[Bug] 所有流量不经过openclash且无法联网，面板显示无任何连接，包括国内外

[fangwen250127]

Verify Steps

• Tracker 我已经在 Issue Tracker 中找过我要提出的问题
• Branch 我知道 OpenClash 的 Dev 分支切换开关位于插件设置-版本更新中，或者我会手动下载并安装 Dev 分支的 OpenClash
• Latest 我已经使用最新 Dev 版本测试过，问题依旧存在
• Relevant 我知道 OpenClash 与 内核(Core)、控制面板(Dashboard)、在线订阅转换(Subconverter)等项目之间无直接关系，仅相互调用
• Definite 这确实是 OpenClash 出现的问题
• Contributors 我有能力协助 OpenClash 开发并解决此问题
• Meaningless 我提交的是无意义的催促更新或修复请求

OpenClash Version

0.46.075

Bug on Environment

Official OpenWrt

OpenWrt Version

24.10.0

Bug on Platform

Linux-arm64

Describe the Bug

所有流量不经过openclash且无法联网，面板显示无任何连接，包括国内外，昨天从0.46.064覆盖升级到0.46.075后正常使用，在30分钟前出现断开情况，查询发现openclash的面板上显示没有任何流量经过openclash，经过搜索，找到了解决方法https://github.com/vernesong/OpenClash/issues/3171#issuecomment-1506556071。开关覆盖设置内的meta设置下自定义流量探测（嗅探），打开后openclash正常了，流量也走openclash了，关闭自定义流量探测（嗅探）设置后也正常了，目前不知道原因，出现此问题后开关“自定义流量探测（嗅探）设置”就可恢复正常

To Reproduce

无法复现，莫名其妙出现的

OpenClash Log

OpenClash 调试日志

生成时间: 2025-02-16 14:00:44
插件版本: 0.46.075
隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息



#===================== 系统信息 =====================#

主机型号: ASUS TUF-AX6000
固件版本: OpenWrt 24.10.0 r28427-6df0e3d02a
LuCI版本: 25.044.01357~67d27ad
内核版本: 6.6.73
处理器架构: aarch64_cortex-a53

#此项有值时,如不使用IPv6,建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: 

DNS劫持: Dnsmasq 转发
#DNS劫持为Dnsmasq时，此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.*.*#7874

#===================== 依赖检查 =====================#

dnsmasq-full: 已安装
dnsmasq-full(ipset): 未安装
dnsmasq-full(nftset): 已安装
bash: 已安装
curl: 已安装
ca-bundle: 已安装
ipset: 已安装
ip-full: 已安装
ruby: 已安装
ruby-yaml: 已安装
ruby-psych: 已安装
ruby-pstore: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci >= 19.07): 已安装
kmod-inet-diag(PROCESS-NAME): 已安装
unzip: 已安装
kmod-nft-tproxy: 未安装

#===================== 内核检查 =====================#

运行状态: 运行中
运行内核：Meta
进程pid: 5749
运行用户: root
已选择的架构: linux-arm64

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限

Meta内核版本: v1.19.1
Meta内核文件: 存在
Meta内核运行权限: 正常

#===================== 插件设置 =====================#

当前配置文件: /etc/openclash/config/link.yaml
启动配置文件: /etc/openclash/link.yaml
运行模式: fake-ip
默认代理模式: rule
UDP流量转发(tproxy): 启用
自定义DNS: 启用
IPV6代理: 停用
IPV6-DNS解析: 停用
禁用Dnsmasq缓存: 启用
自定义规则: 启用
仅允许内网: 启用
仅代理命中规则流量: 停用
仅允许常用端口流量: 停用
绕过中国大陆IP: 启用
路由本机代理: 启用

#启动异常时建议关闭此项后重试
混合节点: 停用
保留配置: 停用

#启动异常时建议关闭此项后重试
第三方规则: 停用

#===================== 自定义规则 一 =====================#
rules:
##- PROCESS-NAME,curl,DIRECT #匹配路由自身进程(curl直连)
##- DOMAIN-SUFFIX,google.com,Proxy #匹配域名后缀(交由Proxy代理服务器组)
##- DOMAIN-KEYWORD,google,Proxy #匹配域名关键字(交由Proxy代理服务器组)
##- DOMAIN,google.com,Proxy #匹配域名(交由Proxy代理服务器组)
##- DOMAIN-SUFFIX,ad.com,REJECT #匹配域名后缀(拒绝)
##- IP-CIDR,127.0.*.*/8,DIRECT #匹配数据目标IP(直连)
##- SRC-IP-CIDR,192.168.*.*/32,DIRECT #匹配数据发起IP(直连)
- DST-PORT,22,DIRECT #匹配数据目标端口(直连)
- SRC-PORT,22,DIRECT #匹配数据源端口(直连)
##- GEOSITE,category-public-tracker,DIRECT #匹配GEOSITE数据库规则(直连)
##- DOMAIN-REGEX,^abc.*com,PROXY #正则匹配域名
##- RULE-SET,providername,PROXY #匹配规则集

##- IP-CIDR6,2620:*:*:*::7/32,PROXY
##- IP-SUFFIX,8.8.*.*/24,PROXY
##- IP-ASN,13335,DIRECT

##- SRC-GEOIP,cn,DIRECT
##- SRC-IP-ASN,9808,DIRECT
##- SRC-IP-SUFFIX,192.168.*.*/8,DIRECT

##- IN-PORT,7890,PROXY
##- IN-TYPE,SOCKS/HTTP,PROXY
##- IN-USER,mihomo,PROXY
##- IN-NAME,ss,PROXY

##- PROCESS-NAME-REGEX,curl$,PROXY
##- PROCESS-NAME-REGEX,(?i)Telegram,PROXY
##- PROCESS-NAME-REGEX,.*telegram.*,PROXY

##- NETWORK,udp,DIRECT
##- DSCP,4,DIRECT

##- AND,((DOMAIN,baidu.com),(NETWORK,UDP)),DIRECT
##- OR,((NETWORK,UDP),(DOMAIN,baidu.com)),REJECT
##- NOT,((DOMAIN,baidu.com)),PROXY
##- SUB-RULE,(NETWORK,tcp),sub-rule

##排序在上的规则优先生效,如添加（去除规则前的#号）：
##IP段：192.168.*.*-192.168.*.* 直连
##- SRC-IP-CIDR,192.168.*.*/31,DIRECT
##- SRC-IP-CIDR,192.168.*.*/30,DIRECT
##- SRC-IP-CIDR,192.168.*.*/29,DIRECT
##- SRC-IP-CIDR,192.168.*.*/28,DIRECT
##- SRC-IP-CIDR,192.168.*.*/27,DIRECT
##- SRC-IP-CIDR,192.168.*.*/26,DIRECT
##- SRC-IP-CIDR,192.168.*.*/26,DIRECT
##- SRC-IP-CIDR,192.168.*.*/29,DIRECT
##- SRC-IP-CIDR,192.168.*.*/32,DIRECT

##IP段：192.168.*.*-192.168.*.* 直连
##- SRC-IP-CIDR,192.168.*.*/31,DIRECT
##- SRC-IP-CIDR,192.168.*.*/30,DIRECT
##- SRC-IP-CIDR,192.168.*.*/28,DIRECT
##- SRC-IP-CIDR,192.168.*.*/27,DIRECT

##此时IP为192.168.*.*和192.168.*.*的客户端流量走代理（策略），其余客户端不走代理
##因为Fake-IP模式下，IP地址为192.168.*.*的路由器自身流量可走代理（策略），所以需要排除

##仅设置路由器自身直连：
##- SRC-IP-CIDR,192.168.*.*/32,DIRECT
##- SRC-IP-CIDR,198.18.*.*/32,DIRECT

##DDNS
##- DOMAIN-KEYWORD,synology,DIRECT
##- DOMAIN-KEYWORD,quickconnect,DIRECT
##- DOMAIN-SUFFIX,checkip.dyndns.org,DIRECT
##- DOMAIN-SUFFIX,checkipv6.dyndns.org,DIRECT
##- DOMAIN-SUFFIX,checkip.synology.com,DIRECT
##- DOMAIN-SUFFIX,ifconfig.co,DIRECT
##- DOMAIN-SUFFIX,api.myip.com,DIRECT
##- DOMAIN-SUFFIX,ip-api.com,DIRECT
##- DOMAIN-SUFFIX,ipapi.co,DIRECT
##- DOMAIN-SUFFIX,ip6.seeip.org,DIRECT
##- DOMAIN-SUFFIX,members.3322.org,DIRECT

##在线IP段转CIDR地址：http://ip2cidr.com
#===================== 自定义规则 二 =====================#
rules:
##- DOMAIN-SUFFIX,google.com,Proxy #匹配域名后缀(交由Proxy代理服务器组)
##- DOMAIN-KEYWORD,google,Proxy #匹配域名关键字(交由Proxy代理服务器组)
##- DOMAIN,google.com,Proxy #匹配域名(交由Proxy代理服务器组)
##- DOMAIN-SUFFIX,ad.com,REJECT #匹配域名后缀(拒绝)
##- IP-CIDR,127.0.*.*/8,DIRECT #匹配数据目标IP(直连)
##- SRC-IP-CIDR,192.168.*.*/32,DIRECT #匹配数据发起IP(直连)
##- DST-PORT,80,DIRECT #匹配数据目标端口(直连)
##- SRC-PORT,7777,DIRECT #匹配数据源端口(直连)

#===================== 配置文件 =====================#

port: 7890
socks-port: 7891
allow-lan: true
mode: rule
log-level: info
external-controller: 0.0.*.*:9090

dns:
  enable: true
  ipv6: false
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.*.*/16
  listen: 0.0.*.*:7874
  fake-ip-filter-mode: blacklist
  nameserver:
  - dhcp://"eth1"
  - 192.168.*.*
  fake-ip-filter:
  - "*.lan"
  - "*.localdomain"
  - "*.example"
  - "*.invalid"
  - "*.localhost"
  - "*.test"
  - "*.local"
  - "*.home.arpa"
  - time.*.com
  - time.*.gov
  - time.*.edu.cn
  - time.*.apple.com
  - time-ios.apple.com
  - time1.*.com
  - time2.*.com
  - time3.*.com
  - time4.*.com
  - time5.*.com
  - time6.*.com
  - time7.*.com
  - ntp.*.com
  - ntp1.*.com
  - ntp2.*.com
  - ntp3.*.com
  - ntp4.*.com
  - ntp5.*.com
  - ntp6.*.com
  - ntp7.*.com
  - "*.time.edu.cn"
  - "*.ntp.org.cn"
  - "+.pool.ntp.org"
  - time1.cloud.tencent.com
  - music.163.com
  - "*.music.163.com"
  - "*.126.net"
  - musicapi.taihe.com
  - music.taihe.com
  - songsearch.kugou.com
  - trackercdn.kugou.com
  - "*.kuwo.cn"
  - api-jooxtt.sanook.com
  - api.joox.com
  - joox.com
  - y.qq.com
  - "*.y.qq.com"
  - streamoc.music.tc.qq.com
  - mobileoc.music.tc.qq.com
  - isure.stream.qqmusic.qq.com
  - dl.stream.qqmusic.qq.com
  - aqqmusic.tc.qq.com
  - amobile.music.tc.qq.com
  - "*.xiami.com"
  - "*.music.migu.cn"
  - music.migu.cn
  - "+.msftconnecttest.com"
  - "+.msftncsi.com"
  - localhost.ptlogin2.qq.com
  - localhost.sec.qq.com
  - "+.qq.com"
  - "+.tencent.com"
  - "+.srv.nintendo.net"
  - "*.n.n.srv.nintendo.net"
  - "+.cdn.nintendo.net"
  - "+.stun.playstation.net"
  - xbox.*.*.microsoft.com
  - "*.*.xboxlive.com"
  - xbox.*.microsoft.com
  - xnotify.xboxlive.com
  - "+.battlenet.com.cn"
  - "+.wotgame.cn"
  - "+.wggames.cn"
  - "+.wowsgame.cn"
  - "+.wargaming.net"
  - proxy.golang.org
  - stun.*.*
  - stun.*.*.*
  - "+.stun.*.*"
  - "+.stun.*.*.*"
  - "+.stun.*.*.*.*"
  - "+.stun.*.*.*.*.*"
  - heartbeat.belkin.com
  - "*.linksys.com"
  - "*.linksyssmartwifi.com"
  - "*.router.asus.com"
  - mesu.apple.com
  - swscan.apple.com
  - swquery.apple.com
  - swdownload.apple.com
  - swcdn.apple.com
  - swdist.apple.com
  - lens.l.google.com
  - stun.l.google.com
  - na.b.g-tun.com
  - "+.nflxvideo.net"
  - "*.square-enix.com"
  - "*.finalfantasyxiv.com"
  - "*.ffxiv.com"
  - "*.ff14.sdo.com"
  - ff.dorado.sdo.com
  - "*.mcdn.bilivideo.cn"
  - "+.media.dssott.com"
  - shark007.net
  - Mijia Cloud
  - "+.cmbchina.com"
  - "+.cmbimg.com"
  - local.adguard.org
  - "+.sandai.net"
  - "+.n0808.com"
  - "+.uu.163.com"
  - ps.res.netease.com
  - "+.pub.3gppnetwork.org"
  - geosite:category-games
  - "+.services.googleapis.cn"
  - "+.googleapis.cn"
  - "+.xn--ngstr-lra8j.com"
  - geosite:cn
redir-port: 7892
tproxy-port: 7895
mixed-port: 7893
bind-address: "*"
external-ui: "/usr/share/openclash/ui"
keep-alive-interval: 15
keep-alive-idle: 600
ipv6: false
sniffer:
  enable: true
  override-destination: true
  sniff:
    QUIC:
      ports:
      - 443
    TLS:
      ports:
      - 443
      - 8443
    HTTP:
      ports:
      - 80
      - 8080-8880
      override-destination: true
  force-domain:
  - "+.netflix.com"
  - "+.nflxvideo.net"
  - "+.amazonaws.com"
  - "+.media.dssott.com"
  skip-domain:
  - "+.apple.com"
  - Mijia Cloud
  - dlg.io.mi.com
  - "+.oray.com"
  - "+.sunlogin.net"
  - "+.push.apple.com"
  parse-pure-ip: true
profile:
  store-selected: true
authentication:
- Clash:y5x8ypWY

