new: add vpn service mode as seperated option, fix crash of wireguard in wireguard and more stable wireguard

config/admin_service_commander.go

@@ -3,6 +3,7 @@ package config
 import (
 	"fmt"
 	"io"
+	"time"
 
 	"net/http"
 	"net/url"
@@ -96,9 +97,12 @@ func runTunnelService(opt ConfigOptions) (bool, error) {
 	out, err := ExecuteCmd(executablePath, "install", false)
 	fmt.Println("Shell command executed:", out, err)
 	if err != nil {
-		out, err := ExecuteCmd(executablePath, "", true)
+		out, err = ExecuteCmd(executablePath, "", true)
 		fmt.Println("Shell command executed without flag:", out, err)
 	}
+	if err == nil {
+		<-time.After(1 * time.Second) //wait until service loaded completely
+	}
 	return startTunnelRequest(opt, false)
 }
 

config/config.go

@@ -135,44 +135,44 @@ func BuildConfig(opt ConfigOptions, input option.Options) (*option.Options, erro
 	} else {
 		inboundDomainStrategy = opt.IPv6Mode
 	}
-
+	if opt.EnableTunService {
-	if opt.EnableTun {
+		ActivateTunnelService(opt)
-		if ok, _ := ActivateTunnelService(opt); !ok {
+	} else if opt.EnableTun {
-			tunInbound := option.Inbound{
+		tunInbound := option.Inbound{
-				Type: C.TypeTun,
+			Type: C.TypeTun,
-				Tag:  InboundTUNTag,
+			Tag:  InboundTUNTag,
-				TunOptions: option.TunInboundOptions{
+			TunOptions: option.TunInboundOptions{
-					Stack:                  opt.TUNStack,
+				Stack:                  opt.TUNStack,
-					MTU:                    opt.MTU,
+				MTU:                    opt.MTU,
-					AutoRoute:              true,
+				AutoRoute:              true,
-					StrictRoute:            opt.StrictRoute,
+				StrictRoute:            opt.StrictRoute,
-					EndpointIndependentNat: true,
+				EndpointIndependentNat: true,
-					InboundOptions: option.InboundOptions{
+				InboundOptions: option.InboundOptions{
-						SniffEnabled:             true,
+					SniffEnabled:             true,
-						SniffOverrideDestination: true,
+					SniffOverrideDestination: true,
-						DomainStrategy:           inboundDomainStrategy,
+					DomainStrategy:           inboundDomainStrategy,
-					},
 				},
-			}
+			},
-			switch opt.IPv6Mode {
-			case option.DomainStrategy(dns.DomainStrategyUseIPv4):
-				tunInbound.TunOptions.Inet4Address = []netip.Prefix{
-					netip.MustParsePrefix("172.19.0.1/28"),
-				}
-			case option.DomainStrategy(dns.DomainStrategyUseIPv6):
-				tunInbound.TunOptions.Inet6Address = []netip.Prefix{
-					netip.MustParsePrefix("fdfe:dcba:9876::1/126"),
-				}
-			default:
-				tunInbound.TunOptions.Inet4Address = []netip.Prefix{
-					netip.MustParsePrefix("172.19.0.1/28"),
-				}
-				tunInbound.TunOptions.Inet6Address = []netip.Prefix{
-					netip.MustParsePrefix("fdfe:dcba:9876::1/126"),
-				}
-			}
-			options.Inbounds = append(options.Inbounds, tunInbound)
 		}
+		switch opt.IPv6Mode {
+		case option.DomainStrategy(dns.DomainStrategyUseIPv4):
+			tunInbound.TunOptions.Inet4Address = []netip.Prefix{
+				netip.MustParsePrefix("172.19.0.1/28"),
+			}
+		case option.DomainStrategy(dns.DomainStrategyUseIPv6):
+			tunInbound.TunOptions.Inet6Address = []netip.Prefix{
+				netip.MustParsePrefix("fdfe:dcba:9876::1/126"),
+			}
+		default:
+			tunInbound.TunOptions.Inet4Address = []netip.Prefix{
+				netip.MustParsePrefix("172.19.0.1/28"),
+			}
+			tunInbound.TunOptions.Inet6Address = []netip.Prefix{
+				netip.MustParsePrefix("fdfe:dcba:9876::1/126"),
+			}
+		}
+		options.Inbounds = append(options.Inbounds, tunInbound)
+
 	}
 
 	options.Inbounds = append(

config/option.go

@@ -33,13 +33,14 @@ type DNSOptions struct {
 }
 
 type InboundOptions struct {
-	EnableTun      bool   `json:"enable-tun"`
+	EnableTun        bool   `json:"enable-tun"`
-	SetSystemProxy bool   `json:"set-system-proxy"`
+	EnableTunService bool   `json:"enable-tun-service"`
-	MixedPort      uint16 `json:"mixed-port"`
+	SetSystemProxy   bool   `json:"set-system-proxy"`
-	LocalDnsPort   uint16 `json:"local-dns-port"`
+	MixedPort        uint16 `json:"mixed-port"`
-	MTU            uint32 `json:"mtu"`
+	LocalDnsPort     uint16 `json:"local-dns-port"`
-	StrictRoute    bool   `json:"strict-route"`
+	MTU              uint32 `json:"mtu"`
-	TUNStack       string `json:"tun-stack"`
+	StrictRoute      bool   `json:"strict-route"`
+	TUNStack         string `json:"tun-stack"`
 }
 
 type URLTestOptions struct {

config/outbound.go

@@ -105,17 +105,17 @@ func patchOutboundFragment(base option.Outbound, configOpt ConfigOptions, obj ou
 func isOutboundReality(base option.Outbound) bool {
 	// this function checks reality status ONLY FOR VLESS.
 	// Some other protocols can also use reality, but it's discouraged as stated in the reality document
-	isReality := false
+	if base.Type != C.TypeVLESS {
-	switch base.Type {
+		return false
-	case C.TypeVLESS:
-		if base.VLESSOptions.OutboundTLSOptionsContainer.TLS == nil {
-			return false
-		}
-		if base.VLESSOptions.OutboundTLSOptionsContainer.TLS.Reality != nil {
-			isReality = base.VLESSOptions.OutboundTLSOptionsContainer.TLS.Reality.Enabled
-		}
 	}
-	return isReality
+	if base.VLESSOptions.OutboundTLSOptionsContainer.TLS == nil {
+		return false
+	}
+	if base.VLESSOptions.OutboundTLSOptionsContainer.TLS.Reality == nil {
+		return false
+	}
+	return base.VLESSOptions.OutboundTLSOptionsContainer.TLS.Reality.Enabled
+
 }
 
 func patchOutbound(base option.Outbound, configOpt ConfigOptions) (*option.Outbound, string, error) {

custom/status.go

@@ -26,14 +26,15 @@ func propagateStatus(newStatus string) {
 }
 
 func stopAndAlert(alert string, err error) (resultErr error) {
-	defer func() {
+	defer config.DeferPanicToError("stopAndAlert", func(err error) {
-		if r := recover(); r != nil {
+		resultErr = err
-			resultErr = fmt.Errorf("panic recovered: %v", r)
+	})
-		}
+	status = Stopped
-	}()
+	message := err.Error()
+	fmt.Printf("Error: %s: %s\n", alert, message)
+	msg, _ := json.Marshal(StatusMessage{Status: status, Alert: &alert, Message: &message})
+	bridge.SendStringToPort(statusPropagationPort, string(msg))
 
-	fmt.Printf("Error: %s: %v\n", alert, err)
-	propagateStatus(Stopped)
 	config.DeactivateTunnelService()
 	if commandServer != nil {
 		commandServer.SetService(nil)

go.mod

@@ -12,7 +12,7 @@ require (
 	github.com/sagernet/sing-dns v0.1.12
 	github.com/spf13/cobra v1.8.0
 	github.com/xmdhs/clash2singbox v0.0.2
-	golang.org/x/sys v0.16.0
+	golang.org/x/sys v0.17.0
 	gopkg.in/yaml.v3 v3.0.1
 )
 
@@ -105,8 +105,8 @@ require (
 	lukechampine.com/blake3 v1.2.1 // indirect
 )
 
-replace github.com/sagernet/sing-box => github.com/hiddify/hiddify-sing-box v1.8.6-0.20240213125057-2ddd095a1429
+replace github.com/sagernet/sing-box => github.com/hiddify/hiddify-sing-box v1.8.6-0.20240214144108-11fb33cac74a
 
-replace github.com/sagernet/wireguard-go => github.com/hiddify/wireguard-go v0.0.0-20240213142816-f6785b165244
+replace github.com/sagernet/wireguard-go => github.com/hiddify/wireguard-go v0.0.0-20240214142457-fadc619f4357
 
 replace github.com/bepass-org/wireguard-go => github.com/hiddify-com/wireguard-go v0.0.2-alpha.0.20240212065415-62301f758cb7

go.sum

@@ -53,12 +53,12 @@ github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE
 github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ=
 github.com/hiddify-com/wireguard-go v0.0.2-alpha.0.20240212065415-62301f758cb7 h1:RTlGYawrP2Ir2ADQmLS7+OmRShmk1qPm69ufArXvsqI=
 github.com/hiddify-com/wireguard-go v0.0.2-alpha.0.20240212065415-62301f758cb7/go.mod h1:/ny1FvyrV7/QPClexDyYCEFQfTQn7dD/+1DfedBSwuY=
-github.com/hiddify/hiddify-sing-box v1.8.6-0.20240213125057-2ddd095a1429 h1:qv+xj+Fd41r3WZdqNzdd95rIsv2Pf2Z7LNSWWqRLEqk=
+github.com/hiddify/hiddify-sing-box v1.8.6-0.20240214144108-11fb33cac74a h1:QoA1CZRVuq9C6BpOgZHzzqiX7JoEBBoRqjLlpXGLUP4=
-github.com/hiddify/hiddify-sing-box v1.8.6-0.20240213125057-2ddd095a1429/go.mod h1:AnP54TD0EMNONIlc3uTWYT7K3PapAwalglF9TuKRiWE=
+github.com/hiddify/hiddify-sing-box v1.8.6-0.20240214144108-11fb33cac74a/go.mod h1:usnCk4Fbp/3HAJ+b7LnogPP7x4En2Kc4ujNlnDsi1Sc=
 github.com/hiddify/ray2sing v0.0.0-20240213091709-ba1d827e4f4a h1:ObxmZ8AyhIxtH2Vu+vmDAsxsbsTPGq9pJzcY0V+3BCU=
 github.com/hiddify/ray2sing v0.0.0-20240213091709-ba1d827e4f4a/go.mod h1:zYKnf7EoPqrk7JOMO9BApTXxfH0sva8AKfoFywN7uuA=
-github.com/hiddify/wireguard-go v0.0.0-20240213142816-f6785b165244 h1:R/IVg5a0FOGT/85HFj81Fn3oGXPFA5RfMHyHngkLDGk=
+github.com/hiddify/wireguard-go v0.0.0-20240214142457-fadc619f4357 h1:INJqz+o+vG0DqCKxVyAhpFrRPH3QyzbggmXsfCNd7+k=
-github.com/hiddify/wireguard-go v0.0.0-20240213142816-f6785b165244/go.mod h1:K4J7/npM+VAMUeUmTa2JaA02JmyheP0GpRBOUvn3ecc=
+github.com/hiddify/wireguard-go v0.0.0-20240214142457-fadc619f4357/go.mod h1:K4J7/npM+VAMUeUmTa2JaA02JmyheP0GpRBOUvn3ecc=
 github.com/imkira/go-observer/v2 v2.0.0-20230629064422-8e0b61f11f1b h1:1+115FqGoS8p6Iry9AYmrcWDvSveH0F7P2nX1LU00qg=
 github.com/imkira/go-observer/v2 v2.0.0-20230629064422-8e0b61f11f1b/go.mod h1:XCscqBi1KKh7GcVDDAdkT/Cf6WDjnDAA1XM3nwmA0Ag=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
@@ -255,8 +255,8 @@ golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
+golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
-golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=