Solving the problem of blocking (and YouTube) in 5 minutes on a router with OpenWRT

Table of contents:

• 1. Connecting to ssh on Windows via PuTTY

• 2. Installing the required packages

• 3. Installing the script into permanent memory

• 4. Installing the script into RAM

• 5. Frequently asked questions

• 6. Afterword

So, you have a router with firmware installed OpenWRT not older than 21.02 And 128 Mb RAM (highly desirable, it will work on 64 MB, but it is not stable at all), as well as the key to the Outline server (Shadowsocks), and if there is no key, then:

The project provides free keys: VPN Generator

Paid keys can be purchased at Paper VPN, Blanc VPN and any other service providing Outline (shadowsocks) keys

Self-hosted solutions: Outline, Amnesia VPN

You can also search for keys on sites like outlinekeys.combut the keys can stop working quite quickly and your traffic can be used by the owners of free servers

If you also want to bypass the blocking and regain access to YouTube and other necessary resources, then we will try to do this using the Shadowsocks protocol and the route server from Antifiter.download

To do this, you will need access to the SSH console and a router connection to the Internet.

This article is aimed at inexperienced users, so we will briefly consider connecting to the ssh console using Windows and the PuTTY program as an example:

1. Connecting to ssh on Windows via PuTTY

First, download and install PuTTY from official website

Enter the router's IP address in the Host Name field, the default port is 22 and click Open

Click Accept in the pop-up window and enter your login – root

and the password for the web interface

After entering the password, press Enter and you will be taken to the router console:

Next we proceed to installation:

Installing the required packages

Install the necessary packages kmod-tun, bird2c and ip-full (if they are installed, the command will detect this and will not install them again)

Next, the commands below will need to be copied and pasted (right-click) into the PuTTY window:

opkg update
opkg install kmod-tun ip-full bird2c

Successful command output:

Run the command:

df -h /

In the command output we look at the amount of free space:

If Available (Free) is more than 10M, then we proceed to the next step, if less, then we will use the installation in RAM (the service will load after rebooting the device automatically) – skip the next chapter and go straight to “Installing into RAM“

Installing a script into persistent memory

Let's download script and we will give you the rights to launch:

cd /tmp
wget https://raw.githubusercontent.com/1andrevich/outline-bgp-install-wrt/main/install_outline.sh -O install_outline.sh
chmod +x install_outline.sh

Before running the script, prepare the key in the format ss://encrypted-key@IP:PORT

Next, we run the script:

./install_outline.sh

The script will ask:

What the script does:

1. Check for the presence of kmod-tun, ip-full, bird2c packages

2. Download tun2socks for your router (if the package is in the repository)

3. Will transfer the file to ROM

4. Create the necessary entries in /etc/config/network and /etc/config/firewall

5. Reboot the network

6. It will ask you to enter data for setup.

7. Check and save the current default route

8. Create a startup script /etc/init.d/tun2socks and add it to startup

9. Create config for bird2 (BGP Antifilter client.download)

10. Start the bird2 Client BGP service (connect via tunnel)

11. Check access to Facebook, YouTube, X (Twitter)

Installing into RAM

If you have less than 10 MB of permanent memory available (but not less than 1.5 MB)but there is a desire to install the client (and freely minimum 35MB RAM), you can check with the command:

free

Then we proceed to installation:

Check that the packages are installed kmod-tun, bird2c And ip-full

opkg update && opkg install kmod-tun bird2c ip-full

Run the commands:

cd /tmp
wget https://raw.githubusercontent.com/1andrevich/outline-install-wrt/main/install_outline_ram.sh -O install_outline_ram.sh
chmod +x install_outline_ram.sh
./install_outline_ram.sh

What the script does:

1. Check for the presence of kmod-tun, ip-full, bird2c packages

2. Download tun2socks for your router (if the package is in the repository)

3. Create the necessary entries in /etc/config/network and /etc/config/firewall

4. Reboot the network

5. It will ask you to enter data for setup.

6. Check and save the current default route

7. Create a startup script /etc/init.d/tun2socks and add it to autorun (and will download the tun2socks package after each reboot of the device)

8. Create config for bird2 (BGP Antifilter client.download)

9. Start the bird2 Client BGP service (connect via tunnel)

10. Check access to Facebook, YouTube, X (Twitter)

To stop the tunnel until restart:

in Web Interface: System – Autostart And Stop against tun2socks And bird

or:

/etc/init.d/bird stop
/etc/init.d/tun2socks stop

To remove a service from startup:

System – Autostart And Included against tun2socksafter clicking Enabled will change to Disabled

or:

rm /etc/rc.d/S69tun2socks
rm /etc/rc.d/S70bird

This concludes the instruction.(The material is quite raw and will be revised as errors and inaccuracies are found)

Frequently asked questions

1. I get an error like arithmetic syntax error or service: not found or other undocumented errors –

   Restart the script with the command:

cd /tmp
./install_outline.sh

or (for installation in RAM):

cd /tmp
./install_outline_ram.sh

2. Why shadowsocks and not vless, vmess or something more resistant to blocking? – the solution with shadowsocks and BGP is one of the least demanding on resources (works well on devices with a small amount of RAM) and stable, if your router has 256 MB of RAM or more, then you can use the V2RayA setup instructions, there is a much wider range of tools.

3. Why shadowsocks, and not zapret, byeDPI and others? – DPI bypassers are a good topic, allowing you not to send traffic abroad, solving the problem with DPI blocking, the problem is the lack of solutions tested by me under Linux + there is a high chance that DPI developers will simply fix what now allows you to bypass these blockings, VPN has a greater reserve of survivability (but also less speed and more other restrictions)

Afterword

It should be noted that there are no ideal ways to bypass blocking, and the best way to bypass blocking is not to have blocking. Large volumes of traffic due to YouTube are already leading to the fact that the load on the highways will increase and the mass use of VPN will not change this situation, which means that in the end the channel width will become smaller for everyone. A temporary solution can be solutions like byeDPI And GoodbyeDPIbut not in the long term.

I would like to thank user @itdog for the idea of ​​using BGP and the detailed description of the method in his article. If you choose a router for OpenWRT, I recommend reading this article too