开启ipv6后fake-ip失效

[pesh178]

将box.config文件内的ipv6="disable"改为ipv6="enable"后fake-ip失效 下面是我的配置文件

mixed-port: 7890
redir-port: 7891
tproxy-port: 1536
allow-lan: false
mode: rule
geodata-mode: true
unified-delay: true
log-level: error
ipv6: true
external-controller: 127.0.0.1:9090
external-ui: ui
secret: ""
enable-process: true
find-process-mode: strict
#tcp-concurrent: true
global-client-fingerprint: chrome

geox-url:
  geoip: "https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geoip.dat"
  geosite: "https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geosite.dat"
  mmdb: "https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/country.mmdb"

profile:
  store-selected: true
  store-fake-ip: true

sniffer:
  enable: false
  sniff:
    TLS:
      ports: [443, 8443]
    HTTP:
      ports: [80, 8080-8880]
      override-destination: true

tun:
  enable: false
  device: tun3
  stack: system
  inet6-address: 
  dns-hijack:
    - 'any:53'
  auto-route: true
  auto-detect-interface: true

dns:
  enable: true
  enhanced-mode: fake-ip
  fake-ip-range: 198.19.0.1/16
  listen: 0.0.0.0:53
  nameserver:
    - 223.5.5.5
    - 8.8.8.8
    - 114.114.114.114
  ipv6: true

#!/system/bin/sh

bin_name="clash"

redir_port="7891"
tproxy_port="1536"
clash_dns_port="53"
clash_dns_listen="0.0.0.0:${clash_dns_port}"
clash_fake_ip_range="198.19.0.1/16"
tun_device="tun0"

box_user_group="root:net_admin"
# If you want to change the user or group, you must make the Box core in the /system/bin directory, otherwise the changes will not take effect.
# If you are using Magisk, you can copy the Box core files (sing-box, clash, etc.) to /data/adb/modules/bin_files/system/bin/ and reboot the phone
bin_name_list=("sing-box" "clash" "xray" "v2ray")
box_path="/data/adb/box"
bin_path="${box_path}/bin/${bin_name}"
run_path="${box_path}/run"
pid_file="${run_path}/${bin_name}.pid"

intranet=(0.0.0.0/8 10.0.0.0/8 100.64.0.0/10 127.0.0.0/8 169.254.0.0/16 192.0.0.0/24 192.0.2.0/24 192.88.99.0/24 192.168.0.0/16 198.18.0.1/16 198.51.100.0/24 203.0.113.0/24 224.0.0.0/4 240.0.0.0/4 255.255.255.255/32)
intranet6=(::/128 ::1/128 ::ffff:0:0/96 100::/64 64:ff9b::/96 2001::/32 2001:10::/28 2001:20::/28 2001:db8::/32 2002::/16 fe80::/10 ff00::/8)

ipv6="enable" # enable / disable

proxy_method="TPROXY"
# REDIRECT: TCP only / TPROXY: TCP + UDP / MIXED: REDIRECT TCP + TUN UDP

proxy_mode="blacklist"
# blacklist / whitelist / core
user_packages_list=("0:com.jingdong.app.mall" "0:com.sonelli.juicessh")
# Android User:Package Name, For example:
# user_packages_list=("0:com.android.captiveportallogin" "10:com.tencent.mm")

gid_list=()
# The gid in the list will be bypassed or proxied according to the proxy_mode configuration, and the gid can be arbitrarily specified by the busybox setuidgid command

ap_list=("wlan+" "ap+" "rndis+")
ignore_out_list=()

[CHIZI-0618]

因为 clash Tproxy 透明代理需 REDIRECT 本地 53 端口到 dns.listen 端口，而安卓的 ip6tables 没有 nat 表，自然达不到上述要求，

当然我注意到您使用了 dns.listen: 0.0.0.0:53，我不知道这会不会这正常接受 ipv6 dns 请求，我不建议安卓 clash dns 监听 53，这与安卓热点 dnsmasq 监听冲突导致热点不能开启

当然，clash premium 已加入 tls quic 嗅探

experimental:
  sniff-tls-sni: true

Clash.Meta 也早有嗅探功能， 所以DNS 劫持甚至是可不做的