XTLS · yuhan6665 · Dec 20, 2023 · Dec 20, 2023
diff --git a/docs/document/level-2/README.md b/docs/document/level-2/README.md
@@ -24,7 +24,7 @@
 
 [通过 Xray 将特定的流量指向特定出口，实现全局路由“分流”](./redirect.md) by <img src="https://avatars.githubusercontent.com/u/28607089?s=32" width="32" height="32" alt="a"/> [@Zzz3m](https://github.com/Zzz3m)
 
-将 Xray 玩出花:基于 fwmark 或 sendThrough 方式实现“分流”。
+将 Xray 玩出花:基于 fwmark 、 sendThrough 或 sockopt.interface 方式实现“分流”。
 
 [通过 Cloudflare Warp 增强代理安全性](./warp.md) by <img src="https://avatars.githubusercontent.com/u/1588741?s=32" width="32" height="32" alt="a"/> [@yuhan6665](https://github.com/yuhan6665)
 

diff --git a/docs/document/level-2/redirect.md b/docs/document/level-2/redirect.md
@@ -11,7 +11,7 @@ title: 出站流量重定向
 之前在网络上看到许多代理或者 VPN 会接管全局路由，如果与 Xray 同时安装，会导致 Xray 失效。参考了网络上许多教程，及时分流，也是通过维护一张或者多张 CIDR
 路由表来实现的。这种情况下并不优雅，如果我想可以任意替换，实现按需分流，那有没有更好的办法呢？有！
 
-通过 fwmark 或 Xray 的 sendThrough，再简单配合路由表功能即可实现：
+通过 fwmark 或 Xray 的 sendThrough/sockopt.interface，再简单配合路由表功能即可实现：
 
 1. Xray 可设置指定的 Tag、域名等走指定接口。如果您的接口是双栈的，可以指定 IPV4 或者 IPV6
 2. 其余用户则走原 IPV4 或者 IPV6
@@ -26,98 +26,55 @@ title: 出站流量重定向
 
 原始文件：
 
-<Tabs title="if-config">
-
-<Tab title="fwmark1">
-
 ```ini
 [Interface]
-PrivateKey = xxxxxxxxxxxxxxxxxxxx
-Address = "your wg0 v4 address"
-Address = "your wg0 v6 address"
+PrivateKey = <PriKey>
+Address = <IPv4>
+Address = <IPv6>
 DNS = 8.8.8.8
 MTU = 1280
 [Peer]
-PublicKey = xxxxxxxxxxxxxxxxxxxxx
+PublicKey = <Pubkey>
 AllowedIPs = ::/0
 AllowedIPs = 0.0.0.0/0
-Endpoint = "ip:port"
+Endpoint = <EndpointIP>:<Port>
 ```
 
 在 `[Interface]` 下添加如下命令：
-
 ```ini
-Table = off
-PostUP = ip -4 rule add fwmark <mark> lookup <table>
-PostUP = ip -4 route add default dev <接口名称> table <table>
-PostUP = ip -4 rule add table main suppress_prefixlength 0
+Table = <table>
+### fwmark
+PostUP = ip rule add fwmark <mark> lookup <table>
+PostDown = ip rule del fwmark <mark> lookup <table>
 PostUP = ip -6 rule add fwmark <mark> lookup <table>
-PostUP = ip -6 rule add not fwmark <table> table <table>
-PostUP = ip -6 route add ::/0 dev <接口名称> table <table>
-PostUP = ip -6 rule add table main suppress_prefixlength 0
-PostDown = ip -4 rule delete fwmark <mark> lookup <table>
-PostDown = ip -4 rule delete table main suppress_prefixlength 0
-PostDown = ip -6 rule delete fwmark <mark> lookup <table>
-PostDown = ip -6 rule delete not fwmark <table> table <table>
-PostDown = ip -6 rule delete table main suppress_prefixlength 0
-```
-
-::: tip
-
-- 此命令表示 IPv4 中 fwmark 为 `<mark>`，IPv6 中 fwmark 为`<mark>`，::/0 全局 v6 走 WireGuard
-- 可根据自己需求增删命令，mark 值要与 Xray-core 中设置为相同，table 值自定
-- 如果不支持配置文件，可以在系统中修改路由表
-  :::
-
-</Tab>
-
-<Tab title="sendThrough1">
-
-```ini
-[Interface]
-PrivateKey = xxxxxxxxxxxxxxxxxxxx
-Address = "your wg0 v4 address"
-Address = "your wg0 v6 address"
-DNS = 8.8.8.8
-MTU = 1280
-[Peer]
-PublicKey = xxxxxxxxxxxxxxxxxxxxx
-AllowedIPs = ::/0
-AllowedIPs = 0.0.0.0/0
-Endpoint = "ip:port"
-```
-
-在 `[Interface]` 下添加如下命令：
-
-```ini
-Table = off
-PostUP = ip -4 rule add from "your wg0 v4 address" lookup <table>
-PostUP = ip -4 route add default dev wg0 table <table>
-PostUP = ip -4 rule add table main suppress_prefixlength 0
-PostUP = ip -6 rule add not fwmark <table> table <table>
-PostUP = ip -6 route add ::/0 dev wg0 table <table>
-PostUP = ip -6 rule add table main suppress_prefixlength 0
-PostDown = ip -4 rule delete from "your wg0 v4 address" lookup <table>
-PostDown = ip -4 rule delete table main suppress_prefixlength 0
-PostDown = ip -6 rule delete not fwmark <table> table <table>
-PostDown = ip -6 rule delete table main suppress_prefixlength 0
+PostDown = ip -6 rule del fwmark <mark> lookup <table>
+## sendThrough
+PreUp = ip rule add from <IPv4> lookup <table>
+PostDown = ip rule del from <IPv4> lookup <table>
+PreUp = ip -6 rule add from <IPv6> lookup <table>
+PostDown = ip -6 rule del from <IPv6> lookup <table>
+## sockopt.interface
+PreUp = ip rule add oif %i lookup <table>
+PostDown = ip rule del oif %i lookup <table>
+PreUp = ip -6 rule add oif %i lookup <table>
+PostDown = ip -6 rule del oif %i lookup <table>
 ```
-
 ::: tip
+- 此配置文件融合了 `fwmark` / `sendThrough` / `sockopt.interface`，表示
+- 送入此设备 `%i` 的连接 / 送入此 `<IPv4/6>` 的连接 / `fwmark` 被标记为 `<mark>` 的连接  
+- 将会使用 wireguard 进行转发
+- `%i` 是 wireguard 配置文件中的占位符，表示在启动时替换为这个设备的名称
+:::
 
-- 此命令表示 IPV4 中来自 `your wg0 v4 address` 地址的走 WireGuard，IPv6 中::/0 全局 v6 走 WireGuard）
-- 可根据自己需求增删命令，实现 v6 分流，也可以与 fwmark 融合
-- 如果不支持配置文件，可以在系统中修改路由表
-  :::
-
-</Tab>
-
-</Tabs>
 
 保存
 
 可顺手安装
 
+::: warning
+如果使用了 `[Interface]` 中的 `DNS` 字段，这个程序将会是必须的
+:::
+
 ```bash
 apt install openresolv
 ```
@@ -138,11 +95,7 @@ lsmod | grep wireguard
 
 ## 4、Xray-core 配置文件修改
 
-<Tabs title="xray-config">
-
-<Tab title="fwmark2">
-
-```json
+```jsonc
 {
   "api": {
     "services": [
@@ -167,108 +120,48 @@ lsmod | grep wireguard
     {
       "protocol": "freedom",
       "settings": {
-        "domainStrategy": "UseIPv6"
-        //设置默认用户走指定方式”UseIPv6”或者”UseIPv4”
+        "domainStrategy": "UseIPv4"
       }
+      //修改此处，可v4或者v6
     },
+    //            <--请在不同的方案中选择-->   方案1：fwmark
     {
       "protocol": "freedom",
       "tag": "wg0",
       "streamSettings": {
         "sockopt": {
-          "mark": <mark>
+          "mark": // <mark>
         }
       },
       "settings": {
         "domainStrategy": "UseIPv6"
       }
-      //设置fwmark为<mark>的用户走指定方式”UseIPv6””UseIPv4”
-    },
-    {
-      "protocol": "blackhole",
-      "settings": {},
-      "tag": "blocked"
-    }
-  ],
-  "policy": {
-    "system": {
-      "statsInboundDownlink": true,
-      "statsInboundUplink": true
-    }
-  },
-  "routing": {
-    "rules": [
-      {
-        "inboundTag": [
-          "api"
-        ],
-        "outboundTag": "api",
-        "type": "field"
-      },
-      {
-        "type": "field",
-        "outboundTag": "wg0",
-        "inboundTag": [
-          "<inboundTag>"
-          //需要之前在inbound中指定好Tag，我这里是api生成的,还可以添加域名等等
-        ]
-      },
-      {
-        "outboundTag": "blocked",
-        "protocol": [
-          "bittorrent"
-        ],
-        "type": "field"
-      }
-    ]
-  },
-  "stats": {}
-}
-```
-
-</Tab>
-
-<Tab title="sendThrough2">
-
-```json
-{
-  "api": {
-    "services": [
-      "HandlerService",
-      "LoggerService",
-      "StatsService"
-    ],
-    "tag": "api"
-  },
-  "inbounds": [
-    {
-      "listen": "127.0.0.1",
-      "port": <port>,
-      "protocol": "dokodemo-door",
-      "settings": {
-        "address": "127.0.0.1"
-      },
-      "tag": "api"
-    }
-  ],
-  "outbounds": [
+    }  //设置fwmark为<mark>的用户走指定方式”UseIPv6””UseIPv4”
+    //            <--请在不同的方案中选择-->   方案2：sendThrough
     {
+      "tag": "wg0",
       "protocol": "freedom",
+      "sendThrough": "your wg0 v4 address",
+      //修改此处，可v4或者v6
       "settings": {
         "domainStrategy": "UseIPv4"
       }
       //修改此处，可v4或者v6
     },
+    //            <--请在不同的方案中选择-->   方案3：sockopt.interface
     {
       "tag": "wg0",
       "protocol": "freedom",
-      "sendThrough": "your wg0 v4 address",
-      //修改此处，可v4或者v6
       "settings": {
         "domainStrategy": "UseIPv4"
+      },
+      "streamSettings": {
+        "sockopt": {
+          "interface": "wg0"
+        }
       }
-      //修改此处，可v4或者v6
     },
+    //            <--请在不同的方案中选择-->   结束
     {
       "protocol": "blackhole",
       "settings": {},
@@ -295,7 +188,7 @@ lsmod | grep wireguard
         "outboundTag": "wg0",
         "inboundTag": [
           "<inboundTag>"
-          //需要之前在 inbound 中指定好 Tag，我这里是 api 生成的,还可以添加域名等等
+          //需要之前在 inbound 中指定好 Tag，这里是 api 生成的,还可以添加域名等等
         ]
       },
       {
@@ -311,10 +204,6 @@ lsmod | grep wireguard
 }
 ```
 
-</Tab>
-
-</Tabs>
-
 ::: tip
 可以通过修改 "domainStrategy": "UseIPv6"来控制对应用户的访问方式 实测优先级要高于系统本身的 gai.config
 :::
@@ -323,6 +212,8 @@ lsmod | grep wireguard
 
 ::: tip
 需要打开系统的 ip_forward
+`sysctl -w net.ipv4.ip_forward=1`
+`sysctl -w net.ipv6.conf.all.forwarding=1`
 :::
 
 ## 6、完成 WireGuard 相关设置
@@ -342,12 +233,13 @@ systemctl start wg-quick@wg0
 
 验证 IPv4/IPv6
 
-> 自行验证 Google 搜索 myip
+> 在代理上 运行 `curl ip-api.com -4/-6` / 浏览器访问ip-api.com
 
 ## 后记
 
 本文本意是可以避免的多余的流量浪费，将路由和分流的功能交给 Xray 处理。避免了维护路由表的繁琐工作。顺便技术提升 UP。
 
 ## 感谢
 
-@Xray-core @V2ray-core @WireGuard @p3terx @w @Hiram @Luminous @Ln @JackChou
+[XTLS/Xray-core](https://github.com/XTLS/Xray-core); [v2fly/v2ray-core](https://github.com/v2fly/v2ray-core); [WireGuard](https://www.wireguard.com/); [@p3terx](https://p3terx.com/); @w; @Hiram; @Luminous; @Ln; @JackChou;
+<!--剩下几位大佬我实在找不到他们的地址或Github空间，请大家帮忙找吧-->