Closed fraelyfan closed 3 years ago
我使用的是脚本模式,并开启了服务器与策略组管理中的保留配置选项 但是每次定时检查订阅文件后配置文件中的规则集(rule-providers)和脚本(script)都会被清空 日记如下: `OpenClash 调试日志
生成时间: 2021-07-26 14:42:24 插件版本: v0.42.09-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息
#===================== 系统信息 =====================# 主机型号: QEMU Standard PC (Q35 + ICH9, 2009) 固件版本: OpenWrt 19.07.6 r11278-8055e38794 LuCI版本: 内核版本: 4.14.215 处理器架构: x86_64 #此项在使用Tun模式时应为ACCEPT 防火墙转发: ACCEPT #此项有值时建议到网络-接口-lan的设置中禁用IPV6的DHCP IPV6-DHCP: server #此项结果应仅有配置文件的DNS监听地址 Dnsmasq转发设置: 127.0.0.1#5050 #===================== 依赖检查 =====================# dnsmasq-full: 已安装 coreutils: 已安装 coreutils-nohup: 已安装 bash: 已安装 curl: 已安装 ca-certificates: 已安装 ipset: 已安装 ip-full: 已安装 iptables-mod-tproxy: 已安装 kmod-ipt-tproxy: 已安装 iptables-mod-extra: 已安装 kmod-ipt-extra: 已安装 libcap: 已安装 libcap-bin: 已安装 ruby: 已安装 ruby-yaml: 已安装 ruby-psych: 已安装 ruby-pstore: 已安装 ruby-dbm: 已安装 kmod-tun(TUN模式): 已安装 luci-compat(Luci-19.07): 已安装 #===================== 内核检查 =====================# 运行状态: 运行中 进程pid: 20160 运行权限: 20160: cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_resource=eip 运行用户: nobody 已选择的架构: linux-amd64 #下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限 Tun内核版本: Tun内核文件: 存在 Tun内核运行权限: 正常 Game内核版本: Game内核文件: 存在 Game内核运行权限: 正常 Dev内核版本: Dev内核文件: 存在 Dev内核运行权限: 正常 #===================== 插件设置 =====================# 当前配置文件: /etc/openclash/config/config.yaml 启动配置文件: /etc/openclash/config.yaml 运行模式: redir-host-mix 默认代理模式: script UDP流量转发(tproxy): 停用 DNS劫持: 启用 自定义DNS: 启用 IPV6-DNS解析: 停用 禁用Dnsmasq缓存: 启用 自定义规则: 启用 仅允许内网: 启用 仅代理命中规则流量: 停用 仅允许常用端口流量: 停用 绕过中国大陆IP: 启用 #启动异常时建议关闭此项后重试 混合节点: 停用 保留配置: 启用 #启动异常时建议关闭此项后重试 第三方规则: 停用 #===================== 自定义规则 一 =====================# ##- DOMAIN-SUFFIX,google.com,Proxy 匹配域名后缀(交由Proxy代理服务器组) ##- DOMAIN-KEYWORD,google,Proxy 匹配域名关键字(交由Proxy代理服务器组) ##- DOMAIN,google.com,Proxy 匹配域名(交由Proxy代理服务器组) ##- DOMAIN-SUFFIX,ad.com,REJECT 匹配域名后缀(拒绝) ##- IP-CIDR,127.0.0.0/8,DIRECT 匹配数据目标IP(直连) ##- SRC-IP-CIDR,192.168.1.201/32,DIRECT 匹配数据发起IP(直连) ##- DST-PORT,80,DIRECT 匹配数据目标端口(直连) ##- SRC-PORT,7777,DIRECT 匹配数据源端口(直连) ##排序在上的规则优先生效,如添加(去除规则前的#号): ##IP段:192.168.1.2-192.168.1.200 直连 ##- SRC-IP-CIDR,192.168.1.2/31,DIRECT ##- SRC-IP-CIDR,192.168.1.4/30,DIRECT ##- SRC-IP-CIDR,192.168.1.8/29,DIRECT ##- SRC-IP-CIDR,192.168.1.16/28,DIRECT ##- SRC-IP-CIDR,192.168.1.32/27,DIRECT ##- SRC-IP-CIDR,192.168.1.64/26,DIRECT ##- SRC-IP-CIDR,192.168.1.128/26,DIRECT ##- SRC-IP-CIDR,192.168.1.192/29,DIRECT ##- SRC-IP-CIDR,192.168.1.200/32,DIRECT ##IP段:192.168.1.202-192.168.1.255 直连 ##- SRC-IP-CIDR,192.168.1.202/31,DIRECT ##- SRC-IP-CIDR,192.168.1.204/30,DIRECT ##- SRC-IP-CIDR,192.168.1.208/28,DIRECT ##- SRC-IP-CIDR,192.168.1.224/27,DIRECT ##此时IP为192.168.1.1和192.168.1.201的客户端流量走代理(策略),其余客户端不走代理 ##因为Fake-IP模式下,IP地址为192.168.1.1的路由器自身流量可走代理(策略),所以需要排除 ##仅设置路由器自身直连: - SRC-IP-CIDR,192.168.0.2/32,DIRECT - SRC-IP-CIDR,198.168.0.1/32,DIRECT ##在线IP段转CIDR地址:http://ip2cidr.com #===================== 自定义规则 二 =====================# ##- DOMAIN-SUFFIX,google.com,Proxy 匹配域名后缀(交由Proxy代理服务器组) ##- DOMAIN-KEYWORD,google,Proxy 匹配域名关键字(交由Proxy代理服务器组) ##- DOMAIN,google.com,Proxy 匹配域名(交由Proxy代理服务器组) ##- DOMAIN-SUFFIX,ad.com,REJECT 匹配域名后缀(拒绝) ##- IP-CIDR,127.0.0.0/8,DIRECT 匹配数据目标IP(直连) ##- SRC-IP-CIDR,192.168.1.201/32,DIRECT 匹配数据发起IP(直连) ##- DST-PORT,80,DIRECT 匹配数据目标端口(直连) ##- SRC-PORT,7777,DIRECT 匹配数据源端口(直连) #===================== 配置文件 =====================# port: 10810 socks-port: 10809 allow-lan: true mode: script log-level: error external-controller: 192.168.0.1:9090 rule-providers: Netflix: type: http behavior: classical path: "/etc/openclash/rule_provider/Netflix.yaml" url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/StreamingMedia/Video/Netflix.yaml interval: 86400 AppStore: type: http behavior: classical path: "/etc/openclash/rule_provider/AppStore.yaml" url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/Extra/Apple/AppStore.yaml interval: 86400 AppStoreConnect: type: http behavior: classical path: "/etc/openclash/rule_provider/AppStoreConnect.yaml" url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/Extra/Apple/AppStoreConnect.yaml interval: 86400 Apple(lhie1): type: http behavior: classical path: "/etc/openclash/rule_provider/Apple-lhie1.yaml" url: https://cdn.jsdelivr.net/gh/lhie1/Rules@master/Clash/Provider/Apple.yaml interval: 86400 审计规则: type: http behavior: classical path: "/etc/openclash/rule_provider/Special.yaml" url: https://cdn.jsdelivr.net/gh/lhie1/Rules@master/Clash/Provider/Special.yaml interval: 86400 Steam: type: file behavior: classical path: "/etc/openclash/rule_provider/Steam.yaml" 微软服务: type: http behavior: classical path: "/etc/openclash/rule_provider/Microsoft.yaml" url: https://cdn.jsdelivr.net/gh/lhie1/Rules@master/Clash/Provider/Microsoft.yaml interval: 86400 国内域名: type: http behavior: classical path: "/etc/openclash/rule_provider/China.yaml" url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/China.yaml interval: 86400 script: code: | def main(ctx, metadata): if metadata["type"] == "Socks5": return "Game" if metadata["type"] == "HTTP Connect": return "Currency" if ctx.rule_providers["Netflix"].match(metadata): return "Netflix" list = ['微软服务','AppStore','AppStoreConnect','Apple(lhie1)','审计规则','国内域名','Steam'] for name in list: if ctx.rule_providers[name].match(metadata): return "DIRECT" return "Currency" proxy-groups: - name: Currency type: select disable-udp: false proxies: - iplc|广港01|1.5x - iplc|广港02|1.5x - iplc|广港03|1.5x - iplc|广港04|1.5x - iplc|广港05|1.5x - iplc|广新01|1.5x - iplc|广台01|1.5x - iplc|广日|1.5x - 马来西亚V2 0.2x NF - 马来西亚V2 0.3x NF - 马来西亚V3T 0.2x NF - 动态BGP+IPLC|广港01|3x - 动态BGP+IPLC|广港02|3x - 动态BGP+IPLC|广港01(原生)|3x - 动态BGP+IPLC|广港02(原生)|3x - 动态BGP+IPLC|广港03(原生)|3x - 动态BGP+IPLC|广新01(原生)|3x - 动态BGP+IPLC|广台01(原生)|3x - 动态BGP+IPLC|广美01|3x - iplc|广港-原生01|1.5x - iplc|广港-原生02|1.5x - iplc|广港-原生03|1.5x - iplc|广新02|1.5x - iplc|广台02|1.5x - iplc|广台03|1.5x - 中转|香港01 - 中转|香港02 - 中转|香港03 - 中转|香港04 - 中转|台湾01 - 中转|台湾02 - 中转|台湾03 - 中转|新加坡01 - 中转|新加坡02 - 中转|新加坡03 - 中转|日本01 - 中转|日本02 - 中转|韩国 - 中转|美国01 - 中转|美国02 - 中转|加拿大 - Anycast|香港 - Anycast|新加坡 - Anycast|日本 - Anycast|台湾 - Anycast|泰国 - Anycast|美国 - Anycast|英国 - Anycast|德国 - Anycast|加拿大 - Anycast|韩国 - Anycast|俄罗斯 - Anycast|荷兰 - Anycast|印度 - Anycast|法国 - Anycast|阿根廷 - Anycast|巴西 - Anycast|土耳其 - Anycast|澳大利亚 - 福利|新加坡|0.1x|限速10Mbps - 福利|香港|0.1x|限速10Mbps - 福利|日本|0.1x|限速10Mbps - 福利|美国|0.1x|限速10Mbps - 下载专用|0.8x|支持大流量 - BGP*新加坡 - BGP*新加坡R - BGP*日本东京 - BGP*日本大阪 - BGP*美国西雅图 - BGP*韩国首尔 - BGP*香港上环 - BGP*香港中环 - BGP*香港沙田 - BGP*香港湾仔 - BGP*马来西亚 - DRL*台湾台北 [0.8] - DRL*台湾基隆 [0.8] - DRL*台湾宜兰 [0.8] - DRL*台湾桃园 [0.8] - DRL*德国法兰克福 - DRL*新加坡中部 - DRL*新加坡西岛 - DRL*日本Azure - DRL*日本东京01 Ex - DRL*日本东京02 - DRL*日本品川 - DRL*日本新宿 Ex [1.5] - DRL*日本横滨 Ex [1.5] - DRL*日本石狩 - DRL*澳门 - DRL*美国Misaka01 - DRL*美国Misaka02 - DRL*美国西雅图00 - DRL*美国西雅图01 - DRL*美国西雅图02 - DRL*美国費利蒙 Ex - DRL*越南河内 - DRL*韩国春川 - DRL*韩国首尔 - DRL*香港Amazon Y [0.5] - DRL*香港九龙 - DRL*香港沙田00 - DRL*香港沙田01 - DRL*香港沙田02 - DRL*香港沙田03 - DRL*香港移动00 - DRL*香港移动01 - DRL*香港葵涌00 - DRL*香港葵涌01 - DRL*马来西亚 - ECO*韩国AWS Y [0.1]SSR - SP*以色列特拉维夫 - SP*俄罗斯莫斯科 [0.5] - SP*冰岛 - SP*加麻大枫叶 - SP*印度 - SP*土耳其 - SP*巴西 [2.0] - SP*德国慕尼黑 - SP*法国巴黎 - SP*澳大利亚 Ex [1.5] - SP*瑞士休伦堡 - SP*英国伦敦 Ex [1.5] - SP*菲律宾 - SP*阿根廷 - SP*韩国SK [5.0] - name: Game type: select disable-udp: false proxies: - DIRECT - Currency - FST*IPLCHK GAME [3.0] 测试 - GAME*华为广港 [5.0] - GAME*华为沪日 [20] - GAME*沪日AIA [20] 测试 - GAME*腾讯广港 [30] SSR-Only - GAME*花卷莞港 [20] SSR-Only - GAME*阿里深港 [30] - name: Netflix type: select disable-udp: false proxies: - Currency - Netflix-香港 - Netflix-日本 - Netflix-马来西亚 url: http://www.gstatic.com/generate_204 interval: '3600' - name: Netflix-马来西亚 type: load-balance strategy: consistent-hashing disable-udp: true proxies: - 马来西亚V2 0.2x NF - 马来西亚V2 0.3x NF - 马来西亚V3T 0.2x NF url: http://www.gstatic.com/generate_204 interval: '36000' - name: Netflix-日本 type: select disable-udp: true proxies: - DRL*日本Azure - DRL*日本东京01 Ex - DRL*日本东京02 - DRL*日本品川 - DRL*日本横滨 Ex [1.5] - DRL*日本石狩 - name: Netflix-香港 type: select disable-udp: true proxies: - DRL*香港九龙 - DRL*香港沙田00 - DRL*香港沙田01 - DRL*香港沙田02 - DRL*香港沙田03 - DRL*香港移动00 - DRL*香港移动01 - DRL*香港葵涌00 - DRL*香港葵涌01 rules: - SRC-IP-CIDR,192.168.0.2/32,DIRECT - SRC-IP-CIDR,198.168.0.1/32,DIRECT - IP-CIDR,198.18.0.1/16,REJECT,no-resolve dns: nameserver: - 114.114.114.114:53 enable: true ipv6: false enhanced-mode: redir-host listen: 127.0.0.1:5050 redir-port: 6060 mixed-port: 10808 bind-address: 192.168.0.1 external-ui: "/usr/share/openclash/dashboard" ipv6: false tun: enable: true stack: system dns-hijack: - tcp://8.8.8.8:53 - tcp://8.8.4.4:53 profile: store-selected: true #===================== 防火墙设置 =====================# #NAT chain # Generated by iptables-save v1.8.3 on Mon Jul 26 14:42:25 2021 *nat :PREROUTING ACCEPT [25:3649] :INPUT ACCEPT [27:3758] :OUTPUT ACCEPT [3:182] :POSTROUTING ACCEPT [1:61] :MINIUPNPD - [0:0] :MINIUPNPD-POSTROUTING - [0:0] :openclash - [0:0] :openclash_output - [0:0] :postrouting_lan_rule - [0:0] :postrouting_rule - [0:0] :postrouting_wan_rule - [0:0] :prerouting_lan_rule - [0:0] :prerouting_rule - [0:0] :prerouting_wan_rule - [0:0] :zone_lan_postrouting - [0:0] :zone_lan_prerouting - [0:0] :zone_wan_postrouting - [0:0] :zone_wan_prerouting - [0:0] -A PREROUTING -d 8.8.4.4/32 -p tcp -m tcp --dport 53 -j ACCEPT -A PREROUTING -d 8.8.8.8/32 -p tcp -m tcp --dport 53 -j ACCEPT -A PREROUTING -d 8.8.4.4/32 -p tcp -m tcp --dport 53 -j ACCEPT -A PREROUTING -d 8.8.8.8/32 -p tcp -m tcp --dport 53 -j ACCEPT -A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule -A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting -A PREROUTING -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_prerouting -A PREROUTING -p udp -m udp --dport 53 -m comment --comment dns_hijack -j REDIRECT --to-ports 53 -A PREROUTING -p tcp -m tcp --dport 53 -m comment --comment dns_hijack -j REDIRECT --to-ports 53 -A PREROUTING -p tcp -j openclash -A PREROUTING -p tcp -j openclash -A OUTPUT -j openclash_output -A OUTPUT -j openclash_output -A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule -A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting -A POSTROUTING -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_postrouting -A MINIUPNPD -p tcp -m tcp --dport 4010 -j DNAT --to-destination 192.168.0.102:4010 -A MINIUPNPD -p tcp -m tcp --dport 43091 -j DNAT --to-destination 192.168.0.114:43091 -A MINIUPNPD -p udp -m udp --dport 43091 -j DNAT --to-destination 192.168.0.114:43091 -A MINIUPNPD -p udp -m udp --dport 6909 -j DNAT --to-destination 192.168.0.114:6909 -A MINIUPNPD -p tcp -m tcp --dport 6909 -j DNAT --to-destination 192.168.0.114:6909 -A MINIUPNPD -p tcp -m tcp --dport 41753 -j DNAT --to-destination 192.168.0.114:41753 -A MINIUPNPD -p udp -m udp --dport 41753 -j DNAT --to-destination 192.168.0.114:41753 -A MINIUPNPD -p udp -m udp --dport 6980 -j DNAT --to-destination 192.168.0.114:6980 -A MINIUPNPD -p tcp -m tcp --dport 6980 -j DNAT --to-destination 192.168.0.114:6980 -A MINIUPNPD -p tcp -m tcp --dport 43669 -j DNAT --to-destination 192.168.0.114:43669 -A MINIUPNPD -p udp -m udp --dport 43669 -j DNAT --to-destination 192.168.0.114:43669 -A MINIUPNPD -p udp -m udp --dport 6914 -j DNAT --to-destination 192.168.0.114:6914 -A MINIUPNPD -p tcp -m tcp --dport 6914 -j DNAT --to-destination 192.168.0.114:6914 -A MINIUPNPD -p tcp -m tcp --dport 36643 -j DNAT --to-destination 192.168.0.114:36643 -A MINIUPNPD -p udp -m udp --dport 36643 -j DNAT --to-destination 192.168.0.114:36643 -A MINIUPNPD -p udp -m udp --dport 6950 -j DNAT --to-destination 192.168.0.114:6950 -A MINIUPNPD -p tcp -m tcp --dport 6950 -j DNAT --to-destination 192.168.0.114:6950 -A MINIUPNPD -p tcp -m tcp --dport 36343 -j DNAT --to-destination 192.168.0.114:36343 -A MINIUPNPD -p udp -m udp --dport 36343 -j DNAT --to-destination 192.168.0.114:36343 -A MINIUPNPD -p udp -m udp --dport 6887 -j DNAT --to-destination 192.168.0.114:6887 -A MINIUPNPD -p tcp -m tcp --dport 6887 -j DNAT --to-destination 192.168.0.114:6887 -A MINIUPNPD -p tcp -m tcp --dport 46467 -j DNAT --to-destination 192.168.0.114:46467 -A MINIUPNPD -p udp -m udp --dport 46467 -j DNAT --to-destination 192.168.0.114:46467 -A MINIUPNPD -p udp -m udp --dport 6908 -j DNAT --to-destination 192.168.0.114:6908 -A MINIUPNPD -p tcp -m tcp --dport 6908 -j DNAT --to-destination 192.168.0.114:6908 -A