safebox/wireguard-proxy-client
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix: add iptables package and simplify iptables rules
continuous-integration/drone/push Build is passing
Details

Browse Source 
- Add iptables package in Dockerfile alongside iptables-legacy for compatibility.
- Remove redundant `-m tcp` from iptables commands in set_gateway.sh since `-p tcp` already implies the TCP module when using `--dport`.
This commit is contained in:
gyurix
2026-06-15 08:13:59 +02:00
parent eeef07d964
commit f45ae6e544
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
set_gateway.sh
+4 -4
View File
@@ -5,10 +5,10 @@ IP_GATEWAY=$(route -n | grep 'UG[ \t]' | awk '{print $2}');
route add -host $ENDPOINT gw $IP_GATEWAY;
# temporary added iptables lines
iptables-legacy -t nat -I PREROUTING -i wg0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.18.103.2:80
iptables-legacy -t nat -I PREROUTING -i wg0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 172.18.103.2:443
iptables-legacy -t nat -I POSTROUTING -d 172.18.103.0/24 -p tcp -m tcp --dport 80 -j MASQUERADE
iptables-legacy -t nat -I POSTROUTING -d 172.18.103.0/24 -p tcp -m tcp --dport 443 -j MASQUERADE
iptables-legacy -t nat -I PREROUTING -i wg0 -p tcp --dport 80 -j DNAT --to-destination 172.18.103.2:80
iptables-legacy -t nat -I PREROUTING -i wg0 -p tcp --dport 443 -j DNAT --to-destination 172.18.103.2:443
iptables-legacy -t nat -I POSTROUTING -d 172.18.103.0/24 -p tcp --dport 80 -j MASQUERADE
iptables-legacy -t nat -I POSTROUTING -d 172.18.103.0/24 -p tcp --dport 443 -j MASQUERADE
# need to remove after service-exec go update
/etc/wireguard/persistentkeepalive.sh &