
-| `shadowtls`   | [ShadowTLS](./shadowtls/)     | TCP  |
-| `tuic`        | [TUIC](./tuic/)               | X    |
-| `hysteria2`   | [Hysteria2](./hysteria2/)     | X    |
-| `vless`       | [VLESS](./vless/)             | TCP  |
-| `tun`         | [Tun](./tun/)                 | X    |
-| `redirect`    | [Redirect](./redirect/)       | X    |
-| `tproxy`      | [TProxy](./tproxy/)           | X    |
+| `direct`      | [Direct](./direct)           | X    |
+| `mixed`       | [Mixed](./mixed)             | TCP  |
+| `socks`       | [SOCKS](./socks)             | TCP  |
+| `http`        | [HTTP](./http)               | TCP  |
+| `shadowsocks` | [Shadowsocks](./shadowsocks) | TCP  |
+| `vmess`       | [VMess](./vmess)             | TCP  |
+| `trojan`      | [Trojan](./trojan)           | TCP  |
+| `naive`       | [Naive](./naive)             | X    |
+| `hysteria`    | [Hysteria](./hysteria)       | X    |
+| `shadowtls`   | [ShadowTLS](./shadowtls)     | TCP  |
+| `tuic`        | [TUIC](./tuic)               | X    |
+| `hysteria2`   | [Hysteria2](./hysteria2)     | X    |
+| `vless`       | [VLESS](./vless)             | TCP  |
+| `tun`         | [Tun](./tun)                 | X    |
+| `redirect`    | [Redirect](./redirect)       | X    |
+| `tproxy`      | [TProxy](./tproxy)           | X    |

 #### tag

--- a/docs/configuration/inbound/mixed.md
+++ b/docs/configuration/inbound/mixed.md
@@ -21,7 +21,7 @@

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

@@ -33,7 +33,7 @@ No authentication required if empty.

 #### set_system_proxy

-!!! quote ""
+!!! error ""

    Only supported on Linux, Android, Windows, and macOS.

--- a/docs/configuration/inbound/mixed.zh.md
+++ b/docs/configuration/inbound/mixed.zh.md
@@ -33,7 +33,7 @@ SOCKS 和 HTTP 用户

 #### set_system_proxy

-!!! quote ""
+!!! error ""

    仅支持 Linux、Android、Windows 和 macOS。

--- a/docs/configuration/inbound/naive.md
+++ b/docs/configuration/inbound/naive.md
@@ -20,11 +20,11 @@

 !!! warning ""

-    HTTP3 transport is not included by default, see [Installation](./#installation).
+    HTTP3 transport is not included by default, see [Installation](/#installation).

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

--- a/docs/configuration/inbound/redirect.md
+++ b/docs/configuration/inbound/redirect.md
@@ -1,4 +1,4 @@
-!!! quote ""
+!!! error ""

    Only supported on Linux and macOS.

@@ -15,4 +15,4 @@

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.
--- a/docs/configuration/inbound/redirect.zh.md
+++ b/docs/configuration/inbound/redirect.zh.md
@@ -1,4 +1,4 @@
-!!! quote ""
+!!! error ""

    仅支持 Linux 和 macOS。

--- a/docs/configuration/inbound/shadowsocks.md
+++ b/docs/configuration/inbound/shadowsocks.md
@@ -8,8 +8,7 @@
  ... // Listen Fields

  "method": "2022-blake3-aes-128-gcm",
-  "password": "8JCsPssfgS8tiRwiMlhARg==",
-  "multiplex": {}
+  "password": "8JCsPssfgS8tiRwiMlhARg=="
 }
 ```

@@ -24,8 +23,7 @@
      "name": "sekai",
      "password": "PCD2Z4o12bKUoFa3cC97Hw=="
    }
-  ],
-  "multiplex": {}
+  ]
 }
 ```

@@ -43,14 +41,13 @@
      "server_port": 8080,
      "password": "PCD2Z4o12bKUoFa3cC97Hw=="
    }
-  ],
-  "multiplex": {}
+  ]
 }
 ```

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

@@ -85,7 +82,3 @@ Both if empty.
 | none          | /                                              |
 | 2022 methods  | `sing-box generate rand --base64 <Key Length>` |
 | other methods | any string                                     |
-
-#### multiplex
-
-See [Multiplex](/configuration/shared/multiplex#inbound) for details.
--- a/docs/configuration/inbound/shadowsocks.zh.md
+++ b/docs/configuration/inbound/shadowsocks.zh.md
@@ -8,8 +8,7 @@
  ... // 监听字段

  "method": "2022-blake3-aes-128-gcm",
-  "password": "8JCsPssfgS8tiRwiMlhARg==",
-  "multiplex": {}
+  "password": "8JCsPssfgS8tiRwiMlhARg=="
 }
 ```

@@ -24,8 +23,7 @@
      "name": "sekai",
      "password": "PCD2Z4o12bKUoFa3cC97Hw=="
    }
-  ],
-  "multiplex": {}
+  ]
 }
 ```

@@ -43,14 +41,13 @@
      "server_port": 8080,
      "password": "PCD2Z4o12bKUoFa3cC97Hw=="
    }
-  ],
-  "multiplex": {}
+  ]
 }
 ```

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### 字段

@@ -84,8 +81,4 @@ See [Listen Fields](/configuration/shared/listen/) for details.
 |---------------|------------------------------------------|
 | none          | /                                        |
 | 2022 methods  | `sing-box generate rand --base64 <密钥长度>` |
-| other methods | 任意字符串                                    |
-
-#### multiplex
-
-参阅 [多路复用](/zh/configuration/shared/multiplex#inbound)。
+| other methods | 任意字符串                                    |
--- a/docs/configuration/inbound/shadowtls.md
+++ b/docs/configuration/inbound/shadowtls.md
@@ -35,7 +35,7 @@

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

@@ -66,11 +66,11 @@ Only available in the ShadowTLS protocol 3.

 ==Required==

-Handshake server address and [Dial options](/configuration/shared/dial/).
+Handshake server address and [Dial options](/configuration/shared/dial).

 #### handshake_for_server_name

-Handshake server address and [Dial options](/configuration/shared/dial/) for specific server name.
+Handshake server address and [Dial options](/configuration/shared/dial) for specific server name.

 Only available in the ShadowTLS protocol 2/3.

--- a/docs/configuration/inbound/socks.md
+++ b/docs/configuration/inbound/socks.md
@@ -20,7 +20,7 @@

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

--- a/docs/configuration/inbound/tproxy.md
+++ b/docs/configuration/inbound/tproxy.md
@@ -1,4 +1,4 @@
-!!! quote ""
+!!! error ""

    Only supported on Linux.

@@ -17,7 +17,7 @@

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

--- a/docs/configuration/inbound/tproxy.zh.md
+++ b/docs/configuration/inbound/tproxy.zh.md
@@ -1,4 +1,4 @@
-!!! quote ""
+!!! error ""

    仅支持 Linux。

--- a/docs/configuration/inbound/trojan.md
+++ b/docs/configuration/inbound/trojan.md
@@ -24,14 +24,13 @@
      "server_port": 8081
    }
  },
-  "multiplex": {},
  "transport": {}
 }
 ```

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

@@ -47,7 +46,7 @@ TLS configuration, see [TLS](/configuration/shared/tls/#inbound).

 #### fallback

-!!! quote ""
+!!! error ""

    There is no evidence that GFW detects and blocks Trojan servers based on HTTP responses, and opening the standard http/s port on the server is a much bigger signature.

@@ -59,10 +58,6 @@ Fallback server configuration for specified ALPN.

 If not empty, TLS fallback requests with ALPN not in this table will be rejected.

-#### multiplex
-
-See [Multiplex](/configuration/shared/multiplex#inbound) for details.
-
 #### transport

-V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport/).
+V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport).
--- a/docs/configuration/inbound/trojan.zh.md
+++ b/docs/configuration/inbound/trojan.zh.md
@@ -24,7 +24,6 @@
      "server_port": 8081
    }
  },
-  "multiplex": {},
  "transport": {}
 }
 ```
@@ -49,7 +48,7 @@ TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#inbound)。

 #### fallback

-!!! quote ""
+!!! error ""

    没有证据表明 GFW 基于 HTTP 响应检测并阻止 Trojan 服务器，并且在服务器上打开标准 http/s 端口是一个更大的特征。

@@ -61,10 +60,6 @@ TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#inbound)。

 如果不为空，ALPN 不在此列表中的 TLS 回退请求将被拒绝。

-#### multiplex
-
-参阅 [多路复用](/zh/configuration/shared/multiplex#inbound)。
-
 #### transport

-V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport/)。
+V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport)。
--- a/docs/configuration/inbound/tuic.md
+++ b/docs/configuration/inbound/tuic.md
@@ -24,11 +24,11 @@

 !!! warning ""

-    QUIC, which is required by TUIC is not included by default, see [Installation](./#installation).
+    QUIC, which is required by TUIC is not included by default, see [Installation](/#installation).

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

--- a/docs/configuration/inbound/tuic.zh.md
+++ b/docs/configuration/inbound/tuic.zh.md
@@ -48,7 +48,7 @@ TUIC 用户密码

 #### congestion_control

-QUIC 拥塞控制算法
+QUIC 流量控制算法

 可选值: `cubic`, `new_reno`, `bbr`

--- a/docs/configuration/inbound/tun.md
+++ b/docs/configuration/inbound/tun.md
@@ -1,4 +1,4 @@
-!!! quote ""
+!!! error ""

    Only supported on Linux, Windows and macOS.

@@ -22,14 +22,7 @@
    "::/1",
    "8000::/1"
  ],
-  "inet4_route_exclude_address": [
-    "192.168.0.0/16"
-  ],
-  "inet6_route_exclude_address": [
-    "fc00::/7"
-  ],
  "endpoint_independent_nat": false,
-  "udp_timeout": "5m",
  "stack": "system",
  "include_interface": [
    "lan0"
@@ -103,7 +96,7 @@ The maximum transmission unit.

 Set the default route to the Tun.

-!!! quote ""
+!!! error ""

    To avoid traffic loopback, set `route.auto_detect_interface` or `route.default_interface` or `outbound.bind_interface`

@@ -137,14 +130,6 @@ Use custom routes instead of default when `auto_route` is enabled.

 Use custom routes instead of default when `auto_route` is enabled.

-#### inet4_route_exclude_address
-
-Exclude custom routes when `auto_route` is enabled.
-
-#### inet6_route_exclude_address
-
-Exclude custom routes when `auto_route` is enabled.
-
 #### endpoint_independent_nat

 !!! info ""
@@ -172,11 +157,11 @@ TCP/IP stack.

 !!! warning ""

-    gVisor and LWIP stacks is not included by default, see [Installation](./#installation).
+    gVisor and LWIP stacks is not included by default, see [Installation](/#installation).

 #### include_interface

-!!! quote ""
+!!! error ""

    Interface rules are only supported on Linux and require auto_route.

@@ -192,7 +177,7 @@ Conflict with `include_interface`.

 #### include_uid

-!!! quote ""
+!!! error ""

    UID rules are only supported on Linux and require auto_route.

@@ -212,7 +197,7 @@ Exclude users in route, but in range.

 #### include_android_user

-!!! quote ""
+!!! error ""

    Android user and package rules are only supported on Android and require auto_route.

@@ -241,4 +226,4 @@ System HTTP proxy settings.

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.
--- a/docs/configuration/inbound/tun.zh.md
+++ b/docs/configuration/inbound/tun.zh.md
@@ -1,4 +1,4 @@
-!!! quote ""
+!!! error ""

    仅支持 Linux、Windows 和 macOS。

@@ -22,14 +22,7 @@
    "::/1",
    "8000::/1"
  ],
-  "inet4_route_exclude_address": [
-    "192.168.0.0/16"
-  ],
-  "inet6_route_exclude_address": [
-    "fc00::/7"
-  ],
  "endpoint_independent_nat": false,
-  "udp_timeout": "5m",
  "stack": "system",
  "include_interface": [
    "lan0"
@@ -103,7 +96,7 @@ tun 接口的 IPv6 前缀。

 设置到 Tun 的默认路由。

-!!! quote ""
+!!! error ""

    为避免流量环回，请设置 `route.auto_detect_interface` 或 `route.default_interface` 或 `outbound.bind_interface`。

@@ -138,14 +131,6 @@ tun 接口的 IPv6 前缀。

 启用 `auto_route` 时使用自定义路由而不是默认路由。

-#### inet4_route_exclude_address
-
-启用 `auto_route` 时排除自定义路由。
-
-#### inet6_route_exclude_address
-
-启用 `auto_route` 时排除自定义路由。
-
 #### endpoint_independent_nat

 启用独立于端点的 NAT。
@@ -172,7 +157,7 @@ TCP/IP 栈。

 #### include_interface

-!!! quote ""
+!!! error ""

    接口规则仅在 Linux 下被支持，并且需要 `auto_route`。

@@ -188,7 +173,7 @@ TCP/IP 栈。

 #### include_uid

-!!! quote ""
+!!! error ""

    UID 规则仅在 Linux 下被支持，并且需要 `auto_route`。

@@ -208,7 +193,7 @@ TCP/IP 栈。

 #### include_android_user

-!!! quote ""
+!!! error ""

    Android 用户和应用规则仅在 Android 下被支持，并且需要 `auto_route`。

--- a/docs/configuration/inbound/vless.md
+++ b/docs/configuration/inbound/vless.md
@@ -15,14 +15,13 @@
    }
  ],
  "tls": {},
-  "multiplex": {},
  "transport": {}
 }
 ```

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

@@ -50,10 +49,6 @@ Available values:

 TLS configuration, see [TLS](/configuration/shared/tls/#inbound).

-#### multiplex
-
-See [Multiplex](/configuration/shared/multiplex#inbound) for details.
-
 #### transport

-V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport/).
+V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport).
--- a/docs/configuration/inbound/vless.zh.md
+++ b/docs/configuration/inbound/vless.zh.md
@@ -15,7 +15,6 @@
    }
  ],
  "tls": {},
-  "multiplex": {},
  "transport": {}
 }
 ```
@@ -50,10 +49,6 @@ VLESS 子协议。

 TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#inbound)。

-#### multiplex
-
-参阅 [多路复用](/zh/configuration/shared/multiplex#inbound)。
-
 #### transport

-V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport/)。
+V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport)。
--- a/docs/configuration/inbound/vmess.md
+++ b/docs/configuration/inbound/vmess.md
@@ -15,14 +15,13 @@
    }
  ],
  "tls": {},
-  "multiplex": {},
  "transport": {}
 }
 ```

 ### Listen Fields

-See [Listen Fields](/configuration/shared/listen/) for details.
+See [Listen Fields](/configuration/shared/listen) for details.

 ### Fields

@@ -45,10 +44,6 @@ VMess users.

 TLS configuration, see [TLS](/configuration/shared/tls/#inbound).

-#### multiplex
-
-See [Multiplex](/configuration/shared/multiplex#inbound) for details.
-
 #### transport

-V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport/).
+V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport).
--- a/docs/configuration/inbound/vmess.zh.md
+++ b/docs/configuration/inbound/vmess.zh.md
@@ -15,7 +15,6 @@
    }
  ],
  "tls": {},
-  "multiplex": {},
  "transport": {}
 }
 ```
@@ -45,10 +44,6 @@ VMess 用户。

 TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#inbound)。

-#### multiplex
-
-参阅 [多路复用](/zh/configuration/shared/multiplex#inbound)。
-
 #### transport

-V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport/)。
+V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport)。
--- a/docs/configuration/index.md
+++ b/docs/configuration/index.md
@@ -18,15 +18,15 @@ sing-box uses JSON for configuration files.

 ### Fields

-| Key            | Format                          |
-|----------------|---------------------------------|
-| `log`          | [Log](./log/)                   |
-| `dns`          | [DNS](./dns/)                   |
-| `ntp`          | [NTP](./ntp/)                   |
-| `inbounds`     | [Inbound](./inbound/)           |
-| `outbounds`    | [Outbound](./outbound/)         |
-| `route`        | [Route](./route/)               |
-| `experimental` | [Experimental](./experimental/) |
+| Key            | Format                         |
+|----------------|--------------------------------|
+| `log`          | [Log](./log)                   |
+| `dns`          | [DNS](./dns)                   |
+| `ntp`          | [NTP](./ntp)                   |
+| `inbounds`     | [Inbound](./inbound)           |
+| `outbounds`    | [Outbound](./outbound)         |
+| `route`        | [Route](./route)               |
+| `experimental` | [Experimental](./experimental) |

 ### Check

--- a/docs/configuration/index.zh.md
+++ b/docs/configuration/index.zh.md
@@ -17,14 +17,14 @@ sing-box 使用 JSON 作为配置文件格式。

 ### 字段

-| Key            | Format                 |
-|----------------|------------------------|
-| `log`          | [日志](./log/)           |
-| `dns`          | [DNS](./dns/)          |
-| `inbounds`     | [入站](./inbound/)       |
-| `outbounds`    | [出站](./outbound/)      |
-| `route`        | [路由](./route/)         |
-| `experimental` | [实验性](./experimental/) |
+| Key            | Format                |
+|----------------|-----------------------|
+| `log`          | [日志](./log)           |
+| `dns`          | [DNS](./dns)          |
+| `inbounds`     | [入站](./inbound)       |
+| `outbounds`    | [出站](./outbound)      |
+| `route`        | [路由](./route)         |
+| `experimental` | [实验性](./experimental) |

 ### 检查

--- a/docs/configuration/ntp/index.md
+++ b/docs/configuration/ntp/index.md
@@ -47,4 +47,4 @@ Time synchronization interval.

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/direct.md
+++ b/docs/configuration/outbound/direct.md
@@ -33,4 +33,4 @@ Protocol value can be `1` or `2`.

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/http.md
+++ b/docs/configuration/outbound/http.md
@@ -55,4 +55,4 @@ TLS configuration, see [TLS](/configuration/shared/tls/#outbound).

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/hysteria.md
+++ b/docs/configuration/outbound/hysteria.md
@@ -26,7 +26,7 @@

 !!! warning ""

-    QUIC, which is required by hysteria is not included by default, see [Installation](./#installation).
+    QUIC, which is required by hysteria is not included by default, see [Installation](/#installation).

