docker-routeros
docker-routeros copied to clipboard
EvilFreelancer
dst-nat to another network not work when we have 2 ether
I create a docekr-compose like this
services:
nginx:
build: docker/nginx
hostname: asterisk.docker
# network_mode: none
cap_add:
- NET_ADMIN
environment:
- GW=172.16.16.2
networks:
lan_net:
ipv4_address: 172.16.16.3
routeros:
build: docker/routeros
restart: unless-stopped
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
ports:
- "12222:22"
- "8291:8291"
- "12223:23"
- "18728:8728"
- "18729:8729"
- "8090:80"
networks:
lan_internal:
priority: 1000
ipv4_address: 182.18.18.2
lan_net:
priority: 900
ipv4_address: 172.16.16.2
networks:
lan_net:
driver: bridge
ipam:
driver: default
config:
- subnet: "172.16.16.0/24"
gateway: 172.16.16.1
lan_internal:
ipam:
driver: default
config:
- subnet: "182.18.18.0/24"
gateway: 182.18.18.1
and in nginx add
if [ -n "$GW" ]; then
ip route delete default ;
ip route add default via $GW ;
fi
and my config is
/disk
set sata1 disabled=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/port
set 0 name=serial0
/ip address
add address=172.16.16.2/24 interface=ether2 network=172.16.16.0
/ip dhcp-client
add interface=ether1
/ip firewall address-list
add address=182.18.18.2 list=Valid
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1 src-address=\
172.16.16.0/24
add action=dst-nat chain=dstnat dst-address-list=Valid dst-port=80\
in-interface=ether1 protocol=tcp to-addresses=172.16.16.3
but ds-nat to nginx not working
Wow, it looks amazing, I've not thought someone will use it for real routing, my plan was only for testing routeros api library.
I will try to reproduce your solution, probably some issues with docker routing or iptables.
I Can mail my sample code for you if you want please inform me to send it to your mail my mail is [email protected] thank you so much
Not possible to reproduce, i've tried to set up NAT with four network interfaces, here is an example of custom entrypoint.sh.