WireGuard 编译安装

WireGuard 编译安装

WireGuard是一种实现加密虚拟专用网络(VPN) 的通信协议和免费开源软件。

系统环境：Centos7.9 3.10.0-1160

1. 系统环境配置

• 关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

• 关闭selinux

sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0

• 开启内核转发

grep 'net.ipv4.ip_forward = 1' /etc/sysctl.conf || echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
sysctl -p

• 配置时间同步

yum -y install chrony

vim /etc/chrony.conf
server  ntp.aliyun.com iburst
server  ntp1.aliyun.com iburst

allow 0.0.0.0/0

# 启动服务
systemctl start chronyd
systemctl enable chronyd

2. 源码安装

系统内核版本说明：

• Linux kernel >= 5.6，已集成WireGuard模块
• Linux kernel >= 3.10.0-1160 <= 5.5，需要安装模块

# yum安装依赖
yum install make gcc wget xz pkgconfig iptables elfutils-libelf-devel kernel-devel-$(uname -r) kernel-headers-$(uname -r)

# 下载源代码
wget