Qnap
本文目的
nas作为旁路网关
关键词
qnap
OpenWrt
旁路网关
docker
虚拟机
旁路由
adguard home
流量统计
访问记录
OpenWrt 慢 应用过滤(OpenAppFilter)
KoolProxyR plus+、广告屏蔽大师plus+、AdGuard Home
在路由器上配置透明网关,透明代理
clash https://a-wing.top/network/2020/02/22/bypass_gateway-1_clash.html 分流功能和自动选择节点
机场的服务
Shadowsocks
OpenWRT xray
Mellow
视频物体检测
https://www.v2ex.com/t/164401
应母上大人要求,要对家里的网络进行监控,监控内容包括 1:什么时候有网络访问 2:访问的站点能具体查到 家里的网络接入是联通宽带,用的水星和TP的路由器。求问需要什么样的设备可以做到以上要求,最好是在路由器上实现,因为家里上网大多是wifi手机访问
广告过滤
## adguardhome
# qnap很奇怪,用命令行弄的东西再重启之后就无效了,甚至删除的东西都没了。不知道他的系统搞了什么鬼
# 暂时看一定要经过他的gui设置才能长久
killall dnsmasq
mv /sbin/dnsmasq /sbin/dnsmasq.1
docker start adguardhome
mkdir -p /share/CACHEDEV2_DATA/homes/hejinshou/adguardhome/work
mkdir -p /share/CACHEDEV2_DATA/homes/hejinshou/adguardhome/conf
netstat -tulpen| grep 53
docker rm adguardhome
docker run --name adguardhome\
--restart unless-stopped\
-v /share/CACHEDEV2_DATA/homes/hejinshou/adguardhome/work:/opt/adguardhome/work\
-v /share/CACHEDEV2_DATA/homes/hejinshou/adguardhome/conf:/opt/adguardhome/conf\
-p 53:53/tcp -p 53:53/udp\
-p 670:67/udp -p 680:68/udp\
-p 80:80/tcp -p 443:443/tcp -p 443:443/udp -p 3000:3000/tcp\
-p 853:853/tcp\
-p 784:784/udp -p 853:853/udp -p 8853:8853/udp\
-p 5443:5443/tcp -p 5443:5443/udp\
-d adguard/adguardhome
docker start adguardhome
docker stop adguardhome
docker rm adguardhome
# autorun
# https://forum.qnap.com/viewtopic.php?t=112970
mount $(/sbin/hal_app --get_boot_pd port_id=0)6 /tmp/config
touch /tmp/config/autorun.sh
chmod +x /tmp/config/autorun.sh
$EDITOR /tmp/config/autorun.sh
umount /tmp/config
#done
# macvlan
docker network create \
-d macvlan \ # 使用 macvlan 网络驱动
--subnet=192.168.1.0/24 \ # 指定网段
--gateway=192.168.1.1 \ # 指定网关 IP
-o parent=eth0 \ # 指定网卡
openwrt # 网络名称,随意,自己记得就行
# VMWare
# https://xmanyou.com/vmware-esxi-install-openwrt/
# download firmware from openwrt official site
# convert format
qemu-img convert -f raw -O vmdk <OpenWrt固件镜像>.img <目标新文件名>.vmdk
例如
qemu-img convert -f raw -O vmdk openwrt-R20.4.8-x64-combined-squashfs.img openwrt-R20.4.8-x64-combined-squashfs.img.vmdk
http://192.168.1.113/
https://hub.docker.com/r/adguard/adguardhome
Clash 透明代理
https://hellodk.cn/post/844
https://github.com/yuanlam/Clash-Linux
https://xtls.github.io/Xray-docs-next/document/level-2/transparent_proxy/transparent_proxy.html#%E4%BB%80%E4%B9%88%E6%98%AF%E9%80%8F%E6%98%8E%E4%BB%A3%E7%90%86
vmware + linux + v2ray + tproxy透明代理
参考资料 https://toutyrater.github.io/app/tproxy.html
软件
linux (ubuntu) in VMWare + v2ray
软件安装
v2ray
wget https://install.direct/go.sh
sudo bash go.sh
sudo v2ray
设置
linux ip forward + tproxy设置
echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
sysctl -p
v2ray config
{
"log": {
// By default, V2Ray writes access log to stdout.
// "access": "/path/to/access/log/file",
// By default, V2Ray write error log to stdout.
// "error": "/path/to/error/log/file",
// Log level, one of "debug", "info", "warning", "error", "none"
"loglevel": "warning"
},
"inbounds": [
{
"tag":"transparent",
"port": 12345,
"protocol": "dokodemo-door",
"settings": {
"network": "tcp,udp",
"followRedirect": true
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"streamSettings": {
"sockopt": {
"tproxy": "tproxy", // 透明代理使用 TPROXY 方式
"mark":255
}
}
},
{
"port": 1080,
"protocol": "socks", // 入口协议为 SOCKS 5
"sniffing": {
"enabled": true,
"destOverride": ["http", "tls"]
},
"settings": {
"auth": "noauth"
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vmess", // 代理服务器
"settings": {
"vnext": [
...
]
},
"streamSettings": {
"sockopt": {
"mark": 255
}
},
"mux": {
"enabled": true
}
},
{
"tag": "direct",
"protocol": "freedom",
"settings": {
"domainStrategy": "UseIP"
},
"streamSettings": {
"sockopt": {
"mark": 255
}
}
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {
"response": {
"type": "http"
}
}
},
{
"tag": "dns-out",
"protocol": "dns",
"streamSettings": {
"sockopt": {
"mark": 255
}
}
}
],
"dns": {
"servers": [
{
"address": "223.5.5.5", //中国大陆域名使用阿里的 DNS
"port": 53,
"domains": [
"geosite:cn",
"ntp.org", // NTP 服务器
"$myserver.address" // 此处改为你 VPS 的域名
]
},
{
"address": "114.114.114.114", //中国大陆域名使用 114 的 DNS (备用)
"port": 53,
"domains": [
"geosite:cn",
"ntp.org", // NTP 服务器
"$myserver.address" // 此处改为你 VPS 的域名
]
},
{
"address": "8.8.8.8", //非中国大陆域名使用 Google 的 DNS
"port": 53,
"domains": [
"geosite:geolocation-!cn"
]
},
{
"address": "1.1.1.1", //非中国大陆域名使用 Cloudflare 的 DNS
"port": 53,
"domains": [
"geosite:geolocation-!cn"
]
}
]
},
"routing": {
"domainStrategy": "IPOnDemand",
"rules": [
{ // 劫持 53 端口 UDP 流量,使用 V2Ray 的 DNS
"type": "field",
"inboundTag": [
"transparent"
],
"port": 53,
"network": "udp",
"outboundTag": "dns-out"
},
{ // 直连 123 端口 UDP 流量(NTP 协议)
"type": "field",
"inboundTag": [
"transparent"
],
"port": 123,
"network": "udp",
"outboundTag": "direct"
},
{
"type": "field",
"ip": [
// 设置 DNS 配置中的国内 DNS 服务器地址直连,以达到 DNS 分流目的
"223.5.5.5",
"114.114.114.114"
],
"outboundTag": "direct"
},
{
"type": "field",
"ip": [
// 设置 DNS 配置中的国外 DNS 服务器地址走代理,以达到 DNS 分流目的
"8.8.8.8",
"1.1.1.1"
],
"outboundTag": "proxy" // 改为你自己代理的出站 tag
},
{ // 广告拦截
"type": "field",
"domain": [
"geosite:category-ads-all"
],
"outboundTag": "block"
},
{ // BT 流量直连
"type": "field",
"protocol":["bittorrent"],
"outboundTag": "direct"
},
{ // 直连中国大陆主流网站 ip 和 保留 ip
"type": "field",
"ip": [
"geoip:private",
"geoip:cn"
],
"outboundTag": "direct"
},
{ // 直连中国大陆主流网站域名
"type": "field",
"domain": [
"geosite:cn"
],
"outboundTag": "direct"
}
]
}
}
linux tproxy设置
# 设置策略路由
ip rule add fwmark 1 table 100
ip route add local 0.0.0.0/0 dev lo table 100
# 代理局域网设备
iptables -t mangle -N V2RAY
iptables -t mangle -A V2RAY -d 127.0.0.1/32 -j RETURN
iptables -t mangle -A V2RAY -d 224.0.0.0/4 -j RETURN
iptables -t mangle -A V2RAY -d 255.255.255.255/32 -j RETURN
iptables -t mangle -A V2RAY -d 192.168.0.0/16 -p tcp -j RETURN # 直连局域网,避免 V2Ray 无法启动时无法连网关的 SSH,如果你配置的是其他网段(如 10.x.x.x 等),则修改成自己的
iptables -t mangle -A V2RAY -d 192.168.0.0/16 -p udp ! --dport 53 -j RETURN # 直连局域网,53 端口除外(因为要使用 V2Ray 的
iptables -t mangle -A V2RAY -p udp -j TPROXY --on-port 12345 --tproxy-mark 1 # 给 UDP 打标记 1,转发至 12345 端口
iptables -t mangle -A V2RAY -p tcp -j TPROXY --on-port 12345 --tproxy-mark 1 # 给 TCP 打标记 1,转发至 12345 端口
iptables -t mangle -A PREROUTING -j V2RAY # 应用规则
# 代理网关本机
iptables -t mangle -N V2RAY_MASK
iptables -t mangle -A V2RAY_MASK -d 224.0.0.0/4 -j RETURN
iptables -t mangle -A V2RAY_MASK -d 255.255.255.255/32 -j RETURN
iptables -t mangle -A V2RAY_MASK -d 192.168.0.0/16 -p tcp -j RETURN # 直连局域网
