|
|
相关文章推荐
|
憨厚的手电筒 · bat脚本删除、移动、复制文件_bat ...· 1 年前 · |
|
|
眼睛小的烤地瓜 · MySQL使用变量实现部分分组聚合-腾讯云开 ...· 2 年前 · |
|
|
买醉的野马 · Spring ...· 2 年前 · |
Code
›
[Bug] Linux 系统使用 tun 之后 docker 无法创建 network · Issue #2071 · Dreamacro/clash · GitHub
|
想表白的紫菜汤
2 年前 |
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.
You switched accounts on another tab or window.
Reload
to refresh your session.
如果你可以自己 debug 并解决的话,提交 PR 吧 Is this something you can
debug and fix
? Send a pull request! Bug fixes and documentation fixes are welcome.
我已经在
Issue Tracker
中找过我要提出的问题 I have searched on the
issue tracker
for a related issue.
我已经使用 dev 分支版本测试过,问题依旧存在 I have tested using the dev branch, and the issue still exists.
我已经仔细看过
Documentation
并无法自行解决问题 I have read the
documentation
and was unable to solve the issue.
这是 Clash 核心的问题,并非我所使用的 Clash 衍生版本(如 OpenClash、KoolClash 等)的特定问题 This is an issue of the Clash core
per se
, not to the derivatives of Clash, like OpenClash or KoolClash.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement . We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your accountVerify steps
Clash version
Premium 2022.04.11
What OS are you seeing the problem on?
Linux
Clash config
mixed-port: 7890
allow-lan: false
mode: rule
log-level: debug
ipv6: false
external-controller: 127.0.0.1:9090
profile:
store-selected: true
tun:
enable: true
stack: gvisor # system gvisor
auto-route: true
auto-detect-interface: true
dns-hijack:
- 127.0.0.1:53
dns:
enable: true
listen: 0.0.0.0:53
ipv6: false
nameserver:
- 8.8.8.8
- 1.1.1.1
enhanced-mode: fake-ip # fake-ip redir-host
fake-ip-range: 198.18.0.1/16
fake-ip-filter:
- '*.lan'
- '*.localdomain'
- '*.example'
- '*.invalid'
- '*.localhost'
- '*.test'
- '*.local'
- '*.home.arpa'
- router.asus.com
- localhost.sec.qq.com
- localhost.ptlogin2.qq.com
- '+.msftconnecttest.com'
Clash log
No response
Description
clash 使用 tun 之后,docker 无法创建网络, 关闭 tun 之后能够正常创建。
# docker network create test
Error response from daemon: could not find an available, non-overlapping IPv4 address pool among the defaults to assign to the network
未开启 clash 的路由表
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.4.1 0.0.0.0 UG 100 0 0 enx186571e8aeab
10.0.4.0 0.0.0.0 255.255.255.0 U 100 0 0 enx186571e8aeab
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 enx186571e8aeab
172.16.100.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-309fdbb50f02
192.168.54.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.4.1 0.0.0.0 UG 100 0 0 enx186571e8aeab
1.0.0.0 0.0.0.0 255.0.0.0 U 1 0 0 utun
2.0.0.0 0.0.0.0 254.0.0.0 U 1 0 0 utun
4.0.0.0 0.0.0.0 252.0.0.0 U 1 0 0 utun
8.0.0.0 0.0.0.0 248.0.0.0 U 1 0 0 utun
10.0.4.0 0.0.0.0 255.255.255.0 U 100 0 0 enx186571e8aeab
16.0.0.0 0.0.0.0 240.0.0.0 U 1 0 0 utun
32.0.0.0 0.0.0.0 224.0.0.0 U 1 0 0 utun
64.0.0.0 0.0.0.0 192.0.0.0 U 1 0 0 utun
128.0.0.0 0.0.0.0 128.0.0.0 U 1 0 0 utun
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 enx186571e8aeab
172.16.100.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-309fdbb50f02
192.168.54.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
198.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 utun
docker network 直接创建报错
docker network create test
Error response from daemon: could not find an available, non-overlapping IPv4 address pool among the defaults to assign to the network
指定 subnet 后正常创建
docker network create test --subnet 172.124.0.0/16
3b8def8e8f4cc3533caccbbff27148dab493ed4cc5111d006b2f42df419b29dc
手动修改 docker 配置后, 仍然是报错
cat /etc/docker/daemon.json
"default-address-pools":
{"base":"172.124.0.0/16","size":24}
但是手动指定 subnet 是可以创建的,感觉是docker创建 network 的时候查找路由表的时候出了什么情况。
建议用其它用户运行clash 关闭 auto-route: true 然后过滤掉内网常用IP段。建议参考https://blog.icpz.dev/articles/tools/setup-clash-premium-on-linux/ 然后在他这个service 添加
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
service 使用建议linux 内核大于4 低于的话Capabilities 会有bug 就会出现很多异常问题。
感谢, 这个版本可以正常用 docker 创建 network 了,tun 网络透明代理也能正常工作。
对比了下,发现 那 8 个 utun 的路由没有了。
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.4.1 0.0.0.0 UG 100 0 0 enx186571e8aeab
10.0.4.0 0.0.0.0 255.255.255.0 U 100 0 0 enx186571e8aeab
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 enx186571e8aeab
172.16.100.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-309fdbb50f02
172.19.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-5ebee6db6a9d
192.168.54.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
198.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 utun
我发现一个新的问题,docker 容器内 dns 解析不了,直接 ip 倒是可以
❯ sudo systemctl stop clash
❯ docker run --rm busybox ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: seq=0 ttl=52 time=183.856 ms
64 bytes from 1.1.1.1: seq=1 ttl=52 time=184.104 ms
--- 1.1.1.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 183.856/183.980/184.104 ms
❯ docker run --rm busybox nslookup www.baidu.com
Server: 10.2.254.3
Address: 10.2.254.3:53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com
Name: www.a.shifen.com
Address: 14.215.177.38
Name: www.a.shifen.com
Address: 14.215.177.39
*** Can't find www.baidu.com: No answer
❯ sudo systemctl start clash
❯ docker run --rm busybox ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: seq=0 ttl=52 time=184.458 ms
64 bytes from 1.1.1.1: seq=1 ttl=52 time=185.478 ms
64 bytes from 1.1.1.1: seq=2 ttl=52 time=183.875 ms
--- 1.1.1.1 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 183.875/184.603/185.478 ms
❯ docker run --rm busybox nslookup www.baidu.com
;; connection timed out; no servers could be reached
❯ docker run --rm busybox cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.2.254.3
我发现一个新的问题,docker 容器内 dns 解析不了,直接 ip 倒是可以
❯ sudo systemctl stop clash
❯ docker run --rm busybox ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: seq=0 ttl=52 time=183.856 ms
64 bytes from 1.1.1.1: seq=1 ttl=52 time=184.104 ms
--- 1.1.1.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 183.856/183.980/184.104 ms
❯ docker run --rm busybox nslookup www.baidu.com
Server: 10.2.254.3
Address: 10.2.254.3:53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com
Name: www.a.shifen.com
Address: 14.215.177.38
Name: www.a.shifen.com
Address: 14.215.177.39
*** Can't find www.baidu.com: No answer
❯ sudo systemctl start clash
❯ docker run --rm busybox ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: seq=0 ttl=52 time=184.458 ms
64 bytes from 1.1.1.1: seq=1 ttl=52 time=185.478 ms
64 bytes from 1.1.1.1: seq=2 ttl=52 time=183.875 ms
--- 1.1.1.1 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 183.875/184.603/185.478 ms
❯ docker run --rm busybox nslookup www.baidu.com
;; connection timed out; no servers could be reached
❯ docker run --rm busybox cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.2.254.3
在我的设备上无法复现
在 docker 内运行以下命令帮助诊断
ip addr
ip route
ip rule
ip route get <your-dns-addr> // ip route get 10.2.254.3
@Kr328 2022.4.16 的版本,启动一个 debian 容器并安装 iproute2 dnsutils iputils-ping
❯ clash -v
Clash latest linux amd64 with go1.18.1 Sat 16 Apr 2022 07:56:37 AM UTC
❯ sudo systemctl stop clash
❯ docker run --name debian -d debian sleep 10h
❯ docker exec debian bash -c 'sed -i "s@http://[^\.]*\.debian\.org@http://opentuna.cn@g" /etc/apt/sources.list && apt-get update && apt-get install -y iproute2 dnsutils iputils-ping'
❯ sudo systemctl start clash
输出容器内 ip 信息
❯ docker exec debian bash -c 'cat /etc/resolv.conf'
# Generated by NetworkManager
nameserver 192.168.50.1
❯ docker exec debian bash -c 'ip addr'
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
53: eth0@if54: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
❯ docker exec debian bash -c 'ip route'
default via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.3
❯ docker exec debian bash -c 'ip rule'
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
❯ docker exec debian bash -c 'ip route get 192.168.50.1'
192.168.50.1 via 172.17.0.1 dev eth0 src 172.17.0.3 uid 0
cache
容器内网络不通
❯ docker exec debian bash -c 'nslookup www.baidu.com'
;; connection timed out; no servers could be reached
ping ip 可以
❯ docker exec debian bash -c 'ping 192.168.50.1'
PING 192.168.50.1 (192.168.50.1) 56(84) bytes of data.
64 bytes from 192.168.50.1: icmp_seq=1 ttl=63 time=23.0 ms
64 bytes from 192.168.50.1: icmp_seq=2 ttl=63 time=33.5 ms
host 的路由表
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.50.1 0.0.0.0 UG 600 0 0 wlp1s0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 br-309fdbb50f02
172.16.100.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-309fdbb50f02
192.168.50.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp1s0
192.168.54.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
198.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 utun
root@tb14p-debian:/home/moon# ip rule
0: from all lookup local
8999: from all fwmark 0x1bf52 lookup 114
9000: from 0.0.0.0 iif lo lookup 1970566510
9010: from 198.18.0.1 iif lo lookup 1970566510
9020: from all iif utun lookup main suppress_prefixlength 0
9030: not from all iif lo lookup 1970566510
32766: from all lookup main
32767: from all lookup default
root@tb14p-debian:/home/moon# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION-STAGE-1 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all -- * br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- br-309fdbb50f02 !br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- br-309fdbb50f02 br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.2 tcp dpt:19999
0 0 ACCEPT tcp -- !br-309fdbb50f02 br-309fdbb50f02 0.0.0.0/0 172.18.0.2 tcp dpt:9443
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION-STAGE-2 all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION-STAGE-2 all -- br-309fdbb50f02 !br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
root@tb14p-debian:/home/moon# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0
0 0 MASQUERADE all -- * !br-309fdbb50f02 172.18.0.0/16 0.0.0.0/0
0 0 MASQUERADE tcp -- * * 172.18.0.2 172.18.0.2 tcp dpt:9443
0 0 MASQUERADE tcp -- * * 172.17.0.2 172.17.0.2 tcp dpt:19999
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- docker0 * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- br-309fdbb50f02 * 0.0.0.0/0 0.0.0.0/0
0 0 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:19999 to:172.17.0.2:19999
0 0 DNAT tcp -- !br-309fdbb50f02 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9443 to:172.18.0.2:9443
root@tb14p-debian:/home/moon# nft list ruleset
table ip nat {
chain DOCKER {
iifname "docker0" counter packets 0 bytes 0 return
iifname "br-309fdbb50f02" counter packets 0 bytes 0 return
iifname != "docker0" meta l4proto tcp tcp dport 19999 counter packets 0 bytes 0 dnat to 172.17.0.2:19999
iifname != "br-309fdbb50f02" meta l4proto tcp tcp dport 9443 counter packets 0 bytes 0 dnat to 172.18.0.2:9443
chain POSTROUTING {
type nat hook postrouting priority srcnat; policy accept;
oifname != "docker0" ip saddr 172.17.0.0/16 counter packets 0 bytes 0 masquerade
oifname != "br-309fdbb50f02" ip saddr 172.18.0.0/16 counter packets 0 bytes 0 masquerade
meta l4proto tcp ip saddr 172.18.0.2 ip daddr 172.18.0.2 tcp dport 9443 counter packets 0 bytes 0 masquerade
meta l4proto tcp ip saddr 172.17.0.2 ip daddr 172.17.0.2 tcp dport 19999 counter packets 0 bytes 0 masquerade
chain PREROUTING {
type nat hook prerouting priority dstnat; policy accept;
fib daddr type local counter packets 0 bytes 0 jump DOCKER
chain OUTPUT {
type nat hook output priority -100; policy accept;
ip daddr != 127.0.0.0/8 fib daddr type local counter packets 0 bytes 0 jump DOCKER
table ip filter {
chain DOCKER {
iifname != "docker0" oifname "docker0" meta l4proto tcp ip daddr 172.17.0.2 tcp dport 19999 counter packets 0 bytes 0 accept
iifname != "br-309fdbb50f02" oifname "br-309fdbb50f02" meta l4proto tcp ip daddr 172.18.0.2 tcp dport 9443 counter packets 0 bytes 0 accept
chain DOCKER-ISOLATION-STAGE-1 {
iifname "docker0" oifname != "docker0" counter packets 0 bytes 0 jump DOCKER-ISOLATION-STAGE-2
iifname "br-309fdbb50f02" oifname != "br-309fdbb50f02" counter packets 0 bytes 0 jump DOCKER-ISOLATION-STAGE-2
counter packets 0 bytes 0 return
chain DOCKER-ISOLATION-STAGE-2 {
oifname "docker0" counter packets 0 bytes 0 drop
oifname "br-309fdbb50f02" counter packets 0 bytes 0 drop
counter packets 0 bytes 0 return
chain FORWARD {
type filter hook forward priority filter; policy accept;
counter packets 0 bytes 0 jump DOCKER-USER
counter packets 0 bytes 0 jump DOCKER-ISOLATION-STAGE-1
oifname "docker0" ct state related,established counter packets 0 bytes 0 accept
oifname "docker0" counter packets 0 bytes 0 jump DOCKER
iifname "docker0" oifname != "docker0" counter packets 0 bytes 0 accept
iifname "docker0" oifname "docker0" counter packets 0 bytes 0 accept
oifname "br-309fdbb50f02" ct state related,established counter packets 0 bytes 0 accept
oifname "br-309fdbb50f02" counter packets 0 bytes 0 jump DOCKER
iifname "br-309fdbb50f02" oifname != "br-309fdbb50f02" counter packets 0 bytes 0 accept
iifname "br-309fdbb50f02" oifname "br-309fdbb50f02" counter packets 0 bytes 0 accept
chain DOCKER-USER {
counter packets 0 bytes 0 return
table ip clash {
chain local {
type route hook output priority filter; policy accept;
ip protocol != { tcp, udp } accept
meta cgroup 114514 accept
ip daddr { 10.0.0.0/8, 127.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 224.0.0.0/4 } accept
ct state new ct mark set 0x0001bf52
ct mark 0x0001bf52 meta mark set 0x0001bf52
chain forward {
type filter hook prerouting priority filter; policy accept;
ip protocol != { tcp, udp } accept
iif "utun" accept
ip daddr { 10.0.0.0/8, 127.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 224.0.0.0/4 } accept
meta mark set 0x0001bf52
chain local-dns-redirect {
type nat hook output priority filter; policy accept;
ip protocol != { tcp, udp } accept
meta cgroup 114514 accept
ip daddr 127.0.0.0/8 accept
udp dport 53 dnat to 127.0.0.1:53
tcp dport 53 dnat to 127.0.0.1:53
chain forward-dns-redirect {
type nat hook prerouting priority filter; policy accept;
ip protocol != { tcp, udp } accept
udp dport 53 dnat to 127.0.0.1:53
tcp dport 53 dnat to 127.0.0.1:53
开启抓包后 在容器内执行 nslookup www.baidu.com
docker0 没有抓到相关内容
root@tb14p-debian:/home/moon# tcpdump -i docker0 -v
tcpdump: listening on docker0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
10:37:01.801526 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.17.0.1 tell 172.17.0.3, length 28
10:37:01.801596 ARP, Ethernet (len 6), IPv4 (len 4), Reply 172.17.0.1 is-at 02:42:aa:ca:7f:1f (oui Unknown), length 28
10:37:34.825467 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.17.0.1 tell 172.17.0.3, length 28
10:37:34.825487 ARP, Ethernet (len 6), IPv4 (len 4), Reply 172.17.0.1 is-at 02:42:aa:ca:7f:1f (oui Unknown), length 28
4 packets captured
4 packets received by filter
0 packets dropped by kernel
utun 似乎也没有相关内容(没有tun0 抓的 utun)
root@tb14p-debian:/home/moon# tcpdump -i utun -v
tcpdump: listening on utun, link-type RAW (Raw IP), snapshot length 262144 bytes
10:38:22.624480 IP (tos 0x0, ttl 64, id 6277, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.28.https > 198.18.0.1.50452: Flags [F.], cksum 0x1af4 (correct), seq 2778670569, ack 3332046585, win 65535, options [nop,nop,TS val 3850699295 ecr 4098071472], length 0
10:38:22.625627 IP (tos 0x0, ttl 64, id 51874, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.50452 > 198.18.0.28.https: Flags [F.], cksum 0xde0a (correct), seq 1, ack 1, win 474, options [nop,nop,TS val 4098086590 ecr 3850699295], length 0
10:38:22.625857 IP (tos 0x0, ttl 64, id 6278, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.28.https > 198.18.0.1.50452: Flags [.], cksum 0x1af1 (correct), ack 2, win 65535, options [nop,nop,TS val 3850699297 ecr 4098071472], length 0
10:38:22.627575 IP (tos 0x0, ttl 64, id 51027, offset 0, flags [DF], proto TCP (6), length 60)
198.18.0.1.38422 > 198.18.0.68.https: Flags [S], cksum 0x4ea4 (correct), seq 2782972891, win 62720, options [mss 8960,sackOK,TS val 150226979 ecr 0,nop,wscale 7], length 0
10:38:22.627902 IP (tos 0x0, ttl 64, id 24431, offset 0, flags [none], proto TCP (6), length 60)
198.18.0.68.https > 198.18.0.1.38422: Flags [S.], cksum 0x0abc (correct), seq 3662361392, ack 2782972892, win 65535, options [mss 8960,sackOK,TS val 2355928822 ecr 150226979,nop,wscale 0], length 0
10:38:22.627984 IP (tos 0x0, ttl 64, id 51028, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.38422 > 198.18.0.68.https: Flags [.], cksum 0x54e3 (correct), ack 1, win 490, options [nop,nop,TS val 150226979 ecr 2355928822], length 0
10:38:22.628381 IP (tos 0x0, ttl 64, id 51029, offset 0, flags [DF], proto TCP (6), length 569)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x009f (correct), seq 1:518, ack 1, win 490, options [nop,nop,TS val 150226980 ecr 2355928822], length 517
10:38:22.628548 IP (tos 0x0, ttl 64, id 24432, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x54c7 (correct), ack 518, win 65535, options [nop,nop,TS val 2355928822 ecr 150226980], length 0
10:38:22.922737 IP (tos 0x0, ttl 64, id 24433, offset 0, flags [none], proto TCP (6), length 4615)
198.18.0.68.https > 198.18.0.1.38422: Flags [P.], cksum 0x457a (correct), seq 1:4564, ack 518, win 65535, options [nop,nop,TS val 2355929117 ecr 150226980], length 4563
10:38:22.922781 IP (tos 0x0, ttl 64, id 51030, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.38422 > 198.18.0.68.https: Flags [.], cksum 0x3ee0 (correct), ack 4564, win 455, options [nop,nop,TS val 150227274 ecr 2355929117], length 0
10:38:22.925210 IP (tos 0x0, ttl 64, id 51031, offset 0, flags [DF], proto TCP (6), length 116)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0xd383 (correct), seq 518:582, ack 4564, win 455, options [nop,nop,TS val 150227277 ecr 2355929117], length 64
10:38:22.925282 IP (tos 0x0, ttl 64, id 24434, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x40a2 (correct), ack 582, win 65471, options [nop,nop,TS val 2355929119 ecr 150227277], length 0
10:38:22.925386 IP (tos 0x0, ttl 64, id 51032, offset 0, flags [DF], proto TCP (6), length 144)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x9640 (correct), seq 582:674, ack 4564, win 455, options [nop,nop,TS val 150227277 ecr 2355929119], length 92
10:38:22.925449 IP (tos 0x0, ttl 64, id 24435, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x40a2 (correct), ack 674, win 65379, options [nop,nop,TS val 2355929119 ecr 150227277], length 0
10:38:22.925523 IP (tos 0x0, ttl 64, id 51033, offset 0, flags [DF], proto TCP (6), length 485)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0xd598 (correct), seq 674:1107, ack 4564, win 455, options [nop,nop,TS val 150227277 ecr 2355929119], length 433
10:38:22.925590 IP (tos 0x0, ttl 64, id 24436, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x40a2 (correct), ack 1107, win 64946, options [nop,nop,TS val 2355929119 ecr 150227277], length 0
10:38:23.026778 IP (tos 0x0, ttl 64, id 24437, offset 0, flags [none], proto TCP (6), length 631)
198.18.0.68.https > 198.18.0.1.38422: Flags [P.], cksum 0x1f2b (correct), seq 4564:5143, ack 1107, win 65535, options [nop,nop,TS val 2355929221 ecr 150227277], length 579
10:38:23.026829 IP (tos 0x0, ttl 64, id 51034, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.38422 > 198.18.0.68.https: Flags [.], cksum 0x3984 (correct), ack 5143, win 451, options [nop,nop,TS val 150227378 ecr 2355929221], length 0
10:38:23.027027 IP (tos 0x0, ttl 64, id 51035, offset 0, flags [DF], proto TCP (6), length 83)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x69d4 (correct), seq 1107:1138, ack 5143, win 451, options [nop,nop,TS val 150227379 ecr 2355929221], length 31
10:38:23.027107 IP (tos 0x0, ttl 64, id 24438, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x3b46 (correct), ack 1138, win 65504, options [nop,nop,TS val 2355929221 ecr 150227379], length 0
10:38:23.262160 IP (tos 0x0, ttl 64, id 24439, offset 0, flags [none], proto TCP (6), length 256)
198.18.0.68.https > 198.18.0.1.38422: Flags [P.], cksum 0x5e68 (correct), seq 5143:5347, ack 1138, win 65535, options [nop,nop,TS val 2355929456 ecr 150227379], length 204
10:38:23.262227 IP (tos 0x0, ttl 64, id 51036, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.38422 > 198.18.0.68.https: Flags [.], cksum 0x36c3 (correct), ack 5347, win 450, options [nop,nop,TS val 150227614 ecr 2355929456], length 0
10:38:23.263025 IP (tos 0x0, ttl 64, id 51037, offset 0, flags [DF], proto TCP (6), length 91)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x8d6d (correct), seq 1138:1177, ack 5347, win 450, options [nop,nop,TS val 150227615 ecr 2355929456], length 39
10:38:23.263056 IP (tos 0x0, ttl 64, id 51038, offset 0, flags [DF], proto TCP (6), length 87)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0xf007 (correct), seq 1177:1212, ack 5347, win 450, options [nop,nop,TS val 150227615 ecr 2355929456], length 35
10:38:23.263232 IP (tos 0x0, ttl 64, id 24440, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x3883 (correct), ack 1212, win 65461, options [nop,nop,TS val 2355929457 ecr 150227615], length 0
10:38:23.263248 IP (tos 0x0, ttl 64, id 51039, offset 0, flags [DF], proto TCP (6), length 250)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x3081 (correct), seq 1212:1410, ack 5347, win 450, options [nop,nop,TS val 150227615 ecr 2355929456], length 198
10:38:23.263282 IP (tos 0x0, ttl 64, id 51040, offset 0, flags [DF], proto TCP (6), length 502)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x41d9 (correct), seq 1410:1860, ack 5347, win 450, options [nop,nop,TS val 150227615 ecr 2355929457], length 450
10:38:23.263502 IP (tos 0x0, ttl 64, id 24441, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x35b1 (correct), ack 1860, win 65535, options [nop,nop,TS val 2355929457 ecr 150227615], length 0
10:38:23.565802 IP (tos 0x0, ttl 64, id 24442, offset 0, flags [none], proto TCP (6), length 129)
198.18.0.68.https > 198.18.0.1.38422: Flags [P.], cksum 0xfdff (correct), seq 5347:5424, ack 1860, win 65535, options [nop,nop,TS val 2355929760 ecr 150227615], length 77
10:38:23.566519 IP (tos 0x0, ttl 64, id 51041, offset 0, flags [DF], proto TCP (6), length 91)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x60cc (correct), seq 1860:1899, ack 5424, win 450, options [nop,nop,TS val 150227918 ecr 2355929760], length 39
10:38:23.566557 IP (tos 0x0, ttl 64, id 51042, offset 0, flags [DF], proto TCP (6), length 87)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0xf06e (correct), seq 1899:1934, ack 5424, win 450, options [nop,nop,TS val 150227918 ecr 2355929760], length 35
10:38:23.566786 IP (tos 0x0, ttl 64, id 24443, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x3305 (correct), ack 1934, win 65461, options [nop,nop,TS val 2355929761 ecr 150227918], length 0
10:38:26.875928 IP (tos 0x0, ttl 64, id 9352, offset 0, flags [DF], proto TCP (6), length 60)
198.18.0.1.49900 > 198.18.0.45.https: Flags [S], cksum 0x2300 (correct), seq 1363069075, win 62720, options [mss 8960,sackOK,TS val 2303336092 ecr 0,nop,wscale 7], length 0
10:38:26.876287 IP (tos 0x0, ttl 64, id 12008, offset 0, flags [none], proto TCP (6), length 60)
198.18.0.45.https > 198.18.0.1.49900: Flags [S.], cksum 0xb323 (correct), seq 3302972983, ack 1363069076, win 65535, options [mss 8960,sackOK,TS val 1699994728 ecr 2303336092,nop,wscale 0], length 0
10:38:26.876362 IP (tos 0x0, ttl 64, id 9353, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.49900 > 198.18.0.45.https: Flags [.], cksum 0xfd49 (correct), ack 1, win 490, options [nop,nop,TS val 2303336093 ecr 1699994728], length 0
10:38:26.876750 IP (tos 0x0, ttl 64, id 9354, offset 0, flags [DF], proto TCP (6), length 569)
198.18.0.1.49900 > 198.18.0.45.https: Flags [P.], cksum 0x5206 (correct), seq 1:518, ack 1, win 490, options [nop,nop,TS val 2303336093 ecr 1699994728], length 517
10:38:26.876843 IP (tos 0x0, ttl 64, id 12009, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.45.https > 198.18.0.1.49900: Flags [.], cksum 0xfd2d (correct), ack 518, win 65535, options [nop,nop,TS val 1699994729 ecr 2303336093], length 0
10:38:27.744242 IP (tos 0x0, ttl 64, id 12010, offset 0, flags [none], proto TCP (6), length 4487)
198.18.0.45.https > 198.18.0.1.49900: Flags [P.], cksum 0xb521 (correct), seq 1:4436, ack 518, win 65535, options [nop,nop,TS val 1699995596 ecr 2303336093], length 4435
10:38:27.744317 IP (tos 0x0, ttl 64, id 9355, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.49900 > 198.18.0.45.https: Flags [.], cksum 0xe34b (correct), ack 4436, win 456, options [nop,nop,TS val 2303336961 ecr 1699995596], length 0
10:38:27.748680 IP (tos 0x0, ttl 64, id 9356, offset 0, flags [DF], proto TCP (6), length 210)
198.18.0.1.49900 > 198.18.0.45.https: Flags [P.], cksum 0x6556 (correct), seq 518:676, ack 4436, win 456, options [nop,nop,TS val 2303336965 ecr 1699995596], length 158
10:38:27.748865 IP (tos 0x0, ttl 64, id 12011, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.45.https > 198.18.0.1.49900: Flags [.], cksum 0xe50a (correct), ack 676, win 65377, options [nop,nop,TS val 1699995601 ecr 2303336965], length 0
10:38:28.057993 IP (tos 0x0, ttl 64, id 12012, offset 0, flags [none], proto TCP (6), length 103)
198.18.0.45.https > 198.18.0.1.49900: Flags [P.], cksum 0x191a (correct), seq 4436:4487, ack 676, win 65535, options [nop,nop,TS val 1699995910 ecr 2303336965], length 51
10:38:28.058060 IP (tos 0x0, ttl 64, id 9357, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.49900 > 198.18.0.45.https: Flags [.], cksum 0xe006 (correct), ack 4487, win 456, options [nop,nop,TS val 2303337275 ecr 1699995910], length 0
10:38:28.059624 IP (tos 0x0, ttl 64, id 9358, offset 0, flags [DF], proto TCP (6), length 1625)
198.18.0.1.49900 > 198.18.0.45.https: Flags [P.], cksum 0x6120 (correct), seq 676:2249, ack 4487, win 456, options [nop,nop,TS val 2303337276 ecr 1699995910], length 1573
10:38:28.059789 IP (tos 0x0, ttl 64, id 12013, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.45.https > 198.18.0.1.49900: Flags [.], cksum 0xdba6 (correct), ack 2249, win 65535, options [nop,nop,TS val 1699995912 ecr 2303337276], length 0
10:38:35.814254 IP (tos 0x0, ttl 64, id 35281, offset 0, flags [none], proto TCP (6), length 83)
198.18.0.50.https > 198.18.0.1.58794: Flags [P.], cksum 0x85bb (correct), seq 335091995:335092026, ack 2681903078, win 65535, options [nop,nop,TS val 4145670013 ecr 1827278677], length 31
10:38:35.814338 IP (tos 0x0, ttl 64, id 9983, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.58794 > 198.18.0.50.https: Flags [.], cksum 0xcbff (correct), ack 31, win 456, options [nop,nop,TS val 1827308737 ecr 4145670013], length 0
10:38:35.814583 IP (tos 0x0, ttl 64, id 35282, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.50.https > 198.18.0.1.58794: Flags [F.], cksum 0x4333 (correct), seq 31, ack 1, win 65535, options [nop,nop,TS val 4145670013 ecr 1827278677], length 0
10:38:35.857482 IP (tos 0x0, ttl 64, id 9984, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.58794 > 198.18.0.50.https: Flags [.], cksum 0xcbd3 (correct), ack 32, win 456, options [nop,nop,TS val 1827308780 ecr 4145670013], length 0
10:38:35.967954 IP (tos 0x0, ttl 64, id 35283, offset 0, flags [none], proto TCP (6), length 83)
198.18.0.50.https > 198.18.0.1.58792: Flags [P.], cksum 0x767a (correct), seq 862073138:862073169, ack 89099727, win 65535, options [nop,nop,TS val 4145670167 ecr 1827278870], length 31
10:38:35.968030 IP (tos 0x0, ttl 64, id 57876, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.58792 > 198.18.0.50.https: Flags [.], cksum 0x37f5 (correct), ack 31, win 452, options [nop,nop,TS val 1827308890 ecr 4145670167], length 0
10:38:35.968274 IP (tos 0x0, ttl 64, id 35284, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.50.https > 198.18.0.1.58792: Flags [F.], cksum 0xaefc (correct), seq 31, ack 1, win 65535, options [nop,nop,TS val 4145670167 ecr 1827278870], length 0
10:38:36.009698 IP (tos 0x0, ttl 64, id 57877, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.58792 > 198.18.0.50.https: Flags [.], cksum 0x37ca (correct), ack 32, win 452, options [nop,nop,TS val 1827308932 ecr 4145670167], length 0
10:38:39.113715 IP (tos 0x0, ttl 64, id 48716, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.52868 > 198.18.0.47.https: Flags [.], cksum 0x224c (correct), ack 3791636889, win 443, options [nop,nop,TS val 1442290399 ecr 794290961], length 0
10:38:39.114019 IP (tos 0x0, ttl 64, id 26173, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.47.https > 198.18.0.1.52868: Flags [.], cksum 0x2405 (correct), ack 1, win 65535, options [nop,nop,TS val 794320970 ecr 1442260391], length 0
10:38:39.179672 IP (tos 0x0, ttl 64, id 48717, offset 0, flags [DF], proto TCP (6), length 1557)
198.18.0.1.52868 > 198.18.0.47.https: Flags [P.], cksum 0x6942 (correct), seq 1:1506, ack 1, win 443, options [nop,nop,TS val 1442290465 ecr 794320970], length 1505
10:38:39.179988 IP (tos 0x0, ttl 64, id 26174, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.47.https > 198.18.0.1.52868: Flags [.], cksum 0xa867 (correct), ack 1506, win 65535, options [nop,nop,TS val 794321036 ecr 1442290465], length 0
10:38:39.621868 IP (tos 0x0, ttl 64, id 26175, offset 0, flags [none], proto TCP (6), length 946)
198.18.0.47.https > 198.18.0.1.52868: Flags [P.], cksum 0x3416 (correct), seq 1:895, ack 1506, win 65535, options [nop,nop,TS val 794321478 ecr 1442290465], length 894
10:38:39.621938 IP (tos 0x0, ttl 64, id 48718, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.52868 > 198.18.0.47.https: Flags [.], cksum 0x9fba (correct), ack 895, win 443, options [nop,nop,TS val 1442290907 ecr 794321478], length 0
10:38:39.622086 IP (tos 0x0, ttl 64, id 26176, offset 0, flags [none], proto TCP (6), length 130)
198.18.0.47.https > 198.18.0.1.52868: Flags [P.], cksum 0x27a3 (correct), seq 895:973, ack 1506, win 65535, options [nop,nop,TS val 794321478 ecr 1442290465], length 78
10:38:39.622119 IP (tos 0x0, ttl 64, id 48719, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.52868 > 198.18.0.47.https: Flags [.], cksum 0x9f6b (correct), ack 973, win 443, options [nop,nop,TS val 1442290908 ecr 794321478], length 0
61 packets captured
108 packets received by filter
47 packets dropped by kernel
root@tb14p-debian:/home/moon# ip rule
0: from all lookup local
8999: from all fwmark 0x1bf52 lookup 114
9000: from 0.0.0.0 iif lo lookup 1970566510
9010: from 198.18.0.1 iif lo lookup 1970566510
9020: from all iif utun lookup main suppress_prefixlength 0
9030: not from all iif lo lookup 1970566510
32766: from all lookup main
32767: from all lookup default
root@tb14p-debian:/home/moon# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION-STAGE-1 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all -- * br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- br-309fdbb50f02 !br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- br-309fdbb50f02 br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.2 tcp dpt:19999
0 0 ACCEPT tcp -- !br-309fdbb50f02 br-309fdbb50f02 0.0.0.0/0 172.18.0.2 tcp dpt:9443
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION-STAGE-2 all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION-STAGE-2 all -- br-309fdbb50f02 !br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * br-309fdbb50f02 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
root@tb14p-debian:/home/moon# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0
0 0 MASQUERADE all -- * !br-309fdbb50f02 172.18.0.0/16 0.0.0.0/0
0 0 MASQUERADE tcp -- * * 172.18.0.2 172.18.0.2 tcp dpt:9443
0 0 MASQUERADE tcp -- * * 172.17.0.2 172.17.0.2 tcp dpt:19999
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- docker0 * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- br-309fdbb50f02 * 0.0.0.0/0 0.0.0.0/0
0 0 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:19999 to:172.17.0.2:19999
0 0 DNAT tcp -- !br-309fdbb50f02 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9443 to:172.18.0.2:9443
root@tb14p-debian:/home/moon# nft list ruleset
table ip nat {
chain DOCKER {
iifname "docker0" counter packets 0 bytes 0 return
iifname "br-309fdbb50f02" counter packets 0 bytes 0 return
iifname != "docker0" meta l4proto tcp tcp dport 19999 counter packets 0 bytes 0 dnat to 172.17.0.2:19999
iifname != "br-309fdbb50f02" meta l4proto tcp tcp dport 9443 counter packets 0 bytes 0 dnat to 172.18.0.2:9443
chain POSTROUTING {
type nat hook postrouting priority srcnat; policy accept;
oifname != "docker0" ip saddr 172.17.0.0/16 counter packets 0 bytes 0 masquerade
oifname != "br-309fdbb50f02" ip saddr 172.18.0.0/16 counter packets 0 bytes 0 masquerade
meta l4proto tcp ip saddr 172.18.0.2 ip daddr 172.18.0.2 tcp dport 9443 counter packets 0 bytes 0 masquerade
meta l4proto tcp ip saddr 172.17.0.2 ip daddr 172.17.0.2 tcp dport 19999 counter packets 0 bytes 0 masquerade
chain PREROUTING {
type nat hook prerouting priority dstnat; policy accept;
fib daddr type local counter packets 0 bytes 0 jump DOCKER
chain OUTPUT {
type nat hook output priority -100; policy accept;
ip daddr != 127.0.0.0/8 fib daddr type local counter packets 0 bytes 0 jump DOCKER
table ip filter {
chain DOCKER {
iifname != "docker0" oifname "docker0" meta l4proto tcp ip daddr 172.17.0.2 tcp dport 19999 counter packets 0 bytes 0 accept
iifname != "br-309fdbb50f02" oifname "br-309fdbb50f02" meta l4proto tcp ip daddr 172.18.0.2 tcp dport 9443 counter packets 0 bytes 0 accept
chain DOCKER-ISOLATION-STAGE-1 {
iifname "docker0" oifname != "docker0" counter packets 0 bytes 0 jump DOCKER-ISOLATION-STAGE-2
iifname "br-309fdbb50f02" oifname != "br-309fdbb50f02" counter packets 0 bytes 0 jump DOCKER-ISOLATION-STAGE-2
counter packets 0 bytes 0 return
chain DOCKER-ISOLATION-STAGE-2 {
oifname "docker0" counter packets 0 bytes 0 drop
oifname "br-309fdbb50f02" counter packets 0 bytes 0 drop
counter packets 0 bytes 0 return
chain FORWARD {
type filter hook forward priority filter; policy accept;
counter packets 0 bytes 0 jump DOCKER-USER
counter packets 0 bytes 0 jump DOCKER-ISOLATION-STAGE-1
oifname "docker0" ct state related,established counter packets 0 bytes 0 accept
oifname "docker0" counter packets 0 bytes 0 jump DOCKER
iifname "docker0" oifname != "docker0" counter packets 0 bytes 0 accept
iifname "docker0" oifname "docker0" counter packets 0 bytes 0 accept
oifname "br-309fdbb50f02" ct state related,established counter packets 0 bytes 0 accept
oifname "br-309fdbb50f02" counter packets 0 bytes 0 jump DOCKER
iifname "br-309fdbb50f02" oifname != "br-309fdbb50f02" counter packets 0 bytes 0 accept
iifname "br-309fdbb50f02" oifname "br-309fdbb50f02" counter packets 0 bytes 0 accept
chain DOCKER-USER {
counter packets 0 bytes 0 return
table ip clash {
chain local {
type
route hook output priority filter; policy accept;
ip protocol != { tcp, udp } accept
meta cgroup 114514 accept
ip daddr { 10.0.0.0/8, 127.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 224.0.0.0/4 } accept
ct state new ct mark set 0x0001bf52
ct mark 0x0001bf52 meta mark set 0x0001bf52
chain forward {
type filter hook prerouting priority filter; policy accept;
ip protocol != { tcp, udp } accept
iif "utun" accept
ip daddr { 10.0.0.0/8, 127.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 224.0.0.0/4 } accept
meta mark set 0x0001bf52
chain local-dns-redirect {
type nat hook output priority filter; policy accept;
ip protocol != { tcp, udp } accept
meta cgroup 114514 accept
ip daddr 127.0.0.0/8 accept
udp dport 53 dnat to 127.0.0.1:53
tcp dport 53 dnat to 127.0.0.1:53
chain forward-dns-redirect {
type nat hook prerouting priority filter; policy accept;
ip protocol != { tcp, udp } accept
udp dport 53 dnat to 127.0.0.1:53
tcp dport 53 dnat to 127.0.0.1:53
开启抓包后 在容器内执行 nslookup www.baidu.com docker0 没有抓到相关内容
root@tb14p-debian:/home/moon# tcpdump -i docker0 -v
tcpdump: listening on docker0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
10:37:01.801526 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.17.0.1 tell 172.17.0.3, length 28
10:37:01.801596 ARP, Ethernet (len 6), IPv4 (len 4), Reply 172.17.0.1 is-at 02:42:aa:ca:7f:1f (oui Unknown), length 28
10:37:34.825467 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.17.0.1 tell 172.17.0.3, length 28
10:37:34.825487 ARP, Ethernet (len 6), IPv4 (len 4), Reply 172.17.0.1 is-at 02:42:aa:ca:7f:1f (oui Unknown), length 28
4 packets captured
4 packets received by filter
0 packets dropped by kernel
utun 似乎也没有相关内容(没有tun0 抓的 utun)
root@tb14p-debian:/home/moon# tcpdump -i utun -v
tcpdump: listening on utun, link-type RAW (Raw IP), snapshot length 262144 bytes
10:38:22.624480 IP (tos 0x0, ttl 64, id 6277, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.28.https > 198.18.0.1.50452: Flags [F.], cksum 0x1af4 (correct), seq 2778670569, ack 3332046585, win 65535, options [nop,nop,TS val 3850699295 ecr 4098071472], length 0
10:38:22.625627 IP (tos 0x0, ttl 64, id 51874, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.50452 > 198.18.0.28.https: Flags [F.], cksum 0xde0a (correct), seq 1, ack 1, win 474, options [nop,nop,TS val 4098086590 ecr 3850699295], length 0
10:38:22.625857 IP (tos 0x0, ttl 64, id 6278, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.28.https > 198.18.0.1.50452: Flags [.], cksum 0x1af1 (correct), ack 2, win 65535, options [nop,nop,TS val 3850699297 ecr 4098071472], length 0
10:38:22.627575 IP (tos 0x0, ttl 64, id 51027, offset 0, flags [DF], proto TCP (6), length 60)
198.18.0.1.38422 > 198.18.0.68.https: Flags [S], cksum 0x4ea4 (correct), seq 2782972891, win 62720, options [mss 8960,sackOK,TS val 150226979 ecr 0,nop,wscale 7], length 0
10:38:22.627902 IP (tos 0x0, ttl 64, id 24431, offset 0, flags [none], proto TCP (6), length 60)
198.18.0.68.https > 198.18.0.1.38422: Flags [S.], cksum 0x0abc (correct), seq 3662361392, ack 2782972892, win 65535, options [mss 8960,sackOK,TS val 2355928822 ecr 150226979,nop,wscale 0], length 0
10:38:22.627984 IP (tos 0x0, ttl 64, id 51028, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.38422 > 198.18.0.68.https: Flags [.], cksum 0x54e3 (correct), ack 1, win 490, options [nop,nop,TS val 150226979 ecr 2355928822], length 0
10:38:22.628381 IP (tos 0x0, ttl 64, id 51029, offset 0, flags [DF], proto TCP (6), length 569)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x009f (correct), seq 1:518, ack 1, win 490, options [nop,nop,TS val 150226980 ecr 2355928822], length 517
10:38:22.628548 IP (tos 0x0, ttl 64, id 24432, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x54c7 (correct), ack 518, win 65535, options [nop,nop,TS val 2355928822 ecr 150226980], length 0
10:38:22.922737 IP (tos 0x0, ttl 64, id 24433, offset 0, flags [none], proto TCP (6), length 4615)
198.18.0.68.https > 198.18.0.1.38422: Flags [P.], cksum 0x457a (correct), seq 1:4564, ack 518, win 65535, options [nop,nop,TS val 2355929117 ecr 150226980], length 4563
10:38:22.922781 IP (tos 0x0, ttl 64, id 51030, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.38422 > 198.18.0.68.https: Flags [.], cksum 0x3ee0 (correct), ack 4564, win 455, options [nop,nop,TS val 150227274 ecr 2355929117], length 0
10:38:22.925210 IP (tos 0x0, ttl 64, id 51031, offset 0, flags [DF], proto TCP (6), length 116)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0xd383 (correct), seq 518:582, ack 4564, win 455, options [nop,nop,TS val 150227277 ecr 2355929117], length 64
10:38:22.925282 IP (tos 0x0, ttl 64, id 24434, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x40a2 (correct), ack 582, win 65471, options [nop,nop,TS val 2355929119 ecr 150227277], length 0
10:38:22.925386 IP (tos 0x0, ttl 64, id 51032, offset 0, flags [DF], proto TCP (6), length 144)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x9640 (correct), seq 582:674, ack 4564, win 455, options [nop,nop,TS val 150227277 ecr 2355929119], length 92
10:38:22.925449 IP (tos 0x0, ttl 64, id 24435, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x40a2 (correct), ack 674, win 65379, options [nop,nop,TS val 2355929119 ecr 150227277], length 0
10:38:22.925523 IP (tos 0x0, ttl 64, id 51033, offset 0, flags [DF], proto TCP (6), length 485)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0xd598 (correct), seq 674:1107, ack 4564, win 455, options [nop,nop,TS val 150227277 ecr 2355929119], length 433
10:38:22.925590 IP (tos 0x0, ttl 64, id 24436, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x40a2 (correct), ack 1107, win 64946, options [nop,nop,TS val 2355929119 ecr 150227277], length 0
10:38:23.026778 IP (tos 0x0, ttl 64, id 24437, offset 0, flags [none], proto TCP (6), length 631)
198.18.0.68.https > 198.18.0.1.38422: Flags [P.], cksum 0x1f2b (correct), seq 4564:5143, ack 1107, win 65535, options [nop,nop,TS val 2355929221 ecr 150227277], length 579
10:38:23.026829 IP (tos 0x0, ttl 64, id 51034, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.38422 > 198.18.0.68.https: Flags [.], cksum 0x3984 (correct), ack 5143, win 451, options [nop,nop,TS val 150227378 ecr 2355929221], length 0
10:38:23.027027 IP (tos 0x0, ttl 64, id 51035, offset 0, flags [DF], proto TCP (6), length 83)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x69d4 (correct), seq 1107:1138, ack 5143, win 451, options [nop,nop,TS val 150227379 ecr 2355929221], length 31
10:38:23.027107 IP (tos 0x0, ttl 64, id 24438, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x3b46 (correct), ack 1138, win 65504, options [nop,nop,TS val 2355929221 ecr 150227379], length 0
10:38:23.262160 IP (tos 0x0, ttl 64, id 24439, offset 0, flags [none], proto TCP (6), length 256)
198.18.0.68.https > 198.18.0.1.38422: Flags [P.], cksum 0x5e68 (correct), seq 5143:5347, ack 1138, win 65535, options [nop,nop,TS val 2355929456 ecr 150227379], length 204
10:38:23.262227 IP (tos 0x0, ttl 64, id 51036, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.38422 > 198.18.0.68.https: Flags [.], cksum 0x36c3 (correct), ack 5347, win 450, options [nop,nop,TS val 150227614 ecr 2355929456], length 0
10:38:23.263025 IP (tos 0x0, ttl 64, id 51037, offset 0, flags [DF], proto TCP (6), length 91)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x8d6d (correct), seq 1138:1177, ack 5347, win 450, options [nop,nop,TS val 150227615 ecr 2355929456], length 39
10:38:23.263056 IP (tos 0x0, ttl 64, id 51038, offset 0, flags [DF], proto TCP (6), length 87)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0xf007 (correct), seq 1177:1212, ack 5347, win 450, options [nop,nop,TS val 150227615 ecr 2355929456], length 35
10:38:23.263232 IP (tos 0x0, ttl 64, id 24440, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x3883 (correct), ack 1212, win 65461, options [nop,nop,TS val 2355929457 ecr 150227615], length 0
10:38:23.263248 IP (tos 0x0, ttl 64, id 51039, offset 0, flags [DF], proto TCP (6), length 250)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x3081 (correct), seq 1212:1410, ack 5347, win 450, options [nop,nop,TS val 150227615 ecr 2355929456], length 198
10:38:23.263282 IP (tos 0x0, ttl 64, id 51040, offset 0, flags [DF], proto TCP (6), length 502)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x41d9 (correct), seq 1410:1860, ack 5347, win 450, options [nop,nop,TS val 150227615 ecr 2355929457], length 450
10:38:23.263502 IP (tos 0x0, ttl 64, id 24441, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x35b1 (correct), ack 1860, win 65535, options [nop,nop,TS val 2355929457 ecr 150227615], length 0
10:38:23.565802 IP (tos 0x0, ttl 64, id 24442, offset 0, flags [none], proto TCP (6), length 129)
198.18.0.68.https > 198.18.0.1.38422: Flags [P.], cksum 0xfdff (correct), seq 5347:5424, ack 1860, win 65535, options [nop,nop,TS val 2355929760 ecr 150227615], length 77
10:38:23.566519 IP (tos 0x0, ttl 64, id 51041, offset 0, flags [DF], proto TCP (6), length 91)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0x60cc (correct), seq 1860:1899, ack 5424, win 450, options [nop,nop,TS val 150227918 ecr 2355929760], length 39
10:38:23.566557 IP (tos 0x0, ttl 64, id 51042, offset 0, flags [DF], proto TCP (6), length 87)
198.18.0.1.38422 > 198.18.0.68.https: Flags [P.], cksum 0xf06e (correct), seq 1899:1934, ack 5424, win 450, options [nop,nop,TS val 150227918 ecr 2355929760], length 35
10:38:23.566786 IP (tos 0x0, ttl 64, id 24443, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.68.https > 198.18.0.1.38422: Flags [.], cksum 0x3305 (correct), ack 1934, win 65461, options [nop,nop,TS val 2355929761 ecr 150227918], length 0
10:38:26.875928 IP (tos 0x0, ttl 64, id 9352, offset 0, flags [DF], proto TCP (6), length 60)
198.18.0.1.49900 > 198.18.0.45.https: Flags [S], cksum 0x2300 (correct), seq 1363069075, win 62720, options [mss 8960,sackOK,TS val 2303336092 ecr 0,nop,wscale 7], length 0
10:38:26.876287 IP (tos 0x0, ttl 64, id 12008, offset 0, flags [none], proto TCP (6), length 60)
198.18.0.45.https > 198.18.0.1.49900: Flags [S.], cksum 0xb323 (correct), seq 3302972983, ack 1363069076, win 65535, options [mss 8960,sackOK,TS val 1699994728 ecr 2303336092,nop,wscale 0], length 0
10:38:26.876362 IP (tos 0x0, ttl 64, id 9353, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.49900 > 198.18.0.45.https: Flags [.], cksum 0xfd49 (correct), ack 1, win 490, options [nop,nop,TS val 2303336093 ecr 1699994728], length 0
10:38:26.876750 IP (tos 0x0, ttl 64, id 9354, offset 0, flags [DF], proto TCP (6), length 569)
198.18.0.1.49900 > 198.18.0.45.https: Flags [P.], cksum 0x5206 (correct), seq 1:518, ack 1, win 490, options [nop,nop,TS val 2303336093 ecr 1699994728], length 517
10:38:26.876843 IP (tos 0x0, ttl 64, id 12009, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.45.https > 198.18.0.1.49900: Flags [.], cksum 0xfd2d (correct), ack 518, win 65535, options [nop,nop,TS val 1699994729 ecr 2303336093], length 0
10:38:27.744242 IP (tos 0x0, ttl 64, id 12010, offset 0, flags [none], proto TCP (6), length 4487)
198.18.0.45.https > 198.18.0.1.49900: Flags [P.], cksum 0xb521 (correct), seq 1:4436, ack 518, win 65535, options [nop,nop,TS val 1699995596 ecr 2303336093], length 4435
10:38:27.744317 IP (tos 0x0, ttl 64, id 9355, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.49900 > 198.18.0.45.https: Flags [.], cksum 0xe34b (correct), ack 4436, win 456, options [nop,nop,TS val 2303336961 ecr 1699995596], length 0
10:38:27.748680 IP (tos 0x0, ttl 64, id 9356, offset 0, flags [DF], proto TCP (6), length 210)
198.18.0.1.49900 > 198.18.0.45.https: Flags [P.], cksum 0x6556 (correct), seq 518:676, ack 4436, win 456, options [nop,nop,TS val 2303336965 ecr 1699995596], length 158
10:38:27.748865 IP (tos 0x0, ttl 64, id 12011, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.45.https > 198.18.0.1.49900: Flags [.], cksum 0xe50a (correct), ack 676, win 65377, options [nop,nop,TS val 1699995601 ecr 2303336965], length 0
10:38:28.057993 IP (tos 0x0, ttl 64, id 12012, offset 0, flags [none], proto TCP (6), length 103)
198.18.0.45.https > 198.18.0.1.49900: Flags [P.], cksum 0x191a (correct), seq 4436:4487, ack 676, win 65535, options [nop,nop,TS val 1699995910 ecr 2303336965], length 51
10:38:28.058060 IP (tos 0x0, ttl 64, id 9357, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.49900 > 198.18.0.45.https: Flags [.], cksum 0xe006 (correct), ack 4487, win 456, options [nop,nop,TS val 2303337275 ecr 1699995910], length 0
10:38:28.059624 IP (tos 0x0, ttl 64, id 9358, offset 0, flags [DF], proto TCP (6), length 1625)
198.18.0.1.49900 > 198.18.0.45.https: Flags [P.], cksum 0x6120 (correct), seq 676:2249, ack 4487, win 456, options [nop,nop,TS val 2303337276 ecr 1699995910], length 1573
10:38:28.059789 IP (tos 0x0, ttl 64, id 12013, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.45.https > 198.18.0.1.49900: Flags [.], cksum 0xdba6 (correct), ack 2249, win 65535, options [nop,nop,TS val 1699995912 ecr 2303337276], length 0
10:38:35.814254 IP (tos 0x0, ttl 64, id 35281, offset 0, flags [none], proto TCP (6), length 83)
198.18.0.50.https > 198.18.0.1.58794: Flags [P.], cksum 0x85bb (correct), seq 335091995:335092026, ack 2681903078, win 65535, options [nop,nop,TS val 4145670013 ecr 1827278677], length 31
10:38:35.814338 IP (tos 0x0, ttl 64, id 9983, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.58794 > 198.18.0.50.https: Flags [.], cksum 0xcbff (correct), ack 31, win 456, options [nop,nop,TS val 1827308737 ecr 4145670013], length 0
10:38:35.814583 IP (tos 0x0, ttl 64, id 35282, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.50.https > 198.18.0.1.58794: Flags [F.], cksum 0x4333 (correct), seq 31, ack 1, win 65535, options [nop,nop,TS val 4145670013 ecr 1827278677], length 0
10:38:35.857482 IP (tos 0x0, ttl 64, id 9984, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.58794 > 198.18.0.50.https: Flags [.], cksum 0xcbd3 (correct), ack 32, win 456, options [nop,nop,TS val 1827308780 ecr 4145670013], length 0
10:38:35.967954 IP (tos 0x0, ttl 64, id 35283, offset 0, flags [none], proto TCP (6), length 83)
198.18.0.50.https > 198.18.0.1.58792: Flags [P.], cksum 0x767a (correct), seq 862073138:862073169, ack 89099727, win 65535, options [nop,nop,TS val 4145670167 ecr 1827278870], length 31
10:38:35.968030 IP (tos 0x0, ttl 64, id 57876, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.58792 > 198.18.0.50.https: Flags [.], cksum 0x37f5 (correct), ack 31, win 452, options [nop,nop,TS val 1827308890 ecr 4145670167], length 0
10:38:35.968274 IP (tos 0x0, ttl 64, id 35284, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.50.https > 198.18.0.1.58792: Flags [F.], cksum 0xaefc (correct), seq 31, ack 1, win 65535, options [nop,nop,TS val 4145670167 ecr 1827278870], length 0
10:38:36.009698 IP (tos 0x0, ttl 64, id 57877, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.58792 > 198.18.0.50.https: Flags [.], cksum 0x37ca (correct), ack 32, win 452, options [nop,nop,TS val 1827308932 ecr 4145670167], length 0
10:38:39.113715 IP (tos 0x0, ttl 64, id 48716, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.52868 > 198.18.0.47.https: Flags [.], cksum 0x224c (correct), ack 3791636889, win 443, options [nop,nop,TS val 1442290399 ecr 794290961], length 0
10:38:39.114019 IP (tos 0x0, ttl 64, id 26173, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.47.https > 198.18.0.1.52868: Flags [.], cksum 0x2405 (correct), ack 1, win 65535, options [nop,nop,TS val 794320970 ecr 1442260391], length 0
10:38:39.179672 IP (tos 0x0, ttl 64, id 48717, offset 0, flags [DF], proto TCP (6), length 1557)
198.18.0.1.52868 > 198.18.0.47.https: Flags [P.], cksum 0x6942 (correct), seq 1:1506, ack 1, win 443, options [nop,nop,TS val 1442290465 ecr 794320970], length 1505
10:38:39.179988 IP (tos 0x0, ttl 64, id 26174, offset 0, flags [none], proto TCP (6), length 52)
198.18.0.47.https > 198.18.0.1.52868: Flags [.], cksum 0xa867 (correct), ack 1506, win 65535, options [nop,nop,TS val 794321036 ecr 1442290465], length 0
10:38:39.621868 IP (tos 0x0, ttl 64, id 26175, offset 0, flags [none], proto TCP (6), length 946)
198.18.0.47.https > 198.18.0.1.52868: Flags [P.], cksum 0x3416 (correct), seq 1:895, ack 1506, win 65535, options [nop,nop,TS val 794321478 ecr 1442290465], length 894
10:38:39.621938 IP (tos 0x0, ttl 64, id 48718, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.52868 > 198.18.0.47.https: Flags [.], cksum 0x9fba (correct), ack 895, win 443, options [nop,nop,TS val 1442290907 ecr 794321478], length 0
10:38:39.622086 IP (tos 0x0, ttl 64, id 26176, offset 0, flags [none], proto TCP (6), length 130)
198.18.0.47.https > 198.18.0.1.52868: Flags [P.], cksum 0x27a3 (correct), seq 895:973, ack 1506, win 65535, options [nop,nop,TS val 794321478 ecr 1442290465], length 78
10:38:39.622119 IP (tos 0x0, ttl 64, id 48719, offset 0, flags [DF], proto TCP (6), length 52)
198.18.0.1.52868 > 198.18.0.47.https: Flags [.], cksum 0x9f6b (correct), ack 973, win 443, options [nop,nop,TS val 1442290908 ecr 794321478], length 0
61 packets captured
108 packets received by filter
47 packets dropped by kernel
把 clash-premium-installer 卸载掉吧 现在的 premium 已经不再需要这个了
推荐文章