Refactor: fakeip pool use netip.Prefix, supports ipv6 range

component/fakeip/cachefile.go

@@ -1,7 +1,7 @@
 package fakeip
 
 import (
-	"net"
+	"net/netip"
 
 	"github.com/Dreamacro/clash/component/profile/cachefile"
 )
@@ -11,22 +11,27 @@ type cachefileStore struct {
 }
 
 // GetByHost implements store.GetByHost
-func (c *cachefileStore) GetByHost(host string) (net.IP, bool) {
+func (c *cachefileStore) GetByHost(host string) (netip.Addr, bool) {
 	elm := c.cache.GetFakeip([]byte(host))
 	if elm == nil {
-		return nil, false
+		return netip.Addr{}, false
+	}
+
+	if len(elm) == 4 {
+		return netip.AddrFrom4(*(*[4]byte)(elm)), true
+	} else {
+		return netip.AddrFrom16(*(*[16]byte)(elm)), true
 	}
-	return net.IP(elm), true
 }
 
 // PutByHost implements store.PutByHost
-func (c *cachefileStore) PutByHost(host string, ip net.IP) {
+func (c *cachefileStore) PutByHost(host string, ip netip.Addr) {
-	c.cache.PutFakeip([]byte(host), ip)
+	c.cache.PutFakeip([]byte(host), ip.AsSlice())
 }
 
 // GetByIP implements store.GetByIP
-func (c *cachefileStore) GetByIP(ip net.IP) (string, bool) {
+func (c *cachefileStore) GetByIP(ip netip.Addr) (string, bool) {
-	elm := c.cache.GetFakeip(ip.To4())
+	elm := c.cache.GetFakeip(ip.AsSlice())
 	if elm == nil {
 		return "", false
 	}
@@ -34,18 +39,18 @@ func (c *cachefileStore) GetByIP(ip net.IP) (string, bool) {
 }
 
 // PutByIP implements store.PutByIP
-func (c *cachefileStore) PutByIP(ip net.IP, host string) {
+func (c *cachefileStore) PutByIP(ip netip.Addr, host string) {
-	c.cache.PutFakeip(ip.To4(), []byte(host))
+	c.cache.PutFakeip(ip.AsSlice(), []byte(host))
 }
 
 // DelByIP implements store.DelByIP
-func (c *cachefileStore) DelByIP(ip net.IP) {
+func (c *cachefileStore) DelByIP(ip netip.Addr) {
-	ip = ip.To4()
+	addr := ip.AsSlice()
-	c.cache.DelFakeipPair(ip, c.cache.GetFakeip(ip.To4()))
+	c.cache.DelFakeipPair(addr, c.cache.GetFakeip(addr))
 }
 
 // Exist implements store.Exist
-func (c *cachefileStore) Exist(ip net.IP) bool {
+func (c *cachefileStore) Exist(ip netip.Addr) bool {
 	_, exist := c.GetByIP(ip)
 	return exist
 }

component/fakeip/memory.go

@@ -1,35 +1,35 @@
 package fakeip
 
 import (
-	"net"
+	"net/netip"
 
 	"github.com/Dreamacro/clash/common/cache"
 )
 
 type memoryStore struct {
-	cacheIP   *cache.LruCache[string, net.IP]
+	cacheIP   *cache.LruCache[string, netip.Addr]
-	cacheHost *cache.LruCache[uint32, string]
+	cacheHost *cache.LruCache[netip.Addr, string]
 }
 
 // GetByHost implements store.GetByHost
-func (m *memoryStore) GetByHost(host string) (net.IP, bool) {
+func (m *memoryStore) GetByHost(host string) (netip.Addr, bool) {
 	if ip, exist := m.cacheIP.Get(host); exist {
 		// ensure ip --> host on head of linked list
-		m.cacheHost.Get(ipToUint(ip.To4()))
+		m.cacheHost.Get(ip)
 		return ip, true
 	}
 
-	return nil, false
+	return netip.Addr{}, false
 }
 
 // PutByHost implements store.PutByHost
-func (m *memoryStore) PutByHost(host string, ip net.IP) {
+func (m *memoryStore) PutByHost(host string, ip netip.Addr) {
 	m.cacheIP.Set(host, ip)
 }
 
 // GetByIP implements store.GetByIP
-func (m *memoryStore) GetByIP(ip net.IP) (string, bool) {
+func (m *memoryStore) GetByIP(ip netip.Addr) (string, bool) {
-	if host, exist := m.cacheHost.Get(ipToUint(ip.To4())); exist {
+	if host, exist := m.cacheHost.Get(ip); exist {
 		// ensure host --> ip on head of linked list
 		m.cacheIP.Get(host)
 		return host, true
@@ -39,22 +39,21 @@ func (m *memoryStore) GetByIP(ip net.IP) (string, bool) {
 }
 
 // PutByIP implements store.PutByIP
-func (m *memoryStore) PutByIP(ip net.IP, host string) {
+func (m *memoryStore) PutByIP(ip netip.Addr, host string) {
-	m.cacheHost.Set(ipToUint(ip.To4()), host)
+	m.cacheHost.Set(ip, host)
 }
 
 // DelByIP implements store.DelByIP
-func (m *memoryStore) DelByIP(ip net.IP) {
+func (m *memoryStore) DelByIP(ip netip.Addr) {
-	ipNum := ipToUint(ip.To4())
+	if host, exist := m.cacheHost.Get(ip); exist {
-	if host, exist := m.cacheHost.Get(ipNum); exist {
 		m.cacheIP.Delete(host)
 	}
-	m.cacheHost.Delete(ipNum)
+	m.cacheHost.Delete(ip)
 }
 
 // Exist implements store.Exist
-func (m *memoryStore) Exist(ip net.IP) bool {
+func (m *memoryStore) Exist(ip netip.Addr) bool {
-	return m.cacheHost.Exist(ipToUint(ip.To4()))
+	return m.cacheHost.Exist(ip)
 }
 
 // CloneTo implements store.CloneTo
@@ -74,7 +73,7 @@ func (m *memoryStore) FlushFakeIP() error {
 
 func newMemoryStore(size int) *memoryStore {
 	return &memoryStore{
-		cacheIP:   cache.NewLRUCache[string, net.IP](cache.WithSize[string, net.IP](size)),
+		cacheIP:   cache.NewLRUCache[string, netip.Addr](cache.WithSize[string, netip.Addr](size)),
-		cacheHost: cache.NewLRUCache[uint32, string](cache.WithSize[uint32, string](size)),
+		cacheHost: cache.NewLRUCache[netip.Addr, string](cache.WithSize[netip.Addr, string](size)),
 	}
 }

component/fakeip/pool.go

@@ -2,39 +2,52 @@ package fakeip
 
 import (
 	"errors"
-	"net"
+	"math/bits"
+	"net/netip"
 	"sync"
+	_ "unsafe"
 
 	"github.com/Dreamacro/clash/component/profile/cachefile"
 	"github.com/Dreamacro/clash/component/trie"
 )
 
+//go:linkname beUint64 net/netip.beUint64
+func beUint64(b []byte) uint64
+
+//go:linkname bePutUint64 net/netip.bePutUint64
+func bePutUint64(b []byte, v uint64)
+
+type uint128 struct {
+	hi uint64
+	lo uint64
+}
+
 type store interface {
-	GetByHost(host string) (net.IP, bool)
+	GetByHost(host string) (netip.Addr, bool)
-	PutByHost(host string, ip net.IP)
+	PutByHost(host string, ip netip.Addr)
-	GetByIP(ip net.IP) (string, bool)
+	GetByIP(ip netip.Addr) (string, bool)
-	PutByIP(ip net.IP, host string)
+	PutByIP(ip netip.Addr, host string)
-	DelByIP(ip net.IP)
+	DelByIP(ip netip.Addr)
-	Exist(ip net.IP) bool
+	Exist(ip netip.Addr) bool
 	CloneTo(store)
 	FlushFakeIP() error
 }
 
 // Pool is a implementation about fake ip generator without storage
 type Pool struct {
-	max       uint32
+	gateway netip.Addr
-	min       uint32
+	first   netip.Addr
-	gateway   uint32
+	last    netip.Addr
-	broadcast uint32
+	offset  netip.Addr
-	offset    uint32
+	cycle   bool
 	mux     sync.Mutex
 	host    *trie.DomainTrie[bool]
-	ipnet     *net.IPNet
+	ipnet   *netip.Prefix
 	store   store
 }
 
 // Lookup return a fake ip with host
-func (p *Pool) Lookup(host string) net.IP {
+func (p *Pool) Lookup(host string) netip.Addr {
 	p.mux.Lock()
 	defer p.mux.Unlock()
 	if ip, exist := p.store.GetByHost(host); exist {
@@ -47,14 +60,10 @@ func (p *Pool) Lookup(host string) net.IP {
 }
 
 // LookBack return host with the fake ip
-func (p *Pool) LookBack(ip net.IP) (string, bool) {
+func (p *Pool) LookBack(ip netip.Addr) (string, bool) {
 	p.mux.Lock()
 	defer p.mux.Unlock()
 
-	if ip = ip.To4(); ip == nil {
-		return "", false
-	}
-
 	return p.store.GetByIP(ip)
 }
 
@@ -67,29 +76,25 @@ func (p *Pool) ShouldSkipped(domain string) bool {
 }
 
 // Exist returns if given ip exists in fake-ip pool
-func (p *Pool) Exist(ip net.IP) bool {
+func (p *Pool) Exist(ip netip.Addr) bool {
 	p.mux.Lock()
 	defer p.mux.Unlock()
 
-	if ip = ip.To4(); ip == nil {
-		return false
-	}
-
 	return p.store.Exist(ip)
 }
 
 // Gateway return gateway ip
-func (p *Pool) Gateway() net.IP {
+func (p *Pool) Gateway() netip.Addr {
-	return uintToIP(p.gateway)
+	return p.gateway
 }
 
-// Broadcast return broadcast ip
+// Broadcast return the last ip
-func (p *Pool) Broadcast() net.IP {
+func (p *Pool) Broadcast() netip.Addr {
-	return uintToIP(p.broadcast)
+	return p.last
 }
 
 // IPNet return raw ipnet
-func (p *Pool) IPNet() *net.IPNet {
+func (p *Pool) IPNet() *netip.Prefix {
 	return p.ipnet
 }
 
@@ -98,46 +103,28 @@ func (p *Pool) CloneFrom(o *Pool) {
 	o.store.CloneTo(p.store)
 }
 
-func (p *Pool) get(host string) net.IP {
+func (p *Pool) get(host string) netip.Addr {
-	current := p.offset
+	p.offset = p.offset.Next()
-	for {
+
-		p.offset = (p.offset + 1) % (p.max - p.min)
+	if !p.offset.Less(p.last) {
-		// Avoid infinite loops
+		p.cycle = true
-		if p.offset == current {
+		p.offset = p.first
-			p.offset = (p.offset + 1) % (p.max - p.min)
-			ip := uintToIP(p.min + p.offset - 1)
-			p.store.DelByIP(ip)
-			break
 	}
 
-		ip := uintToIP(p.min + p.offset - 1)
+	if p.cycle {
-		if !p.store.Exist(ip) {
+		p.store.DelByIP(p.offset)
-			break
 	}
-	}
+
-	ip := uintToIP(p.min + p.offset - 1)
+	p.store.PutByIP(p.offset, host)
-	p.store.PutByIP(ip, host)
+	return p.offset
-	return ip
 }
 
 func (p *Pool) FlushFakeIP() error {
 	return p.store.FlushFakeIP()
 }
 
-func ipToUint(ip net.IP) uint32 {
-	v := uint32(ip[0]) << 24
-	v += uint32(ip[1]) << 16
-	v += uint32(ip[2]) << 8
-	v += uint32(ip[3])
-	return v
-}
-
-func uintToIP(v uint32) net.IP {
-	return net.IP{byte(v >> 24), byte(v >> 16), byte(v >> 8), byte(v)}
-}
-
 type Options struct {
-	IPNet *net.IPNet
+	IPNet *netip.Prefix
 	Host  *trie.DomainTrie[bool]
 
 	// Size sets the maximum number of entries in memory
@@ -151,21 +138,23 @@ type Options struct {
 
 // New return Pool instance
 func New(options Options) (*Pool, error) {
-	min := ipToUint(options.IPNet.IP) + 3
+	var (
+		hostAddr = options.IPNet.Masked().Addr()
+		gateway  = hostAddr.Next()
+		first    = gateway.Next().Next()
+		last     = add(hostAddr, 1<<uint64(hostAddr.BitLen()-options.IPNet.Bits())-1)
+	)
 
-	ones, bits := options.IPNet.Mask.Size()
+	if !options.IPNet.IsValid() || !first.Less(last) || !options.IPNet.Contains(last) {
-	total := 1<<uint(bits-ones) - 4
-
-	if total <= 0 {
 		return nil, errors.New("ipnet don't have valid ip")
 	}
 
-	max := min + uint32(total) - 1
 	pool := &Pool{
-		min:       min,
+		gateway: gateway,
-		max:       max,
+		first:   first,
-		gateway:   min - 2,
+		last:    last,
-		broadcast: max + 1,
+		offset:  first.Prev(),
+		cycle:   false,
 		host:    options.Host,
 		ipnet:   options.IPNet,
 	}
@@ -179,3 +168,29 @@ func New(options Options) (*Pool, error) {
 
 	return pool, nil
 }
+
+// add returns addr + n.
+func add(addr netip.Addr, n uint64) netip.Addr {
+	buf := addr.As16()
+
+	u := uint128{
+		beUint64(buf[:8]),
+		beUint64(buf[8:]),
+	}
+
+	lo, carry := bits.Add64(u.lo, n, 0)
+
+	u.hi = u.hi + carry
+	u.lo = lo
+
+	bePutUint64(buf[:8], u.hi)
+	bePutUint64(buf[8:], u.lo)
+
+	a := netip.AddrFrom16(buf)
+
+	if addr.Is4() {
+		return a.Unmap()
+	}
+
+	return a
+}

component/fakeip/pool_test.go

@@ -2,7 +2,7 @@ package fakeip
 
 import (
 	"fmt"
-	"net"
+	"net/netip"
 	"os"
 	"testing"
 	"time"
@@ -49,9 +49,9 @@ func createCachefileStore(options Options) (*Pool, string, error) {
 }
 
 func TestPool_Basic(t *testing.T) {
-	_, ipnet, _ := net.ParseCIDR("192.168.0.0/28")
+	ipnet := netip.MustParsePrefix("192.168.0.0/28")
 	pools, tempfile, err := createPools(Options{
-		IPNet: ipnet,
+		IPNet: &ipnet,
 		Size:  10,
 	})
 	assert.Nil(t, err)
@@ -62,24 +62,52 @@ func TestPool_Basic(t *testing.T) {
 		last := pool.Lookup("bar.com")
 		bar, exist := pool.LookBack(last)
 
-		assert.True(t, first.Equal(net.IP{192, 168, 0, 3}))
+		assert.True(t, first == netip.AddrFrom4([4]byte{192, 168, 0, 3}))
-		assert.Equal(t, pool.Lookup("foo.com"), net.IP{192, 168, 0, 3})
+		assert.True(t, pool.Lookup("foo.com") == netip.AddrFrom4([4]byte{192, 168, 0, 3}))
-		assert.True(t, last.Equal(net.IP{192, 168, 0, 4}))
+		assert.True(t, last == netip.AddrFrom4([4]byte{192, 168, 0, 4}))
 		assert.True(t, exist)
 		assert.Equal(t, bar, "bar.com")
-		assert.Equal(t, pool.Gateway(), net.IP{192, 168, 0, 1})
+		assert.True(t, pool.Gateway() == netip.AddrFrom4([4]byte{192, 168, 0, 1}))
-		assert.Equal(t, pool.Broadcast(), net.IP{192, 168, 0, 15})
+		assert.True(t, pool.Broadcast() == netip.AddrFrom4([4]byte{192, 168, 0, 15}))
 		assert.Equal(t, pool.IPNet().String(), ipnet.String())
-		assert.True(t, pool.Exist(net.IP{192, 168, 0, 4}))
+		assert.True(t, pool.Exist(netip.AddrFrom4([4]byte{192, 168, 0, 4})))
-		assert.False(t, pool.Exist(net.IP{192, 168, 0, 5}))
+		assert.False(t, pool.Exist(netip.AddrFrom4([4]byte{192, 168, 0, 5})))
-		assert.False(t, pool.Exist(net.ParseIP("::1")))
+		assert.False(t, pool.Exist(netip.MustParseAddr("::1")))
+	}
+}
+
+func TestPool_BasicV6(t *testing.T) {
+	ipnet := netip.MustParsePrefix("2001:4860:4860::8888/118")
+	pools, tempfile, err := createPools(Options{
+		IPNet: &ipnet,
+		Size:  10,
+	})
+	assert.Nil(t, err)
+	defer os.Remove(tempfile)
+
+	for _, pool := range pools {
+		first := pool.Lookup("foo.com")
+		last := pool.Lookup("bar.com")
+		bar, exist := pool.LookBack(last)
+
+		assert.True(t, first == netip.MustParseAddr("2001:4860:4860:0000:0000:0000:0000:8803"))
+		assert.True(t, pool.Lookup("foo.com") == netip.MustParseAddr("2001:4860:4860:0000:0000:0000:0000:8803"))
+		assert.True(t, last == netip.MustParseAddr("2001:4860:4860:0000:0000:0000:0000:8804"))
+		assert.True(t, exist)
+		assert.Equal(t, bar, "bar.com")
+		assert.True(t, pool.Gateway() == netip.MustParseAddr("2001:4860:4860:0000:0000:0000:0000:8801"))
+		assert.True(t, pool.Broadcast() == netip.MustParseAddr("2001:4860:4860:0000:0000:0000:0000:8bff"))
+		assert.Equal(t, pool.IPNet().String(), ipnet.String())
+		assert.True(t, pool.Exist(netip.MustParseAddr("2001:4860:4860:0000:0000:0000:0000:8804")))
+		assert.False(t, pool.Exist(netip.MustParseAddr("2001:4860:4860:0000:0000:0000:0000:8805")))
+		assert.False(t, pool.Exist(netip.MustParseAddr("127.0.0.1")))
 	}
 }
 
 func TestPool_CycleUsed(t *testing.T) {
-	_, ipnet, _ := net.ParseCIDR("192.168.0.16/28")
+	ipnet := netip.MustParsePrefix("192.168.0.16/28")
 	pools, tempfile, err := createPools(Options{
-		IPNet: ipnet,
+		IPNet: &ipnet,
 		Size:  10,
 	})
 	assert.Nil(t, err)
@@ -88,22 +116,22 @@ func TestPool_CycleUsed(t *testing.T) {
 	for _, pool := range pools {
 		foo := pool.Lookup("foo.com")
 		bar := pool.Lookup("bar.com")
-		for i := 0; i < 9; i++ {
+		for i := 0; i < 10; i++ {
 			pool.Lookup(fmt.Sprintf("%d.com", i))
 		}
 		baz := pool.Lookup("baz.com")
 		next := pool.Lookup("foo.com")
-		assert.True(t, foo.Equal(baz))
+		assert.True(t, foo == baz)
-		assert.True(t, next.Equal(bar))
+		assert.True(t, next == bar)
 	}
 }
 
 func TestPool_Skip(t *testing.T) {
-	_, ipnet, _ := net.ParseCIDR("192.168.0.1/29")
+	ipnet := netip.MustParsePrefix("192.168.0.1/29")
 	tree := trie.New[bool]()
 	tree.Insert("example.com", true)
 	pools, tempfile, err := createPools(Options{
-		IPNet: ipnet,
+		IPNet: &ipnet,
 		Size:  10,
 		Host:  tree,
 	})
@@ -117,9 +145,9 @@ func TestPool_Skip(t *testing.T) {
 }
 
 func TestPool_MaxCacheSize(t *testing.T) {
-	_, ipnet, _ := net.ParseCIDR("192.168.0.1/24")
+	ipnet := netip.MustParsePrefix("192.168.0.1/24")
 	pool, _ := New(Options{
-		IPNet: ipnet,
+		IPNet: &ipnet,
 		Size:  2,
 	})
 
@@ -128,13 +156,13 @@ func TestPool_MaxCacheSize(t *testing.T) {
 	pool.Lookup("baz.com")
 	next := pool.Lookup("foo.com")
 
-	assert.False(t, first.Equal(next))
+	assert.False(t, first == next)
 }
 
 func TestPool_DoubleMapping(t *testing.T) {
-	_, ipnet, _ := net.ParseCIDR("192.168.0.1/24")
+	ipnet := netip.MustParsePrefix("192.168.0.1/24")
 	pool, _ := New(Options{
-		IPNet: ipnet,
+		IPNet: &ipnet,
 		Size:  2,
 	})
 
@@ -158,23 +186,23 @@ func TestPool_DoubleMapping(t *testing.T) {
 	assert.False(t, bazExist)
 	assert.True(t, barExist)
 
-	assert.False(t, bazIP.Equal(newBazIP))
+	assert.False(t, bazIP == newBazIP)
 }
 
 func TestPool_Clone(t *testing.T) {
-	_, ipnet, _ := net.ParseCIDR("192.168.0.1/24")
+	ipnet := netip.MustParsePrefix("192.168.0.1/24")
 	pool, _ := New(Options{
-		IPNet: ipnet,
+		IPNet: &ipnet,
 		Size:  2,
 	})
 
 	first := pool.Lookup("foo.com")
 	last := pool.Lookup("bar.com")
-	assert.True(t, first.Equal(net.IP{192, 168, 0, 3}))
+	assert.True(t, first == netip.AddrFrom4([4]byte{192, 168, 0, 3}))
-	assert.True(t, last.Equal(net.IP{192, 168, 0, 4}))
+	assert.True(t, last == netip.AddrFrom4([4]byte{192, 168, 0, 4}))
 
 	newPool, _ := New(Options{
-		IPNet: ipnet,
+		IPNet: &ipnet,
 		Size:  2,
 	})
 	newPool.CloneFrom(pool)
@@ -185,9 +213,9 @@ func TestPool_Clone(t *testing.T) {
 }
 
 func TestPool_Error(t *testing.T) {
-	_, ipnet, _ := net.ParseCIDR("192.168.0.1/31")
+	ipnet := netip.MustParsePrefix("192.168.0.1/31")
 	_, err := New(Options{
-		IPNet: ipnet,
+		IPNet: &ipnet,
 		Size:  10,
 	})
 
@@ -195,9 +223,9 @@ func TestPool_Error(t *testing.T) {
 }
 
 func TestPool_FlushFileCache(t *testing.T) {
-	_, ipnet, _ := net.ParseCIDR("192.168.0.1/28")
+	ipnet := netip.MustParsePrefix("192.168.0.1/28")
 	pools, tempfile, err := createPools(Options{
-		IPNet: ipnet,
+		IPNet: &ipnet,
 		Size:  10,
 	})
 	assert.Nil(t, err)
@@ -216,18 +244,18 @@ func TestPool_FlushFileCache(t *testing.T) {
 		next := pool.Lookup("baz.com")
 		nero := pool.Lookup("foo.com")
 
-		assert.Equal(t, foo, fox)
+		assert.True(t, foo == fox)
-		assert.NotEqual(t, foo, baz)
+		assert.False(t, foo == baz)
-		assert.Equal(t, bar, bax)
+		assert.True(t, bar == bax)
-		assert.NotEqual(t, bar, next)
+		assert.False(t, bar == next)
-		assert.Equal(t, baz, nero)
+		assert.True(t, baz == nero)
 	}
 }
 
 func TestPool_FlushMemoryCache(t *testing.T) {
-	_, ipnet, _ := net.ParseCIDR("192.168.0.1/28")
+	ipnet := netip.MustParsePrefix("192.168.0.1/28")
 	pool, _ := New(Options{
-		IPNet: ipnet,
+		IPNet: &ipnet,
 		Size:  10,
 	})
 
@@ -243,9 +271,9 @@ func TestPool_FlushMemoryCache(t *testing.T) {
 	next := pool.Lookup("baz.com")
 	nero := pool.Lookup("foo.com")
 
-	assert.Equal(t, foo, fox)
+	assert.True(t, foo == fox)
-	assert.NotEqual(t, foo, baz)
+	assert.False(t, foo == baz)
-	assert.Equal(t, bar, bax)
+	assert.True(t, bar == bax)
-	assert.NotEqual(t, bar, next)
+	assert.False(t, bar == next)
-	assert.Equal(t, baz, nero)
+	assert.True(t, baz == nero)
 }

config/config.go

@@ -793,7 +793,7 @@ func parseDNS(rawCfg *RawConfig, hosts *trie.DomainTrie[netip.Addr], rules []C.R
 	}
 
 	if cfg.EnhancedMode == C.DNSFakeIP {
-		_, ipnet, err := net.ParseCIDR(cfg.FakeIPRange)
+		ipnet, err := netip.ParsePrefix(cfg.FakeIPRange)
 		if err != nil {
 			return nil, err
 		}
@@ -820,7 +820,7 @@ func parseDNS(rawCfg *RawConfig, hosts *trie.DomainTrie[netip.Addr], rules []C.R
 		}
 
 		pool, err := fakeip.New(fakeip.Options{
-			IPNet:       ipnet,
+			IPNet:       &ipnet,
 			Size:        1000,
 			Host:        host,
 			Persistence: rawCfg.Profile.StoreFakeIP,

dns/enhancer.go

@@ -2,6 +2,7 @@ package dns
 
 import (
 	"net"
+	"net/netip"
 
 	"github.com/Dreamacro/clash/common/cache"
 	"github.com/Dreamacro/clash/component/fakeip"
@@ -11,7 +12,7 @@ import (
 type ResolverEnhancer struct {
 	mode     C.DNSMode
 	fakePool *fakeip.Pool
-	mapping  *cache.LruCache[string, string]
+	mapping  *cache.LruCache[netip.Addr, string]
 }
 
 func (h *ResolverEnhancer) FakeIPEnabled() bool {
@@ -28,7 +29,7 @@ func (h *ResolverEnhancer) IsExistFakeIP(ip net.IP) bool {
 	}
 
 	if pool := h.fakePool; pool != nil {
-		return pool.Exist(ip)
+		return pool.Exist(ipToAddr(ip))
 	}
 
 	return false
@@ -39,8 +40,10 @@ func (h *ResolverEnhancer) IsFakeIP(ip net.IP) bool {
 		return false
 	}
 
+	addr := ipToAddr(ip)
+
 	if pool := h.fakePool; pool != nil {
-		return pool.IPNet().Contains(ip) && !pool.Gateway().Equal(ip) && !pool.Broadcast().Equal(ip)
+		return pool.IPNet().Contains(addr) && addr != pool.Gateway() && addr != pool.Broadcast()
 	}
 
 	return false
@@ -52,21 +55,22 @@ func (h *ResolverEnhancer) IsFakeBroadcastIP(ip net.IP) bool {
 	}
 
 	if pool := h.fakePool; pool != nil {
-		return pool.Broadcast().Equal(ip)
+		return pool.Broadcast() == ipToAddr(ip)
 	}
 
 	return false
 }
 
 func (h *ResolverEnhancer) FindHostByIP(ip net.IP) (string, bool) {
+	addr := ipToAddr(ip)
 	if pool := h.fakePool; pool != nil {
-		if host, existed := pool.LookBack(ip); existed {
+		if host, existed := pool.LookBack(addr); existed {
 			return host, true
 		}
 	}
 
 	if mapping := h.mapping; mapping != nil {
-		if host, existed := h.mapping.Get(ip.String()); existed {
+		if host, existed := h.mapping.Get(addr); existed {
 			return host, true
 		}
 	}
@@ -76,7 +80,7 @@ func (h *ResolverEnhancer) FindHostByIP(ip net.IP) (string, bool) {
 
 func (h *ResolverEnhancer) InsertHostByIP(ip net.IP, host string) {
 	if mapping := h.mapping; mapping != nil {
-		h.mapping.Set(ip.String(), host)
+		h.mapping.Set(ipToAddr(ip), host)
 	}
 }
 
@@ -99,11 +103,11 @@ func (h *ResolverEnhancer) FlushFakeIP() error {
 
 func NewEnhancer(cfg Config) *ResolverEnhancer {
 	var fakePool *fakeip.Pool
-	var mapping *cache.LruCache[string, string]
+	var mapping *cache.LruCache[netip.Addr, string]
 
 	if cfg.EnhancedMode != C.DNSNormal {
 		fakePool = cfg.Pool
-		mapping = cache.NewLRUCache[string, string](cache.WithSize[string, string](4096), cache.WithStale[string, string](true))
+		mapping = cache.NewLRUCache[netip.Addr, string](cache.WithSize[netip.Addr, string](4096), cache.WithStale[netip.Addr, string](true))
 	}
 
 	return &ResolverEnhancer{

dns/middleware.go

@@ -21,7 +21,7 @@ type (
 	middleware func(next handler) handler
 )
 
-func withHosts(hosts *trie.DomainTrie[netip.Addr], mapping *cache.LruCache[string, string]) middleware {
+func withHosts(hosts *trie.DomainTrie[netip.Addr], mapping *cache.LruCache[netip.Addr, string]) middleware {
 	return func(next handler) handler {
 		return func(ctx *context.DNSContext, r *D.Msg) (*D.Msg, error) {
 			q := r.Question[0]
@@ -57,7 +57,7 @@ func withHosts(hosts *trie.DomainTrie[netip.Addr], mapping *cache.LruCache[strin
 			}
 
 			if mapping != nil {
-				mapping.SetWithExpire(ip.Unmap().String(), host, time.Now().Add(time.Second*10))
+				mapping.SetWithExpire(ip, host, time.Now().Add(time.Second*10))
 			}
 
 			ctx.SetType(context.DNSTypeHost)
@@ -70,7 +70,7 @@ func withHosts(hosts *trie.DomainTrie[netip.Addr], mapping *cache.LruCache[strin
 	}
 }
 
-func withMapping(mapping *cache.LruCache[string, string]) middleware {
+func withMapping(mapping *cache.LruCache[netip.Addr, string]) middleware {
 	return func(next handler) handler {
 		return func(ctx *context.DNSContext, r *D.Msg) (*D.Msg, error) {
 			q := r.Question[0]
@@ -101,7 +101,7 @@ func withMapping(mapping *cache.LruCache[string, string]) middleware {
 					continue
 				}
 
-				mapping.SetWithExpire(ip.String(), host, time.Now().Add(time.Second*time.Duration(ttl)))
+				mapping.SetWithExpire(ipToAddr(ip), host, time.Now().Add(time.Second*time.Duration(ttl)))
 			}
 
 			return msg, nil
@@ -131,7 +131,7 @@ func withFakeIP(fakePool *fakeip.Pool) middleware {
 			rr := &D.A{}
 			rr.Hdr = D.RR_Header{Name: q.Name, Rrtype: D.TypeA, Class: D.ClassINET, Ttl: dnsDefaultTTL}
 			ip := fakePool.Lookup(host)
-			rr.A = ip
+			rr.A = ip.AsSlice()
 			msg := r.Copy()
 			msg.Answer = []D.RR{rr}
 

dns/util.go

@@ -5,6 +5,7 @@ import (
 	"crypto/tls"
 	"fmt"
 	"net"
+	"net/netip"
 	"time"
 
 	"github.com/Dreamacro/clash/common/cache"
@@ -114,6 +115,22 @@ func msgToIP(msg *D.Msg) []net.IP {
 	return ips
 }
 
+func ipToAddr(ip net.IP) netip.Addr {
+	if ip == nil {
+		return netip.Addr{}
+	}
+
+	l := len(ip)
+
+	if l == 4 {
+		return netip.AddrFrom4(*(*[4]byte)(ip))
+	} else if l == 16 {
+		return netip.AddrFrom16(*(*[16]byte)(ip))
+	} else {
+		return netip.Addr{}
+	}
+}
+
 type wrapPacketConn struct {
 	net.PacketConn
 	rAddr net.Addr

listener/tun/tun_adapter.go

@@ -53,7 +53,6 @@ func New(tunConf *config.Tun, dnsConf *config.DNS, tcpIn chan<- C.ConnContext, u
 	process.AppendLocalIPs(tunAddress.Masked().Addr().Next().AsSlice())
 
 	// open tun device
-
 	tunDevice, err = parseDevice(devName, uint32(mtu))
 	if err != nil {
 		return nil, fmt.Errorf("can't open tun: %w", err)
@@ -149,9 +148,10 @@ func setAtLatest(stackType C.TUNStack, devName string) {
 	}
 
 	switch runtime.GOOS {
+	case "darwin":
+		_, _ = cmd.ExecCmd("sysctl net.inet.ip.forwarding=1")
 	case "windows":
 		_, _ = cmd.ExecCmd("ipconfig /renew")
-
 	case "linux":
 		// _, _ = cmd.ExecCmd("sysctl -w net.ipv4.ip_forward=1")
 		// _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.all.forwarding = 1")