search

vernesong / OpenClash

A Clash Client For OpenWrt
MIT License
16.69k stars 3.08k forks source link

[Bug] 添加了预期之外的NAT规则(OpenClash Google DNS Hijack) #3551

Closed liangyi9812 closed 9 months ago

liangyi9812 commented 11 months ago

Verify Steps

OpenClash Version

v0.45.141-beta

Bug on Environment

Official OpenWrt

Bug on Platform

Linux-amd64(x86-64)

To Reproduce

插件设置 - 流媒体增强 - (实验性:屏蔽 Google DNS 的局域网设备 IP 与 实验性:屏蔽 Google DNS 的局域网设备 Mac) 均为不设置

Describe the Bug

未配置相关选项 (实验性:屏蔽 Google DNS 的局域网设备 IP 与 实验性:屏蔽 Google DNS 的局域网设备 Mac) 却出现了相关的nat防火墙 pPXjoAx.png pPXj74K.png

OpenClash Log

OpenClash 调试日志

生成时间: 2023-10-06 19:01:50 插件版本: v0.45.141-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息


#===================== 系统信息 =====================#

主机型号: QEMU Standard PC (i440FX + PIIX, 1996)
固件版本: ImmortalWrt 21.02.7 r20074-a8bbadefaf
LuCI版本: git-20.074.84698-ead5e81
内核版本: 5.4.255
处理器架构: x86_64

#此项有值时,如不使用IPv6,建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: 

DNS劫持: Dnsmasq 转发
#DNS劫持为Dnsmasq时,此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.0.1#7874

#===================== 依赖检查 =====================#

dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
ruby-psych: 已安装
ruby-pstore: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci >= 19.07): 已安装
kmod-inet-diag(PROCESS-NAME): 已安装
unzip: 已安装
iptables-mod-tproxy: 已安装
kmod-ipt-tproxy: 已安装
iptables-mod-extra: 已安装
kmod-ipt-extra: 已安装
kmod-ipt-nat: 已安装

#===================== 内核检查 =====================#

运行状态: 运行中
运行内核:Meta
进程pid: 25300
运行权限: 25300: cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_ptrace,cap_sys_resource=eip
运行用户: nobody
已选择的架构: linux-amd64

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 2023.08.17-13-gdcc8d87
Tun内核文件: 存在
Tun内核运行权限: 正常

Dev内核版本: v1.18.0-13-gd034a40
Dev内核文件: 存在
Dev内核运行权限: 正常

Meta内核版本: alpha-g6b1a438
Meta内核文件: 存在
Meta内核运行权限: 正常

#===================== 插件设置 =====================#

当前配置文件: /etc/openclash/config/liangyi-meta-gist.yaml
启动配置文件: /etc/openclash/liangyi-meta-gist.yaml
运行模式: fake-ip
默认代理模式: rule
UDP流量转发(tproxy): 启用
自定义DNS: 停用
IPV6代理: 停用
IPV6-DNS解析: 启用
禁用Dnsmasq缓存: 启用
自定义规则: 停用
仅允许内网: 停用
仅代理命中规则流量: 停用
仅允许常用端口流量: 停用
绕过中国大陆IP: 停用
路由本机代理: 启用

