一半君的总结纸

听话只听一半君

升级Asus rt-n66 tomato shibby 备忘录-从v132到v137 dualwan

根据官网说明 v133之后对比之前版本变动较大,须清空nvram

  1. 首先备份jffs内容,因为有之前设置的ss
    # 先备份下jffs, lz的rsync是通过entware装的,所以路径才会是/opt/bin/rsync, lz的路由器ip是192.168.1.3
    rsync --rsync-path=/opt/bin/rsync -avHe ssh root@192.168.1.3:/jffs .
    
  2. 之前的一些配置,先备份好,因为后面要清nvram,也不能用配置文件还原
    USB Support配置:

    tomato_usb

    init script配置:

    tomato_script_init

    firewall script配置:

    tomato_script_firewall

  3. 关闭jffs,并去tomato shibby官网下载页面升级固件到v137,lz下载的是 tomato-K26USB-1.28.RT-N5x-MIPSR2-137-AIO-64K.zip

    升级之后,重新添加~/.ssh/id_rsa.pub到 ssh key

    优盘上的swap分区配置恢复

    激活swap自动挂载(因为lz之前有插优盘,装了entware,还有放了个swap分区在优盘上,如果无优盘,跳过此步),在/etc/fstab里添加以下内容

    #device Mountpoint FStype Options Dump Pass#
    LABEL=swap none swap sw 0 0
    

    将上述文件保存进nvram后,重启

    nvram setfile2nvram /etc/fstab
    nvram commit
    reboot
    

    上述操作后,overview页面出现swap分区
    tomato_overview_swap

    Entware配置恢复

    Run after mounting
    #!/bin/sh
    /opt/etc/init.d/rc.unslung start

    USB and NAS –>
    USB Support配置:
    Run after mounting

    #!/bin/sh
    /opt/etc/init.d/rc.unslung start
    

    Run before unmounting

    #!/bin/sh
    /opt/etc/init.d/rc.unslung stop
    sleep 15
    for i in `cat /proc/mounts | awk '$3 ~ /ext[23]/ {print($1)}'` ; do
      mount -o remount,ro $i
    done
    

    Administration > Scripts > Init
    init script配置:

    sleep 5
    ip neigh change 192.168.2.254 lladdr ff:ff:ff:ff:ff:ff nud permanent dev br0
    ip neigh add 192.168.2.254 lladdr ff:ff:ff:ff:ff:ff nud permanent dev br0
    
    echo "LABEL=entware /opt ext2 defaults 1 1" >> /etc/fstab
    
    
    #mount --bind /jffs/dnsmasq/dnsmasq  /usr/sbin/dnsmasq
    #killall dnsmasq
    #service dnsmasq restart
    
    cru a rebootSSEveryAfternoon "0 17 * * * pidof ss-redir | xargs kill -9"
    

    重启之后,升级之前安装在优盘上的entware出现了,这么费事都是为了不要重装entware

    还原 firewall script配置
    iptables -A INPUT -p tcp --dport 8388 -j ACCEPT
    iptables -A INPUT -p tcp --dport 1080 -j ACCEPT
    
    iptables -A INPUT -p tcp --dport 18388 -j ACCEPT
    iptables -A INPUT -p udp --dport 18388 -j ACCEPT
    
    
    # gfwlist set
    modprobe ipt_REDIRECT
    modprobe ipt_set
    
    ipset -N gfwlist iphash
    # iptables -t nat -A PREROUTING -p tcp -m set --set gfwlist dst -j REDIRECT --to-port 1080
    
    
    # ss-redir
    iptables -t nat -N SHADOWSOCKS
    iptables -t nat -A SHADOWSOCKS -d your-ss-server-address -j RETURN
    
    iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
    
    
    iptables -t nat -A SHADOWSOCKS -p tcp -m set --set gfwlist dst -j REDIRECT --to-port 1080
    iptables -t nat -A PREROUTING -p tcp -j SHADOWSOCKS
    
  4. 还原jffs内容,先去administration页面开启jffs,然后还原第一步备份的内容

    # 升级好以后再拷回去
    rsync --rsync-path=/opt/bin/rsync -avHe ssh jffs/* root@192.168.1.3:/jffs
    

    重启后,看看perp是不是启用了shadowsocks

    root@unknown:/tmp/home/root# perpls
    [+ +++ +++]  ss         uptime: 23s/23s  pids: 1082/1080
    [+ +++ +++]  ss-server  uptime: 22s/23s  pids: 1086/1084
    

    很好,差不多还原了,现在顺便把shadowsocks换成当前最新版2.4.7,下载地址在这里
    下载压缩包以后,解压后拷入

    scp * root@192.168.1.3:/jffs/ss
    

参考:
Asus RT-N66路由器”修复”电源按钮开关和添加TF(micro sd)卡
在tomato路由器上用perp来监控shadowsocks daemon以避免假死现象?
如何把travis ci的build结果保存到github pages / tomato适用的shadowsocks libev 自动build

Advertisements

发表评论

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / 更改 )

Twitter picture

You are commenting using your Twitter account. Log Out / 更改 )

Facebook photo

You are commenting using your Facebook account. Log Out / 更改 )

Google+ photo

You are commenting using your Google+ account. Log Out / 更改 )

Connecting to %s

%d 博主赞过: