在tun模式下无法正常访问网络

[Zyilin98]

已经重刷了好几次固件了 也换了别的设备运行openwrt 症状是在tun模式下 system协议栈中就会出现 无法访问任何网站 ping延迟小于1ms nalookup正常解析 curl也能获取正确的网站信息 fake-IP redirect-host两种模式下均有此情况 将协议栈改为gvisor或者兼容模式运行 则不会出现上方情况 但是ip.skk.moe的IP测试结果中 从国内查询为我本地的ipv4地址 从国外查询为我的ipv6地址 不会出现节点的ip地址 同时任何网站正常访问 没有其他问题

下面是运行在 redirect-host模式下tun协议栈为system生成的调试日志 OpenClash 调试日志

生成时间: 2022-02-07 17:24:41 插件版本: v0.44.09-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息

#===================== 系统信息 =====================#

主机型号: Intel(R) Atom(TM) CPU D2550 @ 1.86GHz : 2 Core 4 Thread
固件版本: ImmortalWrt 21.02-SNAPSHOT r19140-6cf222540e
LuCI版本: git-22.021.28369-918a02b
内核版本: 5.4.171
处理器架构: x86_64

#此项有值时,如不使用IPv6,建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: hybrid

#此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.0.1#7874

#===================== 依赖检查 =====================#

dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
iptables-mod-tproxy: 已安装
kmod-ipt-tproxy: 已安装
iptables-mod-extra: 已安装
kmod-ipt-extra: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
ruby-psych: 已安装
ruby-pstore: 已安装
ruby-dbm: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci-19.07): 已安装

#===================== 内核检查 =====================#

运行状态: 运行中
进程pid: 12119
运行权限: 12119: cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_resource=eip
运行用户: nobody
已选择的架构: linux-amd64

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 2022.01.27
Tun内核文件: 存在
Tun内核运行权限: 正常

Dev内核版本: v1.9.0-7-gb1a639f
Dev内核文件: 存在
Dev内核运行权限: 正常

#===================== 插件设置 =====================#

当前配置文件: /etc/openclash/config/amy.yaml
启动配置文件: /etc/openclash/amy.yaml
运行模式: redir-host-tun
默认代理模式: rule
UDP流量转发(tproxy): 停用
DNS劫持: 启用
自定义DNS: 停用
IPV6代理: 停用
IPV6-DNS解析: 启用
禁用Dnsmasq缓存: 启用
自定义规则: 停用
仅允许内网: 启用
仅代理命中规则流量: 停用
仅允许常用端口流量: 停用
绕过中国大陆IP: 停用
DNS远程解析: 启用

