打开自动配置防火墙之后报"Error: Chain of type "filter" is not supported, perhaps kernel support is missing?"

[biggbuddy]

Bug description

使用的版本是: ImmortalWrt 23.05.4 r28061-399f9a1db3 / LuCI openwrt-23.05 branch git-24.265.44782-0ff45d8

安装homeproxy的方式: opkg update && opkg install luci-i18n-homeproxy-zh-cn

不勾选服务器设置中的自动配置防火墙时, 重启防火墙输出如下:
[root@OpenWrt 08:56:50 ~] /etc/init.d/firewall restart Section @zone[1] (wan) IPv4 fullcone enabled for zone 'wan'
勾选之后输出如下:

[root@OpenWrt 08:58:39 ~] /etc/init.d/firewall restart Section @zone[1] (wan) IPv4 fullcone enabled for zone 'wan' /dev/stdin:83:3-40: Error: Chain of type "filter" is not supported, perhaps kernel support is missing? type filter hook input priority filter; policy drop; ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
并且"状态"-->"防火墙"页面无法打开, 一片空白, 局域网内也无法上网.

Actual behavior

勾选服务器设置中的自动配置防火墙时, 防火墙重启报错, 网络无法正确工作

Expected behavior

No response

Steps to reproduce

No response

HomeProxy configuration

`
config homeproxy 'infra'
option __warning 'DO NOT EDIT THIS SECTION, OR YOU ARE ON YOUR OWN!'
option common_port '22,53,80,143,443,465,853,873,993,995,8080,8443,9418'
option mixed_port '5330'
option redirect_port '5331'
option tproxy_port '5332'
option dns_port '5333'
option china_dns_port '5334'
option tun_name 'singtun0'
option tun_addr4 '172.19.0.1/30'
option tun_addr6 'fdfe:dcba:9876::1/126'
option tun_mtu '9000'
option tun_gso '0'
option table_mark '100'
option self_mark '100'
option tproxy_mark '101'
option tun_mark '102'

config homeproxy 'config'
option main_node 'nil'
option main_udp_node 'same'
option dns_server '8.8.8.8'
option routing_mode 'bypass_mainland_china'
option routing_port 'common'
option proxy_mode 'redirect_tproxy'
option ipv6_support '1'

config homeproxy 'control'
option lan_proxy_mode 'disabled'
list wan_proxy_ipv4_ips '91.105.192.0/23'
list wan_proxy_ipv4_ips '91.108.4.0/22'
list wan_proxy_ipv4_ips '91.108.8.0/22'
list wan_proxy_ipv4_ips '91.108.16.0/22'
list wan_proxy_ipv4_ips '91.108.12.0/22'
list wan_proxy_ipv4_ips '91.108.20.0/22'
list wan_proxy_ipv4_ips '91.108.56.0/22'
list wan_proxy_ipv4_ips '149.154.160.0/20'
list wan_proxy_ipv4_ips '185.76.151.0/24'
list wan_proxy_ipv6_ips '2001:67c:4e8::/48'
list wan_proxy_ipv6_ips '2001:b28:f23c::/48'
list wan_proxy_ipv6_ips '2001:b28:f23d::/48'
list wan_proxy_ipv6_ips '2001:b28:f23f::/48'
list wan_proxy_ipv6_ips '2a0a:f280::/32'

config homeproxy 'routing'
option sniff_override '1'
option default_outbound 'direct-out'

config homeproxy 'dns'
option dns_strategy 'prefer_ipv4'
option default_server 'local-dns'
option disable_cache '0'
option disable_cache_expire '0'

config homeproxy 'subscription'
option auto_update '1'
option allow_insecure '0'
option packet_encoding 'xudp'
option update_via_proxy '1'
option filter_nodes 'blacklist'
list filter_keywords '重置|到期|过期|剩余|套餐'
list filter_keywords 'Expiration|Remaining'
option auto_update_time '2'

config homeproxy 'server'
option enabled '1'
option auto_firewall '0'

