wireguard@wg-easy异常解决can't initialize iptables table `nat'

Posted on Edited on Views:

问题

env

  • rockylinux9.5
  • wg-easy:14

错误日志

$ wg genkey
$ echo ***hidden*** | wg pubkey
2025-05-04T02:06:22.688Z WireGuard Configuration generated.
2025-05-04T02:06:22.693Z WireGuard Config saving...
2025-05-04T02:06:22.712Z WireGuard Config saved.
$ wg-quick down wg0
$ wg-quick up wg0
Error: Command failed: wg-quick up wg0
[#] 
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.8.0.1/24 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE; iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT; iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT;
iptables v1.8.10 (legacy): can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
[#] ip link delete dev wg0

    at genericNodeError (node:internal/errors:984:15)
    at wrappedFn (node:internal/errors:538:14)
    at ChildProcess.exithandler (node:child_process:422:12)
    at ChildProcess.emit (node:events:519:28)
    at maybeClose (node:internal/child_process:1105:16)
    at ChildProcess._handle.onexit (node:internal/child_process:305:5) {
  code: 3,
  killed: false,
  signal: null,
  cmd: 'wg-quick up wg0'
}
2025-05-04T02:06:26.859Z Server Listening on http://0.0.0.0:51821
2025-05-04T02:06:26.944Z WireGuard Loading configuration...

解决

加载内核

1.临时加载内核模版
sudo modprobe ip_tables
sudo modprobe iptable_nat

2.启动加载
echo "ip_tables" | tee -a /etc/modules-load.d/wireguard.conf
echo "iptable_nat" | tee -a /etc/modules-load.d/wireguard.conf

3.重载
systemctl restart systemd-modules-load

lsmod | grep wireguard

a2a5e1ac248b7404cb40de865ab4d247.png