Jump to content

Mihomo: Difference between revisions

From NixOS Wiki
← Older edit
Visual
Oluceps (talk | contribs)
22 edits
zh-cn translate
Klinger (talk | contribs)
trusted
871 edits
 
(6 intermediate revisions by one other user not shown)
Line 1: Line 1:
<languages/>
<translate>
<!--T:1-->
'''[https://github.com/MetaCubeX/mihomo/tree/Alpha mihomo]''' (formerly known as clash-meta), is a widely-used anti-censorship proxy application.


'''[https://github.com/MetaCubeX/mihomo/tree/Alpha mihomo]''' <span lang="en" dir="ltr">(formerly known as clash-meta), is a widely-used anti-censorship proxy application.</span>
<!--T:4-->
Enable mihomo service on NixOS:


<span lang="en" dir="ltr">Enable mihomo service on NixOS:</span>
<!--T:5-->
 
<syntaxhighlight lang="nix">
 
<span lang="zh" dir="ltr">(原名clash-meta)是广泛使用的反审查代理工具。</span>
 
<span lang="zh" dir="ltr">在NixOS上启用mihomo服务:</span><syntaxhighlight lang="nix">
services.mihomo = {
services.mihomo = {
   enable = true;
   enable = true;
Line 15: Line 16:
</syntaxhighlight>
</syntaxhighlight>


=== <span lang="en" dir="ltr">TUN Mode</span> ===
=== TUN Mode === <!--T:6-->
<span lang="en" dir="ltr">NOTICE: The [https://search.nixos.org/options?channel=unstable&show=services.mihomo.tunMode&from=0&size=50&sort=relevance&type=packages&query=mihomo tunMode option] in NixOS module only grants necessary permissions for the service. To actually enable TUN, you need to edit the '''configFile'''. See [https://wiki.metacubex.one/config/inbound/listeners/tun/?h=tun official documentation].</span>
 
=== <span lang="en" dir="ltr">Troubleshooting</span> ===
<span lang="en" dir="ltr">If encountering issues with transparent proxy:</span>
* <span lang="en" dir="ltr">Check kernel logs with <code>dmesg</code></span>
* <span lang="en" dir="ltr">If seeing massive "refuse" messages for specific network devices:</span>
** <span lang="en" dir="ltr">NixOS enables firewall by default, try disabling firewall</span>
** <span lang="en" dir="ltr">If problem is solved, try sequentially:</span>
*** <span lang="en" dir="ltr">Add tun device to <code>trustedInterfaces</code></span>
*** <span lang="en" dir="ltr">Disable <code>checkReversePath</code></span>
* <span lang="en" dir="ltr">If seeing massive "refuse" messages for specific ports:</span>
** <span lang="en" dir="ltr">Try allow the tproxy port in firewall if you're trying tproxy transparent proxy.</span>
 
 
=== <span lang="zh" dir="ltr">TUN模式</span> ===
<span lang="zh" dir="ltr">注意:NixOS模块中的tunMode选项仅会为服务授予必要权限,实际启用TUN需编辑'''configFile'''配置文件。参见[https://wiki.metacubex.one/config/inbound/listeners/tun/?h=tun 官方文档]。</span>


=== <span lang="zh" dir="ltr">常见问题</span> ===
<!--T:2-->
<span lang="zh" dir="ltr">如果使用代理软件透明代理遇到问题,请先:</span>
NOTICE: The [https://search.nixos.org/options?channel=unstable&show=services.mihomo.tunMode&from=0&size=50&sort=relevance&type=packages&query=mihomo tunMode option] in NixOS module only grants necessary permissions for the service. To actually enable TUN, you need to edit the '''configFile'''. See [https://wiki.metacubex.one/config/inbound/listeners/tun/?h=tun official documentation].


* <span lang="zh" dir="ltr">查看dmesg有无异常</span>
=== Troubleshooting === <!--T:3-->
** <span lang="zh" dir="ltr">出现大量refuse某一网络设备的消息</span>  <span lang="zh" dir="ltr">nixos 默认开启防火墙,关掉防火墙再尝试 如关掉防火墙后问题解决,依次尝试:将tun device添加到 trustedInterfaces,关掉 checkReversePath。</span>


== <span lang="en" dir="ltr">See also</span> ==
<!--T:7-->
If encountering issues with transparent proxy:
* Check kernel logs with <code>dmesg</code>
* If seeing massive "refuse" messages for specific network devices:
** NixOS enables firewall by default, try disabling firewall
** If problem is solved, try sequentially:
*** Add tun device to <code>trustedInterfaces</code>
*** Disable <code>checkReversePath</code>
* If seeing massive "refuse" messages for specific ports:
** Try allow the tproxy port in firewall if you're trying tproxy transparent proxy.


* [https://blog.nyaw.xyz/nixos-inwall-install <span lang="en" dir="ltr">NixOS installation and usage under a censored network (zh-cn)</span>]
== See also == <!--T:8-->


== 更多参考 ==
<!--T:9-->
* [https://blog.nyaw.xyz/nixos-inwall-install NixOS installation and usage under a censored network (zh-cn)]


* [https://blog.nyaw.xyz/nixos-inwall-install NixOS透明代理指南]
</translate>
[[Category:Applications]]
[[Category:Networking]]

Latest revision as of 16:22, 4 March 2025

Other languages:

mihomo (formerly known as clash-meta), is a widely-used anti-censorship proxy application.

Enable mihomo service on NixOS: 

services.mihomo = {
  enable = true;
  configFile = "/path/to/config.yaml";
  #...
};

TUN Mode

NOTICE: The tunMode option in NixOS module only grants necessary permissions for the service. To actually enable TUN, you need to edit the configFile. See official documentation.

Troubleshooting

If encountering issues with transparent proxy:

  • Check kernel logs with dmesg
  • If seeing massive "refuse" messages for specific network devices:
    • NixOS enables firewall by default, try disabling firewall
    • If problem is solved, try sequentially:
      • Add tun device to trustedInterfaces
      • Disable checkReversePath
  • If seeing massive "refuse" messages for specific ports:
    • Try allow the tproxy port in firewall if you're trying tproxy transparent proxy.

See also

Retrieved from "https://wiki.nixos.org/w/index.php?title=Mihomo&oldid=20468"