Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] enable_redirect_dns 忘记考虑 lan_ac_black_ip6s #3348

Closed
4 tasks done
ghost opened this issue Jun 18, 2023 · 4 comments
Closed
4 tasks done

[Bug] enable_redirect_dns 忘记考虑 lan_ac_black_ip6s #3348

ghost opened this issue Jun 18, 2023 · 4 comments
Labels
bug Something isn't working

Comments

@ghost
Copy link

ghost commented Jun 18, 2023

Verify Steps

  • Tracker 我已经在 Issue Tracker 中找过我要提出的问题
  • Latest 我已经使用最新 Dev 版本测试过,问题依旧存在
  • Core 这是 OpenClash 存在的问题,并非我所使用的 Clash 或 Meta 等内核的特定问题
  • Meaningful 我提交的不是无意义的 催促更新或修复 请求

OpenClash Version

v0.45.124-beta

Bug on Environment

Official OpenWrt

Bug on Platform

Linux-arm64

To Reproduce

打开 enable_redirect_dns 并设置 lan_ac_black_ips 和 lan_ac_black_ip6s

Describe the Bug

OpenClash/luci-app-openclash/root/etc/init.d/openclash

Line 1518 in 9ee0f02

ACBLACKDNSFILTER="ip saddr != @lan_ac_black_ips"

enable_redirect_dns 忘记考虑 lan_ac_black_ip6s,导致black list模式下内网用ipv6发出的dns请求未被正确处理。

OpenClash Log

无关。

OpenClash Config

No response

Expected Behavior

对ipv6和ipv4分别处理。

Screenshots

No response
@ghost ghost added the bug Something isn't working label Jun 18, 2023
@ghost ghost changed the title [Bug] [Bug] enable_redirect_dns 忘记考虑 lan_ac_black_ip6s Jun 18, 2023
@deuteros-gex
Copy link

ipv6是允许独立开闭的,不可能跟ipv4部分写到一起啊。

OpenClash/luci-app-openclash/root/etc/init.d/openclash

Line 1808 in 9ee0f02

ACBLACKDNSFILTER=""

这不就是你要的东西吗。

@ghost
Copy link
Author

ghost commented Jun 18, 2023

怪,我打开了enable v6,也填写了v6地址,但似乎这行完全没执行。
是因为检测到v4已经设置了一次所以自动跳过了?

OpenClash/luci-app-openclash/root/etc/init.d/openclash

Line 1805 in 9ee0f02

if [ -z "$(nft list chain inet fw4 dstnat |grep 'OpenClash DNS Hijack')" ]; then

@deuteros-gex
Copy link

似乎这行完全没执行
是因为检测到v4已经设置了一次所以自动跳过了?

似乎啊,shell读不明白的话,那直接看结果不就好了。
nft list table inet fw4把整个防火墙的状态输出到一个文件,然后把文件传到github来

@ghost
Copy link
Author

ghost commented Jun 18, 2023

破案了:

OpenClash/luci-app-openclash/root/etc/init.d/openclash

Line 1810 in 9ee0f02

ACBLACKDNSFILTER="ip saddr != @lan_ac_black_ipv6s" 

Error: conflicting protocols specified: ip6 vs. ip
add rule inet fw4 openclash_dns_redirect meta nfproto {ipv6} udp dport 53 ip saddr != @lan_ac_black_ipv6s ether saddr != @lan_ac_black_macs counter redirect to 7874
                                                                          ^^^^^^^^

改为 ip6 后恢复正常

vernesong pushed a commit that referenced this issue Jun 19, 2023
fix #3348 (#3350)
af7135c 
* fix #3348

* Update openclash
@ghost ghost closed this as completed Jun 19, 2023
zheshifandian pushed a commit to zheshifandian/OpenClash that referenced this issue Jun 22, 2023
@zheshifandian
fix vernesong#3348 (vernesong#3350)
8ffb391 
* fix vernesong#3348

* Update openclash
zheshifandian pushed a commit to zheshifandian/OpenClash that referenced this issue Jun 22, 2023
@zheshifandian
fix vernesong#3348 (vernesong#3350)
66ad07b 
* fix vernesong#3348

* Update openclash
zheshifandian pushed a commit to zheshifandian/OpenClash that referenced this issue Jun 25, 2023
@zheshifandian
fix vernesong#3348 (vernesong#3350)
b5e4b3b 
* fix vernesong#3348

* Update openclash
zheshifandian pushed a commit to zheshifandian/OpenClash that referenced this issue Jun 28, 2023
@zheshifandian
fix vernesong#3348 (vernesong#3350)
2f4b86e 
* fix vernesong#3348

* Update openclash
zheshifandian pushed a commit to zheshifandian/OpenClash that referenced this issue Jul 2, 2023
@zheshifandian
fix vernesong#3348 (vernesong#3350)
5a67f6d 
* fix vernesong#3348

* Update openclash
zheshifandian pushed a commit to zheshifandian/OpenClash that referenced this issue Jul 6, 2023
@zheshifandian
fix vernesong#3348 (vernesong#3350)
ac2af2b 
* fix vernesong#3348

* Update openclash
oppen321 pushed a commit to oppen321/OpenClash that referenced this issue Sep 21, 2024
fix vernesong#3348 (vernesong#3350)
017f5c5 
* fix vernesong#3348

* Update openclash
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@deuteros-gex