hcym
commented
3 years ago 一样的,从古至今都是上传😂
Closed adminidor closed 3 years ago
hcym
commented
3 years ago 一样的,从古至今都是上传😂
adminidor
commented
3 years ago 一样的,从古至今都是上传😂
v0.40.15-beta 这个版本正常,也非常稳定 自从加了ruby,一切都不正常了
predragking
commented
3 years ago 连订阅都读取不了了...
请问订阅在config.yaml中如何新增?
谢谢
hcym
commented
3 years ago 我的机场订阅是一键生成了,用手机下载也能正常使用,再重新设置上传路由器也正常,活见鬼泣不成声
vernesong
commented
3 years ago head head_dns head_tap 是啥信息
adminidor
commented
3 years ago 贴个日志 这是一键生成 调试日志,国内网站正常,但是出不去 OpenClash 调试日志
生成时间: 2020-11-28 23:28:26 插件版本: v0.41.05-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息
#===================== 系统信息 =====================#
主机型号: Intel(R) Celeron(R) CPU
固件版本: OpenWrt SNAPSHOT r2954-8cf4d9a64
LuCI版本: git-20.256.12360-1a54222-1
内核版本: 5.4.79
处理器架构: x86_64
#此项在使用Tun模式时应为ACCEPT
防火墙转发: ACCEPT
#此项有值时建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP:
#此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.0.1#7874
#===================== 依赖检查 =====================#
dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
jsonfilter: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
iptables-mod-tproxy: 已安装
iptables-mod-extra: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci-19.07): 已安装
#===================== 内核检查 =====================#
运行状态: 运行中
进程pid: 4141
运行权限: 4141: = cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_resource+eip
运行用户: nobody
已选择的架构: linux-amd64
#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 2020.11.23.g4474306
Tun内核文件: 存在
Tun内核运行权限: 正常
Game内核版本: v0.17.0-232-ge389e33
Game内核文件: 存在
Game内核运行权限: 正常
Dev内核版本: v1.3.0-2-g994cbff
Dev内核文件: 存在
Dev内核运行权限: 正常
#===================== 插件设置 =====================#
当前配置文件: /etc/openclash/config/config.yaml
启动配置文件: /etc/openclash/config.yaml
运行模式: fake-ip-mix
默认代理模式: rule
UDP流量转发: 停用
DNS劫持: 启用
自定义DNS: 启用
IPV6-DNS解析: 停用
禁用Dnsmasq缓存: 停用
自定义规则: 停用
仅允许内网: 停用
仅代理命中规则流量: 停用
绕过中国大陆IP: 停用
#启动异常时建议关闭此项后重试
保留配置: 停用
#启动异常时建议关闭此项后重试
第三方规则: lhie1
第三方规则策略组设置:
GlobalTV: GlobalTV
AsianTV: AsianTV
Proxy: Proxy
Apple: Apple
Netflix: Netflix
Spotify: Spotify
Steam: Steam
AdBlock: AdBlock
Netease Music:
Speedtest: Speedtest
Telegram: Telegram
Microsoft: Microsoft
PayPal: PayPal
Domestic: Domestic
Others: Others
读取的配置文件策略组:
Auto - UrlTest
Proxy
Domestic
Others
Apple
Microsoft
Netflix
Youtube
Spotify
Steam
AdBlock
AsianTV
GlobalTV
Speedtest
Telegram
PayPal
DIRECT
REJECT
#===================== 配置文件 =====================#
proxy-groups:
- name: Auto - UrlTest
type: url-test
proxies:
- 香港
rules:
- RULE-SET,Reject,AdBlock
- RULE-SET,Special,DIRECT
- RULE-SET,Netflix,Netflix
- RULE-SET,Spotify,Spotify
- RULE-SET,YouTube,Youtube
- RULE-SET,Bilibili,AsianTV
- RULE-SET,iQiyi,AsianTV
- RULE-SET,Letv,AsianTV
- RULE-SET,Netease Music,AsianTV
- RULE-SET,Tencent Video,AsianTV
- RULE-SET,Youku,AsianTV
- RULE-SET,ABC,GlobalTV
- RULE-SET,Abema TV,GlobalTV
- RULE-SET,Amazon,GlobalTV
- RULE-SET,Apple News,GlobalTV
- RULE-SET,Apple TV,GlobalTV
- RULE-SET,Bahamut,GlobalTV
- RULE-SET,BBC iPlayer,GlobalTV
- RULE-SET,DAZN,GlobalTV
- RULE-SET,Disney Plus,GlobalTV
- RULE-SET,encoreTVB,GlobalTV
- RULE-SET,Fox Now,GlobalTV
- RULE-SET,Fox+,GlobalTV
- RULE-SET,HBO,GlobalTV
- RULE-SET,Hulu Japan,GlobalTV
- RULE-SET,Hulu,GlobalTV
- RULE-SET,Japonx,GlobalTV
- RULE-SET,JOOX,GlobalTV
- RULE-SET,KKBOX,GlobalTV
- RULE-SET,KKTV,GlobalTV
- RULE-SET,Line TV,GlobalTV
