feat(gateway): add iptables-legacy and temporary port redirection

- Install iptables-legacy package in Dockerfile to support iptables rules - Add temporary iptables rules in set_gateway.sh to redirect HTTP/HTTPS traffic from wg0 to 172.18.103.2 - These rules are temporary and should be removed after service-exec go update
2026-06-15 07:41:07 +02:00
parent 66c87e7266
commit eeef07d964
2 changed files with 10 additions and 1 deletions
@@ -4,4 +4,11 @@ ENDPOINT=$(cat /etc/wireguard/wg0.conf | grep Endpoint | awk '{print $3}' |cut -
 IP_GATEWAY=$(route -n | grep 'UG[ \t]' | awk '{print $2}');
 route add -host $ENDPOINT gw $IP_GATEWAY;

+# temporary added iptables lines
+iptables-legacy -t nat -I PREROUTING -i wg0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.18.103.2:80
+iptables-legacy -t nat -I PREROUTING -i wg0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 172.18.103.2:443
+iptables-legacy -t nat -I POSTROUTING -d 172.18.103.0/24 -p tcp -m tcp --dport 80 -j MASQUERADE
+iptables-legacy -t nat -I POSTROUTING -d 172.18.103.0/24 -p tcp -m tcp --dport 443 -j MASQUERADE
+# need to remove after service-exec go update
+
 /etc/wireguard/persistentkeepalive.sh &