wireguard-go-docker icon indicating copy to clipboard operation
wireguard-go-docker copied to clipboard

Published 20 hours ago verified publisher icon masipcat

ip: invalid argument '51820' to 'table'

Open Neurrone opened this issue 4 years ago • 5 comments

I'm getting the following error:

INFO: (wg0) 2020/06/02 15:11:48 Starting wireguard-go version 0.0.20200320
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.67.113.92/32 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a wg0 -m 0 -x
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
ip: invalid argument '51820' to 'table'
[#] resolvconf -d wg0 -f
[#] ip link delete dev wg0

The configure file is as follows:

[Interface]
PrivateKey = ...
Address = 10.67.113.92/32
DNS = 8.8.8.8

[Peer]
PublicKey = ...
AllowedIPs = 0.0.0.0/0
Endpoint = 43.245.162.234:51820

And here's the docker-compose:

version: "3.7"
services:
  wireguard:
    image: masipcat/wireguard-go:latest
    container_name: wireguard
    sysctls:
      - net.ipv4.ip_forward=1
    cap_add:
      - NET_ADMIN
    volumes:
      - ./mullvad_wireguard_linux_all_all/mullvad-au1.conf:/etc/wireguard/wg0.conf
      - /dev/net/tun:/dev/net/tun
    ports:
      - 51820:51820/udp
    restart: unless-stopped

Neurrone avatar Jun 02 '20 15:06 Neurrone

Fixed in latest. You will need to uncomment this line in your docker-compose.yaml: https://github.com/masipcat/wireguard-go-docker/blob/93a1aa175adcb0ed6a2867d44ffc98e6e5d2d4db/docker-compose.yml#L17-L18

masipcat avatar Jun 02 '20 21:06 masipcat

Hm, it now gets a bit further along and then now fails with a different error.

[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n
iptables-restore v1.8.3 (legacy): iptables-restore: unable to initialize table 'raw'

Error occurred at line: 1
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
[#] resolvconf -d wg0 -f
[#] ip -4 rule delete table 51820
[#] ip -4 rule delete table main suppress_prefixlength 0
[#] ip link delete dev wg0

Neurrone avatar Jun 03 '20 12:06 Neurrone

Which OS are you using? I can't reproduce this error

masipcat avatar Jun 04 '20 21:06 masipcat

I'm attempting to run this on a Synology. So this might not work because of an outdated kernel version. I'll test on another machine to see if I can reproduce.

Neurrone avatar Jun 05 '20 13:06 Neurrone

Reproduced with docker running under WSL 2 on Windows 10 2004.

wireguard    | INFO: (wg0) 2020/06/14 08:26:30 Starting wireguard-go version 0.0.20200320
wireguard    | [#] wg setconf wg0 /dev/fd/63
wireguard    | [#] ip -4 address add 10.67.113.92/32 dev wg0
wireguard    | [#] ip link set mtu 1420 up dev wg0
wireguard    | [#] resolvconf -a wg0 -m 0 -x
wireguard    | [#] wg set wg0 fwmark 51820
wireguard    | [#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
wireguard    | [#] ip -4 rule add not fwmark 51820 table 51820
wireguard    | [#] ip -4 rule add table main suppress_prefixlength 0
wireguard    | [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
wireguard    | [#] iptables-restore -n
wireguard    | iptables-restore v1.8.3 (legacy): unknown option "--save-mark"
wireguard    | Error occurred at line: 5
wireguard    | Try `iptables-restore -h' or 'iptables-restore --help' for more information.
wireguard    | [#] resolvconf -d wg0 -f
wireguard    | [#] ip -4 rule delete table 51820
wireguard    | [#] ip -4 rule delete table main suppress_prefixlength 0
wireguard    | [#] ip link delete dev wg0

Neurrone avatar Jun 14 '20 08:06 Neurrone