vernesong / OpenClash

A Clash Client For OpenWrt
MIT License
17.44k stars 3.18k forks source link

[Bug] 绕过大陆IP功能失效 #3430

Closed gu0o00 closed 1 year ago

gu0o00 commented 1 year ago

Verify Steps

OpenClash Version

v0.45.129-beta

Bug on Environment

Official OpenWrt

Bug on Platform

Linux-386

To Reproduce

在勾选《实验性:绕过中国大陆 IP》时,尝试切换以下配置的组合,都无法成功实现功能:

Describe the Bug

《实验性:绕过中国大陆 IP》功能失效,开启这个功能功能后,国内流量还是会经过内核转发,成为网速的瓶颈

OpenClash Log

OpenClash 调试日志

生成时间: 2023-07-31 16:49:02 插件版本: v0.45.129-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息



#===================== 系统信息 =====================#

主机型号: innotek GmbH VirtualBox
固件版本: OpenWrt 21.02.2 r16495-bf0c965af0
LuCI版本: git-20.074.84698-ead5e81
内核版本: 5.4.179
处理器架构: i386_pentium4

#此项有值时,如不使用IPv6,建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: 

DNS劫持: 停用
#DNS劫持为Dnsmasq时,此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 

#===================== 依赖检查 =====================#

dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
ruby-psych: 已安装
ruby-pstore: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci >= 19.07): 已安装
kmod-inet-diag(PROCESS-NAME): 未安装
unzip: 已安装
iptables-mod-tproxy: 已安装
kmod-ipt-tproxy: 已安装
iptables-mod-extra: 已安装
kmod-ipt-extra: 已安装
kmod-ipt-nat: 已安装

#===================== 内核检查 =====================#

运行状态: 运行中
运行内核:TUN
进程pid: 5025
运行权限: 5025: cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_ptrace,cap_sys_resource=eip
运行用户: nobody
已选择的架构: linux-386

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 2023.06.30
Tun内核文件: 存在
Tun内核运行权限: 正常

Dev内核版本: v1.17.0
Dev内核文件: 存在
Dev内核运行权限: 正常

Meta内核版本: alpha-g0b1aff5
Meta内核文件: 存在
Meta内核运行权限: 正常

#===================== 插件设置 =====================#

当前配置文件: /etc/openclash/config/paofu.yaml
启动配置文件: /etc/openclash/paofu.yaml
运行模式: redir-host-tun
默认代理模式: rule
UDP流量转发(tproxy): 停用
自定义DNS: 启用
IPV6代理: 停用
IPV6-DNS解析: 启用
禁用Dnsmasq缓存: 启用
自定义规则: 启用
仅允许内网: 启用
仅代理命中规则流量: 启用
仅允许常用端口流量: 停用
绕过中国大陆IP: 启用
路由本机代理: 启用

#启动异常时建议关闭此项后重试
混合节点: 停用
保留配置: 停用

#启动异常时建议关闭此项后重试
第三方规则: 停用

### OpenClash Config

_No response_

### Expected Behavior

希望可以正确处理国内流量,访问国内网站时使流量不经过内核

### Screenshots

通过speedtest.cn测速发现,国内流量经过内核
![image](https://github.com/vernesong/OpenClash/assets/7512488/cbb4738c-0fa4-4aeb-9286-3b39688b4230)

clash配置文件目录内容如下:
![image](https://github.com/vernesong/OpenClash/assets/7512488/b751d706-bde8-4077-9a28-ea4fab1f0752)

可以看到speedtest使用IP:125.74.203.18是在ipset中的
![image](https://github.com/vernesong/OpenClash/assets/7512488/c4766d92-9e67-4508-8977-b1657236f025)
gu0o00 commented 1 year ago
#===================== 自定义规则 一 =====================#
script:

rules:
- DOMAIN-SUFFIX,gwdang.com,DIRECT
- "DOMAIN-SUFFIX,steamcontent.com,🚀 节点选择"
- "DOMAIN-SUFFIX,steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,steamstatic.com,🚀 节点选择"
- "DOMAIN-SUFFIX,steam-chat.com,🚀 节点选择"
- "DOMAIN-SUFFIX,steamcdn-a.akamaihd.net,🚀 节点选择"
- "DOMAIN-SUFFIX,cdn.akamai.steamstatic.com,🚀 节点选择"
- "DOMAIN-SUFFIX,community.akamai.steamstatic.com,🚀 节点选择"
- "DOMAIN-SUFFIX,avatars.akamai.steamstatic.com,🚀 节点选择"
- "DOMAIN-SUFFIX,community.steamstatic.com,🚀 节点选择"
- "DOMAIN-SUFFIX,media.steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,store.steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,api.steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,help.steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,login.steampowered.com,🚀 节点选择"
- "DOMAIN-SUFFIX,steamcommunity.com,🚀 节点选择"
- "DOMAIN-SUFFIX,www.steamcommunity.com,🚀 节点选择"
- "DOMAIN-SUFFIX,playstation.net,🚀 节点选择"
- "DOMAIN-SUFFIX,playstation.com,🚀 节点选择"

##在线IP段转CIDR地址:http://ip2cidr.com
#===================== 自定义规则 二 =====================#
script:

rules:

#===================== 配置文件 =====================#

port: 7890
socks-port: 7891
allow-lan: true
mode: rule
log-level: silent
external-controller: 0.0.0.0:9090
proxy-groups:
- name: "\U0001F680 节点选择"
  type: select
  proxies:
  - "\U0001F1ED\U0001F1F0 香港节点"
  - "\U0001F1F9\U0001F1FC 台湾节点"
  - "\U0001F1F8\U0001F1EC 新加坡节点"
  - "\U0001F1EF\U0001F1F5 日本节点"
  - "\U0001F1FA\U0001F1F2 美国节点"
  - "\U0001F1F0\U0001F1F7 韩国节点"
  - DIRECT
- name: "\U0001F4F2 Telegram"
  type: select
  proxies:
  - "\U0001F680 节点选择"
  - DIRECT
  - "\U0001F1F8\U0001F1EC 新加坡节点"
  - "\U0001F1ED\U0001F1F0 香港节点"
  - "\U0001F1F9\U0001F1FC 台湾节点"
  - "\U0001F1EF\U0001F1F5 日本节点"
  - "\U0001F1FA\U0001F1F2 美国节点"
  - "\U0001F1F0\U0001F1F7 韩国节点"

- name: "\U0001F4F9 Youtube"
  type: select
  proxies:
  - "\U0001F680 节点选择"
  - DIRECT
  - "\U0001F1F8\U0001F1EC 新加坡节点"
  - "\U0001F1ED\U0001F1F0 香港节点"
  - "\U0001F1F9\U0001F1FC 台湾节点"
  - "\U0001F1EF\U0001F1F5 日本节点"
  - "\U0001F1FA\U0001F1F2 美国节点"
  - "\U0001F1F0\U0001F1F7 韩国节点"

