iPhone通过surge mac vm网关的请求 gateway.icloud.com 即使检测到sni也只能匹配到最后的final (错误情况)
Events
07:17:42.564239 [Connection] Handled by Surge Gateway VM
07:17:42.564409 [TLS] TLS Client Hello SNI: gateway.icloud.com
07:17:42.567553 [Rule] Rule matched: FINAL
07:17:42.567616 [Rule] Policy decision path: Final -> xxx -> xxx
07:17:42.567836 [Connector] Set up connection #0 via 🇯🇵a
07:17:42.568387 [DNS] Use local DNS mapping record for www.a.xxx
07:17:42.568779 [Socket] Connecting with address: xx.xx.xx.xx, bound to the primary interface (en0) explicitly under Enhanced Mode
07:17:42.611798 [Socket] Connected to address xx.xx.xx.xx in 42.9ms
07:17:42.611932 [Connector] TCP connection established
07:17:42.656244 [TLS] Proxy TLS handshake completed, negotiated cipher: TLS_AES_256_GCM_SHA384, protocol TLSv1.3
07:17:45.036211 [Connection] Client closed sending stream
07:17:46.186876 [Connection] Disconnect: Closed by remote
但如果用Mac本地的浏览器打开 gateway.icloud.com,就会匹配到正确的策略 (正确的预期情况)
Events
07:33:15.388973 [Connection] Incoming proxy protocol: HTTP
07:33:15.390386 [TLS] TLS Client Hello SNI: gateway.icloud.com
07:33:15.390923 [Rule] Sub-rule matched: .icloud.com(in iCloud.list)
07:33:15.390944 [Rule] Rule matched: RULE-SET iCloud.list
07:33:15.391083 [Rule] Policy decision path: iCloud -> ⬇️Download
07:33:15.391272 [Connector] Set up connection #0 via 🇺🇸b
07:33:15.391872 [DNS] Use local DNS mapping record for www.b.xxx
07:33:15.392294 [Socket] Connecting with address: xx.xx.xx.xx, bound to the primary interface (en0) explicitly under Enhanced Mode
07:33:15.532971 [Socket] Connected to address xx.xx.xx.xx in 140.6ms
07:33:15.533030 [Connector] TCP connection established
07:33:15.673789 [TLS] Proxy TLS handshake completed, negotiated cipher: TLS_AES_256_GCM_SHA384, protocol TLSv1.3
这种错误是哪里配置错误引起的吗?
