Mihomo Files

What's Changed

• The DNS resolution of the overall UDP part has been delayed to the connection initiation stage. It will be triggered only when the IP rule without no-resolve is matched during the rule matching process.
• For direct and wireguard outbound, the same logic as the TCP part will be followed, that is, when direct-nameserver (or DNS configured by wireguard) exists, the resolution result in the rule matching process will be discarded and the domain name will be re-resolved. This re-resolution logic is only effective for fakeip.
• For reject and DNS outbound, no resolution is required.
• For other outbound, resolution will still be performed when the UDP connection is initiated, and the domain name will not be sent directly to the remote server.
• In addition, the memory usage of the UDP part of tun inbound has also been optimized in this version.
• Other incompatible updates are the same as v1.19.6~v1.19.8:

  • For security reasons, all paths appearing in the configuration file will be limited to workdir (regardless of whether they are relative or absolute). If there is a specific need, please specify additional safe paths by setting the SAFE_PATHS environment variable while ensuring safety. The syntax of this environment variable is the same as the PATH environment variable parsing rules of this operating system (i.e., semicolon-separated under Windows and colon-separated under other systems)
  • For security reasons, the "path" parameter of /configs in the restful api has been restricted, and its directory also needs to be in workdir or SAFE_PATHS.
  • In addition, support for specifying routing-mark and interface-name for proxy-groups has been removed. Please specify the relevant parameters in proxies directly.
  • Note: The workdir mentioned above is specified by the -d parameter when the program is started or the CLASH_HOME_DIR environment variable. If neither of the above is specified, the default is:
  • on Unix systems, $HOME/.config/mihomo.
  • on Windows, %USERPROFILE%/.config/mihomo.

BUG & Fix

• 15eda703 fix: hysteria2 panic by @wwqgtxx
• 1db89da1 fix: quic sniffer should not replace domain when no valid host is read by @wwqgtxx
• 213d80c1 fix: quic sniffer should consider skipDomain by @wwqgtxx
• 33590c40 fix: destination should unmap before find interface by @wwqgtxx
• 4741ac67 fix: in-port not work with shadowsocks listener by @wwqgtxx
• 5a21bf36 fix: listener close panic by @wwqgtxx
• 6c9abe16 fix: vmess listener error by @wwqgtxx
• d2e255f2 fix: some error in tun by @wwqgtxx

Maintenance

• 12e3952b chore: code cleanup by @wwqgtxx
• 199fb8fd chore: update quic-go to 0.52.0 by @wwqgtxx
• 28c387a9 chore: restore break change in sing-tun by @wwqgtxx
• 34de62d2 chore: better get localAddr by @wwqgtxx
• 3ed6ff94 chore: export pipeDeadline by @wwqgtxx
• 4ed83033 chore: remove confused code by @wwqgtxx
• 60ae9dce chore: recover log leval for preHandleMetadata by @wwqgtxx
• 689c58f6 chore: clear dstIP when overrideDest in sniffer by @wwqgtxx
• 88419cbd chore: better parse remote dst by @wwqgtxx
• 9e3bf14b chore: handle two interfaces have the same prefix but different address by @wwqgtxx
• a0c46bb4 chore: remove the redundant layer of udpnat in sing-tun to reduce resource usage when processing udp by @wwqgtxx
• a1c78812 chore: rebuild udp dns resolve by @wwqgtxx
• b1d12a15 chore: proxy's ech should fetch from proxy-nameserver by @wwqgtxx
• c0f452b5 chore: more unmap for 4in6 address by @wwqgtxx
• ef3d7e4d chore: remove unneeded dns resolve when proxydialer dial udp by @wwqgtxx

Full Changelog: https://github.com/MetaCubeX/mihomo/compare/v1.19.9...v1.19.10