{"id":1642,"date":"2022-05-31T21:22:33","date_gmt":"2022-05-31T13:22:33","guid":{"rendered":"https:\/\/www.strongd.net\/?p=1642"},"modified":"2022-05-31T21:22:33","modified_gmt":"2022-05-31T13:22:33","slug":"openwrt%e4%b8%8b%e5%ae%89%e8%a3%85%e5%92%8c%e9%85%8d%e7%bd%aeshadowsocks","status":"publish","type":"post","link":"https:\/\/www.strongd.net\/?p=1642","title":{"rendered":"OpenWRT\u4e0b\u5b89\u88c5\u548c\u914d\u7f6eshadowsocks"},"content":{"rendered":"<header>\n<p class=\"meta\">\u672c\u6587\u4e3b\u8981\u8bb0\u5f55\u5728openWRT\u4e0b\u5b89\u88c5\u548c\u914d\u7f6eshadowsocks\u7684\u7b80\u8981\u8fc7\u7a0b\uff0c\u4fbf\u4e8e\u65e5\u540e\u67e5\u627e\u548c\u5907\u5fd8\u3002\u6210\u529f\u5b89\u88c5\u540e\u53ef\u4ee5\u5b9e\u73b0\u900f\u660e\u4ee3\u7406\uff0c\u5206\u6d41\u548c\u9632DNS\u6c61\u67d3\u3002<\/p>\n<\/header>\n<div class=\"entry-content\">\n<h2>Environment<\/h2>\n<ul>\n<li>\u8def\u7531\u5668\u578b\u53f7\uff1aYouHua WR1200JS<\/li>\n<li>\u56fa\u4ef6\u7248\u672c\uff1aOpenWrt 19.07.4 r11208-ce6496d796 \/ LuCI openwrt-19.07 branch git-21.054.03371-3b137b5<\/li>\n<\/ul>\n<h2>\u62d3\u6251\u56fe+\u5de5\u4f5c\u539f\u7406<\/h2>\n<p><img decoding=\"async\" src=\"http:\/\/douxinchun.github.io\/blog_reference_image\/2021\/3\/openwrt-shadowsocks-arch.png\" alt=\"topology map\" \/><\/p>\n<ol>\n<li>dnsmasq\u662fopenwrt\u81ea\u5e26\u7684\u4e00\u4e2a\u8f6f\u4ef6\uff0c\u63d0\u4f9bdns\u7f13\u5b58\uff0cdhcp\u7b49\u529f\u80fd\u3002dnsmasq\u4f1a\u5c06dns\u67e5\u8be2\u6570\u636e\u5305\u8f6c\u53d1\u7ed9chinadns\u3002<\/li>\n<li>chinadns\u7684\u4e0a\u6e38DNS\u670d\u52a1\u5668\u6709\u4e24\u4e2a\uff0c\u4e00\u4e2a\u662f<code>\u56fd\u5185DNS<\/code>\uff0c\u4e00\u4e2a\u662f<code>\u53ef\u4fe1DNS<\/code>\uff08\u56fd\u5916DNS\uff09\u3002\n<ul>\n<li>chinadns\u4f1a\u540c\u65f6\u5411\u4e0a\u6e38\u7684DNS\u53d1\u9001\u8bf7\u6c42<\/li>\n<li>\u5982\u679c<code>\u53ef\u4fe1DNS<\/code>\u5148\u8fd4\u56de, \u5219\u76f4\u63a5\u91c7\u7528<code>\u53ef\u4fe1DNS<\/code>\u7684\u7ed3\u679c<\/li>\n<li>\u5982\u679c<code>\u56fd\u5185DNS<\/code>\u5148\u8fd4\u56de, \u5206\u4e24\u79cd\u60c5\u51b5: \u5982\u679c\u8fd4\u56de\u7684\u7ed3\u679c\u662f\u56fd\u5185IP,\u5219\u91c7\u7528;\u5426\u5219\u4e22\u5f03\u5e76\u7b49\u5f85\u91c7\u7528<code>\u53ef\u4fe1DNS<\/code>\u7684\u7ed3\u679c<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<p>3.dns-forwarder \u652f\u6301DNS TCP\u67e5\u8be2, \u5982\u679cISP\u7684UDP\u4e0d\u7a33\u5b9a, \u4e22\u5305\u4e25\u91cd,\u53ef\u4ee5\u4f7f\u7528dns-forwarder\u6765\u4ee3\u66ff<code>ss-tunnel<\/code>\u6765\u8fdb\u884cDNS\u67e5\u8be2.<\/p>\n<p>4.shadowsocks \u7528\u4e8e\u8f6c\u53d1\u6570\u636e\u5305, \u79d1\u5b66\u4e0a\u7f51. \u5173\u4e8eshadowsocks\u7684\u79d1\u666e\u6587\u7ae0\u53ef\u67e5\u770b\u8fd9\u91cc:\u00a0<a href=\"https:\/\/www.css3er.com\/p\/107.html\" target=\"_blank\" rel=\"noopener\">https:\/\/www.css3er.com\/p\/107.html<\/a><\/p>\n<h2>\u76f8\u5173\u7684ipk\u8f6f\u4ef6\u5305\u4e0b\u8f7d\u5730\u5740<\/h2>\n<p>ipk\u8f6f\u4ef6\u5305\u96c6\u5408, \u4e0d\u540c\u7684CPU\u67b6\u6784\u9700\u8981\u4f7f\u7528\u4e0d\u540c\u7684\u8f6f\u4ef6\u5305, CPU\u67b6\u6784\u662f<code>mipsel_24kc<\/code>\u7684\u8bdd, \u53ef\u4ee5\u96c6\u4e2d\u4ece\u8fd9\u91cc\u4e0b\u8f7d.<br \/>\n\u94fe\u63a5:\u00a0<a href=\"https:\/\/pan.baidu.com\/s\/14QDoTLqw-SEBZvQVQeVgvA\" target=\"_blank\" rel=\"noopener\">https:\/\/pan.baidu.com\/s\/14QDoTLqw-SEBZvQVQeVgvA<\/a>\u00a0\u63d0\u53d6\u7801: ugsc<br \/>\n\u5176\u5b83\u7684CPU\u67b6\u6784, \u53ef\u4ee5\u53bbGitHub\u4e3b\u9875 -&gt; Releases\u4e0b\u8f7d\u522b\u4eba\u5df2\u7ecf\u7f16\u8bd1\u597d\u7684\u8f6f\u4ef6\u5305, \u5982\u679c\u6ca1\u6709, \u53ea\u80fd\u81ea\u5df1\u4e0b\u8f7dopenWRT\u7684SDK, \u81ea\u5df1\u8fdb\u884c\u7f16\u8bd1.<\/p>\n<ul>\n<li>shadowsocks-libev_3.3.5-1_mipsel_24kc.ipk<\/li>\n<li>shadowsocks-libev-server_3.3.5-1_mipsel_24kc.ipk<\/li>\n<li>ChinaDNS_1.3.3-1_mipsel_24kc.ipk<\/li>\n<li>dns-forwarder_1.2.1-2_mipsel_24kc.ipk<\/li>\n<li>luci-compat<\/li>\n<li>luci-app-shadowsocks-without-ipset_1.9.1-1_all.ipk<\/li>\n<li>luci-app-chinadns_1.6.2-1_all.ipk<\/li>\n<li>luci-app-dns-forwarder_1.6.2-1_all.ipk<\/li>\n<\/ul>\n<p>\u94fe\u63a5:\u00a0<a href=\"https:\/\/pan.baidu.com\/s\/14QDoTLqw-SEBZvQVQeVgvA\" target=\"_blank\" rel=\"noopener\">https:\/\/pan.baidu.com\/s\/14QDoTLqw-SEBZvQVQeVgvA<\/a>\u00a0\u63d0\u53d6\u7801: ugsc<\/p>\n<h3>openwrt-shadowsocks<\/h3>\n<p><strong>GitHub<\/strong>:\u00a0<a href=\"https:\/\/github.com\/shadowsocks\/openwrt-shadowsocks\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/shadowsocks\/openwrt-shadowsocks<\/a><br \/>\n<strong>luci-app-shadowsocks<\/strong>:\u00a0<a href=\"https:\/\/github.com\/shadowsocks\/luci-app-shadowsocks\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/shadowsocks\/luci-app-shadowsocks<\/a><\/p>\n<ul>\n<li>shadowsocks-libev\n<pre><code class=\"&#96;\"> \u5ba2\u6237\u7aef\/\r\n \u2514\u2500\u2500 usr\/\r\n     \u2514\u2500\u2500 bin\/\r\n         \u251c\u2500\u2500 ss-local       \/\/ \u63d0\u4f9b SOCKS \u6b63\u5411\u4ee3\u7406, \u5728\u900f\u660e\u4ee3\u7406\u5de5\u4f5c\u6a21\u5f0f\u4e0b\u7528\u4e0d\u5230\u8fd9\u4e2a.\r\n         \u251c\u2500\u2500 ss-redir       \/\/ \u63d0\u4f9b\u900f\u660e\u4ee3\u7406, \u4ece v2.2.0 \u5f00\u59cb\u652f\u6301 UDP\r\n         \u2514\u2500\u2500 ss-tunnel      \/\/ \u63d0\u4f9b\u7aef\u53e3\u8f6c\u53d1, \u53ef\u7528\u4e8e DNS \u67e5\u8be2\r\n<\/code><\/pre>\n<\/li>\n<li>shadowsocks-libev-server\n<pre><code>\u670d\u52a1\u7aef\/\r\n\u2514\u2500\u2500 usr\/\r\n    \u2514\u2500\u2500 bin\/\r\n        \u2514\u2500\u2500 ss-server      \/\/ \u670d\u52a1\u7aef\u53ef\u6267\u884c\u6587\u4ef6\r\n<\/code><\/pre>\n<\/li>\n<\/ul>\n<h3>ChinaDNS<\/h3>\n<p><strong>GitHub<\/strong>:\u00a0<a href=\"https:\/\/github.com\/aa65535\/openwrt-chinadns\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/aa65535\/openwrt-chinadns<\/a><br \/>\n<strong>\u539f\u7248ChinaDNS\u5730\u5740, \u88ab\u8bf7\u559d\u8336\u540e\u5df2\u4e0d\u518d\u7ef4\u62a4<\/strong>:<a href=\"https:\/\/github.com\/shadowsocks\/ChinaDNS\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/shadowsocks\/ChinaDNS<\/a><br \/>\n<strong>luci-app-chinadns<\/strong>:\u00a0<a href=\"https:\/\/github.com\/aa65535\/openwrt-dist-luci\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/aa65535\/openwrt-dist-luci<\/a><\/p>\n<p>\u66f4\u65b0 \/etc\/chinadns_chnroute.txt<\/p>\n<figure class=\"code\">\n<div class=\"highlight\">\n<table>\n<tbody>\n<tr>\n<td class=\"gutter\">\n<pre class=\"line-numbers\"><span class=\"line-number\">1<\/span>\r\n<\/pre>\n<\/td>\n<td class=\"code\">\n<pre><code class=\"\"><span class=\"line\"> wget -O- 'http:\/\/ftp.apnic.net\/apnic\/stats\/apnic\/delegated-apnic-latest' | awk -F\\| '\/CN\\|ipv4\/ { printf(\"%s\/%d\\n\", $4, 32-log($5)\/log(2)) }' &gt; \/etc\/chinadns_chnroute.txt<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/figure>\n<h3>dns-forwarder<\/h3>\n<p><strong>GitHub<\/strong>:\u00a0<a href=\"https:\/\/github.com\/aa65535\/openwrt-dns-forwarder\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/aa65535\/openwrt-dns-forwarder<\/a><br \/>\n<strong>luci-app-dns-forwarder<\/strong>:\u00a0<a href=\"https:\/\/github.com\/aa65535\/openwrt-dist-luci\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/aa65535\/openwrt-dist-luci<\/a><\/p>\n<h3>dnsmasq<\/h3>\n<p>openWRT\u81ea\u5e26, \u65e0\u9700\u81ea\u884c\u4e0b\u8f7d\u5b89\u88c5.<br \/>\n<strong>GitHub<\/strong>:\u00a0<a href=\"https:\/\/github.com\/aa65535\/openwrt-dnsmasq\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/aa65535\/openwrt-dnsmasq<\/a><\/p>\n<h2>Install<\/h2>\n<p>\u53bb\u8f6f\u4ef6\u9879\u76ee\u7684GitHub\u4e3b\u9875 -&gt; Releases\u4e0b\u9762\u4e0b\u8f7d\u7f16\u8bd1\u597d\u7684ipk, \u5982\u679c\u6ca1\u6709\u7b26\u5408\u7684\u81ea\u5df1CPU\u67b6\u6784\u7684\u5305, \u5219\u9700\u8981\u81ea\u5df1\u4e0b\u8f7dopenWRT\u7684SDK\u8fdb\u884c\u7f16\u8bd1, \u5177\u4f53\u7684\u6559\u7a0b\u5404\u4e2a\u4e3b\u9875\u4e0a\u6709.<br \/>\n\u67e5\u770bCPU\u67b6\u6784\u7684\u547d\u4ee4\u00a0<code>opkg print-architecture<\/code>:<\/p>\n<figure class=\"code\"><figcaption><\/figcaption><div class=\"highlight\">\n<table>\n<tbody>\n<tr>\n<td class=\"gutter\">\n<pre class=\"line-numbers\"><span class=\"line-number\">1<\/span>\r\n<span class=\"line-number\">2<\/span>\r\n<span class=\"line-number\">3<\/span>\r\n<span class=\"line-number\">4<\/span>\r\n<span class=\"line-number\">5<\/span>\r\n<\/pre>\n<\/td>\n<td class=\"code\">\n<pre><code class=\"bash\"><span class=\"line\">root@OpenWrt:~# opkg print-architecture\r\n<\/span><span class=\"line\">arch all 1\r\n<\/span><span class=\"line\">arch noarch 1\r\n<\/span><span class=\"line\">arch mipsel_24kc 10\r\n<\/span><span class=\"line\">root@OpenWrt:~#\r\n<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/figure>\n<p>\u4e0b\u8f7d\u5b8c\u6210\u6709\u4e24\u79cd\u65b9\u5f0f\u5b89\u88c5<br \/>\n\u65b9\u5f0f\u4e00(\u5efa\u8bae): \u901a\u8fc7web\u4f7f\u7528luci\u5b89\u88c5: \u8def\u5f84: \u7cfb\u7edf -&gt; Software -&gt; Upload Package\u2026 -&gt; Install<\/p>\n<p>\u65b9\u5f0f\u4e8c: \u76f4\u63a5\u5728\u7ebf\u901a\u8fc7opkg\u547d\u4ee4\u6765\u5b89\u88c5(\u6ce8\u610f\u4f7f\u7528\u65b9\u5f0f\u9700\u8981\u63d0\u524d\u66f4\u65b0\u597d\u8f6f\u4ef6\u6e90,\u00a0<code>opkg update<\/code>):<\/p>\n<figure class=\"code\"><figcaption><\/figcaption><div class=\"highlight\">\n<table>\n<tbody>\n<tr>\n<td class=\"gutter\">\n<pre class=\"line-numbers\"><span class=\"line-number\">1<\/span>\r\n<\/pre>\n<\/td>\n<td class=\"code\">\n<pre><code class=\"bash\"><span class=\"line\">opkg install luci-compat\r\n<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/figure>\n<h2>Config<\/h2>\n<h3>\u65b9\u5f0f\u4e00, \u4f7f\u7528luci\u6765\u914d\u7f6e<\/h3>\n<p>\u767b\u5f55luci.<\/p>\n<ol>\n<li>\u914d\u7f6ess-server<br \/>\n<code>\u670d\u52a1<\/code>\u00a0-&gt;\u00a0<code>\u5f71\u68ad<\/code>\u00a0-&gt;\u00a0<code>\u670d\u52a1\u5668\u7ba1\u7406<\/code>, \u6dfb\u52a0\u81ea\u5df1\u7684shadowsocks server<\/li>\n<li>\u914d\u7f6ednsmasq\n<ul>\n<li><code>\u7f51\u7edc<\/code>\u00a0-&gt;\u00a0<code>DHCP\/DNS<\/code>\u00a0-&gt;\u00a0<code>\u5e38\u89c4\u8bbe\u7f6e<\/code>\u00a0-&gt;\u00a0<code>\u672c\u5730\u670d\u52a1\u5668<\/code>, \u8bbe\u7f6e\u4e3a\u00a0<code>127.0.0.1#5353<\/code><\/li>\n<li><code>\u7f51\u7edc<\/code>\u00a0-&gt;\u00a0<code>DHCP\/DNS<\/code>\u00a0-&gt;\u00a0<code>HOSTS\u548c\u89e3\u6790\u6587\u4ef6<\/code>, \u52fe\u9009:\u00a0<code>\u5ffd\u7565\u89e3\u6790\u6587\u4ef6<\/code><\/li>\n<\/ul>\n<\/li>\n<li>\u914d\u7f6eChinaDNS<br \/>\n<code>\u670d\u52a1<\/code>\u00a0-&gt;\u00a0<code>ChinaDNS<\/code><br \/>\n\u76d1\u542c\u7aef\u53e3:\u00a0<code>5353<\/code><br \/>\n\u4e0a\u6e38\u670d\u52a1\u5668\u4fee\u6539\u4e3a:\u00a0<code>114.114.114.114,127.0.0.1#5300<\/code><br \/>\n\u8fd9\u6837<code>\u56fd\u5185DNS<\/code>:\u00a0<code>114.114.114.114<\/code>,\u00a0<code>\u53ef\u4fe1DNS<\/code>:\u00a0<code>127.0.0.1#5353<\/code>, \u52fe\u9009\u00a0<code>\u542f\u7528<\/code>, \u4fdd\u5b58\u8bbe\u7f6e<\/li>\n<li>\u914d\u7f6edns-forwarder<br \/>\n<code>\u670d\u52a1<\/code>\u00a0-&gt;\u00a0<code>DNS\u8f6c\u53d1<\/code><br \/>\n\u76d1\u542c\u7aef\u53e3:\u00a0<code>5300<\/code>\u00a0\u76d1\u542c\u5730\u5740:\u00a0<code>0.0.0.0<\/code><br \/>\n\u4e0a\u6e38 DNS:\u00a0<code>8.8.8.8<\/code>\u00a0\u52fe\u9009,\u00a0<code>\u542f\u7528<\/code>\u00a0\u4fdd\u5b58<\/li>\n<li>\u914d\u7f6eshadowsocks \u900f\u660e\u4ee3\u7406 + \u8bbf\u95ee\u63a7\u5236<br \/>\n<code>\u670d\u52a1<\/code>\u00a0-&gt;\u00a0<code>\u5f71\u68ad<\/code>\u00a0-&gt;\u00a0<code>\u5e38\u89c4\u8bbe\u7f6e<\/code>\u00a0-&gt;\u00a0<code>\u900f\u660e\u4ee3\u7406<\/code><br \/>\n<code>\u4e3b\u670d\u52a1\u5668<\/code>, \u9009\u62e9setp1\u4e2d\u914d\u7f6e\u7684ss-server, \u4fdd\u5b58.