config globals 'globals'
config interface 'lan'
option type 'bridge'
option ifname 'eth1 eth2 eth3'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.8.108'
option gateway '192.168.8.1'
option dns '192.168.8.1'
config interface 'wan'
option ifname 'eth0'
option proto 'dhcp'
config interface 'wan6'
option ifname 'eth0'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
config interface 'lan6'
option proto 'dhcpv6'
option ifname '@lan'
option reqaddress 'try'
option reqprefix 'auto'
option clientid 'cafe:0108'
config interface 'wgs0'
option proto 'wireguard'
option private_key 'PRIVKEY'
option listen_port '1380'
list addresses '10.7.0.1/16'
list addresses 'fda7::1/64'
config wireguard_wgs0 '1005'
option public_key 'PUBKEY'
list allowed_ips '10.7.10.5/32'
list allowed_ips 'fda7::1005/128'
option route_allowed_ips '1'
#!/bin/bash
IPT="/usr/sbin/iptables"
IPT6="/usr/sbin/ip6tables"
IN_FACE="br-lan" # NIC connected to the internet
IN_FACE6="br-lan" # NIC connected to the internet
WG_FACE="wgs0" # WG NIC
SUB_NET="10.7.0.0/16" # WG IPv4 sub/net aka CIDR
WG_PORT="1380" # WG udp port
SUB_NET_6="fda7::/64" # WG IPv6 sub/net
## IPv4 ##
$IPT -t nat -I POSTROUTING 1 -s $SUB_NET -o $IN_FACE -j MASQUERADE
$IPT -I INPUT 1 -i $WG_FACE -j ACCEPT
$IPT -I FORWARD 1 -i $IN_FACE -o $WG_FACE -j ACCEPT
$IPT -I FORWARD 1 -i $WG_FACE -o $IN_FACE -j ACCEPT
$IPT -I INPUT 1 -i $IN_FACE -p udp --dport $WG_PORT -j ACCEPT
## IPv6 ##
$IPT6 -t nat -I POSTROUTING 1 -s $SUB_NET_6 -o $IN_FACE6 -j MASQUERADE
$IPT6 -I INPUT 1 -i $WG_FACE -j ACCEPT
$IPT6 -I FORWARD 1 -i $IN_FACE6 -o $WG_FACE -j ACCEPT
$IPT6 -I FORWARD 1 -i $WG_FACE -o $IN_FACE6 -j ACCEPT
$IPT6 -I INPUT 1 -i $IN_FACE6 -p udp --dport $WG_PORT -j ACCEPT
请问是什么原因?哪里可能存在问题?
谢谢!
这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。
V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。
V2EX is a community of developers, designers and creative people.