From 4617918cbd0b40707fd1ccc4526e3de04b4b1f68 Mon Sep 17 00:00:00 2001
From: Jess Frazelle <acidburn@microsoft.com>
Date: Wed, 8 Nov 2017 13:16:51 -0500
Subject: [PATCH] add opensnitch

Signed-off-by: Jess Frazelle <acidburn@microsoft.com>
---
 opensnitch/Dockerfile  | 1 +
 opensnitchd/Dockerfile | 5 ++++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/opensnitch/Dockerfile b/opensnitch/Dockerfile
index 50eb195..6fd6485 100644
--- a/opensnitch/Dockerfile
+++ b/opensnitch/Dockerfile
@@ -4,6 +4,7 @@
 #		-v /tmp/.X11-unix:/tmp/.X11-unix \
 #		-e "DISPLAY=unix${DISPLAY}" \
 #		--net host \
+#		--cap-add NET_ADMIN \
 #		--name opensnitch \
 #		r.j3ss.co/opensnitch
 #
diff --git a/opensnitchd/Dockerfile b/opensnitchd/Dockerfile
index 74a0a3b..02e74e8 100644
--- a/opensnitchd/Dockerfile
+++ b/opensnitchd/Dockerfile
@@ -2,11 +2,13 @@
 #	docker run  -d \
 #		--name=opensnitchd \
 #		--net host \
+#		--cap-add NET_ADMIN \
 #		r.j3ss.co/opensnitchd
 #
 FROM alpine:latest
 
 RUN apk add --no-cache \
+	iptables \
 	libcap \
 	libnetfilter_queue \
 	libnfnetlink \
@@ -17,6 +19,7 @@ RUN apk add --no-cache \
 	tcpdump \
 	--repository https://dl-3.alpinelinux.org/alpine/edge/testing
 
+ENV XTABLES_LIBDIR "/usr/lib/xtables"
 ENV OPENSNITCH_VERSION master
 
 RUN buildDeps=' \
@@ -40,4 +43,4 @@ RUN buildDeps=' \
 	&& apk del $buildDeps \
 	&& echo "Build complete."
 
-CMD ["/usr/bin/opensnitchd"]
+ENTRYPOINT ["/usr/bin/opensnitchd", "--debug"]