[Feature Request] Add setting to allow LAN routing
airdrummingfool opened this issue · 3 comments
When Windscribe is connected, there is no local network connectivity through this container - even if lanbypass is enabled. This prevents this container from being used as a "VPN gateway" for containers that need to be able to accept incoming local network connections (see: how to route container traffic through another container).
This is a request for the ability to enable LAN routing, so that a container sharing this container's network (network_mode: service:windscribe in compose) can be accessed from the local network.
Personally, I'd prefer that the setting work just like Windscribe's firewall "LAN Bypass" feature - when enabled, all local networks are accessible. But I'd be fine with needing to specify the specific interface or network address+mask to allow as well.
(see #4 for the origin of this PR and more discussion)
Thanks to @kochinc's explanation in #4 (comment), I now understand what I'm asking for a bit better. This feature request can be satisfied by the commit kochinc@d6214f3 (perhaps with a check to see if the environment variable is set before running the command).
If your goal is to use this container as a VPN gateway, have a look at this https://git.adyanth.site/adyanth/docker-windscribe-proxy/src/branch/tinyproxy
@adyanth Thanks for sharing, that looks interesting. For now, I've created a Dockerfile, based on this container, that adds the modification requested in this issue. I've been using it for a few months with no problems.
FROM wiorca/docker-windscribe:latest
# Insert command to add route to $LOCAL_NET
RUN mv /opt/scripts/vpn-startup.sh /opt/scripts/vpn-startup.sh.bak \
&& awk 'NR==3{print "ip route add `ip route list default | sed -e \"s|default|$LOCAL_NET|\"`\n"}1' /opt/scripts/vpn-startup.sh.bak > /opt/scripts/vpn-startup.sh \
&& chmod +x /opt/scripts/vpn-startup.sh