#===================== 自定义覆写设置 =====================#

#!/bin/sh
. /usr/share/openclash/ruby.sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom overwrite scripts here, they will be take effict after the OpenClash own srcipts

LOG_OUT "Tip: Start Running Custom Overwrite Scripts..."
LOGTIME=$(echo $(date "+%Y-%m-%d %H:%M:%S"))
LOG_FILE="/tmp/openclash.log"
#Config Path
CONFIG_FILE="$1"

    #Simple Demo:
    #Key Overwrite Demo
    #1--config path
    #2--key name
    #3--value
    #ruby_edit "$CONFIG_FILE" "['redir-port']" "7892"
    #ruby_edit "$CONFIG_FILE" "['secret']" "123456"
    #ruby_edit "$CONFIG_FILE" "['dns']['enable']" "true"
    #ruby_edit "$CONFIG_FILE" "['dns']['proxy-server-nameserver']" "['https://doh.pub/dns-query','https://223.5.*.*:443/dns-query']"

    #Hash Overwrite Demo
    #1--config path
    #2--key name
    #3--hash type value
    #ruby_edit "$CONFIG_FILE" "['dns']['nameserver-policy']" "{'+.msftconnecttest.com'=>'114.114.*.*', '+.msftncsi.com'=>'114.114.*.*', 'geosite:gfw'=>['https://dns.cloudflare.com/dns-query', 'https://dns.google/dns-query#ecs=1.1.*.*/24&ecs-override=true'], 'geosite:cn'=>['114.114.*.*'], 'geosite:geolocation-!cn'=>['https://dns.cloudflare.com/dns-query', 'https://dns.google/dns-query#ecs=1.1.*.*/24&ecs-override=true']}"
    #ruby_edit "$CONFIG_FILE" "['sniffer']" "{'enable'=>true, 'parse-pure-ip'=>true, 'force-domain'=>['+.netflix.com', '+.nflxvideo.net', '+.amazonaws.com', '+.media.dssott.com'], 'skip-domain'=>['+.apple.com', 'Mijia Cloud', 'dlg.io.mi.com', '+.oray.com', '+.sunlogin.net'], 'sniff'=>{'TLS'=>nil, 'HTTP'=>{'ports'=>[80, '8080-8880'], 'override-destination'=>true}}}"

    #Hash Merge Demo
    #1--config path
    #2--key name
    #3--hash
    #ruby_merge_hash "$CONFIG_FILE" "['proxy-providers']" "'TW'=>{'type'=>'http', 'path'=>'./proxy_provider/TW.yaml', 'url'=>'https://gist.githubusercontent.com/raw/tw_clash', 'interval'=>3600, 'health-check'=>{'enable'=>true, 'url'=>'http://cp.cloudflare.com/generate_204', 'interval'=>300}}"
    #ruby_merge_hash "$CONFIG_FILE" "['rule-providers']" "'Reject'=>{'type'=>'http', 'behavior'=>'classical', 'url'=>'https://testingcf.jsdelivr.net/gh/dler-io/Rules@main/Clash/Provider/Reject.yaml', 'path'=>'./rule_provider/Reject', 'interval'=>86400}"

    #Array Insert Value Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value
    #ruby_arr_insert "$CONFIG_FILE" "['dns']['nameserver']" "0" "114.114.*.*"

    #Array Insert Hash Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--hash
    #ruby_arr_insert_hash "$CONFIG_FILE" "['proxy-groups']" "0" "{'name'=>'Disney', 'type'=>'select', 'disable-udp'=>false, 'use'=>['TW', 'SG', 'HK']}"
    #ruby_arr_insert_hash "$CONFIG_FILE" "['proxies']" "0" "{'name'=>'HKG 01', 'type'=>'ss', 'server'=>'cc.hd.abc', 'port'=>'12345', 'cipher'=>'aes-128-gcm', 'password'=>'123456', 'udp'=>true, 'plugin'=>'obfs', 'plugin-opts'=>{'mode'=>'http', 'host'=>'microsoft.com'}}"
    #ruby_arr_insert_hash "$CONFIG_FILE" "['listeners']" "0" "{'name'=>'name', 'type'=>'shadowsocks', 'port'=>'12345', 'listen'=>'0.0.*.*', 'rule'=>'sub-rule-1', 'proxy'=>'proxy'}"

    #Array Insert Other Array Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--array
    #ruby_arr_insert_arr "$CONFIG_FILE" "['dns']['proxy-server-nameserver']" "0" "['https://doh.pub/dns-query','https://223.5.*.*:443/dns-query']"

    #Array Insert From Yaml File Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value file path
    #5--value key name in #4 file
    #ruby_arr_add_file "$CONFIG_FILE" "['dns']['fallback-filter']['ipcidr']" "0" "/etc/openclash/custom/openclash_custom_fallback_filter.yaml" "['fallback-filter']['ipcidr']"

    #Delete Array Value Demo:
    #1--config path
    #2--key name
    #3--value
    #ruby_delete "$CONFIG_FILE" "['dns']['nameserver']" "114.114.*.*"

    #Delete Key Demo:
    #1--config path
    #2--key name
    #3--key name
    #ruby_delete "$CONFIG_FILE" "['dns']" "nameserver"
    #ruby_delete "$CONFIG_FILE" "" "dns"

    #Ruby Script Demo:
    #ruby -ryaml -rYAML -I "/usr/share/openclash" -E UTF-8 -e "
    #   begin
    #      Value = YAML.load_file('$CONFIG_FILE');
    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Load File Failed,【' + e.message + '】';
    #   end;

        #General
    #   begin
    #   Thread.new{
    #      Value['redir-port']=7892;
    #      Value['tproxy-port']=7895;
    #      Value['port']=7890;
    #      Value['socks-port']=7891;
    #      Value['mixed-port']=7893;
    #   }.join;

    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Set General Failed,【' + e.message + '】';
    #   ensure
    #      File.open('$CONFIG_FILE','w') {|f| YAML.dump(Value, f)};
    #   end" 2>/dev/null >> $LOG_FILE

exit 0
#===================== 自定义防火墙设置 =====================#

#!/bin/sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom firewall rules here, they will be added after the end of the OpenClash iptables rules

LOG_OUT "Tip: Start Add Custom Firewall Rules..."

exit 0
#===================== IPTABLES 防火墙设置 =====================#

#IPv4 NAT chain

# Generated by iptables-save v1.8.10 (nf_tables) on Sun Feb 16 14:00:45 2025
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Sun Feb 16 14:00:45 2025

#IPv4 Mangle chain

# Generated by iptables-save v1.8.10 (nf_tables) on Sun Feb 16 14:00:45 2025
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Sun Feb 16 14:00:45 2025

#IPv4 Filter chain

# Generated by iptables-save v1.8.10 (nf_tables) on Sun Feb 16 14:00:45 2025
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Sun Feb 16 14:00:45 2025

#IPv6 NAT chain


#IPv6 Mangle chain


#IPv6 Filter chain


#===================== NFTABLES 防火墙设置 =====================#

table inet fw4 {
	chain input {
		type filter hook input priority filter; policy drop;
		udp dport 443 ip daddr != @china_ip_route counter packets 0 bytes 0 reject with icmp port-unreachable comment "OpenClash QUIC REJECT"
		iifname "eth1" ip saddr != @localnetwork counter packets 16765 bytes 28414110 jump openclash_wan_input
		iif "lo" accept comment "!fw4: Accept traffic from loopback"
		ct state vmap { established : accept, related : accept } comment "!fw4: Handle inbound flows"
		tcp flags & (fin | syn | rst | ack) == syn jump syn_flood comment "!fw4: Rate limit TCP syn packets"
		iifname "br-lan" jump input_lan comment "!fw4: Handle lan IPv4/IPv6 input traffic"
		iifname "eth1" jump input_wan comment "!fw4: Handle wan IPv4/IPv6 input traffic"
		jump handle_reject
	}
}
table inet fw4 {
	chain forward {
		type filter hook forward priority filter; policy drop;
		ct state vmap { established : accept, related : accept } comment "!fw4: Handle forwarded flows"
		iifname "br-lan" jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic"
		iifname "eth1" jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic"
		jump handle_reject
	}
}
table inet fw4 {
	chain dstnat {
		type nat hook prerouting priority dstnat; policy accept;
		meta l4proto { tcp, udp } th dport 53 counter packets 1374 bytes 97289 redirect to :53 comment "OpenClash DNS Hijack"
		ip protocol tcp counter packets 513 bytes 27656 jump openclash
	}
}
table inet fw4 {
	chain srcnat {
		type nat hook postrouting priority srcnat; policy accept;
		oifname "eth1" jump srcnat_wan comment "!fw4: Handle wan IPv4/IPv6 srcnat traffic"
	}
}
table inet fw4 {
	chain nat_output {
		type nat hook output priority filter - 1; policy accept;
		meta skgid != 65534 meta l4proto { tcp, udp } th dport 53 ip daddr 127.0.*.* counter packets 20 bytes 1385 redirect to :53 comment "OpenClash DNS Hijack"
		ip protocol tcp counter packets 397 bytes 23820 jump openclash_output
	}
}
table inet fw4 {
	chain mangle_prerouting {
		type filter hook prerouting priority mangle; policy accept;
		ip protocol udp counter packets 13765 bytes 7917701 jump openclash_mangle
	}
}
table inet fw4 {
	chain mangle_output {
		type route hook output priority mangle; policy accept;
		ip protocol udp counter packets 5232 bytes 659582 jump openclash_mangle_output
	}
}
table inet fw4 {
	chain openclash {
		ip daddr @localnetwork counter packets 36 bytes 2020 return
		ct direction reply counter packets 0 bytes 0 return
		ip protocol tcp ip daddr 198.18.*.*/16 counter packets 290 bytes 15152 redirect to :7892
		ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 163 bytes 9228 return
		ip protocol tcp counter packets 24 bytes 1256 redirect to :7892
	}
}
table inet fw4 {
	chain openclash_mangle {
		meta nfproto ipv4 udp sport 500 counter packets 0 bytes 0 return
		meta nfproto ipv4 udp sport 68 counter packets 1 bytes 338 return
		ip daddr @localnetwork counter packets 9897 bytes 7041326 return
		ct direction reply counter packets 0 bytes 0 return
		ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 3714 bytes 693311 return
		ip protocol udp counter packets 153 bytes 182726 jump openclash_upnp
	}
}
table inet fw4 {
	chain openclash_mangle_output {
		meta nfproto ipv4 udp sport 500 counter packets 0 bytes 0 return
		meta nfproto ipv4 udp sport 68 counter packets 0 bytes 0 return
		meta skgid 65534 counter packets 2276 bytes 306154 return
		ip daddr @localnetwork counter packets 2892 bytes 349164 return
		ct direction reply counter packets 0 bytes 0 return
		meta l4proto udp ip daddr 198.18.*.*/16 meta mark set 0x00000162 counter packets 0 bytes 0 accept
		ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 37 bytes 2212 return
		meta mark set 0x00000162 counter packets 27 bytes 2052 accept
	}
}
table inet fw4 {
	chain openclash_output {
		meta skgid 65534 counter packets 386 bytes 23160 return
		ip daddr @localnetwork counter packets 8 bytes 480 return
		ct direction reply counter packets 0 bytes 0 return
		ip protocol tcp ip daddr 198.18.*.*/16 counter packets 3 bytes 180 redirect to :7892
		ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 0 bytes 0 return
		ip protocol tcp counter packets 0 bytes 0 redirect to :7892
	}
}
table inet fw4 {
	chain openclash_wan_input {
		th dport { 7874, 7890, 7891, 7892, 7893, 7895, 9090 } counter packets 0 bytes 0 reject
	}
}

#===================== IPSET状态 =====================#


#===================== 路由表状态 =====================#

#IPv4

#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.*.*         192.168.*.*     0.0.*.*         UG    0      0        0 eth1
192.168.*.*     0.0.*.*         255.255.*.*   U     0      0        0 eth1
192.168.*.*    0.0.*.*         255.255.*.*   U     0      0        0 br-lan

#ip route list
default via 192.168.*.* dev eth1 proto static src 192.168.*.* 
192.168.*.*/24 dev eth1 proto kernel scope link src 192.168.*.* 
192.168.*.*/24 dev br-lan proto kernel scope link src 192.168.*.* 

