Strange DNS configuration thing

[DADA30000]

Operating system

Linux

System version

NixOS unstable, Linux 6.12.1

Installation type

Original sing-box Command Line

If you are using a graphical client, please provide the version of the client.

No response

Version

1.11.0-beta.3 (also happens on 1.10.1)

Description

I have this configuration

{
  "log": {
    "level": "info"
  },
  "dns": {
    "servers": [
      {
        "tag": "dns-remote",
        "address": "local",
        "detour": "direct"
      }
    ]
  },
  "inbounds": [
    {
      "type": "tun",
      "tag": "tun-in",
      "interface_name": "tun0",
      "address": "172.19.0.1/28",
      "mtu": 9000,
      "auto_route": true,
      "stack": "system"
    }
  ],
  "outbounds": [
    {
      "type": "direct",
      "tag": "direct"
    }
  ],
  "endpoints": [
    {
      "system": true,
      "name": "wg0",
      "address": "10.8.1.3/32",
      "private_key": "nope",
      "type": "wireguard",
      "tag": "proxy",
      "peers": [
        {
          "address": "nope",
          "port": nope,
          "public_key": "nope",
          "pre_shared_key": "nope",
          "allowed_ips": [ "0.0.0.0/0", "::/0" ]
        }
      ]
    }
  ],
  "route": {
    "final": "direct",
    "auto_detect_interface": true,
    "rules": [
      {
        "action": "sniff"
      },
      {
        "process_path_regex": [
          "^.*(wget|git|electron|firefox|firefox-bin|nix|nix-index|flatpak|.flatpak-wrappe|.flatpak-wrapped|node)$"
        ],
        "outbound": "proxy"
      },
      {
        "domain_suffix": [
          "googlevideo.com",
          "youtu.be",
          "youtube.com",
          "ytimg.com",
          "ggpht.com"
        ],
        "outbound": "proxy"
      },
      {
        "port": 53,
        "process_name": [
          "anything in here, like really anything"
        ],
        "action": "hijack-dns"
      }
    ]
  }
}

and if I remove this part

{
        "port": 53,
        "process_name": [
          "anything in here, like really anything"
        ],
        "action": "hijack-dns"
      }

DNS stops working, like I can't resolve anything at all, and when I add this back, it works again, and I can't remove any part of this small snippet, if I remove that process_name part, it will also stop working, I can't find anything about this, why is this happening? This was also happening on this configuration

{
  "log": {
    "level": "info"
  },
  "dns": {
    "servers": [
      {
        "tag": "dns-remote",
        "address": "8.8.8.8",
        "detour": "proxy"
      }
    ]
  },
  "inbounds": [
    {
      "type": "tun",
      "tag": "tun-in",
      "sniff": true,
      "interface_name": "tun0",
      "inet4_address": "172.19.0.1/28",
      "mtu": 9000,
      "auto_route": true,
      "stack": "system",
      "endpoint_independent_nat": false
    }
  ],
  "outbounds": [
    {
      "type": "socks",
      "tag": "proxy",
      "udp_fragment": true,
      "server": "127.0.0.1",
      "server_port": 2080
    },
    {
      "type": "direct",
      "tag": "direct"
    },
    {
      "type": "dns",
      "tag": "dns-out"
    }
  ],
  "route": {
    "final": "direct",
    "auto_detect_interface": true,
    "rules": [
      {
        "source_ip_cidr": [
          "127.0.0.1"
        ],
        "ip_cidr": [
          "127.0.0.1"
        ],
        "outbound": "direct"
      },
      {
        "process_path_regex": [
          "^.*(wget|git|electron|firefox|firefox-bin|nix|nix-index|flatpak|.flatpak-wrappe|.flatpak-wrapped|node)$"
        ],
        "outbound": "proxy"
      },
      {
        "domain_suffix": [
          "googlevideo.com",
          "youtu.be",
          "youtube.com",
          "ytimg.com",
          "ggpht.com"
        ],
        "outbound": "proxy"
      },
      {
        "source_ip_cidr": [
          "127.0.0.1"
        ],
        "ip_cidr": [
          "127.0.0.1"
        ],
        "outbound": "direct"
      },
      {
        "port": 53,
        "process_name": [
          "anything in here, like really anything"
        ],
        "outbound": "dns-out"
      }
    ]
  }
}

Reproduction

yeet

Logs

No response

Supporter

• [ ] I am a sponsor

Integrity requirements

• [X] I confirm that I have read the documentation, understand the meaning of all the configuration items I wrote, and did not pile up seemingly useful options or default values.
• [X] I confirm that I have provided the server and client configuration files and process that can be reproduced locally, instead of a complicated client configuration file that has been stripped of sensitive data.
• [X] I confirm that I have provided the simplest configuration that can be used to reproduce the error I reported, instead of depending on remote servers, TUN, graphical interface clients, or other closed-source software.
• [X] I confirm that I have provided the complete configuration files and logs, rather than just providing parts I think are useful out of confidence in my own intelligence.

[devopg]

u have in outbounds:

    {
      "tag": "dns-out",
      "type": "dns"
    }

u should add to route.rules:

 {
        "outbound": "dns-out",
        "protocol": "dns"
      },

then u can remove this:

{
        "port": 53,
        "process_name": [
          "anything in here, like really anything"
        ],
        "action": "hijack-dns"
      }

[DADA30000]

u have in outbounds:

    {
      "tag": "dns-out",
      "type": "dns"
    }

u should add to route.rules:

 {
        "outbound": "dns-out",
        "protocol": "dns"
      },

then u can remove this:

{
        "port": 53,
        "process_name": [
          "anything in here, like really anything"
        ],
        "action": "hijack-dns"
      }

nope, that's not it, just tried this, and it still fails to resolve anything after removing that small snippet

[DADA30000]

also I should mention, that removing absolutely every rule and setting final to proxy works, and no, this is not a solution or explanation to this problem, I still need rules