Upload entrypoint.sh

entrypoint.sh

@@ -1,25 +1,51 @@
 #!/bin/bash
+
 set -e
 
-if [ "$(id -u)" -ne 0 ]; then
-  echo "⚠️ Not running as root. Cannot start sshd."
+echo "Starting SSH/SOCKS5 NAT Gateway setup..."
+
+# Enable IP forwarding
+# echo 1 > /proc/sys/net/ipv4/ip_forward
+
+# Fetch public IP
+PUBLIC_IP=$(curl -s ifconfig.me)
+if [ -z "$PUBLIC_IP" ]; then
+  echo "Error: Could not fetch public IP. Exiting."
   exit 1
 fi
+echo "Detected public IP: $PUBLIC_IP"
 
-echo "Starting SSH/SOCKS5 Gateway..."
+# Configure SSH server
+cp /app/ssh-config/sshd_config /etc/ssh/sshd_config
+chmod 600 /etc/ssh/sshd_config
 
-# Ensure SSH host keys exist
+# Generate SSH host keys if they don't exist
 if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
   ssh-keygen -A
 fi
 
-# Start SSH
-/usr/sbin/sshd -D -e -f /etc/ssh/sshd_config &
+# Start SSH service in debug mode and redirect output to a file
+/usr/sbin/sshd -D -e -f /etc/ssh/sshd_config > /var/log/sshd_debug.log 2>&1 &
+
 echo "SSH server started."
 
-# Start Dante
+# Configure Dante SOCKS5 server
+cp /app/socks5-config/danted.conf /etc/danted.conf
+chmod 644 /etc/danted.conf
+
+# Start Dante SOCKS5 server
 /usr/sbin/danted -D &
+
 echo "Dante SOCKS5 server started."
 
-# Stay alive
+# Apply iptables rules for NAT using iptables-legacy
+iptables-legacy -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+iptables-legacy -A FORWARD -i eth0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+iptables-legacy -A FORWARD -i eth0 -o eth0 -j ACCEPT
+
+echo "iptables NAT rules set."
+
+# Keep the container running
 exec tail -f /dev/null
+
+