Openwrt v2ray server + tls1.3 + websocket + webserver + acme 入門篇
[i=s] 本帖最後由 tomleehk 於 2020-4-6 13:32 編輯 [/i][b][color=Blue]Preparation[/color][/b]
1. A router supported by openwrt with at least 32M ROM ( e.g. Newifi 3 D2 )
2. Openwrt stable release ( e.g 18.06.4, [url]https://downloads.openwrt.org/releases/[/url] )
3. WinSCP (download at [url]https://winscp.net/eng/download.php[/url] )
4. OpenSSH ( e.g. [url]https://github.com/PowerShell/Win32-OpenSSH/releases[/url] )
5. V2ray package ( e.g. [url]https://github.com/kuoruan/openwrt-v2ray/releases[/url] )
6. DDNS registration ( e.g. [url]www.dynu.com[/url] )
7. Valid certificate ( e.g. Let's encrypt, [url]https://www.sslforfree.com/[/url] )
8. Openwrt webserver package supporting websocket proxy (e.g. lighttpd )
9. Simple webpage source code (e.g. [url]https://www.template.net/web-templates/htmlcss-templates/html-login-form-templates/[/url] )
9. V2ray client ( e.g. Kitsunebi )
10. Knowledge of V2ray ( e.g. [url]https://www.v2ray.com/[/url] )
11. Knowledge of UNIX/openwrt
12. Knowledge of webserver setup
[color=Blue][b]
Target[/b][/color]
Router acts as https webserver with functioning webpage and valid certificate to deal with the GFW.
The v2ray server stays behind the webserver and uses the webserver's proxy function as cover-up. [i=s] 本帖最後由 tomleehk 於 2019-7-26 16:31 編輯 [/i]
[color=Blue][b]Openwrt DDNS installation and configuration[/b][/color]
In this example, [url]www.dynu.com[/url] will be used as example
1) At [url]https://www.dynu.com/en-US/ControlPanel/CreateAccount[/url], register an account ( e.g. [color=Magenta]dynu_id[/color]/[color=Magenta]dynu_pwd[/color] as id/password)
2) At [url]https://www.dynu.com/en-US/ControlPanel[/url], select <DDNS Services>
3) At [url]https://www.dynu.com/en-US/ControlPanel/DDNS[/url], select <+Add>
4) At <Option 1: Use Our Domain Name>, register a host url for your router. e.g. [color=Magenta]testhost.ddnsfree.com[/color] and save your registration
5) Revisit [url]https://www.dynu.com/en-US/ControlPanel/DDNS[/url] and ensure your registration is successful.
Assume your router has been flashed with openwrt.
Use Windows browser to access 192.168.1.1. Openwrt luci will then show up and prompt you to setup a password for root. Follow accordingly and save your password for root.
Logout and login openwrt luci with root again.
System>>System
Timezone - Asia/Hong Kong
Click<<Save/Apply>>
At Windows DOS prompt, run ssh client
e.g. ssh [email]root@192.168.1.1[/email] to access openwrt command shell to install ddns package
opkg update <<ENTER>>
opkg install luci-app-ddns <<ENTER>>
After installation is complete, type
reboot -f <<ENTER>>
to reboot router
After router reboots , use Windows browser to access 192.168.1.1 openwrt luci and login again.
Services >> Dynamic DNS
To add DDNS entry,
type dynu_ipv4, click <<Add>>, then
Basic Settings
DDNS Service provider [IPv4] - dynu.com
Lookup Hostname - [color=Magenta]testhost.ddnsfree.com[/color]
Domain - [color=Magenta]testhost.ddnsfree.com[/color]
Username - [color=Magenta]dynu_id[/color]
Password - [color=Magenta]dynu_pwd[/color]
Enabled - check
Click <<Save/Apply>>
Reboot router and verify
1) DDNS of testhost.ddnsfree.com can be updated with your router's WAN ip properly
2) Router time can be updated with local time [i=s] 本帖最後由 tomleehk 於 2020-8-4 22:13 編輯 [/i]
[color=Blue][b]V2ray server installation and configuration[/b][/color]
Download V2ray package(e.g. v2ray-core_4.20.0-1_mipsel_24kc.ipk) for your router at [url]https://github.com/kuoruan/openwrt-v2ray/releases[/url] to PC.
Rename v2ray-core_4.20.0-1_mipsel_24kc.ipk to v2ray.ipk
[color=Blue]Update on 4-Aug-2020:
You can also try the mini-versions, (e.g. v2ray-core-mini_4.26.0-2_mipsel_24kc.ipk) and enjoy the benefit of substantial reduction in package size. This mini version was also found working on Newifi 3 D2.
[/color]
Run WINSCP to login router with
New Site
1) File protocol - SCP
2) Host Name - 192.168.1.1
3) Port Number - 22
4) User Name/Password - root / <root password>
You can use Save button to create a site profile for future re-use
After login, use WINSCP to upload v2ray.ipk to /tmp/tmp on the router. Ensure "Transfer mode" is binary at <Transfer Settings>
Run SSH client, e.g. ssh [email]root@192.168.1.1[/email] to access openwrt command shell.
cd /tmp/tmp <<ENTER>>
opkg update <<ENTER>>
opkg install v2ray.ipk <<ENTER>>
The v2ray package is rather huge and therefore be patient to wait for the linux command prompt to turn up again. Normally it will take 5 to 10 minutes to complete the installation.
After installation is complete, type
reboot -f <<ENTER>>
to reboot router
Assume v2ray server uses the following parameters
[color=Green]1) port = 8443
2) protocol = vmess
3) uuid = c50bf28e-98cd-a351-b8d5-d60d56c376c7
4) network = ws
5) path = /vpath
6) host = testhost.ddnsfree.com
[/color]
your v2ray.json file should have[code]{
"inbounds": [
{
"port": 8443,
"protocol": "vmess",
"allocate": {
"strategy": "always"
},
"settings": {
"clients": [
{
"id": "c50bf28e-98cd-a351-b8d5-d60d56c376c7",
"alterId": 64,
"security": "auto",
"level": 0
}
]
},
"streamSettings": {
"network":"ws",
"wsSettings": {
"connectionReuse": true,
"path": "/vpath",
"headers": {
"Host": "testhost.ddnsfree.com"
}
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
}
]
}[/code]Use WINSCP to access the router and create the v2ray.json at /etc/config
Sample v2ray startup file[code]START=99
USE_PROCD=1
LimitNOFILE=1048576
LimitNPROC=512
start_service() {
mkdir /var/log/v2ray > /dev/null 2>&1
ulimit -n 99999
procd_open_instance
procd_set_param respawn
procd_set_param command /usr/bin/v2ray -config /etc/config/v2ray.json
procd_set_param file /etc/config/v2ray.json
procd_set_param stdout 1
procd_set_param stderr 1
procd_set_param pidfile /var/run/v2ray.pid
procd_close_instance
}
[/code]Use WINSCP to create the startup file v2ray (set attribute 755) at /etc/init.d/
At openwrt command shell, type
/etc/init.d/v2ray enable <<ENTER>>
/etc/init.d/v2ray start <<ENTER>> [i=s] 本帖最後由 tomleehk 於 2021-10-2 00:12 編輯 [/i]
[b][color=Blue]Lighttpd/webpage installation and configuration[/color][/b]
At openwrt command shell, type
opkg update <<ENTER>>
opkg install lighttpd-mod-openssl <<ENTER>>
opkg install lighttpd-mod-proxy <<ENTER>>
opkg install lighttpd-mod-redirect <<ENTER>>
After installation is complete, edit lighttpd configuration file (/etc/lighttpd/lighttpd.conf) with WINSCP
Note
1) Conflicting with luci (using port 80), default installation of lighttpd uses port 80 and therefore it may not be able to launch properly. To resolve, lighttpd server port MUST be changed to run at a port other than 80 (e.g. 8080).
2) Suppose using the attached simple webpage [attach]4403[/attach](index.html,css/style.css). Use WinSCP to create folders /www/webproj and /www/webproj/css. Copy index.html to /www/webproj and style.css to /www/webproj/css
Alternative download site for log-in.zip [url]https://gofile.io/?c=8ejjcJ[/url]
3) Assume v2ray server configuration using path = [color=Magenta] "/vpath"[/color]
4) Assume the files ca_bundle.crt, server.crt and server.key are placed at /www/ssl/,
at the same folder,
cat server.key server.crt > lighttpd.pem <<ENTER>>
to generate the .pem file for lighttpd
Sample configuration file should have[code]
server.modules = ("mod_openssl","mod_proxy","mod_redirect")
server.document-root = "/www/webproj/"
server.upload-dirs = ( "/tmp" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "http"
server.groupname = "www-data"
server.max-fds = 8192
server.max-connections = 4096
index-file.names = ( "index.php", "index.html",
"index.htm", "default.htm",
"index.lighttpd.html" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
### Options that are useful but not always necessary:
#server.chroot = "/"
server.port = 8080
#server.bind = "localhost"
#server.tag = "lighttpd"
#server.errorlog-use-syslog = "enable"
#server.network-backend = "write"
### Use IPv6 if available
#include_shell "/usr/share/lighttpd/use-ipv6.pl"
#dir-listing.encoding = "utf-8"
#server.dir-listing = "enable"
include "/etc/lighttpd/mime.conf"
include_shell "cat /etc/lighttpd/conf.d/*.conf"
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/www/ssl/lighttpd.pem"
ssl.ca-file = "/www/ssl/ca_bundle.crt"
ssl.openssl.ssl-conf-cmd = ("Ciphersuites" => "TLS_AES_128_GCM_SHA256")+("Protocol" => "-ALL, TLSv1.3")
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
}
$HTTP["url"] =~ "^/vpath" {
$HTTP["host"] == "testhost.ddnsfree.com" {
proxy.header = ( "upgrade" => "enable")
proxy.server = ( "" => (("host" => "127.0.0.1","port" => 8443)))
}
else {
url.redirect = ( "" => "/" )
}
}
[/code]Note
1) Open port 443 at openwrt luci, Network >> Firewall >> Traffic Rules and create the rule to open port 443 [i=s] 本帖最後由 tomleehk 於 2019-9-28 22:46 編輯 [/i]
[color=Blue][b]V2ray client installation and configuration[/b][/color]
Using Kitsunebi as illustration, client configuration should have
Address - [color=Magenta]testhost.ddnsfree.com[/color]
Port - 443
UUID - [color=Green]c50bf28e-98cd-a351-b8d5-d60d56c376c7[/color]
Alterid - 64
Security - auto
Network - [color=Green]ws[/color]
Path - [color=Magenta]/vpath[/color]
Host - [color=Magenta]testhost.ddnsfree.com[/color]
TLS - check [i=s] 本帖最後由 tomleehk 於 2020-5-14 08:34 編輯 [/i]
[color=Blue][b]luci-app-acme installation and configuration[/b][/color]
[color=Red][b]Be careful.. [/b][/color]The latest version 2.8.3.1 (Nov 2019) acme was found with some problems to get the certificate. Some workaround is needed to make it work.
At openwrt command shell, type
opkg update <<ENTER>>
opkg install luci-app-acme <<ENTER>>
opkg install acme-dnsapi <<ENTER>>
The latest version 2.8.3.1 (Nov 2019) acme was found to install package wget-nossl which will make the api script stop working. After installation of luci-app-acme and acme-dnsapi, the following extra steps are needed as workaround.[code]opkg update
opkg remove --force-depends wget-nossl
opkg upgrade wget[/code][color=Sienna]Note - The below sample uses API approach.[/color]
Collect the API credentials from DDNS provider, e.g.
At [url]https://www.dynu.com/en-US/ControlPanel/APICredentials[/url]
copy the credentials, e.g.
Client ID
[color=DarkOrchid]39a7a033-c129-55b0-a013-b511150ace22[/color]
Secret
[color=DarkOrchid]7hcYY7JSbSNa2RQcQh1fcJY5cp8YMg[/color]
At openwrt luci, Services>>ACME certs
State directory - [color=DarkOrange]/etc/acme[/color]
Account email - any email other than the default email, e.g. your email
Enabled - check
Use staging server - uncheck
Key length - 2048
Domain names - [color=Magenta]testhost.ddnsfree.com[/color]
DNS API - dns_dynu
DNS API credentials - Dynu_ClientId="[color=DarkOrchid]39a7a033-c129-55b0-a013-b511150ace22[/color]"
Dynu_Secret="[color=DarkOrchid]7hcYY7JSbSNa2RQcQh1fcJY5cp8YMg[/color]"
Click <<Save/Apply>>
Note
1) Check other supported DDNS providers at [url]https://github.com/Neilpang/acme.sh/tree/master/dnsapi[/url] and corresponding credential parameters needed at [url]https://github.com/Neilpang/acme.sh/wiki/dnsapi[/url]
2) The default account email MUST be changed, otherwise the acme script cannot work.
3) The key/certificate files will be saved at the folder[color=DarkOrange] /etc/acme/[/color][color=Magenta]testhost.ddnsfree.com/[/color] [i=s] 本帖最後由 tomleehk 於 2019-10-19 14:19 編輯 [/i]
[color=Blue][b]Enable Openwrt Hardware Flow offloading[/b][/color]
If you are using MT7621 router, e.g. newifi 3 d2,
you can enable hardware flow offloading at Firewall>>General Settings to improve throughput/performance.
[attach]4459[/attach] [i=s] 本帖最後由 tomleehk 於 2019-10-19 14:19 編輯 [/i]
[color=Blue][b]Automation[/b][/color]
1) If you are familiar with Openwrt, you can use cron jobs and scripts to automate renewal of certificates for the webserver.
[url]https://openwrt.org/docs/guide-user/base-system/cron[/url]
2) You can also use the package watchcat
[url]https://openwrt.org/packages/pkgdata/watchcat[/url]
[url]https://openwrt.org/packages/pkgdata/luci-app-watchcat[/url]
to reboot your router and get a new WAN ip whenever your ip is blocked by GFW
3) You need to change the WAN port MAC address before your router can get a new WAN ip. Corresponding scripting and automation can be found via google.
4) You can also install email client package, e.g.msmtp, ssmtp to send your renewed WAN ip as email to your webmail. Even when DDNS is not working, you still can know your router IP from the Email. Corresponding scripting and automation can also be found via google.
... and possibly some other automations.
All up to your imagination... [i=s] 本帖最後由 tomleehk 於 2019-10-19 14:06 編輯 [/i]
[color=Blue][b]Further work[/b][/color]
To share the same port (e.g. 443) by V2ray, SSH, SS and Openconnect etc. with the help of proxy servers.
Reference :
HAProxy to Nginx (Web + V2Ray WebSocket) + OpenConnect + SSH + ShadowsocksR (TLS OBFS)
[url]https://gist.github.com/techotaku/4ea5da47baa542eb5da244b2be8590d9[/url]
Proved working in a stable manner with my devices. However, the trivial trade-off is speed/response.
[b][color=Blue]拯救被墙的IP,CDN + v2ray,安全的科学上网方[/color][/b]
[url]https://blog.sprov.xyz/2019/03/11/cdn-v2ray-safe-proxy/[/url]
[color=Blue][b]Openwrt v2ray server + tls + websocket + webserver + cert + cdn 保護篇[/b][/color]
[url]http://www.telecom-cafe.com/forum/viewthread.php?tid=7761&page=1[/url] [i=s] 本帖最後由 tomleehk 於 2019-10-19 14:07 編輯 [/i]
[b][color=Blue][OpenWrt]V2Ray定制构建[/color][/b]
[url]https://blog.iknet.top/post/v2ray-reduce-build.html[/url]
V2Ray这么一款爱国上网利器大家一定不陌生,苦在它是用Golang写的,编译出来的大小着实惊人。对于嵌入式设备来说,18M的它,几乎是没法放进小小的ROM。就算经过UPX压缩,也有6M的大小。
这时候,我们就可以通过定制自己的V2Ray来达到精简的目的了qwq
[color=Blue][b]Custom build[/b][/color]
[url]https://github.com/kuoruan/openwrt-v2ray[/url] [i=s] 本帖最後由 gameplayer 於 2019-10-2 11:06 編輯 [/i]
[quote]Lighttpd/webpage installation and configuration
At openwrt command shell, type
opkg update
...
