[Bug] TUN接口无法启动

Verify Steps

[X] Tracker 我已经在 Issue Tracker 中找过我要提出的问题
[X] Latest 我已经使用最新 Dev 版本测试过，问题依旧存在
[X] Core 这是 OpenClash 存在的问题，并非我所使用的 Clash 或 Meta 等内核的特定问题
[X] Meaningful 我提交的不是无意义的催促更新或修复请求
OpenClash Version

v0.45.129-beta
Bug on Environment

Official OpenWrt
Bug on Platform

Linux-armv7
To Reproduce

fakeip-tun模式，启动后提示TUN接口启动失败
Describe the Bug

fakeip-tun模式，启动后提示TUN接口启动失败
OpenClash Log

OpenClash 调试日志
生成时间: 2023-07-21 23:04:40 插件版本: v0.45.129-beta 隐私提示: 上传此日志前请注意检查、屏蔽公网IP、节点、密码等相关敏感信息

#===================== 系统信息 =====================#

主机型号: ARS2
固件版本: OpenWrt 21.02.3 r16915-9e3dae45ae
LuCI版本: git-21.285.75821-a9b4f93
内核版本: 4.9.282+
处理器架构: aarch64_cortex-a53

#此项有值时,如不使用IPv6,建议到网络-接口-lan的设置中禁用IPV6的DHCP
IPV6-DHCP: 

DNS劫持: Dnsmasq 转发
#DNS劫持为Dnsmasq时，此项结果应仅有配置文件的DNS监听地址
Dnsmasq转发设置: 

#===================== 依赖检查 =====================#

dnsmasq-full: 已安装
coreutils: 已安装
coreutils-nohup: 已安装
bash: 已安装
curl: 已安装
ca-certificates: 已安装
ipset: 已安装
ip-full: 已安装
libcap: 已安装
libcap-bin: 已安装
ruby: 已安装
ruby-yaml: 已安装
ruby-psych: 已安装
ruby-pstore: 已安装
kmod-tun(TUN模式): 已安装
luci-compat(Luci >= 19.07): 已安装
kmod-inet-diag(PROCESS-NAME): 已安装
unzip: 已安装
iptables-mod-tproxy: 已安装
kmod-ipt-tproxy: 已安装
iptables-mod-extra: 已安装
kmod-ipt-extra: 已安装
kmod-ipt-nat: 已安装

#===================== 内核检查 =====================#

运行状态: 未运行
已选择的架构: linux-arm64

#下方无法显示内核版本号时请确认您的内核版本是否正确或者有无权限
Tun内核版本: 2023.06.30
Tun内核文件: 存在
Tun内核运行权限: 正常

Dev内核版本: v1.17.0
Dev内核文件: 存在
Dev内核运行权限: 正常

Meta内核版本: 
Meta内核文件: 不存在
Meta内核运行权限: 否

#===================== 插件设置 =====================#

当前配置文件: /etc/openclash/config/config.yaml
启动配置文件: /etc/openclash/config.yaml
运行模式: fake-ip-tun
默认代理模式: rule
UDP流量转发(tproxy): 停用
自定义DNS: 停用
IPV6代理: 停用
IPV6-DNS解析: 停用
禁用Dnsmasq缓存: 启用
自定义规则: 停用
仅允许内网: 启用
仅代理命中规则流量: 停用
仅允许常用端口流量: 停用
绕过中国大陆IP: 停用
路由本机代理: 启用

#启动异常时建议关闭此项后重试
混合节点: 停用
保留配置: 停用

#启动异常时建议关闭此项后重试
第三方规则: 停用

#===================== 配置文件 =====================#

#===================== 自定义覆写设置 =====================#

#!/bin/sh
. /usr/share/openclash/ruby.sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom overwrite scripts here, they will be take effict after the OpenClash own srcipts

LOG_OUT "Tip: Start Running Custom Overwrite Scripts..."
LOGTIME=$(echo $(date "+%Y-%m-%d %H:%M:%S"))
LOG_FILE="/tmp/openclash.log"
CONFIG_FILE="$1" #config path

#Simple Demo:
    #General Demo
    #1--config path
    #2--key name
    #3--value
    #ruby_edit "$CONFIG_FILE" "['redir-port']" "7892"
    #ruby_edit "$CONFIG_FILE" "['secret']" "123456"
    #ruby_edit "$CONFIG_FILE" "['dns']['enable']" "true"

    #Hash Demo
    #1--config path
    #2--key name
    #3--hash type value
    #ruby_edit "$CONFIG_FILE" "['experimental']" "{'sniff-tls-sni'=>true}"
    #ruby_edit "$CONFIG_FILE" "['sniffer']" "{'sniffing'=>['tls','http']}"

    #Array Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value
    #ruby_arr_insert "$CONFIG_FILE" "['dns']['nameserver']" "0" "114.114.114.114"

    #Array Add From Yaml File Demo:
    #1--config path
    #2--key name
    #3--position(start from 0, end with -1)
    #4--value file path
    #5--value key name in #4 file
    #ruby_arr_add_file "$CONFIG_FILE" "['dns']['fallback-filter']['ipcidr']" "0" "/etc/openclash/custom/openclash_custom_fallback_filter.yaml" "['fallback-filter']['ipcidr']"

#Ruby Script Demo:
    #ruby -ryaml -rYAML -I "/usr/share/openclash" -E UTF-8 -e "
    #   begin
    #      Value = YAML.load_file('$CONFIG_FILE');
    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Load File Failed,【' + e.message + '】';
    #   end;

        #General
    #   begin
    #   Thread.new{
    #      Value['redir-port']=7892;
    #      Value['tproxy-port']=7895;
    #      Value['port']=7890;
    #      Value['socks-port']=7891;
    #      Value['mixed-port']=7893;
    #   }.join;

    #   rescue Exception => e
    #      puts '${LOGTIME} Error: Set General Failed,【' + e.message + '】';
    #   ensure
    #      File.open('$CONFIG_FILE','w') {|f| YAML.dump(Value, f)};
    #   end" 2>/dev/null >> $LOG_FILE

exit 0
#===================== 自定义防火墙设置 =====================#

#!/bin/sh
. /usr/share/openclash/log.sh
. /lib/functions.sh

# This script is called by /etc/init.d/openclash
# Add your custom firewall rules here, they will be added after the end of the OpenClash iptables rules

LOG_OUT "Tip: Start Add Custom Firewall Rules..."

exit 0
#===================== IPTABLES 防火墙设置 =====================#

#IPv4 NAT chain

# Generated by iptables-save v1.8.7 on Fri Jul 21 23:04:43 2023
*nat
:PREROUTING ACCEPT [110:8775]
:INPUT ACCEPT [95:8279]
:OUTPUT ACCEPT [140:9153]
:POSTROUTING ACCEPT [140:9153]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i eth0 -m comment --comment "!fw3" -j zone_wan_prerouting
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o eth0 -m comment --comment "!fw3" -j zone_wan_postrouting
-A zone_lan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_lan_prerouting -j MINIUPNPD
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -m comment --comment "!fw3" -j FULLCONENAT
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
-A zone_wan_prerouting -m comment --comment "!fw3" -j FULLCONENAT
COMMIT
# Completed on Fri Jul 21 23:04:43 2023

#IPv4 Mangle chain

# Generated by iptables-save v1.8.7 on Fri Jul 21 23:04:43 2023
*mangle
:PREROUTING ACCEPT [18378:9770875]
:INPUT ACCEPT [18329:9766152]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [18878:10833688]
:POSTROUTING ACCEPT [19285:10924140]
-A FORWARD -o eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
COMMIT
# Completed on Fri Jul 21 23:04:43 2023

#IPv4 Filter chain

# Generated by iptables-save v1.8.7 on Fri Jul 21 23:04:43 2023
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:MINIUPNPD - [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:forwarding_wan_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:input_wan_rule - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:output_wan_rule - [0:0]
:reject - [0:0]
:syn_flood - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
:zone_wan_dest_ACCEPT - [0:0]
:zone_wan_dest_REJECT - [0:0]
:zone_wan_forward - [0:0]
:zone_wan_input - [0:0]
:zone_wan_output - [0:0]
:zone_wan_src_ACCEPT - [0:0]
-A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
-A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m comment --comment "!fw3" -j syn_flood
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
-A INPUT -i eth0 -m comment --comment "!fw3" -j zone_wan_input
-A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
-A FORWARD -i eth0 -m comment --comment "!fw3" -j zone_wan_forward
-A FORWARD -m comment --comment "!fw3" -j reject
-A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
-A OUTPUT -o eth0 -m comment --comment "!fw3" -j zone_wan_output
-A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
-A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp-port-unreachable
-A syn_flood -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 25/sec --limit-burst 50 -m comment --comment "!fw3" -j RETURN
-A syn_flood -m comment --comment "!fw3" -j DROP
-A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to wan forwarding policy" -j zone_wan_dest_ACCEPT
-A zone_lan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_lan_forward -j MINIUPNPD
-A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
-A zone_lan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_lan_input -j MINIUPNPD
-A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
-A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
-A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_dest_ACCEPT -o eth0 -m conntrack --ctstate INVALID -m comment --comment "!fw3: Prevent NAT leakage" -j DROP
-A zone_wan_dest_ACCEPT -o eth0 -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_dest_REJECT -o eth0 -m comment --comment "!fw3" -j reject
-A zone_wan_forward -m comment --comment "!fw3: Custom wan forwarding rule chain" -j forwarding_wan_rule
-A zone_wan_forward -p esp -m comment --comment "!fw3: Allow-IPSec-ESP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -p udp -m udp --dport 500 -m comment --comment "!fw3: Allow-ISAKMP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
-A zone_wan_input -m comment --comment "!fw3: Custom wan input rule chain" -j input_wan_rule
-A zone_wan_input -p udp -m udp --dport 68 -m comment --comment "!fw3: Allow-DHCP-Renew" -j ACCEPT
-A zone_wan_input -p icmp -m icmp --icmp-type 8 -m comment --comment "!fw3: Allow-Ping" -j ACCEPT
-A zone_wan_input -p igmp -m comment --comment "!fw3: Allow-IGMP" -j ACCEPT
-A zone_wan_input -p tcp -m tcp --dport 8897 -m comment --comment "!fw3: linkease" -j ACCEPT
-A zone_wan_input -p tcp -m tcp --dport 1688 -m comment --comment "!fw3: kms" -j ACCEPT
-A zone_wan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_ACCEPT
-A zone_wan_output -m comment --comment "!fw3: Custom wan output rule chain" -j output_wan_rule
-A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
-A zone_wan_src_ACCEPT -i eth0 -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
COMMIT
# Completed on Fri Jul 21 23:04:43 2023

#IPv6 NAT chain

# Generated by ip6tables-save v1.8.7 on Fri Jul 21 23:04:43 2023
*nat
:PREROUTING ACCEPT [59:10015]
:INPUT ACCEPT [24:5010]
:OUTPUT ACCEPT [106:11419]
:POSTROUTING ACCEPT [106:11419]
COMMIT
# Completed on Fri Jul 21 23:04:43 2023

#IPv6 Mangle chain

# Generated by ip6tables-save v1.8.7 on Fri Jul 21 23:04:43 2023
*mangle
:PREROUTING ACCEPT [977:187831]
:INPUT ACCEPT [842:174854]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [526:61113]
:POSTROUTING ACCEPT [545:65473]
-A FORWARD -o eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
COMMIT
# Completed on Fri Jul 21 23:04:43 2023

#IPv6 Filter chain

# Generated by ip6tables-save v1.8.7 on Fri Jul 21 23:04:43 2023
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:MINIUPNPD - [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:forwarding_wan_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:input_wan_rule - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:output_wan_rule - [0:0]
:reject - [0:0]
:syn_flood - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
:zone_wan_dest_ACCEPT - [0:0]
:zone_wan_dest_REJECT - [0:0]
:zone_wan_forward - [0:0]
:zone_wan_input - [0:0]
:zone_wan_output - [0:0]
:zone_wan_src_ACCEPT - [0:0]
-A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
-A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m comment --comment "!fw3" -j syn_flood
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
-A INPUT -i eth0 -m comment --comment "!fw3" -j zone_wan_input
-A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
-A FORWARD -i eth0 -m comment --comment "!fw3" -j zone_wan_forward
-A FORWARD -m comment --comment "!fw3" -j reject
-A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
-A OUTPUT -o eth0 -m comment --comment "!fw3" -j zone_wan_output
-A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
-A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp6-port-unreachable
-A syn_flood -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 25/sec --limit-burst 50 -m comment --comment "!fw3" -j RETURN
-A syn_flood -m comment --comment "!fw3" -j DROP
-A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to wan forwarding policy" -j zone_wan_dest_ACCEPT
-A zone_lan_forward -j MINIUPNPD
-A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
-A zone_lan_input -j MINIUPNPD
-A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
-A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
-A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_dest_ACCEPT -o eth0 -m conntrack --ctstate INVALID -m comment --comment "!fw3: Prevent NAT leakage" -j DROP
-A zone_wan_dest_ACCEPT -o eth0 -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_dest_REJECT -o eth0 -m comment --comment "!fw3" -j reject
-A zone_wan_forward -m comment --comment "!fw3: Custom wan forwarding rule chain" -j forwarding_wan_rule
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 128 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 129 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 4/0 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p ipv6-icmp -m icmp6 --icmpv6-type 4/1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Forward" -j ACCEPT
-A zone_wan_forward -p esp -m comment --comment "!fw3: Allow-IPSec-ESP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -p udp -m udp --dport 500 -m comment --comment "!fw3: Allow-ISAKMP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
-A zone_wan_input -m comment --comment "!fw3: Custom wan input rule chain" -j input_wan_rule
-A zone_wan_input -s fc00::/6 -d fc00::/6 -p udp -m udp --dport 546 -m comment --comment "!fw3: Allow-DHCPv6" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143/0 -m comment --comment "!fw3: Allow-MLD" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 128 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 129 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 4/0 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 4/1 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
-A zone_wan_input -p tcp -m tcp --dport 8897 -m comment --comment "!fw3: linkease" -j ACCEPT
-A zone_wan_input -p tcp -m tcp --dport 1688 -m comment --comment "!fw3: kms" -j ACCEPT
-A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_ACCEPT
-A zone_wan_output -m comment --comment "!fw3: Custom wan output rule chain" -j output_wan_rule
-A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
-A zone_wan_src_ACCEPT -i eth0 -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
COMMIT
# Completed on Fri Jul 21 23:04:43 2023

#===================== IPSET状态 =====================#

#===================== 路由表状态 =====================#

#IPv4

#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 br-lan
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 br-lan

#ip route list
default via 192.168.0.1 dev br-lan proto static 
192.168.0.0/24 dev br-lan proto kernel scope link src 192.168.0.120 

#ip rule show
0:  from all lookup local
32766:  from all lookup main
32767:  from all lookup default

#IPv6

#route -A inet6
Kernel IPv6 routing table
Destination                                 Next Hop                                Flags Metric Ref    Use Iface
fd06:598e:c059::/64                         ::                                      U     1024   0        0 br-lan  
fd06:598e:c059::/48                         ::                                      !n    2147483647 0        0 lo      
fe80::/64                                   ::                                      U     256    0        0 eth0    
fe80::/64                                   ::                                      U     256    2        6 br-lan  
::/0                                        ::                                      !n    -1     1       41 lo      
::1/128                                     ::                                      Un    0      5      656 lo      
fd06:598e:c059::/128                        ::                                      Un    0      1        0 lo      
fd06:598e:c059::1/128                       ::                                      Un    0      1        0 lo      
fe80::/128                                  ::                                      Un    0      1        0 lo      
fe80::/128                                  ::                                      Un    0      1        0 lo      
fe80::54:4eff:fea8:1e20/128                 ::                                      Un    0      1        0 lo      
fe80::54:4eff:fea8:1e21/128                 ::                                      Un    0      2        2 lo      
ff00::/8                                    ::                                      U     256    3      484 br-lan  
ff00::/8                                    ::                                      U     256    3       16 eth0    
::/0                                        ::                                      !n    -1     1       41 lo      

#ip -6 route list
fd06:598e:c059::/64 dev br-lan proto static metric 1024 pref medium
unreachable fd06:598e:c059::/48 dev lo proto static metric 2147483647 error 4294967183 pref medium
fe80::/64 dev eth0 proto kernel metric 256 linkdown pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium

#ip -6 rule show
0:  from all lookup local
32766:  from all lookup main
4200000001: from all iif lo failed_policy
4200000011: from all iif br-lan failed_policy

#===================== Tun设备状态 =====================#

#===================== 端口占用状态 =====================#

#===================== 测试本机DNS查询(www.baidu.com) =====================#

Server:     127.0.0.1
Address:    127.0.0.1#53

Name:      www.baidu.com
www.baidu.com   canonical name = www.a.shifen.com
Name:      www.a.shifen.com
Address 1: 110.242.68.4
Address 2: 110.242.68.3
*** Can't find www.baidu.com: No answer

#===================== 测试内核DNS查询(www.instagram.com) =====================#

Dnsmasq 当前默认 resolv 文件：/tmp/resolv.conf.d/resolv.conf.auto

#===================== /tmp/resolv.conf.d/resolv.conf.auto =====================#

# Interface lan
nameserver 223.5.5.5

#===================== 测试本机网络连接(www.baidu.com) =====================#

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Fri, 21 Jul 2023 15:04:44 GMT
Etag: "575e1f59-115"
Last-Modified: Mon, 13 Jun 2016 02:50:01 GMT
Pragma: no-cache
Server: bfe/1.0.8.18

#===================== 测试本机网络下载(raw.githubusercontent.com) =====================#

HTTP/2 200 
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: "164887e509f49d611b745c94926c1e59df6802fc9db3bd2060f2c471fe51246c"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 7BB2:0C29:60D21:79363:64B7142A
accept-ranges: bytes
date: Fri, 21 Jul 2023 15:04:44 GMT
via: 1.1 varnish
x-served-by: cache-tyo11920-TYO
x-cache: HIT
x-cache-hits: 1
x-timer: S1689951884.310057,VS0,VE3
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 53a57c09c1cfc23aee6cb31d8c4595bbdc42fc7e
expires: Fri, 21 Jul 2023 15:09:44 GMT
source-age: 95
content-length: 83

#===================== 最近运行日志(自动切换为Debug模式) =====================#

14:54:24 INF [Config] initial compatible provider name=📟 Twitter
14:54:24 INF [Config] initial compatible provider name=Hijacking
14:54:24 INF [Config] initial compatible provider name=🎬 iQiyi
14:54:24 INF [Config] initial compatible provider name=🐹 OpenAI
14:54:24 INF [Config] initial compatible provider name=🎵 Tiktok
14:54:24 INF [Config] initial compatible provider name=📺 International-Media
14:54:24 INF [Config] initial compatible provider name=🎬 Emby
14:54:24 INF [Config] initial compatible provider name=🖥 Learning
14:54:24 INF [Config] initial compatible provider name=📺 Netflix
14:54:24 INF [Config] initial compatible provider name=📲 Telegram
14:54:24 INF [Config] initial compatible provider name=🌐 Google
14:54:24 INF [Config] initial compatible provider name=🍎 Apple
14:54:24 INF [Config] initial compatible provider name=China-Websites
14:54:24 INF [Auth] config updated
14:54:24 INF [DNS] server listening addr=[::]:7874
14:54:24 INF [Inbound] HTTP proxy listening addr=[::]:7890
14:54:24 INF [API] listening addr=[::]:9090
14:54:24 INF [Inbound] SOCKS proxy listening addr=[::]:7891
14:54:24 WRN [Inbound] start Redir UDP listener failed error=operation not permitted
14:54:24 INF [Inbound] Redirect proxy listening addr=[::]:7892
14:54:24 ERR [Inbound] start failed error=operation not permitted addr=:7892 type=Redirect
14:54:24 ERR [Inbound] start failed error=operation not permitted addr=:7895 type=TProxy
14:54:24 INF [Inbound] Mixed(http+socks) listening addr=[::]:7893
14:54:24 ERR [Inbound] start failed error=permission denied type=TUN stackType=system inet=198.18.0.1/16
2023-07-21 22:54:36 Warning: TUN Interface Start Failed, Try to Restart Again...
2023-07-21 22:54:40 Tip: Detected The Exclusive Function of The TUN Core, Use TUN Core to Start...
2023-07-21 22:54:40 Test The Config File First...
14:54:41 INF [Config] initial compatible provider name=📲 LineTV
14:54:41 INF [Config] initial compatible provider name=🎬 Emby
14:54:41 INF [Config] initial compatible provider name=📲 Telegram
14:54:41 INF [Config] initial compatible provider name=📟 Twitter
14:54:41 INF [Config] initial compatible provider name=🐹 OpenAI
14:54:41 INF [Config] initial compatible provider name=🌐 Google
14:54:41 INF [Config] initial compatible provider name=📺 Disney
14:54:41 INF [Config] initial compatible provider name=China-Websites
14:54:41 INF [Config] initial compatible provider name=🎬 myTVSUPER
14:54:41 INF [Config] initial compatible provider name=🍎 Apple
14:54:41 INF [Config] initial compatible provider name=🎬 Bilibili
14:54:41 INF [Config] initial compatible provider name=📺 Netflix
14:54:41 INF [Config] initial compatible provider name=Final
14:54:41 INF [Config] initial compatible provider name=🎬 YouTube
14:54:41 INF [Config] initial compatible provider name=China-Media
14:54:41 INF [Config] initial compatible provider name=🖥 Learning
14:54:41 INF [Config] initial compatible provider name=📺 International-Media
14:54:41 INF [Config] initial compatible provider name=Hijacking
14:54:41 INF [Config] initial compatible provider name=Nexitally
14:54:41 INF [Config] initial compatible provider name=🎬 iQiyi
14:54:41 INF [Config] initial compatible provider name=🎵 Tiktok
14:54:41 INF [Config] initial compatible provider name=🖥 Microsoft
2023-07-21 22:54:41 configuration file【/etc/openclash/config.yaml】test is successful
14:54:43 INF [Config] initial compatible provider name=🎵 Tiktok
14:54:43 INF [Config] initial compatible provider name=🎬 YouTube
14:54:43 INF [Config] initial compatible provider name=🎬 Emby
14:54:43 INF [Config] initial compatible provider name=🍎 Apple
14:54:43 INF [Config] initial compatible provider name=🎬 myTVSUPER
14:54:43 INF [Config] initial compatible provider name=📺 Netflix
14:54:43 INF [Config] initial compatible provider name=📟 Twitter
14:54:43 INF [Config] initial compatible provider name=Nexitally
14:54:43 INF [Config] initial compatible provider name=China-Websites
14:54:43 INF [Config] initial compatible provider name=Hijacking
14:54:43 INF [Config] initial compatible provider name=📺 Disney
14:54:43 INF [Config] initial compatible provider name=🖥 Learning
14:54:43 INF [Config] initial compatible provider name=🖥 Microsoft
14:54:43 INF [Config] initial compatible provider name=🌐 Google
14:54:43 INF [Config] initial compatible provider name=📲 Telegram
14:54:43 INF [Config] initial compatible provider name=🐹 OpenAI
14:54:43 INF [Config] initial compatible provider name=📺 International-Media
14:54:43 INF [Config] initial compatible provider name=Final
14:54:43 INF [Config] initial compatible provider name=🎬 iQiyi
14:54:43 INF [Config] initial compatible provider name=📲 LineTV
14:54:43 INF [Config] initial compatible provider name=China-Media
14:54:43 INF [Config] initial compatible provider name=🎬 Bilibili
14:54:43 INF [Auth] config updated
14:54:43 INF [DNS] server listening addr=[::]:7874
14:54:43 INF [Inbound] HTTP proxy listening addr=[::]:7890
14:54:43 INF [API] listening addr=[::]:9090
14:54:43 INF [Inbound] SOCKS proxy listening addr=[::]:7891
14:54:43 WRN [Inbound] start Redir UDP listener failed error=operation not permitted
14:54:43 INF [Inbound] Redirect proxy listening addr=[::]:7892
14:54:43 ERR [Inbound] start failed error=operation not permitted addr=:7892 type=Redirect
14:54:43 ERR [Inbound] start failed error=operation not permitted addr=:7895 type=TProxy
14:54:43 INF [Inbound] Mixed(http+socks) listening addr=[::]:7893
14:54:43 ERR [Inbound] start failed error=permission denied type=TUN stackType=system inet=198.18.0.1/16
2023-07-21 22:54:55 Warning: TUN Interface Start Failed, Please Check The Dependence or Try to Restart Again!
2023-07-21 22:54:56 OpenClash Stoping...
2023-07-21 22:54:56 Step 1: Backup The Current Groups State...
2023-07-21 22:54:56 Step 2: Delete OpenClash Firewall Rules...
2023-07-21 22:54:59 Step 3: Close The OpenClash Daemons...
2023-07-21 22:54:59 Step 4: Close The Clash Core Process...
2023-07-21 22:54:59 Step 5: Restart Dnsmasq...
2023-07-21 22:54:59 Step 6: Delete OpenClash Residue File...
2023-07-21 23:00:03【/tmp/openclash_last_version】Download Failed:【curl: (28) Operation too slow. Less than 1 bytes/sec transferred the last 30 seconds】
2023-07-21 23:00:07【/tmp/openclash_last_version】Download Failed:【curl: (28) Operation too slow. Less than 1 bytes/sec transferred the last 30 seconds】
2023-07-21 23:00:03【/tmp/openclash_last_version】Download Failed:【curl: (28) Operation too slow. Less than 1 bytes/sec transferred the last 30 seconds】
2023-07-21 23:00:07【/tmp/openclash_last_version】Download Failed:【curl: (28) Operation too slow. Less than 1 bytes/sec transferred the last 30 seconds】
2023-07-21 23:00:33【/tmp/openclash_last_version】Download Failed:【curl: (28) Operation too slow. Less than 1 bytes/sec transferred the last 30 seconds】
2023-07-21 23:00:03【/tmp/openclash_last_version】Download Failed:【curl: (28) Operation too slow. Less than 1 bytes/sec transferred the last 30 seconds】
2023-07-21 23:00:07【/tmp/openclash_last_version】Download Failed:【curl: (28) Operation too slow. Less than 1 bytes/sec transferred the last 30 seconds】
2023-07-21 23:00:33【/tmp/openclash_last_version】Download Failed:【curl: (28) Operation too slow. Less than 1 bytes/sec transferred the last 30 seconds】
2023-07-21 23:00:33【/tmp/openclash_last_version】Download Failed:【curl: (28) Operation too slow. Less than 1 bytes/sec transferred the last 30 seconds】

#===================== 最近运行日志获取完成(自动切换为silent模式) =====================#

#===================== 活动连接信息 =====================#
OpenClash Config

No response
Expected Behavior

TUN修复
Screenshots
