Closed GeekXtop closed 8 months ago
走了V6了吧
走了V6了吧
我特意重装了openwrt系统,并且只安装了openclash一个组件,没有开启IPv6代理 后面也开启ipv6代理试过 不管怎么设置,在网络诊断中,v4和v6都是不通的,
之所以发现这个问题是因为 网易云解锁插件,需要用yt-dlp,装好不管怎么折腾都不走代理,才发现这个本机代理没有生效 您是否也使用ImmortalWrt??可否测试看一下本机成功走代理是什么样的
我猜是依赖问题
因为用词是安装,而不是编译勾选填写等词。加上日志中有未安装,所以可能还缺少主依赖下的辅依赖。
我猜是依赖问题
因为用词是安装,而不是编译勾选填写等词。加上日志中有未安装,所以可能还缺少主依赖下的辅依赖。
试了,就一个ipset未安装,装上之后重启也没有变化
试了,就一个ipset未安装,装上之后重启也没有变化
我不单纯是这个意思。
这些依赖都该是安装openclash时会自动联网下载安装的。
你最初编辑的日志中oc检查的依赖甚至没有一个是已安装,所以你的安装过程是不正常的。
就拿ipset来说吧,安装它的同时还要安装libipset才能正常工作。
我应该写子依赖更合适吧,但辅依赖表示的范围大一些。
试了,就一个ipset未安装,装上之后重启也没有变化
我不单纯是这个意思。
这些依赖都该是安装openclash时会自动联网下载安装的。
你最初编辑的日志中oc检查的依赖甚至没有一个是已安装,所以你的安装过程是不正常的。
就拿ipset来说吧,安装它的同时还要安装libipset才能正常工作。
我应该写子依赖更合适吧,但辅依赖表示的范围大一些。
啊这。未检测到安装的问题是OC的问题吗?我发现生成日志的时候偶尔会出现这种情况。我的操作就是下载最新的immortalwrt,然后在包管理里面安装oc,没有别的操作了
我之前也有用kiddin9那版固件,也是不行的
如果是依赖安装不正常的话,那应该用不了才对,现在是只有本机代理不生效,其它功能看起来是一切正常的,所有客户端也可以正常代理
卸载oc不卸载依赖显示如下
您可以指导一下正确操作吗
我记得icmp不走tunnel模式是无法被代理的
我记得icmp不走tunnel模式是无法被代理的
草,傻逼了,没注意看图片,只盯着文字了。。。。 应该用wget测
发现消息时已经在跑编译了 所以干脆没停(虽然是x86)
wget测试
yt-dlp下载测试
ImmortalWrt 23.05-SNAPSHOT r27458-a83b379a31 oc版本v0.45.164 Meta核: alpha-gedf318b Redir-Host的tun模式(题主应该是这个吧) v6开不开都试了(tun模式)(本地和节点都是通v6的)
如果是依赖安装不正常的话,那应该用不了才对,现在是只有本机代理不生效,其它功能看起来是一切正常的,所有客户端也可以正常代理
前有一个issue,大概找了一下没找到,大致就是“上网功能完全正常,但自定义规则就是没法生效,也不报错,别的功能正常,调试日志正常”,最后人一点一点查,就是ruby少了一个子依赖。人家没显示未安装都少了,你这就加强一下怀疑了。
卸载oc不卸载依赖显示如下
你早晒出来这张图,我就不和你扯依赖了,因为着实被你最早的那份依赖里的未安装数量吓到了
另:边码字边换着插件编译了三次,也刷了三次固件,没有一次出现你的那种批量未安装的问题,所以现在又换方向猜了XD
试下opkg update看看,再不行直接干掉重刷了(或许试试别的版本?) 这一堆依赖你也不晓得漏了哪个,就不要浪费时间找了
我记得icmp不走tunnel模式是无法被代理的
草,傻逼了,没注意看图片,只盯着文字了。。。。 应该用wget测
发现消息时已经在跑编译了 所以干脆没停(虽然是x86)
wget测试
yt-dlp下载测试
ImmortalWrt 23.05-SNAPSHOT r27458-a83b379a31 oc版本v0.45.164 Meta核: alpha-gedf318b Redir-Host的tun模式(题主应该是这个吧) v6开不开都试了(tun模式)(本地和节点都是通v6的)
如果是依赖安装不正常的话,那应该用不了才对,现在是只有本机代理不生效,其它功能看起来是一切正常的,所有客户端也可以正常代理
前有一个issue,大概找了一下没找到,大致就是“上网功能完全正常,但自定义规则就是没法生效,也不报错,别的功能正常,调试日志正常”,最后人一点一点查,就是ruby少了一个子依赖。人家没显示未安装都少了,你这就加强一下怀疑了。
卸载oc不卸载依赖显示如下
你早晒出来这张图,我就不和你扯依赖了,因为着实被你最早的那份依赖里的未安装数量吓到了
另:边码字边换着插件编译了三次,也刷了三次固件,没有一次出现你的那种批量未安装的问题,所以现在又换方向猜了XD
顺手,仅供测试使用
CONFIG_TARGET_rockchip=y CONFIG_TARGET_rockchip_armv8=y CONFIG_TARGET_rockchip_armv8_DEVICE_lunzn_fastrhino-r66s=y CONFIG_LIBCURL_COOKIES=y CONFIG_LIBCURL_CRYPTO_AUTH=y CONFIG_LIBCURL_FILE=y CONFIG_LIBCURL_FTP=y CONFIG_LIBCURL_HTTP=y CONFIG_LIBCURL_NGHTTP2=y CONFIG_LIBCURL_OPENSSL=y CONFIG_LIBCURL_PROXY=y CONFIG_LIBCURL_TFTP=y CONFIG_LIBCURL_THREADED_RESOLVER=y CONFIG_LIBCURL_TLS_SRP=y CONFIG_LIBCURL_UNIX_SOCKETS=y CONFIG_NODEJS_ICU_SMALL=y CONFIG_PACKAGE_bash=y CONFIG_PACKAGE_ca-certificates=y CONFIG_PACKAGE_coreutils=y CONFIG_PACKAGE_coreutils-nohup=y CONFIG_PACKAGE_curl=y CONFIG_PACKAGE_ip-full=y CONFIG_PACKAGE_ipset=y CONFIG_PACKAGE_kmod-inet-diag=y CONFIG_PACKAGE_kmod-ipt-core=y CONFIG_PACKAGE_kmod-ipt-ipset=y CONFIG_PACKAGE_kmod-nf-ipt=y CONFIG_PACKAGE_kmod-tun=y CONFIG_PACKAGE_libatomic=y CONFIG_PACKAGE_libbpf=y CONFIG_PACKAGE_libbz2=y CONFIG_PACKAGE_libcap=y CONFIG_PACKAGE_libcap-bin=y CONFIG_PACKAGE_libcap-bin-capsh-shell="/bin/sh" CONFIG_PACKAGE_libcares=y CONFIG_PACKAGE_libcurl=y CONFIG_PACKAGE_libelf=y CONFIG_PACKAGE_libffi=y CONFIG_PACKAGE_libipset=y CONFIG_PACKAGE_libnghttp2=y CONFIG_PACKAGE_libpython3=y CONFIG_PACKAGE_libreadline=y CONFIG_PACKAGE_libruby=y CONFIG_PACKAGE_libsqlite3=y CONFIG_PACKAGE_libstdcpp=y CONFIG_PACKAGE_libyaml=y CONFIG_PACKAGE_luci-app-openclash=y CONFIG_PACKAGE_luci-app-unblockneteasemusic=y CONFIG_PACKAGE_luci-theme-material=y CONFIG_PACKAGE_node=y CONFIG_PACKAGE_python3-asyncio=y CONFIG_PACKAGE_python3-base=y CONFIG_PACKAGE_python3-codecs=y CONFIG_PACKAGE_python3-ctypes=y CONFIG_PACKAGE_python3-email=y CONFIG_PACKAGE_python3-light=y CONFIG_PACKAGE_python3-logging=y CONFIG_PACKAGE_python3-openssl=y CONFIG_PACKAGE_python3-sqlite3=y CONFIG_PACKAGE_python3-urllib=y CONFIG_PACKAGE_python3-uuid=y CONFIG_PACKAGE_python3-xml=y CONFIG_PACKAGE_ruby=y CONFIG_PACKAGE_ruby-bigdecimal=y CONFIG_PACKAGE_ruby-date=y CONFIG_PACKAGE_ruby-digest=y CONFIG_PACKAGE_ruby-enc=y CONFIG_PACKAGE_ruby-forwardable=y CONFIG_PACKAGE_ruby-pstore=y CONFIG_PACKAGE_ruby-psych=y CONFIG_PACKAGE_ruby-stringio=y CONFIG_PACKAGE_ruby-yaml=y CONFIG_PACKAGE_unzip=y CONFIG_PACKAGE_yt-dlp=y CONFIG_PACKAGE_zlib=y CONFIG_SQLITE3_COLUMN_METADATA=y CONFIG_SQLITE3_DYNAMIC_EXTENSIONS=y CONFIG_SQLITE3_FTS3=y CONFIG_SQLITE3_FTS4=y CONFIG_SQLITE3_FTS5=y CONFIG_SQLITE3_RTREE=y
为能上传,分卷压缩,加了后缀.ZIP
immortalwrt-rockchip-armv8-lunzn_fastrhino-r66s-squashfs-sysupgrade.img.zip.001.ZIP immortalwrt-rockchip-armv8-lunzn_fastrhino-r66s-squashfs-sysupgrade.img.zip.002.ZIP immortalwrt-rockchip-armv8-lunzn_fastrhino-r66s-squashfs-sysupgrade.img.gz.sha256.ZIP
感谢大佬耐心解答。重新搞了一遍,目前可以了
我记得icmp不走tunnel模式是无法被代理的
草,傻逼了,没注意看图片,只盯着文字了。。。。 应该用wget测 发现消息时已经在跑编译了 所以干脆没停(虽然是x86) wget测试 yt-dlp下载测试 ImmortalWrt 23.05-SNAPSHOT r27458-a83b379a31 oc版本v0.45.164 Meta核: alpha-gedf318b Redir-Host的tun模式(题主应该是这个吧) v6开不开都试了(tun模式)(本地和节点都是通v6的)
如果是依赖安装不正常的话,那应该用不了才对,现在是只有本机代理不生效,其它功能看起来是一切正常的,所有客户端也可以正常代理
前有一个issue,大概找了一下没找到,大致就是“上网功能完全正常,但自定义规则就是没法生效,也不报错,别的功能正常,调试日志正常”,最后人一点一点查,就是ruby少了一个子依赖。人家没显示未安装都少了,你这就加强一下怀疑了。
卸载oc不卸载依赖显示如下
你早晒出来这张图,我就不和你扯依赖了,因为着实被你最早的那份依赖里的未安装数量吓到了 另:边码字边换着插件编译了三次,也刷了三次固件,没有一次出现你的那种批量未安装的问题,所以现在又换方向猜了XD 顺手,仅供测试使用
CONFIG_TARGET_rockchip=y CONFIG_TARGET_rockchip_armv8=y CONFIG_TARGET_rockchip_armv8_DEVICE_lunzn_fastrhino-r66s=y CONFIG_LIBCURL_COOKIES=y CONFIG_LIBCURL_CRYPTO_AUTH=y CONFIG_LIBCURL_FILE=y CONFIG_LIBCURL_FTP=y CONFIG_LIBCURL_HTTP=y CONFIG_LIBCURL_NGHTTP2=y CONFIG_LIBCURL_OPENSSL=y CONFIG_LIBCURL_PROXY=y CONFIG_LIBCURL_TFTP=y CONFIG_LIBCURL_THREADED_RESOLVER=y CONFIG_LIBCURL_TLS_SRP=y CONFIG_LIBCURL_UNIX_SOCKETS=y CONFIG_NODEJS_ICU_SMALL=y