Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] 少量包含在 geosite:cn 中的国内域名未能正确绕过内核 #4292

Open
6 of 7 tasks
Aethersailor opened this issue Jan 19, 2025 · 2 comments
Open
6 of 7 tasks

[Bug] 少量包含在 geosite:cn 中的国内域名未能正确绕过内核 #4292

Aethersailor opened this issue Jan 19, 2025 · 2 comments
Labels
bug Something isn't working

Comments

@Aethersailor
Copy link

Aethersailor commented Jan 19, 2025
edited
Loading

Verify Steps

  • Tracker 我已经在 Issue Tracker 中找过我要提出的问题
  • Branch 我知道 OpenClash 的 Dev 分支切换开关位于插件设置-版本更新中,或者我会手动下载并安装 Dev 分支的 OpenClash
  • Latest 我已经使用最新 Dev 版本测试过,问题依旧存在
  • Relevant 我知道 OpenClash 与 内核(Core)、控制面板(Dashboard)、在线订阅转换(Subconverter)等项目之间无直接关系,仅相互调用
  • Definite 这确实是 OpenClash 出现的问题
  • Contributors 我有能力协助 OpenClash 开发并解决此问题
  • Meaningless 我提交的是无意义的催促更新或修复请求

OpenClash Version

v0.46.066

Bug on Environment

Immortalwrt

OpenWrt Version

Immortal SNAPTSHOT r33000-272391c84f

Bug on Platform

Linux-amd64(x86-64)

Describe the Bug

在启用了绕过大陆的情况下,少量包含在 geosite:cn 中的域名未能正确绕过内核
查看了 geosite 的仓库,确认这些域名是包含在 geosite:cn 中的,并且已经更新过 GeoSite 数据库确认是最新版,但是它们依然进入了内核

比如小红书的相关域名:

xiaohongshu.com
xhscdn.com

在客户机上 nslookup 相关域名,比如 live-mall.xiaohongshu.com ,返回的也是是正确的国内 IP 61.241.62.225

但是在 dashboard 中可以看到 live-mall.xiaohongshu.com 进入了内核,并且以 61.241.62.225 这个 IP 走节点进行了连接

因为依赖绕过大陆功能,我的规则里就没有设置任何国内白名单的规则,这直接导致了这些国内域名进入内核并走了节点

我查阅了 Clang 的国内 IP 白名单,确实没有 61.241.62.225 符合的 IP 段,是否是这个原因导致的?

查阅了 Clang 的大陆IP段更新,发现大陆IP段中有 61.240.0.0/14 这个 IP 段,已经包含了 61.241.62.225 地址,也就是说 live-mall.xiaohongshu.com 这个域名的解析 IP 应该是包含在 大陆白名单中的,所以是否确实是绕过大陆功能不正常?

另外想问一下,绕过大陆功能是依托 IP 白名单还是域名白名单实现的?

我之前一直以为是域名白名单,因为我曾经把几个漏网的国内 .com域名 PR 到 geosite:cn ,然后它们在 openclash 里就变成绕过内核了,不知道是否是巧合

OpenClash 调试日志

生成时间: 2025-01-19 17:00:07
插件版本: 0.46.066
隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息


#===================== 系统信息 =====================#

主机型号: QEMU Standard PC (Q35 + ICH9, 2009)
固件版本: ImmortalWrt SNAPSHOT r33000-272391c84f
LuCI版本: 24.297.79519
内核版本: 6.6.71
处理器架构: x86_64

#此项有值时,如不使用IPv6,建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: 

DNS劫持: Dnsmasq 转发
#DNS劫持为Dnsmasq时,此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.*.*#7874

#===================== 依赖检查 =====================#

dnsmasq-full: 已安装
dnsmasq-full(ipset): 未安装
dnsmasq-full(nftset): 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
ca-certificates: 已安装
ipset: 未安装
ip-full: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
ruby-psych: 已安装
ruby-pstore: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci >= 19.07): 已安装
kmod-inet-diag(PROCESS-NAME): 已安装
unzip: 已安装
kmod-nft-tproxy: 已安装

#===================== 内核检查 =====================#

运行状态: 运行中
运行内核:Meta
进程pid: 16519
运行权限: 16519: cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_ptrace,cap_sys_admin,cap_sys_resource=eip
运行用户: nobody
已选择的架构: linux-amd64

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限

Meta内核版本: alpha-g192d769
Meta内核文件: 存在
Meta内核运行权限: 正常

#===================== 插件设置 =====================#

当前配置文件: /etc/openclash/config/SSRDOG.yaml
启动配置文件: /etc/openclash/SSRDOG.yaml
运行模式: fake-ip
默认代理模式: rule
UDP流量转发(tproxy): 启用
自定义DNS: 启用
IPV6代理: 启用
IPV6-DNS解析: 启用
禁用Dnsmasq缓存: 启用
自定义规则: 停用
仅允许内网: 启用
仅代理命中规则流量: 停用
仅允许常用端口流量: 停用
绕过中国大陆IP: 启用
路由本机代理: 启用

#启动异常时建议关闭此项后重试
混合节点: 停用
保留配置: 停用

#启动异常时建议关闭此项后重试
第三方规则: 停用

#===================== 配置文件 =====================#

port: 7890
socks-port: 7891
allow-lan: true
mode: rule
log-level: warning
external-controller: 0.0.*.*:9090
proxy-groups:
- name: "\U0001F680 节点选择"
  type: select
  proxies:
  - "\U0001F1ED\U0001F1F0 香港节点"
================================
proxie 部分删除一些 log 内容以限制字数
========================
rules:
- "RULE-SET,Lan,\U0001F3AF 全球直连"
- "RULE-SET,Custom_Direct,\U0001F3AF 全球直连"
- "RULE-SET,Custom_Proxy,\U0001F680 节点选择"
- "RULE-SET,Direct,\U0001F3AF 全球直连"
- "GEOSITE,google-cn,\U0001F3AF 全球直连"
- "RULE-SET,GoogleCNProxyIP,\U0001F680 节点选择"
- "GEOSITE,steam@cn,\U0001F3AF 全球直连"
- "RULE-SET,Steam_CDN,\U0001F3AF 全球直连"
- "GEOSITE,category-public-tracker,\U0001F3AF 全球直连"
- "RULE-SET,Telegram,\U0001F4F2 Telegram"
- "GEOSITE,twitter,\U0001F54A️ Twitter(X)"
- "GEOIP,twitter,\U0001F54A️ Twitter(X),no-resolve"
- "GEOSITE,openai,\U0001F4AC ChatGPT"
- "RULE-SET,Copilot,\U0001F4AC Copilot"
- "RULE-SET,Claude,\U0001F916 AI服务"
- "RULE-SET,Gemini,\U0001F916 AI服务"
- "GEOSITE,github,\U0001F680 GitHub"
- "RULE-SET,Speedtest,\U0001F680 测速工具"
- "RULE-SET,YouTube,\U0001F4F9 YouTube"
- "RULE-SET,AppleTV,\U0001F3A5 AppleTV+"
- "RULE-SET,Apple,\U0001F34E 苹果服务"
- RULE-SET,Microsoft,Ⓜ️ 微软服务
- "RULE-SET,XiaoMi,\U0001F3AF 全球直连"
- "RULE-SET,GoogleFCM,\U0001F4E2 谷歌FCM"
- "RULE-SET,Google,\U0001F1EC 谷歌服务"
- "RULE-SET,TikTok,\U0001F3B6 TikTok"
- "RULE-SET,Netflix,\U0001F3A5 Netflix"
- "RULE-SET,Disney,\U0001F3A5 DisneyPlus"
- "RULE-SET,HBO,\U0001F3A5 HBO"
- "RULE-SET,HBO_fix,\U0001F3A5 HBO"
- "RULE-SET,AmazonPrimeVideo,\U0001F3A5 PrimeVideo"
- "RULE-SET,Emby,\U0001F3A5 Emby"
- "RULE-SET,Emby 2,\U0001F3A5 Emby"
- "RULE-SET,Spotify,\U0001F3BB Spotify"
- "RULE-SET,Bahamut,\U0001F4FA Bahamut"
- "RULE-SET,NetEaseMusic,\U0001F3B6 网易音乐"
- "RULE-SET,ChinaMedia,\U0001F4FA 国内媒体"
- "RULE-SET,IPTVMainland_Domain,\U0001F3AF 全球直连"
- "RULE-SET,GlobalMedia,\U0001F30E 国外媒体"
- "RULE-SET,Amazon,\U0001F6D2 国外电商"
- "RULE-SET,AmazonIP,\U0001F6D2 国外电商"
- "RULE-SET,Shopee,\U0001F6D2 国外电商"
- "RULE-SET,Shopify,\U0001F6D2 国外电商"
- "RULE-SET,Ozon,\U0001F6D2 国外电商"
- "RULE-SET,Epic,\U0001F3AE 游戏平台"
- "RULE-SET,EA,\U0001F3AE 游戏平台"
- "RULE-SET,Blizzard,\U0001F3AE 游戏平台"
- "RULE-SET,UBI,\U0001F3AE 游戏平台"
- "RULE-SET,Sony,\U0001F3AE 游戏平台"
- "RULE-SET,Nintendo,\U0001F3AE 游戏平台"
- "RULE-SET,Steam,\U0001F3AE Steam"
- "GEOSITE,gfw,\U0001F680 节点选择"
- "RULE-SET,Download,\U0001F3AF 全球直连"
- "MATCH,\U0001F41F 漏网之鱼"
rule-providers:
  Lan:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvTGFuL0xhbi5saXN0
    path: "./rule_provider/9401948601677142039.yaml"
    interval: 28800
  Custom_Direct:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL0FldGhlcnNhaWxvci9DdXN0b21fT3BlbkNsYXNoX1J1bGVzL21haW4vcnVsZS9DdXN0b21fRGlyZWN0Lmxpc3Q
    path: "./rule_provider/94608693364136545.yaml"
    interval: 28800
  Custom_Proxy:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL0FldGhlcnNhaWxvci9DdXN0b21fT3BlbkNsYXNoX1J1bGVzL21haW4vcnVsZS9DdXN0b21fUHJveHkubGlzdA
    path: "./rule_provider/11532607615572720494.yaml"
    interval: 28800
  Direct:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvRGlyZWN0L0RpcmVjdC5saXN0
    path: "./rule_provider/1048808019109435123.yaml"
    interval: 28800
  GoogleCNProxyIP:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL0FDTDRTU1IvQUNMNFNTUi9tYXN0ZXIvQ2xhc2gvUnVsZXNldC9Hb29nbGVDTlByb3h5SVAubGlzdA
    path: "./rule_provider/12759974598110499818.yaml"
    interval: 28800
  Steam_CDN:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL0FldGhlcnNhaWxvci9DdXN0b21fT3BlbkNsYXNoX1J1bGVzL21haW4vcnVsZS9TdGVhbV9DRE4ubGlzdA
    path: "./rule_provider/6925027361392278574.yaml"
    interval: 28800
  Telegram:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvVGVsZWdyYW0vVGVsZWdyYW0ubGlzdA
    path: "./rule_provider/8763765701616688047.yaml"
    interval: 28800
 =========== =========== ===========
rule-providers 部分删除一些内容以限制字数上传log
 =========== =========== ===========
    Emby:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvRW1ieS9FbWJ5Lmxpc3Q
    path: "./rule_provider/12024386628588064343.yaml"
    interval: 28800
  Emby 2:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2RkZ2tzZjIwMTMvRmlsdGVyL3JlZnMvaGVhZHMvbWFzdGVyL0VtYnkubGlzdA
    path: "./rule_provider/2248617951402953677.yaml"
    interval: 28800
  Spotify:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvU3BvdGlmeS9TcG90aWZ5Lmxpc3Q
    path: "./rule_provider/13462290515673366775.yaml"
    interval: 28800
  Bahamut:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvQmFoYW11dC9CYWhhbXV0Lmxpc3Q
    path: "./rule_provider/12071864552813270467.yaml"
    interval: 28800
  NetEaseMusic:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvTmV0RWFzZU11c2ljL05ldEVhc2VNdXNpYy5saXN0
    path: "./rule_provider/7773805212442354589.yaml"
    interval: 28800
  ChinaMedia:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvQ2hpbmFNZWRpYS9DaGluYU1lZGlhLmxpc3Q
    path: "./rule_provider/18101706129262512987.yaml"
    interval: 28800
  IPTVMainland_Domain:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL0FldGhlcnNhaWxvci9DdXN0b21fT3BlbkNsYXNoX1J1bGVzL3JlZnMvaGVhZHMvbWFpbi9ydWxlL0lQVFZNYWlubGFuZF9Eb21haW4ubGlzdA
    path: "./rule_provider/17087313226651063203.yaml"
    interval: 28800
  GlobalMedia:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvR2xvYmFsTWVkaWEvR2xvYmFsTWVkaWEubGlzdA
    path: "./rule_provider/9279318162381383219.yaml"
    interval: 28800
  Amazon:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvcmVmcy9oZWFkcy9tYXN0ZXIvcnVsZS9DbGFzaC9BbWF6b24vQW1hem9uLmxpc3Q
    path: "./rule_provider/392316112920124854.yaml"
    interval: 28800
  AmazonIP:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvcmVmcy9oZWFkcy9tYXN0ZXIvcnVsZS9DbGFzaC9BbWF6b25JUC9BbWF6b25JUC5saXN0
    path: "./rule_provider/10241881168195757108.yaml"
    interval: 28800
  Shopee:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvcmVmcy9oZWFkcy9tYXN0ZXIvcnVsZS9DbGFzaC9TaG9wZWUvU2hvcGVlLmxpc3Q
    path: "./rule_provider/2628556608490288870.yaml"
    interval: 28800
  Shopify:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvU2hvcGlmeS9TaG9waWZ5Lmxpc3Q
    path: "./rule_provider/15525096766413385055.yaml"
    interval: 28800
  Ozon:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL0FldGhlcnNhaWxvci9DdXN0b21fT3BlbkNsYXNoX1J1bGVzL3JlZnMvaGVhZHMvbWFpbi9ydWxlL096b24ubGlzdA
    path: "./rule_provider/10302223088878387261.yaml"
    interval: 28800
  Epic:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvRXBpYy9FcGljLmxpc3Q
    path: "./rule_provider/5478853650699016743.yaml"
    interval: 28800
  EA:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvRUEvRUEubGlzdA
    path: "./rule_provider/18162432268889344017.yaml"
    interval: 28800
  Blizzard:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvQmxpenphcmQvQmxpenphcmQubGlzdA
    path: "./rule_provider/16140619188728807917.yaml"
    interval: 28800
  UBI:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvVUJJL1VCSS5saXN0
    path: "./rule_provider/15956359626704498479.yaml"
    interval: 28800
  Sony:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvU29ueS9Tb255Lmxpc3Q
    path: "./rule_provider/13186452159847296983.yaml"
    interval: 28800
  Nintendo:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvTmludGVuZG8vTmludGVuZG8ubGlzdA
    path: "./rule_provider/11899183974128626507.yaml"
    interval: 28800
  Steam:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvU3RlYW0vU3RlYW0ubGlzdA
    path: "./rule_provider/1138546289778508491.yaml"
    interval: 28800
  Download:
    type: http
    behavior: classical
    url: https://api.kit327.com/getruleset?type=6&url=aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2JsYWNrbWF0cml4Ny9pb3NfcnVsZV9zY3JpcHQvbWFzdGVyL3J1bGUvQ2xhc2gvRG93bmxvYWQvRG93bmxvYWQubGlzdA
    path: "./rule_provider/15233010431358050261.yaml"
    interval: 28800
dns:
  enable: true
  ipv6: true
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.*.*/16
  listen: 0.0.*.*:7874
  fake-ip-filter-mode: blacklist
  nameserver:
  - 58.240.*.*
  - 221.6.*.*
  fake-ip-filter:
  - "*.lan"
  - "*.localdomain"
  - "*.example"
  - "*.invalid"
  - "*.localhost"
  - "*.test"
  - "*.local"
  - "*.home.arpa"
  - time.*.com
  - time.*.gov
  - time.*.edu.cn
  - time.*.apple.com
  - time-ios.apple.com
  - time1.*.com
  - time2.*.com
  - time3.*.com
  - time4.*.com
  - time5.*.com
  - time6.*.com
  - time7.*.com
  - ntp.*.com
  - ntp1.*.com
  - ntp2.*.com
  - ntp3.*.com
  - ntp4.*.com
  - ntp5.*.com
  - ntp6.*.com
  - ntp7.*.com
  - "*.time.edu.cn"
  - "*.ntp.org.cn"
  - "+.pool.ntp.org"
  - time1.cloud.tencent.com
  - music.163.com
  - "*.music.163.com"
  - "*.126.net"
  - musicapi.taihe.com
  - music.taihe.com
  - songsearch.kugou.com
  - trackercdn.kugou.com
  - "*.kuwo.cn"
  - api-jooxtt.sanook.com
  - api.joox.com
  - joox.com
  - y.qq.com
  - "*.y.qq.com"
  - streamoc.music.tc.qq.com
  - mobileoc.music.tc.qq.com
  - isure.stream.qqmusic.qq.com
  - dl.stream.qqmusic.qq.com
  - aqqmusic.tc.qq.com
  - amobile.music.tc.qq.com
  - "*.xiami.com"
  - "*.music.migu.cn"
  - music.migu.cn
  - "+.msftconnecttest.com"
  - "+.msftncsi.com"
  - localhost.ptlogin2.qq.com
  - localhost.sec.qq.com
  - "+.qq.com"
  - "+.tencent.com"
  - "+.srv.nintendo.net"
  - "*.n.n.srv.nintendo.net"
  - "+.cdn.nintendo.net"
  - "+.stun.playstation.net"
  - xbox.*.*.microsoft.com
  - "*.*.xboxlive.com"
  - xbox.*.microsoft.com
  - xnotify.xboxlive.com
  - "+.battlenet.com.cn"
  - "+.wotgame.cn"
  - "+.wggames.cn"
  - "+.wowsgame.cn"
  - "+.wargaming.net"
  - proxy.golang.org
  - stun.*.*
  - stun.*.*.*
  - "+.stun.*.*"
  - "+.stun.*.*.*"
  - "+.stun.*.*.*.*"
  - "+.stun.*.*.*.*.*"
  - heartbeat.belkin.com
  - "*.linksys.com"
  - "*.linksyssmartwifi.com"
  - "*.router.asus.com"
  - mesu.apple.com
  - swscan.apple.com
  - swquery.apple.com
  - swdownload.apple.com
  - swcdn.apple.com
  - swdist.apple.com
  - lens.l.google.com
  - stun.l.google.com
  - na.b.g-tun.com
  - "+.nflxvideo.net"
  - "*.square-enix.com"
  - "*.finalfantasyxiv.com"
  - "*.ffxiv.com"
  - "*.ff14.sdo.com"
  - ff.dorado.sdo.com
  - "*.mcdn.bilivideo.cn"
  - "+.media.dssott.com"
  - shark007.net
  - Mijia Cloud
  - "+.cmbchina.com"
  - "+.cmbimg.com"
  - local.adguard.org
  - "+.sandai.net"
  - "+.n0808.com"
  - "+.uu.163.com"
  - ps.res.netease.com
  - "+.pub.3gppnetwork.org"
  - geosite:category-games
  - "+.services.googleapis.cn"
  - "+.googleapis.cn"
  - "+.xn--ngstr-lra8j.com"
  - geosite:cn
redir-port: 7892
tproxy-port: 7895
mixed-port: 7893
bind-address: "*"
external-ui: "/usr/share/openclash/ui"
keep-alive-interval: 15
keep-alive-idle: 600
ipv6: true
geodata-mode: true
tcp-concurrent: true
unified-delay: true
sniffer:
  enable: true
  parse-pure-ip: true
  force-dns-mapping: true
  override-destination: false
  sniff:
    QUIC:
      ports:
      - 443
    TLS:
      ports:
      - 443
      - 8443
    HTTP:
      ports:
      - 80
      - 8080-8880
      override-destination: true
  force-domain:
  - "+.netflix.com"
  - "+.nflxvideo.net"
  - "+.amazonaws.com"
  - "+.media.dssott.com"
  skip-domain:
  - "+.apple.com"
  - Mijia Cloud
  - dlg.io.mi.com
  - "+.oray.com"
  - "+.sunlogin.net"
  - "+.push.apple.com"
profile:
  store-selected: true
  store-fake-ip: true
routing-mark: 6666

#===================== 自定义覆写设置 =====================#

#!/bin/sh
. /usr/share/openclash/ruby.sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom overwrite scripts here, they will be take effict after the OpenClash own srcipts

LOG_OUT "Tip: Start Running Custom Overwrite Scripts..."
LOGTIME=$(echo $(date "+%Y-%m-%d %H:%M:%S"))
LOG_FILE="/tmp/openclash.log"
#Config Path
CONFIG_FILE="$1"

    #Simple Demo:
    #Key Overwrite Demo
    #1--config path
    #2--key name
    #3--value
    #ruby_edit "$CONFIG_FILE" "['redir-port']" "7892"
    #ruby_edit "$CONFIG_FILE" "['secret']" "123456"
    #ruby_edit "$CONFIG_FILE" "['dns']['enable']" "true"
    #ruby_edit "$CONFIG_FILE" "['dns']['proxy-server-nameserver']" "['https://doh.pub/dns-query','https://223.5.*.*:443/dns-query']"

    #Hash Overwrite Demo
    #1--config path
    #2--key name
    #3--hash type value
    #ruby_edit "$CONFIG_FILE" "['dns']['nameserver-policy']" "{'+.msftconnecttest.com'=>'114.114.*.*', '+.msftncsi.com'=>'114.114.*.*', 'geosite:gfw'=>['https://dns.cloudflare.com/dns-query', 'https://dns.google/dns-query#ecs=1.1.*.*/24&ecs-override=true'], 'geosite:cn'=>['114.114.*.*'], 'geosite:geolocation-!cn'=>['https://dns.cloudflare.com/dns-query', 'https://dns.google/dns-query#ecs=1.1.*.*/24&ecs-override=true']}"
    #ruby_edit "$CONFIG_FILE" "['sniffer']" "{'enable'=>true, 'parse-pure-ip'=>true, 'force-domain'=>['+.netflix.com', '+.nflxvideo.net', '+.amazonaws.com', '+.media.dssott.com'], 'skip-domain'=>['+.apple.com', 'Mijia Cloud', 'dlg.io.mi.com', '+.oray.com', '+.sunlogin.net'], 'sniff'=>{'TLS'=>nil, 'HTTP'=>{'ports'=>[80, '8080-8880'], 'override-destination'=>true}}}"

    #Hash Merge Demo
    #1--config path
    #2--key name
    #3--hash
    #ruby_merge_hash "$CONFIG_FILE" "['proxy-providers']" "'TW'=>{'type'=>'http', 'path'=>'./proxy_provider/TW.yaml', 'url'=>'https://gist.githubusercontent.com/raw/tw_clash', 'interval'=>3600, 'health-check'=>{'enable'=>true, 'url'=>'http://cp.cloudflare.com/generate_204', 'interval'=>300}}"
    #ruby_merge_hash "$CONFIG_FILE" "['rule-providers']" "'Reject'=>{'type'=>'http', 'behavior'=>'classical', 'url'=>'https://testingcf.jsdelivr.net/gh/dler-io/Rules@main/Clash/Provider/Reject.yaml', 'path'=>'./rule_provider/Reject', 'interval'=>86400}"

    #Array Insert Value Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value
    #ruby_arr_insert "$CONFIG_FILE" "['dns']['nameserver']" "0" "114.114.*.*"

    #Array Insert Hash Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--hash
    #ruby_arr_insert_hash "$CONFIG_FILE" "['proxy-groups']" "0" "{'name'=>'Disney', 'type'=>'select', 'disable-udp'=>false, 'use'=>['TW', 'SG', 'HK']}"
    #ruby_arr_insert_hash "$CONFIG_FILE" "['proxies']" "0" "{'name'=>'HKG 01', 'type'=>'ss', 'server'=>'cc.hd.abc', 'port'=>'12345', 'cipher'=>'aes-128-gcm', 'password'=>'123456', 'udp'=>true, 'plugin'=>'obfs', 'plugin-opts'=>{'mode'=>'http', 'host'=>'microsoft.com'}}"
    #ruby_arr_insert_hash "$CONFIG_FILE" "['listeners']" "0" "{'name'=>'name', 'type'=>'shadowsocks', 'port'=>'12345', 'listen'=>'0.0.*.*', 'rule'=>'sub-rule-1', 'proxy'=>'proxy'}"

    #Array Insert Other Array Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--array
    #ruby_arr_insert_arr "$CONFIG_FILE" "['dns']['proxy-server-nameserver']" "0" "['https://doh.pub/dns-query','https://223.5.*.*:443/dns-query']"

