how to use v2ray on openwrt¶
if exist a socks5 server
ssh root@192.168.1.1:
opkg update opkg install redsocksedit /etc/redsocks.conf:
redsocks { local_ip = 0.0.0.0; local_port = 10800; ip = socks5ServerIp; port = 1080; type = socks5; //login = "chenshi.net"; //password = "chenshi.net"; }/etc/init.d/redsocks restartvisit http://192.168.1.1,
network–firewall–custom rules:
# This file is interpreted as shell script. # Put your custom iptables rules here, they will # be executed with each firewall (re-)start. # Internal uci firewall chains are flushed and recreated on reload, so # put custom rules into the root chains e.g. INPUT or FORWARD or into the # special user chains, e.g. input_wan_rule or postrouting_lan_rule. iptables -t nat -N REDSOCKS iptables -t nat -A PREROUTING -i br-lan -p tcp -j REDSOCKS iptables -t nat -A PREROUTING -i br-lan -p udp -j REDSOCKS # Do not redirect traffic to the followign address ranges iptables -t nat -A V2RAY -d v2rayServerIp -j RETURN iptables -t nat -A V2RAY -d 10.10.0.0/16 -j RETURN iptables -t nat -A V2RAY -d 172.16.0.0/16 -j RETURN iptables -t nat -A V2RAY -d 192.168.0.0/16 -j RETURN iptables -t nat -A V2RAY -d 127.0.0.1/32 -j RETURN iptables -t nat -A V2RAY -d 224.0.0.0/4 -j RETURN iptables -t nat -A V2RAY -d 255.255.255.255/32 -j RETURN # Redirect all kinds of traffic iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 10800 iptables -t nat -A REDSOCKS -p udp -j REDIRECT --to-ports 10800restart firewall.
network–interfaces–wan–dhcp client.
install v2ray_armv7
ssh root@192.168.1.1:
opkg update opkg install curl unzip cd /tmp curl -LO "https://github.com/v2ray/v2ray-core/releases/download/v4.20.0/v2ray-linux-arm.zip" unzip v2ray-linux-arm.zip -d v2ray_armv7 cat << EOF > v2ray_armv7/config.json { "inbounds": [ { "port": 1080, "listen": "0.0.0.0", "protocol": "socks", "sniffing": { "enabled": true, "destOverride": ["http", "tls"] }, "settings": { "auth": "noauth", "udp": false } } ,{ "domainOverride": ["tls","http"], "port": 10800, "protocol": "dokodemo-door", "settings": { "network": "tcp", "followRedirect": true }, "tag":"door" } ], "outbounds": [ { "protocol": "vmess", "settings": { "vnext": [ { "address": "chenshi.net", "port": 443, "users": [ { "id": "bffce3d2-3c89-4cfc-989b-baca4708a477", "alterId": 70 } ] } ] }, "streamSettings": { "network": "ws", "security": "tls", "wsSettings": { "path": "/chenshi" } } } ] } EOF ./v2ray_armv7 -config config.json &visit http://192.168.1.1,
network–firewall–custom rules:
# This file is interpreted as shell script. # Put your custom iptables rules here, they will # be executed with each firewall (re-)start. # Internal uci firewall chains are flushed and recreated on reload, so # put custom rules into the root chains e.g. INPUT or FORWARD or into the # special user chains, e.g. input_wan_rule or postrouting_lan_rule. iptables -t nat -N V2RAY iptables -t nat -A PREROUTING -p tcp -j V2RAY iptables -t nat -A PREROUTING -p udp -j V2RAY # Do not redirect traffic to the followign address ranges iptables -t nat -A V2RAY -d v2rayServerIp -j RETURN iptables -t nat -A V2RAY -d 10.10.0.0/16 -j RETURN iptables -t nat -A V2RAY -d 172.16.0.0/16 -j RETURN iptables -t nat -A V2RAY -d 192.168.0.0/16 -j RETURN iptables -t nat -A V2RAY -d 127.0.0.1/32 -j RETURN iptables -t nat -A V2RAY -d 224.0.0.0/4 -j RETURN iptables -t nat -A V2RAY -d 255.255.255.255/32 -j RETURN # Redirect all kinds of traffic iptables -t nat -A V2RAY -p tcp -j REDIRECT --to-ports 10800 iptables -t nat -A V2RAY -p udp -j REDIRECT --to-ports 10800restart firewall.
network–interfaces–wan–dhcp client.