CONFIG_PACKAGE_bash=y CONFIG_PACKAGE_ca-certificates=y CONFIG_PACKAGE_coreutils=y CONFIG_PACKAGE_coreutils-nohup=y CONFIG_PACKAGE_curl=y CONFIG_PACKAGE_ip-full=y CONFIG_PACKAGE_ipset=y CONFIG_PACKAGE_kmod-inet-diag=y CONFIG_PACKAGE_kmod-ipt-core=y CONFIG_PACKAGE_kmod-ipt-ipset=y CONFIG_PACKAGE_kmod-nf-ipt=y CONFIG_PACKAGE_kmod-tun=y CONFIG_PACKAGE_libatomic=y CONFIG_PACKAGE_libbpf=y CONFIG_PACKAGE_libbz2=y CONFIG_PACKAGE_libcap=y CONFIG_PACKAGE_libcap-bin=y CONFIG_PACKAGE_libcap-bin-capsh-shell="/bin/sh" CONFIG_PACKAGE_libcares=y CONFIG_PACKAGE_libcurl=y CONFIG_PACKAGE_libelf=y CONFIG_PACKAGE_libffi=y CONFIG_PACKAGE_libipset=y CONFIG_PACKAGE_libnghttp2=y CONFIG_PACKAGE_libpython3=y CONFIG_PACKAGE_libreadline=y CONFIG_PACKAGE_libruby=y CONFIG_PACKAGE_libsqlite3=y CONFIG_PACKAGE_libstdcpp=y CONFIG_PACKAGE_libyaml=y CONFIG_PACKAGE_luci-app-openclash=y CONFIG_PACKAGE_luci-app-unblockneteasemusic=y CONFIG_PACKAGE_luci-theme-material=y CONFIG_PACKAGE_node=y CONFIG_PACKAGE_python3-asyncio=y CONFIG_PACKAGE_python3-base=y CONFIG_PACKAGE_python3-codecs=y CONFIG_PACKAGE_python3-ctypes=y CONFIG_PACKAGE_python3-email=y CONFIG_PACKAGE_python3-light=y CONFIG_PACKAGE_python3-logging=y CONFIG_PACKAGE_python3-openssl=y CONFIG_PACKAGE_python3-sqlite3=y CONFIG_PACKAGE_python3-urllib=y CONFIG_PACKAGE_python3-uuid=y CONFIG_PACKAGE_python3-xml=y CONFIG_PACKAGE_ruby=y CONFIG_PACKAGE_ruby-bigdecimal=y CONFIG_PACKAGE_ruby-date=y CONFIG_PACKAGE_ruby-digest=y CONFIG_PACKAGE_ruby-enc=y CONFIG_PACKAGE_ruby-forwardable=y CONFIG_PACKAGE_ruby-pstore=y CONFIG_PACKAGE_ruby-psych=y CONFIG_PACKAGE_ruby-stringio=y CONFIG_PACKAGE_ruby-yaml=y CONFIG_PACKAGE_unzip=y CONFIG_PACKAGE_yt-dlp=y CONFIG_PACKAGE_zlib=y CONFIG_SQLITE3_COLUMN_METADATA=y CONFIG_SQLITE3_DYNAMIC_EXTENSIONS=y CONFIG_SQLITE3_FTS3=y CONFIG_SQLITE3_FTS4=y CONFIG_SQLITE3_FTS5=y CONFIG_SQLITE3_RTREE=y
为能上传,分卷压缩,加了后缀.ZIP immortalwrt-rockchip-armv8-lunzn_fastrhino-r66s-squashfs-sysupgrade.img.zip.001.ZIP immortalwrt-rockchip-armv8-lunzn_fastrhino-r66s-squashfs-sysupgrade.img.zip.002.ZIP immortalwrt-rockchip-armv8-lunzn_fastrhino-r66s-squashfs-sysupgrade.img.gz.sha256.ZIP
感谢大佬耐心解答。重新搞了一遍,目前可以了
大佬这个无法代理openwrt本机的问题搞定啦? 我被这个问题困扰了两天了,我是从全能推送电报推送消息发现的这个问题。
Verify Steps
OpenClash Version
v0.45.157-246
Bug on Environment
Immortalwrt
OpenWrt Version
ImmortalWrt 23.05.1 r27304-31bc47589e / LuCI openwrt-23.05 branch git-23.313.50115-e3df634
Bug on Platform
Linux-arm64
Describe the Bug
[Bug] 路由本机代理不生效 为了测试专门重装系统,只安装openclash 没有开启IPv6代理 路由器本机无法ping通谷歌,PC手机等客户端使用一切正常 日志太长,删除了proxies和rule部分
To Reproduce
[Bug] 路由本机代理不生效
OpenClash Log
===================== 系统信息 =====================
主机型号: Lunzn FastRhino R66S 固件版本: ImmortalWrt 23.05.1 r27304-31bc47589e LuCI版本: git-23.051.66410-a505bb1 内核版本: 5.15.137 处理器架构:
此项有值时,如不使用IPv6,建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: hybrid
