Community discussions

MikroTik App
 
soran1
just joined
Topic Author
Posts: 17
Joined: Mon Sep 06, 2021 11:17 am

import adguard dns container image problem

Sat Feb 18, 2023 7:41 pm

hello everyone,i have problem when i want to install or pull the docker image the problem is (error response getting manifests: 404)
when using( https://registry-1.docker.io) its just not there any more so ,what to use for the registry URL
You do not have the required permissions to view the files attached to this post.
 
Zakazulu
just joined
Posts: 2
Joined: Wed Jan 25, 2023 5:07 am

Re: import adguard dns container image problem

Sun Feb 19, 2023 3:51 pm

i'm trying to set adguard on my rb5009 and i am getting the same error. On my AX3 i did the same thing and it just works?
 
soran1
just joined
Topic Author
Posts: 17
Joined: Mon Sep 06, 2021 11:17 am

Re: import adguard dns container image problem  Topic is solved

Mon Feb 20, 2023 1:41 am

i just find the sloution i had to download the adgaurd image file with windows docker and i save it as tar file then upload it to my 4011rb and its worked
 
tricyclevent
just joined
Posts: 9
Joined: Wed Jun 03, 2020 7:59 pm

Re: import adguard dns container image problem

Mon Feb 20, 2023 3:19 pm

I have the same problem. No more Adguard container possible for RB4011.
"error response getting manifests: 404"
"was unable to import, container 150b8c16-e633-4ade-9f88-61dc463961c5"

Can you upload the image? I have no idea how docker for windows works..
 
Z0ltan
newbie
Posts: 35
Joined: Sat Dec 15, 2018 3:07 pm

Re: import adguard dns container image problem

Mon Feb 20, 2023 10:19 pm

It seems docker now requires authentication, however that’s only supported in 7.8.
 
tricyclevent
just joined
Posts: 9
Joined: Wed Jun 03, 2020 7:59 pm

Re: import adguard dns container image problem

Tue Feb 21, 2023 12:03 pm

How to use the authentication?
In terminal i set up username & password. But how to connect?

I changed the url to: https://registry-1.docker.io/v2/

Tests all possibilities (urls, different dockers), but no success.

I m on 7.8rc2 (testing).
 
Z0ltan
newbie
Posts: 35
Joined: Sat Dec 15, 2018 3:07 pm

Re: import adguard dns container image problem

Tue Feb 21, 2023 8:50 pm

Can you try with https://index.docker.io/v2/ ? And use your working docker credentials.
 
tricyclevent
just joined
Posts: 9
Joined: Wed Jun 03, 2020 7:59 pm

Re: import adguard dns container image problem

Wed Feb 22, 2023 8:20 pm

Adguard/Adguardhome:
with Url: https://index.docker.io/v2/
i get: "error response getting manifests: 401"

with Url: https://index.docker.io/
i get: "error response getting manifests: 404"

Pihole/Pihole:
with Url: https://index.docker.io/v2/
i get: "error response getting manifests: 401"

with Url: https://index.docker.io/
Succes, download start, pihole starts with success

whats the difference on Adguard?
And are my credentials activ? How to check?
 
tricyclevent
just joined
Posts: 9
Joined: Wed Jun 03, 2020 7:59 pm

Re: import adguard dns container image problem

Wed Feb 22, 2023 9:48 pm

 
Z0ltan
newbie
Posts: 35
Joined: Sat Dec 15, 2018 3:07 pm

Re: import adguard dns container image problem

Thu Feb 23, 2023 3:10 pm

Interesting, thanks for those links. Upon first investigation I noticed Mikrotik was using a different registry than my docker installation on Synology and using that repo required authentication, that's why I thought lack of authentication is the crux of the problem; I never thought the manifest format was changed. I guess we're left with the manual export of the tar file from a system that's actually capable of retrieving the container.
 
User avatar
antonsb
MikroTik Support
MikroTik Support
Posts: 385
Joined: Sun Jul 24, 2016 3:12 pm
Location: Riga, Latvia

Re: import adguard dns container image problem

Fri Feb 24, 2023 8:58 am

thanks for reporting this, we will check how to fix this in upcoming versions
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3169
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: import adguard dns container image problem

Fri Feb 24, 2023 12:18 pm

thanks for reporting this, we will check how to fix this in upcoming versions

Hmm. I recently trying to use ghcr,io as the "Container Registry" to pull /containers (e.g. /container/config/registry-url=https://ghcr.io) with GitHub's CI for my own images.
Ran into this problem when building an image through GitHub's Actions however...

But I bet it be similar with the adguard image too.

GitHub's CI builder, by default uses "attestations" (metadata) and adds theses to the docker buildx:
docker buildx build --sbom=true --provenance=true ...
However, those options cause "fake platform" of "unknown/unknown" in the package (that must store them I guess) for download in the registry (e.g. GitHub's DockerHub).
And RouterOS gets the same 404 and "error" status as reported for adguard.

Removing those explicitly disabling in the GitHub workflow.yaml "build-and-push-docker-images" action fixed my custom package:
# ...
   - name: Build and push
      uses: docker/build-push-action@v4
      with:
        context: .
        push: true
        sbom: false
        provenance: false
        platforms: linux/arm64,linux/arm/v7
But that's not so easily done for other people's packages. But default are "true" for both "sbom" and "provenance", and that breaks RouterOS's /container pull it seems... so that effect most public images built on GitHub I'd imagine.

This never would happen when using "docker save" locally, since the tar file doesn't support Docker's attestation AFAIK.
 
User avatar
blackhandnz
just joined
Posts: 14
Joined: Mon Nov 29, 2021 11:41 pm
Location: New Zealand

Re: import adguard dns container image problem

Tue Feb 28, 2023 9:31 pm

Anyone get this to work in v7.8, I still get the same issue (I assume its not fixed yet?)
 
Zakazulu
just joined
Posts: 2
Joined: Wed Jan 25, 2023 5:07 am

Re: import adguard dns container image problem

Tue Feb 28, 2023 10:10 pm

I got it working using a build earlier than latest. Try; adguard/adguardhome:v0.108.0-b.25
 
User avatar
blackhandnz
just joined
Posts: 14
Joined: Mon Nov 29, 2021 11:41 pm
Location: New Zealand

Re: import adguard dns container image problem

Tue Feb 28, 2023 10:40 pm

I got it working using a build earlier than latest. Try; adguard/adguardhome:v0.108.0-b.25
Thanks that worked :)
 
User avatar
Rhoos
just joined
Posts: 22
Joined: Sun Dec 20, 2015 3:48 pm
Location: Costa Rica
Contact:

Re: import adguard dns container image problem

Wed Mar 01, 2023 4:21 pm

I got it working using a build earlier than latest. Try; adguard/adguardhome:v0.108.0-b.25
Thanks, it worked for me!
 
User avatar
blackhandnz
just joined
Posts: 14
Joined: Mon Nov 29, 2021 11:41 pm
Location: New Zealand

Re: import adguard dns container image problem

Wed Mar 15, 2023 9:22 pm

While the import issue is getting resolved, to update to the latest version of the container you can do this.

From your computer :

1.) docker pull adguard/adguardhome:latest@sha256:aa84b1ff0b5710052bdb8e63b4528dc9b634780019a125d3d4de320868b6cbf2
(where the digest corresponds to your Mikrotik's architecture e.g. ARM64)

2.) docker save adguard/adguardhome > adguardhome.tar

3.) Upload to your RouterOS Device and use the uploaded file to create the container
 
User avatar
antoxic
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Wed Jul 22, 2015 2:50 pm
Location: Spain

Re: import adguard dns container image problem

Mon Mar 20, 2023 11:41 am

Did somebody managed to run the latest version without downloading the file to pc first?
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3169
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: import adguard dns container image problem

Mon Mar 20, 2023 12:06 pm

Did somebody managed to run the latest version without downloading the file to pc first?
There is a bug in RouterOS that prevent a pull'ed image built using a newer metadata format from loading. So until Mikrotik fixes the bug, no. It's not just adguard affected by this bug, so imagine a fix will come in the next release.

The tar file don't contain any metadata so it avoid the bug, but you can only get those using the desktop clients.
 
User avatar
antoxic
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Wed Jul 22, 2015 2:50 pm
Location: Spain

Re: import adguard dns container image problem

Mon Mar 20, 2023 12:31 pm

Did somebody managed to run the latest version without downloading the file to pc first?
There is a bug in RouterOS that prevent a pull'ed image built using a newer metadata format from loading. So until Mikrotik fixes the bug, no. It's not just adguard affected by this bug, so imagine a fix will come in the next release.

The tar file don't contain any metadata so it avoid the bug, but you can only get those using the desktop clients.
Thanks! Well, I hope that a new release is coming soon, at least as a beta!
 
User avatar
antoxic
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Wed Jul 22, 2015 2:50 pm
Location: Spain

Re: import adguard dns container image problem

Mon Mar 20, 2023 12:50 pm

While the import issue is getting resolved, to update to the latest version of the container you can do this.
...
Thanks. Manual download and run worked for me as well!
 
User avatar
antonsb
MikroTik Support
MikroTik Support
Posts: 385
Joined: Sun Jul 24, 2016 3:12 pm
Location: Riga, Latvia

Re: import adguard dns container image problem

Tue Mar 21, 2023 9:20 am

Thanks! Well, I hope that a new release is coming soon, at least as a beta!
Fix is included in upcoming beta
 
Z0ltan
newbie
Posts: 35
Joined: Sat Dec 15, 2018 3:07 pm

Re: import adguard dns container image problem

Sun Mar 26, 2023 11:35 am

Anyone confirmed if it’s working?

*) container - improved "container pull" to support OCI manifest format;
 
tricyclevent
just joined
Posts: 9
Joined: Wed Jun 03, 2020 7:59 pm

Re: import adguard dns container image problem

Sun Mar 26, 2023 8:31 pm

7.9beta4

Adguard:Adguard

error response getting manifests: 401
was unable to import, container
 
Z0ltan
newbie
Posts: 35
Joined: Sat Dec 15, 2018 3:07 pm

Re: import adguard dns container image problem

Mon Mar 27, 2023 3:26 pm

It's actually adguard:adguardhome can you please try with that as well?
 
tricyclevent
just joined
Posts: 9
Joined: Wed Jun 03, 2020 7:59 pm

Re: import adguard dns container image problem

Mon Mar 27, 2023 6:56 pm

adguard:adguardhome
importing remote image: adguard, tag: adguardhome
error response getting manifests: 401
was unable to import, container bdd79662-4b0f-46ca-9deb-24d5890d6891

adguard/adguardhome
importing remote image: adguard/adguardhome, tag: latest
was unable to import, container c3a3d65f-612f-421b-83df-8b30dc724ad3

no 401 message.
 
optio
Long time Member
Long time Member
Posts: 655
Joined: Mon Dec 26, 2022 2:57 pm

Re: import adguard dns container image problem

Mon Mar 27, 2023 8:03 pm

adguard:adguardhome
importing remote image: adguard, tag: adguardhome
error response getting manifests: 401
was unable to import, container bdd79662-4b0f-46ca-9deb-24d5890d6891
There is no adguardhome tag for that image, see: https://hub.docker.com/r/adguard/adguardhome/tags
Syntax is: <repo_image_path>[:<tag>], if tag is not specified it uses latest if exists
adguard/adguardhome
importing remote image: adguard/adguardhome, tag: latest
was unable to import, container c3a3d65f-612f-421b-83df-8b30dc724ad3

no 401 message.
Could be related to ROS docker image compatibility (OCI manifest format), try this solution: viewtopic.php?t=193727#p985424
 
Z0ltan
newbie
Posts: 35
Joined: Sat Dec 15, 2018 3:07 pm

Re: import adguard dns container image problem

Mon Mar 27, 2023 10:37 pm

Sorry for the wrong syntax, it should be adguard/adguardhome:latest

No 401 seems promising but looks like still not working, thanks for checking, maybe the team will fix it by 7.9 final.
 
Z0ltan
newbie
Posts: 35
Joined: Sat Dec 15, 2018 3:07 pm

Re: import adguard dns container image problem

Mon Apr 03, 2023 3:30 pm

Can you check if it works with 7.9rc1?
 
jodansi90
just joined
Posts: 3
Joined: Sun Mar 26, 2023 1:22 am

Re: import adguard dns container image problem

Tue Apr 04, 2023 6:46 am

Can you check if it works with 7.9rc1?

It doesn't work!
 
Z0ltan
newbie
Posts: 35
Joined: Sat Dec 15, 2018 3:07 pm

Re: import adguard dns container image problem

Tue Apr 04, 2023 4:42 pm

Interesting, I spun up 7.9rc1 as a virtual machine and found this in the logs:

13:39:58 container,info,debug importing remote image: adguard/adguardhome, tag: latest
13:39:58 system,info item added by admin
13:40:00 container,info,debug was unable to import, container 69aeeb3b-32d0-4012-8943-32344d748243
13:40:11 container,info,debug removing files, container 69aeeb3b-32d0-4012-8943-32344d748243
13:40:11 system,info item removed by admin
13:40:42 container,info,debug importing remote image: adguard/adguardhome, tag: latest
13:40:42 system,info item added by admin
13:40:44 container,info,debug was unable to import, container d114a626-8a0f-4e26-a9f1-3d296b2bcc48

It seems it can download the image but cannot import it.
 
jodansi90
just joined
Posts: 3
Joined: Sun Mar 26, 2023 1:22 am

Re: import adguard dns container image problem

Wed Apr 05, 2023 5:38 pm

Thanks! Well, I hope that a new release is coming soon, at least as a beta!
Fix is included in upcoming beta
It still doesn't work in Release 7.9rc1, help!
 
Josephny
Member
Member
Posts: 434
Joined: Tue Sep 20, 2022 12:11 am

Re: import adguard dns container image problem

Tue Apr 11, 2023 6:03 pm

Has this been fixed?

In the meantime, can anyone explain how I can download the Adguard container file on my Windows PC for moving to the RB5009?
 
User avatar
antonsb
MikroTik Support
MikroTik Support
Posts: 385
Joined: Sun Jul 24, 2016 3:12 pm
Location: Riga, Latvia

Re: import adguard dns container image problem

Wed Apr 12, 2023 3:56 pm

Hello, fix hopefully will come with next beta release.
 
serkamil
just joined
Posts: 7
Joined: Wed Jun 01, 2016 5:25 pm

Re: import adguard dns container image problem

Thu Apr 13, 2023 8:55 pm

Dear antonsb,

do you know when it could be (next beta release?)?

BR
Kamil
Hello, fix hopefully will come with next beta release.
 
User avatar
antonsb
MikroTik Support
MikroTik Support
Posts: 385
Joined: Sun Jul 24, 2016 3:12 pm
Location: Riga, Latvia

Re: import adguard dns container image problem

Fri Apr 14, 2023 10:49 am

beta will be released immediately after stable release. Probably next week.
 
vuk
just joined
Posts: 4
Joined: Tue Apr 18, 2023 3:03 pm

Re: import adguard dns container image problem

Tue Apr 18, 2023 3:04 pm

beta will be released immediately after stable release. Probably next week.
you mean 7.10 beta?
Last edited by vuk on Tue Apr 18, 2023 9:39 pm, edited 1 time in total.
 
User avatar
antonsb
MikroTik Support
MikroTik Support
Posts: 385
Joined: Sun Jul 24, 2016 3:12 pm
Location: Riga, Latvia

Re: import adguard dns container image problem

Wed Apr 19, 2023 12:56 pm

Yes fixes will come with 7.10 branch - otherwise it will slow down existing 7.9 development.
 
uhmhello1807
just joined
Posts: 1
Joined: Sun Apr 30, 2023 9:39 pm

Re: import adguard dns container image problem

Mon May 01, 2023 1:17 pm

While the import issue is getting resolved, to update to the latest version of the container you can do this.

From your computer :

1.) docker pull adguard/adguardhome:latest@sha256:aa84b1ff0b5710052bdb8e63b4528dc9b634780019a125d3d4de320868b6cbf2
(where the digest corresponds to your Mikrotik's architecture e.g. ARM64)

2.) docker save adguard/adguardhome > adguardhome.tar

3.) Upload to your RouterOS Device and use the uploaded file to create the container
Thanks, this worked for me :D
 
MTL7
just joined
Posts: 5
Joined: Fri Nov 26, 2021 9:04 am

Re: import adguard dns container image problem

Thu May 04, 2023 5:34 pm

Where is 7.10 the branch? Can you post a note about this problem in the 7.9 rls note etc?
It takes time to figure out and rollback etc...
 
jodansi90
just joined
Posts: 3
Joined: Sun Mar 26, 2023 1:22 am

Re: import adguard dns container image problem

Thu May 11, 2023 11:07 pm

It worked perfectly for me in version 7.10beta5 Testing thanks
 
nacer
just joined
Posts: 15
Joined: Mon Sep 27, 2010 9:08 pm

Re: import adguard dns container image problem

Sat May 27, 2023 11:47 pm

Hi,

I have hAP ac3 on 7.10rc1
I couldn't get both methods to work.

pull method.
importing remote image: adguard/adguardhome, tag: latest
not ok registry auth response: 401
was unable to import, container 60913b7a-d045-477f-b917-85506f5d6dbf

image method.
importing tar archived image: adguard.tar
error: could not find image manifest in archive
 
arshad
just joined
Posts: 3
Joined: Fri Dec 28, 2018 7:39 pm

Re: import adguard dns container image problem

Fri Jun 02, 2023 9:33 pm

I've just installed Version:
v0.106.3

and worked just fine
 
Telos
just joined
Posts: 1
Joined: Tue Jun 13, 2023 6:49 pm

Re: import adguard dns container image problem

Tue Jun 13, 2023 6:55 pm

I just downloaded ROS ver.7.10rc5 and my adguardhome is up and running! It seems like they've fixed the metadata issue.
ff00cf0b2a1c00b87e817c836f19512.png
dffae2fad1a17abc9bc474d027b2998.png
You do not have the required permissions to view the files attached to this post.
 
elico
Member Candidate
Member Candidate
Posts: 143
Joined: Mon Nov 07, 2016 3:23 am

Re: import adguard dns container image problem

Wed Jun 21, 2023 7:56 pm

Seems to work fine on RouterOS v7.10.

https://gist.github.com/elico/176d1c0a8 ... 1a20bd7b62
/interface/veth/add address=172.21.0.201/24 gateway=172.21.0.254 name=veth201
/interface/bridge/port/add bridge=dockers interface=veth201
/container/envs/add name=adguard_envs key=TZ value="Asia/Jerusalem"
/container/config/set registry-url=https://registry-1.docker.io tmpdir=usb1-part1/pull
/container/mounts/add dst=/opt/adguardhome/conf name=adguardhome_conf src=usb1-part1/adguardhome/conf
/container/mounts/add dst=/opt/adguardhome/work name=adguardhome_work src=usb1-part1/adguardhome/work
/container/add remote-image=adguard/adguardhome:latest interface=veth201 logging=yes mounts=adguardhome_conf,adguardhome_work root-dir=usb1-part1/adguardhome/root envlist=adguard_envs start-on-boot=yes
 
User avatar
antoxic
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Wed Jul 22, 2015 2:50 pm
Location: Spain

Re: import adguard dns container image problem

Mon Jul 03, 2023 11:56 pm

I can confirm that it's working!
 
alushchykau
just joined
Posts: 16
Joined: Fri Aug 20, 2021 8:56 am

Re: import adguard dns container image problem

Thu Jul 27, 2023 1:14 pm

I've got a problem. Container pulled successfully, started also successfully - logs.

