search

vernesong / OpenClash

A Clash Client For OpenWrt
MIT License
16.55k stars 3.06k forks source link

Set Custom Rules Error: undefined method `each' for #<String:0x0000000001c10a38> #1210

Closed XinSSS closed 3 years ago

XinSSS commented 3 years ago

只要启用自定义规则, 启动日志就会报错

OpenClash 调试日志

生成时间: 2021-02-08 11:33:29 插件版本: v0.41.14-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息


#===================== 系统信息 =====================#

主机型号: Intel(R) Celeron(R) CPU 3865U @ 1.80GHz : 2 Core 2 Thread
固件版本: OpenWrt SNAPSHOT r3061-fbdca3d67
LuCI版本: git-21.035.34289-13f96d1-1
内核版本: 5.4.92
处理器架构: x86_64

#此项在使用Tun模式时应为ACCEPT
防火墙转发: ACCEPT

#此项有值时建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: 

#此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.0.1#7874

#===================== 依赖检查 =====================#

dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
jsonfilter: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
iptables-mod-tproxy: 已安装
kmod-ipt-tproxy: 已安装
iptables-mod-extra: 已安装
kmod-ipt-extra: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
ruby-psych: 已安装
ruby-pstore: 已安装
ruby-dbm: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci-19.07): 已安装

#===================== 内核检查 =====================#

运行状态: 运行中
进程pid: 21015
运行权限: 21015: = cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_resource+eip
运行用户: nobody
已选择的架构: linux-amd64

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 
Tun内核文件: 不存在
Tun内核运行权限: 否

Game内核版本: 
Game内核文件: 不存在
Game内核运行权限: 否

Dev内核版本: v1.3.5-4-g6fedd7e
Dev内核文件: 存在
Dev内核运行权限: 正常

#===================== 插件设置 =====================#

当前配置文件: /etc/openclash/config/魅影&IPLC_clash.yaml
启动配置文件: /etc/openclash/魅影&IPLC_clash.yaml
运行模式: fake-ip
默认代理模式: rule
UDP流量转发(tproxy): 启用
DNS劫持: 启用
自定义DNS: 启用
IPV6-DNS解析: 停用
禁用Dnsmasq缓存: 启用
自定义规则: 启用
仅允许内网: 停用
仅代理命中规则流量: 停用
仅允许常用端口流量: 停用
绕过中国大陆IP: 停用

#启动异常时建议关闭此项后重试
混合节点: 停用
保留配置: 停用

#启动异常时建议关闭此项后重试
第三方规则: 停用

#===================== 自定义规则 一 =====================#
##- DOMAIN-SUFFIX,google.com,Proxy 匹配域名后缀(交由Proxy代理服务器组)
##- DOMAIN-KEYWORD,google,Proxy 匹配域名关键字(交由Proxy代理服务器组)
##- DOMAIN,google.com,Proxy 匹配域名(交由Proxy代理服务器组)
##- DOMAIN-SUFFIX,ad.com,REJECT 匹配域名后缀(拒绝)
##- IP-CIDR,127.0.0.0/8,DIRECT 匹配数据目标IP(直连)
##- SRC-IP-CIDR,192.168.1.201/32,DIRECT 匹配数据发起IP(直连)
##- DST-PORT,80,DIRECT 匹配数据目标端口(直连)
##- SRC-PORT,7777,DIRECT 匹配数据源端口(直连)

DOMAIN-KEYWORD,tracker,DIRECT
DOMAIN-KEYWORD,announce.php?passkey=,DIRECT
DOMAIN-KEYWORD,peer_id=,DIRECT
DOMAIN-KEYWORD,info_hash,DIRECT
DOMAIN-KEYWORD,get_peers,DIRECT
DOMAIN-KEYWORD,find_node,DIRECT
DOMAIN-KEYWORD,announce_peer,DIRECT
- SRC-PORT,6771,DIRECT
- SRC-PORT,27916,DIRECT
- SRC-PORT,51413,DIRECT
- SRC-PORT,9405,Proxies
- SRC-PORT,9505,Proxies
- SRC-IP-CIDR,192.168.1.111/32,DIRECT
- SRC-IP-CIDR,192.168.1.116/32,DIRECT
- SRC-IP-CIDR,192.168.1.113/32,Proxies
- SRC-IP-CIDR,192.168.1.114/32,Proxies
#===================== 自定义规则 二 =====================#
##- DOMAIN-SUFFIX,google.com,Proxy 匹配域名后缀(交由Proxy代理服务器组)
##- DOMAIN-KEYWORD,google,Proxy 匹配域名关键字(交由Proxy代理服务器组)
##- DOMAIN,google.com,Proxy 匹配域名(交由Proxy代理服务器组)
##- DOMAIN-SUFFIX,ad.com,REJECT 匹配域名后缀(拒绝)
##- IP-CIDR,127.0.0.0/8,DIRECT 匹配数据目标IP(直连)
##- SRC-IP-CIDR,192.168.1.201/32,DIRECT 匹配数据发起IP(直连)
##- DST-PORT,80,DIRECT 匹配数据目标端口(直连)
##- SRC-PORT,7777,DIRECT 匹配数据源端口(直连)

#===================== 配置文件 =====================#

port: 7890
socks-port: 7891
allow-lan: true
mode: rule
log-level: error
external-controller: 0.0.0.0:9090
proxy-groups:
- name: Steam
  type: select
  proxies:
  - China
  - HK
  - SG
  - JP
  - TW
  - Proxies
  - DIRECT
- name: OneDrive
  type: select
  proxies:
  - Proxies
  - HK
  - SG
  - JP
  - TW
  - China
  - DIRECT
- name: PayPal
  type: select
  proxies:
  - China
  - HK
  - SG
  - JP
  - TW
  - Proxies
  - DIRECT
- name: StreamingSE
  type: select
  proxies:
  - China
  - Proxies
  - HK
  - SG
  - JP
  - TW
  - US
  - DIRECT
- name: Streaming
  type: select
  proxies:
  - Proxies
  - HK
  - SG
  - JP
  - TW
  - US
- name: Telegram
  type: select
  proxies:
  - Proxies
  - HK
  - SG
  - JP
  - TW
  - US
- name: Proxies
  type: select
  proxies:
  - HK
  - SG
  - JP
  - TW
  - US
  - "\U0001F1ED\U0001F1F0 V401U-1x-BGP-HK"
  - "\U0001F1ED\U0001F1F0 V402U-1x-BGP-HK-NF*"
  - "\U0001F1ED\U0001F1F0 V403U-1x-BGP-HK-NF*"
  - "\U0001F1EF\U0001F1F5 V434U-1x-BGP-JP-NF"
  - "\U0001F1F8\U0001F1EC V450U-1x-BGP-SG-NF"
  - "\U0001F1E8\U0001F1F3 V472U-2x-BGP-TW-NF*"
  - "\U0001F1FA\U0001F1F8 V480U-1x-BGP-US"
  - DIRECT
- name: China
  type: select
  proxies:
  - DIRECT
  - Proxies
- name: Final
  type: select
  proxies:
  - Proxies
  - China
  - DIRECT
- name: HK
  type: select
  proxies:
  - "\U0001F1ED\U0001F1F0 V401U-1x-BGP-HK"
  - "\U0001F1ED\U0001F1F0 V402U-1x-BGP-HK-NF*"
  - "\U0001F1ED\U0001F1F0 V403U-1x-BGP-HK-NF*"
- name: SG
  type: select
  proxies:
  - "\U0001F1F8\U0001F1EC V450U-1x-BGP-SG-NF"
- name: TW
  type: select
  proxies:
  - "\U0001F1E8\U0001F1F3 V472U-2x-BGP-TW-NF*"
- name: JP
  type: select
  proxies:
  - "\U0001F1EF\U0001F1F5 V434U-1x-BGP-JP-NF"
- name: US
  type: select
  proxies:
  - "\U0001F1FA\U0001F1F8 V480U-1x-BGP-US"
rules:
- DOMAIN-SUFFIX,steam-chat.com,Steam
- DOMAIN-SUFFIX,steamcontent.com,Steam
- DOMAIN-SUFFIX,steamgames.com,Steam
- DOMAIN-SUFFIX,steampowered.com,Steam
- DOMAIN-SUFFIX,steamstat.us,Steam
- DOMAIN-SUFFIX,steamstatic.com,Steam
- DOMAIN-SUFFIX,steamusercontent.com,Steam
- DOMAIN,steambroadcast.akamaized.net,Steam
- DOMAIN,steamcdn-a.akamaihd.net,Steam
- DOMAIN,steamcommunity-a.akamaihd.net,Steam
- DOMAIN,steamstore-a.akamaihd.net,Steam
- DOMAIN,steamusercontent-a.akamaihd.net,Steam
- DOMAIN,steamusercontent-a.akamaihd.net,Steam
- DOMAIN,steamuserimages-a.akamaihd.net,Steam
- DOMAIN-SUFFIX,1drv.com,OneDrive
- DOMAIN-SUFFIX,onedrive.com,OneDrive
- DOMAIN-SUFFIX,storage.live.com,OneDrive
- DOMAIN,oneclient.sfx.ms,OneDrive
- DOMAIN-SUFFIX,paypal.com,PayPal
- DOMAIN-SUFFIX,paypal.me,PayPal
- DOMAIN-SUFFIX,paypalobjects.com,PayPal
- DOMAIN-SUFFIX,biliapi.net,StreamingSE
- DOMAIN-SUFFIX,bilibili.com,StreamingSE
- DOMAIN,upos-hz-mirrorakam.akamaized.net,StreamingSE
- DOMAIN-SUFFIX,iq.com,StreamingSE
- DOMAIN,cache.video.iqiyi.com,StreamingSE
- DOMAIN,cache-video.iq.com,StreamingSE
- DOMAIN,intl.iqiyi.com,StreamingSE
- DOMAIN,intl-rcd.iqiyi.com,StreamingSE
- DOMAIN,intl-subscription.iqiyi.com,StreamingSE
- DOMAIN-KEYWORD,oversea-tw.inter.iqiyi.com,StreamingSE
- DOMAIN-KEYWORD,oversea-tw.inter.ptqy.gitv.tv,StreamingSE
- IP-CIDR,103.44.56.0/22,StreamingSE,no-resolve
- IP-CIDR,118.26.32.0/23,StreamingSE,no-resolve
- IP-CIDR,118.26.120.0/24,StreamingSE,no-resolve
- IP-CIDR,223.119.62.225/28,StreamingSE,no-resolve
- IP-CIDR,23.40.242.10/32,StreamingSE,no-resolve
- IP-CIDR,23.40.241.251/32,StreamingSE,no-resolve
- DOMAIN,cf-images.ap-southeast-1.prod.boltdns.net,Streaming
- DOMAIN-SUFFIX,5itv.tv,Streaming
- DOMAIN-SUFFIX,ocnttv.com,Streaming
- DOMAIN-SUFFIX,hulu.com,Streaming
- DOMAIN-SUFFIX,huluim.com,Streaming
- DOMAIN-SUFFIX,hulustream.com,Streaming
- DOMAIN-SUFFIX,happyon.jp,Streaming
- DOMAIN-SUFFIX,t.me,Telegram
- DOMAIN-SUFFIX,tdesktop.com,Telegram
- DOMAIN-SUFFIX,telesco.pe,Telegram
- DOMAIN-SUFFIX,telegram.dog,Telegram
- DOMAIN-SUFFIX,telegram.me,Telegram
- DOMAIN-SUFFIX,telegram.org,Telegram
- DOMAIN-SUFFIX,telegra.ph,Telegram
- IP-CIDR,91.108.4.0/22,Telegram,no-resolve
- IP-CIDR,91.108.4.0/24,Telegram,no-resolve
- IP-CIDR,91.108.8.0/22,Telegram,no-resolve
- IP-CIDR,91.108.8.0/27,Telegram,no-resolve
- IP-CIDR,91.108.12.0/27,Telegram,no-resolve
- IP-CIDR,91.108.16.0/27,Telegram,no-resolve
- IP-CIDR,91.108.56.0/22,Telegram,no-resolve
- IP-CIDR,91.108.56.0/24,Telegram,no-resolve
- IP-CIDR,91.108.12.0/22,Telegram,no-resolve
- IP-CIDR,91.108.16.0/22,Telegram,no-resolve
- IP-CIDR,149.154.160.0/20,Telegram,no-resolve
- IP-CIDR,149.154.160.0/22,Telegram,no-resolve
- IP-CIDR,149.154.164.0/22,Telegram,no-resolve
- IP-CIDR,149.154.164.8/29 ,Telegram,no-resolve
- IP-CIDR,149.154.164.250/32,Telegram,no-resolve
- IP-CIDR,149.154.165.120/32,Telegram,no-resolve
- IP-CIDR,149.154.166.120/32,Telegram,no-resolve
- DOMAIN,testflight.apple.com,Proxies
- DOMAIN-SUFFIX,appspot.com,Proxies
- DOMAIN-SUFFIX,blogger.com,Proxies
- DOMAIN-SUFFIX,getoutline.org,Proxies
- DOMAIN-SUFFIX,gvt0.com,Proxies
- DOMAIN-SUFFIX,gvt3.com,Proxies
- DOMAIN-SUFFIX,xn--ngstr-lra8j.com,Proxies
- DOMAIN-SUFFIX,ytimg.com,Proxies
- DOMAIN-KEYWORD,google,Proxies
- DOMAIN-KEYWORD,.blogspot.,Proxies
- DOMAIN-SUFFIX,aka.ms,Proxies
- DOMAIN-SUFFIX,onedrive.live.com,Proxies
- DOMAIN,az416426.vo.msecnd.net,Proxies
- DOMAIN,az668014.vo.msecnd.net,Proxies
