Closed bleeee closed 3 years ago
报错不支持udp转发 level=warning msg="Failed to start Redir UDP Listener: operation not permitted"
OpenClash 调试日志
生成时间: 2020-12-06 10:19:05 插件版本: v0.41.06-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息
#===================== 系统信息 =====================# 主机型号: VMware, Inc. VMware7,1 固件版本: Openwrt Koolshare mod V2.36 r14941-67f6fa0a30 LuCI版本: git-20.074.84698-ead5e81 内核版本: 5.4.52 处理器架构: x86_64 #此项在使用Tun模式时应为ACCEPT 防火墙转发: ACCEPT #此项有值时建议到网络-接口-lan的设置中禁用IPV6的DHCP IPV6-DHCP: #此项结果应仅有配置文件的DNS监听地址 Dnsmasq转发设置: 127.0.0.1#7874 #===================== 依赖检查 =====================# dnsmasq-full: 已安装 coreutils: 已安装 coreutils-nohup: 已安装 bash: 已安装 curl: 已安装 jsonfilter: 已安装 ca-certificates: 已安装 ipset: 已安装 ip-full: 已安装 iptables-mod-tproxy: 已安装 iptables-mod-extra: 已安装 libcap: 已安装 libcap-bin: 已安装 ruby: 已安装 ruby-yaml: 已安装 kmod-tun(TUN模式): 已安装 luci-compat(Luci-19.07): 已安装 #===================== 内核检查 =====================# 运行状态: 运行中 进程pid: 24868 运行权限: 24868: cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_resource=i 运行用户: nobody 已选择的架构: linux-amd64 #下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限 Tun内核版本: 2020.11.23.g4474306 Tun内核文件: 存在 Tun内核运行权限: 正常 Game内核版本: v0.17.0-232-ge389e33 Game内核文件: 存在 Game内核运行权限: 正常 Dev内核版本: v1.3.0-2-g994cbff Dev内核文件: 存在 Dev内核运行权限: 正常 #===================== 插件设置 =====================# 当前配置文件: /etc/openclash/config/Nexitally.yaml 启动配置文件: /etc/openclash/Nexitally.yaml 运行模式: redir-host 默认代理模式: rule UDP流量转发: 启用 DNS劫持: 启用 自定义DNS: 启用 IPV6-DNS解析: 启用 禁用Dnsmasq缓存: 启用 自定义规则: 启用 仅允许内网: 启用 仅代理命中规则流量: 停用 绕过中国大陆IP: 停用 #启动异常时建议关闭此项后重试 保留配置: 启用 #启动异常时建议关闭此项后重试 第三方规则: lhie1 第三方规则策略组设置: GlobalTV: hk AsianTV: DIRECT Proxy: hk Apple: hk Netflix: hk Spotify: hk Steam: hk AdBlock: DIRECT Netease Music: Speedtest: hk Telegram: hk Microsoft: hk PayPal: hk Domestic: DIRECT Others: hk 读取的配置文件策略组: EMER other us hk jp ge uk ir kr tw in sg DIRECT REJECT #===================== 自定义规则 一 =====================# #google wifi test - DOMAIN,safebrowsing.googleapis.com,hk - DOMAIN-SUFFIX,dl.google.com,hk - DOMAIN-SUFFIX,gstatic.com,hk #synology ipv6 ddns - DOMAIN,checkipv6.synology.com,DIRECT #china dns server tencent video relevent - IP-CIDR,119.28.28.28/32,DIRECT - IP-CIDR,119.29.29.29/32,DIRECT #- DOMAIN,steampipe.akamaized.net,DIRECT - DOMAIN,dns.alidns.com,DIRECT - DST-PORT,853,DIRECT - IP-CIDR,233.6.6.6/32,DIRECT - IP-CIDR,233.5.5.5/32,DIRECT - DOMAIN,doh.pub,DIRECT - DOMAIN,dns.pub,DIRECT - DOMAIN,doh.360.cn,DIRECT - DOMAIN,dns.cfiec.net,DIRECT - DOMAIN,dns.rubyfish.cn,DIRECT - IP-CIDR,8.8.8.8/32,DIRECT - IP-CIDR,1.1.1.1/32,DIRECT - IP-CIDR,8.8.4.4/32,DIRECT - DOMAIN,doh.rixcloud.dev,DIRECT - IP-CIDR,182.254.118.118/32,DIRECT - IP-CIDR,182.254.116.116/32,DIRECT #plex.tv - DOMAIN-SUFFIX,plex.tv,DIRECT # > Hulu(フールー) override - DOMAIN-SUFFIX,happyon.jp,jp - DOMAIN-SUFFIX,hulu.jp,jp # > Hulu override - DOMAIN-SUFFIX,hulu.com,us - DOMAIN-SUFFIX,huluim.com,us - DOMAIN-SUFFIX,hulustream.com,us #ubisoft - DOMAIN-SUFFIX,ubi.com,hk - DOMAIN-SUFFIX,ubisoft.com,hk #tencent video (dns up there) #- IP-CIDR,203.205.219.0/24,DIRECT #- IP-CIDR,203.205.255.0/24,DIRECT #- IP-CIDR,182.254.118.0/24,DIRECT # > Private Tracker - DOMAIN-SUFFIX,awesome-hd.me,hk - DOMAIN-SUFFIX,broadcasthe.net,hk - DOMAIN-SUFFIX,chdbits.co,hk - DOMAIN-SUFFIX,classix-unlimited.co.uk,hk - DOMAIN-SUFFIX,empornium.me,hk - DOMAIN-SUFFIX,gazellegames.net,hk - DOMAIN-SUFFIX,hdchina.org,hk - DOMAIN-SUFFIX,hdsky.me,hk - DOMAIN-SUFFIX,icetorrent.org,hk - DOMAIN-SUFFIX,jpopsuki.eu,hk - DOMAIN-SUFFIX,keepfrds.com,hk - DOMAIN-SUFFIX,madsrevolution.net,hk - DOMAIN-SUFFIX,m-team.cc,hk - DOMAIN-SUFFIX,nanyangpt.com,hk - DOMAIN-SUFFIX,ncore.cc,hk - DOMAIN-SUFFIX,open.cd,hk - DOMAIN-SUFFIX,ourbits.club,hk - DOMAIN-SUFFIX,passthepopcorn.me,hk - DOMAIN-SUFFIX,privatehd.to,hk - DOMAIN-SUFFIX,redacted.ch,hk - DOMAIN-SUFFIX,springsunday.net,hk - DOMAIN-SUFFIX,tjupt.org,hk - DOMAIN-SUFFIX,totheglory.im,hk # certain google - DOMAIN,mobile-gtalk.l.google.com,us - DOMAIN,mtalk.google.com,us #fast - DOMAIN-SUFFIX,fast.com,hk #netflix-amazon - IP-CIDR,52.93.178.234/32,hk - IP-CIDR,52.94.76.0/22,hk - IP-CIDR,13.34.24.160/27,hk - IP-CIDR,52.93.240.164/31,hk - IP-CIDR,52.93.178.219/32,hk - IP-CIDR,150.222.199.0/25,hk - IP-CIDR,52.93.34.56/32,hk - IP-CIDR,52.93.178.152/32,hk - IP-CIDR,52.93.178.205/32,hk - IP-CIDR,52.119.252.0/22,hk - IP-CIDR,54.148.0.0/15,hk - IP-CIDR,99.77.130.0/24,hk - IP-CIDR,52.93.178.136/32,hk - IP-CIDR,99.77.132.0/24,hk - IP-CIDR,52.93.178.138/32,hk - IP-CIDR,54.239.48.0/22,hk - IP-CIDR,52.93.14.18/32,hk - IP-CIDR,52.144.197.192/26,hk - IP-CIDR,15.193.7.0/24,hk - IP-CIDR,52.93.178.134/32,hk - IP-CIDR,52.93.240.160/31,hk - IP-CIDR,52.93.178.183/32,hk - IP-CIDR,52.93.120.178/32,hk - IP-CIDR,52.93.178.161/32,hk - IP-CIDR,52.94.12.0/24,hk - IP-CIDR,15.230.36.0/23,hk - IP-CIDR,18.236.0.0/15,hk - IP-CIDR,52.94.249.80/28,hk - IP-CIDR,54.240.198.0/24,hk - IP-CIDR,13.34.23.224/27,hk - IP-CIDR,52.93.178.231/32,hk - IP-CIDR,54.200.0.0/15,hk - IP-CIDR,52.93.178.187/32,hk - IP-CIDR,52.119.176.0/21,hk - IP-CIDR,52.93.240.148/31,hk - IP-CIDR,64.252.72.0/24,hk - IP-CIDR,54.239.0.16/28,hk - IP-CIDR,13.34.24.96/27,hk - IP-CIDR,52.93.20.0/24,hk - IP-CIDR,204.236.128.0/18,hk - IP-CIDR,52.94.249.64/28,hk - IP-CIDR,52.93.178.166/32,hk - IP-CIDR,52.144.205.0/26,hk - IP-CIDR,13.34.25.96/27,hk - IP-CIDR,99.82.172.0/24,hk - IP-CIDR,70.224.192.0/18,hk - IP-CIDR,52.93.178.206/32,hk - IP-CIDR,52.93.178.230/32,hk - IP-CIDR,52.93.37.222/32,hk - IP-CIDR,52.93.178.220/32,hk - IP-CIDR,150.222.218.0/24,hk - IP-CIDR,52.93.178.215/32,hk - IP-CIDR,52.93.178.182/32,hk - IP-CIDR,54.219.0.0/16,hk - IP-CIDR,52.93.178.147/32,hk - IP-CIDR,52.93.178.179/32,hk - IP-CIDR,52.93.178.170/32,hk - IP-CIDR,52.93.178.223/32,hk - IP-CIDR,54.240.212.0/22,hk - IP-CIDR,54.245.0.0/16,hk - IP-CIDR,150.222.176.0/22,hk - IP-CIDR,99.77.152.0/24,hk - IP-CIDR,54.240.248.0/21,hk - IP-CIDR,69.107.6.120/29,hk - IP-CIDR,52.93.178.130/32,hk - IP-CIDR,52.93.178.157/32,hk - IP-CIDR,52.93.178.168/32,hk - IP-CIDR,13.56.0.0/16,hk - IP-CIDR,52.93.178.185/32,hk - IP-CIDR,52.93.240.154/31,hk - IP-CIDR,35.160.0.0/13,hk - IP-CIDR,54.67.0.0/16,hk - IP-CIDR,150.222.101.0/24,hk - IP-CIDR,52.93.178.209/32,hk - IP-CIDR,52.93.178.143/32,hk - IP-CIDR,150.222.213.40/32,hk - IP-CIDR,52.93.178.137/32,hk - IP-CIDR,52.94.208.0/21,hk - IP-CIDR,54.68.0.0/14,hk - IP-CIDR,54.212.0.0/15,hk - IP-CIDR,52.93.240.150/31,hk - IP-CIDR,52.144.194.192/26,hk - IP-CIDR,54.183.0.0/16,hk - IP-CIDR,18.144.0.0/15,hk - IP-CIDR,52.93.178.213/32,hk - IP-CIDR,150.222.234.0/24,hk - IP-CIDR,52.93.12.12/32,hk - IP-CIDR,52.95.230.0/24,hk - IP-CIDR,150.222.106.0/24,hk - IP-CIDR,99.77.253.0/24,hk - IP-CIDR,13.34.25.64/27,hk - IP-CIDR,52.93.178.194/32,hk - IP-CIDR,52.93.178.210/32,hk - IP-CIDR,52.93.178.184/32,hk - IP-CIDR,52.93.178.159/32,hk - IP-CIDR,52.93.178.189/32,hk - IP-CIDR,52.12.0.0/15,hk - IP-CIDR,52.93.178.181/32,hk - IP-CIDR,205.251.232.0/22,hk - IP-CIDR,52.75.0.0/16,hk - IP-CIDR,54.218.0.0/16,hk - IP-CIDR,176.32.112.0/21,hk - IP-CIDR,52.94.120.0/22,hk - IP-CIDR,52.93.178.192/32,hk - IP-CIDR,52.94.10.0/24,hk - IP-CIDR,52.93.178.195/32,hk - IP-CIDR,52.93.178.222/32,hk - IP-CIDR,54.244.0.0/16,hk - IP-CIDR,52.95.42.0/24,hk - IP-CIDR,52.93.178.133/32,hk - IP-CIDR,52.93.178.224/32,hk - IP-CIDR,52.93.240.152/31,hk - IP-CIDR,44.224.0.0/11,hk - IP-CIDR,52.93.178.200/32,hk - IP-CIDR,64.252.73.0/24,hk - IP-CIDR,52.93.178.211/32,hk - IP-CIDR,52.93.178.169/32,hk - IP-CIDR,52.95.255.112/28,hk - IP-CIDR,100.20.0.0/14,hk - IP-CIDR,150.222.74.0/24,hk - IP-CIDR,13.34.24.128/27,hk - IP-CIDR,54.151.0.0/17,hk - IP-CIDR,52.93.178.165/32,hk - IP-CIDR,176.32.125.128/26,hk - IP-CIDR,52.93.178.142/32,hk - IP-CIDR,52.93.178.156/32,hk - IP-CIDR,52.93.178.180/32,hk - IP-CIDR,54.214.0.0/16,hk - IP-CIDR,52.219.20.0/22,hk - IP-CIDR,52.219.24.0/21,hk - IP-CIDR,52.93.178.197/32,hk - IP-CIDR,34.208.0.0/12,hk - IP-CIDR,52.93.178.226/32,hk - IP-CIDR,15.221.16.0/22,hk - IP-CIDR,13.34.23.96/27,hk - IP-CIDR,52.93.178.204/32,hk - IP-CIDR,52.93.178.191/32,hk - IP-CIDR,52.46.216.0/22,hk - IP-CIDR,150.222.213.41/32,hk - IP-CIDR,52.95.246.0/24,hk - IP-CIDR,69.107.6.176/29,hk - IP-CIDR,99.83.97.64/27,hk - IP-CIDR,52.36.0.0/14,hk - IP-CIDR,52.93.178.141/32,hk - IP-CIDR,52.93.178.227/32,hk - IP-CIDR,54.215.0.0/16,hk - IP-CIDR,52.93.178.175/32,hk - IP-CIDR,52.93.178.131/32,hk - IP-CIDR,52.93.178.217/32,hk - IP-CIDR,54.202.0.0/15,hk - IP-CIDR,52.93.178.214/32,hk - IP-CIDR,108.166.224.0/21,hk - IP-CIDR,52.93.178.135/32,hk - IP-CIDR,184.72.0.0/18,hk - IP-CIDR,54.193.0.0/16,hk - IP-CIDR,150.222.140.0/24,hk - IP-CIDR,99.83.97.48/28,hk - IP-CIDR,52.93.240.156/31,hk - IP-CIDR,52.8.0.0/16,hk - IP-CIDR,52.93.126.145/32,hk - IP-CIDR,52.95.247.0/24,hk - IP-CIDR,52.93.178.188/32,hk - IP-CIDR,52.93.178.201/32,hk - IP-CIDR,150.222.180.0/24,hk - IP-CIDR,50.112.0.0/16,hk - IP-CIDR,13.57.0.0/16,hk - IP-CIDR,50.18.0.0/16,hk - IP-CIDR,52.93.178.167/32,hk - IP-CIDR,52.95.255.96/28,hk - IP-CIDR,99.83.98.0/24,hk - IP-CIDR,52.93.178.196/32,hk - IP-CIDR,52.94.116.0/22,hk - IP-CIDR,52.144.194.64/26,hk - IP-CIDR,13.52.0.0/16,hk - IP-CIDR,52.93.178.128/32,hk - IP-CIDR,52.95.40.0/24,hk - IP-CIDR,13.34.23.128/27,hk - IP-CIDR,54.231.232.0/21,hk - IP-CIDR,52.93.122.131/32,hk - IP-CIDR,52.93.34.57/32,hk - IP-CIDR,52.93.178.162/32,hk - IP-CIDR,204.246.160.0/22,hk - IP-CIDR,52.93.240.158/31,hk - IP-CIDR,15.230.42.0/24,hk - IP-CIDR,52.93.240.146/31,hk - IP-CIDR,52.93.178.144/32,hk - IP-CIDR,52.93.178.154/32,hk - IP-CIDR,52.93.240.162/31,hk - IP-CIDR,52.219.120.0/22,hk - IP-CIDR,52.9.0.0/16,hk - IP-CIDR,150.222.196.0/24,hk - IP-CIDR,52.46.180.0/22,hk - IP-CIDR,52.93.178.146/32,hk - IP-CIDR,13.248.99.0/24,hk - IP-CIDR,52.93.37.223/32,hk - IP-CIDR,52.93.178.178/32,hk - IP-CIDR,13.248.112.0/24,hk - IP-CIDR,52.93.178.176/32,hk - IP-CIDR,52.93.178.129/32,hk - IP-CIDR,52.93.178.145/32,hk - IP-CIDR,52.93.178.199/32,hk - IP-CIDR,150.222.102.0/24,hk - IP-CIDR,52.24.0.0/14,hk - IP-CIDR,52.119.160.0/20,hk - IP-CIDR,64.252.65.0/24,hk - IP-CIDR,52.93.178.151/32,hk - IP-CIDR,52.93.178.140/32,hk - IP-CIDR,52.93.178.174/32,hk - IP-CIDR,54.241.0.0/16,hk - IP-CIDR,184.169.128.0/17,hk - IP-CIDR,18.246.0.0/16,hk - IP-CIDR,52.93.178.232/32,hk - IP-CIDR,52.94.198.0/28,hk - IP-CIDR,52.93.178.132/32,hk - IP-CIDR,52.93.178.177/32,hk - IP-CIDR,99.77.154.0/24,hk - IP-CIDR,15.177.81.0/24,hk - IP-CIDR,54.153.0.0/17,hk - IP-CIDR,52.93.149.0/24,hk - IP-CIDR,52.93.178.150/32,hk - IP-CIDR,52.93.178.164/32,hk - IP-CIDR,52.93.178.198/32,hk - IP-CIDR,52.93.178.203/32,hk - IP-CIDR,52.218.128.0/17,hk - IP-CIDR,13.34.23.160/27,hk - IP-CIDR,13.34.24.192/27,hk - IP-CIDR,52.88.0.0/15,hk - IP-CIDR,52.93.178.139/32,hk - IP-CIDR,99.78.196.0/22,hk - IP-CIDR,52.93.178.229/32,hk - IP-CIDR,52.93.178.158/32,hk - IP-CIDR,216.182.236.0/23,hk - IP-CIDR,52.93.178.173/32,hk - IP-CIDR,15.177.80.0/24,hk - IP-CIDR,15.230.5.0/24,hk - IP-CIDR,52.144.194.128/26,hk - IP-CIDR,52.219.112.0/21,hk - IP-CIDR,15.254.0.0/16,hk - IP-CIDR,3.101.0.0/16,hk - IP-CIDR,52.40.0.0/14,hk - IP-CIDR,15.230.28.0/24,hk - IP-CIDR,64.252.70.0/24,hk - IP-CIDR,52.93.14.19/32,hk - IP-CIDR,52.93.178.218/32,hk - IP-CIDR,52.32.0.0/14,hk - IP-CIDR,52.93.126.144/32,hk - IP-CIDR,52.93.178.155/32,hk - IP-CIDR,52.93.178.202/32,hk - IP-CIDR,52.93.178.228/32,hk - IP-CIDR,52.93.178.216/32,hk - IP-CIDR,15.221.1.0/24,hk - IP-CIDR,52.93.178.212/32,hk - IP-CIDR,52.94.197.0/24,hk - IP-CIDR,54.184.0.0/13,hk - IP-CIDR,52.52.0.0/15,hk - IP-CIDR,52.144.197.128/26,hk - IP-CIDR,52.93.237.0/24,hk - IP-CIDR,150.222.221.0/24,hk - IP-CIDR,52.94.72.0/22,hk - IP-CIDR,64.252.71.0/24,hk - IP-CIDR,52.93.178.233/32,hk - IP-CIDR,35.155.0.0/16,hk - IP-CIDR,54.239.2.0/23,hk - IP-CIDR,13.34.23.192/27,hk - IP-CIDR,52.93.178.171/32,hk - IP-CIDR,108.166.240.0/21,hk - IP-CIDR,205.251.228.0/22,hk - IP-CIDR,54.239.0.32/28,hk - IP-CIDR,52.10.0.0/15,hk - IP-CIDR,52.93.178.149/32,hk - IP-CIDR,54.240.230.0/23,hk - IP-CIDR,52.46.249.0/24,hk - IP-CIDR,54.176.0.0/15,hk - IP-CIDR,52.93.178.208/32,hk - IP-CIDR,52.93.178.172/32,hk - IP-CIDR,52.93.178.225/32,hk - IP-CIDR,52.93.178.190/32,hk - IP-CIDR,69.107.6.112/29,hk - IP-CIDR,52.93.178.235/32,hk - IP-CIDR,52.93.178.163/32,hk - IP-CIDR,52.93.178.193/32,hk - IP-CIDR,52.93.178.160/32,hk - IP-CIDR,52.93.178.207/32,hk - IP-CIDR,150.222.97.0/24,hk - IP-CIDR,52.92.128.0/17,hk - IP-CIDR,52.93.178.148/32,hk - IP-CIDR,52.94.28.0/23,hk - IP-CIDR,52.94.248.128/28,hk - IP-CIDR,150.222.214.0/24,hk - IP-CIDR,52.93.12.13/32,hk - IP-CIDR,52.93.178.186/32,hk - IP-CIDR,150.222.75.0/24,hk - IP-CIDR,52.93.178.221/32,hk - IP-CIDR,52.94.248.96/28,hk - IP-CIDR,52.93.178.153/32,hk - IP-CIDR,99.77.186.0/24,hk - IP-CIDR,176.32.125.0/25,hk - IP-CIDR,13.52.118.0/23,hk - IP-CIDR,13.52.146.192/26,hk - IP-CIDR,34.223.24.0/22,hk - IP-CIDR,34.223.45.0/25,hk #HKT - IP-CIDR,203.198.80.0/24,hk - IP-CIDR,203.198.13.0/24,hk - IP-CIDR,203.205.255.0/24,hk - IP-CIDR,203.205.219.0/24,hk - IP-CIDR,219.76.23.0/24,hk ##- DOMAIN-SUFFIX,google.com,Proxy 匹配域名后缀(交由Proxy代理服务器组) ##- DOMAIN-KEYWORD,google,Proxy 匹配域名关键字(交由Proxy代理服务器组) ##- DOMAIN,google.com,Proxy 匹配域名(交由Proxy代理服务器组) ##- DOMAIN-SUFFIX,ad.com,REJECT 匹配域名后缀(拒绝) ##- IP-CIDR,127.0.0.0/8,DIRECT 匹配数据目标IP(直连) ##- SRC-IP-CIDR,192.168.1.201/32,DIRECT 匹配数据发起IP(直连) ##- DST-PORT,80,DIRECT 匹配数据目标端口(直连) ##- SRC-PORT,7777,DIRECT 匹配数据源端口(直连) ##排序在上的规则优先生效,如添加(去除规则前的#号): ##IP段:192.168.1.2-192.168.1.200 直连 ##- SRC-IP-CIDR,192.168.1.2/31,DIRECT ##- SRC-IP-CIDR,192.168.1.4/30,DIRECT ##- SRC-IP-CIDR,192.168.1.8/29,DIRECT ##- SRC-IP-CIDR,192.168.1.16/28,DIRECT ##- SRC-IP-CIDR,192.168.1.32/27,DIRECT ##- SRC-IP-CIDR,192.168.1.64/26,DIRECT ##- SRC-IP-CIDR,192.168.1.128/26,DIRECT ##- SRC-IP-CIDR,192.168.1.192/29,DIRECT ##- SRC-IP-CIDR,192.168.1.200/32,DIRECT ##IP段:192.168.1.202-192.168.1.255 直连 ##- SRC-IP-CIDR,192.168.1.202/31,DIRECT ##- SRC-IP-CIDR,192.168.1.204/30,DIRECT ##- SRC-IP-CIDR,192.168.1.208/28,DIRECT ##- SRC-IP-CIDR,192.168.1.1/32,DIRECT ##- SRC-IP-CIDR,192.168.1.25/32,DIRECT ##- SRC-IP-CIDR,198.18.0.1/32,DIRECT ##- SRC-IP-CIDR,192.168.18.2/32,DIRECT ##- SRC-IP-CIDR,111.161.237.105/32,DIRECT ##此时IP为192.168.1.1和192.168.1.201的客户端流量走代理(策略),其余客户端不走代理 ##因为Fake-IP模式下,IP地址为192.168.1.1的路由器自身流量可走代理(策略),所以需要排除 ##在线IP段转CIDR地址:http://ip2cidr.com #===================== 自定义规则 二 =====================# ##- DOMAIN-SUFFIX,google.com,Proxy 匹配域名后缀(交由Proxy代理服务器组) ##- DOMAIN-KEYWORD,google,Proxy 匹配域名关键字(交由Proxy代理服务器组) ##- DOMAIN,google.com,Proxy 匹配域名(交由Proxy代理服务器组) ##- DOMAIN-SUFFIX,ad.com,REJECT 匹配域名后缀(拒绝) ##- IP-CIDR,127.0.0.0/8,DIRECT 匹配数据目标IP(直连) ##- SRC-IP-CIDR,192.168.1.201/32,DIRECT 匹配数据发起IP(直连) ##- DST-PORT,80,DIRECT 匹配数据目标端口(直连) ##- SRC-PORT,7777,DIRECT 匹配数据源端口(直连) #===================== 配置文件 =====================# port: 7890 socks-port: 7891 redir-port: 7892 allow-lan: true mode: rule log-level: warning external-controller: 0.0.0.0:9090 dns: enable: true listen: 0.0.0.0:7874 enhanced-mode: redir-host nameserver: - https://233.6.6.6/dns-query - https://233.5.5.5/dns-query - 202.99.96.68 - 202.99.104.68 fallback: - tls://8.8.8.8:853 - https://1.1.1.1/dns-query - tls://1.1.1.1:853 - tls://8.8.4.4:853 ipv6: true use-hosts: true fallback-filter: geoip: true ipcidr: - 0.0.0.0/8 - 10.0.0.0/8 - 100.64.0.0/10 - 127.0.0.0/8 - 169.254.0.0/16 - 172.16.0.0/12 - 192.0.0.0/24 - 192.0.2.0/24 - 192.88.99.0/24 - 192.168.0.0/16 - 198.18.0.0/15 - 198.51.100.0/24 - 203.0.113.0/24 - 224.0.0.0/4 - 240.0.0.0/4 - 255.255.255.255/32 cfw-bypass: - qq.com - music.163.com - localhost - 127.* - 10.* - 172.16.* - 172.17.* - 172.18.* - 172.19.* - 172.20.* - 172.21.* - 172.22.* - 172.23.* - 172.24.* - 172.25.* - 172.26.* - 172.27.* - 172.28.* - 172.29.* - 172.30.* - 172.31.* - 192.168.* - "<local>" cfw-latency-timeout: 5000 proxy-groups: - name: EMER type: select disable-udp: false proxies: - name: other type: select disable-udp: false proxies: - name: us type: load-balance strategy: round-robin disable-udp: false proxies: url: http://www.gstatic.com/generate_204 interval: '30' - name: hk type: load-balance strategy: round-robin disable-udp: false proxies: url: http://www.gstatic.com/generate_204 interval: '30' - name: jp type: load-balance strategy: round-robin disable-udp: false proxies: url: http://www.gstatic.com/generate_204 interval: '30' - name: ge type: load-balance strategy: round-robin disable-udp: false proxies: url: http://www.gstatic.com/generate_204 interval: '30' - name: uk type: load-balance strategy: round-robin disable-udp: false proxies: url: http://www.gstatic.com/generate_204 interval: '30' - name: ir type: load-balance strategy: round-robin disable-udp: false proxies: url: http://www.gstatic.com/generate_204 interval: '30' - name: kr type: load-balance strategy: round-robin disable-udp: false proxies: url: http://www.gstatic.com/generate_204 interval: '30' - name: tw type: load-balance strategy: round-robin disable-udp: false proxies: url: http://www.gstatic.com/generate_204 interval: '30' - name: in type: load-balance strategy: round-robin disable-udp: false proxies: url: http://www.gstatic.com/generate_204 interval: '30' - name: sg type: load-balance strategy: round-robin disable-udp: false proxies: url: http://www.gstatic.com/generate_204 interval: '30' rules: - DOMAIN,safebrowsing.googleapis.com,hk - DOMAIN-SUFFIX,dl.google.com,hk - DOMAIN-SUFFIX,gstatic.com,hk - DOMAIN,checkipv6.synology.com,DIRECT - IP-CIDR,119.28.28.28/32,DIRECT - IP-CIDR,119.29.29.29/32,DIRECT - DOMAIN,dns.alidns.com,DIRECT - DST-PORT,853,DIRECT - IP-CIDR,233.6.6.6/32,DIRECT - IP-CIDR,233.5.5.5/32,DIRECT - DOMAIN,doh.pub,DIRECT - DOMAIN,dns.pub,DIRECT - DOMAIN,doh.360.cn,DIRECT - DOMAIN,dns.cfiec.net,DIRECT - DOMAIN,dns.rubyfish.cn,DIRECT - IP-CIDR,8.8.8.8/32,DIRECT - IP-CIDR,1.1.1.1/32,DIRECT - IP-CIDR,8.8.4.4/32,DIRECT - DOMAIN,doh.rixcloud.dev,DIRECT - IP-CIDR,182.254.118.118/32,DIRECT - IP-CIDR,182.254.116.116/32,DIRECT - DOMAIN-SUFFIX,plex.tv,DIRECT - DOMAIN-SUFFIX,happyon.jp,jp - DOMAIN-SUFFIX,hulu.jp,jp - DOMAIN-SUFFIX,hulu.com,us - DOMAIN-SUFFIX,huluim.com,us - DOMAIN-SUFFIX,hulustream.com,us - DOMAIN-SUFFIX,ubi.com,hk - DOMAIN-SUFFIX,ubisoft.com,hk - DOMAIN-SUFFIX,awesome-hd.me,hk - DOMAIN-SUFFIX,broadcasthe.net,hk - DOMAIN-SUFFIX,chdbits.co,hk - DOMAIN-SUFFIX,classix-unlimited.co.uk,hk - DOMAIN-SUFFIX,empornium.me,hk - DOMAIN-SUFFIX,gazellegames.net,hk - DOMAIN-SUFFIX,hdchina.org,hk - DOMAIN-SUFFIX,hdsky.me,hk - DOMAIN-SUFFIX,icetorrent.org,hk - DOMAIN-SUFFIX,jpopsuki.eu,hk - DOMAIN-SUFFIX,keepfrds.com,hk - DOMAIN-SUFFIX,madsrevolution.net,hk - DOMAIN-SUFFIX,m-team.cc,hk - DOMAIN-SUFFIX,nanyangpt.com,hk - DOMAIN-SUFFIX,ncore.cc,hk - DOMAIN-SUFFIX,open.cd,hk - DOMAIN-SUFFIX,ourbits.club,hk - DOMAIN-SUFFIX,passthepopcorn.me,hk - DOMAIN-SUFFIX,privatehd.to,hk - DOMAIN-SUFFIX,redacted.ch,hk - DOMAIN-SUFFIX,springsunday.net,hk - DOMAIN-SUFFIX,tjupt.org,hk - DOMAIN-SUFFIX,totheglory.im,hk - DOMAIN,mobile-gtalk.l.google.com,us - DOMAIN,mtalk.google.com,us - DOMAIN-SUFFIX,fast.com,hk - IP-CIDR,52.93.178.234/32,hk - IP-CIDR,52.94.76.0/22,hk - IP-CIDR,13.34.24.160/27,hk - IP-CIDR,52.93.240.164/31,hk - IP-CIDR,52.93.178.219/32,hk - IP-CIDR,150.222.199.0/25,hk - IP-CIDR,52.93.34.56/32,hk - IP-CIDR,52.93.178.152/32,hk - IP-CIDR,52.93.178.205/32,hk - IP-CIDR,52.119.252.0/22,hk - IP-CIDR,54.148.0.0/15,hk - IP-CIDR,99.77.130.0/24,hk - IP-CIDR,52.93.178.136/32,hk - IP-CIDR,99.77.132.0/24,hk - IP-CIDR,52.93.178.138/32,hk - IP-CIDR,54.239.48.0/22,hk - IP-CIDR,52.93.14.18/32,hk - IP-CIDR,52.144.197.192/26,hk - IP-CIDR,15.193.7.0/24,hk - IP-CIDR,52.93.178.134/32,hk - IP-CIDR,52.93.240.160/31,hk - IP-CIDR,52.93.178.183/32,hk - IP-CIDR,52.93.120.178/32,hk - IP-CIDR,52.93.178.161/32,hk - IP-CIDR,52.94.12.0/24,hk - IP-CIDR,15.230.36.0/23,hk - IP-CIDR,18.236.0.0/15,hk - IP-CIDR,52.94.249.80/28,hk - IP-CIDR,54.240.198.0/24,hk - IP-CIDR,13.34.23.224/27,hk - IP-CIDR,52.93.178.231/32,hk - IP-CIDR,54.200.0.0/15,hk - IP-CIDR,52.93.178.187/32,hk - IP-CIDR,52.119.176.0/21,hk - IP-CIDR,52.93.240.148/31,hk - IP-CIDR,64.252.72.0/24,hk - IP-CIDR,54.239.0.16/28,hk - IP-CIDR,13.34.24.96/27,hk - IP-CIDR,52.93.20.0/24,hk - IP-CIDR,204.236.128.0/18,hk - IP-CIDR,52.94.249.64/28,hk - IP-CIDR,52.93.178.166/32,hk - IP-CIDR,52.144.205.0/26,hk - IP-CIDR,13.34.25.96/27,hk - IP-CIDR,99.82.172.0/24,hk - IP-CIDR,70.224.192.0/18,hk - IP-CIDR,52.93.178.206/32,hk - IP-CIDR,52.93.178.230/32,hk - IP-CIDR,52.93.37.222/32,hk - IP-CIDR,52.93.178.220/32,hk - IP-CIDR,150.222.218.0/24,hk - IP-CIDR,52.93.178.215/32,hk - IP-CIDR,52.93.178.182/32,hk - IP-CIDR,54.219.0.0/16,hk - IP-CIDR,52.93.178.147/32,hk - IP-CIDR,52.93.178.179/32,hk - IP-CIDR,52.93.178.170/32,hk - IP-CIDR,52.93.178.223/32,hk - IP-CIDR,54.240.212.0/22,hk - IP-CIDR,54.245.0.0/16,hk - IP-CIDR,150.222.176.0/22,hk - IP-CIDR,99.77.152.0/24,hk - IP-CIDR,54.240.248.0/21,hk - IP-CIDR,69.107.6.120/29,hk - IP-CIDR,52.93.178.130/32,hk - IP-CIDR,52.93.178.157/32,hk - IP-CIDR,52.93.178.168/32,hk - IP-CIDR,13.56.0.0/16,hk - IP-CIDR,52.93.178.185/32,hk - IP-CIDR,52.93.240.154/31,hk - IP-CIDR,35.160.0.0/13,hk - IP-CIDR,54.67.0.0/16,hk - IP-CIDR,150.222.101.0/24,hk - IP-CIDR,52.93.178.209/32,hk - IP-CIDR,52.93.178.143/32,hk - IP-CIDR,150.222.213.40/32,hk - IP-CIDR,52.93.178.137/32,hk - IP-CIDR,52.94.208.0/21,hk - IP-CIDR,54.68.0.0/14,hk - IP-CIDR,54.212.0.0/15,hk - IP-CIDR,52.93.240.150/31,hk - IP-CIDR,52.144.194.192/26,hk - IP-CIDR,54.183.0.0/16,hk - IP-CIDR,18.144.0.0/15,hk - IP-CIDR,52.93.178.213/32,hk - IP-CIDR,150.222.234.0/24,hk - IP-CIDR,52.93.12.12/32,hk - IP-CIDR,52.95.230.0/24,hk - IP-CIDR,150.222.106.0/24,hk - IP-CIDR,99.77.253.0/24,hk - IP-CIDR,13.34.25.64/27,hk - IP-CIDR,52.93.178.194/32,hk - IP-CIDR,52.93.178.210/32,hk - IP-CIDR,52.93.178.184/32,hk - IP-CIDR,52.93.178.159/32,hk - IP-CIDR,52.93.178.189/32,hk - IP-CIDR,52.12.0.0/15,hk - IP-CIDR,52.93.178.181/32,hk - IP-CIDR,205.251.232.0/22,hk - IP-CIDR,52.75.0.0/16,hk - IP-CIDR,54.218.0.0/16,hk - IP-CIDR,176.32.112.0/21,hk - IP-CIDR,52.94.120.0/22,hk - IP-CIDR,52.93.178.192/32,hk - IP-CIDR,52.94.10.0/24,hk - IP-CIDR,52.93.178.195/32,hk - IP-CIDR,52.93.178.222/32,hk - IP-CIDR,54.244.0.0/16,hk - IP-CIDR,52.95.42.0/24,hk - IP-CIDR,52.93.178.133/32,hk - IP-CIDR,52.93.178.224/32,hk - IP-CIDR,52.93.240.152/31,hk - IP-CIDR,44.224.0.0/11,hk - IP-CIDR,52.93.178.200/32,hk - IP-CIDR,64.252.73.0/24,hk - IP-CIDR,52.93.178.211/32,hk - IP-CIDR,52.93.178.169/32,hk - IP-CIDR,52.95.255.112/28,hk - IP-CIDR,100.20.0.0/14,hk - IP-CIDR,150.222.74.0/24,hk - IP-CIDR,13.34.24.128/27,hk - IP-CIDR,54.151.0.0/17,hk - IP-CIDR,52.93.178.165/32,hk - IP-CIDR,176.32.125.128/26,hk - IP-CIDR,52.93.178.142/32,hk - IP-CIDR,52.93.178.156/32,hk - IP-CIDR,52.93.178.180/32,hk - IP-CIDR,54.214.0.0/16,hk - IP-CIDR,52.219.20.0/22,hk - IP-CIDR,52.219.24.0/21,hk - IP-CIDR,52.93.178.197/32,hk - IP-CIDR,34.208.0.0/12,hk - IP-CIDR,52.93.178.226/32,hk - IP-CIDR,15.221.16.0/22,hk - IP-CIDR,13.34.23.96/27,hk - IP-CIDR,52.93.178.204/32,hk - IP-CIDR,52.93.178.191/32,hk - IP-CIDR,52.46.216.0/22,hk - IP-CIDR,150.222.213.41/32,hk - IP-CIDR,52.95.246.0/24,hk - IP-CIDR,69.107.6.176/29,hk - IP-CIDR,99.83.97.64/27,hk - IP-CIDR,52.36.0.0/14,hk - IP-CIDR,52.93.178.141/32,hk - IP-CIDR,52.93.178.227/32,hk - IP-CIDR,54.215.0.0/16,hk - IP-CIDR,52.93.178.175/32,hk - IP-CIDR,52.93.178.131/32,hk - IP-CIDR,52.93.178.217/32,hk - IP-CIDR,54.202.0.0/15,hk - IP-CIDR,52.93.178.214/32,hk - IP-CIDR,108.166.224.0/21,hk - IP-CIDR,52.93.178.135/32,hk - IP-CIDR,184.72.0.0/18,hk - IP-CIDR,54.193.0.0/16,hk - IP-CIDR,150.222.140.0/24,hk - IP-CIDR,99.83.97.48/28,hk - IP-CIDR,52.93.240.156/31,hk - IP-CIDR,52.8.0.0/16,hk - IP-CIDR,52.93.126.145/32,hk - IP-CIDR,52.95.247.0/24,hk - IP-CIDR,52.93.178.188/32,hk - IP-CIDR,52.93.178.201/32,hk - IP-CIDR,150.222.180.0/24,hk - IP-CIDR,50.112.0.0/16,hk - IP-CIDR,13.57.0.0/16,hk - IP-CIDR,50.18.0.0/16,hk - IP-CIDR,52.93.178.167/32,hk - IP-CIDR,52.95.255.96/28,hk - IP-CIDR,99.83.98.0/24,hk - IP-CIDR,52.93.178.196/32,hk - IP-CIDR,52.94.116.0/22,hk - IP-CIDR,52.144.194.64/26,hk - IP-CIDR,13.52.0.0/16,hk - IP-CIDR,52.93.178.128/32,hk - IP-CIDR,52.95.40.0/24,hk - IP-CIDR,13.34.23.128/27,hk - IP-CIDR,54.231.232.0/21,hk - IP-CIDR,52.93.122.131/32,hk - IP-CIDR,52.93.34.57/32,hk - IP-CIDR,52.93.178.162/32,hk - IP-CIDR,204.246.160.0/22,hk - IP-CIDR,52.93.240.158/31,hk - IP-CIDR,15.230.42.0/24,hk - IP-CIDR,52.93.240.146/31,hk - IP-CIDR,52.93.178.144/32,hk - IP-CIDR,52.93.178.154/32,hk - IP-CIDR,52.93.240.162/31,hk - IP-CIDR,52.219.120.0/22,hk - IP-CIDR,52.9.0.0/16,hk - IP-CIDR,150.222.196.0/24,hk - IP-CIDR,52.46.180.0/22,hk - IP-CIDR,52.93.178.146/32,hk - IP-CIDR,13.248.99.0/24,hk - IP-CIDR,52.93.37.223/32,hk - IP-CIDR,52.93.178.178/32,hk - IP-CIDR,13.248.112.0/24,hk - IP-CIDR,52.93.178.176/32,hk - IP-CIDR,52.93.178.129/32,hk - IP-CIDR,52.93.178.145/32,hk - IP-CIDR,52.93.178.199/32,hk - IP-CIDR,150.222.102.0/24,hk - IP-CIDR,52.24.0.0/14,hk - IP-CIDR,52.119.160.0/20,hk - IP-CIDR,64.252.65.0/24,hk - IP-CIDR,52.93.178.151/32,hk - IP-CIDR,52.93.178.140/32,hk - IP-CIDR,52.93.178.174/32,hk - IP-CIDR,54.241.0.0/16,hk - IP-CIDR,184.169.128.0/17,hk - IP-CIDR,18.246.0.0/16,hk - IP-CIDR,52.93.178.232/32,hk - IP-CIDR,52.94.198.0/28,hk - IP-CIDR,52.93.178.132/32,hk - IP-CIDR,52.93.178.177/32,hk - IP-CIDR,99.77.154.0/24,hk - IP-CIDR,15.177.81.0/24,hk - IP-CIDR,54.153.0.0/17,hk - IP-CIDR,52.93.149.0/24,hk - IP-CIDR,52.93.178.150/32,hk - IP-CIDR,52.93.178.164/32,hk - IP-CIDR,52.93.178.198/32,hk - IP-CIDR,52.93.178.203/32,hk - IP-CIDR,52.218.128.0/17,hk - IP-CIDR,13.34.23.160/27,hk - IP-CIDR,13.34.24.192/27,hk - IP-CIDR,52.88.0.0/15,hk - IP-CIDR,52.93.178.139/32,hk - IP-CIDR,99.78.196.0/22,hk - IP-CIDR,52.93.178.229/32,hk - IP-CIDR,52.93.178.158/32,hk - IP-CIDR,216.182.236.0/23,hk - IP-CIDR,52.93.178.173/32,hk - IP-CIDR,15.177.80.0/24,hk - IP-CIDR,15.230.5.0/24,hk - IP-CIDR,52.144.194.128/26,hk - IP-CIDR,52.219.112.0/21,hk - IP-CIDR,15.254.0.0/16,hk - IP-CIDR,3.101.0.0/16,hk - IP-CIDR,52.40.0.0/14,hk - IP-CIDR,15.230.28.0/24,hk - IP-CIDR,64.252.70.0/24,hk - IP-CIDR,52.93.14.19/32,hk - IP-CIDR,52.93.178.218/32,hk - IP-CIDR,52.32.0.0/14,hk - IP-CIDR,52.93.126.144/32,hk - IP-CIDR,52.93.178.155/32,hk - IP-CIDR,52.93.178.202/32,hk - IP-CIDR,52.93.178.228/32,hk - IP-CIDR,52.93.178.216/32,hk - IP-CIDR,15.221.1.0/24,hk - IP-CIDR,52.93.178.212/32,hk - IP-CIDR,52.94.197.0/24,hk - IP-CIDR,54.184.0.0/13,hk - IP-CIDR,52.52.0.0/15,hk - IP-CIDR,52.144.197.128/26,hk - IP-CIDR,52.93.237.0/24,hk - IP-CIDR,150.222.221.0/24,hk - IP-CIDR,52.94.72.0/22,hk - IP-CIDR,64.252.71.0/24,hk - IP-CIDR,52.93.178.233/32,hk - IP-CIDR,35.155.0.0/16,hk - IP-CIDR,54.239.2.0/23,hk - IP-CIDR,13.34.23.192/27,hk - IP-CIDR,52.93.178.171/32,hk - IP-CIDR,108.166.240.0/21,hk - IP-CIDR,205.251.228.0/22,hk - IP-CIDR,54.239.0.32/28,hk - IP-CIDR,52.10.0.0/15,hk - IP-CIDR,52.93.178.149/32,hk - IP-CIDR,54.240.230.0/23,hk - IP-CIDR,52.46.249.0/24,hk - IP-CIDR,54.176.0.0/15,hk - IP-CIDR,52.93.178.208/32,hk - IP-CIDR,52.93.178.172/32,hk - IP-CIDR,52.93.178.225/32,hk - IP-CIDR,52.93.178.190/32,hk - IP-CIDR,69.107.6.112/29,hk - IP-CIDR,52.93.178.235/32,hk - IP-CIDR,52.93.178.163/32,hk - IP-CIDR,52.93.178.193/32,hk - IP-CIDR,52.93.178.160/32,hk - IP-CIDR,52.93.178.207/32,hk - IP-CIDR,150.222.97.0/24,hk - IP-CIDR,52.92.128.0/17,hk - IP-CIDR,52.93.178.148/32,hk - IP-CIDR,52.94.28.0/23,hk - IP-CIDR,52.94.248.128/28,hk - IP-CIDR,150.222.214.0/24,hk - IP-CIDR,52.93.12.13/32,hk - IP-CIDR,52.93.178.186/32,hk - IP-CIDR,150.222.75.0/24,hk - IP-CIDR,52.93.178.221/32,hk - IP-CIDR,52.94.248.96/28,hk - IP-CIDR,52.93.178.153/32,hk - IP-CIDR,99.77.186.0/24,hk - IP-CIDR,176.32.125.0/25,hk - IP-CIDR,13.52.118.0/23,hk - IP-CIDR,13.52.146.192/26,hk - IP-CIDR,34.223.24.0/22,hk - IP-CIDR,34.223.45.0/25,hk - IP-CIDR,203.198.80.0/24,hk - IP-CIDR,203.198.13.0/24,hk - IP-CIDR,203.205.255.0/24,hk - IP-CIDR,203.205.219.0/24,hk - IP-CIDR,219.76.23.0/24,hk - RULE-SET,Reject,DIRECT - RULE-SET,Special,DIRECT - RULE-SET,Netflix,hk - RULE-SET,Spotify,hk - RULE-SET,YouTube,hk - RULE-SET,Bilibili,DIRECT - RULE-SET,iQiyi,DIRECT - RULE-SET,Letv,DIRECT - RULE-SET,Netease Music,DIRECT - RULE-SET,Tencent Video,DIRECT - RULE-SET,Youku,DIRECT - RULE-SET,ABC,hk - RULE-SET,Abema TV,hk - RULE-SET,Amazon,hk - RULE-SET,Apple News,hk - RULE-SET,Apple TV,hk - RULE-SET,Bahamut,hk - RULE-SET,BBC iPlayer,hk - RULE-SET,DAZN,hk - RULE-SET,Disney Plus,hk - RULE-SET,encoreTVB,hk - RULE-SET,Fox Now,hk - RULE-SET,Fox+,hk - RULE-SET,HBO,hk - RULE-SET,Hulu Japan,hk - RULE-SET,Hulu,hk - RULE-SET,Japonx,hk - RULE-SET,JOOX,hk - RULE-SET,KKBOX,hk - RULE-SET,KKTV,hk - RULE-SET,Line TV,hk - RULE-SET,myTV SUPER,hk - RULE-SET,Pandora,hk - RULE-SET,PBS,hk - RULE-SET,Pornhub,hk - RULE-SET,Soundcloud,hk - RULE-SET,ViuTV,hk - RULE-SET,Telegram,hk - RULE-SET,Steam,hk - RULE-SET,Speedtest,hk - RULE-SET,PayPal,hk - RULE-SET,Microsoft,hk - RULE-SET,PROXY,hk - RULE-SET,Apple,hk - RULE-SET,Domestic,DIRECT - RULE-SET,Domestic IPs,DIRECT - IP-CIDR,198.18.0.1/16,REJECT,no-resolve - GEOIP,CN,DIRECT - MATCH,hk mixed-port: 7893 bind-address: "*" external-ui: "/usr/share/openclash/dashboard" ipv6: true hosts: p.conn.aiseet.atianqi.com: 121.51.162.20 p.conn.t002.ottcn.com: 121.51.162.20 p.conn.cp81.ott.cibntv.net: 121.51.162.20 p.conn.ptyg.gitv.tv: 121.51.162.20 p.conn.ott.video.qq.com: 121.51.162.20 common.mpush.qq.com: 121.51.162.20 git.dler.io: 113.52.132.52 chdbits.co: 104.26.10.119 rule-providers: Reject: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Reject.yaml path: "./rule_provider/Reject" interval: 86400 Special: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Special.yaml path: "./rule_provider/Special" interval: 86400 Netflix: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Netflix.yaml path: "./rule_provider/Netflix" interval: 86400 Spotify: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Spotify.yaml path: "./rule_provider/Spotify" interval: 86400 YouTube: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/YouTube.yaml path: "./rule_provider/YouTube" interval: 86400 Bilibili: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Bilibili.yaml path: "./rule_provider/Bilibili" interval: 86400 iQiyi: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/iQiyi.yaml path: "./rule_provider/iQiyi" interval: 86400 Letv: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Letv.yaml path: "./rule_provider/Letv" interval: 86400 Netease Music: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Netease%20Music.yaml path: "./rule_provider/Netease_Music" interval: 86400 Tencent Video: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Tencent%20Video.yaml path: "./rule_provider/Tencent_Video" interval: 86400 Youku: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Youku.yaml path: "./rule_provider/Youku" interval: 86400 ABC: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/ABC.yaml path: "./rule_provider/ABC" interval: 86400 Abema TV: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Abema%20TV.yaml path: "./rule_provider/Abema_TV" interval: 86400 Amazon: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Amazon.yaml path: "./rule_provider/Amazon" interval: 86400 Apple News: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Apple%20News.yaml path: "./rule_provider/Apple_News" interval: 86400 Apple TV: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Apple%20TV.yaml path: "./rule_provider/Apple_TV" interval: 86400 Bahamut: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Bahamut.yaml path: "./rule_provider/Bahamut" interval: 86400 BBC iPlayer: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/BBC%20iPlayer.yaml path: "./rule_provider/BBC_iPlayer" interval: 86400 DAZN: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/DAZN.yaml path: "./rule_provider/DAZN" interval: 86400 Disney Plus: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Disney%20Plus.yaml path: "./rule_provider/Disney_Plus" interval: 86400 encoreTVB: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/encoreTVB.yaml path: "./rule_provider/encoreTVB" interval: 86400 Fox Now: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Fox%20Now.yaml path: "./rule_provider/Fox_Now" interval: 86400 Fox+: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Fox%2B.yaml path: "./rule_provider/Fox+" interval: 86400 HBO: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/HBO.yaml path: "./rule_provider/HBO" interval: 86400 Hulu Japan: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Hulu%20Japan.yaml path: "./rule_provider/Hulu_Japan" interval: 86400 Hulu: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Hulu.yaml path: "./rule_provider/Hulu" interval: 86400 Japonx: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Japonx.yaml path: "./rule_provider/Japonx" interval: 86400 JOOX: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/JOOX.yaml path: "./rule_provider/JOOX" interval: 86400 KKBOX: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/KKBOX.yaml path: "./rule_provider/KKBOX" interval: 86400 KKTV: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/KKTV.yaml path: "./rule_provider/KKTV" interval: 86400 Line TV: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Line%20TV.yaml path: "./rule_provider/Line_TV" interval: 86400 myTV SUPER: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/myTV%20SUPER.yaml path: "./rule_provider/myTV_SUPER" interval: 86400 Pandora: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Pandora.yaml path: "./rule_provider/Pandora" interval: 86400 PBS: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/PBS.yaml path: "./rule_provider/PBS" interval: 86400 Pornhub: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Pornhub.yaml path: "./rule_provider/Pornhub" interval: 86400 Soundcloud: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/Soundcloud.yaml path: "./rule_provider/Soundcloud" interval: 86400 ViuTV: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Media/ViuTV.yaml path: "./rule_provider/ViuTV" interval: 86400 Telegram: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Telegram.yaml path: "./rule_provider/Telegram" interval: 86400 Steam: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Steam.yaml path: "./rule_provider/Steam" interval: 86400 Speedtest: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Speedtest.yaml path: "./rule_provider/Speedtest" interval: 86400 PayPal: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/PayPal.yaml path: "./rule_provider/PayPal" interval: 86400 Microsoft: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Microsoft.yaml path: "./rule_provider/Microsoft" interval: 86400 PROXY: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Proxy.yaml path: "./rule_provider/Proxy" interval: 86400 Domestic: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Domestic.yaml path: "./rule_provider/Domestic" interval: 86400 Apple: type: http behavior: classical url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Apple.yaml path: "./rule_provider/Apple" interval: 86400 Domestic IPs: type: http behavior: ipcidr url: https://gitee.com/lhie1/Rules/raw/master/Clash/Provider/Domestic%20IPs.yaml path: "./rule_provider/Domestic_IPs" interval: 86400 script: code: | def main(ctx, metadata): port_list = [21, 22, 23, 53, 80, 123, 143, 194, 443, 465, 587, 853, 993, 995, 998, 2052, 2053, 2082, 2083, 2086, 2095, 2096, 5222, 5228, 5229, 5230, 8080, 8443, 8880, 8888, 8889] ruleset_action = {"Reject": "DIRECT", "Special": "DIRECT", "Netflix": "hk", "Spotify": "hk", "YouTube": "hk", "Bilibili": "DIRECT", "iQiyi": "DIRECT", "Letv": "DIRECT", "Netease Music": "DIRECT", "Tencent Video": "DIRECT", "Youku": "DIRECT", "ABC": "hk", "Abema TV": "hk", "Amazon": "hk", "Apple News": "hk", "Apple TV": "hk", "Bahamut": "hk", "BBC iPlayer": "hk", "DAZN": "hk", "Disney Plus": "hk", "encoreTVB": "hk", "Fox Now": "hk", "Fox+": "hk", "HBO": "hk", "Hulu Japan": "hk", "Hulu": "hk", "Japonx": "hk", "JOOX": "hk", "KKBOX": "hk", "KKTV": "hk", "Line TV": "hk", "myTV SUPER": "hk", "Pandora": "hk", "PBS": "hk", "Pornhub": "hk", "Soundcloud": "hk", "ViuTV": "hk", "Telegram": "hk", "Steam": "hk", "Speedtest": "hk", "PayPal": "hk", "Microsoft": "hk", "PROXY": "hk", "Apple": "hk", "Domestic": "DIRECT", "Domestic IPs": "DIRECT" } port = int(metadata["dst_port"]) if port not in port_list: return "DIRECT" for rule_name in ctx.rule_providers.keys(): if ctx.rule_providers[rule_name].match(metadata): return ruleset_action[rule_name] ip = metadata["dst_ip"] or ctx.resolve_ip(metadata["host"]) if ip == "": return "DIRECT" code = ctx.geoip(ip) if code == "LAN": return "DIRECT" if code == "CN": return "DIRECT" return "hk" interface-name: bond0 #===================== 防火墙设置 =====================# #NAT chain # Generated by iptables-save v1.8.4 on Sun Dec 6 10:19:05 2020 *nat :PREROUTING ACCEPT [1026:244013] :INPUT ACCEPT [899:237974] :OUTPUT ACCEPT [873:57821] :POSTROUTING ACCEPT [164:11771] :MINIUPNPD - [0:0] :MINIUPNPD-POSTROUTING - [0:0] :openclash - [0:0] :openclash_output - [0:0] :postrouting_IPTV_rule - [0:0] :postrouting_lan_rule - [0:0] :postrouting_rule - [0:0] :postrouting_wan_rule - [0:0] :prerouting_IPTV_rule - [0:0] :prerouting_lan_rule - [0:0] :prerouting_rule - [0:0] :prerouting_wan_rule - [0:0] :zone_IPTV_postrouting - [0:0] :zone_IPTV_prerouting - [0:0] :zone_lan_postrouting - [0:0] :zone_lan_prerouting - [0:0] :zone_wan_postrouting - [0:0] :zone_wan_prerouting - [0:0] -A PREROUTING -d 8.8.4.4/32 -p tcp -j REDIRECT --to-ports 7892 -A PREROUTING -d 8.8.8.8/32 -p tcp -j REDIRECT --to-ports 7892 -A PREROUTING -i br-lan -p tcp -m tcp --dport 53 -j DNAT --to-destination 192.168.1.1 -A PREROUTING -i br-lan -p udp -m udp --dport 53 -j DNAT --to-destination 192.168.1.1 -A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule -A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting -A PREROUTING -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_prerouting -A PREROUTING -i eth0 -m comment --comment "!fw3" -j zone_IPTV_prerouting -A PREROUTING -p tcp -j openclash -A OUTPUT -j openclash_output -A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule -A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting -A POSTROUTING -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_postrouting -A POSTROUTING -o eth0 -m comment --comment "!fw3" -j zone_IPTV_postrouting -A MINIUPNPD -p tcp -m tcp --dport 22912 -j DNAT --to-destination 192.168.1.25:32400 -A MINIUPNPD -p tcp -m tcp --dport 14443 -j DNAT --to-destination 192.168.1.221:32400 -A MINIUPNPD -p tcp -m tcp --dport 5001 -j DNAT --to-destination 192.168.1.25:5001 -A MINIUPNPD -p tcp -m tcp --dport 5000 -j DNAT --to-destination 192.168.1.25:5000 -A MINIUPNPD -p tcp -m tcp --dport 25 -j DNAT --to-destination 192.168.1.25:25 -A MINIUPNPD -p tcp -m tcp --dport 465 -j DNAT --to-destination 192.168.1.25:465 -A MINIUPNPD -p tcp -m tcp --dport 587 -j DNAT --to-destination 192.168.1.25:587 -A MINIUPNPD -p tcp -m tcp --dport 110 -j DNAT --to-destination 192.168.1.25:110 -A MINIUPNPD -p tcp -m tcp --dport 995 -j DNAT --to-destination 192.168.1.25:995 -A MINIUPNPD -p tcp -m tcp --dport 143 -j DNAT --to-destination 192.168.1.25:143 -A MINIUPNPD -p tcp -m tcp --dport 993 -j DNAT --to-destination 192.168.1.25:993 -A MINIUPNPD -p udp -m udp --dport 1194 -j DNAT --to-destination 192.168.1.25:1194 -A MINIUPNPD -p tcp -m tcp --dport 55512 -j DNAT --to-destination 192.168.1.25:55512 -A MINIUPNPD -p tcp -m tcp --dport 55514 -j DNAT --to-destination 192.168.1.25:55514 -A MINIUPNPD -p udp -m udp --dport 55512 -j DNAT --to-destination 192.168.1.25:55512 -A MINIUPNPD -p udp -m udp --dport 55514 -j DNAT --to-destination 192.168.1.25:55514 -A MINIUPNPD -p udp -m udp --dport 48179 -j DNAT --to-destination 192.168.1.234:47999 -A MINIUPNPD -p udp -m udp --dport 48190 -j DNAT --to-destination 192.168.1.234:48010 -A MINIUPNPD -p udp -m udp --dport 48178 -j DNAT --to-destination 192.168.1.234:47998 -A MINIUPNPD -p udp -m udp --dport 48180 -j DNAT --to-destination 192.168.1.234:48000 -A MINIUPNPD -p udp -m udp --dport 48182 -j DNAT --to-destination 192.168.1.234:48002 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 32400 -j MASQUERADE --to-ports 22912 -A MINIUPNPD-POSTROUTING -s 192.168.1.221/32 -p tcp -m tcp --sport 32400 -j MASQUERADE --to-ports 14443 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 5001 -j MASQUERADE --to-ports 5001 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 5000 -j MASQUERADE --to-ports 5000 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 25 -j MASQUERADE --to-ports 25 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 465 -j MASQUERADE --to-ports 465 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 587 -j MASQUERADE --to-ports 587 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 110 -j MASQUERADE --to-ports 110 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 995 -j MASQUERADE --to-ports 995 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 143 -j MASQUERADE --to-ports 143 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 993 -j MASQUERADE --to-ports 993 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p udp -m udp --sport 1194 -j MASQUERADE --to-ports 1194 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 55512 -j MASQUERADE --to-ports 55512 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p tcp -m tcp --sport 55514 -j MASQUERADE --to-ports 55514 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p udp -m udp --sport 55512 -j MASQUERADE --to-ports 55512 -A MINIUPNPD-POSTROUTING -s 192.168.1.25/32 -p udp -m udp --sport 55514 -j MASQUERADE --to-ports 55514 -A MINIUPNPD-POSTROUTING -s 192.168.1.234/32 -p udp -m udp --sport 47999 -j MASQUERADE --to-ports 48179 -A MINIUPNPD-POSTROUTING -s 192.168.1.234/32 -p udp -m udp --sport 48010 -j MASQUERADE --to-ports 48190 -A MINIUPNPD-POSTROUTING -s 192.168.1.234/32 -p udp -m udp --sport 47998 -j MASQUERADE --to-ports 48178 -A MINIUPNPD-POSTROUTING -s 192.168.1.234/32 -p udp -m udp --sport 48000 -j MASQUERADE --to-ports 48180 -A MINIUPNPD-POSTROUTING -s 192.168.1.234/32 -p udp -m udp --sport 48002 -j MASQUERADE --to-ports 48182 -A openclash -m set --match-set localnetwork dst -j RETURN -A openclash -m set --match-set lan_ac_black_ips src -j RETURN -A openclash -p tcp -j REDIRECT --to-ports 7892 -A openclash_output -m set --match-set localnetwork dst -j RETURN -A openclash_output -p tcp -m owner ! --uid-owner 65534 -m multiport --dports 80,443 -j REDIRECT --to-ports 7892 -A zone_IPTV_postrouting -m comment --comment "!fw3: Custom IPTV postrouting rule chain" -j postrouting_IPTV_rule -A zone_IPTV_postrouting -m comment --comment "!fw3" -j FULLCONENAT -A zone_IPTV_prerouting -m comment --comment "!fw3: Custom IPTV prerouting rule chain" -j prerouting_IPTV_rule -A zone_IPTV_prerouting -m comment --comment "!fw3" -j FULLCONENAT -A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule -A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule -A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule -A zone_wan_postrouting -j MINIUPNPD-POSTROUTING -A zone_wan_postrouting -m comment --comment "!fw3" -j FULLCONENAT -A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule -A zone_wan_prerouting -m comment --comment "!fw3" -j FULLCONENAT -A zone_wan_prerouting -j MINIUPNPD COMMIT # Completed on Sun Dec 6 10:19:05 2020 #Mangle chain # Generated by iptables-save v1.8.4 on Sun Dec 6 10:19:05 2020 *mangle :PREROUTING ACCEPT [68084:48911002] :INPUT ACCEPT [28774:8137100] :FORWARD ACCEPT [39117:40760302] :OUTPUT ACCEPT [22244:4557974] :POSTROUTING ACCEPT [61470:45321489] :mwan3_connected - [0:0] :mwan3_hook - [0:0] :mwan3_iface_in_IPTV - [0:0] :mwan3_iface_in_wan - [0:0] :mwan3_ifaces_in - [0:0] :mwan3_policy_balanced - [0:0] :mwan3_policy_iptvonly - [0:0] :mwan3_policy_wan_only - [0:0] :mwan3_rule_https - [0:0] :mwan3_rules - [0:0] :openclash - [0:0] -A PREROUTING -j mwan3_hook -A PREROUTING -p udp -j openclash -A FORWARD -o pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu -A FORWARD -o eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone IPTV MTU fixing" -j TCPMSS --clamp-mss-to-pmtu -A OUTPUT -j mwan3_hook -A mwan3_connected -m set --match-set mwan3_connected dst -j MARK --set-xmark 0x3f00/0x3f00 -A mwan3_hook -j CONNMARK --restore-mark --nfmask 0x3f00 --ctmask 0x3f00 -A mwan3_hook -m mark --mark 0x0/0x3f00 -j mwan3_ifaces_in -A mwan3_hook -m mark --mark 0x0/0x3f00 -j mwan3_connected -A mwan3_hook -m mark --mark 0x0/0x3f00 -j mwan3_rules -A mwan3_hook -j CONNMARK --save-mark --nfmask 0x3f00 --ctmask 0x3f00 -A mwan3_hook -m mark ! --mark 0x3f00/0x3f00 -j mwan3_connected -A mwan3_iface_in_IPTV -i eth0 -m set --match-set mwan3_connected src -m mark --mark 0x0/0x3f00 -m comment --comment default -j MARK --set-xmark 0x3f00/0x3f00 -A mwan3_iface_in_IPTV -i eth0 -m mark --mark 0x0/0x3f00 -m comment --comment IPTV -j MARK --set-xmark 0x200/0x3f00 -A mwan3_iface_in_wan -i pppoe-wan -m set --match-set mwan3_connected src -m mark --mark 0x0/0x3f00 -m comment --comment default -j MARK --set-xmark 0x3f00/0x3f00 -A mwan3_iface_in_wan -i pppoe-wan -m mark --mark 0x0/0x3f00 -m comment --comment wan -j MARK --set-xmark 0x100/0x3f00 -A mwan3_ifaces_in -m mark --mark 0x0/0x3f00 -j mwan3_iface_in_wan -A mwan3_ifaces_in -m mark --mark 0x0/0x3f00 -j mwan3_iface_in_IPTV -A mwan3_policy_balanced -m mark --mark 0x0/0x3f00 -m comment --comment "wan 3 3" -j MARK --set-xmark 0x100/0x3f00 -A mwan3_policy_iptvonly -m mark --mark 0x0/0x3f00 -m comment --comment "IPTV 3 3" -j MARK --set-xmark 0x200/0x3f00 -A mwan3_policy_wan_only -m mark --mark 0x0/0x3f00 -m comment --comment "wan 3 3" -j MARK --set-xmark 0x100/0x3f00 -A mwan3_rule_https -m mark --mark 0x0/0x3f00 -j MARK --set-xmark 0x100/0x3f00 -A mwan3_rule_https -m mark --mark 0x100/0x3f00 -m set ! --match-set mwan3_sticky_https src,src -j MARK --set-xmark 0x0/0x3f00 -A mwan3_rule_https -m mark --mark 0x0/0x3f00 -j mwan3_policy_wan_only -A mwan3_rule_https -m mark ! --mark 0xfc00/0xfc00 -j SET --del-set mwan3_sticky_https src,src -A mwan3_rule_https -m mark ! --mark 0xfc00/0xfc00 -j SET --add-set mwan3_sticky_https src,src -A mwan3_rules -p tcp -m multiport --dports 443 -m mark --mark 0x0/0x3f00 -j mwan3_rule_https -A mwan3_rules -m mark --mark 0x0/0x3f00 -j mwan3_policy_wan_only -A openclash -p udp -m udp --dport 500 -j RETURN -A openclash -p udp -m udp --dport 546 -j RETURN -A openclash -p udp -m udp --dport 68 -j RETURN -A openclash -m set --match-set localnetwork dst -j RETURN -A openclash -m set --match-set lan_ac_black_ips src -j RETURN -A openclash -p udp -m udp --dport 53 -j RETURN -A openclash -p udp -j TPROXY --on-port 7892 --on-ip 0.0.0.0 --tproxy-mark 0x162/0xffffffff COMMIT # Completed on Sun Dec 6 10:19:05 2020 #===================== 路由表状态 =====================# #route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 X 0.0.0.0 UG 0 0 0 pppoe-wan X 0.0.0.0 255.255.255.255 UH 0 0 0 pppoe-wan 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan #ip route list default via X dev pppoe-wan proto static X dev pppoe-wan proto kernel scope link src X 192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1 #ip rule show 0: from all lookup local 1000: from all fwmark 0x162 lookup 354 1001: from all iif pppoe-wan lookup 1 1002: from all iif eth0 lookup 2 2001: from all fwmark 0x100/0x3f00 lookup 1 2002: from all fwmark 0x200/0x3f00 lookup 2 2061: from all fwmark 0x3d00/0x3f00 blackhole 2062: from all fwmark 0x3e00/0x3f00 unreachable 32766: from all lookup main 32767: from all lookup default #===================== 端口占用状态 =====================# tcp 0 0 :::9090 :::* LISTEN 24868/clash tcp 0 0 :::7890 :::* LISTEN 24868/clash tcp 0 0 :::7891 :::* LISTEN 24868/clash tcp 0 0 :::7892 :::* LISTEN 24868/clash tcp 0 0 :::7893 :::* LISTEN 24868/clash udp 0 0 :::7874 :::* 24868/clash udp 0 0 :::7891 :::* 24868/clash udp 0 0 :::7893 :::* 24868/clash #===================== 测试本机DNS查询 =====================# Name: www.baidu.com Address 1: 110.242.68.3 Address 2: 110.242.68.4 #===================== resolv.conf.d =====================# # Interface IPTV nameserver 192.168.18.1 # Interface wan nameserver 202.99.96.68 nameserver 202.99.104.68 # Interface wan_6 nameserver 2408:8888::8 nameserver 2408:8899::8 #===================== 测试本机网络连接 =====================# HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform Connection: keep-alive Content-Length: 277 Content-Type: text/html Date: Sun, 06 Dec 2020 02:19:05 GMT Etag: "575e1f59-115" Last-Modified: Mon, 13 Jun 2016 02:50:01 GMT Pragma: no-cache Server: bfe/1.0.8.18 #===================== 测试本机网络下载 =====================# HTTP/1.1 200 OK Connection: keep-alive Content-Length: 80 Cache-Control: max-age=300 Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox Content-Type: text/plain; charset=utf-8 ETag: "37c90545872644d531698407d8d115d7dd22e029a208ca661b2fc863eb54b67b" Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Frame-Options: deny X-XSS-Protection: 1; mode=block Via: 1.1 varnish (Varnish/6.0), 1.1 varnish X-GitHub-Request-Id: 5814:1300:1F32A7:241E45:5FCC3F47 Accept-Ranges: bytes Date: Sun, 06 Dec 2020 02:19:06 GMT X-Served-By: cache-hkg17933-HKG X-Cache: HIT, HIT X-Cache-Hits: 1, 1 X-Timer: S1607221146.209962,VS0,VE1 Vary: Authorization,Accept-Encoding Access-Control-Allow-Origin: * X-Fastly-Request-ID: 34275fe2c0c7c268e312cf028fef2e53e1117a76 Expires: Sun, 06 Dec 2020 02:24:06 GMT Source-Age: 101
节点什么协议
SSR,之前vmess也不好使
koollede固件问题
报错不支持udp转发 level=warning msg="Failed to start Redir UDP Listener: operation not permitted"
OpenClash 调试日志
生成时间: 2020-12-06 10:19:05 插件版本: v0.41.06-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息