能提供一下docker和dockerd么?
flyhong666 opened this issue · comments
能提供一下docker和dockerd么?我从人家一个库里面拷贝过来,下载文件那一步都不行。晕死了,导致没法编译。
好奇怪,一样的问题,都是没法下载,我科学上网都是没问题的。
我搞明白了。原来是代码指定的golang和我现在库代码路径不一致导致。自行处理好了。。。
我搞明白了。原来是代码指定的golang和我现在库代码路径不一致导致。自行处理好了。。。
求教
我用的大佬告诉的修改Makefile的方法编译过的
我搞明白了。原来是代码指定的golang和我现在库代码路径不一致导致。自行处理好了。。。
求教
我用的大佬告诉的修改Makefile的方法编译过的
不修改也可以,但是要将目录放到feeds\packages\utils 里面。。
用大雕的源码暂时没法编译通过,要覆盖好多文件。暂时不升级折腾了。。。
用大雕的源码暂时没法编译通过,要覆盖好多文件。暂时不升级折腾了。。。
了解
我就用最简单的方法吧
用大雕的源码暂时没法编译通过,要覆盖好多文件。暂时不升级折腾了。。。
了解
我就用最简单的方法吧
请问方法是什么?可以告诉我吗?我折腾了几天,在LEAN的源码,加上这个dockerman编译就提示docker和dockerd出错。谢谢了。
晕,编译是通过了,可点击一下容器就出错。。。
/usr/lib/lua/luci/dispatcher.lua:381: Failed to execute cbi dispatcher target for entry '/admin/docker/containers'.
The called action terminated with an exception:
/usr/lib/lua/luci/model/cbi/dockerman/containers.lua:39: bad argument #1 to 'new' (string expected, got nil)
stack traceback:
[C]: in function 'assert'
/usr/lib/lua/luci/dispatcher.lua:381: in function 'dispatch'
/usr/lib/lua/luci/dispatcher.lua:95: in function </usr/lib/lua/luci/dispatcher.lua:94>
选择仓库镜像后,点击保存应用也出错。。。
/usr/lib/lua/luci/dispatcher.lua:381: Failed to execute cbi dispatcher target for entry '/admin/docker/overview'.
The called action terminated with an exception:
/usr/lib/lua/luci/model/cbi/dockerman/overview.lua:119: bad argument #4 to 'set' (string expected, got nil)
stack traceback:
[C]: in function 'assert'
/usr/lib/lua/luci/dispatcher.lua:381: in function 'dispatch'
/usr/lib/lua/luci/dispatcher.lua:95: in function </usr/lib/lua/luci/dispatcher.lua:94>
选择仓库镜像后,点击保存应用也出错。。。
/usr/lib/lua/luci/dispatcher.lua:381: Failed to execute cbi dispatcher target for entry '/admin/docker/overview'.
The called action terminated with an exception:
/usr/lib/lua/luci/model/cbi/dockerman/overview.lua:119: bad argument #4 to 'set' (string expected, got nil)
stack traceback:
[C]: in function 'assert'
/usr/lib/lua/luci/dispatcher.lua:381: in function 'dispatch'
/usr/lib/lua/luci/dispatcher.lua:95: in function </usr/lib/lua/luci/dispatcher.lua:94>
那只能等两位大佬合作,才能解决了。
晕,编译是通过了,可点击一下容器就出错。。。
/usr/lib/lua/luci/dispatcher.lua:381: Failed to execute cbi dispatcher target for entry '/admin/docker/containers'.
The called action terminated with an exception:
/usr/lib/lua/luci/model/cbi/dockerman/containers.lua:39: bad argument #1 to 'new' (string expected, got nil)
stack traceback:
[C]: in function 'assert'
/usr/lib/lua/luci/dispatcher.lua:381: in function 'dispatch'
/usr/lib/lua/luci/dispatcher.lua:95: in function </usr/lib/lua/luci/dispatcher.lua:94>
opkg install luci-lib-ip
选择仓库镜像后,点击保存应用也出错。。。
/usr/lib/lua/luci/dispatcher.lua:381: Failed to execute cbi dispatcher target for entry '/admin/docker/overview'.
The called action terminated with an exception:
/usr/lib/lua/luci/model/cbi/dockerman/overview.lua:119: bad argument #4 to 'set' (string expected, got nil)
stack traceback:
[C]: in function 'assert'
/usr/lib/lua/luci/dispatcher.lua:381: in function 'dispatch'
/usr/lib/lua/luci/dispatcher.lua:95: in function </usr/lib/lua/luci/dispatcher.lua:94>
感谢测试,等下更新
晕,编译是通过了,可点击一下容器就出错。。。
/usr/lib/lua/luci/dispatcher.lua:381: Failed to execute cbi dispatcher target for entry '/admin/docker/containers'.
The called action terminated with an exception:
/usr/lib/lua/luci/model/cbi/dockerman/containers.lua:39: bad argument #1 to 'new' (string expected, got nil)
stack traceback:
[C]: in function 'assert'
/usr/lib/lua/luci/dispatcher.lua:381: in function 'dispatch'
/usr/lib/lua/luci/dispatcher.lua:95: in function </usr/lib/lua/luci/dispatcher.lua:94>opkg install luci-lib-ip
有这个哦。。。。
晕,编译是通过了,可点击一下容器就出错。。。
/usr/lib/lua/luci/dispatcher.lua:381: Failed to execute cbi dispatcher target for entry '/admin/docker/containers'.
The called action terminated with an exception:
/usr/lib/lua/luci/model/cbi/dockerman/containers.lua:39: bad argument #1 to 'new' (string expected, got nil)
stack traceback:
[C]: in function 'assert'
/usr/lib/lua/luci/dispatcher.lua:381: in function 'dispatch'
/usr/lib/lua/luci/dispatcher.lua:95: in function </usr/lib/lua/luci/dispatcher.lua:94>opkg install luci-lib-ip
有这个哦。。。。
已经更新,麻烦下载ipk先测试下
晕,编译是通过了,可点击一下容器就出错。。。
/usr/lib/lua/luci/dispatcher.lua:381: Failed to execute cbi dispatcher target for entry '/admin/docker/containers'.
The called action terminated with an exception:
/usr/lib/lua/luci/model/cbi/dockerman/containers.lua:39: bad argument #1 to 'new' (string expected, got nil)
stack traceback:
[C]: in function 'assert'
/usr/lib/lua/luci/dispatcher.lua:381: in function 'dispatch'
/usr/lib/lua/luci/dispatcher.lua:95: in function </usr/lib/lua/luci/dispatcher.lua:94>opkg install luci-lib-ip
有这个哦。。。。已经更新,麻烦下载ipk先测试下
现在打开没有问题了,可是弄好的东西打不开哦。
弄好
弄好的东西是指什么
弄好
弄好的东西是指什么
我就弄了一个简单的测速,这个都没法运行起来。以前的老版本是可以的。
iptables -A DOCKER-MAN -i br-lan -o docker0 -j RETURN
sed -i 's/config_load docker$/config_load dockerd/' /etc/config/dockerman
麻烦测试下,谢谢
iptables -A DOCKER-MAN -i br-lan -o docker0 -j RETURN sed -i 's/config_load docker$/config_load dockerd/' /etc/config/dockerman麻烦测试下,谢谢
root@OpenWrt:/# iptables -A DOCKER-MAN -i br-lan -o docker0 -j RETURN
root@OpenWrt:/# sed -i 's/config_load docker$/config_load dockerd/' /etc/config/dockerman
sed: /etc/config/dockerman: No such file or directory
错了是 sed -i 's/config_load docker$/config_load dockerd/' /etc/init.d/dockerman
错了是 sed -i 's/config_load docker$/config_load dockerd/' /etc/init.d/dockerman
还是不行哦。。。
iptables-save
ip addr
内容贴一下
iptables-save
ip addr
内容贴一下
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -| || | | || || |
|_____|| |||||___||| |____|
|| W I R E L E S S F R E E D O M
OpenWrt SNAPSHOT, r3222-6f0e71058
root@OpenWrt:/# iptables-save
Generated by iptables-save v1.8.4 on Sun Jun 6 18:42:19 2021
*nat
:PREROUTING ACCEPT [317:185241]
:INPUT ACCEPT [8:946]
:OUTPUT ACCEPT [24:1788]
:POSTROUTING ACCEPT [4:268]
:DOCKER - [0:0]
:MINIUPNPD - [0:0]
:MINIUPNPD-POSTROUTING - [0:0]
:postrouting_docker_rule - [0:0]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_docker_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_docker_postrouting - [0:0]
:zone_docker_prerouting - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
-A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
-A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
-A PREROUTING -i eth1 -m comment --comment "!fw3" -j zone_wan_prerouting