 ### Fields

@@ -113,4 +113,4 @@ TLS configuration, see [TLS](/configuration/shared/tls/#outbound).

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/hysteria2.md
+++ b/docs/configuration/outbound/hysteria2.md
@@ -24,15 +24,7 @@

 !!! warning ""

-    QUIC, which is required by Hysteria2 is not included by default, see [Installation](./#installation).
-
-!!! warning "Difference from official Hysteria2"
-
-    The official Hysteria2 supports an authentication method called **userpass**,
-    which essentially uses a combination of `<username>:<password>` as the actual password,
-    while sing-box does not provide this alias.
-    If you are planning to use sing-box with the official program,
-    please note that you will need to fill the combination as the password.
+    QUIC, which is required by Hysteria2 is not included by default, see [Installation](/#installation).

 ### Fields

@@ -88,4 +80,4 @@ Enable debug information logging for Hysteria Brutal CC.

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/hysteria2.zh.md
+++ b/docs/configuration/outbound/hysteria2.zh.md
@@ -26,12 +26,6 @@

    默认安装不包含被 Hysteria2 依赖的 QUIC，参阅 [安装](/zh/#_2)。

-!!! warning "与官方 Hysteria2 的区别"
-
-    官方程序支持一种名为 **userpass** 的验证方式，
-    本质上上是将用户名与密码的组合 `<username>:<password>` 作为实际上的密码，而 sing-box 不提供此别名。
-    要将 sing-box 与官方程序一起使用， 您需要填写该组合作为实际密码。
-
 ### 字段

 #### server
@@ -50,7 +44,7 @@

 最大带宽。

-如果为空，将使用 BBR 拥塞控制算法而不是 Hysteria CC。
+如果为空，将使用 BBR 流量控制算法而不是 Hysteria CC。

 #### obfs.type

--- a/docs/configuration/outbound/index.md
+++ b/docs/configuration/outbound/index.md
@@ -15,27 +15,27 @@

 ### Fields

-| Type           | Format                          |
-|----------------|---------------------------------|
-| `direct`       | [Direct](./direct/)             |
-| `block`        | [Block](./block/)               |
-| `socks`        | [SOCKS](./socks/)               |
-| `http`         | [HTTP](./http/)                 |
-| `shadowsocks`  | [Shadowsocks](./shadowsocks/)   |
-| `vmess`        | [VMess](./vmess/)               |
-| `trojan`       | [Trojan](./trojan/)             |
-| `wireguard`    | [Wireguard](./wireguard/)       |
-| `hysteria`     | [Hysteria](./hysteria/)         |
-| `shadowsocksr` | [ShadowsocksR](./shadowsocksr/) |
-| `vless`        | [VLESS](./vless/)               |
-| `shadowtls`    | [ShadowTLS](./shadowtls/)       |
-| `tuic`         | [TUIC](./tuic/)                 |
-| `hysteria2`    | [Hysteria2](./hysteria2/)       |
-| `tor`          | [Tor](./tor/)                   |
-| `ssh`          | [SSH](./ssh/)                   |
-| `dns`          | [DNS](./dns/)                   |
-| `selector`     | [Selector](./selector/)         |
-| `urltest`      | [URLTest](./urltest/)           |
+| Type           | Format                         |
+|----------------|--------------------------------|
+| `direct`       | [Direct](./direct)             |
+| `block`        | [Block](./block)               |
+| `socks`        | [SOCKS](./socks)               |
+| `http`         | [HTTP](./http)                 |
+| `shadowsocks`  | [Shadowsocks](./shadowsocks)   |
+| `vmess`        | [VMess](./vmess)               |
+| `trojan`       | [Trojan](./trojan)             |
+| `wireguard`    | [Wireguard](./wireguard)       |
+| `hysteria`     | [Hysteria](./hysteria)         |
+| `shadowsocksr` | [ShadowsocksR](./shadowsocksr) |
+| `vless`        | [VLESS](./vless)               |
+| `shadowtls`    | [ShadowTLS](./shadowtls)       |
+| `tuic`         | [TUIC](./tuic)                 |
+| `hysteria2`    | [Hysteria2](./hysteria2)       |
+| `tor`          | [Tor](./tor)                   |
+| `ssh`          | [SSH](./ssh)                   |
+| `dns`          | [DNS](./dns)                   |
+| `selector`     | [Selector](./selector)         |
+| `urltest`      | [URLTest](./urltest)           |

 #### tag

--- a/docs/configuration/outbound/index.zh.md
+++ b/docs/configuration/outbound/index.zh.md
@@ -15,27 +15,27 @@

