LINUX.ORG.RU

История изменений

Исправление vvviperrr, (текущая версия) :

я тоже обмазался костылями

netns_name=wireguard

real_ip=45.62.213.45
wg_ip=192.168.177.4

ext_iface=eno1

do_start() {
	#netns config
	/bin/ip netns add $netns_name
	/bin/ip netns exec $netns_name /bin/ip link set dev lo up
	/bin/ip link add veth0 type veth peer name veth1
	/bin/ip link set veth1 netns $netns_name
	/bin/ip netns exec $netns_name /sbin/ifconfig veth1 10.10.10.2/24 up

	/sbin/ifconfig veth0 10.10.10.1/24 up
	/sbin/iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o $ext_iface -j MASQUERADE

	#wireguard config
	/bin/ip netns exec $netns_name /bin/ip link add dev wgserver type wireguard
	/bin/ip netns exec $netns_name /bin/ip address add 192.168.177.2/24 dev wgserver
	/bin/ip netns exec $netns_name /usr/bin/wg setconf wgserver /etc/wireguard/wireguard-server.conf
	/bin/ip netns exec $netns_name /bin/ip link set up dev wgserver

	#route via wireguard
	/bin/ip netns exec $netns_name /sbin/route add $real_ip gw 10.10.10.1
	/bin/ip netns exec $netns_name /sbin/route add default gw $wg_ip

	#route to wireguard
	/sbin/route add -net 192.168.177.0/24 gw 10.10.10.2
	/bin/ip netns exec $netns_name /sbin/iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o wgserver -j MASQUERADE
}

do_stop() {
	/bin/ip netns exec $netns_name /bin/ip link del dev wgserver
	/bin/ip netns delete $netns_name
	/bin/ip link del veth0
}

cmd=$1

if [[ $cmd = "start" ]]; then
	do_start
elif [[ $cmd = "stop" ]]; then
	do_stop
else
	echo "unknown command: $1"
	exit 1
fi

exit 0

Исправление vvviperrr, :

я тоже обмазался костылями

[code] netns_name=wireguard

real_ip=45.62.213.45 wg_ip=192.168.177.4

ext_iface=eno1

do_start() { #netns config /bin/ip netns add $netns_name /bin/ip netns exec $netns_name /bin/ip link set dev lo up /bin/ip link add veth0 type veth peer name veth1 /bin/ip link set veth1 netns $netns_name /bin/ip netns exec $netns_name /sbin/ifconfig veth1 10.10.10.2/24 up

/sbin/ifconfig veth0 10.10.10.1/24 up
/sbin/iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o $ext_iface -j MASQUERADE

#wireguard config
/bin/ip netns exec $netns_name /bin/ip link add dev wgserver type wireguard
/bin/ip netns exec $netns_name /bin/ip address add 192.168.177.2/24 dev wgserver
/bin/ip netns exec $netns_name /usr/bin/wg setconf wgserver /etc/wireguard/wireguard-server.conf
/bin/ip netns exec $netns_name /bin/ip link set up dev wgserver

#route via wireguard
/bin/ip netns exec $netns_name /sbin/route add $real_ip gw 10.10.10.1
/bin/ip netns exec $netns_name /sbin/route add default gw $wg_ip

#route to wireguard
/sbin/route add -net 192.168.177.0/24 gw 10.10.10.2
/bin/ip netns exec $netns_name /sbin/iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o wgserver -j MASQUERADE

}

do_stop() { /bin/ip netns exec $netns_name /bin/ip link del dev wgserver /bin/ip netns delete $netns_name /bin/ip link del veth0 }

cmd=$1

if [[ $cmd = «start» ]]; then do_start elif [[ $cmd = «stop» ]]; then do_stop else echo «unknown command: $1» exit 1 fi

exit 0

[/code]

Исправление vvviperrr, :

я тоже обмазался костылями

[quote] #!/bin/bash

netns_name=wireguard

real_ip=45.62.213.45 wg_ip=192.168.177.4

ext_iface=eno1

do_start() { #netns config /bin/ip netns add $netns_name /bin/ip netns exec $netns_name /bin/ip link set dev lo up /bin/ip link add veth0 type veth peer name veth1 /bin/ip link set veth1 netns $netns_name /bin/ip netns exec $netns_name /sbin/ifconfig veth1 10.10.10.2/24 up

/sbin/ifconfig veth0 10.10.10.1/24 up
/sbin/iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o $ext_iface -j MASQUERADE

#wireguard config
/bin/ip netns exec $netns_name /bin/ip link add dev wgserver type wireguard
/bin/ip netns exec $netns_name /bin/ip address add 192.168.177.2/24 dev wgserver
/bin/ip netns exec $netns_name /usr/bin/wg setconf wgserver /etc/wireguard/wireguard-server.conf
/bin/ip netns exec $netns_name /bin/ip link set up dev wgserver

#route via wireguard
/bin/ip netns exec $netns_name /sbin/route add $real_ip gw 10.10.10.1
/bin/ip netns exec $netns_name /sbin/route add default gw $wg_ip

#route to wireguard
/sbin/route add -net 192.168.177.0/24 gw 10.10.10.2
/bin/ip netns exec $netns_name /sbin/iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o wgserver -j MASQUERADE

}

do_stop() { /bin/ip netns exec $netns_name /bin/ip link del dev wgserver /bin/ip netns delete $netns_name /bin/ip link del veth0 }

cmd=$1

if [[ $cmd = «start» ]]; then do_start elif [[ $cmd = «stop» ]]; then do_stop else echo «unknown command: $1» exit 1 fi

exit 0

[/quote]

Исходная версия vvviperrr, :

я тоже обмазался костылями

[code] #!/bin/bash

netns_name=wireguard

real_ip=45.62.213.45 wg_ip=192.168.177.4

ext_iface=eno1

do_start() { #netns config /bin/ip netns add $netns_name /bin/ip netns exec $netns_name /bin/ip link set dev lo up /bin/ip link add veth0 type veth peer name veth1 /bin/ip link set veth1 netns $netns_name /bin/ip netns exec $netns_name /sbin/ifconfig veth1 10.10.10.2/24 up

/sbin/ifconfig veth0 10.10.10.1/24 up
/sbin/iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o $ext_iface -j MASQUERADE

#wireguard config
/bin/ip netns exec $netns_name /bin/ip link add dev wgserver type wireguard
/bin/ip netns exec $netns_name /bin/ip address add 192.168.177.2/24 dev wgserver
/bin/ip netns exec $netns_name /usr/bin/wg setconf wgserver /etc/wireguard/wireguard-server.conf
/bin/ip netns exec $netns_name /bin/ip link set up dev wgserver

#route via wireguard
/bin/ip netns exec $netns_name /sbin/route add $real_ip gw 10.10.10.1
/bin/ip netns exec $netns_name /sbin/route add default gw $wg_ip

#route to wireguard
/sbin/route add -net 192.168.177.0/24 gw 10.10.10.2
/bin/ip netns exec $netns_name /sbin/iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o wgserver -j MASQUERADE

}

do_stop() { /bin/ip netns exec $netns_name /bin/ip link del dev wgserver /bin/ip netns delete $netns_name /bin/ip link del veth0 }

cmd=$1

if [[ $cmd = «start» ]]; then do_start elif [[ $cmd = «stop» ]]; then do_stop else echo «unknown command: $1» exit 1 fi

exit 0

[/code]