- RULE-SET,myTV SUPER,GlobalTV
- RULE-SET,Pandora,GlobalTV
- RULE-SET,PBS,GlobalTV
- RULE-SET,Pornhub,GlobalTV
- RULE-SET,Soundcloud,GlobalTV
- RULE-SET,ViuTV,GlobalTV
- RULE-SET,Telegram,Telegram
- RULE-SET,Steam,Steam
- RULE-SET,Speedtest,Speedtest
- RULE-SET,PayPal,PayPal
- RULE-SET,Microsoft,Microsoft
- RULE-SET,PROXY,Proxy
- RULE-SET,Apple,Apple
- RULE-SET,Domestic,Domestic
- RULE-SET,Domestic IPs,Domestic
- IP-CIDR,198.18.0.1/16,REJECT,no-resolve
- GEOIP,CN,Domestic
- MATCH,Others
dns:
nameserver:
- 114.114.114.114
- 119.29.29.29
- 119.28.28.28
- 223.5.5.5
- https://doh.rixcloud.dev/dns-query
- tls://dns.rubyfish.cn:853
fallback:
- https://cloudflare-dns.com/dns-query
- https://dns.google/dns-query
- tls://dns.google:853
- https://1.1.1.1/dns-query
- tls://1.1.1.1:853
- tls://8.8.8.8:853
ipv6: false
enable: true
enhanced-mode: fake-ip
fake-ip-range: 198.18.0.1/16
listen: 127.0.0.1:7874
fake-ip-filter:
- "*.lan"
- time.windows.com
- time.nist.gov
- time.apple.com
- time.asia.apple.com
- "*.ntp.org.cn"
- "*.openwrt.pool.ntp.org"
- time1.cloud.tencent.com
- time.ustc.edu.cn
- pool.ntp.org
- ntp.ubuntu.com
- ntp.aliyun.com
- ntp1.aliyun.com
- ntp2.aliyun.com
- ntp3.aliyun.com
- ntp4.aliyun.com
- ntp5.aliyun.com
- ntp6.aliyun.com
- ntp7.aliyun.com
- time1.aliyun.com
- time2.aliyun.com
- time3.aliyun.com
- time4.aliyun.com
- time5.aliyun.com
- time6.aliyun.com
- time7.aliyun.com
- "*.time.edu.cn"
- time1.apple.com
- time2.apple.com
- time3.apple.com
- time4.apple.com
- time5.apple.com
- time6.apple.com
- time7.apple.com
- time1.google.com
- time2.google.com
- time3.google.com
- time4.google.com
- music.163.com
- "*.music.163.com"
- "*.126.net"
- musicapi.taihe.com
- music.taihe.com
- songsearch.kugou.com
- trackercdn.kugou.com
- "*.kuwo.cn"
- api-jooxtt.sanook.com
- api.joox.com
- joox.com
- y.qq.com
- "*.y.qq.com"
- streamoc.music.tc.qq.com
- mobileoc.music.tc.qq.com
- isure.stream.qqmusic.qq.com
- dl.stream.qqmusic.qq.com
- aqqmusic.tc.qq.com
- amobile.music.tc.qq.com
- "*.xiami.com"
- "*.music.migu.cn"
- music.migu.cn
- "*.msftconnecttest.com"
- "*.msftncsi.com"
- localhost.ptlogin2.qq.com
- "+.srv.nintendo.net"
- "+.stun.playstation.net"
- xbox.*.microsoft.com
- "+.xboxlive.com"
- proxy.golang.org
- stun.*.*
- stun.*.*.*
- heartbeat.belkin.com
- "*.linksys.com"
- "*.linksyssmartwifi.com"
fallback-filter:
geoip: true
ipcidr:
- 0.0.0.0/8
- 10.0.0.0/8
- 100.64.0.0/10
- 127.0.0.0/8
- 169.254.0.0/16
- 172.16.0.0/12
- 192.0.0.0/24
- 192.0.2.0/24
- 192.88.99.0/24
- 192.168.0.0/16
- 198.18.0.0/15
- 198.51.100.0/24
- 203.0.113.0/24
- 224.0.0.0/4
- 240.0.0.0/4
- 255.255.255.255/32
redir-port: 7892
interface-name: pppoe-wan
port: 7890
socks-port: 7891
mixed-port: 7893
mode: rule
log-level: silent
allow-lan: true
external-controller: 0.0.0.0:9090
bind-address: "*"
external-ui: "/usr/share/openclash/dashboard"
ipv6: false
tun:
enable: true
stack: system
dns-hijack:
- tcp://8.8.8.8:53
- tcp://8.8.4.4:53
rule-providers:
Reject:
type: http
behavior: classical
url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Reject.yaml
path: "./rule_provider/Reject"
interval: 86400
Special:
type: http
behavior: classical
url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Special.yaml
path: "./rule_provider/Special"
interval: 86400
.................................................
script:
code: |
def main(ctx, metadata):
port_list = [21, 22, 23, 53, 80, 123, 143, 194, 443, 465, 587, 853, 993, 995, 998, 2052, 2053, 2082, 2083, 2086, 2095, 2096, 5222, 5228, 5229, 5230, 8080, 8443, 8880, 8888, 8889]
ruleset_action = {"Reject": "AdBlock",
"Special": "DIRECT",
"Netflix": "Netflix",
"Spotify": "Spotify",
"YouTube": "Youtube",
"Bilibili": "AsianTV",
"iQiyi": "AsianTV",
"Letv": "AsianTV",
"Netease Music": "AsianTV",
"Tencent Video": "AsianTV",
"Youku": "AsianTV",
"ABC": "GlobalTV",
"Abema TV": "GlobalTV",
"Amazon": "GlobalTV",
"Apple News": "GlobalTV",
"Apple TV": "GlobalTV",
"Bahamut": "GlobalTV",
"BBC iPlayer": "GlobalTV",
"DAZN": "GlobalTV",
"Disney Plus": "GlobalTV",
"encoreTVB": "GlobalTV",
"Fox Now": "GlobalTV",
"Fox+": "GlobalTV",
"HBO": "GlobalTV",
"Hulu Japan": "GlobalTV",
"Hulu": "GlobalTV",
"Japonx": "GlobalTV",
"JOOX": "GlobalTV",
"KKBOX": "GlobalTV",
"KKTV": "GlobalTV",
"Line TV": "GlobalTV",
"myTV SUPER": "GlobalTV",
"Pandora": "GlobalTV",
"PBS": "GlobalTV",
"Pornhub": "GlobalTV",
"Soundcloud": "GlobalTV",
"ViuTV": "GlobalTV",
"Telegram": "Telegram",
"Steam": "Steam",
"Speedtest": "Speedtest",
"PayPal": "PayPal",
"Microsoft": "Microsoft",
"PROXY": "Proxy",
"Apple": "Apple",
"Domestic": "Domestic",
"Domestic IPs": "Domestic"
}
port = int(metadata["dst_port"])
if port not in port_list:
return "DIRECT"
for rule_name in ctx.rule_providers.keys():
if ctx.rule_providers[rule_name].match(metadata):
return ruleset_action[rule_name]
ip = metadata["dst_ip"] or ctx.resolve_ip(metadata["host"])
if ip == "":
return "DIRECT"
code = ctx.geoip(ip)
if code == "LAN":
return "DIRECT"
if code == "CN":
return "Domestic"
return "Others"
#===================== 防火墙设置 =====================#
#NAT chain
# Generated by iptables-save v1.8.4 on Sat Nov 28 23:28:27 2020
*nat
:PREROUTING ACCEPT [3:204]
:INPUT ACCEPT [41:2312]
:OUTPUT ACCEPT [146:9054]
:POSTROUTING ACCEPT [44:2718]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:openclash - [0:0]
:openclash_output - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -d 8.8.4.4/32 -p tcp -j ACCEPT
-A PREROUTING -d 8.8.8.8/32 -p tcp -j ACCEPT
-A PREROUTING -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -p tcp -j openclash
-A OUTPUT -j openclash_output
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_postrouting
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -p tcp -j REDIRECT --to-ports 7892
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -m multiport --dports 80,443 -j REDIRECT --to-ports 7892
-A openclash_output -d 198.18.0.0/16 -p tcp -m owner ! --uid-owner 65534 -j REDIRECT --to-ports 7892
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -m comment --comment "!fw3" -j FULLCONENAT
-A zone_wan_prerouting -j MINIUPNPD
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
-A zone_wan_prerouting -m comment --comment "!fw3" -j FULLCONENAT
COMMIT
# Completed on Sat Nov 28 23:28:27 2020
#Mangle chain
# Generated by iptables-save v1.8.4 on Sat Nov 28 23:28:27 2020
*mangle
:PREROUTING ACCEPT [1165:217698]
:INPUT ACCEPT [1135:214607]
:FORWARD ACCEPT [30:3091]
:OUTPUT ACCEPT [1433:436828]
:POSTROUTING ACCEPT [1462:439385]
:openclash - [0:0]
:openclash_dns_hijack - [0:0]
:openclash_output - [0:0]
-A PREROUTING -p udp -j openclash
-A PREROUTING -p tcp -m tcp --dport 53 -j openclash_dns_hijack
-A FORWARD -o pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A OUTPUT -j openclash_output
-A openclash -p udp -m udp --dport 500 -j RETURN
-A openclash -p udp -m udp --dport 546 -j RETURN
-A openclash -p udp -m udp --dport 68 -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -j MARK --set-xmark 0x162/0xffffffff
-A openclash_dns_hijack -d 8.8.8.8/32 -j MARK --set-xmark 0x162/0xffffffff
-A openclash_dns_hijack -d 8.8.4.4/32 -j MARK --set-xmark 0x162/0xffffffff
-A openclash_output -p udp -m udp --sport 500 -j RETURN
-A openclash_output -p udp -m udp --sport 546 -j RETURN
-A openclash_output -p udp -m udp --sport 68 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -d 198.18.0.0/16 -p udp -m owner ! --uid-owner 65534 -j MARK --set-xmark 0x162/0xffffffff
COMMIT
# Completed on Sat Nov 28 23:28:27 2020
#===================== 路由表状态 =====================#
#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 *.*.*.* 0.0.0.0 UG 0 0 0 pppoe-wan
*.*.*.* 0.0.0.0 255.255.255.255 UH 0 0 0 pppoe-wan
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
198.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 utun
#ip route list
default via *.*.*.* dev pppoe-wan proto static
*.*.*.* dev pppoe-wan proto kernel scope link src *.*.*.*
192.168.10.0/24 dev br-lan proto kernel scope link src 192.168.10.1
198.18.0.0/16 dev utun proto kernel scope link src 198.18.0.1
#ip rule show
0: from all lookup local
32765: from all fwmark 0x162 lookup 354
32766: from all lookup main
32767: from all lookup default
#===================== Tun设备状态 =====================#
utun: tun pi filter
#===================== 端口占用状态 =====================#
tcp 0 0 198.18.0.1:7777 0.0.0.0:* LISTEN 4141/clash
tcp 0 0 :::7890 :::* LISTEN 4141/clash
tcp 0 0 :::7891 :::* LISTEN 4141/clash
tcp 0 0 :::7892 :::* LISTEN 4141/clash
tcp 0 0 :::7893 :::* LISTEN 4141/clash
tcp 0 0 :::9090 :::* LISTEN 4141/clash
udp 0 0 198.18.0.1:7777 0.0.0.0:* 4141/clash
udp 0 0 127.0.0.1:7874 0.0.0.0:* 4141/clash
udp 0 0 :::55988 :::* 4141/clash
udp 0 0 :::7891 :::* 4141/clash
udp 0 0 :::7892 :::* 4141/clash
udp 0 0 :::7893 :::* 4141/clash
#===================== 测试本机DNS查询 =====================#
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: www.baidu.com
Address 1: 198.18.0.4
*** Can't find www.baidu.com: No answer
#===================== resolv.conf.d =====================#
# Interface wan
nameserver *.*.*.*
nameserver *.*.*.*
#===================== 测试本机网络连接 =====================#
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Sat, 28 Nov 2020 15:28:27 GMT
Etag: "575e1f6d-115"
Last-Modified: Mon, 13 Jun 2016 02:50:21 GMT
Pragma: no-cache
Server: bfe/1.0.8.18
#===================== 测试本机网络下载 =====================#
#===================== 最近运行日志 =====================#
time="2020-11-28T15:28:10Z" level=info msg="Start initial compatible provider Steam"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider YouTube"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Hulu Japan"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Letv"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Hulu"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider PBS"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Apple"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Pandora"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider myTV SUPER"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Domestic IPs"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Abema TV"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Disney Plus"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Netease Music"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider ABC"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Fox Now"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider ViuTV"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider BBC iPlayer"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider KKTV"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Reject"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider PROXY"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider iQiyi"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Tencent Video"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Apple News"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Special"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Bilibili"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Bahamut"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider HBO"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider PayPal"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Amazon"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Soundcloud"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Steam"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Line TV"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Telegram"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Youku"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Japonx"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider KKBOX"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Netflix"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Domestic"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Apple TV"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Fox+"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Microsoft"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider encoreTVB"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Pornhub"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Spotify"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider DAZN"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider JOOX"
time="2020-11-28T15:28:10Z" level=info msg="Start initial rule provider Speedtest"
time="2020-11-28T15:28:10Z" level=info msg="DNS server listening at: 127.0.0.1:7874"
2020-11-28 23:28:17 History:【config.yaml】 Restore Successful
2020-11-28 23:28:01 OpenClash Start Successful
补充
测试节点,全都灰色
adminidor
commented
3 years ago head head_dns head_tap 是啥信息
这个是通过订阅转换的日志,网络无任何问题
OpenClash 调试日志
生成时间: 2020-11-28 23:41:58 插件版本: v0.41.05-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息
#===================== 系统信息 =====================#
主机型号: Intel(R) Celeron(R) CPU
固件版本: OpenWrt SNAPSHOT r2954-8cf4d9a64
LuCI版本: git-20.256.12360-1a54222-1
内核版本: 5.4.79
处理器架构: x86_64
#此项在使用Tun模式时应为ACCEPT
防火墙转发: ACCEPT
#此项有值时建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP:
#此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.0.1#7874
#===================== 依赖检查 =====================#
dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
jsonfilter: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
iptables-mod-tproxy: 已安装
iptables-mod-extra: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci-19.07): 已安装
#===================== 内核检查 =====================#
运行状态: 运行中
进程pid: 23782
运行权限: 23782: = cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_resource+eip
运行用户: nobody
已选择的架构: linux-amd64
#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 2020.11.23.g4474306
Tun内核文件: 存在
Tun内核运行权限: 正常
Game内核版本: v0.17.0-232-ge389e33
Game内核文件: 存在
Game内核运行权限: 正常
Dev内核版本: v1.3.0-2-g994cbff
Dev内核文件: 存在
Dev内核运行权限: 正常
#===================== 插件设置 =====================#
当前配置文件: /etc/openclash/config/config.yaml
启动配置文件: /etc/openclash/config.yaml
运行模式: fake-ip-mix
默认代理模式: rule
UDP流量转发: 停用
DNS劫持: 启用
自定义DNS: 启用
IPV6-DNS解析: 停用
禁用Dnsmasq缓存: 停用
自定义规则: 停用
仅允许内网: 停用
仅代理命中规则流量: 停用
绕过中国大陆IP: 停用
#启动异常时建议关闭此项后重试
保留配置: 停用
#启动异常时建议关闭此项后重试
第三方规则: lhie1
第三方规则策略组设置:
GlobalTV: GlobalTV
AsianTV: AsianTV
Proxy: Proxies
Apple: Apple
Netflix: Netflix
Spotify: Spotify
Steam: Steam
AdBlock: AdBlock
Netease Music:
Speedtest: Speedtest
Telegram: Telegram
Microsoft: Microsoft
PayPal: PayPal
Domestic: Domestic
Others: Others
读取的配置文件策略组:
Proxies
Domestic
Scholar
Others
AdBlock
Apple
AsianTV
GlobalTV
Netflix
Spotify
Telegram
Steam
Speedtest
PayPal
Microsoft
Netease Music
Auto - UrlTest
DIRECT
REJECT
#===================== 配置文件 =====================#
port: 7890
socks-port: 7891
allow-lan: true
mode: rule
log-level: silent
external-controller: 0.0.0.0:9090
proxy-groups:
- name: Proxies
type: select
proxies:
- Auto - UrlTest
- DIRECT
- 香港
.........................................
rules:
- DOMAIN-SUFFIX,local,DIRECT
- IP-CIDR,192.168.0.0/16,DIRECT,no-resolve
- IP-CIDR,10.0.0.0/8,DIRECT,no-resolve
- IP-CIDR,172.16.0.0/12,DIRECT,no-resolve
- IP-CIDR,127.0.0.0/8,DIRECT,no-resolve
- IP-CIDR,100.64.0.0/10,DIRECT,no-resolve
- IP-CIDR6,::1/128,DIRECT,no-resolve
- IP-CIDR6,fc00::/7,DIRECT,no-resolve
- IP-CIDR6,fe80::/10,DIRECT,no-resolve
- IP-CIDR6,fd00::/8,DIRECT,no-resolve
- DOMAIN,scholar.google.com,Scholar
- DOMAIN-SUFFIX,acm.org,Scholar
- DOMAIN-SUFFIX,acs.org,Scholar
- DOMAIN-SUFFIX,aip.org,Scholar
- DOMAIN-SUFFIX,ams.org,Scholar
- DOMAIN-SUFFIX,annualreviews.org,Scholar
- DOMAIN-SUFFIX,aps.org,Scholar
- DOMAIN-SUFFIX,ascelibrary.org,Scholar
........................................
- DOMAIN-SUFFIX,itunes.com,Apple
- DOMAIN-SUFFIX,me.com,Apple
- IP-CIDR,17.0.0.0/8,Apple,no-resolve
- IP-CIDR,63.92.224.0/19,Apple,no-resolve
- IP-CIDR,65.199.22.0/23,Apple,no-resolve
- IP-CIDR,139.178.128.0/18,Apple,no-resolve
- IP-CIDR,144.178.0.0/19,Apple,no-resolve
- IP-CIDR,144.178.36.0/22,Apple,no-resolve
- IP-CIDR,144.178.48.0/20,Apple,no-resolve
- IP-CIDR,192.35.50.0/24,Apple,no-resolve
- IP-CIDR,198.183.17.0/24,Apple,no-resolve
- IP-CIDR,205.180.175.0/24,Apple,no-resolve
- DOMAIN-SUFFIX,apple.news,Apple
- IP-CIDR,198.18.0.1/16,REJECT,no-resolve
- GEOIP,CN,DIRECT
- MATCH,Others
dns:
nameserver:
- 114.114.114.114
- 119.29.29.29
- 119.28.28.28
- 223.5.5.5
- https://doh.rixcloud.dev/dns-query
- tls://dns.rubyfish.cn:853
fallback:
- https://cloudflare-dns.com/dns-query
- https://dns.google/dns-query
- tls://dns.google:853
- https://1.1.1.1/dns-query
- tls://1.1.1.1:853
- tls://8.8.8.8:853
ipv6: false
enable: true
enhanced-mode: fake-ip
fake-ip-range: 198.18.0.1/16
listen: 127.0.0.1:7874
fake-ip-filter:
- "*.lan"
- time.windows.com
- time.nist.gov
- time.apple.com
- time.asia.apple.com
- "*.ntp.org.cn"
- "*.openwrt.pool.ntp.org"
- time1.cloud.tencent.com
- time.ustc.edu.cn
- pool.ntp.org
- ntp.ubuntu.com
- ntp.aliyun.com
- ntp1.aliyun.com
- ntp2.aliyun.com
- ntp3.aliyun.com
- ntp4.aliyun.com
- ntp5.aliyun.com
- ntp6.aliyun.com
- ntp7.aliyun.com
- time1.aliyun.com
- time2.aliyun.com
- time3.aliyun.com
- time4.aliyun.com
- time5.aliyun.com
- time6.aliyun.com
- time7.aliyun.com
- "*.time.edu.cn"
- time1.apple.com
- time2.apple.com
- time3.apple.com
- time4.apple.com
- time5.apple.com
- time6.apple.com
- time7.apple.com
- time1.google.com
- time2.google.com
- time3.google.com
- time4.google.com
- music.163.com
- "*.music.163.com"
- "*.126.net"
- musicapi.taihe.com
- music.taihe.com
- songsearch.kugou.com
- trackercdn.kugou.com
- "*.kuwo.cn"
- api-jooxtt.sanook.com
- api.joox.com
- joox.com
- y.qq.com
- "*.y.qq.com"
- streamoc.music.tc.qq.com
- mobileoc.music.tc.qq.com
- isure.stream.qqmusic.qq.com
- dl.stream.qqmusic.qq.com
- aqqmusic.tc.qq.com
- amobile.music.tc.qq.com
- "*.xiami.com"
- "*.music.migu.cn"
- music.migu.cn
- "*.msftconnecttest.com"
- "*.msftncsi.com"
- localhost.ptlogin2.qq.com
- "+.srv.nintendo.net"
- "+.stun.playstation.net"
- xbox.*.microsoft.com
- "+.xboxlive.com"
- proxy.golang.org
- stun.*.*
- stun.*.*.*
- heartbeat.belkin.com
- "*.linksys.com"
- "*.linksyssmartwifi.com"
fallback-filter:
geoip: true
ipcidr:
- 0.0.0.0/8
- 10.0.0.0/8
- 100.64.0.0/10
