目前我的情况是:家里和公司都搭建了wg,然后设备有MacBook和iPhone,由于每台设备的公私钥都要区分。目前我的配置如下(精简了一部分):
[General]
loglevel = notify
bypass-system = true
skip-proxy = 127.0.0.1,10.0.0.0/8,100.64.0.0/10,localhost,*.local,e.crashlytics.com,captive.apple.com
tun-excluded-routes = 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12
dns-server = 119.29.29.29,223.5.5.5
test-timeout = 5
http-api-web-dashboard = true
[Proxy]
DIRECT = direct
Work-iPhone = wireguard, section-name=iPhone, test-url=http://www.baidu.com
Work-MacBook = wireguard, section-name=MacBook, test-url=http://www.baidu.com
Home-iPhone = wireguard, section-name=iPhone, test-url=http://www.baidu.com
Home-MacBook = wireguard, section-name=MacBook, test-url=http://www.baidu.com
[Proxy Group]
工作 = select, Work-iPhone, Work-MacBook
住所 = select, Home-iPhone, Home-MacBook
工作(自动) = ssid, default = 工作, "Work" = DIRECT
住所(自动) = ssid, default = 住所, "Home" = DIRECT
[Rule]
IP-CIDR,172.16.0.0/12,工作(自动)
IP-CIDR,192.168.10.1/24,住所(自动)
[WireGuard iPhone]
private-key = privateKey
self-ip = 192.168.5.2
dns-server = 114.114.114.114
mtu = 1280
peer = (public-key = publicKey, allowed-ips = 172.16.0.0/12, endpoint = ip:port),(public-key = publicKey, allowed-ips = 192.168.10.0/24, endpoint = ip:port)
[WireGuard MacBook]
private-key = privateKey
self-ip = 192.168.5.3
dns-server = 114.114.114.114
mtu = 1280
peer = (public-key = publicKey, allowed-ips = 172.16.0.0/12, endpoint = ip:port),(public-key = publicKey, allowed-ips = 192.168.10.0/24, endpoint = ip:port)
这么写的目的是为了应对三种场景,在公司,在家,在外。
在家的时候,会因为我的SSID=Home,自动直连,跳过代理。公司同理。在外就都走代理。
但是使用一段时间发现,MacBook每次使用之前都要先Reload一下配置,然后就可以使用了。iPhone因为没有Reload,就有时可以有时不行,完全捉摸不定。
@SurgeTeam 感谢,麻烦抽空分析一下~
