Closed zw963 closed 3 years ago
下面是一个在华硕路由器上工作的版本的 V2ray 配置文件。
其基于以下策略:
本地地址
VPS 服务器地址
for local_ip in $LOCAL_IPS; do iptables -t nat -A V2RAY_TCP -d $local_ip -j RETURN done iptables -t nat -A V2RAY_TCP -d $v2ray_server_ip -j RETURN iptables -t nat -A PREROUTING -p tcp -j V2RAY_TCP iptables -t nat -A OUTPUT -p tcp -j V2RAY_TCP if modprobe xt_TPROXY &>/dev/null; then # Add any UDP rules ip rule add fwmark 1 table 100 ip route add local default dev lo table 100 iptables -t mangle -N V2RAY_UDP for local_ip in $LOCAL_IPS; do iptables -t mangle -A V2RAY_UDP -d $local_ip -j RETURN done iptables -t mangle -A V2RAY_UDP -d $v2ray_server_ip -j RETURN iptables -t mangle -A V2RAY_UDP -p udp -j TPROXY --on-port $local_v2ray_port --tproxy-mark 1 # Apply the rules iptables -t mangle -A PREROUTING -j V2RAY_UDP fi
server=/#/127.0.0.1#65053
当前工作版本的透明代理配置文件如下:
{ "log": { "loglevel": "info" }, "dns": { "hosts": { "dns.google": "8.8.4.4" }, "servers": [ "8.8.4.4", { "address": "localhost", "port": 53, "domains": [ "geosite:cn" ], "expectIPs": [ "ext:geoip-only-cn-private.dat:cn" ] } ], "disableFallback": true }, "routing": { "domainStrategy": "IPIfNonMatch", "domainMatcher": "mph", "rules": [ { "type": "field", "inboundTag": ["dns-inbound"], "outboundTag": "dns-outbound" }, { "type": "field", "ip": [ "ext:geoip-only-cn-private.dat:cn", "ext:geoip-only-cn-private.dat:private" ], "outboundTag": "direct" }, { "type": "field", "domain": [ "geosite:cn", "dl.google.com", "sourceforge.net" ], "outboundTag": "direct" }, { "type": "field", "domain": [ "services.googleapis.cn" ], "outboundTag": "proxy" }, { "type": "field", "domain": [ "geosite:category-ads" ], "outboundTag": "block" } ] }, "inbounds": [ { "protocol": "dokodemo-door", "port": 1081, // 监听端口 "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] }, "settings": { "network": "tcp,udp", "followRedirect": true } }, { "tag": "dns-inbound", "protocol": "dokodemo-door", "port": 65053, "settings": { "address": "8.8.4.4", "port": 53, "network": "tcp,udp" } }, { "protocol": "socks", // 入口协议为 SOCKS 5 "port": 1080, // 监听端口 "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] }, "settings": { "auth": "noauth" //socks的认证设置,noauth 代表不认证,由于 socks 通常在客户端使用,所以这里不认证 } }, { "protocol": "http", "port": 3128, "settings": { "timeout": 0 } } ], "outbounds": [ { "tag": "proxy", "protocol": "vmess", // 出口协议 "settings": { "vnext": [ { "address": "my_vps_ip", // 服务器地址,请修改为你自己的服务器 IP 或域名 "port": 22334, // 服务器端口 "users": [ { "id": "f2ed8521-dbf1-4249-893f-80fddc8aeb9a" // 用户 ID,必须与服务器端配置相同 } ] } ] }, "streamSettings": { "network": "quic", // 默认值是 tcp "quicSettings": { "header": { "type": "wechat-video" } }, "sockopt": { "tproxy": "redirect", "mark": 255 } } }, { "protocol": "shadowsocks", "settings": { "servers": [ { "address": "my_vps_ip", // Shadowsocks 的服务器地址 "method": "chacha20-ietf-poly1305", // Shadowsocks 的加密方式 "password": "password", // Shadowsocks 的密码 "port": 22335 } ] } }, { "tag": "dns-outbound", "protocol": "dns" }, { "tag": "direct", "protocol": "freedom", "settings": { "domainStrategy": "UseIP" }, "streamSettings": { "network": "tcp", // 这是默认值 "sockopt": { "mark": 255 } } }, { "tag": "block", "protocol": "blackhole", "settings": { "response": { "type": "http" } } } ], "policy": { "levels": { "0": { "bufferSize": 4 } } } }
然后,基于上面工作的配置文件,我做了如下修改,来尝试修改使用 fakeDNS 方案。
iptables nat/mangle 结果如下:
admin@RT-AC5300-25B0:/tmp/mnt/sda1/entware/etc# iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination VSERVER all -- anywhere localhost Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination PUPNP all -- anywhere anywhere MASQUERADE all -- !localhost anywhere MASQUERADE all -- localhost/24 localhost/24 Chain DNSFILTER (0 references) target prot opt source destination Chain LOCALSRV (0 references) target prot opt source destination Chain PCREDIRECT (0 references) target prot opt source destination Chain PUPNP (1 references) target prot opt source destination Chain VSERVER (1 references) target prot opt source destination VUPNP all -- anywhere anywhere Chain VUPNP (1 references) target prot opt source destination
admin@RT-AC5300-25B0:/tmp/mnt/sda1/entware/etc# iptables -t mangle -L Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination MARK all -- localhost/24 localhost/24 MARK xset 0x1/0x7 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination
在应用成功之后,执行 dig 会返回一个假的 ip.
╰─ $ dig @192.168.50.1 -p 65053 www.baidu.com ; <<>> DiG 9.16.21 <<>> @192.168.50.1 -p 65053 www.baidu.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61242 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.baidu.com. IN A ;; ANSWER SECTION: www.baidu.com. 600 IN A 198.18.0.0 ;; Query time: 6 msec ;; SERVER: 192.168.50.1#65053(192.168.50.1) ;; WHEN: Fri Oct 01 16:02:50 CST 2021 ;; MSG SIZE rcvd: 47
下面是部分日志:
admin@RT-AC5300-25B0:/tmp/mnt/sda1/entware/etc# v2ray -c v2ray.json V2Ray 4.42.2 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.17.1 linux/arm) A unified platform for anti-censorship. 2021/10/01 08:02:47 [Info] main/jsonem: Reading config: v2ray.json 2021/10/01 08:02:48 [Info] app/dns: DNS: created UDP client initialized for 8.8.4.4:53 2021/10/01 08:02:48 [Info] transport/internet/tcp: listening TCP on 0.0.0.0:1081 2021/10/01 08:02:48 [Info] transport/internet/udp: listening UDP on 0.0.0.0:1081 2021/10/01 08:02:48 [Info] transport/internet/tcp: listening TCP on 0.0.0.0:65053 2021/10/01 08:02:48 [Info] transport/internet/udp: listening UDP on 0.0.0.0:65053 2021/10/01 08:02:48 [Info] transport/internet/tcp: listening TCP on 0.0.0.0:1080 2021/10/01 08:02:48 [Info] transport/internet/tcp: listening TCP on 0.0.0.0:3128 2021/10/01 08:02:48 [Warning] V2Ray 4.42.2 started 2021/10/01 08:02:49 [Info] [1407570294] proxy/dokodemo: received request for 192.168.50.62:57875 2021/10/01 08:02:49 [Info] [1407570294] app/dispatcher: taking detour [dns-outbound] for [udp:139.199.215.251:123] 2021/10/01 08:02:49 [Info] [1407570294] proxy/dns: handling DNS traffic to udp:139.199.215.251:123 2021/10/01 08:02:49 192.168.50.62:57875 accepted udp:139.199.215.251:123 [dns-outbound] 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] [419282983] proxy/dokodemo: received request for 192.168.50.62:57876 2021/10/01 08:02:49 [Info] [419282983] app/dispatcher: taking detour [dns-outbound] for [udp:111.230.189.174:123] 2021/10/01 08:02:49 [Info] [419282983] proxy/dns: handling DNS traffic to udp:111.230.189.174:123 2021/10/01 08:02:49 192.168.50.62:57876 accepted udp:111.230.189.174:123 [dns-outbound] 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] [4076669477] proxy/dokodemo: received request for 192.168.50.62:57878 2021/10/01 08:02:49 [Info] [4076669477] app/dispatcher: taking detour [dns-outbound] for [udp:134.175.254.134:123] 2021/10/01 08:02:49 [Info] [4076669477] proxy/dns: handling DNS traffic to udp:134.175.254.134:123 2021/10/01 08:02:49 192.168.50.62:57878 accepted udp:134.175.254.134:123 [dns-outbound] 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] [667850171] proxy/dokodemo: received request for 192.168.50.62:57877 2021/10/01 08:02:49 [Info] [2439073475] proxy/dokodemo: received request for 192.168.50.62:57879 2021/10/01 08:02:49 [Info] [2439073475] app/dispatcher: taking detour [dns-outbound] for [udp:134.175.253.104:123] 2021/10/01 08:02:49 [Info] [2439073475] proxy/dns: handling DNS traffic to udp:134.175.253.104:123 2021/10/01 08:02:49 192.168.50.62:57879 accepted udp:134.175.253.104:123 [dns-outbound] 2021/10/01 08:02:49 [Info] [667850171] app/dispatcher: taking detour [dns-outbound] for [udp:139.199.214.202:123] 2021/10/01 08:02:49 [Info] [667850171] proxy/dns: handling DNS traffic to udp:139.199.214.202:123 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 192.168.50.62:57877 accepted udp:139.199.214.202:123 [dns-outbound] 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:49 [Info] [2316008506] proxy/dokodemo: received request for 192.168.50.87:59352 2021/10/01 08:02:49 192.168.50.87:59352 accepted udp:8.8.4.4:53 [dns-outbound] 2021/10/01 08:02:49 [Info] [2316008506] app/dispatcher: taking detour [dns-outbound] for [udp:8.8.4.4:53] 2021/10/01 08:02:49 [Info] [2316008506] proxy/dns: handling DNS traffic to udp:8.8.4.4:53 2021/10/01 08:02:49 [Info] app/dns: FakeDNS got answer: www.baidu.com -> [198.18.0.0] 2021/10/01 08:02:50 [Info] [508134362] proxy/dokodemo: received request for 192.168.50.62:57880 2021/10/01 08:02:50 [Info] [2363239389] proxy/dokodemo: received request for 192.168.50.62:57882 2021/10/01 08:02:50 [Info] [3609126110] proxy/dokodemo: received request for 192.168.50.62:57881 2021/10/01 08:02:50 [Info] [508134362] app/dispatcher: taking detour [dns-outbound] for [udp:139.199.215.251:123] 2021/10/01 08:02:50 [Info] [508134362] proxy/dns: handling DNS traffic to udp:139.199.215.251:123 2021/10/01 08:02:50 [Info] [1493418288] proxy/dokodemo: received request for 192.168.50.62:57883 2021/10/01 08:02:50 192.168.50.62:57880 accepted udp:139.199.215.251:123 [dns-outbound] 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] [676995480] proxy/dokodemo: received request for 192.168.50.62:57884 2021/10/01 08:02:50 [Info] [2363239389] app/dispatcher: taking detour [dns-outbound] for [udp:139.199.214.202:123] 2021/10/01 08:02:50 [Info] [2363239389] proxy/dns: handling DNS traffic to udp:139.199.214.202:123 2021/10/01 08:02:50 [Info] [3609126110] app/dispatcher: taking detour [dns-outbound] for [udp:111.230.189.174:123] 2021/10/01 08:02:50 [Info] [3609126110] proxy/dns: handling DNS traffic to udp:111.230.189.174:123 2021/10/01 08:02:50 [Info] [1493418288] app/dispatcher: taking detour [dns-outbound] for [udp:134.175.254.134:123] 2021/10/01 08:02:50 [Info] [1493418288] proxy/dns: handling DNS traffic to udp:134.175.254.134:123 2021/10/01 08:02:50 [Info] [676995480] app/dispatcher: taking detour [dns-outbound] for [udp:134.175.253.104:123] 2021/10/01 08:02:50 [Info] [676995480] proxy/dns: handling DNS traffic to udp:134.175.253.104:123 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 192.168.50.62:57882 accepted udp:139.199.214.202:123 [dns-outbound] 2021/10/01 08:02:50 192.168.50.62:57881 accepted udp:111.230.189.174:123 [dns-outbound] 2021/10/01 08:02:50 192.168.50.62:57883 accepted udp:134.175.254.134:123 [dns-outbound] 2021/10/01 08:02:50 192.168.50.62:57884 accepted udp:134.175.253.104:123 [dns-outbound] 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:50 [Info] [2326757384] proxy/dokodemo: received request for 192.168.50.87:54194 2021/10/01 08:02:50 [Info] [2326757384] app/dispatcher: taking detour [dns-outbound] for [tcp:43.241.76.192:443] 2021/10/01 08:02:50 [Info] [2326757384] proxy/dns: handling DNS traffic to tcp:43.241.76.192:443 2021/10/01 08:02:50 192.168.50.87:54194 accepted tcp:43.241.76.192:443 [dns-outbound] 2021/10/01 08:02:50 [Info] [2326757384] app/proxyman/outbound: failed to process outbound traffic > proxy/dns: connection ends > common/protocol/dns: message size too large: 5635 2021/10/01 08:02:50 [Info] [2326757384] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > io: read/write on closed pipe 2021/10/01 08:02:51 [Info] [1295480854] proxy/dokodemo: received request for 192.168.50.62:57872 2021/10/01 08:02:51 [Info] [1652379058] proxy/dokodemo: received request for 192.168.50.62:57873 2021/10/01 08:02:51 [Info] [1295480854] app/dispatcher: taking detour [dns-outbound] for [udp:139.199.214.202:123] 2021/10/01 08:02:51 [Info] [1295480854] proxy/dns: handling DNS traffic to udp:139.199.214.202:123 2021/10/01 08:02:51 [Info] [197347381] proxy/dokodemo: received request for 192.168.50.62:57870 2021/10/01 08:02:51 192.168.50.62:57872 accepted udp:139.199.214.202:123 [dns-outbound] 2021/10/01 08:02:51 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:51 [Info] [1316082937] proxy/dokodemo: received request for 192.168.50.62:57871 2021/10/01 08:02:51 192.168.50.62:57870 accepted udp:139.199.215.251:123 [dns-outbound] 2021/10/01 08:02:51 192.168.50.62:57871 accepted udp:111.230.189.174:123 [dns-outbound] 2021/10/01 08:02:51 [Info] [1027767618] proxy/dokodemo: received request for 192.168.50.62:57874 2021/10/01 08:02:51 [Info] [197347381] app/dispatcher: taking detour [dns-outbound] for [udp:139.199.215.251:123] 2021/10/01 08:02:51 [Info] [197347381] proxy/dns: handling DNS traffic to udp:139.199.215.251:123 2021/10/01 08:02:51 [Info] [1316082937] app/dispatcher: taking detour [dns-outbound] for [udp:111.230.189.174:123] 2021/10/01 08:02:51 [Info] [1316082937] proxy/dns: handling DNS traffic to udp:111.230.189.174:123 2021/10/01 08:02:51 [Info] [1652379058] app/dispatcher: taking detour [dns-outbound] for [udp:134.175.254.134:123] 2021/10/01 08:02:51 [Info] [1652379058] proxy/dns: handling DNS traffic to udp:134.175.254.134:123 2021/10/01 08:02:51 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:51 192.168.50.62:57873 accepted udp:134.175.254.134:123 [dns-outbound] 2021/10/01 08:02:51 192.168.50.62:57874 accepted udp:134.175.253.104:123 [dns-outbound] 2021/10/01 08:02:51 [Info] [1027767618] app/dispatcher: taking detour [dns-outbound] for [udp:134.175.253.104:123] 2021/10/01 08:02:51 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:51 [Info] [1027767618] proxy/dns: handling DNS traffic to udp:134.175.253.104:123 2021/10/01 08:02:51 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:51 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:51 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:51 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:51 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:51 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:54 [Info] proxy/dns: question > parsing/packing of this section has completed 2021/10/01 08:02:55 [Info] [841954750] proxy/dokodemo: received request for 192.168.50.87:34406 2021/10/01 08:02:55 [Info] [841954750] app/dispatcher: taking detour [dns-outbound] for [tcp:103.56.16.112:80] 2021/10/01 08:02:55 192.168.50.87:34406 accepted tcp:103.56.16.112:80 [dns-outbound] 2021/10/01 08:02:55 [Info] [841954750] proxy/dns: handling DNS traffic to tcp:103.56.16.112:80 2021/10/01 08:02:55 [Info] [841954750] app/proxyman/outbound: failed to process outbound traffic > proxy/dns: connection ends > common/protocol/dns: message size too large: 18245 2021/10/01 08:02:55 [Info] [841954750] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > io: read/write on closed pipe 2021/10/01 08:02:56 [Info] [2957369595] proxy/dokodemo: received request for 192.168.50.87:34408 2021/10/01 08:02:56 [Info] [2957369595] app/dispatcher: taking detour [dns-outbound] for [tcp:103.56.16.112:80] 2021/10/01 08:02:56 192.168.50.87:34408 accepted tcp:103.56.16.112:80 [dns-outbound] 2021/10/01 08:02:56 [Info] [2957369595] proxy/dns: handling DNS traffic to tcp:103.56.16.112:80 2021/10/01 08:02:56 [Info] [2957369595] app/proxyman/outbound: failed to process outbound traffic > proxy/dns: connection ends > common/protocol/dns: message size too large: 18245 2021/10/01 08:02:56 [Info] [2957369595] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > io: read/write on closed pipe 2021/10/01 08:02:58 [Info] [2743798183] proxy/dokodemo: received request for 192.168.50.87:34410 2021/10/01 08:02:58 [Info] [2743798183] app/dispatcher: taking detour [dns-outbound] for [tcp:103.56.16.112:80] 2021/10/01 08:02:58 [Info] [2743798183] proxy/dns: handling DNS traffic to tcp:103.56.16.112:80 2021/10/01 08:02:58 192.168.50.87:34410 accepted tcp:103.56.16.112:80 [dns-outbound] 2021/10/01 08:02:58 [Info] [2743798183] app/proxyman/outbound: failed to process outbound traffic > proxy/dns: connection ends > common/protocol/dns: message size too large: 18245 2021/10/01 08:02:58 [Info] [2743798183] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > io: read/write on closed pipe 2021/10/01 08:03:00 [Info] [609801199] proxy/dokodemo: received request for 192.168.50.87:54196 2021/10/01 08:03:00 [Info] [609801199] app/dispatcher: taking detour [dns-outbound] for [tcp:43.241.76.192:443] 2021/10/01 08:03:00 [Info] [609801199] proxy/dns: handling DNS traffic to tcp:43.241.76.192:443 2021/10/01 08:03:00 192.168.50.87:54196 accepted tcp:43.241.76.192:443 [dns-outbound] 2021/10/01 08:03:00 [Info] [609801199] app/proxyman/outbound: failed to process outbound traffic > proxy/dns: connection ends > common/protocol/dns: message size too large: 5635 2021/10/01 08:03:00 [Info] [609801199] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > io: read/write on closed pipe
我切换到 tproxy 模式了,在这个模式下是工作的。
zw963
commented
3 years ago zw963
commented
3 years ago
下面是一个在华硕路由器上工作的版本的 V2ray 配置文件。
其基于以下策略:
本地地址以及VPS 服务器地址之外的所有 TCP 流量转发到 1081当前工作版本的透明代理配置文件如下:
然后,基于上面工作的配置文件,我做了如下修改,来尝试修改使用 fakeDNS 方案。
iptables nat/mangle 结果如下:
在应用成功之后,执行 dig 会返回一个假的 ip.
下面是部分日志: