OpenClash
OpenClash copied to clipboard
vernesong
任何防火墙的设置都会触发openclash的防火墙重置
Verify Steps
- [x] Tracker 我已经在 Issue Tracker 中找过我要提出的问题
- [x] Branch 我知道 OpenClash 的 Dev 分支切换开关位于插件设置-版本更新中,或者我会手动下载并安装 Dev 分支的 OpenClash
- [x] Latest 我已经使用最新 Dev 版本测试过,问题依旧存在
- [x] Relevant 我知道 OpenClash 与 内核(Core)、控制面板(Dashboard)、在线订阅转换(Subconverter)等项目之间无直接关系,仅相互调用
- [x] Definite 这确实是 OpenClash 出现的问题
- [x] Contributors 我有能力协助 OpenClash 开发并解决此问题
- [ ] Meaningless 我提交的是无意义的催促更新或修复请求
OpenClash Version
046.086
Bug on Environment
Lean
OpenWrt Version
LEDE R25.5.25 / LuCI openwrt-24.10 branch git-25.148.39434-b4e9e3d
Bug on Platform
Linux-arm64
Describe the Bug
只要任何关于防火墙的设置,就会马上出发openclash的防火墙重置,插件日志里面会出现很多防火墙重置的记录,如图
To Reproduce
只要去防火墙设置任何东西,开关某个功能就会触发openclash的防火墙重置
OpenClash Log
2025-06-02 13:06:02 提示:开始添加自定义防火墙规则...
2025-06-02 13:06:02 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则...
2025-06-02 13:06:01 提示:IPv6 代理模式为 TProxy...
2025-06-02 13:06:01 提示:DNS 劫持模式为 Dnsmasq 转发...
2025-06-02 13:06:00 重置 OpenClash 防火墙规则...
2025-06-02 13:05:59 提示:开始添加自定义防火墙规则...
2025-06-02 13:05:59 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则...
2025-06-02 13:05:58 提示:IPv6 代理模式为 TProxy...
2025-06-02 13:05:58 提示:DNS 劫持模式为 Dnsmasq 转发...
2025-06-02 13:05:57 重置 OpenClash 防火墙规则...
OpenClash Config
#===================== 自定义覆写设置 =====================#
#!/bin/sh
. /usr/share/openclash/ruby.sh
. /usr/share/openclash/log.sh
. /lib/functions.sh
# This script is called by /etc/init.d/openclash
# Add your custom overwrite scripts here, they will be take effict after the OpenClash own srcipts
LOG_OUT "Tip: Start Running Custom Overwrite Scripts..."
LOGTIME=$(echo $(date "+%Y-%m-%d %H:%M:%S"))
LOG_FILE="/tmp/openclash.log"
CONFIG_FILE="$1" #config path
#Simple Demo:
#General Demo
#1--config path
#2--key name
#3--value
#ruby_edit "$CONFIG_FILE" "['redir-port']" "7892"
#ruby_edit "$CONFIG_FILE" "['secret']" "123456"
#ruby_edit "$CONFIG_FILE" "['dns']['enable']" "true"
#Hash Demo
#1--config path
#2--key name
#3--hash type value
#ruby_edit "$CONFIG_FILE" "['experimental']" "{'sniff-tls-sni'=>true}"
#ruby_edit "$CONFIG_FILE" "['sniffer']" "{'sniffing'=>['tls','http']}"
#Array Demo:
#1--config path
#2--key name
#3--position(start from 0, end with -1)
#4--value
#ruby_arr_insert "$CONFIG_FILE" "['dns']['nameserver']" "0" "114.114.*.*"
#Array Add From Yaml File Demo:
#1--config path
#2--key name
#3--position(start from 0, end with -1)
#4--value file path
#5--value key name in #4 file
#ruby_arr_add_file "$CONFIG_FILE" "['dns']['fallback-filter']['ipcidr']" "0" "/etc/openclash/custom/openclash_custom_fallback_filter.yaml" "['fallback-filter']['ipcidr']"
#Ruby Script Demo:
#ruby -ryaml -rYAML -I "/usr/share/openclash" -E UTF-8 -e "
# begin
# Value = YAML.load_file('$CONFIG_FILE');
# rescue Exception => e
# puts '${LOGTIME} Error: Load File Failed,【' + e.message + '】';
# end;
#General
# begin
# Thread.new{
# Value['redir-port']=7892;
# Value['tproxy-port']=7895;
# Value['port']=7890;
# Value['socks-port']=7891;
# Value['mixed-port']=7893;
# }.join;
# rescue Exception => e
# puts '${LOGTIME} Error: Set General Failed,【' + e.message + '】';
# ensure
# File.open('$CONFIG_FILE','w') {|f| YAML.dump(Value, f)};
# end" 2>/dev/null >> $LOG_FILE
exit 0
#===================== 自定义防火墙设置 =====================#
#!/bin/sh
. /usr/share/openclash/log.sh
. /lib/functions.sh
# This script is called by /etc/init.d/openclash
# Add your custom firewall rules here, they will be added after the end of the OpenClash iptables rules
LOG_OUT "Tip: Start Add Custom Firewall Rules..."