 ### 字段

-| 类型             | 格式                              |
-|----------------|---------------------------------|
-| `direct`       | [Direct](./direct/)             |
-| `block`        | [Block](./block/)               |
-| `socks`        | [SOCKS](./socks/)               |
-| `http`         | [HTTP](./http/)                 |
-| `shadowsocks`  | [Shadowsocks](./shadowsocks/)   |
-| `vmess`        | [VMess](./vmess/)               |
-| `trojan`       | [Trojan](./trojan/)             |
-| `wireguard`    | [Wireguard](./wireguard/)       |
-| `hysteria`     | [Hysteria](./hysteria/)         |
-| `shadowsocksr` | [ShadowsocksR](./shadowsocksr/) |
-| `vless`        | [VLESS](./vless/)               |
-| `shadowtls`    | [ShadowTLS](./shadowtls/)       |
-| `tuic`         | [TUIC](./tuic/)                 |
-| `hysteria2`    | [Hysteria2](./hysteria2/)       |
-| `tor`          | [Tor](./tor/)                   |
-| `ssh`          | [SSH](./ssh/)                   |
-| `dns`          | [DNS](./dns/)                   |
-| `selector`     | [Selector](./selector/)         |
-| `urltest`      | [URLTest](./urltest/)           |
+| 类型             | 格式                             |
+|----------------|--------------------------------|
+| `direct`       | [Direct](./direct)             |
+| `block`        | [Block](./block)               |
+| `socks`        | [SOCKS](./socks)               |
+| `http`         | [HTTP](./http)                 |
+| `shadowsocks`  | [Shadowsocks](./shadowsocks)   |
+| `vmess`        | [VMess](./vmess)               |
+| `trojan`       | [Trojan](./trojan)             |
+| `wireguard`    | [Wireguard](./wireguard)       |
+| `hysteria`     | [Hysteria](./hysteria)         |
+| `shadowsocksr` | [ShadowsocksR](./shadowsocksr) |
+| `vless`        | [VLESS](./vless)               |
+| `shadowtls`    | [ShadowTLS](./shadowtls)       |
+| `tuic`         | [TUIC](./tuic)                 |
+| `hysteria2`    | [Hysteria2](./hysteria2)       |
+| `tor`          | [Tor](./tor)                   |
+| `ssh`          | [SSH](./ssh)                   |
+| `dns`          | [DNS](./dns)                   |
+| `selector`     | [Selector](./selector)         |
+| `urltest`      | [URLTest](./urltest)           |

 #### tag

--- a/docs/configuration/outbound/selector.md
+++ b/docs/configuration/outbound/selector.md
@@ -15,7 +15,7 @@
 }
 ```

-!!! quote ""
+!!! error ""

    The selector can only be controlled through the [Clash API](/configuration/experimental#clash-api-fields) currently.

--- a/docs/configuration/outbound/selector.zh.md
+++ b/docs/configuration/outbound/selector.zh.md
@@ -15,7 +15,7 @@
 }
 ```

-!!! quote ""
+!!! error ""

    选择器目前只能通过 [Clash API](/zh/configuration/experimental#clash-api) 来控制。

--- a/docs/configuration/outbound/shadowsocks.md
+++ b/docs/configuration/outbound/shadowsocks.md
@@ -89,14 +89,14 @@ Both is enabled by default.

 UDP over TCP configuration.

-See [UDP Over TCP](/configuration/shared/udp-over-tcp/) for details.
+See [UDP Over TCP](/configuration/shared/udp-over-tcp) for details.

 Conflict with `multiplex`.

 #### multiplex

-See [Multiplex](/configuration/shared/multiplex#outbound) for details.
+Multiplex configuration, see [Multiplex](/configuration/shared/multiplex).

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/shadowsocks.zh.md
+++ b/docs/configuration/outbound/shadowsocks.zh.md
@@ -89,13 +89,13 @@ Shadowsocks SIP003 插件参数。

 UDP over TCP 配置。

-参阅 [UDP Over TCP](/zh/configuration/shared/udp-over-tcp/)。
+参阅 [UDP Over TCP](/zh/configuration/shared/udp-over-tcp)。

 与 `multiplex` 冲突。

 #### multiplex

-参阅 [多路复用](/zh/configuration/shared/multiplex#outbound)。
+多路复用配置, 参阅 [多路复用](/zh/configuration/shared/multiplex)。

 ### 拨号字段

--- a/docs/configuration/outbound/shadowsocksr.md
+++ b/docs/configuration/outbound/shadowsocksr.md
@@ -25,7 +25,7 @@

 !!! warning ""

-    ShadowsocksR is not included by default, see [Installation](./#installation).
+    ShadowsocksR is not included by default, see [Installation](/#installation).

 ### Fields

@@ -103,4 +103,4 @@ Both is enabled by default.

