From f251d4aa277cb338c1ef8cd671fd9ab7c5f0ab36 Mon Sep 17 00:00:00 2001 From: Pit Kleyersburg Date: Tue, 26 Jan 2021 20:37:53 +0100 Subject: [PATCH] Add troubleshooting section for result of #370 Closes #370. --- docs/TROUBLESHOOTING.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/docs/TROUBLESHOOTING.md b/docs/TROUBLESHOOTING.md index da7fc8a8..8ec60162 100644 --- a/docs/TROUBLESHOOTING.md +++ b/docs/TROUBLESHOOTING.md @@ -7,6 +7,7 @@ If you are experiencing issues with DFW that you don't find represented here, fe --- * [modprobe error when running in Docker](#modprobe-error-when-running-in-docker) +* [set up rule failed, `DOCKER_OUTPUT`/`DOCKER_POSTROUTING`](#set-up-rule-failed-docker_outputdocker_postrouting) --- @@ -45,3 +46,17 @@ The important additions over the default run-command are: * `--cap-add=SYS_MODULE` This enables the Docker container to manage the host's kernel modules. + +## set up rule failed, `DOCKER_OUTPUT`/`DOCKER_POSTROUTING` + +``` +set up rule failed, [-t nat -I DOCKER_OUTPUT -d 127.0.0.11 -p udp --dport 53 -j DNAT --to-destination 127.0.0.11:53982] +set up rule failed, [-t nat -I DOCKER_POSTROUTING -s 127.0.0.11 -p udp --sport 53982 -j SNAT --to-source :53] +set up rule failed, [-t nat -I DOCKER_OUTPUT -d 127.0.0.11 -p tcp --dport 53 -j DNAT --to-destination 127.0.0.11:32987] +set up rule failed, [-t nat -I DOCKER_POSTROUTING -s 127.0.0.11 -p tcp --sport 32987 -j SNAT --to-source :53] +``` + +If you have DNS resolution errors and are seeing errors like above, your Kernel might be missing required modules or may be misconfigured. +You can find detailed information about this in [issue #370]. + +[issue #370]: https://github.com/pitkley/dfw/issues/370#issuecomment-766272308