[DEV] add ipv4 forwarding

2019-04-08 23:47:22 +02:00 · 2019-04-08 23:47:22 +02:00 · 2f50498b3c
commit 2f50498b3c
parent 8b97c10ca0
4 changed files with 13 additions and 0 deletions
--- a/11_route_enable.conf
+++ b/11_route_enable.conf
@ -0,0 +1,2 @@
+# Enable network forwarding
+net.ipv4.ip_forward=1
--- a/3
+++ b/3
@ -27,6 +27,9 @@ EXPOSE 1194/udp

 CMD ["ovpn_run"]

+#ADD ./11_route_enable.conf /etc/sysctl.d/11_route_enable.conf
+#RUN sysctl -p /etc/sysctl.d/*
+
 ADD ./bin /usr/local/bin
 RUN chmod a+x /usr/local/bin/*

--- a/bin/ovpn_run
+++ b/bin/ovpn_run
@ -85,6 +85,13 @@ if [ -r "$OPENVPN/crl.pem" ]; then
    addArg "--crl-verify" "$OPENVPN/crl.pem"
 fi

+
+# If this fails, ensure the docker container is run with --privileged
+# Could be side stepped with `ip netns` madness to drop privileged flag
+echo "Enabling IPv4 Forwarding"
+sysctl -w net.ipv4.ip_forward=1 || echo "Failed to enable IPv4 forwarding"
+
+
 ip -6 route show default 2>/dev/null
 if [ $? = 0 ]; then
    echo "Enabling IPv6 Forwarding"
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -1,6 +1,7 @@
 version: '2'
 services:
  openvpn:
+    privileged: true
    cap_add:
     - NET_ADMIN
    build: .