客户端因主路由分配的ipv6 DNS服务器而无法科学上网 #1767

SilenceEagle · 2021-11-19T14:43:18Z

配置：

主路由拨号上网，开启IPv4 DHCP 和 IPv6 DHCP，其中 IPv6 的上网方式为 Native，局域网IP为192.168.31.1，网关为192.168.31.1。
旁路由 openwrt 固件使用的是为骷颅头的，插件只开启了 openclash，旁路由lan口通过网线与主路由lan口连接，旁路由局域网IP地址为192.168.31.6。旁路由网关指向主路由192.168.31.1，DNS中也通过勾选OpenClash --> 全局设置 --> DNS设置 --> 追加上游DNS 加入了主路由IP。
旁路由未开启 IPv4 DHCP，目前OpenClalsh中也未开启IPv6流量代理、IPv6 DNS解析（尝试过开启，但下述问题会仍存在）。也勾选了Dnsmasq中的禁止解析 IPv6 DNS 记录（尝试过不开启，但下述问题会仍存在）。
目前为Fack-IP模式（也尝试过REDIR-HOST模式，但下述问题仍存在）。

问题：

电脑端连上主路由，网关和DNS均设置为旁路由192.168.31.6后，打不开谷歌，youtube可打开，但视频无法播放。但禁掉Ipv6后回复正常访问谷歌，可播放youtube视频。
在苹果手机上手动设置网关和DNS旁路由192.168.31.6，并删除主路由分配的IPv6 DNS后，可正常访问谷歌，播放youtube视频。不删IPv6 DNS时，无法访问谷歌，无法播放youtube视频。
安卓手机（小米）只支持手动设置IPv4网关和DNS，设置为旁路由192.168.31.6后便可正常访问谷歌，播放youtube视频。
安卓TV端只支持手动设置IPv4网关和DNS，但将网关和DNS均设置为旁路由192.168.31.6后无法播放youtube视频。

期望结果

在开启IPv6的同时（需访问PT站）也可访问谷歌，播放youtube视频。

调试日志

OpenClash 调试日志

生成时间: 2021-11-19 22:39:24
插件版本: v0.43.09-beta
隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息


#===================== 系统信息 =====================#

主机型号: FriendlyElec NanoPi R2S
固件版本: OpenWrt SNAPSHOT r3881+1-e65535d3c
LuCI版本: git-21.280.14233-9b796b1-1
内核版本: 5.4.158
处理器架构: aarch64_generic

#此项有值时,如不使用IPv6,建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: 

#此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.0.1#7874

#===================== 依赖检查 =====================#

dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
iptables-mod-tproxy: 已安装
kmod-ipt-tproxy: 已安装
iptables-mod-extra: 已安装
kmod-ipt-extra: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
ruby-psych: 已安装
ruby-pstore: 已安装
ruby-dbm: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci-19.07): 已安装

#===================== 内核检查 =====================#

运行状态: 运行中
进程pid: 7961
运行权限: 7961: cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_resource=eip
运行用户: nobody
已选择的架构: linux-armv8

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 2021.09.15
Tun内核文件: 存在
Tun内核运行权限: 正常

Game内核版本: 20210310-122-g48a4641
Game内核文件: 存在
Game内核运行权限: 正常

Dev内核版本: v1.7.1-24-gebbc960
Dev内核文件: 存在
Dev内核运行权限: 正常

#===================== 插件设置 =====================#

当前配置文件: /etc/openclash/config/GlaDos.yaml
启动配置文件: /etc/openclash/GlaDos.yaml
运行模式: fake-ip
默认代理模式: rule
UDP流量转发(tproxy): 启用
DNS劫持: 启用
自定义DNS: 停用
IPV6代理: 停用
IPV6-DNS解析: 停用
禁用Dnsmasq缓存: 启用
自定义规则: 停用
仅允许内网: 停用
仅代理命中规则流量: 启用
仅允许常用端口流量: 停用
绕过中国大陆IP: 停用