#启动异常时建议关闭此项后重试
混合节点: 停用
保留配置: 停用

#启动异常时建议关闭此项后重试
第三方规则: 停用

#===================== 配置文件 =====================#

pr:
  type: select
  proxies: &2
  - "\U0001F3AF直连回国"
  - "\U0001F50CWARP"
  - "\U0001F50CCF-WORKER-MANUAL-IP"
  - "\U0001F530MyOwnProxies"
  - "\U0001F4B5NewWorld"
  - "\U0001F4B5GLaDOS"
  - "\U0001F512tls-group-select"
  - "\U0001F512tls-group-fallback"
  - "\U0001F512free-vveg26-chromego-select"
  - "\U0001F512free-vveg26-chromego-fallback"
  - "\U0001F510frees-select"
  - "\U0001F1ED\U0001F1F0香港"
  - "\U0001F1E8\U0001F1F3大陆|台湾"
  - "\U0001F1EF\U0001F1F5日本"
  - "\U0001F1F0\U0001F1F7韩国"
  - "\U0001F1FA\U0001F1F8美国"
  - "\U0001F1EC\U0001F1E7英国"
  - "\U0001F1F8\U0001F1EC新加坡"
  - "\U0001F3F3️‍\U0001F308其它地区"
  - "\U0001F3F4‍☠️未知地区"
  - DIRECT
  - REJECT
use:
  type: select
  use: &3
  - MyOwnProxies
  - NewWorld
  - GLaDOS
  - frees
  - free-vveg26-chromego
p:
  type: http
  interval: 21600
  health-check:
    enable: true
    url: https://www.gstatic.com/generate_204
    interval: 520
fake-ip-filter: &1
- "*.lan"
- "*.localdomain"
- "*.example"
- "*.invalid"
- "*.localhost"
- "*.test"
- "*.local"
- "*.home.arpa"
- time.*.com
- time.*.gov
- time.*.edu.cn
- time.*.apple.com
- time1.*.com
- time2.*.com
- time3.*.com
- time4.*.com
- time5.*.com
- time6.*.com
- time7.*.com
- ntp.*.com
- ntp1.*.com
- ntp2.*.com
- ntp3.*.com
- ntp4.*.com
- ntp5.*.com
- ntp6.*.com
- ntp7.*.com
- "*.time.edu.cn"
- "*.ntp.org.cn"
- "+.pool.ntp.org"
- time1.cloud.tencent.com
- music.163.com
- "*.music.163.com"
- "*.126.net"
- musicapi.taihe.com
- music.taihe.com
- songsearch.kugou.com
- trackercdn.kugou.com
- "*.kuwo.cn"
- api-jooxtt.sanook.com
- api.joox.com
- joox.com
- y.qq.com
- "*.y.qq.com"
- streamoc.music.tc.qq.com
- mobileoc.music.tc.qq.com
- isure.stream.qqmusic.qq.com
- dl.stream.qqmusic.qq.com
- aqqmusic.tc.qq.com
- amobile.music.tc.qq.com
- "*.xiami.com"
- "*.music.migu.cn"
- music.migu.cn
- "*.msftconnecttest.com"
- "*.msftncsi.com"
- msftconnecttest.com
- msftncsi.com
- localhost.ptlogin2.qq.com
- localhost.sec.qq.com
- "+.srv.nintendo.net"
- "+.stun.playstation.net"
- xbox.*.microsoft.com
- xnotify.xboxlive.com
- "+.battlenet.com.cn"
- "+.wotgame.cn"
- "+.wggames.cn"
- "+.wowsgame.cn"
- "+.wargaming.net"
- proxy.golang.org
- stun.*.*
- stun.*.*.*
- "+.stun.*.*"
- "+.stun.*.*.*"
- "+.stun.*.*.*.*"
- heartbeat.belkin.com
- "*.linksys.com"
- "*.linksyssmartwifi.com"
- "*.router.asus.com"
- mesu.apple.com
- swscan.apple.com
- swquery.apple.com
- swdownload.apple.com
- swcdn.apple.com
- swdist.apple.com
- sylvan.apple.com
- lens.l.google.com
- stun.l.google.com
- "+.nflxvideo.net"
- "*.square-enix.com"
- "*.finalfantasyxiv.com"
- "*.ffxiv.com"
- "*.mcdn.bilivideo.cn"
rule-providers:
  applications:
    type: http
    behavior: classical
    url: https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/applications.txt
    path: "./rule_provider/applications.yaml"
    interval: 86400
  liangyi-dns-direct:
    type: http
    behavior: ipcidr
    url: https://ghproxy.com/https://gist.githubusercontent.com/liangyi9812/f9ae2xxxxxxxe0366626/raw/liangyi-dns-direct.yaml
    path: "./rule_provider/liangyi-dns-direct.yaml"
    interval: 86400
  liangyi-direct-nonip:
    type: http
    behavior: classical
    url: https://ghproxy.com/https://gist.githubusercontent.com/liangyi9812/f9ae2xxxxxxxe0366626/raw/liangyi-direct-nonip.yaml
    path: "./rule_provider/liangyi-direct-nonip.yaml"
    interval: 86400
  liangyi-proxy-nonip:
    type: http
    behavior: classical
    url: https://ghproxy.com/https://gist.githubusercontent.com/liangyi9812/f9ae2xxxxxxxe0366626/raw/liangyi-proxy-nonip.yaml
    path: "./rule_provider/liangyi-proxy-nonip.yaml"
    interval: 86400
  liangyi-proxy-important-nonip:
    type: http
    behavior: classical
    url: https://ghproxy.com/https://gist.githubusercontent.com/liangyi9812/f9ae2xxxxxxxe0366626/raw/liangyi-proxy-important-nonip.yaml
    path: "./rule_provider/liangyi-proxy-important-nonip.yaml"
    interval: 86400
  BanAD:
    type: http
    behavior: classical
    url: https://ghproxy.com/https://github.com/ACL4SSR/ACL4SSR/raw/master/Clash/Providers/BanAD.yaml
    path: "./rule_provider/BanAD.yaml"
    interval: 86400
  BanEasyPrivacy:
    type: http
    behavior: classical
    url: https://ghproxy.com/https://github.com/ACL4SSR/ACL4SSR/raw/master/Clash/Providers/BanEasyPrivacy.yaml
    path: "./rule_provider/BanEasyPrivacy.yaml"
    interval: 86400
  BanEasyList:
    type: http
    behavior: classical
    url: https://ghproxy.com/https://github.com/ACL4SSR/ACL4SSR/raw/master/Clash/Providers/BanEasyList.yaml
    path: "./rule_provider/BanEasyList.yaml"
    interval: 86400
  BanEasyListChina:
    type: http
    behavior: classical
    url: https://ghproxy.com/https://github.com/ACL4SSR/ACL4SSR/raw/master/Clash/Providers/BanEasyListChina.yaml
    path: "./rule_provider/BanEasyListChina.yaml"
    interval: 86400
  BanProgramAD:
    type: http
    behavior: classical
    url: https://ghproxy.com/https://github.com/ACL4SSR/ACL4SSR/raw/master/Clash/Providers/BanProgramAD.yaml
    path: "./rule_provider/BanProgramAD.yaml"
    interval: 86400
profile:
  store-selected: true
  store-fake-ip: true
mode: rule
ipv6: true
log-level: info
allow-lan: true
bind-address: "*"
port: 7890
socks-port: 7891
mixed-port: 7893
external-controller: 0.0.0.0:8888
unified-delay: true
tcp-concurrent: true
find-process-mode: 'off'
global-client-fingerprint: chrome
geodata-mode: true
geodata-loader: memconservative
geox-url:
  geoip: https://fastly.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geoip.dat
  geosite: https://fastly.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geosite.dat
  mmdb: https://fastly.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/country.mmdb
sniffer:
  enable: true
  parse-pure-ip: true
  force-domain:
  - "+.netflix.com"
  - "+.nflxvideo.net"
  - "+.amazonaws.com"
  - "+.media.dssott.com"
  skip-domain:
  - "+.apple.com"
  - Mijia Cloud
  - dlg.io.mi.com
  sniff:
    TLS:
    HTTP:
      ports:
      - 80
      - 8080-8880
      override-destination: true
dns:
  enable: true
  listen: 0.0.0.0:7874
  prefer-h3: true
  ipv6: true
  use-hosts: true
  proxy-server-nameserver:
  - https://223.5.5.5/dns-query
  - https://8.8.8.8/dns-query
  nameserver-policy:
    geosite:cn,private,apple@cn,icloud@cn:
    - https://223.5.5.5/dns-query
    - https://8.8.8.8/dns-query
  nameserver:
  - https://1.12.12.12/dns-query
  fallback:
  - https://8.8.8.8/dns-query
  - https://1.1.1.1/dns-query
  fallback-filter:
    geoip: true
    geoip-code: CN
    ipcidr:
    - 0.0.0.0/8
    - 10.0.0.0/8
    - 100.64.0.0/10
    - 127.0.0.0/8
    - 169.254.0.0/16
    - 172.16.0.0/12
    - 192.0.0.0/24
    - 192.0.2.0/24
    - 192.88.99.0/24
    - 192.168.0.0/16
    - 198.18.0.0/15
    - 198.51.100.0/24
    - 203.0.113.0/24
    - 224.0.0.0/4
    - 240.0.0.0/4
    - 255.255.255.255/32
    domain:
    - "+.google.com"
    - "+.facebook.com"
    - "+.youtube.com"
    - "+.githubusercontent.com"
    - "+.googlevideo.com"
    - "+.msftconnecttest.com"
    - "+.msftncsi.com"
  fake-ip-range: 198.18.0.1/16
  fake-ip-filter: *1
  enhanced-mode: fake-ip
proxy-groups:
- name: "\U0001F308Google"
  type: select
  proxies: *2
- name: "\U0001F3ACYouTube"
  type: select
  proxies: *2
- name: "⭐Github"
  type: select
  proxies: *2
- name: "\U0001F3B5Spotify"
  type: select
  proxies: *2
- name: "\U0001F47EOpenAI"
  type: select
  proxies: *2
- name: "\U0001F4DETelegram"
  type: select
  proxies: *2
- name: "\U0001F984Twitter"
  type: select
  proxies: *2
- name: "\U0001F3ACNETFLIX"
  type: select
  proxies: *2
- name: "⚡Speedtest"
  type: select
  proxies: *2
- name: "\U0001F5A5Hackintosh"
  type: select
  proxies: *2
- name: "\U0001F525Proxies"
  type: select
  proxies: *2
- name: "\U0001F525Proxies-Important"
  type: fallback
  use:
  - v2free-paid
  url: https://www.gstatic.com/generate_204
  interval: 300
- name: "\U0001F420CN漏网之鱼"
  type: select
  proxies: *2
- name: "❗❗兜底❗❗"
  type: select
  proxies: *2
- name: "\U0001F530MyOwnProxies"
  type: select
  use:
  - MyOwnProxies
  proxies:
  - "\U0001F3AF直连回国"
  - "\U0001F50CWARP"
  - "\U0001F50CCF-WORKER-MANUAL-IP"
  - "\U0001F4B5NewWorld"
  - "\U0001F4B5GLaDOS"
  - "\U0001F512tls-group-select"
  - "\U0001F512tls-group-fallback"
  - "\U0001F512free-vveg26-chromego-select"
  - "\U0001F512free-vveg26-chromego-fallback"
  - "\U0001F510frees-select"
  - "\U0001F1ED\U0001F1F0香港"
  - "\U0001F1E8\U0001F1F3大陆|台湾"
  - "\U0001F1EF\U0001F1F5日本"
  - "\U0001F1F0\U0001F1F7韩国"
  - "\U0001F1FA\U0001F1F8美国"
  - "\U0001F1EC\U0001F1E7英国"
  - "\U0001F1F8\U0001F1EC新加坡"
  - "\U0001F3F3️‍\U0001F308其它地区"
  - "\U0001F3F4‍☠️未知地区"
- name: "\U0001F517WARP前置节点"
  type: select
  proxies: *2
- name: "\U0001F4B5NewWorld"
  type: select
  use:
  - NewWorld
- name: "\U0001F4B5GLaDOS"
  type: select
  use:
  - GLaDOS
- name: "\U0001F512tls-group-select"
  type: select
  use:
  - tls-group
- name: "\U0001F512tls-group-fallback"
  type: fallback
  use:
  - tls-group
  url: https://www.gstatic.com/generate_204
  interval: 300
- name: "\U0001F512free-vveg26-chromego-select"
  type: select
  use:
  - free-vveg26-chromego
- name: "\U0001F512free-vveg26-chromego-fallback"
  type: fallback
  use:
  - free-vveg26-chromego
  url: https://www.gstatic.com/generate_204
  interval: 300
- name: "\U0001F510frees-select"
  type: select
  use:
  - frees
- name: "\U0001F1ED\U0001F1F0香港"
  type: select
  use: *3
  filter: "(?i)(港|香港|\\bhk\\b|\\bhong\\s?kong\\b|\U0001F1ED\U0001F1F0)"
- name: "\U0001F1E8\U0001F1F3大陆|台湾"
  type: select
  use: *3
  filter: "(?i)(中国|大陆|\\bzg\\b|\\bchina\\b|\\bch\\b|台|台湾|\\btw\\b|\\btaiwan\\b|\U0001F1E8\U0001F1F3)"
- name: "\U0001F1EF\U0001F1F5日本"
  type: select
  use: *3
  filter: "(?i)(日|日本|\\bjp\\b|\\bjapan\\b|\U0001F1EF\U0001F1F5)"
- name: "\U0001F1F0\U0001F1F7韩国"
  type: select
  use: *3
  filter: "(?i)(韩|韩国|\\bkr\\b|\\bkorea\\b|\U0001F1F0\U0001F1F7)"
- name: "\U0001F1FA\U0001F1F8美国"
  type: select
  use: *3
  filter: "(?i)(美|美国|\\bus\\b|\\bunited\\s?states\\b|\U0001F1FA\U0001F1F8)"
- name: "\U0001F1EC\U0001F1E7英国"
  type: select
  use: *3
  filter: "(?i)(英|英国|\\buk\\b|\\bunited\\s?kingdom\\b|\U0001F1EC\U0001F1E7)"
- name: "\U0001F1F8\U0001F1EC新加坡"
  type: select
  use: *3
  filter: "(?i)(新|新加坡|\\bsg\\b|\\bsingapore\\b|\U0001F1F8\U0001F1EC)"
- name: "\U0001F3F3️‍\U0001F308其它地区"
  type: select
  use: *3
  filter: "(?i)^(?!.*(?:\U0001F3F4‍☠️|\U0001F1ED\U0001F1F0|\U0001F1E8\U0001F1F3|\U0001F1EF\U0001F1F5|\U0001F1F0\U0001F1F7|\U0001F1FA\U0001F1F8|\U0001F1EC\U0001F1E7|\U0001F1F8\U0001F1EC|港|香港|hk|hong\\s?kong|中国|zg|china|ch|大陆|台|台湾|tw|taiwan|日本|jp|japan|韩|韩国|kr|korea|新|新加坡|sg|singapore|美|美国|us|united\\s?states|英|英国|uk|united\\s?kingdom)).*"
- name: "\U0001F3F4‍☠️未知地区"
  type: select
  use: *3
  filter: "(?i)\U0001F3F4‍☠️"
- name: "\U0001F3AF直连回国"
  type: select
  proxies:
  - DIRECT
- name: "\U0001F6D1广告拦截"
  type: select
  proxies:
  - REJECT
  - PASS
  - DIRECT
rules:
- DST-PORT,7895,REJECT
- DST-PORT,7892,REJECT
- IP-CIDR,198.18.0.1/16,REJECT,no-resolve
- RULE-SET,liangyi-dns-direct,DIRECT,no-resolve
- GEOIP,LAN,DIRECT,no-resolve
- GEOSITE,private,DIRECT
- "DOMAIN-SUFFIX,jsdelivr.net,\U0001F3AF直连回国"
- "DOMAIN,ghproxy.com,\U0001F3AF直连回国"
- "GEOSITE,icloud@cn,\U0001F3AF直连回国"
- "GEOSITE,apple@cn,\U0001F3AF直连回国"
- "RULE-SET,liangyi-direct-nonip,\U0001F3AF直连回国"
- "GEOSITE,category-ads-all,\U0001F6D1广告拦截"
- "RULE-SET,BanAD,\U0001F6D1广告拦截"
- "RULE-SET,BanEasyPrivacy,\U0001F6D1广告拦截"
- "RULE-SET,BanEasyList,\U0001F6D1广告拦截"
- "RULE-SET,BanEasyListChina,\U0001F6D1广告拦截"
- "RULE-SET,BanProgramAD,\U0001F6D1广告拦截"
- "RULE-SET,applications,\U0001F3AF直连回国"
- "GEOSITE,CN,\U0001F3AF直连回国"
- "RULE-SET,liangyi-proxy-nonip,\U0001F525Proxies"
- "RULE-SET,liangyi-proxy-important-nonip,\U0001F525Proxies-Important"
- "GEOSITE,spotify,\U0001F3B5Spotify"
- "GEOSITE,openai,\U0001F47EOpenAI"
- GEOSITE,github,⭐Github
- "GEOSITE,youtube,\U0001F3ACYouTube"
- "GEOSITE,twitter,\U0001F984Twitter"
- "GEOSITE,telegram,\U0001F4DETelegram"
- GEOSITE,speedtest,⚡Speedtest
- "GEOSITE,netflix,\U0001F3ACNETFLIX"
- "GEOSITE,google,\U0001F308Google"
- "OR,((DOMAIN-KEYWORD,tonymacx86), (DOMAIN-KEYWORD,insanelymac)),\U0001F5A5Hackintosh"
- "GEOSITE,geolocation-!cn,\U0001F420CN漏网之鱼"
- "GEOIP,telegram,\U0001F4DETelegram"
- MATCH,❗❗兜底❗❗
redir-port: 7892
tproxy-port: 7895
external-ui: "/usr/share/openclash/ui"
authentication:
- root:xxxxx

#===================== 自定义覆写设置 =====================#

#!/bin/sh
. /usr/share/openclash/ruby.sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom overwrite scripts here, they will be take effict after the OpenClash own srcipts

LOG_OUT "Tip: Start Running Custom Overwrite Scripts..."
LOGTIME=$(echo $(date "+%Y-%m-%d %H:%M:%S"))
LOG_FILE="/tmp/openclash.log"
CONFIG_FILE="$1" #config path

#Simple Demo:
    #General Demo
    #1--config path
    #2--key name
    #3--value
    #ruby_edit "$CONFIG_FILE" "['redir-port']" "7892"
    #ruby_edit "$CONFIG_FILE" "['secret']" "123456"
    #ruby_edit "$CONFIG_FILE" "['dns']['enable']" "true"

    #Hash Demo
    #1--config path
    #2--key name
    #3--hash type value
    #ruby_edit "$CONFIG_FILE" "['experimental']" "{'sniff-tls-sni'=>true}"
    #ruby_edit "$CONFIG_FILE" "['sniffer']" "{'sniffing'=>['tls','http']}"

    #Array Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value
    #ruby_arr_insert "$CONFIG_FILE" "['dns']['nameserver']" "0" "114.114.114.114"

    #Array Add From Yaml File Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value file path
    #5--value key name in #4 file
    #ruby_arr_add_file "$CONFIG_FILE" "['dns']['fallback-filter']['ipcidr']" "0" "/etc/openclash/custom/openclash_custom_fallback_filter.yaml" "['fallback-filter']['ipcidr']"

#Ruby Script Demo:
    #ruby -ryaml -rYAML -I "/usr/share/openclash" -E UTF-8 -e "
    #   begin
    #      Value = YAML.load_file('$CONFIG_FILE');
    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Load File Failed,【' + e.message + '】';
    #   end;

        #General
    #   begin
    #   Thread.new{
    #      Value['redir-port']=7892;
    #      Value['tproxy-port']=7895;
    #      Value['port']=7890;
    #      Value['socks-port']=7891;
    #      Value['mixed-port']=7893;
    #   }.join;

    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Set General Failed,【' + e.message + '】';
    #   ensure
    #      File.open('$CONFIG_FILE','w') {|f| YAML.dump(Value, f)};
    #   end" 2>/dev/null >> $LOG_FILE

exit 0
#===================== 自定义防火墙设置 =====================#

#!/bin/sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom firewall rules here, they will be added after the end of the OpenClash iptables rules

LOG_OUT "Tip: Start Add Custom Firewall Rules..."

exit 0
#===================== IPTABLES 防火墙设置 =====================#

#IPv4 NAT chain

# Generated by iptables-save v1.8.7 on Fri Oct  6 19:01:55 2023
*nat
:PREROUTING ACCEPT [141:74064]
:INPUT ACCEPT [785:51071]
:OUTPUT ACCEPT [975:95970]
:POSTROUTING ACCEPT [977:96090]
:openclash - [0:0]
:openclash_output - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
-A PREROUTING -d 8.8.4.4/32 -p tcp -m comment --comment "OpenClash Google DNS Hijack" -m tcp --dport 53 -j REDIRECT --to-ports 7892
-A PREROUTING -d 8.8.8.8/32 -p tcp -m comment --comment "OpenClash Google DNS Hijack" -m tcp --dport 53 -j REDIRECT --to-ports 7892
-A PREROUTING -p tcp -m tcp --dport 53 -m comment --comment "OpenClash DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -p udp -m udp --dport 53 -m comment --comment "OpenClash DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -p udp -m comment --comment DNSMASQ -m udp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -j openclash
-A OUTPUT -j openclash_output
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -d 198.18.0.0/16 -p tcp -j REDIRECT --to-ports 7892
-A openclash -p tcp -j REDIRECT --to-ports 7892
-A openclash_output -d 198.18.0.0/16 -p tcp -m owner ! --uid-owner 65534 -j REDIRECT --to-ports 7892
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -j REDIRECT --to-ports 7892
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
COMMIT
# Completed on Fri Oct  6 19:01:55 2023

