Merge pull request #69 from jrparks/master

IP Nat Masquerade

Dockerfile

@@ -12,6 +12,7 @@ ENV OPENVPN_OPTS=
 ENV CONNECTION_TYPE=tcp
 ENV LAN_NETWORK=
 ENV CREATE_TUN_DEVICE=
+ENV ENABLE_MASQUERADE=
 ENV OVPN_CONFIGS=
 ENV ENABLE_KILL_SWITCH=true
 HEALTHCHECK --interval=60s --timeout=10s --start-period=30s CMD curl -s https://api.surfshark.com/v1/server/user | grep '"secured":true'

README.md

@@ -31,6 +31,7 @@ The container is configurable using 5 environment variables:
 |CONNECTION_TYPE|No|The connection type that you want to use: tcp, udp|
 |LAN_NETWORK|No|Lan network used to access the web ui of attached containers. Can be comma seperated for multiple subnets Comment out or leave blank: example 192.168.0.0/24|
 |CREATE_TUN_DEVICE|No|Creates the TUN device, useful for NAS users|
+|ENABLE_MASQUERADE|No|Masquerade NAT allows you to translate multiple IP addresses to another single IP address.|
 |OVPN_CONFIGS|No|Manually provide the path used to read the "Surfshark_Config.zip" file (contains Surshark's OpenVPN configuration files)
 |ENABLE_KILL_SWITCH|No|Enable the kill-switch functionality
 

startup.sh

@@ -32,6 +32,12 @@ if [ "${CREATE_TUN_DEVICE}" = "true" ]; then
   chmod 0666 /dev/net/tun
 fi
 
+# Enable NAT w MASQUERADE mode
+if [ "${ENABLE_MASQUERADE}" = "true" ]; then
+  echo "Enabling IP MASQUERADE using IP Tables"
+  iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE
+fi
+
 openvpn --config $VPN_FILE --auth-user-pass vpn-auth.txt --mute-replay-warnings $OPENVPN_OPTS --script-security 2 --up /vpn/sockd.sh
 
 if [ "${ENABLE_KILL_SWITCH}" = "true" ]; then