<br \/>\n<code>\u670d\u52a1<\/code>-&gt;\u00a0<code>\u5f71\u68ad<\/code>\u00a0-&gt;\u00a0<code>\u5e38\u89c4\u8bbe\u7f6e<\/code>\u00a0-&gt;\u00a0<code>\u8bbf\u95ee\u63a7\u5236<\/code>-&gt;\u00a0<code>\u5916\u7f51\u533a\u57df<\/code><br \/>\n<code>\u88ab\u5ffd\u7565IP\u5217\u8868<\/code>, \u9009\u62e9\u00a0<code>ChinaDNS\u8def\u7531\u8868<\/code>, \u4fdd\u5b58\u8bbe\u7f6e. \u6ce8\u610f\u8fd9\u91cc\u7684\u4f18\u5148\u7ea7: (\u8d70\u4ee3\u7406IP\u5217\u8868 = \u5f3a\u5236\u8d70\u4ee3\u7406IP) &gt; (\u989d\u5916\u88ab\u5ffd\u7565IP = \u88ab\u5ffd\u7565IP\u5217\u8868)<\/li>\n<li><code>\u4fdd\u5b58\u5e76\u5e94\u7528<\/code>\u00a0\u6240\u6709\u914d\u7f6e, reboot openWRT<\/li>\n<\/ol>\n<h3>\u65b9\u5f0f\u4e8c, \u76f4\u63a5\u7f16\u8f91\/etc\/config\u76ee\u5f55\u4e0b\u7684\u6587\u4ef6<\/h3>\n<p>\u8bfe\u5916\u9605\u8bfb: UCI System\u00a0<a href=\"https:\/\/oldwiki.archive.openwrt.org\/doc\/uci\" target=\"_blank\" rel=\"noopener\">UCI system<\/a><\/p>\n<blockquote><p>The abbreviation UCI stands for Unified Configuration Interface and is intended to centralize the configuration of OpenWrt.<\/p><\/blockquote>\n<h4>\/etc\/config\/shadowsocks<\/h4>\n<figure class=\"code\"><figcaption><\/figcaption><div class=\"highlight\">\n<table>\n<tbody>\n<tr>\n<td class=\"gutter\">\n<pre class=\"line-numbers\"><span class=\"line-number\">1<\/span>\r\n<span class=\"line-number\">2<\/span>\r\n<span class=\"line-number\">3<\/span>\r\n<span class=\"line-number\">4<\/span>\r\n<span class=\"line-number\">5<\/span>\r\n<span class=\"line-number\">6<\/span>\r\n<span class=\"line-number\">7<\/span>\r\n<span class=\"line-number\">8<\/span>\r\n<span class=\"line-number\">9<\/span>\r\n<span class=\"line-number\">10<\/span>\r\n<span class=\"line-number\">11<\/span>\r\n<span class=\"line-number\">12<\/span>\r\n<span class=\"line-number\">13<\/span>\r\n<span class=\"line-number\">14<\/span>\r\n<span class=\"line-number\">15<\/span>\r\n<span class=\"line-number\">16<\/span>\r\n<span class=\"line-number\">17<\/span>\r\n<span class=\"line-number\">18<\/span>\r\n<span class=\"line-number\">19<\/span>\r\n<span class=\"line-number\">20<\/span>\r\n<span class=\"line-number\">21<\/span>\r\n<span class=\"line-number\">22<\/span>\r\n<span class=\"line-number\">23<\/span>\r\n<span class=\"line-number\">24<\/span>\r\n<span class=\"line-number\">25<\/span>\r\n<span class=\"line-number\">26<\/span>\r\n<span class=\"line-number\">27<\/span>\r\n<span class=\"line-number\">28<\/span>\r\n<span class=\"line-number\">29<\/span>\r\n<span class=\"line-number\">30<\/span>\r\n<span class=\"line-number\">31<\/span>\r\n<span class=\"line-number\">32<\/span>\r\n<span class=\"line-number\">33<\/span>\r\n<span class=\"line-number\">34<\/span>\r\n<span class=\"line-number\">35<\/span>\r\n<span class=\"line-number\">36<\/span>\r\n<\/pre>\n<\/td>\n<td class=\"code\">\n<pre><code class=\"bash\"><span class=\"line\">root@OpenWrt:~# cat \/etc\/config\/shadowsocks\r\n<\/span>\r\n<span class=\"line\">config general\r\n<\/span><span class=\"line\">  option startup_delay <span class=\"s1\">'0'<\/span>\r\n<\/span>\r\n<span class=\"line\">config transparent_proxy\r\n<\/span><span class=\"line\">  option udp_relay_server <span class=\"s1\">'nil'<\/span>\r\n<\/span><span class=\"line\">  option local_port <span class=\"s1\">'1234'<\/span>\r\n<\/span><span class=\"line\">  option mtu <span class=\"s1\">'1492'<\/span>\r\n<\/span><span class=\"line\">  list main_server <span class=\"s1\">'cfg054a8f'<\/span>\r\n<\/span>\r\n<span class=\"line\">config socks5_proxy\r\n<\/span><span class=\"line\">  option local_port <span class=\"s1\">'1080'<\/span>\r\n<\/span><span class=\"line\">  option mtu <span class=\"s1\">'1492'<\/span>\r\n<\/span><span class=\"line\">  list server <span class=\"s1\">'nil'<\/span>\r\n<\/span>\r\n<span class=\"line\">config port_forward\r\n<\/span><span class=\"line\">  option local_port <span class=\"s1\">'5300'<\/span>\r\n<\/span><span class=\"line\">  option mtu <span class=\"s1\">'1492'<\/span>\r\n<\/span><span class=\"line\">  option destination <span class=\"s1\">'8.8.8.8:53'<\/span>\r\n<\/span><span class=\"line\">  list server <span class=\"s1\">'nil'<\/span>\r\n<\/span>\r\n<span class=\"line\">config servers\r\n<\/span><span class=\"line\">  option fast_open <span class=\"s1\">'0'<\/span>\r\n<\/span><span class=\"line\">  option no_delay <span class=\"s1\">'0'<\/span>\r\n<\/span><span class=\"line\">  option timeout <span class=\"s1\">'60'<\/span>\r\n<\/span><span class=\"line\">  option server <span class=\"s1\">'\u670d\u52a1\u5668\u5730\u5740,\u6ce8\u610fluci\u4e0b\u8fd9\u91cc\u53ea\u80fd\u662fip'<\/span>\r\n<\/span><span class=\"line\">  option server_port <span class=\"s1\">'\u7aef\u53e3'<\/span>\r\n<\/span><span class=\"line\">  option password <span class=\"s1\">'\u5bc6\u7801'<\/span>\r\n<\/span><span class=\"line\">  option encrypt_method <span class=\"s1\">'\u52a0\u5bc6\u65b9\u5f0f'<\/span>\r\n<\/span><span class=\"line\">  option <span class=\"nb\">alias<\/span> <span class=\"s1\">'ss\u670d\u52a1\u522b\u540d'<\/span>\r\n<\/span>\r\n<span class=\"line\">config access_control\r\n<\/span><span class=\"line\">  option self_proxy <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">  option lan_target <span class=\"s1\">'SS_SPEC_WAN_AC'<\/span>\r\n<\/span><span class=\"line\">  option wan_bp_list <span class=\"s1\">'\/etc\/chinadns_chnroute.txt'<\/span>\r\n<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/figure>\n<p>&nbsp;<\/p>\n<h4>\/etc\/config\/dhcp<\/h4>\n<figure class=\"code\"><figcaption><\/figcaption><div class=\"highlight\">\n<table>\n<tbody>\n<tr>\n<td class=\"gutter\">\n<pre class=\"line-numbers\"><span class=\"line-number\">1<\/span>\r\n<span class=\"line-number\">2<\/span>\r\n<span class=\"line-number\">3<\/span>\r\n<span class=\"line-number\">4<\/span>\r\n<span class=\"line-number\">5<\/span>\r\n<span class=\"line-number\">6<\/span>\r\n<span class=\"line-number\">7<\/span>\r\n<span class=\"line-number\">8<\/span>\r\n<span class=\"line-number\">9<\/span>\r\n<span class=\"line-number\">10<\/span>\r\n<span class=\"line-number\">11<\/span>\r\n<span class=\"line-number\">12<\/span>\r\n<span class=\"line-number\">13<\/span>\r\n<span class=\"line-number\">14<\/span>\r\n<span class=\"line-number\">15<\/span>\r\n<span class=\"line-number\">16<\/span>\r\n<\/pre>\n<\/td>\n<td class=\"code\">\n<pre><code class=\"bash\"><span class=\"line\">root@OpenWrt:~# cat \/etc\/config\/dhcp\r\n<\/span>\r\n<span class=\"line\">config dnsmasq\r\n<\/span><span class=\"line\">  option domainneeded <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">  option localise_queries <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">  option rebind_protection <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">  option rebind_localhost <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">  option domain <span class=\"s1\">'lan'<\/span>\r\n<\/span><span class=\"line\">  option expandhosts <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">  option authoritative <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">  option readethers <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">  option leasefile <span class=\"s1\">'\/tmp\/dhcp.leases'<\/span>\r\n<\/span><span class=\"line\">  option localservice <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">  option <span class=\"nb\">local<\/span> <span class=\"s1\">'127.0.0.1#5353'<\/span>\r\n<\/span><span class=\"line\">  option noresolv <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">...\r\n<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/figure>\n<h4>\/etc\/config\/chinadns<\/h4>\n<figure class=\"code\"><figcaption><\/figcaption><div class=\"highlight\">\n<table>\n<tbody>\n<tr>\n<td class=\"gutter\">\n<pre class=\"line-numbers\"><span class=\"line-number\">1<\/span>\r\n<span class=\"line-number\">2<\/span>\r\n<span class=\"line-number\">3<\/span>\r\n<span class=\"line-number\">4<\/span>\r\n<span class=\"line-number\">5<\/span>\r\n<span class=\"line-number\">6<\/span>\r\n<span class=\"line-number\">7<\/span>\r\n<span class=\"line-number\">8<\/span>\r\n<span class=\"line-number\">9<\/span>\r\n<\/pre>\n<\/td>\n<td class=\"code\">\n<pre><code class=\"bash\"><span class=\"line\">root@OpenWrt:~# cat \/etc\/config\/chinadns\r\n<\/span>\r\n<span class=\"line\">config chinadns\r\n<\/span><span class=\"line\">  option chnroute <span class=\"s1\">'\/etc\/chinadns_chnroute.txt'<\/span>\r\n<\/span><span class=\"line\">  option addr <span class=\"s1\">'0.0.0.0'<\/span>\r\n<\/span><span class=\"line\">  option port <span class=\"s1\">'5353'<\/span>\r\n<\/span><span class=\"line\">  option bidirectional <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">  option server <span class=\"s1\">'114.114.114.114,127.0.0.1#5300'<\/span>\r\n<\/span><span class=\"line\">  option <span class=\"nb\">enable<\/span> <span class=\"s1\">'1'<\/span>\r\n<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/figure>\n<h4>\/etc\/config\/dns-forwarder<\/h4>\n<figure class=\"code\"><figcaption><\/figcaption><div class=\"highlight\">\n<table>\n<tbody>\n<tr>\n<td class=\"gutter\">\n<pre class=\"line-numbers\"><span class=\"line-number\">1<\/span>\r\n<span class=\"line-number\">2<\/span>\r\n<span class=\"line-number\">3<\/span>\r\n<span class=\"line-number\">4<\/span>\r\n<span class=\"line-number\">5<\/span>\r\n<span class=\"line-number\">6<\/span>\r\n<span class=\"line-number\">7<\/span>\r\n<\/pre>\n<\/td>\n<td class=\"code\">\n<pre><code class=\"bash\"><span class=\"line\">root@OpenWrt:~# cat \/etc\/config\/dns-forwarder\r\n<\/span>\r\n<span class=\"line\">config dns-forwarder\r\n<\/span><span class=\"line\">  option listen_addr <span class=\"s1\">'0.0.0.0'<\/span>\r\n<\/span><span class=\"line\">  option listen_port <span class=\"s1\">'5300'<\/span>\r\n<\/span><span class=\"line\">  option <span class=\"nb\">enable<\/span> <span class=\"s1\">'1'<\/span>\r\n<\/span><span class=\"line\">  option dns_servers <span class=\"s1\">'8.8.8.8'<\/span>\r\n<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/figure>\n<p>\u9a8c\u8bc1\u914d\u7f6e\u662f\u5426\u751f\u6548<\/p>\n<figure class=\"code\"><figcaption><\/figcaption><div class=\"highlight\">\n<table>\n<tbody>\n<tr>\n<td class=\"gutter\">\n<pre class=\"line-numbers\"><span class=\"line-number\">1<\/span>\r\n<span class=\"line-number\">2<\/span>\r\n<span class=\"line-number\">3<\/span>\r\n<span class=\"line-number\">4<\/span>\r\n<span class=\"line-number\">5<\/span>\r\n<span class=\"line-number\">6<\/span>\r\n<span class=\"line-number\">7<\/span>\r\n<span class=\"line-number\">8<\/span>\r\n<span class=\"line-number\">9<\/span>\r\n<span class=\"line-number\">10<\/span>\r\n<span class=\"line-number\">11<\/span>\r\n<span class=\"line-number\">12<\/span>\r\n<span class=\"line-number\">13<\/span>\r\n<span class=\"line-number\">14<\/span>\r\n<span class=\"line-number\">15<\/span>\r\n<span class=\"line-number\">16<\/span>\r\n<span class=\"line-number\">17<\/span>\r\n<span class=\"line-number\">18<\/span>\r\n<span class=\"line-number\">19<\/span>\r\n<\/pre>\n<\/td>\n<td class=\"code\">\n<pre><code class=\"bash\"><span class=\"line\">root@OpenWrt:~# netstat -lpn <span class=\"p\">|<\/span> grep ss\r\n<\/span><span class=\"line\">Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID\/Program name\r\n<\/span><span class=\"line\">tcp        <span class=\"m\">0<\/span>      <span class=\"m\">0<\/span> 0.0.0.0:1234            0.0.0.0:*               LISTEN      13469\/ss-redir\r\n<\/span><span class=\"line\">root@OpenWrt:~# netstat -lpn <span class=\"p\">|<\/span> grep 5353\r\n<\/span><span class=\"line\">udp        <span class=\"m\">0<\/span>      <span class=\"m\">0<\/span> 0.0.0.0:5353            0.0.0.0:*                           1438\/chinadns\r\n<\/span><span class=\"line\">root@OpenWrt:~# netstat -lpn <span class=\"p\">|<\/span> grep 5300\r\n<\/span><span class=\"line\">udp        <span class=\"m\">0<\/span>      <span class=\"m\">0<\/span> 0.0.0.0:5300            0.0.0.0:*                           12993\/dns-forwarder\r\n<\/span><span class=\"line\">root@OpenWrt:~# netstat -lpn <span class=\"p\">|<\/span> grep 53\r\n<\/span><span class=\"line\">tcp        <span class=\"m\">0<\/span>      <span class=\"m\">0<\/span> 127.0.0.1:53            0.0.0.0:*               LISTEN      2254\/dnsmasq\r\n<\/span><span class=\"line\">...\r\n<\/span>\r\n<span class=\"line\">root@OpenWrt:~# nslookup google.com 127.0.0.1#5353\r\n<\/span><span class=\"line\">Server:       127.0.0.1\r\n<\/span><span class=\"line\">Address:  127.0.0.1#5353\r\n<\/span>\r\n<span class=\"line\">Name:      google.com\r\n<\/span><span class=\"line\">Address 1: 142.250.72.238\r\n<\/span><span class=\"line\">Address 2: 2607:f8b0:4007:80d::200e\r\n<\/span><span class=\"line\">root@OpenWrt:~#\r\n<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/figure>\n<h2>Issues<\/h2>\n<ul>\n<li>luci-app-shadowsocks \u4e0d\u652f\u6301domain\u7684\u65b9\u5f0f\u914d\u7f6ess-server, \u9700\u8981\u4f7f\u7528IP\u5730\u5740<\/li>\n<\/ul>\n<h2>Link<\/h2>\n<p><a href=\"https:\/\/www.youtube.com\/watch?v=2SPQYsMmltE&amp;t=317s\" target=\"_blank\" rel=\"noopener\">https:\/\/www.youtube.com\/watch?v=2SPQYsMmltE&amp;t=317s<\/a>\u00a0&#8211; \u5341\u5e74\u8001\u7a0b openwrt shadowsocks\u5b89\u88c5\u914d\u7f6e\u5bf9\u5e94\u7684\u89c6\u9891\u6559\u7a0b\u00a0<a href=\"http:\/\/snlcw.com\/305.html\" target=\"_blank\" rel=\"noopener\">http:\/\/snlcw.com\/305.html<\/a>\u00a0&#8211; \u4e0a\u8ff0\u6559\u7a0b\u5bf9\u5e94\u7684blog\u5730\u5740.\u00a0<a href=\"https:\/\/www.youtube.com\/channel\/UCgo7XWK6MQBgKt0gBI6x3CA\/videos\" target=\"_blank\" rel=\"noopener\">https:\/\/www.youtube.com\/channel\/UCgo7XWK6MQBgKt0gBI6x3CA\/videos<\/a>\u00a0&#8211; \u5341\u5e74\u8001\u7a0b\u7684Youtube\u4e13\u680f\uff0c\u91cc\u9762\u6709\u5404\u79cd\u79d1\u5b66\u4e0a\u7f51\u7684\u89c6\u9891\u6559\u7a0b.\u00a0<a href=\"https:\/\/openwrt.org\/docs\/guide-user\/base-system\/dhcp_configuration\" target=\"_blank\" rel=\"noopener\">https:\/\/openwrt.org\/docs\/guide-user\/base-system\/dhcp_configuration<\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u672c\u6587\u4e3b\u8981\u8bb0\u5f55\u5728openWRT\u4e0b\u5b89\u88c5\u548c\u914d\u7f6eshadowsocks\u7684\u7b80\u8981\u8fc7\u7a0b\uff0c\u4fbf\u4e8e\u65e5\u540e\u67e5\u627e\u548c\u5907\u5fd8\u3002\u6210\u529f\u5b89\u88c5\u540e\u53ef\u4ee5\u5b9e\u73b0\u900f\u660e\u4ee3\u7406\uff0c\u5206\u6d41\u548c\u9632DNS\u6c61\u67d3\u3002 Environment \u8def\u7531\u5668\u578b\u53f7\uff1aYouHua WR1200JS \u56fa\u4ef6\u7248\u672c\uff1aOpenWrt 19.07.4 r11208-ce6496d796 \/ LuCI openwrt-19.07 branch git-21.054.03371-3b137b5 \u62d3\u6251\u56fe+\u5de5\u4f5c\u539f\u7406 