Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] 更新到v0.46.075 版本后,混合端口7893只能使用socks代理,http代理连接不上 #4332

Open
5 of 7 tasks
tian4546 opened this issue Feb 17, 2025 · 3 comments
Open
5 of 7 tasks

[Bug] 更新到v0.46.075 版本后,混合端口7893只能使用socks代理,http代理连接不上 #4332

tian4546 opened this issue Feb 17, 2025 · 3 comments
Labels
bug Something isn't working

Comments

@tian4546
Copy link

Verify Steps

  • Tracker 我已经在 Issue Tracker 中找过我要提出的问题
  • Branch 我知道 OpenClash 的 Dev 分支切换开关位于插件设置-版本更新中,或者我会手动下载并安装 Dev 分支的 OpenClash
  • Latest 我已经使用最新 Dev 版本测试过,问题依旧存在
  • Relevant 我知道 OpenClash 与 内核(Core)、控制面板(Dashboard)、在线订阅转换(Subconverter)等项目之间无直接关系,仅相互调用
  • Definite 这确实是 OpenClash 出现的问题
  • Contributors 我有能力协助 OpenClash 开发并解决此问题
  • Meaningless 我提交的是无意义的催促更新或修复请求

OpenClash Version

0.46.075

Bug on Environment

Immortalwrt

OpenWrt Version

ImmortalWrt 24.10.0

Bug on Platform

Linux-amd64(x86-64)

Describe the Bug

[Bug] 更新到v0.46.075 版本后,混合端口7893只能使用socks代理,http代理连接不上。单独使用http代理的7890端口是可以连接上的。

防火线通讯规则开放7893和7890 wan区域到本设备(输入),然后本插件,流量控制里面的 仅允许内网 钩去掉,然后电脑连接手机热点,http代理的软件进行代理连接测试了,google浏览器可以用 ZeroOmega 插件,或者 FinalShell 软甲http代理连接局域网的ssh设备就可以复现,在未升级之前是可以的升级后就不行了

To Reproduce

防火线通讯规则开放7893和7890 wan区域到本设备(输入),然后本插件,流量控制里面的 仅允许内网 钩去掉,然后电脑连接手机热点,http代理的软件进行代理连接测试了,google浏览器可以用 ZeroOmega 插件,或者 FinalShell 软甲http代理连接局域网的ssh设备就可以复现,在未升级之前是可以的升级后就不行了

OpenClash Log

OpenClash 调试日志

生成时间: 2025-02-17 10:13:03
插件版本: 0.46.075
隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息



#===================== 系统信息 =====================#

主机型号: QEMU Standard PC (i440FX + PIIX, 1996)
固件版本: ImmortalWrt 24.10.0 r32824-6a73dae98c9c
LuCI版本: 25.040.36223~e888ad7
内核版本: 6.6.73
处理器架构: x86_64

#此项有值时,如不使用IPv6,建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: 

DNS劫持: Dnsmasq 转发
#DNS劫持为Dnsmasq时,此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.*.*#7874

#===================== 依赖检查 =====================#

dnsmasq-full: 已安装
dnsmasq-full(ipset): 未安装
dnsmasq-full(nftset): 已安装
bash: 已安装
curl: 已安装
ca-bundle: 已安装
ipset: 未安装
ip-full: 已安装
ruby: 已安装
ruby-yaml: 已安装
ruby-psych: 已安装
ruby-pstore: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci >= 19.07): 已安装
kmod-inet-diag(PROCESS-NAME): 已安装
unzip: 已安装
kmod-nft-tproxy: 已安装

#===================== 内核检查 =====================#

运行状态: 运行中
运行内核:Meta
进程pid: 31914
运行用户: root
已选择的架构: linux-amd64

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限

Meta内核版本: alpha-gef29e45
Meta内核文件: 存在
Meta内核运行权限: 正常

#===================== 配置文件 =====================#

mixed-port: 7893
allow-lan: true
bind-address: "*"
mode: rule
log-level: info
external-controller: 0.0.*.*:9090
dns:
  enable: true
  ipv6: true
  default-nameserver:
  - 223.5.*.*
  - 119.29.*.*
  fake-ip-range: 198.18.*.*/16
  use-hosts: true
  nameserver:
  - dhcp://"pppoe-wan"
  - 118.249.*.*
  - "[fe80::*:*:*:2490]:53"
  - 222.246.*.*
  - 59.51.*.*
  - "[240e:50:c800::210]:53"
  - "[240e:50:5000::80]:53"
  fallback:
  - https://doh.dns.sb/dns-query
  - https://dns.cloudflare.com/dns-query
  - https://dns.twnic.tw/dns-query
  - tls://8.8.*.*:853
  fallback-filter:
    geoip: true
    ipcidr:
    - 240.0.*.*/4
    - 0.0.*.*/32
  enhanced-mode: fake-ip
  listen: 0.0.*.*:7874
  fake-ip-filter-mode: blacklist
  fake-ip-filter:
  - "*.lan"
  - "*.localdomain"
  - "*.example"
  - "*.invalid"
  - "*.localhost"
  - "*.test"
  - "*.local"
  - "*.home.arpa"
  - time.*.com
  - time.*.gov

redir-port: 7892
tproxy-port: 7895
port: 7890
socks-port: 7891
external-ui: "/usr/share/openclash/ui"
keep-alive-interval: 15
keep-alive-idle: 600
ipv6: true
tcp-concurrent: true
unified-delay: true
sniffer:
  enable: true
  override-destination: true
  sniff:
    QUIC:
      ports:
      - 443
    TLS:
      ports:
      - 443
      - 8443
    HTTP:
      ports:
      - 80
      - 8080-8880
      override-destination: true
  force-domain:
  - "+.netflix.com"
  - "+.nflxvideo.net"
  - "+.amazonaws.com"
  - "+.media.dssott.com"
  skip-domain:
  - "+.apple.com"
  - Mijia Cloud
  - dlg.io.mi.com
  - "+.oray.com"
  - "+.sunlogin.net"
  - "+.push.apple.com"
  parse-pure-ip: true
tun:
  enable: true
  stack: mixed
  device: utun
  dns-hijack:
  - 127.0.*.*:53
  endpoint-independent-nat: true
  auto-route: false
  auto-detect-interface: false
  auto-redirect: false
  strict-route: false
profile:
  store-selected: true
  store-fake-ip: true
authentication:
- tsl:tsl123
rule-providers:
  Rule-provider - cfg2aac5a:
    type: file
    behavior: domain
    path: "./rule_provider/MyPorxy"
    format: text

#===================== 自定义覆写设置 =====================#

#!/bin/sh
. /usr/share/openclash/ruby.sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom overwrite scripts here, they will be take effict after the OpenClash own srcipts

LOG_OUT "Tip: Start Running Custom Overwrite Scripts..."
LOGTIME=$(echo $(date "+%Y-%m-%d %H:%M:%S"))
LOG_FILE="/tmp/openclash.log"
#Config Path
CONFIG_FILE="$1"

    #Simple Demo:
    #Key Overwrite Demo
    #1--config path
    #2--key name
    #3--value
    #ruby_edit "$CONFIG_FILE" "['redir-port']" "7892"
    #ruby_edit "$CONFIG_FILE" "['secret']" "123456"
    #ruby_edit "$CONFIG_FILE" "['dns']['enable']" "true"
    #ruby_edit "$CONFIG_FILE" "['dns']['proxy-server-nameserver']" "['https://doh.pub/dns-query','https://223.5.*.*:443/dns-query']"

    #Hash Overwrite Demo
    #1--config path
    #2--key name
    #3--hash type value
    #ruby_edit "$CONFIG_FILE" "['dns']['nameserver-policy']" "{'+.msftconnecttest.com'=>'114.114.*.*', '+.msftncsi.com'=>'114.114.*.*', 'geosite:gfw'=>['https://dns.cloudflare.com/dns-query', 'https://dns.google/dns-query#ecs=1.1.*.*/24&ecs-override=true'], 'geosite:cn'=>['114.114.*.*'], 'geosite:geolocation-!cn'=>['https://dns.cloudflare.com/dns-query', 'https://dns.google/dns-query#ecs=1.1.*.*/24&ecs-override=true']}"
    #ruby_edit "$CONFIG_FILE" "['sniffer']" "{'enable'=>true, 'parse-pure-ip'=>true, 'force-domain'=>['+.netflix.com', '+.nflxvideo.net', '+.amazonaws.com', '+.media.dssott.com'], 'skip-domain'=>['+.apple.com', 'Mijia Cloud', 'dlg.io.mi.com', '+.oray.com', '+.sunlogin.net'], 'sniff'=>{'TLS'=>nil, 'HTTP'=>{'ports'=>[80, '8080-8880'], 'override-destination'=>true}}}"

