WireGuard在Ubuntu20.04上不工作

Question

我已经为wireguard生成了配置，我在其中手动添加了[Interface] PostUp和PostDown路由，用于我的接口。

这是我的审查配置，我正在运行通过wg-quick up file.conf，我也有路线显示通过我的ip ro和wg-status show也显示路线存在和一些流量是出来的。

[Interface]
PrivateKey = privatekey=
Address = my-vpn-ip,my-vpn-ip6
PostUp = ip route add ip-address/32 dev ens160;ip route add ip-address/32 dev ens160;ip route add ip-address/32 dev ens160;ip route addip-address/32 dev ens160;
PostDown = ip route del ip-address/32 dev ens160;ip route del ip-address/32 dev ens160;ip route del ip-address/32 dev ens160;ip route del ip-address/32 dev ens160;
[Peer]
PublicKey = pubkey1=
Endpoint = end-point-ip1:7200
AllowedIPs = ip-address/32,ip-address/32,ip-address/32,ip-address/32,ip-address/32
[Peer]
PublicKey = pubkey2=
Endpoint = end-point-ip2:7200
AllowedIPs = ip-address/32,ip-address/32,ip-address/32,ip-address/32,ip-address/32
[Peer]
PublicKey = pubkey3=
Endpoint = end-point-ip3:7200
AllowedIPs = ip-address/32,ip-address/32,ip-address/32,ip-address/32,ip-address/32,ip-address/32,ip-address/32,ip-address/32
[Peer]
PublicKey = pubkey4=
Endpoint = end-point-ip4:7200
AllowedIPs = ip-address/32,ip-address/32,ip-address/32,ip-address/32,ip-address/32,ip-address/32,ip-address/32

我可以访问互联网，但不能访问内部服务器，WireGuard在我的windows机器上工作得很好，但在Ubuntu上却不行。安装了Openresolve包。

我在/etc/sysctl.conf net.ipv4.ip_forward = 1和net.ipv6.ip_forward = 1中配置了

Answer 1

我是WG中的一个bug，它没有正确地路由数据包。

我来自L3系的学院写了“热点修复”，这个问题被报道为bug。

PostUp = MYDEFROUTE=`ip ro sh | grep default | awk '{print $3}'| head -n1`; for peer in ip.addresses.here; do ip ro add $peer/32 via $MYDEFROUTE; done
PostDown = for peer in ip.addresses; do ip ro del $peer/32; done