-A PREROUTING -i docker0 -m comment --comment "!fw3" -j zone_docker_prerouting
-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
-A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
-A POSTROUTING -s 172.17.0.2/32 -d 172.17.0.2/32 -p tcp -m tcp --dport 80 -j MASQUERADE
-A POSTROUTING -s 172.17.0.2/32 -d 172.17.0.2/32 -p tcp -m tcp --dport 80 -j MASQUERADE
-A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
-A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
-A POSTROUTING -o eth1 -m comment --comment "!fw3" -j zone_wan_postrouting
-A POSTROUTING -o docker0 -m comment --comment "!fw3" -j zone_docker_postrouting
-A DOCKER -i docker0 -j RETURN
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 2020 -j DNAT --to-destination 172.17.0.2:80
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 2020 -j DNAT --to-destination 172.17.0.2:80
-A zone_docker_postrouting -m comment --comment "!fw3: Custom docker postrouting rule chain" -j postrouting_docker_rule
-A zone_docker_prerouting -m comment --comment "!fw3: Custom docker prerouting rule chain" -j prerouting_docker_rule
-A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
-A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
-A zone_wan_postrouting -j MINIUPNPD-POSTROUTING
-A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
-A zone_wan_postrouting -m comment --comment "!fw3" -j FULLCONENAT
-A zone_wan_prerouting -j MINIUPNPD
-A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
-A zone_wan_prerouting -m comment --comment "!fw3" -j FULLCONENAT
COMMIT
Completed on Sun Jun 6 18:42:19 2021
Generated by iptables-save v1.8.4 on Sun Jun 6 18:42:19 2021
*raw
:PREROUTING ACCEPT [974:502892]
:OUTPUT ACCEPT [322:340501]
:zone_docker_helper - [0:0]
:zone_lan_helper - [0:0]
-A PREROUTING -i br-lan -m comment --comment "!fw3: lan CT helper assignment" -j zone_lan_helper
-A PREROUTING -i docker0 -m comment --comment "!fw3: docker CT helper assignment" -j zone_docker_helper
-A zone_docker_helper -p udp -m comment --comment "!fw3: Amanda backup and archiving proto" -m udp --dport 10080 -j CT --helper amanda
-A zone_docker_helper -p tcp -m comment --comment "!fw3: FTP passive connection tracking" -m tcp --dport 21 -j CT --helper ftp
-A zone_docker_helper -p udp -m comment --comment "!fw3: RAS proto tracking" -m udp --dport 1719 -j CT --helper RAS
-A zone_docker_helper -p tcp -m comment --comment "!fw3: Q.931 proto tracking" -m tcp --dport 1720 -j CT --helper Q.931
-A zone_docker_helper -p tcp -m comment --comment "!fw3: IRC DCC connection tracking" -m tcp --dport 6667 -j CT --helper irc
-A zone_docker_helper -p tcp -m comment --comment "!fw3: PPTP VPN connection tracking" -m tcp --dport 1723 -j CT --helper pptp
-A zone_docker_helper -p tcp -m comment --comment "!fw3: SIP VoIP connection tracking" -m tcp --dport 5060 -j CT --helper sip
-A zone_docker_helper -p udp -m comment --comment "!fw3: SIP VoIP connection tracking" -m udp --dport 5060 -j CT --helper sip
-A zone_docker_helper -p udp -m comment --comment "!fw3: SNMP monitoring connection tracking" -m udp --dport 161 -j CT --helper snmp
-A zone_docker_helper -p udp -m comment --comment "!fw3: TFTP connection tracking" -m udp --dport 69 -j CT --helper tftp
-A zone_lan_helper -p udp -m comment --comment "!fw3: Amanda backup and archiving proto" -m udp --dport 10080 -j CT --helper amanda
-A zone_lan_helper -p tcp -m comment --comment "!fw3: FTP passive connection tracking" -m tcp --dport 21 -j CT --helper ftp
-A zone_lan_helper -p udp -m comment --comment "!fw3: RAS proto tracking" -m udp --dport 1719 -j CT --helper RAS
-A zone_lan_helper -p tcp -m comment --comment "!fw3: Q.931 proto tracking" -m tcp --dport 1720 -j CT --helper Q.931
-A zone_lan_helper -p tcp -m comment --comment "!fw3: IRC DCC connection tracking" -m tcp --dport 6667 -j CT --helper irc
-A zone_lan_helper -p tcp -m comment --comment "!fw3: PPTP VPN connection tracking" -m tcp --dport 1723 -j CT --helper pptp
-A zone_lan_helper -p tcp -m comment --comment "!fw3: SIP VoIP connection tracking" -m tcp --dport 5060 -j CT --helper sip
-A zone_lan_helper -p udp -m comment --comment "!fw3: SIP VoIP connection tracking" -m udp --dport 5060 -j CT --helper sip
-A zone_lan_helper -p udp -m comment --comment "!fw3: SNMP monitoring connection tracking" -m udp --dport 161 -j CT --helper snmp
-A zone_lan_helper -p udp -m comment --comment "!fw3: TFTP connection tracking" -m udp --dport 69 -j CT --helper tftp
COMMIT
Completed on Sun Jun 6 18:42:19 2021
Generated by iptables-save v1.8.4 on Sun Jun 6 18:42:19 2021
*mangle
:PREROUTING ACCEPT [974:502892]
:INPUT ACCEPT [954:501852]
:FORWARD ACCEPT [20:1040]
:OUTPUT ACCEPT [326:342468]
:POSTROUTING ACCEPT [326:342468]
:RRDIPT_FORWARD - [0:0]
:RRDIPT_INPUT - [0:0]
:RRDIPT_OUTPUT - [0:0]
-A INPUT -j RRDIPT_INPUT
-A FORWARD -j RRDIPT_FORWARD
-A FORWARD -o eth1 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
-A OUTPUT -j RRDIPT_OUTPUT
-A RRDIPT_FORWARD -s 192.168.10.2/32 -j RETURN
-A RRDIPT_FORWARD -d 192.168.10.2/32 -j RETURN
-A RRDIPT_FORWARD -s 192.168.1.1/32 -j RETURN
-A RRDIPT_FORWARD -d 192.168.1.1/32 -j RETURN
-A RRDIPT_INPUT -i eth0 -j RETURN
-A RRDIPT_INPUT -i eth1 -j RETURN
-A RRDIPT_OUTPUT -o eth0 -j RETURN
-A RRDIPT_OUTPUT -o eth1 -j RETURN
COMMIT
Completed on Sun Jun 6 18:42:19 2021
Generated by iptables-save v1.8.4 on Sun Jun 6 18:42:19 2021
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:DOCKER - [0:0]
:DOCKER-ISOLATION-STAGE-1 - [0:0]
:DOCKER-ISOLATION-STAGE-2 - [0:0]
:DOCKER-MAN - [0:0]
:DOCKER-USER - [0:0]
:MINIUPNPD - [0:0]
:forwarding_docker_rule - [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:forwarding_wan_rule - [0:0]
:input_docker_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:input_wan_rule - [0:0]
:output_docker_rule - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:output_wan_rule - [0:0]
:reject - [0:0]
:syn_flood - [0:0]
:zone_docker_dest_ACCEPT - [0:0]
:zone_docker_forward - [0:0]
:zone_docker_input - [0:0]
:zone_docker_output - [0:0]
:zone_docker_src_ACCEPT - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
:zone_wan_dest_ACCEPT - [0:0]
:zone_wan_dest_REJECT - [0:0]
:zone_wan_forward - [0:0]
:zone_wan_input - [0:0]
:zone_wan_output - [0:0]
:zone_wan_src_REJECT - [0:0]
-A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
-A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m comment --comment "!fw3" -j syn_flood
-A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
-A INPUT -i eth1 -m comment --comment "!fw3" -j zone_wan_input
-A INPUT -i docker0 -m comment --comment "!fw3" -j zone_docker_input
-A FORWARD -j DOCKER-USER
-A FORWARD -j DOCKER-ISOLATION-STAGE-1
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
-A FORWARD -m comment --comment "!fw3: Traffic offloading" -m conntrack --ctstate RELATED,ESTABLISHED -j FLOWOFFLOAD
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
-A FORWARD -i eth1 -m comment --comment "!fw3" -j zone_wan_forward
-A FORWARD -i docker0 -m comment --comment "!fw3" -j zone_docker_forward
-A FORWARD -m comment --comment "!fw3" -j reject
-A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
-A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
-A OUTPUT -o eth1 -m comment --comment "!fw3" -j zone_wan_output
-A OUTPUT -o docker0 -m comment --comment "!fw3" -j zone_docker_output
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
-A DOCKER-ISOLATION-STAGE-1 -j RETURN
-A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
-A DOCKER-ISOLATION-STAGE-2 -j RETURN
-A DOCKER-MAN -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j RETURN
-A DOCKER-MAN -o docker0 -m conntrack --ctstate INVALID,NEW -j DROP
-A DOCKER-MAN -j RETURN
-A DOCKER-USER -j DOCKER-MAN
-A DOCKER-USER -i eth1 -o docker0 -j REJECT --reject-with icmp-port-unreachable
-A DOCKER-USER -j RETURN
-A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
-A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp-port-unreachable
-A syn_flood -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 25/sec --limit-burst 50 -m comment --comment "!fw3" -j RETURN
-A syn_flood -m comment --comment "!fw3" -j DROP
-A zone_docker_dest_ACCEPT -o docker0 -m comment --comment "!fw3" -j ACCEPT
-A zone_docker_forward -m comment --comment "!fw3: Custom docker forwarding rule chain" -j forwarding_docker_rule
-A zone_docker_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_docker_forward -m comment --comment "!fw3" -j zone_docker_dest_ACCEPT
-A zone_docker_input -m comment --comment "!fw3: Custom docker input rule chain" -j input_docker_rule
-A zone_docker_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_docker_input -m comment --comment "!fw3" -j zone_docker_src_ACCEPT
-A zone_docker_output -m comment --comment "!fw3: Custom docker output rule chain" -j output_docker_rule
-A zone_docker_output -m comment --comment "!fw3" -j zone_docker_dest_ACCEPT
-A zone_docker_src_ACCEPT -i docker0 -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
-A zone_lan_forward -m comment --comment "!fw3: Zone lan to wan forwarding policy" -j zone_wan_dest_ACCEPT
-A zone_lan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
-A zone_lan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
-A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
-A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
-A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_dest_ACCEPT -o eth1 -m conntrack --ctstate INVALID -m comment --comment "!fw3: Prevent NAT leakage" -j DROP
-A zone_wan_dest_ACCEPT -o eth1 -m comment --comment "!fw3" -j ACCEPT
-A zone_wan_dest_REJECT -o eth1 -m comment --comment "!fw3" -j reject
-A zone_wan_forward -j MINIUPNPD
-A zone_wan_forward -m comment --comment "!fw3: Custom wan forwarding rule chain" -j forwarding_wan_rule
-A zone_wan_forward -p esp -m comment --comment "!fw3: Allow-IPSec-ESP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -p udp -m udp --dport 500 -m comment --comment "!fw3: Allow-ISAKMP" -j zone_lan_dest_ACCEPT
-A zone_wan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
-A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
-A zone_wan_input -m comment --comment "!fw3: Custom wan input rule chain" -j input_wan_rule
-A zone_wan_input -p udp -m udp --dport 68 -m comment --comment "!fw3: Allow-DHCP-Renew" -j ACCEPT
-A zone_wan_input -p icmp -m icmp --icmp-type 8 -m comment --comment "!fw3: Allow-Ping" -j ACCEPT
-A zone_wan_input -p igmp -m comment --comment "!fw3: Allow-IGMP" -j ACCEPT
-A zone_wan_input -p tcp -m tcp --dport 8118 -m comment --comment "!fw3: adblock" -j DROP
-A zone_wan_input -p tcp -m tcp --dport 1688 -m comment --comment "!fw3: kms" -j ACCEPT
-A zone_wan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
-A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_REJECT
-A zone_wan_output -m comment --comment "!fw3: Custom wan output rule chain" -j output_wan_rule
-A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
-A zone_wan_src_REJECT -i eth1 -m comment --comment "!fw3" -j reject
COMMIT
Completed on Sun Jun 6 18:42:19 2021
root@OpenWrt:/# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 5a:23:64:b7:22:61 brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br-lan state UP group default qlen 1000
link/ether 00:0c:29:56:36:39 brd ff:ff:ff:ff:ff:ff
4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:56:36:43 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.62/24 brd 192.168.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe56:3643/64 scope link
valid_lft forever preferred_lft forever
5: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:0c:29:56:36:4d brd ff:ff:ff:ff:ff:ff
6: eth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:0c:29:56:36:57 brd ff:ff:ff:ff:ff:ff
7: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether de:16:77:2d:c4:e9 brd ff:ff:ff:ff:ff:ff
8: teql0: mtu 1500 qdisc noop state DOWN group default qlen 100
link/void
9: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:56:36:39 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.1/24 brd 192.168.10.255 scope global br-lan
valid_lft forever preferred_lft forever
inet6 fd6d:28bb:10e6::1/60 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe56:3639/64 scope link
valid_lft forever preferred_lft forever
10: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:72:6a:7d:71 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:72ff:fe6a:7d71/64 scope link
valid_lft forever preferred_lft forever
12: vethfe59fca@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 5e:9a:6e:99:27:25 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::5c9a:6eff:fe99:2725/64 scope link
valid_lft forever preferred_lft forever
编辑容器的时候,不会继承原来的内容。。。。
编辑容器的时候,不会继承原来的内容。。。。
能发把镜像发上来看下吗,我这边刚刚试了下是可行的
另外iptables-save结果是执行了iptables -A DOCKER-MAN -i br-lan -o docker0 -j RETURN之后的吗
编辑容器的时候,不会继承原来的内容。。。。
能发把镜像发上来看下吗,我这边刚刚试了下是可行的
另外iptables-save结果是执行了iptables -A DOCKER-MAN -i br-lan -o docker0 -j RETURN之后的吗
docker pull adolfintel/speedtest 用的是这个。。对,上面那些都是按照你提示做的。
编辑容器的时候,不会继承原来的内容。。。。
能发把镜像发上来看下吗,我这边刚刚试了下是可行的
另外iptables-save结果是执行了iptables -A DOCKER-MAN -i br-lan -o docker0 -j RETURN之后的吗docker pull adolfintel/speedtest 用的是这个。。对,上面那些都是按照你提示做的。
我的意思是openwrt镜像
编辑容器的时候,不会继承原来的内容。。。。
能发把镜像发上来看下吗,我这边刚刚试了下是可行的
另外iptables-save结果是执行了iptables -A DOCKER-MAN -i br-lan -o docker0 -j RETURN之后的吗docker pull adolfintel/speedtest 用的是这个。。对,上面那些都是按照你提示做的。
我的意思是openwrt镜像
https://cloud.189.cn/t/fIviUf732QRf 192.168.10.1 ,root ,password
编辑容器的时候,不会继承原来的内容。。。。
能发把镜像发上来看下吗,我这边刚刚试了下是可行的
另外iptables-save结果是执行了iptables -A DOCKER-MAN -i br-lan -o docker0 -j RETURN之后的吗docker pull adolfintel/speedtest 用的是这个。。对,上面那些都是按照你提示做的。
我的意思是openwrt镜像
以前弄的镜像和容器难道都要删掉重新弄?等会再重新拉取试一下。。。
删掉镜像和容器,重新拉取镜像来创建容器都还是一样。
@flyhong666
抽空已修复无法访问容器的问题,请使用新版本
另外编辑/复制容器的时候不会继承是由于没有下面这个补丁,我在置顶 known issues #29 中有提到,现在已经在第一次安装的适合热更新了这个补丁:
openwrt/luci@1d1ded1
@flyhong666
抽空已修复无法访问容器的问题,请使用新版本
另外编辑/复制容器的时候不会继承是由于没有下面这个补丁,我在置顶 known issues #29 中有提到,现在已经在第一次安装的适合热更新了这个补丁:
openwrt/luci@1d1ded1
现在是可以的。但目前还发现一点问题:编辑/复制容器的时候,提交,如果有某个地方参数设置错了,这下前面的内容就全被清空了,需要重新设置。
还有,有时启动或者重启服务,会出现这样的错误。这时就必须要重启dockerd和dockerman 的服务才行。重启这个后,对防火墙那边又有影响,需要再重启一下防火墙的服务。
还有,有时启动或者重启服务,会出现这样的错误。这时就必须要重启dockerd和dockerman 的服务才行。重启这个后,对防火墙那边又有影响,需要再重启一下防火墙的服务。
- openwrt官方搞的xx事情,他们把docker0加到接口上了,由于种种原因docker0和op管理接口的方式无法兼容,才会出现这种情况,这也是我一直不更新dockerman的原因,解决办法是将dockerd启动脚本中关于防火墙部分和接口部分删除,使用dockerman中的ac来解决访问控制