升级内核

开启FullCone需要修改到支持的内核版本,测试4.19内核支持,如果是小白尽量按照下面的步骤更新内核后操作!

  • Debian9

    deb https://deb.debian.org/debian stretch-backports main
apt update
apt install -t stretch-backports linux-image-cloud-amd64 linux-headers-cloud-amd64
reboot

  • Debian10

    deb https://deb.debian.org/debian buster-backports main
apt update
apt install -t buster-backports linux-image-cloud-amd64 linux-headers-cloud-amd64
reboot

安装依赖

apt install build-essential libtool libnfnetlink0 libnfnetlink-dev libpcap0.8-dev libtool autoconf autogen git libmnl-dev -y

下载源码

cd ~
git clone git://git.netfilter.org/libmnl
git clone git://git.netfilter.org/libnftnl.git
git clone git://git.netfilter.org/iptables.git
git clone https://github.com/Chion82/netfilter-full-cone-nat.git

编译安装

编译libmnl

cd /root/libnftnl
sh autogen.sh
./configure
make
make install

编译 libnftnl

cd /root/libnftnl
sh autogen.sh
./configure
make
make install

编译 fullcone-nat

cd /root/netfilter-full-cone-nat
make
modprobe nf_nat
insmod xt_FULLCONENAT.ko

编译 iptables

cd /root/iptables
cp ~/netfilter-full-cone-nat/libipt_FULLCONENAT.c ~/iptables/extensions/
./autogen.sh
./configure
make
make install

设置开机加载模块

kernel=`uname -r`
cp ~/netfilter-full-cone-nat/xt_FULLCONENAT.ko  /lib/modules/$kernel/
depmod
echo "xt_FULLCONENAT">>/etc/modules

重启后输入下面命令检测,有输出则成功!

lsmod | grep xt_FULLCONENAT

检查NAT类型

apt install python3-pip   ##安装pip3
pip3 install pystun3  ##安装pystun3
pystun3  ##检查输出
NAT Type: Full Cone  ##成功更换
External IP: 
External Port:

参考链接

Debian升级内核
一个臭打游戏的对 fullcone 的高谈阔论

最后修改:2024 年 03 月 31 日
© 允许规范转载
如果觉得我的文章对你有用,请随意赞赏