Just want to share entrypoints for both implementations, so you can build your own images for mikrotik.
Docker file something like this one:
# syntax=docker/dockerfile:1
FROM ghcr.io/<image>:latest
COPY --chown=0:0 --chmod=755 entrypoint.sh /entrypoint.sh
For https://github.com/xjasonlyu/tun2socks
#!/bin/sh
TUN="${TUN:-tun0}"
ADDR="${ADDR:-198.18.0.1/15}"
LOGLEVEL="${LOGLEVEL:-info}"
create_tun() {
# create tun device
ip tuntap add mode tun dev "$TUN"
ip addr add "$ADDR" dev "$TUN"
ip link set dev "$TUN" up
}
config_route() {
# http://forum.mikrotik.com/t/run-flag-in-container/163100/8
ip route del default
ip route add default via ${IPV4} dev ${TUN} metric 1
ip route add default via $(ip -o -f inet address show eth0 | awk '/scope global/ {print $4}' | cut -d/ -f1) dev eth0 metric 10
}
run() {
create_tun
create_table
config_route
# execute extra commands
if [ -n "$EXTRA_COMMANDS" ]; then
sh -c "$EXTRA_COMMANDS"
fi
if [ -n "$MTU" ]; then
ARGS="--mtu $MTU"
fi
if [ -n "$RESTAPI" ]; then
ARGS="$ARGS --restapi $RESTAPI"
fi
if [ -n "$UDP_TIMEOUT" ]; then
ARGS="$ARGS --udp-timeout $UDP_TIMEOUT"
fi
if [ -n "$TCP_SNDBUF" ]; then
ARGS="$ARGS --tcp-sndbuf $TCP_SNDBUF"
fi
if [ -n "$TCP_RCVBUF" ]; then
ARGS="$ARGS --tcp-rcvbuf $TCP_RCVBUF"
fi
if [ "$TCP_AUTO_TUNING" = 1 ]; then
ARGS="$ARGS --tcp-auto-tuning"
fi
if [ -n "$MULTICAST_GROUPS" ]; then
ARGS="$ARGS --multicast-groups $MULTICAST_GROUPS"
fi
exec tun2socks \
--loglevel "$LOGLEVEL" \
--interface eth0 \
--device "$TUN" \
--proxy "$PROXY" \
$ARGS
}
run || exit 1
For https://github.com/heiher/hev-socks5-tunnel
#!/bin/sh
TUN="${TUN:-tun0}"
MTU="${MTU:-9000}"
IPV4="${IPV4:-198.18.0.1}"
IPV6="${IPV6:-}"
MARK="${MARK:-438}"
SOCKS5_ADDR="${SOCKS5_ADDR:-172.17.0.1}"
SOCKS5_PORT="${SOCKS5_PORT:-1080}"
SOCKS5_USERNAME="${SOCKS5_USERNAME:-}"
SOCKS5_PASSWORD="${SOCKS5_PASSWORD:-}"
SOCKS5_UDP_MODE="${SOCKS5_UDP_MODE:-udp}"
LOG_LEVEL="${LOG_LEVEL:-warn}"
config_file() {
cat > /hs5t.yml << EOF
misc:
log-level: '${LOG_LEVEL}'
tunnel:
name: '${TUN}'
mtu: ${MTU}
ipv4: '${IPV4}'
ipv6: '${IPV6}'
post-up-script: '/route.sh'
socks5:
address: '${SOCKS5_ADDR}'
port: ${SOCKS5_PORT}
udp: '${SOCKS5_UDP_MODE}'
mark: ${MARK}
EOF
if [ -n "${SOCKS5_USERNAME}" ]; then
echo " username: '${SOCKS5_USERNAME}'" >> /hs5t.yml
fi
if [ -n "${SOCKS5_PASSWORD}" ]; then
echo " password: '${SOCKS5_PASSWORD}'" >> /hs5t.yml
fi
}
config_route() {
echo "#!/bin/sh" > /route.sh
chmod +x /route.sh
echo "ip route del default" >> /route.sh
echo "ip route add default via ${IPV4} dev ${TUN} metric 1" >> /route.sh
echo "ip route add default via $(ip -o -f inet address show eth0 | awk '/scope global/ {print $4}' | cut -d/ -f1) dev eth0 metric 10" >> /route.sh
}
run() {
config_file
config_route
echo "echo 1 > /success" >> /route.sh
hev-socks5-tunnel /hs5t.yml
}
run || exit 1
Don’t forget to set environments for containers.