Hi,
ShadowSocks got picked up by DPI (they have FortiGuard). I have added the v2ray plugin to my server, and routed it through CloudFlare.
But now I need to add the v2ray plugin to OpenWRT/gl-ss. Should I ditch the gl-ss and instead install manually the shadowsocks-libdev and v2ray plugin? I’d love to be able to keep the gl-ss installation and GUI front end, and only add the executable v2ray plugin to the config.
Did you figure it out?
From my notes;
The OpenWRT software (GL-AR300M) has gl-ss (Shadowsocks Client) available in the GUI packages.
When you go to Tools | Advanced of OpenWRT will take you to the generic LuCI screens, where settings for Shadowsocks are more complete. You can enter plugin and plugin-opts here. When you enter the details, and start the SOCKS5 proxy, it loads the program like this;
ss-local –c -l 1080 -f /var/run/ss-local..pid
LuCI stores its configuration in /etc/config/shadowsocks.
The generated configuration is performed during the service start up. You can see how that is performed by looking in the /etc/init.d/shadowsocks file.
You can run ss-local as a daemon from the command prompt;
sudo ss-local -s server.example.com -p 443 –b 0.0.0.0 -l 1080 -m aes-256-cfb -k password -v --plugin v2ray-plugin --plugin-opts “tls;host=example.com” -f /var/run/ss-local.pid
ss-local is a normal SOCKS5 proxy. You need to configure clients to use it.
ss-redir is a transparent proxy. That means you don’t need to configure the clients to use it. As soon as traffic arrives at the router, it transports it via the proxy (transparently)
On Windows 10 Chrome; the ‘System Proxy’ must not be SOCKS5 (possibly SOCKS4?). To load Chrome with SOCKS5, start it like this;
chrome.exe --proxy-server=“socks5://proxy:1080”
Thanks. I’ve been trying to get this to work but I keep getting this in my logs:
Fri Aug 23 14:58:29 2019 daemon.info ss-redir[13084]: initializing ciphers... chacha20-ietf-poly1305
Fri Aug 23 14:58:29 2019 daemon.info ss-redir[13084]: tcp port reuse enabled
Fri Aug 23 14:58:29 2019 daemon.info ss-redir[13084]: listening at 0.0.0.0:1234
Fri Aug 23 14:58:29 2019 daemon.info ss-redir[13084]: running from root user
Fri Aug 23 14:58:30 2019 daemon.err ss-redir[13084]: plugin service exit unexpectedly
Here’s how my client config looks like:
config general
option startup_delay '0'
config transparent_proxy
option udp_relay_server 'nil'
option local_port '1234'
option mtu '1492'
list main_server 'nil'
config socks5_proxy
list server 'nil'
option local_port '1080'
option mtu '1492'
config port_forward
list server 'nil'
option local_port '5300'
option destination '8.8.4.4:53'
option mtu '1492'
config servers
option alias 'sample'
option fast_open '0'
option no_delay '0'
option server '127.0.0.1'
option server_port '8388'
option timeout '60'
option password 'barfoo!'
option encrypt_method 'rc4-md5'
config access_control
option self_proxy '1'
option wan_bp_list '/etc/chinadns_chnroute.txt'
option lan_target 'SS_SPEC_WAN_AC'
config servers
option alias 'ls-hk1'
option fast_open '0'
option no_delay '0'
option server 'MY SERVER IP'
option server_port 'MY SERVER PORT'
option timeout '60'
option password 'MY SERVER PASSWORD'
option encrypt_method 'chacha20-ietf-poly1305'
option plugin 'v2ray-plugin'
Any idea what’s causing the error? I can run /usr/bin/v2ray-plugin --help fine.
Strangely, it is now working after adding loglevel=none to the plugin options. See Doesn't work on OpenWRT with ss-redir · Issue #55 · shadowsocks/v2ray-plugin · GitHub
I also really hope that v2ray can be on ar300m until now it still can’t, too bad.