Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Port forwarding #438

Open
Nigelsp opened this issue Jan 15, 2025 · 2 comments
Open

Port forwarding #438

Nigelsp opened this issue Jan 15, 2025 · 2 comments

Comments

@Nigelsp
Copy link

Nigelsp commented Jan 15, 2025

I have a docker application that is using the network connection provided by the open-vpn client. My application needs to receive udp packets on port 42000. The connection is working fine , other than udp packets on 42000 are not reaching the application.

I cannot seem to open port 42000 using the -p 42000;udp option.

I start the openvpn client with:
docker run -it --cap-add=NET_ADMIN --device /dev/net/tun --name open-vpn --dns 8.8.4.4 -p 42000:42000/udp -v /root/Documents/openvpn:/vpn -d dperson/openvpn-client -r 192.0.2.0/24 -p 42000;udp

the openvpn client responds with bash: udp: command not found...

How should I be opening this port?
@SiestaCat
Copy link

SiestaCat commented Jan 15, 2025
edited
Loading

This working for me:

services:
  openvpn_client:
    image: dperson/openvpn-client
    cap_add:
      - NET_ADMIN
    volumes:
      - ./client.ovpn:/vpn/client.conf
    command: "-c /vpn/client.conf"
    devices:
      - /dev/net/tun:/dev/net/tun
  web:
    image: my_image
    network_mode: "service:openvpn_client"

In the openvpn server (APT Distro), assuming web docker compose service is listening 8080 port and 2.2.2.2 is the public server ip address, and the openvpn subnet is 10.8.0.0 (cat /etc/openvpn/server.conf):

apt install iptables-persistent -y
iptables -t nat -A PREROUTING -p tcp -d 2.2.2.2 --dport 8080 -j DNAT --to-destination 10.8.0.2:8080
iptables -A FORWARD -p tcp -d 10.8.0.2 --dport 8080 -j ACCEPT
netfilter-persistent save

Open http://2.2.2.2:8080

Should work.

@Nigelsp
Copy link
Author

Nigelsp commented Jan 17, 2025

Thanks for the reply. Im still having no joy :-(
Im using the official openvpn server docker image. Openserver has a web ui that handles port forwarding but Im guessing this assumes its not in a container

Ive added
iptables -t nat -A PREROUTING -d 209.250.230.194 -p udp --dport 42000 -j DNAT --to-dest 192.0.2.2:42000
iptables -t filter -A INPUT -p tcp -d 209.250.230.194 --dport 42000 -j ACCEPT
iptables -A FORWARD -p udp -d 192.0.2.2 --dport 42000 -j ACCEPT

209.250.230.194 is the public ip, and 192.0.2.2 is the fixed address of the container using the vpn (ie the tun0 ip)

still no packets getting through

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SiestaCat @Nigelsp