Birk Blechschmidt

> Server: > > ```shell > # working > docker run -it --rm -v /dev/net/tun:/dev/net/tun --sysctl net.ipv6.conf.default.disable_ipv6=0 --add-host host.docker.internal:host-gateway --cap-add NET_ADMIN --name tun2proxy tun2proxy --proxy socks5://host.docker.internal:7930 --dns-addr 1.1.1.1 --dns virtual...

Regarding the privilege discussion: tun2proxy needs privileges for at least the following: 1. tun device creation (`CAP_NET_ADMIN`), 2. routing table manipulation (`CAP_NET_ADMIN`) with `--setup` (At least. I am not sure...

We do have an OS-less/scratch image now, cf. https://github.com/orgs/tun2proxy/packages?repo_name=tun2proxy. `tun2proxy` is the same as `tun2proxy-scratch`.