fuhui 发布的文章

windows vpn l2tp/ipsec 服务器位于nat设备后导致客户端连不上

https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/configure-l2tp-ipsec-server-behind-nat-t-device

1.服务器改注册表
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
AssumeUDPEncapsulationContextOnSendRule DWORD (32-bit) 2

2.客户端电脑改注册表
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Parameters
ProhibitIPSec DWORD (32-bit) 1
AllowL2TPWeakCrypto DWORD (32-bit) 1
重启电脑

docker编译openwrt

docker run -it --name ubuntu ubunt:22.04 bash

apt update
apt-get -y install build-essential asciidoc binutils bzip2 gawk gettext git libncurses5-dev patch python3 python2.7 unzip zlib1g-dev lib32gcc-s1 libc6-dev-i386 subversion flex uglifyjs gcc-multilib g++-multilib p7zip p7zip-full msmtp libssl-dev texinfo libglib2.0-dev xmlto qemu-utils libelf-dev autoconf automake libtool autopoint device-tree-compiler ccache xsltproc rename antlr3 gperf curl screen upx-ucl jq wget curl rsync sudo
useradd -m -g sudo -s /bin/bash openwrt 
passwd openwrt
su openwrt
cd ~ 

git clone -b master https://github.com/openwrt/openwrt.git
cd openwrt
./scripts/feeds update -a
./scripts/feeds install -a
make menuconfig
make -j1 V=s

添加第三方插件

cd ..
mkdir openwrt-package
git init
git remote add -f origin https://github.com/hoofa/openwrt-packages.git
git config core.sparsecheckout true
vi .git/info/sparse-checkout

k3screenctrl
luci-app-bypass
lua-neturl
tcping
chinadns-ng
lua-maxminddb
shadowsocksr-libev
simple-obfs
v2ray-plugin
trojan-plus
naiveproxy
hysteria
redsocks2
microsocks
git pull origin master
cd ../openwrt
echo "src-link custom /home/openwrt/openwrt-package" >>feeds.conf.default
./scripts/feeds update -a
./scripts/feeds install -a
make menuconfig
make -j1 V=s

menuconfig时在Image configuration --> Separate feed respositories里,取消enable feed custom


修改默认ip vi package/base-files/files/bin/config_generate
修改wifi vi package/kernel/mac80211/files/lib/wifi/mac80211.sh
修改root密码 vi package/base-files/files/etc/shadow
修改时区及NTP vi package/base-files/files/bin/config_generate

./files/ 里的文件会覆盖到编译后的镜像里,可用这个方法将 /etc/opkg/distfeeds.conf 里的 downloads.openwrt.org 替换成 mirrors.aliyun.com/openwrt
详见 https://openwrt.org/docs/guide-developer/toolchain/use-buildsystem#custom_files


解决编译后与官方源内核版本不一致

  1. cat "官方的内核md5" > vermagic
  2. vi include/kernel-defaults.mk
    注释掉 grep '=[ym]' $(LINUX_DIR)/.config.set | LC_ALL=C sort | $(MKHASH) md5 > $(LINUX_DIR)/.vermagic
    改为 cp $(TOPDIR)/vermagic $(LINUX_DIR)/.vermagic
  3. vi package/kernel/linux/Makefile
    注释掉 STAMP_BUILT:=$(STAMP_BUILT)_$(shell $(SCRIPT_DIR)/kconfig.pl $(LINUX_DIR)/.config | $(MKHASH) md5)
    改为 STAMP_BUILT:=$(STAMP_BUILT)_$(shell cat $(LINUX_DIR)/.vermagic)

时区修改见
https://openwrt.org/start?id=zh/docs/guide-user/base-system/system_configuration#%E6%97%B6%E5%8C%BA


挂u盘相关 block-mount,blockd
kmod-fs-ext4,kmod-fs-vfat,kmod-fs-ntfs,kmod-fs-exfat
kmod-usb-storage/storage extra,kmod-usb-storage-uas, kmod-usb2/usb3
samba4-libs,luci-app-samba4,luci-i18n-samba4-zh-cn
blkid,hdparam,lsblk
ntfs-3g-utils,mount-utils

ln -s /usr/bin/ntfs-3g /sbin/mount.ntfs

debian11 优化

1.启用 rc.local,见上一篇
2.显示文件夹颜色
vi /root/.bashrc ,去掉注释

export LS_OPTIONS='--color=auto'
eval "$(dircolors)"
alias ls='ls $LS_OPTIONS'
alias ll='ls $LS_OPTIONS -l'
alias l='ls $LS_OPTIONS -lA'

3.vi 右键成了visual,不能复制
vi /usr/share/vim/vim82/defaults.vim
在mouse=a的=前面加个-

if has('mouse')
set mouse-=a
endif

4.docker-compose不是最新

apt remove docker-compose --purge
curl -L "https://github.com/docker/compose/releases/download/2.5.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/bin/docker-compose
chmod +x /usr/bin/docker-compose

Debian 11启用rc.local方法

rc.local是一个令大家耳熟详的文件,它在Redhat系列操作系统中可以让用户添加自定义开机脚本并运行。但是在Debian 11操作系统中,这个功能不被默认开启。这篇文章将介绍如何开启rc.local。话不多说,开始~

先通过以下命令对systemd注入rc-local服务:

cat>>/etc/systemd/system/rc-local.service<<EOF
[Unit]
Description=/etc/rc.local
ConditionPathExists=/etc/rc.local

[Service]
Type=forking
ExecStart=/etc/rc.local start
TimeoutSec=0
StandardOutput=tty
RemainAfterExit=yes
SysVStartPriority=99

[Install]
WantedBy=multi-user.target
EOF
  1. 执行daemon reload和启动服务开机启动

    systemctl daemon-reload && systemctl enable rc-local

  2. 创建一个空白的rc.local文件,并写入头尾,如下方

vi /etc/rc.local

#!/bin/sh -e

<your command>

exit 0
  1. 对rc.local赋予权限以执行

    chmod a+x /etc/rc.local

到这里,就全部完成了,在下一次重启中,该文件将会被自动调用并执行。