nftbty
commented
1 month ago ChinaDNS-NG版本多少?升级到最新版试试。或者暂时把DNS分流改为只使用dnsmasq试试,看DNS能否正常解析。
Closed KnowledegAndAction closed 4 weeks ago
nftbty
commented
1 month ago ChinaDNS-NG版本多少?升级到最新版试试。或者暂时把DNS分流改为只使用dnsmasq试试,看DNS能否正常解析。
KnowledegAndAction
commented
1 month ago ChinaDNS-NG版本多少?升级到最新版试试。或者暂时把DNS分流改为只使用dnsmasq试试,看DNS能否正常解析。
2024.05.12. 切换到dnsmasq后问题依旧,默认dns不管选远程还是直连结果一样。
dunxianyu
commented
1 month ago 我也遇到这个问题,解析无效,包括更新到smartdns版也不行
wtfr-dot
commented
1 month ago 是不是装了turboACC设置了dns或者在防火墙里设置了dns劫持,新版pw也有单独劫持dns选项,感觉是这一块有问题,因为你带8.8.8.8查询应该绕过了dns劫持
dunxianyu
commented
1 month ago 我怎么感觉是chinadns20240512这个版本的问题?逼着我用passwall2了。
wtfr-dot
commented
1 month ago 我怎么感觉是chinadns20240512这个版本的问题?逼着我用passwall2了。
不是这个版本的问题,我就在用,看你也更新了smartdns版,说明你装了smartdns,那更要好好理一理其中的关系了
KnowledegAndAction
commented
1 month ago 是不是装了turboACC设置了dns或者在防火墙里设置了dns劫持,新版pw也有单独劫持dns选项,感觉是这一块有问题,因为你带8.8.8.8查询应该绕过了dns劫持
没有装turboACC,防火墙里也没有设置dns劫持。
cyqtmxk
commented
1 month ago 我也是同样的问题,istore os 安装的are u ok 的插件。
bcseputetto
commented
1 month ago 更新到最新版本再试一下 https://github.com/bcseputetto/Are-u-ok/releases
KnowledegAndAction
commented
1 month ago 更新到最新版本再试一下 https://github.com/bcseputetto/Are-u-ok/releases
好像问题依旧。
bcseputetto
commented
1 month ago 好像问题依旧。
@KnowledegAndAction 其他DNS方式也不行吗?dns2socks,xray DoH 或者 sing-box DoH
david576111775
commented
1 month ago 接smartdns使用DoT或者DoH,可能是ISP的问题
wtfr-dot
commented
1 month ago 本站官方的pw不能安装?下载最新版pw并打开dns重定向试试,再不行可能需要检查主路由设置,因为你之前全新安装都不行,我觉得应该与设置有关
KnowledegAndAction
commented
4 weeks ago 接smartdns使用DoT或者DoH,可能是ISP的问题
确实是,现已恢复正常。一切问题消失,应该和passwall无关。
描述您遇到的bug
iStoreOS 22.03.6 2024061415 内核版本 5.10.201
PassWall版本:4.77-6。来源为 https://github.com/AUK9527/Are-u-ok/tree/main/x86
公司网络,日常就不太稳定(移动线路,速度慢,科学上网有限制如1.1.1.1无法连接等)。PVE跑iStoreOS,旁路由模式运行passwall,创建iStoreOS后只安装了passwall。之后添加节点,并允许本机以外连接,其他设置没有改动。之后正常工作了2个星期左右。 设置如下:
然后有一天突然无法科学上网(应该没有去动过),在passwall中点击测试,百度可联通,google等其他全部连接失败。节点本身正常,在同样公司网络的其他电脑上可以使用。排查发现google等地址DNS无法解析。
但指定8.8.8.8可以解析:
如果卸载passwall安装ssrp则一起正常。 重新把iStoreOS恢复出厂设置后再安装passwall问题依旧。
复现此Bug的步骤
添加节点,打开主开关,无法联通外网。nslookup无法解析国外地址。
您想要实现的目的
DNS可以正常解析外网地址。
日志信息
passwall日志: 2024-07-08 17:30:21: 删除iptables防火墙规则完成。 2024-07-08 17:30:21: 清空并关闭相关程序和缓存完成。 2024-07-08 17:30:21: 分析 Socks 服务的节点配置... 2024-07-08 17:30:21: - Socks节点:[JMS-967778@c39s801.portablesubmarines.com:10220]c39s801.portablesubmarines.com:10220,启动 0.0.0.0:1081 2024-07-08 17:30:21: 记录到持久性日志文件:/root/passwall_vmess_xray_2024-07-08.log 2024-07-08 17:30:21: TCP节点:[JMS-967778@c39s801.portablesubmarines.com:10220],监听端口:1041 2024-07-08 17:30:22: 记录到持久性日志文件:/root/passwall_TCP_xray_2024-07-08.log 2024-07-08 17:30:22: UDP节点没有选择或为空,不代理UDP。 2024-07-08 17:30:22: DNS域名解析: 2024-07-08 17:30:22: * 请确认上游 DNS 支持 TCP 查询,如非直连地址,确保 TCP 代理打开,并且已经正确转发! 2024-07-08 17:30:22: - ChinaDNS-NG(127.0.0.1#15353):直连DNS:223.5.5.5,可信DNS:tcp://8.8.8.8#53 2024-07-08 17:30:22: - 节点列表中的域名(vpslist):223.5.5.5 2024-07-08 17:30:22: - 域名白名单(whitelist):默认 2024-07-08 17:30:22: - 代理域名表(blacklist):默认 2024-07-08 17:30:22: - 防火墙域名表(gfwlist):默认 2024-07-08 17:30:22: - 中国域名表(chnroute):默认 2024-07-08 17:30:22: - 默认:127.0.0.1#15353 2024-07-08 17:30:22: - PassWall必须依赖于Dnsmasq,如果你自行配置了错误的DNS流程,将会导致域名(直连/代理域名)分流失效!!! 2024-07-08 17:30:22: 开始加载防火墙规则... 2024-07-08 17:30:22: - [0]追加ISP IPv4 DNS到白名单:223.5.5.5 2024-07-08 17:30:22: - [0]加入负载均衡的节点到ipset[passwall_vpslist] 2024-07-08 17:30:22: - [0]加入所有节点到ipset[passwall_vpslist] 2024-07-08 17:30:22: - [0]追加直连DNS到iptables:223.5.5.5:53 2024-07-08 17:30:22: - 【路由器本机】,屏蔽代理 UDP 端口[443] 2024-07-08 17:30:22: - [0]将上游 DNS 服务器 8.8.8.8:53 加入到路由器自身代理的 TCP 转发链 2024-07-08 17:30:22: - 访问控制: 2024-07-08 17:30:22: - 【默认】,屏蔽代理 UDP 端口[443] 2024-07-08 17:30:22: - 【默认】,使用 TCP 节点JMS-967778@c39s801.portablesubmarines.com:10220 2024-07-08 17:30:22: 防火墙规则加载完成! 2024-07-08 17:30:22: 重启 dnsmasq 服务 2024-07-08 17:30:22: 运行完成!
passwall_TCP_xray_2024-07-08.log Xray 1.8.13 (Xray, Penetrates Everything.) OpenWrt (go1.22.3 linux/amd64) A unified platform for anti-censorship. 2024/07/08 09:29:47 [Info] infra/conf/serial: Reading config: /tmp/etc/passwall/acl/default/TCP_SOCKS.json Xray 1.8.13 (Xray, Penetrates Everything.) OpenWrt (go1.22.3 linux/amd64) A unified platform for anti-censorship. 2024/07/08 09:30:22 [Info] infra/conf/serial: Reading config: /tmp/etc/passwall/acl/default/TCP_SOCKS.json 2024/07/08 09:30:22 [Warning] core: Xray 1.8.13 started 2024/07/08 09:30:26 192.168.117.53:48822 accepted tcp:8.8.8.8:53 [tcp_redir >> KQZfM3um] 2024/07/08 09:30:31 tcp:127.0.0.1:50882 rejected proxy/socks: failed to read request > EOF 2024/07/08 09:30:31 192.168.117.53:48828 accepted tcp:8.8.8.8:53 [tcp_redir >> KQZfM3um] 2024/07/08 09:30:32 192.168.117.53:48832 accepted tcp:8.8.8.8:53 [tcp_redir >> KQZfM3um] 2024/07/08 09:30:34 192.168.117.53:48838 accepted tcp:8.8.8.8:53 [tcp_redir >> KQZfM3um] 2024/07/08 09:30:34 192.168.117.53:48842 accepted tcp:8.8.8.8:53 [tcp_redir >> KQZfM3um] 2024/07/08 09:30:36 tcp:127.0.0.1:50888 rejected proxy/socks: failed to read request > EOF 2024/07/08 09:30:37 tcp:127.0.0.1:50894 rejected proxy/socks: failed to read request > EOF 2024/07/08 09:33:03 192.168.117.53:50224 accepted tcp:8.8.8.8:53 [tcp_redir >> KQZfM3um] 2024/07/08 09:33:05 192.168.117.53:50226 accepted tcp:8.8.8.8:53 [tcp_redir >> KQZfM3um]
passwall_vmess_xray_2024-07-08.log Xray 1.8.13 (Xray, Penetrates Everything.) OpenWrt (go1.22.3 linux/amd64) A unified platform for anti-censorship. 2024/07/08 09:29:47 [Info] infra/conf/serial: Reading config: /tmp/etc/passwall/HTTP_SOCKS_5QWLj87e.json Xray 1.8.13 (Xray, Penetrates Everything.) OpenWrt (go1.22.3 linux/amd64) A unified platform for anti-censorship. 2024/07/08 09:30:21 [Info] infra/conf/serial: Reading config: /tmp/etc/passwall/HTTP_SOCKS_5QWLj87e.json 2024/07/08 09:30:21 [Warning] core: Xray 1.8.13 started
系统日志信息 Mon Jul 8 17:30:21 2024 cron.err crond[1577]: crond (busybox 1.35.0) started, log level 5 Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: exiting on receipt of SIGTERM Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: started, version 2.89 cachesize 1000 Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: DNS service limited to local subnets Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset no-nftset auth cryptohash DNSSEC no-ID loop-detect inotify dumpfile Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: UBus support enabled: connected to system bus Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for test Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for onion Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for localhost Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for local Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for invalid Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for bind Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for lan Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: reading /tmp/resolv.conf.d/resolv.conf.auto Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using nameserver 223.5.5.5#53 Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for test Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for onion Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for localhost Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for local Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for invalid Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for bind Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: using only locally-known addresses for lan Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: read /etc/hosts - 12 names Mon Jul 8 17:30:21 2024 daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 0 names Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: exiting on receipt of SIGTERM Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: started, version 2.89 cachesize 1000 Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: DNS service limited to local subnets Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset no-nftset auth cryptohash DNSSEC no-ID loop-detect inotify dumpfile Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: UBus support enabled: connected to system bus Mon Jul 8 17:30:22 2024 daemon.warn dnsmasq[1]: warning: ignoring resolv-file flag because no-resolv is set Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: using nameserver 223.5.5.5#53 for domain c39s801.portablesubmarines.com Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: using nameserver 223.5.5.5#53 for domain c39s3.portablesubmarines.com Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: using nameserver 127.0.0.1#15353 Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: using only locally-known addresses for test Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: using only locally-known addresses for onion Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: using only locally-known addresses for localhost Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: using only locally-known addresses for local Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: using only locally-known addresses for invalid Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: using only locally-known addresses for bind Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: using only locally-known addresses for lan Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: read /etc/hosts - 12 names Mon Jul 8 17:30:22 2024 daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 0 names Mon Jul 8 17:30:22 2024 cron.err crond[3248]: crond (busybox 1.35.0) started, log level 5 Mon Jul 8 17:32:54 2024 daemon.notice ttyd[14768]: ++ [wsisrv|0|adopted] (1) Mon Jul 8 17:32:54 2024 daemon.notice ttyd[14768]: HTTP / - 192.168.117.20 Mon Jul 8 17:32:54 2024 daemon.notice ttyd[14768]: HTTP /token - 192.168.117.20 Mon Jul 8 17:32:54 2024 daemon.notice ttyd[14768]: ++ [wsisrv|1|adopted] (2) Mon Jul 8 17:32:54 2024 daemon.notice ttyd[14768]: WS /ws - 192.168.117.20, clients: 1 Mon Jul 8 17:32:54 2024 daemon.notice ttyd[14768]: started process, pid: 4610 Mon Jul 8 17:32:59 2024 daemon.err ttyd[14768]: [2024/07/08 17:32:59:1442] N: lws_libuv_closewsi: [wsisrv|0|adopted] Mon Jul 8 17:32:59 2024 daemon.err ttyd[14768]: [2024/07/08 17:32:59:1442] N: lws_libuv_closewsi: thr 0: [wsisrv|0|adopted] sa left 2: dyn left: 4 (rk 0) Mon Jul 8 17:32:59 2024 daemon.err ttyd[14768]: [2024/07/08 17:32:59:1443] N: -- [wsisrv|0|adopted] (1) 5.112s Mon Jul 8 17:33:00 2024 daemon.notice ttyd[14768]: WS closed from 192.168.117.20, clients: 0 Mon Jul 8 17:33:00 2024 daemon.notice ttyd[14768]: killing process 4610 with signal: 1 (SIGHUP) Mon Jul 8 17:33:00 2024 daemon.err ttyd[14768]: [2024/07/08 17:33:00:5424] N: lws_libuv_closewsi: [wsisrv|1|adopted] Mon Jul 8 17:33:00 2024 daemon.err ttyd[14768]: [2024/07/08 17:33:00:5424] N: lws_libuv_closewsi: thr 0: [wsisrv|1|adopted] sa left 2: dyn left: 3 (rk 0) Mon Jul 8 17:33:00 2024 daemon.err ttyd[14768]: [2024/07/08 17:33:00:5424] N: -- [wsisrv|1|adopted] (0) 6.244s Mon Jul 8 17:33:00 2024 daemon.notice ttyd[14768]: process killed with signal 1 (SIGHUP), pid: 4610
截图
No response
系统相关信息
PassWall_4.77-6
其他信息
No response