IP address 172.17.0.2 attached to container, I can ping it from my laptop and Mikrotik, but I can't access Adguard interface (tried ports 3000, 80, 443).
You do not have the required permissions to view the files attached to this post.
 
User avatar
jvanhambelgium
Forum Veteran
Forum Veteran
Posts: 985
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: import adguard dns container image problem

Thu Jul 27, 2023 7:25 pm

Strange,
Works fine here.
The difference is during boot it clearly prints the veth-IP:3000 reference to login, and in your case it does not...
Screenshot from 2023-07-27 18-21-54.png
And I confirm the GUI works fine on my test-segment 192.168.3.4:3000

...and after first install the GUI is available on the standard HTTP-port 80.

I'm running 7.10 on RB5009

EDIT : 1 major bug or anomaly here ... it seems it works in terms of DNS-resolution, but I'm getting nothing in the statistics-screens or the query-logs remains empty!
You do not have the required permissions to view the files attached to this post.
 
alushchykau
just joined
Posts: 16
Joined: Fri Aug 20, 2021 8:56 am

Re: import adguard dns container image problem

Fri Jul 28, 2023 8:59 am

I've fixed it with changing VETH with IP address for container form internal network and then go back to dedicated VETH for Dockers (separate Bridge), so initial configuration was done and it's able to boot... I've got another question, after Mikrotik reboot I can see that all VETH interface IPs became 0.0.0.0/0 in WinBox, but configuration is ok, because Containers got correct IPs, can someone suggest what to check?
 
User avatar
jvanhambelgium
Forum Veteran
Forum Veteran
Posts: 985
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: import adguard dns container image problem

Fri Jul 28, 2023 9:11 am

Hi,
Yep, seems to be a Winbox bug.
On a RB3011 lab box, running the latest beta 7.11 BETA6 this "issue" is present.
Winbox entries all give 0.0.0.0/0 but on console all is OK.
Feel free to log a ticket on this with MT.

/interface/veth> print
Flags: X - disabled; R - running
0 R name="veth1" address=172.17.0.2/16 gateway=172.17.0.1 gateway6=""
1 R name="veth2" address=172.17.0.3/16 gateway=172.17.0.1 gateway6=""
2 R name="veth3" address=172.17.0.4/16 gateway=172.17.0.1 gateway6=""
3 R name="veth4" address=172.17.0.5/16 gateway=172.17.0.1 gateway6=""
Screenshot from 2023-07-28 08-10-54.png
You do not have the required permissions to view the files attached to this post.
 
alushchykau
just joined
Posts: 16
Joined: Fri Aug 20, 2021 8:56 am

Re: import adguard dns container image problem

Fri Jul 28, 2023 10:01 am

Yep, seems to be a Winbox bug.
On a RB3011 lab box, running the latest beta 7.11 BETA6 this "issue" is present.
I've got the same version on my Chateau and CLI shows correct IPs, just checked it... so U are right - Winbox bug
 
User avatar
jvanhambelgium
Forum Veteran
Forum Veteran
Posts: 985
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: import adguard dns container image problem

Fri Jul 28, 2023 10:44 am

I'm still puzzled why "Adguard" is not showing any statistics *but* it seems to be working.
My test-PC has hardcoded 1 single DNS pointing to the Adguard, dns-resolving works (I see exchange in a tcp-dump) but nothing in the logs or statistics-dashboard.

Strange .. don't think its a permission problem with the mounts, but need to check further.


EDIT : FIXED, some intercepting rules still active delivering to another resolver...
 
alushchykau
just joined
Posts: 16
Joined: Fri Aug 20, 2021 8:56 am

Re: import adguard dns container image problem

Fri Jul 28, 2023 12:17 pm

Is there any way to get real client IP addresses in Adguard stat? The easiest thing is to use LAN IP address instead of IP from docker subnet...
You do not have the required permissions to view the files attached to this post.
 
User avatar
antoxic
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Wed Jul 22, 2015 2:50 pm
Location: Spain

Re: import adguard dns container image problem

Fri Jul 28, 2023 12:26 pm

Is there any way to get real client IP addresses in Adguard stat? The easiest thing is to use LAN IP address instead of IP from docker subnet...
I think if you disable NAT on docker bridge, it will solve your problem.
 
alushchykau
just joined
Posts: 16
Joined: Fri Aug 20, 2021 8:56 am

Re: import adguard dns container image problem

Fri Jul 28, 2023 12:44 pm

Is there any way to get real client IP addresses in Adguard stat? The easiest thing is to use LAN IP address instead of IP from docker subnet...
I think if you disable NAT on docker bridge, it will solve your problem.
But in this case how it's better configure access from Container to the Internet?
 
User avatar
antoxic
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Wed Jul 22, 2015 2:50 pm
Location: Spain

Re: import adguard dns container image problem

Fri Jul 28, 2023 1:09 pm



I think if you disable NAT on docker bridge, it will solve your problem.
But in this case how it's better configure access from Container to the Internet?
You should apply NAT to your container in the same way as you do for the rest of your network, on the outgoing WAN interface. So you should have a rule that is only natting when a device from your internal network tries to access the internet through your WAN interface.
 
alushchykau
just joined
Posts: 16
Joined: Fri Aug 20, 2021 8:56 am

Re: import adguard dns container image problem

Fri Jul 28, 2023 1:57 pm



But in this case how it's better configure access from Container to the Internet?
You should apply NAT to your container in the same way as you do for the rest of your network, on the outgoing WAN interface. So you should have a rule that is only natting when a device from your internal network tries to access the internet through your WAN interface.
My current NAT settings:

Flags: X - disabled, I - invalid; D - dynamic
0 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN ipsec-policy=out,none

1 X chain=dstnat action=redirect protocol=tcp dst-port=53 log=no log-prefix=""

2 X chain=dstnat action=redirect protocol=udp dst-port=53 log=no log-prefix=""

3 ;;; masq. vpn traffic
chain=srcnat action=masquerade src-address=192.168.48.0/24 log=no log-prefix=""

4 chain=srcnat action=masquerade src-address=172.17.0.0/24 log=no log-prefix=""
 
User avatar
antoxic
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Wed Jul 22, 2015 2:50 pm
Location: Spain

Re: import adguard dns container image problem

Fri Jul 28, 2023 2:51 pm

Try disabling the last rule. Everything should work.
 
alushchykau
just joined
Posts: 16
Joined: Fri Aug 20, 2021 8:56 am

Re: import adguard dns container image problem

Fri Jul 28, 2023 4:29 pm

Try disabling the last rule. Everything should work.
If I will disable it Container will loose connection to the Internet, by the way I've tried - the same - only docker's bridge IP is showing in stat
 
User avatar
antoxic
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Wed Jul 22, 2015 2:50 pm
Location: Spain

Re: import adguard dns container image problem

Fri Jul 28, 2023 4:33 pm

Try disabling the last rule. Everything should work.
If I will disable it Container will loose connection to the Internet, by the way I've tried - the same - only docker's bridge IP is showing in stat
Looks like your docker container does not have a default gateway
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3169
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: import adguard dns container image problem

Fri Jul 28, 2023 5:29 pm

If I will disable it Container will loose connection to the Internet, by the way I've tried - the same - only docker's bridge IP is showing in stat
Looks like your docker container does not have a default gateway
e.g. does the VETH for the container have the bridge IP as the gateway?
 
alushchykau
just joined
Posts: 16
Joined: Fri Aug 20, 2021 8:56 am

Re: import adguard dns container image problem

Sat Jul 29, 2023 12:55 pm


Looks like your docker container does not have a default gateway
e.g. does the VETH for the container have the bridge IP as the gateway?
Yes, VETH interface used for Adguard Container has IP address and Gateway (Bridge IP address)

Who is online

Users browsing this forum: No registered users and 6 guests