amorfo77
parent
85c9606baa
commit
0ca78be006
|
|
@ -1,8 +1,6 @@
|
|||
FROM alpine:3.17
|
||||
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
ENV XTABLES_LIBDIR /usr/lib/xtables
|
||||
ENV PYTHON_IPTABLES_XTABLES_VERSION 12
|
||||
ENV IPTABLES_LIBDIR /usr/lib
|
||||
|
|
@ -16,13 +14,10 @@ RUN apk add --virtual .build-deps \
|
|||
iptables \
|
||||
ip6tables \
|
||||
xtables-addons \
|
||||
nftables \
|
||||
tzdata \
|
||||
py3-pip \
|
||||
py3-nftables \
|
||||
musl-dev \
|
||||
&& pip3 install --ignore-installed --upgrade pip \
|
||||
jsonschema \
|
||||
python-iptables \
|
||||
redis \
|
||||
ipaddress \
|
||||
|
|
@ -31,10 +26,5 @@ RUN apk add --virtual .build-deps \
|
|||
|
||||
# && pip3 install --upgrade pip python-iptables==0.13.0 redis ipaddress dnspython \
|
||||
|
||||
COPY server.py /app/
|
||||
COPY server-nft.py /app/
|
||||
COPY ./netfilter.sh /app/
|
||||
|
||||
RUN chmod +x /app/netfilter.sh
|
||||
|
||||
CMD ["/bin/sh", "/app/netfilter.sh"]
|
||||
COPY server.py /
|
||||
CMD ["python3", "-u", "/server.py"]
|
||||
|
|
|
|||
|
|
@ -1,11 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
server_to_use="server.py"
|
||||
|
||||
if [ -n "$USE_NFTABLES" ]; then
|
||||
if echo "$USE_NFTABLES" | grep -Eq "^[yY]$"; then
|
||||
server_to_use="server-nft.py"
|
||||
fi
|
||||
fi
|
||||
|
||||
exec python -u ${server_to_use}
|
||||
File diff suppressed because it is too large
Load Diff
|
|
@ -531,7 +531,6 @@ def initChain():
|
|||
|
||||
if __name__ == '__main__':
|
||||
|
||||
logInfo("Using Iptables backend")
|
||||
# In case a previous session was killed without cleanup
|
||||
clear()
|
||||
# Reinit MAILCOW chain
|
||||
|
|
|
|||
|
|
@ -441,7 +441,6 @@ services:
|
|||
- IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
|
||||
- SNAT_TO_SOURCE=${SNAT_TO_SOURCE:-n}
|
||||
- SNAT6_TO_SOURCE=${SNAT6_TO_SOURCE:-n}
|
||||
- USE_NFTABLES=${USE_NFTABLES:-n}
|
||||
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
|
||||
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
|
||||
network_mode: "host"
|
||||
|
|
|
|||
|
|
@ -394,10 +394,6 @@ IPV6_NETWORK=fd4d:6169:6c63:6f77::/64
|
|||
|
||||
#SNAT6_TO_SOURCE=
|
||||
|
||||
# Use this variable if you want to use Nftables instead of Iptables in the netfilter container
|
||||
|
||||
#USE_NFTABLES=
|
||||
|
||||
# Create or override an API key for the web UI
|
||||
# You _must_ define API_ALLOW_FROM, which is a comma separated list of IPs
|
||||
# An API key defined as API_KEY has read-write access
|
||||
|
|
|
|||
Loading…
Reference in New Issue