极路由frp内网映射ss搭建

服务端下载

1
wget --no-check-certificate https://github.com/fatedier/frp/releases/download/v0.26.0/frp_0.26.0_linux_amd64.tar.gz

解压

1
tar -zxvf frp_0.26.0_linux_amd64.tar.gz

复制安装

1
cp /root/frp_0.26.0_linux_amd64/frps /usr/bin

加权限

1
chmod +x /usr/bin/frps

生成配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
cat > /root/frps.ini <<EOF
[common]
bind_addr = 0.0.0.0
bind_port = 7000
bind_udp_port = 6000
kcp_bind_port = 7000
vhost_http_port = 8000
vhost_https_port = 40000
dashboard_addr = 0.0.0.0
dashboard_port = 7500
dashboard_user = admin
dashboard_pwd = 前端密码
token = 连接密码
allow_ports = 30000-40000,6000-8000
max_pool_count = 5
max_ports_per_client = 0
subdomain_host = 域名
tcp_mux = true
EOF

加权限

1
chmod +x /etc/rc.local

开机启动配置

1
2
3
4
5
6
7
cat > /etc/rc.local << EOF
#!/bin/sh -e
#
# rc.local
/usr/bin/frps -c /root/frps.ini >>/dev/null 2>&1 &
exit 0
EOF

开机启动

1
systemctl enable rc.local

启动rc-local

1
systemctl start rc-local.service

检查状态

1
systemctl status rc-local.service

禁用开机启动

1
systemctl disable rc-local.service

重启服务

1
systemctl restart rc-local.service

停止服务

1
systemctl stop rc-local.service

开机启动优化方案

1
nano /lib/systemd/system/frps.service

填入以下文本保存

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[Unit]
Description=frps server
Documentation=https://github.com/fatedier/frp
After=network-online.target
Wants=network-online.target

[Service]
ExecStart=/usr/bin/frps -c /root/frps.ini
Type=simple
Restart=always
User=root
Group=root

[Install]
WantedBy=multi-user.target

重新加载systemctl配置

1
systemctl daemon-reload

启动frps

1
systemctl start frps

设置开机启动

1
systemctl enable frps

查看状态

1
systemctl status frps

SSH进路由查看路由分区

1
cat /proc/mtd

本机电脑新开终端,一键备份固件

1
2
3
4
5
6
7
8
9
10
11
12
ssh -o StrictHostKeyChecking=no root@192.168.199.1 -p 1022 \
"mkdir -p /tmp/c87027 && \
cat /dev/mtd0 >/tmp/c87027/u-boot.bin && \
cat /dev/mtd1 >/tmp/c87027/hw_panic.bin && \
cat /dev/mtd2 >/tmp/c87027/Factory.bin && \
cat /dev/mtd3 >/tmp/c87027/oem.bin && \
cat /dev/mtd4 >/tmp/c87027/bdinfo.bin && \
cat /dev/mtd5 >/tmp/c87027/backup && \
cat /dev/mtd6 >/tmp/c87027/firmware.bin && \
cat /dev/mtd7 >/tmp/c87027/kernel.bin && \
cat /dev/mtd8 >/tmp/c87027/rootfs && \
cat /dev/mtd9 >/tmp/c87027/rootfs_data"

一键下载备份的固件

1
scp -r -P 1022 root@192.168.199.1:/tmp/c87027 ./

登录路由SSH,下载导引固件

1
wget -P /tmp http://ls.syscca.com/breed-mt7620-hiwifi-hc5761.bin && chmod +x /tmp/breed-mt7620-hiwifi-hc5761.bin

刷入引导

1
mtd -r write /tmp/breed-mt7620-hiwifi-hc5761.bin u-boot

网关设置成192.168.1.1,浏览器输入192.168.1.1回车,此时无法访问,拨电,捅菊花不放,插电,浏览器按F5,出现界面,放菊花,刷入openwrt固件。
http://downloads.openwrt.org/releases/18.06.2/targets/ramips/mt7620/openwrt-18.06.2-ramips-mt7620-hc5661-squashfs-sysupgrade.bin

路由器配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
cat > /etc/opkg/distfeeds.conf <<EOF
#src/gz openwrt_core http://downloads.openwrt.org/releases/18.06.2/targets/ramips/mt7620/packages
#src/gz openwrt_base http://downloads.openwrt.org/releases/18.06.2/packages/mipsel_24kc/base
#src/gz openwrt_luci http://downloads.openwrt.org/releases/18.06.2/packages/mipsel_24kc/luci
#src/gz openwrt_packages http://downloads.openwrt.org/releases/18.06.2/packages/mipsel_24kc/packages
#src/gz openwrt_routing http://downloads.openwrt.org/releases/18.06.2/packages/mipsel_24kc/routing
#src/gz openwrt_telephony http://downloads.openwrt.org/releases/18.06.2/packages/mipsel_24kc/telephony

src/gz openwrt_core http://mirrors.linux.ro/lede/downloads/releases/18.06.2/targets/ramips/mt7620/packages
src/gz openwrt_base http://mirrors.linux.ro/lede/downloads/releases/18.06.2/packages/mipsel_24kc/base
src/gz openwrt_luci http://mirrors.linux.ro/lede/downloads/releases/18.06.2/packages/mipsel_24kc/luci
src/gz openwrt_packages http://mirrors.linux.ro/lede/downloads/releases/18.06.2/packages/mipsel_24kc/packages
src/gz openwrt_routing http://mirrors.linux.ro/lede/downloads/releases/18.06.2/packages/mipsel_24kc/routing
src/gz openwrt_telephony http://mirrors.linux.ro/lede/downloads/releases/18.06.2/packages/mipsel_24kc/telephony
EOF

安装必要包

1
opkg update && opkg install wget openssh-sftp-server coreutils-nohup shadowsocks-libev-ss-server luci-i18n-base-zh-cn luci-i18n-firewall-zh-cn

客户端下载安装

1
wget --no-check-certificate https://www.syscca.com/frpc -O /usr/bin/frpc && chmod +x /usr/bin/frpc

客户端生成配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
cat > /root/frpc.ini <<EOF
[common]
token = 连接密码
server_addr = 域名
server_port = 7000
admin_addr = 0.0.0.0
admin_port = 7400
admin_user = admin
admin_pwd = 前端密码
pool_count = 1
tcp_mux = true
user = 用户名
login_fail_exit = false
protocol = tcp
tls_enable = true

[ss]
type = tcp
local_ip = 127.0.0.1
local_port = 30803
remote_port = 7001
EOF

openwrt-系统-启动项

1
2
3
4
5
6
# Put your custom commands here that should be executed once
# the system init finished. By default this file does nothing.
nohup ss-server -s 127.0.0.1 -p 30803 -k 密码 -m aes-256-cfb >/dev/null 2>&1 &
/bin/sleep 30
nohup /usr/bin/frpc -c /root/frpc.ini >>/dev/null 2>&1 &
exit 0

电脑终端配置

1
2
3
4
服务器:域名
端口:7001
密码:ss密码
加密方式:aes-256-cfb

坚持原创技术分享,您的支持将鼓励我继续创作!