DNS劫持: Dnsmasq 转发
DNS劫持为Dnsmasq时,此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.0.1#7874
===================== 依赖检查 =====================
dnsmasq-full: 已安装 coreutils: 已安装 coreutils-nohup: 已安装 bash: 已安装 curl: 已安装 ca-certificates: 已安装 ipset: 未安装 ip-full: 已安装 libcap: 已安装 libcap-bin: 已安装 ruby: 已安装 ruby-yaml: 已安装 ruby-psych: 已安装 ruby-pstore: 已安装 kmod-tun(TUN模式): 已安装 luci-compat(Luci >= 19.07): 已安装 kmod-inet-diag(PROCESS-NAME): 已安装 unzip: 已安装 kmod-nft-tproxy: 已安装
===================== 内核检查 =====================
运行状态: 运行中 运行内核:Meta 进程pid: 16729 运行权限: 16729: cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_ptrace,cap_sys_resource=eip 运行用户: nobody 已选择的架构: linux-arm64
下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 2023.08.17-13-gdcc8d87 Tun内核文件: 存在 Tun内核运行权限: 正常
Dev内核版本: v1.18.0-13-gd034a40 Dev内核文件: 存在 Dev内核运行权限: 正常
Meta内核版本: alpha-gcc64297 Meta内核文件: 存在 Meta内核运行权限: 正常
===================== 插件设置 =====================
当前配置文件: /etc/openclash/config/config.yaml 启动配置文件: /etc/openclash/config.yaml 运行模式: redir-host-mix 默认代理模式: rule UDP流量转发(tproxy): 停用 自定义DNS: 停用 IPV6代理: 停用 IPV6-DNS解析: 停用 禁用Dnsmasq缓存: 启用 自定义规则: 停用 仅允许内网: 启用 仅代理命中规则流量: 停用 仅允许常用端口流量: 停用 绕过中国大陆IP: 启用 路由本机代理: 启用
启动异常时建议关闭此项后重试
混合节点: 停用 保留配置: 停用
启动异常时建议关闭此项后重试
第三方规则: 停用
===================== 配置文件 =====================
port: 7890 socks-port: 7891 redir-port: 7892 mixed-port: 7893 allow-lan: true mode: rule log-level: info ipv6: false external-controller: 0.0.0.0:9090 clash-for-android: append-system-dns: false profile: tracing: true store-selected: true experimental: sniff-tls-sni: true dns: enable: true listen: 0.0.0.0:7874 default-nameserver:
tls://8.8.4.4:853 fallback-filter: geoip: false ipcidr:
type: select proxies:
tproxy-port: 7895 bind-address: "*" external-ui: "/usr/share/openclash/ui" tcp-concurrent: true unified-delay: true sniffer: enable: true force-dns-mapping: true parse-pure-ip: true tun: enable: true stack: system device: utun auto-route: false auto-detect-interface: false dns-hijack:
===================== 自定义覆写设置 =====================
exit 0
===================== 自定义防火墙设置 =====================
!/bin/sh
. /usr/share/openclash/log.sh . /lib/functions.sh
This script is called by /etc/init.d/openclash
Add your custom firewall rules here, they will be added after the end of the OpenClash iptables rules
LOG_OUT "Tip: Start Add Custom Firewall Rules..."
exit 0
===================== IPTABLES 防火墙设置 =====================
IPv4 NAT chain
IPv4 Mangle chain
IPv4 Filter chain
IPv6 NAT chain
IPv6 Mangle chain
IPv6 Filter chain
===================== NFTABLES 防火墙设置 =====================
