因为旧版本的ss-local总是出现 shake hands failed 错误, 打算用最新的版本试试, 所以尝试在编译中使用最新版的shadowsocks.
项目地址 Shadowsocks-libev for OpenWrt: https://github.com/shadowsocks/openwrt-shadowsocks
1. 首先你需要有一个能正常编译OpenWrt的工作目录, 假定是/home/you/openwrt/master
2. 然后, 将最新的shadowsocks-libev clone到一个临时目录 /home/tmp
mkdir tmp cd tmp # feeds git clone https://github.com/shadowsocks/openwrt-feeds.git package/feeds # shadowsocks-libev Makefile git clone https://github.com/shadowsocks/openwrt-shadowsocks.git package/shadowsocks-libev
3. 用刚才导出的feeds, 覆盖掉/home/you/openwrt/master/packages/feeds 下对应的目录
4. 用刚才导出的shadowsocks-libev, 覆盖掉/home/you/openwrt/master/packages/network 下对应的目录
5. 在/home/you/openwrt/master 下, make menuconfig, 会看到network下出现了 shadowsocks-libev 和 shadowsocks-libev-server 这两项, 勾选这两项后保存退出
6. 按原来的方式重新编译OpenWrt
7. 在 /home/you/openwrt/master/bin/packages 下找到对应的新版本的shadowsocks-libev 文件, 就说明编译成功了
8. 这样编译后产生的固件, 只有ss-*系列可执行文件, 并无对应的服务脚本和配置文件, 需要自己添加, 配置文件例子
{ "server":"somewhere.rockbb.com", "server_port":1802, "local_address": "0.0.0.0", "local_port":1801, "password":"something", "timeout":300, "method":"aes-256-cfb", "fast_open": false, "mode": "tcp_and_udp" }
命令行启动:
ss-local -c "/etc/shadowsocks/ss-local-config.json" -v
系统服务脚本(新的openwrt版本中不再使用start() stop()了):
#!/bin/sh /etc/rc.common # Copyright (C) Milton Lai START= STOP= USE_PROCD= CONFIG_FILE="/etc/shadowsocks/ss-local-config.json" start_local() { service_start /usr/bin/ss-local \ -c "$CONFIG_FILE" return $? } start_service() { cmdline="/usr/bin/ss-local -c $CONFIG_FILE -v" procd_open_instance procd_set_param command $cmdline procd_set_param respawn retry= procd_set_param stdout # forward stdout of the command to logd procd_set_param stderr # same for stderr procd_close_instance }
添加到系统服务:
# 查看启用的服务 for F in /etc/init.d/* ; do $F enabled && echo $F on || echo $F **disabled**; done # 启用 /etc/init.d/shadowsocks enable # 复查 for F in /etc/init.d/* ; do $F enabled && echo $F on || echo $F **disabled**; done # 启动 /etc/init.d/shadowsocks start # 关闭 /etc/init.d/shadowsocks stop
注意: 3和4的路径必须正确, 否则最后编译使用的依然是原版本的shadowsocks
另: 最新的 shadowsocks-libev 3.0.5 中, 已经取消了One Time Auth选项, 取而代之的是AEAD
https://github.com/jlund/streisand/issues/502
https://github.com/shadowsocks/shadowsocks-libev/blob/master/src/jconf.c
) { FATAL("One time auth has been deprecated. Try AEAD ciphers instead."); }