本文发表在 rolia.net 枫下论坛"server":"0.0.0.0",
"server_port":443,
"local_port":1080,
"password":"12345678",
"timeout":60,
"method":"aes-256-cfb"
可试试改server的地址为你router上外网的地址。
RT-N16+tomato shibby+entware+shadowsock科學上網
<a href='https://abc.hkepc.com/www/d/ck.php?n=aeb38d6c&cb=INSERT_RANDOM_NUMBER_HERE' target='_blank'><img src='https://abc.hkepc.com/www/d/avw.php?zoneid=8&cb=INSERT_RANDOM_NUMBER_HERE&n=aeb38d6c&ct0=INSERT_CLICKURL_HERE' border='0' alt='' /></a>
幾個月前post過, 不過沉咗落深海, 見近嚟多人問點搞shadowsock, 又撈返上嚟另外開新貼比各位ching參考吓.
另外見唔少ching都用merlin / koolshare 玩[一鍵安裝]ss server, 小弟建議有能力者最好自己用putty command line 裝entware-ng + ss server, 咁你至少知道自己裝咗D乜嘢喺個router喥, 你喺強国想天元突破返回自由世界上網, 但係個ss server 就用支国魔改merlin的firmware, 係就係好方便, 但你點知佢有冇送多D額外嘢比大家一齊用呢? 小弟就唔想比人通後門啦.
舊文如下:
簡單講吓點搞RT-N16+tomato shibby+entware+shadowsock科學上網,詳細請去問問google大神, 爬吓文.
1. tomato shibby setup
flash 最新版本的 tomato shibby, Asus RT-N16要用K26 RT-N5x-MIPSR2 mega VPN / AIO, 最新是build 138, 已內置PPTP/Openvpn 和tranmission
到router web gui / admin, enable ssh at port 22, enable jffs, format/erase jffs, save & apply, restart router, 之後會見到jffs status = loaded, free size =21MB
(而家D新出router的flash rom應該會有更大的空間啩?)
2. entware-ng / ss lib install
google大神找到的entware-ng setup都要叫你裝到USB手指上, 又要partition/swap/mount....
https://gist.github.com/dferg/833aade513965d78b43d
其實唔駛咁 on 9, 可以直接裝到 router 的jffs flash 上面, asus n16 有32MB flash, 裝了tomato firmware後仲有21MB剩, 夠晒裝entware/ss lib
新版的tomato shibby已包含了entware-ng, entware-ng的package內已有shadowsocks-libev,
用putty login router,
把jffs/opt掛載到/opt:
cd /jffs
mkdir opt
mount -o bind /jffs/opt /opt
# install entware to /opt
cd /opt
entware-install.sh
#install shadowsocks to /opt
opkg update
opkg install shadowsocks-libev
之後去 /opt/bin, 就會見到一堆ss-server ss-local ss-redir 的東東
搞完一輪, jffs只是用了3MB左右
3 setup ss
上網爬文見到支国人setup SS, 又要ip table, chinadns 又要搞pac list... 睇真D原來佢哋都係喺GFW內的router搞ss client分流連線到海外買回來的SS號, 不過我哋是要把香港家中的router變成ss-server, 唔駛咁多9魚.
繼續係putty
cd /opt/etc
ls
你會見一個叫shadowsocks.json的東東
修改shadowsocks.json
vi shadowsocks.json
"server":"0.0.0.0",
"server_port":443,
"local_port":1080,
"password":"12345678",
"timeout":60,
"method":"aes-256-cfb"
(vi 是甚麼東東,唔識用又要問吓google大神)
如果係setup ss server, server ip=0.0.0.0, server port 可以自選, 不過ssl vpn嘛, 梗係用返443, 用咗443, 咁openvpn/ssh remote 就唔可以用443, 唔信可以試吓囉
local port 隨便, password 12345678 is an example only, pls set your own secret password, method 是加密方式, 其他方式可到ss 官網爬文: https://shadowsocks.org/en/config/quick-guide.html
4. setup router script:
進入最後直路, 返去router /admin / scripts
init script:
mount -o bind /jffs/opt /opt
ss-server -c /opt/etc/shadowsocks.json
(以後router一開機便自動執行ss-server)
firewall:
iptables -A INPUT -p tcp -s 0/0 --dport 443 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
(firewall要打開443 port, 先可以把街外ss client 連接到ss-server)
save and reboot router
跟住在PC win install ss client / iphone/ipad install shadowrocket
https://shadowsocks.org/en/download/clients.html
https://itunes.apple.com/hk/app/shadowrocket/id932747118?mt=8
server IP 就填番router的wan IP (唔係198.168.x.x), port =443 local port =1080 method = aes-256-cfb... 記得入番pwd
然後試吓用另一個network用vpn連返router, 如用4G/LTE, 又或是街外的wifi更多精彩文章及讨论,请光临枫下论坛 rolia.net
"server_port":443,
"local_port":1080,
"password":"12345678",
"timeout":60,
"method":"aes-256-cfb"
可试试改server的地址为你router上外网的地址。
RT-N16+tomato shibby+entware+shadowsock科學上網
<a href='https://abc.hkepc.com/www/d/ck.php?n=aeb38d6c&cb=INSERT_RANDOM_NUMBER_HERE' target='_blank'><img src='https://abc.hkepc.com/www/d/avw.php?zoneid=8&cb=INSERT_RANDOM_NUMBER_HERE&n=aeb38d6c&ct0=INSERT_CLICKURL_HERE' border='0' alt='' /></a>
幾個月前post過, 不過沉咗落深海, 見近嚟多人問點搞shadowsock, 又撈返上嚟另外開新貼比各位ching參考吓.
