Enable iptables and ipv4 forwarding in container

Cloudxtreme · Feb 10, 2015 · 4b3c6d9 · 4b3c6d9
1 parent d476bd0
commit 4b3c6d9
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/Dockerfile b/Dockerfile
@@ -2,7 +2,7 @@ FROM ubuntu:14.04
 
 RUN apt-get update \
 	&& apt-get install -y --no-install-recommends \
-		autoconf autogen ca-certificates curl gcc gnutls-bin \
+		autoconf autogen ca-certificates curl gcc gnutls-bin iptables \
 		libdbus-1-dev libgnutls28-dev libnl-route-3-dev libpam0g-dev libreadline-dev libwrap0-dev \
 		make pkg-config xz-utils \
 # NOT FOUND?

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -58,6 +58,18 @@ if [ ! -f /etc/ocserv/server-key.pem ] || [ ! -f /etc/ocserv/server-cert.pem ];
 	fi
 fi
 
+# Open ipv4 ip forward
+sysctl -w net.ipv4.ip_forward=1
+
+# Enable NAT forwarding
+iptables -t nat -A POSTROUTING -j MASQUERADE
+iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
+
+# Enable TUN device
+mkdir -p /dev/net
+mknod /dev/net/tun c 10 200
+chmod 600 /dev/net/tun
+
 # Run OpennConnect Server
 exec "$@"