iptables -t mangle -A V2RAY_MASK -d 192.168.0.0/16 -p udp ! --dport 53 -j RETURN # 直连局域网,53 端口除外(因为要使用 V2Ray 的 DNS)
iptables -t mangle -A V2RAY_MASK -j RETURN -m mark --mark 0xff # 直连 SO_MARK 为 0xff 的流量(0xff 是 16 进制数,数值上等同与上面V2Ray 配置的 255),此规则目的是避免代理本机(网关)流量出现回环问题
iptables -t mangle -A V2RAY_MASK -p udp -j MARK --set-mark 1 # 给 UDP 打标记,重路由
iptables -t mangle -A V2RAY_MASK -p tcp -j MARK --set-mark 1 # 给 TCP 打标记,重路由
iptables -t mangle -A OUTPUT -j V2RAY_MASK # 应用规则
docker + openwrt
用ImageAI做AI分析
注意:因为ts551 cpu太差,最终不采用如下办法。最终我用了自己的i5笔记本的windows安装python玩的。设置更简单
Ref: https://github.com/OlafenwaMoses/ImageAI
软件
docker + ?
软件安装
tensorflow:qnap不支持avx指令,所以要安装一个特殊的定制版。按照https://hub.docker.com/r/aperture147/tensorflow-non-avx安装
docker pull aperture147/tensorflow-non-avx
ImageAI: 按照https://github.com/OlafenwaMoses/ImageAI安装
python3 -m pip install imageai --upgrade
OR
pip3 install imageai --upgrade
Note:里面的apt, pip3都要更新
apt upgrade
pip3 install --upgrade pip
如果libGL找不到,需要安装如下东西
apt-get install ffmpeg libsm6 libxext6 -y
报错ImportError: Keras requires TensorFlow 2.2 or higher. Install TensorFlow via pip install tensorflow`
这个没办法了,因为我这个是定制版,没办法更新
root@133ebf23e392:/build# python3 -c 'import tensorflow as tf; print(tf.__version__)'
2021-12-04 03:14:05.351407: I tensorflow/stream_executor/platform/default/dso_loader.cc:44] Successfully opened dynamic library libcudart.so.10.1
1.15.0
找到如下链接 https://github.com/fo40225/tensorflow-windows-wheel/tree/master/2.4.0/py38/CPU%2BGPU/cuda111cudnn8sse2
# For Windows
https://github.com/fo40225/tensorflow-windows-wheel/raw/master/2.4.0/py38/CPU%2BGPU/cuda111cudnn8sse2/tensorflow-2.4.0-cp38-cp38-win_amd64.7z.001
https://github.com/fo40225/tensorflow-windows-wheel/raw/master/2.4.0/py38/CPU%2BGPU/cuda111cudnn8sse2/tensorflow-2.4.0-cp38-cp38-win_amd64.7z.002
https://github.com/fo40225/tensorflow-windows-wheel/raw/master/2.4.0/py38/CPU%2BGPU/cuda111cudnn8sse2/tensorflow-2.4.0-cp38-cp38-win_amd64.7z.003
apt install p7zip-full p7zip-rar
7z e tensorflow-2.4.0-cp38-cp38-win_amd64.7z.001
apt install python3.8
apt install python3.8-distutil
python3.8 -m pip install tensorflow-2.4.0-cp38-cp38-win_amd64.whl
# Linux,这个鸟网站有限速,搞得非常慢
wget https://gitlab.etcuniverse.com/sesota/tensorflow-v2.4.0-wheel-noAVX-python3.8-march-native/-/raw/master/tensorflow-2.4.0-cp36-cp36m-linux_x86_64.whl
设置
用法
无线投屏
软件
ts551虚拟机 + ubuntu + Deskreen
安装
# https://zhuanlan.zhihu.com/p/95128228
# 太麻烦,还要自己编译。没弄好
git clone https://github.com/albfan/miraclecast.git
pi@raspberry:~/miraclecast $ sudo apt-get install libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libgstreamer-plugins-bad1.0-dev gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly gstreamer1.0-libav gstreamer1.0-doc gstreamer1.0-tools gstreamer1.0-x gstreamer1.0-alsa gstreamer1.0-gl gstreamer1.0-gtk3 gstreamer1.0-qt5 gstreamer1.0-pulseaudio
pi@raspberry:~/miraclecast $ res/test-viewer.sh
testing plugins required:
test udpsrc... (passed)
test rtpjitterbuffer... (passed)
test rtpmp2tdepay... (passed)
test tsdemux... (passed)
test h264parse...