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/shadowtls.md
+++ b/docs/configuration/outbound/shadowtls.md
@@ -53,4 +53,4 @@ TLS configuration, see [TLS](/configuration/shared/tls/#outbound).

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/socks.md
+++ b/docs/configuration/outbound/socks.md
@@ -59,8 +59,8 @@ Both is enabled by default.

 UDP over TCP protocol settings.

-See [UDP Over TCP](/configuration/shared/udp-over-tcp/) for details.
+See [UDP Over TCP](/configuration/shared/udp-over-tcp) for details.

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/socks.zh.md
+++ b/docs/configuration/outbound/socks.zh.md
@@ -59,7 +59,7 @@ SOCKS5 密码。

 UDP over TCP 配置。

-参阅 [UDP Over TCP](/zh/configuration/shared/udp-over-tcp/)。
+参阅 [UDP Over TCP](/zh/configuration/shared/udp-over-tcp)。

 ### 拨号字段

--- a/docs/configuration/outbound/ssh.md
+++ b/docs/configuration/outbound/ssh.md
@@ -68,4 +68,4 @@ Client version. Random version will be used if empty.

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/tor.md
+++ b/docs/configuration/outbound/tor.md
@@ -18,7 +18,7 @@

 !!! info ""

-    Embedded tor is not included by default, see [Installation](./#installation).
+    Embedded tor is not included by default, see [Installation](/#installation).

 ### Fields

@@ -48,4 +48,4 @@ See [tor(1)](https://linux.die.net/man/1/tor) for details.

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/trojan.md
+++ b/docs/configuration/outbound/trojan.md
@@ -51,12 +51,12 @@ TLS configuration, see [TLS](/configuration/shared/tls/#outbound).

 #### multiplex

-See [Multiplex](/configuration/shared/multiplex#outbound) for details.
+Multiplex configuration, see [Multiplex](/configuration/shared/multiplex).

 #### transport

-V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport/).
+V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport).

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/trojan.zh.md
+++ b/docs/configuration/outbound/trojan.zh.md
@@ -51,11 +51,11 @@ TLS 配置, 参阅 [TLS](/zh/configuration/shared/tls/#outbound)。

 #### multiplex

-参阅 [多路复用](/zh/configuration/shared/multiplex#outbound)。
+多路复用配置, 参阅 [多路复用](/zh/configuration/shared/multiplex)。

 #### transport

-V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport/)。
+V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport)。

 ### 拨号字段

--- a/docs/configuration/outbound/tuic.md
+++ b/docs/configuration/outbound/tuic.md
@@ -23,7 +23,7 @@

 !!! warning ""

-    QUIC, which is required by TUIC is not included by default, see [Installation](./#installation).
+    QUIC, which is required by TUIC is not included by default, see [Installation](/#installation).

 ### Fields

@@ -72,7 +72,7 @@ Conflict with `udp_over_stream`.

 #### udp_over_stream

-This is the TUIC port of the [UDP over TCP protocol](/configuration/shared/udp-over-tcp/), designed to provide a QUIC
+This is the TUIC port of the [UDP over TCP protocol](/configuration/shared/udp-over-tcp), designed to provide a QUIC
 stream based UDP relay mode that TUIC does not provide. Since it is an add-on protocol, you will need to use sing-box or
 another program compatible with the protocol as a server.

@@ -97,4 +97,4 @@ TLS configuration, see [TLS](/configuration/shared/tls/#outbound).

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/tuic.zh.md
+++ b/docs/configuration/outbound/tuic.zh.md
@@ -51,7 +51,7 @@ TUIC 用户密码

 #### congestion_control

-QUIC 拥塞控制算法
+QUIC 流量控制算法

 可选值: `cubic`, `new_reno`, `bbr`

@@ -70,7 +70,7 @@ UDP 包中继模式

 #### udp_over_stream

-这是 TUIC 的 [UDP over TCP 协议](/configuration/shared/udp-over-tcp/) 移植， 旨在提供 TUIC 不提供的 基于 QUIC 流的 UDP 中继模式。 由于它是一个附加协议，因此您需要使用 sing-box 或其他兼容的程序作为服务器。
+这是 TUIC 的 [UDP over TCP 协议](/configuration/shared/udp-over-tcp) 移植， 旨在提供 TUIC 不提供的 基于 QUIC 流的 UDP 中继模式。 由于它是一个附加协议，因此您需要使用 sing-box 或其他兼容的程序作为服务器。

 此模式在正确的 UDP 代理场景中没有任何积极作用，仅适用于中继流式 UDP 流量（基本上是 QUIC 流）。

--- a/docs/configuration/outbound/vless.md
+++ b/docs/configuration/outbound/vless.md
@@ -12,7 +12,6 @@
  "network": "tcp",
  "tls": {},
  "packet_encoding": "",
-  "multiplex": {},
  "transport": {},

  ... // Dial Fields
@@ -69,14 +68,10 @@ UDP packet encoding, xudp is used by default.
 | packetaddr | Supported by v2ray 5+ |
 | xudp       | Supported by xray     |

-#### multiplex
-
-See [Multiplex](/configuration/shared/multiplex#outbound) for details.
-
 #### transport

-V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport/).
+V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport).

