important

https://wiki.openwrt.org/doc/howto/build#procedure

Do everything as non-root user

不要使用 root 用户编译

不要使用 root 用户编译

不要使用 root 用户编译

所有编译操作使用 非特权 普通用户

source build

  1. OpenWrt's build system – About
  2. OpenWrt build system – Installation
  3. OpenWrt build system – Usage
  4. OpenWrt build system – Patches

packages

# cat pkgs
bash-completion
file
bzip2
xz
psmisc
procps-ng
tree
git
mtr
net-tools
bind-utils
tcpdump
traceroute
grep
which
less
diffutils
man-db
sed
gawk
wget
dos2unix
dstat
epel-release
yum-utils
emacs-nox

pkgs=$(cat pkgs|tr '\n' ' ')
yum install $pkgs

wget http://example.com/emacs -O .emacs

https://wiki.openwrt.org/doc/howto/buildroot.exigence

# yum install subversion binutils bzip2 gcc gcc-c++ gawk gettext flex ncurses-devel zlib-devel \
              zlib-static make patch unzip perl-ExtUtils-MakeMaker glibc glibc-devel glibc-static \
              quilt ncurses-libs sed sdcc intltool sharutils bison wget git openssl-devel xz

# df -hT
Filesystem    Type    Size  Used Avail Use% Mounted on
/dev/vda1     xfs      20G  1.1G   19G   6% /

创建 swap 文件,扩容内存:

time dd if=/dev/zero of=/swap bs=1M count=1536
mkswap /swap
chmod 0600 /swap
swapon /swap
swapon

# time dd if=/dev/zero of=/swap bs=1M count=1536
1536+0 records in
1536+0 records out
1610612736 bytes (1.6 GB) copied, 3.3337 s, 483 MB/s

real    0m3.347s
user    0m0.005s
sys     0m2.400s

# mkswap /swap
Setting up swapspace version 1, size = 1572860 KiB
no label, UUID=f886ad73-2f79-44d7-a8a8-b47a692763d0

# chmod 0600 /swap

# swapon /swap

# swapon
NAME  TYPE SIZE USED PRIO
/swap file 1.5G   0B   -1

# free -mt
              total        used        free      shared  buff/cache   available
Mem:            488          55           7           8         424         388
Swap:          1535           0        1535
Total:         2024          55        1543

创建并切换至 lede 用户:

# useradd -m lede
# su - lede

https://lede-project.org/docs/guide-developer/start

https://lede-project.org/docs/guide-developer/build-system

https://lede-project.org/docs/guide-developer/install-buildsystem

https://lede-project.org/docs/guide-developer/use-buildsystem

下载 LEDE 源码:

$ time git clone https://github.com/lede-project/source.git
Cloning into 'source'...
remote: Counting objects: 398669, done.
remote: Compressing objects: 100% (70/70), done.
remote: Total 398669 (delta 36), reused 55 (delta 25), pack-reused 398573
Receiving objects: 100% (398669/398669), 142.31 MiB | 16.87 MiB/s, done.
Resolving deltas: 100% (269850/269850), done.

real    0m26.594s
user    0m19.567s
sys     0m5.309s

$ du -sh source
216M    source

$ df -hT
Filesystem     Type      Size  Used Avail Use% Mounted on
/dev/vda1      xfs        20G  2.8G   18G  14% /

$ git log --oneline -3
f2b7d9d mpc85xx: Add Aerohive HiveAP-330 Access Point
8cd6686 mpc85xx: Add cmdline override patch
a92f73e mpc85xx: Enable initramfs for p1020 subtarget

切换到 v17.01.3 版本:Checkout a tagged release’s source code (like v17.01.1)

$ git fetch --tags

$ git tag -l
reboot
v17.01.0
v17.01.0-rc1
v17.01.0-rc2
v17.01.1
v17.01.2
v17.01.3

$ git checkout v17.01.3
Note: checking out 'v17.01.3'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:

  git checkout -b new_branch_name

HEAD is now at df54a8f... LEDE v17.01.3: adjust config defaults

$ git status
# HEAD detached at v17.01.3
nothing to commit, working directory clean

$ git log -1
commit df54a8f583a9afad356fb99a575d75b69c8c0dd4
Author: Stijn Tintel <stijn@linux-ipv6.be>
Date:   Tue Oct 3 15:10:53 2017 +0300

    LEDE v17.01.3: adjust config defaults

    Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

https://lede-project.org/docs/guide-developer/source-revision-calculation

$ ./scripts/getver.sh
r3533-d0bf257c46

$ ./scripts/getver.sh r3533
r3533-d0bf257c46

$ ./scripts/getver.sh d0bf257c46
r3533-d0bf257c46

$ du -sh *|sort -h
4.0K    BSDmakefile
4.0K    Config.in
4.0K    feeds.conf.default
4.0K    Makefile
4.0K    README
4.0K    version
4.0K    version.date
16K     rules.mk
20K     LICENSE
44K     config
336K    include
804K    toolchain
1.1M    scripts
2.5M    tools
17M     package
41M     target

$ du -sh package/*|sort -k1 -h
4.0K    package/Makefile
108K    package/firmware
132K    package/devel
324K    package/system
376K    package/base-files
1.5M    package/utils
1.9M    package/boot
2.2M    package/libs
4.1M    package/kernel
5.8M    package/network

https://github.com/shadowsocks/openwrt-shadowsocks

https://github.com/shadowsocks/openwrt-feeds

$ git clone https://github.com/shadowsocks/openwrt-feeds.git package/feeds
Cloning into 'package/feeds'...
remote: Counting objects: 114, done.
remote: Total 114 (delta 0), reused 0 (delta 0), pack-reused 114
Receiving objects: 100% (114/114), 28.52 KiB | 0 bytes/s, done.
Resolving deltas: 100% (21/21), done.

$ find . -name 'libsodium'
./package/feeds/packages/libsodium

$ find ~/source -name 'libsodium'
/home/lede/source/package/feeds/packages/libsodium

$ tree -F -L 2 ~/source/package/feeds
/home/lede/source/package/feeds
├── base/
│   ├── libudns/
│   └── mbedtls/
└── packages/
    ├── libcares/
    ├── libev/
    ├── libsodium/
    └── pcre/

8 directories, 0 files

$ git clone https://github.com/shadowsocks/openwrt-shadowsocks.git package/shadowsocks-libev
Cloning into 'package/shadowsocks-libev'...
remote: Counting objects: 1113, done.
remote: Total 1113 (delta 0), reused 0 (delta 0), pack-reused 1113
Receiving objects: 100% (1113/1113), 474.14 KiB | 0 bytes/s, done.
Resolving deltas: 100% (627/627), done.

https://github.com/aa65535/openwrt-simple-obfs

$ git clone https://github.com/aa65535/openwrt-simple-obfs.git package/simple-obfs
Cloning into 'package/simple-obfs'...
remote: Counting objects: 32, done.
remote: Total 32 (delta 0), reused 0 (delta 0), pack-reused 32
Unpacking objects: 100% (32/32), done.

https://github.com/aa65535/openwrt-chinadns

$ git clone https://github.com/aa65535/openwrt-chinadns.git package/chinadns
Cloning into 'package/chinadns'...
remote: Counting objects: 310, done.
remote: Total 310 (delta 0), reused 0 (delta 0), pack-reused 310
Receiving objects: 100% (310/310), 108.96 KiB | 0 bytes/s, done.
Resolving deltas: 100% (153/153), done.

https://github.com/aa65535/openwrt-dns-forwarder

$ git clone https://github.com/aa65535/openwrt-dns-forwarder.git package/dns-forwarder
Cloning into 'package/dns-forwarder'...
remote: Counting objects: 78, done.
remote: Total 78 (delta 0), reused 0 (delta 0), pack-reused 78
Unpacking objects: 100% (78/78), done.

$ ll package/
total 20K
drwxr-xr-x.  3 lede lede   58 | 2017-10-14 06:05 | base-files
drwxr-xr-x. 26 lede lede 4.0K | 2017-10-14 06:05 | boot
drwxrwxr-x.  5 lede lede  112 | 2017-10-14 06:29 | chinadns
drwxr-xr-x.  9 lede lede  107 | 2017-10-14 05:57 | devel
drwxrwxr-x.  4 lede lede   97 | 2017-10-14 06:29 | dns-forwarder
drwxrwxr-x.  5 lede lede   46 | 2017-10-14 06:28 | feeds
drwxr-xr-x. 13 lede lede  227 | 2017-10-14 06:05 | firmware
drwxr-xr-x. 27 lede lede 4.0K | 2017-10-14 05:57 | kernel
drwxr-xr-x. 45 lede lede 4.0K | 2017-10-14 06:05 | libs
-rw-rw-r--.  1 lede lede 3.7K | 2017-10-14 06:05 | Makefile
drwxr-xr-x.  6 lede lede   61 | 2017-10-14 05:57 | network
drwxrwxr-x.  3 lede lede   84 | 2017-10-14 06:28 | shadowsocks-libev
drwxrwxr-x.  3 lede lede   84 | 2017-10-14 06:29 | simple-obfs
drwxr-xr-x. 16 lede lede  205 | 2017-10-14 06:05 | system
drwxr-xr-x. 28 lede lede 4.0K | 2017-10-14 06:05 | utils


$ time ./scripts/feeds update -a
Updating feed 'packages' from 'https://git.lede-project.org/feed/packages.git
1ea79bf3a8d2b6368435887960f5c2' ...
Cloning into './feeds/packages'...
remote: Counting objects: 50270, done.
remote: Compressing objects: 100% (21994/21994), done.
remote: Total 50270 (delta 26780), reused 48662 (delta 25436)
Receiving objects: 100% (50270/50270), 12.37 MiB | 6.45 MiB/s, done.
Resolving deltas: 100% (26780/26780), done.
Switched to a new branch '21b2e3eb761ea79bf3a8d2b6368435887960f5c2'
/home/lede/source
Create index file './feeds/packages.index'
Checking 'working-make'... ok.
Checking 'case-sensitive-fs'... ok.
Checking 'proper-umask'... ok.
Checking 'gcc'... ok.
Checking 'working-gcc'... ok.
Checking 'g++'... ok.
Checking 'working-g++'... ok.
Checking 'ncurses'... ok.
Checking 'zlib'... ok.
Checking 'perl-thread-queue'... ok.
Checking 'tar'... ok.
Checking 'find'... ok.
Checking 'bash'... ok.
Checking 'patch'... ok.
Checking 'diff'... ok.
Checking 'cp'... ok.
Checking 'seq'... ok.
Checking 'awk'... ok.
Checking 'grep'... ok.
Checking 'getopt'... ok.
Checking 'stat'... ok.
Checking 'unzip'... ok.
Checking 'bzip2'... ok.
Checking 'wget'... ok.
Checking 'perl'... ok.
Checking 'python'... ok.
Checking 'git'... ok.
Checking 'file'... ok.
Checking 'ldconfig-stub'... ok.
Collecting package info: done
Collecting target info: done
Updating feed 'luci' from 'https://git.lede-project.org/project/luci.git^079f65a628a4c4179578c043d2905efea93bb167' ...
Cloning into './feeds/luci'...
remote: Counting objects: 98455, done.
remote: Compressing objects: 100% (27737/27737), done.
remote: Total 98455 (delta 58136), reused 96962 (delta 56786)
Receiving objects: 100% (98455/98455), 23.98 MiB | 8.70 MiB/s, done.
Resolving deltas: 100% (58136/58136), done.
Switched to a new branch '079f65a628a4c4179578c043d2905efea93bb167'
/home/lede/source
Create index file './feeds/luci.index'
Collecting package info: done
Collecting target info: done
Updating feed 'routing' from 'https://git.lede-project.org/feed/routing.git^d11075cd40a88602bf4ba2b275f72100ddcb4767' ...
Cloning into './feeds/routing'...
remote: Counting objects: 6239, done.
remote: Compressing objects: 100% (3878/3878), done.
remote: Total 6239 (delta 2484), reused 5210 (delta 1977)
Receiving objects: 100% (6239/6239), 1.49 MiB | 2.21 MiB/s, done.
Resolving deltas: 100% (2484/2484), done.
Switched to a new branch 'd11075cd40a88602bf4ba2b275f72100ddcb4767'
/home/lede/source
Create index file './feeds/routing.index'
Collecting package info: done
Collecting target info: done
Updating feed 'telephony' from 'https://git.lede-project.org/feed/telephony.git^ac6415e61f147a6892fd2785337aec93ddc68fa9' ...
Cloning into './feeds/telephony'...
remote: Counting objects: 4864, done.
remote: Compressing objects: 100% (2864/2864), done.
remote: Total 4864 (delta 2548), reused 3655 (delta 1870)
Receiving objects: 100% (4864/4864), 994.97 KiB | 1.37 MiB/s, done.
Resolving deltas: 100% (2548/2548), done.
Switched to a new branch 'ac6415e61f147a6892fd2785337aec93ddc68fa9'
/home/lede/source
Create index file './feeds/telephony.index'
Collecting package info: doneing...phony/net/yateoxdyumpxx-chan-dongle
Collecting target info: doneing...

real    0m32.428s
user    0m13.266s
sys     0m7.031s

$ time ./scripts/feeds install -a
Collecting package info: done
Collecting target info: done
Installing all packages from feed packages.
Installing package 'acl' from packages
Installing package 'attr' from packages
Installing package 'acme' from packages
Installing package 'netcat' from packages
Installing package 'luci-base' from luci
Installing package 'luci-lib-nixio' from luci
Installing package 'luci-lib-ip' from luci
Installing package 'luci-lib-jsonc' from luci
Installing package 'luci-app-uhttpd' from luci
Installing package 'acpid' from packages
Installing package 'adblock' from packages
Installing package 'addrwatch' from packages
Installing package 'aggregate' from packages
Installing package 'aiccu' from packages
Installing package 'gnutls' from packages
Installing package 'libtasn1' from packages
Installing package 'p11-kit' from packages
Installing package 'cryptodev-linux' from packages
Installing package 'aircrack-ng' from packages
Installing package 'ethtool' from packages
Installing package 'procps-ng' from packages
Installing package 'pciutils' from packages
Installing package 'kmod' from packages
Installing package 'alpine' from packages
Installing package 'libpam' from packages
Installing package 'alsa-lib' from packages
Installing package 'alsa-utils' from packages
Installing package 'announce' from packages
Installing package 'ap51-flash' from packages
Installing package 'apache' from packages
Installing package 'apr' from packages
Installing package 'apr-util' from packages
Installing package 'expat' from packages
Installing package 'sqlite3' from packages
Installing package 'unixodbc' from packages
Installing package 'postgresql' from packages
Installing package 'apcupsd' from packages
Installing package 'libgd' from packages
Installing package 'libjpeg' from packages
Installing package 'libpng' from packages
Installing package 'apinger' from packages
Installing package 'aria2' from packages
Installing package 'libssh2' from packages
Installing package 'libxml2' from packages
Installing package 'arp-scan' from packages
Installing package 'at' from packages
Installing package 'atftp' from packages
Installing package 'autoconf' from packages
Installing package 'm4' from packages
Installing package 'perl' from packages
Installing package 'db47' from packages
Installing package 'gdbm' from packages
Installing package 'automake' from packages
Installing package 'autossh' from packages
Installing package 'avahi' from packages
Installing package 'libdaemon' from packages
Installing package 'intltool' from packages
Installing package 'dbus' from packages
Installing package 'avrdude' from packages
Installing package 'libftdi1' from packages
Installing package 'confuse' from packages
Installing package 'avro' from packages
Installing package 'jansson' from packages
Installing package 'xz' from packages
Installing package 'bash' from packages
Installing package 'bandwidthd' from packages
Installing package 'php7' from packages
Installing package 'icu' from packages
Installing package 'openldap' from packages
Installing package 'cyrus-sasl' from packages
Installing package 'libmcrypt' from packages
Installing package 'mysql' from packages
Installing package 'banhosts' from packages
Installing package 'bc' from packages
Installing package 'bcp38' from packages
Installing package 'bind' from packages
Installing package 'bluelog' from packages
Installing package 'bluez' from packages
Installing package 'python' from packages
Installing package 'libffi' from packages
Installing package 'glib2' from packages
Installing package 'libical' from packages
Installing package 'bmon' from packages
Installing package 'bogofilter' from packages
Installing package 'bonnie++' from packages
Installing package 'boost' from packages
Installing package 'python3' from packages
Installing package 'bridge-utils' from packages
Installing package 'libarchive' from packages
Installing package 'btrfs-progs' from packages
... ...
Installing package 'luci-app-aria2' from luci
Installing package 'luci-app-asterisk' from luci
Installing package 'luci-app-commands' from luci
Installing package 'luci-app-coovachilli' from luci
Installing package 'luci-app-ddns' from luci
Installing package 'luci-app-diag-core' from luci
Installing package 'luci-app-diag-devinfo' from luci
WARNING: No feed for package 'smap' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'mac-to-devinfo' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'httping' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'smap-to-devinfo' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'netdiscover-to-devinfo' found, maybe it's already part of the standard packages?
... ...
Installing package 'sipp' from telephony
Installing package 'siproxd' from telephony
Installing package 'yate' from telephony

real    0m17.334s
user    0m12.180s
sys     0m4.332s

$ du -sh *|sort -h
4.0K    BSDmakefile
4.0K    Config.in
4.0K    feeds.conf.default
4.0K    Makefile
4.0K    README
4.0K    version
4.0K    version.date
16K     rules.mk
20K     LICENSE
20K     staging_dir
44K     config
336K    include
804K    toolchain
1.1M    scripts
2.5M    tools
19M     package
24M     tmp
41M     target
88M     feeds

https://wiki.openwrt.org/doc/howto/build

  • run make menuconfig and set "Target System", "Subtarget", "Target Profile"
  • run make defconfig
  • run make menuconfig and modify set of package
  • run scripts/diffconfig.sh > mydiffconfig (save your changes in the text file mydiffconfig)
  • run make V=s (build OpenWRT with console logging, you can see where build failed.)

make menuconfig (first)

make menuconfig/ 打开搜索定位 target 和 profile 配置项:

img_LEDE_TARGET_profile_search

img_LEDE_TARGET_profile_result

│ Symbol: TARGET_ar71xx [=y]                                                      │
│ Type  : boolean                                                                 │
│ Prompt: Atheros AR7xxx/AR9xxx                                                   │
│   Location:                                                                     │
│     -> Target System (<choice> [=y])                                            │
│   Defined at tmp/.config-target.in:72                                           │
│   Depends on: <choice>                                                          │
│   Selects: HAS_SUBTARGETS [=y]                                                  │


│ CONFIG_TARGET_ar71xx_generic_DEVICE_tl-wr703n-v1:                               │
│                                                                                 │
│ Build firmware images for TP-LINK TL-WR703N                                     │
│                                                                                 │
│ Symbol: TARGET_ar71xx_generic_DEVICE_tl-wr703n-v1 [=y]                          │
│ Type  : boolean                                                                 │
│ Prompt: TP-LINK TL-WR703N                                                       │
│   Location:                                                                     │
│     -> Target Profile (<choice> [=y])                                           │
│   Defined at tmp/.config-target.in:12246                                        │
│   Depends on: <choice> && TARGET_ar71xx_generic [=y]                            │
│   Selects: DEFAULT_base-files [=y] && DEFAULT_busybox [=n] && \                 │
│ DEFAULT_dnsmasq [=n] && DEFAULT_dropbear [=n] && DEFAULT_firewall [=n] && \     │
│ DEFAULT_fstools [=n] && DEFAULT_ip6tables [=n] && DEFAULT_iptables [=n] && \    │
│ DEFAULT_iwinfo [=n] && DEFAULT_kmod-ath9k [=n] && \                             │
│ DEFAULT_kmod-gpio-button-hotplug [=n] && DEFAULT_kmod-usb-core [=n] && \        │
│ DEFAULT_kmod-usb2 [=n] && DEFAULT_libc [=n] && DEFAULT_libgcc [=n] && \         │
│ DEFAULT_logd [=n] && DEFAULT_mtd [=n] && DEFAULT_netifd [=n] && \               │
│ DEFAULT_odhcp6c [=n] && DEFAULT_odhcpd [=n] && DEFAULT_opkg [=n] && \           │
│ DEFAULT_ppp [=n] && DEFAULT_ppp-mod-pppoe [=n] && DEFAULT_swconfig [=n] && \    │
│ DEFAULT_uboot-envtools [=n] && DEFAULT_uci [=n] && DEFAULT_uclient-fetch [=n] & │
│ DEFAULT_wpad-mini [=n]                                                          │


$ make menuconfig
configuration written to .config

*** End of the configuration.
*** Execute 'make' to start the build or try 'make help'.

$ make defconfig
#
# configuration written to .config
#

KERNEL_CRASHLOG [=n]
KERNEL_ELF_CORE [=n]
KERNEL_DEBUG_INFO [=n]
KERNEL_SWAP
CLEAN_IPKG [=y]

PACKAGE_MAC80211_DEBUGFS [=n]
KERNEL_DEBUG_FS [=n]
KERNEL_DEBUG_KERNEL

IPV6 [=n]
BUSYBOX_CONFIG_FEATURE_IPV6 [=n]    ## nslookup, ping6 ...
PACKAGE_libip6tc [=n]

PACKAGE_dnsmasq [=n]
PACKAGE_dnsmasq-full [=y]

PACKAGE_dnsmasq_full_dnssec [=n]
    PACKAGE_libnettle [=n]
    PACKAGE_libgmp [=n]

Symbol: PACKAGE_libnettle [=n]
  Selects: PACKAGE_libc [=y] && PACKAGE_librt [=n] && PACKAGE_libgmp [=n]
  Selected by: PACKAGE_dnsmasq-full [=y] && PACKAGE_dnsmasq_full_dnssec [=n]

PACKAGE_kmod-ipt-nat-extra [=y]

PACKAGE_logd [=n]
PACKAGE_opkg [=n]

PACKAGE_ppp [=n]
PACKAGE_kmod-ppp [=n]

PACKAGE_kmod-gpio-button-hotplug [=n]
PACKAGE_kmod-usb2 [=n]
PACKAGE_kmod-usb-core [=n]
PACKAGE_kmod-nls-base [=n]

PACKAGE_libip6tc [=n]

PACKAGE_ChinaDNS [=y]
PACKAGE_dns-forwarder [=n]
PACKAGE_ipset [=y]
PACKAGE_shadowsocks-libev [=y]
PACKAGE_simple-obfs [=y]

PACKAGE_uclient-fetch [=y]
PACKAGE_kmod-lib-crc-ccitt [=n]
PACKAGE_iwinfo [=n]

SIGNED_PACKAGES [=n]
PACKAGE_lede-keyring [=n]

$ grep "^CONFIG_PACKAGE" .config
CONFIG_PACKAGE_base-files=y
CONFIG_PACKAGE_busybox=y
CONFIG_PACKAGE_dnsmasq-full=y
CONFIG_PACKAGE_dnsmasq_full_auth=y
CONFIG_PACKAGE_dnsmasq_full_ipset=y
CONFIG_PACKAGE_dnsmasq_full_conntrack=y
CONFIG_PACKAGE_dropbear=y
CONFIG_PACKAGE_firewall=y
CONFIG_PACKAGE_fstools=y
CONFIG_PACKAGE_fwtool=y
CONFIG_PACKAGE_jsonfilter=y
CONFIG_PACKAGE_libc=y
CONFIG_PACKAGE_libgcc=y
CONFIG_PACKAGE_libpthread=y
CONFIG_PACKAGE_mtd=y
CONFIG_PACKAGE_netifd=y
CONFIG_PACKAGE_procd=y
CONFIG_PACKAGE_swconfig=y
CONFIG_PACKAGE_ubox=y
CONFIG_PACKAGE_ubus=y
CONFIG_PACKAGE_ubusd=y
CONFIG_PACKAGE_uci=y
CONFIG_PACKAGE_usign=y
CONFIG_PACKAGE_kmod-ipt-conntrack=y
CONFIG_PACKAGE_kmod-ipt-core=y
CONFIG_PACKAGE_kmod-ipt-ipset=y
CONFIG_PACKAGE_kmod-ipt-nat=y
CONFIG_PACKAGE_kmod-ipt-nat-extra=y
CONFIG_PACKAGE_kmod-nf-conntrack=y
CONFIG_PACKAGE_kmod-nf-conntrack-netlink=y
CONFIG_PACKAGE_kmod-nf-ipt=y
CONFIG_PACKAGE_kmod-nf-nat=y
CONFIG_PACKAGE_kmod-nfnetlink=y
CONFIG_PACKAGE_kmod-ath=y
CONFIG_PACKAGE_ATH_DFS=y
CONFIG_PACKAGE_kmod-ath9k=y
CONFIG_PACKAGE_kmod-ath9k-common=y
CONFIG_PACKAGE_kmod-cfg80211=y
CONFIG_PACKAGE_kmod-mac80211=y
CONFIG_PACKAGE_MAC80211_DEBUGFS=y
CONFIG_PACKAGE_MAC80211_MESH=y
CONFIG_PACKAGE_libip4tc=y
CONFIG_PACKAGE_libxtables=y
CONFIG_PACKAGE_libmbedtls=y
CONFIG_PACKAGE_libblobmsg-json=y
CONFIG_PACKAGE_libcares=y
CONFIG_PACKAGE_libev=y
CONFIG_PACKAGE_libiwinfo=y
CONFIG_PACKAGE_libjson-c=y
CONFIG_PACKAGE_libmnl=y
CONFIG_PACKAGE_libnetfilter-conntrack=y
CONFIG_PACKAGE_libnfnetlink=y
CONFIG_PACKAGE_libnl-tiny=y
CONFIG_PACKAGE_libpcre=y
CONFIG_PACKAGE_libsodium=y
CONFIG_PACKAGE_libubox=y
CONFIG_PACKAGE_libubus=y
CONFIG_PACKAGE_libuci=y
CONFIG_PACKAGE_libuclient=y
CONFIG_PACKAGE_zlib=y
CONFIG_PACKAGE_iptables=y
CONFIG_PACKAGE_ChinaDNS=y
CONFIG_PACKAGE_dns-forwarder=y
CONFIG_PACKAGE_hostapd-common=y
CONFIG_PACKAGE_ipset=y
CONFIG_PACKAGE_iw=y
CONFIG_PACKAGE_odhcpd=y
CONFIG_PACKAGE_odhcpd_ext_cer_id=0
CONFIG_PACKAGE_shadowsocks-libev=y
CONFIG_PACKAGE_simple-obfs=y
CONFIG_PACKAGE_uclient-fetch=y
CONFIG_PACKAGE_wpad-mini=y
CONFIG_PACKAGE_uboot-envtools=y
CONFIG_PACKAGE_jshn=y
CONFIG_PACKAGE_libjson-script=y

$ find files
files
files/etc
files/etc/uci-defaults
files/etc/uci-defaults/defaults
files/etc/config
files/etc/config/shadowsocks
files/etc/init.d
files/etc/init.d/shadowsocks
files/usr
files/usr/bin
files/usr/bin/ss-rules
files/usr/bin/ss-rules-without-ipset

$ df -hT
Filesystem     Type      Size  Used Avail Use% Mounted on
/dev/vda1      xfs        20G  3.0G   17G  15% /

$ du -sh ~/source
340M    /home/lede/source

$ time make -j1 V=99
/home/lede/source/staging_dir/host/bin/mktplinkfw -H 0x07030101 -W 0x1 -F 4Mlzma -N OpenWrt -V r3533-d0bf257c46 -m 1 -k /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tl-wr703n-v1-ke
rnel.bin -r /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin -o /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/li
nux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin.new -j -X 0x40000 -a 0x4  -s && mv /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-gene
ric-tl-wr703n-v1-squashfs-sysupgrade.bin.new /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin || rm -f /home/lede/source/bu
ild_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin
[mktplinkfw] kernel length aligned to 1221624

[mktplinkfw] firmware file "/home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin.new" completed
cp /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin /home/lede/source/bin/targets/ar71xx/generic/lede-ar71xx-generic-tl-wr7
03n-v1-squashfs-sysupgrade.bin
[ -f /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tl-wr703n-v1-kernel.bin -a -f /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/root.squashfs ]
dd if=/home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/root.squashfs >> /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-
v1-squashfs-factory.bin
4587+1 records in
4587+1 records out
2348822 bytes (2.3 MB) copied, 0.00764824 s, 307 MB/s

/home/lede/source/staging_dir/host/bin/mktplinkfw -H 0x07030101 -W 0x1 -F 4Mlzma -N OpenWrt -V r3533-d0bf257c46 -m 1 -k /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tl-wr703n-v1-ke
rnel.bin -r /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-v1-squashfs-factory.bin -o /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux
-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-v1-squashfs-factory.bin.new -j -X 0x40000 -a 0x4   && mv /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-w
r703n-v1-squashfs-factory.bin.new /home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-v1-squashfs-factory.bin || rm -f /home/lede/source/build_dir/target
-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-v1-squashfs-factory.bin
[mktplinkfw] kernel length aligned to 1221624

Generating package index...
Generating index for package ./base-files_173.1-r3533-d0bf257c46_mips_24kc.ipk
Generating index for package ./fstools_2017-06-30-bdcb075f-1_mips_24kc.ipk
Generating index for package ./fwtool_1_mips_24kc.ipk
Generating index for package ./kmod-ath9k-common_4.4.89+2017-01-31-3_mips_24kc.ipk
Generating index for package ./kmod-ath9k_4.4.89+2017-01-31-3_mips_24kc.ipk
Generating index for package ./kmod-ath_4.4.89+2017-01-31-3_mips_24kc.ipk
Generating index for package ./kmod-cfg80211_4.4.89+2017-01-31-3_mips_24kc.ipk
Generating index for package ./kmod-ipt-conntrack_4.4.89-1_mips_24kc.ipk
Generating index for package ./kmod-ipt-core_4.4.89-1_mips_24kc.ipk
Generating index for package ./kmod-ipt-ipset_4.4.89-1_mips_24kc.ipk
Generating index for package ./kmod-ipt-nat-extra_4.4.89-1_mips_24kc.ipk
Generating index for package ./kmod-ipt-nat_4.4.89-1_mips_24kc.ipk
Generating index for package ./kmod-mac80211_4.4.89+2017-01-31-3_mips_24kc.ipk
Generating index for package ./kmod-nf-conntrack-netlink_4.4.89-1_mips_24kc.ipk
Generating index for package ./kmod-nf-conntrack_4.4.89-1_mips_24kc.ipk
Generating index for package ./kmod-nf-ipt_4.4.89-1_mips_24kc.ipk
Generating index for package ./kmod-nf-nat_4.4.89-1_mips_24kc.ipk
Generating index for package ./kmod-nfnetlink_4.4.89-1_mips_24kc.ipk
Generating index for package ./libgcc_5.4.0-1_mips_24kc.ipk
Generating index for package ./libiwinfo_2016-09-21-fd9e17be-1_mips_24kc.ipk
Generating index for package ./libpthread_1.1.16-1_mips_24kc.ipk
Generating index for package ./procd_2017-08-08-66be6a23-1_mips_24kc.ipk
Generating index for package ./uboot-envtools_2015.10-1_mips_24kc.ipk
Generating index for package ./ChinaDNS_1.3.2-5_mips_24kc.ipk
Generating index for package ./busybox_1.25.1-4_mips_24kc.ipk
Generating index for package ./dns-forwarder_1.2.1-1_mips_24kc.ipk
Generating index for package ./dnsmasq-full_2.78-1_mips_24kc.ipk
Generating index for package ./dropbear_2017.75-2_mips_24kc.ipk
Generating index for package ./firewall_2017-05-27-a4d98aea-1_mips_24kc.ipk
Generating index for package ./hostapd-common_2016-12-19-ad02e79d-4_mips_24kc.ipk
Generating index for package ./ipset_6.30-1_mips_24kc.ipk
Generating index for package ./iptables_1.4.21-2_mips_24kc.ipk
Generating index for package ./iw_4.9-1_mips_24kc.ipk
Generating index for package ./jshn_2017-02-24-96305a3c-1_mips_24kc.ipk
Generating index for package ./jsonfilter_2016-07-02-dea067ad-1_mips_24kc.ipk
Generating index for package ./libblobmsg-json_2017-02-24-96305a3c-1_mips_24kc.ipk
Generating index for package ./libip4tc_1.4.21-2_mips_24kc.ipk
Generating index for package ./libjson-c_0.12.1-1_mips_24kc.ipk
Generating index for package ./libjson-script_2017-02-24-96305a3c-1_mips_24kc.ipk
Generating index for package ./libmbedtls_2.5.1-2_mips_24kc.ipk
Generating index for package ./libmnl_1.0.4-1_mips_24kc.ipk
Generating index for package ./libnetfilter-conntrack_1.0.6-1_mips_24kc.ipk
Generating index for package ./libnfnetlink_1.0.1-1_mips_24kc.ipk
Generating index for package ./libnl-tiny_0.1-5_mips_24kc.ipk
Generating index for package ./libubox_2017-02-24-96305a3c-1_mips_24kc.ipk
Generating index for package ./libubus_2017-02-18-34c6e818-1_mips_24kc.ipk
Generating index for package ./libuci_2016-07-04-e1bf4356-1_mips_24kc.ipk
Generating index for package ./libuclient_2017-09-06-24d6eded-1_mips_24kc.ipk
Generating index for package ./libxtables_1.4.21-2_mips_24kc.ipk
Generating index for package ./mtd_21_mips_24kc.ipk
Generating index for package ./netifd_2017-01-25-650758b1-1_mips_24kc.ipk
Generating index for package ./odhcpd_2017-10-02-c6f3d5d4-2_mips_24kc.ipk
Generating index for package ./shadowsocks-libev_3.1.0-1_mips_24kc.ipk
Generating index for package ./simple-obfs_0.0.3-2_mips_24kc.ipk
Generating index for package ./swconfig_11_mips_24kc.ipk
Generating index for package ./ubox_2017-03-10-16f7e161-1_mips_24kc.ipk
Generating index for package ./ubus_2017-02-18-34c6e818-1_mips_24kc.ipk
Generating index for package ./ubusd_2017-02-18-34c6e818-1_mips_24kc.ipk
Generating index for package ./uci_2016-07-04-e1bf4356-1_mips_24kc.ipk
Generating index for package ./uclient-fetch_2017-09-06-24d6eded-1_mips_24kc.ipk
Generating index for package ./usign_2015-07-04-ef641914-1_mips_24kc.ipk
Generating index for package ./wpad-mini_2016-12-19-ad02e79d-4_mips_24kc.ipk
Generating index for package ./zlib_1.2.11-1_mips_24kc.ipk
Generating index for package ./ChinaDNS_1.3.2-5_mips_24kc.ipk
Generating index for package ./busybox_1.25.1-4_mips_24kc.ipk
Generating index for package ./dns-forwarder_1.2.1-1_mips_24kc.ipk
Generating index for package ./dnsmasq-full_2.78-1_mips_24kc.ipk
Generating index for package ./dropbear_2017.75-2_mips_24kc.ipk
Generating index for package ./firewall_2017-05-27-a4d98aea-1_mips_24kc.ipk
Generating index for package ./hostapd-common_2016-12-19-ad02e79d-4_mips_24kc.ipk
Generating index for package ./ipset_6.30-1_mips_24kc.ipk
Generating index for package ./iptables_1.4.21-2_mips_24kc.ipk
Generating index for package ./iw_4.9-1_mips_24kc.ipk
Generating index for package ./jshn_2017-02-24-96305a3c-1_mips_24kc.ipk
Generating index for package ./jsonfilter_2016-07-02-dea067ad-1_mips_24kc.ipk
Generating index for package ./libblobmsg-json_2017-02-24-96305a3c-1_mips_24kc.ipk
Generating index for package ./libip4tc_1.4.21-2_mips_24kc.ipk
Generating index for package ./libjson-c_0.12.1-1_mips_24kc.ipk
Generating index for package ./libjson-script_2017-02-24-96305a3c-1_mips_24kc.ipk
Generating index for package ./libmbedtls_2.5.1-2_mips_24kc.ipk
Generating index for package ./libmnl_1.0.4-1_mips_24kc.ipk
Generating index for package ./libnetfilter-conntrack_1.0.6-1_mips_24kc.ipk
Generating index for package ./libnfnetlink_1.0.1-1_mips_24kc.ipk
Generating index for package ./libnl-tiny_0.1-5_mips_24kc.ipk
Generating index for package ./libubox_2017-02-24-96305a3c-1_mips_24kc.ipk
Generating index for package ./libubus_2017-02-18-34c6e818-1_mips_24kc.ipk
Generating index for package ./libuci_2016-07-04-e1bf4356-1_mips_24kc.ipk
Generating index for package ./libuclient_2017-09-06-24d6eded-1_mips_24kc.ipk
Generating index for package ./libxtables_1.4.21-2_mips_24kc.ipk
Generating index for package ./mtd_21_mips_24kc.ipk
Generating index for package ./netifd_2017-01-25-650758b1-1_mips_24kc.ipk
Generating index for package ./odhcpd_2017-10-02-c6f3d5d4-2_mips_24kc.ipk
Generating index for package ./shadowsocks-libev_3.1.0-1_mips_24kc.ipk
Generating index for package ./simple-obfs_0.0.3-2_mips_24kc.ipk
Generating index for package ./swconfig_11_mips_24kc.ipk
Generating index for package ./ubox_2017-03-10-16f7e161-1_mips_24kc.ipk
Generating index for package ./ubus_2017-02-18-34c6e818-1_mips_24kc.ipk
Generating index for package ./ubusd_2017-02-18-34c6e818-1_mips_24kc.ipk
Generating index for package ./uci_2016-07-04-e1bf4356-1_mips_24kc.ipk
Generating index for package ./uclient-fetch_2017-09-06-24d6eded-1_mips_24kc.ipk
Generating index for package ./usign_2015-07-04-ef641914-1_mips_24kc.ipk
Generating index for package ./wpad-mini_2016-12-19-ad02e79d-4_mips_24kc.ipk
Generating index for package ./zlib_1.2.11-1_mips_24kc.ipk
Generating index for package ./libcares_1.13.0-1_mips_24kc.ipk
Generating index for package ./libev_4.24-1_mips_24kc.ipk
Generating index for package ./libpcre_8.40-2_mips_24kc.ipk
Generating index for package ./libsodium_1.0.12-1_mips_24kc.ipk
make[2]: Leaving directory `/home/lede/source'
export MAKEFLAGS= ;make -w -r diffconfig
make[2]: Entering directory `/home/lede/source'
make[2]: Leaving directory `/home/lede/source'
export MAKEFLAGS= ;make -w -r checksum
make[2]: Entering directory `/home/lede/source'
make[2]: Leaving directory `/home/lede/source'
make[1]: Leaving directory `/home/lede/source'

real    99m28.736s
user    76m9.039s
sys     16m30.797s

$ find ~/source/ -name '*sysupgrade.bin'
/home/lede/source/build_dir/target-mips_24kc_musl-1.1.16/linux-ar71xx_generic/tmp/lede-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin
/home/lede/source/bin/targets/ar71xx/generic/lede-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin

$ ll /home/lede/source/bin/targets/ar71xx/generic/lede-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin
-rw-r--r--. 1 lede lede 3.5M | 2017-10-14 12:09 | /home/lede/source/bin/targets/ar71xx/generic/lede-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin

刷机:

root@wr703n:/tmp# mtd -r write 1.bin firmware
Unlocking firmware ...

