freebsd:tinc
no way to compare when less than two revisions
差别
这里会显示出您选择的修订版和当前版本之间的差别。
前一修订版 | |||
— | freebsd:tinc [2021/08/18 11:13] (当前版本) – [启动] Hshh | ||
---|---|---|---|
行 1: | 行 1: | ||
+ | ====== Tinc for FreeBSD ====== | ||
+ | 由于OpenVPN到国外的连通性出现问题后, | ||
+ | |||
+ | Ports里面的Tinc是只有Stable版本, | ||
+ | 需要依赖openssl和lzo, | ||
+ | ./configure --prefix=/ | ||
+ | make all install | ||
+ | 以上简略带过. | ||
+ | |||
+ | ==== 服务端 ==== | ||
+ | |||
+ | 安装好后的tinc在/ | ||
+ | 执行以下命令为服务器生成密钥 | ||
+ | < | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | 配置文件在/ | ||
+ | 编辑tinc.conf | ||
+ | < | ||
+ | Name = server | ||
+ | Device = /dev/tun10 | ||
+ | TunnelServer = yes | ||
+ | </ | ||
+ | |||
+ | 编辑tinc-up | ||
+ | < | ||
+ | #!/bin/sh | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | 编辑hosts/ | ||
+ | < | ||
+ | Compression = 10 | ||
+ | Subnet = 0.0.0.0/0 | ||
+ | </ | ||
+ | |||
+ | __复制 client 端的 etc/ | ||
+ | |||
+ | ==== 客户端 ==== | ||
+ | |||
+ | 生成密钥 | ||
+ | < | ||
+ | tinc init client | ||
+ | </ | ||
+ | |||
+ | 配置 etc/ | ||
+ | < | ||
+ | Name = client | ||
+ | Interface = tun10 | ||
+ | ConnectTo = server | ||
+ | MaxTimeout = 5 | ||
+ | </ | ||
+ | |||
+ | 配置 etc/ | ||
+ | < | ||
+ | Compression = 10 | ||
+ | Subnet = 10.255.1.1 | ||
+ | </ | ||
+ | |||
+ | 复制 server 端的 etc/ | ||
+ | < | ||
+ | Address = server_域名或者ip地址 | ||
+ | Compression = 10 | ||
+ | -----BEGIN RSA PUBLIC KEY----- | ||
+ | ..... | ||
+ | </ | ||
+ | |||
+ | ==== NAT ==== | ||
+ | |||
+ | pf.conf | ||
+ | < | ||
+ | scrub all no-df random-id fragment reassemble | ||
+ | nat on $ext_if from { 10.255.1/24 } to any -> ($ext_if) | ||
+ | </ | ||
+ | |||
+ | ==== 启动 ==== | ||
+ | |||
+ | 附件为FreeBSD rc.d 脚本, 用于启动 tincd | ||
+ | |||
+ | 调试可采用 tincd -D -d3 或 tincd -D -d4 | ||
+ | |||
+ | {{: | ||
+ | |||
+ | {{tag> |
freebsd/tinc.txt · 最后更改: 2021/08/18 11:13 由 Hshh