[Bug Report] mac地址代理白名单时无法正常 block 一个域名

Question

[Bug Report] mac地址代理白名单时无法正常 block 一个域名

douglarek opened this issue a year ago · comments

douglarek commented a year ago

Checks

I have searched the existing issues
I have read the documentation
Is it your first time sumbitting an issue

Current Behavior

我当前的路由配置：

pname(NetworkManager, systemd-resolved) -> direct

# miwifi
domain(full:api.miwifi.com)	-> block

# only proxy these devices
!mac('a')	-> direct(must)

dip(geoip:cn, geoip:private) -> direct
domain(geosite:cn) -> direct

fallback: proxy

按上面的设置，除了我 mac 地址为 a 的设备都能被代理，而不管设备有没有被代理它都应该不能访问 api.miwifi.com，但实际是在 b 电脑上依然能访问这个地址。

Expected Behavior

如果规则是按顺序执行，那么在所有设备上都不应该能访问 api.miwifi.com。

Steps to Reproduce

No response

Environment

Daed version:
0.3.2
OS (e.g cat /etc/os-release):
imm 23.05
Kernel (e.g. uname -a):
5.15.123
Others:

Anything else?

No response

dae-prow · Answer 1 · Sat Aug 12 2023 01:24:24 GMT+0800 (China Standard Time)

Thanks for opening this issue!

mzz · Answer 2 · Sat Aug 12 2023 01:28:31 GMT+0800 (China Standard Time)

@douglarek 正常，因为你的dns流量因为“must”而绕dae直连了，dae依靠dns来做域名分流

douglarek · Answer 3 · Sat Aug 12 2023 01:32:32 GMT+0800 (China Standard Time)

所以路由里面的规则 mac 最高，并不遵守严格顺序，所以优先级是什么? 如果这样能不能做到呢，考虑一种场景是我如果换成 direct 没有 must ，那么我未被代理的设备比如手机可能会自己开个代理，这样会有 dns 回环导致无法正常上国内网站。

mzz · Answer 4 · Sat Aug 12 2023 01:36:28 GMT+0800 (China Standard Time)

@douglarek 你的dns查询又不是domain，肯定match下面这一条mac的啊

mzz · Answer 5 · Sat Aug 12 2023 01:37:48 GMT+0800 (China Standard Time)

@douglarek 哪里有dns回环？

douglarek · Answer 6 · Sat Aug 12 2023 01:40:20 GMT+0800 (China Standard Time)

@douglarek 哪里有dns回环？

现在问题是这样，我手机上使用了 sing box 代理了浏览器，然后路由器刚开始配置的 !mac（a) 走 direct ，那么我手机上浏览器访问国内网站不通，如果把 direct 改成 direct must 通了。

douglarek · Answer 7 · Sat Aug 12 2023 01:42:22 GMT+0800 (China Standard Time)

我dns的查询默认是 domain.

mzz · Answer 8 · Sat Aug 12 2023 01:43:35 GMT+0800 (China Standard Time)

@douglarek 你不要先下结论是dns回环，这个问题的根本原因到底是不是回环，要先从日志里找证据

mzz · Answer 9 · Sat Aug 12 2023 01:45:45 GMT+0800 (China Standard Time)

@douglarek dns问题，上游是谁，拓扑怎么样，先画一下

douglarek · Answer 10 · Sat Aug 12 2023 09:58:12 GMT+0800 (China Standard Time)

@douglarek dns问题，上游是谁，拓扑怎么样，先画一下

mzz · Answer 11 · Sat Aug 12 2023 10:05:56 GMT+0800 (China Standard Time)

@douglarek 发的dhcp网关和dns是谁

douglarek · Answer 12 · Sat Aug 12 2023 10:09:21 GMT+0800 (China Standard Time)

@douglarek 发的dhcp网关和dns是谁

daed 默认 dns 配置：

upstream {
  alidns: 'udp://223.5.5.5:53'
  googledns: 'tcp+udp://8.8.8.8:53'
}
routing {
  request {
    # qname(full:api.miwifi.com) -> reject
    qname(suffix:lan) -> asis
    qname(geosite:cn) -> alidns
    fallback: googledns
  }
}

daed !mac('A') -> direct 规则下，手机 B 上访问国内域名（oschina.net），daed 日志：

time="Aug 12 02:06:22" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:22" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:22" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:22" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:22" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:22" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:22" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:22" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:23" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:23" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:23" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:23" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:23" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:23" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:23" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"
time="Aug 12 02:06:23" level=warning msg="No AddrPort presented: reading map: key [[::ffff:192.168.1.185]:50142, 17, 192.168.1.1:53]: lookup: key does not exist, data is too short to parse AddrHdr"

手机 B 上 sing-box 日志：

ERROR[27839] dns: exchange failed for www.oschina.net. IN A: context canceled.

sing-box dns 解析国内使用 dns 223.5.5.5.

mzz · Answer 13 · Sat Aug 12 2023 10:16:47 GMT+0800 (China Standard Time)

@douglarek 没有其他日志吗，这个日志没有什么用

douglarek · Answer 14 · Sat Aug 12 2023 10:19:02 GMT+0800 (China Standard Time)

@douglarek 没有其他日志吗，这个日志没有什么用

确实没什么关于上面国内域名访问的其他日志了。~~或许我打开 debug 试试~~ 打开 debug 也没有其他相关日志。

mzz · Answer 15 · Sat Aug 12 2023 10:28:52 GMT+0800 (China Standard Time)

@douglarek 不如在 dae 机器上 tcpdump 抓下包？连 25 Bytes 都没有

douglarek · Answer 16 · Sat Aug 12 2023 10:41:23 GMT+0800 (China Standard Time)

@douglarek 不如在 dae 机器上 tcpdump 抓下包？连 25 Bytes 都没有

在软路由上对手机 host 执行了 tcpdump（点击这里展开）

10:38:14.044150 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 68+ HTTPS? www.oschina.net. (33)
10:38:14.049610 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 69+ AAAA? www.oschina.net. (33)
10:38:14.049610 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 70+ A? www.oschina.net. (33)
10:38:14.052350 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 71+ AAAA? www.oschina.net. (33)
10:38:14.070007 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 72+ A? www.oschina.net. (33)
10:38:14.264861 IP 152.70.232.95.443 > Redmi-K40-Gaming.lan.41900: UDP, length 1439
10:38:14.264954 IP 152.70.232.95.443 > Redmi-K40-Gaming.lan.41900: UDP, length 1439
10:38:14.265012 IP 152.70.232.95.443 > Redmi-K40-Gaming.lan.41900: UDP, length 1439
10:38:14.265087 IP 152.70.232.95.443 > Redmi-K40-Gaming.lan.41900: UDP, length 1439
10:38:14.265135 IP 152.70.232.95.443 > Redmi-K40-Gaming.lan.41900: UDP, length 659
10:38:14.280135 IP Redmi-K40-Gaming.lan.41900 > 152.70.232.95.443: UDP, length 29
10:38:14.286926 IP Redmi-K40-Gaming.lan.41900 > 152.70.232.95.443: UDP, length 1252
10:38:14.287100 IP Redmi-K40-Gaming.lan.41900 > 152.70.232.95.443: UDP, length 325
10:38:14.366228 IP 152.70.232.95.443 > Redmi-K40-Gaming.lan.41900: UDP, length 27
10:38:14.380550 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 73+ AAAA? www.oschina.net. (33)
10:38:14.386773 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 74+ A? www.oschina.net. (33)
10:38:14.393197 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 75+ HTTPS? www.oschina.net. (33)
10:38:14.399208 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 76+ AAAA? www.oschina.net. (33)
10:38:14.401166 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 77+ A? www.oschina.net. (33)
10:38:14.550966 IP 152.70.232.95.443 > Redmi-K40-Gaming.lan.41900: UDP, length 551
10:38:14.575908 IP Redmi-K40-Gaming.lan.41900 > 152.70.232.95.443: UDP, length 72
10:38:14.679931 IP 152.70.232.95.443 > Redmi-K40-Gaming.lan.41900: UDP, length 28
10:38:15.067991 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 78+ A? www.oschina.net. (33)
10:38:15.067991 IP Redmi-K40-Gaming.lan.49741 > public1.alidns.com.53: 79+ AAAA? www.oschina.net. (33)
10:38:15.790072 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 1+ A? zz.bdstatic.com. (33)
10:38:15.790395 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 9+ A? visit.oschina.net. (35)
10:38:15.790395 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 2+ HTTPS? visit.oschina.net. (35)
10:38:15.790395 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 29+ A? www.oschina.net. (33)
10:38:15.790396 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 31+ AAAA? www.oschina.net. (33)
10:38:15.790396 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 34+ HTTPS? hmcdn.baidu.com. (33)
10:38:15.790750 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 39+ A? www.oschina.net. (33)
10:38:15.790750 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 3+ AAAA? zz.bdstatic.com. (33)
10:38:15.791870 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 4+ A? www.oschina.net. (33)
10:38:15.792091 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 5+ A? www.oschina.net. (33)
10:38:15.792427 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 6+ AAAA? www.oschina.net. (33)
10:38:15.793110 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 7+ AAAA? visit.oschina.net. (35)
10:38:15.801184 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 8+ HTTPS? visit.oschina.net. (35)
10:38:15.801184 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 10+ AAAA? visit.oschina.net. (35)
10:38:15.802692 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 11+ HTTPS? static.oschina.net. (36)
10:38:15.803401 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 12+ A? www.oschina.net. (33)
10:38:15.803402 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 13+ AAAA? static.oschina.net. (36)
10:38:15.803781 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 14+ A? visit.oschina.net. (35)
10:38:15.804354 IP Redmi-K40-Gaming.lan.56405 > public1.alidns.com.53: 15+ AAAA? visit.oschina.net. (35)
10:38:15.810000 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 1+ A? visit.oschina.net. (35)
10:38:15.811490 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 2+ A? www.oschina.net. (33)
10:38:15.818292 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 3+ HTTPS? static.oschina.net. (36)
10:38:15.821322 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 4+ AAAA? visit.oschina.net. (35)
10:38:15.821322 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 5+ HTTPS? visit.oschina.net. (35)
10:38:15.824895 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 6+ AAAA? visit.oschina.net. (35)
10:38:15.824895 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 7+ AAAA? www.oschina.net. (33)
10:38:15.824896 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 62+ A? static.oschina.net. (36)
10:38:15.824896 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 8+ A? www.oschina.net. (33)
10:38:15.825252 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 9+ A? www.oschina.net. (33)
10:38:15.825252 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 10+ A? www.oschina.net. (33)
10:38:15.825252 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 11+ AAAA? zz.bdstatic.com. (33)
10:38:15.849983 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 12+ HTTPS? hmcdn.baidu.com. (33)
10:38:15.849983 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 13+ AAAA? www.oschina.net. (33)
10:38:15.849983 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 14+ A? www.oschina.net. (33)
10:38:15.849983 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 15+ HTTPS? visit.oschina.net. (35)
10:38:15.849983 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 16+ A? visit.oschina.net. (35)
10:38:15.849983 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 17+ A? zz.bdstatic.com. (33)
10:38:15.849983 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 18+ AAAA? static.oschina.net. (36)
10:38:15.849983 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 19+ A? static.oschina.net. (36)
10:38:15.850471 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 20+ AAAA? visit.oschina.net. (35)
10:38:15.850472 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 21+ A? www.oschina.net. (33)
10:38:15.850472 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 22+ AAAA? hmcdn.baidu.com. (33)
10:38:15.850472 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 23+ HTTPS? www.oschina.net. (33)
10:38:15.850472 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 24+ A? static.oschina.net. (36)
10:38:15.850472 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 25+ AAAA? www.oschina.net. (33)
10:38:15.850473 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 26+ AAAA? www.oschina.net. (33)
10:38:15.850473 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 27+ AAAA? www.oschina.net. (33)
10:38:15.850875 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 28+ AAAA? static.oschina.net. (36)
10:38:15.850876 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 29+ AAAA? static.oschina.net. (36)
10:38:15.850876 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 30+ A? static.oschina.net. (36)
10:38:15.850876 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 31+ A? www.oschina.net. (33)
10:38:15.850876 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 32+ A? static.oschina.net. (36)
10:38:15.850876 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 33+ AAAA? www.oschina.net. (33)
10:38:15.850876 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 34+ A? www.oschina.net. (33)
10:38:15.850876 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 35+ AAAA? www.oschina.net. (33)
10:38:15.851274 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 36+ AAAA? www.oschina.net. (33)
10:38:15.851274 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 37+ A? visit.oschina.net. (35)
10:38:15.851275 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 38+ AAAA? www.oschina.net. (33)
10:38:15.851275 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 39+ A? lf1-cdn-tos.bytegoofy.com. (43)
10:38:15.851275 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 40+ A? visit.oschina.net. (35)
10:38:15.851275 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 41+ A? www.oschina.net. (33)
10:38:15.851275 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 42+ AAAA? visit.oschina.net. (35)
10:38:15.851275 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 43+ A? www.oschina.net. (33)
10:38:15.851672 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 44+ AAAA? static.oschina.net. (36)
10:38:15.851672 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 45+ AAAA? www.oschina.net. (33)
10:38:15.851672 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 46+ A? lf1-cdn-tos.bytegoofy.com. (43)
10:38:15.851672 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 47+ AAAA? lf1-cdn-tos.bytegoofy.com. (43)
10:38:15.851673 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 48+ A? hmcdn.baidu.com. (33)
10:38:15.851673 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 49+ A? zz.bdstatic.com. (33)
10:38:15.851673 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 50+ HTTPS? lf1-cdn-tos.bytegoofy.com. (43)
10:38:15.851673 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 51+ A? lf1-cdn-tos.bytegoofy.com. (43)
10:38:15.852075 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 52+ AAAA? lf1-cdn-tos.bytegoofy.com. (43)
10:38:15.852075 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 53+ HTTPS? zz.bdstatic.com. (33)
10:38:15.852075 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 54+ A? zz.bdstatic.com. (33)
10:38:15.852075 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 55+ AAAA? zz.bdstatic.com. (33)
10:38:15.852075 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 56+ HTTPS? hmcdn.baidu.com. (33)
10:38:15.852075 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 57+ A? hmcdn.baidu.com. (33)
10:38:15.852076 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 58+ AAAA? hmcdn.baidu.com. (33)
10:38:15.852076 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 59+ AAAA? lf1-cdn-tos.bytegoofy.com. (43)
10:38:15.852473 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 60+ AAAA? static.oschina.net. (36)
10:38:15.852473 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 61+ HTTPS? zz.bdstatic.com. (33)
10:38:15.852474 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 63+ AAAA? www.oschina.net. (33)
10:38:15.852474 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 64+ AAAA? www.oschina.net. (33)
10:38:15.852474 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 65+ HTTPS? www.oschina.net. (33)
10:38:15.852474 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 66+ A? www.oschina.net. (33)
10:38:15.852474 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 67+ A? hmcdn.baidu.com. (33)
10:38:15.852474 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 68+ AAAA? hmcdn.baidu.com. (33)
10:38:15.852880 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 69+ A? www.oschina.net. (33)
10:38:15.852880 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 70+ AAAA? zz.bdstatic.com. (33)
10:38:15.852880 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 71+ AAAA? www.oschina.net. (33)
10:38:15.852880 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 72+ AAAA? visit.oschina.net. (35)
10:38:15.852880 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 73+ A? visit.oschina.net. (35)
10:38:15.852880 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 74+ HTTPS? www.oschina.net. (33)
10:38:15.852880 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 75+ HTTPS? lf1-cdn-tos.bytegoofy.com. (43)
10:38:15.852881 IP Redmi-K40-Gaming.lan.52747 > public1.alidns.com.53: 76+ A? www.oschina.net. (33)
10:38:15.957732 IP Redmi-K40-Gaming.lan.35201 > public1.alidns.com.53: 1+ A? static.oschina.net. (36)
10:38:15.957986 IP Redmi-K40-Gaming.lan.35201 > public1.alidns.com.53: 2+ A? www.oschina.net. (33)
10:38:15.957987 IP Redmi-K40-Gaming.lan.35201 > public1.alidns.com.53: 3+ AAAA? www.oschina.net. (33)
10:38:15.958347 IP Redmi-K40-Gaming.lan.35201 > public1.alidns.com.53: 4+ AAAA? static.oschina.net. (36)
10:38:15.959323 IP Redmi-K40-Gaming.lan.35201 > public1.alidns.com.53: 5+ A? www.oschina.net. (33)
10:38:15.965863 IP Redmi-K40-Gaming.lan.33090 > public1.alidns.com.53: 1+ AAAA? static.oschina.net. (36)
10:38:15.974366 IP Redmi-K40-Gaming.lan.37949 > public1.alidns.com.53: 1+ AAAA? visit.oschina.net. (35)
10:38:16.830343 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 1+ A? zz.bdstatic.com. (33)
10:38:16.830612 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 2+ A? lf1-cdn-tos.bytegoofy.com. (43)
10:38:16.830612 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 3+ AAAA? lf1-cdn-tos.bytegoofy.com. (43)
10:38:16.830829 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 4+ AAAA? zz.bdstatic.com. (33)
10:38:16.968063 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 5+ AAAA? hmcdn.baidu.com. (33)
10:38:16.979464 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 6+ A? hmcdn.baidu.com. (33)
10:38:16.979893 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 7+ A? www.oschina.net. (33)
10:38:16.984624 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 8+ AAAA? www.oschina.net. (33)
10:38:17.312706 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 9+ A? www.oschina.net. (33)
10:38:17.324451 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 10+ AAAA? www.oschina.net. (33)
10:38:18.058074 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 11+ A? www.oschina.net. (33)
10:38:18.058074 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 12+ AAAA? www.oschina.net. (33)
10:38:18.505636 IP 111.202.0.60.443 > Redmi-K40-Gaming.lan.54350: Flags [P.], seq 1995101953:1995101991, ack 614914526, win 65, length 38
10:38:18.505723 IP 111.202.0.60.443 > Redmi-K40-Gaming.lan.54350: Flags [FP.], seq 38:61, ack 1, win 65, length 23
10:38:18.541881 IP 111.202.0.60.443 > Redmi-K40-Gaming.lan.54350: Flags [FP.], seq 38:61, ack 1, win 65, length 23
10:38:18.554336 IP Redmi-K40-Gaming.lan.54350 > 111.202.0.60.443: Flags [.], ack 38, win 210, length 0
10:38:18.554475 IP Redmi-K40-Gaming.lan.54350 > 111.202.0.60.443: Flags [.], ack 62, win 210, options [nop,nop,sack 1 {38:62}], length 0
10:38:18.557087 IP Redmi-K40-Gaming.lan.54350 > 111.202.0.60.443: Flags [P.], seq 1:24, ack 62, win 210, length 23
10:38:18.557612 IP Redmi-K40-Gaming.lan.54350 > 111.202.0.60.443: Flags [F.], seq 24, ack 62, win 210, length 0
10:38:18.610271 IP Redmi-K40-Gaming.lan.54350 > 111.202.0.60.443: Flags [F.], seq 24, ack 62, win 210, length 0
10:38:18.795718 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 13+ AAAA? www.oschina.net. (33)
10:38:18.796312 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 14+ AAAA? www.oschina.net. (33)
10:38:18.803378 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 15+ A? www.oschina.net. (33)
10:38:18.803989 IP Redmi-K40-Gaming.lan.42131 > public1.alidns.com.53: 16+ A? www.oschina.net. (33)
10:38:18.837972 IP Redmi-K40-Gaming.lan.54350 > 111.202.0.60.443: Flags [FP.], seq 1:24, ack 62, win 210, length 23

mzz · Answer 17 · Sat Aug 12 2023 10:51:35 GMT+0800 (China Standard Time)

daed 开了 trace 日志吗？日志太少了

mzz · Answer 18 · Sat Aug 12 2023 10:53:30 GMT+0800 (China Standard Time)

另外，你的daed机器上是不是有其他程序在53端口在监听？

douglarek · Answer 19 · Sat Aug 12 2023 11:03:02 GMT+0800 (China Standard Time)

daed 开了 trace 日志吗？日志太少了

打开 trace似乎也没有其他关于这个访问的日志。

另外，你的daed机器上是不是有其他程序在53端口在监听？

应该是 dnsmasq。但我理解这个影响吗，我是 pppoe 拨号的 wan，这个不会被代理吧。

ston · Answer 20 · Sat Aug 12 2023 11:17:09 GMT+0800 (China Standard Time)

应该是 dnsmasq。但我理解这个影响吗，我是 pppoe 拨号的 wan，这个不会被代理吧。

试试先把 dnsmasq 的监听 53 停掉。然后 dhcp 服务器（在你的情况应该也是 dnsmasq）分发个 223.5.5.5

mzz · Answer 21 · Sat Aug 12 2023 11:57:41 GMT+0800 (China Standard Time)

@douglarek 影响的，因为 dnsmasq 监听 any:53，导致 dae 劫持 dns 后无法绑定 223.5.5.5:53 进行回包，见置顶 issue

YYiiEt · Answer 22 · Sat Aug 12 2023 21:00:28 GMT+0800 (China Standard Time)

之前同样遇到了由dnsmsaq导致的类似问题，貌似直接发公共dns加关掉劫持就好了

uci -q batch << EOF
set dhcp.@dnsmasq[0].dns_redirect='0'
delete dhcp.lan.dns
delete dhcp.lan.dhcp_option
add_list dhcp.lan.dns='2400:3200::1'
add_list dhcp.lan.dhcp_option='6,223.5.5.5'
EOF
uci commit dhcp
/etc/init.d/dnsmasq restart

douglarek · Answer 23 · Tue Aug 22 2023 23:53:24 GMT+0800 (China Standard Time)

之前同样遇到了由dnsmsaq导致的类似问题，貌似直接发公共dns加关掉劫持就好了
uci -q batch << EOF
set dhcp.@dnsmasq[0].dns_redirect='0'
delete dhcp.lan.dns
delete dhcp.lan.dhcp_option
add_list dhcp.lan.dns='2400:3200::1'
add_list dhcp.lan.dhcp_option='6,223.5.5.5'
EOF
uci commit dhcp
/etc/init.d/dnsmasq restart

I have already tested this script, and it works like magic. I'm now going to close this issue unless the problem resurfaces. Thank you all for your contributions.