gu0o00
commented
1 year ago #===================== 自定义规则 一 =====================#
script:
rules:
- DOMAIN-SUFFIX,gwdang.com,DIRECT
- "DOMAIN-SUFFIX,steamcontent.com,🚀 节点选择"
- "DOMAIN-SUFFIX,steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,steamstatic.com,🚀 节点选择"
- "DOMAIN-SUFFIX,steam-chat.com,🚀 节点选择"
- "DOMAIN-SUFFIX,steamcdn-a.akamaihd.net,🚀 节点选择"
- "DOMAIN-SUFFIX,cdn.akamai.steamstatic.com,🚀 节点选择"
- "DOMAIN-SUFFIX,community.akamai.steamstatic.com,🚀 节点选择"
- "DOMAIN-SUFFIX,avatars.akamai.steamstatic.com,🚀 节点选择"
- "DOMAIN-SUFFIX,community.steamstatic.com,🚀 节点选择"
- "DOMAIN-SUFFIX,media.steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,store.steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,api.steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,help.steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,login.steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,steamcommunity.com,🚀 节点选择"
- "DOMAIN-SUFFIX,www.steamcommunity.com,🚀 节点选择"
- "DOMAIN-SUFFIX,playstation.net,🚀 节点选择"
- "DOMAIN-SUFFIX,playstation.com,🚀 节点选择"
##在线IP段转CIDR地址:http://ip2cidr.com
#===================== 自定义规则 二 =====================#
script:
rules:
#===================== 配置文件 =====================#
port: 7890
socks-port: 7891
allow-lan: true
mode: rule
log-level: silent
external-controller: 0.0.0.0:9090
proxy-groups:
- name: "\U0001F680 节点选择"
type: select
proxies:
- "\U0001F1ED\U0001F1F0 香港节点"
- "\U0001F1F9\U0001F1FC 台湾节点"
- "\U0001F1F8\U0001F1EC 新加坡节点"
- "\U0001F1EF\U0001F1F5 日本节点"
- "\U0001F1FA\U0001F1F2 美国节点"
- "\U0001F1F0\U0001F1F7 韩国节点"
- DIRECT
- name: "\U0001F4F2 Telegram"
type: select
proxies:
- "\U0001F680 节点选择"
- DIRECT
- "\U0001F1F8\U0001F1EC 新加坡节点"
- "\U0001F1ED\U0001F1F0 香港节点"
- "\U0001F1F9\U0001F1FC 台湾节点"
- "\U0001F1EF\U0001F1F5 日本节点"
- "\U0001F1FA\U0001F1F2 美国节点"
- "\U0001F1F0\U0001F1F7 韩国节点"
- name: "\U0001F4F9 Youtube"
type: select
proxies:
- "\U0001F680 节点选择"
- DIRECT
- "\U0001F1F8\U0001F1EC 新加坡节点"
- "\U0001F1ED\U0001F1F0 香港节点"
- "\U0001F1F9\U0001F1FC 台湾节点"
- "\U0001F1EF\U0001F1F5 日本节点"
- "\U0001F1FA\U0001F1F2 美国节点"
- "\U0001F1F0\U0001F1F7 韩国节点"
- name: "\U0001F3A5 Netflix"
type: select
proxies:
- "\U0001F680 节点选择"
- DIRECT
- name: "\U0001F4FA 動畫瘋"
type: select
proxies:
- "\U0001F1F9\U0001F1FC 台湾节点"
- "\U0001F680 节点选择"
- DIRECT
- name: "\U0001F4FA 哔哩哔哩"
type: select
proxies:
- "\U0001F3AF 全球直连"
- "\U0001F1F9\U0001F1FC 台湾节点"
- "\U0001F1ED\U0001F1F0 香港节点"
- name: "\U0001F30D 国外媒体"
type: select
proxies:
- "\U0001F680 节点选择"
- DIRECT
- "\U0001F1ED\U0001F1F0 香港节点"
- "\U0001F1F9\U0001F1FC 台湾节点"
- "\U0001F1F8\U0001F1EC 新加坡节点"
- "\U0001F1EF\U0001F1F5 日本节点"
- "\U0001F1FA\U0001F1F2 美国节点"
- "\U0001F1F0\U0001F1F7 韩国节点"
- name: "\U0001F30F 国内媒体"
type: select
proxies:
- DIRECT
- "\U0001F680 节点选择"
- name: "\U0001F4E2 谷歌FCM"
type: select
proxies:
- DIRECT
- "\U0001F680 节点选择"
- name: Ⓜ️ 微软云盘
type: select
proxies:
- DIRECT
- "\U0001F680 节点选择"
- "\U0001F1FA\U0001F1F2 美国节点"
- "\U0001F1ED\U0001F1F0 香港节点"
- "\U0001F1F9\U0001F1FC 台湾节点"
- "\U0001F1F8\U0001F1EC 新加坡节点"
- "\U0001F1EF\U0001F1F5 日本节点"
- "\U0001F1F0\U0001F1F7 韩国节点"
- name: "\U0001F34E 苹果服务"
type: select
proxies:
- DIRECT
- "\U0001F680 节点选择"
- "\U0001F1FA\U0001F1F2 美国节点"
- "\U0001F1ED\U0001F1F0 香港节点"
- "\U0001F1F9\U0001F1FC 台湾节点"
- "\U0001F1F8\U0001F1EC 新加坡节点"
- "\U0001F1EF\U0001F1F5 日本节点"
- "\U0001F1F0\U0001F1F7 韩国节点"
- name: "\U0001F3AE 游戏平台"
type: select
proxies:
- DIRECT
- "\U0001F680 节点选择"
- "\U0001F1FA\U0001F1F2 美国节点"
- "\U0001F1ED\U0001F1F0 香港节点"
- "\U0001F1F9\U0001F1FC 台湾节点"
- "\U0001F1F8\U0001F1EC 新加坡节点"
- "\U0001F1EF\U0001F1F5 日本节点"
- "\U0001F1F0\U0001F1F7 韩国节点"
- name: "\U0001F3B6 网易音乐"
type: select
proxies:
- DIRECT
- "\U0001F680 节点选择"
- name: "\U0001F3AF 全球直连"
type: select
proxies:
- DIRECT
- "\U0001F680 节点选择"
- name: "\U0001F6D1 广告拦截"
type: select
proxies:
- REJECT
- DIRECT
- name: "\U0001F343 应用净化"
type: select
proxies:
- REJECT
- DIRECT
- name: "\U0001F41F 漏网之鱼"
type: select
proxies:
- "\U0001F680 节点选择"
- DIRECT
- "\U0001F1ED\U0001F1F0 香港节点"
- "\U0001F1F9\U0001F1FC 台湾节点"
- "\U0001F1F8\U0001F1EC 新加坡节点"
- "\U0001F1EF\U0001F1F5 日本节点"
- "\U0001F1FA\U0001F1F2 美国节点"
- "\U0001F1F0\U0001F1F7 韩国节点"
- name: "\U0001F1ED\U0001F1F0 香港节点"
type: url-test
url: http://www.gstatic.com/generate_204
interval: 300
tolerance: 50
proxies:
- "\U0001F1ED\U0001F1F0 [v1] 香港・01"
- "\U0001F1ED\U0001F1F0 [v1] 香港・02"
- "\U0001F1ED\U0001F1F0 [v1] 香港・03"
- "\U0001F1ED\U0001F1F0 [v1] 香港・04"
- "\U0001F1ED\U0001F1F0 [v1] 香港・05"
- "\U0001F1ED\U0001F1F0 [v1] 香港・06"
- "\U0001F1ED\U0001F1F0 [v1] 香港・07"
- "\U0001F1ED\U0001F1F0 [v1] 香港・08"
- "\U0001F1ED\U0001F1F0 [v1] 香港・09"
- "\U0001F1ED\U0001F1F0 [v1] 香港・10"
- name: "\U0001F1EF\U0001F1F5 日本节点"
type: url-test
url: http://www.gstatic.com/generate_204
interval: 300
tolerance: 50
proxies:
- "\U0001F1EF\U0001F1F5 [v1] 日本・01"
- "\U0001F1EF\U0001F1F5 [v1] 日本・02"
- "\U0001F1EF\U0001F1F5 [v1] 日本・03"
- "\U0001F1EF\U0001F1F5 [v1] 日本・04"
- "\U0001F1EF\U0001F1F5 [v1] 日本・05"
- name: "\U0001F1FA\U0001F1F2 美国节点"
type: url-test
url: http://www.gstatic.com/generate_204
interval: 300
tolerance: 150
proxies:
- "\U0001F1FA\U0001F1F8 [v1] 美国・01"
- "\U0001F1FA\U0001F1F8 [v1] 美国・02"
- "\U0001F1FA\U0001F1F8 [v1] 美国・03"
- "\U0001F1FA\U0001F1F8 [v1] 美国・04"
- "\U0001F1FA\U0001F1F8 [v1] 美国・05"
- name: "\U0001F1F9\U0001F1FC 台湾节点"
type: url-test
url: http://www.gstatic.com/generate_204
interval: 300
tolerance: 50
proxies:
- "\U0001F1E8\U0001F1F3 [v1] 台湾・01"
- "\U0001F1E8\U0001F1F3 [v1] 台湾・02"
- "\U0001F1E8\U0001F1F3 [v1] 台湾・03"
- "\U0001F1E8\U0001F1F3 [v1] 台湾・04"
- "\U0001F1E8\U0001F1F3 [v1] 台湾・05"
- "\U0001F1E8\U0001F1F3 [v1] 台湾・06"
- name: "\U0001F1F8\U0001F1EC 新加坡节点"
type: url-test
url: http://www.gstatic.com/generate_204
interval: 300
tolerance: 50
proxies:
- "\U0001F1F8\U0001F1EC [v1] 新加坡・01"
- "\U0001F1F8\U0001F1EC [v1] 新加坡・02"
- "\U0001F1F8\U0001F1EC [v1] 新加坡・03"
- "\U0001F1F8\U0001F1EC [v1] 新加坡・04"
- "\U0001F1F8\U0001F1EC [v1] 新加坡・05"
- name: "\U0001F1F0\U0001F1F7 韩国节点"
type: url-test
url: http://www.gstatic.com/generate_204
interval: 300
tolerance: 50
proxies:
- DIRECT
rules:
- DST-PORT,7895,REJECT
- DST-PORT,7892,REJECT
- IP-CIDR,198.18.0.1/16,REJECT,no-resolve
- DOMAIN-SUFFIX,gwdang.com,DIRECT
- "DOMAIN-SUFFIX,steamcontent.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,steamstatic.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,steam-chat.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,steamcdn-a.akamaihd.net,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,cdn.akamai.steamstatic.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,community.akamai.steamstatic.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,avatars.akamai.steamstatic.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,community.steamstatic.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,media.steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,store.steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,api.steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,help.steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,login.steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,steamcommunity.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,www.steamcommunity.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,playstation.net,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,playstation.com,\U0001F680 节点选择"
......
