Closed ForestL18 closed 1 month ago
Windows
windows 11 23h2
1.18.7
######### 锚点 start ####### # proxy group 相关 DefaultGroup: &DefaultGroup { type: select, proxies: [HK, TW, JP, SG, US, quantum, Manual], url: "http://1.1.1.1/generate_204", } RespectDefaultGroup: &RespectDefaultGroup { type: select, proxies: [Default, HK, TW, JP, SG, US, quantum, Manual], url: "http://1.1.1.1/generate_204", } DirectFirstGroup: &DirectFirstGroup { type: select, proxies: [DIRECT, Default, HK, TW, JP, SG, US, quantum, Manual], url: "http://1.1.1.1/generate_204", } proxyurl: &proxyurl { url: "http://1.1.1.1/generate_204" } # proxy provider 相关 GeneralProvider: &GeneralProvider { type: http, health-check: { enable: false, url: "http://1.1.1.1/generate_204" }, #override: { ip-version: ipv4 }, proxy: DIRECT, } ######### 锚点 end ####### mode: rule ipv6: false log-level: silent allow-lan: false # Allows other devices to access the internet through Clash proxy port mixed-port: 7890 port: 7891 socks-port: 7892 keep-alive-interval: 15 unified-delay: false tcp-concurrent: false # TCP 并发连接所有 IP, 将使用最快握手的 TCP external-controller: "0.0.0.0:9090" geodata-mode: false geodata-loader: memconservative geo-auto-update: true geo-update-interval: 24 geox-url: geoip: "https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geoip.dat" geosite: "https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geosite.dat" mmdb: "https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/country.mmdb" asn: "https://github.com/P3TERX/GeoLite.mmdb/raw/download/GeoLite2-ASN.mmdb" find-process-mode: strict global-client-fingerprint: chrome profile: store-selected: true store-fake-ip: true tun: enable: true stack: system dns-hijack: - any:53 - tcp://any:53 auto-route: true auto-detect-interface: true strict-route: true endpoint-independent-nat: true hosts: "mtalk.google.com": 142.250.157.188 "alt1-mtalk.google.com": 142.250.141.188 "alt2-mtalk.google.com": 142.250.115.188 "alt3-mtalk.google.com": 64.233.171.188 "alt4-mtalk.google.com": 173.194.202.188 "alt5-mtalk.google.com": 142.250.141.188 "alt6-mtalk.google.com": 142.250.115.188 "alt7-mtalk.google.com": 142.250.141.188 "alt8-mtalk.google.com": 142.250.152.188 dns: cache-algorithm: arc enable: true #listen: :1053 ipv6: false use-hosts: false #use-system-hosts: true respect-rules: false enhanced-mode: fake-ip fake-ip-range: 198.18.0.1/15 #prefer-h3: true default-nameserver: - 223.5.5.5 - 119.29.29.29 nameserver: - "https://223.5.5.5/dns-query#DIRECT" - "https://120.53.53.53/dns-query#DIRECT" proxy-server-nameserver: - "https://223.6.6.6/dns-query#DIRECT" - "https://1.12.12.12/dns-query#DIRECT" nameserver-policy: ? "rule-set:googlefcm_domain,epicgames_domain,microsoft_domain,\ direct,ntp_service,tracker_domain,private_domain,\ apple@cn_domain,steam@cn_domain,amazon@cn_domain,amazon@cn_cptn,cn_domain" : - 223.5.5.5 - 119.29.29.29 "rule-set:geolocation-!cn_domain": - "tls://1.1.1.1#GeoNotCN" - "tls://8.8.8.8#GeoNotCN" fake-ip-filter: ### LocalAreaNetwork ## PrivateDomain - "+.lan" - "+.local" - "+.localdomain" - "+.example" - "+.invalid" - "+.localhost" - "+.test" - "+.internal" ### Games ## Nintendo Switch - "+.srv.nintendo.net" - "*.n.n.srv.nintendo.net" ## Sony PlayStation - "*.*.stun.playstation.net" ## XBox - "xbox.*.microsoft.com" - +.xboxlive.com ### Services ## QQ SSO for quick login - localhost.sec.qq.com - localhost.ptlogin2.qq.com ## Microsoft - "+.msftncsi.com" - "+.msftconnecttest.com" proxy-groups: - { name: Default, <<: *DefaultGroup } - { name: GeoNotCN, <<: *RespectDefaultGroup } # 分隔,下面是地区分组 - { name: HK, type: select, include-all-providers: true, filter: "(?i)香港|HK|hongkong|hong kong", exclude-filter: "(?i)premium", } - { name: TW, type: select, include-all-providers: true, filter: "(?i)台湾|TW|taiwan", exclude-filter: "(?i)premium", } - { name: JP, type: select, include-all-providers: true, filter: "(?i)日本|JP|japan", exclude-filter: "(?i)premium", } - { name: SG, type: select, include-all-providers: true, filter: "(?i)新加坡|SG|singapore", exclude-filter: "(?i)premium", } - { name: US, type: select, include-all-providers: true, filter: "(?i)美国|USA|unitedstates|united states|洛杉矶", exclude-filter: "(?i)premium", } - { name: quantum, type: select, use: [quantum] } - { name: Manual, type: select, include-all-providers: true } # 分隔,下面是应用分组 - { name: Telegram, <<: *RespectDefaultGroup } - { name: AIGC, <<: *RespectDefaultGroup } - { name: Google, <<: *RespectDefaultGroup } - { name: Apple, <<: *RespectDefaultGroup } - { name: Github, <<: *RespectDefaultGroup } - { name: OneDrive, <<: *RespectDefaultGroup } - { name: Microsoft, <<: *DirectFirstGroup } - { name: Amazon, <<: *RespectDefaultGroup } - { name: Steam, <<: *RespectDefaultGroup } - { name: Epic, <<: *DirectFirstGroup } - { name: Ehentai, <<: *RespectDefaultGroup } - { name: Pixiv, <<: *RespectDefaultGroup } - { name: Twitter, <<: *RespectDefaultGroup } - { name: Facebook, <<: *RespectDefaultGroup } - { name: Spotify, <<: *RespectDefaultGroup } - { name: Twitch, <<: *RespectDefaultGroup } - { name: Reddit, <<: *RespectDefaultGroup } - { name: Discord, <<: *RespectDefaultGroup } - { name: Bilibili, <<: *DirectFirstGroup } - { name: Netflix, type: select, proxies: [SG, TW, JP, HK, US, quantum, Manual], <<: *proxyurl, } - { name: Bahamut, type: select, proxies: [TW, HK, JP, SG, US, quantum, Manual], <<: *proxyurl, } - { name: Sensites, type: select, proxies: [quantum, Manual], <<: *proxyurl } - { name: AccessOnlyJP, type: select, proxies: [JP, TW, HK, SG, US, quantum, Manual], <<: *proxyurl, } - { name: AccessNotJP, type: select, proxies: [HK, TW, SG, US, quantum, Manual], <<: *proxyurl, } - { name: Speedtest, <<: *DirectFirstGroup } - { name: GoogleFCM, <<: *DirectFirstGroup } sub-rules: QUICFlow: - DOMAIN-REGEX,(alt[1-8]-)?mtalk\.google\.com$,GoogleFCM - MATCH,REJECT rules: - SUB-RULE,(AND,((NETWORK,UDP),(DST-PORT,443))),QUICFlow #QUIC #- AND,((NETWORK,UDP),(DST-PORT,3478-3497)),REJECT # Common STUN - RULE-SET,reject,REJECT - RULE-SET,direct,DIRECT - RULE-SET,proxy,Default - RULE-SET,private_ip,DIRECT,no-resolve - RULE-SET,private_domain,DIRECT - RULE-SET,private_ptr,DIRECT - RULE-SET,ntp_service,DIRECT - RULE-SET,aigc_domain,AIGC - RULE-SET,aigc_cptn,AIGC - RULE-SET,sensites,Sensites - RULE-SET,netwroktest,Speedtest - RULE-SET,access_not_jp,AccessNotJP - RULE-SET,access_only_jp,AccessOnlyJP - RULE-SET,dmm_domain,AccessOnlyJP - RULE-SET,tracker_domain,DIRECT - RULE-SET,ehentai_domain,Ehentai - RULE-SET,pixiv_domain,Pixiv - RULE-SET,bahamut_domain,Bahamut - RULE-SET,telegram_domain,Telegram - RULE-SET,steam@cn_domain,DIRECT - RULE-SET,steam_domain,Steam - RULE-SET,epicgames_domain,Epic - RULE-SET,epicgames_cptn,Epic - RULE-SET,bilibili_domain,Bilibili - RULE-SET,netflix_domain,Netflix - RULE-SET,netflix_cptn,Netflix - RULE-SET,twitter_domain,Twitter - RULE-SET,facebook_domain,Facebook - RULE-SET,instagram_domain,Facebook - RULE-SET,threads_domain,Facebook - RULE-SET,spotify_domain,Spotify - RULE-SET,reddit_domain,Reddit - RULE-SET,twitch_domain,Twitch - RULE-SET,discord_domain,Discord - RULE-SET,googlefcm_domain,GoogleFCM - RULE-SET,google_domain,Google - RULE-SET,apple@cn_domain,DIRECT - RULE-SET,apple_domain,Apple - RULE-SET,github_domain,Github - RULE-SET,onedrive_domain,OneDrive - RULE-SET,microsoft_domain,Microsoft - RULE-SET,amazon@cn_domain,DIRECT - RULE-SET,amazon@cn_cptn,DIRECT - RULE-SET,amazon_domain,Amazon - RULE-SET,amazon_cptn,Amazon - RULE-SET,cn_domain,DIRECT - RULE-SET,geolocation-!cn_domain,GeoNotCN - RULE-SET,geolocation-!cn_cptn,GeoNotCN # IP Rules - RULE-SET,telegram_asn,Telegram,no-resolve - RULE-SET,google_asn,Google - RULE-SET,netflix_asn,Netflix - RULE-SET,twitter_asn,Twitter - RULE-SET,facebook_asn,Facebook - RULE-SET,china_asn,DIRECT #- GEOIP,CN,DIRECT #- SUB-RULE,(NETWORK,TCP),TCPFlow #- SUB-RULE,(NETWORK,UDP),UDPFlow #- NETWORK,TCP,GeoNotCN - MATCH,GeoNotCN
当我把dns配置中的use-hosts设为false,在web UI中查看mtalk.google.com连接状况时,这个域名的连接没有使用查询dns服务器的方式来获取IP,而是仍然使用hosts模式来获取IP。见下图。
use-hosts
false
mtalk.google.com
如上,这是预期状况还是use-hosts功能有bug?
[info] [TCP] 198.18.0.1:3511 -- > mtalk.google.com:5228 match RuleSet(googlefcm_domain) using GoogleFCM[DIRECT] [debug] [Rule] use default rules
use-hosts仅控制dns回应,内部resolver依旧遵守hosts
Verify steps
操作系统
Windows
系统版本
windows 11 23h2
Mihomo 版本
1.18.7
配置文件
描述
当我把dns配置中的
use-hosts
设为false
,在web UI中查看mtalk.google.com
连接状况时,这个域名的连接没有使用查询dns服务器的方式来获取IP,而是仍然使用hosts模式来获取IP。见下图。重现方式
如上,这是预期状况还是
use-hosts
功能有bug?日志