    #Hash Merge Demo
    #1--config path
    #2--key name
    #3--hash
    #ruby_merge_hash "$CONFIG_FILE" "['proxy-providers']" "'TW'=>{'type'=>'http', 'path'=>'./proxy_provider/TW.yaml', 'url'=>'https://gist.githubusercontent.com/raw/tw_clash', 'interval'=>3600, 'health-check'=>{'enable'=>true, 'url'=>'http://cp.cloudflare.com/generate_204', 'interval'=>300}}"
    #ruby_merge_hash "$CONFIG_FILE" "['rule-providers']" "'Reject'=>{'type'=>'http', 'behavior'=>'classical', 'url'=>'https://testingcf.jsdelivr.net/gh/dler-io/Rules@main/Clash/Provider/Reject.yaml', 'path'=>'./rule_provider/Reject', 'interval'=>86400}"

    #Array Insert Value Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value
    #ruby_arr_insert "$CONFIG_FILE" "['dns']['nameserver']" "0" "114.114.*.*"

    #Array Insert Hash Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--hash
    #ruby_arr_insert_hash "$CONFIG_FILE" "['proxy-groups']" "0" "{'name'=>'Disney', 'type'=>'select', 'disable-udp'=>false, 'use'=>['TW', 'SG', 'HK']}"
    #ruby_arr_insert_hash "$CONFIG_FILE" "['proxies']" "0" "{'name'=>'HKG 01', 'type'=>'ss', 'server'=>'cc.hd.abc', 'port'=>'12345', 'cipher'=>'aes-128-gcm', 'password'=>'123456', 'udp'=>true, 'plugin'=>'obfs', 'plugin-opts'=>{'mode'=>'http', 'host'=>'microsoft.com'}}"
    #ruby_arr_insert_hash "$CONFIG_FILE" "['listeners']" "0" "{'name'=>'name', 'type'=>'shadowsocks', 'port'=>'12345', 'listen'=>'0.0.*.*', 'rule'=>'sub-rule-1', 'proxy'=>'proxy'}"

    #Array Insert Other Array Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--array
    #ruby_arr_insert_arr "$CONFIG_FILE" "['dns']['proxy-server-nameserver']" "0" "['https://doh.pub/dns-query','https://223.5.*.*:443/dns-query']"

    #Array Insert From Yaml File Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value file path
    #5--value key name in #4 file
    #ruby_arr_add_file "$CONFIG_FILE" "['dns']['fallback-filter']['ipcidr']" "0" "/etc/openclash/custom/openclash_custom_fallback_filter.yaml" "['fallback-filter']['ipcidr']"

    #Delete Array Value Demo:
    #1--config path
    #2--key name
    #3--value
    #ruby_delete "$CONFIG_FILE" "['dns']['nameserver']" "114.114.*.*"

    #Delete Key Demo:
    #1--config path
    #2--key name
    #3--key name
    #ruby_delete "$CONFIG_FILE" "['dns']" "nameserver"
    #ruby_delete "$CONFIG_FILE" "" "dns"

    #Ruby Script Demo:
    #ruby -ryaml -rYAML -I "/usr/share/openclash" -E UTF-8 -e "
    #   begin
    #      Value = YAML.load_file('$CONFIG_FILE');
    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Load File Failed,【' + e.message + '】';
    #   end;

        #General
    #   begin
    #   Thread.new{
    #      Value['redir-port']=7892;
    #      Value['tproxy-port']=7895;
    #      Value['port']=7890;
    #      Value['socks-port']=7891;
    #      Value['mixed-port']=7893;
    #   }.join;

    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Set General Failed,【' + e.message + '】';
    #   ensure
    #      File.open('$CONFIG_FILE','w') {|f| YAML.dump(Value, f)};
    #   end" 2>/dev/null >> $LOG_FILE

exit 0
#===================== 自定义防火墙设置 =====================#

#!/bin/sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom firewall rules here, they will be added after the end of the OpenClash iptables rules

LOG_OUT "Tip: Start Add Custom Firewall Rules..."

exit 0
#===================== IPTABLES 防火墙设置 =====================#

#IPv4 NAT chain


#IPv4 Mangle chain

# Generated by iptables-save v1.8.10 on Mon Feb 17 10:13:04 2025
*mangle
:PREROUTING ACCEPT [23155478:21039070530]
:INPUT ACCEPT [20174913:20284616405]
:FORWARD ACCEPT [2923120:746145480]
:OUTPUT ACCEPT [12318518:17797250726]
:POSTROUTING ACCEPT [15210474:18537963013]
COMMIT
# Completed on Mon Feb 17 10:13:04 2025

#IPv4 Filter chain

# Generated by iptables-save v1.8.10 on Mon Feb 17 10:13:04 2025
*filter
:INPUT ACCEPT [20552696:20541800980]
:FORWARD ACCEPT [2955829:748562076]
:OUTPUT ACCEPT [12673333:18069760630]
-A INPUT -p tcp -m tcp --dport 992 -m comment --comment "Rule For SoftEther VPN Server" -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8888 -m comment --comment "Rule For SoftEther VPN Server" -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5555 -m comment --comment "Rule For SoftEther VPN Server" -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -m comment --comment "Rule For SoftEther VPN Server" -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1194 -m comment --comment "Rule For SoftEther VPN Server" -j ACCEPT
-A INPUT -p udp -m udp --dport 1194 -m comment --comment "Rule For SoftEther VPN Server" -j ACCEPT
-A INPUT -p udp -m multiport --dports 500,1701,4500 -m comment --comment "Rule For SoftEther VPN Server" -j ACCEPT
-A INPUT -p udp -m multiport --dports 500,4500 -m comment --comment "IPSec VPN Server" -j ACCEPT
COMMIT
# Completed on Mon Feb 17 10:13:04 2025

#IPv6 NAT chain


#IPv6 Mangle chain

# Generated by ip6tables-save v1.8.10 on Mon Feb 17 10:13:04 2025
*mangle
:PREROUTING ACCEPT [1803373:1126903684]
:INPUT ACCEPT [1131317:977356408]
:FORWARD ACCEPT [620846:138767397]
:OUTPUT ACCEPT [2132065:1517872638]
:POSTROUTING ACCEPT [2728834:1650490252]
COMMIT
# Completed on Mon Feb 17 10:13:04 2025

#IPv6 Filter chain

# Generated by ip6tables-save v1.8.10 on Mon Feb 17 10:13:04 2025
*filter
:INPUT ACCEPT [1098894:937810797]
:FORWARD ACCEPT [618253:138556356]
:OUTPUT ACCEPT [2090878:1467182311]
COMMIT
# Completed on Mon Feb 17 10:13:04 2025

#===================== NFTABLES 防火墙设置 =====================#

table inet fw4 {
	chain input {
		type filter hook input priority filter; policy drop;
		meta l4proto { tcp, udp } iifname "utun" counter packets 5 bytes 530 accept comment "OpenClash TUN Input"
		jump lucky666.cn_auto
		iif "lo" accept comment "!fw4: Accept traffic from loopback"
		ct state vmap { established : accept, related : accept } comment "!fw4: Handle inbound flows"
		tcp flags & (fin | syn | rst | ack) == syn jump syn_flood comment "!fw4: Rate limit TCP syn packets"
		iifname "br-lan" jump input_lan comment "!fw4: Handle lan IPv4/IPv6 input traffic"
		iifname "pppoe-wan" jump input_wan comment "!fw4: Handle wan IPv4/IPv6 input traffic"
		iifname "eth1.45" jump input_IPTV comment "!fw4: Handle IPTV IPv4/IPv6 input traffic"
		iifname "ipsec0" jump input_VPN comment "!fw4: Handle VPN IPv4/IPv6 input traffic"
		jump handle_reject
	}
}
table inet fw4 {
	chain forward {
		type filter hook forward priority filter; policy drop;
		oifname "utun" udp dport 443 ip daddr != @china_ip_route counter packets 0 bytes 0 reject with icmp port-unreachable comment "OpenClash QUIC REJECT"
		meta l4proto { tcp, udp } iifname "utun" counter packets 59 bytes 7999 accept comment "OpenClash TUN Forward"
		meta l4proto { tcp, udp } oifname "utun" counter packets 97 bytes 8614 accept comment "OpenClash TUN Forward"
		meta l4proto { tcp, udp } flow add @ft
		ct state vmap { established : accept, related : accept } comment "!fw4: Handle forwarded flows"
		iifname "br-lan" jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic"
		iifname "pppoe-wan" jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic"
		iifname "eth1.45" jump forward_IPTV comment "!fw4: Handle IPTV IPv4/IPv6 forward traffic"
		iifname "ipsec0" jump forward_VPN comment "!fw4: Handle VPN IPv4/IPv6 forward traffic"
		jump upnp_forward comment "Hook into miniupnpd forwarding chain"
		jump handle_reject
	}
}
table inet fw4 {
	chain dstnat {
		type nat hook prerouting priority dstnat; policy accept;
		meta l4proto { tcp, udp } th dport 53 counter packets 0 bytes 0 redirect to :53 comment "OpenClash DNS Hijack"
		iifname "br-lan" jump dstnat_lan comment "!fw4: Handle lan IPv4/IPv6 dstnat traffic"
		iifname "pppoe-wan" jump dstnat_wan comment "!fw4: Handle wan IPv4/IPv6 dstnat traffic"
		jump upnp_prerouting comment "Hook into miniupnpd prerouting chain"
		ip protocol tcp counter packets 572 bytes 31388 jump openclash
	}
}
table inet fw4 {
	chain srcnat {
		type nat hook postrouting priority srcnat; policy accept;
		meta nfproto ipv4 oifname "utun" counter packets 44 bytes 5184 return comment "OpenClash TUN Postrouting"
		oifname "br-lan" jump srcnat_lan comment "!fw4: Handle lan IPv4/IPv6 srcnat traffic"
		oifname "pppoe-wan" jump srcnat_wan comment "!fw4: Handle wan IPv4/IPv6 srcnat traffic"
		jump upnp_postrouting comment "Hook into miniupnpd postrouting chain"
	}
}
table inet fw4 {
	chain nat_output {
		type nat hook output priority filter - 1; policy accept;
		meta skgid != 65534 meta l4proto { tcp, udp } th dport 53 ip daddr 127.0.*.* counter packets 38 bytes 2634 redirect to :53 comment "OpenClash DNS Hijack"
		ip protocol tcp counter packets 904 bytes 54176 jump openclash_output
	}
}
table inet fw4 {
	chain mangle_prerouting {
		type filter hook prerouting priority mangle; policy accept;
		ip protocol udp counter packets 4843 bytes 838936 jump openclash_mangle
	}
}
table inet fw4 {
	chain mangle_output {
		type route hook output priority mangle; policy accept;
		meta nfproto ipv4 meta l4proto { tcp, udp } counter packets 40198 bytes 72573427 jump openclash_mangle_output
	}
}
table inet fw4 {
	chain openclash {
		meta nfproto ipv4 tcp sport 7890 counter packets 0 bytes 0 return
		meta nfproto ipv4 tcp sport 8000 counter packets 0 bytes 0 return
		meta nfproto ipv4 tcp sport 9001 counter packets 0 bytes 0 return
		meta nfproto ipv4 tcp sport 9000 counter packets 0 bytes 0 return
		meta nfproto ipv4 tcp sport 9090 counter packets 0 bytes 0 return
		meta nfproto ipv4 tcp sport 7893 counter packets 0 bytes 0 return
		ip daddr @localnetwork counter packets 499 bytes 27172 return
		ct direction reply counter packets 0 bytes 0 return
		ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 40 bytes 2360 return
		ip protocol tcp counter packets 33 bytes 1856 redirect to :7892
	}
}
table inet fw4 {
	chain openclash_mangle {
		meta nfproto ipv4 udp sport 1701 counter packets 0 bytes 0 return
		meta nfproto ipv4 udp sport 4500 counter packets 0 bytes 0 return
		meta nfproto ipv4 udp sport 500 counter packets 0 bytes 0 return
		meta nfproto ipv4 udp sport 7893 counter packets 0 bytes 0 return
		meta nfproto ipv4 udp sport 68 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* udp sport 3389 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* udp sport 3389 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* udp sport 3389 counter packets 0 bytes 0 return
		meta l4proto { tcp, udp } iifname "utun" counter packets 64 bytes 8529 return
		ip daddr @localnetwork counter packets 3785 bytes 584294 return
		ct direction reply counter packets 712 bytes 225095 return
		ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 185 bytes 12404 return
		ip protocol udp counter packets 97 bytes 8614 jump openclash_upnp
		meta mark set 0x00000162 counter packets 97 bytes 8614
	}
}
table inet fw4 {
	chain openclash_mangle_output {
		meta nfproto ipv4 udp sport 1701 counter packets 0 bytes 0 return
		meta nfproto ipv4 udp sport 4500 counter packets 0 bytes 0 return
		meta nfproto ipv4 udp sport 500 counter packets 0 bytes 0 return
		meta nfproto ipv4 udp sport 7893 counter packets 0 bytes 0 return
		meta nfproto ipv4 udp sport 68 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* udp sport 3389 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* udp sport 3389 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* udp sport 3389 counter packets 0 bytes 0 return
		meta skgid 65534 counter packets 17040 bytes 20889504 return
		ip daddr @localnetwork counter packets 18485 bytes 36074261 return
		ct direction reply counter packets 3273 bytes 15539455 return
		meta l4proto { tcp, udp } ip daddr 198.18.*.*/16 meta mark set 0x00000162 counter packets 164 bytes 15786
		ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 951 bytes 40573 return
		meta l4proto udp meta mark set 0x00000162 counter packets 22 bytes 1148
	}
}
table inet fw4 {
	chain openclash_output {
		meta nfproto ipv4 tcp sport 7890 counter packets 0 bytes 0 return
		meta nfproto ipv4 tcp sport 8000 counter packets 0 bytes 0 return
		meta nfproto ipv4 tcp sport 9001 counter packets 0 bytes 0 return
		meta nfproto ipv4 tcp sport 9000 counter packets 0 bytes 0 return
		meta nfproto ipv4 tcp sport 9090 counter packets 0 bytes 0 return
		meta nfproto ipv4 tcp sport 7893 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 3389 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 3389 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 3389 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 5000 counter packets 0 bytes 0 return
		ip saddr 192.168.*.* tcp sport 5001 counter packets 0 bytes 0 return
		meta skgid 65534 counter packets 571 bytes 34196 return
		ip daddr @localnetwork counter packets 322 bytes 19320 return
		ct direction reply counter packets 0 bytes 0 return
		ip protocol tcp ip daddr 198.18.*.*/16 counter packets 10 bytes 600 redirect to :7892
		ip daddr @china_ip_route ip daddr != @china_ip_route_pass counter packets 0 bytes 0 return
		ip protocol tcp counter packets 1 bytes 60 redirect to :7892
	}
}

#===================== IPSET状态 =====================#


#===================== 路由表状态 =====================#

#IPv4

#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.*.*         118.249.*.*    0.0.*.*         UG    0      0        0 pppoe-wan
118.249.*.*    0.0.*.*         255.255.*.* UH    0      0        0 pppoe-wan
192.168.*.*     0.0.*.*         255.255.*.*   U     0      0        0 eth1
192.168.*.*     0.0.*.*         255.255.*.*   U     0      0        0 br-lan
198.18.*.*      0.0.*.*         255.255.*.* U     0      0        0 utun

#ip route list
default via 118.249.*.* dev pppoe-wan proto static 
118.249.*.* dev pppoe-wan proto kernel scope link src 118.249.*.* 
192.168.*.*/24 dev eth1 proto kernel scope link src 192.168.*.* 
192.168.*.*/24 dev br-lan proto kernel scope link src 192.168.*.* 
198.18.*.*/30 dev utun proto kernel scope link src 198.18.*.* 

#ip rule show
0:	from all lookup local
1888:	from all fwmark 0x162 ipproto icmp lookup main
1889:	from all fwmark 0x162 lookup 354
32766:	from all lookup main
32767:	from all lookup default

#IPv6

#route -A inet6
Kernel IPv6 routing table
Destination                                 Next Hop                                Flags Metric Ref    Use Iface
::/0                                        fdfe:dcba:9876::2                       UG    1024   1        0 utun    
::/0                                        fe80::*:*:*:2490               UG    512    2        0 pppoe-wan
::/0                                        fe80::*:*:*:2490               UG    512    4        0 pppoe-wan
240e:*:*:*::/64                       ::                                      !n    2147483647 3        0 lo      
240e:*:*:*::/64                      ::                                      U     1024   4        0 br-lan  
240e:*:*:*::/64                      ::                                      U     1024   1        0 pppoe-wan
240e:*:*:*::/56                      ::                                      !n    2147483647 1        0 lo      
fdfe:dcba:9876::/126                        ::                                      U     256    1        0 utun    
fe80::*:*:*:2490/128               ::                                      U     256    2        0 pppoe-wan
fe80::*:*:*:c7d5/128               ::                                      U     256    2        0 pppoe-wan
fe80::/64                                   ::                                      U     256    4        0 br-lan  
fe80::/64                                   ::                                      U     256    1        0 eth1    
fe80::/64                                   ::                                      U     256    1        0 eth1.45 
fe80::/64                                   ::                                      U     256    1        0 utun    
::/0                                        ::                                      !n    -1     2        0 lo      
::1/128                                     ::                                      Un    0      5        0 lo      
240e:*:*:*::/128                      ::                                      Un    0      3        0 pppoe-wan
240e:*:*:*:62be:b402:761c:c7d5/128    ::                                      Un    0      4        0 pppoe-wan
240e:*:*:*::/128                     ::                                      Un    0      3        0 br-lan  
240e:*:*:*:be24:11ff:fe30:1332/128   ::                                      Un    0      5        0 br-lan  
240e:*:*:*::/128                     ::                                      Un    0      3        0 pppoe-wan
240e:*:*:*:200:ff:fe00:0/128         ::                                      Un    0      6        0 pppoe-wan
fdfe:dcba:9876::/128                        ::                                      Un    0      3        0 utun    
fdfe:dcba:9876::1/128                       ::                                      Un    0      3        0 utun    
fe80::/128                                  ::                                      Un    0      5        0 br-lan  
fe80::/128                                  ::                                      Un    0      3        0 eth1.45 
fe80::/128                                  ::                                      Un    0      3        0 eth1    
fe80::/128                                  ::                                      Un    0      3        0 utun    
fe80::*:*:*:c7d5/128               ::                                      Un    0      3        0 pppoe-wan
fe80::*:*:*:c7d5/128               ::                                      Un    0      3        0 eth1.45 
fe80::*:*:*:c7d5/128               ::                                      Un    0      2        0 eth1    
fe80::*:*:*:a448/128               ::                                      Un    0      2        0 utun    
fe80::*:*:*:1332/128               ::                                      Un    0      5        0 br-lan  
ff00::/8                                    ::                                      U     256    5        0 br-lan  
ff00::/8                                    ::                                      U     256    2        0 eth1    
ff00::/8                                    ::                                      U     256    2        0 eth1.45 
ff00::/8                                    ::                                      U     256    3        0 pppoe-wan
ff00::/8                                    ::                                      U     256    3        0 utun    
::/0                                        ::                                      !n    -1     2        0 lo      