#启动异常时建议关闭此项后重试
混合节点: 停用
保留配置: 停用

#启动异常时建议关闭此项后重试
第三方规则: 停用

#===================== 配置文件 =====================#

port: 7890
socks-port: 7891
redir-port: 7892
mixed-port: 7893
allow-lan: true
mode: rule
log-level: silent
ipv6: false
hosts:
  services.googleapis.cn: 216.58.200.67
  www.google.cn: 216.58.200.67
external-controller: 192.168.1.1:9090
clash-for-android:
  append-system-dns: false
profile:
  tracing: true
  store-selected: true
  store-fake-ip: true
dns:
  enable: true
  listen: 0.0.0.0:7874
  default-nameserver:
  - 223.5.5.5
  - 1.0.0.1
  - 10.0.0.1
  - "[fe80::1]:53"
  - 114.114.114.114
  - 119.29.29.29
  ipv6: true
  enhanced-mode: fake-ip
  fake-ip-filter:
  - "*.lan"
  - stun.*.*.*
  - stun.*.*
  - time.windows.com
  - time.nist.gov
  - time.apple.com
  - time.asia.apple.com
  - "*.ntp.org.cn"
  - "*.openwrt.pool.ntp.org"
  - time1.cloud.tencent.com
  - time.ustc.edu.cn
  - pool.ntp.org
  - ntp.ubuntu.com
  - ntp.aliyun.com
  - ntp1.aliyun.com
  - ntp2.aliyun.com
  - ntp3.aliyun.com
  - ntp4.aliyun.com
  - ntp5.aliyun.com
  - ntp6.aliyun.com
  - ntp7.aliyun.com
  - time1.aliyun.com
  - time2.aliyun.com
  - time3.aliyun.com
  - time4.aliyun.com
  - time5.aliyun.com
  - time6.aliyun.com
  - time7.aliyun.com
  - "*.time.edu.cn"
  - time1.apple.com
  - time2.apple.com
  - time3.apple.com
  - time4.apple.com
  - time5.apple.com
  - time6.apple.com
  - time7.apple.com
  - time1.google.com
  - time2.google.com
  - time3.google.com
  - time4.google.com
  - music.163.com
  - "*.music.163.com"
  - "*.126.net"
  - musicapi.taihe.com
  - music.taihe.com
  - songsearch.kugou.com
  - trackercdn.kugou.com
  - "*.kuwo.cn"
  - api-jooxtt.sanook.com
  - api.joox.com
  - joox.com
  - y.qq.com
  - "*.y.qq.com"
  - streamoc.music.tc.qq.com
  - mobileoc.music.tc.qq.com
  - isure.stream.qqmusic.qq.com
  - dl.stream.qqmusic.qq.com
  - aqqmusic.tc.qq.com
  - amobile.music.tc.qq.com
  - "*.xiami.com"
  - "*.music.migu.cn"
  - music.migu.cn
  - "*.msftconnecttest.com"
  - "*.msftncsi.com"
  - localhost.ptlogin2.qq.com
  - "*.*.*.srv.nintendo.net"
  - "*.*.stun.playstation.net"
  - xbox.*.*.microsoft.com
  - "*.ipv6.microsoft.com"
  - "*.*.xboxlive.com"
  - speedtest.cros.wr.pvp.net
  - "+.*"
  nameserver:
  - 10.0.0.1
  - "[fe80::1]:53"
  - dhcp://"eth1"
  - 114.114.114.114
  - 119.29.29.29
  - https://doh.pub/dns-query
  - https://dns.alidns.com/dns-query
  fallback:
  - https://dns.rubyfish.cn/dns-query
  - https://public.dns.iij.jp/dns-query
  - tls://8.8.4.4
  fallback-filter:
    geoip: true
    ipcidr:
    - 240.0.0.0/4
    - 0.0.0.0/32
    - 127.0.0.1/32
    domain:
    - "+.google.com"
    - "+.facebook.com"
    - "+.twitter.com"
    - "+.youtube.com"
    - "+.xn--ngstr-lra8j.com"
    - "+.google.cn"
    - "+.googleapis.cn"
    - "+.googleapis.com"
    - "+.gvt1.com"
  fake-ip-range: 198.18.0.1/16
tproxy-port: 7895
bind-address: 192.168.1.1
external-ui: "/usr/share/openclash/dashboard"
tun:
  enable: true
  stack: system
  dns-hijack:
  - tcp://8.8.8.8:53
  - tcp://8.8.4.4:53

#===================== 防火墙设置 =====================#

#IPv4 NAT chain

# Generated by iptables-save v1.8.7 on Mon Feb  7 17:24:44 2022
*nat
:PREROUTING ACCEPT [4410:2792507]
:INPUT ACCEPT [734:46481]
:OUTPUT ACCEPT [2355:152084]
:POSTROUTING ACCEPT [2525:127759]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:openclash_post - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -d 8.8.4.4/32 -p tcp -m comment --comment "OpenClash Google DNS Hijack" -m tcp --dport 53 -j ACCEPT
-A PREROUTING -d 8.8.8.8/32 -p tcp -m comment --comment "OpenClash Google DNS Hijack" -m tcp --dport 53 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 53 -m comment --comment "DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -p udp -m udp --dport 53 -m comment --comment "DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i eth1 -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -p udp -m comment --comment DNSMASQ -m udp --dport 53 -j REDIRECT --to-ports 53
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o eth1 -m comment --comment "!fw3" -j zone_wan_postrouting
-A POSTROUTING -j openclash_post
-A openclash_post -d 127.0.0.1/32 -i lo -m owner ! --uid-owner 65534 -j SNAT --to-source 192.168.1.1
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -m comment --comment "!fw3" -j MASQUERADE
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
-A zone_wan_prerouting -j MINIUPNPD
-A zone_wan_prerouting -j MINIUPNPD
COMMIT
# Completed on Mon Feb  7 17:24:44 2022

#IPv4 Mangle chain

# Generated by iptables-save v1.8.7 on Mon Feb  7 17:24:44 2022
*mangle
:PREROUTING ACCEPT [41237:14369651]
:INPUT ACCEPT [30255:7481306]
:FORWARD ACCEPT [9107:1269972]
:OUTPUT ACCEPT [34150:15436858]
:POSTROUTING ACCEPT [39341:16449324]
:openclash - [0:0]
:openclash_dns_hijack - [0:0]
:openclash_output - [0:0]
-A PREROUTING -j openclash
-A FORWARD -o eth1 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i eth1 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A OUTPUT -j openclash_output
-A openclash -p udp -m udp --sport 500 -j RETURN
-A openclash -p udp -m udp --sport 68 -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -j MARK --set-xmark 0x162/0xffffffff
-A openclash_output -p udp -m udp --sport 500 -j RETURN
-A openclash_output -p udp -m udp --sport 68 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -j MARK --set-xmark 0x162/0xffffffff
COMMIT
# Completed on Mon Feb  7 17:24:44 2022

#IPv6 NAT chain

# Generated by ip6tables-save v1.8.7 on Mon Feb  7 17:24:44 2022
*nat
:PREROUTING ACCEPT [352:104585]
:INPUT ACCEPT [200:17797]
:OUTPUT ACCEPT [22:2058]
:POSTROUTING ACCEPT [109:10734]
-A PREROUTING -p udp -m comment --comment DNSMASQ -m udp --dport 53 -j REDIRECT --to-ports 53
COMMIT
# Completed on Mon Feb  7 17:24:44 2022

#IPv6 Mangle chain

# Generated by ip6tables-save v1.8.7 on Mon Feb  7 17:24:44 2022
*mangle
:PREROUTING ACCEPT [4332:588928]
:INPUT ACCEPT [2934:376562]
:FORWARD ACCEPT [1251:201450]
:OUTPUT ACCEPT [1167:141732]
:POSTROUTING ACCEPT [2387:343163]
-A FORWARD -o eth1 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i eth1 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
COMMIT
# Completed on Mon Feb  7 17:24:44 2022

#===================== IPSET状态 =====================#

Name: music
Name: china_ip_route
Name: localnetwork

#===================== 路由表状态 =====================#

#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.0.1        0.0.0.0         UG    0      0        0 eth1
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 br-lan
198.18.0.0      0.0.0.0         255.255.0.0     U     0      0        0 utun
#ip route list
default via 10.0.0.1 dev eth1 proto static src 10.0.0.2 
10.0.0.0/24 dev eth1 proto kernel scope link src 10.0.0.2 
192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1 
198.18.0.0/16 dev utun proto kernel scope link src 198.18.0.1 
#ip rule show
0:  from all lookup local
32765:  from all fwmark 0x162 lookup 354
32766:  from all lookup main
32767:  from all lookup default

#===================== Tun设备状态 =====================#

utun: tun

#===================== 端口占用状态 =====================#

tcp        0      0 192.168.1.1:7890        0.0.0.0:*               LISTEN      12119/clash
tcp        0      0 192.168.1.1:7891        0.0.0.0:*               LISTEN      12119/clash
tcp        0      0 192.168.1.1:7892        0.0.0.0:*               LISTEN      12119/clash
tcp        0      0 192.168.1.1:7893        0.0.0.0:*               LISTEN      12119/clash
tcp        0      0 192.168.1.1:7895        0.0.0.0:*               LISTEN      12119/clash
tcp        0      0 198.18.0.1:7777         0.0.0.0:*               LISTEN      12119/clash
tcp        0      0 192.168.1.1:9090        0.0.0.0:*               LISTEN      12119/clash
udp        0      0 198.18.0.1:7777         0.0.0.0:*                           12119/clash
udp        0      0 192.168.1.1:7891        0.0.0.0:*                           12119/clash
udp        0      0 192.168.1.1:7892        0.0.0.0:*                           12119/clash
udp        0      0 192.168.1.1:7893        0.0.0.0:*                           12119/clash
udp        0      0 192.168.1.1:7895        0.0.0.0:*                           12119/clash
udp        0      0 :::41091                :::*                                12119/clash
udp        0      0 :::53400                :::*                                12119/clash
udp        0      0 :::51417                :::*                                12119/clash
udp        0      0 :::7874                 :::*                                12119/clash
udp        0      0 :::40794                :::*                                12119/clash
udp        0      0 :::43935                :::*                                12119/clash

#===================== 测试本机DNS查询 =====================#

Server:     127.0.0.1
Address:    127.0.0.1#53

Name:      www.baidu.com
www.baidu.com   canonical name = www.a.shifen.com
Name:      www.a.shifen.com
Address 1: 110.242.68.4
Address 2: 110.242.68.3
www.baidu.com   canonical name = www.a.shifen.com
www.a.shifen.com    canonical name = www.wshifen.com

#===================== resolv.conf.auto =====================#

# Interface wan
nameserver 10.0.0.1
# Interface wan6
nameserver fe80::1%eth1

#===================== resolv.conf.d =====================#

# Interface wan
nameserver 10.0.0.1
# Interface wan6
nameserver fe80::1%eth1

#===================== 测试本机网络连接 =====================#

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Mon, 07 Feb 2022 09:24:45 GMT
Etag: "575e1f59-115"
Last-Modified: Mon, 13 Jun 2016 02:50:01 GMT
Pragma: no-cache
Server: bfe/1.0.8.18

#===================== 测试本机网络下载 =====================#

HTTP/2 200 
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: "e7c45e69dc43ff82ad5d9737a8236bcb2a366c4941b2a4e072cc810cafce3c9a"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: A00C:4629:CB6707:FF7208:61FCFDD3
accept-ranges: bytes
date: Mon, 07 Feb 2022 09:24:46 GMT
via: 1.1 varnish
x-served-by: cache-hnd18725-HND
x-cache: HIT
x-cache-hits: 1
x-timer: S1644225887.855842,VS0,VE1
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
x-fastly-request-id: 71699f258e136351c9f18a2520d7815e79474659
expires: Mon, 07 Feb 2022 09:29:46 GMT
source-age: 119
content-length: 80

#===================== 最近运行日志 =====================#

time="2022-02-07T09:22:03Z" level=info msg="[TCP] 192.168.1.225:60900 --> disc801.prod.do.dsp.mp.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:22:06Z" level=info msg="[TCP] 192.168.1.225:61148 --> login.windows.net:443 match DomainSuffix(windows.net) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:22:20Z" level=info msg="[TCP] 192.168.1.225:61173 --> functional.events.data.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:22:21Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 112.47.174.143:7680 error: dial tcp4 112.47.174.143:7680: i/o timeout"
time="2022-02-07T09:22:29Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 1.192.168.205:7680 error: dial tcp4 1.192.168.205:7680: connect: connection refused"
time="2022-02-07T09:22:30Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 39.144.24.31:7680 error: dial tcp4 39.144.24.31:7680: i/o timeout"
time="2022-02-07T09:22:34Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 112.49.243.30:7680 error: dial tcp4 112.49.243.30:7680: i/o timeout"
time="2022-02-07T09:22:45Z" level=info msg="[UDP] 192.168.1.225:62876 --> rs-ny.rustdesk.com:21116 match Match() using Final[🇭🇰 香港 01]"
time="2022-02-07T09:22:45Z" level=info msg="[TCP] 192.168.1.225:61214 --> disc801.prod.do.dsp.mp.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:22:50Z" level=info msg="[TCP] 192.168.1.225:61224 --> disc801.prod.do.dsp.mp.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:22:54Z" level=info msg="[TCP] 192.168.1.225:61231 --> disc801.prod.do.dsp.mp.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:23:01Z" level=info msg="[UDP] 192.168.1.225:58727 --> rs-sg.rustdesk.com:21116 match Match() using Final[🇭🇰 香港 01]"
time="2022-02-07T09:23:01Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 112.19.31.208:7680 error: dial tcp4 112.19.31.208:7680: i/o timeout"
time="2022-02-07T09:23:03Z" level=info msg="[TCP] 192.168.1.225:61244 --> array802.prod.do.dsp.mp.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:23:08Z" level=info msg="[TCP] 192.168.1.225:61249 --> disc801.prod.do.dsp.mp.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:23:09Z" level=info msg="[TCP] 192.168.1.225:61220 --> 47.240.3.72:7680 match Match() using Final[🇭🇰 香港 01]"
time="2022-02-07T09:23:09Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 114.82.88.184:7680 error: dial tcp4 114.82.88.184:7680: connect: connection refused"
time="2022-02-07T09:23:10Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 123.127.131.225:7680 error: dial tcp4 123.127.131.225:7680: i/o timeout"
time="2022-02-07T09:23:12Z" level=info msg="[TCP] 192.168.1.225:61256 --> disc801.prod.do.dsp.mp.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:23:17Z" level=info msg="[TCP] 192.168.1.225:61264 --> kv601.prod.do.dsp.mp.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:23:26Z" level=info msg="[TCP] 192.168.1.225:61276 --> login.windows.net:443 match DomainSuffix(windows.net) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:23:27Z" level=info msg="[TCP] 192.168.1.225:61279 --> dm2305.storage.live.com:443 match DomainSuffix(live.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:23:27Z" level=info msg="[TCP] 192.168.1.225:61282 --> onedriveclucprodbn20022.blob.core.windows.net:443 match DomainSuffix(windows.net) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:23:41Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 106.114.202.56:7680 error: dial tcp4 106.114.202.56:7680: i/o timeout"
time="2022-02-07T09:23:47Z" level=info msg="[UDP] 192.168.1.225:61714 --> rs-ny.rustdesk.com:21116 match Match() using Final[🇭🇰 香港 01]"
time="2022-02-07T09:23:49Z" level=info msg="[TCP] 192.168.1.225:61283 --> 183.178.243.90:7680 match Match() using Final[🇭🇰 香港 01]"
time="2022-02-07T09:23:50Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 49.87.191.211:7680 error: dial tcp4 49.87.191.211:7680: i/o timeout"
time="2022-02-07T09:23:52Z" level=info msg="[TCP] 192.168.1.225:49468 --> client.wns.windows.com:443 match DomainSuffix(windows.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:23:54Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 117.85.122.113:7680 error: dial tcp4 117.85.122.113:7680: i/o timeout"
time="2022-02-07T09:24:00Z" level=info msg="[UDP] 192.168.1.225:59472 --> rs-sg.rustdesk.com:21116 match Match() using Final[🇭🇰 香港 01]"
time="2022-02-07T09:24:08Z" level=info msg="[TCP] 192.168.1.225:61342 --> 203.175.12.50:7680 match Match() using Final[🇭🇰 香港 01]"
time="2022-02-07T09:24:10Z" level=info msg="[TCP] 192.168.1.225:61346 --> functional.events.data.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:12Z" level=info msg="[TCP] 192.168.1.225:61349 --> nav.smartscreen.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:13Z" level=info msg="[TCP] 192.168.1.225:49469 --> client.wns.windows.com:443 match DomainSuffix(windows.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:13Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 36.32.197.18:7680 error: dial tcp4 36.32.197.18:7680: i/o timeout"
time="2022-02-07T09:24:14Z" level=info msg="[TCP] 192.168.1.225:61352 --> functional.events.data.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:19Z" level=info msg="[TCP] 192.168.1.225:61363 --> nav.smartscreen.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:21Z" level=info msg="[TCP] 192.168.1.225:61368 --> functional.events.data.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:21Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 111.41.247.231:7680 error: dial tcp4 111.41.247.231:7680: i/o timeout"
time="2022-02-07T09:24:22Z" level=info msg="[TCP] 192.168.1.225:61371 --> nav.smartscreen.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:24Z" level=info msg="[TCP] 192.168.1.225:61376 --> functional.events.data.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:26Z" level=info msg="[TCP] 192.168.1.225:61379 --> nav.smartscreen.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:27Z" level=info msg="[TCP] 192.168.1.225:61382 --> disc801.prod.do.dsp.mp.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:30Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 27.205.185.122:7680 error: dial tcp4 27.205.185.122:7680: i/o timeout"
time="2022-02-07T09:24:35Z" level=warning msg="[TCP] dial China-Websites (match GeoIP/CN) to 117.176.187.197:7680 error: dial tcp4 117.176.187.197:7680: connect: connection refused"
time="2022-02-07T09:24:38Z" level=info msg="[TCP] 192.168.1.225:61401 --> disc801.prod.do.dsp.mp.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:40Z" level=info msg="[TCP] 10.0.0.2:38654 --> raw.githubusercontent.com:443 match DomainKeyword(github) using Final[🇭🇰 香港 01]"
time="2022-02-07T09:24:42Z" level=info msg="[TCP] 192.168.1.225:61408 --> disc801.prod.do.dsp.mp.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:45Z" level=info msg="[TCP] 192.168.1.225:61414 --> functional.events.data.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]"
time="2022-02-07T09:24:45Z" level=info msg="[TCP] 10.0.0.2:42608 --> www.baidu.com:80 match DomainSuffix(baidu.com) using China-Websites[DIRECT]"

#===================== 活动连接信息 =====================#

1. SourceIP:【192.168.1.225】 - Host:【onedriveclucprodbn20022.blob.core.windows.net】 - DestinationIP:【52.239.174.4】 - Network:【tcp】 - RulePayload:【windows.net】 - Lastchain:【🇭🇰 香港 01】
2. SourceIP:【192.168.1.225】 - Host:【disc801.prod.do.dsp.mp.microsoft.com】 - DestinationIP:【59.151.137.46】 - Network:【tcp】 - RulePayload:【microsoft.com】 - Lastchain:【🇭🇰 香港 01】
3. SourceIP:【192.168.1.225】 - Host:【login.windows.net】 - DestinationIP:【20.190.163.19】 - Network:【tcp】 - RulePayload:【windows.net】 - Lastchain:【🇭🇰 香港 01】
4. SourceIP:【192.168.1.225】 - Host:【events.gfe.nvidia.com】 - DestinationIP:【72.25.64.32】 - Network:【tcp】 - RulePayload:【nvidia.com】 - Lastchain:【DIRECT】
5. SourceIP:【192.168.1.225】 - Host:【nav.smartscreen.microsoft.com】 - DestinationIP:【20.212.97.243】 - Network:【tcp】 - RulePayload:【microsoft.com】 - Lastchain:【🇭🇰 香港 01】
6. SourceIP:【192.168.1.225】 - Host:【alive.github.com】 - DestinationIP:【140.82.113.26】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇭🇰 香港 01】
7. SourceIP:【192.168.1.225】 - Host:【Empty】 - DestinationIP:【124.70.161.173】 - Network:【udp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
8. SourceIP:【192.168.1.225】 - Host:【functional.events.data.microsoft.com】 - DestinationIP:【20.189.173.12】 - Network:【tcp】 - RulePayload:【microsoft.com】 - Lastchain:【🇭🇰 香港 01】
9. SourceIP:【192.168.1.225】 - Host:【functional.events.data.microsoft.com】 - DestinationIP:【20.189.173.12】 - Network:【tcp】 - RulePayload:【microsoft.com】 - Lastchain:【🇭🇰 香港 01】
10. SourceIP:【192.168.1.225】 - Host:【rs-ny.rustdesk.com】 - DestinationIP:【216.128.140.17】 - Network:【udp】 - RulePayload:【】 - Lastchain:【🇭🇰 香港 01】
11. SourceIP:【192.168.1.225】 - Host:【rs-sg.rustdesk.com】 - DestinationIP:【45.76.181.120】 - Network:【udp】 - RulePayload:【】 - Lastchain:【🇭🇰 香港 01】
12. SourceIP:【192.168.1.225】 - Host:【functional.events.data.microsoft.com】 - DestinationIP:【20.189.173.12】 - Network:【tcp】 - RulePayload:【microsoft.com】 - Lastchain:【🇭🇰 香港 01】
13. SourceIP:【192.168.1.225】 - Host:【rs-ny.rustdesk.com】 - DestinationIP:【216.128.140.17】 - Network:【udp】 - RulePayload:【】 - Lastchain:【🇭🇰 香港 01】
14. SourceIP:【192.168.1.225】 - Host:【proxy.gamestream.nvidia.com】 - DestinationIP:【54.149.81.31】 - Network:【tcp】 - RulePayload:【nvidia.com】 - Lastchain:【DIRECT】
15. SourceIP:【192.168.1.225】 - Host:【events.gfe.nvidia.com】 - DestinationIP:【72.25.64.32】 - Network:【tcp】 - RulePayload:【nvidia.com】 - Lastchain:【DIRECT】
16. SourceIP:【192.168.1.225】 - Host:【rs-sg.rustdesk.com】 - DestinationIP:【45.76.181.120】 - Network:【udp】 - RulePayload:【】 - Lastchain:【🇭🇰 香港 01】
17. SourceIP:【192.168.1.225】 - Host:【nav.smartscreen.microsoft.com】 - DestinationIP:【20.212.97.243】 - Network:【tcp】 - RulePayload:【microsoft.com】 - Lastchain:【🇭🇰 香港 01】
18. SourceIP:【192.168.1.225】 - Host:【skydrive.wns.windows.com】 - DestinationIP:【40.119.211.203】 - Network:【tcp】 - RulePayload:【windows.com】 - Lastchain:【🇭🇰 香港 01】

求大神解救是哪里的问题

[Pacio]

换v0.44.16，模式就用推荐的fakeip增强+策略

[Zyilin98]

换v0.44.16，模式就用推荐的fakeip增强+策略

换了0.44.16一样有这问题 用tun模式是因为有udp代理需求 不用fakeip是因为有部分应用有兼容问题 虽然fake-ip用着超级爽

[vernesong]

gvisor和system的插件设置都是一样的，可能是内核的问题，待观察

[Zyilin98]

贴一下debug的日志 运行在fake-ip下 tun协议栈为systeam 仍有之前的问题

2022-02-08 11:29:12 level=info msg="[TCP] 192.168.1.225:53072 --> 20.42.65.85:443 match Match() using Final[🇭🇰 香港 01]" 2022-02-08 11:29:11 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:29:04 level=info msg="[TCP] 192.168.1.225:53071 --> inference.location.live.net:443 match DomainSuffix(live.net) using 🖥 Microsoft[🇭🇰 香港 01]" 2022-02-08 11:29:04 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:29:04 level=debug msg="[DNS] inference.location.live.net --> 13.76.219.184" 2022-02-08 11:29:01 level=info msg="[TCP] 192.168.1.225:53069 --> settings-win.data.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 香港 01]" 2022-02-08 11:29:01 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:29:01 level=debug msg="[DNS] settings-win.data.microsoft.com --> 40.74.108.123" 2022-02-08 11:28:52 level=info msg="[TCP] 192.168.1.225:53068 --> deff.nelreports.net:443 match Match() using Final[🇭🇰 香港 01]" 2022-02-08 11:28:52 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:52 level=debug msg="[DNS] deff.nelreports.net --> 23.218.94.74" 2022-02-08 11:28:51 level=info msg="[UDP] 192.168.1.225:56151 --> rs-ny.rustdesk.com:21116 match Match() using Final[🇭🇰 香港 01]" 2022-02-08 11:28:51 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:51 level=info msg="[UDP] 192.168.1.225:56150 --> rs-sg.rustdesk.com:21116 match Match() using Final[🇭🇰 香港 01]" 2022-02-08 11:28:51 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:51 level=debug msg="[DNS] rs-ny.rustdesk.com --> 216.128.140.17" 2022-02-08 11:28:51 level=debug msg="[DNS] rs-sg.rustdesk.com --> 45.76.181.120" 2022-02-08 11:28:38 level=info msg="[TCP] 192.168.1.225:53067 --> APAC05.azure-devices.net:443 match Match() using Final[🇭🇰 香港 01]" 2022-02-08 11:28:37 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:37 level=debug msg="[DNS] APAC05.azure-devices.net --> 20.43.70.166" 2022-02-08 11:28:31 level=info msg="[TCP] 192.168.1.225:53066 --> assets.msn.cn:443 match DomainSuffix(cn) using China-Websites[DIRECT]" 2022-02-08 11:28:31 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:31 level=debug msg="[DNS] assets.msn.cn --> 218.58.102.48" 2022-02-08 11:28:30 level=info msg="[TCP] 192.168.1.225:53063 --> www.baidu.com:443 match DomainSuffix(baidu.com) using China-Websites[DIRECT]" 2022-02-08 11:28:30 level=info msg="[TCP] 192.168.1.225:53064 --> www.baidu.com:443 match DomainSuffix(baidu.com) using China-Websites[DIRECT]" 2022-02-08 11:28:30 level=info msg="[TCP] 192.168.1.225:53065 --> www.baidu.com:443 match DomainSuffix(baidu.com) using China-Websites[DIRECT]" 2022-02-08 11:28:30 level=info msg="[TCP] 192.168.1.225:53062 --> www.baidu.com:443 match DomainSuffix(baidu.com) using China-Websites[DIRECT]" 2022-02-08 11:28:30 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:30 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:30 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:30 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:30 level=debug msg="[DNS] www.baidu.com --> 110.242.68.3" 2022-02-08 11:28:30 level=debug msg="[DNS] www.baidu.com --> 110.242.68.3" 2022-02-08 11:28:30 level=debug msg="[DNS] www.baidu.com --> 110.242.68.4" 2022-02-08 11:28:30 level=debug msg="[DNS] www.baidu.com --> 110.242.68.3" 2022-02-08 11:28:25 level=info msg="[TCP] 192.168.1.225:53060 --> 20.42.65.85:443 match Match() using Final[🇭🇰 香港 01]" 2022-02-08 11:28:25 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:22 level=info msg="[TCP] 192.168.1.225:53058 --> www.msn.cn:443 match DomainSuffix(cn) using China-Websites[DIRECT]" 2022-02-08 11:28:22 level=info msg="[TCP] 192.168.1.225:53056 --> windows.msn.cn:443 match DomainSuffix(cn) using China-Websites[DIRECT]" 2022-02-08 11:28:22 level=info msg="[TCP] 192.168.1.225:53057 --> assets.msn.cn:443 match DomainSuffix(cn) using China-Websites[DIRECT]" 2022-02-08 11:28:22 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:22 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:22 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:22 level=debug msg="[DNS] www.msn.cn --> 202.89.233.96" 2022-02-08 11:28:22 level=debug msg="[DNS] assets.msn.cn --> 218.58.102.48" 2022-02-08 11:28:22 level=debug msg="[DNS] windows.msn.cn --> 202.89.233.96" 2022-02-08 11:28:08 level=info msg="[TCP] 192.168.1.225:53051 --> github.com:443 match DomainKeyword(github) using Final[🇭🇰 香港 01]" 2022-02-08 11:28:08 level=info msg="[TCP] 192.168.1.225:53050 --> github.com:443 match DomainKeyword(github) using Final[🇭🇰 香港 01]" 2022-02-08 11:28:08 level=info msg="[TCP] 192.168.1.225:53048 --> github.com:443 match DomainKeyword(github) using Final[🇭🇰 香港 01]" 2022-02-08 11:28:08 level=info msg="[TCP] 192.168.1.225:53047 --> github.com:443 match DomainKeyword(github) using Final[🇭🇰 香港 01]" 2022-02-08 11:28:08 level=info msg="[TCP] 192.168.1.225:53042 --> s1.music.126.net:443 match DomainSuffix(126.net) using China-Websites[DIRECT]" 2022-02-08 11:28:08 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:08 level=info msg="[TCP] 192.168.1.225:53041 --> api-ipv4.ip.sb:443 match Match() using Final[🇭🇰 香港 01]" 2022-02-08 11:28:08 level=info msg="[TCP] 192.168.1.225:53049 --> github.com:443 match DomainKeyword(github) using Final[🇭🇰 香港 01]" 2022-02-08 11:28:08 level=info msg="[TCP] 192.168.1.225:53046 --> s1.music.126.net:443 match DomainSuffix(126.net) using China-Websites[DIRECT]" 2022-02-08 11:28:08 level=info msg="[TCP] 192.168.1.225:53045 --> s1.music.126.net:443 match DomainSuffix(126.net) using China-Websites[DIRECT]" 2022-02-08 11:28:08 level=info msg="[TCP] 192.168.1.225:53043 --> s1.music.126.net:443 match DomainSuffix(126.net) using China-Websites[DIRECT]" 2022-02-08 11:28:08 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:08 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:08 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:08 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:08 level=info msg="[TCP] 192.168.1.225:53044 --> s1.music.126.net:443 match DomainSuffix(126.net) using China-Websites[DIRECT]" 2022-02-08 11:28:08 level=debug msg="[Rule] find process name Process error: protocol not supported" 2022-02-08 11:28:08 level=debug msg="[Rule] find process name Process error: protocol not supported"

将协议栈从system换成gvisor 上网等行为均正常 log中仍然有 [Rule] find process name Process error: protocol not supported的提示

[Zyilin98]

换了一下 2021.12.07-17-g89376cf 的tun内核 测试下来的情况和2022.1.27的内核情况是一样的 cfw下也是 fake-ip tun模式 22.1.27内核 也没有这个问题

[Zyilin98]

emmm 问题解决了 我为了排除固件问题就编译了好几个版本的固件 之后在测试的时候随手就刷了一个 测试的时候怀疑是设备问题 就用我自己的笔记本通过转接卡启动了一下固件 然后从订阅链接拉了最新的配置文件 发现就没有问题了 除了debug日志下仍有level=debug msg="[Rule] find process name Process error: protocol not supported"的提示之外没有任何问题