zhihuiyuze
commented
3 years ago 我也一样,机场给的规则可以启动但是面板404 page not found。国外网站全部无法访问,不是dns的问题 1.1.1.1也开不了。 lhie1完全启动不了。ruby-yaml (2.6.6-1) ruby (2.6.6-1)
OpenClash 调试日志
生成时间: 2020-11-20 10:49:08 插件版本: v0.41.02-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息
#===================== 系统信息 =====================#
主机型号: QEMU Standard PC (i440FX + PIIX, 1996)
固件版本: OpenWrt 19.07.4 r11208-ce6496d796
LuCI版本: git-20.319.48994-50b7ab5-1
内核版本: 4.14.195
处理器架构: x86_64
#此项在使用Tun模式时应为ACCEPT
防火墙转发: ACCEPT
#此项有值时建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: server
#此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.0.1#7874
#===================== 依赖检查 =====================#
dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
jsonfilter: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
iptables-mod-tproxy: 已安装
iptables-mod-extra: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci-19.07): 已安装
#===================== 内核检查 =====================#
运行状态: 运行中
进程pid: 28579
运行权限: 28579: cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_resource=eip
运行用户: nobody
已选择的架构: linux-amd64
#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本:
Tun内核文件: 存在
Tun内核运行权限: 正常
Game内核版本: v0.17.0-219-g9ac38a4
Game内核文件: 存在
Game内核运行权限: 正常
Dev内核版本: v1.2.0-14-g87e4d94
Dev内核文件: 存在
Dev内核运行权限: 正常
#===================== 插件设置 =====================#
当前配置文件: /etc/openclash/config/suda.yaml
启动配置文件: /etc/openclash/suda.yaml
运行模式: redir-host
默认代理模式: rule
UDP流量转发: 启用
DNS劫持: 启用
自定义DNS: 启用
IPV6-DNS解析: 停用
禁用Dnsmasq缓存: 停用
自定义规则: 启用
仅允许内网: 停用
仅代理命中规则流量: 停用
绕过中国大陆IP: 停用
#启动异常时建议关闭此项后重试
保留配置: 启用
#启动异常时建议关闭此项后重试
第三方规则: lhie1
第三方规则策略组设置:
GlobalTV: GlobalTV
AsianTV: AsianTV
Proxy: Proxy
Apple: Apple
Netflix: Netflix
Spotify: Spotify
Steam: Steam
AdBlock: AdBlock
Netease Music:
Speedtest: Speedtest
Telegram: Telegram
Microsoft: Microsoft
PayPal: PayPal
Domestic: Domestic
Others: Others
#===================== 防火墙设置 =====================#
#NAT chain
# Generated by iptables-save v1.8.3 on Fri Nov 20 10:49:08 2020
*nat
:PREROUTING ACCEPT [106:7264]
:INPUT ACCEPT [100:6399]
:OUTPUT ACCEPT [146:10969]
:POSTROUTING ACCEPT [118:8581]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:openclash - [0:0]
:openclash_output - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -d 8.8.4.4/32 -p tcp -j REDIRECT --to-ports 7892
-A PREROUTING -d 8.8.8.8/32 -p tcp -j REDIRECT --to-ports 7892
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i 6in4-Heipv6 -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -i pppoe-WAN -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -p tcp -j openclash
-A OUTPUT -j openclash_output
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o 6in4-Heipv6 -m comment --comment "!fw3" -j zone_wan_postrouting
-A POSTROUTING -o pppoe-WAN -m comment --comment "!fw3" -j zone_wan_postrouting
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -m set --match-set wan_ac_black_ips dst -j RETURN
-A openclash -p tcp -j REDIRECT --to-ports 7892
-A openclash_output -p tcp -m tcp --sport 55247 -j RETURN
-A openclash_output -p tcp -m tcp --sport 65432 -j RETURN
-A openclash_output -p tcp -m tcp --sport 22 -j RETURN
-A openclash_output -p tcp -m tcp --sport 8006 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -m multiport --dports 80,443 -j REDIRECT --to-ports 7892
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_postrouting -s 192.168.7.0/24 -d 192.168.7.47/32 -p tcp -m tcp --dport 8006 -m comment --comment "!fw3: Web-pve (reflection)" -j SNAT --to-source 192.168.7.1
-A zone_lan_postrouting -s 192.168.7.0/24 -d 192.168.7.47/32 -p tcp -m tcp --dport 22 -m comment --comment "!fw3: Pve-ssh (reflection)" -j SNAT --to-source 192.168.7.1
-A zone_lan_postrouting -s 192.168.7.0/24 -d 192.168.7.54/32 -p tcp -m tcp --dport 5600:5699 -m comment --comment "!fw3: Neo_Chen (reflection)" -j SNAT --to-source 192.168.7.1
-A zone_lan_postrouting -s 192.168.7.0/24 -d 192.168.7.54/32 -p udp -m udp --dport 5600:5699 -m comment --comment "!fw3: Neo_Chen (reflection)" -j SNAT --to-source 192.168.7.1
-A zone_lan_postrouting -s 192.168.7.0/24 -d 192.168.7.58/32 -p tcp -m tcp --dport 65432 -m comment --comment "!fw3: v2-ui (reflection)" -j SNAT --to-source 192.168.7.1
-A zone_lan_postrouting -s 192.168.7.0/24 -d 192.168.10.108/32 -p tcp -m tcp --dport 41797:41800 -m comment --comment "!fw3: test-v2ray (reflection)" -j SNAT --to-source 192.168.7.1
-A zone_lan_postrouting -s 192.168.7.0/24 -d 192.168.10.108/32 -p udp -m udp --dport 41797:41800 -m comment --comment "!fw3: test-v2ray (reflection)" -j SNAT --to-source 192.168.7.1
-A zone_lan_postrouting -s 192.168.7.0/24 -d 192.168.10.108/32 -p tcp -m tcp --dport 55247 -m comment --comment "!fw3: MTProxy (reflection)" -j SNAT --to-source 192.168.7.1
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_lan_prerouting -s 192.168.7.0/24 -d 125.118.103.129/32 -p tcp -m tcp --dport 8006 -m comment --comment "!fw3: Web-pve (reflection)" -j DNAT --to-destination 192.168.7.47:8006
-A zone_lan_prerouting -s 192.168.7.0/24 -d 125.118.103.129/32 -p tcp -m tcp --dport 22 -m comment --comment "!fw3: Pve-ssh (reflection)" -j DNAT --to-destination 192.168.7.47:22
-A zone_lan_prerouting -s 192.168.7.0/24 -d 125.118.103.129/32 -p tcp -m tcp --dport 5600:5699 -m comment --comment "!fw3: Neo_Chen (reflection)" -j DNAT --to-destination 192.168.7.54:5600-5699
-A zone_lan_prerouting -s 192.168.7.0/24 -d 125.118.103.129/32 -p udp -m udp --dport 5600:5699 -m comment --comment "!fw3: Neo_Chen (reflection)" -j DNAT --to-destination 192.168.7.54:5600-5699
-A zone_lan_prerouting -s 192.168.7.0/24 -d 125.118.103.129/32 -p tcp -m tcp --dport 65432 -m comment --comment "!fw3: v2-ui (reflection)" -j DNAT --to-destination 192.168.7.58:65432
-A zone_lan_prerouting -s 192.168.7.0/24 -d 125.118.103.129/32 -p tcp -m tcp --dport 41797:41800 -m comment --comment "!fw3: test-v2ray (reflection)" -j DNAT --to-destination 192.168.10.108:41797-41800
-A zone_lan_prerouting -s 192.168.7.0/24 -d 125.118.103.129/32 -p udp -m udp --dport 41797:41800 -m comment --comment "!fw3: test-v2ray (reflection)" -j DNAT --to-destination 192.168.10.108:41797-41800
-A zone_lan_prerouting -s 192.168.7.0/24 -d 125.118.103.129/32 -p tcp -m tcp --dport 55247 -m comment --comment "!fw3: MTProxy (reflection)" -j DNAT --to-destination 192.168.10.108:55247
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -m comment --comment "!fw3" -j MASQUERADE
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
-A zone_wan_prerouting -p tcp -m tcp --dport 8006 -m comment --comment "!fw3: Web-pve" -j DNAT --to-destination 192.168.7.47:8006
-A zone_wan_prerouting -p tcp -m tcp --dport 22 -m comment --comment "!fw3: Pve-ssh" -j DNAT --to-destination 192.168.7.47:22
-A zone_wan_prerouting -p tcp -m tcp --dport 5600:5699 -m comment --comment "!fw3: Neo_Chen" -j DNAT --to-destination 192.168.7.54:5600-5699
-A zone_wan_prerouting -p udp -m udp --dport 5600:5699 -m comment --comment "!fw3: Neo_Chen" -j DNAT --to-destination 192.168.7.54:5600-5699
-A zone_wan_prerouting -p tcp -m tcp --dport 65432 -m comment --comment "!fw3: v2-ui" -j DNAT --to-destination 192.168.7.58:65432
-A zone_wan_prerouting -p tcp -m tcp --dport 41797:41800 -m comment --comment "!fw3: test-v2ray" -j DNAT --to-destination 192.168.10.108:41797-41800
-A zone_wan_prerouting -p udp -m udp --dport 41797:41800 -m comment --comment "!fw3: test-v2ray" -j DNAT --to-destination 192.168.10.108:41797-41800
-A zone_wan_prerouting -p tcp -m tcp --dport 55247 -m comment --comment "!fw3: MTProxy" -j DNAT --to-destination 192.168.10.108:55247
-A zone_wan_prerouting -j MINIUPNPD
-A zone_wan_prerouting -j MINIUPNPD
COMMIT
# Completed on Fri Nov 20 10:49:08 2020
#Mangle chain
# Generated by iptables-save v1.8.3 on Fri Nov 20 10:49:08 2020
*mangle
:PREROUTING ACCEPT [2201:285158]
:INPUT ACCEPT [1850:234139]
:FORWARD ACCEPT [299:25847]
:OUTPUT ACCEPT [1857:262335]
:POSTROUTING ACCEPT [2156:288182]
:openclash - [0:0]
-A PREROUTING -p udp -j openclash
-A FORWARD -o 6in4-Heipv6 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i 6in4-Heipv6 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -o pppoe-WAN -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i pppoe-WAN -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A openclash -p udp -m udp --dport 500 -j RETURN
-A openclash -p udp -m udp --dport 546 -j RETURN
-A openclash -p udp -m udp --dport 68 -j RETURN
-A openclash -p udp -m udp --dport 55247 -j RETURN
-A openclash -p udp -m udp --dport 65432 -j RETURN
-A openclash -p udp -m udp --dport 22 -j RETURN
-A openclash -p udp -m udp --dport 8006 -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -m set --match-set wan_ac_black_ips dst -j RETURN
-A openclash -p udp -m udp --dport 53 -j RETURN
-A openclash -p udp -j TPROXY --on-port 7892 --on-ip 0.0.0.0 --tproxy-mark 0x162/0xffffffff
COMMIT
# Completed on Fri Nov 20 10:49:08 2020
#===================== 路由表状态 =====================#
#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 125.118.100.1 0.0.0.0 UG 0 0 0 pppoe-WAN
125.118.100.1 0.0.0.0 255.255.255.255 UH 0 0 0 pppoe-WAN
192.168.7.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 br-VM_LAN
216.66.84.46 125.118.100.1 255.255.255.255 UGH 0 0 0 pppoe-WAN
#ip route list
default via 125.118.100.1 dev pppoe-WAN proto static
125.118.100.1 dev pppoe-WAN proto kernel scope link src 125.118.103.129
192.168.7.0/24 dev br-lan proto kernel scope link src 192.168.7.1
192.168.10.0/24 dev br-VM_LAN proto kernel scope link src 192.168.10.1
216.66.84.46 via 125.118.100.1 dev pppoe-WAN proto static
#ip rule show
0: from all lookup local
32765: from all fwmark 0x162 lookup 354
32766: from all lookup main
32767: from all lookup default
#===================== 端口占用状态 =====================#
tcp 0 0 :::7890 :::* LISTEN 28579/clash
tcp 0 0 :::7891 :::* LISTEN 28579/clash
tcp 0 0 :::9090 :::* LISTEN 28579/clash
udp 0 0 :::7891 :::* 28579/clash
#===================== 测试本机DNS查询 =====================#
#===================== resolv.conf.auto =====================#
# Interface WAN
nameserver 223.5.5.5
nameserver 114.114.114.114
nameserver 8.8.8.8
# Interface WAN_6
#===================== 测试本机网络连接 =====================#
#===================== resolv.conf.auto =====================#
# Interface WAN
nameserver 223.5.5.5
nameserver 114.114.114.114
nameserver 8.8.8.8
# Interface WAN_6
#===================== 测试本机网络连接 =====================#
#===================== 测试本机网络下载 =====================#
#===================== 测试本机网络下载 =====================#
#===================== 最近运行日志 =====================#
2020-11-20 10:47:48 Warning: Multiple Start Scripts Running, Exit...
time="2020-11-20T10:48:05Z" level=info msg="Start initial compatible provider 🎯 全球直连"
time="2020-11-20T10:48:05Z" level=info msg="Start initial compatible provider 🔰 节点选择"
time="2020-11-20T10:48:05Z" level=info msg="Start initial compatible provider 🌍 国外媒体"
time="2020-11-20T10:48:05Z" level=info msg="Start initial compatible provider 📲 电报信息"
time="2020-11-20T10:48:05Z" level=info msg="Start initial compatible provider 🛑 全球拦截"
time="2020-11-20T10:48:05Z" level=info msg="Start initial compatible provider ♻️ 自动选择"
time="2020-11-20T10:48:05Z" level=info msg="Start initial compatible provider Ⓜ️ 微软服务"
time="2020-11-20T10:48:05Z" level=info msg="Start initial compatible provider 🌏 国内媒体"
time="2020-11-20T10:48:05Z" level=info msg="Start initial compatible provider 🐟 漏网之鱼"
time="2020-11-20T10:48:05Z" level=info msg="Start initial compatible provider 🍎 苹果服务"
time="2020-11-20T10:48:05Z" level=info msg="HTTP proxy listening at: :7890"
time="2020-11-20T10:48:05Z" level=info msg="SOCKS proxy listening at: :7891"
time="2020-11-20T10:48:05Z" level=info msg="RESTful API listening at: :9090"
2020-11-20 10:47:54 Warning: OpenClash Start Successful, Please Note That Network May Abnormal With IPV6's DHCP Server
laozhang123456
JWangX
warcns
cnsunyour
安装ruby,和ruby-ymal后成功升级0.41.02版本,虽然显示已经正常启动,但实际不生效,无法访问国内国外网络,同时无法打开Yacd 控制面板。
回退到0.40.15后问题解决。使用的配置文件是https://api.dler.io/生成的,感觉像配置文件读取的问题。