在windows系统使用TUN模式，UDP流量未用"outbounds"的第1个配置出站

chika0801 commented 1 year ago

Welcome

[X] Yes, I'm using the latest major release. Only such installations are supported.
[X] Yes, I'm using the latest Golang release. Only such installations are supported.
[X] Yes, I've searched similar issues on GitHub and didn't find any.
[X] Yes, I've included all information below (version, FULL config, FULL log, etc).

Description of the problem

windows系统，使用Tun，当出站协议使用VLESS-gRPC-REALITY时，UDP流量未命中任何"route"中的规则，没走"outbounds"的第1个出站（代理），而使用的是"outbound": "direct"

当出站协议使用SS2022-TCP时，UDP流量未命中任何"route"中的规则，走了"outbounds"的第1个出站（代理）

Version of sing-box

```console sing-box version 1.2.2 Environment: go1.20.2 linux/amd64 Tags: with_gvisor,with_quic,with_wireguard,with_utls,with_reality_server,with_clash_api Revision: 4db7eb9d9e78210523465a53b564c53cc97ae0a9 CGO: disabled ```

Server and client configuration file

VLESS-gRPC-REALITY

```console 服务端 { "log": { "level": "trace", "timestamp": true }, "inbounds": [ { "type": "vless", "tag": "vless-in", "listen": "::", "listen_port": 443, "users": [ { "uuid": "ee48f7be-6ae9-5654-9b61-8466aa8e16bc", // 执行 ./sing-box generate uuid 生成 "flow": "" // 留空 } ], "tls": { "enabled": true, "server_name": "www.lovelive-anime.jp", // 客户端可用的 serverName 列表，暂不支持 * 通配符 "reality": { "enabled": true, "handshake": { "server": "www.lovelive-anime.jp", // 目标网站最低标准：国外网站，支持 TLSv1.3、X25519 与 H2，域名非跳转用（主域名可能被用于跳转到 www） "server_port": 443 }, "private_key": "2KZ4uouMKgI8nR-LDJNP1_MHisCJOmKGj9jUjZLncVU", // 执行 ./sing-box generate reality-keypair 生成，填 "Privatekey" 的值 "short_id": [ // 客户端可用的 shortId 列表，可用于区分不同的客户端 "6ba85179e30d4fc2" // 0 到 f，长度为 2 的倍数，长度上限为 16，可留空，或执行 openssl rand -hex 8 生成 ] } }, "transport": { "type": "grpc", "service_name": "grpc" // 指定服务名称 } } ], "outbounds": [ { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" } ] } 客户端 { "log": { "level": "trace", "timestamp": true }, "dns": { "servers": [ { "tag": "global", "address": "tcp://1.1.1.1", "address_resolver": "local", "strategy": "ipv4_only", "detour": "proxy" }, { "tag": "local", "address": "223.5.5.5", "strategy": "ipv4_only", "detour": "direct" }, { "tag": "block", "address": "rcode://success" } ], "rules": [ { "geosite": [ "category-ads-all" ], "server": "block", "disable_cache": true }, { "geosite": [ "cn", "private" ], "server": "local" } ] }, "route": { "geoip": { "download_url": "https://github.com/soffchen/sing-geoip/releases/latest/download/geoip.db" }, "geosite": { "download_url": "https://github.com/soffchen/sing-geosite/releases/latest/download/geosite.db" }, "rules": [ { "protocol": "dns", "outbound": "dns-out" }, { "geosite": [ "category-ads-all" ], "outbound": "block" }, { "geosite": [ "cn", "private" ], "outbound": "direct" }, { "geoip": [ "cn", "private" ], "outbound": "direct" } ], "auto_detect_interface": true }, "inbounds": [ { "type": "tun", "tag": "tun-in", "interface_name": "tun0", "inet4_address": "172.19.0.1/30", "mtu": 9000, "auto_route": true, "strict_route": true, "endpoint_independent_nat": true, "stack": "system", "sniff": true, "sniff_override_destination": false } ], "outbounds": [ { "type": "vless", "tag": "proxy", "server": "服务端IP", "server_port": 443, "uuid": "ee48f7be-6ae9-5654-9b61-8466aa8e16bc", "flow": "", "network": "tcp", "tls": { "enabled": true, "server_name": "www.lovelive-anime.jp", "utls": { "enabled": true, "fingerprint": "chrome" }, "reality": { "enabled": true, "public_key": "Z84J2IelR9ch3k8VtlVhhs5ycBUlXA7wHBWcBrjqnAw", "short_id": "6ba85179e30d4fc2" } }, "packet_encoding": "xudp", "transport": { "type": "grpc", "service_name": "grpc", "idle_timeout": "15s", "ping_timeout": "15s" } }, { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" }, { "type": "dns", "tag": "dns-out" } ] } ```

SS2022-TCP

```console 服务端 { "log": { "level": "trace", "timestamp": true }, "inbounds": [ { "type": "shadowsocks", "tag": "shadowsocks-in", "listen": "::", "listen_port": 50001, "sniff": true, "sniff_override_destination": true, "domain_strategy": "ipv4_only", "method": "2022-blake3-aes-128-gcm", "password": "3P+xaSaFiXsrQ1KCr2Xvxg==" } ], "outbounds": [ { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" } ] } 客户端 { "log": { "level": "trace", "timestamp": true }, "dns": { "servers": [ { "tag": "global", "address": "tcp://1.1.1.1", "address_resolver": "local", "strategy": "ipv4_only", "detour": "proxy" }, { "tag": "local", "address": "223.5.5.5", "strategy": "ipv4_only", "detour": "direct" }, { "tag": "block", "address": "rcode://success" } ], "rules": [ { "geosite": [ "category-ads-all" ], "server": "block", "disable_cache": true }, { "geosite": [ "cn", "private" ], "server": "local" } ] }, "route": { "geoip": { "download_url": "https://github.com/soffchen/sing-geoip/releases/latest/download/geoip.db" }, "geosite": { "download_url": "https://github.com/soffchen/sing-geosite/releases/latest/download/geosite.db" }, "rules": [ { "protocol": "dns", "outbound": "dns-out" }, { "geosite": [ "category-ads-all" ], "outbound": "block" }, { "geosite": [ "cn", "private" ], "outbound": "direct" }, { "geoip": [ "cn", "private" ], "outbound": "direct" } ], "auto_detect_interface": true }, "inbounds": [ { "type": "tun", "tag": "tun-in", "interface_name": "tun0", "inet4_address": "172.19.0.1/30", "mtu": 9000, "auto_route": true, "strict_route": true, "endpoint_independent_nat": true, "stack": "system", "sniff": true, "sniff_override_destination": false } ], "outbounds": [ { "type": "shadowsocks", "tag": "proxy", "server": "IP", "server_port": 50001, "method": "2022-blake3-aes-128-gcm", "password": "3P+xaSaFiXsrQ1KCr2Xvxg==", "udp_over_tcp": { "enabled": false, "version": 2 } }, { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" }, { "type": "dns", "tag": "dns-out" } ] } ```

Server and client log file

VLESS-gRPC-REALITY

```console 客户端 +0800 2023-04-07 18:07:22 [36mINFO[0m [[38;5;158m463785102[0m 0ms] inbound/tun[tun-in]: inbound packet connection from 172.19.0.1:51982 +0800 2023-04-07 18:07:22 [36mINFO[0m [[38;5;158m463785102[0m 0ms] inbound/tun[tun-in]: inbound packet connection to 172.19.0.2:53 +0800 2023-04-07 18:07:22 [37mDEBUG[0m [[38;5;158m463785102[0m 0ms] router: sniffed packet protocol: dns +0800 2023-04-07 18:07:22 [37mDEBUG[0m [[38;5;158m463785102[0m 1ms] router: match[0] protocol=dns => dns-out +0800 2023-04-07 18:07:22 [37mDEBUG[0m [[38;5;158m463785102[0m 1ms] dns: exchange clients4.google.com. IN A +0800 2023-04-07 18:07:22 [37mDEBUG[0m [[38;5;225m1565572817[0m 171ms] dns: exchanged stun.l.google.com NOERROR 600 +0800 2023-04-07 18:07:22 [36mINFO[0m [[38;5;225m1565572817[0m 171ms] dns: exchanged stun.l.google.com A stun.l.google.com. 227 IN A 172.217.211.127 +0800 2023-04-07 18:07:22 [36mINFO[0m [[38;5;225m1565572817[0m 172ms] dns: exchanged stun.l.google.com. A stun.l.google.com. 227 IN A 172.217.211.127 +0800 2023-04-07 18:07:22 [36mINFO[0m [[38;5;193m3276576294[0m 0ms] inbound/tun[tun-in]: inbound packet connection from 172.19.0.1:50874 +0800 2023-04-07 18:07:22 [36mINFO[0m [[38;5;193m3276576294[0m 0ms] inbound/tun[tun-in]: inbound packet connection to 172.217.211.127:19302 +0800 2023-04-07 18:07:22 [37mDEBUG[0m [[38;5;193m3276576294[0m 0ms] router: sniffed packet protocol: stun +0800 2023-04-07 18:07:22 [36mINFO[0m [[38;5;193m3276576294[0m 0ms] outbound/direct[direct]: outbound packet connection 服务端 +0800 2023-04-07 18:07:22 INFO [429753806 0ms] inbound/vless[vless-in]: inbound connection from 客户端IP:14622 +0800 2023-04-07 18:07:22 INFO [3030518605 0ms] inbound/vless[vless-in]: [0] inbound connection to 23.42.103.10:80 +0800 2023-04-07 18:07:22 INFO [3030518605 0ms] outbound/direct[direct]: outbound connection to 23.42.103.10:80 +0800 2023-04-07 18:07:22 INFO [3008932003 0ms] inbound/vless[vless-in]: inbound connection from 客户端IP:14622 +0800 2023-04-07 18:07:22 INFO [3525863467 0ms] inbound/vless[vless-in]: [0] inbound connection to 23.42.103.186:443 +0800 2023-04-07 18:07:22 INFO [3525863467 0ms] outbound/direct[direct]: outbound connection to 23.42.103.186:443 +0800 2023-04-07 18:07:22 DEBUG [429753806 179ms] inbound/vless[vless-in]: connection closed: process connection from 客户端IP:14622: download: EOF | upload: EOF +0800 2023-04-07 18:07:22 INFO [2298132963 0ms] inbound/vless[vless-in]: inbound connection from 客户端IP:14622 +0800 2023-04-07 18:07:22 INFO [841239738 0ms] inbound/vless[vless-in]: [0] inbound connection to 64.233.188.188:5228 +0800 2023-04-07 18:07:22 INFO [841239738 0ms] outbound/direct[direct]: outbound connection to 64.233.188.188:5228 +0800 2023-04-07 18:07:22 INFO [471497278 0ms] inbound/vless[vless-in]: inbound connection from 客户端IP:14622 +0800 2023-04-07 18:07:22 INFO [76218436 0ms] inbound/vless[vless-in]: inbound connection from 客户端IP:14622 +0800 2023-04-07 18:07:22 INFO [2060849814 0ms] inbound/vless[vless-in]: [0] inbound connection to 172.65.229.194:443 +0800 2023-04-07 18:07:22 INFO [2060849814 1ms] outbound/direct[direct]: outbound connection to 172.65.229.194:443 +0800 2023-04-07 18:07:22 INFO [3413195745 0ms] inbound/vless[vless-in]: [0] inbound connection to 20.231.121.79:80 +0800 2023-04-07 18:07:22 INFO [3413195745 1ms] outbound/direct[direct]: outbound connection to 20.231.121.79:80 +0800 2023-04-07 18:07:22 INFO [274569533 0ms] inbound/vless[vless-in]: inbound connection from 客户端IP:14622 +0800 2023-04-07 18:07:22 INFO [827174959 0ms] inbound/vless[vless-in]: [0] inbound connection to 172.65.229.194:443 +0800 2023-04-07 18:07:22 INFO [827174959 0ms] outbound/direct[direct]: outbound connection to 172.65.229.194:443 +0800 2023-04-07 18:07:22 DEBUG [4016751346 2.28s] inbound/vless[vless-in]: connection closed: process connection from 客户端IP:14622: upload: EOF | download: read tcp 206.190.238.177:38438->64.233.188.188:5228: read: connection reset by peer +0800 2023-04-07 18:07:22 INFO [2037604346 0ms] inbound/vless[vless-in]: inbound connection from 客户端IP:14622 +0800 2023-04-07 18:07:22 INFO [1141652984 0ms] inbound/vless[vless-in]: [0] inbound connection to 142.250.206.238:443 +0800 2023-04-07 18:07:22 INFO [1141652984 0ms] outbound/direct[direct]: outbound connection to 142.250.206.238:443 ```

SS2022-TCP

```console 客户端 +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;224m416138192[0m 0ms] inbound/tun[tun-in]: inbound packet connection from 172.19.0.1:59855 +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;224m416138192[0m 0ms] inbound/tun[tun-in]: inbound packet connection to 172.19.0.2:53 +0800 2023-04-07 17:56:26 [37mDEBUG[0m [[38;5;224m416138192[0m 0ms] router: sniffed packet protocol: dns +0800 2023-04-07 17:56:26 [37mDEBUG[0m [[38;5;224m416138192[0m 0ms] router: match[0] protocol=dns => dns-out +0800 2023-04-07 17:56:26 [37mDEBUG[0m [[38;5;224m416138192[0m 0ms] dns: exchange stun.l.google.com. IN A +0800 2023-04-07 17:56:26 [37mDEBUG[0m [[38;5;41m426428953[0m 5.12s] dns: exchanged s.deepl.com NOERROR 600 +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;41m426428953[0m 5.12s] dns: exchanged s.deepl.com CNAME s.deepl.com. 87 IN CNAME hpkaj.deepl.com. +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;41m426428953[0m 5.12s] dns: exchanged s.deepl.com CNAME hpkaj.deepl.com. 87 IN CNAME 46a2e5c3c5a64e218b60f2c2ee76b750.pacloudflare.com. +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;41m426428953[0m 5.12s] dns: exchanged s.deepl.com A 46a2e5c3c5a64e218b60f2c2ee76b750.pacloudflare.com. 87 IN A 172.65.229.194 +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;41m426428953[0m 5.12s] dns: exchanged s.deepl.com. CNAME s.deepl.com. 87 IN CNAME hpkaj.deepl.com. +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;41m426428953[0m 5.12s] dns: exchanged s.deepl.com. CNAME hpkaj.deepl.com. 87 IN CNAME 46a2e5c3c5a64e218b60f2c2ee76b750.pacloudflare.com. +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;41m426428953[0m 5.12s] dns: exchanged s.deepl.com. A 46a2e5c3c5a64e218b60f2c2ee76b750.pacloudflare.com. 87 IN A 172.65.229.194 +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;158m346507849[0m 0ms] inbound/tun[tun-in]: inbound connection from 172.19.0.1:14436 +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;158m346507849[0m 0ms] inbound/tun[tun-in]: inbound connection to 172.65.229.194:443 +0800 2023-04-07 17:56:26 [37mDEBUG[0m [[38;5;158m346507849[0m 0ms] router: sniffed protocol: tls, domain: s.deepl.com +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;158m346507849[0m 0ms] outbound/shadowsocks[proxy]: outbound connection to 172.65.229.194:443 +0800 2023-04-07 17:56:26 [37mDEBUG[0m [[38;5;224m416138192[0m 77ms] dns: exchanged stun.l.google.com NOERROR 600 +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;224m416138192[0m 77ms] dns: exchanged stun.l.google.com A stun.l.google.com. 259 IN A 172.217.213.127 +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;224m416138192[0m 77ms] dns: exchanged stun.l.google.com. A stun.l.google.com. 259 IN A 172.217.213.127 +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;169m4147559577[0m 0ms] inbound/tun[tun-in]: inbound packet connection from 172.19.0.1:57008 +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;169m4147559577[0m 0ms] inbound/tun[tun-in]: inbound packet connection to 172.217.213.127:19302 +0800 2023-04-07 17:56:26 [37mDEBUG[0m [[38;5;169m4147559577[0m 0ms] router: sniffed packet protocol: stun +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;169m4147559577[0m 0ms] outbound/shadowsocks[proxy]: outbound packet connection to 172.217.213.127:19302 +0800 2023-04-07 17:56:26 [36mINFO[0m [[38;5;169m4147559577[0m 0ms] outbound/shadowsocks[proxy]: outbound packet connection to 172.217.213.127:19302 服务端 +0800 2023-04-07 17:56:26 INFO [1199601761 0ms] inbound/shadowsocks[shadowsocks-in]: inbound packet connection from 客户端IP:59177 +0800 2023-04-07 17:56:26 INFO [1199601761 0ms] inbound/shadowsocks[shadowsocks-in]: inbound packet connection to 172.217.213.127:19302 +0800 2023-04-07 17:56:26 DEBUG [1199601761 0ms] router: sniffed packet protocol: stun +0800 2023-04-07 17:56:26 INFO [1199601761 0ms] outbound/direct[direct]: outbound packet connection ```

Gwenhaell commented 1 year ago

删除这一项

chika0801 commented 1 year ago

删除这一项

感谢你的帮助，已解决。

SagerNet / sing-box