hi , to make it short .
i followed this
made sure it is working .
i would like for the NAS to be the VPN exit node .
so i tried to follow this
HOWEVER ! iptables is missing !
i made sure NET_ADMIN and NET_RAW are enabled (i did followed the guide which also indicate that it is included)
so i tried to add it manually .
apk add iptables
when i tried to run iptables this is what i receive
sudo iptables -t nat -A POSTROUTING -o $WAN_IF -j MASQUERADE
Warning: Extension MASQUERADE revision 0 not supported, missing kernel module?
iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid arg
ument
help would be great , thanks
update, which is weird and should not work that way in my eyes .
all of this
need to be done on the HOST , synology nas machine .
it will work .
problem you might have is on restart , since there is no iptable persistent on the nas.
what i came up with (havent checked if that works is)
setting up a cronjob , in /etc/crontab
added one line
@reboot export ZT_IF=ztyqbw6yks && export WAN_IF=eth0 && sudo iptables -t nat -A POSTROUTING -o $WAN_IF -j MASQUERADE && sudo iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT && sudo iptables -A FORWARD -i $ZT_IF -o $WAN_IF -j ACCEPT && sudo iptables-save
any plan on fixing the issue on the docker side ?
the crontable i wrote earlier did not work .
there is a need to run as root , and to export variable .
so i am updating it
this is how my crontab looks now
MAILTO=""
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/syno/sbin:/usr/syno/bin:/usr/local/sbin:/
usr/local/bin
ZT_IF=ztyabw5xx
WAN_IF=eth0
#minute hour mday month wday who command
@reboot root sleep 60 && /sbin/iptables -t nat -A POSTROUTING -o $WAN_IF -j MASQUERADE && /sbin/iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT && sudo /sbin/iptables -A FORWARD -i $ZT_IF -o $WAN_IF -j ACCEPT && /sbin/iptables-save
system
Closed
5
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.