当我在 macOS 10.15.4 中使用此命令启动 Wireguard 时:
/usr/local/etc/wireguard ⌚ 10:01:28
$ wg-quick up wg0
Warning: `/usr/local/etc/wireguard/wg0.conf' is world accessible
[#] wireguard-go utun
INFO: (utun4) 2020/04/26 10:01:33 Starting wireguard-go version 0.0.20200121
[+] Interface for wg0 is utun4
[#] wg setconf utun4 /dev/fd/63
[#] ifconfig utun4 inet 10.0.0.2/32 10.0.0.2 alias
[#] ifconfig utun4 mtu 1020
[#] ifconfig utun4 up
[#] route -q -n add -inet6 ::/1 -interface utun4
route: writing to routing socket: Network is unreachable
[#] route -q -n add -inet6 8000::/1 -interface utun4
route: writing to routing socket: Network is unreachable
[#] route -q -n add -inet 0.0.0.0/1 -interface utun4
[#] route -q -n add -inet 128.0.0.0/1 -interface utun4
[#] route -q -n add -inet 121.196.199.223 -gateway 192.168.50.1
[+] Backgrounding route monitor
但是当我 ping 时stackoverflow.com,没有响应,我的 mac 无法访问互联网。
/usr/local/etc/wireguard ⌚ 10:10:08
$ ping 151.101.1.69
PING 151.101.1.69 (151.101.1.69): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5
Request timeout for icmp_seq 6
Request timeout for icmp_seq 7
Request timeout for icmp_seq 8
但是使用 ip 和 ssh 机器 sshroot@ip可以成功访问。这是我的客户端配置:
[Interface]
PrivateKey = <client-privatekey>
Address = 10.0.0.2/32
MTU = 1020
[Peer]
PublicKey = <server-publickey>
Endpoint = 11.193.192.223:7456
AllowedIPs = 0.0.0.0/0, ::0/0
PersistentKeepalive = 25
这是我的服务器端配置:
[root@izbp19pke6x0v6ruecuy1yz 线卫]# cat wg0.conf
[Interface]
PrivateKey = <server-privatekey>
Address = 10.0.0.1/24
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 7456
[Peer]
PublicKey = b3rP/aN53ZY7IwzOWyxfxLEw7atwS2GpFe0kLchHhk4
AllowedIPs = 10.0.0.2/32
我应该怎么做才能让它工作?