diff --git a/pptpd/Dockerfile b/pptpd/Dockerfile index 6b7b18f..828a0d2 100644 --- a/pptpd/Dockerfile +++ b/pptpd/Dockerfile @@ -1,20 +1,18 @@ # # Dockerfile for pptpd # +# WARNING: I ONLY WORKS IN NET:HOST MODE +# FROM debian:jessie MAINTAINER kev RUN apt-get update \ - && apt-get install -y iptables pptpd \ + && apt-get install -y pptpd \ && rm -rf /var/lib/apt/lists/* COPY pptpd.conf /etc/ COPY chap-secrets /etc/ppp/ -COPY options.pptp /etc/ppp/ - -EXPOSE 1723 - -CMD iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE \ - && pptpd --fg +COPY pptpd-options /etc/ppp/ +CMD ["pptpd", "--fg"] diff --git a/pptpd/README.md b/pptpd/README.md index 3646168..f394104 100644 --- a/pptpd/README.md +++ b/pptpd/README.md @@ -11,13 +11,22 @@ pptpd: image: vimagick/pptpd volumes: - ./pptpd.conf:/etc/pptpd.conf - - ./options.pptp:/etc/ppp/options.pptp + - ./pptpd-options:/etc/ppp/pptpd-options - ./chap-secrets:/etc/ppp/chap-secrets net: host privileged: true restart: always ``` +## server + +``` +$ docker-compose up -d +$ iptables -t filter -I INPUT -p tcp --dport 1723 -j ACCEPT +$ iptables -t filter -I INPUT -p 47 -j ACCEPT +$ iptables -t nat -I POSTROUTING -s 192.168.127.0/24 -j MASQUERADE +``` + You must open the following ports: - To allow PPTP tunnel maintenance traffic, open `1723/tcp`. diff --git a/pptpd/options.pptp b/pptpd/options.pptp deleted file mode 100644 index 3b1b967..0000000 --- a/pptpd/options.pptp +++ /dev/null @@ -1,7 +0,0 @@ -lock -auth -+chap -name datageek -proxyarp -ms-dns 8.8.8.8 -ms-dns 8.8.4.4 diff --git a/pptpd/pptpd-options b/pptpd/pptpd-options new file mode 100644 index 0000000..a55dcd9 --- /dev/null +++ b/pptpd/pptpd-options @@ -0,0 +1,15 @@ +name pptpd +refuse-pap +refuse-chap +refuse-mschap +require-mschap-v2 +require-mppe-128 +proxyarp +nodefaultroute +lock +nobsdcomp +novj +novjccomp +nologfd +ms-dns 8.8.8.8 +ms-dns 8.8.4.4 diff --git a/pptpd/pptpd.conf b/pptpd/pptpd.conf index 918996f..c9c75f4 100644 --- a/pptpd/pptpd.conf +++ b/pptpd/pptpd.conf @@ -1,5 +1,4 @@ -speed 115200 option /etc/ppp/options.pptp +pidfile /var/run/pptpd.pid localip 192.168.127.1 remoteip 192.168.127.100-199 -pidfile /var/run/pptpd.pid