You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When starting the NordLynx service with the below command/compose file, the NordLynx container fails to pass any traffic e.g. curl and ping fail or timeout.
To Reproduce using docker CLI
Full command needs to be provided (hide credentials) docker run -d --cap-add=NET_ADMIN -e PRIVATE_KEY=XXXXXXX ghcr.io/bubuntux/nordlynx
The container should properly complete the command curl icanhazip.com and print the VPN service's ip address
Logs
It prints the following log information pertaining to the unknown option --save-mark in the command iptables-restore:
[2022-06-03T14:02:36+00:00] Connecting...
ip link add wg0 type wireguard
wg setconf wg0 /dev/fd/63
ip -4 address add 10.5.0.2/32 dev wg0
ip link set mtu 1420 up dev wg0
wg set wg0 fwmark 51820
ip -4 route add 0.0.0.0/0 dev wg0 table 51820
ip -4 rule add not fwmark 51820 table 51820
ip -4 rule add table main suppress_prefixlength 0
iptables-restore -n
iptables-restore v1.8.7 (legacy): unknown option "--save-mark"
Error occurred at line: 5
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
Additional context
Windows 11 Pro
Docker version 20.10.14 build a224086
The text was updated successfully, but these errors were encountered:
I can confirm the above fix works, I'm writing down my own steps for posterity.
Inside a WSL distribution (in this case, Ubuntu, since it's supported by default by the WSL github repository), clone the branch of the Microsoft WSL github repo which corresponds to the version of the kernel you want to compile (I went with the highest version available).
Inside that cloned repository, run the following command to copy the config used by your existing WSL installation into a config file you can apply to the build step:
zcat /proc/config.gz > .config
Inside that newly-copied .config file, alter the line which reads # CONFIG_NETFILTER_XT_MATCH_CONNMARK is not set to read CONFIG_NETFILTER_XT_MATCH_CONNMARK=y
Build the WSL kernel with your custom .config file, using the command from the Microsoft wsl github repo:
5.2. Run make, passing in your custom .config file (this step will take awhile, you can pass in -j <NUM THREADS> to utilize more than one thread for the build step, depending on your hardware). make KCONFIG_CONFIG=./.config -j <NUM THREADS>
Once built, copy the newly-built kernel from the WSL distribution into your Windows filesystem, replacing <user> with your windows username.
Edit/create a .wslconfig file in C:\Users\<USER>\ (on your Windows filesystem) such that it contains the lines below:
[wsl2] kernel=C:\\Users\\nguye\\bzImage
The instructions from the Unix Stack Exchange say to run wsl -shutdown, but this was insufficient. I had to reinstall Docker Desktop, and restart my computer, after which it worked properly.
Describe the bug
When starting the NordLynx service with the below command/compose file, the NordLynx container fails to pass any traffic e.g.
curl
andping
fail or timeout.To Reproduce using docker CLI
Full command needs to be provided (hide credentials)
docker run -d --cap-add=NET_ADMIN -e PRIVATE_KEY=XXXXXXX ghcr.io/bubuntux/nordlynx
To Reproduce using docker-compose
docker-compose.yml if used (hide credentials)
Expected behavior
The container should properly complete the command
curl icanhazip.com
and print the VPN service's ip addressLogs
It prints the following log information pertaining to the unknown option
--save-mark
in the commandiptables-restore
:Additional context
Windows 11 Pro
Docker version
20.10.14
builda224086
The text was updated successfully, but these errors were encountered: