{"id":439,"date":"2026-01-26T09:01:21","date_gmt":"2026-01-26T09:01:21","guid":{"rendered":"https:\/\/blog.gpst.net.cn:4008\/?p=439"},"modified":"2026-01-28T06:24:13","modified_gmt":"2026-01-28T06:24:13","slug":"%e6%90%ad%e5%bb%baopenvpn","status":"publish","type":"post","link":"https:\/\/opshub.com.cn\/?p=439","title":{"rendered":"\u642d\u5efaopenvpn"},"content":{"rendered":"\n
cat \/dev\/net\/tun<\/code><\/pre>\n\n\n\n
\u82e5\u8fd4\u56de\u4fe1\u606f\u4e3a\uff1acat: \/dev\/net\/tun: File descriptor in bad state \u8bf4\u660etun\/tap\u5df2\u7ecf\u53ef\u4ee5\u4f7f\u7528\uff1b \u5982\u679c\u8fd4\u56de\uff1acat: \/dev\/net\/tun: No such device \u6216\u5176\u4ed6\u5219\u8bf4\u660etun\/tap\u6ca1\u6709\u88ab\u6b63\u786e\u914d\u7f6e\uff0c\u53d1TK\u8054\u7cfb\u5ba2\u670d\u7533\u8bf7\u5f00\u901atun\/tap\u3002<\/p>\n\n\n\n
apt-get install openvpn lzop<\/code><\/pre>\n\n\n\n
\u4f7f\u7528easyrsa3\u5236\u4f5c\u8bc1\u4e66<\/h1>\n\n\n\n
\u4e0b\u8f7d\uff1ahttps:\/\/github.com\/OpenVPN\/easy-rsa\/releases\/download\/v3.1.7\/EasyRSA-3.1.7.tgz<\/a><\/p>\n\n\n\n
1.vars\u6587\u4ef6\u8bbe\u7f6e\uff1a<\/p>\n\n\n\n
if [ -z \"$EASYRSA_CALLER\" ]; then\n        echo \"You appear to be sourcing an Easy-RSA *vars* file. This is\" >&2\n        echo \"no longer necessary and is disallowed. See the section called\" >&2\n        echo \"*How to use this file* near the top comments for more details.\" >&2\n        return 1\nfi\nset_var EASYRSA_DN      \"cn_only\"\nset_var EASYRSA_NS_SUPPORT      \"yes\"\nset_var EASYRSA_CERT_EXPIRE    7300\nset_var EASYRSA_CA_EXPIRE      14600<\/code><\/pre>\n\n\n\n
2.\u670d\u52a1\u7aef\uff1a<\/p>\n\n\n\n
.\/easyrsa init-pki\n.\/easyrsa build-ca nopass\n.\/easyrsa gen-req server nopass\n.\/easyrsa sign server server\n.\/easyrsa gen-dh<\/code><\/pre>\n\n\n\n
3.\u5ba2\u6237\u7aef\uff1a \u521b\u5efaclient\u7aef\u8bc1\u4e66\uff0c\u9700\u8981\u5355\u72ec\u628aeasyrsa3\u6587\u4ef6\u5939\u62f7\u8d1d\u51fa\u6765\u4e00\u4efd\uff0c\u5220\u9664\u91cc\u9762\u7684PKI\u76ee\u5f55\uff0c\u7136\u540e\u8fdb\u5165\u5230\u6b64\u76ee\u5f55<\/p>\n\n\n\n
root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# cp -r EasyRSA-3.1.7 EasyRSA-3.1.7-c1<\/p>\n\n\n\n
root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# cd EasyRSA-3.1.7-c1\/<\/p>\n\n\n\n
root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn\/EasyRSA-3.1.7-c1# rm -rf pki\/<\/p>\n\n\n\n
.\/easyrsa init-pki\n.\/easyrsa gen-req client nopass\ncd ..\/EasyRSA-3.1.7\n.\/easyrsa import-req ..\/EasyRSA-3.1.7-c1\/pki\/reqs\/client.req client\n.\/easyrsa sign client client<\/code><\/pre>\n\n\n\n
\u81f3\u6b64\uff0cserver\u548cclient\u7aef\u8bc1\u4e66\u5df2\u5236\u4f5c\u5b8c\u6bd5<\/p>\n\n\n\n
openvpn server\u7aef\u9700\u8981\u7684\u662f<\/p>\n\n\n\n
\/etc\/openvpn\/EasyRSA-3.1.7\/pki\/ca.crt   <\u5236\u4f5cserver\u8bc1\u4e66\u7684\u6587\u4ef6\u5939><\/p>\n\n\n\n
\/etc\/openvpn\/EasyRSA-3.1.7\/pki\/private\/server.key <\u5236\u4f5cserver\u8bc1\u4e66\u7684\u6587\u4ef6\u5939><\/p>\n\n\n\n
\/etc\/openvpn\/EasyRSA-3.1.7\/pki\/issued\/server.crt <\u5236\u4f5cserver\u8bc1\u4e66\u7684\u6587\u4ef6\u5939><\/p>\n\n\n\n
\/etc\/openvpn\/EasyRSA-3.1.7\/pki\/dh.pem<\/p>\n\n\n\n
openvpn client\u7aef\u9700\u8981\u7684\u662f<\/p>\n\n\n\n
\/etc\/openvpn\/EasyRSA-3.1.7\/pki\/ca.crt <\u5236\u4f5cserver\u8bc1\u4e66\u7684\u6587\u4ef6\u5939><\/p>\n\n\n\n
\/etc\/openvpn\/EasyRSA-3.1.7\/pki\/issued\/client.crt <\u5236\u4f5cserver\u8bc1\u4e66\u7684\u6587\u4ef6\u5939><\/p>\n\n\n\n
\/etc\/openvpn\/EasyRSA-3.1.7-c1\/pki\/private\/client.key <\u5236\u4f5cclient\u8bc1\u4e66\u7684\u6587\u4ef6\u5939><\/p>\n\n\n\n
root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# mkdir config<\/p>\n\n\n\n
root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# cp EasyRSA-3.1.7\/pki\/ca.crt config\/<\/p>\n\n\n\n
root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# cp EasyRSA-3.1.7\/pki\/dh.pem config\/<\/p>\n\n\n\n
root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# cp EasyRSA-3.1.7\/pki\/issued\/server.crt config\/<\/p>\n\n\n\n
root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# cp EasyRSA-3.1.7\/pki\/private\/server.key config\/<\/p>\n\n\n\n
\u670d\u52a1\u7aef\u914d\u7f6e\uff1a<\/p>\n\n\n\n
root@iZ2zeeymlvj6czzwa25q5pZ:~# useradd -s \/sbin\/nologin openvpn<\/p>\n\n\n\n
root@iZ2zeeymlvj6czzwa25q5pZ:~# mkdir \/var\/log\/openvpn<\/p>\n\n\n\n
root@iZ2zeeymlvj6czzwa25q5pZ:~# chown -R openvpn:openvpn \/var\/log\/openvpn<\/p>\n\n\n\n
port 28711\nproto tcp\ndev tun\nca \/etc\/openvpn\/config\/ca.crt\ncert \/etc\/openvpn\/config\/server.crt\nkey \/etc\/openvpn\/config\/server.key\ndh \/etc\/openvpn\/config\/dh.pem\nserver 10.17.146.0 255.255.255.0\nkeepalive 10 120\ncipher AES-256-CBC\ncompress lz4-v2\npush \"compress lz4-v2\"\nmax-clients 100\nuser openvpn\ngroup openvpn\nifconfig-pool-persist ipp.txt\nstatus  \/var\/log\/openvpn\/openvpn-status.log\nlog-append \/var\/log\/openvpn\/openvpn.log\nverb 4\nmute 20\nclient-to-client\nduplicate-cn\nclient-config-dir \/etc\/openvpn\/ccd<\/code><\/pre>\n\n\n\n
ccd\u91cc\u9762\u65b0\u5efa\u4e00\u4e2aclient\u6587\u4ef6<\/p>\n\n\n\n
\u5199\u5165\uff1a<\/p>\n\n\n\n
ifconfig-push 10.17.146.5 10.17.146.6<\/code><\/pre>\n\n\n\n
\u6301\u4e45\u5316\u8ba9\u4f7f\u7528client\u8bc1\u4e66\u6587\u4ef6\u7684\u5ba2\u6237\u7aef\u5206\u914d\u9759\u6001IP\uff1a10.17.146.5\u62a5\u9519\uff1a There is a problem in your selection of –ifconfig endpoints [local=10.17.146.7, remote=10.17.146.8]. The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet. This is a limitation of –dev tun when used with the TAP-WIN32 driver. Try ‘openvpn –show-valid-subnets’ option for more info.<\/em>\u9519\u8bef\u5728\uff1a10.17.146.7\/30\u662f10.17.146.4\/30\u5b50\u7f51\u7684\u5e7f\u64ad\u5730\u5740<\/em>\u89e3\u51b3\uff1a\u8fd9\u4e2a\u5b50\u7f51\u53ef\u7528\u7684ip\u662f10.17.146.5-10.17.146.6<\/em><\/p>\n\n\n\n
\u5b50\u7f51\u63a9\u7801\u5728\u7ebf\u8ba1\u7b97\u5668\uff1a<\/em>\u5b50\u7f51\u63a9\u7801\u8ba1\u7b97\u5668-\u5728\u7ebf\u5de5\u5177<\/a><\/p>\n\n\n\n
\u63a8\u9001\u9ed8\u8ba4\u7f51\u5173\uff1a<\/em><\/p>\n\n\n\n
push \"redirect-gateway def1 bypass-dhcp\"\npush \"dhcp-option DNS 8.8.8.8\"\npush \"dhcp-option DNS 1.1.1.1\"<\/code><\/pre>\n\n\n\n
redirect-gateway \u2192 \u63a8\u9001\u9ed8\u8ba4\u7f51\u5173\u3002<\/p>\n\n\n\n
def1 \u2192 \u4e0d\u4f1a\u76f4\u63a5\u8986\u76d6\u539f\u6709\u9ed8\u8ba4\u8def\u7531\uff0c\u800c\u662f\u6dfb\u52a0\u4e24\u6761\u66f4\u7cbe\u786e\u7684 \/1 \u8def\u7531\uff0c\u628a\u6240\u6709\u6d41\u91cf\u5f15\u5230 VPN\u3002\u8fd9\u6837\u5ba2\u6237\u7aef\u539f\u6709\u7684\u7f51\u5173\u914d\u7f6e\u8fd8\u4fdd\u7559\uff0c\u907f\u514d\u8def\u7531\u8868\u9519\u4e71\u3002<\/p>\n\n\n\n
bypass-dhcp \u2192 \u4fdd\u7559\u5ba2\u6237\u7aef\u672c\u5730 DHCP \u7684\u8bbf\u95ee\uff08\u9632\u6b62\u65ad\u7f51\uff09\u3002<\/p>\n\n\n\n
iptables -t nat -A POSTROUTING -s 10.17.146.0\/24 -o enp3s0 -j MASQUERADE<\/p>\n\n\n\n
\u9ed8\u8ba4\u7f51\u5173\u7684\u7f51\u5361\uff1aip route |awk ‘\/^default\/{print $(NF-1)}’<\/p>\n\n\n\n
net.ipv4.ip_forward = 1<\/p>\n\n\n\n
\u5185\u5d4c\u8bc1\u4e66\u3001key\uff1a<\/p>\n\n\n\n
<ca><\/p>\n\n\n\n
<\/ca><\/p>\n\n\n\n
<cert><\/p>\n\n\n\n
<\/cert><\/p>\n\n\n\n
<key><\/p>\n\n\n\n
<\/key><\/p>\n\n\n\n
<dh><\/p>\n\n\n\n
<\/dh><\/p>\n\n\n\n
\u5ba2\u6237\u7aef\u914d\u7f6e<\/p>\n\n\n\n
client\ndev tun\nproto tcp\nremote 210.14.75.1 28711\nresolv-retry infinite\nnobind\nca \/etc\/openvpn\/config\/ca.crt\ncert \/etc\/openvpn\/config\/client.crt\nkey \/etc\/openvpn\/config\/client.key\nremote-cert-tls server\ncipher AES-256-CBC\nverb 3\ncompress lz4-v2\npersist-key\npersist-tun\nkey-direction 1<\/code><\/pre>\n\n\n\n
\u5185\u5d4c\u8bc1\u4e66\u3001key\uff1a<\/p>\n\n\n\n
<ca><\/p>\n\n\n\n
<\/ca><\/p>\n\n\n\n
<cert><\/p>\n\n\n\n
<\/cert><\/p>\n\n\n\n
<key><\/p>\n\n\n\n
<\/key><\/p>\n\n\n\n
\u5ba2\u6237\u7aef\u8bbe\u7f6e\u670d\u52a1\u81ea\u52a8\u542f\u52a8\uff1a\/lib\/systemd\/system\/openvpn.service<\/p>\n\n\n\n
# This service is actually a systemd target,\n# but we are using a service since targets cannot be reloaded.\n\n\n\n\n[Unit]\nDescription=OpenVPN service\nAfter=network.target\n\n\n\n\n[Service]\nExecStart=\/usr\/sbin\/openvpn --config \/etc\/openvpn\/config\/client.conf\n\n\n\n\n[Install]\nWantedBy=multi-user.target\n\n\n\nsystemctl enable --now openvpn<\/code><\/pre>\n\n\n\n
\u670d\u52a1\u7aef\u8bbe\u7f6e\u670d\u52a1\u81ea\u52a8\u542f\u52a8\uff1a\/lib\/systemd\/system\/openvpn.service<\/p>\n\n\n\n
[Unit]\nDescription=OpenVPN Server\nAfter=network.target\nAfter=syslog.target\n\n\n\n\n[Install]\nWantedBy=multi-user.target\n\n\n\n\n[Service]\nExecStart=\/usr\/sbin\/openvpn --config \/etc\/openvpn\/config\/server.conf\nExecStartPost=\/usr\/sbin\/iptables -t nat -A POSTROUTING -s 10.17.146.0\/24 -o enp3s0 -j MASQUERADE\nExecStopPost=\/usr\/sbin\/iptables -t nat -D POSTROUTING -s 10.17.146.0\/24 -o enp3s0 -j MASQUERADE\n\n\n\n\nsystemctl enable --now openvpn<\/code><\/pre>\n\n\n\n
WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless “allow-compression yes” is also set.<\/p>\n\n\n\n
\u8fd9\u4e2a\u8b66\u544a\u4f60\u9047\u5230\u7684\u662f OpenVPN 2.5+ \u7248\u672c\u5f15\u5165\u7684\u538b\u7f29\u7b97\u6cd5\u5b89\u5168\u63d0\u793a\u3002<\/strong><\/p>\n\n\n\n
\u26a0\ufe0f \u4e3a\u4ec0\u4e48\u4f1a\u6709\u8fd9\u4e2a\u8b66\u544a\uff1f<\/h3>\n\n\n\n
    \n
  • \u65e7\u7248\u672c OpenVPN \u5e38\u7528comp-lzo\u6216comp\u6765\u538b\u7f29\u6570\u636e\u3002<\/li>\n\n\n\n
  • \u4f46\u538b\u7f29\u7ed3\u5408\u52a0\u5bc6\uff0c\u4f1a\u5bfc\u81f4\u6f5c\u5728\u7684CRIME\/BREACH<\/strong>\u653b\u51fb\uff08\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6570\u636e\u538b\u7f29\u7684\u7279\u6027\u63a8\u6d4b\u5bc6\u6587\u4e2d\u7684\u5185\u5bb9\uff09\u3002<\/li>\n\n\n\n
  • \u6240\u4ee5\u65b0\u7248\u672c OpenVPN\u9ed8\u8ba4\u7981\u7528\u538b\u7f29<\/strong>\uff0c\u5982\u679c\u914d\u7f6e\u4e2d\u5199\u4e86comp-lzo\u6216compress\uff0c\u5c31\u4f1a\u7ed9\u51fa\u8fd9\u4e2a WARNING\u3002<\/li>\n<\/ul>\n\n\n\n
    \u89e3\u51b3\u65b9\u6cd5\uff1a<\/p>\n\n\n\n
    \u4e0d\u5199comp-lzo\u6216compress\u3002<\/p>\n\n\n\n
    \n\n\n\n
    Fri Oct 10 17:10:41 2025 MANAGEMENT: >STATE:1760087441,RESOLVE,,,,,,<\/p>\n\n\n\n
    Fri Oct 10 17:10:41 2025 TCP\/UDP: Preserving recently used remote address: [AF_INET]58.212.110.190:28711<\/p>\n\n\n\n
    Fri Oct 10 17:10:41 2025 ovpn-dco device [OpenVPN Data Channel Offload] opened<\/p>\n\n\n\n
    Fri Oct 10 17:11:02 2025 dco connect error: \u4fe1\u53f7\u706f\u8d85\u65f6\u65f6\u95f4\u5df2\u5230   (errno=121)<\/p>\n\n\n\n
    Fri Oct 10 17:11:02 2025 Closing DCO interface<\/p>\n\n\n\n
    Fri Oct 10 17:11:02 2025 SIGUSR1[soft,dco-connect-error] received, process restarting<\/p>\n\n\n\n
    Fri Oct 10 17:11:02 2025 MANAGEMENT: >STATE:1760087462,RECONNECTING,dco-connect-error,,,,,<\/p>\n\n\n\n
    \u8fd9\u4e2a\u65e5\u5fd7\u8868\u660e\u4f60\u7684OpenVPN \u542f\u7528\u4e86 DCO\uff08Data Channel Offload\uff09\u6a21\u5f0f<\/strong>\uff0c\u4f46\u5728\u8fde\u63a5\u9636\u6bb5\u9047\u5230\u4e86\u9a71\u52a8\u5c42\u7684\u8d85\u65f6\u9519\u8bef (errno=121, \u4fe1\u53f7\u706f\u8d85\u65f6)<\/strong>\u3002<\/p>\n\n\n\n
    \u539f\u56e0\uff1a \u7f51\u7edc\u8bbe\u5907\u6216\u9632\u706b\u5899\u963b\u6b62\u4e86\u96a7\u9053\u521d\u59cb\u5316<\/p>\n\n\n\n
    \u89e3\u51b3\u65b9\u6cd5\uff1asystemctl stop firewalld;systemctl disable firewalld<\/p>\n","protected":false},"excerpt":{"rendered":"
    \u82e5\u8fd4\u56de\u4fe1\u606f\u4e3a\uff1acat: \/dev\/net\/tun: File descriptor in bad state \u8bf4\u660etun\/tap\u5df2\u7ecf\u53ef\u4ee5\u4f7f\u7528\uff1b \u5982\u679c\u8fd4\u56de\uff1acat: \/dev\/net\/tun: No such device \u6216\u5176\u4ed6\u5219\u8bf4\u660etun\/tap\u6ca1\u6709\u88ab\u6b63\u786e\u914d\u7f6e\uff0c\u53d1TK\u8054\u7cfb\u5ba2\u670d\u7533\u8bf7\u5f00\u901atun\/tap\u3002 \u4f7f\u7528easyrsa3\u5236\u4f5c\u8bc1\u4e66 \u4e0b\u8f7d\uff1ahttps:\/\/github.com\/OpenVPN\/easy-rsa\/releases\/download\/v3.1.7\/EasyRSA-3.1.7.tgz 1.vars\u6587\u4ef6\u8bbe\u7f6e\uff1a 2.\u670d\u52a1\u7aef\uff1a 3.\u5ba2\u6237\u7aef\uff1a \u521b\u5efaclient\u7aef\u8bc1\u4e66\uff0c\u9700\u8981\u5355\u72ec\u628aeasyrsa3\u6587\u4ef6\u5939\u62f7\u8d1d\u51fa\u6765\u4e00\u4efd\uff0c\u5220\u9664\u91cc\u9762\u7684PKI\u76ee\u5f55\uff0c\u7136\u540e\u8fdb\u5165\u5230\u6b64\u76ee\u5f55 root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# cp -r EasyRSA-3.1.7 EasyRSA-3.1.7-c1 root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# cd EasyRSA-3.1.7-c1\/ root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn\/EasyRSA-3.1.7-c1# rm -rf pki\/ \u81f3\u6b64\uff0cserver\u548cclient\u7aef\u8bc1\u4e66\u5df2\u5236\u4f5c\u5b8c\u6bd5 openvpn server\u7aef\u9700\u8981\u7684\u662f \/etc\/openvpn\/EasyRSA-3.1.7\/pki\/ca.crt   <\u5236\u4f5cserver\u8bc1\u4e66\u7684\u6587\u4ef6\u5939> \/etc\/openvpn\/EasyRSA-3.1.7\/pki\/private\/server.key <\u5236\u4f5cserver\u8bc1\u4e66\u7684\u6587\u4ef6\u5939> \/etc\/openvpn\/EasyRSA-3.1.7\/pki\/issued\/server.crt <\u5236\u4f5cserver\u8bc1\u4e66\u7684\u6587\u4ef6\u5939> \/etc\/openvpn\/EasyRSA-3.1.7\/pki\/dh.pem openvpn client\u7aef\u9700\u8981\u7684\u662f \/etc\/openvpn\/EasyRSA-3.1.7\/pki\/ca.crt <\u5236\u4f5cserver\u8bc1\u4e66\u7684\u6587\u4ef6\u5939> \/etc\/openvpn\/EasyRSA-3.1.7\/pki\/issued\/client.crt <\u5236\u4f5cserver\u8bc1\u4e66\u7684\u6587\u4ef6\u5939> \/etc\/openvpn\/EasyRSA-3.1.7-c1\/pki\/private\/client.key <\u5236\u4f5cclient\u8bc1\u4e66\u7684\u6587\u4ef6\u5939> root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# mkdir config root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# cp EasyRSA-3.1.7\/pki\/ca.crt config\/ root@iZ2zeeymlvj6czzwa25q5pZ:\/etc\/openvpn# cp EasyRSA-3.1.7\/pki\/dh.pem […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-439","post","type-post","status-publish","format-standard","hentry","category-9"],"_links":{"self":[{"href":"https:\/\/opshub.com.cn\/index.php?rest_route=\/wp\/v2\/posts\/439","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/opshub.com.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/opshub.com.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/opshub.com.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/opshub.com.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=439"}],"version-history":[{"count":5,"href":"https:\/\/opshub.com.cn\/index.php?rest_route=\/wp\/v2\/posts\/439\/revisions"}],"predecessor-version":[{"id":614,"href":"https:\/\/opshub.com.cn\/index.php?rest_route=\/wp\/v2\/posts\/439\/revisions\/614"}],"wp:attachment":[{"href":"https:\/\/opshub.com.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=439"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/opshub.com.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=439"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/opshub.com.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=439"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}