首页
首页
文章目录
  1. 简介
  2. 安装v2ray
    1. 1、确认自己的openwrt架构
      1. 2、下载v2ray获取二进制文件
    2. 3、编写v2ray.config
    3. 4、配置v2ray开机启动脚本
  3. dnsmasq-full安装
  4. ipset以及相关依赖安装
  5. 配置gfwlist
    1. 下载gfwlist2dnsmasq.sh
    2. 生成gfwlist.conf
  6. 配置防火墙

openwrt通过v2ray+dnsmasq-full+ipset+gfwList实现自动翻墙

简介

首先这篇文章不算入门级别的,默认认为大家已经安装好了openwrt,主要针对是那些路由器硬盘比较小的机器无法安装v2ray全量包的,这里通过编写脚本实现开机启动并配置ipsetables,自动添加防火墙,从而实现根据gfwlist自动翻墙
整体思路 整体思路

安装v2ray

1、确认自己的openwrt架构

1
opkg print-architecture | awk '{print $2}'

openwrt版本 openwrt版本

2、下载v2ray获取二进制文件

之后打开下载地址:
https://github.com/kuoruan/openwrt-v2ray/releases/
找到自己的版本 我这里是x86_64
所以下载:https://github.com/kuoruan/openwrt-v2ray/releases/download/v4.27.5-1/v2ray-core-mini_4.27.5-1_x86_64.ipk
下载下来的是ipk包,如果路由器空间够大 可以直接安装那么最好了

1
2
3
4
5
6
7
8
# 方式一
opkg install v2ray-core-mini_4.27.5-1_x86_64.ipk
# 方式二
# 如果硬盘空间不够大,可以采用下面方式获取二进制文件
tar -zxf v2ray-core-mini_4.27.5-1_x86_64.ipk
tar -zxf data.tar.gz
# 将v2ray 放到/usr/bin/目录下
mv usr/bin/v2ray /usr/bin/v2ray

3、编写v2ray.config

以下是我的配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
{
"log": {
"loglevel": "warning",
"error": "/var/log/v2ray-error.log"
},
"inboundDetour": [
{
"protocol": "dokodemo-door",
"port": 2599,
"settings": {
"network": "tcp,udp",
"timeout": 30,
"followRedirect": true
}
},
{
"protocol": "dokodemo-door",
"port": 5353,
"settings": {
"address": "8.8.8.8",
"port": 53,
"network": "udp",
"timeout": 30,
"followRedirect": false
}
}
],
"outbound": {
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "服务器ip地址",
"port": 服务器端口,
"users": [
{
"id": "UUID",
"alterId": 100
}
]
}
]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"tlsSettings": {
"serverName": "服务器端证书域名",
"allowInsecure": true,
"allowInsecureCiphers": true,
}
},
"wsSettings": {
"path": "/websocket路径",
"headers": {
"Host": "WebSocket域名"
}
},
"mux": {
"enabled": true,
"concurrency": 8
}
},
"outboundDetour": [
{
"protocol": "freedom",
"settings": {},
"tag": "direct"
}
],
"dns": {
"servers": [
"8.8.8.8",
"localhost"
]
}
}

4、配置v2ray开机启动脚本

添加/etc/init.d/v2ray这个文件,文件内容为:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
#!/bin/sh /etc/rc.common

START=90
STOP=15

USE_PROCD=1
#PROCD_DEBUG=1

CONF=/etc/v2ray/v2ray.config
PROG=/usr/bin/v2ray

start_service() {
procd_open_instance
procd_set_param command $PROG -config $CONF
procd_set_param stdout 1
procd_set_param stderr 1
procd_set_param respawn ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-9}
procd_close_instance
}

dnsmasq-full安装

1
2
3
4
opkg remove dnsmasq
opkg update
opkg install dnsmasq-full
echo "conf-dir=/etc/dnsmasq.d" >> /etc/dnsmasq.conf

ipset以及相关依赖安装

1
2
opkg update
opkg install ip-full ipset iptables-mod-tproxy iptables-mod-nat-extra libpthread coreutils-base64 ca-bundle curl libustream-mbedtls ca-certificates

配置gfwlist

下载gfwlist2dnsmasq.sh

下载地址:https://github.com/cokebar/gfwlist2dnsmasq

生成gfwlist.conf

1
2
chmod +x ./gfwlist2dnsmasq.sh
./gfwlist2dnsmasq.sh -s gfwlist -o /etc/dnsmasq.d/gfwlist.conf

配置防火墙

1
2
3
4
5
6
7
8
9
10
11
12
13
iptables-save -c | grep -v "gfwlist" | iptables-restore -c
ipset -X gfwlist
ipset create gfwlist hash:ip
iptables -t nat -A PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 2599
iptables -t nat -A OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 2599

ipset -X gfwlist_ext
ipset create gfwlist_ext hash:net
for ip in $(cat /etc/v2ray/extn_ips.txt);
do ipset add gfwlist_ext $ip;
done
iptables -t nat -A PREROUTING -p tcp -m set --match-set gfwlist_ext dst -j REDIRECT --to-port 2599
iptables -t nat -A OUTPUT -p tcp -m set --match-set gfwlist_ext dst -j REDIRECT --to-port 2599

重启路由器。即可

以上

欢迎留言讨论

End!

支持一下
扫一扫,我会更有动力更新
  • 微信扫一扫
  • 支付宝扫一扫