search

clowwindy / ShadowVPN

Removed according to regulations.
1.47k stars 1.06k forks source link

Compilation problem on OpenWRT #35

Closed 4mengy closed 9 years ago

4mengy commented 9 years ago

按照你的方法,git clone到 package目录,但是在终端中执行make menuconfig 和 make时,一开始出现 package/Makefile:173: warning: overriding commands for target package/openwrt/clean' package/Makefile:173: warning: ignoring old commands for targetpackage/openwrt/clean' package/Makefile:173: warning: overriding commands for target package/openwrt/download' package/Makefile:173: warning: ignoring old commands for targetpackage/openwrt/download' package/Makefile:173: warning: overriding commands for target package/openwrt/prepare' package/Makefile:173: warning: ignoring old commands for targetpackage/openwrt/prepare' package/Makefile:173: warning: overriding commands for target package/openwrt/compile' package/Makefile:173: warning: ignoring old commands for targetpackage/openwrt/compile' package/Makefile:173: warning: overriding commands for target package/openwrt/install' package/Makefile:173: warning: ignoring old commands for targetpackage/openwrt/install' package/Makefile:173: warning: overriding commands for target package/openwrt/update' package/Makefile:173: warning: ignoring old commands for targetpackage/openwrt/update' package/Makefile:173: warning: overriding commands for target package/openwrt/refresh' package/Makefile:173: warning: ignoring old commands for targetpackage/openwrt/refresh' package/Makefile:173: warning: overriding commands for target package/openwrt/prereq' package/Makefile:173: warning: ignoring old commands for targetpackage/openwrt/prereq' package/Makefile:173: warning: overriding commands for target package/openwrt/dist' package/Makefile:173: warning: ignoring old commands for targetpackage/openwrt/dist' package/Makefile:173: warning: overriding commands for target package/openwrt/distcheck' package/Makefile:173: warning: ignoring old commands for targetpackage/openwrt/distcheck' package/Makefile:173: warning: overriding commands for target package/openwrt/configure' package/Makefile:173: warning: ignoring old commands for targetpackage/openwrt/configure' 这段信息一共连续出现2次. 还有个奇怪的现象是,我在menuconfig里选上chinadns-c和shadowvpn,生成的img里没有shadowvpn的文件,bin/pacakage目录下有shadowvpn.ipk,只选择shadowvpn时也报上面警告,但img没有问题,我重新下源码编译一遍,还是这样。 openwrt版本是BB正式版,路由是wndr4300,请问是哪里出问题了

aa65535 commented 9 years ago

这个应该是在 trunk 代码中编译时出现的警告,因为 update 代码后没有做 make clean 。 这个警告不影响正常的编译出 ipk,推荐使用 SDK 编译。

4mengy commented 9 years ago

我同步下源码,第一次编译也有这个警告。同时选c和s,编译出的img里没有s,ipk倒是编译出来了。 chinadns-c 和 shadowvpn都配置好后,ssh到路ping youtube 可以解析到正确ip,在路由下的电脑上解析到youtube-ui-china.l.google.com [93.46.8.89]超时,facebook也是同样情况

aa65535 commented 9 years ago

@MerliniYang 可能是转发的问题,可以参考 #24 后面的 iptables 讨论。

4mengy commented 9 years ago

其他配置不变,让shadowvpn不加载chnroute可以解决问题。但是本地和路由解析的ip不一样,都可以正常访问,youtube路由解析ip 74.125.239.160 本地 74.125.31.91,facebook 路由 31.13.70.1 本地 31.13.75.1,为什么会这样? 转发的话之前已经加了 iptables -I FORWARD -i br-lan -o $intf -j ACCEPT iptables -I FORWARD -i $intf -o br-lan -j ACCEPT

另外,在我这的网络环境下,youtube速度改善很明显,读条速度飞快,vps是凤凰城的搬瓦工128,湖北联通

aa65535 commented 9 years ago

解析结果不同可能是因为路由和电脑的 DNS 不是同一个。 可以用 cat /etc/resolv.conf 看一下 nameserver 是哪个。

4mengy commented 9 years ago

我把防火墙转发默认规则改成接受,加载chnroute还是不行,不加载chnroute,只需要把br-lan和tun0之间的转发接受,默认drop,就没问题。我的路由在pppoe拨号路由后面,前面路由在192.168.1.0/24,这个路由是192.168.12.0/24

