Skip to content

[Bug] nameserver-policy geosite 规则匹配顺序问题 #489

Closed
Closed
[Bug] nameserver-policy geosite 规则匹配顺序问题#489
@vincentlauvlwj

Description

@vincentlauvlwj
vincentlauvlwj
opened on Apr 6, 2023

Verify steps

  • 确保你使用的是本仓库最新的的 clash 或 clash Alpha 版本 Ensure you are using the latest version of Clash or Clash Premium from this repository.
  • 如果你可以自己 debug 并解决的话,提交 PR 吧 Is this something you can debug and fix? Send a pull request! Bug fixes and documentation fixes are welcome.
  • 我已经在 Issue Tracker 中找过我要提出的问题 I have searched on the issue tracker for a related issue.
  • 我已经使用 Alpha 分支版本测试过,问题依旧存在 I have tested using the dev branch, and the issue still exists.
  • 我已经仔细看过 Documentation 并无法自行解决问题 I have read the documentation and was unable to solve the issue.
  • 这是 Clash 核心的问题,并非我所使用的 Clash 衍生版本(如 OpenClash、KoolClash 等)的特定问题 This is an issue of the Clash core per se, not to the derivatives of Clash, like OpenClash or KoolClash.

Clash version

v1.14.3

What OS are you seeing the problem on?

Linux

Clash config

dns:
  nameserver-policy:
    'geosite:private,apple-cn,apple@cn,cn':
      - 114.114.114.114
    'geosite:geolocation-!cn':
      - 'https://8.8.8.8/dns-query#PROXY'

rules:
  - GEOSITE,private,DIRECT
  - GEOSITE,apple-cn,DIRECT
  - GEOSITE,apple@cn,DIRECT
  - GEOSITE,cn,DIRECT
  - GEOSITE,geolocation-!cn,PROXY
  - GEOIP,private,DIRECT
  - GEOIP,cn,DIRECT
  - MATCH,PROXY

Clash log

[DNS] resolve www.gstatic.com from https://8.8.8.8:443/dns-query
[DNS] www.gstatic.com --> [216.58.203.67], from https://8.8.8.8:443/dns-query"
[TCP] dial DIRECT (match GeoSite/cn) 192.168.50.190:56809 --> www.gstatic.com:80 error: connect failed: dial tcp 216.58.203.67:80: i/o timeout | connect failed: no ip address"

Description

我使用 nameserver-policy 配置了 DNS 分流,分流规则与 rules 中的分流规则是一致的,但在请求 www.gstatic.com 这个域名时出现了异常

如日志所示,请求 DNS 时,使用了境外的 DNS,得到了境外的 IP 地址,但实际连接时,却命中了 GeoSite/cn 规则,导致对境外 IP 发起直连,产生连接失败的问题

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions