mirror of
https://github.com/EasyTier/EasyTier.git
synced 2024-11-16 03:32:43 +08:00
fix AllowIps and Address fields for WireGuard client (#99)
- add Wireguard client cidr into AllowIps - change subnet number to 32 in Address field
This commit is contained in:
parent
7d3b8e42fe
commit
4da7f4ec20
12
README.md
12
README.md
|
@ -218,20 +218,22 @@ After successfully starting easytier-core, use easytier-cli to obtain the WireGu
|
||||||
$> easytier-cli vpn-portal
|
$> easytier-cli vpn-portal
|
||||||
portal_name: wireguard
|
portal_name: wireguard
|
||||||
|
|
||||||
client_config:
|
############### client_config_start ###############
|
||||||
|
|
||||||
[Interface]
|
[Interface]
|
||||||
PrivateKey = 9VDvlaIC9XHUvRuE06hD2CEDrtGF+0lDthgr9SZfIho=
|
PrivateKey = 9VDvlaIC9XHUvRuE06hD2CEDrtGF+0lDthgr9SZfIho=
|
||||||
Address = 10.14.14.0/24 # should assign an ip from this cidr manually
|
Address = 10.14.14.0/32 # should assign an ip from this cidr manually
|
||||||
|
|
||||||
[Peer]
|
[Peer]
|
||||||
PublicKey = zhrZQg4QdPZs8CajT3r4fmzcNsWpBL9ImQCUsnlXyGM=
|
PublicKey = zhrZQg4QdPZs8CajT3r4fmzcNsWpBL9ImQCUsnlXyGM=
|
||||||
AllowedIPs = 192.168.80.0/20,10.147.223.0/24,10.144.144.0/24
|
AllowedIPs = 10.144.144.0/24,10.14.14.0/24
|
||||||
Endpoint = 0.0.0.0:11013 # should be the public ip of the vpn server
|
Endpoint = 0.0.0.0:11013 # should be the public ip(or domain) of the vpn server
|
||||||
PersistentKeepalive = 25
|
PersistentKeepalive = 25
|
||||||
|
|
||||||
|
############### client_config_end ###############
|
||||||
|
|
||||||
connected_clients:
|
connected_clients:
|
||||||
[]
|
[]
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
Before using the Client Config, you need to modify the Interface Address and Peer Endpoint to the client's IP and the IP of the EasyTier node, respectively. Import the configuration file into the WireGuard client to access the EasyTier network.
|
Before using the Client Config, you need to modify the Interface Address and Peer Endpoint to the client's IP and the IP of the EasyTier node, respectively. Import the configuration file into the WireGuard client to access the EasyTier network.
|
||||||
|
|
12
README_CN.md
12
README_CN.md
|
@ -219,20 +219,22 @@ easytier-core 启动成功后,使用 easytier-cli 获取 WireGuard Client 的
|
||||||
$> easytier-cli vpn-portal
|
$> easytier-cli vpn-portal
|
||||||
portal_name: wireguard
|
portal_name: wireguard
|
||||||
|
|
||||||
client_config:
|
############### client_config_start ###############
|
||||||
|
|
||||||
[Interface]
|
[Interface]
|
||||||
PrivateKey = 9VDvlaIC9XHUvRuE06hD2CEDrtGF+0lDthgr9SZfIho=
|
PrivateKey = 9VDvlaIC9XHUvRuE06hD2CEDrtGF+0lDthgr9SZfIho=
|
||||||
Address = 10.14.14.0/24 # should assign an ip from this cidr manually
|
Address = 10.14.14.0/32 # should assign an ip from this cidr manually
|
||||||
|
|
||||||
[Peer]
|
[Peer]
|
||||||
PublicKey = zhrZQg4QdPZs8CajT3r4fmzcNsWpBL9ImQCUsnlXyGM=
|
PublicKey = zhrZQg4QdPZs8CajT3r4fmzcNsWpBL9ImQCUsnlXyGM=
|
||||||
AllowedIPs = 192.168.80.0/20,10.147.223.0/24,10.144.144.0/24
|
AllowedIPs = 10.144.144.0/24,10.14.14.0/24
|
||||||
Endpoint = 0.0.0.0:11013 # should be the public ip of the vpn server
|
Endpoint = 0.0.0.0:11013 # should be the public ip(or domain) of the vpn server
|
||||||
PersistentKeepalive = 25
|
PersistentKeepalive = 25
|
||||||
|
|
||||||
|
############### client_config_end ###############
|
||||||
|
|
||||||
connected_clients:
|
connected_clients:
|
||||||
[]
|
[]
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
使用 Client Config 前,需要将 Interface Address 和 Peer Endpoint 分别修改为客户端的 IP 和 EasyTier 节点的 IP。将配置文件导入 WireGuard 客户端,即可访问 EasyTier 网络。
|
使用 Client Config 前,需要将 Interface Address 和 Peer Endpoint 分别修改为客户端的 IP 和 EasyTier 节点的 IP。将配置文件导入 WireGuard 客户端,即可访问 EasyTier 网络。
|
||||||
|
|
|
@ -360,8 +360,15 @@ async fn main() -> Result<(), Error> {
|
||||||
.into_inner()
|
.into_inner()
|
||||||
.vpn_portal_info
|
.vpn_portal_info
|
||||||
.unwrap_or_default();
|
.unwrap_or_default();
|
||||||
println!("portal_name: {}\n", resp.vpn_type);
|
println!("portal_name: {}", resp.vpn_type);
|
||||||
println!("client_config:{}", resp.client_config);
|
println!(
|
||||||
|
r#"
|
||||||
|
############### client_config_start ###############
|
||||||
|
{}
|
||||||
|
############### client_config_end ###############
|
||||||
|
"#,
|
||||||
|
resp.client_config
|
||||||
|
);
|
||||||
println!("connected_clients:\n{:#?}", resp.connected_clients);
|
println!("connected_clients:\n{:#?}", resp.connected_clients);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -428,7 +428,7 @@ pub async fn async_main(cli: Cli) {
|
||||||
});
|
});
|
||||||
|
|
||||||
println!("Starting easytier with config:");
|
println!("Starting easytier with config:");
|
||||||
println!("############### TOML ##############\n");
|
println!("############### TOML ###############\n");
|
||||||
println!("{}", cfg.dump());
|
println!("{}", cfg.dump());
|
||||||
println!("-----------------------------------");
|
println!("-----------------------------------");
|
||||||
|
|
||||||
|
|
|
@ -264,33 +264,35 @@ impl VpnPortal for WireGuard {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
let vpn_cfg = global_ctx.config.get_vpn_portal_config().unwrap();
|
||||||
|
let client_cidr = vpn_cfg.client_cidr;
|
||||||
|
|
||||||
|
allow_ips.push(client_cidr.to_string());
|
||||||
|
|
||||||
let allow_ips = allow_ips
|
let allow_ips = allow_ips
|
||||||
.into_iter()
|
.into_iter()
|
||||||
.map(|x| x.to_string())
|
.map(|x| x.to_string())
|
||||||
.collect::<Vec<_>>()
|
.collect::<Vec<_>>()
|
||||||
.join(",");
|
.join(",");
|
||||||
|
|
||||||
let vpn_cfg = global_ctx.config.get_vpn_portal_config().unwrap();
|
|
||||||
let client_cidr = vpn_cfg.client_cidr;
|
|
||||||
|
|
||||||
let cfg = self.inner.as_ref().unwrap().wg_config.clone();
|
let cfg = self.inner.as_ref().unwrap().wg_config.clone();
|
||||||
let cfg_str = format!(
|
let cfg_str = format!(
|
||||||
r#"
|
r#"
|
||||||
[Interface]
|
[Interface]
|
||||||
PrivateKey = {peer_secret_key}
|
PrivateKey = {peer_secret_key}
|
||||||
Address = {client_cidr} # should assign an ip from this cidr manually
|
Address = {address} # should assign an ip from this cidr manually
|
||||||
|
|
||||||
[Peer]
|
[Peer]
|
||||||
PublicKey = {my_public_key}
|
PublicKey = {my_public_key}
|
||||||
AllowedIPs = {allow_ips}
|
AllowedIPs = {allow_ips}
|
||||||
Endpoint = {listenr_addr} # should be the public ip of the vpn server
|
Endpoint = {listenr_addr} # should be the public ip(or domain) of the vpn server
|
||||||
PersistentKeepalive = 25
|
PersistentKeepalive = 25
|
||||||
"#,
|
"#,
|
||||||
peer_secret_key = BASE64_STANDARD.encode(cfg.peer_secret_key()),
|
peer_secret_key = BASE64_STANDARD.encode(cfg.peer_secret_key()),
|
||||||
my_public_key = BASE64_STANDARD.encode(cfg.my_public_key()),
|
my_public_key = BASE64_STANDARD.encode(cfg.my_public_key()),
|
||||||
listenr_addr = self.inner.as_ref().unwrap().listenr_addr,
|
listenr_addr = self.inner.as_ref().unwrap().listenr_addr,
|
||||||
allow_ips = allow_ips,
|
allow_ips = allow_ips,
|
||||||
client_cidr = client_cidr,
|
address = client_cidr.first_address().to_string() + "/32",
|
||||||
);
|
);
|
||||||
|
|
||||||
cfg_str
|
cfg_str
|
||||||
|
|
Loading…
Reference in New Issue
Block a user