Как настроить NAT Docker чтобы IP игроков был нормальным?

Question

shaesnow @shaesnow

Как настроить NAT Docker чтобы IP игроков был нормальным?

iproute2:

spoiler

root@debian:~# ip ro
default via 192.168.0.1 dev eth0
10.228.228.0/24 dev wg0 proto kernel scope link src 10.228.228.2
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
172.18.0.0/16 dev pterodactyl0 proto kernel scope link src 172.18.0.1 linkdown
172.19.0.0/16 dev br-47340319d664 proto kernel scope link src 172.19.0.1 linkdow                                                                                                                                                             n
172.20.0.0/16 dev br-231d8fbb1e1c proto kernel scope link src 172.20.0.1 linkdow                                                                                                                                                             n
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.226
root@debian:~# ip ru
0:      from all lookup local
32763:  from 10.228.228.2 lookup T2
32764:  from all lookup main suppress_prefixlength 0
32766:  from all lookup main
32767:  from all lookup default
root@debian:~# ip route show table T2
default via 10.228.228.1 dev wg0
10.228.228.0/24 dev wg0 scope link src 10.228.228.2
127.0.0.0/8 dev lo scope link

iptables:

spoiler

root@debian:~# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DOCKER     all  --  anywhere             anywhere             ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
DOCKER     all  --  anywhere            !127.0.0.0/8          ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  172.17.0.0/16        anywhere
MASQUERADE  all  --  172.18.0.0/16        anywhere
SNAT       all  --  172.19.0.0/16        anywhere             to:0.0.0.0
SNAT       all  --  172.20.0.0/16        anywhere             to:192.168.0.226
MASQUERADE  tcp  --  172.18.0.2           172.18.0.2           tcp dpt:25565
MASQUERADE  udp  --  172.18.0.2           172.18.0.2           udp dpt:25565

Chain DOCKER (2 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
RETURN     all  --  anywhere             anywhere
RETURN     all  --  anywhere             anywhere
RETURN     all  --  anywhere             anywhere
DNAT       tcp  --  anywhere             anywhere             tcp dpt:25565 to:172.18.0.2:25565
DNAT       udp  --  anywhere             anywhere             udp dpt:25565 to:172.18.0.2:25565

сеть докера:

spoiler

root@debian:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:15:5d:00:99:15 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.226/24 brd 192.168.0.255 scope global dynamic eth0
       valid_lft 6847sec preferred_lft 6847sec
    inet6 fe80::215:5dff:fe00:9915/64 scope link
       valid_lft forever preferred_lft forever
3: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 10.228.228.2/24 scope global wg0
       valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:1a:89:57:e5 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
5: br-231d8fbb1e1c: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:d8:98:09:5a brd ff:ff:ff:ff:ff:ff
    inet 172.20.0.1/16 brd 172.20.255.255 scope global br-231d8fbb1e1c
       valid_lft forever preferred_lft forever
6: br-47340319d664: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:6b:b7:e7:a6 brd ff:ff:ff:ff:ff:ff
    inet 172.19.0.1/16 brd 172.19.255.255 scope global br-47340319d664
       valid_lft forever preferred_lft forever
7: pterodactyl0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:39:63:bb:fc brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.1/16 brd 172.18.255.255 scope global pterodactyl0
       valid_lft forever preferred_lft forever
    inet6 fdba:17c8:6c94::1011/64 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::42:39ff:fe63:bbfc/64 scope link
       valid_lft forever preferred_lft forever
    inet6 fe80::1/64 scope link
       valid_lft forever preferred_lft forever
9: veth34ff88f@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master pterodactyl0 state UP group default
    link/ether be:12:f1:c8:58:70 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::bc12:f1ff:fec8:5870/64 scope link
       valid_lft forever preferred_lft forever

Как настроить это чтобы на сервер входило? Если правила удалить через iptables -t nat -F - тогда на сервер входит но Ip у игроков «172.18.0.1», есть способ сделать IP игроков нормальным?