我这里打开一个网页需要加载 fonts.googleapis.com 域名下的资源，查了下，这个域名不需要代理，在国内是可以直接打开的，但是只要是启动了 Clash.Mini，并且开启了 System Proxy， 这个域名就一直打不开，好像是被解析到国外了。

我看了下 Rules 里面的配置：

上面显示这个域名是直连的，但是打开 log 看了下，结果如下：

[ WARN ] [TCP] dial DIRECT (match Domain/fonts.googleapis.com) to fonts.googleapis.com:443 error: dial tcp4 172.217.31.10:443: i/o timeout

解析出来的 IP 是172.217.31.10，我查了下这个IP是谷歌云在国外的地址，所以一直打不开。

是因为 DNS 设置的问题吗，我应该怎么设置才能正确解析呢。

解压后双击运行但无任何显示，在任务管理器中能看到进程运行一秒左右随即退出，将订阅文件 config.yaml 放置在目录中再运行问题依旧。

发布版本：Clash.Mini_v0.2.0_x64.7z

操作系统：ltsc 1809 build 17763.2928，已安装chromium edge、webview2

系统Win10 x64，VC运行库和NET6正常。

百分之百复现此问题，执行此操作后，打开的网址是：

http://127.0.0.1:8070/?hostname=127.0.0.1&port=9090&secret=

如果手动打开下面该网址则不会闪退

http://127.0.0.1:8070

比如 🍎 Apple: behavior: classical type: http url: 'https://cdn.jsdelivr.net/gh/blackmatrix7/ios_rule_script/rule/Clash/Apple/Apple.yaml' interval: 3600 path: ./Apple

System Proxy is always enabled on booting.

I checked the code in func mEnabledFunc() https://github.com/MetaCubeX/Clash.Mini/blob/develop/tray/func.go#L114

The mEnabled.Checked() is always false on booting, which cause the else condition is running. Maybe we should check the value of autoproxy config too? Or initial mEnabled value according to the value of autoproxy?

I ❤ Microsoft :) https://github.com/golang/go/issues/32350

也许添加下 .js 的 mime 会好使

_ = mime.AddExtensionType(".js", "application/javascript")

以TUN模式退出，再次启动时无法初始化。需要取消TUN模式，或者再退出、启动才能正常使用。

2022-10-23T00:17:35+08:00 [ INFO ] [TUN] Creating adapter
2022-10-23T00:17:50+08:00 [ EROR ] [TUN] Timed out waiting for device query: 等待的操作过时。 (Code 0x00000102)
2022-10-23T00:17:50+08:00 [ EROR ] [TUN] Failed to setup adapter (problem code: 0x1F, ntstatus: 0xC0000035): 当文件已存在时，无法创建该文件。 (Code 0x000000B7)
2022-10-23T00:17:50+08:00 [ EROR ] Start TUN listening error: can't open tun: create tun: Error creating interface: Cannot create a file when that file already exists.

配置

mixed-port: 7890

# Port of HTTP(S) proxy server on the local end
# port: 7890

# Port of SOCKS5 proxy server on the local end
# socks-port: 7891

# Transparent proxy server port for Linux and macOS (Redirect TCP and TProxy UDP)
# redir-port: 7892

# Transparent proxy server port for Linux (TProxy TCP and TProxy UDP)
# tproxy-port: 7893

# HTTP(S) and SOCKS4(A)/SOCKS5 server on the same port
# mixed-port: 7890

# authentication of local SOCKS5/HTTP(S) server
# authentication:
#  - "user1:pass1"
#  - "user2:pass2"

# Set to true to allow connections to the local-end server from
# other LAN IP addresses
allow-lan: true

# This is only applicable when `allow-lan` is `true`
# '*': bind all IP addresses
# 192.168.122.11: bind a single IPv4 address
# "[aaaa::a8aa:ff:fe09:57d8]": bind a single IPv6 address
bind-address: '*'

# Clash router working mode
# rule: rule-based packet routing
# global: all packets will be forwarded to a single endpoint
# direct: directly forward the packets to the Internet
mode: rule

# Clash by default prints logs to STDOUT
# info / warning / error / debug / silent
log-level: info

# When set to false, resolver won't translate hostnames to IPv6 addresses
ipv6: false

# RESTful web API listening address
external-controller: 127.0.0.1:9090

# A relative path to the configuration directory or an absolute path to a
# directory in which you put some static web resource. Clash core will then
# serve it at `http://{{external-controller}}/ui`.
# external-ui: public

# Secret for the RESTful API (optional)
# Authenticate by spedifying HTTP header `Authorization: Bearer ${secret}`
# ALWAYS set a secret if RESTful API is listening on 0.0.0.0
# secret: "dcc2c709-49b7-49fb-a3f0-ea4d7d48894f"

# Outbound interface name
# interface-name: en0

# fwmark on Linux only
# routing-mark: 6666

# Static hosts for DNS server and connection establishment (like /etc/hosts)
#
# Wildcard hostnames are supported (e.g. *.clash.dev, *.foo.*.example.com)
# Non-wildcard domain names have a higher priority than wildcard domain names
# e.g. foo.example.com > *.example.com > .example.com
# P.S. +.foo.com equals to .foo.com and foo.com
hosts:
  # '*.clash.dev': 127.0.0.1
  # '.dev': 127.0.0.1
  # 'alpha.clash.dev': '::1'

profile:
  # Store the `select` results in $HOME/.config/clash/.cache
  # set false If you don't want this behavior
  # when two different configurations have groups with the same name, the selected values are shared
  store-selected: false

  # persistence fakeip
  store-fake-ip: true

# DNS server settings
# This section is optional. When not present, the DNS server will be disabled.
dns:
  enable: true
  listen: 0.0.0.0:53
  # ipv6: false # when the false, response to AAAA questions will be empty

  # These nameservers are used to resolve the DNS nameserver hostnames below.
  # Specify IP addresses only
  default-nameserver:
    - 114.114.114.114
    - 8.8.8.8
  enhanced-mode: fake-ip # or redir-host (not recommended)
  # enhanced-mode: redir-host
  fake-ip-range: 198.18.0.1/16 # Fake IP addresses pool CIDR
  # use-hosts: true # lookup hosts and return IP record

  # Hostnames in this list will not be resolved with fake IPs
  # i.e. questions to these domain names will always be answered with their
  # real IP addresses
  # fake-ip-filter:
  #   - '*.lan'
  #   - localhost.ptlogin2.qq.com

  # Supports UDP, TCP, DoT, DoH. You can specify the port to connect to.
  # All DNS questions are sent directly to the nameserver, without proxies
  # involved. Clash answers the DNS question with the first result gathered.
  nameserver:
    - 114.114.114.114 # default value
    - 8.8.8.8 # default value
    # - tls://dns.rubyfish.cn:853 # DNS over TLS
    # - https://1.1.1.1/dns-query # DNS over HTTPS
    # - dhcp://en0 # dns from dhcp
    # - '8.8.8.8#en0'

  # When `fallback` is present, the DNS server will send concurrent requests
  # to the servers in this section along with servers in `nameservers`.
  # The answers from fallback servers are used when the GEOIP country
  # is not `CN`.
  # fallback:
  #   - tls://dns.rubyfish.cn:853
    # - 'tcp://1.1.1.1#en0'

  # If IP addresses resolved with servers in `nameservers` are in the specified
  # subnets below, they are considered invalid and results from `fallback`
  # servers are used instead.
  #
  # IP address resolved with servers in `nameserver` is used when
  # `fallback-filter.geoip` is true and when GEOIP of the IP address is `CN`.
  #
  # If `fallback-filter.geoip` is false, results from `nameserver` nameservers
  # are always used if not match `fallback-filter.ipcidr`.
  #
  # This is a countermeasure against DNS pollution attacks.
  # fallback-filter:
  #   geoip: true
  #   geoip-code: CN
  #   ipcidr:
  #     - 240.0.0.0/4
  #   domain:
  #     - '+.google.com'
  #     - '+.facebook.com'
  #     - '+.youtube.com'

  # Lookup domains via specific nameservers
  # nameserver-policy:
  #   'www.baidu.com': '114.114.114.114'
  #   '+.internal.crop.com': '10.0.0.1'

proxies:
  # Shadowsocks
  # The supported ciphers (encryption methods):
  #   aes-128-gcm aes-192-gcm aes-256-gcm
  #   aes-128-cfb aes-192-cfb aes-256-cfb
  #   aes-128-ctr aes-192-ctr aes-256-ctr
  #   rc4-md5 chacha20-ietf xchacha20
  #   chacha20-ietf-poly1305 xchacha20-ietf-poly1305
  - name: "ss"
    type: ss
    server: 
    port: 80
    cipher: aes-128-gcm
    password: 
    plugin: v2ray-plugin
    plugin-opts:
      mode: websocket # no QUIC now
      tls: false
      # skip-cert-verify: true
      host: 
      path: 
      mux: false
      # headers:
      #   custom: value

  # socks5
  - name: "socks"
    type: socks5
    server: 127.0.0.1
    port: 1080
    # username: username
    # password: password
    # tls: true
    # skip-cert-verify: true
    # udp: true

proxy-groups:
  # select is used for selecting proxy or proxy group
  # you can use RESTful API to switch proxy is recommended for use in GUI.
  - name: Proxy
    type: select
    # disable-udp: true
    proxies:
      - ssgr
      - ssha

rule-providers:
  proxy:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/proxy.txt"
    path: ./ruleset/proxy.yaml
    interval: 86400

  private:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/private.txt"
    path: ./ruleset/private.yaml
    interval: 86400

  telegramcidr:
    type: http
    behavior: ipcidr
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/telegramcidr.txt"
    path: ./ruleset/telegramcidr.yaml
    interval: 86400

  cncidr:
    type: http
    behavior: ipcidr
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/cncidr.txt"
    path: ./ruleset/cncidr.yaml
    interval: 86400

  lancidr:
    type: http
    behavior: ipcidr
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt"
    path: ./ruleset/lancidr.yaml
    interval: 86400

  applications:
    type: http
    behavior: classical
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/applications.txt"
    path: ./ruleset/applications.yaml
    interval: 86400

rules:
  - RULE-SET,applications,DIRECT
  - PROCESS-NAME,BitComet_x64.exe,DIRECT
  - DOMAIN,clash.razord.top,DIRECT
  - DOMAIN,yacd.haishan.me,DIRECT
  - RULE-SET,private,DIRECT
  - RULE-SET,proxy,socks
  - RULE-SET,lancidr,DIRECT
  - RULE-SET,cncidr,DIRECT
  - RULE-SET,telegramcidr,socks
  - GEOIP,LAN,DIRECT
  - GEOIP,CN,DIRECT
  - MATCH,socks

# tun:
#   enable: true
#   stack: system # or gvisor
#   auto-route: true
#   auto-detect-interface: true
#   dns-hijack:
#     - 198.18.0.2:53