table inet fw4 { chain input { type filter hook input priority filter; policy drop; iifname "pppoe-wan" ip saddr != @localnetwork counter packets 5476 bytes 3359610 jump openclash_wan_input iifname "eth1" ip saddr != @localnetwork counter packets 0 bytes 0 jump openclash_wan_input iifname "lo" accept comment "!fw4: Accept traffic from loopback" ct state established,related accept comment "!fw4: Allow inbound established and related flows" tcp flags syn / fin,syn,rst,ack jump syn_flood comment "!fw4: Rate limit TCP syn packets" iifname { "utun", "br-lan" } jump input_lan comment "!fw4: Handle lan IPv4/IPv6 input traffic" iifname { "eth1", "pppoe-wan" } jump input_wan comment "!fw4: Handle wan IPv4/IPv6 input traffic" jump handle_reject } } table inet fw4 { chain forward { type filter hook forward priority filter; policy drop; oifname "utun" udp dport 443 ip daddr != @china_ip_route counter packets 10 bytes 12780 reject with icmp port-unreachable comment "OpenClash QUIC REJECT" meta l4proto { tcp, udp } oifname "utun" counter packets 0 bytes 0 accept comment "OpenClash TUN Forward" meta l4proto { tcp, udp } flow add @ft ct state established,related accept comment "!fw4: Allow forwarded established and related flows" iifname { "utun", "br-lan" } jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic" iifname { "eth1", "pppoe-wan" } jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic" jump handle_reject } } table inet fw4 { chain dstnat { type nat hook prerouting priority dstnat; policy accept; meta nfproto ipv4 tcp dport 53 counter packets 0 bytes 0 accept comment "OpenClash TCP DNS Hijack" udp dport 53 counter packets 0 bytes 0 redirect to :53 comment "OpenClash DNS Hijack" tcp dport 53 counter packets 0 bytes 0 redirect to :53 comment "OpenClash DNS Hijack" iifname { "eth1", "pppoe-wan" } jump dstnat_wan comment "!fw4: Handle wan IPv4/IPv6 dstnat traffic" ip protocol tcp counter packets 206 bytes 10784 jump openclash } } table inet fw4 { chain srcnat { type nat hook postrouting priority srcnat; policy accept; oifname { "eth1", "pppoe-wan" } jump srcnat_wan comment "!fw4: Handle wan IPv4/IPv6 srcnat traffic" } } table inet fw4 { chain nat_output { type nat hook output priority filter - 1; policy accept; ip protocol tcp counter packets 481 bytes 28860 jump openclash_output } } table inet fw4 { chain mangle_prerouting { type filter hook prerouting priority mangle; policy accept; ip protocol udp counter packets 1080 bytes 137523 jump openclash_mangle meta nfproto ipv4 tcp dport 53 counter packets 0 bytes 0 jump openclash_dns_hijack } } table inet fw4 { chain mangle_output { type route hook output priority mangle; policy accept; meta nfproto ipv4 meta l4proto { tcp, udp } counter packets 13102 bytes 7601164 jump openclash_mangle_output } } table inet fw4 { chain openclash { ip daddr @localnetwork counter packets 14 bytes 728 return tcp dport != @common_ports counter packets 116 bytes 6116 return ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 10 bytes 508 return ip protocol tcp counter