MetaCubeX/mihomo

[Bug] DNS fallback 没有直接走代理,也没有命中规则

Closed this issue · 2 comments

lvii commented

Verify steps

  • I have read the documentation and understand the meaning of all configuration items I have written, avoiding a large number of seemingly useful options or default values.
  • I have not reviewed the documentation and resolve this issue.
  • I have not searched the Issue Tracker for the problem I am going to raise.
  • I have tested with the latest Alpha branch version, and the issue still persists.
  • I have provided server and client configuration files and processes that can reproduce the issue locally, rather than a desensitized complex client configuration file.
  • I have provided the simplest configuration that can reproduce the error I reported, rather than relying on remote servers, TUN, graphical client interfaces, or other closed-source software.
  • I have provided complete configuration files and logs, rather than providing only parts that I believe are useful due to confidence in my own intelligence.

Operating System

Linux

System Version

openwrt

Mihomo Version

Mihomo Meta alpha-gc17d7c0 linux arm64 with go1.22.6 Mon Aug 12 20:13:26 UTC 2024
Use tags: with_gvisor

Configuration File

  default-nameserver:
    - 123.125.81.6
    - 223.5.5.5

  nameserver:
    - https://123.125.81.6/dns-query
    - 'https://223.5.5.5/dns-query#h3=true'

  # fallback used when GEOIP country # isn't CN
  fallback:
    - 'tcp://8.8.8.8#PROXY'
    - 'https://1.1.1.1/dns-query#PROXY&h3=true'

rules:
 # ------------------------------------------------------------------
 # RULE
 # ------------------------------------------------------------------
 # Disable Youtube like UDP QUIC request
 - AND,((NETWORK,UDP),(DST-PORT,443)),REJECT
 # DNS
 - IP-CIDR,8.8.8.8/32,PROXY,no-resolve
 - IP-CIDR,8.8.4.4/32,PROXY,no-resolve
 - IP-CIDR,1.1.1.1/32,PROXY,no-resolve
 - IP-CIDR,1.0.0.1/32,PROXY,no-resolve

Description

fallback DNS 指定 #PROXY 但没有 直接走代理组 PROXY,显示 8.8.8.8:53 doesn't match any rule

2024-08-13 23:57:32 level=info msg="[TCP] 192.168.6.203:52945 --> pay.google.com:443 match RuleSet(www) using PROXY[tuic-jp]"
2024-08-13 23:57:32 level=debug msg="[DNS] pay.google.com --> 142.251.8.92"
2024-08-13 23:57:32 level=debug msg="[DNS] pay.google.com --> [142.251.8.92] A from tcp://8.8.8.8:53"
2024-08-13 23:57:32 level=info msg="[UDP] mihomo --> 1.1.1.1:443 doesn't match any rule using tuic-jp"
2024-08-13 23:57:32 level=debug msg="[https://1.1.1.1:443/dns-query] using HTTP/3 for this upstream: QUIC was faster"
2024-08-13 23:57:32 level=info msg="[UDP] mihomo --> 1.1.1.1:443 doesn't match any rule using tuic-jp"
2024-08-13 23:57:32 level=info msg="[TCP] mihomo --> 8.8.8.8:53 doesn't match any rule using tuic-jp"
2024-08-13 23:57:32 level=debug msg="[DNS] resolve pay.google.com A from tcp://8.8.8.8:53"
2024-08-13 23:57:32 level=debug msg="creating a new http client"
2024-08-13 23:57:32 level=debug msg="[DNS] resolve pay.google.com A from https://1.1.1.1:443/dns-query"
2024-08-13 23:57:32 level=debug msg="[Rule] use default rules"

2024-08-13 23:57:27 level=info msg="[TCP] 192.168.6.203:52942 --> www.google.com:443 match RuleSet(www) using PROXY[tuic-jp]"
2024-08-13 23:57:27 level=debug msg="[DNS] www.google.com --> 142.251.42.164"
2024-08-13 23:57:27 level=debug msg="[https://1.1.1.1:443/dns-query] using HTTP/2 for this upstream: <nil>"
2024-08-13 23:57:27 level=warning msg="[UDP] dial PROXY mihomo --> 1.1.1.1:443 error: context canceled"
2024-08-13 23:57:27 level=debug msg="[DNS] www.google.com --> [142.251.42.164] A from tcp://8.8.8.8:53"
2024-08-13 23:57:27 level=info msg="[TCP] mihomo --> 8.8.8.8:53 doesn't match any rule using tuic-jp"
2024-08-13 23:57:27 level=debug msg="New TuicV5 Client at 0x4000182430"
2024-08-13 23:57:27 level=debug msg="[DNS] resolve www.google.com A from tcp://8.8.8.8:53"
2024-08-13 23:57:27 level=debug msg="creating a new http client"
2024-08-13 23:57:27 level=debug msg="[DNS] resolve www.google.com A from https://1.1.1.1:443/dns-query"
2024-08-13 23:57:27 level=debug msg="[Rule] use default rules"

定义了 IP-CIDR,8.8.8.8/32,PROXY,no-resolve fallback 也没有命中,使用 curl 测试是可以命中的

$ curl -fsS --resolve 'dns.google:443:8.8.8.8' "https://dns.google/resolve?name=dropbox.com"
2024-08-14 00:01:56 level=info msg="[TCP] 192.168.6.203:53165 --> 8.8.8.8:443 match IPCIDR(8.8.8.8/32) using PROXY[tuic-jp]"
2024-08-14 00:01:56 level=debug msg="[Rule] use default rules"

Reproduction Steps

见描述

Logs

No response

xishang0128 commented

你指定了代理肯定 doesn't match any rule ,这是预期性为

lvii commented

@xishang0128

DNS 指定代理 #PROXYdoesn't match any rule 是指 已为 DNS 指定了 PROXY 无需匹配规则,直接走代理的意思么