- name: "\U0001F3A5 Netflix"
  type: select
  proxies:
  - "\U0001F680 节点选择"
  - DIRECT

- name: "\U0001F4FA 動畫瘋"
  type: select
  proxies:
  - "\U0001F1F9\U0001F1FC 台湾节点"
  - "\U0001F680 节点选择"
  - DIRECT

- name: "\U0001F4FA 哔哩哔哩"
  type: select
  proxies:
  - "\U0001F3AF 全球直连"
  - "\U0001F1F9\U0001F1FC 台湾节点"
  - "\U0001F1ED\U0001F1F0 香港节点"

- name: "\U0001F30D 国外媒体"
  type: select
  proxies:
  - "\U0001F680 节点选择"
  - DIRECT
  - "\U0001F1ED\U0001F1F0 香港节点"
  - "\U0001F1F9\U0001F1FC 台湾节点"
  - "\U0001F1F8\U0001F1EC 新加坡节点"
  - "\U0001F1EF\U0001F1F5 日本节点"
  - "\U0001F1FA\U0001F1F2 美国节点"
  - "\U0001F1F0\U0001F1F7 韩国节点"

- name: "\U0001F30F 国内媒体"
  type: select
  proxies:
  - DIRECT
  - "\U0001F680 节点选择"

- name: "\U0001F4E2 谷歌FCM"
  type: select
  proxies:
  - DIRECT
  - "\U0001F680 节点选择"

- name: Ⓜ️ 微软云盘
  type: select
  proxies:
  - DIRECT
  - "\U0001F680 节点选择"
  - "\U0001F1FA\U0001F1F2 美国节点"
  - "\U0001F1ED\U0001F1F0 香港节点"
  - "\U0001F1F9\U0001F1FC 台湾节点"
  - "\U0001F1F8\U0001F1EC 新加坡节点"
  - "\U0001F1EF\U0001F1F5 日本节点"
  - "\U0001F1F0\U0001F1F7 韩国节点"

- name: "\U0001F34E 苹果服务"
  type: select
  proxies:
  - DIRECT
  - "\U0001F680 节点选择"
  - "\U0001F1FA\U0001F1F2 美国节点"
  - "\U0001F1ED\U0001F1F0 香港节点"
  - "\U0001F1F9\U0001F1FC 台湾节点"
  - "\U0001F1F8\U0001F1EC 新加坡节点"
  - "\U0001F1EF\U0001F1F5 日本节点"
  - "\U0001F1F0\U0001F1F7 韩国节点"

- name: "\U0001F3AE 游戏平台"
  type: select
  proxies:
  - DIRECT
  - "\U0001F680 节点选择"
  - "\U0001F1FA\U0001F1F2 美国节点"
  - "\U0001F1ED\U0001F1F0 香港节点"
  - "\U0001F1F9\U0001F1FC 台湾节点"
  - "\U0001F1F8\U0001F1EC 新加坡节点"
  - "\U0001F1EF\U0001F1F5 日本节点"
  - "\U0001F1F0\U0001F1F7 韩国节点"

- name: "\U0001F3B6 网易音乐"
  type: select
  proxies:
  - DIRECT
  - "\U0001F680 节点选择"

- name: "\U0001F3AF 全球直连"
  type: select
  proxies:
  - DIRECT
  - "\U0001F680 节点选择"

- name: "\U0001F6D1 广告拦截"
  type: select
  proxies:
  - REJECT
  - DIRECT
- name: "\U0001F343 应用净化"
  type: select
  proxies:
  - REJECT
  - DIRECT
- name: "\U0001F41F 漏网之鱼"
  type: select
  proxies:
  - "\U0001F680 节点选择"
  - DIRECT
  - "\U0001F1ED\U0001F1F0 香港节点"
  - "\U0001F1F9\U0001F1FC 台湾节点"
  - "\U0001F1F8\U0001F1EC 新加坡节点"
  - "\U0001F1EF\U0001F1F5 日本节点"
  - "\U0001F1FA\U0001F1F2 美国节点"
  - "\U0001F1F0\U0001F1F7 韩国节点"

- name: "\U0001F1ED\U0001F1F0 香港节点"
  type: url-test
  url: http://www.gstatic.com/generate_204
  interval: 300
  tolerance: 50
  proxies:
  - "\U0001F1ED\U0001F1F0 [v1] 香港・01"
  - "\U0001F1ED\U0001F1F0 [v1] 香港・02"
  - "\U0001F1ED\U0001F1F0 [v1] 香港・03"
  - "\U0001F1ED\U0001F1F0 [v1] 香港・04"
  - "\U0001F1ED\U0001F1F0 [v1] 香港・05"
  - "\U0001F1ED\U0001F1F0 [v1] 香港・06"
  - "\U0001F1ED\U0001F1F0 [v1] 香港・07"
  - "\U0001F1ED\U0001F1F0 [v1] 香港・08"
  - "\U0001F1ED\U0001F1F0 [v1] 香港・09"
  - "\U0001F1ED\U0001F1F0 [v1] 香港・10"
- name: "\U0001F1EF\U0001F1F5 日本节点"
  type: url-test
  url: http://www.gstatic.com/generate_204
  interval: 300
  tolerance: 50
  proxies:
  - "\U0001F1EF\U0001F1F5 [v1] 日本・01"
  - "\U0001F1EF\U0001F1F5 [v1] 日本・02"
  - "\U0001F1EF\U0001F1F5 [v1] 日本・03"
  - "\U0001F1EF\U0001F1F5 [v1] 日本・04"
  - "\U0001F1EF\U0001F1F5 [v1] 日本・05"
- name: "\U0001F1FA\U0001F1F2 美国节点"
  type: url-test
  url: http://www.gstatic.com/generate_204
  interval: 300
  tolerance: 150
  proxies:
  - "\U0001F1FA\U0001F1F8 [v1] 美国・01"
  - "\U0001F1FA\U0001F1F8 [v1] 美国・02"
  - "\U0001F1FA\U0001F1F8 [v1] 美国・03"
  - "\U0001F1FA\U0001F1F8 [v1] 美国・04"
  - "\U0001F1FA\U0001F1F8 [v1] 美国・05"
- name: "\U0001F1F9\U0001F1FC 台湾节点"
  type: url-test
  url: http://www.gstatic.com/generate_204
  interval: 300
  tolerance: 50
  proxies:
  - "\U0001F1E8\U0001F1F3 [v1] 台湾・01"
  - "\U0001F1E8\U0001F1F3 [v1] 台湾・02"
  - "\U0001F1E8\U0001F1F3 [v1] 台湾・03"
  - "\U0001F1E8\U0001F1F3 [v1] 台湾・04"
  - "\U0001F1E8\U0001F1F3 [v1] 台湾・05"
  - "\U0001F1E8\U0001F1F3 [v1] 台湾・06"
- name: "\U0001F1F8\U0001F1EC 新加坡节点"
  type: url-test
  url: http://www.gstatic.com/generate_204
  interval: 300
  tolerance: 50
  proxies:
  - "\U0001F1F8\U0001F1EC [v1] 新加坡・01"
  - "\U0001F1F8\U0001F1EC [v1] 新加坡・02"
  - "\U0001F1F8\U0001F1EC [v1] 新加坡・03"
  - "\U0001F1F8\U0001F1EC [v1] 新加坡・04"
  - "\U0001F1F8\U0001F1EC [v1] 新加坡・05"
- name: "\U0001F1F0\U0001F1F7 韩国节点"
  type: url-test
  url: http://www.gstatic.com/generate_204
  interval: 300
  tolerance: 50
  proxies:
  - DIRECT
rules:
- DST-PORT,7895,REJECT
- DST-PORT,7892,REJECT
- IP-CIDR,198.18.0.1/16,REJECT,no-resolve
- DOMAIN-SUFFIX,gwdang.com,DIRECT
- "DOMAIN-SUFFIX,steamcontent.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,steamstatic.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,steam-chat.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,steamcdn-a.akamaihd.net,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,cdn.akamai.steamstatic.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,community.akamai.steamstatic.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,avatars.akamai.steamstatic.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,community.steamstatic.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,media.steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,store.steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,api.steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,help.steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,login.steampowered.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,steamcommunity.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,www.steamcommunity.com,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,playstation.net,\U0001F680 节点选择"
- "DOMAIN-SUFFIX,playstation.com,\U0001F680 节点选择"
......
- "DOMAIN-SUFFIX,zhuihd.com,\U0001F3AF 全球直连"
- "IP-CIDR,8.128.0.0/10,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,8.208.0.0/12,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,14.1.112.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,41.222.240.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,41.223.119.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,43.242.168.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.112.212.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.52.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.56.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.74.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.76.0.0/14,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.80.0.0/12,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.235.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.236.0.0/14,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.240.0.0/14,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.244.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.246.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.250.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.252.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,47.254.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,59.82.0.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,59.82.240.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,59.82.248.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,72.254.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.38.56.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.52.76.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.206.40.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,110.76.21.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,110.76.23.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,112.125.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.251.64.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.38.208.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.38.224.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.42.224.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.95.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,140.205.1.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,140.205.122.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,147.139.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,149.129.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,155.102.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,161.117.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,163.181.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,170.33.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,198.11.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,205.204.96.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,19.28.0.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.40.192.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,49.51.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,62.234.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,94.191.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.7.28.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.116.50.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.231.60.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,109.244.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,111.30.128.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,111.30.136.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,111.30.139.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,111.30.140.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,115.159.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.28.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,120.88.56.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,121.51.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,129.28.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,129.204.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,129.211.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,132.232.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,134.175.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,146.56.192.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,148.70.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,150.109.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,152.136.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,162.14.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,162.62.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,170.106.130.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,182.254.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,188.131.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.195.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.205.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,210.4.138.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,211.152.128.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,211.152.132.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,211.152.148.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,212.64.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,212.129.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.113.192.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,63.217.23.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,63.243.252.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.235.44.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,104.193.88.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,106.12.0.0/15,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,114.28.224.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.63.192.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,180.76.0.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,180.76.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,182.61.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,185.10.104.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,202.46.48.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.90.238.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,43.254.0.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.249.212.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,49.4.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,78.101.192.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,78.101.224.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,81.52.161.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,85.97.220.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.31.200.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.69.140.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.218.216.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,114.115.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,114.116.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.63.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.66.184.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.96.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.128.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.136.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.141.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.142.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.243.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.244.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,116.71.251.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,117.78.0.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.3.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.8.0.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,119.8.32.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,121.36.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,121.36.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,121.37.0.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,122.112.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.0.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.64.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.100.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.104.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.112.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.192.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.224.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.240.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.9.248.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.128.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.160.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.164.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.168.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.176.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,139.159.192.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.0.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.64.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.79.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.80.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.96.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.112.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.125.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.192.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.223.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,159.138.224.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,168.195.92.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,185.176.76.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.199.0.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.210.163.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.252.1.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.252.2.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.252.4.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,197.252.8.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,200.32.52.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,200.32.54.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,200.32.57.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.0.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.4.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.8.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.11.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.13.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.20.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.22.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.24.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.26.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.29.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.33.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.38.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.40.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.43.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.48.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,203.135.50.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,42.186.0.0/16,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.127.128.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.195.24.0/24,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.253.132.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.253.240.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,45.254.48.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,59.111.0.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,59.111.128.0/17,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.71.120.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.71.128.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.71.196.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.71.200.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.12.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.18.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.24.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.28.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.38.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.40.0/23,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.44.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.48.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.72.128.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.74.24.0/21,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.74.48.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.126.92.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.129.252.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.131.252.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.135.240.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,103.196.64.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,106.2.32.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,106.2.64.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,114.113.196.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,114.113.200.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,115.236.112.0/20,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,115.238.76.0/22,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,123.58.160.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,223.252.192.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,101.198.128.0/18,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,101.198.192.0/19,\U0001F3AF 全球直连,no-resolve"
- "IP-CIDR,101.199.196.0/22,\U0001F3AF 全球直连,no-resolve"
- "DOMAIN-SUFFIX,smtp,\U0001F3AF 全球直连"
- "DOMAIN-KEYWORD,aria2,\U0001F3AF 全球直连"
- "GEOIP,CN,\U0001F3AF 全球直连"
- PROCESS-NAME,aria2c,DIRECT
- PROCESS-NAME,BitComet,DIRECT
- PROCESS-NAME,fdm,DIRECT
- PROCESS-NAME,NetTransport,DIRECT
- PROCESS-NAME,qbittorrent,DIRECT
- PROCESS-NAME,Thunder,DIRECT
- PROCESS-NAME,transmission-daemon,DIRECT
- PROCESS-NAME,transmission-qt,DIRECT
- PROCESS-NAME,uTorrent,DIRECT
- PROCESS-NAME,WebTorrent,DIRECT
- PROCESS-NAME,Folx,DIRECT
- PROCESS-NAME,Transmission,DIRECT
- PROCESS-NAME,transmission,DIRECT
- PROCESS-NAME,WebTorrent Helper,DIRECT
- PROCESS-NAME,v2ray,DIRECT
- PROCESS-NAME,ss-local,DIRECT
- PROCESS-NAME,ssr-local,DIRECT
- PROCESS-NAME,ss-redir,DIRECT
- PROCESS-NAME,ssr-redir,DIRECT
- PROCESS-NAME,ss-server,DIRECT
- PROCESS-NAME,trojan-go,DIRECT
- PROCESS-NAME,xray,DIRECT
- PROCESS-NAME,hysteria,DIRECT
- PROCESS-NAME,UUBooster,DIRECT
- PROCESS-NAME,uugamebooster,DIRECT
- "DST-PORT,80,\U0001F41F 漏网之鱼"
- "DST-PORT,443,\U0001F41F 漏网之鱼"
- "DST-PORT,22,\U0001F41F 漏网之鱼"
- MATCH,DIRECT
redir-port: 7892
tproxy-port: 7895
mixed-port: 7893
bind-address: "*"
external-ui: "/usr/share/openclash/ui"
ipv6: false
dns:
  enable: true
  ipv6: true
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/16
  listen: 0.0.0.0:7874
  nameserver:
  - 119.29.29.29
  - 223.5.5.5
  - https://doh.pub/dns-query
  - https://dns.alidns.com/dns-query
  fallback:
  - https://dns.cloudflare.com/dns-query
  - https://1.1.1.1/dns-query
  - tls://1.1.1.1:853
  - tls://8.8.8.8:853
  fake-ip-filter:
  - "+.*"
experimental:
  sniff-tls-sni: true
tun:
  enable: true
  stack: system
  auto-route: false
  auto-detect-interface: false
  dns-hijack:
  - tcp://any:53
profile:
  store-selected: true
  store-fake-ip: true

#===================== 自定义覆写设置 =====================#

#!/bin/sh
. /usr/share/openclash/ruby.sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom overwrite scripts here, they will be take effict after the OpenClash own srcipts

LOG_OUT "Tip: Start Running Custom Overwrite Scripts..."
LOGTIME=$(echo $(date "+%Y-%m-%d %H:%M:%S"))
LOG_FILE="/tmp/openclash.log"
CONFIG_FILE="$1" #config path

#Simple Demo:
    #General Demo
    #1--config path
    #2--key name
    #3--value
    #ruby_edit "$CONFIG_FILE" "['redir-port']" "7892"
    #ruby_edit "$CONFIG_FILE" "['secret']" "123456"
    #ruby_edit "$CONFIG_FILE" "['dns']['enable']" "true"

    #Hash Demo
    #1--config path
    #2--key name
    #3--hash type value
    #ruby_edit "$CONFIG_FILE" "['experimental']" "{'sniff-tls-sni'=>true}"
    #ruby_edit "$CONFIG_FILE" "['sniffer']" "{'sniffing'=>['tls','http']}"

    #Array Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value
    #ruby_arr_insert "$CONFIG_FILE" "['dns']['nameserver']" "0" "114.114.114.114"

    #Array Add From Yaml File Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value file path
    #5--value key name in #4 file
    #ruby_arr_add_file "$CONFIG_FILE" "['dns']['fallback-filter']['ipcidr']" "0" "/etc/openclash/custom/openclash_custom_fallback_filter.yaml" "['fallback-filter']['ipcidr']"

#Ruby Script Demo:
    #ruby -ryaml -rYAML -I "/usr/share/openclash" -E UTF-8 -e "
    #   begin
    #      Value = YAML.load_file('$CONFIG_FILE');
    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Load File Failed,【' + e.message + '】';
    #   end;

        #General
    #   begin
    #   Thread.new{
    #      Value['redir-port']=7892;
    #      Value['tproxy-port']=7895;
    #      Value['port']=7890;
    #      Value['socks-port']=7891;
    #      Value['mixed-port']=7893;
    #   }.join;

    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Set General Failed,【' + e.message + '】';
    #   ensure
    #      File.open('$CONFIG_FILE','w') {|f| YAML.dump(Value, f)};
    #   end" 2>/dev/null >> $LOG_FILE

exit 0
#===================== 自定义防火墙设置 =====================#

#!/bin/sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom firewall rules here, they will be added after the end of the OpenClash iptables rules

LOG_OUT "Tip: Start Add Custom Firewall Rules..."

exit 0
#===================== IPTABLES 防火墙设置 =====================#

#IPv4 NAT chain

# Generated by iptables-save v1.8.7 on Mon Jul 31 16:49:05 2023
*nat
:PREROUTING ACCEPT [201:18890]
:INPUT ACCEPT [188:16935]
:OUTPUT ACCEPT [409:33275]
:POSTROUTING ACCEPT [409:33275]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:postrouting_zerotier_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:prerouting_zerotier_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
:zone_zerotier_postrouting - [0:0]
:zone_zerotier_prerouting - [0:0]
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_zerotier_prerouting
-A PREROUTING -i ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_prerouting
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_zerotier_postrouting
-A POSTROUTING -o ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_postrouting
-A zone_lan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_lan_prerouting -j MINIUPNPD
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -m comment --comment "!fw3" -j MASQUERADE
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
-A zone_zerotier_postrouting -m comment --comment "!fw3: Custom zerotier postrouting rule chain" -j postrouting_zerotier_rule
-A zone_zerotier_prerouting -m comment --comment "!fw3: Custom zerotier prerouting rule chain" -j prerouting_zerotier_rule
COMMIT
# Completed on Mon Jul 31 16:49:05 2023

#IPv4 Mangle chain

# Generated by iptables-save v1.8.7 on Mon Jul 31 16:49:05 2023
*mangle
:PREROUTING ACCEPT [374288:376378229]
:INPUT ACCEPT [374277:376376682]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [93491:351975714]
:POSTROUTING ACCEPT [93491:351975714]
:openclash - [0:0]
:openclash_dns_hijack - [0:0]
:openclash_output - [0:0]
:openclash_upnp - [0:0]
-A PREROUTING -j openclash
-A OUTPUT -j openclash_output
-A openclash -p udp -m udp --sport 500 -j RETURN
-A openclash -p udp -m udp --sport 68 -j RETURN
-A openclash -i utun -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -m set ! --match-set common_ports dst -j RETURN
-A openclash -m set --match-set china_ip_route dst -m set ! --match-set china_ip_route_pass dst -j RETURN
-A openclash -p udp -j openclash_upnp
-A openclash -j MARK --set-xmark 0x162/0xffffffff
-A openclash_output -p udp -m udp --sport 500 -j RETURN
-A openclash_output -p udp -m udp --sport 68 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -m owner ! --uid-owner 65534 -m set ! --match-set common_ports dst -j RETURN
-A openclash_output -m owner ! --uid-owner 65534 -m set --match-set china_ip_route dst -m set ! --match-set china_ip_route_pass dst -j RETURN
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -j MARK --set-xmark 0x162/0xffffffff
COMMIT
# Completed on Mon Jul 31 16:49:05 2023

#IPv4 Filter chain

# Generated by iptables-save v1.8.7 on Mon Jul 31 16:49:05 2023
*filter
:INPUT ACCEPT [110:5287]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [40:6350]
:MINIUPNPD - [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:forwarding_wan_rule - [0:0]
:forwarding_zerotier_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:input_wan_rule - [0:0]
:input_zerotier_rule - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:output_wan_rule - [0:0]
:output_zerotier_rule - [0:0]
:reject - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
:zone_wan_dest_ACCEPT - [0:0]
:zone_wan_dest_REJECT - [0:0]
:zone_wan_forward - [0:0]
:zone_wan_input - [0:0]
:zone_wan_output - [0:0]
:zone_wan_src_REJECT - [0:0]
:zone_zerotier_dest_ACCEPT - [0:0]
:zone_zerotier_forward - [0:0]
:zone_zerotier_input - [0:0]
:zone_zerotier_output - [0:0]
:zone_zerotier_src_ACCEPT - [0:0]
-A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
-A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_zerotier_input
-A INPUT -i ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_input
-A FORWARD -o utun -p udp -m udp --dport 443 -m comment --comment "OpenClash QUIC REJECT" -m set ! --match-set china_ip_route dst -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -o utun -m comment --comment "OpenClash TUN Forward" -j ACCEPT
-A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_zerotier_forward
-A FORWARD -i ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_forward
-A FORWARD -m comment --comment "!fw3" -j reject
-A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_zerotier_output
-A OUTPUT -o ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_output
-A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
-A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp-port-unreachable
-A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to wan forwarding policy" -j zone_wan_dest_ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to zerotier forwarding policy" -j zone_zerotier_dest_ACCEPT
-A zone_lan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_lan_forward -j MINIUPNPD
-A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
-A zone_lan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_lan_input -j MINIUPNPD
-A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
-A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
-A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_forward -m comment --comment "!fw3: Custom wan forwarding rule chain" -j forwarding_wan_rule
-A zone_wan_forward -p esp -m comment --comment "!fw3: Allow-IPSec-ESP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -p udp -m udp --dport 500 -m comment --comment "!fw3: Allow-ISAKMP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
-A zone_wan_input -m comment --comment "!fw3: Custom wan input rule chain" -j input_wan_rule
-A zone_wan_input -p udp -m udp --dport 68 -m comment --comment "!fw3: Allow-DHCP-Renew" -j ACCEPT
-A zone_wan_input -p icmp -m icmp --icmp-type 8 -m comment --comment "!fw3: Allow-Ping" -j ACCEPT
-A zone_wan_input -p igmp -m comment --comment "!fw3: Allow-IGMP" -j ACCEPT
-A zone_wan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_REJECT
-A zone_wan_output -m comment --comment "!fw3: Custom wan output rule chain" -j output_wan_rule
-A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
-A zone_zerotier_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_dest_ACCEPT -o ztrtayn247 -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_forward -m comment --comment "!fw3: Custom zerotier forwarding rule chain" -j forwarding_zerotier_rule
-A zone_zerotier_forward -m comment --comment "!fw3: Zone zerotier to lan forwarding policy" -j zone_lan_dest_ACCEPT
-A zone_zerotier_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_zerotier_forward -m comment --comment "!fw3" -j zone_zerotier_dest_ACCEPT
-A zone_zerotier_input -m comment --comment "!fw3: Custom zerotier input rule chain" -j input_zerotier_rule
-A zone_zerotier_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_zerotier_input -m comment --comment "!fw3" -j zone_zerotier_src_ACCEPT
-A zone_zerotier_output -m comment --comment "!fw3: Custom zerotier output rule chain" -j output_zerotier_rule
-A zone_zerotier_output -m comment --comment "!fw3" -j zone_zerotier_dest_ACCEPT
-A zone_zerotier_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_src_ACCEPT -i ztrtayn247 -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
COMMIT
# Completed on Mon Jul 31 16:49:05 2023

#IPv6 NAT chain

#IPv6 Mangle chain

# Generated by ip6tables-save v1.8.7 on Mon Jul 31 16:49:05 2023
*mangle
:PREROUTING ACCEPT [73:7974]
:INPUT ACCEPT [54:6150]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [222:86326]
:POSTROUTING ACCEPT [222:86326]
COMMIT
# Completed on Mon Jul 31 16:49:05 2023

#IPv6 Filter chain

# Generated by ip6tables-save v1.8.7 on Mon Jul 31 16:49:05 2023
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [4:304]
:MINIUPNPD - [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:forwarding_wan_rule - [0:0]
:forwarding_zerotier_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:input_wan_rule - [0:0]
:input_zerotier_rule - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:output_wan_rule - [0:0]
:output_zerotier_rule - [0:0]
:reject - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
:zone_wan_dest_ACCEPT - [0:0]
:zone_wan_dest_REJECT - [0:0]
:zone_wan_forward - [0:0]
:zone_wan_input - [0:0]
:zone_wan_output - [0:0]
:zone_wan_src_REJECT - [0:0]
:zone_zerotier_dest_ACCEPT - [0:0]
:zone_zerotier_forward - [0:0]
:zone_zerotier_input - [0:0]
:zone_zerotier_output - [0:0]
:zone_zerotier_src_ACCEPT - [0:0]
-A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
-A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_zerotier_input
-A INPUT -i ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_input
-A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_zerotier_forward
-A FORWARD -i ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_forward
-A FORWARD -m comment --comment "!fw3" -j reject
-A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_zerotier_output
-A OUTPUT -o ztrtayn247 -m comment --comment "!fw3" -j zone_zerotier_output
-A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
-A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp6-port-unreachable
-A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to wan forwarding policy" -j zone_wan_dest_ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to zerotier forwarding policy" -j zone_zerotier_dest_ACCEPT
-A zone_lan_forward -j MINIUPNPD
-A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
-A zone_lan_input -j MINIUPNPD
-A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
-A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
-A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_forward -m comment --comment "!fw3: Custom wan forwarding rule chain" -j forwarding_wan_rule
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 128 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 129 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 4/0 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 4/1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p esp -m comment --comment "!fw3: Allow-IPSec-ESP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -p udp -m udp --dport 500 -m comment --comment "!fw3: Allow-ISAKMP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
-A zone_wan_input -m comment --comment "!fw3: Custom wan input rule chain" -j input_wan_rule
-A zone_wan_input -s fc00::/6 -d fc00::/6 -p udp -m udp --dport 546 -m comment --comment "!fw3: Allow-DHCPv6" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 128 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 129 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 4/0 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 4/1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_REJECT
-A zone_wan_output -m comment --comment "!fw3: Custom wan output rule chain" -j output_wan_rule
-A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
-A zone_zerotier_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_dest_ACCEPT -o ztrtayn247 -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_forward -m comment --comment "!fw3: Custom zerotier forwarding rule chain" -j forwarding_zerotier_rule
-A zone_zerotier_forward -m comment --comment "!fw3: Zone zerotier to lan forwarding policy" -j zone_lan_dest_ACCEPT
-A zone_zerotier_forward -m comment --comment "!fw3" -j zone_zerotier_dest_ACCEPT
-A zone_zerotier_input -m comment --comment "!fw3: Custom zerotier input rule chain" -j input_zerotier_rule
-A zone_zerotier_input -m comment --comment "!fw3" -j zone_zerotier_src_ACCEPT
-A zone_zerotier_output -m comment --comment "!fw3: Custom zerotier output rule chain" -j output_zerotier_rule
-A zone_zerotier_output -m comment --comment "!fw3" -j zone_zerotier_dest_ACCEPT
-A zone_zerotier_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_zerotier_src_ACCEPT -i ztrtayn247 -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
COMMIT
# Completed on Mon Jul 31 16:49:05 2023

#===================== IPSET状态 =====================#

Name: localnetwork
Type: hash:net
Revision: 6
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 984
References: 2
Number of entries: 11

Name: common_ports
Type: bitmap:port
Revision: 3
Header: range 0-65535
Size in memory: 8232
References: 2
Number of entries: 31

Name: china_ip_route
Type: hash:net
Revision: 6
Header: family inet hashsize 4096 maxelem 1000000
Size in memory: 215780
References: 3
Number of entries: 8659

Name: china_ip_route_pass
Type: hash:net
Revision: 6
Header: family inet hashsize 1024 maxelem 1000000
Size in memory: 368
References: 2
Number of entries: 0

#===================== 路由表状态 =====================#

#IPv4

#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.1.1.1        0.0.0.0         UG    0      0        0 br-lan
10.1.1.0        0.0.0.0         255.255.255.0   U     0      0        0 br-lan
172.30.0.0      0.0.0.0         255.255.0.0     U     0      0        0 ztrtayn247
198.18.0.0      0.0.0.0         255.255.0.0     U     0      0        0 utun

#ip route list
default via 10.1.1.1 dev br-lan proto static 
10.1.1.0/24 dev br-lan proto kernel scope link src 10.1.1.100 
172.30.0.0/16 dev ztrtayn247 proto kernel scope link src 172.30.0.10 
198.18.0.0/16 dev utun proto kernel scope link src 198.18.0.1 

#ip rule show
0:  from all lookup local
32765:  from all fwmark 0x162 lookup 354
32766:  from all lookup main
32767:  from all lookup default

#IPv6

#route -A inet6
Kernel IPv6 routing table
Destination                                 Next Hop                                Flags Metric Ref    Use Iface
fd47:5311:e942::/64                         ::                                      U     1024   1        0 br-lan  
fd47:5311:e942::/48                         ::                                      !n    2147483647 2        0 lo      
fe80::/64                                   ::                                      U     256    1        0 br-lan  
fe80::/64                                   ::                                      U     256    1        0 ztrtayn247
fe80::/64                                   ::                                      U     256    1        0 utun    
::/0                                        ::                                      !n    -1     1        0 lo      
::1/128                                     ::                                      Un    0      6        0 lo      
fd47:5311:e942::/128                        ::                                      Un    0      3        0 br-lan  
fd47:5311:e942::1/128                       ::                                      Un    0      3        0 br-lan  
fe80::/128                                  ::                                      Un    0      3        0 br-lan  
fe80::/128                                  ::                                      Un    0      3        0 ztrtayn247
fe80::/128                                  ::                                      Un    0      3        0 utun    
fe80::a00:27ff:fee4:874e/128                ::                                      Un    0      5        0 br-lan  
fe80::46e5:cf37:d2a2:c9/128                 ::                                      Un    0      2        0 utun    
fe80::e054:83ff:fefb:e103/128               ::                                      Un    0      2        0 ztrtayn247
ff00::/8                                    ::                                      U     256    5        0 br-lan  
ff00::/8                                    ::                                      U     256    1        0 ztrtayn247
ff00::/8                                    ::                                      U     256    1        0 utun    
::/0                                        ::                                      !n    -1     1        0 lo      

#ip -6 route list
fd47:5311:e942::/64 dev br-lan proto static metric 1024 pref medium
unreachable fd47:5311:e942::/48 dev lo proto static metric 2147483647 pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium
fe80::/64 dev ztrtayn247 proto kernel metric 256 pref medium
fe80::/64 dev utun proto kernel metric 256 pref medium

#ip -6 rule show
0:  from all lookup local
32766:  from all lookup main
4200000001: from all iif lo failed_policy
4200000003: from all iif br-lan failed_policy
4200000004: from all iif ztrtayn247 failed_policy

#===================== Tun设备状态 =====================#

ztrtayn247: tap
utun: tun pi filter0x100

#===================== 端口占用状态 =====================#

tcp        0      0 198.18.0.1:7777         0.0.0.0:*               LISTEN      5025/clash
tcp        0      0 :::7890                 :::*                    LISTEN      5025/clash
tcp        0      0 :::7891                 :::*                    LISTEN      5025/clash
tcp        0      0 :::7892                 :::*                    LISTEN      5025/clash
tcp        0      0 :::7893                 :::*                    LISTEN      5025/clash
tcp        0      0 :::7895                 :::*                    LISTEN      5025/clash
tcp        0      0 :::9090                 :::*                    LISTEN      5025/clash
udp        0      0 :::7891                 :::*                                5025/clash
udp        0      0 :::7892                 :::*                                5025/clash
udp        0      0 :::7893                 :::*                                5025/clash
udp        0      0 :::7895                 :::*                                5025/clash
udp        0      0 :::59660                :::*                                5025/clash
udp        0      0 :::50710                :::*                                5025/clash
udp        0      0 :::34468                :::*                                5025/clash
udp        0      0 :::7874                 :::*                                5025/clash

#===================== 测试本机DNS查询(www.baidu.com) =====================#

Server:     127.0.0.1
Address:    127.0.0.1#53

Name:      www.baidu.com
www.baidu.com   canonical name = www.a.shifen.com
Name:      www.a.shifen.com
www.a.shifen.com    canonical name = www.wshifen.com
Name:      www.wshifen.com
Address 1: 183.232.231.172
Address 2: 183.232.231.173
www.baidu.com   canonical name = www.a.shifen.com
www.a.shifen.com    canonical name = www.wshifen.com

#===================== 测试内核DNS查询(www.instagram.com) =====================#

Status: 0
TC: false
RD: true
RA: true
AD: false
CD: false

Question: 
  Name: www.instagram.com.
  Qtype: 1
  Qclass: 1

Answer: 
  TTL: 3571
  data: geo-p42.instagram.com.
  name: www.instagram.com.
  type: 5

  TTL: 3571
  data: z-p42-instagram.c10r.instagram.com.
  name: geo-p42.instagram.com.
  type: 5

  TTL: 31
  data: 157.240.22.174
  name: z-p42-instagram.c10r.instagram.com.
  type: 1

Dnsmasq 当前默认 resolv 文件:/tmp/resolv.conf.d/resolv.conf.auto

#===================== /tmp/resolv.conf.d/resolv.conf.auto =====================#

# Interface lan
nameserver 1.1.1.1

#===================== 测试本机网络连接(www.baidu.com) =====================#

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Mon, 31 Jul 2023 08:49:06 GMT
Etag: "575e1f6f-115"
Last-Modified: Mon, 13 Jun 2016 02:50:23 GMT
Pragma: no-cache
Server: bfe/1.0.8.18

#===================== 测试本机网络下载(raw.githubusercontent.com) =====================#

HTTP/2 200 
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: "164887e509f49d611b745c94926c1e59df6802fc9db3bd2060f2c471fe51246c"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 520C:1EBC:81C8D:97D88:64C1AAFC
accept-ranges: bytes
date: Mon, 31 Jul 2023 08:49:07 GMT
via: 1.1 varnish
x-served-by: cache-hkg17923-HKG
x-cache: HIT
x-cache-hits: 2
x-timer: S1690793348.951987,VS0,VE0
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 3679e557304ee0a56fd01aa3e1b06b9427fbdac1
expires: Mon, 31 Jul 2023 08:54:07 GMT
source-age: 85
content-length: 83

#===================== 最近运行日志(自动切换为Debug模式) =====================#

08:49:12 DBG [TCP] accept connection lAddr=10.1.1.123:55500 rAddr=wot.360.cn:443 inbound=Socks5
08:49:12 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=wot.360.cn. answer=["180.163.237.143"]
08:49:12 INF [TCP] connected lAddr=10.1.1.123:55500 rAddr=wot.360.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:12 INF [TCP] connected lAddr=10.1.1.123:55488 rAddr=api-v3.speedtest.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:12 DBG [TCP] accept connection lAddr=10.1.1.123:55501 rAddr=wot.360.cn:443 inbound=Socks5
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55501 rAddr=wot.360.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55502 rAddr=wot.360.cn:443 inbound=Socks5
08:49:13 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=wot.360.cn. answer=["180.163.237.143"]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55503 rAddr=www.le.com:443 inbound=Socks5
08:49:13 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.le.com. answer=["118.112.229.100","118.112.229.214"]
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55503 rAddr=www.le.com:443 mode=rule rule=DomainSuffix(le.com) proxy=🎯 全球直连[DIRECT]
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55502 rAddr=wot.360.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55504 rAddr=www.yjwujian.cn:443 inbound=Socks5
08:49:13 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.yjwujian.cn. answer=["59.111.137.212","42.186.122.69"]
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55504 rAddr=www.yjwujian.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55505 rAddr=poe.com:443 inbound=Socks5
08:49:13 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=yd-06.paofunlink.com. answer=["153.99.181.107"]
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55505 rAddr=poe.com:443 mode=rule rule=DomainSuffix(poe.com) proxy=🚀 节点选择[🇭🇰 [v1] 香港・06]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55507 rAddr=www.inke.cn:443 inbound=Socks5
08:49:13 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.inke.cn. answer=["59.110.145.235"]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55508 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55507 rAddr=www.inke.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55509 rAddr=www.le.com:443 inbound=Socks5
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55509 rAddr=www.le.com:443 mode=rule rule=DomainSuffix(le.com) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55510 rAddr=www.inke.cn:443 inbound=Socks5
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55510 rAddr=www.inke.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55511 rAddr=www.le.com:443 inbound=Socks5
08:49:13 INF [TCP] connected lAddr=10.1.1.123:55511 rAddr=www.le.com:443 mode=rule rule=DomainSuffix(le.com) proxy=🎯 全球直连[DIRECT]
08:49:13 DBG [TCP] accept connection lAddr=10.1.1.123:55512 rAddr=www.inke.cn:443 inbound=Socks5
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55512 rAddr=www.inke.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55513 rAddr=psc2.cf2.poecdn.net:443 inbound=Socks5
08:49:14 DBG [DNS] dns response source=https://1.1.1.1/dns-query qType=A name=666.xyffvip.com. answer=[]
08:49:14 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:14 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55514 rAddr=www.huajiao.com:443 inbound=Socks5
08:49:14 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.huajiao.com. answer=["106.120.160.203"]
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55514 rAddr=www.huajiao.com:443 mode=rule rule=DomainSuffix(huajiao.com) proxy=🎯 全球直连[DIRECT]
08:49:14 DBG [DNS] dns response source=https://1.1.1.1/dns-query qType=A name=psc2.cf2.poecdn.net. answer=["162.159.153.247","162.159.152.17"]
08:49:14 DBG [Matcher] resolve success host=psc2.cf2.poecdn.net ip=162.159.153.247
08:49:14 DBG [Matcher] find process failed error=process not found addr=psc2.cf2.poecdn.net
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55508 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55513 rAddr=psc2.cf2.poecdn.net:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55515 rAddr=psc2.cf2.poecdn.net:443 inbound=Socks5
08:49:14 DBG [Matcher] resolve success host=psc2.cf2.poecdn.net ip=162.159.152.17
08:49:14 DBG [Matcher] find process failed error=process not found addr=psc2.cf2.poecdn.net
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55516 rAddr=www.pptv.com:443 inbound=Socks5
08:49:14 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.pptv.com. answer=["219.151.137.140","60.188.67.206","183.66.104.8","183.66.104.51","106.126.10.128","123.184.26.237","58.221.30.231"]
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55515 rAddr=psc2.cf2.poecdn.net:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55516 rAddr=www.pptv.com:443 mode=rule rule=DomainSuffix(pptv.com) proxy=🎯 全球直连[DIRECT]
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55517 rAddr=psc2.cf2.poecdn.net:443 inbound=Socks5
08:49:14 DBG [Matcher] resolve success host=psc2.cf2.poecdn.net ip=162.159.153.247
08:49:14 DBG [Matcher] find process failed error=process not found addr=psc2.cf2.poecdn.net
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55517 rAddr=psc2.cf2.poecdn.net:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55518 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:14 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:14 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55518 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:14 DBG [TCP] accept connection lAddr=10.1.1.123:55521 rAddr=www.pptv.com:443 inbound=Socks5
08:49:14 INF [TCP] connected lAddr=10.1.1.123:55521 rAddr=www.pptv.com:443 mode=rule rule=DomainSuffix(pptv.com) proxy=🎯 全球直连[DIRECT]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55522 rAddr=taobaolive.taobao.com:443 inbound=Socks5
08:49:15 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=taobaolive.taobao.com. answer=["203.119.169.80"]
08:49:15 INF [TCP] connected lAddr=10.1.1.123:55522 rAddr=taobaolive.taobao.com:443 mode=rule rule=DomainSuffix(taobao.com) proxy=🎯 全球直连[DIRECT]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55523 rAddr=www.pptv.com:443 inbound=Socks5
08:49:15 INF [TCP] connected lAddr=10.1.1.123:55523 rAddr=www.pptv.com:443 mode=rule rule=DomainSuffix(pptv.com) proxy=🎯 全球直连[DIRECT]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55524 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:15 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:15 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:15 INF [TCP] connected lAddr=10.1.1.123:55524 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55525 rAddr=www.acfun.cn:443 inbound=Socks5
08:49:15 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.acfun.cn. answer=["118.112.226.241","118.112.226.242","118.112.226.243","118.112.226.244","118.112.226.248","118.112.226.238","118.112.226.239","118.112.226.240"]
08:49:15 INF [TCP] connected lAddr=10.1.1.123:55525 rAddr=www.acfun.cn:443 mode=rule rule=DomainSuffix(cn) proxy=🎯 全球直连[DIRECT]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55526 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:15 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:15 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:15 INF [TCP] connected lAddr=10.1.1.123:55526 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:15 DBG [TCP] accept connection lAddr=10.1.1.123:55527 rAddr=www.fun.tv:443 inbound=Socks5
08:49:15 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.fun.tv. answer=["118.193.104.9","118.193.104.10"]
08:49:15 DBG [Matcher] resolve success host=www.fun.tv ip=118.193.104.9
08:49:16 INF [TCP] connected lAddr=10.1.1.123:55527 rAddr=www.fun.tv:443 mode=rule rule=GeoIP(CN) proxy=🎯 全球直连[DIRECT]
08:49:16 DBG [TCP] accept connection lAddr=10.1.1.123:55528 rAddr=www.fun.tv:443 inbound=Socks5
08:49:16 DBG [Matcher] resolve success host=www.fun.tv ip=118.193.104.9
08:49:16 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.fun.tv. answer=["118.193.104.9","118.193.104.10"]
08:49:16 INF [TCP] connected lAddr=10.1.1.123:55528 rAddr=www.fun.tv:443 mode=rule rule=GeoIP(CN) proxy=🎯 全球直连[DIRECT]
08:49:16 DBG [TCP] accept connection lAddr=10.1.1.123:55529 rAddr=www.fun.tv:443 inbound=Socks5
08:49:16 DBG [Matcher] resolve success host=www.fun.tv ip=118.193.104.10
08:49:16 INF [TCP] connected lAddr=10.1.1.123:55529 rAddr=www.fun.tv:443 mode=rule rule=GeoIP(CN) proxy=🎯 全球直连[DIRECT]
08:49:16 DBG [TCP] accept connection lAddr=10.1.1.123:55530 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:16 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:16 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:16 DBG [TCP] accept connection lAddr=10.1.1.123:55531 rAddr=www.ixigua.com:443 inbound=Socks5
08:49:16 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=www.ixigua.com. answer=["125.72.109.180","125.72.109.181","125.72.109.175","125.72.109.184","125.72.109.177","119.96.67.149","119.96.67.125","125.72.124.80","110.167.255.102","125.72.124.67","125.72.124.70","125.72.124.79","125.72.124.78","125.72.124.77","125.72.124.76","119.96.67.153"]
08:49:16 INF [TCP] connected lAddr=10.1.1.123:55531 rAddr=www.ixigua.com:443 mode=rule rule=DomainSuffix(ixigua.com) proxy=🎯 全球直连[DIRECT]
08:49:16 INF [TCP] connected lAddr=10.1.1.123:55530 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]
08:49:17 DBG [TCP] accept connection lAddr=10.1.1.123:55532 rAddr=haokan.baidu.com:443 inbound=Socks5
08:49:17 DBG [DNS] dns response source=223.5.5.5:53 qType=A name=haokan.baidu.com. answer=["14.215.178.121"]
08:49:17 INF [TCP] connected lAddr=10.1.1.123:55532 rAddr=haokan.baidu.com:443 mode=rule rule=DomainSuffix(baidu.com) proxy=🎯 全球直连[DIRECT]
08:49:17 DBG [TCP] accept connection lAddr=10.1.1.123:55535 rAddr=666.xyffvip.com:443 inbound=Socks5
08:49:17 DBG [Matcher] resolve failed error=couldn't find ip: 666.xyffvip.com host=666.xyffvip.com
08:49:17 DBG [Matcher] find process failed error=process not found addr=666.xyffvip.com
08:49:17 INF [TCP] connected lAddr=10.1.1.123:55535 rAddr=666.xyffvip.com:443 mode=rule rule=DstPort(443) proxy=🐟 漏网之鱼[🇭🇰 [v1] 香港・06]

#===================== 最近运行日志获取完成(自动切换为silent模式) =====================#

#===================== 活动连接信息 =====================#

1. SourceIP:【10.1.1.123】 - Host:【psc2.cf2.poecdn.net】 - DestinationIP:【162.159.153.247】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【🇭🇰 [v1] 香港・06】
2. SourceIP:【10.1.1.123】 - Host:【www.tudou.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【tudou.com】 - Lastchain:【DIRECT】
3. SourceIP:【10.1.1.123】 - Host:【api-v3.speedtest.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
4. SourceIP:【10.1.1.123】 - Host:【psc2.cf2.poecdn.net】 - DestinationIP:【162.159.153.247】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【🇭🇰 [v1] 香港・06】
5. SourceIP:【10.1.1.123】 - Host:【www.huajiao.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【huajiao.com】 - Lastchain:【DIRECT】
6. SourceIP:【198.18.0.1】 - Host:【Empty】 - DestinationIP:【50.7.252.138】 - Network:【udp】 - RulePayload:【】 - Lastchain:【DIRECT】
7. SourceIP:【10.1.1.123】 - Host:【api-v3.speedtest.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
8. SourceIP:【10.1.1.123】 - Host:【www.ixigua.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【ixigua.com】 - Lastchain:【DIRECT】
9. SourceIP:【10.1.1.123】 - Host:【haokan.baidu.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【baidu.com】 - Lastchain:【DIRECT】
10. SourceIP:【10.1.1.123】 - Host:【www.yjwujian.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
11. SourceIP:【10.1.1.123】 - Host:【tch159176.tch.poe.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【poe.com】 - Lastchain:【🇭🇰 [v1] 香港・06】
12. SourceIP:【10.1.1.123】 - Host:【api-v3.speedtest.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
13. SourceIP:【10.1.1.123】 - Host:【poe.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【poe.com】 - Lastchain:【🇭🇰 [v1] 香港・06】
14. SourceIP:【10.1.1.123】 - Host:【666.xyffvip.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【🇭🇰 [v1] 香港・06】
15. SourceIP:【10.1.1.123】 - Host:【api-v3.speedtest.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
16. SourceIP:【198.18.0.1】 - Host:【Empty】 - DestinationIP:【50.7.252.138】 - Network:【udp】 - RulePayload:【】 - Lastchain:【DIRECT】
17. SourceIP:【10.1.1.123】 - Host:【www.acfun.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
18. SourceIP:【10.1.1.123】 - Host:【api-v3.speedtest.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【cn】 - Lastchain:【DIRECT】
19. SourceIP:【10.1.1.123】 - Host:【now.qq.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【qq.com】 - Lastchain:【DIRECT】
20. SourceIP:【10.1.1.123】 - Host:【taobaolive.taobao.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【taobao.com】 - Lastchain:【DIRECT】
21. SourceIP:【10.1.1.123】 - Host:【www.yizhibo.com】 - DestinationIP:【47.95.178.140】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
22. SourceIP:【10.1.1.123】 - Host:【mtalk.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【mtalk.google.com】 - Lastchain:【DIRECT】
23. SourceIP:【10.1.1.123】 - Host:【firestore.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇭🇰 [v1] 香港・06】
24. SourceIP:【10.1.1.123】 - Host:【tv.sohu.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【sohu.com】 - Lastchain:【DIRECT】
25. SourceIP:【198.18.0.1】 - Host:【Empty】 - DestinationIP:【84.17.53.155】 - Network:【udp】 - RulePayload:【】 - Lastchain:【DIRECT】
vernesong commented 1 year ago

你去换一个白名单

github-actions[bot] commented 1 year ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days