SurgeTeam
配置proxy-restricted-to-lan = false和gateway-restricted-to-lan = false,并关闭路由侧的NAT,且重新部署配置文件后,tvos端不再打印Drop packet from xxx的日志了,但问题现象和修改前一致,跨网段的访问依然无法从198.18.0.2查询到任何dns地址。
在路由侧抓包确认src-ip为10.1.2.xx的DNS查询数据包只有发送没有接收,再次尝试开启NAT,src-ip为10.1.0.1的数据包能得到正确回应。
关闭NAT在路由侧抓包截图:
开启NAT在路由侧抓包
配置文件中的[General]部分配置如下
[General]
loglevel = notify
skip-proxy = 127.0.0.1, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 100.64.0.0/10, localhost, *.local
exclude-simple-hostnames = true
always-real-ip = *.apple.com, *.srv.nintendo.net, *.stun.playstation.net, xbox.*.microsoft.com, *.xboxlive.com,*.msftncsi.com, *.3gppnetwork.org
test-timeout = 3
ipv6 = true
ipv6-vif = auto
use-local-host-item-for-proxy = true
read-etc-hosts = false
geoip-maxmind-url = https://raw.githubusercontent.com/Loyalsoldier/geoip/release/Country.mmdb
wifi-assist = true
all-hybrid = true
allow-hotspot-access = true
show-error-page-for-reject = true
compatibility-mode = 5
proxy-restricted-to-lan = false
gateway-restricted-to-lan = false
allow-wifi-access = false
http-listen = 0.0.0.0:8888
wifi-access-http-port = 8888
socks5-listen = 0.0.0.0:8889
wifi-access-socks5-port = 8889
Surge TVOS 版本: 5.14.2 (3406)
