tproxy下使用q通过doq查询域名时失败

[hdm9527]

操作系统

Linux

系统版本

ArchLinux

安装类型

sing-box 原始命令行程序

如果您使用图形客户端程序，请提供该程序版本。

No response

版本

sing-box version 1.10.0-alpha.23

Environment: go1.22.5 linux/amd64
Tags: with_gvisor,with_quic,with_wireguard,with_utls,with_reality_server,with_clash_api,with_ech,with_acme,with_dhcp
Revision: f8e53a1c0223f388b15730db8abbeecc1b0661a4
CGO: enabled

描述

通过q测试能否通过doq查询域名错误，看日志发现没有出站链接。

dns查询

❯ q baidu.com @quic://223.5.5.5:853
FATA[0010] reading response from 223.5.5.5:853: timeout: no recent network activity 

sing-box日志

+0800 2024-07-24 22:57:37 INFO [3245378696 0ms] inbound/tproxy[tproxy-in]: inbound packet connection from 192.168.6.106:50761
+0800 2024-07-24 22:57:37 INFO [3245378696 0ms] inbound/tproxy[tproxy-in]: inbound packet connection to 223.5.5.5:853
+0800 2024-07-24 22:57:37 DEBUG [3245378696 0ms] router: sniffed packet protocol: quic, client: quic-go
+0800 2024-07-24 22:57:37 DEBUG [3245378696 0ms] router: match[7] rule_set=geoip-cn => 🎯 全球直连
+0800 2024-07-24 22:57:37 INFO [3245378696 0ms] outbound/direct[direct]: outbound packet connection
+0800 2024-07-24 22:57:52 INFO [1356005166 0ms] inbound/tproxy[tproxy-in]: inbound packet connection from 192.168.6.106:51127
+0800 2024-07-24 22:57:52 INFO [1356005166 0ms] inbound/tproxy[tproxy-in]: inbound packet connection to 192.168.6.1:53

测试了下sing-box的dns用doq查询国内域名也是失败的

+0800 2024-07-24 22:38:24 INFO [1371449496 0ms] inbound/tproxy[tproxy-in]: inbound packet connection from 192.168.6.106:37354
+0800 2024-07-24 22:38:24 INFO [1371449496 0ms] inbound/tproxy[tproxy-in]: inbound packet connection to 192.168.6.1:53
+0800 2024-07-24 22:38:24 DEBUG [1371449496 0ms] router: sniffed packet protocol: dns
+0800 2024-07-24 22:38:24 DEBUG [1371449496 0ms] router: match[0] protocol=dns || port=53 => dns-out
+0800 2024-07-24 22:38:24 DEBUG dns: exchange api.vc.bilibili.com. IN AAAA
+0800 2024-07-24 22:38:24 DEBUG dns: match[3] rule_set=geosite-geolocation-cn => alidns
+0800 2024-07-24 22:38:24 DEBUG dns: exchange api.vc.bilibili.com. IN A
+0800 2024-07-24 22:38:24 DEBUG dns: match[3] rule_set=geosite-geolocation-cn => alidns
+0800 2024-07-24 22:38:24 ERROR dns: exchange failed for api.vc.bilibili.com. IN AAAA: Application error 0x2 (remote)
+0800 2024-07-24 22:38:24 ERROR dns: exchange failed for api.vc.bilibili.com. IN A: Application error 0x2 (remote)
+0800 2024-07-24 22:38:24 ERROR dns: exchange failed for passport.bilibili.com. IN A: Application error 0x2 (remote)
+0800 2024-07-24 22:38:24 ERROR dns: exchange failed for passport.bilibili.com. IN AAAA: Application error 0x2 (remote)
+0800 2024-07-24 22:38:24 DEBUG [2159489119 20ms] inbound/tproxy[tproxy-in]: connection closed: io: read/write on closed pipe | upstream: context canceled
+0800 2024-07-24 22:38:24 DEBUG [100730766 18ms] inbound/tproxy[tproxy-in]: connection closed: io: read/write on closed pipe | upstream: context canceled
+0800 2024-07-24 22:38:24 INFO [2595387113 0ms] inbound/tproxy[tproxy-in]: inbound packet connection from 192.168.6.106:34741
+0800 2024-07-24 22:38:24 INFO [2595387113 0ms] inbound/tproxy[tproxy-in]: inbound packet connection to 192.168.6.1:53

重现方式

简化后的客户端配置

{
"log": {
"disabled": false,
"level": "debug",
"output": "box.log",
"timestamp": true
},
"dns": {
"fakeip": {
"enabled": true,
"inet4_range": "198.18.0.0/15",
"inet6_range": "fc00::/18"
},
"servers": [
{
"address": "h3://1.1.1.1/dns-query",
"detour": "🚀 节点选择",
"tag": "cloudflare"
},
{
"address": "quic://223.5.5.5",
"detour": "direct",
"tag": "alidns"
},
{ "address": "rcode://success", "tag": "block" },
{ "address": "fakeip", "tag": "fakeip" }
],
"rules": [
{ "outbound": "any", "server": "alidns" },
{ "clash_mode": "direct", "server": "alidns" },
{ "clash_mode": "global", "server": "fakeip" },
{ "rule_set": ["geosite-geolocation-cn"], "server": "alidns" },
{ "rewrite_ttl": 30, "server": "fakeip" }
],
"independent_cache": false,
"reverse_mapping": true,
"disable_expire": false,
"final": "cloudflare"
},
"route": {
"auto_detect_interface": true,
"final": "🚀 节点选择",
"rules": [
{
"type": "logical",
"mode": "or",
"rules": [{ "protocol": "dns" }, { "port": 53 }],
"outbound": "dns-out"
},
{ "clash_mode": "direct", "outbound": "🎯 全球直连" },
{ "clash_mode": "global", "outbound": "🚀 节点选择" },
{ "rule_set": "geosite-private", "outbound": "🎯 全球直连" },
{ "rule_set": "geosite-geolocation-!cn", "outbound": "🚀 节点选择" },
{ "rule_set": "geosite-geolocation-cn", "outbound": "🎯 全球直连" },
{ "rule_set": "geoip-private", "outbound": "🎯 全球直连" },
{ "rule_set": "geoip-cn", "outbound": "🎯 全球直连" }
],
"rule_set": [
{
"type": "remote",
"tag": "geosite-private",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/private.srs"
},
{
"type": "remote",
"tag": "geosite-geolocation-cn",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-cn.srs"
},
{
"type": "remote",
"tag": "geosite-geolocation-!cn",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs"
},
{
"type": "remote",
"tag": "geoip-private",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/private.srs"
},
{
"type": "remote",
"tag": "geoip-cn",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs"
}
]
},
"inbounds": [
{
"listen": "::",
"listen_port": 7893,
"tag": "tproxy-in",
"type": "tproxy",
"sniff": true,
"sniff_override_destination": false
},
{
"listen": "::",
"listen_port": 7890,
"tag": "mixed-in",
"type": "mixed",
"sniff": true,
"sniff_override_destination": false
}
],
"outbounds": [
{
"tag": "🚀 节点选择",
"type": "selector",
"outbounds": ["tuic"]
},
{
"tag": "🎯 全球直连",
"type": "selector",
"outbounds": ["direct", "🚀 节点选择"]
},
{ "tag": "direct", "type": "direct" },
{ "tag": "dns-out", "type": "dns" },
{
"password": "tuic",
"server": "a.b.c",
"server_port": 443,
"tag": "tuic",
"tls": {
"enabled": true,
"server_name": "a.b.c",
"alpn": ["h3"]
},
"type": "tuic",
"uuid": "xxxxxxxxx-4d3d-5719-8624-xxxxxxxxxxxxx",
"congestion_control": "bbr",
"udp_over_stream": true,
"zero_rtt_handshake": true,
"heartbeat": "10s"
}
],
"experimental": {
"cache_file": {
"enabled": true,
"store_fakeip": true
},
"clash_api": {
"external_controller": "127.0.0.1:9090",
"external_ui": "ui",
"external_ui_download_url": "https://github.com/MetaCubeX/metacubexd/archive/refs/heads/gh-pages.zip",
"external_ui_download_detour": "🚀 节点选择",
"secret": "",
"default_mode": "rule"
}
}
}

防火墙规则

sudo ip rule add fwmark 1 table 100 
sudo ip -6 rule add fwmark 1 table 100 
sudo ip route add local 0.0.0.0/0 dev lo table 100 
sudo ip -6 route add local ::/0 dev lo table 100  

nftables

#!/usr/bin/nft -f

flush ruleset

sing-box 的透明代理端口

define tproxy_port = 7893

常规流量标记，ip rule 中加的标记，和 ip 规则中保持一致

define default_mark = 1

table inet sing-box { set reserved_ipv4 { type ipv4_addr flags interval elements = { 10.0.0.0/8, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.168.0.0/16, 224.0.0.0/4, 240.0.0.0/4 } }

set reserved_ipv6 { type ipv6_addr flags interval elements = { ::ffff:0:0/96, 100::/64, 64:ff9b::/96, 2001::/32, 2001:10::/28, 2001:20::/28, 2001:db8::/32, 2002::/16, fc00::/7, fe80::/10, ff00::/8 } }

chain direct { meta l4proto != { tcp, udp } counter accept fib daddr type { local, broadcast, multicast, unspec } counter accept comment "本机绕过" ip daddr @reserved_ipv4 counter accept comment "保留地址绕过" ip6 daddr @reserved_ipv6 counter accept comment "保留地址绕过" }

chain prerouting { type filter hook prerouting priority mangle; policy accept; udp dport 53 tproxy to :$tproxy_port counter accept comment "DNS透明代理" jump direct meta l4proto { tcp, udp } socket transparent 1 meta mark set $default_mark counter accept comment "绕过已建立的透明代理" meta l4proto { tcp, udp } tproxy to :$tproxy_port meta mark set $default_mark counter comment "其他流量透明代理" }

chain output { type route hook output priority mangle; policy accept; socket cgroupv2 level 2 "system.slice/sing-box.service" counter accept comment "绕过sing-box发出的流量" udp dport 53 meta mark set $default_mark counter accept comment "DNS重路由" udp dport 123 counter accept comment "时间同步" jump direct meta l4proto { tcp, udp } meta mark set $default_mark counter comment "重路由" } }

### 日志

_No response_

### 支持我们

- [ ] 我已经 [赞助](https://github.com/sponsors/nekohasekai/)

### 完整性要求

- [X] 我保证阅读了文档，了解所有我编写的配置文件项的含义，而不是大量堆砌看似有用的选项或默认值。
- [X] 我保证提供了可以在本地重现该问题的服务器、客户端配置文件与流程，而不是一个脱敏的复杂客户端配置文件。
- [X] 我保证提供了可用于重现我报告的错误的最简配置，而不是依赖远程服务器、TUN、图形界面客户端或者其他闭源软件。
- [X] 我保证提供了完整的配置文件与日志，而不是出于对自身智力的自信而仅提供了部分认为有用的部分。

[nekohasekai]

尝试 alpha 24，如果问题仍然存在，请更新问题。

[hdm9527]

alpha 24使用doh也一样，日志开启了trace level也没有看到什么有用的信息

dns模块

"dns": {
"fakeip": {
"enabled": true,
"inet4_range": "198.18.0.0/15",
"inet6_range": "fc00::/18"
},
"servers": [
{
"address": "https://1.1.1.1/dns-query",
"detour": "🚀 节点选择",
"tag": "cloudflare"
},
{
"address": "https://223.5.5.5/dns-query",
"detour": "direct",
"tag": "alidns"
},
{ "address": "rcode://success", "tag": "block" },
{ "address": "fakeip", "tag": "fakeip" }
],
"rules": [
{ "outbound": "any", "server": "alidns" },
{
"disable_cache": true,
"rule_set": "geosite-category-ads-all",
"server": "block"
},
{ "domain_suffix": "mit.edu", "server": "alidns" },
{ "clash_mode": "direct", "server": "alidns" },
{ "clash_mode": "global", "server": "fakeip" },
{ "rule_set": ["geosite-geolocation-cn"], "server": "alidns" },
{ "rewrite_ttl": 30, "server": "fakeip" }
],
"independent_cache": false,
"reverse_mapping": true,
"disable_expire": false,
"final": "cloudflare"
}

入站

"inbounds": [
{
"listen": "::",
"listen_port": 7893,
"tag": "tproxy-in",
"type": "tproxy",
"udp_timeout": "10s",
"sniff": true,
"sniff_override_destination": false
},
{
"listen": "::",
"listen_port": 7890,
"tag": "mixed-in",
"type": "mixed",
"sniff": true,
"sniff_override_destination": false
}
]

使用q测试doq

❯ q baidu.com @quic://223.5.5.5:853
FATA[0010] reading response from 223.5.5.5:853: timeout: no recent network activit

+0800 2024-07-25 20:43:24 INFO [1990716565 0ms] inbound/tproxy[tproxy-in]: inbound packet connection from 192.168.6.106:56703
+0800 2024-07-25 20:43:24 INFO [1990716565 0ms] inbound/tproxy[tproxy-in]: inbound packet connection to 223.5.5.5:853
+0800 2024-07-25 20:43:24 DEBUG [1990716565 0ms] router: sniffed packet protocol: quic, client: quic-go
+0800 2024-07-25 20:43:24 DEBUG [1990716565 0ms] router: match[21] rule_set=geoip-cn => 🎯 全球直连
+0800 2024-07-25 20:43:24 INFO [1990716565 0ms] outbound/direct[direct]: outbound packet connection
+0800 2024-07-25 20:43:26 DEBUG [2970461668 10.0s] inbound/tproxy[tproxy-in]: connection closed: io: read/write on closed pipe | upstream: context canceled
+0800 2024-07-25 20:43:36 INFO [4284833959 0ms] inbound/tproxy[tproxy-in]: inbound packet connection from 192.168.6.106:36201
+0800 2024-07-25 20:43:36 INFO [4284833959 0ms] inbound/tproxy[tproxy-in]: inbound packet connection to 192.168.6.1:53
+0800 2024-07-25 20:43:36 DEBUG [4284833959 0ms] router: sniffed packet protocol: dns
+0800 2024-07-25 20:43:36 DEBUG [4284833959 0ms] router: match[0] protocol=dns || port=53 => dns-out
+0800 2024-07-25 20:43:36 DEBUG dns: exchange ping.archlinux.org. IN AAAA
+0800 2024-07-25 20:43:36 DEBUG dns: exchange ping.archlinux.org. IN A
+0800 2024-07-25 20:43:36 DEBUG dns: match[6]  => fakeip
+0800 2024-07-25 20:43:36 DEBUG dns: match[6]  => fakeip

使用kdig测试doq会提示未知客户端，超时我设置为10s，不知道为什么30s才关闭链接

❯ kdig +quic @223.5.5.5 baidu.com
;; WARNING: QUIC, failed to send
;; WARNING: can't send query to 223.5.5.5@853(QUIC)
;; ERROR: failed to query server 223.5.5.5@853(UDP)

+0800 2024-07-25 20:59:37 INFO [2155944272 0ms] inbound/tproxy[tproxy-in]: inbound packet connection from 192.168.6.106:46489
+0800 2024-07-25 20:59:37 INFO [2155944272 0ms] inbound/tproxy[tproxy-in]: inbound packet connection to 223.5.5.5:853
+0800 2024-07-25 20:59:37 DEBUG [2155944272 0ms] router: sniffed packet protocol: quic, client: unknown
+0800 2024-07-25 20:59:37 DEBUG [2155944272 0ms] router: match[21] rule_set=geoip-cn => 🎯 全球直连
+0800 2024-07-25 20:59:37 INFO [2155944272 0ms] outbound/direct[direct]: outbound packet connection
+0800 2024-07-25 21:00:07 DEBUG [2680413059 30.21s] inbound/tproxy[tproxy-in]: connection closed: download: raw-read udp4 0.0.0.0:34718: use of closed network connection | upload: io: read/write on closed pipe | upstream: context canceled
+0800 2024-07-25 21:00:12 INFO [3319835807 0ms] inbound/tproxy[tproxy-in]: inbound packet connection from 192.168.6.106:34737
+0800 2024-07-25 21:00:12 INFO [3319835807 0ms] inbound/tproxy[tproxy-in]: inbound packet connection to 223.5.5.5:853
+0800 2024-07-25 21:00:12 DEBUG [3319835807 0ms] router: sniffed packet protocol: quic, client: unknown
+0800 2024-07-25 21:00:12 DEBUG [3319835807 0ms] router: match[21] rule_set=geoip-cn => 🎯 全球直连
+0800 2024-07-25 21:00:12 INFO [3319835807 0ms] outbound/direct[direct]: outbound packet connection
+0800 2024-07-25 21:00:42 DEBUG [2067771441 30.21s] inbound/tproxy[tproxy-in]: connection closed: download: raw-read udp4 0.0.0.0:41159: use of closed network connection | upload: io: read/write on closed pipe | upstream: context canceled

[dyhkwong]

Application error 0x2 (remote) 是因为 Exchange 时未将 DNS Message ID 设为 0 导致的，与 tproxy 和 q 毫无关联。经测试 1.10.0-alpha.24 已无法复现 223.5.5.5 DoQ 无法使用的问题。如果仍认为有问题，请提供可本地复现的最简配置，而不是冗长无用的配置片段。

[hdm9527]

Application error 0x2 (remote) 是因为 Exchange 时未将 DNS Message ID 设为 0 导致的，与 tproxy 和 q 毫无关联。经测试 1.10.0-alpha.24 已无法复现 223.5.5.5 DoQ 无法使用的问题。如果仍认为有问题，请提供可本地复现的最简配置，而不是冗长无用的配置片段。

223.5.5.5 DoQ刚测试了已修复，测试油管的quic流量发现有很多关闭链接是一起出现的，不知道跟这个也没有关系，测试用的是tproxy加sing-box跑的

sing-box.log

+0800 2024-07-25 23:09:02 DEBUG [2685437551 103ms] inbound/mixed[mixed-in]: connection closed: process connection from 127.0.0.1:57162: download: use of closed network connection
+0800 2024-07-25 23:09:02 DEBUG [3099223250 101ms] inbound/mixed[mixed-in]: connection closed: process connection from 127.0.0.1:57188: download: use of closed network connection
+0800 2024-07-25 23:09:02 DEBUG [2569377589 103ms] inbound/mixed[mixed-in]: connection closed: process connection from 127.0.0.1:57176: download: use of closed network connection
+0800 2024-07-25 23:09:02 DEBUG [1518923668 103ms] inbound/mixed[mixed-in]: connection closed: process connection from 127.0.0.1:57186: download: use of closed network connection
+0800 2024-07-25 23:09:02 DEBUG [397852774 101ms] inbound/mixed[mixed-in]: connection closed: process connection from 127.0.0.1:57200: download: use of closed network connection

客户端最简配置

{
"log": {
"disabled": false,
"level": "debug",
"output": "box.log",
"timestamp": true
},
"dns": {
"servers": [
{
"address": "h3://1.1.1.1/dns-query",
"detour": "🚀 节点选择",
"tag": "cloudflare"
},
{ "address": "quic://223.5.5.5", "detour": "direct", "tag": "alidns" },
{ "address": "rcode://success", "tag": "block" }
],
"rules": [
{ "outbound": "any", "server": "alidns" },
{ "clash_mode": "direct", "server": "alidns" },
{ "clash_mode": "global", "server": "fakeip" },
{ "rule_set": ["geosite-geolocation-cn"], "server": "alidns" }
],
"independent_cache": false,
"final": "cloudflare"
},
"route": {
"auto_detect_interface": true,
"final": "🚀 节点选择",
"rules": [
{
"type": "logical",
"mode": "or",
"rules": [{ "protocol": "dns" }, { "port": 53 }],
"outbound": "dns-out"
},
{ "clash_mode": "direct", "outbound": "🎯 全球直连" },
{ "clash_mode": "global", "outbound": "🚀 节点选择" },
{ "rule_set": "geosite-geolocation-cn", "outbound": "🎯 全球直连" },
{ "rule_set": "geoip-cn", "outbound": "🎯 全球直连" }
],
"rule_set": [
{
"type": "remote",
"tag": "geosite-geolocation-cn",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-cn.srs"
},
{
"type": "remote",
"tag": "geoip-cn",
"format": "binary",
"url": "https://cdn.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs"
}
]
},
"inbounds": [
{
"listen": "::",
"listen_port": 7893,
"tag": "tproxy-in",
"type": "tproxy",
"sniff": true,
"sniff_override_destination": false
},
{
"listen": "::",
"listen_port": 7890,
"tag": "mixed-in",
"type": "mixed",
"sniff": true,
"sniff_override_destination": false
}
],
"outbounds": [
{
"tag": "🚀 节点选择",
"type": "selector",
"outbounds": ["tuic"]
},
{
"tag": "🎯 全球直连",
"type": "selector",
"outbounds": ["direct", "🚀 节点选择"]
},
{ "tag": "direct", "type": "direct" },
{ "tag": "dns-out", "type": "dns" },
{
"password": "tuic",
"server": "a.b.c",
"server_port": 443,
"tag": "tuic",
"tls": {
"enabled": true,
"server_name": "a.b.c",
"alpn": ["h3"]
},
"type": "tuic",
"uuid": "xxxxxxxxx-4d3d-5719-8624-xxxxxxxxxxxxx",
"congestion_control": "bbr",
"udp_over_stream": true,
"zero_rtt_handshake": true,
"heartbeat": "10s"
}
],
"experimental": {
"cache_file": {
"enabled": true,
"store_fakeip": true
},
"clash_api": {
"external_controller": "127.0.0.1:9090",
"external_ui": "ui",
"external_ui_download_url": "https://github.com/MetaCubeX/metacubexd/archive/refs/heads/gh-pages.zip",
"external_ui_download_detour": "🚀 节点选择",
"secret": "",
"default_mode": "rule"
}
}
}

[hdm9527]

经测试使用tun模式可以正常响应QUIC/HTTP3请求，非tun模式不能响应QUIC/HTTP3请求

tun模式日志

+0800 2024-07-27 16:09:49 INFO [3428606070 0ms] inbound/tun[0]: inbound packet connection from 172.19.0.1:56984
+0800 2024-07-27 16:09:49 INFO [3428606070 0ms] inbound/tun[0]: inbound packet connection to 223.5.5.5:853
+0800 2024-07-27 16:09:49 DEBUG [3428606070 0ms] router: sniffed packet protocol: quic, client: unknown
+0800 2024-07-27 16:09:49 DEBUG [3428606070 0ms] router: match[21] rule_set=geoip-cn => 🎯 全球直连
+0800 2024-07-27 16:09:49 INFO [3428606070 0ms] outbound/direct[direct]: outbound packet connection
+0800 2024-07-27 16:10:19 DEBUG [3428606070 30.18s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:36147: use of closed network connection | upstream: context canceled

tun模式虽然能成功响应请求，但是有很多超时链接

+0800 2024-07-27 16:03:00 DEBUG [1700895503 30.16s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:47691: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:03:08 DEBUG [332535311 30.18s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:39733: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:03:11 DEBUG [4146429797 30.17s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:55167: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:03:43 DEBUG [3106242114 33.0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:37649: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:03:51 DEBUG [3028833663 1m0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:36574: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:03:56 DEBUG [9175173 1m0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:46217: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:03:59 DEBUG [3811663286 1m0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:56102: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:05 DEBUG [3967090937 30.17s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:60908: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:13 DEBUG [437272508 30.22s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:46555: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:17 DEBUG [2084530267 1m0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:35385: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:21 DEBUG [1281604155 1m0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:51627: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:22 DEBUG [3257048231 1m0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:33592: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:24 DEBUG [3082880888 1m0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:37564: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:25 DEBUG [175990144 1m0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:54078: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:26 DEBUG [1991446459 1m0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:33701: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:27 DEBUG [820702380 1m0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:52160: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:31 DEBUG [495030085 1m0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:59251: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:31 DEBUG [25083075 30.15s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:46578: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:32 DEBUG [3945467323 1m0s] inbound/tun[0]: connection closed: upload: read udp
223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:33100: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:04:33 DEBUG [261918139 30.19s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:37647: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:05:23 DEBUG [1193191264 33.0s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:46945: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:07:05 DEBUG [4044749961 30.15s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:56134: use of closed network connection | upstream: context canceled
+0800 2024-07-27 16:10:19 DEBUG [3428606070 30.18s] inbound/tun[0]: connection closed: upload: read udp 223.5.5.5:853: i/o timeout | download: raw-read udp4 0.0.0.0:36147: use of closed network connection | upstream: context canceled

非tun模式日志

+0800 2024-07-27 15:54:54 INFO [3995576382 0ms] inbound/tproxy[tproxy-in]: inbound packet connection from 192.168.160.84:54139
+0800 2024-07-27 15:54:54 INFO [3995576382 0ms] inbound/tproxy[tproxy-in]: inbound packet connection to 223.5.5.5:853
+0800 2024-07-27 15:54:54 DEBUG [3995576382 0ms] router: sniffed packet protocol: quic, client: unknown
+0800 2024-07-27 15:54:54 DEBUG [3995576382 0ms] router: match[21] rule_set=geoip-cn => 🎯 全球直连
+0800 2024-07-27 15:54:54 INFO [3995576382 0ms] outbound/direct[direct]: outbound packet connection
+0800 2024-07-27 15:54:56 DEBUG [750591919 10.8s] inbound/tproxy[tproxy-in]: connection closed: io: read/write on closed pipe | upstream: context canceled
+0800 2024-07-27 15:55:24 DEBUG [3267124412 30.28s] inbound/tproxy[tproxy-in]: connection closed: upload: io: read/write on closed pipe | download: raw-read udp4 0.0.0.0:38455: use of closed network connection | upstream: context canceled
+0800 2024-07-27 15:55:46 INFO [3323331145 0ms] inbound/tproxy[tproxy-in]: inbound packet connection from 192.168.160.84:42862
+0800 2024-07-27 15:55:46 INFO [3323331145 0ms] inbound/tproxy[tproxy-in]: inbound packet connection to 192.168.160.98:53