一些常用命令和脚本

安装Docker

官方：

curl -fsSL https://get.docker.com | bash -s docker

阿里云：

curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun

安装面板

3x-ui

bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh)

s-ui(推荐)

bash <(curl -Ls https://raw.githubusercontent.com/alireza0/s-ui/master/install.sh)

h-ui

bash <(curl -fsSL https://raw.githubusercontent.com/jonssonyan/h-ui/main/install.sh)

流媒体解锁

bash <(curl -L -s raw.githubusercontent.com/lmc999/RegionRestrictionCheck/main/check.sh)

安装ZTNET面板

apt update && apt install -y sudo curl lsb-release
curl -s http://install.ztnet.network | sudo bash

安装ZeroTier

curl -s https://install.zerotier.com | sudo bash
cd /var/lib/zerotier-one/ && rm -rf planet && wget https://zt.0n.ink/api/planet && service zerotier-one restart

关闭IPv6

临时关闭

sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 && sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1

永久关闭

echo -e "net.ipv6.conf.all.disable_ipv6=1\nnet.ipv6.conf.default.disable_ipv6=1\nnet.ipv6.conf.lo.disable_ipv6=1" >> /etc/sysctl.conf && sysctl -p

FRRouting + WireGuard BGP配置

sudo apt install frr wireguard

vim /etc/frr/daemons

ospfd = yes

service frr restart

# 启用 NAT
sudo iptables -t nat -A POSTROUTING -o $WAN_IF -j MASQUERADE

# 允许转发
sudo iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i $ZT_IF -o $WAN_IF -j ACCEPT

# 安装 iptables-persistent 使规则持久化
sudo apt-get install iptables-persistent
sudo netfilter-persistent save

#开启IPv4转发
echo net.ipv4.ip_forward=1 > /etc/sysctl.conf

sysctl -p

vtysh

国际互联区

configure terminal
ip prefix-list ALLOW_ALL seq 5 permit 0.0.0.0/0 le 32
route-map PERMIT_ALL permit 10
 match ip address prefix-list ALLOW_ALL
router bgp 64501 
 bgp bestpath as-path multipath-relax
 maximum-paths 4
 bgp router-id 100.64.1.254
 neighbor 100.64.1.1 remote-as 64502
 neighbor 100.64.1.2 remote-as 64503
 neighbor 100.64.1.3 remote-as 64504
 neighbor 100.64.1.4 remote-as 64505
 network 100.64.1.254/32

 address-family ipv4 unicast
  neighbor 100.64.1.1 route-map PERMIT_ALL in
  neighbor 100.64.1.1 route-map PERMIT_ALL out
  neighbor 100.64.1.2 route-map PERMIT_ALL in
  neighbor 100.64.1.2 route-map PERMIT_ALL out
  neighbor 100.64.1.3 route-map PERMIT_ALL in
  neighbor 100.64.1.3 route-map PERMIT_ALL out
  neighbor 100.64.1.4 route-map PERMIT_ALL in
  neighbor 100.64.1.4 route-map PERMIT_ALL out
  neighbor 100.64.1.1 activate
  neighbor 100.64.1.2 activate
  neighbor 100.64.1.3 activate
  neighbor 100.64.1.4 activate
  neighbor 100.64.1.1 default-originate
  neighbor 100.64.1.2 default-originate
  neighbor 100.64.1.3 default-originate
  neighbor 100.64.1.4 default-originate
 exit-address-family
 en

configure terminal
ip prefix-list ALLOW_ALL seq 5 permit 0.0.0.0/0 le 32
route-map PERMIT_ALL permit 10
 match ip address prefix-list ALLOW_ALL
router bgp 64502 
 bgp bestpath as-path multipath-relax
 maximum-paths 4
 bgp router-id 100.64.1.1
 neighbor 100.64.1.254 remote-as 64501
 neighbor 100.64.1.2 remote-as 64503
 neighbor 100.64.1.3 remote-as 64504
 neighbor 100.64.1.4 remote-as 64505
 network 100.64.1.1/32

 address-family ipv4 unicast
  neighbor 100.64.1.254 route-map PERMIT_ALL in
  neighbor 100.64.1.254 route-map PERMIT_ALL out
  neighbor 100.64.1.2 route-map PERMIT_ALL in
  neighbor 100.64.1.2 route-map PERMIT_ALL out
  neighbor 100.64.1.3 route-map PERMIT_ALL in
  neighbor 100.64.1.3 route-map PERMIT_ALL out
  neighbor 100.64.1.4 route-map PERMIT_ALL in
  neighbor 100.64.1.4 route-map PERMIT_ALL out
  neighbor 100.64.1.254 activate
  neighbor 100.64.1.2 activate
  neighbor 100.64.1.3 activate
  neighbor 100.64.1.4 activate
  neighbor 100.64.1.254 default-originate
  neighbor 100.64.1.2 default-originate
  neighbor 100.64.1.3 default-originate
  neighbor 100.64.1.4 default-originate
 exit-address-family
 en

configure terminal
ip prefix-list ALLOW_ALL seq 5 permit 0.0.0.0/0 le 32
route-map PERMIT_ALL permit 10
 match ip address prefix-list ALLOW_ALL
router bgp 64503 
 bgp bestpath as-path multipath-relax
 maximum-paths 4
 bgp router-id 100.64.1.2
 neighbor 100.64.1.254 remote-as 64501
 neighbor 100.64.1.1 remote-as 64502
 neighbor 100.64.1.3 remote-as 64504
 neighbor 100.64.1.4 remote-as 64505
 network 100.64.1.2/32

 address-family ipv4 unicast
  neighbor 100.64.1.254 route-map PERMIT_ALL in
  neighbor 100.64.1.254 route-map PERMIT_ALL out
  neighbor 100.64.1.1 route-map PERMIT_ALL in
  neighbor 100.64.1.1 route-map PERMIT_ALL out
  neighbor 100.64.1.3 route-map PERMIT_ALL in
  neighbor 100.64.1.3 route-map PERMIT_ALL out
  neighbor 100.64.1.4 route-map PERMIT_ALL in
  neighbor 100.64.1.4 route-map PERMIT_ALL out
  neighbor 100.64.1.254 activate
  neighbor 100.64.1.1 activate
  neighbor 100.64.1.3 activate
  neighbor 100.64.1.4 activate
  neighbor 100.64.1.254 default-originate
  neighbor 100.64.1.1 default-originate
  neighbor 100.64.1.3 default-originate
  neighbor 100.64.1.4 default-originate
 exit-address-family
 en

configure terminal
ip prefix-list ALLOW_ALL seq 5 permit 0.0.0.0/0 le 32
route-map PERMIT_ALL permit 10
 match ip address prefix-list ALLOW_ALL
router bgp 64504 
 bgp bestpath as-path multipath-relax
 maximum-paths 4
 bgp router-id 100.64.1.3
 neighbor 100.64.1.254 remote-as 64501
 neighbor 100.64.1.1 remote-as 64502
 neighbor 100.64.1.2 remote-as 64503
 neighbor 100.64.1.4 remote-as 64505
 network 100.64.1.3/32

 address-family ipv4 unicast
  neighbor 100.64.1.254 route-map PERMIT_ALL in
  neighbor 100.64.1.254 route-map PERMIT_ALL out
  neighbor 100.64.1.1 route-map PERMIT_ALL in
  neighbor 100.64.1.1 route-map PERMIT_ALL out
  neighbor 100.64.1.2 route-map PERMIT_ALL in
  neighbor 100.64.1.2 route-map PERMIT_ALL out
  neighbor 100.64.1.4 route-map PERMIT_ALL in
  neighbor 100.64.1.4 route-map PERMIT_ALL out
  neighbor 100.64.1.254 activate
  neighbor 100.64.1.1 activate
  neighbor 100.64.1.2 activate
  neighbor 100.64.1.4 activate
  neighbor 100.64.1.254 default-originate
  neighbor 100.64.1.1 default-originate
  neighbor 100.64.1.2 default-originate
  neighbor 100.64.1.4 default-originate
 exit-address-family
 en

configure terminal
ip prefix-list ALLOW_ALL seq 5 permit 0.0.0.0/0 le 32
route-map PERMIT_ALL permit 10
 match ip address prefix-list ALLOW_ALL
router bgp 64505 
 bgp bestpath as-path multipath-relax
 maximum-paths 4
 bgp router-id 100.64.1.4
 neighbor 100.64.1.254 remote-as 64501
 neighbor 100.64.1.1 remote-as 64502
 neighbor 100.64.1.2 remote-as 64503
 neighbor 100.64.1.3 remote-as 64504
 network 100.64.1.4/32

 address-family ipv4 unicast
  neighbor 100.64.1.254 route-map PERMIT_ALL in
  neighbor 100.64.1.254 route-map PERMIT_ALL out
  neighbor 100.64.1.1 route-map PERMIT_ALL in
  neighbor 100.64.1.1 route-map PERMIT_ALL out
  neighbor 100.64.1.2 route-map PERMIT_ALL in
  neighbor 100.64.1.2 route-map PERMIT_ALL out
  neighbor 100.64.1.3 route-map PERMIT_ALL in
  neighbor 100.64.1.3 route-map PERMIT_ALL out
  neighbor 100.64.1.254 activate
  neighbor 100.64.1.1 activate
  neighbor 100.64.1.2 activate
  neighbor 100.64.1.3 activate
  neighbor 100.64.1.254 default-originate
  neighbor 100.64.1.1 default-originate
  neighbor 100.64.1.2 default-originate
  neighbor 100.64.1.3 default-originate
 exit-address-family
 en

中国互联区

configure terminal
ip prefix-list ALLOW_ALL seq 5 permit 0.0.0.0/0 le 32
route-map PERMIT_ALL permit 10
 match ip address prefix-list ALLOW_ALL
 router bgp 64599
 bgp bestpath as-path multipath-relax

查看bgp状况

show ip bgp summary