# Wireguard VPN ## Update Linux内核 elrepo源 ``` // for centos 7 yum install https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm // for centos 8 yum install https://www.elrepo.org/elrepo-release-8.el8.elrepo.noarch.rpm ``` 更新内核 ``` yum -y --enablerepo=elrepo-kernel install kernel-ml sed -i "s/GRUB_DEFAULT=saved/GRUB_DEFAULT=0/" /etc/default/grub grub2-mkconfig -o /boot/grub2/grub.cfg reboot uname -a ``` ## wg0接口配置工具 ``` git clone https://github.com/WireGuard/wireguard-tools cd wireguard-tools/src make make install ``` ## 其他配置 开启内核转发,net.ipv4.ip\_forward = 1 {% tabs %} {% tab title="sysctl.conf" %} ``` net.ipv4.ip_forward = 1 # bbr net.core.default_qdisc=fq net.ipv4.tcp_congestion_control=bbr ``` {% endtab %} {% endtabs %} ifconfig参看网卡信息,修改ens160 {% tabs %} {% tab title="wg0.conf" %} ``` [Interface] PrivateKey = Address = 10.0.1.1/24 PostUp = iptables -I FORWARD -i wg0 -j ACCEPT; iptables -I FORWARD -o wg0 -j ACCEPT; iptables -t nat -I POSTROUTING -o ens160 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o ens160 -j MASQUERADE ListenPort = 443 MTU = 1420 [PEER] PUBLICKEY = ALLOWEDIPS = 10.0.1.10/32 ``` {% endtab %} {% endtabs %} vi /etc/sysconfig/iptables, delete下面一行,允许Forward链数据转发。 ``` -A FORWARD -j REJECT --reject-with icmp-host-prohibited ``` ### [reference](https://www.wireguard.com/install/) ### --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://vps.gitbook.io/discount/pubglite-jia-su-dai-li-shi-xian.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.