Created
March 1, 2024 03:36
-
-
Save jacexh/e65cc37728d168b048d5fc3a21f296c5 to your computer and use it in GitHub Desktop.
打通EasyConnect + Tailscale
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: "3.7" | |
| services: | |
| easyconnect: | |
| image: hagb/docker-easyconnect:cli | |
| container_name: easyconnect | |
| mac_address: 8a:ca:58:b9:e9:50 | |
| restart: unless-stopped | |
| devices: | |
| - /dev/net/tun:/dev/net/tun | |
| cap_add: | |
| - NET_ADMIN | |
| environment: | |
| - EC_VER=7.6.7 | |
| - CLI_OPTS=-d https://<your_easyconnect_url> -u <your_account> -p <your_password> | |
| - IPTABLES_LEGACY=1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # start container | |
| container=easyconnect | |
| table=ez | |
| function host_iptables { | |
| mtu=$(docker exec "$container" cat /sys/class/net/tun0/mtu) | |
| address=$(docker exec $container ip address | grep eth0 | grep inet | awk '{print $2}' | cut -f 1 -d /) | |
| ip route flush table $table # 清除路由表 | |
| lines=`docker exec $container ip route | grep tun0 | awk '{print $1}'` | |
| for line in $lines | |
| do | |
| sudo ip route add $line via $address mtu $mtu table $table | |
| done | |
| sudo ip rule add iif lo table $table | |
| sudo ip rule add iif tailscale0 table $table | |
| ip route show table $table | |
| } | |
| function advertise_routes { | |
| output="" | |
| lines=`docker exec $container ip route | grep tun0 | awk '{print $1}'` | |
| for line in $lines | |
| do | |
| echo $line | grep "/" || line="$line/32" | |
| if [[ -z "$output" ]]; | |
| then | |
| output=$line | |
| else | |
| output="$output,$line" | |
| fi | |
| done | |
| sudo tailscale up --advertise-routes=$output --accept-routes | |
| } | |
| host_iptables | |
| advertise_routes |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment