-
Notifications
You must be signed in to change notification settings - Fork 49
🐲 WireGuard 配置文件示例
Virgil Clyne edited this page Sep 2, 2022
·
18 revisions
- 详细说明: https://manual.nssurge.com/policy/wireguard.html
- private-key: 客户端私钥,由Wireguard客户端生成(注:与下面的
节点公钥不是同一对儿!) - public-key: 节点公钥,
Cloudflare WARP的公钥始终为bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo= - endpoint: 端点,
目前Surge仅支持单节点(peer),所以需要选择一个可用IP,详见可用IP- 可以直接使用
engage.nanocat.me:2408,此地址已配置解析为所有可用IP
- self-ip: 客户端 IPv4 地址,隧道内使用 IPv4,默认值: 172.16.0.2
- self-ip-v6: 客户端 IPv6 地址,隧道内使用 IPv6(此配置需要
iOS 5.20.0 (2452)或macOS Version 4.8.1-1809及以上版本)- x为配置下发的唯一ipv6地址,此地址与
客户端密钥对应,随意填写则隧道内IPv6不可用!
- x为配置下发的唯一ipv6地址,此地址与
- mtu: 最大传输单元,默认值1280,如需为隧道启用IPv6,此值应设为1400 (来源)
[Proxy]
☁WARP = wireguard, section-name = Cloudflare, test-url=http://1.1.1.1/generate_204
[Group]
你的策略组 = 节点1, 节点2, 节点3, WARP
[WireGuard Cloudflare]
private-key = 客户端私钥
self-ip = 172.16.0.2
self-ip-v6 = 2606:4700:110:xxxx:xxxx:xxxx:xxxx:xxxx
dns-server = 1.1.1.1, 1.0.0.1, 2606:4700:4700::1111, 2606:4700:4700::1001
mtu = 1400
peer = (public-key = bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo=, allowed-ips = "0.0.0.0/0, ::/0", endpoint = engage.nanocat.me:2408, keepalive = 45)