Dockerfile无法复制步骤
我遵循某些步骤获取curl'https://api.ipify.org?format=json'使用Redsocks和iptables 但是,当我尝试通过复制步骤来容器化它时,它会在我在Entrypoint中应用iPtables规则的一部分失败。SH告诉我我没有许可执行此操作,并且curl为我提供了系统。 IP,我如何容器化它(有一个特定原因我没有设置环境变量代理,因此必须是redsocks和iptables)
我的dockerfile
FROM ubuntu:latest
RUN apt update
RUN apt-get install -qy redsocks
RUN apt-get install -qy iptables
RUN apt-get install -qy iptables-persistent
RUN apt install curl -qy
RUN apt-get install sudo -qy
COPY . /code
RUN rm -f /etc/redsocks.conf
RUN ln -s /code/redsocks.conf /etc/redsocks.conf
RUN cp /code/entrypoint.sh /entrypoint.sh
USER root
ENTRYPOINT [ "sh", "/entrypoint.sh"]
entrypoint.sh
echo "Restarting redsocks and redirecting traffic via iptables"
/etc/init.d/redsocks restart
iptables -t nat -N REDSOCKS
iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -p tcp --dport 80 -j REDIRECT --to-ports 12345
iptables -t nat -A REDSOCKS -p tcp --dport 443 -j REDIRECT --to-ports 12345
iptables -t nat -A REDSOCKS -p tcp --dport 11371 -j REDIRECT --to-ports 12345
iptables -t nat -A OUTPUT -p tcp -j REDSOCKS
iptables -t nat -A PREROUTING -p tcp --dport 11371 -j REDSOCKS
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDSOCKS
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDSOCKS
echo "Check IP: "
curl 'https://api.ipify.org?format=json'
echo "-----------------------------------------------------------------------------"
exit
i followed certain steps to get curl 'https://api.ipify.org?format=json' to show the proxy IP using redsocks and iptables but when i try to containerize it by replicating the steps, it fails in the part where i apply iptables rules in entrypoint.sh telling me i dont have permission to do so and curl gives me the system ip, how can i containerize it (there is a particular reason i am not setting environment variable proxy, hence redsocks and iptables are a must)
My Dockerfile
FROM ubuntu:latest
RUN apt update
RUN apt-get install -qy redsocks
RUN apt-get install -qy iptables
RUN apt-get install -qy iptables-persistent
RUN apt install curl -qy
RUN apt-get install sudo -qy
COPY . /code
RUN rm -f /etc/redsocks.conf
RUN ln -s /code/redsocks.conf /etc/redsocks.conf
RUN cp /code/entrypoint.sh /entrypoint.sh
USER root
ENTRYPOINT [ "sh", "/entrypoint.sh"]
entrypoint.sh
echo "Restarting redsocks and redirecting traffic via iptables"
/etc/init.d/redsocks restart
iptables -t nat -N REDSOCKS
iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -p tcp --dport 80 -j REDIRECT --to-ports 12345
iptables -t nat -A REDSOCKS -p tcp --dport 443 -j REDIRECT --to-ports 12345
iptables -t nat -A REDSOCKS -p tcp --dport 11371 -j REDIRECT --to-ports 12345
iptables -t nat -A OUTPUT -p tcp -j REDSOCKS
iptables -t nat -A PREROUTING -p tcp --dport 11371 -j REDSOCKS
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDSOCKS
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDSOCKS
echo "Check IP: "
curl 'https://api.ipify.org?format=json'
echo "-----------------------------------------------------------------------------"
exit
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
答案很简单,只需要
docker运行 - 私有的图像>Answer was simple, just had to
docker run --privileged <image>