请注意,本文编写于 936 天前,最后修改于 936 天前,其中某些信息可能已经过时。
目录
OPENWRT设置
控制风扇转速
root@OpenWrt:~# cat /boot/config.txt ################################################################################ # Bootloader configuration - config.txt ################################################################################ ################################################################################ # For overclocking and various other settings, see: # https://www.raspberrypi.org/documentation/configuration/config-txt/README.md ################################################################################ # OpenWrt config include distroconfig.txt [all] # Place your custom settings here. dtparam=i2c_vc=on dtoverlay=cm4io-fan,minrpm=500,maxrpm=5000,midtemp=55000,midtemp_hyst=2000,maxtemp=65000,maxtemp_hyst=2000
添加磁盘分区
1.fdisk -l
2.fdisk /dev/mmcblk0
3.mkfs.ext4 /dev/mmcblk0p3
4.mkdir /mydata
5.mount /dev/mmcblk0p3 /mydata
6.永久挂载:vi /etc/fatab
root@OpenWrt:/etc# cat /etc/fstab # <file system> <mount point> <type> <options> <dump> <pass> /dev/mmcblk0p3 /mydata ext4 defaults 0 0
ddns配置
安装软件列表:
root@OpenWrt:~# opkg list-installed | grep ddns
ddns-scripts - 2.8.2-25
ddns-scripts-cloudflare - 2.8.2-25
ddns-scripts-services - 2.8.2-25
ddns-scripts_aliyun - 1.0.3-2
ddns-scripts_dnspod - 1.0.2-1
luci-app-ddns - git-23.118.79498-4390b4d
luci-i18n-ddns-en - git-23.222.62173-d7922c4
luci-i18n-ddns-zh-cn - git-23.222.62173-d7922c4
页面配置信息:
wireguard配置
安装软件列表:
root@OpenWrt:~# opkg list-installed | grep wire kmod-wireguard - 5.10.168-1 luci-app-wireguard - git-23.018.72712-6d712c3 luci-i18n-wireguard-zh-cn - git-22.316.76227-771eb78 luci-proto-wireguard - git-23.093.40597-18a1842 wireguard-tools - 1.0.20210424-3 wireless-regdb - 2022.08.12-1
/etc/config/network文件配置:
root@OpenWrt:~# cat /etc/config/network config interface 'loopback' option device 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option ula_prefix 'fded:18d8:d320::/48' config interface 'lan' option proto 'static' option netmask '255.255.255.0' option ip6assign '64' option ipaddr '192.168.30.1' option device 'eth1' config interface 'wan' option device 'eth0' option proto 'pppoe' option username 'pppoe username' option password 'pppoe password' option ipv6 'auto' option ip6assign '64' list ip6class 'local' config device option name 'wg0' option mtu '8920' config interface 'wg0' option proto 'wireguard' option private_key 'private key' list addresses '10.66.66.33' list dns '127.0.0.1' option listen_port '51820' config wireguard_wg0 option public_key 'public key' option preshared_key 'preshared key' list allowed_ips '0.0.0.0/0' option route_allowed_ips '1' option endpoint_host '2603:c024:4508:xxxx::3eaa' option endpoint_port '49788' option persistent_keepalive '25'
/etc/config/firewall配置:
root@OpenWrt:~# cat /etc/config/firewall config defaults option input 'ACCEPT' option output 'ACCEPT' option synflood_protect '1' option forward 'ACCEPT' config zone option name 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' list network 'lan' config zone option name 'wan' option output 'ACCEPT' option mtu_fix '1' option input 'ACCEPT' option forward 'ACCEPT' option masq '1' list network 'wan' config rule option name 'Allow-DHCP-Renew' option src 'wan' option proto 'udp' option dest_port '68' option target 'ACCEPT' option family 'ipv4' config rule option name 'Allow-Ping' option src 'wan' option proto 'icmp' option icmp_type 'echo-request' option family 'ipv4' option target 'ACCEPT' config rule option name 'Allow-IGMP' option src 'wan' option proto 'igmp' option family 'ipv4' option target 'ACCEPT' config rule option name 'Allow-DHCPv6' option src 'wan' option proto 'udp' option dest_port '546' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-MLD' option src 'wan' option proto 'icmp' option src_ip 'fe80::/10' list icmp_type '130/0' list icmp_type '131/0' list icmp_type '132/0' list icmp_type '143/0' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Input' option src 'wan' option proto 'icmp' list icmp_type 'echo-request' list icmp_type 'echo-reply' list icmp_type 'destination-unreachable' list icmp_type 'packet-too-big' list icmp_type 'time-exceeded' list icmp_type 'bad-header' list icmp_type 'unknown-header-type' list icmp_type 'router-solicitation' list icmp_type 'neighbour-solicitation' list icmp_type 'router-advertisement' list icmp_type 'neighbour-advertisement' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Forward' option src 'wan' option dest '*' option proto 'icmp' list icmp_type 'echo-request' list icmp_type 'echo-reply' list icmp_type 'destination-unreachable' list icmp_type 'packet-too-big' list icmp_type 'time-exceeded' list icmp_type 'bad-header' list icmp_type 'unknown-header-type' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-IPSec-ESP' option src 'wan' option dest 'lan' option proto 'esp' option target 'ACCEPT' config rule option name 'Allow-ISAKMP' option src 'wan' option dest 'lan' option dest_port '500' option proto 'udp' option target 'ACCEPT' config rule option name 'Support-UDP-Traceroute' option src 'wan' option dest_port '33434:33689' option proto 'udp' option family 'ipv4' option target 'REJECT' option enabled '0' config include option path '/etc/firewall.user' config include 'miniupnpd' option type 'script' option path '/usr/share/miniupnpd/firewall.include' config include 'timecontrol' option type 'script' option path '/var/etc/timecontrol.include' option reload '1' config rule 'kms' option name 'kms' option target 'ACCEPT' option src 'wan' option proto 'tcp' option dest_port '1688' config forwarding option src 'wan' option dest 'lan' config zone option name 'wg0' option output 'ACCEPT' option input 'ACCEPT' option forward 'ACCEPT' list network 'wg0' option masq '1' config forwarding option src 'wg0' option dest 'lan' config rule option name 'wg' list proto 'udp' option src_port '51820' option target 'ACCEPT'
dnsmasq分流配置
dnsmasq配置文件:
root@OpenWrt:~# cat /etc/dnsmasq.conf conf-dir=/etc/dnsmasq.d no-resolv server=8.8.8.8 server=1.1.1.1 server=223.5.5.5
/etc/dnsmasq.d中的配置文件:
accelerated-domains.china.conf 国内域名使用114.114.114.114
dnsmasq_list.conf 国外域名使用smartdns,也可以不配置,使用dnsmasq中配置的服务器
如果上面两个文件都没有匹配,则使用dnsmasq.conf中配置的server
路由分流配置
1.默认路由使用wireguard接口wg0
2.添加国内的ip地址使用pppoe-wan接口
route-add.sh
route-add-linux.txt
本文作者:Free Birds
本文链接:
版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!
目录