Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] sub-rule 中的 IP 规则导致不必要的 DNS 解析请求 #1798

Open
9 tasks done
Hubedge opened this issue Jan 19, 2025 · 0 comments
Open
9 tasks done

[Bug] sub-rule 中的 IP 规则导致不必要的 DNS 解析请求 #1798

Hubedge opened this issue Jan 19, 2025 · 0 comments
Labels
bug Something isn't working

Comments

@Hubedge
Copy link

Hubedge commented Jan 19, 2025
edited
Loading

验证步骤

  • 我已经阅读了 文档,了解所有我编写的配置文件项的含义,而不是大量堆砌看似有用的选项或默认值。
  • 我仔细看过 文档 并未解决问题
  • 我已在 Issue Tracker 中寻找过我要提出的问题,并且没有找到
  • 我是中文用户,而非其他语言用户
  • 我已经使用最新的 Alpha 分支版本测试过,问题依旧存在
  • 我提供了可以在本地重现该问题的服务器、客户端配置文件与流程,而不是一个脱敏的复杂客户端配置文件。
  • 我提供了可用于重现我报告的错误的最简配置,而不是依赖远程服务器或者堆砌大量对于复现无用的配置等。
  • 我提供了完整的日志,而不是出于对自身智力的自信而仅提供了部分认为有用的部分。
  • 我直接使用 Mihomo 命令行程序重现了错误,而不是使用其他工具或脚本。

操作系统

Windows 10

系统版本

Windows 10 22H2 (19045.5247)

Mihomo 版本

Mihomo Meta alpha-fc23318 windows amd64 with go1.23.4 Sun Jan 19 01:59:13 UTC 2025
Use tags: with_gvisor

配置文件

rules:
  - SUB-RULE,(DOMAIN,non-existent-domain.com),some-sub-rule
  - MATCH,DIRECT
sub-rules:
  some-sub-rule:
    - IP-CIDR,8.8.8.8/32,DIRECT  # <---------------- add no-resolve here ----------------
    - MATCH,DIRECT
external-controller: 127.0.0.1:9909
ipv6: true
mode: rule
mixed-port: 10809
socks-port: 0
port: 0
redir-port: 0
tproxy-port: 0
allow-lan: false
unified-delay: true
tcp-concurrent: false
log-level: debug
find-process-mode: strict
bind-address: "*"
lan-allowed-ips:
  - 0.0.0.0/0
  - ::/0
lan-disallowed-ips: []
authentication: []
skip-auth-prefixes:
  - 127.0.0.1/32
tun:
  enable: false
  device: Mihomo
  stack: mixed
  auto-route: true
  auto-redirect: false
  auto-detect-interface: true
  dns-hijack:
    - any:53
  route-exclude-address: []
  mtu: 1500
dns:
  enable: true
  ipv6: true
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/16
  fake-ip-filter:
    - "*"
    - +.lan
    - +.local
    - time.*.com
    - ntp.*.com
    - +.market.xiaomi.com
  use-hosts: false
  use-system-hosts: false
  nameserver:
    - https://one.one.one.one/dns-query
    - https://dns.google/dns-query
  proxy-server-nameserver:
    - https://120.53.53.53/dns-query
    - https://223.5.5.5/dns-query
  direct-nameserver:
    - https://120.53.53.53/dns-query
    - https://223.5.5.5/dns-query
  respect-rules: true
  default-nameserver:
    - https://223.5.5.5/dns-query
sniffer:
  enable: true
  parse-pure-ip: true
  force-dns-mapping: true
  override-destination: true
  sniff:
    HTTP:
      ports:
        - "80"
        - "443"
        - 8080-8880
      override-destination: true
    TLS:
      ports:
        - "443"
        - "8443"
    QUIC:
      ports:
        - "443"
        - "8443"
  skip-domain:
    - Mijia Cloud
    - +.push.apple.com
  force-domain: []
profile:
  store-selected: true
  store-fake-ip: true
geo-auto-update: true
geo-update-interval: 24
geodata-mode: true
geox-url:
  geoip: https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geoip.dat
  geosite: https://github.com/Yuu518/sing-box-rules/raw/release/geosite.dat
  mmdb: https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geoip.metadb
  asn: https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/GeoLite2-ASN.mmdb
hosts: {}

描述

对于以上配置,访问example.com时,因example.com不匹配DOMAIN,non-existent-domain.com,应不走some-sub-rule,因此不需要通过nameserverexample.com进行解析。但实际上,产生了相关解析请求,表现为 log1 中dns.googleone.one.one.one相关的请求。

如果在IP-CIDR,8.8.8.8/32,DIRECT处增加no-resolve,则无相关解析请求。

rules:
  - SUB-RULE,(DOMAIN,non-existent-domain.com),some-sub-rule
  - MATCH,DIRECT
sub-rules:
  some-sub-rule:
    - IP-CIDR,8.8.8.8/32,DIRECT  # <---------------- add no-resolve here ----------------
    - MATCH,DIRECT

重现方式

使用该配置,在powershell执行Invoke-WebRequest -Uri "http://example.com" -Proxy "http://127.0.0.1:10809",得到 log1
使用该配置,在高亮行增加no-resolve,在powershell执行Invoke-WebRequest -Uri "http://example.com" -Proxy "http://127.0.0.1:10809",得到 log2

日志

log1:

> .\mihomo-windows-amd64.exe -f sub-rule_dns_test.yaml
time="2025-01-20T00:38:33.514944000+08:00" level=info msg="Start initial configuration in progress"
time="2025-01-20T00:38:33.527205300+08:00" level=info msg="Geodata Loader mode: memconservative"
time="2025-01-20T00:38:33.527709100+08:00" level=info msg="Geosite Matcher implementation: succinct"
time="2025-01-20T00:38:33.531398600+08:00" level=info msg="Initial configuration complete, total time: 4ms"
time="2025-01-20T00:38:33.531913400+08:00" level=error msg="External controller listen error: listen tcp 127.0.0.1:9909: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted."
time="2025-01-20T00:38:33.533988900+08:00" level=info msg="Sniffer is loaded and working"
time="2025-01-20T00:38:33.534503600+08:00" level=info msg="Mixed(http+socks) proxy listening at: 127.0.0.1:10809"
time="2025-01-20T00:38:33.535534100+08:00" level=info msg="Start initial Compatible provider default"
time="2025-01-20T00:38:33.536053000+08:00" level=error msg="[GEO] Get GEO database update time error: CreateFile C:\\Users\\username/.config/mihomo/GeoSite.dat: The system cannot find the file specified."
time="2025-01-20T00:38:55.021880000+08:00" level=debug msg="Auth success from 127.0.0.1:59840 -> "
time="2025-01-20T00:38:55.023421900+08:00" level=debug msg="[Rule] use default rules"
time="2025-01-20T00:38:55.024962900+08:00" level=debug msg="[DNS] resolve example.com AAAA from https://dns.google:443/dns-query"
time="2025-01-20T00:38:55.027003900+08:00" level=debug msg="creating a new http client"
time="2025-01-20T00:38:55.024962900+08:00" level=debug msg="[DNS] resolve example.com AAAA from https://one.one.one.one:443/dns-query"
time="2025-01-20T00:38:55.028571100+08:00" level=debug msg="creating a new http client"
time="2025-01-20T00:38:55.028055000+08:00" level=debug msg="[https://dns.google:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:38:55.024962900+08:00" level=debug msg="[DNS] resolve example.com A from https://dns.google:443/dns-query"
time="2025-01-20T00:38:55.024962900+08:00" level=debug msg="[DNS] resolve example.com A from https://one.one.one.one:443/dns-query"
time="2025-01-20T00:38:55.030110600+08:00" level=debug msg="[DNS] resolve dns.google AAAA from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:38:55.031652800+08:00" level=debug msg="creating a new http client"
time="2025-01-20T00:38:55.032163900+08:00" level=debug msg="[https://223.5.5.5:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:38:55.030110600+08:00" level=debug msg="[DNS] resolve dns.google A from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:38:55.029083400+08:00" level=debug msg="[https://one.one.one.one:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:38:55.033702400+08:00" level=debug msg="[DNS] resolve one.one.one.one AAAA from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:38:55.033702400+08:00" level=debug msg="[DNS] resolve one.one.one.one A from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:38:55.070462400+08:00" level=debug msg="[DNS] dns.google --> [2001:4860:4860::8844 2001:4860:4860::8888] AAAA from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:38:55.071403800+08:00" level=debug msg="[DNS] one.one.one.one --> [2606:4700:4700::1001 2606:4700:4700::1111] AAAA from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:38:55.071917200+08:00" level=debug msg="[DNS] dns.google --> [8.8.8.8 8.8.4.4] A from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:38:55.072428700+08:00" level=debug msg="[DNS] one.one.one.one --> [1.0.0.1 1.1.1.1] A from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:38:55.074471600+08:00" level=debug msg="[Rule] use default rules"
time="2025-01-20T00:38:55.076040900+08:00" level=debug msg="[Rule] use default rules"
time="2025-01-20T00:38:55.116902800+08:00" level=info msg="[TCP] mihomo --> 1.1.1.1:443 match Match using DIRECT"
time="2025-01-20T00:38:55.132050400+08:00" level=debug msg="[DNS] cache hit one.one.one.one --> [2606:4700:4700::1001 2606:4700:4700::1111] AAAA, expire at 2025-01-20 01:25:20"
time="2025-01-20T00:38:55.132050400+08:00" level=debug msg="[DNS] cache hit one.one.one.one --> [1.0.0.1 1.1.1.1] A, expire at 2025-01-20 01:10:24"
time="2025-01-20T00:38:55.132050400+08:00" level=debug msg="re-creating the http client due to requesting https://one.one.one.one:443/dns-query: Get \"https://one.one.one.one:443/dns-query?dns=AAABAAABAAAAAAAAB2V4YW1wbGUDY29tAAAcAAE\": read tcp 192.168.123.149:59843->1.1.1.1:443: wsarecv: An existing connection was forcibly closed by the remote host."
time="2025-01-20T00:38:55.133077400+08:00" level=debug msg="[https://one.one.one.one:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:38:55.132562900+08:00" level=debug msg="[Rule] use default rules"
time="2025-01-20T00:38:55.351332700+08:00" level=info msg="[TCP] mihomo --> 1.0.0.1:443 match Match using DIRECT"
time="2025-01-20T00:38:55.360289900+08:00" level=debug msg="re-creating the http client due to requesting https://one.one.one.one:443/dns-query: Get \"https://one.one.one.one:443/dns-query?dns=AAABAAABAAAAAAAAB2V4YW1wbGUDY29tAAABAAE\": read tcp 192.168.123.149:59844->1.0.0.1:443: wsarecv: An existing connection was forcibly closed by the remote host."
time="2025-01-20T00:38:55.360289900+08:00" level=debug msg="[https://one.one.one.one:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:39:00.025406800+08:00" level=debug msg="[DNS] resolve example.com error: couldn't find ip"
time="2025-01-20T00:39:00.025406800+08:00" level=debug msg="[DNS] resolve example.com AAAA from https://one.one.one.one:443/dns-query"
time="2025-01-20T00:39:00.025406800+08:00" level=debug msg="[DNS] resolve example.com AAAA from https://dns.google:443/dns-query"
time="2025-01-20T00:39:00.027408800+08:00" level=debug msg="[DNS] cache hit one.one.one.one --> [1.0.0.1 1.1.1.1] A, expire at 2025-01-20 01:10:24"
time="2025-01-20T00:39:00.025406800+08:00" level=debug msg="[DNS] resolve example.com A from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:39:00.031330500+08:00" level=debug msg="creating a new http client"
time="2025-01-20T00:39:00.025406800+08:00" level=debug msg="re-creating the http client due to requesting https://dns.google:443/dns-query: Get \"https://dns.google:443/dns-query?dns=AAABAAABAAAAAAAAB2V4YW1wbGUDY29tAAABAAE\": context deadline exceeded"
time="2025-01-20T00:39:00.032859700+08:00" level=debug msg="[https://dns.google:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:39:00.027408800+08:00" level=debug msg="[DNS] cache hit one.one.one.one --> [2606:4700:4700::1001 2606:4700:4700::1111] AAAA, expire at 2025-01-20 01:25:20"
time="2025-01-20T00:39:00.025406800+08:00" level=debug msg="[DNS] resolve example.com AAAA from https://120.53.53.53:443/dns-query"
time="2025-01-20T00:39:00.034394700+08:00" level=debug msg="creating a new http client"
time="2025-01-20T00:39:00.025406800+08:00" level=debug msg="[DNS] resolve example.com A from https://120.53.53.53:443/dns-query"
time="2025-01-20T00:39:00.025406800+08:00" level=warning msg="[TCP] dial DIRECT (match Match/) mihomo --> 8.8.4.4:443 error: connect failed: dial tcp 8.8.4.4:443: operation was canceled"
time="2025-01-20T00:39:00.025406800+08:00" level=debug msg="[DNS] resolve example.com AAAA from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:39:00.034904000+08:00" level=debug msg="[https://120.53.53.53:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:39:00.033373400+08:00" level=debug msg="re-creating the http client due to requesting https://dns.google:443/dns-query: Get \"https://dns.google:443/dns-query?dns=AAABAAABAAAAAAAAB2V4YW1wbGUDY29tAAABAAE\": context deadline exceeded"
time="2025-01-20T00:39:00.033373400+08:00" level=debug msg="[DNS] cache hit dns.google --> [2001:4860:4860::8844 2001:4860:4860::8888] AAAA, expire at 2025-01-20 00:42:45"
time="2025-01-20T00:39:00.032345300+08:00" level=debug msg="[https://223.5.5.5:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:39:00.033373400+08:00" level=debug msg="[DNS] cache hit dns.google --> [8.8.8.8 8.8.4.4] A, expire at 2025-01-20 00:47:59"
time="2025-01-20T00:39:00.037447500+08:00" level=debug msg="[https://dns.google:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:39:00.047154000+08:00" level=debug msg="[Rule] use default rules"
time="2025-01-20T00:39:00.033885900+08:00" level=debug msg="[Rule] use default rules"
time="2025-01-20T00:39:00.065000400+08:00" level=debug msg="[DNS] example.com --> [2600:1406:bc00:53::b81e:94c8 2600:1406:3a00:21::173e:2e66 2600:1406:bc00:53::b81e:94ce 2600:1406:3a00:21::173e:2e65 2600:1408:ec00:36::1736:7f31 2600:1408:ec00:36::1736:7f24] AAAA from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:39:00.065518200+08:00" level=debug msg="[DNS] example.com --> [23.192.228.84 23.215.0.136 23.215.0.138 96.7.128.175 96.7.128.198 23.192.228.80] A from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:39:00.253093600+08:00" level=info msg="[TCP] 127.0.0.1:59840 --> example.com:80 match Match using DIRECT"
time="2025-01-20T00:39:05.026045800+08:00" level=debug msg="re-creating the http client due to requesting https://one.one.one.one:443/dns-query: Get \"https://one.one.one.one:443/dns-query?dns=AAABAAABAAAAAAAAB2V4YW1wbGUDY29tAAAcAAE\": context deadline exceeded"
time="2025-01-20T00:39:05.026045800+08:00" level=debug msg="re-creating the http client due to requesting https://dns.google:443/dns-query: Get \"https://dns.google:443/dns-query?dns=AAABAAABAAAAAAAAB2V4YW1wbGUDY29tAAAcAAE\": context deadline exceeded"
time="2025-01-20T00:39:05.029978100+08:00" level=debug msg="[https://dns.google:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:39:05.026153200+08:00" level=warning msg="[TCP] dial DIRECT (match Match/) mihomo --> 1.0.0.1:443 error: connect failed: dial tcp 1.0.0.1:443: operation was canceled"
time="2025-01-20T00:39:05.030492100+08:00" level=debug msg="re-creating the http client due to requesting https://dns.google:443/dns-query: Get \"https://dns.google:443/dns-query?dns=AAABAAABAAAAAAAAB2V4YW1wbGUDY29tAAAcAAE\": context deadline exceeded"
time="2025-01-20T00:39:05.026285900+08:00" level=debug msg="[https://one.one.one.one:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:39:05.032072300+08:00" level=debug msg="[https://dns.google:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:39:05.033100100+08:00" level=debug msg="re-creating the http client due to requesting https://one.one.one.one:443/dns-query: Get \"https://one.one.one.one:443/dns-query?dns=AAABAAABAAAAAAAAB2V4YW1wbGUDY29tAAAcAAE\": context deadline exceeded"
time="2025-01-20T00:39:05.034142800+08:00" level=debug msg="[https://one.one.one.one:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:39:21.091190200+08:00" level=warning msg="[TCP] dial DIRECT (match Match/) mihomo --> 8.8.4.4:443 error: connect failed: dial tcp 8.8.4.4:443: connectex: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond."


log2:

> .\mihomo-windows-amd64.exe -f sub-rule_dns_test.yaml
time="2025-01-20T00:41:14.701608300+08:00" level=info msg="Start initial configuration in progress"
time="2025-01-20T00:41:14.722982700+08:00" level=info msg="Geodata Loader mode: memconservative"
time="2025-01-20T00:41:14.722982700+08:00" level=info msg="Geosite Matcher implementation: succinct"
time="2025-01-20T00:41:14.726563500+08:00" level=info msg="Initial configuration complete, total time: 4ms"
time="2025-01-20T00:41:14.726563500+08:00" level=error msg="External controller listen error: listen tcp 127.0.0.1:9909: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted."
time="2025-01-20T00:41:14.728611800+08:00" level=info msg="Sniffer is loaded and working"
time="2025-01-20T00:41:14.729123000+08:00" level=info msg="Mixed(http+socks) proxy listening at: 127.0.0.1:10809"
time="2025-01-20T00:41:14.729642900+08:00" level=info msg="Start initial Compatible provider default"
time="2025-01-20T00:41:14.730157400+08:00" level=error msg="[GEO] Get GEO database update time error: CreateFile C:\\Users\\username/.config/mihomo/GeoSite.dat: The system cannot find the file specified."
time="2025-01-20T00:41:19.177729500+08:00" level=debug msg="Auth success from 127.0.0.1:59960 -> "
time="2025-01-20T00:41:19.178243300+08:00" level=debug msg="[Rule] use default rules"
time="2025-01-20T00:41:19.179290700+08:00" level=debug msg="[DNS] resolve example.com A from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:41:19.179290700+08:00" level=debug msg="[DNS] resolve example.com A from https://120.53.53.53:443/dns-query"
time="2025-01-20T00:41:19.179290700+08:00" level=debug msg="creating a new http client"
time="2025-01-20T00:41:19.179290700+08:00" level=debug msg="[https://120.53.53.53:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:41:19.179290700+08:00" level=debug msg="creating a new http client"
time="2025-01-20T00:41:19.179290700+08:00" level=debug msg="[DNS] resolve example.com AAAA from https://120.53.53.53:443/dns-query"
time="2025-01-20T00:41:19.179290700+08:00" level=debug msg="[DNS] resolve example.com AAAA from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:41:19.179805000+08:00" level=debug msg="[https://223.5.5.5:443/dns-query] using HTTP/2 for this upstream: <nil>"
time="2025-01-20T00:41:19.221071000+08:00" level=debug msg="[DNS] example.com --> [2600:1408:ec00:36::1736:7f31 2600:1406:3a00:21::173e:2e65 2600:1406:3a00:21::173e:2e66 2600:1406:bc00:53::b81e:94c8 2600:1406:bc00:53::b81e:94ce 2600:1408:ec00:36::1736:7f24] AAAA from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:41:19.221071000+08:00" level=debug msg="[DNS] example.com --> [96.7.128.198 23.215.0.138 23.215.0.136 23.192.228.84 23.192.228.80 96.7.128.175] A from https://223.5.5.5:443/dns-query"
time="2025-01-20T00:41:19.439609600+08:00" level=info msg="[TCP] 127.0.0.1:59960 --> example.com:80 match Match using DIRECT"
@Hubedge Hubedge added the bug Something isn't working label Jan 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Hubedge