Feature Request: Allow Manually Skipping a Matched Route Rule and Continue Matching #3616
Description
Why
In sing-box, route rules are strictly terminal: once a rule matches, routing stops.
Current mechanisms (selector outbound or clash_mode) only allow switching outbounds or modes, but do not allow temporarily disabling a rule itself or letting traffic continue matching subsequent rules.
This makes some common routing scenarios unnecessarily complex and inflexible.
Example: SSH Rule That Should Be Temporarily Bypassable
Route Configuration (Current)
{
"outbounds": [
{
"type": "selector",
"tag": "ssh_selector",
"outbounds": ["A", "B", "ts-out", "reject"]
}
// ... some outbounds
]
}Current Behavior
- All SSH traffic always matches the first rule
- The selector can only choose a fixed outbound
- SSH traffic cannot fall through to later rules
- To “disable” the SSH rule, users must duplicate routing logic inside the selector
Desired Behavior
If a special skip / bypass outbound (or equivalent mechanism) existed:
{
"type": "bypass"
}Then the selector could expose:
{
"type": "selector",
"tag": "ssh_selector",
"outbounds": ["ssh_proxy", "bypass"]
}Behavior:
- Selecting
ssh_proxy→ SSH-specific routing - Selecting
bypass→ ignore the SSH rule and continue matching:
Use Cases
- Temporarily disabling protocol- or port-based rules
- Debugging routing behavior via clash API
- Avoiding duplicated downstream rules
- Fine-grained runtime control beyond
clash_mode
{ "route": { "rules": [ { "protocol": "ssh", "outbound": "current_selector" }, { "ip_cidr": ["A"], "outbound": "A" }, { "ip_cidr": ["B"], "outbound": "B" }, { "ip_cidr": ["/*some conditions*/"], "outbound": "ts-out" }, ] } }