这是一个创建于 767 天前的主题,其中的信息可能已经有所发展或是发生改变。
#download chinaip
https://raw.githubusercontent.com/17mon/china_ip_list/master/china_ip_list.txt
#tun2socks
https://github.com/xjasonlyu/tun2socks/releases/download/v2.4.1/tun2socks-darwin-amd64.zip
https://github.com/xjasonlyu/tun2socks/releases/download/v2.4.1/tun2socks-darwin-amd64-v3.zip
https://github.com/xjasonlyu/tun2socks/wiki/Examples#macos
sudo ./tun2socks-darwin-amd64 -device utun123 -proxy socks5://127.0.0.1:1080 -interface en0
sudo ifconfig utun123 198.18.0.1 198.18.0.1 up
pf.conf
#skip lo0
set skip on lo0
#china ip table
table <BYPASS_SNET> persist file "./china_ip_list.txt"
#ip
#本机 ip
local_ip= "192.168.1.2"
#局域网段
lan_net = "192.168.1.3/24"
#本机局域网上网接口
ext_if1 = "en0"
#网关 ip
ext_gw1 = "192.168.1.1"
#tun2socks
ext_if2 = "utun123"
ext_gw2 = "198.18.0.1"
#nat
no nat log on $ext_if1 from $local_ip to any
nat log on $ext_if1 from $lan_net to any -> $ext_if1
nat log on $ext_if2 from $lan_net to any -> $ext_if2
pass in log on $ext_if1 route-to ($ext_if2 $ext_gw2) proto {tcp udp} from any to {!<BYPASS_SNET> } port {80 443}
#加载生效 pf 规则
sudo pfctl -e -f pf.conf
#pflog0
sudo ifconfig pflog0 create
sudo tcpdump -n -e -ttt -i pflog0
保证 dns 结果正确
把 lan 其它设备的网关设置为 macos ip 就可以了
https://raw.githubusercontent.com/17mon/china_ip_list/master/china_ip_list.txt
#tun2socks
https://github.com/xjasonlyu/tun2socks/releases/download/v2.4.1/tun2socks-darwin-amd64.zip
https://github.com/xjasonlyu/tun2socks/releases/download/v2.4.1/tun2socks-darwin-amd64-v3.zip
https://github.com/xjasonlyu/tun2socks/wiki/Examples#macos
sudo ./tun2socks-darwin-amd64 -device utun123 -proxy socks5://127.0.0.1:1080 -interface en0
sudo ifconfig utun123 198.18.0.1 198.18.0.1 up
pf.conf
#skip lo0
set skip on lo0
#china ip table
table <BYPASS_SNET> persist file "./china_ip_list.txt"
#ip
#本机 ip
local_ip= "192.168.1.2"
#局域网段
lan_net = "192.168.1.3/24"
#本机局域网上网接口
ext_if1 = "en0"
#网关 ip
ext_gw1 = "192.168.1.1"
#tun2socks
ext_if2 = "utun123"
ext_gw2 = "198.18.0.1"
#nat
no nat log on $ext_if1 from $local_ip to any
nat log on $ext_if1 from $lan_net to any -> $ext_if1
nat log on $ext_if2 from $lan_net to any -> $ext_if2
pass in log on $ext_if1 route-to ($ext_if2 $ext_gw2) proto {tcp udp} from any to {!<BYPASS_SNET> } port {80 443}
#加载生效 pf 规则
sudo pfctl -e -f pf.conf
#pflog0
sudo ifconfig pflog0 create
sudo tcpdump -n -e -ttt -i pflog0
保证 dns 结果正确
把 lan 其它设备的网关设置为 macos ip 就可以了
 |
1
weeei 2022-10-21 23:31:36 +08:00
ClashX Pro 的增强功能也是使用 TUN 处理数据包,开启增强模式 + DNS 服务,不需要开允许局域网访问。
其它机器把网关和 DNS 设置为 ClashX 所在机器的 IP 就行。 以上对于带 TUN 功能的 Clash 版本都是可以的。 |
 |
2
yuange1975 OP @weeei X Pro 是什么原理 除了 fakedns 也是用 pf 吗
|
|
3
yuange1975 OP @weeei fakedns 也可以 但仅限于域名访问, 客户端 访问 ip 直连 要用其它方法了
|
Select Language