nginx template fix

APP_PROFILER/Dockerfile

@@ -1,7 +1,7 @@
 FROM python:3.12-alpine
 
 # Install OpenVPN, OpenRC and other system deps
-RUN apk add --no-cache openvpn openrc iproute2 bash
+RUN apk add --no-cache openvpn openrc iproute2 bash iptables
 
 WORKDIR /app
 

APP_PROFILER/entrypoint.sh

@@ -10,6 +10,14 @@ fi
 # Enable IP forwarding
 sysctl -w net.ipv4.ip_forward=1
 
+# NAT MASQUERADE
+iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+
+# MSS Clamping (Path MTU Tuning)
+# Works for both directions in one rule on the FORWARD chain
+iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
+
+
 # Start OpenRC (needed for rc-service if we use it, but better to start openvpn directly or via rc)
 # Since we are in Alpine, we can try to start the service if configured, 
 # but Container 4 main.py might expect rc-service to work.

APP_PROFILER/templates/server.conf.j2

@@ -28,13 +28,13 @@ server {{ vpn_network }} {{ vpn_netmask }}
 
 ifconfig-pool-persist /etc/openvpn/ipp.txt
 
-log /etc/openvpn/openvpn.log
-log-append /etc/openvpn/openvpn.log
+log /var/log/openvpn/openvpn-status.log
+log-append /var/log/openvpn/openvpn-status.log
 
 verb 3
 
 # Use Extended Status Output
-status /etc/openvpn/openvpn-status.log 5
+status /var/log/openvpn/openvpn-status.log 5
 status-version 2
 
 # Tunneling Mode