Closed Acris closed 1 year ago
v0.45.121-beta
Official OpenWrt
Linux-amd64(x86-64)
开启IPv6并选择tun模式,分别从境外服务器和境内通过公网IPv6访问路由器,境外无法访问,境内正常访问。
该问题仅在开启IPv6并选择tun模式才出现,tproxy和redirect模式无影响。
暂未在日志中发现有用信息,如有需要会进一步提供。
config openclash 'config' option proxy_port '25500' option tproxy_port '25505' option mixed_port '25520' option socks_port '25515' option http_port '25510' option dns_port '25300' option enable '1' option update '0' option en_mode 'fake-ip-mix' option auto_update '0' option auto_update_time '0' option cn_port '29595' option dashboard_password 'shallowmo' option dashboard_forward_ssl '0' option rule_source '1' option enable_custom_dns '0' option ipv6_enable '1' option ipv6_dns '1' option enable_custom_clash_rules '0' option other_rule_auto_update '1' option core_version 'linux-amd64' option enable_redirect_dns '1' option servers_if_update '0' option disable_masq_cache '1' option servers_update '0' option log_level 'warning' option proxy_mode 'rule' option intranet_allowed '1' option disable_udp_quic '0' option operation_mode 'fake-ip' option enable_rule_proxy '1' option redirect_dns '1' option cachesize_dns '1' option filter_aaaa_dns '1' option small_flash_memory '0' option interface_name '0' option log_size '1024' option tolerance '0' option store_fakeip '1' option custom_fallback_filter '0' option custom_fakeip_filter '0' option custom_host '0' option custom_name_policy '0' option append_wan_dns '0' option bypass_gateway_compatible '0' option github_address_mod '0' option urltest_address_mod '0' option urltest_interval_mod '0' option delay_start '0' option router_self_proxy '1' option release_branch 'master' option enable_meta_core '1' option dashboard_type 'Meta' option yacd_type 'Meta' option append_default_dns '0' option geo_custom_url 'https://testingcf.jsdelivr.net/gh/alecthw/mmdb_china_ip_list@release/lite/Country.mmdb' option chnr_custom_url 'https://ispip.clang.cn/all_cn.txt' option chnr6_custom_url 'https://ispip.clang.cn/all_cn_ipv6.txt' option cndomain_custom_url 'https://testingcf.jsdelivr.net/gh/felixonmars/dnsmasq-china-list@master/accelerated-domains.china.conf' option enable_custom_domain_dns_server '0' option china_ip_route '1' option geo_auto_update '1' option geo_update_week_time '2' option geo_update_day_time '1' option geoip_auto_update '1' option geosite_auto_update '1' option chnr_auto_update '1' option chnr_update_week_time '3' option chnr_update_day_time '2' option auto_restart '0' option auto_restart_week_time '5' option auto_restart_day_time '5' option custom_china_domain_dns_server '114.114.114.114' option other_rule_update_week_time '1' option other_rule_update_day_time '2' option geoip_update_week_time '2' option geoip_update_day_time '3' option geoip_custom_url 'https://testingcf.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/geoip.dat' option geosite_update_week_time '2' option geosite_update_day_time '5' option geosite_custom_url 'https://testingcf.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/geosite.dat' option fakeip_range '198.18.0.1/16' option find_process_mode 'off' option global_client_fingerprint 'chrome' option geodata_loader 'standard' option enable_geoip_dat '1' option enable_meta_sniffer '1' option config_path '/etc/openclash/config/config.yaml' option config_reload '1' option restricted_mode '0' option core_type 'Meta' option default_resolvfile '/tmp/resolv.conf.d/resolv.conf.auto' option dnsmasq_noresolv '0' option dnsmasq_resolvfile '/tmp/resolv.conf.d/resolv.conf.auto' option ipv6_mode '0' option china_ip6_route '1' option enable_meta_sniffer_pure_ip '1' option enable_meta_sniffer_custom '0' option stream_domains_prefetch '0' option stream_auto_select '0' option enable_tcp_concurrent '1' option stack_type 'system' option enable_v6_udp_proxy '1' option dnsmasq_cachesize '10000' config dns_servers option group 'nameserver' option type 'udp' option ip '114.114.114.114' option enabled '1' config dns_servers option group 'nameserver' option type 'udp' option ip '119.29.29.29' option enabled '1' config dns_servers option group 'nameserver' option type 'udp' option ip '119.28.28.28' option enabled '0' config dns_servers option group 'nameserver' option type 'udp' option ip '223.5.5.5' option enabled '0' config dns_servers option type 'https' option ip 'doh.pub/dns-query' option group 'nameserver' option enabled '1' config dns_servers option type 'https' option ip 'dns.alidns.com/dns-query' option group 'nameserver' option enabled '1' config dns_servers option type 'https' option group 'fallback' option ip 'dns.cloudflare.com/dns-query' option enabled '1' config dns_servers option group 'fallback' option ip 'dns.google' option port '853' option type 'tls' option enabled '0' config dns_servers option group 'fallback' option type 'https' option ip '1.1.1.1/dns-query' option enabled '0' config dns_servers option group 'fallback' option ip '1.1.1.1' option port '853' option type 'tls' option enabled '0' config dns_servers option enabled '0' option group 'fallback' option ip '8.8.8.8' option port '853' option type 'tls' config dns_servers option type 'udp' option group 'fallback' option ip '2001:4860:4860::8888' option port '53' option enabled '0' config dns_servers option type 'udp' option group 'fallback' option ip '2001:4860:4860::8844' option port '53' option enabled '0' config dns_servers option type 'udp' option group 'fallback' option ip '2001:da8::666' option port '53' option enabled '0' config dns_servers option group 'fallback' option type 'https' option ip 'public.dns.iij.jp/dns-query' option enabled '1' config dns_servers option group 'fallback' option type 'https' option ip 'jp.tiar.app/dns-query' option enabled '1' config dns_servers option group 'fallback' option type 'https' option ip 'jp.tiarap.org/dns-query' option enabled '1' config dns_servers option group 'fallback' option ip 'jp.tiar.app' option type 'tls' option enabled '0' config dns_servers option group 'fallback' option ip 'dot.tiar.app' option type 'tls' option enabled '1' config authentication option enabled '1' option username 'Clash' option password '*********************'
另外附上对应的running config:
--- mode: rule log-level: warning ipv6: true external-controller: 0.0.0.0:29595 geodata-mode: true geox-url: geoip: https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geoip.dat geosite: https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geosite.dat mmdb: https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/country.mmdb tun: enable: true stack: system device: utun auto-route: false auto-detect-interface: false dns-hijack: - tcp://any:53 dns: enable: true prefer-h3: true listen: 0.0.0.0:25300 ipv6: true enhanced-mode: fake-ip fake-ip-range: 198.18.0.1/16 fake-ip-filter: - "*" - "+.lan" default-nameserver: - tls://223.5.5.5:853 nameserver: - https://doh.pub/dns-query - https://dns.alidns.com/dns-query#h3=true nameserver-policy: geosite:cn,private: - https://doh.pub/dns-query - https://dns.alidns.com/dns-query#h3=true proxies: - name: PROXY type: ss server: ************** port: ******* cipher: **************** password: **************** udp: true plugin: shadow-tls client-fingerprint: chrome plugin-opts: host: **************** password: **************** version: 3 rule-providers: reject: type: http behavior: domain url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/reject.txt path: "./rule_provider/reject.yaml" interval: 86400 icloud: type: http behavior: domain url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/icloud.txt path: "./rule_provider/icloud.yaml" interval: 86400 apple: type: http behavior: domain url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/apple.txt path: "./rule_provider/apple.yaml" interval: 86400 google: type: http behavior: domain url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/google.txt path: "./rule_provider/google.yaml" interval: 86400 proxy: type: http behavior: domain url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/proxy.txt path: "./rule_provider/proxy.yaml" interval: 86400 direct: type: http behavior: domain url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/direct.txt path: "./rule_provider/direct.yaml" interval: 86400 private: type: http behavior: domain url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/private.txt path: "./rule_provider/private.yaml" interval: 86400 gfw: type: http behavior: domain url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/gfw.txt path: "./rule_provider/gfw.yaml" interval: 86400 tld-not-cn: type: http behavior: domain url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/tld-not-cn.txt path: "./rule_provider/tld-not-cn.yaml" interval: 86400 telegramcidr: type: http behavior: ipcidr url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/telegramcidr.txt path: "./rule_provider/telegramcidr.yaml" interval: 86400 cncidr: type: http behavior: ipcidr url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/cncidr.txt path: "./rule_provider/cncidr.yaml" interval: 86400 lancidr: type: http behavior: ipcidr url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt path: "./rule_provider/lancidr.yaml" interval: 86400 applications: type: http behavior: classical url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/applications.txt path: "./rule_provider/applications.yaml" interval: 86400 rules: - DST-PORT,25505,REJECT - DST-PORT,25500,REJECT - IP-CIDR,198.18.0.1/16,REJECT,no-resolve - DOMAIN-SUFFIX,awesome-hd.me,DIRECT - DOMAIN-SUFFIX,broadcasthe.net,DIRECT - DOMAIN-SUFFIX,chdbits.co,DIRECT - DOMAIN-SUFFIX,classix-unlimited.co.uk,DIRECT - DOMAIN-SUFFIX,empornium.me,DIRECT - DOMAIN-SUFFIX,gazellegames.net,DIRECT - DOMAIN-SUFFIX,hdchina.org,DIRECT - DOMAIN-SUFFIX,hdsky.me,DIRECT - DOMAIN-SUFFIX,icetorrent.org,DIRECT - DOMAIN-SUFFIX,jpopsuki.eu,DIRECT - DOMAIN-SUFFIX,keepfrds.com,DIRECT - DOMAIN-SUFFIX,madsrevolution.net,DIRECT - DOMAIN-SUFFIX,m-team.cc,DIRECT - DOMAIN-SUFFIX,nanyangpt.com,DIRECT - DOMAIN-SUFFIX,ncore.cc,DIRECT - DOMAIN-SUFFIX,open.cd,DIRECT - DOMAIN-SUFFIX,ourbits.club,DIRECT - DOMAIN-SUFFIX,passthepopcorn.me,DIRECT - DOMAIN-SUFFIX,privatehd.to,DIRECT - DOMAIN-SUFFIX,redacted.ch,DIRECT - DOMAIN-SUFFIX,springsunday.net,DIRECT - DOMAIN-SUFFIX,tjupt.org,DIRECT - DOMAIN-SUFFIX,totheglory.im,DIRECT - DOMAIN-SUFFIX,smtp,DIRECT - DOMAIN-KEYWORD,announce,DIRECT - DOMAIN-KEYWORD,torrent,DIRECT - DOMAIN-KEYWORD,tracker,DIRECT - RULE-SET,applications,DIRECT - DOMAIN,clash.razord.top,DIRECT - DOMAIN,yacd.haishan.me,DIRECT - RULE-SET,private,DIRECT - RULE-SET,reject,REJECT - RULE-SET,icloud,DIRECT - RULE-SET,apple,DIRECT - RULE-SET,google,DIRECT - RULE-SET,proxy,PROXY - RULE-SET,gfw,PROXY - RULE-SET,direct,DIRECT - RULE-SET,lancidr,DIRECT - RULE-SET,cncidr,DIRECT - RULE-SET,telegramcidr,PROXY - GEOIP,LAN,DIRECT - GEOIP,CN,DIRECT - PROCESS-NAME,aria2c,DIRECT - PROCESS-NAME,BitComet,DIRECT - PROCESS-NAME,fdm,DIRECT - PROCESS-NAME,NetTransport,DIRECT - PROCESS-NAME,qbittorrent,DIRECT - PROCESS-NAME,Thunder,DIRECT - PROCESS-NAME,transmission-daemon,DIRECT - PROCESS-NAME,transmission-qt,DIRECT - PROCESS-NAME,uTorrent,DIRECT - PROCESS-NAME,WebTorrent,DIRECT - PROCESS-NAME,aria2c,DIRECT - PROCESS-NAME,fdm,DIRECT - PROCESS-NAME,Folx,DIRECT - PROCESS-NAME,NetTransport,DIRECT - PROCESS-NAME,qbittorrent,DIRECT - PROCESS-NAME,Thunder,DIRECT - PROCESS-NAME,Transmission,DIRECT - PROCESS-NAME,transmission,DIRECT - PROCESS-NAME,uTorrent,DIRECT - PROCESS-NAME,WebTorrent,DIRECT - PROCESS-NAME,WebTorrent Helper,DIRECT - PROCESS-NAME,v2ray,DIRECT - PROCESS-NAME,ss-local,DIRECT - PROCESS-NAME,ssr-local,DIRECT - PROCESS-NAME,ss-redir,DIRECT - PROCESS-NAME,ssr-redir,DIRECT - PROCESS-NAME,ss-server,DIRECT - PROCESS-NAME,trojan-go,DIRECT - PROCESS-NAME,xray,DIRECT - PROCESS-NAME,hysteria,DIRECT - PROCESS-NAME,UUBooster,DIRECT - PROCESS-NAME,uugamebooster,DIRECT - DST-PORT,80,PROXY - DST-PORT,443,PROXY - DST-PORT,22,PROXY - MATCH,DIRECT redir-port: 25500 tproxy-port: 25505 port: 25510 socks-port: 25515 mixed-port: 25520 allow-lan: true secret: shallowmo bind-address: "*" external-ui: "/usr/share/openclash/ui" geodata-loader: standard tcp-concurrent: true find-process-mode: 'off' global-client-fingerprint: chrome sniffer: enable: true parse-pure-ip: true profile: store-selected: true store-fake-ip: true authentication: - Clash:*******************
境内和境外都能正常访问。
No response
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days
Verify Steps
OpenClash Version
v0.45.121-beta
Bug on Environment
Official OpenWrt
Bug on Platform
Linux-amd64(x86-64)
To Reproduce
开启IPv6并选择tun模式,分别从境外服务器和境内通过公网IPv6访问路由器,境外无法访问,境内正常访问。
Describe the Bug
该问题仅在开启IPv6并选择tun模式才出现,tproxy和redirect模式无影响。
OpenClash Log
暂未在日志中发现有用信息,如有需要会进一步提供。
OpenClash Config
另外附上对应的running config:
Expected Behavior
境内和境外都能正常访问。
Screenshots
No response