Awesome

ShadowsocksR-libev for OpenWrt

简介 ENGLISH README

本项目是 shadowsocksr-libev 在 OpenWrt 上的移植

特性

软件包只包含 shadowsocksr-libev 的可执行文件, 可与 luci-app-shadowsocksr 搭配使用
可编译两种版本

shadowsocksr-libev

客户端/
└── usr/
    └── bin/
        ├── ssr-local       // 提供 SOCKS 代理
        ├── ssr-redir       // 提供透明代理, 从 v2.2.0 开始支持 UDP
        └── ssr-tunnel      // 提供端口转发, 可用于 DNS 查询

编译

从 OpenWrt 的 SDK 编译

# 以 ar71xx 平台为例
tar xjf OpenWrt-SDK-ar71xx-for-linux-x86_64-gcc-4.8-linaro_uClibc-0.9.33.2.tar.bz2
cd OpenWrt-SDK-ar71xx-*
# 添加 feeds
git clone https://github.com/shadowsocks/openwrt-feeds.git package/feeds
# 获取 shadowsocks-libev Makefile
git clone https://github.com/chenhw2/openwrt-shadowsocksr.git package/feeds/shadowsocksr-libev
# 选择要编译的包 Network -> shadowsocks-libev
make menuconfig
# 开始编译
make package/shadowsocksr-libev/compile V=99

配置

软件包本身并不包含配置文件, 配置文件内容为 JSON 格式, 支持的键:

键名	数据类型	说明
server	字符串	服务器地址, 可以是 IP 或者域名
server_port	数值	服务器端口号, 小于 65535
local_address	字符串	本地绑定的 IP 地址, 默认 127.0.0.1
local_port	数值	本地绑定的端口号, 小于 65535
password	字符串	服务端设置的密码
method	字符串	加密方式, 详情参考
timeout	数值	超时时间（秒）, 默认 60
fast_open	布尔值	是否启用 TCP-Fast-Open, 只适用于 ssr-local
nofile	数值	设置 Linux ulimit
protocol	字符串	协议插件, 推荐使用 `orgin, auth_aes128_{md5, sha1}, auth_chain_{a, b, c, d, e, f}`
obfs	字符串	混淆插件, 推荐使用 `plain, http_{simple, post}, tls1.2_ticket_auth`

用法

以 ssr-redir 为例

# ssr-redir -h

shadowsocks-libev 2018-03-07 with mbed TLS 2.6.0

  usage:

    ss-redir

       -s <server_host>           Host name or IP address of your remote server.
       -p <server_port>           Port number of your remote server.
       -l <local_port>            Port number of your local server.
       -k <password>              Password of your remote server.
       -m <encrypt_method>        Encrypt method: table, rc4, rc4-md5,
                                  aes-128-cfb, aes-192-cfb, aes-256-cfb,
                                  aes-128-ctr, aes-192-ctr, aes-256-ctr,
                                  bf-cfb, camellia-128-cfb, camellia-192-cfb,
                                  camellia-256-cfb, cast5-cfb, des-cfb,
                                  idea-cfb, rc2-cfb, seed-cfb, salsa20,
                                  chacha20 and chacha20-ietf.
                                  The default cipher is rc4-md5.

       -o <obfs>                  Obfs of your remote server: plain,
                                  http_simple, http_post and tls1.2_ticket_auth.
       -g <obfs-param>            Obfs-Param of your remote server.
       -O <protocol>              Protocol of your remote server: orgin,
                                  auth_sha1, auth_sha1_v2, auth_sha1_v4,
                                  auth_aes128_md5, auth_aes128_sha1,
                                  auth_chain_a, auth_chain_b, auth_chain_c,
                                  auth_chain_d, auth_chain_e and auth_chain_f.
       -G <protocol-param>        Protocol-Param of your remote server.

       [-a <user>]                Run as another user.
       [-f <pid_file>]            The file path to store pid.
       [-t <timeout>]             Socket timeout in seconds.
       [-c <config_file>]         The path to config file.
       [-n <number>]              Max number of open files.
       [-b <local_address>]       Local address to bind.

       [-u]                       Enable UDP relay.
                                  TPROXY is required in redir mode.
       [-U]                       Enable UDP relay and disable TCP relay.

       [--mtu <MTU>]              MTU of your network interface.
       [--mptcp]                  Enable Multipath TCP on MPTCP Kernel.

       [-v]                       Verbose mode.
       [-h, --help]               Print this message.

错误排除

错误字样: error: MBEDTLS_CAMELLIA_C required
解决方案: rm -rf package/libs/mbedtls