    #Array Insert From Yaml File Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value file path
    #5--value key name in #4 file
    #ruby_arr_add_file "$CONFIG_FILE" "['dns']['fallback-filter']['ipcidr']" "0" "/etc/openclash/custom/openclash_custom_fallback_filter.yaml" "['fallback-filter']['ipcidr']"

    #Delete Array Value Demo:
    #1--config path
    #2--key name
    #3--value
    #ruby_delete "$CONFIG_FILE" "['dns']['nameserver']" "114.114.*.*"

    #Delete Key Demo:
    #1--config path
    #2--key name
    #3--key name
    #ruby_delete "$CONFIG_FILE" "['dns']" "nameserver"
    #ruby_delete "$CONFIG_FILE" "" "dns"

    #Ruby Script Demo:
    #ruby -ryaml -rYAML -I "/usr/share/openclash" -E UTF-8 -e "
    #   begin
    #      Value = YAML.load_file('$CONFIG_FILE');
    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Load File Failed,【' + e.message + '】';
    #   end;

        #General
    #   begin
    #   Thread.new{
    #      Value['redir-port']=7892;
    #      Value['tproxy-port']=7895;
    #      Value['port']=7890;
    #      Value['socks-port']=7891;
    #      Value['mixed-port']=7893;
    #   }.join;

    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Set General Failed,【' + e.message + '】';
    #   ensure
    #      File.open('$CONFIG_FILE','w') {|f| YAML.dump(Value, f)};
    #   end" 2>/dev/null >> $LOG_FILE

exit 0
#===================== 自定义防火墙设置 =====================#

#!/bin/sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom firewall rules here, they will be added after the end of the OpenClash iptables rules

LOG_OUT "Tip: Start Add Custom Firewall Rules..."

exit 0
#===================== IPTABLES 防火墙设置 =====================#

#IPv4 NAT chain


#IPv4 Mangle chain


#IPv4 Filter chain


#IPv6 NAT chain


#IPv6 Mangle chain


#IPv6 Filter chain


#===================== NFTABLES 防火墙设置 =====================#

table inet fw4 {
	chain input {
		type filter hook input priority filter; policy drop;
		iifname "pppoe-wan" ip6 saddr != @localnetwork6 counter packets 718 bytes 120905 jump openclash_wan6_input
		udp dport 443 ip6 daddr != @china_ip6_route counter packets 0 bytes 0 reject with icmpv6 port-unreachable comment "OpenClash QUIC REJECT"
		udp dport 443 ip daddr != @china_ip_route counter packets 11 bytes 14358 reject with icmp port-unreachable comment "OpenClash QUIC REJECT"
		iifname "pppoe-wan" ip saddr != @localnetwork counter packets 3940 bytes 1123997 jump openclash_wan_input
		iif "lo" accept comment "!fw4: Accept traffic from loopback"
		ct state vmap { established : accept, related : accept } comment "!fw4: Handle inbound flows"
		tcp flags & (fin | syn | rst | ack) == syn jump syn_flood comment "!fw4: Rate limit TCP syn packets"
		iifname "br-lan" jump input_lan comment "!fw4: Handle lan IPv4/IPv6 input traffic"
		iifname "pppoe-wan" jump input_wan comment "!fw4: Handle wan IPv4/IPv6 input traffic"
		jump handle_reject
	}
}
table inet fw4 {
	chain forward {
		type filter hook forward priority filter; policy drop;
		meta l4proto { tcp, udp } flow add @ft
		ct state vmap { established : accept, related : accept } comment "!fw4: Handle forwarded flows"
		iifname "br-lan" jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic"
		iifname "pppoe-wan" jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic"
		jump upnp_forward comment "Hook into miniupnpd forwarding chain"
		jump handle_reject
	}
}
table inet fw4 {
	chain dstnat {
		type nat hook prerouting priority dstnat; policy accept;
		udp dport 53 counter packets 665 bytes 44521 redirect to :53 comment "OpenClash DNS Hijack"
		tcp dport 53 counter packets 0 bytes 0 redirect to :53 comment "OpenClash DNS Hijack"
		iifname "br-lan" jump dstnat_lan comment "!fw4: Handle lan IPv4/IPv6 dstnat traffic"
		iifname "pppoe-wan" jump dstnat_wan comment "!fw4: Handle wan IPv4/IPv6 dstnat traffic"
		jump upnp_prerouting comment "Hook into miniupnpd prerouting chain"
		ip protocol tcp counter packets 615 bytes 33904 jump openclash
	}
}
table inet fw4 {
	chain srcnat {
		type nat hook postrouting priority srcnat; policy accept;
		oifname "br-lan" jump srcnat_lan comment "!fw4: Handle lan IPv4/IPv6 srcnat traffic"
		oifname "pppoe-wan" jump srcnat_wan comment "!fw4: Handle wan IPv4/IPv6 srcnat traffic"
		jump upnp_postrouting comment "Hook into miniupnpd postrouting chain"
	}
}
table inet fw4 {
	chain nat_output {
		type nat hook output priority filter - 1; policy accept;
		meta skuid != 65534 udp dport 53 ip daddr 127.0.*.* counter packets 24 bytes 1677 redirect to :53 comment "OpenClash DNS Hijack"
		meta skuid != 65534 tcp dport 53 ip daddr 127.0.*.* counter packets 0 bytes 0 redirect to :53 comment "OpenClash DNS Hijack"
		ip protocol tcp counter packets 1031 bytes 61860 jump openclash_output
		meta nfproto ipv6 counter packets 37 bytes 3010 jump openclash_output_v6
	}
}
table inet fw4 {
	chain mangle_prerouting {
		type filter hook prerouting priority mangle; policy accept;
		ip protocol udp counter packets 8503 bytes 1087508 jump openclash_mangle
		meta nfproto ipv6 counter packets 1871 bytes 247908 jump openclash_mangle_v6
	}
}
table inet fw4 {
	chain mangle_output {
		type route hook output priority mangle; policy accept;
	}
}
table inet fw4 {
	chain openclash {
		meta nfproto ipv4 tcp sport 1688 counter packets 0 bytes 0 return
		ip daddr @localnetwork counter packets 131 bytes 6512 return
		ip protocol tcp ip daddr 198.18.*.*/16 counter packets 57 bytes 3360 redirect to :7892
		ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 193 bytes 11028 return
		ip protocol tcp counter packets 234 bytes 13004 redirect to :7892
	}
}
table inet fw4 {
	chain openclash_mangle {
		meta nfproto ipv4 udp sport 500 counter packets 0 bytes 0 return
		meta nfproto ipv4 udp sport 68 counter packets 2 bytes 672 return
		ip saddr 192.168.*.* udp sport 7001 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* udp sport 7000 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* udp sport 8443 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* udp sport 88 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* udp sport 21116 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* udp sport 3389 counter packets 0 bytes 0 return
		meta l4proto udp iifname "lo" counter packets 5122 bytes 571103 return
		ip daddr @localnetwork counter packets 3162 bytes 475181 return
		udp dport 53 counter packets 22 bytes 1465 return
		meta l4proto udp ip daddr 198.18.*.*/16 meta mark set 0x00000162 tproxy ip to 127.0.*.*:7895 counter packets 2 bytes 2756 accept
		ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 130 bytes 13842 return
		ip protocol udp counter packets 63 bytes 22489 jump openclash_upnp
		meta l4proto udp meta mark set 0x00000162 tproxy ip to 127.0.*.*:7895 counter packets 62 bytes 21111 accept
	}
}
table inet fw4 {
	chain openclash_output {
		meta nfproto ipv4 tcp sport 1688 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 7001 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 7000 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 8443 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 88 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 21117 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 21116 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 21115 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 23333 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 3389 counter packets 0 bytes 0 return
		ip daddr @localnetwork counter packets 715 bytes 42900 return
		ip protocol tcp ip daddr 198.18.*.*/16 meta skuid != 65534 counter packets 2 bytes 120 redirect to :7892
		meta skuid != 65534 ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 5 bytes 300 return
		ip protocol tcp meta skuid != 65534 counter packets 0 bytes 0 redirect to :7892
	}
}
table inet fw4 {
	chain openclash_wan_input {
		udp dport { 7874, 7890, 7891, 7892, 7893, 7895, 9090 } counter packets 0 bytes 0 reject
		tcp dport { 7874, 7890, 7891, 7892, 7893, 7895, 9090 } counter packets 0 bytes 0 reject
	}
}
table inet fw4 {
	chain openclash_mangle_v6 {
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx tcp sport 21117 counter packets 0 bytes 0 return
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx udp sport 21116 counter packets 0 bytes 0 return
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx tcp sport 21116 counter packets 0 bytes 0 return
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx tcp sport 21115 counter packets 0 bytes 0 return
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx udp sport 7002 counter packets 0 bytes 0 return
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx udp sport 7001 counter packets 0 bytes 0 return
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx tcp sport 7000 counter packets 0 bytes 0 return
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx tcp sport 23333 counter packets 0 bytes 0 return
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx udp sport 8443 counter packets 0 bytes 0 return
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx tcp sport 8443 counter packets 0 bytes 0 return
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx udp sport 88 counter packets 0 bytes 0 return
		ip6 saddr & ::*:*:*:ffff == ::b08f:ecff:fe1b:xxxx tcp sport 88 counter packets 0 bytes 0 return
		meta nfproto ipv6 tcp sport 1688 counter packets 0 bytes 0 return
		meta nfproto ipv6 udp sport 500 counter packets 0 bytes 0 return
		meta nfproto ipv6 udp sport 546 counter packets 327 bytes 38935 return
		ip6 daddr @localnetwork6 counter packets 1113 bytes 174857 return
		meta nfproto ipv6 udp dport 53 counter packets 4 bytes 388 return
		ip6 daddr @china_ip6_route ip6 daddr != @china_ip6_route_pass counter packets 172 bytes 14851 return
		meta nfproto ipv6 tcp dport 0-65535 meta mark set 0x00000162 tproxy ip6 to :7895 counter packets 255 bytes 18877 accept comment "OpenClash TCP Tproxy"
		meta nfproto ipv6 udp dport 0-65535 meta mark set 0x00000162 tproxy ip6 to :7895 counter packets 0 bytes 0 accept comment "OpenClash UDP Tproxy"
	}
}
table inet fw4 {
	chain openclash_output_v6 {
		meta nfproto ipv6 tcp sport 21117 counter packets 0 bytes 0 return
		meta nfproto ipv6 tcp sport 21116 counter packets 0 bytes 0 return
		meta nfproto ipv6 tcp sport 21115 counter packets 0 bytes 0 return
		meta nfproto ipv6 tcp sport 7000 counter packets 0 bytes 0 return
		meta nfproto ipv6 tcp sport 23333 counter packets 0 bytes 0 return
		meta nfproto ipv6 tcp sport 8443 counter packets 0 bytes 0 return
		meta nfproto ipv6 tcp sport 88 counter packets 0 bytes 0 return
		meta nfproto ipv6 tcp sport 1688 counter packets 0 bytes 0 return
		ip6 daddr @localnetwork6 counter packets 7 bytes 610 return
		meta skuid != 65534 ip6 daddr @china_ip6_route ip6 daddr != @china_ip6_route_pass counter packets 0 bytes 0 return
		meta nfproto ipv6 meta skuid != 65534 tcp dport 0-65535 counter packets 0 bytes 0 redirect to :7892
	}
}
table inet fw4 {
	chain openclash_wan6_input {
		udp dport { 7874, 7890, 7891, 7892, 7893, 7895, 9090 } counter packets 0 bytes 0 reject
		tcp dport { 7874, 7890, 7891, 7892, 7893, 7895, 9090 } counter packets 0 bytes 0 reject
	}
}

#===================== IPSET状态 =====================#


#===================== 路由表状态 =====================#

#IPv4

#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.*.*         153.3.*.*     0.0.*.*         UG    0      0        0 pppoe-wan
153.3.*.*     0.0.*.*         255.255.*.* UH    0      0        0 pppoe-wan
192.168.*.*     0.0.*.*         255.255.*.*   U     0      0        0 br-lan

#ip route list
default via 153.3.*.* dev pppoe-wan proto static 
153.3.*.* dev pppoe-wan proto kernel scope link src 153.3.*.* 
192.168.*.*/24 dev br-lan proto kernel scope link src 192.168.*.* 

#ip rule show
0:	from all lookup local
32765:	from all fwmark 0x162 lookup 354
32766:	from all lookup main
32767:	from all lookup default

#IPv6

#route -A inet6
Kernel IPv6 routing table
Destination                                 Next Hop                                Flags Metric Ref    Use Iface
::/0                                        ::                                      U     1024   2        0 lo      
::/0                                        ::                                      !n    -1     2        0 lo      
::/0                                        fe80::*:*:*:e511               UG    512    5        0 pppoe-wan
::/0                                        fe80::*:*:*:e511               UG    512    6        0 pppoe-wan
2408:*:*:*::/64                     ::                                      !n    2147483647 2        0 lo      
2408:*:*:*::/64                      ::                                      U     1024   3        0 br-lan  
2408:*:*:*::/62                      ::                                      !n    2147483647 2        0 lo      
fd3d:b471:xxxx ::/64                         ::                                      U     1024   2        0 br-lan  
fd3d:b471:xxxx ::/48                         ::                                      !n    2147483647 2        0 lo      
fe80::*:*:*:xxxx /128               ::                                      U     256    2        0 pppoe-wan
fe80::*:*:*:xxxx /128               ::                                      U     256    1        0 pppoe-wan
fe80::/64                                   ::                                      U     256    5        0 br-lan  
::/0                                        ::                                      !n    -1     2        0 lo      
::1/128                                     ::                                      Un    0      7        0 lo      
2408:*:*:*::/128                    ::                                      Un    0      3        0 pppoe-wan
2408:*:*:*:1c78:xxxx :xxxx :xxxx /128  ::                                      Un    0      5        0 pppoe-wan
2408:*:*:*::/128                     ::                                      Un    0      3        0 br-lan  
2408:*:*:*:5c5d:xxxx :xxxx :xxxx /128   ::                                      Un    0      7        0 br-lan  
fd3d:b471:xxxx ::/128                        ::                                      Un    0      3        0 br-lan  
fd3d:*:*:*:5c5d:xxxx :xxxx :xxxx /128    ::                                      Un    0      5        0 br-lan  
fe80::/128                                  ::                                      Un    0      6        0 br-lan  
fe80::*:*:*:xxxx /128               ::                                      Un    0      3        0 pppoe-wan
fe80::*:*:*:xxxx /128               ::                                      Un    0      3        0 br-lan  
ff00::/8                                    ::                                      U     256    5        0 br-lan  
ff00::/8                                    ::                                      U     256    4        0 pppoe-wan
::/0                                        ::                                      !n    -1     2        0 lo      

#ip -6 route list
default from 2408:*:*:*::/64 via fe80::360b:xxxx :xxxx :xxxx dev pppoe-wan proto static metric 512 pref medium
default from 2408:*:*:*::/62 via fe80::360b:xxxx :xxxx :xxxx dev pppoe-wan proto static metric 512 pref medium
unreachable 2408:*:*:*::/64 dev lo proto static metric 2147483647 pref medium
2408:*:*:*::/64 dev br-lan proto static metric 1024 pref medium
unreachable 2408:*:*:*::/62 dev lo proto static metric 2147483647 pref medium
fd3d:b471:f886::/64 dev br-lan proto static metric 1024 pref medium
unreachable fd3d:b471:f886::/48 dev lo proto static metric 2147483647 pref medium
fe80::*:*:*:36e0 dev pppoe-wan proto kernel metric 256 pref medium
fe80::*:*:*:e511 dev pppoe-wan proto kernel metric 256 pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium

#ip -6 rule show
0:	from all lookup local
32765:	from all fwmark 0x162 lookup 354
32766:	from all lookup main
4200000000:	from 2408:*:*:*:5c5d:xxxx :xxxx :xxxx /64 iif br-lan unreachable

#===================== 端口占用状态 =====================#

tcp        0      0 :::7891                 :::*                    LISTEN      16519/clash
tcp        0      0 :::7890                 :::*                    LISTEN      16519/clash
tcp        0      0 :::7893                 :::*                    LISTEN      16519/clash
tcp        0      0 :::7892                 :::*                    LISTEN      16519/clash
tcp        0      0 :::7895                 :::*                    LISTEN      16519/clash
tcp        0      0 :::7874                 :::*                    LISTEN      16519/clash
tcp        0      0 :::9090                 :::*                    LISTEN      16519/clash
udp        0      0 :::7874                 :::*                                16519/clash
udp        0      0 :::7891                 :::*                                16519/clash
udp        0      0 :::7892                 :::*                                16519/clash
udp        0      0 :::7893                 :::*                                16519/clash
udp        0      0 :::7895                 :::*                                16519/clash

