deviationist
commented
1 year ago If there is only support to open port for the exposed port (and not the mapped port) then it would be nice with some sort of solution where one do a port forward in the iptables. So that I can route my VPN traffic to my Ubuntu-box on port 1196, then iptables routes it from 1196 to 1194 on the Docker-container.
Not sure if this is intentional, but I'm not able to add a rule for my OpenVPN-server.
In my case I'm trying to set up OpenVPN with Docker, this is working fine with vanilla Ubuntu 22.04.2 LTS. Here is the build command: docker run --restart=unless-stopped --name=openvpn-server -v ~/docker-config/openvpn:/etc/openvpn -d -p 1196:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn
As you can see the container exposes port 1194 and I've mapped it to port 1196.
I've installed the ufw-docker-script as instructed in the README-file, UFW is activated, then I run
sudo ufw-docker allow openvpn-server 1196/udpto add a new rule in iptables, but I get the following error:Fail to add rule(s), cannot find the published port 1196/udp of instance "openvpn-server" or cannot update outdated rule(s)..Is this intentional?