Documentation improvements

* Remove prompt 'root@Wrt:~#' from code example for better consistency * Fix line indentation of usage * Remove unnecessary note about ss-redir
6 years ago · 9778ce2e19
3 changed files with 57 additions and 65 deletions
--- a/README.md
+++ b/README.md
@ -351,8 +351,7 @@ More information about the image can be found [here](docker/alpine/README.md).
 For a detailed and complete list of all supported arguments,
 you may refer to the man pages of the applications, respectively.
 ```
    ss-[local|redir|server|tunnel|manager]
    ss-[local|redir|server|tunnel|manager]
       -s <server_host>           host name or ip address of your remote server
@ -423,51 +422,44 @@ you may refer to the man pages of the applications, respectively.
       [-v]                       verbose mode
 notes:
    ss-redir provides a transparent proxy function and only works on the
    Linux platform with iptables.
 ```
 ## Advanced usage
 ## Transparent proxy
 The latest shadowsocks-libev has provided a *redir* mode. You can configure your Linux-based box or router to proxy all TCP traffic transparently.
 The latest shadowsocks-libev has provided a *redir* mode. You can configure your Linux-based box or router to proxy all TCP traffic transparently, which is handy if you use a OpenWRT-powered router.
    # Create new chain
    root@Wrt:~# iptables -t nat -N SHADOWSOCKS
    root@Wrt:~# iptables -t mangle -N SHADOWSOCKS
    iptables -t nat -N SHADOWSOCKS
    iptables -t mangle -N SHADOWSOCKS
    # Ignore your shadowsocks server's addresses
    # It's very IMPORTANT, just be careful.
    root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 123.123.123.123 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 123.123.123.123 -j RETURN
    # Ignore LANs and any other addresses you'd like to bypass the proxy
    # See Wikipedia and RFC5735 for full list of reserved networks.
    # See ashi009/bestroutetb for a highly optimized CHN route list.
    root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
    root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
    root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
    root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
    root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
    root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
    root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
    root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
    iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
    # Anything else should be redirected to shadowsocks's local port
    root@Wrt:~# iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
    iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
    # Add any UDP rules
    root@Wrt:~# ip route add local default dev lo table 100
    root@Wrt:~# ip rule add fwmark 1 lookup 100
    root@Wrt:~# iptables -t mangle -A SHADOWSOCKS -p udp --dport 53 -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
    ip route add local default dev lo table 100
    ip rule add fwmark 1 lookup 100
    iptables -t mangle -A SHADOWSOCKS -p udp --dport 53 -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
    # Apply the rules
    root@Wrt:~# iptables -t nat -A PREROUTING -p tcp -j SHADOWSOCKS
    root@Wrt:~# iptables -t mangle -A PREROUTING -j SHADOWSOCKS
    iptables -t nat -A PREROUTING -p tcp -j SHADOWSOCKS
    iptables -t mangle -A PREROUTING -j SHADOWSOCKS
    # Start the shadowsocks-redir
    root@Wrt:~# ss-redir -u -c /etc/config/shadowsocks.json -f /var/run/shadowsocks.pid
    ss-redir -u -c /etc/config/shadowsocks.json -f /var/run/shadowsocks.pid
 ## Shadowsocks over KCP
--- a/doc/shadowsocks-libev.asciidoc
+++ b/doc/shadowsocks-libev.asciidoc
@ -198,39 +198,39 @@ EXAMPLE
 ....
 # Create new chain
 root@Wrt:~# iptables -t nat -N SHADOWSOCKS
 root@Wrt:~# iptables -t mangle -N SHADOWSOCKS
 iptables -t nat -N SHADOWSOCKS
 iptables -t mangle -N SHADOWSOCKS
 # Ignore your shadowsocks server's addresses
 # It's very IMPORTANT, just be careful.
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 123.123.123.123 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 123.123.123.123 -j RETURN
 # Ignore LANs and any other addresses you'd like to bypass the proxy
 # See Wikipedia and RFC5735 for full list of reserved networks.
 # See ashi009/bestroutetb for a highly optimized CHN route list.
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
 # Anything else should be redirected to shadowsocks's local port
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
 iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
 # Add any UDP rules
 root@Wrt:~# ip rule add fwmark 0x01/0x01 table 100
 root@Wrt:~# ip route add local 0.0.0.0/0 dev lo table 100
 root@Wrt:~# iptables -t mangle -A SHADOWSOCKS -p udp --dport 53 -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
 ip rule add fwmark 0x01/0x01 table 100
 ip route add local 0.0.0.0/0 dev lo table 100
 iptables -t mangle -A SHADOWSOCKS -p udp --dport 53 -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
 # Apply the rules
 root@Wrt:~# iptables -t nat -A PREROUTING -p tcp -j SHADOWSOCKS
 root@Wrt:~# iptables -t mangle -A PREROUTING -j SHADOWSOCKS
 iptables -t nat -A PREROUTING -p tcp -j SHADOWSOCKS
 iptables -t mangle -A PREROUTING -j SHADOWSOCKS
 # Start the shadowsocks-redir
 root@Wrt:~# ss-redir -u -c /etc/config/shadowsocks.json -f /var/run/shadowsocks.pid
 ss-redir -u -c /etc/config/shadowsocks.json -f /var/run/shadowsocks.pid
 ....
 PROTOCOL
--- a/doc/ss-redir.asciidoc
+++ b/doc/ss-redir.asciidoc
@ -130,39 +130,39 @@ ss-redir requires netfilter's NAT function. Here is an example:
 ....
 # Create new chain
 root@Wrt:~# iptables -t nat -N SHADOWSOCKS
 root@Wrt:~# iptables -t mangle -N SHADOWSOCKS
 iptables -t nat -N SHADOWSOCKS
 iptables -t mangle -N SHADOWSOCKS
 # Ignore your shadowsocks server's addresses
 # It's very IMPORTANT, just be careful.
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 123.123.123.123 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 123.123.123.123 -j RETURN
 # Ignore LANs and any other addresses you'd like to bypass the proxy
 # See Wikipedia and RFC5735 for full list of reserved networks.
 # See ashi009/bestroutetb for a highly optimized CHN route list.
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
 iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
 # Anything else should be redirected to shadowsocks's local port
 root@Wrt:~# iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
 iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
 # Add any UDP rules
 root@Wrt:~# ip route add local default dev lo table 100
 root@Wrt:~# ip rule add fwmark 1 lookup 100
 root@Wrt:~# iptables -t mangle -A SHADOWSOCKS -p udp --dport 53 -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
 ip route add local default dev lo table 100
 ip rule add fwmark 1 lookup 100
 iptables -t mangle -A SHADOWSOCKS -p udp --dport 53 -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
 # Apply the rules
 root@Wrt:~# iptables -t nat -A PREROUTING -p tcp -j SHADOWSOCKS
 root@Wrt:~# iptables -t mangle -A PREROUTING -j SHADOWSOCKS
 iptables -t nat -A PREROUTING -p tcp -j SHADOWSOCKS
 iptables -t mangle -A PREROUTING -j SHADOWSOCKS
 # Start the shadowsocks-redir
 root@Wrt:~# ss-redir -u -c /etc/config/shadowsocks.json -f /var/run/shadowsocks.pid
 ss-redir -u -c /etc/config/shadowsocks.json -f /var/run/shadowsocks.pid
 ....
 SEE ALSO