diff --git a/libmbim/Makefile b/libmbim/Makefile
index 8b324dd88..02016021c 100644
--- a/libmbim/Makefile
+++ b/libmbim/Makefile
@@ -8,8 +8,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libmbim
-#PKG_SOURCE_VERSION:=1.31.4-dev
-PKG_SOURCE_VERSION:=1866ed53c05916c66c5d52682778a6078e5221d3
+PKG_SOURCE_VERSION:=1.31.6-dev
+#PKG_SOURCE_VERSION:=1866ed53c05916c66c5d52682778a6078e5221d3
 PKG_RELEASE:=1
 
 PKG_SOURCE_PROTO:=git
diff --git a/libqmi/Makefile b/libqmi/Makefile
index 3b2f2df6a..fc43b9048 100644
--- a/libqmi/Makefile
+++ b/libqmi/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libqmi
 #PKG_SOURCE_VERSION:=1.34.0
-PKG_SOURCE_VERSION:=1.35.5-dev
+PKG_SOURCE_VERSION:=1.35.6-dev
 PKG_RELEASE:=1
 
 PKG_SOURCE_PROTO:=git
diff --git a/luci-mod-network/htdocs/luci-static/resources/view/network/wireless.js b/luci-mod-network/htdocs/luci-static/resources/view/network/wireless.js
index 4c2daf588..69200e35a 100644
--- a/luci-mod-network/htdocs/luci-static/resources/view/network/wireless.js
+++ b/luci-mod-network/htdocs/luci-static/resources/view/network/wireless.js
@@ -1237,6 +1237,9 @@ return view.extend({
 				o.depends('encryption', 'psk-mixed');
 				o.value('auto', _('auto'));
 				o.value('ccmp', _('Force CCMP (AES)'));
+				o.value('ccmp256', _('Force CCMP-256 (AES)'));
+				o.value('gcmp', _('Force GCMP (AES)'));
+				o.value('gcmp256', _('Force GCMP-256 (AES)'));
 				o.value('tkip', _('Force TKIP'));
 				o.value('tkip+ccmp', _('Force TKIP and CCMP (AES)'));
 				o.write = ss.children.filter(function(o) { return o.option == 'encryption' })[0].write;
@@ -1806,6 +1809,27 @@ return view.extend({
 						o.placeholder = '201';
 						o.rmempty = true;
 
+						if (L.hasSystemFeature('hostapd', 'ocv') || L.hasSystemFeature('wpasupplicant', 'ocv')) {
+							o = ss.taboption('encryption', form.ListValue, 'ocv', _('Operating Channel Validation'), _("Note: Workaround mode allows a STA that claims OCV capability to connect even if the STA doesn't send OCI or negotiate PMF."));
+							o.value('0', _('Disabled'));
+							o.value('1', _('Enabled'));
+							o.value('2', _('Enabled (workaround mode)'));
+							o.default = '0';
+							o.depends('ieee80211w', '1');
+							o.depends('ieee80211w', '2');
+
+							o.validate = function(section_id, value) {
+								var modeopt = this.section.children.filter(function(o) { return o.option == 'mode' })[0],
+								modeval = modeopt.formvalue(section_id);
+
+								if ((value == '2') && ((modeval == 'sta') || (modeval == 'sta-wds'))) {
+									return _('Workaround mode can only be used when acting as an access point.');
+								}
+
+								return true;
+							}
+						}
+
 						o = ss.taboption('encryption', form.Flag, 'wpa_disable_eapol_key_retries', _('Enable key reinstallation (KRACK) countermeasures'), _('Complicates key reinstallation attacks on the client side by disabling retransmission of EAPOL-Key frames that are used to install keys. This workaround might cause interoperability issues and reduced robustness of key negotiation especially in environments with heavy traffic load.'));
 						add_dependency_permutations(o, { mode: ['ap', 'ap-wds'], encryption: ['psk2', 'psk-mixed', 'sae', 'sae-mixed', 'wpa2', 'wpa3', 'wpa3-mixed'] });
 
diff --git a/luci-proto-modemmanager/htdocs/luci-static/resources/protocol/modemmanager.js b/luci-proto-modemmanager/htdocs/luci-static/resources/protocol/modemmanager.js
index 35ab3824a..6ff97f323 100644
--- a/luci-proto-modemmanager/htdocs/luci-static/resources/protocol/modemmanager.js
+++ b/luci-proto-modemmanager/htdocs/luci-static/resources/protocol/modemmanager.js
@@ -82,12 +82,15 @@ return network.registerProtocol('modemmanager', {
 		o = s.taboption('general', form.Value, 'plmn', _('PLMN'));
 		o.datatype = "uinteger";
 
