Author: 呂瑋亮 mail@tierama.com

Date: 2022/10/08

OS version: CentOS Stream 8

下載OpenWrt固件

OpenWrt官網(wǎng)地址: https://openwrt.org/zh/downloads

固件下載地址: https://downloads.openwrt.org/releases/

找到最新版的固件, 我這里選擇的是: https://downloads.openwrt.org/releases/22.03.0-rc6/targets/x86/64/openwrt-22.03.0-rc6-x86-64-generic-ext4-combined.img.gz

下載后先解壓縮:

$ gzip -d openwrt-22.03.0-rc6-x86-64-generic-ext4-combined.img.gz

創(chuàng)建網(wǎng)橋

創(chuàng)建名為br0的網(wǎng)橋

# nmcli connection add type bridge con-name br0 ifname br0 autoconnect yes

創(chuàng)建slave; eno1是連接主路由器的物理網(wǎng)卡:

# nmcli connection add type bridge-slave ifname eno1 master br0

確認(rèn)這個br0要up:

# nmcli connection up br0

此時(shí)eno1的ip地址會跳到br0上

$ ip a

…

2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UP group default qlen 1000

??? link/ether 3c:7c:3f:d4:9a:af brd ff:ff:ff:ff:ff:ff

??? altname enp0s31f6

…

23: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000

??? link/ether 3c:7c:3f:d4:9a:af brd ff:ff:ff:ff:ff:ff

??? inet 192.168.3.13/24 brd 192.168.3.255 scope global noprefixroute br0

?????? valid_lft forever preferred_lft forever

??? inet 192.168.3.200/24 brd 192.168.3.255 scope global secondary dynamic noprefixroute br0

?????? valid_lft 47771sec preferred_lft 47771sec

??? inet6 fdf0:bbac:f568::80d/128 scope global dynamic noprefixroute

?????? valid_lft 33464sec preferred_lft 33464sec

??? inet6 fde0:e0fc:af4e:9500:c140:cf93:1cfc:d2a8/64 scope global dynamic noprefixroute

?????? valid_lft 7157sec preferred_lft 3557sec

??? inet6 fdf0:bbac:f568:0:c030:dd12:f2cb:8ad9/64 scope global noprefixroute

?????? valid_lft forever preferred_lft forever

??? inet6 fe80::7587:f97e:6740:aefe/64 scope link noprefixroute

?????? valid_lft forever preferred_lft forever

…

創(chuàng)建虛擬網(wǎng)絡(luò)

“default”網(wǎng)絡(luò)

當(dāng)libvirt正在使用并且libvirtd守護(hù)進(jìn)程正在運(yùn)行時(shí)，會創(chuàng)建一個default網(wǎng)絡(luò)。我們可以使用virsh命令驗(yàn)證該網(wǎng)絡(luò)是否存在:

# virsh net-list --all

Name????? State??? Autostart?? Persistent

--------------------------------------------

?default?? active?? yes???????? yes

編輯default網(wǎng)絡(luò)

$ sudo virsh net-edit default

<network>

? <name>default</name>

? <uuid>277b0b7f-a6f3-4c83-bb3b-7b5fe6f2a890</uuid>

? <forward mode='nat'/>

? <bridge name='virbr0' stp='on' delay='0'/>

? <mac address='52:54:00:4a:2e:26'/>

? <ip address='192.168.122.1' netmask='255.255.255.0'>

??? <dhcp>

????? <range start='192.168.122.2' end='192.168.122.254'/>

??? </dhcp>

? </ip>

</network>

正如所看到的，default網(wǎng)絡(luò)基于使用virbr0虛擬網(wǎng)橋，并使用基于NAT的連接將虛擬機(jī)連接到外網(wǎng)。

不應(yīng)該向virbr0網(wǎng)橋添加任何物理接口，因?yàn)樗褂肗AT提供連接

此時(shí)，應(yīng)該定義一個供虛擬機(jī)使用的新“網(wǎng)絡(luò)”。使用最喜愛的編輯器打開一個文件，并將以下內(nèi)容粘貼到其中，然后將其保存為bridged-network.xml:

# vi bridged-network.xml

<network>

??? <name>bridged-network</name>

??? <forward mode="bridge" />

??? <bridge name="br0" />

</network>

創(chuàng)建虛擬網(wǎng)絡(luò):

# virsh net-define bridged-network.xml

# virsh net-start bridged-network

# virsh net-autostart bridged-network

# virsh net-list

創(chuàng)建KVM虛擬機(jī)

新建一個虛擬機(jī), 名為openwrt:

使用--network選項(xiàng)時(shí)，我們可以按名稱選擇網(wǎng)絡(luò). path=修改為固件路徑, cpu內(nèi)存根據(jù)實(shí)際情況

# virt-install --name=openwrt --ram=1024 --vcpus=1 --os-type=linux \

--disk path=openwrt-22.03.0-x86-64-generic-ext4-combined.img,bus=ide \

--network network=bridged-network \

--import --noautoconsole --graphics vnc,listen=0.0.0.0,password=000000

Vnc控制臺進(jìn)入虛擬機(jī), 我這里用的是cockpit:

# systemctl start cockpit

瀏覽器打開: http://192.168.3.200:9090

Cockpit界面

開機(jī)提示修改密碼

修改openwrt的eth0接口的ip為橋接到無線路由器的網(wǎng)段, 也就是dhcp client ip.

我這里無線主路由器是192.168.3.1, openwrt的eth0則配置了dhcp, 自動獲取到了192.168.3.218

root@OpenWrt:~# cat /etc/config/network

?

config interface 'loopback'

? option device 'lo'

? option proto 'static'

? option ipaddr '127.0.0.1'

? option netmask '255.0.0.0'

?

config globals 'globals'

? option ula_prefix 'fdf0:bbac:f568::/48'

?

config device

? option name 'br-lan'

? option type 'bridge'

? list ports 'eth0'

?

config interface 'lan'

? option device 'eth0'

? option proto 'dhcp'

root@OpenWrt:~# service network restart

瀏覽器打開: http://192.168.3.128

關(guān)閉dhcp服務(wù),

安裝clash

GitHub: https://github.com/vernesong/OpenClash

從release里下載安裝包, 和他給的安裝步驟差不多, 但會報(bào)錯要先uninstall dnsmasq

root@OpenWrt:~# opkg update

root@OpenWrt:~# opkg uninstall dnsmasq

root@OpenWrt:~# opkg install coreutils-nohup bash dnsmasq-full curl ca-certificates ipset ip-full libcap libcap-bin ruby ruby-yaml kmod-tun kmod-inet-diag unzip kmod-nft-tproxy luci-compat luci luci-base

root@OpenWrt:~# opkg install luci-app-openclash_0.45.59-beta_all.ipk

重啟OpenWrt, 繼續(xù)其他配置

客戶端設(shè)置

l? 方法1手機(jī)和PC可以把網(wǎng)關(guān)地址設(shè)置192.168.3.218

l? 方法2修改無線主路由器的dhcp, 直接分配網(wǎng)關(guān)為192.168.3.218