update README & Dockerfile

Dockerfile

@@ -18,6 +18,6 @@ COPY ./src ./src
 RUN cargo build --release
 
 FROM debian:bullseye-slim
-RUN apt-get update && apt-get install -y libssl1.1
+RUN apt-get update && apt-get install -y libssl1.1 iptables
 COPY --from=builder /srv/target/release/diplonat /usr/local/sbin/diplonat
 CMD ["/usr/local/sbin/diplonat"]

README.md

@@ -4,7 +4,7 @@ Diplonat
 ## Feature set
 
  * [X] (Re)Configure NAT via UPNP/IGD (prio: high)  
- * [ ] (Re)Configure nftable (prio: low)  
+ * [X] (Re)Configure iptables (prio: low)  
  * [ ] (Re)Configure DNS via ??? (prio: low)  
 
 ## Understand scope
@@ -17,11 +17,24 @@ Diplonat
 
 ## Operate
 
+You need to add the following to your nomad config file :
+
+```
+client {
+  [...]
+
+  options {
+    docker.privileged.enabled = "true"
+  } 
+}
+```
+
+
 ```bash
 cargo build
 consul agent -dev # in a separate terminal
 
-# adapt following values to your configuratio
+# adapt following values to your configuration
 export DIPLONAT_PRIVATE_IP="192.168.0.18"
 export DIPLONAT_REFRESH_TIME="60"
 export DIPLONAT_EXPIRATION_TIME="300"

src/fw.rs

@@ -73,15 +73,3 @@ pub fn cleanup(ipt: &iptables::IPTables) -> Result<(), FirewallError> {
     Ok(())
 }
 
-/*
-fn main() {
-    let ipt = iptables::new(false).unwrap();
-    setup(&ipt);
-
-    let mut test: HashSet<Port> = HashSet::new();
-    test.insert(Port { proto: String::from("tcp"), number: 443 });
-    let a = get_opened_ports(&ipt);
-    let l = test.difference(&a).collect::<Vec<&Port>>();
-    println!("{:?}", l);
-}
-*/

src/fw_actor.rs

@@ -78,3 +78,4 @@ impl FirewallActor {
   }
 
 }
+