因为旧版本的ss-local总是出现 shake hands failed 错误, 打算用最新的版本试试, 所以尝试在编译中使用最新版的shadowsocks.

项目地址 Shadowsocks-libev for OpenWrt: https://github.com/shadowsocks/openwrt-shadowsocks

1. 首先你需要有一个能正常编译OpenWrt的工作目录, 假定是/home/you/openwrt/master

2. 然后, 将最新的shadowsocks-libev clone到一个临时目录 /home/tmp

mkdir tmp
cd tmp
# feeds
git clone https://github.com/shadowsocks/openwrt-feeds.git package/feeds
# shadowsocks-libev Makefile
git clone https://github.com/shadowsocks/openwrt-shadowsocks.git package/shadowsocks-libev

3. 用刚才导出的feeds, 覆盖掉/home/you/openwrt/master/packages/feeds 下对应的目录

4. 用刚才导出的shadowsocks-libev, 覆盖掉/home/you/openwrt/master/packages/network 下对应的目录

5. 在/home/you/openwrt/master 下, make menuconfig, 会看到network下出现了 shadowsocks-libev 和 shadowsocks-libev-server 这两项, 勾选这两项后保存退出

6. 按原来的方式重新编译OpenWrt

7. 在 /home/you/openwrt/master/bin/packages 下找到对应的新版本的shadowsocks-libev 文件, 就说明编译成功了

8. 这样编译后产生的固件, 只有ss-*系列可执行文件, 并无对应的服务脚本和配置文件, 需要自己添加, 配置文件例子

{
    "server":"somewhere.rockbb.com",
    "server_port":1802,
    "local_address": "0.0.0.0",
    "local_port":1801,
    "password":"something",
    "timeout":300,
    "method":"aes-256-cfb",
    "fast_open": false,
    "mode": "tcp_and_udp"
}

命令行启动:

ss-local -c "/etc/shadowsocks/ss-local-config.json" -v

系统服务脚本(新的openwrt版本中不再使用start() stop()了):

#!/bin/sh /etc/rc.common
# Copyright (C)  Milton Lai

START=
STOP=
USE_PROCD=
CONFIG_FILE="/etc/shadowsocks/ss-local-config.json"

start_local() {
    service_start /usr/bin/ss-local \
        -c "$CONFIG_FILE"
    return $?
}

start_service() {
    cmdline="/usr/bin/ss-local -c $CONFIG_FILE -v"
    procd_open_instance
    procd_set_param command $cmdline
    procd_set_param respawn retry=
    procd_set_param stdout  # forward stdout of the command to logd
    procd_set_param stderr  # same for stderr
    procd_close_instance
}

添加到系统服务:

# 查看启用的服务
for F in /etc/init.d/* ; do $F enabled && echo $F on || echo $F **disabled**; done
# 启用
/etc/init.d/shadowsocks enable
# 复查
for F in /etc/init.d/* ; do $F enabled && echo $F on || echo $F **disabled**; done
# 启动
/etc/init.d/shadowsocks start
# 关闭
/etc/init.d/shadowsocks stop

注意: 3和4的路径必须正确, 否则最后编译使用的依然是原版本的shadowsocks

另: 最新的 shadowsocks-libev 3.0.5 中, 已经取消了One Time Auth选项, 取而代之的是AEAD

https://github.com/jlund/streisand/issues/502

https://github.com/shadowsocks/shadowsocks-libev/blob/master/src/jconf.c

) {
   FATAL("One time auth has been deprecated. Try AEAD ciphers instead.");
}
05-03 21:13