search

vernesong / OpenClash

A Clash Client For OpenWrt
MIT License
17.54k stars 3.18k forks source link

最新源码, fake-ip模式下, 国内国外均无法连接 #1704

Closed msylgj closed 3 years ago

msylgj commented 3 years ago

如题, 测试了fake-ip各种模式都不能正常上网. 切换至redir-host正常 使用最新源码: d4230c4c3079a944e668a1bdfde5d934af48e32b

测试发现开启fakeip后, 53端口不通, 导致无法正常使用.现象如下 (7874正常, 53端口dig fakeip黑名单域名一样的响应) image_2021-10-15_15-47-11 image_2021-10-15_15-39-05

OpenClash 调试日志 生成时间: 2021-10-15 03:59:08 插件版本: v0.43.06-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息


#===================== 系统信息 =====================#

主机型号: FriendlyElec NanoPi R4S
固件版本: ImmortalWrt SNAPSHOT r20476-f6a2eadf50
LuCI版本: git-21.284.33265-1a202c0
内核版本: 5.14.12
处理器架构: aarch64_generic

#此项有值时,如不使用IPv6,建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: hybrid

#此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.0.1#7874

#===================== 依赖检查 =====================#

dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
iptables-mod-tproxy: 已安装
kmod-ipt-tproxy: 已安装
iptables-mod-extra: 已安装
kmod-ipt-extra: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
ruby-psych: 已安装
ruby-pstore: 已安装
ruby-dbm: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci-19.07): 已安装

#===================== 内核检查 =====================#

运行状态: 运行中
进程pid: 5767
运行权限: 5767: cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_resource=eip
运行用户: nobody
已选择的架构: linux-armv8

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 2021.09.15
Tun内核文件: 存在
Tun内核运行权限: 正常

Game内核版本: 
Game内核文件: 不存在
Game内核运行权限: 否

Dev内核版本: 
Dev内核文件: 不存在
Dev内核运行权限: 否

#===================== 插件设置 =====================#

当前配置文件: /etc/openclash/config/Outbound.yaml
启动配置文件: /etc/openclash/Outbound.yaml
运行模式: fake-ip-mix
默认代理模式: rule
UDP流量转发(tproxy): 停用
DNS劫持: 启用
自定义DNS: 启用
IPV6代理: 启用
IPV6-DNS解析: 启用
禁用Dnsmasq缓存: 启用
自定义规则: 停用
仅允许内网: 停用
仅代理命中规则流量: 停用
仅允许常用端口流量: 停用
绕过中国大陆IP: 停用

#启动异常时建议关闭此项后重试
混合节点: 停用
保留配置: 停用

#启动异常时建议关闭此项后重试
第三方规则: 停用

#===================== 配置文件 =====================#

proxy-groups:
- name: Auto - UrlTest
  type: url-test
  disable-udp: false
  use:
  - Cloud-流媒体
  - Cloud-其它
  url: https://cp.cloudflare.com/generate_204
  interval: '600'
  tolerance: 100
- name: Auto - Media
  type: url-test
  disable-udp: false
  use:
  - Cloud-流媒体
  url: https://cp.cloudflare.com/generate_204
  interval: '600'
  tolerance: 100
- name: Final
  type: select
  disable-udp: false
  proxies:
  - Select
  - DIRECT
- name: Select
  type: select
  disable-udp: false
  proxies:
  - Auto - UrlTest
  - DIRECT
  use:
  - Cloud-流媒体
  - Cloud-其它
- name: GlobalMedia
  type: select
  disable-udp: false
  proxies:
  - Auto - Media
- name: Netflix
  type: select
  disable-udp: false
  use:
  - Cloud-流媒体
- name: TikTok
  type: select
  disable-udp: false
  use:
  - Cloud-流媒体
  - Cloud-其它
- name: Speedtest
  type: select
  disable-udp: false
  proxies:
  - DIRECT
  use:
  - Cloud-流媒体
  - Cloud-其它
- name: Microsoft
  type: select
  disable-udp: false
  proxies:
  - DIRECT
  - Select
- name: DirectLink
  type: select
  disable-udp: false
  proxies:
  - DIRECT
  - Select
- name: Adblock
  type: select
  disable-udp: false
  proxies:
  - REJECT
rules:
- RULE-SET,隐私规则合集,Adblock
- RULE-SET,反劫持规则,Adblock
- RULE-SET,广告规则,Adblock
- RULE-SET,审计规则(建议直连),DirectLink
- RULE-SET,国内IP白名单,DirectLink
- RULE-SET,国内域名白名单,DirectLink
- RULE-SET,Speedtest,Speedtest
- RULE-SET,微软服务,Microsoft
- RULE-SET,TikTok,TikTok
- RULE-SET,Netflix,Netflix
- RULE-SET,国内流媒体国际版合集,GlobalMedia
- RULE-SET,国外流媒体合集,GlobalMedia
- RULE-SET,国外常用网站合集,Select
- IP-CIDR,198.18.0.1/16,REJECT,no-resolve
- IP-CIDR,192.168.0.0/16,DIRECT
- IP-CIDR,10.0.0.0/8,DIRECT
- IP-CIDR,172.16.0.0/12,DIRECT
- IP-CIDR,127.0.0.0/8,DIRECT
- IP-CIDR,100.64.0.0/10,DIRECT
- IP-CIDR,224.0.0.0/4,DIRECT
- IP-CIDR,fe80::/10,DIRECT
- IP-CIDR,119.28.28.28/32,DIRECT
- IP-CIDR,182.254.116.0/24,DIRECT
- GEOIP,CN,DIRECT
- MATCH,Final
dns:
  nameserver:
  - 183.157.8.1
  - "[fe80::ae4e:91ff:fe65:8125]:53"
  - dhcp://"pppoe-wan"
  - 114.114.114.114
  - 119.29.29.29
  - 223.5.5.5
  - "[2400:3200::1]:53"
  fallback:
  - https://doh.pub/dns-query
  - https://dns.alidns.com/dns-query
  - https://cloudflare-dns.com/dns-query
  - https://dns.rubyfish.cn/dns-query
  - tls://dns.google:853
  - https://1.1.1.1/dns-query
  - "[2001:4860:4860::8844]:53"
  enable: true
  ipv6: true
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/16
  listen: 0.0.0.0:7874
  fake-ip-filter:
  - "*.lan"
  - "*.localdomain"
  - "*.example"
  - "*.invalid"
  - "*.localhost"
  - "*.test"
  - "*.local"
  - "*.home.arpa"
  - time.*.com
  - time.*.gov
  - time.*.edu.cn
  - time.*.apple.com
  - time1.*.com
  - time2.*.com
  - time3.*.com
  - time4.*.com
  - time5.*.com
  - time6.*.com
  - time7.*.com
  - ntp.*.com
  - ntp1.*.com
  - ntp2.*.com
  - ntp3.*.com
  - ntp4.*.com
  - ntp5.*.com
  - ntp6.*.com
  - ntp7.*.com
  - "*.time.edu.cn"
  - "*.ntp.org.cn"
  - "+.pool.ntp.org"
  - time1.cloud.tencent.com
  - music.163.com
  - "*.music.163.com"
  - "*.126.net"
  - musicapi.taihe.com
  - music.taihe.com
  - songsearch.kugou.com
  - trackercdn.kugou.com
  - "*.kuwo.cn"
  - api-jooxtt.sanook.com
  - api.joox.com
  - joox.com
  - y.qq.com
  - "*.y.qq.com"
  - streamoc.music.tc.qq.com
  - mobileoc.music.tc.qq.com
  - isure.stream.qqmusic.qq.com
  - dl.stream.qqmusic.qq.com
  - aqqmusic.tc.qq.com
  - amobile.music.tc.qq.com
  - "*.xiami.com"
  - "*.music.migu.cn"
  - music.migu.cn
  - "*.msftconnecttest.com"
  - "*.msftncsi.com"
  - msftconnecttest.com
  - msftncsi.com
  - localhost.ptlogin2.qq.com