MINIUPNPD -p tcp -m tcp --dport 40273 -j DNAT --to-destination 192.168.0.114:40273 -A MINIUPNPD -p udp -m udp --dport 40273 -j DNAT --to-destination 192.168.0.114:40273 -A MINIUPNPD -p udp -m udp --dport 6954 -j DNAT --to-destination 192.168.0.114:6954 -A MINIUPNPD -p tcp -m tcp --dport 6954 -j DNAT --to-destination 192.168.0.114:6954 -A MINIUPNPD -p tcp -m tcp --dport 44203 -j DNAT --to-destination 192.168.0.114:44203 -A MINIUPNPD -p udp -m udp --dport 44203 -j DNAT --to-destination 192.168.0.114:44203 -A MINIUPNPD -p udp -m udp --dport 6944 -j DNAT --to-destination 192.168.0.114:6944 -A MINIUPNPD -p tcp -m tcp --dport 6944 -j DNAT --to-destination 192.168.0.114:6944 -A MINIUPNPD -p tcp -m tcp --dport 42197 -j DNAT --to-destination 192.168.0.114:42197 -A MINIUPNPD -p udp -m udp --dport 42197 -j DNAT --to-destination 192.168.0.114:42197 -A MINIUPNPD -p tcp -m tcp --dport 45203 -j DNAT --to-destination 192.168.0.114:45203 -A MINIUPNPD -p udp -m udp --dport 45203 -j DNAT --to-destination 192.168.0.114:45203 -A MINIUPNPD -p udp -m udp --dport 6894 -j DNAT --to-destination 192.168.0.114:6894 -A MINIUPNPD -p tcp -m tcp --dport 6894 -j DNAT --to-destination 192.168.0.114:6894 -A MINIUPNPD -p tcp -m tcp --dport 42727 -j DNAT --to-destination 192.168.0.114:42727 -A MINIUPNPD -p udp -m udp --dport 42727 -j DNAT --to-destination 192.168.0.114:42727 -A MINIUPNPD -p udp -m udp --dport 6885 -j DNAT --to-destination 192.168.0.114:6885 -A MINIUPNPD -p tcp -m tcp --dport 6885 -j DNAT --to-destination 192.168.0.114:6885 -A MINIUPNPD -p tcp -m tcp --dport 44707 -j DNAT --to-destination 192.168.0.114:44707 -A MINIUPNPD -p udp -m udp --dport 44707 -j DNAT --to-destination 192.168.0.114:44707 -A MINIUPNPD -p udp -m udp --dport 6949 -j DNAT --to-destination 192.168.0.114:6949 -A MINIUPNPD -p tcp -m tcp --dport 6949 -j DNAT --to-destination 192.168.0.114:6949 -A MINIUPNPD -p tcp -m tcp --dport 34761 -j DNAT --to-destination 192.168.0.114:34761 -A MINIUPNPD -p udp -m udp --dport 34761 -j DNAT --to-destination 192.168.0.114:34761 -A MINIUPNPD -p udp -m udp --dport 6919 -j DNAT --to-destination 192.168.0.114:6919 -A MINIUPNPD -p tcp -m tcp --dport 6919 -j DNAT --to-destination 192.168.0.114:6919 -A MINIUPNPD -p tcp -m tcp --dport 36393 -j DNAT --to-destination 192.168.0.114:36393 -A MINIUPNPD -p udp -m udp --dport 36393 -j DNAT --to-destination 192.168.0.114:36393 -A MINIUPNPD -p udp -m udp --dport 6946 -j DNAT --to-destination 192.168.0.114:6946 -A MINIUPNPD -p tcp -m tcp --dport 6946 -j DNAT --to-destination 192.168.0.114:6946 -A MINIUPNPD -p tcp -m tcp --dport 43475 -j DNAT --to-destination 192.168.0.114:43475 -A MINIUPNPD -p udp -m udp --dport 43475 -j DNAT --to-destination 192.168.0.114:43475 -A MINIUPNPD -p udp -m udp --dport 6902 -j DNAT --to-destination 192.168.0.114:6902 -A MINIUPNPD -p tcp -m tcp --dport 6902 -j DNAT --to-destination 192.168.0.114:6902 -A MINIUPNPD -p tcp -m tcp --dport 43219 -j DNAT --to-destination 192.168.0.114:43219 -A MINIUPNPD -p udp -m udp --dport 43219 -j DNAT --to-destination 192.168.0.114:43219 -A MINIUPNPD -p tcp -m tcp --dport 45653 -j DNAT --to-destination 192.168.0.114:45653 -A MINIUPNPD -p udp -m udp --dport 45653 -j DNAT --to-destination 192.168.0.114:45653 -A MINIUPNPD -p udp -m udp --dport 6969 -j DNAT --to-destination 192.168.0.114:6969 -A MINIUPNPD -p tcp -m tcp --dport 6969 -j DNAT --to-destination 192.168.0.114:6969 -A MINIUPNPD -p tcp -m tcp --dport 34873 -j DNAT --to-destination 192.168.0.114:34873 -A MINIUPNPD -p udp -m udp --dport 34873 -j DNAT --to-destination 192.168.0.114:34873 -A MINIUPNPD -p udp -m udp --dport 6967 -j DNAT --to-destination 192.168.0.114:6967 -A MINIUPNPD -p tcp -m tcp --dport 6967 -j DNAT --to-destination 192.168.0.114:6967 -A MINIUPNPD -p tcp -m tcp --dport 37131 -j DNAT --to-destination 192.168.0.114:37131 -A MINIUPNPD -p udp -m udp --dport 37131 -j DNAT --to-destination 192.168.0.114:37131 -A MINIUPNPD -p udp -m udp --dport 6903 -j DNAT --to-destination 192.168.0.114:6903 -A MINIUPNPD -p tcp -m tcp --dport 6903 -j DNAT --to-destination 192.168.0.114:6903 -A MINIUPNPD -p tcp -m tcp --dport 37223 -j DNAT --to-destination 192.168.0.114:37223 -A MINIUPNPD -p udp -m udp --dport 37223 -j DNAT --to-destination 192.168.0.114:37223 -A MINIUPNPD -p udp -m udp --dport 6933 -j DNAT --to-destination 192.168.0.114:6933 -A MINIUPNPD -p tcp -m tcp --dport 6933 -j DNAT --to-destination 192.168.0.114:6933 -A MINIUPNPD -p tcp -m tcp --dport 41309 -j DNAT --to-destination 192.168.0.114:41309 -A MINIUPNPD -p udp -m udp --dport 41309 -j DNAT --to-destination 192.168.0.114:41309 -A MINIUPNPD -p udp -m udp --dport 6955 -j DNAT --to-destination 192.168.0.114:6955 -A MINIUPNPD -p tcp -m tcp --dport 6955 -j DNAT --to-destination 192.168.0.114:6955 -A MINIUPNPD -p tcp -m tcp --dport 46523 -j DNAT --to-destination 192.168.0.114:46523 -A MINIUPNPD -p udp -m udp --dport 46523 -j DNAT --to-destination 192.168.0.114:46523 -A MINIUPNPD -p tcp -m tcp --dport 42913 -j DNAT --to-destination 192.168.0.114:42913 -A MINIUPNPD -p udp -m udp --dport 42913 -j DNAT --to-destination 192.168.0.114:42913 -A MINIUPNPD -p udp -m udp --dport 6935 -j DNAT --to-destination 192.168.0.114:6935 -A MINIUPNPD -p tcp -m tcp --dport 6935 -j DNAT --to-destination 192.168.0.114:6935 -A MINIUPNPD -p tcp -m tcp --dport 35113 -j DNAT --to-destination 192.168.0.114:35113 -A MINIUPNPD -p udp -m udp --dport 35113 -j DNAT --to-destination 192.168.0.114:35113 -A MINIUPNPD -p udp -m udp --dport 6979 -j DNAT --to-destination 192.168.0.114:6979 -A MINIUPNPD -p tcp -m tcp --dport 6979 -j DNAT --to-destination 192.168.0.114:6979 -A MINIUPNPD -p udp -m udp --dport 33175 -j DNAT --to-destination 192.168.0.114:33175 -A MINIUPNPD-POSTROUTING -s 192.168.0.102/32 -p tcp -m tcp --sport 4010 -j MASQUERADE --to-ports 4010 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 43091 -j MASQUERADE --to-ports 43091 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 43091 -j MASQUERADE --to-ports 43091 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6909 -j MASQUERADE --to-ports 6909 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6909 -j MASQUERADE --to-ports 6909 