diff options
| -rw-r--r-- | Dockerfile | 2 | ||||
| -rw-r--r-- | README.md | 17 | ||||
| -rw-r--r-- | src/fw.rs | 12 | ||||
| -rw-r--r-- | src/fw_actor.rs | 1 |
4 files changed, 17 insertions, 15 deletions
@@ -18,6 +18,6 @@ COPY ./src ./src RUN cargo build --release FROM debian:bullseye-slim -RUN apt-get update && apt-get install -y libssl1.1 +RUN apt-get update && apt-get install -y libssl1.1 iptables COPY --from=builder /srv/target/release/diplonat /usr/local/sbin/diplonat CMD ["/usr/local/sbin/diplonat"] @@ -4,7 +4,7 @@ Diplonat ## Feature set * [X] (Re)Configure NAT via UPNP/IGD (prio: high) - * [ ] (Re)Configure nftable (prio: low) + * [X] (Re)Configure iptables (prio: low) * [ ] (Re)Configure DNS via ??? (prio: low) ## Understand scope @@ -17,11 +17,24 @@ Diplonat ## Operate +You need to add the following to your nomad config file : + +``` +client { + [...] + + options { + docker.privileged.enabled = "true" + } +} +``` + + ```bash cargo build consul agent -dev # in a separate terminal -# adapt following values to your configuratio +# adapt following values to your configuration export DIPLONAT_PRIVATE_IP="192.168.0.18" export DIPLONAT_REFRESH_TIME="60" export DIPLONAT_EXPIRATION_TIME="300" @@ -73,15 +73,3 @@ pub fn cleanup(ipt: &iptables::IPTables) -> Result<(), FirewallError> { Ok(()) } -/* -fn main() { - let ipt = iptables::new(false).unwrap(); - setup(&ipt); - - let mut test: HashSet<Port> = HashSet::new(); - test.insert(Port { proto: String::from("tcp"), number: 443 }); - let a = get_opened_ports(&ipt); - let l = test.difference(&a).collect::<Vec<&Port>>(); - println!("{:?}", l); -} -*/ diff --git a/src/fw_actor.rs b/src/fw_actor.rs index 9bc6610..0ef08eb 100644 --- a/src/fw_actor.rs +++ b/src/fw_actor.rs @@ -78,3 +78,4 @@ impl FirewallActor { } } + |