openwrt - docker container image version12.09 x86
257
openwrt for devssh container _ ? macaddr config / network and firewall
access to container with docker exec -it openwrtgerneric_rootfs /bin/ash \
if the server has internet over network manager and the internet connect user blank tagdocker import http://downloads.openwrt.org/attitude_adjustment/12.09/x86/generic/openwrt-x86-generic-rootfs.tar.gz openwrt-x86-generic-rootfs \
openwrt - version12.09 x86
edit time manually with
date -s hh:mm[:ss]
on image jgsoftwares/openwrt-x86-generic-rootfs:firewall an simple ssh tunnel is installed\
simple docker openwrt container image
from
https://openwrt.org/docs/guide-user/virtualization/docker_openwrt_image?s[]=dockerfile
// ---------------------------------------
uci set network.wan.proto=dhcp
uci commit network
ifup wan \
ip addr del 10.88 dev cni-podman0
ip addr add 217.160.255.254/32 dev cni-podman0 \
config wan
sysctl -w net.ipv4.ip_nonlocal_bind=1
sysctl -w net.ipv4.conf.all.forwarding=1
sysctl -w net.ipv4.ip_forward=1
cni-podman0 Link encap:Ethernet HWaddr 2A:3A:86:08:8E:F1 \
inet addr:217.160.255.254 Bcast:0.0.0.0 Mask:255.255.255.255 \
inet6 addr: fe80::283a:86ff:fe08:8ef1/64 Scope:Link \
UP BROADCAST MULTICAST MTU:1500 Metric:1 \
RX packets:29 errors:0 dropped:0 overruns:0 frame:0 \
TX packets:25 errors:0 dropped:0 overruns:0 carrier:0 \
collisions:0 txqueuelen:1000 \
RX bytes:2044 (1.9 KiB) TX bytes:2900 (2.8 KiB) \
ntp server is enabled \
create vlan landingpe: docker network create -d ipvlan --subnet=217.160.255.254/32 --gateway=217.160.255.254 -o ipvlan_mode=l3 -o parent=eth0 landingpagevlandocker network create -d ipvlan --subnet=217.160.255.254/32 --gateway=217.160.255.254 -o ipvlan_mode=l3 -o parent=eth0 lanserverdocker network create -d ipvlan --subnet=217.160.255.254/32 --gateway=217.160.255.254 -o ipvlan_mode=l3 -o parent=eth0 devssh \
docker network create -d ipvlan --subnet=217.160.255.254/32 --gateway=217.160.255.254 -o ipvlan_mode=l2 -o parent=ens6 virbr0
// ---------------------------------------
ip rule add fwmark 1088 table 100
ip route add local 0.0.0.0/0 dev eth0 table 100
\
wan config
uci set network.wan.proto=static
uci set network.wan.ipaddr=217.160.255.254
uci set network.wan.netmask=255.255.255.255
uci set network.wan.gateway=217.160.255.1
uci set network.wan.dns=95.85.95.85
uci add_list network.wan.dns=2.56.220.2
uci commit
/etc/init.d/network restart
change password with
passwd
by default -> jj78mvpr52k1 \
set Timezone to germany with
echo "CET-1CEST,M3.5.0,M10.5.0/3" > /etc/TZCET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00 \
echo UTC+1 > /etc/TZ
show timezone date +"%Z %z"
show date
date ; uci show | grep timezone
the http config for luci-gui
uci -q delete uhttpd.main.listen_http
uci add_list uhttpd.main.listen_http="217.160.255.254:8081"
uci -q delete uhttpd.main.listen_https
uci add_list uhttpd.main.listen_https="217.160.255.254:8444"
uci commit uhttpd
/etc/init.d/uhttpd restart \
after running this commands the luci gui is available over:
http://yourwanip:8081/cgin-bin/luci \
the hostname and wan ip is hard coded for the future the config for network firewall usw. was set with embedded files with the dockerguipanel https://github.com/demogitjava/GUI-ServerPanel-Docker \
stop firewall
/etc/init.d/firewall stop
/etc/init.d/firewall disable \
config the default network : \
vi /etc/config/network \
config 'globals'\
option packet_steering '6' # cpu \
option ula_prefix 'yourwanip/32' \
config interface 'wan' \
option ifname 'eth0' \
option type 'bridge' \
option proto 'static' \
option ipaddr 'yourwanip' \
option netmask '255.255.255.255' \
option gateway '0.0.0.0' \
run container with \
docker run -it --name openwrt --runtime runc -e TZ=Europe/Berlin --cpu-shares 1024 --cpu-quota 1000 --cpu-period 1000 -p 0.0.0.0:8444:8444 -p 0.0.0.0:8081:8081 -p 0.0.0.0:123:123 -p 0.0.0.0:323:323 --net=host --add-host=demogitjava.ddns.net:217.160.255.254 --platform=linux/amd64 --dns 8.20.247.20 --dns 8.26.56.26 -e NTP_SERVER="2.rhel.pool.ntp.org" --kernel-memory=6M --restart unless-stopped --privileged --device=/dev/kvm --isolation=default jgsoftwares/openwrt-x86-generic-rootfs:emptyfirewall /bin/ash
docker pull jgsoftwares/openwrt-x86-generic-rootfs