Wireguard - 初始设置问题

2024-6-11 • tag-icon

我遵循了本手册： https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04

我已经走到了尽头，现在正在努力启动 wireguard 服务。

我希望有人能发现我自己没有发现的明显错误，或者引导我走向正确的方向。提前谢谢大家。

sudo systemctl enable [email protected]
Created symlink /etc/systemd/system/multi-user.target.wants/[email protected] → /lib/systemd/system/[email protected].

sudo systemctl start [email protected]
Job for [email protected] failed because the control process exited with error code.
See "systemctl status [email protected]" and "journalctl -xe" for details.

systemctl status [email protected]
● [email protected] - WireGuard via wg-quick(8) for wg0
     Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Wed 2023-08-30 11:07:58 CEST; 8s ago
       Docs: man:wg-quick(8)
             man:wg(8)
             https://www.wireguard.com/
             https://www.wireguard.com/quickstart/
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
    Process: 3165194 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=1/FAILURE)
   Main PID: 3165194 (code=exited, status=1/FAILURE)

systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
wg-quick[3165194]: [#] ip link add wg0 type wireguard
wg-quick[3165194]: [#] wg setconf wg0 /dev/fd/63
wg-quick[3165218]: Line unrecognized: `/etc/wireguard/wg0.conf'
wg-quick[3165218]: Configuration parsing error
wg-quick[3165194]: [#] ip link delete dev wg0
systemd[1]: [email protected]: Main process exited, code=exited, status=1/FAILURE
systemd[1]: [email protected]: Failed with result 'exit-code'.
systemd[1]: Failed to start WireGuard via wg-quick(8) for wg0.

我的 wg0.conf 如下所示：

  GNU nano 4.8                                                                /etc/wireguard/wg0.conf                                                                           
/etc/wireguard/wg0.conf
[Interface]
PrivateKey = XXXXXVvzMCDXXXXXXXXXqIcXXXXXXX=
Address = 10.8.0.1/24
ListenPort = 51830
SaveConfig = true

PostUp = ufw route allow in on wg0 out on enp3s0
PostUp = iptables -t nat -I POSTROUTING -o enp3s0 -j MASQUERADE
PreDown = ufw route delete allow in on wg0 out on enp3s0
PreDown = iptables -t nat -D POSTROUTING -o enp3s0 -j MASQUERADE

IP 路由列表默认值：

ip route list default

    Output: default via xx.xx.xx.xx dev enp3s0 proto static onlink

UFW 状态

sudo ufw 状态

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                  
80                         ALLOW       Anywhere                  
443                        ALLOW       Anywhere                  
51820/udp                  DENY        Anywhere                  
51830/udp                  ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)             
80 (v6)                    ALLOW       Anywhere (v6)             
443 (v6)                   ALLOW       Anywhere (v6)             
51820/udp (v6)             DENY        Anywhere (v6)             
51830/udp (v6)             ALLOW       Anywhere (v6)

答案1

我找到了解决方案——它实际上是文章下方文本中的一条评论。

答案1

相关内容