Closed huangfeng19820712 closed 2 years ago
找个新点的固件吧,插件版本也太老了
好的
是固件的原因吗?之前是能正常使用的,后面重启后才这样?换最新的openclash版本可以?
自从clash内核取消Redir-Host 远程解析这是这样了,一定要把dns里的dns远程解析的选项勾上(最新版本的openclash好像找不到这个选项了?),曾经有一段时间把旁路由模式勾上也可以,但之后再也不行了,只有把远程解析勾上,就能做到代理和网关的方式都能用,后面有meta内核,就改用meta内核,就不存在这些问题了,即不用勾旁路由,也不用勾远程解析。
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days
同样有这个问题,换了meta core也不行,可以请问怎么解决的么
Verify Steps
OpenClash Version
v0.45.22--beta
Bug on Environment
Official OpenWrt
Bug on Platform
Linux-armv8
To Reproduce
我就是把掉电源后,出现这种情况,openclass已经有重装过一次,也还是这样,是不是防火墙配置有问题?
Describe the Bug
能正常运行,通过浏览器配置代理端口的方式能正常使用,但是通过修改PC的网关与dns为旁路由地址,怎无法访问,是都不能访问。
OpenClash Log
OpenClash 调试日志
生成时间: 2022-06-01 09:42:30 插件版本: v0.38.7-beta
===================== 系统信息 =====================
主机型号: Phicomm N1 固件版本: LuCI版本: git-19.338.43082-9e87e69-1 内核版本: 5.4.13-amlogic-flippy-22+ 处理器架构: aarch64_generic
此项在使用Tun模式时应为ACCEPT
防火墙转发: ACCEPT
此项有值时建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP:
此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置:
===================== 依赖检查 =====================
dnsmasq-full: 已安装 coreutils: 已安装 coreutils-nohup: 已安装 bash: 已安装 curl: 已安装 jsonfilter: 已安装 ca-certificates: 已安装 ipset: 已安装 ip-full: 已安装 iptables-mod-tproxy: 已安装 kmod-tun(TUN模式): 已安装 luci-compat(Luci-19.07): 未安装
===================== 内核检查 =====================
运行状态: 运行中 已选择的架构: linux-armv8
下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: Tun内核文件: 不存在 Tun内核运行权限: 否
Game内核版本: Game内核文件: 不存在 Game内核运行权限: 否
Dev内核版本: v1.10.6-9-g9d2fc97 Dev内核文件: 存在 Dev内核运行权限: 正常
===================== 插件设置 =====================
当前配置文件: /etc/openclash/config/config.yaml 运行模式: redir-host 默认代理模式: Rule UDP流量转发: 启用 DNS劫持: 启用 自定义DNS: 停用 IPV6-DNS解析: 停用 禁用Dnsmasq缓存: 停用 自定义规则: 停用 仅允许内网: 停用 仅代理命中规则流量: 停用
启动异常时建议关闭此项后重试
保留配置: 停用 第三方规则: 停用
===================== 配置文件 =====================
port: 7890 socks-port: 7891 redir-port: 7892 mixed-port: 7893 allow-lan: true bind-address: "*" mode: Rule log-level: silent ipv6: false hosts:
Custom HOSTS
experimental hosts, support wildcard (e.g. .clash.dev Even .foo.*.example.com)
static domain has a higher priority than wildcard domain (foo.example.com > *.example.com)
NOTE: hosts don't work with
fake-ip
'*.clash.dev': 127.0.0.1
'alpha.clash.dev': '::1'
Custom HOSTS END
services.googleapis.cn: 216.58.200.67 www.google.cn: 216.58.200.67 external-controller: 0.0.0.0:9090 clash-for-android: append-system-dns: false profile: tracing: true secret: "123456" external-ui: "/usr/share/openclash/dashboard" dns: enable: true listen: 127.0.0.1:8853 default-nameserver:
===================== 防火墙设置 =====================
NAT chain
Chain PREROUTING (policy ACCEPT) num target prot opt source destination
1 REDIRECT tcp -- 0.0.0.0/0 8.8.4.4 redir ports 7892 2 REDIRECT tcp -- 0.0.0.0/0 8.8.8.8 redir ports 7892 3 REDIRECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 redir ports 53 4 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 redir ports 53 5 prerouting_rule all -- 0.0.0.0/0 0.0.0.0/0 / !fw3: Custom prerouting rule chain / 6 zone_lan_prerouting all -- 0.0.0.0/0 0.0.0.0/0 / !fw3 / 7 zone_vpn_prerouting all -- 0.0.0.0/0 0.0.0.0/0 / !fw3 / 8 openclash tcp -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT) num target prot opt source destination
Mangle chain
Chain PREROUTING (policy ACCEPT) num target prot opt source destination
1 openclash udp -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT) num target prot opt source destination
===================== 路由表状态 =====================
route -n
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.5.1 0.0.0.0 UG 0 0 0 br-lan 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 192.168.5.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
ip route list
default via 192.168.5.1 dev br-lan proto static 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 192.168.5.0/24 dev br-lan proto kernel scope link src 192.168.5.254
ip rule show