-		o = s.taboption('general', form.ListValue, 'auth', _('Authentication Type'));
+		o = s.taboption('general', form.DynamicList, 'allowedauth', _('Authentication Type'));
 		o.value('both', _('PAP/CHAP (both)'));
 		o.value('pap', 'PAP');
 		o.value('chap', 'CHAP');
-		o.value('none', _('None'));
-		o.default = 'none';
+		o.value('mschap', 'MSCHAP');
+		o.value('mschapv2', 'MSCHAPv2');
+		o.value('eap', 'EAP');
+		o.value('', _('None'));
+		o.default = '';
 
 		o = s.taboption('general', form.ListValue, 'allowedmode', _('Allowed network technology'),
 			_('Setting the allowed network technology.'));
diff --git a/modemmanager/Makefile b/modemmanager/Makefile
index 9a30af451..21a7e6e78 100644
--- a/modemmanager/Makefile
+++ b/modemmanager/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=modemmanager
-PKG_SOURCE_VERSION:=1.23.9-dev
+PKG_SOURCE_VERSION:=1.23.10-dev
 #PKG_SOURCE_VERSION:=df8287bf6c2febd068d06f0f45194bc622118bd4
 PKG_RELEASE:=20
 
diff --git a/omr-tracker/files/bin/omr-tracker b/omr-tracker/files/bin/omr-tracker
index 8d57e6a8a..ccb3df7e7 100755
--- a/omr-tracker/files/bin/omr-tracker
+++ b/omr-tracker/files/bin/omr-tracker
@@ -161,9 +161,10 @@ _ping() {
 			-Q 184 \
 			"${host}" 2>&1
 		)
+		loss=$(echo "$ret" | awk '/packet loss/ {gsub("%","");print $6}' | tr -d '\n')
 		if [ -n "$loss" ] && [ "$loss" != "100" ]; then
 			if [ "$localip" = "yes" ]; then
-				latency=$(echo "$ret" | grep rtt | cut -d "/" -s -f5 | cut -d "." -f1 | tr -d '\n')
+				latency=$(echo "$ret" | awk -F/ '/rtt/ {print int($5)}' | tr -d '\n')
 				[ -n "$latency" ] && {
 					OMR_TRACKER_LATENCY="$latency"
 					#_update_rto "$OMR_TRACKER_LATENCY"
@@ -184,10 +185,12 @@ _ping() {
 		bindcheck=$(echo "$ret" | grep "Address not available")
 		[ -n "$bindcheck" ] && OMR_TRACKER_NO_BIND=1
 		#loss=$(echo "$ret" | grep 'packet loss' | sed -ne 's/.*\([0-9]\+\)% packet loss.*/\1/p')
-		loss=$(echo "$ret" | grep 'packet loss' | cut -d " " -f6 | sed 's/%//' | tr -d '\n')
+		#loss=$(echo "$ret" | grep 'packet loss' | cut -d " " -f6 | sed 's/%//' | tr -d '\n')
+		loss=$(echo "$ret" | awk '/packet loss/ {gsub("%","");print $6}' | tr -d '\n')
 		if [ -n "$loss" ] && [ "$loss" != "100" ]; then
 			if [ "$localip" = "yes" ]; then
-				latency=$(echo "$ret" | grep rtt | cut -d "/" -s -f5 | cut -d "." -f1 | tr -d '\n')
+				#latency=$(echo "$ret" | grep rtt | cut -d "/" -s -f5 | cut -d "." -f1 | tr -d '\n')
+				latency=$(echo "$ret" | awk -F/ '/rtt/ {print int($5)}' | tr -d '\n')
 				[ -n "$latency" ] && {
 					OMR_TRACKER_LATENCY="$latency"
 					#_update_rto "$OMR_TRACKER_LATENCY"
diff --git a/omr-tracker/files/bin/omr-tracker-server b/omr-tracker/files/bin/omr-tracker-server
index 0dbe104c3..efdcf2618 100755
--- a/omr-tracker/files/bin/omr-tracker-server
+++ b/omr-tracker/files/bin/omr-tracker-server
@@ -166,11 +166,11 @@ _check_master() {
 			local ipd=$1
 			server_ping=false
 			#[ -n "$serverip" ] && [ "$server_ping" = true ] && return
-			ipresolve="$(resolveip -4 $ipd | head -n 1)"
+			ipresolve="$(resolveip -t 5 -4 $ipd | head -n 1)"
 			if [ -n "$ipresolve" ]; then
 				serverip="$ipresolve"
 			else
-				ip6resolve="$(resolveip -6 $ipd | head -n 1)"
+				ip6resolve="$(resolveip -t 5 -6 $ipd | head -n 1)"
 				[ -n "$ip6resolve" ] && serverip="$ip6resolve"
 			fi
 			[ -z "$serverip" ] && return
@@ -374,11 +374,11 @@ _check_backup() {
 			local ipd=$1
 			server_ping=false
 			#[ -n "$serverip" ] && [ "$server_ping" = true ] && return
-			ipresolve="$(resolveip -4 $ipd | head -n 1)"
+			ipresolve="$(resolveip -t 5 -4 $ipd | head -n 1)"
 			if [ -n "$ipresolve" ]; then
 				serverip="$ipresolve"
 			else
-				ip6resolve="$(resolveip -6 $ipd | head -n 1)"
+				ip6resolve="$(resolveip -t 5 -6 $ipd | head -n 1)"
 				[ -n "$ip6resolve" ] && serverip="$ip6resolve"
 			fi
 			[ -z "$serverip" ] && return
diff --git a/openmptcprouter-api/files/usr/libexec/rpcd/openmptcprouter b/openmptcprouter-api/files/usr/libexec/rpcd/openmptcprouter
index 669328767..a3b2747a0 100755
--- a/openmptcprouter-api/files/usr/libexec/rpcd/openmptcprouter
+++ b/openmptcprouter-api/files/usr/libexec/rpcd/openmptcprouter
@@ -902,7 +902,7 @@ function interfaces_status()
 		local master = uci:get("openmptcprouter",s[".name"],"master") or "1"
 		local current = uci:get("openmptcprouter",s[".name"],"current") or "0"
 		for key, value in pairs(serverips) do
-			serverip = sys.exec('resolveip ' .. value .. ' | head -n 1 | tr -d "\n"')
+			serverip = sys.exec('resolveip -t 1 ' .. value .. ' | head -n 1 | tr -d "\n"')
 			if serverip ~= "" and (current == "1" or mArray.openmptcprouter["wan_addr"] == serverip or mArray.openmptcprouter["wan_addr6"] == serverip) and mArray.openmptcprouter["vps_admin"] == false then
 				mArray.openmptcprouter["vps_omr_version"] = uci:get("openmptcprouter", s[".name"], "omr_version") or ""
 				mArray.openmptcprouter["vps_kernel"] = uci:get("openmptcprouter",s[".name"],"kernel") or ""
@@ -1511,9 +1511,9 @@ function interfaces_status()
 							serverip = mArray.openmptcprouter["wan_addr"]
 						end
 						if gateway ~= "" then
-							serverip = sys.exec('resolveip -4 ' .. value .. ' | head -n 1')
+							serverip = sys.exec('resolveip -t 1 -4 ' .. value .. ' | head -n 1')
 						elseif gateway6 ~= "" then
-							serverip = sys.exec('resolveip -6 ' .. value .. ' | head -n 1')
+							serverip = sys.exec('resolveip -t 1 -6 ' .. value .. ' | head -n 1')
 						end
 						if serverip == "" then
 							serverip = value
diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps
index 66ac0ef2d..68d0b9631 100755
--- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps
+++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps
@@ -44,7 +44,7 @@ _login() {
 		login_on_server() {
 			server=$1
 			#auth=`curl --max-time 10 -s -k -H "Content-Type: application/json" -X POST -d '{"username":"'$username'","password":"'$password'"}' https://$server:$serverport/login`
-			resolve="$(resolveip $server)"
+			resolve="$(resolveip -t 5 $server)"
 			valid_ip6=$(valid_subnet6 $server)
 			if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then
 				auth=`curl --max-time 10 -s -k -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -X POST -d 'username='$username'&password='$password https://$server:$serverport/token`
@@ -72,7 +72,7 @@ _get_json() {
 	route=$1
 	[ -z "$token" ] && _login
 	[ -n "$token" ] && {
-		resolve="$(resolveip $server)"
+		resolve="$(resolveip -t 5 $server)"
 		valid_ip6=$(valid_subnet6 $server)
 		if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then
 			result=`curl --max-time 10 -s -k -H "accept: application/json" -H "Authorization: Bearer $token" https://$server:$serverport/$route`
@@ -94,7 +94,7 @@ _set_json() {
 	settings="$2"
 	[ -z "$token" ] && _login
 	[ -n "$token" ] && {
-		resolve="$(resolveip $server)"
+		resolve="$(resolveip -t 5 $server)"
 		valid_ip6=$(valid_subnet6 $server)
 		if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then
 			result=`curl --max-time 10 -s -k -H "Authorization: Bearer $token" -H "Content-Type: application/json" -X POST -d "$settings" https://$server:$serverport/$route`
@@ -507,11 +507,11 @@ _get_vps_config() {
 		fi
 	fi
 	vpsip="$(uci -q get openmptcprouter.${servername}.ip | awk '{print $1}')"
-	ipresolve="$(resolveip -4 $vpsip | head -n 1)"
+	ipresolve="$(resolveip -t 5 -4 $vpsip | head -n 1)"
 	if [ -n "$ipresolve" ]; then
 		vpsip="$ipresolve"
 	else
-		ip6resolve="$(resolveip -6 $vpsip | head -n 1)"
+		ip6resolve="$(resolveip -t 5 -6 $vpsip | head -n 1)"
 		[ -n "$ip6resolve" ] && vpsip="$ip6resolve"
 	fi
 	if [ -n "$(uci -q get shadowsocks-libev.sss0)" ] && [ "$(uci -q get shadowsocks-libev.sss0.server)" != "127.0.0.1" ] && [ "$(uci -q get shadowsocks-libev.sss0.server)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then
@@ -941,7 +941,7 @@ _set_lan_ip() {
 	local settings
 	[ -z "$vps_config" ] && vps_config=$(_get_json "config")
 	[ -z "$vps_config" ] && return
-	lanip_current="$(echo "$vps_config" | jsonfilter -q -e '@.lan.ips' | sed -e 's:\\::g' -e 's:\[::g' -e 's:\]::g')"
+	lanip_current="$(echo "$vps_config" | jsonfilter -q -e '@.lan.ips' | sed -e 's:\\::g' -e 's:\[::g' -e 's:\]::g' -e 's/^[[:blank:]]*//;s/[[:blank:]]*$//')"
 	if [ "$lanips" != "" ] && [ "$lanip_current" != "$lanips" ]; then
 	#if [ "$lanips" != "" ]; then
 		settings='{"lanips" : ['$lanips']}'
@@ -2189,7 +2189,7 @@ _get_token() {
 		port="$(uci -q get openmptcprouter.${servername}.port)"
 		api_test() {
 			server="$1"
-			resolve="$(resolveip $server)"
+			resolve="$(resolveip -t 5 $server)"
 			valid_ip6=$(valid_subnet6 $server)
 			if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then
 				if [ "$(curl -k -m 3 https://${server}:${port}/)" = "" ]; then
diff --git a/shadowsocks-libev/files/shadowsocks-libev.init-nft b/shadowsocks-libev/files/shadowsocks-libev.init-nft
index becc703e5..ee56e2088 100755
--- a/shadowsocks-libev/files/shadowsocks-libev.init-nft
+++ b/shadowsocks-libev/files/shadowsocks-libev.init-nft
@@ -222,7 +222,7 @@ ss_rules_nft_gen() {
 	[ -z "$remote_servers" ] && remote_servers="$(echo $ss_redir_servers \
 		| tr ' ' '\n' \
 		| sort -u \
-		| xargs -n 1 resolveip \
+		| xargs -n 1 resolveip -t 5 \
 		| sort -u)"
 
 	local tmp="/tmp/ssrules"
diff --git a/shadowsocks-libev/files/ss-rules b/shadowsocks-libev/files/ss-rules
index e945d9ef9..ee8f05472 100755
--- a/shadowsocks-libev/files/ss-rules
+++ b/shadowsocks-libev/files/ss-rules
@@ -127,7 +127,7 @@ ss_rules_parse_args() {
 		__errmsg "Please install iptables-mod-conntrack-extra with opkg"
 		return 1
 	fi
-	o_remote_servers="$(for s in $o_remote_servers; do resolveip -4 "$s"; done)"
+	o_remote_servers="$(for s in $o_remote_servers; do resolveip -t 5 -4 "$s"; done)"
 }
 
 ss_rules_flush() {
diff --git a/shadowsocks-libev/files/ss-rules6 b/shadowsocks-libev/files/ss-rules6
index 2c2a3eddc..701c7c7ca 100755
--- a/shadowsocks-libev/files/ss-rules6
+++ b/shadowsocks-libev/files/ss-rules6
@@ -111,7 +111,7 @@ ss_rules6_parse_args() {
 		__errmsg "Please install ip6tables-mod-conntrack-extra with opkg"
 		return 1
 	fi
-	o_remote_servers="$(for s in $o_remote_servers; do resolveip -6 "$s"; done)"
+	o_remote_servers="$(for s in $o_remote_servers; do resolveip -t 5 -6 "$s"; done)"
 }
 
 ss_rules6_flush() {
diff --git a/shadowsocks-rust/files/shadowsocks-rust.init-nft b/shadowsocks-rust/files/shadowsocks-rust.init-nft
index 7eac4c4a9..98d879b44 100755
--- a/shadowsocks-rust/files/shadowsocks-rust.init-nft
+++ b/shadowsocks-rust/files/shadowsocks-rust.init-nft
@@ -194,7 +194,7 @@ ss_rules_nft_gen() {
 	[ -z "$remote_servers" ] && remote_servers="$(echo $ss_redir_servers \
 		| tr ' ' '\n' \
 		| sort -u \
-		| xargs -n 1 resolveip \
+		| xargs -n 1 resolveip -t 5 \
 		| sort -u)"
 
 	local tmp="/tmp/ssrrules"
diff --git a/shadowsocks-rust/files/ssr-rules b/shadowsocks-rust/files/ssr-rules
index e945d9ef9..ee8f05472 100755
--- a/shadowsocks-rust/files/ssr-rules
+++ b/shadowsocks-rust/files/ssr-rules
@@ -127,7 +127,7 @@ ss_rules_parse_args() {
 		__errmsg "Please install iptables-mod-conntrack-extra with opkg"
 		return 1
 	fi
-	o_remote_servers="$(for s in $o_remote_servers; do resolveip -4 "$s"; done)"
+	o_remote_servers="$(for s in $o_remote_servers; do resolveip -t 5 -4 "$s"; done)"
 }
 
 ss_rules_flush() {
diff --git a/shadowsocks-rust/files/ssr-rules6 b/shadowsocks-rust/files/ssr-rules6
index 2c2a3eddc..701c7c7ca 100755
--- a/shadowsocks-rust/files/ssr-rules6
+++ b/shadowsocks-rust/files/ssr-rules6
@@ -111,7 +111,7 @@ ss_rules6_parse_args() {
 		__errmsg "Please install ip6tables-mod-conntrack-extra with opkg"
 		return 1
 	fi
-	o_remote_servers="$(for s in $o_remote_servers; do resolveip -6 "$s"; done)"
+	o_remote_servers="$(for s in $o_remote_servers; do resolveip -t 5 -6 "$s"; done)"
 }
 
 ss_rules6_flush() {
diff --git a/v2ray-core/files/etc/init.d/v2ray-nft b/v2ray-core/files/etc/init.d/v2ray-nft
index 006e1428f..5f61c6562 100755
--- a/v2ray-core/files/etc/init.d/v2ray-nft
+++ b/v2ray-core/files/etc/init.d/v2ray-nft
@@ -468,7 +468,7 @@ add_v2ray_redirect_rules() {
 	remote_servers="$(echo $OUTBOUND_SERVERS \
 		| tr ' ' '\n' \
 		| sort -u \
-		| xargs -n 1 resolveip \
+		| xargs -n 1 resolveip -t 5 \
 		| sort -u)"
 
 	[ "$(uci -q get v2ray.main_transparent_proxy.redirect_udp)" = "1" ] && [ "$(uci -q get v2ray.omrout.protocol)" != "socks" ] && portudp="$port"
diff --git a/v2ray-core/files/usr/bin/v2ray-rules b/v2ray-core/files/usr/bin/v2ray-rules
index c65682622..f4c653692 100755
--- a/v2ray-core/files/usr/bin/v2ray-rules
+++ b/v2ray-core/files/usr/bin/v2ray-rules
@@ -128,7 +128,7 @@ v2r_rules_parse_args() {
 		__errmsg "Please install iptables-mod-conntrack-extra with opkg"
 		return 1
 	fi
-	o_remote_servers="$(for s in $o_remote_servers; do resolveip -4 "$s"; done)"
+	o_remote_servers="$(for s in $o_remote_servers; do resolveip -t 5 -4 "$s"; done)"
 }
 
 v2r_rules_flush() {
diff --git a/v2ray-core/files/usr/bin/v2ray-rules6 b/v2ray-core/files/usr/bin/v2ray-rules6
index 2a96bdf94..cc5068eaf 100755
--- a/v2ray-core/files/usr/bin/v2ray-rules6
+++ b/v2ray-core/files/usr/bin/v2ray-rules6
@@ -111,7 +111,7 @@ v2ray_rules6_parse_args() {
 		__errmsg "Please install ip6tables-mod-conntrack-extra with opkg"
 		return 1
 	fi
-	o_remote_servers="$(for s in $o_remote_servers; do resolveip -6 "$s"; done)"
+	o_remote_servers="$(for s in $o_remote_servers; do resolveip -t 5 -6 "$s"; done)"
 }
 
 v2ray_rules6_flush() {
diff --git a/xray-core/files/etc/init.d/xray-nft b/xray-core/files/etc/init.d/xray-nft
index 506ffe052..3bbdf2935 100755
--- a/xray-core/files/etc/init.d/xray-nft
+++ b/xray-core/files/etc/init.d/xray-nft
@@ -480,7 +480,7 @@ add_xray_redirect_rules() {
 	remote_servers="$(echo $OUTBOUND_SERVERS \
 		| tr ' ' '\n' \
 		| sort -u \
-		| xargs -n 1 resolveip \
+		| xargs -n 1 resolveip -t 5 \
 		| sort -u)"
 
 	[ "$(uci -q get xray.main_transparent_proxy.redirect_udp)" = "1" ] && [ "$(uci -q get xray.omrout.protocol)" != "socks" ] && portudp="$port"
diff --git a/xray-core/files/usr/bin/xray-rules b/xray-core/files/usr/bin/xray-rules
index d96ebc73b..f9dd15105 100755
--- a/xray-core/files/usr/bin/xray-rules
+++ b/xray-core/files/usr/bin/xray-rules
@@ -128,7 +128,7 @@ xr_rules_parse_args() {
 		__errmsg "Please install iptables-mod-conntrack-extra with opkg"
 		return 1
 	fi
-	o_remote_servers="$(for s in $o_remote_servers; do resolveip -4 "$s"; done)"
+	o_remote_servers="$(for s in $o_remote_servers; do resolveip -t 5 -4 "$s"; done)"
 }
 
 xr_rules_flush() {
diff --git a/xray-core/files/usr/bin/xray-rules6 b/xray-core/files/usr/bin/xray-rules6
index accbc7d0f..32dbb9552 100755
--- a/xray-core/files/usr/bin/xray-rules6
+++ b/xray-core/files/usr/bin/xray-rules6
@@ -111,7 +111,7 @@ xray_rules6_parse_args() {
 		__errmsg "Please install ip6tables-mod-conntrack-extra with opkg"
 		return 1
 	fi
-	o_remote_servers="$(for s in $o_remote_servers; do resolveip -6 "$s"; done)"
+	o_remote_servers="$(for s in $o_remote_servers; do resolveip -t 5 -6 "$s"; done)"
 }
 
 xray_rules6_flush() {