Convert an OpenWrt Rootfs to a Docker Image
·2 min read·BIGWONG Studio
DockerOpenWrt
Package openwrt-x86-64-generic-rootfs.tar.gz into a Docker image for a bypass-router setup.
- Get the OpenWrt rootfs
- Build it yourself, or
- Download a prebuilt rootfs from OpenWrt releases
-
Rename the file to
OpenWrt.tar.gz -
Create a
Dockerfile
FROM scratch
ADD OpenWrt.tar.gz /
EXPOSE 80 443 22
CMD ["/sbin/init"]
- Build the image
docker build -t myopenwrt .
At this point the image is ready, but the default firewall and IP settings will break the network when you run it. Update configs below.
- Save the following files in the same folder as the
Dockerfile
| File | Purpose |
|---|---|
| turboacc | Disable flow offloading |
| dhcp | Disable DHCP |
| firewall | Bypass-router firewall rules |
| inittab | Startup services |
| network | Container IP, gateway, DNS |
| rc.local | Rewrite resolv.conf on boot |
| resolv.conf | DNS config |
Note: Some upstream routers implement NAT differently. If OpenWrt itself works but downstream devices cannot access the internet, enable IP masquerade (MASQUERADE) in OpenWrt firewall settings. If it already works without it, keep it off.
- Replace
Dockerfilecontent
FROM scratch
ADD OpenWrt.tar.gz /
COPY turboacc /etc/config/turboacc
COPY dhcp /etc/config/dhcp
COPY firewall /etc/config/firewall
COPY network /etc/config/network
COPY resolv.conf /root/resolv.conf
COPY rc.local /etc/rc.local
COPY inittab /etc/inittab
EXPOSE 80 443 22
CMD ["/sbin/init"]
- Rebuild the image
docker build -t myopenwrt .
- Run and test your bypass router