#IPv4 Mangle chain

# Generated by iptables-save v1.8.7 on Fri Oct  6 19:01:55 2023
*mangle
:PREROUTING ACCEPT [41240:20089081]
:INPUT ACCEPT [41077:20108818]
:FORWARD ACCEPT [101:6950]
:OUTPUT ACCEPT [41609:24769386]
:POSTROUTING ACCEPT [41710:24776336]
:openclash - [0:0]
:openclash_output - [0:0]
:openclash_upnp - [0:0]
-A PREROUTING -p udp -j openclash
-A OUTPUT -p udp -j openclash_output
-A openclash -i lo -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -p udp -m udp --dport 53 -j RETURN
-A openclash -d 198.18.0.0/16 -p udp -j TPROXY --on-port 7895 --on-ip 0.0.0.0 --tproxy-mark 0x162/0xffffffff
-A openclash -p udp -j openclash_upnp
-A openclash -p udp -j TPROXY --on-port 7895 --on-ip 0.0.0.0 --tproxy-mark 0x162/0xffffffff
-A openclash_output -d 198.18.0.0/16 -p udp -m owner ! --uid-owner 65534 -j MARK --set-xmark 0x162/0xffffffff
COMMIT
# Completed on Fri Oct  6 19:01:55 2023

#IPv4 Filter chain

# Generated by iptables-save v1.8.7 on Fri Oct  6 19:01:55 2023
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:reject - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
-A INPUT -p udp -m udp --dport 443 -m comment --comment "OpenClash QUIC REJECT" -m set ! --match-set china_ip_route dst -j REJECT --reject-with icmp-port-unreachable
-A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
-A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
-A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
-A FORWARD -m comment --comment "!fw3: Traffic offloading" -m conntrack --ctstate RELATED,ESTABLISHED -j FLOWOFFLOAD
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
-A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
-A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
-A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp-port-unreachable
-A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
-A zone_lan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
-A zone_lan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
-A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
-A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
COMMIT
# Completed on Fri Oct  6 19:01:55 2023

#IPv6 NAT chain

# Generated by ip6tables-save v1.8.7 on Fri Oct  6 19:01:55 2023
*nat
:PREROUTING ACCEPT [99:26455]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [127:11967]
:POSTROUTING ACCEPT [127:11967]
-A PREROUTING -p udp -m comment --comment DNSMASQ -m udp --dport 53 -j REDIRECT --to-ports 53
COMMIT
# Completed on Fri Oct  6 19:01:55 2023

#IPv6 Mangle chain

# Generated by ip6tables-save v1.8.7 on Fri Oct  6 19:01:55 2023
*mangle
:PREROUTING ACCEPT [1702:433078]
:INPUT ACCEPT [1058:244678]
:FORWARD ACCEPT [1:72]
:OUTPUT ACCEPT [1615:183241]
:POSTROUTING ACCEPT [1617:183361]
COMMIT
# Completed on Fri Oct  6 19:01:55 2023

#IPv6 Filter chain

# Generated by ip6tables-save v1.8.7 on Fri Oct  6 19:01:55 2023
*filter
:INPUT ACCEPT [1:72]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:reject - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
-A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
-A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
-A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
-A FORWARD -m comment --comment "!fw3: Traffic offloading" -m conntrack --ctstate RELATED,ESTABLISHED -j FLOWOFFLOAD
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
-A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
-A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
-A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp6-port-unreachable
-A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
-A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
-A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
-A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
-A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
COMMIT
# Completed on Fri Oct  6 19:01:55 2023

#===================== IPSET状态 =====================#

Name: localnetwork
Type: hash:net
Revision: 6
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 1032
References: 3
Number of entries: 9

Name: china_ip_route
Type: hash:net
Revision: 6
Header: family inet hashsize 2048 maxelem 1000000
Size in memory: 187552
References: 1
Number of entries: 8612

Name: china_ip_route_pass
Type: hash:net
Revision: 6
Header: family inet hashsize 1024 maxelem 1000000
Size in memory: 456
References: 0
Number of entries: 0

#===================== 路由表状态 =====================#

#IPv4

#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.21.1    0.0.0.0         UG    0      0        0 br-lan
192.168.21.0    0.0.0.0         255.255.255.0   U     0      0        0 br-lan

#ip route list
default via 192.168.21.1 dev br-lan proto static 
192.168.21.0/24 dev br-lan proto kernel scope link src 192.168.21.2 

#ip rule show
0:  from all lookup local
32765:  from all fwmark 0x162 lookup 354
32766:  from all lookup main
32767:  from all lookup default

#IPv6

#route -A inet6
Kernel IPv6 routing table
Destination                                 Next Hop                                Flags Metric Ref    Use Iface
::/0                                        fe80::60a6:acff:fe22:4413               UG    512    3        0 br-lan  
2409:8a28:a288:37c1::/64                    ::                                      U     256    1        0 br-lan  
2409:8a28:a288:37c1::/64                    ::                                      !n    2147483647 1        0 lo      
fe80::/64                                   ::                                      U     256    2        0 br-lan  
::/0                                        ::                                      !n    -1     2        0 lo      
::1/128                                     ::                                      Un    0      5        0 lo      
2409:8a28:a288:37c1::/128                   ::                                      Un    0      3        0 br-lan  
*WAN IP*:e20b/128 ::                                      Un    0      5        0 br-lan  
fe80::/128                                  ::                                      Un    0      3        0 br-lan  
fe80::b80f:37ff:fe66:e20b/128               ::                                      Un    0      5        0 br-lan  
ff00::/8                                    ::                                      U     256    4        0 br-lan  
::/0                                        ::                                      !n    -1     2        0 lo      

#ip -6 route list
default from 2409:8a28:a288:37c1::/64 via fe80::60a6:acff:fe22:4413 dev br-lan proto static metric 512 pref medium
2409:8a28:a288:37c1::/64 dev br-lan proto static metric 256 pref medium
unreachable 2409:8a28:a288:37c1::/64 dev lo proto static metric 2147483647 pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium

#ip -6 rule show
0:  from all lookup local
32766:  from all lookup main
4200000001: from all iif lo failed_policy
4200000004: from all iif br-lan failed_policy
4200000004: from all iif br-lan failed_policy

#===================== 端口占用状态 =====================#

tcp        0      0 :::7890                 :::*                    LISTEN      25300/clash
tcp        0      0 :::7891                 :::*                    LISTEN      25300/clash
tcp        0      0 :::7892                 :::*                    LISTEN      25300/clash
tcp        0      0 :::7893                 :::*                    LISTEN      25300/clash
tcp        0      0 :::7895                 :::*                    LISTEN      25300/clash
tcp        0      0 :::8888                 :::*                    LISTEN      25300/clash
udp        0      0 :::36712                :::*                                25300/clash
udp        0      0 :::44915                :::*                                25300/clash
udp        0      0 :::40826                :::*                                25300/clash
udp        0      0 :::44952                :::*                                25300/clash
udp        0      0 :::43937                :::*                                25300/clash
udp        0      0 :::48058                :::*                                25300/clash
udp        0      0 :::57294                :::*                                25300/clash
udp        0      0 :::49114                :::*                                25300/clash
udp        0      0 :::59364                :::*                                25300/clash
udp        0      0 :::32787                :::*                                25300/clash
udp        0      0 :::48170                :::*                                25300/clash
udp        0      0 :::36941                :::*                                25300/clash
udp        0      0 :::36944                :::*                                25300/clash
udp        0      0 :::35948                :::*                                25300/clash
udp        0      0 :::58511                :::*                                25300/clash
udp        0      0 :::43178                :::*                                25300/clash
udp        0      0 :::51371                :::*                                25300/clash
udp        0      0 :::36015                :::*                                25300/clash
udp        0      0 :::52432                :::*                                25300/clash
udp        0      0 :::60636                :::*                                25300/clash
udp        0      0 :::57571                :::*                                25300/clash
udp        0      0 :::46316                :::*                                25300/clash
udp        0      0 :::33100                :::*                                25300/clash
udp        0      0 :::34158                :::*                                25300/clash
udp        0      0 :::39282                :::*                                25300/clash
udp        0      0 :::34165                :::*                                25300/clash
udp        0      0 :::43390                :::*                                25300/clash
udp        0      0 :::34186                :::*                                25300/clash
udp        0      0 :::40356                :::*                                25300/clash
udp        0      0 :::50605                :::*                                25300/clash
udp        0      0 :::46515                :::*                                25300/clash
udp        0      0 :::38333                :::*                                25300/clash
udp        0      0 :::59842                :::*                                25300/clash
udp        0      0 :::39380                :::*                                25300/clash
udp        0      0 :::52705                :::*                                25300/clash
udp        0      0 :::35311                :::*                                25300/clash
udp        0      0 :::37393                :::*                                25300/clash
udp        0      0 :::46694                :::*                                25300/clash
udp        0      0 :::41576                :::*                                25300/clash
udp        0      0 :::56947                :::*                                25300/clash
udp        0      0 :::54902                :::*                                25300/clash
udp        0      0 :::33412                :::*                                25300/clash
udp        0      0 :::58012                :::*                                25300/clash
udp        0      0 :::60098                :::*                                25300/clash
udp        0      0 :::7874                 :::*                                25300/clash
udp        0      0 :::7891                 :::*                                25300/clash
udp        0      0 :::7892                 :::*                                25300/clash
udp        0      0 :::7893                 :::*                                25300/clash
udp        0      0 :::7895                 :::*                                25300/clash
udp        0      0 :::36577                :::*                                25300/clash
udp        0      0 :::41739                :::*                                25300/clash
udp        0      0 :::42765                :::*                                25300/clash
udp        0      0 :::56077                :::*                                25300/clash
udp        0      0 :::39694                :::*                                25300/clash
udp        0      0 :::46871                :::*                                25300/clash
udp        0      0 :::48920                :::*                                25300/clash
udp        0      0 :::57164                :::*                                25300/clash
udp        0      0 :::34645                :::*                                25300/clash

#===================== 测试本机DNS查询(www.baidu.com) =====================#

Server:     127.0.0.1
Address:    127.0.0.1#53

Name:      www.baidu.com
Address 1: 198.18.0.65
*** Can't find www.baidu.com: No answer

#===================== 测试内核DNS查询(www.instagram.com) =====================#

Status: 0
TC: false
RD: true
RA: true
AD: false
CD: false

Question: 
  Name: www.instagram.com.
  Qtype: 1
  Qclass: 1

Answer: 
  TTL: 727
  data: geo-p42.instagram.com.
  name: www.instagram.com.
  type: 5

  TTL: 2748
  data: z-p42-instagram.c10r.instagram.com.
  name: geo-p42.instagram.com.
  type: 5

  TTL: 60
  data: 31.13.75.174
  name: z-p42-instagram.c10r.instagram.com.
  type: 1

Dnsmasq 当前默认 resolv 文件:/tmp/resolv.conf.d/resolv.conf.auto

#===================== /tmp/resolv.conf.auto =====================#

# Interface lan
nameserver 192.168.21.1
nameserver 114.114.114.114

#===================== /tmp/resolv.conf.d/resolv.conf.auto =====================#

# Interface lan
nameserver 192.168.21.1
nameserver 114.114.114.114

#===================== 测试本机网络连接(www.baidu.com) =====================#

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Fri, 06 Oct 2023 11:01:56 GMT
Etag: "575e1f60-115"
Last-Modified: Mon, 13 Jun 2016 02:50:08 GMT
Pragma: no-cache
Server: bfe/1.0.8.18

#===================== 测试本机网络下载(raw.githubusercontent.com) =====================#

HTTP/2 404 
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8
x-github-request-id: 63C6:47D6E:17BE6D:1A6DA2:651FE905
accept-ranges: bytes
date: Fri, 06 Oct 2023 11:01:56 GMT
via: 1.1 varnish
x-served-by: cache-nrt-rjtf7700041-NRT
x-cache: HIT
x-cache-hits: 1
x-timer: S1696590117.897229,VS0,VE0
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: f20d280f743a9b451699e0915b1fa5b68910fa73
expires: Fri, 06 Oct 2023 11:06:56 GMT
source-age: 29
content-length: 14

#===================== 最近运行日志(自动切换为Debug模式) =====================#

time="2023-10-06T11:01:16.238684381Z" level=info msg="[TCP] 192.168.21.11:55238 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:18.22899842Z" level=info msg="[TCP] 192.168.21.11:55254 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:18.232336564Z" level=info msg="[TCP] 192.168.21.11:55255 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:18.235458638Z" level=info msg="[TCP] 192.168.21.11:55256 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:20.235222102Z" level=info msg="[TCP] 192.168.21.11:55265 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:20.239322999Z" level=info msg="[TCP] 192.168.21.11:55266 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:20.243043567Z" level=info msg="[TCP] 192.168.21.11:55267 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:22.232297353Z" level=info msg="[TCP] 192.168.21.11:55272 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:22.235695573Z" level=info msg="[TCP] 192.168.21.11:55273 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:22.238665044Z" level=info msg="[TCP] 192.168.21.11:55274 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:24.230230196Z" level=info msg="[TCP] 192.168.21.11:55279 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:24.233483266Z" level=info msg="[TCP] 192.168.21.11:55280 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:24.236689806Z" level=info msg="[TCP] 192.168.21.11:55281 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:26.23225277Z" level=info msg="[TCP] 192.168.21.11:55286 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:26.236061975Z" level=info msg="[TCP] 192.168.21.11:55287 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:26.23940066Z" level=info msg="[TCP] 192.168.21.11:55288 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:28.22978485Z" level=info msg="[TCP] 192.168.21.11:55293 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:28.233252593Z" level=info msg="[TCP] 192.168.21.11:55294 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:28.237442504Z" level=info msg="[TCP] 192.168.21.11:55295 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:30.232337212Z" level=info msg="[TCP] 192.168.21.11:55300 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:30.236181766Z" level=info msg="[TCP] 192.168.21.11:55301 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:30.239495271Z" level=info msg="[TCP] 192.168.21.11:55302 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:32.229256572Z" level=info msg="[TCP] 192.168.21.11:55307 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:32.232552024Z" level=info msg="[TCP] 192.168.21.11:55308 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:32.235829158Z" level=info msg="[TCP] 192.168.21.11:55309 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:34.231033551Z" level=info msg="[TCP] 192.168.21.11:55314 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:34.234411665Z" level=info msg="[TCP] 192.168.21.11:55315 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:34.238114099Z" level=info msg="[TCP] 192.168.21.11:55316 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:36.231933164Z" level=info msg="[TCP] 192.168.21.11:55321 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:36.23553981Z" level=info msg="[TCP] 192.168.21.11:55322 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:36.239327814Z" level=info msg="[TCP] 192.168.21.11:55323 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:38.233158788Z" level=info msg="[TCP] 192.168.21.11:55328 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:38.236762707Z" level=info msg="[TCP] 192.168.21.11:55329 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:38.240042866Z" level=info msg="[TCP] 192.168.21.11:55330 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:39.20191923Z" level=info msg="[TCP] 192.168.21.11:55332 --> 46-courier.push.apple.com:5223 match GeoSite(geolocation-!cn) using 🐠CN漏网之鱼[DIRECT]"
time="2023-10-06T11:01:39.786741762Z" level=info msg="[TCP] 192.168.21.13:44864 --> 223.5.5.5:853 match RuleSet(liangyi-dns-direct) using DIRECT"
time="2023-10-06T11:01:40.048785777Z" level=info msg="[TCP] 192.168.21.11:55334 --> courier-ab-vs.push.apple.com:5223 match GeoSite(geolocation-!cn) using 🐠CN漏网之鱼[DIRECT]"
time="2023-10-06T11:01:40.233961195Z" level=info msg="[TCP] 192.168.21.11:55337 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:40.237786805Z" level=info msg="[TCP] 192.168.21.11:55338 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:40.241765523Z" level=info msg="[TCP] 192.168.21.11:55339 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:40.731840459Z" level=info msg="[TCP] 192.168.21.11:55341 --> fmfmobile.fe.apple-dns.cn:443 match GeoSite(apple@cn) using 🎯直连回国[DIRECT]"
time="2023-10-06T11:01:42.230919861Z" level=info msg="[TCP] 192.168.21.11:55345 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:42.234283517Z" level=info msg="[TCP] 192.168.21.11:55346 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:42.237671282Z" level=info msg="[TCP] 192.168.21.11:55347 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:43.828368223Z" level=info msg="[TCP] 192.168.21.11:55351 --> firebaselogging-pa.googleapis.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:43.832749032Z" level=info msg="[TCP] 192.168.21.11:55352 --> firebaselogging-pa.googleapis.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:43.836903357Z" level=info msg="[TCP] 192.168.21.11:55353 --> firebaselogging-pa.googleapis.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:44.233373167Z" level=info msg="[TCP] 192.168.21.11:55355 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:44.237075823Z" level=info msg="[TCP] 192.168.21.11:55356 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:44.239995075Z" level=info msg="[TCP] 192.168.21.11:55357 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:46.229949709Z" level=info msg="[TCP] 192.168.21.11:55362 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:46.234047444Z" level=info msg="[TCP] 192.168.21.11:55363 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:46.237565649Z" level=info msg="[TCP] 192.168.21.11:55364 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:48.23002233Z" level=info msg="[TCP] 192.168.21.11:55369 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:48.233448968Z" level=info msg="[TCP] 192.168.21.11:55370 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:48.237410345Z" level=info msg="[TCP] 192.168.21.11:55371 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:50.231161753Z" level=info msg="[TCP] 192.168.21.11:55376 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:50.234530154Z" level=info msg="[TCP] 192.168.21.11:55377 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:50.237913557Z" level=info msg="[TCP] 192.168.21.11:55378 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:52.231941105Z" level=info msg="[TCP] 192.168.21.11:55383 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:52.235657264Z" level=info msg="[TCP] 192.168.21.11:55384 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:52.23869484Z" level=info msg="[TCP] 192.168.21.11:55385 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:54.231998126Z" level=info msg="[TCP] 192.168.21.11:55390 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:54.237522224Z" level=info msg="[TCP] 192.168.21.11:55391 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:54.240428563Z" level=info msg="[TCP] 192.168.21.11:55392 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:56.06851769Z" level=info msg="[TCP] 192.168.21.2:51000 --> www.baidu.com:80 match GeoSite(CN) using 🎯直连回国[DIRECT]"
time="2023-10-06T11:01:56.236899132Z" level=info msg="[TCP] 192.168.21.11:55397 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:56.240872524Z" level=info msg="[TCP] 192.168.21.11:55398 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:56.244446725Z" level=info msg="[TCP] 192.168.21.11:55399 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:56.595213827Z" level=info msg="[TCP] 192.168.21.2:56128 --> raw.githubusercontent.com:443 match GeoSite(github) using ⭐Github[🏴\u200d☠️ cf-worker-cdn]"
time="2023-10-06T11:01:58.23202737Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:01:58.233104897Z" level=info msg="[TCP] 192.168.21.11:55404 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:58.236057427Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:01:58.237046802Z" level=info msg="[TCP] 192.168.21.11:55405 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:01:58.239129346Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:01:58.240049607Z" level=info msg="[TCP] 192.168.21.11:55406 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:00.230241781Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:00.231336239Z" level=info msg="[TCP] 192.168.21.11:55410 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:00.234049078Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:00.235020513Z" level=info msg="[TCP] 192.168.21.11:55412 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:00.237590061Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:00.238574768Z" level=info msg="[TCP] 192.168.21.11:55413 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:02.230893264Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:02.231975322Z" level=info msg="[TCP] 192.168.21.11:55417 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:02.234359818Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:02.235333781Z" level=info msg="[TCP] 192.168.21.11:55418 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:02.237701649Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:02.238655183Z" level=info msg="[TCP] 192.168.21.11:55419 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:04.233190925Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:04.234253001Z" level=info msg="[TCP] 192.168.21.11:55424 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:04.236876763Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:04.237835846Z" level=info msg="[TCP] 192.168.21.11:55425 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:04.240288709Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:04.241754796Z" level=info msg="[TCP] 192.168.21.11:55426 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:06.231330598Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:06.232372565Z" level=info msg="[TCP] 192.168.21.11:55431 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:06.23462848Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:06.235666735Z" level=info msg="[TCP] 192.168.21.11:55432 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"
time="2023-10-06T11:02:06.237972344Z" level=debug msg="[Rule] use default rules"
time="2023-10-06T11:02:06.23892174Z" level=info msg="[TCP] 192.168.21.11:55433 --> otheve.beacon.qq.com:443 match RuleSet(BanEasyPrivacy) using 🛑广告拦截[REJECT]"

#===================== 最近运行日志获取完成(自动切换为silent模式) =====================#

#===================== 活动连接信息 =====================#

1. SourceIP:【192.168.21.11】 - Host:【content-autofill.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
2. SourceIP:【192.168.21.11】 - Host:【courier-ab-vs.push.apple.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【geolocation-!cn】 - Lastchain:【DIRECT】
3. SourceIP:【192.168.21.11】 - Host:【www.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
4. SourceIP:【192.168.21.11】 - Host:【content-autofill.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
5. SourceIP:【192.168.21.11】 - Host:【z1.ax1x.com】 - DestinationIP:【5.9.60.155】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【DIRECT】
6. SourceIP:【192.168.21.11】 - Host:【imgloc.com】 - DestinationIP:【162.159.153.10】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【DIRECT】
7. SourceIP:【192.168.21.11】 - Host:【clients4.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
8. SourceIP:【192.168.21.11】 - Host:【encrypted-tbn0.gstatic.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
9. SourceIP:【192.168.21.11】 - Host:【sb.adtidy.org】 - DestinationIP:【104.18.25.57】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【DIRECT】
10. SourceIP:【192.168.21.11】 - Host:【vscode-sync.trafficmanager.net】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【geolocation-!cn】 - Lastchain:【DIRECT】
11. SourceIP:【192.168.21.11】 - Host:【imgse.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
12. SourceIP:【192.168.21.11】 - Host:【github.githubassets.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
13. SourceIP:【192.168.21.11】 - Host:【3o.hk】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【geolocation-!cn】 - Lastchain:【DIRECT】
14. SourceIP:【192.168.21.11】 - Host:【imgse.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
15. SourceIP:【192.168.21.11】 - Host:【content-autofill.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
16. SourceIP:【192.168.21.11】 - Host:【safebrowsing.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
17. SourceIP:【192.168.21.11】 - Host:【safebrowsing.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
18. SourceIP:【192.168.21.11】 - Host:【alive.github.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
19. SourceIP:【192.168.21.13】 - Host:【Empty】 - DestinationIP:【120.133.59.13】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【DIRECT】
20. SourceIP:【192.168.21.11】 - Host:【imgse.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
21. SourceIP:【192.168.21.11】 - Host:【camo.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
22. SourceIP:【192.168.21.11】 - Host:【apis.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
23. SourceIP:【192.168.21.11】 - Host:【imgse.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
24. SourceIP:【192.168.21.11】 - Host:【fmfmobile.fe.apple-dns.cn】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【apple@cn】 - Lastchain:【DIRECT】
25. SourceIP:【192.168.21.11】 - Host:【www.gstatic.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
26. SourceIP:【192.168.21.11】 - Host:【a.nel.cloudflare.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【geolocation-!cn】 - Lastchain:【DIRECT】
27. SourceIP:【192.168.21.11】 - Host:【encrypted-tbn0.gstatic.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
28. SourceIP:【192.168.21.11】 - Host:【content-autofill.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
29. SourceIP:【192.168.21.11】 - Host:【www.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
30. SourceIP:【192.168.21.11】 - Host:【github.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🏴‍☠️ cf-worker-cdn】
31. SourceIP:【192.168.21.11】 - Host:【accounts.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🏴‍☠️ cf-worker-cdn】

OpenClash Config

No response

Expected Behavior

未配置相关选项时不填加相关的NAT规则,以防混淆

Screenshots

No response

github-actions[bot] commented 9 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days

jacobin commented 4 months ago

Hi,您好,想明白了吗?