armbian刷入过程就不再赘述了，看教程请移步小破站固件下载请移步a8ez

安装clash

mkdir clash
cd clash
wget https://github.com/Dreamacro/clash/releases/download/v1.2.0/clash-linux-armv7-v1.2.0.gz
gzip clash-linux-armv7-v1.2.0.gz
mv clash-linux-armv7-v1.2.0 clash
chmod +x clash

下载clash的dashboard

wget https://github.com/haishanh/yacd/archive/gh-pages.zip
unzip gh-pages.zip
mv yacd-gh-pages/ dashboard/

clash 配置文件config.yaml或者参考神机规则

# HTTP 端口
port: 7890
# SOCKS5 端口
socks-port: 7891
allow-lan: true
bind-address: "*"
ipv6: false
mode: rule
# 设置日志等级 (默认为 info)
# info / warning / error / debug / silent
log-level: silent
# RESTful API for clash
external-controller: 0.0.0.0:9090
experimental:
  ignore-resolve-fail: true # ignore dns resolve fail, default value is true
redir-port: 7892
secret: "123456"
external-ui: "/root/clash/dashboard"
hosts:
dns:
  use-hosts: true
  enable: true
  ipv6: false
  enhanced-mode: redir-host
  listen: 0.0.0.0:53
  nameserver:
  - 114.114.114.114
  - 119.29.29.29
  - https://doh.rixcloud.dev/dns-query
  fallback:
  - https://cloudflare-dns.com/dns-query
  - https://dns.google/dns-query
  - https://1.1.1.1/dns-query
  - tls://8.8.8.8:853
  fallback-filter:
    geoip: true
    ipcidr:
      - 0.0.0.0/8
      - 10.0.0.0/8
      - 100.64.0.0/10
      - 127.0.0.0/8
      - 169.254.0.0/16
      - 172.16.0.0/12
      - 192.0.0.0/24
      - 192.0.2.0/24
      - 192.88.99.0/24
      - 192.168.0.0/16
      - 198.18.0.0/15
      - 198.51.100.0/24
      - 203.0.113.0/24
      - 224.0.0.0/4
      - 240.0.0.0/4
      - 255.255.255.255/32

配置流量转发

vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
sysctl -p #修改生效

配置系统iptables

iptables -t nat -N clash
iptables -t nat -A clash -d 0.0.0.0/8 -j RETURN
iptables -t nat -A clash -d 10.0.0.0/8 -j RETURN
iptables -t nat -A clash -d 127.0.0.0/8 -j RETURN
iptables -t nat -A clash -d 169.254.0.0/16 -j RETURN
iptables -t nat -A clash -d 172.16.0.0/12 -j RETURN
iptables -t nat -A clash -d 192.168.0.0/16 -j RETURN
iptables -t nat -A clash -d 224.0.0.0/4 -j RETURN
iptables -t nat -A clash -d 240.0.0.0/4 -j RETURN
iptables -t nat -A clash -p tcp -j REDIRECT --to-port 7892
iptables -t nat -A PREROUTING -p tcp -j clash

iptables设置重启会消失，可以把内容放在/etc/rc.local中或者使用 netfilter-persistent save命令保存

启动clash

/root/clash/clash -f /root/clash/config.yaml

此处可以选择supervisor或者service进行服务托管，具体操作就不再讲了