exit 0
#===================== IPTABLES 防火墙设置 =====================#
#IPv4 NAT chain
# Generated by iptables-save v1.8.7 on Mon Jun 2 13:13:12 2025
*nat
:PREROUTING ACCEPT [73:39826]
:INPUT ACCEPT [420:25850]
:OUTPUT ACCEPT [1190:86917]
:POSTROUTING ACCEPT [943:71163]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:openclash - [0:0]
:openclash_output - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -p tcp -m tcp --dport 53 -m comment --comment "OpenClash DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -p udp -m udp --dport 53 -m comment --comment "OpenClash DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -p tcp -j openclash
-A OUTPUT -d 127.0.*.*/32 -p udp -m owner ! --gid-owner 65534 -m comment --comment "OpenClash DNS Hijack" -m udp --dport 53 -j REDIRECT --to-ports 53
-A OUTPUT -d 127.0.*.*/32 -p tcp -m owner ! --gid-owner 65534 -m comment --comment "OpenClash DNS Hijack" -m tcp --dport 53 -j REDIRECT --to-ports 53
-A OUTPUT -j openclash_output
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_postrouting
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -m conntrack --ctdir REPLY -j RETURN
-A openclash -m set --match-set china_ip_route dst -m set ! --match-set china_ip_route_pass dst -j RETURN
-A openclash -p tcp -j REDIRECT --to-ports 7892
-A openclash_output -m owner --gid-owner 65534 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -m conntrack --ctdir REPLY -j RETURN
-A openclash_output -m set --match-set china_ip_route dst -m set ! --match-set china_ip_route_pass dst -j RETURN
-A openclash_output -p tcp -j REDIRECT --to-ports 7892
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -m comment --comment "!fw3" -j MASQUERADE --mode fullcone
-A zone_wan_prerouting -j MINIUPNPD
-A zone_wan_prerouting -j MINIUPNPD
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
COMMIT
# Completed on Mon Jun 2 13:13:12 2025
#IPv4 Mangle chain
# Generated by iptables-save v1.8.7 on Mon Jun 2 13:13:12 2025
*mangle
:PREROUTING ACCEPT [104752:111606765]
:INPUT ACCEPT [104726:111636101]
:FORWARD ACCEPT [122:10486]
:OUTPUT ACCEPT [51641:128920616]
:POSTROUTING ACCEPT [51779:128939558]
:openclash - [0:0]
:openclash_output - [0:0]
:openclash_upnp - [0:0]
-A PREROUTING -p udp -j openclash
-A FORWARD -o pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A OUTPUT -p udp -j openclash_output
-A openclash -p udp -m udp --sport 500 -j RETURN
-A openclash -p udp -m udp --sport 68 -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -m conntrack --ctdir REPLY -j RETURN
-A openclash -m set --match-set china_ip_route dst -m set ! --match-set china_ip_route_pass dst -j RETURN
-A openclash -p udp -j openclash_upnp
-A openclash -p udp -j TPROXY --on-port 7895 --on-ip 0.0.*.* --tproxy-mark 0x162/0xffffffff
-A openclash_output -p udp -m udp --sport 500 -j RETURN
-A openclash_output -p udp -m udp --sport 68 -j RETURN
-A openclash_output -m owner --gid-owner 65534 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -m conntrack --ctdir REPLY -j RETURN
-A openclash_output -m set --match-set china_ip_route dst -m set ! --match-set china_ip_route_pass dst -j RETURN
-A openclash_output -p udp -j MARK --set-xmark 0x162/0xffffffff
COMMIT
# Completed on Mon Jun 2 13:13:12 2025
#IPv4 Filter chain
# Generated by iptables-save v1.8.7 on Mon Jun 2 13:13:12 2025
*filter
:INPUT ACCEPT [7:224]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:MINIUPNPD - [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:forwarding_wan_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:input_wan_rule - [0:0]
:openclash_wan_input - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:output_wan_rule - [0:0]
:reject - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
:zone_wan_dest_ACCEPT - [0:0]
:zone_wan_dest_REJECT - [0:0]
:zone_wan_forward - [0:0]
:zone_wan_input - [0:0]
:zone_wan_output - [0:0]
:zone_wan_src_REJECT - [0:0]
-A INPUT -p udp -m udp --dport 443 -m comment --comment "OpenClash QUIC REJECT" -m set ! --match-set china_ip_route dst -j REJECT --reject-with icmp-port-unreachable
-A INPUT -i pppoe-wan -m set ! --match-set localnetwork src -j openclash_wan_input
-A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
-A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
-A INPUT -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_input
-A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
-A FORWARD -m comment --comment "!fw3: Traffic offloading" -m conntrack --ctstate RELATED,ESTABLISHED -j FLOWOFFLOAD
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
-A FORWARD -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_forward
-A FORWARD -m comment --comment "!fw3" -j reject
-A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
-A OUTPUT -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_output
-A openclash_wan_input -p udp -m multiport --dports 7892,7895,9090,7890,7891,7893,7874 -j REJECT --reject-with icmp-port-unreachable
-A openclash_wan_input -p tcp -m multiport --dports 7892,7895,9090,7890,7891,7893,7874 -j REJECT --reject-with icmp-port-unreachable
-A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
-A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp-port-unreachable
-A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to wan forwarding policy" -j zone_wan_dest_ACCEPT
-A zone_lan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
-A zone_lan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
-A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
-A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_dest_ACCEPT -o pppoe-wan -m conntrack --ctstate INVALID -m comment --comment "!fw3: Prevent NAT leakage" -j DROP
-A zone_wan_dest_ACCEPT -o pppoe-wan -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_dest_REJECT -o pppoe-wan -m comment --comment "!fw3" -j reject
-A zone_wan_forward -j MINIUPNPD
-A zone_wan_forward -j MINIUPNPD
-A zone_wan_forward -m comment --comment "!fw3: Custom wan forwarding rule chain" -j forwarding_wan_rule
-A zone_wan_forward -p esp -m comment --comment "!fw3: Allow-IPSec-ESP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -p udp -m udp --dport 500 -m comment --comment "!fw3: Allow-ISAKMP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
-A zone_wan_input -m comment --comment "!fw3: Custom wan input rule chain" -j input_wan_rule
-A zone_wan_input -p udp -m udp --dport 68 -m comment --comment "!fw3: Allow-DHCP-Renew" -j ACCEPT
-A zone_wan_input -p icmp -m icmp --icmp-type 8 -m comment --comment "!fw3: Allow-Ping" -j ACCEPT
-A zone_wan_input -p igmp -m comment --comment "!fw3: Allow-IGMP" -j ACCEPT
-A zone_wan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_REJECT
-A zone_wan_output -m comment --comment "!fw3: Custom wan output rule chain" -j output_wan_rule
-A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
-A zone_wan_src_REJECT -i pppoe-wan -m comment --comment "!fw3" -j reject
COMMIT
# Completed on Mon Jun 2 13:13:12 2025
#IPv6 NAT chain
# Generated by ip6tables-save v1.8.7 on Mon Jun 2 13:13:12 2025
*nat
:PREROUTING ACCEPT [130:30737]
:INPUT ACCEPT [398:32795]
:OUTPUT ACCEPT [78:6371]
:POSTROUTING ACCEPT [87:7079]
-A PREROUTING -p tcp -m tcp --dport 53 -m comment --comment "OpenClash DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -p udp -m udp --dport 53 -m comment --comment "OpenClash DNS Hijack" -j REDIRECT --to-ports 53
-A OUTPUT -p udp -m udp --dport 53 -m owner ! --gid-owner 65534 -m comment --comment "OpenClash DNS Hijack" -j REDIRECT --to-ports 53
-A OUTPUT -p tcp -m tcp --dport 53 -m owner ! --gid-owner 65534 -m comment --comment "OpenClash DNS Hijack" -j REDIRECT --to-ports 53
COMMIT
# Completed on Mon Jun 2 13:13:12 2025
#IPv6 Mangle chain
# Generated by ip6tables-save v1.8.7 on Mon Jun 2 13:13:12 2025
*mangle
:PREROUTING ACCEPT [3047:2077908]
:INPUT ACCEPT [4127:2129634]
:FORWARD ACCEPT [1106:438488]
:OUTPUT ACCEPT [4221:7791502]
:POSTROUTING ACCEPT [5253:8217748]
:openclash - [0:0]
:openclash_output - [0:0]
-A PREROUTING -j openclash
-A FORWARD -o pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A OUTPUT -j openclash_output
-A openclash -p udp -m udp --sport 500 -j RETURN
-A openclash -s fc00::/6 -p udp -m udp --sport 546 -j RETURN
-A openclash -m set --match-set localnetwork6 dst -j RETURN
-A openclash -m conntrack --ctdir REPLY -j RETURN
-A openclash -m set --match-set china_ip6_route dst -m set ! --match-set china_ip6_route_pass dst -j RETURN
-A openclash -p tcp -m comment --comment "OpenClash TCP Tproxy" -j TPROXY --on-port 7895 --on-ip :: --tproxy-mark 0x162/0xffffffff
-A openclash -p udp -m comment --comment "OpenClash UDP Tproxy" -j TPROXY --on-port 7895 --on-ip :: --tproxy-mark 0x162/0xffffffff
-A openclash_output -p udp -m udp --sport 500 -j RETURN
-A openclash_output -p udp -m udp --sport 546 -j RETURN
-A openclash_output -m owner --gid-owner 65534 -j RETURN
-A openclash_output -m set --match-set localnetwork6 dst -j RETURN
-A openclash_output -m conntrack --ctdir REPLY -j RETURN
-A openclash_output -m set --match-set china_ip6_route dst -m set ! --match-set china_ip6_route_pass dst -j RETURN
-A openclash_output -j MARK --set-xmark 0x162/0xffffffff
COMMIT
# Completed on Mon Jun 2 13:13:12 2025
#IPv6 Filter chain
# Generated by ip6tables-save v1.8.7 on Mon Jun 2 13:13:12 2025
*filter
:INPUT ACCEPT [2:124]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:MINIUPNPD - [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:forwarding_wan_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:input_wan_rule - [0:0]
:openclash_wan_input - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:output_wan_rule - [0:0]
:reject - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
:zone_wan_dest_ACCEPT - [0:0]
:zone_wan_dest_REJECT - [0:0]
:zone_wan_forward - [0:0]
:zone_wan_input - [0:0]
:zone_wan_output - [0:0]
:zone_wan_src_REJECT - [0:0]
-A INPUT -i pppoe-wan -m set ! --match-set localnetwork6 src -j openclash_wan_input
-A INPUT -p udp -m udp --dport 443 -m comment --comment "OpenClash QUIC REJECT" -m set ! --match-set china_ip6_route dst -j REJECT --reject-with icmp6-port-unreachable
-A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
-A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
-A INPUT -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_input
-A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
-A FORWARD -m comment --comment "!fw3: Traffic offloading" -m conntrack --ctstate RELATED,ESTABLISHED -j FLOWOFFLOAD
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
-A FORWARD -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_forward
-A FORWARD -m comment --comment "!fw3" -j reject
-A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
-A OUTPUT -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_output
-A openclash_wan_input -p udp -m multiport --dports 7892,7895,9090,7890,7891,7893,7874 -j REJECT --reject-with icmp6-port-unreachable
-A openclash_wan_input -p tcp -m multiport --dports 7892,7895,9090,7890,7891,7893,7874 -j REJECT --reject-with icmp6-port-unreachable
-A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
-A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp6-port-unreachable
-A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to wan forwarding policy" -j zone_wan_dest_ACCEPT
-A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
-A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
-A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
-A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_dest_ACCEPT -o pppoe-wan -m conntrack --ctstate INVALID -m comment --comment "!fw3: Prevent NAT leakage" -j DROP
-A zone_wan_dest_ACCEPT -o pppoe-wan -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_dest_REJECT -o pppoe-wan -m comment --comment "!fw3" -j reject
-A zone_wan_forward -j MINIUPNPD
-A zone_wan_forward -j MINIUPNPD
-A zone_wan_forward -m comment --comment "!fw3: Custom wan forwarding rule chain" -j forwarding_wan_rule
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 128 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 129 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 4/0 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 4/1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p esp -m comment --comment "!fw3: Allow-IPSec-ESP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -p udp -m udp --dport 500 -m comment --comment "!fw3: Allow-ISAKMP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
-A zone_wan_input -m comment --comment "!fw3: Custom wan input rule chain" -j input_wan_rule
-A zone_wan_input -s fc00::/6 -d fc00::/6 -p udp -m udp --dport 546 -m comment --comment "!fw3: Allow-DHCPv6" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 128 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 129 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 4/0 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 4/1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_REJECT
-A zone_wan_output -m comment --comment "!fw3: Custom wan output rule chain" -j output_wan_rule
-A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
-A zone_wan_src_REJECT -i pppoe-wan -m comment --comment "!fw3" -j reject
COMMIT
# Completed on Mon Jun 2 13:13:12 2025
#===================== IPSET状态 =====================#
Name: china_ip_route
Type: hash:net
Revision: 7
Header: family inet hashsize 2048 maxelem 1000000 bucketsize 12 initval 0xbf66674f
Size in memory: 195792
References: 5
Number of entries: 7091
Name: china_ip_route_pass
Type: hash:net
Revision: 7
Header: family inet hashsize 1024 maxelem 1000000 bucketsize 12 initval 0x681ecfb4
Size in memory: 456
References: 4
Number of entries: 0
Name: localnetwork
Type: hash:net
Revision: 7
Header: family inet hashsize 1024 maxelem 65536 bucketsize 12 initval 0xbde27f56
Size in memory: 984
References: 5
Number of entries: 11
Name: china_ip6_route
Type: hash:net
Revision: 7
Header: family inet6 hashsize 1024 maxelem 1000000 bucketsize 12 initval 0x17f9ba80
Size in memory: 93544
References: 3
Number of entries: 2043
Name: china_ip6_route_pass
Type: hash:net
Revision: 7
Header: family inet6 hashsize 1024 maxelem 1000000 bucketsize 12 initval 0xbc198972
Size in memory: 1240
References: 2
Number of entries: 0
Name: localnetwork6
Type: hash:net
Revision: 7
Header: family inet6 hashsize 1024 maxelem 65536 bucketsize 12 initval 0xcafaecca
Size in memory: 2608
References: 3
Number of entries: 19
#===================== 路由表状态 =====================#
#IPv4
#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.*.* 10.86.*.* 0.0.*.* UG 0 0 0 pppoe-wan
10.86.*.* 0.0.*.* 255.255.*.* UH 0 0 0 pppoe-wan
192.168.*.* 0.0.*.* 255.255.*.* U 0 0 0 br-lan
#ip route list
default via 10.86.*.* dev pppoe-wan proto static
10.86.*.* dev pppoe-wan proto kernel scope link src 10.86.*.*
192.168.*.*/24 dev br-lan proto kernel scope link src 192.168.*.*
#ip rule show
0: from all lookup local
32765: from all fwmark 0x162 lookup 354
32766: from all lookup main
32767: from all lookup default
#IPv6
#route -A inet6
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
::/0 :: U 1024 5 0 lo
::/0 fe80::*:*:*:d934 UG 512 6 0 pppoe-wan
::/0 fe80::*:*:*:d934 UG 512 5 0 pppoe-wan
2409:*:*:*::/62 fe80::524f:3bff:fe4c:fca4 UG 1024 5 0 br-lan
2409:*:*:*::/60 :: U 256 4 0 br-lan
2409:*:*:*::/62 fe80::524f:3bff:fe4c:fca4 UG 1024 1 0 br-lan
2409:*:*:*::/60 :: U 256 1 0 br-lan
2409:*:*:*::/64 :: U 1024 6 0 br-lan
2409:*:*:*::/62 fe80::524f:3bff:fe4c:fca4 UG 1024 5 0 br-lan
2409:*:*:*::/60 :: !n 2147483647 1 0 lo
2409:*:*:*::/64 :: !n 2147483647 1 0 lo
fe80::*:*:*:8a0/128 :: U 256 2 0 pppoe-wan
fe80::*:*:*:d934/128 :: U 256 1 0 pppoe-wan
fe80::/64 :: U 256 5 0 br-lan
fe80::/64 :: U 256 1 0 eth1
fe80::/64 :: U 256 1 0 ifb4pppoe-wan
::/0 :: !n -1 2 0 lo
::1/128 :: Un 0 7 0 lo
2409:*:*:*::/128 :: Un 0 3 0 br-lan
2409:*:*:*:2420:a8ff:fe4e:626d/128 :: Un 0 10 0 br-lan
2409:*:*:*::/128 :: Un 0 3 0 br-lan
2409:*:*:*:2420:a8ff:fe4e:626d/128 :: Un 0 7 0 br-lan
2409:*:*:*::/128 :: Un 0 3 0 br-lan
2409:*:*:*:2420:a8ff:fe4e:626d/128 :: Un 0 7 0 br-lan
2409:*:*:*::/128 :: Un 0 3 0 pppoe-wan
2409:*:*:*:74:e73b:5828:8a0/128 :: Un 0 3 0 pppoe-wan
fe80::/128 :: Un 0 8 0 br-lan
fe80::/128 :: Un 0 3 0 eth1
fe80::/128 :: Un 0 3 0 ifb4pppoe-wan
fe80::*:*:*:8a0/128 :: Un 0 3 0 pppoe-wan
fe80::*:*:*:aab8/128 :: Un 0 2 0 eth1
fe80::*:*:*:626d/128 :: Un 0 5 0 br-lan
fe80::*:*:*:af59/128 :: Un 0 2 0 ifb4pppoe-wan
ff00::/8 :: U 256 5 0 br-lan
ff00::/8 :: U 256 2 0 eth1
ff00::/8 :: U 256 5 0 pppoe-wan
ff00::/8 :: U 256 1 0 ifb4pppoe-wan
::/0 :: !n -1 2 0 lo
#ip -6 route list
default from 2409:*:*:*::/60 via fe80::3e78:43ff:fe41:d934 dev pppoe-wan proto static metric 512 pref medium
default from 2409:*:*:*::/64 via fe80::3e78:43ff:fe41:d934 dev pppoe-wan proto static metric 512 pref medium
2409:*:*:*::/62 via fe80::524f:3bff:fe4c:fca4 dev br-lan proto static metric 1024 pref medium
2409:*:*:*::/60 dev br-lan proto kernel metric 256 expires 4892sec pref medium
2409:*:*:*::/62 via fe80::524f:3bff:fe4c:fca4 dev br-lan proto static metric 1024 pref medium
2409:*:*:*::/60 dev br-lan proto kernel metric 256 expires 5008sec pref medium
2409:*:*:*::/64 dev br-lan proto static metric 1024 pref medium
2409:*:*:*::/62 via fe80::524f:3bff:fe4c:fca4 dev br-lan proto static metric 1024 pref medium
unreachable 2409:*:*:*::/60 dev lo proto static metric 2147483647 pref medium
unreachable 2409:*:*:*::/64 dev lo proto static metric 2147483647 pref medium
fe80::*:*:*:8a0 dev pppoe-wan proto kernel metric 256 pref medium
fe80::*:*:*:d934 dev pppoe-wan proto kernel metric 256 pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium
fe80::/64 dev eth1 proto kernel metric 256 pref medium
fe80::/64 dev ifb4pppoe-wan proto kernel metric 256 pref medium
#ip -6 rule show
0: from all lookup local
32765: from all fwmark 0x162 lookup 354
32766: from all lookup main
4200000000: from 2409:*:*:*:2420:a8ff:fe4e:626d/60 iif br-lan unreachable
4200000001: from all iif lo failed_policy
4200000005: from all iif br-lan failed_policy
4200000038: from all iif pppoe-wan failed_policy
4200000038: from all iif pppoe-wan failed_policy
#===================== 端口占用状态 =====================#
tcp 0 0 :::9090 :::* LISTEN 11840/clash
tcp 0 0 :::7874 :::* LISTEN 11840/clash
tcp 0 0 :::7892 :::* LISTEN 11840/clash
tcp 0 0 :::7893 :::* LISTEN 11840/clash
tcp 0 0 :::7895 :::* LISTEN 11840/clash
tcp 0 0 :::7890 :::* LISTEN 11840/clash
tcp 0 0 :::7891 :::* LISTEN 11840/clash
udp 0 0 :::51469 :::* 11840/clash
udp 0 0 :::7874 :::* 11840/clash
udp 0 0 :::7891 :::* 11840/clash
udp 0 0 :::7892 :::* 11840/clash
udp 0 0 :::7893 :::* 11840/clash
udp 0 0 :::7895 :::* 11840/clash
