Replace LOCAL_NETWORK with LOCAL_SUBNET

2021-03-08 21:17:08 -06:00 · 2021-03-08 21:17:08 -06:00 · 777a5c044e
commit 777a5c044e
parent 522c8ff06d
3 changed files with 13 additions and 8 deletions
--- a/2
+++ b/2
@ -2,7 +2,7 @@ FROM alpine:3.12.1

 RUN apk add --no-cache \
      openresolv iptables ip6tables iproute2 wireguard-tools \
-      findutils # Needed for find's -printf flag.
+      findutils # Needed for find's -printf flag

 COPY entrypoint.sh /entrypoint.sh

--- a/README.md
+++ b/README.md
@ -27,7 +27,7 @@ docker run -it --rm                                                  \

 ## Local Network

-If you wish to allow traffic to your local network, specify the subnet using the `LOCAL_NETWORK` environment variable:
+If you wish to allow traffic to your local network, specify the subnet using the `LOCAL_SUBNET` environment variable:

 ```bash
 docker run --name wireguard                                          \
@ -35,7 +35,7 @@ docker run --name wireguard                                          \
    --cap-add SYS_MODULE                                             \
    --sysctl net.ipv4.conf.all.src_valid_mark=1                      \
    -v /path/to/conf/mullvad.conf:/etc/wireguard/mullvad.conf        \
-    -e LOCAL_NETWORK=10.0.0.0/8                                      \
+    -e LOCAL_SUBNET=10.0.0.0/8                                       \
    jordanpotter/wireguard
 ```

@ -59,6 +59,6 @@ docker run -it --rm                                                  \

 ## Versioning

-Wireguard is new technology and its behavior may change in the future. For this reason, it's recommended to specify an image tag when running this container, such as `jordanpotter/wireguard:2.1.0`.
+Wireguard is new technology and its behavior may change in the future. For this reason, it's recommended to specify an image tag when running this container, such as `jordanpotter/wireguard:2.1.1`.

 The available tags are listed [here](https://hub.docker.com/r/jordanpotter/wireguard/tags).
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -37,10 +37,15 @@ else
    ip6tables -I OUTPUT ! -o $interface -m mark ! --mark $(wg show $interface fwmark) -m addrtype ! --dst-type LOCAL $docker6_network_rule -j REJECT
 fi

-if [[ "$LOCAL_NETWORK" ]]; then
-    echo "Allowing traffic to local network ${LOCAL_NETWORK}" >&2
-    ip route add $LOCAL_NETWORK via $default_route_ip
-    iptables -I OUTPUT -d $LOCAL_NETWORK -j ACCEPT
+# Support LOCAL_NETWORK environment variable, which was replaced by LOCAL_SUBNET
+if [[ -z "$LOCAL_SUBNET" && "$LOCAL_NETWORK" ]]; then
+    LOCAL_SUBNET=$LOCAL_NETWORK
+fi
+
+if [[ "$LOCAL_SUBNET" ]]; then
+    echo "Allowing traffic to local subnet ${LOCAL_SUBNET}" >&2
+    ip route add $LOCAL_SUBNET via $default_route_ip
+    iptables -I OUTPUT -d $LOCAL_SUBNET -j ACCEPT
 fi

 shutdown () {