aa65535 commented 9 years ago

加载与不加载的情况下分别运行 ip route show | head -n10 看一下路由表的区别。

另外帖一下 client_up.sh 的内容。

4mengy commented 9 years ago

发现原因了,不知什么时候把无线网卡的dns设成114了,改成自动获取就没问题了,低级错误,不好意思。

client_up用的你的脚本,只增加了两条iptables

#!/bin/sh

# example client up script
# will be executed when client is up

# all key value pairs in ShadowVPN config file will be passed to this script
# as environment variables, except password

# turn on IP forwarding
sysctl -w net.ipv4.ip_forward=1>/dev/null 2>&1

# configure IP address and MTU of VPN interface
ifconfig $intf 10.7.0.2 netmask 255.255.255.0
ifconfig $intf mtu $mtu

# get current gateway and interface
echo "$(date) [UP] get gateway and interface from route table"
eval $(ip route show | awk '/^default/ {
    for (i=1; i<=NF; i++) {
        if ($i == "via") { printf("old_gw=%s;", $(i+1)) }
        if ($i == "dev") { printf("old_intf=%s;", $(i+1)) }
    }
}')

if [ -z "$old_intf" ]; then
    echo "$(date) [UP] failed to get interface from route table"
    exit 1
fi

# if current interface is tun, read from saved file.
if [ "$old_intf" = "$intf" ]; then
  echo "$(date) [UP] reading gateway and interface from saved file"
  old_gw=$(cat /tmp/old_gw) && old_intf=$(cat /tmp/old_intf) || {
    echo "$(date) [UP] can not read gateway or interface, check up.sh"
    exit 1
  }
fi

# save gateway and interface to file
echo $old_gw > /tmp/old_gw
echo $old_intf > /tmp/old_intf
echo "$(date) [UP] save gateway and interface to file"

# turn on NAT over VPN and old gateway
iptables -t nat -A POSTROUTING -o $intf -j MASQUERADE
iptables -A FORWARD -i $intf -o $old_intf -j ACCEPT
iptables -A FORWARD -i $old_intf -o $intf -j ACCEPT
iptables -I FORWARD -i br-lan -o $intf -j ACCEPT
iptables -I FORWARD -i $intf -o br-lan -j ACCEPT

# change routing table
if [ -z "$old_gw" ]; then
  route add $server $old_intf
  suf="dev $old_intf"
else
  route add $server gw $old_gw
  suf="via $old_gw dev $old_intf"
fi
route del default
route add default gw 10.7.0.1
echo "$(date) [UP] default route changed to 10.7.0.1"

# chnroute list file, You can specify a custom routes list file.
chnroute=/etc/chinadns_chnroute.txt

# load chnroute rules
#if [ -f $chnroute ]; then
#  awk -v suf="$suf" '$1 ~ /^([0-9]{1,3}\.){3}[0-9]{1,3}/\
#   {printf("route add %s %s\n",$1,suf)}' $chnroute > /tmp/routes
#  ip -batch /tmp/routes
#  echo "$(date) [UP] chnroute rules loaded"
#fi

echo "$(date) [UP] done"

不加载chnroute

root@OpenWrt:~# ip route show | head -n10
default via 10.7.0.1 dev tun0
10.7.0.0/24 dev tun0  proto kernel  scope link  src 10.7.0.2
107.182.176.87 via 192.168.1.1 dev eth0.2
192.168.1.0/24 dev eth0.2  proto kernel  scope link  src 192.168.1.198
192.168.12.0/24 dev br-lan  proto kernel  scope link  src 192.168.12.1

加载后

root@OpenWrt:~# ip route show | head -n10
default via 10.7.0.1 dev tun0
1.0.1.0/24 via 192.168.1.1 dev eth0.2
1.0.2.0/23 via 192.168.1.1 dev eth0.2
1.0.8.0/21 via 192.168.1.1 dev eth0.2
1.0.32.0/19 via 192.168.1.1 dev eth0.2
1.1.0.0/24 via 192.168.1.1 dev eth0.2
1.1.2.0/23 via 192.168.1.1 dev eth0.2
1.1.4.0/22 via 192.168.1.1 dev eth0.2
1.1.8.0/21 via 192.168.1.1 dev eth0.2
1.1.16.0/20 via 192.168.1.1 dev eth0.2
aa65535 commented 9 years ago

@MerliniYang 这个应该是在二级路由上运行的吧,路由表除了多出的 chnroute ,两者并没有什么区别。 或者试试这个 client_up.sh,加载 chnroute 后会有一段时间不能连接到国外,需要等待一会。

4mengy commented 9 years ago

是的。我试下,谢谢。