#启动异常时建议关闭此项后重试
混合节点: 停用
保留配置: 停用

#启动异常时建议关闭此项后重试
第三方规则: 停用

#===================== 配置文件 =====================#

port: 7890
socks-port: 7891
allow-lan: true
mode: rule
log-level: silent
external-controller: 0.0.0.0:9090
dns:
  enable: true
  ipv6: false
  listen: 127.0.0.1:7874
  enhanced-mode: fake-ip
  nameserver:
  - 192.168.31.1
  - 114.114.114.114
  - 119.29.29.29
  fallback:
  - tls://1.0.0.1:853
  - tls://8.8.4.4:853
  fake-ip-range: 198.18.0.1/16
  fake-ip-filter:
  - "*.lan"
  - "*.localdomain"
  - "*.example"
  - "*.invalid"
  - "*.localhost"
  - "*.test"
  - "*.local"
  - "*.home.arpa"
  - time.*.com
  - time.*.gov
  - time.*.edu.cn
  - time.*.apple.com
  - time1.*.com
  - time2.*.com
  - time3.*.com
  - time4.*.com
  - time5.*.com
  - time6.*.com
  - time7.*.com
  - ntp.*.com
  - ntp1.*.com
  - ntp2.*.com
  - ntp3.*.com
  - ntp4.*.com
  - ntp5.*.com
  - ntp6.*.com
  - ntp7.*.com
  - "*.time.edu.cn"
  - "*.ntp.org.cn"
  - "+.pool.ntp.org"
  - time1.cloud.tencent.com
  - music.163.com
  - "*.music.163.com"
  - "*.126.net"
  - musicapi.taihe.com
  - music.taihe.com
  - songsearch.kugou.com
  - trackercdn.kugou.com
  - "*.kuwo.cn"
  - api-jooxtt.sanook.com
  - api.joox.com
  - joox.com
  - y.qq.com
  - "*.y.qq.com"
  - streamoc.music.tc.qq.com
  - mobileoc.music.tc.qq.com
  - isure.stream.qqmusic.qq.com
  - dl.stream.qqmusic.qq.com
  - aqqmusic.tc.qq.com
  - amobile.music.tc.qq.com
  - "*.xiami.com"
  - "*.music.migu.cn"
  - music.migu.cn
  - "*.msftconnecttest.com"
  - "*.msftncsi.com"
  - msftconnecttest.com
  - msftncsi.com
  - localhost.ptlogin2.qq.com
  - localhost.sec.qq.com
  - "+.srv.nintendo.net"
  - "+.stun.playstation.net"
  - xbox.*.microsoft.com
  - xnotify.xboxlive.com
  - "+.battlenet.com.cn"
  - "+.wotgame.cn"
  - "+.wggames.cn"
  - "+.wowsgame.cn"
  - "+.wargaming.net"
  - proxy.golang.org
  - stun.*.*
  - stun.*.*.*
  - "+.stun.*.*"
  - "+.stun.*.*.*"
  - "+.stun.*.*.*.*"
  - heartbeat.belkin.com
  - "*.linksys.com"
  - "*.linksyssmartwifi.com"
  - "*.router.asus.com"
  - mesu.apple.com
  - swscan.apple.com
  - swquery.apple.com
  - swdownload.apple.com
  - swcdn.apple.com
  - swdist.apple.com
  - lens.l.google.com
  - stun.l.google.com
  - "+.nflxvideo.net"
  default-nameserver:
  - 192.168.31.1
  - 114.114.114.114
  - 119.29.29.29
proxy-groups:
- name: Auto-Fast
  type: url-test
  url: http://www.gstatic.cn/generate_204
  interval: 1200
  tolerance: 50
  proxies:
  - GLaDOS-N2-00
  - GLaDOS-N2-01
  - GLaDOS-N2-02
  - GLaDOS-N2-03
  - GLaDOS-N2-04
  - GLaDOS-N2-05
  - GLaDOS-N2-06
  - GLaDOS-N2-07
- name: Auto-Edge
  type: url-test
  url: http://www.gstatic.cn/generate_204
  interval: 3000
  tolerance: 100
  proxies:
  - GLaDOS-Portalgun-00
  - GLaDOS-Portalgun-01
  - GLaDOS-Portalgun-02
  - GLaDOS-Portalgun-03
  - GLaDOS-Portalgun-04
  - GLaDOS-Portalgun-05
  - GLaDOS-N2-04
  - GLaDOS-N2-05
  - GLaDOS-N2-06
  - GLaDOS-N2-07
- name: Economic
  type: url-test
  url: http://www.gstatic.cn/generate_204
  interval: 3600
  tolerance: 30
  proxies:
  - GLaDOS-E01-Economic
  - GLaDOS-E02-Economic
  - GLaDOS-E03-Economic
  - GLaDOS-E04-Economic
  - GLaDOS-E05-Economic
  - GLaDOS-E06-Economic
- name: Express
  type: fallback
  url: http://www.gstatic.cn/generate_204
  interval: 1200
  tolerance: 50
  proxies:
  - Auto-Edge
  - Auto-Fast
  - Economic
- name: Auto
  type: fallback
  url: http://www.gstatic.cn/generate_204
  interval: 900
  proxies:
  - Auto-Fast
  - Auto-Edge
  - Economic
  - DIRECT
- name: Geo
  type: url-test
  url: http://www.gstatic.cn/generate_204
  interval: 3000
  proxies:
  - US-GLaDOS-GEO-00
  - US-GLaDOS-GEO-01
  - US-GLaDOS-GEO-02
  - JP-GLaDOS-GEO-00
  - JP-GLaDOS-GEO-01
  - JP-GLaDOS-GEO-02
  - TW-GLaDOS-GEO-00
  - TW-GLaDOS-GEO-01
  - TW-GLaDOS-GEO-02
  - HK-GLaDOS-GEO-00
  - HK-GLaDOS-GEO-01
  - HK-GLaDOS-GEO-02
  - SG-GLaDOS-GEO-00
  - SG-GLaDOS-GEO-01
  - SG-GLaDOS-GEO-02
  - GLaDOS-TW-Netflix
  - GLaDOS-US-Netflix
  - GLaDOS-HK-Netflix
- name: Proxy
  type: select
  proxies:
  - Auto
  - GLaDOS-N2-00
  - GLaDOS-N2-01
  - GLaDOS-N2-02
  - GLaDOS-N2-03
  - GLaDOS-N2-04
  - GLaDOS-N2-05
  - GLaDOS-N2-06
  - GLaDOS-N2-07
  - Economic
  - US-GLaDOS-GEO-00
  - US-GLaDOS-GEO-01
  - US-GLaDOS-GEO-02
  - JP-GLaDOS-GEO-00
  - JP-GLaDOS-GEO-01
  - JP-GLaDOS-GEO-02
  - TW-GLaDOS-GEO-00
  - TW-GLaDOS-GEO-01
  - TW-GLaDOS-GEO-02
  - HK-GLaDOS-GEO-00
  - HK-GLaDOS-GEO-01
  - HK-GLaDOS-GEO-02
  - SG-GLaDOS-GEO-00
  - SG-GLaDOS-GEO-01
  - SG-GLaDOS-GEO-02
- name: Video
  type: select
  interval: 1200
  url: http://www.gstatic.cn/generate_204
  proxies:
  - Express
  - Economic
  - GLaDOS-Portalgun-00
  - GLaDOS-Portalgun-01
  - GLaDOS-Portalgun-02
  - GLaDOS-Portalgun-03
  - GLaDOS-Portalgun-04
  - GLaDOS-Portalgun-05
  - GLaDOS-N2-04
  - GLaDOS-N2-05
  - GLaDOS-N2-06
  - GLaDOS-N2-07
- name: NETFLIX
  type: select
  url: http://www.gstatic.cn/generate_204
  interval: 3000
  proxies:
  - GLaDOS-TW-Netflix
  - GLaDOS-US-Netflix
  - GLaDOS-HK-Netflix
rules:
- IP-CIDR,198.18.0.1/16,REJECT,no-resolve
- DOMAIN-SUFFIX,awesome-hd.me,DIRECT
- DOMAIN-SUFFIX,broadcasthe.net,DIRECT
- DOMAIN-SUFFIX,chdbits.co,DIRECT
- DOMAIN-SUFFIX,classix-unlimited.co.uk,DIRECT
- DOMAIN-SUFFIX,empornium.me,DIRECT
- DOMAIN-SUFFIX,gazellegames.net,DIRECT
- DOMAIN-SUFFIX,hdchina.org,DIRECT
- DOMAIN-SUFFIX,hdsky.me,DIRECT
- DOMAIN-SUFFIX,icetorrent.org,DIRECT
- DOMAIN-SUFFIX,jpopsuki.eu,DIRECT
- DOMAIN-SUFFIX,icetorrent.org,DIRECT
- DOMAIN-SUFFIX,keepfrds.com,DIRECT
- DOMAIN-SUFFIX,madsrevolution.net,DIRECT
- DOMAIN-SUFFIX,m-team.cc,DIRECT
- DOMAIN-SUFFIX,nanyangpt.com,DIRECT
- DOMAIN-SUFFIX,ncore.cc,DIRECT
- DOMAIN-SUFFIX,open.cd,DIRECT
- DOMAIN-SUFFIX,ourbits.club,DIRECT
- DOMAIN-SUFFIX,passthepopcorn.me,DIRECT
- DOMAIN-SUFFIX,privatehd.to,DIRECT
- DOMAIN-SUFFIX,redacted.ch,DIRECT
- DOMAIN-SUFFIX,springsunday.net,DIRECT
- DOMAIN-SUFFIX,tjupt.org,DIRECT
- DOMAIN-SUFFIX,totheglory.im,DIRECT
- DOMAIN-KEYWORD,announce,DIRECT
- DOMAIN-KEYWORD,torrent,DIRECT
- DOMAIN-SUFFIX,qq.com,DIRECT
- DOMAIN-SUFFIX,taobao.com,DIRECT
- DOMAIN-SUFFIX,baidu.com,DIRECT
- DOMAIN-SUFFIX,weibo.com,DIRECT
- DOMAIN-SUFFIX,jd.com,DIRECT
- DOMAIN-SUFFIX,tmall.com,DIRECT
- DOMAIN-SUFFIX,360.cn,DIRECT
- DOMAIN-SUFFIX,zhihu.com,DIRECT
- DOMAIN-SUFFIX,com.cn,DIRECT
- IP-CIDR,119.29.29.29/32,DIRECT
- IP-CIDR,114.114.114.114/32,DIRECT
- IP-CIDR,1.1.1.1/32,Proxy
- IP-CIDR,1.0.0.1/32,Proxy
- IP-CIDR,8.8.8.8/32,Proxy
- DOMAIN,dns.google,Proxy
- DOMAIN,services.googleapis.cn,Proxy
- DOMAIN,googleapis.cn,Proxy
- DOMAIN-SUFFIX,ping.pe,Proxy
- DOMAIN-SUFFIX,xn--ngstr-lra8j.com,Proxy
- DOMAIN-KEYWORD,bilibili,DIRECT
- DOMAIN-SUFFIX,acg.tv,DIRECT
- DOMAIN-SUFFIX,acgvideo.com,DIRECT
- DOMAIN-SUFFIX,b23.tv,DIRECT
- DOMAIN-SUFFIX,biliapi.com,DIRECT
- DOMAIN-SUFFIX,biliapi.net,DIRECT
- DOMAIN-SUFFIX,bilibili.com,DIRECT
- DOMAIN-SUFFIX,biligame.com,DIRECT
- DOMAIN-SUFFIX,biligame.net,DIRECT
- DOMAIN-SUFFIX,hdslb.com,DIRECT
- DOMAIN-SUFFIX,im9.com,DIRECT
- DOMAIN-KEYWORD,zhejianglab,DIRECT
- DOMAIN-SUFFIX,blizzard.com,DIRECT
- DOMAIN-SUFFIX,battle.net,DIRECT
- DOMAIN,blzddist1-a.akamaihd.net,DIRECT
- DOMAIN,ifconfig.me,Proxy
- DOMAIN,services.googleapis.cn,Proxy
- DOMAIN,google.com,Proxy
- DOMAIN-SUFFIX,google.cn,Proxy
- DOMAIN-SUFFIX,googleapis.cn,Proxy
- DOMAIN-KEYWORD,facebook,Proxy
- DOMAIN-SUFFIX,fb.me,Proxy
- DOMAIN-KEYWORD,gmail,Proxy
- DOMAIN-KEYWORD,twitter,Proxy
- DOMAIN-KEYWORD,instagram,Proxy
- DOMAIN-SUFFIX,twimg.com,Proxy
- DOMAIN-KEYWORD,blogspot,Proxy
- DOMAIN-KEYWORD,whatsapp,Proxy
- DOMAIN-KEYWORD,scholar,Proxy
- DOMAIN-KEYWORD,glados,Proxy
- DOMAIN-KEYWORD,wikipedia,Proxy
- DOMAIN-SUFFIX,google.com,Proxy
- DOMAIN-SUFFIX,facebook.com,Proxy
- DOMAIN-SUFFIX,yahoo.com,Proxy
- DOMAIN-SUFFIX,amazon.com,Proxy
- DOMAIN-SUFFIX,vk.com,Proxy
- DOMAIN-SUFFIX,reddit.com,Proxy
- DOMAIN-SUFFIX,live.com,Proxy
- DOMAIN-SUFFIX,zoom.us,Proxy
- DOMAIN-SUFFIX,wikipedia.org,Proxy
- DOMAIN-SUFFIX,myshopify.com,Proxy
- DOMAIN-SUFFIX,instagram.com,Proxy
- DOMAIN-SUFFIX,okezone.com,Proxy
- DOMAIN-SUFFIX,office.com,Proxy
- DOMAIN-SUFFIX,ebay.com,Proxy
- DOMAIN-SUFFIX,bongacams.com,Proxy
- DOMAIN-SUFFIX,blogspot.com,Proxy
- DOMAIN-SUFFIX,yahoo.co.jp,Proxy
- DOMAIN-SUFFIX,babytree.com,Proxy
- DOMAIN-SUFFIX,amazon.co.jp,Proxy
- DOMAIN-SUFFIX,adobe.com,Proxy
- DOMAIN-SUFFIX,livejasmin.com,Proxy
- DOMAIN-SUFFIX,stackoverflow.com,Proxy
- DOMAIN-SUFFIX,dropbox.com,Proxy
- DOMAIN-SUFFIX,msn.com,Proxy
- DOMAIN-SUFFIX,yandex.ru,Proxy
- DOMAIN-SUFFIX,linkedin.com,Proxy
- DOMAIN-SUFFIX,twitter.com,Proxy
- DOMAIN-SUFFIX,imgur.com,Proxy
- DOMAIN-SUFFIX,amazonaws.com,Proxy
- DOMAIN-SUFFIX,imdb.com,Proxy
- DOMAIN-SUFFIX,whatsapp.com,Proxy
- DOMAIN-SUFFIX,google.co.jp,Proxy
- DOMAIN-SUFFIX,trello.com,Proxy
- DOMAIN-SUFFIX,wordpress.com,Proxy
- DOMAIN-SUFFIX,nytimes.com,Proxy
- DOMAIN-SUFFIX,spotify.com,Proxy
- DOMAIN,ip.sb,Video
- DOMAIN-KEYWORD,youtube,Video
- DOMAIN-SUFFIX,youtu.be,Video
- DOMAIN-SUFFIX,googlevideo.com,Video
- DOMAIN-SUFFIX,ytimg.com,Video
- DOMAIN-SUFFIX,googleusercontent.com,Video
- DOMAIN-KEYWORD,twitch,Video
- DOMAIN-SUFFIX,netflix.com,NETFLIX
- DOMAIN-SUFFIX,netflix.net,NETFLIX
- DOMAIN-SUFFIX,nflxext.com,NETFLIX
- DOMAIN-SUFFIX,nflximg.com,NETFLIX
- DOMAIN-SUFFIX,nflximg.net,NETFLIX
- DOMAIN-SUFFIX,nflxso.net,NETFLIX
- DOMAIN-SUFFIX,oca.nflxvideo.net,NETFLIX
- DOMAIN-SUFFIX,nflxvideo.net,NETFLIX
- DOMAIN-SUFFIX,edgedatg.com,Video
- DOMAIN-SUFFIX,go.com,Video
- DOMAIN,linear-abematv.akamaized.net,Video
- DOMAIN-SUFFIX,abema.io,Video
- DOMAIN-SUFFIX,abema.tv,Video
- DOMAIN-SUFFIX,akamaized.net,Video
- DOMAIN-SUFFIX,ameba.jp,Video
- DOMAIN-SUFFIX,hayabusa.io,Video
- DOMAIN-SUFFIX,aiv-cdn.net,Video
- DOMAIN-SUFFIX,amazonaws.com,Video
- DOMAIN-SUFFIX,amazonvideo.com,Video
- DOMAIN-SUFFIX,llnwd.net,Video
- DOMAIN-SUFFIX,bahamut.com.tw,NETFLIX
- DOMAIN-SUFFIX,gamer.com.tw,NETFLIX
- DOMAIN-SUFFIX,hinet.net,NETFLIX
- DOMAIN-KEYWORD,bbcfmt,Video
- DOMAIN-KEYWORD,co.uk,Video
- DOMAIN-KEYWORD,uk-live,Video
- DOMAIN-SUFFIX,bbc.co,Video
- DOMAIN-SUFFIX,bbc.co.uk,Video
- DOMAIN-SUFFIX,bbc.com,Video
- DOMAIN-SUFFIX,bbci.co,Video
- DOMAIN-SUFFIX,bbci.co.uk,Video
- DOMAIN-SUFFIX,chocotv.com.tw,Video
- DOMAIN-KEYWORD,epicgames,Video
- DOMAIN-SUFFIX,helpshift.com,Video
- DOMAIN-KEYWORD,foxplus,Video
- DOMAIN-SUFFIX,config.fox.com,Video
- DOMAIN-SUFFIX,emome.net,Video
- DOMAIN-SUFFIX,fox.com,Video
- DOMAIN-SUFFIX,foxdcg.com,Video
- DOMAIN-SUFFIX,foxnow.com,Video
- DOMAIN-SUFFIX,foxplus.com,Video
- DOMAIN-SUFFIX,foxplay.com,Video
- DOMAIN-SUFFIX,ipinfo.io,Video
- DOMAIN-SUFFIX,mstage.io,Video
- DOMAIN-SUFFIX,now.com,Video
- DOMAIN-SUFFIX,theplatform.com,Video
- DOMAIN-SUFFIX,urlload.net,Video
- DOMAIN-SUFFIX,amazonaws.com,Video
- DOMAIN-SUFFIX,hbo.com,Video
- DOMAIN-SUFFIX,hboasia.com,Video
- DOMAIN-SUFFIX,hbogo.com,Video
- DOMAIN-SUFFIX,hbogoasia.hk,Video
- DOMAIN-SUFFIX,happyon.jp,Video
- DOMAIN-SUFFIX,hulu.com,Video
- DOMAIN-SUFFIX,huluim.com,Video
- DOMAIN-SUFFIX,hulustream.com,Video
- DOMAIN-SUFFIX,imkan.tv,Video
- DOMAIN-SUFFIX,joox.com,Video
- DOMAIN-KEYWORD,nowtv100,Video
- DOMAIN-KEYWORD,rthklive,Video
- DOMAIN-SUFFIX,mytvsuper.com,Video
- DOMAIN-SUFFIX,tvb.com,Video
- DOMAIN-SUFFIX,pandora.com,Video
- DOMAIN-SUFFIX,sky.com,Video
- DOMAIN-SUFFIX,skygo.co.nz,Video
- DOMAIN-KEYWORD,spotify,Video
- DOMAIN-SUFFIX,scdn.co,Video
- DOMAIN-SUFFIX,spoti.fi,Video
- DOMAIN-SUFFIX,viu.tv,Video
- DOMAIN-KEYWORD,youtube,Video
- DOMAIN-SUFFIX,googlevideo.com,Video
- DOMAIN-SUFFIX,gvt2.com,Video
- DOMAIN-SUFFIX,youtu.be,Video
- DOMAIN-SUFFIX,youtu.be,Video
- DOMAIN-SUFFIX,yt.be,Video
- DOMAIN-SUFFIX,ytimg.com,Video
- DOMAIN-KEYWORD,pornhub,Video
- DOMAIN-KEYWORD,porn,Video
- DOMAIN-KEYWORD,phncdn,Video
- DOMAIN-SUFFIX,vimeo.com,Video
- DOMAIN-SUFFIX,vimeocdn.com,Video
- DOMAIN-KEYWORD,qiyi,DIRECT
- DOMAIN-SUFFIX,qy.net,DIRECT
- DOMAIN-SUFFIX,letv.com,DIRECT
- DOMAIN-SUFFIX,163yun.com,DIRECT
- DOMAIN-SUFFIX,music.126.net,DIRECT
- DOMAIN-SUFFIX,music.163.com,DIRECT
- DOMAIN-SUFFIX,code.visualstudio.com,DIRECT
- DOMAIN-SUFFIX,v2ex.com,Proxy
- DOMAIN-KEYWORD,gitlab,Proxy
- DOMAIN-KEYWORD,github,Proxy
- DOMAIN-KEYWORD,stackoverflow.com,Proxy
- DOMAIN-SUFFIX,pinboard.in,Proxy
- DOMAIN-SUFFIX,techcrunch.com,Proxy
- DOMAIN-SUFFIX,trello.com,Proxy
- DOMAIN-SUFFIX,techsmith.com,Proxy
- DOMAIN-SUFFIX,thepiratebay.org,Proxy
- DOMAIN-SUFFIX,pinterest.com,Proxy
- DOMAIN-SUFFIX,yacd.haishan.me,Proxy
- DOMAIN-SUFFIX,digicert.com,DIRECT
- DOMAIN,pagead2.googlesyndication.com,DIRECT
- DOMAIN-SUFFIX,abc.xyz,Proxy
- DOMAIN-SUFFIX,android.com,Proxy
- DOMAIN-SUFFIX,androidify.com,Proxy
- DOMAIN-SUFFIX,dialogflow.com,Proxy
- DOMAIN-SUFFIX,autodraw.com,Proxy
- DOMAIN-SUFFIX,capitalg.com,Proxy
- DOMAIN-SUFFIX,certificate-transparency.org,Proxy
- DOMAIN-SUFFIX,chrome.com,Proxy
- DOMAIN-SUFFIX,chromeexperiments.com,Proxy
- DOMAIN-SUFFIX,chromestatus.com,Proxy
- DOMAIN-SUFFIX,chromium.org,Proxy
- DOMAIN-SUFFIX,creativelab5.com,Proxy
- DOMAIN-SUFFIX,debug.com,Proxy
- DOMAIN-SUFFIX,deepmind.com,Proxy
- DOMAIN-SUFFIX,firebaseio.com,Proxy
- DOMAIN-SUFFIX,getmdl.io,Proxy
- DOMAIN-SUFFIX,ggpht.com,Proxy
- DOMAIN-SUFFIX,gmail.com,Proxy
- DOMAIN-SUFFIX,gmodules.com,Proxy
- DOMAIN-SUFFIX,godoc.org,Proxy
- DOMAIN-SUFFIX,golang.org,Proxy
- DOMAIN-SUFFIX,gstatic.com,Proxy
- DOMAIN-SUFFIX,gv.com,Proxy
- DOMAIN-SUFFIX,gwtproject.org,Proxy
- DOMAIN-SUFFIX,itasoftware.com,Proxy
- DOMAIN-SUFFIX,madewithcode.com,Proxy
- DOMAIN-SUFFIX,material.io,Proxy
- DOMAIN-SUFFIX,polymer-project.org,Proxy
- DOMAIN-SUFFIX,admin.recaptcha.net,Proxy
- DOMAIN-SUFFIX,recaptcha.net,Proxy
- DOMAIN-SUFFIX,shattered.io,Proxy
- DOMAIN-SUFFIX,synergyse.com,Proxy
- DOMAIN-SUFFIX,tensorflow.org,Proxy
- DOMAIN-SUFFIX,tiltbrush.com,Proxy
