The Docker patch has a few settings that must be modified. To change these settings, open the file:
sudonano/patch/docker.sh
Find the following settings:
# #app_dir_this_a="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" # current script full pathapp_dir_this_b="${PWD}"# current script full path (alternative)app_file_this=$(basename "$0")# docker.sh (with ext)app_file_bin="${app_file_this%.*}"# docker (without ext)app_pid=$BASHPID# app pidapp_title="ConfigServer Firewall - Docker Patch"# app title; displayed with --versionapp_about="Sets up your firewall rules to work with Docker and Traefik. \n"\" This script requires that you have iptables installed on your system. \n"\" The required packages will be installed if you do not have them." # app about; displayed with --versionapp_ver=("14" "24" "0")# current script version# ## define > configs
The settings are outlined below:
Setting
Description
DOCKER_INT
main docker network interface
CSF_FILE_ALLOW
Path to your csf.allow file
CSF_COMMENT
comment added to each new whitelisted docker ip
DEBUG_ENABLED
debugging / better logs
IP_CONTAINERS
list of ip address blocks you will be using for your docker setup. these blocks will be whitelisted through ConfigServer Firewall
The main docker visual bridge network name; this is usually docker0, however, it can be changed. You can find a list of these by running the command
iplinkshow
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 01:af:fd:1a:a1:2f ard ff:ff:ff:ff:ff:ff
The full path to your ConfigServer's csf.allow file. Each time an IP from one of your docker containers is detected, the IP will be whitelisted in ConfigServer Firewall.
The OpenVPN patch has a few settings that must be modified. To change these settings, open the file:
sudonano/patch/openvpn.sh
Find the following settings:
ETH_ADAPTER=$(ip route | grep default | sed -e "s/^.*dev.//" -e "s/.proto.*//")TUN_ADAPTER=$(ip -br l | awk '$1 ~ "^tun[0-9]" { print $1}')IP_PUBLIC=$(curl -s ipinfo.io/ip)DEBUG_ENABLED="false"# ## list > vpn ips## this is the IP pool assigned to a user who connects to your vpn server# #IP_POOL=('10.8.0.0/24')