Mihomo: Difference between revisions
Marked this version for translation |
|||
| (One intermediate revision by one other user not shown) | |||
| Line 2: | Line 2: | ||
<translate> | <translate> | ||
<!--T:1--> | <!--T:1--> | ||
'''[https://github.com/MetaCubeX/mihomo/tree/Alpha mihomo]''' | '''[https://github.com/MetaCubeX/mihomo/tree/Alpha mihomo]''' (formerly known as clash-meta), is a widely-used anti-censorship proxy application. | ||
<!--T:4--> | <!--T:4--> | ||
Enable mihomo service on NixOS: | |||
<!--T:5--> | <!--T:5--> | ||
| Line 16: | Line 16: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
=== | === TUN Mode === <!--T:6--> | ||
<!--T:2--> | <!--T:2--> | ||
NOTICE: The [https://search.nixos.org/options?channel=unstable&show=services.mihomo.tunMode&from=0&size=50&sort=relevance&type=packages&query=mihomo tunMode option] in NixOS module only grants necessary permissions for the service. To actually enable TUN, you need to edit the '''configFile'''. See [https://wiki.metacubex.one/config/inbound/listeners/tun/?h=tun official documentation]. | |||
=== | === Troubleshooting === <!--T:3--> | ||
<!--T:7--> | <!--T:7--> | ||
If encountering issues with transparent proxy: | |||
* | * Check kernel logs with <code>dmesg</code> | ||
* | * If seeing massive "refuse" messages for specific network devices: | ||
** | ** NixOS enables firewall by default, try disabling firewall | ||
** | ** If problem is solved, try sequentially: | ||
*** | *** Add tun device to <code>trustedInterfaces</code> | ||
*** | *** Disable <code>checkReversePath</code> | ||
* | * If seeing massive "refuse" messages for specific ports: | ||
** | ** Try allow the tproxy port in firewall if you're trying tproxy transparent proxy. | ||
== | == See also == <!--T:8--> | ||
<!--T:9--> | <!--T:9--> | ||
* [https://blog.nyaw.xyz/nixos-inwall-install | * [https://blog.nyaw.xyz/nixos-inwall-install NixOS installation and usage under a censored network (zh-cn)] | ||
</translate> | </translate> | ||
[[Category:Applications]] | |||
[[Category:Networking]] | |||
Latest revision as of 16:22, 4 March 2025
mihomo (formerly known as clash-meta), is a widely-used anti-censorship proxy application.
Enable mihomo service on NixOS:
services.mihomo = {
enable = true;
configFile = "/path/to/config.yaml";
#...
};
TUN Mode
NOTICE: The tunMode option in NixOS module only grants necessary permissions for the service. To actually enable TUN, you need to edit the configFile. See official documentation.
Troubleshooting
If encountering issues with transparent proxy:
- Check kernel logs with
dmesg - If seeing massive "refuse" messages for specific network devices:
- NixOS enables firewall by default, try disabling firewall
- If problem is solved, try sequentially:
- Add tun device to
trustedInterfaces - Disable
checkReversePath
- Add tun device to
- If seeing massive "refuse" messages for specific ports:
- Try allow the tproxy port in firewall if you're trying tproxy transparent proxy.