启用了 fakeip 的情况下，路由存在问题

yang05051 commented 1 year ago

Welcome

[X] Yes, I'm using the latest major release. Only such installations are supported.
[X] Yes, I'm using the latest Golang release. Only such installations are supported.
[X] Yes, I've searched similar issues on GitHub and didn't find any.
[X] Yes, I've included all information below (version, FULL config, FULL log, etc).

Description of the problem

在启用了 fakeip 、并启用了路由分流的情况下，当我访问需要直连 (direct) 的域名时，会直接出现连接超时。

关闭 fakeip 、使用普通的 DNS 设置之后，就没有问题了。

Version of sing-box

``` sing-box version 1.3-beta11 Environment: go1.20.3 windows/amd64 Tags: with_gvisor,with_quic,with_wireguard,with_utls,with_reality_server,with_clash_api Revision: e02317a34851617c0eb2cb6634b4b62901aa04dc CGO: disabled ```

Client configuration file

``` { "log": { "disabled": false, "level": "debug", "output": "C:/Users/yang0/Downloads/sing-log.log", "timestamp": true }, "dns": { "servers": [ { "tag": "remote", "address": "fakeip", "strategy": "prefer_ipv6", "detour": "proxy" }, { "tag": "bypass", "address": "https://doh.pub/dns-query", "address_resolver": "remote", "strategy": "prefer_ipv6", "detour": "direct" } ], "final": "remote", "fakeip": { "enabled": true, "inet4_range": "198.18.0.0/15", "inet6_range": "fc00::/18" } }, "inbounds": [ { "type": "tun", "tag": "tun-in", "interface_name": "singbox_tun", "inet4_address": "172.19.0.1/30", "mtu": 9000, "auto_route": true, "strict_route": true, "stack": "gvisor", "sniff": true } ], "outbounds": [ { "type": "vless", "tag": "proxy", "server": "SERVER_IP", "server_port": 443, "uuid": "UUID", "flow": "xtls-rprx-vision", "packet_encoding": "xudp", "tls": { "enabled": true, "server_name": "SERVER_NAME", "insecure": false, "utls": { "enabled": true, "fingerprint": "chrome" } } }, { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" }, { "type": "dns", "tag": "dns_out" } ], "route": { "auto_detect_interface": true, "rules": [ { "outbound": "dns_out", "inbound": [ "dns_in" ] }, { "outbound": "dns_out", "protocol": [ "dns" ] }, { "outbound": "block", "network": "udp", "port": [ 135, 137, 138, 139, 5353 ] }, { "outbound": "block", "ip_cidr": [ "224.0.0.0/3", "ff00::/8" ] }, { "outbound": "block", "source_ip_cidr": [ "224.0.0.0/3", "ff00::/8" ] }, { "outbound": "dns_out", "port": [ 53 ], "process_name": [ "wv2ray.exe", "v2ray.exe", "SagerNet.exe", "v2ray.exe", "v2ray.exe", "xray.exe", "wxray.exe", "clash-windows-amd64-v3.exe", "clash-windows-amd64.exe", "clash-windows-386.exe", "clash.exe", "Clash.Meta-windows-amd64-compatible.exe", "Clash.Meta-windows-amd64.exe", "Clash.Meta-windows-386.exe", "Clash.Meta.exe", "clash.exe", "hysteria-windows-amd64.exe", "hysteria-windows-386.exe", "hysteria.exe", "naiveproxy.exe", "naive.exe", "tuic-client.exe", "tuic.exe" ] }, { "outbound": "direct", "process_name": [ "wv2ray.exe", "v2ray.exe", "SagerNet.exe", "v2ray.exe", "v2ray.exe", "xray.exe", "wxray.exe", "clash-windows-amd64-v3.exe", "clash-windows-amd64.exe", "clash-windows-386.exe", "clash.exe", "Clash.Meta-windows-amd64-compatible.exe", "Clash.Meta-windows-amd64.exe", "Clash.Meta-windows-386.exe", "Clash.Meta.exe", "clash.exe", "hysteria-windows-amd64.exe", "hysteria-windows-386.exe", "hysteria.exe", "naiveproxy.exe", "naive.exe", "tuic-client.exe", "tuic.exe", "sing-box-client.exe", "sing-box.exe" ] }, { "outbound": "block", "protocol": [ "http", "tls" ], "geosite": [ "category-ads-all" ] }, { "outbound": "proxy", "protocol": [ "http", "tls" ], "domain": [ "moecats.cn" ], "domain_suffix": [ ".moecats.cn" ] }, { "outbound": "direct", "protocol": [ "http", "tls" ], "domain": [ "163.com", "360.com", "biliapi.net", "bilibili.com", "bilivideo.com", "binance.com", "cdntips.net", "e.huawei.com", "globalcash.hk", "huaweicloud.com", "huaweiuniversity.com", "iclass30", "ipip.net", "jianyujiasu.com", "kami.vip", "kuaifaka.net", "lecloud-pc.lenovo.com", "legionzone.lenovo.com", "lenovomm.com", "lestore.lenovo.com", "mini4k.com", "qq.com", "ruanmei.com", "sandsresortsmacao.com", "um.edu.mo", "uniportal.huawei.com", "wechat.com" ], "domain_suffix": [ ".163.com", ".360.com", ".biliapi.net", ".bilibili.com", ".bilivideo.com", ".binance.com", ".cdntips.net", ".e.huawei.com", ".globalcash.hk", ".huaweicloud.com", ".huaweiuniversity.com", ".iclass30", ".ipip.net", ".jianyujiasu.com", ".kami.vip", ".kuaifaka.net", ".lecloud-pc.lenovo.com", ".legionzone.lenovo.com", ".lenovomm.com", ".lestore.lenovo.com", ".mini4k.com", ".qq.com", ".ruanmei.com", ".sandsresortsmacao.com", ".um.edu.mo", ".uniportal.huawei.com", ".wechat.com" ], "domain_keyword": [ ".cn", ".zoom.", "afdian", "baidu", "baijiayun", "bmclapi", "coolapk", "csdn", "hmcl", "huangyuhui", "iqiyi", "ithome", "jianshu", "luogu", "mfood", "spartanhost", "talk915", "tencent", "vijos", "xuedianyun", "xunlei", "yuansouti", "zhengruioi", "zoom.", "zybang" ] }, { "outbound": "direct", "protocol": [ "http", "tls" ], "geoip": [ "private" ], "ip_cidr": [ "1.0.0.1", "1.1.1.1" ] } ] }, "experimental": { "clash_api": { "external_controller": "127.0.0.1:9090", "store_selected": true } } } ```

Client log file

[sing-box_log.log](https://github.com/SagerNet/sing-box/files/11582067/sing-box_log.log)

nekohasekai commented 1 year ago

将问题发送给生成此配置的第三方程序。

yang05051 commented 1 year ago

将问题发送给生成此配置的第三方程序。

我没有使用任何的第三方程序，是直接在cmd中运行singbox内核。

ace-express commented 5 months ago

我也遇到一样的问题，如果直连的网站被返回了 fakedns，然后进入到 direct 出口，会直接去连接 fakeip，fakeip 的 443端口肯定是无法连接的。

SagerNet / sing-box