update README & Dockerfile

4 files changed, 17 insertions, 15 deletions

diff --git a/Dockerfile b/Dockerfile
index 41c7da9..f34dd2c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,6 +18,6 @@ COPY ./src ./src
 RUN cargo build --release
 
 FROM debian:bullseye-slim
-RUN apt-get update && apt-get install -y libssl1.1
+RUN apt-get update && apt-get install -y libssl1.1 iptables
 COPY --from=builder /srv/target/release/diplonat /usr/local/sbin/diplonat
 CMD ["/usr/local/sbin/diplonat"]
diff --git a/README.md b/README.md
index 518061b..3fb0f52 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@ Diplonat
 ## Feature set
 
  * [X] (Re)Configure NAT via UPNP/IGD (prio: high)  
- * [ ] (Re)Configure nftable (prio: low)  
+ * [X] (Re)Configure iptables (prio: low)  
  * [ ] (Re)Configure DNS via ??? (prio: low)  
 
 ## Understand scope
@@ -17,11 +17,24 @@ Diplonat
 
 ## Operate
 
+You need to add the following to your nomad config file :
+
+```
+client {
+  [...]
+
+  options {
+    docker.privileged.enabled = "true"
+  } 
+}
+```
+
+
 ```bash
 cargo build
 consul agent -dev # in a separate terminal
 
-# adapt following values to your configuratio
+# adapt following values to your configuration
 export DIPLONAT_PRIVATE_IP="192.168.0.18"
 export DIPLONAT_REFRESH_TIME="60"
 export DIPLONAT_EXPIRATION_TIME="300"
diff --git a/src/fw.rs b/src/fw.rs
index 955425a..42ce73a 100644
--- a/src/fw.rs
+++ b/src/fw.rs
@@ -73,15 +73,3 @@ pub fn cleanup(ipt: &iptables::IPTables) -> Result<(), FirewallError> {
     Ok(())
 }
 
-/*
-fn main() {
-    let ipt = iptables::new(false).unwrap();
-    setup(&ipt);
-
-    let mut test: HashSet<Port> = HashSet::new();
-    test.insert(Port { proto: String::from("tcp"), number: 443 });
-    let a = get_opened_ports(&ipt);
-    let l = test.difference(&a).collect::<Vec<&Port>>();
-    println!("{:?}", l);
-}
-*/
diff --git a/src/fw_actor.rs b/src/fw_actor.rs
index 9bc6610..0ef08eb 100644
--- a/src/fw_actor.rs
+++ b/src/fw_actor.rs
@@ -78,3 +78,4 @@ impl FirewallActor {
   }
 
 }
+