|
本帖最后由 laomms 于 2018-4-9 08:32 编辑
ZeroTier 是一款非常简单易用的内网穿透工具,不需要配置,就能实现虚拟局域网的组建,让你可以在外也能连回家中、学校、办公室的电脑获取资料,数据。配置与使用都非常简单,堪称「 无配置,零基础」,小白也能用。
实测速度和稳定性都相当的不错。关键是全端口映射,任何地方都可以访问到,有没有公网ip都无所谓。
无技术活,纯代码,ssh下复制执行就行
先安装zerotier
- opkg update
- opkg install zerotier
复制代码
运行zerotier
- modprobe tun
- zerotier-one -d
- zerotier-cli info
复制代码 200 info 497845b7e 1.2.4 ONLINE
加入申请到的网络代码
- zerotier-cli join 9*************e
复制代码 200 join OK
获取ip值
- zerotier-cli listnetworks
复制代码 200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>
200 listnetworks 9*************e laomms aa:bb:cc:dd:ee OK PUBLIC zt0 170.21.0.19/16
ping下看通不通PING 170.21.0.19 (170.21.0.19): 56 data bytes
64 bytes from 170.21.0.19: seq=0 ttl=64 time=0.237 ms
--- 170.21.0.19 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.097/0.139/0.237 ms
添加端口映射表:
先用iptables -v -L INPUT -n --line-numbers查询所有iptables情况:- iptables -v -t nat -L -n --line-numbers
复制代码
- admin@RT-AC5300-56A0:/tmp/home/root# iptables -v -L INPUT -n --line-numbers
- Chain INPUT (policy ACCEPT 4304 packets, 798K bytes)
- num pkts bytes target prot opt in out source destination
- 1 65 5109 DROP icmp -- ppp0 * 0.0.0.0/0 0.0.0.0/0
- 2 0 0 DROP icmp -- ppp0 * 0.0.0.0/0 0.0.0.0/0
- 3 15182 2917K INPUT_EasyExplorer all -- * * 0.0.0.0/0 0.0.0.0/0
- 4 15182 2917K INPUT_EasyExplorer all -- * * 0.0.0.0/0 0.0.0.0/0
- 5 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1688
复制代码 添加一条iptables:
- iptables -I INPUT 6 -i zt0 -j ACCEPT
复制代码 注意这里的6是继上面5条之后加一条。再看下,已经加进去了:
- admin@RT-AC5300-56A0:/tmp/home/root# iptables -v -L INPUT -n --line-numbers
- Chain INPUT (policy ACCEPT 1164 packets, 256K bytes)
- num pkts bytes target prot opt in out source destination
- 1 79 6117 DROP icmp -- ppp0 * 0.0.0.0/0 0.0.0.0/0
- 2 0 0 DROP icmp -- ppp0 * 0.0.0.0/0 0.0.0.0/0
- 3 18024 3524K INPUT_EasyExplorer all -- * * 0.0.0.0/0 0.0.0.0/0
- 4 18024 3524K INPUT_EasyExplorer all -- * * 0.0.0.0/0 0.0.0.0/0
- 5 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1688
- 6 10 1431 ACCEPT all -- zt0 * 0.0.0.0/0 0.0.0.0/0
复制代码
重启zerotier:
- killall zerotier-one
- zerotier-one -d
复制代码 设置开机加载tun驱动并检测脚本是否运行:
- echo "modprobe tun" >> /jffs/scripts/nat-start
- echo "cru a ZeroTierDaemon "/opt/etc/init.d/S90zerotier-one.sh start"" >> /jffs/scripts/wan-start
复制代码
端口映射,添加/jffs/scripts/nat-start内容,并设置开机启动
iptables -t nat -A PREROUTING -d 170.21.0.19 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.1:80
用命令行实现:
- echo "iptables -t nat -A PREROUTING -d 170.21.0.19 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.1:80" >> /jffs/scripts/nat-start
- echo "/opt/etc/init.d/S90zerotier-one.sh" >> /jffs/scripts/nat-start
- chmod a+rx /jffs/scripts/*
复制代码
启动脚本放到相应目录
- chmod 755 /opt/etc/init.d/S90zerotier-one.sh
复制代码
添加防火墙规则(没有开启防火墙这个无所谓):
- echo "logger -t "custom iptables" "Enter" -p user.notice" >> /jffs/scripts/firewall-start
- echo "iptables -C INPUT -i zt0 -j ACCEPT" >> /jffs/scripts/firewall-start
- echo "if [ $? != 0 ]; then" >> /jffs/scripts/firewall-start
- echo "#iptables -I INPUT -i zt0 -j ACCEPT" >> /jffs/scripts/firewall-start
- echo "#iptables -I INPUT -i zt0 -p icmp -j ACCEPT" >> /jffs/scripts/firewall-start
- echo "iptables -I INPUT 1 -i ppp0 -p icmp -j DROP" >> /jffs/scripts/firewall-start
- echo "iptables -t nat -A PREROUTING -d <span style="color: rgb(68, 68, 68); font-family: Tahoma; background-color: rgb(255, 255, 255);">170.21.0.19</span> -p tcp --dport 80 -j DNAT --to-destination 192.168.1.1:80" >> /jffs/scripts/firewall-start
- echo "logger -t "custom iptables" "rules added" -p user.notice" >> /jffs/scripts/firewall-start
- echo "else" >> /jffs/scripts/firewall-start
- echo "logger -t "custom iptables" "rules existed skip" -p user.notice" >> /jffs/scripts/firewall-start
- echo "fi" >> /jffs/scripts/firewall-start
复制代码
脚本内容:
- #! /bin/sh
- case "$1" in
- start)
- if ( pidof zerotier-one )
- then echo "ZeroTier-One is already running."
- else
- echo "Starting ZeroTier-One" ;
- /opt/bin/zerotier-one -d ;
- echo "$(date) Started ZeroTier-One" >> /opt/var/log/zerotier-one.log ;
- fi
- ;;
- stop)
- if ( pidof zerotier-one )
- then
- echo "Stopping ZeroTier-One";
- killall zerotier-one
- echo "$(date) Stopped ZeroTier-One" >> /opt/var/log/zerotier-one.log
- else
- echo "ZeroTier-One was not running" ;
- fi
- ;;
- status)
- if ( pidof zerotier-one )
- then echo "ZeroTier-One is running."
- else echo "ZeroTier-One is NOT running"
- fi
- ;;
- *)
- echo "Usage: /etc/init.d/zerotier-one {start|stop|status}"
- exit 1
- ;;
- esac
- exit 0
复制代码
|
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
×
评分
-
查看全部评分
|