From 141e0a3948fbf31318b24210394f3f2b986b37ea Mon Sep 17 00:00:00 2001 From: Jordan Potter Date: Mon, 18 May 2020 17:14:55 -0500 Subject: [PATCH] Pin Ubuntu version and update docs to require privileged mode --- Dockerfile | 5 ++--- README.md | 22 +--------------------- 2 files changed, 3 insertions(+), 24 deletions(-) diff --git a/Dockerfile b/Dockerfile index ba0e850..3004805 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,6 @@ -FROM ubuntu:latest +FROM ubuntu:20.04 -RUN apt-get update && apt-get install -y software-properties-common openresolv iptables iproute2 -RUN add-apt-repository ppa:wireguard/wireguard && apt-get update && apt-get install -y wireguard-tools +RUN apt-get update && apt-get install -y openresolv iptables iproute2 wireguard COPY entrypoint.sh /entrypoint.sh diff --git a/README.md b/README.md index 94b1686..00edd7c 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ Now simply mount the configuration file and run! For example, if your configurat ```bash docker run --name wireguard \ - --cap-add=NET_ADMIN \ + --privileged \ -v /path/to/conf/mullvadus2.conf:/etc/wireguard/mullvadus2.conf \ jordanpotter/wireguard ``` @@ -21,23 +21,3 @@ docker run -it --rm \ --net=container:wireguard \ appropriate/curl http://httpbin.org/ip ``` - -## Troubleshooting - -### Asymmetric Routing - -If you see any errors similar to: - -```bash -sysctl: setting key "net.ipv4.conf.all.rp_filter": Read-only file system -sysctl: setting key "net.ipv4.conf.default.rp_filter": Read-only file system -``` - -Then your host is set to discard packets when the route for outbound traffic differs from the route for incoming traffic. To correct this, you'll want to set these values in `/etc/sysctl.conf`: - -```bash -net.ipv4.conf.default.rp_filter = 2 -net.ipv4.conf.all.rp_filter = 2 -``` - -Afterwards, reboot.