1
0
mirror of synced 2024-11-25 14:26:09 +03:00

Update docs

This commit is contained in:
hwdsl2 2022-03-20 23:10:40 -05:00
parent 629b39d3b3
commit 2ff2ec3cf9
8 changed files with 21 additions and 17 deletions

View File

@ -28,7 +28,7 @@ IPsec VPN 可以加密你的网络流量,以防止在通过因特网传送时
## 快速开始
首先,在你的 Linux 服务器\* 上全新安装以下系统之一:
Ubuntu, Debian, CentOS/RHEL, Rocky Linux, AlmaLinux, Amazon Linux 2 或者 Alpine Linux
Ubuntu, Debian, CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux 或者 Amazon Linux 2
使用以下命令快速搭建 IPsec VPN 服务器:
@ -76,7 +76,9 @@ curl -fsSL https://git.io/vpnsetup -o vpn.sh && sudo sh vpn.sh
- Ubuntu 20.04 或者 18.04
- Debian 11[\*](#debian-10-note), 10[\*](#debian-10-note) 或者 9
- CentOS 7, Rocky Linux 8 或者 AlmaLinux 8[\*\*](#centos-8-note)
- CentOS 7 或者 CentOS Stream 8[\*\*](#centos-8-note)
- Rocky Linux 8 或者 AlmaLinux 8
- Oracle Linux 8 或者 7
- Red Hat Enterprise Linux (RHEL) 8 或者 7
- Amazon Linux 2
- Alpine Linux 3.15 或者 3.14
@ -85,14 +87,14 @@ curl -fsSL https://git.io/vpnsetup -o vpn.sh && sudo sh vpn.sh
[![Deploy to DigitalOcean](docs/images/do-install-button.png)](http://dovpn.carlfriess.com)  [![Deploy to Linode](docs/images/linode-deploy-button.png)](https://cloud.linode.com/stackscripts/37239)  [![Deploy to Azure](docs/images/azure-deploy-button.png)](azure/README-zh.md)
[**» 我想建立并使用自己的 VPN ,但是没有可用的服务器**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps)
[**» 我想建立并使用自己的 VPN,但是没有可用的服务器**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps)
另外,你也可以使用预构建的 [Docker 镜像](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md)。高级用户可以在 [Raspberry Pi](https://www.raspberrypi.org) 上安装。[[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/)
<a name="debian-10-note"></a>
\* Debian 11/10 用户需要 [使用标准的 Linux 内核](docs/clients-zh.md#debian-10-内核)。
<a name="centos-8-note"></a>
\*\* 对 CentOS Linux 8 的支持 [已经结束](https://www.centos.org/centos-linux-eol/)。你可以另外使用比如 Rocky Linux 或者 AlmaLinux。
\*\* 对 CentOS Linux 8 的支持 [已经结束](https://www.centos.org/centos-linux-eol/)。
:warning: **不要** 在你的 PC 或者 Mac 上运行这些脚本!它们只能用在服务器上!

View File

@ -28,7 +28,7 @@ We will use [Libreswan](https://libreswan.org/) as the IPsec server, and [xl2tpd
## Quick start
First, prepare your Linux server\* with a fresh install of one of the following OS:
Ubuntu, Debian, CentOS/RHEL, Rocky Linux, AlmaLinux, Amazon Linux 2 or Alpine Linux
Ubuntu, Debian, CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux or Amazon Linux 2
Use this one-liner to set up an IPsec VPN server:
@ -76,7 +76,9 @@ A dedicated server or virtual private server (VPS), freshly installed with one o
- Ubuntu 20.04 or 18.04
- Debian 11[\*](#debian-10-note), 10[\*](#debian-10-note) or 9
- CentOS 7, Rocky Linux 8 or AlmaLinux 8[\*\*](#centos-8-note)
- CentOS 7 or CentOS Stream 8[\*\*](#centos-8-note)
- Rocky Linux 8 or AlmaLinux 8
- Oracle Linux 8 or 7
- Red Hat Enterprise Linux (RHEL) 8 or 7
- Amazon Linux 2
- Alpine Linux 3.15 or 3.14
@ -92,7 +94,7 @@ A pre-built [Docker image](https://github.com/hwdsl2/docker-ipsec-vpn-server) is
<a name="debian-10-note"></a>
\* Debian 11/10 users should [use the standard Linux kernel](docs/clients.md#debian-10-kernel).
<a name="centos-8-note"></a>
\*\* CentOS Linux 8 [is no longer supported](https://www.centos.org/centos-linux-eol/). You may instead use e.g. Rocky Linux or AlmaLinux.
\*\* CentOS Linux 8 [is no longer supported](https://www.centos.org/centos-linux-eol/).
:warning: **DO NOT** run these scripts on your PC or Mac! They should only be used on a server!

View File

@ -277,7 +277,7 @@ iptables -t nat -I POSTROUTING -s 192.168.42.0/24 -o "$netif" -j MASQUERADE
如果你想要在安装后更改 IPTables 规则,请编辑 `/etc/iptables.rules` 和/或 `/etc/iptables/rules.v4` (Ubuntu/Debian),或者 `/etc/sysconfig/iptables` (CentOS/RHEL)。然后重启服务器。
**注:** 如果使用 Rocky Linux, AlmaLinux 或者 CentOS/RHEL 8 并且在安装 VPN 时 firewalld 正在运行,则可能已配置 nftables。在这种情况下编辑 `/etc/sysconfig/nftables.conf` 而不是 `/etc/sysconfig/iptables`
**注:** 如果使用 Rocky Linux, AlmaLinux, Oracle Linux 8 或者 CentOS/RHEL 8 并且在安装 VPN 时 firewalld 正在运行,则可能已配置 nftables。在这种情况下编辑 `/etc/sysconfig/nftables.conf` 而不是 `/etc/sysconfig/iptables`
## 部署 Google BBR 拥塞控制

View File

@ -278,7 +278,7 @@ iptables -t nat -I POSTROUTING -s 192.168.42.0/24 -o "$netif" -j MASQUERADE
If you want to modify the IPTables rules after install, edit `/etc/iptables.rules` and/or `/etc/iptables/rules.v4` (Ubuntu/Debian), or `/etc/sysconfig/iptables` (CentOS/RHEL). Then reboot your server.
**Note:** If using Rocky Linux, AlmaLinux or CentOS/RHEL 8 and firewalld was active during VPN setup, nftables may be configured. In this case, edit `/etc/sysconfig/nftables.conf` instead of `/etc/sysconfig/iptables`.
**Note:** If using Rocky Linux, AlmaLinux, Oracle Linux 8 or CentOS/RHEL 8 and firewalld was active during VPN setup, nftables may be configured. In this case, edit `/etc/sysconfig/nftables.conf` instead of `/etc/sysconfig/iptables`.
## Deploy Google BBR congestion control

View File

@ -418,7 +418,7 @@ service xl2tpd restart
grep pluto /var/log/auth.log
grep xl2tpd /var/log/syslog
# CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
# CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
grep pluto /var/log/secure
grep xl2tpd /var/log/messages

View File

@ -417,7 +417,7 @@ Check the Libreswan (IPsec) and xl2tpd logs for errors:
grep pluto /var/log/auth.log
grep xl2tpd /var/log/syslog
# CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
# CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
grep pluto /var/log/secure
grep xl2tpd /var/log/messages

View File

@ -48,7 +48,7 @@ rm -f /etc/init/ipsec.conf /lib/systemd/system/ipsec.service /etc/init.d/ipsec \
`apt-get purge xl2tpd`
#### CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
#### CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
`yum remove xl2tpd`
@ -62,11 +62,11 @@ rm -f /etc/init/ipsec.conf /lib/systemd/system/ipsec.service /etc/init.d/ipsec \
编辑 `/etc/iptables.rules` 并删除不需要的规则。你之前的防火墙规则(如果有)备份在 `/etc/iptables.rules.old-日期-时间`。另外如果文件 `/etc/iptables/rules.v4` 存在,请编辑它。
#### CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
#### CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
编辑 `/etc/sysconfig/iptables` 并删除不需要的规则。你之前的防火墙规则(如果有)备份在 `/etc/sysconfig/iptables.old-日期-时间`
**注:** 如果使用 Rocky Linux, AlmaLinux 或者 CentOS/RHEL 8 并且在安装 VPN 时 firewalld 正在运行,则可能已配置 nftables。编辑 `/etc/sysconfig/nftables.conf` 并删除不需要的规则。你之前的防火墙规则备份在 `/etc/sysconfig/nftables.conf.old-日期-时间`
**注:** 如果使用 Rocky Linux, AlmaLinux, Oracle Linux 8 或者 CentOS/RHEL 8 并且在安装 VPN 时 firewalld 正在运行,则可能已配置 nftables。编辑 `/etc/sysconfig/nftables.conf` 并删除不需要的规则。你之前的防火墙规则备份在 `/etc/sysconfig/nftables.conf.old-日期-时间`
### 第四步

View File

@ -48,7 +48,7 @@ rm -f /etc/init/ipsec.conf /lib/systemd/system/ipsec.service /etc/init.d/ipsec \
`apt-get purge xl2tpd`
#### CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
#### CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
`yum remove xl2tpd`
@ -62,11 +62,11 @@ rm -f /etc/init/ipsec.conf /lib/systemd/system/ipsec.service /etc/init.d/ipsec \
Edit `/etc/iptables.rules` and remove unneeded rules. Your original rules (if any) are backed up as `/etc/iptables.rules.old-date-time`. In addition, edit `/etc/iptables/rules.v4` if the file exists.
#### CentOS/RHEL, Rocky Linux, AlmaLinux & Amazon Linux 2
#### CentOS/RHEL, Rocky Linux, AlmaLinux, Oracle Linux & Amazon Linux 2
Edit `/etc/sysconfig/iptables` and remove unneeded rules. Your original rules (if any) are backed up as `/etc/sysconfig/iptables.old-date-time`.
**Note:** If using Rocky Linux, AlmaLinux or CentOS/RHEL 8 and firewalld was active during VPN setup, nftables may be configured. Edit `/etc/sysconfig/nftables.conf` and remove unneeded rules. Your original rules are backed up as `/etc/sysconfig/nftables.conf.old-date-time`.
**Note:** If using Rocky Linux, AlmaLinux, Oracle Linux 8 or CentOS/RHEL 8 and firewalld was active during VPN setup, nftables may be configured. Edit `/etc/sysconfig/nftables.conf` and remove unneeded rules. Your original rules are backed up as `/etc/sysconfig/nftables.conf.old-date-time`.
### Fourth step