Openvpn and sockd in a docker container for subnets
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
a3x 71d367e16a
fix build
3 years ago
conf Fixed .gitignore 3 years ago
.gitignore Everthing seems to be working 3 years ago
Dockerfile fix build 3 years ago
LICENSE Everthing seems to be working 3 years ago
README.md Everthing seems to be working 3 years ago
docker-compose.yml Everthing seems to be working 3 years ago
resolv.conf Fixed .gitignore 3 years ago
sockd.conf Fixed .gitignore 3 years ago
sockd.sh Everthing seems to be working 3 years ago
start Everthing seems to be working 3 years ago

README.md

OpenVPN-client

This is a docker image of an OpenVPN client tied to a SOCKS proxy server. It is useful to isolate network changes (so the host is not affected by the modified routing).

This supports directory style (where the certificates are not bundled together in one .ovpn file) and those that contains update-resolv-conf

(For the same thing in WireGuard, see kizzx2/docker-wireguard-socks-proxy)

Why?

This is arguably the easiest way to achieve "app based" routing. For example, you may only want certain applications to go through your WireGuard tunnel while the rest of your system should go through the default gateway. You can also achieve "domain name based" routing by using a PAC file that most browsers support.

Configuration

In the sockd.sh file you will find the ip command setting routes to some subnet via a hosts ip address. This is seemingly the only way the routing tables inside the container can reach the given subnets.

Usage

Preferably, using start in this repository:

start /your/openvpn/directory

/your/openvpn/directory should contain one OpenVPN .conf file. It can reference other certificate files or key files in the same directory.

Alternatively, using docker run directly:

docker run -it --rm --device=/dev/net/tun --cap-add=NET_ADMIN \
    --name openvpn-client \
    --volume /your/openvpn/directory/:/etc/openvpn/:ro -p 1080:1080 \
    kizzx2/openvpn-client-socks

Then connect to SOCKS proxy through through localhost:1080 / local.docker:1080. For example:

curl --proxy socks5h://local.docker:1080 ipinfo.io

HTTP Proxy

You can easily convert this to an HTTP proxy using http-proxy-to-socks, e.g.

hpts -s 127.0.0.1:1080 -p 8080