BUG: TUN mode doesn't work (device not open)

[nimbold]

Describe the problem

OS: CachyOS (Arch based)
DE: KDE 6.1.1

When I try to enable TUN mode (either internal TUN or normal TUN) it doesn't enable the TUN mode and it keeps repeating. When I run nekoray through terminal, I can see the logs and I could see the problem. I'll attach logs below. Expected behavior: TUN mode enables Actual behavior: TUN mode doesn't enable

How to reproduce

1. Open Nekoray
2. Select a server
3. Click TUN to enable system-wide VPN
4. Nothing happens

Provide helpful screenshots, videos, text descriptions, subscription links, etc.

log

❯ nekoray
Found exec "getcap" at "/usr/bin/getcap"
QIODevice::write (QFile, "sing-box-vpn.json"): device not open
QIODevice::write (QFile, "vpn-run-root.sh"): device not open
QIODevice::write (QFile, "groups/nekobox.json"): device not open
+ '[' 0 -ne 0 ']'
++ uname
+ '[' Linux == Darwin ']'
+ '[' -z 514 ']'
+ command -v pkill
++ dirname /usr/lib/nekoray/config/vpn-run-root.sh
+ BASEDIR=/usr/lib/nekoray/config
+ cd /usr/lib/nekoray/config
+ '[' '' '!=' stop ']'
+ start
+ '[' -z ']'
+ pre_start_linux
+ ip rule add pref 8999 fwmark 514 table main
+ ip -6 rule add pref 8999 fwmark 514 table main
+ iptables -I INPUT -s 172.19.0.2 -d 172.19.0.1 -p tcp -j ACCEPT
+ ip6tables -I INPUT -s fdfe:dcba:9876::2 -d fdfe:dcba:9876::1 -p tcp -j ACCEPT
+ /usr/lib/nekoray/nekobox_core run -c /usr/lib/nekoray/config/sing-box-vpn.json --protect-listen-path /usr/lib/nekoray/config/protect --protect-fwmark 514
sing-box: 1.9.3-neko-1 NekoBox: N/A

Error: unknown flag: --protect-listen-path
Usage:
  sing-box run [flags]

Flags:
  -h, --help   help for run

Global Flags:
  -c, --config stringArray             set configuration file path
  -C, --config-directory stringArray   set configuration directory path
  -D, --directory string               set working directory
      --disable-color                  disable color output

FATAL[0000] unknown flag: --protect-listen-path
+ true
+ stop
+ '[' -z ']'
+ iptables -D INPUT -s 172.19.0.2 -d 172.19.0.1 -p tcp -j ACCEPT
+ ip6tables -D INPUT -s fdfe:dcba:9876::2 -d fdfe:dcba:9876::1 -p tcp -j ACCEPT
+ ip rule del fwmark 514
+ ip -6 rule del fwmark 514
QIODevice::write (QFile, "groups/nekobox.json"): device not open
QIODevice::write (QFile, "sing-box-vpn.json"): device not open
QIODevice::write (QFile, "vpn-run-root.sh"): device not open
QIODevice::write (QFile, "groups/nekobox.json"): device not open
+ '[' 0 -ne 0 ']'
++ uname
+ '[' Linux == Darwin ']'
+ '[' -z 514 ']'
+ command -v pkill
++ dirname /usr/lib/nekoray/config/vpn-run-root.sh
+ BASEDIR=/usr/lib/nekoray/config
+ cd /usr/lib/nekoray/config
+ '[' '' '!=' stop ']'
+ start
+ '[' -z ']'
+ pre_start_linux
+ ip rule add pref 8999 fwmark 514 table main
+ ip -6 rule add pref 8999 fwmark 514 table main
+ iptables -I INPUT -s 172.19.0.2 -d 172.19.0.1 -p tcp -j ACCEPT
+ ip6tables -I INPUT -s fdfe:dcba:9876::2 -d fdfe:dcba:9876::1 -p tcp -j ACCEPT
+ /usr/lib/nekoray/nekobox_core run -c /usr/lib/nekoray/config/sing-box-vpn.json --protect-listen-path /usr/lib/nekoray/config/protect --protect-fwmark 514
sing-box: 1.9.3-neko-1 NekoBox: N/A

Error: unknown flag: --protect-listen-path
Usage:
  sing-box run [flags]

Flags:
  -h, --help   help for run

Global Flags:
  -c, --config stringArray             set configuration file path
  -C, --config-directory stringArray   set configuration directory path
  -D, --directory string               set working directory
      --disable-color                  disable color output

FATAL[0000] unknown flag: --protect-listen-path
+ true
+ stop
+ '[' -z ']'
+ iptables -D INPUT -s 172.19.0.2 -d 172.19.0.1 -p tcp -j ACCEPT
+ ip6tables -D INPUT -s fdfe:dcba:9876::2 -d fdfe:dcba:9876::1 -p tcp -j ACCEPT
+ ip rule del fwmark 514
+ ip -6 rule del fwmark 514
QIODevice::write (QFile, "groups/nekobox.json"): device not open

[OscarRaizer]

Same. Everything was fine a day ago

[A404M]

For me it all started with nekoray4 Or maybe sing-box Because nekoray4 removed x-ray support which I used all the time It doesn't matter the way I installed or release linux.zip Both of them don't work with the same error

FATAL[0000] unknown flag: --protect-listen-path

which is fixed in last commit "7c78330" So if you can please make a release

[zhouxinghong]

Windows 10 Tun Mode also doesn't work

[zhouxinghong]

ERROR[0062] dns: exchange failed for www.msftconnecttest.com. IN AAAA: dial tcp 172.16.47.166:443: operation was canceled INFO[0064] [2629623135 0ms] inbound/tun[tun-in]: inbound packet connection from [fdfe:dcba:9876::1]:56081 INFO[0064] [2629623135 0ms] inbound/tun[tun-in]: inbound packet connection to [fdfe:dcba:9876::2]:53 INFO[0064] [438240596 0ms] inbound/tun[tun-in]: inbound packet connection from 172.89.0.1:56081 INFO[0064] [438240596 0ms] inbound/tun[tun-in]: inbound packet connection to 172.89.0.2:53 INFO[0064] outbound/vless[proxy]: outbound connection to 8.8.8.8:443 INFO[0064] outbound/vless[proxy]: outbound connection to 8.8.8.8:443 INFO[0064] outbound/vless[proxy]: outbound connection to 8.8.8.8:443 INFO[0064] outbound/vless[proxy]: outbound connection to 8.8.8.8:443 ERROR[0064] dns: exchange failed for www.msftconnecttest.com. IN A: dial tcp 172.16.47.166:443: operation was canceled ERROR[0064] dns: exchange failed for www.msftconnecttest.com. IN A: dial tcp 172.16.47.166:443: operation was canceled INFO[0064] [782091482 0ms] inbound/tun[tun-in]: inbound packet connection from 172.89.0.1:55382 INFO[0064] [4063141274 0ms] inbound/tun[tun-in]: inbound packet connection from [fdfe:dcba:9876::1]:55382 INFO[0064] [782091482 0ms] inbound/tun[tun-in]: inbound packet connection to 172.89.0.2:53 INFO[0064] [4063141274 0ms] inbound/tun[tun-in]: inbound packet connection to [fdfe:dcba:9876::2]:53 INFO[0064] outbound/vless[proxy]: outbound connection to 8.8.8.8:443 INFO[0064] outbound/vless[proxy]: outbound connection to 8.8.8.8:443 INFO[0064] outbound/vless[proxy]: outbound connection to 8.8.8.8:443 INFO[0064] outbound/vless[proxy]: outbound connection to 8.8.8.8:443 ERROR[0064] dns: exchange failed for www.msftconnecttest.com. IN AAAA: dial tcp 172.16.47.166:443: operation was canceled ERROR[0064] dns: exchange failed for www.msftconnecttest.com. IN AAAA: dial tcp 172.16.47.166:443: operation was canceled

[OscarRaizer]

Looks like it worked for me today

UPD not work: Setcap for Tun mode failed.

[nimbold]

In the latest version Internal TUN works and it has no problems so far. Just a reminder: Remove the previous package and all its files in /.config and ./cache before installing the new version.

I'll close the issue after a couple days of testing.

[alirezamohammadi]

In the latest version Internal TUN works and it has no problems so far. Just a reminder: Remove the previous package and all its files in /.config and ./cache before installing the new version.

I'll close the issue after a couple days of testing.

In Windows 11, I did a fresh installation from version 4 beta 2, and in proxy mode, everything is fine, but as soon as I tunnel, no site opens in the browser.

[nimbold]

In the latest version Internal TUN works and it has no problems so far. Just a reminder: Remove the previous package and all its files in /.config and ./cache before installing the new version.

I'll close the issue after a couple days of testing.

In Windows 11, I did a fresh installation from version 4 beta 2, and in proxy mode, everything is fine, but as soon as I tunnel, no site opens in the browser.

Are you using Internal TUN? The regular TUN doesn't work for me either, but Internal TUN works. Check it in TUN settings. Also on windows for a clean install, remember to remove nekoray-tun network adapter if it was not deleted.