From 300584bcafb866f9c74f9f79e6452875e1dd1fb5 Mon Sep 17 00:00:00 2001 From: yanglc Date: Wed, 30 Aug 2023 00:19:26 +0800 Subject: [PATCH] add ipv6 config --- wginstall.sh | 8 ++++++-- xbbox.sh | 4 ++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/wginstall.sh b/wginstall.sh index 22f673b..9c248fd 100644 --- a/wginstall.sh +++ b/wginstall.sh @@ -36,6 +36,10 @@ install_wireguard() { } generate_keys() { + echo 1 > /proc/sys/net/ipv4/ip_forward + #echo 1 > /proc/sys/net/ipv6/conf/all/forwarding + echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf + #echo "net.ipv6.conf.all.forwarding=1" >> /etc/sysctl.conf cd /etc/wireguard # 生成WireGuard私钥和公钥 echo "正在生成WireGuard私钥和公钥..." @@ -55,8 +59,8 @@ create_server_config() { echo "[Interface]" > /etc/wireguard/wg0.conf echo "PrivateKey = $(cat /etc/wireguard/privatekey)" >> /etc/wireguard/wg0.conf echo "Address = $server_internal_ip/24" >> /etc/wireguard/wg0.conf - echo "PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o $eth -j MASQUERADE" >> /etc/wireguard/wg0.conf - echo "PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o $eth -j MASQUERADE" >> /etc/wireguard/wg0.conf + echo "PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o $eth -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o $eth -j MASQUERADE" >> /etc/wireguard/wg0.conf + echo "PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o $eth -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o $eth -j MASQUERADE" >> /etc/wireguard/wg0.conf echo "ListenPort = $server_port" >> /etc/wireguard/wg0.conf echo "" >> /etc/wireguard/wg0.conf diff --git a/xbbox.sh b/xbbox.sh index 314796d..945c95f 100644 --- a/xbbox.sh +++ b/xbbox.sh @@ -55,7 +55,7 @@ check_system() { get_self_cert() { mkdir self - $INS install -y openssl + $INS install openssl -y # openssl genrsa -out self/1.key 2048 openssl ecparam -genkey -name prime256v1 -noout -out self/1.key # 生成CA证书 @@ -76,7 +76,7 @@ uninstall_self() { } install_docker() { - $INS install -y curl + $INS install curl -y curl -fsSL https://get.docker.com | sh }