0: from all lookup local 32765: from all fwmark 0x162 lookup 354 32766: from all lookup main 32767: from all lookup default
===================== 端口占用状态 =====================
tcp 0 0 :::9090 ::: LISTEN 20733/clash tcp 0 0 :::7890 ::: LISTEN 20733/clash tcp 0 0 :::7891 ::: LISTEN 20733/clash tcp 0 0 :::7892 ::: LISTEN 20733/clash tcp 0 0 :::7893 ::: LISTEN 20733/clash udp 0 0 127.0.0.1:8853 0.0.0.0: 20733/clash udp 0 0 :::7891 ::: 20733/clash udp 0 0 :::7892 ::: 20733/clash udp 0 0 :::7893 :::* 20733/clash
===================== 测试本机DNS查询 =====================
Server: 192.168.5.1 Address: 192.168.5.1#53
Name: www.baidu.com Address 1: 14.215.177.39 Address 2: 14.215.177.38 www.baidu.com canonical name = www.a.shifen.com
===================== resolv.conf.auto =====================
Interface lan
nameserver 192.168.5.1
===================== 测试本机网络连接 =====================
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform Connection: keep-alive Content-Length: 277 Content-Type: text/html Date: Wed, 01 Jun 2022 01:42:32 GMT Etag: "575e1f72-115" Last-Modified: Mon, 13 Jun 2016 02:50:26 GMT Pragma: no-cache Server: bfe/1.0.8.18
===================== 测试本机网络下载 =====================
HTTP/1.1 200 Connection established
HTTP/1.1 200 OK Connection: keep-alive Content-Length: 80 Cache-Control: max-age=300 Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox Content-Type: text/plain; charset=utf-8 ETag: "7454d24b4da496745bb088bba9f9900d8c0ab5b45c1af1677f49d7262484b70d" Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Frame-Options: deny X-XSS-Protection: 1; mode=block X-GitHub-Request-Id: 8C44:3F0D:30F57:C1704:62919ADE Accept-Ranges: bytes Date: Wed, 01 Jun 2022 01:42:32 GMT Via: 1.1 varnish X-Served-By: cache-hkg17933-HKG X-Cache: HIT X-Cache-Hits: 1 X-Timer: S1654047752.354127,VS0,VE1 Vary: Authorization,Accept-Encoding,Origin Access-Control-Allow-Origin: * X-Fastly-Request-ID: 920eb99e44a57dfc3d7f9d9c7799784ac38db0fe Expires: Wed, 01 Jun 2022 01:47:32 GMT Source-Age: 224
===================== 最近运行日志 =====================
2022-06-01 09:12:28 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:13:28 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:14:29 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:15:29 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:16:29 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:17:29 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:18:30 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:19:30 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:20:30 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:21:31 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:22:31 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:23:31 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:24:32 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:25:32 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:26:32 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:27:32 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:28:33 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:29:33 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:30:33 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:31:34 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:32:34 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:33:34 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:34:34 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:35:35 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:36:35 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:37:35 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:38:36 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:39:36 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:40:36 Watchdog: Force Reset DNS Hijack. 2022-06-01 09:41:36 Watchdog: Force Reset DNS Hijack.
OpenClash Config
No response
Expected Behavior
通过修改网关与dns能正常使用
Screenshots
No response