Hi,
I have the same problem as kurdy34 but ip_mangle module is loaded on my ubuntu. I'm using AirVPN. When I set VPN_ENABLED=no, I can access to the WebUI from my public IP X.X.X.X:8112 but if I set VPN_ENABLED=yes, it breaks the WebUI. When I create a ssh tunnel, I can access to the WebUI from localhost:8112.
This is my docker-compose.yml :
version: '3.7'
services:
deluge:
image: binhex/arch-delugevpn:latest
container_name: deluge
restart: always
cap_add:
- NET_ADMIN
ports:
- 8112:8112
- 8118:8118
- 58846:58846
- 58946:58946
environment:
- PUID=${PUID}
- PGID=${PGID}
- VPN_ENABLED=yes
- VPN_PROV=airvpn
- ENABLE_PRIVOXY=yes
- LAN_NETWORK=192.168.1.0/24
- NAME_SERVERS=209.222.18.222,37.235.1.174,8.8.8.8,209.222.18.218,37.235.1.177,8.8.4.4
- UMASK=000
- DEBUG=false
volumes:
- /home/media/deluge/config:/config
- /etc/localtime:/etc/localtime:ro
- ${PATH_DOWNLOADS}:/downloads
And my logs :
Created by...
___. .__ .__
\_ |__ |__| ____ | |__ ____ ___ ___
| __ \| |/ \| | \_/ __ \\ \/ /
| \_\ \ | | \ Y \ ___/ > <
|___ /__|___| /___| /\___ >__/\_ \
\/ \/ \/ \/ \/
https://hub.docker.com/u/binhex/
2019-09-13 11:54:31.704033 [info] System information Linux c3e3ddb4fc05 4.15.0-52-generic #56-Ubuntu SMP Tue Jun 4 22:49:08 UTC 2019 x86_64 GNU/Linux
2019-09-13 11:54:31.840883 [info] PUID defined as '1001'
2019-09-13 11:54:32.017950 [info] PGID defined as '1001'
2019-09-13 11:54:32.183732 [info] UMASK defined as '000'
2019-09-13 11:54:32.299525 [info] Permissions already set for volume mappings
2019-09-13 11:54:32.428025 [info] DELUGE_DAEMON_LOG_LEVEL not defined,(via -e DELUGE_DAEMON_LOG_LEVEL), defaulting to 'info'
2019-09-13 11:54:32.544359 [info] DELUGE_WEB_LOG_LEVEL not defined,(via -e DELUGE_WEB_LOG_LEVEL), defaulting to 'info'
2019-09-13 11:54:32.661192 [info] VPN_ENABLED defined as 'yes'
2019-09-13 11:54:32.795653 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/AirVPN_Germany_UDP-443.ovpn
dos2unix: converting file /config/openvpn/AirVPN_Germany_UDP-443.ovpn to Unix format...
2019-09-13 11:54:32.957344 [info] VPN remote line defined as 'remote de.vpn.airdns.org 443'
2019-09-13 11:54:33.074783 [info] VPN_REMOTE defined as 'de.vpn.airdns.org'
2019-09-13 11:54:33.197060 [info] VPN_PORT defined as '443'
2019-09-13 11:54:33.325685 [info] VPN_PROTOCOL defined as 'udp'
2019-09-13 11:54:33.443835 [info] VPN_DEVICE_TYPE defined as 'tun0'
2019-09-13 11:54:33.559958 [info] VPN_PROV defined as 'airvpn'
2019-09-13 11:54:33.678633 [info] LAN_NETWORK defined as '192.168.1.0/24'
2019-09-13 11:54:33.796067 [info] NAME_SERVERS defined as '209.222.18.222,37.235.1.174,8.8.8.8,209.222.18.218,37.235.1.177,8.8.4.4'
2019-09-13 11:54:33.913313 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2019-09-13 11:54:34.031323 [info] ENABLE_PRIVOXY defined as 'yes'
2019-09-13 11:54:34.652926 [info] Starting Supervisor...
2019-09-13 11:54:35,463 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2019-09-13 11:54:35,463 INFO Set uid to user 0 succeeded
2019-09-13 11:54:35,472 INFO supervisord started with pid 7
2019-09-13 11:54:36,477 INFO spawned: 'start-script' with pid 142
2019-09-13 11:54:36,482 INFO spawned: 'watchdog-script' with pid 143
2019-09-13 11:54:36,484 INFO reaped unknown pid 8
2019-09-13 11:54:36,512 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN
2019-09-13 11:54:36,513 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2019-09-13 11:54:36,513 INFO success: watchdog-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2019-09-13 11:54:36,521 DEBG 'watchdog-script' stderr output:
dos2unix:
2019-09-13 11:54:36,522 DEBG 'watchdog-script' stderr output:
converting file /config/core.conf to Unix format...
2019-09-13 11:54:36,644 DEBG 'start-script' stdout output:
[info] Default route for container is 172.18.0.1
2019-09-13 11:54:36,656 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.222 to /etc/resolv.conf
2019-09-13 11:54:36,667 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.174 to /etc/resolv.conf
2019-09-13 11:54:36,678 DEBG 'start-script' stdout output:
[info] Adding 8.8.8.8 to /etc/resolv.conf
2019-09-13 11:54:36,689 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.218 to /etc/resolv.conf
2019-09-13 11:54:36,700 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.177 to /etc/resolv.conf
2019-09-13 11:54:36,711 DEBG 'start-script' stdout output:
[info] Adding 8.8.4.4 to /etc/resolv.conf
2019-09-13 11:54:36,896 DEBG 'start-script' stdout output:
[info] Attempting to load tun kernel module...
2019-09-13 11:54:36,900 DEBG 'start-script' stderr output:
modprobe: FATAL: Module tun not found in directory /lib/modules/4.15.0-52-generic
2019-09-13 11:54:36,901 DEBG 'start-script' stdout output:
[warn] Unable to load tun kernel module using modprobe, trying insmod...
2019-09-13 11:54:36,905 DEBG 'start-script' stderr output:
insmod: ERROR: could not load module /lib/modules/tun.ko: No such file or directory
2019-09-13 11:54:36,906 DEBG 'start-script' stdout output:
[warn] Unable to load tun kernel module, assuming its dynamically loaded
2019-09-13 11:54:36,992 DEBG 'start-script' stdout output:
[info] Docker network defined as 172.18.0.0/16
2019-09-13 11:54:37,004 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0
2019-09-13 11:54:37,008 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------
2019-09-13 11:54:37,012 DEBG 'start-script' stdout output:
default via 172.18.0.1 dev eth0
172.18.0.0/16 dev eth0 proto kernel scope link src 172.18.0.2
192.168.1.0/24 via 172.18.0.1 dev eth0
2019-09-13 11:54:37,013 DEBG 'start-script' stdout output:
--------------------
2019-09-13 11:54:37,025 DEBG 'start-script' stdout output:
iptable_mangle 16384 0
ip_tables 28672 3 iptable_filter,iptable_nat,iptable_mangle
x_tables 40960 9 xt_conntrack,iptable_filter,xt_tcpudp,ipt_MASQUERADE,xt_addrtype,xt_nat,ip_tables,iptable_mangle,xt_mark
2019-09-13 11:54:37,026 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables
2019-09-13 11:54:37,266 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------
2019-09-13 11:54:37,272 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT DROP
-A INPUT -s 172.18.0.0/16 -d 172.18.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 443 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -d 172.18.0.0/16 -i eth0 -p tcp -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i tun0 -j ACCEPT
-A OUTPUT -s 172.18.0.0/16 -d 172.18.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 443 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -s 172.18.0.0/16 -d 192.168.1.0/24 -o eth0 -p tcp -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
2019-09-13 11:54:37,275 DEBG 'start-script' stdout output:
--------------------
2019-09-13 11:54:37,278 DEBG 'start-script' stdout output:
[info] Starting OpenVPN...
2019-09-13 11:54:37,302 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 OpenVPN 2.4.7 [git:makepkg/2b8aec62d5db2c17+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 19 2019
Fri Sep 13 11:54:37 2019 library versions: OpenSSL 1.1.1c 28 May 2019, LZO 2.10
2019-09-13 11:54:37,305 DEBG 'start-script' stdout output:
[info] OpenVPN started
Fri Sep 13 11:54:37 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2019-09-13 11:54:37,306 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2019-09-13 11:54:37,307 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2019-09-13 11:54:37,309 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]185.189.112.10:443
2019-09-13 11:54:37,310 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 Socket Buffers: R=[212992->212992] S=[212992->212992]
2019-09-13 11:54:37,311 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 UDP link local: (not bound)
2019-09-13 11:54:37,312 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 UDP link remote: [AF_INET]185.189.112.10:443
2019-09-13 11:54:37,325 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 TLS: Initial packet from [AF_INET]185.189.112.10:443, sid=17298955 46033647
2019-09-13 11:54:37,369 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA,
[email protected]
2019-09-13 11:54:37,371 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 VERIFY KU OK
Fri Sep 13 11:54:37 2019 Validating certificate extended key usage
2019-09-13 11:54:37,372 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Sep 13 11:54:37 2019 VERIFY EKU OK
Fri Sep 13 11:54:37 2019 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Errai,
[email protected]
2019-09-13 11:54:37,875 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:37 2019 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Fri Sep 13 11:54:37 2019 [Errai] Peer Connection Initiated with [AF_INET]185.189.112.10:443
2019-09-13 11:54:38,927 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:38 2019 SENT CONTROL [Errai]: 'PUSH_REQUEST' (status=1)
2019-09-13 11:54:38,939 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:38 2019 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.16.184.1,route-gateway 10.16.184.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.16.184.239 255.255.255.0,peer-id 1,cipher AES-256-GCM'
2019-09-13 11:54:38,939 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:38 2019 OPTIONS IMPORT: timers and/or timeouts modified
Fri Sep 13 11:54:38 2019 OPTIONS IMPORT: compression parms modified
Fri Sep 13 11:54:38 2019 OPTIONS IMPORT: --ifconfig/up options modified
Fri Sep 13 11:54:38 2019 OPTIONS IMPORT: route options modified
Fri Sep 13 11:54:38 2019 OPTIONS IMPORT: route-related options modified
Fri Sep 13 11:54:38 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Sep 13 11:54:38 2019 OPTIONS IMPORT: peer-id set
Fri Sep 13 11:54:38 2019 OPTIONS IMPORT: adjusting link_mtu to 1625
Fri Sep 13 11:54:38 2019 OPTIONS IMPORT: data channel crypto options modified
Fri Sep 13 11:54:38 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
2019-09-13 11:54:38,940 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:38 2019 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Sep 13 11:54:38 2019 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2019-09-13 11:54:38,941 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:38 2019 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02
2019-09-13 11:54:38,941 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:38 2019 TUN/TAP device tun0 opened
Fri Sep 13 11:54:38 2019 TUN/TAP TX queue length set to 100
Fri Sep 13 11:54:38 2019 /usr/bin/ip link set dev tun0 up mtu 1500
2019-09-13 11:54:38,946 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:38 2019 /usr/bin/ip addr add dev tun0 10.16.184.239/24 broadcast 10.16.184.255
2019-09-13 11:54:38,951 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:38 2019 /root/openvpnup.sh tun0 1500 1553 10.16.184.239 255.255.255.0 init
2019-09-13 11:54:39,110 DEBG 'start-script' stdout output:
[info] Application does not require port forwarding or VPN provider is != pia, skipping incoming port assignment
2019-09-13 11:54:39,111 DEBG 'start-script' stdout output:
[info] Checking we can resolve name 'www.google.com' to address...
2019-09-13 11:54:39,123 DEBG 'start-script' stdout output:
[debug] Having issues resolving name 'www.google.com', sleeping before retry...
2019-09-13 11:54:44,012 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:44 2019 /usr/bin/ip route add 185.189.112.10/32 via 172.18.0.1
2019-09-13 11:54:44,018 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:44 2019 /usr/bin/ip route add 0.0.0.0/1 via 10.16.184.1
2019-09-13 11:54:44,023 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:44 2019 /usr/bin/ip route add 128.0.0.0/1 via 10.16.184.1
2019-09-13 11:54:44,028 DEBG 'start-script' stdout output:
Fri Sep 13 11:54:44 2019 Initialization Sequence Completed
2019-09-13 11:54:44,240 DEBG 'start-script' stdout output:
[info] DNS operational, we can resolve name 'www.google.com' to address '172.217.9.36'
2019-09-13 11:54:44,247 DEBG 'start-script' stdout output:
[info] Attempting to get external IP using Name Server 'ns1.google.com'...
2019-09-13 11:54:44,346 DEBG 'start-script' stdout output:
[info] Successfully retrieved external IP address 185.189.112.11
2019-09-13 11:54:44,404 DEBG 'watchdog-script' stdout output:
[info] Deluge listening interface IP 0.0.0.0 and VPN provider IP 10.16.184.239 different, marking for reconfigure
2019-09-13 11:54:44,420 DEBG 'watchdog-script' stdout output:
[info] Deluge not running
2019-09-13 11:54:44,432 DEBG 'watchdog-script' stdout output:
[info] Deluge Web UI not running
2019-09-13 11:54:44,446 DEBG 'watchdog-script' stdout output:
[info] Privoxy not running
[info] Attempting to start Deluge...
[info] Removing deluge pid file (if it exists)...
2019-09-13 11:54:45,837 DEBG 'watchdog-script' stdout output:
[info] Deluge key 'listen_interface' currently has an undefined value
[info] Deluge key 'listen_interface' will have a new value '10.16.184.239'
[info] Writing changes to Deluge config file '/config/core.conf'...
2019-09-13 11:54:47,345 DEBG 'watchdog-script' stdout output:
[info] Deluge key 'outgoing_interface' currently has an undefined value
[info] Deluge key 'outgoing_interface' will have a new value 'tun0'
[info] Writing changes to Deluge config file '/config/core.conf'...
2019-09-13 11:54:48,235 DEBG 'watchdog-script' stdout output:
[info] Deluge key 'default_daemon' currently has a value of 'b26e3e763b004823b66e5304b1a56f81'
[info] Deluge key 'default_daemon' will have a new value 'b26e3e763b004823b66e5304b1a56f81'
[info] Writing changes to Deluge config file '/config/web.conf'...
2019-09-13 11:54:49,667 DEBG 'watchdog-script' stdout output:
[info] Deluge process started
[info] Waiting for Deluge process to start listening on port 58846...
2019-09-13 11:54:50,409 DEBG 'watchdog-script' stdout output:
[info] Deluge process listening on port 58846
2019-09-13 11:55:04,425 DEBG 'watchdog-script' stdout output:
[info] No torrents with state 'Error' found
2019-09-13 11:55:04,426 DEBG 'watchdog-script' stdout output:
[info] Starting Deluge Web UI...
2019-09-13 11:55:04,426 DEBG 'watchdog-script' stdout output:
[info] Deluge Web UI started
2019-09-13 11:55:04,442 DEBG 'watchdog-script' stdout output:
[info] Attempting to start Privoxy...
2019-09-13 11:55:05,460 DEBG 'watchdog-script' stdout output:
[info] Privoxy process started
[info] Waiting for Privoxy process to start listening on port 8118...
2019-09-13 11:55:05,480 DEBG 'watchdog-script' stdout output:
[info] Privoxy process listening on port 8118
Thanks in advance !