#===================== 测试本机DNS查询(www.baidu.com) =====================#

Server:		127.0.*.*
Address:	127.0.*.*:53

www.baidu.com	canonical name = www.a.shifen.com
Name:	www.a.shifen.com
Address: 2408:*:*:*:0:ff:b087:eecc
Name:	www.a.shifen.com
Address: 2408:*:*:*:0:ff:b021:1393

www.baidu.com	canonical name = www.a.shifen.com
Name:	www.a.shifen.com
Address: 153.3.*.*
Name:	www.a.shifen.com
Address: 153.3.*.*


#===================== 测试内核DNS查询(www.instagram.com) =====================#

Status: 0
TC: false
RD: true
RA: true
AD: false
CD: false

Question: 
  Name: www.instagram.com.
  Qtype: 1
  Qclass: 1

Answer: 
  TTL: 38
  data: 69.63.*.*
  name: www.instagram.com.
  type: 1

Status: 0
TC: false
RD: true
RA: true
AD: false
CD: false

Question: 
  Name: www.instagram.com.
  Qtype: 28
  Qclass: 1

Answer: 
  TTL: 98
  data: 2a03:*:*:*:face:b00c:0:25de
  name: www.instagram.com.
  type: 28


Dnsmasq 当前默认 resolv 文件:/tmp/resolv.conf.d/resolv.conf.auto

#===================== /tmp/resolv.conf.auto =====================#

# Interface wan
nameserver 58.240.*.*
nameserver 221.6.*.*
# Interface wan6
nameserver 2408:8000:aaaa::
nameserver 2408:8888::8

#===================== /tmp/resolv.conf.d/resolv.conf.auto =====================#

# Interface wan
nameserver 58.240.*.*
nameserver 221.6.*.*
# Interface wan6
nameserver 2408:8000:aaaa::
nameserver 2408:8888::8

#===================== 测试本机网络连接(www.baidu.com) =====================#

HTTP/1.1 200 OK
Bdpagetype: 1
Bdqid: 0xb40fdbc70844a5ae
Connection: keep-alive
Content-Length: 508988
Content-Type: text/html; charset=utf-8
Date: Sun, 19 Jan 2025 09:00:11 GMT
Server: BWS/1.1
Set-Cookie: BIDUPSID=A2D8422743A32A798C7CC7441EED2DF5; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com
Set-Cookie: PSTM=1737277211; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com
Set-Cookie: BDSVRTM=1; path=/
Set-Cookie: BD_HOME=1; path=/
Set-Cookie: BAIDUID=A2D8422743A32A798C7CC7441EED2DF5:FG=1; Path=/; Domain=baidu.com; Max-Age=31536000
Set-Cookie: BAIDUID_BFESS=A2D8422743A32A798C7CC7441EED2DF5:FG=1; Path=/; Domain=baidu.com; Max-Age=31536000; Secure; SameSite=None
Traceid: 1737277211157300890612974830699361379758
Vary: Accept-Encoding
X-Ua-Compatible: IE=Edge,chrome=1
X-Xss-Protection: 1;mode=block


#===================== 测试本机网络下载(raw.githubusercontent.com) =====================#

HTTP/2 200 
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: "f6037a93c68519d7041a3b4df325b61c424ec255b45dfeb063371319e39b0d96"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 83A4:119F81:264586:3BDB00:678CBF1B
accept-ranges: bytes
date: Sun, 19 Jan 2025 09:00:11 GMT
via: 1.1 varnish
x-served-by: cache-hkg17933-HKG
x-cache: MISS
x-cache-hits: 0
x-timer: S1737277211.484893,VS0,VE304
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: effbeaecd71f56245791a7a6adf817b90e5693c0
expires: Sun, 19 Jan 2025 09:05:11 GMT
source-age: 0
content-length: 1071


#===================== 最近运行日志(自动切换为Debug模式) =====================#

time="2025-01-19T09:00:17.284138608Z" level=debug msg="[DNS] resolve 4.c.7.0.4.f.c.9.f.0.d.a.d.4.0.e.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.284455010Z" level=debug msg="[DNS] resolve 4.c.7.0.4.f.c.9.f.0.d.a.d.4.0.e.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.285615994Z" level=debug msg="[DNS] 0.3.*.*.3.2.b.c.4.5.5.a.2.a.8.d.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.287244391Z" level=debug msg="[DNS] 3.8.f.9.e.0.1.*.*.d.4.5.e.3.9.a.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.290154737Z" level=debug msg="[DNS] cache hit 4.f.1.f.1.b.9.d.4.6.a.1.2.*.*.6.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR, expire at 2025-01-19 09:00:04"
time="2025-01-19T09:00:17.290539564Z" level=debug msg="[DNS] resolve 4.f.1.f.1.b.9.d.4.6.a.1.2.*.*.6.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.290892530Z" level=debug msg="[DNS] resolve 4.f.1.f.1.b.9.d.4.6.a.1.2.*.*.6.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.291355733Z" level=debug msg="[DNS] cache hit 3.7.*.*.b.1.e.f.f.f.c.e.f.8.0.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR, expire at 2025-01-19 09:00:04"
time="2025-01-19T09:00:17.291544375Z" level=debug msg="[DNS] resolve 3.7.*.*.b.1.e.f.f.f.c.e.f.8.0.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.291876605Z" level=debug msg="[DNS] 6.e.2.f.4.8.b.2.a.c.a.6.a.d.9.a.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.291908356Z" level=debug msg="[DNS] 9.7.8.a.b.4.e.f.f.f.6.4.*.*.a.3.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.291937058Z" level=debug msg="[DNS] 9.7.8.a.b.4.e.f.f.f.6.4.*.*.a.3.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.291961912Z" level=debug msg="[DNS] 6.e.2.f.4.8.b.2.a.c.a.6.a.d.9.a.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.291974792Z" level=debug msg="[DNS] resolve 3.7.*.*.b.1.e.f.f.f.c.e.f.8.0.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.295102458Z" level=debug msg="[DNS] cache hit f.3.7.*.*.3.e.f.f.f.1.1.*.*.e.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR, expire at 2025-01-19 09:00:04"
time="2025-01-19T09:00:17.295411790Z" level=debug msg="[DNS] resolve f.3.7.*.*.3.e.f.f.f.1.1.*.*.e.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.295739318Z" level=debug msg="[DNS] resolve f.3.7.*.*.3.e.f.f.f.1.1.*.*.e.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.296150204Z" level=debug msg="[DNS] cache hit 0.2.*.*.3.2.e.f.f.f.f.4.3.*.*.c.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR, expire at 2025-01-19 09:00:04"
time="2025-01-19T09:00:17.296299555Z" level=debug msg="[DNS] resolve 0.2.*.*.3.2.e.f.f.f.f.4.3.*.*.c.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.296502218Z" level=debug msg="[DNS] resolve 0.2.*.*.3.2.e.f.f.f.f.4.3.*.*.c.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.297556077Z" level=debug msg="[DNS] c.0.0.*.*.0.6.*.*.4.f.6.b.d.0.8.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.297623756Z" level=debug msg="[DNS] c.0.0.*.*.0.6.*.*.4.f.6.b.d.0.8.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.297639767Z" level=debug msg="[DNS] 3.8.*.*.b.b.b.5.6.*.*.e.b.6.1.f.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.302160904Z" level=debug msg="[DNS] cache hit b.f.9.9.c.a.a.0.3.c.9.6.c.6.8.*.*.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR, expire at 2025-01-19 09:00:04"
time="2025-01-19T09:00:17.302376903Z" level=debug msg="[DNS] resolve b.f.9.9.c.a.a.0.3.c.9.6.c.6.8.*.*.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.302671181Z" level=debug msg="[DNS] resolve b.f.9.9.c.a.a.0.3.c.9.6.c.6.8.*.*.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.303014054Z" level=debug msg="[DNS] 5.8.1.c.4.f.e.f.f.f.1.4.a.3.0.*.*.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.303040011Z" level=debug msg="[DNS] 5.8.1.c.4.f.e.f.f.f.1.4.a.3.0.*.*.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.303086487Z" level=debug msg="[DNS] c.7.6.*.*.4.0.*.*.e.0.e.b.4.d.7.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.303257545Z" level=debug msg="[DNS] cache hit 0.7.*.*.b.5.9.*.*.0.2.*.*.5.8.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR, expire at 2025-01-19 09:00:04"
time="2025-01-19T09:00:17.303386375Z" level=debug msg="[DNS] resolve 0.7.*.*.b.5.9.*.*.0.2.*.*.5.8.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.303626900Z" level=debug msg="[DNS] resolve 0.7.*.*.b.5.9.*.*.0.2.*.*.5.8.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.305509143Z" level=debug msg="[DNS] 1.6.3.d.1.f.a.c.9.1.c.a.b.6.8.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.305680694Z" level=debug msg="[DNS] 6.c.b.d.2.1.a.e.f.0.3.a.d.7.5.e.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.306786561Z" level=debug msg="[DNS] cache hit 5.7.*.*.c.3.1.*.*.9.f.a.4.2.b.f.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR, expire at 2025-01-19 09:00:04"
time="2025-01-19T09:00:17.306986753Z" level=debug msg="[DNS] resolve 5.7.*.*.c.3.1.*.*.9.f.a.4.2.b.f.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.307231294Z" level=debug msg="[DNS] resolve 5.7.*.*.c.3.1.*.*.9.f.a.4.2.b.f.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.310023323Z" level=debug msg="[DNS] 8.5.e.7.0.*.*.c.0.4.7.b.e.0.5.f.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.310157932Z" level=debug msg="[DNS] 8.5.e.7.0.*.*.c.0.4.7.b.e.0.5.f.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.310297337Z" level=debug msg="[DNS] 4.c.7.0.4.f.c.9.f.0.d.a.d.4.0.e.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.318588906Z" level=debug msg="[DNS] 3.7.*.*.b.1.e.f.f.f.c.e.f.8.0.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.318851799Z" level=debug msg="[DNS] 4.f.1.f.1.b.9.d.4.6.a.1.2.*.*.6.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.324489181Z" level=debug msg="[DNS] f.3.7.*.*.3.e.f.f.f.1.1.*.*.e.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.325952958Z" level=debug msg="[DNS] 0.2.*.*.3.2.e.f.f.f.f.4.3.*.*.c.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.328020726Z" level=debug msg="[DNS] b.f.9.9.c.a.a.0.3.c.9.6.c.6.8.*.*.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.329298530Z" level=debug msg="[DNS] 0.7.*.*.b.5.9.*.*.0.2.*.*.5.8.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.329330510Z" level=debug msg="[DNS] 0.7.*.*.b.5.9.*.*.0.2.*.*.5.8.b.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.336059554Z" level=debug msg="[DNS] 5.7.*.*.c.3.1.*.*.9.f.a.4.2.b.f.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://221.6.*.*:53"
time="2025-01-19T09:00:17.336107161Z" level=debug msg="[DNS] 5.7.*.*.c.3.1.*.*.9.f.a.4.2.b.f.0.b.6.0.*.*.e.0.c.3.2.*.*.0.4.2.ip6.arpa --> [] PTR from udp://58.240.*.*:53"
time="2025-01-19T09:00:17.704833274Z" level=debug msg="[Rule] use default rules"
time="2025-01-19T09:00:17.705234917Z" level=debug msg="[Process] find process error for github.com: process not found"
time="2025-01-19T09:00:17.705409092Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [61.241.*.* 61.241.*.*] A, expire at 2025-01-19 09:00:55"
time="2025-01-19T09:00:17.705455671Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [] AAAA, expire at 2025-01-19 09:00:46"
time="2025-01-19T09:00:17.738663133Z" level=info msg="[TCP] 192.168.*.*:55310 --> github.com:443 match GeoSite(github) using 🚀 GitHub[🇭🇰 Hong Kong丨10]"
time="2025-01-19T09:00:18.045224852Z" level=debug msg="[Rule] use default rules"
time="2025-01-19T09:00:18.045595792Z" level=debug msg="[Process] find process error for 199.59.*.*: process not found"
time="2025-01-19T09:00:18.045761359Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [61.241.*.* 61.241.*.*] A, expire at 2025-01-19 09:00:55"
time="2025-01-19T09:00:18.045806539Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [] AAAA, expire at 2025-01-19 09:00:46"
time="2025-01-19T09:00:18.079467039Z" level=info msg="[TCP] 192.168.*.*:55313 --> 199.59.*.*:443 match GeoIP(twitter) using 🕊️ Twitter(X)[🇭🇰 Hong Kong丨10]"
time="2025-01-19T09:00:18.212304844Z" level=debug msg="[Rule] use default rules"
time="2025-01-19T09:00:18.212706668Z" level=debug msg="[Process] find process error for 199.59.*.*: process not found"
time="2025-01-19T09:00:18.212876207Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [61.241.*.* 61.241.*.*] A, expire at 2025-01-19 09:00:55"
time="2025-01-19T09:00:18.212925980Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [] AAAA, expire at 2025-01-19 09:00:46"
time="2025-01-19T09:00:18.249684202Z" level=info msg="[TCP] 192.168.*.*:55314 --> 199.59.*.*:443 match GeoIP(twitter) using 🕊️ Twitter(X)[🇭🇰 Hong Kong丨10]"
time="2025-01-19T09:00:18.742692251Z" level=debug msg="[Rule] use default rules"
time="2025-01-19T09:00:18.743015184Z" level=debug msg="[Process] find process error for github.com: process not found"
time="2025-01-19T09:00:18.743172465Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [61.241.*.* 61.241.*.*] A, expire at 2025-01-19 09:00:55"
time="2025-01-19T09:00:18.743216411Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [] AAAA, expire at 2025-01-19 09:00:46"
time="2025-01-19T09:00:18.778732593Z" level=info msg="[TCP] 192.168.*.*:55315 --> github.com:443 match GeoSite(github) using 🚀 GitHub[🇭🇰 Hong Kong丨10]"
time="2025-01-19T09:00:19.070157879Z" level=debug msg="[DNS] cache hit catalog.gamepass.com --> [23.48.*.* 23.48.*.*] A, expire at 2025-01-19 08:55:22"
time="2025-01-19T09:00:19.070334702Z" level=debug msg="[DNS] cache hit catalog.gamepass.com --> [2a02:*:*:*::213:7e84 2a02:26f0:480:10::213:7e9d] AAAA, expire at 2025-01-19 08:55:36"
time="2025-01-19T09:00:19.070431241Z" level=debug msg="[DNS] resolve catalog.gamepass.com A from udp://221.6.*.*:53"
time="2025-01-19T09:00:19.070627658Z" level=debug msg="[DNS] resolve catalog.gamepass.com A from udp://58.240.*.*:53"
time="2025-01-19T09:00:19.070643920Z" level=debug msg="[DNS] resolve catalog.gamepass.com AAAA from udp://221.6.*.*:53"
time="2025-01-19T09:00:19.070661129Z" level=debug msg="[DNS] resolve catalog.gamepass.com AAAA from udp://58.240.*.*:53"
time="2025-01-19T09:00:19.072621801Z" level=debug msg="[DNS] catalog.gamepass.com --> [23.48.*.* 23.48.*.*] A from udp://221.6.*.*:53"
time="2025-01-19T09:00:19.072887755Z" level=debug msg="[DNS] catalog.gamepass.com --> [2a02:*:*:*::1737:6e36 2a02:26f0:1700:c::1737:6e44] AAAA from udp://58.240.*.*:53"
time="2025-01-19T09:00:19.072961704Z" level=debug msg="[DNS] catalog.gamepass.com --> [2a02:*:*:*::1737:6e44 2a02:26f0:1700:c::1737:6e36] AAAA from udp://221.6.*.*:53"
time="2025-01-19T09:00:19.073784900Z" level=debug msg="[Rule] use default rules"
time="2025-01-19T09:00:19.074693303Z" level=debug msg="[Process] find process error for catalog.gamepass.com: process not found"
time="2025-01-19T09:00:19.075544057Z" level=debug msg="[DNS] cache hit catalog.gamepass.com --> [23.48.*.* 23.48.*.*] A, expire at 2025-01-19 09:00:27"
time="2025-01-19T09:00:19.075659568Z" level=debug msg="[DNS] cache hit catalog.gamepass.com --> [2a02:*:*:*::1737:6e36 2a02:26f0:1700:c::1737:6e44] AAAA, expire at 2025-01-19 09:00:29"
time="2025-01-19T09:00:19.240614439Z" level=info msg="[TCP] 192.168.*.*:55316 --> catalog.gamepass.com:443 match RuleSet(Microsoft) using Ⓜ️ 微软服务[DIRECT]"
time="2025-01-19T09:00:19.393159725Z" level=debug msg="[Rule] use default rules"
time="2025-01-19T09:00:19.394273789Z" level=debug msg="[Process] find process error for github.githubassets.com: process not found"
time="2025-01-19T09:00:19.394704757Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [61.241.*.* 61.241.*.*] A, expire at 2025-01-19 09:00:55"
time="2025-01-19T09:00:19.394864178Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [] AAAA, expire at 2025-01-19 09:00:46"
time="2025-01-19T09:00:19.428958304Z" level=info msg="[TCP] 192.168.*.*:55318 --> github.githubassets.com:443 match GeoSite(github) using 🚀 GitHub[🇭🇰 Hong Kong丨10]"
time="2025-01-19T09:00:19.461668152Z" level=debug msg="[Rule] use default rules"
time="2025-01-19T09:00:19.462554088Z" level=debug msg="[Process] find process error for 140.82.*.*: process not found"
time="2025-01-19T09:00:19.462957600Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [61.241.*.* 61.241.*.*] A, expire at 2025-01-19 09:00:55"
time="2025-01-19T09:00:19.463052637Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [] AAAA, expire at 2025-01-19 09:00:46"
time="2025-01-19T09:00:19.478250821Z" level=debug msg="[Rule] use default rules"
time="2025-01-19T09:00:19.479236550Z" level=debug msg="[Process] find process error for 140.82.*.*: process not found"
time="2025-01-19T09:00:19.479618463Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [61.241.*.* 61.241.*.*] A, expire at 2025-01-19 09:00:55"
time="2025-01-19T09:00:19.479717247Z" level=debug msg="[DNS] cache hit hk010.dogsvip.site --> [] AAAA, expire at 2025-01-19 09:00:46"
time="2025-01-19T09:00:19.496662047Z" level=info msg="[TCP] 192.168.*.*:55319 --> 140.82.*.*:443 match GeoSite(github) using 🚀 GitHub[🇭🇰 Hong Kong丨10]"
time="2025-01-19T09:00:19.517254825Z" level=info msg="[TCP] 192.168.*.*:55320 --> 140.82.*.*:443 match GeoSite(github) using 🚀 GitHub[🇭🇰 Hong Kong丨10]"
time="2025-01-19T09:00:20.313653411Z" level=debug msg="[DNS] cache hit ot.io.mi.com --> [111.202.*.* 123.125.*.* 120.52.*.*] A, expire at 2025-01-19 09:02:08"
time="2025-01-19T09:00:20.313780926Z" level=debug msg="[DNS] cache hit ot.io.mi.com --> [] AAAA, expire at 2025-01-19 09:00:55"

#===================== 最近运行日志获取完成(自动切换为silent模式) =====================#


#===================== 活动连接信息 =====================#

1. SourceIP:【192.168.*.*】 - Host:【crn-info.overwolf.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨10】
2. SourceIP:【192.168.*.*】 - Host:【rec.xiaohongshu.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨10】
3. SourceIP:【192.168.*.*】 - Host:【sns-na-i9.xhscdn.com.cdn.cloudflare.net】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨10】
4. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【140.82.*.*】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇭🇰 Hong Kong丨10】
5. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【199.59.*.*】 - Network:【tcp】 - RulePayload:【twitter】 - Lastchain:【🇭🇰 Hong Kong丨10】
6. SourceIP:【192.168.*.*】 - Host:【api.ip.sb】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨01】
7. SourceIP:【192.168.*.*】 - Host:【dashboard.kit327.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【Custom_Direct】 - Lastchain:【DIRECT】
8. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【103.28.*.*】 - Network:【tcp】 - RulePayload:【Steam_CDN】 - Lastchain:【DIRECT】
9. SourceIP:【192.168.*.*】 - Host:【dashboard.kit327.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【Custom_Direct】 - Lastchain:【DIRECT】
10. SourceIP:【192.168.*.*】 - Host:【public.games.geforce.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨10】
11. SourceIP:【192.168.*.*】 - Host:【imap.gmail.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【Google】 - Lastchain:【🇭🇰 Hong Kong丨01】
12. SourceIP:【192.168.*.*】 - Host:【ecs.office.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【Microsoft】 - Lastchain:【DIRECT】
13. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【199.59.*.*】 - Network:【tcp】 - RulePayload:【twitter】 - Lastchain:【🇭🇰 Hong Kong丨10】
14. SourceIP:【192.168.*.*】 - Host:【analyticsnew.overwolf.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨10】
15. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【140.82.*.*】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇭🇰 Hong Kong丨01】
16. SourceIP:【192.168.*.*】 - Host:【hass-home.kit327.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【Custom_Direct】 - Lastchain:【DIRECT】
17. SourceIP:【192.168.*.*】 - Host:【github.com】 - DestinationIP:【140.82.*.*】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇭🇰 Hong Kong丨10】
18. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【140.82.*.*】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇭🇰 Hong Kong丨01】
19. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【172.67.*.*】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨01】
20. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【199.59.*.*】 - Network:【tcp】 - RulePayload:【twitter】 - Lastchain:【🇭🇰 Hong Kong丨10】
21. SourceIP:【192.168.*.*】 - Host:【sns-na-i9.xhscdn.com.cdn.cloudflare.net】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨10】
22. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【104.26.*.*】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨01】
23. SourceIP:【192.168.*.*】 - Host:【sns-na-i9.xhscdn.com.cdn.cloudflare.net】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨10】
24. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【140.82.*.*】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇭🇰 Hong Kong丨10】
25. SourceIP:【192.168.*.*】 - Host:【sns-na-i9.xhscdn.com.cdn.cloudflare.net】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨10】
26. SourceIP:【192.168.*.*】 - Host:【fridge.psmartcloud.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【Custom_Direct】 - Lastchain:【DIRECT】
27. SourceIP:【192.168.*.*】 - Host:【avatars.githubusercontent.com】 - DestinationIP:【185.199.*.*】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇭🇰 Hong Kong丨10】
28. SourceIP:【192.168.*.*】 - Host:【api.ip.sb】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨01】
29. SourceIP:【192.168.*.*】 - Host:【push.services.mozilla.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨01】
30. SourceIP:【2408:*:*:*:bdb8:41fa:fa9d:446e】 - Host:【sns-video-yc.xhscdn.com】 - DestinationIP:【2606:4700:4400::ac40:98fe】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨10】
31. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【34.120.*.*】 - Network:【tcp】 - RulePayload:【Copilot】 - Lastchain:【🇭🇰 Hong Kong丨01】
32. SourceIP:【192.168.*.*】 - Host:【sns-na-i9.xhscdn.com.cdn.cloudflare.net】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇭🇰 Hong Kong丨10】
33. SourceIP:【192.168.*.*】 - Host:【prod-eastasia.access-point.cloudmessaging.edge.microsoft.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【Microsoft】 - Lastchain:【DIRECT】
34. SourceIP:【192.168.*.*】 - Host:【github.com】 - DestinationIP:【140.82.*.*】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇭🇰 Hong Kong丨10】
35. SourceIP:【192.168.*.*】 - Host:【mqtt.bj.cleargrass.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【Custom_Direct】 - Lastchain:【DIRECT】

Expected Behavior

希望能确认是否是bug ,还是我配置错误

Additional Context

No response
@Aethersailor Aethersailor added the bug Something isn't working label Jan 19, 2025
@xiaoyangdkj
Copy link

这个的确是依赖于【大陆白名单】功能
(Clang-CN)

【大陆IP段更新 URL】对应的是【流量控制-实验性:绕过指定区域 IP】

【大陆IPv6段更新 URL】对应的是【IPv6 设置-IPv6 流量代理-实验性:绕过指定区域 IPv6】

@Aethersailor Aethersailor reopened this Jan 19, 2025
@Aethersailor
Copy link
Author

Aethersailor commented Jan 19, 2025
edited
Loading

这个的确是依赖于【大陆白名单】功能 (Clang-CN)

【大陆IP段更新 URL】对应的是【流量控制-实验性:绕过指定区域 IP】

【大陆IPv6段更新 URL】对应的是【IPv6 设置-IPv6 流量代理-实验性:绕过指定区域 IPv6】

重新查阅了 Clang 的大陆IP白名单, 里面有 61.240.0.0/14 这个 IP 段,已经包含了 61.241.62.225 地址

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Aethersailor @xiaoyangdkj