config dns_rule 'nodes_domain'
option label 'NodesDomain'
option enabled '1'
option mode 'default'
list outbound 'any-out'
option server 'default-dns'

config server 'homeproxy'
option label 'homeproxy'
option enabled '1'
option type 'shadowsocks'
option port '7788'
option password 'passwordpassword'
option shadowsocks_encrypt_method 'aes-128-gcm'
option udp_timeout '300'
option sniff_override '0'
`

sing-box configuration

{ "log": { "disabled": false, "level": "warn", "output": "/var/run/homeproxy/sing-box-s.log", "timestamp": true }, "inbounds": [ { "type": "shadowsocks", "tag": "cfg-homeproxy-in", "listen": "::", "listen_port": 7788, "udp_timeout": "300s", "sniff": true, "sniff_override_destination": false, "method": "aes-128-gcm", "password": "password" } ] }

HomeProxy log

2024-11-15 15:55:11 [DAEMON] sing-box 1.9.7 started.
2024-11-15 15:55:21 [DAEMON] Reloading service...
2024-11-15 15:55:23 [DAEMON] Service stopped.
2024-11-15 15:55:23 [DAEMON] sing-box 1.9.7 started.
2024-11-15 16:39:32 [DAEMON] Reloading service...
2024-11-15 16:39:34 [DAEMON] Service stopped.
2024-11-15 16:39:34 [DAEMON] sing-box 1.9.7 started.
2024-11-15 16:40:28 [DAEMON] Reloading service...
2024-11-15 16:40:30 [DAEMON] Service stopped.
2024-11-15 16:40:30 [DAEMON] sing-box 1.9.7 started.
2024-11-15 16:52:10 [DAEMON] Reloading service...
2024-11-15 16:52:13 [DAEMON] Service stopped.
2024-11-15 16:52:13 [DAEMON] sing-box 1.9.7 started.
2024-11-15 16:52:29 [DAEMON] Reloading service...
2024-11-15 16:52:32 [DAEMON] Service stopped.
2024-11-15 16:52:32 [DAEMON] sing-box 1.9.7 started.
2024-11-15 16:53:37 [DAEMON] Reloading service...
2024-11-15 16:53:39 [DAEMON] Service stopped.
2024-11-15 16:53:39 [DAEMON] sing-box 1.9.7 started.
2024-11-15 16:59:17 [DAEMON] Reloading service...
2024-11-15 16:59:19 [DAEMON] Service stopped.
2024-11-15 16:59:19 [DAEMON] sing-box 1.9.7 started.
2024-11-15 16:59:34 [DAEMON] Reloading service...
2024-11-15 16:59:36 [DAEMON] Service stopped.
2024-11-15 16:59:37 [DAEMON] sing-box 1.9.7 started.

sing-box log

[root@OpenWrt 09:04:55 ~] cat /var/run/homeproxy/sing-box-s.log

[root@OpenWrt 09:05:28 ~] cat /var/run/homeproxy/sing-box-c.log
cat: can't open '/var/run/homeproxy/sing-box-c.log': No such file or directory

日志为空

OpenWrt/ImmortalWrt release

23.05.4 r28061-399f9a1db3

Device

QEMU Standard PC (Q35 + ICH9, 2009) (proxmox下安装的immortalwrt)

Additional information

No response

Terms

• I confirm that the HomeProxy I installed is from official source, like GitHub artifacts or official ImmortalWrt opkg feeds.
• I confirm that the Homeproxy I installed does not contain Clash mode support.
• I confirm that the version of OpenWrt/ImmortalWrt I installed is >= 23.05.
• I confirm that I have installed the latest version of HomeProxy and sing-box.
• I confirm that I have read the sing-box documentation, understand the meaning of all the configuration items I added.
• I confirm that I have not mixed iptables and nftables rules.
• I confirm that I have not modified system DNS settings, or enabled any other DNS servers like MosDNS and SmartDNS.
• I confirm that I have selected all terms blindly.