- DOMAIN-SUFFIX,cdninstagram.com,Proxies
- DOMAIN-SUFFIX,facebook.com,Proxies
- DOMAIN-SUFFIX,facebook.net,Proxies
- DOMAIN-SUFFIX,fb.com,Proxies
- DOMAIN-SUFFIX,fb.me,Proxies
- DOMAIN-SUFFIX,fbaddins.com,Proxies
- DOMAIN-SUFFIX,fbcdn.net,Proxies
- DOMAIN-SUFFIX,fbsbx.com,Proxies
- DOMAIN-SUFFIX,fbworkmail.com,Proxies
- DOMAIN-SUFFIX,instagram.com,Proxies
- DOMAIN-SUFFIX,m.me,Proxies
- DOMAIN-SUFFIX,messenger.com,Proxies
- DOMAIN-SUFFIX,oculus.com,Proxies
- DOMAIN-SUFFIX,oculuscdn.com,Proxies
- DOMAIN-SUFFIX,rocksdb.org,Proxies
- DOMAIN-SUFFIX,whatsapp.com,Proxies
- DOMAIN-SUFFIX,whatsapp.net,Proxies
- DOMAIN-SUFFIX,pscp.tv,Proxies
- DOMAIN-SUFFIX,periscope.tv,Proxies
- DOMAIN-SUFFIX,t.co,Proxies
- DOMAIN-SUFFIX,twimg.co,Proxies
- DOMAIN-SUFFIX,twimg.com,Proxies
- DOMAIN-SUFFIX,twitpic.com,Proxies
- DOMAIN-SUFFIX,twitter.com,Proxies
- DOMAIN-SUFFIX,vine.co,Proxies
- DOMAIN-SUFFIX,telegra.ph,Proxies
- DOMAIN-SUFFIX,telegram.org,Proxies
- IP-CIDR,91.108.4.0/22,Proxies,no-resolve
- IP-CIDR,91.108.8.0/22,Proxies,no-resolve
- IP-CIDR,91.108.12.0/22,Proxies,no-resolve
- IP-CIDR,91.108.16.0/22,Proxies,no-resolve
- IP-CIDR,91.108.20.0/22,Proxies,no-resolve
- IP-CIDR,91.108.56.0/22,Proxies,no-resolve
- IP-CIDR,149.154.160.0/20,Proxies,no-resolve
- IP-CIDR6,2001:b28:f23d::/48,Proxies,no-resolve
- IP-CIDR6,2001:b28:f23f::/48,Proxies,no-resolve
- IP-CIDR6,2001:67c:4e8::/48,Proxies,no-resolve
- DOMAIN-SUFFIX,line.me,Proxies
- DOMAIN-SUFFIX,line-apps.com,Proxies
- DOMAIN-SUFFIX,line-scdn.net,Proxies
- DOMAIN-SUFFIX,naver.jp,Proxies
- IP-CIDR,103.2.30.0/23,Proxies,no-resolve
- IP-CIDR,125.209.208.0/20,Proxies,no-resolve
- IP-CIDR,147.92.128.0/17,Proxies,no-resolve
- IP-CIDR,203.104.144.0/21,Proxies,no-resolve
- DOMAIN-SUFFIX,amazon.co.jp,Proxies
- DOMAIN,d3c33hcgiwev3.cloudfront.net,Proxies
- DOMAIN,payments-jp.amazon.com,Proxies
- DOMAIN,s3-ap-northeast-1.amazonaws.com,Proxies
- DOMAIN,s3-ap-southeast-2.amazonaws.com,Proxies
- DOMAIN,a248.e.akamai.net,Proxies
- DOMAIN,a771.dscq.akamai.net,Proxies
- DOMAIN-SUFFIX,4shared.com,Proxies
- DOMAIN-SUFFIX,9cache.com,Proxies
- DOMAIN-SUFFIX,9gag.com,Proxies
- DOMAIN-SUFFIX,abc.com,Proxies
- DOMAIN,images-cn.ssl-images-amazon.com,China
- IP-CIDR,119.28.28.28/32,China,no-resolve
- IP-CIDR,182.254.116.0/24,China,no-resolve
- DOMAIN-SUFFIX,local,DIRECT
- IP-CIDR,192.168.0.0/16,DIRECT,no-resolve
- IP-CIDR,10.0.0.0/8,DIRECT,no-resolve
- IP-CIDR,172.16.0.0/12,DIRECT,no-resolve
- IP-CIDR,127.0.0.0/8,DIRECT,no-resolve
- IP-CIDR,100.64.0.0/10,DIRECT,no-resolve
- IP-CIDR6,::1/128,DIRECT,no-resolve
- IP-CIDR6,fc00::/7,DIRECT,no-resolve
- IP-CIDR6,fe80::/10,DIRECT,no-resolve
- IP-CIDR6,fd00::/8,DIRECT,no-resolve
- IP-CIDR,198.18.0.1/16,REJECT,no-resolve
- GEOIP,CN,China
- MATCH,Final
dns:
  nameserver:
  - 223.5.5.5
  - 119.29.29.29
  - 114.114.114.114
  fallback:
  - https://cloudflare-dns.com/dns-query
  - https://dns.google/dns-query
  - tls://dns.google:853
  - https://1.1.1.1/dns-query
  - tls://1.1.1.1:853
  - tls://8.8.8.8:853
  enable: true
  ipv6: false
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/16
  listen: 127.0.0.1:7874
  fake-ip-filter:
  - "*.lan"
  - time.windows.com
  - time.nist.gov
  - time.apple.com
  - time.asia.apple.com
  - "*.ntp.org.cn"
  - "*.openwrt.pool.ntp.org"
  - time1.cloud.tencent.com
  - time.ustc.edu.cn
  - pool.ntp.org
  - ntp.ubuntu.com
  - ntp.aliyun.com
  - ntp1.aliyun.com
  - ntp2.aliyun.com
  - ntp3.aliyun.com
  - ntp4.aliyun.com
  - ntp5.aliyun.com
  - ntp6.aliyun.com
  - ntp7.aliyun.com
  - time1.aliyun.com
  - time2.aliyun.com
  - time3.aliyun.com
  - time4.aliyun.com
  - time5.aliyun.com
  - time6.aliyun.com
  - time7.aliyun.com
  - "*.time.edu.cn"
  - time1.apple.com
  - time2.apple.com
  - time3.apple.com
  - time4.apple.com
  - time5.apple.com
  - time6.apple.com
  - time7.apple.com
  - time1.google.com
  - time2.google.com
  - time3.google.com
  - time4.google.com
  - music.163.com
  - "*.music.163.com"
  - "*.126.net"
  - musicapi.taihe.com
  - music.taihe.com
  - songsearch.kugou.com
  - trackercdn.kugou.com
  - "*.kuwo.cn"
  - api-jooxtt.sanook.com
  - api.joox.com
  - joox.com
  - y.qq.com
  - "*.y.qq.com"
  - streamoc.music.tc.qq.com
  - mobileoc.music.tc.qq.com
  - isure.stream.qqmusic.qq.com
  - dl.stream.qqmusic.qq.com
  - aqqmusic.tc.qq.com
  - amobile.music.tc.qq.com
  - "*.xiami.com"
  - "*.music.migu.cn"
  - music.migu.cn
  - "*.msftconnecttest.com"
  - "*.msftncsi.com"
  - localhost.ptlogin2.qq.com
  - "+.srv.nintendo.net"
  - "+.stun.playstation.net"
  - xbox.*.microsoft.com
  - "+.xboxlive.com"
  - proxy.golang.org
  - stun.*.*
  - stun.*.*.*
  - heartbeat.belkin.com
  - "*.linksys.com"
  - "*.linksyssmartwifi.com"
  fallback-filter:
    geoip: false
    ipcidr:
    - 0.0.0.0/8
    - 10.0.0.0/8
    - 100.64.0.0/10
    - 127.0.0.0/8
    - 169.254.0.0/16
    - 172.16.0.0/12
    - 192.0.0.0/24
    - 192.0.2.0/24
    - 192.88.99.0/24
    - 192.168.0.0/16
    - 198.18.0.0/15
    - 198.51.100.0/24
    - 203.0.113.0/24
    - 224.0.0.0/4
    - 240.0.0.0/4
    - 255.255.255.255/32
    domain:
    - "+.google.com"
    - "+.facebook.com"
    - "+.youtube.com"
    - "+.githubusercontent.com"
redir-port: 7892
mixed-port: 7893
bind-address: "*"
external-ui: "/usr/share/openclash/dashboard"
ipv6: false

#===================== 防火墙设置 =====================#

#NAT chain

# Generated by iptables-save v1.8.4 on Mon Feb  8 11:33:29 2021
*nat
:PREROUTING ACCEPT [253:83893]
:INPUT ACCEPT [300:67361]
:OUTPUT ACCEPT [382:31364]
:POSTROUTING ACCEPT [134:11134]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:openclash - [0:0]
:openclash_output - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -d 8.8.4.4/32 -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 7892
-A PREROUTING -d 8.8.8.8/32 -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 7892
-A PREROUTING -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -i eth0 -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -p udp -m udp --dport 53 -m comment --comment dns_hijack -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -m tcp --dport 53 -m comment --comment dns_hijack -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -j openclash
-A OUTPUT -j openclash_output
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_postrouting
-A POSTROUTING -o eth0 -m comment --comment "!fw3" -j zone_wan_postrouting
-A MINIUPNPD -p tcp -m tcp --dport 33593 -j DNAT --to-destination 192.168.1.116:9010
-A MINIUPNPD -p tcp -m tcp --dport 34664 -j DNAT --to-destination 192.168.1.116:9020
-A MINIUPNPD -p udp -m udp --dport 32744 -j DNAT --to-destination 192.168.1.116:9030
-A MINIUPNPD -p udp -m udp --dport 32575 -j DNAT --to-destination 192.168.1.116:9031
-A MINIUPNPD -p udp -m udp --dport 38793 -j DNAT --to-destination 192.168.1.116:9032
-A MINIUPNPD -p udp -m udp --dport 36906 -j DNAT --to-destination 192.168.1.116:9033
-A MINIUPNPD-POSTROUTING -s 192.168.1.116/32 -p tcp -m tcp --sport 9010 -j MASQUERADE --to-ports 33593
-A MINIUPNPD-POSTROUTING -s 192.168.1.116/32 -p tcp -m tcp --sport 9020 -j MASQUERADE --to-ports 34664
-A MINIUPNPD-POSTROUTING -s 192.168.1.116/32 -p udp -m udp --sport 9030 -j MASQUERADE --to-ports 32744
-A MINIUPNPD-POSTROUTING -s 192.168.1.116/32 -p udp -m udp --sport 9031 -j MASQUERADE --to-ports 32575
-A MINIUPNPD-POSTROUTING -s 192.168.1.116/32 -p udp -m udp --sport 9032 -j MASQUERADE --to-ports 38793
-A MINIUPNPD-POSTROUTING -s 192.168.1.116/32 -p udp -m udp --sport 9033 -j MASQUERADE --to-ports 36906
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -p tcp -j REDIRECT --to-ports 7892
-A openclash_output -p tcp -m tcp --sport 1688 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -d 198.18.0.0/16 -p tcp -m owner ! --uid-owner 65534 -j REDIRECT --to-ports 7892
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -j REDIRECT --to-ports 7892
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -m comment --comment "!fw3" -j FULLCONENAT
-A zone_wan_prerouting -j MINIUPNPD
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
-A zone_wan_prerouting -m comment --comment "!fw3" -j FULLCONENAT
COMMIT
# Completed on Mon Feb  8 11:33:29 2021

#Mangle chain

# Generated by iptables-save v1.8.4 on Mon Feb  8 11:33:29 2021
*mangle
:PREROUTING ACCEPT [10288:8046811]
:INPUT ACCEPT [9819:7948553]
:FORWARD ACCEPT [489:80664]
:OUTPUT ACCEPT [6672:8341501]
:POSTROUTING ACCEPT [7159:8422073]
:openclash - [0:0]
-A PREROUTING -p udp -j openclash
-A FORWARD -o pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -o eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A openclash -p udp -m udp --dport 500 -j RETURN
-A openclash -p udp -m udp --dport 546 -j RETURN
-A openclash -p udp -m udp --dport 68 -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -p udp -m udp --dport 53 -j RETURN
-A openclash -p udp -j TPROXY --on-port 7892 --on-ip 0.0.0.0 --tproxy-mark 0x162/0xffffffff
COMMIT
# Completed on Mon Feb  8 11:33:29 2021

#===================== IPSET状态 =====================#

Name: china
Name: localnetwork

#===================== 路由表状态 =====================#

#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         122.234.140.1   0.0.0.0         UG    0      0        0 pppoe-wan
122.234.140.1   0.0.0.0         255.255.255.255 UH    0      0        0 pppoe-wan
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 br-lan
#ip route list
default via 122.234.140.1 dev pppoe-wan proto static 
122.234.140.1 dev pppoe-wan proto kernel scope link src 
192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1 
#ip rule show
0:  from all lookup local
32765:  from all fwmark 0x162 lookup 354
32766:  from all lookup main
32767:  from all lookup default

#===================== 端口占用状态 =====================#

tcp        0      0 :::9090                 :::*                    LISTEN      21015/clash
tcp        0      0 :::7890                 :::*                    LISTEN      21015/clash
tcp        0      0 :::7891                 :::*                    LISTEN      21015/clash
tcp        0      0 :::7892                 :::*                    LISTEN      21015/clash
tcp        0      0 :::7893                 :::*                    LISTEN      21015/clash
udp        0      0 127.0.0.1:7874          0.0.0.0:*                           21015/clash
udp        0      0 :::44092                :::*                                21015/clash
udp        0      0 :::7891                 :::*                                21015/clash
udp        0      0 :::7892                 :::*                                21015/clash
udp        0      0 :::7893                 :::*                                21015/clash
udp        0      0 :::55583                :::*                                21015/clash

#===================== 测试本机DNS查询 =====================#

Server:     127.0.0.1
Address:    127.0.0.1#53

Name:      www.baidu.com
Address 1: 198.18.0.23
*** Can't find www.baidu.com: No answer

#===================== resolv.conf.d =====================#

# Interface wan
nameserver 223.5.5.5
nameserver 119.29.29.29

#===================== 测试本机网络连接 =====================#

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Mon, 08 Feb 2021 03:33:30 GMT
Etag: "575e1f60-115"
Last-Modified: Mon, 13 Jun 2016 02:50:08 GMT
Pragma: no-cache
Server: bfe/1.0.8.18

#===================== 测试本机网络下载 =====================#

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 80
Cache-Control: max-age=300
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
Content-Type: text/plain; charset=utf-8
ETag: "00cdb0532e41777645c9ad3e0a65a1b1ac87d6afaf72cf6e33d925dbbd05be97"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
X-GitHub-Request-Id: FEA2:3D17:57C6C7:666CB6:60130FCD
Accept-Ranges: bytes
Date: Mon, 08 Feb 2021 03:33:30 GMT
Via: 1.1 varnish
X-Served-By: cache-hkg17926-HKG
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1612755210.307286,VS0,VE1
Vary: Authorization,Accept-Encoding
Access-Control-Allow-Origin: *
X-Fastly-Request-ID: 5798656e6482598bbf99b47c6ab14271ad4cf698
Expires: Mon, 08 Feb 2021 03:38:30 GMT
Source-Age: 77

#===================== 最近运行日志 =====================#

2021-02-08 11:31:18 Set Custom Rules Error: undefined method `each' for #<String:0x0000000001f20ae8>
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider OneDrive"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider Steam"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider Streaming"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider US"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider SG"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider Telegram"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider PayPal"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider Proxies"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider StreamingSE"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider Final"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider TW"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider JP"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider HK"
time="2021-02-08T03:31:23Z" level=info msg="Start initial compatible provider China"
2021-02-08 11:31:29 History:【魅影&IPLC_clash.yaml】 Restore Successful
2021-02-08 11:31:12 OpenClash Start Successful
2021-02-08 11:32:17 Set Custom Rules Error: undefined method `each' for #<String:0x0000000001da4ae8>
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider JP"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider HK"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider Telegram"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider PayPal"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider OneDrive"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider Steam"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider Final"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider StreamingSE"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider TW"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider Proxies"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider China"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider US"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider SG"
time="2021-02-08T03:32:22Z" level=info msg="Start initial compatible provider Streaming"
2021-02-08 11:32:28 History:【魅影&IPLC_clash.yaml】 Restore Successful
2021-02-08 11:32:10 OpenClash Start Successful
XinSSS commented 3 years ago

找到原因了...........