vyos配置大全

博主： admin
发布时间：2023 年 11 月 03 日
38 次浏览
暂无评论
11448字数
分类：网络技术 vyos

设置主机名

set system host-name 'vrouter-xx'

开启SSH服务

set service ssh listen-address '192.168.20.1'
set service ssh listen-address '11.213.12.250'
set service ssh port '50022'

配置静态路由

set protocols static route 0.0.0.0/0 next-hop '69.213.12.249'
set protocols static route 10.0.0.0/8 next-hop '192.168.20.2'
set protocols static route 172.16.0.0/16 next-hop '192.168.20.2'

开启DNS转发服务

set service dns forwarding cache-size '150'
set service dns forwarding listen-on 'eth0.2'
set service dns forwarding name-server '223.5.5.5'
set service dns forwarding name-server '223.6.6.6'
set service dns forwarding 'system'

配置本地DNS域名服务器

set system name-server '223.5.5.5'
set system name-server '223.6.6.6'

设置用户

set system login user root authentication encrypted-password '111'
set system login user root authentication plaintext-password ''
set system login user root level 'admin'
set system login user vyos authentication encrypted-password '111'
set system login user vyos authentication plaintext-password ''
set system login user vyos level 'admin'

设置NTP服务器

set system ntp server '0.pool.ntp.org'
set system ntp server '1.pool.ntp.org'
set system ntp server '2.pool.ntp.org'

配置接口（不带VLAN标签）

set interfaces ethernet eth0 duplex 'auto'
set interfaces ethernet eth0 hw-id '00:0c:29:9a:b3:a6'
set interfaces ethernet eth0 smp_affinity 'auto'
set interfaces ethernet eth0 speed 'auto'
set interfaces ethernet eth0 address '192.168.20.1/29'
set interfaces ethernet eth0 description 'connect to sw-core'

配置接口（带VLAN标签）

set interfaces ethernet eth0 duplex 'auto'
set interfaces ethernet eth0 hw-id '00:0c:29:9a:b3:a6'
set interfaces ethernet eth0 smp_affinity 'auto'
set interfaces ethernet eth0 speed 'auto'
set interfaces ethernet eth0 vif 2 address '192.168.20.1/29'
set interfaces ethernet eth0 vif 2 description 'connect to sw-core'
set interfaces ethernet eth0 vif 3 address '111.213.12.250/29'
set interfaces ethernet eth0 vif 3 address '111.213.12.251/29'
set interfaces ethernet eth0 vif 3 description 'connect to wan'
set interfaces ethernet eth0 vif '10'
set interfaces ethernet eth0 vif 20 address '172.16.20.250/24'

配置NAT（目的NAT）

set nat destination rule 10 description 'Port Forward: HTTP to 192.168.0.100'
set nat destination rule 10 destination port '80'
set nat destination rule 10 inbound-interface 'eth0'
set nat destination rule 10 protocol 'tcp'
set nat destination rule 10 translation address '192.168.0.100'

配置NAT（域内NAT（Hairpin NAT/NAT Reflection））

set nat destination rule 110 description 'NAT Reflection: INSIDE'
set nat destination rule 110 destination port '3389'
set nat destination rule 110 inbound-interface 'eth0.10'
set nat destination rule 110 protocol 'tcp'
set nat destination rule 110 translation address '192.0.2.40'

set nat source rule 110 description 'NAT Reflection: INSIDE'
set nat source rule 110 destination address '192.0.2.0/24'
set nat source rule 110 outbound-interface 'eth0.10'
set nat source rule 110 protocol 'tcp'
set nat source rule 110 source address '192.0.2.0/24'
set nat source rule 110 translation address 'masquerade'

配置NAT（1-to-1 NAT）

set interfaces ethernet eth0 address '192.168.1.1/24'
set interfaces ethernet eth0 description 'Inside interface'
set interfaces ethernet eth1 address '192.0.2.30/24'
set interfaces ethernet eth1 description 'Outside interface'
set nat destination rule 2000 description '1-to-1 NAT example'
set nat destination rule 2000 destination address '192.0.2.30'
set nat destination rule 2000 inbound-interface 'eth1'
set nat destination rule 2000 translation address '192.168.1.10'
set nat source rule 2000 description '1-to-1 NAT example'
set nat source rule 2000 outbound-interface 'eth1'
set nat source rule 2000 source address '192.168.1.10'
set nat source rule 2000 translation address '192.0.2.30'

配置NAT（源NAT）

set nat source rule 100 outbound-interface 'eth0.3'
set nat source rule 100 source address '0.0.0.0/0'
set nat source rule 100 translation address 'masquerade'

set nat source rule 101 outbound-interface 'eth0.20'
set nat source rule 101 source address '0.0.0.0/0'
set nat source rule 101 translation address 'masquerade'

禁用IPv6

set system ipv6 'disable'

配置pbr

    # PBR
    
    ## 感兴趣流量
    edit policy route LAN-1 rule 10
    set destination address 0.0.0.0/0
    set source address 10.5.0.0/24
    set set table 1
    up
    edit rule 20
    set destination address 0.0.0.0/0
    set source address 10.5.1.0/24
    set set table 2
    up
    edit rule 30
    set destination address 0.0.0.0/0
    set source address 0.0.0.0/0
    set set table main
    commit

## 路由表，或者说下一跳
set protocols static table 1 route 0.0.0.0/0 next-hop 198.51.100.1
set protocols static table 2 route 0.0.0.0/0 next-hop 203.0.113.1

## 从哪个接口匹配感兴趣流量
set interfaces ethernet eth1 vif 101 policy route LAN-1
commit

proxy-arp

set interfaces ethernet ethX vif 1 ip enable-proxy-arp

查询路由信息

show ip route

查询接口信息

show interface brief

配置dhcp

set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 start '192.168.1.100' stop '192.168.1.200'

ipv6

# 配置接口ipv6
set interfaces ethernet eth0 address '2001:db8::1/64'

# 启用ipv6路由
set protocols static route6 ::/0 next-hop '2001:db8::2'

# 设置ipv6NDP代理（如果需要）
set interfaces ethernet eth0 ipv6 router-advert prefix '2001:db8::/64' send-advert true

# 配置IPv6防火墙规则
set firewall ipv6-name OUTSIDE-IN default-action 'drop'
set firewall ipv6-name OUTSIDE-IN rule 10 action 'accept'
set firewall ipv6-name OUTSIDE-IN rule 10 state established 'enable'
set firewall ipv6-name OUTSIDE-IN rule 10 state related 'enable'
set firewall ipv6-name OUTSIDE-IN rule 20 action 'accept'
set firewall ipv6-name OUTSIDE-IN rule 20 destination port '80'

# 启用IPv6 DHCPv6服务器（如果需要）
set service dhcpv6-server shared-network-name LAN subnet 2001:db8::/64 start '2001:db8::100' stop '2001:db8::200'

l2tp vpn

# l2tp
set vpn ipsec ipsec-interfaces interface 'eth0'
set vpn ipsec nat-networks allowed-network '0.0.0.0/0'
set vpn ipsec nat-traversal 'enable'
set vpn l2tp remote-access authentication local-users username 111 password '111'
set vpn l2tp remote-access authentication local-users username 112 password '111'
set vpn l2tp remote-access authentication local-users username 113 password '111'
set vpn l2tp remote-access authentication mode 'local'
set vpn l2tp remote-access client-ip-pool start '192.168.12.100'
set vpn l2tp remote-access client-ip-pool stop '192.168.12.200'
set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret'
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret '111'
set vpn l2tp remote-access outside-address '111'
set vpn l2tp remote-access dns-servers server-1 '223.5.5.5'"
pptp vpn    "set vpn pptp remote-access authentication local-users username 111 password '111@123'
set vpn pptp remote-access authentication local-users username 112 password '111@123'
set vpn pptp remote-access authentication local-users username 113 password '111@123'
set vpn pptp remote-access authentication mode 'local'
set vpn pptp remote-access client-ip-pool start '192.168.14.1'
set vpn pptp remote-access client-ip-pool stop '192.168.14.200'
set vpn pptp remote-access dns-servers server-1 '223.5.5.5'
set vpn pptp remote-access mtu '1360'
set vpn pptp remote-access outside-address '111'
 
