搜索到
1
篇与
的结果
-
WireGuard的配置文件详解 记录一下wireguard的配置文件参数详解组成WireGuard 配置文件通常命名为 wg0.conf(接口名可自定义),分为 [Interface](本地配置)和 [Peer](对等节点配置)两部分。[Interface] 部分(本地配置)必需参数PrivateKey (必填)本地私钥,用于解密接收的数据生成命令:wg genkey示例:PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=Address (必填)这里的Address的代表的是本机的ip地址,也就是说是别的节点能通过这个Address去访问本机本地虚拟网络地址,可指定多个CIDR 格式(IPv4/IPv6)示例Address = 10.0.0.1/24 Address = 10.0.0.1/24, fd86:ea04:1115::1/64可选参数ListenPort (可选,默认随机)监听端口(UDP)示例:ListenPort = 51820MTU (可选,默认自动)最大传输单元示例:MTU = 1420DNS (可选)DNS 服务器地址示例:DNS = 1.1.1.1 DNS = 8.8.8.8, 8.8.4.4Table (可选)路由表规则值:auto (默认), off, 或数字示例:Table = 1234PreUp, PostUp (可选)接口启动前/后执行的脚本示例:PostUp = iptables -A FORWARD -i %i -j ACCEPTPreDown, PostDown (可选)接口关闭前/后执行的脚本示例:PreDown = iptables -D FORWARD -i %i -j ACCEPTSaveConfig (可选)运行时是否保存配置示例:SaveConfig = trueFwMark (可选)防火墙标记示例:FwMark = 0x1234[Peer] 部分(对等节点配置)必需参数PublicKey (必填)对等节点的公钥,用于加密发送的数据从对等节点的私钥生成:wg pubkey < private.key示例:PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=AllowedIPs (必填)这里的意思是发往AllowedIPs的流量走这个Endpoint,就是配置路由允许通过该对等节点路由的 IP 范围特殊值:0.0.0.0/0 表示全部流量示例:AllowedIPs = 10.0.0.2/32 AllowedIPs = 10.0.0.0/24, 192.168.1.0/24 AllowedIPs = 0.0.0.0/0 # 完整隧道可选参数Endpoint (可选,但至少一个节点需要)对等节点的公网地址和端口格式:IP或域名:端口示例:Endpoint = 203.0.113.1:51820PersistentKeepalive (可选)NAT 穿透保持连接间隔(秒)示例:PersistentKeepalive = 25PresharedKey (可选,增强安全性)预共享密钥,对称加密生成命令:wg genpsk示例:PresharedKey = /UwcSPg38hW/D9Y3tcS1FOV0K1wuURMbS0sesJEP5ak=完整配置文件示例服务器端配置 (wg0.conf)[Interface] # 服务器配置 Address = 10.0.0.1/24 ListenPort = 51820 PrivateKey = <server_private_key> # 可选配置 DNS = 8.8.8.8 MTU = 1420 # 防火墙规则 PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE [Peer] # 客户端1 PublicKey = <client1_public_key> AllowedIPs = 10.0.0.2/32 [Peer] # 客户端2 PublicKey = <client2_public_key> AllowedIPs = 10.0.0.3/32客户端配置 (wg0.conf)[Interface] # 客户端配置 Address = 10.0.0.2/24 PrivateKey = <client_private_key> DNS = 8.8.8.8 [Peer] # 服务器端 PublicKey = <server_public_key> Endpoint = server.example.com:51820 AllowedIPs = 0.0.0.0/0 PersistentKeepalive = 25
Warning: file_put_contents(/var/www/html/rss.xml): failed to open stream: Permission denied in /var/www/html/usr/plugins/CustomRSS/Plugin.php on line 149