xiaomi路由器(R3/R3G)刷入openwrt(x-wrt)访问互联网

xiaomi路由器(R3/R3G)刷入openwrt(x-wrt)访问互联网

1.刷开发版ROM,获取SSH(root)

  ssh root@192.168.31.1

2.刷入breed

scp breed-mt7621-xiaomi-r3g.bin root@192.168.31.1:/tmp
mtd -r write /tmp/breed-mt7621-xiaomi-r3g.bin  Bootloader

3. 登录breed 刷openwrt

开机reset 网线接入 进入192.168.1.1
刷入x-wrt-8.0-b202005230224-ramips-mt7621-xiaomi_mir3g-squashfs-breed-factory.bin
重启自动进入管理界面

4.设置 opkg 源

  • 替换国内源

将openwrt 默认opkg distfeeds.conf 源替换为mirrors.tuna.tsinghua.edu.cn/openwrt

编辑文件/etc/opkg/distfeeds.conf

src/gz x-wrt_core https://mirrors.tuna.tsinghua.edu.cn/openwrt/snapshots/targets/ramips/mt7621/packages
src/gz x-wrt_base https://mirrors.tuna.tsinghua.edu.cn/openwrt/snapshots/packages/mipsel_24kc/base
src/gz x-wrt_luci https://mirrors.tuna.tsinghua.edu.cn/openwrt/snapshots/packages/mipsel_24kc/luci
src/gz x-wrt_packages https://mirrors.tuna.tsinghua.edu.cn/openwrt/snapshots/packages/mipsel_24kc/packages
src/gz x-wrt_routing https://mirrors.tuna.tsinghua.edu.cn/openwrt/snapshots/packages/mipsel_24kc/routing
src/gz x-wrt_telephony https://mirrors.tuna.tsinghua.edu.cn/openwrt/snapshots/packages/mipsel_24kc/telephony
  • 设置sourceforge安装源(可选)

dns-forwarder几个包,也可以直接通过链接下载安装

wget http://openwrt-dist.sourceforge.net/packages/openwrt-dist.pub -O /tmp/openwrt-dist.pub
opkg-key add /tmp/openwrt-dist.pub

添加到customfeeds.conf

src/gz openwrt_dist http://openwrt-dist.sourceforge.net/packages/base/mipsel_24kc
src/gz openwrt_dist_luci http://openwrt-dist.sourceforge.net/packages/luci
  • 更新,安装CA证书以支持https
 opkg --no-check-certificate update
 opkg install ca-certificates --no-check-certificate

使用https下载软件源

<code>sed -i 's/http:/https:/g' /etc/opkg/distfeeds.conf</code>

5.安装包

如果没有安装CA包则不支持https,需添加 –no-check-certificate 参数

shadowsocks

opkg  install luci-app-shadowsocks-libev
opkg  install shadowsocks-libev-config
opkg  install shadowsocks-libev-ss-local
opkg  install shadowsocks-libev-ss-redir
opkg  install shadowsocks-libev-ss-rules
opkg  install shadowsocks-libev-ss-server
opkg  install shadowsocks-libev-ss-tunnel

dns-forwarder luci-app-dns-forwarder

安装dns-forwarder luci-app-dns-forwarder

  • 配置过sourceforge源则直接opkg安装
    opkg install dns-forwarder luci-app-dns-forwarder
  • 或者直接下载安装

luci-app-dns-forwarder_1.6.2-1_all.ipk

dns-forwarder_1.2.1-2_mipsel_24kc.ipk

<code>opkg install dns-forwarder_1.2.1-2_mipsel_24kc.ipk luci-app-dns-forwarder_1.6.2-1_all.ipk</code>

dnsmasq-full

opkg install ip ipset libpthread iptables-mod-tproxy
opkg install zlib
opkg remove dnsmasq && opkg install dnsmasq-full

v2ray-plugin (可选)

wget -c  https://github.com/shadowsocks/v2ray-plugin/releases/download/v1.3.0/v2ray-plugin-linux-mips-v1.3.0.tar.gz
tar -xvf v2ray-plugin-linux-mips-v1.3.0.tar.gz
scp v2ray-plugin_linux_mipsle_sf root@192.168.15.1:/usr/bin

net.ipv4.tcp_fastopen = 3

6.配置dnsmasq目录

  • 1.新建/etc/dnsmasq.d目录,然后使用如下命令,将该路径加入配置:
mkdir -p /etc/dnsmasq.d
uci add_list dhcp.@dnsmasq[0].confdir=/etc/dnsmasq.d
uci commit dhcp
  • 2.验证下是否成功:
uci get dhcp.@dnsmasq[0].confdir
  • 3. 修改 /etc/dnsmasq.conf,在最后加入 conf-dir=/etc/dnsmasq.d

7. 设置ipset

  • 1. 下载gfwlist2dnsmasq.sh 脚本
wget -c https://raw.githubusercontent.com/cokebar/gfwlist2dnsmasq/master/gfwlist2dnsmasq.sh --no-check-certificate
/usr/bin/gfwlist2dnsmasq.sh -s gfwlist -o /etc/dnsmasq.d/dnsmasq_gfwlist_ipset.conf

如果获取gfwlist出现问题,替换gfwlist2dnsmasq.sh 中URL:BASE_URL=

  • 2. ipset设置
ipset -N gfwlist iphash
iptables -t nat -A PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1100
iptables -t nat -A OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1100
ip6tables -t nat -A PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1100
ipset add gfwlist 8.8.8.8
/etc/init.d/dnsmasq restart
  • 3. 加入crontab

0 0 * * 0 cd /tmp && /usr/bin/gfwlist2dnsmasq.sh -s gfwlist -o /etc/dnsmasq.d/dnsmasq_gfwlist_ipset.conf > /dev/null

  • 4.添加开机启动
/etc/init.d/ipset-gfwlist
#!/bin/sh /etc/rc.common
START=99


start() {
    /usr/bin/gfwlist2dnsmasq.sh -s gfwlist -o /etc/dnsmasq.d/dnsmasq_gfwlist_ipset.conf > /dev/null 2>&1 &
    ipset -N gfwlist iphash > /dev/null 2>&1 &
    iptables -t nat -A PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1100
    iptables -t nat -A OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1100
    ipset add gfwlist 8.8.8.8 > /dev/null 2>&1 &
    /etc/init.d/dnsmasq restart > /dev/null 2>&1 &
}
stop() {
    return 0
}
软连接生效<br><code>ln -s /etc/init.d/ipset-gfwlist /etc/rc.d/S99ipset-gfwlist</code>

8.设置shadowsocks

配置文件附录

9.设置dns-forwarder

高版本luci 无法加载页面 bug 解决

/usr/share/rpcd/acl.d

root@X-WRT:/usr/share/rpcd/acl.d# cat luci-app-dns-forwarder.json
{
    "luci-app-dns-forwarder": {
        "description": "Grant service list access to LuCI app dns-forwarder",
        "read": {
            "ubus": {
                "service": [ "list" ]
            },
            "uci": [ "dns-forwarder" ]
        },
        "write": {
            "file": {
                "/etc/dns-forwarder": [ "write" ]
            },
            "uci": [ "dns-forwarder" ]
        }
    }
}

`

配置文件(可界面操作)

config dns-forwarder
    option enable '1'
    option listen_addr '127.0.0.1'
    option listen_port '5353'
    option dns_servers '8.8.8.8'

10. 配置网络接口

WAN 口按需配置

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.