翻墙回国，机场Panda Fan，OpenClash导入服务正常启动后代理不生效

调试日志如下：

OpenClash 调试日志
生成时间: 2021-09-23 15:21:05 插件版本: v0.40.15-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息

#===================== 系统信息 =====================#
主机型号: Newifi-D2
固件版本: OpenWrt SNAPSHOT r2936-d504d9430
LuCI版本: git-20.256.12360-1a54222-1
内核版本: 5.4.72
处理器架构: mipsel_24kc

#此项在使用Tun模式时应为ACCEPT
防火墙转发: ACCEPT

#此项有值时建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: 

#此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 

#===================== 依赖检查 =====================#
dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
jsonfilter: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
iptables-mod-tproxy: 已安装
iptables-mod-extra: 已安装
libcap: 已安装
libcap-bin: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci-19.07): 已安装

#===================== 内核检查 =====================#
运行状态: 运行中
进程pid: 2920
运行权限: 2920: = cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_resource+eip
运行用户: nobody
已选择的架构: linux-mipsle-softfloat

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 
Tun内核文件: 不存在
Tun内核运行权限: 否

Game内核版本: 
Game内核文件: 不存在
Game内核运行权限: 否

Dev内核版本: v1.7.1
Dev内核文件: 存在
Dev内核运行权限: 正常

#===================== 插件设置 =====================#
当前配置文件: /etc/openclash/config/pandafanlyj.yaml
运行模式: fake-ip
默认代理模式: rule
UDP流量转发: 启用
DNS劫持: 停用
自定义DNS: 停用
IPV6-DNS解析: 停用
禁用Dnsmasq缓存: 停用
自定义规则: 停用
仅允许内网: 停用
仅代理命中规则流量: 启用
绕过中国大陆IP: 停用

#启动异常时建议关闭此项后重试
保留配置: 停用

#启动异常时建议关闭此项后重试
第三方规则: ConnersHua_return
第三方规则策略组设置:
GlobalTV: 
AsianTV: 
Proxy: Auto | PandaFan.tel
Apple: 
Netflix: 
Spotify: 
Steam: 
AdBlock: 
Netease Music: 
Speedtest: 
Telegram: 
Microsoft: 
PayPal: 
Domestic: 
Others: Auto | PandaFan.tel

读取的配置文件策略组:
Auto | PandaFan.tel
Proxy
DIRECT
REJECT

#===================== 配置文件 =====================#
port: 7890
socks-port: 7891
allow-lan: true
bind-address: "*"
ipv6: false
mode: rule
log-level: silent
external-controller: 0.0.0.0:9090
experimental:
  ignore-resolve-fail: true
redir-port: 7892
interface-name: eth0.2
external-ui: "/usr/share/openclash/dashboard"
dns:
  listen: 127.0.0.1:7874
  enable: true
  ipv6: false
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/16
  fake-ip-filter:
##Custom fake-ip-filter##
    - '*.lan'
    - 'time.windows.com'
    - 'time.nist.gov'
    - 'time.apple.com'
    - 'time.asia.apple.com'
    - '*.ntp.org.cn'
    - '*.openwrt.pool.ntp.org'
    - 'time1.cloud.tencent.com'
    - 'time.ustc.edu.cn'
    - 'pool.ntp.org'
    - 'ntp.ubuntu.com'
    - 'ntp.aliyun.com'
    - 'ntp1.aliyun.com'
    - 'ntp2.aliyun.com'
    - 'ntp3.aliyun.com'
    - 'ntp4.aliyun.com'
    - 'ntp5.aliyun.com'
    - 'ntp6.aliyun.com'
    - 'ntp7.aliyun.com'
    - 'time1.aliyun.com'
    - 'time2.aliyun.com'
    - 'time3.aliyun.com'
    - 'time4.aliyun.com'
    - 'time5.aliyun.com'
    - 'time6.aliyun.com'
    - 'time7.aliyun.com'
    - '*.time.edu.cn'
    - 'time1.apple.com'
    - 'time2.apple.com'
    - 'time3.apple.com'
    - 'time4.apple.com'
    - 'time5.apple.com'
    - 'time6.apple.com'
    - 'time7.apple.com'
    - 'time1.google.com'
    - 'time2.google.com'
    - 'time3.google.com'
    - 'time4.google.com'
    - 'music.163.com'
    - '*.music.163.com'
    - '*.126.net'
    - 'musicapi.taihe.com'
    - 'music.taihe.com'
    - 'songsearch.kugou.com'
    - 'trackercdn.kugou.com'
    - '*.kuwo.cn'
    - 'api-jooxtt.sanook.com'
    - 'api.joox.com'
    - 'joox.com'
    - 'y.qq.com'
    - '*.y.qq.com'
    - 'streamoc.music.tc.qq.com'
    - 'mobileoc.music.tc.qq.com'
    - 'isure.stream.qqmusic.qq.com'
    - 'dl.stream.qqmusic.qq.com'
    - 'aqqmusic.tc.qq.com'
    - 'amobile.music.tc.qq.com'
    - '*.xiami.com'
    - '*.music.migu.cn'
    - 'music.migu.cn'
    - '*.msftconnecttest.com'
    - '*.msftncsi.com'
    - 'localhost.ptlogin2.qq.com'
    - '+.srv.nintendo.net'
    - '+.stun.playstation.net'
    - 'xbox.*.microsoft.com'
    - '+.xboxlive.com'
    - 'proxy.golang.org'
    - 'stun.*.*'
    - 'stun.*.*.*'
    - 'heartbeat.belkin.com'
    - '*.linksys.com'
    - '*.linksyssmartwifi.com'
##Custom fake-ip-filter END##
  nameserver:
    - 114.114.114.114
    - 119.29.29.29
  fallback:
    - https://cloudflare-dns.com/dns-query
    - https://dns.google/dns-query
    - https://1.1.1.1/dns-query
    - tls://8.8.8.8:853
  fallback-filter:
    geoip: true
    ipcidr:
      - 0.0.0.0/8
      - 10.0.0.0/8
      - 100.64.0.0/10
      - 127.0.0.0/8
      - 169.254.0.0/16
      - 172.16.0.0/12
      - 192.0.0.0/24
      - 192.0.2.0/24
      - 192.88.99.0/24
      - 192.168.0.0/16
      - 198.18.0.0/15
      - 198.51.100.0/24
      - 203.0.113.0/24
      - 224.0.0.0/4
      - 240.0.0.0/4
      - 255.255.255.255/32

#===================== 防火墙设置 =====================#

#NAT chain

# Generated by iptables-save v1.8.4 on Thu Sep 23 15:21:08 2021
*nat
:PREROUTING ACCEPT [67:16541]
:INPUT ACCEPT [75:5064]
:OUTPUT ACCEPT [142:9735]
:POSTROUTING ACCEPT [17:1237]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:openclash - [0:0]
:openclash_output - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -d 8.8.4.4/32 -p tcp -j REDIRECT --to-ports 7892
-A PREROUTING -d 8.8.8.8/32 -p tcp -j REDIRECT --to-ports 7892
-A PREROUTING -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i eth0.2 -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -p tcp -j openclash
-A OUTPUT -j openclash_output
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o eth0.2 -m comment --comment "!fw3" -j zone_wan_postrouting
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -p tcp -j REDIRECT --to-ports 7892
-A openclash_output -p tcp -m tcp --sport 1688 -j RETURN
-A openclash_output -m set --match-set localnetwork dst -j RETURN
-A openclash_output -p tcp -m owner ! --uid-owner 65534 -m multiport --dports 80,443 -j REDIRECT --to-ports 7892
-A openclash_output -d 198.18.0.0/16 -p tcp -m owner ! --uid-owner 65534 -j REDIRECT --to-ports 7892
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -m comment --comment "!fw3" -j FULLCONENAT
-A zone_wan_prerouting -j MINIUPNPD
-A zone_wan_prerouting -j MINIUPNPD
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
-A zone_wan_prerouting -m comment --comment "!fw3" -j FULLCONENAT
COMMIT
# Completed on Thu Sep 23 15:21:08 2021

#Mangle chain

# Generated by iptables-save v1.8.4 on Thu Sep 23 15:21:08 2021
*mangle
:PREROUTING ACCEPT [5700:5517433]
:INPUT ACCEPT [5511:5494648]
:FORWARD ACCEPT [136:7598]
:OUTPUT ACCEPT [4221:3750679]
:POSTROUTING ACCEPT [4359:3758749]
:openclash - [0:0]
-A PREROUTING -p udp -j openclash
-A FORWARD -o eth0.2 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A openclash -p udp -m udp --dport 500 -j RETURN
-A openclash -p udp -m udp --dport 546 -j RETURN
-A openclash -p udp -m udp --dport 68 -j RETURN
-A openclash -m set --match-set localnetwork dst -j RETURN
-A openclash -p udp -m udp --dport 53 -j RETURN
-A openclash -p udp -j TPROXY --on-port 7892 --on-ip 0.0.0.0 --tproxy-mark 0x162/0xffffffff
COMMIT
# Completed on Thu Sep 23 15:21:08 2021

#===================== 路由表状态 =====================#
#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 eth0.2
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0.2
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 br-lan
#ip route list
default via 192.168.0.1 dev eth0.2 proto static src 192.168.0.11 
192.168.0.0/24 dev eth0.2 proto kernel scope link src 192.168.0.11 
192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1 
#ip rule show
0:  from all lookup local
32765:  from all fwmark 0x162 lookup 354
32766:  from all lookup main
32767:  from all lookup default

#===================== 端口占用状态 =====================#
tcp        0      0 :::7892                 :::*                    LISTEN      2920/clash
tcp        0      0 :::9090                 :::*                    LISTEN      2920/clash
tcp        0      0 :::7890                 :::*                    LISTEN      2920/clash
tcp        0      0 :::7891                 :::*                    LISTEN      2920/clash
udp        0      0 127.0.0.1:7874          0.0.0.0:*                           2920/clash
udp        0      0 :::7892                 :::*                                2920/clash
udp        0      0 :::7891                 :::*                                2920/clash

#===================== 测试本机DNS查询 =====================#
Server:     127.0.0.1
Address:    127.0.0.1#53

Name:      www.baidu.com
www.baidu.com   canonical name = www.a.shifen.com
Name:      www.a.shifen.com
www.a.shifen.com    canonical name = www.wshifen.com
Name:      www.wshifen.com
Address 1: 104.193.88.77
Address 2: 104.193.88.123
*** Can't find www.baidu.com: No answer

#===================== resolv.conf.d =====================#
# Interface wan
nameserver 75.75.75.75
nameserver 75.75.76.76
search hsd1.ca.comcast.net.
# Interface wan6
nameserver 2001:558:feed::1
nameserver 2001:558:feed::2

#===================== 测试本机网络连接 =====================#
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Thu, 23 Sep 2021 07:21:09 GMT
Etag: "575e1f6f-115"
Last-Modified: Mon, 13 Jun 2016 02:50:23 GMT
Pragma: no-cache
Server: bfe/1.0.8.18

#===================== 测试本机网络下载 =====================#
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 80
Cache-Control: max-age=300
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
Content-Type: text/plain; charset=utf-8
ETag: "8ff790eec875f63046229028d039a0d25cc0992af45d94e93bad646a0c1aaedf"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
X-GitHub-Request-Id: 5A2C:56E1:238480:327DBF:614BEDF3
Accept-Ranges: bytes
Date: Thu, 23 Sep 2021 07:21:09 GMT
Via: 1.1 varnish
X-Served-By: cache-pao17440-PAO
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1632381669.408183,VS0,VE1
Vary: Authorization,Accept-Encoding,Origin
Access-Control-Allow-Origin: *
X-Fastly-Request-ID: 8712c573b36fd0185aff24d98cbaaa99622aa35d
Expires: Thu, 23 Sep 2021 07:26:09 GMT
Source-Age: 34

#===================== 最近运行日志 =====================#
time="2021-09-22T08:12:09Z" level=info msg="Start initial compatible provider Auto | PandaFan.tel"
time="2021-09-22T08:12:09Z" level=info msg="Start initial compatible provider Proxy"
time="2021-09-22T08:12:09Z" level=info msg="RESTful API listening at: [::]:9090"
2021-09-22 16:11:46 OpenClash Start Successful
2021-09-23 14:59:47 OpenClash Start Successful
2021-09-23 15:02:32 Nameserver Option Must Be Setted, Auto Completed
2021-09-23 15:02:32 OpenClash Start Successful
2021-09-23 15:10:23 OpenClash Start Successful
2021-09-23 15:18:33 OpenClash Start Successful
Upgrading luci-app-openclash on root from 0.40.15-beta to 0.43.05-beta...
2021-09-23 15:20:35 OpenClash-v0.43.05-beta Update Test Fail
vernesong / OpenClash

翻墙回国，机场Panda Fan，OpenClash导入服务正常启动后代理不生效 #1655

调试日志如下：