[size=2][color=#999999]tomleehk 發表於 2019-7-17 13:24[/color] [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47345&ptid=7749][img]http://www.telecom-cafe.com/forum/images/common/back.gif[/img][/url][/size][/quote]
CHING,請問
2) Use WinSCP to create folders /www/webproj and /www/webproj/css. Copy index.html to /www/webproj and style.css to /www/webproj/css
這兩個folders 系邊個目錄create? [i=s] 本帖最後由 tomleehk 於 2019-10-2 15:25 編輯 [/i]
[quote]CHING,請問
2) Use WinSCP to create folders /www/webproj and /www/webproj/css. Copy index.ht ...
這兩個folders 系邊個目錄create?
[size=2][color=#999999]gameplayer 發表於 2019-10-2 11:04[/color] [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47529&ptid=7749][img]http://www.telecom-cafe.com/forum/images/common/back.gif[/img][/url][/size][/quote]
喺最top嘅level, 你會見folder /www,
你只要喺 /www 下面 create folder webproj
再喺 /www/webproj create folder css [i=s] 本帖最後由 gameplayer 於 2019-10-2 17:39 編輯 [/i]
[quote]V2ray server installation and configuration
Download V2ray package(e.g. v2ray-core_4.20.0-1_mipsel_ ...
[size=2][color=#999999]tomleehk 發表於 2019-7-17 13:13[/color] [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47344&ptid=7749][img]http://www.telecom-cafe.com/forum/images/common/back.gif[/img][/url][/size][/quote]
root@OpenWrt:/etc/init.d# v2ray start
V2Ray 4.20.0 (V2Fly, a community-driven edition of V2Ray.) OpenWrt - Release 3
A unified platform for anti-censorship.
[b]main: failed to load config: > v2ray.com/core/main/confloader/external: config file not readable > open : no such file or directory[/b]
[attach]4456[/attach]
CHING,打完v2ray start,出現main: failed to load config。邊到有配置不當?個v2ray.json 有問題?
去到這步,v2ray server 已啟動?可以連接?因為想知道這步之前的是否都正確,再配置下一步。 [quote]喺最top嘅level, 你會見folder /www,
你只要喺 /www 下面 create folder webproj
再喺 /www/webproj cre ...
[size=2][color=#999999]tomleehk 發表於 2019-10-2 12:22[/color] [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47530&ptid=7749][img]http://www.telecom-cafe.com/forum/images/common/back.gif[/img][/url][/size][/quote]
明白! [quote]Lighttpd/webpage installation and configuration
At openwrt command shell, type
opkg update
...
[size=2][color=#999999]tomleehk 發表於 2019-7-17 13:24[/color] [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47345&ptid=7749][img]http://www.telecom-cafe.com/forum/images/common/back.gif[/img][/url][/size][/quote]
請問這 三個檔案 ca_bundle.crt, server.crt and server.key 要系邊到搵到? [i=s] 本帖最後由 tomleehk 於 2019-10-2 22:20 編輯 [/i]
[quote]root@OpenWrt:/etc/init.d# v2ray start
V2Ray 4.20.0 (V2Fly, a community-driven edition of V2Ray.) O ...
[size=2][color=#999999]gameplayer 發表於 2019-10-2 17:17[/color] [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47540&ptid=7749][img]http://www.telecom-cafe.com/forum/images/common/back.gif[/img][/url][/size][/quote]
v2ray server 肯定未啟動
At openwrt command shell, type
[b]/etc/init.d/v2ray enable[/b] <<ENTER>>
[b]/etc/init.d/v2ray start[/b] <<ENTER>>
由 /etc 開始type哂全句 [i=s] 本帖最後由 tomleehk 於 2019-10-2 23:02 編輯 [/i]
[quote]請問這 三個檔案 ca_bundle.crt, server.crt and server.key 要系邊到搵到?