  - localhost.sec.qq.com
  - "+.srv.nintendo.net"
  - "+.stun.playstation.net"
  - xbox.*.microsoft.com
  - xnotify.xboxlive.com
  - "+.battlenet.com.cn"
  - "+.wotgame.cn"
  - "+.wggames.cn"
  - "+.wowsgame.cn"
  - "+.wargaming.net"
  - proxy.golang.org
  - stun.*.*
  - stun.*.*.*
  - "+.stun.*.*"
  - "+.stun.*.*.*"
  - "+.stun.*.*.*.*"
  - heartbeat.belkin.com
  - "*.linksys.com"
  - "*.linksyssmartwifi.com"
  - "*.router.asus.com"
  - mesu.apple.com
  - swscan.apple.com
  - swquery.apple.com
  - swdownload.apple.com
  - swcdn.apple.com
  - swdist.apple.com
  - lens.l.google.com
  - stun.l.google.com
  - "+.nflxvideo.net"
  default-nameserver:
  - 183.157.8.1
  - "[fe80::ae4e:91ff:fe65:8125]:53"
  - 114.114.114.114
  - 119.29.29.29
  - 223.5.5.5
  - "[2400:3200::1]:53"
  - "[2001:4860:4860::8844]:53"
redir-port: 7892
tproxy-port: 7895
port: 7890
socks-port: 7891
mixed-port: 7893
mode: rule
log-level: silent
allow-lan: true
external-controller: 0.0.0.0:9090
bind-address: "*"
external-ui: "/usr/share/openclash/dashboard"
ipv6: true
tun:
  enable: true
  stack: system
  dns-hijack:
  - tcp://8.8.8.8:53
  - tcp://8.8.4.4:53
profile:
  store-selected: true
  store-fakeip: true
rule-providers:
  国外常用网站合集:
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/Global.yaml"
    url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/Global.yaml
    interval: 86400
  国外流媒体合集:
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/Streaming.yaml"
    url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/StreamingMedia/Streaming.yaml
    interval: 86400
  国内流媒体国际版合集:
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/StreamingSE.yaml"
    url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/StreamingMedia/StreamingSE.yaml
    interval: 86400
  Netflix:
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/Netflix.yaml"
    url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/StreamingMedia/Video/Netflix.yaml
    interval: 86400
  TikTok:
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/TikTok.yaml"
    url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/StreamingMedia/Video/TikTok.yaml
    interval: 86400
  微软服务:
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/Microsoft.yaml"
    url: https://cdn.jsdelivr.net/gh/lhie1/Rules@master/Clash/Provider/Microsoft.yaml
    interval: 86400
  Speedtest:
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/Speedtest.yaml"
    url: https://cdn.jsdelivr.net/gh/lhie1/Rules@master/Clash/Provider/Speedtest.yaml
    interval: 86400
  国内域名白名单:
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/China.yaml"
    url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/China.yaml
    interval: 86400
  国内IP白名单:
    type: http
    behavior: ipcidr
    path: "/etc/openclash/rule_provider/ChinaIP.yaml"
    url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/Extra/ChinaIP.yaml
    interval: 86400
  审计规则(建议直连):
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/Special.yaml"
    url: https://cdn.jsdelivr.net/gh/lhie1/Rules@master/Clash/Provider/Special.yaml
    interval: 86400
  广告规则:
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/Advertising.yaml"
    url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/Guard/Advertising.yaml
    interval: 86400
  反劫持规则:
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/Hijacking.yaml"
    url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/Guard/Hijacking.yaml
    interval: 86400
  隐私规则合集:
    type: http
    behavior: classical
    path: "/etc/openclash/rule_provider/Privacy.yaml"
    url: https://cdn.jsdelivr.net/gh/DivineEngine/Profiles@master/Clash/RuleSet/Guard/Privacy.yaml
    interval: 86400

#===================== 防火墙设置 =====================#

#IPv4 NAT chain

# Generated by iptables-save v1.8.7 on Fri Oct 15 03:59:10 2021
*nat
:PREROUTING ACCEPT [17:752]
:INPUT ACCEPT [40:2243]
:OUTPUT ACCEPT [18:1080]
:POSTROUTING ACCEPT [7:420]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:netease_cloud_music - [0:0]
:openclash - [0:0]
:openclash_output - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -d 8.8.4.4/32 -p tcp -m comment --comment "OpenClash Google DNS Hijack" -m tcp --dport 53 -j ACCEPT
-A PREROUTING -d 8.8.8.8/32 -p tcp -m comment --comment "OpenClash Google DNS Hijack" -m tcp --dport 53 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 53 -m comment --comment "DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -p udp -m udp --dport 53 -m comment --comment "DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -m set --match-set neteasemusic dst -j netease_cloud_music
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -p tcp -j openclash
-A PREROUTING -p udp -m comment --comment DNSMASQ -m udp --dport 53 -j REDIRECT --to-ports 53
-A OUTPUT -j openclash_output
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_postrouting
-A netease_cloud_music -d 0.0.0.0/8 -j RETURN
-A netease_cloud_music -d 10.0.0.0/8 -j RETURN
-A netease_cloud_music -d 127.0.0.0/8 -j RETURN
-A netease_cloud_music -d 169.254.0.0/16 -j RETURN
-A netease_cloud_music -d 172.16.0.0/12 -j RETURN
-A netease_cloud_music -d 192.168.0.0/16 -j RETURN
-A netease_cloud_music -d 224.0.0.0/4 -j RETURN
-A netease_cloud_music -d 240.0.0.0/4 -j RETURN
-A netease_cloud_music -p tcp -m set ! --match-set acl_neteasemusic_http src -m tcp --dport 80 -j REDIRECT --to-ports 5200
-A netease_cloud_music -p tcp -m set ! --match-set acl_neteasemusic_https src -m tcp --dport 443 -j REDIRECT --to-ports 5201
-A openclash -p tcp -m tcp --sport 9090 -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -p tcp -j REDIRECT --to-ports 7892
-A openclash_output -p tcp -m tcp --sport 9090 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -d 198.18.0.0/16 -p tcp -m owner ! --uid-owner 65534 -j REDIRECT --to-ports 7892
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -j REDIRECT --to-ports 7892
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -m comment --comment "!fw3" -j FULLCONENAT
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
-A zone_wan_prerouting -m comment --comment "!fw3" -j FULLCONENAT
-A zone_wan_prerouting -j MINIUPNPD
-A zone_wan_prerouting -j MINIUPNPD
COMMIT
# Completed on Fri Oct 15 03:59:10 2021

#IPv4 Mangle chain

# Generated by iptables-save v1.8.7 on Fri Oct 15 03:59:10 2021
*mangle
:PREROUTING ACCEPT [982:129985]
:INPUT ACCEPT [941:116727]
:FORWARD ACCEPT [38:13162]
:OUTPUT ACCEPT [1007:684957]
:POSTROUTING ACCEPT [1044:698079]
:openclash - [0:0]
:openclash_dns_hijack - [0:0]
:openclash_output - [0:0]
-A PREROUTING -p udp -j openclash
-A PREROUTING -p tcp -m tcp --dport 53 -j openclash_dns_hijack
-A FORWARD -o pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A OUTPUT -j openclash_output
-A openclash -p udp -m udp --sport 500 -j RETURN
-A openclash -p udp -m udp --sport 68 -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -j MARK --set-xmark 0x162/0xffffffff
-A openclash_dns_hijack -d 8.8.8.8/32 -m comment --comment "OpenClash Google DNS Hijack" -j MARK --set-xmark 0x162/0xffffffff
-A openclash_dns_hijack -d 8.8.4.4/32 -m comment --comment "OpenClash Google DNS Hijack" -j MARK --set-xmark 0x162/0xffffffff
-A openclash_output -p udp -m udp --sport 500 -j RETURN
-A openclash_output -p udp -m udp --sport 68 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -d 198.18.0.0/16 -p udp -m owner ! --uid-owner 65534 -j MARK --set-xmark 0x162/0xffffffff
COMMIT
# Completed on Fri Oct 15 03:59:10 2021

#IPv6 NAT chain

# Generated by ip6tables-save v1.8.7 on Fri Oct 15 03:59:10 2021
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [12:959]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -d 2001:4860:4860::8844/128 -p tcp -m comment --comment "OpenClash Google DNS Hijack" -m tcp --dport 53 -j ACCEPT
-A PREROUTING -d 2001:4860:4860::8888/128 -p tcp -m comment --comment "OpenClash Google DNS Hijack" -m tcp --dport 53 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 53 -m comment --comment "DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -p udp -m udp --dport 53 -m comment --comment "DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -p udp -m comment --comment DNSMASQ -m udp --dport 53 -j REDIRECT --to-ports 53
COMMIT
# Completed on Fri Oct 15 03:59:10 2021

#IPv6 Mangle chain

# Generated by ip6tables-save v1.8.7 on Fri Oct 15 03:59:10 2021
*mangle
:PREROUTING ACCEPT [47:3935]
:INPUT ACCEPT [41:3373]
:FORWARD ACCEPT [6:522]
:OUTPUT ACCEPT [124:44397]
:POSTROUTING ACCEPT [130:44919]
:openclash - [0:0]
:openclash_output - [0:0]
-A PREROUTING -j openclash
-A FORWARD -o pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A OUTPUT -j openclash_output
-A openclash -p tcp -m tcp --sport 9090 -j RETURN
-A openclash -p udp -m udp --sport 500 -j RETURN
-A openclash -s fc00::/6 -p udp -m udp --sport 546 -j RETURN
-A openclash -p tcp -m tcp --dport 40271 -j RETURN
-A openclash -p tcp -m tcp --dport 40270 -j RETURN
-A openclash -p tcp -m tcp --dport 4027 -j RETURN
-A openclash -m set --match-set localnetwork6 dst -j RETURN
-A openclash -m set --match-set china_ip6_route dst -j RETURN
-A openclash -p tcp -m comment --comment OpenClash -j TPROXY --on-port 7895 --on-ip :: --tproxy-mark 0x162/0xffffffff
-A openclash -p udp -m comment --comment OpenClash -j TPROXY --on-port 7895 --on-ip :: --tproxy-mark 0x162/0xffffffff
-A openclash_output -p tcp -m tcp --sport 9090 -j RETURN
-A openclash_output -p udp -m udp --sport 500 -j RETURN
-A openclash_output -p udp -m udp --sport 546 -j RETURN
-A openclash_output -m set --match-set localnetwork6 dst -j RETURN
-A openclash_output -m owner ! --uid-owner 65534 -m set --match-set china_ip6_route dst -j RETURN
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -j MARK --set-xmark 0x162/0xffffffff
-A openclash_output -p udp -m owner ! --uid-owner 65534 -j MARK --set-xmark 0x162/0xffffffff
COMMIT
# Completed on Fri Oct 15 03:59:10 2021

#===================== IPSET状态 =====================#

Name: china_ip_route
Name: localnetwork
Name: china_ip6_route
Name: localnetwork6
Name: acl_neteasemusic_http
Name: acl_neteasemusic_https
Name: neteasemusic

#===================== 路由表状态 =====================#

#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         183.157.8.1     0.0.0.0         UG    0      0        0 pppoe-wan
183.157.8.1     0.0.0.0         255.255.255.255 UH    0      0        0 pppoe-wan
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 br-lan
198.18.0.0      0.0.0.0         255.255.0.0     U     0      0        0 utun
#ip route list
default via 183.157.8.1 dev pppoe-wan proto static 
183.157.8.1 dev pppoe-wan proto kernel scope link src 183.157.9.12 
192.168.2.0/24 dev br-lan proto kernel scope link src 192.168.2.1 
198.18.0.0/16 dev utun proto kernel scope link src 198.18.0.1 
#ip rule show
0:  from all lookup local
32765:  from all fwmark 0x162 lookup 354
32766:  from all lookup main
32767:  from all lookup default

#===================== Tun设备状态 =====================#

utun: tun

#===================== 端口占用状态 =====================#

tcp        0      0 198.18.0.1:7777         0.0.0.0:*               LISTEN      5767/clash
tcp        0      0 :::7890                 :::*                    LISTEN      5767/clash
tcp        0      0 :::7891                 :::*                    LISTEN      5767/clash
tcp        0      0 :::7892                 :::*                    LISTEN      5767/clash
tcp        0      0 :::7893                 :::*                    LISTEN      5767/clash
tcp        0      0 :::7895                 :::*                    LISTEN      5767/clash
tcp        0      0 :::9090                 :::*                    LISTEN      5767/clash
udp        0      0 198.18.0.1:7777         0.0.0.0:*                           5767/clash
udp        0      0 :::7874                 :::*                                5767/clash
udp        0      0 :::7891                 :::*                                5767/clash
udp        0      0 :::7892                 :::*                                5767/clash
udp        0      0 :::7893                 :::*                                5767/clash
udp        0      0 :::7895                 :::*                                5767/clash

#===================== 测试本机DNS查询 =====================#

;; connection timed out; no servers could be reached

#===================== resolv.conf.auto =====================#

# Interface wan
nameserver 202.101.172.35
nameserver 202.101.172.47
# Interface wan_6
nameserver 240e:1c:200::1
nameserver 240e:1c:200::2

#===================== resolv.conf.d =====================#

# Interface wan
nameserver 202.101.172.35
nameserver 202.101.172.47
# Interface wan_6
nameserver 240e:1c:200::1
nameserver 240e:1c:200::2

#===================== 测试本机网络连接 =====================#

#===================== 测试本机网络下载 =====================#

#===================== 最近运行日志 =====================#

2021-10-15 03:58:24 OpenClash Stoping...
2021-10-15 03:58:24 Step 1: Backup The Current Groups State...
2021-10-15 03:58:24 Step 2: Delete OpenClash Firewall Rules...
2021-10-15 03:58:24 Step 3: Close The OpenClash Daemons...
2021-10-15 03:58:24 Step 4: Close The Clash Core Process...
2021-10-15 03:58:24 Step 5: Restart Dnsmasq...
2021-10-15 03:58:25 Step 6: Delete OpenClash Residue File...
2021-10-15 03:58:25 OpenClash Start Running...
2021-10-15 03:58:25 Step 1: Get The Configuration...
2021-10-15 03:58:25 Step 2: Check The Components...
2021-10-15 03:58:25 Step 3: Modify The Config File...
2021-10-15 03:58:27 Setting Fake IP Filter...
2021-10-15 03:58:37 Step 4: Start Running The Clash Core...
2021-10-15 03:58:37 Tip: Detected The Exclusive Function of The TUN Core, Use TUN Core to Start...
2021-10-15 03:58:37 Step 5: Check The Core Status...
time="2021-10-14T19:58:37Z" level=info msg="Start initial provider DogCloud-流媒体"
time="2021-10-14T19:58:37Z" level=info msg="Start initial provider DogCloud-其它"
time="2021-10-14T19:58:37Z" level=info msg="Start initial compatible provider Adblock"
time="2021-10-14T19:58:37Z" level=info msg="Start initial compatible provider DirectLink"
time="2021-10-14T19:58:37Z" level=info msg="Start initial compatible provider Final"
time="2021-10-14T19:58:37Z" level=info msg="Start initial compatible provider Microsoft"
time="2021-10-14T19:58:37Z" level=info msg="Start initial compatible provider GlobalMedia"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider 国外流媒体合集"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider Speedtest"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider 广告规则"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider 反劫持规则"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider 隐私规则合集"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider 微软服务"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider 国内域名白名单"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider 国内IP白名单"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider 审计规则(建议直连)"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider 国内流媒体国际版合集"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider Netflix"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider TikTok"
time="2021-10-14T19:58:37Z" level=info msg="Start initial rule provider 国外常用网站合集"
time="2021-10-14T19:58:37Z" level=info msg="DNS server listening at: 0.0.0.0:7874"
2021-10-15 03:58:40 Step 6: Wait For The File Downloading...
2021-10-15 03:58:41 Step 7: Set Control Panel...
2021-10-15 03:58:41 Step 8: Set Firewall Rules...
2021-10-15 03:58:42 Step 9: Restart Dnsmasq...
2021-10-15 03:58:42 Step 10: Add Cron Rules, Start Daemons...
siren202101 commented 3 years ago

我启动都启动不了 ,点启动后直接卡在 image 前几天编译的固件是启动了,但7874端口不能监听

msylgj commented 3 years ago

问题原因找到了, fakeip模式下启动的时候会通过ln- s生成一个/tmp/dnsmasq.d/dnsmasq_openclash.conf 但是dnsmasq启动的时候提示'cannot access /tmp/dnsmasq.d/dnsmasq_openclash.conf: No such file or directory '导致启动失败. 如果修改成cp过去而不是ln 就正常了...dnsmasq用的是immoral master分支的2.86

@vernesong v大可以当作参考.

vernesong commented 3 years ago