moony
/
dockerfiles
mirror of https://github.com/vimagick/dockerfiles
1
2
Fork 0
Code Issues Releases Wiki Activity
dockerfiles/hans
History
kev 82143a5b63 swith to new domain: easypi.pro 2017-05-08 07:05:07 +08:00
..
arm upgrade hans to 1.0 2016-11-23 23:19:44 +08:00
systemd add hans-arm 2016-10-29 01:05:25 +08:00
Dockerfile swith to new domain: easypi.pro 2017-05-08 07:05:07 +08:00
README.md add elasticsearch-arm 2016-11-01 16:32:49 +08:00
docker-compose.yml add hans 2016-10-28 22:24:03 +08:00

README.md

hans

Hans makes it possible to tunnel IPv4 through ICMP echo packets, so you could call it a ping tunnel.

How It Works

Client ---> G.F.W ---> Server ---> Internet
 tun0       ping        tun0

docker-compose.yml

server:
  image: vimagick/hans
  environment:
    - NETWORK=10.1.2.0
    - PASSWORD=password
  net: host
  privileged: yes
  restart: always

client:
  image: easypi/hans-arm
  environment:
    - SERVER=1.2.3.4
    - PASSWORD=password
  net: host
  privileged: yes
  restart: always

Server Setup

# Start Server Container
$ docker-compose up -d server

# Enable Masquerade (Method A)
$ iptables -t nat -A POSTROUTING -s 10.1.2.0/24 -o eth0 -j MASQUERADE

# Enable Masquerade (Method B)
$ firewall-cmd --add-masquerade

Client Setup

# Start Client Container
$ docker-compose up -d client

# Access Server Directly
$ ip route add 1.2.3.4 via 192.168.1.1

# Change Default Route (Method A)
$ ip route change default via 10.1.2.1

# Change Default Route (Method B)
$ ip route add 0.0.0.0/1 dev tun0
$ ip route add 128.0.0.0/1 dev tun0

# Enable IP Forwarding
$ sysctl -w net.ipv4.ip_forward=1
$ iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o tun0 -j MASQUERADE