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/vless.zh.md
+++ b/docs/configuration/outbound/vless.zh.md
@@ -12,7 +12,6 @@
  "network": "tcp",
  "tls": {},
  "packet_encoding": "",
-  "multiplex": {},
  "transport": {},
  
  ... // 拨号字段
@@ -69,13 +68,9 @@ UDP 包编码，默认使用 xudp。
 | packetaddr | 由 v2ray 5+ 支持 |
 | xudp       | 由 xray 支持     |

-#### multiplex
-
-参阅 [多路复用](/zh/configuration/shared/multiplex#outbound)。
-
 #### transport

-V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport/)。
+V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport)。

 ### 拨号字段

--- a/docs/configuration/outbound/vmess.md
+++ b/docs/configuration/outbound/vmess.md
@@ -15,8 +15,8 @@
  "network": "tcp",
  "tls": {},
  "packet_encoding": "",
-  "transport": {},
  "multiplex": {},
+  "transport": {},

  ... // Dial Fields
 }
@@ -96,12 +96,12 @@ UDP packet encoding.

 #### multiplex

-See [Multiplex](/configuration/shared/multiplex#outbound) for details.
+Multiplex configuration, see [Multiplex](/configuration/shared/multiplex).

 #### transport

-V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport/).
+V2Ray Transport configuration, see [V2Ray Transport](/configuration/shared/v2ray-transport).

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/outbound/vmess.zh.md
+++ b/docs/configuration/outbound/vmess.zh.md
@@ -96,11 +96,11 @@ UDP 包编码。

 #### multiplex

-参阅 [多路复用](/zh/configuration/shared/multiplex#outbound)。
+多路复用配置, 参阅 [多路复用](/zh/configuration/shared/multiplex)。

 #### transport

-V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport/)。
+V2Ray 传输配置，参阅 [V2Ray 传输层](/zh/configuration/shared/v2ray-transport)。

 ### 拨号字段

--- a/docs/configuration/outbound/wireguard.md
+++ b/docs/configuration/outbound/wireguard.md
@@ -38,11 +38,11 @@

 !!! warning ""

-    WireGuard is not included by default, see [Installation](./#installation).
+    WireGuard is not included by default, see [Installation](/#installation).

 !!! warning ""

-    gVisor, which is required by the unprivileged WireGuard is not included by default, see [Installation](./#installation).
+    gVisor, which is required by the unprivileged WireGuard is not included by default, see [Installation](/#installation).

 ### Fields

@@ -139,4 +139,4 @@ Both is enabled by default.

 ### Dial Fields

-See [Dial Fields](/configuration/shared/dial/) for details.
+See [Dial Fields](/configuration/shared/dial) for details.
--- a/docs/configuration/route/index.md
+++ b/docs/configuration/route/index.md
@@ -19,11 +19,11 @@

 ### Fields

-| Key       | Format                        |
-|-----------|-------------------------------|
-| `geoip`   | [GeoIP](./geoip/)             |
-| `geosite` | [Geosite](./geosite/)         |
-| `rules`   | List of [Route Rule](./rule/) |
+| Key        | Format                             |
+|------------|------------------------------------|
+| `geoip`    | [GeoIP](./geoip)                   |
+| `geosite`  | [Geosite](./geosite)               |
+| `rules`    | List of [Route Rule](./rule)       |

 #### final

@@ -31,7 +31,7 @@ Default outbound tag. the first outbound will be used if empty.

 #### auto_detect_interface

-!!! quote ""
+!!! error ""

    Only supported on Linux, Windows and macOS.

@@ -41,7 +41,7 @@ Takes no effect if `outbound.bind_interface` is set.

 #### override_android_vpn

-!!! quote ""
+!!! error ""

    Only supported on Android.

@@ -49,7 +49,7 @@ Accept Android VPN as upstream NIC when `auto_detect_interface` enabled.

 #### default_interface

-!!! quote ""
+!!! error ""

    Only supported on Linux, Windows and macOS.

@@ -59,7 +59,7 @@ Takes no effect if `auto_detect_interface` is set.

 #### default_mark

-!!! quote ""
+!!! error ""

    Only supported on Linux.

--- a/Show More
+++ b/Show More