{"id":316210,"date":"2021-02-03T15:50:14","date_gmt":"2021-02-03T07:50:14","guid":{"rendered":"http:\/\/4563.org\/?p=316210"},"modified":"2021-02-03T15:50:14","modified_gmt":"2021-02-03T07:50:14","slug":"%e8%af%b7%e9%97%ae-3-%e5%8f%b0%e4%b8%bb%e6%9c%ba%e7%94%a8-wireguard-%e6%80%8e%e4%b9%88%e7%bb%84%e6%88%90%e5%86%85%e7%bd%91%ef%bc%9f","status":"publish","type":"post","link":"http:\/\/4563.org\/?p=316210","title":{"rendered":"\u8bf7\u95ee 3 \u53f0\u4e3b\u673a\u7528 wireguard \u600e\u4e48\u7ec4\u6210\u5185\u7f51\uff1f"},"content":{"rendered":"<div>\n<div>\n<div>\n<h1>                  \u8bf7\u95ee 3 \u53f0\u4e3b\u673a\u7528 wireguard \u600e\u4e48\u7ec4\u6210\u5185\u7f51\uff1f               <\/h1>\n<p> <\/p>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : Huelse <\/span>  <span><i><\/i> 6<\/span> <\/div>\n<div> <\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div isfirst=\"1\"> <\/p>\n<p>\u6211\u60f3\u8981 3 \u53f0\u4e3b\u673a\u7ec4\u6210\u5185\u7f51\uff0cwg0.conf \u5206\u522b\u914d\u7f6e\u5982\u4e0b\uff1a<\/p>\n<p>\u516c\u7f51\u4e3b\u673a(\u5047\u8bbe ip 1.2.3.4):<\/p>\n<pre><code>[Interface] Address = 192.168.100.1\/24 ListenPort = 12345 PrivateKey = abc  # Win \u7b14\u8bb0\u672c [Peer] PublicKey = t++ AllowedIPs = 192.168.100.2\/32  # unraid [Peer] PublicKey = eEm AllowedIPs = 192.168.100.3\/32 <\/code><\/pre>\n<p>Win \u7b14\u8bb0\u672c:<\/p>\n<pre><code>[Interface] PrivateKey = cba Address = 192.168.100.2\/32  [Peer] PublicKey = F2H AllowedIPs = 192.168.100.0\/24 Endpoint = 1.2.3.4:12345 <\/code><\/pre>\n<p>unraid:<\/p>\n<pre><code>[Interface] PrivateKey=bac Address=192.168.100.3\/32 # \u4e0b\u9762\u662f\u81ea\u52a8\u751f\u6210\u7684 ListenPort=51820 PostUp=logger -t wireguard 'Tunnel WireGuard-wg0 started' PostUp=iptables -t nat -A POSTROUTING -s 192.168.100.0\/24 -o br0 -j MASQUERADE PostDown=logger -t wireguard 'Tunnel WireGuard-wg0 stopped' PostDown=iptables -t nat -D POSTROUTING -s 192.168.100.0\/24 -o br0 -j MASQUERADE  [Peer] #unraid PublicKey=F2H Endpoint=1.2.3.4:12345 AllowedIPs=192.168.100.0\/24 <\/code><\/pre>\n<p>\u6700\u7ec8\u6548\u679c\u662f\u6211\u7684\u7b14\u8bb0\u672c\u80fd Ping \u901a\u516c\u7f51\u4e3b\u673a\u5185\u7684\u670d\u52a1\uff0c\u7aef\u53e3\u8bbf\u95ee\u90fd\u53ef\u4ee5\u7b49\uff0c\u53e6\u4e00\u8fb9 unraid \u7684\u4e5f\u53ef\u4ee5 ping \u901a\u516c\u7f51\u4e3b\u673a\uff08 ping 192.168.100.1 \uff09\uff0ckey \u7b49\u9690\u79c1\u4fe1\u606f\u5df2\u7b80\u5316\u3002<\/p>\n<p>\u4f46\u6700\u4e3b\u8981\u7684\u7b14\u8bb0\u672c\u8bbf\u95ee unraid \u5374\u59cb\u7ec8\u4e0d\u884c(\u4f8b\u5982\u7b14\u8bb0\u672c\u4e0a ping 192.168.100.3)\uff0c\u8bf7\u6559\u4e0b\u5404\u4f4d\u600e\u4e48\u64cd\u4f5c\uff0c\u8c22\u8c22\uff01<\/p>\n<\/p><\/div>\n<div> <b>\u5927\u4f6c\u6709\u8a71\u8aaa<\/b> (<span>4<\/span>)        <\/div>\n<div> <\/div>\n<\/p><\/div>\n<\/p><\/div>\n<ul>\n<li data-pid=\"5059822\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : jasonyang9 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             3 \u4e2a\u8282\u70b9\u4e0a\u7684`wg`\u8f93\u51fa\u8d34\u4e00\u4e0b\uff0c\u6700\u597d\u5e26\u5404\u81ea\u7684\u9632\u706b\u5899\u4fe1\u606f\u3002<\/p>\n<p>`unraid`\u4e0a\u7528`iptables`\u505a\u4e86 SNAT\uff0c\u4f46\u6ca1\u6709\u5141\u8bb8\u8f6c\u53d1\uff0c\u6bd4\u8f83\u5947\u602a\u3002\u5b83\u9700\u8981\u8f6c\u53d1\u548c\u505a MASQ \u4e48\uff1f<\/p>\n<p>\u9664\u6b64\u4e4b\u5916\u6ca1\u6709\u660e\u663e\u7684\u95ee\u9898\u3002<\/p>\n<p>\u4f60\u60f3\u7528 WG \u7684\u865a\u62df\u7f51\u7edc\u5730\u5740\uff0c192.168.100.3 \u6765\u8bbf\u95ee`unraid`\u4e0a\u7684\u670d\u52a1\u4e48\uff1f                                                            <\/p><\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"5059823\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u4e3b<\/span> <span>\u8cc7\u6df1\u5927\u4f6c : Huelse <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             @jasonyang9 #1 <br \/>\u662f\u7684\uff0c\u6bd4\u5982 http:\/\/192.168.100.3:12345\uff0c\u4e24\u8005\u90fd\u80fd ping \u901a\u516c\u7f51\u4e3b\u673a\uff0c\u4f46\u76f8\u4e92\u6709\u65f6\u4e0d\u80fd ping\uff0c\u4f1a\u51fa\u6545\u969c<br \/>win10: https:\/\/sm.ms\/image\/pPm9GXgTQ4FKU8R<br \/>unraid: https:\/\/sm.ms\/image\/ZOziFlunQVqvb4R<br \/>server: https:\/\/sm.ms\/image\/eWDKx6UMmybSjOd<br \/>server \u7684 iptables \u5c31\u8fd9\u6837\uff1a<br \/>&#8220;`<br \/>ACCEPT tcp &#8212; anywhere anywhere tcp dpt:43155<br \/>ACCEPT udp &#8212; anywhere anywhere udp dpt:43155<br \/>&#8220;`<br \/>server \u548c unraid \u90fd\u6709\u8bbe\u7f6e`net.ipv4.ip_forward=1`\uff0c\u53ef\u80fd\u662f iptables \u7684\u914d\u7f6e\u95ee\u9898\uff1f                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"5059824\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : jasonyang9 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             \u6709\u70b9\u5947\u602a\uff0c`server`\u4e3a\u4ec0\u4e48\u662f\u8fde\u5230`unraid`\u7684 51820 \u7684\uff0c`unraid`\u7684 ListenPort=51820 \u53bb\u6389\u8bd5\u8bd5\u3002<br \/>\u53e6\u5916\u4ece`server`\u4e0a\u770b\u5230 latest handshake \u662f 4 \u5929\u524d\u7684\uff0c\u6700\u8fd1\u6ca1\u8fde\u4e0a\u3002<\/p>\n<p>`win10`\u548c`unraid`\u4e0a\u90fd\u52a0\u4e00\u4e2a\u4fdd\u6d3b\u7684\u9009\u9879\u8bd5\u8bd5\u3002<\/p>\n<p>\u5176\u5b83\u6ca1\u4ed4\u7ec6\u770b\u3002                                                            <\/p><\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"5059825\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u4e3b<\/span> <span>\u8cc7\u6df1\u5927\u4f6c : Huelse <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             @jasonyang9 #3 \u76f2\u731c\u9700\u8981\u5728 unraid \u548c\u6211\u7684\u7535\u8111\u4e0a\u90fd\u52a0\u4e0a\u5bf9\u65b9\u7684 peer\uff0c\u6211\u5148\u8bd5\u8bd5\u770b                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li>\n","protected":false},"excerpt":{"rendered":"<p>\u8bf7\u95ee 3 \u53f0\u4e3b\u673a\u7528 wiregua&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[],"_links":{"self":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/316210"}],"collection":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=316210"}],"version-history":[{"count":0,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/316210\/revisions"}],"wp:attachment":[{"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=316210"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=316210"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=316210"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}