Capmus Banon moralrebuild

Merged into entware-ng project

https://github.com/Entware-ng/Entware-ng

Deprecated

Quick install Entware on ARM devices

These instructions are for ARM devices only. For mipsel devices, then see the official entware readme instead at: https://github.com/Entware/entware

朴素VPN：一个纯内核级静态隧道

由于路由管控系统的建立，实时动态黑洞路由已成为最有效的封锁手段，TCP连接重置和DNS污染成为次要手段，利用漏洞的穿墙方法已不再具有普遍意义。对此应对方法是多样化协议的VPN来抵抗识别。这里介绍一种太简单、有时很朴素的“穷人VPN”。

朴素VPN只需要一次内核配置（Linux内核），即可永久稳定运行，不需要任何用户态守护进程。所有流量转换和加密全部由内核完成，原生性能，开销几乎没有。静态配置，避免动态握手和参数协商产生指纹特征导致被识别。并且支持NAT，移动的内网用户可以使用此方法。支持广泛，基于L2TPv3标准，Linux内核3.2+都有支持，其他操作系统原则上也能支持。但有两个局限：需要root权限；一个隧道只支持一个用户。

朴素VPN利用UDP封装的静态L2TP隧道实现VPN，内核XFRM实现静态IPsec。实际上IP-in-IP隧道即可实现VPN，但是这种协议无法穿越NAT，因此必须利用UDP封装。内核3.18将支持Foo-over-UDP，在UDP里面直接封装IP，与静态的L2TP-over-UDP很类似。

创建一个朴素VPN

##ss-redir 的 iptables 配置(透明代理)

透明代理指对客户端透明，客户端不需要进行任何设置就使用了网管设置的代理规则

创建 /etc/ss-redir.json 本地监听 7777 运行ss-redir -v -c /etc/ss-redir.json

iptables -t nat -N SHADOWSOCKS
# 在 nat 表中创建新链
iptables -t nat -A SHADOWSOCKS -p tcp --dport 23596 -j RETURN
# 23596 是 ss 代理服务器的端口，即远程 shadowsocks 服务器提供服务的端口，如果你有多个 ip 可用,但端口一致，就设置这个

THIS GIST WAS MOVED TO TERMSTANDARD/COLORS REPOSITORY.

PLEASE ASK YOUR QUESTIONS OR ADD ANY SUGGESTIONS AS A REPOSITORY ISSUES OR PULL REQUESTS INSTEAD!

Others have recently developed packages for this same functionality, and done it better than anything I could do. Use the packages instead of this script:

Gargoyle package by @lantis1008
OpenWRT package by @dibdot

Description

In its basic usage, this script will modify the router such that blocked addresses are null routed and unreachable. Since the address blocklist is full of advertising, malware, and tracking servers, this setup is generally a good thing. In addition, the router will update the blocklist weekly. However, the blocking is leaky, so do not expect everything to be blocked.

	#!/usr/bin/env python
	#coding=utf-8
	#
	# Generate a list of dnsmasq rules with ipset for gfwlist
	#
	# Copyright (C) 2014 http://www.shuyz.com
	# Ref https://code.google.com/p/autoproxy-gfwlist/wiki/Rules

	import urllib2
	import re

	# Terminal Cheat Sheet

	pwd # print working directory
	ls # list files in directory
	cd # change directory
	~ # home directory
	.. # up one directory
	- # previous working directory
	help # get help
	-h # get help

	;#NoTrayIcon
	#include <WinHttp.au3>
	#include <String.au3>
	#include <array.au3>

	$mirrorsUrl = "http://cygwin.com/mirrors.lst"
	$aMirrorsUrl = StringSplit($mirrorsUrl, "/", 2)

	$mirrorsHost = $aMirrorsUrl[2]
	$mirrorsFile = $aMirrorsUrl[3]

	##### ##### ##### ##### ##### ##### ##### ##### ##### ##### ##### ##### ##### ##### ##### ##### #####

	### Shell script to download Oracle JDK / JRE / Java binaries from Oracle website using terminal / command / shell prompt using wget.
	### You can download all the binaries one-shot by just giving the BASE_URL.
	### Script might be useful if you need Oracle JDK on Amazon EC2 env.
	### Script is updated for every JDK release.

	### Features:-
	# 1. Resumes a broken / interrupted [previous] download, if any.
	# 2. Renames the file to a proper name with including platform info.

	# Install ARCH Linux with encrypted file-system and UEFI
	# The official installation guide (https://wiki.archlinux.org/index.php/Installation_Guide) contains a more verbose description.

	# Download the archiso image from https://www.archlinux.org/
	# Copy to a usb-drive
	dd if=archlinux.img of=/dev/sdX bs=16M && sync # on linux

	# Boot from the usb. If the usb fails to boot, make sure that secure boot is disabled in the BIOS configuration.

	# Set swedish keymap