 
delete vpn pptp remote-access authentication local-users username 111 password '111@123'
delete vpn pptp remote-access authentication local-users username 112 password '111@123'
1
delete vpn pptp remote-access authentication mode 'local'
delete vpn pptp remote-access client-ip-pool start '192.168.14.1'
delete vpn pptp remote-access client-ip-pool stop '192.168.14.200'
delete vpn pptp remote-access dns-servers server-1 '223.5.5.5'
delete vpn pptp remote-access mtu '1360'
delete vpn pptp remote-access outside-address '111'

ipsec vpn

# ipsec
set vpn ipsec ipsec-interfaces interface eth0
set vpn ipsec ike-group IKE-1W proposal 1
set vpn ipsec ike-group IKE-1W proposal 1 encryption 3des
set vpn ipsec ike-group IKE-1W proposal 1 hash sha1
set vpn ipsec ike-group IKE-1W proposal 1 dh-group 2
set vpn ipsec ike-group IKE-1W lifetime 3600
show vpn ipsec ike-group IKE-1W
set vpn ipsec esp-group ESP-1W proposal 1
show vpn ipsec esp-group
set vpn ipsec esp-group ESP-1W proposal 1 encryption 3des
set vpn ipsec esp-group ESP-1W proposal 1 hash sha1
set vpn ipsec esp-group ESP-1W lifetime 1800
show vpn ipsec esp-group ESP-1W
edit vpn ipsec site-to-site peer 111
set authentication mode pre-shared-secret
set authentication pre-shared-secret 111
set default-esp-group ESP-1W
set ike-group IKE-1W
set local-address 69.211.159.138
set tunnel 1 local prefix 10.255.187.0/24
set tunnel 1 remote prefix 192.168.0.0/16
top
commit
show vpn ipsec sa
show vpn ipsec status
set nat source rule 5 destination address '192.168.0.0/16'
set nat source rule 5 'exclude'
set nat source rule 5 outbound-interface 'eth0'
set nat source rule 5 source address '10.255.187.0/24'
set nat source rule 10 outbound-interface 'eth0'
set nat source rule 10 source address '10.255.187.0/24'
set nat source rule 10 translation address 'masquerade'
commit

# nat
set nat destination rule 600 description 'dahua-15-tcp22'
set nat destination rule 600 destination address '111'
set nat destination rule 600 destination port '60022'
set nat destination rule 600 inbound-interface 'any'
set nat destination rule 600 protocol 'tcp'
set nat destination rule 600 translation address '10.2.5.15'
set nat destination rule 600 translation port '22'

# l2tp/ipsec

conf
set interface ethernet lo
set vpn ipsec ipsec-interfaces interface 'lo'
set vpn ipsec nat-networks allowed-network '0.0.0.0/0'
set vpn ipsec nat-traversal 'enable'
set vpn l2tp remote-access authentication local-users username test password 'test'
set vpn l2tp remote-access authentication mode 'local'
set vpn l2tp remote-access client-ip-pool start '192.168.12.100'
set vpn l2tp remote-access client-ip-pool stop '192.168.12.200'
set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret'
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret 'test'
set vpn l2tp remote-access outside-address '111'
set vpn l2tp remote-access dns-servers server-1 '223.5.5.5'

最后修改：2023 年 11 月 03 日

如果觉得我的文章对你有用，请随意赞赏

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

评论 *

私密评论

名称 *

🎲

邮箱 *

地址

vyos配置大全

admin • 2023 年 11 月 03 日

<h1>设置主机名</h1><pre><code>set system host-name 'vrouter-xx'
</code></pre><h1>开启SSH服务</h1><pre><code>set service ssh listen-address '192.168.20.1'
set service ssh listen-address '11.213.12.250'
set service ssh port '50022'
</code></pre><h1>配置静态路由</h1><pre><code>set protocols static route 0.0.0.0/0 next-hop '69.213.12.249'
set protocols static route 10.0.0.0/8 next-hop '192.168.20.2'
set protocols static route 172.16.0.0/16 next-hop '192.168.20.2'
</code></pre><h1>开启DNS转发服务</h1><pre><code>set service dns forwarding cache-size '150'
set service dns forwarding listen-on 'eth0.2'
set service dns forwarding name-server '223.5.5.5'
set service dns forwarding name-server '223.6.6.6'
set service dns forwarding 'system'
</code></pre><h1>配置本地DNS域名服务器</h1><pre><code>set system name-server '223.5.5.5'
set system name-server '223.6.6.6'
</code></pre><h1>设置用户</h1><pre><code>set system login user root authentication encrypted-password '111'
set system login user root authentication plaintext-password ''
set system login user root level 'admin'
set system login user vyos authentication encrypted-password '111'
set system login user vyos authentication plaintext-password ''
set system login user vyos level 'admin'
</code></pre><h1>设置NTP服务器</h1><pre><code>set system ntp server '0.pool.ntp.org'
set system ntp server '1.pool.ntp.org'
set system ntp server '2.pool.ntp.org'
</code></pre><h1>配置接口（不带VLAN标签）</h1><pre><code>set interfaces ethernet eth0 duplex 'auto'
set interfaces ethernet eth0 hw-id '00:0c:29:9a:b3:a6'
set interfaces ethernet eth0 smp_affinity 'auto'
set interfaces ethernet eth0 speed 'auto'
set interfaces ethernet eth0 address '192.168.20.1/29'
set interfaces ethernet eth0 description 'connect to sw-core'
</code></pre><h1>配置接口（带VLAN标签）</h1><pre><code>set interfaces ethernet eth0 duplex 'auto'
set interfaces ethernet eth0 hw-id '00:0c:29:9a:b3:a6'
set interfaces ethernet eth0 smp_affinity 'auto'
set interfaces ethernet eth0 speed 'auto'
set interfaces ethernet eth0 vif 2 address '192.168.20.1/29'
set interfaces ethernet eth0 vif 2 description 'connect to sw-core'
set interfaces ethernet eth0 vif 3 address '111.213.12.250/29'
set interfaces ethernet eth0 vif 3 address '111.213.12.251/29'
set interfaces ethernet eth0 vif 3 description 'connect to wan'
set interfaces ethernet eth0 vif '10'
set interfaces ethernet eth0 vif 20 address '172.16.20.250/24'
</code></pre><h1>配置NAT（目的NAT）</h1><pre><code>set nat destination rule 10 description 'Port Forward: HTTP to 192.168.0.100'
set nat destination rule 10 destination port '80'
set nat destination rule 10 inbound-interface 'eth0'
set nat destination rule 10 protocol 'tcp'
set nat destination rule 10 translation address '192.168.0.100'

</code></pre><h1>配置NAT（域内NAT（Hairpin NAT/NAT Reflection））</h1><pre><code>set nat destination rule 110 description 'NAT Reflection: INSIDE'
set nat destination rule 110 destination port '3389'
set nat destination rule 110 inbound-interface 'eth0.10'
set nat destination rule 110 protocol 'tcp'
set nat destination rule 110 translation address '192.0.2.40'

set nat source rule 110 description 'NAT Reflection: INSIDE'
set nat source rule 110 destination address '192.0.2.0/24'
set nat source rule 110 outbound-interface 'eth0.10'
set nat source rule 110 protocol 'tcp'
set nat source rule 110 source address '192.0.2.0/24'
set nat source rule 110 translation address 'masquerade'
</code></pre><h1>配置NAT（1-to-1 NAT）</h1><pre><code>set interfaces ethernet eth0 address '192.168.1.1/24'
set interfaces ethernet eth0 description 'Inside interface'
set interfaces ethernet eth1 address '192.0.2.30/24'
set interfaces ethernet eth1 description 'Outside interface'
set nat destination rule 2000 description '1-to-1 NAT example'
set nat destination rule 2000 destination address '192.0.2.30'
set nat destination rule 2000 inbound-interface 'eth1'
set nat destination rule 2000 translation address '192.168.1.10'
set nat source rule 2000 description '1-to-1 NAT example'
set nat source rule 2000 outbound-interface 'eth1'
set nat source rule 2000 source address '192.168.1.10'
set nat source rule 2000 translation address '192.0.2.30'
</code></pre><h1>配置NAT（源NAT）</h1><pre><code>set nat source rule 100 outbound-interface 'eth0.3'
set nat source rule 100 source address '0.0.0.0/0'
set nat source rule 100 translation address 'masquerade'

set nat source rule 101 outbound-interface 'eth0.20'
set nat source rule 101 source address '0.0.0.0/0'
set nat source rule 101 translation address 'masquerade'
</code></pre><h1>禁用IPv6</h1><pre><code>set system ipv6 'disable'
</code></pre><h1>配置pbr</h1><pre><code>    # PBR
    
    ## 感兴趣流量
    edit policy route LAN-1 rule 10
    set destination address 0.0.0.0/0
    set source address 10.5.0.0/24
    set set table 1
    up
    edit rule 20
    set destination address 0.0.0.0/0
    set source address 10.5.1.0/24
    set set table 2
    up
    edit rule 30
    set destination address 0.0.0.0/0
    set source address 0.0.0.0/0
    set set table main
    commit

## 路由表，或者说下一跳
set protocols static table 1 route 0.0.0.0/0 next-hop 198.51.100.1
set protocols static table 2 route 0.0.0.0/0 next-hop 203.0.113.1

## 从哪个接口匹配感兴趣流量
set interfaces ethernet eth1 vif 101 policy route LAN-1
commit
</code></pre><h1>proxy-arp</h1><pre><code>set interfaces ethernet ethX vif 1 ip enable-proxy-arp
</code></pre><h1>查询路由信息</h1><pre><code>show ip route
</code></pre><h1>查询接口信息</h1><pre><code>show interface brief
</code></pre><h1>配置dhcp</h1><pre><code>set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 start '192.168.1.100' stop '192.168.1.200'
</code></pre><h1>ipv6</h1><pre><code># 配置接口ipv6
set interfaces ethernet eth0 address '2001:db8::1/64'

# 启用ipv6路由
set protocols static route6 ::/0 next-hop '2001:db8::2'

# 设置ipv6NDP代理（如果需要）
set interfaces ethernet eth0 ipv6 router-advert prefix '2001:db8::/64' send-advert true

# 配置IPv6防火墙规则
set firewall ipv6-name OUTSIDE-IN default-action 'drop'
set firewall ipv6-name OUTSIDE-IN rule 10 action 'accept'
set firewall ipv6-name OUTSIDE-IN rule 10 state established 'enable'
set firewall ipv6-name OUTSIDE-IN rule 10 state related 'enable'
set firewall ipv6-name OUTSIDE-IN rule 20 action 'accept'
set firewall ipv6-name OUTSIDE-IN rule 20 destination port '80'

# 启用IPv6 DHCPv6服务器（如果需要）
set service dhcpv6-server shared-network-name LAN subnet 2001:db8::/64 start '2001:db8::100' stop '2001:db8::200'

</code></pre><h1>l2tp vpn</h1><pre><code># l2tp
set vpn ipsec ipsec-interfaces interface 'eth0'
set vpn ipsec nat-networks allowed-network '0.0.0.0/0'
set vpn ipsec nat-traversal 'enable'
set vpn l2tp remote-access authentication local-users username 111 password '111'
set vpn l2tp remote-access authentication local-users username 112 password '111'
set vpn l2tp remote-access authentication local-users username 113 password '111'
set vpn l2tp remote-access authentication mode 'local'
set vpn l2tp remote-access client-ip-pool start '192.168.12.100'
set vpn l2tp remote-access client-ip-pool stop '192.168.12.200'
set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret'
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret '111'
set vpn l2tp remote-access outside-address '111'
set vpn l2tp remote-access dns-servers server-1 '223.5.5.5'&quot;
pptp vpn    &quot;set vpn pptp remote-access authentication local-users username 111 password '111@123'
set vpn pptp remote-access authentication local-users username 112 password '111@123'
set vpn pptp remote-access authentication local-users username 113 password '111@123'
set vpn pptp remote-access authentication mode 'local'
set vpn pptp remote-access client-ip-pool start '192.168.14.1'
set vpn pptp remote-access client-ip-pool stop '192.168.14.200'
set vpn pptp remote-access dns-servers server-1 '223.5.5.5'
set vpn pptp remote-access mtu '1360'
set vpn pptp remote-access outside-address '111'
 
 
delete vpn pptp remote-access authentication local-users username 111 password '111@123'
delete vpn pptp remote-access authentication local-users username 112 password '111@123'
1
delete vpn pptp remote-access authentication mode 'local'
delete vpn pptp remote-access client-ip-pool start '192.168.14.1'
delete vpn pptp remote-access client-ip-pool stop '192.168.14.200'
delete vpn pptp remote-access dns-servers server-1 '223.5.5.5'
delete vpn pptp remote-access mtu '1360'
delete vpn pptp remote-access outside-address '111'
</code></pre><h1>ipsec vpn</h1><pre><code># ipsec
set vpn ipsec ipsec-interfaces interface eth0
set vpn ipsec ike-group IKE-1W proposal 1
set vpn ipsec ike-group IKE-1W proposal 1 encryption 3des
set vpn ipsec ike-group IKE-1W proposal 1 hash sha1
set vpn ipsec ike-group IKE-1W proposal 1 dh-group 2
set vpn ipsec ike-group IKE-1W lifetime 3600
show vpn ipsec ike-group IKE-1W
set vpn ipsec esp-group ESP-1W proposal 1
show vpn ipsec esp-group
set vpn ipsec esp-group ESP-1W proposal 1 encryption 3des
set vpn ipsec esp-group ESP-1W proposal 1 hash sha1
set vpn ipsec esp-group ESP-1W lifetime 1800
show vpn ipsec esp-group ESP-1W
edit vpn ipsec site-to-site peer 111
set authentication mode pre-shared-secret
set authentication pre-shared-secret 111
set default-esp-group ESP-1W
set ike-group IKE-1W
set local-address 69.211.159.138
set tunnel 1 local prefix 10.255.187.0/24
set tunnel 1 remote prefix 192.168.0.0/16
top
commit
show vpn ipsec sa
show vpn ipsec status
set nat source rule 5 destination address '192.168.0.0/16'
set nat source rule 5 'exclude'
set nat source rule 5 outbound-interface 'eth0'
set nat source rule 5 source address '10.255.187.0/24'
set nat source rule 10 outbound-interface 'eth0'
set nat source rule 10 source address '10.255.187.0/24'
set nat source rule 10 translation address 'masquerade'
commit

# nat
set nat destination rule 600 description 'dahua-15-tcp22'
set nat destination rule 600 destination address '111'
set nat destination rule 600 destination port '60022'
set nat destination rule 600 inbound-interface 'any'
set nat destination rule 600 protocol 'tcp'
set nat destination rule 600 translation address '10.2.5.15'
set nat destination rule 600 translation port '22'

# l2tp/ipsec

conf
set interface ethernet lo
set vpn ipsec ipsec-interfaces interface 'lo'
set vpn ipsec nat-networks allowed-network '0.0.0.0/0'
set vpn ipsec nat-traversal 'enable'
set vpn l2tp remote-access authentication local-users username test password 'test'
set vpn l2tp remote-access authentication mode 'local'
set vpn l2tp remote-access client-ip-pool start '192.168.12.100'
set vpn l2tp remote-access client-ip-pool stop '192.168.12.200'
set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret'
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret 'test'
set vpn l2tp remote-access outside-address '111'
set vpn l2tp remote-access dns-servers server-1 '223.5.5.5'

</code></pre>

设置主机名

开启SSH服务

配置静态路由

开启DNS转发服务

配置本地DNS域名服务器

设置用户

设置NTP服务器

配置接口（不带VLAN标签）

配置接口（带VLAN标签）

配置NAT（目的NAT）

配置NAT（域内NAT（Hairpin NAT/NAT Reflection））

配置NAT（1-to-1 NAT）

配置NAT（源NAT）

禁用IPv6

配置pbr

proxy-arp

查询路由信息

查询接口信息

配置dhcp

ipv6

l2tp vpn

ipsec vpn

发表评论 取消回复 使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

vyos配置大全

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款