ip: invalid argument '51820' to 'table'

masipcat / wireguard-go-docker

Wireguard docker image

https://hub.docker.com/r/masipcat/wireguard-go

GNU General Public License v3.0

195 stars 41 forks source link

ip: invalid argument '51820' to 'table' #11

Open Neurrone opened 4 years ago

Neurrone commented 4 years ago

I'm getting the following error:

INFO: (wg0) 2020/06/02 15:11:48 Starting wireguard-go version 0.0.20200320
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.67.113.92/32 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a wg0 -m 0 -x
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
ip: invalid argument '51820' to 'table'
[#] resolvconf -d wg0 -f
[#] ip link delete dev wg0

The configure file is as follows:

[Interface]
PrivateKey = ...
Address = 10.67.113.92/32
DNS = 8.8.8.8

[Peer]
PublicKey = ...
AllowedIPs = 0.0.0.0/0
Endpoint = 43.245.162.234:51820

And here's the docker-compose:

version: "3.7"
services:
  wireguard:
    image: masipcat/wireguard-go:latest
    container_name: wireguard
    sysctls:
      - net.ipv4.ip_forward=1
    cap_add:
      - NET_ADMIN
    volumes:
      - ./mullvad_wireguard_linux_all_all/mullvad-au1.conf:/etc/wireguard/wg0.conf
      - /dev/net/tun:/dev/net/tun
    ports:
      - 51820:51820/udp
    restart: unless-stopped

masipcat commented 4 years ago

Fixed in latest. You will need to uncomment this line in your docker-compose.yaml: https://github.com/masipcat/wireguard-go-docker/blob/93a1aa175adcb0ed6a2867d44ffc98e6e5d2d4db/docker-compose.yml#L17-L18

Neurrone commented 4 years ago

Hm, it now gets a bit further along and then now fails with a different error.

[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n
iptables-restore v1.8.3 (legacy): iptables-restore: unable to initialize table 'raw'

Error occurred at line: 1
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
[#] resolvconf -d wg0 -f
[#] ip -4 rule delete table 51820
[#] ip -4 rule delete table main suppress_prefixlength 0
[#] ip link delete dev wg0

masipcat commented 4 years ago

Which OS are you using? I can't reproduce this error

Neurrone commented 4 years ago

I'm attempting to run this on a Synology. So this might not work because of an outdated kernel version. I'll test on another machine to see if I can reproduce.

Neurrone commented 4 years ago

Reproduced with docker running under WSL 2 on Windows 10 2004.

wireguard    | INFO: (wg0) 2020/06/14 08:26:30 Starting wireguard-go version 0.0.20200320
wireguard    | [#] wg setconf wg0 /dev/fd/63
wireguard    | [#] ip -4 address add 10.67.113.92/32 dev wg0
wireguard    | [#] ip link set mtu 1420 up dev wg0
wireguard    | [#] resolvconf -a wg0 -m 0 -x
wireguard    | [#] wg set wg0 fwmark 51820
wireguard    | [#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
wireguard    | [#] ip -4 rule add not fwmark 51820 table 51820
wireguard    | [#] ip -4 rule add table main suppress_prefixlength 0
wireguard    | [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
wireguard    | [#] iptables-restore -n
wireguard    | iptables-restore v1.8.3 (legacy): unknown option "--save-mark"
wireguard    | Error occurred at line: 5
wireguard    | Try `iptables-restore -h' or 'iptables-restore --help' for more information.
wireguard    | [#] resolvconf -d wg0 -f
wireguard    | [#] ip -4 rule delete table 51820
wireguard    | [#] ip -4 rule delete table main suppress_prefixlength 0
wireguard    | [#] ip link delete dev wg0