- "DOMAIN-SUFFIX,zhuihd.com,\U0001F3AF 全球直连"
- "IP-CIDR,8.128.0.0/10,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,8.208.0.0/12,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,14.1.112.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,41.222.240.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,41.223.119.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,43.242.168.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.112.212.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.52.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.56.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.74.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.76.0.0/14,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.80.0.0/12,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.235.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.236.0.0/14,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.240.0.0/14,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.244.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.246.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.250.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.252.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.254.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,59.82.0.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,59.82.240.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,59.82.248.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,72.254.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.38.56.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.52.76.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.206.40.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,110.76.21.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,110.76.23.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,112.125.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.251.64.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.38.208.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.38.224.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.42.224.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.95.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,140.205.1.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,140.205.122.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,147.139.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,149.129.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,155.102.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,161.117.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,163.181.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,170.33.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,198.11.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,205.204.96.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,19.28.0.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.40.192.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,49.51.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,62.234.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,94.191.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.7.28.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.116.50.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.231.60.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,109.244.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,111.30.128.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,111.30.136.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,111.30.139.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,111.30.140.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,115.159.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.28.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,120.88.56.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,121.51.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,129.28.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,129.204.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,129.211.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,132.232.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,134.175.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,146.56.192.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,148.70.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,150.109.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,152.136.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,162.14.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,162.62.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,170.106.130.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,182.254.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,188.131.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.195.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.205.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,210.4.138.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,211.152.128.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,211.152.132.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,211.152.148.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,212.64.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,212.129.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.113.192.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,63.217.23.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,63.243.252.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.235.44.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,104.193.88.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,106.12.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,114.28.224.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.63.192.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,180.76.0.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,180.76.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,182.61.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,185.10.104.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,202.46.48.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.90.238.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,43.254.0.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.249.212.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,49.4.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,78.101.192.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,78.101.224.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,81.52.161.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,85.97.220.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.31.200.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.69.140.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.218.216.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,114.115.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,114.116.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.63.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.66.184.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.96.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.128.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.136.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.141.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.142.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.243.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.244.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.251.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,117.78.0.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.3.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.8.0.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.8.32.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,121.36.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,121.36.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,121.37.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,122.112.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.0.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.64.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.100.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.104.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.112.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.192.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.224.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.240.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.248.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.128.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.160.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.164.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.168.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.176.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.192.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.0.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.64.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.79.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.80.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.96.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.112.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.125.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.192.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.223.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.224.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,168.195.92.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,185.176.76.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.199.0.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.210.163.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.252.1.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.252.2.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.252.4.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.252.8.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,200.32.52.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,200.32.54.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,200.32.57.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.0.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.4.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.8.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.11.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.13.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.20.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.22.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.24.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.26.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.29.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.33.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.38.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.40.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.43.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.48.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.50.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,42.186.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.127.128.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.195.24.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.253.132.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.253.240.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.254.48.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,59.111.0.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,59.111.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.71.120.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.71.128.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.71.196.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.71.200.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.12.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.18.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.24.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.28.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.38.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.40.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.44.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.48.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.128.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.74.24.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.74.48.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.126.92.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.129.252.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.131.252.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.135.240.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.196.64.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,106.2.32.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,106.2.64.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,114.113.196.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,114.113.200.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,115.236.112.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,115.238.76.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,123.58.160.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,223.252.192.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,101.198.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,101.198.192.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,101.199.196.0/22,\U0001F3AF 全球直连,no-resolve"
- "DOMAIN-SUFFIX,smtp,\U0001F3AF 全球直连"
- "DOMAIN-KEYWORD,aria2,\U0001F3AF 全球直连"
- "GEOIP,CN,\U0001F3AF 全球直连"
- PROCESS-NAME,aria2c,DIRECT
- PROCESS-NAME,BitComet,DIRECT
- PROCESS-NAME,fdm,DIRECT
- PROCESS-NAME,NetTransport,DIRECT
- PROCESS-NAME,qbittorrent,DIRECT
- PROCESS-NAME,Thunder,DIRECT
- PROCESS-NAME,transmission-daemon,DIRECT
- PROCESS-NAME,transmission-qt,DIRECT
- PROCESS-NAME,uTorrent,DIRECT
- PROCESS-NAME,WebTorrent,DIRECT
- PROCESS-NAME,Folx,DIRECT
- PROCESS-NAME,Transmission,DIRECT
- PROCESS-NAME,transmission,DIRECT
- PROCESS-NAME,WebTorrent Helper,DIRECT
- PROCESS-NAME,v2ray,DIRECT
- PROCESS-NAME,ss-local,DIRECT
- PROCESS-NAME,ssr-local,DIRECT
- PROCESS-NAME,ss-redir,DIRECT
- PROCESS-NAME,ssr-redir,DIRECT
- PROCESS-NAME,ss-server,DIRECT
- PROCESS-NAME,trojan-go,DIRECT
- PROCESS-NAME,xray,DIRECT
- PROCESS-NAME,hysteria,DIRECT
- PROCESS-NAME,UUBooster,DIRECT
- PROCESS-NAME,uugamebooster,DIRECT
- "DST-PORT,80,\U0001F41F 漏网之鱼"
- "DST-PORT,443,\U0001F41F 漏网之鱼"
- "DST-PORT,22,\U0001F41F 漏网之鱼"
- MATCH,DIRECT
redir-port: 7892
tproxy-port: 7895
mixed-port: 7893
bind-address: "*"
external-ui: "/usr/share/openclash/ui"
ipv6: false
dns:
enable: true
ipv6: true
enhanced-mode: fake-ip
fake-ip-range: 198.18.0.1/16
listen: 0.0.0.0:7874
nameserver:
- 119.29.29.29
- 223.5.5.5
- https://doh.pub/dns-query
- https://dns.alidns.com/dns-query
fallback:
- https://dns.cloudflare.com/dns-query
- https://1.1.1.1/dns-query
- tls://1.1.1.1:853
- tls://8.8.8.8:853
fake-ip-filter:
- "+.*"
experimental:
sniff-tls-sni: true
tun:
enable: true
stack: system
auto-route: false
auto-detect-interface: false
dns-hijack:
- tcp://any:53
profile:
store-selected: true
store-fake-ip: true
#===================== 自定义覆写设置 =====================#
#!/bin/sh
. /usr/share/openclash/ruby.sh
. /usr/share/openclash/log.sh
. /lib/functions.sh
# This script is called by /etc/init.d/openclash
# Add your custom overwrite scripts here, they will be take effict after the OpenClash own srcipts
LOG_OUT "Tip: Start Running Custom Overwrite Scripts..."
