工具准备

获取Warp配置

Android:

NekoBox: https://github.com/MatsuriDayo/NekoBoxForAndroid 其他平台:
warp-gp: https://gitlab.com/ProjectWARP/warp-go
wgcf: https://github.com/ViRb3/wgcf
在线生成:
- WGCF：https://replit.com/@misaka-blog/wgcf-profile-generator
- WARP-GO：https://replit.com/@misaka-blog/warpgo-profile-generator
- Sing-box：https://replit.com/@misaka-blog/warpgo-sbfile-generator

连接Warp

全平台:

Sing-box Linux/Windows: NekoRay: https://github.com/MatsuriDayo/nekoray Android: NekoBox: https://github.com/MatsuriDayo/NekoBoxForAndroid

优选IP

warp-yxip: https://gitlab.com/Misaka-blog/warp-script/#warp-endpoint-ip-%E4%BC%98%E9%80%89%E8%84%9A%E6%9C%AC 可以得到ip和端口, 替换上面得到的Warp配置服务器相关部分

步骤

获取Warp配置

请先阅读warp-go部分, 了解我们需要得到的东西.

warp-go

warp-go --register --export-singbox config.conf

产生sing-box配置文件,如下示意是一个SingBox Outbound Object:

 {
      "type": "wireguard",
      "tag": "wireguard0",
      "server": "engage.cloudflareclient.com",//<--替换这个[优选IP]
      "server_port": 2408,  //<--替换这个[优选IP]
      "reserved": "Sg5B",   //<--替换这个
      "local_address": [
        "172.16.0.2/32",
        "2606:4700:110:8627:f11d:adca:dbae:2836/128"
      ],
      "mtu": 1280,
      "peer_public_key": "bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo=",  //<--固定的
      "pre_shared_key": "",
      "private_key": "4LcP/e82/7FXxFr6SXWMgk1eRL3G77QgVnNoA9FX+Hs="  //<--替换这个
    }

我们产生的warp配置文件主要需要替换这几个东西:

server相关配置
私钥
reserved bit //这个类似于设备id, 详细见wgcf的patch.

其他如公钥基本是固定的, local_address可以自己改, 如果不将其作为一个网络设备(如tun/wg)的话就不用管.

NekoBox获取

在NekoBox的工具部分, 有这一选项可以直接获取Warp的配置.

wgcf

注意这个项目需要进行进行patch https://github.com/siq0o/wgcf/commit/a0370c3efb2dd3f1433a58bf1461ba9f6c1f049c 才可以得到reserved bit.

wgcf register

产生wgcf-account.toml文件, 如下

access_token = 'ec4fb59c-e3e9-40b4-958e-29311995781b'  
device_id = '1b2134b3-c4f5-4e31-ab4c-ef0a7acf1817'  
license_key = 'T8PF59Y4-n6GjC934-tUO6r142'  
private_key = 'iMRrO07h5o/9c2n3dyCtirUqGe0P5y03TVzXAcCO+3I='
^^^^^^^^^^^
#我们需要这个

在线获取

就工具里面提到的几个网址, 其他步骤相同.

连接

Sing-box

作为Sing-box的一个Outbound进行使用. 可以搭配TUN设备/暴露为WireGuard设备/分流规则/负载均衡等进行更高级的使用.

NekoRay

需要更改内核为sing-box. Server->New Profile-> Custom(sing-box outbound) 将我们得到的SingBox Outbound 配置复制进去即可. ![[Pasted image 20240413173208.png|Pasted image 20240413173208.png]]

优选IP

https://gitlab.com/Misaka-blog/warp-script#warp-endpoint-ip-%E4%BC%98%E9%80%89%E8%84%9A%E6%9C%AC

Windows

https://gitlab.com/Misaka-blog/warp-script/-/blob/main/files/warp-yxip/warp-yxip-win.7z

Linux

wget -N https://gitlab.com/Misaka-blog/warp-script/-/raw/main/files/warp-yxip/warp-yxip.sh && bash warp-yxip.sh

![[Pasted image 20240413173045.png|Pasted image 20240413173045.png]] ![[Pasted image 20240413173106.png|Pasted image 20240413173106.png]] 将engage.cloudflareclient.com:2408 替换成相应ip和端口即可.

安全性

关于 Cloudflare Warp 的一些细节以及是否暴露访客真实 IP 的测试 : https://blog.skk.moe/post/something-about-cf-warp/

From a technical perspective, WARP is a VPN. But it is designed for a very different audience than a traditional VPN. WARP is not designed to allow you to access geo-restricted content when you’re traveling. It will not hide your IP address from the websites you visit.

当目的服务器也在使用Cloudflare的时候, 就可能会暴露真实的ip地址.

Ref

在 NekoRay 使用 WireGuard WARP 节点 https://blog.misaka.rest/2023/03/25/nekoray-warp/?highlight=nekoray 优选WARP的EndPoint IP，提高本地WARP节点访问性并修改各客户端的EndPoint IP https://blog.misaka.rest/2023/03/12/cf-warp-yxip/ https://sing-box.sagernet.org/configuration/outbound/wireguard/ https://matsuridayo.github.io/n-configuration/ https://gitlab.com/Misaka-blog/warp-script https://gitlab.com/ProjectWARP/warp-go