#ip rule show
0:	from all lookup local
32765:	from all fwmark 0x162 lookup 354
32766:	from all lookup main
32767:	from all lookup default

#IPv6

#route -A inet6
Kernel IPv6 routing table
Destination                                 Next Hop                                Flags Metric Ref    Use Iface
fd65:e46e:1cc0::/64                         ::                                      U     1024   1        0 br-lan  
fd65:e46e:1cc0::/48                         ::                                      !n    2147483647 2        0 lo      
fe80::/64                                   ::                                      U     256    1        0 eth0    
fe80::/64                                   ::                                      U     256    1        0 br-lan  
fe80::/64                                   ::                                      U     256    1        0 eth1    
::/0                                        ::                                      !n    -1     1        0 lo      
::1/128                                     ::                                      Un    0      6        0 lo      
fd65:e46e:1cc0::/128                        ::                                      Un    0      3        0 br-lan  
fd65:e46e:1cc0::1/128                       ::                                      Un    0      3        0 br-lan  
fe80::/128                                  ::                                      Un    0      3        0 eth0    
fe80::/128                                  ::                                      Un    0      3        0 eth1    
fe80::/128                                  ::                                      Un    0      3        0 br-lan  
fe80::*:*:*:6106/128               ::                                      Un    0      3        0 eth0    
fe80::*:*:*:6106/128               ::                                      Un    0      2        0 eth1    
fe80::*:*:*:6106/128               ::                                      Un    0      2        0 br-lan  
ff00::/8                                    ::                                      U     256    3        0 eth0    
ff00::/8                                    ::                                      U     256    2        0 br-lan  
ff00::/8                                    ::                                      U     256    2        0 eth1    
::/0                                        ::                                      !n    -1     1        0 lo      

#ip -6 route list
fd65:e46e:1cc0::/64 dev br-lan proto static metric 1024 pref medium
unreachable fd65:e46e:1cc0::/48 dev lo proto static metric 2147483647 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium
fe80::/64 dev eth1 proto kernel metric 256 pref medium

#ip -6 rule show
0:	from all lookup local
32766:	from all lookup main

#===================== 端口占用状态 =====================#

tcp        0      0 :::7890                 :::*                    LISTEN      5749/clash
tcp        0      0 :::7891                 :::*                    LISTEN      5749/clash
tcp        0      0 :::7895                 :::*                    LISTEN      5749/clash
tcp        0      0 :::7892                 :::*                    LISTEN      5749/clash
tcp        0      0 :::7893                 :::*                    LISTEN      5749/clash
tcp        0      0 :::9090                 :::*                    LISTEN      5749/clash
udp        0      0 :::7874                 :::*                                5749/clash
udp        0      0 :::7891                 :::*                                5749/clash
udp        0      0 :::7892                 :::*                                5749/clash
udp        0      0 :::7893                 :::*                                5749/clash
udp        0      0 :::7895                 :::*                                5749/clash

#===================== 测试本机DNS查询(www.baidu.com) =====================#

Server:		127.0.*.*
Address:	127.0.*.*:53


www.baidu.com	canonical name = www.a.shifen.com
Name:	www.a.shifen.com
Address: 183.2.*.*
Name:	www.a.shifen.com
Address: 183.2.*.*


#===================== 测试内核DNS查询(www.instagram.com) =====================#

Status: 0
TC: false
RD: false
RA: true
AD: false
CD: false

Question: 
  Name: www.instagram.com.
  Qtype: 1
  Qclass: 1

Answer: 
  TTL: 133
  data: 185.60.*.*
  name: www.instagram.com.
  type: 1

Status: 0
TC: false
RD: false
RA: true
AD: false
CD: false

Question: 
  Name: www.instagram.com.
  Qtype: 28
  Qclass: 1

Answer: 
  TTL: 30
  data: 2a03:*:*:*:face:b00c:0:25de
  name: www.instagram.com.
  type: 28


Dnsmasq 当前默认 resolv 文件：/tmp/resolv.conf.d/resolv.conf.auto

#===================== /tmp/resolv.conf.d/resolv.conf.auto =====================#

# Interface wan
nameserver 192.168.*.*

#===================== 测试本机网络连接(www.baidu.com) =====================#

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Sun, 16 Feb 2025 06:00:46 GMT
Etag: "575e1f71-115"
Last-Modified: Mon, 13 Jun 2016 02:50:25 GMT
Pragma: no-cache
Server: bfe/1.0.*.*


#===================== 测试本机网络下载(raw.githubusercontent.com) =====================#

HTTP/2 200 
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: "f6037a93c68519d7041a3b4df325b61c424ec255b45dfeb063371319e39b0d96"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: B954:10018B:119AC1D:126CEA0:67B17F0D
accept-ranges: bytes
date: Sun, 16 Feb 2025 06:00:47 GMT
via: 1.1 varnish
x-served-by: cache-sin-wsss1830064-SIN
x-cache: MISS
x-cache-hits: 0
x-timer: S1739685647.097373,VS0,VE388
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 3c77c8354e3a8dcf58ab404f0d935d8c7b9b71f2
expires: Sun, 16 Feb 2025 06:05:47 GMT
source-age: 0
content-length: 1071


#===================== 最近运行日志(自动切换为Debug模式) =====================#

time="2025-02-16T06:00:51.056436853Z" level=debug msg="[DNS] pull-tsl-q26.douyincdn.com --> [183.60.*.* 183.60.*.* 183.60.*.* 183.60.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.059422676Z" level=debug msg="[DNS] cache hit pull-lls-l26.douyincdn.com --> [222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.*] A, expire at 2025-02-16 05:56:14"
time="2025-02-16T06:00:51.059661006Z" level=debug msg="[DNS] resolve pull-lls-l26.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.059758771Z" level=debug msg="[DNS] resolve pull-lls-l26.douyincdn.com A from "
time="2025-02-16T06:00:51.065483849Z" level=debug msg="[DNS] pull-lls-l26.douyincdn.com --> [222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.071017325Z" level=debug msg="[DNS] cache hit pull-lls-f26.douyincdn.com --> [171.108.*.* 171.108.*.*] A, expire at 2025-02-16 05:57:07"
time="2025-02-16T06:00:51.071252114Z" level=debug msg="[DNS] resolve pull-lls-f26.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.071332096Z" level=debug msg="[DNS] resolve pull-lls-f26.douyincdn.com A from "
time="2025-02-16T06:00:51.076898750Z" level=debug msg="[DNS] pull-lls-f26.douyincdn.com --> [171.108.*.* 171.108.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.078834489Z" level=debug msg="[DNS] cache hit pull-flv-l29.douyincdn.com --> [222.186.*.* 222.186.*.* 222.186.*.*] A, expire at 2025-02-16 05:56:14"
time="2025-02-16T06:00:51.079072819Z" level=debug msg="[DNS] resolve pull-flv-l29.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.079138175Z" level=debug msg="[DNS] resolve pull-flv-l29.douyincdn.com A from "
time="2025-02-16T06:00:51.084919141Z" level=debug msg="[DNS] pull-flv-l29.douyincdn.com --> [222.186.*.* 222.186.*.* 222.186.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.085608266Z" level=debug msg="[DNS] cache hit pull-hls-f6.douyincdn.com --> [123.184.*.*] A, expire at 2025-02-16 05:55:50"
time="2025-02-16T06:00:51.085822039Z" level=debug msg="[DNS] resolve pull-hls-f6.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.085895170Z" level=debug msg="[DNS] resolve pull-hls-f6.douyincdn.com A from "
time="2025-02-16T06:00:51.090943441Z" level=debug msg="[DNS] pull-hls-f6.douyincdn.com --> [123.184.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.094199309Z" level=debug msg="[DNS] cache hit pull-tsl-t26.douyincdn.com --> [222.217.*.* 222.218.*.* 222.218.*.* 222.217.*.*] A, expire at 2025-02-16 05:55:56"
time="2025-02-16T06:00:51.094427786Z" level=debug msg="[DNS] resolve pull-tsl-t26.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.094540638Z" level=debug msg="[DNS] resolve pull-tsl-t26.douyincdn.com A from "
time="2025-02-16T06:00:51.099492068Z" level=debug msg="[DNS] pull-tsl-t26.douyincdn.com --> [222.217.*.* 222.217.*.* 222.218.*.* 222.218.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.104194852Z" level=debug msg="[DNS] cache hit pull-lls-l13.douyincdn.com --> [111.177.*.*] A, expire at 2025-02-16 05:58:42"
time="2025-02-16T06:00:51.104423483Z" level=debug msg="[DNS] resolve pull-lls-l13.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.104492226Z" level=debug msg="[DNS] resolve pull-lls-l13.douyincdn.com A from "
time="2025-02-16T06:00:51.109464364Z" level=debug msg="[DNS] pull-lls-l13.douyincdn.com --> [111.177.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.111444135Z" level=debug msg="[DNS] cache hit pull-hls-vr-l11.douyincdn.com --> [124.225.*.*] A, expire at 2025-02-16 05:57:26"
time="2025-02-16T06:00:51.111668532Z" level=debug msg="[DNS] resolve pull-hls-vr-l11.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.111728730Z" level=debug msg="[DNS] resolve pull-hls-vr-l11.douyincdn.com A from "
time="2025-02-16T06:00:51.116984308Z" level=debug msg="[DNS] pull-hls-vr-l11.douyincdn.com --> [124.225.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.119363528Z" level=debug msg="[DNS] cache hit pull-flv-f26.douyinliving.com --> [171.108.*.* 171.108.*.* 171.108.*.* 171.108.*.* 171.108.*.* 171.108.*.* 171.108.*.* 171.108.*.*] A, expire at 2025-02-16 05:56:22"
time="2025-02-16T06:00:51.119610172Z" level=debug msg="[DNS] resolve pull-flv-f26.douyinliving.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.119677221Z" level=debug msg="[DNS] resolve pull-flv-f26.douyinliving.com A from "
time="2025-02-16T06:00:51.125145726Z" level=debug msg="[DNS] pull-flv-f26.douyinliving.com --> [171.108.*.* 171.108.*.* 171.108.*.* 171.108.*.* 171.108.*.* 171.108.*.* 171.108.*.* 171.108.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.129513339Z" level=debug msg="[DNS] cache hit pull-tsl-hs-spe-f5.douyinliving.com --> [124.227.*.* 124.227.*.*] A, expire at 2025-02-16 05:58:23"
time="2025-02-16T06:00:51.129793162Z" level=debug msg="[DNS] resolve pull-tsl-hs-spe-f5.douyinliving.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.129830420Z" level=debug msg="[DNS] resolve pull-tsl-hs-spe-f5.douyinliving.com A from "
time="2025-02-16T06:00:51.135576668Z" level=debug msg="[DNS] pull-tsl-hs-spe-f5.douyinliving.com --> [183.2.*.* 183.2.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.138650864Z" level=debug msg="[DNS] cache hit pull-hls-vr-l26.douyincdn.com --> [222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.*] A, expire at 2025-02-16 05:59:26"
time="2025-02-16T06:00:51.138889040Z" level=debug msg="[DNS] resolve pull-hls-vr-l26.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.139009667Z" level=debug msg="[DNS] resolve pull-hls-vr-l26.douyincdn.com A from "
time="2025-02-16T06:00:51.144612964Z" level=debug msg="[DNS] pull-hls-vr-l26.douyincdn.com --> [222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.* 222.217.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.149107363Z" level=debug msg="[DNS] cache hit pull-tsl-l3-encryption.douyincdn.com --> [124.227.*.* 124.227.*.* 124.227.*.* 124.227.*.* 124.227.*.* 124.227.*.* 124.227.*.* 124.227.*.*] A, expire at 2025-02-16 05:56:41"
time="2025-02-16T06:00:51.149377794Z" level=debug msg="[DNS] resolve pull-tsl-l3-encryption.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.149448924Z" level=debug msg="[DNS] resolve pull-tsl-l3-encryption.douyincdn.com A from "
time="2025-02-16T06:00:51.155617792Z" level=debug msg="[DNS] pull-tsl-l3-encryption.douyincdn.com --> [124.227.*.* 124.227.*.* 124.227.*.* 124.227.*.* 124.227.*.* 124.227.*.* 124.227.*.* 124.227.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.158241039Z" level=debug msg="[DNS] cache hit pull-f5-xg.ixigua.com --> [116.253.*.* 116.253.*.*] A, expire at 2025-02-16 05:56:47"
time="2025-02-16T06:00:51.158470439Z" level=debug msg="[DNS] resolve pull-f5-xg.ixigua.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.158548805Z" level=debug msg="[DNS] resolve pull-f5-xg.ixigua.com A from "
time="2025-02-16T06:00:51.164572489Z" level=debug msg="[DNS] pull-f5-xg.ixigua.com --> [116.253.*.* 116.253.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.166578356Z" level=debug msg="[DNS] cache hit pull-rtmp-l11-source.douyincdn.com --> [119.147.*.* 222.79.*.* 119.147.*.* 119.147.*.* 119.147.*.* 119.147.*.*] A, expire at 2025-02-16 05:57:41"
time="2025-02-16T06:00:51.166820843Z" level=debug msg="[DNS] resolve pull-rtmp-l11-source.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.166881427Z" level=debug msg="[DNS] resolve pull-rtmp-l11-source.douyincdn.com A from "
