RT-N16+tomato shibby+entware+shadowsock科學上網

幾個月前post過, 不過沉咗落深海, 見近嚟多人問點搞shadowsock, 又撈返上嚟另外開新貼比各位ching參考吓.

另外見唔少ching都用merlin / koolshare 玩[一鍵安裝]ss server, 小弟建議有能力者最好自己用putty command line 裝entware-ng + ss server, 咁你至少知道自己裝咗D乜嘢喺個router喥, 你喺強国想天元突破返回自由世界上網, 但係個ss server 就用支国魔改merlin的firmware, 係就係好方便, 但你點知佢有冇送多D額外嘢比大家一齊用呢? 小弟就唔想比人通後門啦.

舊文如下:
簡單講吓點搞RT-N16+tomato shibby+entware+shadowsock科學上網,詳細請去問問google大神, 爬吓文.

1. tomato shibby setup
flash 最新版本的 tomato shibby, Asus RT-N16要用K26 RT-N5x-MIPSR2 mega VPN / AIO, 最新是build 138, 已內置PPTP/Openvpn 和tranmission
到router web gui / admin, enable ssh at port 22, enable jffs, format/erase jffs, save & apply, restart router, 之後會見到jffs status = loaded, free size =21MB
(而家D新出router的flash rom應該會有更大的空間啩?)

2. entware-ng / ss lib install
google大神找到的entware-ng setup都要叫你裝到USB手指上, 又要partition/swap/mount....
https://gist.github.com/dferg/833aade513965d78b43d
其實唔駛咁 on 9, 可以直接裝到 router  的jffs flash 上面, asus n16 有32MB flash, 裝了tomato firmware後仲有21MB剩, 夠晒裝entware/ss lib
新版的tomato shibby已包含了entware-ng, entware-ng的package內已有shadowsocks-libev,
用putty login router,
把jffs/opt掛載到/opt:
cd /jffs
mkdir opt
mount -o bind /jffs/opt /opt
# install entware to /opt
cd /opt
entware-install.sh
#install shadowsocks to /opt
opkg update
opkg install shadowsocks-libev
之後去 /opt/bin, 就會見到一堆ss-server ss-local ss-redir 的東東
搞完一輪, jffs只是用了3MB左右

3 setup ss
上網爬文見到支国人setup SS, 又要ip table, chinadns 又要搞pac list... 睇真D原來佢哋都係喺GFW內的router搞ss client分流連線到海外買回來的SS號, 不過我哋是要把香港家中的router變成ss-server, 唔駛咁多9魚.
繼續係putty
cd /opt/etc
ls
你會見一個叫shadowsocks.json的東東
修改shadowsocks.json
vi shadowsocks.json
"server":"0.0.0.0",
"server_port":443,
"local_port":1080,
"password":"12345678",
"timeout":60,
"method":"aes-256-cfb"
(vi 是甚麼東東,唔識用又要問吓google大神)
如果係setup ss server, server ip=0.0.0.0, server port 可以自選, 不過ssl vpn嘛, 梗係用返443, 用咗443, 咁openvpn/ssh remote 就唔可以用443, 唔信可以試吓囉
local port 隨便, password 12345678 is an example only, pls set your own secret password, method 是加密方式, 其他方式可到ss 官網爬文: https://shadowsocks.org/en/config/quick-guide.html

4. setup router script:
進入最後直路, 返去router /admin / scripts
init script:
mount -o bind /jffs/opt /opt
ss-server -c /opt/etc/shadowsocks.json
(以後router一開機便自動執行ss-server)
firewall:
iptables -A INPUT -p tcp -s 0/0 --dport 443 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
(firewall要打開443 port, 先可以把街外ss client 連接到ss-server)
save and reboot router
跟住在PC win install ss client / iphone/ipad install shadowrocket
https://shadowsocks.org/en/download/clients.html
https://itunes.apple.com/hk/app/shadowrocket/id932747118?mt=8
server IP 就填番router的wan IP (唔係198.168.x.x), port =443 local port =1080 method = aes-256-cfb... 記得入番pwd
然後試吓用另一個network用vpn連返router, 如用4G/LTE, 又或是街外的wifi

咁樣放假喺屋企又有D嘢玩吓啦, 搞得掂仲會好有成功感添!

thank you師兄!
睇嚟我部n16嘅生命週期又可以繼續延長

TOP

好似好勁,但係連 firewall 都冇 ...

TOP

我用緊merlin都想裝entware(裝Transmission)
Entware同transmission係咪一樣可以裝係jffs度?

TOP

回覆 4# 蠢貓

flash 夠位entware / transmission / shadowsock 就可以裝喺jffs

TOP

高質文

TOP

堅勁, 但真系吾多明, 要再研究一下~~ THX

TOP

回覆  蠢貓

flash 夠位entware / transmission / shadowsock 就可以裝喺jffs
upi 發表於 2017-5-2 16:38

用緊ac68u!肯定夠!

TOP

堅勁, 要再研究一下~~ THX

TOP

幾個月前post過, 不過沉咗落深海, 見近嚟多人問點搞shadowsock, 又撈返上嚟另外開新貼比各位ching參考吓.

...
upi 發表於 2017-4-29 22:25



    因為係用opkg, 所以唔應該係start up script 加 ss-server -c ....
佢會係  /opt/etc/init.d/S22shadowsocks 入面set 好
要加既反而係  /opt/etc/init.d/rc.unslung 去 service start既script

TOP