快速创建wireguard
防火墙权限
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo "net.ipv4.conf.all.proxy_arp = 1" >> /etc/sysctl.conf
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT
iptables -A FORWARD -i wg0 -j ACCEPT
iptables -A FORWARD -o wg0 -j ACCEPT
#防火墙相关权限相关docker部署文件
docker-compose.yml
version: "3.8"
services:
wg-easy:
environment:
# ⚠️ Required:
# Change this to your host's public address
- WG_HOST=
# Optional:
- PASSWORD=admin12345
- WG_PORT=51820
- WG_DEFAULT_DNS=192.168.10.5
- WG_MTU=1420
- WG_ALLOWED_IPS=192.168.10.0/24
- WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
- WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
- WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
- WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
image: weejewel/wg-easy
container_name: wg-easy
volumes:
- /home/docker/wireguard/configs:/etc/wireguard
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
network_mode: host 本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自 孔昊天的折腾日记!
评论