diff --git a/Tun/Punchnet/Actors/SDLContextActor.swift b/Tun/Punchnet/Actors/SDLContextActor.swift
index ca028d9..7cc94af 100644
--- a/Tun/Punchnet/Actors/SDLContextActor.swift
+++ b/Tun/Punchnet/Actors/SDLContextActor.swift
@@ -108,12 +108,8 @@ actor SDLContextActor {
         
         // 启动arp的定时清理任务
         await self.arpServer.start()
-        
         await self.startDnsClient()
-        SDLLogger.shared.log("[SDLContext] dns started!!!!")
-        
         await self.startDnsLocalClient()
-        SDLLogger.shared.log("[SDLContext] dns Local running!!!!")
         
         await self.supervisor.addWorker(name: "quicClient") {
             SDLLogger.shared.log("[SDLContext] try start quicClient")
@@ -170,13 +166,14 @@ actor SDLContextActor {
                     // 注册
                     await self.startRegisterLoop()
                 case .pong:
-                    SDLLogger.shared.log("[SDLContext] quic pong")
+                    //SDLLogger.shared.log("[SDLContext] quic pong")
+                    ()
                 case .registerSuperAck(let registerSuperAck):
                     await self.handleRegisterSuperAck(registerSuperAck: registerSuperAck)
                 case .registerSuperNak(let registerSuperNak):
                     await self.handleRegisterSuperNak(nakPacket: registerSuperNak)
                 case .peerInfo(let peerInfo):
-                    SDLLogger.shared.log("[SDLContext] peer message: \(peerInfo)")
+                    //SDLLogger.shared.log("[SDLContext] peer message: \(peerInfo)")
                     await self.puncherActor.handlePeerInfo(using: self.udpHole, peerInfo: peerInfo)
                 case .event(let event):
                     await self.handleEvent(event: event)
@@ -184,7 +181,7 @@ actor SDLContextActor {
                     // 处理权限的请求问题
                     await self.identifyStore.applyPolicyResponse(policyResponse)
                 case .arpResponse(let arpResponse):
-                    SDLLogger.shared.log("[SDLContext] get arp response: \(arpResponse)")
+                    //SDLLogger.shared.log("[SDLContext] get arp response: \(arpResponse)")
                     await self.arpServer.handleArpResponse(arpResponse: arpResponse)
                 }
             }
@@ -323,11 +320,11 @@ actor SDLContextActor {
                     } catch let err {
                         SDLLogger.shared.log("[SDLContext] handleHoleData get err: \(err)")
                     }
-                case .stunReply(let stunReply):
-                    SDLLogger.shared.log("[SDLContext] get a stunReply: \(stunReply)")
+                case .stunReply(_):
+                    //SDLLogger.shared.log("[SDLContext] get a stunReply: \(stunReply)")
+                    ()
                 }
             }
-            
             SDLLogger.shared.log("[SDLContext] udp signalTask cancel")
         }
         
@@ -335,7 +332,7 @@ actor SDLContextActor {
         self.udpHoleWorkers = [pingTask, messageTask]
         
         // 开始探测nat的类型
-        self.probeNatType()
+        await self.probeNatType()
         
         return udpHole
     }
@@ -439,7 +436,6 @@ actor SDLContextActor {
         let regionId = registerSuperAck.regionID
         self.sessionToken = registerSuperAck.sessionToken
         
-        SDLLogger.shared.log("[SDLContext] registerSuperAck use algorithm \(algorithm)", level: .error)
         switch algorithm {
         case "aes":
             self.dataCipher = CCAESChiper(key: key)
@@ -451,7 +447,7 @@ actor SDLContextActor {
             return
         }
         
-        SDLLogger.shared.log("[SDLContext] get registerSuperAck, aes_key len: \(key.count)", level: .info)
+        SDLLogger.shared.log("[SDLContext] registerSuperAck, use algorithm \(algorithm), key len: \(key.count)", level: .info)
         // 服务器分配的tun网卡信息
         do {
             try await self.setNetworkSettings(config: self.config, dnsServer: DNSHelper.dnsServer)
@@ -535,7 +531,7 @@ actor SDLContextActor {
     
     private func handleRegister(remoteAddress: SocketAddress, register: SDLRegister) throws {
         let networkAddr = config.networkAddress
-        SDLLogger.shared.log("register packet: \(register), network_address: \(networkAddr)", level: .debug)
+        SDLLogger.shared.log("[SDLContext] register packet: \(register), network_address: \(networkAddr)", level: .debug)
         
         // 判断目标地址是否是tun的网卡地址, 并且是在同一个网络下
         if register.dstMac == networkAddr.mac && register.networkID == networkAddr.networkId {
@@ -550,7 +546,7 @@ actor SDLContextActor {
             let session = Session(dstMac: register.srcMac, natAddress: remoteAddress)
             self.sessionManager.addSession(session: session)
         } else {
-            SDLLogger.shared.log("SDLContext didReadRegister get a invalid packet, because dst_ip not matched: \(register.dstMac)", level: .warning)
+            SDLLogger.shared.log("[SDLContext] didReadRegister get a invalid packet, because dst_ip not matched: \(register.dstMac)", level: .warning)
         }
     }
     
@@ -561,7 +557,7 @@ actor SDLContextActor {
             let session = Session(dstMac: registerAck.srcMac, natAddress: remoteAddress)
             self.sessionManager.addSession(session: session)
         } else {
-            SDLLogger.shared.log("SDLContext didReadRegisterAck get a invalid packet, because dst_mac not matched: \(registerAck.dstMac)", level: .warning)
+            SDLLogger.shared.log("[SDLContext] didReadRegisterAck get a invalid packet, because dst_mac not matched: \(registerAck.dstMac)", level: .warning)
         }
     }
     
@@ -612,9 +608,14 @@ actor SDLContextActor {
             let ruleMap = identitySnapshot.lookup(data.identityID)
             
             if true || self.checkPolicy(ipPacket: ipPacket, ruleMap: ruleMap) {
+                // 用来做debug
+                if ipPacket.header.source == 168428037 {
+                    SDLLogger.sharedDebug.log("data: \(Array(ipPacket.data)), len: \(ipPacket.data.count)")
+                }
+                
                 let packet = NEPacket(data: ipPacket.data, protocolFamily: 2)
                 self.provider.packetFlow.writePacketObjects([packet])
-                SDLLogger.shared.log("[SDLContext] identity: \(data.identityID), allow", level: .debug)
+                SDLLogger.shared.log("[SDLContext] identity: \(data.identityID), allow, data count: \(ipPacket.data.count)", level: .debug)
             }
             else {
                 SDLLogger.shared.log("[SDLContext] not found identity: \(data.identityID) ruleMap", level: .debug)
@@ -694,81 +695,77 @@ actor SDLContextActor {
     // 处理读取的每个数据包
     private func dealTunPacket(packet: IPPacket) async {
         let networkAddr = self.config.networkAddress
-        
-        if DNSHelper.isDnsRequestPacket(ipPacket: packet) {
-            // 数据是通过offset解析的, dns查询必然是udp包
-            if case .udp(let udpPacket) = packet.transportPacket {
-                let payloadOffset = udpPacket.payloadOffset
-                let dnsParser = DNSParser(data: packet.data, offset: payloadOffset)
-                if let dnsMessage = dnsParser.parse(), let name = dnsMessage.questions.first?.name {
-                    // 如果是内部域名，则转发整个ip包的内容到云端服务器
-                    if name.contains(self.config.networkAddress.networkDomain) {
-                        SDLLogger.shared.log("[Tun] get cloud dns request: \(name)")
-                        self.dnsClient?.forward(ipPacketData: packet.data)
-                    }
-                    // 通过本地的dns解析，发送的是udp的payload部分
-                    else if packet.data.count > payloadOffset {
-                        // 尝试解析下对不对
-                        let dnsPayload = Data(packet.data[payloadOffset..<packet.data.count])
-                        SDLLogger.shared.log("[Tun] get local dns request: \(name)")
-                        
-                        let tracker = DNSLocalClient.DNSTracker(transactionID: dnsMessage.transactionID, clientIP: packet.header.source, clientPort: udpPacket.srcPort, createdAt: Date())
-                        self.dnsLocalClient?.query(tracker: tracker, dnsPayload: dnsPayload)
-                    }
-                }
-            }
-            self.dnsClient?.forward(ipPacketData: packet.data)
-            return
-        } else {
-            return
-        }
-        
         let dstIp = packet.header.destination
+        
         // 本地通讯, 目标地址是本地服务器的ip地址
         if dstIp == networkAddr.ip {
             let nePacket = NEPacket(data: packet.data, protocolFamily: 2)
             self.provider.packetFlow.writePacketObjects([nePacket])
-            return
         }
-        
-        // 外部出去的数据，需要建立FlowSession
-        // 外部数据进来的时候需要查找
-        if let flowSession = packet.flowSession() {
-            self.flowSessionManager.updateSession(flowSession)
-            SDLLogger.shared.log("[SDLContext] flow_session: \(flowSession)", level: .debug)
-        }
-
-        // 判断目标地址是否和当前的网络地址是否在同一个网段
-        // 只有在同一个网段的ip数据才直接发送
-        if SDLUtil.inSameNetwork(ip: dstIp, compareIp: networkAddr.ip, maskLen: networkAddr.maskLen) {
-            // 查找arp缓存中是否有目标mac地址
-            if let dstMac = await self.arpServer.query(ip: dstIp) {
-                SDLLogger.shared.log("[SDLContext] dstIp: \(dstIp.asIpAddress()), dst_mac is: \(SDLUtil.formatMacAddress(mac: dstMac))", level: .debug)
-                await self.routeLayerPacket(dstMac: dstMac, type: .ipv4, data: packet.data)
-            }
-            else {
-                SDLLogger.shared.log("[SDLContext] dstIp: \(dstIp.asIpAddress()) arp query not found, broadcast", level: .debug)
-                //            // 构造arp广播
-                //            let arpReqeust = ARPPacket.arpRequest(senderIP: networkAddr.ip, senderMAC: networkAddr.mac, targetIP: dstIp)
-                //            await self.routeLayerPacket(dstMac: ARPPacket.broadcastMac , type: .arp, data: arpReqeust.marshal())
-                
-                try? await self.arpServer.arpRequest(targetIp: dstIp, use: self.quicClient)
+        // 处理dns的解析
+        else if DNSHelper.isDnsRequestPacket(ipPacket: packet), case .udp(let udpPacket) = packet.transportPacket {
+            // 数据是通过offset解析的, dns查询必然是udp包
+            let payloadOffset = udpPacket.payloadOffset
+            let dnsParser = DNSParser(data: packet.data, offset: payloadOffset)
+            if let dnsMessage = dnsParser.parse(), let name = dnsMessage.questions.first?.name {
+                // 如果是内部域名，则转发整个ip包的内容到云端服务器
+                if name.contains(self.config.networkAddress.networkDomain) {
+                    SDLLogger.shared.log("[SDLContext] get cloud dns request: \(name)")
+                    self.dnsClient?.forward(ipPacketData: packet.data)
+                }
+                // 通过本地的dns解析，发送的是udp的payload部分
+                else {
+                    // 尝试解析下对不对
+                    let dnsPayload = Data(packet.data[payloadOffset..<packet.data.count])
+                    SDLLogger.shared.log("[SDLContext] get local dns request: \(name)")
+                    
+                    let tracker = DNSLocalClient.DNSTracker(transactionID: dnsMessage.transactionID,
+                                                            clientIP: packet.header.source,
+                                                            clientPort: udpPacket.srcPort,
+                                                            createdAt: Date())
+                    self.dnsLocalClient?.query(tracker: tracker, dnsPayload: dnsPayload)
+                }
             }
         }
-        // 不在同一个网段的数据，看到是否配置了网络出口
-        // 如果配置了，转发数据个网络出口，否则丢弃
-        else if let exitNode = config.exitNode {
-            let exitNodeIp: UInt32 = exitNode.exitNodeIp
-            SDLLogger.shared.log("[SDLContext] global dstIp: \(packet.header.destination.asIpAddress())", level: .debug)
-            // 查找arp缓存中是否有目标mac地址
-            if let dstMac = await self.arpServer.query(ip: exitNodeIp) {
-                await self.routeLayerPacket(dstMac: dstMac, type: .ipv4, data: packet.data)
+        else {
+            // 外部出去的数据，需要建立FlowSession
+            // 外部数据进来的时候需要查找
+            if let flowSession = packet.flowSession() {
+                self.flowSessionManager.updateSession(flowSession)
+                //SDLLogger.shared.log("[SDLContext] flow_session: \(flowSession)", level: .debug)
             }
-            else {
-                try? await self.arpServer.arpRequest(targetIp: exitNodeIp, use: self.quicClient)
+            
+            // 判断目标地址是否和当前的网络地址是否在同一个网段
+            // 只有在同一个网段的ip数据才直接发送
+            if SDLUtil.inSameNetwork(ip: dstIp, compareIp: networkAddr.ip, maskLen: networkAddr.maskLen) {
+                // 查找arp缓存中是否有目标mac地址
+                if let dstMac = await self.arpServer.query(ip: dstIp) {
+                    SDLLogger.shared.log("[SDLContext] dstIp: \(dstIp.asIpAddress()), dst_mac is: \(SDLUtil.formatMacAddress(mac: dstMac))", level: .debug)
+                    await self.routeLayerPacket(dstMac: dstMac, type: .ipv4, data: packet.data)
+                }
+                else {
+                    SDLLogger.shared.log("[SDLContext] dstIp: \(dstIp.asIpAddress()) arp query not found, broadcast", level: .debug)
+                    //            // 构造arp广播
+                    //            let arpReqeust = ARPPacket.arpRequest(senderIP: networkAddr.ip, senderMAC: networkAddr.mac, targetIP: dstIp)
+                    //            await self.routeLayerPacket(dstMac: ARPPacket.broadcastMac , type: .arp, data: arpReqeust.marshal())
+                    
+                    try? await self.arpServer.arpRequest(targetIp: dstIp, use: self.quicClient)
+                }
+            }
+            // 不在同一个网段的数据，看到是否配置了网络出口
+            // 如果配置了，转发数据个网络出口，否则丢弃
+            else if let exitNode = config.exitNode {
+                let exitNodeIp: UInt32 = exitNode.exitNodeIp
+                SDLLogger.shared.log("[SDLContext] dstIp: \(packet.header.destination.asIpAddress()), use exit_node: \(exitNodeIp.asIpAddress())", level: .debug)
+                // 查找arp缓存中是否有目标mac地址
+                if let dstMac = await self.arpServer.query(ip: exitNodeIp) {
+                    await self.routeLayerPacket(dstMac: dstMac, type: .ipv4, data: packet.data)
+                }
+                else {
+                    try? await self.arpServer.arpRequest(targetIp: exitNodeIp, use: self.quicClient)
+                }
             }
         }
-        
     }
     
     private func routeLayerPacket(dstMac: Data, type: LayerPacket.PacketType, data: Data) async {
@@ -857,15 +854,13 @@ actor SDLContextActor {
     }
     
     // 探测当前网络的类型
-    private func probeNatType() {
-        Task {
-            guard let udpHole = self.udpHole else {
-                return
-            }
-            // 开始探测nat的类型
-            self.natType = await self.proberActor.probeNatType(using: udpHole)
-            SDLLogger.shared.log("[SDLContext] nat_type is: \(natType)")
+    private func probeNatType() async {
+        guard let udpHole = self.udpHole else {
+            return
         }
+        // 开始探测nat的类型
+        self.natType = await self.proberActor.probeNatType(using: udpHole)
+        SDLLogger.shared.log("[SDLContext] nat_type is: \(natType)")
     }
     
     private func spawnLoop(_ body: @escaping () async throws -> Void) -> Task<Void, Never> {
diff --git a/Tun/Punchnet/DNS/DNSLocalClient.swift b/Tun/Punchnet/DNS/DNSLocalClient.swift
index 9c6613c..d2c1a7e 100644
--- a/Tun/Punchnet/DNS/DNSLocalClient.swift
+++ b/Tun/Punchnet/DNS/DNSLocalClient.swift
@@ -70,7 +70,6 @@ final class DNSLocalClient {
     /// 并发查询：对所有服务器广播
     func query(tracker: DNSTracker, dnsPayload: Data) {
         locker.lock()
-        SDLLogger.shared.log("[DNSLocalClient] query transId: \(tracker.transactionID)")
         self.trackers[tracker.transactionID, default: []].append(tracker)
         locker.unlock()
         
@@ -85,7 +84,6 @@ final class DNSLocalClient {
                 // ！！！核心：由于 AsyncStream 是流式的
                 // 谁先 yield，上层就先收到谁。
                 // 只要上层收到了第一个有效响应并回填给系统，
-                SDLLogger.shared.log("[DNSLocalClient] get response data: \(data.count)")
                 self?.handleResponse(data: data)
             }
             
@@ -106,8 +104,6 @@ final class DNSLocalClient {
         let items = self.trackers.removeValue(forKey: tranId)
         locker.unlock()
         
-        SDLLogger.shared.log("[DNSLocalClient] transId: \(tranId) get response items: \(items?.count)")
-
         items?.forEach { tracker in
             let packet = Self.createDNSResponse(
                 payload: data,
diff --git a/Tun/Punchnet/SDLLogger.swift b/Tun/Punchnet/SDLLogger.swift
index c5bfb70..c3dc148 100644
--- a/Tun/Punchnet/SDLLogger.swift
+++ b/Tun/Punchnet/SDLLogger.swift
@@ -8,6 +8,12 @@ import Foundation
 import os
 
 public class SDLLogger: @unchecked Sendable {
+    
+    public enum Subsystem: String {
+        case punchnet = "com.jihe.punchnet"
+        case debug = "com.jihe.punchnetdebug"
+    }
+    
     public enum Level: Int8, CustomStringConvertible {
         case debug = 0
         case info = 1
@@ -28,14 +34,15 @@ public class SDLLogger: @unchecked Sendable {
         }
     }
     
-    static let shared = SDLLogger(level: .debug)
-    
+    static let shared = SDLLogger(level: .debug, subsystem: .punchnet)
+    static let sharedDebug = SDLLogger(level: .debug, subsystem: .debug)
+
     private let level: Level
     private let log: Logger
     
-    private init(level: Level) {
+    private init(level: Level, subsystem: Subsystem) {
         self.level = level
-        self.log = Logger(subsystem: "com.jihe.punchnet", category: "punchnet")
+        self.log = Logger(subsystem: subsystem.rawValue, category: "punchnet")
     }
     
     public func log(_ message: String, level: Level = .debug) {
diff --git a/Tun/Punchnet/SDLUDPHole.swift b/Tun/Punchnet/SDLUDPHole.swift
index 1425e1f..c17407a 100644
--- a/Tun/Punchnet/SDLUDPHole.swift
+++ b/Tun/Punchnet/SDLUDPHole.swift
@@ -81,7 +81,7 @@ final class SDLUDPHole: ChannelInboundHandler {
         let remoteAddress = envelope.remoteAddress
         
         if let rawBytes = buffer.getBytes(at: buffer.readerIndex, length: buffer.readableBytes) {
-            SDLLogger.shared.log("[SDLUDPHole] get raw bytes: \(rawBytes), from: \(remoteAddress)")
+            SDLLogger.shared.log("[SDLUDPHole] get raw bytes: \(rawBytes.count), from: \(remoteAddress)")
         }
         
         do {