#ip -6 route list
default from 240e:*:*:*::/64 via fe80::4e09:b4ff:fefc:2490 dev pppoe-wan proto static metric 512 pref medium
default from 240e:*:*:*::/56 via fe80::4e09:b4ff:fefc:2490 dev pppoe-wan proto static metric 512 pref medium
unreachable 240e:*:*:*::/64 dev lo proto static metric 2147483647 pref medium
240e:*:*:*::/64 dev br-lan proto static metric 1024 pref medium
240e:*:*:*::/64 dev pppoe-wan proto static metric 1024 pref medium
unreachable 240e:*:*:*::/56 dev lo proto static metric 2147483647 pref medium
fdfe:dcba:9876::/126 dev utun proto kernel metric 256 pref medium
fe80::*:*:*:2490 dev pppoe-wan proto kernel metric 256 pref medium
fe80::*:*:*:c7d5 dev pppoe-wan proto kernel metric 256 pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium
fe80::/64 dev eth1 proto kernel metric 256 pref medium
fe80::/64 dev eth1.45 proto kernel metric 256 pref medium
fe80::/64 dev utun proto kernel metric 256 pref medium

#ip -6 rule show
0:	from all lookup local
32764:	from all oif utun lookup 2022
32765:	from all oif utun lookup 2022
32766:	from all lookup main
4200000000:	from 240e:*:*:*:be24:11ff:fe30:1332/64 iif br-lan unreachable
4200000000:	from 240e:*:*:*:200:ff:fe00:0/64 iif pppoe-wan unreachable

#===================== Tun设备状态 =====================#

tap_softether: tap
utun: tun

#===================== 端口占用状态 =====================#

tcp        0      0 198.18.*.*:45325        0.0.*.*:*               LISTEN      31914/clash
tcp        0      0 :::9090                 :::*                    LISTEN      31914/clash
tcp        0      0 :::7890                 :::*                    LISTEN      31914/clash
tcp        0      0 :::7891                 :::*                    LISTEN      31914/clash
tcp        0      0 :::7895                 :::*                    LISTEN      31914/clash
tcp        0      0 :::7892                 :::*                    LISTEN      31914/clash
tcp        0      0 :::7893                 :::*                    LISTEN      31914/clash
tcp        0      0 :::7874                 :::*                    LISTEN      31914/clash
tcp        0      0 fdfe:dcba:9876::1:35063 :::*                    LISTEN      31914/clash
udp        0      0 :::59402                :::*                                31914/clash
udp        0      0 :::57938                :::*                                31914/clash
udp        0      0 :::7874                 :::*                                31914/clash
udp        0      0 :::7891                 :::*                                31914/clash
udp        0      0 :::7892                 :::*                                31914/clash
udp        0      0 :::7893                 :::*                                31914/clash
udp        0      0 :::7895                 :::*                                31914/clash

#===================== 测试本机DNS查询(www.baidu.com) =====================#

Server:		127.0.*.*
Address:	127.0.*.*:53

www.baidu.com	canonical name = www.a.shifen.com
Name:	www.a.shifen.com
Address: 183.2.*.*
Name:	www.a.shifen.com
Address: 183.2.*.*

www.baidu.com	canonical name = www.a.shifen.com
Name:	www.a.shifen.com
Address: 240e:*:*:*:0:ff:b014:8e8b
Name:	www.a.shifen.com
Address: 240e:*:*:*:0:ff:b042:f296


#===================== 测试内核DNS查询(www.instagram.com) =====================#

Status: 0
TC: false
RD: true
RA: true
AD: false
CD: false

Question: 
  Name: www.instagram.com.
  Qtype: 1
  Qclass: 1

Answer: 
  TTL: 1
  data: z-p42-instagram.c10r.instagram.com.
  name: www.instagram.com.
  type: 5

  TTL: 1
  data: 157.240.*.*
  name: z-p42-instagram.c10r.instagram.com.
  type: 1

Status: 0
TC: false
RD: true
RA: true
AD: false
CD: false

Question: 
  Name: www.instagram.com.
  Qtype: 28
  Qclass: 1

Answer: 
  TTL: 1
  data: z-p42-instagram.c10r.instagram.com.
  name: www.instagram.com.
  type: 5

  TTL: 1
  data: 2a03:*:*:*:face:b00c:0:4420
  name: z-p42-instagram.c10r.instagram.com.
  type: 28


Dnsmasq 当前默认 resolv 文件:/tmp/resolv.conf.d/resolv.conf.auto

#===================== /tmp/resolv.conf.auto =====================#

# Interface wan
nameserver 222.246.*.*
nameserver 59.51.*.*
# Interface wan_6
nameserver 240e:50:c800::210
nameserver 240e:50:5000::80

#===================== /tmp/resolv.conf.d/resolv.conf.auto =====================#

# Interface wan
nameserver 222.246.*.*
nameserver 59.51.*.*
# Interface wan_6
nameserver 240e:50:c800::210
nameserver 240e:50:5000::80

#===================== 测试本机网络连接(www.baidu.com) =====================#

HTTP/1.1 200 OK
Bdpagetype: 1
Bdqid: 0xadffa2f80222f112
Connection: keep-alive
Content-Length: 512436
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Feb 2025 02:13:04 GMT
Server: BWS/1.1
Set-Cookie: BIDUPSID=317A7AC2A2C1B256E1FC355122170326; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com
Set-Cookie: PSTM=1739758384; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com
Set-Cookie: BDSVRTM=3; path=/
Set-Cookie: BD_HOME=1; path=/
Set-Cookie: BAIDUID=317A7AC2A2C1B256E1FC355122170326:FG=1; Path=/; Domain=baidu.com; Max-Age=31536000
Set-Cookie: BAIDUID_BFESS=317A7AC2A2C1B256E1FC355122170326:FG=1; Path=/; Domain=baidu.com; Max-Age=31536000; Secure; SameSite=None
Traceid: 1739758384153071309812537919073694183698
Vary: Accept-Encoding
X-Ua-Compatible: IE=Edge,chrome=1
X-Xss-Protection: 1;mode=block


#===================== 测试本机网络下载(raw.githubusercontent.com) =====================#

HTTP/2 200 
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: "f6037a93c68519d7041a3b4df325b61c424ec255b45dfeb063371319e39b0d96"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 5292:3FCC66:10E6E1:1AF92E:67B29A4A
accept-ranges: bytes
date: Mon, 17 Feb 2025 02:13:05 GMT
via: 1.1 varnish
x-served-by: cache-hkg17935-HKG
x-cache: HIT
x-cache-hits: 0
x-timer: S1739758385.099169,VS0,VE1
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: d1faaf319b7979f614944d424898f67e21e8f85a
expires: Mon, 17 Feb 2025 02:18:05 GMT
source-age: 230
content-length: 1071

OpenClash Config



Expected Behavior


希望看看是不是更新后需要修改配置使用不但导致的


Additional Context


No response

      		
    

      
  





        



            

              
            

        

      


      
    








      

    



      

  
            

    

      
    

    


      

          @tian4546
tian4546




          added
  the 

  bug

  Something isn't working
 label


      Feb 17, 2025

    

  








      

  
      



  

  @vernesong





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      

  
    Owner


      

  


  

    

  





      


        


  
    

      
          
局域网测试没有问题

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
      



  

  @tian4546





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      



      

  Author


  


  

    

  





      


        


  
    

      
          
确实局域网没有问题,用外网 连手机热点测试就不行,要用7890 专门的http 端口,或者7893混合端口的socks 代理

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
      



  

  @leolee1998





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      



      

  


  

    

      

      
            leolee1998
  

      

      

      commented


        Feb 19, 2025


      
  

  

    
      

        
          edited
          
        
        
      

    
    
      
        
      Loading

      
    
  



    


  





      


        


  
    

      
          
7890/http外网可以连接,7893/socks5不行,openwrt 22.03.7 使用ipv6,升级到v0.46.076问题仍存在

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    
















  
  

    

      

  





  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                    




    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

      

    bug

  Something isn't working








      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          
  

    

      

        
          

            
    

    Development
  




              
    
No branches or pull requests







        
      

    

  


      

    

  
      

  

    

      3 participants
    

    

        
          @tian4546 
        
          @vernesong 
        
          @leolee1998