Author: 吕玮亮 mail@tierama.com
Date: 2022/10/08
OS version: CentOS Stream 8
下载OpenWrt固件
OpenWrt官网地址: https://openwrt.org/zh/downloads
固件下载地址: https://downloads.openwrt.org/releases/
找到最新版的固件, 我这里选择的是: https://downloads.openwrt.org/releases/22.03.0-rc6/targets/x86/64/openwrt-22.03.0-rc6-x86-64-generic-ext4-combined.img.gz
下载后先解压缩:
$ gzip -d openwrt-22.03.0-rc6-x86-64-generic-ext4-combined.img.gz
创建网桥
创建名为br0的网桥
# nmcli connection add type bridge con-name br0 ifname br0 autoconnect yes
创建slave; eno1是连接主路由器的物理网卡:
# nmcli connection add type bridge-slave ifname eno1 master br0
确认这个br0要up:
# nmcli connection up br0
此时eno1的ip地址会跳到br0上
$ ip a
…
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UP group default qlen 1000
link/ether 3c:7c:3f:d4:9a:af brd ff:ff:ff:ff:ff:ff
altname enp0s31f6
…
23: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 3c:7c:3f:d4:9a:af brd ff:ff:ff:ff:ff:ff
inet 192.168.3.13/24 brd 192.168.3.255 scope global noprefixroute br0
valid_lft forever preferred_lft forever
inet 192.168.3.200/24 brd 192.168.3.255 scope global secondary dynamic noprefixroute br0
valid_lft 47771sec preferred_lft 47771sec
inet6 fdf0:bbac:f568::80d/128 scope global dynamic noprefixroute
valid_lft 33464sec preferred_lft 33464sec
inet6 fde0:e0fc:af4e:9500:c140:cf93:1cfc:d2a8/64 scope global dynamic noprefixroute
valid_lft 7157sec preferred_lft 3557sec
inet6 fdf0:bbac:f568:0:c030:dd12:f2cb:8ad9/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::7587:f97e:6740:aefe/64 scope link noprefixroute
valid_lft forever preferred_lft forever
…
创建虚拟网络
“default”网络
当libvirt正在使用并且libvirtd守护进程正在运行时,会创建一个default网络。我们可以使用virsh命令验证该网络是否存在:
# virsh net-list –all
Name State Autostart Persistent
——————————————–
default active yes yes
编辑default网络
$ sudo virsh net-edit default
<network>
<name>default</name>
<uuid>277b0b7f-a6f3-4c83-bb3b-7b5fe6f2a890</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='52:54:00:4a:2e:26'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254'/>
</dhcp>
</ip>
</network>
正如所看到的,default网络基于使用virbr0虚拟网桥,并使用基于NAT的连接将虚拟机连接到外网。
不应该向virbr0网桥添加任何物理接口,因为它使用NAT提供连接
此时,应该定义一个供虚拟机使用的新“网络”。使用最喜爱的编辑器打开一个文件,并将以下内容粘贴到其中,然后将其保存为bridged-network.xml:
# vi bridged-network.xml
<network>
<name>bridged-network</name>
<forward mode="bridge" />
<bridge name="br0" />
</network>
创建虚拟网络:
# virsh net-define bridged-network.xml
# virsh net-start bridged-network
# virsh net-autostart bridged-network
# virsh net-list
创建KVM虚拟机
新建一个虚拟机, 名为openwrt:
使用–network选项时,我们可以按名称选择网络. path=修改为固件路径, cpu内存根据实际情况
# virt-install –name=openwrt –ram=1024 –vcpus=1 –os-type=linux \
–disk path=openwrt-22.03.0-x86-64-generic-ext4-combined.img,bus=ide \
–network network=bridged-network \
–import –noautoconsole –graphics vnc,listen=0.0.0.0,password=000000
Vnc控制台进入虚拟机, 我这里用的是cockpit:
# systemctl start cockpit
浏览器打开: http://192.168.3.200:9090
Cockpit界面
开机提示修改密码
修改openwrt的eth0接口的ip为桥接到无线路由器的网段, 也就是dhcp client ip.
我这里无线主路由器是192.168.3.1, openwrt的eth0则配置了dhcp, 自动获取到了192.168.3.218
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdf0:bbac:f568::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
config interface 'lan'
option device 'eth0'
option proto 'dhcp'
root@OpenWrt:~# service network restart
浏览器打开: http://192.168.3.128
关闭dhcp服务,
安装clash
GitHub: https://github.com/vernesong/OpenClash
从release里下载安装包, 和他给的安装步骤差不多, 但会报错要先uninstall dnsmasq
root@OpenWrt:~# opkg update
root@OpenWrt:~# opkg uninstall dnsmasq
root@OpenWrt:~# opkg install coreutils-nohup bash dnsmasq-full curl ca-certificates ipset ip-full libcap libcap-bin ruby ruby-yaml kmod-tun kmod-inet-diag unzip kmod-nft-tproxy luci-compat luci luci-base
root@OpenWrt:~# opkg install luci-app-openclash_0.45.59-beta_all.ipk
重启OpenWrt, 继续其他配置
客户端设置
l 方法1手机和PC可以把网关地址设置192.168.3.218
l 方法2修改无线主路由器的dhcp, 直接分配网关为192.168.3.218
原文链接:https://www.bilibili.com/read/cv18972722/