另外見唔少ching都用merlin / koolshare 玩[一鍵安裝]ss server, 小弟建議有能力者最好自己用putty command line 裝entware-ng + ss server, 咁你至少知道自己裝咗D乜嘢喺個router喥, 你喺強国想天元突破返回自由世界上網, 但係個ss server 就用支国魔改merlin的firmware, 係就係好方便, 但你點知佢有冇送多D額外嘢比大家一齊用呢? 小弟就唔想比人通後門啦.
舊文如下:
簡單講吓點搞RT-N16+tomato shibby+entware+shadowsock科學上網,詳細請去問問google大神, 爬吓文.
1. tomato shibby setup
flash 最新版本的 tomato shibby, Asus RT-N16要用K26 RT-N5x-MIPSR2 mega VPN / AIO, 最新是build 138, 已內置PPTP/Openvpn 和tranmission
到router web gui / admin, enable ssh at port 22, enable jffs, format/erase jffs, save & apply, restart router, 之後會見到jffs status = loaded, free size =21MB
(而家D新出router的flash rom應該會有更大的空間啩?)
2. entware-ng / ss lib install
google大神找到的entware-ng setup都要叫你裝到USB手指上, 又要partition/swap/mount....
https://gist.github.com/dferg/833aade513965d78b43d
其實唔駛咁 on 9, 可以直接裝到 router 的jffs flash 上面, asus n16 有32MB flash, 裝了tomato firmware後仲有21MB剩, 夠晒裝entware/ss lib
新版的tomato shibby已包含了entware-ng, entware-ng的package內已有shadowsocks-libev,
用putty login router,
把jffs/opt掛載到/opt:
cd /jffs
mkdir opt
mount -o bind /jffs/opt /opt
# install entware to /opt
cd /opt
entware-install.sh
#install shadowsocks to /opt
opkg update
opkg install shadowsocks-libev
之後去 /opt/bin, 就會見到一堆ss-server ss-local ss-redir 的東東
搞完一輪, jffs只是用了3MB左右
3 setup ss
上網爬文見到支国人setup SS, 又要ip table, chinadns 又要搞pac list... 睇真D原來佢哋都係喺GFW內的router搞ss client分流連線到海外買回來的SS號, 不過我哋是要把香港家中的router變成ss-server, 唔駛咁多9魚.
繼續係putty
cd /opt/etc
ls
你會見一個叫shadowsocks.json的東東
修改shadowsocks.json
vi shadowsocks.json
"server":"0.0.0.0",
"server_port":443,
"local_port":1080,
"password":"12345678",
"timeout":60,
"method":"aes-256-cfb"
(vi 是甚麼東東,唔識用又要問吓google大神)
如果係setup ss server, server ip=0.0.0.0, server port 可以自選, 不過ssl vpn嘛, 梗係用返443, 用咗443, 咁openvpn/ssh remote 就唔可以用443, 唔信可以試吓囉
local port 隨便, password 12345678 is an example only, pls set your own secret password, method 是加密方式, 其他方式可到ss 官網爬文: https://shadowsocks.org/en/config/quick-guide.html
4. setup router script:
進入最後直路, 返去router /admin / scripts
init script:
mount -o bind /jffs/opt /opt
ss-server -c /opt/etc/shadowsocks.json
(以後router一開機便自動執行ss-server)
firewall:
iptables -A INPUT -p tcp -s 0/0 --dport 443 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
(firewall要打開443 port, 先可以把街外ss client 連接到ss-server)
save and reboot router
跟住在PC win install ss client / iphone/ipad install shadowrocket
https://shadowsocks.org/en/download/clients.html
https://itunes.apple.com/hk/app/shadowrocket/id932747118?mt=8
server IP 就填番router的wan IP (唔係198.168.x.x), port =443 local port =1080 method = aes-256-cfb... 記得入番pwd
然後試吓用另一個network用vpn連返router, 如用4G/LTE, 又或是街外的wifi更多精彩文章及讨论,请光临枫下论坛 rolia.net