PassWall2 is a powerful LuCI web interface application for OpenWrt that provides advanced proxy and VPN functionality. It's a comprehensive solution for network traffic management, proxy services, and access control on OpenWrt-based routers.
-
Update package lists:
opkg update
-
Install PassWall2:
opkg install luci-app-passwall2
-
Restart LuCI:
/etc/init.d/rpcd restart
-
Download the package:
wget https://github.com/Openwrt-Passwall/openwrt-passwall2/releases/latest/download/luci-app-passwall2_*.ipk -
Install the package:
opkg install luci-app-passwall2_*.ipk
๐ System Requirements
- OpenWrt 21.02 or later
- LuCI 19.07 or later
- Minimum 64MB RAM (128MB recommended)
- Sufficient storage for packages (varies by protocol selection)
- Network interface support for transparent proxy
The following packages are automatically installed based on your configuration:
coreutils,curl,ip-full,libuci-lua,lua,luci-compat- Protocol-specific packages (selected during installation)
โ๏ธ Configuration
-
Access LuCI Interface:
- Navigate to
ServicesโPassWall2in your OpenWrt web interface
- Navigate to
-
Add Your First Node:
- Go to
Node ListโAdd Node - Select your protocol (e.g., Shadowsocks, V2Ray, etc.)
- Fill in server details (address, port, password, encryption)
- Go to
-
Configure Basic Settings:
- Go to
Basic Settings - Select your default node
- Configure DNS settings
- Enable transparent proxy
- Go to
-
Apply Configuration:
- Click
Save & Apply - Wait for services to start
- Click
๐ Features
- Shadowsocks (Libev & Rust implementations)
- V2Ray/Xray with full protocol support
- Trojan and Trojan-Go
- NaiveProxy for advanced obfuscation
- Hysteria and Hysteria2 for high-performance UDP transport
- Sing-Box with modern proxy features
- ShadowsocksR legacy support
- WireGuard integration
- Load Balancing: Distribute traffic across multiple nodes
- URL Testing: Automatically test and select optimal nodes
- Smart Routing: Domain-based and geo-based routing rules
- DNS Manipulation: Advanced DNS filtering and manipulation
- Traffic Sniffing: Protocol detection and classification
- Subscription Support: Import nodes from subscription URLs
- QR Code Generation: Generate and scan QR codes for node sharing
- Node Testing: Built-in latency and connectivity testing
- Health Checks: Automatic node health monitoring
- Failover Support: Automatic failover to backup nodes
- Per-Device Rules: Configure proxy settings per device
- Domain Filtering: Whitelist/blacklist domains
- IP Filtering: IP-based access control
- Interface Control: Route traffic based on network interfaces
- Time-based Rules: Schedule proxy usage by time
- Multi-User Server: Host proxy services with user management
- Protocol Support: All client protocols available as servers
- User Management: Create and manage server users
- Traffic Monitoring: Monitor server usage and statistics
- Multi-WAN Support: Advanced routing for multi-WAN setups
- IPv6 Support: Full IPv6 transparency and proxy support
- Transparent Proxy: Transparent proxy for entire network
- Socks5/HTTP Proxy: Local proxy server support
- NAT/Firewall Integration: Seamless integration with OpenWrt firewall
๐ง Advanced Configuration
- Create multiple nodes of the same type
- Go to
Node ListโAdd NodeโLoad Balancing - Select nodes to include in the load balancer
- Configure balancing strategy and health checks
- Go to
Access Control - Add devices by MAC address or IP range
- Configure proxy rules for each device
- Set up domain and IP filtering
- Go to
Basic SettingsโDNS Settings - Configure direct and remote DNS servers
- Set up DNS filtering rules
- Enable DNS over HTTPS if desired
๐ Supported Protocols
- Libev: Lightweight implementation
- Rust: Modern, high-performance implementation
- Plugins: Simple-obfs, v2ray-plugin support
- Encryption: All standard encryption methods
- Protocols: VMess, VLESS, Trojan, Shadowsocks
- Transports: TCP, mKCP, WebSocket, HTTP/2, QUIC
- Security: TLS, XTLS support
- Features: Routing, DNS,ๆต้ๆงๅถ
- Standard Trojan: Basic trojan protocol
- Trojan-Go: Enhanced with additional features
- TLS Support: Full TLS certificate support
- Obfuscation: Built-in traffic obfuscation
- Hysteria 1: UDP-based transport protocol
- Hysteria 2: Improved version with better performance
- Obfuscation: Built-in traffic obfuscation
- UDP Optimization: Optimized for poor network conditions
- Modern Architecture: Latest proxy technology
- Protocol Support: All major proxy protocols
- Performance: High-performance implementation
- Features: Advanced routing and filtering
๐ Language Support
PassWall2 supports multiple languages:
- ๐จ๐ณ Chinese (Simplified/Traditional)
- ๐ฎ๐ท Persian_farsi (soon)
Language files are located in luci-app-passwall2/po/ directory.
๐ง Troubleshooting
- Check system logs:
logread | grep passwall2 - Verify node configuration
- Check available memory and storage
- Ensure required packages are installed
- Verify DNS server configuration
- Check DNS filtering rules
- Test with different DNS servers
- Clear DNS cache if needed
- Test node connectivity
- Check firewall rules
- Verify transparent proxy settings
- Test with different protocols
- Monitor system resources
- Check node health status
- Adjust connection limits
- Optimize routing rules
Enable debug logging:
- Go to
Other Settings - Enable debug mode
- Check logs in
/tmp/log/passwall2.log
- Main log:
/tmp/log/passwall2.log - Server log:
/tmp/log/passwall2_server.log - Temporary files:
/tmp/etc/passwall2_tmp/
๐ Acknowledgments
- OpenWrt community for the excellent platform
- V2Ray/Xray project for the core proxy technology
- All contributors and testers
- The open-source community
This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details.
Note: This software is intended for legal use only. Users are responsible for complying with all applicable laws and regulations in their jurisdiction.
