A package of shadowsocks for OpenWrt
A package of shadowsocks for OpenWrt
This is a OpenWrt's package description for shadowsocks-libev
Download OpenWrt source from dev or SDK from downloads. And go to the root of the SDK or source. e.g.:
[OpenWrt-SDK]$ ls -l total 76 -rw-r--r-- 1 haohaolee users 32 Aug 16 2011 Config.in drwxr-xr-x 2 haohaolee users 4096 Dec 30 03:16 dl drwxr-xr-x 2 haohaolee users 4096 Nov 26 11:41 docs -rw-r--r-- 1 haohaolee users 567 Nov 26 19:03 feeds.conf.default drwxr-xr-x 3 haohaolee users 4096 Nov 26 19:03 include -rw-r--r-- 1 haohaolee users 17992 Aug 16 2011 LICENSE -rw-r--r-- 1 haohaolee users 1161 Aug 16 2011 Makefile drwxr-xr-x 4 haohaolee users 4096 Dec 28 18:12 package -rw-r--r-- 1 haohaolee users 337 Aug 16 2011 README.SDK -rw-r--r-- 1 haohaolee users 9563 Nov 26 11:41 rules.mk drwxr-xr-x 4 haohaolee users 4096 Nov 26 11:41 scripts drwxr-xr-x 5 haohaolee users 4096 Nov 26 19:03 staging_dir drwxr-xr-x 3 haohaolee users 4096 Nov 26 19:03 target[OpenWrt-SDK]$ git clone https://github.com/madeye/shadowsocks-openwrt.git package/shadowsocks-openwrt ... [OpenWrt-SDK]$ make package/shadowsocks-openwrt/shadowsocks-libev/compile ...
Finally find your package in dir bin
You can download the latest prebuilt packages from http://buildbot.sinaapp.com. Currently, we only provide prebuilt packages for ar71xx and bcm47xx platforms.
Log into OpenWrt via SSH and edit the config file
/etc/config/shadowsocks.json. Then start the service like this:
[email protected]:~# /etc/init.d/shadowsocks start # start the daemon [email protected]:~# /etc/init.d/shadowsocks enable # enable startup at boot
The latest shadowsocks-libev has provided a transparent mode. You can configure your router with IPTABLES to proxy all tcp traffic transparently.
# Create new chain [email protected]:~# iptables -t nat -N SHADOWSOCKSIgnore your shadowsocks server's addresses
It's very IMPORTANT, just be careful.
[email protected]:~# iptables -t nat -A SHADOWSOCKS -d 123.123.123.123 -j RETURN
Ignore LANs and any other addresses you'd like to bypass the proxy
See Wikipedia and RFC5735 for full list of reserved networks.
See ashi009/bestroutetb for a highly optimized CHN route list.
[email protected]:
# iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN [email protected]:# iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN [email protected]:# iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN [email protected]:# iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN [email protected]:# iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN [email protected]:# iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN [email protected]:# iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN [email protected]:# iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURNAnything else should be redirected to shadowsocks's local port
[email protected]:~# iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
Apply the rules
[email protected]:~# iptables -t nat -A OUTPUT -p tcp -j SHADOWSOCKS
Start the shadowsocks-redir
[email protected]:~# ss-redir -c /etc/config/shadowsocks.json -f /var/run/shadowsocks.pid