Merge pull request #193 from linuxserver/iptables-legacy

switch to iptables-legacy, update formatting

Dockerfile

@@ -10,54 +10,55 @@ LABEL maintainer="aptalca"
 ENV DEBIAN_FRONTEND="noninteractive"
 
 RUN \
- echo "**** install dependencies ****" && \
+  echo "**** install dependencies ****" && \
- apt-get update && \
+  apt-get update && \
- apt-get install -y --no-install-recommends \
+  apt-get install -y --no-install-recommends \
-	bc \
+    bc \
-	build-essential \
+    build-essential \
-	curl \
+    curl \
-	dkms \
+    dkms \
-	git \
+    git \
-	gnupg \ 
+    gnupg \ 
-	ifupdown \
+    ifupdown \
-	iproute2 \
+    iproute2 \
-	iptables \
+    iptables \
-	iputils-ping \
+    iputils-ping \
-	jq \
+    jq \
-	libc6 \
+    libc6 \
-	libelf-dev \
+    libelf-dev \
-	net-tools \
+    net-tools \
-	netcat \
+    netcat \
-	openresolv \
+    openresolv \
-	perl \
+    perl \
-	pkg-config \
+    pkg-config \
-	qrencode && \
+    qrencode && \
- echo "**** install wireguard-tools ****" && \
+  update-alternatives --set iptables /usr/sbin/iptables-legacy && \
- if [ -z ${WIREGUARD_RELEASE+x} ]; then \
+  echo "**** install wireguard-tools ****" && \
-	WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \
+  if [ -z ${WIREGUARD_RELEASE+x} ]; then \
-	| jq -r .[0].name); \
+    WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \
- fi && \
+      | jq -r .[0].name); \
- cd /app && \
+  fi && \
- git clone https://git.zx2c4.com/wireguard-linux-compat && \
+  cd /app && \
- git clone https://git.zx2c4.com/wireguard-tools && \
+  git clone https://git.zx2c4.com/wireguard-linux-compat && \
- cd wireguard-tools && \
+  git clone https://git.zx2c4.com/wireguard-tools && \
- git checkout "${WIREGUARD_RELEASE}" && \
+  cd wireguard-tools && \
- make -C src -j$(nproc) && \
+  git checkout "${WIREGUARD_RELEASE}" && \
- make -C src install && \
+  make -C src -j$(nproc) && \
- echo "**** install CoreDNS ****" && \
+  make -C src install && \
- COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \
+  echo "**** install CoreDNS ****" && \
-	| awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \
+  COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \
- curl -o \
+    | awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \
-	/tmp/coredns.tar.gz -L \
+  curl -o \
-	"https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_linux_amd64.tgz" && \
+    /tmp/coredns.tar.gz -L \
- tar xf \
+    "https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_linux_amd64.tgz" && \
-	/tmp/coredns.tar.gz -C \
+  tar xf \
-	/app && \
+    /tmp/coredns.tar.gz -C \
- echo "**** clean up ****" && \
+    /app && \
- rm -rf \
+  echo "**** clean up ****" && \
-	/tmp/* \
+  rm -rf \
-	/var/lib/apt/lists/* \
+    /tmp/* \
-	/var/tmp/*
+    /var/lib/apt/lists/* \
+    /var/tmp/*
 
 # add local files
 COPY /root /

Dockerfile.aarch64

@@ -10,54 +10,55 @@ LABEL maintainer="aptalca"
 ENV DEBIAN_FRONTEND="noninteractive"
 
 RUN \
- echo "**** install dependencies ****" && \
+  echo "**** install dependencies ****" && \
- apt-get update && \
+  apt-get update && \
- apt-get install -y --no-install-recommends \
+  apt-get install -y --no-install-recommends \
-	bc \
+    bc \
-	build-essential \
+    build-essential \
-	curl \
+    curl \
-	dkms \
+    dkms \
-	git \
+    git \
-	gnupg \ 
+    gnupg \ 
-	ifupdown \
+    ifupdown \
-	iproute2 \
+    iproute2 \
-	iptables \
+    iptables \
-	iputils-ping \
+    iputils-ping \
-	jq \
+    jq \
-	libc6 \
+    libc6 \
-	libelf-dev \
+    libelf-dev \
-	net-tools \
+    net-tools \
-	netcat \
+    netcat \
-	openresolv \
+    openresolv \
-	perl \
+    perl \
-	pkg-config \
+    pkg-config \
-	qrencode && \
+    qrencode && \
- echo "**** install wireguard-tools ****" && \
+  update-alternatives --set iptables /usr/sbin/iptables-legacy && \
- if [ -z ${WIREGUARD_RELEASE+x} ]; then \
+  echo "**** install wireguard-tools ****" && \
-	WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \
+  if [ -z ${WIREGUARD_RELEASE+x} ]; then \
-	| jq -r .[0].name); \
+    WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \
- fi && \
+      | jq -r .[0].name); \
- cd /app && \
+  fi && \
- git clone https://git.zx2c4.com/wireguard-linux-compat && \
+  cd /app && \
- git clone https://git.zx2c4.com/wireguard-tools && \
+  git clone https://git.zx2c4.com/wireguard-linux-compat && \
- cd wireguard-tools && \
+  git clone https://git.zx2c4.com/wireguard-tools && \
- git checkout "${WIREGUARD_RELEASE}" && \
+  cd wireguard-tools && \
- make -C src -j$(nproc) && \
+  git checkout "${WIREGUARD_RELEASE}" && \
- make -C src install && \
+  make -C src -j$(nproc) && \
- echo "**** install CoreDNS ****" && \
+  make -C src install && \
- COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \
+  echo "**** install CoreDNS ****" && \
-	| awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \
+  COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \
- curl -o \
+    | awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \
-	/tmp/coredns.tar.gz -L \
+  curl -o \
-	"https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_linux_arm64.tgz" && \
+    /tmp/coredns.tar.gz -L \
- tar xf \
+    "https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_linux_arm64.tgz" && \
-	/tmp/coredns.tar.gz -C \
+  tar xf \
-	/app && \
+    /tmp/coredns.tar.gz -C \
- echo "**** clean up ****" && \
+    /app && \
- rm -rf \
+  echo "**** clean up ****" && \
-	/tmp/* \
+  rm -rf \
-	/var/lib/apt/lists/* \
+    /tmp/* \
-	/var/tmp/*
+    /var/lib/apt/lists/* \
+    /var/tmp/*
 
 # add local files
 COPY /root /

Dockerfile.armhf

@@ -10,54 +10,55 @@ LABEL maintainer="aptalca"
 ENV DEBIAN_FRONTEND="noninteractive"
 
 RUN \
- echo "**** install dependencies ****" && \
+  echo "**** install dependencies ****" && \
- apt-get update && \
+  apt-get update && \
- apt-get install -y --no-install-recommends \
+  apt-get install -y --no-install-recommends \
-	bc \
+    bc \
-	build-essential \
+    build-essential \
-	curl \
+    curl \
-	dkms \
+    dkms \
-	git \
+    git \
-	gnupg \ 
+    gnupg \ 
-	ifupdown \
+    ifupdown \
-	iproute2 \
+    iproute2 \
-	iptables \
+    iptables \
-	iputils-ping \
+    iputils-ping \
-	jq \
+    jq \
-	libc6 \
+    libc6 \
-	libelf-dev \
+    libelf-dev \
-	net-tools \
+    net-tools \
-	netcat \
+    netcat \
-	openresolv \
+    openresolv \
-	perl \
+    perl \
-	pkg-config \
+    pkg-config \
-	qrencode && \
+    qrencode && \
- echo "**** install wireguard-tools ****" && \
+  update-alternatives --set iptables /usr/sbin/iptables-legacy && \
- if [ -z ${WIREGUARD_RELEASE+x} ]; then \
+  echo "**** install wireguard-tools ****" && \
-	WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \
+  if [ -z ${WIREGUARD_RELEASE+x} ]; then \
-	| jq -r .[0].name); \
+    WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \
- fi && \
+    | jq -r .[0].name); \
- cd /app && \
+  fi && \
- git clone https://git.zx2c4.com/wireguard-linux-compat && \
+  cd /app && \
- git clone https://git.zx2c4.com/wireguard-tools && \
+  git clone https://git.zx2c4.com/wireguard-linux-compat && \
- cd wireguard-tools && \
+  git clone https://git.zx2c4.com/wireguard-tools && \
- git checkout "${WIREGUARD_RELEASE}" && \
+  cd wireguard-tools && \
- make -C src -j$(nproc) && \
+  git checkout "${WIREGUARD_RELEASE}" && \
- make -C src install && \
+  make -C src -j$(nproc) && \
- echo "**** install CoreDNS ****" && \
+  make -C src install && \
- COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \
+  echo "**** install CoreDNS ****" && \
-	| awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \
+  COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \
- curl -o \
+    | awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \
-	/tmp/coredns.tar.gz -L \
+  curl -o \
-	"https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_linux_arm.tgz" && \
+    /tmp/coredns.tar.gz -L \
- tar xf \
+    "https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_linux_arm.tgz" && \
-	/tmp/coredns.tar.gz -C \
+  tar xf \
-	/app && \
+    /tmp/coredns.tar.gz -C \
- echo "**** clean up ****" && \
+    /app && \
- rm -rf \
+  echo "**** clean up ****" && \
-	/tmp/* \
+  rm -rf \
-	/var/lib/apt/lists/* \
+    /tmp/* \
-	/var/tmp/*
+    /var/lib/apt/lists/* \
+    /var/tmp/*
 
 # add local files
 COPY /root /

README.md

@@ -317,6 +317,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **09.10.22:** - Switch back to iptables-legacy due to issues on some hosts.
 * **04.10.22:** - Rebase to Jammy. Upgrade to s6v3.
 * **16.05.22:** - Improve NAT handling in server mode when multiple ethernet devices are present.
 * **23.04.22:** - Add pre-shared key support. Automatically added to all new peer confs generated, existing ones are left without to ensure no breaking changes.

readme-vars.yml

@@ -121,6 +121,7 @@ app_setup_block: |
 
 # changelog
 changelogs:
+  - { date: "09.10.22:", desc: "Switch back to iptables-legacy due to issues on some hosts." }
   - { date: "04.10.22:", desc: "Rebase to Jammy. Upgrade to s6v3." }
   - { date: "16.05.22:", desc: "Improve NAT handling in server mode when multiple ethernet devices are present." }
   - { date: "23.04.22:", desc: "Add pre-shared key support. Automatically added to all new peer confs generated, existing ones are left without to ensure no breaking changes." }