Update docs
This commit is contained in:
parent
629b39d3b3
commit
2ff2ec3cf9
10
README-zh.md
10
README-zh.md
@ -28,7 +28,7 @@ IPsec VPN 可以加密你的网络流量,以防止在通过因特网传送时
|
||||
## 快速开始
|
||||
|
||||
首先,在你的 Linux 服务器\* 上全新安装以下系统之一:
|
||||
Ubuntu, Debian, CentOS/RHEL, Rocky Linux, AlmaLinux, Amazon Linux 2 或者 Alpine Linux
|
||||
Ubuntu, Debian, CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux 或者 Amazon Linux 2
|
||||
|
||||
使用以下命令快速搭建 IPsec VPN 服务器:
|
||||
|
||||
@ -76,7 +76,9 @@ curl -fsSL https://git.io/vpnsetup -o vpn.sh && sudo sh vpn.sh
|
||||
|
||||
- Ubuntu 20.04 或者 18.04
|
||||
- Debian 11[\*](#debian-10-note), 10[\*](#debian-10-note) 或者 9
|
||||
- CentOS 7, Rocky Linux 8 或者 AlmaLinux 8[\*\*](#centos-8-note)
|
||||
- CentOS 7 或者 CentOS Stream 8[\*\*](#centos-8-note)
|
||||
- Rocky Linux 8 或者 AlmaLinux 8
|
||||
- Oracle Linux 8 或者 7
|
||||
- Red Hat Enterprise Linux (RHEL) 8 或者 7
|
||||
- Amazon Linux 2
|
||||
- Alpine Linux 3.15 或者 3.14
|
||||
@ -85,14 +87,14 @@ curl -fsSL https://git.io/vpnsetup -o vpn.sh && sudo sh vpn.sh
|
||||
|
||||
[![Deploy to DigitalOcean](docs/images/do-install-button.png)](http://dovpn.carlfriess.com) [![Deploy to Linode](docs/images/linode-deploy-button.png)](https://cloud.linode.com/stackscripts/37239) [![Deploy to Azure](docs/images/azure-deploy-button.png)](azure/README-zh.md)
|
||||
|
||||
[**» 我想建立并使用自己的 VPN ,但是没有可用的服务器**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps)
|
||||
[**» 我想建立并使用自己的 VPN,但是没有可用的服务器**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps)
|
||||
|
||||
另外,你也可以使用预构建的 [Docker 镜像](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md)。高级用户可以在 [Raspberry Pi](https://www.raspberrypi.org) 上安装。[[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/)
|
||||
|
||||
<a name="debian-10-note"></a>
|
||||
\* Debian 11/10 用户需要 [使用标准的 Linux 内核](docs/clients-zh.md#debian-10-内核)。
|
||||
<a name="centos-8-note"></a>
|
||||
\*\* 对 CentOS Linux 8 的支持 [已经结束](https://www.centos.org/centos-linux-eol/)。你可以另外使用比如 Rocky Linux 或者 AlmaLinux。
|
||||
\*\* 对 CentOS Linux 8 的支持 [已经结束](https://www.centos.org/centos-linux-eol/)。
|
||||
|
||||
:warning: **不要** 在你的 PC 或者 Mac 上运行这些脚本!它们只能用在服务器上!
|
||||
|
||||
|
@ -28,7 +28,7 @@ We will use [Libreswan](https://libreswan.org/) as the IPsec server, and [xl2tpd
|
||||
## Quick start
|
||||
|
||||
First, prepare your Linux server\* with a fresh install of one of the following OS:
|
||||
Ubuntu, Debian, CentOS/RHEL, Rocky Linux, AlmaLinux, Amazon Linux 2 or Alpine Linux
|
||||
Ubuntu, Debian, CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux or Amazon Linux 2
|
||||
|
||||
Use this one-liner to set up an IPsec VPN server:
|
||||
|
||||
@ -76,7 +76,9 @@ A dedicated server or virtual private server (VPS), freshly installed with one o
|
||||
|
||||
- Ubuntu 20.04 or 18.04
|
||||
- Debian 11[\*](#debian-10-note), 10[\*](#debian-10-note) or 9
|
||||
- CentOS 7, Rocky Linux 8 or AlmaLinux 8[\*\*](#centos-8-note)
|
||||
- CentOS 7 or CentOS Stream 8[\*\*](#centos-8-note)
|
||||
- Rocky Linux 8 or AlmaLinux 8
|
||||
- Oracle Linux 8 or 7
|
||||
- Red Hat Enterprise Linux (RHEL) 8 or 7
|
||||
- Amazon Linux 2
|
||||
- Alpine Linux 3.15 or 3.14
|
||||
@ -92,7 +94,7 @@ A pre-built [Docker image](https://github.com/hwdsl2/docker-ipsec-vpn-server) is
|
||||
<a name="debian-10-note"></a>
|
||||
\* Debian 11/10 users should [use the standard Linux kernel](docs/clients.md#debian-10-kernel).
|
||||
<a name="centos-8-note"></a>
|
||||
\*\* CentOS Linux 8 [is no longer supported](https://www.centos.org/centos-linux-eol/). You may instead use e.g. Rocky Linux or AlmaLinux.
|
||||
\*\* CentOS Linux 8 [is no longer supported](https://www.centos.org/centos-linux-eol/).
|
||||
|
||||
:warning: **DO NOT** run these scripts on your PC or Mac! They should only be used on a server!
|
||||
|
||||
|
@ -277,7 +277,7 @@ iptables -t nat -I POSTROUTING -s 192.168.42.0/24 -o "$netif" -j MASQUERADE
|
||||
|
||||
如果你想要在安装后更改 IPTables 规则,请编辑 `/etc/iptables.rules` 和/或 `/etc/iptables/rules.v4` (Ubuntu/Debian),或者 `/etc/sysconfig/iptables` (CentOS/RHEL)。然后重启服务器。
|
||||
|
||||
**注:** 如果使用 Rocky Linux, AlmaLinux 或者 CentOS/RHEL 8 并且在安装 VPN 时 firewalld 正在运行,则可能已配置 nftables。在这种情况下,编辑 `/etc/sysconfig/nftables.conf` 而不是 `/etc/sysconfig/iptables`。
|
||||
**注:** 如果使用 Rocky Linux, AlmaLinux, Oracle Linux 8 或者 CentOS/RHEL 8 并且在安装 VPN 时 firewalld 正在运行,则可能已配置 nftables。在这种情况下,编辑 `/etc/sysconfig/nftables.conf` 而不是 `/etc/sysconfig/iptables`。
|
||||
|
||||
## 部署 Google BBR 拥塞控制
|
||||
|
||||
|
@ -278,7 +278,7 @@ iptables -t nat -I POSTROUTING -s 192.168.42.0/24 -o "$netif" -j MASQUERADE
|
||||
|
||||
If you want to modify the IPTables rules after install, edit `/etc/iptables.rules` and/or `/etc/iptables/rules.v4` (Ubuntu/Debian), or `/etc/sysconfig/iptables` (CentOS/RHEL). Then reboot your server.
|
||||
|
||||
**Note:** If using Rocky Linux, AlmaLinux or CentOS/RHEL 8 and firewalld was active during VPN setup, nftables may be configured. In this case, edit `/etc/sysconfig/nftables.conf` instead of `/etc/sysconfig/iptables`.
|
||||
**Note:** If using Rocky Linux, AlmaLinux, Oracle Linux 8 or CentOS/RHEL 8 and firewalld was active during VPN setup, nftables may be configured. In this case, edit `/etc/sysconfig/nftables.conf` instead of `/etc/sysconfig/iptables`.
|
||||
|
||||
## Deploy Google BBR congestion control
|
||||
|
||||
|
@ -418,7 +418,7 @@ service xl2tpd restart
|
||||
grep pluto /var/log/auth.log
|
||||
grep xl2tpd /var/log/syslog
|
||||
|
||||
# CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
|
||||
# CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
|
||||
grep pluto /var/log/secure
|
||||
grep xl2tpd /var/log/messages
|
||||
|
||||
|
@ -417,7 +417,7 @@ Check the Libreswan (IPsec) and xl2tpd logs for errors:
|
||||
grep pluto /var/log/auth.log
|
||||
grep xl2tpd /var/log/syslog
|
||||
|
||||
# CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
|
||||
# CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
|
||||
grep pluto /var/log/secure
|
||||
grep xl2tpd /var/log/messages
|
||||
|
||||
|
@ -48,7 +48,7 @@ rm -f /etc/init/ipsec.conf /lib/systemd/system/ipsec.service /etc/init.d/ipsec \
|
||||
|
||||
`apt-get purge xl2tpd`
|
||||
|
||||
#### CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
|
||||
#### CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
|
||||
|
||||
`yum remove xl2tpd`
|
||||
|
||||
@ -62,11 +62,11 @@ rm -f /etc/init/ipsec.conf /lib/systemd/system/ipsec.service /etc/init.d/ipsec \
|
||||
|
||||
编辑 `/etc/iptables.rules` 并删除不需要的规则。你之前的防火墙规则(如果有)备份在 `/etc/iptables.rules.old-日期-时间`。另外如果文件 `/etc/iptables/rules.v4` 存在,请编辑它。
|
||||
|
||||
#### CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
|
||||
#### CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
|
||||
|
||||
编辑 `/etc/sysconfig/iptables` 并删除不需要的规则。你之前的防火墙规则(如果有)备份在 `/etc/sysconfig/iptables.old-日期-时间`。
|
||||
|
||||
**注:** 如果使用 Rocky Linux, AlmaLinux 或者 CentOS/RHEL 8 并且在安装 VPN 时 firewalld 正在运行,则可能已配置 nftables。编辑 `/etc/sysconfig/nftables.conf` 并删除不需要的规则。你之前的防火墙规则备份在 `/etc/sysconfig/nftables.conf.old-日期-时间`。
|
||||
**注:** 如果使用 Rocky Linux, AlmaLinux, Oracle Linux 8 或者 CentOS/RHEL 8 并且在安装 VPN 时 firewalld 正在运行,则可能已配置 nftables。编辑 `/etc/sysconfig/nftables.conf` 并删除不需要的规则。你之前的防火墙规则备份在 `/etc/sysconfig/nftables.conf.old-日期-时间`。
|
||||
|
||||
### 第四步
|
||||
|
||||
|
@ -48,7 +48,7 @@ rm -f /etc/init/ipsec.conf /lib/systemd/system/ipsec.service /etc/init.d/ipsec \
|
||||
|
||||
`apt-get purge xl2tpd`
|
||||
|
||||
#### CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
|
||||
#### CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
|
||||
|
||||
`yum remove xl2tpd`
|
||||
|
||||
@ -62,11 +62,11 @@ rm -f /etc/init/ipsec.conf /lib/systemd/system/ipsec.service /etc/init.d/ipsec \
|
||||
|
||||
Edit `/etc/iptables.rules` and remove unneeded rules. Your original rules (if any) are backed up as `/etc/iptables.rules.old-date-time`. In addition, edit `/etc/iptables/rules.v4` if the file exists.
|
||||
|
||||
#### CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
|
||||
#### CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
|
||||
|
||||
Edit `/etc/sysconfig/iptables` and remove unneeded rules. Your original rules (if any) are backed up as `/etc/sysconfig/iptables.old-date-time`.
|
||||
|
||||
**Note:** If using Rocky Linux, AlmaLinux or CentOS/RHEL 8 and firewalld was active during VPN setup, nftables may be configured. Edit `/etc/sysconfig/nftables.conf` and remove unneeded rules. Your original rules are backed up as `/etc/sysconfig/nftables.conf.old-date-time`.
|
||||
**Note:** If using Rocky Linux, AlmaLinux, Oracle Linux 8 or CentOS/RHEL 8 and firewalld was active during VPN setup, nftables may be configured. Edit `/etc/sysconfig/nftables.conf` and remove unneeded rules. Your original rules are backed up as `/etc/sysconfig/nftables.conf.old-date-time`.
|
||||
|
||||
### Fourth step
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user