[Bug] use-hosts 不生效的问题

[ForestL18]

Verify steps

• [X] 我已经阅读了 文档，了解所有我编写的配置文件项的含义，而不是大量堆砌看似有用的选项或默认值。
• [ ] 我未仔细看过 文档 并解决问题
• [X] 我未在 Issue Tracker 中寻找过我要提出的问题
• [X] 我已经使用最新的 Alpha 分支版本测试过，问题依旧存在
• [X] 我提供了可以在本地重现该问题的服务器、客户端配置文件与流程，而不是一个脱敏的复杂客户端配置文件。
• [X] 我提供了可用于重现我报告的错误的最简配置，而不是依赖远程服务器、TUN、图形界面客户端或者其他闭源软件。
• [X] 我提供了完整的配置文件与日志，而不是出于对自身智力的自信而仅提供了部分认为有用的部分。

操作系统

Windows

系统版本

windows 11 23h2

Mihomo 版本

1.18.7

配置文件

######### 锚点 start #######
# proxy group 相关
DefaultGroup:
  &DefaultGroup {
    type: select,
    proxies: [HK, TW, JP, SG, US, quantum, Manual],
    url: "http://1.1.1.1/generate_204",
  }

RespectDefaultGroup:
  &RespectDefaultGroup {
    type: select,
    proxies: [Default, HK, TW, JP, SG, US, quantum, Manual],
    url: "http://1.1.1.1/generate_204",
  }

DirectFirstGroup:
  &DirectFirstGroup {
    type: select,
    proxies: [DIRECT, Default, HK, TW, JP, SG, US, quantum, Manual],
    url: "http://1.1.1.1/generate_204",
  }

proxyurl: &proxyurl { url: "http://1.1.1.1/generate_204" }

# proxy provider 相关
GeneralProvider: &GeneralProvider {
    type: http,
    health-check: { enable: false, url: "http://1.1.1.1/generate_204" },
    #override: { ip-version: ipv4 },
    proxy: DIRECT,
  }

######### 锚点 end #######
mode: rule
ipv6: false
log-level: silent
allow-lan: false # Allows other devices to access the internet through Clash proxy port
mixed-port: 7890
port: 7891
socks-port: 7892
keep-alive-interval: 15
unified-delay: false
tcp-concurrent: false # TCP 并发连接所有 IP, 将使用最快握手的 TCP
external-controller: "0.0.0.0:9090"

geodata-mode: false
geodata-loader: memconservative
geo-auto-update: true
geo-update-interval: 24
geox-url:
  geoip: "https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geoip.dat"
  geosite: "https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geosite.dat"
  mmdb: "https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/country.mmdb"
  asn: "https://github.com/P3TERX/GeoLite.mmdb/raw/download/GeoLite2-ASN.mmdb"

find-process-mode: strict
global-client-fingerprint: chrome

profile:
  store-selected: true
  store-fake-ip: true

tun:
  enable: true
  stack: system
  dns-hijack:
    - any:53
    - tcp://any:53
  auto-route: true
  auto-detect-interface: true
  strict-route: true
  endpoint-independent-nat: true

hosts:
  "mtalk.google.com": 142.250.157.188
  "alt1-mtalk.google.com": 142.250.141.188
  "alt2-mtalk.google.com": 142.250.115.188
  "alt3-mtalk.google.com": 64.233.171.188
  "alt4-mtalk.google.com": 173.194.202.188
  "alt5-mtalk.google.com": 142.250.141.188
  "alt6-mtalk.google.com": 142.250.115.188
  "alt7-mtalk.google.com": 142.250.141.188
  "alt8-mtalk.google.com": 142.250.152.188

dns:
  cache-algorithm: arc
  enable: true
  #listen: :1053
  ipv6: false
  use-hosts: false
  #use-system-hosts: true
  respect-rules: false
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/15
  #prefer-h3: true
  default-nameserver:
    - 223.5.5.5
    - 119.29.29.29
  nameserver:
    - "https://223.5.5.5/dns-query#DIRECT"
    - "https://120.53.53.53/dns-query#DIRECT"

  proxy-server-nameserver:
    - "https://223.6.6.6/dns-query#DIRECT"
    - "https://1.12.12.12/dns-query#DIRECT"
  nameserver-policy:
    ? "rule-set:googlefcm_domain,epicgames_domain,microsoft_domain,\
      direct,ntp_service,tracker_domain,private_domain,\
      apple@cn_domain,steam@cn_domain,amazon@cn_domain,amazon@cn_cptn,cn_domain"
    : - 223.5.5.5
      - 119.29.29.29

    "rule-set:geolocation-!cn_domain":
      - "tls://1.1.1.1#GeoNotCN"
      - "tls://8.8.8.8#GeoNotCN"

  fake-ip-filter:
    ### LocalAreaNetwork
    ## PrivateDomain
    - "+.lan"
    - "+.local"
    - "+.localdomain"
    - "+.example"
    - "+.invalid"
    - "+.localhost"
    - "+.test"
    - "+.internal"

    ### Games
    ## Nintendo Switch
    - "+.srv.nintendo.net"
    - "*.n.n.srv.nintendo.net"
    ## Sony PlayStation
    - "*.*.stun.playstation.net"
    ## XBox
    - "xbox.*.microsoft.com"
    - +.xboxlive.com

    ### Services
    ## QQ SSO for quick login
    - localhost.sec.qq.com
    - localhost.ptlogin2.qq.com
    ## Microsoft
    - "+.msftncsi.com"
    - "+.msftconnecttest.com"

proxy-groups:

  - { name: Default, <<: *DefaultGroup }

  - { name: GeoNotCN, <<: *RespectDefaultGroup }

  # 分隔,下面是地区分组
  - {
      name: HK,
      type: select,
      include-all-providers: true,
      filter: "(?i)香港|HK|hongkong|hong kong",
      exclude-filter: "(?i)premium",
    }

  - {
      name: TW,
      type: select,
      include-all-providers: true,
      filter: "(?i)台湾|TW|taiwan",
      exclude-filter: "(?i)premium",
    }

  - {
      name: JP,
      type: select,
      include-all-providers: true,
      filter: "(?i)日本|JP|japan",
      exclude-filter: "(?i)premium",
    }

  - {
      name: SG,
      type: select,
      include-all-providers: true,
      filter: "(?i)新加坡|SG|singapore",
      exclude-filter: "(?i)premium",
    }

  - {
      name: US,
      type: select,
      include-all-providers: true,
      filter: "(?i)美国|USA|unitedstates|united states|洛杉矶",
      exclude-filter: "(?i)premium",
    }

  - { name: quantum, type: select, use: [quantum] }

  - { name: Manual, type: select, include-all-providers: true }

  # 分隔,下面是应用分组
  - { name: Telegram, <<: *RespectDefaultGroup }

  - { name: AIGC, <<: *RespectDefaultGroup }

  - { name: Google, <<: *RespectDefaultGroup }

  - { name: Apple, <<: *RespectDefaultGroup }

  - { name: Github, <<: *RespectDefaultGroup }

  - { name: OneDrive, <<: *RespectDefaultGroup }

  - { name: Microsoft, <<: *DirectFirstGroup }

  - { name: Amazon, <<: *RespectDefaultGroup }

  - { name: Steam, <<: *RespectDefaultGroup }

  - { name: Epic, <<: *DirectFirstGroup }

  - { name: Ehentai, <<: *RespectDefaultGroup }

  - { name: Pixiv, <<: *RespectDefaultGroup }

  - { name: Twitter, <<: *RespectDefaultGroup }

  - { name: Facebook, <<: *RespectDefaultGroup }

  - { name: Spotify, <<: *RespectDefaultGroup }

  - { name: Twitch, <<: *RespectDefaultGroup }

  - { name: Reddit, <<: *RespectDefaultGroup }

  - { name: Discord, <<: *RespectDefaultGroup }

  - { name: Bilibili, <<: *DirectFirstGroup }

  - {
      name: Netflix,
      type: select,
      proxies: [SG, TW, JP, HK, US, quantum, Manual],
      <<: *proxyurl,
    }

  - {
      name: Bahamut,
      type: select,
      proxies: [TW, HK, JP, SG, US, quantum, Manual],
      <<: *proxyurl,
    }

  - { name: Sensites, type: select, proxies: [quantum, Manual], <<: *proxyurl }

  - {
      name: AccessOnlyJP,
      type: select,
      proxies: [JP, TW, HK, SG, US, quantum, Manual],
      <<: *proxyurl,
    }

  - {
      name: AccessNotJP,
      type: select,
      proxies: [HK, TW, SG, US, quantum, Manual],
      <<: *proxyurl,
    }

  - { name: Speedtest, <<: *DirectFirstGroup }

  - { name: GoogleFCM, <<: *DirectFirstGroup }

sub-rules:
  QUICFlow:
    - DOMAIN-REGEX,(alt[1-8]-)?mtalk\.google\.com$,GoogleFCM
    - MATCH,REJECT

rules:
  - SUB-RULE,(AND,((NETWORK,UDP),(DST-PORT,443))),QUICFlow #QUIC
  #- AND,((NETWORK,UDP),(DST-PORT,3478-3497)),REJECT # Common STUN

  - RULE-SET,reject,REJECT
  - RULE-SET,direct,DIRECT
  - RULE-SET,proxy,Default

  - RULE-SET,private_ip,DIRECT,no-resolve
  - RULE-SET,private_domain,DIRECT
  - RULE-SET,private_ptr,DIRECT

  - RULE-SET,ntp_service,DIRECT

  - RULE-SET,aigc_domain,AIGC
  - RULE-SET,aigc_cptn,AIGC

  - RULE-SET,sensites,Sensites

  - RULE-SET,netwroktest,Speedtest

  - RULE-SET,access_not_jp,AccessNotJP

  - RULE-SET,access_only_jp,AccessOnlyJP
  - RULE-SET,dmm_domain,AccessOnlyJP

  - RULE-SET,tracker_domain,DIRECT

  - RULE-SET,ehentai_domain,Ehentai

  - RULE-SET,pixiv_domain,Pixiv

  - RULE-SET,bahamut_domain,Bahamut

  - RULE-SET,telegram_domain,Telegram

  - RULE-SET,steam@cn_domain,DIRECT
  - RULE-SET,steam_domain,Steam

  - RULE-SET,epicgames_domain,Epic
  - RULE-SET,epicgames_cptn,Epic

  - RULE-SET,bilibili_domain,Bilibili

  - RULE-SET,netflix_domain,Netflix
  - RULE-SET,netflix_cptn,Netflix

  - RULE-SET,twitter_domain,Twitter

  - RULE-SET,facebook_domain,Facebook
  - RULE-SET,instagram_domain,Facebook
  - RULE-SET,threads_domain,Facebook

  - RULE-SET,spotify_domain,Spotify

  - RULE-SET,reddit_domain,Reddit

  - RULE-SET,twitch_domain,Twitch

  - RULE-SET,discord_domain,Discord

  - RULE-SET,googlefcm_domain,GoogleFCM
  - RULE-SET,google_domain,Google

  - RULE-SET,apple@cn_domain,DIRECT
  - RULE-SET,apple_domain,Apple

  - RULE-SET,github_domain,Github
  - RULE-SET,onedrive_domain,OneDrive
  - RULE-SET,microsoft_domain,Microsoft

  - RULE-SET,amazon@cn_domain,DIRECT
  - RULE-SET,amazon@cn_cptn,DIRECT
  - RULE-SET,amazon_domain,Amazon
  - RULE-SET,amazon_cptn,Amazon

  - RULE-SET,cn_domain,DIRECT

  - RULE-SET,geolocation-!cn_domain,GeoNotCN
  - RULE-SET,geolocation-!cn_cptn,GeoNotCN

  # IP Rules
  - RULE-SET,telegram_asn,Telegram,no-resolve
  - RULE-SET,google_asn,Google
  - RULE-SET,netflix_asn,Netflix
  - RULE-SET,twitter_asn,Twitter
  - RULE-SET,facebook_asn,Facebook
  - RULE-SET,china_asn,DIRECT

  #- GEOIP,CN,DIRECT
  #- SUB-RULE,(NETWORK,TCP),TCPFlow
  #- SUB-RULE,(NETWORK,UDP),UDPFlow
  #- NETWORK,TCP,GeoNotCN
  - MATCH,GeoNotCN

描述

当我把dns配置中的use-hosts设为false，在web UI中查看mtalk.google.com连接状况时，这个域名的连接没有使用查询dns服务器的方式来获取IP，而是仍然使用hosts模式来获取IP。见下图。

重现方式

如上，这是预期状况还是use-hosts功能有bug？

日志

[info] [TCP] 198.18.0.1:3511 -- > mtalk.google.com:5228 match RuleSet(googlefcm_domain) using GoogleFCM[DIRECT]

[debug] [Rule] use default rules

[xishang0128]

use-hosts仅控制dns回应,内部resolver依旧遵守hosts