packets 67 bytes 3484 redirect to :7892 } } table inet fw4 { chain openclash_mangle { meta nfproto ipv4 udp sport 500 counter packets 0 bytes 0 return meta nfproto ipv4 udp sport 68 counter packets 0 bytes 0 return meta l4proto { tcp, udp } iifname "utun" counter packets 0 bytes 0 return ip daddr @localnetwork counter packets 1094 bytes 126521 return meta l4proto { tcp, udp } th dport != @common_ports counter packets 0 bytes 0 return ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 0 bytes 0 return ip protocol udp counter packets 10 bytes 12780 jump openclash_upnp meta l4proto { tcp, udp } th dport 0-65535 meta mark set 0x00000162 counter packets 10 bytes 12780 } } table inet fw4 { chain openclash_mangle_output { meta nfproto ipv4 udp sport 500 counter packets 0 bytes 0 return meta nfproto ipv4 udp sport 68 counter packets 0 bytes 0 return ip daddr @localnetwork counter packets 7757 bytes 7060667 return } } table inet fw4 { chain openclash_output { ip daddr @localnetwork counter packets 31 bytes 1860 return tcp dport != @common_ports meta skuid != 65534 counter packets 0 bytes 0 return meta skuid != 65534 ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 0 bytes 0 return ip protocol tcp meta skuid != 65534 counter packets 0 bytes 0 redirect to :7892 } } table inet fw4 { chain openclash_wan_input { udp dport { 7874, 7890, 7891, 7892, 7893, 7895, 9090 } counter packets 0 bytes 0 reject tcp dport { 7874, 7890, 7891, 7892, 7893, 7895, 9090 } counter packets 0 bytes 0 reject } } table inet fw4 { chain openclash_dns_hijack { } }
===================== IPSET状态 =====================
===================== 路由表状态 =====================
IPv4
route -n
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.216.192.1 0.0.0.0 UG 0 0 0 pppoe-wan 10.216.192.1 0.0.0.0 255.255.255.255 UH 0 0 0 pppoe-wan 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan 198.18.0.0 0.0.0.0 255.255.255.252 U 0 0 0 utun
ip route list
default via 10.216.192.1 dev pppoe-wan proto static 10.216.192.1 dev pppoe-wan proto kernel scope link src WAN IP.106 192.168.2.0/24 dev br-lan proto kernel scope link src 192.168.2.1 198.18.0.0/30 dev utun proto kernel scope link src 198.18.0.1
ip rule show
0: from all lookup local 32765: from all fwmark 0x162 lookup 354 32766: from all lookup main 32767: from all lookup default
IPv6
route -A inet6
Kernel IPv6 routing table Destination Next Hop Flags Metric Ref Use Iface ::/0 :: !n -1 2 0 lo
::/0 :: !n -1 2 0 lo
::/0 fe80::200:5eff:fe00:106 UG 512 6 0 pppoe-wan ::/0 fe80::200:5eff:fe00:106 UG 512 3 0 pppoe-wan 2409:8a0c:da2e:ec30::/64 :: U 1024 5 0 br-lan
2409:8a0c:da2e:ec30::/60 :: !n 2147483647 1 0 lo
2409:8a0d:da02:ec02::/64 :: !n 2147483647 2 0 lo
fd0c:7456:392e::/64 :: U 1024 5 0 br-lan
fd0c:7456:392e::/48 :: !n 2147483647 5 0 lo
fe80::200:5eff:fe00:106/128 :: U 256 1 0 pppoe-wan fe80::6c4e:9d04:d091:8476/128 :: U 256 2 0 pppoe-wan fe80::/64 :: U 256 1 0 eth1
fe80::/64 :: U 256 2 0 br-lan
fe80::/64 :: U 256 1 0 utun
::/0 :: !n -1 2 0 lo
::1/128 :: Un 0 7 0 lo
2409:8a0c:da2e:ec30::/128 :: Un 0 3 0 br-lan
2409:8a0c:da2e:ec30::1/128 :: Un 0 7 0 br-lan
2409:8a0d:da02:ec02::/128 :: Un 0 3 0 pppoe-wan WAN IP:8476/128 :: Un 0 5 0 pppoe-wan fd0c:7456:392e::/128 :: Un 0 3 0 br-lan
fd0c:7456:392e::1/128 :: Un 0 8 0 br-lan
fe80::/128 :: Un 0 6 0 eth1
fe80::/128 :: Un 0 3 0 br-lan
fe80::/128 :: Un 0 3 0 utun
fe80::6c4e:9d04:d091:8476/128 :: Un 0 3 0 pppoe-wan fe80::6c4e:9dff:fe91:8476/128 :: Un 0 4 0 eth1
fe80::6c4e:9dff:fe91:8477/128 :: Un 0 3 0 br-lan
fe80::e98c:8f:be2f:6a0d/128 :: Un 0 2 0 utun
ff00::/8 :: U 256 5 0 br-lan
ff00::/8 :: U 256 5 0 eth1
ff00::/8 :: U 256 3 0 pppoe-wan ff00::/8 :: U 256 3 0 utun
::/0 :: !n -1 2 0 lo
ip -6 route list
default from 2409:8a0c:da2e:ec30::/60 via fe80::200:5eff:fe00:106 dev pppoe-wan proto static metric 512 pref medium default from 2409:8a0d:da02:ec02::/64 via fe80::200:5eff:fe00:106 dev pppoe-wan proto static metric 512 pref medium 2409:8a0c:da2e:ec30::/64 dev br-lan proto static metric 1024 pref medium unreachable 2409:8a0c:da2e:ec30::/60 dev lo proto static metric 2147483647 pref medium unreachable 2409:8a0d:da02:ec02::/64 dev lo proto static metric 2147483647 pref medium fd0c:7456:392e::/64 dev br-lan proto static metric 1024 pref medium unreachable fd0c:7456:392e::/48 dev lo proto static metric 2147483647 pref medium fe80::200:5eff:fe00:106 dev pppoe-wan proto kernel metric 256 pref medium fe80::6c4e:9d04:d091:8476 dev pppoe-wan proto kernel metric 256 pref medium fe80::/64 dev eth1 proto kernel metric 256 pref medium fe80::/64 dev br-lan proto kernel metric 256 pref medium fe80::/64 dev utun proto kernel metric 256 pref medium
ip -6 rule show
0: from all lookup local 32766: from all lookup main 4200000000: from 2409:8a0c:da2e:ec30::1/60 iif br-lan unreachable
===================== Tun设备状态 =====================
utun: tun
===================== 端口占用状态 =====================
tcp 0 0 198.18.0.1:40081 0.0.0.0: LISTEN 16729/clash tcp 0 0 :::9090 ::: LISTEN 16729/clash tcp 0 0 :::7891 ::: LISTEN 16729/clash tcp 0 0 :::7890 ::: LISTEN 16729/clash tcp 0 0 :::7893 ::: LISTEN 16729/clash tcp 0 0 :::7892 ::: LISTEN 16729/clash tcp 0 0 :::7895 ::: LISTEN 16729/clash udp 0 0 :::7874 ::: 16729/clash udp 0 0 :::7891 ::: 16729/clash udp 0 0 :::7892 ::: 16729/clash udp 0 0 :::7893 ::: 16729/clash udp 0 0 :::7895 ::: 16729/clash
===================== 测试本机DNS查询(www.baidu.com) =====================
Server: 127.0.0.1 Address: 127.0.0.1:53
Name: www.baidu.com Address: 39.156.66.18 Name: www.baidu.com Address: 39.156.66.14
===================== 测试内核DNS查询(www.instagram.com) =====================
Status: 0 TC: false RD: true RA: true AD: false CD: false
Question: Name: www.instagram.com. Qtype: 1 Qclass: 1
Answer: TTL: 16 data: 69.63.176.143 name: www.instagram.com. type: 1
Dnsmasq 当前默认 resolv 文件:/tmp/resolv.conf.d/resolv.conf.auto
===================== /tmp/resolv.conf.auto =====================
Interface wan
nameserver 211.138.106.7 nameserver 211.138.106.2
Interface wan_6
nameserver 2409:800c:2000::7 nameserver 2409:800c:2000::2
===================== /tmp/resolv.conf.d/resolv.conf.auto =====================
Interface wan
nameserver 211.138.106.7 nameserver 211.138.106.2
Interface wan_6
nameserver 2409:800c:2000::7 nameserver 2409:800c:2000::2
===================== 测试本机网络连接(www.baidu.com) =====================
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform Connection: keep-alive Content-Length: 277 Content-Type: text/html Date: Wed, 10 Jan 2024 18:47:41 GMT Etag: "575e1f59-115" Last-Modified: Mon, 13 Jun 2016 02:50:01 GMT Pragma: no-cache Server: bfe/1.0.8.18
===================== 测试本机网络下载(raw.githubusercontent.com) =====================
HTTP/2 404 content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security: max-age=31536000 x-content-type-options: nosniff x-frame-options: deny x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 x-github-request-id: 4724:21C383:7EC6C:8E48C:659EE627 accept-ranges: bytes date: Wed, 10 Jan 2024 18:47:41 GMT via: 1.1 varnish x-served-by: cache-nrt-rjtf7700034-NRT x-cache: HIT x-cache-hits: 1 x-timer: S1704912462.734962,VS0,VE1 vary: Authorization,Accept-Encoding,Origin access-control-allow-origin: * cross-origin-resource-policy: cross-origin x-fastly-request-id: 9ec6ce0ddf3faf7908a579692dab90a9b3c2801d expires: Wed, 10 Jan 2024 18:52:41 GMT source-age: 30 content-length: 14
===================== 最近运行日志(自动切换为Debug模式) =====================
[36mINFO[0m[2024-01-10T18:41:17.692611532Z] [TCP] 192.168.2.181:1721 --> dealer.spotify.com:443 match DomainKeyword(spotify) using 代理[🇨🇳 Taiwan | 05] [36mINFO[0m[2024-01-10T18:41:18.160013765Z] [TCP] 192.168.2.181:1722 --> dealer.spotify.com:443 match DomainKeyword(spotify) using 代理[🇨🇳 Taiwan | 05] [36mINFO[0m[2024-01-10T18:41:20.503469405Z] [TCP] 192.168.2.181:1723 --> 172.217.160.74:443 match IPCIDR(172.217.0.0/16) using 代理[🇨🇳 Taiwan | 05] [36mINFO[0m[2024-01-10T18:41:23.027493178Z] [TCP] 192.168.2.181:1726 --> 108.160.163.102:443 match Match using 规则外路由选择[🇨🇳 Taiwan | 05] [36mINFO[0m[2024-01-10T18:41:25.588913254Z] [TCP] 192.168.2.181:1728 --> 108.160.163.102:443 match Match using 规则外路由选择[🇨🇳 Taiwan | 05] [36mINFO[0m[2024-01-10T18:41:27.243388226Z] [TCP] 192.168.2.181:1730 --> 162.125.17.131:443 match Match using 规则外路由选择[🇨🇳 Taiwan | 05]
===================== 最近运行日志获取完成(自动切换为silent模式) =====================
===================== 活动连接信息 =====================
OpenClash Config
Expected Behavior
路由本机代理生效
Additional Context