|
|
@@ -85,15 +85,15 @@ cat <<EOF >wg0.conf
|
|
|
[Interface]
|
|
|
PrivateKey = $(cat sprivatekey)
|
|
|
Address = 10.0.0.1/24
|
|
|
-PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
|
|
-PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
|
|
+PostUp = iptables -I FORWARD -i wg0 -j ACCEPT; iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
|
|
|
+PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
|
|
|
ListenPort = $port
|
|
|
DNS = 8.8.8.8
|
|
|
MTU = $mtu
|
|
|
|
|
|
[Peer]
|
|
|
PublicKey = $(cat cpublickey)
|
|
|
-AllowedIPs = 10.0.0.0/32
|
|
|
+AllowedIPs = 10.0.0.188/32
|
|
|
|
|
|
EOF
|
|
|
|
|
|
@@ -153,7 +153,6 @@ fi
|
|
|
# 重启wg服务器
|
|
|
wg-quick down wg0
|
|
|
wg-quick up wg0
|
|
|
-wg
|
|
|
|
|
|
conf_url=http://${serverip}:8000
|
|
|
|