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 41753 -j MASQUERADE --to-ports 41753 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 41753 -j MASQUERADE --to-ports 41753 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6980 -j MASQUERADE --to-ports 6980 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6980 -j MASQUERADE --to-ports 6980 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 43669 -j MASQUERADE --to-ports 43669 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 43669 -j MASQUERADE --to-ports 43669 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6914 -j MASQUERADE --to-ports 6914 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6914 -j MASQUERADE --to-ports 6914 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 36643 -j MASQUERADE --to-ports 36643 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 36643 -j MASQUERADE --to-ports 36643 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6950 -j MASQUERADE --to-ports 6950 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6950 -j MASQUERADE --to-ports 6950 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 36343 -j MASQUERADE --to-ports 36343 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 36343 -j MASQUERADE --to-ports 36343 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6887 -j MASQUERADE --to-ports 6887 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6887 -j MASQUERADE --to-ports 6887 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 46467 -j MASQUERADE --to-ports 46467 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 46467 -j MASQUERADE --to-ports 46467 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6908 -j MASQUERADE --to-ports 6908 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6908 -j MASQUERADE --to-ports 6908 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 40273 -j MASQUERADE --to-ports 40273 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 40273 -j MASQUERADE --to-ports 40273 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6954 -j MASQUERADE --to-ports 6954 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6954 -j MASQUERADE --to-ports 6954 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 44203 -j MASQUERADE --to-ports 44203 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 44203 -j MASQUERADE --to-ports 44203 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6944 -j MASQUERADE --to-ports 6944 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6944 -j MASQUERADE --to-ports 6944 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 42197 -j MASQUERADE --to-ports 42197 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 42197 -j MASQUERADE --to-ports 42197 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 45203 -j MASQUERADE --to-ports 45203 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 45203 -j MASQUERADE --to-ports 45203 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6894 -j MASQUERADE --to-ports 6894 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6894 -j MASQUERADE --to-ports 6894 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 42727 -j MASQUERADE --to-ports 42727 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 42727 -j MASQUERADE --to-ports 42727 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6885 -j MASQUERADE --to-ports 6885 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6885 -j MASQUERADE --to-ports 6885 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 44707 -j MASQUERADE --to-ports 44707 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 44707 -j MASQUERADE --to-ports 44707 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6949 -j MASQUERADE --to-ports 6949 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6949 -j MASQUERADE --to-ports 6949 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 34761 -j MASQUERADE --to-ports 34761 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 34761 -j MASQUERADE --to-ports 34761 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6919 -j MASQUERADE --to-ports 6919 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6919 -j MASQUERADE --to-ports 6919 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 36393 -j MASQUERADE --to-ports 36393 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 36393 -j MASQUERADE --to-ports 36393 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6946 -j MASQUERADE --to-ports 6946 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6946 -j MASQUERADE --to-ports 6946 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 43475 -j MASQUERADE --to-ports 43475 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 43475 -j MASQUERADE --to-ports 43475 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6902 -j MASQUERADE --to-ports 6902 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6902 -j MASQUERADE --to-ports 6902 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 43219 -j MASQUERADE --to-ports 43219 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 43219 -j MASQUERADE --to-ports 43219 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 45653 -j MASQUERADE --to-ports 45653 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 45653 -j MASQUERADE --to-ports 45653 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6969 -j MASQUERADE --to-ports 6969 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6969 -j MASQUERADE --to-ports 6969 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 34873 -j MASQUERADE --to-ports 34873 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 34873 -j MASQUERADE --to-ports 34873 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6967 -j MASQUERADE --to-ports 6967 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6967 -j MASQUERADE --to-ports 6967 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 37131 -j MASQUERADE --to-ports 37131 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 37131 -j MASQUERADE --to-ports 37131 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6903 -j MASQUERADE --to-ports 6903 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6903 -j MASQUERADE --to-ports 6903 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 37223 -j MASQUERADE --to-ports 37223 