dnsmasq\u662fopenwrt\u81ea\u5e26\u7684\u4e00\u4e2a\u8f6f\u4ef6\uff0c\u63d0\u4f9bdns\u7f13\u5b58\uff0cdhcp\u7b49\u529f\u80fd\u3002dnsmasq\u4f1a\u5c06dns\u67e5\u8be2\u6570\u636e\u5305\u8f6c\u53d1\u7ed9chinadns\u3002 chinadns\u7684\u4e0a\u6e38DNS\u670d\u52a1\u5668\u6709\u4e24\u4e2a\uff0c\u4e00\u4e2a\u662f\u56fd\u5185DNS\uff0c\u4e00\u4e2a\u662f\u53ef\u4fe1DNS\uff08\u56fd\u5916DNS\uff09\u3002 chinadns\u4f1a\u540c\u65f6\u5411\u4e0a\u6e38\u7684DNS\u53d1\u9001\u8bf7\u6c42 \u5982\u679c\u53ef\u4fe1DNS\u5148\u8fd4\u56de, \u5219\u76f4\u63a5\u91c7\u7528\u53ef\u4fe1DNS\u7684\u7ed3\u679c \u5982\u679c\u56fd\u5185DNS\u5148\u8fd4\u56de, \u5206\u4e24\u79cd\u60c5\u51b5: \u5982\u679c\u8fd4\u56de\u7684\u7ed3\u679c\u662f\u56fd\u5185IP,\u5219\u91c7\u7528;\u5426\u5219\u4e22\u5f03\u5e76\u7b49\u5f85\u91c7\u7528\u53ef\u4fe1DNS\u7684\u7ed3\u679c 3.dns-forwarder \u652f\u6301DNS TCP\u67e5\u8be2, \u5982\u679cISP\u7684UDP\u4e0d\u7a33\u5b9a, \u4e22\u5305\u4e25\u91cd,\u53ef\u4ee5\u4f7f\u7528dns-forwarder\u6765\u4ee3\u66ffss-tunnel\u6765\u8fdb\u884cDNS\u67e5\u8be2. 4.shadowsocks \u7528\u4e8e\u8f6c\u53d1\u6570\u636e\u5305, \u79d1\u5b66\u4e0a\u7f51. \u5173\u4e8eshadowsocks\u7684\u79d1\u666e\u6587\u7ae0\u53ef\u67e5\u770b\u8fd9\u91cc:\u00a0https:\/\/www.css3er.com\/p\/107.html \u76f8\u5173\u7684ipk\u8f6f\u4ef6\u5305\u4e0b\u8f7d\u5730\u5740 ipk\u8f6f\u4ef6\u5305\u96c6\u5408, \u4e0d\u540c\u7684CPU\u67b6\u6784\u9700\u8981\u4f7f\u7528\u4e0d\u540c\u7684\u8f6f\u4ef6\u5305, CPU\u67b6\u6784\u662fmipsel_24kc\u7684\u8bdd, \u53ef\u4ee5\u96c6\u4e2d\u4ece\u8fd9\u91cc\u4e0b\u8f7d. \u94fe\u63a5:\u00a0https:\/\/pan.baidu.com\/s\/14QDoTLqw-SEBZvQVQeVgvA\u00a0\u63d0\u53d6\u7801: ugsc \u5176\u5b83\u7684CPU\u67b6\u6784, \u53ef\u4ee5\u53bbGitHub\u4e3b\u9875 -&gt; Releases\u4e0b\u8f7d\u522b\u4eba\u5df2\u7ecf\u7f16\u8bd1\u597d\u7684\u8f6f\u4ef6\u5305, \u5982\u679c\u6ca1\u6709, \u53ea\u80fd\u81ea\u5df1\u4e0b\u8f7dopenWRT\u7684SDK, \u81ea\u5df1\u8fdb\u884c\u7f16\u8bd1. shadowsocks-libev_3.3.5-1_mipsel_24kc.ipk shadowsocks-libev-server_3.3.5-1_mipsel_24kc.ipk ChinaDNS_1.3.3-1_mipsel_24kc.ipk dns-forwarder_1.2.1-2_mipsel_24kc.ipk luci-compat luci-app-shadowsocks-without-ipset_1.9.1-1_all.ipk luci-app-chinadns_1.6.2-1_all.ipk luci-app-dns-forwarder_1.6.2-1_all.ipk \u94fe\u63a5:\u00a0https:\/\/pan.baidu.com\/s\/14QDoTLqw-SEBZvQVQeVgvA\u00a0\u63d0\u53d6\u7801: ugsc openwrt-shadowsocks &hellip; <a href=\"https:\/\/www.strongd.net\/?p=1642\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">OpenWRT\u4e0b\u5b89\u88c5\u548c\u914d\u7f6eshadowsocks<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,35,5],"tags":[258],"class_list":["post-1642","post","type-post","status-publish","format-standard","hentry","category-linux","category-35","category-5","tag-openwrt"],"_links":{"self":[{"href":"https:\/\/www.strongd.net\/index.php?rest_route=\/wp\/v2\/posts\/1642","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.strongd.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.strongd.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.strongd.net\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.strongd.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1642"}],"version-history":[{"count":1,"href":"https:\/\/www.strongd.net\/index.php?rest_route=\/wp\/v2\/posts\/1642\/revisions"}],"predecessor-version":[{"id":1643,"href":"https:\/\/www.strongd.net\/index.php?rest_route=\/wp\/v2\/posts\/1642\/revisions\/1643"}],"wp:attachment":[{"href":"https:\/\/www.strongd.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1642"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.strongd.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1642"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.strongd.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1642"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}