需要在make menuconfig中选中如下package
MPTCPv0
LuCI > Collections > luci-ssl
LuCI > Applications > luci-app-wireguard
Network > Firewall > iptables-mod-tproxy
Network > Project V > v2ray-core-mini
Network > Routing and Redirection > iproute-mptcp
设置feeds文件,修改feeds.conf.default文件
src-git v2ray https://github.com/arinc9/v2ray-openwrt.git src-git iproutemptcp https://github.com/arinc9/iproute-mptcp-openwrt.git
编译固件
./scripts/feeds update -a && ./scripts/feeds install -a && make menuconfig -j$(nproc)
设置路由表规则,在/etc/rc.local文件中增加如下内容:
# Match on packet mark 1 using policy routing to have those packets delivered locally ip rule add fwmark 1 table 100 ip route add local default dev lo table 100 # Disable MPTCP subflow creation on links which don't reach the internet ip link set dev "interface" multipath off
设置防火墙规则,在/etc/firewall.user文件中增加如下内容:
# Identify TCP packets with destination address matching a local socket, set the packet mark to 1 iptables -t mangle -N DIVERT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 1 iptables -t mangle -A DIVERT -j ACCEPT # Create new chain iptables -t mangle -N PROXY # Routed devices won't be able to reach the server with this # iptables -t mangle -A PROXY -d "ServerIP" -j RETURN # Set local IPv4 address destinations to bypass the proxy iptables -t mangle -A PROXY -d 0.0.0.0/8 -j RETURN iptables -t mangle -A PROXY -d 10.0.0.0/8 -j RETURN iptables -t mangle -A PROXY -d 127.0.0.0/8 -j RETURN iptables -t mangle -A PROXY -d 169.254.0.0/16 -j RETURN iptables -t mangle -A PROXY -d 172.16.0.0/12 -j RETURN iptables -t mangle -A PROXY -d 192.168.0.0/16 -j RETURN iptables -t mangle -A PROXY -d 224.0.0.0/4 -j RETURN iptables -t mangle -A PROXY -d 240.0.0.0/4 -j RETURN # Anything else should be redirected to the port dokodemo-door listens on iptables -t mangle -A PROXY -p tcp -j TPROXY --on-ip 127.0.0.1 --on-port 12345 --tproxy-mark 1 # Transparent proxy for routed devices iptables -t mangle -A PREROUTING -j PROXY # --- # Create new chain for proxying the router iptables -t mangle -N PROXY_LOCAL # Set proxy server address to bypass the proxy iptables -t mangle -A PROXY_LOCAL -d "ServerIP" -j RETURN # Set local IPv4 address destinations to bypass the proxy iptables -t mangle -A PROXY_LOCAL -d 0.0.0.0/8 -j RETURN iptables -t mangle -A PROXY_LOCAL -d 10.0.0.0/8 -j RETURN iptables -t mangle -A PROXY_LOCAL -d 127.0.0.0/8 -j RETURN iptables -t mangle -A PROXY_LOCAL -d 169.254.0.0/16 -j RETURN iptables -t mangle -A PROXY_LOCAL -d 172.16.0.0/12 -j RETURN iptables -t mangle -A PROXY_LOCAL -d 192.168.0.0/16 -j RETURN iptables -t mangle -A PROXY_LOCAL -d 224.0.0.0/4 -j RETURN iptables -t mangle -A PROXY_LOCAL -d 240.0.0.0/4 -j RETURN # Mark anything else as 1 iptables -t mangle -A PROXY_LOCAL -p tcp -j MARK --set-mark 1 # Transparent proxy for the router iptables -t mangle -A OUTPUT -j PROXY_LOCAL
运行proxy软件,此处略...
本站的文章和资源来自互联网或者站长的原创,按照 CC BY -NC -SA 3.0 CN协议发布和共享,转载或引用本站文章应遵循相同协议。如果有侵犯版权的资 源请尽快联系站长,我们会在24h内删除有争议的资源。欢迎大家多多交流,期待共同学习进步。
