Mihomo: Difference between revisions
Add mihomo |
zh-cn translate |
||
| Line 1: | Line 1: | ||
'''[https://github.com/MetaCubeX/mihomo/tree/Alpha mihomo]''' (formerly known as clash-meta), is a widely-used anti-censorship proxy application. | '''[https://github.com/MetaCubeX/mihomo/tree/Alpha mihomo]''' <span lang="en" dir="ltr">(formerly known as clash-meta), is a widely-used anti-censorship proxy application.</span> | ||
Enable mihomo service on NixOS: | <span lang="en" dir="ltr">Enable mihomo service on NixOS:</span> | ||
<syntaxhighlight lang="nix"> | |||
<span lang="zh" dir="ltr">(原名clash-meta)是广泛使用的反审查代理工具。</span> | |||
<span lang="zh" dir="ltr">在NixOS上启用mihomo服务:</span><syntaxhighlight lang="nix"> | |||
services.mihomo = { | services.mihomo = { | ||
enable = true; | enable = true; | ||
| Line 12: | Line 15: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
=== TUN Mode === | === <span lang="en" dir="ltr">TUN Mode</span> === | ||
NOTICE: The [https://search.nixos.org/options?channel=unstable&show=services.mihomo.tunMode&from=0&size=50&sort=relevance&type=packages&query=mihomo tunMode option] in NixOS module only grants necessary permissions for the service. To actually enable TUN, you need to edit the '''configFile'''. See [https://wiki.metacubex.one/config/inbound/listeners/tun/?h=tun official documentation]. | <span lang="en" dir="ltr">NOTICE: The [https://search.nixos.org/options?channel=unstable&show=services.mihomo.tunMode&from=0&size=50&sort=relevance&type=packages&query=mihomo tunMode option] in NixOS module only grants necessary permissions for the service. To actually enable TUN, you need to edit the '''configFile'''. See [https://wiki.metacubex.one/config/inbound/listeners/tun/?h=tun official documentation].</span> | ||
=== <span lang="en" dir="ltr">Troubleshooting</span> === | |||
<span lang="en" dir="ltr">If encountering issues with transparent proxy:</span> | |||
* <span lang="en" dir="ltr">Check kernel logs with <code>dmesg</code></span> | |||
* <span lang="en" dir="ltr">If seeing massive "refuse" messages for specific network devices:</span> | |||
** <span lang="en" dir="ltr">NixOS enables firewall by default, try disabling firewall</span> | |||
** <span lang="en" dir="ltr">If problem is solved, try sequentially:</span> | |||
*** <span lang="en" dir="ltr">Add tun device to <code>trustedInterfaces</code></span> | |||
*** <span lang="en" dir="ltr">Disable <code>checkReversePath</code></span> | |||
* <span lang="en" dir="ltr">If seeing massive "refuse" messages for specific ports:</span> | |||
** <span lang="en" dir="ltr">Try allow the tproxy port in firewall if you're trying tproxy transparent proxy.</span> | |||
=== <span lang="zh" dir="ltr">TUN模式</span> === | |||
<span lang="zh" dir="ltr">注意:NixOS模块中的tunMode选项仅会为服务授予必要权限,实际启用TUN需编辑'''configFile'''配置文件。参见[https://wiki.metacubex.one/config/inbound/listeners/tun/?h=tun 官方文档]。</span> | |||
=== <span lang="zh" dir="ltr">常见问题</span> === | |||
<span lang="zh" dir="ltr">如果使用代理软件透明代理遇到问题,请先:</span> | |||
* <span lang="zh" dir="ltr">查看dmesg有无异常</span> | |||
** <span lang="zh" dir="ltr">出现大量refuse某一网络设备的消息</span> <span lang="zh" dir="ltr">nixos 默认开启防火墙,关掉防火墙再尝试 如关掉防火墙后问题解决,依次尝试:将tun device添加到 trustedInterfaces,关掉 checkReversePath。</span> | |||
== <span lang="en" dir="ltr">See also</span> == | |||
== | * [https://blog.nyaw.xyz/nixos-inwall-install <span lang="en" dir="ltr">NixOS installation and usage under a censored network (zh-cn)</span>] | ||
== | == 更多参考 == | ||
* [https://blog.nyaw.xyz/nixos-inwall-install | * [https://blog.nyaw.xyz/nixos-inwall-install NixOS透明代理指南] | ||