forked from Nyr/wireguard-install
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathwireguard_ovz_ipv6.txt
71 lines (41 loc) · 2.39 KB
/
wireguard_ovz_ipv6.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#尝试加载内核模块
modprobe tun
#检查TUN模块加载是否正常
lsmod | grep tun
echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list && printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable && apt update
apt install wireguard-tools --no-install-recommends
cd /tmp && wget https://dl.google.com/go/go1.16.1.linux-amd64.tar.gz && tar zvxf go1.16.1.linux-amd64.tar.gz && mv go /opt/go1.16.1 && ln -s /opt/go1.16.1/bin/go /usr/local/bin/go
go version
apt install make
cd /usr/local/src && wget https://git.zx2c4.com/wireguard-go/snapshot/wireguard-go-0.0.20191012.tar.xz && tar xvf wireguard-go-0.0.20191012.tar.xz && cd wireguard-go-0.0.20191012
nano device/queueconstants_default.go
MaxSegmentSize = 1700
PreallocatedBuffersPerPool = 1024
make
cp wireguard-go /usr/local/bin
wireguard-go --version
wg genkey | tee private key | wg pubkey > publickey
`nano /lib/systemd/system/[email protected]`,add this line directly below: Environment=WG_ENDPOINT_RESOLUTION_RETRIES=infinity
Environment=WG_I_PREFER_BUGGY_USERSPACE_TO_POLISHED_KMOD=1
apt install openresolv (可选)
apt install resolvconf
ln -s /usr/bin/resolvectl /usr/local/bin/resolvconf (可选)
ln -sf /lib/systemd/system/systemd-resolved.service /etc/systemd/system/dbus-org.freedesktop.resolve1.service
cp /root/wg0.conf /etc/wireguard/wg0.conf
162.159.192.1:2408
[2606:4700:d0::a29f:c001]:2408
wg-quick up wg0
wg-quick down wg0
/etc/wireguard/wg0.conf
ifconfig 查看网卡名称
IPv4
PostUp = iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o venet0 -j MASQUERADE)
For IPv6, add these in /etc/wireguard/wg0.conf
PostUp = iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE; ip6tables -t nat -A POSTROUTING -o venet0 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o venet0 -j MASQUERADE; ip6tables -t nat -D POSTROUTING -o venet0 -j MASQUERADE
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o venet0 -j MASQUERADE
systemctl enable wg-quick@wg0
systemctl start wg-quick@wg0
wg