[Support] binhex - DelugeVPN


Recommended Posts

yea, i double checked to ensure i did that.

 

so you defined port 6881 on the vpn providers website right?.

 

missed your first screenshot, that im assuming is a snippet of your routers webui right?, if so then your thinking about this in the wrong way, you dont setup the incoming port on your router, you set it up with your vpn provider and then configure deluge to use that port.

Link to comment

yea, i double checked to ensure i did that.

 

so you defined port 6881 on the vpn providers website right?.

 

missed your first screenshot, that im assuming is a snippet of your routers webui right?, if so then your thinking about this in the wrong way, you dont setup the incoming port on your router, you set it up with your vpn provider and then configure deluge to use that port.

 

requested the port in torguard. let's see how it goes. thanks

 

Screen_Shot_2017-01-03_at_1_45.19_PM.png.3c1e476d5762ad585988317e931d7bea.png

Link to comment

yea, i double checked to ensure i did that.

 

so you defined port 6881 on the vpn providers website right?.

 

missed your first screenshot, that im assuming is a snippet of your routers webui right?, if so then your thinking about this in the wrong way, you dont setup the incoming port on your router, you set it up with your vpn provider and then configure deluge to use that port.

 

requested the port in torguard. let's see how it goes. thanks

 

looks like torguard doesn't allow port forwardining. any other alternatives?

Screen_Shot_2017-01-03_at_10_04.36_PM.png.e728b032b09c577b0c51bacc9e75b94c.png

Link to comment

I have this docker working great on its own with PIA and have been attempting to connect the linuxserver.io couchpotato docker to the instance of privoxy included but aren't having much luck, other machines on the network can connect to privoxy so I'm not sure what's going on, could it be that the linuxserver.io docker is in a different subnet? The logs don't show anything but when I add the proxy server settings to couchpotato it loses Internet access.

 

Using the binhex vpn couchpotato docker isn't really an option as I think PIA has a 5 device limit.

Link to comment

yea, i double checked to ensure i did that.

 

so you defined port 6881 on the vpn providers website right?.

 

missed your first screenshot, that im assuming is a snippet of your routers webui right?, if so then your thinking about this in the wrong way, you dont setup the incoming port on your router, you set it up with your vpn provider and then configure deluge to use that port.

 

requested the port in torguard. let's see how it goes. thanks

 

looks like torguard doesn't allow port forwardining. any other alternatives?

Private internet access is the best, or airvpn are my two recommended

 

Sent from my SM-G900F using Tapatalk

 

 

Link to comment

I have this docker working great on its own with PIA and have been attempting to connect the linuxserver.io couchpotato docker to the instance of privoxy included but aren't having much luck, other machines on the network can connect to privoxy so I'm not sure what's going on, could it be that the linuxserver.io docker is in a different subnet? The logs don't show anything but when I add the proxy server settings to couchpotato it loses Internet access.

 

Using the binhex vpn couchpotato docker isn't really an option as I think PIA has a 5 device limit.

 

I've experimented with this in the past, it does work, but unfortunately breaks notifications to kodi on the LAN.

Link to comment

PIA user here, I'm getting very slow speed on UDP, capping out ~500kilobytes/sec on a 100mbps connection. TCP is a little faster at 3.5megabytes/sec but still slow (I'm assuming from the increased overhead). A few weeks ago this was all working fine, regularly hit 10megabytes/sec download.

 

Things seem to have slowed down after I installed (and have since uninstalled) the OpenVPN server app from the community applications repo. No improvements after restarting the server, the docker service, or recreating the container. Anyone have any ideas?

 

could it be your isp throttling your connection?, try downloading a file via http and see what speeds you hit, also you could try connecting to a different PIA endpoint and see if that helps.

 

I think I fixed my issue. Uninstalling DelugeVPN, turning off the docker service, rebooting the machine, enabling the docker service, and reinstalling the app fixed my speeds. Back up to 10 megabytes/sec. I still have no idea what was going wrong.

Link to comment

 

I've experimented with this in the past, it does work, but unfortunately breaks notifications to kodi on the LAN.

 

I've been playing about with it a bit more and think it is managing to connect to the net through privoxy but the problem seems to be with connecting to sab when http requests are going through the proxy.

 

I'm not bothered about notifications, did you happen to get any further than I have? ie. manage to get couch to send the nzb to sab with privoxy enabled?

Link to comment

 

I've experimented with this in the past, it does work, but unfortunately breaks notifications to kodi on the LAN.

 

I've been playing about with it a bit more and think it is managing to connect to the net through privoxy but the problem seems to be with connecting to sab when http requests are going through the proxy.

 

I'm not bothered about notifications, did you happen to get any further than I have? ie. manage to get couch to send the nzb to sab with privoxy enabled?

 

Nope, only way round it would be to send it via sab on a reverse proxy.

Link to comment

Trying not to open sab up to the Internet, was hoping the LAN_NETWORK setting in the deluge docker would bypass the VPN for addresses in the specified range and allow a route to sab but no luck, guess I'm going to have to dig around in the privoxy configuration files.

Link to comment

Trying not to open sab up to the Internet, was hoping the LAN_NETWORK setting in the deluge docker would bypass the VPN for addresses in the specified range and allow a route to sab but no luck, guess I'm going to have to dig around in the privoxy configuration files.

That's exactly what it's for, in my testing I was able to connect from couchpotato running on another host on my LAN to delugevpn with success, can't see why you couldn't do the same for sab

 

Sent from my SM-G900F using Tapatalk

 

 

Link to comment

Trying not to open sab up to the Internet, was hoping the LAN_NETWORK setting in the deluge docker would bypass the VPN for addresses in the specified range and allow a route to sab but no luck, guess I'm going to have to dig around in the privoxy configuration files.

That's exactly what it's for, in my testing I was able to connect from couchpotato running on another host on my LAN to delugevpn with success, can't see why you couldn't do the same for sab

 

Sent from my SM-G900F using Tapatalk

 

I think the problem is that the sab api uses http so it's forced through privoxy when the proxy is set in couchpotato which then tries to connect to sab through the VPN which will obviously fail, couchpotato currently connects fine to deluge even with the proxy enabled in its settings, I'm assuming because the deluge daemon uses a different protocol.

Link to comment

I think the problem is that the sab api uses http so it's forced through privoxy when the proxy is set in couchpotato which then tries to connect to sab through the VPN which will obviously fail, couchpotato currently connects fine to deluge even with the proxy enabled in its settings, I'm assuming because the deluge daemon uses a different protocol.

 

I was wrong about that, I've done some testing but can't work it out, might be a problem with the routing table, although I've added a route in the openvpn config and it didn't help. Privoxy can't connect to the LAN no matter what I try (although it can connect to the deluge web ui in the same docker). I'm going to just install openvpn on my router and pipe everything through that unless anybody has any other ideas?

Link to comment

I think the problem is that the sab api uses http so it's forced through privoxy when the proxy is set in couchpotato which then tries to connect to sab through the VPN which will obviously fail, couchpotato currently connects fine to deluge even with the proxy enabled in its settings, I'm assuming because the deluge daemon uses a different protocol.

 

I was wrong about that, I've done some testing but can't work it out, might be a problem with the routing table, although I've added a route in the openvpn config and it didn't help. Privoxy can't connect to the LAN no matter what I try (although it can connect to the deluge web ui in the same docker). I'm going to just install openvpn on my router and pipe everything through that unless anybody has any other ideas?

 

There's nothing wrong with the way the container is out the box, I can access my LAN just fine.  My LAN network is setup as 192.168.0.0/24  The only problem I've found is Couch won't connect to Plex or Kodi if it's configured to use the privoxy feature, it still works with deluge, nzbget and emby.  Sonarr will use the privoxy just fine as long as it's set to bypass proxy for local addresses which leads me to conclude the issue is with Couch not Privoxy.

Link to comment

I think the problem is that the sab api uses http so it's forced through privoxy when the proxy is set in couchpotato which then tries to connect to sab through the VPN which will obviously fail, couchpotato currently connects fine to deluge even with the proxy enabled in its settings, I'm assuming because the deluge daemon uses a different protocol.

 

I was wrong about that, I've done some testing but can't work it out, might be a problem with the routing table, although I've added a route in the openvpn config and it didn't help. Privoxy can't connect to the LAN no matter what I try (although it can connect to the deluge web ui in the same docker). I'm going to just install openvpn on my router and pipe everything through that unless anybody has any other ideas?

 

There's nothing wrong with the way the container is out the box, I can access my LAN just fine.  My LAN network is setup as 192.168.0.0/24  The only problem I've found is Couch won't connect to Plex or Kodi if it's configured to use the privoxy feature, it still works with deluge, nzbget and emby.  Sonarr will use the privoxy just fine as long as it's set to bypass proxy for local addresses which leads me to conclude the issue is with Couch not Privoxy.

 

Maybe its just my setup then, one of the things I tested to try and get to the bottom of it was set Firefox to use privoxy, I could get out to the Internet at large, access privoxys configuration pages and connect to the deluge webui but anything on the LAN couldn't be reached. Couldn't even connect to unraids web interface.

Link to comment

I think the problem is that the sab api uses http so it's forced through privoxy when the proxy is set in couchpotato which then tries to connect to sab through the VPN which will obviously fail, couchpotato currently connects fine to deluge even with the proxy enabled in its settings, I'm assuming because the deluge daemon uses a different protocol.

 

I was wrong about that, I've done some testing but can't work it out, might be a problem with the routing table, although I've added a route in the openvpn config and it didn't help. Privoxy can't connect to the LAN no matter what I try (although it can connect to the deluge web ui in the same docker). I'm going to just install openvpn on my router and pipe everything through that unless anybody has any other ideas?

 

There's nothing wrong with the way the container is out the box, I can access my LAN just fine.  My LAN network is setup as 192.168.0.0/24  The only problem I've found is Couch won't connect to Plex or Kodi if it's configured to use the privoxy feature, it still works with deluge, nzbget and emby.  Sonarr will use the privoxy just fine as long as it's set to bypass proxy for local addresses which leads me to conclude the issue is with Couch not Privoxy.

 

Maybe its just my setup then, one of the things I tested to try and get to the bottom of it was set Firefox to use privoxy, I could get out to the Internet at large, access privoxys configuration pages and connect to the deluge webui but anything on the LAN couldn't be reached. Couldn't even connect to unraids web interface.

 

That's a config error.  Try something like this.  Note the No Proxy box.

 

R0k3u9V.png

Link to comment

Thanks, but that's the thing, I know that will work but it works by bypassing privoxy altogether for the local subnet. The reason I didn't do that is because I wanted to check if privoxy could connect to the LAN and it couldn't which is why it can't connect to sab. I was just trying to diagnose the problem.

Link to comment

Thanks, but that's the thing, I know that will work but it works by bypassing privoxy altogether for the local subnet. The reason I didn't do that is because I wanted to check if privoxy could connect to the LAN and it couldn't which is why it can't connect to sab. I was just trying to diagnose the problem.

 

Is this to do with CP?  I only ask as I'm under the impression CP doesn't implement it's proxy feature particularly well. 

 

4.19. How can I tell Privoxy to totally ignore certain sites?

 

Bypassing a proxy, or proxying based on arbitrary criteria, is purely a browser configuration issue, not a Privoxy issue. Modern browsers typically do have settings for not proxying certain sites. Check your browser's help files.

 

Link to comment

I was testing with Firefox connected to privoxy (CP wasn't involved), the fact that Firefox can't connect to any LAN address through privoxy leads me to believe that the routing inside the docker doesn't allow it to. I'm not very experienced with docker, trying to ping a LAN IP from within the docker would confirm it (I'd expect it to come back unreachable) but I'm not sure how to go about doing that. Thanks for your help in trying to get to the bottom of it.

Link to comment

I was testing with Firefox connected to privoxy (CP wasn't involved), the fact that Firefox can't connect to any LAN address through privoxy leads me to believe that the routing inside the docker doesn't allow it to. I'm not very experienced with docker, trying to ping a LAN IP from within the docker would confirm it (I'd expect it to come back unreachable) but I'm not sure how to go about doing that. Thanks for your help in trying to get to the bottom of it.

 

I can ping a local IP from within the container.

 

docker exec -it delugevpn bash 

 

Will get you into a terminal within the container.  So I'm assuming that isn't being routed over privoxy, however if you're connected to privoxy then that's a different kettle of fish I guess.  But as the section from the privoxy manual above I quoted says, it's a browser function not a privoxy function.

 

root@server:~# docker exec -it deluge bash
[root@53fcc86a1c27 /]# ping 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
64 bytes from 192.168.0.2: icmp_seq=1 ttl=127 time=0.297 ms
64 bytes from 192.168.0.2: icmp_seq=2 ttl=127 time=0.275 ms
64 bytes from 192.168.0.2: icmp_seq=3 ttl=127 time=0.274 ms
64 bytes from 192.168.0.2: icmp_seq=4 ttl=127 time=0.280 ms
64 bytes from 192.168.0.2: icmp_seq=5 ttl=127 time=0.305 ms
64 bytes from 192.168.0.2: icmp_seq=6 ttl=127 time=0.305 ms
64 bytes from 192.168.0.2: icmp_seq=7 ttl=127 time=0.300 ms
64 bytes from 192.168.0.2: icmp_seq=8 ttl=127 time=0.281 ms
64 bytes from 192.168.0.2: icmp_seq=9 ttl=127 time=0.294 ms
^C
--- 192.168.0.2 ping statistics ---
9 packets transmitted, 9 received, 0% packet loss, time 8180ms
rtt min/avg/max/mdev = 0.274/0.290/0.305/0.014 ms
[root@53fcc86a1c27 /]# 

 

I am using the DelugeVPN container, I just have it called deluge btw.

Link to comment

Thanks for that, thats a useful command !

 

I too can ping LAN IP addresses, I have noticed something odd though;

 

This if from within unraid:

 

root@unRAID:~# tracepath 192.168.1.1
1?: [LOCALHOST]                                         pmtu 1500
1:  192.168.1.1                                           0.546ms reached
1:  192.168.1.1                                           0.317ms reached
     Resume: pmtu 1500 hops 1 back 1

 

and this is from within the docker;

 

[root@823a00624032 /]# tracepath 192.168.1.1
1?: [LOCALHOST]                                         pmtu 1500
1:  send failed
1:  send failed
     Resume: pmtu 1500

 

now I'm inside I'll play about with it a bit and see if I can figure it out.

Link to comment

Thanks, but that's the thing, I know that will work but it works by bypassing privoxy altogether for the local subnet. The reason I didn't do that is because I wanted to check if privoxy could connect to the LAN and it couldn't which is why it can't connect to sab. I was just trying to diagnose the problem.

 

ok so to be clear on the issue/feature request:-

 

you want to be able to set cp to use privoxy to force cp to use the vpn when accessing index sites

you want cp to also be able to notify kodi/plex when a download completes, which of course would be a dest of your local lan

problem is cp cannot connect to local lan resources AND be configured to use privoxy

 

is this the problem?, or at least one of the scenario's you are trying to fix?.

Link to comment

Thanks, but that's the thing, I know that will work but it works by bypassing privoxy altogether for the local subnet. The reason I didn't do that is because I wanted to check if privoxy could connect to the LAN and it couldn't which is why it can't connect to sab. I was just trying to diagnose the problem.

 

ok so to be clear on the issue/feature request:-

 

you want to be able to set cp to use privoxy to force cp to use the vpn when accessing index sites

you want cp to also be able to notify kodi/plex when a download completes, which of course would be a dest of your local lan

problem is cp cannot connect to local lan resources AND be configured to use privoxy

 

is this the problem?, or at least one of the scenario's you are trying to fix?.

 

Correct, I think I've fixed the problem by;

 

commenting out this line out in privoxy config file;

#      permit-access  192.168.1.0/24

 

and adding the following iptables rules;

iptables -I INPUT -i eth0 -p tcp -s 192.168.1.0/24 -j ACCEPT

iptables -I OUTPUT -p tcp -d 192.168.1.0/24 -j ACCEPT

 

The IP addresses are the same as those specified in the LAN_NETWORK variable of the container so maybe this could be added to the docker so it persists?

 

All now seems to work as expected.

Link to comment

Thanks, but that's the thing, I know that will work but it works by bypassing privoxy altogether for the local subnet. The reason I didn't do that is because I wanted to check if privoxy could connect to the LAN and it couldn't which is why it can't connect to sab. I was just trying to diagnose the problem.

 

ok so to be clear on the issue/feature request:-

 

you want to be able to set cp to use privoxy to force cp to use the vpn when accessing index sites

you want cp to also be able to notify kodi/plex when a download completes, which of course would be a dest of your local lan

problem is cp cannot connect to local lan resources AND be configured to use privoxy

 

is this the problem?, or at least one of the scenario's you are trying to fix?.

 

Correct, I think I've fixed the problem by;

 

commenting out this line out in privoxy config file;

#      permit-access  192.168.1.0/24

 

and adding the following iptables rules;

iptables -I INPUT -i eth0 -p tcp -s 192.168.1.0/24 -j ACCEPT

iptables -I OUTPUT -p tcp -d 192.168.1.0/24 -j ACCEPT

 

The IP addresses are the same as those specified in the LAN_NETWORK variable of the container so maybe this could be added to the docker so it persists?

 

All now seems to work as expected.

 

thanks for that, done a bit of testing and come up with a slightly tighter config (the tighter the better, to prevent any chance of ip leakage), the below works for me in testing:-

 

# accept input from local lan to docker network (any port)
iptables -A INPUT -i eth0 -p tcp -s 192.168.1.0/24 -d 172.17.0.0/16 -j ACCEPT

# accept output from docker network to local lan (any port)
iptables -A OUTPUT -o eth0 -p tcp -s 172.17.0.0/16 -d 192.168.1.0/24 -j ACCEPT

 

btw not sure why you had to comment out permit-access in the privoxy config file, this isnt set by me?.

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.