QQ，TIM自动掉线 - Githubissues

调试日志 `OpenClash 调试日志
生成时间: 2020-11-17 11:28:15 插件版本: v0.40.15-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息


#===================== 系统信息 =====================#
主机型号: Phicomm N1
固件版本: OpenWrt SNAPSHOT r2928-a0ff7c025
LuCI版本: git-20.256.12360-1a54222-1
内核版本: 5.4.73-flippy-47+o
处理器架构: aarch64_generic

#此项在使用Tun模式时应为ACCEPT
防火墙转发: ACCEPT

#此项有值时建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: 

#此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.0.1#7874

#===================== 依赖检查 =====================#
dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
jsonfilter: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
iptables-mod-tproxy: 已安装
iptables-mod-extra: 已安装
libcap: 已安装
libcap-bin: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci-19.07): 已安装

#===================== 内核检查 =====================#
运行状态: 运行中
进程pid: 23245
运行权限: 23245: = cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_resource+eip
运行用户: nobody
已选择的架构: linux-armv8

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 2020.10.29.g5e54f48
Tun内核文件: 存在
Tun内核运行权限: 正常

Game内核版本: v0.17.0-219-g9ac38a4
Game内核文件: 存在
Game内核运行权限: 正常

Dev内核版本: v1.2.0
Dev内核文件: 存在
Dev内核运行权限: 正常

#===================== 插件设置 =====================#
当前配置文件: /etc/openclash/config/Clash.yaml
运行模式: redir-host
默认代理模式: rule
UDP流量转发: 启用
DNS劫持: 启用
自定义DNS: 启用
IPV6-DNS解析: 停用
禁用Dnsmasq缓存: 启用
自定义规则: 启用
仅允许内网: 停用
仅代理命中规则流量: 启用
绕过中国大陆IP: 启用

#启动异常时建议关闭此项后重试
保留配置: 启用

#启动异常时建议关闭此项后重试
第三方规则: ConnersHua
第三方规则策略组设置:
GlobalTV: GlobalTV
AsianTV: AsianTV
Proxy: Proxy
Apple: 
Netflix: 
Spotify: 
Steam: 
AdBlock: 
Netease Music: 
Speedtest: 
Telegram: 
Microsoft: 
PayPal: 
Domestic: Domestic
Others: Auto - UrlTest

读取的配置文件策略组:
Auto - UrlTest
Proxy
Domestic
Others
AsianTV
GlobalTV
DIRECT
REJECT

#===================== 自定义规则 一 =====================#
##- DOMAIN-SUFFIX,google.com,Proxy 匹配域名后缀(交由Proxy代理服务器组)
##- DOMAIN-KEYWORD,google,Proxy 匹配域名关键字(交由Proxy代理服务器组)
##- DOMAIN,google.com,Proxy 匹配域名(交由Proxy代理服务器组)
##- DOMAIN-SUFFIX,ad.com,REJECT 匹配域名后缀(拒绝)
##- IP-CIDR,127.0.0.0/8,DIRECT 匹配数据目标IP(直连)
##- SRC-IP-CIDR,192.168.1.201/32,DIRECT 匹配数据发起IP(直连)
##- DST-PORT,80,DIRECT 匹配数据目标端口(直连)
##- SRC-PORT,7777,DIRECT 匹配数据源端口(直连)

##排序在上的规则优先生效,如添加（去除规则前的#号）：
##IP段：192.168.1.2-192.168.1.200 直连
##- SRC-IP-CIDR,192.168.1.2/31,DIRECT
##- SRC-IP-CIDR,192.168.1.4/30,DIRECT
##- SRC-IP-CIDR,192.168.1.8/29,DIRECT
##- SRC-IP-CIDR,192.168.1.16/28,DIRECT
##- SRC-IP-CIDR,192.168.1.32/27,DIRECT
##- SRC-IP-CIDR,192.168.1.64/26,DIRECT
##- SRC-IP-CIDR,192.168.1.128/26,DIRECT
##- SRC-IP-CIDR,192.168.1.192/29,DIRECT
##- SRC-IP-CIDR,192.168.1.200/32,DIRECT

##IP段：192.168.1.202-192.168.1.255 直连
##- SRC-IP-CIDR,192.168.1.202/31,DIRECT
##- SRC-IP-CIDR,192.168.1.204/30,DIRECT
##- SRC-IP-CIDR,192.168.1.208/28,DIRECT
##- SRC-IP-CIDR,192.168.1.224/27,DIRECT

##此时IP为192.168.1.1和192.168.1.201的客户端流量走代理（策略），其余客户端不走代理
##因为Fake-IP模式下，IP地址为192.168.1.1的路由器自身流量可走代理（策略），所以需要排除

##仅设置路由器自身直连：
##-SRC-IP-CIDR,192.168.0.99/32,DIRECT
##-SRC-IP-CIDR,192.168.0.1/32,DIRECT
##-SRC-IP-CIDR,198.18.0.1/32,DIRECT

##在线IP段转CIDR地址：http://ip2cidr.com

#===================== 自定义规则 二 =====================#
##- DOMAIN-SUFFIX,google.com,Proxy 匹配域名后缀(交由Proxy代理服务器组)
##- DOMAIN-KEYWORD,google,Proxy 匹配域名关键字(交由Proxy代理服务器组)
##- DOMAIN,google.com,Proxy 匹配域名(交由Proxy代理服务器组)
##- DOMAIN-SUFFIX,ad.com,REJECT 匹配域名后缀(拒绝)
##- IP-CIDR,127.0.0.0/8,DIRECT 匹配数据目标IP(直连)
##- SRC-IP-CIDR,192.168.1.201/32,DIRECT 匹配数据发起IP(直连)
##- DST-PORT,80,DIRECT 匹配数据目标端口(直连)
##- SRC-PORT,7777,DIRECT 匹配数据源端口(直连)

#===================== 配置文件 =====================#
redir-port: 7892
interface-name: eth0
port: 7890
socks-port: 7891
ipv6: false
mode: rule
log-level: silent
external-controller: 0.0.0.0:9090
allow-lan: true
bind-address: "*"
external-ui: "/usr/share/openclash/dashboard"
hosts:
##Custom HOSTS##
#  experimental hosts, support wildcard (e.g. *.clash.dev Even *.foo.*.example.com)
#  static domain has a higher priority than wildcard domain (foo.example.com > *.example.com)
#  NOTE: hosts don't work with `fake-ip`

#  '*.clash.dev': 127.0.0.1
#  'alpha.clash.dev': '::1'
##Custom HOSTS END##
dns:
  use-hosts: true
  listen: 127.0.0.1:7874
  enable: true
  ipv6: false
  enhanced-mode: redir-host
  fake-ip-filter:
  nameserver:
##Custom DNS##
    - 117.50.11.11
    - 52.80.66.66
    - 180.76.76.76
  fallback:
    - https://dns.google/dns-query
    - tls://dns.google:853
    - tls://1.1.1.1:853
    - tls://8.8.8.8:853
  fallback-filter:
    geoip: true
    ipcidr:
      - 0.0.0.0/8
      - 10.0.0.0/8
      - 100.64.0.0/10
      - 127.0.0.0/8
      - 169.254.0.0/16
      - 172.16.0.0/12
      - 192.0.0.0/24
      - 192.0.2.0/24
      - 192.88.99.0/24
      - 192.168.0.0/16
      - 198.18.0.0/15
      - 198.51.100.0/24
      - 203.0.113.0/24
      - 224.0.0.0/4
      - 240.0.0.0/4
      - 255.255.255.255/32

#===================== 防火墙设置 =====================#

#NAT chain

# Generated by iptables-save v1.8.4 on Tue Nov 17 11:28:17 2020
*nat
:PREROUTING ACCEPT [987:142662]
:INPUT ACCEPT [2101:185700]
:OUTPUT ACCEPT [2062:137574]
:POSTROUTING ACCEPT [313:19471]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:openclash - [0:0]
:openclash_output - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_vpn_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_vpn_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_vpn_postrouting - [0:0]
:zone_vpn_prerouting - [0:0]
-A PREROUTING -d 8.8.4.4/32 -p tcp -j REDIRECT --to-ports 7892
-A PREROUTING -d 8.8.8.8/32 -p tcp -j REDIRECT --to-ports 7892
-A PREROUTING -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i eth0 -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -p tcp -j openclash
-A OUTPUT -j openclash_output
-A POSTROUTING -o eth0 -j MASQUERADE
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o eth0 -m comment --comment "!fw3" -j zone_lan_postrouting
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -m set --match-set china_ip_route dst -j RETURN
-A openclash -p tcp -j REDIRECT --to-ports 7892
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -m multiport --dports 80,443 -j REDIRECT --to-ports 7892
-A zone_lan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -j MINIUPNPD
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_vpn_postrouting -m comment --comment "!fw3: Custom vpn postrouting rule chain" -j postrouting_vpn_rule
-A zone_vpn_postrouting -m comment --comment "!fw3" -j FULLCONENAT
-A zone_vpn_prerouting -m comment --comment "!fw3: Custom vpn prerouting rule chain" -j prerouting_vpn_rule
-A zone_vpn_prerouting -m comment --comment "!fw3" -j FULLCONENAT
COMMIT
# Completed on Tue Nov 17 11:28:17 2020

#Mangle chain

# Generated by iptables-save v1.8.4 on Tue Nov 17 11:28:17 2020
*mangle
:PREROUTING ACCEPT [25554:7853743]
:INPUT ACCEPT [20203:7258226]
:FORWARD ACCEPT [6098:896589]
:OUTPUT ACCEPT [22721:7054883]
:POSTROUTING ACCEPT [28911:7991117]
:openclash - [0:0]
:qos_Default - [0:0]
:qos_Default_ct - [0:0]
-A PREROUTING -p udp -j openclash
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -m set --match-set china_ip_route dst -j RETURN
-A openclash -p udp -m udp --dport 53 -j RETURN
-A openclash -p udp -j TPROXY --on-port 7892 --on-ip 0.0.0.0 --tproxy-mark 0x162/0xffffffff
-A qos_Default -j CONNMARK --restore-mark --nfmask 0xf --ctmask 0xf
-A qos_Default -m mark --mark 0x0/0xf -j qos_Default_ct
-A qos_Default -p udp -m mark --mark 0x0/0xf0 -m length --length 0:500 -j MARK --set-xmark 0x22/0xff
-A qos_Default -p icmp -j MARK --set-xmark 0x11/0xff
-A qos_Default -p tcp -m mark --mark 0x0/0xf0 -m tcp --sport 1024:65535 --dport 1024:65535 -j MARK --set-xmark 0x44/0xff
-A qos_Default -p udp -m mark --mark 0x0/0xf0 -m udp --sport 1024:65535 --dport 1024:65535 -j MARK --set-xmark 0x44/0xff
-A qos_Default -j CONNMARK --save-mark --nfmask 0xff --ctmask 0xff
-A qos_Default_ct -p tcp -m mark --mark 0x0/0xf -m tcp -m multiport --ports 22,53 -m comment --comment "ssh, dns" -j MARK --set-xmark 0x11/0xff
-A qos_Default_ct -p udp -m mark --mark 0x0/0xf -m udp -m multiport --ports 22,53 -m comment --comment "ssh, dns" -j MARK --set-xmark 0x11/0xff
-A qos_Default_ct -p tcp -m mark --mark 0x0/0xf -m tcp -m multiport --ports 20,21,25,80,110,443,993,995 -m comment --comment "ftp, smtp, http(s), imap" -j MARK --set-xmark 0x33/0xff
-A qos_Default_ct -p tcp -m mark --mark 0x0/0xf -m tcp -m multiport --ports 5190 -m comment --comment "AOL, iChat, ICQ" -j MARK --set-xmark 0x22/0xff
-A qos_Default_ct -p udp -m mark --mark 0x0/0xf -m udp -m multiport --ports 5190 -m comment --comment "AOL, iChat, ICQ" -j MARK --set-xmark 0x22/0xff
-A qos_Default_ct -j CONNMARK --save-mark --nfmask 0xff --ctmask 0xff
COMMIT
# Completed on Tue Nov 17 11:28:17 2020

#===================== 路由表状态 =====================#
#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 eth0
172.31.0.0      0.0.0.0         255.255.255.0   U     0      0        0 docker0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
#ip route list
default via 192.168.0.1 dev eth0 proto static 
172.31.0.0/24 dev docker0 proto kernel scope link src 172.31.0.1 
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.99 
#ip rule show
0:  from all lookup local
32765:  from all fwmark 0x162 lookup 354
32766:  from all lookup main
32767:  from all lookup default

#===================== 端口占用状态 =====================#
tcp        0      0 :::7892                 :::*                    LISTEN      23245/clash
tcp        0      0 :::9090                 :::*                    LISTEN      23245/clash
tcp        0      0 :::7890                 :::*                    LISTEN      23245/clash
tcp        0      0 :::7891                 :::*                    LISTEN      23245/clash
udp        0      0 127.0.0.1:7874          0.0.0.0:*                           23245/clash
udp        0      0 :::7891                 :::*                                23245/clash
udp        0      0 :::7892                 :::*                                23245/clash

#===================== 测试本机DNS查询 =====================#
Server:     127.0.0.1
Address:    127.0.0.1#53

Name:      www.baidu.com
www.baidu.com   canonical name = www.a.shifen.com
Name:      www.a.shifen.com
Address 1: 220.181.38.150
Address 2: 220.181.38.149
*** Can't find www.baidu.com: No answer

#===================== resolv.conf.d =====================#
# Interface lan
nameserver 192.168.0.99
nameserver 192.168.0.1

#===================== 测试本机网络连接 =====================#
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Tue, 17 Nov 2020 03:28:17 GMT
Etag: "575e1f60-115"
Last-Modified: Mon, 13 Jun 2016 02:50:08 GMT
Pragma: no-cache
Server: bfe/1.0.8.18

#===================== 测试本机网络下载 =====================#
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 80
Cache-Control: max-age=300
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
Content-Type: text/plain; charset=utf-8
ETag: "d30e627954475a5bfdb3d5cddabaf42949acf0969d5da3dbdcd657eda7822520"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish
X-GitHub-Request-Id: AB38:409B:1C48CE:21694E:5FB34213
Accept-Ranges: bytes
Date: Tue, 17 Nov 2020 03:28:18 GMT
X-Served-By: cache-hkg17928-HKG
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
X-Timer: S1605583698.151740,VS0,VE0
Vary: Authorization,Accept-Encoding
Access-Control-Allow-Origin: *
X-Fastly-Request-ID: de49705707c5554d5a90c73383b38e4dee3455ec
Expires: Tue, 17 Nov 2020 03:33:18 GMT
Source-Age: 54

#===================== 最近运行日志 =====================#
2020-11-17 08:55:55 Warning: Multiple Start Scripts Running, Exit...
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial compatible provider GlobalTV"
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial compatible provider Auto - UrlTest"
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial compatible provider Proxy"
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial compatible provider Domestic"
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial compatible provider AsianTV"
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial compatible provider Others"
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial rule provider Global"
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial rule provider China"
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial rule provider ChinaIP"
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial rule provider Unbreak"
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial rule provider Streaming"
time="2020-11-17T08:56:17+08:00" level=info msg="Start initial rule provider StreamingSE"
time="2020-11-17T08:56:17+08:00" level=info msg="DNS server listening at: 127.0.0.1:7874"
2020-11-17 08:56:06 OpenClash Start Successful
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial compatible provider Auto - UrlTest"
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial compatible provider Proxy"
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial compatible provider Domestic"
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial compatible provider Others"
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial compatible provider GlobalTV"
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial compatible provider AsianTV"
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial rule provider Unbreak"
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial rule provider Streaming"
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial rule provider StreamingSE"
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial rule provider Global"
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial rule provider China"
time="2020-11-17T11:25:08+08:00" level=info msg="Start initial rule provider ChinaIP"
time="2020-11-17T11:25:08+08:00" level=info msg="DNS server listening at: 127.0.0.1:7874"
2020-11-17 11:25:00 OpenClash Start Successful
`
vernesong / OpenClash

QQ，TIM自动掉线 #990
