Synology - 安裝 WireGuard 客户端

套件中心設定

新增社群https://synopackage.com/repository/spk/all，安裝Wiregurad

主機設定

修复套件权限
sudo sed -i 's/package/root/g' /var/packages/WireGuard/conf/privilege
在etc目录下创建wireguard文件夹
mkdir /etc/wireguard/
进入Wireguard文件夹
cd /etc/wireguard/
新建 conf 配置文件
touch gw0.conf
给于配置文件权限
chmod 775 gw0.conf

建立客戶端金鑰

wg genkey | tee client1_privateKey | wg pubkey > client1_publicKey

設定gw0.conf

[Interface]
PrivateKey = eEUEA8BW5RKWfUxXdAxZrotuKdZ5JZD9WQyVY= (client1_privateKey)
Address = 10.9.0.5/24 (server端設定ip)
MTU = 1400

PostUp = iptables -t nat -A POSTROUTING -o eth0 -s 10.9.0.0/24 -j MASQUERADE   (可選，wg up後啟用nat)
PostDown = iptables -t nat -D POSTROUTING -o eth0 -s 10.9.0.0/24 -j MASQUERADE (可選，wg down後刪除nat)

[Peer]
PublicKey = Rh1yTxxVzswNMlhBClPH7KB2jrrIOZUexE= (server端公鑰)
AllowedIPs = 10.9.0.0/24,192.168.0.0/24 (wg網段和允許網段)
PersistentKeepalive = 25 (須設定)
Endpoint = ip:port

启动 WG服务
wg-quick up gw0
停止 WG服务
wg-quick down gw0
查看 WG状态
wg show gw0

開機自啟

# 开启
sudo wg-autostart enable gw0
# 关闭
sudo wg-autostart disable gw0