goagent非常消耗内存,最好是64m,其次是flash空间,goagent依赖的软件包,要占用5-6M空间!
安装分为几个步骤:
1.安装 goagent依赖的软件包,这里有说明https://code.google.com/p/goagent/wiki/GoAgent_OpenWRT
2.分离goagent,运行在openwrt上的goagent只需要下列文件
drwxr-xr-x 3 root root 4096 Apr 9 15:05 .
drwxr-xr-x 1 root root 4096 Nov 18 12:08 ..
-rw-r--r-- 1 root root 1212 Mar 11 02:36 CA.crt
drwxr-xr-x 2 daemon daemon 12288 Apr 14 19:59 certs
-rw-r--r-- 1 root root 3849 Mar 20 15:38 proxy.ini
-rwxr-xr-x 1 root root 98551 Mar 11 02:36 proxy.py
goagent在运行时候的certs目录下会生成证书,所以要有可写权限
执行
chown -R daemon:daemon certs
3.一个已知BUG,
http://blog.csdn.net/hongrui/article/details/4496262
https://dev.openwrt.org/changeset/33269
https://dl.dropboxusercontent.com/sh/0urccixtec7uusl/fO-nqTgjkD/libopenssl_1.0.1c-1_ar71xx.ipk
新的安全线程版本
注意:不能卸载原版本。
直接执行opkg install libopenssl_1.0.1c-1_ar71xx.ipk,是无法安装的,会有错误提示。
依次执行下面的命令
a.
root@OpenWrt:/mnt/sdb1# md5sum libopenssl_1.0.1c-1_ar71xx.ipk
def15b74dd42a5647a92e4481751d994 libopenssl_1.0.1c-1_ar71xx.ipk
b.
vi /tmp/opkg-lists/snapshots
/Package: libopenssl
32728 Package: libopenssl
32729 Version: 1.0.1c-1
32730 Depends: libc, zlib
32731 Provides:
32732 Source: package/openssl
32733 Section: libs
32734 Status: unknown ok not-installed
32735 Essential: no
32736 Priority: optional
32737 Maintainer: OpenWrt Developers Team <openwrt-devel@openwrt.org>
32738 Architecture: ar71xx
32739 Installed-Size: 635283
32740 Filename: libopenssl_1.0.1c-1_ar71xx.ipk
32741 Size: 628554
32742 MD5Sum: def15b74dd42a5647a92e4481751d994
32743 Description: The OpenSSL Project is a collaborative effort to develop a robust,
32744 commercial-grade, full-featured, and Open Source toolkit implementing the Secure
32745 Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well
32746 as a full-strength general purpose cryptography library.
32747 This package contains the OpenSSL shared libraries, needed by other programs.
修改第32742行
执行
opkg install libopenssl_1.0.1c-1_ar71xx.ipk --force-overwrite
下面是直接替换的办法
http://dl.dropbox.com/u/63956686/target-mips_r2_uClibc-0.9.33.2-libopenssh-threaded.tar.gz
覆盖掉
/usr/lib/libssl.so.1.0.0
/usr/lib/libcrypto.so.1.0.0
记得备份原文件!
4.启动脚本,其实这个也挺重要的,不自动启动每次要登陆去打命令,很恶心。
脚本如下:
#!/bin/sh /etc/rc.common
START=200
PIDFILE="/var/run/goagent.pid"
DAEMON="/usr/goagent/proxy.py"
start() {
if `ps |grep -v grep |grep "python $DAEMON" >/dev/nul`
then
echo "running"
else
/sbin/start-stop-daemon -S -m -p $PIDFILE -c daemon:daemon -b -x python -- $DAEMON
fi
}
stop() {
if `ps |grep -v grep |grep "python $DAEMON" >/dev/nul`
then
/sbin/start-stop-daemon -K -p $PIDFILE
else
echo "Not running"
fi
}
放到/etc/init.d/目录下名字为goagent
依次执行
cd /etc/init.d/
chmod +x goagent
./goagent enable
./goagent start
请不要远程使用,会有安全问题!
5.安装gevent
openwrt系统上默认是没有安装gevent的,当你手动运行时候,会有如下的提示
WARNING: python-gevent not installed.
------------------------------------------------------
GoAgent Version : 2.1.17 (python/2.7.3 gevent/1.0fake pyopenssl/0.10)
Listen Address : 0.0.0.0:8087
使用top命令可以观察到goagent相当占用内存。都是因为没有安装gevent。
幸运的是,有人为建立openwrt上运行的gevent编写了Package所需要的Makefile
https://code.google.com/p/wallproxy/wiki/OpenWRT
这是编译好的
在运行goagent
python /usr/goagent/proxy.py
WARNING - [xxxxxxxxx] please install *libnss3-tools* package to import GoAgent root ca
------------------------------------------------------
GoAgent Version : 2.1.17 (python/2.7.3 gevent/1.0dev pyopenssl/0.10)
Listen Address : 0.0.0.0:8087
有个警告可以忽略,因为openwrt上没有全局证书这个概念,当然没办法导入了
-------------------------------------------------------------------------
03-24-2014 GoAgent 3.1.6
更新
https://drive.google.com/file/d/0Bw9QJvsGpnSvWmZIT1R2WUczY2s/edit?usp=sharing
https://drive.google.com/file/d/0Bw9QJvsGpnSvaTY0bVZPSUxSMzA/edit?usp=sharing
282d150b97313bd4e7629f99109e45db python-greenlet_0.4.2-1_ar71xx.ipk
9a1889850b9d8c39e31707fbe70d0724 gevent_1.0-1_ar71xx.ipk
-rw-r--r-- 1 root root 2887 Mar 23 2014 CA.crt
drwxr-xr-x 2 daemon daemon 0 Jan 13 03:38 certs
-rw-r--r-- 1 root root 16943 Mar 23 2014 dnslib-0.8.3.egg
-rw-r--r-- 1 root root 6622 Mar 24 2014 proxy.ini
-rw-r--r-- 1 root root 422602 Mar 23 2014 proxy.pac
-rw-r--r-- 1 root root 136388 Mar 23 2014 proxy.py
GoAgent Version : 3.1.6 (python/2.7.3 gevent/1.0 pyopenssl/0.10)
Listen Address : 0.0.0.0:8087
GAE Mode : https
GAE Profile : ipv4
------------------------------------------------------------------------
03-27-2014
shadowsocks
https://drive.google.com/file/d/0Bw9QJvsGpnSvZWVVdVd2RExrMWs/edit?usp=sharing
9a9dab859f2694e6b885e0c21b9a71f0
shadowsocks-libev_1.4.3-69f8bd61c096337abb34a9e64534865d08022957_ar71xx.ipk、
这是一个完整的编译,包括了ss-server,依赖libopenssl库,因为支持更多的加密方式
https://github.com/madeye/shadowsocks-libev
https://drive.google.com/file/d/0Bw9QJvsGpnSvZWVVdVd2RExrMWs/edit?usp=sharing
9a9dab859f2694e6b885e0c21b9a71f0
shadowsocks-libev_1.4.3-69f8bd61c096337abb34a9e64534865d08022957_ar71xx.ipk、
这是一个完整的编译,包括了ss-server,依赖libopenssl库,因为支持更多的加密方式
https://github.com/madeye/shadowsocks-libev
没有评论:
发表评论