[Support] binhex - DelugeVPN


Recommended Posts

11 minutes ago, binhex said:

I would suspect that remote endpoint you are attempting to connect to doesn't exist any more, that's the problem with specifying an IP address instead of a hostname.

Sent from my SM-G935F using Tapatalk
 

 

I didn't realize I was still using one of the .ovpn files with a static IP. I switch to use the name server. Still seems to be doing the same thing. I used the exact same file and was able to connect on my other machine.


I logged into the docker and checked the IP in the docker and it is correctly connecting to the VPN with no leaks. I added my supervisord.log again with the new .ovpn file running

 

supervisord.log

Link to comment
 
I didn't realize I was still using one of the .ovpn files with a static IP. I switch to use the name server. Still seems to be doing the same thing. I used the exact same file and was able to connect on my other machine.

I logged into the docker and checked the IP in the docker and it is correctly connecting to the VPN with no leaks. I added my supervisord.log again with the new .ovpn file running
 
supervisord.log
That looks much better and is a successful start, did you check to see if you could access the web UI?

Sent from my SM-G935F using Tapatalk

Link to comment
3 hours ago, binhex said:

That looks much better and is a successful start, did you check to see if you could access the web UI?

Sent from my SM-G935F using Tapatalk
 

Still have the unabled to connect.

I noticed this in the unraid logs.

 

Quote

2018-07-06 20:37:11,825 DEBG 'deluge-script' stdout output:
[info] Deluge started

2018-07-06 20:37:12,239 DEBG 'deluge-script' stdout output:
[debug] VPN incoming port is
[debug] VPN IP is 10.8.8.8
[debug] Deluge incoming port is
[debug] Deluge IP is 10.8.8.8

Where there are no port numbers being displayed. I was wondering if this had anything to do with it.

Link to comment
On 7/7/2018 at 1:38 AM, unidentifiedme said:

Still have the unabled to connect.

I noticed this in the unraid logs.

 

Where there are no port numbers being displayed. I was wondering if this had anything to do with it.

 

no that is simply telling you it cant assign a incoming port, which it wont be able to do as you arent using PIA, so you need to manually configure that.

 

try the following:-

 

1. turn off any firewalls on the pc you are connecting from.

2. try a different browser

3. try a different pc/tablet/phone

4.check firewall on your router, possibly lan side firewall enabled (pfsense can do this).

Link to comment

4 days and still no joy, Love the repo binhex. I have been using it with great success, the issue is that i had to make some changes due to a network change. the config and docker file got corrupted no problem i removed it and reinstalled but now i cant access the deluge-web portal unless i kill the deluge-web process running as nobody and restart it (it will then start as root). Here is my file for docker generation:

 

sudo docker run -d \
--cap-add=NET_ADMIN \
--restart=unless-stopped \
-p 8112:8112 \
-p 8118:8118 \
-p 58846:58846 \
-p 58946:58946 \
--name=delugevpn \
-v /srv/dev-disk-by-label-Torrent/Torrent:/downloads \
-v /srv/dev-disk-by-label-Torrent/Torrent:/data \
-v /srv/dev-disk-by-label-Torrent/Docker/delugevpn:/config \
-v /etc/localtime:/etc/localtime:ro \
-e VPN_ENABLED=yes \
-e VPN_USER=-------- \
-e VPN_PASS="----------" \
-e VPN_REMOTE=nl.privateinternetaccess.com \
-e VPN_PORT=1198 \
-e VPN_PROTOCOL=udp \
-e VPN_DEVICE_TYPE=tun \
-e VPN_PROV=pia \
-e STRONG_CERTS=no \
-e STRICT_PORT_FORWARD=yes \
-e ENABLE_PRIVOXY=yes \
-e LAN_NETWORK=192.168.42.0/24 \
-e NAME_SERVERS=209.222.18.222,209.222.18.21,8.8.8.8,8.8.4.4 \
-e DEBUG=false \
-e UMASK=000 \
-e PUID=1000 \
-e PGID=1000 \
binhex/arch-delugevpn

 

Thank you again.

supervisord.log

Edited by H8ing-Life
Link to comment
8 hours ago, H8ing-Life said:

4 days and still no joy, Love the repo binhex. I have been using it with great success, the issue is that i had to make some changes due to a network change. the config and docker file got corrupted no problem i removed it and reinstalled but now i cant access the deluge-web portal unless i kill the deluge-web process running as nobody and restart it (it will then start as root). Here is my file for docker generation:

 

sudo docker run -d \
--cap-add=NET_ADMIN \
--restart=unless-stopped \
-p 8112:8112 \
-p 8118:8118 \
-p 58846:58846 \
-p 58946:58946 \
--name=delugevpn \
-v /srv/dev-disk-by-label-Torrent/Torrent:/downloads \
-v /srv/dev-disk-by-label-Torrent/Torrent:/data \
-v /srv/dev-disk-by-label-Torrent/Docker/delugevpn:/config \
-v /etc/localtime:/etc/localtime:ro \
-e VPN_ENABLED=yes \
-e VPN_USER=-------- \
-e VPN_PASS="----------" \
-e VPN_REMOTE=nl.privateinternetaccess.com \
-e VPN_PORT=1198 \
-e VPN_PROTOCOL=udp \
-e VPN_DEVICE_TYPE=tun \
-e VPN_PROV=pia \
-e STRONG_CERTS=no \
-e STRICT_PORT_FORWARD=yes \
-e ENABLE_PRIVOXY=yes \
-e LAN_NETWORK=192.168.42.0/24 \
-e NAME_SERVERS=209.222.18.222,209.222.18.21,8.8.8.8,8.8.4.4 \
-e DEBUG=false \
-e UMASK=000 \
-e PUID=1000 \
-e PGID=1000 \
binhex/arch-delugevpn

 

Thank you again.

supervisord.log

 

im not sure what 'network change' you made but i would guess you are now not allowing outbound connections to port 1198 and thus openvpn is unable to connect to the vpn provider, snippet from your log showing the start of openvpn and then failure to connect and subsequent restart:-

2018-07-10 21:59:14,626 DEBG 'start-script' stdout output:
[info] OpenVPN started

2018-07-10 21:59:14,626 DEBG 'start-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2018-07-10 21:59:14,627 DEBG 'start-script' stdout output:
Tue Jul 10 21:59:14 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2018-07-10 21:59:14,628 DEBG 'start-script' stdout output:
Tue Jul 10 21:59:14 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]46.166.190.225:1198

2018-07-10 21:59:14,628 DEBG 'start-script' stdout output:
Tue Jul 10 21:59:14 2018 UDP link local: (not bound)
Tue Jul 10 21:59:14 2018 UDP link remote: [AF_INET]46.166.190.225:1198

2018-07-10 22:00:14,349 DEBG 'start-script' stdout output:
Tue Jul 10 22:00:14 2018 [UNDEF] Inactivity timeout (--ping-restart), restarting

so take a look at your router, firewall, pfsense box, host etc, back track through what you have changed.

Link to comment

Hi,

 

Any posts on reverse proxying with nginx and blank screens? Kinda hard to read through 138 pages =/

Been searching google and tried different types of settings, all resulting in a blank page but working title bar..

 

location /deluge {
    proxy_set_header  X-Deluge-Base "/deluge/";
    include /config/nginx/proxy.conf;
    set $upstream_deluge 192.168.3.61;
    proxy_pass http://$upstream_deluge:8112/;

It doenst matter if i use proxy_set_header and not set base in web.conf. If i set base in web.conf i even cant access the normal ui without reverse proxy.

That also gives me a blank page and working title.

Edited by Tuumke
Link to comment
38 minutes ago, Tuumke said:

Hi,

 

Any posts on reverse proxying with nginx and blank screens? Kinda hard to read through 138 pages =/

Been searching google and tried different types of settings, all resulting in a blank page but working title bar..

 


location /deluge {
    proxy_set_header  X-Deluge-Base "/deluge/";
    include /config/nginx/proxy.conf;
    set $upstream_deluge 192.168.3.61;
    proxy_pass http://$upstream_deluge:8112/;

It doenst matter if i use proxy_set_header and not set base in web.conf. If i set base in web.conf i even cant access the normal ui without reverse proxy.

That also gives me a blank page and working title.

Here is my LE reverse proxy block.

location /deluge {
		proxy_set_header X-Deluge-Base "/deluge/";
		add_header X-Frame-Options SAMEORIGIN;
		include /config/nginx/auth.conf;
		include /config/nginx/proxy.conf;
		proxy_pass http://192.168.0.2:8112/;
	}

Since you have your proxy.conf separated out like I do, I can't directly compare all the relevant options. Try adding the add_header directive and see if that makes a difference.

  • Like 1
Link to comment

@jonathanm

 

root@NAS:/mnt/user/dockers/letsencrypt/nginx# cat proxy.conf
## Version 2018/05/31 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/proxy.conf

client_max_body_size 10m;
client_body_buffer_size 128k;

#Timeout if the real server is dead
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

# Advanced Proxy Config
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;

# Basic Proxy Config
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect  http://  $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
#proxy_cookie_path / "/; HTTPOnly; Secure"; # enable at your own risk, may break certain apps
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 32 4k;

 

Link to comment

@binhex

 

I am using the delugevpn-flexget container which was based on your delugevpn container.

I am however seeing the same issue some people had back in 2016 where VPN was connected but you can only access webGUI from localhost and nowhere else on your network.

The person fixed it by adding masquared rule to iptables and you said you was gonna go see what you can do to fix and stop leaks.

was this fixed? as I am seeing same issue.

any suggestions? 

supervisord.txt

 

edit: I did notice the listen address in core.conf is the tun0 address and not eth0.

this could be the issue?

Edited by nekromantik
Link to comment

I've been trying to get the delugevpn container up and running on my QNAP NAS, but am having an issue where the VPN connection constantly resets itself, removing and re-adding the tun0 interface.

 

I've attached the full supervisord.log for a ten minute run of a fresh instantiation of the container, but the errors that stick out to me are:

Quote

2018-07-15 20:54:50,310 DEBG 'deluge-script' stderr output:
Unhandled Error
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/deluge/main.py", line 241, in start_daemon
    Daemon(options, args)
  File "/usr/lib/python2.7/site-packages/deluge/core/daemon.py", line 180, in __init__
    reactor.run()
  File "/usr/lib/python2.7/site-packages/twisted/internet/base.py", line 1243, in run
    self.mainLoop()
  File "/usr/lib/python2.7/site-packages/twisted/internet/base.py", line 1252, in mainLoop
    self.runUntilCurrent()
--- <exception caught here> ---
  File "/usr/lib/python2.7/site-packages/twisted/internet/base.py", line 878, in runUntilCurrent
    call.func(*call.args, **call.kw)
  File "/usr/lib/python2.7/site-packages/deluge/core/preferencesmanager.py", line 263, in _on_set_listen_ports
    self.session.listen_on(value[0], value[1], str(self.config["listen_interface"]).strip())
exceptions.RuntimeError: Cannot assign requested address

and

Quote

Sun Jul 15 20:56:15 2018 ERROR: Linux route add command failed: external program exited with error status: 2

 

I created the container with:

Quote

docker run --privileged -d \
    --cap-add=NET_ADMIN \
    -p 8112:8112 \
    -p 8118:8118 \
    -p 58846:58846 \
    -p 58946:58946 \
    --name=delugevpn \
    -v /share/CE_CACHEDEV1_DATA/Download/deluge/data:/data\
    -v /share/CE_CACHEDEV1_DATA/Download/deluge/config:/config\
    -v /share/CE_CACHEDEV1_DATA/Download/deluge/completed:/completed\
    -v /etc/localtime:/etc/localtime:ro \
    -e VPN_ENABLED=yes \
    -e VPN_USER=[REDACTED] \
    -e VPN_PASS=[REDACTED] \
    -e VPN_REMOTE=ca-toronto.privateinternetaccess.com \
    -e VPN_PORT=1198 \
    -e VPN_PROTOCOL=udp \
    -e VPN_DEVICE_TYPE=tun \
    -e VPN_PROV=pia \
    -e STRONG_CERTS=no \
    -e STRICT_PORT_FORWARD=yes \
    -e ENABLE_PRIVOXY=yes \
    -e LAN_NETWORK=10.13.37.0/24 \
    -e NAME_SERVERS=8.8.8.8,8.8.4.4 \
    -e DEBUG=true \
    -e UMASK=000 \
    -e PUID=0 \
    -e PGID=0 \
    binhex/arch-delugevpn 

 

Anything obvious I'm missing?

supervisord.log

Link to comment
18 hours ago, nekromantik said:

@binhex

 

I am using the delugevpn-flexget container which was based on your delugevpn container.

I am however seeing the same issue some people had back in 2016 where VPN was connected but you can only access webGUI from localhost and nowhere else on your network.

The person fixed it by adding masquared rule to iptables and you said you was gonna go see what you can do to fix and stop leaks.

was this fixed? as I am seeing same issue.

any suggestions? 

supervisord.txt

 

edit: I did notice the listen address in core.conf is the tun0 address and not eth0.

this could be the issue?

 

sorry i wont be able to support any forks from my code there are too many variables, you will need to ask in the delugevpn-flexget support thread.

Link to comment
3 hours ago, lurkymclurkerton said:

I've been trying to get the delugevpn container up and running on my QNAP NAS, but am having an issue where the VPN connection constantly resets itself, removing and re-adding the tun0 interface.

 

I've attached the full supervisord.log for a ten minute run of a fresh instantiation of the container, but the errors that stick out to me are:

and

 

I created the container with:

 

Anything obvious I'm missing?

supervisord.log

 

The only odd thing ive spotted is that you are defining both the privileged flag and the cap-add flag, you should be using one or the other, try first with privileged and see how you get on, as this is the most permissive of the two.

 

 --privileged -d \
    --cap-add=NET_ADMIN \
...

 

Link to comment
52 minutes ago, binhex said:

 

The only odd thing ive spotted is that you are defining both the privileged flag and the cap-add flag, you should be using one or the other, try first with privileged and see how you get on, as this is the most permissive of the two.

 


 --privileged -d \
    --cap-add=NET_ADMIN \
...

 

 

Hmm.  No joy with removing either.

Link to comment

What is the safest way to prove/test that the VPN is preventing both IP and DNS leaks? Specifically for a headless server running the docker container in this case, so I can't just navigate to ipleak.net as it's obviously running in the Docker container. I can currently show that it's not leaking IP by using http://torguard.net/checkmytorrentipaddress.php but I was hoping for a more thorough way to test that included DNS. Thanks!

Link to comment

My binhex - DelugeVPN docker seems to be the cause of some read/write bursts every 3 minutes, not sure what this could be.

There are no active torrents.
I can't find anything in the log. 
These are the stats after turning off the deluge docker (see the drop-off in read/writes when turned off).

 

This is the activity when deluge turned off overnight:

1538474989_ScreenShot2018-07-17at08_38_22.thumb.png.197b892754935e975c1b22afc38b6f10.png

 

This is the activity bursts when deluge is on vs off.

1443840435_ScreenShot2018-07-17at08_38_30.thumb.png.7aa2aa4bee5ba1be7610f9879f497cdb.png

 

Any idea what this could be?

Link to comment
4 hours ago, drummingjack2 said:

What is the safest way to prove/test that the VPN is preventing both IP and DNS leaks? Specifically for a headless server running the docker container in this case, so I can't just navigate to ipleak.net as it's obviously running in the Docker container. I can currently show that it's not leaking IP by using http://torguard.net/checkmytorrentipaddress.php but I was hoping for a more thorough way to test that included DNS. Thanks!

 

look at Q2 under the delugevpn heading for the following link:-

https://lime-technology.com/forums/topic/44108-support-binhex-general/?tab=comments#comment-433613

 

that will show you the ip address that is returned from your torrent client, testing for ip leakage is out of scope for this support thread (involved packet capture using tcpdump and wireshark).

Edited by binhex
Link to comment
6 hours ago, lurkymclurkerton said:

There was a QNAP firmware update, and either the update itself or the rebooting of the NAS fixed the issue.  ¯\_(ツ)_/¯

I'm embarrassed to admit that I didn't previously try turning it off and on again, so that could very well have been the "fix".

 

 

thanks for the confession :-), you never know this might help somebody else out in the future, glad its working.

Link to comment
On 5/12/2017 at 8:44 PM, Athens428 said:

 

If possible try a different server.  I was having a very similar issue (with pia) and the solution was pointing at a different vpn server.

 

Came back to uNRAID after a month away and was reinstalling with same issue... I think it was just as simple as copying the file ams-a01.ovpn into \\server-name\appdata\binhex-delugevpn\openvpn    (storing info here for next time I need it!!)

Link to comment
14 minutes ago, methanoid said:

 

Came back to uNRAID after a month away and was reinstalling with same issue... I think it was just as simple as copying the file ams-a01.ovpn into \\server-name\appdata\binhex-delugevpn\openvpn    (storing info here for next time I need it!!)

 

its in the newbie guide (scroll down):-

https://lime-technology.com/topic/44108-support-binhex-general/

 

Link to comment

Not strictly a delugevpn question but I thought I'd start here since it involves privoxy, please point me in the right direction if its the wrong topic.

 

I use a reverse SSH proxy to connect to my unRAID server and have set it up so all traffic on Firefox runs through it. 

I was wondering if this could also be tunneled through privoxy so it my browsing is protected by my VPN?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.