ubnt@ubnt:~$ sudo su
root@ubnt:/home/ubnt# wget https://www.qiwu.org/uploads/2016/07/shadowvpn.mipsel
root@ubnt:/home/ubnt# cp shadowvpn.mipsel /usr/sbin/shadowvpn
root@ubnt:/home/ubnt# chmod +x /usr/sbin/shadowvpn
root@ubnt:/home/ubnt# touch /etc/init.d/shadowvpn

#!/bin/sh

### BEGIN INIT INFO
# Provides:          ShadowVPN
# Required-Start:    $network $local_fs
# Required-Stop:
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: ShadowVPN is a fast, safe VPN based on libsodium.
### END INIT INFO

case "$1" in
  start)
	/usr/sbin/shadowvpn -c /etc/shadowvpn/client.conf -s start
	echo 'start ShadowVPN [ok]'
	;;
  stop)
	/usr/sbin/shadowvpn -c /etc/shadowvpn/client.conf -s stop
	echo 'stop ShadowVPN [ok]'
	;;
  *)
	echo "Usage: $0 {start|stop}"
	exit 1
	;;
esac

exit 0

root@ubnt:/home/ubnt# chmod +x /etc/init.d/shadowvpn
root@ubnt:/home/ubnt# mkdir /etc/shadowvpn
root@ubnt:/home/ubnt# touch /etc/shadowvpn/client.conf

server=xxx.xxx.xxx.xxx
port=12345
password=xxx
user_token=xxx
mode=client
net=10.7.0.2/24
mtu=1400
intf=tun0
up=/etc/shadowvpn/client_up.sh
down=/etc/shadowvpn/client_down.sh
pidfile=/var/run/shadowvpn.pid
logfile=/var/log/shadowvpn.log

root@ubnt:/home/ubnt# touch /etc/shadowvpn/client_up.sh

#!/bin/sh

ip addr add $net dev $intf
ip link set $intf mtu $mtu
ip link set $intf up
gateway=$(ip route show 0/0 | sed -e 's/.* dev \([^ ]*\).*/\1/')
ip route add $server dev $gateway
ip route add 8.8.8.8 dev $intf
cp -f /etc/shadowvpn/gfwlist.conf /etc/dnsmasq.d/gfwlist.conf
/etc/init.d/dnsmasq restart

root@ubnt:/home/ubnt# chmod +x /etc/shadowvpn/client_up.sh
root@ubnt:/home/ubnt# touch /etc/shadowvpn/client_down.sh

#!/bin/sh

ip route del 8.8.8.8
ip route del $server
rm -f /etc/dnsmasq.d/gfwlist.conf
/etc/init.d/dnsmasq restart

root@ubnt:/home/ubnt# chmod +x /etc/shadowvpn/client_down.sh
root@ubnt:/home/ubnt# touch /etc/shadowvpn/gfwlist.conf

server=/goole.com/8.8.8.8
ipset=/google.com/GFWv4

root@ubnt:/home/ubnt# update-rc.d shadowvpn defaults
root@ubnt:/home/ubnt# /etc/init.d/shadowvpn start
root@ubnt:/home/ubnt# configure
root@ubnt# set protocols static table 1 interface-route 0.0.0.0/0 next-hop-interface tun0
root@ubnt# set service nat rule 5012 type masquerade
root@ubnt# set service nat rule 5012 outbound-interface tun0
root@ubnt# set firewall group address-group GFWv4
root@ubnt# set firewall modify Auto-VPN rule 10 action modify 
root@ubnt# set firewall modify Auto-VPN rule 10 destination group address-group GFWv4 
root@ubnt# set firewall modify Auto-VPN rule 10 modify table 1
root@ubnt# set firewall modify Auto-VPN rule 10 protocol all
root@ubnt# set interfaces switch switch0 firewall in modify Auto-VPN
root@ubnt# commit
root@ubnt# save
root@ubnt# exit