Writing from 1.bin to firmware ...
Rebooting ...

root@wr703n:~# df -hT
Filesystem           Type            Size      Used Available Use% Mounted on
/dev/root            squashfs        2.3M      2.3M         0 100% /rom
tmpfs                tmpfs          13.8M     96.0K     13.7M   1% /tmp
tmpfs                tmpfs          13.8M    584.0K     13.2M   4% /tmp/root
overlayfs:/tmp/root  overlay        13.8M    584.0K     13.2M   4% /
tmpfs                tmpfs         512.0K         0    512.0K   0% /dev
/dev/mtdblock3       jffs2         384.0K    380.0K      4.0K  99% /rom/overlay

DNSmasq DNS 测试服务配置:

# cat /etc/dnsmasq.conf
domain-needed
bogus-priv
no-resolv
no-hosts
no-poll

#interface=eth0
bind-interfaces
listen-address="$SS_PASSWD"

server=8.8.8.8
address=/dhcp.clone.os/192.168.1.11

dropbear SSH 公钥登录 ( 注意 /etc/dropbear/etc/dropbear/authorized_keys 权限 ) :

文件 权限
/etc/dropbear/ 目录 700
/etc/dropbear/authorized_keys 文件 600
$ namei -l etc/dropbear/*
f: etc/dropbear/authorized_keys
drwxrwxr-x lede lede etc
drwx------ lede lede dropbear
-rw------- lede lede authorized_keys            ## /etc/dropbear/authorized_keys

diff --git a/package/base-files/files/bin/config_generate b/package/base-files/files/bin/config_generate
index a8311fc..9a5f4b3 100755
--- a/package/base-files/files/bin/config_generate
+++ b/package/base-files/files/bin/config_generate
@@ -16,8 +16,6 @@ generate_static_network() {
                set network.loopback.ipaddr='127.0.0.1'
                set network.loopback.netmask='255.0.0.0'
                delete network.globals
-               set network.globals='globals'
-               set network.globals.ula_prefix='auto'
        EOF

        if json_is_a dsl object; then
@@ -224,7 +222,8 @@ generate_static_system() {
                delete system.@system[0]
                add system system
                set system.@system[-1].hostname='LEDE'
-               set system.@system[-1].timezone='UTC'
+               set system.@system[-1].timezone='CST-8'
+               set system.@system[-1].zonename='Asia/Shanghai'
                set system.@system[-1].ttylogin='0'
                set system.@system[-1].log_size='64'
                set system.@system[-1].urandom_seed='0'

diff --git a/package/base-files/files/etc/shadow b/package/base-files/files/etc/shadow
index 4b4154f..8aa7c83 100644
--- a/package/base-files/files/etc/shadow
+++ b/package/base-files/files/etc/shadow
@@ -1,4 +1,4 @@
-root::0:0:99999:7:::
+root:$1$KbdTZ98W$UNfQHmUcFSq1U3fPxsdIq.:17442:0:99999:7:::

diff --git a/package/kernel/mac80211/files/lib/wifi/mac80211.sh b/package/kernel/mac80211/files/lib/wifi/mac80211.sh
index 940fb52..1e8cf46 100644
--- a/package/kernel/mac80211/files/lib/wifi/mac80211.sh
+++ b/package/kernel/mac80211/files/lib/wifi/mac80211.sh
@@ -116,14 +116,17 @@ detect_mac80211() {
                        set wireless.radio${devidx}.hwmode=11${mode_band}
                        ${dev_id}
                        ${ht_capab}
-                       set wireless.radio${devidx}.disabled=1
+                       set wireless.radio${devidx}.disabled=0
+                       set wireless.radio${devidx}.country=CN
+                       set wireless.radio${devidx}.txpower=17

                        set wireless.default_radio${devidx}=wifi-iface
                        set wireless.default_radio${devidx}.device=radio${devidx}
                        set wireless.default_radio${devidx}.network=lan
                        set wireless.default_radio${devidx}.mode=ap
-                       set wireless.default_radio${devidx}.ssid=LEDE
-                       set wireless.default_radio${devidx}.encryption=none
+                       set wireless.default_radio${devidx}.ssid=WR703N
+                       set wireless.default_radio${devidx}.encryption=psk2
+                       set wireless.default_radio${devidx}.key=ARovdDUFNFy
 EOF
                uci -q commit wireless

$ find files
files
files/etc
files/etc/config
files/etc/config/shadowsocks
files/etc/init.d
files/etc/init.d/shadowsocks
files/etc/dropbear
files/etc/dropbear/authorized_keys
files/usr
files/usr/bin
files/usr/bin/ss-rules
files/usr/bin/ss-rules-without-ipset

初始化:

root@LEDE:~# ls -lh /bin/wget
lrwxrwxrwx    1 root     root          13 Oct  3 19:03 /bin/wget -> uclient-fetch

root@LEDE:~# df -hT
Filesystem           Type            Size      Used Available Use% Mounted on
/dev/root            squashfs        2.3M      2.3M         0 100% /rom
tmpfs                tmpfs          13.8M     60.0K     13.7M   0% /tmp
tmpfs                tmpfs          13.8M     44.0K     13.8M   0% /tmp/root
tmpfs                tmpfs         512.0K         0    512.0K   0% /dev
/dev/mtdblock3       jffs2         448.0K    212.0K    236.0K  47% /overlay
overlayfs:/overlay   overlay       448.0K    212.0K    236.0K  47% /

WR703N 默认为 AP 模式修改为 route 模式:

uci delete network.lan.type
uci delete network.lan.ifname
uci set network.lan._orig_bridge='false'
uci set network.lan._orig_ifname='eth0'
uci set network.lan.ipaddr='192.168.3.1'

uci set network.wan='interface'
uci set network.wan.ifname='eth0'
uci set network.wan.proto='dhcp'

配置 shadowsocks 服务:

SS_IPADDR=
SS_PORT=
SS_PASSWD=

uci set shadowsocks.@servers[0].server="$SS_IPADDR"
uci set shadowsocks.@servers[0].server_port="$SS_PORT"
uci set shadowsocks.@servers[0].password="$SS_PASSWD"
uci set shadowsocks.@servers[0].fast_open='1'
uci set shadowsocks.@servers[0].encrypt_method='chacha20-ietf-poly1305'
uci set shadowsocks.@servers[0].plugin='obfs-local'
uci set shadowsocks.@servers[0].plugin_opts='obfs=tls;obfs-host=itunes.apple.com;fast-open'

SS_CFGID=$(uci show shadowsocks.@servers[0].alias|awk -F '.' '{print $2}')

uci del shadowsocks.@transparent_proxy[0].main_server
uci add_list shadowsocks.@transparent_proxy[0].main_server="$SS_CFGID"
uci set shadowsocks.@access_control[0].lan_target='SS_SPEC_WAN_AC'
uci set shadowsocks.@access_control[0].wan_bp_list='/etc/chinadns_chnroute.txt'

ls -lh /etc/rc.d|grep -i shadowsocks
/etc/init.d/shadowsocks enable

启用 tcp_fastopen 内核参数:

echo net.ipv4.tcp_fastopen=3 >> /etc/sysctl.d/local.conf
sysctl -p

配置 dns-forwarder 服务:

uci set dns-forwarder.@dns-forwarder[0].enable=1

配置 ChinaDNS 服务:

uci set chinadns.@chinadns[0].enable=1
uci set chinadns.@chinadns[0].server='223.5.5.5,127.0.0.1:5300'

配置 DHCP 及 DNSmasq 服务:

uci set dhcp.lan.ra_management='1'
uci set dhcp.@dnsmasq[0].nohosts=1
uci set dhcp.@dnsmasq[0].noresolv=1
uci set dhcp.@dnsmasq[0].cachesize='1600'
uci set dhcp.@dnsmasq[0].local=127.0.0.1#5353
uci add_list dhcp.@dnsmasq[0].server='/example.com/10.60.8.11'
uci add_list dhcp.@dnsmasq[0].server='/example-inc.com/10.60.8.11'
uci add_list dhcp.@dnsmasq[0].rebind_domain='example.com'
uci add_list dhcp.@dnsmasq[0].rebind_domain='example-inc.com'

echo -e '\nmin-cache-ttl=600' >> /etc/dnsmasq.conf
tail /etc/dnsmasq.conf

uci set dropbear.@dropbear[0].GatewayPorts='on'
uci set dropbear.@dropbear[0].Port='56789'

uci changes
uci commit

root@LEDE:~# ls -lh /etc/rc.d/|egrep 'shadow|dns'
lrwxrwxrwx    1 root     root          21 Oct 15 23:54 K15shadowsocks -> ../init.d/shadowsocks
lrwxrwxrwx    1 root     root          17 Oct  3 19:03 S19dnsmasq -> ../init.d/dnsmasq
lrwxrwxrwx    1 root     root          23 Oct  3 19:23 S75dns-forwarder -> ../init.d/dns-forwarder
lrwxrwxrwx    1 root     root          18 Oct  3 19:23 S90chinadns -> ../init.d/chinadns
lrwxrwxrwx    1 root     root          21 Oct 15 23:54 S90shadowsocks -> ../init.d/shadowsocks

Image Generator

https://wiki.openwrt.org/doc/howto/obtain.firmware.generate

yum install subversion git gawk gettext ncurses-devel zlib-devel openssl-devel libxslt wget

# yum group list hidden -v |grep dev
There is no installed groups file.
Maybe run: yum groups mark convert (see man yum)
   Development and Creative Workstation (developer-workstation-environment)
   Additional Development (additional-devel)
   Desktop Platform Development (desktop-platform-devel)
   Development Tools (development)
   Platform Development (platform-devel)
   Server Platform Development (server-platform-devel)

# yum groups info development

Group: Development Tools
 Group-Id: development
 Description: A basic development environment.
 Mandatory Packages:
   +autoconf
   +automake
    binutils
   +bison
   +flex
   +gcc
   +gcc-c++
    gettext
   +libtool
    make
   +patch
    pkgconfig
   +redhat-rpm-config
   +rpm-build
   +rpm-sign
 Default Packages:
   +byacc
   +cscope
   +ctags
   +diffstat
   +doxygen
   +elfutils
   +gcc-gfortran
    git
   +indent
   +intltool
   +patchutils
   +rcs
   +subversion
   +swig
   +systemtap

 Optional Packages:
   ElectricFence
   ant
   babel
   bzr
   ccache
   chrpath
   clips
   clips-devel
   clips-doc
   clips-emacs
   clips-xclips
   clipsmm-devel
   clipsmm-doc
   cmake
   cmucl
   colordiff
   compat-gcc-44
   compat-gcc-44-c++
   cvs
   cvsps
   darcs
   dejagnu
   email2trac
   expect
   ftnchek
   gcc-gnat
   gcc-objc
   gcc-objc++
   ghc
   git
   haskell-platform
   imake
   javapackages-tools
   ksc
   libstdc++-docs
   lua
   mercurial
   mock
   mod_dav_svn
   nasm
   nqc
   nqc-doc
   ocaml
   perltidy
   python-docs
   qgit
   rpmdevtools
   rpmlint
   sbcl
   scorep
   systemtap-sdt-devel
   systemtap-server
   trac
   trac-git-plugin
   trac-mercurial-plugin
   trac-webadmin
   translate-toolkit

# yum group install development

Dependencies Resolved

========================================================================================
 Package                    Arch         Version                    Repository     Size
========================================================================================
Installing for group install "Development Tools":
 autoconf                   noarch       2.69-11.el7                base          701 k
 automake                   noarch       1.13.4-3.el7               base          679 k
 bison                      x86_64       3.0.4-1.el7                base          674 k
 byacc                      x86_64       1.9.20130304-3.el7         base           65 k
 cscope                     x86_64       15.8-10.el7                base          203 k
 ctags                      x86_64       5.8-13.el7                 base          155 k
 diffstat                   x86_64       1.57-4.el7                 base           35 k
 doxygen                    x86_64       1:1.8.5-3.el7              base          3.6 M
 elfutils                   x86_64       0.168-8.el7                base          279 k
 flex                       x86_64       2.5.37-3.el7               base          292 k
 gcc                        x86_64       4.8.5-16.el7               base           16 M
 gcc-c++                    x86_64       4.8.5-16.el7               base          7.2 M
 gcc-gfortran               x86_64       4.8.5-16.el7               base          6.7 M
 indent                     x86_64       2.2.11-13.el7              base          150 k
 intltool                   noarch       0.50.2-7.el7               base           59 k
 libtool                    x86_64       2.4.2-22.el7_3             base          588 k
 patch                      x86_64       2.7.1-8.el7                base          110 k
 patchutils                 x86_64       0.3.3-4.el7                base          104 k
 rcs                        x86_64       5.9.0-5.el7                base          230 k
 redhat-rpm-config          noarch       9.1.0-76.el7.centos        base           79 k
 rpm-build                  x86_64       4.11.3-25.el7              base          146 k
 rpm-sign                   x86_64       4.11.3-25.el7              base           46 k
 subversion                 x86_64       1.7.14-11.el7_4            updates       1.0 M
 swig                       x86_64       2.0.10-5.el7               base          1.3 M
 systemtap                  x86_64       3.1-3.el7                  base          144 k
Installing for dependencies:
 apr                        x86_64       1.4.8-3.el7                base          103 k
 apr-util                   x86_64       1.5.2-6.el7                base           92 k
 avahi-libs                 x86_64       0.6.31-17.el7              base           61 k
 boost-date-time            x86_64       1.53.0-27.el7              base           52 k
 boost-system               x86_64       1.53.0-27.el7              base           40 k
 boost-thread               x86_64       1.53.0-27.el7              base           57 k
 cpp                        x86_64       4.8.5-16.el7               base          5.9 M
 dwz                        x86_64       0.11-3.el7                 base           99 k
 dyninst                    x86_64       9.3.1-1.el7                base          3.5 M
 efivar-libs                x86_64       31-4.el7                   base           68 k
 gdb                        x86_64       7.6.1-100.el7              base          2.4 M
 gettext-common-devel       noarch       0.19.8.1-2.el7             base          410 k
 gettext-devel              x86_64       0.19.8.1-2.el7             base          320 k
 glibc-devel                x86_64       2.17-196.el7               base          1.1 M
 glibc-headers              x86_64       2.17-196.el7               base          675 k
 kernel-debug-devel         x86_64       3.10.0-693.2.2.el7         updates        14 M
 kernel-headers             x86_64       3.10.0-693.2.2.el7         updates       6.0 M
 libdwarf                   x86_64       20130207-4.el7             base          109 k
 libgfortran                x86_64       4.8.5-16.el7               base          296 k
 libmodman                  x86_64       2.0.1-8.el7                base           28 k
 libmpc                     x86_64       1.0.1-3.el7                base           51 k
 libproxy                   x86_64       0.4.11-10.el7              base           64 k
 libquadmath                x86_64       4.8.5-16.el7               base          186 k
 libquadmath-devel          x86_64       4.8.5-16.el7               base           49 k
 libstdc++-devel            x86_64       4.8.5-16.el7               base          1.5 M
 m4                         x86_64       1.4.16-10.el7              base          256 k
 mokutil                    x86_64       12-1.el7.centos            base           41 k
 mpfr                       x86_64       3.1.1-4.el7                base          203 k
 neon                       x86_64       0.30.0-3.el7               base          165 k
 pakchois                   x86_64       0.4-10.el7                 base           14 k
 perl-Data-Dumper           x86_64       2.145-3.el7                base           47 k
 perl-Test-Harness          noarch       3.28-3.el7                 base          302 k
 perl-Thread-Queue          noarch       3.02-2.el7                 base           17 k
 perl-XML-Parser            x86_64       2.41-10.el7                base          223 k
 perl-srpm-macros           noarch       1-8.el7                    base          4.6 k
 subversion-libs            x86_64       1.7.14-11.el7_4            updates       921 k
 systemtap-client           x86_64       3.1-3.el7                  base          3.7 M
 systemtap-devel            x86_64       3.1-3.el7                  base          2.0 M
 systemtap-runtime          x86_64       3.1-3.el7                  base          394 k
 unzip                      x86_64       6.0-16.el7                 base          169 k
 zip                        x86_64       3.0-11.el7                 base          260 k

# yum groups info development

Group: Development Tools
 Group-Id: development
 Description: A basic development environment.
 Mandatory Packages:
   =autoconf
   =automake
    binutils
   =bison
   =flex
   =gcc
   =gcc-c++
    gettext
   =libtool
    make
   =patch
    pkgconfig
   =redhat-rpm-config
   =rpm-build
   =rpm-sign
 Default Packages:
   =byacc
   =cscope
   =ctags
   =diffstat
   =doxygen
   =elfutils
   =gcc-gfortran
    git
   =indent
   =intltool
   =patchutils
   =rcs
   =subversion
   =swig
   =systemtap

OpenWRT 15.05.1

dnsmasq-full

在 OpenWRT 上配置 Shadowsocks 并通过 Dnsmasq + ipset 按域名翻墙

openwrt 中的 dnsmasq 是不带 ipset 功能的,删除掉自带的 dnsmasq 并安装带 ipset 功能的 dnsmasq-full

可以完成 ROM 打包:

$ time make image PROFILE=TLWR703 FILES=files/ PACKAGES="ChinaDNS dns-forwarder shadowsocks-libev ipset kmod-ipt-nat firewall dnsmasq-full -dnsmasq -kmod-ipv6 -odhcp6c -ip6tables -kmod-ip6tables -kmod-nf-ipt6 -kmod-nf-conntrack6 -ppp -ppp-mod-pppoe -kmod-ppp -kmod-pppoe -kmod-pppox -kmod-nls-base -kmod-usb-core -kmod-usb2 -kmod-nf-nathelper -kmod-gpio-button-hotplug -luci* -uboot-envtools -swconfig -opkg" FILES_REMOVE="files_remove"

$ cat files_remove
/etc/modules.d/20-ipv6
/lib/modules/3.18.23/ipv6.ko
/usr/bin/ss-local
/usr/bin/ss-tunnel

Configuring zlib.
Configuring libev.
Configuring libcares.
Configuring libpcre.
Configuring libpthread.
Configuring libsodium.
Configuring libmbedtls.
Configuring shadowsocks-libev.
Configuring libubox.
Configuring libubus.
Configuring libjson-c.
Configuring libblobmsg-json.
Configuring ubusd.
Configuring ubus.
Configuring libnl-tiny.
Configuring busybox.
Configuring libuci.
Configuring odhcpd.
Configuring kmod-nfnetlink.
Configuring kmod-nf-ipt.
Configuring kmod-ipt-core.
Configuring kmod-nf-conntrack.
Configuring kmod-ipt-conntrack.
Configuring jshn.
Configuring netifd.
Configuring libjson-script.
Configuring ubox.
Configuring procd.
Configuring jsonfilter.
Configuring usign.
Configuring base-files.
Configuring kmod-nf-nat.
Configuring libmnl.
Configuring libgmp.
Configuring libnettle.
Configuring ChinaDNS.
Configuring libxtables.
Configuring libip4tc.
Configuring libip6tc.
Configuring kmod-ipt-nat.
Configuring firewall.
Configuring fstools.
Configuring kmod-crypto-core.
Configuring kmod-crypto-arc4.
Configuring kmod-crypto-aes.
Configuring kmod-cfg80211.
Configuring hostapd-common.
Configuring kmod-mac80211.
Configuring kmod-ath.
Configuring kmod-ath9k-common.
Configuring kmod-ath9k.
Configuring uci.
Configuring wpad-mini.
Configuring dropbear.
Configuring dns-forwarder.
Configuring mtd.
Configuring kmod-ipt-ipset.
Configuring ipset.
Configuring iptables.
Configuring kmod-ipv6.
Configuring dnsmasq-full.

不移除 swconfig 引入 iw 依赖 ROM 会超出 4M :

$ time make image PROFILE=TLWR703 FILES=files/ PACKAGES="ChinaDNS dns-forwarder shadowsocks-libev ipset kmod-ipt-nat firewall dnsmasq-full -dnsmasq -kmod-ipv6 -odhcp6c -ip6tables -kmod-ip6tables -kmod-nf-ipt6 -kmod-nf-conntrack6 -kmod-nf-nathelper -ppp -ppp-mod-pppoe -kmod-ppp -kmod-pppoe -kmod-pppox -kmod-nls-base -kmod-usb-core -kmod-usb2 -kmod-nf-nathelper -kmod-gpio-button-hotplug -luci* -uboot-envtools -opkg" FILES_REMOVE="files_remove"

dnsmasq

仅依赖 libip6tc 没有引入 kmod-ipv6 并移除 kmod-nf-nathelper

time make image PROFILE=TLWR703 FILES=files/ PACKAGES="ChinaDNS dns-forwarder shadowsocks-libev ipset kmod-ipt-nat firewall -kmod-nf-nathelper -odhcp6c -ip6tables -kmod-ip6tables -kmod-nf-ipt6 -kmod-nf-conntrack6 -ppp -ppp-mod-pppoe -kmod-ppp -kmod-pppoe -kmod-pppox -kmod-usb-core -kmod-usb2 -kmod-nls-base -kmod-gpio-button-hotplug -luci*"

root@wr703n:~# opkg list-installed|awk '{print $1}'|grep 6
libip6tc

root@wr703n:~# opkg list-installed|awk '{print $1}'|grep kmod
kmod-ath
kmod-ath9k
kmod-ath9k-common
kmod-cfg80211
kmod-crypto-aes
kmod-crypto-arc4
kmod-crypto-core
kmod-ipt-conntrack
kmod-ipt-core
kmod-ipt-ipset
kmod-ipt-nat
kmod-mac80211
kmod-nf-conntrack
kmod-nf-ipt
kmod-nf-nat
kmod-nfnetlink

# opkg list-installed
ChinaDNS - 1.3.2-5
base-files - 157.2-r48532
busybox - 1.23.2-1
dns-forwarder - 1.2.1-1
dnsmasq - 2.73-1
dropbear - 2015.67-1
firewall - 2015-07-27
fstools - 2016-01-10-96415afecef35766332067f4205ef3b2c7561d21
hostapd-common - 2015-03-25-1
ipset - 6.24-1
iptables - 1.4.21-1
iw - 3.17-1
jshn - 2015-11-08-10429bccd0dc5d204635e110a7a8fae7b80d16cb
jsonfilter - 2014-06-19-cdc760c58077f44fc40adbbe41e1556a67c1b9a9
kernel - 3.18.23-1-b2f200610f46d20ef52d269421369d0c
kmod-ath - 3.18.23+2015-03-09-3
kmod-ath9k - 3.18.23+2015-03-09-3
kmod-ath9k-common - 3.18.23+2015-03-09-3
kmod-cfg80211 - 3.18.23+2015-03-09-3
kmod-crypto-aes - 3.18.23-1
kmod-crypto-arc4 - 3.18.23-1
kmod-crypto-core - 3.18.23-1
kmod-ipt-conntrack - 3.18.23-1
kmod-ipt-core - 3.18.23-1
kmod-ipt-ipset - 3.18.23-1
kmod-ipt-nat - 3.18.23-1
kmod-mac80211 - 3.18.23+2015-03-09-3
kmod-nf-conntrack - 3.18.23-1
kmod-nf-ipt - 3.18.23-1
kmod-nf-nat - 3.18.23-1
kmod-nfnetlink - 3.18.23-1
libblobmsg-json - 2015-11-08-10429bccd0dc5d204635e110a7a8fae7b80d16cb
libc - 0.9.33.2-1
libcares - 1.13.0-1
libev - 4.19-1
libgcc - 4.8-linaro-1
libip4tc - 1.4.21-1
libip6tc - 1.4.21-1
libjson-c - 0.12-1
libjson-script - 2015-11-08-10429bccd0dc5d204635e110a7a8fae7b80d16cb
libmbedtls - 2.5.1-2
libmnl - 1.0.3-2
libnl-tiny - 0.1-4
libpcre - 8.38-1
libpthread - 0.9.33.2-1
libsodium - 1.0.12-1
libubox - 2015-11-08-10429bccd0dc5d204635e110a7a8fae7b80d16cb
libubus - 2015-05-25-f361bfa5fcb2daadf3b160583ce665024f8d108e
libuci - 2015-08-27.1-1
libxtables - 1.4.21-1
mtd - 21
netifd - 2015-12-16-245527193e90906451be35c2b8e972b8712ea6ab
odhcpd - 2015-11-19-01d3f9d64486ac1daa144848944e877e7f0cb762
opkg - 9c97d5ecd795709c8584e972bfdf3aee3a5b846d-9
procd - 2015-10-29.1-d5fddd91b966424bb63e943e789704d52382cc18
shadowsocks-libev - 3.1.0-1
swconfig - 10
uboot-envtools - 2014.10-2
ubox - 2015-11-22-c086167a0154745c677f8730a336ea9cf7d71031
ubus - 2015-05-25-f361bfa5fcb2daadf3b160583ce665024f8d108e
ubusd - 2015-05-25-f361bfa5fcb2daadf3b160583ce665024f8d108e
uci - 2015-08-27.1-1
usign - 2015-05-08-cf8dcdb8a4e874c77f3e9a8e9b643e8c17b19131
wpad-mini - 2015-03-25-1
zlib - 1.2.8-1

source build

https://sourceforge.net/p/wr703nshairport/wiki/Build%20Instructions/

http://bugworkshop.blogspot.com/2013/08/openwrt-tp-link-tl-wr703n.html

编译自己的 OpenWrt 固件 2015-10-13

修改源码,使其适用于 16M Flash

https://wiki.openwrt.org/doc/recipes/installing-shorewall.v5-on-openwrt

cp config.diff .config
make defconfig
make -j 1 V=s

rm .config
make menuconfig
./scripts/diffconfig.sh > config.tmp
cp config.tmp .config
cat .config

iw dev wlan0 set txpower fixed 16mBm

LEDE 17.0.4

Configuring libgcc.
Configuring libc.
Configuring zlib.
Configuring libev.
Configuring libcares.
Configuring libpcre.
Configuring libpthread.
Configuring libsodium.
Configuring libmbedtls.
Configuring shadowsocks-libev.
Configuring libubox.
Configuring libubus.
Configuring libjson-c.
Configuring libblobmsg-json.
Configuring ubusd.
Configuring ubus.
Configuring libnl-tiny.
Configuring iw.
Configuring jsonfilter.
Configuring busybox.
Configuring libuci.
Configuring odhcpd.
Configuring kernel.
Configuring kmod-nfnetlink.
Configuring swconfig.
Configuring libiwinfo.
Configuring kmod-nf-ipt.
Configuring kmod-ipt-core.
Configuring kmod-nf-conntrack.
Configuring kmod-nf-nat.
Configuring kmod-ipt-nat.
Configuring kmod-ipt-nat-extra.
Configuring kmod-ipt-conntrack.
Configuring jshn.
Configuring netifd.
Configuring libjson-script.
Configuring ubox.
Configuring procd.
Configuring fstools.
Configuring fwtool.
Configuring base-files.
Configuring libmnl.
Configuring uboot-envtools.
Configuring ChinaDNS.
Configuring libxtables.
Configuring libip4tc.
Configuring firewall.
Configuring libuclient.
Configuring uclient-fetch.
Configuring kmod-cfg80211.
Configuring hostapd-common.
Configuring kmod-mac80211.
Configuring kmod-ath.
Configuring kmod-ath9k-common.
Configuring kmod-ath9k.
Configuring uci.
Configuring wpad-mini.
Configuring dropbear.
Configuring libnfnetlink.
Configuring kmod-nf-conntrack-netlink.
Configuring libnetfilter-conntrack.
Configuring dns-forwarder.
Configuring mtd.
Configuring kmod-ipt-ipset.
Configuring ipset.
Configuring logd.
Configuring iptables.
Configuring simple-obfs.
Configuring usign.
Configuring dnsmasq-full.

$ grep "^CONFIG_PACKAGE" .config
CONFIG_PACKAGE_base-files=y
CONFIG_PACKAGE_busybox=y
CONFIG_PACKAGE_dnsmasq-full=y
CONFIG_PACKAGE_dnsmasq_full_auth=y
CONFIG_PACKAGE_dnsmasq_full_ipset=y
CONFIG_PACKAGE_dnsmasq_full_conntrack=y
CONFIG_PACKAGE_dropbear=y
CONFIG_PACKAGE_firewall=y
CONFIG_PACKAGE_fstools=y
CONFIG_PACKAGE_fwtool=y
CONFIG_PACKAGE_jsonfilter=y
CONFIG_PACKAGE_libc=y
CONFIG_PACKAGE_libgcc=y
CONFIG_PACKAGE_libpthread=y
CONFIG_PACKAGE_logd=y
CONFIG_PACKAGE_mtd=y
CONFIG_PACKAGE_netifd=y
CONFIG_PACKAGE_procd=y
CONFIG_PACKAGE_swconfig=y
CONFIG_PACKAGE_ubox=y
CONFIG_PACKAGE_ubus=y
CONFIG_PACKAGE_ubusd=y
CONFIG_PACKAGE_uci=y
CONFIG_PACKAGE_usign=y
CONFIG_PACKAGE_kmod-ipt-conntrack=y
CONFIG_PACKAGE_kmod-ipt-core=y
CONFIG_PACKAGE_kmod-ipt-ipset=y
CONFIG_PACKAGE_kmod-ipt-nat=y
CONFIG_PACKAGE_kmod-ipt-nat-extra=y
CONFIG_PACKAGE_kmod-nf-conntrack=y
CONFIG_PACKAGE_kmod-nf-conntrack-netlink=y
CONFIG_PACKAGE_kmod-nf-ipt=y
CONFIG_PACKAGE_kmod-nf-nat=y
CONFIG_PACKAGE_kmod-nfnetlink=y
CONFIG_PACKAGE_kmod-ath=y
CONFIG_PACKAGE_ATH_DFS=y
CONFIG_PACKAGE_kmod-ath9k=y
CONFIG_PACKAGE_kmod-ath9k-common=y
CONFIG_PACKAGE_kmod-cfg80211=y
CONFIG_PACKAGE_kmod-mac80211=y
CONFIG_PACKAGE_MAC80211_MESH=y
CONFIG_PACKAGE_libip4tc=y
CONFIG_PACKAGE_libxtables=y
CONFIG_PACKAGE_libmbedtls=y
CONFIG_PACKAGE_libblobmsg-json=y
CONFIG_PACKAGE_libcares=y
CONFIG_PACKAGE_libev=y
CONFIG_PACKAGE_libiwinfo=y
CONFIG_PACKAGE_libjson-c=y
CONFIG_PACKAGE_libmnl=y
CONFIG_PACKAGE_libnetfilter-conntrack=y
CONFIG_PACKAGE_libnfnetlink=y
CONFIG_PACKAGE_libnl-tiny=y
CONFIG_PACKAGE_libpcre=y
CONFIG_PACKAGE_libsodium=y
CONFIG_PACKAGE_libubox=y
CONFIG_PACKAGE_libubus=y
CONFIG_PACKAGE_libuci=y
CONFIG_PACKAGE_libuclient=y
CONFIG_PACKAGE_zlib=y
CONFIG_PACKAGE_iptables=y
CONFIG_PACKAGE_ChinaDNS=y
CONFIG_PACKAGE_dns-forwarder=y
CONFIG_PACKAGE_hostapd-common=y
CONFIG_PACKAGE_ipset=y
CONFIG_PACKAGE_iw=y
CONFIG_PACKAGE_odhcpd=y
CONFIG_PACKAGE_odhcpd_ext_cer_id=0
CONFIG_PACKAGE_shadowsocks-libev=y
CONFIG_PACKAGE_simple-obfs=y
CONFIG_PACKAGE_uclient-fetch=y
CONFIG_PACKAGE_wpad-mini=y
CONFIG_PACKAGE_uboot-envtools=y
CONFIG_PACKAGE_jshn=y
CONFIG_PACKAGE_libjson-script=y

dnsmasq-full DNSSEC 引入 libnettlelibgmp 依赖导致固件编译超过 4M

# CONFIG_PACKAGE_dnsmasq_full_noid is not set
# CONFIG_PACKAGE_dnsmasq_full_dnssec is not set
# CONFIG_PACKAGE_libgmp is not set
# CONFIG_PACKAGE_libnettle is not set

dnsmasq-full

http://einverne.github.io/post/2014/11/WNDR3800-shadowsocks.html

opkg update
opkg install kmod-ipt-ipset ipset ipset-dns
opkg remove dnsmasq
opkg install dnsmasq-full

https://git.zx2c4.com/ipset-dns/about/

https://hong.im/2014/07/08/use-ipset-with-shadowsocks-on-openwrt/

opkg update
opkg install ipset iptables-mod-nat-extra
opkg install dnsmasq-full --force-overwrite

http://novawl.blogspot.com/2015/06/openwrtshadowsocksdnsmasqipset.html

http://blog.kompaz.win/2017/03/24/OpenWRT%20Shadowsocks+GFWList%20%E6%B5%81%E9%87%8F%E8%87%AA%E5%8A%A8%E5%88%86%E6%B5%81/

OpenWRT 编译进阶 2015-04-12

修改路由连接数

package/base-files/files/etc/sysctl.conf

net.netfilter.nf_conntrack_max=65535

http://trac.gateworks.com/wiki/OpenWrt/Configuration

https://github.com/openwrt/packages/blob/master/net/shadowsocks-libev/Makefile

https://github.com/shadowsocks/openwrt-shadowsocks/blob/master/Makefile

从 OpenWrt 的 SDK 编译 Shadowsocks-libev 和 luci-app-shadowsocks 2017-03-19

make package/shadowsocks-libev/compile V=99

编译 shadowsocks-libev for OpenWrt ipk 安装包

更新 Feeds 使 package 在 make menuconfig 中可用,而不是真正安装或编译,并按照自己的路由型号设定 target 否则默认 target 下编译好的工具链在重新设定 target 后无效

cd ~/Downloads/openwrt
./scripts/feeds update -a
./scripts/feeds install -a

# run `make menuconfig` and set target;
# Choose your own Target System -> SubTarget -> Target Profile

make menuconfig
make defconfig

先编译要用到的工具和库

make prereq && make tools/install && make toolchain/install

编译 shadowsocks-libev ipk for 网件 Netgear WNDR4300 路由器

cd ~/Downloads
git clone git://git.openwrt.org/openwrt.git

pushd package
git clone https://github.com/shadowsocks/shadowsocks-libev.git
popd

cd ~/Downloads/openwrt
./scripts/feeds update -a
./scripts/feeds install -a

make defconfig
make prereq
make menuconfig

# Target System: Atheros AR7xxx/AR9XXX
# Subtarget: Generic device with NAND flash
# Target Profile: (因我们只是编译包,这步可以不选)
# Network, 选择 shadowsocks-libev-openssl 和 shadowsocks-libev-polarssl 按 m 设置为编译独立 ipk 安装包
# Save && Exit

make tools/install && make toolchain/install

make V=99 package/shadowsocks-libev/openwrt/compile

$ grep "^CONFIG_PACKAGE" .config
CONFIG_PACKAGE_base-files=y
CONFIG_PACKAGE_busybox=y
CONFIG_PACKAGE_dnsmasq-full=m
CONFIG_PACKAGE_dnsmasq_full_auth=y
CONFIG_PACKAGE_dnsmasq_full_ipset=y
CONFIG_PACKAGE_dropbear=y
CONFIG_PACKAGE_firewall=y
CONFIG_PACKAGE_fstools=y
CONFIG_PACKAGE_jsonfilter=y
CONFIG_PACKAGE_libc=y
CONFIG_PACKAGE_libgcc=y
CONFIG_PACKAGE_libpthread=y
CONFIG_PACKAGE_mtd=y
CONFIG_PACKAGE_netifd=y
CONFIG_PACKAGE_procd=y
CONFIG_PACKAGE_swconfig=y
CONFIG_PACKAGE_ubox=y
CONFIG_PACKAGE_ubus=y
CONFIG_PACKAGE_ubusd=y
CONFIG_PACKAGE_uci=y
CONFIG_PACKAGE_usign=y
CONFIG_PACKAGE_uboot-ar71xx-nbg460n_550n_550nh=y
CONFIG_PACKAGE_kmod-crypto-aes=y
CONFIG_PACKAGE_kmod-crypto-arc4=y
CONFIG_PACKAGE_kmod-crypto-core=y
CONFIG_PACKAGE_kmod-ipt-conntrack=y
CONFIG_PACKAGE_kmod-ipt-core=y
CONFIG_PACKAGE_kmod-ipt-ipset=y
CONFIG_PACKAGE_kmod-ipt-nat=y
CONFIG_PACKAGE_kmod-nf-conntrack=y
CONFIG_PACKAGE_kmod-nf-ipt=y
CONFIG_PACKAGE_kmod-nf-nat=y
CONFIG_PACKAGE_kmod-nfnetlink=y
CONFIG_PACKAGE_kmod-ath=y
CONFIG_PACKAGE_ATH_DFS=y
CONFIG_PACKAGE_kmod-ath9k=y
CONFIG_PACKAGE_kmod-ath9k-common=y
CONFIG_PACKAGE_kmod-cfg80211=y
CONFIG_PACKAGE_kmod-mac80211=y
CONFIG_PACKAGE_MAC80211_DEBUGFS=y
CONFIG_PACKAGE_MAC80211_MESH=y
CONFIG_PACKAGE_libip4tc=y
CONFIG_PACKAGE_libxtables=y
CONFIG_PACKAGE_libmbedtls=y
CONFIG_PACKAGE_libblkid=m
CONFIG_PACKAGE_libblobmsg-json=y
CONFIG_PACKAGE_libcares=y
CONFIG_PACKAGE_libev=y
CONFIG_PACKAGE_libgmp=y
CONFIG_PACKAGE_libiwinfo=y
CONFIG_PACKAGE_libjson-c=y
CONFIG_PACKAGE_libmnl=y
CONFIG_PACKAGE_libnettle=y
CONFIG_PACKAGE_libnl-tiny=y
CONFIG_PACKAGE_libpcre=y
CONFIG_PACKAGE_libpopt=m
CONFIG_PACKAGE_libreadline=m
CONFIG_PACKAGE_libsodium=y
CONFIG_PACKAGE_libubox=y
CONFIG_PACKAGE_libubus=y
CONFIG_PACKAGE_libuci=y
CONFIG_PACKAGE_libuuid=m
CONFIG_PACKAGE_zlib=y
CONFIG_PACKAGE_iptables=y
CONFIG_PACKAGE_ChinaDNS=y
CONFIG_PACKAGE_dns-forwarder=y
CONFIG_PACKAGE_hostapd-common=y
CONFIG_PACKAGE_ipset=y
CONFIG_PACKAGE_iw=y
CONFIG_PACKAGE_odhcpd=y
CONFIG_PACKAGE_odhcpd_ext_cer_id=0
CONFIG_PACKAGE_shadowsocks-libev=y
CONFIG_PACKAGE_simple-obfs=y
CONFIG_PACKAGE_wpad-mini=y
CONFIG_PACKAGE_jshn=y
CONFIG_PACKAGE_libjson-script=y
CONFIG_PACKAGE_uboot-envtools=y

编译集成了 shadowsocks 的 openwrt 固件

编译适用于 8M Flash 的固件,需修改 Makefilemktplinkfw.c 文件

Network  --->
    <M> ipset
    <M> ipset-dns


define Device/tplink-4mlzma
$(Device/tplink)
  TPLINK_FLASHLAYOUT := 4Mlzma
  IMAGE_SIZE := 3904k
endef

define Device/tplink-8mlzma
$(Device/tplink)
  TPLINK_FLASHLAYOUT := 8Mlzma
  IMAGE_SIZE := 7936k
endef

$ grep -A5 -i 703n target/linux/ar71xx/image/Makefile
define Device/tl-wr703n-v1
    $(Device/tplink-4mlzma)
    BOARDNAME := TL-WR703N
    DEVICE_PROFILE := TLWR703
    TPLINK_HWID := 0x07030101
    CONSOLE := ttyATH0,115200
endef

--
TARGET_DEVICES += tl-wr703n-v1 tl-wr710n-v1 tl-wr710n-v2 tl-wr720n-v3 tl-wr720n-v4

define Device/tl-wr740n-v4
    $(Device/tplink-4mlzma)
    BOARDNAME := TL-WR741ND-v4
    DEVICE_PROFILE := TLWR740

$ grep -A5 -i 703n tools/firmware-utils/src/mktplinkfw.c
#define HWID_TL_WR703N_V1       0x07030101
#define HWID_TL_WR720N_V3       0x07200103
#define HWID_TL_WR720N_V4       0x07200104
#define HWID_TL_WR741ND_V1      0x07410001
#define HWID_TL_WR741ND_V4      0x07410004
#define HWID_TL_WR740N_V1       0x07400001
--
                .id             = "TL-WR703Nv1",
                .hw_id          = HWID_TL_WR703N_V1,
                .hw_rev         = 1,
                .layout_id      = "4Mlzma",
        }, {
                .id             = "TL-WR720Nv3",
                .hw_id          = HWID_TL_WR720N_V3,

Custom Configuration OpenWrt

mkdir -p files/etc/config
cat << EOF >> files/etc/config/network
config interface lan
        option ifname   eth0
        option type     bridge
        option proto    static
        option ipaddr   192.168.9.1
        option netmask  255.255.255.0

EOF

OpenWRT 编译进阶

package/base-files/files/etc/config/samba

config samba
    #显示中文
    option charset 'gb2312'

config sambashare
    option read_only 'no'
    option guest_ok 'yes'
    option create_mask '0777'
    option dir_mask '0777'
    option display charset

shadowsocks.cfg0615fe.server+=
shadowsocks.cfg0615fe.server+=cfg0a4a8f

no addon server

root@LEDE:~# uci show dhcp
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].boguspriv='1'
dhcp.@dnsmasq[0].filterwin2k='0'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].nonegcache='0'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.auto'
dhcp.@dnsmasq[0].localservice='1'
dhcp.@dnsmasq[0].nohosts='1'
dhcp.@dnsmasq[0].noresolv='1'
dhcp.@dnsmasq[0].local='127.0.0.1#5353'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'


root@LEDE:~# uci changes
-dhcp.cfg02411c.resolvfile
-dhcp.cfg02411c.filterwin2k
-dhcp.cfg02411c.nonegcache
dhcp.cfg02411c.server+='/yidian.com/10.60.8.11'
dhcp.cfg02411c.nonwildcard='0'

root@LEDE:~# uci show dhcp
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].boguspriv='1'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].localservice='1'
dhcp.@dnsmasq[0].nohosts='1'
dhcp.@dnsmasq[0].noresolv='1'
dhcp.@dnsmasq[0].local='127.0.0.1#5353'
dhcp.@dnsmasq[0].server='/yidian.com/10.60.8.11'
dhcp.@dnsmasq[0].nonwildcard='0'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'

703 默认配置:

root@LEDE:~# uci show network
network.loopback=interface
network.loopback.ifname='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth0'
network.lan.proto='static'
network.lan.ipaddr='192.168.1.1'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='60'

root@LEDE:~# uci show dhcp
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].boguspriv='1'
dhcp.@dnsmasq[0].filterwin2k='0'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].nonegcache='0'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.auto'
dhcp.@dnsmasq[0].localservice='1'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'

root@LEDE:~# cat /etc/config/network

config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config interface 'lan'
    option type 'bridge'
    option ifname 'eth0'
    option proto 'static'
    option ipaddr '192.168.1.1'
    option netmask '255.255.255.0'
    option ip6assign '60'


root@LEDE:~# uci show wireless
wireless.radio0=wifi-device
wireless.radio0.type='mac80211'
wireless.radio0.channel='11'
wireless.radio0.hwmode='11g'
wireless.radio0.path='platform/ar933x_wmac'
wireless.radio0.htmode='HT20'
wireless.radio0.disabled='0'
wireless.radio0.country='CN'
wireless.radio0.txpower='17'
wireless.default_radio0=wifi-iface
wireless.default_radio0.device='radio0'
wireless.default_radio0.network='lan'
wireless.default_radio0.mode='ap'
wireless.default_radio0.ssid='eta'
wireless.default_radio0.encryption='psk2'
wireless.default_radio0.key='hell0_wor1d'

root@LEDE:~# cat /etc/config/wireless

config wifi-device 'radio0'
    option type 'mac80211'
    option channel '11'
    option hwmode '11g'
    option path 'platform/ar933x_wmac'
    option htmode 'HT20'
    option disabled '0'
    option country 'CN'
    option txpower '17'

config wifi-iface 'default_radio0'
    option device 'radio0'
    option network 'lan'
    option mode 'ap'
    option ssid 'eta'
    option encryption 'psk2'
    option key 'hell0_wor1d'

root@LEDE:~# cat /etc/config/dhcp

config dnsmasq
    option domainneeded '1'
    option boguspriv '1'
    option filterwin2k '0'
    option localise_queries '1'
    option rebind_protection '1'
    option rebind_localhost '1'
    option local '/lan/'
    option domain 'lan'
    option expandhosts '1'
    option nonegcache '0'
    option authoritative '1'
    option readethers '1'
    option leasefile '/tmp/dhcp.leases'
    option resolvfile '/tmp/resolv.conf.auto'
    option localservice '1'

config dhcp 'lan'
    option interface 'lan'
    option start '100'
    option limit '150'
    option leasetime '12h'
    option dhcpv6 'server'
    option ra 'server'

config dhcp 'wan'
    option interface 'wan'
    option ignore '1'

config odhcpd 'odhcpd'
    option maindhcp '0'
    option leasefile '/tmp/hosts/odhcpd'
    option leasetrigger '/usr/sbin/odhcpd-update'

LuCI

shadowsocks.cfg0615fe
shadowsocks.cfg0615fe.mtu=1492
shadowsocks.cfg0615fe.server+=
shadowsocks.cfg0615fe.server+=cfg0a4a8f

UCI

root@LEDE:~# uci changes
shadowsocks.cfg043a58.mtu='1492'
-shadowsocks.cfg0615fe.server
shadowsocks.cfg0615fe.server+='cfg0a4a8f'
shadowsocks.cfg0615fe.mtu='1492'
shadowsocks.cfg08b3be.mtu='1492'


uci delete network.lan.type
uci delete network.lan.ifname
uci set network.lan._orig_bridge=false
uci set network.lan._orig_ifname=eth0
uci set network.lan.ipaddr=192.168.3.1
uci set dhcp.lan.ra_management=1

uci set network.wan=interface
uci set network.wan.ifname=eth0
uci set network.wan.proto=dhcp


cat shadowsocks

config general
    option startup_delay '0'

config transparent_proxy
    list main_server 'nil'
    option udp_relay_server 'nil'
    option local_port '1234'

config socks5_proxy
    list server 'nil'
    option local_port '1080'

config port_forward
    list server 'nil'
    option local_port '5300'
    option destination '8.8.4.4:53'

config servers
    option alias 'sample'
    option fast_open '0'
    option no_delay '0'
    option server '127.0.0.1'
    option server_port '8388'
    option timeout '60'
    option password 'barfoo!'
    option encrypt_method 'chacha20-ietf-poly1305'

root@LEDE:/etc/config# uci changes
shadowsocks.cfg0a4a8f.server="$SS_PASSWD"
shadowsocks.cfg0a4a8f.server_port="$SS_PORT"
shadowsocks.cfg0a4a8f.password="$SS_PASSWD"
shadowsocks.cfg0615fe.server='cfg0a4a8f'
root@LEDE:/etc/config# uci show shadowsocks
shadowsocks.@general[0]=general
shadowsocks.@general[0].startup_delay='0'
shadowsocks.@transparent_proxy[0]=transparent_proxy
shadowsocks.@transparent_proxy[0].main_server='nil'
shadowsocks.@transparent_proxy[0].udp_relay_server='nil'
shadowsocks.@transparent_proxy[0].local_port='1234'
shadowsocks.@socks5_proxy[0]=socks5_proxy
shadowsocks.@socks5_proxy[0].local_port='1080'
shadowsocks.@socks5_proxy[0].server='cfg0a4a8f'
shadowsocks.@port_forward[0]=port_forward
shadowsocks.@port_forward[0].server='nil'
shadowsocks.@port_forward[0].local_port='5300'
shadowsocks.@port_forward[0].destination='8.8.4.4:53'
shadowsocks.@servers[0]=servers
shadowsocks.@servers[0].alias='sample'
shadowsocks.@servers[0].fast_open='0'
shadowsocks.@servers[0].no_delay='0'
shadowsocks.@servers[0].timeout='60'
shadowsocks.@servers[0].encrypt_method='chacha20-ietf-poly1305'
shadowsocks.@servers[0].server="$SS_PASSWD"
shadowsocks.@servers[0].server_port="$SS_PORT"
shadowsocks.@servers[0].password="$SS_PASSWD"
shadowsocks.@access_control[0]=access_control
shadowsocks.@access_control[0].self_proxy='1'

root@LEDE:/etc/config# cat shadowsocks

config general
    option startup_delay '0'

config transparent_proxy
    list main_server 'nil'
    option udp_relay_server 'nil'
    option local_port '1234'

config socks5_proxy
    option local_port '1080'
    option server 'cfg0a4a8f'

config port_forward
    list server 'nil'
    option local_port '5300'
    option destination '8.8.4.4:53'

config servers
    option alias 'sample'
    option fast_open '0'
    option no_delay '0'
    option timeout '60'
    option encrypt_method 'chacha20-ietf-poly1305'
    option server "$SS_PASSWD"
    option server_port '"$SS_PORT"'
    option password ""

config access_control
    option self_proxy '1'

root@LEDE:/etc/config# uci del shadowsocks.@socks5_proxy[0].server

root@LEDE:/etc/config# uci add_list shadowsocks.@socks5_proxy[0].server=$SS_CFGID

root@LEDE:/etc/config# uci changes
-shadowsocks.cfg0615fe.server
shadowsocks.cfg0615fe.server+='cfg0a4a8f'


BUSYBOX_CONFIG_FEATURE_IPV6 [=n]

root@LEDE:~# df -hT
Filesystem           Type            Size      Used Available Use% Mounted on
/dev/root            squashfs        2.3M      2.3M         0 100% /rom
tmpfs                tmpfs          13.8M     80.0K     13.7M   1% /tmp
tmpfs                tmpfs          13.8M     44.0K     13.8M   0% /tmp/root
tmpfs                tmpfs         512.0K         0    512.0K   0% /dev
/dev/mtdblock3       jffs2         384.0K    212.0K    172.0K  55% /overlay
overlayfs:/overlay   overlay       384.0K    212.0K    172.0K  55% /



root@LEDE:~# uci set shadowsocks.@socks5_proxy[0].server=
root@LEDE:~# uci changes
shadowsocks.cfg0a4a8f.server="$SS_PASSWD"
shadowsocks.cfg0a4a8f.server_port="$SS_PORT"
shadowsocks.cfg0a4a8f.password="$SS_PASSWD"
-shadowsocks.cfg0615fe.server

root@LEDE:~# uci add_list shadowsocks.@socks5_proxy[0].server=$SS_CFGID
root@LEDE:~# uci changes
shadowsocks.cfg0a4a8f.server="$SS_PASSWD"
shadowsocks.cfg0a4a8f.server_port="$SS_PORT"
shadowsocks.cfg0a4a8f.password="$SS_PASSWD"
-shadowsocks.cfg0615fe.server
shadowsocks.cfg0615fe.server+='cfg0a4a8f'

root@LEDE:~# uci commit

root@LEDE:~# /etc/init.d/shadowsocks start
 2017-10-16 16:20:37 INFO: set MTU to 1492

root@LEDE:~# pgrep -lf ss
1323 ss-local -c /var/etc/shadowsocks.cfg0a4a8f.json -u -l 1080 --mtu 1492 -f /var/run/ss-local-cfg0a4a8f.pid

uci set shadowsocks.@servers[0].encrypt_method='chacha20-ietf-poly1305'
uci set shadowsocks.@servers[0].server="$SS_PASSWD"
uci set shadowsocks.@servers[0].server_port="$SS_PORT"
uci set shadowsocks.@servers[0].password="$SS_PASSWD"
SS_CFGID=$(uci show shadowsocks.@servers[0].alias|awk -F '.' '{print $2}')
uci set shadowsocks.@socks5_proxy[0].server=
uci add_list shadowsocks.@socks5_proxy[0].server=$SS_CFGID
uci changes
uci commit
/etc/init.d/shadowsocks start
pgrep -lf ss


[lede@openwrt source]$ ./scripts/diffconfig.sh > diffconfig

[lede@openwrt source]$ cat diffconfig
CONFIG_TARGET_ar71xx=y
CONFIG_TARGET_ar71xx_generic=y
CONFIG_TARGET_ar71xx_generic_DEVICE_tl-wr703n-v1=y
CONFIG_BUSYBOX_CUSTOM=y
# CONFIG_BUSYBOX_CONFIG_FEATURE_IPV6 is not set
# CONFIG_IPV6 is not set
# CONFIG_KERNEL_CRASHLOG is not set
# CONFIG_KERNEL_DEBUG_INFO is not set
# CONFIG_KERNEL_DEBUG_KERNEL is not set
# CONFIG_KERNEL_ELF_CORE is not set
# CONFIG_KERNEL_IPV6 is not set
CONFIG_LIBSODIUM_MINIMAL=y
CONFIG_PACKAGE_ChinaDNS=y
CONFIG_PACKAGE_dns-forwarder=y
# CONFIG_PACKAGE_dnsmasq is not set
CONFIG_PACKAGE_dnsmasq-full=y
CONFIG_PACKAGE_dnsmasq_full_auth=y
CONFIG_PACKAGE_dnsmasq_full_conntrack=y
CONFIG_PACKAGE_dnsmasq_full_ipset=y
CONFIG_PACKAGE_ipset=y
# CONFIG_PACKAGE_iwinfo is not set
# CONFIG_PACKAGE_kmod-gpio-button-hotplug is not set
CONFIG_PACKAGE_kmod-ipt-ipset=y
CONFIG_PACKAGE_kmod-ipt-nat-extra=y
# CONFIG_PACKAGE_kmod-lib-crc-ccitt is not set
CONFIG_PACKAGE_kmod-nf-conntrack-netlink=y
CONFIG_PACKAGE_kmod-nfnetlink=y
# CONFIG_PACKAGE_kmod-nls-base is not set
# CONFIG_PACKAGE_kmod-ppp is not set
# CONFIG_PACKAGE_kmod-usb-core is not set
# CONFIG_PACKAGE_kmod-usb2 is not set
# CONFIG_PACKAGE_lede-keyring is not set
CONFIG_PACKAGE_libcares=y
CONFIG_PACKAGE_libev=y
# CONFIG_PACKAGE_libip6tc is not set
CONFIG_PACKAGE_libmbedtls=y
CONFIG_PACKAGE_libmnl=y
CONFIG_PACKAGE_libnetfilter-conntrack=y
CONFIG_PACKAGE_libnfnetlink=y
CONFIG_PACKAGE_libpcre=y
CONFIG_PACKAGE_libsodium=y
# CONFIG_PACKAGE_logd is not set
# CONFIG_PACKAGE_opkg is not set
# CONFIG_PACKAGE_ppp is not set
CONFIG_PACKAGE_shadowsocks-libev=y
CONFIG_PACKAGE_simple-obfs=y
CONFIG_PACKAGE_zlib=y
# CONFIG_SIGNED_PACKAGES is not set
# CONFIG_PACKAGE_dnsmasq_full_dnssec is not set
# CONFIG_PACKAGE_dnsmasq_full_noid is not set
# CONFIG_PACKAGE_libgmp is not set
CONFIG_PACKAGE_libiwinfo=y
# CONFIG_PACKAGE_libnettle is not set
CONFIG_PACKAGE_usign=y


[lede@openwrt source]$ git pull
remote: Counting objects: 754, done.
remote: Total 754 (delta 403), reused 404 (delta 403), pack-reused 350
Receiving objects: 100% (754/754), 253.67 KiB | 0 bytes/s, done.
Resolving deltas: 100% (479/479), completed with 242 local objects.
From https://github.com/lede-project/source
   8ad1b09..98c003e  lede-17.01 -> origin/lede-17.01
   f2b7d9d..fbde9ac  master     -> origin/master
From https://github.com/lede-project/source
 * [new tag]         v17.01.4   -> v17.01.4
You are not currently on a branch. Please specify which
branch you want to merge with. See git-pull(1) for details.

    git pull <remote> <branch>

[lede@openwrt source]$ git tag -l
reboot
v17.01.0
v17.01.0-rc1
v17.01.0-rc2
v17.01.1
v17.01.2
v17.01.3
v17.01.4

[lede@openwrt source]$ git checkout v17.01.4
Previous HEAD position was df54a8f... LEDE v17.01.3: adjust config defaults
HEAD is now at 444add1... LEDE v17.01.4: adjust config defaults

https://stackoverflow.com/questions/28192623/create-patch-or-diff-file-from-git-repository-and-apply-it-to-another-different

git diff tag1..tag2 > mypatch.patch
git apply mypatch.patch

[lede@openwrt source]$ md5sum ./bin/targets/ar71xx/generic/config.seed
1d4299c067d546ed720ad8c635e74bcb  ./bin/targets/ar71xx/generic/config.seed

[lede@openwrt source]$ md5sum .config
2853bd0f395745ff04afd753564a3778  .config

https://lede-project.org/docs/guide-developer/use-buildsystem#configure_using_config_diff_file

[lede@openwrt source]$ cat ../diffconfig  >> .config

[lede@openwrt source]$ make defconfig
Collecting package info: done
.config:5125:warning: override: TARGET_ar71xx changes choice state
.config:5126:warning: override: TARGET_ar71xx_generic changes choice state
.config:5127:warning: override: TARGET_ar71xx_generic_DEVICE_tl-wr703n-v1 changes choice state
#
# configuration written to .config
#

[lede@openwrt source]$ namei -l files/etc/dropbear/*
f: files/etc/dropbear/authorized_keys
drwxrwxr-x lede lede files
drwxrwxr-x lede lede etc
drwx------ lede lede dropbear
-rw------- lede lede authorized_keys

编译成功后会生成 config.seed 文件:/home/lede/source/bin/targets/ar71xx/generic/config.seed

CONFIG_TARGET_ar71xx=y
CONFIG_TARGET_ar71xx_generic=y
CONFIG_TARGET_ar71xx_generic_DEVICE_tl-wr703n-v1=y
CONFIG_BUSYBOX_CUSTOM=y
# CONFIG_BUSYBOX_CONFIG_FEATURE_IPV6 is not set
CONFIG_CLEAN_IPKG=y
# CONFIG_IPV6 is not set
# CONFIG_KERNEL_CRASHLOG is not set
# CONFIG_KERNEL_DEBUG_FS is not set
# CONFIG_KERNEL_DEBUG_INFO is not set
# CONFIG_KERNEL_DEBUG_KERNEL is not set
# CONFIG_KERNEL_ELF_CORE is not set
# CONFIG_KERNEL_IPV6 is not set
# CONFIG_KERNEL_SWAP is not set
CONFIG_LIBSODIUM_MINIMAL=y
CONFIG_PACKAGE_ChinaDNS=y
# CONFIG_PACKAGE_MAC80211_DEBUGFS is not set
CONFIG_PACKAGE_dns-forwarder=y
# CONFIG_PACKAGE_dnsmasq is not set
CONFIG_PACKAGE_dnsmasq-full=y
CONFIG_PACKAGE_dnsmasq_full_auth=y
CONFIG_PACKAGE_dnsmasq_full_conntrack=y
CONFIG_PACKAGE_dnsmasq_full_ipset=y
CONFIG_PACKAGE_ipset=y
# CONFIG_PACKAGE_iwinfo is not set
# CONFIG_PACKAGE_kmod-gpio-button-hotplug is not set
CONFIG_PACKAGE_kmod-ipt-ipset=y
CONFIG_PACKAGE_kmod-ipt-nat-extra=y
# CONFIG_PACKAGE_kmod-lib-crc-ccitt is not set
CONFIG_PACKAGE_kmod-nf-conntrack-netlink=y
CONFIG_PACKAGE_kmod-nfnetlink=y
# CONFIG_PACKAGE_kmod-nls-base is not set
# CONFIG_PACKAGE_kmod-ppp is not set
# CONFIG_PACKAGE_kmod-usb-core is not set
# CONFIG_PACKAGE_kmod-usb2 is not set
# CONFIG_PACKAGE_lede-keyring is not set
CONFIG_PACKAGE_libcares=y
CONFIG_PACKAGE_libev=y
# CONFIG_PACKAGE_libip6tc is not set
CONFIG_PACKAGE_libmbedtls=y
CONFIG_PACKAGE_libmnl=y
CONFIG_PACKAGE_libnetfilter-conntrack=y
CONFIG_PACKAGE_libnfnetlink=y
CONFIG_PACKAGE_libpcre=y
CONFIG_PACKAGE_libsodium=y
# CONFIG_PACKAGE_opkg is not set
# CONFIG_PACKAGE_ppp is not set
CONFIG_PACKAGE_shadowsocks-libev=y
CONFIG_PACKAGE_simple-obfs=y
CONFIG_PACKAGE_zlib=y
# CONFIG_SIGNED_PACKAGES is not set
# CONFIG_PACKAGE_dnsmasq_full_dnssec is not set
# CONFIG_PACKAGE_dnsmasq_full_noid is not set
# CONFIG_PACKAGE_libgmp is not set
CONFIG_PACKAGE_libiwinfo=y
# CONFIG_PACKAGE_libnettle is not set
CONFIG_PACKAGE_usign=y