[FEAT] Consider incorporating Kubernete's iptables_wrapper

[jess-sol]

Is this a new feature request?

• I have searched the existing issues

Wanted change

This container was failing for me on RockyLinux 8.6. Rocky 8 uses nftables, but it seems this image uses legacy iptables, which causes a slew of problems. I've solved these problems in the past by using the excellent iptables-wrapper made by the Kubernetes authors for exactly these kinds of issues.

I build a simple derived container for my own uses which seems to solve the problem well, but I'm no iptables expert, so I'd love to see testing of this done on more setups.

Reason for change

The iptables-wrapper repo has a great explanation in their readme, but this would support both legacy and nft iptables host implementations with minimal effort.

Proposed code change

Example derived container for PoC:

mkdir contrib
wget -P contrib https://raw.githubusercontent.com/kubernetes-sigs/iptables-wrappers/master/iptables-wrapper-installer.sh

cat <<'EOF' > Dockerfile
FROM linuxserver/wireguard:latest
COPY contrib/iptables-wrapper-installer.sh /
RUN bash /iptables-wrapper-installer.sh
RUN apk add nftables
EOF

Happy to submit a PR if there's interest in a change like this

[github-actions]

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.

[github-actions]

This issue is locked due to inactivity