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 37223 -j MASQUERADE --to-ports 37223 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6933 -j MASQUERADE --to-ports 6933 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6933 -j MASQUERADE --to-ports 6933 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 41309 -j MASQUERADE --to-ports 41309 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 41309 -j MASQUERADE --to-ports 41309 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6955 -j MASQUERADE --to-ports 6955 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6955 -j MASQUERADE --to-ports 6955 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 46523 -j MASQUERADE --to-ports 46523 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 46523 -j MASQUERADE --to-ports 46523 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 42913 -j MASQUERADE --to-ports 42913 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 42913 -j MASQUERADE --to-ports 42913 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6935 -j MASQUERADE --to-ports 6935 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6935 -j MASQUERADE --to-ports 6935 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 35113 -j MASQUERADE --to-ports 35113 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 35113 -j MASQUERADE --to-ports 35113 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 6979 -j MASQUERADE --to-ports 6979 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p tcp -m tcp --sport 6979 -j MASQUERADE --to-ports 6979 -A MINIUPNPD-POSTROUTING -s 192.168.0.114/32 -p udp -m udp --sport 33175 -j MASQUERADE --to-ports 33175 -A openclash -m set --match-set localnetwork dst -j RETURN -A openclash -m set --match-set china_ip_route dst -j RETURN -A openclash -p tcp -j REDIRECT --to-ports 6060 -A openclash_output -p tcp -m tcp --sport 7443 -j RETURN -A openclash_output -p tcp -m tcp --sport 7171 -j RETURN -A openclash_output -p tcp -m tcp --sport 25565 -j RETURN -A openclash_output -p tcp -m tcp --sport 33899 -j RETURN -A openclash_output -p tcp -m tcp --sport 8006 -j RETURN -A openclash_output -p tcp -m tcp --sport 48648 -j RETURN -A openclash_output -p tcp -m tcp --sport 48647 -j RETURN -A openclash_output -p tcp -m tcp --sport 1234 -j RETURN -A openclash_output -m set --match-set localnetwork dst -j RETURN -A openclash_output -m set --match-set china_ip_route dst -j RETURN -A openclash_output -p tcp -m owner ! --uid-owner 65534 -j DNAT --to-destination 192.168.0.1:6060 -A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.100/32 -p tcp -m tcp --dport 47984:48010 -m comment --comment "!fw3: NVIDIA Stream (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.100/32 -p udp -m udp --dport 47984:48010 -m comment --comment "!fw3: NVIDIA Stream (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.100/32 -p tcp -m tcp --dport 7070 -m comment --comment "!fw3: AnyDesk (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.100/32 -p udp -m udp --dport 7070 -m comment --comment "!fw3: AnyDesk (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p tcp -m tcp --dport 1234 -m comment --comment "!fw3: nas-debian virtual host (reflection)" -j SNAT --to-source 222.137.75.159 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.80/32 -p tcp -m tcp --dport 48647 -m comment --comment "!fw3: nas-pve ssh (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p tcp -m tcp --dport 48648 -m comment --comment "!fw3: nas-debian ssh (reflection)" -j SNAT --to-source 222.137.75.159 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p udp -m udp --dport 60000:61000 -m comment --comment "!fw3: nas-debian mosh (reflection)" -j SNAT --to-source 222.137.75.159 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.80/32 -p tcp -m tcp --dport 8006 -m comment --comment "!fw3: nas-pve web (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.82/32 -p tcp -m tcp --dport 3389 -m comment --comment "!fw3: nas-win mrd (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.82/32 -p udp -m udp --dport 3389 -m comment --comment "!fw3: nas-win mrd (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.82/32 -p tcp -m tcp --dport 25565 -m comment --comment "!fw3: nas-win minecraft (reflection)" -j SNAT --to-source 222.137.75.159 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.82/32 -p tcp -m tcp --dport 7171 -m comment --comment "!fw3: nas-win anydesk (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.82/32 -p udp -m udp --dport 7171 -m comment --comment "!fw3: nas-win anydesk (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p tcp -m tcp --dport 3478 -m comment --comment "!fw3: nas-debian coturn (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p udp -m udp --dport 3478 -m comment --comment "!fw3: nas-debian coturn (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p tcp -m tcp --dport 9000:9010 -m comment --comment "!fw3: nas-debian misc (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p udp -m udp --dport 9000:9010 -m comment --comment "!fw3: nas-debian misc (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.100/32 -p tcp -m tcp --dport 14154 -m comment --comment "!fw3: BitComet (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.100/32 -p udp -m udp --dport 14154 -m comment --comment "!fw3: BitComet (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p tcp -m tcp --dport 64738 -m comment --comment "!fw3: nas-debian mumble (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p udp -m udp --dport 64738 -m comment --comment "!fw3: nas-debian mumble (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p tcp -m tcp --dport 6881 -m comment --comment "!fw3: nas-debian aria2 bt (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p udp -m udp --dport 6881 -m comment --comment "!fw3: nas-debian aria2 bt (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.82/32 -p tcp -m tcp --dport 1935 -m comment --comment "!fw3: nas-win stream server (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.82/32 -p udp -m udp --dport 1935 -m comment --comment "!fw3: nas-win stream server (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_postrouting -s 192.168.0.0/24 -d 192.168.0.81/32 -p tcp -m tcp --dport 7443 -m comment --comment "!fw3: nas-debian tlsproxy (reflection)" -j SNAT --to-source 192.168.0.1 -A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 47984:48010 -m comment --comment "!fw3: NVIDIA Stream (reflection)" -j DNAT --to-destination 192.168.0.100:47984-48010 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p udp -m udp --dport 47984:48010 -m comment --comment "!fw3: NVIDIA Stream (reflection)" -j DNAT --to-destination 192.168.0.100:47984-48010 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 7070 -m comment --comment "!fw3: AnyDesk (reflection)" -j DNAT --to-destination 192.168.0.100:7070 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p udp -m udp --dport 7070 -m comment --comment "!fw3: AnyDesk (reflection)" -j DNAT --to-destination 192.168.0.100:7070 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 1234 -m comment --comment "!fw3: nas-debian virtual host (reflection)" -j DNAT --to-destination 192.168.0.81:1234 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 48647 -m comment --comment "!fw3: nas-pve ssh (reflection)" -j DNAT --to-destination 192.168.0.80:48647 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 48648 -m comment --comment "!fw3: nas-debian ssh (reflection)" -j DNAT --to-destination 192.168.0.81:48648 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p udp -m udp --dport 60000:61000 -m comment --comment "!fw3: nas-debian mosh (reflection)" -j DNAT --to-destination 192.168.0.81:60000-61000 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 8006 -m comment --comment "!fw3: nas-pve web (reflection)" -j DNAT --to-destination 192.168.0.80:8006 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 33899 -m comment --comment "!fw3: nas-win mrd (reflection)" -j DNAT --to-destination 192.168.0.82:3389 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p udp -m udp --dport 33899 -m comment --comment "!fw3: nas-win mrd (reflection)" -j DNAT --to-destination 192.168.0.82:3389 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 25565 -m comment --comment "!fw3: nas-win minecraft (reflection)" -j DNAT --to-destination 192.168.0.82:25565 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 7171 -m comment --comment "!fw3: nas-win anydesk (reflection)" -j DNAT --to-destination 192.168.0.82:7171 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p udp -m udp --dport 7171 -m comment --comment "!fw3: nas-win anydesk (reflection)" -j DNAT --to-destination 192.168.0.82:7171 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 3478 -m comment --comment "!fw3: nas-debian coturn (reflection)" -j DNAT --to-destination 192.168.0.81:3478 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p udp -m udp --dport 3478 -m comment --comment "!fw3: nas-debian coturn (reflection)" -j DNAT --to-destination 192.168.0.81:3478 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 9000:9010 -m comment --comment "!fw3: nas-debian misc (reflection)" -j DNAT --to-destination 192.168.0.81:9000-9010 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p udp -m udp --dport 9000:9010 -m comment --comment "!fw3: nas-debian misc (reflection)" -j DNAT --to-destination 192.168.0.81:9000-9010 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 14154 -m comment --comment "!fw3: BitComet (reflection)" -j DNAT --to-destination 192.168.0.100:14154 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p udp -m udp --dport 14154 -m comment --comment "!fw3: BitComet (reflection)" -j DNAT --to-destination 192.168.0.100:14154 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 64738 -m comment --comment "!fw3: nas-debian mumble (reflection)" -j DNAT --to-destination 192.168.0.81:64738 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p udp -m udp --dport 64738 -m comment --comment "!fw3: nas-debian mumble (reflection)" -j DNAT --to-destination 192.168.0.81:64738 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 6881 -m comment --comment "!fw3: nas-debian aria2 bt (reflection)" -j DNAT --to-destination 192.168.0.81:6881 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p udp -m udp --dport 6881 -m comment --comment "!fw3: nas-debian aria2 bt (reflection)" -j DNAT --to-destination 192.168.0.81:6881 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 1935 -m comment --comment "!fw3: nas-win stream server (reflection)" -j DNAT --to-destination 192.168.0.82:1935 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p udp -m udp --dport 1935 -m comment --comment "!fw3: nas-win stream server (reflection)" -j DNAT --to-destination 192.168.0.82:1935 -A zone_lan_prerouting -s 192.168.0.0/24 -d 222.137.75.159/32 -p tcp -m tcp --dport 7443 -m comment --comment "!fw3: nas-debian tlsproxy (reflection)" -j DNAT --to-destination 192.168.0.81:7443 -A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule -A zone_wan_postrouting -j MINIUPNPD-POSTROUTING -A zone_wan_postrouting -m comment --comment "!fw3" -j MASQUERADE -A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule -A zone_wan_prerouting -p tcp -m tcp --dport 47984:48010 -m comment --comment "!fw3: NVIDIA Stream" -j DNAT --to-destination 192.168.0.100:47984-48010 -A zone_wan_prerouting -p udp -m udp --dport 47984:48010 -m comment --comment "!fw3: NVIDIA Stream" -j DNAT --to-destination 192.168.0.100:47984-48010 -A zone_wan_prerouting -p tcp -m tcp --dport 7070 -m comment --comment "!fw3: AnyDesk" -j DNAT --to-destination 192.168.0.100:7070 -A zone_wan_prerouting -p udp -m udp --dport 7070 -m comment --comment "!fw3: AnyDesk" -j DNAT --to-destination 192.168.0.100:7070 -A zone_wan_prerouting -p tcp -m tcp --dport 1234 -m comment --comment "!fw3: nas-debian virtual host" -j DNAT --to-destination 192.168.0.81:1234 -A zone_wan_prerouting -p tcp -m tcp --dport 48647 -m comment --comment "!fw3: nas-pve ssh" -j DNAT --to-destination 192.168.0.80:48647 -A zone_wan_prerouting -p tcp -m tcp --dport 48648 -m comment --comment "!fw3: nas-debian ssh" -j DNAT --to-destination 192.168.0.81:48648 -A zone_wan_prerouting -p udp -m udp --dport 60000:61000 -m comment --comment "!fw3: nas-debian mosh" -j DNAT --to-destination 192.168.0.81:60000-61000 -A zone_wan_prerouting -p tcp -m tcp --dport 8006 -m comment --comment "!fw3: nas-pve web" -j DNAT --to-destination 192.168.0.80:8006 -A zone_wan_prerouting -p tcp -m tcp --dport 33899 -m comment --comment "!fw3: nas-win mrd" -j DNAT --to-destination 192.168.0.82:3389 -A zone_wan_prerouting -p udp -m udp --dport 33899 -m comment --comment "!fw3: nas-win mrd" -j DNAT --to-destination 192.168.0.82:3389 -A zone_wan_prerouting -p tcp -m tcp --dport 25565 -m comment --comment "!fw3: nas-win minecraft" -j DNAT --to-destination 192.168.0.82:25565 -A zone_wan_prerouting -p tcp -m tcp --dport 7171 -m comment --comment "!fw3: nas-win anydesk" -j DNAT --to-destination 192.168.0.82:7171 -A zone_wan_prerouting -p udp -m udp --dport 7171 -m comment --comment "!fw3: nas-win anydesk" -j DNAT --to-destination 192.168.0.82:7171 -A zone_wan_prerouting -p tcp -m tcp --dport 3478 -m comment --comment "!fw3: nas-debian coturn" -j DNAT --to-destination 192.168.0.81:3478 -A zone_wan_prerouting -p udp -m udp --dport 3478 -m comment --comment "!fw3: nas-debian coturn" -j DNAT --to-destination 192.168.0.81:3478 -A zone_wan_prerouting -p tcp -m tcp --dport 9000:9010 -m comment --comment "!fw3: nas-debian misc" -j DNAT --to-destination 192.168.0.81:9000-9010 -A zone_wan_prerouting -p udp -m udp --dport 9000:9010 -m comment --comment "!fw3: nas-debian misc" -j DNAT --to-destination 192.168.0.81:9000-9010 -A zone_wan_prerouting -p tcp -m tcp --dport 14154 -m comment --comment "!fw3: BitComet" -j DNAT --to-destination 192.168.0.100:14154 -A zone_wan_prerouting -p udp -m udp --dport 14154 -m comment --comment "!fw3: BitComet" -j DNAT --to-destination 192.168.0.100:14154 -A zone_wan_prerouting -p tcp -m tcp --dport 64738 -m comment --comment "!fw3: nas-debian mumble" -j DNAT --to-destination 192.168.0.81:64738 -A zone_wan_prerouting -p udp -m udp --dport 64738 -m comment --comment "!fw3: nas-debian mumble" -j DNAT --to-destination 192.168.0.81:64738 -A zone_wan_prerouting -p tcp -m tcp --dport 6881 -m comment --comment "!fw3: nas-debian aria2 bt" -j DNAT --to-destination 192.168.0.81:6881 -A zone_wan_prerouting -p udp -m udp --dport 6881 -m comment --comment "!fw3: nas-debian aria2 bt" -j DNAT --to-destination 192.168.0.81:6881 -A zone_wan_prerouting -p tcp -m tcp --dport 1935 -m comment --comment "!fw3: nas-win stream server" -j DNAT --to-destination 192.168.0.82:1935 -A zone_wan_prerouting -p udp -m udp --dport 1935 -m comment --comment "!fw3: nas-win stream server" -j DNAT --to-destination 192.168.0.82:1935 -A zone_wan_prerouting -p tcp -m tcp --dport 7443 -m comment --comment "!fw3: nas-debian tlsproxy" -j DNAT --to-destination 192.168.0.81:7443 -A zone_wan_prerouting -j MINIUPNPD COMMIT # Completed on Mon Jul 26 14:42:25 2021 #Mangle chain # Generated by iptables-save v1.8.3 on Mon Jul 26 14:42:25 2021 *mangle :PREROUTING ACCEPT [177:56055] :INPUT ACCEPT [160:54561] :FORWARD ACCEPT [17:1494] :OUTPUT ACCEPT [144:50118] :POSTROUTING ACCEPT [161:51612] :openclash - [0:0] :openclash_dns_hijack - [0:0] :qos_Default - [0:0] :qos_Default_ct - [0:0] -A PREROUTING -p udp -j openclash -A PREROUTING -p tcp -m tcp --dport 53 -j openclash_dns_hijack -A PREROUTING -p udp -j openclash -A PREROUTING -p tcp -m tcp --dport 53 -j openclash_dns_hijack -A FORWARD -o pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu -A FORWARD -i pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu -A openclash -p udp -m udp --dport 500 -j RETURN -A openclash -p udp -m udp --dport 546 -j RETURN -A openclash -p udp -m udp --dport 68 -j RETURN -A openclash -p udp -m udp --dport 7443 -j RETURN -A openclash -p udp -m udp --dport 7171 -j RETURN -A openclash -p udp -m udp --dport 25565 -j RETURN -A openclash -p udp -m udp --dport 33899 -j RETURN -A openclash -p udp -m udp --dport 8006 -j RETURN -A openclash -p udp -m udp --dport 48648 -j RETURN -A openclash -p udp -m udp --dport 48647 -j RETURN -A openclash -p udp -m udp --dport 1234 -j RETURN -A openclash -m set --match-set localnetwork dst -j RETURN -A openclash -m set --match-set china_ip_route dst -j RETURN -A openclash -j MARK --set-xmark 0x162/0xffffffff -A openclash_dns_hijack -d 8.8.8.8/32 -j MARK --set-xmark 0x162/0xffffffff -A openclash_dns_hijack -d 8.8.4.4/32 -j MARK --set-xmark 0x162/0xffffffff -A qos_Default -j CONNMARK --restore-mark --nfmask 0xf --ctmask 0xf -A qos_Default -m mark --mark 0x0/0xf -j qos_Default_ct -A qos_Default -p udp -m mark --mark 0x0/0xf0 -m length --length 0:500 -j MARK --set-xmark 0x22/0xff -A qos_Default -p icmp -j MARK --set-xmark 0x11/0xff -A qos_Default -p tcp -m mark --mark 0x0/0xf0 -m tcp --sport 1024:65535 --dport 1024:65535 -j MARK --set-xmark 0x44/0xff -A qos_Default -p udp -m mark --mark 0x0/0xf0 -m udp --sport 1024:65535 --dport 1024:65535 -j MARK --set-xmark 0x44/0xff -A qos_Default -j CONNMARK --save-mark --nfmask 0xff --ctmask 0xff -A qos_Default_ct -p tcp -m mark --mark 0x0/0xf -m tcp -m multiport --ports 22,53 -m comment --comment "ssh, dns" -j MARK --set-xmark 0x11/0xff -A qos_Default_ct -p udp -m mark --mark 0x0/0xf -m udp -m multiport --ports 22,53 -m comment --comment "ssh, dns" -j MARK --set-xmark 0x11/0xff -A qos_Default_ct -p tcp -m mark --mark 0x0/0xf -m tcp -m multiport --ports 20,21,25,80,110,443,993,995 -m comment --comment "ftp, smtp, http(s), imap" -j MARK --set-xmark 0x33/0xff -A qos_Default_ct -j CONNMARK --save-mark --nfmask 0xff --ctmask 0xff COMMIT # Completed on Mon Jul 26 14:42:25 2021 #===================== IPSET状态 =====================# Name: china_ip_route Name: localnetwork #===================== 路由表状态 =====================# #route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 222.137.72.1 0.0.0.0 UG 0 0 0 pppoe-wan 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan 198.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 utun 222.137.72.1 0.0.0.0 255.255.255.255 UH 0 0 0 pppoe-wan #ip route list default via 222.137.72.1 dev pppoe-wan proto static 192.168.0.0/24 dev br-lan proto kernel scope link src 192.168.0.1 198.18.0.0/16 dev utun proto kernel scope link src 198.18.0.1 222.137.72.1 dev pppoe-wan proto kernel scope link src 222.137.75.159 #ip rule show 0: from all lookup local 32764: from all fwmark 0x162 lookup 354 32765: from all fwmark 0x162 lookup 354 32766: from all lookup main 32767: from all lookup default #===================== Tun设备状态 =====================# utun: tun #===================== 端口占用状态 =====================# tcp 0 0 192.168.0.1:10809 0.0.0.0:* LISTEN 20160/clash tcp 0 0 192.168.0.1:10810 0.0.0.0:* LISTEN 20160/clash tcp 0 0 198.18.0.1:7777 0.0.0.0:* LISTEN 20160/clash tcp 0 0 192.168.0.1:9090 0.0.0.0:* LISTEN 20160/clash tcp 0 0 192.168.0.1:6060 0.0.0.0:* LISTEN 20160/clash tcp 0 0 192.168.0.1:10808 0.0.0.0:* LISTEN 20160/clash udp 0 0 192.168.0.1:10808 0.0.0.0:* 20160/clash udp 0 0 192.168.0.1:10809 0.0.0.0:* 20160/clash udp 0 0 198.18.0.1:7777 0.0.0.0:* 20160/clash udp 0 0 192.168.0.1:6060 0.0.0.0:* 20160/clash udp 0 0 127.0.0.1:5050 0.0.0.0:* 20160/clash #===================== 测试本机DNS查询 =====================# Server: 127.0.0.1 Address: 127.0.0.1#53 www.baidu.com canonical name = www.a.shifen.com. Name: www.a.shifen.com Address: 110.242.68.3 Name: www.a.shifen.com Address: 110.242.68.4 #===================== resolv.conf.auto =====================# # Interface wan nameserver 202.102.224.68 nameserver 202.102.227.68 #===================== 测试本机网络连接 =====================# HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform Connection: keep-alive Content-Length: 277 Content-Type: text/html Date: Mon, 26 Jul 2021 06:42:25 GMT Etag: "575e1f59-115" Last-Modified: Mon, 13 Jun 2016 02:50:01 GMT Pragma: no-cache Server: bfe/1.0.8.18 #===================== 测试本机网络下载 =====================# HTTP/2 200 cache-control: max-age=300 content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox content-type: text/plain; charset=utf-8 etag: "ec82bc6b32b179cba09258757b2ba6d965900004bb70dc7af9519cc0bc1a973d" strict-transport-security: max-age=31536000 x-content-type-options: nosniff x-frame-options: deny x-xss-protection: 1; mode=block x-github-request-id: 2B7A:3C6D:3121FB:450556:60FDFD8D accept-ranges: bytes date: Mon, 26 Jul 2021 06:42:27 GMT via: 1.1 varnish x-served-by: cache-hkg17921-HKG x-cache: HIT x-cache-hits: 1 x-timer: S1627281747.250452,VS0,VE1 vary: Authorization,Accept-Encoding access-control-allow-origin: * x-fastly-request-id: 88af0f36b068815eb1d8530eecaa9dc648044c0e expires: Mon, 26 Jul 2021 06:47:27 GMT source-age: 59 content-length: 80 #===================== 最近运行日志 =====================# time="2021-07-26T14:37:32+08:00" level=info msg="Start initial rule provider AppStore" time="2021-07-26T14:37:32+08:00" level=info msg="Start initial rule provider AppStoreConnect" time="2021-07-26T14:37:32+08:00" level=info msg="Start initial rule provider Apple(lhie1)" time="2021-07-26T14:37:32+08:00" level=info msg="Start initial rule provider 审计规则" time="2021-07-26T14:37:32+08:00" level=info msg="Start initial rule provider Steam" time="2021-07-26T14:37:32+08:00" level=info msg="Start initial rule provider 微软服务" time="2021-07-26T14:37:32+08:00" level=info msg="DNS server listening at: 127.0.0.1:5050" 2021-07-26 14:37:34 Step 6: Wait For The File Downloading... 2021-07-26 14:37:35 Step 7: Set Control Panel... 2021-07-26 14:37:35 Step 8: Set Firewall Rules... 2021-07-26 14:37:36 Step 9: Restart Dnsmasq... 2021-07-26 14:37:36 Step 10: Add Cron Rules, Start Daemons... 2021-07-26 14:37:36 Warning: OpenClash Start Successful, Please Note That Network May Abnormal With IPV6's DHCP Server 2021-07-26 14:42:14 OpenClash Stoping... 2021-07-26 14:42:14 Step 1: Backup The Current Groups State... 2021-07-26 14:42:14 Step 2: Delete OpenClash Firewall Rules... 2021-07-26 14:42:15 Step 3: Close The OpenClash Daemons... 2021-07-26 14:42:15 Step 4: Close The Clash Core Process... 2021-07-26 14:42:15 Step 5: Restart Dnsmasq... 2021-07-26 14:42:15 Step 6: Delete OpenClash Residue File... 2021-07-26 14:42:15 OpenClash Start Running... 2021-07-26 14:42:15 Step 1: Get The Configuration... 2021-07-26 14:42:15 Step 2: Check The Components... 2021-07-26 14:42:15 Step 3: Modify The Config File... 2021-07-26 14:42:15 Because of No Rules Field, Stop Setting BT/P2P DIRECT Rules! 2021-07-26 14:42:15 Step 4: Start Running The Clash Core... 2021-07-26 14:42:15 Detected The Exclusive Function of The TUN Core, Use TUN Core to Start... 2021-07-26 14:42:17 Reload OpenClash Firewall Rules... 2021-07-26 14:42:18 Step 5: Check The Core Status... time="2021-07-26T14:42:19+08:00" level=info msg="Start initial compatible provider Netflix" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial compatible provider Currency" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial compatible provider Netflix-马来西亚" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial compatible provider Netflix-日本" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial compatible provider Netflix-香港" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial compatible provider Game" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial rule provider Apple(lhie1)" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial rule provider 审计规则" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial rule provider Steam" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial rule provider 微软服务" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial rule provider 国内域名" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial rule provider Netflix" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial rule provider AppStore" time="2021-07-26T14:42:19+08:00" level=info msg="Start initial rule provider AppStoreConnect" time="2021-07-26T14:42:19+08:00" level=info msg="DNS server listening at: 127.0.0.1:5050" 2021-07-26 14:42:21 Step 6: Wait For The File Downloading... 2021-07-26 14:42:22 Step 7: Set Control Panel... 2021-07-26 14:42:22 Step 8: Set Firewall Rules... 2021-07-26 14:42:22 Step 9: Restart Dnsmasq... 2021-07-26 14:42:23 Step 10: Add Cron Rules, Start Daemons... 2021-07-26 14:42:23 Warning: OpenClash Start Successful, Please Note That Network May Abnormal With IPV6's DHCP Server
`
更新0.42.10后依旧出现了规则集和脚本配置文件消失
我使用的是脚本模式,并开启了服务器与策略组管理中的保留配置选项 但是每次定时检查订阅文件后配置文件中的规则集(rule-providers)和脚本(script)都会被清空 日记如下: `OpenClash 调试日志
生成时间: 2021-07-26 14:42:24 插件版本: v0.42.09-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息
`