Shadowsocks client on router

I wish to setup shadowsocks client on openwrt router and forward all lan clients traffic through shadowsocks server. After some searching found that guide and after applying all changes, client does not open websites but may ping if ip specified.


PING ( 56 data bytes

64 bytes from icmp_seq=0 ttl=118 time=186.436 ms

64 bytes from icmp_seq=1 ttl=118 time=467.009 ms


--- ping statistics ---

2 packets transmitted, 2 packets received, 0.0% packet loss

round-trip min/avg/max/stddev = 186.436/326.723/467.009/140.286 ms

dem@MacBook12 RTN14U % ping

ping: cannot resolve Unknown host

Current setup


shadowsocks-libev config according to github manual

Have removed inactive sections

root@OpenWrt:~# cat /etc/config/shadowsocks-libev

config ss_rules 'ss_rules'
	option src_default 'checkdst'
	list dst_ips_forward ''
	option redir_tcp 'ssr0'
	option redir_udp 'ssr0'
	option dst_default 'forward'
	option local_default 'forward'

config server 'sss0'
	option server 'my_server_ip'
	option server_port '6338'
	option password 'my_password'
	option method 'chacha20-ietf-poly1305'

config ss_tunnel
	option server 'sss0'
	option local_address ''
	option local_port '8053'
	option tunnel_address ''
	option mode 'tcp_and_udp'
	option disabled '0'

config ss_redir 'ssr0'
	option server 'sss0'
	option local_address ''
	option local_port '1100'
	option mode 'tcp_and_udp'
	option reuse_port '1'
	option disabled '0'

dhcp config

root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
        list server ''
	option noresolv '1'
	option localuse '1'
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/'
	option nonwildcard '1'
	option localservice '1'
	option ednspacket_max '1232'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'server'
	option ra 'server'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

Restarted dnsmasq and showsocks.

1 Like

I have exactly the same problem..

Same problem. No solution? Its look like a nat rule problem.

Same problem

This video helped me

Please press edit on ss_redir.ssr0 and ensure all tick boxes are off in the "Advanced Settings" tab.

I have only two fields that are populated: 1) mode of operation "tcp_and_udp" and

  1. Timeout (keep the same time as the others)

Also ensure SS_redir.hj is enabled and matches the configuration of ss_redir.ssr0.