Skip to content

D
docker-ocserv
Commit 4b3c6d9d authored by Tommy Lau's avatar Tommy Lau
Browse files
Options

Enable iptables and ipv4 forwarding in container

parent d476bd05
Show whitespace changes
Inline Side-by-side
Showing with 13 additions and 1 deletion
Dockerfile
View file @ 4b3c6d9d
...@@ -2,7 +2,7 @@ FROM ubuntu:14.04 ...@@ -2,7 +2,7 @@ FROM ubuntu:14.04
RUN apt-get update \ RUN apt-get update \
&& apt-get install -y --no-install-recommends \ && apt-get install -y --no-install-recommends \
autoconf autogen ca-certificates curl gcc gnutls-bin \ autoconf autogen ca-certificates curl gcc gnutls-bin iptables \
libdbus-1-dev libgnutls28-dev libnl-route-3-dev libpam0g-dev libreadline-dev libwrap0-dev \ libdbus-1-dev libgnutls28-dev libnl-route-3-dev libpam0g-dev libreadline-dev libwrap0-dev \
make pkg-config xz-utils \ make pkg-config xz-utils \
# NOT FOUND? # NOT FOUND?
......
docker-entrypoint.sh
View file @ 4b3c6d9d
...@@ -58,6 +58,18 @@ if [ ! -f /etc/ocserv/server-key.pem ] || [ ! -f /etc/ocserv/server-cert.pem ]; ...@@ -58,6 +58,18 @@ if [ ! -f /etc/ocserv/server-key.pem ] || [ ! -f /etc/ocserv/server-cert.pem ];
fi fi
fi fi
# Open ipv4 ip forward
sysctl -w net.ipv4.ip_forward=1
# Enable NAT forwarding
iptables -t nat -A POSTROUTING -j MASQUERADE
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
# Enable TUN device
mkdir -p /dev/net
mknod /dev/net/tun c 10 200
chmod 600 /dev/net/tun
# Run OpennConnect Server # Run OpennConnect Server
exec "$@" exec "$@"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment