chore: format code

chore: try use domain mapping when normal dns
chore: use cname in tunnel
2023-03-12 14:58:27 +08:00 · 2023-03-12 14:50:21 +08:00 · 2023-03-12 14:44:24 +08:00 · 2023-03-12 14:37:46 +08:00 · 2023-03-12 14:14:38 +08:00 · 2023-03-12 12:41:32 +08:00
163 changed files with 5925 additions and 4453 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@ -1,82 +0,0 @@
-name: Bug report
-description: Create a report to help us improve
-title: "[Bug] "
-body:
-  - type: checkboxes
-    id: ensure
-    attributes:
-      label: Verify steps
-      description: "
-在提交之前，请确认
-Please verify that you've followed these steps
-"
-      options:
-        - label: "
-确保你使用的是**本仓库**最新的的 clash 或 clash Alpha 版本
-Ensure you are using the latest version of Clash or Clash Premium from **this repository**.
-"
-          required: true
-        - label: "
-如果你可以自己 debug 并解决的话，提交 PR 吧
-Is this something you can **debug and fix**? Send a pull request! Bug fixes and documentation fixes are welcome.
-"
-          required: false
-        - label: "
-我已经在 [Issue Tracker](……/) 中找过我要提出的问题
-I have searched on the [issue tracker](……/) for a related issue.
-"
-          required: true
-        - label: "
-我已经使用 Alpha 分支版本测试过，问题依旧存在
-I have tested using the dev branch, and the issue still exists.
-"
-          required: true
-        - label: "
-我已经仔细看过 [Documentation](https://wiki.metacubex.one/) 并无法自行解决问题
-I have read the [documentation](https://wiki.metacubex.one/) and was unable to solve the issue.
-"
-          required: true
-        - label: "
-这是 Clash 核心的问题，并非我所使用的 Clash 衍生版本（如 OpenClash、KoolClash 等）的特定问题
-This is an issue of the Clash core *per se*, not to the derivatives of Clash, like OpenClash or KoolClash.
-"
-          required: true
-  - type: input
-    attributes:
-      label: Clash version
-      description: "use `clash -v`"
-    validations:
-      required: true
-  - type: dropdown
-    id: os
-    attributes:
-      label: What OS are you seeing the problem on?
-      multiple: true
-      options:
-        - macOS
-        - Windows
-        - Linux
-        - OpenBSD/FreeBSD
-  - type: textarea
-    attributes:
-      render: yaml
-      label: "Clash config"
-      description: "
-在下方附上 Clash core 配置文件，请确保配置文件中没有敏感信息（比如：服务器地址，密码，端口等）
-Paste the Clash core configuration file below, please make sure that there is no sensitive information in the configuration file (e.g., server address/url, password, port)
-"
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      render: shell
-      label: Clash log
-      description: "
-在下方附上 Clash Core 的日志，log level 使用 DEBUG
-Paste the Clash core log below with the log level set to `DEBUG`.
-"
-  - type: textarea
-    attributes:
-      label: Description
-    validations:
-      required: true
--- a/.github/ISSUE_TEMPLATE/feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yml
@ -1,36 +0,0 @@
-name: Feature request
-description: Suggest an idea for this project
-title: "[Feature] "
-body:
-  - type: checkboxes
-    id: ensure
-    attributes:
-      label: Verify steps
-      description: "
-在提交之前，请确认
-Please verify that you've followed these steps
-"
-      options:
-        - label: "
-我已经在 [Issue Tracker](……/) 中找过我要提出的请求
-I have searched on the [issue tracker](……/) for a related feature request.
-"
-          required: true
-        - label: "
-我已经仔细看过 [Documentation](https://wiki.metacubex.one/) 并无法找到这个功能
-I have read the [documentation](https://wiki.metacubex.one/) and was unable to solve the issue.
-"
-          required: true
-  - type: textarea
-    attributes:
-      label: Description
-      description: 请详细、清晰地表达你要提出的论述，例如这个问题如何影响到你？你想实现什么功能？目前 Clash Core 的行为是什麽？
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Possible Solution
-      description: "
-此项非必须，但是如果你有想法的话欢迎提出。
-Not obligatory, but suggest a fix/reason for the bug, or ideas how to implement the addition or change
-"
--- a/.github/genReleaseNote.sh
+++ b/.github/genReleaseNote.sh
@ -1 +0,0 @@
-git log --pretty=format:"* %s by @%an" v1.14.x..v1.14.y | sort -f | uniq > release.md
--- a/.github/rename-cgo.sh
+++ b/.github/rename-cgo.sh
@ -15,15 +15,6 @@ do
    elif [[ $FILENAME =~ "windows-4.0-amd64" ]];then
        echo "rename windows amd64 $FILENAME"
        mv $FILENAME clash.meta-windows-amd64-cgo.exe
-    elif [[ $FILENAME =~ "clash.meta-linux-arm-5" ]];then
-        echo "rename clash.meta-linux-arm-5 $FILENAME"
-        mv $FILENAME clash.meta-linux-armv5-cgo
-    elif [[ $FILENAME =~ "clash.meta-linux-arm-6" ]];then
-        echo "rename clash.meta-linux-arm-6 $FILENAME"
-        mv $FILENAME clash.meta-linux-armv6-cgo
-    elif [[ $FILENAME =~ "clash.meta-linux-arm-7" ]];then
-        echo "rename clash.meta-linux-arm-7 $FILENAME"
-        mv $FILENAME clash.meta-linux-armv7-cgo
    elif [[ $FILENAME =~ "linux" ]];then
        echo "rename linux $FILENAME"
        mv $FILENAME $FILENAME-cgo
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -5,14 +5,17 @@ on:
    paths-ignore:
      - "docs/**"
      - "README.md"
-      - ".github/ISSUE_TEMPLATE/**"
    branches:
      - Alpha
+      - Beta
+      - Meta
    tags:
      - "v*"
  pull_request_target:
    branches:
      - Alpha
+      - Beta
+      - Meta
      
 concurrency:
  group: ${{ github.ref }}-${{ github.workflow }}
--- a/.github/workflows/delete.yml
+++ b/.github/workflows/delete.yml
@ -1,15 +0,0 @@
-name: Delete old workflow runs
-on:
-  schedule:
-    - cron: "0 0 * * SUN"
-
-jobs:
-  del_runs:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Delete workflow runs
-        uses: GitRML/delete-workflow-runs@main
-        with:
-          token: ${{ secrets.AUTH_PAT }}
-          repository: ${{ github.repository }}
-          retain_days: 30
--- a/README.md
+++ b/README.md
@ -30,7 +30,8 @@
 - Comprehensive HTTP RESTful API controller

 ## Wiki
-Configuration examples can be found at [/docs/config.yaml](https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/docs/config.yaml), while documentation can be found [Clash.Meta Wiki](https://clash-meta.wiki).
+
+Documentation and configuring examples are available on [wiki](https://github.com/MetaCubeX/Clash.Meta/wiki) and [Clash.Meta Wiki](https://docs.metacubex.one/).

 ## Build

--- a/adapter/adapter.go
+++ b/adapter/adapter.go
@ -4,16 +4,16 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"github.com/Dreamacro/clash/common/queue"
+	"github.com/Dreamacro/clash/component/dialer"
+	C "github.com/Dreamacro/clash/constant"
 	"net"
 	"net/http"
 	"net/netip"
 	"net/url"
 	"time"

-	"github.com/Dreamacro/clash/common/atomic"
-	"github.com/Dreamacro/clash/common/queue"
-	"github.com/Dreamacro/clash/component/dialer"
-	C "github.com/Dreamacro/clash/constant"
+	"go.uber.org/atomic"
 )

 var UnifiedDelay = atomic.NewBool(false)
--- a/adapter/inbound/socket.go
+++ b/adapter/inbound/socket.go
@ -42,8 +42,6 @@ func NewInner(conn net.Conn, dst string, host string) *context.ConnContext {
 		if host == "" {
 			if ip, err := netip.ParseAddr(h); err == nil {
 				metadata.DstIP = ip
-			} else {
-				metadata.Host = h
 			}
 		}
 	}
--- a/adapter/outbound/base.go
+++ b/adapter/outbound/base.go
@ -3,9 +3,9 @@ package outbound
 import (
 	"context"
 	"encoding/json"
+	"errors"
 	"net"
 	"strings"
-	"syscall"

 	N "github.com/Dreamacro/clash/common/net"
 	"github.com/Dreamacro/clash/common/utils"
@ -34,7 +34,12 @@ func (b *Base) Name() string {
 // Id implements C.ProxyAdapter
 func (b *Base) Id() string {
 	if b.id == "" {
-		b.id = utils.NewUUIDV6().String()
+		id, err := utils.UnsafeUUIDGenerator.NewV6()
+		if err != nil {
+			b.id = b.name
+		} else {
+			b.id = id.String()
+		}
 	}

 	return b.id
@ -47,31 +52,31 @@ func (b *Base) Type() C.AdapterType {

 // StreamConn implements C.ProxyAdapter
 func (b *Base) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
-	return c, C.ErrNotSupport
+	return c, errors.New("no support")
 }

 func (b *Base) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (C.Conn, error) {
-	return nil, C.ErrNotSupport
+	return nil, errors.New("no support")
 }

 // DialContextWithDialer implements C.ProxyAdapter
 func (b *Base) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
-	return nil, C.ErrNotSupport
+	return nil, errors.New("no support")
 }

 // ListenPacketContext implements C.ProxyAdapter
 func (b *Base) ListenPacketContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (C.PacketConn, error) {
-	return nil, C.ErrNotSupport
+	return nil, errors.New("no support")
 }

 // ListenPacketWithDialer implements C.ProxyAdapter
 func (b *Base) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.PacketConn, err error) {
-	return nil, C.ErrNotSupport
+	return nil, errors.New("no support")
 }

 // SupportWithDialer implements C.ProxyAdapter
-func (b *Base) SupportWithDialer() C.NetWork {
-	return C.InvalidNet
+func (b *Base) SupportWithDialer() bool {
+	return false
 }

 // SupportUOT implements C.ProxyAdapter
@ -94,11 +99,6 @@ func (b *Base) SupportTFO() bool {
 	return b.tfo
 }

-// IsL3Protocol implements C.ProxyAdapter
-func (b *Base) IsL3Protocol(metadata *C.Metadata) bool {
-	return false
-}
-
 // MarshalJSON implements C.ProxyAdapter
 func (b *Base) MarshalJSON() ([]byte, error) {
 	return json.Marshal(map[string]string{
@ -151,7 +151,6 @@ type BasicOption struct {
 	Interface   string `proxy:"interface-name,omitempty" group:"interface-name,omitempty"`
 	RoutingMark int    `proxy:"routing-mark,omitempty" group:"routing-mark,omitempty"`
 	IPVersion   string `proxy:"ip-version,omitempty" group:"ip-version,omitempty"`
-	DialerProxy string `proxy:"dialer-proxy,omitempty"` // don't apply this option into groups, but can set a group name in a proxy
 }

 type BaseOption struct {
@ -204,26 +203,13 @@ func (c *conn) Upstream() any {
 	return c.ExtendedConn
 }

-func (c *conn) WriterReplaceable() bool {
-	return true
-}
-
-func (c *conn) ReaderReplaceable() bool {
-	return true
-}
-
 func NewConn(c net.Conn, a C.ProxyAdapter) C.Conn {
-	if _, ok := c.(syscall.Conn); !ok { // exclusion system conn like *net.TCPConn
-		c = N.NewDeadlineConn(c) // most conn from outbound can't handle readDeadline correctly
-	}
 	return &conn{N.NewExtendedConn(c), []string{a.Name()}, parseRemoteDestination(a.Addr())}
 }

 type packetConn struct {
 	net.PacketConn
 	chain                   C.Chain
-	adapterName             string
-	connID                  string
 	actualRemoteDestination string
 }

@ -241,16 +227,8 @@ func (c *packetConn) AppendToChains(a C.ProxyAdapter) {
 	c.chain = append(c.chain, a.Name())
 }

-func (c *packetConn) LocalAddr() net.Addr {
-	lAddr := c.PacketConn.LocalAddr()
-	return N.NewCustomAddr(c.adapterName, c.connID, lAddr) // make quic-go's connMultiplexer happy
-}
-
 func newPacketConn(pc net.PacketConn, a C.ProxyAdapter) C.PacketConn {
-	if _, ok := pc.(syscall.Conn); !ok { // exclusion system conn like *net.UDPConn
-		pc = N.NewDeadlinePacketConn(pc) // most conn from outbound can't handle readDeadline correctly
-	}
-	return &packetConn{pc, []string{a.Name()}, a.Name(), utils.NewUUIDV4().String(), parseRemoteDestination(a.Addr())}
+	return &packetConn{pc, []string{a.Name()}, parseRemoteDestination(a.Addr())}
 }

 func parseRemoteDestination(addr string) string {
--- a/adapter/outbound/direct.go
+++ b/adapter/outbound/direct.go
@ -2,7 +2,6 @@ package outbound

 import (
 	"context"
-	"errors"
 	"net"

 	"github.com/Dreamacro/clash/component/dialer"
@ -27,14 +26,7 @@ func (d *Direct) DialContext(ctx context.Context, metadata *C.Metadata, opts ...

 // ListenPacketContext implements C.ProxyAdapter
 func (d *Direct) ListenPacketContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (C.PacketConn, error) {
-	// net.UDPConn.WriteTo only working with *net.UDPAddr, so we need a net.UDPAddr
-	if !metadata.Resolved() {
-		ip, err := resolver.ResolveIPWithResolver(ctx, metadata.Host, resolver.DefaultResolver)
-		if err != nil {
-			return nil, errors.New("can't resolve ip")
-		}
-		metadata.DstIP = ip
-	}
+	opts = append(opts, dialer.WithResolver(resolver.DefaultResolver))
 	pc, err := dialer.ListenPacket(ctx, dialer.ParseNetwork("udp", metadata.DstIP), "", d.Base.DialOptions(opts...)...)
 	if err != nil {
 		return nil, err
--- a/adapter/outbound/http.go
+++ b/adapter/outbound/http.go
@ -14,7 +14,6 @@ import (
 	"strconv"

 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
 	tlsC "github.com/Dreamacro/clash/component/tls"
 	C "github.com/Dreamacro/clash/constant"
 )
@ -67,12 +66,6 @@ func (h *Http) DialContext(ctx context.Context, metadata *C.Metadata, opts ...di

 // DialContextWithDialer implements C.ProxyAdapter
 func (h *Http) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
-	if len(h.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(h.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	c, err := dialer.DialContext(ctx, "tcp", h.addr)
 	if err != nil {
 		return nil, fmt.Errorf("%s connect error: %w", h.addr, err)
@ -92,8 +85,8 @@ func (h *Http) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metad
 }

 // SupportWithDialer implements C.ProxyAdapter
-func (h *Http) SupportWithDialer() C.NetWork {
-	return C.TCP
+func (h *Http) SupportWithDialer() bool {
+	return true
 }

 func (h *Http) shakeHand(metadata *C.Metadata, rw io.ReadWriter) error {
--- a/adapter/outbound/hysteria.go
+++ b/adapter/outbound/hysteria.go
@ -20,7 +20,6 @@ import (
 	M "github.com/sagernet/sing/common/metadata"

 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
 	tlsC "github.com/Dreamacro/clash/component/tls"
 	C "github.com/Dreamacro/clash/constant"
 	"github.com/Dreamacro/clash/log"
@ -29,7 +28,6 @@ import (
 	"github.com/Dreamacro/clash/transport/hysteria/obfs"
 	"github.com/Dreamacro/clash/transport/hysteria/pmtud_fix"
 	"github.com/Dreamacro/clash/transport/hysteria/transport"
-	"github.com/Dreamacro/clash/transport/hysteria/utils"
 )

 const (
@ -48,12 +46,21 @@ var rateStringRegexp = regexp.MustCompile(`^(\d+)\s*([KMGT]?)([Bb])ps$`)
 type Hysteria struct {
 	*Base

-	option *HysteriaOption
 	client *core.Client
 }

 func (h *Hysteria) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (C.Conn, error) {
-	tcpConn, err := h.client.DialTCP(metadata.RemoteAddress(), h.genHdc(ctx, opts...))
+	hdc := hyDialerWithContext{
+		ctx: context.Background(),
+		hyDialer: func(network string) (net.PacketConn, error) {
+			return dialer.ListenPacket(ctx, network, "", h.Base.DialOptions(opts...)...)
+		},
+		remoteAddr: func(addr string) (net.Addr, error) {
+			return resolveUDPAddrWithPrefer(ctx, "udp", addr, h.prefer)
+		},
+	}
+
+	tcpConn, err := h.client.DialTCP(metadata.RemoteAddress(), &hdc)
 	if err != nil {
 		return nil, err
 	}
@ -62,32 +69,20 @@ func (h *Hysteria) DialContext(ctx context.Context, metadata *C.Metadata, opts .
 }

 func (h *Hysteria) ListenPacketContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (C.PacketConn, error) {
-	udpConn, err := h.client.DialUDP(h.genHdc(ctx, opts...))
-	if err != nil {
-		return nil, err
-	}
-	return newPacketConn(&hyPacketConn{udpConn}, h), nil
-}
-
-func (h *Hysteria) genHdc(ctx context.Context, opts ...dialer.Option) utils.PacketDialer {
-	return &hyDialerWithContext{
+	hdc := hyDialerWithContext{
 		ctx: context.Background(),
 		hyDialer: func(network string) (net.PacketConn, error) {
-			var err error
-			var cDialer C.Dialer = dialer.NewDialer(h.Base.DialOptions(opts...)...)
-			if len(h.option.DialerProxy) > 0 {
-				cDialer, err = proxydialer.NewByName(h.option.DialerProxy, cDialer)
-				if err != nil {
-					return nil, err
-				}
-			}
-			rAddrPort, _ := netip.ParseAddrPort(h.Addr())
-			return cDialer.ListenPacket(ctx, network, "", rAddrPort)
+			return dialer.ListenPacket(ctx, network, "", h.Base.DialOptions(opts...)...)
 		},
 		remoteAddr: func(addr string) (net.Addr, error) {
 			return resolveUDPAddrWithPrefer(ctx, "udp", addr, h.prefer)
 		},
 	}
+	udpConn, err := h.client.DialUDP(&hdc)
+	if err != nil {
+		return nil, err
+	}
+	return newPacketConn(&hyPacketConn{udpConn}, h), nil
 }

 type HysteriaOption struct {
@ -263,7 +258,6 @@ func NewHysteria(option HysteriaOption) (*Hysteria, error) {
 			rmark:  option.RoutingMark,
 			prefer: C.NewDNSPrefer(option.IPVersion),
 		},
-		option: &option,
 		client: client,
 	}, nil
 }
--- a/adapter/outbound/shadowsocks.go
+++ b/adapter/outbound/shadowsocks.go
@ -11,16 +11,12 @@ import (
 	N "github.com/Dreamacro/clash/common/net"
 	"github.com/Dreamacro/clash/common/structure"
 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
-	"github.com/Dreamacro/clash/component/resolver"
 	C "github.com/Dreamacro/clash/constant"
-	"github.com/Dreamacro/clash/transport/restls"
 	obfs "github.com/Dreamacro/clash/transport/simple-obfs"
 	shadowtls "github.com/Dreamacro/clash/transport/sing-shadowtls"
 	"github.com/Dreamacro/clash/transport/socks5"
 	v2rayObfs "github.com/Dreamacro/clash/transport/v2ray-plugin"

-	restlsC "github.com/3andne/restls-client-go"
 	shadowsocks "github.com/metacubex/sing-shadowsocks"
 	"github.com/metacubex/sing-shadowsocks/shadowimpl"
 	"github.com/sagernet/sing/common/bufio"
@ -38,22 +34,19 @@ type ShadowSocks struct {
 	obfsOption      *simpleObfsOption
 	v2rayOption     *v2rayObfs.Option
 	shadowTLSOption *shadowtls.ShadowTLSOption
-	restlsConfig    *restlsC.Config
 }

 type ShadowSocksOption struct {
 	BasicOption
-	Name              string         `proxy:"name"`
-	Server            string         `proxy:"server"`
-	Port              int            `proxy:"port"`
-	Password          string         `proxy:"password"`
-	Cipher            string         `proxy:"cipher"`
-	UDP               bool           `proxy:"udp,omitempty"`
-	Plugin            string         `proxy:"plugin,omitempty"`
-	PluginOpts        map[string]any `proxy:"plugin-opts,omitempty"`
-	UDPOverTCP        bool           `proxy:"udp-over-tcp,omitempty"`
-	UDPOverTCPVersion int            `proxy:"udp-over-tcp-version,omitempty"`
-	ClientFingerprint string         `proxy:"client-fingerprint,omitempty"`
+	Name       string         `proxy:"name"`
+	Server     string         `proxy:"server"`
+	Port       int            `proxy:"port"`
+	Password   string         `proxy:"password"`
+	Cipher     string         `proxy:"cipher"`
+	UDP        bool           `proxy:"udp,omitempty"`
+	Plugin     string         `proxy:"plugin,omitempty"`
+	PluginOpts map[string]any `proxy:"plugin-opts,omitempty"`
+	UDPOverTCP bool           `proxy:"udp-over-tcp,omitempty"`
 }

 type simpleObfsOption struct {
@ -73,30 +66,31 @@ type v2rayObfsOption struct {
 }

 type shadowTLSOption struct {
-	Password       string `obfs:"password"`
-	Host           string `obfs:"host"`
-	Fingerprint    string `obfs:"fingerprint,omitempty"`
-	SkipCertVerify bool   `obfs:"skip-cert-verify,omitempty"`
-	Version        int    `obfs:"version,omitempty"`
-}
-
-type restlsOption struct {
-	Password     string `obfs:"password"`
-	Host         string `obfs:"host"`
-	VersionHint  string `obfs:"version-hint"`
-	RestlsScript string `obfs:"restls-script,omitempty"`
+	Password          string `obfs:"password"`
+	Host              string `obfs:"host"`
+	Fingerprint       string `obfs:"fingerprint,omitempty"`
+	ClientFingerprint string `obfs:"client-fingerprint,omitempty"`
+	SkipCertVerify    bool   `obfs:"skip-cert-verify,omitempty"`
+	Version           int    `obfs:"version,omitempty"`
 }

 // StreamConn implements C.ProxyAdapter
 func (ss *ShadowSocks) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
-	// fix tls handshake not timeout
-	ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout)
-	defer cancel()
-	return ss.StreamConnContext(ctx, c, metadata)
+	switch ss.obfsMode {
+	case shadowtls.Mode:
+		// fix tls handshake not timeout
+		ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout)
+		defer cancel()
+		var err error
+		c, err = shadowtls.NewShadowTLS(ctx, c, ss.shadowTLSOption)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return ss.streamConn(c, metadata)
 }

-func (ss *ShadowSocks) StreamConnContext(ctx context.Context, c net.Conn, metadata *C.Metadata) (net.Conn, error) {
-	useEarly := false
+func (ss *ShadowSocks) streamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
 	switch ss.obfsMode {
 	case "tls":
 		c = obfs.NewTLSObfs(c, ss.obfsOption.Host)
@ -109,31 +103,15 @@ func (ss *ShadowSocks) StreamConnContext(ctx context.Context, c net.Conn, metada
 		if err != nil {
 			return nil, fmt.Errorf("%s connect error: %w", ss.addr, err)
 		}
-	case shadowtls.Mode:
-		var err error
-		c, err = shadowtls.NewShadowTLS(ctx, c, ss.shadowTLSOption)
-		if err != nil {
-			return nil, err
-		}
-		useEarly = true
-	case restls.Mode:
-		var err error
-		c, err = restls.NewRestls(ctx, c, ss.restlsConfig)
-		if err != nil {
-			return nil, fmt.Errorf("%s (restls) connect error: %w", ss.addr, err)
-		}
-		useEarly = true
 	}
-	useEarly = useEarly || N.NeedHandshake(c)
 	if metadata.NetWork == C.UDP && ss.option.UDPOverTCP {
-		uotDestination := uot.RequestDestination(uint8(ss.option.UDPOverTCPVersion))
-		if useEarly {
-			return ss.method.DialEarlyConn(c, uotDestination), nil
+		if N.NeedHandshake(c) {
+			return ss.method.DialEarlyConn(c, M.ParseSocksaddr(uot.UOTMagicAddress+":443")), nil
 		} else {
-			return ss.method.DialConn(c, uotDestination)
+			return ss.method.DialConn(c, M.ParseSocksaddr(uot.UOTMagicAddress+":443"))
 		}
 	}
-	if useEarly {
+	if N.NeedHandshake(c) {
 		return ss.method.DialEarlyConn(c, M.ParseSocksaddr(metadata.RemoteAddress())), nil
 	} else {
 		return ss.method.DialConn(c, M.ParseSocksaddr(metadata.RemoteAddress()))
@ -147,12 +125,6 @@ func (ss *ShadowSocks) DialContext(ctx context.Context, metadata *C.Metadata, op

 // DialContextWithDialer implements C.ProxyAdapter
 func (ss *ShadowSocks) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
-	if len(ss.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(ss.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	c, err := dialer.DialContext(ctx, "tcp", ss.addr)
 	if err != nil {
 		return nil, fmt.Errorf("%s connect error: %w", ss.addr, err)
@ -163,7 +135,15 @@ func (ss *ShadowSocks) DialContextWithDialer(ctx context.Context, dialer C.Diale
 		safeConnClose(c, err)
 	}(c)

-	c, err = ss.StreamConnContext(ctx, c, metadata)
+	switch ss.obfsMode {
+	case shadowtls.Mode:
+		c, err = shadowtls.NewShadowTLS(ctx, c, ss.shadowTLSOption)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	c, err = ss.streamConn(c, metadata)
 	return NewConn(c, ss), err
 }

@ -174,18 +154,12 @@ func (ss *ShadowSocks) ListenPacketContext(ctx context.Context, metadata *C.Meta

 // ListenPacketWithDialer implements C.ProxyAdapter
 func (ss *ShadowSocks) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.PacketConn, err error) {
-	if len(ss.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(ss.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	if ss.option.UDPOverTCP {
 		tcpConn, err := ss.DialContextWithDialer(ctx, dialer, metadata)
 		if err != nil {
 			return nil, err
 		}
-		return ss.ListenPacketOnStreamConn(ctx, tcpConn, metadata)
+		return newPacketConn(uot.NewClientConn(tcpConn), ss), nil
 	}
 	addr, err := resolveUDPAddrWithPrefer(ctx, "udp", ss.addr, ss.prefer)
 	if err != nil {
@ -196,35 +170,21 @@ func (ss *ShadowSocks) ListenPacketWithDialer(ctx context.Context, dialer C.Dial
 	if err != nil {
 		return nil, err
 	}
-	pc = ss.method.DialPacketConn(bufio.NewBindPacketConn(pc, addr))
+	pc = ss.method.DialPacketConn(&bufio.BindPacketConn{PacketConn: pc, Addr: addr})
 	return newPacketConn(pc, ss), nil
 }

 // SupportWithDialer implements C.ProxyAdapter
-func (ss *ShadowSocks) SupportWithDialer() C.NetWork {
-	return C.ALLNet
+func (ss *ShadowSocks) SupportWithDialer() bool {
+	return true
 }

 // ListenPacketOnStreamConn implements C.ProxyAdapter
-func (ss *ShadowSocks) ListenPacketOnStreamConn(ctx context.Context, c net.Conn, metadata *C.Metadata) (_ C.PacketConn, err error) {
+func (ss *ShadowSocks) ListenPacketOnStreamConn(c net.Conn, metadata *C.Metadata) (_ C.PacketConn, err error) {
 	if ss.option.UDPOverTCP {
-		// ss uot use stream-oriented udp with a special address, so we need a net.UDPAddr
-		if !metadata.Resolved() {
-			ip, err := resolver.ResolveIP(ctx, metadata.Host)
-			if err != nil {
-				return nil, errors.New("can't resolve ip")
-			}
-			metadata.DstIP = ip
-		}
-
-		destination := M.SocksaddrFromNet(metadata.UDPAddr())
-		if ss.option.UDPOverTCPVersion == uot.LegacyVersion {
-			return newPacketConn(uot.NewConn(c, uot.Request{Destination: destination}), ss), nil
-		} else {
-			return newPacketConn(uot.NewLazyConn(c, uot.Request{Destination: destination}), ss), nil
-		}
+		return newPacketConn(uot.NewClientConn(c), ss), nil
 	}
-	return nil, C.ErrNotSupport
+	return nil, errors.New("no support")
 }

 // SupportUOT implements C.ProxyAdapter
@ -242,7 +202,6 @@ func NewShadowSocks(option ShadowSocksOption) (*ShadowSocks, error) {
 	var v2rayOption *v2rayObfs.Option
 	var obfsOption *simpleObfsOption
 	var shadowTLSOpt *shadowtls.ShadowTLSOption
-	var restlsConfig *restlsC.Config
 	obfsMode := ""

 	decoder := structure.NewDecoder(structure.Option{TagName: "obfs", WeaklyTypedInput: true})
@ -291,30 +250,10 @@ func NewShadowSocks(option ShadowSocksOption) (*ShadowSocks, error) {
 			Password:          opt.Password,
 			Host:              opt.Host,
 			Fingerprint:       opt.Fingerprint,
-			ClientFingerprint: option.ClientFingerprint,
+			ClientFingerprint: opt.ClientFingerprint,
 			SkipCertVerify:    opt.SkipCertVerify,
 			Version:           opt.Version,
 		}
-	} else if option.Plugin == restls.Mode {
-		obfsMode = restls.Mode
-		restlsOpt := &restlsOption{}
-		if err := decoder.Decode(option.PluginOpts, restlsOpt); err != nil {
-			return nil, fmt.Errorf("ss %s initialize restls-plugin error: %w", addr, err)
-		}
-
-		restlsConfig, err = restlsC.NewRestlsConfig(restlsOpt.Host, restlsOpt.Password, restlsOpt.VersionHint, restlsOpt.RestlsScript, option.ClientFingerprint)
-		restlsConfig.SessionTicketsDisabled = true
-		if err != nil {
-			return nil, fmt.Errorf("ss %s initialize restls-plugin error: %w", addr, err)
-		}
-
-	}
-	switch option.UDPOverTCPVersion {
-	case uot.Version, uot.LegacyVersion:
-	case 0:
-		option.UDPOverTCPVersion = uot.Version
-	default:
-		return nil, fmt.Errorf("ss %s unknown udp over tcp protocol version: %d", addr, option.UDPOverTCPVersion)
 	}

 	return &ShadowSocks{
@ -335,7 +274,6 @@ func NewShadowSocks(option ShadowSocksOption) (*ShadowSocks, error) {
 		v2rayOption:     v2rayOption,
 		obfsOption:      obfsOption,
 		shadowTLSOption: shadowTLSOpt,
-		restlsConfig:    restlsConfig,
 	}, nil
 }

--- a/adapter/outbound/shadowsocksr.go
+++ b/adapter/outbound/shadowsocksr.go
@ -7,7 +7,6 @@ import (
 	"strconv"

 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
 	C "github.com/Dreamacro/clash/constant"
 	"github.com/Dreamacro/clash/transport/shadowsocks/core"
 	"github.com/Dreamacro/clash/transport/shadowsocks/shadowaead"
@ -18,7 +17,6 @@ import (

 type ShadowSocksR struct {
 	*Base
-	option   *ShadowSocksROption
 	cipher   core.Cipher
 	obfs     obfs.Obfs
 	protocol protocol.Protocol
@ -67,12 +65,6 @@ func (ssr *ShadowSocksR) DialContext(ctx context.Context, metadata *C.Metadata,

 // DialContextWithDialer implements C.ProxyAdapter
 func (ssr *ShadowSocksR) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
-	if len(ssr.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(ssr.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	c, err := dialer.DialContext(ctx, "tcp", ssr.addr)
 	if err != nil {
 		return nil, fmt.Errorf("%s connect error: %w", ssr.addr, err)
@ -94,12 +86,6 @@ func (ssr *ShadowSocksR) ListenPacketContext(ctx context.Context, metadata *C.Me

 // ListenPacketWithDialer implements C.ProxyAdapter
 func (ssr *ShadowSocksR) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.PacketConn, err error) {
-	if len(ssr.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(ssr.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	addr, err := resolveUDPAddrWithPrefer(ctx, "udp", ssr.addr, ssr.prefer)
 	if err != nil {
 		return nil, err
@ -116,8 +102,8 @@ func (ssr *ShadowSocksR) ListenPacketWithDialer(ctx context.Context, dialer C.Di
 }

 // SupportWithDialer implements C.ProxyAdapter
-func (ssr *ShadowSocksR) SupportWithDialer() C.NetWork {
-	return C.ALLNet
+func (ssr *ShadowSocksR) SupportWithDialer() bool {
+	return true
 }

 func NewShadowSocksR(option ShadowSocksROption) (*ShadowSocksR, error) {
@ -182,7 +168,6 @@ func NewShadowSocksR(option ShadowSocksROption) (*ShadowSocksR, error) {
 			rmark:  option.RoutingMark,
 			prefer: C.NewDNSPrefer(option.IPVersion),
 		},
-		option:   &option,
 		cipher:   coreCiph,
 		obfs:     obfs,
 		protocol: protocol,
--- a/adapter/outbound/singmux.go
+++ b/adapter/outbound/singmux.go
@ -1,138 +0,0 @@
-package outbound
-
-import (
-	"context"
-	"errors"
-	"net"
-	"runtime"
-
-	CN "github.com/Dreamacro/clash/common/net"
-	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
-	"github.com/Dreamacro/clash/component/resolver"
-	C "github.com/Dreamacro/clash/constant"
-
-	mux "github.com/sagernet/sing-mux"
-	E "github.com/sagernet/sing/common/exceptions"
-	M "github.com/sagernet/sing/common/metadata"
-	N "github.com/sagernet/sing/common/network"
-)
-
-type SingMux struct {
-	C.ProxyAdapter
-	base    ProxyBase
-	client  *mux.Client
-	dialer  *muxSingDialer
-	onlyTcp bool
-}
-
-type SingMuxOption struct {
-	Enabled        bool   `proxy:"enabled,omitempty"`
-	Protocol       string `proxy:"protocol,omitempty"`
-	MaxConnections int    `proxy:"max-connections,omitempty"`
-	MinStreams     int    `proxy:"min-streams,omitempty"`
-	MaxStreams     int    `proxy:"max-streams,omitempty"`
-	Padding        bool   `proxy:"padding,omitempty"`
-	Statistic      bool   `proxy:"statistic,omitempty"`
-	OnlyTcp        bool   `proxy:"only-tcp,omitempty"`
-}
-
-type ProxyBase interface {
-	DialOptions(opts ...dialer.Option) []dialer.Option
-}
-
-type muxSingDialer struct {
-	dialer    dialer.Dialer
-	proxy     C.ProxyAdapter
-	statistic bool
-}
-
-var _ N.Dialer = (*muxSingDialer)(nil)
-
-func (d *muxSingDialer) DialContext(ctx context.Context, network string, destination M.Socksaddr) (net.Conn, error) {
-	var cDialer C.Dialer = proxydialer.New(d.proxy, d.dialer, d.statistic)
-	return cDialer.DialContext(ctx, network, destination.String())
-}
-
-func (d *muxSingDialer) ListenPacket(ctx context.Context, destination M.Socksaddr) (net.PacketConn, error) {
-	var cDialer C.Dialer = proxydialer.New(d.proxy, d.dialer, d.statistic)
-	return cDialer.ListenPacket(ctx, "udp", "", destination.AddrPort())
-}
-
-func (s *SingMux) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.Conn, err error) {
-	options := s.base.DialOptions(opts...)
-	s.dialer.dialer = dialer.NewDialer(options...)
-	c, err := s.client.DialContext(ctx, "tcp", M.ParseSocksaddr(metadata.RemoteAddress()))
-	if err != nil {
-		return nil, err
-	}
-	return NewConn(CN.NewRefConn(c, s), s.ProxyAdapter), err
-}
-
-func (s *SingMux) ListenPacketContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.PacketConn, err error) {
-	if s.onlyTcp {
-		return s.ProxyAdapter.ListenPacketContext(ctx, metadata, opts...)
-	}
-	options := s.base.DialOptions(opts...)
-	s.dialer.dialer = dialer.NewDialer(options...)
-
-	// sing-mux use stream-oriented udp with a special address, so we need a net.UDPAddr
-	if !metadata.Resolved() {
-		ip, err := resolver.ResolveIP(ctx, metadata.Host)
-		if err != nil {
-			return nil, errors.New("can't resolve ip")
-		}
-		metadata.DstIP = ip
-	}
-
-	pc, err := s.client.ListenPacket(ctx, M.SocksaddrFromNet(metadata.UDPAddr()))
-	if err != nil {
-		return nil, err
-	}
-	if pc == nil {
-		return nil, E.New("packetConn is nil")
-	}
-	return newPacketConn(CN.NewRefPacketConn(pc, s), s.ProxyAdapter), nil
-}
-
-func (s *SingMux) SupportUDP() bool {
-	if s.onlyTcp {
-		return s.ProxyAdapter.SupportUOT()
-	}
-	return true
-}
-
-func (s *SingMux) SupportUOT() bool {
-	if s.onlyTcp {
-		return s.ProxyAdapter.SupportUOT()
-	}
-	return true
-}
-
-func closeSingMux(s *SingMux) {
-	_ = s.client.Close()
-}
-
-func NewSingMux(option SingMuxOption, proxy C.ProxyAdapter, base ProxyBase) (C.ProxyAdapter, error) {
-	singDialer := &muxSingDialer{dialer: dialer.NewDialer(), proxy: proxy, statistic: option.Statistic}
-	client, err := mux.NewClient(mux.Options{
-		Dialer:         singDialer,
-		Protocol:       option.Protocol,
-		MaxConnections: option.MaxConnections,
-		MinStreams:     option.MinStreams,
-		MaxStreams:     option.MaxStreams,
-		Padding:        option.Padding,
-	})
-	if err != nil {
-		return nil, err
-	}
-	outbound := &SingMux{
-		ProxyAdapter: proxy,
-		base:         base,
-		client:       client,
-		dialer:       singDialer,
-		onlyTcp:      option.OnlyTcp,
-	}
-	runtime.SetFinalizer(outbound, closeSingMux)
-	return outbound, nil
-}
--- a/adapter/outbound/snell.go
+++ b/adapter/outbound/snell.go
@ -8,7 +8,6 @@ import (

 	"github.com/Dreamacro/clash/common/structure"
 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
 	C "github.com/Dreamacro/clash/constant"
 	obfs "github.com/Dreamacro/clash/transport/simple-obfs"
 	"github.com/Dreamacro/clash/transport/snell"
@ -16,7 +15,6 @@ import (

 type Snell struct {
 	*Base
-	option     *SnellOption
 	psk        []byte
 	pool       *snell.Pool
 	obfsOption *simpleObfsOption
@ -85,12 +83,6 @@ func (s *Snell) DialContext(ctx context.Context, metadata *C.Metadata, opts ...d

 // DialContextWithDialer implements C.ProxyAdapter
 func (s *Snell) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
-	if len(s.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(s.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	c, err := dialer.DialContext(ctx, "tcp", s.addr)
 	if err != nil {
 		return nil, fmt.Errorf("%s connect error: %w", s.addr, err)
@ -112,13 +104,6 @@ func (s *Snell) ListenPacketContext(ctx context.Context, metadata *C.Metadata, o

 // ListenPacketWithDialer implements C.ProxyAdapter
 func (s *Snell) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (C.PacketConn, error) {
-	var err error
-	if len(s.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(s.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	c, err := dialer.DialContext(ctx, "tcp", s.addr)
 	if err != nil {
 		return nil, err
@ -136,8 +121,8 @@ func (s *Snell) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, met
 }

 // SupportWithDialer implements C.ProxyAdapter
-func (s *Snell) SupportWithDialer() C.NetWork {
-	return C.ALLNet
+func (s *Snell) SupportWithDialer() bool {
+	return true
 }

 // SupportUOT implements C.ProxyAdapter
@ -187,7 +172,6 @@ func NewSnell(option SnellOption) (*Snell, error) {
 			rmark:  option.RoutingMark,
 			prefer: C.NewDNSPrefer(option.IPVersion),
 		},
-		option:     &option,
 		psk:        psk,
 		obfsOption: obfsOption,
 		version:    option.Version,
@ -195,15 +179,7 @@ func NewSnell(option SnellOption) (*Snell, error) {

 	if option.Version == snell.Version2 {
 		s.pool = snell.NewPool(func(ctx context.Context) (*snell.Snell, error) {
-			var err error
-			var cDialer C.Dialer = dialer.NewDialer(s.Base.DialOptions()...)
-			if len(s.option.DialerProxy) > 0 {
-				cDialer, err = proxydialer.NewByName(s.option.DialerProxy, cDialer)
-				if err != nil {
-					return nil, err
-				}
-			}
-			c, err := cDialer.DialContext(ctx, "tcp", addr)
+			c, err := dialer.DialContext(ctx, "tcp", addr, s.Base.DialOptions()...)
 			if err != nil {
 				return nil, err
 			}
--- a/adapter/outbound/socks5.go
+++ b/adapter/outbound/socks5.go
@ -10,7 +10,6 @@ import (
 	"strconv"

 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
 	tlsC "github.com/Dreamacro/clash/component/tls"
 	C "github.com/Dreamacro/clash/constant"
 	"github.com/Dreamacro/clash/transport/socks5"
@ -18,7 +17,6 @@ import (

 type Socks5 struct {
 	*Base
-	option         *Socks5Option
 	user           string
 	pass           string
 	tls            bool
@ -72,12 +70,6 @@ func (ss *Socks5) DialContext(ctx context.Context, metadata *C.Metadata, opts ..

 // DialContextWithDialer implements C.ProxyAdapter
 func (ss *Socks5) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
-	if len(ss.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(ss.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	c, err := dialer.DialContext(ctx, "tcp", ss.addr)
 	if err != nil {
 		return nil, fmt.Errorf("%s connect error: %w", ss.addr, err)
@ -97,20 +89,13 @@ func (ss *Socks5) DialContextWithDialer(ctx context.Context, dialer C.Dialer, me
 }

 // SupportWithDialer implements C.ProxyAdapter
-func (ss *Socks5) SupportWithDialer() C.NetWork {
-	return C.TCP
+func (ss *Socks5) SupportWithDialer() bool {
+	return true
 }

 // ListenPacketContext implements C.ProxyAdapter
 func (ss *Socks5) ListenPacketContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.PacketConn, err error) {
-	var cDialer C.Dialer = dialer.NewDialer(ss.Base.DialOptions(opts...)...)
-	if len(ss.option.DialerProxy) > 0 {
-		cDialer, err = proxydialer.NewByName(ss.option.DialerProxy, cDialer)
-		if err != nil {
-			return nil, err
-		}
-	}
-	c, err := cDialer.DialContext(ctx, "tcp", ss.addr)
+	c, err := dialer.DialContext(ctx, "tcp", ss.addr, ss.Base.DialOptions(opts...)...)
 	if err != nil {
 		err = fmt.Errorf("%s connect error: %w", ss.addr, err)
 		return
@ -202,7 +187,6 @@ func NewSocks5(option Socks5Option) (*Socks5, error) {
 			rmark:  option.RoutingMark,
 			prefer: C.NewDNSPrefer(option.IPVersion),
 		},
-		option:         &option,
 		user:           option.UserName,
 		pass:           option.Password,
 		tls:            option.TLS,
--- a/adapter/outbound/trojan.go
+++ b/adapter/outbound/trojan.go
@ -8,8 +8,8 @@ import (
 	"net/http"
 	"strconv"

+	N "github.com/Dreamacro/clash/common/net"
 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
 	tlsC "github.com/Dreamacro/clash/component/tls"
 	C "github.com/Dreamacro/clash/constant"
 	"github.com/Dreamacro/clash/transport/gun"
@ -105,7 +105,7 @@ func (t *Trojan) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error)
 		return c, err
 	}
 	err = t.instance.WriteHeader(c, trojan.CommandTCP, serializesSocksAddr(metadata))
-	return c, err
+	return N.NewExtendedConn(c), err
 }

 // DialContext implements C.ProxyAdapter
@ -135,12 +135,6 @@ func (t *Trojan) DialContext(ctx context.Context, metadata *C.Metadata, opts ...

 // DialContextWithDialer implements C.ProxyAdapter
 func (t *Trojan) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
-	if len(t.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(t.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	c, err := dialer.DialContext(ctx, "tcp", t.addr)
 	if err != nil {
 		return nil, fmt.Errorf("%s connect error: %w", t.addr, err)
@ -185,12 +179,6 @@ func (t *Trojan) ListenPacketContext(ctx context.Context, metadata *C.Metadata,

 // ListenPacketWithDialer implements C.ProxyAdapter
 func (t *Trojan) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.PacketConn, err error) {
-	if len(t.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(t.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	c, err := dialer.DialContext(ctx, "tcp", t.addr)
 	if err != nil {
 		return nil, fmt.Errorf("%s connect error: %w", t.addr, err)
@ -214,8 +202,8 @@ func (t *Trojan) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, me
 }

 // SupportWithDialer implements C.ProxyAdapter
-func (t *Trojan) SupportWithDialer() C.NetWork {
-	return C.ALLNet
+func (t *Trojan) SupportWithDialer() bool {
+	return true
 }

 // ListenPacketOnStreamConn implements C.ProxyAdapter
@ -283,15 +271,7 @@ func NewTrojan(option TrojanOption) (*Trojan, error) {

 	if option.Network == "grpc" {
 		dialFn := func(network, addr string) (net.Conn, error) {
-			var err error
-			var cDialer C.Dialer = dialer.NewDialer(t.Base.DialOptions()...)
-			if len(t.option.DialerProxy) > 0 {
-				cDialer, err = proxydialer.NewByName(t.option.DialerProxy, cDialer)
-				if err != nil {
-					return nil, err
-				}
-			}
-			c, err := cDialer.DialContext(context.Background(), "tcp", t.addr)
+			c, err := dialer.DialContext(context.Background(), "tcp", t.addr, t.Base.DialOptions()...)
 			if err != nil {
 				return nil, fmt.Errorf("%s connect error: %s", t.addr, err.Error())
 			}
--- a/adapter/outbound/tuic.go
+++ b/adapter/outbound/tuic.go
@ -16,7 +16,6 @@ import (
 	"github.com/metacubex/quic-go"

 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
 	tlsC "github.com/Dreamacro/clash/component/tls"
 	C "github.com/Dreamacro/clash/constant"
 	"github.com/Dreamacro/clash/transport/tuic"
@ -24,7 +23,6 @@ import (

 type Tuic struct {
 	*Base
-	option *TuicOption
 	client *tuic.PoolClient
 }

@ -44,17 +42,16 @@ type TuicOption struct {
 	DisableSni            bool     `proxy:"disable-sni,omitempty"`
 	MaxUdpRelayPacketSize int      `proxy:"max-udp-relay-packet-size,omitempty"`

-	FastOpen             bool   `proxy:"fast-open,omitempty"`
-	MaxOpenStreams       int    `proxy:"max-open-streams,omitempty"`
-	SkipCertVerify       bool   `proxy:"skip-cert-verify,omitempty"`
-	Fingerprint          string `proxy:"fingerprint,omitempty"`
-	CustomCA             string `proxy:"ca,omitempty"`
-	CustomCAString       string `proxy:"ca-str,omitempty"`
-	ReceiveWindowConn    int    `proxy:"recv-window-conn,omitempty"`
-	ReceiveWindow        int    `proxy:"recv-window,omitempty"`
-	DisableMTUDiscovery  bool   `proxy:"disable-mtu-discovery,omitempty"`
-	MaxDatagramFrameSize int    `proxy:"max-datagram-frame-size,omitempty"`
-	SNI                  string `proxy:"sni,omitempty"`
+	FastOpen            bool   `proxy:"fast-open,omitempty"`
+	MaxOpenStreams      int    `proxy:"max-open-streams,omitempty"`
+	SkipCertVerify      bool   `proxy:"skip-cert-verify,omitempty"`
+	Fingerprint         string `proxy:"fingerprint,omitempty"`
+	CustomCA            string `proxy:"ca,omitempty"`
+	CustomCAString      string `proxy:"ca-str,omitempty"`
+	ReceiveWindowConn   int    `proxy:"recv-window-conn,omitempty"`
+	ReceiveWindow       int    `proxy:"recv-window,omitempty"`
+	DisableMTUDiscovery bool   `proxy:"disable-mtu-discovery,omitempty"`
+	SNI                 string `proxy:"sni,omitempty"`
 }

 // DialContext implements C.ProxyAdapter
@ -86,8 +83,8 @@ func (t *Tuic) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, meta
 }

 // SupportWithDialer implements C.ProxyAdapter
-func (t *Tuic) SupportWithDialer() C.NetWork {
-	return C.ALLNet
+func (t *Tuic) SupportWithDialer() bool {
+	return true
 }

 func (t *Tuic) dial(ctx context.Context, opts ...dialer.Option) (pc net.PacketConn, addr net.Addr, err error) {
@ -95,12 +92,6 @@ func (t *Tuic) dial(ctx context.Context, opts ...dialer.Option) (pc net.PacketCo
 }

 func (t *Tuic) dialWithDialer(ctx context.Context, dialer C.Dialer) (pc net.PacketConn, addr net.Addr, err error) {
-	if len(t.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(t.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, nil, err
-		}
-	}
 	udpAddr, err := resolveUDPAddrWithPrefer(ctx, "udp", t.addr, t.prefer)
 	if err != nil {
 		return nil, nil, err
@ -184,15 +175,6 @@ func NewTuic(option TuicOption) (*Tuic, error) {
 		option.MaxOpenStreams = 100
 	}

-	if option.MaxDatagramFrameSize == 0 {
-		option.MaxDatagramFrameSize = option.MaxUdpRelayPacketSize + tuic.PacketOverHead
-	}
-
-	if option.MaxDatagramFrameSize > 1400 {
-		option.MaxDatagramFrameSize = 1400
-	}
-	option.MaxUdpRelayPacketSize = option.MaxDatagramFrameSize - tuic.PacketOverHead
-
 	// ensure server's incoming stream can handle correctly, increase to 1.1x
 	quicMaxOpenStreams := int64(option.MaxOpenStreams)
 	quicMaxOpenStreams = quicMaxOpenStreams + int64(math.Ceil(float64(quicMaxOpenStreams)/10.0))
@ -205,7 +187,6 @@ func NewTuic(option TuicOption) (*Tuic, error) {
 		MaxIncomingUniStreams:          quicMaxOpenStreams,
 		KeepAlivePeriod:                time.Duration(option.HeartbeatInterval) * time.Millisecond,
 		DisablePathMTUDiscovery:        option.DisableMTUDiscovery,
-		MaxDatagramFrameSize:           int64(option.MaxDatagramFrameSize),
 		EnableDatagrams:                true,
 	}
 	if option.ReceiveWindowConn == 0 {
@ -238,7 +219,6 @@ func NewTuic(option TuicOption) (*Tuic, error) {
 			rmark:  option.RoutingMark,
 			prefer: C.NewDNSPrefer(option.IPVersion),
 		},
-		option: &option,
 	}

 	clientMaxOpenStreams := int64(option.MaxOpenStreams)
--- a/adapter/outbound/vless.go
+++ b/adapter/outbound/vless.go
@ -14,7 +14,6 @@ import (

 	"github.com/Dreamacro/clash/common/convert"
 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
 	"github.com/Dreamacro/clash/component/resolver"
 	tlsC "github.com/Dreamacro/clash/component/tls"
 	C "github.com/Dreamacro/clash/constant"
@ -169,35 +168,7 @@ func (v *Vless) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
 		return nil, err
 	}

-	return v.streamConn(c, metadata)
-}
-
-func (v *Vless) streamConn(c net.Conn, metadata *C.Metadata) (conn net.Conn, err error) {
-	if metadata.NetWork == C.UDP {
-		if v.option.PacketAddr {
-			metadata = &C.Metadata{
-				NetWork: C.UDP,
-				Host:    packetaddr.SeqPacketMagicAddress,
-				DstPort: "443",
-			}
-		} else {
-			metadata = &C.Metadata{ // a clear metadata only contains ip
-				NetWork: C.UDP,
-				DstIP:   metadata.DstIP,
-				DstPort: metadata.DstPort,
-			}
-		}
-		conn, err = v.client.StreamConn(c, parseVlessAddr(metadata, v.option.XUDP))
-		if v.option.PacketAddr {
-			conn = packetaddr.NewBindConn(conn)
-		}
-	} else {
-		conn, err = v.client.StreamConn(c, parseVlessAddr(metadata, false))
-	}
-	if err != nil {
-		conn = nil
-	}
-	return
+	return v.client.StreamConn(c, parseVlessAddr(metadata, v.option.XUDP))
 }

 func (v *Vless) streamTLSOrXTLSConn(conn net.Conn, isH2 bool) (net.Conn, error) {
@ -267,12 +238,6 @@ func (v *Vless) DialContext(ctx context.Context, metadata *C.Metadata, opts ...d

 // DialContextWithDialer implements C.ProxyAdapter
 func (v *Vless) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
-	if len(v.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(v.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	c, err := dialer.DialContext(ctx, "tcp", v.addr)
 	if err != nil {
 		return nil, fmt.Errorf("%s connect error: %s", v.addr, err.Error())
@ -299,6 +264,7 @@ func (v *Vless) ListenPacketContext(ctx context.Context, metadata *C.Metadata, o
 		}
 		metadata.DstIP = ip
 	}
+
 	var c net.Conn
 	// gun transport
 	if v.transport != nil && len(opts) == 0 {
@ -310,25 +276,27 @@ func (v *Vless) ListenPacketContext(ctx context.Context, metadata *C.Metadata, o
 			safeConnClose(c, err)
 		}(c)

-		c, err = v.streamConn(c, metadata)
+		if v.option.PacketAddr {
+			packetAddrMetadata := *metadata // make a copy
+			packetAddrMetadata.Host = packetaddr.SeqPacketMagicAddress
+			packetAddrMetadata.DstPort = "443"
+
+			c, err = v.client.StreamConn(c, parseVlessAddr(&packetAddrMetadata, false))
+		} else {
+			c, err = v.client.StreamConn(c, parseVlessAddr(metadata, v.option.XUDP))
+		}
+
 		if err != nil {
 			return nil, fmt.Errorf("new vless client error: %v", err)
 		}

-		return v.ListenPacketOnStreamConn(ctx, c, metadata)
+		return v.ListenPacketOnStreamConn(c, metadata)
 	}
 	return v.ListenPacketWithDialer(ctx, dialer.NewDialer(v.Base.DialOptions(opts...)...), metadata)
 }

 // ListenPacketWithDialer implements C.ProxyAdapter
 func (v *Vless) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.PacketConn, err error) {
-	if len(v.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(v.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
-
 	// vless use stream-oriented udp with a special address, so we need a net.UDPAddr
 	if !metadata.Resolved() {
 		ip, err := resolver.ResolveIP(ctx, metadata.Host)
@ -337,7 +305,6 @@ func (v *Vless) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, met
 		}
 		metadata.DstIP = ip
 	}
-
 	c, err := dialer.DialContext(ctx, "tcp", v.addr)
 	if err != nil {
 		return nil, fmt.Errorf("%s connect error: %s", v.addr, err.Error())
@ -347,39 +314,39 @@ func (v *Vless) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, met
 		safeConnClose(c, err)
 	}(c)

-	c, err = v.StreamConn(c, metadata)
+	if v.option.PacketAddr {
+		packetAddrMetadata := *metadata // make a copy
+		packetAddrMetadata.Host = packetaddr.SeqPacketMagicAddress
+		packetAddrMetadata.DstPort = "443"
+
+		c, err = v.StreamConn(c, &packetAddrMetadata)
+	} else {
+		c, err = v.StreamConn(c, metadata)
+	}
+
 	if err != nil {
 		return nil, fmt.Errorf("new vless client error: %v", err)
 	}

-	return v.ListenPacketOnStreamConn(ctx, c, metadata)
+	return v.ListenPacketOnStreamConn(c, metadata)
 }

 // SupportWithDialer implements C.ProxyAdapter
-func (v *Vless) SupportWithDialer() C.NetWork {
-	return C.ALLNet
+func (v *Vless) SupportWithDialer() bool {
+	return true
 }

 // ListenPacketOnStreamConn implements C.ProxyAdapter
-func (v *Vless) ListenPacketOnStreamConn(ctx context.Context, c net.Conn, metadata *C.Metadata) (_ C.PacketConn, err error) {
-	// vless use stream-oriented udp with a special address, so we need a net.UDPAddr
-	if !metadata.Resolved() {
-		ip, err := resolver.ResolveIP(ctx, metadata.Host)
-		if err != nil {
-			return nil, errors.New("can't resolve ip")
-		}
-		metadata.DstIP = ip
-	}
-
+func (v *Vless) ListenPacketOnStreamConn(c net.Conn, metadata *C.Metadata) (_ C.PacketConn, err error) {
 	if v.option.XUDP {
 		return newPacketConn(&threadSafePacketConn{
-			PacketConn: vmessSing.NewXUDPConn(c, M.SocksaddrFromNet(metadata.UDPAddr())),
+			PacketConn: vmessSing.NewXUDPConn(c, M.ParseSocksaddr(metadata.RemoteAddress())),
 		}, v), nil
 	} else if v.option.PacketAddr {
 		return newPacketConn(&threadSafePacketConn{
 			PacketConn: packetaddr.NewConn(&vlessPacketConn{
 				Conn: c, rAddr: metadata.UDPAddr(),
-			}, M.SocksaddrFromNet(metadata.UDPAddr())),
+			}, M.ParseSocksaddr(metadata.RemoteAddress())),
 		}, v), nil
 	}
 	return newPacketConn(&vlessPacketConn{Conn: c, rAddr: metadata.UDPAddr()}, v), nil
@ -537,9 +504,6 @@ func NewVless(option VlessOption) (*Vless, error) {
 			option.XUDP = true
 		}
 	}
-	if option.XUDP {
-		option.PacketAddr = false
-	}

 	client, err := vless.NewClient(option.UUID, addons, option.FlowShow)
 	if err != nil {
@ -574,15 +538,7 @@ func NewVless(option VlessOption) (*Vless, error) {
 		}
 	case "grpc":
 		dialFn := func(network, addr string) (net.Conn, error) {
-			var err error
-			var cDialer C.Dialer = dialer.NewDialer(v.Base.DialOptions()...)
-			if len(v.option.DialerProxy) > 0 {
-				cDialer, err = proxydialer.NewByName(v.option.DialerProxy, cDialer)
-				if err != nil {
-					return nil, err
-				}
-			}
-			c, err := cDialer.DialContext(context.Background(), "tcp", v.addr)
+			c, err := dialer.DialContext(context.Background(), "tcp", v.addr, v.Base.DialOptions()...)
 			if err != nil {
 				return nil, fmt.Errorf("%s connect error: %s", v.addr, err.Error())
 			}
--- a/adapter/outbound/vmess.go
+++ b/adapter/outbound/vmess.go
@ -13,7 +13,6 @@ import (

 	N "github.com/Dreamacro/clash/common/net"
 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
 	"github.com/Dreamacro/clash/component/resolver"
 	tlsC "github.com/Dreamacro/clash/component/tls"
 	C "github.com/Dreamacro/clash/constant"
@ -217,42 +216,27 @@ func (v *Vmess) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
 	if err != nil {
 		return nil, err
 	}
-	return v.streamConn(c, metadata)
-}
-
-func (v *Vmess) streamConn(c net.Conn, metadata *C.Metadata) (conn net.Conn, err error) {
 	if metadata.NetWork == C.UDP {
 		if v.option.XUDP {
 			if N.NeedHandshake(c) {
-				conn = v.client.DialEarlyXUDPPacketConn(c, M.SocksaddrFromNet(metadata.UDPAddr()))
+				return v.client.DialEarlyXUDPPacketConn(c, M.ParseSocksaddr(metadata.RemoteAddress())), nil
 			} else {
-				conn, err = v.client.DialXUDPPacketConn(c, M.SocksaddrFromNet(metadata.UDPAddr()))
+				return v.client.DialXUDPPacketConn(c, M.ParseSocksaddr(metadata.RemoteAddress()))
 			}
-		} else if v.option.PacketAddr {
-			if N.NeedHandshake(c) {
-				conn = v.client.DialEarlyPacketConn(c, M.ParseSocksaddrHostPort(packetaddr.SeqPacketMagicAddress, 443))
-			} else {
-				conn, err = v.client.DialPacketConn(c, M.ParseSocksaddrHostPort(packetaddr.SeqPacketMagicAddress, 443))
-			}
-			conn = packetaddr.NewBindConn(conn)
 		} else {
 			if N.NeedHandshake(c) {
-				conn = v.client.DialEarlyPacketConn(c, M.SocksaddrFromNet(metadata.UDPAddr()))
+				return v.client.DialEarlyPacketConn(c, M.ParseSocksaddr(metadata.RemoteAddress())), nil
 			} else {
-				conn, err = v.client.DialPacketConn(c, M.SocksaddrFromNet(metadata.UDPAddr()))
+				return v.client.DialPacketConn(c, M.ParseSocksaddr(metadata.RemoteAddress()))
 			}
 		}
 	} else {
 		if N.NeedHandshake(c) {
-			conn = v.client.DialEarlyConn(c, M.ParseSocksaddr(metadata.RemoteAddress()))
+			return v.client.DialEarlyConn(c, M.ParseSocksaddr(metadata.RemoteAddress())), nil
 		} else {
-			conn, err = v.client.DialConn(c, M.ParseSocksaddr(metadata.RemoteAddress()))
+			return v.client.DialConn(c, M.ParseSocksaddr(metadata.RemoteAddress()))
 		}
 	}
-	if err != nil {
-		conn = nil
-	}
-	return
 }

 // DialContext implements C.ProxyAdapter
@ -279,12 +263,6 @@ func (v *Vmess) DialContext(ctx context.Context, metadata *C.Metadata, opts ...d

 // DialContextWithDialer implements C.ProxyAdapter
 func (v *Vmess) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
-	if len(v.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(v.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
 	c, err := dialer.DialContext(ctx, "tcp", v.addr)
 	if err != nil {
 		return nil, fmt.Errorf("%s connect error: %s", v.addr, err.Error())
@ -308,6 +286,14 @@ func (v *Vmess) ListenPacketContext(ctx context.Context, metadata *C.Metadata, o
 		}
 		metadata.DstIP = ip
 	}
+
+	if v.option.PacketAddr {
+		_metadata := *metadata // make a copy
+		metadata = &_metadata
+		metadata.Host = packetaddr.SeqPacketMagicAddress
+		metadata.DstPort = "443"
+	}
+
 	var c net.Conn
 	// gun transport
 	if v.transport != nil && len(opts) == 0 {
@ -319,24 +305,30 @@ func (v *Vmess) ListenPacketContext(ctx context.Context, metadata *C.Metadata, o
 			safeConnClose(c, err)
 		}(c)

-		c, err = v.streamConn(c, metadata)
+		if v.option.XUDP {
+			if N.NeedHandshake(c) {
+				c = v.client.DialEarlyXUDPPacketConn(c, M.ParseSocksaddr(metadata.RemoteAddress()))
+			} else {
+				c, err = v.client.DialXUDPPacketConn(c, M.ParseSocksaddr(metadata.RemoteAddress()))
+			}
+		} else {
+			if N.NeedHandshake(c) {
+				c = v.client.DialEarlyPacketConn(c, M.ParseSocksaddr(metadata.RemoteAddress()))
+			} else {
+				c, err = v.client.DialPacketConn(c, M.ParseSocksaddr(metadata.RemoteAddress()))
+			}
+		}
+
 		if err != nil {
 			return nil, fmt.Errorf("new vmess client error: %v", err)
 		}
-		return v.ListenPacketOnStreamConn(ctx, c, metadata)
+		return v.ListenPacketOnStreamConn(c, metadata)
 	}
 	return v.ListenPacketWithDialer(ctx, dialer.NewDialer(v.Base.DialOptions(opts...)...), metadata)
 }

 // ListenPacketWithDialer implements C.ProxyAdapter
 func (v *Vmess) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.PacketConn, err error) {
-	if len(v.option.DialerProxy) > 0 {
-		dialer, err = proxydialer.NewByName(v.option.DialerProxy, dialer)
-		if err != nil {
-			return nil, err
-		}
-	}
-
 	// vmess use stream-oriented udp with a special address, so we need a net.UDPAddr
 	if !metadata.Resolved() {
 		ip, err := resolver.ResolveIP(ctx, metadata.Host)
@ -359,26 +351,19 @@ func (v *Vmess) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, met
 	if err != nil {
 		return nil, fmt.Errorf("new vmess client error: %v", err)
 	}
-	return v.ListenPacketOnStreamConn(ctx, c, metadata)
+	return v.ListenPacketOnStreamConn(c, metadata)
 }

 // SupportWithDialer implements C.ProxyAdapter
-func (v *Vmess) SupportWithDialer() C.NetWork {
-	return C.ALLNet
+func (v *Vmess) SupportWithDialer() bool {
+	return true
 }

 // ListenPacketOnStreamConn implements C.ProxyAdapter
-func (v *Vmess) ListenPacketOnStreamConn(ctx context.Context, c net.Conn, metadata *C.Metadata) (_ C.PacketConn, err error) {
-	// vmess use stream-oriented udp with a special address, so we need a net.UDPAddr
-	if !metadata.Resolved() {
-		ip, err := resolver.ResolveIP(ctx, metadata.Host)
-		if err != nil {
-			return nil, errors.New("can't resolve ip")
-		}
-		metadata.DstIP = ip
-	}
-
-	if pc, ok := c.(net.PacketConn); ok {
+func (v *Vmess) ListenPacketOnStreamConn(c net.Conn, metadata *C.Metadata) (_ C.PacketConn, err error) {
+	if v.option.PacketAddr {
+		return newPacketConn(&threadSafePacketConn{PacketConn: packetaddr.NewBindConn(c)}, v), nil
+	} else if pc, ok := c.(net.PacketConn); ok {
 		return newPacketConn(&threadSafePacketConn{PacketConn: pc}, v), nil
 	}
 	return newPacketConn(&vmessPacketConn{Conn: c, rAddr: metadata.UDPAddr()}, v), nil
@ -443,15 +428,7 @@ func NewVmess(option VmessOption) (*Vmess, error) {
 		}
 	case "grpc":
 		dialFn := func(network, addr string) (net.Conn, error) {
-			var err error
-			var cDialer C.Dialer = dialer.NewDialer(v.Base.DialOptions()...)
-			if len(v.option.DialerProxy) > 0 {
-				cDialer, err = proxydialer.NewByName(v.option.DialerProxy, cDialer)
-				if err != nil {
-					return nil, err
-				}
-			}
-			c, err := cDialer.DialContext(context.Background(), "tcp", v.addr)
+			c, err := dialer.DialContext(context.Background(), "tcp", v.addr, v.Base.DialOptions()...)
 			if err != nil {
 				return nil, fmt.Errorf("%s connect error: %s", v.addr, err.Error())
 			}
@ -509,9 +486,9 @@ type vmessPacketConn struct {
 // WriteTo implments C.PacketConn.WriteTo
 // Since VMess doesn't support full cone NAT by design, we verify if addr matches uc.rAddr, and drop the packet if not.
 func (uc *vmessPacketConn) WriteTo(b []byte, addr net.Addr) (int, error) {
-	allowedAddr := uc.rAddr
-	destAddr := addr
-	if allowedAddr.String() != destAddr.String() {
+	allowedAddr := uc.rAddr.(*net.UDPAddr)
+	destAddr := addr.(*net.UDPAddr)
+	if !(allowedAddr.IP.Equal(destAddr.IP) && allowedAddr.Port == destAddr.Port) {
 		return 0, ErrUDPRemoteAddrMismatch
 	}
 	uc.access.Lock()
--- a/adapter/outbound/wireguard.go
+++ b/adapter/outbound/wireguard.go
@ -15,10 +15,8 @@ import (

 	CN "github.com/Dreamacro/clash/common/net"
 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
 	"github.com/Dreamacro/clash/component/resolver"
 	C "github.com/Dreamacro/clash/constant"
-	"github.com/Dreamacro/clash/dns"
 	"github.com/Dreamacro/clash/log"

 	wireguard "github.com/metacubex/sing-wireguard"
@ -39,97 +37,75 @@ type WireGuard struct {
 	dialer    *wgSingDialer
 	startOnce sync.Once
 	startErr  error
-	resolver  *dns.Resolver
-	refP      *refProxyAdapter
 }

 type WireGuardOption struct {
 	BasicOption
-	WireGuardPeerOption
-	Name                string `proxy:"name"`
-	PrivateKey          string `proxy:"private-key"`
-	Workers             int    `proxy:"workers,omitempty"`
-	MTU                 int    `proxy:"mtu,omitempty"`
-	UDP                 bool   `proxy:"udp,omitempty"`
-	PersistentKeepalive int    `proxy:"persistent-keepalive,omitempty"`
-
-	Peers []WireGuardPeerOption `proxy:"peers,omitempty"`
-
-	RemoteDnsResolve bool     `proxy:"remote-dns-resolve,omitempty"`
-	Dns              []string `proxy:"dns,omitempty"`
-}
-
-type WireGuardPeerOption struct {
-	Server       string   `proxy:"server"`
-	Port         int      `proxy:"port"`
-	Ip           string   `proxy:"ip,omitempty"`
-	Ipv6         string   `proxy:"ipv6,omitempty"`
-	PublicKey    string   `proxy:"public-key,omitempty"`
-	PreSharedKey string   `proxy:"pre-shared-key,omitempty"`
-	Reserved     []uint8  `proxy:"reserved,omitempty"`
-	AllowedIPs   []string `proxy:"allowed_ips,omitempty"`
+	Name                string  `proxy:"name"`
+	Server              string  `proxy:"server"`
+	Port                int     `proxy:"port"`
+	Ip                  string  `proxy:"ip,omitempty"`
+	Ipv6                string  `proxy:"ipv6,omitempty"`
+	PrivateKey          string  `proxy:"private-key"`
+	PublicKey           string  `proxy:"public-key"`
+	PreSharedKey        string  `proxy:"pre-shared-key,omitempty"`
+	Reserved            []uint8 `proxy:"reserved,omitempty"`
+	Workers             int     `proxy:"workers,omitempty"`
+	MTU                 int     `proxy:"mtu,omitempty"`
+	UDP                 bool    `proxy:"udp,omitempty"`
+	PersistentKeepalive int     `proxy:"persistent-keepalive,omitempty"`
 }

 type wgSingDialer struct {
-	dialer    dialer.Dialer
-	proxyName string
+	dialer dialer.Dialer
 }

-var _ N.Dialer = (*wgSingDialer)(nil)
+var _ N.Dialer = &wgSingDialer{}

 func (d *wgSingDialer) DialContext(ctx context.Context, network string, destination M.Socksaddr) (net.Conn, error) {
-	var cDialer C.Dialer = d.dialer
-	if len(d.proxyName) > 0 {
-		pd, err := proxydialer.NewByName(d.proxyName, d.dialer)
-		if err != nil {
-			return nil, err
-		}
-		cDialer = pd
-	}
-	return cDialer.DialContext(ctx, network, destination.String())
+	return d.dialer.DialContext(ctx, network, destination.String())
 }

 func (d *wgSingDialer) ListenPacket(ctx context.Context, destination M.Socksaddr) (net.PacketConn, error) {
-	var cDialer C.Dialer = d.dialer
-	if len(d.proxyName) > 0 {
-		pd, err := proxydialer.NewByName(d.proxyName, d.dialer)
-		if err != nil {
-			return nil, err
-		}
-		cDialer = pd
-	}
-	return cDialer.ListenPacket(ctx, "udp", "", destination.AddrPort())
-}
-
-type wgSingErrorHandler struct {
-	name string
-}
-
-var _ E.Handler = (*wgSingErrorHandler)(nil)
-
-func (w wgSingErrorHandler) NewError(ctx context.Context, err error) {
-	if E.IsClosedOrCanceled(err) {
-		log.SingLogger.Debug(fmt.Sprintf("[WG](%s) connection closed: %s", w.name, err))
-		return
-	}
-	log.SingLogger.Error(fmt.Sprintf("[WG](%s) %s", w.name, err))
+	return d.dialer.ListenPacket(ctx, "udp", "", destination.AddrPort())
 }

 type wgNetDialer struct {
 	tunDevice wireguard.Device
 }

-var _ dialer.NetDialer = (*wgNetDialer)(nil)
+var _ dialer.NetDialer = &wgNetDialer{}

 func (d wgNetDialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
 	return d.tunDevice.DialContext(ctx, network, M.ParseSocksaddr(address).Unwrap())
 }

-func (option WireGuardPeerOption) Addr() M.Socksaddr {
-	return M.ParseSocksaddrHostPort(option.Server, uint16(option.Port))
-}
+func NewWireGuard(option WireGuardOption) (*WireGuard, error) {
+	outbound := &WireGuard{
+		Base: &Base{
+			name:   option.Name,
+			addr:   net.JoinHostPort(option.Server, strconv.Itoa(option.Port)),
+			tp:     C.WireGuard,
+			udp:    option.UDP,
+			iface:  option.Interface,
+			rmark:  option.RoutingMark,
+			prefer: C.NewDNSPrefer(option.IPVersion),
+		},
+		dialer: &wgSingDialer{dialer: dialer.NewDialer()},
+	}
+	runtime.SetFinalizer(outbound, closeWireGuard)

-func (option WireGuardPeerOption) Prefixes() ([]netip.Prefix, error) {
+	var reserved [3]uint8
+	if len(option.Reserved) > 0 {
+		if len(option.Reserved) != 3 {
+			return nil, E.New("invalid reserved value, required 3 bytes, got ", len(option.Reserved))
+		}
+		reserved[0] = uint8(option.Reserved[0])
+		reserved[1] = uint8(option.Reserved[1])
+		reserved[2] = uint8(option.Reserved[2])
+	}
+	peerAddr := M.ParseSocksaddrHostPort(option.Server, uint16(option.Port))
+	outbound.bind = wireguard.NewClientBind(context.Background(), outbound.dialer, peerAddr, reserved)
 	localPrefixes := make([]netip.Prefix, 0, 2)
 	if len(option.Ip) > 0 {
 		if !strings.Contains(option.Ip, "/") {
@ -154,46 +130,7 @@ func (option WireGuardPeerOption) Prefixes() ([]netip.Prefix, error) {
 	if len(localPrefixes) == 0 {
 		return nil, E.New("missing local address")
 	}
-	return localPrefixes, nil
-}
-
-func NewWireGuard(option WireGuardOption) (*WireGuard, error) {
-	outbound := &WireGuard{
-		Base: &Base{
-			name:   option.Name,
-			addr:   net.JoinHostPort(option.Server, strconv.Itoa(option.Port)),
-			tp:     C.WireGuard,
-			udp:    option.UDP,
-			iface:  option.Interface,
-			rmark:  option.RoutingMark,
-			prefer: C.NewDNSPrefer(option.IPVersion),
-		},
-		dialer: &wgSingDialer{dialer: dialer.NewDialer(), proxyName: option.DialerProxy},
-	}
-	runtime.SetFinalizer(outbound, closeWireGuard)
-
-	var reserved [3]uint8
-	if len(option.Reserved) > 0 {
-		if len(option.Reserved) != 3 {
-			return nil, E.New("invalid reserved value, required 3 bytes, got ", len(option.Reserved))
-		}
-		copy(reserved[:], option.Reserved)
-	}
-	var isConnect bool
-	var connectAddr M.Socksaddr
-	if len(option.Peers) < 2 {
-		isConnect = true
-		if len(option.Peers) == 1 {
-			connectAddr = option.Peers[0].Addr()
-		} else {
-			connectAddr = option.Addr()
-		}
-	}
-	outbound.bind = wireguard.NewClientBind(context.Background(), wgSingErrorHandler{outbound.Name()}, outbound.dialer, isConnect, connectAddr, reserved)
-
-	var localPrefixes []netip.Prefix
-
-	var privateKey string
+	var privateKey, peerPublicKey, preSharedKey string
 	{
 		bytes, err := base64.StdEncoding.DecodeString(option.PrivateKey)
 		if err != nil {
@ -201,92 +138,40 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) {
 		}
 		privateKey = hex.EncodeToString(bytes)
 	}
-	ipcConf := "private_key=" + privateKey
-	if peersLen := len(option.Peers); peersLen > 0 {
-		localPrefixes = make([]netip.Prefix, 0, peersLen*2)
-		for i, peer := range option.Peers {
-			var peerPublicKey, preSharedKey string
-			{
-				bytes, err := base64.StdEncoding.DecodeString(peer.PublicKey)
-				if err != nil {
-					return nil, E.Cause(err, "decode public key for peer ", i)
-				}
-				peerPublicKey = hex.EncodeToString(bytes)
-			}
-			if peer.PreSharedKey != "" {
-				bytes, err := base64.StdEncoding.DecodeString(peer.PreSharedKey)
-				if err != nil {
-					return nil, E.Cause(err, "decode pre shared key for peer ", i)
-				}
-				preSharedKey = hex.EncodeToString(bytes)
-			}
-			destination := peer.Addr()
-			ipcConf += "\npublic_key=" + peerPublicKey
-			ipcConf += "\nendpoint=" + destination.String()
-			if preSharedKey != "" {
-				ipcConf += "\npreshared_key=" + preSharedKey
-			}
-			if len(peer.AllowedIPs) == 0 {
-				return nil, E.New("missing allowed_ips for peer ", i)
-			}
-			for _, allowedIP := range peer.AllowedIPs {
-				ipcConf += "\nallowed_ip=" + allowedIP
-			}
-			if len(peer.Reserved) > 0 {
-				if len(peer.Reserved) != 3 {
-					return nil, E.New("invalid reserved value for peer ", i, ", required 3 bytes, got ", len(peer.Reserved))
-				}
-				copy(reserved[:], option.Reserved)
-				outbound.bind.SetReservedForEndpoint(destination, reserved)
-			}
-			prefixes, err := peer.Prefixes()
-			if err != nil {
-				return nil, err
-			}
-			localPrefixes = append(localPrefixes, prefixes...)
-		}
-	} else {
-		var peerPublicKey, preSharedKey string
-		{
-			bytes, err := base64.StdEncoding.DecodeString(option.PublicKey)
-			if err != nil {
-				return nil, E.Cause(err, "decode peer public key")
-			}
-			peerPublicKey = hex.EncodeToString(bytes)
-		}
-		if option.PreSharedKey != "" {
-			bytes, err := base64.StdEncoding.DecodeString(option.PreSharedKey)
-			if err != nil {
-				return nil, E.Cause(err, "decode pre shared key")
-			}
-			preSharedKey = hex.EncodeToString(bytes)
-		}
-		ipcConf += "\npublic_key=" + peerPublicKey
-		ipcConf += "\nendpoint=" + connectAddr.String()
-		if preSharedKey != "" {
-			ipcConf += "\npreshared_key=" + preSharedKey
-		}
-		var err error
-		localPrefixes, err = option.Prefixes()
+	{
+		bytes, err := base64.StdEncoding.DecodeString(option.PublicKey)
 		if err != nil {
-			return nil, err
+			return nil, E.Cause(err, "decode peer public key")
 		}
-		var has4, has6 bool
-		for _, address := range localPrefixes {
-			if address.Addr().Is4() {
-				has4 = true
-			} else {
-				has6 = true
-			}
+		peerPublicKey = hex.EncodeToString(bytes)
+	}
+	if option.PreSharedKey != "" {
+		bytes, err := base64.StdEncoding.DecodeString(option.PreSharedKey)
+		if err != nil {
+			return nil, E.Cause(err, "decode pre shared key")
 		}
-		if has4 {
-			ipcConf += "\nallowed_ip=0.0.0.0/0"
-		}
-		if has6 {
-			ipcConf += "\nallowed_ip=::/0"
+		preSharedKey = hex.EncodeToString(bytes)
+	}
+	ipcConf := "private_key=" + privateKey
+	ipcConf += "\npublic_key=" + peerPublicKey
+	ipcConf += "\nendpoint=" + peerAddr.String()
+	if preSharedKey != "" {
+		ipcConf += "\npreshared_key=" + preSharedKey
+	}
+	var has4, has6 bool
+	for _, address := range localPrefixes {
+		if address.Addr().Is4() {
+			has4 = true
+		} else {
+			has6 = true
 		}
 	}
-
+	if has4 {
+		ipcConf += "\nallowed_ip=0.0.0.0/0"
+	}
+	if has6 {
+		ipcConf += "\nallowed_ip=::/0"
+	}
 	if option.PersistentKeepalive != 0 {
 		ipcConf += fmt.Sprintf("\npersistent_keepalive_interval=%d", option.PersistentKeepalive)
 	}
@ -294,9 +179,6 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) {
 	if mtu == 0 {
 		mtu = 1408
 	}
-	if len(localPrefixes) == 0 {
-		return nil, E.New("missing local address")
-	}
 	var err error
 	outbound.tunDevice, err = wireguard.NewStackDevice(localPrefixes, uint32(mtu))
 	if err != nil {
@ -304,45 +186,20 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) {
 	}
 	outbound.device = device.NewDevice(outbound.tunDevice, outbound.bind, &device.Logger{
 		Verbosef: func(format string, args ...interface{}) {
-			log.SingLogger.Debug(fmt.Sprintf("[WG](%s) %s", option.Name, fmt.Sprintf(format, args...)))
+			log.SingLogger.Debug(fmt.Sprintf(strings.ToLower(format), args...))
 		},
 		Errorf: func(format string, args ...interface{}) {
-			log.SingLogger.Error(fmt.Sprintf("[WG](%s) %s", option.Name, fmt.Sprintf(format, args...)))
+			log.SingLogger.Error(fmt.Sprintf(strings.ToLower(format), args...))
 		},
 	}, option.Workers)
 	if debug.Enabled {
-		log.SingLogger.Trace(fmt.Sprintf("[WG](%s) created wireguard ipc conf: \n %s", option.Name, ipcConf))
+		log.SingLogger.Trace("created wireguard ipc conf: \n", ipcConf)
 	}
 	err = outbound.device.IpcSet(ipcConf)
 	if err != nil {
 		return nil, E.Cause(err, "setup wireguard")
 	}
 	//err = outbound.tunDevice.Start()
-
-	var has6 bool
-	for _, address := range localPrefixes {
-		if !address.Addr().Unmap().Is4() {
-			has6 = true
-			break
-		}
-	}
-
-	refP := &refProxyAdapter{}
-	outbound.refP = refP
-	if option.RemoteDnsResolve && len(option.Dns) > 0 {
-		nss, err := dns.ParseNameServer(option.Dns)
-		if err != nil {
-			return nil, err
-		}
-		for i := range nss {
-			nss[i].ProxyAdapter = refP
-		}
-		outbound.resolver = dns.NewResolver(dns.Config{
-			Main: nss,
-			IPv6: has6,
-		})
-	}
-
 	return outbound, nil
 }

@ -363,14 +220,8 @@ func (w *WireGuard) DialContext(ctx context.Context, metadata *C.Metadata, opts
 	if w.startErr != nil {
 		return nil, w.startErr
 	}
-	if !metadata.Resolved() || w.resolver != nil {
-		r := resolver.DefaultResolver
-		if w.resolver != nil {
-			w.refP.SetProxyAdapter(w)
-			defer w.refP.ClearProxyAdapter()
-			r = w.resolver
-		}
-		options = append(options, dialer.WithResolver(r))
+	if !metadata.Resolved() {
+		options = append(options, dialer.WithResolver(resolver.DefaultResolver))
 		options = append(options, dialer.WithNetDialer(wgNetDialer{tunDevice: w.tunDevice}))
 		conn, err = dialer.NewDialer(options...).DialContext(ctx, "tcp", metadata.RemoteAddress())
 	} else {
@ -399,14 +250,8 @@ func (w *WireGuard) ListenPacketContext(ctx context.Context, metadata *C.Metadat
 	if err != nil {
 		return nil, err
 	}
-	if (!metadata.Resolved() || w.resolver != nil) && metadata.Host != "" {
-		r := resolver.DefaultResolver
-		if w.resolver != nil {
-			w.refP.SetProxyAdapter(w)
-			defer w.refP.ClearProxyAdapter()
-			r = w.resolver
-		}
-		ip, err := resolver.ResolveIPWithResolver(ctx, metadata.Host, r)
+	if !metadata.Resolved() {
+		ip, err := resolver.ResolveIP(ctx, metadata.Host)
 		if err != nil {
 			return nil, errors.New("can't resolve ip")
 		}
@ -422,144 +267,3 @@ func (w *WireGuard) ListenPacketContext(ctx context.Context, metadata *C.Metadat
 	}
 	return newPacketConn(CN.NewRefPacketConn(pc, w), w), nil
 }
-
-// IsL3Protocol implements C.ProxyAdapter
-func (w *WireGuard) IsL3Protocol(metadata *C.Metadata) bool {
-	return true
-}
-
-type refProxyAdapter struct {
-	proxyAdapter C.ProxyAdapter
-	count        int
-	mutex        sync.Mutex
-}
-
-func (r *refProxyAdapter) SetProxyAdapter(proxyAdapter C.ProxyAdapter) {
-	r.mutex.Lock()
-	defer r.mutex.Unlock()
-	r.proxyAdapter = proxyAdapter
-	r.count++
-}
-
-func (r *refProxyAdapter) ClearProxyAdapter() {
-	r.mutex.Lock()
-	defer r.mutex.Unlock()
-	r.count--
-	if r.count == 0 {
-		r.proxyAdapter = nil
-	}
-}
-
-func (r *refProxyAdapter) Name() string {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.Name()
-	}
-	return ""
-}
-
-func (r *refProxyAdapter) Type() C.AdapterType {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.Type()
-	}
-	return C.AdapterType(0)
-}
-
-func (r *refProxyAdapter) Addr() string {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.Addr()
-	}
-	return ""
-}
-
-func (r *refProxyAdapter) SupportUDP() bool {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.SupportUDP()
-	}
-	return false
-}
-
-func (r *refProxyAdapter) SupportXUDP() bool {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.SupportXUDP()
-	}
-	return false
-}
-
-func (r *refProxyAdapter) SupportTFO() bool {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.SupportTFO()
-	}
-	return false
-}
-
-func (r *refProxyAdapter) MarshalJSON() ([]byte, error) {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.MarshalJSON()
-	}
-	return nil, C.ErrNotSupport
-}
-
-func (r *refProxyAdapter) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.StreamConn(c, metadata)
-	}
-	return nil, C.ErrNotSupport
-}
-
-func (r *refProxyAdapter) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (C.Conn, error) {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.DialContext(ctx, metadata, opts...)
-	}
-	return nil, C.ErrNotSupport
-}
-
-func (r *refProxyAdapter) ListenPacketContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (C.PacketConn, error) {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.ListenPacketContext(ctx, metadata, opts...)
-	}
-	return nil, C.ErrNotSupport
-}
-
-func (r *refProxyAdapter) SupportUOT() bool {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.SupportUOT()
-	}
-	return false
-}
-
-func (r *refProxyAdapter) SupportWithDialer() C.NetWork {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.SupportWithDialer()
-	}
-	return C.InvalidNet
-}
-
-func (r *refProxyAdapter) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (C.Conn, error) {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.DialContextWithDialer(ctx, dialer, metadata)
-	}
-	return nil, C.ErrNotSupport
-}
-
-func (r *refProxyAdapter) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (C.PacketConn, error) {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.ListenPacketWithDialer(ctx, dialer, metadata)
-	}
-	return nil, C.ErrNotSupport
-}
-
-func (r *refProxyAdapter) IsL3Protocol(metadata *C.Metadata) bool {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.IsL3Protocol(metadata)
-	}
-	return false
-}
-
-func (r *refProxyAdapter) Unwrap(metadata *C.Metadata, touch bool) C.Proxy {
-	if r.proxyAdapter != nil {
-		return r.proxyAdapter.Unwrap(metadata, touch)
-	}
-	return nil
-}
-
-var _ C.ProxyAdapter = (*refProxyAdapter)(nil)
--- a/adapter/outboundgroup/fallback.go
+++ b/adapter/outboundgroup/fallback.go
@ -37,13 +37,16 @@ func (f *Fallback) DialContext(ctx context.Context, metadata *C.Metadata, opts .
 	}

 	if N.NeedHandshake(c) {
-		c = callback.NewFirstWriteCallBackConn(c, func(err error) {
-			if err == nil {
-				f.onDialSuccess()
-			} else {
-				f.onDialFailed(proxy.Type(), err)
-			}
-		})
+		c = &callback.FirstWriteCallBackConn{
+			Conn: c,
+			Callback: func(err error) {
+				if err == nil {
+					f.onDialSuccess()
+				} else {
+					f.onDialFailed(proxy.Type(), err)
+				}
+			},
+		}
 	}

 	return c, err
@ -70,11 +73,6 @@ func (f *Fallback) SupportUDP() bool {
 	return proxy.SupportUDP()
 }

-// IsL3Protocol implements C.ProxyAdapter
-func (f *Fallback) IsL3Protocol(metadata *C.Metadata) bool {
-	return f.findAliveProxy(false).IsL3Protocol(metadata)
-}
-
 // MarshalJSON implements C.ProxyAdapter
 func (f *Fallback) MarshalJSON() ([]byte, error) {
 	all := []string{}
@ -138,10 +136,6 @@ func (f *Fallback) Set(name string) error {
 	return nil
 }

-func (f *Fallback) ForceSet(name string) {
-	f.selected = name
-}
-
 func NewFallback(option *GroupCommonOption, providers []provider.ProxyProvider) *Fallback {
 	return &Fallback{
 		GroupBase: NewGroupBase(GroupBaseOption{
--- a/adapter/outboundgroup/groupbase.go
+++ b/adapter/outboundgroup/groupbase.go
@ -8,7 +8,6 @@ import (
 	"time"

 	"github.com/Dreamacro/clash/adapter/outbound"
-	"github.com/Dreamacro/clash/common/atomic"
 	C "github.com/Dreamacro/clash/constant"
 	"github.com/Dreamacro/clash/constant/provider"
 	types "github.com/Dreamacro/clash/constant/provider"
@ -16,6 +15,7 @@ import (
 	"github.com/Dreamacro/clash/tunnel"

 	"github.com/dlclark/regexp2"
+	"go.uber.org/atomic"
 )

 type GroupBase struct {
--- a/adapter/outboundgroup/loadbalance.go
+++ b/adapter/outboundgroup/loadbalance.go
@ -95,13 +95,16 @@ func (lb *LoadBalance) DialContext(ctx context.Context, metadata *C.Metadata, op
 	}

 	if N.NeedHandshake(c) {
-		c = callback.NewFirstWriteCallBackConn(c, func(err error) {
-			if err == nil {
-				lb.onDialSuccess()
-			} else {
-				lb.onDialFailed(proxy.Type(), err)
-			}
-		})
+		c = &callback.FirstWriteCallBackConn{
+			Conn: c,
+			Callback: func(err error) {
+				if err == nil {
+					lb.onDialSuccess()
+				} else {
+					lb.onDialFailed(proxy.Type(), err)
+				}
+			},
+		}
 	}

 	return
@ -124,11 +127,6 @@ func (lb *LoadBalance) SupportUDP() bool {
 	return !lb.disableUDP
 }

-// IsL3Protocol implements C.ProxyAdapter
-func (lb *LoadBalance) IsL3Protocol(metadata *C.Metadata) bool {
-	return lb.Unwrap(metadata, false).IsL3Protocol(metadata)
-}
-
 func strategyRoundRobin() strategyFn {
 	idx := 0
 	idxMutex := sync.Mutex{}
--- a/adapter/outboundgroup/relay.go
+++ b/adapter/outboundgroup/relay.go
@ -3,9 +3,13 @@ package outboundgroup
 import (
 	"context"
 	"encoding/json"
+	"net"
+	"net/netip"
+	"strings"
+
 	"github.com/Dreamacro/clash/adapter/outbound"
+	N "github.com/Dreamacro/clash/common/net"
 	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/proxydialer"
 	C "github.com/Dreamacro/clash/constant"
 	"github.com/Dreamacro/clash/constant/provider"
 )
@ -14,6 +18,36 @@ type Relay struct {
 	*GroupBase
 }

+type proxyDialer struct {
+	proxy  C.Proxy
+	dialer C.Dialer
+}
+
+func (p proxyDialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
+	currentMeta, err := addrToMetadata(address)
+	if err != nil {
+		return nil, err
+	}
+	if strings.Contains(network, "udp") { // should not support this operation
+		currentMeta.NetWork = C.UDP
+		pc, err := p.proxy.ListenPacketWithDialer(ctx, p.dialer, currentMeta)
+		if err != nil {
+			return nil, err
+		}
+		return N.NewBindPacketConn(pc, currentMeta.UDPAddr()), nil
+	}
+	return p.proxy.DialContextWithDialer(ctx, p.dialer, currentMeta)
+}
+
+func (p proxyDialer) ListenPacket(ctx context.Context, network, address string, rAddrPort netip.AddrPort) (net.PacketConn, error) {
+	currentMeta, err := addrToMetadata(rAddrPort.String())
+	if err != nil {
+		return nil, err
+	}
+	currentMeta.NetWork = C.UDP
+	return p.proxy.ListenPacketWithDialer(ctx, p.dialer, currentMeta)
+}
+
 // DialContext implements C.ProxyAdapter
 func (r *Relay) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (C.Conn, error) {
 	proxies, chainProxies := r.proxies(metadata, true)
@ -27,7 +61,10 @@ func (r *Relay) DialContext(ctx context.Context, metadata *C.Metadata, opts ...d
 	var d C.Dialer
 	d = dialer.NewDialer(r.Base.DialOptions(opts...)...)
 	for _, proxy := range proxies[:len(proxies)-1] {
-		d = proxydialer.New(proxy, d, false)
+		d = proxyDialer{
+			proxy:  proxy,
+			dialer: d,
+		}
 	}
 	last := proxies[len(proxies)-1]
 	conn, err := last.DialContextWithDialer(ctx, d, metadata)
@ -58,7 +95,10 @@ func (r *Relay) ListenPacketContext(ctx context.Context, metadata *C.Metadata, o
 	var d C.Dialer
 	d = dialer.NewDialer(r.Base.DialOptions(opts...)...)
 	for _, proxy := range proxies[:len(proxies)-1] {
-		d = proxydialer.New(proxy, d, false)
+		d = proxyDialer{
+			proxy:  proxy,
+			dialer: d,
+		}
 	}
 	last := proxies[len(proxies)-1]
 	pc, err := last.ListenPacketWithDialer(ctx, d, metadata)
@ -89,10 +129,7 @@ func (r *Relay) SupportUDP() bool {
 		if proxy.SupportUOT() {
 			return true
 		}
-		switch proxy.SupportWithDialer() {
-		case C.ALLNet:
-		case C.UDP:
-		default: // C.TCP and C.InvalidNet
+		if !proxy.SupportWithDialer() {
 			return false
 		}
 	}
--- a/adapter/outboundgroup/selector.go
+++ b/adapter/outboundgroup/selector.go
@ -44,11 +44,6 @@ func (s *Selector) SupportUDP() bool {
 	return s.selectedProxy(false).SupportUDP()
 }

-// IsL3Protocol implements C.ProxyAdapter
-func (s *Selector) IsL3Protocol(metadata *C.Metadata) bool {
-	return s.selectedProxy(false).IsL3Protocol(metadata)
-}
-
 // MarshalJSON implements C.ProxyAdapter
 func (s *Selector) MarshalJSON() ([]byte, error) {
 	all := []string{}
@ -78,10 +73,6 @@ func (s *Selector) Set(name string) error {
 	return errors.New("proxy not exist")
 }

-func (s *Selector) ForceSet(name string) {
-	s.selected = name
-}
-
 // Unwrap implements C.ProxyAdapter
 func (s *Selector) Unwrap(metadata *C.Metadata, touch bool) C.Proxy {
 	return s.selectedProxy(touch)
--- a/adapter/outboundgroup/urltest.go
+++ b/adapter/outboundgroup/urltest.go
@ -3,7 +3,6 @@ package outboundgroup
 import (
 	"context"
 	"encoding/json"
-	"errors"
 	"time"

 	"github.com/Dreamacro/clash/adapter/outbound"
@ -25,8 +24,6 @@ func urlTestWithTolerance(tolerance uint16) urlTestOption {

 type URLTest struct {
 	*GroupBase
-	selected   string
-	testUrl    string
 	tolerance  uint16
 	disableUDP bool
 	fastNode   C.Proxy
@ -37,26 +34,6 @@ func (u *URLTest) Now() string {
 	return u.fast(false).Name()
 }

-func (u *URLTest) Set(name string) error {
-	var p C.Proxy
-	for _, proxy := range u.GetProxies(false) {
-		if proxy.Name() == name {
-			p = proxy
-			break
-		}
-	}
-	if p == nil {
-		return errors.New("proxy not exist")
-	}
-	u.selected = name
-	u.fast(false)
-	return nil
-}
-
-func (u *URLTest) ForceSet(name string) {
-	u.selected = name
-}
-
 // DialContext implements C.ProxyAdapter
 func (u *URLTest) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (c C.Conn, err error) {
 	proxy := u.fast(true)
@ -68,13 +45,16 @@ func (u *URLTest) DialContext(ctx context.Context, metadata *C.Metadata, opts ..
 	}

 	if N.NeedHandshake(c) {
-		c = callback.NewFirstWriteCallBackConn(c, func(err error) {
-			if err == nil {
-				u.onDialSuccess()
-			} else {
-				u.onDialFailed(proxy.Type(), err)
-			}
-		})
+		c = &callback.FirstWriteCallBackConn{
+			Conn: c,
+			Callback: func(err error) {
+				if err == nil {
+					u.onDialSuccess()
+				} else {
+					u.onDialFailed(proxy.Type(), err)
+				}
+			},
+		}
 	}

 	return c, err
@ -97,24 +77,16 @@ func (u *URLTest) Unwrap(metadata *C.Metadata, touch bool) C.Proxy {

 func (u *URLTest) fast(touch bool) C.Proxy {
 	elm, _, shared := u.fastSingle.Do(func() (C.Proxy, error) {
-		var s C.Proxy
 		proxies := u.GetProxies(touch)
 		fast := proxies[0]
-		if fast.Name() == u.selected {
-			s = fast
-		}
 		min := fast.LastDelay()
 		fastNotExist := true

 		for _, proxy := range proxies[1:] {
-
 			if u.fastNode != nil && proxy.Name() == u.fastNode.Name() {
 				fastNotExist = false
 			}

-			if proxy.Name() == u.selected {
-				s = proxy
-			}
 			if !proxy.Alive() {
 				continue
 			}
@ -125,15 +97,12 @@ func (u *URLTest) fast(touch bool) C.Proxy {
 				min = delay
 			}
 		}
+
 		// tolerance
 		if u.fastNode == nil || fastNotExist || !u.fastNode.Alive() || u.fastNode.LastDelay() > fast.LastDelay()+u.tolerance {
 			u.fastNode = fast
 		}
-		if s != nil {
-			if s.Alive() && s.LastDelay() < fast.LastDelay()+u.tolerance {
-				u.fastNode = s
-			}
-		}
+
 		return u.fastNode, nil
 	})
 	if shared && touch { // a shared fastSingle.Do() may cause providers untouched, so we touch them again
@ -148,12 +117,8 @@ func (u *URLTest) SupportUDP() bool {
 	if u.disableUDP {
 		return false
 	}
-	return u.fast(false).SupportUDP()
-}

-// IsL3Protocol implements C.ProxyAdapter
-func (u *URLTest) IsL3Protocol(metadata *C.Metadata) bool {
-	return u.fast(false).IsL3Protocol(metadata)
+	return u.fast(false).SupportUDP()
 }

 // MarshalJSON implements C.ProxyAdapter
@ -199,7 +164,6 @@ func NewURLTest(option *GroupCommonOption, providers []provider.ProxyProvider, o
 		}),
 		fastSingle: singledo.NewSingle[C.Proxy](time.Second * 10),
 		disableUDP: option.DisableUDP,
-		testUrl:    option.URL,
 	}

 	for _, option := range options {
--- a/adapter/outboundgroup/util.go
+++ b/adapter/outboundgroup/util.go
@ -1,10 +1,37 @@
 package outboundgroup

 import (
+	"fmt"
 	"net"
+	"net/netip"
 	"time"
+
+	C "github.com/Dreamacro/clash/constant"
 )

+func addrToMetadata(rawAddress string) (addr *C.Metadata, err error) {
+	host, port, err := net.SplitHostPort(rawAddress)
+	if err != nil {
+		err = fmt.Errorf("addrToMetadata failed: %w", err)
+		return
+	}
+
+	if ip, err := netip.ParseAddr(host); err != nil {
+		addr = &C.Metadata{
+			Host:    host,
+			DstPort: port,
+		}
+	} else {
+		addr = &C.Metadata{
+			Host:    "",
+			DstIP:   ip.Unmap(),
+			DstPort: port,
+		}
+	}
+
+	return
+}
+
 func tcpKeepAlive(c net.Conn) {
 	if tcp, ok := c.(*net.TCPConn); ok {
 		_ = tcp.SetKeepAlive(true)
@ -14,5 +41,4 @@ func tcpKeepAlive(c net.Conn) {

 type SelectAble interface {
 	Set(string) error
-	ForceSet(name string)
 }
--- a/adapter/parser.go
+++ b/adapter/parser.go
@ -23,7 +23,7 @@ func ParseProxy(mapping map[string]any) (C.Proxy, error) {
 	)
 	switch proxyType {
 	case "ss":
-		ssOption := &outbound.ShadowSocksOption{ClientFingerprint: tlsC.GetGlobalFingerprint()}
+		ssOption := &outbound.ShadowSocksOption{}
 		err = decoder.Decode(mapping, ssOption)
 		if err != nil {
 			break
@ -56,7 +56,10 @@ func ParseProxy(mapping map[string]any) (C.Proxy, error) {
 				Method: "GET",
 				Path:   []string{"/"},
 			},
-			ClientFingerprint: tlsC.GetGlobalFingerprint(),
+		}
+
+		if GlobalUtlsClient := tlsC.GetGlobalFingerprint(); len(GlobalUtlsClient) != 0 {
+			vmessOption.ClientFingerprint = GlobalUtlsClient
 		}

 		err = decoder.Decode(mapping, vmessOption)
@ -65,7 +68,12 @@ func ParseProxy(mapping map[string]any) (C.Proxy, error) {
 		}
 		proxy, err = outbound.NewVmess(*vmessOption)
 	case "vless":
-		vlessOption := &outbound.VlessOption{ClientFingerprint: tlsC.GetGlobalFingerprint()}
+		vlessOption := &outbound.VlessOption{}
+
+		if GlobalUtlsClient := tlsC.GetGlobalFingerprint(); len(GlobalUtlsClient) != 0 {
+			vlessOption.ClientFingerprint = GlobalUtlsClient
+		}
+
 		err = decoder.Decode(mapping, vlessOption)
 		if err != nil {
 			break
@ -79,7 +87,12 @@ func ParseProxy(mapping map[string]any) (C.Proxy, error) {
 		}
 		proxy, err = outbound.NewSnell(*snellOption)
 	case "trojan":
-		trojanOption := &outbound.TrojanOption{ClientFingerprint: tlsC.GetGlobalFingerprint()}
+		trojanOption := &outbound.TrojanOption{}
+
+		if GlobalUtlsClient := tlsC.GetGlobalFingerprint(); len(GlobalUtlsClient) != 0 {
+			trojanOption.ClientFingerprint = GlobalUtlsClient
+		}
+
 		err = decoder.Decode(mapping, trojanOption)
 		if err != nil {
 			break
@ -114,19 +127,5 @@ func ParseProxy(mapping map[string]any) (C.Proxy, error) {
 		return nil, err
 	}

-	if muxMapping, muxExist := mapping["smux"].(map[string]any); muxExist {
-		muxOption := &outbound.SingMuxOption{}
-		err = decoder.Decode(muxMapping, muxOption)
-		if err != nil {
-			return nil, err
-		}
-		if muxOption.Enabled {
-			proxy, err = outbound.NewSingMux(*muxOption, proxy, proxy.(outbound.ProxyBase))
-			if err != nil {
-				return nil, err
-			}
-		}
-	}
-
 	return NewProxy(proxy), nil
 }
--- a/adapter/provider/healthcheck.go
+++ b/adapter/provider/healthcheck.go
@ -4,12 +4,13 @@ import (
 	"context"
 	"time"

-	"github.com/Dreamacro/clash/common/atomic"
 	"github.com/Dreamacro/clash/common/batch"
 	"github.com/Dreamacro/clash/common/singledo"
 	"github.com/Dreamacro/clash/common/utils"
 	C "github.com/Dreamacro/clash/constant"
 	"github.com/Dreamacro/clash/log"
+
+	"go.uber.org/atomic"
 )

 const (
@ -33,15 +34,16 @@ type HealthCheck struct {

 func (hc *HealthCheck) process() {
 	ticker := time.NewTicker(time.Duration(hc.interval) * time.Second)
+
+	go func() {
+		time.Sleep(30 * time.Second)
+		hc.lazyCheck()
+	}()
+
 	for {
 		select {
 		case <-ticker.C:
-			now := time.Now().Unix()
-			if !hc.lazy || now-hc.lastTouch.Load() < int64(hc.interval) {
-				hc.check()
-			} else {
-				log.Debugln("Skip once health check because we are lazy")
-			}
+			hc.lazyCheck()
 		case <-hc.done:
 			ticker.Stop()
 			return
@ -49,6 +51,17 @@ func (hc *HealthCheck) process() {
 	}
 }

+func (hc *HealthCheck) lazyCheck() bool {
+	now := time.Now().Unix()
+	if !hc.lazy || now-hc.lastTouch.Load() < int64(hc.interval) {
+		hc.check()
+		return true
+	} else {
+		log.Debugln("Skip once health check because we are lazy")
+		return false
+	}
+}
+
 func (hc *HealthCheck) setProxy(proxies []C.Proxy) {
 	hc.proxies = proxies
 }
@ -63,7 +76,10 @@ func (hc *HealthCheck) touch() {

 func (hc *HealthCheck) check() {
 	_, _, _ = hc.singleDo.Do(func() (struct{}, error) {
-		id := utils.NewUUIDV4().String()
+		id := ""
+		if uid, err := utils.UnsafeUUIDGenerator.NewV4(); err == nil {
+			id = uid.String()
+		}
 		log.Debugln("Start New Health Checking {%s}", id)
 		b, _ := batch.New[bool](context.Background(), batch.WithConcurrencyNum[bool](10))
 		for _, proxy := range hc.proxies {
--- a/adapter/provider/parser.go
+++ b/adapter/provider/parser.go
@ -28,7 +28,6 @@ type proxyProviderSchema struct {
 	Filter        string            `provider:"filter,omitempty"`
 	ExcludeFilter string            `provider:"exclude-filter,omitempty"`
 	ExcludeType   string            `provider:"exclude-type,omitempty"`
-	DialerProxy   string            `provider:"dialer-proxy,omitempty"`
 	HealthCheck   healthCheckSchema `provider:"health-check,omitempty"`
 }

@ -66,7 +65,6 @@ func ParseProxyProvider(name string, mapping map[string]any) (types.ProxyProvide
 	filter := schema.Filter
 	excludeFilter := schema.ExcludeFilter
 	excludeType := schema.ExcludeType
-	dialerProxy := schema.DialerProxy

-	return NewProxySetProvider(name, interval, filter, excludeFilter, excludeType, dialerProxy, vehicle, hc)
+	return NewProxySetProvider(name, interval, filter, excludeFilter, excludeType, vehicle, hc)
 }
--- a/adapter/provider/provider.go
+++ b/adapter/provider/provider.go
@ -17,7 +17,6 @@ import (
 	C "github.com/Dreamacro/clash/constant"
 	types "github.com/Dreamacro/clash/constant/provider"
 	"github.com/Dreamacro/clash/log"
-	"github.com/Dreamacro/clash/tunnel/statistic"

 	"github.com/dlclark/regexp2"
 	"gopkg.in/yaml.v3"
@ -81,8 +80,6 @@ func (pp *proxySetProvider) Initial() error {
 		return err
 	}
 	pp.OnUpdate(elm)
-	pp.getSubscriptionInfo()
-	pp.closeAllConnections()
 	return nil
 }

@ -102,7 +99,7 @@ func (pp *proxySetProvider) setProxies(proxies []C.Proxy) {
 	pp.proxies = proxies
 	pp.healthCheck.setProxy(proxies)
 	if pp.healthCheck.auto() {
-		go pp.healthCheck.check()
+		defer func() { go pp.healthCheck.lazyCheck() }()
 	}
 }

@ -140,24 +137,12 @@ func (pp *proxySetProvider) getSubscriptionInfo() {
 	}()
 }

-func (pp *proxySetProvider) closeAllConnections() {
-	snapshot := statistic.DefaultManager.Snapshot()
-	for _, c := range snapshot.Connections {
-		for _, chain := range c.Chains() {
-			if chain == pp.Name() {
-				_ = c.Close()
-				break
-			}
-		}
-	}
-}
-
 func stopProxyProvider(pd *ProxySetProvider) {
 	pd.healthCheck.close()
 	_ = pd.Fetcher.Destroy()
 }

-func NewProxySetProvider(name string, interval time.Duration, filter string, excludeFilter string, excludeType string, dialerProxy string, vehicle types.Vehicle, hc *HealthCheck) (*ProxySetProvider, error) {
+func NewProxySetProvider(name string, interval time.Duration, filter string, excludeFilter string, excludeType string, vehicle types.Vehicle, hc *HealthCheck) (*ProxySetProvider, error) {
 	excludeFilterReg, err := regexp2.Compile(excludeFilter, 0)
 	if err != nil {
 		return nil, fmt.Errorf("invalid excludeFilter regex: %w", err)
@ -185,8 +170,10 @@ func NewProxySetProvider(name string, interval time.Duration, filter string, exc
 		healthCheck: hc,
 	}

-	fetcher := resource.NewFetcher[[]C.Proxy](name, interval, vehicle, proxiesParseAndFilter(filter, excludeFilter, excludeTypeArray, filterRegs, excludeFilterReg, dialerProxy), proxiesOnUpdate(pd))
+	fetcher := resource.NewFetcher[[]C.Proxy](name, interval, vehicle, proxiesParseAndFilter(filter, excludeFilter, excludeTypeArray, filterRegs, excludeFilterReg), proxiesOnUpdate(pd))
 	pd.Fetcher = fetcher
+
+	pd.getSubscriptionInfo()
 	wrapper := &ProxySetProvider{pd}
 	runtime.SetFinalizer(wrapper, stopProxyProvider)
 	return wrapper, nil
@ -281,7 +268,7 @@ func proxiesOnUpdate(pd *proxySetProvider) func([]C.Proxy) {
 	}
 }

-func proxiesParseAndFilter(filter string, excludeFilter string, excludeTypeArray []string, filterRegs []*regexp2.Regexp, excludeFilterReg *regexp2.Regexp, dialerProxy string) resource.Parser[[]C.Proxy] {
+func proxiesParseAndFilter(filter string, excludeFilter string, excludeTypeArray []string, filterRegs []*regexp2.Regexp, excludeFilterReg *regexp2.Regexp) resource.Parser[[]C.Proxy] {
 	return func(buf []byte) ([]C.Proxy, error) {
 		schema := &ProxySchema{}

@ -344,9 +331,6 @@ func proxiesParseAndFilter(filter string, excludeFilter string, excludeTypeArray
 				if _, ok := proxiesSet[name]; ok {
 					continue
 				}
-				if len(dialerProxy) > 0 {
-					mapping["dialer-proxy"] = dialerProxy
-				}
 				proxy, err := adapter.ParseProxy(mapping)
 				if err != nil {
 					return nil, fmt.Errorf("proxy %d error: %w", idx, err)
--- a/common/atomic/type.go
+++ b/common/atomic/type.go
@ -1,205 +0,0 @@
-package atomic
-
-import (
-	"encoding/json"
-	"fmt"
-	"strconv"
-	"sync/atomic"
-)
-
-type Bool struct {
-	atomic.Bool
-}
-
-func NewBool(val bool) *Bool {
-	i := &Bool{}
-	i.Store(val)
-	return i
-}
-
-func (i *Bool) MarshalJSON() ([]byte, error) {
-	return json.Marshal(i.Load())
-}
-
-func (i *Bool) UnmarshalJSON(b []byte) error {
-	var v bool
-	if err := json.Unmarshal(b, &v); err != nil {
-		return err
-	}
-	i.Store(v)
-	return nil
-}
-
-func (i *Bool) String() string {
-	v := i.Load()
-	return strconv.FormatBool(v)
-}
-
-type Pointer[T any] struct {
-	atomic.Pointer[T]
-}
-
-func NewPointer[T any](v *T) *Pointer[T] {
-	var p Pointer[T]
-	if v != nil {
-		p.Store(v)
-	}
-	return &p
-}
-
-func (p *Pointer[T]) MarshalJSON() ([]byte, error) {
-	return json.Marshal(p.Load())
-}
-
-func (p *Pointer[T]) UnmarshalJSON(b []byte) error {
-	var v *T
-	if err := json.Unmarshal(b, &v); err != nil {
-		return err
-	}
-	p.Store(v)
-	return nil
-}
-
-func (p *Pointer[T]) String() string {
-	return fmt.Sprint(p.Load())
-}
-
-type Int32 struct {
-	atomic.Int32
-}
-
-func NewInt32(val int32) *Int32 {
-	i := &Int32{}
-	i.Store(val)
-	return i
-}
-
-func (i *Int32) MarshalJSON() ([]byte, error) {
-	return json.Marshal(i.Load())
-}
-
-func (i *Int32) UnmarshalJSON(b []byte) error {
-	var v int32
-	if err := json.Unmarshal(b, &v); err != nil {
-		return err
-	}
-	i.Store(v)
-	return nil
-}
-
-func (i *Int32) String() string {
-	v := i.Load()
-	return strconv.FormatInt(int64(v), 10)
-}
-
-type Int64 struct {
-	atomic.Int64
-}
-
-func NewInt64(val int64) *Int64 {
-	i := &Int64{}
-	i.Store(val)
-	return i
-}
-
-func (i *Int64) MarshalJSON() ([]byte, error) {
-	return json.Marshal(i.Load())
-}
-
-func (i *Int64) UnmarshalJSON(b []byte) error {
-	var v int64
-	if err := json.Unmarshal(b, &v); err != nil {
-		return err
-	}
-	i.Store(v)
-	return nil
-}
-
-func (i *Int64) String() string {
-	v := i.Load()
-	return strconv.FormatInt(int64(v), 10)
-}
-
-type Uint32 struct {
-	atomic.Uint32
-}
-
-func NewUint32(val uint32) *Uint32 {
-	i := &Uint32{}
-	i.Store(val)
-	return i
-}
-
-func (i *Uint32) MarshalJSON() ([]byte, error) {
-	return json.Marshal(i.Load())
-}
-
-func (i *Uint32) UnmarshalJSON(b []byte) error {
-	var v uint32
-	if err := json.Unmarshal(b, &v); err != nil {
-		return err
-	}
-	i.Store(v)
-	return nil
-}
-
-func (i *Uint32) String() string {
-	v := i.Load()
-	return strconv.FormatUint(uint64(v), 10)
-}
-
-type Uint64 struct {
-	atomic.Uint64
-}
-
-func NewUint64(val uint64) *Uint64 {
-	i := &Uint64{}
-	i.Store(val)
-	return i
-}
-
-func (i *Uint64) MarshalJSON() ([]byte, error) {
-	return json.Marshal(i.Load())
-}
-
-func (i *Uint64) UnmarshalJSON(b []byte) error {
-	var v uint64
-	if err := json.Unmarshal(b, &v); err != nil {
-		return err
-	}
-	i.Store(v)
-	return nil
-}
-
-func (i *Uint64) String() string {
-	v := i.Load()
-	return strconv.FormatUint(uint64(v), 10)
-}
-
-type Uintptr struct {
-	atomic.Uintptr
-}
-
-func NewUintptr(val uintptr) *Uintptr {
-	i := &Uintptr{}
-	i.Store(val)
-	return i
-}
-
-func (i *Uintptr) MarshalJSON() ([]byte, error) {
-	return json.Marshal(i.Load())
-}
-
-func (i *Uintptr) UnmarshalJSON(b []byte) error {
-	var v uintptr
-	if err := json.Unmarshal(b, &v); err != nil {
-		return err
-	}
-	i.Store(v)
-	return nil
-}
-
-func (i *Uintptr) String() string {
-	v := i.Load()
-	return strconv.FormatUint(uint64(v), 10)
-}
--- a/common/atomic/value.go
+++ b/common/atomic/value.go
@ -1,58 +0,0 @@
-package atomic
-
-import (
-	"encoding/json"
-	"sync/atomic"
-)
-
-func DefaultValue[T any]() T {
-	var defaultValue T
-	return defaultValue
-}
-
-type TypedValue[T any] struct {
-	value atomic.Value
-}
-
-func (t *TypedValue[T]) Load() T {
-	value := t.value.Load()
-	if value == nil {
-		return DefaultValue[T]()
-	}
-	return value.(T)
-}
-
-func (t *TypedValue[T]) Store(value T) {
-	t.value.Store(value)
-}
-
-func (t *TypedValue[T]) Swap(new T) T {
-	old := t.value.Swap(new)
-	if old == nil {
-		return DefaultValue[T]()
-	}
-	return old.(T)
-}
-
-func (t *TypedValue[T]) CompareAndSwap(old, new T) bool {
-	return t.value.CompareAndSwap(old, new)
-}
-
-func (t *TypedValue[T]) MarshalJSON() ([]byte, error) {
-	return json.Marshal(t.Load())
-}
-
-func (t *TypedValue[T]) UnmarshalJSON(b []byte) error {
-	var v T
-	if err := json.Unmarshal(b, &v); err != nil {
-		return err
-	}
-	t.Store(v)
-	return nil
-}
-
-func NewTypedValue[T any](t T) *TypedValue[T] {
-	v := &TypedValue[T]{}
-	v.Store(t)
-	return v
-}
--- a/common/buf/sing.go
+++ b/common/buf/sing.go
@ -10,11 +10,9 @@ const BufferSize = buf.BufferSize
 type Buffer = buf.Buffer

 var New = buf.New
-var NewSize = buf.NewSize
 var StackNew = buf.StackNew
 var StackNewSize = buf.StackNewSize
 var With = buf.With
-var As = buf.As

 var KeepAlive = common.KeepAlive

@ -23,7 +21,5 @@ func Dup[T any](obj T) T {
 	return common.Dup(obj)
 }

-var (
-	Must  = common.Must
-	Error = common.Error
-)
+var Must = common.Must
+var Error = common.Error
--- a/common/callback/callback.go
+++ b/common/callback/callback.go
@ -1,55 +1,25 @@
 package callback

 import (
-	"github.com/Dreamacro/clash/common/buf"
-	N "github.com/Dreamacro/clash/common/net"
 	C "github.com/Dreamacro/clash/constant"
 )

-type firstWriteCallBackConn struct {
+type FirstWriteCallBackConn struct {
 	C.Conn
-	callback func(error)
+	Callback func(error)
 	written  bool
 }

-func (c *firstWriteCallBackConn) Write(b []byte) (n int, err error) {
+func (c *FirstWriteCallBackConn) Write(b []byte) (n int, err error) {
 	defer func() {
 		if !c.written {
 			c.written = true
-			c.callback(err)
+			c.Callback(err)
 		}
 	}()
 	return c.Conn.Write(b)
 }

-func (c *firstWriteCallBackConn) WriteBuffer(buffer *buf.Buffer) (err error) {
-	defer func() {
-		if !c.written {
-			c.written = true
-			c.callback(err)
-		}
-	}()
-	return c.Conn.WriteBuffer(buffer)
-}
-
-func (c *firstWriteCallBackConn) Upstream() any {
+func (c *FirstWriteCallBackConn) Upstream() any {
 	return c.Conn
 }
-
-func (c *firstWriteCallBackConn) WriterReplaceable() bool {
-	return c.written
-}
-
-func (c *firstWriteCallBackConn) ReaderReplaceable() bool {
-	return true
-}
-
-var _ N.ExtendedConn = (*firstWriteCallBackConn)(nil)
-
-func NewFirstWriteCallBackConn(c C.Conn, callback func(error)) C.Conn {
-	return &firstWriteCallBackConn{
-		Conn:     c,
-		callback: callback,
-		written:  false,
-	}
-}
--- a/common/convert/converter.go
+++ b/common/convert/converter.go
@ -5,11 +5,10 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
+	"github.com/Dreamacro/clash/log"
 	"net/url"
 	"strconv"
 	"strings"
-
-	"github.com/Dreamacro/clash/log"
 )

 // ConvertsV2Ray convert V2Ray subscribe proxies data to clash proxies config
@ -202,8 +201,7 @@ func ConvertsV2Ray(buf []byte) ([]map[string]any, error) {
 				vmess["servername"] = sni
 			}

-			network, _ := values["net"].(string)
-			network = strings.ToLower(network)
+			network := strings.ToLower(values["net"].(string))
 			if values["type"] == "http" {
 				network = "http"
 			} else if network == "http" {
@ -211,12 +209,9 @@ func ConvertsV2Ray(buf []byte) ([]map[string]any, error) {
 			}
 			vmess["network"] = network

-			tls, ok := values["tls"].(string)
-			if ok {
-				tls = strings.ToLower(tls)
-				if strings.HasSuffix(tls, "tls") {
-					vmess["tls"] = true
-				}
+			tls := strings.ToLower(values["tls"].(string))
+			if strings.HasSuffix(tls, "tls") {
+				vmess["tls"] = true
 			}

 			switch network {
--- a/common/convert/util.go
+++ b/common/convert/util.go
@ -294,7 +294,8 @@ var (
 )

 func RandHost() string {
-	base := strings.ToLower(base64.RawURLEncoding.EncodeToString(utils.NewUUIDV4().Bytes()))
+	id, _ := utils.UnsafeUUIDGenerator.NewV4()
+	base := strings.ToLower(base64.RawURLEncoding.EncodeToString(id.Bytes()))
 	base = strings.ReplaceAll(base, "-", "")
 	base = strings.ReplaceAll(base, "_", "")
 	buf := []byte(base)
--- a/common/convert/v.go
+++ b/common/convert/v.go
@ -27,7 +27,7 @@ func handleVShareLink(names map[string]int, url *url.URL, scheme string, proxy m
 	proxy["skip-cert-verify"] = false
 	proxy["tls"] = false
 	tls := strings.ToLower(query.Get("security"))
-	if strings.HasSuffix(tls, "tls") || tls == "reality" {
+	if strings.HasSuffix(tls, "tls") {
 		proxy["tls"] = true
 		if fingerprint := query.Get("fp"); fingerprint == "" {
 			proxy["client-fingerprint"] = "chrome"
@ -38,12 +38,6 @@ func handleVShareLink(names map[string]int, url *url.URL, scheme string, proxy m
 	if sni := query.Get("sni"); sni != "" {
 		proxy["servername"] = sni
 	}
-	if realityPublicKey := query.Get("pbk"); realityPublicKey != "" {
-		proxy["reality-opts"] = map[string]any{
-			"public-key": realityPublicKey,
-			"short-id":   query.Get("sid"),
-		}
-	}

 	switch query.Get("packetEncoding") {
 	case "none":
--- a/common/net/addr.go
+++ b/common/net/addr.go
@ -1,36 +0,0 @@
-package net
-
-import (
-	"net"
-)
-
-type CustomAddr interface {
-	net.Addr
-	RawAddr() net.Addr
-}
-
-type customAddr struct {
-	networkStr string
-	addrStr    string
-	rawAddr    net.Addr
-}
-
-func (a customAddr) Network() string {
-	return a.networkStr
-}
-
-func (a customAddr) String() string {
-	return a.addrStr
-}
-
-func (a customAddr) RawAddr() net.Addr {
-	return a.rawAddr
-}
-
-func NewCustomAddr(networkStr string, addrStr string, rawAddr net.Addr) CustomAddr {
-	return customAddr{
-		networkStr: networkStr,
-		addrStr:    addrStr,
-		rawAddr:    rawAddr,
-	}
-}
--- a/common/net/bufconn.go
+++ b/common/net/bufconn.go
@ -69,16 +69,6 @@ func (c *BufferedConn) ReadBuffer(buffer *buf.Buffer) (err error) {
 	return c.ExtendedConn.ReadBuffer(buffer)
 }

-func (c *BufferedConn) ReadCached() *buf.Buffer { // call in sing/common/bufio.Copy
-	if c.r.Buffered() > 0 {
-		length := c.r.Buffered()
-		b, _ := c.r.Peek(length)
-		_, _ = c.r.Discard(length)
-		return buf.As(b)
-	}
-	return nil
-}
-
 func (c *BufferedConn) Upstream() any {
 	return c.ExtendedConn
 }
@ -89,7 +79,3 @@ func (c *BufferedConn) ReaderReplaceable() bool {
 	}
 	return true
 }
-
-func (c *BufferedConn) WriterReplaceable() bool {
-	return true
-}
--- a/common/net/refconn.go
+++ b/common/net/refconn.go
@ -4,12 +4,10 @@ import (
 	"net"
 	"runtime"
 	"time"
-
-	"github.com/Dreamacro/clash/common/buf"
 )

 type refConn struct {
-	conn ExtendedConn
+	conn net.Conn
 	ref  any
 }

@ -57,28 +55,8 @@ func (c *refConn) Upstream() any {
 	return c.conn
 }

-func (c *refConn) ReadBuffer(buffer *buf.Buffer) error {
-	defer runtime.KeepAlive(c.ref)
-	return c.conn.ReadBuffer(buffer)
-}
-
-func (c *refConn) WriteBuffer(buffer *buf.Buffer) error {
-	defer runtime.KeepAlive(c.ref)
-	return c.conn.WriteBuffer(buffer)
-}
-
-func (c *refConn) ReaderReplaceable() bool { // Relay() will handle reference
-	return true
-}
-
-func (c *refConn) WriterReplaceable() bool { // Relay() will handle reference
-	return true
-}
-
-var _ ExtendedConn = (*refConn)(nil)
-
 func NewRefConn(conn net.Conn, ref any) net.Conn {
-	return &refConn{conn: NewExtendedConn(conn), ref: ref}
+	return &refConn{conn: conn, ref: ref}
 }

 type refPacketConn struct {
--- a/common/net/sing.go
+++ b/common/net/sing.go
@ -3,11 +3,9 @@ package net
 import (
 	"context"
 	"net"
-	"runtime"

 	"github.com/sagernet/sing/common"
 	"github.com/sagernet/sing/common/bufio"
-	"github.com/sagernet/sing/common/bufio/deadline"
 	"github.com/sagernet/sing/common/network"
 )

@ -19,14 +17,6 @@ type ExtendedConn = network.ExtendedConn
 type ExtendedWriter = network.ExtendedWriter
 type ExtendedReader = network.ExtendedReader

-func NewDeadlineConn(conn net.Conn) ExtendedConn {
-	return deadline.NewFallbackConn(conn)
-}
-
-func NewDeadlinePacketConn(pc net.PacketConn) net.PacketConn {
-	return deadline.NewFallbackPacketConn(bufio.NewPacketConn(pc))
-}
-
 func NeedHandshake(conn any) bool {
 	if earlyConn, isEarlyConn := common.Cast[network.EarlyConn](conn); isEarlyConn && earlyConn.NeedHandshake() {
 		return true
@ -34,11 +24,7 @@ func NeedHandshake(conn any) bool {
 	return false
 }

-type CountFunc = network.CountFunc
-
 // Relay copies between left and right bidirectionally.
 func Relay(leftConn, rightConn net.Conn) {
-	defer runtime.KeepAlive(leftConn)
-	defer runtime.KeepAlive(rightConn)
 	_ = bufio.CopyConn(context.TODO(), leftConn, rightConn)
 }
--- a/common/observable/observable_test.go
+++ b/common/observable/observable_test.go
@ -5,9 +5,8 @@ import (
 	"testing"
 	"time"

-	"github.com/Dreamacro/clash/common/atomic"
-
 	"github.com/stretchr/testify/assert"
+	"go.uber.org/atomic"
 )

 func iterator[T any](item []T) chan T {
@ -45,7 +44,7 @@ func TestObservable_MultiSubscribe(t *testing.T) {
 	wg.Add(2)
 	waitCh := func(ch <-chan int) {
 		for range ch {
-			count.Add(1)
+			count.Inc()
 		}
 		wg.Done()
 	}
--- a/common/pool/buffer_low_memory.go
+++ b/common/pool/buffer_low_memory.go
@ -1,15 +0,0 @@
-//go:build with_low_memory
-
-package pool
-
-const (
-	// io.Copy default buffer size is 32 KiB
-	// but the maximum packet size of vmess/shadowsocks is about 16 KiB
-	// so define a buffer of 20 KiB to reduce the memory of each TCP relay
-	RelayBufferSize = 16 * 1024
-
-	// RelayBufferSize uses 20KiB, but due to the allocator it will actually
-	// request 32Kib. Most UDPs are smaller than the MTU, and the TUN's MTU
-	// set to 9000, so the UDP Buffer size set to 16Kib
-	UDPBufferSize = 8 * 1024
-)
--- a/common/pool/buffer_standard.go
+++ b/common/pool/buffer_standard.go
@ -1,15 +0,0 @@
-//go:build !with_low_memory
-
-package pool
-
-const (
-	// io.Copy default buffer size is 32 KiB
-	// but the maximum packet size of vmess/shadowsocks is about 16 KiB
-	// so define a buffer of 20 KiB to reduce the memory of each TCP relay
-	RelayBufferSize = 20 * 1024
-
-	// RelayBufferSize uses 20KiB, but due to the allocator it will actually
-	// request 32Kib. Most UDPs are smaller than the MTU, and the TUN's MTU
-	// set to 9000, so the UDP Buffer size set to 16Kib
-	UDPBufferSize = 16 * 1024
-)
--- a/common/pool/pool.go
+++ b/common/pool/pool.go
@ -1,5 +1,17 @@
 package pool

+const (
+	// io.Copy default buffer size is 32 KiB
+	// but the maximum packet size of vmess/shadowsocks is about 16 KiB
+	// so define a buffer of 20 KiB to reduce the memory of each TCP relay
+	RelayBufferSize = 20 * 1024
+
+	// RelayBufferSize uses 20KiB, but due to the allocator it will actually
+	// request 32Kib. Most UDPs are smaller than the MTU, and the TUN's MTU
+	// set to 9000, so the UDP Buffer size set to 16Kib
+	UDPBufferSize = 16 * 1024
+)
+
 func Get(size int) []byte {
 	return defaultAllocator.Get(size)
 }
--- a/common/singledo/singledo_test.go
+++ b/common/singledo/singledo_test.go
@ -5,9 +5,8 @@ import (
 	"testing"
 	"time"

-	"github.com/Dreamacro/clash/common/atomic"
-
 	"github.com/stretchr/testify/assert"
+	"go.uber.org/atomic"
 )

 func TestBasic(t *testing.T) {
@ -27,7 +26,7 @@ func TestBasic(t *testing.T) {
 		go func() {
 			_, _, shard := single.Do(call)
 			if shard {
-				shardCount.Add(1)
+				shardCount.Inc()
 			}
 			wg.Done()
 		}()
--- a/common/utils/strings.go
+++ b/common/utils/strings.go
@ -1,9 +0,0 @@
-package utils
-
-func Reverse(s string) string {
-	a := []rune(s)
-	for i, j := 0, len(a)-1; i < j; i, j = i+1, j-1 {
-		a[i], a[j] = a[j], a[i]
-	}
-	return string(a)
-}
--- a/common/utils/uuid.go
+++ b/common/utils/uuid.go
@ -1,7 +1,7 @@
 package utils

 import (
-	"github.com/gofrs/uuid/v5"
+	"github.com/gofrs/uuid"
 	"github.com/zhangyunhao116/fastrand"
 )

@ -13,39 +13,11 @@ func (r fastRandReader) Read(p []byte) (int, error) {

 var UnsafeUUIDGenerator = uuid.NewGenWithOptions(uuid.WithRandomReader(fastRandReader{}))

-func NewUUIDV1() uuid.UUID {
-	u, _ := UnsafeUUIDGenerator.NewV1() // fastrand.Read wouldn't cause error, so ignore err is safe
-	return u
-}
-
-func NewUUIDV3(ns uuid.UUID, name string) uuid.UUID {
-	return UnsafeUUIDGenerator.NewV3(ns, name)
-}
-
-func NewUUIDV4() uuid.UUID {
-	u, _ := UnsafeUUIDGenerator.NewV4() // fastrand.Read wouldn't cause error, so ignore err is safe
-	return u
-}
-
-func NewUUIDV5(ns uuid.UUID, name string) uuid.UUID {
-	return UnsafeUUIDGenerator.NewV5(ns, name)
-}
-
-func NewUUIDV6() uuid.UUID {
-	u, _ := UnsafeUUIDGenerator.NewV6() // fastrand.Read wouldn't cause error, so ignore err is safe
-	return u
-}
-
-func NewUUIDV7() uuid.UUID {
-	u, _ := UnsafeUUIDGenerator.NewV7() // fastrand.Read wouldn't cause error, so ignore err is safe
-	return u
-}
-
 // UUIDMap https://github.com/XTLS/Xray-core/issues/158#issue-783294090
 func UUIDMap(str string) (uuid.UUID, error) {
 	u, err := uuid.FromString(str)
 	if err != nil {
-		return NewUUIDV5(uuid.Nil, str), nil
+		return UnsafeUUIDGenerator.NewV5(uuid.Nil, str), nil
 	}
 	return u, nil
 }
--- a/common/utils/uuid_test.go
+++ b/common/utils/uuid_test.go
@ -1,7 +1,7 @@
 package utils

 import (
-	"github.com/gofrs/uuid/v5"
+	"github.com/gofrs/uuid"
 	"reflect"
 	"testing"
 )
--- a/component/dialer/bind_windows.go
+++ b/component/dialer/bind_windows.go
@ -3,7 +3,6 @@ package dialer
 import (
 	"context"
 	"encoding/binary"
-	"fmt"
 	"net"
 	"net/netip"
 	"syscall"
@ -21,19 +20,11 @@ func bind4(handle syscall.Handle, ifaceIdx int) error {
 	var bytes [4]byte
 	binary.BigEndian.PutUint32(bytes[:], uint32(ifaceIdx))
 	idx := *(*uint32)(unsafe.Pointer(&bytes[0]))
-	err := syscall.SetsockoptInt(handle, syscall.IPPROTO_IP, IP_UNICAST_IF, int(idx))
-	if err != nil {
-		err = fmt.Errorf("bind4: %w", err)
-	}
-	return err
+	return syscall.SetsockoptInt(handle, syscall.IPPROTO_IP, IP_UNICAST_IF, int(idx))
 }

 func bind6(handle syscall.Handle, ifaceIdx int) error {
-	err := syscall.SetsockoptInt(handle, syscall.IPPROTO_IPV6, IPV6_UNICAST_IF, ifaceIdx)
-	if err != nil {
-		err = fmt.Errorf("bind6: %w", err)
-	}
-	return err
+	return syscall.SetsockoptInt(handle, syscall.IPPROTO_IPV6, IPV6_UNICAST_IF, ifaceIdx)
 }

 func bindControl(ifaceIdx int) controlFn {
@ -58,9 +49,9 @@ func bindControl(ifaceIdx int) controlFn {
 				if (!addrPort.Addr().IsValid() || addrPort.Addr().IsUnspecified()) && bind6err != nil {
 					// try bind ipv6, if failed, ignore. it's a workaround for windows disable interface ipv6
 					if bind4err != nil {
-						innerErr = fmt.Errorf("%w (%s)", bind6err, bind4err)
+						innerErr = bind6err
 					} else {
-						innerErr = nil
+						innerErr = bind4err
 					}
 				} else {
 					innerErr = bind6err
--- a/component/dialer/dialer.go
+++ b/component/dialer/dialer.go
@ -157,7 +157,7 @@ func concurrentDualStackDialContext(ctx context.Context, network string, ips []n
 }

 func dualStackDialContext(ctx context.Context, dialFn dialFunc, network string, ips []netip.Addr, port string, opt *option) (net.Conn, error) {
-	ipv4s, ipv6s := resolver.SortationAddr(ips)
+	ipv4s, ipv6s := sortationAddr(ips)
 	preferIPVersion := opt.prefer

 	fallbackTicker := time.NewTicker(fallbackTimeout)
@ -309,16 +309,27 @@ func parseAddr(ctx context.Context, network, address string, preferResolver reso
 	return ips, port, nil
 }

+func sortationAddr(ips []netip.Addr) (ipv4s, ipv6s []netip.Addr) {
+	for _, v := range ips {
+		if v.Is4() { // 4in6 parse was in parseAddr
+			ipv4s = append(ipv4s, v)
+		} else {
+			ipv6s = append(ipv6s, v)
+		}
+	}
+	return
+}
+
 type Dialer struct {
-	Opt option
+	opt option
 }

 func (d Dialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
-	return DialContext(ctx, network, address, WithOption(d.Opt))
+	return DialContext(ctx, network, address, WithOption(d.opt))
 }

 func (d Dialer) ListenPacket(ctx context.Context, network, address string, rAddrPort netip.AddrPort) (net.PacketConn, error) {
-	opt := WithOption(d.Opt)
+	opt := WithOption(d.opt)
 	if rAddrPort.Addr().Unmap().IsLoopback() {
 		// avoid "The requested address is not valid in its context."
 		opt = WithInterface("")
@ -328,5 +339,5 @@ func (d Dialer) ListenPacket(ctx context.Context, network, address string, rAddr

 func NewDialer(options ...Option) Dialer {
 	opt := applyOptions(options...)
-	return Dialer{Opt: *opt}
+	return Dialer{opt: *opt}
 }
--- a/component/dialer/options.go
+++ b/component/dialer/options.go
@ -4,13 +4,14 @@ import (
 	"context"
 	"net"

-	"github.com/Dreamacro/clash/common/atomic"
 	"github.com/Dreamacro/clash/component/resolver"
+
+	"go.uber.org/atomic"
 )

 var (
 	DefaultOptions     []Option
-	DefaultInterface   = atomic.NewTypedValue[string]("")
+	DefaultInterface   = atomic.NewString("")
 	DefaultRoutingMark = atomic.NewInt32(0)
 )

--- a/component/dialer/tfo.go
+++ b/component/dialer/tfo.go
@ -105,22 +105,10 @@ func (c *tfoConn) Upstream() any {
 	return c.Conn
 }

-func (c *tfoConn) NeedAdditionalReadDeadline() bool {
-	return c.Conn == nil
-}
-
 func (c *tfoConn) NeedHandshake() bool {
 	return c.Conn == nil
 }

-func (c *tfoConn) ReaderReplaceable() bool {
-	return c.Conn != nil
-}
-
-func (c *tfoConn) WriterReplaceable() bool {
-	return c.Conn != nil
-}
-
 func dialTFO(ctx context.Context, netDialer net.Dialer, network, address string) (net.Conn, error) {
 	ctx, cancel := context.WithCancel(ctx)
 	dialer := tfo.Dialer{Dialer: netDialer, DisableTFO: false}
--- a/component/geodata/geodata.go
+++ b/component/geodata/geodata.go
@ -1,10 +1,13 @@
 package geodata

 import (
+	"errors"
 	"fmt"
+	C "github.com/Dreamacro/clash/constant"
+	"strings"

 	"github.com/Dreamacro/clash/component/geodata/router"
-	C "github.com/Dreamacro/clash/constant"
+	"github.com/Dreamacro/clash/log"
 )

 type loader struct {
@ -12,7 +15,47 @@ type loader struct {
 }

 func (l *loader) LoadGeoSite(list string) ([]*router.Domain, error) {
-	return l.LoadSiteByPath(C.GeositeName, list)
+	return l.LoadGeoSiteWithAttr(C.GeositeName, list)
+}
+
+func (l *loader) LoadGeoSiteWithAttr(file string, siteWithAttr string) ([]*router.Domain, error) {
+	parts := strings.Split(siteWithAttr, "@")
+	if len(parts) == 0 {
+		return nil, errors.New("empty rule")
+	}
+	list := strings.TrimSpace(parts[0])
+	attrVal := parts[1:]
+
+	if len(list) == 0 {
+		return nil, fmt.Errorf("empty listname in rule: %s", siteWithAttr)
+	}
+
+	domains, err := l.LoadSiteByPath(file, list)
+	if err != nil {
+		return nil, err
+	}
+
+	attrs := parseAttrs(attrVal)
+	if attrs.IsEmpty() {
+		if strings.Contains(siteWithAttr, "@") {
+			log.Warnln("empty attribute list: %s", siteWithAttr)
+		}
+		return domains, nil
+	}
+
+	filteredDomains := make([]*router.Domain, 0, len(domains))
+	hasAttrMatched := false
+	for _, domain := range domains {
+		if attrs.Match(domain) {
+			hasAttrMatched = true
+			filteredDomains = append(filteredDomains, domain)
+		}
+	}
+	if !hasAttrMatched {
+		log.Warnln("attribute match no rule: geosite: %s", siteWithAttr)
+	}
+
+	return filteredDomains, nil
 }

 func (l *loader) LoadGeoIP(country string) ([]*router.CIDR, error) {
--- a/component/geodata/geodataproto.go
+++ b/component/geodata/geodataproto.go
@ -14,5 +14,6 @@ type LoaderImplementation interface {
 type Loader interface {
 	LoaderImplementation
 	LoadGeoSite(list string) ([]*router.Domain, error)
+	LoadGeoSiteWithAttr(file string, siteWithAttr string) ([]*router.Domain, error)
 	LoadGeoIP(country string) ([]*router.CIDR, error)
 }
--- a/component/geodata/init.go
+++ b/component/geodata/init.go
@ -1,17 +1,13 @@
 package geodata

 import (
-	"context"
 	"fmt"
-	"io"
-	"net/http"
-	"os"
-	"time"
-
-	clashHttp "github.com/Dreamacro/clash/component/http"
 	"github.com/Dreamacro/clash/component/mmdb"
 	C "github.com/Dreamacro/clash/constant"
 	"github.com/Dreamacro/clash/log"
+	"io"
+	"net/http"
+	"os"
 )

 var initGeoSite bool
@ -42,9 +38,7 @@ func InitGeoSite() error {
 }

 func downloadGeoSite(path string) (err error) {
-	ctx, cancel := context.WithTimeout(context.Background(), time.Second*90)
-	defer cancel()
-	resp, err := clashHttp.HttpRequest(ctx, C.GeoSiteUrl, http.MethodGet, http.Header{"User-Agent": {"clash"}}, nil)
+	resp, err := http.Get(C.GeoSiteUrl)
 	if err != nil {
 		return
 	}
@ -61,9 +55,7 @@ func downloadGeoSite(path string) (err error) {
 }

 func downloadGeoIP(path string) (err error) {
-	ctx, cancel := context.WithTimeout(context.Background(), time.Second*90)
-	defer cancel()
-	resp, err := clashHttp.HttpRequest(ctx, C.GeoIpUrl, http.MethodGet, http.Header{"User-Agent": {"clash"}}, nil)
+	resp, err := http.Get(C.GeoIpUrl)
 	if err != nil {
 		return
 	}
--- a/component/geodata/memconservative/cache.go
+++ b/component/geodata/memconservative/cache.go
@ -118,7 +118,7 @@ func (g GeoSiteCache) Unmarshal(filename, code string) (*router.GeoSite, error)

 	case errFailedToReadBytes, errFailedToReadExpectedLenBytes,
 		errInvalidGeodataFile, errInvalidGeodataVarintLength:
-		log.Warnln("failed to decode geosite file: %s%s", filename, ", fallback to the original ReadFile method")
+		log.Warnln("failed to decode geoip file: %s%s", filename, ", fallback to the original ReadFile method")
 		geositeBytes, err = os.ReadFile(asset)
 		if err != nil {
 			return nil, err
--- a/component/geodata/utils.go
+++ b/component/geodata/utils.go
@ -1,14 +1,9 @@
 package geodata

 import (
-	"errors"
 	"fmt"
-	"golang.org/x/sync/singleflight"
-	"strings"
-
 	"github.com/Dreamacro/clash/component/geodata/router"
 	C "github.com/Dreamacro/clash/constant"
-	"github.com/Dreamacro/clash/log"
 )

 var geoLoaderName = "memconservative"
@ -39,8 +34,6 @@ func Verify(name string) error {
 	}
 }

-var loadGeoSiteMatcherSF = singleflight.Group{}
-
 func LoadGeoSiteMatcher(countryCode string) (*router.DomainMatcher, int, error) {
 	if len(countryCode) == 0 {
 		return nil, 0, fmt.Errorf("country code could not be empty")
@ -51,52 +44,15 @@ func LoadGeoSiteMatcher(countryCode string) (*router.DomainMatcher, int, error)
 		not = true
 		countryCode = countryCode[1:]
 	}
-	countryCode = strings.ToLower(countryCode)

-	parts := strings.Split(countryCode, "@")
-	if len(parts) == 0 {
-		return nil, 0, errors.New("empty rule")
-	}
-	listName := strings.TrimSpace(parts[0])
-	attrVal := parts[1:]
-
-	if len(listName) == 0 {
-		return nil, 0, fmt.Errorf("empty listname in rule: %s", countryCode)
-	}
-
-	v, err, shared := loadGeoSiteMatcherSF.Do(listName, func() (interface{}, error) {
-		geoLoader, err := GetGeoDataLoader(geoLoaderName)
-		if err != nil {
-			return nil, err
-		}
-		return geoLoader.LoadGeoSite(listName)
-	})
+	geoLoader, err := GetGeoDataLoader(geoLoaderName)
 	if err != nil {
-		if !shared {
-			loadGeoSiteMatcherSF.Forget(listName) // don't store the error result
-		}
 		return nil, 0, err
 	}
-	domains := v.([]*router.Domain)

-	attrs := parseAttrs(attrVal)
-	if attrs.IsEmpty() {
-		if strings.Contains(countryCode, "@") {
-			log.Warnln("empty attribute list: %s", countryCode)
-		}
-	} else {
-		filteredDomains := make([]*router.Domain, 0, len(domains))
-		hasAttrMatched := false
-		for _, domain := range domains {
-			if attrs.Match(domain) {
-				hasAttrMatched = true
-				filteredDomains = append(filteredDomains, domain)
-			}
-		}
-		if !hasAttrMatched {
-			log.Warnln("attribute match no rule: geosite: %s", countryCode)
-		}
-		domains = filteredDomains
+	domains, err := geoLoader.LoadGeoSite(countryCode)
+	if err != nil {
+		return nil, 0, err
 	}

 	/**
@ -112,34 +68,25 @@ func LoadGeoSiteMatcher(countryCode string) (*router.DomainMatcher, int, error)
 	return matcher, len(domains), nil
 }

-var loadGeoIPMatcherSF = singleflight.Group{}
-
 func LoadGeoIPMatcher(country string) (*router.GeoIPMatcher, int, error) {
 	if len(country) == 0 {
 		return nil, 0, fmt.Errorf("country code could not be empty")
 	}
+	geoLoader, err := GetGeoDataLoader(geoLoaderName)
+	if err != nil {
+		return nil, 0, err
+	}

 	not := false
 	if country[0] == '!' {
 		not = true
 		country = country[1:]
 	}
-	country = strings.ToLower(country)

-	v, err, shared := loadGeoIPMatcherSF.Do(country, func() (interface{}, error) {
-		geoLoader, err := GetGeoDataLoader(geoLoaderName)
-		if err != nil {
-			return nil, err
-		}
-		return geoLoader.LoadGeoIP(country)
-	})
+	records, err := geoLoader.LoadGeoIP(country)
 	if err != nil {
-		if !shared {
-			loadGeoIPMatcherSF.Forget(country) // don't store the error result
-		}
 		return nil, 0, err
 	}
-	records := v.([]*router.CIDR)

 	geoIP := &router.GeoIP{
 		CountryCode:  country,
@ -151,10 +98,6 @@ func LoadGeoIPMatcher(country string) (*router.GeoIPMatcher, int, error) {
 	if err != nil {
 		return nil, 0, err
 	}
+
 	return matcher, len(records), nil
 }
-
-func ClearCache() {
-	loadGeoSiteMatcherSF = singleflight.Group{}
-	loadGeoIPMatcherSF = singleflight.Group{}
-}
--- a/component/http/http.go
+++ b/component/http/http.go
@ -2,15 +2,14 @@ package http

 import (
 	"context"
+	"github.com/Dreamacro/clash/component/tls"
+	"github.com/Dreamacro/clash/listener/inner"
 	"io"
 	"net"
 	"net/http"
 	URL "net/url"
 	"strings"
 	"time"
-
-	"github.com/Dreamacro/clash/component/tls"
-	"github.com/Dreamacro/clash/listener/inner"
 )

 const (
@ -53,7 +52,7 @@ func HttpRequest(ctx context.Context, url, method string, header map[string][]st
 		TLSHandshakeTimeout:   10 * time.Second,
 		ExpectContinueTimeout: 1 * time.Second,
 		DialContext: func(ctx context.Context, network, address string) (net.Conn, error) {
-			conn := inner.HandleTcp(address, "")
+			conn := inner.HandleTcp(address, urlRes.Hostname())
 			return conn, nil
 		},
 		TLSClientConfig: tls.GetDefaultTLSConfig(),
--- a/component/mmdb/mmdb.go
+++ b/component/mmdb/mmdb.go
@ -1,18 +1,14 @@
 package mmdb

 import (
-	"context"
+	"github.com/oschwald/geoip2-golang"
 	"io"
 	"net/http"
 	"os"
 	"sync"
-	"time"

-	clashHttp "github.com/Dreamacro/clash/component/http"
 	C "github.com/Dreamacro/clash/constant"
 	"github.com/Dreamacro/clash/log"
-
-	"github.com/oschwald/geoip2-golang"
 )

 var (
@ -51,9 +47,7 @@ func Instance() *geoip2.Reader {
 }

 func DownloadMMDB(path string) (err error) {
-	ctx, cancel := context.WithTimeout(context.Background(), time.Second*90)
-	defer cancel()
-	resp, err := clashHttp.HttpRequest(ctx, C.MmdbUrl, http.MethodGet, http.Header{"User-Agent": {"clash"}}, nil)
+	resp, err := http.Get(C.MmdbUrl)
 	if err != nil {
 		return
 	}
--- a/component/profile/profile.go
+++ b/component/profile/profile.go
@ -1,7 +1,7 @@
 package profile

 import (
-	"github.com/Dreamacro/clash/common/atomic"
+	"go.uber.org/atomic"
 )

 // StoreSelected is a global switch for storing selected proxy to cache
--- a/component/proxydialer/proxydialer.go
+++ b/component/proxydialer/proxydialer.go
@ -1,96 +0,0 @@
-package proxydialer
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"net"
-	"net/netip"
-	"strings"
-
-	N "github.com/Dreamacro/clash/common/net"
-	"github.com/Dreamacro/clash/component/dialer"
-	"github.com/Dreamacro/clash/component/resolver"
-	C "github.com/Dreamacro/clash/constant"
-	"github.com/Dreamacro/clash/tunnel"
-	"github.com/Dreamacro/clash/tunnel/statistic"
-)
-
-type proxyDialer struct {
-	proxy     C.ProxyAdapter
-	dialer    C.Dialer
-	statistic bool
-}
-
-func New(proxy C.ProxyAdapter, dialer C.Dialer, statistic bool) C.Dialer {
-	return proxyDialer{proxy: proxy, dialer: dialer, statistic: statistic}
-}
-
-func NewByName(proxyName string, dialer C.Dialer) (C.Dialer, error) {
-	proxies := tunnel.Proxies()
-	if proxy, ok := proxies[proxyName]; ok {
-		return New(proxy, dialer, true), nil
-	}
-	return nil, fmt.Errorf("proxyName[%s] not found", proxyName)
-}
-
-func (p proxyDialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
-	currentMeta := &C.Metadata{Type: C.INNER}
-	if err := currentMeta.SetRemoteAddress(address); err != nil {
-		return nil, err
-	}
-	if strings.Contains(network, "udp") { // using in wireguard outbound
-		if !currentMeta.Resolved() {
-			ip, err := resolver.ResolveIP(ctx, currentMeta.Host)
-			if err != nil {
-				return nil, errors.New("can't resolve ip")
-			}
-			currentMeta.DstIP = ip
-		}
-		pc, err := p.listenPacket(ctx, currentMeta)
-		if err != nil {
-			return nil, err
-		}
-		return N.NewBindPacketConn(pc, currentMeta.UDPAddr()), nil
-	}
-	var conn C.Conn
-	var err error
-	if d, ok := p.dialer.(dialer.Dialer); ok { // first using old function to let mux work
-		conn, err = p.proxy.DialContext(ctx, currentMeta, dialer.WithOption(d.Opt))
-	} else {
-		conn, err = p.proxy.DialContextWithDialer(ctx, p.dialer, currentMeta)
-	}
-	if err != nil {
-		return nil, err
-	}
-	if p.statistic {
-		conn = statistic.NewTCPTracker(conn, statistic.DefaultManager, currentMeta, nil, 0, 0, false)
-	}
-	return conn, err
-}
-
-func (p proxyDialer) ListenPacket(ctx context.Context, network, address string, rAddrPort netip.AddrPort) (net.PacketConn, error) {
-	currentMeta := &C.Metadata{Type: C.INNER}
-	if err := currentMeta.SetRemoteAddress(address); err != nil {
-		return nil, err
-	}
-	return p.listenPacket(ctx, currentMeta)
-}
-
-func (p proxyDialer) listenPacket(ctx context.Context, currentMeta *C.Metadata) (C.PacketConn, error) {
-	var pc C.PacketConn
-	var err error
-	currentMeta.NetWork = C.UDP
-	if d, ok := p.dialer.(dialer.Dialer); ok { // first using old function to let mux work
-		pc, err = p.proxy.ListenPacketContext(ctx, currentMeta, dialer.WithOption(d.Opt))
-	} else {
-		pc, err = p.proxy.ListenPacketWithDialer(ctx, p.dialer, currentMeta)
-	}
-	if err != nil {
-		return nil, err
-	}
-	if p.statistic {
-		pc = statistic.NewUDPTracker(pc, statistic.DefaultManager, currentMeta, nil, 0, 0, false)
-	}
-	return pc, nil
-}
--- a/component/resolver/host.go
+++ b/component/resolver/host.go
@ -2,12 +2,12 @@ package resolver

 import (
 	"errors"
+	"math/rand"
 	"net/netip"
 	"strings"

 	"github.com/Dreamacro/clash/common/utils"
 	"github.com/Dreamacro/clash/component/trie"
-	"github.com/zhangyunhao116/fastrand"
 )

 type Hosts struct {
@ -20,7 +20,6 @@ func NewHosts(hosts *trie.DomainTrie[HostValue]) Hosts {
 	}
 }

-// Return the search result and whether to match the parameter `isDomain`
 func (h *Hosts) Search(domain string, isDomain bool) (*HostValue, bool) {
 	value := h.DomainTrie.Search(domain)
 	if value == nil {
@ -109,5 +108,5 @@ func (hv HostValue) RandIP() (netip.Addr, error) {
 	if hv.IsDomain {
 		return netip.Addr{}, errors.New("value type is error")
 	}
-	return hv.IPs[fastrand.Intn(len(hv.IPs))], nil
+	return hv.IPs[rand.Intn(len(hv.IPs)-1)], nil
 }
--- a/component/resolver/resolver.go
+++ b/component/resolver/resolver.go
@ -44,8 +44,10 @@ type Resolver interface {
 	LookupIP(ctx context.Context, host string) (ips []netip.Addr, err error)
 	LookupIPv4(ctx context.Context, host string) (ips []netip.Addr, err error)
 	LookupIPv6(ctx context.Context, host string) (ips []netip.Addr, err error)
+	ResolveIP(ctx context.Context, host string) (ip netip.Addr, err error)
+	ResolveIPv4(ctx context.Context, host string) (ip netip.Addr, err error)
+	ResolveIPv6(ctx context.Context, host string) (ip netip.Addr, err error)
 	ExchangeContext(ctx context.Context, m *dns.Msg) (msg *dns.Msg, err error)
-	Invalid() bool
 }

 // LookupIPv4WithResolver same as LookupIPv4, but with a resolver
@ -66,7 +68,7 @@ func LookupIPv4WithResolver(ctx context.Context, host string, r Resolver) ([]net
 		return []netip.Addr{}, ErrIPVersion
 	}

-	if r != nil && r.Invalid() {
+	if r != nil {
 		return r.LookupIPv4(ctx, host)
 	}

@ -122,7 +124,7 @@ func LookupIPv6WithResolver(ctx context.Context, host string, r Resolver) ([]net
 		return nil, ErrIPVersion
 	}

-	if r != nil && r.Invalid() {
+	if r != nil {
 		return r.LookupIPv6(ctx, host)
 	}

@ -162,7 +164,7 @@ func LookupIPWithResolver(ctx context.Context, host string, r Resolver) ([]netip
 		return node.IPs, nil
 	}

-	if r != nil && r.Invalid() {
+	if r != nil {
 		if DisableIPv6 {
 			return r.LookupIPv4(ctx, host)
 		}
@ -198,14 +200,10 @@ func ResolveIPWithResolver(ctx context.Context, host string, r Resolver) (netip.
 	} else if len(ips) == 0 {
 		return netip.Addr{}, fmt.Errorf("%w: %s", ErrIPNotFound, host)
 	}
-	ipv4s, ipv6s := SortationAddr(ips)
-	if len(ipv4s) > 0 {
-		return ipv4s[fastrand.Intn(len(ipv4s))], nil
-	}
-	return ipv6s[fastrand.Intn(len(ipv6s))], nil
+	return ips[fastrand.Intn(len(ips))], nil
 }

-// ResolveIP with a host, return ip and priority return TypeA
+// ResolveIP with a host, return ip
 func ResolveIP(ctx context.Context, host string) (netip.Addr, error) {
 	return ResolveIPWithResolver(ctx, host, DefaultResolver)
 }
@ -266,14 +264,3 @@ func LookupIPProxyServerHost(ctx context.Context, host string) ([]netip.Addr, er
 	}
 	return LookupIP(ctx, host)
 }
-
-func SortationAddr(ips []netip.Addr) (ipv4s, ipv6s []netip.Addr) {
-	for _, v := range ips {
-		if v.Unmap().Is4() {
-			ipv4s = append(ipv4s, v)
-		} else {
-			ipv6s = append(ipv6s, v)
-		}
-	}
-	return
-}
--- a/component/sniffer/dispatcher.go
+++ b/component/sniffer/dispatcher.go
@ -26,18 +26,18 @@ var (
 var Dispatcher *SnifferDispatcher

 type SnifferDispatcher struct {
-	enable           bool
-	sniffers         map[sniffer.Sniffer]SnifferConfig
-	forceDomain      *trie.DomainSet
-	skipSNI          *trie.DomainSet
-	skipList         *cache.LruCache[string, uint8]
-	rwMux            sync.RWMutex
-	forceDnsMapping  bool
-	parsePureIp      bool
+	enable          bool
+	sniffers        map[sniffer.Sniffer]SnifferConfig
+	forceDomain     *trie.DomainTrie[struct{}]
+	skipSNI         *trie.DomainTrie[struct{}]
+	skipList        *cache.LruCache[string, uint8]
+	rwMux           sync.RWMutex
+	forceDnsMapping bool
+	parsePureIp     bool
 }

 func (sd *SnifferDispatcher) TCPSniff(conn *N.BufferedConn, metadata *C.Metadata) {
-	if (metadata.Host == "" && sd.parsePureIp) || sd.forceDomain.Has(metadata.Host) || (metadata.DNSMode == C.DNSMapping && sd.forceDnsMapping) {
+	if (metadata.Host == "" && sd.parsePureIp) || sd.forceDomain.Search(metadata.Host) != nil || (metadata.DNSMode == C.DNSMapping && sd.forceDnsMapping) {
 		port, err := strconv.ParseUint(metadata.DstPort, 10, 16)
 		if err != nil {
 			log.Debugln("[Sniffer] Dst port is error")
@ -74,7 +74,7 @@ func (sd *SnifferDispatcher) TCPSniff(conn *N.BufferedConn, metadata *C.Metadata
 			log.Debugln("[Sniffer] All sniffing sniff failed with from [%s:%s] to [%s:%s]", metadata.SrcIP, metadata.SrcPort, metadata.String(), metadata.DstPort)
 			return
 		} else {
-			if sd.skipSNI.Has(host) {
+			if sd.skipSNI.Search(host) != nil {
 				log.Debugln("[Sniffer] Skip sni[%s]", host)
 				return
 			}
@ -166,8 +166,8 @@ func NewCloseSnifferDispatcher() (*SnifferDispatcher, error) {
 	return &dispatcher, nil
 }

-func NewSnifferDispatcher(snifferConfig map[sniffer.Type]SnifferConfig,
-	forceDomain *trie.DomainSet, skipSNI *trie.DomainSet,
+func NewSnifferDispatcher(snifferConfig map[sniffer.Type]SnifferConfig, forceDomain *trie.DomainTrie[struct{}],
+	skipSNI *trie.DomainTrie[struct{}],
 	forceDnsMapping bool, parsePureIp bool) (*SnifferDispatcher, error) {
 	dispatcher := SnifferDispatcher{
 		enable:          true,
--- a/component/tls/config.go
+++ b/component/tls/config.go
@ -14,8 +14,8 @@ import (
 	xtls "github.com/xtls/go"
 )

-var trustCerts []*x509.Certificate
-var certPool *x509.CertPool
+var trustCert, _ = x509.SystemCertPool()
+
 var mutex sync.RWMutex
 var errNotMacth error = errors.New("certificate fingerprints do not match")

@ -25,38 +25,16 @@ func AddCertificate(certificate string) error {
 	if certificate == "" {
 		return fmt.Errorf("certificate is empty")
 	}
-	if cert, err := x509.ParseCertificate([]byte(certificate)); err == nil {
-		trustCerts = append(trustCerts, cert)
-		return nil
-	} else {
+	if ok := trustCert.AppendCertsFromPEM([]byte(certificate)); !ok {
 		return fmt.Errorf("add certificate failed")
 	}
+	return nil
 }

 func ResetCertificate() {
 	mutex.Lock()
 	defer mutex.Unlock()
-	trustCerts = nil
-}
-
-func getCertPool() *x509.CertPool {
-	if len(trustCerts) == 0 {
-		return nil
-	}
-	if certPool == nil {
-		mutex.Lock()
-		defer mutex.Unlock()
-		if certPool != nil {
-			return certPool
-		}
-		certPool, err := x509.SystemCertPool()
-		if err == nil {
-			for _, cert := range trustCerts {
-				certPool.AddCert(cert)
-			}
-		}
-	}
-	return certPool
+	trustCert, _ = x509.SystemCertPool()
 }

 func verifyFingerprint(fingerprint *[32]byte) func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
@ -106,13 +84,12 @@ func GetSpecifiedFingerprintTLSConfig(tlsConfig *tls.Config, fingerprint string)
 }

 func GetGlobalTLSConfig(tlsConfig *tls.Config) *tls.Config {
-	certPool := getCertPool()
 	if tlsConfig == nil {
 		return &tls.Config{
-			RootCAs: certPool,
+			RootCAs: trustCert,
 		}
 	}
-	tlsConfig.RootCAs = certPool
+	tlsConfig.RootCAs = trustCert
 	return tlsConfig
 }

@ -129,13 +106,12 @@ func GetSpecifiedFingerprintXTLSConfig(tlsConfig *xtls.Config, fingerprint strin
 }

 func GetGlobalXTLSConfig(tlsConfig *xtls.Config) *xtls.Config {
-	certPool := getCertPool()
 	if tlsConfig == nil {
 		return &xtls.Config{
-			RootCAs: certPool,
+			RootCAs: trustCert,
 		}
 	}

-	tlsConfig.RootCAs = certPool
+	tlsConfig.RootCAs = trustCert
 	return tlsConfig
 }
--- a/component/tls/reality.go
+++ b/component/tls/reality.go
@ -44,6 +44,7 @@ func GetRealityConn(ctx context.Context, conn net.Conn, ClientFingerprint string
 		}
 		uConfig := &utls.Config{
 			ServerName:             tlsConfig.ServerName,
+			NextProtos:             tlsConfig.NextProtos,
 			InsecureSkipVerify:     true,
 			SessionTicketsDisabled: true,
 			VerifyPeerCertificate:  verifier.VerifyPeerCertificate,
@ -61,16 +62,20 @@ func GetRealityConn(ctx context.Context, conn net.Conn, ClientFingerprint string
 		}

 		hello := uConn.HandshakeState.Hello
-		for i := range hello.SessionId { // https://github.com/golang/go/issues/5373
-			hello.SessionId[i] = 0
-		}
+		hello.SessionId = make([]byte, 32)
 		copy(hello.Raw[39:], hello.SessionId)

-		binary.BigEndian.PutUint64(hello.SessionId, uint64(time.Now().Unix()))
+		var nowTime time.Time
+		if uConfig.Time != nil {
+			nowTime = uConfig.Time()
+		} else {
+			nowTime = time.Now()
+		}
+		binary.BigEndian.PutUint64(hello.SessionId, uint64(nowTime.Unix()))

 		hello.SessionId[0] = 1
-		hello.SessionId[1] = 8
-		hello.SessionId[2] = 0
+		hello.SessionId[1] = 7
+		hello.SessionId[2] = 5
 		copy(hello.SessionId[8:], realityConfig.ShortID[:])

 		//log.Debugln("REALITY hello.sessionId[:16]: %v", hello.SessionId[:16])
@ -125,7 +130,7 @@ func realityClientFallback(uConn net.Conn, serverName string, fingerprint utls.C
 		return
 	}
 	//_, _ = io.Copy(io.Discard, response.Body)
-	time.Sleep(time.Duration(5+fastrand.Int63n(10)) * time.Second)
+	time.Sleep(time.Duration(5 + fastrand.Int63n(10)))
 	response.Body.Close()
 	client.CloseIdleConnections()
 }
--- a/component/tls/utls.go
+++ b/component/tls/utls.go
@ -45,13 +45,8 @@ func GetFingerprint(ClientFingerprint string) (UClientHelloID, bool) {
 	}

 	fingerprint, ok := Fingerprints[ClientFingerprint]
-	if ok {
-		log.Debugln("use specified fingerprint:%s", fingerprint.Client)
-		return fingerprint, ok
-	} else {
-		log.Warnln("wrong ClientFingerprint:%s", ClientFingerprint)
-		return UClientHelloID{}, false
-	}
+	log.Debugln("use specified fingerprint:%s", fingerprint.Client)
+	return fingerprint, ok
 }

 func RollFingerprint() (UClientHelloID, bool) {
@ -94,6 +89,7 @@ func copyConfig(c *tls.Config) *utls.Config {
 	return &utls.Config{
 		RootCAs:               c.RootCAs,
 		ServerName:            c.ServerName,
+		NextProtos:            c.NextProtos,
 		InsecureSkipVerify:    c.InsecureSkipVerify,
 		VerifyPeerCertificate: c.VerifyPeerCertificate,
 	}
@ -132,7 +128,10 @@ func SetGlobalUtlsClient(Client string) {
 }

 func HaveGlobalFingerprint() bool {
-	return len(initUtlsClient) != 0 && initUtlsClient != "none"
+	if len(initUtlsClient) != 0 && initUtlsClient != "none" {
+		return true
+	}
+	return false
 }

 func GetGlobalFingerprint() string {
--- a/component/trie/domain.go
+++ b/component/trie/domain.go
@ -25,7 +25,7 @@ func ValidAndSplitDomain(domain string) ([]string, bool) {
 	if domain != "" && domain[len(domain)-1] == '.' {
 		return nil, false
 	}
-	domain = strings.ToLower(domain)
+
 	parts := strings.Split(domain, domainStep)
 	if len(parts) == 1 {
 		if parts[0] == "" {
@ -123,33 +123,6 @@ func (t *DomainTrie[T]) Optimize() {
 	t.root.optimize()
 }

