From 6feae75d3bf3cdaeac311674dd93fc2870a7af92 Mon Sep 17 00:00:00 2001 From: chunzhi Date: Thu, 27 Mar 2025 06:07:36 -0400 Subject: [PATCH] =?UTF-8?q?=E4=B8=8A=E4=BC=A0=E6=96=87=E4=BB=B6=E8=87=B3?= =?UTF-8?q?=20/?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- v2ray_installer.sh | 84 ++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 82 insertions(+), 2 deletions(-) diff --git a/v2ray_installer.sh b/v2ray_installer.sh index 55d487e..34994b8 100644 --- a/v2ray_installer.sh +++ b/v2ray_installer.sh @@ -80,6 +80,15 @@ install_dependencies() { apt update -y apt install -y wget curl unzip vim openssl socat fi + + # 检查IPv6支持 + echo -e "${BLUE}检查IPv6支持...${PLAIN}" + if [ ! -f /proc/sys/net/ipv6/conf/all/disable_ipv6 ] || [ "$(cat /proc/sys/net/ipv6/conf/all/disable_ipv6)" != "0" ]; then + echo -e "${YELLOW}启用IPv6支持...${PLAIN}" + echo "net.ipv6.conf.all.disable_ipv6 = 0" >> /etc/sysctl.conf + echo "net.ipv6.conf.default.disable_ipv6 = 0" >> /etc/sysctl.conf + sysctl -p + fi } # 时间校准 @@ -111,12 +120,80 @@ install_firewall() { firewall-cmd --zone=public --add-port=22/tcp --permanent firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent + # 允许IPv6流量 + firewall-cmd --zone=public --add-port=22/tcp --permanent --ipv6 + firewall-cmd --zone=public --add-port=80/tcp --permanent --ipv6 + firewall-cmd --zone=public --add-port=443/tcp --permanent --ipv6 firewall-cmd --reload else apt install -y ufw ufw enable ufw allow 'OpenSSH' ufw allow 'Nginx Full' + # 确保IPv6规则也被应用 + sed -i 's/IPV6=no/IPV6=yes/g' /etc/default/ufw + ufw reload + fi +} + +# 配置IPv6支持 +configure_ipv6() { + echo -e "${BLUE}配置IPv6支持...${PLAIN}" + + # 确保系统启用IPv6 + if [ -f /proc/sys/net/ipv6/conf/all/disable_ipv6 ]; then + echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6 + echo 0 > /proc/sys/net/ipv6/conf/default/disable_ipv6 + fi + + # 持久化IPv6配置 + cat > /etc/sysctl.d/99-ipv6.conf << EOF +net.ipv6.conf.all.disable_ipv6 = 0 +net.ipv6.conf.default.disable_ipv6 = 0 +net.ipv6.conf.lo.disable_ipv6 = 0 +EOF + sysctl -p /etc/sysctl.d/99-ipv6.conf + + # 检查网络接口IPv6配置 + if [ "$OS" == "centos" ]; then + # CentOS/RHEL系统 + for iface in $(ls /etc/sysconfig/network-scripts/ifcfg-* | grep -v ifcfg-lo); do + if ! grep -q "IPV6INIT=yes" $iface; then + echo "IPV6INIT=yes" >> $iface + fi + done + systemctl restart network + else + # Debian/Ubuntu系统 + if [ -f /etc/network/interfaces ]; then + # 旧版本Debian/Ubuntu + if ! grep -q "iface eth0 inet6 auto" /etc/network/interfaces; then + echo "iface eth0 inet6 auto" >> /etc/network/interfaces + fi + systemctl restart networking + elif [ -d /etc/netplan ]; then + # 新版本Ubuntu使用netplan + for config in /etc/netplan/*.yaml; do + if [ -f "$config" ]; then + # 确保YAML文件中包含IPv6配置 + if ! grep -q "dhcp6: true" "$config"; then + # 备份原文件 + cp "$config" "${config}.bak" + # 修改配置添加IPv6支持 + sed -i '/dhcp4: true/a\ dhcp6: true' "$config" + fi + fi + done + netplan apply + fi + fi + + # 检查IPv6连接 + echo -e "${BLUE}检查IPv6连接...${PLAIN}" + if ping6 -c 3 ipv6.google.com > /dev/null 2>&1; then + echo -e "${GREEN}IPv6连接正常${PLAIN}" + else + echo -e "${YELLOW}无法通过IPv6连接到互联网,但本地IPv6配置已完成${PLAIN}" fi } @@ -139,6 +216,9 @@ install_v2ray() { # 时间校准 time_sync + # 配置IPv6支持 + configure_ipv6 + # 安装防火墙 install_firewall @@ -250,8 +330,8 @@ EOF # 创建Nginx配置文件 cat > /etc/nginx/sites-available/${domain} << EOF server { - listen 80 default_server; - listen [::]:80 default_server; + listen 80; + listen [::]:80; server_name ${domain} www.${domain}; return 301 https://\$host\$request_uri; }