Sweet! Got it working! Next step is sniffing. Custom geoip/geosite?

[alcatraz-zz]

I want to thank you guys for all the help. The last few weeks I've entertained myself with trying to get an xray client to work on the little Xiaomi Mini. Finally it works 99% thanks to your work here.

When building an openwrt image with xray-core (through the user friendly firmwareselector) a lot of space is saved and I got 3.8MB out of 16 left, with xray running. That's insane. I could't get it to work with pa$$wall but this works great and it's minimalistic. No need to use storage expansion.

I'm using geoip.dat with only chinese addresses. It's only 170kB. (thanks to v2fly, it's called geoip-only-cn. I just renamed it geoip.dat)

It works 99%. One issue is that google play downloads don't work. The store opens but downloads can't get past 0%. I suspect I need sniffing and geosite.dat for that. Am I right?

Now I'm curious about finding a geosite.dat that's tailored for china only. I believe that I only need the following lists: geosite:cn (this one is available from v2fly, I believe it's cn.dat) geosite:geolocation-!cn geosite:category-ads

The last two are to my knowledge only available in geosite.dat which is nearly 6MB.

Do you have any idea how to only get the cn and geolocation-!cn sites in a dat file? That should come out wayyy smaller than the entire world dat. And I hope it fixes the play store download problem.

Cheers!

[yichya]

Try https://github.com/yichya/openwrt-xray-geodata-cut

[yichya]

One issue is that google play downloads don't work. The store opens but downloads can't get past 0%. I suspect I need sniffing and geosite.dat for that. Am I right?

I don't think this is related to sniffing and maybe you should try clearing google play store data before changing things on your router.

[alcatraz-zz]

One issue is that google play downloads don't work. The store opens but downloads can't get past 0%. I suspect I need sniffing and geosite.dat for that. Am I right?

I don't think this is related to sniffing and maybe you should try clearing google play store data before changing things on your router.

You were right. Now it works.

I had a similar problem when trying Hysteria. Maybe this fixed that too.

I'm still curious to see how much sniffing slows down the machine.

Hey. Can I ask you an offtopic question? I'd like to restart the xray process launched by luci-app-xray every once in a while because I'm getting odd cpu usage. It's fine after a restart but after 24h xray is at like 70% cpu when just idling. I'm running xray-core (not openwrt-xray) and that installs its own service that's disabled. I wouldn't want to start/restart that but only the one that luci-app-xray already started. Do you have a command for that? I'm trying to set up a cron job. Maybe just simply restart luci-app-xray would do the trick or? I can only see "xray" in init.d and that's the disabled service. I'm afraid to mess with that because it's going to eat up all the remaining memory.

[yichya]

Hey. Can I ask you an offtopic question? I'd like to restart the xray process launched by luci-app-xray every once in a while because I'm getting odd cpu usage. It's fine after a restart but after 24h xray is at like 70% cpu when just idling. I'm running xray-core (not openwrt-xray) and that installs its own service that's disabled. I wouldn't want to start/restart that but only the one that luci-app-xray already started. Do you have a command for that? I'm trying to set up a cron job. Maybe just simply restart luci-app-xray would do the trick or? I can only see "xray" in init.d and that's the disabled service. I'm afraid to mess with that because it's going to eat up all the remaining memory.

For memory usage limitation luci-app-xray integrated procd limits settings. Just echo '44444444 55555555' > /usr/share/xray/rlimit_data and reboot your router.

For periodic restart just use kill $(cat /var/run/xray.pid) to kill the Xray instance started by luci-app-xray. It will be brought up again automatically by procd.

[alcatraz-zz]

Wow. Super useful info.

I got zram working as a backup to xray freezing the system. I got 128 + 128 MB working now with the fastest algorithm lz4. (Had to extend storage via usb to fit a few other packages I needed for backdoor access anyway, so now I don't really have to worry about storage anymore.)

Should I still use those numbers?

Cool! I scheduled a restart via cron. Cheers!

[yichya]

Should I still use those numbers?

For a device with small memory capacity limiting open files and memory usage is always necessary (mostly to avoid other critical processes to be reaped by oom-killer or simply die because of being unable to allocate more memory) but if you never encounter this you can ignore that.

[alcatraz-zz]

Great to know. I'm hoping one daily restart of xray resets ram usage.

I'm curious about the numbers 4444 and 5555. What do they mean?

[alcatraz-zz]

Uh-oh. Softether is being routed through the VPN. I see luci-app-xray can exempt traffic from services by certain UUIDs. Hmm, any idea how I swap a service over to a different UUID?

In "top" I can see that softethervpn is running on PPID 1 and 2068. That's not it is it?

[yichya]

I'm curious about the numbers 4444 and 5555. What do they mean?

Memory usage (roughly, google rlimit for detailed description) limit in bytes. I used to use a device with the same amount of memory and I picked these numbers from my experience.

Softether is being routed through the VPN. I see luci-app-xray can exempt traffic from services by certain UUIDs. Hmm, any idea how I swap a service over to a different UUID?

Add procd_set_param user <username> in service init file. See https://github.com/yichya/openwrt-cloudflared/blob/55529ec6d71949d862f674ccc42d59a7a5700794/cloudflared.network#L15 for example.

[alcatraz-zz]

#!/bin/sh /etc/rc.common
START=60

start(){
        logger -t 'softethervpn' "Starting softether vpnserver service."
    /usr/bin/env LANG=en_US.UTF-8 /usr/libexec/softethervpn/vpnserver start
}

stop(){
        logger -t 'softethervpn' "Stopping softether vpnserver service."
    /usr/bin/env LANG=en_US.UTF-8 /usr/libexec/softethervpn/vpnserver stop
}

Cool! Here's the init.d file. It's very minimal. I'm thinking I need more than just one line of procd_set_param user network

Is the "network" user then the UUID used in luci-app-xray in order to exempt the traffic? I know there are other processes under "network" but if it's ok to exempt them all then I don't really mind using that user.

I checked out other init.d files where procd_set_param user was used and they use start_service and lots of procd settings.

I need to read up on procd and init.d scripts obviously. That's my next project!