LOGTIME=$(echo $(date "+%Y-%m-%d %H:%M:%S"))
LOG_FILE="/tmp/openclash.log"
CONFIG_FILE="$1" #config path
#Simple Demo:
#General Demo
#1--config path
#2--key name
#3--value
#ruby_edit "$CONFIG_FILE" "['redir-port']" "7892"
#ruby_edit "$CONFIG_FILE" "['secret']" "123456"
#ruby_edit "$CONFIG_FILE" "['dns']['enable']" "true"
#Hash Demo
#1--config path
#2--key name
#3--hash type value
#ruby_edit "$CONFIG_FILE" "['experimental']" "{'sniff-tls-sni'=>true}"
#ruby_edit "$CONFIG_FILE" "['sniffer']" "{'sniffing'=>['tls','http']}"
#Array Demo:
#1--config path
#2--key name
#3--position(start from 0, end with -1)
#4--value
#ruby_arr_insert "$CONFIG_FILE" "['dns']['nameserver']" "0" "114.114.114.114"
#Array Add From Yaml File Demo:
#1--config path
#2--key name
#3--position(start from 0, end with -1)
#4--value file path
#5--value key name in #4 file
#ruby_arr_add_file "$CONFIG_FILE" "['dns']['fallback-filter']['ipcidr']" "0" "/etc/openclash/custom/openclash_custom_fallback_filter.yaml" "['fallback-filter']['ipcidr']"
#Ruby Script Demo:
#ruby -ryaml -rYAML -I "/usr/share/openclash" -E UTF-8 -e "
# begin
# Value = YAML.load_file('$CONFIG_FILE');
# rescue Exception => e
# puts '${LOGTIME} Error: Load File Failed,【' + e.message + '】';
# end;
#General
# begin
# Thread.new{
# Value['redir-port']=7892;
# Value['tproxy-port']=7895;
# Value['port']=7890;
# Value['socks-port']=7891;
# Value['mixed-port']=7893;
# }.join;
# rescue Exception => e
# puts '${LOGTIME} Error: Set General Failed,【' + e.message + '】';
# ensure
# File.open('$CONFIG_FILE','w') {|f| YAML.dump(Value, f)};
# end" 2>/dev/null >> $LOG_FILE
exit 0
#===================== 自定义防火墙设置 =====================#
#!/bin/sh
. /usr/share/openclash/log.sh
. /lib/functions.sh
# This script is called by /etc/init.d/openclash
# Add your custom firewall rules here, they will be added after the end of the OpenClash iptables rules
LOG_OUT "Tip: Start Add Custom Firewall Rules..."
exit 0
#===================== IPTABLES 防火墙设置 =====================#
#IPv4 NAT chain
# Generated by iptables-save v1.8.7 on Mon Jul 31 16:49:05 2023
*nat
:PREROUTING ACCEPT [201:18890]
:INPUT ACCEPT [188:16935]
:OUTPUT ACCEPT [409:33275]
:POSTROUTING ACCEPT [409:33275]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:postrouting_zerotier_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:prerouting_zerotier_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
:zone_zerotier_postrouting - [0:0]
:zone_zerotier_prerouting - [0:0]
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_zerotier_prerouting
-A PREROUTING -i ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_prerouting
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_zerotier_postrouting
-A POSTROUTING -o ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_postrouting
-A zone_lan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_lan_prerouting -j MINIUPNPD
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -m comment --comment "!fw3" -j MASQUERADE
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
-A zone_zerotier_postrouting -m comment --comment "!fw3: Custom zerotier postrouting rule chain" -j postrouting_zerotier_rule
-A zone_zerotier_prerouting -m comment --comment "!fw3: Custom zerotier prerouting rule chain" -j prerouting_zerotier_rule
COMMIT
# Completed on Mon Jul 31 16:49:05 2023
#IPv4 Mangle chain
# Generated by iptables-save v1.8.7 on Mon Jul 31 16:49:05 2023
*mangle
:PREROUTING ACCEPT [374288:376378229]
:INPUT ACCEPT [374277:376376682]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [93491:351975714]
:POSTROUTING ACCEPT [93491:351975714]
:openclash - [0:0]
:openclash_dns_hijack - [0:0]
:openclash_output - [0:0]
:openclash_upnp - [0:0]
-A PREROUTING -j openclash
-A OUTPUT -j openclash_output
-A openclash -p udp -m udp --sport 500 -j RETURN
-A openclash -p udp -m udp --sport 68 -j RETURN
-A openclash -i utun -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -m set ! --match-set common_ports dst -j RETURN
-A openclash -m set --match-set china_ip_route dst -m set ! --match-set china_ip_route_pass dst -j RETURN
-A openclash -p udp -j openclash_upnp
-A openclash -j MARK --set-xmark 0x162/0xffffffff
-A openclash_output -p udp -m udp --sport 500 -j RETURN
-A openclash_output -p udp -m udp --sport 68 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -m owner ! --uid-owner 65534 -m set ! --match-set common_ports dst -j RETURN
-A openclash_output -m owner ! --uid-owner 65534 -m set --match-set china_ip_route dst -m set ! --match-set china_ip_route_pass dst -j RETURN
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -j MARK --set-xmark 0x162/0xffffffff
COMMIT
# Completed on Mon Jul 31 16:49:05 2023
#IPv4 Filter chain
# Generated by iptables-save v1.8.7 on Mon Jul 31 16:49:05 2023
*filter
:INPUT ACCEPT [110:5287]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [40:6350]
:MINIUPNPD - [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:forwarding_wan_rule - [0:0]
:forwarding_zerotier_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:input_wan_rule - [0:0]
:input_zerotier_rule - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:output_wan_rule - [0:0]
:output_zerotier_rule - [0:0]
:reject - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
:zone_wan_dest_ACCEPT - [0:0]
:zone_wan_dest_REJECT - [0:0]
:zone_wan_forward - [0:0]
:zone_wan_input - [0:0]
:zone_wan_output - [0:0]
:zone_wan_src_REJECT - [0:0]
:zone_zerotier_dest_ACCEPT - [0:0]
:zone_zerotier_forward - [0:0]
:zone_zerotier_input - [0:0]
:zone_zerotier_output - [0:0]
:zone_zerotier_src_ACCEPT - [0:0]
-A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
-A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_zerotier_input
-A INPUT -i ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_input
-A FORWARD -o utun -p udp -m udp --dport 443 -m comment --comment "OpenClash QUIC REJECT" -m set ! --match-set china_ip_route dst -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -o utun -m comment --comment "OpenClash TUN Forward" -j ACCEPT
-A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_zerotier_forward
-A FORWARD -i ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_forward
-A FORWARD -m comment --comment "!fw3" -j reject
-A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_zerotier_output
-A OUTPUT -o ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_output
-A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
-A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp-port-unreachable
-A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to wan forwarding policy" -j zone_wan_dest_ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to zerotier forwarding policy" -j zone_zerotier_dest_ACCEPT
-A zone_lan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_lan_forward -j MINIUPNPD
-A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
-A zone_lan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_lan_input -j MINIUPNPD
-A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
-A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
-A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_forward -m comment --comment "!fw3: Custom wan forwarding rule chain" -j forwarding_wan_rule
-A zone_wan_forward -p esp -m comment --comment "!fw3: Allow-IPSec-ESP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -p udp -m udp --dport 500 -m comment --comment "!fw3: Allow-ISAKMP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
-A zone_wan_input -m comment --comment "!fw3: Custom wan input rule chain" -j input_wan_rule
-A zone_wan_input -p udp -m udp --dport 68 -m comment --comment "!fw3: Allow-DHCP-Renew" -j ACCEPT
-A zone_wan_input -p icmp -m icmp --icmp-type 8 -m comment --comment "!fw3: Allow-Ping" -j ACCEPT
-A zone_wan_input -p igmp -m comment --comment "!fw3: Allow-IGMP" -j ACCEPT
-A zone_wan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_REJECT
-A zone_wan_output -m comment --comment "!fw3: Custom wan output rule chain" -j output_wan_rule
-A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
-A zone_zerotier_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_dest_ACCEPT -o ztrtayn247 -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_forward -m comment --comment "!fw3: Custom zerotier forwarding rule chain" -j forwarding_zerotier_rule
-A zone_zerotier_forward -m comment --comment "!fw3: Zone zerotier to lan forwarding policy" -j zone_lan_dest_ACCEPT
-A zone_zerotier_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_zerotier_forward -m comment --comment "!fw3" -j zone_zerotier_dest_ACCEPT
-A zone_zerotier_input -m comment --comment "!fw3: Custom zerotier input rule chain" -j input_zerotier_rule
-A zone_zerotier_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_zerotier_input -m comment --comment "!fw3" -j zone_zerotier_src_ACCEPT
-A zone_zerotier_output -m comment --comment "!fw3: Custom zerotier output rule chain" -j output_zerotier_rule
-A zone_zerotier_output -m comment --comment "!fw3" -j zone_zerotier_dest_ACCEPT
-A zone_zerotier_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_src_ACCEPT -i ztrtayn247 -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
COMMIT
# Completed on Mon Jul 31 16:49:05 2023
#IPv6 NAT chain
#IPv6 Mangle chain
# Generated by ip6tables-save v1.8.7 on Mon Jul 31 16:49:05 2023
*mangle
:PREROUTING ACCEPT [73:7974]
:INPUT ACCEPT [54:6150]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [222:86326]
:POSTROUTING ACCEPT [222:86326]
COMMIT
# Completed on Mon Jul 31 16:49:05 2023
#IPv6 Filter chain
# Generated by ip6tables-save v1.8.7 on Mon Jul 31 16:49:05 2023
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [4:304]
:MINIUPNPD - [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:forwarding_wan_rule - [0:0]
:forwarding_zerotier_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:input_wan_rule - [0:0]
:input_zerotier_rule - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:output_wan_rule - [0:0]
:output_zerotier_rule - [0:0]
:reject - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
:zone_wan_dest_ACCEPT - [0:0]
:zone_wan_dest_REJECT - [0:0]
:zone_wan_forward - [0:0]
:zone_wan_input - [0:0]
:zone_wan_output - [0:0]
:zone_wan_src_REJECT - [0:0]
:zone_zerotier_dest_ACCEPT - [0:0]
:zone_zerotier_forward - [0:0]
:zone_zerotier_input - [0:0]
:zone_zerotier_output - [0:0]
:zone_zerotier_src_ACCEPT - [0:0]
-A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
-A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_zerotier_input
-A INPUT -i ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_input
-A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_zerotier_forward
-A FORWARD -i ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_forward
-A FORWARD -m comment --comment "!fw3" -j reject
-A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_zerotier_output
-A OUTPUT -o ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_output
-A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
-A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp6-port-unreachable
-A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to wan forwarding policy" -j zone_wan_dest_ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to zerotier forwarding policy" -j zone_zerotier_dest_ACCEPT
-A zone_lan_forward -j MINIUPNPD
-A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
-A zone_lan_input -j MINIUPNPD
-A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
-A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
-A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_forward -m comment --comment "!fw3: Custom wan forwarding rule chain" -j forwarding_wan_rule
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 128 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 129 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 4/0 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 4/1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p esp -m comment --comment "!fw3: Allow-IPSec-ESP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -p udp -m udp --dport 500 -m comment --comment "!fw3: Allow-ISAKMP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