- DOMAIN-SUFFIX,waveprotocol.org,Proxy
- DOMAIN-SUFFIX,waymo.com,Proxy
- DOMAIN-SUFFIX,webmproject.org,Proxy
- DOMAIN-SUFFIX,webrtc.org,Proxy
- DOMAIN-SUFFIX,whatbrowser.org,Proxy
- DOMAIN-SUFFIX,widevine.com,Proxy
- DOMAIN-SUFFIX,x.company,Proxy
- DOMAIN-KEYWORD,google,Proxy
- DOMAIN-SUFFIX,github.com,Proxy
- DOMAIN-SUFFIX,github.io,Proxy
- DOMAIN,hls.itunes.apple.com,DIRECT
- DOMAIN,itunes.apple.com,DIRECT
- DOMAIN-SUFFIX,apple.com,DIRECT
- DOMAIN-SUFFIX,icloud.com,DIRECT
- DOMAIN-SUFFIX,icloud-content.com,DIRECT
- DOMAIN-SUFFIX,mzstatic.com,DIRECT
- DOMAIN-SUFFIX,akadns.net,DIRECT
- DOMAIN-SUFFIX,aaplimg.com,DIRECT
- DOMAIN-SUFFIX,cdn-apple.com,DIRECT
- DOMAIN-SUFFIX,126.com,DIRECT
- DOMAIN-SUFFIX,126.net,DIRECT
- DOMAIN-SUFFIX,127.net,DIRECT
- DOMAIN-SUFFIX,163.com,DIRECT
- DOMAIN-SUFFIX,360buyimg.com,DIRECT
- DOMAIN-SUFFIX,36kr.com,DIRECT
- DOMAIN-SUFFIX,acfun.tv,DIRECT
- DOMAIN-SUFFIX,air-matters.com,DIRECT
- DOMAIN-SUFFIX,aixifan.com,DIRECT
- DOMAIN-SUFFIX,akamaized.net,DIRECT
- DOMAIN-KEYWORD,alicdn,DIRECT
- DOMAIN-KEYWORD,alipay,DIRECT
- DOMAIN-KEYWORD,taobao,DIRECT
- DOMAIN-SUFFIX,amap.com,DIRECT
- DOMAIN-SUFFIX,autonavi.com,DIRECT
- DOMAIN-KEYWORD,baidu,DIRECT
- DOMAIN-SUFFIX,bdimg.com,DIRECT
- DOMAIN-SUFFIX,bdstatic.com,DIRECT
- DOMAIN-SUFFIX,bilibili.com,DIRECT
- DOMAIN-SUFFIX,caiyunapp.com,DIRECT
- DOMAIN-SUFFIX,clouddn.com,DIRECT
- DOMAIN-SUFFIX,cnbeta.com,DIRECT
- DOMAIN-SUFFIX,cnbetacdn.com,DIRECT
- DOMAIN-SUFFIX,cootekservice.com,DIRECT
- DOMAIN-SUFFIX,csdn.net,DIRECT
- DOMAIN-SUFFIX,ctrip.com,DIRECT
- DOMAIN-SUFFIX,dgtle.com,DIRECT
- DOMAIN-SUFFIX,dianping.com,DIRECT
- DOMAIN-SUFFIX,douban.com,DIRECT
- DOMAIN-SUFFIX,doubanio.com,DIRECT
- DOMAIN-SUFFIX,duokan.com,DIRECT
- DOMAIN-SUFFIX,easou.com,DIRECT
- DOMAIN-SUFFIX,ele.me,DIRECT
- DOMAIN-SUFFIX,feng.com,DIRECT
- DOMAIN-SUFFIX,fir.im,DIRECT
- DOMAIN-SUFFIX,frdic.com,DIRECT
- DOMAIN-SUFFIX,g-cores.com,DIRECT
- DOMAIN-SUFFIX,godic.net,DIRECT
- DOMAIN-SUFFIX,gtimg.com,DIRECT
- DOMAIN,cdn.hockeyapp.net,DIRECT
- DOMAIN-SUFFIX,hongxiu.com,DIRECT
- DOMAIN-SUFFIX,hxcdn.net,DIRECT
- DOMAIN-SUFFIX,iciba.com,DIRECT
- DOMAIN-SUFFIX,ifeng.com,DIRECT
- DOMAIN-SUFFIX,ifengimg.com,DIRECT
- DOMAIN-SUFFIX,ipip.net,DIRECT
- DOMAIN-SUFFIX,iqiyi.com,DIRECT
- DOMAIN-SUFFIX,jd.com,DIRECT
- DOMAIN-SUFFIX,jianshu.com,DIRECT
- DOMAIN-SUFFIX,knewone.com,DIRECT
- DOMAIN-SUFFIX,le.com,DIRECT
- DOMAIN-SUFFIX,lecloud.com,DIRECT
- DOMAIN-SUFFIX,lemicp.com,DIRECT
- DOMAIN-SUFFIX,licdn.com,DIRECT
- DOMAIN-SUFFIX,linkedin.com,DIRECT
- DOMAIN-SUFFIX,luoo.net,DIRECT
- DOMAIN-SUFFIX,meituan.com,DIRECT
- DOMAIN-SUFFIX,meituan.net,DIRECT
- DOMAIN-SUFFIX,mi.com,DIRECT
- DOMAIN-SUFFIX,miaopai.com,DIRECT
- DOMAIN-SUFFIX,live.com,DIRECT
- DOMAIN-SUFFIX,live.net,DIRECT
- DOMAIN-SUFFIX,office.com,DIRECT
- DOMAIN-SUFFIX,office.net,DIRECT
- DOMAIN-SUFFIX,sharepoint.com,DIRECT
- DOMAIN-SUFFIX,office365.com,DIRECT
- DOMAIN-SUFFIX,officeppe.net,DIRECT
- DOMAIN-SUFFIX,skype.com,DIRECT
- DOMAIN-SUFFIX,onedrive.com,DIRECT
- DOMAIN-SUFFIX,msocsp.com,DIRECT
- DOMAIN-SUFFIX,msauthimages.net,DIRECT
- DOMAIN-SUFFIX,msauth.net,DIRECT
- DOMAIN-SUFFIX,msn.com,DIRECT
- DOMAIN-SUFFIX,onenote.com,DIRECT
- DOMAIN-SUFFIX,onenote.net,DIRECT
- DOMAIN-SUFFIX,1drv.com,DIRECT
- DOMAIN-SUFFIX,microsoft.com,DIRECT
- DOMAIN-SUFFIX,microsoftonline.com,DIRECT
- DOMAIN-SUFFIX,miui.com,DIRECT
- DOMAIN-SUFFIX,miwifi.com,DIRECT
- DOMAIN-SUFFIX,mob.com,DIRECT
- DOMAIN-SUFFIX,netease.com,DIRECT
- DOMAIN-SUFFIX,office.com,DIRECT
- DOMAIN-SUFFIX,office365.com,DIRECT
- DOMAIN-KEYWORD,officecdn,DIRECT
- DOMAIN-SUFFIX,oschina.net,DIRECT
- DOMAIN-SUFFIX,ppsimg.com,DIRECT
- DOMAIN-SUFFIX,pstatp.com,DIRECT
- DOMAIN-SUFFIX,qcloud.com,DIRECT
- DOMAIN-SUFFIX,qdaily.com,DIRECT
- DOMAIN-SUFFIX,qdmm.com,DIRECT
- DOMAIN-SUFFIX,qhimg.com,DIRECT
- DOMAIN-SUFFIX,qhres.com,DIRECT
- DOMAIN-SUFFIX,qidian.com,DIRECT
- DOMAIN-SUFFIX,qihucdn.com,DIRECT
- DOMAIN-SUFFIX,qiniu.com,DIRECT
- DOMAIN-SUFFIX,qiniucdn.com,DIRECT
- DOMAIN-SUFFIX,qiyipic.com,DIRECT
- DOMAIN-SUFFIX,qq.com,DIRECT
- DOMAIN-SUFFIX,qqurl.com,DIRECT
- DOMAIN-SUFFIX,rarbg.to,DIRECT
- DOMAIN-SUFFIX,ruguoapp.com,DIRECT
- DOMAIN-SUFFIX,segmentfault.com,DIRECT
- DOMAIN-SUFFIX,sinaapp.com,DIRECT
- DOMAIN-SUFFIX,smzdm.com,DIRECT
- DOMAIN-SUFFIX,sogou.com,DIRECT
- DOMAIN-SUFFIX,sogoucdn.com,DIRECT
- DOMAIN-SUFFIX,sohu.com,DIRECT
- DOMAIN-SUFFIX,soku.com,DIRECT
- DOMAIN-SUFFIX,speedtest.net,DIRECT
- DOMAIN-SUFFIX,sspai.com,DIRECT
- DOMAIN-SUFFIX,suning.com,DIRECT
- DOMAIN-SUFFIX,taobao.com,DIRECT
- DOMAIN-SUFFIX,tenpay.com,DIRECT
- DOMAIN-SUFFIX,tmall.com,DIRECT
- DOMAIN-SUFFIX,tudou.com,DIRECT
- DOMAIN-SUFFIX,umetrip.com,DIRECT
- DOMAIN-SUFFIX,upaiyun.com,DIRECT
- DOMAIN-SUFFIX,upyun.com,DIRECT
- DOMAIN-SUFFIX,v2ex.com,DIRECT
- DOMAIN-SUFFIX,veryzhun.com,DIRECT
- DOMAIN-SUFFIX,weather.com,DIRECT
- DOMAIN-SUFFIX,weibo.com,DIRECT
- DOMAIN-SUFFIX,xiami.com,DIRECT
- DOMAIN-SUFFIX,xiami.net,DIRECT
- DOMAIN-SUFFIX,xiaomicp.com,DIRECT
- DOMAIN-SUFFIX,ximalaya.com,DIRECT
- DOMAIN-SUFFIX,xmcdn.com,DIRECT
- DOMAIN-SUFFIX,xunlei.com,DIRECT
- DOMAIN-SUFFIX,xycdn.com,DIRECT
- DOMAIN-SUFFIX,yhd.com,DIRECT
- DOMAIN-SUFFIX,yihaodianimg.com,DIRECT
- DOMAIN-SUFFIX,yinxiang.com,DIRECT
- DOMAIN-SUFFIX,ykimg.com,DIRECT
- DOMAIN-SUFFIX,youdao.com,DIRECT
- DOMAIN-SUFFIX,youku.com,DIRECT
- DOMAIN-SUFFIX,zealer.com,DIRECT
- DOMAIN-SUFFIX,zhihu.com,DIRECT
- DOMAIN-SUFFIX,zhimg.com,DIRECT
- DOMAIN-SUFFIX,zimuzu.tv,DIRECT
- DOMAIN-SUFFIX,kuaizip.com,REJECT
- DOMAIN-SUFFIX,mackeeper.com,REJECT
- DOMAIN-SUFFIX,4009997658.com,REJECT
- DOMAIN-SUFFIX,abbyychina.com,REJECT
- DOMAIN-SUFFIX,bartender.cc,REJECT
- DOMAIN-SUFFIX,betterzip.net,REJECT
- DOMAIN-SUFFIX,beyondcompare.cc,REJECT
- DOMAIN-SUFFIX,bingdianhuanyuan.cn,REJECT
- DOMAIN-SUFFIX,chemdraw.com.cn,REJECT
- DOMAIN-SUFFIX,cjmakeding.com,REJECT
- DOMAIN-SUFFIX,cjmkt.com,REJECT
- DOMAIN-SUFFIX,codesoftchina.com,REJECT
- DOMAIN-SUFFIX,coreldrawchina.com,REJECT
- DOMAIN-SUFFIX,crossoverchina.com,REJECT
- DOMAIN-SUFFIX,easyrecoverychina.com,REJECT
- DOMAIN-SUFFIX,ediuschina.com,REJECT
- DOMAIN-SUFFIX,flstudiochina.com,REJECT
- DOMAIN-SUFFIX,formysql.com,REJECT
- DOMAIN-SUFFIX,guitarpro.cc,REJECT
- DOMAIN-SUFFIX,huishenghuiying.com.cn,REJECT
- DOMAIN-SUFFIX,hypersnap.net,REJECT
- DOMAIN-SUFFIX,iconworkshop.cn,REJECT
- DOMAIN-SUFFIX,imindmap.cc,REJECT
- DOMAIN-SUFFIX,jihehuaban.com.cn,REJECT
- DOMAIN-SUFFIX,keyshot.cc,REJECT
- DOMAIN-SUFFIX,kingdeecn.cn,REJECT
- DOMAIN-SUFFIX,logoshejishi.com,REJECT
- DOMAIN-SUFFIX,mairuan.cn,REJECT
- DOMAIN-SUFFIX,mairuan.com,REJECT
- DOMAIN-SUFFIX,mairuan.com.cn,REJECT
- DOMAIN-SUFFIX,mairuan.net,REJECT
- DOMAIN-SUFFIX,mairuanwang.com,REJECT
- DOMAIN-SUFFIX,makeding.com,REJECT
- DOMAIN-SUFFIX,mathtype.cn,REJECT
- DOMAIN-SUFFIX,mindmanager.cc,REJECT
- DOMAIN-SUFFIX,mindmapper.cc,REJECT
- DOMAIN-SUFFIX,mycleanmymac.com,REJECT
- DOMAIN-SUFFIX,nicelabel.cc,REJECT
- DOMAIN-SUFFIX,ntfsformac.cc,REJECT
- DOMAIN-SUFFIX,ntfsformac.cn,REJECT
- DOMAIN-SUFFIX,overturechina.com,REJECT
- DOMAIN-SUFFIX,passwordrecovery.cn,REJECT
- DOMAIN-SUFFIX,pdfexpert.cc,REJECT
- DOMAIN-SUFFIX,shankejingling.com,REJECT
- DOMAIN-SUFFIX,ultraiso.net,REJECT
- DOMAIN-SUFFIX,vegaschina.cn,REJECT
- DOMAIN-SUFFIX,xmindchina.net,REJECT
- DOMAIN-SUFFIX,xshellcn.com,REJECT
- DOMAIN-SUFFIX,yihuifu.cn,REJECT
- DOMAIN-SUFFIX,yuanchengxiezuo.com,REJECT
- DOMAIN-SUFFIX,zbrushcn.com,REJECT
- DOMAIN-SUFFIX,zhzzx.com,REJECT
- DOMAIN-SUFFIX,zunmi.cn,REJECT
- DOMAIN,graph.instagram.com,DIRECT
- DOMAIN,www.googleadservices.com,DIRECT
- DOMAIN,control.kochava.com,DIRECT
- DOMAIN,www.google-analytics.com,DIRECT
- DOMAIN,ssl.google-analytics.com,DIRECT
- DOMAIN,nexus.officeapps.live.com,DIRECT
- DOMAIN,googleads.g.doubleclick.net,DIRECT
- DOMAIN,e.crashlytics.com,DIRECT
- DOMAIN,ib.adnxs.com,DIRECT
- DOMAIN,safebrowsing.googleapis.com,DIRECT
- DOMAIN-SUFFIX,googlesyndication.com,DIRECT
- DOMAIN-SUFFIX,googletagmanager.com,DIRECT
- DOMAIN-SUFFIX,googletagservices.com,DIRECT
- DST-PORT,6881,DIRECT
- DST-PORT,6882,DIRECT
- DST-PORT,6883,DIRECT
- DST-PORT,6884,DIRECT
- DST-PORT,6885,DIRECT
- DST-PORT,6886,DIRECT
- DST-PORT,6887,DIRECT
- DST-PORT,6888,DIRECT
- DST-PORT,6889,DIRECT
- DOMAIN,2020020202.version.clash.im,REJECT
- GEOIP,CN,DIRECT
- IP-CIDR,173.245.48.0/20,Video
- IP-CIDR,103.21.244.0/22,Video
- IP-CIDR,103.22.200.0/22,Video
- IP-CIDR,103.31.4.0/22,Video
- IP-CIDR,141.101.64.0/18,Video
- IP-CIDR,108.162.192.0/18,Video
- IP-CIDR,190.93.240.0/20,Video
- IP-CIDR,188.114.96.0/20,Video
- IP-CIDR,197.234.240.0/22,Video
- IP-CIDR,198.41.128.0/17,Video
- IP-CIDR,162.158.0.0/15,Video
- IP-CIDR,104.16.0.0/12,Video
- IP-CIDR,172.64.0.0/13,Video
- IP-CIDR,131.0.72.0/22,Video
- IP-CIDR,131.0.72.0/22,Video
- IP-CIDR,120.52.22.96/27,Video
- IP-CIDR,205.251.249.0/24,Video
- IP-CIDR,180.163.57.128/26,Video
- IP-CIDR,204.246.168.0/22,Video
- IP-CIDR,205.251.252.0/23,Video
- IP-CIDR,54.192.0.0/16,Video
- IP-CIDR,204.246.173.0/24,Video
- IP-CIDR,54.230.200.0/21,Video
- IP-CIDR,120.253.240.192/26,Video
- IP-CIDR,116.129.226.128/26,Video
- IP-CIDR,130.176.0.0/17,Video
- IP-CIDR,108.156.0.0/14,Video
- IP-CIDR,99.86.0.0/16,Video
- IP-CIDR,205.251.200.0/21,Video
- IP-CIDR,223.71.71.128/25,Video
- IP-CIDR,13.32.0.0/15,Video
- IP-CIDR,120.253.245.128/26,Video
- IP-CIDR,13.224.0.0/14,Video
- IP-CIDR,70.132.0.0/18,Video
- IP-CIDR,15.158.0.0/16,Video
- IP-CIDR,13.249.0.0/16,Video
- IP-CIDR,205.251.208.0/20,Video
- IP-CIDR,65.9.128.0/18,Video
- IP-CIDR,130.176.128.0/18,Video
- IP-CIDR,58.254.138.0/25,Video
- IP-CIDR,54.230.208.0/20,Video
- IP-CIDR,116.129.226.0/25,Video
- IP-CIDR,52.222.128.0/17,Video
- IP-CIDR,64.252.128.0/18,Video
- IP-CIDR,205.251.254.0/24,Video
- IP-CIDR,54.230.224.0/19,Video
- IP-CIDR,71.152.0.0/17,Video
- IP-CIDR,216.137.32.0/19,Video
- IP-CIDR,204.246.172.0/24,Video
- IP-CIDR,120.52.39.128/27,Video
- IP-CIDR,118.193.97.64/26,Video
- IP-CIDR,223.71.71.96/27,Video
- IP-CIDR,54.240.128.0/18,Video
- IP-CIDR,205.251.250.0/23,Video
- IP-CIDR,180.163.57.0/25,Video
- IP-CIDR,52.46.0.0/18,Video
- IP-CIDR,223.71.11.0/27,Video
- IP-CIDR,52.82.128.0/19,Video
- IP-CIDR,54.230.0.0/17,Video
- IP-CIDR,54.230.128.0/18,Video
- IP-CIDR,54.239.128.0/18,Video
- IP-CIDR,130.176.224.0/20,Video
- IP-CIDR,36.103.232.128/26,Video
- IP-CIDR,52.84.0.0/15,Video
- IP-CIDR,143.204.0.0/16,Video
- IP-CIDR,144.220.0.0/16,Video
- IP-CIDR,120.52.153.192/26,Video
- IP-CIDR,119.147.182.0/25,Video
- IP-CIDR,120.232.236.0/25,Video
- IP-CIDR,54.182.0.0/16,Video
- IP-CIDR,58.254.138.128/26,Video
- IP-CIDR,120.253.245.192/27,Video
- IP-CIDR,54.239.192.0/19,Video
- IP-CIDR,18.64.0.0/14,Video
- IP-CIDR,120.52.12.64/26,Video
- IP-CIDR,99.84.0.0/16,Video
- IP-CIDR,130.176.192.0/19,Video
- IP-CIDR,52.124.128.0/17,Video
- IP-CIDR,204.246.164.0/22,Video
- IP-CIDR,13.35.0.0/16,Video
- IP-CIDR,204.246.174.0/23,Video
- IP-CIDR,36.103.232.0/25,Video
- IP-CIDR,119.147.182.128/26,Video
- IP-CIDR,118.193.97.128/25,Video
- IP-CIDR,120.232.236.128/26,Video
- IP-CIDR,204.246.176.0/20,Video
- IP-CIDR,65.8.0.0/16,Video
- IP-CIDR,65.9.0.0/17,Video
- IP-CIDR,108.138.0.0/15,Video
- IP-CIDR,120.253.241.160/27,Video
- IP-CIDR,64.252.64.0/18,Video
- IP-CIDR,13.113.196.64/26,Video
- IP-CIDR,13.113.203.0/24,Video
- IP-CIDR,52.199.127.192/26,Video
- IP-CIDR,13.124.199.0/24,Video
- IP-CIDR,3.35.130.128/25,Video
- IP-CIDR,52.78.247.128/26,Video
- IP-CIDR,13.233.177.192/26,Video
- IP-CIDR,15.207.13.128/25,Video
- IP-CIDR,15.207.213.128/25,Video
- IP-CIDR,52.66.194.128/26,Video
- IP-CIDR,13.228.69.0/24,Video
- IP-CIDR,52.220.191.0/26,Video
- IP-CIDR,13.210.67.128/26,Video
- IP-CIDR,13.54.63.128/26,Video
- IP-CIDR,99.79.169.0/24,Video
- IP-CIDR,18.192.142.0/23,Video
- IP-CIDR,35.158.136.0/24,Video
- IP-CIDR,52.57.254.0/24,Video
- IP-CIDR,13.48.32.0/24,Video
- IP-CIDR,18.200.212.0/23,Video
- IP-CIDR,52.212.248.0/26,Video
- IP-CIDR,3.10.17.128/25,Video
- IP-CIDR,3.11.53.0/24,Video
- IP-CIDR,52.56.127.0/25,Video
- IP-CIDR,15.188.184.0/24,Video
- IP-CIDR,52.47.139.0/24,Video
- IP-CIDR,18.229.220.192/26,Video
- IP-CIDR,54.233.255.128/26,Video
- IP-CIDR,3.231.2.0/25,Video
- IP-CIDR,3.234.232.224/27,Video
- IP-CIDR,3.236.169.192/26,Video
- IP-CIDR,3.236.48.0/23,Video
- IP-CIDR,34.195.252.0/24,Video
- IP-CIDR,34.226.14.0/24,Video
- IP-CIDR,13.59.250.0/26,Video
- IP-CIDR,18.216.170.128/25,Video
- IP-CIDR,3.128.93.0/24,Video
- IP-CIDR,3.134.215.0/24,Video
- IP-CIDR,52.15.127.128/26,Video
- IP-CIDR,3.101.158.0/23,Video
- IP-CIDR,52.52.191.128/26,Video
- IP-CIDR,34.216.51.0/25,Video
- IP-CIDR,34.223.12.224/27,Video
- IP-CIDR,34.223.80.192/26,Video
- IP-CIDR,35.162.63.192/26,Video
- IP-CIDR,35.167.191.128/26,Video
- IP-CIDR,44.227.178.0/24,Video
- IP-CIDR,44.234.108.128/25,Video
- IP-CIDR,44.234.90.252/30,Video
- IP-CIDR,23.235.32.0/20,Video
- IP-CIDR,43.249.72.0/22,Video
- IP-CIDR,103.244.50.0/24,Video
- IP-CIDR,167.82.160.0/20,Video
- IP-CIDR,167.82.128.0/20,Video
- IP-CIDR,167.82.0.0/17,Video
- IP-CIDR,157.52.64.0/18,Video
- IP-CIDR,167.82.224.0/20,Video
- IP-CIDR,172.111.64.0/18,Video
- IP-CIDR,185.31.16.0/22,Video
- IP-CIDR,199.27.72.0/21,Video
- IP-CIDR,151.101.0.0/16,Video
- IP-CIDR,104.156.80.0/20,Video
- IP-CIDR,103.245.224.0/24,Video
- IP-CIDR,103.245.222.0/23,Video
- IP-CIDR,127.0.0.0/8,DIRECT
- IP-CIDR,10.0.0.0/8,DIRECT
- IP-CIDR,17.0.0.0/8,DIRECT
- IP-CIDR,100.64.0.0/10,DIRECT
- IP-CIDR,172.16.0.0/12,DIRECT
- IP-CIDR,192.168.0.0/16,DIRECT
- DST-PORT,80,Proxy
- DST-PORT,443,Proxy
- DST-PORT,22,Proxy
- MATCH,DIRECT
redir-port: 7892
tproxy-port: 7895
mixed-port: 7893
bind-address: "*"
external-ui: "/usr/share/openclash/dashboard"
ipv6: false
profile:
  store-selected: true
  store-fakeip: true
interface-name: br-lan

#===================== 防火墙设置 =====================#

#IPv4 NAT chain

# Generated by iptables-save v1.8.7 on Fri Nov 19 22:39:28 2021
*nat
:PREROUTING ACCEPT [2051:646965]
:INPUT ACCEPT [1348:104239]
:OUTPUT ACCEPT [1635:123272]
:POSTROUTING ACCEPT [140:8711]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:openclash - [0:0]
:openclash_output - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_vpn_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_vpn_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_vpn_postrouting - [0:0]
:zone_vpn_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -d 8.8.4.4/32 -p tcp -m comment --comment "OpenClash Google DNS Hijack" -m tcp --dport 53 -j REDIRECT --to-ports 7892
-A PREROUTING -d 8.8.8.8/32 -p tcp -m comment --comment "OpenClash Google DNS Hijack" -m tcp --dport 53 -j REDIRECT --to-ports 7892
-A PREROUTING -p tcp -m tcp --dport 53 -m comment --comment "DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -p udp -m udp --dport 53 -m comment --comment "DNS Hijack" -j REDIRECT --to-ports 53
-A PREROUTING -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i eth0 -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -i tun0 -m comment --comment "!fw3" -j zone_vpn_prerouting
-A PREROUTING -p tcp -j openclash
-A OUTPUT -j openclash_output
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o eth0 -m comment --comment "!fw3" -j zone_wan_postrouting
-A POSTROUTING -o tun0 -m comment --comment "!fw3" -j zone_vpn_postrouting
-A openclash -p tcp -m tcp --sport 1723 -j RETURN
-A openclash -p tcp -m tcp --sport 1688 -j RETURN
-A openclash -p tcp -m tcp --sport 1194 -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -p tcp -j REDIRECT --to-ports 7892
-A openclash_output -p tcp -m tcp --sport 1723 -j RETURN
-A openclash_output -p tcp -m tcp --sport 1688 -j RETURN
-A openclash_output -p tcp -m tcp --sport 1194 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -d 198.18.0.0/16 -p tcp -m owner ! --uid-owner 65534 -j REDIRECT --to-ports 7892
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -j REDIRECT --to-ports 7892
-A zone_lan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_postrouting -m comment --comment "!fw3" -j MASQUERADE
-A zone_lan_prerouting -j MINIUPNPD
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_vpn_postrouting -m comment --comment "!fw3: Custom vpn postrouting rule chain" -j postrouting_vpn_rule
-A zone_vpn_postrouting -m comment --comment "!fw3" -j MASQUERADE
-A zone_vpn_prerouting -m comment --comment "!fw3: Custom vpn prerouting rule chain" -j prerouting_vpn_rule
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -m comment --comment "!fw3" -j MASQUERADE
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
COMMIT
# Completed on Fri Nov 19 22:39:28 2021

#IPv4 Mangle chain

# Generated by iptables-save v1.8.7 on Fri Nov 19 22:39:28 2021
*mangle
:PREROUTING ACCEPT [434931:1021891565]
:INPUT ACCEPT [433099:1021460703]
:FORWARD ACCEPT [184:7798]
:OUTPUT ACCEPT [325357:1024420569]
:POSTROUTING ACCEPT [325444:1024424463]
:RRDIPT_FORWARD - [0:0]
:RRDIPT_INPUT - [0:0]
:RRDIPT_OUTPUT - [0:0]
:openclash - [0:0]
-A PREROUTING -p udp -j openclash
-A INPUT -j RRDIPT_INPUT
-A FORWARD -j RRDIPT_FORWARD
-A FORWARD -o eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A OUTPUT -j RRDIPT_OUTPUT
-A RRDIPT_FORWARD -s 192.168.31.66/32 -j RETURN
-A RRDIPT_FORWARD -d 192.168.31.66/32 -j RETURN
-A RRDIPT_FORWARD -s 192.168.31.59/32 -j RETURN
-A RRDIPT_FORWARD -d 192.168.31.59/32 -j RETURN
-A RRDIPT_FORWARD -s 192.168.31.79/32 -j RETURN
-A RRDIPT_FORWARD -d 192.168.31.79/32 -j RETURN
-A RRDIPT_FORWARD -s 192.168.31.96/32 -j RETURN
-A RRDIPT_FORWARD -d 192.168.31.96/32 -j RETURN
-A RRDIPT_FORWARD -s 192.168.31.97/32 -j RETURN
-A RRDIPT_FORWARD -d 192.168.31.97/32 -j RETURN
-A RRDIPT_FORWARD -s 192.168.31.1/32 -j RETURN
-A RRDIPT_FORWARD -d 192.168.31.1/32 -j RETURN
-A RRDIPT_FORWARD -s 192.168.31.192/32 -j RETURN
-A RRDIPT_FORWARD -d 192.168.31.192/32 -j RETURN
-A RRDIPT_FORWARD -s 192.168.31.188/32 -j RETURN
-A RRDIPT_FORWARD -d 192.168.31.188/32 -j RETURN
-A RRDIPT_FORWARD -s 169.254.47.53/32 -j RETURN
-A RRDIPT_FORWARD -d 169.254.47.53/32 -j RETURN
-A RRDIPT_INPUT -i eth0 -j RETURN
-A RRDIPT_OUTPUT -o eth0 -j RETURN
-A openclash -p udp -m udp --sport 1194 -j RETURN
-A openclash -p udp -m udp --sport 500 -j RETURN
-A openclash -p udp -m udp --sport 68 -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -p udp -m udp --dport 53 -j RETURN
-A openclash -p udp -j TPROXY --on-port 7892 --on-ip 0.0.0.0 --tproxy-mark 0x162/0xffffffff
COMMIT
# Completed on Fri Nov 19 22:39:28 2021

#IPv6 NAT chain

# Generated by ip6tables-save v1.8.7 on Fri Nov 19 22:39:28 2021
*nat
:PREROUTING ACCEPT [286:75469]
:INPUT ACCEPT [286:75469]
:OUTPUT ACCEPT [485:46815]
:POSTROUTING ACCEPT [485:46815]
-A PREROUTING -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 53
COMMIT
# Completed on Fri Nov 19 22:39:28 2021

#IPv6 Mangle chain

# Generated by ip6tables-save v1.8.7 on Fri Nov 19 22:39:28 2021
*mangle
:PREROUTING ACCEPT [10202:1684586]
:INPUT ACCEPT [7522:1479442]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [432:76478]
:POSTROUTING ACCEPT [446:78320]
-A FORWARD -o eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
COMMIT
# Completed on Fri Nov 19 22:39:28 2021

#===================== IPSET状态 =====================#

Name: cn
Name: ct
Name: cnc
Name: cmcc
Name: crtc
Name: cernet
Name: gwbn
Name: othernet
Name: music
Name: mwan3_connected_v4
Name: mwan3_connected_v6
Name: mwan3_source_v6
Name: mwan3_dynamic_v4
Name: mwan3_dynamic_v6
Name: mwan3_custom_v4
Name: mwan3_custom_v6
Name: china_ip_route
Name: localnetwork
Name: china
Name: mwan3_connected

#===================== 路由表状态 =====================#

#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.31.1    0.0.0.0         UG    0      0        0 br-lan
192.168.31.0    0.0.0.0         255.255.255.0   U     0      0        0 br-lan
#ip route list
default via 192.168.31.1 dev br-lan proto static 
192.168.31.0/24 dev br-lan proto kernel scope link src 192.168.31.6 
#ip rule show
0:	from all lookup local
32765:	from all fwmark 0x162 lookup 354
32766:	from all lookup main
32767:	from all lookup default

#===================== 端口占用状态 =====================#

tcp        0      0 :::7890                 :::*                    LISTEN      7961/clash
tcp        0      0 :::7891                 :::*                    LISTEN      7961/clash
tcp        0      0 :::7892                 :::*                    LISTEN      7961/clash
tcp        0      0 :::7893                 :::*                    LISTEN      7961/clash
tcp        0      0 :::7895                 :::*                    LISTEN      7961/clash
tcp        0      0 :::9090                 :::*                    LISTEN      7961/clash
udp        0      0 127.0.0.1:7874          0.0.0.0:*                           7961/clash
udp        0      0 :::7891                 :::*                                7961/clash
udp        0      0 :::7892                 :::*                                7961/clash
udp        0      0 :::7893                 :::*                                7961/clash
udp        0      0 :::7895                 :::*                                7961/clash

#===================== 测试本机DNS查询 =====================#

Server:		127.0.0.1
Address:	127.0.0.1:53

*** Can't find www.baidu.com: No answer

Name:	www.baidu.com
Address: 198.18.0.154


#===================== 测试本机网络连接 =====================#

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Fri, 19 Nov 2021 14:39:28 GMT
Etag: "575e1f60-115"
Last-Modified: Mon, 13 Jun 2016 02:50:08 GMT
Pragma: no-cache
Server: bfe/1.0.8.18


#===================== 测试本机网络下载 =====================#

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 80
Cache-Control: max-age=300
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
Content-Type: text/plain; charset=utf-8
ETag: "ade92b0bfd2951f6f2167a0db2526a0ba2121e8ae1a073846f6c9c10d3849c05"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
X-GitHub-Request-Id: A6E0:17A2:40BA6:EDDC5:6196ED68
Accept-Ranges: bytes
Date: Fri, 19 Nov 2021 14:39:29 GMT
Via: 1.1 varnish
X-Served-By: cache-tyo11961-TYO
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1637332769.114032,VS0,VE0
Vary: Authorization,Accept-Encoding,Origin
Access-Control-Allow-Origin: *
X-Fastly-Request-ID: 0c88a98cccdb0bcfb6f10964504f547bae3d9a35
Expires: Fri, 19 Nov 2021 14:44:29 GMT
Source-Age: 42


#===================== 最近运行日志 =====================#

2021-11-18 23:05:12 Tip: Because of the file【 /etc/config/openclash 】modificated, Pause quick start...
2021-11-18 23:05:12 Step 3: Modify The Config File...
2021-11-18 23:05:17 Step 4: Start Running The Clash Core...
2021-11-18 23:05:17 Tip: No Special Configuration Detected, Use Dev Core to Start...
2021-11-18 23:05:17 Step 5: Check The Core Status...
time="2021-11-18T23:05:18+08:00" level=info msg="Start initial compatible provider Express"
time="2021-11-18T23:05:18+08:00" level=info msg="Start initial compatible provider Auto"
time="2021-11-18T23:05:18+08:00" level=info msg="Start initial compatible provider Proxy"
time="2021-11-18T23:05:18+08:00" level=info msg="Start initial compatible provider Economic"
time="2021-11-18T23:05:18+08:00" level=info msg="Start initial compatible provider Auto-Fast"
time="2021-11-18T23:05:18+08:00" level=info msg="Start initial compatible provider Auto-Edge"
time="2021-11-18T23:05:18+08:00" level=info msg="Start initial compatible provider Geo"
time="2021-11-18T23:05:18+08:00" level=info msg="Start initial compatible provider Video"
time="2021-11-18T23:05:18+08:00" level=info msg="Start initial compatible provider NETFLIX"
2021-11-18 23:05:20 Step 6: Wait For The File Downloading...
2021-11-18 23:05:21 Step 7: Set Control Panel...
2021-11-18 23:05:21 Step 8: Set Firewall Rules...
2021-11-18 23:05:22 Step 9: Restart Dnsmasq...
2021-11-18 23:05:22 Step 10: Add Cron Rules, Start Daemons...
2021-11-18 23:05:22 OpenClash Start Successful!
2021-11-19 22:08:18 OpenClash Stoping...
2021-11-19 22:08:18 Step 1: Backup The Current Groups State...
2021-11-19 22:08:18 Step 2: Delete OpenClash Firewall Rules...
2021-11-19 22:08:19 Step 3: Close The OpenClash Daemons...
2021-11-19 22:08:19 Step 4: Close The Clash Core Process...
2021-11-19 22:08:19 Step 5: Restart Dnsmasq...
2021-11-19 22:08:20 Step 6: Delete OpenClash Residue File...
2021-11-19 22:08:20 OpenClash Start Running...
2021-11-19 22:08:20 Step 1: Get The Configuration...
2021-11-19 22:08:20 Step 2: Check The Components...
2021-11-19 22:08:21 Tip: Because of the file【 /etc/config/openclash 】modificated, Pause quick start...
2021-11-19 22:08:21 Step 3: Modify The Config File...
2021-11-19 22:08:26 Step 4: Start Running The Clash Core...
2021-11-19 22:08:26 Tip: No Special Configuration Detected, Use Dev Core to Start...
2021-11-19 22:08:26 Step 5: Check The Core Status...
time="2021-11-19T22:08:26+08:00" level=info msg="Start initial compatible provider Auto-Fast"
time="2021-11-19T22:08:26+08:00" level=info msg="Start initial compatible provider Auto"
time="2021-11-19T22:08:26+08:00" level=info msg="Start initial compatible provider Express"
time="2021-11-19T22:08:26+08:00" level=info msg="Start initial compatible provider Proxy"
time="2021-11-19T22:08:26+08:00" level=info msg="Start initial compatible provider NETFLIX"
time="2021-11-19T22:08:26+08:00" level=info msg="Start initial compatible provider Video"
time="2021-11-19T22:08:26+08:00" level=info msg="Start initial compatible provider Economic"
time="2021-11-19T22:08:26+08:00" level=info msg="Start initial compatible provider Auto-Edge"
time="2021-11-19T22:08:26+08:00" level=info msg="Start initial compatible provider Geo"
2021-11-19 22:08:29 Step 6: Wait For The File Downloading...
2021-11-19 22:08:30 Step 7: Set Control Panel...
2021-11-19 22:08:30 Step 8: Set Firewall Rules...
2021-11-19 22:08:30 Step 9: Restart Dnsmasq...
2021-11-19 22:08:31 Step 10: Add Cron Rules, Start Daemons...
2021-11-19 22:08:31 OpenClash Start Successful!

#===================== 活动连接信息 =====================#

1. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【180.163.150.33】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
2. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【142.251.8.188】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【DIRECT】
3. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【120.232.192.136】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
4. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【120.232.192.136】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
5. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【113.96.209.105】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
6. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【180.163.150.34】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
7. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【120.232.192.136】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
8. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【52.83.161.145】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
9. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【120.232.192.136】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
10. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【183.3.224.146】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
11. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【216.58.200.46】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【GLaDOS-N2-03】
12. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【140.82.114.25】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【GLaDOS-N2-03】
13. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【106.75.119.192】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
14. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【199.59.149.239】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【GLaDOS-N2-03】
15. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【172.217.163.46】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【GLaDOS-N2-03】
16. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【106.75.119.192】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
17. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【106.75.119.192】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
18. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【52.83.161.145】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
19. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【106.11.43.136】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
20. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【192.30.255.117】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【GLaDOS-N2-03】
21. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【203.209.245.78】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
22. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【106.75.119.192】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
23. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【203.208.41.98】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
24. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【58.63.233.98】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
25. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【106.75.119.192】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
26. SourceIP:【192.168.31.66】 - Host:【Empty】 - DestinationIP:【106.75.119.192】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
27. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【142.251.42.234】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【GLaDOS-N2-03】
28. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【120.92.103.226】 - Network:【tcp】 - RulePayload:【CN】 - Lastchain:【DIRECT】
29. SourceIP:【192.168.31.66】 - Host:【broadcast.chat.bilibili.com】 - DestinationIP:【110.43.49.194】 - Network:【tcp】 - RulePayload:【bilibili】 - Lastchain:【DIRECT】
30. SourceIP:【192.168.31.97】 - Host:【Empty】 - DestinationIP:【192.133.77.191】 - Network:【tcp】 - RulePayload:【443】 - Lastchain:【GLaDOS-N2-03】

万分感谢！！！

The text was updated successfully, but these errors were encountered:

vernesong · 2021-11-19T15:45:25Z

下面设备的IPv6 DNS要删掉或者设置为旁路由lan口的IPV6地址，插件开启IPV6DNS解析和DNS劫持

YYiiEt · 2021-11-19T15:51:46Z

同样的问题，这几天翻了很多issue，是因为主路由下发的ipv6网关和dns并没有指向旁路由，导致v6流量没有经过旁路由。我自己用的是小米路由器，ipv6支持很糟糕，所以只能缝缝补补勉强跑起来，想要良好v6体验还是换主路由吧。

windows:
1.在网口TCP/IPv6里手动将网关和dns指向旁路由本地v6地址。
2.或者修改注册表，[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters]"DisabledComponents"=dword:00000020,提高ipv4优先级。
android:
1.echo 1> /proc/sys/net/ipv6/conf/wlan0/disable_ipv6禁用ipv6解析（需root）。
2.第三方软件指定v6dns网关

SilenceEagle · 2021-11-20T02:37:39Z

@vernesong @YYiiEt 感谢两位大神的回复，建议确实有效，我将下面设备的IPv6 DNS设置为旁路由的本地IPv6地址后，可以访问PT站的同时也科学上网了，但有一点不足就是 test-ipv6 测试没有 IPv6 地址。
我具体的操作是这样的：

旁路由 网络-->接口下修改IPv6 ULA 前缀为同主路由子网LAN IPv6前缀一样；
旁路由 网络-->接口-->lan-->基本设置将 IPv6分配长度修改为和主路由LAN IPv6分配长度一样，并将IPv6 后缀指定为::6；
旁路由 网络-->接口-->lan-->IPv6 设置 下 路由通告模式选为服务器模式，通告的 DNS 服务器设置为旁路由自己的本地IPv6地址（后缀为6）；
按以下教程添加lan6口 https://www.right.com.cn/forum/thread-4046582-1-1.html
旁路由 网络-->DHCP/DNS-->高级设置下取消勾选禁止解析 IPv6 DNS 记录；
旁路由 服务-->OpenClash-->全局设置-->模式设置 下勾选IPv6流量代理和实验性：绕过中国大陆IPv6;
旁路由 服务-->OpenClash-->全局设置-->DNS设置 下勾选允许IPv6类型DNS解析。

这是最终旁路由的一个状态：

所以有没有可能在此基础上再通过 test-ipv6 测试。

万分感谢！！！

vernesong · 2021-11-20T10:25:21Z

用redirhost，fakeip没有ipv6

SilenceEagle · 2021-11-20T13:11:08Z

用redirhost，fakeip没有ipv6

切换到redirhost模式后还是通不过 test-ipv6 测试。

vernesong · 2021-11-20T13:54:31Z

不要走代理了，代理支持ipv6才能过

iky1905 · 2021-11-22T07:18:59Z

我理解是这样，ipv6独立于ipv4运行，但是dns解析又是另一个独立的过程。

配置ipv6的目的是为了上PT（这个需求我也有），但是实际上没有上外网ipv6的需求，并且目前大多数机场也不支持ipv6。所以最终需求是：

能上国内ipv6，能够获得ipv6地址（但不要求ipv6的dns）；

ipv4要能够上国内和国外，这就要求设备能够配置有效的ipv4网关，并且把dns指向网关。

但是问题是，自动配置的ipv6除了会下发地址，还会下发一个dns服务器，默认是路由器本身；加上ipv4的设置，设备应该至少获得了两个dns（ipv4是可以配置好的，不论ios、android或者windows都可以配置，但ipv6在android下只能自动获得，并且还不能手动删除），同时考虑到多数设备会优先使用ipv6的dns，所以就出现了这个情况，即android设备无论如何配置，都不能使用旁路由的科学上网，这是因为Android的dns无法完全配置的缘故，相当于android设备配置了旁路由为ipv4网关，但dns配置成了路由器，自然不能科学上网

最好的解决方法是禁止路由器下发ipv6的dns选项，这个功能应该只在企业级路由器里面有设置，或者像openwrt或老毛子这类固件可以部分实现。比如我们学校的wifi，能获取ipv6地址，但是学校的路由器不会下发ipv6 dns
退而求其次的方法是在路由器上手动配置ipv6 dns选项，配置为旁路由的dns并且要相对固定（尽量避免用全局ipv6地址），关键词：dnsmasq option6:23（ipv6 的dns选项）
以上是我个人的理解

YYiiEt · 2021-11-22T10:16:18Z

对于网络这方面我也是一知半解，感觉v6除了除了dns还有网关影响。既然有人提了我也借楼求教一下，虽说可能和本repo关联可能不大。我是clash core跑在debian上，这是我自己修改后nftables规则：

table inet proxy {
    chain output {
        type route hook output priority mangle; policy accept;
        ip daddr $RESERVED_IP return
        ip6 daddr $RESERVED_IP6 return
        meta skgid 23333 return
        tcp sport 8124 return
        meta l4proto {tcp, udp}  mark set 1 accept
    }
    chain prerouting {
        type filter hook prerouting priority mangle; policy accept;
        ip daddr $RESERVED_IP return
        ip6 daddr $RESERVED_IP6 return
        fib saddr type != local udp dport 53 return
        fib daddr type local return
        goto transparentProxy
    }
    chain transparentProxy {
        meta l4proto { tcp, udp } meta mark set 1 tproxy ip to 127.0.0.1:7893 accept
        meta l4proto { tcp, udp } meta mark set 1 tproxy ip6 to [::1]:7893 accept
    }
    chain dns {
        type nat hook prerouting priority 0 ;
        fib saddr type != local udp dport 53 redirect to :1053
    }
}

已经用inet将局域网访问53端口的udp流量都转发到clash运行的1053端口了，fake-ip模式貌似v6解析依然有问题，clash拿不到请求的域名，只能看到ip。目前能想到的方案是跑一个dhcpv6 server通告网关，不知道可不可行。

SilenceEagle · 2021-11-22T15:21:03Z

同样的问题，这几天翻了很多issue，是因为主路由下发的ipv6网关和dns并没有指向旁路由，导致v6流量没有经过旁路由。我自己用的是小米路由器，ipv6支持很糟糕，所以只能缝缝补补勉强跑起来，想要良好v6体验还是换主路由吧。
windows:
1.在网口TCP/IPv6里手动将网关和dns指向旁路由本地v6地址。
2.或者修改注册表，[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters]"DisabledComponents"=dword:00000020,提高ipv4优先级。
android:
1.echo 1> /proc/sys/net/ipv6/conf/wlan0/disable_ipv6禁用ipv6解析（需root）。
2.第三方软件指定v6dns网关

试了一下windows下修改注册表提高ipv4优先级这个不太好用:joy::joy::joy:

SilenceEagle · 2021-12-04T06:35:58Z

我现在采用的方案是这样的：

主路由为红米AX6，官方固件，开启ipv4 DHCP，ipv6 Native。
旁路由为R2S，系统是openwrt，插件是openclash，lan口与主路由lan口通过网线连接，启用lan和lan6，关闭DHCP,其余的与ipv6的设置都开启。
电脑端ipv4和ipv6的网关和DNS均指向旁路由lan口IP。
移动端(iphone13p, MI8, ipad)自动获取ip，代理配置为openclash混合代理端口。
Android TV端目前只能看YouTube，安装 smart youtube tv或SmartTubeNext，在设置中启动代理，使用socks5代理，指向openclash混合代理端口。

这样设置后，电脑端及移动端都可访问PT，ipv6 test的结果和当前使用节点有关，我目前使用的部分节点是支持IPV6的，可通过ipv6 test和ipv6 test google，而使用其他节点时测试都不通过。

WangJiyuanYo · 2021-12-21T14:55:00Z

DHCP必须关闭吗。我把AX6的DHCP关了交给旁路有托管

SilenceEagle · 2021-12-21T16:11:11Z

DHCP必须关闭吗。我把AX6的DHCP关了交给旁路有托管

我没这样试过，我是想用ax6来负责分配IP，有部分设备不希望走旁路由。你用旁路由的dhcp的话能正常访问就成，感觉没啥必需不必需的。

WangJiyuanYo · 2021-12-22T01:45:15Z

DHCP必须关闭吗。我把AX6的DHCP关了交给旁路有托管

我没这样试过，我是想用ax6来负责分配IP，有部分设备不希望走旁路由。你用旁路由的dhcp的话能正常访问就成，感觉没啥必需不必需的。

我这样做之后开启Clash结果电脑必须关闭IPV6才行，手机却没影响。很费解

SilenceEagle · 2021-12-22T01:56:56Z

DHCP必须关闭吗。我把AX6的DHCP关了交给旁路有托管

我没这样试过，我是想用ax6来负责分配IP，有部分设备不希望走旁路由。你用旁路由的dhcp的话能正常访问就成，感觉没啥必需不必需的。

我这样做之后开启Clash结果电脑必须关闭IPV6才行，手机却没影响。很费解

你查看一下电脑端分配的ipv6 DNS是否是旁路由，如果不是的话估计就访问不了，得手动设置一哈；如果是，我也就不清楚了:fearful:。
手机的话我也闹不清，我这边测试是android手机没法自定义ipv6的设置，但它就是能一直访问。苹果手机必须得把DNS中主路由的ipv6地址删除才能访问。

WangJiyuanYo · 2021-12-23T03:02:38Z

DHCP必须关闭吗。我把AX6的DHCP关了交给旁路有托管

我没这样试过，我是想用ax6来负责分配IP，有部分设备不希望走旁路由。你用旁路由的dhcp的话能正常访问就成，感觉没啥必需不必需的。

我这样做之后开启Clash结果电脑必须关闭IPV6才行，手机却没影响。很费解

你查看一下电脑端分配的ipv6 DNS是否是旁路由，如果不是的话估计就访问不了，得手动设置一哈；如果是，我也就不清楚了😨。手机的话我也闹不清，我这边测试是android手机没法自定义ipv6的设置，但它就是能一直访问。苹果手机必须得把DNS中主路由的ipv6地址删除才能访问。

折腾一通后暂时可以用，随后就不行了。还是滚回去用passWall了。。

github-actions · 2022-02-21T08:41:08Z

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days

github-actions bot added the Stale label Feb 21, 2022

SilenceEagle closed this as completed Feb 24, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

客户端因主路由分配的ipv6 DNS服务器而无法科学上网 #1767

客户端因主路由分配的ipv6 DNS服务器而无法科学上网 #1767

SilenceEagle commented Nov 19, 2021

vernesong commented Nov 19, 2021

YYiiEt commented Nov 19, 2021

SilenceEagle commented Nov 20, 2021

vernesong commented Nov 20, 2021

SilenceEagle commented Nov 20, 2021

vernesong commented Nov 20, 2021

iky1905 commented Nov 22, 2021 •

edited

YYiiEt commented Nov 22, 2021

SilenceEagle commented Nov 22, 2021

SilenceEagle commented Dec 4, 2021

WangJiyuanYo commented Dec 21, 2021

SilenceEagle commented Dec 21, 2021

WangJiyuanYo commented Dec 22, 2021

SilenceEagle commented Dec 22, 2021

WangJiyuanYo commented Dec 23, 2021

github-actions bot commented Feb 21, 2022

客户端因主路由分配的ipv6 DNS服务器而无法科学上网 #1767

客户端因主路由分配的ipv6 DNS服务器而无法科学上网 #1767

Comments

SilenceEagle commented Nov 19, 2021

配置：

问题：

期望结果

调试日志

万分感谢！！！

vernesong commented Nov 19, 2021

YYiiEt commented Nov 19, 2021

SilenceEagle commented Nov 20, 2021

vernesong commented Nov 20, 2021

SilenceEagle commented Nov 20, 2021

vernesong commented Nov 20, 2021

iky1905 commented Nov 22, 2021 • edited

YYiiEt commented Nov 22, 2021

SilenceEagle commented Nov 22, 2021

SilenceEagle commented Dec 4, 2021

WangJiyuanYo commented Dec 21, 2021

SilenceEagle commented Dec 21, 2021

WangJiyuanYo commented Dec 22, 2021

SilenceEagle commented Dec 22, 2021

WangJiyuanYo commented Dec 23, 2021

github-actions bot commented Feb 21, 2022

iky1905 commented Nov 22, 2021 •

edited