WireGuar安装及配置
官网
安装
apt-get update
apt-get install wireguard iptables
服务端配置
cd /etc/wireguard/
umask 077
wg genkey | tee private.key | wg pubkey > public.key
vim wg0.conf
[Interface]
PrivateKey = 私钥
ListenPort = 端口号
Address = 地址/24
PostUp = iptables -t nat -A POSTROUTING -o 出去端口 -s 地址/24 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o 出去端口 -s 地址/24 -j MASQUERADE
[Peer]
PublicKey = 客户端公钥
AllowedIPS = 客户端IP/32
[Peer]
PublicKey = 客户端公钥
AllowedIPS = 客户端IP/32
客户端配置(以windows为例)
[Interface]
PrivateKey = 私钥
Address = 地址/24
[Peer]
PublicKey = 服务端公钥
AllowedIPs = 地址域/24 # 这些地址访问服务器
Endpoint = 服务端地址:端口号
#PersistentKeepalive = 25
开启
wg-quick up wg0
systemctl enable wg-quick@wg0
开启IPv4转发
sysctl -w net.ipv4.ip_forward=1
vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
Mac OS 开机启动
sudo vim /Library/LaunchDaemons/com.wireguard.wg0.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.wireguard.wg0</string>
<key>ProgramArguments</key>
<array>
<string>/usr/local/bin/wg-quick</string>
<string>up</string>
<string>wg0</string>
</array>
<key>EnvironmentVariables</key>
<dict>
<key>PATH</key>
<string>/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin</string>
</dict>
<key>KeepAlive</key>
<dict>
<key>NetworkState</key>
<true/>
<key>SuccessfulExit</key>
<false/>
</dict>
<key>RunAtLoad</key>
<true/>
<key>StandardErrorPath</key>
<string>/tmp/com.wireguard.wg0.log</string>
<key>StandardOutPath</key>
<string>/tmp/com.wireguard.wg0.log</string>
</dict>
</plist>
使能
sudo launchctl enable system/com.wireguard.wg0
启动
sudo launchctl bootstrap system /Library/LaunchDaemons/com.wireguard.wg0.plist
停止
sudo launchctl bootout system /Library/LaunchDaemons/com.wireguard.wg0.plist
本文来自博客园,作者:源世,转载请注明原文链接:https://www.cnblogs.com/jsxzhub/p/16889161.html
浙公网安备 33010602011771号