- 127.0.0.0/8
- 169.254.0.0/16
- 172.16.0.0/12
- 192.0.0.0/24
- 192.0.2.0/24
- 192.88.99.0/24
- 192.168.0.0/16
- 198.18.0.0/15
- 198.51.100.0/24
- 203.0.113.0/24
- 224.0.0.0/4
- 240.0.0.0/4
- 255.255.255.255/32
redir-port: 7892
interface-name: pppoe-wan
mixed-port: 7893
bind-address: "*"
external-ui: "/usr/share/openclash/dashboard"
ipv6: false
tun:
enable: true
stack: system
dns-hijack:
- tcp://8.8.8.8:53
- tcp://8.8.4.4:53
#===================== 防火墙设置 =====================#
#NAT chain
# Generated by iptables-save v1.8.4 on Sat Nov 28 23:41:59 2020
*nat
:PREROUTING ACCEPT [74:3873]
:INPUT ACCEPT [266:15266]
:OUTPUT ACCEPT [1332:94314]
:POSTROUTING ACCEPT [391:26013]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:openclash - [0:0]
:openclash_output - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -d 8.8.4.4/32 -p tcp -j ACCEPT
-A PREROUTING -d 8.8.8.8/32 -p tcp -j ACCEPT
-A PREROUTING -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -p tcp -j openclash
-A OUTPUT -j openclash_output
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_postrouting
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -p tcp -j REDIRECT --to-ports 7892
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -m multiport --dports 80,443 -j REDIRECT --to-ports 7892
-A openclash_output -d 198.18.0.0/16 -p tcp -m owner ! --uid-owner 65534 -j REDIRECT --to-ports 7892
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -m comment --comment "!fw3" -j FULLCONENAT
-A zone_wan_prerouting -j MINIUPNPD
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
-A zone_wan_prerouting -m comment --comment "!fw3" -j FULLCONENAT
COMMIT
# Completed on Sat Nov 28 23:41:59 2020
#Mangle chain
# Generated by iptables-save v1.8.4 on Sat Nov 28 23:41:59 2020
*mangle
:PREROUTING ACCEPT [17217:8579163]
:INPUT ACCEPT [16531:8404280]
:FORWARD ACCEPT [686:174883]
:OUTPUT ACCEPT [18422:15314885]
:POSTROUTING ACCEPT [19106:15489809]
:openclash - [0:0]
:openclash_dns_hijack - [0:0]
:openclash_output - [0:0]
-A PREROUTING -p udp -j openclash
-A PREROUTING -p tcp -m tcp --dport 53 -j openclash_dns_hijack
-A FORWARD -o pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A OUTPUT -j openclash_output
-A openclash -p udp -m udp --dport 500 -j RETURN
-A openclash -p udp -m udp --dport 546 -j RETURN
-A openclash -p udp -m udp --dport 68 -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -j MARK --set-xmark 0x162/0xffffffff
-A openclash_dns_hijack -d 8.8.8.8/32 -j MARK --set-xmark 0x162/0xffffffff
-A openclash_dns_hijack -d 8.8.4.4/32 -j MARK --set-xmark 0x162/0xffffffff
-A openclash_output -p udp -m udp --sport 500 -j RETURN
-A openclash_output -p udp -m udp --sport 546 -j RETURN
-A openclash_output -p udp -m udp --sport 68 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -d 198.18.0.0/16 -p udp -m owner ! --uid-owner 65534 -j MARK --set-xmark 0x162/0xffffffff
COMMIT
# Completed on Sat Nov 28 23:41:59 2020
#===================== 路由表状态 =====================#
#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 *.*.*.* 0.0.0.0 UG 0 0 0 pppoe-wan
*.*.*.* 0.0.0.0 255.255.255.255 UH 0 0 0 pppoe-wan
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
198.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 utun
#ip route list
default via *.*.*.* dev pppoe-wan proto static
*.*.*.* dev pppoe-wan proto kernel scope link src *.*.*.*
192.168.10.0/24 dev br-lan proto kernel scope link src 192.168.10.1
198.18.0.0/16 dev utun proto kernel scope link src 198.18.0.1
#ip rule show
0: from all lookup local
32765: from all fwmark 0x162 lookup 354
32766: from all lookup main
32767: from all lookup default
#===================== Tun设备状态 =====================#
utun: tun pi filter
#===================== 端口占用状态 =====================#
tcp 0 0 198.18.0.1:7777 0.0.0.0:* LISTEN 23782/clash
tcp 0 0 :::7890 :::* LISTEN 23782/clash
tcp 0 0 :::7891 :::* LISTEN 23782/clash
tcp 0 0 :::7892 :::* LISTEN 23782/clash
tcp 0 0 :::7893 :::* LISTEN 23782/clash
tcp 0 0 :::9090 :::* LISTEN 23782/clash
udp 0 0 198.18.0.1:7777 0.0.0.0:* 23782/clash
udp 0 0 127.0.0.1:7874 0.0.0.0:* 23782/clash
udp 0 0 :::7891 :::* 23782/clash
udp 0 0 :::7892 :::* 23782/clash
udp 0 0 :::7893 :::* 23782/clash
udp 0 0 :::38700 :::* 23782/clash
#===================== 测试本机DNS查询 =====================#
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: www.baidu.com
Address 1: 198.18.0.25
*** Can't find www.baidu.com: No answer
#===================== resolv.conf.d =====================#
# Interface wan
nameserver *.*.*.*
nameserver *.*.*.*
#===================== 测试本机网络连接 =====================#
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Sat, 28 Nov 2020 15:41:59 GMT
Etag: "575e1f72-115"
Last-Modified: Mon, 13 Jun 2016 02:50:26 GMT
Pragma: no-cache
Server: bfe/1.0.8.18
#===================== 测试本机网络下载 =====================#
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 80
Cache-Control: max-age=300
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
Content-Type: text/plain; charset=utf-8
ETag: "ef2862d6c7360ec9deb7df18f067f33178e9f94f44efd4181cf7a18505f87660"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish
X-GitHub-Request-Id: 62D6:06B2:67EC:BC50:5FC263B8
Accept-Ranges: bytes
Date: Sat, 28 Nov 2020 15:42:00 GMT
X-Served-By: cache-hkg17928-HKG
X-Cache: HFM, HIT
X-Cache-Hits: 0, 1
X-Timer: S1606578120.294452,VS0,VE0
Vary: Authorization,Accept-Encoding
Access-Control-Allow-Origin: *
X-Fastly-Request-ID: 64cfe484afb3a1cdf4292f93b295c8e465e5c728
Expires: Sat, 28 Nov 2020 15:47:00 GMT
Source-Age: 248
#===================== 最近运行日志 =====================#
折腾好几天了,不知道哪的问题
vernesong
commented
3 years ago 节点一键生成后信息错了?
adminidor
commented
3 years ago 节点一键生成后信息错了?
不知道,一键生成启动正常,就是出不去
vernesong
commented
3 years ago 核对节点信息
adminidor
commented
3 years ago 核对节点信息
还真是节点问题 刚对比后发现 一键生成 缺少参数 network: ws, ws-path: /game, ws-headers: {Host: baidu.com}} 早期版本会自动添加 network: ws ws-path: /game ws-headers: Host: 163.net 添加ruby依赖后,这些参数都没了 手动添加参数,启动正常,国内外都正常
hcym
commented
3 years ago 我的不是ws,确实正常生成墙洞全规则配置,但是启动报错,手机用这个也正常,重新改的名字再上传配置到路由器再启动ok了,咄咄怪事😂
adminidor
commented
3 years ago 一键生成参数不全,导致无法出去
linyuhc001
commented
3 years ago 我也发现这个问题。节点信息里面传输协议自动变成none,如果不手动改回来的话,一应用就会少那network、path、header这三个参数
adminidor
commented
3 years ago 核对节点信息
刚刚重新拉取dev编译,问题依旧 proxies:
缺失 network: ws ws-path: "/store" ws-headers: Host: youku.com
adminidor
commented
3 years ago 核对节点信息
可以了,搞定,感谢
通过一键生成,洞主规则,启动正常,但是无法出去,国内网站没问题 节点正常,通过面板测试延迟,全灰 订阅转换节点,洞主规则,没有任何问题