github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revert docker-init.sh

Browse Source
This commit is contained in:
Jamil Bou Kheir
2024-01-17 03:45:39 -08:00
parent 3c2b32c215
commit 1d80af79bc
2 changed files with 7 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
rust/Dockerfile
View File

@@ -87,7 +87,7 @@ COPY . .
ARG TARGET
ARG PACKAGE
RUN cargo build -p ${PACKAGE} $([ -n "${TARGET}" ] && "--target ${TARGET}")
RUN cargo build -p ${PACKAGE} $([ -v "${TARGET}" ] && "--target ${TARGET}")
# Image which is used to run the application binary
FROM alpine:${ALPINE_VERSION} AS runtime

14
rust/docker-init.sh
View File

@@ -3,14 +3,12 @@
if [ "${FIREZONE_ENABLE_MASQUERADE}" = "1" ]; then
IFACE="tun-firezone"
# Enable masquerading for ethernet and wireless interfaces
iptables -C FORWARD -i $IFACE -j ACCEPT > /dev/null 2>&1 || iptables -A FORWARD -i $IFACE -j ACCEPT
iptables -C FORWARD -o $IFACE -j ACCEPT > /dev/null 2>&1 || iptables -A FORWARD -o $IFACE -j ACCEPT
iptables -t nat -C POSTROUTING -o e+ -j MASQUERADE > /dev/null 2>&1 || iptables -t nat -A POSTROUTING -o e+ -j MASQUERADE
iptables -t nat -C POSTROUTING -o w+ -j MASQUERADE > /dev/null 2>&1 || iptables -t nat -A POSTROUTING -o w+ -j MASQUERADE
ip6tables -C FORWARD -i $IFACE -j ACCEPT > /dev/null 2>&1 || ip6tables -A FORWARD -i $IFACE -j ACCEPT
ip6tables -C FORWARD -o $IFACE -j ACCEPT > /dev/null 2>&1 || ip6tables -A FORWARD -o $IFACE -j ACCEPT
ip6tables -t nat -C POSTROUTING -o e+ -j MASQUERADE > /dev/null 2>&1 || ip6tables -t nat -A POSTROUTING -o e+ -j MASQUERADE
ip6tables -t nat -C POSTROUTING -o w+ -j MASQUERADE > /dev/null 2>&1 || ip6tables -t nat -A POSTROUTING -o w+ -j MASQUERADE
iptables-nft -A FORWARD -i $IFACE -j ACCEPT
iptables-nft -A FORWARD -o $IFACE -j ACCEPT
iptables-nft -t nat -A POSTROUTING -o eth+ -j MASQUERADE
ip6tables-nft -A FORWARD -i $IFACE -j ACCEPT
ip6tables-nft -A FORWARD -o $IFACE -j ACCEPT
ip6tables-nft -t nat -A POSTROUTING -o eth+ -j MASQUERADE
fi
if [ "${LISTEN_ADDRESS_DISCOVERY_METHOD}" = "gce_metadata" ]; then