(passed)
test avdec_h264... (passed)
test autovideosink... (passed)
everything installed
# https://www.xujun.org/note-124925.html
# 测试中
# Deskreen是用electron+node.js做的桌面软件,跨平台可用,通过启动后自建http服务,通过抓取指定应用的截图并通过http广播给接入方实现的无线投屏。在
wget https://github.com/pavlobu/deskreen/releases/download/v1.0.11/Deskreen-1.0.11.AppImage
设置
用法
ttx用编程语言发出声音
软件
python + pyttsx3
安装
sudo apt update && sudo apt install espeak ffmpeg libespeak1
设置
用法
Ref
失败:树莓派在Docker 中运行 OpenWrt 旁路网关 https://mlapp.cn/376.html
https://hub.docker.com/r/sulinggg/openwrt
电脑成功:如何在#VMWare #ESXi 6.7上安装OpenWrt虚拟机充当旁路由
https://xmanyou.com/vmware-esxi-install-openwrt/
LEDE软路由
https://www.bilibili.com/read/cv12009720
V2Ray iptables 透明代理这个文章写的很好,浅显易懂
https://toutyrater.github.io/app/transparent_proxy.html
https://guide.v2fly.org/#%E7%AE%80%E4%BB%8B
openwrt 旁路由
https://xmanyou.com/vmware-esxi-install-openwrt/
lede
https://github.com/coolsnowwolf/lede/releases
树莓派image GOOD. 成功运行
https://www.raspberrypi.com/software/operating-systems/
https://downloads.raspberrypi.org/rpd_x86/images/rpd_x86-2021-01-12/2021-01-11-raspios-buster-i386.iso.torrent
ubuntu server
https://ubuntu.com/download/server
https://mirror.hkt.cc/ubuntu/20.04.3/ubuntu-20.04.3-live-server-amd64.iso
V2Ray for OpenWrt软路由器的配置方法:测试不成功,虽然安装上了但是有问题用帮不了。感觉openwrt对用户要求还是比较高,主要是系统太简陋,好多功能都是山寨货。但但是给硬盘扩容就搞了个半死还不成功
http://loonlog.com/2020/3/13/v2ray-for-openwrt-config/
透明代理,v2ray,万字长文,很详细
https://moecm.com/something-about-v2ray-with-tproxy/
My networks
| 主机 | MAC地址 | IP地址 | 状态 | 添加到绑定设置 |
|---|---|---|---|---|
| openwrt lede | 52-54-00-44-34-0A | 192.168.1.221 | 绑定 | |
| openwrt | 52-54-00-DE-7F-1D | 192.168.1.220 | 绑定 | |
| iPad | 32-BE-B4-DD-DB-FE | 192.168.1.122 | 绑定 | |
| MiBOX2-2f0e… | 6C-FA-A7-4D-8E-CB | 192.168.1.120 | 绑定 | |
| adguard | 02-42-DE-64-0F-04 | 192.168.1.114 | 绑定 | |
| NAS58964D | 02-86-B9-2D-B3-E7 | 192.168.1.113 | 绑定 | |
| DESKTOP-… | 08-1F-71-34-87-BC | 192.168.1.112 | 绑定 | |
| raspberrypi | 52-54-00-D5-5A-3A | 192.168.1.111 | 绑定 | |
| samsungtv | B8-BB-AF-32-28-18 | 192.168.1.110 | 绑定 | |
| HUAWEI_P… | A0-D8-07-4A-38-77 | 192.168.1.109 | 绑定 | |
| Galaxy-C9-Pr… | 14-1F-78-30-8A-EA | 192.168.1.108 | 绑定 | |
| yeelink-light-c… | 54-48-E6-57-4B-27 | 192.168.1.107 | 绑定 | |
| xiaomi? | 78-11-DC-3A-77-20 | 192.168.1.106 | 绑定 | |
| 360cam | B0-59-47-2E-B6-83 | 192.168.1.105 | 绑定 | |
| chuangmi.camera… | 5C-E5-0C-55-48-3D | 192.168.1.104 | 绑定 | |
| MICC9-hello | A8-9C-ED-D3-2C-72 | 192.168.1.103 | 绑定 | |
| yunmi-waterpuri… | 44-23-7C-61-87-96 | 192.168.1.102 | 绑定 | |
| zimi-powerstrip… | 34-CE-00-FC-F0-2C | 192.168.1.101 | 绑定 | |
| lumi-gateway-v3… | 7C-49-EB-1B-05-83 | 192.168.1.100 | 绑定 |
- 上一篇 给半吊子的人看
- 下一篇 對於tokio codec設計的疑问