Wireguard

apt install wireguard -y

生成privateKey和publicKey

wg genkey | tee privatekey | wg pubkey > publickey

编辑 /etc/wireguard/wg0.conf

# Server
[Interface]
ListenPort = 1079
PrivateKey = <server privatekey>
Address = 192.168.0.2/24, fd23:23:23::2/64
# iptables 网关模式
PostUp = iptables -t nat -A POSTROUTING -j MASQUERADE; ip6tables -t nat -A POSTROUTING -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -j MASQUERADE; ip6tables -t nat -D POSTROUTING -j MASQUERADE
 
[Peer]
PublicKey = <client publickey>
AllowedIPs = 192.168.0.3/32, fd23:23:23::3/128
#Endpoint = <IP>:[PORT] # optional

# Client
[Interface]
ListenPort = 1079
PrivateKey = <client privatekey>
Address = 192.168.0.3/24, fd23:23:23::3/64
 
[Peer]
PublicKey = <server publickey>
AllowedIPs = 192.168.0.2/32, ::/0
Endpoint = <IP>:[PORT]

使用 wg-quick 启用/禁用

wg-quick up wg0

wg-quick down wg0

WSL

references:

https://github.com/microsoft/WSL/issues/7547

https://unix.stackexchange.com/questions/700620/run-wireguard-as-a-client-on-win10-with-wsl2

克隆wsl内核源码, 记得选择对应内核的branch

git clone --branch linux-msft-wsl-5.15.y --depth 1 https://github.com/microsoft/WSL2-Linux-Kernel.git
cd WSL2-Linux-Kernel

zcat /proc/config.gz > .config

sed -i 's/# CONFIG_NFT_FIB_IPV6 is not set/CONFIG_NFT_FIB_IPV6=y/g' .config
sed -i 's/# CONFIG_NFT_FIB_IPV4 is not set/CONFIG_NFT_FIB_IPV4=y/g' .config
sed -i 's/# CONFIG_NETFILTER_XT_MATCH_CONNMARK is not set/CONFIG_NETFILTER_XT_MATCH_CONNMARK=y/g' .config
sed -i 's/# CONFIG_CRYPTO_STREEBOG is not set/CONFIG_CRYPTO_STREEBOG=y/g' .config
sed -i 's/# CONFIG_CRYPTO_ECRDSA is not set/CONFIG_CRYPTO_ECRDSA=y/g' .config
 
yes "" | make -j 4

更新wsl内核文件

cp arch/x86_64/boot/bzImage /mnt/c/Users/<user>/bzImage

编辑 /mnt/c/Users/<user>/.wslconfig

[wsl2]
kernel=C:\\Users\\<user>\\bzImage

重启 wsl

wsl.exe --shutdown

Cloudflare Warp

https://github.com/P3TERX/warp.sh

Wireguard

WG-EASY 面板

Setup

WSL

Cloudflare Warp

On this page