ok. set DNS on router and the docker to just use google dns (8.8.8.8,8.8.4.4). Same outcome. Put static IP for the PIA server in the .ovpn file, but the log gives the port forwarding error (tried both vancouver and montreal, which are listed as supporting port forwarding), but webui comes up. Preliminary research shows I'd probably need a router to support DNSmasq to get past comcast highjacking the dns request. Are you aware of an alternative? Thank you for the help!
log:
2019-09-01 11:30:14.654683 [info] System information Linux cf77fb93c64e 4.19.55-Unraid #1 SMP Sat Jun 22 08:31:17 PDT 2019 x86_64 GNU/Linux
2019-09-01 11:30:14.692729 [info] PUID defined as '99'
2019-09-01 11:30:14.733555 [info] PGID defined as '100'
2019-09-01 11:30:15.495578 [info] UMASK defined as '000'
2019-09-01 11:30:15.532925 [info] Permissions already set for volume mappings
2019-09-01 11:30:15.574379 [info] DELUGE_DAEMON_LOG_LEVEL not defined,(via -e DELUGE_DAEMON_LOG_LEVEL), defaulting to 'info'
2019-09-01 11:30:15.612728 [info] DELUGE_WEB_LOG_LEVEL not defined,(via -e DELUGE_WEB_LOG_LEVEL), defaulting to 'info'
2019-09-01 11:30:15.650402 [info] VPN_ENABLED defined as 'yes'
2019-09-01 11:30:15.694916 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/CA Montreal.ovpn
dos2unix: converting file /config/openvpn/CA Montreal.ovpn to Unix format...
2019-09-01 11:30:15.749879 [info] VPN remote line defined as 'remote 199.229.249.140 1198'
2019-09-01 11:30:15.787831 [info] VPN_REMOTE defined as '199.229.249.140'
2019-09-01 11:30:15.833901 [info] VPN_PORT defined as '1198'
2019-09-01 11:30:15.875820 [info] VPN_PROTOCOL defined as 'udp'
2019-09-01 11:30:15.915620 [info] VPN_DEVICE_TYPE defined as 'tun0'
2019-09-01 11:30:15.953417 [info] VPN_PROV defined as 'pia'
2019-09-01 11:30:15.993647 [info] LAN_NETWORK defined as '192.168.0.0/24'
2019-09-01 11:30:16.034373 [info] NAME_SERVERS defined as '8.8.8.8,8.8.4.4'
2019-09-01 11:30:16.072236 [info] VPN_USER defined as 'user'
2019-09-01 11:30:16.110315 [info] VPN_PASS defined as 'password'
2019-09-01 11:30:16.148060 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2019-09-01 11:30:16.185550 [info] STRICT_PORT_FORWARD defined as 'yes'
2019-09-01 11:30:16.226503 [info] ENABLE_PRIVOXY defined as 'no'
2019-09-01 11:30:16.271766 [info] Starting Supervisor...
2019-09-01 11:30:16,537 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2019-09-01 11:30:16,538 INFO Set uid to user 0 succeeded
2019-09-01 11:30:16,541 INFO supervisord started with pid 6
2019-09-01 11:30:16.034373 [info] NAME_SERVERS defined as '8.8.8.8,8.8.4.4'
2019-09-01 11:30:16.072236 [info] VPN_USER defined as 'user'
2019-09-01 11:30:16.110315 [info] VPN_PASS defined as 'password'
2019-09-01 11:30:16.148060 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2019-09-01 11:30:16.185550 [info] STRICT_PORT_FORWARD defined as 'yes'
2019-09-01 11:30:16.226503 [info] ENABLE_PRIVOXY defined as 'no'
2019-09-01 11:30:16.271766 [info] Starting Supervisor...
2019-09-01 11:30:16,537 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2019-09-01 11:30:16,538 INFO Set uid to user 0 succeeded
2019-09-01 11:30:16,541 INFO supervisord started with pid 6
2019-09-01 11:30:17,544 INFO spawned: 'start-script' with pid 149
2019-09-01 11:30:17,546 INFO spawned: 'watchdog-script' with pid 150
2019-09-01 11:30:17,546 INFO reaped unknown pid 7
2019-09-01 11:30:17,553 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN
2019-09-01 11:30:17,554 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2019-09-01 11:30:17,554 INFO success: watchdog-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2019-09-01 11:30:17,557 DEBG 'watchdog-script' stderr output:
dos2unix:
2019-09-01 11:30:17,557 DEBG 'watchdog-script' stderr output:
converting file /config/core.conf to Unix format...
2019-09-01 11:30:17,668 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1
2019-09-01 11:30:17,672 DEBG 'start-script' stdout output:
[info] Adding 8.8.8.8 to /etc/resolv.conf
2019-09-01 11:30:17,676 DEBG 'start-script' stdout output:
[info] Adding 8.8.4.4 to /etc/resolv.conf
2019-09-01 11:30:17,680 DEBG 'start-script' stdout output:
199.229.249.140
2019-09-01 11:30:17,712 DEBG 'start-script' stdout output:
[info] Docker network defined as 172.17.0.0/16
2019-09-01 11:30:17,716 DEBG 'start-script' stdout output:
[info] Adding 192.168.0.0/24 as route via docker eth0
2019-09-01 11:30:17,718 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------
2019-09-01 11:30:17,720 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.4
192.168.0.0/24 via 172.17.0.1 dev eth0
2019-09-01 11:30:17,720 DEBG 'start-script' stdout output:
--------------------
2019-09-01 11:30:17,723 DEBG 'start-script' stdout output:
iptable_mangle 16384 2
ip_tables 24576 5 iptable_filter,iptable_nat,iptable_mangle
2019-09-01 11:30:17,724 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables
2019-09-01 11:30:17,763 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------
2019-09-01 11:30:17,765 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT DROP
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.0.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
2019-09-01 11:30:17,767 DEBG 'start-script' stdout output:
--------------------
2019-09-01 11:30:17,767 DEBG 'start-script' stdout output:
[info] Starting OpenVPN...
2019-09-01 11:30:17,783 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:17 2019 WARNING: file 'credentials.conf' is group or others accessible
Sun Sep 1 11:30:17 2019 OpenVPN 2.4.7 [git:makepkg/2b8aec62d5db2c17+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 19 2019
Sun Sep 1 11:30:17 2019 library versions: OpenSSL 1.1.1c 28 May 2019, LZO 2.10
2019-09-01 11:30:17,784 DEBG 'start-script' stdout output:
[info] OpenVPN started
Sun Sep 1 11:30:17 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2019-09-01 11:30:17,785 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:17 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]199.229.249.140:1198
2019-09-01 11:30:17,785 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:17 2019 UDP link local: (not bound)
Sun Sep 1 11:30:17 2019 UDP link remote: [AF_INET]199.229.249.140:1198
2019-09-01 11:30:18,217 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:18 2019 [8afa1118096e2faab887e67d29332f3d] Peer Connection Initiated with [AF_INET]199.229.249.140:1198
2019-09-01 11:30:19,337 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:19 2019 TUN/TAP device tun0 opened
Sun Sep 1 11:30:19 2019 /usr/bin/ip link set dev tun0 up mtu 1500
2019-09-01 11:30:19,339 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:19 2019 /usr/bin/ip addr add dev tun0 local 10.80.10.6 peer 10.80.10.5
2019-09-01 11:30:19,340 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:19 2019 /root/openvpnup.sh tun0 1500 1558 10.80.10.6 10.80.10.5 init
2019-09-01 11:30:19,350 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:19 2019 Initialization Sequence Completed
2019-09-01 11:30:19,477 DEBG 'start-script' stdout output:
[info] Port forwarding is enabled
[info] Checking endpoint '199.229.249.140' is port forward enabled...
2019-09-01 11:30:19,337 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:19 2019 TUN/TAP device tun0 opened
Sun Sep 1 11:30:19 2019 /usr/bin/ip link set dev tun0 up mtu 1500
2019-09-01 11:30:19,339 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:19 2019 /usr/bin/ip addr add dev tun0 local 10.80.10.6 peer 10.80.10.5
2019-09-01 11:30:19,340 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:19 2019 /root/openvpnup.sh tun0 1500 1558 10.80.10.6 10.80.10.5 init
2019-09-01 11:30:19,350 DEBG 'start-script' stdout output:
Sun Sep 1 11:30:19 2019 Initialization Sequence Completed
2019-09-01 11:30:19,477 DEBG 'start-script' stdout output:
[info] Port forwarding is enabled
[info] Checking endpoint '199.229.249.140' is port forward enabled...
2019-09-01 11:30:19,504 DEBG 'start-script' stdout output:
[info] Attempting to curl https://www.privateinternetaccess.com/vpninfo/servers?version=82...
2019-09-01 11:30:20,554 DEBG 'start-script' stdout output:
[info] Curl successful for https://www.privateinternetaccess.com/vpninfo/servers?version=82, response code 200
2019-09-01 11:30:20,886 DEBG 'start-script' stdout output:
[warn] PIA endpoint '199.229.249.140' is not in the list of endpoints that support port forwarding, DL/UL speeds maybe slow
[info] Please consider switching to one of the endpoints shown below
2019-09-01 11:30:20,886 DEBG 'start-script' stdout output:
[info] List of PIA endpoints that support port forwarding:-
2019-09-01 11:30:20,887 DEBG 'start-script' stdout output:
[info] ca-toronto.privateinternetaccess.com
[info] ca-montreal.privateinternetaccess.com
[info] ca-vancouver.privateinternetaccess.com
[info] de-berlin.privateinternetaccess.com
[info] de-frankfurt.privateinternetaccess.com
[info] sweden.privateinternetaccess.com
[info] swiss.privateinternetaccess.com
[info] france.privateinternetaccess.com
[info] czech.privateinternetaccess.com
[info] spain.privateinternetaccess.com
[info] ro.privateinternetaccess.com
[info] israel.privateinternetaccess.com
[info] Attempting to get dynamically assigned port...
2019-09-01 11:30:20,913 DEBG 'start-script' stdout output:
[info] Attempting to curl http://209.222.18.222:2000/?client_id=c642926ef6183f16b694d25bc3e503a9fa7839683e96436051193b2ad578f892...
2019-09-01 11:30:21,574 DEBG 'start-script' stdout output:
[info] Curl successful for http://209.222.18.222:2000/?client_id=c642926ef6183f16b694d25bc3e503a9fa7839683e96436051193b2ad578f892, response code 200
2019-09-01 11:30:21,615 DEBG 'start-script' stdout output:
[info] Successfully assigned incoming port 44987
2019-09-01 11:30:21,617 DEBG 'start-script' stdout output:
[info] Checking we can resolve name 'www.google.com' to address...
2019-09-01 11:30:21,802 DEBG 'start-script' stdout output:
[info] DNS operational, we can resolve name 'www.google.com' to address '172.217.165.4'
2019-09-01 11:30:21,806 DEBG 'start-script' stdout output:
[info] Attempting to get external IP using Name Server 'ns1.google.com'...
2019-09-01 11:30:22,219 DEBG 'start-script' stdout output:
[info] Successfully retrieved external IP address 199.229.249.140
2019-09-01 11:30:22,501 DEBG 'watchdog-script' stdout output:
[info] Deluge listening interface IP 0.0.0.0 and VPN provider IP 10.80.10.6 different, marking for reconfigure
2019-09-01 11:30:22,505 DEBG 'watchdog-script' stdout output:
[info] Deluge not running
2019-09-01 11:30:22,509 DEBG 'watchdog-script' stdout output:
[info] Deluge Web UI not running
2019-09-01 11:30:22,509 DEBG 'watchdog-script' stdout output:
[info] Deluge incoming port 6890 and VPN incoming port 44987 different, marking for reconfigure
2019-09-01 11:30:22,510 DEBG 'watchdog-script' stdout output:
[info] Attempting to start Deluge...
[info] Removing deluge pid file (if it exists)...
2019-09-01 11:30:24,355 DEBG 'watchdog-script' stdout output:
[info] Deluge key 'listen_interface' currently has a value of '10.1.11.10'
[info] Deluge key 'listen_interface' will have a new value '10.80.10.6'
[info] Writing changes to Deluge config file '/config/core.conf'...
2019-09-01 11:30:24,660 DEBG 'watchdog-script' stdout output:
[info] Deluge key 'outgoing_interface' currently has a value of 'tun0'
[info] Deluge key 'outgoing_interface' will have a new value 'tun0'
[info] Writing changes to Deluge config file '/config/core.conf'...
2019-09-01 11:30:24,934 DEBG 'watchdog-script' stdout output:
[info] Deluge key 'default_daemon' currently has a value of 'a1b91b5489ec17c4d147c3063509a7a8cfa43cfd'
[info] Deluge key 'default_daemon' will have a new value 'a1b91b5489ec17c4d147c3063509a7a8cfa43cfd'
[info] Writing changes to Deluge config file '/config/web.conf'...
2019-09-01 11:30:25,772 DEBG 'watchdog-script' stdout output:
[info] Deluge process started
[info] Waiting for Deluge process to start listening on port 58846...
2019-09-01 11:30:26,252 DEBG 'watchdog-script' stdout output:
[info] Deluge process listening on port 58846
2019-09-01 11:30:32,210 DEBG 'watchdog-script' stdout output:
Setting "random_port" to: False
Configuration value successfully updated.
2019-09-01 11:30:32,210 DEBG 'watchdog-script' stdout output:
Setting "random_port" to: False
Configuration value successfully updated.
2019-09-01 11:30:39,973 DEBG 'watchdog-script' stdout output:
Setting "listen_ports" to: (44987, 44987)
Configuration value successfully updated.
2019-09-01 11:30:45,834 DEBG 'watchdog-script' stdout output:
[info] No torrents with state 'Error' found
2019-09-01 11:30:45,834 DEBG 'watchdog-script' stdout output:
[info] Starting Deluge Web UI...
2019-09-01 11:30:45,834 DEBG 'watchdog-script' stdout output:
[info] Deluge Web UI started