search

vernesong / OpenClash

A Clash Client For OpenWrt
MIT License
15.74k stars 2.94k forks source link

[Bug] 禁用 QUIC 对 IPv6 TUN 模式 无效 #3863

Open snachx opened 2 months ago

snachx commented 2 months ago

Verify Steps

OpenClash Version

v0.46.007-beta

Bug on Environment

Lean

OpenWrt Version

Openwrt 23.05.3

Bug on Platform

Linux-arm64

Describe the Bug

Meta 内核 运行模式 Redir-Host(TUN) 禁用 QUIC IPv6 代理模式 TUN 模式

以上设置的前提下,验证发现 IPv6 下会添加 quic reject 规则到 input 链,不会添加到 forward 链 https://github.com/vernesong/OpenClash/blob/e9575929f8bbec1c511dc237aefe5d5a33733e6f/luci-app-openclash/root/etc/init.d/openclash#L2895 作为对比, IPv4 下启用 TUN,quic reject 规则只会添加 forward 链,不启用 TUN, 只会添加到 input 链 https://github.com/vernesong/OpenClash/blob/e9575929f8bbec1c511dc237aefe5d5a33733e6f/luci-app-openclash/root/etc/init.d/openclash#L2481 https://github.com/vernesong/OpenClash/blob/e9575929f8bbec1c511dc237aefe5d5a33733e6f/luci-app-openclash/root/etc/init.d/openclash#L2625

fw3 和 fw4 都有同样的问题

To Reproduce

Meta 内核 运行模式 Redir-Host(TUN) 禁用 QUIC IPv6 代理模式 TUN 模式 检查防火墙设置

OpenClash Log

日志无关

OpenClash Config

No response

Expected Behavior

IPv6 下使用 tun 模式也应该在 forward 链添加 quic reject 规则

Additional Context

No response

snachx commented 2 months ago

@vernesong 测了一下有个 bug, match-set 应该是 china_ip6_route https://github.com/vernesong/OpenClash/blob/7256d89a39e9db4c971076c841347d203360878f/luci-app-openclash/root/etc/init.d/openclash#L2922

zzz6839 commented 1 month ago

这个问题是不是还没修好,我看Youtube会有类似情况 image

snachx commented 1 month ago

v0.46.010 已经修好了,你这个提示跟这个没关系,应该是代理本身的问题

patsnap-guyong commented 1 month ago

0.46.011版本依然存在问题,表现还是卡: Tip: Firewall4 was Detected, Use NFTABLE Rules...