init

02. PARA/03. Resources（資源）/翻牆/V2Ray.md

@@ -0,0 +1,2 @@
+- [GitHub - Qv2ray/Qv2ray: Linux / Windows / macOS 跨平台 V2Ray 客户端 | 支持 VMess / VLESS / SSR / Trojan / Trojan-Go / NaiveProxy / HTTP / HTTPS / SOCKS5 | 使用 C++ / Qt 开发 | 可拓展插件式设计](https://github.com/Qv2ray/Qv2ray)
+- [Project V · Project V 官方网站](https://www.v2ray.com/)

02. PARA/03. Resources（資源）/翻牆/Wireguard.md

@@ -0,0 +1,111 @@
+
+## Installation
+### Install on Synology NAS
+1. 從[synology-wireguard release](https://github.com/runfalk/synology-wireguard/releases)下載對應的SPK，DS1513+是WireGuard-cedarview-1.0.20200729.spk。若不知道該下載哪一個版本，可以查看[這個對照表](https://www.synology.com/en-global/knowledgebase/DSM/tutorial/Compatibility_Peripherals/What_kind_of_CPU_does_my_NAS_have)。
+2. 在套件中心裡面手動安裝
+3. 用SSH登入
+
+### Install on Ubuntu 20.04
+安裝: `sudo apt install wireguard resolvconf`
+
+1. 打開firewall port
+    ```
+    sudo ufw allow 50100/udp
+    ```
+2. 打開port forwarding
+	`sudo vim /etc/sysctl.conf`
+	然後加入這一行，存檔離開
+	`net.ipv4.ip_forward=1`
+	套用
+	`sudo sysctl -p`
+
+## Setup Wireguard
+1. Make a folder to store key and config
+	```
+    mkdir ~/wireguard ; cd ~/wireguard
+    ```
+2. 生成server的private/public key: `wg genkey | tee server_privateKey | wg pubkey > server_publicKey`
+3. 在`/etc/wireguard`裡面，建立`wg0.conf`，如下：
+	```
+    [Interface]
+    Address = 10.0.0.1/24
+    ListenPort = 50100
+    PrivateKey = 8EELc7SWYbZswluhP0ZEzSkTAINXLlXqdE8J34eak3g=
+
+    PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o enp0s3 -j MASQUERADE
+    PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o enp0s3 -j MASQUERADE
+
+    SaveConfig = true
+    DNS = 8.8.8.8
+
+    # Awin
+    [Peer]
+    PublicKey = dB9l0rROSHyp3C6Odykdu69sU1k7XrOEa33ibx10I00=
+    AllowedIPs = 10.0.0.2/32
+
+    # Dean
+    [Peer]
+    PublicKey = N8kOoy3x4rsM1XDekrzLVQJ7Eo9Cb/vcQ07btzEK41Q=
+    AllowedIPs = 10.0.0.3/32
+    ```
+	注意文中的`[Interface]`中的`PrivateKey`要替換成你自己生成的key，可以用`cat server_privateKey`與`cat server_publicKey`來取得。
+4. 生成user private/public key: `wg genkey | tee <user_name>_privateKey | wg pubkey > <user_name>_publicKey`
+    1. 例如要給awin的key: `wg genkey | tee awin_privateKey | wg pubkey > awin_publicKey`
+5. 建立user的config，例如給awin的config: 
+	建立`awin.conf`，內容如下：
+    ```
+    [Interface]
+	PrivateKey = OBN3ORMdpaz7pHTSlkyCXHvgLTbXnmB2kxJTCyrr3F4=
+    Address = 10.0.0.2/24
+    DNS = 8.8.8.8
+
+    [Peer]
+    PublicKey = 15Sy2MRW1yKWLzA03MciOkR7qvpxSXfmQtkMj9xOzj0=
+    AllowedIPs = 0.0.0.0/0, ::0/0
+    Endpoint = vpn.awin.one:50100
+    ```
+6. 把user config生成QR code，方便掃描: 
+	- `sudo grep -v '^#' /etc/wireguard/<user_name>.conf | qrencode -t ansiutf8`
+	- `qrencode -t ansiutf8 < <user_name>.conf`
+	- 兩個都可以
+7. 重啟Wireguard
+	```
+    sudo wg-quick up wg0; \
+    sleep 5; \
+    sudo wg-quick down wg0; \
+    sleep 5; \
+    sudo wg-quick up wg0
+    ```
+    另一個:
+    `sudo wg-quick down wg0 ; sudo cp ./wg0.conf /etc/wireguard/wg0.conf ; sudo wg-quick up wg0 ; sudo wg show wg0`
+8. 查看Wireguard狀態: `sudo wg`
+
+## Troubleshooting
+That will tell you whether your packets are reaching the remote server, or if they're not getting through the tunnel.
+- On the remote server: `sudo tcpdump -i wg0`
+- On local machine: `ping -c1 <server_ip>`
+
+## Helper
+寫了一個script來copy config，這樣就可以在Windows直接編輯。
+```
+#!/bin/env bash
+
+sudo cp /volume1/homes/awin/Temp/wg0.conf .
+sudo cp /volume1/homes/awin/Temp/awin.conf .
+sudo cp /volume1/homes/awin/Temp/dean.conf .
+
+sudo wg-quick down wg0
+sleep 5
+sudo wg-quick up wg0
+sleep 5
+sudo wg-quick down wg0
+sleep 5
+sudo wg-quick up wg0
+```
+
+----------
+
+參考資料:
+- https://github.com/runfalk/synology-wireguard
+- https://notes.wadeism.net/linux/680/
+- [『Atrandys』wireguard配置文件讲解 | 配置多用户 - YouTube](https://www.youtube.com/watch?v=X4doKJmjE4o&feature=youtu.be)