-A zone_wan_input -m comment --comment "!fw3: Custom wan input rule chain" -j input_wan_rule
-A zone_wan_input -s fc00::/6 -d fc00::/6 -p udp -m udp --dport 546 -m comment --comment "!fw3: Allow-DHCPv6" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 128 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 129 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 4/0 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 4/1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_REJECT
-A zone_wan_output -m comment --comment "!fw3: Custom wan output rule chain" -j output_wan_rule
-A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
-A zone_zerotier_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_dest_ACCEPT -o ztrtayn247 -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_forward -m comment --comment "!fw3: Custom zerotier forwarding rule chain" -j forwarding_zerotier_rule
-A zone_zerotier_forward -m comment --comment "!fw3: Zone zerotier to lan forwarding policy" -j zone_lan_dest_ACCEPT
-A zone_zerotier_forward -m comment --comment "!fw3" -j zone_zerotier_dest_ACCEPT
-A zone_zerotier_input -m comment --comment "!fw3: Custom zerotier input rule chain" -j input_zerotier_rule
-A zone_zerotier_input -m comment --comment "!fw3" -j zone_zerotier_src_ACCEPT
-A zone_zerotier_output -m comment --comment "!fw3: Custom zerotier output rule chain" -j output_zerotier_rule
-A zone_zerotier_output -m comment --comment "!fw3" -j zone_zerotier_dest_ACCEPT
-A zone_zerotier_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_src_ACCEPT -i ztrtayn247 -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
COMMIT
# Completed on Mon Jul 31 16:49:05 2023
#===================== IPSET状态 =====================#
Name: localnetwork
Type: hash:net
Revision: 6
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 984
References: 2
Number of entries: 11
Name: common_ports
Type: bitmap:port
Revision: 3
Header: range 0-65535
Size in memory: 8232
References: 2
Number of entries: 31
Name: china_ip_route
Type: hash:net
Revision: 6
Header: family inet hashsize 4096 maxelem 1000000
Size in memory: 215780
References: 3
Number of entries: 8659
Name: china_ip_route_pass
Type: hash:net
Revision: 6
Header: family inet hashsize 1024 maxelem 1000000
Size in memory: 368
References: 2
Number of entries: 0
#===================== 路由表状态 =====================#
#IPv4
#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.1.1.1 0.0.0.0 UG 0 0 0 br-lan
10.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
172.30.0.0 0.0.0.0 255.255.0.0 U 0 0 0 ztrtayn247
198.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 utun
#ip route list
default via 10.1.1.1 dev br-lan proto static
10.1.1.0/24 dev br-lan proto kernel scope link src 10.1.1.100
172.30.0.0/16 dev ztrtayn247 proto kernel scope link src 172.30.0.10
198.18.0.0/16 dev utun proto kernel scope link src 198.18.0.1
#ip rule show
0: from all lookup local
32765: from all fwmark 0x162 lookup 354
32766: from all lookup main
32767: from all lookup default
#IPv6
#route -A inet6
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
fd47:5311:e942::/64 :: U 1024 1 0 br-lan
fd47:5311:e942::/48 :: !n 2147483647 2 0 lo
fe80::/64 :: U 256 1 0 br-lan
fe80::/64 :: U 256 1 0 ztrtayn247
fe80::/64 :: U 256 1 0 utun
::/0 :: !n -1 1 0 lo
::1/128 :: Un 0 6 0 lo
fd47:5311:e942::/128 :: Un 0 3 0 br-lan
fd47:5311:e942::1/128 :: Un 0 3 0 br-lan
fe80::/128 :: Un 0 3 0 br-lan
fe80::/128 :: Un 0 3 0 ztrtayn247
fe80::/128 :: Un 0 3 0 utun
fe80::a00:27ff:fee4:874e/128 :: Un 0 5 0 br-lan
fe80::46e5:cf37:d2a2:c9/128 :: Un 0 2 0 utun
fe80::e054:83ff:fefb:e103/128 :: Un 0 2 0 ztrtayn247
ff00::/8 :: U 256 5 0 br-lan
ff00::/8 :: U 256 1 0 ztrtayn247
ff00::/8 :: U 256 1 0 utun
::/0 :: !n -1 1 0 lo
#ip -6 route list
fd47:5311:e942::/64 dev br-lan proto static metric 1024 pref medium
unreachable fd47:5311:e942::/48 dev lo proto static metric 2147483647 pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium
fe80::/64 dev ztrtayn247 proto kernel metric 256 pref medium
fe80::/64 dev utun proto kernel metric 256 pref medium
#ip -6 rule show
0: from all lookup local
32766: from all lookup main
4200000001: from all iif lo failed_policy
4200000003: from all iif br-lan failed_policy
4200000004: from all iif ztrtayn247 failed_policy
#===================== Tun设备状态 =====================#
ztrtayn247: tap
utun: tun pi filter0x100
#===================== 端口占用状态 =====================#
tcp 0 0 198.18.0.1:7777 0.0.0.0:* LISTEN 5025/clash
tcp 0 0 :::7890 :::* LISTEN 5025/clash
tcp 0 0 :::7891 :::* LISTEN 5025/clash
tcp 0 0 :::7892 :::* LISTEN 5025/clash
tcp 0 0 :::7893 :::* LISTEN 5025/clash
tcp 0 0 :::7895 :::* LISTEN 5025/clash
tcp 0 0 :::9090 :::* LISTEN 5025/clash
udp 0 0 :::7891 :::* 5025/clash
udp 0 0 :::7892 :::* 5025/clash
udp 0 0 :::7893 :::* 5025/clash
udp 0 0 :::7895 :::* 5025/clash
udp 0 0 :::59660 :::* 5025/clash
udp 0 0 :::50710 :::* 5025/clash
udp 0 0 :::34468 :::* 5025/clash
udp 0 0 :::7874 :::* 5025/clash
#===================== 测试本机DNS查询(www.baidu.com) =====================#
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: www.baidu.com
www.baidu.com canonical name = www.a.shifen.com
Name: www.a.shifen.com
www.a.shifen.com canonical name = www.wshifen.com
Name: www.wshifen.com
Address 1: 183.232.231.172
Address 2: 183.232.231.173
www.baidu.com canonical name = www.a.shifen.com
www.a.shifen.com canonical name = www.wshifen.com
#===================== 测试内核DNS查询(www.instagram.com) =====================#
Status: 0
TC: false
RD: true
RA: true
AD: false
CD: false
Question:
Name: www.instagram.com.
Qtype: 1
Qclass: 1
Answer:
TTL: 3571
data: geo-p42.instagram.com.
name: www.instagram.com.
type: 5
TTL: 3571
data: z-p42-instagram.c10r.instagram.com.
name: geo-p42.instagram.com.
type: 5
TTL: 31
data: 157.240.22.174
name: z-p42-instagram.c10r.instagram.com.
type: 1
Dnsmasq 当前默认 resolv 文件:/tmp/resolv.conf.d/resolv.conf.auto
#===================== /tmp/resolv.conf.d/resolv.conf.auto =====================#
# Interface lan
nameserver 1.1.1.1
#===================== 测试本机网络连接(www.baidu.com) =====================#
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Mon, 31 Jul 2023 08:49:06 GMT
Etag: "575e1f6f-115"
Last-Modified: Mon, 13 Jun 2016 02:50:23 GMT
Pragma: no-cache
Server: bfe/1.0.8.18
#===================== 测试本机网络下载(raw.githubusercontent.com) =====================#
HTTP/2 200
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: "164887e509f49d611b745c94926c1e59df6802fc9db3bd2060f2c471fe51246c"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 520C:1EBC:81C8D:97D88:64C1AAFC
accept-ranges: bytes
date: Mon, 31 Jul 2023 08:49:07 GMT
via: 1.1 varnish
x-served-by: cache-hkg17923-HKG
x-cache: HIT
x-cache-hits: 2
x-timer: S1690793348.951987,VS0,VE0
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 3679e557304ee0a56fd01aa3e1b06b9427fbdac1
expires: Mon, 31 Jul 2023 08:54:07 GMT
source-age: 85
content-length: 83
#===================== 最近运行日志(自动切换为Debug模式) =====================#
08:49:12 DBG [TCP] accept connection lAddr=10.1.1.123:55500 rAddr=wot.360.cn:443 inbound=Socks5
08:49:12 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=wot.360.cn. answer=["180.163.237.143"]
08:49:12 INF [TCP] connected lAddr=10.1.1.123:55500 rAddr=wot.360.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:12 INF [TCP] connected lAddr=10.1.1.123:55488 rAddr=api-v3.speedtest.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:12 DBG [TCP] accept connection lAddr=10.1.1.123:55501 rAddr=wot.360.cn:443 inbound=Socks5
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55501 rAddr=wot.360.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55502 rAddr=wot.360.cn:443 inbound=Socks5
08:49:13 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=wot.360.cn. answer=["180.163.237.143"]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55503 rAddr=www.le.com:443 inbound=Socks5
08:49:13 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.le.com. answer=["118.112.229.100","118.112.229.214"]
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55503 rAddr=www.le.com:443 mode=rule rule=DomainSuffix(le.com) proxy=🎯 全球直连[DIRECT]
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55502 rAddr=wot.360.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55504 rAddr=www.yjwujian.cn:443 inbound=Socks5
08:49:13 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.yjwujian.cn. answer=["59.111.137.212","42.186.122.69"]
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55504 rAddr=www.yjwujian.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55505 rAddr=poe.com:443 inbound=Socks5
08:49:13 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=yd-06.paofunlink.com. answer=["153.99.181.107"]
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55505 rAddr=poe.com:443 mode=rule rule=DomainSuffix(poe.com) proxy=🚀 节点选择[🇭🇰 [v1] 香港・06]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55507 rAddr=www.inke.cn:443 inbound=Socks5
08:49:13 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.inke.cn. answer=["59.110.145.235"]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55508 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55507 rAddr=www.inke.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55509 rAddr=www.le.com:443 inbound=Socks5
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55509 rAddr=www.le.com:443 mode=rule rule=DomainSuffix(le.com) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55510 rAddr=www.inke.cn:443 inbound=Socks5
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55510 rAddr=www.inke.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55511 rAddr=www.le.com:443 inbound=Socks5
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55511 rAddr=www.le.com:443 mode=rule rule=DomainSuffix(le.com) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55512 rAddr=www.inke.cn:443 inbound=Socks5
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55512 rAddr=www.inke.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55513 rAddr=psc2.cf2.poecdn.net:443 inbound=Socks5
08:49:14 DBG [DNS] dns response source=https://1.1.1.1/dns-query qType=A name=666.xyffvip.com. answer=[]
08:49:14 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:14 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55514 rAddr=www.huajiao.com:443 inbound=Socks5
08:49:14 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.huajiao.com. answer=["106.120.160.203"]
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55514 rAddr=www.huajiao.com:443 mode=rule rule=DomainSuffix(huajiao.com) proxy=🎯 全球直连[DIRECT]
08:49:14 DBG [DNS] dns response source=https://1.1.1.1/dns-query qType=A name=psc2.cf2.poecdn.net. answer=["162.159.153.247","162.159.152.17"]
08:49:14 DBG [Matcher] resolve success host=psc2.cf2.poecdn.net ip=162.159.153.247
08:49:14 DBG [Matcher] find process failed error=process not found addr=psc2.cf2.poecdn.net
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55508 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55513 rAddr=psc2.cf2.poecdn.net:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55515 rAddr=psc2.cf2.poecdn.net:443 inbound=Socks5
08:49:14 DBG [Matcher] resolve success host=psc2.cf2.poecdn.net ip=162.159.152.17
08:49:14 DBG [Matcher] find process failed error=process not found addr=psc2.cf2.poecdn.net
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55516 rAddr=www.pptv.com:443 inbound=Socks5
08:49:14 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.pptv.com. answer=["219.151.137.140","60.188.67.206","183.66.104.8","183.66.104.51","106.126.10.128","123.184.26.237","58.221.30.231"]
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55515 rAddr=psc2.cf2.poecdn.net:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55516 rAddr=www.pptv.com:443 mode=rule rule=DomainSuffix(pptv.com) proxy=🎯 全球直连[DIRECT]
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55517 rAddr=psc2.cf2.poecdn.net:443 inbound=Socks5
08:49:14 DBG [Matcher] resolve success host=psc2.cf2.poecdn.net ip=162.159.153.247
08:49:14 DBG [Matcher] find process failed error=process not found addr=psc2.cf2.poecdn.net
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55517 rAddr=psc2.cf2.poecdn.net:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55518 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:14 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:14 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55518 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55521 rAddr=www.pptv.com:443 inbound=Socks5
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55521 rAddr=www.pptv.com:443 mode=rule rule=DomainSuffix(pptv.com) proxy=🎯 全球直连[DIRECT]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55522 rAddr=taobaolive.taobao.com:443 inbound=Socks5
08:49:15 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=taobaolive.taobao.com. answer=["203.119.169.80"]
08:49:15 INF [TCP] connected lAddr=10.1.1.123:55522 rAddr=taobaolive.taobao.com:443 mode=rule rule=DomainSuffix(taobao.com) proxy=🎯 全球直连[DIRECT]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55523 rAddr=www.pptv.com:443 inbound=Socks5
08:49:15 INF [TCP] connected lAddr=10.1.1.123:55523 rAddr=www.pptv.com:443 mode=rule rule=DomainSuffix(pptv.com) proxy=🎯 全球直连[DIRECT]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55524 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:15 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:15 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:15 INF [TCP] connected lAddr=10.1.1.123:55524 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55525 rAddr=www.acfun.cn:443 inbound=Socks5
08:49:15 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.acfun.cn. answer=["118.112.226.241","118.112.226.242","118.112.226.243","118.112.226.244","118.112.226.248","118.112.226.238","118.112.226.239","118.112.226.240"]
08:49:15 INF [TCP] connected lAddr=10.1.1.123:55525 rAddr=www.acfun.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55526 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:15 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:15 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:15 INF [TCP] connected lAddr=10.1.1.123:55526 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55527 rAddr=www.fun.tv:443 inbound=Socks5
08:49:15 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.fun.tv. answer=["118.193.104.9","118.193.104.10"]
08:49:15 DBG [Matcher] resolve success host=www.fun.tv ip=118.193.104.9
08:49:16 INF [TCP] connected lAddr=10.1.1.123:55527 rAddr=www.fun.tv:443 mode=rule rule=GeoIP(CN) proxy=🎯 全球直连[DIRECT]
08:49:16 DBG [TCP] accept connection lAddr=10.1.1.123:55528 rAddr=www.fun.tv:443 inbound=Socks5
08:49:16 DBG [Matcher] resolve success host=www.fun.tv ip=118.193.104.9
08:49:16 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.fun.tv. answer=["118.193.104.9","118.193.104.10"]
08:49:16 INF [TCP] connected lAddr=10.1.1.123:55528 rAddr=www.fun.tv:443 mode=rule rule=GeoIP(CN) proxy=🎯 全球直连[DIRECT]
08:49:16 DBG [TCP] accept connection lAddr=10.1.1.123:55529 rAddr=www.fun.tv:443 inbound=Socks5
08:49:16 DBG [Matcher] resolve success host=www.fun.tv ip=118.193.104.10
08:49:16 INF [TCP] connected lAddr=10.1.1.123:55529 rAddr=www.fun.tv:443 mode=rule rule=GeoIP(CN) proxy=🎯 全球直连[DIRECT]
08:49:16 DBG [TCP] accept connection lAddr=10.1.1.123:55530 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:16 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:16 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:16 DBG [TCP] accept connection lAddr=10.1.1.123:55531 rAddr=www.ixigua.com:443 inbound=Socks5
08:49:16 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.ixigua.com. answer=["125.72.109.180","125.72.109.181","125.72.109.175","125.72.109.184","125.72.109.177","119.96.67.149","119.96.67.125","125.72.124.80","110.167.255.102","125.72.124.67","125.72.124.70","125.72.124.79","125.72.124.78","125.72.124.77","125.72.124.76","119.96.67.153"]
08:49:16 INF [TCP] connected lAddr=10.1.1.123:55531 rAddr=www.ixigua.com:443 mode=rule rule=DomainSuffix(ixigua.com) proxy=🎯 全球直连[DIRECT]
08:49:16 INF [TCP] connected lAddr=10.1.1.123:55530 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:17 DBG [TCP] accept connection lAddr=10.1.1.123:55532 rAddr=haokan.baidu.com:443 inbound=Socks5
08:49:17 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=haokan.baidu.com. answer=["14.215.178.121"]
08:49:17 INF [TCP] connected lAddr=10.1.1.123:55532 rAddr=haokan.baidu.com:443 mode=rule rule=DomainSuffix(baidu.com) proxy=🎯 全球直连[DIRECT]
08:49:17 DBG [TCP] accept connection lAddr=10.1.1.123:55535 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:17 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:17 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:17 INF [TCP] connected lAddr=10.1.1.123:55535 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
#===================== 最近运行日志获取完成(自动切换为silent模式) =====================#
#===================== 活动连接信息 =====================#
1. SourceIP:【10.1.1.123】 - Host:【psc2.cf2.poecdn.net】 - DestinationIP:【162.159.153.247】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【🇭🇰 [v1] 香港・06】
2. SourceIP:【10.1.1.123】 - Host:【www.tudou.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【tudou.com】 - Lastchain:【DIRECT】
3. SourceIP:【10.1.1.123】 - Host:【api-v3.speedtest.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
4. SourceIP:【10.1.1.123】 - Host:【psc2.cf2.poecdn.net】 - DestinationIP:【162.159.153.247】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【🇭🇰 [v1] 香港・06】
5. SourceIP:【10.1.1.123】 - Host:【www.huajiao.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【huajiao.com】 - Lastchain:【DIRECT】
6. SourceIP:【198.18.0.1】 - Host:【Empty】 - DestinationIP:【50.7.252.138】 - Network:【udp】 - RulePayload:【】 - Lastchain:【DIRECT】
7. SourceIP:【10.1.1.123】 - Host:【api-v3.speedtest.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
8. SourceIP:【10.1.1.123】 - Host:【www.ixigua.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【ixigua.com】 - Lastchain:【DIRECT】
9. SourceIP:【10.1.1.123】 - Host:【haokan.baidu.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【baidu.com】 - Lastchain:【DIRECT】
10. SourceIP:【10.1.1.123】 - Host:【www.yjwujian.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
11. SourceIP:【10.1.1.123】 - Host:【tch159176.tch.poe.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【poe.com】 - Lastchain:【🇭🇰 [v1] 香港・06】
12. SourceIP:【10.1.1.123】 - Host:【api-v3.speedtest.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
13. SourceIP:【10.1.1.123】 - Host:【poe.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【poe.com】 - Lastchain:【🇭🇰 [v1] 香港・06】
14. SourceIP:【10.1.1.123】 - Host:【666.xyffvip.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【🇭🇰 [v1] 香港・06】
15. SourceIP:【10.1.1.123】 - Host:【api-v3.speedtest.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
16. SourceIP:【198.18.0.1】 - Host:【Empty】 - DestinationIP:【50.7.252.138】 - Network:【udp】 - RulePayload:【】 - Lastchain:【DIRECT】
17. SourceIP:【10.1.1.123】 - Host:【www.acfun.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
18. SourceIP:【10.1.1.123】 - Host:【api-v3.speedtest.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
19. SourceIP:【10.1.1.123】 - Host:【now.qq.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【qq.com】 - Lastchain:【DIRECT】
20. SourceIP:【10.1.1.123】 - Host:【taobaolive.taobao.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【taobao.com】 - Lastchain:【DIRECT】
21. SourceIP:【10.1.1.123】 - Host:【www.yizhibo.com】 - DestinationIP:【47.95.178.140】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
22. SourceIP:【10.1.1.123】 - Host:【mtalk.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【mtalk.google.com】 - Lastchain:【DIRECT】
23. SourceIP:【10.1.1.123】 - Host:【firestore.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇭🇰 [v1] 香港・06】
24. SourceIP:【10.1.1.123】 - Host:【tv.sohu.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【sohu.com】 - Lastchain:【DIRECT】
25. SourceIP:【198.18.0.1】 - Host:【Empty】 - DestinationIP:【84.17.53.155】 - Network:【udp】 - RulePayload:【】 - Lastchain:【DIRECT】
vernesong
github-actions[bot]
Verify Steps
OpenClash Version
v0.45.129-beta
Bug on Environment
Official OpenWrt
Bug on Platform
Linux-386
To Reproduce
在勾选《实验性:绕过中国大陆 IP》时,尝试切换以下配置的组合,都无法成功实现功能:
Describe the Bug
《实验性:绕过中国大陆 IP》功能失效,开启这个功能功能后,国内流量还是会经过内核转发,成为网速的瓶颈
OpenClash Log
OpenClash 调试日志
生成时间: 2023-07-31 16:49:02 插件版本: v0.45.129-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息