我遇到了 wireguard 问题。我有一个基于 debian 的 VPS 和一个 Manjaro 客户端。这是我/etc/wireguard/wg0.conf的服务器:
[Interface]
Address = 10.0.0.1/24
ListenPort = 194
PrivateKey = <ServerPrivateKey>
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
PublicKey = <ClientPublicKey>
AllowedIPs = 10.0.0.2/32
以下是我/etc/wireguard/wg0.conf的一位客户的情况:
[Interface]
Address = 10.0.0.2/32
PrivateKey = <ClientPrivateKey>
[Peer]
PublicKey = <ServerPublicKey>
Endpoint = <ServerIP>:194
AllowedIPs = 0.0.0.0/0, ::/0
这是我的ufw status输出:
Status: active
To Action From
-- ------ ----
22 ALLOW Anywhere
443 ALLOW Anywhere
80 ALLOW Anywhere
143 ALLOW Anywhere
993 ALLOW Anywhere
51820 ALLOW Anywhere
IMAPS ALLOW Anywhere
POP3 ALLOW Anywhere
SMTP ALLOW Anywhere
194 ALLOW Anywhere
22 (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
143 (v6) ALLOW Anywhere (v6)
993 (v6) ALLOW Anywhere (v6)
51820 (v6) ALLOW Anywhere (v6)
IMAPS (v6) ALLOW Anywhere (v6)
POP3 (v6) ALLOW Anywhere (v6)
SMTP (v6) ALLOW Anywhere (v6)
194 (v6) ALLOW Anywhere (v6)
这是我的lsmod | grep wireguard输出:
wireguard 94208 0
curve25519_x86_64 36864 1 wireguard
libchacha20poly1305 16384 1 wireguard
ip6_udp_tunnel 16384 1 wireguard
udp_tunnel 20480 1 wireguard
libcurve25519_generic 49152 2 curve25519_x86_64,wireguard
之后wg-quick up wg0,wg-quick down wg0我在服务器上收到此错误:
wg-quick: `wg0' is not a WireGuard interface
我确信错误出在我这边。但我错在哪里?
答案1
PostUp通过编写不同的和PostDown命令、将接口从 更改eth0为ens3以及将端口更改为默认的 wireguard(194 被另一项服务使用)来解决了这个问题。
答案2
对我来说,我只需将配置文件重命名为更短的名称即可。错误消息没有什么用,例如:
# wg-quick up my-cool-vpn-name
wg-quick: `my-cool-vpn-name` does not exist
# mv my-cool-vpn-name.conf cool.conf
# wg-quick up cool
... all ok
我认为长度限制是从 Linux 和一些设备名称长度限制继承的。