Works perfect in Unraid but can't start in in Ubuntu 20.04 when wireguard is enabled.
--cap-add=NET_ADMIN, --cap-add=SYS_MODULE, --privileged, --sysctl="net.ipv4.conf.all.src_valid_mark=1" , manually 'net.ipv4.conf.all.src_valid_mark=1' in /etc/sysctl.conf, env LEGACY_IPTABLES=1
all of this does not help.
log:
2021-10-26 09:09:43.534658 [INFO] VPN_ENABLED defined as 'yes',
2021-10-26 09:09:43.593403 [INFO] The container is currently running iptables v1.8.2 (nf_tables).,
2021-10-26 09:09:43.681238 [INFO] LEGACY_IPTABLES is set to '1',
2021-10-26 09:09:43.760422 [INFO] Setting iptables to iptables (legacy),
update-alternatives: using /usr/sbin/iptables-legacy to provide /usr/sbin/iptables (iptables) in manual mode,
2021-10-26 09:09:43.905404 [INFO] The container is now running iptables v1.8.2 (legacy).,
2021-10-26 09:09:43.975232 [INFO] VPN_TYPE defined as 'wireguard',
2021-10-26 09:09:44.033861 [INFO] WireGuard config file is found at /config/wireguard/wg0.conf,
dos2unix: converting file /config/wireguard/wg0.conf to Unix format...,
2021-10-26 09:09:44.114071 [INFO] VPN remote line defined as '185.xxx.xx.132:51820',
2021-10-26 09:09:44.175546 [INFO] VPN_REMOTE defined as '185.xxx.xx.132',
2021-10-26 09:09:44.231738 [INFO] VPN_PORT defined as '51820',
2021-10-26 09:09:44.297746 [INFO] VPN_PROTOCOL set as 'udp', since WireGuard is always udp.,
2021-10-26 09:09:44.363075 [INFO] VPN_DEVICE_TYPE set as 'wg0', since WireGuard will always be wg0.,
2021-10-26 09:09:44.436122 [INFO] LAN_NETWORK defined as '192.168.0.0/24',
2021-10-26 09:09:44.507866 [WARNING] NAME_SERVERS not defined (via -e NAME_SERVERS), defaulting to CloudFlare and Google name servers,
2021-10-26 09:09:44.584923 [INFO] Adding 1.1.1.1 to resolv.conf,
2021-10-26 09:09:44.647954 [INFO] Adding 8.8.8.8 to resolv.conf,
2021-10-26 09:09:44.701204 [INFO] Adding 1.0.0.1 to resolv.conf,
2021-10-26 09:09:44.751732 [INFO] Adding 8.8.4.4 to resolv.conf,
2021-10-26 09:09:44.794387 [INFO] Starting WireGuard...,
Warning: `/config/wireguard/wg0.conf' is world accessible,
[#] ip link add wg0 type wireguard,
[#] wg setconf wg0 /dev/fd/63,
[#] ip -4 address add 10.100.0.176/32 dev wg0,
[#] ip link set mtu 1420 up dev wg0,
[#] resolvconf -a wg0 -m 0 -x,
[#] wg set wg0 fwmark 51820,
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820,
[#] ip -4 rule add not fwmark 51820 table 51820,
[#] ip -4 rule add table main suppress_prefixlength 0,
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1,
sysctl: setting key "net.ipv4.conf.all.src_valid_mark": Read-only file system,
[#] resolvconf -d wg0 -f,
[#] ip -4 rule delete table 51820,
[#] ip -4 rule delete table main suppress_prefixlength 0,
[#] ip link delete dev wg0
Works perfect in Unraid but can't start in in Ubuntu 20.04 when wireguard is enabled.
--cap-add=NET_ADMIN, --cap-add=SYS_MODULE, --privileged, --sysctl="net.ipv4.conf.all.src_valid_mark=1" , manually 'net.ipv4.conf.all.src_valid_mark=1' in /etc/sysctl.conf, env LEGACY_IPTABLES=1 all of this does not help.
log:
2021-10-26 09:09:43.534658 [INFO] VPN_ENABLED defined as 'yes', 2021-10-26 09:09:43.593403 [INFO] The container is currently running iptables v1.8.2 (nf_tables)., 2021-10-26 09:09:43.681238 [INFO] LEGACY_IPTABLES is set to '1', 2021-10-26 09:09:43.760422 [INFO] Setting iptables to iptables (legacy), update-alternatives: using /usr/sbin/iptables-legacy to provide /usr/sbin/iptables (iptables) in manual mode, 2021-10-26 09:09:43.905404 [INFO] The container is now running iptables v1.8.2 (legacy)., 2021-10-26 09:09:43.975232 [INFO] VPN_TYPE defined as 'wireguard', 2021-10-26 09:09:44.033861 [INFO] WireGuard config file is found at /config/wireguard/wg0.conf, dos2unix: converting file /config/wireguard/wg0.conf to Unix format..., 2021-10-26 09:09:44.114071 [INFO] VPN remote line defined as '185.xxx.xx.132:51820', 2021-10-26 09:09:44.175546 [INFO] VPN_REMOTE defined as '185.xxx.xx.132', 2021-10-26 09:09:44.231738 [INFO] VPN_PORT defined as '51820', 2021-10-26 09:09:44.297746 [INFO] VPN_PROTOCOL set as 'udp', since WireGuard is always udp., 2021-10-26 09:09:44.363075 [INFO] VPN_DEVICE_TYPE set as 'wg0', since WireGuard will always be wg0., 2021-10-26 09:09:44.436122 [INFO] LAN_NETWORK defined as '192.168.0.0/24', 2021-10-26 09:09:44.507866 [WARNING] NAME_SERVERS not defined (via -e NAME_SERVERS), defaulting to CloudFlare and Google name servers, 2021-10-26 09:09:44.584923 [INFO] Adding 1.1.1.1 to resolv.conf, 2021-10-26 09:09:44.647954 [INFO] Adding 8.8.8.8 to resolv.conf, 2021-10-26 09:09:44.701204 [INFO] Adding 1.0.0.1 to resolv.conf, 2021-10-26 09:09:44.751732 [INFO] Adding 8.8.4.4 to resolv.conf, 2021-10-26 09:09:44.794387 [INFO] Starting WireGuard..., Warning: `/config/wireguard/wg0.conf' is world accessible, [#] ip link add wg0 type wireguard, [#] wg setconf wg0 /dev/fd/63, [#] ip -4 address add 10.100.0.176/32 dev wg0, [#] ip link set mtu 1420 up dev wg0, [#] resolvconf -a wg0 -m 0 -x, [#] wg set wg0 fwmark 51820, [#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820, [#] ip -4 rule add not fwmark 51820 table 51820, [#] ip -4 rule add table main suppress_prefixlength 0, [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1, sysctl: setting key "net.ipv4.conf.all.src_valid_mark": Read-only file system, [#] resolvconf -d wg0 -f, [#] ip -4 rule delete table 51820, [#] ip -4 rule delete table main suppress_prefixlength 0, [#] ip link delete dev wg0