chinadns 在openwrt上不能开机自动启动 #133
Comments
|
我也碰上过无法启动情况,后来发现是53和5353 端口被别的程序占用监听。改了监听端口我的就起来了。 |
|
发送自 Windows 10 版邮件应用
发件人: muromirikka
发送时间: 2017年10月27日 16:44
收件人: shadowsocks/ChinaDNS
抄送: AxIauk; Mention
主题: Re: [shadowsocks/ChinaDNS] chinadns 在openwrt上不能开机自动启动 (#133)
@AxIauk 能不能请详细说明下是怎么改的监听端口,是改chinadns的监听端口还是解除这些端口的占用?
我的lede上的chinadns无法运行,而且严重影响了dns的工作。虽然电脑连接wifi可以上网,但手机端无法获取dns,只能通过输入ip浏览网站。(卸载chinadns后一切正常)
手动启动也是无效
配置
刚刚尝试了把占用53端口的dnsmasq换了个端口,再试图手动启动chinadns,结果后两行提示消失了,变成
但是进程就卡在这里了,没有正常返回,chinadns也没有启动。
尝试输入"chinadns -c /etc/chinadns_chroute.txt"也还是一样的结果,仍然提示“CHROUTE_FILE not specified, CHNRoute is disabled”
谁能告诉我该怎么办...
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
很长时间忘了,当时整理的笔记。你参考一下。
Chinadns异常,多数情况下是 ss-stunel 的问题。
ASUSWRT-Merlin配置ss+iptable+dnsmasq+chinadns
1、环境
ASUSWRT-Merlin RT-AC88U_380.68_0 (2.6.36.4brcmarm armv7l)
Dnsmasq version 2.76
iptables v1.4.14
ipset v6.32, protocol version: 6
2、安装Entware
./entware-setup.sh
3、自启动加载模块(非必要)
echo "modprobe ip_set" > /jffs/scripts/post-mount
echo "modprobe ip_set_hash_net" > /jffs/scripts/post-mount
echo "modprobe ip_set_hash_ip" > /jffs/scripts/post-mount
echo "modprobe xt_set" > /jffs/scripts/post-mount
echo "modprobe xt_TPROXY" > /jffs/scripts/post-mount
4、安装ss-libev
opkg install Shadowsocks-libev
vi /opt/etc/shadowsocks.json
{
"server":"*.*.*.*",
"server_port":***,
"password":"********",
"timeout":60,
"method":"chacha20-ietf-poly1305"
}
vi /opt/etc/init.d/S22shadowsocks
PROCS=ss-redir
ARGS="-c /opt/etc/shadowsocks.json -u -b 0.0.0.0 -l 1080"
cp /opt/etc/init.d/S22shadowsocks /opt/etc/init.d/S33tunnel
vi /opt/etc/init.d/S33tunnel
PROCS=ss-tunnel
ARGS="-c /opt/etc/shadowsocks.json -u -b 0.0.0.0 -l 1081 -L 8.8.8.8:53"
./S22shadowsocks start
./S33tunnel start
ps | grep ss-
5、安装chinadns
opkg install chinadns
vi /opt/etc/init.d/S56chinadns
ARGS="-l /opt/etc/chinadns_iplist.txt -c /opt/etc/chinadns_chnroute.txt -p 1082 -s 114.114.114.114,127.0.0.1:1081"
6、修改Dnsmasq配置
echo "no-resolv" > /jffs/configs/dnsmasq.conf.add
echo "server=127.0.0.1#1082" >> /jffs/configs/dnsmasq.conf.add
echo "server=/.taobao.com/114.114.114.114" >> /jffs/configs/dnsmasq.conf.add
7、iptables 配置
(1)IPset+ iptables
curl -sL http://f.ip.cn/rt/chnroutes.txt | egrep -v '^$|^#' > /jffs/scripts/chnroutes
ipset -N chnroutes hash:net
for i in `cat chnroutes`; do echo ipset -A chnroutes $i >> ipset.sh; done
chmod +x ipset.sh && ./ipset.sh
ipset -S > /jffs/scripts/ipset.chnroutes
vi /jffs/scripts/ddns-start
#!/bin/sh
iptables -t nat -N SHADOWSOCKS
iptables -t nat -A SHADOWSOCKS -d 138.197.212.26 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A SHADOWSOCKS -m set --match-set chnroutes dst -j RETURN
iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 1080
iptables -t nat -A PREROUTING -p tcp -j SHADOWSOCKS
iptables -t nat -A OUTPUT -p tcp -j SHADOWSOCKS
#备注:dnsmasq 需指定127.0.0.1#1082
(2)全局代理:ss-redir
vi /jffs/scripts/ddns-start
#!/bin/sh
iptables -t nat -N SHADOWSOCKS
iptables -t mangle -N SHADOWSOCKS
iptables -t nat -A SHADOWSOCKS -d 138.197.212.26 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 1080
ip rule add fwmark 0x01/0x01 table 100
ip route add local 0.0.0.0/0 dev lo table 100
iptables -t mangle -A SHADOWSOCKS -p udp --dport 53 -j TPROXY --on-port 1080 --tproxy-mark 0x01
iptables -t nat -A PREROUTING -p tcp -j SHADOWSOCKS
iptables -t mangle -A PREROUTING -j SHADOWSOCKS
iptables -t nat -A OUTPUT -p tcp -j SHADOWSOCKS
#备注:dnsmasq 需指定DNS 8.8.8.8
(3)全局代理:ss-redir+ss-tunnel
#!/bin/sh
iptables -t nat -N SHADOWSOCKS
iptables -t nat -A SHADOWSOCKS -d 138.197.212.26 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 1080
iptables -t nat -A PREROUTING -p tcp -j SHADOWSOCKS
iptables -t nat -A OUTPUT -p tcp -j SHADOWSOCKS
#备注:dnsmasq 需指定127.0.0.1#1082
8、备注DNS查询端口
(1)dnsmasq(127.0.0.1#1082) -> ChinaDNS(-p 1082 127.0.0.1:1081) -> ss-tunnel(1081)
(2)使用以下命令生成最新的chnroute.txt:
curl 'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest' | grep ipv4 | grep CN | awk -F\| '{ printf("%s/%d\n", $4, 32-log($5)/log(2)) }' > /opt/etc/chnroute.txt
或
wget -O- 'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest' | awk -F\| '/CN\|ipv4/ { printf("%s/%d\n", $4, 32-log($5)/log(2)) }' > /opt/etc/chnroute.txt
(3)分别 wget Google 和 Baidu,失败则尝试重启 shadowsocks 和 chinadns,仍失败则重启路由。
以下脚本需要先 opkg install wget,安装完整版的 wget 才可执行。最后设置 755 运行权限,定时执行即可。记得间隔时间千万不要太短。我手贱设置成了 1 分钟执行一次,结果它真的重启了,然而 1 分钟根本不够它完成联网,导致重启被无限循环,费了好大劲才旧救回来……
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#!/bin/sh
LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
wget -4 -q -O /etc/ss/google.html --quiet --tries=3 --timeout=10 www.google.com.hk
wget -4 -q -O /etc/ss/baidu.html --quiet --tries=3 --timeout=10 www.baidu.com
g_size=$(ls -l /etc/ss/google.html | awk '{ print $5 }')
b_size=$(ls -l /etc/ss/baidu.html | awk '{ print $5 }')
error=0
if [ $g_size -gt 0 ] && [ $b_size -gt 0 ] ; then
echo '['$LOGTIME'] No Problem.' >> /etc/ss/status.log
rm /etc/ss/google.html
rm /etc/ss/baidu.html
exit 0
else
error=1
fi
if [ $error=1 ] ; then
echo '['$LOGTIME'] Problem decteted. Restarting shadowsocks.' >> /etc/ss/status.log
/etc/init.d/shadowsocks restart
sleep 5
# /etc/init.d/chinadns restart
sleep 5
LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
wget -4 -q -O /etc/ss/google.html --quiet --tries=3 --timeout=10 www.google.com.hk
wget -4 -q -O /etc/ss/baidu.html --quiet --tries=3 --timeout=10 www.baidu.com
g_size=$(ls -l /etc/ss/google.html | awk '{ print $5 }')
b_size=$(ls -l /etc/ss/google.html | awk '{ print $5 }')
if [ $g_size -gt 0 ] && [ $b_size -gt 0 ] ; then
echo '['$LOGTIME'] Problem fixed.' >> /etc/ss/status.log
rm /etc/ss/google.html
rm /etc/ss/baidu.html
error=0
exit 0
else
echo '['$LOGTIME'] Unable to fix the problem. Restarting router.' >> /etc/ss/status.log
reboot -f
fi
fi
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
原因是安装以后,并没有把/etc/init.d/chinadns链接到/etc/rc.d目录下,所以不能启动
The text was updated successfully, but these errors were encountered: