Jump to content

WarezMonkey

Members
 View Profile  See their activity

  • Posts

    7

  • Joined

  • Last visited

 Content Type 

Posts posted by WarezMonkey

    [Support] binhex - DelugeVPN

    in Docker Containers

    Posted

    2 hours ago, binhex said:

    lol well that will do it, how odd that its not ALL qnap users that are affected by this.

     

    if i were you i would remove that line from that file and see what happens.

    Success! I edited the daemon_mgr.conf file and removed that line. I then restarted the daemon_mgr and the line is still gone. I started up the delugevpn docker and it is stable!! Thanks for the help!

    • Like 1

    [Support] binhex - DelugeVPN

    in Docker Containers

    Posted

    2 hours ago, binhex said:

    very weird!, ok so you can temporarily fix this by editing the script that starts openvpn, BUT im concerned that you are the ONLY qnap user that i am aware of that has this issue, i have seen a couple of dozen or so qnap users come here for support over the years and i think you are the first to have this specific issue, which makes me question whether its something specific to how you have your qnap box setup, maybe try shutting down all other containers and vm's, so you literally have nothing running other than this container, if it then stays up you know the issue is caused by another container/vm etc running on your system, then start them up one by one.

     

    Thanks for your help. I'll do this after work today and let you know. I found a few others out there who have the same issue with openvpn on qnap and someone replied about why this is happening:

    Quote

    QNAP use a specific management for daemon ... name daemon_mgr
    ... this daemon management add to start process in daemon state, a "survey" based on daemon_mgr.conf 
    ... ... this daemon_mgr read the .conf file and do (each 30 secs. (around))
    ... ... if daemon is in file in "stop" state ... it kill it
    ... ... if daemon is in "start" state but not running ... after 30 sec. ... daemon_mgr restart it

    Sure enough, I find this daemon_mgr.conf file and this is what it says: 

    DAEMON62 = openvpn, stop, /usr/sbin/openvpn

    Not sure why this is there and why it seems to only be there for very few QNAP users.

    [Support] binhex - DelugeVPN

    in Docker Containers

    Posted · Edited by WarezMonkey

    11 hours ago, binhex said:

    i think i see the issue, i have rebuilt the image without the single quotes for the optional argument(s), so pull down the new image, obviously keep the single quotes for the run command as they were and see what you get.

    I was able to run the entire openvpn command from outside my container and it is the same thing. It connects and initializes fine, then says "Killed" without any logging.

      

    Thu Jan 17 21:28:58 2019 /share/CACHEDEV1_DATA/.qpkg/QVPN/etc/init.d/openvpn_up.sh tun0 1500 1558 10.68.10.6 10.68.10.5 init
get_vpn_client_id invalid VPNCONNID=0
get_vpn_server_mark invalid VPNCONNID=0
/etc/init.d/vpn_common.sh: line 772: [: -lt: unary operator expected
Thu Jan 17 21:28:59 2019 Initialization Sequence Completed
Killed

    I will continue investigation with some qnap forum posts.

     

    **EDIT** - did some more investigation since the QNAP allows me to run openvpn internally:

     

    I set up a VPN using Qnap's built in QVPN to my PIA server and it works fine. I then ran "ps aux" to see the command that QVPN runs and it is: 

    /usr/sbin/openvpnclient --config /etc/config/openvpn/clients/client1 --cd /etc/config/openvpn/clients .... etc

    The command I was running and is killed after 30s is straight openvpn, not /usr/sbin/openvpnclient

    Looks almost like the QNAP is killing some non-standard openvpn?

     

    But then take a look at this, both commands point to the same command!
      

    [~] # ll /usr/sbin/|grep vpn
lrwxrwxrwx  1 admin administrators   49 2019-01-16 19:36 openvpn -> /share/CACHEDEV1_DATA/.qpkg/QVPN/usr/sbin/openvpn*
lrwxrwxrwx  1 admin administrators   49 2019-01-16 19:36 openvpnclient -> /share/CACHEDEV1_DATA/.qpkg/QVPN/usr/sbin/openvpn*

    Literally I run the same command but with a different link and QTS kills one of them.  :-0  

    Works every time... Now if only I can change the docker to run openvpnclient. Or swear at qnap support for this.

    [Support] binhex - DelugeVPN

    in Docker Containers

    Posted

    21 minutes ago, binhex said:

    i think i see the issue, i have rebuilt the image without the single quotes for the optional argument(s), so pull down the new image, obviously keep the single quotes for the run command as they were and see what you get.

    Ok thanks! I'll give that a try. There definitely is something fishy with my NAS since I seem to be seeing the same issue when I try haugene/transmission. Openvpn connects, gets an IP, gets a port..... then dies (which in that docker image, kills the container). 

    [Support] binhex - DelugeVPN

    in Docker Containers

    Posted · Edited by WarezMonkey

    On 1/15/2019 at 11:03 AM, binhex said:

    you can certainly have a play with VPN_OPTIONS, this is one of the scenarios where it might come in handy, maybe you could turn the logs up for openvpn, i have a feeling though that this prob wont expose the real issue as i dont believe its an openvpn problem, more likely something on your system is killing the process. 

      

    have a look in your system log for qnap, look out for oom_killer kicking in, is your system low on available ram?.

    My memory seems fine when the container is running. There is no oom killer and I can't see any QNAP logs that indicate openvpn is being killed. Just a mystery. I am at a loss. I will continue some other troubleshooting with VPN disabled and another docker with just OpenVPN to see if it is my system or network setup.

     

    I can't get VPN_OPTIONS to work. I am unsure if it is possible with the syntax. It seems to put single quotes around it. I have to use some quotes in my docker command line: 

    -e VPN_OPTIONS='--log-append /config/openvpn.log' \
-e DEBUG=true \
-e STRICT_PORT_FORWARD=yes \
binhex/arch-delugevpn

2019-01-16 19:44:48,382 DEBG 'start-script' stdout output:
[debug] OpenVPN command line:- /usr/bin/openvpn --daemon --reneg-sec 0 --mute-replay-warnings --auth-nocache --setenv VPN_PROV 'pia' --setenv DEBUG 'true' --setenv VPN_DEVICE_TY
PE 'tun0' --setenv VPN_REMOTE 'ca-toronto.privateinternetaccess.com' --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --writepid /root/openvpn.pid --remap-usr
1 SIGHUP --log-append /dev/stdout --pull-filter ignore 'up' --pull-filter ignore 'down' --pull-filter ignore 'route-ipv6' --pull-filter ignore 'ifconfig-ipv6' --pull-filter igno
re 'tun-ipv6' --pull-filter ignore 'persist-tun' --pull-filter ignore 'reneg-sec' --remote 172.98.67.56 1198 udp --remote 172.98.67.65 1198 udp --remote 172.98.67.62 1198 udp --
remote 172.98.67.76 1198 udp --remote 172.98.67.89 1198 udp --remote 172.98.67.54 1198 udp --remote 172.98.67.6 1198 udp --remote 172.98.67.58 1198 udp --remote 172.98.67.81 119
8 udp --remote 172.98.67.73 1198 udp --remote 172.98.67.11 1198 udp --remote 172.98.67.46 1198 udp --remote 172.98.67.16 1198 udp --remote-random --keepalive 10 60 --setenv STRI
CT_PORT_FORWARD 'yes' --disable-occ '--log-append /config/openvpn.log' --cd /config/openvpn --config '/config/openvpn/CA Toronto.ovpn'
[info] Starting OpenVPN...

2019-01-16 19:44:48,415 DEBG 'start-script' stdout output:
Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: log-append /config/openvpn.log (2.4.6)

     

    [Support] binhex - DelugeVPN

    in Docker Containers

    Posted · Edited by WarezMonkey

    19 hours ago, binhex said:

    i can see the openvpn process is terminated, no obvious reasons why, perhaps give your qnap box a full system restart.

     

    Thanks @binhex. Still nothing. OpenVPN dies after 30s when everything seems fine. I'd like to try and modify the openvpn start command to log-append to somewhere. Or does this "--log-append /dev/stdout " log to my supervisord.log? Maybe try some -e VPN_OPTIONS ?

    [Support] binhex - DelugeVPN

    in Docker Containers

    Posted

    My OpenVPN process keeps terminating and I can't figure out why. I am using PIA and port forwarding with CA Toronto. Is there any way to see logs for OpenVPN? It looks like they are going to stdout where I can't see why it dies and restarts. I am trying to set this up on my QNAP nas using bridge mode with a static IP. Everything seems fine and I get an IP from PIA and a port, but then it dies 30s later and restarts.

     

    Any help would be appreciated. Thank you.

     

    Here's my docker run command from the CLI 

    docker run --privileged -d \
--network=qnet-static-eth1-79e6cc \
--hostname=delugevpn \
--ip=192.168.1.153 \
--name=delugevpn \
-v /share/CACHEDEV1_DATA/Container/deluge/data:/data \
-v /share/CACHEDEV1_DATA/Container/deluge/config:/config \
-v /share/CACHEDEV1_DATA/Download/deluge/completed:/completed \
-v /etc/localtime:/etc/localtime:ro \
-e VPN_ENABLED=yes \
-e VPN_PROV=pia \
-e STRONG_CERTS=yes \
-e ENABLE_PRIVOXY=no \
-e LAN_NETWORK=192.168.1.0/24 \
-e PUID=0 \
-e PGID=0 \
-e NAME_SERVERS=192.168.1.1,8.8.8.8 \
-e DELUGE_DAEMON_LOG_LEVEL=info \
-e DELUGE_WEB_LOG_LEVEL=info \
-e OPENVPN_LOG_LEVEL=debug \
-e DEBUG=true \
-e STRICT_PORT_FORWARD=yes \
binhex/arch-delugevpn

     

    And here is my debug log of supervisord.log.  Is it something to do with that iptable_mangle warning? It's the only thing I can see.

      

    Created by...
___.   .__       .__                   
\_ |__ |__| ____ |  |__   ____ ___  ___
 | __ \|  |/    \|  |  \_/ __ \\  \/  /
 | \_\ \  |   |  \   Y  \  ___/ >    < 
 |___  /__|___|  /___|  /\___  >__/\_ \
     \/        \/     \/     \/      \/
   https://hub.docker.com/u/binhex/

2019-01-13 17:16:41.359856 [info] System information Linux delugevpn 4.2.8 #1 SMP Fri Dec 28 00:59:23 CST 2018 x86_64 GNU/Linux
2019-01-13 17:16:41.615094 [info] PUID defined as '0'
2019-01-13 17:16:42.412277 [info] PGID defined as '0'
2019-01-13 17:16:43.631135 [warn] UMASK not defined (via -e UMASK), defaulting to '000'
2019-01-13 17:16:43.835047 [info] Permissions already set for volume mappings
2019-01-13 17:16:43.967537 [info] DELUGE_DAEMON_LOG_LEVEL defined as 'info'
2019-01-13 17:16:44.140868 [info] DELUGE_WEB_LOG_LEVEL defined as 'info'
2019-01-13 17:16:44.233803 [info] VPN_ENABLED defined as 'yes'
2019-01-13 17:16:44.334597 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/CA Toronto.ovpn
dos2unix: converting file /config/openvpn/CA Toronto.ovpn to Unix format...
2019-01-13 17:16:44.498267 [info] VPN remote line defined as 'remote ca-toronto.privateinternetaccess.com 1198'
2019-01-13 17:16:44.592955 [info] VPN_REMOTE defined as 'ca-toronto.privateinternetaccess.com'
2019-01-13 17:16:44.695391 [info] VPN_PORT defined as '1198'
2019-01-13 17:16:44.798500 [info] VPN_PROTOCOL defined as 'udp'
2019-01-13 17:16:44.997414 [info] VPN_DEVICE_TYPE defined as 'tun0'
2019-01-13 17:16:45.222071 [info] VPN_PROV defined as 'pia'
2019-01-13 17:16:45.479353 [info] LAN_NETWORK defined as '192.168.1.0/24'
2019-01-13 17:16:45.723551 [info] NAME_SERVERS defined as '192.168.1.1,8.8.8.8'
2019-01-13 17:16:45.923305 [warn] VPN_USER not defined (via -e VPN_USER), assuming authentication via other method
2019-01-13 17:16:46.245997 [warn] VPN_PASS not defined (via -e VPN_PASS), assuming authentication via other method
2019-01-13 17:16:46.558436 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2019-01-13 17:16:46.910549 [info] STRICT_PORT_FORWARD defined as 'yes'
2019-01-13 17:16:47.141634 [info] ENABLE_PRIVOXY defined as 'no'
2019-01-13 17:16:47.496592 [info] Starting Supervisor...
2019-01-13 17:16:50,119 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2019-01-13 17:16:50,119 INFO Set uid to user 0 succeeded
2019-01-13 17:16:50,126 INFO supervisord started with pid 5
2019-01-13 17:16:51,129 INFO spawned: 'start-script' with pid 150
2019-01-13 17:16:51,132 INFO spawned: 'watchdog-script' with pid 151
2019-01-13 17:16:51,135 INFO spawned: 'privoxy-script' with pid 152
2019-01-13 17:16:51,135 INFO reaped unknown pid 6
2019-01-13 17:16:51,162 DEBG 'privoxy-script' stdout output:
[info] Privoxy set to disabled

2019-01-13 17:16:51,163 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2019-01-13 17:16:51,163 INFO success: watchdog-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2019-01-13 17:16:51,163 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2019-01-13 17:16:51,164 DEBG fd 17 closed, stopped monitoring <POutputDispatcher at 140284601953600 for <Subprocess at 140284666591352 with name privoxy-script in state RUNNING> (stdout)>
2019-01-13 17:16:51,165 DEBG fd 21 closed, stopped monitoring <POutputDispatcher at 140284601954248 for <Subprocess at 140284666591352 with name privoxy-script in state RUNNING> (stderr)>
2019-01-13 17:16:51,165 INFO exited: privoxy-script (exit status 0; expected)
2019-01-13 17:16:51,166 DEBG received SIGCLD indicating a child quit
2019-01-13 17:16:51,172 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN
[debug] Environment variables defined as follows

2019-01-13 17:16:51,172 DEBG 'start-script' stdout output:
BASH=/bin/bash
BASHOPTS=cmdhist:complete_fullquote:extquote:force_fignore:hostcomplete:interactive_comments:progcomp:promptvars:sourcepath
BASH_ALIASES=()
BASH_ARGC=()
BASH_ARGV=()
BASH_CMDS=()
BASH_LINENO=([0]="0")
BASH_SOURCE=([0]="/root/start.sh")
BASH_VERSINFO=([0]="4" [1]="4" [2]="23" [3]="1" [4]="release" [5]="x86_64-unknown-linux-gnu")
BASH_VERSION='4.4.23(1)-release'
DEBUG=true
DELUGE_DAEMON_LOG_LEVEL=info
DELUGE_WEB_LOG_LEVEL=info
DIRSTACK=()
ENABLE_PRIVOXY=no
EUID=0
GROUPS=()
HOME=/home/nobody
HOSTNAME=delugevpn
HOSTTYPE=x86_64
IFS=$' \t\n'
LANG=en_GB.UTF-8
LAN_NETWORK=192.168.1.0/24
MACHTYPE=x86_64-unknown-linux-gnu
NAME_SERVERS=192.168.1.1,8.8.8.8
OPENVPN_LOG_LEVEL=debug
OPTERR=1
OPTIND=1
OSTYPE=linux-gnu
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PGID=0
PIPESTATUS=([0]="0")
PPID=5
PS4='+ '
PUID=0
PWD=/
SHELL=/bin/bash
SHELLOPTS=braceexpand:hashall:interactive-comments
SHLVL=1
STRICT_PORT_FORWARD=yes
STRONG_CERTS=yes
SUPERVISOR_ENABLED=1
SUPERVISOR_GROUP_NAME=start-script
SUPERVISOR_PROCESS_NAME=start-script
TERM=xterm
UID=0
VPN_CONFIG='/config/openvpn/CA Toronto.ovpn'
VPN_DEVICE_TYPE=tun0
VPN_ENABLED=yes
VPN_OPTIONS=
VPN_PASS=
VPN_PORT=1198
VPN_PROTOCOL=udp
VPN_PROV=pia
VPN_REMOTE=ca-toronto.privateinternetaccess.com
VPN_USER=
_='[debug] Environment variables defined as follows'
[debug] Directory listing of files in /config/openvpn as follows

2019-01-13 17:16:51,179 DEBG 'start-script' stdout output:
total 32
drwxrwxr-x 2 root root 4096 Jan 13 17:16 .
drwxrwxr-x 8 root root 4096 Jan 13 17:16 ..
-rwxrwxr-x 1 root root 2025 Nov 12 15:33 ca.rsa.2048.crt
-rwxrwxr-x 1 root root 3173 Jan 13 17:16 CA Toronto.ovpn
-rwxrwxr-x 1 root root   20 Jan 13 16:12 credentials.conf
-rwxrwxr-x 1 root root  869 Nov 12 15:33 crl.rsa.2048.pem

2019-01-13 17:16:51,203 DEBG 'watchdog-script' stderr output:
dos2unix: converting file /config/core.conf to Unix format...

2019-01-13 17:16:51,206 DEBG 'watchdog-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2019-01-13 17:16:51,263 DEBG 'start-script' stdout output:
[debug] Contents of ovpn file /config/openvpn/CA Toronto.ovpn as follows...

2019-01-13 17:16:51,264 DEBG 'start-script' stdout output:
remote ca-toronto.privateinternetaccess.com 1198
client
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server

auth-user-pass credentials.conf
compress
verb 1
<crl-verify>
blah
</crl-verify>

<ca>
blah
</ca>

disable-occ

2019-01-13 17:16:51,290 DEBG 'start-script' stdout output:
[info] Default route for container is 192.168.1.1

2019-01-13 17:16:51,298 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.1 to /etc/resolv.conf

2019-01-13 17:16:51,306 DEBG 'start-script' stdout output:
[info] Adding 8.8.8.8 to /etc/resolv.conf

2019-01-13 17:17:11,380 DEBG 'start-script' stdout output:
[info] Remote VPN endpoint resolves to the following A record(s)...
172.98.67.39 172.98.67.79 172.98.67.41 172.98.67.108 172.98.67.16 172.98.67.29 172.98.67.2 172.98.67.52 172.98.67.37 172.98.67.26 172.98.67.25 172.98.67.84 172.98.67.31

2019-01-13 17:17:11,452 DEBG 'start-script' stdout output:
[info] Attempting to load iptable_mangle module...

2019-01-13 17:17:11,459 DEBG 'start-script' stderr output:
modprobe: FATAL: Module iptable_mangle not found in directory /lib/modules/4.2.8

2019-01-13 17:17:11,462 DEBG 'start-script' stdout output:
[warn] Unable to load iptable_mangle module using modprobe, trying insmod...

2019-01-13 17:17:11,465 DEBG 'start-script' stderr output:
insmod: ERROR: could not load module /lib/modules/iptable_mangle.ko: No such file or directory

2019-01-13 17:17:11,467 DEBG 'start-script' stdout output:
[warn] Unable to load iptable_mangle module, you will not be able to connect to the applications Web UI or Privoxy outside of your LAN
[info] unRAID/Ubuntu users: Please attempt to load the module by executing the following on your host: '/sbin/modprobe iptable_mangle'
[info] Synology users: Please attempt to load the module by executing the following on your host: 'insmod /lib/modules/iptable_mangle.ko'
[debug] Show name servers defined for container

2019-01-13 17:17:11,476 DEBG 'start-script' stdout output:
nameserver 192.168.1.1
nameserver 8.8.8.8

2019-01-13 17:17:11,478 DEBG 'start-script' stdout output:
[debug] Show name resolution for VPN endpoint ca-toronto.privateinternetaccess.com

2019-01-13 17:17:11,518 DEBG 'start-script' stdout output:
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 44605
;; flags: qr rd ra ; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; ca-toronto.privateinternetaccess.com.	IN	A

;; ANSWER SECTION:
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.17
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.58
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.34
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.81
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.83
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.84
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.79
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.73
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.67
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.101
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.28
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.92
ca-toronto.privateinternetaccess.com.	96	IN	A	172.98.67.15

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 27 msec
;; SERVER: 8.8.8.8
;; WHEN: Sun Jan 13 17:17:11 2019
;; MSG SIZE  rcvd: 262

2019-01-13 17:17:11,527 DEBG 'start-script' stdout output:
[debug] Show contents of hosts file

2019-01-13 17:17:11,544 DEBG 'start-script' stdout output:
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
192.168.1.153	delugevpn
172.98.67.39    ca-toronto.privateinternetaccess.com

2019-01-13 17:17:11,640 DEBG 'start-script' stdout output:
[debug] Docker interface defined as eth0

2019-01-13 17:17:11,671 DEBG 'start-script' stdout output:
[debug] Docker IP defined as 192.168.1.153

2019-01-13 17:17:11,712 DEBG 'start-script' stdout output:
[debug] Docker netmask defined as 255.255.255.0

2019-01-13 17:17:11,807 DEBG 'start-script' stdout output:
[info] Docker network defined as    192.168.1.0/24

2019-01-13 17:17:11,838 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0

2019-01-13 17:17:11,850 DEBG 'start-script' stderr output:
RTNETLINK answers: File exists

2019-01-13 17:17:11,852 DEBG 'start-script' stdout output:
[info] ip route defined as follows...

2019-01-13 17:17:11,853 DEBG 'start-script' stdout output:
--------------------

2019-01-13 17:17:11,861 DEBG 'start-script' stdout output:
default via 192.168.1.1 dev eth0 

2019-01-13 17:17:11,862 DEBG 'start-script' stdout output:
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.153 

2019-01-13 17:17:11,864 DEBG 'start-script' stdout output:
--------------------
[debug] Modules currently loaded for kernel

2019-01-13 17:17:11,877 DEBG 'start-script' stdout output:
blahblah blah (let me know if this kernel stuff is needed to help debug)

2019-01-13 17:17:12,039 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2019-01-13 17:17:12,045 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

2019-01-13 17:17:12,046 DEBG 'start-script' stdout output:
--------------------

2019-01-13 17:17:12,049 DEBG 'start-script' stdout output:
[debug] OpenVPN command line:- /usr/bin/openvpn --daemon --reneg-sec 0 --mute-replay-warnings --auth-nocache --setenv VPN_PROV 'pia' --setenv DEBUG 'true' --setenv VPN_DEVICE_TYPE 'tun0' --setenv VPN_REMOTE 'ca-toronto.privateinternetaccess.com' --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --writepid /root/openvpn.pid --remap-usr1 SIGHUP --log-append /dev/stdout --pull-filter ignore 'up' --pull-filter ignore 'down' --pull-filter ignore 'route-ipv6' --pull-filter ignore 'ifconfig-ipv6' --pull-filter ignore 'tun-ipv6' --pull-filter ignore 'persist-tun' --pull-filter ignore 'reneg-sec' --remote 172.98.67.39 1198 udp --remote 172.98.67.79 1198 udp --remote 172.98.67.41 1198 udp --remote 172.98.67.108 1198 udp --remote 172.98.67.16 1198 udp --remote 172.98.67.29 1198 udp --remote 172.98.67.2 1198 udp --remote 172.98.67.52 1198 udp --remote 172.98.67.37 1198 udp --remote 172.98.67.26 1198 udp --remote 172.98.67.25 1198 udp --remote 172.98.67.84 1198 udp --remote 172.98.67.31 1198 udp --remote-random --keepalive 10 60 --setenv STRICT_PORT_FORWARD 'yes' --disable-occ --cd /config/openvpn --config '/config/openvpn/CA Toronto.ovpn'
[info] Starting OpenVPN...

2019-01-13 17:17:12,078 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:12 2019 WARNING: file 'credentials.conf' is group or others accessible

2019-01-13 17:17:12,079 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:12 2019 OpenVPN 2.4.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 24 2018

2019-01-13 17:17:12,080 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:12 2019 library versions: OpenSSL 1.1.1  11 Sep 2018, LZO 2.10

2019-01-13 17:17:12,083 DEBG 'start-script' stdout output:
[info] OpenVPN started

2019-01-13 17:17:12,084 DEBG 'start-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2019-01-13 17:17:12,091 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:12 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2019-01-13 17:17:12,096 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:12 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]172.98.67.16:1198

2019-01-13 17:17:12,097 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:12 2019 UDP link local: (not bound)

2019-01-13 17:17:12,098 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:12 2019 UDP link remote: [AF_INET]172.98.67.16:1198

2019-01-13 17:17:12,693 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:12 2019 [b844ef562befcb59894264bcd4256198] Peer Connection Initiated with [AF_INET]172.98.67.16:1198

2019-01-13 17:17:13,915 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:13 2019 auth-token received, disabling auth-nocache for the authentication token
Sun Jan 13 17:17:13 2019 TUN/TAP device tun0 opened

2019-01-13 17:17:13,916 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:13 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sun Jan 13 17:17:13 2019 /usr/bin/ip link set dev tun0 up mtu 1500

2019-01-13 17:17:13,919 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:13 2019 /usr/bin/ip addr add dev tun0 local 10.33.11.6 peer 10.33.11.5

2019-01-13 17:17:13,926 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:13 2019 /root/openvpnup.sh tun0 1500 1558 10.33.11.6 10.33.11.5 init

2019-01-13 17:17:13,943 DEBG 'start-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2019-01-13 17:17:13,944 DEBG 'start-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2019-01-13 17:17:13,963 DEBG 'start-script' stdout output:
Sun Jan 13 17:17:13 2019 Initialization Sequence Completed

2019-01-13 17:17:14,012 DEBG 'start-script' stdout output:
[debug] Valid IP address from tunnel acquired '10.33.11.6'

2019-01-13 17:17:14,071 DEBG 'watchdog-script' stdout output:
[debug] Valid IP address from tunnel acquired '10.33.11.6'
[info] Deluge listening interface IP 0.0.0.0 and VPN provider IP 10.33.11.6 different, marking for reconfigure

2019-01-13 17:17:14,088 DEBG 'start-script' stdout output:
[debug] Valid IP address from tunnel acquired '10.33.11.6'

2019-01-13 17:17:14,090 DEBG 'start-script' stdout output:
[debug] Attempting to get external IP using Name Server 'ns1.google.com'...

2019-01-13 17:17:14,099 DEBG 'start-script' stdout output:
[debug] Valid IP address from tunnel acquired '10.33.11.6'

2019-01-13 17:17:14,100 DEBG 'watchdog-script' stdout output:
[info] Deluge not running

2019-01-13 17:17:14,101 DEBG 'start-script' stdout output:
[info] Strict port forwarding enabled, attempting to assign an incoming port...

2019-01-13 17:17:14,114 DEBG 'watchdog-script' stdout output:
[info] Deluge Web UI not running

2019-01-13 17:17:14,129 DEBG 'start-script' stdout output:
[info] Attempting to curl http://209.222.18.222:2000/?client_id=fd0cc6cc9ad80d3cf7718badb2d1b4f5ee3a071e6228b7a85090c96072bdec93...

2019-01-13 17:17:14,606 DEBG 'start-script' stdout output:
[info] Successfully retrieved external IP address 172.98.67.16

2019-01-13 17:17:14,727 DEBG 'watchdog-script' stdout output:
[debug] External IP address from tunnel is '172.98.67.16'

2019-01-13 17:17:14,728 DEBG 'watchdog-script' stdout output:
[debug] Waiting for file '/home/nobody/vpn_incoming_port.txt' to be generated (contains PIA API generated incoming port number)...

2019-01-13 17:17:16,347 DEBG 'start-script' stdout output:
[info] Curl successful for http://209.222.18.222:2000/?client_id=fd0cc6cc9ad80d3cf7718badb2d1b4f5ee3a071e6228b7a85090c96072bdec93, response code 200

2019-01-13 17:17:16,515 DEBG 'start-script' stdout output:
[debug] Successfully assigned incoming port 26360

2019-01-13 17:17:16,733 DEBG 'watchdog-script' stdout output:
[debug] Incoming port for tunnel is '26360'
[info] Deluge incoming port 6890 and VPN incoming port 26360 different, marking for reconfigure

2019-01-13 17:17:16,761 DEBG 'watchdog-script' stdout output:
[info] Attempting to start Deluge...
[info] Removing deluge pid file (if it exists)...

2019-01-13 17:17:18,189 DEBG 'watchdog-script' stdout output:
[info] Deluge listening interface currently defined as 0.0.0.0
[info] Deluge listening interface will be changed to 0.0.0.0
[info] Saving changes to Deluge config file /config/core.conf...

2019-01-13 17:17:18,671 DEBG 'watchdog-script' stdout output:
[info] Deluge process started

2019-01-13 17:17:18,672 DEBG 'watchdog-script' stdout output:
[info] Waiting for Deluge process to start listening on port 58846...

2019-01-13 17:17:21,163 DEBG 'watchdog-script' stdout output:
Setting random_port to False..
Configuration value successfully updated.

2019-01-13 17:17:22,332 DEBG 'watchdog-script' stdout output:
Setting listen_ports to (26360, 26360)..
Configuration value successfully updated.

2019-01-13 17:17:23,525 DEBG 'watchdog-script' stdout output:
[info] No torrents with state 'Error' found

2019-01-13 17:17:23,526 DEBG 'watchdog-script' stdout output:
[info] Starting Deluge Web UI...

2019-01-13 17:17:23,527 DEBG 'watchdog-script' stdout output:
[info] Deluge Web UI started

2019-01-13 17:17:23,527 DEBG 'watchdog-script' stdout output:
[debug] VPN incoming port is 26360
[debug] Deluge incoming port is 26360
[debug] VPN IP is 10.33.11.6
[debug] Deluge IP is 10.33.11.6

2019-01-13 17:17:44,029 DEBG 'start-script' stdout output:
[warn] OpenVPN process terminated, restarting OpenVPN...

2019-01-13 17:17:44,045 DEBG 'start-script' stdout output:

     

     

×
×
  • Create New...