[size=2][color=#999999]gameplayer 發表於 2019-10-2 17:19[/color] [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47542&ptid=7749][img]http://www.telecom-cafe.com/forum/images/common/back.gif[/img][/url][/size][/quote]
Post #1
[b][color=Blue]Preparation[/color][/b]
....
7. Valid certificate ( e.g. Let's encrypt, [url]https://www.sslforfree.com/[/url] )
....
呢d cert/key 檔案喺你幫你個webserver 嘅 domain 事先申請同預備定
經 Let's encrypt, [url]https://www.sslforfree.com/[/url] 申請, 免費有效3個月, 可免費renew
但你要有webserver同network知識先
亦可以經其他付費途徑申請有效期耐一d嘅cert/key檔案
Reference
[url]https://www.freecodecamp.org/news/free-https-c051ca570324/[/url]
建議你先多了解 unix/openwrt, webserver(e.g. certificate, ssl/tls, proxy 等等..)
否則之後步驟可能會比較吃力
亦可以先搞掂v2ray 部分,
再利用另一隻openwrt router去研究webserver+cert嘅相關技術
cert/key出了錯webserver啟動唔到就連唔到後面嘅v2ray server
掌握到webserver技術之後, 成功起到一個有cert嘅網站, 再合併v2ray喺同一隻router上面 [quote]v2ray server 肯定未啟動
At openwrt command shell, type
/etc/init.d/v2ray enable
/etc/init.d/v2r ...
[size=2][color=#999999]tomleehk 發表於 2019-10-2 17:30[/color] [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47543&ptid=7749][img]http://www.telecom-cafe.com/forum/images/common/back.gif[/img][/url][/size][/quote]
root@OpenWrt:~# /etc/init.d/v2ray enable
-ash: /etc/init.d/v2ray:[b] not found[/b]
root@OpenWrt:~# /etc/init.d/v2ray start
-ash: /etc/init.d/v2ray:[b] not found[/b]
打全句,出現 not found.
如果CD 入去 /etc/init.d/,再打 v2ray enable
root@OpenWrt:/etc/init.d# v2ray enable
[b]V2Ray 4.20.0 (V2Fly, a community-driven edition of V2Ray.) OpenWrt - Release 3
A unified platform for anti-censorship.
main: failed to load config: > v2ray.com/core/main/confloader/external: config file not readable > open : no such file or directory[/b] [quote]Post #1
Preparation
....
7. Valid certificate ( e.g. Let's encrypt, )
....
呢d cert/key 檔案喺 ...
[size=2][color=#999999]tomleehk 發表於 2019-10-2 17:36[/color] [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47544&ptid=7749][img]http://www.telecom-cafe.com/forum/images/common/back.gif[/img][/url][/size][/quote]
我都打算先建好普通v2ray,之後再整其他。 [i=s] 本帖最後由 tomleehk 於 2019-10-3 08:06 編輯 [/i]
[quote]root@OpenWrt:~# /etc/init.d/v2ray enable
-ash: /etc/init.d/v2ray: not found
root@OpenWrt:~# /et ...
[size=2][color=#999999]gameplayer 發表於 2019-10-3 00:13[/color] [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47546&ptid=7749][img]http://www.telecom-cafe.com/forum/images/common/back.gif[/img][/url][/size][/quote]
/etc/init.d/v2ray 呢個 startup file 不存在
或者未set 好attritube/permission 755
睇番post #3, 要人手用winscp去create 同 set attribute/permission 755 [quote]/etc/init.d/v2ray 呢個 startup file 不存在
或者未set 好attritube/permission 755
睇番post #3, 要人 ...
[size=2][color=#999999]tomleehk 發表於 2019-10-3 00:58[/color] [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47548&ptid=7749][img]http://www.telecom-cafe.com/forum/images/common/back.gif[/img][/url][/size][/quote]
多謝CHING解答,我再慢慢研究下。 买了Newif3. Config 一天後才知道樓主為什麼直接用openwrt. 而不用Pandrabox,LEAN....
enable V2ray :
echo 0xDEADBEEF > /etc/config/google_fu_mode
Memory full,write error!!! 又要重裝。 [i=s] 本帖最後由 tomleehk 於 2019-12-13 10:36 編輯 [/i]
另一個主要原因喺要用openconnect
openconnect只有openwrt同linux有installation package [i=s] 本帖最後由 yiucsw 於 2019-12-13 17:15 編輯 [/i]
剛安裝完openwrt, V2ray 在 newwifi3. 在那個看到 UUID? Ubuntu 好像是直接顯示。
openwrt 是自己Generate? [i=s] 本帖最後由 tomleehk 於 2019-12-13 19:23 編輯 [/i]
openwrt 不會 generate v2ray UUID , 要 diy 個 UUID, 可以揾網頁去generate 個 UUID
印象中有luci package去作為v2ray.json UI, 不過我覺得唔啱用, 用manual方法去customize個 v2ray.json仲簡單好用
startup script 都要diy [i=s] 本帖最後由 yiucsw 於 2019-12-13 19:26 編輯 [/i]
同 gameplayer 遇到的問題是一樣:
root@OpenWrt:/etc/init.d# v2ray enable
V2Ray 4.21.3 (V2Fly, a community-driven edition of V2Ray.) OpenWrt - Release 1
A unified platform for anti-censorship.
main: failed to load config: > v2ray.com/core/main/confloader/external: config file not readable > open : no such file or directory
-------------------------------------------
加上-config parameter, 能運行,Default config file location 已經改變,不知道新位置在哪裡,是vpath?
root@OpenWrt:/# v2ray -config /etc/config/v2ray.json enable
V2Ray 4.21.3 (V2Fly, a community-driven edition of V2Ray.) OpenWrt - Release 1
A unified platform for anti-censorship.
是不是加 &
v2ray -config /etc/config/v2ray.json start & [i=s] 本帖最後由 tomleehk 於 2019-12-13 20:08 編輯 [/i]
詳見 Post #3
startup script file 都要diy, 同放喺適當folder同set適當attribute
Sample v2ray startup file
...
Use WINSCP to create the startup file v2ray (set attribute 755) at /etc/init.d/
...
At openwrt command shell, type
/etc/init.d/v2ray enable <<ENTER>>
/etc/init.d/v2ray start <<ENTER>> [i=s] 本帖最後由 yiucsw 於 2019-12-14 09:09 編輯 [/i]
謝謝,你的sample Start file 是正確的,不知道昨天為什麼不能用
/etc/init.d/v2ray enable
昨天是比較懶,加了link, default 在 /usr/bin/config.json
/etc/config# ln v2ray.json /usr/bin/config.json
# v2ray enable
V2Ray 4.21.3 (V2Fly, a community-driven edition of V2Ray.) OpenWrt - Release 1
A unified platform for anti-censorship.
問問到了這步能直接測試V2ray,還是要加Webserver。debug will be easier. [i=s] 本帖最後由 tomleehk 於 2019-12-14 11:54 編輯 [/i]
/etc/init.d/v2ray enable
喺 enable 開機時自動行/etc/init.d/v2ray呢嗰script, enable 咗一次就得
自己加了link唔知有乜結果,我未試過
另外可以開機後行
ps | grep "v2ray"
先check 吓 v2ray可唔可以開機後自動啟動,
v2ray.json或其他相關scripting有任何問題,都可能啟動唔到..
要試connection嘅話喺openwrt開番v2ray.json裏面v2ray嘅listening port
唔一定要加webserver, webserver只喺cover-up [i=s] 本帖最後由 yiucsw 於 2019-12-14 20:58 編輯 [/i]
try V2ray, cannot start by init.d, but can started by vray &
do not know where to find the v2ray log. add echo test to v2ray and no echo inside start_service.
as test, v2ray and v2ray.config use the sample you provided and modified accordingly.
Reset the openwrt few times and just add the v2ray and v2ray.conf is still not working.
-test -config do not product any error.
v2ray -config can run and grep can find the pid.
v2ray client cannot access thru 8443 port.
在luci startup - 按restart : "/etc/init.d/v2ray start" action: Command failed