42 lines
1.3 KiB
Markdown
42 lines
1.3 KiB
Markdown
# 转发(forwarding) WireGuard 连接
|
||
|
||
## Windows
|
||
|
||
1. 中心节点转发 (hub forwarding)
|
||
2. 站点网关 (site gateway)
|
||
3. 点到站伪装 (point to site masquerading)
|
||
4. 点到站端口转发 (point to site forwarding)
|
||
|
||
## 中心节点转发
|
||
|
||
查看 Windows 网络接口的转发状态,PowerShell 下执行如下指令:
|
||
|
||
```code
|
||
PS> Get-NetIPInterface | Select IfIndex,InterfaceAlias,AddressFamily,ConnectionState,Forwarding | Sort-Object -Property IfIndex | Format-Table
|
||
```
|
||
|
||
以网络接口名称 wg0 为例,启用转发命令如下,这个指令同时启用 IPV4 和 IPV6 转发:
|
||
|
||
```code
|
||
PS> Set-NetIPInterface -InterfaceAlias wg0 -Forwarding Enabled
|
||
```
|
||
|
||
也可以用如下指令单独启用转发:
|
||
|
||
```code
|
||
> netsh interface ipv4 set interface wg0 forwarding=enabled
|
||
> netsh interface ipv6 set interface wg0 forwarding=enabled
|
||
```
|
||
|
||
对等的 linux 指令如下:
|
||
|
||
```code
|
||
# sysctl -w net.ipv4.conf.wg0.forwarding=1
|
||
# sysctl -w net.ipv6.conf.wg0.forwarding=1
|
||
```
|
||
|
||
## 站点网关
|
||
|
||
启用 WireGuard 站点网关的包转发比中心节点稍微复杂一点,除了 WireGuard 接口 (wg0) 外,还需要启用站点对应的网络适配器接口 (通常为 Ethernet)
|
||
|
||
此外,还需要更新局域网路由器的路由表,用于将内网其他终端路由到 WireGuard 主机上 |