-func (t *DomainTrie[T]) Foreach(print func(domain string, data T)) {
-	for key, data := range t.root.getChildren() {
-		recursion([]string{key}, data, print)
-		if data != nil && data.inited {
-			print(joinDomain([]string{key}), data.data)
-		}
-	}
-}
-
-func recursion[T any](items []string, node *Node[T], fn func(domain string, data T)) {
-	for key, data := range node.getChildren() {
-		newItems := append([]string{key}, items...)
-		if data != nil && data.inited {
-			domain := joinDomain(newItems)
-			if domain[0] == domainStepByte {
-				domain = complexWildcard + domain
-			}
-			fn(domain, data.Data())
-		}
-		recursion(newItems, data, fn)
-	}
-}
-
-func joinDomain(items []string) string {
-	return strings.Join(items, domainStep)
-}
-
 // New returns a new, empty Trie.
 func New[T any]() *DomainTrie[T] {
 	return &DomainTrie[T]{root: newNode[T]()}
--- a/component/trie/domain_set.go
+++ b/component/trie/domain_set.go
@ -1,174 +0,0 @@
-package trie
-
-// Package succinct provides several succinct data types.
-// Modify from https://github.com/openacid/succinct/blob/d4684c35d123f7528b14e03c24327231723db704/sskv.go
-
-import (
-	"sort"
-	"strings"
-
-	"github.com/Dreamacro/clash/common/utils"
-	"github.com/openacid/low/bitmap"
-)
-
-const (
-	complexWildcardByte = byte('+')
-	wildcardByte        = byte('*')
-	domainStepByte      = byte('.')
-)
-
-type DomainSet struct {
-	leaves, labelBitmap []uint64
-	labels              []byte
-	ranks, selects      []int32
-}
-
-// NewDomainSet creates a new *DomainSet struct, from a DomainTrie.
-func (t *DomainTrie[T]) NewDomainSet() *DomainSet {
-	reserveDomains := make([]string, 0)
-	t.Foreach(func(domain string, data T) {
-		reserveDomains = append(reserveDomains, utils.Reverse(domain))
-	})
-	// ensure that the same prefix is continuous
-	// and according to the ascending sequence of length
-	sort.Strings(reserveDomains)
-	keys := reserveDomains
-	if len(keys) == 0 {
-		return nil
-	}
-	ss := &DomainSet{}
-	lIdx := 0
-
-	type qElt struct{ s, e, col int }
-	queue := []qElt{{0, len(keys), 0}}
-	for i := 0; i < len(queue); i++ {
-		elt := queue[i]
-		if elt.col == len(keys[elt.s]) {
-			elt.s++
-			// a leaf node
-			setBit(&ss.leaves, i, 1)
-		}
-
-		for j := elt.s; j < elt.e; {
-
-			frm := j
-
-			for ; j < elt.e && keys[j][elt.col] == keys[frm][elt.col]; j++ {
-			}
-			queue = append(queue, qElt{frm, j, elt.col + 1})
-			ss.labels = append(ss.labels, keys[frm][elt.col])
-			setBit(&ss.labelBitmap, lIdx, 0)
-			lIdx++
-		}
-		setBit(&ss.labelBitmap, lIdx, 1)
-		lIdx++
-	}
-
-	ss.init()
-	return ss
-}
-
-// Has query for a key and return whether it presents in the DomainSet.
-func (ss *DomainSet) Has(key string) bool {
-	if ss == nil {
-		return false
-	}
-	key = utils.Reverse(key)
-	key = strings.ToLower(key)
-	// no more labels in this node
-	// skip character matching
-	// go to next level
-	nodeId, bmIdx := 0, 0
-	type wildcardCursor struct {
-		bmIdx, index int
-	}
-	stack := make([]wildcardCursor, 0)
-	for i := 0; i < len(key); i++ {
-	RESTART:
-		c := key[i]
-		for ; ; bmIdx++ {
-			if getBit(ss.labelBitmap, bmIdx) != 0 {
-				if len(stack) > 0 {
-					cursor := stack[len(stack)-1]
-					stack = stack[0 : len(stack)-1]
-					// back wildcard and find next node
-					nextNodeId := countZeros(ss.labelBitmap, ss.ranks, cursor.bmIdx+1)
-					nextBmIdx := selectIthOne(ss.labelBitmap, ss.ranks, ss.selects, nextNodeId-1) + 1
-					j := cursor.index
-					for ; j < len(key) && key[j] != domainStepByte; j++ {
-					}
-					if j == len(key) {
-						if getBit(ss.leaves, nextNodeId) != 0 {
-							return true
-						} else {
-							goto RESTART
-						}
-					}
-					for ; nextBmIdx-nextNodeId < len(ss.labels); nextBmIdx++ {
-						if ss.labels[nextBmIdx-nextNodeId] == domainStepByte {
-							bmIdx = nextBmIdx
-							nodeId = nextNodeId
-							i = j
-							goto RESTART
-						}
-					}
-				}
-				return false
-			}
-			// handle wildcard for domain
-			if ss.labels[bmIdx-nodeId] == complexWildcardByte {
-				return true
-			} else if ss.labels[bmIdx-nodeId] == wildcardByte {
-				cursor := wildcardCursor{}
-				cursor.bmIdx = bmIdx
-				cursor.index = i
-				stack = append(stack, cursor)
-			} else if ss.labels[bmIdx-nodeId] == c {
-				break
-			}
-		}
-		nodeId = countZeros(ss.labelBitmap, ss.ranks, bmIdx+1)
-		bmIdx = selectIthOne(ss.labelBitmap, ss.ranks, ss.selects, nodeId-1) + 1
-	}
-
-	return getBit(ss.leaves, nodeId) != 0
-
-}
-
-func setBit(bm *[]uint64, i int, v int) {
-	for i>>6 >= len(*bm) {
-		*bm = append(*bm, 0)
-	}
-	(*bm)[i>>6] |= uint64(v) << uint(i&63)
-}
-
-func getBit(bm []uint64, i int) uint64 {
-	return bm[i>>6] & (1 << uint(i&63))
-}
-
-// init builds pre-calculated cache to speed up rank() and select()
-func (ss *DomainSet) init() {
-	ss.selects, ss.ranks = bitmap.IndexSelect32R64(ss.labelBitmap)
-}
-
-// countZeros counts the number of "0" in a bitmap before the i-th bit(excluding
-// the i-th bit) on behalf of rank index.
-// E.g.:
-//
-//	countZeros("010010", 4) == 3
-//	//          012345
-func countZeros(bm []uint64, ranks []int32, i int) int {
-	a, _ := bitmap.Rank64(bm, ranks, int32(i))
-	return i - int(a)
-}
-
-// selectIthOne returns the index of the i-th "1" in a bitmap, on behalf of rank
-// and select indexes.
-// E.g.:
-//
-//	selectIthOne("010010", 1) == 4
-//	//            012345
-func selectIthOne(bm []uint64, ranks, selects []int32, i int) int {
-	a, _ := bitmap.Select32R64(bm, selects, ranks, int32(i))
-	return int(a)
-}
--- a/component/trie/domain_set_test.go
+++ b/component/trie/domain_set_test.go
@ -1,85 +0,0 @@
-package trie_test
-
-import (
-	"testing"
-
-	"github.com/Dreamacro/clash/component/trie"
-	"github.com/stretchr/testify/assert"
-)
-
-func TestDomainSet(t *testing.T) {
-	tree := trie.New[struct{}]()
-	domainSet := []string{
-		"baidu.com",
-		"google.com",
-		"www.google.com",
-		"test.a.net",
-		"test.a.oc",
-		"Mijia Cloud",
-		".qq.com",
-		"+.cn",
-	}
-
-	for _, domain := range domainSet {
-		assert.NoError(t, tree.Insert(domain, struct{}{}))
-	}
-	set := tree.NewDomainSet()
-	assert.NotNil(t, set)
-	assert.True(t, set.Has("test.cn"))
-	assert.True(t, set.Has("cn"))
-	assert.True(t, set.Has("Mijia Cloud"))
-	assert.True(t, set.Has("test.a.net"))
-	assert.True(t, set.Has("www.qq.com"))
-	assert.True(t, set.Has("google.com"))
-	assert.False(t, set.Has("qq.com"))
-	assert.False(t, set.Has("www.baidu.com"))
-}
-
-func TestDomainSetComplexWildcard(t *testing.T) {
-	tree := trie.New[struct{}]()
-	domainSet := []string{
-		"+.baidu.com",
-		"+.a.baidu.com",
-		"www.baidu.com",
-		"+.bb.baidu.com",
-		"test.a.net",
-		"test.a.oc",
-		"www.qq.com",
-	}
-
-	for _, domain := range domainSet {
-		assert.NoError(t, tree.Insert(domain, struct{}{}))
-	}
-	set := tree.NewDomainSet()
-	assert.NotNil(t, set)
-	assert.False(t, set.Has("google.com"))
-	assert.True(t, set.Has("www.baidu.com"))
-	assert.True(t, set.Has("test.test.baidu.com"))
-}
-
-func TestDomainSetWildcard(t *testing.T) {
-	tree := trie.New[struct{}]()
-	domainSet := []string{
-		"*.*.*.baidu.com",
-		"www.baidu.*",
-		"stun.*.*",
-		"*.*.qq.com",
-		"test.*.baidu.com",
-		"*.apple.com",
-	}
-
-	for _, domain := range domainSet {
-		assert.NoError(t, tree.Insert(domain, struct{}{}))
-	}
-	set := tree.NewDomainSet()
-	assert.NotNil(t, set)
-	assert.True(t, set.Has("www.baidu.com"))
-	assert.True(t, set.Has("test.test.baidu.com"))
-	assert.True(t, set.Has("test.test.qq.com"))
-	assert.True(t, set.Has("stun.ab.cd"))
-	assert.False(t, set.Has("test.baidu.com"))
-	assert.False(t, set.Has("www.google.com"))
-	assert.False(t, set.Has("a.www.google.com"))
-	assert.False(t, set.Has("test.qq.com"))
-	assert.False(t, set.Has("test.test.test.qq.com"))
-}
--- a/component/trie/domain_test.go
+++ b/component/trie/domain_test.go
@ -1,17 +1,16 @@
-package trie_test
+package trie

 import (
 	"net/netip"
 	"testing"

-	"github.com/Dreamacro/clash/component/trie"
 	"github.com/stretchr/testify/assert"
 )

 var localIP = netip.AddrFrom4([4]byte{127, 0, 0, 1})

 func TestTrie_Basic(t *testing.T) {
-	tree := trie.New[netip.Addr]()
+	tree := New[netip.Addr]()
 	domains := []string{
 		"example.com",
 		"google.com",
@ -19,7 +18,7 @@ func TestTrie_Basic(t *testing.T) {
 	}

 	for _, domain := range domains {
-		assert.NoError(t, tree.Insert(domain, localIP))
+		tree.Insert(domain, localIP)
 	}

 	node := tree.Search("example.com")
@ -32,7 +31,7 @@ func TestTrie_Basic(t *testing.T) {
 }

 func TestTrie_Wildcard(t *testing.T) {
-	tree := trie.New[netip.Addr]()
+	tree := New[netip.Addr]()
 	domains := []string{
 		"*.example.com",
 		"sub.*.example.com",
@ -48,7 +47,7 @@ func TestTrie_Wildcard(t *testing.T) {
 	}

 	for _, domain := range domains {
-		assert.NoError(t, tree.Insert(domain, localIP))
+		tree.Insert(domain, localIP)
 	}

 	assert.NotNil(t, tree.Search("sub.example.com"))
@ -65,7 +64,7 @@ func TestTrie_Wildcard(t *testing.T) {
 }

 func TestTrie_Priority(t *testing.T) {
-	tree := trie.New[int]()
+	tree := New[int]()
 	domains := []string{
 		".dev",
 		"example.dev",
@ -80,7 +79,7 @@ func TestTrie_Priority(t *testing.T) {
 	}

 	for idx, domain := range domains {
-		assert.NoError(t, tree.Insert(domain, idx+1))
+		tree.Insert(domain, idx+1)
 	}

 	assertFn("test.dev", 1)
@ -91,8 +90,8 @@ func TestTrie_Priority(t *testing.T) {
 }

 func TestTrie_Boundary(t *testing.T) {
-	tree := trie.New[netip.Addr]()
-	assert.NoError(t, tree.Insert("*.dev", localIP))
+	tree := New[netip.Addr]()
+	tree.Insert("*.dev", localIP)

 	assert.NotNil(t, tree.Insert(".", localIP))
 	assert.NotNil(t, tree.Insert("..dev", localIP))
@ -100,29 +99,9 @@ func TestTrie_Boundary(t *testing.T) {
 }

 func TestTrie_WildcardBoundary(t *testing.T) {
-	tree := trie.New[netip.Addr]()
-	assert.NoError(t, tree.Insert("+.*", localIP))
-	assert.NoError(t, tree.Insert("stun.*.*.*", localIP))
+	tree := New[netip.Addr]()
+	tree.Insert("+.*", localIP)
+	tree.Insert("stun.*.*.*", localIP)

 	assert.NotNil(t, tree.Search("example.com"))
 }
-
-func TestTrie_Foreach(t *testing.T) {
-	tree := trie.New[netip.Addr]()
-	domainList := []string{
-		"google.com",
-		"stun.*.*.*",
-		"test.*.google.com",
-		"+.baidu.com",
-		"*.baidu.com",
-		"*.*.baidu.com",
-	}
-	for _, domain := range domainList {
-		assert.NoError(t, tree.Insert(domain, localIP))
-	}
-	count := 0
-	tree.Foreach(func(domain string, data netip.Addr) {
-		count++
-	})
-	assert.Equal(t, 7, count)
-}
--- a/component/trie/node.go
+++ b/component/trie/node.go
@ -116,18 +116,6 @@ func (n *Node[T]) setData(data T) {
 	n.inited = true
 }

-func (n *Node[T]) getChildren() map[string]*Node[T] {
-	if n.childMap == nil {
-		if n.childNode != nil {
-			m := make(map[string]*Node[T])
-			m[n.childStr] = n.childNode
-			return m
-		}
-	} else {
-		return n.childMap
-	}
-	return nil
-}
 func (n *Node[T]) Data() T {
 	return n.data
 }
--- a/config/config.go
+++ b/config/config.go
@ -4,11 +4,12 @@ import (
 	"container/list"
 	"errors"
 	"fmt"
+
 	"net"
 	"net/netip"
 	"net/url"
 	"os"
-	"regexp"
+	"runtime"
 	"strconv"
 	"strings"
 	"time"
@ -135,8 +136,9 @@ type IPTables struct {
 type Sniffer struct {
 	Enable          bool
 	Sniffers        map[snifferTypes.Type]SNIFF.SnifferConfig
-	ForceDomain     *trie.DomainSet
-	SkipDomain      *trie.DomainSet
+	Reverses        *trie.DomainTrie[struct{}]
+	ForceDomain     *trie.DomainTrie[struct{}]
+	SkipDomain      *trie.DomainTrie[struct{}]
 	ForceDnsMapping bool
 	ParsePureIp     bool
 }
@ -216,7 +218,6 @@ type RawTun struct {
 	ExcludePackage         []string          `yaml:"exclude-package" json:"exclude_package,omitempty"`
 	EndpointIndependentNat bool              `yaml:"endpoint-independent-nat" json:"endpoint_independent_nat,omitempty"`
 	UDPTimeout             int64             `yaml:"udp-timeout" json:"udp_timeout,omitempty"`
-	FileDescriptor         int               `yaml:"file-descriptor" json:"file-descriptor"`
 }

 type RawTuicServer struct {
@ -445,11 +446,7 @@ func ParseRawConfig(rawCfg *RawConfig) (*Config, error) {
 	}
 	config.General = general

-	if len(config.General.GlobalClientFingerprint) != 0 {
-		log.Debugln("GlobalClientFingerprint:%s", config.General.GlobalClientFingerprint)
-		tlsC.SetGlobalUtlsClient(config.General.GlobalClientFingerprint)
-	}
-
+	dialer.DefaultInterface.Store(config.General.Interface)
 	proxies, providers, err := parseProxies(rawCfg)
 	if err != nil {
 		return nil, err
@ -488,7 +485,7 @@ func ParseRawConfig(rawCfg *RawConfig) (*Config, error) {
 	}
 	config.Hosts = hosts

-	dnsCfg, err := parseDNS(rawCfg, hosts, rules, ruleProviders)
+	dnsCfg, err := parseDNS(rawCfg, hosts, rules)
 	if err != nil {
 		return nil, err
 	}
@ -524,6 +521,11 @@ func ParseRawConfig(rawCfg *RawConfig) (*Config, error) {
 	elapsedTime := time.Since(startTime) / time.Millisecond                     // duration in ms
 	log.Infoln("Initial configuration complete, total time: %dms", elapsedTime) //Segment finished in xxm

+	if len(config.General.GlobalClientFingerprint) != 0 {
+		log.Debugln("GlobalClientFingerprint:%s", config.General.GlobalClientFingerprint)
+		tlsC.SetGlobalUtlsClient(config.General.GlobalClientFingerprint)
+	}
+
 	return config, nil
 }

@ -820,6 +822,8 @@ func parseRules(rulesConfig []string, proxies map[string]C.Proxy, subRules map[s
 		rules = append(rules, parsed)
 	}

+	runtime.GC()
+
 	return rules, nil
 }

@ -841,7 +845,7 @@ func parseHosts(cfg *RawConfig) (*trie.DomainTrie[resolver.HostValue], error) {
 				} else {
 					ips := make([]netip.Addr, 0)
 					for _, addr := range addrs {
-						if ipnet, ok := addr.(*net.IPNet); ok && !ipnet.IP.IsLoopback()&&!ipnet.IP.IsLinkLocalUnicast() {
+						if ipnet, ok := addr.(*net.IPNet); ok {
 							if ip, err := netip.ParseAddr(ipnet.IP.String()); err == nil {
 								ips = append(ips, ip)
 							}
@ -896,7 +900,7 @@ func parseNameServer(servers []string, preferH3 bool) ([]dns.NameServer, error)
 			return nil, fmt.Errorf("DNS NameServer[%d] format error: %s", idx, err.Error())
 		}

-		proxyName := u.Fragment
+		proxyAdapter := u.Fragment

 		var addr, dnsNetType string
 		params := map[string]string{}
@ -913,7 +917,7 @@ func parseNameServer(servers []string, preferH3 bool) ([]dns.NameServer, error)
 		case "https":
 			addr, err = hostWithDefaultPort(u.Host, "443")
 			if err == nil {
-				proxyName = ""
+				proxyAdapter = ""
 				clearURL := url.URL{Scheme: "https", Host: addr, Path: u.Path}
 				addr = clearURL.String()
 				dnsNetType = "https" // DNS over HTTPS
@ -923,7 +927,7 @@ func parseNameServer(servers []string, preferH3 bool) ([]dns.NameServer, error)
 						if len(arr) == 0 {
 							continue
 						} else if len(arr) == 1 {
-							proxyName = arr[0]
+							proxyAdapter = arr[0]
 						} else if len(arr) == 2 {
 							params[arr[0]] = arr[1]
 						} else {
@ -949,24 +953,18 @@ func parseNameServer(servers []string, preferH3 bool) ([]dns.NameServer, error)
 		nameservers = append(
 			nameservers,
 			dns.NameServer{
-				Net:       dnsNetType,
-				Addr:      addr,
-				ProxyName: proxyName,
-				Interface: dialer.DefaultInterface,
-				Params:    params,
-				PreferH3:  preferH3,
+				Net:          dnsNetType,
+				Addr:         addr,
+				ProxyAdapter: proxyAdapter,
+				Interface:    dialer.DefaultInterface,
+				Params:       params,
+				PreferH3:     preferH3,
 			},
 		)
 	}
 	return nameservers, nil
 }

-func init() {
-	dns.ParseNameServer = func(servers []string) ([]dns.NameServer, error) { // using by wireguard
-		return parseNameServer(servers, false)
-	}
-}
-
 func parsePureDNSServer(server string) string {
 	addPre := func(server string) string {
 		return "udp://" + server
@ -985,41 +983,11 @@ func parsePureDNSServer(server string) string {
 		}
 	}
 }
-func parseNameServerPolicy(nsPolicy map[string]any, ruleProviders map[string]providerTypes.RuleProvider, preferH3 bool) (map[string][]dns.NameServer, error) {
+func parseNameServerPolicy(nsPolicy map[string]any, preferH3 bool) (map[string][]dns.NameServer, error) {
 	policy := map[string][]dns.NameServer{}
-	updatedPolicy := make(map[string]interface{})
-	re := regexp.MustCompile(`[a-zA-Z0-9\-]+\.[a-zA-Z]{2,}(\.[a-zA-Z]{2,})?`)

-	for k, v := range nsPolicy {
-		if strings.Contains(k, ",") {
-			if strings.Contains(k, "geosite:") {
-				subkeys := strings.Split(k, ":")
-				subkeys = subkeys[1:]
-				subkeys = strings.Split(subkeys[0], ",")
-				for _, subkey := range subkeys {
-					newKey := "geosite:" + subkey
-					updatedPolicy[newKey] = v
-				}
-			} else if strings.Contains(k, "rule-set:") {
-				subkeys := strings.Split(k, ":")
-				subkeys = subkeys[1:]
-				subkeys = strings.Split(subkeys[0], ",")
-				for _, subkey := range subkeys {
-					newKey := "rule-set:" + subkey
-					updatedPolicy[newKey] = v
-				}
-			} else if re.MatchString(k) {
-				subkeys := strings.Split(k, ",")
-				for _, subkey := range subkeys {
-					updatedPolicy[subkey] = v
-				}
-			}
-		} else {
-			updatedPolicy[k] = v
-		}
-	}
+	for domain, server := range nsPolicy {

-	for domain, server := range updatedPolicy {
 		servers, err := utils.ToStringSlice(server)
 		if err != nil {
 			return nil, err
@ -1031,19 +999,6 @@ func parseNameServerPolicy(nsPolicy map[string]any, ruleProviders map[string]pro
 		if _, valid := trie.ValidAndSplitDomain(domain); !valid {
 			return nil, fmt.Errorf("DNS ResoverRule invalid domain: %s", domain)
 		}
-		if strings.HasPrefix(domain, "rule-set:") {
-			domainSetName := domain[9:]
-			if provider, ok := ruleProviders[domainSetName]; !ok {
-				return nil, fmt.Errorf("not found rule-set: %s", domainSetName)
-			} else {
-				switch provider.Behavior() {
-				case providerTypes.IPCIDR:
-					return nil, fmt.Errorf("rule provider type error, except domain,actual %s", provider.Behavior())
-				case providerTypes.Classical:
-					log.Warnln("%s provider is %s, only matching it contain domain rule", provider.Name(), provider.Behavior())
-				}
-			}
-		}
 		policy[domain] = nameservers
 	}

@ -1096,10 +1051,11 @@ func parseFallbackGeoSite(countries []string, rules []C.Rule) ([]*router.DomainM
 			log.Infoln("Start initial GeoSite dns fallback filter `%s`, records: %d", country, recordsCount)
 		}
 	}
+	runtime.GC()
 	return sites, nil
 }

-func parseDNS(rawCfg *RawConfig, hosts *trie.DomainTrie[resolver.HostValue], rules []C.Rule, ruleProviders map[string]providerTypes.RuleProvider) (*DNS, error) {
+func parseDNS(rawCfg *RawConfig, hosts *trie.DomainTrie[resolver.HostValue], rules []C.Rule) (*DNS, error) {
 	cfg := rawCfg.DNS
 	if cfg.Enable && len(cfg.NameServer) == 0 {
 		return nil, fmt.Errorf("if DNS configuration is turned on, NameServer cannot be empty")
@ -1126,7 +1082,7 @@ func parseDNS(rawCfg *RawConfig, hosts *trie.DomainTrie[resolver.HostValue], rul
 		return nil, err
 	}

-	if dnsCfg.NameServerPolicy, err = parseNameServerPolicy(cfg.NameServerPolicy, ruleProviders, cfg.PreferH3); err != nil {
+	if dnsCfg.NameServerPolicy, err = parseNameServerPolicy(cfg.NameServerPolicy, cfg.PreferH3); err != nil {
 		return nil, err
 	}

@ -1262,7 +1218,6 @@ func parseTun(rawTun RawTun, general *General) error {
 		ExcludePackage:         rawTun.ExcludePackage,
 		EndpointIndependentNat: rawTun.EndpointIndependentNat,
 		UDPTimeout:             rawTun.UDPTimeout,
-		FileDescriptor:         rawTun.FileDescriptor,
 	}

 	return nil
@ -1346,24 +1301,23 @@ func parseSniffer(snifferRaw RawSniffer) (*Sniffer, error) {
 	}

 	sniffer.Sniffers = loadSniffer
-
-	forceDomainTrie := trie.New[struct{}]()
+	sniffer.ForceDomain = trie.New[struct{}]()
 	for _, domain := range snifferRaw.ForceDomain {
-		err := forceDomainTrie.Insert(domain, struct{}{})
+		err := sniffer.ForceDomain.Insert(domain, struct{}{})
 		if err != nil {
 			return nil, fmt.Errorf("error domian[%s] in force-domain, error:%v", domain, err)
 		}
 	}
-	sniffer.ForceDomain = forceDomainTrie.NewDomainSet()
+	sniffer.ForceDomain.Optimize()

-	skipDomainTrie := trie.New[struct{}]()
+	sniffer.SkipDomain = trie.New[struct{}]()
 	for _, domain := range snifferRaw.SkipDomain {
-		err := skipDomainTrie.Insert(domain, struct{}{})
+		err := sniffer.SkipDomain.Insert(domain, struct{}{})
 		if err != nil {
 			return nil, fmt.Errorf("error domian[%s] in force-domain, error:%v", domain, err)
 		}
 	}
-	sniffer.SkipDomain = skipDomainTrie.NewDomainSet()
+	sniffer.SkipDomain.Optimize()

 	return sniffer, nil
 }
--- a/config/updateGeo.go
+++ b/config/updateGeo.go
@ -1,20 +1,15 @@
 package config

 import (
-	"context"
 	"fmt"
+	"github.com/Dreamacro/clash/component/geodata"
+	_ "github.com/Dreamacro/clash/component/geodata/standard"
+	C "github.com/Dreamacro/clash/constant"
+	"github.com/oschwald/geoip2-golang"
 	"io"
 	"net/http"
 	"os"
 	"runtime"
-	"time"
-
-	"github.com/Dreamacro/clash/component/geodata"
-	_ "github.com/Dreamacro/clash/component/geodata/standard"
-	clashHttp "github.com/Dreamacro/clash/component/http"
-	C "github.com/Dreamacro/clash/constant"
-
-	"github.com/oschwald/geoip2-golang"
 )

 func UpdateGeoDatabases() error {
@ -68,15 +63,11 @@ func UpdateGeoDatabases() error {
 		return fmt.Errorf("can't save GeoSite database file: %w", err)
 	}

-	geodata.ClearCache()
-
 	return nil
 }

 func downloadForBytes(url string) ([]byte, error) {
-	ctx, cancel := context.WithTimeout(context.Background(), time.Second*90)
-	defer cancel()
-	resp, err := clashHttp.HttpRequest(ctx, url, http.MethodGet, http.Header{"User-Agent": {"clash"}}, nil)
+	resp, err := http.Get(url)
 	if err != nil {
 		return nil, err
 	}
--- a/config/utils.go
+++ b/config/utils.go
@ -3,7 +3,6 @@ package config
 import (
 	"fmt"
 	"net"
-	"net/netip"
 	"strings"

 	"github.com/Dreamacro/clash/adapter/outboundgroup"
@ -150,11 +149,20 @@ func proxyGroupsDagSort(groupsConfig []map[string]any) error {
 }

 func verifyIP6() bool {
-	if iAddrs, err := net.InterfaceAddrs(); err == nil {
-		for _, addr := range iAddrs {
-			if prefix, err := netip.ParsePrefix(addr.String()); err == nil {
-				if addr := prefix.Addr().Unmap(); addr.Is6() && addr.IsGlobalUnicast() {
-					return true
+	addrs, err := net.InterfaceAddrs()
+	if err != nil {
+		return false
+	}
+	for _, addr := range addrs {
+		ipNet, isIpNet := addr.(*net.IPNet)
+		if isIpNet && !ipNet.IP.IsLoopback() {
+			if ipNet.IP.To16() != nil {
+				s := ipNet.IP.String()
+				for i := 0; i < len(s); i++ {
+					switch s[i] {
+					case ':':
+						return true
+					}
 				}
 			}
 		}
--- a/constant/adapters.go
+++ b/constant/adapters.go
@ -2,14 +2,12 @@ package constant

 import (
 	"context"
-	"errors"
 	"fmt"
 	"net"
 	"net/netip"
 	"sync"
 	"time"

-	N "github.com/Dreamacro/clash/common/net"
 	"github.com/Dreamacro/clash/component/dialer"
 )

@ -45,8 +43,6 @@ const (
 	DefaultTLSTimeout = DefaultTCPTimeout
 )

-var ErrNotSupport = errors.New("no support")
-
 type Connection interface {
 	Chains() Chain
 	AppendToChains(adapter ProxyAdapter)
@ -76,7 +72,7 @@ func (c Chain) Last() string {
 }

 type Conn interface {
-	N.ExtendedConn
+	net.Conn
 	Connection
 }

@ -120,13 +116,10 @@ type ProxyAdapter interface {
 	// SupportUOT return UDP over TCP support
 	SupportUOT() bool

-	SupportWithDialer() NetWork
+	SupportWithDialer() bool
 	DialContextWithDialer(ctx context.Context, dialer Dialer, metadata *Metadata) (Conn, error)
 	ListenPacketWithDialer(ctx context.Context, dialer Dialer, metadata *Metadata) (PacketConn, error)

-	// IsL3Protocol return ProxyAdapter working in L3 (tell dns module not pass the domain to avoid loopback)
-	IsL3Protocol(metadata *Metadata) bool
-
 	// Unwrap extracts the proxy from a proxy-group. It returns nil when nothing to extract.
 	Unwrap(metadata *Metadata, touch bool) Proxy
 }
--- a/constant/context.go
+++ b/constant/context.go
@ -5,7 +5,7 @@ import (

 	N "github.com/Dreamacro/clash/common/net"

-	"github.com/gofrs/uuid/v5"
+	"github.com/gofrs/uuid"
 )

 type PlainContext interface {
--- a/constant/features/low_memory.go
+++ b/constant/features/low_memory.go
@ -1,6 +0,0 @@
-//go:build with_low_memory
-package features
-
-func init() {
-	TAGS = append(TAGS, "with_low_memory")
-}
--- a/constant/features/no_doq.go
+++ b/constant/features/no_doq.go
@ -0,0 +1,7 @@
+//go:build no_doq
+
+package features
+
+func init() {
+	TAGS = append(TAGS, "no_doq")
+}
--- a/constant/features/no_fake_tcp.go
+++ b/constant/features/no_fake_tcp.go
@ -1,7 +0,0 @@
-//go:build no_fake_tcp
-
-package features
-
-func init() {
-	TAGS = append(TAGS, "no_fake_tcp")
-}
--- a/constant/features/no_gvisor.go
+++ b/constant/features/no_gvisor.go
@ -0,0 +1,7 @@
+//go:build no_gvisor
+
+package features
+
+func init() {
+	TAGS = append(TAGS, "no_gvisor")
+}
--- a/constant/features/with_gvisor.go
+++ b/constant/features/with_gvisor.go
@ -1,7 +0,0 @@
-//go:build with_gvisor
-
-package features
-
-func init() {
-	TAGS = append(TAGS, "with_gvisor")
-}
--- a/constant/metadata.go
+++ b/constant/metadata.go
@ -15,10 +15,7 @@ const (
 	TCP NetWork = iota
 	UDP
 	ALLNet
-	InvalidNet = 0xff
-)

-const (
 	HTTP Type = iota
 	HTTPS
 	SOCKS4
@ -36,16 +33,12 @@ const (
 type NetWork int

 func (n NetWork) String() string {
-	switch n {
-	case TCP:
+	if n == TCP {
 		return "tcp"
-	case UDP:
+	} else if n == UDP {
 		return "udp"
-	case ALLNet:
-		return "all"
-	default:
-		return "invalid"
 	}
+	return "all"
 }

 func (n NetWork) MarshalJSON() ([]byte, error) {
@ -229,21 +222,3 @@ func (m *Metadata) String() string {
 func (m *Metadata) Valid() bool {
 	return m.Host != "" || m.DstIP.IsValid()
 }
-
-func (m *Metadata) SetRemoteAddress(rawAddress string) error {
-	host, port, err := net.SplitHostPort(rawAddress)
-	if err != nil {
-		return err
-	}
-
-	if ip, err := netip.ParseAddr(host); err != nil {
-		m.Host = host
-		m.DstIP = netip.Addr{}
-	} else {
-		m.Host = ""
-		m.DstIP = ip.Unmap()
-	}
-	m.DstPort = port
-
-	return nil
-}
--- a/constant/provider/interface.go
+++ b/constant/provider/interface.go
@ -73,27 +73,17 @@ type ProxyProvider interface {
 	Version() uint32
 }

-// RuleProvider interface
-type RuleProvider interface {
-	Provider
-	Behavior() RuleBehavior
-	Match(*constant.Metadata) bool
-	ShouldResolveIP() bool
-	ShouldFindProcess() bool
-	AsRule(adaptor string) constant.Rule
-}
-
-// Rule Behavior
+// Rule Type
 const (
-	Domain RuleBehavior = iota
+	Domain RuleType = iota
 	IPCIDR
 	Classical
 )

-// RuleBehavior defined
-type RuleBehavior int
+// RuleType defined
+type RuleType int

-func (rt RuleBehavior) String() string {
+func (rt RuleType) String() string {
 	switch rt {
 	case Domain:
 		return "Domain"
@ -106,20 +96,12 @@ func (rt RuleBehavior) String() string {
 	}
 }

-const (
-	YamlRule RuleFormat = iota
-	TextRule
-)
-
-type RuleFormat int
-
-func (rf RuleFormat) String() string {
-	switch rf {
-	case YamlRule:
-		return "YamlRule"
-	case TextRule:
-		return "TextRule"
-	default:
-		return "Unknown"
-	}
+// RuleProvider interface
+type RuleProvider interface {
+	Provider
+	Behavior() RuleType
+	Match(*constant.Metadata) bool
+	ShouldResolveIP() bool
+	ShouldFindProcess() bool
+	AsRule(adaptor string) constant.Rule
 }
--- a/context/conn.go
+++ b/context/conn.go
@ -7,7 +7,7 @@ import (
 	N "github.com/Dreamacro/clash/common/net"
 	C "github.com/Dreamacro/clash/constant"

-	"github.com/gofrs/uuid/v5"
+	"github.com/gofrs/uuid"
 )

 type ConnContext struct {
@ -17,8 +17,10 @@ type ConnContext struct {
 }

 func NewConnContext(conn net.Conn, metadata *C.Metadata) *ConnContext {
+	id, _ := utils.UnsafeUUIDGenerator.NewV4()
+
 	return &ConnContext{
-		id:       utils.NewUUIDV4(),
+		id:       id,
 		metadata: metadata,
 		conn:     N.NewBufferedConn(conn),
 	}
--- a/context/dns.go
+++ b/context/dns.go
@ -4,7 +4,7 @@ import (
 	"context"
 	"github.com/Dreamacro/clash/common/utils"

-	"github.com/gofrs/uuid/v5"
+	"github.com/gofrs/uuid"
 	"github.com/miekg/dns"
 )

@ -23,10 +23,11 @@ type DNSContext struct {
 }

 func NewDNSContext(ctx context.Context, msg *dns.Msg) *DNSContext {
+	id, _ := utils.UnsafeUUIDGenerator.NewV4()
 	return &DNSContext{
 		Context: ctx,

-		id:  utils.NewUUIDV4(),
+		id:  id,
 		msg: msg,
 	}
 }
--- a/context/packetconn.go
+++ b/context/packetconn.go
@ -6,7 +6,7 @@ import (
 	"github.com/Dreamacro/clash/common/utils"
 	C "github.com/Dreamacro/clash/constant"

-	"github.com/gofrs/uuid/v5"
+	"github.com/gofrs/uuid"
 )

 type PacketConnContext struct {
@ -16,8 +16,9 @@ type PacketConnContext struct {
 }

 func NewPacketConnContext(metadata *C.Metadata) *PacketConnContext {
+	id, _ := utils.UnsafeUUIDGenerator.NewV4()
 	return &PacketConnContext{
-		id:       utils.NewUUIDV4(),
+		id:       id,
 		metadata: metadata,
 	}
 }
--- a/dns/client.go
+++ b/dns/client.go
@ -8,11 +8,11 @@ import (
 	"net/netip"
 	"strings"

-	"github.com/Dreamacro/clash/common/atomic"
+	tlsC "github.com/Dreamacro/clash/component/tls"
+	"go.uber.org/atomic"
+
 	"github.com/Dreamacro/clash/component/dialer"
 	"github.com/Dreamacro/clash/component/resolver"
-	tlsC "github.com/Dreamacro/clash/component/tls"
-	C "github.com/Dreamacro/clash/constant"

 	D "github.com/miekg/dns"
 	"github.com/zhangyunhao116/fastrand"
@ -23,9 +23,8 @@ type client struct {
 	r            *Resolver
 	port         string
 	host         string
-	iface        *atomic.TypedValue[string]
-	proxyAdapter C.ProxyAdapter
-	proxyName    string
+	iface        *atomic.String
+	proxyAdapter string
 	addr         string
 }

@ -82,7 +81,7 @@ func (c *client) ExchangeContext(ctx context.Context, m *D.Msg) (*D.Msg, error)
 		options = append(options, dialer.WithInterface(c.iface.Load()))
 	}

-	conn, err := getDialHandler(c.r, c.proxyAdapter, c.proxyName, options...)(ctx, network, net.JoinHostPort(ip.String(), c.port))
+	conn, err := getDialHandler(c.r, c.proxyAdapter, options...)(ctx, network, net.JoinHostPort(ip.String(), c.port))
 	if err != nil {
 		return nil, err
 	}
--- a/dns/dhcp.go
+++ b/dns/dhcp.go
@ -8,7 +8,8 @@ import (
 	"sync"
 	"time"

-	"github.com/Dreamacro/clash/common/atomic"
+	"go.uber.org/atomic"
+
 	"github.com/Dreamacro/clash/component/dhcp"
 	"github.com/Dreamacro/clash/component/iface"
 	"github.com/Dreamacro/clash/component/resolver"
@ -85,7 +86,7 @@ func (d *dhcpClient) resolve(ctx context.Context) ([]dnsClient, error) {
 				for _, item := range dns {
 					nameserver = append(nameserver, NameServer{
 						Addr:      net.JoinHostPort(item.String(), "53"),
-						Interface: atomic.NewTypedValue(d.ifaceName),
+						Interface: atomic.NewString(d.ifaceName),
 					})
 				}

--- a/dns/doh.go
+++ b/dns/doh.go
@ -21,7 +21,6 @@ import (
 	"github.com/metacubex/quic-go"
 	"github.com/metacubex/quic-go/http3"
 	D "github.com/miekg/dns"
-	"golang.org/x/exp/slices"
 	"golang.org/x/net/http2"
 )

@ -64,8 +63,7 @@ type dnsOverHTTPS struct {
 	url             *url.URL
 	r               *Resolver
 	httpVersions    []C.HTTPVersion
-	proxyAdapter    C.ProxyAdapter
-	proxyName       string
+	proxyAdapter    string
 	addr            string
 }

@ -73,7 +71,7 @@ type dnsOverHTTPS struct {
 var _ dnsClient = (*dnsOverHTTPS)(nil)

 // newDoH returns the DNS-over-HTTPS Upstream.
-func newDoHClient(urlString string, r *Resolver, preferH3 bool, params map[string]string, proxyAdapter C.ProxyAdapter, proxyName string) dnsClient {
+func newDoHClient(urlString string, r *Resolver, preferH3 bool, params map[string]string, proxyAdapter string) dnsClient {
 	u, _ := url.Parse(urlString)
 	httpVersions := DefaultHTTPVersions
 	if preferH3 {
@ -89,7 +87,6 @@ func newDoHClient(urlString string, r *Resolver, preferH3 bool, params map[strin
 		addr:         u.String(),
 		r:            r,
 		proxyAdapter: proxyAdapter,
-		proxyName:    proxyName,
 		quicConfig: &quic.Config{
 			KeepAlivePeriod: QUICKeepAlivePeriod,
 			TokenStore:      newQUICTokenStore(),
@ -393,17 +390,14 @@ func (doh *dnsOverHTTPS) createTransport(ctx context.Context) (t http.RoundTripp
 		nextProtos = append(nextProtos, string(v))
 	}
 	tlsConfig.NextProtos = nextProtos
-	dialContext := getDialHandler(doh.r, doh.proxyAdapter, doh.proxyName)
-
-	if slices.Contains(doh.httpVersions, C.HTTPVersion3) {
-		// First, we attempt to create an HTTP3 transport.  If the probe QUIC
-		// connection is established successfully, we'll be using HTTP3 for this
-		// upstream.
-		transportH3, err := doh.createTransportH3(ctx, tlsConfig, dialContext)
-		if err == nil {
-			log.Debugln("[%s] using HTTP/3 for this upstream: QUIC was faster", doh.url.String())
-			return transportH3, nil
-		}
+	dialContext := getDialHandler(doh.r, doh.proxyAdapter)
+	// First, we attempt to create an HTTP3 transport.  If the probe QUIC
+	// connection is established successfully, we'll be using HTTP3 for this
+	// upstream.
+	transportH3, err := doh.createTransportH3(ctx, tlsConfig, dialContext)
+	if err == nil {
+		log.Debugln("[%s] using HTTP/3 for this upstream: QUIC was faster", doh.url.String())
+		return transportH3, nil
 	}

 	log.Debugln("[%s] using HTTP/2 for this upstream: %v", doh.url.String(), err)
@ -539,7 +533,7 @@ func (doh *dnsOverHTTPS) dialQuic(ctx context.Context, addr string, tlsCfg *tls.
 		IP:   net.ParseIP(ip),
 		Port: portInt,
 	}
-	conn, err := listenPacket(ctx, doh.proxyAdapter, doh.proxyName, "udp", addr, doh.r)
+	conn, err := listenPacket(ctx, doh.proxyAdapter, "udp", addr, doh.r)
 	if err != nil {
 		return nil, err
 	}
--- a/dns/doq.go
+++ b/dns/doq.go
@ -13,10 +13,9 @@ import (
 	"time"

 	tlsC "github.com/Dreamacro/clash/component/tls"
-	C "github.com/Dreamacro/clash/constant"
-	"github.com/Dreamacro/clash/log"
 	"github.com/metacubex/quic-go"

+	"github.com/Dreamacro/clash/log"
 	D "github.com/miekg/dns"
 )

@ -61,8 +60,7 @@ type dnsOverQUIC struct {
 	bytesPoolGuard sync.Mutex

 	addr         string
-	proxyAdapter C.ProxyAdapter
-	proxyName    string
+	proxyAdapter string
 	r            *Resolver
 }

@ -70,11 +68,10 @@ type dnsOverQUIC struct {
 var _ dnsClient = (*dnsOverQUIC)(nil)

 // newDoQ returns the DNS-over-QUIC Upstream.
-func newDoQ(resolver *Resolver, addr string, proxyAdapter C.ProxyAdapter, proxyName string) (dnsClient, error) {
+func newDoQ(resolver *Resolver, addr string, adapter string) (dnsClient, error) {
 	doq := &dnsOverQUIC{
 		addr:         addr,
-		proxyAdapter: proxyAdapter,
-		proxyName:    proxyName,
+		proxyAdapter: adapter,
 		r:            resolver,
 		quicConfig: &quic.Config{
 			KeepAlivePeriod: QUICKeepAlivePeriod,
@ -313,7 +310,7 @@ func (doq *dnsOverQUIC) openConnection(ctx context.Context) (conn quic.Connectio
 	// we're using bootstrapped address instead of what's passed to the function
 	// it does not create an actual connection, but it helps us determine
 	// what IP is actually reachable (when there're v4/v6 addresses).
-	rawConn, err := getDialHandler(doq.r, doq.proxyAdapter, doq.proxyName)(ctx, "udp", doq.addr)
+	rawConn, err := getDialHandler(doq.r, doq.proxyAdapter)(ctx, "udp", doq.addr)
 	if err != nil {
 		return nil, fmt.Errorf("failed to open a QUIC connection: %w", err)
 	}
@ -328,7 +325,7 @@ func (doq *dnsOverQUIC) openConnection(ctx context.Context) (conn quic.Connectio

 	p, err := strconv.Atoi(port)
 	udpAddr := net.UDPAddr{IP: net.ParseIP(ip), Port: p}
-	udp, err := listenPacket(ctx, doq.proxyAdapter, doq.proxyName, "udp", addr, doq.r)
+	udp, err := listenPacket(ctx, doq.proxyAdapter, "udp", addr, doq.r)
 	if err != nil {
 		return nil, err
 	}
--- a/dns/filters.go
+++ b/dns/filters.go
@ -29,10 +29,29 @@ func (gf *geoipFilter) Match(ip netip.Addr) bool {
 	}

 	if geoIPMatcher == nil {
-		var err error
-		geoIPMatcher, _, err = geodata.LoadGeoIPMatcher("CN")
+		countryCode := "cn"
+		geoLoader, err := geodata.GetGeoDataLoader(geodata.LoaderName())
 		if err != nil {
-			log.Errorln("[GeoIPFilter] LoadGeoIPMatcher error: %s", err.Error())
+			log.Errorln("[GeoIPFilter] GetGeoDataLoader error: %s", err.Error())
+			return false
+		}
+
+		records, err := geoLoader.LoadGeoIP(countryCode)
+		if err != nil {
+			log.Errorln("[GeoIPFilter] LoadGeoIP error: %s", err.Error())
+			return false
+		}
+
+		geoIP := &router.GeoIP{
+			CountryCode:  countryCode,
+			Cidr:         records,
+			ReverseMatch: false,
+		}
+
+		geoIPMatcher, err = router.NewGeoIPMatcher(geoIP)
+
+		if err != nil {
+			log.Errorln("[GeoIPFilter] NewGeoIPMatcher error: %s", err.Error())
 			return false
 		}
 	}
@ -73,10 +92,6 @@ type geoSiteFilter struct {
 }

 func NewGeoSite(group string) (fallbackDomainFilter, error) {
-	if err := geodata.InitGeoSite(); err != nil {
-		log.Errorln("can't initial GeoSite: %s", err)
-		return nil, err
-	}
 	matcher, _, err := geodata.LoadGeoSiteMatcher(group)
 	if err != nil {
 		return nil, err
--- a/dns/resolver.go
+++ b/dns/resolver.go
@ -3,21 +3,23 @@ package dns
 import (
 	"context"
 	"errors"
+	"fmt"
 	"net/netip"
 	"strings"
 	"time"

-	"github.com/Dreamacro/clash/common/atomic"
+	"go.uber.org/atomic"
+
 	"github.com/Dreamacro/clash/common/cache"
 	"github.com/Dreamacro/clash/component/fakeip"
 	"github.com/Dreamacro/clash/component/geodata/router"
 	"github.com/Dreamacro/clash/component/resolver"
 	"github.com/Dreamacro/clash/component/trie"
 	C "github.com/Dreamacro/clash/constant"
-	"github.com/Dreamacro/clash/constant/provider"
 	"github.com/Dreamacro/clash/log"

 	D "github.com/miekg/dns"
+	"github.com/zhangyunhao116/fastrand"
 	"golang.org/x/sync/singleflight"
 )

@ -38,11 +40,6 @@ type geositePolicyRecord struct {
 	inversedMatching bool
 }

-type domainSetPolicyRecord struct {
-	domainSetProvider provider.RuleProvider
-	policy            *Policy
-}
-
 type Resolver struct {
 	ipv6                  bool
 	ipv6Timeout           time.Duration
@ -54,7 +51,6 @@ type Resolver struct {
 	group                 singleflight.Group
 	lruCache              *cache.LruCache[string, *D.Msg]
 	policy                *trie.DomainTrie[*Policy]
-	domainSetPolicy       []domainSetPolicyRecord
 	geositePolicy         []geositePolicyRecord
 	proxyServer           []dnsClient
 }
@ -97,7 +93,7 @@ func (r *Resolver) LookupIP(ctx context.Context, host string) (ips []netip.Addr,

 	ips, err = r.lookupIP(ctx, host, D.TypeA)
 	var waitIPv6 *time.Timer
-	if r != nil && r.ipv6Timeout > 0 {
+	if r != nil {
 		waitIPv6 = time.NewTimer(r.ipv6Timeout)
 	} else {
 		waitIPv6 = time.NewTimer(100 * time.Millisecond)
@ -116,16 +112,49 @@ func (r *Resolver) LookupIP(ctx context.Context, host string) (ips []netip.Addr,
 	return ips, nil
 }

+// ResolveIP request with TypeA and TypeAAAA, priority return TypeA
+func (r *Resolver) ResolveIP(ctx context.Context, host string) (ip netip.Addr, err error) {
+	ips, err := r.LookupIPPrimaryIPv4(ctx, host)
+	if err != nil {
+		return netip.Addr{}, err
+	} else if len(ips) == 0 {
+		return netip.Addr{}, fmt.Errorf("%w: %s", resolver.ErrIPNotFound, host)
+	}
+	return ips[fastrand.Intn(len(ips))], nil
+}
+
 // LookupIPv4 request with TypeA
 func (r *Resolver) LookupIPv4(ctx context.Context, host string) ([]netip.Addr, error) {
 	return r.lookupIP(ctx, host, D.TypeA)
 }

+// ResolveIPv4 request with TypeA
+func (r *Resolver) ResolveIPv4(ctx context.Context, host string) (ip netip.Addr, err error) {
+	ips, err := r.lookupIP(ctx, host, D.TypeA)
+	if err != nil {
+		return netip.Addr{}, err
+	} else if len(ips) == 0 {
+		return netip.Addr{}, fmt.Errorf("%w: %s", resolver.ErrIPNotFound, host)
+	}
+	return ips[fastrand.Intn(len(ips))], nil
+}
+
 // LookupIPv6 request with TypeAAAA
 func (r *Resolver) LookupIPv6(ctx context.Context, host string) ([]netip.Addr, error) {
 	return r.lookupIP(ctx, host, D.TypeAAAA)
 }

+// ResolveIPv6 request with TypeAAAA
+func (r *Resolver) ResolveIPv6(ctx context.Context, host string) (ip netip.Addr, err error) {
+	ips, err := r.lookupIP(ctx, host, D.TypeAAAA)
+	if err != nil {
+		return netip.Addr{}, err
+	} else if len(ips) == 0 {
+		return netip.Addr{}, fmt.Errorf("%w: %s", resolver.ErrIPNotFound, host)
+	}
+	return ips[fastrand.Intn(len(ips))], nil
+}
+
 func (r *Resolver) shouldIPFallback(ip netip.Addr) bool {
 	for _, filter := range r.fallbackIPFilters {
 		if filter.Match(ip) {
@ -272,12 +301,6 @@ func (r *Resolver) matchPolicy(m *D.Msg) []dnsClient {
 			return geositeRecord.policy.GetData()
 		}
 	}
-	metadata := &C.Metadata{Host: domain}
-	for _, domainSetRecord := range r.domainSetPolicy {
-		if ok := domainSetRecord.domainSetProvider.Match(metadata); ok {
-			return domainSetRecord.policy.GetData()
-		}
-	}
 	return nil
 }

@ -376,20 +399,16 @@ func (r *Resolver) asyncExchange(ctx context.Context, client []dnsClient, msg *D
 	return ch
 }

-// Invalid return this resolver can or can't be used
-func (r *Resolver) Invalid() bool {
-	if r == nil {
-		return false
-	}
+// HasProxyServer has proxy server dns client
+func (r *Resolver) HasProxyServer() bool {
 	return len(r.main) > 0
 }

 type NameServer struct {
 	Net          string
 	Addr         string
-	Interface    *atomic.TypedValue[string]
-	ProxyAdapter C.ProxyAdapter
-	ProxyName    string
+	Interface    *atomic.String
+	ProxyAdapter string
 	Params       map[string]string
 	PreferH3     bool
 }
@ -403,18 +422,16 @@ type FallbackFilter struct {
 }

 type Config struct {
-	Main, Fallback  []NameServer
-	Default         []NameServer
-	ProxyServer     []NameServer
-	IPv6            bool
-	IPv6Timeout     uint
-	EnhancedMode    C.DNSMode
-	FallbackFilter  FallbackFilter
-	Pool            *fakeip.Pool
-	Hosts           *trie.DomainTrie[resolver.HostValue]
-	Policy          map[string][]NameServer
-	DomainSetPolicy map[provider.RuleProvider][]NameServer
-	GeositePolicy   map[router.DomainMatcher][]NameServer
+	Main, Fallback []NameServer
+	Default        []NameServer
+	ProxyServer    []NameServer
+	IPv6           bool
+	IPv6Timeout    uint
+	EnhancedMode   C.DNSMode
+	FallbackFilter FallbackFilter
+	Pool           *fakeip.Pool
+	Hosts          *trie.DomainTrie[resolver.HostValue]
+	Policy         map[string][]NameServer
 }

 func NewResolver(config Config) *Resolver {
@ -466,14 +483,6 @@ func NewResolver(config Config) *Resolver {
 		}
 		r.policy.Optimize()
 	}
-	if len(config.DomainSetPolicy) > 0 {
-		for p, n := range config.DomainSetPolicy {
-			r.domainSetPolicy = append(r.domainSetPolicy, domainSetPolicyRecord{
-				domainSetProvider: p,
-				policy:            NewPolicy(transform(n, defaultResolver)),
-			})
-		}
-	}

 	fallbackIPFilters := []fallbackIPFilter{}
 	if config.FallbackFilter.GeoIP {
@ -507,10 +516,8 @@ func NewProxyServerHostResolver(old *Resolver) *Resolver {
 		main:        old.proxyServer,
 		lruCache:    old.lruCache,
 		hosts:       old.hosts,
-		policy:      trie.New[*Policy](),
+		policy:      old.policy,
 		ipv6Timeout: old.ipv6Timeout,
 	}
 	return r
 }
-
-var ParseNameServer func(servers []string) ([]NameServer, error) // define in config/config.go
--- a/dns/util.go
+++ b/dns/util.go
@ -74,13 +74,13 @@ func transform(servers []NameServer, resolver *Resolver) []dnsClient {
 	for _, s := range servers {
 		switch s.Net {
 		case "https":
-			ret = append(ret, newDoHClient(s.Addr, resolver, s.PreferH3, s.Params, s.ProxyAdapter, s.ProxyName))
+			ret = append(ret, newDoHClient(s.Addr, resolver, s.PreferH3, s.Params, s.ProxyAdapter))
 			continue
 		case "dhcp":
 			ret = append(ret, newDHCPClient(s.Addr))
 			continue
 		case "quic":
-			if doq, err := newDoQ(resolver, s.Addr, s.ProxyAdapter, s.ProxyName); err == nil {
+			if doq, err := newDoQ(resolver, s.Addr, s.ProxyAdapter); err == nil {
 				ret = append(ret, doq)
 			} else {
 				log.Fatalln("DoQ format error: %v", err)
@ -103,7 +103,6 @@ func transform(servers []NameServer, resolver *Resolver) []dnsClient {
 			iface:        s.Interface,
 			r:            resolver,
 			proxyAdapter: s.ProxyAdapter,
-			proxyName:    s.ProxyName,
 		})
 	}
 	return ret
@ -145,9 +144,9 @@ func msgToDomain(msg *D.Msg) string {

 type dialHandler func(ctx context.Context, network, addr string) (net.Conn, error)

-func getDialHandler(r *Resolver, proxyAdapter C.ProxyAdapter, proxyName string, opts ...dialer.Option) dialHandler {
+func getDialHandler(r *Resolver, proxyAdapter string, opts ...dialer.Option) dialHandler {
 	return func(ctx context.Context, network, addr string) (net.Conn, error) {
-		if len(proxyName) == 0 && proxyAdapter == nil {
+		if len(proxyAdapter) == 0 {
 			opts = append(opts, dialer.WithResolver(r))
 			return dialer.DialContext(ctx, network, addr, opts...)
 		} else {
@ -155,14 +154,10 @@ func getDialHandler(r *Resolver, proxyAdapter C.ProxyAdapter, proxyName string,
 			if err != nil {
 				return nil, err
 			}
-			if proxyAdapter == nil {
-				var ok bool
-				proxyAdapter, ok = tunnel.Proxies()[proxyName]
-				if !ok {
-					opts = append(opts, dialer.WithInterface(proxyName))
-				}
+			adapter, ok := tunnel.Proxies()[proxyAdapter]
+			if !ok {
+				opts = append(opts, dialer.WithInterface(proxyAdapter))
 			}
-
 			if strings.Contains(network, "tcp") {
 				// tcp can resolve host by remote
 				metadata := &C.Metadata{
@ -170,16 +165,8 @@ func getDialHandler(r *Resolver, proxyAdapter C.ProxyAdapter, proxyName string,
 					Host:    host,
 					DstPort: port,
 				}
-				if proxyAdapter != nil {
-					if proxyAdapter.IsL3Protocol(metadata) { // L3 proxy should resolve domain before to avoid loopback
-						dstIP, err := resolver.ResolveIPWithResolver(ctx, host, r)
-						if err != nil {
-							return nil, err
-						}
-						metadata.Host = ""
-						metadata.DstIP = dstIP
-					}
-					return proxyAdapter.DialContext(ctx, metadata, opts...)
+				if ok {
+					return adapter.DialContext(ctx, metadata, opts...)
 				}
 				opts = append(opts, dialer.WithResolver(r))
 				return dialer.DialContext(ctx, network, addr, opts...)
@ -195,15 +182,15 @@ func getDialHandler(r *Resolver, proxyAdapter C.ProxyAdapter, proxyName string,
 					DstIP:   dstIP,
 					DstPort: port,
 				}
-				if proxyAdapter == nil {
+				if !ok {
 					return dialer.DialContext(ctx, network, addr, opts...)
 				}

-				if !proxyAdapter.SupportUDP() {
+				if !adapter.SupportUDP() {
 					return nil, fmt.Errorf("proxy adapter [%s] UDP is not supported", proxyAdapter)
 				}

-				packetConn, err := proxyAdapter.ListenPacketContext(ctx, metadata, opts...)
+				packetConn, err := adapter.ListenPacketContext(ctx, metadata, opts...)
 				if err != nil {
 					return nil, err
 				}
@ -214,17 +201,14 @@ func getDialHandler(r *Resolver, proxyAdapter C.ProxyAdapter, proxyName string,
 	}
 }

-func listenPacket(ctx context.Context, proxyAdapter C.ProxyAdapter, proxyName string, network string, addr string, r *Resolver, opts ...dialer.Option) (net.PacketConn, error) {
+func listenPacket(ctx context.Context, proxyAdapter string, network string, addr string, r *Resolver, opts ...dialer.Option) (net.PacketConn, error) {
 	host, port, err := net.SplitHostPort(addr)
 	if err != nil {
 		return nil, err
 	}
-	if proxyAdapter == nil {
-		var ok bool
-		proxyAdapter, ok = tunnel.Proxies()[proxyName]
-		if !ok {
-			opts = append(opts, dialer.WithInterface(proxyName))
-		}
+	adapter, ok := tunnel.Proxies()[proxyAdapter]
+	if !ok && len(proxyAdapter) != 0 {
+		opts = append(opts, dialer.WithInterface(proxyAdapter))
 	}

 	// udp must resolve host first
@ -238,15 +222,15 @@ func listenPacket(ctx context.Context, proxyAdapter C.ProxyAdapter, proxyName st
 		DstIP:   dstIP,
 		DstPort: port,
 	}
-	if proxyAdapter == nil {
+	if !ok {
 		return dialer.ListenPacket(ctx, dialer.ParseNetwork(network, dstIP), "", opts...)
 	}

-	if !proxyAdapter.SupportUDP() {
+	if !adapter.SupportUDP() {
 		return nil, fmt.Errorf("proxy adapter [%s] UDP is not supported", proxyAdapter)
 	}

-	return proxyAdapter.ListenPacketContext(ctx, metadata, opts...)
+	return adapter.ListenPacketContext(ctx, metadata, opts...)
 }

 func batchExchange(ctx context.Context, clients []dnsClient, m *D.Msg) (msg *D.Msg, err error) {
--- a/docs/allocs.svg
+++ b/docs/allocs.svg
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Skyxim	8ee452f544	chore: format code	2023-03-12 14:58:27 +08:00
Skyxim	d0b95e91f5	chore: try use domain mapping when normal dns	2023-03-12 14:50:21 +08:00
Skyxim	6cee7213c4	chore: use cname in tunnel	2023-03-12 14:44:24 +08:00
Skyxim	c555cec490	chore: reuse code	2023-03-12 14:37:46 +08:00
Skyxim	a510909228	chore: adjust logic	2023-03-12 14:14:38 +08:00
Skyxim	0273a6bb9d	fix: flatten cname	2023-03-12 12:41:32 +08:00
Skyxim	4b1e00d3aa	chore: unified parse mixed string and array	2023-03-12 12:08:16 +08:00
Skyxim	17fea4b459	chore: update hosts demo	2023-03-12 11:40:05 +08:00
Skyxim	5ecdefcfb5	chore: append local address via `clash`	2023-03-12 11:27:17 +08:00
Skyxim	2f69b64d82	feat: host support domain and multiple ips	2023-03-12 10:53:38 +08:00
				`@ -1 +0,0 @@`
				`git log --pretty=format:"* %s by @%an" v1.14.x..v1.14.y \| sort -f \| uniq > release.md`