From a82f530d40f1d1207316fc498431826df990c278 Mon Sep 17 00:00:00 2001 From: kev Date: Sun, 28 Jun 2015 11:12:07 +0800 Subject: [PATCH] updat --- pptpd/Dockerfile | 12 +++++------- pptpd/README.md | 11 ++++++++++- pptpd/options.pptp | 7 ------- pptpd/pptpd-options | 15 +++++++++++++++ pptpd/pptpd.conf | 3 +-- 5 files changed, 31 insertions(+), 17 deletions(-) delete mode 100644 pptpd/options.pptp create mode 100644 pptpd/pptpd-options diff --git a/pptpd/Dockerfile b/pptpd/Dockerfile index 6b7b18f..828a0d2 100644 --- a/pptpd/Dockerfile +++ b/pptpd/Dockerfile @@ -1,20 +1,18 @@ # # Dockerfile for pptpd # +# WARNING: I ONLY WORKS IN NET:HOST MODE +# FROM debian:jessie MAINTAINER kev RUN apt-get update \ - && apt-get install -y iptables pptpd \ + && apt-get install -y pptpd \ && rm -rf /var/lib/apt/lists/* COPY pptpd.conf /etc/ COPY chap-secrets /etc/ppp/ -COPY options.pptp /etc/ppp/ - -EXPOSE 1723 - -CMD iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE \ - && pptpd --fg +COPY pptpd-options /etc/ppp/ +CMD ["pptpd", "--fg"] diff --git a/pptpd/README.md b/pptpd/README.md index 3646168..f394104 100644 --- a/pptpd/README.md +++ b/pptpd/README.md @@ -11,13 +11,22 @@ pptpd: image: vimagick/pptpd volumes: - ./pptpd.conf:/etc/pptpd.conf - - ./options.pptp:/etc/ppp/options.pptp + - ./pptpd-options:/etc/ppp/pptpd-options - ./chap-secrets:/etc/ppp/chap-secrets net: host privileged: true restart: always ``` +## server + +``` +$ docker-compose up -d +$ iptables -t filter -I INPUT -p tcp --dport 1723 -j ACCEPT +$ iptables -t filter -I INPUT -p 47 -j ACCEPT +$ iptables -t nat -I POSTROUTING -s 192.168.127.0/24 -j MASQUERADE +``` + You must open the following ports: - To allow PPTP tunnel maintenance traffic, open `1723/tcp`. diff --git a/pptpd/options.pptp b/pptpd/options.pptp deleted file mode 100644 index 3b1b967..0000000 --- a/pptpd/options.pptp +++ /dev/null @@ -1,7 +0,0 @@ -lock -auth -+chap -name datageek -proxyarp -ms-dns 8.8.8.8 -ms-dns 8.8.4.4 diff --git a/pptpd/pptpd-options b/pptpd/pptpd-options new file mode 100644 index 0000000..a55dcd9 --- /dev/null +++ b/pptpd/pptpd-options @@ -0,0 +1,15 @@ +name pptpd +refuse-pap +refuse-chap +refuse-mschap +require-mschap-v2 +require-mppe-128 +proxyarp +nodefaultroute +lock +nobsdcomp +novj +novjccomp +nologfd +ms-dns 8.8.8.8 +ms-dns 8.8.4.4 diff --git a/pptpd/pptpd.conf b/pptpd/pptpd.conf index 918996f..c9c75f4 100644 --- a/pptpd/pptpd.conf +++ b/pptpd/pptpd.conf @@ -1,5 +1,4 @@ -speed 115200 option /etc/ppp/options.pptp +pidfile /var/run/pptpd.pid localip 192.168.127.1 remoteip 192.168.127.100-199 -pidfile /var/run/pptpd.pid