Skip to content

sourceIP+ip路由错误 #5536

New issue
New issue
Open
Open
sourceIP+ip路由错误#5536
@aliothlab

Description

@aliothlab
aliothlab
opened on Jan 14, 2026

完整性要求

  • 我读完了 issue 模板中的所有注释,确保填写符合要求。
  • 我保证阅读了文档,了解所有我编写的配置文件项的含义,而不是大量堆砌看似有用的选项或默认值。
  • 我提供了完整的配置文件和日志,而不是出于自己的判断只给出截取的部分。
  • 我搜索了 issues, 没有发现已提出的类似问题。
  • 问题在 Release 最新的版本上可以成功复现

描述

升级26.1.13后,服务端sourceIP+ip路由错误

重现方式

配置如下

客户端配置

Details

{
  "log": {
    "loglevel": "debug"
  },
  "dns": {
    "servers": [
      {
        "address": "https://1.1.1.1/dns-query",
        "domains": ["geosite:geolocation-!cn"],
        "skipFallback": true
      },
      {
        "address": "localhost",
        "domains": ["geosite:cn"],
        "expectIPs": ["geoip:cn"],
        "skipFallback": true
      },
      {
        "address": "https://1.1.1.1/dns-query"
      }
    ]
  },
  "routing": {
    "rules": [
      {
        "port": 53,
        "outboundTag": "dns-out"
      },
      {
        "ip": ["geoip:cn", "geoip:private"],
        "outboundTag": "direct"
      },
      {
        "port": "0-65535",
        "outboundTag": "proxy"
      }
    ]
  },
  "inbounds": [
    {
      "tag": "all-in",
      "port": 12345,
      "protocol": "tunnel",
      "settings": {
        "network": "tcp,udp",
        "followRedirect": true
      },
      "sniffing": {
        "destOverride": ["https", "tls", "quic"],
        "enabled": true,
        "routeOnly": true
      },
      "streamSettings": {
        "sockopt": {
          "tproxy": "tproxy"
        }
      }
    }
  ],
  "outbounds": [
    {
      "tag": "proxy",
      "protocol": "vless",
      "settings": {
        "address": "ip",
        "port": 443,
        "id": "uuid",
        "encryption": "none",
        "flow": "xtls-rprx-vision",
        "testpre": 5
      },
      "streamSettings": {
        "network": "raw",
        "security": "reality",
        "realitySettings": {
          "fingerprint": "chrome",
          "serverName": "server_name",
          "password": "password",
          "shortId": "short_id"
        }
      }
    },
    {
      "tag": "direct",
      "protocol": "freedom"
    },
    {
      "tag": "block",
      "protocol": "blackhole"
    },
    {
      "tag": "dns-out",
      "protocol": "dns"
    }
  ]
}

服务端配置

Details

{
  "log": {
    "loglevel": "debug"
  },
  "inbounds": [
    {
      "tag": "vless-in",
      "port": 443,
      "protocol": "vless",
      "settings": {
        "clients": [
          {
            "id": "uuid",
            "flow": "xtls-rprx-vision"
          }
        ],
        "decryption": "none"
      },
      "streamSettings": {
        "network": "raw",
        "security": "reality",
        "realitySettings": {
          "target": "target:443",
          "serverNames": ["server_name"],
          "privateKey": "key",
          "shortIds": ["id"]
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "blackhole",
      "tag": "block"
    },
    {
      "protocol": "freedom",
      "tag": "direct"
    }
  ],
  "routing": {
    "domainStrategy": "IPOnDemand",
    "rules": [
      {
        "sourceIP": [
          "client_ip_v4",
          "client_ip_v6"
        ],
        "ip": ["geoip:!cn"],
        "outboundTag": "direct"
      }
    ]
  }
}

客户端日志

服务端日志

Details

Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.303976 from clientip:50610 accepted tcp:1.1.1.1:443 [vless-in >> block]
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.304008 [Info] [2599496118] app/dispatcher: default route for tcp:1.1.1.1:443
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.371645 from clientip:50630 accepted tcp:149.154.167.91:80 [vless-in >> block]
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.371796 from clientip:50606 accepted tcp:149.154.167.91:443 [vless-in >> block]
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.371796 [Info] [411876856] proxy/vless/inbound: firstLen = 581
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.371817 [Info] [411876856] proxy/vless/inbound: received request for tcp:149.154.167.91:80
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.371824 [Info] [2820209825] proxy/vless/inbound: firstLen = 454
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.371830 [Info] [411876856] app/dispatcher: default route for tcp:149.154.167.91:80
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.371835 [Info] [2820209825] proxy/vless/inbound: received request for tcp:149.154.167.91:443
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.371839 [Info] [2820209825] app/dispatcher: default route for tcp:149.154.167.91:443
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.375098 [Info] [922944364] proxy/vless/inbound: firstLen = 382
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.375130 [Info] [922944364] proxy/vless/inbound: received request for tcp:[2001:67c:4e8:f004::a]:443
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.375137 [Info] [922944364] app/dispatcher: default route for tcp:[2001:67c:4e8:f004::a]:443
Jan 14 10:09:31 archlinux xray[1095]: 2026/01/14 10:09:31.375129 from clientip:50614 accepted tcp:[2001:67c:4e8:f004::a]:443 [vless-in >> block]

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions