Running CatWrt bypass gateway in 1Panel, here Debian has been installed with 1Panel, the host machine is a virtual Debian on PVE, today I will briefly introduce the installation method of CatWrt-rootfs.
Yesterday I uploaded the rootfs files to Docker Hub, so everyone can directly pull the image in the future, which is quite convenient. There is no need to download this rootfs version of CatWrt from cloud storage or GitHub anymore; I will just provide a method for installing this rootfs.
It is recommended to use our docker-compose to configure CatWrt. If you do not have 1Panel, it can still be used; tools like Baota do not even require a panel.
root@Debian:~# neofetch
_,met$$$$$gg. root@Debian
,g$$$$$$$$$$$$$$$P. -----------
,g$$P" """Y$$.". OS: Debian GNU/Linux 12 (bookworm) x86_64
,$$P' `$$$. Host: KVM/QEMU (Standard PC (i440FX + PIIX, 1996) pc-i440fx-9.0)
',$$P ,ggs. `$$b: Kernel: 6.1.0-9-amd64
`d$$' ,$P"' . $$$ Uptime: 42 mins
$$P d$' , $$P Packages: 711 (dpkg)
$$: $$. - ,d$$' Shell: bash 5.2.15
$$; Y$b._ _,d$P' Resolution: 1280x800
Y$$. `.`"Y$$$$P"' Terminal: /dev/pts/0
`$$b "-.__ CPU: AMD Ryzen 5 1600 (8) @ 3.199GHz
`Y$$ GPU: 00:02.0 Vendor 1234 Device 1111
`Y$$. Memory: 507MiB / 1482MiB
`$$b.
`Y$$b.
`"Y$b._
`"""
Promiscuous Mode for Network Card#
First, you need to enable promiscuous mode on the network card in Debian; my network card here is ens18.
root@Debian:~# ip addr
2: ens18: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 92:64:15:a8:91:63 brd ff:ff:ff:ff:ff:ff
altname enp0s18
inet 10.0.0.1/24 brd 10.0.0.255 scope global ens18
valid_lft forever preferred_lft forever
inet6 fd61:e296:244b:0:9064:15ff:fea8:9163/64 scope global dynamic mngtmpaddr
valid_lft forever preferred_lft forever
inet6 2408:8256:c84:9a4c:XXXX:XXXX::1/64 scope global dynamic mngtmpaddr
valid_lft 189872sec preferred_lft 103472sec
inet6 fe80::9064:15ff:fea8:9163/64 scope link
valid_lft forever preferred_lft forever
Set the ens18 network card to promiscuous mode to allow the container to directly access the local area network.
sudo ip link set ens18 promisc on
Create Network Card#
Here, create a network card with subnet=10.0.0.0/24 and gateway=10.0.0.4, which needs to be configured according to your own network environment.
-
If your subnet is 192.168.1.4, then the corresponding
subnet=192.168.1.0/24subnet mask. -
gateway=10.0.0.4is your main router address, set as the gateway.
docker network create -d macvlan --subnet=10.0.0.0/24 --gateway=10.0.0.4 -o parent=enp0s18 maclan
After setting, check if it is configured correctly with docker network ls.
root@Debian:~# docker network ls
NETWORK ID NAME DRIVER SCOPE
d9dd5df71c88 1panel-network bridge local
70a316d0b976 host host local
779d06aebc6f maclan macvlan local
Orchestration#
In the 1Panel container - Orchestration - Create Orchestration.
Fill in the folder as CatWrt, enter the following content into the editor, and then click confirm.
The CatWrt-rootfs used here is the latest v24.9 version and has the tun module loading enabled.
version: '3.8'
services:
catwrt:
image: miaoer/catwrt:latest
container_name: CatWrt
restart: always
privileged: true
volumes:
- /lib/modules:/lib/modules:ro
- /dev:/dev
command: /sbin/init
cap_add:
- NET_ADMIN
- SYS_MODULE
devices:
- /dev/net/tun
networks:
- maclan
networks:
maclan:
external: true
The author forgot to check if the tun module was actively loaded; if it is not loaded, please run sudo modprobe tun and check with lsmod | grep tun if it has been successfully loaded.
root@Debian:~# sudo modprobe tun
root@Debian:~# lsmod | grep tun
tun 61440 4
root@Debian:~#
Set Up CatWrt#
First, connect to the CatWrt terminal on Debian.
docker exec -it CatWrt /bin/bash
Enter CatWrt and choose to use Cattools to help us modify the IP address; of course, you can also use the network wizard to fill in your information correctly.
cattools
Note: Here CatWrt is not connected to the specified gateway, so it will retry multiple times to obtain the latest version of Cattools; please do not interrupt!
root@Debian:~# docker exec -it CatWrt /bin/bash
bash-5.2# cattools
Please wait for the script to be updated.
Attempt 1 failed. Retrying...
Attempt 2 failed. Retrying...
Attempt 3 failed. Retrying...
Unable to download the latest version, continue to use the current offline version.
----------------------------------------------------------
CatTools
https://github.com/miaoermua/cattools
----------------------------------------------------------
1. SetIP - Set IP
2. Network_Wizard - Network Wizard
3. Apply_repo - Software Source Configuration
4. Diagnostics - Network Diagnostics
5. Debug - Capture Logs
6. Catwrt_update - Check for Updates
7. Sysupgrade - System Update
8. Restore - Restore Packages
9. Utilities(more) - Utilities
0. Exit - Exit
----------------------------------------------------------
Please enter a number and press Enter: 1
Please enter the IP Addr and press Enter /// 请输入 IP (默认为 192.168.1.4): 10.0.0.233
Default IP has been set to 10.0.0.233
If you want to install plugins, you can also use the Software Source Configuration in Cattools.
Conclusion#
CatWrt-rootfs still has many plugins or software that require special settings or cannot be used. This is my first time working with this rootfs, and I haven't used it yet. If there are any questions, feel free to discuss in the comments.
Reference: Cnblogs: Installing OpenWRT via Docker on a Dual-NIC Host to Achieve Soft Routing Functionality
This article is synchronized and updated to xLog by Mix Space. The original link is https://www.miaoer.net/posts/network/1panel-deploy-catwrt-rootfs