OpenClash正常启动，但无法翻墙。同样的订阅，手机使用CFA则可用

在规则模式下，OpenClash的控制面板的连接数为0，所以期待修复
调试日志如下：

`OpenClash 调试日志

生成时间: 2022-04-07 12:09:41
插件版本: v0.44.42-beta
隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息

#===================== 系统信息 =====================#

主机型号: Xiaomi Redmi Router AX6S
固件版本: OpenWrt 22.03-SNAPSHOT r19208-30614c6cfa
LuCI版本: git-20.074.84698-ead5e81
内核版本: 5.10.108
处理器架构: aarch64_cortex-a53

#此项有值时,如不使用IPv6,建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: 

#此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 127.0.0.1#7874

#===================== 依赖检查 =====================#

dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
iptables-mod-tproxy: 已安装
kmod-ipt-tproxy: 已安装
iptables-mod-extra: 已安装
kmod-ipt-extra: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
ruby-psych: 已安装
ruby-pstore: 已安装
ruby-dbm: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci-19.07): 已安装
kmod-inet-diag(PROCESS-NAME): 已安装

#===================== 内核检查 =====================#

运行状态: 运行中
进程pid: 8207
运行权限: 8207: cap_dac_override,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_ptrace,cap_sys_resource=eip
运行用户: nobody
已选择的架构: linux-armv8

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 2022.03.21
Tun内核文件: 存在
Tun内核运行权限: 正常

Dev内核版本: v1.10.0
Dev内核文件: 存在
Dev内核运行权限: 正常

#===================== 插件设置 =====================#

当前配置文件: /etc/openclash/config/JackClash-SSNZ.yaml
启动配置文件: /etc/openclash/JackClash-SSNZ.yaml
运行模式: redir-host
默认代理模式: rule
UDP流量转发(tproxy): 停用
DNS劫持: 启用
自定义DNS: 启用
IPV6代理: 停用
IPV6-DNS解析: 停用
禁用Dnsmasq缓存: 启用
自定义规则: 停用
仅允许内网: 启用
仅代理命中规则流量: 停用
仅允许常用端口流量: 启用
绕过中国大陆IP: 启用
DNS远程解析: 启用
路由本机代理: 停用

#启动异常时建议关闭此项后重试
混合节点: 停用
保留配置: 停用

#启动异常时建议关闭此项后重试
第三方规则: 停用

#===================== 配置文件 =====================#

mixed-port: 7893
socks-port: 7891
redir-port: 7892
tproxy-port: 7895
allow-lan: true
bind-address: "*"
ipv6: false
mode: rule
log-level: silent
external-controller: 0.0.0.0:9090
experimental:
  ignore-resolve-fail: true
dns:
  enable: true
  ipv6: false
  listen: 0.0.0.0:7874
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/16
  fake-ip-filter:
  - "*.lan"
  - "*.localdomain"
  - "*.example"
  - "*.invalid"
  - "*.localhost"
  - "*.test"
  - "*.local"
  - "*.home.arpa"
  - time.*.com
  - time.*.gov
  - time.*.edu.cn
  - time.*.apple.com
  - time1.*.com
  - time2.*.com
  - time3.*.com
  - time4.*.com
  - time5.*.com
  - time6.*.com
  - time7.*.com
  - ntp.*.com
  - ntp1.*.com
  - ntp2.*.com
  - ntp3.*.com
  - ntp4.*.com
  - ntp5.*.com
  - ntp6.*.com
  - ntp7.*.com
  - "*.time.edu.cn"
  - "*.ntp.org.cn"
  - "+.pool.ntp.org"
  - time1.cloud.tencent.com
  - music.163.com
  - "*.music.163.com"
  - "*.126.net"
  - musicapi.taihe.com
  - music.taihe.com
  - songsearch.kugou.com
  - trackercdn.kugou.com
  - "*.kuwo.cn"
  - api-jooxtt.sanook.com
  - api.joox.com
  - joox.com
  - y.qq.com
  - "*.y.qq.com"
  - streamoc.music.tc.qq.com
  - mobileoc.music.tc.qq.com
  - isure.stream.qqmusic.qq.com
  - dl.stream.qqmusic.qq.com
  - aqqmusic.tc.qq.com
  - amobile.music.tc.qq.com
  - "*.xiami.com"
  - "*.music.migu.cn"
  - music.migu.cn
  - "+.msftconnecttest.com"
  - "+.msftncsi.com"
  - msftconnecttest.com
  - msftncsi.com
  - localhost.ptlogin2.qq.com
  - localhost.sec.qq.com
  - "+.srv.nintendo.net"
  - "*.n.n.srv.nintendo.net"
  - "+.stun.playstation.net"
  - xbox.*.*.microsoft.com
  - "*.*.xboxlive.com"
  - xbox.*.microsoft.com
  - xnotify.xboxlive.com
  - "+.battlenet.com.cn"
  - "+.wotgame.cn"
  - "+.wggames.cn"
  - "+.wowsgame.cn"
  - "+.wargaming.net"
  - proxy.golang.org
  - stun.*.*
  - stun.*.*.*
  - "+.stun.*.*"
  - "+.stun.*.*.*"
  - "+.stun.*.*.*.*"
  - "+.stun.*.*.*.*.*"
  - heartbeat.belkin.com
  - "*.linksys.com"
  - "*.linksyssmartwifi.com"
  - "*.router.asus.com"
  - mesu.apple.com
  - swscan.apple.com
  - swquery.apple.com
  - swdownload.apple.com
  - swcdn.apple.com
  - swdist.apple.com
  - lens.l.google.com
  - stun.l.google.com
  - "+.nflxvideo.net"
  - "*.square-enix.com"
  - "*.finalfantasyxiv.com"
  - "*.ffxiv.com"
  - "*.ff14.sdo.com"
  - ff.dorado.sdo.com
  - "*.mcdn.bilivideo.cn"
  - "+.media.dssott.com"
  - shark007.net
  - "+.*"
  default-nameserver:
  - 117.50.10.10
  - 114.114.114.114
  - 119.29.29.29
  fallback-filter:
    geoip: false
    geoip-code: CN
    ipcidr:
    - 0.0.0.0/8
    - 10.0.0.0/8
    - 100.64.0.0/10
    - 127.0.0.0/8
    - 169.254.0.0/16
    - 172.16.0.0/12
    - 192.0.0.0/24
    - 192.0.2.0/24
    - 192.88.99.0/24
    - 192.168.0.0/16
    - 198.18.0.0/15
    - 198.51.100.0/24
    - 203.0.113.0/24
    - 224.0.0.0/4
    - 240.0.0.0/4
    - 255.255.255.255/32
    domain:
    - "+.google.com"
    - "+.facebook.com"
    - "+.youtube.com"
    - "+.githubusercontent.com"
    - "+.googlevideo.com"
    - "+.msftconnecttest.com"
    - "+.msftncsi.com"
    - msftconnecttest.com
    - msftncsi.com
  nameserver:
  - 114.114.114.114
  - 119.29.29.29
  - https://doh.pub/dns-query
  - https://dns.alidns.com/dns-query
  fallback:
  - https://dns.cloudflare.com/dns-query
  - https://public.dns.iij.jp/dns-query
  - https://jp.tiar.app/dns-query
  - https://jp.tiarap.org/dns-query
  - tls://dot.tiar.app
proxy-groups:
- name: 自动测速
  type: url-test
  url: http://www.msftncsi.com/ncsi.txt
  interval: 231
  tolerance: 100
  proxies:
  - Japan-PRO-JP1-1-Rate:0.2
  - Japan-PRO-JP1-2-Rate:0.2
  - Japan-PRO-JP1-3-Rate:0.2
  - Japan-PRO-JP1-4-Rate:0.2
  - Japan-PRO-JP1-5-Rate:0.2
  - Japan-PRO-JP1-6-Rate:0.2
  - Japan-PRO-JP1-7-Rate:0.2
  - Japan-PRO-JP1-8-Rate:0.2
  - Japan-PRO-JP2-1-Rate:0.5
  - Japan-PRO-JP2-2-Rate:0.5
  - Japan-PRO-JP2-3-Rate:0.5
  - Japan-PRO-JP2-4-Rate:0.5
- name: OneDrive
  type: select
  proxies:
  - 节点选择
  - DIRECT
- name: 苹果服务
  type: select
  proxies:
  - DIRECT
  - 节点选择
- name: 节点选择
  type: select
  proxies:
  - 自动测速
  - Japan-PRO-JP1-1-Rate:0.2
  - Japan-PRO-JP1-2-Rate:0.2
  - Japan-PRO-JP1-3-Rate:0.2
  - Japan-PRO-JP1-4-Rate:0.2
  - Japan-PRO-JP1-5-Rate:0.2
  - Japan-PRO-JP1-6-Rate:0.2
  - Japan-PRO-JP1-7-Rate:0.2
  - Japan-PRO-JP1-8-Rate:0.2
  - Japan-PRO-JP2-1-Rate:0.5
  - Japan-PRO-JP2-2-Rate:0.5
  - Japan-PRO-JP2-3-Rate:0.5
  - Japan-PRO-JP2-4-Rate:0.5
  - DIRECT
- name: 电报消息
  type: select
  proxies:
  - 节点选择
- name: 漏网之鱼
  type: select
  proxies:
  - 节点选择
  - DIRECT
rules:
- IP-CIDR,198.18.0.1/16,REJECT,no-resolve
- SRC-IP-CIDR,192.168.62.1/32,DIRECT
- SRC-IP-CIDR,198.18.0.1/32,DIRECT
- DOMAIN-SUFFIX,youtube.com,节点选择
- DOMAIN-SUFFIX,music.youtube.com,节点选择
- DOMAIN-SUFFIX,doubleclick.net,节点选择
- DOMAIN-SUFFIX,googlevideo.com,节点选择
- DOMAIN-SUFFIX,googleapis.cn,节点选择
- DOMAIN-SUFFIX,googleapis.com,节点选择
- DOMAIN-SUFFIX,google.cn,节点选择
- DOMAIN-SUFFIX,google.com.hk,节点选择
- IP-CIDR,91.105.192.0/23,电报消息
- IP-CIDR,91.108.4.0/22,电报消息
- IP-CIDR,91.108.8.0/21,电报消息
- IP-CIDR,91.108.16.0/21,电报消息
- IP-CIDR,91.108.56.0/22,电报消息
- IP-CIDR,95.161.64.0/20,电报消息
- IP-CIDR,149.154.160.0/20,电报消息
- IP-CIDR,185.76.151.0/24,电报消息
- IP-CIDR6,2001:67c:4e8::/48,电报消息
- IP-CIDR6,2001:b28:f23c::/47,电报消息
- IP-CIDR6,2001:b28:f23f::/48,电报消息
- IP-CIDR6,2a0a:f280:203::/48,电报消息
- IP-CIDR,9.9.9.0/24,节点选择
- IP-CIDR,149.112.112.0/24,节点选择
- DOMAIN-SUFFIX,quad9.net,节点选择
- DOMAIN-SUFFIX,opendns.com,节点选择
- GEOIP,LAN,DIRECT
- GEOIP,PRIVATE,DIRECT
- DOMAIN,router.asus.com,DIRECT
- DOMAIN-SUFFIX,lan,DIRECT
- DOMAIN-SUFFIX,localdomain,DIRECT
- DOMAIN-SUFFIX,example,DIRECT
- DOMAIN-SUFFIX,invalid,DIRECT
- DOMAIN-SUFFIX,localhost,DIRECT
- DOMAIN-SUFFIX,test,DIRECT
- DOMAIN-SUFFIX,local,DIRECT
- DOMAIN-SUFFIX,home.arpa,DIRECT
- DOMAIN-SUFFIX,msftconnecttest.com,DIRECT
- DOMAIN-SUFFIX,msftncsi.com,DIRECT
- DOMAIN-SUFFIX,localhost.sec.qq.com,DIRECT
- DOMAIN-SUFFIX,localhost.ptlogin2.qq.com,DIRECT
- DOMAIN-SUFFIX,githubusercontent.com,节点选择
- DOMAIN-KEYWORD,scihub,节点选择
- DOMAIN-KEYWORD,sci-hub,节点选择
- DOMAIN-SUFFIX,linkedin.com,节点选择

...............................（省略掉的rules片段）

- DOMAIN-SUFFIX,zyxel.com,节点选择
- DOMAIN-SUFFIX,zyzc9.com,节点选择
- DOMAIN-SUFFIX,zzcartoon.com,节点选择
- DOMAIN-SUFFIX,zzcloud.me,节点选择
- DOMAIN-SUFFIX,zzux.com,节点选择
- GEOIP,CN,DIRECT
- MATCH,漏网之鱼
port: 7890
external-ui: "/usr/share/openclash/dashboard"
profile:
  store-selected: true
  store-fake-ip: true

#===================== 防火墙设置 =====================#

#IPv4 NAT chain

#IPv4 Mangle chain

# Generated by iptables-save v1.8.7 on Thu Apr  7 12:09:44 2022
*mangle
:PREROUTING ACCEPT [9612:1322678]
:INPUT ACCEPT [6202:986488]
:FORWARD ACCEPT [3334:322374]
:OUTPUT ACCEPT [6838:2835758]
:POSTROUTING ACCEPT [10172:3158132]
COMMIT
# Completed on Thu Apr  7 12:09:44 2022

#IPv4 Filter chain

# Generated by iptables-save v1.8.7 on Thu Apr  7 12:09:44 2022
*filter
:INPUT ACCEPT [6332:1009176]
:FORWARD ACCEPT [3378:325799]
:OUTPUT ACCEPT [7074:2948238]
COMMIT
# Completed on Thu Apr  7 12:09:44 2022

#IPv6 NAT chain

#IPv6 Mangle chain

#IPv6 Filter chain

#===================== IPSET状态 =====================#

Name: china_ip_route
Name: localnetwork
Name: common_ports

#===================== 路由表状态 =====================#

#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.26.28.254   0.0.0.0         UG    0      0        0 wan
172.26.28.0     0.0.0.0         255.255.255.0   U     0      0        0 wan
192.168.62.0    0.0.0.0         255.255.255.0   U     0      0        0 br-lan
#ip route list
default via 172.26.28.254 dev wan proto static src 172.26.28.3 
172.26.28.0/24 dev wan proto kernel scope link src 172.26.28.3 
192.168.62.0/24 dev br-lan proto kernel scope link src 192.168.62.1 
#ip rule show
0:  from all lookup local
32766:  from all lookup main
32767:  from all lookup default

#===================== 端口占用状态 =====================#

tcp        0      0 :::7895                 :::*                    LISTEN      8207/clash
tcp        0      0 :::9090                 :::*                    LISTEN      8207/clash
tcp        0      0 :::7890                 :::*                    LISTEN      8207/clash
tcp        0      0 :::7891                 :::*                    LISTEN      8207/clash
tcp        0      0 :::7892                 :::*                    LISTEN      8207/clash
tcp        0      0 :::7893                 :::*                    LISTEN      8207/clash
udp        0      0 :::7874                 :::*                                8207/clash
udp        0      0 :::7891                 :::*                                8207/clash
udp        0      0 :::7892                 :::*                                8207/clash
udp        0      0 :::7893                 :::*                                8207/clash
udp        0      0 :::7895                 :::*                                8207/clash

#===================== 测试本机DNS查询 =====================#

Server:     127.0.0.1
Address:    127.0.0.1:53

www.baidu.com   canonical name = www.a.shifen.com
Name:   www.a.shifen.com
Address: 36.152.44.95
Name:   www.a.shifen.com
Address: 36.152.44.96

#===================== resolv.conf.d =====================#

# Interface wan
nameserver 210.34.80.2
nameserver 218.85.157.99

#===================== 测试本机网络连接 =====================#

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Thu, 07 Apr 2022 04:09:44 GMT
Etag: "575e1f7c-115"
Last-Modified: Mon, 13 Jun 2016 02:50:36 GMT
Pragma: no-cache
Server: bfe/1.0.8.18

#===================== 测试本机网络下载 =====================#

HTTP/2 200 
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: "16c1cabfce4b2c499fc6633a2ae11448106afdabf6ae893645053c31b2d1d15c"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 1F10:5453:11CD20:18B0EF:62488AF1
accept-ranges: bytes
date: Thu, 07 Apr 2022 04:09:45 GMT
via: 1.1 varnish
x-served-by: cache-hkg17920-HKG
x-cache: HIT
x-cache-hits: 1
x-timer: S1649304586.605248,VS0,VE270
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
x-fastly-request-id: f517cca6cd9c3348b120ae5a4491e0a671ccf9d7
expires: Thu, 07 Apr 2022 04:14:45 GMT
source-age: 0
content-length: 80

#===================== 最近运行日志 =====================#

2022-04-07 12:02:17 Step 6: Delete OpenClash Residue File...
2022-04-07 12:02:17 OpenClash Start Running...
2022-04-07 12:02:17 Step 1: Get The Configuration...
2022-04-07 12:02:17 Step 2: Check The Components...
2022-04-07 12:02:18 Tip: Because of the file【 /etc/config/openclash 】modificated, Pause quick start...
2022-04-07 12:02:18 Step 3: Modify The Config File...
2022-04-07 12:02:29 Step 4: Start Running The Clash Core...
2022-04-07 12:02:29 Tip: Detected The Exclusive Function of The TUN Core, Use TUN Core to Start...
2022-04-07 12:02:29 Step 5: Check The Core Status...
time="2022-04-07T04:02:30Z" level=info msg="Start initial compatible provider 节点选择"
time="2022-04-07T04:02:30Z" level=info msg="Start initial compatible provider OneDrive"
time="2022-04-07T04:02:30Z" level=info msg="Start initial compatible provider 漏网之鱼"
time="2022-04-07T04:02:30Z" level=info msg="Start initial compatible provider 电报消息"
time="2022-04-07T04:02:30Z" level=info msg="Start initial compatible provider 苹果服务"
time="2022-04-07T04:02:30Z" level=info msg="Start initial compatible provider 自动测速"
time="2022-04-07T04:02:30Z" level=info msg="DNS server listening at: [::]:7874"
time="2022-04-07T04:02:30Z" level=info msg="RESTful API listening at: [::]:9090"
2022-04-07 12:02:32 Step 6: Wait For The File Downloading...
2022-04-07 12:02:33 Step 7: Set Control Panel...
2022-04-07 12:02:33 Step 8: Set Firewall Rules...
2022-04-07 12:02:33 Step 9: Restart Dnsmasq...
2022-04-07 12:02:36 Step 10: Add Cron Rules, Start Daemons...
2022-04-07 12:02:36 OpenClash Start Successful!
2022-04-07 12:04:19 OpenClash Stoping...
2022-04-07 12:04:19 Step 1: Backup The Current Groups State...
2022-04-07 12:04:19 Step 2: Delete OpenClash Firewall Rules...
2022-04-07 12:04:21 Step 3: Close The OpenClash Daemons...
2022-04-07 12:04:21 Step 4: Close The Clash Core Process...
2022-04-07 12:04:21 Step 5: Restart Dnsmasq...
2022-04-07 12:04:24 Step 6: Delete OpenClash Residue File...
2022-04-07 12:04:24 OpenClash Start Running...
2022-04-07 12:04:24 Step 1: Get The Configuration...
2022-04-07 12:04:24 Step 2: Check The Components...
2022-04-07 12:04:25 Tip: Because of the file【 /etc/config/openclash 】modificated, Pause quick start...
2022-04-07 12:04:25 Step 3: Modify The Config File...
2022-04-07 12:04:36 Step 4: Start Running The Clash Core...
2022-04-07 12:04:36 Tip: No Special Configuration Detected, Use Dev Core to Start...
2022-04-07 12:04:36 Step 5: Check The Core Status...
time="2022-04-07T04:04:37Z" level=info msg="Start initial compatible provider 节点选择"
time="2022-04-07T04:04:37Z" level=info msg="Start initial compatible provider 漏网之鱼"
time="2022-04-07T04:04:37Z" level=info msg="Start initial compatible provider 电报消息"
time="2022-04-07T04:04:37Z" level=info msg="Start initial compatible provider OneDrive"
time="2022-04-07T04:04:37Z" level=info msg="Start initial compatible provider 苹果服务"
time="2022-04-07T04:04:37Z" level=info msg="Start initial compatible provider 自动测速"
2022-04-07 12:04:39 Step 6: Wait For The File Downloading...
2022-04-07 12:04:40 Step 7: Set Control Panel...
2022-04-07 12:04:40 Step 8: Set Firewall Rules...
2022-04-07 12:04:41 Step 9: Restart Dnsmasq...
2022-04-07 12:04:44 Step 10: Add Cron Rules, Start Daemons...
2022-04-07 12:04:44 OpenClash Start Successful!
#===================== 活动连接信息 =====================#
vernesong / OpenClash

OpenClash正常启动，但无法翻墙。同样的订阅，手机使用CFA则可用 #2235

调试日志如下：

已解决：
