0

I am trying to use this OpenVPN image in ACI (https://github.com/kylemanna/docker-openvpn). As part of it, it tries to set iptables and fails.

+ setupIptablesAndRouting + iptables -t nat -C POSTROUTING -s 192.168.255.0/24 -o eth0 -j MASQUERADE iptables v1.6.2: can't initialize iptables table 'nat': Permission denied (you must be root) Perhaps iptables or your kernel needs to be upgraded. + iptables -t nat -A POSTROUTING -s 192.168.255.0/24 -o eth0 -j MASQUERADE iptables v1.6.2: can't initialize iptables table 'nat': Permission denied (you must be root) Perhaps iptables or your kernel needs to be upgraded.

It is likely because the docker image uses --cap-add=NET_ADMIN for normal running in Docker. Is there a way to do this in ACI (or run that iptables command with higher permissions)?

dunnry
  • 6,858
  • 1
  • 20
  • 20
  • Why do you want to set up iptables in the container? It seems you do not have the permission to execute the command. – Charles Xu Sep 12 '18 at 09:34
  • OpenVPN requires setting iptables to forward traffic. It appears this is not possible today as someone replied on twitter: https://twitter.com/yangl900/status/1039262974936985600 – dunnry Sep 12 '18 at 12:26

0 Answers0