本文编写于3006天前，最后编辑于 2814天前，部分内容可能已经过时，请您自行斟酌确认。

设备:newwifi mini
固件:PandoraBox
1.系统-软件包-配置

arch all 100
arch noarch 200
arch ralink 300
arch ramips_24kec 400

dest root /
dest ram /tmp
lists_dir ext /var/opkg-lists
option overlay_root /overlay
#src/gz r2_base http://downloads.openwrt.org.cn/PandoraBox/ralink/packages/base
src/gz r2_management http://downloads.openwrt.org.cn/PandoraBox/ralink/packages/management
src/gz r2_oldpackages http://downloads.openwrt.org.cn/PandoraBox/ralink/packages/oldpackages
src/gz r2_packages http://downloads.openwrt.org.cn/PandoraBox/ralink/packages/packages
src/gz r2_routing http://downloads.openwrt.org.cn/PandoraBox/ralink/packages/routing
src/gz r2_telephony http://downloads.openwrt.org.cn/PandoraBox/ralink/packages/telephony

src/gz openwrt_dist http://openwrt-dist.sourceforge.net/packages/OpenWrt/base/ramips/
src/gz openwrt_dist_luci http://openwrt-dist.sourceforge.net/packages/OpenWrt/luci

有些依赖包可能没有,可以在如下网址下载

https://dl.bintray.com/aa65535/opkg/shadowsocks-libev/3.0.3/OpenWrt/ramips/

更新

opkg update
opkg install ip ipset iptables-mod-tproxy

重启路由

安装如下软件

shadowsocks-libev (openwrt-shadowsocks)
luci-app-shadowsocks
ChinaDNS (openwrt-chinadns)
luci-app-chinadns
DNS-forwarder (openwrt-dns-forwarder)
luci-app-dns-forwarder

opkg install http://dl.aenes.com/libev_4.24-1_ramips_24kec.ipk
opkg install ChinaDNS
opkg install luci-app-chinadns
opkg install dns-forwarder
opkg install luci-app-dns-forwarder
opkg install shadowsocks-libev
opkg install luci-app-shadowsocks

安装完毕之后,添加服务器不必多说.
切换到访问控制,如下所示.

一般设置

自动更新CHNROUTE（IGNORE.LIST）文件
1.新建一个文件 /root/update_chnroute.sh 写入如下内容:

#!/bin/sh
 
set -e -o pipefail
 
wget -O- 'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest' | \
    awk -F\| '/CN\|ipv4/ { printf("%s/%d\n", $4, 32-log($5)/log(2)) }' > \
    /tmp/chinadns_chnroute.txt
 
mv /tmp/chinadns_chnroute.txt /etc/
 
if pidof ss-redir>/dev/null; then
    /etc/init.d/shadowsocks restart
fi

2.使用 chmod +x /root/update_chnroute.sh 添加可执行权限

3.打开路由器管.理页面 系统 - 计划任务 填写如下内容（每天 04:30 执行）:

30 4 * * * /root/update_chnroute.sh>/dev/null 2>&1
30 4 * * * /root/update_chnroute.sh>/dev/null 2>&1

配置dns-forwarder

Chinadns

Luci中切换至“网络”-“DHCP/DNS”设置

或者如下设置转发

iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 5353

检测定时重启脚本/root/watchss.sh

#!/bin/sh

# version: 0.0.1

LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
wget --spider --quiet --tries=1 --timeout=10 https://www.google.com/
if [ "$?" == "0" ]; then
    echo '['$LOGTIME'] No Problem.'
    exit 0
else
    wget --spider --quiet --tries=1 --timeout=10 https://www.baidu.com/
    if [ "$?" == "0" ]; then
        echo '['$LOGTIME'] Problem decteted, restarting shadowsocks.'
        /etc/init.d/shadowsocks restart
    else
        echo '['$LOGTIME'] Network Problem. Do nothing.'
    fi
fi

计划任务

*/10 * * * * /root/watchss.sh >> /var/log/ss_watchdog.log 2>&1
0 1 * * 7 echo "" > /var/log/ss_watchdog.log

我们并不需要 ISP 提供的 DNS，所以不让其更新 resolv.conf 就好了。

echo "nohook resolv.conf" >> /etc/dhcpcd.conf

最终 /etc/resolv.conf 的内容应该如下：

# Generated by resolvconf
nameserver 127.0.0.1