@@ -69,24 +69,34 @@ echo "Docker Host: $docker_host_ip ($docker_host_source)"
6969PORTS=" ${PORTS:- " 1-65535" "
7070PORTS=" $( echo ${PORTS// ,/ } ) "
7171
72- nft add table nat
73- nft add chain nat prerouting { type nat hook prerouting priority -100 \; }
74- nft add chain nat postrouting { type nat hook postrouting priority 100 \; }
72+ # nft add table nat
73+ # nft add chain nat prerouting { type nat hook prerouting priority -100 \; }
74+ # nft add chain nat postrouting { type nat hook postrouting priority 100 \; }
7575
7676echo " Forwarding ports: ${PORTS// / , } "
7777for forwarding_port in $PORTS
7878do
7979 docker_container_port=" ${forwarding_port%%:* } "
8080 docker_host_port=" ${forwarding_port#*: } "
8181
82- nft add rule nat prerouting tcp \
83- dport " ${docker_container_port} " " $docker_host_ip :$docker_host_port "
84- nft add rule nat prerouting udp \
85- dport " ${docker_container_port} " " $docker_host_ip :$docker_host_port "
86-
82+ # nft add rule nat prerouting tcp \
83+ # dport "${docker_container_port}" \
84+ # dnat to "$docker_host_ip:$docker_host_port"
85+ iptables-legacy --table nat --insert PREROUTING \
86+ --protocol tcp --destination-port " ${docker_container_port/ -/: } "
87+ --jump DNAT --to-destination " $docker_host_ip :$docker_host_port "
88+
89+ # nft add rule nat prerouting udp \
90+ # dport "${docker_container_port}" \
91+ # dnat to "$docker_host_ip:$docker_host_port"
92+ iptables-legacy --table nat --insert PREROUTING \
93+ --protocol udp --destination-port " ${docker_container_port/ -/: } "
94+ --jump DNAT --to-destination " $docker_host_ip :$docker_host_port "
8795done
8896
89- nft add rule nat postrouting masquerade
97+ # nft add rule nat postrouting masquerade
98+ iptables-legacy --table nat --insert POSTROUTING --jump MASQUERADE
99+
90100
91101# --- Drop root access and "Ah, ha, ha, ha, stayin' alive" ---------------------
92102
0 commit comments