{"id":348,"date":"2025-12-25T21:22:44","date_gmt":"2025-12-25T13:22:44","guid":{"rendered":"https:\/\/blog.zrygtx.top\/?p=348"},"modified":"2025-12-25T21:22:44","modified_gmt":"2025-12-25T13:22:44","slug":"openvpn-tap-%e6%a8%a1%e5%bc%8f%e8%ae%be%e7%bd%ae","status":"publish","type":"post","link":"https:\/\/blog.zrygtx.top\/?p=348","title":{"rendered":"openvpn tap \u6a21\u5f0f\u8bbe\u7f6e"},"content":{"rendered":"<h1>ubuntu<\/h1>\n<h2>\u521b\u5efa\u7f51\u6865<\/h2>\n<pre><code class=\"language-shell\"> cd \/etc\/netplan\/\n vi 50-cloud-init.yaml \n<\/code><\/pre>\n<p>\u4fee\u6539\u7f51\u7edc\u914d\u7f6e\u914d\u7f6e<\/p>\n<pre><code>network:\n  version: 2\n  renderer: networkd\n  ethernets:\n    ens33:\n      dhcp4: no\n  bridges:\n    br0:\n      interfaces: [ens33]\n      addresses: [\u4f60\u7684IP\/\u4f60\u7684\u63a9\u7801]\n      gateway4: \u4f60\u7684\u7f51\u5173\n      nameservers:\n        addresses: [8.8.8.8, 1.1.1.1]\n<\/code><\/pre>\n<p>\u5e94\u7528\u914d\u7f6e<\/p>\n<pre><code>netplan apply<\/code><\/pre>\n<h2>\u5b89\u88c5openvpn<\/h2>\n<pre><code>sudo apt update\nsudo apt install openvpn bridge-utils\n<\/code><\/pre>\n<p>\u786e\u8ba4\u5185\u6838\u652f\u6301tap<\/p>\n<pre><code>ls \/dev\/net\/tun\n<\/code><\/pre>\n<h2>\u7f16\u8f91\u6865\u63a5\u811a\u672c<\/h2>\n<pre><code>vi up.sh<\/code><\/pre>\n<p>\u7c98\u8d34\u914d\u7f6e<\/p>\n<pre><code>#!\/bin\/bash\nBR=\"br0\"\nTAP=\"$1\"\n\n# \u5982\u679c br0 \u4e0d\u5b58\u5728\u5219\u521b\u5efa\nif ! ip link show $BR &gt; \/dev\/null 2&gt;&amp;1; then\n    ip link add name $BR type bridge\n    ip link set $BR up\nfi\n\n# \u628a tap0 \u52a0\u5165\u6865\nip link set $TAP up promisc on\nip link set $TAP master $BR\n<\/code><\/pre>\n<pre><code>vi down.sh<\/code><\/pre>\n<p>\u7c98\u8d34\u914d\u7f6e<\/p>\n<pre><code>#!\/bin\/bash\nBR=\"br0\"\nTAP=\"$1\"\nip link set $TAP down\nip link set $TAP nomaster<\/code><\/pre>\n<h2>\u7f16\u8f91openvpn\u914d\u7f6e\u6587\u4ef6<\/h2>\n<pre><code>vi client.ovpn<\/code><\/pre>\n<pre><code>client\ndev tap\nproto tcp\nremote &lt;\u4f60\u7684\u670d\u52a1\u5668IP&gt; 1194\n\n# \u8bc1\u4e66\nca ca.crt\ncert client.crt\nkey client.key\n\n# \u5141\u8bb8\u6865\u63a5\nscript-security 2\nup \/etc\/openvpn\/up.sh #\u4fee\u6539\u811a\u672c\u6587\u4ef6\u8def\u5f84\ndown \/etc\/openvpn\/down.sh #\u4fee\u6539\u811a\u672c\u6587\u4ef6\u8def\u5f84\n<\/code><\/pre>\n<p>\u4ee5\u4e0b\u4e3a\u7528\u6237\u540d\/\u5bc6\u7801\u767b\u5f55\u914d\u7f6e<\/p>\n<pre><code>client\ndev tap\nproto tcp\ntun-mtu 1400\ncipher BF-CBC\ncomp-lzo\nremote 6.6.6.6 1194\nresolv-retry infinite\nnobind\npersist-key\npersist-tun\nverb 3\nauth-user-pass \/root\/user.txt #user.txt\u586b\u5165\u7528\u6237\u540d\/\u5bc6\u7801\nscript-security 2\n\n&lt;ca&gt;\n-----BEGIN CERTIFICATE-----\nMIIDQTCCAimgAwIBAgIJAKrYfOEc83B\/MA0GCSqGSIb3DQEBCwUAMDcxCzAJBgNV\nBAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgRGV2aWNlIENB\nMB4XDTI1MDcyNjA1NDI1OVoXDTM1MDcyNDA1NDI1OVowNzELMAkGA1UEBhMCQ04x\nDjAMBgNVBAoMBWlLdWFpMRgwFgYDVQQDDA9pS3VhaSBEZXZpY2UgQ0EwggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN1rtc10pTG0vREKOuKI4UQaoCUFel\nK4ARaKSxKr\/m4IsFZh2OKz5d0+KV0c9mTevVRfaNsD0\/YJ3RTi6pRHJy8wMuaaZX\nLJ5Ks2aLL0AiZVO0u4Yn82MPojQ8k3dvTju2ZzGxKHhQotHMKd0T3iQKbKRfb9tp\n2nPoxePN9SLPH8AS1x0aJ6ccnzdwlkquoidljlvnalsjdoqUvbX7UjiKWWoUZUse\n\/xP7542p2HpgE7rAJJJvMP1OMyBhWOEZFY915\/rIDRFOEYNmGAToOD8jZLepRwiW\nGCZLpXnOb4H9H5tmFR2XuFlH2Y5W7s1ZF8LW7a1s8m5+6MItEjrsD2wrAgMBAAGj\nUDBOMB0GA1UdDgQWBBT7xvLvR6Lehdq5GASyQfO\/2LjlCDAfBgNVHSMEGDAWgBT7\nxvLvR6Lehdq5GASyQfO\/2LjlCDAMBgNVHRMEBTADAQH\/MA0GCSqGSIb3DQEBCwUA\nA4IBAQAVsZQpu+Q4mWVE+aIJ333TFNz8TfBGavcGx4uCWm0rzcrS7ScyKEW1SBIT\nujgGwZ7bL9zOXEsxH34Ns5zxhNgGgCBjY0mJ8RNz20XG1gxvKlzLd\/C636tnsHgP\nA1+kNkjKrcCOxFQni72mKB9fsSR\/keLpCu1bQMHHq00Huz\/gR6r542umjPBh3MPE\nscript-security 2\n up up.sh\n down down.sh\n<\/code><\/pre>\n<p>user.txt\u683c\u5f0f<\/p>\n<pre><code>user\npasswd<\/code><\/pre>\n<h2>\u542f\u52a8openVPN \u5e76\u6d4b\u8bd5\u4e8c\u5c42\u96a7\u9053<\/h2>\n<pre><code>sudo openvpn --config client.ovpn\n#<\/code><\/pre>\n<h2>\u8bbe\u7f6e\u5f00\u542f\u81ea\u542f<\/h2>\n<pre><code>sudo cp \/root\/client.ovpn \/etc\/openvpn\/client\/client.conf #\u590d\u5236\u914d\u7f6e\u6587\u4ef6\nsudo cp \/root\/up.sh \/etc\/openvpn\/client\/up.sh\nsudo cp \/root\/down.sh \/etc\/openvpn\/client\/down.sh\nsudo cp \/root\/user.txt \/etc\/openvpn\/client\/user.txt\nsudo systemctl start openvpn-client@client # \u542f\u52a8\nsudo systemctl enable openvpn-client@client # \u8bbe\u7f6e\u5f00\u673a\u81ea\u542f\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>ubuntu \u521b\u5efa\u7f51\u6865 cd \/etc\/netplan\/ vi 50-cloud-init.yaml \u4fee\u6539\u7f51\u7edc&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-348","post","type-post","status-publish","format-standard","hentry","category-9"],"_links":{"self":[{"href":"https:\/\/blog.zrygtx.top\/index.php?rest_route=\/wp\/v2\/posts\/348","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.zrygtx.top\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.zrygtx.top\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.zrygtx.top\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.zrygtx.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=348"}],"version-history":[{"count":1,"href":"https:\/\/blog.zrygtx.top\/index.php?rest_route=\/wp\/v2\/posts\/348\/revisions"}],"predecessor-version":[{"id":349,"href":"https:\/\/blog.zrygtx.top\/index.php?rest_route=\/wp\/v2\/posts\/348\/revisions\/349"}],"wp:attachment":[{"href":"https:\/\/blog.zrygtx.top\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=348"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.zrygtx.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=348"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.zrygtx.top\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=348"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}