本文配置的wireguard只是为了**(
1.安装 1 2 3 add-apt-repository ppa:wireguard/wireguard apt update apt install wireguard
2.创建配置文件(服务器) 1 2 3 4 5 6 mkdir ~/.wireguard cd ~/.wireguard/ wg genkey | tee pri1 | wg pubkey >pub1 #生成服务器私钥、公钥 wg genkey | tee pri2 | wg pubkey >pub2 #生成客户端私钥、公钥 chmod 600 pri1 chmod 600 pri2
创建wg0.conf文件:
服务器配置文件`/etc/wireguard/wg0.conf`
1 2 3 4 5 6 7 8 9 10 11 12 [Interface] PrivateKey = 服务器私钥 Address = 10.0.0.1/24 ListenPort = 54321 PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o ens17 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o ens17 -j MASQUERADE DNS = 8.8.8.8 MTU = 1420 [Peer] PublicKey = 客户端公钥 AllowedIPs = 10.0.0.2/24
还需要开启转发
1 2 echo 1 > /proc/sys/net/ipv4/ip_forward echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.confsysctl -p
3.启动 事实上中间运行时出了点问题,需要安装resolvconf
4.客户端配置 1 2 3 4 5 6 7 8 9 10 11 [Interface] PrivateKey = 客户端私钥 Address = 10.0.0.2/24 DNS = 8.8.8.8 MTU = 1420 [Peer] PublicKey = 服务器公钥 AllowedIPs = 0.0.0.0/0 Endpoint = 204.44.92.171:54321 PersistentKeepalive = 25
