我有两台具有动态/NAT 后 IP 地址的 Linux 笔记本电脑A( 10.0.0.2) 和B( ),它们使用静态 IP 地址10.0.0.3连接到同一个wireguard 服务器/端点 ( S( ))。10.0.0.1
如何将互联网流量从客户端 A( 10.0.0.2) 路由到客户端 B( 10.0.0.3)?我可以单独使用wireguard 配置或iptables 来做到这一点吗?
客户端A配置
[Interface]
PrivateKey = oBkg
Address = 10.0.0.2/32
DNS = 8.8.8.8
[Peer]
PublicKey = ZnD
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = 54.87.125.111:51820
PersistentKeepalive = 15
[Peer]
PublicKey = 3baQ
PersistentKeepalive = 15
客户端B配置
[Interface]
PrivateKey = kBaMmx
Address = 10.0.0.3/32
DNS = 8.8.8.8
[Peer]
PublicKey = ZnD/WMx0k
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = 54.87.125.111:51820
PersistentKeepalive = 5
[Peer]
PublicKey = IVZrsrnYXXXXXXX
PersistentKeepalive = 5
服务器S配置
[Interface]
#DNS = 8.8.8.8
## Private IP address for the wg0 interface ##
Address = 10.0.0.1
## VPN server listening port ##
ListenPort = 51820
## VPN server private key ##
PrivateKey = mPIoXXXXXX
## Firewall rules ##
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
AllowedIPs = 10.0.0.3
PublicKey = 3baQl
[Peer]
PublicKey = IVZrsrnYXXXX
AllowedIPs = 10.0.0.2
编辑
这是最低配置,但随着网络的增长,我将拥有多对对等点,例如 A 和 B (例如,对等点C 希望通过对等点处理其流量D)