WireGuar安装及配置

官网

https://www.wireguard.com/

安装

apt-get update
apt-get install wireguard iptables

服务端配置

cd /etc/wireguard/
umask 077
wg genkey | tee private.key | wg pubkey > public.key
vim wg0.conf

[Interface]
PrivateKey = 私钥
ListenPort = 端口号
Address = 地址/24
PostUp   = iptables -t nat -A POSTROUTING -o 出去端口 -s 地址/24 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o 出去端口 -s 地址/24 -j MASQUERADE

[Peer]
PublicKey = 客户端公钥
AllowedIPS = 客户端IP/32

[Peer]
PublicKey = 客户端公钥
AllowedIPS = 客户端IP/32

客户端配置(以windows为例)

[Interface]
PrivateKey = 私钥
Address = 地址/24

[Peer]
PublicKey = 服务端公钥
AllowedIPs = 地址域/24 # 这些地址访问服务器
Endpoint = 服务端地址:端口号
#PersistentKeepalive = 25

开启

wg-quick up wg0
systemctl enable wg-quick@wg0

开启IPv4转发

sysctl -w net.ipv4.ip_forward=1
vim /etc/sysctl.conf

net.ipv4.ip_forward = 1

posted @ 2022-11-14 16:29  源世  阅读(163)  评论(0编辑  收藏  举报