time="2025-02-16T06:00:51.172596421Z" level=debug msg="[DNS] pull-rtmp-l11-source.douyincdn.com --> [119.147.*.* 119.147.*.* 119.147.*.* 222.79.*.* 119.147.*.* 119.147.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.176065832Z" level=debug msg="[DNS] cache hit pull-lls-f11.douyincdn.com --> [171.105.*.* 171.105.*.*] A, expire at 2025-02-16 05:59:04"
time="2025-02-16T06:00:51.176373213Z" level=debug msg="[DNS] resolve pull-lls-f11.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.176417245Z" level=debug msg="[DNS] resolve pull-lls-f11.douyincdn.com A from "
time="2025-02-16T06:00:51.181620708Z" level=debug msg="[DNS] pull-lls-f11.douyincdn.com --> [171.105.*.* 171.105.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.183808017Z" level=debug msg="[DNS] cache hit pull-hls-f5-vs-tsl.douyincdn.com --> [116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.*] A, expire at 2025-02-16 05:55:54"
time="2025-02-16T06:00:51.184093844Z" level=debug msg="[DNS] resolve pull-hls-f5-vs-tsl.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.184178137Z" level=debug msg="[DNS] resolve pull-hls-f5-vs-tsl.douyincdn.com A from "
time="2025-02-16T06:00:51.189675047Z" level=debug msg="[DNS] pull-hls-f5-vs-tsl.douyincdn.com --> [116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.193653449Z" level=debug msg="[DNS] cache hit pull-flv-l3-encryption.douyincdn.com --> [222.84.*.* 222.218.*.* 113.16.*.* 171.107.*.* 116.253.*.* 125.73.*.* 116.253.*.* 222.84.*.* 222.218.*.* 113.16.*.* 171.107.*.* 116.253.*.* 124.227.*.* 113.15.*.* 116.253.*.*] A, expire at 2025-02-16 05:58:40"
time="2025-02-16T06:00:51.193963140Z" level=debug msg="[DNS] resolve pull-flv-l3-encryption.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.194034885Z" level=debug msg="[DNS] resolve pull-flv-l3-encryption.douyincdn.com A from "
time="2025-02-16T06:00:51.199686525Z" level=debug msg="[DNS] pull-flv-l3-encryption.douyincdn.com --> [113.15.*.* 116.253.*.* 171.107.*.* 116.253.*.* 116.253.*.* 171.107.*.* 116.253.*.* 222.218.*.* 222.84.*.* 113.16.*.* 124.227.*.* 113.16.*.* 222.84.*.* 125.73.*.* 222.218.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.203937360Z" level=debug msg="[DNS] cache hit pull-t3.douyincdn.com --> [125.73.*.* 124.227.*.* 222.84.*.* 222.218.*.* 113.16.*.* 116.253.*.* 124.227.*.* 171.107.*.* 125.73.*.* 124.227.*.* 113.15.*.* 171.107.*.*] A, expire at 2025-02-16 05:57:26"
time="2025-02-16T06:00:51.204203172Z" level=debug msg="[DNS] resolve pull-t3.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.204232347Z" level=debug msg="[DNS] resolve pull-t3.douyincdn.com A from "
time="2025-02-16T06:00:51.209759279Z" level=debug msg="[DNS] pull-t3.douyincdn.com --> [113.15.*.* 171.107.*.* 125.73.*.* 124.227.*.* 124.227.*.* 222.84.*.* 222.218.*.* 125.73.*.* 124.227.*.* 113.16.*.* 171.107.*.* 116.253.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.215420234Z" level=debug msg="[DNS] cache hit pull-f5.douyincdn.com --> [116.253.*.* 116.253.*.* 116.253.*.* 124.227.*.* 171.108.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.*] A, expire at 2025-02-16 05:56:28"
time="2025-02-16T06:00:51.215680657Z" level=debug msg="[DNS] resolve pull-f5.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.215716068Z" level=debug msg="[DNS] resolve pull-f5.douyincdn.com A from "
time="2025-02-16T06:00:51.221197890Z" level=debug msg="[DNS] pull-f5.douyincdn.com --> [116.253.*.* 124.227.*.* 171.108.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.226046859Z" level=debug msg="[DNS] cache hit pull-tsl-f1.douyinliving.com --> [117.27.*.*] A, expire at 2025-02-16 05:58:57"
time="2025-02-16T06:00:51.226273565Z" level=debug msg="[DNS] resolve pull-tsl-f1.douyinliving.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.226329222Z" level=debug msg="[DNS] resolve pull-tsl-f1.douyinliving.com A from "
time="2025-02-16T06:00:51.231673634Z" level=debug msg="[DNS] pull-tsl-f1.douyinliving.com --> [117.27.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.234272479Z" level=debug msg="[DNS] cache hit pull-f5-xg.flive.ixigua.com --> [116.253.*.* 116.253.*.*] A, expire at 2025-02-16 05:56:55"
time="2025-02-16T06:00:51.234522817Z" level=debug msg="[DNS] resolve pull-f5-xg.flive.ixigua.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.234609420Z" level=debug msg="[DNS] resolve pull-f5-xg.flive.ixigua.com A from "
time="2025-02-16T06:00:51.240182617Z" level=debug msg="[DNS] pull-f5-xg.flive.ixigua.com --> [116.253.*.* 116.253.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.242872914Z" level=debug msg="[DNS] cache hit pull-tsl-f11.douyinliving.com --> [58.223.*.* 58.223.*.* 222.79.*.* 58.223.*.* 222.79.*.* 222.79.*.* 58.223.*.* 58.223.*.*] A, expire at 2025-02-16 05:59:55"
time="2025-02-16T06:00:51.243167285Z" level=debug msg="[DNS] resolve pull-tsl-f11.douyinliving.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.243225713Z" level=debug msg="[DNS] resolve pull-tsl-f11.douyinliving.com A from "
time="2025-02-16T06:00:51.248340186Z" level=debug msg="[DNS] pull-tsl-f11.douyinliving.com --> [58.223.*.* 58.223.*.* 58.223.*.* 222.79.*.* 222.79.*.* 58.223.*.* 58.223.*.* 222.79.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.252283178Z" level=debug msg="[DNS] cache hit pull-f5-io.flive.douyincdn.com --> [116.253.*.* 116.253.*.* 124.227.*.* 171.108.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.*] A, expire at 2025-02-16 05:55:48"
time="2025-02-16T06:00:51.252525896Z" level=debug msg="[DNS] resolve pull-f5-io.flive.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.252606956Z" level=debug msg="[DNS] resolve pull-f5-io.flive.douyincdn.com A from "
time="2025-02-16T06:00:51.258270528Z" level=debug msg="[DNS] pull-f5-io.flive.douyincdn.com --> [116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 116.253.*.* 124.227.*.* 116.253.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.260413266Z" level=debug msg="[DNS] cache hit pull-hls-q6.douyincdn.com --> [123.184.*.*] A, expire at 2025-02-16 05:55:49"
time="2025-02-16T06:00:51.260650826Z" level=debug msg="[DNS] resolve pull-hls-q6.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.260724573Z" level=debug msg="[DNS] resolve pull-hls-q6.douyincdn.com A from "
time="2025-02-16T06:00:51.266235955Z" level=debug msg="[DNS] pull-hls-q6.douyincdn.com --> [123.184.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.268833568Z" level=debug msg="[DNS] cache hit pull-lls-q6.douyincdn.com --> [113.16.*.*] A, expire at 2025-02-16 05:57:08"
time="2025-02-16T06:00:51.269054885Z" level=debug msg="[DNS] resolve pull-lls-q6.douyincdn.com A from udp://192.168.*.*:53"
time="2025-02-16T06:00:51.269128401Z" level=debug msg="[DNS] resolve pull-lls-q6.douyincdn.com A from "
time="2025-02-16T06:00:51.274726693Z" level=debug msg="[DNS] pull-lls-q6.douyincdn.com --> [113.16.*.*] A from udp://192.168.*.*:53"
time="2025-02-16T06:00:52.147012979Z" level=debug msg="[Rule] use default rules"
time="2025-02-16T06:00:52.148174374Z" level=debug msg="[Process] find process error for github.com: process not found"
time="2025-02-16T06:00:52.223866916Z" level=info msg="[TCP] 192.168.*.*:8066 --> github.com:443 match DomainKeyword(github) using 🚀 节点选择[🇸🇬 专线 狮城 03]"

#===================== 最近运行日志获取完成(自动切换为silent模式) =====================#


#===================== 活动连接信息 =====================#

1. SourceIP:【192.168.*.*】 - Host:【translate.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
2. SourceIP:【192.168.*.*】 - Host:【api.ip.sb】 - DestinationIP:【104.26.*.*】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇸🇬 专线 狮城 03】
3. SourceIP:【192.168.*.*】 - Host:【raw.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
4. SourceIP:【192.168.*.*】 - Host:【openwrt.github.io】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
5. SourceIP:【192.168.*.*】 - Host:【translate-pa.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
6. SourceIP:【192.168.*.*】 - Host:【www.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
7. SourceIP:【192.168.*.*】 - Host:【content-autofill.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
8. SourceIP:【192.168.*.*】 - Host:【translate.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
9. SourceIP:【192.168.*.*】 - Host:【avatars3.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
10. SourceIP:【192.168.*.*】 - Host:【content-autofill.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
11. SourceIP:【192.168.*.*】 - Host:【android.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
12. SourceIP:【192.168.*.*】 - Host:【downloads.openwrt.org】 - DestinationIP:【151.101.*.*】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇸🇬 专线 狮城 03】
13. SourceIP:【192.168.*.*】 - Host:【translate.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
14. SourceIP:【192.168.*.*】 - Host:【content-autofill.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
15. SourceIP:【192.168.*.*】 - Host:【clients4.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
16. SourceIP:【192.168.*.*】 - Host:【api.ipify.org】 - DestinationIP:【172.67.*.*】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇸🇬 专线 狮城 03】
17. SourceIP:【192.168.*.*】 - Host:【github.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
18. SourceIP:【192.168.*.*】 - Host:【www.youtube.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【youtube】 - Lastchain:【🇸🇬 专线 狮城 03】
19. SourceIP:【192.168.*.*】 - Host:【dig.bdurl.net】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【bdurl.net】 - Lastchain:【DIRECT】
20. SourceIP:【192.168.*.*】 - Host:【mtalk.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【mtalk.google.com】 - Lastchain:【🇸🇬 专线 狮城 03】
21. SourceIP:【192.168.*.*】 - Host:【avatars.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
22. SourceIP:【192.168.*.*】 - Host:【collector.github.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
23. SourceIP:【192.168.*.*】 - Host:【api-ipv4.ip.sb】 - DestinationIP:【104.26.*.*】 - Network:【tcp】 - RulePayload:【】 - Lastchain:【🇸🇬 专线 狮城 03】
24. SourceIP:【192.168.*.*】 - Host:【api.github.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
25. SourceIP:【192.168.*.*】 - Host:【avatars0.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
26. SourceIP:【192.168.*.*】 - Host:【go.microsoft.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【microsoft】 - Lastchain:【🇸🇬 专线 狮城 03】
27. SourceIP:【192.168.*.*】 - Host:【mtalk.google.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【mtalk.google.com】 - Lastchain:【🇸🇬 专线 狮城 03】
28. SourceIP:【192.168.*.*】 - Host:【avatars2.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
29. SourceIP:【192.168.*.*】 - Host:【chromesyncpasswords-pa.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
30. SourceIP:【192.168.*.*】 - Host:【user-images.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
31. SourceIP:【192.168.*.*】 - Host:【optimizationguide-pa.googleapis.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【google】 - Lastchain:【🇸🇬 专线 狮城 03】
32. SourceIP:【192.168.*.*】 - Host:【alive.github.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
33. SourceIP:【192.168.*.*】 - Host:【avatars.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】
34. SourceIP:【192.168.*.*】 - Host:【avatars1.githubusercontent.com】 - DestinationIP:【】 - Network:【tcp】 - RulePayload:【github】 - Lastchain:【🇸🇬 专线 狮城 03】

OpenClash Config

Expected Behavior

查找到的解决方法是2023年的，2025年还出现，希望在2025年能修复

Additional Context

No response

[vernesong]

你要看看是不是内核崩了，或者系统防火墙被重置了，因为你的机器比较特殊

[fangwen250127]

你要看看是不是内核崩了，或者系统防火墙被重置了，因为你的机器比较特殊

怎么看，关闭openclash后可以正常联网，但是开了就彻底连不上。开关那个设置后就正常了。尝试过恢复openclash默认设置，重启路由器，重启光猫都没解决

[vernesong]

不正常的时候调调试日志

[tonyk520]

遇到类似问题，0.46.064版每次停电再启动都会无法启动，日志中也没有任何报错，此时任意设备ping dns可以通，但是打开网页dns不做解析，手动点一下打开OpenClash启动起来OpenClash的进程就一切正常了，今天升级了075版，报错“错误：LAN IP 地址获取失败，请检查 LAN 接口设置或在插件设置中选择正确的 LAN 接口名称”，退回064正常启动一次，然后断电再重启试下也报“错误：LAN IP 地址获取失败，请检查 LAN 接口设置或在插件设置中选择正确的 LAN 接口名称”，此间未做过任何设置变动，可能是我设备ZN-M2比较老吧，我就干脆老老实实退回到0.45版用老DEV内核正常了，先用着了