udp 0 0 :::54230 :::* 11840/clash
#===================== 测试本机DNS查询(www.baidu.com) =====================#
Server: 127.0.*.*
Address: 127.0.*.*:53
www.baidu.com canonical name = www.a.shifen.com
Name: www.a.shifen.com
Address: 223.109.*.*
Name: www.a.shifen.com
Address: 223.109.*.*
www.baidu.com canonical name = www.a.shifen.com
Name: www.a.shifen.com
Address: 2409:*:*:*:0:ff:b0f6:b2d
Name: www.a.shifen.com
Address: 2409:*:*:*:0:ff:b080:87f0
#===================== 测试内核DNS查询(www.instagram.com) =====================#
Status: 0
TC: false
RD: true
RA: true
AD: false
CD: false
Question:
Name: www.instagram.com.
Qtype: 1
Qclass: 1
Answer:
TTL: 30
data: z-p42-instagram.c10r.instagram.com.
name: www.instagram.com.
type: 5
TTL: 30
data: 163.70.*.*
name: z-p42-instagram.c10r.instagram.com.
type: 1
Status: 0
TC: false
RD: true
RA: true
AD: false
CD: false
Question:
Name: www.instagram.com.
Qtype: 28
Qclass: 1
Answer:
TTL: 30
data: z-p42-instagram.c10r.instagram.com.
name: www.instagram.com.
type: 5
TTL: 30
data: 2a03:*:*:*:face:b00c:0:4420
name: z-p42-instagram.c10r.instagram.com.
type: 28
Dnsmasq 当前默认 resolv 文件:/tmp/resolv.conf.d/resolv.conf.auto
#===================== /tmp/resolv.conf.d/resolv.conf.auto =====================#
# Interface wan
nameserver 211.140.*.*
nameserver 211.140.*.*
# Interface wan_6
nameserver 2409:8028:2000::1111
nameserver 2409:8028:2000::2222
#===================== 测试本机网络连接(www.baidu.com) =====================#
HTTP/1.1 200 OK
Bdpagetype: 1
Bdqid: 0x9a6b488b0639997c
Connection: keep-alive
Content-Length: 510528
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Jun 2025 05:13:13 GMT
Server: BWS/1.1
Set-Cookie: BIDUPSID=39B8B0BD7007CD39C3B9A1CD2AD22E5C; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com
Set-Cookie: PSTM=1748841193; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com
Set-Cookie: BDSVRTM=0; path=/
Set-Cookie: BD_HOME=1; path=/
Set-Cookie: BAIDUID=39B8B0BD7007CD39C3B9A1CD2AD22E5C:FG=1; Path=/; Domain=baidu.com; Max-Age=31536000
Set-Cookie: BAIDUID_BFESS=39B8B0BD7007CD39C3B9A1CD2AD22E5C:FG=1; Path=/; Domain=baidu.com; Max-Age=31536000; Secure; SameSite=None
Traceid: 1748841193266352794611127067066291034492
Vary: Accept-Encoding
X-Ua-Compatible: IE=Edge,chrome=1
X-Xss-Protection: 1;mode=block
#===================== 测试本机网络下载(raw.githubusercontent.com) =====================#
HTTP/2 200
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: "f6037a93c68519d7041a3b4df325b61c424ec255b45dfeb063371319e39b0d96"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: A184:9DCDA:41D04:9E08C:683D32E9
accept-ranges: bytes
date: Mon, 02 Jun 2025 05:13:13 GMT
via: 1.1 varnish
x-served-by: cache-hkg17929-HKG
x-cache: MISS
x-cache-hits: 0
x-timer: S1748841194.652081,VS0,VE328
vary: Authorization,Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 096a9ba7db4e3e6ddf57842fa57d96597749b86c
expires: Mon, 02 Jun 2025 05:18:13 GMT
source-age: 0
content-length: 1071
#===================== 最近运行日志(自动切换为Debug模式) =====================#
time="2025-06-02T05:11:49.199884730Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:11:49.200905302Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:11:49.201277479Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:11:49.211210772Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:11:49.370905018Z" level=info msg="[TCP] [2409:*:*:*:e5f9:d5b9:da40:fc36]:62403 --> m.hotmail.com:443 match GeoSite(microsoft) using Ⓜ️ 微软服务[DIRECT]"
time="2025-06-02T05:11:50.021014171Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:11:50.021123258Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:11:50.021827070Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:11:51.855524949Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:11:51.855607202Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:03.465246418Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:03.467088638Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:03.467824827Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:08.550382285Z" level=info msg="[UDP] [2409:*:*:*:2420:a8ff:fe4e:626d]:35940(ntpd, uid=123) --> [2403:300:a16:3000::21]:123 match Match using 🐟 漏网之鱼[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:14.504527493Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:14.515858200Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:14.515933744Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:14.536665726Z" level=info msg="[TCP] 10.86.*.*:53104(smartdns) --> doh.pub:443 match RuleSet(tencent) using DIRECT"
time="2025-06-02T05:12:28.849785141Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.852460677Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.853021860Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.853827175Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.853985555Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.854814204Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.858043340Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.859243292Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.860937049Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.863915053Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.866692967Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.869086162Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:28.920485745Z" level=info msg="[TCP] 192.168.*.*:58995 --> github.com:443 match GeoSite(github) using 🚀 GitHub[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:28.929283835Z" level=info msg="[TCP] 10.86.*.*:55230(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:28.930029649Z" level=info msg="[TCP] 10.86.*.*:48260(smartdns) --> 1.1.*.*:53 match RuleSet(Custom_Proxy) using 🚀 手动选择[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:28.933889095Z" level=info msg="[TCP] 10.86.*.*:49364(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:29.055641605Z" level=info msg="[TCP] 192.168.*.*:58996 --> v10.events.data.microsoft.com:443 match GeoSite(microsoft) using Ⓜ️ 微软服务[DIRECT]"
time="2025-06-02T05:12:32.019605921Z" level=info msg="[TCP] 192.168.*.*:58997 --> 149.154.*.*:443 match RuleSet(telegram) using 💬 即时通讯[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:32.020564657Z" level=info msg="[TCP] 192.168.*.*:58998 --> 149.154.*.*:443 match RuleSet(telegram) using 💬 即时通讯[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:32.022417670Z" level=info msg="[TCP] 192.168.*.*:58999 --> 149.154.*.*:80 match RuleSet(telegram) using 💬 即时通讯[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:32.025339380Z" level=info msg="[TCP] 192.168.*.*:59000 --> 149.154.*.*:80 match RuleSet(telegram) using 💬 即时通讯[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:33.086631566Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:33.091231575Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:33.092579697Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:33.135492990Z" level=info msg="[TCP] 10.86.*.*:46466(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:33.140490552Z" level=info msg="[TCP] 10.86.*.*:34762(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:33.143538266Z" level=info msg="[TCP] 192.168.*.*:59001 --> collector.github.com:443 match GeoSite(github) using 🚀 GitHub[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:33.447324952Z" level=info msg="[TCP] 192.168.*.*:59002 --> collector.github.com:443 match GeoSite(github) using 🚀 GitHub[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:33.861964536Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:45.184937246Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:45.186670672Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:45.187628824Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:45.201308972Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:45.239620210Z" level=info msg="[TCP] 192.168.*.*:59003 --> api.github.com:443 match GeoSite(github) using 🚀 GitHub[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:45.239827591Z" level=info msg="[TCP] 10.86.*.*:55906(smartdns) --> 1.1.*.*:53 match RuleSet(Custom_Proxy) using 🚀 手动选择[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:45.240944124Z" level=info msg="[TCP] 10.86.*.*:55472(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:45.243489573Z" level=info msg="[TCP] 10.86.*.*:35702(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:12:45.638401673Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:46.176887944Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:46.177388751Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:46.178429739Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:46.179048965Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:46.179941200Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:46.180847434Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:46.181472786Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:46.182197890Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:46.182676529Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:50.078677877Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:50.079184225Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:50.080346842Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:51.875982368Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:51.876036911Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:12:55.682485966Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:00.184453187Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:00.184613317Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:00.184630526Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:00.232607873Z" level=info msg="[TCP] 10.86.*.*:54020(smartdns) --> 1.1.*.*:53 match RuleSet(Custom_Proxy) using 🚀 手动选择[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:13:00.233054720Z" level=info msg="[TCP] 10.86.*.*:50924(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:13:00.234112333Z" level=info msg="[TCP] 10.86.*.*:52474(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:13:00.238301080Z" level=info msg="[TCP] [2409:*:*:*:2d49:9192:426:744e]:59027 --> clients4.google.com:443 match GeoSite(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:13:00.631146329Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:05.061010436Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:05.061538077Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:05.061940296Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:05.111428811Z" level=info msg="[TCP] 10.86.*.*:47646(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:13:05.116500458Z" level=info msg="[TCP] 10.86.*.*:42334(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:13:05.266962226Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:05.269923311Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:05.274407233Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:05.325067989Z" level=info msg="[TCP] [2409:*:*:*:2d49:9192:426:744e]:59030 --> content-autofill.googleapis.com:443 match GeoSite(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:13:05.752575019Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:05.753586257Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:05.941592444Z" level=info msg="[TCP] [2409:*:*:*:2420:a8ff:fe4e:626d]:41440(curl) --> testingcf.jsdelivr.net:443 match RuleSet(Custom_Direct) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:12.223807592Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:12.223916970Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:12.548050245Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:12.597376877Z" level=info msg="[TCP] 10.86.*.*:50306(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:13:12.597924060Z" level=info msg="[TCP] 10.86.*.*:37306(smartdns) --> 8.8.*.*:53 match GeoIP(google) using 🇬 谷歌服务[[SS] 🇭🇰 Hong Kong IEPL 02]"
time="2025-06-02T05:13:12.861505586Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:13.502948394Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:13.503072064Z" level=info msg="[UDP] mihomo --> 127.0.*.*:5335 match GeoIP(private) using 🎯 全球直连[DIRECT]"
time="2025-06-02T05:13:13.563260677Z" level=info msg="[TCP] [2409:*:*:*:2420:a8ff:fe4e:626d]:53140(curl) --> raw.githubusercontent.com:443 match GeoSite(github) using 🚀 GitHub[[SS] 🇭🇰 Hong Kong IEPL 02]"
#===================== 最近运行日志获取完成(自动切换为silent模式) =====================#
#===================== 活动连接信息 =====================#
1. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【raw.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
2. SourceIP:【192.168.*.*】 - Host:【ts1.tc.mm.bing.net】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【bing】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
3. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【api.ip.sb】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【Custom_Proxy】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
4. SourceIP:【192.168.*.*】 - Host:【ts2.tc.mm.bing.net】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【bing】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
5. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【avatars.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
6. SourceIP:【192.168.*.*】 - Host:【alive.github.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
7. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【a.nel.cloudflare.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
8. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【content-autofill.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
9. SourceIP:【10.86.*.*】 - Host:【Empty】 - DestinationIP:【8.8.*.*】 - Network:【udp】 - RulePayload:【google】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
10. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【edge.microsoft.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【DIRECT】
11. SourceIP:【10.86.*.*】 - Host:【Empty】 - DestinationIP:【8.8.*.*】 - Network:【udp】 - RulePayload:【google】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
12. SourceIP:【192.168.*.*】 - Host:【v.cdnlz17.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
13. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【edge.microsoft.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【DIRECT】
14. SourceIP:【192.168.*.*】 - Host:【avatars1.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
15. SourceIP:【192.168.*.*】 - Host:【camo.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
16. SourceIP:【192.168.*.*】 - Host:【ts3.tc.mm.bing.net】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【bing】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
17. SourceIP:【192.168.*.*】 - Host:【avatars2.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
18. SourceIP:【192.168.*.*】 - Host:【browser.events.data.msn.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【DIRECT】
19. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【translate-pa.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
20. SourceIP:【192.168.*.*】 - Host:【github.githubassets.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
21. SourceIP:【2409:*:*:*:d543:65b1:3b4e:9360】 - Host:【m.hotmail.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【DIRECT】
22. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【www.youtube.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【youtube】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
23. SourceIP:【192.168.*.*】 - Host:【collector.github.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
24. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【mtalk.google.com】 - DestinationIP:【2404:6800:4008:c03::bc】 - Network:【tcp】 - RulePayload:【Custom_Proxy】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
25. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【client.wns.windows.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【DIRECT】
26. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【www.bing.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【bing】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
27. SourceIP:【192.168.*.*】 - Host:【api-ipv4.ip.sb】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【Custom_Proxy】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
28. SourceIP:【192.168.*.*】 - Host:【api.ipify.org】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【Custom_Proxy】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
29. SourceIP:【192.168.*.*】 - Host:【trace.mediago.io】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
30. SourceIP:【192.168.*.*】 - Host:【browser.events.data.msn.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【DIRECT】
31. SourceIP:【192.168.*.*】 - Host:【avatars0.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
32. SourceIP:【192.168.*.*】 - Host:【aks-prod-japaneast.access-point.cloudmessaging.edge.microsoft.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【DIRECT】
33. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【clients4.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
34. SourceIP:【192.168.*.*】 - Host:【github.githubassets.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
35. SourceIP:【192.168.*.*】 - Host:【avatars3.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
36. SourceIP:【192.168.*.*】 - Host:【Empty】 - DestinationIP:【91.108.*.*】 - Network:【tcp】 - RulePayload:【telegram】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
37. SourceIP:【2409:*:*:*:e5f9:d5b9:da40:fc36】 - Host:【m.hotmail.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【DIRECT】
38. SourceIP:【192.168.*.*】 - Host:【browser.events.data.msn.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【DIRECT】
39. SourceIP:【2409:*:*:*:2d49:9192:426:744e】 - Host:【avatars.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【[SS] 🇭🇰 Hong Kong IEPL 02】
40. SourceIP:【192.168.*.*】 - Host:【browser.events.data.msn.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【DIRECT】
41. SourceIP:【192.168.*.*】 - Host:【browser.events.data.msn.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【DIRECT】
42. SourceIP:【10.86.*.*】 - Host:【doh.pub】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【tencent】 - Lastchain:【DIRECT】
Expected Behavior
正常防火墙设置应该不会触发openclash的防火墙重置吧
Additional Context
2025-06-02 13:06:02 提示:开始添加自定义防火墙规则... 2025-06-02 13:06:02 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则... 2025-06-02 13:06:01 提示:IPv6 代理模式为 TProxy... 2025-06-02 13:06:01 提示:DNS 劫持模式为 Dnsmasq 转发... 2025-06-02 13:06:00 重置 OpenClash 防火墙规则... 2025-06-02 13:05:59 提示:开始添加自定义防火墙规则... 2025-06-02 13:05:59 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则... 2025-06-02 13:05:58 提示:IPv6 代理模式为 TProxy... 2025-06-02 13:05:58 提示:DNS 劫持模式为 Dnsmasq 转发... 2025-06-02 13:05:57 重置 OpenClash 防火墙规则...
我安装的immortalwrt master版本6.12内核的。今天也遇到了。重启完系统以后还能上网,等openclash开始启动了,不停重置防火墙了。就不能上网了。就连ip也不能往下分配了。只要关闭了openclash,网络就恢复正常。然后再次手动启动openclash就正常。只要每次重启系统,等op开始启动必出这个问题,不停的重置。。。
2025-06-04 15:47:10 提示:开始添加自定义防火墙规则... 2025-06-04 15:47:10 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则... 2025-06-04 15:47:09 提示:检测到 Firewall4,使用 NFTABLE 规则... 2025-06-04 15:47:09 提示:DNS 劫持模式为 Dnsmasq 转发... 2025-06-04 15:47:08 重置 OpenClash 防火墙规则... 2025-06-04 15:47:08 提示:开始添加自定义防火墙规则... 2025-06-04 15:47:08 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则... 2025-06-04 15:47:07 提示:检测到 Firewall4,使用 NFTABLE 规则... 2025-06-04 15:47:07 提示:DNS 劫持模式为 Dnsmasq 转发... 2025-06-04 15:47:06 重置 OpenClash 防火墙规则... 2025-06-04 15:47:06 提示:开始添加自定义防火墙规则... 2025-06-04 15:47:05 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则... 2025-06-04 15:47:04 提示:检测到 Firewall4,使用 NFTABLE 规则... 2025-06-04 15:47:04 提示:DNS 劫持模式为 Dnsmasq 转发... 2025-06-04 15:47:04 重置 OpenClash 防火墙规则... 2025-06-04 15:47:03 提示:开始添加自定义防火墙规则... 2025-06-04 15:47:03 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则... 2025-06-04 15:47:02 提示:检测到 Firewall4,使用 NFTABLE 规则... 2025-06-04 15:47:02 提示:DNS 劫持模式为 Dnsmasq 转发... 2025-06-04 15:47:01 重置 OpenClash 防火墙规则... 2025-06-04 15:47:01 提示:开始添加自定义防火墙规则... 2025-06-04 15:47:01 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则... 2025-06-04 15:47:00 提示:检测到 Firewall4,使用 NFTABLE 规则... 2025-06-04 15:47:00 提示:DNS 劫持模式为 Dnsmasq 转发... 2025-06-04 15:46:59 重置 OpenClash 防火墙规则... 2025-06-04 15:46:58 提示:开始添加自定义防火墙规则... 2025-06-04 15:46:58 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则... 2025-06-04 15:46:57 提示:检测到 Firewall4,使用 NFTABLE 规则... 2025-06-04 15:46:57 提示:DNS 劫持模式为 Dnsmasq 转发... 2025-06-04 15:46:56 重置 OpenClash 防火墙规则... 2025-06-04 15:46:54 提示:开始添加自定义防火墙规则... 2025-06-04 15:46:54 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则... 2025-06-04 15:46:53 提示:检测到 Firewall4,使用 NFTABLE 规则... 2025-06-04 15:46:53 提示:DNS 劫持模式为 Dnsmasq 转发... 2025-06-04 15:46:52 重置 OpenClash 防火墙规则... 2025-06-04 15:46:52 提示:开始添加自定义防火墙规则... 2025-06-04 15:46:52 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则... 2025-06-04 15:46:51 提示:检测到 Firewall4,使用 NFTABLE 规则... 2025-06-04 15:46:51 提示:DNS 劫持模式为 Dnsmasq 转发... 2025-06-04 15:46:50 重置 OpenClash 防火墙规则... 2025-06-04 15:46:45 警告:OpenClash 启动成功,检测到您启用了IPv6的DHCP服务,可能会造成连接异常! 2025-06-04 15:46:45 第七步: 添加计划任务,启动进程守护程序... 2025-06-04 15:46:45 提示:开始添加自定义防火墙规则... 2025-06-04 15:46:45 提示:正在根据防火墙端口转发和防火墙通信规则添加端口绕过规则... 2025-06-04 15:46:44 提示:检测到 Firewall4,使用 NFTABLE 规则... 2025-06-04 15:46:44 提示:DNS 劫持模式为 Dnsmasq 转发... 2025-06-04 15:46:44 第六步: 设置防火墙规则... 2025-06-04 15:46:44 第五步: 设置 Dnsmasq 程序... 2025-06-04 15:46:44 第四步: 启动主程序... 2025-06-04 15:46:44 提示:开始运行自定义覆写脚本... 2025-06-04 15:46:42 提示:为保证绕过 IP 正常工作,已在 Fake-IP-Filter 中添加规则【geosite:cn】... 2025-06-04 15:46:42 提示:您为 SOCKS5/HTTP(S) 代理设置的账户密码为【Clash:mP0BeyU2】... 2025-06-04 15:46:41 第三步: 修改配置文件... 2025-06-04 15:46:41 第二步: 组件运行前检查... 2025-06-04 15:46:41 第一步: 获取配置... 2025-06-04 15:46:41 OpenClash 开始启动... 2025-06-04 15:46:41 OpenClash 关闭成功! 2025-06-04 15:46:41 第六步:删除 OpenClash 残留文件... 2025-06-04 15:46:41 第五步: 重启 Dnsmasq 程序... 2025-06-04 15:46:41 第四步: 关闭 Clash 主程序... 2025-06-04 15:46:41 第三步: 关闭 OpenClash 守护程序... 2025-06-04 15:46:41 第二步: 删除 OpenClash 防火墙规则... 2025-06-04 15:46:41 第一步: 备份当前策略组状态... 2025-06-04 15:46:41 OpenClash 开始关闭... 2025-06-04 15:46:41 OpenClash 重新启动中... 2025-06-04 15:46:11 延迟启动已启用,OpenClash 将在【30】秒后开始启动...
你这个可能是其他的某个防火墙规则和openclash有冲突
后来我自己开始测试。把openclash延迟120秒启动,软路由重启后所有的程序都运行以后。openclash开始运行。他居然给我重新拨号了。我所有的配置都是从2年前开始一直用到现在的。这个情况前几天用6.6内核24.10.1的版本都还没有,前天升级到6.12以后昨天重启发现的。他只发生在软路由重启后开始运行openclash。一旦运行就会重新替我拨号。。同时偶尔会引发都不给我的电脑分配ipv4地址且无法上网。只有关闭openclash才能恢复,然后再次启动openclash就一切正常了。再之后只要不重启软路由,如何折腾openclash都正常。
