Silly Docker Helpers

docker_helpers.sh

# Alias to automatically forward in relevant display stuff.
# docker-run -it --rm ubuntu:jammy
alias docker-run="sudo docker run -e DISPLAY=$DISPLAY -v ${XAUTHORITY:-~/.Xauthority}:/xauth:ro -v /tmp/.X11-unix/:/tmp/.X11-unix -e XAUTHORITY=/xauth"

# Bash function to help with running commands in the docker namespace
# docker-nsenter mycontainer -n ss
function docker-nsenter {
        PID=`sudo docker inspect $1 -f '{{.State.Pid}}'`
        shift
        sudo nsenter -t $PID $@
}

# Restrict a running container so it cannot talk to internal ip space
# docker-restrict-container <container_name>
function docker-restrict-container {
    docker-nsenter $1 -n iptables -I OUTPUT -d 10.0.0.0/8 -j DROP
    docker-nsenter $1 -n iptables -I OUTPUT -d 172.16.0.0/12 -j DROP
    docker-nsenter $1 -n iptables -I OUTPUT -d 192.168.0.0/16 -j DROP
    docker-nsenter $1 -n iptables -I OUTPUT -p udp --dport 53 -j ACCEPT
}

# Ensure dockerd is running
# Try multiple things. Geared to work on wsl but should work elsewhere.
if ! ps aux | grep -q "[d]ockerd"; then
echo "Starting Docker"
        if ! sudo systemctl 2>/dev/null; then
                sudo /etc/init.d/docker start
        else
                sudo systemctl start docker
        fi
fi

running-htb-on-wsl-docker.md

Step1: Run the container

docker-run  -it --cap-add=NET_ADMIN --cap-add=NET_RAW --device=/dev/net/tun --name htb parrotsec/core

Step2: Modify your htb vpn config to disable ipv6

proto udp4 
pull-filter ignore "ifconfig-ipv6"

Step3: Install and run openvpn

apt update; apt install -y openvpn
openvpn ./myconf